[glib-networking] Revert "openssl: use int to max protocol version"

From: Michael Catanzaro <mcatanzaro src gnome org>
To: commits-list gnome org
Cc:
Subject: [glib-networking] Revert "openssl: use int to max protocol version"
Date: Fri, 4 Jun 2021 13:32:05 +0000 (UTC)

commit 49a8dbec5a7d805036d5f564dea4a703b23b2520
Author: Michael Catanzaro <mcatanzaro redhat com>
Date:   Fri Jun 4 08:28:19 2021 -0500

    Revert "openssl: use int to max protocol version"
    
    This reverts commit 1a91a8af28deaf9b2246449aa33850026e004807.
    
    This wasn't correct either because it removes the check for overflow.
    G_MAXINT64 is returned if the result of g_ascii_strtoll() would overflow
    a gint64. Let's be smarter....

 tls/openssl/gtlsclientconnection-openssl.c | 8 ++++----
 tls/openssl/gtlsserverconnection-openssl.c | 8 ++++----
 2 files changed, 8 insertions(+), 8 deletions(-)
---
diff --git a/tls/openssl/gtlsclientconnection-openssl.c b/tls/openssl/gtlsclientconnection-openssl.c
index 36c2dbf..aad011f 100644
--- a/tls/openssl/gtlsclientconnection-openssl.c
+++ b/tls/openssl/gtlsclientconnection-openssl.c
@@ -326,14 +326,14 @@ set_max_protocol (GTlsClientConnectionOpenssl  *client,
   proto = g_getenv ("G_TLS_OPENSSL_MAX_PROTO");
   if (proto)
     {
-      int version = g_ascii_strtoll (proto, NULL, 0);
+      gint64 version = g_ascii_strtoll (proto, NULL, 0);
 
-      if (version > 0 && version < G_MAXINT)
+      if (version > 0 && version < G_MAXINT64)
         {
-          if (!SSL_CTX_set_max_proto_version (client->ssl_ctx, version))
+          if (!SSL_CTX_set_max_proto_version (client->ssl_ctx, (int)version))
             {
               g_set_error (error, G_TLS_ERROR, G_TLS_ERROR_MISC,
-                           _("Could not set MAX protocol to %d: %s"),
+                           _("Could not set MAX protocol to %ld: %s"),
                            version, ERR_error_string (ERR_get_error (), NULL));
               return FALSE;
             }
diff --git a/tls/openssl/gtlsserverconnection-openssl.c b/tls/openssl/gtlsserverconnection-openssl.c
index 440b90b..a809f60 100644
--- a/tls/openssl/gtlsserverconnection-openssl.c
+++ b/tls/openssl/gtlsserverconnection-openssl.c
@@ -362,14 +362,14 @@ set_max_protocol (GTlsServerConnectionOpenssl  *server,
   proto = g_getenv ("G_TLS_OPENSSL_MAX_PROTO");
   if (proto)
     {
-      int version = g_ascii_strtoll (proto, NULL, 0);
+      gint64 version = g_ascii_strtoll (proto, NULL, 0);
 
-      if (version > 0 && version < G_MAXINT)
+      if (version > 0 && version < G_MAXINT64)
         {
-          if (!SSL_CTX_set_max_proto_version (server->ssl_ctx, version))
+          if (!SSL_CTX_set_max_proto_version (server->ssl_ctx, (int)version))
             {
               g_set_error (error, G_TLS_ERROR, G_TLS_ERROR_MISC,
-                           _("Could not set MAX protocol to %d: %s"),
+                           _("Could not set MAX protocol to %ld: %s"),
                            version, ERR_error_string (ERR_get_error (), NULL));
               return FALSE;
             }

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]