clean signed mismatches and protect ssl specific code

https://github.com/warmcat/libwebsockets/issues/466

Signed-off-by: Andy Green <andy.green@linaro.org>

lib/output.c

@@ -96,7 +96,8 @@ int lws_issue_raw(struct lws *wsi, unsigned char *buf, size_t len)
 {
 	struct lws_context *context = lws_get_context(wsi);
 	size_t real_len = len;
-	int n, m;
+	unsigned int n;
+	int m;
 
 	if (!len)
 		return 0;
@@ -123,16 +124,17 @@ int lws_issue_raw(struct lws *wsi, unsigned char *buf, size_t len)
 	if (!lws_socket_is_valid(wsi->sock))
 		lwsl_warn("** error invalid sock but expected to send\n");
 
-       /* limit sending */
-       n = wsi->protocol->rx_buffer_size;
-       if (!n) n = LWS_MAX_SOCKET_IO_BUF;
-       if (n > len) n = len;
+	/* limit sending */
+	n = wsi->protocol->rx_buffer_size;
+	if (!n)
+		n = LWS_MAX_SOCKET_IO_BUF;
+	if (n > len)
+		n = len;
 
 	/* nope, send it on the socket directly */
 	lws_latency_pre(context, wsi);
-       n = lws_ssl_capable_write(wsi, buf, n);
-	lws_latency(context, wsi, "send lws_issue_raw", n,
-		    (unsigned int)n == len);
+	n = lws_ssl_capable_write(wsi, buf, n);
+	lws_latency(context, wsi, "send lws_issue_raw", n, n == len);
 
 	switch (n) {
 	case LWS_SSL_CAPABLE_ERROR:

lib/parsers.c

@@ -1466,7 +1466,8 @@ lws_payload_until_length_exhausted(struct lws *wsi, unsigned char **buf,
 				   size_t *len)
 {
 	unsigned char *buffer = *buf, mask[4];
-	int buffer_size, avail, n;
+	int buffer_size, n;
+	unsigned int avail;
 	char *rx_ubuf;
 
 	if (wsi->protocol->rx_buffer_size)
@@ -1505,7 +1506,7 @@ lws_payload_until_length_exhausted(struct lws *wsi, unsigned char **buf,
 			*(rx_ubuf++) = *(buffer++) ^ mask[3];
 		}
 		/* and the remaining bytes bytewise */
-		for (n = 0; n < (avail & 3); n++)
+		for (n = 0; n < (int)(avail & 3); n++)
 			*(rx_ubuf++) = *(buffer++) ^ mask[n];
 
 		wsi->u.ws.mask_idx = (wsi->u.ws.mask_idx + avail) & 3;

lib/server.c

@@ -146,7 +146,9 @@ _lws_server_listen_accept_flow_control(struct lws *twsi, int on)
 int
 lws_http_action(struct lws *wsi)
 {
+#ifdef LWS_OPENSSL_SUPPORT
 	struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi];
+#endif
 	enum http_connection_type connection_type;
 	enum http_version request_version;
 	char content_length_str[32];
@@ -264,10 +266,10 @@ lws_http_action(struct lws *wsi)
 	 */
 	lws_set_timeout(wsi, PENDING_TIMEOUT_HTTP_CONTENT,
 			wsi->context->timeout_secs);
-
+#ifdef LWS_OPENSSL_SUPPORT
 	if (wsi->redirect_to_https) {
 		/*
-		 *  we accepted http:// only so we could redirect to
+		 * we accepted http:// only so we could redirect to
 		 * https://, so issue the redirect.  Create the redirection
 		 * URI from the host: header and ignore the path part
 		 */
@@ -286,11 +288,12 @@ lws_http_action(struct lws *wsi)
 		if (lws_finalize_http_header(wsi, &p, end))
 			goto bail_nuke_ah;
 		n = lws_write(wsi, start, p - start, LWS_WRITE_HTTP_HEADERS);
-		if (n < 0)
+		if ((int)n < 0)
 			goto bail_nuke_ah;
 
 		return lws_http_transaction_completed(wsi);
 	}
+#endif
 
 	n = wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP,
 				    wsi->user_space, uri_ptr, uri_len);

lib/service.c

@@ -763,7 +763,7 @@ drain:
 			lwsl_notice("%s: calling LWS_CALLBACK_RECEIVE_CLIENT_HTTP, "
 				    "rem %d len %d\n", __func__,
 				    wsi->u.http.content_remain, eff_buf.token_len);
-			if (wsi->u.http.content_remain < eff_buf.token_len)
+			if ((int)wsi->u.http.content_remain < eff_buf.token_len)
 				n = wsi->u.http.content_remain;
 			else
 				n = eff_buf.token_len;