From 7bc87ab662a9fa02e2a23dd0d0ee97a1a8ad8987 Mon Sep 17 00:00:00 2001 From: Andy Green Date: Fri, 18 Mar 2016 23:55:59 +0800 Subject: [PATCH] clean signed mismatches and protect ssl specific code https://github.com/warmcat/libwebsockets/issues/466 Signed-off-by: Andy Green --- lib/output.c | 18 ++++++++++-------- lib/parsers.c | 5 +++-- lib/server.c | 9 ++++++--- lib/service.c | 2 +- 4 files changed, 20 insertions(+), 14 deletions(-) diff --git a/lib/output.c b/lib/output.c index bca48588..3204490f 100644 --- a/lib/output.c +++ b/lib/output.c @@ -96,7 +96,8 @@ int lws_issue_raw(struct lws *wsi, unsigned char *buf, size_t len) { struct lws_context *context = lws_get_context(wsi); size_t real_len = len; - int n, m; + unsigned int n; + int m; if (!len) return 0; @@ -123,16 +124,17 @@ int lws_issue_raw(struct lws *wsi, unsigned char *buf, size_t len) if (!lws_socket_is_valid(wsi->sock)) lwsl_warn("** error invalid sock but expected to send\n"); - /* limit sending */ - n = wsi->protocol->rx_buffer_size; - if (!n) n = LWS_MAX_SOCKET_IO_BUF; - if (n > len) n = len; + /* limit sending */ + n = wsi->protocol->rx_buffer_size; + if (!n) + n = LWS_MAX_SOCKET_IO_BUF; + if (n > len) + n = len; /* nope, send it on the socket directly */ lws_latency_pre(context, wsi); - n = lws_ssl_capable_write(wsi, buf, n); - lws_latency(context, wsi, "send lws_issue_raw", n, - (unsigned int)n == len); + n = lws_ssl_capable_write(wsi, buf, n); + lws_latency(context, wsi, "send lws_issue_raw", n, n == len); switch (n) { case LWS_SSL_CAPABLE_ERROR: diff --git a/lib/parsers.c b/lib/parsers.c index e284afee..96be75dc 100644 --- a/lib/parsers.c +++ b/lib/parsers.c @@ -1466,7 +1466,8 @@ lws_payload_until_length_exhausted(struct lws *wsi, unsigned char **buf, size_t *len) { unsigned char *buffer = *buf, mask[4]; - int buffer_size, avail, n; + int buffer_size, n; + unsigned int avail; char *rx_ubuf; if (wsi->protocol->rx_buffer_size) @@ -1505,7 +1506,7 @@ lws_payload_until_length_exhausted(struct lws *wsi, unsigned char **buf, *(rx_ubuf++) = *(buffer++) ^ mask[3]; } /* and the remaining bytes bytewise */ - for (n = 0; n < (avail & 3); n++) + for (n = 0; n < (int)(avail & 3); n++) *(rx_ubuf++) = *(buffer++) ^ mask[n]; wsi->u.ws.mask_idx = (wsi->u.ws.mask_idx + avail) & 3; diff --git a/lib/server.c b/lib/server.c index 7ca997e7..07e20af4 100644 --- a/lib/server.c +++ b/lib/server.c @@ -146,7 +146,9 @@ _lws_server_listen_accept_flow_control(struct lws *twsi, int on) int lws_http_action(struct lws *wsi) { +#ifdef LWS_OPENSSL_SUPPORT struct lws_context_per_thread *pt = &wsi->context->pt[(int)wsi->tsi]; +#endif enum http_connection_type connection_type; enum http_version request_version; char content_length_str[32]; @@ -264,10 +266,10 @@ lws_http_action(struct lws *wsi) */ lws_set_timeout(wsi, PENDING_TIMEOUT_HTTP_CONTENT, wsi->context->timeout_secs); - +#ifdef LWS_OPENSSL_SUPPORT if (wsi->redirect_to_https) { /* - * we accepted http:// only so we could redirect to + * we accepted http:// only so we could redirect to * https://, so issue the redirect. Create the redirection * URI from the host: header and ignore the path part */ @@ -286,11 +288,12 @@ lws_http_action(struct lws *wsi) if (lws_finalize_http_header(wsi, &p, end)) goto bail_nuke_ah; n = lws_write(wsi, start, p - start, LWS_WRITE_HTTP_HEADERS); - if (n < 0) + if ((int)n < 0) goto bail_nuke_ah; return lws_http_transaction_completed(wsi); } +#endif n = wsi->protocol->callback(wsi, LWS_CALLBACK_HTTP, wsi->user_space, uri_ptr, uri_len); diff --git a/lib/service.c b/lib/service.c index 4c297355..75658953 100644 --- a/lib/service.c +++ b/lib/service.c @@ -763,7 +763,7 @@ drain: lwsl_notice("%s: calling LWS_CALLBACK_RECEIVE_CLIENT_HTTP, " "rem %d len %d\n", __func__, wsi->u.http.content_remain, eff_buf.token_len); - if (wsi->u.http.content_remain < eff_buf.token_len) + if ((int)wsi->u.http.content_remain < eff_buf.token_len) n = wsi->u.http.content_remain; else n = eff_buf.token_len;