Fix warnings (From HEAD, original patch by Ben).
authorDr. Stephen Henson <steve@openssl.org>
Tue, 15 Jun 2010 17:25:15 +0000 (17:25 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Tue, 15 Jun 2010 17:25:15 +0000 (17:25 +0000)
53 files changed:
apps/apps.c
apps/dh.c
apps/dhparam.c
apps/dsaparam.c
apps/ec.c
apps/ecparam.c
apps/enc.c
apps/gendh.c
apps/gendsa.c
apps/pkcs7.c
apps/pkeyparam.c
apps/rand.c
apps/s_server.c
apps/s_socket.c
apps/speed.c
apps/x509.c
crypto/asn1/a_int.c
crypto/asn1/n_pkey.c
crypto/asn1/t_crl.c
crypto/asn1/tasn_dec.c
crypto/bio/bf_nbio.c
crypto/bio/bio_lib.c
crypto/bio/bss_acpt.c
crypto/bn/bn_mul.c
crypto/conf/conf_api.c
crypto/conf/conf_def.c
crypto/dsa/dsa_gen.c
crypto/ecdh/ech_lib.c
crypto/ecdsa/ecs_lib.c
crypto/evp/encode.c
crypto/hmac/hmac.c
crypto/ocsp/ocsp_prn.c
crypto/pem/pem_lib.c
crypto/pem/pvkfmt.c
crypto/pkcs7/pk7_doit.c
crypto/pkcs7/pk7_lib.c
crypto/pqueue/pqueue.c
crypto/rand/randfile.c
crypto/x509v3/pcy_tree.c
engines/ccgost/gost_ameth.c
engines/e_chil.c
engines/e_cswift.c
engines/e_ubsec.c
ssl/d1_pkt.c
ssl/s23_lib.c
ssl/s2_srvr.c
ssl/s3_enc.c
ssl/ssl_asn1.c
ssl/ssl_ciph.c
ssl/ssl_lib.c
ssl/ssltest.c
ssl/t1_enc.c
ssl/t1_lib.c

index acc50df..69d0c2d 100644 (file)
@@ -377,13 +377,12 @@ void program_name(char *in, char *out, int size)
 
 int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[])
        {
-       int num,len,i;
+       int num,i;
        char *p;
 
        *argc=0;
        *argv=NULL;
 
-       len=strlen(buf);
        i=0;
        if (arg->count == 0)
                {
index e9609d6..dee9c01 100644 (file)
--- a/apps/dh.c
+++ b/apps/dh.c
@@ -88,9 +88,6 @@ int MAIN(int, char **);
 
 int MAIN(int argc, char **argv)
        {
-#ifndef OPENSSL_NO_ENGINE
-       ENGINE *e = NULL;
-#endif
        DH *dh=NULL;
        int i,badops=0,text=0;
        BIO *in=NULL,*out=NULL;
@@ -189,7 +186,7 @@ bad:
        ERR_load_crypto_strings();
 
 #ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
+        setup_engine(bio_err, engine, 0);
 #endif
 
        in=BIO_new(BIO_s_file());
index 5fab29e..b47097c 100644 (file)
@@ -149,9 +149,6 @@ int MAIN(int, char **);
 
 int MAIN(int argc, char **argv)
        {
-#ifndef OPENSSL_NO_ENGINE
-       ENGINE *e = NULL;
-#endif
        DH *dh=NULL;
        int i,badops=0,text=0;
 #ifndef OPENSSL_NO_DSA
@@ -270,7 +267,7 @@ bad:
        ERR_load_crypto_strings();
 
 #ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
+        setup_engine(bio_err, engine, 0);
 #endif
 
        if (g && !num)
index 4305a73..fe72c1d 100644 (file)
@@ -111,9 +111,6 @@ int MAIN(int, char **);
 
 int MAIN(int argc, char **argv)
        {
-#ifndef OPENSSL_NO_ENGINE
-       ENGINE *e = NULL;
-#endif
        DSA *dsa=NULL;
        int i,badops=0,text=0;
        BIO *in=NULL,*out=NULL;
@@ -278,7 +275,7 @@ bad:
                }
 
 #ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
+        setup_engine(bio_err, engine, 0);
 #endif
 
        if (need_rand)
@@ -357,12 +354,10 @@ bad:
        if (C)
                {
                unsigned char *data;
-               int l,len,bits_p,bits_q,bits_g;
+               int l,len,bits_p;
 
                len=BN_num_bytes(dsa->p);
                bits_p=BN_num_bits(dsa->p);
-               bits_q=BN_num_bits(dsa->q);
-               bits_g=BN_num_bits(dsa->g);
                data=(unsigned char *)OPENSSL_malloc(len+20);
                if (data == NULL)
                        {
index 31194b4..896eabc 100644 (file)
--- a/apps/ec.c
+++ b/apps/ec.c
@@ -85,9 +85,6 @@ int MAIN(int, char **);
 
 int MAIN(int argc, char **argv)
 {
-#ifndef OPENSSL_NO_ENGINE
-       ENGINE  *e = NULL;
-#endif
        int     ret = 1;
        EC_KEY  *eckey = NULL;
        const EC_GROUP *group;
@@ -254,7 +251,7 @@ bad:
        ERR_load_crypto_strings();
 
 #ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
+        setup_engine(bio_err, engine, 0);
 #endif
 
        if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) 
index e9aa0a1..465480b 100644 (file)
@@ -129,9 +129,6 @@ int MAIN(int argc, char **argv)
        char    *infile = NULL, *outfile = NULL, *prog;
        BIO     *in = NULL, *out = NULL;
        int     informat, outformat, noout = 0, C = 0, ret = 1;
-#ifndef OPENSSL_NO_ENGINE
-       ENGINE  *e = NULL;
-#endif
        char    *engine = NULL;
 
        BIGNUM  *ec_p = NULL, *ec_a = NULL, *ec_b = NULL,
@@ -340,7 +337,7 @@ bad:
                }
 
 #ifndef OPENSSL_NO_ENGINE
-       e = setup_engine(bio_err, engine, 0);
+       setup_engine(bio_err, engine, 0);
 #endif
 
        if (list_curves)
index 3c2c91e..c28d8b1 100644 (file)
@@ -101,9 +101,6 @@ int MAIN(int, char **);
 
 int MAIN(int argc, char **argv)
        {
-#ifndef OPENSSL_NO_ENGINE
-       ENGINE *e = NULL;
-#endif
        static const char magic[]="Salted__";
        char mbuf[sizeof magic-1];
        char *strbuf=NULL;
@@ -328,7 +325,7 @@ bad:
                }
 
 #ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
+        setup_engine(bio_err, engine, 0);
 #endif
 
        if (md && (dgst=EVP_get_digestbyname(md)) == NULL)
index caa7327..4ec776b 100644 (file)
@@ -89,9 +89,6 @@ int MAIN(int, char **);
 int MAIN(int argc, char **argv)
        {
        BN_GENCB cb;
-#ifndef OPENSSL_NO_ENGINE
-       ENGINE *e = NULL;
-#endif
        DH *dh=NULL;
        int ret=1,num=DEFBITS;
        int g=2;
@@ -163,7 +160,7 @@ bad:
                }
                
 #ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
+        setup_engine(bio_err, engine, 0);
 #endif
 
        out=BIO_new(BIO_s_file());
index 22c3962..62ea977 100644 (file)
@@ -78,9 +78,6 @@ int MAIN(int, char **);
 
 int MAIN(int argc, char **argv)
        {
-#ifndef OPENSSL_NO_ENGINE
-       ENGINE *e = NULL;
-#endif
        DSA *dsa=NULL;
        int ret=1;
        char *outfile=NULL;
@@ -206,7 +203,7 @@ bad:
                }
 
 #ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
+        setup_engine(bio_err, engine, 0);
 #endif
 
        if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
index 86d31b9..ae6cd33 100644 (file)
@@ -82,9 +82,6 @@ int MAIN(int, char **);
 
 int MAIN(int argc, char **argv)
        {
-#ifndef OPENSSL_NO_ENGINE
-       ENGINE *e = NULL;
-#endif
        PKCS7 *p7=NULL;
        int i,badops=0;
        BIO *in=NULL,*out=NULL;
@@ -182,7 +179,7 @@ bad:
        ERR_load_crypto_strings();
 
 #ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
+        setup_engine(bio_err, engine, 0);
 #endif
 
        in=BIO_new(BIO_s_file());
index 7f18010..6f7a357 100644 (file)
@@ -74,7 +74,6 @@ int MAIN(int argc, char **argv)
        EVP_PKEY *pkey=NULL;
        int badarg = 0;
 #ifndef OPENSSL_NO_ENGINE
-       ENGINE *e = NULL;
        char *engine=NULL;
 #endif
        int ret = 1;
@@ -141,7 +140,7 @@ int MAIN(int argc, char **argv)
                }
 
 #ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
+        setup_engine(bio_err, engine, 0);
 #endif
 
        if (infile)
index 44a1d46..790e795 100644 (file)
@@ -77,9 +77,6 @@ int MAIN(int, char **);
 
 int MAIN(int argc, char **argv)
        {
-#ifndef OPENSSL_NO_ENGINE
-       ENGINE *e = NULL;
-#endif
        int i, r, ret = 1;
        int badopt;
        char *outfile = NULL;
@@ -178,7 +175,7 @@ int MAIN(int argc, char **argv)
                }
 
 #ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
+        setup_engine(bio_err, engine, 0);
 #endif
 
        app_RAND_load_file(NULL, bio_err, (inrand != NULL));
index 1a06d19..8a0c34c 100644 (file)
@@ -2254,11 +2254,10 @@ static int www_body(char *hostname, int s, unsigned char *context)
        {
        char *buf=NULL;
        int ret=1;
-       int i,j,k,blank,dot;
+       int i,j,k,dot;
        SSL *con;
        const SSL_CIPHER *c;
        BIO *io,*ssl_bio,*sbio;
-       long total_bytes;
 
        buf=OPENSSL_malloc(bufsize);
        if (buf == NULL) return(0);
@@ -2329,7 +2328,6 @@ static int www_body(char *hostname, int s, unsigned char *context)
                SSL_set_msg_callback_arg(con, bio_s_out);
                }
 
-       blank=0;
        for (;;)
                {
                if (hack)
@@ -2559,7 +2557,6 @@ static int www_body(char *hostname, int s, unsigned char *context)
                                         BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n");
                                 }
                        /* send the file */
-                       total_bytes=0;
                        for (;;)
                                {
                                i=BIO_read(file,buf,bufsize);
index 6b8713d..1483778 100644 (file)
@@ -327,7 +327,7 @@ static int init_server_long(int *sock, int port, char *ip, int type)
        {
        int ret=0;
        struct sockaddr_in server;
-       int s= -1,i;
+       int s= -1;
 
        if (!ssl_sock_init()) return(0);
 
@@ -366,7 +366,6 @@ static int init_server_long(int *sock, int port, char *ip, int type)
                }
        /* Make it 128 for linux */
        if (type==SOCK_STREAM && listen(s,128) == -1) goto err;
-       i=0;
        *sock=s;
        ret=1;
 err:
@@ -384,7 +383,7 @@ static int init_server(int *sock, int port, int type)
 
 static int do_accept(int acc_sock, int *sock, char **host)
        {
-       int ret,i;
+       int ret;
        struct hostent *h1,*h2;
        static struct sockaddr_in from;
        int len;
@@ -461,7 +460,6 @@ redoit:
                        BIO_printf(bio_err,"gethostbyname failure\n");
                        return(0);
                        }
-               i=0;
                if (h2->h_addrtype != AF_INET)
                        {
                        BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
index 539bfff..d5e9e24 100644 (file)
@@ -334,9 +334,6 @@ int MAIN(int, char **);
 
 int MAIN(int argc, char **argv)
        {
-#ifndef OPENSSL_NO_ENGINE
-       ENGINE *e = NULL;
-#endif
        unsigned char *buf=NULL,*buf2=NULL;
        int mret=1;
        long count=0,save_count=0;
@@ -430,7 +427,6 @@ int MAIN(int argc, char **argv)
        unsigned char DES_iv[8];
        unsigned char iv[2*MAX_BLOCK_SIZE/8];
 #ifndef OPENSSL_NO_DES
-       DES_cblock *buf_as_des_cblock = NULL;
        static DES_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
        static DES_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
        static DES_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
@@ -644,9 +640,6 @@ int MAIN(int argc, char **argv)
                BIO_printf(bio_err,"out of memory\n");
                goto end;
                }
-#ifndef OPENSSL_NO_DES
-       buf_as_des_cblock = (DES_cblock *)buf;
-#endif
        if ((buf2=(unsigned char *)OPENSSL_malloc((int)BUFSIZE)) == NULL)
                {
                BIO_printf(bio_err,"out of memory\n");
@@ -721,7 +714,7 @@ int MAIN(int argc, char **argv)
                                BIO_printf(bio_err,"no engine given\n");
                                goto end;
                                }
-                        e = setup_engine(bio_err, *argv, 0);
+                        setup_engine(bio_err, *argv, 0);
                        /* j will be increased again further down.  We just
                           don't want speed to confuse an engine with an
                           algorithm, especially when none is given (which
index e7e46d7..ed1e8c6 100644 (file)
@@ -556,7 +556,6 @@ bad:
        if (reqfile)
                {
                EVP_PKEY *pkey;
-               X509_CINF *ci;
                BIO *in;
 
                if (!sign_flag && !CA_flag)
@@ -624,7 +623,6 @@ bad:
                print_name(bio_err, "subject=", X509_REQ_get_subject_name(req), nmflag);
 
                if ((x=X509_new()) == NULL) goto end;
-               ci=x->cert_info;
 
                if (sno == NULL)
                        {
index c6fd204..3348b87 100644 (file)
@@ -273,7 +273,7 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
        {
        ASN1_INTEGER *ret=NULL;
        const unsigned char *p;
-       unsigned char *to,*s;
+       unsigned char *s;
        long len;
        int inf,tag,xclass;
        int i;
@@ -308,7 +308,6 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
                i=ERR_R_MALLOC_FAILURE;
                goto err;
                }
-       to=s;
        ret->type=V_ASN1_INTEGER;
        if(len) {
                if ((*p == 0) && (len != 1))
index 60bc437..e7d0439 100644 (file)
@@ -242,7 +242,7 @@ RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,
                 int sgckey)
        {
        RSA *ret=NULL;
-       const unsigned char *p, *kp;
+       const unsigned char *p;
        NETSCAPE_ENCRYPTED_PKEY *enckey = NULL;
 
        p = *pp;
@@ -265,7 +265,6 @@ RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,
                ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM);
                goto err;
        }
-       kp = enckey->enckey->digest->data;
        if (cb == NULL)
                cb=EVP_read_pw_string;
        if ((ret=d2i_RSA_NET_2(a, enckey->enckey->digest,cb, sgckey)) == NULL) goto err;
index bdb244c..ee5a687 100644 (file)
@@ -87,7 +87,7 @@ int X509_CRL_print(BIO *out, X509_CRL *x)
        STACK_OF(X509_REVOKED) *rev;
        X509_REVOKED *r;
        long l;
-       int i, n;
+       int i;
        char *p;
 
        BIO_printf(out, "Certificate Revocation List (CRL):\n");
@@ -107,7 +107,6 @@ int X509_CRL_print(BIO *out, X509_CRL *x)
        else BIO_printf(out,"NONE");
        BIO_printf(out,"\n");
 
-       n=X509_CRL_get_ext_count(x);
        X509V3_extensions_print(out, "CRL extensions",
                                                x->crl->extensions, 0, 8);
 
index 3bee439..87d7dfd 100644 (file)
@@ -168,7 +168,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
        int i;
        int otag;
        int ret = 0;
-       ASN1_VALUE *pchval, **pchptr, *ptmpval;
+       ASN1_VALUE **pchptr, *ptmpval;
        if (!pval)
                return 0;
        if (aux && aux->asn1_cb)
@@ -319,7 +319,6 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
                        goto err;
                        }
                /* CHOICE type, try each possibility in turn */
-               pchval = NULL;
                p = *in;
                for (i = 0, tt=it->templates; i < it->tcount; i++, tt++)
                        {
index c72a23c..028616c 100644 (file)
@@ -125,7 +125,6 @@ static int nbiof_free(BIO *a)
        
 static int nbiof_read(BIO *b, char *out, int outl)
        {
-       NBIO_TEST *nt;
        int ret=0;
 #if 1
        int num;
@@ -134,7 +133,6 @@ static int nbiof_read(BIO *b, char *out, int outl)
 
        if (out == NULL) return(0);
        if (b->next_bio == NULL) return(0);
-       nt=(NBIO_TEST *)b->ptr;
 
        BIO_clear_retry_flags(b);
 #if 1
index 77f4de9..e12bc3a 100644 (file)
@@ -110,7 +110,7 @@ int BIO_set(BIO *bio, BIO_METHOD *method)
 
 int BIO_free(BIO *a)
        {
-       int ret=0,i;
+       int i;
 
        if (a == NULL) return(0);
 
@@ -133,7 +133,7 @@ int BIO_free(BIO *a)
        CRYPTO_free_ex_data(CRYPTO_EX_INDEX_BIO, a, &a->ex_data);
 
        if ((a->method == NULL) || (a->method->destroy == NULL)) return(1);
-       ret=a->method->destroy(a);
+       a->method->destroy(a);
        OPENSSL_free(a);
        return(1);
        }
index 826f761..5d49e1a 100644 (file)
@@ -340,7 +340,6 @@ static int acpt_write(BIO *b, const char *in, int inl)
 
 static long acpt_ctrl(BIO *b, int cmd, long num, void *ptr)
        {
-       BIO *dbio;
        int *ip;
        long ret=1;
        BIO_ACCEPT *data;
@@ -437,8 +436,8 @@ static long acpt_ctrl(BIO *b, int cmd, long num, void *ptr)
                ret=(long)data->bind_mode;
                break;
        case BIO_CTRL_DUP:
-               dbio=(BIO *)ptr;
-/*             if (data->param_port) EAY EAY
+/*             dbio=(BIO *)ptr;
+               if (data->param_port) EAY EAY
                        BIO_set_port(dbio,data->param_port);
                if (data->param_hostname)
                        BIO_set_hostname(dbio,data->param_hostname);
index a0e9ec3..12e5be8 100644 (file)
@@ -551,7 +551,7 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
             int tna, int tnb, BN_ULONG *t)
        {
        int i,j,n2=n*2;
-       int c1,c2,neg,zero;
+       int c1,c2,neg;
        BN_ULONG ln,lo,*p;
 
 # ifdef BN_COUNT
@@ -567,7 +567,7 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
        /* r=(a[0]-a[1])*(b[1]-b[0]) */
        c1=bn_cmp_part_words(a,&(a[n]),tna,n-tna);
        c2=bn_cmp_part_words(&(b[n]),b,tnb,tnb-n);
-       zero=neg=0;
+       neg=0;
        switch (c1*3+c2)
                {
        case -4:
@@ -575,7 +575,6 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
                bn_sub_part_words(&(t[n]),b,      &(b[n]),tnb,n-tnb); /* - */
                break;
        case -3:
-               zero=1;
                /* break; */
        case -2:
                bn_sub_part_words(t,      &(a[n]),a,      tna,tna-n); /* - */
@@ -585,7 +584,6 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
        case -1:
        case 0:
        case 1:
-               zero=1;
                /* break; */
        case 2:
                bn_sub_part_words(t,      a,      &(a[n]),tna,n-tna); /* + */
@@ -593,7 +591,6 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
                neg=1;
                break;
        case 3:
-               zero=1;
                /* break; */
        case 4:
                bn_sub_part_words(t,      a,      &(a[n]),tna,n-tna);
@@ -1012,7 +1009,6 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
                {
                if (i >= -1 && i <= 1)
                        {
-                       int sav_j =0;
                        /* Find out the power of two lower or equal
                           to the longest of the two numbers */
                        if (i >= 0)
@@ -1023,7 +1019,6 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
                                {
                                j = BN_num_bits_word((BN_ULONG)bl);
                                }
-                       sav_j = j;
                        j = 1<<(j-1);
                        assert(j <= al || j <= bl);
                        k = j+j;
index 22617e5..0c1ee2b 100644 (file)
@@ -285,7 +285,7 @@ CONF_VALUE *_CONF_new_section(CONF *conf, const char *section)
        v->value=(char *)sk;
        
        vv=lh_CONF_VALUE_insert(conf->data,v);
-       assert(vv == NULL);
+       OPENSSL_assert(vv == NULL);
        ok=1;
 err:
        if (!ok)
index 0b571b0..cf95132 100644 (file)
@@ -213,13 +213,12 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
        int bufnum=0,i,ii;
        BUF_MEM *buff=NULL;
        char *s,*p,*end;
-       int again,n;
+       int again;
        long eline=0;
        char btmp[DECIMAL_SIZE(eline)+1];
        CONF_VALUE *v=NULL,*tv;
        CONF_VALUE *sv=NULL;
        char *section=NULL,*buf;
-       STACK_OF(CONF_VALUE) *section_sk=NULL,*ts;
        char *start,*psection,*pname;
        void *h = (void *)(conf->data);
 
@@ -250,7 +249,6 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
                                        CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
                goto err;
                }
-       section_sk=(STACK_OF(CONF_VALUE) *)sv->value;
 
        bufnum=0;
        again=0;
@@ -309,7 +307,6 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
                buf=buff->data;
 
                clear_comments(conf, buf);
-               n=strlen(buf);
                s=eat_ws(conf, buf);
                if (IS_EOF(conf,*s)) continue; /* blank line */
                if (*s == '[')
@@ -343,7 +340,6 @@ again:
                                        CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
                                goto err;
                                }
-                       section_sk=(STACK_OF(CONF_VALUE) *)sv->value;
                        continue;
                        }
                else
@@ -406,13 +402,9 @@ again:
                                           CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
                                        goto err;
                                        }
-                               ts=(STACK_OF(CONF_VALUE) *)tv->value;
                                }
                        else
-                               {
                                tv=sv;
-                               ts=section_sk;
-                               }
 #if 1
                        if (_CONF_add_string(conf, tv, v) == 0)
                                {
@@ -465,9 +457,6 @@ err:
 
 static void clear_comments(CONF *conf, char *p)
        {
-       char *to;
-
-       to=p;
        for (;;)
                {
                if (IS_FCOMMENT(conf,*p))
index 0fcd25f..cb0b453 100644 (file)
@@ -120,7 +120,7 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
        BIGNUM *r0,*W,*X,*c,*test;
        BIGNUM *g=NULL,*q=NULL,*p=NULL;
        BN_MONT_CTX *mont=NULL;
-       int i, k,n=0,b,m=0, qsize = qbits >> 3;
+       int i, k, n=0, m=0, qsize = qbits >> 3;
        int counter=0;
        int r=0;
        BN_CTX *ctx=NULL;
@@ -232,7 +232,6 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
                /* "offset = 2" */
 
                n=(bits-1)/160;
-               b=(bits-1)-n*160;
 
                for (;;)
                        {
index e89b1d4..4d8ea03 100644 (file)
@@ -96,7 +96,6 @@ const ECDH_METHOD *ECDH_get_default_method(void)
 
 int ECDH_set_method(EC_KEY *eckey, const ECDH_METHOD *meth)
        {
-       const ECDH_METHOD *mtmp;
        ECDH_DATA *ecdh;
 
        ecdh = ecdh_check(eckey);
@@ -104,8 +103,8 @@ int ECDH_set_method(EC_KEY *eckey, const ECDH_METHOD *meth)
        if (ecdh == NULL)
                return 0;
 
-        mtmp = ecdh->meth;
 #if 0
+        mtmp = ecdh->meth;
         if (mtmp->finish)
                mtmp->finish(eckey);
 #endif
index 85e8a3a..2ebae3a 100644 (file)
@@ -83,7 +83,6 @@ const ECDSA_METHOD *ECDSA_get_default_method(void)
 
 int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth)
 {
-        const ECDSA_METHOD *mtmp;
        ECDSA_DATA *ecdsa;
 
        ecdsa = ecdsa_check(eckey);
@@ -91,7 +90,6 @@ int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth)
        if (ecdsa == NULL)
                return 0;
 
-        mtmp = ecdsa->meth;
 #ifndef OPENSSL_NO_ENGINE
        if (ecdsa->engine)
        {
index b42c747..28546a8 100644 (file)
@@ -235,7 +235,7 @@ void EVP_DecodeInit(EVP_ENCODE_CTX *ctx)
 int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
             const unsigned char *in, int inl)
        {
-       int seof= -1,eof=0,rv= -1,ret=0,i,v,tmp,n,ln,tmp2,exp_nl;
+       int seof= -1,eof=0,rv= -1,ret=0,i,v,tmp,n,ln,exp_nl;
        unsigned char *d;
 
        n=ctx->num;
@@ -319,7 +319,6 @@ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
                         * lines.  We process the line and then need to
                         * accept the '\n' */
                        if ((v != B64_EOF) && (n >= 64)) exp_nl=1;
-                       tmp2=v;
                        if (n > 0)
                                {
                                v=EVP_DecodeBlock(out,d,n);
index 45015fe..6c98fc4 100644 (file)
@@ -138,12 +138,9 @@ int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len)
 
 int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
        {
-       int j;
        unsigned int i;
        unsigned char buf[EVP_MAX_MD_SIZE];
 
-       j=EVP_MD_block_size(ctx->md);
-
        if (!EVP_DigestFinal_ex(&ctx->md_ctx,buf,&i))
                goto err;
        if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->o_ctx))
index 1695c9c..87608ff 100644 (file)
@@ -182,7 +182,6 @@ int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o, unsigned long flags)
         {
        int i, ret = 0;
        long l;
-       unsigned char *p;
        OCSP_CERTID *cid = NULL;
        OCSP_BASICRESP *br = NULL;
        OCSP_RESPID *rid = NULL;
@@ -207,7 +206,6 @@ int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o, unsigned long flags)
                return 1;
                }
 
-       p = ASN1_STRING_data(rb->response);
        i = ASN1_STRING_length(rb->response);
        if (!(br = OCSP_response_get1_basic(o))) goto err;
        rd = br->tbsResponseData;
index 42e4861..cfc89a9 100644 (file)
@@ -482,7 +482,6 @@ int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
 
 int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
        {
-       int o;
        const EVP_CIPHER *enc=NULL;
        char *p,c;
        char **header_pp = &header;
@@ -522,7 +521,6 @@ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
                header++;
                }
        *header='\0';
-       o=OBJ_sn2nid(p);
        cipher->cipher=enc=EVP_get_cipherbyname(p);
        *header=c;
        header++;
index d998a67..5f130c4 100644 (file)
@@ -662,7 +662,7 @@ static int do_PVK_header(const unsigned char **in, unsigned int length,
                
        {
        const unsigned char *p = *in;
-       unsigned int pvk_magic, keytype, is_encrypted;
+       unsigned int pvk_magic, is_encrypted;
        if (skip_magic)
                {
                if (length < 20)
@@ -689,7 +689,7 @@ static int do_PVK_header(const unsigned char **in, unsigned int length,
                }
        /* Skip reserved */
        p += 4;
-       keytype = read_ledword(&p);
+       /*keytype = */read_ledword(&p);
        is_encrypted = read_ledword(&p);
        *psaltlen = read_ledword(&p);
        *pkeylen = read_ledword(&p);
@@ -839,7 +839,7 @@ EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u)
 static int i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel,
                pem_password_cb *cb, void *u)
        {
-       int outlen = 24, noinc, pklen;
+       int outlen = 24, pklen;
        unsigned char *p, *salt = NULL;
        if (enclevel)
                outlen += PVK_SALTLEN;
@@ -850,10 +850,7 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel,
        if (!out)
                return outlen;
        if (*out)
-               {
                p = *out;
-               noinc = 0;
-               }
        else
                {
                p = OPENSSL_malloc(outlen);
@@ -863,7 +860,6 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel,
                        return -1;
                        }
                *out = p;
-               noinc = 1;
                }
 
        write_ledword(&p, MS_PVKMAGIC);
index 451de84..3bf1a36 100644 (file)
@@ -422,7 +422,6 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
        X509_ALGOR *enc_alg=NULL;
        STACK_OF(X509_ALGOR) *md_sk=NULL;
        STACK_OF(PKCS7_RECIP_INFO) *rsk=NULL;
-       X509_ALGOR *xalg=NULL;
        PKCS7_RECIP_INFO *ri=NULL;
 
        i=OBJ_obj2nid(p7->type);
@@ -445,7 +444,6 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
                        PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
                        goto err;
                        }
-               xalg=p7->d.signed_and_enveloped->enc_data->algorithm;
                break;
        case NID_pkcs7_enveloped:
                rsk=p7->d.enveloped->recipientinfo;
@@ -457,7 +455,6 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
                        PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
                        goto err;
                        }
-               xalg=p7->d.enveloped->enc_data->algorithm;
                break;
        default:
                PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
index 3ca0952..d411269 100644 (file)
@@ -591,7 +591,6 @@ X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si)
 int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher)
        {
        int i;
-       ASN1_OBJECT *objtmp;
        PKCS7_ENC_CONTENT *ec;
 
        i=OBJ_obj2nid(p7->type);
@@ -614,7 +613,6 @@ int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher)
                PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
                return(0);
        }
-       objtmp = OBJ_nid2obj(i);
 
        ec->cipher = cipher;
        return 1;
index 99a6fb8..eab13a1 100644 (file)
@@ -167,14 +167,13 @@ pqueue_pop(pqueue_s *pq)
 pitem *
 pqueue_find(pqueue_s *pq, unsigned char *prio64be)
        {
-       pitem *next, *prev = NULL;
+       pitem *next;
        pitem *found = NULL;
 
        if ( pq->items == NULL)
                return NULL;
 
-       for ( next = pq->items; next->next != NULL; 
-                 prev = next, next = next->next)
+       for ( next = pq->items; next->next != NULL; next = next->next)
                {
                if ( memcmp(next->priority, prio64be,8) == 0)
                        {
index 4ed40b7..678b0fe 100644 (file)
@@ -269,7 +269,6 @@ err:
 const char *RAND_file_name(char *buf, size_t size)
        {
        char *s=NULL;
-       int ok = 0;
 #ifdef __OpenBSD__
        struct stat sb;
 #endif
@@ -298,7 +297,6 @@ const char *RAND_file_name(char *buf, size_t size)
                        BUF_strlcat(buf,"/",size);
 #endif
                        BUF_strlcat(buf,RFILE,size);
-                       ok = 1;
                        }
                else
                        buf[0] = '\0'; /* no file name */
index 92f6b24..bb97773 100644 (file)
@@ -341,9 +341,8 @@ static int tree_link_nodes(X509_POLICY_LEVEL *curr,
                                const X509_POLICY_CACHE *cache)
        {
        int i;
-       X509_POLICY_LEVEL *last;
        X509_POLICY_DATA *data;
-       last = curr - 1;
+
        for (i = 0; i < sk_X509_POLICY_DATA_num(cache->data); i++)
                {
                data = sk_X509_POLICY_DATA_value(cache->data, i);
index f620a21..e6c2839 100644 (file)
@@ -39,7 +39,7 @@ static ASN1_STRING  *encode_gost_algor_params(const EVP_PKEY *key)
        ASN1_STRING *params = ASN1_STRING_new();
        GOST_KEY_PARAMS *gkp = GOST_KEY_PARAMS_new();
        int pkey_param_nid = NID_undef;
-       int cipher_param_nid = NID_undef;
+
        if (!params || !gkp) 
                {
                GOSTerr(GOST_F_ENCODE_GOST_ALGOR_PARAMS,
@@ -52,7 +52,6 @@ static ASN1_STRING  *encode_gost_algor_params(const EVP_PKEY *key)
                {
                case NID_id_GostR3410_2001:
                        pkey_param_nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(EVP_PKEY_get0((EVP_PKEY *)key)));
-                       cipher_param_nid = get_encryption_params(NULL)->nid;
                        break;
                case NID_id_GostR3410_94:
                        pkey_param_nid = (int) gost94_nid_by_params(EVP_PKEY_get0((EVP_PKEY *)key));
@@ -64,7 +63,6 @@ static ASN1_STRING  *encode_gost_algor_params(const EVP_PKEY *key)
                                params=NULL;
                                goto err;
                                }       
-                       cipher_param_nid = get_encryption_params(NULL)->nid;
                        break;
                }       
        gkp->key_params = OBJ_nid2obj(pkey_param_nid);
index 9c2729c..fdc2100 100644 (file)
@@ -1077,11 +1077,11 @@ static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
 static int hwcrhk_rsa_finish(RSA *rsa)
        {
        HWCryptoHook_RSAKeyHandle *hptr;
-       int ret;
+
        hptr = RSA_get_ex_data(rsa, hndidx_rsa);
        if (hptr)
                 {
-                ret = p_hwcrhk_RSAUnloadKey(*hptr, NULL);
+                p_hwcrhk_RSAUnloadKey(*hptr, NULL);
                 OPENSSL_free(hptr);
                RSA_set_ex_data(rsa, hndidx_rsa, NULL);
                 }
index bc65179..2e64ff3 100644 (file)
@@ -811,7 +811,6 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
        SW_PARAM sw_param;
        SW_STATUS sw_status;
        SW_LARGENUMBER arg, res;
-       unsigned char *ptr;
        BN_CTX *ctx;
        BIGNUM *dsa_p = NULL;
        BIGNUM *dsa_q = NULL;
@@ -899,7 +898,6 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
                goto err;
                }
        /* Convert the response */
-       ptr = (unsigned char *)result->d;
        if((to_return = DSA_SIG_new()) == NULL)
                goto err;
        to_return->r = BN_bin2bn((unsigned char *)result->d, 20, NULL);
index 9b747b9..aa5709b 100644 (file)
@@ -630,10 +630,8 @@ static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
                        const BIGNUM *dq, const BIGNUM *qinv, BN_CTX *ctx)
        {
        int     y_len,
-               m_len,
                fd;
 
-       m_len = BN_num_bytes(p) + BN_num_bytes(q) + 1;
        y_len = BN_num_bits(p) + BN_num_bits(q);
 
        /* Check if hardware can't handle this argument. */
index a5439d5..1fd58bf 100644 (file)
@@ -296,9 +296,6 @@ dtls1_process_buffered_records(SSL *s)
     item = pqueue_peek(s->d1->unprocessed_rcds.q);
     if (item)
         {
-        DTLS1_RECORD_DATA *rdata;
-        rdata = (DTLS1_RECORD_DATA *)item->data;
-        
         /* Check if epoch is current. */
         if (s->d1->unprocessed_rcds.epoch != s->d1->r_epoch)
             return(1);  /* Nothing to do. */
@@ -528,14 +525,12 @@ int dtls1_get_record(SSL *s)
        int ssl_major,ssl_minor;
        int i,n;
        SSL3_RECORD *rr;
-       SSL_SESSION *sess;
        unsigned char *p = NULL;
        unsigned short version;
        DTLS1_BITMAP *bitmap;
        unsigned int is_next_epoch;
 
        rr= &(s->s3->rrec);
-       sess=s->session;
 
        /* The epoch may have changed.  If so, process all the
         * pending records.  This is a non-blocking operation. */
index e3fce53..3bf7283 100644 (file)
@@ -92,15 +92,8 @@ const SSL_CIPHER *ssl23_get_cipher(unsigned int u)
  * available */
 const SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p)
        {
-       SSL_CIPHER c;
        const SSL_CIPHER *cp;
-       unsigned long id;
-       int n;
 
-       n=ssl3_num_ciphers();
-       id=0x03000000|((unsigned long)p[0]<<16L)|
-               ((unsigned long)p[1]<<8L)|(unsigned long)p[2];
-       c.id=id;
        cp=ssl3_get_cipher_by_char(p);
 #ifndef OPENSSL_NO_SSL2
        if (cp == NULL)
index 1434e73..9471676 100644 (file)
@@ -697,7 +697,6 @@ static int server_hello(SSL *s)
        {
        unsigned char *p,*d;
        int n,hit;
-       STACK_OF(SSL_CIPHER) *sk;
 
        p=(unsigned char *)s->init_buf->data;
        if (s->state == SSL2_ST_SEND_SERVER_HELLO_A)
@@ -778,7 +777,6 @@ static int server_hello(SSL *s)
                        
                        /* lets send out the ciphers we like in the
                         * prefered order */
-                       sk= s->session->ciphers;
                        n=ssl_cipher_list_to_bytes(s,s->session->ciphers,d,0);
                        d+=n;
                        s2n(n,p);               /* add cipher length */
index 3d7aec9..58386e1 100644 (file)
@@ -214,7 +214,7 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num)
 
 int ssl3_change_cipher_state(SSL *s, int which)
        {
-       unsigned char *p,*key_block,*mac_secret;
+       unsigned char *p,*mac_secret;
        unsigned char exp_key[EVP_MAX_KEY_LENGTH];
        unsigned char exp_iv[EVP_MAX_IV_LENGTH];
        unsigned char *ms,*key,*iv,*er1,*er2;
@@ -239,7 +239,6 @@ int ssl3_change_cipher_state(SSL *s, int which)
        else
                comp=s->s3->tmp.new_compression->method;
 #endif
-       key_block=s->s3->tmp.key_block;
 
        if (which & SSL3_CC_READ)
                {
index 2870997..d7f4c60 100644 (file)
@@ -357,7 +357,7 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
 SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
                             long length)
        {
-       int version,ssl_version=0,i;
+       int ssl_version=0,i;
        long id;
        ASN1_INTEGER ai,*aip;
        ASN1_OCTET_STRING os,*osp;
@@ -371,7 +371,6 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
 
        ai.data=NULL; ai.length=0;
        M_ASN1_D2I_get_x(ASN1_INTEGER,aip,d2i_ASN1_INTEGER);
-       version=(int)ASN1_INTEGER_get(aip);
        if (ai.data != NULL) { OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; }
 
        /* we don't care about the version right now :-) */
index bee3507..a8ce186 100644 (file)
@@ -1027,7 +1027,7 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
                 const SSL_CIPHER **ca_list)
        {
        unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, algo_strength;
-       const char *l, *start, *buf;
+       const char *l, *buf;
        int j, multi, found, rule, retval, ok, buflen;
        unsigned long cipher_id = 0;
        char ch;
@@ -1064,7 +1064,6 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
                alg_ssl = 0;
                algo_strength = 0;
 
-               start=l;
                for (;;)
                        {
                        ch = *l;
@@ -1456,7 +1455,7 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
        int is_export,pkl,kl;
        const char *ver,*exp_str;
        const char *kx,*au,*enc,*mac;
-       unsigned long alg_mkey,alg_auth,alg_enc,alg_mac,alg_ssl,alg2,alg_s;
+       unsigned long alg_mkey,alg_auth,alg_enc,alg_mac,alg_ssl,alg2;
 #ifdef KSSL_DEBUG
        static const char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx/%lx/%lx/%lx/%lx\n";
 #else
@@ -1469,7 +1468,6 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
        alg_mac = cipher->algorithm_mac;
        alg_ssl = cipher->algorithm_ssl;
 
-       alg_s=cipher->algo_strength;
        alg2=cipher->algorithm2;
 
        is_export=SSL_C_IS_EXPORT(cipher);
index 3157f20..912592b 100644 (file)
@@ -2110,23 +2110,12 @@ int ssl_check_srvr_ecc_cert_and_alg(X509 *x, const SSL_CIPHER *cs)
 /* THIS NEEDS CLEANING UP */
 X509 *ssl_get_server_send_cert(SSL *s)
        {
-       unsigned long alg_k,alg_a,mask_k,mask_a;
+       unsigned long alg_k,alg_a;
        CERT *c;
-       int i,is_export;
+       int i;
 
        c=s->cert;
        ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
-       is_export=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
-       if (is_export)
-               {
-               mask_k = c->export_mask_k;
-               mask_a = c->export_mask_a;
-               }
-       else
-               {
-               mask_k = c->mask_k;
-               mask_a = c->mask_a;
-               }
        
        alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
        alg_a = s->s3->tmp.new_cipher->algorithm_auth;
index abf214a..0bb4fa4 100644 (file)
@@ -1430,7 +1430,6 @@ int doit(SSL *s_ssl, SSL *c_ssl, long count)
        BIO *c_bio=NULL;
        BIO *s_bio=NULL;
        int c_r,c_w,s_r,s_w;
-       int c_want,s_want;
        int i,j;
        int done=0;
        int c_write,s_write;
@@ -1465,8 +1464,6 @@ int doit(SSL *s_ssl, SSL *c_ssl, long count)
 
        c_r=0; s_r=1;
        c_w=1; s_w=0;
-       c_want=W_WRITE;
-       s_want=0;
        c_write=1,s_write=0;
 
        /* We can always do writes */
index 9719541..793ea43 100644 (file)
@@ -157,7 +157,7 @@ static int tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
                        const void *seed5, int seed5_len,
                        unsigned char *out, int olen)
        {
-       int chunk,n;
+       int chunk;
        unsigned int j;
        HMAC_CTX ctx;
        HMAC_CTX ctx_tmp;
@@ -187,7 +187,6 @@ static int tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
        if (!HMAC_Final(&ctx,A1,&A1_len))
                goto err;
 
-       n=0;
        for (;;)
                {
                if (!HMAC_Init_ex(&ctx,NULL,0,NULL,NULL)) /* re-init */
@@ -309,13 +308,13 @@ static int tls1_generate_key_block(SSL *s, unsigned char *km,
 int tls1_change_cipher_state(SSL *s, int which)
        {
        static const unsigned char empty[]="";
-       unsigned char *p,*key_block,*mac_secret;
+       unsigned char *p,*mac_secret;
        unsigned char *exp_label;
        unsigned char tmp1[EVP_MAX_KEY_LENGTH];
        unsigned char tmp2[EVP_MAX_KEY_LENGTH];
        unsigned char iv1[EVP_MAX_IV_LENGTH*2];
        unsigned char iv2[EVP_MAX_IV_LENGTH*2];
-       unsigned char *ms,*key,*iv,*er1,*er2;
+       unsigned char *ms,*key,*iv;
        int client_write;
        EVP_CIPHER_CTX *dd;
        const EVP_CIPHER *c;
@@ -337,7 +336,6 @@ int tls1_change_cipher_state(SSL *s, int which)
 #ifndef OPENSSL_NO_COMP
        comp=s->s3->tmp.new_compression;
 #endif
-       key_block=s->s3->tmp.key_block;
 
 #ifdef KSSL_DEBUG
        printf("tls1_change_cipher_state(which= %d) w/\n", which);
@@ -448,8 +446,6 @@ int tls1_change_cipher_state(SSL *s, int which)
                       cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl;
        /* Was j=(exp)?5:EVP_CIPHER_key_length(c); */
        k=EVP_CIPHER_iv_length(c);
-       er1= &(s->s3->client_random[0]);
-       er2= &(s->s3->server_random[0]);
        if (    (which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) ||
                (which == SSL3_CHANGE_CIPHER_SERVER_READ))
                {
@@ -880,7 +876,7 @@ int tls1_final_finish_mac(SSL *s,
 int tls1_mac(SSL *ssl, unsigned char *md, int send)
        {
        SSL3_RECORD *rec;
-       unsigned char *mac_sec,*seq;
+       unsigned char *seq;
        EVP_MD_CTX *hash;
        size_t md_size;
        int i;
@@ -892,14 +888,12 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
        if (send)
                {
                rec= &(ssl->s3->wrec);
-               mac_sec= &(ssl->s3->write_mac_secret[0]);
                seq= &(ssl->s3->write_sequence[0]);
                hash=ssl->write_hash;
                }
        else
                {
                rec= &(ssl->s3->rrec);
-               mac_sec= &(ssl->s3->read_mac_secret[0]);
                seq= &(ssl->s3->read_sequence[0]);
                hash=ssl->read_hash;
                }
index e8bc34c..e395287 100644 (file)
@@ -983,9 +983,9 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
 
 int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, int n, int *al)
        {
+       unsigned short length;
        unsigned short type;
        unsigned short size;
-       unsigned short len;  
        unsigned char *data = *p;
        int tlsext_servername = 0;
        int renegotiate_seen = 0;
@@ -993,7 +993,12 @@ int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
        if (data >= (d+n-2))
                goto ri_check;
 
-       n2s(data,len);
+       n2s(data,length);
+       if (data+length != d+n)
+               {
+               *al = SSL_AD_DECODE_ERROR;
+               return 0;
+               }
 
        while(data <= (d+n-4))
                {