From 53332a75d16a5bb3b9d90c15fcf38d2e87160a52 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 16 Dec 2014 04:13:41 +0100 Subject: [PATCH] Clear warnings/errors within KSSL_DEBUG code sections Reviewed-by: Andy Polyakov --- crypto/evp/e_des3.c | 22 +++++++------- ssl/kssl.c | 72 ++++++++++++++++++++++----------------------- ssl/s3_clnt.c | 12 ++++---- ssl/s3_lib.c | 2 +- ssl/s3_srvr.c | 8 ++--- ssl/ssl_ciph.c | 4 +-- ssl/t1_enc.c | 60 ++++++++++++++++++------------------- 7 files changed, 91 insertions(+), 89 deletions(-) diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c index 24e9fec777..ad7be6b639 100644 --- a/crypto/evp/e_des3.c +++ b/crypto/evp/e_des3.c @@ -148,12 +148,11 @@ static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, #ifdef KSSL_DEBUG { int i; - char *cp; - printf("des_ede_cbc_cipher(ctx=%lx, buflen=%d)\n", ctx, ctx->buf_len); - printf("\t iv= "); + fprintf(stderr,"des_ede_cbc_cipher(ctx=%p, buflen=%d)\n", ctx, ctx->buf_len); + fprintf(stderr,"\t iv= "); for(i=0;i<8;i++) - printf("%02X",ctx->iv[i]); - printf("\n"); + fprintf(stderr,"%02X",ctx->iv[i]); + fprintf(stderr,"\n"); } #endif /* KSSL_DEBUG */ if (dat->stream.cbc) @@ -307,11 +306,14 @@ static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, #ifdef KSSL_DEBUG { int i; - printf("des_ede3_init_key(ctx=%lx)\n", ctx); - printf("\tKEY= "); - for(i=0;i<24;i++) printf("%02X",key[i]); printf("\n"); - printf("\t IV= "); - for(i=0;i<8;i++) printf("%02X",iv[i]); printf("\n"); + fprintf(stderr,"des_ede3_init_key(ctx=%p)\n", ctx); + fprintf(stderr,"\tKEY= "); + for(i=0;i<24;i++) fprintf(stderr,"%02X",key[i]); fprintf(stderr,"\n"); + if (iv) + { + fprintf(stderr,"\t IV= "); + for(i=0;i<8;i++) fprintf(stderr,"%02X",iv[i]); fprintf(stderr,"\n"); + } } #endif /* KSSL_DEBUG */ diff --git a/ssl/kssl.c b/ssl/kssl.c index fd7c67bb1f..950a0c56f1 100644 --- a/ssl/kssl.c +++ b/ssl/kssl.c @@ -954,15 +954,15 @@ print_krb5_data(char *label, krb5_data *kdata) { int i; - printf("%s[%d] ", label, kdata->length); + fprintf(stderr,"%s[%d] ", label, kdata->length); for (i=0; i < (int)kdata->length; i++) { if (0 && isprint((int) kdata->data[i])) - printf( "%c ", kdata->data[i]); + fprintf(stderr, "%c ", kdata->data[i]); else - printf( "%02x ", (unsigned char) kdata->data[i]); + fprintf(stderr, "%02x ", (unsigned char) kdata->data[i]); } - printf("\n"); + fprintf(stderr,"\n"); } @@ -973,20 +973,20 @@ print_krb5_authdata(char *label, krb5_authdata **adata) { if (adata == NULL) { - printf("%s, authdata==0\n", label); + fprintf(stderr,"%s, authdata==0\n", label); return; } - printf("%s [%p]\n", label, (void *)adata); + fprintf(stderr,"%s [%p]\n", label, (void *)adata); #if 0 { int i; - printf("%s[at%d:%d] ", label, adata->ad_type, adata->length); + fprintf(stderr,"%s[at%d:%d] ", label, adata->ad_type, adata->length); for (i=0; i < adata->length; i++) { - printf((isprint(adata->contents[i]))? "%c ": "%02x", + fprintf(stderr,(isprint(adata->contents[i]))? "%c ": "%02x", adata->contents[i]); } - printf("\n"); + fprintf(stderr,"\n"); } #endif } @@ -1001,24 +1001,24 @@ print_krb5_keyblock(char *label, krb5_keyblock *keyblk) if (keyblk == NULL) { - printf("%s, keyblk==0\n", label); + fprintf(stderr,"%s, keyblk==0\n", label); return; } #ifdef KRB5_HEIMDAL - printf("%s\n\t[et%d:%d]: ", label, keyblk->keytype, + fprintf(stderr,"%s\n\t[et%d:%d]: ", label, keyblk->keytype, keyblk->keyvalue->length); for (i=0; i < (int)keyblk->keyvalue->length; i++) { - printf("%02x",(unsigned char *)(keyblk->keyvalue->contents)[i]); + fprintf(stderr,"%02x",(unsigned char *)(keyblk->keyvalue->contents)[i]); } - printf("\n"); + fprintf(stderr,"\n"); #else - printf("%s\n\t[et%d:%d]: ", label, keyblk->enctype, keyblk->length); + fprintf(stderr,"%s\n\t[et%d:%d]: ", label, keyblk->enctype, keyblk->length); for (i=0; i < (int)keyblk->length; i++) { - printf("%02x",keyblk->contents[i]); + fprintf(stderr,"%02x",keyblk->contents[i]); } - printf("\n"); + fprintf(stderr,"\n"); #endif } @@ -1031,17 +1031,17 @@ print_krb5_princ(char *label, krb5_principal_data *princ) { int i, ui, uj; - printf("%s principal Realm: ", label); + fprintf(stderr,"%s principal Realm: ", label); if (princ == NULL) return; for (ui=0; ui < (int)princ->realm.length; ui++) putchar(princ->realm.data[ui]); - printf(" (nametype %d) has %d strings:\n", princ->type,princ->length); + fprintf(stderr," (nametype %d) has %d strings:\n", princ->type,princ->length); for (i=0; i < (int)princ->length; i++) { - printf("\t%d [%d]: ", i, princ->data[i].length); + fprintf(stderr,"\t%d [%d]: ", i, princ->data[i].length); for (uj=0; uj < (int)princ->data[i].length; uj++) { putchar(princ->data[i].data[uj]); } - printf("\n"); + fprintf(stderr,"\n"); } return; } @@ -1332,7 +1332,7 @@ kssl_sget_tkt( /* UPDATE */ KSSL_CTX *kssl_ctx, } #ifdef KSSL_DEBUG - printf("in kssl_sget_tkt(%s)\n", kstring(kssl_ctx->service_name)); + fprintf(stderr,"in kssl_sget_tkt(%s)\n", kstring(kssl_ctx->service_name)); #endif /* KSSL_DEBUG */ if (!krb5context && (krb5rc = krb5_init_context(&krb5context))) @@ -1481,18 +1481,18 @@ kssl_sget_tkt( /* UPDATE */ KSSL_CTX *kssl_ctx, #ifdef KSSL_DEBUG { int i; krb5_address **paddr = krb5ticket->enc_part2->caddrs; - printf("Decrypted ticket fields:\n"); - printf("\tflags: %X, transit-type: %X", + fprintf(stderr,"Decrypted ticket fields:\n"); + fprintf(stderr,"\tflags: %X, transit-type: %X", krb5ticket->enc_part2->flags, krb5ticket->enc_part2->transited.tr_type); print_krb5_data("\ttransit-data: ", &(krb5ticket->enc_part2->transited.tr_contents)); - printf("\tcaddrs: %p, authdata: %p\n", + fprintf(stderr,"\tcaddrs: %p, authdata: %p\n", krb5ticket->enc_part2->caddrs, krb5ticket->enc_part2->authorization_data); if (paddr) { - printf("\tcaddrs:\n"); + fprintf(stderr,"\tcaddrs:\n"); for (i=0; paddr[i] != NULL; i++) { krb5_data d; @@ -1501,7 +1501,7 @@ kssl_sget_tkt( /* UPDATE */ KSSL_CTX *kssl_ctx, print_krb5_data("\t\tIP: ", &d); } } - printf("\tstart/auth/end times: %d / %d / %d\n", + fprintf(stderr,"\tstart/auth/end times: %d / %d / %d\n", krb5ticket->enc_part2->times.starttime, krb5ticket->enc_part2->times.authtime, krb5ticket->enc_part2->times.endtime); @@ -1976,7 +1976,7 @@ krb5_error_code kssl_validate_times( krb5_timestamp atime, if ((now - ttimes->endtime) > skew) return SSL_R_KRB5_S_TKT_EXPIRED; #ifdef KSSL_DEBUG - printf("kssl_validate_times: %d |<- | %d - %d | < %d ->| %d\n", + fprintf(stderr,"kssl_validate_times: %d |<- | %d - %d | < %d ->| %d\n", start, atime, now, skew, ttimes->endtime); #endif /* KSSL_DEBUG */ @@ -2027,10 +2027,10 @@ krb5_error_code kssl_check_authent( #ifdef KSSL_DEBUG { unsigned int ui; - printf("kssl_check_authent: authenticator[%d]:\n",authentp->length); + fprintf(stderr,"kssl_check_authent: authenticator[%d]:\n",authentp->length); p = authentp->data; - for (ui=0; ui < authentp->length; ui++) printf("%02x ",p[ui]); - printf("\n"); + for (ui=0; ui < authentp->length; ui++) fprintf(stderr,"%02x ",p[ui]); + fprintf(stderr,"\n"); } #endif /* KSSL_DEBUG */ @@ -2095,9 +2095,9 @@ krb5_error_code kssl_check_authent( #ifdef KSSL_DEBUG { int padl; - printf("kssl_check_authent: decrypted authenticator[%d] =\n", outl); - for (padl=0; padl < outl; padl++) printf("%02x ",unenc_authent[padl]); - printf("\n"); + fprintf(stderr,"kssl_check_authent: decrypted authenticator[%d] =\n", outl); + for (padl=0; padl < outl; padl++) fprintf(stderr,"%02x ",unenc_authent[padl]); + fprintf(stderr,"\n"); } #endif /* KSSL_DEBUG */ @@ -2132,10 +2132,10 @@ krb5_error_code kssl_check_authent( } #ifdef KSSL_DEBUG - printf("kssl_check_authent: returns %d for client time ", *atimep); + fprintf(stderr,"kssl_check_authent: returns %d for client time ", *atimep); if (auth && auth->ctime && auth->ctime->length && auth->ctime->data) - printf("%.*s\n", auth->ctime->length, auth->ctime->data); - else printf("NULL\n"); + fprintf(stderr,"%.*s\n", auth->ctime->length, auth->ctime->data); + else fprintf(stderr,"NULL\n"); #endif /* KSSL_DEBUG */ err: diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 2b9fdb0599..47cb93d8a1 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -1263,9 +1263,9 @@ int ssl3_get_server_certificate(SSL *s) ? 0 : 1; #ifdef KSSL_DEBUG - printf("pkey,x = %p, %p\n", pkey,x); - printf("ssl_cert_type(x,pkey) = %d\n", ssl_cert_type(x,pkey)); - printf("cipher, alg, nc = %s, %lx, %lx, %d\n", s->s3->tmp.new_cipher->name, + fprintf(stderr,"pkey,x = %p, %p\n", pkey,x); + fprintf(stderr,"ssl_cert_type(x,pkey) = %d\n", ssl_cert_type(x,pkey)); + fprintf(stderr,"cipher, alg, nc = %s, %lx, %lx, %d\n", s->s3->tmp.new_cipher->name, s->s3->tmp.new_cipher->algorithm_mkey, s->s3->tmp.new_cipher->algorithm_auth, need_cert); #endif /* KSSL_DEBUG */ @@ -2537,7 +2537,7 @@ int ssl3_send_client_key_exchange(SSL *s) EVP_CIPHER_CTX_init(&ciph_ctx); #ifdef KSSL_DEBUG - printf("ssl3_send_client_key_exchange(%lx & %lx)\n", + fprintf(stderr,"ssl3_send_client_key_exchange(%lx & %lx)\n", alg_k, SSL_kKRB5); #endif /* KSSL_DEBUG */ @@ -2553,9 +2553,9 @@ int ssl3_send_client_key_exchange(SSL *s) goto err; #ifdef KSSL_DEBUG { - printf("kssl_cget_tkt rtn %d\n", krb5rc); + fprintf(stderr,"kssl_cget_tkt rtn %d\n", krb5rc); if (krb5rc && kssl_err.text) - printf("kssl_cget_tkt kssl_err=%s\n", kssl_err.text); + fprintf(stderr,"kssl_cget_tkt kssl_err=%s\n", kssl_err.text); } #endif /* KSSL_DEBUG */ diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index b0d69edc12..82fc5a8487 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -4166,7 +4166,7 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, #endif #ifdef KSSL_DEBUG -/* printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);*/ +/* fprintf(stderr,"ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);*/ #endif /* KSSL_DEBUG */ alg_k=c->algorithm_mkey; diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 72ec51af1a..453d58b739 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -2542,10 +2542,10 @@ int ssl3_get_client_key_exchange(SSL *s) &kssl_err)) != 0) { #ifdef KSSL_DEBUG - printf("kssl_sget_tkt rtn %d [%d]\n", + fprintf(stderr,"kssl_sget_tkt rtn %d [%d]\n", krb5rc, kssl_err.reason); if (kssl_err.text) - printf("kssl_err text= %s\n", kssl_err.text); + fprintf(stderr,"kssl_err text= %s\n", kssl_err.text); #endif /* KSSL_DEBUG */ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, kssl_err.reason); @@ -2559,10 +2559,10 @@ int ssl3_get_client_key_exchange(SSL *s) &authtime, &kssl_err)) != 0) { #ifdef KSSL_DEBUG - printf("kssl_check_authent rtn %d [%d]\n", + fprintf(stderr,"kssl_check_authent rtn %d [%d]\n", krb5rc, kssl_err.reason); if (kssl_err.text) - printf("kssl_err text= %s\n", kssl_err.text); + fprintf(stderr,"kssl_err text= %s\n", kssl_err.text); #endif /* KSSL_DEBUG */ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, kssl_err.reason); diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index 726ba521e7..a6182dde36 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -837,7 +837,7 @@ static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method, co_list[co_list_num].active = 0; co_list_num++; #ifdef KSSL_DEBUG - printf("\t%d: %s %lx %lx %lx\n",i,c->name,c->id,c->algorithm_mkey,c->algorithm_auth); + fprintf(stderr,"\t%d: %s %lx %lx %lx\n",i,c->name,c->id,c->algorithm_mkey,c->algorithm_auth); #endif /* KSSL_DEBUG */ /* if (!sk_push(ca_list,(char *)c)) goto err; @@ -1482,7 +1482,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, */ num_of_ciphers = ssl_method->num_ciphers(); #ifdef KSSL_DEBUG - printf("ssl_create_cipher_list() for %d ciphers\n", num_of_ciphers); + fprintf(stderr,"ssl_create_cipher_list() for %d ciphers\n", num_of_ciphers); #endif /* KSSL_DEBUG */ co_list = (CIPHER_ORDER *)OPENSSL_malloc(sizeof(CIPHER_ORDER) * num_of_ciphers); if (co_list == NULL) diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 7974762d4c..5037130721 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -302,15 +302,15 @@ static int tls1_generate_key_block(SSL *s, unsigned char *km, s->session->master_key,s->session->master_key_length, km,tmp,num); #ifdef KSSL_DEBUG - printf("tls1_generate_key_block() ==> %d byte master_key =\n\t", + fprintf(stderr,"tls1_generate_key_block() ==> %d byte master_key =\n\t", s->session->master_key_length); { int i; for (i=0; i < s->session->master_key_length; i++) { - printf("%02X", s->session->master_key[i]); + fprintf(stderr,"%02X", s->session->master_key[i]); } - printf("\n"); } + fprintf(stderr,"\n"); } #endif /* KSSL_DEBUG */ return ret; } @@ -348,19 +348,19 @@ int tls1_change_cipher_state(SSL *s, int which) #endif #ifdef KSSL_DEBUG - printf("tls1_change_cipher_state(which= %d) w/\n", which); - printf("\talg= %ld/%ld, comp= %p\n", + fprintf(stderr,"tls1_change_cipher_state(which= %d) w/\n", which); + fprintf(stderr,"\talg= %ld/%ld, comp= %p\n", s->s3->tmp.new_cipher->algorithm_mkey, s->s3->tmp.new_cipher->algorithm_auth, comp); - printf("\tevp_cipher == %p ==? &d_cbc_ede_cipher3\n", c); - printf("\tevp_cipher: nid, blksz= %d, %d, keylen=%d, ivlen=%d\n", + fprintf(stderr,"\tevp_cipher == %p ==? &d_cbc_ede_cipher3\n", c); + fprintf(stderr,"\tevp_cipher: nid, blksz= %d, %d, keylen=%d, ivlen=%d\n", c->nid,c->block_size,c->key_len,c->iv_len); - printf("\tkey_block: len= %d, data= ", s->s3->tmp.key_block_length); + fprintf(stderr,"\tkey_block: len= %d, data= ", s->s3->tmp.key_block_length); { int i; for (i=0; is3->tmp.key_block_length; i++) - printf("%02x", s->s3->tmp.key_block[i]); printf("\n"); + fprintf(stderr,"%02x", s->s3->tmp.key_block[i]); fprintf(stderr,"\n"); } #endif /* KSSL_DEBUG */ @@ -539,11 +539,11 @@ printf("which = %04X\nmac key=",which); #ifdef KSSL_DEBUG { int i; - printf("EVP_CipherInit_ex(dd,c,key=,iv=,which)\n"); - printf("\tkey= "); for (i=0; ikey_len; i++) printf("%02x", key[i]); - printf("\n"); - printf("\t iv= "); for (i=0; iiv_len; i++) printf("%02x", iv[i]); - printf("\n"); + fprintf(stderr,"EVP_CipherInit_ex(dd,c,key=,iv=,which)\n"); + fprintf(stderr,"\tkey= "); for (i=0; ikey_len; i++) fprintf(stderr,"%02x", key[i]); + fprintf(stderr,"\n"); + fprintf(stderr,"\t iv= "); for (i=0; iiv_len; i++) fprintf(stderr,"%02x", iv[i]); + fprintf(stderr,"\n"); } #endif /* KSSL_DEBUG */ @@ -614,7 +614,7 @@ int tls1_setup_key_block(SSL *s) int ret=0; #ifdef KSSL_DEBUG - printf ("tls1_setup_key_block()\n"); + fprintf(stderr,"tls1_setup_key_block()\n"); #endif /* KSSL_DEBUG */ if (s->s3->tmp.key_block_length != 0) @@ -763,7 +763,7 @@ int tls1_enc(SSL *s, int send) } #ifdef KSSL_DEBUG - printf("tls1_enc(%d)\n", send); + fprintf(stderr,"tls1_enc(%d)\n", send); #endif /* KSSL_DEBUG */ if ((s->session == NULL) || (ds == NULL) || (enc == NULL)) @@ -835,18 +835,18 @@ int tls1_enc(SSL *s, int send) #ifdef KSSL_DEBUG { unsigned long ui; - printf("EVP_Cipher(ds=%p,rec->data=%p,rec->input=%p,l=%ld) ==>\n", + fprintf(stderr,"EVP_Cipher(ds=%p,rec->data=%p,rec->input=%p,l=%ld) ==>\n", ds,rec->data,rec->input,l); - printf("\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%d %d], %d iv_len\n", + fprintf(stderr,"\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%lu %lu], %d iv_len\n", ds->buf_len, ds->cipher->key_len, DES_KEY_SZ, DES_SCHEDULE_SZ, ds->cipher->iv_len); - printf("\t\tIV: "); - for (i=0; icipher->iv_len; i++) printf("%02X", ds->iv[i]); - printf("\n"); - printf("\trec->input="); - for (ui=0; uiinput[ui]); - printf("\n"); + fprintf(stderr,"\t\tIV: "); + for (i=0; icipher->iv_len; i++) fprintf(stderr,"%02X", ds->iv[i]); + fprintf(stderr,"\n"); + fprintf(stderr,"\trec->input="); + for (ui=0; uiinput[ui]); + fprintf(stderr,"\n"); } #endif /* KSSL_DEBUG */ @@ -871,9 +871,9 @@ int tls1_enc(SSL *s, int send) #ifdef KSSL_DEBUG { unsigned long i; - printf("\trec->data="); + fprintf(stderr,"\trec->data="); for (i=0; idata[i]); printf("\n"); + fprintf(stderr," %02x", rec->data[i]); fprintf(stderr,"\n"); } #endif /* KSSL_DEBUG */ @@ -1105,7 +1105,7 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, #ifdef KSSL_DEBUG - printf ("tls1_generate_master_secret(%p,%p, %p, %d)\n", s,out, p,len); + fprintf(stderr,"tls1_generate_master_secret(%p,%p, %p, %d)\n", s,out, p,len); #endif /* KSSL_DEBUG */ #ifdef TLSEXT_TYPE_opaque_prf_input @@ -1158,7 +1158,7 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, #endif #ifdef KSSL_DEBUG - printf ("tls1_generate_master_secret() complete\n"); + fprintf(stderr,"tls1_generate_master_secret() complete\n"); #endif /* KSSL_DEBUG */ return(SSL3_MASTER_SECRET_SIZE); } @@ -1173,7 +1173,7 @@ int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen, int rv; #ifdef KSSL_DEBUG - printf ("tls1_export_keying_material(%p,%p,%d,%s,%d,%p,%d)\n", s, out, olen, label, llen, context, contextlen); + fprintf(stderr,"tls1_export_keying_material(%p,%p,%lu,%s,%lu,%p,%lu)\n", s, out, olen, label, llen, context, contextlen); #endif /* KSSL_DEBUG */ buff = OPENSSL_malloc(olen); @@ -1236,7 +1236,7 @@ int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen, out,buff,olen); #ifdef KSSL_DEBUG - printf ("tls1_export_keying_material() complete\n"); + fprintf(stderr,"tls1_export_keying_material() complete\n"); #endif /* KSSL_DEBUG */ goto ret; err1: -- 2.34.1