| author | Michael Krelin <hacker@klever.net> | 2008-02-08 22:16:15 (UTC) |
|---|---|---|
| committer | Michael Krelin <hacker@klever.net> | 2008-02-08 22:16:15 (UTC) |
| commit | 16667a21c3052c89218d3e56098f0fc29dca2f1a (patch) (side-by-side diff) | |
| tree | 7154633a771b96da02cc4c980167b7ad92b6d27e /lib/basic_rp.cc | |
| parent | f2ba7be73a62d115f293f5d690efabcafd5fcf4f (diff) | |
| download | libopkele-16667a21c3052c89218d3e56098f0fc29dca2f1a.zip libopkele-16667a21c3052c89218d3e56098f0fc29dca2f1a.tar.gz libopkele-16667a21c3052c89218d3e56098f0fc29dca2f1a.tar.bz2 | |
minor fixes and making compiler a bit happier
Signed-off-by: Michael Krelin <hacker@klever.net>
| -rw-r--r-- | lib/basic_rp.cc | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/lib/basic_rp.cc b/lib/basic_rp.cc index bd45d99..a0ad130 100644 --- a/lib/basic_rp.cc +++ b/lib/basic_rp.cc @@ -1,3 +1,4 @@ +#include <cassert> #include <openssl/sha.h> #include <openssl/hmac.h> #include <opkele/basic_rp.h> @@ -25,7 +26,8 @@ namespace opkele { throw exception_openssl(OPKELE_CP_ "failed to DH_compute_key()"); if(cklen && (*ckptr)&0x80) { (*(--ckptr))=0; ++cklen; } - unsigned char key_digest[d_len]; + assert(d_len<=SHA256_DIGEST_LENGTH); + unsigned char key_digest[SHA256_DIGEST_LENGTH]; secret.enxor_from_base64((*d_fun)(ckptr,cklen,key_digest),om.get_field("enc_mac_key")); if(secret.size()!=exp_s_len) throw bad_input(OPKELE_CP_ "Secret length isn't consistent with association type"); @@ -78,7 +80,7 @@ namespace opkele { "HMAC-SHA256", "DH-SHA256", dh, SHA256_DIGEST_LENGTH, SHA256, SHA256_DIGEST_LENGTH ); expires_in = util::string_to_long(res.get_field("expires_in")); - }catch(exception& e) { + }catch(exception&) { try { req.set_field("assoc_type","HMAC-SHA1"); req.set_field("session_type","DH-SHA1"); @@ -87,7 +89,7 @@ namespace opkele { "HMAC-SHA1", "DH-SHA1", dh, SHA_DIGEST_LENGTH, SHA1, SHA_DIGEST_LENGTH ); expires_in = util::string_to_long(res.get_field("expires_in")); - }catch(bad_input& e) { + }catch(bad_input&) { throw dumb_RP(OPKELE_CP_ "OP failed to supply an association"); } } @@ -234,7 +236,7 @@ namespace opkele { static const char *mustsign[] = { "op_endpoint", "return_to", "response_nonce", "assoc_handle", "claimed_id", "identity" }; - for(int ms=0;ms<(sizeof(mustsign)/sizeof(*mustsign));++ms) { + for(size_t ms=0;ms<(sizeof(mustsign)/sizeof(*mustsign));++ms) { if(om.has_field(mustsign[ms]) && !signeds.has_field(mustsign[ms])) throw bad_input(OPKELE_CP_ string("Field '")+mustsign[ms]+"' is not signed against the specs"); } |