Fix some implicit truncations in the interaction with OpenSSL APIs

Summary: MSVC has the ability to warn about implicit truncations and places where implicit sign coercions are occuring, so do some cleanup to make it possible to compile with the warnings enabled.

Reviewed By: yfeldblum

Differential Revision: D4288028

fbshipit-source-id: f8330c62b2dcb76f696dfc47888f0e3e1eefc21a

diff --git a/folly/io/async/SSLContext.cpp b/folly/io/async/SSLContext.cpp
index a8cf72de2895e514c6a14888c494e2c15c9b8ff9..cd7ad6e433729fd2be8982877e210c386081e118 100644 (file)
--- a/folly/io/async/SSLContext.cpp
+++ b/folly/io/async/SSLContext.cpp
@@ -278,7 +278,7 @@ void SSLContext::loadCertificateFromBufferPEM(folly::StringPiece cert) {
     throw std::runtime_error("BIO_new: " + getErrors());
   }
 
-  int written = BIO_write(bio.get(), cert.data(), cert.size());
+  int written = BIO_write(bio.get(), cert.data(), int(cert.size()));
   if (written <= 0 || static_cast<unsigned>(written) != cert.size()) {
     throw std::runtime_error("BIO_write: " + getErrors());
   }
@@ -318,7 +318,7 @@ void SSLContext::loadPrivateKeyFromBufferPEM(folly::StringPiece pkey) {
     throw std::runtime_error("BIO_new: " + getErrors());
   }
 
-  int written = BIO_write(bio.get(), pkey.data(), pkey.size());
+  int written = BIO_write(bio.get(), pkey.data(), int(pkey.size()));
   if (written <= 0 || static_cast<unsigned>(written) != pkey.size()) {
     throw std::runtime_error("BIO_write: " + getErrors());
   }
@@ -517,12 +517,12 @@ bool SSLContext::setRandomizedAdvertisedNextProtocols(
     advertised_item.length = 0;
     for (const auto& proto : item.protocols) {
       ++advertised_item.length;
-      unsigned protoLength = proto.length();
+      auto protoLength = proto.length();
       if (protoLength >= 256) {
         deleteNextProtocolsStrings();
         return false;
       }
-      advertised_item.length += protoLength;
+      advertised_item.length += unsigned(protoLength);
     }
     advertised_item.protocols = new unsigned char[advertised_item.length];
     if (!advertised_item.protocols) {
@@ -530,7 +530,7 @@ bool SSLContext::setRandomizedAdvertisedNextProtocols(
     }
     unsigned char* dst = advertised_item.protocols;
     for (auto& proto : item.protocols) {
-      unsigned protoLength = proto.length();
+      uint8_t protoLength = uint8_t(proto.length());
       *dst++ = (unsigned char)protoLength;
       memcpy(dst, proto.data(), protoLength);
       dst += protoLength;
@@ -715,7 +715,7 @@ int SSLContext::passwordCallback(char* password,
   std::string userPassword;
   // call user defined password collector to get password
   context->passwordCollector()->getPassword(userPassword, size);
-  int length = userPassword.size();
+  auto length = int(userPassword.size());
   if (length > size) {
     length = size;
   }

diff --git a/folly/io/async/ssl/OpenSSLUtils.cpp b/folly/io/async/ssl/OpenSSLUtils.cpp
index 7d38cc3af591ee441fc29aaacecea3f029bf7bc9..b2e9d8cb5dec2e938849feecbe5b9a282704726d 100644 (file)
--- a/folly/io/async/ssl/OpenSSLUtils.cpp
+++ b/folly/io/async/ssl/OpenSSLUtils.cpp
@@ -169,7 +169,7 @@ static std::unordered_map<uint16_t, std::string> getOpenSSLCipherNames() {
   };
 
   STACK_OF(SSL_CIPHER)* sk = SSL_get_ciphers(ssl);
-  for (size_t i = 0; i < (size_t)sk_SSL_CIPHER_num(sk); i++) {
+  for (int i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
     const SSL_CIPHER* c = sk_SSL_CIPHER_value(sk, i);
     unsigned long id = SSL_CIPHER_get_id(c);
     // OpenSSL 1.0.2 and prior does weird things such as stuff the SSL/TLS

diff --git a/folly/ssl/OpenSSLHash.h b/folly/ssl/OpenSSLHash.h
index e3ea65bc76ec899fe976507b5552247d6667eb6c..3a568806811b827dc40e6595d2898a26276ee49b 100644 (file)
--- a/folly/ssl/OpenSSLHash.h
+++ b/folly/ssl/OpenSSLHash.h
@@ -106,7 +106,7 @@ class OpenSSLHash {
     void hash_init(const EVP_MD* md, ByteRange key) {
       md_ = md;
       check_libssl_result(
-          1, HMAC_Init_ex(&ctx_, key.data(), key.size(), md_, nullptr));
+          1, HMAC_Init_ex(&ctx_, key.data(), int(key.size()), md_, nullptr));
     }
     void hash_update(ByteRange data) {
       check_libssl_result(1, HMAC_Update(&ctx_, data.data(), data.size()));
@@ -121,7 +121,7 @@ class OpenSSLHash {
       check_out_size(size, out);
       unsigned int len = 0;
       check_libssl_result(1, HMAC_Final(&ctx_, out.data(), &len));
-      check_libssl_result(size, len);
+      check_libssl_result(size, int(len));
       md_ = nullptr;
     }
    private:

diff --git a/folly/ssl/detail/SSLSessionImpl.cpp b/folly/ssl/detail/SSLSessionImpl.cpp
index d93fcaf96cafc9ca2016e75f891b50b17e266425..4154c3b10f6217759008f8962377706a7943791d 100644 (file)
--- a/folly/ssl/detail/SSLSessionImpl.cpp
+++ b/folly/ssl/detail/SSLSessionImpl.cpp
@@ -40,8 +40,8 @@ SSLSessionImpl::SSLSessionImpl(SSL_SESSION* session, bool takeOwnership)
 SSLSessionImpl::SSLSessionImpl(const std::string& serializedSession) {
   auto sessionData =
       reinterpret_cast<const unsigned char*>(serializedSession.data());
-  if ((session_ = d2i_SSL_SESSION(
-           nullptr, &sessionData, serializedSession.length())) == nullptr) {
+  auto longLen = long(serializedSession.length());
+  if ((session_ = d2i_SSL_SESSION(nullptr, &sessionData, longLen)) == nullptr) {
     throw std::runtime_error("Cannot deserialize SSLSession string");
   }
 }