Merge pull request Mbed-TLS#4 from hanno-arm/tls13-prototype_remove_c…

…ompiler_warnings

Fix compiler warnings in out-of-box compilation

include/mbedtls/ssl.h

@@ -156,14 +156,14 @@
  /* List of extensions used in ssl_internal.h / extensions_present in mbedtls_ssl_handshake_params */
 #define NO_EXTENSION 0
 #define PRE_SHARED_KEY_EXTENSION 1
-#define KEY_SHARE_EXTENSION 2 
+#define KEY_SHARE_EXTENSION 2
 #define SIGNATURE_ALGORITHM_EXTENSION 4
 #define SUPPORTED_GROUPS_EXTENSION 8
-#define MAX_FRAGMENT_LENGTH_EXTENSION 16 
+#define MAX_FRAGMENT_LENGTH_EXTENSION 16
 #define ALPN_EXTENSION 32
-#define SUPPORTED_VERSION_EXTENSION 64 
+#define SUPPORTED_VERSION_EXTENSION 64
 #define PSK_KEY_EXCHANGE_MODES_EXTENSION 128
-#define EARLY_DATA_EXTENSION 256 
+#define EARLY_DATA_EXTENSION 256
 #define SERVERNAME_EXTENSION 512
 #define COOKIE_EXTENSION 1024
 #define CID_EXTENSION 2048
@@ -428,7 +428,7 @@
 #define MBEDTLS_SSL_MSG_APPLICATION_DATA       23
 #define MBEDTLS_SSL_MSG_CID                    25
 #define MBEDTLS_SSL_MSG_ACK                    26
-#define MBEDTLS_SSL_MSG_TLS_CID                25 // OLD CID Implementation 
+#define MBEDTLS_SSL_MSG_TLS_CID                25 // OLD CID Implementation
 
 #define MBEDTLS_SSL_ALERT_LEVEL_WARNING         1
 #define MBEDTLS_SSL_ALERT_LEVEL_FATAL           2
@@ -498,7 +498,7 @@
 #define MBEDTLS_TLS_EXT_TRUNCATED_HMAC               4
 
 #define MBEDTLS_TLS_EXT_SUPPORTED_ELLIPTIC_CURVES   10
-#define MBEDTLS_TLS_EXT_SUPPORTED_GROUPS   10 // Renamed in TLS 1.3 
+#define MBEDTLS_TLS_EXT_SUPPORTED_GROUPS   10 // Renamed in TLS 1.3
 
 #define MBEDTLS_TLS_EXT_SUPPORTED_POINT_FORMATS     11
 
@@ -512,7 +512,7 @@
 #define MBEDTLS_TLS_EXT_SESSION_TICKET              35
 
  /* TLS 1.3 */
-#define MBEDTLS_TLS_EXT_KEY_SHARES                 51 
+#define MBEDTLS_TLS_EXT_KEY_SHARES                 51
 #define MBEDTLS_TLS_EXT_PRE_SHARED_KEY             41
 #define MBEDTLS_TLS_EXT_EARLY_DATA                 42
 #define MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS         43
@@ -609,7 +609,7 @@ extern "C" {
         MBEDTLS_SSL_EARLY_APP_DATA
     }
     mbedtls_ssl_states;
-#else 
+#else
 /*
  * SSL state machine
  */
@@ -763,7 +763,7 @@ typedef int mbedtls_ssl_get_timer_t( void * ctx );
 typedef struct mbedtls_ssl_session mbedtls_ssl_session;
 typedef struct mbedtls_ssl_context mbedtls_ssl_context;
 typedef struct mbedtls_ssl_config  mbedtls_ssl_config;
-#if defined(MBEDTLS_SSL_PROTO_TLS1_3) 
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
 typedef struct mbedtls_ssl_ticket  mbedtls_ssl_ticket;
 #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
 
@@ -1062,12 +1062,12 @@ typedef struct KeySet {
 #endif /* MBEDTLS_SSL_PROTO_DTLS */
 	unsigned char iv[12];
 
-	/* The [sender]_sn_key is indirectly used to 
-	 * encrypt the sequence number in the record layer. 
+	/* The [sender]_sn_key is indirectly used to
+	 * encrypt the sequence number in the record layer.
 	 *
-	 * The client_sn_key is used to encrypt the 
-	 * sequence number for outgoing transmission. 
-	 * server_sn_key is used for incoming payloads. 
+	 * The client_sn_key is used to encrypt the
+	 * sequence number for outgoing transmission.
+	 * server_sn_key is used for incoming payloads.
 	 */
 	unsigned char *server_sn_key;
 	unsigned char *client_sn_key;
@@ -1131,7 +1131,7 @@ struct mbedtls_ssl_session
 
 #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
 #if defined(MBEDTLS_SSL_NEW_SESSION_TICKET) && defined(MBEDTLS_SSL_CLI_C)
-// TBD: Replace fields by ticket structure 
+// TBD: Replace fields by ticket structure
 // We currently only store a single ticket on the client size
     unsigned char* ticket;      /*!< TLS 1.3 session ticket acting as psk identity */
     size_t ticket_len;          /*!< ticket length   */
@@ -1171,7 +1171,7 @@ struct mbedtls_ssl_session
  *    1  -- MBEDTLS_SSL_EARLY_DATA_ENABLED (for use early data)
  */
     int process_early_data; /*!< Indication about using early data or not on the server side */
-#endif 
+#endif
 
 #if defined(MBEDTLS_CID)
     unsigned int cid;           /*!< flag about CID usage           */
@@ -1249,20 +1249,20 @@ struct mbedtls_ssl_config
     void *p_cookie;                 /*!< context for the cookie callbacks   */
 
 #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
-    unsigned int rr_config; 
+    unsigned int rr_config;
 #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
 
 #endif
 
-#if ((defined(MBEDTLS_SSL_SESSION_TICKETS) || (defined(MBEDTLS_SSL_NEW_SESSION_TICKET) && defined(MBEDTLS_SSL_PROTO_TLS1_3)) ) && defined(MBEDTLS_SSL_SRV_C)) 
+#if ((defined(MBEDTLS_SSL_SESSION_TICKETS) || (defined(MBEDTLS_SSL_NEW_SESSION_TICKET) && defined(MBEDTLS_SSL_PROTO_TLS1_3)) ) && defined(MBEDTLS_SSL_SRV_C))
     /** Callback to create & write a session ticket                         */
 #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
     int(*f_ticket_write)(void*, const mbedtls_ssl_ticket*,
         unsigned char*, const unsigned char*, size_t*, uint32_t*, TicketFlags*);
     /** Callback to parse a session ticket into a session structure         */
     int(*f_ticket_parse)(void*, mbedtls_ssl_ticket*, unsigned char*, size_t);
     void* p_ticket;                 /*!< context for the ticket callbacks   */
-#else 
+#else
     int (*f_ticket_write)( void *, const mbedtls_ssl_session *,
             unsigned char *, const unsigned char *, size_t *, uint32_t * );
     /** Callback to parse a session ticket into a session structure         */
@@ -1381,7 +1381,7 @@ struct mbedtls_ssl_config
       *   1  -- MBEDTLS_SSL_EARLY_DATA_ENABLED (for use early data)
       */
     int early_data;
-    // Pointer to early data buffer 
+    // Pointer to early data buffer
     char* early_data_buf;
     // Length of early data
     unsigned int early_data_len;
@@ -2327,7 +2327,7 @@ typedef int mbedtls_ssl_ticket_write_t(void* p_ticket,
     size_t* tlen,
     uint32_t* lifetime, TicketFlags* flags);
 
-#else 
+#else
 
 /**
  * \brief           Callback type: generate and write session ticket
@@ -2448,7 +2448,7 @@ typedef int mbedtls_ssl_ticket_parse_t(void* p_ticket,
     mbedtls_ssl_ticket* session,
     unsigned char* buf,
     size_t len);
-#else 
+#else
 /**
  * \brief           Callback type: parse and load session ticket
  *
@@ -2688,14 +2688,14 @@ typedef int mbedtls_ssl_cookie_check_t( void *ctx,
  * \param f_cookie_write    Cookie write callback
  * \param f_cookie_check    Cookie check callback
  * \param p_cookie          Context for both callbacks
- * \param rr_config         Determines whether a return-routability check is enforced
+ * \param rr_conf           Determines whether a return-routability check is enforced
  */
 void mbedtls_ssl_conf_cookies(mbedtls_ssl_config* conf,
     mbedtls_ssl_cookie_write_t* f_cookie_write,
     mbedtls_ssl_cookie_check_t* f_cookie_check,
     void* p_cookie,
     unsigned int rr_conf);
-#else 
+#else
 /**
  * \brief           Register callbacks for DTLS cookies
  *                  (Server only. DTLS only.)
@@ -3241,16 +3241,16 @@ int mbedtls_ssl_conf_ke(mbedtls_ssl_config* conf,
 #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
 
 /**
-* \brief Set meta-data for server-provided tickets
+* \brief Set meta-data for server-provided tickets.
 *
 * \note This function is used in context of tickets since the
-*       ticket_age_add value is provided by the server-side.
+*       \p ticket_age_add value is provided by the server-side.
 *       Furthermore, we also need to record the time the ticket
 *       was obtained.
 *
-* \param conf     SSL configuration
-* \param ticket_age_add    ticket age add value
-* \param start    time when the ticket was received
+* \param conf             The SSL configuration to use.
+* \param ticket_age_add   The ticket age add value.
+* \param ticket_received  The time when the ticket was received.
 *
 */
 
@@ -4170,7 +4170,7 @@ const char *mbedtls_ssl_get_version( const mbedtls_ssl_context *ssl );
  *                 enabled, which makes expansion much less predictable
  */
 int mbedtls_ssl_get_record_expansion(const mbedtls_ssl_context* ssl, int direction);
-#else 
+#else
 /**
  * \brief          Return the (maximum) number of bytes added by the record
  *                 layer: header + encryption/MAC overhead (inc. padding)

include/mbedtls/ssl_ciphersuites.h

@@ -39,7 +39,7 @@ extern "C" {
 #endif
 
 /*
- * Supported ciphersuites (Official IANA names) 
+ * Supported ciphersuites (Official IANA names)
  */
 #define MBEDTLS_TLS_RSA_WITH_NULL_MD5                    0x01   /**< Weak! */
 #define MBEDTLS_TLS_RSA_WITH_NULL_SHA                    0x02   /**< Weak! */
@@ -287,11 +287,11 @@ extern "C" {
 #define MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256     0xCCAE /**< TLS 1.2 */
 
 /*
- * Supported ciphersuites (Official IANA names) for TLS / DTLS 1.3 
+ * Supported ciphersuites (Official IANA names) for TLS / DTLS 1.3
  */
 #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
-#define TLS_AES_128_GCM_SHA256                                0x1301 
-#define TLS_AES_256_GCM_SHA384                                0x1302 
+#define TLS_AES_128_GCM_SHA256                                0x1301
+#define TLS_AES_256_GCM_SHA384                                0x1302
 #define TLS_CHACHA20_POLY1305_SHA256                          0x1303
 #define TLS_AES_128_CCM_SHA256                                0x1304
 #define TLS_AES_128_CCM_8_SHA256                              0x1305
@@ -412,10 +412,10 @@ struct mbedtls_ssl_ciphersuite_t
     const char * name;
 
     mbedtls_cipher_type_t cipher;
-    /* For TLS 1.3 we use this field to populate it with the hash function 
+    /* For TLS 1.3 we use this field to populate it with the hash function
      * (instead of a MAC).
      */
-    mbedtls_md_type_t mac; 
+    mbedtls_md_type_t mac;
     /* In TLS 1.3 we do not make use of this key_exchange field. */
     mbedtls_key_exchange_type_t key_exchange;
 
@@ -441,7 +441,7 @@ const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuit
 *
 * \return          Size of output in bytes, -1 in case of error
 */
-int mbedtls_hash_size_for_ciphersuite(const mbedtls_ssl_ciphersuite_t* ciphersuite);
+unsigned int mbedtls_hash_size_for_ciphersuite(const mbedtls_ssl_ciphersuite_t* ciphersuite);
 #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
 
 #if defined(MBEDTLS_PK_C)

include/mbedtls/ssl_internal.h

@@ -106,7 +106,7 @@
 #else
 #if defined(MBEDTLS_SSL_PROTO_TLS1_2)
 #define MBEDTLS_SSL_MAX_MINOR_VERSION           MBEDTLS_SSL_MINOR_VERSION_3
-#else 
+#else
 #if defined(MBEDTLS_SSL_PROTO_TLS1_1)
 #define MBEDTLS_SSL_MAX_MINOR_VERSION           MBEDTLS_SSL_MINOR_VERSION_2
 #else
@@ -359,7 +359,7 @@ struct mbedtls_ssl_handshake_params
     mbedtls_ecdh_context ecdh_ctx[MBEDTLS_SSL_MAX_KEY_SHARES]; /*!<  ECDH key exchange       */
     int ecdh_ctx_selected; /*!< Selected ECDHE context */
     int ecdh_ctx_max; /* !< Maximum number of used structures */
-#else 
+#else
     mbedtls_ecdh_context ecdh_ctx;              /*!<  ECDH key exchange       */
 #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
 
@@ -417,16 +417,16 @@ struct mbedtls_ssl_handshake_params
     mbedtls_pk_context peer_pubkey;     /*!< The public key from the peer.  */
 #endif /* MBEDTLS_X509_CRT_PARSE_C && !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
 
-#if (defined(MBEDTLS_SSL_PROTO_DTLS) || defined(MBEDTLS_SSL_PROTO_TLS1_3)) 
-   /* Prior to TLS 1.3 cookies were only used with DTLS. In TLS 1.3 a cookie 
-    * mechanism has been introduced. 
+#if (defined(MBEDTLS_SSL_PROTO_DTLS) || defined(MBEDTLS_SSL_PROTO_TLS1_3))
+   /* Prior to TLS 1.3 cookies were only used with DTLS. In TLS 1.3 a cookie
+    * mechanism has been introduced.
     */
 
     unsigned char* verify_cookie;       /*!<  Cli: HelloVerifyRequest cookie
                                           Srv: unused                    */
 #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
     size_t verify_cookie_len;
-#else 
+#else
     unsigned char verify_cookie_len;    /*!<  Cli: cookie length
                                               Srv: flag for sending a cookie */
 #endif /* MBEDTLS_SSL_PROTO_TLS1_3*/
@@ -516,7 +516,7 @@ struct mbedtls_ssl_handshake_params
     void (*update_checksum)(mbedtls_ssl_context*, const unsigned char*, size_t);
     int (*calc_verify)(mbedtls_ssl_context*, unsigned char*, int);
     int(*calc_finished)(mbedtls_ssl_context*, unsigned char*, int);
-#else 
+#else
     void (*update_checksum)(mbedtls_ssl_context *, const unsigned char *, size_t);
     void (*calc_verify)(const mbedtls_ssl_context *, unsigned char *, size_t *);
     void (*calc_finished)(mbedtls_ssl_context *, unsigned char *, int);
@@ -613,7 +613,7 @@ struct mbedtls_ssl_handshake_params
 #if defined(MBEDTLS_ECDSA_C)
     unsigned char certificate_request_context_len;
     unsigned char* certificate_request_context;
-#endif 
+#endif
 
 #if defined(MBEDTLS_ECDH_C) && defined(MBEDTLS_SSL_CLI_C)
     /* This is the actual key share list we sent.
@@ -651,14 +651,14 @@ struct mbedtls_ssl_handshake_params
     int early_data;
 #endif /* MBEDTLS_ZERO_RTT */
 
-#else 
+#else
     size_t pmslen;                      /*!<  premaster length        */
 
     unsigned char premaster[MBEDTLS_PREMASTER_SIZE];
     /*!<  premaster secret        */
 #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
 
-    
+
     int resume;                         /*!<  session resume indicator*/
     int max_major_ver;                  /*!< max. major version client*/
     int max_minor_ver;                  /*!< max. minor version client*/
@@ -1098,7 +1098,7 @@ void mbedtls_ssl_handshake_wrapup(mbedtls_ssl_context* ssl);
 
 int mbedtls_ssl_send_fatal_handshake_failure(mbedtls_ssl_context* ssl);
 
-#else 
+#else
 int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl,
                              unsigned update_hs_digest );
 int mbedtls_ssl_fetch_input( mbedtls_ssl_context *ssl, size_t nb_want );
@@ -1112,7 +1112,7 @@ int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl );
 #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
 int ssl_read_certificate_process(mbedtls_ssl_context* ssl);
 int ssl_write_certificate_process(mbedtls_ssl_context* ssl);
-#else 
+#else
 int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl );
 int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl );
 #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
@@ -1123,7 +1123,7 @@ int mbedtls_ssl_write_change_cipher_spec( mbedtls_ssl_context *ssl );
 #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
 int ssl_finished_in_process(mbedtls_ssl_context* ssl);
 int ssl_finished_out_process(mbedtls_ssl_context* ssl);
-#else 
+#else
 int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl );
 int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl );
 #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
@@ -1185,7 +1185,7 @@ int ssl_parse_client_psk_identity_ext(mbedtls_ssl_context* ssl, const unsigned c
 #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
 
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
-#define MBEDTLS_SSL_ACK_RECORDS_SENT 0 
+#define MBEDTLS_SSL_ACK_RECORDS_SENT 0
 #define MBEDTLS_SSL_ACK_RECORDS_RECEIVED 1
 int mbedtls_ssl_parse_ack(mbedtls_ssl_context* ssl);
 int mbedtls_ssl_write_ack(mbedtls_ssl_context* ssl);
@@ -1277,9 +1277,13 @@ void mbedtls_ssl_read_version( int *major, int *minor, int transport,
                        const unsigned char ver[2] );
 
 
-#if defined(MBEDTLS_SSL_PROTO_TLS1_3) 
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
 static inline size_t mbedtls_ssl_hdr_len(const mbedtls_ssl_context* ssl, const int direction, mbedtls_ssl_transform* transform)
 {
+#if !defined(MBEDTLS_CID)
+    ((void) direction);
+#endif /* MBEDTLS_CID */
+
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
     if (ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
 
@@ -1300,7 +1304,7 @@ static inline size_t mbedtls_ssl_hdr_len(const mbedtls_ssl_context* ssl, const i
             len += ssl->out_cid_len;
         else
             len += ssl->in_cid_len;
-#endif /* MBEDTLS_CID */			
+#endif /* MBEDTLS_CID */
         return (len);
     }
     else
@@ -1312,7 +1316,7 @@ static inline size_t mbedtls_ssl_hdr_len(const mbedtls_ssl_context* ssl, const i
 #endif /* MBEDTLS_SSL_PROTO_DTLS */
     return(5); /* TLS 1.3 header */
 }
-#else 
+#else
 static inline size_t mbedtls_ssl_hdr_len(const mbedtls_ssl_context* ssl)
 {
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
@@ -1497,4 +1501,3 @@ void mbedtls_ssl_flight_free( mbedtls_ssl_flight_item *flight );
 #endif /* MBEDTLS_SSL_PROTO_DTLS */
 
 #endif /* ssl_internal.h */
-