Merge pull request #4205 from sysown/v2.x-ssl3_warnings2

Fixes several compiler warnings - DO NOT MERGE
sysown · May 9, 2023 · 2f016dd · 2f016dd
2 parents 46d4f8b + 65f7e20
commit 2f016dd
Show file tree

Hide file tree

Showing 7 changed files with 48 additions and 65 deletions.
diff --git a/include/MySQL_Thread.h b/include/MySQL_Thread.h
@@ -122,7 +122,7 @@ enum MySQL_Thread_status_variable {
 	st_var_END
 };
 
-class MySQL_Thread
+class __attribute__((aligned(64))) MySQL_Thread
 {
 	private:
 	unsigned int servers_table_version_previous;

diff --git a/include/proxysql_glovars.hpp b/include/proxysql_glovars.hpp
@@ -26,22 +26,25 @@ inline void replace_checksum_zeros(char* checksum) {
 	}
 }
 
+#ifndef ProxySQL_Checksum_Value_LENGTH
+#define ProxySQL_Checksum_Value_LENGTH 20
+#endif
 class ProxySQL_Checksum_Value {
 	public:
 	char *checksum;
 	unsigned long long version;
 	unsigned long long epoch;
 	bool in_shutdown;
 	ProxySQL_Checksum_Value() {
-		checksum = (char *)malloc(20);
-		memset(checksum,0,20);
+		checksum = (char *)malloc(ProxySQL_Checksum_Value_LENGTH);
+		memset(checksum,0,ProxySQL_Checksum_Value_LENGTH);
 		version = 0;
 		epoch = 0;
 		in_shutdown = false;
 	}
 	void set_checksum(char *c) {
-		memset(checksum,0,20);
-		strncpy(checksum,c,18);
+		memset(checksum,0,ProxySQL_Checksum_Value_LENGTH);
+		strncpy(checksum,c,ProxySQL_Checksum_Value_LENGTH);
 		replace_checksum_zeros(checksum);
 	}
 	~ProxySQL_Checksum_Value() {

diff --git a/lib/MySQL_HostGroups_Manager.cpp b/lib/MySQL_HostGroups_Manager.cpp
@@ -1863,7 +1863,7 @@ bool MySQL_HostGroups_Manager::commit(
 	{
 		uint64_t hash1 = 0, hash2 = 0;
 		SpookyHash myhash;
-		char buf[80];
+		char buf[ProxySQL_Checksum_Value_LENGTH];
 		bool init = false;
 		{
 			mydb->execute("DELETE FROM mysql_servers");
@@ -4762,7 +4762,7 @@ void MySQL_HostGroups_Manager::read_only_action_v2(const std::list<read_only_ser
 				myhash.Final(&hash, &hash2);
 			}
 
-			char buf[80];
+			char buf[ProxySQL_Checksum_Value_LENGTH];
 			uint32_t d32[2];
 			memcpy(&d32, &hash, sizeof(hash));
 			sprintf(buf, "0x%0X%0X", d32[0], d32[1]);

diff --git a/lib/MySQL_Protocol.cpp b/lib/MySQL_Protocol.cpp
@@ -138,21 +138,29 @@ static inline int write_encoded_length_and_string(unsigned char *p, uint64_t val
 
 void proxy_compute_sha1_hash_multi(uint8_t *digest, const char *buf1, int len1, const char *buf2, int len2) {
   PROXY_TRACE();
-
-  SHA_CTX sha1_context;
-  SHA1_Init(&sha1_context);
-  SHA1_Update(&sha1_context, buf1, len1);
-  SHA1_Update(&sha1_context, buf2, len2);
-  SHA1_Final(digest, &sha1_context);
+	const EVP_MD *evp_digest = EVP_get_digestbyname("sha1");
+	assert(evp_digest != NULL);
+	EVP_MD_CTX *ctx = EVP_MD_CTX_new();
+	EVP_MD_CTX_init(ctx);
+	EVP_DigestInit_ex(ctx, evp_digest, NULL);
+	EVP_DigestUpdate(ctx, buf1, len1);
+	EVP_DigestUpdate(ctx, buf2, len2);
+	unsigned int olen = 0;
+	EVP_DigestFinal(ctx, digest, &olen);
+	EVP_MD_CTX_free(ctx);
 }
 
 void proxy_compute_sha1_hash(uint8_t *digest, const char *buf, int len) {
   PROXY_TRACE();
-
-  SHA_CTX sha1_context;
-  SHA1_Init(&sha1_context);
-  SHA1_Update(&sha1_context, buf, len);
-  SHA1_Final(digest, &sha1_context);
+	const EVP_MD *evp_digest = EVP_get_digestbyname("sha1");
+	assert(evp_digest != NULL);
+	EVP_MD_CTX *ctx = EVP_MD_CTX_new();
+	EVP_MD_CTX_init(ctx);
+	EVP_DigestInit_ex(ctx, evp_digest, NULL);
+	EVP_DigestUpdate(ctx, buf, len);
+	unsigned int olen = 0;
+	EVP_DigestFinal(ctx, digest, &olen);
+	EVP_MD_CTX_free(ctx);
 }
 
 void proxy_compute_two_stage_sha1_hash(const char *password, size_t pass_len, uint8_t *hash_stage1, uint8_t *hash_stage2) {
@@ -2120,26 +2128,22 @@ bool MySQL_Protocol::process_pkt_handshake_response(unsigned char *pkt, unsigned
 						unhex_pass(hash_stage2,sha1_2);
 */
 						proxy_debug(PROXY_DEBUG_MYSQL_AUTH, 5, "Session=%p , DS=%p , username='%s' , session_type=%d\n", (*myds), (*myds)->sess, user, session_type);
-						uint8_t hash_stage1[SHA_DIGEST_LENGTH];
-						uint8_t hash_stage2[SHA_DIGEST_LENGTH];
-						SHA_CTX sha1_context;
-						SHA1_Init(&sha1_context);
-						SHA1_Update(&sha1_context, pass, pass_len);
-						SHA1_Final(hash_stage1, &sha1_context);
-						SHA1_Init(&sha1_context);
-						SHA1_Update(&sha1_context,hash_stage1,SHA_DIGEST_LENGTH);
-						SHA1_Final(hash_stage2, &sha1_context);
-						char *double_hashed_password = sha1_pass_hex((char *)hash_stage2); // note that sha1_pass_hex() returns a new buffer
+						unsigned char md1_buf[SHA_DIGEST_LENGTH];
+						unsigned char md2_buf[SHA_DIGEST_LENGTH];
+						SHA1(pass,pass_len,md1_buf);
+						SHA1(md1_buf,SHA_DIGEST_LENGTH,md2_buf);
+
+						char *double_hashed_password = sha1_pass_hex((char *)md2_buf); // note that sha1_pass_hex() returns a new buffer
 
 						if (strcasecmp(double_hashed_password,password)==0) {
 							ret = true;
 							if (sha1_pass==NULL) {
 								// currently proxysql doesn't know any sha1_pass for that specific user, let's set it!
-								GloMyAuth->set_SHA1((char *)user, USERNAME_FRONTEND,hash_stage1);
+								GloMyAuth->set_SHA1((char *)user, USERNAME_FRONTEND,md1_buf);
 							}
 							if (userinfo->sha1_pass)
 								free(userinfo->sha1_pass);
-							userinfo->sha1_pass=sha1_pass_hex((char *)hash_stage1);
+							userinfo->sha1_pass=sha1_pass_hex((char *)md1_buf);
 						} else {
 							ret = false;
 						}

diff --git a/lib/MySQL_Session.cpp b/lib/MySQL_Session.cpp
@@ -6439,7 +6439,7 @@ bool MySQL_Session::handler___status_WAITING_CLIENT_DATA___STATE_SLEEP___MYSQL_C
 					// try case listed in #1373
 					// SET  @@SESSION.sql_mode = CONCAT(CONCAT(@@sql_mode, ',STRICT_ALL_TABLES'), ',NO_AUTO_VALUE_ON_ZERO'),  @@SESSION.sql_auto_is_null = 0, @@SESSION.wait_timeout = 2147483
 					// this is not a complete solution. A right solution involves true parsing
-					int query_no_space_length = nq.length();
+					size_t query_no_space_length = nq.length();
 					char *query_no_space=(char *)malloc(query_no_space_length+1);
 					memcpy(query_no_space,nq.c_str(),query_no_space_length);
 					query_no_space[query_no_space_length]='\0';

diff --git a/lib/ProxySQL_Admin.cpp b/lib/ProxySQL_Admin.cpp
@@ -3682,7 +3682,7 @@ void admin_session_handler(MySQL_Session *sess, void *_pa, PtrSize_t *pkt) {
 		if (!strncasecmp("LOGENTRY ", query_no_space, strlen("LOGENTRY "))) {
 			proxy_debug(PROXY_DEBUG_ADMIN, 4, "Received command LOGENTRY: %s\n", query_no_space + strlen("LOGENTRY "));
 			proxy_info("Received command LOGENTRY: %s\n", query_no_space + strlen("LOGENTRY "));
-			SPA->send_MySQL_OK(&sess->client_myds->myprot, NULL, NULL);
+			SPA->send_MySQL_OK(&sess->client_myds->myprot, NULL, 0);
 			run_query=false;
 			goto __run_query;
 		 }
@@ -7468,7 +7468,7 @@ bool ProxySQL_Admin::ProxySQL_Test___Verify_mysql_query_rules_fast_routing(
 	vector<fast_routing_hashmap_t> th_hashmaps {};
 
 	if (maps_per_thread) {
-		for (uint32_t i = 0; i < ths; i++) {
+		for (int i = 0; i < ths; i++) {
 			th_hashmaps.push_back(GloQPro->create_fast_routing_hashmap(resultset2));
 		}
 	}
@@ -7505,7 +7505,7 @@ bool ProxySQL_Admin::ProxySQL_Test___Verify_mysql_query_rules_fast_routing(
 	unsigned long long curtime1 = monotonic_time() / 1000;
 	std::vector<std::thread> workers {};
 
-	for (uint32_t i = 0; i < ths; i++) {
+	for (int i = 0; i < ths; i++) {
 		khash_t(khStrInt)* hashmap = maps_per_thread ? th_hashmaps[i].rules_fast_routing : nullptr;
 		workers.push_back(std::thread(perform_searches, hashmap, resultset, i, lock));
 	}
@@ -7525,7 +7525,7 @@ bool ProxySQL_Admin::ProxySQL_Test___Verify_mysql_query_rules_fast_routing(
 			for (int i=1 ; i < cnt; i++) {
 				std::vector<std::thread> workers {};
 
-				for (uint32_t i = 0; i < ths; i++) {
+				for (int i = 0; i < ths; i++) {
 					khash_t(khStrInt)* hashmap = maps_per_thread ? th_hashmaps[i].rules_fast_routing : nullptr;
 					workers.push_back(std::thread(perform_searches, hashmap, resultset, i, lock));
 				}
@@ -11141,16 +11141,12 @@ SQLite3_result* ProxySQL_Admin::__add_active_users(
 					if (r->fields[1][0]=='*') { // the password is already hashed
 						password=strdup(r->fields[1]);
 					} else { // we must hash it
-						uint8 hash_stage1[SHA_DIGEST_LENGTH];
-						uint8 hash_stage2[SHA_DIGEST_LENGTH];
-						SHA_CTX sha1_context;
-						SHA1_Init(&sha1_context);
-						SHA1_Update(&sha1_context, r->fields[1], strlen(r->fields[1]));
-						SHA1_Final(hash_stage1, &sha1_context);
-						SHA1_Init(&sha1_context);
-						SHA1_Update(&sha1_context,hash_stage1,SHA_DIGEST_LENGTH);
-						SHA1_Final(hash_stage2, &sha1_context);
-						password=sha1_pass_hex((char *)hash_stage2); // note that sha1_pass_hex() returns a new buffer
+						unsigned char md1_buf[SHA_DIGEST_LENGTH];
+						unsigned char md2_buf[SHA_DIGEST_LENGTH];
+						SHA1((const unsigned char *)r->fields[1], strlen(r->fields[1]),md1_buf);
+						SHA1(md1_buf,SHA_DIGEST_LENGTH,md2_buf);
+
+						password=sha1_pass_hex((char *)md2_buf); // note that sha1_pass_hex() returns a new buffer
 					}
 				} else {
 					password=strdup((char *)""); // we also generate a new string if hash_passwords is set

diff --git a/src/proxy_tls.cpp b/src/proxy_tls.cpp
@@ -1,25 +1,5 @@
-//#include <iostream>
-//#include <thread>
 #include "proxysql.h"
-
-//#include <sys/types.h>
-//#include <sys/stat.h>
-
 #include "cpp.h"
-
-//#include "ProxySQL_Statistics.hpp"
-//#include "MySQL_PreparedStatement.h"
-//#include "ProxySQL_Cluster.hpp"
-//#include "MySQL_Logger.hpp"
-//#include "SQLite3_Server.h"
-//#include "query_processor.h"
-//#include "MySQL_Authentication.hpp"
-//#include "MySQL_LDAP_Authentication.hpp"
-//#include "proxysql_restapi.h"
-//#include "Web_Interface.hpp"
-
-
-
 #include <openssl/x509v3.h>
 
 static long