summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--apps/apps.c3
-rw-r--r--apps/dh.c5
-rw-r--r--apps/dhparam.c5
-rw-r--r--apps/dsaparam.c9
-rw-r--r--apps/ec.c5
-rw-r--r--apps/ecparam.c5
-rw-r--r--apps/enc.c5
-rw-r--r--apps/gendh.c5
-rw-r--r--apps/gendsa.c5
-rw-r--r--apps/pkcs7.c5
-rw-r--r--apps/pkeyparam.c3
-rw-r--r--apps/rand.c5
-rw-r--r--apps/s_server.c5
-rw-r--r--apps/s_socket.c6
-rw-r--r--apps/speed.c9
-rw-r--r--apps/x509.c2
-rw-r--r--crypto/asn1/a_int.c3
-rw-r--r--crypto/asn1/n_pkey.c3
-rw-r--r--crypto/asn1/t_crl.c3
-rw-r--r--crypto/asn1/tasn_dec.c3
-rw-r--r--crypto/bio/bf_nbio.c2
-rw-r--r--crypto/bio/bio_lib.c4
-rw-r--r--crypto/bio/bss_acpt.c5
-rw-r--r--crypto/bn/bn_mul.c9
-rw-r--r--crypto/conf/conf_api.c2
-rw-r--r--crypto/conf/conf_def.c13
-rw-r--r--crypto/dsa/dsa_gen.c3
-rw-r--r--crypto/ecdh/ech_lib.c3
-rw-r--r--crypto/ecdsa/ecs_lib.c2
-rw-r--r--crypto/evp/encode.c3
-rw-r--r--crypto/hmac/hmac.c3
-rw-r--r--crypto/ocsp/ocsp_prn.c2
-rw-r--r--crypto/pem/pem_lib.c2
-rw-r--r--crypto/pem/pvkfmt.c10
-rw-r--r--crypto/pkcs7/pk7_doit.c3
-rw-r--r--crypto/pkcs7/pk7_lib.c2
-rw-r--r--crypto/pqueue/pqueue.c5
-rw-r--r--crypto/rand/randfile.c2
-rw-r--r--crypto/x509v3/pcy_tree.c3
-rw-r--r--engines/ccgost/gost_ameth.c4
-rw-r--r--engines/e_chil.c4
-rw-r--r--engines/e_cswift.c2
-rw-r--r--engines/e_ubsec.c2
-rw-r--r--ssl/d1_pkt.c5
-rw-r--r--ssl/s23_lib.c7
-rw-r--r--ssl/s2_srvr.c2
-rw-r--r--ssl/s3_enc.c3
-rw-r--r--ssl/ssl_asn1.c3
-rw-r--r--ssl/ssl_ciph.c6
-rw-r--r--ssl/ssl_lib.c15
-rw-r--r--ssl/ssltest.c3
-rw-r--r--ssl/t1_enc.c14
-rw-r--r--ssl/t1_lib.c9
53 files changed, 58 insertions, 193 deletions
diff --git a/apps/apps.c b/apps/apps.c
index 1439bb49da..3a3009d473 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -377,13 +377,12 @@ void program_name(char *in, char *out, int size)
int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[])
{
- int num,len,i;
+ int num,i;
char *p;
*argc=0;
*argv=NULL;
- len=strlen(buf);
i=0;
if (arg->count == 0)
{
diff --git a/apps/dh.c b/apps/dh.c
index e9609d630d..dee9c01fce 100644
--- a/apps/dh.c
+++ b/apps/dh.c
@@ -88,9 +88,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
DH *dh=NULL;
int i,badops=0,text=0;
BIO *in=NULL,*out=NULL;
@@ -189,7 +186,7 @@ bad:
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, engine, 0);
#endif
in=BIO_new(BIO_s_file());
diff --git a/apps/dhparam.c b/apps/dhparam.c
index 5fab29eb87..b47097cbb2 100644
--- a/apps/dhparam.c
+++ b/apps/dhparam.c
@@ -149,9 +149,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
DH *dh=NULL;
int i,badops=0,text=0;
#ifndef OPENSSL_NO_DSA
@@ -270,7 +267,7 @@ bad:
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, engine, 0);
#endif
if (g && !num)
diff --git a/apps/dsaparam.c b/apps/dsaparam.c
index 4305a739b3..fe72c1d3df 100644
--- a/apps/dsaparam.c
+++ b/apps/dsaparam.c
@@ -111,9 +111,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
DSA *dsa=NULL;
int i,badops=0,text=0;
BIO *in=NULL,*out=NULL;
@@ -278,7 +275,7 @@ bad:
}
#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, engine, 0);
#endif
if (need_rand)
@@ -357,12 +354,10 @@ bad:
if (C)
{
unsigned char *data;
- int l,len,bits_p,bits_q,bits_g;
+ int l,len,bits_p;
len=BN_num_bytes(dsa->p);
bits_p=BN_num_bits(dsa->p);
- bits_q=BN_num_bits(dsa->q);
- bits_g=BN_num_bits(dsa->g);
data=(unsigned char *)OPENSSL_malloc(len+20);
if (data == NULL)
{
diff --git a/apps/ec.c b/apps/ec.c
index 31194b48df..896eabc13f 100644
--- a/apps/ec.c
+++ b/apps/ec.c
@@ -85,9 +85,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
int ret = 1;
EC_KEY *eckey = NULL;
const EC_GROUP *group;
@@ -254,7 +251,7 @@ bad:
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, engine, 0);
#endif
if(!app_passwd(bio_err, passargin, passargout, &passin, &passout))
diff --git a/apps/ecparam.c b/apps/ecparam.c
index e9aa0a184a..465480bedd 100644
--- a/apps/ecparam.c
+++ b/apps/ecparam.c
@@ -129,9 +129,6 @@ int MAIN(int argc, char **argv)
char *infile = NULL, *outfile = NULL, *prog;
BIO *in = NULL, *out = NULL;
int informat, outformat, noout = 0, C = 0, ret = 1;
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
char *engine = NULL;
BIGNUM *ec_p = NULL, *ec_a = NULL, *ec_b = NULL,
@@ -340,7 +337,7 @@ bad:
}
#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, engine, 0);
#endif
if (list_curves)
diff --git a/apps/enc.c b/apps/enc.c
index 3c2c91e920..c28d8b1948 100644
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -101,9 +101,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
static const char magic[]="Salted__";
char mbuf[sizeof magic-1];
char *strbuf=NULL;
@@ -328,7 +325,7 @@ bad:
}
#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, engine, 0);
#endif
if (md && (dgst=EVP_get_digestbyname(md)) == NULL)
diff --git a/apps/gendh.c b/apps/gendh.c
index caa7327a10..4ec776ba93 100644
--- a/apps/gendh.c
+++ b/apps/gendh.c
@@ -89,9 +89,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
BN_GENCB cb;
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
DH *dh=NULL;
int ret=1,num=DEFBITS;
int g=2;
@@ -163,7 +160,7 @@ bad:
}
#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, engine, 0);
#endif
out=BIO_new(BIO_s_file());
diff --git a/apps/gendsa.c b/apps/gendsa.c
index 22c39629e5..62ea977905 100644
--- a/apps/gendsa.c
+++ b/apps/gendsa.c
@@ -78,9 +78,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
DSA *dsa=NULL;
int ret=1;
char *outfile=NULL;
@@ -206,7 +203,7 @@ bad:
}
#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, engine, 0);
#endif
if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
diff --git a/apps/pkcs7.c b/apps/pkcs7.c
index 86d31b99a7..ae6cd33f73 100644
--- a/apps/pkcs7.c
+++ b/apps/pkcs7.c
@@ -82,9 +82,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
PKCS7 *p7=NULL;
int i,badops=0;
BIO *in=NULL,*out=NULL;
@@ -182,7 +179,7 @@ bad:
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, engine, 0);
#endif
in=BIO_new(BIO_s_file());
diff --git a/apps/pkeyparam.c b/apps/pkeyparam.c
index 7f18010f9d..6f7a357a36 100644
--- a/apps/pkeyparam.c
+++ b/apps/pkeyparam.c
@@ -74,7 +74,6 @@ int MAIN(int argc, char **argv)
EVP_PKEY *pkey=NULL;
int badarg = 0;
#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
char *engine=NULL;
#endif
int ret = 1;
@@ -141,7 +140,7 @@ int MAIN(int argc, char **argv)
}
#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, engine, 0);
#endif
if (infile)
diff --git a/apps/rand.c b/apps/rand.c
index 44a1d46a03..790e79592c 100644
--- a/apps/rand.c
+++ b/apps/rand.c
@@ -77,9 +77,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
int i, r, ret = 1;
int badopt;
char *outfile = NULL;
@@ -178,7 +175,7 @@ int MAIN(int argc, char **argv)
}
#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, engine, 0);
#endif
app_RAND_load_file(NULL, bio_err, (inrand != NULL));
diff --git a/apps/s_server.c b/apps/s_server.c
index a70482e93e..e4a9a2bae5 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -2269,11 +2269,10 @@ static int www_body(char *hostname, int s, unsigned char *context)
{
char *buf=NULL;
int ret=1;
- int i,j,k,blank,dot;
+ int i,j,k,dot;
SSL *con;
const SSL_CIPHER *c;
BIO *io,*ssl_bio,*sbio;
- long total_bytes;
buf=OPENSSL_malloc(bufsize);
if (buf == NULL) return(0);
@@ -2343,7 +2342,6 @@ static int www_body(char *hostname, int s, unsigned char *context)
SSL_set_msg_callback_arg(con, bio_s_out);
}
- blank=0;
for (;;)
{
if (hack)
@@ -2604,7 +2602,6 @@ static int www_body(char *hostname, int s, unsigned char *context)
BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n");
}
/* send the file */
- total_bytes=0;
for (;;)
{
i=BIO_read(file,buf,bufsize);
diff --git a/apps/s_socket.c b/apps/s_socket.c
index b5f9db3062..a9228f42a6 100644
--- a/apps/s_socket.c
+++ b/apps/s_socket.c
@@ -321,7 +321,7 @@ static int init_server_long(int *sock, int port, char *ip, int type)
{
int ret=0;
struct sockaddr_in server;
- int s= -1,i;
+ int s= -1;
if (!ssl_sock_init()) return(0);
@@ -360,7 +360,6 @@ static int init_server_long(int *sock, int port, char *ip, int type)
}
/* Make it 128 for linux */
if (type==SOCK_STREAM && listen(s,128) == -1) goto err;
- i=0;
*sock=s;
ret=1;
err:
@@ -378,7 +377,7 @@ static int init_server(int *sock, int port, int type)
static int do_accept(int acc_sock, int *sock, char **host)
{
- int ret,i;
+ int ret;
struct hostent *h1,*h2;
static struct sockaddr_in from;
int len;
@@ -455,7 +454,6 @@ redoit:
BIO_printf(bio_err,"gethostbyname failure\n");
return(0);
}
- i=0;
if (h2->h_addrtype != AF_INET)
{
BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
diff --git a/apps/speed.c b/apps/speed.c
index 1882239ce3..85673ff5a1 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -344,9 +344,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
unsigned char *buf=NULL,*buf2=NULL;
int mret=1;
long count=0,save_count=0;
@@ -440,7 +437,6 @@ int MAIN(int argc, char **argv)
unsigned char DES_iv[8];
unsigned char iv[2*MAX_BLOCK_SIZE/8];
#ifndef OPENSSL_NO_DES
- DES_cblock *buf_as_des_cblock = NULL;
static DES_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
static DES_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
static DES_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
@@ -654,9 +650,6 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err,"out of memory\n");
goto end;
}
-#ifndef OPENSSL_NO_DES
- buf_as_des_cblock = (DES_cblock *)buf;
-#endif
if ((buf2=(unsigned char *)OPENSSL_malloc((int)BUFSIZE)) == NULL)
{
BIO_printf(bio_err,"out of memory\n");
@@ -731,7 +724,7 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err,"no engine given\n");
goto end;
}
- e = setup_engine(bio_err, *argv, 0);
+ setup_engine(bio_err, *argv, 0);
/* j will be increased again further down. We just
don't want speed to confuse an engine with an
algorithm, especially when none is given (which
diff --git a/apps/x509.c b/apps/x509.c
index ff56f30ff3..dc9cd77078 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -567,7 +567,6 @@ bad:
if (reqfile)
{
EVP_PKEY *pkey;
- X509_CINF *ci;
BIO *in;
if (!sign_flag && !CA_flag)
@@ -635,7 +634,6 @@ bad:
print_name(bio_err, "subject=", X509_REQ_get_subject_name(req), nmflag);
if ((x=X509_new()) == NULL) goto end;
- ci=x->cert_info;
if (sno == NULL)
{
diff --git a/crypto/asn1/a_int.c b/crypto/asn1/a_int.c
index c6fd204ae3..3348b8762c 100644
--- a/crypto/asn1/a_int.c
+++ b/crypto/asn1/a_int.c
@@ -273,7 +273,7 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
{
ASN1_INTEGER *ret=NULL;
const unsigned char *p;
- unsigned char *to,*s;
+ unsigned char *s;
long len;
int inf,tag,xclass;
int i;
@@ -308,7 +308,6 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
i=ERR_R_MALLOC_FAILURE;
goto err;
}
- to=s;
ret->type=V_ASN1_INTEGER;
if(len) {
if ((*p == 0) && (len != 1))
diff --git a/crypto/asn1/n_pkey.c b/crypto/asn1/n_pkey.c
index 9a41f29e3e..e251739933 100644
--- a/crypto/asn1/n_pkey.c
+++ b/crypto/asn1/n_pkey.c
@@ -247,7 +247,7 @@ RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,
int sgckey)
{
RSA *ret=NULL;
- const unsigned char *p, *kp;
+ const unsigned char *p;
NETSCAPE_ENCRYPTED_PKEY *enckey = NULL;
p = *pp;
@@ -270,7 +270,6 @@ RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,
ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM);
goto err;
}
- kp = enckey->enckey->digest->data;
if (cb == NULL)
cb=EVP_read_pw_string;
if ((ret=d2i_RSA_NET_2(a, enckey->enckey->digest,cb, sgckey)) == NULL) goto err;
diff --git a/crypto/asn1/t_crl.c b/crypto/asn1/t_crl.c
index da7eff1f1d..c61169208a 100644
--- a/crypto/asn1/t_crl.c
+++ b/crypto/asn1/t_crl.c
@@ -87,7 +87,7 @@ int X509_CRL_print(BIO *out, X509_CRL *x)
STACK_OF(X509_REVOKED) *rev;
X509_REVOKED *r;
long l;
- int i, n;
+ int i;
char *p;
BIO_printf(out, "Certificate Revocation List (CRL):\n");
@@ -106,7 +106,6 @@ int X509_CRL_print(BIO *out, X509_CRL *x)
else BIO_printf(out,"NONE");
BIO_printf(out,"\n");
- n=X509_CRL_get_ext_count(x);
X509V3_extensions_print(out, "CRL extensions",
x->crl->extensions, 0, 8);
diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c
index 3bee439968..87d7dfdf5c 100644
--- a/crypto/asn1/tasn_dec.c
+++ b/crypto/asn1/tasn_dec.c
@@ -168,7 +168,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
int i;
int otag;
int ret = 0;
- ASN1_VALUE *pchval, **pchptr, *ptmpval;
+ ASN1_VALUE **pchptr, *ptmpval;
if (!pval)
return 0;
if (aux && aux->asn1_cb)
@@ -319,7 +319,6 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
goto err;
}
/* CHOICE type, try each possibility in turn */
- pchval = NULL;
p = *in;
for (i = 0, tt=it->templates; i < it->tcount; i++, tt++)
{
diff --git a/crypto/bio/bf_nbio.c b/crypto/bio/bf_nbio.c
index c72a23c2e1..028616c064 100644
--- a/crypto/bio/bf_nbio.c
+++ b/crypto/bio/bf_nbio.c
@@ -125,7 +125,6 @@ static int nbiof_free(BIO *a)
static int nbiof_read(BIO *b, char *out, int outl)
{
- NBIO_TEST *nt;
int ret=0;
#if 1
int num;
@@ -134,7 +133,6 @@ static int nbiof_read(BIO *b, char *out, int outl)
if (out == NULL) return(0);
if (b->next_bio == NULL) return(0);
- nt=(NBIO_TEST *)b->ptr;
BIO_clear_retry_flags(b);
#if 1
diff --git a/crypto/bio/bio_lib.c b/crypto/bio/bio_lib.c
index 77f4de9c32..e12bc3a2ca 100644
--- a/crypto/bio/bio_lib.c
+++ b/crypto/bio/bio_lib.c
@@ -110,7 +110,7 @@ int BIO_set(BIO *bio, BIO_METHOD *method)
int BIO_free(BIO *a)
{
- int ret=0,i;
+ int i;
if (a == NULL) return(0);
@@ -133,7 +133,7 @@ int BIO_free(BIO *a)
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_BIO, a, &a->ex_data);
if ((a->method == NULL) || (a->method->destroy == NULL)) return(1);
- ret=a->method->destroy(a);
+ a->method->destroy(a);
OPENSSL_free(a);
return(1);
}
diff --git a/crypto/bio/bss_acpt.c b/crypto/bio/bss_acpt.c
index 826f761143..5d49e1a72b 100644
--- a/crypto/bio/bss_acpt.c
+++ b/crypto/bio/bss_acpt.c
@@ -340,7 +340,6 @@ static int acpt_write(BIO *b, const char *in, int inl)
static long acpt_ctrl(BIO *b, int cmd, long num, void *ptr)
{
- BIO *dbio;
int *ip;
long ret=1;
BIO_ACCEPT *data;
@@ -437,8 +436,8 @@ static long acpt_ctrl(BIO *b, int cmd, long num, void *ptr)
ret=(long)data->bind_mode;
break;
case BIO_CTRL_DUP:
- dbio=(BIO *)ptr;
-/* if (data->param_port) EAY EAY
+/* dbio=(BIO *)ptr;
+ if (data->param_port) EAY EAY
BIO_set_port(dbio,data->param_port);
if (data->param_hostname)
BIO_set_hostname(dbio,data->param_hostname);
diff --git a/crypto/bn/bn_mul.c b/crypto/bn/bn_mul.c
index a0e9ec3b46..12e5be80eb 100644
--- a/crypto/bn/bn_mul.c
+++ b/crypto/bn/bn_mul.c
@@ -551,7 +551,7 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
int tna, int tnb, BN_ULONG *t)
{
int i,j,n2=n*2;
- int c1,c2,neg,zero;
+ int c1,c2,neg;
BN_ULONG ln,lo,*p;
# ifdef BN_COUNT
@@ -567,7 +567,7 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
/* r=(a[0]-a[1])*(b[1]-b[0]) */
c1=bn_cmp_part_words(a,&(a[n]),tna,n-tna);
c2=bn_cmp_part_words(&(b[n]),b,tnb,tnb-n);
- zero=neg=0;
+ neg=0;
switch (c1*3+c2)
{
case -4:
@@ -575,7 +575,6 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */
break;
case -3:
- zero=1;
/* break; */
case -2:
bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */
@@ -585,7 +584,6 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
case -1:
case 0:
case 1:
- zero=1;
/* break; */
case 2:
bn_sub_part_words(t, a, &(a[n]),tna,n-tna); /* + */
@@ -593,7 +591,6 @@ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
neg=1;
break;
case 3:
- zero=1;
/* break; */
case 4:
bn_sub_part_words(t, a, &(a[n]),tna,n-tna);
@@ -1012,7 +1009,6 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
{
if (i >= -1 && i <= 1)
{
- int sav_j =0;
/* Find out the power of two lower or equal
to the longest of the two numbers */
if (i >= 0)
@@ -1023,7 +1019,6 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
{
j = BN_num_bits_word((BN_ULONG)bl);
}
- sav_j = j;
j = 1<<(j-1);
assert(j <= al || j <= bl);
k = j+j;
diff --git a/crypto/conf/conf_api.c b/crypto/conf/conf_api.c
index 22617e5fa1..0c1ee2b738 100644
--- a/crypto/conf/conf_api.c
+++ b/crypto/conf/conf_api.c
@@ -285,7 +285,7 @@ CONF_VALUE *_CONF_new_section(CONF *conf, const char *section)
v->value=(char *)sk;
vv=lh_CONF_VALUE_insert(conf->data,v);
- assert(vv == NULL);
+ OPENSSL_assert(vv == NULL);
ok=1;
err:
if (!ok)
diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c
index 0b571b0394..cf951320af 100644
--- a/crypto/conf/conf_def.c
+++ b/crypto/conf/conf_def.c
@@ -213,13 +213,12 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
int bufnum=0,i,ii;
BUF_MEM *buff=NULL;
char *s,*p,*end;
- int again,n;
+ int again;
long eline=0;
char btmp[DECIMAL_SIZE(eline)+1];
CONF_VALUE *v=NULL,*tv;
CONF_VALUE *sv=NULL;
char *section=NULL,*buf;
- STACK_OF(CONF_VALUE) *section_sk=NULL,*ts;
char *start,*psection,*pname;
void *h = (void *)(conf->data);
@@ -250,7 +249,6 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
goto err;
}
- section_sk=(STACK_OF(CONF_VALUE) *)sv->value;
bufnum=0;
again=0;
@@ -309,7 +307,6 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
buf=buff->data;
clear_comments(conf, buf);
- n=strlen(buf);
s=eat_ws(conf, buf);
if (IS_EOF(conf,*s)) continue; /* blank line */
if (*s == '[')
@@ -343,7 +340,6 @@ again:
CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
goto err;
}
- section_sk=(STACK_OF(CONF_VALUE) *)sv->value;
continue;
}
else
@@ -406,13 +402,9 @@ again:
CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
goto err;
}
- ts=(STACK_OF(CONF_VALUE) *)tv->value;
}
else
- {
tv=sv;
- ts=section_sk;
- }
#if 1
if (_CONF_add_string(conf, tv, v) == 0)
{
@@ -465,9 +457,6 @@ err:
static void clear_comments(CONF *conf, char *p)
{
- char *to;
-
- to=p;
for (;;)
{
if (IS_FCOMMENT(conf,*p))
diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c
index cd6bba3682..a7d478324e 100644
--- a/crypto/dsa/dsa_gen.c
+++ b/crypto/dsa/dsa_gen.c
@@ -120,7 +120,7 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
BIGNUM *r0,*W,*X,*c,*test;
BIGNUM *g=NULL,*q=NULL,*p=NULL;
BN_MONT_CTX *mont=NULL;
- int i, k,n=0,b,m=0, qsize = qbits >> 3;
+ int i, k, n=0, m=0, qsize = qbits >> 3;
int counter=0;
int r=0;
BN_CTX *ctx=NULL;
@@ -234,7 +234,6 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
/* "offset = 2" */
n=(bits-1)/160;
- b=(bits-1)-n*160;
for (;;)
{
diff --git a/crypto/ecdh/ech_lib.c b/crypto/ecdh/ech_lib.c
index e89b1d4772..4d8ea03d3d 100644
--- a/crypto/ecdh/ech_lib.c
+++ b/crypto/ecdh/ech_lib.c
@@ -96,7 +96,6 @@ const ECDH_METHOD *ECDH_get_default_method(void)
int ECDH_set_method(EC_KEY *eckey, const ECDH_METHOD *meth)
{
- const ECDH_METHOD *mtmp;
ECDH_DATA *ecdh;
ecdh = ecdh_check(eckey);
@@ -104,8 +103,8 @@ int ECDH_set_method(EC_KEY *eckey, const ECDH_METHOD *meth)
if (ecdh == NULL)
return 0;
- mtmp = ecdh->meth;
#if 0
+ mtmp = ecdh->meth;
if (mtmp->finish)
mtmp->finish(eckey);
#endif
diff --git a/crypto/ecdsa/ecs_lib.c b/crypto/ecdsa/ecs_lib.c
index 85e8a3a7ed..2ebae3aa27 100644
--- a/crypto/ecdsa/ecs_lib.c
+++ b/crypto/ecdsa/ecs_lib.c
@@ -83,7 +83,6 @@ const ECDSA_METHOD *ECDSA_get_default_method(void)
int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth)
{
- const ECDSA_METHOD *mtmp;
ECDSA_DATA *ecdsa;
ecdsa = ecdsa_check(eckey);
@@ -91,7 +90,6 @@ int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth)
if (ecdsa == NULL)
return 0;
- mtmp = ecdsa->meth;
#ifndef OPENSSL_NO_ENGINE
if (ecdsa->engine)
{
diff --git a/crypto/evp/encode.c b/crypto/evp/encode.c
index b42c747249..28546a84bc 100644
--- a/crypto/evp/encode.c
+++ b/crypto/evp/encode.c
@@ -235,7 +235,7 @@ void EVP_DecodeInit(EVP_ENCODE_CTX *ctx)
int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
const unsigned char *in, int inl)
{
- int seof= -1,eof=0,rv= -1,ret=0,i,v,tmp,n,ln,tmp2,exp_nl;
+ int seof= -1,eof=0,rv= -1,ret=0,i,v,tmp,n,ln,exp_nl;
unsigned char *d;
n=ctx->num;
@@ -319,7 +319,6 @@ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
* lines. We process the line and then need to
* accept the '\n' */
if ((v != B64_EOF) && (n >= 64)) exp_nl=1;
- tmp2=v;
if (n > 0)
{
v=EVP_DecodeBlock(out,d,n);
diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
index 45015fe754..6c98fc43a3 100644
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@@ -138,12 +138,9 @@ int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len)
int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
{
- int j;
unsigned int i;
unsigned char buf[EVP_MAX_MD_SIZE];
- j=EVP_MD_block_size(ctx->md);
-
if (!EVP_DigestFinal_ex(&ctx->md_ctx,buf,&i))
goto err;
if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx,&ctx->o_ctx))
diff --git a/crypto/ocsp/ocsp_prn.c b/crypto/ocsp/ocsp_prn.c
index 1695c9c4ad..87608ff399 100644
--- a/crypto/ocsp/ocsp_prn.c
+++ b/crypto/ocsp/ocsp_prn.c
@@ -182,7 +182,6 @@ int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o, unsigned long flags)
{
int i, ret = 0;
long l;
- unsigned char *p;
OCSP_CERTID *cid = NULL;
OCSP_BASICRESP *br = NULL;
OCSP_RESPID *rid = NULL;
@@ -207,7 +206,6 @@ int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o, unsigned long flags)
return 1;
}
- p = ASN1_STRING_data(rb->response);
i = ASN1_STRING_length(rb->response);
if (!(br = OCSP_response_get1_basic(o))) goto err;
rd = br->tbsResponseData;
diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c
index 18cde7c2d9..5a421fc4b6 100644
--- a/crypto/pem/pem_lib.c
+++ b/crypto/pem/pem_lib.c
@@ -489,7 +489,6 @@ int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
{
- int o;
const EVP_CIPHER *enc=NULL;
char *p,c;
char **header_pp = &header;
@@ -529,7 +528,6 @@ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
header++;
}
*header='\0';
- o=OBJ_sn2nid(p);
cipher->cipher=enc=EVP_get_cipherbyname(p);
*header=c;
header++;
diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c
index 0dd6f5d98a..b1bf71a5da 100644
--- a/crypto/pem/pvkfmt.c
+++ b/crypto/pem/pvkfmt.c
@@ -662,7 +662,7 @@ static int do_PVK_header(const unsigned char **in, unsigned int length,
{
const unsigned char *p = *in;
- unsigned int pvk_magic, keytype, is_encrypted;
+ unsigned int pvk_magic, is_encrypted;
if (skip_magic)
{
if (length < 20)
@@ -689,7 +689,7 @@ static int do_PVK_header(const unsigned char **in, unsigned int length,
}
/* Skip reserved */
p += 4;
- keytype = read_ledword(&p);
+ /*keytype = */read_ledword(&p);
is_encrypted = read_ledword(&p);
*psaltlen = read_ledword(&p);
*pkeylen = read_ledword(&p);
@@ -847,7 +847,7 @@ EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u)
static int i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel,
pem_password_cb *cb, void *u)
{
- int outlen = 24, noinc, pklen;
+ int outlen = 24, pklen;
unsigned char *p, *salt = NULL;
EVP_CIPHER_CTX cctx;
EVP_CIPHER_CTX_init(&cctx);
@@ -860,10 +860,7 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel,
if (!out)
return outlen;
if (*out)
- {
p = *out;
- noinc = 0;
- }
else
{
p = OPENSSL_malloc(outlen);
@@ -873,7 +870,6 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel,
return -1;
}
*out = p;
- noinc = 1;
}
write_ledword(&p, MS_PVKMAGIC);
diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c
index c2a56893ef..cb8434b322 100644
--- a/crypto/pkcs7/pk7_doit.c
+++ b/crypto/pkcs7/pk7_doit.c
@@ -422,7 +422,6 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
X509_ALGOR *enc_alg=NULL;
STACK_OF(X509_ALGOR) *md_sk=NULL;
STACK_OF(PKCS7_RECIP_INFO) *rsk=NULL;
- X509_ALGOR *xalg=NULL;
PKCS7_RECIP_INFO *ri=NULL;
i=OBJ_obj2nid(p7->type);
@@ -445,7 +444,6 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
goto err;
}
- xalg=p7->d.signed_and_enveloped->enc_data->algorithm;
break;
case NID_pkcs7_enveloped:
rsk=p7->d.enveloped->recipientinfo;
@@ -457,7 +455,6 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
goto err;
}
- xalg=p7->d.enveloped->enc_data->algorithm;
break;
default:
PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
diff --git a/crypto/pkcs7/pk7_lib.c b/crypto/pkcs7/pk7_lib.c
index 3ca0952792..d411269b50 100644
--- a/crypto/pkcs7/pk7_lib.c
+++ b/crypto/pkcs7/pk7_lib.c
@@ -591,7 +591,6 @@ X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si)
int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher)
{
int i;
- ASN1_OBJECT *objtmp;
PKCS7_ENC_CONTENT *ec;
i=OBJ_obj2nid(p7->type);
@@ -614,7 +613,6 @@ int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher)
PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
return(0);
}
- objtmp = OBJ_nid2obj(i);
ec->cipher = cipher;
return 1;
diff --git a/crypto/pqueue/pqueue.c b/crypto/pqueue/pqueue.c
index 99a6fb874d..eab13a1250 100644
--- a/crypto/pqueue/pqueue.c
+++ b/crypto/pqueue/pqueue.c
@@ -167,14 +167,13 @@ pqueue_pop(pqueue_s *pq)
pitem *
pqueue_find(pqueue_s *pq, unsigned char *prio64be)
{
- pitem *next, *prev = NULL;
+ pitem *next;
pitem *found = NULL;
if ( pq->items == NULL)
return NULL;
- for ( next = pq->items; next->next != NULL;
- prev = next, next = next->next)
+ for ( next = pq->items; next->next != NULL; next = next->next)
{
if ( memcmp(next->priority, prio64be,8) == 0)
{
diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c
index 4ed40b7b70..678b0fe0d6 100644
--- a/crypto/rand/randfile.c
+++ b/crypto/rand/randfile.c
@@ -269,7 +269,6 @@ err:
const char *RAND_file_name(char *buf, size_t size)
{
char *s=NULL;
- int ok = 0;
#ifdef __OpenBSD__
struct stat sb;
#endif
@@ -298,7 +297,6 @@ const char *RAND_file_name(char *buf, size_t size)
BUF_strlcat(buf,"/",size);
#endif
BUF_strlcat(buf,RFILE,size);
- ok = 1;
}
else
buf[0] = '\0'; /* no file name */
diff --git a/crypto/x509v3/pcy_tree.c b/crypto/x509v3/pcy_tree.c
index 92f6b24556..bb9777348f 100644
--- a/crypto/x509v3/pcy_tree.c
+++ b/crypto/x509v3/pcy_tree.c
@@ -341,9 +341,8 @@ static int tree_link_nodes(X509_POLICY_LEVEL *curr,
const X509_POLICY_CACHE *cache)
{
int i;
- X509_POLICY_LEVEL *last;
X509_POLICY_DATA *data;
- last = curr - 1;
+
for (i = 0; i < sk_X509_POLICY_DATA_num(cache->data); i++)
{
data = sk_X509_POLICY_DATA_value(cache->data, i);
diff --git a/engines/ccgost/gost_ameth.c b/engines/ccgost/gost_ameth.c
index f620a216c8..e6c2839e5f 100644
--- a/engines/ccgost/gost_ameth.c
+++ b/engines/ccgost/gost_ameth.c
@@ -39,7 +39,7 @@ static ASN1_STRING *encode_gost_algor_params(const EVP_PKEY *key)
ASN1_STRING *params = ASN1_STRING_new();
GOST_KEY_PARAMS *gkp = GOST_KEY_PARAMS_new();
int pkey_param_nid = NID_undef;
- int cipher_param_nid = NID_undef;
+
if (!params || !gkp)
{
GOSTerr(GOST_F_ENCODE_GOST_ALGOR_PARAMS,
@@ -52,7 +52,6 @@ static ASN1_STRING *encode_gost_algor_params(const EVP_PKEY *key)
{
case NID_id_GostR3410_2001:
pkey_param_nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(EVP_PKEY_get0((EVP_PKEY *)key)));
- cipher_param_nid = get_encryption_params(NULL)->nid;
break;
case NID_id_GostR3410_94:
pkey_param_nid = (int) gost94_nid_by_params(EVP_PKEY_get0((EVP_PKEY *)key));
@@ -64,7 +63,6 @@ static ASN1_STRING *encode_gost_algor_params(const EVP_PKEY *key)
params=NULL;
goto err;
}
- cipher_param_nid = get_encryption_params(NULL)->nid;
break;
}
gkp->key_params = OBJ_nid2obj(pkey_param_nid);
diff --git a/engines/e_chil.c b/engines/e_chil.c
index 9c2729c96d..fdc2100e3d 100644
--- a/engines/e_chil.c
+++ b/engines/e_chil.c
@@ -1077,11 +1077,11 @@ static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
static int hwcrhk_rsa_finish(RSA *rsa)
{
HWCryptoHook_RSAKeyHandle *hptr;
- int ret;
+
hptr = RSA_get_ex_data(rsa, hndidx_rsa);
if (hptr)
{
- ret = p_hwcrhk_RSAUnloadKey(*hptr, NULL);
+ p_hwcrhk_RSAUnloadKey(*hptr, NULL);
OPENSSL_free(hptr);
RSA_set_ex_data(rsa, hndidx_rsa, NULL);
}
diff --git a/engines/e_cswift.c b/engines/e_cswift.c
index bc65179846..2e64ff3277 100644
--- a/engines/e_cswift.c
+++ b/engines/e_cswift.c
@@ -811,7 +811,6 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
SW_PARAM sw_param;
SW_STATUS sw_status;
SW_LARGENUMBER arg, res;
- unsigned char *ptr;
BN_CTX *ctx;
BIGNUM *dsa_p = NULL;
BIGNUM *dsa_q = NULL;
@@ -899,7 +898,6 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
goto err;
}
/* Convert the response */
- ptr = (unsigned char *)result->d;
if((to_return = DSA_SIG_new()) == NULL)
goto err;
to_return->r = BN_bin2bn((unsigned char *)result->d, 20, NULL);
diff --git a/engines/e_ubsec.c b/engines/e_ubsec.c
index 9b747b9aea..aa5709bd8c 100644
--- a/engines/e_ubsec.c
+++ b/engines/e_ubsec.c
@@ -630,10 +630,8 @@ static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *dq, const BIGNUM *qinv, BN_CTX *ctx)
{
int y_len,
- m_len,
fd;
- m_len = BN_num_bytes(p) + BN_num_bytes(q) + 1;
y_len = BN_num_bits(p) + BN_num_bits(q);
/* Check if hardware can't handle this argument. */
diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c
index a5439d544f..1fd58bf598 100644
--- a/ssl/d1_pkt.c
+++ b/ssl/d1_pkt.c
@@ -296,9 +296,6 @@ dtls1_process_buffered_records(SSL *s)
item = pqueue_peek(s->d1->unprocessed_rcds.q);
if (item)
{
- DTLS1_RECORD_DATA *rdata;
- rdata = (DTLS1_RECORD_DATA *)item->data;
-
/* Check if epoch is current. */
if (s->d1->unprocessed_rcds.epoch != s->d1->r_epoch)
return(1); /* Nothing to do. */
@@ -528,14 +525,12 @@ int dtls1_get_record(SSL *s)
int ssl_major,ssl_minor;
int i,n;
SSL3_RECORD *rr;
- SSL_SESSION *sess;
unsigned char *p = NULL;
unsigned short version;
DTLS1_BITMAP *bitmap;
unsigned int is_next_epoch;
rr= &(s->s3->rrec);
- sess=s->session;
/* The epoch may have changed. If so, process all the
* pending records. This is a non-blocking operation. */
diff --git a/ssl/s23_lib.c b/ssl/s23_lib.c
index e3fce53430..3bf728318a 100644
--- a/ssl/s23_lib.c
+++ b/ssl/s23_lib.c
@@ -92,15 +92,8 @@ const SSL_CIPHER *ssl23_get_cipher(unsigned int u)
* available */
const SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p)
{
- SSL_CIPHER c;
const SSL_CIPHER *cp;
- unsigned long id;
- int n;
- n=ssl3_num_ciphers();
- id=0x03000000|((unsigned long)p[0]<<16L)|
- ((unsigned long)p[1]<<8L)|(unsigned long)p[2];
- c.id=id;
cp=ssl3_get_cipher_by_char(p);
#ifndef OPENSSL_NO_SSL2
if (cp == NULL)
diff --git a/ssl/s2_srvr.c b/ssl/s2_srvr.c
index 1434e734dd..9471676872 100644
--- a/ssl/s2_srvr.c
+++ b/ssl/s2_srvr.c
@@ -697,7 +697,6 @@ static int server_hello(SSL *s)
{
unsigned char *p,*d;
int n,hit;
- STACK_OF(SSL_CIPHER) *sk;
p=(unsigned char *)s->init_buf->data;
if (s->state == SSL2_ST_SEND_SERVER_HELLO_A)
@@ -778,7 +777,6 @@ static int server_hello(SSL *s)
/* lets send out the ciphers we like in the
* prefered order */
- sk= s->session->ciphers;
n=ssl_cipher_list_to_bytes(s,s->session->ciphers,d,0);
d+=n;
s2n(n,p); /* add cipher length */
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index 3d7aec97a2..58386e1ba0 100644
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -214,7 +214,7 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num)
int ssl3_change_cipher_state(SSL *s, int which)
{
- unsigned char *p,*key_block,*mac_secret;
+ unsigned char *p,*mac_secret;
unsigned char exp_key[EVP_MAX_KEY_LENGTH];
unsigned char exp_iv[EVP_MAX_IV_LENGTH];
unsigned char *ms,*key,*iv,*er1,*er2;
@@ -239,7 +239,6 @@ int ssl3_change_cipher_state(SSL *s, int which)
else
comp=s->s3->tmp.new_compression->method;
#endif
- key_block=s->s3->tmp.key_block;
if (which & SSL3_CC_READ)
{
diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c
index 28709978b5..d7f4c6087e 100644
--- a/ssl/ssl_asn1.c
+++ b/ssl/ssl_asn1.c
@@ -357,7 +357,7 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
long length)
{
- int version,ssl_version=0,i;
+ int ssl_version=0,i;
long id;
ASN1_INTEGER ai,*aip;
ASN1_OCTET_STRING os,*osp;
@@ -371,7 +371,6 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
ai.data=NULL; ai.length=0;
M_ASN1_D2I_get_x(ASN1_INTEGER,aip,d2i_ASN1_INTEGER);
- version=(int)ASN1_INTEGER_get(aip);
if (ai.data != NULL) { OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; }
/* we don't care about the version right now :-) */
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index bee3507ea1..a8ce186b78 100644
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -1027,7 +1027,7 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
const SSL_CIPHER **ca_list)
{
unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, algo_strength;
- const char *l, *start, *buf;
+ const char *l, *buf;
int j, multi, found, rule, retval, ok, buflen;
unsigned long cipher_id = 0;
char ch;
@@ -1064,7 +1064,6 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
alg_ssl = 0;
algo_strength = 0;
- start=l;
for (;;)
{
ch = *l;
@@ -1456,7 +1455,7 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
int is_export,pkl,kl;
const char *ver,*exp_str;
const char *kx,*au,*enc,*mac;
- unsigned long alg_mkey,alg_auth,alg_enc,alg_mac,alg_ssl,alg2,alg_s;
+ unsigned long alg_mkey,alg_auth,alg_enc,alg_mac,alg_ssl,alg2;
#ifdef KSSL_DEBUG
static const char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx/%lx/%lx/%lx/%lx\n";
#else
@@ -1469,7 +1468,6 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
alg_mac = cipher->algorithm_mac;
alg_ssl = cipher->algorithm_ssl;
- alg_s=cipher->algo_strength;
alg2=cipher->algorithm2;
is_export=SSL_C_IS_EXPORT(cipher);
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 0f7a7f1dfc..3c74ec179c 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2110,23 +2110,12 @@ int ssl_check_srvr_ecc_cert_and_alg(X509 *x, const SSL_CIPHER *cs)
/* THIS NEEDS CLEANING UP */
X509 *ssl_get_server_send_cert(SSL *s)
{
- unsigned long alg_k,alg_a,mask_k,mask_a;
+ unsigned long alg_k,alg_a;
CERT *c;
- int i,is_export;
+ int i;
c=s->cert;
ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
- is_export=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
- if (is_export)
- {
- mask_k = c->export_mask_k;
- mask_a = c->export_mask_a;
- }
- else
- {
- mask_k = c->mask_k;
- mask_a = c->mask_a;
- }
alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
alg_a = s->s3->tmp.new_cipher->algorithm_auth;
diff --git a/ssl/ssltest.c b/ssl/ssltest.c
index ed01651e62..175635881d 100644
--- a/ssl/ssltest.c
+++ b/ssl/ssltest.c
@@ -1430,7 +1430,6 @@ int doit(SSL *s_ssl, SSL *c_ssl, long count)
BIO *c_bio=NULL;
BIO *s_bio=NULL;
int c_r,c_w,s_r,s_w;
- int c_want,s_want;
int i,j;
int done=0;
int c_write,s_write;
@@ -1465,8 +1464,6 @@ int doit(SSL *s_ssl, SSL *c_ssl, long count)
c_r=0; s_r=1;
c_w=1; s_w=0;
- c_want=W_WRITE;
- s_want=0;
c_write=1,s_write=0;
/* We can always do writes */
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index 01884906df..b5c3179c48 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -158,7 +158,7 @@ static int tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
const void *seed5, int seed5_len,
unsigned char *out, int olen)
{
- int chunk,n;
+ int chunk;
unsigned int j;
HMAC_CTX ctx;
HMAC_CTX ctx_tmp;
@@ -188,7 +188,6 @@ static int tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
if (!HMAC_Final(&ctx,A1,&A1_len))
goto err;
- n=0;
for (;;)
{
if (!HMAC_Init_ex(&ctx,NULL,0,NULL,NULL)) /* re-init */
@@ -310,13 +309,13 @@ static int tls1_generate_key_block(SSL *s, unsigned char *km,
int tls1_change_cipher_state(SSL *s, int which)
{
static const unsigned char empty[]="";
- unsigned char *p,*key_block,*mac_secret;
+ unsigned char *p,*mac_secret;
unsigned char *exp_label;
unsigned char tmp1[EVP_MAX_KEY_LENGTH];
unsigned char tmp2[EVP_MAX_KEY_LENGTH];
unsigned char iv1[EVP_MAX_IV_LENGTH*2];
unsigned char iv2[EVP_MAX_IV_LENGTH*2];
- unsigned char *ms,*key,*iv,*er1,*er2;
+ unsigned char *ms,*key,*iv;
int client_write;
EVP_CIPHER_CTX *dd;
const EVP_CIPHER *c;
@@ -338,7 +337,6 @@ int tls1_change_cipher_state(SSL *s, int which)
#ifndef OPENSSL_NO_COMP
comp=s->s3->tmp.new_compression;
#endif
- key_block=s->s3->tmp.key_block;
#ifdef KSSL_DEBUG
printf("tls1_change_cipher_state(which= %d) w/\n", which);
@@ -449,8 +447,6 @@ int tls1_change_cipher_state(SSL *s, int which)
cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl;
/* Was j=(exp)?5:EVP_CIPHER_key_length(c); */
k=EVP_CIPHER_iv_length(c);
- er1= &(s->s3->client_random[0]);
- er2= &(s->s3->server_random[0]);
if ( (which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) ||
(which == SSL3_CHANGE_CIPHER_SERVER_READ))
{
@@ -907,7 +903,7 @@ int tls1_final_finish_mac(SSL *s,
int tls1_mac(SSL *ssl, unsigned char *md, int send)
{
SSL3_RECORD *rec;
- unsigned char *mac_sec,*seq;
+ unsigned char *seq;
EVP_MD_CTX *hash;
size_t md_size;
int i;
@@ -919,14 +915,12 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
if (send)
{
rec= &(ssl->s3->wrec);
- mac_sec= &(ssl->s3->write_mac_secret[0]);
seq= &(ssl->s3->write_sequence[0]);
hash=ssl->write_hash;
}
else
{
rec= &(ssl->s3->rrec);
- mac_sec= &(ssl->s3->read_mac_secret[0]);
seq= &(ssl->s3->read_sequence[0]);
hash=ssl->read_hash;
}
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 9ee7e7d717..ef40e5e6f8 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -983,9 +983,9 @@ int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, int n, int *al)
{
+ unsigned short length;
unsigned short type;
unsigned short size;
- unsigned short len;
unsigned char *data = *p;
int tlsext_servername = 0;
int renegotiate_seen = 0;
@@ -993,7 +993,12 @@ int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d, in
if (data >= (d+n-2))
goto ri_check;
- n2s(data,len);
+ n2s(data,length);
+ if (data+length != d+n)
+ {
+ *al = SSL_AD_DECODE_ERROR;
+ return 0;
+ }
while(data <= (d+n-4))
{