reintroduce md5_digest wrapper struct to fix gcc warnings

I was wrong to assume that adding the const qualifier to the pointer-to-
fixed-size-array contruction used in options_hash_changed_or_zero() was
allowed.  GCC actually warns about this, but I was using clang and clang
seems to be fine with the contruction.  To make GCC happy too, reintroduce
the md5_digest wrapped struct, and use that when passing around the digest.

This reverts the "struct md5_digest" parts of 827de237860813d2859a, but
keeps the rest.

Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1437910039-30101-1-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/9949
Signed-off-by: Gert Doering <gert@greenie.muc.de>

4 files changed, 14 insertions, 9 deletions

diff --git a/src/openvpn/crypto.h b/src/openvpn/crypto.h
index 504896d..b32a900 100644
--- a/src/openvpn/crypto.h
+++ b/src/openvpn/crypto.h
@@ -108,6 +108,11 @@
 #include "packet_id.h"
 #include "mtu.h"
 
+/** Wrapper struct to pass around MD5 digests */
+struct md5_digest {
+  uint8_t digest[MD5_DIGEST_LENGTH];
+};
+
 /*
  * Defines a key type and key length for both cipher and HMAC.
  */
diff --git a/src/openvpn/init.c b/src/openvpn/init.c
index c24a646..fe00918 100644
--- a/src/openvpn/init.c
+++ b/src/openvpn/init.c
@@ -1620,11 +1620,12 @@ tun_abort()
  * equal, or either one is all-zeroes.
  */
 static bool
-options_hash_changed_or_zero(const uint8_t (*a)[MD5_DIGEST_LENGTH],
-    const uint8_t (*b)[MD5_DIGEST_LENGTH])
+options_hash_changed_or_zero(const struct md5_digest *a,
+    const struct md5_digest *b)
 {
-  const uint8_t zero[MD5_DIGEST_LENGTH] = {0};
-  return memcmp (*a, *b, MD5_DIGEST_LENGTH) || memcmp (*a, zero, MD5_DIGEST_LENGTH);
+  const struct md5_digest zero = {{0}};
+  return memcmp (a, b, sizeof(struct md5_digest)) ||
+      memcmp (a, &zero, sizeof(struct md5_digest));
 }
 #endif /* P2MP */
 
@@ -1668,8 +1669,7 @@ do_up (struct context *c, bool pulled_options, unsigned int option_types_found)
       if (c->c2.did_open_tun)
 	{
 #if P2MP
-	  memcpy(c->c1.pulled_options_digest_save, c->c2.pulled_options_digest,
-	      sizeof(c->c1.pulled_options_digest_save));
+	  c->c1.pulled_options_digest_save = c->c2.pulled_options_digest;
 #endif
 
 	  /* if --route-delay was specified, start timer */
diff --git a/src/openvpn/openvpn.h b/src/openvpn/openvpn.h
index ef7ca1d..1c2a80b 100644
--- a/src/openvpn/openvpn.h
+++ b/src/openvpn/openvpn.h
@@ -199,7 +199,7 @@ struct context_1
 #endif
 
   /* if client mode, hash of option strings we pulled from server */
-  uint8_t pulled_options_digest_save[MD5_DIGEST_LENGTH];
+  struct md5_digest pulled_options_digest_save;
                                 /**< Hash of option strings received from the
                                  *   remote OpenVPN server.  Only used in
                                  *   client-mode. */
@@ -465,7 +465,7 @@ struct context_2
   /* hash of pulled options, so we can compare when options change */
   bool pulled_options_md5_init_done;
   md_ctx_t pulled_options_state;
-  uint8_t pulled_options_digest[MD5_DIGEST_LENGTH];
+  struct md5_digest pulled_options_digest;
 
   struct event_timeout server_poll_interval;
 
diff --git a/src/openvpn/push.c b/src/openvpn/push.c
index c99a097..8706166 100644
--- a/src/openvpn/push.c
+++ b/src/openvpn/push.c
@@ -483,7 +483,7 @@ process_incoming_push_msg (struct context *c,
 	      case 0:
 	      case 1:
 		md_ctx_update (&c->c2.pulled_options_state, BPTR(&buf_orig), BLEN(&buf_orig));
-		md_ctx_final (&c->c2.pulled_options_state, c->c2.pulled_options_digest);
+		md_ctx_final (&c->c2.pulled_options_state, c->c2.pulled_options_digest.digest);
 		md_ctx_cleanup (&c->c2.pulled_options_state);
 	        c->c2.pulled_options_md5_init_done = false;
 		ret = PUSH_MSG_REPLY;