4853 illumos-gate is not lint-clean when built with openssl 1.0

Reviewed by: Keith Wesolowski <keith.wesolowski@joyent.com>
Reviewed by: Alexander Eremin <alexander.eremin@nexenta.com>
Approved by: Robert Mustacchi <rm@joyent.com>

2 files changed, 5 insertions, 19 deletions

diff --git a/usr/src/lib/libkmf/plugins/kmf_openssl/Makefile.com b/usr/src/lib/libkmf/plugins/kmf_openssl/Makefile.com
index 76ecd38479..a27fa16cc6 100644
--- a/usr/src/lib/libkmf/plugins/kmf_openssl/Makefile.com
+++ b/usr/src/lib/libkmf/plugins/kmf_openssl/Makefile.com
@@ -40,8 +40,8 @@ BERLIB64=	$(BERLIB)
 OPENSSLLIBS=	$(BERLIB) -lcrypto -lcryptoutil -lc
 OPENSSLLIBS64=	$(BERLIB64) -lcrypto -lcryptoutil -lc
 
-LINTSSLLIBS	= $(BERLIB) -lcrypto -lcryptoutil -lc
-LINTSSLLIBS64	= $(BERLIB64) -lcrypto -lcryptoutil -lc
+LINTSSLLIBS	= $(BERLIB) -lcryptoutil -lc
+LINTSSLLIBS64	= $(BERLIB64) -lcryptoutil -lc
 
 SRCDIR=		../common
 INCDIR=		../../include
diff --git a/usr/src/lib/libkmf/plugins/kmf_openssl/common/openssl_spi.c b/usr/src/lib/libkmf/plugins/kmf_openssl/common/openssl_spi.c
index fc3da4b7e8..19d757df90 100644
--- a/usr/src/lib/libkmf/plugins/kmf_openssl/common/openssl_spi.c
+++ b/usr/src/lib/libkmf/plugins/kmf_openssl/common/openssl_spi.c
@@ -2033,7 +2033,7 @@ OpenSSL_CertGetPrintable(KMF_HANDLE_T handle, const KMF_DATA *pcert,
 #if OPENSSL_VERSION_NUMBER < 0x10000000L
 	STACK *emlst = NULL;
 #else
-        STACK_OF(OPENSSL_STRING) *emlst = NULL;
+	STACK_OF(OPENSSL_STRING) *emlst = NULL;
 #endif
 	X509_EXTENSION *ex;
 	X509_CINF *ci;
@@ -2153,7 +2153,7 @@ OpenSSL_CertGetPrintable(KMF_HANDLE_T handle, const KMF_DATA *pcert,
 #else
 		for (j = 0; j < sk_OPENSSL_STRING_num(emlst); j++)
 			(void) BIO_printf(mem, "%s\n",
-                            sk_OPENSSL_STRING_value(emlst, j));
+			    sk_OPENSSL_STRING_value(emlst, j));
 #endif
 
 		len = BIO_gets(mem, resultStr, KMF_CERT_PRINTABLE_LEN);
@@ -2499,7 +2499,6 @@ static X509 *ocsp_find_signer_sk(STACK_OF(X509) *certs, OCSP_RESPID *id)
 	keyhash = id->value.byKey->data;
 	/* Calculate hash of each key and compare */
 	for (i = 0; i < sk_X509_num(certs); i++) {
-		/* LINTED E_BAD_PTR_CAST_ALIGN */
 		X509 *x = sk_X509_value(certs, i);
 		/* Use pubkey_digest to get the key ID value */
 		(void) X509_pubkey_digest(x, EVP_sha1(), tmphash, NULL);
@@ -3639,7 +3638,6 @@ extract_pem(KMF_HANDLE *kmfh,
 	}
 
 	for (i = 0; i < sk_X509_INFO_num(x509_info_stack); i++) {
-		/* LINTED E_BAD_PTR_CAST_ALIGN */
 		cert_infos[ncerts] = sk_X509_INFO_value(x509_info_stack, i);
 		ncerts++;
 	}
@@ -3721,7 +3719,6 @@ extract_pem(KMF_HANDLE *kmfh,
 err:
 	/* Cleanup the stack of X509 info records */
 	for (i = 0; i < sk_X509_INFO_num(x509_info_stack); i++) {
-		/* LINTED E_BAD_PTR_CAST_ALIGN */
 		info = (X509_INFO *)sk_X509_INFO_value(x509_info_stack, i);
 		X509_INFO_free(info);
 	}
@@ -3742,7 +3739,6 @@ openssl_parse_bags(STACK_OF(PKCS12_SAFEBAG) *bags, char *pin,
 	int i;
 
 	for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) {
-		/* LINTED E_BAD_PTR_CAST_ALIGN */
 		PKCS12_SAFEBAG *bag = sk_PKCS12_SAFEBAG_value(bags, i);
 		ret = openssl_parse_bag(bag, pin, (pin ? strlen(pin) : 0),
 		    keys, certs);
@@ -3773,12 +3769,10 @@ set_pkey_attrib(EVP_PKEY *pkey, ASN1_TYPE *attrib, int nid)
 		X509_ATTRIBUTE *a;
 		for (i = 0;
 		    i < sk_X509_ATTRIBUTE_num(pkey->attributes); i++) {
-			/* LINTED E_BAD_PTR_CASE_ALIGN */
 			a = sk_X509_ATTRIBUTE_value(pkey->attributes, i);
 			if (OBJ_obj2nid(a->object) == nid) {
 				X509_ATTRIBUTE_free(a);
-				/* LINTED E_BAD_PTR_CAST_ALIGN */
-				sk_X509_ATTRIBUTE_set(pkey->attributes,
+				(void) sk_X509_ATTRIBUTE_set(pkey->attributes,
 				    i, attr);
 				return (KMF_OK);
 			}
@@ -3955,7 +3949,6 @@ openssl_pkcs12_parse(PKCS12 *p12, char *pin,
 
 	for (i = 0; ret == KMF_OK && i < sk_PKCS7_num(asafes); i++) {
 		bags = NULL;
-		/* LINTED E_BAD_PTR_CAST_ALIGN */
 		p7 = sk_PKCS7_value(asafes, i);
 		bagnid = OBJ_obj2nid(p7->type);
 
@@ -4233,7 +4226,6 @@ find_attr(STACK_OF(X509_ATTRIBUTE) *attrs, int nid)
 		return (NULL);
 
 	for (i = 0; i < sk_X509_ATTRIBUTE_num(attrs); i++) {
-		/* LINTED E_BAD_PTR_CAST_ALIGN */
 		a = sk_X509_ATTRIBUTE_value(attrs, i);
 		if (OBJ_obj2nid(a->object) == nid)
 			return (a);
@@ -4274,7 +4266,6 @@ convertToRawKey(EVP_PKEY *pkey, KMF_RAW_KEY_DATA *key)
 		ASN1_TYPE *ty = NULL;
 		int numattr = sk_ASN1_TYPE_num(attr->value.set);
 		if (attr->single == 0 && numattr > 0) {
-			/* LINTED E_BAD_PTR_CAST_ALIGN */
 			ty = sk_ASN1_TYPE_value(attr->value.set, 0);
 		}
 		if (ty != NULL) {
@@ -4298,7 +4289,6 @@ convertToRawKey(EVP_PKEY *pkey, KMF_RAW_KEY_DATA *key)
 		ASN1_TYPE *ty = NULL;
 		int numattr = sk_ASN1_TYPE_num(attr->value.set);
 		if (attr->single == 0 && numattr > 0) {
-			/* LINTED E_BAD_PTR_CAST_ALIGN */
 			ty = sk_ASN1_TYPE_value(attr->value.set, 0);
 		}
 		key->id.Data = (uchar_t *)malloc(
@@ -4329,7 +4319,6 @@ convertPK12Objects(
 	int i;
 
 	for (i = 0; sslkeys != NULL && i < sk_EVP_PKEY_num(sslkeys); i++) {
-		/* LINTED E_BAD_PTR_CAST_ALIGN */
 		EVP_PKEY *pkey = sk_EVP_PKEY_value(sslkeys, i);
 		rv = convertToRawKey(pkey, &key);
 		if (rv == KMF_OK)
@@ -4341,7 +4330,6 @@ convertPK12Objects(
 
 	/* Now add the certificate to the certlist */
 	for (i = 0; sslcert != NULL && i < sk_X509_num(sslcert); i++) {
-		/* LINTED E_BAD_PTR_CAST_ALIGN */
 		X509 *cert = sk_X509_value(sslcert, i);
 		rv = add_cert_to_list(kmfh, cert, certlist, ncerts);
 		if (rv != KMF_OK)
@@ -4357,7 +4345,6 @@ convertPK12Objects(
 		 * Lint is complaining about the embedded casting, and
 		 * to fix it, you need to fix openssl header files.
 		 */
-		/* LINTED E_BAD_PTR_CAST_ALIGN */
 		c = sk_X509_value(sslcacerts, i);
 
 		/* Now add the ca cert to the certlist */
@@ -5424,7 +5411,6 @@ OpenSSL_FindCertInCRL(KMF_HANDLE_T handle, int numattr, KMF_ATTRIBUTE *attrlist)
 	}
 
 	for (i = 0; i < sk_X509_REVOKED_num(revoke_stack); i++) {
-		/* LINTED E_BAD_PTR_CAST_ALIGN */
 		revoke = sk_X509_REVOKED_value(revoke_stack, i);
 		if (ASN1_INTEGER_cmp(xcert->cert_info->serialNumber,
 		    revoke->serialNumber) == 0) {