lib/v*: silence -Wsign-conversion, tidy-ups, fixes

lib/vauth/ntlm.c

@@ -482,9 +482,9 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data,
   CURLcode result = CURLE_OK;
   size_t size;
   unsigned char ntlmbuf[NTLM_BUFSIZE];
-  int lmrespoff;
+  unsigned int lmrespoff;
   unsigned char lmresp[24]; /* fixed-size */
-  int ntrespoff;
+  unsigned int ntrespoff;
   unsigned int ntresplen = 24;
   unsigned char ntresp[24]; /* fixed-size */
   unsigned char *ptr_ntresp = &ntresp[0];
@@ -508,7 +508,7 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data,
 
   if(user) {
     domain = userp;
-    domlen = (user - domain);
+    domlen = (size_t)(user - domain);
     user++;
   }
   else
@@ -585,7 +585,7 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data,
       return result;
 
     Curl_ntlm_core_lm_resp(lmbuffer, &ntlm->nonce[0], lmresp);
-    ntlm->flags &= ~NTLMFLAG_NEGOTIATE_NTLM2_KEY;
+    ntlm->flags &= ~(unsigned int)NTLMFLAG_NEGOTIATE_NTLM2_KEY;
 
     /* A safer but less compatible alternative is:
      *   Curl_ntlm_core_lm_resp(ntbuffer, &ntlm->nonce[0], lmresp);
@@ -605,7 +605,7 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data,
   hostoff = useroff + userlen;
 
   /* Create the big type-3 message binary blob */
-  size = msnprintf((char *)ntlmbuf, NTLM_BUFSIZE,
+  size = (size_t)msnprintf((char *)ntlmbuf, NTLM_BUFSIZE,
                    NTLMSSP_SIGNATURE "%c"
                    "\x03%c%c%c"  /* 32-bit type = 3 */
 
@@ -683,7 +683,7 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data,
                    LONGQUARTET(ntlm->flags));
 
   DEBUGASSERT(size == 64);
-  DEBUGASSERT(size == (size_t)lmrespoff);
+  DEBUGASSERT(size == lmrespoff);
 
   /* We append the binary hashes */
   if(size < (NTLM_BUFSIZE - 0x18)) {
@@ -701,7 +701,7 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data,
     failf(data, "incoming NTLM message too big");
     return CURLE_OUT_OF_MEMORY;
   }
-  DEBUGASSERT(size == (size_t)ntrespoff);
+  DEBUGASSERT(size == ntrespoff);
   memcpy(&ntlmbuf[size], ptr_ntresp, ntresplen);
   size += ntresplen;
 

lib/vauth/spnego_sspi.c

@@ -128,9 +128,9 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
 
   if(!nego->output_token) {
     /* Query the security package for Negotiate */
-    nego->status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *)
-                                                      TEXT(SP_NAME_NEGOTIATE),
-                                                      &SecurityPackage);
+    nego->status = (DWORD)s_pSecFn->QuerySecurityPackageInfo((TCHAR *)
+                                                       TEXT(SP_NAME_NEGOTIATE),
+                                                       &SecurityPackage);
     if(nego->status != SEC_E_OK) {
       failf(data, "SSPI: couldn't get auth info");
       return CURLE_AUTH_ERROR;
@@ -168,7 +168,7 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
       return CURLE_OUT_OF_MEMORY;
 
     /* Acquire our credentials handle */
-    nego->status =
+    nego->status = (DWORD)
       s_pSecFn->AcquireCredentialsHandle(NULL,
                                          (TCHAR *)TEXT(SP_NAME_NEGOTIATE),
                                          SECPKG_CRED_OUTBOUND, NULL,
@@ -218,7 +218,7 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
       SEC_CHANNEL_BINDINGS channelBindings;
       SecPkgContext_Bindings pkgBindings;
       pkgBindings.Bindings = &channelBindings;
-      nego->status = s_pSecFn->QueryContextAttributes(
+      nego->status = (DWORD)s_pSecFn->QueryContextAttributes(
           nego->sslContext,
           SECPKG_ATTR_ENDPOINT_BINDINGS,
           &pkgBindings
@@ -242,7 +242,7 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
   resp_buf.cbBuffer   = curlx_uztoul(nego->token_max);
 
   /* Generate our challenge-response message */
-  nego->status = s_pSecFn->InitializeSecurityContext(nego->credentials,
+  nego->status = (DWORD)s_pSecFn->InitializeSecurityContext(nego->credentials,
                                                      chlg ? nego->context :
                                                             NULL,
                                                      nego->spn,
@@ -259,7 +259,7 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
   if(GSS_ERROR(nego->status)) {
     char buffer[STRERROR_LEN];
     failf(data, "InitializeSecurityContext failed: %s",
-          Curl_sspi_strerror(nego->status, buffer, sizeof(buffer)));
+          Curl_sspi_strerror((int)nego->status, buffer, sizeof(buffer)));
 
     if(nego->status == (DWORD)SEC_E_INSUFFICIENT_MEMORY)
       return CURLE_OUT_OF_MEMORY;
@@ -269,11 +269,12 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
 
   if(nego->status == SEC_I_COMPLETE_NEEDED ||
      nego->status == SEC_I_COMPLETE_AND_CONTINUE) {
-    nego->status = s_pSecFn->CompleteAuthToken(nego->context, &resp_desc);
+    nego->status = (DWORD)s_pSecFn->CompleteAuthToken(nego->context,
+                                                      &resp_desc);
     if(GSS_ERROR(nego->status)) {
       char buffer[STRERROR_LEN];
       failf(data, "CompleteAuthToken failed: %s",
-            Curl_sspi_strerror(nego->status, buffer, sizeof(buffer)));
+            Curl_sspi_strerror((int)nego->status, buffer, sizeof(buffer)));
 
       if(nego->status == (DWORD)SEC_E_INSUFFICIENT_MEMORY)
         return CURLE_OUT_OF_MEMORY;

lib/vquic/curl_msh3.c

@@ -375,8 +375,8 @@ static void MSH3_CALL msh3_header_received(MSH3_REQUEST *Request,
     DEBUGASSERT(!stream->firstheader);
     stream->status_code = decode_status_code(hd->Value, hd->ValueLength);
     DEBUGASSERT(stream->status_code != -1);
-    ncopy = msnprintf(line, sizeof(line), "HTTP/3 %03d \r\n",
-                      stream->status_code);
+    ncopy = (size_t)msnprintf(line, sizeof(line), "HTTP/3 %03d \r\n",
+                              stream->status_code);
     result = write_resp_raw(data, line, ncopy);
     if(result)
       stream->recv_error = result;
@@ -672,7 +672,7 @@ static ssize_t cf_msh3_send(struct Curl_cfilter *cf, struct Curl_easy *data,
       goto out;
     }
     *err = CURLE_OK;
-    nwritten = len;
+    nwritten = (ssize_t)len;
     goto out;
   }
   else {
@@ -691,7 +691,7 @@ static ssize_t cf_msh3_send(struct Curl_cfilter *cf, struct Curl_easy *data,
     /* TODO - msh3/msquic will hold onto this memory until the send complete
        event. How do we make sure curl doesn't free it until then? */
     *err = CURLE_OK;
-    nwritten = len;
+    nwritten = (ssize_t)len;
   }
 
 out:

lib/vquic/curl_ngtcp2.c

@@ -314,8 +314,8 @@ static void pktx_update_time(struct pkt_io_ctx *pktx,
   struct cf_ngtcp2_ctx *ctx = cf->ctx;
 
   vquic_ctx_update_time(&ctx->q);
-  pktx->ts = ctx->q.last_op.tv_sec * NGTCP2_SECONDS +
-             ctx->q.last_op.tv_usec * NGTCP2_MICROSECONDS;
+  pktx->ts = (ngtcp2_tstamp)ctx->q.last_op.tv_sec * NGTCP2_SECONDS +
+             (ngtcp2_tstamp)ctx->q.last_op.tv_usec * NGTCP2_MICROSECONDS;
 }
 
 static void pktx_init(struct pkt_io_ctx *pktx,
@@ -405,7 +405,7 @@ static void quic_settings(struct cf_ngtcp2_ctx *ctx,
   }
 }
 
-static int init_ngh3_conn(struct Curl_cfilter *cf);
+static CURLcode init_ngh3_conn(struct Curl_cfilter *cf);
 
 static int cb_handshake_completed(ngtcp2_conn *tconn, void *user_data)
 {
@@ -453,8 +453,8 @@ static int cb_recv_stream_data(ngtcp2_conn *tconn, uint32_t flags,
   /* number of bytes inside buflen which consists of framing overhead
    * including QPACK HEADERS. In other words, it does not consume payload of
    * DATA frame. */
-  ngtcp2_conn_extend_max_stream_offset(tconn, stream_id, nconsumed);
-  ngtcp2_conn_extend_max_offset(tconn, nconsumed);
+  ngtcp2_conn_extend_max_stream_offset(tconn, stream_id, (uint64_t)nconsumed);
+  ngtcp2_conn_extend_max_offset(tconn, (uint64_t)nconsumed);
 
   return 0;
 }
@@ -743,7 +743,8 @@ static CURLcode check_and_set_expiry(struct Curl_cfilter *cf,
       if(timeout % NGTCP2_MILLISECONDS) {
         timeout += NGTCP2_MILLISECONDS;
       }
-      Curl_expire(data, timeout / NGTCP2_MILLISECONDS, EXPIRE_QUIC);
+      Curl_expire(data, (timediff_t)(timeout / NGTCP2_MILLISECONDS),
+                  EXPIRE_QUIC);
     }
   }
   return CURLE_OK;
@@ -1039,7 +1040,7 @@ static nghttp3_callbacks ngh3_callbacks = {
   NULL /* recv_settings */
 };
 
-static int init_ngh3_conn(struct Curl_cfilter *cf)
+static CURLcode init_ngh3_conn(struct Curl_cfilter *cf)
 {
   struct cf_ngtcp2_ctx *ctx = cf->ctx;
   CURLcode result;
@@ -1260,7 +1261,7 @@ cb_h3_read_req_body(nghttp3_conn *conn, int64_t stream_id,
                             (const unsigned char **)&vec[nvecs].base,
                             &vec[nvecs].len)) {
       stream->sendbuf_len_in_flight += vec[nvecs].len;
-      nwritten += vec[nvecs].len;
+      nwritten += (ssize_t)vec[nvecs].len;
       ++nvecs;
     }
     DEBUGASSERT(nvecs > 0); /* we SHOULD have been be able to peek */
@@ -1514,7 +1515,7 @@ static ssize_t cf_ngtcp2_send(struct Curl_cfilter *cf, struct Curl_easy *data,
     /* We have unacknowledged DATA and cannot report success to our
      * caller. Instead we EAGAIN and remember how much we have already
      * "written" into our various internal connection buffers. */
-    stream->upload_blocked_len = sent;
+    stream->upload_blocked_len = (size_t)sent;
     CURL_TRC_CF(data, cf, "[%" CURL_PRId64 "] cf_send(len=%zu), "
                 "%zu bytes in flight -> EGAIN", stream->id, len,
                 stream->sendbuf_len_in_flight);
@@ -1559,7 +1560,7 @@ static CURLcode recv_pkt(const unsigned char *pkt, size_t pktlen,
 
   ++pktx->pkt_count;
   ngtcp2_addr_init(&path.local, (struct sockaddr *)&ctx->q.local_addr,
-                   ctx->q.local_addrlen);
+                   (socklen_t)ctx->q.local_addrlen);
   ngtcp2_addr_init(&path.remote, (struct sockaddr *)remote_addr,
                    remote_addrlen);
   pi.ecn = (uint8_t)ecn;
@@ -1673,7 +1674,8 @@ static ssize_t read_pkt_to_send(void *userp,
     n = ngtcp2_conn_writev_stream(ctx->qconn, &x->ps.path,
                                   NULL, buf, buflen,
                                   &ndatalen, flags, stream_id,
-                                  (const ngtcp2_vec *)vec, veccnt, x->ts);
+                                  (const ngtcp2_vec *)vec, (size_t)veccnt,
+                                  x->ts);
     if(n == 0) {
       /* nothing to send */
       *err = CURLE_AGAIN;
@@ -1718,7 +1720,8 @@ static ssize_t read_pkt_to_send(void *userp,
 
     if(ndatalen >= 0) {
       /* we add the amount of data bytes to the flow windows */
-      int rv = nghttp3_conn_add_write_offset(ctx->h3conn, stream_id, ndatalen);
+      int rv = nghttp3_conn_add_write_offset(ctx->h3conn, stream_id,
+                                             (size_t)ndatalen);
       if(rv) {
         failf(x->data, "nghttp3_conn_add_write_offset returned error: %s\n",
               nghttp3_strerror(rv));
@@ -1815,7 +1818,7 @@ static CURLcode cf_progress_egress(struct Curl_cfilter *cf,
        * just added were PMTUD and the last one is smaller.
        * Flush the buffer before the last add. */
       curlcode = vquic_send_tail_split(cf, data, &ctx->q,
-                                       gsolen, nread, nread);
+                                       gsolen, (size_t)nread, (size_t)nread);
       if(curlcode) {
         if(curlcode == CURLE_AGAIN) {
           Curl_expire(data, 1, EXPIRE_QUIC);
@@ -1900,7 +1903,7 @@ static CURLcode cf_ngtcp2_data_event(struct Curl_cfilter *cf,
     struct h3_stream_ctx *stream = H3_STREAM_CTX(ctx, data);
     if(stream && !stream->send_closed) {
       stream->send_closed = TRUE;
-      stream->upload_left = Curl_bufq_len(&stream->sendbuf);
+      stream->upload_left = (curl_off_t)Curl_bufq_len(&stream->sendbuf);
       (void)nghttp3_conn_resume_stream(ctx->h3conn, stream->id);
     }
     break;
@@ -2124,7 +2127,7 @@ static CURLcode cf_connect_start(struct Curl_cfilter *cf,
                    (struct sockaddr *)&ctx->q.local_addr,
                    ctx->q.local_addrlen);
   ngtcp2_addr_init(&ctx->connected_path.remote,
-                   &sockaddr->sa_addr, sockaddr->addrlen);
+                   &sockaddr->sa_addr, (socklen_t)sockaddr->addrlen);
 
   rc = ngtcp2_conn_client_new(&ctx->qconn, &ctx->dcid, &ctx->scid,
                               &ctx->connected_path,
@@ -2268,7 +2271,7 @@ static CURLcode cf_ngtcp2_query(struct Curl_cfilter *cf,
       *pres1 = (max_streams > INT_MAX)? INT_MAX : (int)max_streams;
     }
     else  /* transport params not arrived yet? take our default. */
-      *pres1 = Curl_multi_max_concurrent_streams(data->multi);
+      *pres1 = (int)Curl_multi_max_concurrent_streams(data->multi);
     CURL_TRC_CF(data, cf, "query conn[%" CURL_FORMAT_CURL_OFF_T "]: "
                 "MAX_CONCURRENT -> %d (%zu in use)",
                 cf->conn->connection_id, *pres1, CONN_INUSE(cf->conn));

lib/vquic/curl_osslq.c

@@ -232,7 +232,7 @@ static CURLcode cf_osslq_stream_open(struct cf_osslq_stream *s,
   if(!s->ssl) {
     return CURLE_FAILED_INIT;
   }
-  s->id = SSL_get_stream_id(s->ssl);
+  s->id = (curl_int64_t)SSL_get_stream_id(s->ssl);
   SSL_set_app_data(s->ssl, user_data);
   return CURLE_OK;
 }
@@ -355,7 +355,7 @@ static CURLcode cf_osslq_h3conn_add_stream(struct cf_osslq_h3conn *h3,
                                            struct Curl_easy *data)
 {
   struct cf_osslq_ctx *ctx = cf->ctx;
-  int64_t stream_id = SSL_get_stream_id(stream_ssl);
+  int64_t stream_id = (int64_t)SSL_get_stream_id(stream_ssl);
 
   if(h3->remote_ctrl_n >= ARRAYSIZE(h3->remote_ctrl)) {
     /* rejected, we are full */
@@ -780,8 +780,8 @@ static int cb_h3_recv_header(nghttp3_conn *conn, int64_t sid,
                                      (const char *)h3val.base, h3val.len);
     if(result)
       return -1;
-    ncopy = msnprintf(line, sizeof(line), "HTTP/3 %03d \r\n",
-                      stream->status_code);
+    ncopy = (size_t)msnprintf(line, sizeof(line), "HTTP/3 %03d \r\n",
+                              stream->status_code);
     CURL_TRC_CF(data, cf, "[%" CURL_PRId64 "] status: %s", stream_id, line);
     result = write_resp_raw(cf, data, line, ncopy, FALSE);
     if(result) {
@@ -922,7 +922,7 @@ cb_h3_read_req_body(nghttp3_conn *conn, int64_t stream_id,
                             (const unsigned char **)&vec[nvecs].base,
                             &vec[nvecs].len)) {
       stream->sendbuf_len_in_flight += vec[nvecs].len;
-      nwritten += vec[nvecs].len;
+      nwritten += (ssize_t)vec[nvecs].len;
       ++nvecs;
     }
     DEBUGASSERT(nvecs > 0); /* we SHOULD have been be able to peek */
@@ -1923,7 +1923,7 @@ static ssize_t cf_osslq_send(struct Curl_cfilter *cf, struct Curl_easy *data,
     /* We have unacknowledged DATA and cannot report success to our
      * caller. Instead we EAGAIN and remember how much we have already
      * "written" into our various internal connection buffers. */
-    stream->upload_blocked_len = nwritten;
+    stream->upload_blocked_len = (size_t)nwritten;
     CURL_TRC_CF(data, cf, "[%" CURL_PRId64 "] cf_send(len=%zu), "
                 "%zu bytes in flight -> EGAIN", stream->s.id, len,
                 stream->sendbuf_len_in_flight);
@@ -2090,7 +2090,7 @@ static CURLcode cf_osslq_data_event(struct Curl_cfilter *cf,
     struct h3_stream_ctx *stream = H3_STREAM_CTX(ctx, data);
     if(stream && !stream->send_closed) {
       stream->send_closed = TRUE;
-      stream->upload_left = Curl_bufq_len(&stream->sendbuf);
+      stream->upload_left = (curl_off_t)Curl_bufq_len(&stream->sendbuf);
       (void)nghttp3_conn_resume_stream(ctx->h3.conn, stream->s.id);
     }
     break;

lib/vquic/vquic-tls.c

@@ -211,7 +211,7 @@ static CURLcode curl_wssl_init_ssl(struct curl_tls_ctx *ctx,
 
   if(alpn)
     wolfSSL_set_alpn_protos(ctx->ssl, (const unsigned char *)alpn,
-                            (int)alpn_len);
+                            (unsigned int)alpn_len);
 
   if(peer->sni) {
     wolfSSL_UseSNI(ctx->ssl, WOLFSSL_SNI_HOST_NAME,