Patch to improve behaviour in gnutls_x509_crl_set_version() when `char' is unsigned

[Laurence Withers]

Hi,

On some platforms, char can be unsigned by default (in my case I'm using gcc 
3.4.5 on arm). When that's the case, I noticed a compilation warning in 
lib/x509/crl_write.c .

The attached patch fixes the warning, but also slightly changes the way the 
test is carried out.

The documentation for the function states that the supplied version parameter 
must be 1 or 2, and implies it can be higher but not 0. The patch explicitly 
checks that version >= 1 without performing any arithmetic in a char type. If 
the check fails, the function returns with GNUTLS_E_INVALID_REQUEST, which I 
guess is the right thing to do. If the check succeeds, the previous behaviour 
is used. However, a char value of 0 is never decremented, so there is never 
any possibility of an overflow.

If this behaviour isn't really wanted, and the exact previous semantics of the 
function should be preserved (version 0 -> 0, version 1 -> 0, version 2 -> 1 
etc.) then let me know and I'll rework the patch.

Hope this helps, and bye for now,
-- 
Laurence Withers, <address@hidden>  --  jabber:address@hidden
http://www.lwithers.me.uk/                             tel:+447753988197

gnutls-2.2.5-unsigned-char-crl-version.patch
Description: Text Data