expanded comment, noting size types and API issue

diff --git a/src/src/tls-gnu.c b/src/src/tls-gnu.c
index 0ac72ad25b17e468e9833e061b2056ebbb31b5c8..b2659d7a794c208f795ab7da15404c6a8978e57f 100644 (file)
--- a/src/src/tls-gnu.c
+++ b/src/src/tls-gnu.c
@@ -512,7 +512,11 @@ if (rc < 0)
   m.data = malloc(m.size);
   if (m.data == NULL)
     return tls_error(US"memory allocation failed", strerror(errno), NULL);
   m.data = malloc(m.size);
   if (m.data == NULL)
     return tls_error(US"memory allocation failed", strerror(errno), NULL);

-  /* this will return a size 1 less than the allocation size above */
+  /* this will return a size 1 less than the allocation size above; I
+  originally used sz so as to avoid type compatibility errors, as gnutls_datum
+  uses "unsigned int" for the size field, but this call takes separate data
+  and size fields, with the latter being a size_t*.  For now, we live with
+  the error as being safer than throwing away type information. */

   rc = gnutls_dh_params_export_pkcs3(dh_server_params, GNUTLS_X509_FMT_PEM,
       m.data, &m.size);
   if (rc != GNUTLS_E_SUCCESS)
   rc = gnutls_dh_params_export_pkcs3(dh_server_params, GNUTLS_X509_FMT_PEM,
       m.data, &m.size);
   if (rc != GNUTLS_E_SUCCESS)