openwrt-packages-dist/libs/gnutls/patches/001-no-c99.patch

diff --git a/lib/x509/ip-in-cidr.h b/lib/x509/ip-in-cidr.h
index 778502a..7613de9 100644
--- a/lib/x509/ip-in-cidr.h
+++ b/lib/x509/ip-in-cidr.h
@@ -36,6 +36,8 @@ static unsigned ip_in_cidr(const gnutls_datum_t *ip, const gnutls_datum_t *cidr)
 {
 	char str_ip[48];
 	char str_cidr[97];
+	unsigned byte;
+
 	_gnutls_hard_log("matching %.*s with CIDR constraint %.*s\n",
 					 (int) sizeof(str_ip),
 					 _gnutls_ip_to_string(ip->data, ip->size, str_ip, sizeof(str_ip)),
@@ -43,7 +45,7 @@ static unsigned ip_in_cidr(const gnutls_datum_t *ip, const gnutls_datum_t *cidr)
 					 _gnutls_cidr_to_string(cidr->data, cidr->size, str_cidr, sizeof(str_cidr)));
 
 	unsigned ipsize = ip->size;
-	for (unsigned byte = 0; byte < ipsize; byte++)
+	for (byte = 0; byte < ipsize; byte++)
 		if (((ip->data[byte] ^ cidr->data[byte]) & cidr->data[ipsize+byte]) != 0)
 			return 0;
 
diff --git a/lib/x509/ip.c b/lib/x509/ip.c
index 9316933..b4b31a4 100644
--- a/lib/x509/ip.c
+++ b/lib/x509/ip.c
@@ -175,10 +175,13 @@ static void prefix_to_mask(unsigned prefix, unsigned char *mask, size_t mask_siz
  *
  * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
  -*/
-int _gnutls_mask_ip(unsigned char *ip, const unsigned char *mask, unsigned ipsize) {
+int _gnutls_mask_ip(unsigned char *ip, const unsigned char *mask, unsigned ipsize)
+{
+	unsigned i;
+
 	if (ipsize != 4 && ipsize != 16)
 		return GNUTLS_E_MALFORMED_CIDR;
-	for (unsigned i = 0;i  < ipsize; i++)
+	for (i = 0; i < ipsize; i++)
 		ip[i] &= mask[i];
 	return GNUTLS_E_SUCCESS;
 }
diff --git a/lib/x509/name_constraints.c b/lib/x509/name_constraints.c
index 98c0f02..196e6d9 100644
--- a/lib/x509/name_constraints.c
+++ b/lib/x509/name_constraints.c
@@ -777,6 +777,7 @@ name_constraints_intersect_nodes(name_constraints_node_st * nc1,
 	*_intersection = NULL;
 	name_constraints_node_st *to_copy = NULL;
 	unsigned iplength = 0;
+	unsigned byte;
 
 	if (nc1->type != nc2->type) {
 		return GNUTLS_E_SUCCESS;
@@ -796,7 +797,7 @@ name_constraints_intersect_nodes(name_constraints_node_st * nc1,
 		if (nc1->name.size != nc2->name.size)
 			return GNUTLS_E_SUCCESS;
 		iplength = nc1->name.size/2;
-		for (unsigned byte = 0; byte < iplength; byte++) {
+		for (byte = 0; byte < iplength; byte++) {
 			if (((nc1->name.data[byte]^nc2->name.data[byte]) // XOR of addresses
 				 & nc1->name.data[byte+iplength]  // AND mask from nc1
 				 & nc2->name.data[byte+iplength]) // AND mask from nc2
@@ -813,6 +814,8 @@ name_constraints_intersect_nodes(name_constraints_node_st * nc1,
 	}
 	// copy existing node if applicable
 	if (to_copy != NULL) {
+		unsigned byte;
+
 		*_intersection = name_constraints_node_new(to_copy->type, to_copy->name.data, to_copy->name.size);
 		if (*_intersection == NULL)
 			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
@@ -822,7 +825,7 @@ name_constraints_intersect_nodes(name_constraints_node_st * nc1,
 			_gnutls_mask_ip(intersection->name.data, intersection->name.data+iplength, iplength);
 			_gnutls_mask_ip(nc1->name.data, nc1->name.data+iplength, iplength);
 			// update intersection, if necessary (we already know one is subset of other)
-			for (unsigned byte = 0; byte < 2 * iplength; byte++) {
+			for (byte = 0; byte < 2 * iplength; byte++) {
 				intersection->name.data[byte] |= nc1->name.data[byte];
 			}
 		}