krb5 commit: Fix various warnings
Greg Hudson
ghudson at MIT.EDU
Fri Jun 7 16:38:35 EDT 2013
https://github.com/krb5/krb5/commit/e51c089b745161dd6e1d64998e99d065fc22377e
commit e51c089b745161dd6e1d64998e99d065fc22377e
Author: Greg Hudson <ghudson at mit.edu>
Date: Fri Jun 7 15:17:31 2013 -0400
Fix various warnings
src/appl/gss-sample/gss-misc.c | 20 ++++----
src/appl/gss-sample/gss-server.c | 8 ++--
src/include/k5-int.h | 9 ++--
src/kadmin/dbutil/kdb5_create.c | 3 +-
src/kadmin/dbutil/kdb5_mkey.c | 4 +-
src/kadmin/dbutil/ovload.c | 2 +-
src/kadmin/server/ipropd_svc.c | 3 +-
src/kadmin/server/misc.c | 7 +--
src/kadmin/server/ovsec_kadmd.c | 9 ++--
src/kdc/main.c | 2 -
src/lib/apputils/net-server.c | 46 -----------------
src/lib/crypto/builtin/camellia/camellia-gen.c | 31 +++++++-----
src/lib/crypto/crypto_tests/aes-test.c | 2 +-
src/lib/crypto/crypto_tests/t_cts.c | 4 +-
src/lib/crypto/crypto_tests/t_hmac.c | 5 +-
src/lib/crypto/krb/aead.c | 2 +-
src/lib/gssapi/krb5/accept_sec_context.c | 2 -
src/lib/gssapi/krb5/gssapi_krb5.c | 3 -
src/lib/gssapi/spnego/spnego_mech.c | 10 +---
src/lib/kadm5/clnt/client_init.c | 17 ++-----
src/lib/kadm5/kadm_rpc_xdr.c | 3 +-
src/lib/kadm5/srv/server_acl.c | 2 +-
src/lib/kadm5/srv/server_kdb.c | 4 +-
src/lib/kadm5/srv/svr_principal.c | 13 +++--
src/lib/kdb/iprop_xdr.c | 16 +-----
src/lib/krb5/ccache/cc_keyring.c | 53 +++++---------------
src/lib/krb5/ccache/t_cc.c | 4 +-
src/lib/krb5/krb/t_deltat.c | 6 +-
src/lib/krb5/krb/t_ser.c | 4 +-
src/lib/krb5/os/localaddr.c | 8 +--
src/lib/krb5/rcache/rc_io.c | 3 +-
src/lib/rpc/auth_gss.c | 7 +--
src/lib/rpc/pmap_rmt.c | 13 +----
src/lib/rpc/svc_auth_gss.c | 4 +-
src/lib/rpc/svc_udp.c | 6 ++-
src/lib/rpc/unit-test/client.c | 4 +-
src/lib/rpc/xdr_mem.c | 4 +-
src/lib/rpc/xdr_rec.c | 4 +-
src/lib/rpc/xdr_sizeof.c | 8 ++--
src/plugins/kdb/ldap/ldap_util/kdb5_ldap_list.c | 3 -
src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c | 8 ++--
src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c | 8 ++-
src/plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c | 34 ++++++++-----
src/plugins/kdb/ldap/libkdb_ldap/ldap_realm.c | 20 +------
.../kdb/ldap/libkdb_ldap/ldap_service_stash.c | 4 +-
src/plugins/kdb/ldap/libkdb_ldap/princ_xdr.c | 2 +-
src/plugins/preauth/pkinit/pkinit_accessor.c | 4 +-
src/plugins/preauth/pkinit/pkinit_accessor.h | 4 +-
src/plugins/preauth/pkinit/pkinit_crypto_nss.c | 6 +-
src/plugins/preauth/pkinit/pkinit_crypto_openssl.c | 6 +-
src/slave/kprop.c | 4 +-
src/tests/dejagnu/t_inetd.c | 2 +-
src/tests/gssapi/common.c | 6 +-
src/util/profile/test_profile.c | 16 +++---
54 files changed, 177 insertions(+), 305 deletions(-)
diff --git a/src/appl/gss-sample/gss-misc.c b/src/appl/gss-sample/gss-misc.c
index 98d2045..3a87fcd 100644
--- a/src/appl/gss-sample/gss-misc.c
+++ b/src/appl/gss-sample/gss-misc.c
@@ -86,10 +86,10 @@ gss_buffer_t empty_token = &empty_token_buf;
static void display_status_1(char *m, OM_uint32 code, int type);
static int
-write_all(int fildes, char *buf, unsigned int nbyte)
+write_all(int fildes, const void *data, unsigned int nbyte)
{
- int ret;
- char *ptr;
+ int ret;
+ const char *ptr, *buf = data;
for (ptr = buf; nbyte; ptr += ret, nbyte -= ret) {
ret = send(fildes, ptr, nbyte, 0);
@@ -106,10 +106,10 @@ write_all(int fildes, char *buf, unsigned int nbyte)
}
static int
-read_all(int fildes, char *buf, unsigned int nbyte)
+read_all(int fildes, void *data, unsigned int nbyte)
{
int ret;
- char *ptr;
+ char *ptr, *buf = data;
fd_set rfds;
struct timeval tv;
@@ -195,7 +195,7 @@ send_token(s, flags, tok)
if (ret < 0) {
perror("sending token data");
return -1;
- } else if (ret != tok->length) {
+ } else if ((size_t)ret != tok->length) {
if (display_file)
fprintf(display_file,
"sending token data: %d of %d bytes written\n",
@@ -292,7 +292,7 @@ recv_token(s, flags, tok)
perror("reading token data");
free(tok->value);
return -1;
- } else if (ret != tok->length) {
+ } else if ((size_t)ret != tok->length) {
fprintf(stderr, "sending token data: %d of %d bytes written\n",
ret, (int) tok->length);
free(tok->value);
@@ -308,14 +308,14 @@ display_status_1(m, code, type)
OM_uint32 code;
int type;
{
- OM_uint32 maj_stat, min_stat;
+ OM_uint32 min_stat;
gss_buffer_desc msg;
OM_uint32 msg_ctx;
msg_ctx = 0;
while (1) {
- maj_stat = gss_display_status(&min_stat, code,
- type, GSS_C_NULL_OID, &msg_ctx, &msg);
+ (void) gss_display_status(&min_stat, code, type, GSS_C_NULL_OID,
+ &msg_ctx, &msg);
if (display_file)
fprintf(display_file, "GSS-API error %s: %s\n", m,
(char *) msg.value);
diff --git a/src/appl/gss-sample/gss-server.c b/src/appl/gss-sample/gss-server.c
index ed78be5..3c116de 100644
--- a/src/appl/gss-sample/gss-server.c
+++ b/src/appl/gss-sample/gss-server.c
@@ -889,13 +889,13 @@ static OM_uint32
showLocalIdentity(OM_uint32 *minor, gss_name_t name)
{
OM_uint32 major;
- gss_buffer_desc localname;
+ gss_buffer_desc buf;
- major = gss_localname(minor, name, GSS_C_NO_OID, &localname);
+ major = gss_localname(minor, name, GSS_C_NO_OID, &buf);
if (major == GSS_S_COMPLETE)
- printf("localname: %-*s\n", (int)localname.length, localname.value);
+ printf("localname: %-*s\n", (int)buf.length, (char *)buf.value);
else if (major != GSS_S_UNAVAILABLE)
display_status("gss_localname", major, *minor);
- gss_release_buffer(minor, &localname);
+ gss_release_buffer(minor, &buf);
return major;
}
diff --git a/src/include/k5-int.h b/src/include/k5-int.h
index 37bd9ff..73f404b 100644
--- a/src/include/k5-int.h
+++ b/src/include/k5-int.h
@@ -1772,7 +1772,7 @@ typedef struct _krb5int_access {
krb5_data **code);
krb5_error_code
- (*asn1_ldap_decode_sequence_of_keys)(krb5_data *in,
+ (*asn1_ldap_decode_sequence_of_keys)(const krb5_data *in,
ldap_seqof_key_data **);
/*
@@ -1814,13 +1814,12 @@ typedef struct _krb5int_access {
krb5_data **code);
krb5_error_code
- (*encode_krb5_td_dh_parameters)(const krb5_algorithm_identifier **,
+ (*encode_krb5_td_dh_parameters)(krb5_algorithm_identifier *const *,
krb5_data **code);
krb5_error_code
- (*encode_krb5_td_trusted_certifiers)(const
- krb5_external_principal_identifier **,
- krb5_data **code);
+ (*encode_krb5_td_trusted_certifiers)(krb5_external_principal_identifier *
+ const *, krb5_data **code);
krb5_error_code
(*decode_krb5_auth_pack)(const krb5_data *, krb5_auth_pack **);
diff --git a/src/kadmin/dbutil/kdb5_create.c b/src/kadmin/dbutil/kdb5_create.c
index cbdea16..96275ca 100644
--- a/src/kadmin/dbutil/kdb5_create.c
+++ b/src/kadmin/dbutil/kdb5_create.c
@@ -264,8 +264,7 @@ void kdb5_create(argc, argv)
rblock.key = &master_keyblock;
- seed.length = master_keyblock.length;
- seed.data = master_keyblock.contents;
+ seed = make_data(master_keyblock.contents, master_keyblock.length);
if ((retval = krb5_c_random_seed(util_context, &seed))) {
com_err(progname, retval,
diff --git a/src/kadmin/dbutil/kdb5_mkey.c b/src/kadmin/dbutil/kdb5_mkey.c
index 21f8073..4edacb6 100644
--- a/src/kadmin/dbutil/kdb5_mkey.c
+++ b/src/kadmin/dbutil/kdb5_mkey.c
@@ -73,7 +73,7 @@ add_new_mkey(krb5_context context, krb5_db_entry *master_entry,
krb5_error_code retval = 0;
int old_key_data_count, i;
krb5_kvno new_mkey_kvno;
- krb5_key_data tmp_key_data, *old_key_data;
+ krb5_key_data tmp_key_data;
krb5_mkey_aux_node *mkey_aux_data_head = NULL, **mkey_aux_data;
krb5_keylist_node *keylist_node;
krb5_keylist_node *master_keylist = krb5_db_mkey_list_alias(context);
@@ -84,9 +84,7 @@ add_new_mkey(krb5_context context, krb5_db_entry *master_entry,
if (use_mkvno != 0 && new_mkey_kvno != use_mkvno)
return (KRB5_KDB_KVNONOMATCH);
- /* save the old keydata */
old_key_data_count = master_entry->n_key_data;
- old_key_data = master_entry->key_data;
/* alloc enough space to hold new and existing key_data */
/*
diff --git a/src/kadmin/dbutil/ovload.c b/src/kadmin/dbutil/ovload.c
index d514f8c..b972cc5 100644
--- a/src/kadmin/dbutil/ovload.c
+++ b/src/kadmin/dbutil/ovload.c
@@ -111,7 +111,7 @@ int process_ov_principal(kcontext, fname, filep, verbose, linenop)
krb5_db_entry *kdb = NULL;
char *current = 0;
char *cp;
- int x;
+ unsigned int x;
char line[LINESIZE];
if (fgets(line, LINESIZE, filep) == (char *) NULL) {
diff --git a/src/kadmin/server/ipropd_svc.c b/src/kadmin/server/ipropd_svc.c
index 008bff0..4a25998 100644
--- a/src/kadmin/server/ipropd_svc.c
+++ b/src/kadmin/server/ipropd_svc.c
@@ -473,7 +473,7 @@ check_iprop_rpcsec_auth(struct svc_req *rqstp)
gss_name_t name;
krb5_principal princ;
int ret, success;
- krb5_data *c1, *c2, *realm;
+ krb5_data *c1, *realm;
gss_buffer_desc gss_str;
kadm5_server_handle_t handle;
size_t slen;
@@ -514,7 +514,6 @@ check_iprop_rpcsec_auth(struct svc_req *rqstp)
goto fail_princ;
c1 = krb5_princ_component(kctx, princ, 0);
- c2 = krb5_princ_component(kctx, princ, 1);
realm = krb5_princ_realm(kctx, princ);
if (strncmp(handle->params.realm, realm->data, realm->length) == 0
&& strncmp("kiprop", c1->data, c1->length) == 0) {
diff --git a/src/kadmin/server/misc.c b/src/kadmin/server/misc.c
index b9212fa..192145c 100644
--- a/src/kadmin/server/misc.c
+++ b/src/kadmin/server/misc.c
@@ -186,16 +186,15 @@ check_min_life(void *server_handle, krb5_principal principal,
!(princ.attributes & KRB5_KDB_REQUIRES_PWCHANGE)) {
if (msg_ret != NULL) {
time_t until;
- char *time_string, *ptr, *errstr;
+ char *time_string, *ptr;
+ const char *errstr;
until = princ.last_pwd_change + pol.pw_min_life;
time_string = ctime(&until);
errstr = error_message(CHPASS_UTIL_PASSWORD_TOO_SOON);
- if (strlen(errstr) + strlen(time_string) >= msg_len) {
- *errstr = '\0';
- } else {
+ if (strlen(errstr) + strlen(time_string) < msg_len) {
if (*(ptr = &time_string[strlen(time_string)-1]) == '\n')
*ptr = '\0';
snprintf(msg_ret, msg_len, errstr, time_string);
diff --git a/src/kadmin/server/ovsec_kadmd.c b/src/kadmin/server/ovsec_kadmd.c
index dad7248..37e6631 100644
--- a/src/kadmin/server/ovsec_kadmd.c
+++ b/src/kadmin/server/ovsec_kadmd.c
@@ -150,15 +150,14 @@ static void display_status_1(m, code, type)
OM_uint32 code;
int type;
{
- OM_uint32 maj_stat, min_stat;
+ OM_uint32 min_stat;
gss_buffer_desc msg;
OM_uint32 msg_ctx;
msg_ctx = 0;
while (1) {
- maj_stat = gss_display_status(&min_stat, code,
- type, GSS_C_NULL_OID,
- &msg_ctx, &msg);
+ (void) gss_display_status(&min_stat, code, type, GSS_C_NULL_OID,
+ &msg_ctx, &msg);
fprintf(stderr, _("GSS-API error %s: %s\n"), m, (char *)msg.value);
(void) gss_release_buffer(&min_stat, &msg);
@@ -223,7 +222,7 @@ int main(int argc, char *argv[])
kadm5_config_params params;
char **db_args = NULL;
int db_args_size = 0;
- char *errmsg;
+ const char *errmsg;
int i;
int strong_random = 1;
const char *pid_file = NULL;
diff --git a/src/kdc/main.c b/src/kdc/main.c
index 6c115a9..950fa41 100644
--- a/src/kdc/main.c
+++ b/src/kdc/main.c
@@ -119,12 +119,10 @@ find_realm_data(struct server_handle *handle, char *rname, krb5_ui_4 rsize)
kdc_realm_t *
setup_server_realm(struct server_handle *handle, krb5_principal sprinc)
{
- krb5_error_code kret;
kdc_realm_t *newrealm;
kdc_realm_t **kdc_realmlist = handle->kdc_realmlist;
int kdc_numrealms = handle->kdc_numrealms;
- kret = 0;
if (kdc_numrealms > 1) {
if (!(newrealm = find_realm_data(handle, sprinc->realm.data,
(krb5_ui_4) sprinc->realm.length)))
diff --git a/src/lib/apputils/net-server.c b/src/lib/apputils/net-server.c
index f69320a..7780b8a 100644
--- a/src/lib/apputils/net-server.c
+++ b/src/lib/apputils/net-server.c
@@ -980,52 +980,6 @@ setup_udp_port(void *P_data, struct sockaddr *addr)
return setup_udp_port_1(data, addr, haddrbuf, 0);
}
-#if 1
-static void
-klog_handler(const void *data, size_t len)
-{
- static char buf[BUFSIZ];
- static int bufoffset;
- void *p;
-
-#define flush_buf() \
- (bufoffset \
- ? (((buf[0] == 0 || buf[0] == '\n') \
- ? (fork()==0?abort():(void)0) \
- : (void)0), \
- krb5_klog_syslog(LOG_INFO, "%s", buf), \
- memset(buf, 0, sizeof(buf)), \
- bufoffset = 0) \
- : 0)
-
- p = memchr(data, 0, len);
- if (p)
- len = (const char *)p - (const char *)data;
-scan_for_newlines:
- if (len == 0)
- return;
- p = memchr(data, '\n', len);
- if (p) {
- if (p != data)
- klog_handler(data, (size_t)((const char *)p - (const char *)data));
- flush_buf();
- len -= ((const char *)p - (const char *)data) + 1;
- data = 1 + (const char *)p;
- goto scan_for_newlines;
- } else if (len > sizeof(buf) - 1 || len + bufoffset > sizeof(buf) - 1) {
- size_t x = sizeof(buf) - len - 1;
- klog_handler(data, x);
- flush_buf();
- len -= x;
- data = (const char *)data + x;
- goto scan_for_newlines;
- } else {
- memcpy(buf + bufoffset, data, len);
- bufoffset += len;
- }
-}
-#endif
-
#ifdef HAVE_STRUCT_RT_MSGHDR
#include <net/route.h>
diff --git a/src/lib/crypto/builtin/camellia/camellia-gen.c b/src/lib/crypto/builtin/camellia/camellia-gen.c
index 1446d77..23b69c1 100644
--- a/src/lib/crypto/builtin/camellia/camellia-gen.c
+++ b/src/lib/crypto/builtin/camellia/camellia-gen.c
@@ -21,7 +21,8 @@ camellia_ctx ctx, dctx;
static void init ()
{
- int i, j, r;
+ size_t i, j;
+ cam_rval r;
srand(42);
for (i = 0; i < 16; i++)
@@ -40,7 +41,7 @@ static void init ()
static void hexdump(const unsigned char *ptr, size_t len)
{
- int i;
+ size_t i;
for (i = 0; i < len; i++)
printf ("%s%02X", (i % 16 == 0) ? "\n " : " ", ptr[i]);
}
@@ -89,7 +90,7 @@ static void fips_test ()
static void
xor (unsigned char *out, const unsigned char *a, const unsigned char *b)
{
- int i;
+ size_t i;
for (i = 0; i < B; i++)
out[i] = a[i] ^ b[i];
}
@@ -97,7 +98,8 @@ xor (unsigned char *out, const unsigned char *a, const unsigned char *b)
static void
ecb_enc (unsigned char *out, unsigned char *in, unsigned int len)
{
- int i, r;
+ size_t i;
+ cam_rval r;
for (i = 0; i < len; i += 16) {
r = camellia_enc_blk (in + i, out + i, &ctx);
if (!r) fprintf(stderr, "error, line %d\n", __LINE__), exit(1);
@@ -108,7 +110,8 @@ ecb_enc (unsigned char *out, unsigned char *in, unsigned int len)
static void
ecb_dec (unsigned char *out, unsigned char *in, unsigned int len)
{
- int i, r;
+ size_t i;
+ cam_rval r;
for (i = 0; i < len; i += 16) {
r = camellia_dec_blk (in + i, out + i, &dctx);
if (!r) fprintf(stderr, "error, line %d\n", __LINE__), exit(1);
@@ -125,7 +128,8 @@ static void
cbc_enc (unsigned char *out, unsigned char *in, unsigned char *iv,
unsigned int len)
{
- int i, r;
+ size_t i;
+ cam_rval r;
unsigned char tmp[B];
D(iv);
memcpy (tmp, iv, B);
@@ -145,7 +149,8 @@ static void
cbc_dec (unsigned char *out, unsigned char *in, unsigned char *iv,
unsigned int len)
{
- int i, r;
+ size_t i;
+ cam_rval r;
unsigned char tmp[B];
memcpy (tmp, iv, B);
for (i = 0; i < len; i += B) {
@@ -231,7 +236,7 @@ cts_dec (unsigned char *out, unsigned char *in, unsigned char *iv,
static void ecb_test ()
{
- int testno;
+ size_t testno;
unsigned char tmp[4*B];
printf ("ECB tests:\n");
@@ -239,7 +244,7 @@ static void ecb_test ()
hexdump (key, sizeof(key));
for (testno = 0; testno < NTESTS; testno++) {
unsigned len = (test_case_len[testno] + 15) & ~15;
- printf ("\ntest %d - %d bytes\n", testno, len);
+ printf ("\ntest %d - %d bytes\n", (int)testno, len);
printf ("input:");
hexdump (test_case[testno].input, len);
printf ("\n");
@@ -262,7 +267,7 @@ unsigned char ivec[16] = { 0 };
static void cbc_test ()
{
- int testno;
+ size_t testno;
unsigned char tmp[4*B];
printf ("CBC tests:\n");
@@ -270,7 +275,7 @@ static void cbc_test ()
hexdump (ivec, sizeof(ivec));
for (testno = 0; testno < NTESTS; testno++) {
unsigned len = (test_case_len[testno] + 15) & ~15;
- printf ("\ntest %d - %d bytes\n", testno, len);
+ printf ("\ntest %d - %d bytes\n", (int)testno, len);
printf ("input:");
hexdump (test_case[testno].input, len);
printf ("\n");
@@ -291,7 +296,7 @@ static void cbc_test ()
static void cts_test ()
{
- int testno;
+ size_t testno;
unsigned char tmp[4*B];
printf ("CTS tests:\n");
@@ -299,7 +304,7 @@ static void cts_test ()
hexdump (ivec, sizeof(ivec));
for (testno = 0; testno < NTESTS; testno++) {
unsigned int len = test_case_len[testno];
- printf ("\ntest %d - %d bytes\n", testno, len);
+ printf ("\ntest %d - %d bytes\n", (int)testno, len);
printf ("input:");
hexdump (test_case[testno].input, len);
printf ("\n");
diff --git a/src/lib/crypto/crypto_tests/aes-test.c b/src/lib/crypto/crypto_tests/aes-test.c
index 1ed033b..a7382a4 100644
--- a/src/lib/crypto/crypto_tests/aes-test.c
+++ b/src/lib/crypto/crypto_tests/aes-test.c
@@ -39,7 +39,7 @@ static krb5_keyblock enc_key;
static krb5_data ivec;
static void init()
{
- enc_key.contents = key;
+ enc_key.contents = (krb5_octet *)key;
enc_key.length = 16;
ivec.data = zero;
ivec.length = 16;
diff --git a/src/lib/crypto/crypto_tests/t_cts.c b/src/lib/crypto/crypto_tests/t_cts.c
index f2a3012..2b022b4 100644
--- a/src/lib/crypto/crypto_tests/t_cts.c
+++ b/src/lib/crypto/crypto_tests/t_cts.c
@@ -121,11 +121,11 @@ static void test_cts()
iov.flags = KRB5_CRYPTO_TYPE_DATA;
iov.data.data = outbuf;
- in.data = input;
+ in.data = (char *)input;
enciv.length = deciv.length = 16;
enciv.data = encivbuf;
deciv.data = decivbuf;
- keyblock.contents = aeskey;
+ keyblock.contents = (krb5_octet *)aeskey;
keyblock.length = 16;
keyblock.enctype = ENCTYPE_AES128_CTS_HMAC_SHA1_96;
diff --git a/src/lib/crypto/crypto_tests/t_hmac.c b/src/lib/crypto/crypto_tests/t_hmac.c
index cd79dc3..65efa60 100644
--- a/src/lib/crypto/crypto_tests/t_hmac.c
+++ b/src/lib/crypto/crypto_tests/t_hmac.c
@@ -233,10 +233,9 @@ static void test_hmac()
};
for (i = 0; i < sizeof(md5tests)/sizeof(md5tests[0]); i++) {
- key.contents = md5tests[i].key;
+ key.contents = (krb5_octet *)md5tests[i].key;
key.length = md5tests[i].key_len;
- in.data = md5tests[i].data;
- in.length = md5tests[i].data_len;
+ in = make_data((char *)md5tests[i].data, md5tests[i].data_len);
out.data = outbuf;
out.length = 20;
diff --git a/src/lib/crypto/krb/aead.c b/src/lib/crypto/krb/aead.c
index 935125d..9d4e206 100644
--- a/src/lib/crypto/krb/aead.c
+++ b/src/lib/crypto/krb/aead.c
@@ -141,7 +141,7 @@ krb5int_c_padding_length(const struct krb5_keytypes *ktp, size_t data_length)
static size_t
next_iov_to_process(struct iov_cursor *cursor, size_t ind)
{
- krb5_crypto_iov *iov;
+ const krb5_crypto_iov *iov;
for (; ind < cursor->iov_count; ind++) {
iov = &cursor->iov[ind];
diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c
index ae55297..42ac122 100644
--- a/src/lib/gssapi/krb5/accept_sec_context.c
+++ b/src/lib/gssapi/krb5/accept_sec_context.c
@@ -441,7 +441,6 @@ kg_accept_krb5(minor_status, context_handle,
char *sptr;
OM_uint32 tmp;
size_t md5len;
- int bigend;
krb5_gss_cred_id_t cred = 0;
krb5_data ap_rep, ap_req;
unsigned int i;
@@ -698,7 +697,6 @@ kg_accept_krb5(minor_status, context_handle,
}
gss_flags = GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG | GSS_C_SEQUENCE_FLAG;
- bigend = 0;
decode_req_message = 0;
} else {
/* gss krb5 v1 */
diff --git a/src/lib/gssapi/krb5/gssapi_krb5.c b/src/lib/gssapi/krb5/gssapi_krb5.c
index 04d70a6..a1bb92d 100644
--- a/src/lib/gssapi/krb5/gssapi_krb5.c
+++ b/src/lib/gssapi/krb5/gssapi_krb5.c
@@ -405,7 +405,6 @@ krb5_gss_inquire_cred_by_oid(OM_uint32 *minor_status,
gss_buffer_set_t *data_set)
{
OM_uint32 major_status = GSS_S_FAILURE;
- krb5_gss_cred_id_t cred;
#if 0
size_t i;
#endif
@@ -431,8 +430,6 @@ krb5_gss_inquire_cred_by_oid(OM_uint32 *minor_status,
if (GSS_ERROR(major_status))
return major_status;
- cred = (krb5_gss_cred_id_t) cred_handle;
-
#if 0
for (i = 0; i < sizeof(krb5_gss_inquire_cred_by_oid_ops)/
sizeof(krb5_gss_inquire_cred_by_oid_ops[0]); i++) {
diff --git a/src/lib/gssapi/spnego/spnego_mech.c b/src/lib/gssapi/spnego/spnego_mech.c
index 81f7a3a..33c8c88 100644
--- a/src/lib/gssapi/spnego/spnego_mech.c
+++ b/src/lib/gssapi/spnego/spnego_mech.c
@@ -1124,7 +1124,6 @@ make_NegHints(OM_uint32 *minor_status,
OM_uint32 minor;
unsigned int tlen = 0;
unsigned int hintNameSize = 0;
- unsigned int negHintsSize = 0;
unsigned char *ptr;
unsigned char *t;
@@ -1208,7 +1207,6 @@ make_NegHints(OM_uint32 *minor_status,
/* Length of DER encoded hintName */
tlen += 1 + gssint_der_length_size(hintNameSize);
- negHintsSize = tlen;
t = gssalloc_malloc(tlen);
if (t == NULL) {
@@ -1619,7 +1617,6 @@ spnego_gss_accept_sec_context(
gss_buffer_desc mechtok_out = GSS_C_EMPTY_BUFFER;
spnego_gss_ctx_id_t sc = NULL;
spnego_gss_cred_id_t spcred = NULL;
- OM_uint32 mechstat = GSS_S_FAILURE;
int sendTokenInit = 0, tmpret;
mechtok_in = mic_in = mic_out = GSS_C_NO_BUFFER;
@@ -1718,15 +1715,12 @@ spnego_gss_accept_sec_context(
* round-trip. RET is set to a default value according to
* whether it is the first round-trip.
*/
- mechstat = GSS_S_FAILURE;
if (negState != REQUEST_MIC && mechtok_in != GSS_C_NO_BUFFER) {
ret = acc_ctx_call_acc(minor_status, sc, spcred,
mechtok_in, mech_type, &mechtok_out,
ret_flags, time_rec,
delegated_cred_handle,
&negState, &return_token);
- } else if (negState == REQUEST_MIC) {
- mechstat = GSS_S_CONTINUE_NEEDED;
}
/* Step 3: process or generate the MIC, if the negotiated mech is
@@ -4008,10 +4002,10 @@ g_verify_neg_token_init(unsigned char **buf_in, unsigned int cur_size)
* - check for a0(context specific identifier)
* - get length and verify that enoughd ata exists
*/
- if (g_get_tag_and_length(&buf, CONTEXT, cur_size, &seqsize) < 0)
+ if (g_get_tag_and_length(&buf, CONTEXT, cur_size, &bytes) < 0)
return (G_BAD_TOK_HEADER);
- cur_size = seqsize; /* should indicate bytes remaining */
+ cur_size = bytes; /* should indicate bytes remaining */
/*
* Verify the next piece, it should identify this as
diff --git a/src/lib/kadm5/clnt/client_init.c b/src/lib/kadm5/clnt/client_init.c
index adc050c..9d51991 100644
--- a/src/lib/kadm5/clnt/client_init.c
+++ b/src/lib/kadm5/clnt/client_init.c
@@ -613,7 +613,6 @@ static kadm5_ret_t
setup_gss(kadm5_server_handle_t handle, kadm5_config_params *params_in,
char *client_name, char *full_svcname)
{
- kadm5_ret_t code;
OM_uint32 gssstat, minor_stat;
gss_buffer_desc buf;
gss_name_t gss_client;
@@ -622,7 +621,6 @@ setup_gss(kadm5_server_handle_t handle, kadm5_config_params *params_in,
const char *c_ccname_orig;
char *ccname_orig;
- code = KADM5_GSS_ERROR;
gss_client_creds = GSS_C_NO_CREDENTIAL;
ccname_orig = NULL;
gss_client = gss_target = GSS_C_NO_NAME;
@@ -630,10 +628,8 @@ setup_gss(kadm5_server_handle_t handle, kadm5_config_params *params_in,
/* Temporarily use the kadm5 cache. */
gssstat = gss_krb5_ccache_name(&minor_stat, handle->cache_name,
&c_ccname_orig);
- if (gssstat != GSS_S_COMPLETE) {
- code = KADM5_GSS_ERROR;
+ if (gssstat != GSS_S_COMPLETE)
goto error;
- }
if (c_ccname_orig)
ccname_orig = strdup(c_ccname_orig);
else
@@ -643,10 +639,8 @@ setup_gss(kadm5_server_handle_t handle, kadm5_config_params *params_in,
buf.length = strlen((char *)buf.value) + 1;
gssstat = gss_import_name(&minor_stat, &buf,
(gss_OID) gss_nt_krb5_name, &gss_target);
- if (gssstat != GSS_S_COMPLETE) {
- code = KADM5_GSS_ERROR;
+ if (gssstat != GSS_S_COMPLETE)
goto error;
- }
if (client_name) {
buf.value = client_name;
@@ -655,16 +649,13 @@ setup_gss(kadm5_server_handle_t handle, kadm5_config_params *params_in,
(gss_OID) gss_nt_krb5_name, &gss_client);
} else gss_client = GSS_C_NO_NAME;
- if (gssstat != GSS_S_COMPLETE) {
- code = KADM5_GSS_ERROR;
+ if (gssstat != GSS_S_COMPLETE)
goto error;
- }
gssstat = gss_acquire_cred(&minor_stat, gss_client, 0,
GSS_C_NULL_OID_SET, GSS_C_INITIATE,
&gss_client_creds, NULL, NULL);
if (gssstat != GSS_S_COMPLETE) {
- code = KADM5_GSS_ERROR;
#if 0 /* for debugging only */
{
OM_uint32 maj_status, min_status, message_context = 0;
@@ -762,7 +753,7 @@ rpc_auth(kadm5_server_handle_t handle, kadm5_config_params *params_in,
/* Use RPCSEC_GSS by default. */
if (params_in == NULL ||
!(params_in->mask & KADM5_CONFIG_OLD_AUTH_GSSAPI)) {
- sec.mech = gss_mech_krb5;
+ sec.mech = (gss_OID)gss_mech_krb5;
sec.qop = GSS_C_QOP_DEFAULT;
sec.svc = RPCSEC_GSS_SVC_PRIVACY;
sec.cred = gss_client_creds;
diff --git a/src/lib/kadm5/kadm_rpc_xdr.c b/src/lib/kadm5/kadm_rpc_xdr.c
index 153b962..42ac783 100644
--- a/src/lib/kadm5/kadm_rpc_xdr.c
+++ b/src/lib/kadm5/kadm_rpc_xdr.c
@@ -819,7 +819,8 @@ xdr_chrand_ret(XDR *xdrs, chrand_ret *objp)
return (FALSE);
}
if (objp->code == KADM5_OK) {
- if (!xdr_array(xdrs, (char **)&objp->keys, &objp->n_keys, ~0,
+ if (!xdr_array(xdrs, (char **)&objp->keys,
+ (unsigned int *)&objp->n_keys, ~0,
sizeof(krb5_keyblock), xdr_krb5_keyblock))
return FALSE;
}
diff --git a/src/lib/kadm5/srv/server_acl.c b/src/lib/kadm5/srv/server_acl.c
index 7094f49..b2aeb7d 100644
--- a/src/lib/kadm5/srv/server_acl.c
+++ b/src/lib/kadm5/srv/server_acl.c
@@ -112,7 +112,7 @@ kadm5int_acl_get_line(fp, lnp)
line_incr = 0;
for (domore = 1; domore && !feof(fp); ) {
/* Copy in the line, with continuations */
- for (i=0; ((i < sizeof acl_buf) && !feof(fp)); i++ ) {
+ for (i = 0; ((i < BUFSIZ) && !feof(fp)); i++) {
int byte;
byte = fgetc(fp);
acl_buf[i] = byte;
diff --git a/src/lib/kadm5/srv/server_kdb.c b/src/lib/kadm5/srv/server_kdb.c
index f4217dd..2366144 100644
--- a/src/lib/kadm5/srv/server_kdb.c
+++ b/src/lib/kadm5/srv/server_kdb.c
@@ -282,7 +282,7 @@ kdb_get_entry(kadm5_server_handle_t handle,
return(ret);
}
- xdrmem_create(&xdrs, tl_data.tl_data_contents,
+ xdrmem_create(&xdrs, (caddr_t)tl_data.tl_data_contents,
tl_data.tl_data_length, XDR_DECODE);
if (! xdr_osa_princ_ent_rec(&xdrs, adb)) {
xdr_destroy(&xdrs);
@@ -373,7 +373,7 @@ kdb_put_entry(kadm5_server_handle_t handle,
}
tl_data.tl_data_type = KRB5_TL_KADM_DATA;
tl_data.tl_data_length = xdr_getpos(&xdrs);
- tl_data.tl_data_contents = xdralloc_getdata(&xdrs);
+ tl_data.tl_data_contents = (krb5_octet *)xdralloc_getdata(&xdrs);
ret = krb5_dbe_update_tl_data(handle->context, kdb, &tl_data);
diff --git a/src/lib/kadm5/srv/svr_principal.c b/src/lib/kadm5/srv/svr_principal.c
index 6d90628..6c7a2c0 100644
--- a/src/lib/kadm5/srv/svr_principal.c
+++ b/src/lib/kadm5/srv/svr_principal.c
@@ -245,10 +245,12 @@ apply_keysalt_policy(kadm5_server_handle_t handle, const char *policy,
ks_tuple = handle->params.keysalts;
}
/* Dup the requested or defaulted keysalt tuples. */
- new_ks_tuple = k5memdup(ks_tuple, n_ks_tuple * sizeof(*new_ks_tuple),
- &ret);
- if (new_ks_tuple == NULL)
+ new_ks_tuple = malloc(n_ks_tuple * sizeof(*new_ks_tuple));
+ if (new_ks_tuple == NULL) {
+ ret = ENOMEM;
goto cleanup;
+ }
+ memcpy(new_ks_tuple, ks_tuple, n_ks_tuple * sizeof(*new_ks_tuple));
new_n_ks_tuple = n_ks_tuple;
ret = 0;
goto cleanup;
@@ -363,7 +365,7 @@ kadm5_create_principal_3(void *server_handle,
kadm5_policy_ent_rec polent;
krb5_boolean have_polent = FALSE;
krb5_int32 now;
- krb5_tl_data *tl_data_orig, *tl_data_tail;
+ krb5_tl_data *tl_data_tail;
unsigned int ret;
kadm5_server_handle_t handle = server_handle;
krb5_keyblock *act_mkey;
@@ -487,7 +489,6 @@ kadm5_create_principal_3(void *server_handle,
if (mask & KADM5_TL_DATA) {
/* splice entry->tl_data onto the front of kdb->tl_data */
- tl_data_orig = kdb->tl_data;
for (tl_data_tail = entry->tl_data; tl_data_tail;
tl_data_tail = tl_data_tail->tl_data_next)
{
@@ -1265,6 +1266,8 @@ kadm5_use_password_server (void)
}
#endif
+void kadm5_set_use_password_server (void);
+
void
kadm5_set_use_password_server (void)
{
diff --git a/src/lib/kdb/iprop_xdr.c b/src/lib/kdb/iprop_xdr.c
index 2ab59f5..8bf2c89 100644
--- a/src/lib/kdb/iprop_xdr.c
+++ b/src/lib/kdb/iprop_xdr.c
@@ -9,7 +9,7 @@
#pragma GCC diagnostic ignored "-Wunused-variable"
#endif
-bool_t
+static bool_t
xdr_int16_t (XDR *xdrs, int16_t *objp)
{
register int32_t *buf;
@@ -19,17 +19,7 @@ xdr_int16_t (XDR *xdrs, int16_t *objp)
return TRUE;
}
-bool_t
-xdr_uint16_t (XDR *xdrs, uint16_t *objp)
-{
- register int32_t *buf;
-
- if (!xdr_u_short (xdrs, objp))
- return FALSE;
- return TRUE;
-}
-
-bool_t
+static bool_t
xdr_int32_t (XDR *xdrs, int32_t *objp)
{
register int32_t *buf;
@@ -39,7 +29,7 @@ xdr_int32_t (XDR *xdrs, int32_t *objp)
return TRUE;
}
-bool_t
+static bool_t
xdr_uint32_t (XDR *xdrs, uint32_t *objp)
{
register int32_t *buf;
diff --git a/src/lib/krb5/ccache/cc_keyring.c b/src/lib/krb5/ccache/cc_keyring.c
index bbe2a2e..3828c59 100644
--- a/src/lib/krb5/ccache/cc_keyring.c
+++ b/src/lib/krb5/ccache/cc_keyring.c
@@ -144,11 +144,6 @@ debug_print(char *fmt, ...)
/* Hopefully big enough to hold a serialized credential */
#define GUESS_CRED_SIZE 4096
-#define ALLOC(NUM,TYPE) \
- (((NUM) <= (((size_t)0-1)/ sizeof(TYPE))) \
- ? (TYPE *) calloc((NUM), sizeof(TYPE)) \
- : (errno = ENOMEM,(TYPE *) 0))
-
#define CHECK_N_GO(ret, errdest) if (ret != KRB5_OK) goto errdest
#define CHECK(ret) if (ret != KRB5_OK) goto errout
#define CHECK_OUT(ret) if (ret != KRB5_OK) return ret
@@ -651,7 +646,7 @@ krb5_krcc_start_seq_get(krb5_context context, krb5_ccache id,
krb5_krcc_cursor krcursor;
krb5_krcc_data *d;
unsigned int size;
- int res;
+ long res;
DEBUG_PRINT(("krb5_krcc_start_seq_get: entered\n"));
@@ -676,7 +671,7 @@ krb5_krcc_start_seq_get(krb5_context context, krb5_ccache id,
krcursor->keys = (key_serial_t *) ((char *) krcursor + sizeof(*krcursor));
res = keyctl_read(d->ring_id, (char *) krcursor->keys,
((d->numkeys + 1) * sizeof(key_serial_t)));
- if (res < 0 || res > ((d->numkeys + 1) * sizeof(key_serial_t))) {
+ if (res < 0 || (size_t)res > ((d->numkeys + 1) * sizeof(key_serial_t))) {
DEBUG_PRINT(("Read %d bytes from keyring, numkeys %d: %s\n",
res, d->numkeys, strerror(errno)));
free(krcursor);
@@ -1213,7 +1208,7 @@ krb5_krcc_get_ring_ids(krb5_krcc_ring_ids_t *p)
*/
memset(ids_buf, '\0', sizeof(ids_buf));
val = keyctl_read(ids_key, ids_buf, sizeof(ids_buf));
- if (val > sizeof(ids_buf))
+ if (val < 0 || (size_t)val > sizeof(ids_buf))
goto out;
val = sscanf(ids_buf, "%d:%d:%d", &session, &process, &thread);
@@ -1359,12 +1354,7 @@ krb5_krcc_parse_principal(krb5_context context, krb5_ccache id,
if (tmpprinc == NULL)
return KRB5_CC_NOMEM;
if (length) {
- size_t msize = length;
- if (msize != length) {
- free(tmpprinc);
- return KRB5_CC_NOMEM;
- }
- tmpprinc->data = ALLOC(msize, krb5_data);
+ tmpprinc->data = calloc(length, sizeof(krb5_data));
if (tmpprinc->data == 0) {
free(tmpprinc);
return KRB5_CC_NOMEM;
@@ -1415,12 +1405,9 @@ krb5_krcc_parse_keyblock(krb5_context context, krb5_ccache id,
if (int32 < 0)
return KRB5_CC_NOMEM;
keyblock->length = int32;
- /* Overflow check. */
- if (keyblock->length != int32)
- return KRB5_CC_NOMEM;
if (keyblock->length == 0)
return KRB5_OK;
- keyblock->contents = ALLOC(keyblock->length, krb5_octet);
+ keyblock->contents = malloc(keyblock->length);
if (keyblock->contents == NULL)
return KRB5_CC_NOMEM;
@@ -1478,7 +1465,7 @@ krb5_krcc_parse_krb5data(krb5_context context, krb5_ccache id,
if (len < 0)
return KRB5_CC_NOMEM;
data->length = len;
- if (data->length != len || data->length + 1 == 0)
+ if (data->length + 1 == 0)
return KRB5_CC_NOMEM;
if (data->length == 0) {
@@ -1542,11 +1529,10 @@ krb5_krcc_parse_addrs(krb5_context context, krb5_ccache id,
* Make *addrs able to hold length pointers to krb5_address structs
* Add one extra for a null-terminated list
*/
- msize = length;
- msize += 1;
- if (msize == 0 || msize - 1 != length || length < 0)
+ msize = (size_t)length + 1;
+ if (msize == 0 || length < 0)
return KRB5_CC_NOMEM;
- *addrs = ALLOC(msize, krb5_address *);
+ *addrs = calloc(msize, sizeof(krb5_address *));
if (*addrs == NULL)
return KRB5_CC_NOMEM;
@@ -1587,13 +1573,6 @@ krb5_krcc_parse_addr(krb5_context context, krb5_ccache id, krb5_address * addr,
if ((int32 & VALID_INT_BITS) != int32) /* Overflow int??? */
return KRB5_CC_NOMEM;
addr->length = int32;
- /*
- * Length field is "unsigned int", which may be smaller
- * than 32 bits.
- */
- if (addr->length != int32)
- return KRB5_CC_NOMEM; /* XXX */
-
if (addr->length == 0)
return KRB5_OK;
@@ -1633,11 +1612,10 @@ krb5_krcc_parse_authdata(krb5_context context, krb5_ccache id,
* Make *a able to hold length pointers to krb5_authdata structs
* Add one extra for a null-terminated list
*/
- msize = length;
- msize += 1;
- if (msize == 0 || msize - 1 != length || length < 0)
+ msize = (size_t)length + 1;
+ if (msize == 0 || length < 0)
return KRB5_CC_NOMEM;
- *a = ALLOC(msize, krb5_authdata *);
+ *a = calloc(msize, sizeof(krb5_authdata *));
if (*a == NULL)
return KRB5_CC_NOMEM;
@@ -1680,13 +1658,6 @@ krb5_krcc_parse_authdatum(krb5_context context, krb5_ccache id,
if ((int32 & VALID_INT_BITS) != int32) /* Overflow int??? */
return KRB5_CC_NOMEM;
a->length = int32;
- /*
- * Value could have gotten truncated if int is
- * smaller than 32 bits.
- */
- if (a->length != int32)
- return KRB5_CC_NOMEM; /* XXX */
-
if (a->length == 0)
return KRB5_OK;
diff --git a/src/lib/krb5/ccache/t_cc.c b/src/lib/krb5/ccache/t_cc.c
index 1c11272..991cef0 100644
--- a/src/lib/krb5/ccache/t_cc.c
+++ b/src/lib/krb5/ccache/t_cc.c
@@ -332,14 +332,14 @@ check_registered(krb5_context context, const char *prefix)
if(kret != KRB5_OK) {
if(kret == KRB5_CC_UNKNOWN_TYPE)
return 0;
- com_err("Checking on credential type", kret,prefix);
+ com_err("Checking on credential type", kret, "%s", prefix);
fflush(stderr);
return 0;
}
kret = krb5_cc_close(context, id);
if(kret != KRB5_OK) {
- com_err("Checking on credential type - closing", kret,prefix);
+ com_err("Checking on credential type - closing", kret, "%s", prefix);
fflush(stderr);
}
diff --git a/src/lib/krb5/krb/t_deltat.c b/src/lib/krb5/krb/t_deltat.c
index 8a50c69..e519ee8 100644
--- a/src/lib/krb5/krb/t_deltat.c
+++ b/src/lib/krb5/krb/t_deltat.c
@@ -126,7 +126,7 @@ main (void)
};
int fail = 0;
- int i;
+ size_t i;
for (i = 0; i < sizeof(values)/sizeof(values[0]); i++) {
krb5_deltat result;
@@ -150,8 +150,8 @@ main (void)
}
}
if (fail == 0)
- printf ("Passed all %d tests.\n", i);
+ printf ("Passed all %d tests.\n", (int)i);
else
- printf ("Failed %d of %d tests.\n", fail, i);
+ printf ("Failed %d of %d tests.\n", fail, (int)i);
return fail;
}
diff --git a/src/lib/krb5/krb/t_ser.c b/src/lib/krb5/krb/t_ser.c
index 692d89d..9cdf5e6 100644
--- a/src/lib/krb5/krb/t_ser.c
+++ b/src/lib/krb5/krb/t_ser.c
@@ -95,7 +95,7 @@ ser_data(int verbose, char *msg, krb5_pointer ctx, krb5_magic dtype)
kret = krb5_externalize_data(ser_ctx, ctx, &outrep, &outlen);
if (!kret) {
if (verbose) {
- printf("%s: externalized in %d bytes\n", msg, outlen);
+ printf("%s: externalized in %d bytes\n", msg, (int)outlen);
print_erep(outrep, outlen);
}
@@ -110,7 +110,7 @@ ser_data(int verbose, char *msg, krb5_pointer ctx, krb5_magic dtype)
if (!kret) {
if (ilen)
printf("%s: %d bytes left over after internalize\n",
- msg, ilen);
+ msg, (int)ilen);
/* Now attempt to re-externalize it */
kret = krb5_externalize_data(ser_ctx, nctx, &outrep2, &outlen2);
if (!kret) {
diff --git a/src/lib/krb5/os/localaddr.c b/src/lib/krb5/os/localaddr.c
index f894d05..f7eb2d2 100644
--- a/src/lib/krb5/os/localaddr.c
+++ b/src/lib/krb5/os/localaddr.c
@@ -1346,12 +1346,10 @@ get_localaddrs (krb5_context context, krb5_address ***addr, int use_profile)
{
struct localaddr_data data = { 0 };
int r;
- krb5_error_code err;
- if (use_profile) {
- err = krb5_os_localaddr_profile (context, &data);
- /* ignore err for now */
- }
+ /* Ignore errors for now. */
+ if (use_profile)
+ (void)krb5_os_localaddr_profile (context, &data);
r = foreach_localaddr (&data, count_addrs, allocate, add_addr);
if (r != 0) {
diff --git a/src/lib/krb5/rcache/rc_io.c b/src/lib/krb5/rcache/rc_io.c
index ef7ce0b..1930d7e 100644
--- a/src/lib/krb5/rcache/rc_io.c
+++ b/src/lib/krb5/rcache/rc_io.c
@@ -223,9 +223,8 @@ krb5_rc_io_open_internal(krb5_context context, krb5_rc_iostuff *d, char *fn,
struct stat sb1, sb2;
#endif
char *dir;
- size_t dirlen;
- GETDIR;
+ dir = getdir();
if (full_pathname) {
if (!(d->fn = strdup(full_pathname)))
return KRB5_RC_IO_MALLOC;
diff --git a/src/lib/rpc/auth_gss.c b/src/lib/rpc/auth_gss.c
index ab161c1..319bc75 100644
--- a/src/lib/rpc/auth_gss.c
+++ b/src/lib/rpc/auth_gss.c
@@ -546,7 +546,6 @@ authgss_destroy_context(AUTH *auth)
{
struct rpc_gss_data *gd;
OM_uint32 min_stat;
- enum clnt_stat callstat;
log_debug("in authgss_destroy_context()");
@@ -555,10 +554,8 @@ authgss_destroy_context(AUTH *auth)
if (gd->gc.gc_ctx.length != 0) {
if (gd->established) {
gd->gc.gc_proc = RPCSEC_GSS_DESTROY;
- callstat = clnt_call(gd->clnt, NULLPROC,
- xdr_void, NULL,
- xdr_void, NULL,
- AUTH_TIMEOUT);
+ (void)clnt_call(gd->clnt, NULLPROC, xdr_void, NULL,
+ xdr_void, NULL, AUTH_TIMEOUT);
log_debug("%s",
clnt_sperror(gd->clnt,
"authgss_destroy_context"));
diff --git a/src/lib/rpc/pmap_rmt.c b/src/lib/rpc/pmap_rmt.c
index 66edf57..10d9e3f 100644
--- a/src/lib/rpc/pmap_rmt.c
+++ b/src/lib/rpc/pmap_rmt.c
@@ -188,7 +188,6 @@ getbroadcastnets(
{
struct ifconf ifc;
struct ifreq ifreq, *ifr;
- struct sockaddr_in *sockin;
int n, i;
ifc.ifc_len = GIFCONF_BUFSIZE;
@@ -208,24 +207,16 @@ getbroadcastnets(
if ((ifreq.ifr_flags & IFF_BROADCAST) &&
(ifreq.ifr_flags & IFF_UP) &&
ifr->ifr_addr.sa_family == AF_INET) {
- sockin = (struct sockaddr_in *)&ifr->ifr_addr;
#ifdef SIOCGIFBRDADDR /* 4.3BSD */
if (ioctl(sock, SIOCGIFBRDADDR, (char *)&ifreq) < 0) {
addrs[i++].s_addr = INADDR_ANY;
-#if 0 /* this is uuuuugly */
- addrs[i++] = inet_makeaddr(inet_netof
-#if defined(hpux) || (defined(sun) && defined(__svr4__)) || defined(linux) || (defined(__osf__) && defined(__alpha__))
- (sockin->sin_addr),
-#else /* hpux or solaris */
- (sockin->sin_addr.s_addr),
-#endif
- INADDR_ANY);
-#endif
} else {
addrs[i++] = ((struct sockaddr_in*)
&ifreq.ifr_addr)->sin_addr;
}
#else /* 4.2 BSD */
+ struct sockaddr_in *sockin;
+ sockin = (struct sockaddr_in *)&ifr->ifr_addr;
addrs[i++] = inet_makeaddr(inet_netof
(sockin->sin_addr.s_addr), INADDR_ANY);
#endif
diff --git a/src/lib/rpc/svc_auth_gss.c b/src/lib/rpc/svc_auth_gss.c
index c3d52dc..68498da 100644
--- a/src/lib/rpc/svc_auth_gss.c
+++ b/src/lib/rpc/svc_auth_gss.c
@@ -486,8 +486,8 @@ gssrpc__svcauth_gss(struct svc_req *rqst, struct rpc_msg *msg,
offset = 0 - offset;
gd->seqmask <<= offset;
offset = 0;
- }
- else if (offset >= gd->win || (gd->seqmask & (1 << offset))) {
+ } else if ((u_int)offset >= gd->win ||
+ (gd->seqmask & (1 << offset))) {
*no_dispatch = 1;
ret_freegc (RPCSEC_GSS_CTXPROBLEM);
}
diff --git a/src/lib/rpc/svc_udp.c b/src/lib/rpc/svc_udp.c
index a38f35d..0b01527 100644
--- a/src/lib/rpc/svc_udp.c
+++ b/src/lib/rpc/svc_udp.c
@@ -198,6 +198,7 @@ svcudp_recv(
register int rlen;
char *reply;
uint32_t replylen;
+ socklen_t addrlen;
again:
memset(&dummy, 0, sizeof(dummy));
@@ -215,13 +216,14 @@ svcudp_recv(
return (FALSE);
}
- xprt->xp_addrlen = sizeof(struct sockaddr_in);
+ addrlen = sizeof(struct sockaddr_in);
rlen = recvfrom(xprt->xp_sock, rpc_buffer(xprt), (int) su->su_iosz,
- 0, (struct sockaddr *)&(xprt->xp_raddr), &(xprt->xp_addrlen));
+ 0, (struct sockaddr *)&(xprt->xp_raddr), &addrlen);
if (rlen == -1 && errno == EINTR)
goto again;
if (rlen < (int) (4*sizeof(uint32_t)))
return (FALSE);
+ xprt->xp_addrlen = addrlen;
xdrs->x_op = XDR_DECODE;
XDR_SETPOS(xdrs, 0);
if (! xdr_callmsg(xdrs, msg))
diff --git a/src/lib/rpc/unit-test/client.c b/src/lib/rpc/unit-test/client.c
index 6ab4534..646477f 100644
--- a/src/lib/rpc/unit-test/client.c
+++ b/src/lib/rpc/unit-test/client.c
@@ -58,8 +58,8 @@ main(argc, argv)
CLIENT *clnt;
AUTH *tmp_auth;
struct rpc_err e;
- int i, auth_once, sock, use_tcp;
- unsigned int count;
+ int auth_once, sock, use_tcp;
+ unsigned int count, i;
extern int optind;
extern char *optarg;
extern int svc_debug_gssapi, misc_debug_gssapi, auth_debug_gssapi;
diff --git a/src/lib/rpc/xdr_mem.c b/src/lib/rpc/xdr_mem.c
index febb8be..f3eb047 100644
--- a/src/lib/rpc/xdr_mem.c
+++ b/src/lib/rpc/xdr_mem.c
@@ -125,7 +125,7 @@ static bool_t
xdrmem_getbytes(XDR *xdrs, caddr_t addr, u_int len)
{
- if (xdrs->x_handy < len)
+ if ((u_int)xdrs->x_handy < len)
return (FALSE);
else
xdrs->x_handy -= len;
@@ -138,7 +138,7 @@ static bool_t
xdrmem_putbytes(XDR *xdrs, caddr_t addr, u_int len)
{
- if (xdrs->x_handy < len)
+ if ((u_int)xdrs->x_handy < len)
return (FALSE);
else
xdrs->x_handy -= len;
diff --git a/src/lib/rpc/xdr_rec.c b/src/lib/rpc/xdr_rec.c
index cb839b6..0587882 100644
--- a/src/lib/rpc/xdr_rec.c
+++ b/src/lib/rpc/xdr_rec.c
@@ -244,7 +244,7 @@ static bool_t /* must manage buffers, fragments, and records */
xdrrec_getbytes(XDR *xdrs, caddr_t addr, u_int len)
{
register RECSTREAM *rstrm = (RECSTREAM *)(xdrs->x_private);
- register int current;
+ register u_int current;
while (len > 0) {
current = rstrm->fbtbc;
@@ -519,7 +519,7 @@ get_input_bytes(RECSTREAM *rstrm, caddr_t addr, int len)
return (FALSE);
continue;
}
- current = (len < current) ? len : current;
+ current = ((size_t)len < current) ? (size_t)len : current;
memmove(addr, rstrm->in_finger, current);
rstrm->in_finger += current;
addr += current;
diff --git a/src/lib/rpc/xdr_sizeof.c b/src/lib/rpc/xdr_sizeof.c
index a9b16e2..145e387 100644
--- a/src/lib/rpc/xdr_sizeof.c
+++ b/src/lib/rpc/xdr_sizeof.c
@@ -80,7 +80,7 @@ x_setpostn(xdrs, pos)
return (FALSE);
}
-static long *
+static rpc_inline_t *
x_inline(xdrs, len)
XDR *xdrs;
int len;
@@ -94,7 +94,7 @@ x_inline(xdrs, len)
if (len < (int) xdrs->x_base) {
/* x_private was already allocated */
xdrs->x_handy += len;
- return ((long *) xdrs->x_private);
+ return ((rpc_inline_t *) xdrs->x_private);
} else {
/* Free the earlier space and allocate new area */
if (xdrs->x_private)
@@ -105,7 +105,7 @@ x_inline(xdrs, len)
}
xdrs->x_base = (caddr_t) len;
xdrs->x_handy += len;
- return ((long *) xdrs->x_private);
+ return ((rpc_inline_t *) xdrs->x_private);
}
}
@@ -139,7 +139,7 @@ xdr_sizeof(func, data)
bool_t stat;
/* to stop ANSI-C compiler from complaining */
typedef bool_t (* dummyfunc1)(XDR *, long *);
- typedef bool_t (* dummyfunc2)(XDR *, caddr_t, int);
+ typedef bool_t (* dummyfunc2)(XDR *, caddr_t, u_int);
ops.x_putlong = x_putlong;
ops.x_putbytes = x_putbytes;
diff --git a/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_list.c b/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_list.c
index 38e470f..9402813 100644
--- a/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_list.c
+++ b/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_list.c
@@ -156,7 +156,6 @@ list_modify_str_array(char ***destlist, const char **sourcelist, int mode)
char **dlist = NULL, **tmplist = NULL;
const char **slist = NULL;
int dcount = 0, scount = 0, copycount = 0;
- int found = 0;
if ((destlist == NULL) || (*destlist == NULL) || (sourcelist == NULL))
return;
@@ -192,10 +191,8 @@ list_modify_str_array(char ***destlist, const char **sourcelist, int mode)
* from the destination list */
for (slist = sourcelist; *slist != NULL; slist++) {
for (dlist = *destlist; *dlist != NULL; dlist++) {
- found = 0; /* value not found */
/* DN is case insensitive string */
if (strcasecmp(*dlist, *slist) == 0) {
- found = 1;
free(*dlist);
/* Advance the rest of the entries by one */
for (tmplist = dlist; *tmplist != NULL; tmplist++) {
diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c
index 3fac3c7..8776ab5 100644
--- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c
+++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_misc.c
@@ -536,12 +536,10 @@ krb5_error_code
is_principal_in_realm(krb5_ldap_context *ldap_context,
krb5_const_principal searchfor)
{
- size_t defrealmlen=0;
char *defrealm=NULL;
#define FIND_MAX(a,b) ((a) > (b) ? (a) : (b))
- defrealmlen = strlen(ldap_context->lrparams->realm_name);
defrealm = ldap_context->lrparams->realm_name;
/*
@@ -1646,6 +1644,7 @@ populate_krb5_db_entry(krb5_context context, krb5_ldap_context *ldap_context,
{
krb5_error_code st = 0;
unsigned int mask = 0;
+ int val;
krb5_boolean attr_present = FALSE;
char **values = NULL, *policydn = NULL, *pwdpolicydn = NULL;
char *polname = NULL, *tktpolname = NULL;
@@ -1720,9 +1719,10 @@ populate_krb5_db_entry(krb5_context context, krb5_ldap_context *ldap_context,
mask |= KDB_LAST_FAILED_ATTR;
/* KRBLOGINFAILEDCOUNT */
- if (krb5_ldap_get_value(ld, ent, "krbLoginFailedCount",
- &(entry->fail_auth_count)) == 0)
+ if (krb5_ldap_get_value(ld, ent, "krbLoginFailedCount", &val) == 0) {
+ entry->fail_auth_count = val;
mask |= KDB_FAIL_AUTH_COUNT_ATTR;
+ }
/* KRBMAXTICKETLIFE */
if (krb5_ldap_get_value(ld, ent, "krbmaxticketlife", &(entry->max_life)) == 0)
diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c
index 527873c..bcdc1dc 100644
--- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c
+++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c
@@ -555,7 +555,8 @@ krb5_ldap_put_principal(krb5_context context, krb5_db_entry *entry,
goto cleanup;
if (entry->mask & KADM5_LOAD) {
- int tree = 0, ntrees = 0, numlentries = 0;
+ unsigned int tree = 0, ntrees = 0;
+ int numlentries = 0;
char **subtreelist = NULL, *filter = NULL;
/* A load operation is special, will do a mix-in (add krbprinc
@@ -695,7 +696,8 @@ krb5_ldap_put_principal(krb5_context context, krb5_db_entry *entry,
*/
if (xargs.dn_from_kbd == TRUE) {
/* make sure the DN falls in the subtree */
- int tre=0, dnlen=0, subtreelen=0, ntrees=0;
+ unsigned int tre=0, ntrees=0;
+ int dnlen=0, subtreelen=0;
char **subtreelist=NULL;
char *dn=NULL;
krb5_boolean outofsubtree=TRUE;
@@ -1293,7 +1295,7 @@ krb5_read_tkt_policy(krb5_context context, krb5_ldap_context *ldap_context,
krb5_db_entry *entries, char *policy)
{
krb5_error_code st=0;
- unsigned int mask=0, omask=0;
+ int mask=0, omask=0;
int tkt_mask=(KDB_MAX_LIFE_ATTR | KDB_MAX_RLIFE_ATTR | KDB_TKT_FLAGS_ATTR);
krb5_ldap_policy_params *tktpoldnparam=NULL;
diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c
index 2169aaa..4d7d673 100644
--- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c
+++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c
@@ -232,6 +232,15 @@ cleanup:
return(st);
}
+static void
+get_ui4(LDAP *ld, LDAPMessage *ent, char *name, krb5_ui_4 *out)
+{
+ int val;
+
+ krb5_ldap_get_value(ld, ent, name, &val);
+ *out = val;
+}
+
static krb5_error_code
populate_policy(krb5_context context,
LDAP *ld,
@@ -245,19 +254,18 @@ populate_policy(krb5_context context,
CHECK_NULL(pol_entry->name);
pol_entry->version = 1;
- krb5_ldap_get_value(ld, ent, "krbmaxpwdlife", &(pol_entry->pw_max_life));
- krb5_ldap_get_value(ld, ent, "krbminpwdlife", &(pol_entry->pw_min_life));
- krb5_ldap_get_value(ld, ent, "krbpwdmindiffchars", &(pol_entry->pw_min_classes));
- krb5_ldap_get_value(ld, ent, "krbpwdminlength", &(pol_entry->pw_min_length));
- krb5_ldap_get_value(ld, ent, "krbpwdhistorylength", &(pol_entry->pw_history_num));
-
- krb5_ldap_get_value(ld, ent, "krbpwdmaxfailure", &(pol_entry->pw_max_fail));
- krb5_ldap_get_value(ld, ent, "krbpwdfailurecountinterval", &(pol_entry->pw_failcnt_interval));
- krb5_ldap_get_value(ld, ent, "krbpwdlockoutduration", &(pol_entry->pw_lockout_duration));
- krb5_ldap_get_value(ld, ent, "krbpwdattributes", &(pol_entry->attributes));
- krb5_ldap_get_value(ld, ent, "krbpwdmaxlife", &(pol_entry->max_life));
- krb5_ldap_get_value(ld, ent, "krbpwdmaxrenewablelife",
- &(pol_entry->max_renewable_life));
+ get_ui4(ld, ent, "krbmaxpwdlife", &pol_entry->pw_max_life);
+ get_ui4(ld, ent, "krbminpwdlife", &pol_entry->pw_min_life);
+ get_ui4(ld, ent, "krbpwdmindiffchars", &pol_entry->pw_min_classes);
+ get_ui4(ld, ent, "krbpwdminlength", &pol_entry->pw_min_length);
+ get_ui4(ld, ent, "krbpwdhistorylength", &pol_entry->pw_history_num);
+ get_ui4(ld, ent, "krbpwdmaxfailure", &pol_entry->pw_max_fail);
+ get_ui4(ld, ent, "krbpwdfailurecountinterval",
+ &pol_entry->pw_failcnt_interval);
+ get_ui4(ld, ent, "krbpwdlockoutduration", &pol_entry->pw_lockout_duration);
+ get_ui4(ld, ent, "krbpwdattributes", &pol_entry->attributes);
+ get_ui4(ld, ent, "krbpwdmaxlife", &pol_entry->max_life);
+ get_ui4(ld, ent, "krbpwdmaxrenewablelife", &pol_entry->max_renewable_life);
st = krb5_ldap_get_string(ld, ent, "krbpwdallowedkeysalts",
&(pol_entry->allowed_keysalts), NULL);
diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_realm.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_realm.c
index e5c1f59..032be6f 100644
--- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_realm.c
+++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_realm.c
@@ -209,7 +209,8 @@ krb5_ldap_delete_realm (krb5_context context, char *lrealm)
char **values=NULL, **subtrees=NULL, **policy=NULL;
LDAPMessage **result_arr=NULL, *result = NULL, *ent = NULL;
krb5_principal principal;
- int l=0, ntree=0, i=0, j=0, mask=0;
+ unsigned int l=0, ntree=0;
+ int i=0, j=0, mask=0;
kdb5_dal_handle *dal_handle = NULL;
krb5_ldap_context *ldap_context = NULL;
krb5_ldap_server_handle *ldap_server_handle = NULL;
@@ -342,7 +343,7 @@ krb5_ldap_modify_realm(krb5_context context, krb5_ldap_realm_params *rparams,
krb5_error_code st=0;
char **strval=NULL, *strvalprc[5]={NULL};
LDAPMod **mods = NULL;
- int oldmask=0, objectmask=0,k=0;
+ int objectmask=0,k=0;
kdb5_dal_handle *dal_handle=NULL;
krb5_ldap_context *ldap_context=NULL;
krb5_ldap_server_handle *ldap_server_handle=NULL;
@@ -371,21 +372,6 @@ krb5_ldap_modify_realm(krb5_context context, krb5_ldap_realm_params *rparams,
/* get ldap handle */
GET_HANDLE ();
- /* get the oldmask obtained from the krb5_ldap_read_realm_params */
- {
- void *voidptr=NULL;
-
- if ((st=decode_tl_data(rparams->tl_data, KDB_TL_MASK, &voidptr)) == 0) {
- oldmask = *((int *) voidptr);
- free (voidptr);
- } else {
- st = EINVAL;
- krb5_set_error_message(context, st, _("tl_data not available"));
- return st;
- }
- }
-
-
/* SUBTREE ATTRIBUTE */
if (mask & LDAP_REALM_SUBTREE) {
if ( rparams->subtree!=NULL) {
diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_service_stash.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_service_stash.c
index f412290..32e2af0 100644
--- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_service_stash.c
+++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_service_stash.c
@@ -84,7 +84,6 @@ krb5_ldap_readpassword(krb5_context context, krb5_ldap_context *ldap_context,
int entryfound=0;
krb5_error_code st=0;
char line[RECORDLEN]="0", *start=NULL, *file=NULL;
- char errbuf[1024];
FILE *fptr=NULL;
*password = NULL;
@@ -166,7 +165,8 @@ rp_exit:
int
tohex(krb5_data in, krb5_data *ret)
{
- int i=0, err = 0;
+ unsigned int i=0;
+ int err = 0;
ret->length = 0;
ret->data = NULL;
diff --git a/src/plugins/kdb/ldap/libkdb_ldap/princ_xdr.c b/src/plugins/kdb/ldap/libkdb_ldap/princ_xdr.c
index 760bfd3..5ae8672 100644
--- a/src/plugins/kdb/ldap/libkdb_ldap/princ_xdr.c
+++ b/src/plugins/kdb/ldap/libkdb_ldap/princ_xdr.c
@@ -187,7 +187,7 @@ krb5_lookup_tl_kadm_data(krb5_tl_data *tl_data, osa_princ_ent_rec *princ_entry)
XDR xdrs;
- xdrmem_create(&xdrs, tl_data->tl_data_contents,
+ xdrmem_create(&xdrs, (caddr_t)tl_data->tl_data_contents,
tl_data->tl_data_length, XDR_DECODE);
if (! ldap_xdr_osa_princ_ent_rec(&xdrs, princ_entry)) {
xdr_destroy(&xdrs);
diff --git a/src/plugins/preauth/pkinit/pkinit_accessor.c b/src/plugins/preauth/pkinit/pkinit_accessor.c
index 15a3e49..6bae949 100644
--- a/src/plugins/preauth/pkinit/pkinit_accessor.c
+++ b/src/plugins/preauth/pkinit/pkinit_accessor.c
@@ -58,7 +58,7 @@ krb5_error_code
krb5_data **code);
krb5_error_code
-(*k5int_encode_krb5_td_dh_parameters)(const krb5_algorithm_identifier **,
+(*k5int_encode_krb5_td_dh_parameters)(krb5_algorithm_identifier *const *,
krb5_data **code);
krb5_error_code
(*k5int_decode_krb5_td_dh_parameters)(const krb5_data *,
@@ -66,7 +66,7 @@ krb5_error_code
krb5_error_code
(*k5int_encode_krb5_td_trusted_certifiers)
-(const krb5_external_principal_identifier **, krb5_data **code);
+(krb5_external_principal_identifier *const *, krb5_data **code);
krb5_error_code
(*k5int_decode_krb5_td_trusted_certifiers)
diff --git a/src/plugins/preauth/pkinit/pkinit_accessor.h b/src/plugins/preauth/pkinit/pkinit_accessor.h
index 21402ad..dcee3db 100644
--- a/src/plugins/preauth/pkinit/pkinit_accessor.h
+++ b/src/plugins/preauth/pkinit/pkinit_accessor.h
@@ -61,12 +61,12 @@ extern krb5_error_code (*k5int_encode_krb5_pa_pk_as_rep_draft9)
(const krb5_pa_pk_as_rep_draft9 *, krb5_data **code);
extern krb5_error_code (*k5int_encode_krb5_td_dh_parameters)
- (const krb5_algorithm_identifier **, krb5_data **code);
+ (krb5_algorithm_identifier *const *, krb5_data **code);
extern krb5_error_code (*k5int_decode_krb5_td_dh_parameters)
(const krb5_data *, krb5_algorithm_identifier ***);
extern krb5_error_code (*k5int_encode_krb5_td_trusted_certifiers)
- (const krb5_external_principal_identifier **, krb5_data **code);
+ (krb5_external_principal_identifier *const *, krb5_data **code);
extern krb5_error_code (*k5int_decode_krb5_td_trusted_certifiers)
(const krb5_data *, krb5_external_principal_identifier ***);
diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_nss.c b/src/plugins/preauth/pkinit/pkinit_crypto_nss.c
index 45f44e0..4b0245c 100644
--- a/src/plugins/preauth/pkinit/pkinit_crypto_nss.c
+++ b/src/plugins/preauth/pkinit/pkinit_crypto_nss.c
@@ -3416,7 +3416,7 @@ pkinit_create_td_dh_parameters(krb5_context context,
SECItem tmp, *oid;
krb5_algorithm_identifier id[sizeof(oakley_groups) /
sizeof(oakley_groups[0])];
- const krb5_algorithm_identifier *ids[(sizeof(id) / sizeof(id[0])) + 1];
+ krb5_algorithm_identifier *ids[(sizeof(id) / sizeof(id[0])) + 1];
unsigned int i, j;
krb5_data *data;
krb5_pa_data **typed_data;
@@ -3525,7 +3525,7 @@ pkinit_create_td_invalid_certificate(krb5_context context,
{
CERTCertificate *invalid;
krb5_external_principal_identifier id;
- const krb5_external_principal_identifier *ids[2];
+ krb5_external_principal_identifier *ids[2];
struct issuer_and_serial_number isn;
krb5_data *data;
SECItem item;
@@ -3591,7 +3591,7 @@ pkinit_create_td_trusted_certifiers(krb5_context context,
pkinit_identity_crypto_context
id_cryptoctx, krb5_pa_data ***pa_data)
{
- const krb5_external_principal_identifier **ids;
+ krb5_external_principal_identifier **ids;
krb5_external_principal_identifier *id;
struct issuer_and_serial_number isn;
krb5_data *data;
diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
index a706911..ae4efc3 100644
--- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
+++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
@@ -1677,7 +1677,7 @@ cms_signeddata_verify(krb5_context context,
goto cleanup;
}
- retval = k5int_encode_krb5_td_trusted_certifiers((const krb5_external_principal_identifier **)krb5_verified_chain, &authz);
+ retval = k5int_encode_krb5_td_trusted_certifiers((krb5_external_principal_identifier *const *)krb5_verified_chain, &authz);
if (retval) {
pkiDebug("encode_krb5_td_trusted_certifiers failed\n");
goto cleanup;
@@ -3063,7 +3063,7 @@ pkinit_create_sequence_of_principal_identifiers(
goto cleanup;
}
- retval = k5int_encode_krb5_td_trusted_certifiers((const krb5_external_principal_identifier **)krb5_trusted_certifiers, &td_certifiers);
+ retval = k5int_encode_krb5_td_trusted_certifiers((krb5_external_principal_identifier *const *)krb5_trusted_certifiers, &td_certifiers);
if (retval) {
pkiDebug("encode_krb5_td_trusted_certifiers failed\n");
goto cleanup;
@@ -3244,7 +3244,7 @@ pkinit_create_td_dh_parameters(krb5_context context,
algId[0]->algorithm = dh_oid;
}
- retval = k5int_encode_krb5_td_dh_parameters((const krb5_algorithm_identifier **)algId, &encoded_algId);
+ retval = k5int_encode_krb5_td_dh_parameters((krb5_algorithm_identifier *const *)algId, &encoded_algId);
if (retval)
goto cleanup;
#ifdef DEBUG_ASN1
diff --git a/src/slave/kprop.c b/src/slave/kprop.c
index 540d14b..acdca0a 100644
--- a/src/slave/kprop.c
+++ b/src/slave/kprop.c
@@ -532,14 +532,14 @@ xmit_database(context, auth_context, my_creds, fd, database_fd,
int database_fd;
int in_database_size;
{
- krb5_int32 sent_size, n;
+ krb5_int32 n;
krb5_data inbuf, outbuf;
char buf[KPROP_BUFSIZ];
krb5_error_code retval;
krb5_error *error;
/* These must be 4 bytes */
krb5_ui_4 database_size = in_database_size;
- krb5_ui_4 send_size;
+ krb5_ui_4 send_size, sent_size;
/*
* Send over the size
diff --git a/src/tests/dejagnu/t_inetd.c b/src/tests/dejagnu/t_inetd.c
index 5e9a0b1..abcde50 100644
--- a/src/tests/dejagnu/t_inetd.c
+++ b/src/tests/dejagnu/t_inetd.c
@@ -75,7 +75,7 @@ main(argc, argv)
int sock, acc;
int one = 1;
struct sockaddr_in l_inaddr, f_inaddr; /* local, foreign address */
- int namelen = sizeof(f_inaddr);
+ socklen_t namelen = sizeof(f_inaddr);
#ifdef POSIX_SIGNALS
struct sigaction csig;
#endif
diff --git a/src/tests/gssapi/common.c b/src/tests/gssapi/common.c
index 61558a0..5e8ffda 100644
--- a/src/tests/gssapi/common.c
+++ b/src/tests/gssapi/common.c
@@ -44,12 +44,12 @@ gss_OID_set_desc mechset_iakerb = { 1, &mech_iakerb };
static void
display_status(const char *msg, OM_uint32 code, int type)
{
- OM_uint32 maj_stat, min_stat, msg_ctx = 0;
+ OM_uint32 min_stat, msg_ctx = 0;
gss_buffer_desc buf;
do {
- maj_stat = gss_display_status(&min_stat, code, type, GSS_C_NULL_OID,
- &msg_ctx, &buf);
+ (void)gss_display_status(&min_stat, code, type, GSS_C_NULL_OID,
+ &msg_ctx, &buf);
fprintf(stderr, "%s: %.*s\n", msg, (int)buf.length, (char *)buf.value);
(void)gss_release_buffer(&min_stat, &buf);
} while (msg_ctx != 0);
diff --git a/src/util/profile/test_profile.c b/src/util/profile/test_profile.c
index ea7113d..6f6fcc7 100644
--- a/src/util/profile/test_profile.c
+++ b/src/util/profile/test_profile.c
@@ -24,9 +24,9 @@ static void do_batchmode(profile)
{
errcode_t retval;
int argc, ret;
- char **argv, **values, **cpp;
+ char **argv, **values, *value, **cpp;
char buf[256];
- const char **names, *value;
+ const char **names, *name;
char *cmd;
int print_status;
@@ -76,11 +76,10 @@ static void do_batchmode(profile)
retval = profile_rename_section(profile, names+1,
*names);
} else if (!strcmp(cmd, "add")) {
- value = *names;
- if (strcmp(value, "NULL") == 0)
- value = NULL;
- retval = profile_add_relation(profile, names+1,
- value);
+ name = *names;
+ if (strcmp(name, "NULL") == 0)
+ name = NULL;
+ retval = profile_add_relation(profile, names+1, name);
} else if (!strcmp(cmd, "flush")) {
retval = profile_flush(profile);
} else {
@@ -116,8 +115,7 @@ int main(argc, argv)
{
profile_t profile;
long retval;
- char **values, **cpp;
- const char *value;
+ char **values, *value, **cpp;
const char **names;
char *cmd;
int print_value = 0;
More information about the cvs-krb5
mailing list