From 91f766a668b921ccb687d10add35f91a5dfc7bcd Mon Sep 17 00:00:00 2001 From: Jakub Jelen Date: Tue, 24 Nov 2015 18:59:48 +0100 Subject: [PATCH] Fix compiler warnings on latest Fedora --- configure.ac | 1 + lib/checkpw.c | 10 ++--- lib/common.c | 3 -- lib/saslutil.c | 2 - plugins/digestmd5.c | 6 +-- plugins/ntlm.c | 75 +++++++++++++++++++++----------------- plugins/sasldb.c | 2 +- plugins/scram.c | 61 +++++++++++++++++-------------- sample/client.c | 14 +++---- sample/server.c | 20 +++++----- saslauthd/auth_getpwent.c | 1 + saslauthd/auth_httpform.c | 1 - saslauthd/auth_krb5.c | 3 +- saslauthd/auth_ldap.c | 6 --- saslauthd/auth_shadow.c | 3 +- saslauthd/cfile.c | 1 - saslauthd/ipc_unix.c | 2 +- saslauthd/lak.c | 8 ++-- saslauthd/saslauthd-main.c | 2 - saslauthd/testsaslauthd.c | 8 +--- utils/dbconverter-2.c | 2 +- utils/pluginviewer.c | 6 +-- 22 files changed, 115 insertions(+), 122 deletions(-) diff --git a/lib/checkpw.c b/lib/checkpw.c index d371f3f..0fa483c 100644 --- a/lib/checkpw.c +++ b/lib/checkpw.c @@ -116,9 +116,9 @@ static int _sasl_make_plain_secret(const char *salt, } _sasl_MD5Init(&ctx); - _sasl_MD5Update(&ctx, salt, 16); - _sasl_MD5Update(&ctx, "sasldb", 6); - _sasl_MD5Update(&ctx, passwd, (unsigned int) passlen); + _sasl_MD5Update(&ctx, (const unsigned char *) salt, 16); + _sasl_MD5Update(&ctx, (const unsigned char *) "sasldb", 6); + _sasl_MD5Update(&ctx, (const unsigned char *) passwd, (unsigned int) passlen); memcpy((*secret)->data, salt, 16); (*secret)->data[16] = '\0'; _sasl_MD5Final((*secret)->data + 17, &ctx); @@ -368,8 +368,8 @@ int _sasl_auxprop_verify_apop(sasl_conn_t *conn, } _sasl_MD5Init(&ctx); - _sasl_MD5Update(&ctx, challenge, strlen(challenge)); - _sasl_MD5Update(&ctx, auxprop_values[0].values[0], + _sasl_MD5Update(&ctx, (const unsigned char *) challenge, strlen(challenge)); + _sasl_MD5Update(&ctx, (const unsigned char *) auxprop_values[0].values[0], strlen(auxprop_values[0].values[0])); _sasl_MD5Final(digest, &ctx); diff --git a/lib/common.c b/lib/common.c index de0adfd..4a24d74 100644 --- a/lib/common.c +++ b/lib/common.c @@ -1526,12 +1526,9 @@ _sasl_getsimple(void *context, size_t *len) { const char *userid; - sasl_conn_t *conn; if (! context || ! result) return SASL_BADPARAM; - conn = (sasl_conn_t *)context; - switch(id) { case SASL_CB_AUTHNAME: userid = getenv("USER"); diff --git a/lib/saslutil.c b/lib/saslutil.c index bcdb1ca..f13478a 100644 --- a/lib/saslutil.c +++ b/lib/saslutil.c @@ -131,7 +131,6 @@ int sasl_encode64(const char *_in, const unsigned char *in = (const unsigned char *)_in; unsigned char *out = (unsigned char *)_out; unsigned char oval; - char *blah; unsigned olen; /* check params */ @@ -147,7 +146,6 @@ int sasl_encode64(const char *_in, } /* Do the work... */ - blah = (char *) out; while (inlen >= 3) { /* user provided max buffer size; make sure we don't go over it */ *out++ = basis_64[in[0] >> 2]; diff --git a/plugins/digestmd5.c b/plugins/digestmd5.c index 2fb0550..39d8ef2 100644 --- a/plugins/digestmd5.c +++ b/plugins/digestmd5.c @@ -3048,7 +3048,8 @@ static int digestmd5_server_mech_step(void *conn_context, memset(oparams, 0, sizeof(sasl_out_params_t)); if (text->nonce) sparams->utils->free(text->nonce); if (text->realm) sparams->utils->free(text->realm); - text->nonce = text->realm = NULL; + text->realm = NULL; + text->nonce = NULL; /* fall through and issue challenge */ } @@ -3650,7 +3651,6 @@ static int parse_server_challenge(client_context_t *ctext, int saw_qop = 0; int ciphers = 0; int maxbuf_count = 0; - bool IsUTF8 = FALSE; int algorithm_count = 0; int opaque_count = 0; @@ -3867,8 +3867,6 @@ SKIP_SPACES_IN_CIPHER: params->utils->seterror(params->utils->conn, 0, "Charset must be UTF-8"); goto FreeAllocatedMem; - } else { - IsUTF8 = TRUE; } } else if (strcasecmp(name,"algorithm")==0) { if (text->http_mode && strcasecmp(value, "md5") == 0) { diff --git a/plugins/ntlm.c b/plugins/ntlm.c index 79ea47c..ba0288d 100644 --- a/plugins/ntlm.c +++ b/plugins/ntlm.c @@ -275,7 +275,7 @@ static void load_buffer(u_char *buf, const u_char *str, uint16 len, { if (len) { if (unicode) { - to_unicode(base + *offset, str, len); + to_unicode(base + *offset, (const char *) str, len); len *= 2; } else { @@ -373,10 +373,10 @@ static unsigned char *P16_lm(unsigned char *P16, sasl_secret_t *passwd, char P14[14]; unsigned char S8[] = { 0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25 }; - strncpy(P14, passwd->data, sizeof(P14)); + strncpy(P14, (const char *) passwd->data, sizeof(P14)); ucase(P14, sizeof(P14)); - E(P16, P14, sizeof(P14), S8, sizeof(S8)); + E(P16, (unsigned char *) P14, sizeof(P14), S8, sizeof(S8)); *result = SASL_OK; return P16; } @@ -390,8 +390,8 @@ static unsigned char *P16_nt(unsigned char *P16, sasl_secret_t *passwd, *result = SASL_NOMEM; } else { - to_unicode(*buf, passwd->data, passwd->len); - MD4(*buf, 2 * passwd->len, P16); + to_unicode((unsigned char *) *buf, (const char *) passwd->data, passwd->len); + MD4((unsigned char *) *buf, 2 * passwd->len, P16); *result = SASL_OK; } return P16; @@ -444,9 +444,9 @@ static unsigned char *V2(unsigned char *V2, sasl_secret_t *passwd, strcpy(upper, authid); if (target) strcat(upper, target); ucase(upper, len); - to_unicode(*buf, upper, len); + to_unicode((unsigned char *) *buf, upper, len); - HMAC(EVP_md5(), hash, MD4_DIGEST_LENGTH, *buf, 2 * len, hash, &len); + HMAC(EVP_md5(), hash, MD4_DIGEST_LENGTH, (unsigned char *) *buf, 2 * len, hash, &len); /* V2 = HMAC-MD5(NTLMv2hash, challenge + blob) + blob */ HMAC_Init(&ctx, hash, len, EVP_md5()); @@ -768,8 +768,8 @@ static void make_netbios_name(const char *in, unsigned char out[]) */ n = strcspn(in, "."); if (n > 16) n = 16; - strncpy(out+18, in, n); - in = out+18; + strncpy((char *) out+18, in, n); + in = (char *) out+18; ucase(in, n); out[j++] = 0x20; @@ -1033,7 +1033,7 @@ static int smb_negotiate_protocol(const sasl_utils_t *utils, "NTLM: error reading NEGPROT response"); return SASL_FAIL; } - p = text->out_buf; + p = (unsigned char *) text->out_buf; /* parse the header */ if (len < SMB_HDR_SIZE) { @@ -1115,7 +1115,7 @@ static int smb_negotiate_protocol(const sasl_utils_t *utils, return SASL_NOMEM; } memcpy(*domain, p, len); - from_unicode(*domain, *domain, len); + from_unicode(*domain, (unsigned char *) *domain, len); text->flags |= NTLM_TARGET_IS_DOMAIN; } @@ -1256,7 +1256,7 @@ static int smb_session_setup(const sasl_utils_t *utils, server_context_t *text, "NTLM: error reading SESSIONSETUP response"); return SASL_FAIL; } - p = text->out_buf; + p = (unsigned char *) text->out_buf; /* parse the header */ if (len < SMB_HDR_SIZE) { @@ -1343,12 +1343,12 @@ static int create_challenge(const sasl_utils_t *utils, return SASL_NOMEM; } - base = *buf; + base = (unsigned char *) *buf; memset(base, 0, *outlen); memcpy(base + NTLM_SIG_OFFSET, NTLM_SIGNATURE, sizeof(NTLM_SIGNATURE)); htoil(base + NTLM_TYPE_OFFSET, NTLM_TYPE_CHALLENGE); load_buffer(base + NTLM_TYPE2_TARGET_OFFSET, - ucase(target, 0), (uint16) xstrlen(target), flags & NTLM_USE_UNICODE, + (const unsigned char *) ucase(target, 0), (uint16) xstrlen(target), flags & NTLM_USE_UNICODE, base, &offset); htoil(base + NTLM_TYPE2_FLAGS_OFFSET, flags); memcpy(base + NTLM_TYPE2_CHALLENGE_OFFSET, nonce, NTLM_NONCE_LENGTH); @@ -1500,26 +1500,30 @@ static int ntlm_server_mech_step2(server_context_t *text, return SASL_BADPROT; } - result = unload_buffer(sparams->utils, clientin + NTLM_TYPE3_LMRESP_OFFSET, + result = unload_buffer(sparams->utils, + (const unsigned char *) clientin + NTLM_TYPE3_LMRESP_OFFSET, (u_char **) &lm_resp, &lm_resp_len, 0, - clientin, clientinlen); + (const unsigned char *) clientin, clientinlen); if (result != SASL_OK) goto cleanup; - result = unload_buffer(sparams->utils, clientin + NTLM_TYPE3_NTRESP_OFFSET, + result = unload_buffer(sparams->utils, + (const unsigned char *) clientin + NTLM_TYPE3_NTRESP_OFFSET, (u_char **) &nt_resp, &nt_resp_len, 0, - clientin, clientinlen); + (const unsigned char *) clientin, clientinlen); if (result != SASL_OK) goto cleanup; - result = unload_buffer(sparams->utils, clientin + NTLM_TYPE3_DOMAIN_OFFSET, + result = unload_buffer(sparams->utils, + (const unsigned char *) clientin + NTLM_TYPE3_DOMAIN_OFFSET, (u_char **) &domain, &domain_len, text->flags & NTLM_USE_UNICODE, - clientin, clientinlen); + (const unsigned char *) clientin, clientinlen); if (result != SASL_OK) goto cleanup; - result = unload_buffer(sparams->utils, clientin + NTLM_TYPE3_USER_OFFSET, + result = unload_buffer(sparams->utils, + (const unsigned char *) clientin + NTLM_TYPE3_USER_OFFSET, (u_char **) &authid, &authid_len, text->flags & NTLM_USE_UNICODE, - clientin, clientinlen); + (const unsigned char *) clientin, clientinlen); if (result != SASL_OK) goto cleanup; /* require at least one response and an authid */ @@ -1582,7 +1586,7 @@ static int ntlm_server_mech_step2(server_context_t *text, } password->len = (unsigned) pass_len; - strncpy(password->data, auxprop_values[0].values[0], pass_len + 1); + strncpy((char *) password->data, auxprop_values[0].values[0], pass_len + 1); /* erase the plaintext password */ sparams->utils->prop_erase(sparams->propctx, password_request[0]); @@ -1805,15 +1809,15 @@ static int create_request(const sasl_utils_t *utils, return SASL_NOMEM; } - base = *buf; + base = (unsigned char *) *buf; memset(base, 0, *outlen); memcpy(base + NTLM_SIG_OFFSET, NTLM_SIGNATURE, sizeof(NTLM_SIGNATURE)); htoil(base + NTLM_TYPE_OFFSET, NTLM_TYPE_REQUEST); htoil(base + NTLM_TYPE1_FLAGS_OFFSET, flags); load_buffer(base + NTLM_TYPE1_DOMAIN_OFFSET, - domain, (uint16) xstrlen(domain), 0, base, &offset); + (const unsigned char *) domain, (uint16) xstrlen(domain), 0, base, &offset); load_buffer(base + NTLM_TYPE1_WORKSTN_OFFSET, - wkstn, (uint16) xstrlen(wkstn), 0, base, &offset); + (const unsigned char *) wkstn, (uint16) xstrlen(wkstn), 0, base, &offset); return SASL_OK; } @@ -1858,7 +1862,7 @@ static int create_response(const sasl_utils_t *utils, return SASL_NOMEM; } - base = *buf; + base = (unsigned char *) *buf; memset(base, 0, *outlen); memcpy(base + NTLM_SIG_OFFSET, NTLM_SIGNATURE, sizeof(NTLM_SIGNATURE)); htoil(base + NTLM_TYPE_OFFSET, NTLM_TYPE_RESPONSE); @@ -1867,12 +1871,15 @@ static int create_response(const sasl_utils_t *utils, load_buffer(base + NTLM_TYPE3_NTRESP_OFFSET, nt_resp, nt_resp ? NTLM_RESP_LENGTH : 0, 0, base, &offset); load_buffer(base + NTLM_TYPE3_DOMAIN_OFFSET, - ucase(domain, 0), (uint16) xstrlen(domain), flags & NTLM_USE_UNICODE, + (const unsigned char *) ucase(domain, 0), (uint16) xstrlen(domain), + flags & NTLM_USE_UNICODE, base, &offset); load_buffer(base + NTLM_TYPE3_USER_OFFSET, - user, (uint16) xstrlen(user), flags & NTLM_USE_UNICODE, base, &offset); + (const unsigned char *) user, (uint16) xstrlen(user), + flags & NTLM_USE_UNICODE, base, &offset); load_buffer(base + NTLM_TYPE3_WORKSTN_OFFSET, - ucase(wkstn, 0), (uint16) xstrlen(wkstn), flags & NTLM_USE_UNICODE, + (const unsigned char *) ucase(wkstn, 0), (uint16) xstrlen(wkstn), + flags & NTLM_USE_UNICODE, base, &offset); load_buffer(base + NTLM_TYPE3_SESSIONKEY_OFFSET, key, key ? NTLM_SESSKEY_LENGTH : 0, 0, base, &offset); @@ -2011,7 +2018,8 @@ static int ntlm_client_mech_step2(client_context_t *text, flags &= NTLM_FLAGS_MASK; /* mask off the bits we don't support */ - result = unload_buffer(params->utils, serverin + NTLM_TYPE2_TARGET_OFFSET, + result = unload_buffer(params->utils, + (const unsigned char *) serverin + NTLM_TYPE2_TARGET_OFFSET, (u_char **) &domain, NULL, flags & NTLM_USE_UNICODE, (u_char *) serverin, serverinlen); @@ -2027,7 +2035,7 @@ static int ntlm_client_mech_step2(client_context_t *text, (sendv2[0] == 'o' && sendv2[1] == 'n') || sendv2[0] == 't')) { /* put the cnonce in place after the LMv2 HMAC */ - char *cnonce = resp + MD5_DIGEST_LENGTH; + char *cnonce = (char *) resp + MD5_DIGEST_LENGTH; params->utils->log(NULL, SASL_LOG_DEBUG, "calculating LMv2 response"); @@ -2035,7 +2043,8 @@ static int ntlm_client_mech_step2(client_context_t *text, params->utils->rand(params->utils->rpool, cnonce, NTLM_NONCE_LENGTH); V2(resp, password, oparams->authid, domain, - serverin + NTLM_TYPE2_CHALLENGE_OFFSET, cnonce, NTLM_NONCE_LENGTH, + (const unsigned char *) serverin + NTLM_TYPE2_CHALLENGE_OFFSET, + (const unsigned char *) cnonce, NTLM_NONCE_LENGTH, params->utils, &text->out_buf, &text->out_buf_len, &result); lm_resp = resp; diff --git a/plugins/sasldb.c b/plugins/sasldb.c index 1edbb8b..403a9cc 100644 --- a/plugins/sasldb.c +++ b/plugins/sasldb.c @@ -248,7 +248,7 @@ static int sasldb_auxprop_store(void *glob_context __attribute__((unused)), ret = SASL_OK; for (cur = to_store; cur->name; cur++) { - char * value = (cur->values && cur->values[0]) ? cur->values[0] : NULL; + char * value = (char *) (cur->values && cur->values[0]) ? cur->values[0] : NULL; if (cur->name[0] == '*') { continue; diff --git a/plugins/scram.c b/plugins/scram.c index 62a101c..b0681c4 100644 --- a/plugins/scram.c +++ b/plugins/scram.c @@ -255,6 +255,7 @@ create_nonce(const sasl_utils_t * utils, return buffer; } +#ifdef SCRAM_DEBUG /* Useful for debugging interop issues */ static void print_hash (const char * func, const char * hash) @@ -267,6 +268,7 @@ print_hash (const char * func, const char * hash) } printf ("\n"); } +#endif /* The result variable need to point to a buffer big enough for the [SHA-1] hash */ @@ -299,7 +301,7 @@ Hi (const sasl_utils_t * utils, if (HMAC(EVP_sha1(), (const unsigned char *) str, (int)str_len, - initial_key, + (const unsigned char *) initial_key, (int)salt_len + 4, (unsigned char *)result, &hash_len) == NULL) { @@ -315,7 +317,7 @@ Hi (const sasl_utils_t * utils, if (HMAC(EVP_sha1(), (const unsigned char *) str, (int)str_len, - temp_result, + (const unsigned char *) temp_result, SCRAM_HASH_SIZE, (unsigned char *)temp_result, &hash_len) == NULL) { @@ -345,9 +347,10 @@ scram_server_user_salt(const sasl_utils_t * utils, size_t * p_salt_len) { char * result = utils->malloc(SCRAM_HASH_SIZE); - Hi(utils, username, strlen(username), g_salt_key, SALT_SIZE, 20 /* iterations */, result); + Hi(utils, username, strlen(username), (const char *) g_salt_key, SALT_SIZE, + 20 /* iterations */, result); *p_salt_len = SCRAM_HASH_SIZE; - return result; + return (unsigned char *) result; } static int @@ -386,7 +389,7 @@ GenerateScramSecrets (const sasl_utils_t * utils, /* SaltedPassword := Hi(password, salt) */ Hi (utils, - sec->data, + (const char *) sec->data, sec->len, salt, salt_len, @@ -397,7 +400,7 @@ GenerateScramSecrets (const sasl_utils_t * utils, if (HMAC(EVP_sha1(), (const unsigned char *) SaltedPassword, SCRAM_HASH_SIZE, - CLIENT_KEY_CONSTANT, + (const unsigned char *) CLIENT_KEY_CONSTANT, CLIENT_KEY_CONSTANT_LEN, (unsigned char *)ClientKey, &hash_len) == NULL) { @@ -407,7 +410,8 @@ GenerateScramSecrets (const sasl_utils_t * utils, } /* StoredKey := H(ClientKey) */ - if (SHA1(ClientKey, SCRAM_HASH_SIZE, StoredKey) == NULL) { + if (SHA1((const unsigned char *) ClientKey, SCRAM_HASH_SIZE, + (unsigned char *) StoredKey) == NULL) { *error_text = "SHA1 call failed"; result = SASL_SCRAM_INTERNAL; goto cleanup; @@ -418,7 +422,7 @@ GenerateScramSecrets (const sasl_utils_t * utils, if (HMAC(EVP_sha1(), (const unsigned char *) SaltedPassword, SCRAM_HASH_SIZE, - SERVER_KEY_CONSTANT, + (const unsigned char *) SERVER_KEY_CONSTANT, SERVER_KEY_CONSTANT_LEN, (unsigned char *)ServerKey, &hash_len) == NULL) { @@ -509,7 +513,6 @@ scram_server_mech_step1(server_context_t *text, NULL }; int canon_flags; struct propval auxprop_values[3]; - unsigned int hash_len = 0; int result; if (clientinlen == 0) { @@ -783,13 +786,13 @@ scram_server_mech_step1(server_context_t *text, char * s_iteration_count; char * end; - text->salt = scram_server_user_salt(sparams->utils, text->authentication_id, &text->salt_len); + text->salt = (char *) scram_server_user_salt(sparams->utils, text->authentication_id, &text->salt_len); sparams->utils->getopt(sparams->utils->getopt_context, /* Different SCRAM hashes can have different strengh */ SCRAM_SASL_MECH, "scram_iteration_counter", - &s_iteration_count, + (const char **) &s_iteration_count, NULL); if (s_iteration_count != NULL) { @@ -899,7 +902,7 @@ scram_server_mech_step1(server_context_t *text, (unsigned int)base64_salt_len, text->salt, (unsigned int)base64_salt_len, - &text->salt_len) != SASL_OK) { + (unsigned int *) &text->salt_len) != SASL_OK) { SETERROR(sparams->utils, "Invalid base64 encoding of the salt in " SCRAM_SASL_MECH " stored value"); continue; } @@ -1304,7 +1307,7 @@ scram_server_mech_step2(server_context_t *text, if (HMAC(EVP_sha1(), (const unsigned char *) text->StoredKey, SCRAM_HASH_SIZE, - text->auth_message, + (const unsigned char *)text->auth_message, (int)text->auth_message_len, (unsigned char *)ClientSignature, &hash_len) == NULL) { @@ -1336,7 +1339,8 @@ scram_server_mech_step2(server_context_t *text, } /* StoredKey := H(ClientKey) */ - if (SHA1(ReceivedClientKey, SCRAM_HASH_SIZE, CalculatedStoredKey) == NULL) { + if (SHA1((const unsigned char *) ReceivedClientKey, SCRAM_HASH_SIZE, + (unsigned char *) CalculatedStoredKey) == NULL) { sparams->utils->seterror(sparams->utils->conn,0, "SHA1 call failed"); result = SASL_SCRAM_INTERNAL; @@ -1355,7 +1359,7 @@ scram_server_mech_step2(server_context_t *text, if (HMAC(EVP_sha1(), (const unsigned char *) text->ServerKey, SCRAM_HASH_SIZE, - text->auth_message, + (unsigned char *) text->auth_message, (int)text->auth_message_len, (unsigned char *)ServerSignature, &hash_len) == NULL) { @@ -1572,7 +1576,7 @@ static int scram_setpass(void *glob_context __attribute__((unused)), /* Different SCRAM hashes can have different strengh */ SCRAM_SASL_MECH, "scram_iteration_counter", - &s_iteration_count, + (const char **) &s_iteration_count, NULL); if (s_iteration_count != NULL) { @@ -1663,14 +1667,14 @@ static int scram_setpass(void *glob_context __attribute__((unused)), goto cleanup; } - sprintf(sec->data, + sprintf((char *) sec->data, "%s$%u:%s$%s:%s", SCRAM_SASL_MECH, iteration_count, base64_salt, base64_StoredKey, base64_ServerKey); - sec->len = (unsigned int) strlen(sec->data); + sec->len = (unsigned int) strlen((const char *) sec->data); } /* do the store */ @@ -1684,7 +1688,7 @@ static int scram_setpass(void *glob_context __attribute__((unused)), if (!r) { r = sparams->utils->prop_set(propctx, "authPassword", - (sec ? sec->data : NULL), + (const char *) (sec ? sec->data : NULL), (sec ? sec->len : 0)); } if (!r) { @@ -1989,7 +1993,7 @@ scram_client_mech_step1(client_context_t *text, if (userid != NULL && *userid != '\0') { result = encode_saslname (oparams->user, - &encoded_authorization_id, + (const char **) &encoded_authorization_id, &freeme2); if (result != SASL_OK) { @@ -2000,7 +2004,7 @@ scram_client_mech_step1(client_context_t *text, } result = encode_saslname (oparams->authid, - &encoded_authcid, + (const char **) &encoded_authcid, &freeme); if (result != SASL_OK) { MEMERROR( params->utils ); @@ -2277,7 +2281,7 @@ scram_client_mech_step2(client_context_t *text, goto cleanup; } - channel_binding_data = params->cbinding->data; + channel_binding_data = (const char *) params->cbinding->data; channel_binding_data_len = params->cbinding->len; } @@ -2368,7 +2372,7 @@ scram_client_mech_step2(client_context_t *text, /* SaltedPassword := Hi(password, salt) */ Hi (params->utils, - text->password->data, + (const char *) text->password->data, text->password->len, text->salt, text->salt_len, @@ -2381,7 +2385,7 @@ scram_client_mech_step2(client_context_t *text, if (HMAC(EVP_sha1(), (const unsigned char *) text->SaltedPassword, SCRAM_HASH_SIZE, - CLIENT_KEY_CONSTANT, + (const unsigned char *) CLIENT_KEY_CONSTANT, CLIENT_KEY_CONSTANT_LEN, (unsigned char *)ClientKey, &hash_len) == NULL) { @@ -2394,7 +2398,8 @@ scram_client_mech_step2(client_context_t *text, PRINT_HASH ("ClientKey", ClientKey); /* StoredKey := H(ClientKey) */ - if (SHA1(ClientKey, SCRAM_HASH_SIZE, StoredKey) == NULL) { + if (SHA1((const unsigned char *) ClientKey, SCRAM_HASH_SIZE, + (unsigned char *) StoredKey) == NULL) { params->utils->seterror(params->utils->conn,0, "SHA1 call failed"); result = SASL_SCRAM_INTERNAL; @@ -2407,7 +2412,7 @@ scram_client_mech_step2(client_context_t *text, if (HMAC(EVP_sha1(), (const unsigned char *)StoredKey, SCRAM_HASH_SIZE, - text->auth_message, + (const unsigned char *) text->auth_message, (int)text->auth_message_len, (unsigned char *)ClientSignature, &hash_len) == NULL) { @@ -2535,7 +2540,7 @@ scram_client_mech_step3(client_context_t *text, if (HMAC(EVP_sha1(), (const unsigned char *)text->SaltedPassword, SCRAM_HASH_SIZE, - SERVER_KEY_CONSTANT, + (const unsigned char *) SERVER_KEY_CONSTANT, SERVER_KEY_CONSTANT_LEN, (unsigned char *)ServerKey, &hash_len) == NULL) { @@ -2549,7 +2554,7 @@ scram_client_mech_step3(client_context_t *text, if (HMAC(EVP_sha1(), (const unsigned char *)ServerKey, SCRAM_HASH_SIZE, - text->auth_message, + (const unsigned char *) text->auth_message, (int)text->auth_message_len, (unsigned char *)ServerSignature, &hash_len) == NULL) { diff --git a/sample/client.c b/sample/client.c index d568be5..aee8eac 100644 --- a/sample/client.c +++ b/sample/client.c @@ -174,7 +174,7 @@ getsecret(sasl_conn_t *conn, } x->len = len; - strcpy(x->data, password); + strcpy((char *)x->data, password); memset(password, 0, len); *psecret = x; @@ -255,7 +255,7 @@ int mysasl_negotiate(FILE *in, FILE *out, sasl_conn_t *conn) mech = buf; } - r = sasl_client_start(conn, mech, NULL, &data, &len, &chosenmech); + r = sasl_client_start(conn, mech, NULL, &data, (unsigned int *) &len, &chosenmech); if (r != SASL_OK && r != SASL_CONTINUE) { saslerr(r, "starting SASL negotiation"); printf("\n%s\n", sasl_errdetail(conn)); @@ -295,7 +295,7 @@ int mysasl_negotiate(FILE *in, FILE *out, sasl_conn_t *conn) } len = recv_string(in, buf, sizeof buf); - r = sasl_client_step(conn, buf, len, NULL, &data, &len); + r = sasl_client_step(conn, buf, len, NULL, &data, (unsigned int *) &len); if (r != SASL_OK && r != SASL_CONTINUE) { saslerr(r, "performing SASL negotiation"); printf("\n%s\n", sasl_errdetail(conn)); @@ -389,7 +389,7 @@ int main(int argc, char *argv[]) /* set ip addresses */ salen = sizeof(local_ip); - if (getsockname(fd, (struct sockaddr *)&local_ip, &salen) < 0) { + if (getsockname(fd, (struct sockaddr *)&local_ip, (unsigned int*) &salen) < 0) { perror("getsockname"); } @@ -408,7 +408,7 @@ int main(int argc, char *argv[]) snprintf(localaddr, sizeof(localaddr), "%s;%s", hbuf, pbuf); salen = sizeof(remote_ip); - if (getpeername(fd, (struct sockaddr *)&remote_ip, &salen) < 0) { + if (getpeername(fd, (struct sockaddr *)&remote_ip, (unsigned int *) &salen) < 0) { perror("getpeername"); } @@ -433,8 +433,8 @@ int main(int argc, char *argv[]) if (cb_flag) { cb.name = "sasl-sample"; cb.critical = cb_flag > 1; - cb.data = "this is a test of channel binding"; - cb.len = strlen(cb.data); + cb.data = (unsigned char *) "this is a test of channel binding"; + cb.len = (unsigned int) strlen((const char *) cb.data); sasl_setprop(conn, SASL_CHANNEL_BINDING, &cb); } diff --git a/sample/server.c b/sample/server.c index 01dd7ba..2a9c0ef 100644 --- a/sample/server.c +++ b/sample/server.c @@ -220,7 +220,7 @@ int mysasl_negotiate(FILE *in, FILE *out, sasl_conn_t *conn) dprintf(1, "generating client mechanism list... "); r = sasl_listmech(conn, NULL, NULL, " ", NULL, - &data, &len, &count); + &data, (unsigned int *) &len, &count); if (r != SASL_OK) saslfail(r, "generating mechanism list"); dprintf(1, "%d mechanisms\n", count); } @@ -260,10 +260,10 @@ int mysasl_negotiate(FILE *in, FILE *out, sasl_conn_t *conn) /* start libsasl negotiation */ r = sasl_server_start(conn, chosenmech, buf, len, - &data, &len); + &data, (unsigned int *) &len); } else { r = sasl_server_start(conn, chosenmech, NULL, 0, - &data, &len); + &data, (unsigned int *) &len); } if (r != SASL_OK && r != SASL_CONTINUE) { @@ -291,7 +291,7 @@ int mysasl_negotiate(FILE *in, FILE *out, sasl_conn_t *conn) return -1; } - r = sasl_server_step(conn, buf, len, &data, &len); + r = sasl_server_step(conn, buf, len, &data, (unsigned int *) &len); if (r != SASL_OK && r != SASL_CONTINUE) { saslerr(r, "performing SASL negotiation"); fputc('N', out); /* send NO to client */ @@ -422,7 +422,7 @@ int main(int argc, char *argv[]) /* set ip addresses */ salen = sizeof(local_ip); - if (getsockname(fd, (struct sockaddr *)&local_ip, &salen) < 0) { + if (getsockname(fd, (struct sockaddr *)&local_ip, (unsigned int *) &salen) < 0) { perror("getsockname"); } niflags = (NI_NUMERICHOST | NI_NUMERICSERV); @@ -440,7 +440,7 @@ int main(int argc, char *argv[]) snprintf(localaddr, sizeof(localaddr), "%s;%s", hbuf, pbuf); salen = sizeof(remote_ip); - if (getpeername(fd, (struct sockaddr *)&remote_ip, &salen) < 0) { + if (getpeername(fd, (struct sockaddr *)&remote_ip, (unsigned int *) &salen) < 0) { perror("getpeername"); } @@ -470,8 +470,8 @@ int main(int argc, char *argv[]) cb.name = "sasl-sample"; cb.critical = cb_flag > 1; - cb.data = "this is a test of channel binding"; - cb.len = strlen(cb.data); + cb.data = (const unsigned char *) "this is a test of channel binding"; + cb.len = (unsigned int) strlen((const char *) cb.data); if (cb_flag) { sasl_setprop(conn, SASL_CHANNEL_BINDING, &cb); @@ -518,7 +518,7 @@ static void displayStatus_1(m, code, type) maj_stat = gss_display_status(&min_stat, code, type, GSS_C_NULL_OID, &msg_ctx, &msg); - fprintf(stderr, "%s: %s\n", m, (char *)msg.value); + fprintf(stderr, "%s (%u): %s\n", m, maj_stat, (char *)msg.value); (void) gss_release_buffer(&min_stat, &msg); if (!msg_ctx) diff --git a/saslauthd/auth_getpwent.c b/saslauthd/auth_getpwent.c index d4ebe54..84e1cc2 100644 --- a/saslauthd/auth_getpwent.c +++ b/saslauthd/auth_getpwent.c @@ -42,6 +42,7 @@ #include #include #include +#include #ifdef HAVE_CRYPT_H #include diff --git a/saslauthd/auth_httpform.c b/saslauthd/auth_httpform.c index 045a8b5..aacf988 100644 --- a/saslauthd/auth_httpform.c +++ b/saslauthd/auth_httpform.c @@ -505,7 +505,6 @@ auth_httpform ( int s=-1; /* socket to remote auth host */ struct addrinfo *r; /* remote socket address info */ char *req; /* request, with user and pw */ - char *c; /* scratch pointer */ int rc; /* return code scratch area */ char postbuf[RESP_LEN]; /* request buffer */ int postlen; /* length of post request */ diff --git a/saslauthd/auth_krb5.c b/saslauthd/auth_krb5.c index 7e14e78..354e970 100644 --- a/saslauthd/auth_krb5.c +++ b/saslauthd/auth_krb5.c @@ -79,7 +79,6 @@ auth_krb5_init ( ) { #ifdef AUTH_KRB5 - int rc; char *configname = 0; if (krbtf_init() == -1) { @@ -102,7 +101,7 @@ auth_krb5_init ( } if (config) { - keytabname = cfile_getstring(config, "krb5_keytab", keytabname); + keytabname = (char *) cfile_getstring(config, "krb5_keytab", keytabname); verify_principal = cfile_getstring(config, "krb5_verify_principal", verify_principal); } diff --git a/saslauthd/auth_ldap.c b/saslauthd/auth_ldap.c index c8d2878..2cd50f3 100644 --- a/saslauthd/auth_ldap.c +++ b/saslauthd/auth_ldap.c @@ -96,12 +96,6 @@ auth_ldap_init ( /* END PARAMETERS */ ) { - /* VARIABLES */ - struct addrinfo hints; - int err; - char *c; /* scratch pointer */ - /* END VARIABLES */ - if (mech_option != NULL) { SASLAUTHD_CONF_FILE = mech_option; } diff --git a/saslauthd/auth_shadow.c b/saslauthd/auth_shadow.c index b37af02..d69e380 100644 --- a/saslauthd/auth_shadow.c +++ b/saslauthd/auth_shadow.c @@ -35,6 +35,7 @@ /* PUBLIC DEPENDENCIES */ #include "mechanisms.h" +#include #ifdef AUTH_SHADOW @@ -239,7 +240,7 @@ auth_shadow ( if ((sp->sp_expire != -1) && (today > sp->sp_expire)) { if (flags & VERBOSE) { - syslog(LOG_DEBUG, "DEBUG: auth_shadow: account expired: %dl > %dl", + syslog(LOG_DEBUG, "DEBUG: auth_shadow: account expired: %ld > %ld", today, sp->sp_expire); } RETURN("NO Account expired"); diff --git a/saslauthd/cfile.c b/saslauthd/cfile.c index 5c87d02..386b07a 100644 --- a/saslauthd/cfile.c +++ b/saslauthd/cfile.c @@ -76,7 +76,6 @@ cfile cfile_read(const char *filename, char *complaint, int complaint_len) int alloced = 0; char buf[BIG_ENOUGH]; char *p, *key; - int result; struct cfile *cf; if (complaint) diff --git a/saslauthd/ipc_unix.c b/saslauthd/ipc_unix.c index f82a245..58a1fa6 100644 --- a/saslauthd/ipc_unix.c +++ b/saslauthd/ipc_unix.c @@ -232,7 +232,7 @@ void ipc_loop() { continue; } - conn_fd = accept(sock_fd, (struct sockaddr *)&client, &len); + conn_fd = accept(sock_fd, (struct sockaddr *)&client, (unsigned int *) &len); rc = errno; rel_accept_lock(); diff --git a/saslauthd/lak.c b/saslauthd/lak.c index f667073..17f58ba 100644 --- a/saslauthd/lak.c +++ b/saslauthd/lak.c @@ -835,12 +835,12 @@ static int lak_connect( rc = ldap_set_option(lak->ld, LDAP_OPT_NETWORK_TIMEOUT, &(lak->conf->timeout)); if (rc != LDAP_OPT_SUCCESS) { - syslog(LOG_WARNING|LOG_AUTH, "Unable to set LDAP_OPT_NETWORK_TIMEOUT %d.%d.", lak->conf->timeout.tv_sec, lak->conf->timeout.tv_usec); + syslog(LOG_WARNING|LOG_AUTH, "Unable to set LDAP_OPT_NETWORK_TIMEOUT %ld.%ld.", lak->conf->timeout.tv_sec, lak->conf->timeout.tv_usec); } rc = ldap_set_option(lak->ld, LDAP_OPT_TIMEOUT, &(lak->conf->timeout)); if (rc != LDAP_OPT_SUCCESS) { - syslog(LOG_WARNING|LOG_AUTH, "Unable to set LDAP_OPT_TIMEOUT %d.%d.", lak->conf->timeout.tv_sec, lak->conf->timeout.tv_usec); + syslog(LOG_WARNING|LOG_AUTH, "Unable to set LDAP_OPT_TIMEOUT %ld.%ld.", lak->conf->timeout.tv_sec, lak->conf->timeout.tv_usec); } rc = ldap_set_option(lak->ld, LDAP_OPT_TIMELIMIT, &(lak->conf->time_limit)); @@ -1727,13 +1727,13 @@ static int lak_base64_decode( return LAK_NOMEM; EVP_DecodeInit(&EVP_ctx); - rc = EVP_DecodeUpdate(&EVP_ctx, text, &i, (char *)src, strlen(src)); + rc = EVP_DecodeUpdate(&EVP_ctx, (unsigned char *) text, &i, (const unsigned char *)src, strlen(src)); if (rc < 0) { free(text); return LAK_FAIL; } tlen += i; - EVP_DecodeFinal(&EVP_ctx, text, &i); + EVP_DecodeFinal(&EVP_ctx, (unsigned char *) text, &i); *ret = text; if (rlen != NULL) diff --git a/saslauthd/saslauthd-main.c b/saslauthd/saslauthd-main.c index 5d9ca8a..e869eb3 100644 --- a/saslauthd/saslauthd-main.c +++ b/saslauthd/saslauthd-main.c @@ -631,7 +631,6 @@ void detach_tty() { int null_fd; int exit_result; pid_t pid; - char pid_buf[100]; struct flock lockinfo; /************************************************************** @@ -893,7 +892,6 @@ void handle_sigchld() { * Do some final cleanup here. **************************************************************/ void server_exit() { - struct flock lock_st; /********************************************************* * If we're not the master process, don't do anything diff --git a/saslauthd/testsaslauthd.c b/saslauthd/testsaslauthd.c index 368af76..5de666e 100644 --- a/saslauthd/testsaslauthd.c +++ b/saslauthd/testsaslauthd.c @@ -105,9 +105,7 @@ static int saslauthd_verify_password(const char *saslauthd_path, struct sockaddr_un srvaddr; int r; unsigned short count; - void *context; char pwpath[sizeof(srvaddr.sun_path)]; - const char *p = NULL; #ifdef USE_DOORS door_arg_t arg; #endif @@ -133,7 +131,6 @@ static int saslauthd_verify_password(const char *saslauthd_path, */ { unsigned short u_len, p_len, s_len, r_len; - struct iovec iov[8]; u_len = htons(strlen(userid)); p_len = htons(strlen(passwd)); @@ -253,10 +250,7 @@ main(int argc, char *argv[]) const char *realm = NULL, *service = NULL, *path = NULL; int c; int flag_error = 0; - unsigned passlen, verifylen; - const char *errstr = NULL; - int result; - char *user_domain = NULL; + int result = 0; int repeat = 0; while ((c = getopt(argc, argv, "p:u:r:s:f:R:")) != EOF) diff --git a/utils/dbconverter-2.c b/utils/dbconverter-2.c index 04df2cb..33e18fb 100644 --- a/utils/dbconverter-2.c +++ b/utils/dbconverter-2.c @@ -376,7 +376,7 @@ int good_getopt(void *context __attribute__((unused)), } static struct sasl_callback goodsasl_cb[] = { - { SASL_CB_GETOPT, &good_getopt, NULL }, + { SASL_CB_GETOPT, (int (*)(void))&good_getopt, NULL }, { SASL_CB_LIST_END, NULL, NULL } }; diff --git a/utils/pluginviewer.c b/utils/pluginviewer.c index 3164acd..15c2b0e 100644 --- a/utils/pluginviewer.c +++ b/utils/pluginviewer.c @@ -422,7 +422,7 @@ main(int argc, char *argv[]) case 'b': options = optarg; while (*options != '\0') { - switch(getsubopt(&options, (const char * const *)bit_subopts, &value)) { + switch(getsubopt(&options, (char * const *)bit_subopts, &value)) { case OPT_MIN: if (! value) { errflag = 1; @@ -447,7 +447,7 @@ main(int argc, char *argv[]) case 'e': options = optarg; while (*options != '\0') { - switch(getsubopt(&options, (const char * const *)ext_subopts, &value)) { + switch(getsubopt(&options, (char * const *)ext_subopts, &value)) { case OPT_EXT_SSF: if (! value) { errflag = 1; @@ -476,7 +476,7 @@ main(int argc, char *argv[]) case 'f': options = optarg; while (*options != '\0') { - switch(getsubopt(&options, (const char * const *)flag_subopts, &value)) { + switch(getsubopt(&options, (char * const *)flag_subopts, &value)) { case OPT_NOPLAIN: secprops.security_flags |= SASL_SEC_NOPLAINTEXT; break; -- 2.20.1