buf_getstring and buf_putstring now use non-unsigned char*

buffer.c

@@ -203,10 +203,10 @@ unsigned char* buf_getwriteptr(buffer* buf, unsigned int len) {
 /* Return a null-terminated string, it is malloced, so must be free()ed
  * Note that the string isn't checked for null bytes, hence the retlen
  * may be longer than what is returned by strlen */
-unsigned char* buf_getstring(buffer* buf, unsigned int *retlen) {
+char* buf_getstring(buffer* buf, unsigned int *retlen) {
 
 	unsigned int len;
-	unsigned char* ret;
+	char* ret;
 	len = buf_getint(buf);
 	if (len > MAX_STRING_LEN) {
 		dropbear_exit("String too long");
@@ -262,16 +262,16 @@ void buf_putint(buffer* buf, int unsigned val) {
 }
 
 /* put a SSH style string into the buffer, increasing buffer len if required */
-void buf_putstring(buffer* buf, const unsigned char* str, unsigned int len) {
+void buf_putstring(buffer* buf, const char* str, unsigned int len) {
 	
 	buf_putint(buf, len);
-	buf_putbytes(buf, str, len);
+	buf_putbytes(buf, (const unsigned char*)str, len);
 
 }
 
 /* puts an entire buffer as a SSH string. ignore pos of buf_str. */
 void buf_putbufstring(buffer *buf, const buffer* buf_str) {
-	buf_putstring(buf, buf_str->data, buf_str->len);
+	buf_putstring(buf, (const char*)buf_str->data, buf_str->len);
 }
 
 /* put the set of len bytes into the buffer, incrementing the pos, increasing

buffer.h

@@ -56,11 +56,11 @@ unsigned char buf_getbool(buffer* buf);
 void buf_putbyte(buffer* buf, unsigned char val);
 unsigned char* buf_getptr(buffer* buf, unsigned int len);
 unsigned char* buf_getwriteptr(buffer* buf, unsigned int len);
-unsigned char* buf_getstring(buffer* buf, unsigned int *retlen);
+char* buf_getstring(buffer* buf, unsigned int *retlen);
 buffer * buf_getstringbuf(buffer *buf);
 void buf_eatstring(buffer *buf);
 void buf_putint(buffer* buf, unsigned int val);
-void buf_putstring(buffer* buf, const unsigned char* str, unsigned int len);
+void buf_putstring(buffer* buf, const char* str, unsigned int len);
 void buf_putbufstring(buffer *buf, const buffer* buf_str);
 void buf_putbytes(buffer *buf, const unsigned char *bytes, unsigned int len);
 void buf_putmpint(buffer* buf, mp_int * mp);

cli-auth.c

@@ -43,11 +43,11 @@ void cli_auth_getmethods() {
 	TRACE(("enter cli_auth_getmethods"))
 	CHECKCLEARTOWRITE();
 	buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_REQUEST);
-	buf_putstring(ses.writepayload, (const unsigned char *)cli_opts.username,
+	buf_putstring(ses.writepayload, cli_opts.username,
 			strlen(cli_opts.username));
-	buf_putstring(ses.writepayload, (const unsigned char *)SSH_SERVICE_CONNECTION,
+	buf_putstring(ses.writepayload, SSH_SERVICE_CONNECTION,
 			SSH_SERVICE_CONNECTION_LEN);
-	buf_putstring(ses.writepayload, (const unsigned char *)"none", 4); /* 'none' method */
+	buf_putstring(ses.writepayload, "none", 4); /* 'none' method */
 
 	encrypt_packet();
 
@@ -85,7 +85,7 @@ void recv_msg_userauth_banner() {
 		return;
 	}
 
-	banner = (char *)buf_getstring(ses.payload, &bannerlen);
+	banner = buf_getstring(ses.payload, &bannerlen);
 	buf_eatstring(ses.payload); /* The language string */
 
 	if (bannerlen > MAX_BANNER_SIZE) {
@@ -201,7 +201,7 @@ void recv_msg_userauth_failure() {
 		cli_ses.lastauthtype = AUTH_TYPE_NONE;
 	}
 
-	methods = (char *)buf_getstring(ses.payload, &methlen);
+	methods = buf_getstring(ses.payload, &methlen);
 
 	partial = buf_getbool(ses.payload);
 

cli-authinteract.c

@@ -84,8 +84,8 @@ void recv_msg_userauth_info_request() {
 	}
 	cli_ses.interact_request_received = 1;
 
-	name = (char *)buf_getstring(ses.payload, NULL);
+	name = buf_getstring(ses.payload, NULL);
-	instruction = (char *)buf_getstring(ses.payload, NULL);
+	instruction = buf_getstring(ses.payload, NULL);
 
 	/* language tag */
 	buf_eatstring(ses.payload);
@@ -115,7 +115,7 @@ void recv_msg_userauth_info_request() {
 
 	for (i = 0; i < num_prompts; i++) {
 		unsigned int response_len = 0;
-		prompt = (char *)buf_getstring(ses.payload, NULL);
+		prompt = buf_getstring(ses.payload, NULL);
 		cleantext(prompt);
 
 		echo = buf_getbool(ses.payload);
@@ -129,7 +129,7 @@ void recv_msg_userauth_info_request() {
 		}
 
 		response_len = strlen(response);
-		buf_putstring(ses.writepayload, (const unsigned char *)response, response_len);
+		buf_putstring(ses.writepayload, response, response_len);
 		m_burn(response, response_len);
 		m_free(prompt);
 		m_free(response);
@@ -149,22 +149,22 @@ void cli_auth_interactive() {
 	buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_REQUEST);
 
 	/* username */
-	buf_putstring(ses.writepayload, (const unsigned char *)cli_opts.username,
+	buf_putstring(ses.writepayload, cli_opts.username,
 			strlen(cli_opts.username));
 
 	/* service name */
-	buf_putstring(ses.writepayload, (const unsigned char *)SSH_SERVICE_CONNECTION,
+	buf_putstring(ses.writepayload, SSH_SERVICE_CONNECTION,
 			SSH_SERVICE_CONNECTION_LEN);
 
 	/* method */
-	buf_putstring(ses.writepayload, (const unsigned char *)AUTH_METHOD_INTERACT,
+	buf_putstring(ses.writepayload, AUTH_METHOD_INTERACT,
 			AUTH_METHOD_INTERACT_LEN);
 
 	/* empty language tag */
-	buf_putstring(ses.writepayload, (const unsigned char *)"", 0);
+	buf_putstring(ses.writepayload, "", 0);
 
 	/* empty submethods */
-	buf_putstring(ses.writepayload, (const unsigned char *)"", 0);
+	buf_putstring(ses.writepayload, "", 0);
 
 	encrypt_packet();
 	cli_ses.interact_request_received = 0;

cli-authpasswd.c

@@ -140,18 +140,18 @@ void cli_auth_password() {
 
 	buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_REQUEST);
 
-	buf_putstring(ses.writepayload, (const unsigned char *)cli_opts.username,
+	buf_putstring(ses.writepayload, cli_opts.username,
 			strlen(cli_opts.username));
 
-	buf_putstring(ses.writepayload, (const unsigned char *)SSH_SERVICE_CONNECTION,
+	buf_putstring(ses.writepayload, SSH_SERVICE_CONNECTION,
 			SSH_SERVICE_CONNECTION_LEN);
 
-	buf_putstring(ses.writepayload, (const unsigned char *)AUTH_METHOD_PASSWORD,
+	buf_putstring(ses.writepayload, AUTH_METHOD_PASSWORD,
 			AUTH_METHOD_PASSWORD_LEN);
 
 	buf_putbyte(ses.writepayload, 0); /* FALSE - so says the spec */
 
-	buf_putstring(ses.writepayload, (const unsigned char *)password, strlen(password));
+	buf_putstring(ses.writepayload, password, strlen(password));
 
 	encrypt_packet();
 	m_burn(password, strlen(password));

cli-authpubkey.c

@@ -63,7 +63,7 @@ void recv_msg_userauth_pk_ok() {
 
 	TRACE(("enter recv_msg_userauth_pk_ok"))
 
-	algotype = (char *)buf_getstring(ses.payload, &algolen);
+	algotype = buf_getstring(ses.payload, &algolen);
 	keytype = signkey_type_from_name(algotype, algolen);
 	TRACE(("recv_msg_userauth_pk_ok: type %d", keytype))
 	m_free(algotype);
@@ -149,20 +149,20 @@ static void send_msg_userauth_pubkey(sign_key *key, int type, int realsign) {
 
 	buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_REQUEST);
 
-	buf_putstring(ses.writepayload, (const unsigned char *)cli_opts.username,
+	buf_putstring(ses.writepayload, cli_opts.username,
 			strlen(cli_opts.username));
 
-	buf_putstring(ses.writepayload, (const unsigned char *)SSH_SERVICE_CONNECTION,
+	buf_putstring(ses.writepayload, SSH_SERVICE_CONNECTION,
 			SSH_SERVICE_CONNECTION_LEN);
 
-	buf_putstring(ses.writepayload, (const unsigned char *)AUTH_METHOD_PUBKEY,
+	buf_putstring(ses.writepayload, AUTH_METHOD_PUBKEY,
 			AUTH_METHOD_PUBKEY_LEN);
 
 	buf_putbyte(ses.writepayload, realsign);
 
 	algoname = signkey_name_from_type(type, &algolen);
 
-	buf_putstring(ses.writepayload, (const unsigned char *)algoname, algolen);
+	buf_putstring(ses.writepayload, algoname, algolen);
 	buf_put_pub_key(ses.writepayload, key, type);
 
 	if (realsign) {

cli-chansession.c

@@ -61,7 +61,7 @@ static void cli_chansessreq(struct Channel *channel) {
 
 	TRACE(("enter cli_chansessreq"))
 
-	type = (char *) buf_getstring(ses.payload, NULL);
+	type = buf_getstring(ses.payload, NULL);
 	wantreply = buf_getbool(ses.payload);
 
 	if (strcmp(type, "exit-status") == 0) {
@@ -261,7 +261,7 @@ void cli_chansess_winchange() {
 			CHECKCLEARTOWRITE();
 			buf_putbyte(ses.writepayload, SSH_MSG_CHANNEL_REQUEST);
 			buf_putint(ses.writepayload, channel->remotechan);
-			buf_putstring(ses.writepayload, (const unsigned char *) "window-change", 13);
+			buf_putstring(ses.writepayload, "window-change", 13);
 			buf_putbyte(ses.writepayload, 0); /* FALSE says the spec */
 			put_winsize();
 			encrypt_packet();
@@ -286,7 +286,7 @@ static void send_chansess_pty_req(struct Channel *channel) {
 	if (term == NULL) {
 		term = "vt100"; /* Seems a safe default */
 	}
-	buf_putstring(ses.writepayload, (const unsigned char *)term, strlen(term));
+	buf_putstring(ses.writepayload, term, strlen(term));
 
 	/* Window size */
 	put_winsize();
@@ -324,7 +324,7 @@ static void send_chansess_shell_req(struct Channel *channel) {
 	/* XXX TODO */
 	buf_putbyte(ses.writepayload, 0); /* Don't want replies */
 	if (cli_opts.cmd) {
-		buf_putstring(ses.writepayload, (const unsigned char *)cli_opts.cmd, strlen(cli_opts.cmd));
+		buf_putstring(ses.writepayload, cli_opts.cmd, strlen(cli_opts.cmd));
 	}
 
 	encrypt_packet();
@@ -403,12 +403,12 @@ void cli_send_netcat_request() {
 		dropbear_exit("Couldn't open initial channel");
 	}
 
-	buf_putstring(ses.writepayload, (const unsigned char *)cli_opts.netcat_host,
+	buf_putstring(ses.writepayload, cli_opts.netcat_host,
 			strlen(cli_opts.netcat_host));
 	buf_putint(ses.writepayload, cli_opts.netcat_port);
 
 	/* originator ip - localhost is accurate enough */
-	buf_putstring(ses.writepayload, (const unsigned char *)source_host, strlen(source_host));
+	buf_putstring(ses.writepayload, source_host, strlen(source_host));
 	buf_putint(ses.writepayload, source_port);
 
 	encrypt_packet();

cli-kex.c

@@ -79,7 +79,7 @@ void send_msg_kexdh_init() {
 				}
 				cli_ses.curve25519_param = gen_kexcurve25519_param();
 			}
-			buf_putstring(ses.writepayload, cli_ses.curve25519_param->pub, CURVE25519_LEN);
+			buf_putstring(ses.writepayload, (const char*)cli_ses.curve25519_param->pub, CURVE25519_LEN);
 #endif
 			break;
 	}

cli-session.c

@@ -194,7 +194,7 @@ static void send_msg_service_request(char* servicename) {
 	CHECKCLEARTOWRITE();
 
 	buf_putbyte(ses.writepayload, SSH_MSG_SERVICE_REQUEST);
-	buf_putstring(ses.writepayload, (const unsigned char *)servicename, strlen(servicename));
+	buf_putstring(ses.writepayload, servicename, strlen(servicename));
 
 	encrypt_packet();
 	TRACE(("leave send_msg_service_request"))

cli-tcpfwd.c

@@ -136,9 +136,9 @@ static void send_msg_global_request_remotetcp(const char *addr, int port) {
 
 	CHECKCLEARTOWRITE();
 	buf_putbyte(ses.writepayload, SSH_MSG_GLOBAL_REQUEST);
-	buf_putstring(ses.writepayload, (const unsigned char *)"tcpip-forward", 13);
+	buf_putstring(ses.writepayload, "tcpip-forward", 13);
 	buf_putbyte(ses.writepayload, 1); /* want_reply */
-	buf_putstring(ses.writepayload, (const unsigned char *)addr, strlen(addr));
+	buf_putstring(ses.writepayload, addr, strlen(addr));
 	buf_putint(ses.writepayload, port);
 
 	encrypt_packet();
@@ -218,7 +218,7 @@ static int newtcpforwarded(struct Channel * channel) {
 	char portstring[NI_MAXSERV];
 	int err = SSH_OPEN_ADMINISTRATIVELY_PROHIBITED;
 
-	origaddr = (char *)buf_getstring(ses.payload, NULL);
+	origaddr = buf_getstring(ses.payload, NULL);
 	origport = buf_getint(ses.payload);
 
 	/* Find which port corresponds. First try and match address as well as port,

common-algo.c

@@ -328,7 +328,7 @@ void buf_put_algolist(buffer * buf, algo_type localalgos[]) {
 			buf_putbytes(algolist, (const unsigned char *) localalgos[i].name, len);
 		}
 	}
-	buf_putstring(buf, algolist->data, algolist->len);
+	buf_putstring(buf, (const char*)algolist->data, algolist->len);
 	buf_free(algolist);
 }
 
@@ -353,7 +353,7 @@ algo_type * buf_match_algo(buffer* buf, algo_type localalgos[],
 	}
 
 	/* get the comma-separated list from the buffer ie "algo1,algo2,algo3" */
-	algolist = (char *) buf_getstring(buf, &len);
+	algolist = buf_getstring(buf, &len);
 	TRACE(("buf_match_algo: %s", algolist))
 	if (len > MAX_PROPOSED_ALGO*(MAX_NAME_LEN+1)) {
 		goto out;

common-channel.c

@@ -934,7 +934,7 @@ void recv_msg_channel_open() {
 	TRACE(("enter recv_msg_channel_open"))
 
 	/* get the packet contents */
-	type = (char *) buf_getstring(ses.payload, &typelen);
+	type = buf_getstring(ses.payload, &typelen);
 
 	remotechan = buf_getint(ses.payload);
 	transwindow = buf_getint(ses.payload);
@@ -1047,8 +1047,8 @@ static void send_msg_channel_open_failure(unsigned int remotechan,
 	buf_putbyte(ses.writepayload, SSH_MSG_CHANNEL_OPEN_FAILURE);
 	buf_putint(ses.writepayload, remotechan);
 	buf_putint(ses.writepayload, reason);
-	buf_putstring(ses.writepayload, (const unsigned char *) text, strlen(text));
+	buf_putstring(ses.writepayload, text, strlen(text));
-	buf_putstring(ses.writepayload, (const unsigned char *) lang, strlen(lang));
+	buf_putstring(ses.writepayload, lang, strlen(lang));
 
 	encrypt_packet();
 	TRACE(("leave send_msg_channel_open_failure"))
@@ -1149,7 +1149,7 @@ int send_msg_channel_open_init(int fd, const struct ChanType *type) {
 	CHECKCLEARTOWRITE();
 
 	buf_putbyte(ses.writepayload, SSH_MSG_CHANNEL_OPEN);
-	buf_putstring(ses.writepayload, (const unsigned char *) type->name, strlen(type->name));
+	buf_putstring(ses.writepayload, type->name, strlen(type->name));
 	buf_putint(ses.writepayload, chan->index);
 	buf_putint(ses.writepayload, opts.recv_window);
 	buf_putint(ses.writepayload, RECV_MAX_CHANNEL_DATA_LEN);
@@ -1250,6 +1250,6 @@ void start_send_channel_request(struct Channel *channel,
 	buf_putbyte(ses.writepayload, SSH_MSG_CHANNEL_REQUEST);
 	buf_putint(ses.writepayload, channel->remotechan);
 
-	buf_putstring(ses.writepayload, (const unsigned char *) type, strlen(type));
+	buf_putstring(ses.writepayload, type, strlen(type));
 
 }

common-kex.c

@@ -128,10 +128,10 @@ void send_msg_kexinit() {
 	buf_put_algolist(ses.writepayload, ses.compress_algos);
 
 	/* languages_client_to_server */
-	buf_putstring(ses.writepayload, (const unsigned char *) "", 0);
+	buf_putstring(ses.writepayload, "", 0);
 
 	/* languages_server_to_client */
-	buf_putstring(ses.writepayload, (const unsigned char *) "", 0);
+	buf_putstring(ses.writepayload, "", 0);
 
 	/* first_kex_packet_follows */
 	buf_putbyte(ses.writepayload, (ses.send_kex_first_guess != NULL));
@@ -525,18 +525,17 @@ void recv_msg_kexinit() {
 		read_kex_algos();
 
 		/* V_C, the client's version string (CR and NL excluded) */
-	    buf_putstring(ses.kexhashbuf,
+	    buf_putstring(ses.kexhashbuf, LOCAL_IDENT, local_ident_len);
-			(unsigned char*)LOCAL_IDENT, local_ident_len);
 		/* V_S, the server's version string (CR and NL excluded) */
-	    buf_putstring(ses.kexhashbuf, (unsigned char*)ses.remoteident, remote_ident_len);
+	    buf_putstring(ses.kexhashbuf, ses.remoteident, remote_ident_len);
 
 		/* I_C, the payload of the client's SSH_MSG_KEXINIT */
 	    buf_putstring(ses.kexhashbuf,
-			ses.transkexinit->data, ses.transkexinit->len);
+			(const char*)ses.transkexinit->data, ses.transkexinit->len);
 		/* I_S, the payload of the server's SSH_MSG_KEXINIT */
 	    buf_setpos(ses.payload, ses.payload_beginning);
 	    buf_putstring(ses.kexhashbuf, 
-	    	buf_getptr(ses.payload, ses.payload->len-ses.payload->pos),
+	    	(const char*)buf_getptr(ses.payload, ses.payload->len-ses.payload->pos),
 	    	ses.payload->len-ses.payload->pos);
 		ses.requirenext = SSH_MSG_KEXDH_REPLY;
 	} else {
@@ -545,20 +544,19 @@ void recv_msg_kexinit() {
 		/* read the peer's choice of algos */
 		read_kex_algos();
 		/* V_C, the client's version string (CR and NL excluded) */
-	    buf_putstring(ses.kexhashbuf, (unsigned char*)ses.remoteident, remote_ident_len);
+	    buf_putstring(ses.kexhashbuf, ses.remoteident, remote_ident_len);
 		/* V_S, the server's version string (CR and NL excluded) */
-	    buf_putstring(ses.kexhashbuf, 
+	    buf_putstring(ses.kexhashbuf, LOCAL_IDENT, local_ident_len);
-				(unsigned char*)LOCAL_IDENT, local_ident_len);
 
 		/* I_C, the payload of the client's SSH_MSG_KEXINIT */
 	    buf_setpos(ses.payload, ses.payload_beginning);
 	    buf_putstring(ses.kexhashbuf, 
-	    	buf_getptr(ses.payload, ses.payload->len-ses.payload->pos),
+	    	(const char*)buf_getptr(ses.payload, ses.payload->len-ses.payload->pos),
 	    	ses.payload->len-ses.payload->pos);
 
 		/* I_S, the payload of the server's SSH_MSG_KEXINIT */
 	    buf_putstring(ses.kexhashbuf,
-			ses.transkexinit->data, ses.transkexinit->len);
+			(const char*)ses.transkexinit->data, ses.transkexinit->len);
 
 		ses.requirenext = SSH_MSG_KEXDH_INIT;
 	}
@@ -783,9 +781,9 @@ void kexcurve25519_comb_key(struct kex_curve25519_param *param, buffer *buf_pub_
 	/* K_S, the host key */
 	buf_put_pub_key(ses.kexhashbuf, hostkey, ses.newkeys->algo_hostkey);
 	/* Q_C, client's ephemeral public key octet string */
-	buf_putstring(ses.kexhashbuf, Q_C, CURVE25519_LEN);
+	buf_putstring(ses.kexhashbuf, (const char*)Q_C, CURVE25519_LEN);
 	/* Q_S, server's ephemeral public key octet string */
-	buf_putstring(ses.kexhashbuf, Q_S, CURVE25519_LEN);
+	buf_putstring(ses.kexhashbuf, (const char*)Q_S, CURVE25519_LEN);
 	/* K, the shared secret */
 	buf_putmpint(ses.kexhashbuf, ses.dh_K);
 

common-session.c

@@ -467,7 +467,7 @@ static void send_msg_keepalive() {
 		/* Some peers will reply with SSH_MSG_REQUEST_FAILURE, 
 		some will reply with SSH_MSG_UNIMPLEMENTED, some will exit. */
 		buf_putbyte(ses.writepayload, SSH_MSG_GLOBAL_REQUEST); 
-		buf_putstring(ses.writepayload, (const unsigned char *) DROPBEAR_KEEPALIVE_STRING,
+		buf_putstring(ses.writepayload, DROPBEAR_KEEPALIVE_STRING,
 			strlen(DROPBEAR_KEEPALIVE_STRING));
 	}
 	buf_putbyte(ses.writepayload, 1); /* want_reply */

dss.c

@@ -136,7 +136,7 @@ void dss_key_free(dropbear_dss_key *key) {
 void buf_put_dss_pub_key(buffer* buf, dropbear_dss_key *key) {
 
 	dropbear_assert(key != NULL);
-	buf_putstring(buf, (const unsigned char*) SSH_SIGNKEY_DSS, SSH_SIGNKEY_DSS_LEN);
+	buf_putstring(buf, SSH_SIGNKEY_DSS, SSH_SIGNKEY_DSS_LEN);
 	buf_putmpint(buf, key->p);
 	buf_putmpint(buf, key->q);
 	buf_putmpint(buf, key->g);
@@ -173,7 +173,7 @@ int buf_dss_verify(buffer* buf, dropbear_dss_key *key, buffer *data_buf) {
 	m_mp_init_multi(&val1, &val2, &val3, &val4, NULL);
 
 	/* get blob, check length */
-	string = (char*) buf_getstring(buf, &stringlen);
+	string = buf_getstring(buf, &stringlen);
 	if (stringlen != 2*SHA1_HASH_SIZE) {
 		goto out;
 	}
@@ -310,7 +310,7 @@ void buf_put_dss_sign(buffer* buf, dropbear_dss_key *key, buffer *data_buf) {
 		dropbear_exit("DSS error");
 	}
 
-	buf_putstring(buf, (const unsigned char*) SSH_SIGNKEY_DSS, SSH_SIGNKEY_DSS_LEN);
+	buf_putstring(buf, SSH_SIGNKEY_DSS, SSH_SIGNKEY_DSS_LEN);
 	buf_putint(buf, 2*SHA1_HASH_SIZE);
 
 	writelen = mp_unsigned_bin_size(&dss_r);

ecdsa.c

@@ -83,9 +83,9 @@ ecc_key *buf_get_ecdsa_pub_key(buffer* buf) {
 	ecc_key *new_key = NULL;
 
 	/* string   "ecdsa-sha2-[identifier]" */
-	key_ident = buf_getstring(buf, &key_ident_len);
+	key_ident = (unsigned char*)buf_getstring(buf, &key_ident_len);
 	/* string   "[identifier]" */
-	identifier = buf_getstring(buf, &identifier_len);
+	identifier = (unsigned char*)buf_getstring(buf, &identifier_len);
 
 	if (key_ident_len != identifier_len + strlen("ecdsa-sha2-")) {
 		TRACE(("Bad identifier lengths"))
@@ -144,8 +144,8 @@ void buf_put_ecdsa_pub_key(buffer *buf, ecc_key *key) {
 
 	curve = curve_for_dp(key->dp);
 	snprintf(key_ident, sizeof(key_ident), "ecdsa-sha2-%s", curve->name);
-	buf_putstring(buf, (const unsigned char *) key_ident, strlen(key_ident));
+	buf_putstring(buf, key_ident, strlen(key_ident));
-	buf_putstring(buf, (const unsigned char *) curve->name, strlen(curve->name));
+	buf_putstring(buf, curve->name, strlen(curve->name));
 	buf_put_ecc_raw_pubkey_string(buf, key);
 }
 
@@ -223,7 +223,7 @@ void buf_put_ecdsa_sign(buffer *buf, ecc_key *key, buffer *data_buf) {
 	}
 
 	snprintf(key_ident, sizeof(key_ident), "ecdsa-sha2-%s", curve->name);
-	buf_putstring(buf, (const unsigned char *) key_ident, strlen(key_ident));
+	buf_putstring(buf, key_ident, strlen(key_ident));
 	/* enough for nistp521 */
 	sigbuf = buf_new(200);
 	buf_putmpint(sigbuf, (mp_int*)r);

keyimport.c

@@ -602,13 +602,13 @@ static sign_key *openssh_read(const char *filename, char * UNUSED(passphrase))
 
 #ifdef DROPBEAR_DSS
 	if (key->type == OSSH_DSA) {
-		buf_putstring(blobbuf, (const unsigned char *)"ssh-dss", 7);
+		buf_putstring(blobbuf, "ssh-dss", 7);
 		retkey->type = DROPBEAR_SIGNKEY_DSS;
 	} 
 #endif
 #ifdef DROPBEAR_RSA
 	if (key->type == OSSH_RSA) {
-		buf_putstring(blobbuf, (const unsigned char *)"ssh-rsa", 7);
+		buf_putstring(blobbuf, "ssh-rsa", 7);
 		retkey->type = DROPBEAR_SIGNKEY_RSA;
 	}
 #endif
@@ -649,9 +649,9 @@ static sign_key *openssh_read(const char *filename, char * UNUSED(passphrase))
 				modptr = p;
 				modlen = len;
 			} else if (i >= 2 && i <= 5) {
-				buf_putstring(blobbuf, p, len);
+				buf_putstring(blobbuf, (const char*)p, len);
 				if (i == 2) {
-					buf_putstring(blobbuf, modptr, modlen);
+					buf_putstring(blobbuf, (const char*)modptr, modlen);
 				}
 			}
 		} else if (key->type == OSSH_DSA) {
@@ -659,7 +659,7 @@ static sign_key *openssh_read(const char *filename, char * UNUSED(passphrase))
 			 * OpenSSH key order is p, q, g, y, x,
 			 * we want the same.
 			 */
-			buf_putstring(blobbuf, p, len);
+			buf_putstring(blobbuf, (const char*)p, len);
 		}
 
 		/* Skip past the number. */

rsa.c

@@ -174,7 +174,7 @@ void buf_put_rsa_pub_key(buffer* buf, dropbear_rsa_key *key) {
 	TRACE(("enter buf_put_rsa_pub_key"))
 	dropbear_assert(key != NULL);
 
-	buf_putstring(buf, (const unsigned char *) SSH_SIGNKEY_RSA, SSH_SIGNKEY_RSA_LEN);
+	buf_putstring(buf, SSH_SIGNKEY_RSA, SSH_SIGNKEY_RSA_LEN);
 	buf_putmpint(buf, key->e);
 	buf_putmpint(buf, key->n);
 
@@ -327,7 +327,7 @@ void buf_put_rsa_sign(buffer* buf, dropbear_rsa_key *key, buffer *data_buf) {
 	mp_clear_multi(&rsa_tmp1, &rsa_tmp2, &rsa_tmp3, NULL);
 	
 	/* create the signature to return */
-	buf_putstring(buf, (const unsigned char *) SSH_SIGNKEY_RSA, SSH_SIGNKEY_RSA_LEN);
+	buf_putstring(buf, SSH_SIGNKEY_RSA, SSH_SIGNKEY_RSA_LEN);
 
 	nsize = mp_unsigned_bin_size(key->n);
 

signkey.c

@@ -145,7 +145,7 @@ int buf_get_pub_key(buffer *buf, sign_key *key, enum signkey_type *type) {
 
 	TRACE2(("enter buf_get_pub_key"))
 
-	ident = (char *) buf_getstring(buf, &len);
+	ident = buf_getstring(buf, &len);
 	keytype = signkey_type_from_name(ident, len);
 	m_free(ident);
 
@@ -216,7 +216,7 @@ int buf_get_priv_key(buffer *buf, sign_key *key, enum signkey_type *type) {
 
 	TRACE2(("enter buf_get_priv_key"))
 
-	ident = (char *)buf_getstring(buf, &len);
+	ident = buf_getstring(buf, &len);
 	keytype = signkey_type_from_name(ident, len);
 	m_free(ident);
 
@@ -522,7 +522,7 @@ int buf_verify(buffer * buf, sign_key *key, buffer *data_buf) {
 	TRACE(("enter buf_verify"))
 
 	buf_getint(buf); /* blob length */
-	type_name = (char *) buf_getstring(buf, &type_name_len);
+	type_name = buf_getstring(buf, &type_name_len);
 	type = signkey_type_from_name(type_name, type_name_len);
 	m_free(type_name);
 

svr-auth.c

@@ -89,7 +89,7 @@ void send_msg_userauth_banner(buffer *banner) {
 
 	buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_BANNER);
 	buf_putbufstring(ses.writepayload, banner);
-	buf_putstring(ses.writepayload, (const unsigned char *)"en", 2);
+	buf_putstring(ses.writepayload, "en", 2);
 
 	encrypt_packet();
 
@@ -119,9 +119,9 @@ void recv_msg_userauth_request() {
 		svr_opts.banner = NULL;
 	}
 
-	username = (char *)buf_getstring(ses.payload, &userlen);
+	username = buf_getstring(ses.payload, &userlen);
-	servicename = (char *)buf_getstring(ses.payload, &servicelen);
+	servicename = buf_getstring(ses.payload, &servicelen);
-	methodname = (char *)buf_getstring(ses.payload, &methodlen);
+	methodname = buf_getstring(ses.payload, &methodlen);
 
 	/* only handle 'ssh-connection' currently */
 	if (servicelen != SSH_SERVICE_CONNECTION_LEN

svr-authpam.c

@@ -188,7 +188,7 @@ void svr_auth_pam() {
 
 	pam_handle_t* pamHandlep = NULL;
 
-	unsigned char * password = NULL;
+	char * password = NULL;
 	unsigned int passwordlen;
 
 	int rc = PAM_SUCCESS;

svr-authpasswd.c

@@ -52,7 +52,7 @@ void svr_auth_password() {
 	
 	char * passwdcrypt = NULL; /* the crypt from /etc/passwd or /etc/shadow */
 	char * testcrypt = NULL; /* crypt generated from the user's password sent */
-	unsigned char * password;
+	char * password;
 	unsigned int passwordlen;
 
 	unsigned int changepw;
@@ -75,7 +75,7 @@ void svr_auth_password() {
 	password = buf_getstring(ses.payload, &passwordlen);
 
 	/* the first bytes of passwdcrypt are the salt */
-	testcrypt = crypt((char*)password, passwdcrypt);
+	testcrypt = crypt(password, passwdcrypt);
 	m_burn(password, passwordlen);
 	m_free(password);
 

svr-authpubkey.c

@@ -98,7 +98,7 @@ void svr_auth_pubkey() {
 	 * actual attempt*/
 	testkey = (buf_getbool(ses.payload) == 0);
 
-	algo = (char *) buf_getstring(ses.payload, &algolen);
+	algo = buf_getstring(ses.payload, &algolen);
 	keybloblen = buf_getint(ses.payload);
 	keyblob = buf_getptr(ses.payload, keybloblen);
 
@@ -180,8 +180,8 @@ static void send_msg_userauth_pk_ok(char* algo, unsigned int algolen,
 	CHECKCLEARTOWRITE();
 
 	buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_PK_OK);
-	buf_putstring(ses.writepayload, (const unsigned char *) algo, algolen);
+	buf_putstring(ses.writepayload, algo, algolen);
-	buf_putstring(ses.writepayload, keyblob, keybloblen);
+	buf_putstring(ses.writepayload, (const char*)keyblob, keybloblen);
 
 	encrypt_packet();
 	TRACE(("leave send_msg_userauth_pk_ok"))

svr-chansession.c

@@ -183,7 +183,7 @@ static void send_msg_chansess_exitstatus(struct Channel * channel,
 
 	buf_putbyte(ses.writepayload, SSH_MSG_CHANNEL_REQUEST);
 	buf_putint(ses.writepayload, channel->remotechan);
-	buf_putstring(ses.writepayload, (const unsigned char *) "exit-status", 11);
+	buf_putstring(ses.writepayload, "exit-status", 11);
 	buf_putbyte(ses.writepayload, 0); /* boolean FALSE */
 	buf_putint(ses.writepayload, chansess->exit.exitstatus);
 
@@ -219,12 +219,12 @@ static void send_msg_chansess_exitsignal(struct Channel * channel,
 
 	buf_putbyte(ses.writepayload, SSH_MSG_CHANNEL_REQUEST);
 	buf_putint(ses.writepayload, channel->remotechan);
-	buf_putstring(ses.writepayload, (const unsigned char *) "exit-signal", 11);
+	buf_putstring(ses.writepayload, "exit-signal", 11);
 	buf_putbyte(ses.writepayload, 0); /* boolean FALSE */
-	buf_putstring(ses.writepayload, (const unsigned char *) signame, strlen(signame));
+	buf_putstring(ses.writepayload, signame, strlen(signame));
 	buf_putbyte(ses.writepayload, chansess->exit.exitcore);
-	buf_putstring(ses.writepayload, (const unsigned char *) "", 0); /* error msg */
+	buf_putstring(ses.writepayload, "", 0); /* error msg */
-	buf_putstring(ses.writepayload, (const unsigned char *) "", 0); /* lang */
+	buf_putstring(ses.writepayload, "", 0); /* lang */
 
 	encrypt_packet();
 }
@@ -351,7 +351,7 @@ static void chansessionrequest(struct Channel *channel) {
 
 	TRACE(("enter chansessionrequest"))
 
-	type = (char *) buf_getstring(ses.payload, &typelen);
+	type = buf_getstring(ses.payload, &typelen);
 	wantreply = buf_getbool(ses.payload);
 
 	if (typelen > MAX_NAME_LEN) {
@@ -414,7 +414,7 @@ static int sessionsignal(struct ChanSess *chansess) {
 		return DROPBEAR_FAILURE;
 	}
 
-	signame = (char *) buf_getstring(ses.payload, NULL);
+	signame = buf_getstring(ses.payload, NULL);
 
 	i = 0;
 	while (signames[i].name != 0) {
@@ -567,7 +567,7 @@ static int sessionpty(struct ChanSess * chansess) {
 		return DROPBEAR_FAILURE;
 	}
 
-	chansess->term = (char *) buf_getstring(ses.payload, &termlen);
+	chansess->term = buf_getstring(ses.payload, &termlen);
 	if (termlen > MAX_TERM_LEN) {
 		/* TODO send disconnect ? */
 		TRACE(("leave sessionpty: term len too long"))
@@ -649,7 +649,7 @@ static int sessioncommand(struct Channel *channel, struct ChanSess *chansess,
 	if (iscmd) {
 		/* "exec" */
 		if (chansess->cmd == NULL) {
-			chansess->cmd = (char *) buf_getstring(ses.payload, &cmdlen);
+			chansess->cmd = buf_getstring(ses.payload, &cmdlen);
 
 			if (cmdlen > MAX_CMD_LEN) {
 				m_free(chansess->cmd);

svr-kex.c

@@ -247,7 +247,7 @@ static void send_msg_kexdh_reply(mp_int *dh_e, buffer *ecdh_qs) {
 			{
 			struct kex_curve25519_param *param = gen_kexcurve25519_param();
 			kexcurve25519_comb_key(param, ecdh_qs, svr_opts.hostkey);
-			buf_putstring(ses.writepayload, param->pub, CURVE25519_LEN);
+			buf_putstring(ses.writepayload, (const char*)param->pub, CURVE25519_LEN);
 			free_kexcurve25519_param(param);
 			}
 #endif

svr-service.c

@@ -41,7 +41,7 @@ void recv_msg_service_request() {
 
 	TRACE(("enter recv_msg_service_request"))
 
-	name = (char *) buf_getstring(ses.payload, &len);
+	name = buf_getstring(ses.payload, &len);
 
 	/* ssh-userauth */
 	if (len == SSH_SERVICE_USERAUTH_LEN && 
@@ -80,7 +80,7 @@ static void send_msg_service_accept(char *name, int len) {
 	CHECKCLEARTOWRITE();
 
 	buf_putbyte(ses.writepayload, SSH_MSG_SERVICE_ACCEPT);
-	buf_putstring(ses.writepayload, (const unsigned char *) name, len);
+	buf_putstring(ses.writepayload, name, len);
 
 	encrypt_packet();
 

svr-tcpfwd.c

@@ -77,7 +77,7 @@ void recv_msg_global_request_remotetcp() {
 		goto out;
 	}
 
-	reqname = (char *)buf_getstring(ses.payload, &namelen);
+	reqname = buf_getstring(ses.payload, &namelen);
 	wantreply = buf_getbool(ses.payload);
 
 	if (namelen > MAX_NAME_LEN) {
@@ -128,7 +128,7 @@ static int svr_cancelremotetcp() {
 
 	TRACE(("enter cancelremotetcp"))
 
-	bindaddr = (char *)buf_getstring(ses.payload, &addrlen);
+	bindaddr = buf_getstring(ses.payload, &addrlen);
 	if (addrlen > MAX_IP_LEN) {
 		TRACE(("addr len too long: %d", addrlen))
 		goto out;
@@ -162,7 +162,7 @@ static int svr_remotetcpreq() {
 
 	TRACE(("enter remotetcpreq"))
 
-	request_addr = (char *)buf_getstring(ses.payload, &addrlen);
+	request_addr = buf_getstring(ses.payload, &addrlen);
 	if (addrlen > MAX_IP_LEN) {
 		TRACE(("addr len too long: %d", addrlen))
 		goto out;
@@ -247,7 +247,7 @@ static int newtcpdirect(struct Channel * channel) {
 		goto out;
 	}
 
-	desthost = (char *)buf_getstring(ses.payload, &len);
+	desthost = buf_getstring(ses.payload, &len);
 	if (len > MAX_HOST_LEN) {
 		TRACE(("leave newtcpdirect: desthost too long"))
 		goto out;
@@ -255,7 +255,7 @@ static int newtcpdirect(struct Channel * channel) {
 
 	destport = buf_getint(ses.payload);
 	
-	orighost = (char *)buf_getstring(ses.payload, &len);
+	orighost = buf_getstring(ses.payload, &len);
 	if (len > MAX_HOST_LEN) {
 		TRACE(("leave newtcpdirect: orighost too long"))
 		goto out;

svr-x11fwd.c

@@ -58,8 +58,8 @@ int x11req(struct ChanSess * chansess) {
 	}
 
 	chansess->x11singleconn = buf_getbool(ses.payload);
-	chansess->x11authprot = (char *)buf_getstring(ses.payload, NULL);
+	chansess->x11authprot = buf_getstring(ses.payload, NULL);
-	chansess->x11authcookie = (char *)buf_getstring(ses.payload, NULL);
+	chansess->x11authcookie = buf_getstring(ses.payload, NULL);
 	chansess->x11screennum = buf_getint(ses.payload);
 
 	/* create listening socket */
@@ -203,7 +203,7 @@ static int send_msg_channel_open_x11(int fd, struct sockaddr_in* addr) {
 
 	if (send_msg_channel_open_init(fd, &chan_x11) == DROPBEAR_SUCCESS) {
 		ipstring = inet_ntoa(addr->sin_addr);
-		buf_putstring(ses.writepayload, (const unsigned char *)ipstring, strlen(ipstring));
+		buf_putstring(ses.writepayload, ipstring, strlen(ipstring));
 		buf_putint(ses.writepayload, addr->sin_port);
 
 		encrypt_packet();

tcp-accept.c

@@ -94,11 +94,11 @@ static void tcp_acceptor(struct Listener *listener, int sock) {
 		if (addr == NULL) {
 			addr = "localhost";
 		}
-		buf_putstring(ses.writepayload, (const unsigned char *)addr, strlen(addr));
+		buf_putstring(ses.writepayload, addr, strlen(addr));
 		buf_putint(ses.writepayload, port);
 
 		/* originator ip */
-		buf_putstring(ses.writepayload, (const unsigned char *)ipstring, strlen(ipstring));
+		buf_putstring(ses.writepayload, ipstring, strlen(ipstring));
 		/* originator port */
 		buf_putint(ses.writepayload, atol(portstring));