From 90f9f433355179db5dc4b7a7c6326986af11924d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20PORTAY?= Date: Sat, 2 May 2015 13:33:34 +0200 Subject: [PATCH 01/32] Test struct existance against sizeof() operator Instead of declaring an "unused-variable" or "unused-but-set-variable" structure. This avoid unexpected broken configurations when using something like: $ ./configure CFLAGS="-Wall -Wextra -Werror" It causes AC_COMPILE_IFELSE to fail and thus leading to a mismatch configuration (because the CFLAGS are passed to the macro). --- configure.ac | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/configure.ac b/configure.ac index b0e85e5..6ae8c32 100644 --- a/configure.ac +++ b/configure.ac @@ -265,7 +265,7 @@ AC_CACHE_CHECK([for struct sockaddr_storage], ac_cv_have_struct_sockaddr_storage #include #include ]], - [[ struct sockaddr_storage s; ]])], + [[ if (sizeof(struct sockaddr_storage)) return 0 ]])], [ ac_cv_have_struct_sockaddr_storage="yes" ], [ ac_cv_have_struct_sockaddr_storage="no" ] ) @@ -279,7 +279,7 @@ AC_CACHE_CHECK([for struct sockaddr_in6], ac_cv_have_struct_sockaddr_in6, [ #include #include ]], - [[ struct sockaddr_in6 s; s.sin6_family = 0; ]])], + [[ if (sizeof(struct sockaddr_in6)) return 0 ]])], [ ac_cv_have_struct_sockaddr_in6="yes" ], [ ac_cv_have_struct_sockaddr_in6="no" ] ) @@ -293,7 +293,7 @@ AC_CACHE_CHECK([for struct in6_addr], ac_cv_have_struct_in6_addr, [ #include #include ]], - [[ struct in6_addr s; s.s6_addr[0] = 0; ]])], + [[ if (sizeof(struct in6_addr)) return 0 ]])], [ ac_cv_have_struct_in6_addr="yes" ], [ ac_cv_have_struct_in6_addr="no" ] ) @@ -308,7 +308,7 @@ AC_CACHE_CHECK([for struct addrinfo], ac_cv_have_struct_addrinfo, [ #include #include ]], - [[ struct addrinfo s; s.ai_flags = AI_PASSIVE; ]])], + [[ if (sizeof(struct addrinfo)) return 0 ]])], [ ac_cv_have_struct_addrinfo="yes" ], [ ac_cv_have_struct_addrinfo="no" ] ) From 897da4ee36a47f4b1757590d92b5747a0267cf01 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20PORTAY?= Date: Sat, 2 May 2015 11:37:37 +0200 Subject: [PATCH 02/32] Uses k_size as an signed integer buf_incrwritepos() and mp_to_unsigned_bin() functions use k_size as signed integer argument. k_size is also used in an assertion that compared it to curve_size which is a signed long. Only buf_getwriteptr() is using k_size as unsigned. So it safe to use it as signed. --- keyimport.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/keyimport.c b/keyimport.c index 8a0d525..d8c0f5c 100644 --- a/keyimport.c +++ b/keyimport.c @@ -1043,7 +1043,7 @@ static int openssh_write(const char *filename, sign_key *key, int curve_oid_len = 0; const void* curve_oid = NULL; unsigned long pubkey_size = 2*curve_size+1; - unsigned int k_size; + int k_size; int err = 0; /* version. less than 10 bytes */ From d9d97969a35e437a8af7a1793b484783360ceca7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20PORTAY?= Date: Sat, 2 May 2015 11:26:22 +0200 Subject: [PATCH 03/32] Uses abort() instead of raising a SIGABRT signal [-Werror] MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit error: ‘noreturn’ function does return [-Werror] abort() is a noreturn function while raise() is not. And because crypt_argchk() is flagged as __attribute__(noreturn), abort() appears to be a better condidate. This compilation warning has probably been introduced by commit 1809f741cba865b03d4db5c4ba8c41364a55d6bc. --- libtomcrypt/src/misc/crypt/crypt_argchk.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libtomcrypt/src/misc/crypt/crypt_argchk.c b/libtomcrypt/src/misc/crypt/crypt_argchk.c index c6675ef..a6d2a48 100644 --- a/libtomcrypt/src/misc/crypt/crypt_argchk.c +++ b/libtomcrypt/src/misc/crypt/crypt_argchk.c @@ -21,7 +21,7 @@ void crypt_argchk(char *v, char *s, int d) { fprintf(stderr, "LTC_ARGCHK '%s' failure on line %d of file %s\n", v, d, s); - (void)raise(SIGABRT); + abort(); } #endif From 224b16b2470ab764e854eb4a7cdd568353655afc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20PORTAY?= Date: Sat, 2 May 2015 15:59:06 +0200 Subject: [PATCH 04/32] Fix pointer differ in signess warnings [-Werror=pointer-sign] --- auth.h | 2 +- cli-auth.c | 6 +++--- cli-authinteract.c | 10 +++++----- cli-authpasswd.c | 8 ++++---- cli-authpubkey.c | 12 ++++++------ cli-chansession.c | 10 +++++----- cli-kex.c | 10 +++++----- cli-session.c | 2 +- cli-tcpfwd.c | 6 +++--- common-algo.c | 10 +++++----- common-channel.c | 6 +++--- common-kex.c | 4 ++-- common-session.c | 4 ++-- dss.c | 12 ++++++------ gendss.c | 2 +- keyimport.c | 8 ++++---- netio.c | 2 +- rsa.c | 4 ++-- signkey.c | 12 ++++++------ svr-auth.c | 6 +++--- svr-authpubkey.c | 6 +++--- svr-authpubkeyoptions.c | 2 +- svr-chansession.c | 10 +++++----- svr-tcpfwd.c | 2 +- svr-x11fwd.c | 6 +++--- tcp-accept.c | 2 +- 26 files changed, 82 insertions(+), 82 deletions(-) diff --git a/auth.h b/auth.h index 78397ed..250a7f7 100644 --- a/auth.h +++ b/auth.h @@ -133,7 +133,7 @@ struct PubKeyOptions { int no_x11_forwarding_flag; int no_pty_flag; /* "command=" option. */ - unsigned char * forced_command; + char * forced_command; }; #endif diff --git a/cli-auth.c b/cli-auth.c index 70ace65..7039cf0 100644 --- a/cli-auth.c +++ b/cli-auth.c @@ -43,11 +43,11 @@ void cli_auth_getmethods() { TRACE(("enter cli_auth_getmethods")) CHECKCLEARTOWRITE(); buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_REQUEST); - buf_putstring(ses.writepayload, cli_opts.username, + buf_putstring(ses.writepayload, (const unsigned char *)cli_opts.username, strlen(cli_opts.username)); - buf_putstring(ses.writepayload, SSH_SERVICE_CONNECTION, + buf_putstring(ses.writepayload, (const unsigned char *)SSH_SERVICE_CONNECTION, SSH_SERVICE_CONNECTION_LEN); - buf_putstring(ses.writepayload, "none", 4); /* 'none' method */ + buf_putstring(ses.writepayload, (const unsigned char *)"none", 4); /* 'none' method */ encrypt_packet(); diff --git a/cli-authinteract.c b/cli-authinteract.c index a06c9ca..192a54e 100644 --- a/cli-authinteract.c +++ b/cli-authinteract.c @@ -149,22 +149,22 @@ void cli_auth_interactive() { buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_REQUEST); /* username */ - buf_putstring(ses.writepayload, cli_opts.username, + buf_putstring(ses.writepayload, (const unsigned char *)cli_opts.username, strlen(cli_opts.username)); /* service name */ - buf_putstring(ses.writepayload, SSH_SERVICE_CONNECTION, + buf_putstring(ses.writepayload, (const unsigned char *)SSH_SERVICE_CONNECTION, SSH_SERVICE_CONNECTION_LEN); /* method */ - buf_putstring(ses.writepayload, AUTH_METHOD_INTERACT, + buf_putstring(ses.writepayload, (const unsigned char *)AUTH_METHOD_INTERACT, AUTH_METHOD_INTERACT_LEN); /* empty language tag */ - buf_putstring(ses.writepayload, "", 0); + buf_putstring(ses.writepayload, (const unsigned char *)"", 0); /* empty submethods */ - buf_putstring(ses.writepayload, "", 0); + buf_putstring(ses.writepayload, (const unsigned char *)"", 0); encrypt_packet(); cli_ses.interact_request_received = 0; diff --git a/cli-authpasswd.c b/cli-authpasswd.c index 1e0bd41..e014629 100644 --- a/cli-authpasswd.c +++ b/cli-authpasswd.c @@ -140,18 +140,18 @@ void cli_auth_password() { buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_REQUEST); - buf_putstring(ses.writepayload, cli_opts.username, + buf_putstring(ses.writepayload, (const unsigned char *)cli_opts.username, strlen(cli_opts.username)); - buf_putstring(ses.writepayload, SSH_SERVICE_CONNECTION, + buf_putstring(ses.writepayload, (const unsigned char *)SSH_SERVICE_CONNECTION, SSH_SERVICE_CONNECTION_LEN); - buf_putstring(ses.writepayload, AUTH_METHOD_PASSWORD, + buf_putstring(ses.writepayload, (const unsigned char *)AUTH_METHOD_PASSWORD, AUTH_METHOD_PASSWORD_LEN); buf_putbyte(ses.writepayload, 0); /* FALSE - so says the spec */ - buf_putstring(ses.writepayload, password, strlen(password)); + buf_putstring(ses.writepayload, (const unsigned char *)password, strlen(password)); encrypt_packet(); m_burn(password, strlen(password)); diff --git a/cli-authpubkey.c b/cli-authpubkey.c index cdef36e..fa04f17 100644 --- a/cli-authpubkey.c +++ b/cli-authpubkey.c @@ -63,7 +63,7 @@ void recv_msg_userauth_pk_ok() { TRACE(("enter recv_msg_userauth_pk_ok")) - algotype = buf_getstring(ses.payload, &algolen); + algotype = (char *)buf_getstring(ses.payload, &algolen); keytype = signkey_type_from_name(algotype, algolen); TRACE(("recv_msg_userauth_pk_ok: type %d", keytype)) m_free(algotype); @@ -141,7 +141,7 @@ void cli_buf_put_sign(buffer* buf, sign_key *key, int type, static void send_msg_userauth_pubkey(sign_key *key, int type, int realsign) { const char *algoname = NULL; - int algolen; + unsigned int algolen; buffer* sigbuf = NULL; TRACE(("enter send_msg_userauth_pubkey")) @@ -149,20 +149,20 @@ static void send_msg_userauth_pubkey(sign_key *key, int type, int realsign) { buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_REQUEST); - buf_putstring(ses.writepayload, cli_opts.username, + buf_putstring(ses.writepayload, (const unsigned char *)cli_opts.username, strlen(cli_opts.username)); - buf_putstring(ses.writepayload, SSH_SERVICE_CONNECTION, + buf_putstring(ses.writepayload, (const unsigned char *)SSH_SERVICE_CONNECTION, SSH_SERVICE_CONNECTION_LEN); - buf_putstring(ses.writepayload, AUTH_METHOD_PUBKEY, + buf_putstring(ses.writepayload, (const unsigned char *)AUTH_METHOD_PUBKEY, AUTH_METHOD_PUBKEY_LEN); buf_putbyte(ses.writepayload, realsign); algoname = signkey_name_from_type(type, &algolen); - buf_putstring(ses.writepayload, algoname, algolen); + buf_putstring(ses.writepayload, (const unsigned char *)algoname, algolen); buf_put_pub_key(ses.writepayload, key, type); if (realsign) { diff --git a/cli-chansession.c b/cli-chansession.c index 57457d2..9895f13 100644 --- a/cli-chansession.c +++ b/cli-chansession.c @@ -261,7 +261,7 @@ void cli_chansess_winchange() { CHECKCLEARTOWRITE(); buf_putbyte(ses.writepayload, SSH_MSG_CHANNEL_REQUEST); buf_putint(ses.writepayload, channel->remotechan); - buf_putstring(ses.writepayload, "window-change", 13); + buf_putstring(ses.writepayload, (const unsigned char *) "window-change", 13); buf_putbyte(ses.writepayload, 0); /* FALSE says the spec */ put_winsize(); encrypt_packet(); @@ -324,7 +324,7 @@ static void send_chansess_shell_req(struct Channel *channel) { /* XXX TODO */ buf_putbyte(ses.writepayload, 0); /* Don't want replies */ if (cli_opts.cmd) { - buf_putstring(ses.writepayload, cli_opts.cmd, strlen(cli_opts.cmd)); + buf_putstring(ses.writepayload, (const unsigned char *)cli_opts.cmd, strlen(cli_opts.cmd)); } encrypt_packet(); @@ -392,7 +392,7 @@ static const struct ChanType cli_chan_netcat = { void cli_send_netcat_request() { - const unsigned char* source_host = "127.0.0.1"; + const char* source_host = "127.0.0.1"; const int source_port = 22; TRACE(("enter cli_send_netcat_request")) @@ -403,12 +403,12 @@ void cli_send_netcat_request() { dropbear_exit("Couldn't open initial channel"); } - buf_putstring(ses.writepayload, cli_opts.netcat_host, + buf_putstring(ses.writepayload, (const unsigned char *)cli_opts.netcat_host, strlen(cli_opts.netcat_host)); buf_putint(ses.writepayload, cli_opts.netcat_port); /* originator ip - localhost is accurate enough */ - buf_putstring(ses.writepayload, source_host, strlen(source_host)); + buf_putstring(ses.writepayload, (const unsigned char *)source_host, strlen(source_host)); buf_putint(ses.writepayload, source_port); encrypt_packet(); diff --git a/cli-kex.c b/cli-kex.c index a590157..cefc077 100644 --- a/cli-kex.c +++ b/cli-kex.c @@ -322,7 +322,7 @@ static void checkhostkey(unsigned char* keyblob, unsigned int keybloblen) { } /* Compare hostnames */ - if (strncmp(cli_opts.remotehost, buf_getptr(line, hostlen), + if (strncmp(cli_opts.remotehost, (const char *) buf_getptr(line, hostlen), hostlen) != 0) { continue; } @@ -334,7 +334,7 @@ static void checkhostkey(unsigned char* keyblob, unsigned int keybloblen) { continue; } - if (strncmp(buf_getptr(line, algolen), algoname, algolen) != 0) { + if (strncmp((const char *) buf_getptr(line, algolen), algoname, algolen) != 0) { TRACE(("algo doesn't match")) continue; } @@ -346,7 +346,7 @@ static void checkhostkey(unsigned char* keyblob, unsigned int keybloblen) { } /* Now we're at the interesting hostkey */ - ret = cmp_base64_key(keyblob, keybloblen, algoname, algolen, + ret = cmp_base64_key(keyblob, keybloblen, (const unsigned char *) algoname, algolen, line, &fingerprint); if (ret == DROPBEAR_SUCCESS) { @@ -382,9 +382,9 @@ static void checkhostkey(unsigned char* keyblob, unsigned int keybloblen) { fseek(hostsfile, 0, SEEK_END); /* In case it wasn't opened append */ buf_setpos(line, 0); buf_setlen(line, 0); - buf_putbytes(line, cli_opts.remotehost, hostlen); + buf_putbytes(line, (const unsigned char *) cli_opts.remotehost, hostlen); buf_putbyte(line, ' '); - buf_putbytes(line, algoname, algolen); + buf_putbytes(line, (const unsigned char *) algoname, algolen); buf_putbyte(line, ' '); len = line->size - line->pos; /* The only failure with base64 is buffer_overflow, but buf_getwriteptr diff --git a/cli-session.c b/cli-session.c index 815f5b6..1d5f998 100644 --- a/cli-session.c +++ b/cli-session.c @@ -192,7 +192,7 @@ static void send_msg_service_request(char* servicename) { CHECKCLEARTOWRITE(); buf_putbyte(ses.writepayload, SSH_MSG_SERVICE_REQUEST); - buf_putstring(ses.writepayload, servicename, strlen(servicename)); + buf_putstring(ses.writepayload, (const unsigned char *)servicename, strlen(servicename)); encrypt_packet(); TRACE(("leave send_msg_service_request")) diff --git a/cli-tcpfwd.c b/cli-tcpfwd.c index ec65f41..df51e31 100644 --- a/cli-tcpfwd.c +++ b/cli-tcpfwd.c @@ -136,9 +136,9 @@ static void send_msg_global_request_remotetcp(const char *addr, int port) { CHECKCLEARTOWRITE(); buf_putbyte(ses.writepayload, SSH_MSG_GLOBAL_REQUEST); - buf_putstring(ses.writepayload, "tcpip-forward", 13); + buf_putstring(ses.writepayload, (const unsigned char *)"tcpip-forward", 13); buf_putbyte(ses.writepayload, 1); /* want_reply */ - buf_putstring(ses.writepayload, addr, strlen(addr)); + buf_putstring(ses.writepayload, (const unsigned char *)addr, strlen(addr)); buf_putint(ses.writepayload, port); encrypt_packet(); @@ -218,7 +218,7 @@ static int newtcpforwarded(struct Channel * channel) { char portstring[NI_MAXSERV]; int err = SSH_OPEN_ADMINISTRATIVELY_PROHIBITED; - origaddr = buf_getstring(ses.payload, NULL); + origaddr = (char *)buf_getstring(ses.payload, NULL); origport = buf_getint(ses.payload); /* Find which port corresponds. First try and match address as well as port, diff --git a/common-algo.c b/common-algo.c index a3e9d78..0886a2b 100644 --- a/common-algo.c +++ b/common-algo.c @@ -338,19 +338,19 @@ algo_type * buf_match_algo(buffer* buf, algo_type localalgos[], enum kexguess2_used *kexguess2, int *goodguess) { - unsigned char * algolist = NULL; - const unsigned char *remotenames[MAX_PROPOSED_ALGO], *localnames[MAX_PROPOSED_ALGO]; + char * algolist = NULL; + const char *remotenames[MAX_PROPOSED_ALGO], *localnames[MAX_PROPOSED_ALGO]; unsigned int len; unsigned int remotecount, localcount, clicount, servcount, i, j; algo_type * ret = NULL; - const unsigned char **clinames, **servnames; + const char **clinames, **servnames; if (goodguess) { *goodguess = 0; } /* get the comma-separated list from the buffer ie "algo1,algo2,algo3" */ - algolist = buf_getstring(buf, &len); + algolist = (char *) buf_getstring(buf, &len); TRACE(("buf_match_algo: %s", algolist)) if (len > MAX_PROPOSED_ALGO*(MAX_NAME_LEN+1)) { goto out; @@ -488,7 +488,7 @@ algolist_string(algo_type algos[]) buf_setpos(b, b->len); buf_putbyte(b, '\0'); buf_setpos(b, 4); - ret_list = m_strdup(buf_getptr(b, b->len - b->pos)); + ret_list = m_strdup((const char *) buf_getptr(b, b->len - b->pos)); buf_free(b); return ret_list; } diff --git a/common-channel.c b/common-channel.c index 5f4051e..a2ab985 100644 --- a/common-channel.c +++ b/common-channel.c @@ -921,7 +921,7 @@ static void send_msg_channel_window_adjust(struct Channel* channel, /* Handle a new channel request, performing any channel-type-specific setup */ void recv_msg_channel_open() { - unsigned char *type; + char *type; unsigned int typelen; unsigned int remotechan, transwindow, transmaxpacket; struct Channel *channel; @@ -934,7 +934,7 @@ void recv_msg_channel_open() { TRACE(("enter recv_msg_channel_open")) /* get the packet contents */ - type = buf_getstring(ses.payload, &typelen); + type = (char *) buf_getstring(ses.payload, &typelen); remotechan = buf_getint(ses.payload); transwindow = buf_getint(ses.payload); @@ -1149,7 +1149,7 @@ int send_msg_channel_open_init(int fd, const struct ChanType *type) { CHECKCLEARTOWRITE(); buf_putbyte(ses.writepayload, SSH_MSG_CHANNEL_OPEN); - buf_putstring(ses.writepayload, type->name, strlen(type->name)); + buf_putstring(ses.writepayload, (const unsigned char *) type->name, strlen(type->name)); buf_putint(ses.writepayload, chan->index); buf_putint(ses.writepayload, opts.recv_window); buf_putint(ses.writepayload, RECV_MAX_CHANNEL_DATA_LEN); diff --git a/common-kex.c b/common-kex.c index 0e477da..c823f19 100644 --- a/common-kex.c +++ b/common-kex.c @@ -128,10 +128,10 @@ void send_msg_kexinit() { buf_put_algolist(ses.writepayload, ses.compress_algos); /* languages_client_to_server */ - buf_putstring(ses.writepayload, "", 0); + buf_putstring(ses.writepayload, (const unsigned char *) "", 0); /* languages_server_to_client */ - buf_putstring(ses.writepayload, "", 0); + buf_putstring(ses.writepayload, (const unsigned char *) "", 0); /* first_kex_packet_follows */ buf_putbyte(ses.writepayload, (ses.send_kex_first_guess != NULL)); diff --git a/common-session.c b/common-session.c index 083b5c5..e565570 100644 --- a/common-session.c +++ b/common-session.c @@ -329,7 +329,7 @@ void session_cleanup() { void send_session_identification() { buffer *writebuf = buf_new(strlen(LOCAL_IDENT "\r\n") + 1); - buf_putbytes(writebuf, LOCAL_IDENT "\r\n", strlen(LOCAL_IDENT "\r\n")); + buf_putbytes(writebuf, (const unsigned char *) LOCAL_IDENT "\r\n", strlen(LOCAL_IDENT "\r\n")); writebuf_enqueue(writebuf, 0); } @@ -469,7 +469,7 @@ static void send_msg_keepalive() { /* Some peers will reply with SSH_MSG_REQUEST_FAILURE, some will reply with SSH_MSG_UNIMPLEMENTED, some will exit. */ buf_putbyte(ses.writepayload, SSH_MSG_GLOBAL_REQUEST); - buf_putstring(ses.writepayload, DROPBEAR_KEEPALIVE_STRING, + buf_putstring(ses.writepayload, (const unsigned char *) DROPBEAR_KEEPALIVE_STRING, strlen(DROPBEAR_KEEPALIVE_STRING)); } buf_putbyte(ses.writepayload, 1); /* want_reply */ diff --git a/dss.c b/dss.c index d4c4407..e782711 100644 --- a/dss.c +++ b/dss.c @@ -136,7 +136,7 @@ void dss_key_free(dropbear_dss_key *key) { void buf_put_dss_pub_key(buffer* buf, dropbear_dss_key *key) { dropbear_assert(key != NULL); - buf_putstring(buf, SSH_SIGNKEY_DSS, SSH_SIGNKEY_DSS_LEN); + buf_putstring(buf, (const unsigned char*) SSH_SIGNKEY_DSS, SSH_SIGNKEY_DSS_LEN); buf_putmpint(buf, key->p); buf_putmpint(buf, key->q); buf_putmpint(buf, key->g); @@ -165,7 +165,7 @@ int buf_dss_verify(buffer* buf, dropbear_dss_key *key, buffer *data_buf) { DEF_MP_INT(val3); DEF_MP_INT(val4); char * string = NULL; - int stringlen; + unsigned int stringlen; TRACE(("enter buf_dss_verify")) dropbear_assert(key != NULL); @@ -173,7 +173,7 @@ int buf_dss_verify(buffer* buf, dropbear_dss_key *key, buffer *data_buf) { m_mp_init_multi(&val1, &val2, &val3, &val4, NULL); /* get blob, check length */ - string = buf_getstring(buf, &stringlen); + string = (char*) buf_getstring(buf, &stringlen); if (stringlen != 2*SHA1_HASH_SIZE) { goto out; } @@ -186,7 +186,7 @@ int buf_dss_verify(buffer* buf, dropbear_dss_key *key, buffer *data_buf) { /* create the signature - s' and r' are the received signatures in buf */ /* w = (s')-1 mod q */ /* let val1 = s' */ - bytes_to_mp(&val1, &string[SHA1_HASH_SIZE], SHA1_HASH_SIZE); + bytes_to_mp(&val1, (const unsigned char*) &string[SHA1_HASH_SIZE], SHA1_HASH_SIZE); if (mp_cmp(&val1, key->q) != MP_LT) { TRACE(("verify failed, s' >= q")) @@ -208,7 +208,7 @@ int buf_dss_verify(buffer* buf, dropbear_dss_key *key, buffer *data_buf) { /* u2 = ((r')w) mod q */ /* let val1 = r' */ - bytes_to_mp(&val1, &string[0], SHA1_HASH_SIZE); + bytes_to_mp(&val1, (const unsigned char*) &string[0], SHA1_HASH_SIZE); if (mp_cmp(&val1, key->q) != MP_LT) { TRACE(("verify failed, r' >= q")) goto out; @@ -310,7 +310,7 @@ void buf_put_dss_sign(buffer* buf, dropbear_dss_key *key, buffer *data_buf) { dropbear_exit("DSS error"); } - buf_putstring(buf, SSH_SIGNKEY_DSS, SSH_SIGNKEY_DSS_LEN); + buf_putstring(buf, (const unsigned char*) SSH_SIGNKEY_DSS, SSH_SIGNKEY_DSS_LEN); buf_putint(buf, 2*SHA1_HASH_SIZE); writelen = mp_unsigned_bin_size(&dss_r); diff --git a/gendss.c b/gendss.c index 21d13a0..783e25f 100644 --- a/gendss.c +++ b/gendss.c @@ -67,7 +67,7 @@ dropbear_dss_key * gen_dss_priv_key(unsigned int size) { static void getq(dropbear_dss_key *key) { - char buf[QSIZE]; + unsigned char buf[QSIZE]; /* 160 bit prime */ genrandom(buf, QSIZE); diff --git a/keyimport.c b/keyimport.c index d8c0f5c..fdf51c0 100644 --- a/keyimport.c +++ b/keyimport.c @@ -193,7 +193,7 @@ out: static void base64_encode_fp(FILE * fp, unsigned char *data, int datalen, int cpl) { - char out[100]; + unsigned char out[100]; int n; unsigned long outlen; int rawcpl; @@ -445,7 +445,7 @@ static struct openssh_key *load_openssh_key(const char *filename) ret->keyblob_size); } outlen = ret->keyblob_size - ret->keyblob_len; - if (base64_decode(buffer, len, + if (base64_decode((const unsigned char *)buffer, len, ret->keyblob + ret->keyblob_len, &outlen) != CRYPT_OK){ errmsg = "Error decoding base64"; goto error; @@ -602,13 +602,13 @@ static sign_key *openssh_read(const char *filename, char * UNUSED(passphrase)) #ifdef DROPBEAR_DSS if (key->type == OSSH_DSA) { - buf_putstring(blobbuf, "ssh-dss", 7); + buf_putstring(blobbuf, (const unsigned char *)"ssh-dss", 7); retkey->type = DROPBEAR_SIGNKEY_DSS; } #endif #ifdef DROPBEAR_RSA if (key->type == OSSH_RSA) { - buf_putstring(blobbuf, "ssh-rsa", 7); + buf_putstring(blobbuf, (const unsigned char *)"ssh-rsa", 7); retkey->type = DROPBEAR_SIGNKEY_RSA; } #endif diff --git a/netio.c b/netio.c index 16a0d3a..af34a14 100644 --- a/netio.c +++ b/netio.c @@ -100,7 +100,7 @@ static void connect_try_next(struct dropbear_progress_connection *c) { if (c->writequeue) { /* 6 is arbitrary, enough to hold initial packets */ - int iovlen = 6; /* Linux msg_iovlen is a size_t */ + unsigned int iovlen = 6; /* Linux msg_iovlen is a size_t */ struct iovec iov[6]; packet_queue_to_iovec(c->writequeue, iov, &iovlen); message.msg_iov = iov; diff --git a/rsa.c b/rsa.c index 193e577..25fbfe7 100644 --- a/rsa.c +++ b/rsa.c @@ -174,7 +174,7 @@ void buf_put_rsa_pub_key(buffer* buf, dropbear_rsa_key *key) { TRACE(("enter buf_put_rsa_pub_key")) dropbear_assert(key != NULL); - buf_putstring(buf, SSH_SIGNKEY_RSA, SSH_SIGNKEY_RSA_LEN); + buf_putstring(buf, (const unsigned char *) SSH_SIGNKEY_RSA, SSH_SIGNKEY_RSA_LEN); buf_putmpint(buf, key->e); buf_putmpint(buf, key->n); @@ -327,7 +327,7 @@ void buf_put_rsa_sign(buffer* buf, dropbear_rsa_key *key, buffer *data_buf) { mp_clear_multi(&rsa_tmp1, &rsa_tmp2, &rsa_tmp3, NULL); /* create the signature to return */ - buf_putstring(buf, SSH_SIGNKEY_RSA, SSH_SIGNKEY_RSA_LEN); + buf_putstring(buf, (const unsigned char *) SSH_SIGNKEY_RSA, SSH_SIGNKEY_RSA_LEN); nsize = mp_unsigned_bin_size(key->n); diff --git a/signkey.c b/signkey.c index 10a63f2..4b5fb0d 100644 --- a/signkey.c +++ b/signkey.c @@ -138,14 +138,14 @@ signkey_key_ptr(sign_key *key, enum signkey_type type) { * on return is set to the type read (useful when type = _ANY) */ int buf_get_pub_key(buffer *buf, sign_key *key, enum signkey_type *type) { - unsigned char* ident; + char *ident; unsigned int len; enum signkey_type keytype; int ret = DROPBEAR_FAILURE; TRACE2(("enter buf_get_pub_key")) - ident = buf_getstring(buf, &len); + ident = (char *) buf_getstring(buf, &len); keytype = signkey_type_from_name(ident, len); m_free(ident); @@ -209,14 +209,14 @@ int buf_get_pub_key(buffer *buf, sign_key *key, enum signkey_type *type) { * on return is set to the type read (useful when type = _ANY) */ int buf_get_priv_key(buffer *buf, sign_key *key, enum signkey_type *type) { - unsigned char* ident; + char *ident; unsigned int len; enum signkey_type keytype; int ret = DROPBEAR_FAILURE; TRACE2(("enter buf_get_priv_key")) - ident = buf_getstring(buf, &len); + ident = (char *)buf_getstring(buf, &len); keytype = signkey_type_from_name(ident, len); m_free(ident); @@ -515,14 +515,14 @@ void buf_put_sign(buffer* buf, sign_key *key, enum signkey_type type, * signature blob */ int buf_verify(buffer * buf, sign_key *key, buffer *data_buf) { - unsigned char * type_name = NULL; + char *type_name = NULL; unsigned int type_name_len = 0; enum signkey_type type; TRACE(("enter buf_verify")) buf_getint(buf); /* blob length */ - type_name = buf_getstring(buf, &type_name_len); + type_name = (char *) buf_getstring(buf, &type_name_len); type = signkey_type_from_name(type_name, type_name_len); m_free(type_name); diff --git a/svr-auth.c b/svr-auth.c index 89760ef..fc99063 100644 --- a/svr-auth.c +++ b/svr-auth.c @@ -89,7 +89,7 @@ void send_msg_userauth_banner(buffer *banner) { buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_BANNER); buf_putbufstring(ses.writepayload, banner); - buf_putstring(ses.writepayload, "en", 2); + buf_putstring(ses.writepayload, (const unsigned char *)"en", 2); encrypt_packet(); @@ -333,14 +333,14 @@ void send_msg_userauth_failure(int partial, int incrfail) { typebuf = buf_new(30); /* long enough for PUBKEY and PASSWORD */ if (ses.authstate.authtypes & AUTH_TYPE_PUBKEY) { - buf_putbytes(typebuf, AUTH_METHOD_PUBKEY, AUTH_METHOD_PUBKEY_LEN); + buf_putbytes(typebuf, (const unsigned char *)AUTH_METHOD_PUBKEY, AUTH_METHOD_PUBKEY_LEN); if (ses.authstate.authtypes & AUTH_TYPE_PASSWORD) { buf_putbyte(typebuf, ','); } } if (ses.authstate.authtypes & AUTH_TYPE_PASSWORD) { - buf_putbytes(typebuf, AUTH_METHOD_PASSWORD, AUTH_METHOD_PASSWORD_LEN); + buf_putbytes(typebuf, (const unsigned char *)AUTH_METHOD_PASSWORD, AUTH_METHOD_PASSWORD_LEN); } buf_putbufstring(ses.writepayload, typebuf); diff --git a/svr-authpubkey.c b/svr-authpubkey.c index e8af319..82769eb 100644 --- a/svr-authpubkey.c +++ b/svr-authpubkey.c @@ -260,9 +260,9 @@ static int checkpubkey(unsigned char* algo, unsigned int algolen, /* check the key type - will fail if there are options */ TRACE(("a line!")) - if (strncmp(buf_getptr(line, algolen), algo, algolen) != 0) { + if (strncmp((const char *) buf_getptr(line, algolen), algo, algolen) != 0) { int is_comment = 0; - char *options_start = NULL; + unsigned char *options_start = NULL; int options_len = 0; int escape, quoted; @@ -308,7 +308,7 @@ static int checkpubkey(unsigned char* algo, unsigned int algolen, if (line->pos + algolen+3 > line->len) { continue; } - if (strncmp(buf_getptr(line, algolen), algo, algolen) != 0) { + if (strncmp((const char *) buf_getptr(line, algolen), algo, algolen) != 0) { continue; } } diff --git a/svr-authpubkeyoptions.c b/svr-authpubkeyoptions.c index 71d7c14..c296141 100644 --- a/svr-authpubkeyoptions.c +++ b/svr-authpubkeyoptions.c @@ -120,7 +120,7 @@ static int match_option(buffer *options_buf, const char *opt_name) { if (options_buf->len - options_buf->pos < len) { return DROPBEAR_FAILURE; } - if (strncasecmp(buf_getptr(options_buf, len), opt_name, len) == 0) { + if (strncasecmp((const char *) buf_getptr(options_buf, len), opt_name, len) == 0) { buf_incrpos(options_buf, len); return DROPBEAR_SUCCESS; } diff --git a/svr-chansession.c b/svr-chansession.c index 6d08d3f..1bc4da7 100644 --- a/svr-chansession.c +++ b/svr-chansession.c @@ -183,7 +183,7 @@ static void send_msg_chansess_exitstatus(struct Channel * channel, buf_putbyte(ses.writepayload, SSH_MSG_CHANNEL_REQUEST); buf_putint(ses.writepayload, channel->remotechan); - buf_putstring(ses.writepayload, "exit-status", 11); + buf_putstring(ses.writepayload, (const unsigned char *) "exit-status", 11); buf_putbyte(ses.writepayload, 0); /* boolean FALSE */ buf_putint(ses.writepayload, chansess->exit.exitstatus); @@ -219,12 +219,12 @@ static void send_msg_chansess_exitsignal(struct Channel * channel, buf_putbyte(ses.writepayload, SSH_MSG_CHANNEL_REQUEST); buf_putint(ses.writepayload, channel->remotechan); - buf_putstring(ses.writepayload, "exit-signal", 11); + buf_putstring(ses.writepayload, (const unsigned char *) "exit-signal", 11); buf_putbyte(ses.writepayload, 0); /* boolean FALSE */ buf_putstring(ses.writepayload, signame, strlen(signame)); buf_putbyte(ses.writepayload, chansess->exit.exitcore); - buf_putstring(ses.writepayload, "", 0); /* error msg */ - buf_putstring(ses.writepayload, "", 0); /* lang */ + buf_putstring(ses.writepayload, (const unsigned char *) "", 0); /* error msg */ + buf_putstring(ses.writepayload, (const unsigned char *) "", 0); /* lang */ encrypt_packet(); } @@ -557,7 +557,7 @@ static void get_termmodes(struct ChanSess *chansess) { static int sessionpty(struct ChanSess * chansess) { unsigned int termlen; - unsigned char namebuf[65]; + char namebuf[65]; struct passwd * pw = NULL; TRACE(("enter sessionpty")) diff --git a/svr-tcpfwd.c b/svr-tcpfwd.c index b3928bc..490ec5c 100644 --- a/svr-tcpfwd.c +++ b/svr-tcpfwd.c @@ -237,7 +237,7 @@ static int newtcpdirect(struct Channel * channel) { unsigned char* orighost = NULL; unsigned int origport; char portstring[NI_MAXSERV]; - int len; + unsigned int len; int err = SSH_OPEN_ADMINISTRATIVELY_PROHIBITED; TRACE(("newtcpdirect channel %d", channel->index)) diff --git a/svr-x11fwd.c b/svr-x11fwd.c index 6400c06..d11ff4e 100644 --- a/svr-x11fwd.c +++ b/svr-x11fwd.c @@ -58,8 +58,8 @@ int x11req(struct ChanSess * chansess) { } chansess->x11singleconn = buf_getbool(ses.payload); - chansess->x11authprot = buf_getstring(ses.payload, NULL); - chansess->x11authcookie = buf_getstring(ses.payload, NULL); + chansess->x11authprot = (char *)buf_getstring(ses.payload, NULL); + chansess->x11authcookie = (char *)buf_getstring(ses.payload, NULL); chansess->x11screennum = buf_getint(ses.payload); /* create listening socket */ @@ -203,7 +203,7 @@ static int send_msg_channel_open_x11(int fd, struct sockaddr_in* addr) { if (send_msg_channel_open_init(fd, &chan_x11) == DROPBEAR_SUCCESS) { ipstring = inet_ntoa(addr->sin_addr); - buf_putstring(ses.writepayload, ipstring, strlen(ipstring)); + buf_putstring(ses.writepayload, (const unsigned char *)ipstring, strlen(ipstring)); buf_putint(ses.writepayload, addr->sin_port); encrypt_packet(); diff --git a/tcp-accept.c b/tcp-accept.c index 35be32d..596d9c9 100644 --- a/tcp-accept.c +++ b/tcp-accept.c @@ -98,7 +98,7 @@ static void tcp_acceptor(struct Listener *listener, int sock) { buf_putint(ses.writepayload, port); /* originator ip */ - buf_putstring(ses.writepayload, ipstring, strlen(ipstring)); + buf_putstring(ses.writepayload, (const unsigned char *)ipstring, strlen(ipstring)); /* originator port */ buf_putint(ses.writepayload, atol(portstring)); From 18638859e6cce9289700cdf0a55af207521d3b1d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20PORTAY?= Date: Sat, 2 May 2015 15:58:33 +0200 Subject: [PATCH 05/32] Expect len to be a type of socklen_t [-Werror=pointer-sign] --- svr-x11fwd.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/svr-x11fwd.c b/svr-x11fwd.c index d11ff4e..ad1e7d4 100644 --- a/svr-x11fwd.c +++ b/svr-x11fwd.c @@ -107,7 +107,7 @@ static void x11accept(struct Listener* listener, int sock) { int fd; struct sockaddr_in addr; - int len; + socklen_t len; int ret; struct ChanSess * chansess = (struct ChanSess *)(listener->typedata); From c239baf801168d02dc781bcc7d1de42d2da96ec2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20PORTAY?= Date: Sat, 2 May 2015 13:48:16 +0200 Subject: [PATCH 06/32] Turn addrandom()'s buf argument into unsigned char * Data is usually represented as "unsigned char *" like genrandom(). --- dbrandom.c | 2 +- dbrandom.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/dbrandom.c b/dbrandom.c index cf280f4..02e7803 100644 --- a/dbrandom.c +++ b/dbrandom.c @@ -141,7 +141,7 @@ out: return ret; } -void addrandom(char * buf, unsigned int len) +void addrandom(unsigned char * buf, unsigned int len) { hash_state hs; diff --git a/dbrandom.h b/dbrandom.h index 3434f69..6e262f3 100644 --- a/dbrandom.h +++ b/dbrandom.h @@ -29,7 +29,7 @@ void seedrandom(); void genrandom(unsigned char* buf, unsigned int len); -void addrandom(char * buf, unsigned int len); +void addrandom(unsigned char * buf, unsigned int len); void gen_random_mpint(mp_int *max, mp_int *rand); #endif /* DROPBEAR_RANDOM_H_ */ From 50b14f696c960d2658cd6848cc8426311e7a452c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20PORTAY?= Date: Sat, 2 May 2015 13:58:05 +0200 Subject: [PATCH 07/32] Turn start_send_channel_request()'s type argument into char * --- channel.h | 2 +- cli-chansession.c | 2 +- common-channel.c | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/channel.h b/channel.h index d16cb03..c73fbe8 100644 --- a/channel.h +++ b/channel.h @@ -135,7 +135,7 @@ int send_msg_channel_open_init(int fd, const struct ChanType *type); void recv_msg_channel_open_confirmation(); void recv_msg_channel_open_failure(); #endif -void start_send_channel_request(struct Channel *channel, unsigned char *type); +void start_send_channel_request(struct Channel *channel, char *type); void send_msg_request_success(); void send_msg_request_failure(); diff --git a/cli-chansession.c b/cli-chansession.c index 9895f13..4e55287 100644 --- a/cli-chansession.c +++ b/cli-chansession.c @@ -305,7 +305,7 @@ static void send_chansess_pty_req(struct Channel *channel) { static void send_chansess_shell_req(struct Channel *channel) { - unsigned char* reqtype = NULL; + char* reqtype = NULL; TRACE(("enter send_chansess_shell_req")) diff --git a/common-channel.c b/common-channel.c index a2ab985..6d69de9 100644 --- a/common-channel.c +++ b/common-channel.c @@ -1244,12 +1244,12 @@ struct Channel* get_any_ready_channel() { } void start_send_channel_request(struct Channel *channel, - unsigned char *type) { + char *type) { CHECKCLEARTOWRITE(); buf_putbyte(ses.writepayload, SSH_MSG_CHANNEL_REQUEST); buf_putint(ses.writepayload, channel->remotechan); - buf_putstring(ses.writepayload, type, strlen(type)); + buf_putstring(ses.writepayload, (const unsigned char *) type, strlen(type)); } From 1601a657d4168a50949d14ae683a49e65986f51f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20PORTAY?= Date: Sat, 2 May 2015 14:56:57 +0200 Subject: [PATCH 08/32] Turn send_msg_channel_open_failure()'s text and lang into const char * --- common-channel.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/common-channel.c b/common-channel.c index 6d69de9..a4fd787 100644 --- a/common-channel.c +++ b/common-channel.c @@ -38,7 +38,7 @@ #include "netio.h" static void send_msg_channel_open_failure(unsigned int remotechan, int reason, - const unsigned char *text, const unsigned char *lang); + const char *text, const char *lang); static void send_msg_channel_open_confirmation(struct Channel* channel, unsigned int recvwindow, unsigned int recvmaxpacket); @@ -1039,7 +1039,7 @@ void send_msg_channel_success(struct Channel *channel) { /* Send a channel open failure message, with a corresponding reason * code (usually resource shortage or unknown chan type) */ static void send_msg_channel_open_failure(unsigned int remotechan, - int reason, const unsigned char *text, const unsigned char *lang) { + int reason, const char *text, const char *lang) { TRACE(("enter send_msg_channel_open_failure")) CHECKCLEARTOWRITE(); @@ -1047,8 +1047,8 @@ static void send_msg_channel_open_failure(unsigned int remotechan, buf_putbyte(ses.writepayload, SSH_MSG_CHANNEL_OPEN_FAILURE); buf_putint(ses.writepayload, remotechan); buf_putint(ses.writepayload, reason); - buf_putstring(ses.writepayload, text, strlen((char*)text)); - buf_putstring(ses.writepayload, lang, strlen((char*)lang)); + buf_putstring(ses.writepayload, (const unsigned char *) text, strlen(text)); + buf_putstring(ses.writepayload, (const unsigned char *) lang, strlen(lang)); encrypt_packet(); TRACE(("leave send_msg_channel_open_failure")) From 61726df20cea04ff09bbfdf4ca77519cf4b9088d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20PORTAY?= Date: Sat, 2 May 2015 15:09:05 +0200 Subject: [PATCH 09/32] Turn sendaddr, listenaddr and request_listenaddr local variables into char * --- tcpfwd.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tcpfwd.h b/tcpfwd.h index 51a1575..cd04fcd 100644 --- a/tcpfwd.h +++ b/tcpfwd.h @@ -31,16 +31,16 @@ struct TCPListener { /* For a direct-tcpip request, it's the addr/port we want the other * end to connect to */ - unsigned char *sendaddr; + char *sendaddr; unsigned int sendport; /* This is the address/port that we listen on. The address has special * meanings as per the rfc, "" for all interfaces, "localhost" for * localhost, or a normal interface name. */ - unsigned char *listenaddr; + char *listenaddr; unsigned int listenport; /* The address that the remote host asked to listen on */ - unsigned char *request_listenaddr; + char *request_listenaddr; const struct ChanType *chantype; enum {direct, forwarded} tcp_type; From 6086851fc1d8e0d149d2ec4acd7521f7c5d860ac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20PORTAY?= Date: Sat, 2 May 2015 12:16:06 +0200 Subject: [PATCH 10/32] Fix unused parameters warnings [-Werror=unused-parameter] --- libtomcrypt/src/ciphers/aes/aes.c | 1 + libtomcrypt/src/ciphers/des.c | 1 + libtomcrypt/src/ciphers/twofish/twofish.c | 1 + libtomcrypt/src/hashes/helper/hash_file.c | 1 + libtomcrypt/src/hashes/helper/hash_filehandle.c | 1 + libtomcrypt/src/mac/hmac/hmac_file.c | 1 + 6 files changed, 6 insertions(+) diff --git a/libtomcrypt/src/ciphers/aes/aes.c b/libtomcrypt/src/ciphers/aes/aes.c index 74798e8..ee76b24 100644 --- a/libtomcrypt/src/ciphers/aes/aes.c +++ b/libtomcrypt/src/ciphers/aes/aes.c @@ -728,6 +728,7 @@ int ECB_TEST(void) */ void ECB_DONE(symmetric_key *skey) { + (void)skey; } diff --git a/libtomcrypt/src/ciphers/des.c b/libtomcrypt/src/ciphers/des.c index e505b14..6005e84 100644 --- a/libtomcrypt/src/ciphers/des.c +++ b/libtomcrypt/src/ciphers/des.c @@ -1871,6 +1871,7 @@ void des_done(symmetric_key *skey) */ void des3_done(symmetric_key *skey) { + (void)skey; } diff --git a/libtomcrypt/src/ciphers/twofish/twofish.c b/libtomcrypt/src/ciphers/twofish/twofish.c index 9e6d0d4..8f81bdd 100644 --- a/libtomcrypt/src/ciphers/twofish/twofish.c +++ b/libtomcrypt/src/ciphers/twofish/twofish.c @@ -684,6 +684,7 @@ int twofish_test(void) */ void twofish_done(symmetric_key *skey) { + (void)skey; } /** diff --git a/libtomcrypt/src/hashes/helper/hash_file.c b/libtomcrypt/src/hashes/helper/hash_file.c index a92025c..df31606 100644 --- a/libtomcrypt/src/hashes/helper/hash_file.c +++ b/libtomcrypt/src/hashes/helper/hash_file.c @@ -25,6 +25,7 @@ int hash_file(int hash, const char *fname, unsigned char *out, unsigned long *outlen) { #ifdef LTC_NO_FILE + (void)hash; (void)fname; (void)out; (void)outlen; return CRYPT_NOP; #else FILE *in; diff --git a/libtomcrypt/src/hashes/helper/hash_filehandle.c b/libtomcrypt/src/hashes/helper/hash_filehandle.c index be2cbf9..03155ea 100644 --- a/libtomcrypt/src/hashes/helper/hash_filehandle.c +++ b/libtomcrypt/src/hashes/helper/hash_filehandle.c @@ -26,6 +26,7 @@ int hash_filehandle(int hash, FILE *in, unsigned char *out, unsigned long *outlen) { #ifdef LTC_NO_FILE + (void)hash; (void)in; (void)out; (void)outlen; return CRYPT_NOP; #else hash_state md; diff --git a/libtomcrypt/src/mac/hmac/hmac_file.c b/libtomcrypt/src/mac/hmac/hmac_file.c index b296320..d7c40b1 100644 --- a/libtomcrypt/src/mac/hmac/hmac_file.c +++ b/libtomcrypt/src/mac/hmac/hmac_file.c @@ -32,6 +32,7 @@ int hmac_file(int hash, const char *fname, unsigned char *out, unsigned long *outlen) { #ifdef LTC_NO_FILE + (void)hash; (void)fname; (void)key; (void)keylen; (void)out; (void)outlen; return CRYPT_NOP; #else hmac_state hmac; From d680a9e3fbbfe58b2b4803b45f41a9b2a8fde620 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20PORTAY?= Date: Sat, 2 May 2015 15:26:05 +0200 Subject: [PATCH 11/32] Turn username, servicename and methodname local variables into char * Changing checkusername()'s username argument into char * as well. --- svr-auth.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/svr-auth.c b/svr-auth.c index fc99063..44f8f13 100644 --- a/svr-auth.c +++ b/svr-auth.c @@ -36,7 +36,7 @@ #include "dbrandom.h" static void authclear(); -static int checkusername(unsigned char *username, unsigned int userlen); +static int checkusername(char *username, unsigned int userlen); /* initialise the first time for a session, resetting all parameters */ void svr_authinitialise() { @@ -100,7 +100,7 @@ void send_msg_userauth_banner(buffer *banner) { * checking, and handle success or failure */ void recv_msg_userauth_request() { - unsigned char *username = NULL, *servicename = NULL, *methodname = NULL; + char *username = NULL, *servicename = NULL, *methodname = NULL; unsigned int userlen, servicelen, methodlen; int valid_user = 0; @@ -119,9 +119,9 @@ void recv_msg_userauth_request() { svr_opts.banner = NULL; } - username = buf_getstring(ses.payload, &userlen); - servicename = buf_getstring(ses.payload, &servicelen); - methodname = buf_getstring(ses.payload, &methodlen); + username = (char *)buf_getstring(ses.payload, &userlen); + servicename = (char *)buf_getstring(ses.payload, &servicelen); + methodname = (char *)buf_getstring(ses.payload, &methodlen); /* only handle 'ssh-connection' currently */ if (servicelen != SSH_SERVICE_CONNECTION_LEN @@ -227,7 +227,7 @@ out: /* Check that the username exists and isn't disallowed (root), and has a valid shell. * returns DROPBEAR_SUCCESS on valid username, DROPBEAR_FAILURE on failure */ -static int checkusername(unsigned char *username, unsigned int userlen) { +static int checkusername(char *username, unsigned int userlen) { char* listshell = NULL; char* usershell = NULL; From 3e91ec07e464ffc0f039283f6078b34e596b2086 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20PORTAY?= Date: Sat, 2 May 2015 12:18:22 +0200 Subject: [PATCH 12/32] Fix unused but set variable warnings [-Werror=unused-but-set-variable] --- libtomcrypt/src/ciphers/aes/aes.c | 9 ++++++++- libtomcrypt/src/pk/ecc/ltc_ecc_mulmod_timing.c | 4 +--- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/libtomcrypt/src/ciphers/aes/aes.c b/libtomcrypt/src/ciphers/aes/aes.c index ee76b24..55f6333 100644 --- a/libtomcrypt/src/ciphers/aes/aes.c +++ b/libtomcrypt/src/ciphers/aes/aes.c @@ -122,9 +122,10 @@ static ulong32 setup_mix2(ulong32 temp) */ int SETUP(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey) { - int i, j; + int i; ulong32 temp, *rk; #ifndef ENCRYPT_ONLY + int j; ulong32 *rrk; #endif LTC_ARGCHK(key != NULL); @@ -148,7 +149,9 @@ int SETUP(const unsigned char *key, int keylen, int num_rounds, symmetric_key *s LOAD32H(rk[2], key + 8); LOAD32H(rk[3], key + 12); if (keylen == 16) { + #ifndef ENCRYPT_ONLY j = 44; + #endif for (;;) { temp = rk[3]; rk[4] = rk[0] ^ setup_mix(temp) ^ rcon[i]; @@ -161,7 +164,9 @@ int SETUP(const unsigned char *key, int keylen, int num_rounds, symmetric_key *s rk += 4; } } else if (keylen == 24) { + #ifndef ENCRYPT_ONLY j = 52; + #endif LOAD32H(rk[4], key + 16); LOAD32H(rk[5], key + 20); for (;;) { @@ -182,7 +187,9 @@ int SETUP(const unsigned char *key, int keylen, int num_rounds, symmetric_key *s rk += 6; } } else if (keylen == 32) { + #ifndef ENCRYPT_ONLY j = 60; + #endif LOAD32H(rk[4], key + 16); LOAD32H(rk[5], key + 20); LOAD32H(rk[6], key + 24); diff --git a/libtomcrypt/src/pk/ecc/ltc_ecc_mulmod_timing.c b/libtomcrypt/src/pk/ecc/ltc_ecc_mulmod_timing.c index b94a50c..8cbcdf3 100644 --- a/libtomcrypt/src/pk/ecc/ltc_ecc_mulmod_timing.c +++ b/libtomcrypt/src/pk/ecc/ltc_ecc_mulmod_timing.c @@ -40,7 +40,7 @@ int ltc_ecc_mulmod(void *k, ecc_point *G, ecc_point *R, void *modulus, int map) int i, j, err; void *mu, *mp; unsigned long buf; - int first, bitbuf, bitcpy, bitcnt, mode, digidx; + int bitcnt, mode, digidx; LTC_ARGCHK(k != NULL); LTC_ARGCHK(G != NULL); @@ -98,8 +98,6 @@ int ltc_ecc_mulmod(void *k, ecc_point *G, ecc_point *R, void *modulus, int map) bitcnt = 1; buf = 0; digidx = mp_get_digit_count(k) - 1; - bitcpy = bitbuf = 0; - first = 1; /* perform ops */ for (;;) { From 7928d83b02f0d2fb1f7d5ac886baf3724a9561a3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20PORTAY?= Date: Sat, 2 May 2015 16:08:08 +0200 Subject: [PATCH 13/32] Turn cleantext()'s dirtytext argument into char * --- cli-session.c | 4 ++-- session.h | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/cli-session.c b/cli-session.c index 1d5f998..8bf530c 100644 --- a/cli-session.c +++ b/cli-session.c @@ -372,10 +372,10 @@ static void cli_remoteclosed() { /* Operates in-place turning dirty (untrusted potentially containing control * characters) text into clean text. * Note: this is safe only with ascii - other charsets could have problems. */ -void cleantext(unsigned char* dirtytext) { +void cleantext(char* dirtytext) { unsigned int i, j; - unsigned char c; + char c; j = 0; for (i = 0; dirtytext[i] != '\0'; i++) { diff --git a/session.h b/session.h index 0059d94..0c96075 100644 --- a/session.h +++ b/session.h @@ -63,7 +63,7 @@ void svr_dropbear_log(int priority, const char* format, va_list param); /* Client */ void cli_session(int sock_in, int sock_out, struct dropbear_progress_connection *progress) ATTRIB_NORETURN; void cli_connected(int result, int sock, void* userdata, const char *errstring); -void cleantext(unsigned char* dirtytext); +void cleantext(char* dirtytext); /* crypto parameters that are stored individually for transmit and receive */ struct key_context_directional { From ef0aac432c986f52a1b973bcd73ddf7324e0e70f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20PORTAY?= Date: Sat, 2 May 2015 16:02:22 +0200 Subject: [PATCH 14/32] Fix unused make_connection_string() warning [-Werror=unused-function] This function is used when USE_VFORK is unset. --- svr-chansession.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/svr-chansession.c b/svr-chansession.c index 5bed8fc..6d08d3f 100644 --- a/svr-chansession.c +++ b/svr-chansession.c @@ -603,6 +603,7 @@ static int sessionpty(struct ChanSess * chansess) { return DROPBEAR_SUCCESS; } +#ifndef USE_VFORK static void make_connection_string(struct ChanSess *chansess) { char *local_ip, *local_port, *remote_ip, *remote_port; size_t len; @@ -624,6 +625,7 @@ static void make_connection_string(struct ChanSess *chansess) { m_free(remote_ip); m_free(remote_port); } +#endif /* Handle a command request from the client. This is used for both shell * and command-execution requests, and passes the command to From 9f975113564ba06a521aab33f0ab30206ab6d7c8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20PORTAY?= Date: Sat, 2 May 2015 16:01:13 +0200 Subject: [PATCH 15/32] Turn ChanSess's tty and term attributes into char * --- chansession.h | 4 ++-- svr-chansession.c | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/chansession.h b/chansession.h index 3dd58ac..66f5504 100644 --- a/chansession.h +++ b/chansession.h @@ -45,8 +45,8 @@ struct ChanSess { /* pty details */ int master; /* the master terminal fd*/ int slave; - unsigned char * tty; - unsigned char * term; + char * tty; + char * term; /* exit details */ struct exitinfo exit; diff --git a/svr-chansession.c b/svr-chansession.c index 1bc4da7..a27c8f9 100644 --- a/svr-chansession.c +++ b/svr-chansession.c @@ -567,7 +567,7 @@ static int sessionpty(struct ChanSess * chansess) { return DROPBEAR_FAILURE; } - chansess->term = buf_getstring(ses.payload, &termlen); + chansess->term = (char *) buf_getstring(ses.payload, &termlen); if (termlen > MAX_TERM_LEN) { /* TODO send disconnect ? */ TRACE(("leave sessionpty: term len too long")) @@ -583,7 +583,7 @@ static int sessionpty(struct ChanSess * chansess) { return DROPBEAR_FAILURE; } - chansess->tty = (char*)m_strdup(namebuf); + chansess->tty = m_strdup(namebuf); if (!chansess->tty) { dropbear_exit("Out of memory"); /* TODO disconnect */ } From e5ce3fc51b72d3699f527276ef7c5100bd1c3135 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20PORTAY?= Date: Sun, 3 May 2015 01:12:24 +0200 Subject: [PATCH 16/32] Turn type local variable into char * --- svr-chansession.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/svr-chansession.c b/svr-chansession.c index a27c8f9..c496ff9 100644 --- a/svr-chansession.c +++ b/svr-chansession.c @@ -343,7 +343,7 @@ static void closechansess(struct Channel *channel) { * or x11/authagent forwarding. These are passed to appropriate handlers */ static void chansessionrequest(struct Channel *channel) { - unsigned char * type = NULL; + char * type = NULL; unsigned int typelen; unsigned char wantreply; int ret = 1; @@ -351,7 +351,7 @@ static void chansessionrequest(struct Channel *channel) { TRACE(("enter chansessionrequest")) - type = buf_getstring(ses.payload, &typelen); + type = (char *) buf_getstring(ses.payload, &typelen); wantreply = buf_getbool(ses.payload); if (typelen > MAX_NAME_LEN) { From 59235276acff7aa05f680ece0a7bf6946589aa21 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20PORTAY?= Date: Sat, 2 May 2015 16:30:59 +0200 Subject: [PATCH 17/32] Turn get_response()'s return type and prompt argument into char * --- cli-authinteract.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/cli-authinteract.c b/cli-authinteract.c index 192a54e..a7987eb 100644 --- a/cli-authinteract.c +++ b/cli-authinteract.c @@ -31,10 +31,10 @@ #ifdef ENABLE_CLI_INTERACT_AUTH -static unsigned char* get_response(unsigned char* prompt) +static char* get_response(char* prompt) { FILE* tty = NULL; - unsigned char* response = NULL; + char* response = NULL; /* not a password, but a reasonable limit */ char buf[DROPBEAR_MAX_CLI_PASS]; char* ret = NULL; @@ -50,13 +50,13 @@ static unsigned char* get_response(unsigned char* prompt) } if (ret == NULL) { - response = (unsigned char*)m_strdup(""); + response = m_strdup(""); } else { unsigned int buflen = strlen(buf); /* fgets includes newlines */ if (buflen > 0 && buf[buflen-1] == '\n') buf[buflen-1] = '\0'; - response = (unsigned char*)m_strdup(buf); + response = m_strdup(buf); } m_burn(buf, sizeof(buf)); @@ -71,9 +71,9 @@ void recv_msg_userauth_info_request() { unsigned int num_prompts = 0; unsigned int i; - unsigned char *prompt = NULL; + char *prompt = NULL; unsigned int echo = 0; - unsigned char *response = NULL; + char *response = NULL; TRACE(("enter recv_msg_recv_userauth_info_request")) @@ -115,13 +115,13 @@ void recv_msg_userauth_info_request() { for (i = 0; i < num_prompts; i++) { unsigned int response_len = 0; - prompt = buf_getstring(ses.payload, NULL); + prompt = (char *)buf_getstring(ses.payload, NULL); cleantext(prompt); echo = buf_getbool(ses.payload); if (!echo) { - unsigned char* p = getpass_or_cancel(prompt); + char* p = getpass_or_cancel(prompt); response = m_strdup(p); m_burn(p, strlen(p)); } else { @@ -129,7 +129,7 @@ void recv_msg_userauth_info_request() { } response_len = strlen(response); - buf_putstring(ses.writepayload, response, response_len); + buf_putstring(ses.writepayload, (const unsigned char *)response, response_len); m_burn(response, response_len); m_free(prompt); m_free(response); From bd6c37adb6a5c3e341788a4255c138e0d71ecb48 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20PORTAY?= Date: Sat, 2 May 2015 22:24:02 +0200 Subject: [PATCH 18/32] Turn local key_indent variable into char * --- ecdsa.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/ecdsa.c b/ecdsa.c index 4fee796..8f4c6a9 100644 --- a/ecdsa.c +++ b/ecdsa.c @@ -140,11 +140,11 @@ ecc_key *buf_get_ecdsa_priv_key(buffer *buf) { void buf_put_ecdsa_pub_key(buffer *buf, ecc_key *key) { struct dropbear_ecc_curve *curve = NULL; - unsigned char key_ident[30]; + char key_ident[30]; curve = curve_for_dp(key->dp); - snprintf((char*)key_ident, sizeof(key_ident), "ecdsa-sha2-%s", curve->name); - buf_putstring(buf, key_ident, strlen(key_ident)); + snprintf(key_ident, sizeof(key_ident), "ecdsa-sha2-%s", curve->name); + buf_putstring(buf, (const unsigned char *) key_ident, strlen(key_ident)); buf_putstring(buf, curve->name, strlen(curve->name)); buf_put_ecc_raw_pubkey_string(buf, key); } @@ -161,7 +161,7 @@ void buf_put_ecdsa_sign(buffer *buf, ecc_key *key, buffer *data_buf) { hash_state hs; unsigned char hash[64]; void *e = NULL, *p = NULL, *s = NULL, *r; - unsigned char key_ident[30]; + char key_ident[30]; buffer *sigbuf = NULL; TRACE(("buf_put_ecdsa_sign")) @@ -222,8 +222,8 @@ void buf_put_ecdsa_sign(buffer *buf, ecc_key *key, buffer *data_buf) { } } - snprintf((char*)key_ident, sizeof(key_ident), "ecdsa-sha2-%s", curve->name); - buf_putstring(buf, key_ident, strlen(key_ident)); + snprintf(key_ident, sizeof(key_ident), "ecdsa-sha2-%s", curve->name); + buf_putstring(buf, (const unsigned char *) key_ident, strlen(key_ident)); /* enough for nistp521 */ sigbuf = buf_new(200); buf_putmpint(sigbuf, (mp_int*)r); From 6b90885d4f8699e8607481422a43ec72fa84f295 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20PORTAY?= Date: Sat, 2 May 2015 22:37:08 +0200 Subject: [PATCH 19/32] Turn Algo_Type's name attribute into const char * --- algo.h | 2 +- common-algo.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/algo.h b/algo.h index 5b7b874..49c4f41 100644 --- a/algo.h +++ b/algo.h @@ -35,7 +35,7 @@ struct Algo_Type { - const unsigned char *name; /* identifying name */ + const char *name; /* identifying name */ char val; /* a value for this cipher, or -1 for invalid */ const void *data; /* algorithm specific data */ char usable; /* whether we can use this algorithm */ diff --git a/common-algo.c b/common-algo.c index 0886a2b..76d3977 100644 --- a/common-algo.c +++ b/common-algo.c @@ -322,7 +322,7 @@ void buf_put_algolist(buffer * buf, algo_type localalgos[]) { buf_putbyte(algolist, ','); donefirst = 1; len = strlen(localalgos[i].name); - buf_putbytes(algolist, localalgos[i].name, len); + buf_putbytes(algolist, (const unsigned char *) localalgos[i].name, len); } } buf_putstring(buf, algolist->data, algolist->len); From 449ddae628ea23f8b1e7179ab3ff2c81cffa57a0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20PORTAY?= Date: Sat, 2 May 2015 13:59:41 +0200 Subject: [PATCH 20/32] Turn dropbear_ecc_curve's name into const char * --- ecc.h | 2 +- ecdsa.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ecc.h b/ecc.h index 703c717..93f85cf 100644 --- a/ecc.h +++ b/ecc.h @@ -12,7 +12,7 @@ struct dropbear_ecc_curve { int ltc_size; /* to match the byte sizes in ltc_ecc_sets[] */ const ltc_ecc_set_type *dp; /* curve domain parameters */ const struct ltc_hash_descriptor *hash_desc; - const unsigned char *name; + const char *name; }; extern struct dropbear_ecc_curve ecc_curve_nistp256; diff --git a/ecdsa.c b/ecdsa.c index 8f4c6a9..f5c7755 100644 --- a/ecdsa.c +++ b/ecdsa.c @@ -145,7 +145,7 @@ void buf_put_ecdsa_pub_key(buffer *buf, ecc_key *key) { curve = curve_for_dp(key->dp); snprintf(key_ident, sizeof(key_ident), "ecdsa-sha2-%s", curve->name); buf_putstring(buf, (const unsigned char *) key_ident, strlen(key_ident)); - buf_putstring(buf, curve->name, strlen(curve->name)); + buf_putstring(buf, (const unsigned char *) curve->name, strlen(curve->name)); buf_put_ecc_raw_pubkey_string(buf, key); } From 947d2697cf01acd28ce7eb619dbcec2ac4a0e381 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20PORTAY?= Date: Sat, 2 May 2015 22:48:11 +0200 Subject: [PATCH 21/32] Turn sshsession's remoteident attribute into char * --- common-kex.c | 6 +++--- session.h | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/common-kex.c b/common-kex.c index c823f19..4de4b52 100644 --- a/common-kex.c +++ b/common-kex.c @@ -511,7 +511,7 @@ void recv_msg_kexinit() { /* start the kex hash */ local_ident_len = strlen(LOCAL_IDENT); - remote_ident_len = strlen((char*)ses.remoteident); + remote_ident_len = strlen(ses.remoteident); kexhashbuf_len = local_ident_len + remote_ident_len + ses.transkexinit->len + ses.payload->len @@ -528,7 +528,7 @@ void recv_msg_kexinit() { buf_putstring(ses.kexhashbuf, (unsigned char*)LOCAL_IDENT, local_ident_len); /* V_S, the server's version string (CR and NL excluded) */ - buf_putstring(ses.kexhashbuf, ses.remoteident, remote_ident_len); + buf_putstring(ses.kexhashbuf, (unsigned char*)ses.remoteident, remote_ident_len); /* I_C, the payload of the client's SSH_MSG_KEXINIT */ buf_putstring(ses.kexhashbuf, @@ -545,7 +545,7 @@ void recv_msg_kexinit() { /* read the peer's choice of algos */ read_kex_algos(); /* V_C, the client's version string (CR and NL excluded) */ - buf_putstring(ses.kexhashbuf, ses.remoteident, remote_ident_len); + buf_putstring(ses.kexhashbuf, (unsigned char*)ses.remoteident, remote_ident_len); /* V_S, the server's version string (CR and NL excluded) */ buf_putstring(ses.kexhashbuf, (unsigned char*)LOCAL_IDENT, local_ident_len); diff --git a/session.h b/session.h index 0c96075..99c96cb 100644 --- a/session.h +++ b/session.h @@ -115,7 +115,7 @@ struct sshsession { /* remotehost will be initially NULL as we delay * reading the remote version string. it will be set * by the time any recv_() packet methods are called */ - unsigned char *remoteident; + char *remoteident; int maxfd; /* the maximum file descriptor to check with select() */ From 6f05e810d99d55997544bf6a8130b5e357d8ce82 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20PORTAY?= Date: Sat, 2 May 2015 23:03:27 +0200 Subject: [PATCH 22/32] Turn addr local variable into char * --- tcp-accept.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tcp-accept.c b/tcp-accept.c index 596d9c9..fc9b4c1 100644 --- a/tcp-accept.c +++ b/tcp-accept.c @@ -75,7 +75,7 @@ static void tcp_acceptor(struct Listener *listener, int sock) { } if (send_msg_channel_open_init(fd, tcpinfo->chantype) == DROPBEAR_SUCCESS) { - unsigned char* addr = NULL; + char* addr = NULL; unsigned int port = 0; if (tcpinfo->tcp_type == direct) { @@ -94,7 +94,7 @@ static void tcp_acceptor(struct Listener *listener, int sock) { if (addr == NULL) { addr = "localhost"; } - buf_putstring(ses.writepayload, addr, strlen(addr)); + buf_putstring(ses.writepayload, (const unsigned char *)addr, strlen(addr)); buf_putint(ses.writepayload, port); /* originator ip */ From 5cf43d76bf6060feb5e01acd0823f89d7cd2a216 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20PORTAY?= Date: Sat, 2 May 2015 23:17:43 +0200 Subject: [PATCH 23/32] Turn checkpubkey() and send_msg_userauth_pk_ok()'s algo argument into char * --- svr-authpubkey.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/svr-authpubkey.c b/svr-authpubkey.c index 82769eb..ecce2b1 100644 --- a/svr-authpubkey.c +++ b/svr-authpubkey.c @@ -70,10 +70,10 @@ #define MIN_AUTHKEYS_LINE 10 /* "ssh-rsa AB" - short but doesn't matter */ #define MAX_AUTHKEYS_LINE 4200 /* max length of a line in authkeys */ -static int checkpubkey(unsigned char* algo, unsigned int algolen, +static int checkpubkey(char* algo, unsigned int algolen, unsigned char* keyblob, unsigned int keybloblen); static int checkpubkeyperms(); -static void send_msg_userauth_pk_ok(unsigned char* algo, unsigned int algolen, +static void send_msg_userauth_pk_ok(char* algo, unsigned int algolen, unsigned char* keyblob, unsigned int keybloblen); static int checkfileperm(char * filename); @@ -82,7 +82,7 @@ static int checkfileperm(char * filename); void svr_auth_pubkey() { unsigned char testkey; /* whether we're just checking if a key is usable */ - unsigned char* algo = NULL; /* pubkey algo */ + char* algo = NULL; /* pubkey algo */ unsigned int algolen; unsigned char* keyblob = NULL; unsigned int keybloblen; @@ -98,7 +98,7 @@ void svr_auth_pubkey() { * actual attempt*/ testkey = (buf_getbool(ses.payload) == 0); - algo = buf_getstring(ses.payload, &algolen); + algo = (char *) buf_getstring(ses.payload, &algolen); keybloblen = buf_getint(ses.payload); keyblob = buf_getptr(ses.payload, keybloblen); @@ -173,14 +173,14 @@ out: /* Reply that the key is valid for auth, this is sent when the user sends * a straight copy of their pubkey to test, to avoid having to perform * expensive signing operations with a worthless key */ -static void send_msg_userauth_pk_ok(unsigned char* algo, unsigned int algolen, +static void send_msg_userauth_pk_ok(char* algo, unsigned int algolen, unsigned char* keyblob, unsigned int keybloblen) { TRACE(("enter send_msg_userauth_pk_ok")) CHECKCLEARTOWRITE(); buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_PK_OK); - buf_putstring(ses.writepayload, algo, algolen); + buf_putstring(ses.writepayload, (const unsigned char *) algo, algolen); buf_putstring(ses.writepayload, keyblob, keybloblen); encrypt_packet(); @@ -191,7 +191,7 @@ static void send_msg_userauth_pk_ok(unsigned char* algo, unsigned int algolen, /* Checks whether a specified publickey (and associated algorithm) is an * acceptable key for authentication */ /* Returns DROPBEAR_SUCCESS if key is ok for auth, DROPBEAR_FAILURE otherwise */ -static int checkpubkey(unsigned char* algo, unsigned int algolen, +static int checkpubkey(char* algo, unsigned int algolen, unsigned char* keyblob, unsigned int keybloblen) { FILE * authfile = NULL; @@ -330,7 +330,7 @@ static int checkpubkey(unsigned char* algo, unsigned int algolen, TRACE(("checkpubkey: line pos = %d len = %d", line->pos, line->len)) - ret = cmp_base64_key(keyblob, keybloblen, algo, algolen, line, NULL); + ret = cmp_base64_key(keyblob, keybloblen, (const unsigned char *) algo, algolen, line, NULL); if (ret == DROPBEAR_SUCCESS && options_buf) { ret = svr_add_pubkey_options(options_buf, line_num, filename); From be3016b8d583c25f201b04b41e7deacf79c59579 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20PORTAY?= Date: Sat, 2 May 2015 23:24:23 +0200 Subject: [PATCH 24/32] Turn send_msg_service_accept()'s name argument into char * --- svr-service.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/svr-service.c b/svr-service.c index 9c5e580..6c946a1 100644 --- a/svr-service.c +++ b/svr-service.c @@ -30,18 +30,18 @@ #include "ssh.h" #include "auth.h" -static void send_msg_service_accept(unsigned char *name, int len); +static void send_msg_service_accept(char *name, int len); /* processes a SSH_MSG_SERVICE_REQUEST, returning 0 if finished, * 1 if not */ void recv_msg_service_request() { - unsigned char * name; + char * name; unsigned int len; TRACE(("enter recv_msg_service_request")) - name = buf_getstring(ses.payload, &len); + name = (char *) buf_getstring(ses.payload, &len); /* ssh-userauth */ if (len == SSH_SERVICE_USERAUTH_LEN && @@ -73,14 +73,14 @@ void recv_msg_service_request() { } -static void send_msg_service_accept(unsigned char *name, int len) { +static void send_msg_service_accept(char *name, int len) { TRACE(("accepting service %s", name)) CHECKCLEARTOWRITE(); buf_putbyte(ses.writepayload, SSH_MSG_SERVICE_ACCEPT); - buf_putstring(ses.writepayload, name, len); + buf_putstring(ses.writepayload, (const unsigned char *) name, len); encrypt_packet(); From 05b36b484e93557928d4ae90a7eea5a57764c372 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20PORTAY?= Date: Sat, 2 May 2015 23:28:28 +0200 Subject: [PATCH 25/32] Turn ChanSess's cmd attribute into char * --- chansession.h | 2 +- svr-chansession.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/chansession.h b/chansession.h index 66f5504..6eb8c76 100644 --- a/chansession.h +++ b/chansession.h @@ -39,7 +39,7 @@ struct exitinfo { struct ChanSess { - unsigned char * cmd; /* command to exec */ + char * cmd; /* command to exec */ pid_t pid; /* child process pid */ /* pty details */ diff --git a/svr-chansession.c b/svr-chansession.c index c496ff9..a630112 100644 --- a/svr-chansession.c +++ b/svr-chansession.c @@ -649,7 +649,7 @@ static int sessioncommand(struct Channel *channel, struct ChanSess *chansess, if (iscmd) { /* "exec" */ if (chansess->cmd == NULL) { - chansess->cmd = buf_getstring(ses.payload, &cmdlen); + chansess->cmd = (char *) buf_getstring(ses.payload, &cmdlen); if (cmdlen > MAX_CMD_LEN) { m_free(chansess->cmd); From 292656d899f4f5fad8f5ed67ec00806c6e410b8d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20PORTAY?= Date: Sat, 2 May 2015 23:32:13 +0200 Subject: [PATCH 26/32] Turn signame local variable into char * --- svr-chansession.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/svr-chansession.c b/svr-chansession.c index a630112..18e4bf0 100644 --- a/svr-chansession.c +++ b/svr-chansession.c @@ -221,7 +221,7 @@ static void send_msg_chansess_exitsignal(struct Channel * channel, buf_putint(ses.writepayload, channel->remotechan); buf_putstring(ses.writepayload, (const unsigned char *) "exit-signal", 11); buf_putbyte(ses.writepayload, 0); /* boolean FALSE */ - buf_putstring(ses.writepayload, signame, strlen(signame)); + buf_putstring(ses.writepayload, (const unsigned char *) signame, strlen(signame)); buf_putbyte(ses.writepayload, chansess->exit.exitcore); buf_putstring(ses.writepayload, (const unsigned char *) "", 0); /* error msg */ buf_putstring(ses.writepayload, (const unsigned char *) "", 0); /* lang */ @@ -406,7 +406,7 @@ out: static int sessionsignal(struct ChanSess *chansess) { int sig = 0; - unsigned char* signame = NULL; + char* signame = NULL; int i; if (chansess->pid == 0) { @@ -414,7 +414,7 @@ static int sessionsignal(struct ChanSess *chansess) { return DROPBEAR_FAILURE; } - signame = buf_getstring(ses.payload, NULL); + signame = (char *) buf_getstring(ses.payload, NULL); i = 0; while (signames[i].name != 0) { From 20f1e49b7326b7430be1e837d4a307f1f641b5ee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20PORTAY?= Date: Sat, 2 May 2015 23:40:30 +0200 Subject: [PATCH 27/32] Turn many local variables into char * reqname, bindaddr, request_addr, desthost and orighost to be exhaustive. --- svr-tcpfwd.c | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/svr-tcpfwd.c b/svr-tcpfwd.c index 490ec5c..615045e 100644 --- a/svr-tcpfwd.c +++ b/svr-tcpfwd.c @@ -65,7 +65,7 @@ static const struct ChanType svr_chan_tcpremote = { * similar to the request-switching in chansession.c */ void recv_msg_global_request_remotetcp() { - unsigned char* reqname = NULL; + char* reqname = NULL; unsigned int namelen; unsigned int wantreply = 0; int ret = DROPBEAR_FAILURE; @@ -77,7 +77,7 @@ void recv_msg_global_request_remotetcp() { goto out; } - reqname = buf_getstring(ses.payload, &namelen); + reqname = (char *)buf_getstring(ses.payload, &namelen); wantreply = buf_getbool(ses.payload); if (namelen > MAX_NAME_LEN) { @@ -120,7 +120,7 @@ static int matchtcp(void* typedata1, void* typedata2) { static int svr_cancelremotetcp() { int ret = DROPBEAR_FAILURE; - unsigned char * bindaddr = NULL; + char * bindaddr = NULL; unsigned int addrlen; unsigned int port; struct Listener * listener = NULL; @@ -128,7 +128,7 @@ static int svr_cancelremotetcp() { TRACE(("enter cancelremotetcp")) - bindaddr = buf_getstring(ses.payload, &addrlen); + bindaddr = (char *)buf_getstring(ses.payload, &addrlen); if (addrlen > MAX_IP_LEN) { TRACE(("addr len too long: %d", addrlen)) goto out; @@ -155,14 +155,14 @@ out: static int svr_remotetcpreq() { int ret = DROPBEAR_FAILURE; - unsigned char * request_addr = NULL; + char * request_addr = NULL; unsigned int addrlen; struct TCPListener *tcpinfo = NULL; unsigned int port; TRACE(("enter remotetcpreq")) - request_addr = buf_getstring(ses.payload, &addrlen); + request_addr = (char *)buf_getstring(ses.payload, &addrlen); if (addrlen > MAX_IP_LEN) { TRACE(("addr len too long: %d", addrlen)) goto out; @@ -232,9 +232,9 @@ const struct ChanType svr_chan_tcpdirect = { * address */ static int newtcpdirect(struct Channel * channel) { - unsigned char* desthost = NULL; + char* desthost = NULL; unsigned int destport; - unsigned char* orighost = NULL; + char* orighost = NULL; unsigned int origport; char portstring[NI_MAXSERV]; unsigned int len; @@ -247,7 +247,7 @@ static int newtcpdirect(struct Channel * channel) { goto out; } - desthost = buf_getstring(ses.payload, &len); + desthost = (char *)buf_getstring(ses.payload, &len); if (len > MAX_HOST_LEN) { TRACE(("leave newtcpdirect: desthost too long")) goto out; @@ -255,7 +255,7 @@ static int newtcpdirect(struct Channel * channel) { destport = buf_getint(ses.payload); - orighost = buf_getstring(ses.payload, &len); + orighost = (char *)buf_getstring(ses.payload, &len); if (len > MAX_HOST_LEN) { TRACE(("leave newtcpdirect: orighost too long")) goto out; From bbaeb917ffb15cb3e002466c87790837387d3320 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20PORTAY?= Date: Sat, 2 May 2015 23:48:57 +0200 Subject: [PATCH 28/32] Turn banner, methods and tok local variable into char * --- cli-auth.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/cli-auth.c b/cli-auth.c index 7039cf0..999ac7f 100644 --- a/cli-auth.c +++ b/cli-auth.c @@ -75,7 +75,7 @@ void cli_auth_getmethods() { void recv_msg_userauth_banner() { - unsigned char* banner = NULL; + char* banner = NULL; unsigned int bannerlen; unsigned int i, linecount; @@ -85,7 +85,7 @@ void recv_msg_userauth_banner() { return; } - banner = buf_getstring(ses.payload, &bannerlen); + banner = (char *)buf_getstring(ses.payload, &bannerlen); buf_eatstring(ses.payload); /* The language string */ if (bannerlen > MAX_BANNER_SIZE) { @@ -151,8 +151,8 @@ void recv_msg_userauth_specific_60() { void recv_msg_userauth_failure() { - unsigned char * methods = NULL; - unsigned char * tok = NULL; + char * methods = NULL; + char * tok = NULL; unsigned int methlen = 0; unsigned int partial = 0; unsigned int i = 0; @@ -201,7 +201,7 @@ void recv_msg_userauth_failure() { cli_ses.lastauthtype = AUTH_TYPE_NONE; } - methods = buf_getstring(ses.payload, &methlen); + methods = (char *)buf_getstring(ses.payload, &methlen); partial = buf_getbool(ses.payload); From e3c6a86b1e458bd4abb592ddd14ca10fd0893dbd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20PORTAY?= Date: Sat, 2 May 2015 23:54:06 +0200 Subject: [PATCH 29/32] Turn TCPFwdEntry's connectaddr and listenaddr attributes into char * --- tcpfwd.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tcpfwd.h b/tcpfwd.h index cd04fcd..64139f0 100644 --- a/tcpfwd.h +++ b/tcpfwd.h @@ -48,9 +48,9 @@ struct TCPListener { /* A forwarding entry */ struct TCPFwdEntry { - const unsigned char* connectaddr; + const char *connectaddr; unsigned int connectport; - const unsigned char* listenaddr; + const char *listenaddr; unsigned int listenport; unsigned int have_reply; /* is set to 1 after a reply has been received when setting up the forwarding */ From bfd730aa4c2a1c3d7bc46dd4a870a5fea3e91da8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20PORTAY?= Date: Sun, 3 May 2015 00:01:36 +0200 Subject: [PATCH 30/32] Turn type and term local variables into char * --- cli-chansession.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/cli-chansession.c b/cli-chansession.c index 4e55287..7bbca1e 100644 --- a/cli-chansession.c +++ b/cli-chansession.c @@ -56,12 +56,12 @@ const struct ChanType clichansess = { static void cli_chansessreq(struct Channel *channel) { - unsigned char* type = NULL; + char* type = NULL; int wantreply; TRACE(("enter cli_chansessreq")) - type = buf_getstring(ses.payload, NULL); + type = (char *) buf_getstring(ses.payload, NULL); wantreply = buf_getbool(ses.payload); if (strcmp(type, "exit-status") == 0) { @@ -272,7 +272,7 @@ void cli_chansess_winchange() { static void send_chansess_pty_req(struct Channel *channel) { - unsigned char* term = NULL; + char* term = NULL; TRACE(("enter send_chansess_pty_req")) @@ -286,7 +286,7 @@ static void send_chansess_pty_req(struct Channel *channel) { if (term == NULL) { term = "vt100"; /* Seems a safe default */ } - buf_putstring(ses.writepayload, term, strlen(term)); + buf_putstring(ses.writepayload, (const unsigned char *)term, strlen(term)); /* Window size */ put_winsize(); From 1c2a1838fc781dc0be8d3a76606281b4bbd7a57a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20PORTAY?= Date: Sun, 3 May 2015 00:23:55 +0200 Subject: [PATCH 31/32] Turn name and instruction local variables into char * --- cli-authinteract.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/cli-authinteract.c b/cli-authinteract.c index a7987eb..02aeab8 100644 --- a/cli-authinteract.c +++ b/cli-authinteract.c @@ -66,8 +66,8 @@ static char* get_response(char* prompt) void recv_msg_userauth_info_request() { - unsigned char *name = NULL; - unsigned char *instruction = NULL; + char *name = NULL; + char *instruction = NULL; unsigned int num_prompts = 0; unsigned int i; @@ -84,8 +84,8 @@ void recv_msg_userauth_info_request() { } cli_ses.interact_request_received = 1; - name = buf_getstring(ses.payload, NULL); - instruction = buf_getstring(ses.payload, NULL); + name = (char *)buf_getstring(ses.payload, NULL); + instruction = (char *)buf_getstring(ses.payload, NULL); /* language tag */ buf_eatstring(ses.payload); From 6e15e75391fc117125f50efd9f3d8ed646596da9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABl=20PORTAY?= Date: Sun, 3 May 2015 00:27:49 +0200 Subject: [PATCH 32/32] Turn modptr local variable into unsigned char * --- keyimport.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/keyimport.c b/keyimport.c index fdf51c0..b7490aa 100644 --- a/keyimport.c +++ b/keyimport.c @@ -507,7 +507,7 @@ static sign_key *openssh_read(const char *filename, char * UNUSED(passphrase)) int i, num_integers = 0; sign_key *retval = NULL; char *errmsg; - char *modptr = NULL; + unsigned char *modptr = NULL; int modlen = -9999; enum signkey_type type; @@ -646,7 +646,7 @@ static sign_key *openssh_read(const char *filename, char * UNUSED(passphrase)) */ if (i == 1) { /* Save the details for after we deal with number 2. */ - modptr = (char *)p; + modptr = p; modlen = len; } else if (i >= 2 && i <= 5) { buf_putstring(blobbuf, p, len);