-pedantic: signed vs. unsigned, void*-arithm, etc

diff --git a/usr.bin/ssh/atomicio.c b/usr.bin/ssh/atomicio.c
index 01c1f62..668d490 100644 (file)
--- a/usr.bin/ssh/atomicio.c
+++ b/usr.bin/ssh/atomicio.c
@@ -24,7 +24,7 @@
  */
 
 #include "includes.h"
-RCSID("$Id: atomicio.c,v 1.2 2000/02/01 22:32:53 d Exp $");
+RCSID("$Id: atomicio.c,v 1.3 2000/03/16 20:56:13 markus Exp $");
 
 #include "xmalloc.h"
 #include "ssh.h"
@@ -33,12 +33,13 @@ RCSID("$Id: atomicio.c,v 1.2 2000/02/01 22:32:53 d Exp $");
  * ensure all of data on socket comes through. f==read || f==write
  */
 ssize_t
-atomicio(f, fd, s, n)
+atomicio(f, fd, _s, n)
        ssize_t (*f) ();
        int fd;
-       void *s;
+       void *_s;
        size_t n;
 {
+       char *s = _s;
        ssize_t res, pos = 0;
 
        while (n > pos) {

diff --git a/usr.bin/ssh/auth-krb4.c b/usr.bin/ssh/auth-krb4.c
index fb0e20c..95fc722 100644 (file)
--- a/usr.bin/ssh/auth-krb4.c
+++ b/usr.bin/ssh/auth-krb4.c
@@ -186,19 +186,20 @@ auth_krb4(const char *server_user, KTEXT auth, char **client)
        KTEXT_ST reply;
        char instance[INST_SZ];
        int r, s;
+       socklen_t slen;
        u_int cksum;
        Key_schedule schedule;
        struct sockaddr_in local, foreign;
 
        s = packet_get_connection_in();
 
-       r = sizeof(local);
+       slen = sizeof(local);
        memset(&local, 0, sizeof(local));
-       if (getsockname(s, (struct sockaddr *) & local, &r) < 0)
+       if (getsockname(s, (struct sockaddr *) & local, &slen) < 0)
                debug("getsockname failed: %.100s", strerror(errno));
-       r = sizeof(foreign);
+       slen = sizeof(foreign);
        memset(&foreign, 0, sizeof(foreign));
-       if (getpeername(s, (struct sockaddr *) & foreign, &r) < 0) {
+       if (getpeername(s, (struct sockaddr *) & foreign, &slen) < 0) {
                debug("getpeername failed: %.100s", strerror(errno));
                fatal_cleanup();
        }

diff --git a/usr.bin/ssh/bufaux.c b/usr.bin/ssh/bufaux.c
index 5091968..dddc41f 100644 (file)
--- a/usr.bin/ssh/bufaux.c
+++ b/usr.bin/ssh/bufaux.c
@@ -15,7 +15,7 @@
  */
 
 #include "includes.h"
-RCSID("$Id: bufaux.c,v 1.7 1999/11/24 19:53:44 markus Exp $");
+RCSID("$Id: bufaux.c,v 1.8 2000/03/16 20:56:14 markus Exp $");
 
 #include "ssh.h"
 #include <ssl/bn.h>
@@ -32,7 +32,7 @@ buffer_put_bignum(Buffer *buffer, BIGNUM *value)
 {
        int bits = BN_num_bits(value);
        int bin_size = (bits + 7) / 8;
-       char *buf = xmalloc(bin_size);
+       char unsigned *buf = xmalloc(bin_size);
        int oi;
        char msg[2];
 
@@ -46,7 +46,7 @@ buffer_put_bignum(Buffer *buffer, BIGNUM *value)
        PUT_16BIT(msg, bits);
        buffer_append(buffer, msg, 2);
        /* Store the binary data. */
-       buffer_append(buffer, buf, oi);
+       buffer_append(buffer, (char *)buf, oi);
 
        memset(buf, 0, bin_size);
        xfree(buf);
@@ -68,7 +68,7 @@ buffer_get_bignum(Buffer *buffer, BIGNUM *value)
        bytes = (bits + 7) / 8;
        if (buffer_len(buffer) < bytes)
                fatal("buffer_get_bignum: input buffer too small");
-       bin = buffer_ptr(buffer);
+       bin = (unsigned char*) buffer_ptr(buffer);
        BN_bin2bn(bin, bytes, value);
        buffer_consume(buffer, bytes);
 

diff --git a/usr.bin/ssh/channels.c b/usr.bin/ssh/channels.c
index b40e965..62b6a22 100644 (file)
--- a/usr.bin/ssh/channels.c
+++ b/usr.bin/ssh/channels.c
@@ -16,7 +16,7 @@
  */
 
 #include "includes.h"
-RCSID("$Id: channels.c,v 1.38 2000/01/24 20:37:29 markus Exp $");
+RCSID("$Id: channels.c,v 1.39 2000/03/16 20:56:14 markus Exp $");
 
 #include "ssh.h"
 #include "packet.h"
@@ -1037,7 +1037,7 @@ channel_input_port_open(int payload_len)
        int remote_channel, sock = 0, newch, i;
        u_short host_port;
        char *host, *originator_string;
-       int host_len, originator_len;
+       unsigned int host_len, originator_len;
        struct addrinfo hints, *ai, *aitop;
        char ntop[NI_MAXHOST], strport[NI_MAXSERV];
        int gaierr;
@@ -1284,7 +1284,7 @@ x11_input_open(int payload_len)
        int remote_channel, display_number, sock = 0, newch;
        const char *display;
        char buf[1024], *cp, *remote_host;
-       int remote_len;
+       unsigned int remote_len;
        struct addrinfo hints, *ai, *aitop;
        char strport[NI_MAXSERV];
        int gaierr;

diff --git a/usr.bin/ssh/compress.c b/usr.bin/ssh/compress.c
index f4a8785..03e5081 100644 (file)
--- a/usr.bin/ssh/compress.c
+++ b/usr.bin/ssh/compress.c
@@ -14,7 +14,7 @@
  */
 
 #include "includes.h"
-RCSID("$Id: compress.c,v 1.4 1999/11/24 19:53:46 markus Exp $");
+RCSID("$Id: compress.c,v 1.5 2000/03/16 20:56:14 markus Exp $");
 
 #include "ssh.h"
 #include "buffer.h"
@@ -75,13 +75,13 @@ buffer_compress(Buffer * input_buffer, Buffer * output_buffer)
                return;
 
        /* Input is the contents of the input buffer. */
-       outgoing_stream.next_in = buffer_ptr(input_buffer);
+       outgoing_stream.next_in = (unsigned char *) buffer_ptr(input_buffer);
        outgoing_stream.avail_in = buffer_len(input_buffer);
 
        /* Loop compressing until deflate() returns with avail_out != 0. */
        do {
                /* Set up fixed-size output buffer. */
-               outgoing_stream.next_out = buf;
+               outgoing_stream.next_out = (unsigned char *)buf;
                outgoing_stream.avail_out = sizeof(buf);
 
                /* Compress as much data into the buffer as possible. */
@@ -124,10 +124,10 @@ buffer_uncompress(Buffer * input_buffer, Buffer * output_buffer)
        char buf[4096];
        int status;
 
-       incoming_stream.next_in = buffer_ptr(input_buffer);
+       incoming_stream.next_in = (unsigned char *) buffer_ptr(input_buffer);
        incoming_stream.avail_in = buffer_len(input_buffer);
 
-       incoming_stream.next_out = buf;
+       incoming_stream.next_out = (unsigned char *) buf;
        incoming_stream.avail_out = sizeof(buf);
 
        for (;;) {
@@ -136,7 +136,7 @@ buffer_uncompress(Buffer * input_buffer, Buffer * output_buffer)
                case Z_OK:
                        buffer_append(output_buffer, buf,
                                      sizeof(buf) - incoming_stream.avail_out);
-                       incoming_stream.next_out = buf;
+                       incoming_stream.next_out = (unsigned char *) buf;
                        incoming_stream.avail_out = sizeof(buf);
                        break;
                case Z_STREAM_END:

diff --git a/usr.bin/ssh/fingerprint.c b/usr.bin/ssh/fingerprint.c
index 42b8cd7..c001ca2 100644 (file)
--- a/usr.bin/ssh/fingerprint.c
+++ b/usr.bin/ssh/fingerprint.c
@@ -28,7 +28,7 @@
  */
 
 #include "includes.h"
-RCSID("$Id: fingerprint.c,v 1.4 1999/11/24 16:15:25 markus Exp $");
+RCSID("$Id: fingerprint.c,v 1.5 2000/03/16 20:56:14 markus Exp $");
 
 #include "ssh.h"
 #include "xmalloc.h"
@@ -46,7 +46,7 @@ fingerprint(BIGNUM *e, BIGNUM *n)
        static char retval[80];
        MD5_CTX md;
        unsigned char d[16];
-       char *buf;
+       unsigned char *buf;
        int nlen, elen;
 
        nlen = BN_num_bytes(n);

diff --git a/usr.bin/ssh/packet.h b/usr.bin/ssh/packet.h
index 055f2c8..66a3528 100644 (file)
--- a/usr.bin/ssh/packet.h
+++ b/usr.bin/ssh/packet.h
@@ -13,7 +13,7 @@
  * 
  */
 
-/* RCSID("$Id: packet.h,v 1.9 2000/01/04 16:54:58 markus Exp $"); */
+/* RCSID("$Id: packet.h,v 1.10 2000/03/16 20:56:14 markus Exp $"); */
 
 #ifndef PACKET_H
 #define PACKET_H
@@ -144,7 +144,7 @@ char   *packet_get_string(unsigned int *length_ptr);
  * The error message should not contain a newline.  The total length of the
  * message must not exceed 1024 bytes.
  */
-void    packet_disconnect(const char *fmt,...) __attribute__((format(printf, 1, 2)));;
+void    packet_disconnect(const char *fmt,...) __attribute__((format(printf, 1, 2)));
 
 /*
  * Sends a diagnostic message to the other side.  This message can be sent at
@@ -156,7 +156,7 @@ void    packet_disconnect(const char *fmt,...) __attribute__((format(printf, 1,
  * remote side protocol flags do not indicate that it supports SSH_MSG_DEBUG,
  * this will do nothing.
  */
-void    packet_send_debug(const char *fmt,...) __attribute__((format(printf, 1, 2)));;
+void    packet_send_debug(const char *fmt,...) __attribute__((format(printf, 1, 2)));
 
 /* Checks if there is any buffered output, and tries to write some of the output. */
 void    packet_write_poll(void);

diff --git a/usr.bin/ssh/radix.c b/usr.bin/ssh/radix.c
index c87dd2d..ea7f5ba 100644 (file)
--- a/usr.bin/ssh/radix.c
+++ b/usr.bin/ssh/radix.c
@@ -213,7 +213,7 @@ creds_to_radix(CREDENTIALS *creds, unsigned char *buf)
        p += creds->ticket_st.length;
        len = p - temp;
 
-       return (uuencode(temp, len, buf));
+       return (uuencode((unsigned char *)temp, len, (char *)buf));
 }
 
 int 
@@ -225,7 +225,7 @@ radix_to_creds(const char *buf, CREDENTIALS *creds)
        char version;
        char temp[2048];
 
-       if (!(len = uudecode(buf, temp, sizeof(temp))))
+       if (!(len = uudecode(buf, (unsigned char *)temp, sizeof(temp))))
                return 0;
 
        p = temp;

diff --git a/usr.bin/ssh/rsa.c b/usr.bin/ssh/rsa.c
index 5cab804..955a3f5 100644 (file)
--- a/usr.bin/ssh/rsa.c
+++ b/usr.bin/ssh/rsa.c
@@ -35,7 +35,7 @@
 */
 
 #include "includes.h"
-RCSID("$Id: rsa.c,v 1.12 2000/02/21 21:47:31 markus Exp $");
+RCSID("$Id: rsa.c,v 1.13 2000/03/16 20:56:14 markus Exp $");
 
 #include "rsa.h"
 #include "ssh.h"
@@ -110,7 +110,7 @@ rsa_generate_key(RSA *prv, RSA *pub, unsigned int bits)
 void
 rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key)
 {
-       char *inbuf, *outbuf;
+       unsigned char *inbuf, *outbuf;
        int len, ilen, olen;
 
        if (BN_num_bits(key->e) < 2 || !BN_is_odd(key->e))
@@ -138,7 +138,7 @@ rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key)
 void
 rsa_private_decrypt(BIGNUM *out, BIGNUM *in, RSA *key)
 {
-       char *inbuf, *outbuf;
+       unsigned char *inbuf, *outbuf;
        int len, ilen, olen;
 
        olen = BN_num_bytes(key->n);

diff --git a/usr.bin/ssh/scp.c b/usr.bin/ssh/scp.c
index 16ac0eb..915ef97 100644 (file)
--- a/usr.bin/ssh/scp.c
+++ b/usr.bin/ssh/scp.c
@@ -45,7 +45,7 @@
  */
 
 #include "includes.h"
-RCSID("$Id: scp.c,v 1.25 2000/01/24 22:11:20 markus Exp $");
+RCSID("$Id: scp.c,v 1.26 2000/03/16 20:56:14 markus Exp $");
 
 #include "ssh.h"
 #include "xmalloc.h"
@@ -1006,7 +1006,7 @@ run_err(const char *fmt,...)
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- *     $Id: scp.c,v 1.25 2000/01/24 22:11:20 markus Exp $
+ *     $Id: scp.c,v 1.26 2000/03/16 20:56:14 markus Exp $
  */
 
 char *
@@ -1118,7 +1118,7 @@ alarmtimer(int wait)
 }
 
 void
-updateprogressmeter(void)
+updateprogressmeter(int ignore)
 {
        int save_errno = errno;
 
@@ -1224,7 +1224,7 @@ progressmeter(int flag)
        atomicio(write, fileno(stdout), buf, strlen(buf));
 
        if (flag == -1) {
-               signal(SIGALRM, (void *) updateprogressmeter);
+               signal(SIGALRM, updateprogressmeter);
                alarmtimer(1);
        } else if (flag == 1) {
                alarmtimer(0);

diff --git a/usr.bin/ssh/ssh-agent.c b/usr.bin/ssh/ssh-agent.c
index 6646956..393fdf0 100644 (file)
--- a/usr.bin/ssh/ssh-agent.c
+++ b/usr.bin/ssh/ssh-agent.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: ssh-agent.c,v 1.25 2000/01/02 21:51:03 markus Exp $   */
+/*     $OpenBSD: ssh-agent.c,v 1.26 2000/03/16 20:56:14 markus Exp $   */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -9,7 +9,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-agent.c,v 1.25 2000/01/02 21:51:03 markus Exp $");
+RCSID("$OpenBSD: ssh-agent.c,v 1.26 2000/03/16 20:56:14 markus Exp $");
 
 #include "ssh.h"
 #include "rsa.h"
@@ -408,6 +408,7 @@ after_select(fd_set *readset, fd_set *writeset)
 {
        unsigned int i;
        int len, sock;
+       socklen_t slen;
        char buf[1024];
        struct sockaddr_un sunaddr;
 
@@ -417,8 +418,8 @@ after_select(fd_set *readset, fd_set *writeset)
                        break;
                case AUTH_SOCKET:
                        if (FD_ISSET(sockets[i].fd, readset)) {
-                               len = sizeof(sunaddr);
-                               sock = accept(sockets[i].fd, (struct sockaddr *) & sunaddr, &len);
+                               slen = sizeof(sunaddr);
+                               sock = accept(sockets[i].fd, (struct sockaddr *) & sunaddr, &slen);
                                if (sock < 0) {
                                        perror("accept from AUTH_SOCKET");
                                        break;

diff --git a/usr.bin/ssh/ssh-keygen.c b/usr.bin/ssh/ssh-keygen.c
index 93ae2da..29a967d 100644 (file)
--- a/usr.bin/ssh/ssh-keygen.c
+++ b/usr.bin/ssh/ssh-keygen.c
@@ -7,7 +7,7 @@
  */
 
 #include "includes.h"
-RCSID("$Id: ssh-keygen.c,v 1.16 2000/02/04 14:34:09 markus Exp $");
+RCSID("$Id: ssh-keygen.c,v 1.17 2000/03/16 20:56:14 markus Exp $");
 
 #include "rsa.h"
 #include "ssh.h"
@@ -81,6 +81,7 @@ do_fingerprint(struct passwd *pw)
        RSA *public_key;
        char *comment = NULL, *cp, *ep, line[16*1024];
        int i, skip = 0, num = 1, invalid = 1;
+       unsigned int ignore;
        struct stat st;
 
        if (!have_identity)
@@ -138,7 +139,7 @@ do_fingerprint(struct passwd *pw)
                                *cp++ = '\0';
                        }
                        ep = cp;
-                       if (auth_rsa_read_key(&cp, &i, e, n)) {
+                       if (auth_rsa_read_key(&cp, &ignore, e, n)) {
                                invalid = 0;
                                comment = *cp ? cp : comment;
                                printf("%d %s %s\n", BN_num_bits(n),

diff --git a/usr.bin/ssh/sshconnect.c b/usr.bin/ssh/sshconnect.c
index 62a842f..3d273ed 100644 (file)
--- a/usr.bin/ssh/sshconnect.c
+++ b/usr.bin/ssh/sshconnect.c
@@ -8,7 +8,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshconnect.c,v 1.56 2000/02/18 08:50:33 markus Exp $");
+RCSID("$OpenBSD: sshconnect.c,v 1.57 2000/03/16 20:56:14 markus Exp $");
 
 #include <ssl/bn.h>
 #include "xmalloc.h"
@@ -632,6 +632,7 @@ try_kerberos_authentication()
        char *realm;
        CREDENTIALS cred;
        int r, type, plen;
+       socklen_t slen;
        Key_schedule schedule;
        u_long checksum, cksum;
        MSG_DAT msg_data;
@@ -674,16 +675,16 @@ try_kerberos_authentication()
        /* Zero the buffer. */
        (void) memset(auth.dat, 0, MAX_KTXT_LEN);
 
-       r = sizeof(local);
+       slen = sizeof(local);
        memset(&local, 0, sizeof(local));
        if (getsockname(packet_get_connection_in(),
-                       (struct sockaddr *) & local, &r) < 0)
+                       (struct sockaddr *) & local, &slen) < 0)
                debug("getsockname failed: %s", strerror(errno));
 
-       r = sizeof(foreign);
+       slen = sizeof(foreign);
        memset(&foreign, 0, sizeof(foreign));
        if (getpeername(packet_get_connection_in(),
-                       (struct sockaddr *) & foreign, &r) < 0) {
+                       (struct sockaddr *) & foreign, &slen) < 0) {
                debug("getpeername failed: %s", strerror(errno));
                fatal_cleanup();
        }
@@ -745,7 +746,7 @@ send_kerberos_tgt()
        CREDENTIALS *creds;
        char pname[ANAME_SZ], pinst[INST_SZ], prealm[REALM_SZ];
        int r, type, plen;
-       unsigned char buffer[8192];
+       char buffer[8192];
        struct stat st;
 
        /* Don't do anything if we don't have any tickets. */
@@ -766,11 +767,11 @@ send_kerberos_tgt()
                debug("Kerberos V4 ticket expired: %s", TKT_FILE);
                return 0;
        }
-       creds_to_radix(creds, buffer);
+       creds_to_radix(creds, (unsigned char *)buffer);
        xfree(creds);
 
        packet_start(SSH_CMSG_HAVE_KERBEROS_TGT);
-       packet_put_string((char *) buffer, strlen(buffer));
+       packet_put_string(buffer, strlen(buffer));
        packet_send();
        packet_write_wait();
 
@@ -792,7 +793,7 @@ send_afs_tokens(void)
        struct ClearToken ct;
        int i, type, len, plen;
        char buf[2048], *p, *server_cell;
-       unsigned char buffer[8192];
+       char buffer[8192];
 
        /* Move over ktc_GetToken, here's something leaner. */
        for (i = 0; i < 100; i++) {     /* just in case */
@@ -834,10 +835,10 @@ send_afs_tokens(void)
                creds.pinst[0] = '\0';
 
                /* Encode token, ship it off. */
-               if (!creds_to_radix(&creds, buffer))
+               if (!creds_to_radix(&creds, (unsigned char*) buffer))
                        break;
                packet_start(SSH_CMSG_HAVE_AFS_TOKEN);
-               packet_put_string((char *) buffer, strlen(buffer));
+               packet_put_string(buffer, strlen(buffer));
                packet_send();
                packet_write_wait();
 
@@ -861,7 +862,9 @@ send_afs_tokens(void)
 int
 try_skey_authentication()
 {
-       int type, i, payload_len;
+       int type, i;
+       int payload_len;
+       unsigned int clen;
        char *challenge, *response;
 
        debug("Doing skey authentication.");
@@ -881,7 +884,8 @@ try_skey_authentication()
                debug("No challenge for skey authentication.");
                return 0;
        }
-       challenge = packet_get_string(&payload_len);
+       challenge = packet_get_string(&clen);
+       packet_integrity_check(payload_len, (4 + clen), type);
        if (options.cipher == SSH_CIPHER_NONE)
                log("WARNING: Encryption is disabled! "
                    "Reponse will be transmitted in clear text.");

diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c
index 248177c..676610e 100644 (file)
--- a/usr.bin/ssh/sshd.c
+++ b/usr.bin/ssh/sshd.c
@@ -11,7 +11,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.91 2000/03/09 19:31:47 markus Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.92 2000/03/16 20:56:15 markus Exp $");
 
 #include "xmalloc.h"
 #include "rsa.h"
@@ -1183,7 +1183,8 @@ void
 do_authentication()
 {
        struct passwd *pw, pwcopy;
-       int plen, ulen;
+       int plen;
+       unsigned int ulen;
        char *user;
 
        /* Get the name of the user that we wish to log in as. */
@@ -1270,7 +1271,9 @@ do_authloop(struct passwd * pw)
        BIGNUM *n;
        char *client_user, *password;
        char user[1024];
-       int plen, dlen, nlen, ulen, elen;
+       unsigned int dlen;
+       int plen, nlen, elen;
+       unsigned int ulen;
        int type = 0;
        void (*authlog) (const char *fmt,...) = verbose;
 
@@ -1551,7 +1554,7 @@ do_fake_authloop(char *user)
                int plen;
                int type = packet_read(&plen);
 #ifdef SKEY
-               int dlen;
+               unsigned int dlen;
                char *password, *skeyinfo;
                /* Try to send a fake s/key challenge. */
                if (options.skey_authentication == 1 &&
@@ -1635,6 +1638,8 @@ do_authenticated(struct passwd * pw)
        int row, col, xpixel, ypixel, screen;
        char ttyname[64];
        char *command, *term = NULL, *display = NULL, *proto = NULL, *data = NULL;
+       int plen;
+       unsigned int dlen;
        int n_bytes;
 
        /*
@@ -1658,7 +1663,6 @@ do_authenticated(struct passwd * pw)
         * or a command.
         */
        while (1) {
-               int plen, dlen;
 
                /* Get a packet from the client. */
                type = packet_read(&plen);
@@ -1737,7 +1741,7 @@ do_authenticated(struct passwd * pw)
                        if (display)
                                packet_disconnect("Protocol error: X11 display already set.");
                        {
-                               int proto_len, data_len;
+                               unsigned int proto_len, data_len;
                                proto = packet_get_string(&proto_len);
                                data = packet_get_string(&data_len);
                                packet_integrity_check(plen, 4 + proto_len + 4 + data_len + 4, type);
@@ -1819,7 +1823,7 @@ do_authenticated(struct passwd * pw)
                                goto do_forced_command;
                        /* Get command from the packet. */
                        {
-                               int dlen;
+                               unsigned int dlen;
                                command = packet_get_string(&dlen);
                                debug("Executing command '%.500s'", command);
                                packet_integrity_check(plen, 4 + dlen, type);