diff options
-rw-r--r-- | sbin/isakmpd/conf.h | 4 | ||||
-rw-r--r-- | sbin/isakmpd/exchange.h | 4 | ||||
-rw-r--r-- | sbin/isakmpd/ike_auth.c | 15 | ||||
-rw-r--r-- | sbin/isakmpd/ike_phase_1.c | 8 | ||||
-rw-r--r-- | sbin/isakmpd/ike_quick_mode.c | 11 | ||||
-rw-r--r-- | sbin/isakmpd/ipsec.c | 8 | ||||
-rw-r--r-- | sbin/isakmpd/log.c | 8 | ||||
-rw-r--r-- | sbin/isakmpd/math_2n.c | 14 | ||||
-rw-r--r-- | sbin/isakmpd/math_group.c | 6 | ||||
-rw-r--r-- | sbin/isakmpd/math_group.h | 4 | ||||
-rw-r--r-- | sbin/isakmpd/message.c | 19 | ||||
-rw-r--r-- | sbin/isakmpd/monitor.c | 4 | ||||
-rw-r--r-- | sbin/isakmpd/pf_key_v2.c | 10 | ||||
-rw-r--r-- | sbin/isakmpd/policy.c | 20 | ||||
-rw-r--r-- | sbin/isakmpd/regress/crypto/cryptotest.c | 8 | ||||
-rw-r--r-- | sbin/isakmpd/sa.c | 9 | ||||
-rw-r--r-- | sbin/isakmpd/udp.c | 6 | ||||
-rw-r--r-- | sbin/isakmpd/ui.c | 4 | ||||
-rw-r--r-- | sbin/isakmpd/util.c | 8 | ||||
-rw-r--r-- | sbin/isakmpd/x509.c | 7 |
20 files changed, 94 insertions, 83 deletions
diff --git a/sbin/isakmpd/conf.h b/sbin/isakmpd/conf.h index e46d4c30046..cac8d139141 100644 --- a/sbin/isakmpd/conf.h +++ b/sbin/isakmpd/conf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: conf.h,v 1.25 2004/03/19 14:04:43 hshoexer Exp $ */ +/* $OpenBSD: conf.h,v 1.26 2004/04/07 22:45:49 ho Exp $ */ /* $EOM: conf.h,v 1.13 2000/09/18 00:01:47 ho Exp $ */ /* @@ -75,7 +75,7 @@ struct conf_list_node { }; struct conf_list { - int cnt; + size_t cnt; TAILQ_HEAD (conf_list_fields_head, conf_list_node) fields; }; diff --git a/sbin/isakmpd/exchange.h b/sbin/isakmpd/exchange.h index a50233f9161..333eb864482 100644 --- a/sbin/isakmpd/exchange.h +++ b/sbin/isakmpd/exchange.h @@ -1,4 +1,4 @@ -/* $OpenBSD: exchange.h,v 1.23 2003/06/03 14:28:16 ho Exp $ */ +/* $OpenBSD: exchange.h,v 1.24 2004/04/07 22:45:49 ho Exp $ */ /* $EOM: exchange.h,v 1.28 2000/09/28 12:54:28 niklas Exp $ */ /* @@ -145,7 +145,7 @@ struct exchange { /* Crypto info needed to encrypt/decrypt packets in this exchange. */ struct crypto_xf *crypto; - int key_length; + size_t key_length; struct keystate *keystate; /* Used only by KeyNote, to cache the key used to authenticate Phase 1 */ diff --git a/sbin/isakmpd/ike_auth.c b/sbin/isakmpd/ike_auth.c index 377e60d670e..4133c50e41f 100644 --- a/sbin/isakmpd/ike_auth.c +++ b/sbin/isakmpd/ike_auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ike_auth.c,v 1.84 2004/03/31 10:54:46 ho Exp $ */ +/* $OpenBSD: ike_auth.c,v 1.85 2004/04/07 22:45:49 ho Exp $ */ /* $EOM: ike_auth.c,v 1.59 2000/11/21 00:21:31 angelos Exp $ */ /* @@ -884,7 +884,7 @@ rsa_sig_decode_hash (struct message *msg) exchange->recv_key = key; exchange->recv_keytype = ISAKMP_KEY_RSA; - if (len != hashsize) + if (len != (int)hashsize) { free (*hash_p); *hash_p = 0; @@ -942,6 +942,7 @@ rsa_sig_encode_hash (struct message *msg) u_int8_t *id; size_t id_len; int idtype; + int32_t sigsize; void *sent_key; id = initiator ? exchange->id_i : exchange->id_r; @@ -1058,7 +1059,7 @@ rsa_sig_encode_hash (struct message *msg) { key_from_printable (ISAKMP_KEY_RSA, ISAKMP_KEYTYPE_PRIVATE, (char *)buf, &data, &datalen); - if (!data || datalen == -1) + if (!data) { log_print ("rsa_sig_encode_hash: badly formatted RSA private key"); return 0; @@ -1153,9 +1154,9 @@ rsa_sig_encode_hash (struct message *msg) return -1; } - datalen = RSA_private_encrypt (hashsize, buf, data, sent_key, + sigsize = RSA_private_encrypt (hashsize, buf, data, sent_key, RSA_PKCS1_PADDING); - if (datalen == -1) + if (sigsize == -1) { log_print ("rsa_sig_encode_hash: RSA_private_encrypt () failed"); if (data) @@ -1164,6 +1165,7 @@ rsa_sig_encode_hash (struct message *msg) RSA_free (sent_key); return -1; } + datalen = (u_int32_t)sigsize; free (buf); @@ -1254,7 +1256,8 @@ get_raw_key_from_file (int type, u_int8_t *id, size_t id_len, RSA **rsa) if (!fstr) fstr = CONF_DFLT_PUBKEY_DIR; - if (snprintf (filename, sizeof filename, "%s/", fstr) > sizeof filename - 1) + if (snprintf (filename, sizeof filename, "%s/", fstr) + > (int)sizeof filename - 1) return -1; fstr = ipsec_id_string (id, id_len); diff --git a/sbin/isakmpd/ike_phase_1.c b/sbin/isakmpd/ike_phase_1.c index ce68d8b3eec..eaec3956272 100644 --- a/sbin/isakmpd/ike_phase_1.c +++ b/sbin/isakmpd/ike_phase_1.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ike_phase_1.c,v 1.44 2004/02/27 10:16:26 ho Exp $ */ +/* $OpenBSD: ike_phase_1.c,v 1.45 2004/04/07 22:45:49 ho Exp $ */ /* $EOM: ike_phase_1.c,v 1.31 2000/12/11 23:47:56 niklas Exp $ */ /* @@ -76,7 +76,8 @@ ike_phase_1_initiator_send_SA (struct message *msg) size_t *transform_len = 0; struct conf_list *conf, *life_conf; struct conf_list_node *xf, *life; - int i, value, update_nextp; + int value, update_nextp; + size_t i; struct payload *p; struct proto *proto; struct proto_attr *pa; @@ -936,7 +937,8 @@ ike_phase_1_recv_ID (struct message *msg) char header[80], *rs = 0, *rid = 0, *p; int initiator = exchange->initiator; u_int8_t **id, id_type; - size_t *id_len, sz; + size_t *id_len; + ssize_t sz; struct sockaddr *sa; payload = TAILQ_FIRST (&msg->payload[ISAKMP_PAYLOAD_ID]); diff --git a/sbin/isakmpd/ike_quick_mode.c b/sbin/isakmpd/ike_quick_mode.c index d0904ee5aa9..1b4f2c34e6a 100644 --- a/sbin/isakmpd/ike_quick_mode.c +++ b/sbin/isakmpd/ike_quick_mode.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ike_quick_mode.c,v 1.75 2004/02/27 10:16:26 ho Exp $ */ +/* $OpenBSD: ike_quick_mode.c,v 1.76 2004/04/07 22:45:49 ho Exp $ */ /* $EOM: ike_quick_mode.c,v 1.139 2001/01/26 10:43:17 niklas Exp $ */ /* @@ -432,9 +432,10 @@ initiator_send_HASH_SA_NONCE (struct message *msg) size_t proposal_len = 0, proposals_len = 0, sa_len; size_t **transform_len = 0, **new_transform_len; size_t *transforms_len = 0, *new_transforms_len; - int *transform_cnt = 0, *new_transform_cnt; - int i, suite_no, prop_no, prot_no, xf_no, value, update_nextp, protocol_num; - int prop_cnt = 0, proto_id; + u_int32_t *transform_cnt = 0, *new_transform_cnt; + u_int32_t suite_no, prop_no, prot_no, xf_no, prop_cnt = 0; + u_int32_t i; + int value, update_nextp, protocol_num, proto_id; struct proto *proto; struct conf_list *suite_conf, *prot_conf = 0, *xf_conf = 0, *life_conf; struct conf_list_node *suite, *prot, *xf, *life; @@ -1804,7 +1805,7 @@ responder_send_HASH_SA_NONCE (struct message *msg) u_int8_t *buf; int initiator = exchange->initiator; char header[80]; - int i; + u_int32_t i; u_int8_t *id; size_t sz; diff --git a/sbin/isakmpd/ipsec.c b/sbin/isakmpd/ipsec.c index 6a547a6c64a..189c5a8fb31 100644 --- a/sbin/isakmpd/ipsec.c +++ b/sbin/isakmpd/ipsec.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ipsec.c,v 1.87 2004/03/10 23:08:48 hshoexer Exp $ */ +/* $OpenBSD: ipsec.c,v 1.88 2004/04/07 22:45:49 ho Exp $ */ /* $EOM: ipsec.c,v 1.143 2000/12/11 23:57:42 niklas Exp $ */ /* @@ -1505,7 +1505,7 @@ ipsec_save_g_x (struct message *msg) ie->g_x_len = GET_ISAKMP_GEN_LENGTH (kep->p) - ISAKMP_KE_DATA_OFF; /* Check that the given length matches the group's expectancy. */ - if (ie->g_x_len != dh_getlen (ie->group)) + if (ie->g_x_len != (size_t)dh_getlen (ie->group)) { /* XXX Is this a good notify type? */ message_drop (msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 0); @@ -1878,7 +1878,7 @@ ipsec_get_id (char *section, int *id, struct sockaddr **addr, * we cannot fit the information in the supplied buffer. */ static void -ipsec_decode_id (char *buf, int size, u_int8_t *id, size_t id_len, +ipsec_decode_id (char *buf, size_t size, u_int8_t *id, size_t id_len, int isakmpform) { int id_type; @@ -2210,7 +2210,7 @@ ipsec_fill_in_hash (struct message *msg) struct prf *prf; struct payload *payload; u_int8_t *buf; - int i; + u_int32_t i; char header[80]; /* If no SKEYID_a, we need not do anything. */ diff --git a/sbin/isakmpd/log.c b/sbin/isakmpd/log.c index 5aea77ef993..273e1237aa7 100644 --- a/sbin/isakmpd/log.c +++ b/sbin/isakmpd/log.c @@ -1,4 +1,4 @@ -/* $OpenBSD: log.c,v 1.41 2004/03/19 14:04:43 hshoexer Exp $ */ +/* $OpenBSD: log.c,v 1.42 2004/04/07 22:45:49 ho Exp $ */ /* $EOM: log.c,v 1.30 2000/09/29 08:19:23 niklas Exp $ */ /* @@ -196,7 +196,7 @@ _log_print (int error, int syslog_level, const char *fmt, va_list ap, time_t t; len = vsnprintf (buffer, sizeof buffer, fmt, ap); - if (len > 0 && len < sizeof buffer - 1 && error) + if (len > 0 && len < (int)sizeof buffer - 1 && error) snprintf (buffer + len, sizeof buffer - len, ": %s", strerror (errno)); if (log_output) { @@ -266,7 +266,7 @@ log_debug_buf (int cls, int level, const char *header, const u_int8_t *buf, size_t sz) { char s[73]; - int i, j; + size_t i, j; /* * If we are not debugging this class, or the level is too low, just return. @@ -679,7 +679,7 @@ udp_cksum (struct packhdr *hdr, const struct udphdr *u, u_int16_t *d) sum += phu.pa[i/2]; sp = (u_int16_t *)u; - for (i = 0; i < sizeof (struct udphdr); i += 2) + for (i = 0; i < (int)sizeof (struct udphdr); i += 2) sum += *sp++; sp = d; diff --git a/sbin/isakmpd/math_2n.c b/sbin/isakmpd/math_2n.c index 3661dba4300..4b600d04b8a 100644 --- a/sbin/isakmpd/math_2n.c +++ b/sbin/isakmpd/math_2n.c @@ -1,4 +1,4 @@ -/* $OpenBSD: math_2n.c,v 1.12 2003/06/03 14:28:16 ho Exp $ */ +/* $OpenBSD: math_2n.c,v 1.13 2004/04/07 22:45:49 ho Exp $ */ /* $EOM: math_2n.c,v 1.15 1999/04/20 09:23:30 niklas Exp $ */ /* @@ -114,8 +114,8 @@ b2n_clear (b2n_ptr n) int b2n_resize (b2n_ptr n, unsigned int chunks) { - int old = n->chunks; - int size; + size_t old = n->chunks; + size_t size; CHUNK_TYPE *new; if (chunks == 0) @@ -273,7 +273,8 @@ b2n_print (b2n_ptr n) int b2n_snprint (char *buf, size_t sz, b2n_ptr n) { - int i, k, j, w, flag = 0; + int i, j, w, flag = 0; + size_t k; int left; char buffer[2 * CHUNK_BYTES]; CHUNK_TYPE tmp; @@ -480,7 +481,7 @@ b2n_rshift (b2n_ptr d, b2n_ptr n, unsigned int s) min = (CHUNK_BITS - (s & CHUNK_MASK)) & CHUNK_MASK; if (min) { - if ((b2n_sigbit (n) & CHUNK_MASK) > min) + if ((b2n_sigbit (n) & CHUNK_MASK) > (u_int32_t)min) newsize++; if (b2n_lshift (d, n, min)) @@ -628,7 +629,8 @@ b2n_div_r (b2n_ptr r, b2n_ptr n, b2n_ptr m) int b2n_div (b2n_ptr q, b2n_ptr r, b2n_ptr n, b2n_ptr m) { - int sn, sm, i, j, len, bits; + int i, j, len, bits; + u_int32_t sm, sn; b2n_t nenn, div, shift, mask; /* If Teiler > Zaehler, the result is 0 */ diff --git a/sbin/isakmpd/math_group.c b/sbin/isakmpd/math_group.c index 2a987b4e88e..4339dad392e 100644 --- a/sbin/isakmpd/math_group.c +++ b/sbin/isakmpd/math_group.c @@ -1,4 +1,4 @@ -/* $OpenBSD: math_group.c,v 1.19 2003/12/15 10:06:42 hshoexer Exp $ */ +/* $OpenBSD: math_group.c,v 1.20 2004/04/07 22:45:49 ho Exp $ */ /* $EOM: math_group.c,v 1.25 2000/04/07 19:53:26 niklas Exp $ */ /* @@ -448,13 +448,13 @@ group_init (void) } struct group * -group_get (int id) +group_get (u_int32_t id) { struct group *new, *clone; if (id < 1 || id > (sizeof (groups) / sizeof (groups[0]))) { - log_print ("group_get: group ID (%d) out of range", id); + log_print ("group_get: group ID (%u) out of range", id); return 0; } diff --git a/sbin/isakmpd/math_group.h b/sbin/isakmpd/math_group.h index 7b38d4447b9..2365f00f624 100644 --- a/sbin/isakmpd/math_group.h +++ b/sbin/isakmpd/math_group.h @@ -1,4 +1,4 @@ -/* $OpenBSD: math_group.h,v 1.8 2003/12/15 10:06:42 hshoexer Exp $ */ +/* $OpenBSD: math_group.h,v 1.9 2004/04/07 22:45:49 ho Exp $ */ /* $EOM: math_group.h,v 1.7 1999/04/17 23:20:40 niklas Exp $ */ /* @@ -81,7 +81,7 @@ struct modp_dscr { void group_init (void); void group_free (struct group *); -struct group *group_get (int); +struct group *group_get (u_int32_t); void ec2n_free (struct group *); struct group *ec2n_clone (struct group *, struct group *); diff --git a/sbin/isakmpd/message.c b/sbin/isakmpd/message.c index 1ffa957d5f5..9898ad69ca4 100644 --- a/sbin/isakmpd/message.c +++ b/sbin/isakmpd/message.c @@ -1,4 +1,4 @@ -/* $OpenBSD: message.c,v 1.69 2004/03/10 23:08:49 hshoexer Exp $ */ +/* $OpenBSD: message.c,v 1.70 2004/04/07 22:45:49 ho Exp $ */ /* $EOM: message.c,v 1.156 2000/10/10 12:36:39 provos Exp $ */ /* @@ -122,9 +122,9 @@ static u_int16_t min_payload_lengths[] = { * numbers. */ static u_int8_t *last_sa = 0; -static int last_prop_no; +static u_int32_t last_prop_no; static u_int8_t *last_prop = 0; -static int last_xf_no; +static u_int32_t last_xf_no; /* * Allocate a message structure bound to transport T, and with a first @@ -190,7 +190,7 @@ message_alloc_reply (struct message *msg) void message_free (struct message *msg) { - int i; + u_int32_t i; struct payload *payload, *next; LOG_DBG ((LOG_MESSAGE, 20, "message_free: freeing %p", msg)); @@ -468,7 +468,7 @@ message_validate_delete (struct message *msg, struct payload *p) struct sockaddr *dst, *dst_isa; u_int32_t nspis = GET_ISAKMP_DELETE_NSPIS (p->p); u_int8_t *spis = (u_int8_t *)p->p + ISAKMP_DELETE_SPI_OFF; - int i; + u_int32_t i; char *addr; doi = doi_lookup (GET_ISAKMP_DELETE_DOI (p->p)); @@ -1759,7 +1759,7 @@ message_drop (struct message *msg, int notify, struct proto *proto, void message_dump_raw (char *header, struct message *msg, int class) { - int i, j, k = 0; + u_int32_t i, j, k = 0; char buf[80], *p = buf; LOG_DBG ((class, 70, "%s: message %p", header, msg)); @@ -1820,9 +1820,8 @@ static int message_encrypt (struct message *msg) { struct exchange *exchange = msg->exchange; - size_t sz = 0; + size_t i, sz = 0; u_int8_t *buf; - int i; /* If no payloads, nothing to do. */ if (msg->iovlen == 1) @@ -2312,8 +2311,8 @@ message_add_sa_payload (struct message *msg) u_int8_t * message_copy (struct message *msg, size_t offset, size_t *szp) { - int i, skip = 0; - size_t sz = 0; + int skip = 0; + size_t i, sz = 0; ssize_t start = -1; u_int8_t *buf, *p; diff --git a/sbin/isakmpd/monitor.c b/sbin/isakmpd/monitor.c index c48ed5cf148..a4517e1d9fb 100644 --- a/sbin/isakmpd/monitor.c +++ b/sbin/isakmpd/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.17 2004/03/31 10:53:10 ho Exp $ */ +/* $OpenBSD: monitor.c,v 1.18 2004/04/07 22:45:49 ho Exp $ */ /* * Copyright (c) 2003 Håkan Olsson. All rights reserved. @@ -1014,7 +1014,7 @@ m_priv_local_sanitize_path (char *path, size_t pmax, int flags) goto bad_path; /* Any path containing '..' is invalid. */ - for (p = path; *p && (p - path) < pmax; p++) + for (p = path; *p && (p - path) < (int)pmax; p++) if (*p == '.' && *(p + 1) == '.') goto bad_path; diff --git a/sbin/isakmpd/pf_key_v2.c b/sbin/isakmpd/pf_key_v2.c index 50da51afa7d..debe23d2f66 100644 --- a/sbin/isakmpd/pf_key_v2.c +++ b/sbin/isakmpd/pf_key_v2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf_key_v2.c,v 1.138 2004/03/10 09:28:46 ho Exp $ */ +/* $OpenBSD: pf_key_v2.c,v 1.139 2004/04/07 22:45:49 ho Exp $ */ /* $EOM: pf_key_v2.c,v 1.79 2000/12/12 00:33:19 niklas Exp $ */ /* @@ -354,7 +354,7 @@ pf_key_v2_read (u_int32_t seq) goto cleanup; } - if ((size_t)n != hdr.sadb_msg_len * PF_KEY_V2_CHUNK) + if (n != hdr.sadb_msg_len * PF_KEY_V2_CHUNK) { log_print ("pf_key_v2_read: read (%d, ...) returned short packet " "(%lu bytes)", pf_key_v2_socket, (unsigned long)n); @@ -366,7 +366,8 @@ pf_key_v2_read (u_int32_t seq) /* We drop all messages that is not what we expect. */ msg = (struct sadb_msg *)buf; if (msg->sadb_msg_version != PF_KEY_V2 - || (msg->sadb_msg_pid != 0 && msg->sadb_msg_pid != getpid ())) + || (msg->sadb_msg_pid != 0 + && msg->sadb_msg_pid != (u_int32_t)getpid ())) { if (seq) { @@ -398,7 +399,8 @@ pf_key_v2_read (u_int32_t seq) pf_key_v2_msg_add (ret, ext, 0); /* If the message is not the one we are waiting for, queue it up. */ - if (seq && (msg->sadb_msg_pid != getpid () || msg->sadb_msg_seq != seq)) + if (seq && (msg->sadb_msg_pid != (u_int32_t)getpid () + || msg->sadb_msg_seq != seq)) { gettimeofday (&tv, 0); timer_add_event ("pf_key_v2_notify", diff --git a/sbin/isakmpd/policy.c b/sbin/isakmpd/policy.c index 6bccf75bdf5..2b7ab8e7042 100644 --- a/sbin/isakmpd/policy.c +++ b/sbin/isakmpd/policy.c @@ -1,4 +1,4 @@ -/* $OpenBSD: policy.c,v 1.68 2004/03/19 14:04:43 hshoexer Exp $ */ +/* $OpenBSD: policy.c,v 1.69 2004/04/07 22:45:49 ho Exp $ */ /* $EOM: policy.c,v 1.49 2000/10/24 13:33:39 niklas Exp $ */ /* @@ -94,7 +94,7 @@ my_inet_ntop4 (const in_addr_t *src, char *dst, size_t size, int normalize) if (snprintf (tmp, sizeof tmp, fmt, ((u_int8_t *) &src2)[0], ((u_int8_t *) &src2)[1], ((u_int8_t *) &src2)[2], - ((u_int8_t *) &src2)[3]) > size) + ((u_int8_t *) &src2)[3]) > (int)size) { errno = ENOSPC; return 0; @@ -111,7 +111,7 @@ my_inet_ntop6 (const unsigned char *src, char *dst, size_t size) if (snprintf (tmp, sizeof tmp, fmt, src[0], src[1], src[2], src[3], src[4], src[5], src[6], src[7], src[8], src[9], src[10], src[11], - src[12], src[13], src[14], src[15]) > size) + src[12], src[13], src[14], src[15]) > (int)size) { errno = ENOSPC; return 0; @@ -130,7 +130,8 @@ policy_callback (char *name) struct sockaddr *sin; struct ipsec_exch *ie; struct ipsec_sa *is; - int fmt, i, lifetype = 0; + size_t i; + int fmt, lifetype = 0; in_addr_t net, subnet; u_int16_t len, type; time_t tt; @@ -908,8 +909,9 @@ policy_callback (char *name) if (!remote_id) { log_error ("policy_callback: calloc (%lu, %lu) failed", - 2 * ((unsigned long)id_sz - ISAKMP_ID_DATA_OFF + ISAKMP_GEN_SZ) + 1, - (unsigned long)sizeof (char)); + 2 * ((unsigned long)id_sz - ISAKMP_ID_DATA_OFF + + ISAKMP_GEN_SZ) + 1, + (unsigned long)sizeof (char)); goto bad; } /* Does it contain any non-printable characters ? */ @@ -1840,8 +1842,8 @@ policy_init (void) { char *ptr, *policy_file; char **asserts; - size_t sz; - int fd, len, i; + size_t sz, len; + int fd, i; LOG_DBG ((LOG_POLICY, 30, "policy_init: initializing")); @@ -2127,7 +2129,7 @@ keynote_cert_obtain (u_int8_t *id, size_t id_len, void *data, u_int8_t **cert, return 0; } - if (read (fd, *cert, size) != size) + if (read (fd, *cert, size) != (int)size) { LOG_DBG ((LOG_POLICY, 30, "keynote_cert_obtain: failed to read %lu " "bytes from \"%s\"", (unsigned long)size, file)); diff --git a/sbin/isakmpd/regress/crypto/cryptotest.c b/sbin/isakmpd/regress/crypto/cryptotest.c index 68573731efb..d860dddc494 100644 --- a/sbin/isakmpd/regress/crypto/cryptotest.c +++ b/sbin/isakmpd/regress/crypto/cryptotest.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cryptotest.c,v 1.12 2004/02/25 16:01:29 hshoexer Exp $ */ +/* $OpenBSD: cryptotest.c,v 1.13 2004/04/07 22:45:50 ho Exp $ */ /* $EOM: cryptotest.c,v 1.5 1998/10/07 16:40:49 niklas Exp $ */ /* @@ -40,7 +40,7 @@ void test_crypto (enum transform); -#define SET_KEY(x,y) {int i; for (i=0; i < (y); i++) (x)[i] = i;} +#define SET_KEY(x,y) {size_t i; for (i=0; i < (y); i++) (x)[i] = i;} int verify_buf (u_int8_t *buf, u_int16_t len) @@ -132,10 +132,10 @@ main (void) return 1; } - void +void dump_buf (u_int8_t *buf, size_t len) { - int i; + size_t i; for (i = 0; i < len; i++) printf ("%02x ", buf[i]); diff --git a/sbin/isakmpd/sa.c b/sbin/isakmpd/sa.c index 6011ffb4e70..35a11c6cbd7 100644 --- a/sbin/isakmpd/sa.c +++ b/sbin/isakmpd/sa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sa.c,v 1.78 2004/04/07 20:04:34 ho Exp $ */ +/* $OpenBSD: sa.c,v 1.79 2004/04/07 22:45:49 ho Exp $ */ /* $EOM: sa.c,v 1.112 2000/12/12 00:22:52 niklas Exp $ */ /* @@ -474,7 +474,7 @@ report_spi (FILE *fd, const u_int8_t *buf, size_t sz, int spi) { #define SBUFSZ (2 * 32 + 9) char s[SBUFSZ]; - int i, j; + size_t i, j; for (i = j = 0; i < sz;) { @@ -917,7 +917,8 @@ sa_validate_proto_xf (struct proto *match, struct payload *xf, int phase) { struct proto_attr *pa; struct attr_validation_state *avs; - int i, found = 0; + int found = 0; + size_t i; u_int8_t xf_id; if (!match->xf_cnt) @@ -1190,7 +1191,7 @@ sa_flag (char *attr) { "__ondemand", SA_FLAG_ONDEMAND }, { "ikecfg", SA_FLAG_IKECFG }, }; - int i; + size_t i; for (i = 0; i < sizeof sa_flag_map / sizeof sa_flag_map[0]; i++) if (strcasecmp (attr, sa_flag_map[i].name) == 0) diff --git a/sbin/isakmpd/udp.c b/sbin/isakmpd/udp.c index 097a8412737..afc63cba16b 100644 --- a/sbin/isakmpd/udp.c +++ b/sbin/isakmpd/udp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: udp.c,v 1.67 2004/03/29 16:32:19 deraadt Exp $ */ +/* $OpenBSD: udp.c,v 1.68 2004/04/07 22:45:49 ho Exp $ */ /* $EOM: udp.c,v 1.57 2001/01/26 10:09:57 niklas Exp $ */ /* @@ -387,7 +387,7 @@ udp_bind_if (char *ifname, struct sockaddr *if_addr, void *arg) * XXX Use getservbyname too. */ lport = strtol (port, &ep, 10); - if (*ep != '\0' || lport < 0 || lport > USHRT_MAX) + if (*ep != '\0' || lport < (long)0 || lport > (long)USHRT_MAX) { log_print ("udp_bind_if: " "port string \"%s\" not convertible to in_port_t", port); @@ -671,7 +671,7 @@ udp_init (void) * XXX Use getservbyname too. */ lport = strtol (port, &ep, 10); - if (*ep != '\0' || lport < 0 || lport > USHRT_MAX) + if (*ep != '\0' || lport < (long)0 || lport > (long)USHRT_MAX) { log_print ("udp_init: port string \"%s\" not convertible to in_port_t", port); diff --git a/sbin/isakmpd/ui.c b/sbin/isakmpd/ui.c index 538703a4ee4..9940788f0fb 100644 --- a/sbin/isakmpd/ui.c +++ b/sbin/isakmpd/ui.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ui.c,v 1.36 2004/03/19 14:04:43 hshoexer Exp $ */ +/* $OpenBSD: ui.c,v 1.37 2004/04/07 22:45:49 ho Exp $ */ /* $EOM: ui.c,v 1.43 2000/10/05 09:25:12 niklas Exp $ */ /* @@ -402,7 +402,7 @@ ui_handler (void) static char *p; static size_t sz; static size_t resid; - size_t n; + ssize_t n; char *new_buf; /* If no buffer, set it up. */ diff --git a/sbin/isakmpd/util.c b/sbin/isakmpd/util.c index c5748a5c9bc..7e2ec63ce50 100644 --- a/sbin/isakmpd/util.c +++ b/sbin/isakmpd/util.c @@ -1,4 +1,4 @@ -/* $OpenBSD: util.c,v 1.35 2003/12/14 14:50:23 ho Exp $ */ +/* $OpenBSD: util.c,v 1.36 2004/04/07 22:45:49 ho Exp $ */ /* $EOM: util.c,v 1.23 2000/11/23 12:22:08 niklas Exp $ */ /* @@ -183,7 +183,7 @@ u_int8_t * getrandom (u_int8_t *buf, size_t len) { u_int32_t tmp = 0; - int i; + size_t i; for (i = 0; i < len; i++) { @@ -293,7 +293,7 @@ text2sockaddr (char *address, char *port, struct sockaddr **sa) if (!sp) { lport = strtol (port, &ep, 10); - if (ep == port || lport < 0 || lport > USHRT_MAX) + if (ep == port || lport < 0 || lport > (long)USHRT_MAX) { free (*sa); return -1; @@ -373,7 +373,7 @@ sockaddr2text (struct sockaddr *sa, char **address, int zflag) return -1; } val = strtol (token, &ep, 10); - if (ep == token || val < 0 || val > UCHAR_MAX) + if (ep == token || val < (long)0 || val > (long)UCHAR_MAX) { free (*address); return -1; diff --git a/sbin/isakmpd/x509.c b/sbin/isakmpd/x509.c index 1c01eb46271..be0f7a88bae 100644 --- a/sbin/isakmpd/x509.c +++ b/sbin/isakmpd/x509.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509.c,v 1.86 2004/03/19 14:04:43 hshoexer Exp $ */ +/* $OpenBSD: x509.c,v 1.87 2004/04/07 22:45:49 ho Exp $ */ /* $EOM: x509.c,v 1.54 2001/01/16 18:42:16 ho Exp $ */ /* @@ -522,7 +522,7 @@ x509_generate_kn (int id, X509 *cert) static u_int16_t x509_hash (u_int8_t *id, size_t len) { - int i; + size_t i; u_int16_t bucket = 0; /* XXX We might resize if we are crossing a certain threshold. */ @@ -1492,8 +1492,7 @@ x509_printable (void *cert) { char *s; u_int8_t *data; - u_int32_t datalen; - int i; + u_int32_t datalen, i; x509_serialize (cert, &data, &datalen); if (!data) |