summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--sbin/isakmpd/conf.h4
-rw-r--r--sbin/isakmpd/exchange.h4
-rw-r--r--sbin/isakmpd/ike_auth.c15
-rw-r--r--sbin/isakmpd/ike_phase_1.c8
-rw-r--r--sbin/isakmpd/ike_quick_mode.c11
-rw-r--r--sbin/isakmpd/ipsec.c8
-rw-r--r--sbin/isakmpd/log.c8
-rw-r--r--sbin/isakmpd/math_2n.c14
-rw-r--r--sbin/isakmpd/math_group.c6
-rw-r--r--sbin/isakmpd/math_group.h4
-rw-r--r--sbin/isakmpd/message.c19
-rw-r--r--sbin/isakmpd/monitor.c4
-rw-r--r--sbin/isakmpd/pf_key_v2.c10
-rw-r--r--sbin/isakmpd/policy.c20
-rw-r--r--sbin/isakmpd/regress/crypto/cryptotest.c8
-rw-r--r--sbin/isakmpd/sa.c9
-rw-r--r--sbin/isakmpd/udp.c6
-rw-r--r--sbin/isakmpd/ui.c4
-rw-r--r--sbin/isakmpd/util.c8
-rw-r--r--sbin/isakmpd/x509.c7
20 files changed, 94 insertions, 83 deletions
diff --git a/sbin/isakmpd/conf.h b/sbin/isakmpd/conf.h
index e46d4c30046..cac8d139141 100644
--- a/sbin/isakmpd/conf.h
+++ b/sbin/isakmpd/conf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: conf.h,v 1.25 2004/03/19 14:04:43 hshoexer Exp $ */
+/* $OpenBSD: conf.h,v 1.26 2004/04/07 22:45:49 ho Exp $ */
/* $EOM: conf.h,v 1.13 2000/09/18 00:01:47 ho Exp $ */
/*
@@ -75,7 +75,7 @@ struct conf_list_node {
};
struct conf_list {
- int cnt;
+ size_t cnt;
TAILQ_HEAD (conf_list_fields_head, conf_list_node) fields;
};
diff --git a/sbin/isakmpd/exchange.h b/sbin/isakmpd/exchange.h
index a50233f9161..333eb864482 100644
--- a/sbin/isakmpd/exchange.h
+++ b/sbin/isakmpd/exchange.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: exchange.h,v 1.23 2003/06/03 14:28:16 ho Exp $ */
+/* $OpenBSD: exchange.h,v 1.24 2004/04/07 22:45:49 ho Exp $ */
/* $EOM: exchange.h,v 1.28 2000/09/28 12:54:28 niklas Exp $ */
/*
@@ -145,7 +145,7 @@ struct exchange {
/* Crypto info needed to encrypt/decrypt packets in this exchange. */
struct crypto_xf *crypto;
- int key_length;
+ size_t key_length;
struct keystate *keystate;
/* Used only by KeyNote, to cache the key used to authenticate Phase 1 */
diff --git a/sbin/isakmpd/ike_auth.c b/sbin/isakmpd/ike_auth.c
index 377e60d670e..4133c50e41f 100644
--- a/sbin/isakmpd/ike_auth.c
+++ b/sbin/isakmpd/ike_auth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ike_auth.c,v 1.84 2004/03/31 10:54:46 ho Exp $ */
+/* $OpenBSD: ike_auth.c,v 1.85 2004/04/07 22:45:49 ho Exp $ */
/* $EOM: ike_auth.c,v 1.59 2000/11/21 00:21:31 angelos Exp $ */
/*
@@ -884,7 +884,7 @@ rsa_sig_decode_hash (struct message *msg)
exchange->recv_key = key;
exchange->recv_keytype = ISAKMP_KEY_RSA;
- if (len != hashsize)
+ if (len != (int)hashsize)
{
free (*hash_p);
*hash_p = 0;
@@ -942,6 +942,7 @@ rsa_sig_encode_hash (struct message *msg)
u_int8_t *id;
size_t id_len;
int idtype;
+ int32_t sigsize;
void *sent_key;
id = initiator ? exchange->id_i : exchange->id_r;
@@ -1058,7 +1059,7 @@ rsa_sig_encode_hash (struct message *msg)
{
key_from_printable (ISAKMP_KEY_RSA, ISAKMP_KEYTYPE_PRIVATE, (char *)buf,
&data, &datalen);
- if (!data || datalen == -1)
+ if (!data)
{
log_print ("rsa_sig_encode_hash: badly formatted RSA private key");
return 0;
@@ -1153,9 +1154,9 @@ rsa_sig_encode_hash (struct message *msg)
return -1;
}
- datalen = RSA_private_encrypt (hashsize, buf, data, sent_key,
+ sigsize = RSA_private_encrypt (hashsize, buf, data, sent_key,
RSA_PKCS1_PADDING);
- if (datalen == -1)
+ if (sigsize == -1)
{
log_print ("rsa_sig_encode_hash: RSA_private_encrypt () failed");
if (data)
@@ -1164,6 +1165,7 @@ rsa_sig_encode_hash (struct message *msg)
RSA_free (sent_key);
return -1;
}
+ datalen = (u_int32_t)sigsize;
free (buf);
@@ -1254,7 +1256,8 @@ get_raw_key_from_file (int type, u_int8_t *id, size_t id_len, RSA **rsa)
if (!fstr)
fstr = CONF_DFLT_PUBKEY_DIR;
- if (snprintf (filename, sizeof filename, "%s/", fstr) > sizeof filename - 1)
+ if (snprintf (filename, sizeof filename, "%s/", fstr)
+ > (int)sizeof filename - 1)
return -1;
fstr = ipsec_id_string (id, id_len);
diff --git a/sbin/isakmpd/ike_phase_1.c b/sbin/isakmpd/ike_phase_1.c
index ce68d8b3eec..eaec3956272 100644
--- a/sbin/isakmpd/ike_phase_1.c
+++ b/sbin/isakmpd/ike_phase_1.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ike_phase_1.c,v 1.44 2004/02/27 10:16:26 ho Exp $ */
+/* $OpenBSD: ike_phase_1.c,v 1.45 2004/04/07 22:45:49 ho Exp $ */
/* $EOM: ike_phase_1.c,v 1.31 2000/12/11 23:47:56 niklas Exp $ */
/*
@@ -76,7 +76,8 @@ ike_phase_1_initiator_send_SA (struct message *msg)
size_t *transform_len = 0;
struct conf_list *conf, *life_conf;
struct conf_list_node *xf, *life;
- int i, value, update_nextp;
+ int value, update_nextp;
+ size_t i;
struct payload *p;
struct proto *proto;
struct proto_attr *pa;
@@ -936,7 +937,8 @@ ike_phase_1_recv_ID (struct message *msg)
char header[80], *rs = 0, *rid = 0, *p;
int initiator = exchange->initiator;
u_int8_t **id, id_type;
- size_t *id_len, sz;
+ size_t *id_len;
+ ssize_t sz;
struct sockaddr *sa;
payload = TAILQ_FIRST (&msg->payload[ISAKMP_PAYLOAD_ID]);
diff --git a/sbin/isakmpd/ike_quick_mode.c b/sbin/isakmpd/ike_quick_mode.c
index d0904ee5aa9..1b4f2c34e6a 100644
--- a/sbin/isakmpd/ike_quick_mode.c
+++ b/sbin/isakmpd/ike_quick_mode.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ike_quick_mode.c,v 1.75 2004/02/27 10:16:26 ho Exp $ */
+/* $OpenBSD: ike_quick_mode.c,v 1.76 2004/04/07 22:45:49 ho Exp $ */
/* $EOM: ike_quick_mode.c,v 1.139 2001/01/26 10:43:17 niklas Exp $ */
/*
@@ -432,9 +432,10 @@ initiator_send_HASH_SA_NONCE (struct message *msg)
size_t proposal_len = 0, proposals_len = 0, sa_len;
size_t **transform_len = 0, **new_transform_len;
size_t *transforms_len = 0, *new_transforms_len;
- int *transform_cnt = 0, *new_transform_cnt;
- int i, suite_no, prop_no, prot_no, xf_no, value, update_nextp, protocol_num;
- int prop_cnt = 0, proto_id;
+ u_int32_t *transform_cnt = 0, *new_transform_cnt;
+ u_int32_t suite_no, prop_no, prot_no, xf_no, prop_cnt = 0;
+ u_int32_t i;
+ int value, update_nextp, protocol_num, proto_id;
struct proto *proto;
struct conf_list *suite_conf, *prot_conf = 0, *xf_conf = 0, *life_conf;
struct conf_list_node *suite, *prot, *xf, *life;
@@ -1804,7 +1805,7 @@ responder_send_HASH_SA_NONCE (struct message *msg)
u_int8_t *buf;
int initiator = exchange->initiator;
char header[80];
- int i;
+ u_int32_t i;
u_int8_t *id;
size_t sz;
diff --git a/sbin/isakmpd/ipsec.c b/sbin/isakmpd/ipsec.c
index 6a547a6c64a..189c5a8fb31 100644
--- a/sbin/isakmpd/ipsec.c
+++ b/sbin/isakmpd/ipsec.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ipsec.c,v 1.87 2004/03/10 23:08:48 hshoexer Exp $ */
+/* $OpenBSD: ipsec.c,v 1.88 2004/04/07 22:45:49 ho Exp $ */
/* $EOM: ipsec.c,v 1.143 2000/12/11 23:57:42 niklas Exp $ */
/*
@@ -1505,7 +1505,7 @@ ipsec_save_g_x (struct message *msg)
ie->g_x_len = GET_ISAKMP_GEN_LENGTH (kep->p) - ISAKMP_KE_DATA_OFF;
/* Check that the given length matches the group's expectancy. */
- if (ie->g_x_len != dh_getlen (ie->group))
+ if (ie->g_x_len != (size_t)dh_getlen (ie->group))
{
/* XXX Is this a good notify type? */
message_drop (msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 0);
@@ -1878,7 +1878,7 @@ ipsec_get_id (char *section, int *id, struct sockaddr **addr,
* we cannot fit the information in the supplied buffer.
*/
static void
-ipsec_decode_id (char *buf, int size, u_int8_t *id, size_t id_len,
+ipsec_decode_id (char *buf, size_t size, u_int8_t *id, size_t id_len,
int isakmpform)
{
int id_type;
@@ -2210,7 +2210,7 @@ ipsec_fill_in_hash (struct message *msg)
struct prf *prf;
struct payload *payload;
u_int8_t *buf;
- int i;
+ u_int32_t i;
char header[80];
/* If no SKEYID_a, we need not do anything. */
diff --git a/sbin/isakmpd/log.c b/sbin/isakmpd/log.c
index 5aea77ef993..273e1237aa7 100644
--- a/sbin/isakmpd/log.c
+++ b/sbin/isakmpd/log.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: log.c,v 1.41 2004/03/19 14:04:43 hshoexer Exp $ */
+/* $OpenBSD: log.c,v 1.42 2004/04/07 22:45:49 ho Exp $ */
/* $EOM: log.c,v 1.30 2000/09/29 08:19:23 niklas Exp $ */
/*
@@ -196,7 +196,7 @@ _log_print (int error, int syslog_level, const char *fmt, va_list ap,
time_t t;
len = vsnprintf (buffer, sizeof buffer, fmt, ap);
- if (len > 0 && len < sizeof buffer - 1 && error)
+ if (len > 0 && len < (int)sizeof buffer - 1 && error)
snprintf (buffer + len, sizeof buffer - len, ": %s", strerror (errno));
if (log_output)
{
@@ -266,7 +266,7 @@ log_debug_buf (int cls, int level, const char *header, const u_int8_t *buf,
size_t sz)
{
char s[73];
- int i, j;
+ size_t i, j;
/*
* If we are not debugging this class, or the level is too low, just return.
@@ -679,7 +679,7 @@ udp_cksum (struct packhdr *hdr, const struct udphdr *u, u_int16_t *d)
sum += phu.pa[i/2];
sp = (u_int16_t *)u;
- for (i = 0; i < sizeof (struct udphdr); i += 2)
+ for (i = 0; i < (int)sizeof (struct udphdr); i += 2)
sum += *sp++;
sp = d;
diff --git a/sbin/isakmpd/math_2n.c b/sbin/isakmpd/math_2n.c
index 3661dba4300..4b600d04b8a 100644
--- a/sbin/isakmpd/math_2n.c
+++ b/sbin/isakmpd/math_2n.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: math_2n.c,v 1.12 2003/06/03 14:28:16 ho Exp $ */
+/* $OpenBSD: math_2n.c,v 1.13 2004/04/07 22:45:49 ho Exp $ */
/* $EOM: math_2n.c,v 1.15 1999/04/20 09:23:30 niklas Exp $ */
/*
@@ -114,8 +114,8 @@ b2n_clear (b2n_ptr n)
int
b2n_resize (b2n_ptr n, unsigned int chunks)
{
- int old = n->chunks;
- int size;
+ size_t old = n->chunks;
+ size_t size;
CHUNK_TYPE *new;
if (chunks == 0)
@@ -273,7 +273,8 @@ b2n_print (b2n_ptr n)
int
b2n_snprint (char *buf, size_t sz, b2n_ptr n)
{
- int i, k, j, w, flag = 0;
+ int i, j, w, flag = 0;
+ size_t k;
int left;
char buffer[2 * CHUNK_BYTES];
CHUNK_TYPE tmp;
@@ -480,7 +481,7 @@ b2n_rshift (b2n_ptr d, b2n_ptr n, unsigned int s)
min = (CHUNK_BITS - (s & CHUNK_MASK)) & CHUNK_MASK;
if (min)
{
- if ((b2n_sigbit (n) & CHUNK_MASK) > min)
+ if ((b2n_sigbit (n) & CHUNK_MASK) > (u_int32_t)min)
newsize++;
if (b2n_lshift (d, n, min))
@@ -628,7 +629,8 @@ b2n_div_r (b2n_ptr r, b2n_ptr n, b2n_ptr m)
int
b2n_div (b2n_ptr q, b2n_ptr r, b2n_ptr n, b2n_ptr m)
{
- int sn, sm, i, j, len, bits;
+ int i, j, len, bits;
+ u_int32_t sm, sn;
b2n_t nenn, div, shift, mask;
/* If Teiler > Zaehler, the result is 0 */
diff --git a/sbin/isakmpd/math_group.c b/sbin/isakmpd/math_group.c
index 2a987b4e88e..4339dad392e 100644
--- a/sbin/isakmpd/math_group.c
+++ b/sbin/isakmpd/math_group.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: math_group.c,v 1.19 2003/12/15 10:06:42 hshoexer Exp $ */
+/* $OpenBSD: math_group.c,v 1.20 2004/04/07 22:45:49 ho Exp $ */
/* $EOM: math_group.c,v 1.25 2000/04/07 19:53:26 niklas Exp $ */
/*
@@ -448,13 +448,13 @@ group_init (void)
}
struct group *
-group_get (int id)
+group_get (u_int32_t id)
{
struct group *new, *clone;
if (id < 1 || id > (sizeof (groups) / sizeof (groups[0])))
{
- log_print ("group_get: group ID (%d) out of range", id);
+ log_print ("group_get: group ID (%u) out of range", id);
return 0;
}
diff --git a/sbin/isakmpd/math_group.h b/sbin/isakmpd/math_group.h
index 7b38d4447b9..2365f00f624 100644
--- a/sbin/isakmpd/math_group.h
+++ b/sbin/isakmpd/math_group.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: math_group.h,v 1.8 2003/12/15 10:06:42 hshoexer Exp $ */
+/* $OpenBSD: math_group.h,v 1.9 2004/04/07 22:45:49 ho Exp $ */
/* $EOM: math_group.h,v 1.7 1999/04/17 23:20:40 niklas Exp $ */
/*
@@ -81,7 +81,7 @@ struct modp_dscr {
void group_init (void);
void group_free (struct group *);
-struct group *group_get (int);
+struct group *group_get (u_int32_t);
void ec2n_free (struct group *);
struct group *ec2n_clone (struct group *, struct group *);
diff --git a/sbin/isakmpd/message.c b/sbin/isakmpd/message.c
index 1ffa957d5f5..9898ad69ca4 100644
--- a/sbin/isakmpd/message.c
+++ b/sbin/isakmpd/message.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: message.c,v 1.69 2004/03/10 23:08:49 hshoexer Exp $ */
+/* $OpenBSD: message.c,v 1.70 2004/04/07 22:45:49 ho Exp $ */
/* $EOM: message.c,v 1.156 2000/10/10 12:36:39 provos Exp $ */
/*
@@ -122,9 +122,9 @@ static u_int16_t min_payload_lengths[] = {
* numbers.
*/
static u_int8_t *last_sa = 0;
-static int last_prop_no;
+static u_int32_t last_prop_no;
static u_int8_t *last_prop = 0;
-static int last_xf_no;
+static u_int32_t last_xf_no;
/*
* Allocate a message structure bound to transport T, and with a first
@@ -190,7 +190,7 @@ message_alloc_reply (struct message *msg)
void
message_free (struct message *msg)
{
- int i;
+ u_int32_t i;
struct payload *payload, *next;
LOG_DBG ((LOG_MESSAGE, 20, "message_free: freeing %p", msg));
@@ -468,7 +468,7 @@ message_validate_delete (struct message *msg, struct payload *p)
struct sockaddr *dst, *dst_isa;
u_int32_t nspis = GET_ISAKMP_DELETE_NSPIS (p->p);
u_int8_t *spis = (u_int8_t *)p->p + ISAKMP_DELETE_SPI_OFF;
- int i;
+ u_int32_t i;
char *addr;
doi = doi_lookup (GET_ISAKMP_DELETE_DOI (p->p));
@@ -1759,7 +1759,7 @@ message_drop (struct message *msg, int notify, struct proto *proto,
void
message_dump_raw (char *header, struct message *msg, int class)
{
- int i, j, k = 0;
+ u_int32_t i, j, k = 0;
char buf[80], *p = buf;
LOG_DBG ((class, 70, "%s: message %p", header, msg));
@@ -1820,9 +1820,8 @@ static int
message_encrypt (struct message *msg)
{
struct exchange *exchange = msg->exchange;
- size_t sz = 0;
+ size_t i, sz = 0;
u_int8_t *buf;
- int i;
/* If no payloads, nothing to do. */
if (msg->iovlen == 1)
@@ -2312,8 +2311,8 @@ message_add_sa_payload (struct message *msg)
u_int8_t *
message_copy (struct message *msg, size_t offset, size_t *szp)
{
- int i, skip = 0;
- size_t sz = 0;
+ int skip = 0;
+ size_t i, sz = 0;
ssize_t start = -1;
u_int8_t *buf, *p;
diff --git a/sbin/isakmpd/monitor.c b/sbin/isakmpd/monitor.c
index c48ed5cf148..a4517e1d9fb 100644
--- a/sbin/isakmpd/monitor.c
+++ b/sbin/isakmpd/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.17 2004/03/31 10:53:10 ho Exp $ */
+/* $OpenBSD: monitor.c,v 1.18 2004/04/07 22:45:49 ho Exp $ */
/*
* Copyright (c) 2003 Håkan Olsson. All rights reserved.
@@ -1014,7 +1014,7 @@ m_priv_local_sanitize_path (char *path, size_t pmax, int flags)
goto bad_path;
/* Any path containing '..' is invalid. */
- for (p = path; *p && (p - path) < pmax; p++)
+ for (p = path; *p && (p - path) < (int)pmax; p++)
if (*p == '.' && *(p + 1) == '.')
goto bad_path;
diff --git a/sbin/isakmpd/pf_key_v2.c b/sbin/isakmpd/pf_key_v2.c
index 50da51afa7d..debe23d2f66 100644
--- a/sbin/isakmpd/pf_key_v2.c
+++ b/sbin/isakmpd/pf_key_v2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pf_key_v2.c,v 1.138 2004/03/10 09:28:46 ho Exp $ */
+/* $OpenBSD: pf_key_v2.c,v 1.139 2004/04/07 22:45:49 ho Exp $ */
/* $EOM: pf_key_v2.c,v 1.79 2000/12/12 00:33:19 niklas Exp $ */
/*
@@ -354,7 +354,7 @@ pf_key_v2_read (u_int32_t seq)
goto cleanup;
}
- if ((size_t)n != hdr.sadb_msg_len * PF_KEY_V2_CHUNK)
+ if (n != hdr.sadb_msg_len * PF_KEY_V2_CHUNK)
{
log_print ("pf_key_v2_read: read (%d, ...) returned short packet "
"(%lu bytes)", pf_key_v2_socket, (unsigned long)n);
@@ -366,7 +366,8 @@ pf_key_v2_read (u_int32_t seq)
/* We drop all messages that is not what we expect. */
msg = (struct sadb_msg *)buf;
if (msg->sadb_msg_version != PF_KEY_V2
- || (msg->sadb_msg_pid != 0 && msg->sadb_msg_pid != getpid ()))
+ || (msg->sadb_msg_pid != 0
+ && msg->sadb_msg_pid != (u_int32_t)getpid ()))
{
if (seq)
{
@@ -398,7 +399,8 @@ pf_key_v2_read (u_int32_t seq)
pf_key_v2_msg_add (ret, ext, 0);
/* If the message is not the one we are waiting for, queue it up. */
- if (seq && (msg->sadb_msg_pid != getpid () || msg->sadb_msg_seq != seq))
+ if (seq && (msg->sadb_msg_pid != (u_int32_t)getpid ()
+ || msg->sadb_msg_seq != seq))
{
gettimeofday (&tv, 0);
timer_add_event ("pf_key_v2_notify",
diff --git a/sbin/isakmpd/policy.c b/sbin/isakmpd/policy.c
index 6bccf75bdf5..2b7ab8e7042 100644
--- a/sbin/isakmpd/policy.c
+++ b/sbin/isakmpd/policy.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: policy.c,v 1.68 2004/03/19 14:04:43 hshoexer Exp $ */
+/* $OpenBSD: policy.c,v 1.69 2004/04/07 22:45:49 ho Exp $ */
/* $EOM: policy.c,v 1.49 2000/10/24 13:33:39 niklas Exp $ */
/*
@@ -94,7 +94,7 @@ my_inet_ntop4 (const in_addr_t *src, char *dst, size_t size, int normalize)
if (snprintf (tmp, sizeof tmp, fmt, ((u_int8_t *) &src2)[0],
((u_int8_t *) &src2)[1], ((u_int8_t *) &src2)[2],
- ((u_int8_t *) &src2)[3]) > size)
+ ((u_int8_t *) &src2)[3]) > (int)size)
{
errno = ENOSPC;
return 0;
@@ -111,7 +111,7 @@ my_inet_ntop6 (const unsigned char *src, char *dst, size_t size)
if (snprintf (tmp, sizeof tmp, fmt, src[0], src[1], src[2], src[3], src[4],
src[5], src[6], src[7], src[8], src[9], src[10], src[11],
- src[12], src[13], src[14], src[15]) > size)
+ src[12], src[13], src[14], src[15]) > (int)size)
{
errno = ENOSPC;
return 0;
@@ -130,7 +130,8 @@ policy_callback (char *name)
struct sockaddr *sin;
struct ipsec_exch *ie;
struct ipsec_sa *is;
- int fmt, i, lifetype = 0;
+ size_t i;
+ int fmt, lifetype = 0;
in_addr_t net, subnet;
u_int16_t len, type;
time_t tt;
@@ -908,8 +909,9 @@ policy_callback (char *name)
if (!remote_id)
{
log_error ("policy_callback: calloc (%lu, %lu) failed",
- 2 * ((unsigned long)id_sz - ISAKMP_ID_DATA_OFF + ISAKMP_GEN_SZ) + 1,
- (unsigned long)sizeof (char));
+ 2 * ((unsigned long)id_sz - ISAKMP_ID_DATA_OFF
+ + ISAKMP_GEN_SZ) + 1,
+ (unsigned long)sizeof (char));
goto bad;
}
/* Does it contain any non-printable characters ? */
@@ -1840,8 +1842,8 @@ policy_init (void)
{
char *ptr, *policy_file;
char **asserts;
- size_t sz;
- int fd, len, i;
+ size_t sz, len;
+ int fd, i;
LOG_DBG ((LOG_POLICY, 30, "policy_init: initializing"));
@@ -2127,7 +2129,7 @@ keynote_cert_obtain (u_int8_t *id, size_t id_len, void *data, u_int8_t **cert,
return 0;
}
- if (read (fd, *cert, size) != size)
+ if (read (fd, *cert, size) != (int)size)
{
LOG_DBG ((LOG_POLICY, 30, "keynote_cert_obtain: failed to read %lu "
"bytes from \"%s\"", (unsigned long)size, file));
diff --git a/sbin/isakmpd/regress/crypto/cryptotest.c b/sbin/isakmpd/regress/crypto/cryptotest.c
index 68573731efb..d860dddc494 100644
--- a/sbin/isakmpd/regress/crypto/cryptotest.c
+++ b/sbin/isakmpd/regress/crypto/cryptotest.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cryptotest.c,v 1.12 2004/02/25 16:01:29 hshoexer Exp $ */
+/* $OpenBSD: cryptotest.c,v 1.13 2004/04/07 22:45:50 ho Exp $ */
/* $EOM: cryptotest.c,v 1.5 1998/10/07 16:40:49 niklas Exp $ */
/*
@@ -40,7 +40,7 @@
void test_crypto (enum transform);
-#define SET_KEY(x,y) {int i; for (i=0; i < (y); i++) (x)[i] = i;}
+#define SET_KEY(x,y) {size_t i; for (i=0; i < (y); i++) (x)[i] = i;}
int
verify_buf (u_int8_t *buf, u_int16_t len)
@@ -132,10 +132,10 @@ main (void)
return 1;
}
- void
+void
dump_buf (u_int8_t *buf, size_t len)
{
- int i;
+ size_t i;
for (i = 0; i < len; i++)
printf ("%02x ", buf[i]);
diff --git a/sbin/isakmpd/sa.c b/sbin/isakmpd/sa.c
index 6011ffb4e70..35a11c6cbd7 100644
--- a/sbin/isakmpd/sa.c
+++ b/sbin/isakmpd/sa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sa.c,v 1.78 2004/04/07 20:04:34 ho Exp $ */
+/* $OpenBSD: sa.c,v 1.79 2004/04/07 22:45:49 ho Exp $ */
/* $EOM: sa.c,v 1.112 2000/12/12 00:22:52 niklas Exp $ */
/*
@@ -474,7 +474,7 @@ report_spi (FILE *fd, const u_int8_t *buf, size_t sz, int spi)
{
#define SBUFSZ (2 * 32 + 9)
char s[SBUFSZ];
- int i, j;
+ size_t i, j;
for (i = j = 0; i < sz;)
{
@@ -917,7 +917,8 @@ sa_validate_proto_xf (struct proto *match, struct payload *xf, int phase)
{
struct proto_attr *pa;
struct attr_validation_state *avs;
- int i, found = 0;
+ int found = 0;
+ size_t i;
u_int8_t xf_id;
if (!match->xf_cnt)
@@ -1190,7 +1191,7 @@ sa_flag (char *attr)
{ "__ondemand", SA_FLAG_ONDEMAND },
{ "ikecfg", SA_FLAG_IKECFG },
};
- int i;
+ size_t i;
for (i = 0; i < sizeof sa_flag_map / sizeof sa_flag_map[0]; i++)
if (strcasecmp (attr, sa_flag_map[i].name) == 0)
diff --git a/sbin/isakmpd/udp.c b/sbin/isakmpd/udp.c
index 097a8412737..afc63cba16b 100644
--- a/sbin/isakmpd/udp.c
+++ b/sbin/isakmpd/udp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: udp.c,v 1.67 2004/03/29 16:32:19 deraadt Exp $ */
+/* $OpenBSD: udp.c,v 1.68 2004/04/07 22:45:49 ho Exp $ */
/* $EOM: udp.c,v 1.57 2001/01/26 10:09:57 niklas Exp $ */
/*
@@ -387,7 +387,7 @@ udp_bind_if (char *ifname, struct sockaddr *if_addr, void *arg)
* XXX Use getservbyname too.
*/
lport = strtol (port, &ep, 10);
- if (*ep != '\0' || lport < 0 || lport > USHRT_MAX)
+ if (*ep != '\0' || lport < (long)0 || lport > (long)USHRT_MAX)
{
log_print ("udp_bind_if: "
"port string \"%s\" not convertible to in_port_t", port);
@@ -671,7 +671,7 @@ udp_init (void)
* XXX Use getservbyname too.
*/
lport = strtol (port, &ep, 10);
- if (*ep != '\0' || lport < 0 || lport > USHRT_MAX)
+ if (*ep != '\0' || lport < (long)0 || lport > (long)USHRT_MAX)
{
log_print ("udp_init: port string \"%s\" not convertible to in_port_t",
port);
diff --git a/sbin/isakmpd/ui.c b/sbin/isakmpd/ui.c
index 538703a4ee4..9940788f0fb 100644
--- a/sbin/isakmpd/ui.c
+++ b/sbin/isakmpd/ui.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ui.c,v 1.36 2004/03/19 14:04:43 hshoexer Exp $ */
+/* $OpenBSD: ui.c,v 1.37 2004/04/07 22:45:49 ho Exp $ */
/* $EOM: ui.c,v 1.43 2000/10/05 09:25:12 niklas Exp $ */
/*
@@ -402,7 +402,7 @@ ui_handler (void)
static char *p;
static size_t sz;
static size_t resid;
- size_t n;
+ ssize_t n;
char *new_buf;
/* If no buffer, set it up. */
diff --git a/sbin/isakmpd/util.c b/sbin/isakmpd/util.c
index c5748a5c9bc..7e2ec63ce50 100644
--- a/sbin/isakmpd/util.c
+++ b/sbin/isakmpd/util.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: util.c,v 1.35 2003/12/14 14:50:23 ho Exp $ */
+/* $OpenBSD: util.c,v 1.36 2004/04/07 22:45:49 ho Exp $ */
/* $EOM: util.c,v 1.23 2000/11/23 12:22:08 niklas Exp $ */
/*
@@ -183,7 +183,7 @@ u_int8_t *
getrandom (u_int8_t *buf, size_t len)
{
u_int32_t tmp = 0;
- int i;
+ size_t i;
for (i = 0; i < len; i++)
{
@@ -293,7 +293,7 @@ text2sockaddr (char *address, char *port, struct sockaddr **sa)
if (!sp)
{
lport = strtol (port, &ep, 10);
- if (ep == port || lport < 0 || lport > USHRT_MAX)
+ if (ep == port || lport < 0 || lport > (long)USHRT_MAX)
{
free (*sa);
return -1;
@@ -373,7 +373,7 @@ sockaddr2text (struct sockaddr *sa, char **address, int zflag)
return -1;
}
val = strtol (token, &ep, 10);
- if (ep == token || val < 0 || val > UCHAR_MAX)
+ if (ep == token || val < (long)0 || val > (long)UCHAR_MAX)
{
free (*address);
return -1;
diff --git a/sbin/isakmpd/x509.c b/sbin/isakmpd/x509.c
index 1c01eb46271..be0f7a88bae 100644
--- a/sbin/isakmpd/x509.c
+++ b/sbin/isakmpd/x509.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509.c,v 1.86 2004/03/19 14:04:43 hshoexer Exp $ */
+/* $OpenBSD: x509.c,v 1.87 2004/04/07 22:45:49 ho Exp $ */
/* $EOM: x509.c,v 1.54 2001/01/16 18:42:16 ho Exp $ */
/*
@@ -522,7 +522,7 @@ x509_generate_kn (int id, X509 *cert)
static u_int16_t
x509_hash (u_int8_t *id, size_t len)
{
- int i;
+ size_t i;
u_int16_t bucket = 0;
/* XXX We might resize if we are crossing a certain threshold. */
@@ -1492,8 +1492,7 @@ x509_printable (void *cert)
{
char *s;
u_int8_t *data;
- u_int32_t datalen;
- int i;
+ u_int32_t datalen, i;
x509_serialize (cert, &data, &datalen);
if (!data)