diff -up ecryptfs-utils-93/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror ecryptfs-utils-93/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c --- ecryptfs-utils-93/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror 2011-10-31 14:18:18.136758412 +0100 +++ ecryptfs-utils-93/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c 2011-10-31 14:18:18.156758569 +0100 @@ -86,7 +86,7 @@ static int ecryptfs_pkcs11h_deserialize( pkcs11h_data->serialized_id = NULL; } else { - pkcs11h_data->serialized_id = blob + i; + pkcs11h_data->serialized_id = (char *)blob + i; i += serialized_id_length; } pkcs11h_data->certificate_blob_size = blob[i++] % 256; @@ -104,12 +104,11 @@ static int ecryptfs_pkcs11h_deserialize( pkcs11h_data->passphrase = NULL; } else { - pkcs11h_data->passphrase = blob + i; + pkcs11h_data->passphrase = (char *)blob + i; i += passphrase_length; } rc = 0; -out: return rc; } @@ -346,14 +345,14 @@ static int ecryptfs_pkcs11h_get_key_sig( data[i++] = '\02'; data[i++] = (char)(nbits >> 8); data[i++] = (char)nbits; - BN_bn2bin(rsa->n, &(data[i])); + BN_bn2bin(rsa->n, (unsigned char *)&(data[i])); i += nbytes; data[i++] = (char)(ebits >> 8); data[i++] = (char)ebits; - BN_bn2bin(rsa->e, &(data[i])); + BN_bn2bin(rsa->e, (unsigned char *)&(data[i])); i += ebytes; - SHA1(data, len + 3, hash); - to_hex(sig, hash, ECRYPTFS_SIG_SIZE); + SHA1((unsigned char *)data, len + 3, (unsigned char *)hash); + to_hex((char *)sig, hash, ECRYPTFS_SIG_SIZE); sig[ECRYPTFS_SIG_SIZE_HEX] = '\0'; rc = 0; @@ -411,8 +410,8 @@ static int ecryptfs_pkcs11h_encrypt(char if ( (rc = RSA_public_encrypt( from_size, - from, - to, + (unsigned char *)from, + (unsigned char *)to, rsa, RSA_PKCS1_PADDING )) == -1 @@ -506,9 +505,9 @@ static int ecryptfs_pkcs11h_decrypt(char (rv = pkcs11h_certificate_decryptAny ( certificate, CKM_RSA_PKCS, - from, + (unsigned char *)from, from_size, - to, + (unsigned char *)to, to_size )) != CKR_OK ) { @@ -534,9 +533,9 @@ static int ecryptfs_pkcs11h_decrypt(char pkcs11h_certificate_decryptAny ( certificate, CKM_RSA_PKCS, - from, + (unsigned char *)from, from_size, - tmp, + (unsigned char *)tmp, to_size ); @@ -851,7 +850,7 @@ static int ecryptfs_pkcs11h_process_key( rc = MOUNT_ERROR; goto out; } - if ((rc = ecryptfs_pkcs11h_serialize(subgraph_key_ctx->key_mod->blob, + if ((rc = ecryptfs_pkcs11h_serialize((unsigned char *)subgraph_key_ctx->key_mod->blob, &subgraph_key_ctx->key_mod->blob_size, pkcs11h_data))) { syslog(LOG_ERR, "PKCS#11: Error serializing pkcs11; rc=[%d]\n", rc); @@ -930,7 +929,7 @@ static int tf_pkcs11h_global_loglevel(st rc = DEFAULT_TOK; node->val = NULL; -out: +// out: return rc; } @@ -943,7 +942,7 @@ static int tf_pkcs11h_global_pincache(st rc = DEFAULT_TOK; node->val = NULL; -out: +// out: return rc; } @@ -1013,7 +1012,7 @@ static int tf_pkcs11h_provider_prot_auth sscanf (node->val, "%x", &subgraph_provider_ctx->allow_protected_authentication); rc = DEFAULT_TOK; node->val = NULL; -out: + return rc; } @@ -1027,7 +1026,7 @@ static int tf_pkcs11h_provider_cert_priv sscanf (node->val, "%x", &subgraph_provider_ctx->certificate_is_private); rc = DEFAULT_TOK; node->val = NULL; -out: + return rc; } @@ -1042,7 +1041,7 @@ static int tf_pkcs11h_provider_private_m rc = DEFAULT_TOK; node->val = NULL; -out: + return rc; } @@ -1073,7 +1072,7 @@ static int tf_pkcs11h_provider_end(struc free(subgraph_provider_ctx); *foo = NULL; rc = DEFAULT_TOK; -out: + return rc; } @@ -1120,7 +1119,7 @@ static int tf_pkcs11h_key_x509file(struc X509 *x509 = NULL; unsigned char *p = NULL; FILE *fp = NULL; - int rc; + int rc = 0; subgraph_key_ctx = (struct pkcs11h_subgraph_key_ctx *)(*foo); diff -up ecryptfs-utils-93/src/libecryptfs/ecryptfs-stat.c.werror ecryptfs-utils-93/src/libecryptfs/ecryptfs-stat.c --- ecryptfs-utils-93/src/libecryptfs/ecryptfs-stat.c.werror 2011-10-27 17:53:07.000000000 +0200 +++ ecryptfs-utils-93/src/libecryptfs/ecryptfs-stat.c 2011-10-31 14:18:18.157758576 +0100 @@ -146,7 +146,7 @@ int ecryptfs_parse_stat(struct ecryptfs_ if (buf_size < (ECRYPTFS_FILE_SIZE_BYTES + MAGIC_ECRYPTFS_MARKER_SIZE_BYTES + 4)) { - printf("%s: Invalid metadata size; must have at least [%lu] " + printf("%s: Invalid metadata size; must have at least [%zu] " "bytes; there are only [%zu] bytes\n", __FUNCTION__, (ECRYPTFS_FILE_SIZE_BYTES + MAGIC_ECRYPTFS_MARKER_SIZE_BYTES diff -up ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c.werror ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c --- ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c.werror 2011-10-27 17:53:07.000000000 +0200 +++ ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c 2011-10-31 14:18:29.644847653 +0100 @@ -39,35 +39,11 @@ #include #include #include +#include #include "../include/ecryptfs.h" #define PRIVATE_DIR "Private" -static void error(const char *msg) -{ - syslog(LOG_ERR, "pam_ecryptfs: errno = [%i]; strerror = [%m]\n", errno); - switch (errno) { - case ENOKEY: - syslog(LOG_ERR, "pam_ecryptfs: %s: Requested key not available\n", msg); - return; - - case EKEYEXPIRED: - syslog(LOG_ERR, "pam_ecryptfs: %s: Key has expired\n", msg); - return; - - case EKEYREVOKED: - syslog(LOG_ERR, "pam_ecryptfs: %s: Key has been revoked\n", msg); - return; - - case EKEYREJECTED: - syslog(LOG_ERR, "pam_ecryptfs: %s: Key was rejected by service\n", msg); - return; - default: - syslog(LOG_ERR, "pam_ecryptfs: %s: Unknown key error\n", msg); - return; - } -} - /* returns: 0 if file does not exist, 1 if it exists, <0 for error */ static int file_exists_dotecryptfs(const char *homedir, char *filename) { @@ -87,7 +63,7 @@ out: return rc; } -static int wrap_passphrase_if_necessary(char *username, uid_t uid, char *wrapped_pw_filename, char *passphrase, char *salt) +static int wrap_passphrase_if_necessary(const char *username, uid_t uid, char *wrapped_pw_filename, char *passphrase, char *salt) { char *unwrapped_pw_filename = NULL; struct stat s; @@ -195,8 +171,6 @@ PAM_EXTERN int pam_sm_authenticate(pam_h if ((argc == 1) && (memcmp(argv[0], "unwrap\0", 7) == 0)) { char *wrapped_pw_filename; - char *unwrapped_pw_filename; - struct stat s; rc = asprintf( &wrapped_pw_filename, "%s/.ecryptfs/%s", @@ -282,8 +256,6 @@ static int private_dir(pam_handle_t *pam char *autoumount = "auto-umount"; struct stat s; pid_t pid; - struct utmp *u; - int count = 0; if ((pwd = fetch_pwd(pamh)) == NULL) { /* fetch_pwd() logged a message */ @@ -329,7 +301,7 @@ static int private_dir(pam_handle_t *pam if (stat(recorded, &s) != 0 && stat("/usr/share/ecryptfs-utils/ecryptfs-record-passphrase", &s) == 0) { /* User has not recorded their passphrase */ unlink("/var/lib/update-notifier/user.d/ecryptfs-record-passphrase"); - symlink("/usr/share/ecryptfs-utils/ecryptfs-record-passphrase", "/var/lib/update-notifier/user.d/ecryptfs-record-passphrase"); + rc=symlink("/usr/share/ecryptfs-utils/ecryptfs-record-passphrase", "/var/lib/update-notifier/user.d/ecryptfs-record-passphrase"); fd = open("/var/lib/update-notifier/dpkg-run-stamp", O_WRONLY|O_CREAT|O_NONBLOCK, 0666); close(fd); } @@ -398,7 +370,6 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand char *old_passphrase = NULL; char *new_passphrase = NULL; char *wrapped_pw_filename; - char *name = NULL; char salt[ECRYPTFS_SALT_SIZE]; char salt_hex[ECRYPTFS_SALT_SIZE_HEX]; pid_t child_pid, tmp_pid; @@ -412,10 +383,9 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand if (pwd) { uid = pwd->pw_uid; homedir = pwd->pw_dir; - name = pwd->pw_name; } } else { - syslog(LOG_ERR, "pam_ecryptfs: Error getting passwd info for user [%s]; rc = [%ld]\n", username, rc); + syslog(LOG_ERR, "pam_ecryptfs: Error getting passwd info for user [%s]; rc = [%d]\n", username, rc); goto out; } saved_uid = geteuid(); diff -up ecryptfs-utils-93/src/utils/mount.ecryptfs.c.werror ecryptfs-utils-93/src/utils/mount.ecryptfs.c --- ecryptfs-utils-93/src/utils/mount.ecryptfs.c.werror 2011-10-31 14:18:18.153758546 +0100 +++ ecryptfs-utils-93/src/utils/mount.ecryptfs.c 2011-10-31 14:18:18.158758583 +0100 @@ -461,7 +461,7 @@ static int ecryptfs_do_mount(int argc, c { int rc; int flags = 0; - int num_opts = 0; +// int num_opts = 0; char *src = NULL, *targ = NULL, *opts = NULL, *new_opts = NULL, *temp; char *val; @@ -472,7 +472,7 @@ static int ecryptfs_do_mount(int argc, c rc = strip_userland_opts(opts); if (rc) goto out; - num_opts = ecryptfs_generate_mount_flags(opts, &flags); + ecryptfs_generate_mount_flags(opts, &flags); if (!(temp = strdup("ecryptfs_unlink_sigs"))) { rc = -ENOMEM; goto out; diff -up ecryptfs-utils-93/src/utils/mount.ecryptfs_private.c.werror ecryptfs-utils-93/src/utils/mount.ecryptfs_private.c --- ecryptfs-utils-93/src/utils/mount.ecryptfs_private.c.werror 2011-10-31 14:18:18.146758491 +0100 +++ ecryptfs-utils-93/src/utils/mount.ecryptfs_private.c 2011-10-31 14:18:18.158758583 +0100 @@ -95,7 +95,6 @@ int read_config(char *pw_dir, int uid, c *s = strdup(e->mnt_fsname); if (!*s) return -2; -out: return 0; } @@ -302,7 +301,7 @@ int update_mtab(char *dev, char *mnt, ch goto fail_early; } - while (old_ent = getmntent(old_mtab)) { + while ((old_ent = getmntent(old_mtab))) { if (addmntent(new_mtab, old_ent) != 0) { perror("addmntent"); goto fail; diff -up ecryptfs-utils-93/src/utils/test.c.werror ecryptfs-utils-93/src/utils/test.c --- ecryptfs-utils-93/src/utils/test.c.werror 2011-10-27 17:53:07.000000000 +0200 +++ ecryptfs-utils-93/src/utils/test.c 2011-10-31 14:18:18.159758591 +0100 @@ -281,7 +281,7 @@ int ecryptfs_encrypt_page(int page_cache struct inode *lower_inode; struct ecryptfs_crypt_stat *crypt_stat; int rc = 0; - int lower_byte_offset; + int lower_byte_offset = 0; int orig_byte_offset = 0; int num_extents_per_page; #define ECRYPTFS_PAGE_STATE_UNREAD 0