diff -up ecryptfs-utils-83/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror ecryptfs-utils-83/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c --- ecryptfs-utils-83/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror 2010-03-22 09:14:49.758683763 +0100 +++ ecryptfs-utils-83/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c 2010-03-22 09:21:16.957387907 +0100 @@ -86,7 +86,7 @@ static int ecryptfs_pkcs11h_deserialize( pkcs11h_data->serialized_id = NULL; } else { - pkcs11h_data->serialized_id = blob + i; + pkcs11h_data->serialized_id = (char *)blob + i; i += serialized_id_length; } pkcs11h_data->certificate_blob_size = blob[i++] % 256; @@ -104,12 +104,11 @@ static int ecryptfs_pkcs11h_deserialize( pkcs11h_data->passphrase = NULL; } else { - pkcs11h_data->passphrase = blob + i; + pkcs11h_data->passphrase = (char *)blob + i; i += passphrase_length; } rc = 0; -out: return rc; } @@ -346,14 +345,14 @@ static int ecryptfs_pkcs11h_get_key_sig( data[i++] = '\02'; data[i++] = (char)(nbits >> 8); data[i++] = (char)nbits; - BN_bn2bin(rsa->n, &(data[i])); + BN_bn2bin(rsa->n, (unsigned char *)&(data[i])); i += nbytes; data[i++] = (char)(ebits >> 8); data[i++] = (char)ebits; - BN_bn2bin(rsa->e, &(data[i])); + BN_bn2bin(rsa->e, (unsigned char *)&(data[i])); i += ebytes; - SHA1(data, len + 3, hash); - to_hex(sig, hash, ECRYPTFS_SIG_SIZE); + SHA1((unsigned char *)data, len + 3, (unsigned char *)hash); + to_hex((char *)sig, hash, ECRYPTFS_SIG_SIZE); sig[ECRYPTFS_SIG_SIZE_HEX] = '\0'; rc = 0; @@ -411,8 +410,8 @@ static int ecryptfs_pkcs11h_encrypt(char if ( (rc = RSA_public_encrypt( from_size, - from, - to, + (unsigned char *)from, + (unsigned char *)to, rsa, RSA_PKCS1_PADDING )) == -1 @@ -506,9 +505,9 @@ static int ecryptfs_pkcs11h_decrypt(char (rv = pkcs11h_certificate_decryptAny ( certificate, CKM_RSA_PKCS, - from, + (unsigned char *)from, from_size, - to, + (unsigned char *)to, to_size )) != CKR_OK ) { @@ -534,9 +533,9 @@ static int ecryptfs_pkcs11h_decrypt(char pkcs11h_certificate_decryptAny ( certificate, CKM_RSA_PKCS, - from, + (unsigned char *)from, from_size, - tmp, + (unsigned char *)tmp, to_size ); @@ -851,7 +850,7 @@ static int ecryptfs_pkcs11h_process_key( rc = MOUNT_ERROR; goto out; } - if ((rc = ecryptfs_pkcs11h_serialize(subgraph_key_ctx->key_mod->blob, + if ((rc = ecryptfs_pkcs11h_serialize((unsigned char *)subgraph_key_ctx->key_mod->blob, &subgraph_key_ctx->key_mod->blob_size, pkcs11h_data))) { syslog(LOG_ERR, "PKCS#11: Error serializing pkcs11; rc=[%d]\n", rc); @@ -930,7 +929,7 @@ static int tf_pkcs11h_global_loglevel(st rc = DEFAULT_TOK; node->val = NULL; -out: +// out: return rc; } @@ -943,7 +942,7 @@ static int tf_pkcs11h_global_pincache(st rc = DEFAULT_TOK; node->val = NULL; -out: +// out: return rc; } @@ -1013,7 +1012,7 @@ static int tf_pkcs11h_provider_prot_auth sscanf (node->val, "%x", &subgraph_provider_ctx->allow_protected_authentication); rc = DEFAULT_TOK; node->val = NULL; -out: + return rc; } @@ -1027,7 +1026,7 @@ static int tf_pkcs11h_provider_cert_priv sscanf (node->val, "%x", &subgraph_provider_ctx->certificate_is_private); rc = DEFAULT_TOK; node->val = NULL; -out: + return rc; } @@ -1042,7 +1041,7 @@ static int tf_pkcs11h_provider_private_m rc = DEFAULT_TOK; node->val = NULL; -out: + return rc; } @@ -1073,7 +1072,7 @@ static int tf_pkcs11h_provider_end(struc free(subgraph_provider_ctx); *foo = NULL; rc = DEFAULT_TOK; -out: + return rc; } diff -up ecryptfs-utils-83/src/libecryptfs/ecryptfs-stat.c.werror ecryptfs-utils-83/src/libecryptfs/ecryptfs-stat.c --- ecryptfs-utils-83/src/libecryptfs/ecryptfs-stat.c.werror 2009-10-20 20:49:55.000000000 +0200 +++ ecryptfs-utils-83/src/libecryptfs/ecryptfs-stat.c 2010-03-22 09:13:24.003425916 +0100 @@ -146,7 +146,7 @@ int ecryptfs_parse_stat(struct ecryptfs_ if (buf_size < (ECRYPTFS_FILE_SIZE_BYTES + MAGIC_ECRYPTFS_MARKER_SIZE_BYTES + 4)) { - printf("%s: Invalid metadata size; must have at least [%lu] " + printf("%s: Invalid metadata size; must have at least [%zu] " "bytes; there are only [%zu] bytes\n", __FUNCTION__, (ECRYPTFS_FILE_SIZE_BYTES + MAGIC_ECRYPTFS_MARKER_SIZE_BYTES diff -up ecryptfs-utils-83/src/pam_ecryptfs/pam_ecryptfs.c.werror ecryptfs-utils-83/src/pam_ecryptfs/pam_ecryptfs.c --- ecryptfs-utils-83/src/pam_ecryptfs/pam_ecryptfs.c.werror 2010-02-16 18:01:43.000000000 +0100 +++ ecryptfs-utils-83/src/pam_ecryptfs/pam_ecryptfs.c 2010-03-22 09:13:24.003425916 +0100 @@ -43,31 +43,6 @@ #define PRIVATE_DIR "Private" -static void error(const char *msg) -{ - syslog(LOG_ERR, "errno = [%i]; strerror = [%m]\n", errno); - switch (errno) { - case ENOKEY: - syslog(LOG_ERR, "%s: Requested key not available\n", msg); - return; - - case EKEYEXPIRED: - syslog(LOG_ERR, "%s: Key has expired\n", msg); - return; - - case EKEYREVOKED: - syslog(LOG_ERR, "%s: Key has been revoked\n", msg); - return; - - case EKEYREJECTED: - syslog(LOG_ERR, "%s: Key was rejected by service\n", msg); - return; - default: - syslog(LOG_ERR, "%s: Unknown key error\n", msg); - return; - } -} - /* returns: 0 for pam automounting not set, 1 for set, <0 for error */ static int ecryptfs_pam_automount_set(const char *homedir) { @@ -87,7 +62,7 @@ out: return rc; } -static int wrap_passphrase_if_necessary(char *username, uid_t uid, char *wrapped_pw_filename, char *passphrase, char *salt) +static int wrap_passphrase_if_necessary(const char *username, uid_t uid, char *wrapped_pw_filename, char *passphrase, char *salt) { char *unwrapped_pw_filename = NULL; struct stat s; @@ -198,8 +173,6 @@ PAM_EXTERN int pam_sm_authenticate(pam_h if ((argc == 1) && (memcmp(argv[0], "unwrap\0", 7) == 0)) { char *wrapped_pw_filename; - char *unwrapped_pw_filename; - struct stat s; rc = asprintf( &wrapped_pw_filename, "%s/.ecryptfs/%s", @@ -291,8 +264,6 @@ static int private_dir(pam_handle_t *pam char *autoumount = "auto-umount"; struct stat s; pid_t pid; - struct utmp *u; - int count = 0; if ((pwd = fetch_pwd(pamh)) == NULL) { /* fetch_pwd() logged a message */ @@ -339,7 +310,7 @@ static int private_dir(pam_handle_t *pam if (stat(recorded, &s) != 0 && stat("/usr/share/ecryptfs-utils/ecryptfs-record-passphrase", &s) == 0) { /* User has not recorded their passphrase */ unlink("/var/lib/update-notifier/user.d/ecryptfs-record-passphrase"); - symlink("/usr/share/ecryptfs-utils/ecryptfs-record-passphrase", "/var/lib/update-notifier/user.d/ecryptfs-record-passphrase"); + rc=symlink("/usr/share/ecryptfs-utils/ecryptfs-record-passphrase", "/var/lib/update-notifier/user.d/ecryptfs-record-passphrase"); fd = open("/var/lib/update-notifier/dpkg-run-stamp", O_WRONLY|O_CREAT|O_NONBLOCK, 0666); close(fd); } @@ -428,7 +399,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand } } else { syslog(LOG_ERR, "Error getting passwd info for user [%s]; " - "rc = [%ld]\n", username, rc); + "rc = [%d]\n", username, rc); goto out; } saved_uid = geteuid();