Blob Blame History Raw
From 02b0d44892a7c6953cfb70034dbfc1b77a2371fc Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy <abokovoy@redhat.com>
Date: Tue, 23 Feb 2021 10:06:25 +0200
Subject: [PATCH] ipa-kdb: fix compiler warnings

There are few fields in KDB structures that have 'conflicting' types but
need to be compared. They come from MIT Kerberos and we have no choice
here.

In the same way, SID structures have own requirements.

Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
Reviewed-By: Robbie Harwood <rharwood@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
---
 daemons/ipa-kdb/ipa_kdb_audit_as.c   | 4 ++--
 daemons/ipa-kdb/ipa_kdb_mspac.c      | 4 ++--
 daemons/ipa-kdb/ipa_kdb_principals.c | 6 +++---
 daemons/ipa-kdb/ipa_kdb_pwdpolicy.c  | 2 +-
 4 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/daemons/ipa-kdb/ipa_kdb_audit_as.c b/daemons/ipa-kdb/ipa_kdb_audit_as.c
index 77748a75d6b16ee4d080a5f53213cc58c81660dc..a5ffe29334509e23fe0f0b9973432166c254b484 100644
--- a/daemons/ipa-kdb/ipa_kdb_audit_as.c
+++ b/daemons/ipa-kdb/ipa_kdb_audit_as.c
@@ -110,13 +110,13 @@ void ipadb_audit_as_req(krb5_context kcontext,
         }
 
         if (client->last_failed + ied->pol->lockout_duration > authtime &&
-            (client->fail_auth_count >= ied->pol->max_fail && 
+            (client->fail_auth_count >= (krb5_kvno) ied->pol->max_fail && 
              ied->pol->max_fail != 0)) {
             /* client already locked, nothing more to do */
             break;
         }
         if (ied->pol->max_fail == 0 ||
-            client->fail_auth_count < ied->pol->max_fail) {
+            client->fail_auth_count < (krb5_kvno) ied->pol->max_fail) {
             /* let's increase the fail counter */
             client->fail_auth_count++;
             client->mask |= KMASK_FAIL_AUTH_COUNT;
diff --git a/daemons/ipa-kdb/ipa_kdb_mspac.c b/daemons/ipa-kdb/ipa_kdb_mspac.c
index 74cbb77cccb45188f7bd8a1a33085f8ef964930f..9f95d0dc407df4566467f2b4a960086a7d940bcc 100644
--- a/daemons/ipa-kdb/ipa_kdb_mspac.c
+++ b/daemons/ipa-kdb/ipa_kdb_mspac.c
@@ -158,9 +158,9 @@ int string_to_sid(const char *str, struct dom_sid *sid)
 
 char *dom_sid_string(TALLOC_CTX *memctx, const struct dom_sid *dom_sid)
 {
-    size_t c;
+    int8_t c;
     size_t len;
-    int ofs;
+    size_t ofs;
     uint32_t ia;
     char *buf;
 
diff --git a/daemons/ipa-kdb/ipa_kdb_principals.c b/daemons/ipa-kdb/ipa_kdb_principals.c
index 259a0d2563f4b9c038b041781b2580fe72d7ed7e..3b78970b118cb6d8bd97da82a79226d20ea784e1 100644
--- a/daemons/ipa-kdb/ipa_kdb_principals.c
+++ b/daemons/ipa-kdb/ipa_kdb_principals.c
@@ -498,7 +498,7 @@ static krb5_error_code ipadb_get_ldap_auth_ind(krb5_context kcontext,
     l = len;
     for (i = 0; i < count; i++) {
         ret = snprintf(ap, l, "%s ", authinds[i]);
-        if (ret <= 0 || ret > l) {
+        if (ret <= 0 || ret > (int) l) {
             ret = ENOMEM;
             goto cleanup;
         }
@@ -1867,7 +1867,7 @@ static krb5_error_code ipadb_get_ldap_mod_auth_ind(krb5_context kcontext,
     char *s = NULL;
     size_t ai_size = 0;
     int cnt = 0;
-    int i = 0;
+    size_t i = 0;
 
     ret = krb5_dbe_get_string(kcontext, entry, "require_auth", &ais);
     if (ret) {
@@ -2248,7 +2248,7 @@ static krb5_error_code ipadb_entry_default_attrs(struct ipadb_mods *imods)
 {
     krb5_error_code kerr;
     LDAPMod *m = NULL;
-    int i;
+    size_t i;
 
     kerr = ipadb_mods_new(imods, &m);
     if (kerr) {
diff --git a/daemons/ipa-kdb/ipa_kdb_pwdpolicy.c b/daemons/ipa-kdb/ipa_kdb_pwdpolicy.c
index 10f128700bfd01d6ed6b5dd224ea9226b6f0dd2e..a3be116f93458e7b1a50bbbc6bda916d0e11a47a 100644
--- a/daemons/ipa-kdb/ipa_kdb_pwdpolicy.c
+++ b/daemons/ipa-kdb/ipa_kdb_pwdpolicy.c
@@ -328,7 +328,7 @@ krb5_error_code ipadb_check_policy_as(krb5_context kcontext,
     }
 
     if (ied->pol->max_fail == 0 ||
-        client->fail_auth_count < ied->pol->max_fail) {
+        client->fail_auth_count < (krb5_kvno) ied->pol->max_fail) {
         /* still within allowed failures range */
         return 0;
     }
-- 
2.26.3