]>
Commit | Line | Data |
---|---|---|
bc1c8867 AM |
1 | diff -up ecryptfs-utils-85/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror ecryptfs-utils-85/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c |
2 | --- ecryptfs-utils-85/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror 2010-12-17 18:34:04.000000000 +0100 | |
3 | +++ ecryptfs-utils-85/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c 2011-02-01 11:12:14.813646937 +0100 | |
4 | @@ -86,7 +86,7 @@ static int ecryptfs_pkcs11h_deserialize( | |
5 | pkcs11h_data->serialized_id = NULL; | |
6 | } | |
7 | else { | |
8 | - pkcs11h_data->serialized_id = blob + i; | |
9 | + pkcs11h_data->serialized_id = (char *)blob + i; | |
10 | i += serialized_id_length; | |
11 | } | |
12 | pkcs11h_data->certificate_blob_size = blob[i++] % 256; | |
13 | @@ -104,12 +104,11 @@ static int ecryptfs_pkcs11h_deserialize( | |
14 | pkcs11h_data->passphrase = NULL; | |
15 | } | |
16 | else { | |
17 | - pkcs11h_data->passphrase = blob + i; | |
18 | + pkcs11h_data->passphrase = (char *)blob + i; | |
19 | i += passphrase_length; | |
20 | } | |
21 | ||
22 | rc = 0; | |
23 | -out: | |
24 | return rc; | |
25 | } | |
26 | ||
27 | @@ -346,14 +345,14 @@ static int ecryptfs_pkcs11h_get_key_sig( | |
28 | data[i++] = '\02'; | |
29 | data[i++] = (char)(nbits >> 8); | |
30 | data[i++] = (char)nbits; | |
31 | - BN_bn2bin(rsa->n, &(data[i])); | |
32 | + BN_bn2bin(rsa->n, (unsigned char *)&(data[i])); | |
33 | i += nbytes; | |
34 | data[i++] = (char)(ebits >> 8); | |
35 | data[i++] = (char)ebits; | |
36 | - BN_bn2bin(rsa->e, &(data[i])); | |
37 | + BN_bn2bin(rsa->e, (unsigned char *)&(data[i])); | |
38 | i += ebytes; | |
39 | - SHA1(data, len + 3, hash); | |
40 | - to_hex(sig, hash, ECRYPTFS_SIG_SIZE); | |
41 | + SHA1((unsigned char *)data, len + 3, (unsigned char *)hash); | |
42 | + to_hex((char *)sig, hash, ECRYPTFS_SIG_SIZE); | |
43 | sig[ECRYPTFS_SIG_SIZE_HEX] = '\0'; | |
44 | ||
45 | rc = 0; | |
46 | @@ -411,8 +410,8 @@ static int ecryptfs_pkcs11h_encrypt(char | |
47 | if ( | |
48 | (rc = RSA_public_encrypt( | |
49 | from_size, | |
50 | - from, | |
51 | - to, | |
52 | + (unsigned char *)from, | |
53 | + (unsigned char *)to, | |
54 | rsa, | |
55 | RSA_PKCS1_PADDING | |
56 | )) == -1 | |
57 | @@ -506,9 +505,9 @@ static int ecryptfs_pkcs11h_decrypt(char | |
58 | (rv = pkcs11h_certificate_decryptAny ( | |
59 | certificate, | |
60 | CKM_RSA_PKCS, | |
61 | - from, | |
62 | + (unsigned char *)from, | |
63 | from_size, | |
64 | - to, | |
65 | + (unsigned char *)to, | |
66 | to_size | |
67 | )) != CKR_OK | |
68 | ) { | |
69 | @@ -534,9 +533,9 @@ static int ecryptfs_pkcs11h_decrypt(char | |
70 | pkcs11h_certificate_decryptAny ( | |
71 | certificate, | |
72 | CKM_RSA_PKCS, | |
73 | - from, | |
74 | + (unsigned char *)from, | |
75 | from_size, | |
76 | - tmp, | |
77 | + (unsigned char *)tmp, | |
78 | to_size | |
79 | ); | |
80 | ||
81 | @@ -851,7 +850,7 @@ static int ecryptfs_pkcs11h_process_key( | |
82 | rc = MOUNT_ERROR; | |
83 | goto out; | |
84 | } | |
85 | - if ((rc = ecryptfs_pkcs11h_serialize(subgraph_key_ctx->key_mod->blob, | |
86 | + if ((rc = ecryptfs_pkcs11h_serialize((unsigned char *)subgraph_key_ctx->key_mod->blob, | |
87 | &subgraph_key_ctx->key_mod->blob_size, | |
88 | pkcs11h_data))) { | |
89 | syslog(LOG_ERR, "PKCS#11: Error serializing pkcs11; rc=[%d]\n", rc); | |
90 | @@ -930,7 +929,7 @@ static int tf_pkcs11h_global_loglevel(st | |
91 | ||
92 | rc = DEFAULT_TOK; | |
93 | node->val = NULL; | |
94 | -out: | |
95 | +// out: | |
96 | return rc; | |
97 | } | |
98 | ||
99 | @@ -943,7 +942,7 @@ static int tf_pkcs11h_global_pincache(st | |
100 | ||
101 | rc = DEFAULT_TOK; | |
102 | node->val = NULL; | |
103 | -out: | |
104 | +// out: | |
105 | return rc; | |
106 | } | |
107 | ||
108 | @@ -1013,7 +1012,7 @@ static int tf_pkcs11h_provider_prot_auth | |
109 | sscanf (node->val, "%x", &subgraph_provider_ctx->allow_protected_authentication); | |
110 | rc = DEFAULT_TOK; | |
111 | node->val = NULL; | |
112 | -out: | |
113 | + | |
114 | return rc; | |
115 | } | |
116 | ||
117 | @@ -1027,7 +1026,7 @@ static int tf_pkcs11h_provider_cert_priv | |
118 | sscanf (node->val, "%x", &subgraph_provider_ctx->certificate_is_private); | |
119 | rc = DEFAULT_TOK; | |
120 | node->val = NULL; | |
121 | -out: | |
122 | + | |
123 | return rc; | |
124 | } | |
125 | ||
126 | @@ -1042,7 +1041,7 @@ static int tf_pkcs11h_provider_private_m | |
127 | ||
128 | rc = DEFAULT_TOK; | |
129 | node->val = NULL; | |
130 | -out: | |
131 | + | |
132 | return rc; | |
133 | } | |
134 | ||
135 | @@ -1073,7 +1072,7 @@ static int tf_pkcs11h_provider_end(struc | |
136 | free(subgraph_provider_ctx); | |
137 | *foo = NULL; | |
138 | rc = DEFAULT_TOK; | |
139 | -out: | |
140 | + | |
141 | return rc; | |
142 | } | |
143 | ||
144 | @@ -1120,7 +1119,7 @@ static int tf_pkcs11h_key_x509file(struc | |
145 | X509 *x509 = NULL; | |
146 | unsigned char *p = NULL; | |
147 | FILE *fp = NULL; | |
148 | - int rc; | |
149 | + int rc = 0; | |
150 | ||
151 | subgraph_key_ctx = (struct pkcs11h_subgraph_key_ctx *)(*foo); | |
152 | ||
153 | diff -up ecryptfs-utils-85/src/libecryptfs/ecryptfs-stat.c.werror ecryptfs-utils-85/src/libecryptfs/ecryptfs-stat.c | |
154 | --- ecryptfs-utils-85/src/libecryptfs/ecryptfs-stat.c.werror 2010-12-17 18:34:04.000000000 +0100 | |
155 | +++ ecryptfs-utils-85/src/libecryptfs/ecryptfs-stat.c 2011-02-01 11:12:14.813646937 +0100 | |
156 | @@ -146,7 +146,7 @@ int ecryptfs_parse_stat(struct ecryptfs_ | |
157 | if (buf_size < (ECRYPTFS_FILE_SIZE_BYTES | |
158 | + MAGIC_ECRYPTFS_MARKER_SIZE_BYTES | |
159 | + 4)) { | |
160 | - printf("%s: Invalid metadata size; must have at least [%lu] " | |
161 | + printf("%s: Invalid metadata size; must have at least [%zu] " | |
162 | "bytes; there are only [%zu] bytes\n", __FUNCTION__, | |
163 | (ECRYPTFS_FILE_SIZE_BYTES | |
164 | + MAGIC_ECRYPTFS_MARKER_SIZE_BYTES | |
165 | diff -up ecryptfs-utils-85/src/pam_ecryptfs/pam_ecryptfs.c.werror ecryptfs-utils-85/src/pam_ecryptfs/pam_ecryptfs.c | |
166 | --- ecryptfs-utils-85/src/pam_ecryptfs/pam_ecryptfs.c.werror 2010-12-17 18:34:04.000000000 +0100 | |
167 | +++ ecryptfs-utils-85/src/pam_ecryptfs/pam_ecryptfs.c 2011-02-01 11:12:18.061664154 +0100 | |
168 | @@ -43,31 +43,6 @@ | |
169 | ||
170 | #define PRIVATE_DIR "Private" | |
171 | ||
172 | -static void error(const char *msg) | |
173 | -{ | |
174 | - syslog(LOG_ERR, "errno = [%i]; strerror = [%m]\n", errno); | |
175 | - switch (errno) { | |
176 | - case ENOKEY: | |
177 | - syslog(LOG_ERR, "%s: Requested key not available\n", msg); | |
178 | - return; | |
179 | - | |
180 | - case EKEYEXPIRED: | |
181 | - syslog(LOG_ERR, "%s: Key has expired\n", msg); | |
182 | - return; | |
183 | - | |
184 | - case EKEYREVOKED: | |
185 | - syslog(LOG_ERR, "%s: Key has been revoked\n", msg); | |
186 | - return; | |
187 | - | |
188 | - case EKEYREJECTED: | |
189 | - syslog(LOG_ERR, "%s: Key was rejected by service\n", msg); | |
190 | - return; | |
191 | - default: | |
192 | - syslog(LOG_ERR, "%s: Unknown key error\n", msg); | |
193 | - return; | |
194 | - } | |
195 | -} | |
196 | - | |
197 | /* returns: 0 for pam automounting not set, 1 for set, <0 for error */ | |
198 | static int ecryptfs_pam_automount_set(const char *homedir) | |
199 | { | |
200 | @@ -87,7 +62,7 @@ out: | |
201 | return rc; | |
202 | } | |
203 | ||
204 | -static int wrap_passphrase_if_necessary(char *username, uid_t uid, char *wrapped_pw_filename, char *passphrase, char *salt) | |
205 | +static int wrap_passphrase_if_necessary(const char *username, uid_t uid, char *wrapped_pw_filename, char *passphrase, char *salt) | |
206 | { | |
207 | char *unwrapped_pw_filename = NULL; | |
208 | struct stat s; | |
209 | @@ -198,8 +173,6 @@ PAM_EXTERN int pam_sm_authenticate(pam_h | |
210 | if ((argc == 1) | |
211 | && (memcmp(argv[0], "unwrap\0", 7) == 0)) { | |
212 | char *wrapped_pw_filename; | |
213 | - char *unwrapped_pw_filename; | |
214 | - struct stat s; | |
215 | ||
216 | rc = asprintf( | |
217 | &wrapped_pw_filename, "%s/.ecryptfs/%s", | |
218 | @@ -291,8 +264,6 @@ static int private_dir(pam_handle_t *pam | |
219 | char *autoumount = "auto-umount"; | |
220 | struct stat s; | |
221 | pid_t pid; | |
222 | - struct utmp *u; | |
223 | - int count = 0; | |
224 | ||
225 | if ((pwd = fetch_pwd(pamh)) == NULL) { | |
226 | /* fetch_pwd() logged a message */ | |
227 | @@ -339,7 +310,7 @@ static int private_dir(pam_handle_t *pam | |
228 | if (stat(recorded, &s) != 0 && stat("/usr/share/ecryptfs-utils/ecryptfs-record-passphrase", &s) == 0) { | |
229 | /* User has not recorded their passphrase */ | |
230 | unlink("/var/lib/update-notifier/user.d/ecryptfs-record-passphrase"); | |
231 | - symlink("/usr/share/ecryptfs-utils/ecryptfs-record-passphrase", "/var/lib/update-notifier/user.d/ecryptfs-record-passphrase"); | |
232 | + rc=symlink("/usr/share/ecryptfs-utils/ecryptfs-record-passphrase", "/var/lib/update-notifier/user.d/ecryptfs-record-passphrase"); | |
233 | fd = open("/var/lib/update-notifier/dpkg-run-stamp", O_WRONLY|O_CREAT|O_NONBLOCK, 0666); | |
234 | close(fd); | |
235 | } | |
236 | @@ -410,7 +381,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand | |
237 | char *old_passphrase = NULL; | |
238 | char *new_passphrase = NULL; | |
239 | char *wrapped_pw_filename; | |
240 | - char *name = NULL; | |
241 | +// char *name = NULL; | |
242 | char salt[ECRYPTFS_SALT_SIZE]; | |
243 | char salt_hex[ECRYPTFS_SALT_SIZE_HEX]; | |
244 | pid_t child_pid, tmp_pid; | |
245 | @@ -424,11 +395,11 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand | |
246 | if (pwd) { | |
247 | uid = pwd->pw_uid; | |
248 | homedir = pwd->pw_dir; | |
249 | - name = pwd->pw_name; | |
250 | +// name = pwd->pw_name; | |
251 | } | |
252 | } else { | |
253 | syslog(LOG_ERR, "Error getting passwd info for user [%s]; " | |
254 | - "rc = [%ld]\n", username, rc); | |
255 | + "rc = [%d]\n", username, rc); | |
256 | goto out; | |
257 | } | |
258 | saved_uid = geteuid(); | |
259 | diff -up ecryptfs-utils-85/src/utils/mount.ecryptfs.c.werror ecryptfs-utils-85/src/utils/mount.ecryptfs.c | |
260 | --- ecryptfs-utils-85/src/utils/mount.ecryptfs.c.werror 2010-12-17 18:34:04.000000000 +0100 | |
261 | +++ ecryptfs-utils-85/src/utils/mount.ecryptfs.c 2011-02-01 11:12:14.818646964 +0100 | |
262 | @@ -461,7 +461,7 @@ static int ecryptfs_do_mount(int argc, c | |
263 | { | |
264 | int rc; | |
265 | int flags = 0; | |
266 | - int num_opts = 0; | |
267 | +// int num_opts = 0; | |
268 | char *src = NULL, *targ = NULL, *opts = NULL, *new_opts = NULL, *temp; | |
269 | char *val; | |
270 | ||
271 | @@ -472,7 +472,7 @@ static int ecryptfs_do_mount(int argc, c | |
272 | rc = strip_userland_opts(opts); | |
273 | if (rc) | |
274 | goto out; | |
275 | - num_opts = ecryptfs_generate_mount_flags(opts, &flags); | |
276 | + ecryptfs_generate_mount_flags(opts, &flags); | |
277 | if (!(temp = strdup("ecryptfs_unlink_sigs"))) { | |
278 | rc = -ENOMEM; | |
279 | goto out; | |
280 | diff -up ecryptfs-utils-85/src/utils/test.c.werror ecryptfs-utils-85/src/utils/test.c | |
281 | --- ecryptfs-utils-85/src/utils/test.c.werror 2010-12-17 18:34:04.000000000 +0100 | |
282 | +++ ecryptfs-utils-85/src/utils/test.c 2011-02-01 11:12:14.818646964 +0100 | |
283 | @@ -281,7 +281,7 @@ int ecryptfs_encrypt_page(int page_cache | |
284 | struct inode *lower_inode; | |
285 | struct ecryptfs_crypt_stat *crypt_stat; | |
286 | int rc = 0; | |
287 | - int lower_byte_offset; | |
288 | + int lower_byte_offset = 0; | |
289 | int orig_byte_offset = 0; | |
290 | int num_extents_per_page; | |
291 | #define ECRYPTFS_PAGE_STATE_UNREAD 0 |