diff -up ecryptfs-utils-84/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror ecryptfs-utils-84/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c
--- ecryptfs-utils-84/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror 2010-12-17 18:34:04.000000000 +0100
+++ ecryptfs-utils-84/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c 2011-01-04 14:15:47.117777798 +0100
@@ -86,7 +86,7 @@ static int ecryptfs_pkcs11h_deserialize(
pkcs11h_data->serialized_id = NULL;
}
else {
- pkcs11h_data->serialized_id = blob + i;
+ pkcs11h_data->serialized_id = (char *)blob + i;
i += serialized_id_length;
}
pkcs11h_data->certificate_blob_size = blob[i++] % 256;
@@ -104,12 +104,11 @@ static int ecryptfs_pkcs11h_deserialize(
pkcs11h_data->passphrase = NULL;
}
else {
- pkcs11h_data->passphrase = blob + i;
+ pkcs11h_data->passphrase = (char *)blob + i;
i += passphrase_length;
}
rc = 0;
-out:
return rc;
}
@@ -346,14 +345,14 @@ static int ecryptfs_pkcs11h_get_key_sig(
data[i++] = '\02';
data[i++] = (char)(nbits >> 8);
data[i++] = (char)nbits;
- BN_bn2bin(rsa->n, &(data[i]));
+ BN_bn2bin(rsa->n, (unsigned char *)&(data[i]));
i += nbytes;
data[i++] = (char)(ebits >> 8);
data[i++] = (char)ebits;
- BN_bn2bin(rsa->e, &(data[i]));
+ BN_bn2bin(rsa->e, (unsigned char *)&(data[i]));
i += ebytes;
- SHA1(data, len + 3, hash);
- to_hex(sig, hash, ECRYPTFS_SIG_SIZE);
+ SHA1((unsigned char *)data, len + 3, (unsigned char *)hash);
+ to_hex((char *)sig, hash, ECRYPTFS_SIG_SIZE);
sig[ECRYPTFS_SIG_SIZE_HEX] = '\0';
rc = 0;
@@ -411,8 +410,8 @@ static int ecryptfs_pkcs11h_encrypt(char
if (
(rc = RSA_public_encrypt(
from_size,
- from,
- to,
+ (unsigned char *)from,
+ (unsigned char *)to,
rsa,
RSA_PKCS1_PADDING
)) == -1
@@ -506,9 +505,9 @@ static int ecryptfs_pkcs11h_decrypt(char
(rv = pkcs11h_certificate_decryptAny (
certificate,
CKM_RSA_PKCS,
- from,
+ (unsigned char *)from,
from_size,
- to,
+ (unsigned char *)to,
to_size
)) != CKR_OK
) {
@@ -534,9 +533,9 @@ static int ecryptfs_pkcs11h_decrypt(char
pkcs11h_certificate_decryptAny (
certificate,
CKM_RSA_PKCS,
- from,
+ (unsigned char *)from,
from_size,
- tmp,
+ (unsigned char *)tmp,
to_size
);
@@ -851,7 +850,7 @@ static int ecryptfs_pkcs11h_process_key(
rc = MOUNT_ERROR;
goto out;
}
- if ((rc = ecryptfs_pkcs11h_serialize(subgraph_key_ctx->key_mod->blob,
+ if ((rc = ecryptfs_pkcs11h_serialize((unsigned char *)subgraph_key_ctx->key_mod->blob,
&subgraph_key_ctx->key_mod->blob_size,
pkcs11h_data))) {
syslog(LOG_ERR, "PKCS#11: Error serializing pkcs11; rc=[%d]\n", rc);
@@ -930,7 +929,7 @@ static int tf_pkcs11h_global_loglevel(st
rc = DEFAULT_TOK;
node->val = NULL;
-out:
+// out:
return rc;
}
@@ -943,7 +942,7 @@ static int tf_pkcs11h_global_pincache(st
rc = DEFAULT_TOK;
node->val = NULL;
-out:
+// out:
return rc;
}
@@ -1013,7 +1012,7 @@ static int tf_pkcs11h_provider_prot_auth
sscanf (node->val, "%x", &subgraph_provider_ctx->allow_protected_authentication);
rc = DEFAULT_TOK;
node->val = NULL;
-out:
+
return rc;
}
@@ -1027,7 +1026,7 @@ static int tf_pkcs11h_provider_cert_priv
sscanf (node->val, "%x", &subgraph_provider_ctx->certificate_is_private);
rc = DEFAULT_TOK;
node->val = NULL;
-out:
+
return rc;
}
@@ -1042,7 +1041,7 @@ static int tf_pkcs11h_provider_private_m
rc = DEFAULT_TOK;
node->val = NULL;
-out:
+
return rc;
}
@@ -1073,7 +1072,7 @@ static int tf_pkcs11h_provider_end(struc
free(subgraph_provider_ctx);
*foo = NULL;
rc = DEFAULT_TOK;
-out:
+
return rc;
}
@@ -1120,7 +1119,7 @@ static int tf_pkcs11h_key_x509file(struc
X509 *x509 = NULL;
unsigned char *p = NULL;
FILE *fp = NULL;
- int rc;
+ int rc = 0;
subgraph_key_ctx = (struct pkcs11h_subgraph_key_ctx *)(*foo);
diff -up ecryptfs-utils-84/src/libecryptfs/ecryptfs-stat.c.werror ecryptfs-utils-84/src/libecryptfs/ecryptfs-stat.c
--- ecryptfs-utils-84/src/libecryptfs/ecryptfs-stat.c.werror 2010-12-17 18:34:04.000000000 +0100
+++ ecryptfs-utils-84/src/libecryptfs/ecryptfs-stat.c 2011-01-04 14:13:41.746022440 +0100
@@ -146,7 +146,7 @@ int ecryptfs_parse_stat(struct ecryptfs_
if (buf_size < (ECRYPTFS_FILE_SIZE_BYTES
+ MAGIC_ECRYPTFS_MARKER_SIZE_BYTES
+ 4)) {
- printf("%s: Invalid metadata size; must have at least [%lu] "
+ printf("%s: Invalid metadata size; must have at least [%zu] "
"bytes; there are only [%zu] bytes\n", __FUNCTION__,
(ECRYPTFS_FILE_SIZE_BYTES
+ MAGIC_ECRYPTFS_MARKER_SIZE_BYTES
diff -up ecryptfs-utils-84/src/pam_ecryptfs/pam_ecryptfs.c.werror ecryptfs-utils-84/src/pam_ecryptfs/pam_ecryptfs.c
--- ecryptfs-utils-84/src/pam_ecryptfs/pam_ecryptfs.c.werror 2010-12-17 18:34:04.000000000 +0100
+++ ecryptfs-utils-84/src/pam_ecryptfs/pam_ecryptfs.c 2011-01-04 14:13:41.747022438 +0100
@@ -43,31 +43,6 @@
#define PRIVATE_DIR "Private"
-static void error(const char *msg)
-{
- syslog(LOG_ERR, "errno = [%i]; strerror = [%m]\n", errno);
- switch (errno) {
- case ENOKEY:
- syslog(LOG_ERR, "%s: Requested key not available\n", msg);
- return;
-
- case EKEYEXPIRED:
- syslog(LOG_ERR, "%s: Key has expired\n", msg);
- return;
-
- case EKEYREVOKED:
- syslog(LOG_ERR, "%s: Key has been revoked\n", msg);
- return;
-
- case EKEYREJECTED:
- syslog(LOG_ERR, "%s: Key was rejected by service\n", msg);
- return;
- default:
- syslog(LOG_ERR, "%s: Unknown key error\n", msg);
- return;
- }
-}
-
/* returns: 0 for pam automounting not set, 1 for set, <0 for error */
static int ecryptfs_pam_automount_set(const char *homedir)
{
@@ -87,7 +62,7 @@ out:
return rc;
}
-static int wrap_passphrase_if_necessary(char *username, uid_t uid, char *wrapped_pw_filename, char *passphrase, char *salt)
+static int wrap_passphrase_if_necessary(const char *username, uid_t uid, char *wrapped_pw_filename, char *passphrase, char *salt)
{
char *unwrapped_pw_filename = NULL;
struct stat s;
@@ -198,8 +173,6 @@ PAM_EXTERN int pam_sm_authenticate(pam_h
if ((argc == 1)
&& (memcmp(argv[0], "unwrap\0", 7) == 0)) {
char *wrapped_pw_filename;
- char *unwrapped_pw_filename;
- struct stat s;
rc = asprintf(
&wrapped_pw_filename, "%s/.ecryptfs/%s",
@@ -291,8 +264,6 @@ static int private_dir(pam_handle_t *pam
char *autoumount = "auto-umount";
struct stat s;
pid_t pid;
- struct utmp *u;
- int count = 0;
if ((pwd = fetch_pwd(pamh)) == NULL) {
/* fetch_pwd() logged a message */
@@ -339,7 +310,7 @@ static int private_dir(pam_handle_t *pam
if (stat(recorded, &s) != 0 && stat("/usr/share/ecryptfs-utils/ecryptfs-record-passphrase", &s) == 0) {
/* User has not recorded their passphrase */
unlink("/var/lib/update-notifier/user.d/ecryptfs-record-passphrase");
- symlink("/usr/share/ecryptfs-utils/ecryptfs-record-passphrase", "/var/lib/update-notifier/user.d/ecryptfs-record-passphrase");
+ rc=symlink("/usr/share/ecryptfs-utils/ecryptfs-record-passphrase", "/var/lib/update-notifier/user.d/ecryptfs-record-passphrase");
fd = open("/var/lib/update-notifier/dpkg-run-stamp", O_WRONLY|O_CREAT|O_NONBLOCK, 0666);
close(fd);
}
@@ -428,7 +399,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand
}
} else {
syslog(LOG_ERR, "Error getting passwd info for user [%s]; "
- "rc = [%ld]\n", username, rc);
+ "rc = [%d]\n", username, rc);
goto out;
}
saved_uid = geteuid();
diff -up ecryptfs-utils-84/src/utils/test.c.werror ecryptfs-utils-84/src/utils/test.c
--- ecryptfs-utils-84/src/utils/test.c.werror 2010-12-17 18:34:04.000000000 +0100
+++ ecryptfs-utils-84/src/utils/test.c 2011-01-04 14:13:41.750022429 +0100
@@ -281,7 +281,7 @@ int ecryptfs_encrypt_page(int page_cache
struct inode *lower_inode;
struct ecryptfs_crypt_stat *crypt_stat;
int rc = 0;
- int lower_byte_offset;
+ int lower_byte_offset = 0;
int orig_byte_offset = 0;
int num_extents_per_page;
#define ECRYPTFS_PAGE_STATE_UNREAD 0