X-Git-Url: http://pileus.org/git/?a=blobdiff_plain;f=kerberos.c;h=141c9e3a390fee3776c0a50e64f1a6ceb3bb075f;hb=91644ff0b2e6eb3b26c5544a4a769ca4aaf08a14;hp=3254873de853113839cd66db9eba97cd4aa6431f;hpb=45bcf00ee95d474f989d5594da378116d63702be;p=~andy%2Ffetchmail diff --git a/kerberos.c b/kerberos.c index 3254873d..141c9e3a 100644 --- a/kerberos.c +++ b/kerberos.c @@ -32,7 +32,7 @@ typedef long int32; #error Cannot deduce a 32-bit-type #endif -int do_rfc1731(int sock, char *command, char *truename) +int do_rfc1731(int sock, const char *command, const char *truename) /* authenticate as per RFC1731 -- note 32-bit integer requirement here */ { int result = 0, len; @@ -65,7 +65,7 @@ int do_rfc1731(int sock, char *command, char *truename) * in network byte order. */ - if (result = gen_recv(sock, buf1, sizeof buf1)) { + if ((result = gen_recv(sock, buf1, sizeof buf1)) != 0) { return result; } @@ -96,14 +96,14 @@ int do_rfc1731(int sock, char *command, char *truename) strncpy(srvinst, truename, (sizeof srvinst)-1); srvinst[(sizeof srvinst)-1] = '\0'; for (p = srvinst; *p; p++) { - if (isupper(*p)) { - *p = tolower(*p); + if (isupper((unsigned char)*p)) { + *p = tolower((unsigned char)*p); } } strncpy(srvrealm, (char *)krb_realmofhost(srvinst), (sizeof srvrealm)-1); srvrealm[(sizeof srvrealm)-1] = '\0'; - if (p = strchr(srvinst, '.')) { + if ((p = strchr(srvinst, '.')) != NULL) { *p = '\0'; } @@ -121,7 +121,7 @@ int do_rfc1731(int sock, char *command, char *truename) memcpy(session, credentials.session, sizeof session); memset(&credentials, 0, sizeof credentials); - des_key_sched(session, schedule); + des_key_sched(&session, schedule); result = krb_get_tf_fullname(TKT_FILE, tktuser, tktinst, tktrealm); if (result) { @@ -146,13 +146,13 @@ int do_rfc1731(int sock, char *command, char *truename) report(stderr, GT_("non-null instance (%s) might cause strange behavior\n"), tktinst); - strcat(tktuser, "."); - strcat(tktuser, tktinst); + strlcat(tktuser, ".", sizeof(tktuser)); + strlcat(tktuser, tktinst, sizeof(tktuser)); } if (strcmp(tktrealm, srvrealm) != 0) { - strcat(tktuser, "@"); - strcat(tktuser, tktrealm); + strlcat(tktuser, "@", sizeof(tktuser)); + strlcat(tktuser, tktrealm, sizeof(tktuser)); } result = krb_mk_req(&authenticator, "imap", srvinst, srvrealm, @@ -186,7 +186,7 @@ int do_rfc1731(int sock, char *command, char *truename) * checksum it previously sent. */ - if (result = gen_recv(sock, buf1, sizeof buf1)) + if ((result = gen_recv(sock, buf1, sizeof buf1)) != 0) return result; /* The client must construct data with the first four octets @@ -216,7 +216,7 @@ int do_rfc1731(int sock, char *command, char *truename) des_ecb_encrypt((des_cblock *)buf2, (des_cblock *)buf2, schedule, 0); memcpy(challenge2.cstr, buf2, 4); - if (ntohl(challenge2.cint) != challenge1.cint + 1) { + if ((int32)ntohl(challenge2.cint) != challenge1.cint + 1) { report(stderr, GT_("challenge mismatch\n")); return PS_AUTHFAIL; } @@ -236,20 +236,20 @@ int do_rfc1731(int sock, char *command, char *truename) authenticator.dat[4] = 1; len = strlen(tktuser); - strncpy(authenticator.dat+8, tktuser, len); + strncpy((char *)authenticator.dat+8, tktuser, len); authenticator.length = len + 8 + 1; while (authenticator.length & 7) { authenticator.length++; } - des_pcbc_encrypt((des_cblock *)authenticator.dat, - (des_cblock *)authenticator.dat, authenticator.length, schedule, + des_pcbc_encrypt((const unsigned char *)authenticator.dat, + (unsigned char *)authenticator.dat, authenticator.length, schedule, &session, 1); to64frombits(buf1, authenticator.dat, authenticator.length); /* ship down the response, accept the server's error/ok indication */ suppress_tags = TRUE; - result = gen_transact(sock, buf1, strlen(buf1)); + result = gen_transact(sock, "%s", buf1); suppress_tags = FALSE; if (result) return(result);