Clean up compiler warnings

ChangeLog

@@ -1,6 +1,7 @@
 # $Id$
 
 2008-09-30 Wichert Akkerman <[email protected]>
+	* Clean up compiler warnings (mostly signed/unsigned comparisons)
 	* Security: strncpy may not NUL-terminate strings, so enforce this
 	  ourselves.
 	* Make it possible to protect the status page

src/auth.c

@@ -60,7 +60,7 @@ extern long served_this_session;
 @todo This thread loops infinitely, need a watchdog to verify that it is still running?
 */  
 void
-thread_client_timeout_check(void *arg)
+thread_client_timeout_check(const void *arg)
 {
 	pthread_cond_t		cond = PTHREAD_COND_INITIALIZER;
 	pthread_mutex_t		cond_mutex = PTHREAD_MUTEX_INITIALIZER;

src/auth.h

@@ -56,6 +56,6 @@ typedef struct _t_authresponse {
 void authenticate_client(request *);
 
 /** @brief Periodically check if connections expired */
-void thread_client_timeout_check(void *arg);
+void thread_client_timeout_check(const void *arg);
 
 #endif

src/centralserver.c

@@ -62,10 +62,11 @@ extern pthread_mutex_t	config_mutex;
 @param outgoing Current counter of the client's total outgoing traffic, in bytes 
 */
 t_authcode
-auth_server_request(t_authresponse *authresponse, char *request_type, char *ip, char *mac, char *token, unsigned long long int incoming, unsigned long long int outgoing)
+auth_server_request(t_authresponse *authresponse, const char *request_type, const char *ip, const char *mac, const char *token, unsigned long long int incoming, unsigned long long int outgoing)
 {
 	int sockfd;
-	size_t	numbytes, totalbytes;
+	ssize_t	numbytes;
+	size_t totalbytes;
 	char buf[MAX_BUF];
 	char *tmp;
 	int done, nfds;

src/centralserver.h

@@ -46,7 +46,13 @@
 #define GATEWAY_MESSAGE_ACCOUNT_LOGGED_OUT     "logged-out"
 
 /** @brief Initiates a transaction with the auth server */
-t_authcode auth_server_request(t_authresponse *authresponse, char *request_type, char *ip, char *mac, char *token, unsigned long long int incoming, unsigned long long int outgoing);
+t_authcode auth_server_request(t_authresponse *authresponse,
+			const char *request_type,
+			const char *ip,
+			const char *mac,
+			const char *token,
+			unsigned long long int incoming,
+			unsigned long long int outgoing);
 
 /** @brief Tries really hard to connect to an auth server.  Returns a connected file descriptor or -1 on error */
 int connect_auth_server();

src/client_list.c

@@ -77,7 +77,7 @@ client_list_init(void)
  * @return Pointer to the client we just created
  */
 t_client         *
-client_list_append(char *ip, char *mac, char *token)
+client_list_append(const char *ip, const char *mac, const char *token)
 {
     t_client         *curclient, *prevclient;
 
@@ -117,7 +117,7 @@ client_list_append(char *ip, char *mac, char *token)
  * @return Pointer to the client, or NULL if not found
  */
 t_client         *
-client_list_find(char *ip, char *mac)
+client_list_find(const char *ip, const char *mac)
 {
     t_client         *ptr;
 
@@ -138,7 +138,7 @@ client_list_find(char *ip, char *mac)
  * @return Pointer to the client, or NULL if not found
  */
 t_client         *
-client_list_find_by_ip(char *ip)
+client_list_find_by_ip(const char *ip)
 {
     t_client         *ptr;
 
@@ -159,7 +159,7 @@ client_list_find_by_ip(char *ip)
  * @return Pointer to the client, or NULL if not found
  */
 t_client         *
-client_list_find_by_mac(char *mac)
+client_list_find_by_mac(const char *mac)
 {
     t_client         *ptr;
 
@@ -178,7 +178,7 @@ client_list_find_by_mac(char *mac)
  * @return Pointer to the client, or NULL if not found
  */
 t_client *
-client_list_find_by_token(char *token)
+client_list_find_by_token(const char *token)
 {
     t_client         *ptr;
 

src/client_list.h

@@ -61,20 +61,20 @@ t_client *client_get_first_client(void);
 void client_list_init(void);
 
 /** @brief Adds a new client to the connections list */
-t_client *client_list_append(char *ip, char *mac, char *token);
+t_client *client_list_append(const char *ip, const char *mac, const char *token);
 
 /** @brief Finds a client by its IP and MAC */
-t_client *client_list_find(char *ip, char *mac);
+t_client *client_list_find(const char *ip, const char *mac);
 
 /** @brief Finds a client only by its IP */
-t_client *client_list_find_by_ip(char *ip); /* needed by fw_iptables.c, auth.c 
+t_client *client_list_find_by_ip(const char *ip); /* needed by fw_iptables.c, auth.c 
 					     * and wdctl_thread.c */
 
 /** @brief Finds a client only by its Mac */
-t_client *client_list_find_by_mac(char *mac); /* needed by wdctl_thread.c */
+t_client *client_list_find_by_mac(const char *mac); /* needed by wdctl_thread.c */
 
 /** @brief Finds a client by its token */
-t_client *client_list_find_by_token(char *token);
+t_client *client_list_find_by_token(const char *token);
 
 /** @brief Deletes a client from the connections list */
 void client_list_delete(t_client *client);

src/conf.c

@@ -102,47 +102,46 @@ typedef enum {
 static const struct {
 	const char *name;
 	OpCodes opcode;
-	int required;
 } keywords[] = {
-	{ "daemon",             oDaemon },
-	{ "debuglevel",         oDebugLevel },
-	{ "externalinterface",  oExternalInterface },
-	{ "gatewayid",          oGatewayID },
-	{ "gatewayinterface",   oGatewayInterface },
-	{ "gatewayaddress",     oGatewayAddress },
-	{ "gatewayport",        oGatewayPort },
-	{ "authserver",         oAuthServer },
-	{ "httpdmaxconn",       oHTTPDMaxConn },
-	{ "httpdname",          oHTTPDName },
-	{ "httpdrealm",		oHTTPDRealm },
-	{ "httpdusername",	oHTTPDUsername },
-	{ "httpdpassword",	oHTTPDPassword },
-	{ "clienttimeout",      oClientTimeout },
-	{ "checkinterval",      oCheckInterval },
-	{ "syslogfacility", 	oSyslogFacility },
-	{ "wdctlsocket", 	    oWdctlSocket },
-	{ "hostname",		    oAuthServHostname },
-	{ "sslavailable",	    oAuthServSSLAvailable },
-	{ "sslport",		    oAuthServSSLPort },
-	{ "httpport",		    oAuthServHTTPPort },
-	{ "path",		        oAuthServPath },
+	{ "daemon",             	oDaemon },
+	{ "debuglevel",         	oDebugLevel },
+	{ "externalinterface",  	oExternalInterface },
+	{ "gatewayid",          	oGatewayID },
+	{ "gatewayinterface",   	oGatewayInterface },
+	{ "gatewayaddress",     	oGatewayAddress },
+	{ "gatewayport",        	oGatewayPort },
+	{ "authserver",         	oAuthServer },
+	{ "httpdmaxconn",       	oHTTPDMaxConn },
+	{ "httpdname",          	oHTTPDName },
+	{ "httpdrealm",			oHTTPDRealm },
+	{ "httpdusername",		oHTTPDUsername },
+	{ "httpdpassword",		oHTTPDPassword },
+	{ "clienttimeout",      	oClientTimeout },
+	{ "checkinterval",      	oCheckInterval },
+	{ "syslogfacility", 		oSyslogFacility },
+	{ "wdctlsocket",		oWdctlSocket },
+	{ "hostname",			oAuthServHostname },
+	{ "sslavailable",		oAuthServSSLAvailable },
+	{ "sslport",			oAuthServSSLPort },
+	{ "httpport",			oAuthServHTTPPort },
+	{ "path",			oAuthServPath },
 	{ "loginscriptpathfragment",	oAuthServLoginScriptPathFragment },
 	{ "portalscriptpathfragment",	oAuthServPortalScriptPathFragment },
-	{ "msgscriptpathfragment",		oAuthServMsgScriptPathFragment },
-	{ "pingscriptpathfragment",		oAuthServPingScriptPathFragment },
-	{ "authscriptpathfragment",		oAuthServAuthScriptPathFragment },
-	{ "firewallruleset",	oFirewallRuleSet },
-	{ "firewallrule",	    oFirewallRule },
-	{ "trustedmaclist",	    oTrustedMACList },
-        { "htmlmessagefile",    oHtmlMessageFile },
-	{ NULL,                 oBadOption },
+	{ "msgscriptpathfragment",	oAuthServMsgScriptPathFragment },
+	{ "pingscriptpathfragment",	oAuthServPingScriptPathFragment },
+	{ "authscriptpathfragment",	oAuthServAuthScriptPathFragment },
+	{ "firewallruleset",		oFirewallRuleSet },
+	{ "firewallrule",		oFirewallRule },
+	{ "trustedmaclist",		oTrustedMACList },
+        { "htmlmessagefile",		oHtmlMessageFile },
+	{ NULL,				oBadOption },
 };
 
-static void config_notnull(void *parm, char *parmname);
+static void config_notnull(const void *parm, const char *parmname);
 static int parse_boolean_value(char *);
-static void parse_auth_server(FILE *, char *, int *);
-static int _parse_firewall_rule(char *ruleset, char *leftover);
-static void parse_firewall_ruleset(char *, FILE *, char *, int *);
+static void parse_auth_server(FILE *, const char *, int *);
+static int _parse_firewall_rule(const char *ruleset, char *leftover);
+static void parse_firewall_ruleset(const char *, FILE *, const char *, int *);
 
 static OpCodes config_parse_token(const char *cp, const char *filename, int linenum);
 
@@ -215,7 +214,7 @@ config_parse_token(const char *cp, const char *filename, int linenum)
 Parses auth server information
 */
 static void
-parse_auth_server(FILE *file, char *filename, int *linenum)
+parse_auth_server(FILE *file, const char *filename, int *linenum)
 {
 	char		*host = NULL,
 			*path = NULL,
@@ -400,7 +399,7 @@ Advance to the next word
 Parses firewall rule set information
 */
 static void
-parse_firewall_ruleset(char *ruleset, FILE *file, char *filename, int *linenum)
+parse_firewall_ruleset(const char *ruleset, FILE *file, const char *filename, int *linenum)
 {
 	char		line[MAX_BUF],
 			*p1,
@@ -477,7 +476,7 @@ parse_firewall_ruleset(char *ruleset, FILE *file, char *filename, int *linenum)
 Helper for parse_firewall_ruleset.  Parses a single rule in a ruleset
 */
 static int
-_parse_firewall_rule(char *ruleset, char *leftover)
+_parse_firewall_rule(const char *ruleset, char *leftover)
 {
 	int i;
 	int block_allow = 0; /**< 0 == block, 1 == allow */
@@ -613,7 +612,7 @@ _parse_firewall_rule(char *ruleset, char *leftover)
 }
 
 t_firewall_rule *
-get_ruleset(char *ruleset)
+get_ruleset(const char *ruleset)
 {
 	t_firewall_ruleset	*tmp;
 
@@ -630,7 +629,7 @@ get_ruleset(char *ruleset)
 @param filename Full path of the configuration file to be read 
 */
 void
-config_read(char *filename)
+config_read(const char *filename)
 {
 	FILE *fd;
 	char line[MAX_BUF], *s, *p1, *p2;
@@ -829,7 +828,7 @@ void
 config_validate(void)
 {
 	config_notnull(config.gw_interface, "GatewayInterface");
-    config_notnull(config.auth_servers, "AuthServer");
+	config_notnull(config.auth_servers, "AuthServer");
 
 	if (missing_parms) {
 		debug(LOG_ERR, "Configuration is not complete, exiting...");
@@ -841,7 +840,7 @@ config_validate(void)
     Verifies that a required parameter is not a null pointer
 */
 static void
-config_notnull(void *parm, char *parmname)
+config_notnull(const void *parm, const char *parmname)
 {
 	if (parm == NULL) {
 		debug(LOG_ERR, "%s is not set", parmname);

src/conf.h

@@ -165,7 +165,7 @@ void config_init(void);
 void config_init_override(void);
 
 /** @brief Reads the configuration file */
-void config_read(char *filename);
+void config_read(const char *filename);
 
 /** @brief Check that the configuration is valid */
 void config_validate(void);
@@ -177,7 +177,7 @@ t_auth_serv *get_auth_server(void);
 void mark_auth_server_bad(t_auth_serv *);
 
 /** @brief Fetch a firewall rule set. */
-t_firewall_rule *get_ruleset(char *);
+t_firewall_rule *get_ruleset(const char *);
 
 void parse_trusted_mac_list(char *);
 

src/fw_iptables.c

@@ -48,9 +48,9 @@
 #include "util.h"
 #include "client_list.h"
 
-static int iptables_do_command(char *format, ...);
-static char *iptables_compile(char *, char *, t_firewall_rule *);
-static void iptables_load_ruleset(char *, char *, char *);
+static int iptables_do_command(const char *format, ...);
+static char *iptables_compile(const char *, const char *, const t_firewall_rule *);
+static void iptables_load_ruleset(const char *, const char *, const char *);
 
 extern pthread_mutex_t	client_list_mutex;
 extern pthread_mutex_t	config_mutex;
@@ -62,7 +62,7 @@ static int fw_quiet = 0;
 /** @internal 
  * */
 static int
-iptables_do_command(char *format, ...)
+iptables_do_command(const char *format, ...)
 {
     va_list vlist;
     char *fmt_cmd,
@@ -81,6 +81,9 @@ iptables_do_command(char *format, ...)
 
     rc = execute(cmd, fw_quiet);
 
+    if (rc!=0)
+        debug(LOG_ERR, "iptables comand tailed: %s", cmd);
+
     free(cmd);
 
     return rc;
@@ -95,7 +98,7 @@ iptables_do_command(char *format, ...)
  * @arg rule Definition of a rule into a struct, from conf.c.
  */
 static char *
-iptables_compile(char * table, char *chain, t_firewall_rule *rule)
+iptables_compile(const char * table, const char *chain, const t_firewall_rule *rule)
 {
     char	command[MAX_BUF],
     		*mode;
@@ -139,7 +142,7 @@ iptables_compile(char * table, char *chain, t_firewall_rule *rule)
  * @arg chain IPTables chain the rules go into
  */
 static void
-iptables_load_ruleset(char * table, char *ruleset, char *chain)
+iptables_load_ruleset(const char * table, const char *ruleset, const char *chain)
 {
 	t_firewall_rule		*rule;
 	char			*cmd;
@@ -166,7 +169,7 @@ iptables_fw_clear_authservers(void)
 void
 iptables_fw_set_authservers(void)
 {
-    s_config *config;
+    const s_config *config;
     t_auth_serv *auth_server;
 
     config = config_get_config();
@@ -185,14 +188,14 @@ iptables_fw_set_authservers(void)
 int
 iptables_fw_init(void)
 {
-    s_config *config;
-	 char * gw_interface = NULL;
-	 char * gw_address = NULL;
-	 char * ext_interface = NULL;
-	 int gw_port = 0;
-     t_trusted_mac *p;
+	const s_config *config;
+	char * gw_interface = NULL;
+	char * gw_address = NULL;
+	char * ext_interface = NULL;
+	int gw_port = 0;
+	t_trusted_mac *p;
 
-    fw_quiet = 0;
+	fw_quiet = 0;
 
 	 LOCK_CONFIG();
     config = config_get_config();
@@ -399,9 +402,9 @@ iptables_fw_destroy(void)
  */
 int
 iptables_fw_destroy_mention(
-		char * table,
-		char * chain,
-		char * mention
+		const char * table,
+		const char * chain,
+		const char * mention
 ) {
 	FILE *p = NULL;
 	char *command = NULL;
@@ -450,7 +453,7 @@ iptables_fw_destroy_mention(
 
 /** Set if a specific client has access through the firewall */
 int
-iptables_fw_access(fw_access_t type, char *ip, char *mac, int tag)
+iptables_fw_access(fw_access_t type, const char *ip, const char *mac, int tag)
 {
     int rc;