diff --git a/include/libssh/bind.h b/include/libssh/bind.h index 86f4d03a..c0439d2c 100644 --- a/include/libssh/bind.h +++ b/include/libssh/bind.h @@ -51,7 +51,7 @@ struct ssh_bind_struct { char *config_dir; char *pubkey_accepted_key_types; char* moduli_file; - unsigned int rsa_min_size; + int rsa_min_size; }; struct ssh_poll_handle_struct *ssh_bind_get_poll(struct ssh_bind_struct diff --git a/include/libssh/buffer.h b/include/libssh/buffer.h index cd2dea6a..a55a1b40 100644 --- a/include/libssh/buffer.h +++ b/include/libssh/buffer.h @@ -63,9 +63,9 @@ int ssh_buffer_prepend_data(ssh_buffer buffer, const void *data, uint32_t len); int ssh_buffer_add_buffer(ssh_buffer buffer, ssh_buffer source); /* buffer_read_*() returns the number of bytes read, except for ssh strings */ -int ssh_buffer_get_u8(ssh_buffer buffer, uint8_t *data); -int ssh_buffer_get_u32(ssh_buffer buffer, uint32_t *data); -int ssh_buffer_get_u64(ssh_buffer buffer, uint64_t *data); +uint32_t ssh_buffer_get_u8(ssh_buffer buffer, uint8_t *data); +uint32_t ssh_buffer_get_u32(ssh_buffer buffer, uint32_t *data); +uint32_t ssh_buffer_get_u64(ssh_buffer buffer, uint64_t *data); /* ssh_buffer_get_ssh_string() is an exception. if the String read is too large or invalid, it will answer NULL. */ ssh_string ssh_buffer_get_ssh_string(ssh_buffer buffer); diff --git a/include/libssh/callbacks.h b/include/libssh/callbacks.h index f0948025..4e6819db 100644 --- a/include/libssh/callbacks.h +++ b/include/libssh/callbacks.h @@ -56,7 +56,7 @@ typedef void (*ssh_callback_int) (int code, void *user); * @returns number of bytes processed by the callee. The remaining bytes will * be sent in the next callback message, when more data is available. */ -typedef int (*ssh_callback_data) (const void *data, size_t len, void *user); +typedef ssize_t (*ssh_callback_data) (const void *data, size_t len, void *user); typedef void (*ssh_callback_int_int) (int code, int errno_code, void *user); @@ -777,7 +777,7 @@ typedef int (*ssh_channel_subsystem_request_callback) (ssh_session session, */ typedef int (*ssh_channel_write_wontblock_callback) (ssh_session session, ssh_channel channel, - size_t bytes, + uint32_t bytes, void *userdata); struct ssh_channel_callbacks_struct { diff --git a/include/libssh/channels.h b/include/libssh/channels.h index bbabcfd1..ce8540ae 100644 --- a/include/libssh/channels.h +++ b/include/libssh/channels.h @@ -98,7 +98,7 @@ SSH_PACKET_CALLBACK(channel_rcv_request); SSH_PACKET_CALLBACK(channel_rcv_data); int channel_default_bufferize(ssh_channel channel, - void *data, size_t len, + void *data, uint32_t len, bool is_stderr); int ssh_channel_flush(ssh_channel channel); uint32_t ssh_channel_new_id(ssh_session session); diff --git a/include/libssh/misc.h b/include/libssh/misc.h index 5044817a..569e2b7d 100644 --- a/include/libssh/misc.h +++ b/include/libssh/misc.h @@ -81,7 +81,7 @@ const void *_ssh_list_pop_head(struct ssh_list *list); #define ssh_list_pop_head(type, ssh_list)\ ((type)_ssh_list_pop_head(ssh_list)) -int ssh_make_milliseconds(long sec, long usec); +int ssh_make_milliseconds(unsigned long sec, unsigned long usec); void ssh_timestamp_init(struct ssh_timestamp *ts); int ssh_timeout_elapsed(struct ssh_timestamp *ts, int timeout); int ssh_timeout_update(struct ssh_timestamp *ts, int timeout); diff --git a/include/libssh/packet.h b/include/libssh/packet.h index 561bba8e..1fe5f321 100644 --- a/include/libssh/packet.h +++ b/include/libssh/packet.h @@ -67,7 +67,7 @@ int ssh_packet_send_unimplemented(ssh_session session, uint32_t seqnum); int ssh_packet_parse_type(ssh_session session); //int packet_flush(ssh_session session, int enforce_blocking); -int ssh_packet_socket_callback(const void *data, size_t len, void *user); +ssize_t ssh_packet_socket_callback(const void *data, size_t len, void *user); void ssh_packet_register_socket_callback(ssh_session session, struct ssh_socket_struct *s); void ssh_packet_set_callbacks(ssh_session session, ssh_packet_callbacks callbacks); void ssh_packet_remove_callbacks(ssh_session session, ssh_packet_callbacks callbacks); diff --git a/include/libssh/priv.h b/include/libssh/priv.h index b4729bb8..1d341d4e 100644 --- a/include/libssh/priv.h +++ b/include/libssh/priv.h @@ -299,7 +299,7 @@ int decompress_buffer(ssh_session session,ssh_buffer buf, size_t maxlen); /* match.c */ int match_pattern_list(const char *string, const char *pattern, - unsigned int len, int dolower); + size_t len, int dolower); int match_hostname(const char *host, const char *pattern, unsigned int len); /* connector.c */ diff --git a/include/libssh/session.h b/include/libssh/session.h index ba3baefc..ad17cdf6 100644 --- a/include/libssh/session.h +++ b/include/libssh/session.h @@ -173,7 +173,7 @@ struct ssh_session_struct { struct ssh_crypto_struct *next_crypto; /* next_crypto is going to be used after a SSH2_MSG_NEWKEYS */ struct ssh_list *channels; /* linked list of channels */ - int maxchannel; + uint32_t maxchannel; ssh_agent agent; /* ssh agent */ /* keyb interactive data */ @@ -233,7 +233,7 @@ struct ssh_session_struct { uint8_t options_seen[SOC_MAX]; uint64_t rekey_data; uint32_t rekey_time; - unsigned int rsa_min_size; + int rsa_min_size; } opts; /* counters */ ssh_counter socket_counter; @@ -248,7 +248,7 @@ struct ssh_session_struct { typedef int (*ssh_termination_function)(void *user); int ssh_handle_packets(ssh_session session, int timeout); int ssh_handle_packets_termination(ssh_session session, - long timeout, + int timeout, ssh_termination_function fct, void *user); void ssh_socket_exception_callback(int code, int errno_code, void *user); diff --git a/include/libssh/sftp_priv.h b/include/libssh/sftp_priv.h index 83925191..ccde008a 100644 --- a/include/libssh/sftp_priv.h +++ b/include/libssh/sftp_priv.h @@ -22,7 +22,7 @@ #define SFTP_PRIV_H sftp_packet sftp_packet_read(sftp_session sftp); -ssize_t sftp_packet_write(sftp_session sftp, uint8_t type, ssh_buffer payload); +int sftp_packet_write(sftp_session sftp, uint8_t type, ssh_buffer payload); void sftp_packet_free(sftp_packet packet); int buffer_add_attributes(ssh_buffer buffer, sftp_attributes attr); sftp_attributes sftp_parse_attr(sftp_session session, diff --git a/include/libssh/socket.h b/include/libssh/socket.h index 5e345c68..32f51580 100644 --- a/include/libssh/socket.h +++ b/include/libssh/socket.h @@ -41,7 +41,7 @@ void ssh_execute_command(const char *command, socket_t in, socket_t out); int ssh_socket_connect_proxycommand(ssh_socket s, const char *command); #endif void ssh_socket_close(ssh_socket s); -int ssh_socket_write(ssh_socket s,const void *buffer, int len); +int ssh_socket_write(ssh_socket s,const void *buffer, uint32_t len); int ssh_socket_is_open(ssh_socket s); int ssh_socket_fd_isset(ssh_socket s, fd_set *set); void ssh_socket_fd_set(ssh_socket s, fd_set *set, socket_t *max_fd); diff --git a/include/libssh/wrapper.h b/include/libssh/wrapper.h index df6544ee..ce5263ba 100644 --- a/include/libssh/wrapper.h +++ b/include/libssh/wrapper.h @@ -68,36 +68,36 @@ struct ssh_crypto_struct; typedef struct ssh_mac_ctx_struct *ssh_mac_ctx; MD5CTX md5_init(void); -void md5_update(MD5CTX c, const void *data, unsigned long len); +void md5_update(MD5CTX c, const void *data, size_t len); void md5_final(unsigned char *md,MD5CTX c); SHACTX sha1_init(void); -void sha1_update(SHACTX c, const void *data, unsigned long len); +void sha1_update(SHACTX c, const void *data, size_t len); void sha1_final(unsigned char *md,SHACTX c); -void sha1(const unsigned char *digest,int len,unsigned char *hash); +void sha1(const unsigned char *digest,size_t len,unsigned char *hash); SHA256CTX sha256_init(void); -void sha256_update(SHA256CTX c, const void *data, unsigned long len); +void sha256_update(SHA256CTX c, const void *data, size_t len); void sha256_final(unsigned char *md,SHA256CTX c); -void sha256(const unsigned char *digest, int len, unsigned char *hash); +void sha256(const unsigned char *digest, size_t len, unsigned char *hash); SHA384CTX sha384_init(void); -void sha384_update(SHA384CTX c, const void *data, unsigned long len); +void sha384_update(SHA384CTX c, const void *data, size_t len); void sha384_final(unsigned char *md,SHA384CTX c); -void sha384(const unsigned char *digest, int len, unsigned char *hash); +void sha384(const unsigned char *digest, size_t len, unsigned char *hash); SHA512CTX sha512_init(void); -void sha512_update(SHA512CTX c, const void *data, unsigned long len); +void sha512_update(SHA512CTX c, const void *data, size_t len); void sha512_final(unsigned char *md,SHA512CTX c); -void sha512(const unsigned char *digest, int len, unsigned char *hash); +void sha512(const unsigned char *digest, size_t len, unsigned char *hash); -void evp(int nid, unsigned char *digest, int len, unsigned char *hash, unsigned int *hlen); +void evp(int nid, unsigned char *digest, size_t len, unsigned char *hash, unsigned int *hlen); EVPCTX evp_init(int nid); -void evp_update(EVPCTX ctx, const void *data, unsigned long len); +void evp_update(EVPCTX ctx, const void *data, size_t len); void evp_final(EVPCTX ctx, unsigned char *md, unsigned int *mdlen); -HMACCTX hmac_init(const void *key,int len, enum ssh_hmac_e type); -void hmac_update(HMACCTX c, const void *data, unsigned long len); +HMACCTX hmac_init(const void *key, size_t len, enum ssh_hmac_e type); +void hmac_update(HMACCTX c, const void *data, size_t len); void hmac_final(HMACCTX ctx,unsigned char *hashmacbuf,unsigned int *len); size_t hmac_digest_len(enum ssh_hmac_e type); diff --git a/src/agent.c b/src/agent.c index 5c1da819..8cbb02fc 100644 --- a/src/agent.c +++ b/src/agent.c @@ -63,9 +63,9 @@ (((x) == SSH_AGENT_FAILURE) || ((x) == SSH_COM_AGENT2_FAILURE) || \ ((x) == SSH2_AGENT_FAILURE)) -static size_t atomicio(struct ssh_agent_struct *agent, void *buf, size_t n, int do_read) { +static uint32_t atomicio(struct ssh_agent_struct *agent, void *buf, uint32_t n, int do_read) { char *b = buf; - size_t pos = 0; + uint32_t pos = 0; ssize_t res; ssh_pollfd_t pfd; ssh_channel channel = agent->channel; @@ -102,7 +102,7 @@ static size_t atomicio(struct ssh_agent_struct *agent, void *buf, size_t n, int errno = do_read ? 0 : EPIPE; return pos; default: - pos += (size_t) res; + pos += (uint32_t) res; } } return pos; @@ -117,7 +117,7 @@ static size_t atomicio(struct ssh_agent_struct *agent, void *buf, size_t n, int continue; if (res == SSH_ERROR) return 0; - pos += (size_t)res; + pos += (uint32_t)res; } return pos; } @@ -311,7 +311,7 @@ uint32_t ssh_agent_get_ident_count(struct ssh_session_struct *session) ssh_buffer reply = NULL; unsigned int type = 0; uint32_t count = 0; - int rc; + uint32_t rc; /* send message to the agent requesting the list of identities */ request = ssh_buffer_new(); diff --git a/src/buffer.c b/src/buffer.c index 432194e8..e0068015 100644 --- a/src/buffer.c +++ b/src/buffer.c @@ -46,9 +46,9 @@ */ struct ssh_buffer_struct { bool secure; - size_t used; - size_t allocated; - size_t pos; + uint32_t used; + uint32_t allocated; + uint32_t pos; uint8_t *data; }; @@ -83,21 +83,21 @@ static void buffer_verify(ssh_buffer buf) if (buf->used > buf->allocated) { fprintf(stderr, - "BUFFER ERROR: allocated %zu, used %zu\n", + "BUFFER ERROR: allocated %u, used %u\n", buf->allocated, buf->used); do_abort = true; } if (buf->pos > buf->used) { fprintf(stderr, - "BUFFER ERROR: position %zu, used %zu\n", + "BUFFER ERROR: position %u, used %u\n", buf->pos, buf->used); do_abort = true; } if (buf->pos > buf->allocated) { fprintf(stderr, - "BUFFER ERROR: position %zu, allocated %zu\n", + "BUFFER ERROR: position %u, allocated %u\n", buf->pos, buf->allocated); do_abort = true; @@ -178,9 +178,9 @@ void ssh_buffer_set_secure(ssh_buffer buffer) buffer->secure = true; } -static int realloc_buffer(struct ssh_buffer_struct *buffer, size_t needed) +static int realloc_buffer(struct ssh_buffer_struct *buffer, uint32_t needed) { - size_t smallest = 1; + uint32_t smallest = 1; uint8_t *new = NULL; buffer_verify(buffer); @@ -702,7 +702,7 @@ uint32_t ssh_buffer_get_data(struct ssh_buffer_struct *buffer, void *data, uint3 * * @returns 0 if there is not enough data in buffer, 1 otherwise. */ -int ssh_buffer_get_u8(struct ssh_buffer_struct *buffer, uint8_t *data){ +uint32_t ssh_buffer_get_u8(struct ssh_buffer_struct *buffer, uint8_t *data){ return ssh_buffer_get_data(buffer,data,sizeof(uint8_t)); } @@ -717,7 +717,7 @@ int ssh_buffer_get_u8(struct ssh_buffer_struct *buffer, uint8_t *data){ * * @returns 0 if there is not enough data in buffer, 4 otherwise. */ -int ssh_buffer_get_u32(struct ssh_buffer_struct *buffer, uint32_t *data){ +uint32_t ssh_buffer_get_u32(struct ssh_buffer_struct *buffer, uint32_t *data){ return ssh_buffer_get_data(buffer,data,sizeof(uint32_t)); } /** @@ -732,7 +732,7 @@ int ssh_buffer_get_u32(struct ssh_buffer_struct *buffer, uint32_t *data){ * * @returns 0 if there is not enough data in buffer, 8 otherwise. */ -int ssh_buffer_get_u64(struct ssh_buffer_struct *buffer, uint64_t *data){ +uint32_t ssh_buffer_get_u64(struct ssh_buffer_struct *buffer, uint64_t *data){ return ssh_buffer_get_data(buffer,data,sizeof(uint64_t)); } @@ -900,7 +900,7 @@ static int ssh_buffer_pack_allocate_va(struct ssh_buffer_struct *buffer, } } - rc = ssh_buffer_allocate_size(buffer, needed_size); + rc = ssh_buffer_allocate_size(buffer, (uint32_t)needed_size); if (rc != 0) { return SSH_ERROR; } @@ -1102,7 +1102,8 @@ int ssh_buffer_unpack_va(struct ssh_buffer_struct *buffer, bignum *bignum; void **data; } o; - size_t len, rlen, max_len; + size_t len; + uint32_t rlen, max_len; ssh_string tmp_string = NULL; va_list ap_copy; size_t count; diff --git a/src/channels.c b/src/channels.c index 6e8a6ec7..1d422801 100644 --- a/src/channels.c +++ b/src/channels.c @@ -529,7 +529,7 @@ SSH_PACKET_CALLBACK(channel_rcv_data){ ssh_channel channel; ssh_string str; ssh_buffer buf; - size_t len; + uint32_t len; int is_stderr; int rest; (void)user; @@ -562,7 +562,7 @@ SSH_PACKET_CALLBACK(channel_rcv_data){ len = ssh_string_len(str); SSH_LOG(SSH_LOG_PACKET, - "Channel receiving %zu bytes data in %d (local win=%d remote win=%d)", + "Channel receiving %u bytes data in %d (local win=%d remote win=%d)", len, is_stderr, channel->local_window, @@ -571,7 +571,7 @@ SSH_PACKET_CALLBACK(channel_rcv_data){ /* What shall we do in this case? Let's accept it anyway */ if (len > channel->local_window) { SSH_LOG(SSH_LOG_RARE, - "Data packet too big for our window(%zu vs %d)", + "Data packet too big for our window(%u vs %d)", len, channel->local_window); } @@ -899,7 +899,7 @@ SSH_PACKET_CALLBACK(channel_rcv_request) { * FIXME is the window changed? */ int channel_default_bufferize(ssh_channel channel, - void *data, size_t len, + void *data, uint32_t len, bool is_stderr) { ssh_session session; @@ -916,7 +916,7 @@ int channel_default_bufferize(ssh_channel channel, } SSH_LOG(SSH_LOG_PACKET, - "placing %zu bytes into channel buffer (%s)", + "placing %u bytes into channel buffer (%s)", len, is_stderr ? "stderr" : "stdout"); if (!is_stderr) { @@ -3102,7 +3102,7 @@ int ssh_channel_read_nonblocking(ssh_channel channel, int is_stderr) { ssh_session session; - ssize_t to_read; + uint32_t to_read; int rc; int blocking; @@ -3116,22 +3116,24 @@ int ssh_channel_read_nonblocking(ssh_channel channel, session = channel->session; - to_read = ssh_channel_poll(channel, is_stderr); + rc = ssh_channel_poll(channel, is_stderr); - if (to_read <= 0) { + if (rc <= 0) { if (session->session_state == SSH_SESSION_STATE_ERROR){ return SSH_ERROR; } - return to_read; /* may be an error code */ + return rc; /* may be an error code */ } - if ((size_t)to_read > count) { - to_read = (ssize_t)count; + to_read = (unsigned int)rc; + + if (to_read > count) { + to_read = count; } blocking = ssh_is_blocking(session); ssh_set_blocking(session, 0); - rc = ssh_channel_read(channel, dest, (uint32_t)to_read, is_stderr); + rc = ssh_channel_read(channel, dest, to_read, is_stderr); ssh_set_blocking(session,blocking); return rc; diff --git a/src/client.c b/src/client.c index 98c8f803..4e2a299d 100644 --- a/src/client.c +++ b/src/client.c @@ -94,13 +94,13 @@ static void socket_callback_connected(int code, int errno_code, void *user) * @param user is a pointer to session * @returns Number of bytes processed, or zero if the banner is not complete. */ -static int callback_receive_banner(const void *data, size_t len, void *user) +static ssize_t callback_receive_banner(const void *data, size_t len, void *user) { char *buffer = (char *)data; ssh_session session = (ssh_session) user; char *str = NULL; - size_t i; - int ret = 0; + uint32_t i; + int ret=0; if (session->session_state != SSH_SESSION_STATE_SOCKET_CONNECTED) { ssh_set_error(session,SSH_FATAL, diff --git a/src/connector.c b/src/connector.c index 82dfc481..c9f2cf03 100644 --- a/src/connector.c +++ b/src/connector.c @@ -85,7 +85,7 @@ static int ssh_connector_channel_data_cb(ssh_session session, void *userdata); static int ssh_connector_channel_write_wontblock_cb(ssh_session session, ssh_channel channel, - size_t bytes, + uint32_t bytes, void *userdata); static ssize_t ssh_connector_fd_read(ssh_connector connector, void *buffer, @@ -248,14 +248,14 @@ static void ssh_connector_fd_in_cb(ssh_connector connector) uint32_t toread = CHUNKSIZE; ssize_t r; ssize_t w; - int total = 0; + ssize_t total = 0; int rc; SSH_LOG(SSH_LOG_TRACE, "connector POLLIN event for fd %d", connector->in_fd); if (connector->out_wontblock) { if (connector->out_channel != NULL) { - size_t size = ssh_channel_window_size(connector->out_channel); + uint32_t size = ssh_channel_window_size(connector->out_channel); /* Don't attempt reading more than the window */ toread = MIN(size, CHUNKSIZE); @@ -328,9 +328,9 @@ static void ssh_connector_fd_in_cb(ssh_connector connector) */ static void ssh_connector_fd_out_cb(ssh_connector connector){ unsigned char buffer[CHUNKSIZE]; - int r; - int w; - int total = 0; + ssize_t r; + ssize_t w; + ssize_t total = 0; SSH_LOG(SSH_LOG_TRACE, "connector POLLOUT event for fd %d", connector->out_fd); if(connector->in_available){ @@ -432,7 +432,7 @@ static int ssh_connector_channel_data_cb(ssh_session session, { ssh_connector connector = userdata; int w; - size_t window; + uint32_t window; (void) session; (void) channel; @@ -453,7 +453,7 @@ static int ssh_connector_channel_data_cb(ssh_session session, if (connector->out_wontblock) { if (connector->out_channel != NULL) { - int window_len; + uint32_t window_len; window = ssh_channel_window_size(connector->out_channel); window_len = MIN(window, len); @@ -517,7 +517,7 @@ static int ssh_connector_channel_data_cb(ssh_session session, */ static int ssh_connector_channel_write_wontblock_cb(ssh_session session, ssh_channel channel, - size_t bytes, + uint32_t bytes, void *userdata) { ssh_connector connector = userdata; @@ -529,7 +529,7 @@ static int ssh_connector_channel_write_wontblock_cb(ssh_session session, SSH_LOG(SSH_LOG_TRACE, "Channel write won't block"); if (connector->in_available) { if (connector->in_channel != NULL) { - size_t len = MIN(CHUNKSIZE, bytes); + uint32_t len = MIN(CHUNKSIZE, bytes); r = ssh_channel_read_nonblocking(connector->in_channel, buffer, diff --git a/src/dh-gex.c b/src/dh-gex.c index c6295f8f..281da9bf 100644 --- a/src/dh-gex.c +++ b/src/dh-gex.c @@ -367,9 +367,9 @@ static bool dhgroup_better_size(uint32_t pmin, * @brief returns 1 with 1/n probability * @returns 1 on with P(1/n), 0 with P(n-1/n). */ -static bool invn_chance(int n) +static bool invn_chance(size_t n) { - uint32_t nounce = 0; + size_t nounce = 0; int ok; ok = ssh_get_random(&nounce, sizeof(nounce), 0); diff --git a/src/dh.c b/src/dh.c index 38a24b97..060d62ad 100644 --- a/src/dh.c +++ b/src/dh.c @@ -683,7 +683,7 @@ static char *ssh_get_b64_unpadded(const unsigned char *hash, size_t len) char *b64_unpadded = NULL; size_t k; - b64_padded = (char *)bin_to_base64(hash, (int)len); + b64_padded = (char *)bin_to_base64(hash, len); if (b64_padded == NULL) { return NULL; } diff --git a/src/gzip.c b/src/gzip.c index 129571cd..148cc21c 100644 --- a/src/gzip.c +++ b/src/gzip.c @@ -62,10 +62,10 @@ static ssh_buffer gzip_compress(ssh_session session, ssh_buffer source, int leve struct ssh_crypto_struct *crypto = NULL; z_stream *zout = NULL; void *in_ptr = ssh_buffer_get(source); - unsigned long in_size = ssh_buffer_get_len(source); + uint32_t in_size = ssh_buffer_get_len(source); ssh_buffer dest = NULL; unsigned char out_buf[BLOCKSIZE] = {0}; - unsigned long len; + uint32_t len; int status; crypto = ssh_packet_get_current_crypto(session, SSH_DIRECTION_OUT); @@ -157,10 +157,10 @@ static ssh_buffer gzip_decompress(ssh_session session, ssh_buffer source, size_t struct ssh_crypto_struct *crypto = NULL; z_stream *zin = NULL; void *in_ptr = ssh_buffer_get(source); - unsigned long in_size = ssh_buffer_get_len(source); + uint32_t in_size = ssh_buffer_get_len(source); unsigned char out_buf[BLOCKSIZE] = {0}; ssh_buffer dest = NULL; - unsigned long len; + uint32_t len; int status; crypto = ssh_packet_get_current_crypto(session, SSH_DIRECTION_IN); diff --git a/src/libcrypto.c b/src/libcrypto.c index ea372cb8..06792ccd 100644 --- a/src/libcrypto.c +++ b/src/libcrypto.c @@ -126,7 +126,7 @@ SHACTX sha1_init(void) return c; } -void sha1_update(SHACTX c, const void *data, unsigned long len) +void sha1_update(SHACTX c, const void *data, size_t len) { EVP_DigestUpdate(c, data, len); } @@ -139,7 +139,7 @@ void sha1_final(unsigned char *md, SHACTX c) EVP_MD_CTX_free(c); } -void sha1(const unsigned char *digest, int len, unsigned char *hash) +void sha1(const unsigned char *digest, size_t len, unsigned char *hash) { SHACTX c = sha1_init(); if (c != NULL) { @@ -165,7 +165,7 @@ static const EVP_MD *nid_to_evpmd(int nid) return NULL; } -void evp(int nid, unsigned char *digest, int len, unsigned char *hash, unsigned int *hlen) +void evp(int nid, unsigned char *digest, size_t len, unsigned char *hash, unsigned int *hlen) { const EVP_MD *evp_md = nid_to_evpmd(nid); EVP_MD_CTX *md = EVP_MD_CTX_new(); @@ -190,7 +190,7 @@ EVPCTX evp_init(int nid) return ctx; } -void evp_update(EVPCTX ctx, const void *data, unsigned long len) +void evp_update(EVPCTX ctx, const void *data, size_t len) { EVP_DigestUpdate(ctx, data, len); } @@ -217,7 +217,7 @@ SHA256CTX sha256_init(void) return c; } -void sha256_update(SHA256CTX c, const void *data, unsigned long len) +void sha256_update(SHA256CTX c, const void *data, size_t len) { EVP_DigestUpdate(c, data, len); } @@ -230,7 +230,7 @@ void sha256_final(unsigned char *md, SHA256CTX c) EVP_MD_CTX_free(c); } -void sha256(const unsigned char *digest, int len, unsigned char *hash) +void sha256(const unsigned char *digest, size_t len, unsigned char *hash) { SHA256CTX c = sha256_init(); if (c != NULL) { @@ -254,7 +254,7 @@ SHA384CTX sha384_init(void) return c; } -void sha384_update(SHA384CTX c, const void *data, unsigned long len) +void sha384_update(SHA384CTX c, const void *data, size_t len) { EVP_DigestUpdate(c, data, len); } @@ -267,7 +267,7 @@ void sha384_final(unsigned char *md, SHA384CTX c) EVP_MD_CTX_free(c); } -void sha384(const unsigned char *digest, int len, unsigned char *hash) +void sha384(const unsigned char *digest, size_t len, unsigned char *hash) { SHA384CTX c = sha384_init(); if (c != NULL) { @@ -291,7 +291,7 @@ SHA512CTX sha512_init(void) return c; } -void sha512_update(SHA512CTX c, const void *data, unsigned long len) +void sha512_update(SHA512CTX c, const void *data, size_t len) { EVP_DigestUpdate(c, data, len); } @@ -304,7 +304,7 @@ void sha512_final(unsigned char *md, SHA512CTX c) EVP_MD_CTX_free(c); } -void sha512(const unsigned char *digest, int len, unsigned char *hash) +void sha512(const unsigned char *digest, size_t len, unsigned char *hash) { SHA512CTX c = sha512_init(); if (c != NULL) { @@ -328,7 +328,7 @@ MD5CTX md5_init(void) return c; } -void md5_update(MD5CTX c, const void *data, unsigned long len) +void md5_update(MD5CTX c, const void *data, size_t len) { EVP_DigestUpdate(c, data, len); } @@ -416,7 +416,7 @@ int ssh_kdf(struct ssh_crypto_struct *crypto, } #endif -HMACCTX hmac_init(const void *key, int len, enum ssh_hmac_e type) +HMACCTX hmac_init(const void *key, size_t len, enum ssh_hmac_e type) { HMACCTX ctx = NULL; EVP_PKEY *pkey = NULL; @@ -461,7 +461,7 @@ error: return NULL; } -void hmac_update(HMACCTX ctx, const void *data, unsigned long len) +void hmac_update(HMACCTX ctx, const void *data, size_t len) { EVP_DigestSignUpdate(ctx, data, len); } diff --git a/src/libgcrypt.c b/src/libgcrypt.c index a5d8c161..99d56d24 100644 --- a/src/libgcrypt.c +++ b/src/libgcrypt.c @@ -87,7 +87,7 @@ SHACTX sha1_init(void) { return ctx; } -void sha1_update(SHACTX c, const void *data, unsigned long len) { +void sha1_update(SHACTX c, const void *data, size_t len) { gcry_md_write(c, data, len); } @@ -97,7 +97,7 @@ void sha1_final(unsigned char *md, SHACTX c) { gcry_md_close(c); } -void sha1(const unsigned char *digest, int len, unsigned char *hash) { +void sha1(const unsigned char *digest, size_t len, unsigned char *hash) { gcry_md_hash_buffer(GCRY_MD_SHA1, hash, digest, len); } @@ -115,7 +115,7 @@ static int nid_to_md_algo(int nid) return GCRY_MD_NONE; } -void evp(int nid, unsigned char *digest, int len, +void evp(int nid, unsigned char *digest, size_t len, unsigned char *hash, unsigned int *hlen) { int algo = nid_to_md_algo(nid); @@ -140,7 +140,7 @@ EVPCTX evp_init(int nid) return ctx; } -void evp_update(EVPCTX ctx, const void *data, unsigned long len) +void evp_update(EVPCTX ctx, const void *data, size_t len) { gcry_md_write(ctx, data, len); } @@ -161,7 +161,7 @@ SHA256CTX sha256_init(void) { return ctx; } -void sha256_update(SHACTX c, const void *data, unsigned long len) { +void sha256_update(SHACTX c, const void *data, size_t len) { gcry_md_write(c, data, len); } @@ -171,7 +171,7 @@ void sha256_final(unsigned char *md, SHACTX c) { gcry_md_close(c); } -void sha256(const unsigned char *digest, int len, unsigned char *hash){ +void sha256(const unsigned char *digest, size_t len, unsigned char *hash){ gcry_md_hash_buffer(GCRY_MD_SHA256, hash, digest, len); } @@ -182,7 +182,7 @@ SHA384CTX sha384_init(void) { return ctx; } -void sha384_update(SHACTX c, const void *data, unsigned long len) { +void sha384_update(SHACTX c, const void *data, size_t len) { gcry_md_write(c, data, len); } @@ -192,7 +192,7 @@ void sha384_final(unsigned char *md, SHACTX c) { gcry_md_close(c); } -void sha384(const unsigned char *digest, int len, unsigned char *hash) { +void sha384(const unsigned char *digest, size_t len, unsigned char *hash) { gcry_md_hash_buffer(GCRY_MD_SHA384, hash, digest, len); } @@ -203,7 +203,7 @@ SHA512CTX sha512_init(void) { return ctx; } -void sha512_update(SHACTX c, const void *data, unsigned long len) { +void sha512_update(SHACTX c, const void *data, size_t len) { gcry_md_write(c, data, len); } @@ -213,7 +213,7 @@ void sha512_final(unsigned char *md, SHACTX c) { gcry_md_close(c); } -void sha512(const unsigned char *digest, int len, unsigned char *hash) { +void sha512(const unsigned char *digest, size_t len, unsigned char *hash) { gcry_md_hash_buffer(GCRY_MD_SHA512, hash, digest, len); } @@ -224,7 +224,7 @@ MD5CTX md5_init(void) { return c; } -void md5_update(MD5CTX c, const void *data, unsigned long len) { +void md5_update(MD5CTX c, const void *data, size_t len) { gcry_md_write(c,data,len); } @@ -243,7 +243,7 @@ int ssh_kdf(struct ssh_crypto_struct *crypto, key_type, output, requested_len); } -HMACCTX hmac_init(const void *key, int len, enum ssh_hmac_e type) { +HMACCTX hmac_init(const void *key, size_t len, enum ssh_hmac_e type) { HMACCTX c = NULL; switch(type) { @@ -268,7 +268,7 @@ HMACCTX hmac_init(const void *key, int len, enum ssh_hmac_e type) { return c; } -void hmac_update(HMACCTX c, const void *data, unsigned long len) { +void hmac_update(HMACCTX c, const void *data, size_t len) { gcry_md_write(c, data, len); } diff --git a/src/libmbedcrypto.c b/src/libmbedcrypto.c index 35e750e4..7c93ea75 100644 --- a/src/libmbedcrypto.c +++ b/src/libmbedcrypto.c @@ -88,7 +88,7 @@ SHACTX sha1_init(void) return ctx; } -void sha1_update(SHACTX c, const void *data, unsigned long len) +void sha1_update(SHACTX c, const void *data, size_t len) { mbedtls_md_update(c, data, len); } @@ -100,7 +100,7 @@ void sha1_final(unsigned char *md, SHACTX c) SAFE_FREE(c); } -void sha1(const unsigned char *digest, int len, unsigned char *hash) +void sha1(const unsigned char *digest, size_t len, unsigned char *hash) { const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA1); @@ -122,7 +122,7 @@ static mbedtls_md_type_t nid_to_md_algo(int nid) return MBEDTLS_MD_NONE; } -void evp(int nid, unsigned char *digest, int len, +void evp(int nid, unsigned char *digest, size_t len, unsigned char *hash, unsigned int *hlen) { mbedtls_md_type_t algo = nid_to_md_algo(nid); @@ -170,7 +170,7 @@ EVPCTX evp_init(int nid) return ctx; } -void evp_update(EVPCTX ctx, const void *data, unsigned long len) +void evp_update(EVPCTX ctx, const void *data, size_t len) { mbedtls_md_update(ctx, data, len); } @@ -216,7 +216,7 @@ SHA256CTX sha256_init(void) return ctx; } -void sha256_update(SHA256CTX c, const void *data, unsigned long len) +void sha256_update(SHA256CTX c, const void *data, size_t len) { mbedtls_md_update(c, data, len); } @@ -228,7 +228,7 @@ void sha256_final(unsigned char *md, SHA256CTX c) SAFE_FREE(c); } -void sha256(const unsigned char *digest, int len, unsigned char *hash) +void sha256(const unsigned char *digest, size_t len, unsigned char *hash) { const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256); @@ -270,7 +270,7 @@ SHA384CTX sha384_init(void) return ctx; } -void sha384_update(SHA384CTX c, const void *data, unsigned long len) +void sha384_update(SHA384CTX c, const void *data, size_t len) { mbedtls_md_update(c, data, len); } @@ -282,7 +282,7 @@ void sha384_final(unsigned char *md, SHA384CTX c) SAFE_FREE(c); } -void sha384(const unsigned char *digest, int len, unsigned char *hash) +void sha384(const unsigned char *digest, size_t len, unsigned char *hash) { const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA384); @@ -323,7 +323,7 @@ SHA512CTX sha512_init(void) return ctx; } -void sha512_update(SHA512CTX c, const void *data, unsigned long len) +void sha512_update(SHA512CTX c, const void *data, size_t len) { mbedtls_md_update(c, data, len); } @@ -335,7 +335,7 @@ void sha512_final(unsigned char *md, SHA512CTX c) SAFE_FREE(c); } -void sha512(const unsigned char *digest, int len, unsigned char *hash) +void sha512(const unsigned char *digest, size_t len, unsigned char *hash) { const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA512); @@ -377,7 +377,7 @@ MD5CTX md5_init(void) } -void md5_update(MD5CTX c, const void *data, unsigned long len) { +void md5_update(MD5CTX c, const void *data, size_t len) { mbedtls_md_update(c, data, len); } @@ -397,7 +397,7 @@ int ssh_kdf(struct ssh_crypto_struct *crypto, key_type, output, requested_len); } -HMACCTX hmac_init(const void *key, int len, enum ssh_hmac_e type) +HMACCTX hmac_init(const void *key, size_t len, enum ssh_hmac_e type) { HMACCTX ctx = NULL; const mbedtls_md_info_t *md_info = NULL; @@ -446,7 +446,7 @@ error: return NULL; } -void hmac_update(HMACCTX c, const void *data, unsigned long len) +void hmac_update(HMACCTX c, const void *data, size_t len) { mbedtls_md_hmac_update(c, data, len); } diff --git a/src/match.c b/src/match.c index 555a5dd1..3e58f733 100644 --- a/src/match.c +++ b/src/match.c @@ -131,11 +131,11 @@ static int match_pattern(const char *s, const char *pattern, size_t limit) * no match at all. */ int match_pattern_list(const char *string, const char *pattern, - unsigned int len, int dolower) { + size_t len, int dolower) { char sub[1024]; int negated; int got_positive; - unsigned int i, subi; + size_t i, subi; got_positive = 0; for (i = 0; i < len;) { diff --git a/src/misc.c b/src/misc.c index e890e829..499cf312 100644 --- a/src/misc.c +++ b/src/misc.c @@ -721,7 +721,7 @@ struct ssh_iterator *ssh_list_find(const struct ssh_list *list, void *value) size_t ssh_list_count(const struct ssh_list *list) { struct ssh_iterator *it = NULL; - int count = 0; + size_t count = 0; for (it = ssh_list_get_iterator(list); it != NULL ; it = it->next) { count++; @@ -1454,15 +1454,20 @@ ssh_timestamp_difference(struct ssh_timestamp *old, struct ssh_timestamp *new) * @param[in] usec number of microseconds * @returns milliseconds, or 10000 if user supplied values are equal to zero */ -int ssh_make_milliseconds(long sec, long usec) +int ssh_make_milliseconds(unsigned long sec, unsigned long usec) { - int res = usec ? (usec / 1000) : 0; - res += (sec * 1000); - if (res == 0) { - res = 10 * 1000; /* use a reasonable default value in case - * SSH_OPTIONS_TIMEOUT is not set in options. */ + unsigned long res = usec ? (usec / 1000) : 0; + res += (sec * 1000); + if (res == 0) { + res = 10 * 1000; /* use a reasonable default value in case + * SSH_OPTIONS_TIMEOUT is not set in options. */ + } + + if (res > INT_MAX) { + return SSH_TIMEOUT_INFINITE; + } else { + return (int)res; } - return res; } /** diff --git a/src/options.c b/src/options.c index d6c06776..8312c2ad 100644 --- a/src/options.c +++ b/src/options.c @@ -474,7 +474,7 @@ int ssh_options_set_algo(ssh_session session, * configuration option as they are considered completely broken. * Setting 0 will revert the value to defaults. * Default is 1024 bits or 2048 bits in FIPS mode. - * (unsigned int *) + * (int *) * * @param value The value to set. This is a generic pointer and the * datatype which is used should be set according to the @@ -1045,7 +1045,7 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type, ssh_set_error_invalid(session); return -1; } else { - unsigned int *x = (unsigned int *)value; + int *x = (int *)value; if (*x > 0 && *x < 768) { ssh_set_error(session, SSH_REQUEST_DENIED, "The provided value (%u) for minimal RSA key " @@ -1711,7 +1711,7 @@ static int ssh_bind_set_algo(ssh_bind sshbind, * considered completely broken. Setting 0 will revert * the value to defaults. * Default is 1024 bits or 2048 bits in FIPS mode. - * (unsigned int) + * (int) * * * @param value The value to set. This is a generic pointer and the @@ -2099,7 +2099,7 @@ int ssh_bind_options_set(ssh_bind sshbind, enum ssh_bind_options_e type, ssh_set_error_invalid(sshbind); return -1; } else { - unsigned int *x = (unsigned int *)value; + int *x = (int *)value; if (*x > 0 && *x < 768) { ssh_set_error(sshbind, SSH_REQUEST_DENIED, "The provided value (%u) for minimal RSA key " diff --git a/src/packet.c b/src/packet.c index 985524be..a64230d1 100644 --- a/src/packet.c +++ b/src/packet.c @@ -1054,14 +1054,14 @@ static bool ssh_packet_need_rekey(ssh_session session, * @len length of data received. It might not be enough for a complete packet * @returns number of bytes read and processed. */ -int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user) +ssize_t ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user) { ssh_session session = (ssh_session)user; uint32_t blocksize = 8; uint32_t lenfield_blocksize = 8; size_t current_macsize = 0; uint8_t *ptr = NULL; - int to_be_read; + long to_be_read; int rc; uint8_t *cleartext_packet = NULL; uint8_t *packet_second_block = NULL; @@ -1069,7 +1069,7 @@ int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user) size_t packet_remaining; uint32_t packet_len, compsize, payloadsize; uint8_t padding; - size_t processed = 0; /* number of byte processed from the callback */ + uint32_t processed = 0; /* number of bytes processed from the callback */ enum ssh_packet_filter_result_e filter_result; struct ssh_crypto_struct *crypto = NULL; bool etm = false; @@ -1169,7 +1169,7 @@ int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user) /* remote sshd sends invalid sizes? */ ssh_set_error(session, SSH_FATAL, - "Given numbers of bytes left to be read < 0 (%d)!", + "Given numbers of bytes left to be read < 0 (%ld)!", to_be_read); goto error; } @@ -1183,11 +1183,11 @@ int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user) to_be_read = packet_len + sizeof(uint32_t) + current_macsize; /* if to_be_read is zero, the whole packet was blocksize bytes. */ if (to_be_read != 0) { - if (receivedlen < (unsigned int)to_be_read) { + if (receivedlen < (unsigned long)to_be_read) { /* give up, not enough data in buffer */ SSH_LOG(SSH_LOG_PACKET, "packet: partial packet (read len) " - "[len=%d, receivedlen=%d, to_be_read=%d]", + "[len=%d, receivedlen=%d, to_be_read=%ld]", packet_len, (int)receivedlen, to_be_read); @@ -1382,7 +1382,7 @@ int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user) error: session->session_state= SSH_SESSION_STATE_ERROR; - SSH_LOG(SSH_LOG_PACKET,"Packet: processed %zu bytes", processed); + SSH_LOG(SSH_LOG_PACKET,"Packet: processed %u bytes", processed); return processed; } diff --git a/src/pki_crypto.c b/src/pki_crypto.c index 44a1db03..ffee471b 100644 --- a/src/pki_crypto.c +++ b/src/pki_crypto.c @@ -1401,10 +1401,10 @@ static ssh_string pki_dsa_signature_to_blob(const ssh_signature sig) const BIGNUM *pr = NULL, *ps = NULL; ssh_string r = NULL; - int r_len, r_offset_in, r_offset_out; + size_t r_len, r_offset_in, r_offset_out; ssh_string s = NULL; - int s_len, s_offset_in, s_offset_out; + size_t s_len, s_offset_in, s_offset_out; const unsigned char *raw_sig_data = NULL; size_t raw_sig_len; @@ -1679,7 +1679,7 @@ static int pki_signature_from_dsa_blob(UNUSED_PARAM(const ssh_key pubkey), size_t len; - int raw_sig_len = 0; + size_t raw_sig_len = 0; unsigned char *raw_sig_data = NULL; unsigned char *temp_raw_sig = NULL; diff --git a/src/server.c b/src/server.c index c9c17ec5..b29444a1 100644 --- a/src/server.c +++ b/src/server.c @@ -459,12 +459,12 @@ error: * @param user is a pointer to session * @returns Number of bytes processed, or zero if the banner is not complete. */ -static int callback_receive_banner(const void *data, size_t len, void *user) { +static ssize_t callback_receive_banner(const void *data, size_t len, void *user) { char *buffer = (char *) data; ssh_session session = (ssh_session) user; char *str = NULL; size_t i; - int ret=0; + ssize_t ret = 0; for (i = 0; i < len; i++) { #ifdef WITH_PCAP diff --git a/src/session.c b/src/session.c index 61882a50..f729c491 100644 --- a/src/session.c +++ b/src/session.c @@ -694,13 +694,13 @@ int ssh_handle_packets(ssh_session session, int timeout) { * SSH_ERROR otherwise. */ int ssh_handle_packets_termination(ssh_session session, - long timeout, + int timeout, ssh_termination_function fct, void *user) { struct ssh_timestamp ts; - long timeout_ms = SSH_TIMEOUT_INFINITE; - long tm; + int timeout_ms = SSH_TIMEOUT_INFINITE; + int tm; int ret = SSH_OK; /* If a timeout has been provided, use it */ diff --git a/src/sftp.c b/src/sftp.c index d072f80e..b1fa931e 100644 --- a/src/sftp.c +++ b/src/sftp.c @@ -387,11 +387,11 @@ void sftp_free(sftp_session sftp) SAFE_FREE(sftp); } -ssize_t sftp_packet_write(sftp_session sftp, uint8_t type, ssh_buffer payload) +int sftp_packet_write(sftp_session sftp, uint8_t type, ssh_buffer payload) { uint8_t header[5] = {0}; uint32_t payload_size; - ssize_t size; + int size; int rc; /* Add size of type */ @@ -416,7 +416,7 @@ ssize_t sftp_packet_write(sftp_session sftp, uint8_t type, ssh_buffer payload) if ((uint32_t)size != ssh_buffer_get_len(payload)) { SSH_LOG(SSH_LOG_PACKET, - "Had to write %d bytes, wrote only %zd", + "Had to write %d bytes, wrote only %d", ssh_buffer_get_len(payload), size); } diff --git a/src/socket.c b/src/socket.c index 1a12a43b..d0cd015d 100644 --- a/src/socket.c +++ b/src/socket.c @@ -638,7 +638,7 @@ void ssh_socket_fd_set(ssh_socket s, fd_set *set, socket_t *max_fd) * \returns SSH_OK, or SSH_ERROR * \warning has no effect on socket before a flush */ -int ssh_socket_write(ssh_socket s, const void *buffer, int len) +int ssh_socket_write(ssh_socket s, const void *buffer, uint32_t len) { if (len > 0) { if (ssh_buffer_add_data(s->out_buffer, buffer, len) < 0) { diff --git a/src/wrapper.c b/src/wrapper.c index 5cdb21fd..52b911a2 100644 --- a/src/wrapper.c +++ b/src/wrapper.c @@ -108,7 +108,7 @@ const char *ssh_hmac_type_to_string(enum ssh_hmac_e hmac_type, bool etm) } /* it allocates a new cipher structure based on its offset into the global table */ -static struct ssh_cipher_struct *cipher_new(int offset) { +static struct ssh_cipher_struct *cipher_new(uint8_t offset) { struct ssh_cipher_struct *cipher = NULL; cipher = malloc(sizeof(struct ssh_cipher_struct)); @@ -239,7 +239,7 @@ static int crypt_set_algorithms2(ssh_session session) const char *wanted = NULL; struct ssh_cipher_struct *ssh_ciphertab=ssh_get_ciphertab(); struct ssh_hmac_struct *ssh_hmactab=ssh_get_hmactab(); - size_t i = 0; + uint8_t i = 0; int cmp; /*