Fix type mismatch warnings

Signed-off-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>

include/libssh/bind.h

@@ -51,7 +51,7 @@ struct ssh_bind_struct {
   char *config_dir;
   char *pubkey_accepted_key_types;
   char* moduli_file;
-  unsigned int rsa_min_size;
+  int rsa_min_size;
 };
 
 struct ssh_poll_handle_struct *ssh_bind_get_poll(struct ssh_bind_struct

include/libssh/buffer.h

@@ -63,9 +63,9 @@ int ssh_buffer_prepend_data(ssh_buffer buffer, const void *data, uint32_t len);
 int ssh_buffer_add_buffer(ssh_buffer buffer, ssh_buffer source);
 
 /* buffer_read_*() returns the number of bytes read, except for ssh strings */
-int ssh_buffer_get_u8(ssh_buffer buffer, uint8_t *data);
+uint32_t ssh_buffer_get_u8(ssh_buffer buffer, uint8_t *data);
-int ssh_buffer_get_u32(ssh_buffer buffer, uint32_t *data);
+uint32_t ssh_buffer_get_u32(ssh_buffer buffer, uint32_t *data);
-int ssh_buffer_get_u64(ssh_buffer buffer, uint64_t *data);
+uint32_t ssh_buffer_get_u64(ssh_buffer buffer, uint64_t *data);
 
 /* ssh_buffer_get_ssh_string() is an exception. if the String read is too large or invalid, it will answer NULL. */
 ssh_string ssh_buffer_get_ssh_string(ssh_buffer buffer);

include/libssh/callbacks.h

@@ -56,7 +56,7 @@ typedef void (*ssh_callback_int) (int code, void *user);
  * @returns number of bytes processed by the callee. The remaining bytes will
  * be sent in the next callback message, when more data is available.
  */
-typedef int (*ssh_callback_data) (const void *data, size_t len, void *user);
+typedef ssize_t (*ssh_callback_data) (const void *data, size_t len, void *user);
 
 typedef void (*ssh_callback_int_int) (int code, int errno_code, void *user);
 
@@ -777,7 +777,7 @@ typedef int (*ssh_channel_subsystem_request_callback) (ssh_session session,
  */
 typedef int (*ssh_channel_write_wontblock_callback) (ssh_session session,
                                                      ssh_channel channel,
-                                                     size_t bytes,
+                                                     uint32_t bytes,
                                                      void *userdata);
 
 struct ssh_channel_callbacks_struct {

include/libssh/channels.h

@@ -98,7 +98,7 @@ SSH_PACKET_CALLBACK(channel_rcv_request);
 SSH_PACKET_CALLBACK(channel_rcv_data);
 
 int channel_default_bufferize(ssh_channel channel,
-                              void *data, size_t len,
+                              void *data, uint32_t len,
                               bool is_stderr);
 int ssh_channel_flush(ssh_channel channel);
 uint32_t ssh_channel_new_id(ssh_session session);

include/libssh/misc.h

@@ -81,7 +81,7 @@ const void *_ssh_list_pop_head(struct ssh_list *list);
 #define ssh_list_pop_head(type, ssh_list)\
   ((type)_ssh_list_pop_head(ssh_list))
 
-int ssh_make_milliseconds(long sec, long usec);
+int ssh_make_milliseconds(unsigned long sec, unsigned long usec);
 void ssh_timestamp_init(struct ssh_timestamp *ts);
 int ssh_timeout_elapsed(struct ssh_timestamp *ts, int timeout);
 int ssh_timeout_update(struct ssh_timestamp *ts, int timeout);

include/libssh/packet.h

@@ -67,7 +67,7 @@ int ssh_packet_send_unimplemented(ssh_session session, uint32_t seqnum);
 int ssh_packet_parse_type(ssh_session session);
 //int packet_flush(ssh_session session, int enforce_blocking);
 
-int ssh_packet_socket_callback(const void *data, size_t len, void *user);
+ssize_t ssh_packet_socket_callback(const void *data, size_t len, void *user);
 void ssh_packet_register_socket_callback(ssh_session session, struct ssh_socket_struct *s);
 void ssh_packet_set_callbacks(ssh_session session, ssh_packet_callbacks callbacks);
 void ssh_packet_remove_callbacks(ssh_session session, ssh_packet_callbacks callbacks);

include/libssh/priv.h

@@ -299,7 +299,7 @@ int decompress_buffer(ssh_session session,ssh_buffer buf, size_t maxlen);
 
 /* match.c */
 int match_pattern_list(const char *string, const char *pattern,
-    unsigned int len, int dolower);
+    size_t len, int dolower);
 int match_hostname(const char *host, const char *pattern, unsigned int len);
 
 /* connector.c */

include/libssh/session.h

@@ -173,7 +173,7 @@ struct ssh_session_struct {
     struct ssh_crypto_struct *next_crypto;  /* next_crypto is going to be used after a SSH2_MSG_NEWKEYS */
 
     struct ssh_list *channels; /* linked list of channels */
-    int maxchannel;
+    uint32_t maxchannel;
     ssh_agent agent; /* ssh agent */
 
 /* keyb interactive data */
@@ -233,7 +233,7 @@ struct ssh_session_struct {
         uint8_t options_seen[SOC_MAX];
         uint64_t rekey_data;
         uint32_t rekey_time;
-        unsigned int rsa_min_size;
+        int rsa_min_size;
     } opts;
     /* counters */
     ssh_counter socket_counter;
@@ -248,7 +248,7 @@ struct ssh_session_struct {
 typedef int (*ssh_termination_function)(void *user);
 int ssh_handle_packets(ssh_session session, int timeout);
 int ssh_handle_packets_termination(ssh_session session,
-                                   long timeout,
+                                   int timeout,
                                    ssh_termination_function fct,
                                    void *user);
 void ssh_socket_exception_callback(int code, int errno_code, void *user);

include/libssh/sftp_priv.h

@@ -22,7 +22,7 @@
 #define SFTP_PRIV_H
 
 sftp_packet sftp_packet_read(sftp_session sftp);
-ssize_t sftp_packet_write(sftp_session sftp, uint8_t type, ssh_buffer payload);
+int sftp_packet_write(sftp_session sftp, uint8_t type, ssh_buffer payload);
 void sftp_packet_free(sftp_packet packet);
 int buffer_add_attributes(ssh_buffer buffer, sftp_attributes attr);
 sftp_attributes sftp_parse_attr(sftp_session session,

include/libssh/socket.h

@@ -41,7 +41,7 @@ void ssh_execute_command(const char *command, socket_t in, socket_t out);
 int ssh_socket_connect_proxycommand(ssh_socket s, const char *command);
 #endif
 void ssh_socket_close(ssh_socket s);
-int ssh_socket_write(ssh_socket s,const void *buffer, int len);
+int ssh_socket_write(ssh_socket s,const void *buffer, uint32_t len);
 int ssh_socket_is_open(ssh_socket s);
 int ssh_socket_fd_isset(ssh_socket s, fd_set *set);
 void ssh_socket_fd_set(ssh_socket s, fd_set *set, socket_t *max_fd);

include/libssh/wrapper.h

@@ -68,36 +68,36 @@ struct ssh_crypto_struct;
 
 typedef struct ssh_mac_ctx_struct *ssh_mac_ctx;
 MD5CTX md5_init(void);
-void md5_update(MD5CTX c, const void *data, unsigned long len);
+void md5_update(MD5CTX c, const void *data, size_t len);
 void md5_final(unsigned char *md,MD5CTX c);
 
 SHACTX sha1_init(void);
-void sha1_update(SHACTX c, const void *data, unsigned long len);
+void sha1_update(SHACTX c, const void *data, size_t len);
 void sha1_final(unsigned char *md,SHACTX c);
-void sha1(const unsigned char *digest,int len,unsigned char *hash);
+void sha1(const unsigned char *digest,size_t len,unsigned char *hash);
 
 SHA256CTX sha256_init(void);
-void sha256_update(SHA256CTX c, const void *data, unsigned long len);
+void sha256_update(SHA256CTX c, const void *data, size_t len);
 void sha256_final(unsigned char *md,SHA256CTX c);
-void sha256(const unsigned char *digest, int len, unsigned char *hash);
+void sha256(const unsigned char *digest, size_t len, unsigned char *hash);
 
 SHA384CTX sha384_init(void);
-void sha384_update(SHA384CTX c, const void *data, unsigned long len);
+void sha384_update(SHA384CTX c, const void *data, size_t len);
 void sha384_final(unsigned char *md,SHA384CTX c);
-void sha384(const unsigned char *digest, int len, unsigned char *hash);
+void sha384(const unsigned char *digest, size_t len, unsigned char *hash);
 
 SHA512CTX sha512_init(void);
-void sha512_update(SHA512CTX c, const void *data, unsigned long len);
+void sha512_update(SHA512CTX c, const void *data, size_t len);
 void sha512_final(unsigned char *md,SHA512CTX c);
-void sha512(const unsigned char *digest, int len, unsigned char *hash);
+void sha512(const unsigned char *digest, size_t len, unsigned char *hash);
 
-void evp(int nid, unsigned char *digest, int len, unsigned char *hash, unsigned int *hlen);
+void evp(int nid, unsigned char *digest, size_t len, unsigned char *hash, unsigned int *hlen);
 EVPCTX evp_init(int nid);
-void evp_update(EVPCTX ctx, const void *data, unsigned long len);
+void evp_update(EVPCTX ctx, const void *data, size_t len);
 void evp_final(EVPCTX ctx, unsigned char *md, unsigned int *mdlen);
 
-HMACCTX hmac_init(const void *key,int len, enum ssh_hmac_e type);
+HMACCTX hmac_init(const void *key, size_t len, enum ssh_hmac_e type);
-void hmac_update(HMACCTX c, const void *data, unsigned long len);
+void hmac_update(HMACCTX c, const void *data, size_t len);
 void hmac_final(HMACCTX ctx,unsigned char *hashmacbuf,unsigned int *len);
 size_t hmac_digest_len(enum ssh_hmac_e type);
 

src/agent.c

@@ -63,9 +63,9 @@
   (((x) == SSH_AGENT_FAILURE) || ((x) == SSH_COM_AGENT2_FAILURE) || \
    ((x) == SSH2_AGENT_FAILURE))
 
-static size_t atomicio(struct ssh_agent_struct *agent, void *buf, size_t n, int do_read) {
+static uint32_t atomicio(struct ssh_agent_struct *agent, void *buf, uint32_t n, int do_read) {
   char *b = buf;
-  size_t pos = 0;
+  uint32_t pos = 0;
   ssize_t res;
   ssh_pollfd_t pfd;
   ssh_channel channel = agent->channel;
@@ -102,7 +102,7 @@ static size_t atomicio(struct ssh_agent_struct *agent, void *buf, size_t n, int
         errno = do_read ? 0 : EPIPE;
         return pos;
       default:
-        pos += (size_t) res;
+        pos += (uint32_t) res;
         }
       }
       return pos;
@@ -117,7 +117,7 @@ static size_t atomicio(struct ssh_agent_struct *agent, void *buf, size_t n, int
           continue;
         if (res == SSH_ERROR)
           return 0;
-        pos += (size_t)res;
+        pos += (uint32_t)res;
       }
       return pos;
     }
@@ -311,7 +311,7 @@ uint32_t ssh_agent_get_ident_count(struct ssh_session_struct *session)
     ssh_buffer reply = NULL;
     unsigned int type = 0;
     uint32_t count = 0;
-    int rc;
+    uint32_t rc;
 
     /* send message to the agent requesting the list of identities */
     request = ssh_buffer_new();

src/buffer.c

@@ -46,9 +46,9 @@
  */
 struct ssh_buffer_struct {
     bool secure;
-    size_t used;
+    uint32_t used;
-    size_t allocated;
+    uint32_t allocated;
-    size_t pos;
+    uint32_t pos;
     uint8_t *data;
 };
 
@@ -83,21 +83,21 @@ static void buffer_verify(ssh_buffer buf)
 
     if (buf->used > buf->allocated) {
         fprintf(stderr,
-                "BUFFER ERROR: allocated %zu, used %zu\n",
+                "BUFFER ERROR: allocated %u, used %u\n",
                 buf->allocated,
                 buf->used);
         do_abort = true;
     }
     if (buf->pos > buf->used) {
         fprintf(stderr,
-                "BUFFER ERROR: position %zu, used %zu\n",
+                "BUFFER ERROR: position %u, used %u\n",
                 buf->pos,
                 buf->used);
         do_abort = true;
     }
     if (buf->pos > buf->allocated) {
         fprintf(stderr,
-                "BUFFER ERROR: position %zu, allocated %zu\n",
+                "BUFFER ERROR: position %u, allocated %u\n",
                 buf->pos,
                 buf->allocated);
         do_abort = true;
@@ -178,9 +178,9 @@ void ssh_buffer_set_secure(ssh_buffer buffer)
     buffer->secure = true;
 }
 
-static int realloc_buffer(struct ssh_buffer_struct *buffer, size_t needed)
+static int realloc_buffer(struct ssh_buffer_struct *buffer, uint32_t needed)
 {
-    size_t smallest = 1;
+    uint32_t smallest = 1;
     uint8_t *new = NULL;
 
     buffer_verify(buffer);
@@ -702,7 +702,7 @@ uint32_t ssh_buffer_get_data(struct ssh_buffer_struct *buffer, void *data, uint3
  *
  * @returns             0 if there is not enough data in buffer, 1 otherwise.
  */
-int ssh_buffer_get_u8(struct ssh_buffer_struct *buffer, uint8_t *data){
+uint32_t ssh_buffer_get_u8(struct ssh_buffer_struct *buffer, uint8_t *data){
     return ssh_buffer_get_data(buffer,data,sizeof(uint8_t));
 }
 
@@ -717,7 +717,7 @@ int ssh_buffer_get_u8(struct ssh_buffer_struct *buffer, uint8_t *data){
  *
  * @returns             0 if there is not enough data in buffer, 4 otherwise.
  */
-int ssh_buffer_get_u32(struct ssh_buffer_struct *buffer, uint32_t *data){
+uint32_t ssh_buffer_get_u32(struct ssh_buffer_struct *buffer, uint32_t *data){
     return ssh_buffer_get_data(buffer,data,sizeof(uint32_t));
 }
 /**
@@ -732,7 +732,7 @@ int ssh_buffer_get_u32(struct ssh_buffer_struct *buffer, uint32_t *data){
  *
  * @returns             0 if there is not enough data in buffer, 8 otherwise.
  */
-int ssh_buffer_get_u64(struct ssh_buffer_struct *buffer, uint64_t *data){
+uint32_t ssh_buffer_get_u64(struct ssh_buffer_struct *buffer, uint64_t *data){
     return ssh_buffer_get_data(buffer,data,sizeof(uint64_t));
 }
 
@@ -900,7 +900,7 @@ static int ssh_buffer_pack_allocate_va(struct ssh_buffer_struct *buffer,
         }
     }
 
-    rc = ssh_buffer_allocate_size(buffer, needed_size);
+    rc = ssh_buffer_allocate_size(buffer, (uint32_t)needed_size);
     if (rc != 0) {
         return SSH_ERROR;
     }
@@ -1102,7 +1102,8 @@ int ssh_buffer_unpack_va(struct ssh_buffer_struct *buffer,
         bignum *bignum;
         void **data;
     } o;
-    size_t len, rlen, max_len;
+    size_t len;
+    uint32_t rlen, max_len;
     ssh_string tmp_string = NULL;
     va_list ap_copy;
     size_t count;

src/channels.c

@@ -529,7 +529,7 @@ SSH_PACKET_CALLBACK(channel_rcv_data){
   ssh_channel channel;
   ssh_string str;
   ssh_buffer buf;
-  size_t len;
+  uint32_t len;
   int is_stderr;
   int rest;
   (void)user;
@@ -562,7 +562,7 @@ SSH_PACKET_CALLBACK(channel_rcv_data){
   len = ssh_string_len(str);
 
   SSH_LOG(SSH_LOG_PACKET,
-      "Channel receiving %zu bytes data in %d (local win=%d remote win=%d)",
+      "Channel receiving %u bytes data in %d (local win=%d remote win=%d)",
       len,
       is_stderr,
       channel->local_window,
@@ -571,7 +571,7 @@ SSH_PACKET_CALLBACK(channel_rcv_data){
   /* What shall we do in this case? Let's accept it anyway */
   if (len > channel->local_window) {
     SSH_LOG(SSH_LOG_RARE,
-        "Data packet too big for our window(%zu vs %d)",
+        "Data packet too big for our window(%u vs %d)",
         len,
         channel->local_window);
   }
@@ -899,7 +899,7 @@ SSH_PACKET_CALLBACK(channel_rcv_request) {
  * FIXME is the window changed?
  */
 int channel_default_bufferize(ssh_channel channel,
-                              void *data, size_t len,
+                              void *data, uint32_t len,
                               bool is_stderr)
 {
   ssh_session session;
@@ -916,7 +916,7 @@ int channel_default_bufferize(ssh_channel channel,
   }
 
   SSH_LOG(SSH_LOG_PACKET,
-          "placing %zu bytes into channel buffer (%s)",
+          "placing %u bytes into channel buffer (%s)",
           len,
           is_stderr ? "stderr" : "stdout");
   if (!is_stderr) {
@@ -3102,7 +3102,7 @@ int ssh_channel_read_nonblocking(ssh_channel channel,
                                  int is_stderr)
 {
     ssh_session session;
-    ssize_t to_read;
+    uint32_t to_read;
     int rc;
     int blocking;
 
@@ -3116,22 +3116,24 @@ int ssh_channel_read_nonblocking(ssh_channel channel,
 
     session = channel->session;
 
-    to_read = ssh_channel_poll(channel, is_stderr);
+    rc = ssh_channel_poll(channel, is_stderr);
 
-    if (to_read <= 0) {
+    if (rc <= 0) {
         if (session->session_state == SSH_SESSION_STATE_ERROR){
             return SSH_ERROR;
         }
 
-        return to_read; /* may be an error code */
+        return rc; /* may be an error code */
     }
 
-    if ((size_t)to_read > count) {
+    to_read = (unsigned int)rc;
-        to_read = (ssize_t)count;
+
+    if (to_read > count) {
+        to_read = count;
     }
     blocking = ssh_is_blocking(session);
     ssh_set_blocking(session, 0);
-    rc = ssh_channel_read(channel, dest, (uint32_t)to_read, is_stderr);
+    rc = ssh_channel_read(channel, dest, to_read, is_stderr);
     ssh_set_blocking(session,blocking);
 
     return rc;

src/client.c

@@ -94,13 +94,13 @@ static void socket_callback_connected(int code, int errno_code, void *user)
  * @param  user is a pointer to session
  * @returns Number of bytes processed, or zero if the banner is not complete.
  */
-static int callback_receive_banner(const void *data, size_t len, void *user)
+static ssize_t callback_receive_banner(const void *data, size_t len, void *user)
 {
     char *buffer = (char *)data;
     ssh_session session = (ssh_session) user;
     char *str = NULL;
-    size_t i;
+    uint32_t i;
-    int ret = 0;
+    int ret=0;
 
     if (session->session_state != SSH_SESSION_STATE_SOCKET_CONNECTED) {
         ssh_set_error(session,SSH_FATAL,

src/connector.c

@@ -85,7 +85,7 @@ static int ssh_connector_channel_data_cb(ssh_session session,
                                          void *userdata);
 static int ssh_connector_channel_write_wontblock_cb(ssh_session session,
                                                     ssh_channel channel,
-                                                    size_t bytes,
+                                                    uint32_t bytes,
                                                     void *userdata);
 static ssize_t ssh_connector_fd_read(ssh_connector connector,
                                      void *buffer,
@@ -248,14 +248,14 @@ static void ssh_connector_fd_in_cb(ssh_connector connector)
     uint32_t toread = CHUNKSIZE;
     ssize_t r;
     ssize_t w;
-    int total = 0;
+    ssize_t total = 0;
     int rc;
 
     SSH_LOG(SSH_LOG_TRACE, "connector POLLIN event for fd %d", connector->in_fd);
 
     if (connector->out_wontblock) {
         if (connector->out_channel != NULL) {
-            size_t size = ssh_channel_window_size(connector->out_channel);
+            uint32_t size = ssh_channel_window_size(connector->out_channel);
 
             /* Don't attempt reading more than the window */
             toread = MIN(size, CHUNKSIZE);
@@ -328,9 +328,9 @@ static void ssh_connector_fd_in_cb(ssh_connector connector)
  */
 static void ssh_connector_fd_out_cb(ssh_connector connector){
     unsigned char buffer[CHUNKSIZE];
-    int r;
+    ssize_t r;
-    int w;
+    ssize_t w;
-    int total = 0;
+    ssize_t total = 0;
     SSH_LOG(SSH_LOG_TRACE, "connector POLLOUT event for fd %d", connector->out_fd);
 
     if(connector->in_available){
@@ -432,7 +432,7 @@ static int ssh_connector_channel_data_cb(ssh_session session,
 {
     ssh_connector connector = userdata;
     int w;
-    size_t window;
+    uint32_t window;
 
     (void) session;
     (void) channel;
@@ -453,7 +453,7 @@ static int ssh_connector_channel_data_cb(ssh_session session,
 
     if (connector->out_wontblock) {
         if (connector->out_channel != NULL) {
-            int window_len;
+            uint32_t window_len;
 
             window = ssh_channel_window_size(connector->out_channel);
             window_len = MIN(window, len);
@@ -517,7 +517,7 @@ static int ssh_connector_channel_data_cb(ssh_session session,
  */
 static int ssh_connector_channel_write_wontblock_cb(ssh_session session,
                                                     ssh_channel channel,
-                                                    size_t bytes,
+                                                    uint32_t bytes,
                                                     void *userdata)
 {
     ssh_connector connector = userdata;
@@ -529,7 +529,7 @@ static int ssh_connector_channel_write_wontblock_cb(ssh_session session,
     SSH_LOG(SSH_LOG_TRACE, "Channel write won't block");
     if (connector->in_available) {
         if (connector->in_channel != NULL) {
-            size_t len = MIN(CHUNKSIZE, bytes);
+            uint32_t len = MIN(CHUNKSIZE, bytes);
 
             r = ssh_channel_read_nonblocking(connector->in_channel,
                                              buffer,

src/dh-gex.c

@@ -367,9 +367,9 @@ static bool dhgroup_better_size(uint32_t pmin,
  * @brief returns 1 with 1/n probability
  * @returns 1 on with P(1/n), 0 with P(n-1/n).
  */
-static bool invn_chance(int n)
+static bool invn_chance(size_t n)
 {
-    uint32_t nounce = 0;
+    size_t nounce = 0;
     int ok;
 
     ok = ssh_get_random(&nounce, sizeof(nounce), 0);

src/dh.c

@@ -683,7 +683,7 @@ static char *ssh_get_b64_unpadded(const unsigned char *hash, size_t len)
     char *b64_unpadded = NULL;
     size_t k;
 
-    b64_padded = (char *)bin_to_base64(hash, (int)len);
+    b64_padded = (char *)bin_to_base64(hash, len);
     if (b64_padded == NULL) {
         return NULL;
     }

src/gzip.c

@@ -62,10 +62,10 @@ static ssh_buffer gzip_compress(ssh_session session, ssh_buffer source, int leve
   struct ssh_crypto_struct *crypto = NULL;
   z_stream *zout = NULL;
   void *in_ptr = ssh_buffer_get(source);
-  unsigned long in_size = ssh_buffer_get_len(source);
+  uint32_t in_size = ssh_buffer_get_len(source);
   ssh_buffer dest = NULL;
   unsigned char out_buf[BLOCKSIZE] = {0};
-  unsigned long len;
+  uint32_t len;
   int status;
 
   crypto = ssh_packet_get_current_crypto(session, SSH_DIRECTION_OUT);
@@ -157,10 +157,10 @@ static ssh_buffer gzip_decompress(ssh_session session, ssh_buffer source, size_t
   struct ssh_crypto_struct *crypto = NULL;
   z_stream *zin = NULL;
   void *in_ptr = ssh_buffer_get(source);
-  unsigned long in_size = ssh_buffer_get_len(source);
+  uint32_t in_size = ssh_buffer_get_len(source);
   unsigned char out_buf[BLOCKSIZE] = {0};
   ssh_buffer dest = NULL;
-  unsigned long len;
+  uint32_t len;
   int status;
 
   crypto = ssh_packet_get_current_crypto(session, SSH_DIRECTION_IN);

src/libcrypto.c

@@ -126,7 +126,7 @@ SHACTX sha1_init(void)
     return c;
 }
 
-void sha1_update(SHACTX c, const void *data, unsigned long len)
+void sha1_update(SHACTX c, const void *data, size_t len)
 {
     EVP_DigestUpdate(c, data, len);
 }
@@ -139,7 +139,7 @@ void sha1_final(unsigned char *md, SHACTX c)
     EVP_MD_CTX_free(c);
 }
 
-void sha1(const unsigned char *digest, int len, unsigned char *hash)
+void sha1(const unsigned char *digest, size_t len, unsigned char *hash)
 {
     SHACTX c = sha1_init();
     if (c != NULL) {
@@ -165,7 +165,7 @@ static const EVP_MD *nid_to_evpmd(int nid)
     return NULL;
 }
 
-void evp(int nid, unsigned char *digest, int len, unsigned char *hash, unsigned int *hlen)
+void evp(int nid, unsigned char *digest, size_t len, unsigned char *hash, unsigned int *hlen)
 {
     const EVP_MD *evp_md = nid_to_evpmd(nid);
     EVP_MD_CTX *md = EVP_MD_CTX_new();
@@ -190,7 +190,7 @@ EVPCTX evp_init(int nid)
     return ctx;
 }
 
-void evp_update(EVPCTX ctx, const void *data, unsigned long len)
+void evp_update(EVPCTX ctx, const void *data, size_t len)
 {
     EVP_DigestUpdate(ctx, data, len);
 }
@@ -217,7 +217,7 @@ SHA256CTX sha256_init(void)
     return c;
 }
 
-void sha256_update(SHA256CTX c, const void *data, unsigned long len)
+void sha256_update(SHA256CTX c, const void *data, size_t len)
 {
     EVP_DigestUpdate(c, data, len);
 }
@@ -230,7 +230,7 @@ void sha256_final(unsigned char *md, SHA256CTX c)
     EVP_MD_CTX_free(c);
 }
 
-void sha256(const unsigned char *digest, int len, unsigned char *hash)
+void sha256(const unsigned char *digest, size_t len, unsigned char *hash)
 {
     SHA256CTX c = sha256_init();
     if (c != NULL) {
@@ -254,7 +254,7 @@ SHA384CTX sha384_init(void)
     return c;
 }
 
-void sha384_update(SHA384CTX c, const void *data, unsigned long len)
+void sha384_update(SHA384CTX c, const void *data, size_t len)
 {
     EVP_DigestUpdate(c, data, len);
 }
@@ -267,7 +267,7 @@ void sha384_final(unsigned char *md, SHA384CTX c)
     EVP_MD_CTX_free(c);
 }
 
-void sha384(const unsigned char *digest, int len, unsigned char *hash)
+void sha384(const unsigned char *digest, size_t len, unsigned char *hash)
 {
     SHA384CTX c = sha384_init();
     if (c != NULL) {
@@ -291,7 +291,7 @@ SHA512CTX sha512_init(void)
     return c;
 }
 
-void sha512_update(SHA512CTX c, const void *data, unsigned long len)
+void sha512_update(SHA512CTX c, const void *data, size_t len)
 {
     EVP_DigestUpdate(c, data, len);
 }
@@ -304,7 +304,7 @@ void sha512_final(unsigned char *md, SHA512CTX c)
     EVP_MD_CTX_free(c);
 }
 
-void sha512(const unsigned char *digest, int len, unsigned char *hash)
+void sha512(const unsigned char *digest, size_t len, unsigned char *hash)
 {
     SHA512CTX c = sha512_init();
     if (c != NULL) {
@@ -328,7 +328,7 @@ MD5CTX md5_init(void)
     return c;
 }
 
-void md5_update(MD5CTX c, const void *data, unsigned long len)
+void md5_update(MD5CTX c, const void *data, size_t len)
 {
     EVP_DigestUpdate(c, data, len);
 }
@@ -416,7 +416,7 @@ int ssh_kdf(struct ssh_crypto_struct *crypto,
 }
 #endif
 
-HMACCTX hmac_init(const void *key, int len, enum ssh_hmac_e type)
+HMACCTX hmac_init(const void *key, size_t len, enum ssh_hmac_e type)
 {
     HMACCTX ctx = NULL;
     EVP_PKEY *pkey = NULL;
@@ -461,7 +461,7 @@ error:
     return NULL;
 }
 
-void hmac_update(HMACCTX ctx, const void *data, unsigned long len)
+void hmac_update(HMACCTX ctx, const void *data, size_t len)
 {
     EVP_DigestSignUpdate(ctx, data, len);
 }

src/libgcrypt.c

@@ -87,7 +87,7 @@ SHACTX sha1_init(void) {
   return ctx;
 }
 
-void sha1_update(SHACTX c, const void *data, unsigned long len) {
+void sha1_update(SHACTX c, const void *data, size_t len) {
   gcry_md_write(c, data, len);
 }
 
@@ -97,7 +97,7 @@ void sha1_final(unsigned char *md, SHACTX c) {
   gcry_md_close(c);
 }
 
-void sha1(const unsigned char *digest, int len, unsigned char *hash) {
+void sha1(const unsigned char *digest, size_t len, unsigned char *hash) {
   gcry_md_hash_buffer(GCRY_MD_SHA1, hash, digest, len);
 }
 
@@ -115,7 +115,7 @@ static int nid_to_md_algo(int nid)
     return GCRY_MD_NONE;
 }
 
-void evp(int nid, unsigned char *digest, int len,
+void evp(int nid, unsigned char *digest, size_t len,
          unsigned char *hash, unsigned int *hlen)
 {
     int algo = nid_to_md_algo(nid);
@@ -140,7 +140,7 @@ EVPCTX evp_init(int nid)
     return ctx;
 }
 
-void evp_update(EVPCTX ctx, const void *data, unsigned long len)
+void evp_update(EVPCTX ctx, const void *data, size_t len)
 {
     gcry_md_write(ctx, data, len);
 }
@@ -161,7 +161,7 @@ SHA256CTX sha256_init(void) {
   return ctx;
 }
 
-void sha256_update(SHACTX c, const void *data, unsigned long len) {
+void sha256_update(SHACTX c, const void *data, size_t len) {
   gcry_md_write(c, data, len);
 }
 
@@ -171,7 +171,7 @@ void sha256_final(unsigned char *md, SHACTX c) {
   gcry_md_close(c);
 }
 
-void sha256(const unsigned char *digest, int len, unsigned char *hash){
+void sha256(const unsigned char *digest, size_t len, unsigned char *hash){
   gcry_md_hash_buffer(GCRY_MD_SHA256, hash, digest, len);
 }
 
@@ -182,7 +182,7 @@ SHA384CTX sha384_init(void) {
   return ctx;
 }
 
-void sha384_update(SHACTX c, const void *data, unsigned long len) {
+void sha384_update(SHACTX c, const void *data, size_t len) {
   gcry_md_write(c, data, len);
 }
 
@@ -192,7 +192,7 @@ void sha384_final(unsigned char *md, SHACTX c) {
   gcry_md_close(c);
 }
 
-void sha384(const unsigned char *digest, int len, unsigned char *hash) {
+void sha384(const unsigned char *digest, size_t len, unsigned char *hash) {
   gcry_md_hash_buffer(GCRY_MD_SHA384, hash, digest, len);
 }
 
@@ -203,7 +203,7 @@ SHA512CTX sha512_init(void) {
   return ctx;
 }
 
-void sha512_update(SHACTX c, const void *data, unsigned long len) {
+void sha512_update(SHACTX c, const void *data, size_t len) {
   gcry_md_write(c, data, len);
 }
 
@@ -213,7 +213,7 @@ void sha512_final(unsigned char *md, SHACTX c) {
   gcry_md_close(c);
 }
 
-void sha512(const unsigned char *digest, int len, unsigned char *hash) {
+void sha512(const unsigned char *digest, size_t len, unsigned char *hash) {
   gcry_md_hash_buffer(GCRY_MD_SHA512, hash, digest, len);
 }
 
@@ -224,7 +224,7 @@ MD5CTX md5_init(void) {
   return c;
 }
 
-void md5_update(MD5CTX c, const void *data, unsigned long len) {
+void md5_update(MD5CTX c, const void *data, size_t len) {
     gcry_md_write(c,data,len);
 }
 
@@ -243,7 +243,7 @@ int ssh_kdf(struct ssh_crypto_struct *crypto,
                              key_type, output, requested_len);
 }
 
-HMACCTX hmac_init(const void *key, int len, enum ssh_hmac_e type) {
+HMACCTX hmac_init(const void *key, size_t len, enum ssh_hmac_e type) {
   HMACCTX c = NULL;
 
   switch(type) {
@@ -268,7 +268,7 @@ HMACCTX hmac_init(const void *key, int len, enum ssh_hmac_e type) {
   return c;
 }
 
-void hmac_update(HMACCTX c, const void *data, unsigned long len) {
+void hmac_update(HMACCTX c, const void *data, size_t len) {
   gcry_md_write(c, data, len);
 }
 

src/libmbedcrypto.c

@@ -88,7 +88,7 @@ SHACTX sha1_init(void)
     return ctx;
 }
 
-void sha1_update(SHACTX c, const void *data, unsigned long len)
+void sha1_update(SHACTX c, const void *data, size_t len)
 {
     mbedtls_md_update(c, data, len);
 }
@@ -100,7 +100,7 @@ void sha1_final(unsigned char *md, SHACTX c)
     SAFE_FREE(c);
 }
 
-void sha1(const unsigned char *digest, int len, unsigned char *hash)
+void sha1(const unsigned char *digest, size_t len, unsigned char *hash)
 {
     const mbedtls_md_info_t *md_info =
         mbedtls_md_info_from_type(MBEDTLS_MD_SHA1);
@@ -122,7 +122,7 @@ static mbedtls_md_type_t nid_to_md_algo(int nid)
     return MBEDTLS_MD_NONE;
 }
 
-void evp(int nid, unsigned char *digest, int len,
+void evp(int nid, unsigned char *digest, size_t len,
         unsigned char *hash, unsigned int *hlen)
 {
     mbedtls_md_type_t algo = nid_to_md_algo(nid);
@@ -170,7 +170,7 @@ EVPCTX evp_init(int nid)
     return ctx;
 }
 
-void evp_update(EVPCTX ctx, const void *data, unsigned long len)
+void evp_update(EVPCTX ctx, const void *data, size_t len)
 {
     mbedtls_md_update(ctx, data, len);
 }
@@ -216,7 +216,7 @@ SHA256CTX sha256_init(void)
     return ctx;
 }
 
-void sha256_update(SHA256CTX c, const void *data, unsigned long len)
+void sha256_update(SHA256CTX c, const void *data, size_t len)
 {
     mbedtls_md_update(c, data, len);
 }
@@ -228,7 +228,7 @@ void sha256_final(unsigned char *md, SHA256CTX c)
     SAFE_FREE(c);
 }
 
-void sha256(const unsigned char *digest, int len, unsigned char *hash)
+void sha256(const unsigned char *digest, size_t len, unsigned char *hash)
 {
     const mbedtls_md_info_t *md_info =
         mbedtls_md_info_from_type(MBEDTLS_MD_SHA256);
@@ -270,7 +270,7 @@ SHA384CTX sha384_init(void)
     return ctx;
 }
 
-void sha384_update(SHA384CTX c, const void *data, unsigned long len)
+void sha384_update(SHA384CTX c, const void *data, size_t len)
 {
     mbedtls_md_update(c, data, len);
 }
@@ -282,7 +282,7 @@ void sha384_final(unsigned char *md, SHA384CTX c)
     SAFE_FREE(c);
 }
 
-void sha384(const unsigned char *digest, int len, unsigned char *hash)
+void sha384(const unsigned char *digest, size_t len, unsigned char *hash)
 {
     const mbedtls_md_info_t *md_info =
         mbedtls_md_info_from_type(MBEDTLS_MD_SHA384);
@@ -323,7 +323,7 @@ SHA512CTX sha512_init(void)
     return ctx;
 }
 
-void sha512_update(SHA512CTX c, const void *data, unsigned long len)
+void sha512_update(SHA512CTX c, const void *data, size_t len)
 {
     mbedtls_md_update(c, data, len);
 }
@@ -335,7 +335,7 @@ void sha512_final(unsigned char *md, SHA512CTX c)
     SAFE_FREE(c);
 }
 
-void sha512(const unsigned char *digest, int len, unsigned char *hash)
+void sha512(const unsigned char *digest, size_t len, unsigned char *hash)
 {
     const mbedtls_md_info_t *md_info =
         mbedtls_md_info_from_type(MBEDTLS_MD_SHA512);
@@ -377,7 +377,7 @@ MD5CTX md5_init(void)
 }
 
 
-void md5_update(MD5CTX c, const void *data, unsigned long len) {
+void md5_update(MD5CTX c, const void *data, size_t len) {
     mbedtls_md_update(c, data, len);
 }
 
@@ -397,7 +397,7 @@ int ssh_kdf(struct ssh_crypto_struct *crypto,
                              key_type, output, requested_len);
 }
 
-HMACCTX hmac_init(const void *key, int len, enum ssh_hmac_e type)
+HMACCTX hmac_init(const void *key, size_t len, enum ssh_hmac_e type)
 {
     HMACCTX ctx = NULL;
     const mbedtls_md_info_t *md_info = NULL;
@@ -446,7 +446,7 @@ error:
     return NULL;
 }
 
-void hmac_update(HMACCTX c, const void *data, unsigned long len)
+void hmac_update(HMACCTX c, const void *data, size_t len)
 {
     mbedtls_md_hmac_update(c, data, len);
 }

src/match.c

@@ -131,11 +131,11 @@ static int match_pattern(const char *s, const char *pattern, size_t limit)
  * no match at all.
  */
 int match_pattern_list(const char *string, const char *pattern,
-    unsigned int len, int dolower) {
+    size_t len, int dolower) {
   char sub[1024];
   int negated;
   int got_positive;
-  unsigned int i, subi;
+  size_t i, subi;
 
   got_positive = 0;
   for (i = 0; i < len;) {

src/misc.c

@@ -721,7 +721,7 @@ struct ssh_iterator *ssh_list_find(const struct ssh_list *list, void *value)
 size_t ssh_list_count(const struct ssh_list *list)
 {
   struct ssh_iterator *it = NULL;
-  int count = 0;
+  size_t count = 0;
 
   for (it = ssh_list_get_iterator(list); it != NULL ; it = it->next) {
       count++;
@@ -1454,15 +1454,20 @@ ssh_timestamp_difference(struct ssh_timestamp *old, struct ssh_timestamp *new)
  * @param[in] usec number of microseconds
  * @returns milliseconds, or 10000 if user supplied values are equal to zero
  */
-int ssh_make_milliseconds(long sec, long usec)
+int ssh_make_milliseconds(unsigned long sec, unsigned long usec)
 {
-    int res = usec ? (usec / 1000) : 0;
+	unsigned long res = usec ? (usec / 1000) : 0;
-    res += (sec * 1000);
+	res += (sec * 1000);
-    if (res == 0) {
+	if (res == 0) {
-        res = 10 * 1000; /* use a reasonable default value in case
+		res = 10 * 1000; /* use a reasonable default value in case
-                          * SSH_OPTIONS_TIMEOUT is not set in options. */
+				* SSH_OPTIONS_TIMEOUT is not set in options. */
+	}
+
+    if (res > INT_MAX) {
+        return SSH_TIMEOUT_INFINITE;
+    } else {
+        return (int)res;
     }
-    return res;
 }
 
 /**

src/options.c

@@ -474,7 +474,7 @@ int ssh_options_set_algo(ssh_session session,
  *                configuration option as they are considered completely broken.
  *                Setting 0 will revert the value to defaults.
  *                Default is 1024 bits or 2048 bits in FIPS mode.
- *                (unsigned int *)
+ *                (int *)
  *
  * @param  value The value to set. This is a generic pointer and the
  *               datatype which is used should be set according to the
@@ -1045,7 +1045,7 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type,
                 ssh_set_error_invalid(session);
                 return -1;
             } else {
-                unsigned int *x = (unsigned int *)value;
+                int *x = (int *)value;
                 if (*x > 0 && *x < 768) {
                     ssh_set_error(session, SSH_REQUEST_DENIED,
                                   "The provided value (%u) for minimal RSA key "
@@ -1711,7 +1711,7 @@ static int ssh_bind_set_algo(ssh_bind sshbind,
  *                        considered completely broken. Setting 0 will revert
  *                        the value to defaults.
  *                        Default is 1024 bits or 2048 bits in FIPS mode.
- *                        (unsigned int)
+ *                        (int)
  *
  *
  * @param  value        The value to set. This is a generic pointer and the
@@ -2099,7 +2099,7 @@ int ssh_bind_options_set(ssh_bind sshbind, enum ssh_bind_options_e type,
             ssh_set_error_invalid(sshbind);
             return -1;
         } else {
-            unsigned int *x = (unsigned int *)value;
+            int *x = (int *)value;
             if (*x > 0 && *x < 768) {
                 ssh_set_error(sshbind, SSH_REQUEST_DENIED,
                               "The provided value (%u) for minimal RSA key "

src/packet.c

@@ -1054,14 +1054,14 @@ static bool ssh_packet_need_rekey(ssh_session session,
  * @len length of data received. It might not be enough for a complete packet
  * @returns number of bytes read and processed.
  */
-int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user)
+ssize_t ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user)
 {
     ssh_session session = (ssh_session)user;
     uint32_t blocksize = 8;
     uint32_t lenfield_blocksize = 8;
     size_t current_macsize = 0;
     uint8_t *ptr = NULL;
-    int to_be_read;
+    long to_be_read;
     int rc;
     uint8_t *cleartext_packet = NULL;
     uint8_t *packet_second_block = NULL;
@@ -1069,7 +1069,7 @@ int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user)
     size_t packet_remaining;
     uint32_t packet_len, compsize, payloadsize;
     uint8_t padding;
-    size_t processed = 0; /* number of byte processed from the callback */
+    uint32_t processed = 0; /* number of bytes processed from the callback */
     enum ssh_packet_filter_result_e filter_result;
     struct ssh_crypto_struct *crypto = NULL;
     bool etm = false;
@@ -1169,7 +1169,7 @@ int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user)
                 /* remote sshd sends invalid sizes? */
                 ssh_set_error(session,
                               SSH_FATAL,
-                              "Given numbers of bytes left to be read < 0 (%d)!",
+                              "Given numbers of bytes left to be read < 0 (%ld)!",
                               to_be_read);
                 goto error;
             }
@@ -1183,11 +1183,11 @@ int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user)
             to_be_read = packet_len + sizeof(uint32_t) + current_macsize;
             /* if to_be_read is zero, the whole packet was blocksize bytes. */
             if (to_be_read != 0) {
-                if (receivedlen  < (unsigned int)to_be_read) {
+                if (receivedlen  < (unsigned long)to_be_read) {
                     /* give up, not enough data in buffer */
                     SSH_LOG(SSH_LOG_PACKET,
                             "packet: partial packet (read len) "
-                            "[len=%d, receivedlen=%d, to_be_read=%d]",
+                            "[len=%d, receivedlen=%d, to_be_read=%ld]",
                             packet_len,
                             (int)receivedlen,
                             to_be_read);
@@ -1382,7 +1382,7 @@ int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user)
 
 error:
     session->session_state= SSH_SESSION_STATE_ERROR;
-    SSH_LOG(SSH_LOG_PACKET,"Packet: processed %zu bytes", processed);
+    SSH_LOG(SSH_LOG_PACKET,"Packet: processed %u bytes", processed);
     return processed;
 }
 

src/pki_crypto.c

@@ -1401,10 +1401,10 @@ static ssh_string pki_dsa_signature_to_blob(const ssh_signature sig)
     const BIGNUM *pr = NULL, *ps = NULL;
 
     ssh_string r = NULL;
-    int r_len, r_offset_in, r_offset_out;
+    size_t r_len, r_offset_in, r_offset_out;
 
     ssh_string s = NULL;
-    int s_len, s_offset_in, s_offset_out;
+    size_t s_len, s_offset_in, s_offset_out;
 
     const unsigned char *raw_sig_data = NULL;
     size_t raw_sig_len;
@@ -1679,7 +1679,7 @@ static int pki_signature_from_dsa_blob(UNUSED_PARAM(const ssh_key pubkey),
 
     size_t len;
 
-    int raw_sig_len = 0;
+    size_t raw_sig_len = 0;
     unsigned char *raw_sig_data = NULL;
     unsigned char *temp_raw_sig = NULL;
 

src/server.c

@@ -459,12 +459,12 @@ error:
  * @param  user is a pointer to session
  * @returns Number of bytes processed, or zero if the banner is not complete.
  */
-static int callback_receive_banner(const void *data, size_t len, void *user) {
+static ssize_t callback_receive_banner(const void *data, size_t len, void *user) {
     char *buffer = (char *) data;
     ssh_session session = (ssh_session) user;
     char *str = NULL;
     size_t i;
-    int ret=0;
+    ssize_t ret = 0;
 
     for (i = 0; i < len; i++) {
 #ifdef WITH_PCAP

src/session.c

@@ -694,13 +694,13 @@ int ssh_handle_packets(ssh_session session, int timeout) {
  *                      SSH_ERROR otherwise.
  */
 int ssh_handle_packets_termination(ssh_session session,
-                                   long timeout,
+                                   int timeout,
                                    ssh_termination_function fct,
                                    void *user)
 {
     struct ssh_timestamp ts;
-    long timeout_ms = SSH_TIMEOUT_INFINITE;
+    int timeout_ms = SSH_TIMEOUT_INFINITE;
-    long tm;
+    int tm;
     int ret = SSH_OK;
 
     /* If a timeout has been provided, use it */

src/sftp.c

@@ -387,11 +387,11 @@ void sftp_free(sftp_session sftp)
     SAFE_FREE(sftp);
 }
 
-ssize_t sftp_packet_write(sftp_session sftp, uint8_t type, ssh_buffer payload)
+int sftp_packet_write(sftp_session sftp, uint8_t type, ssh_buffer payload)
 {
     uint8_t header[5] = {0};
     uint32_t payload_size;
-    ssize_t size;
+    int size;
     int rc;
 
     /* Add size of type */
@@ -416,7 +416,7 @@ ssize_t sftp_packet_write(sftp_session sftp, uint8_t type, ssh_buffer payload)
 
     if ((uint32_t)size != ssh_buffer_get_len(payload)) {
         SSH_LOG(SSH_LOG_PACKET,
-                "Had to write %d bytes, wrote only %zd",
+                "Had to write %d bytes, wrote only %d",
                 ssh_buffer_get_len(payload),
                 size);
     }

src/socket.c

@@ -638,7 +638,7 @@ void ssh_socket_fd_set(ssh_socket s, fd_set *set, socket_t *max_fd)
  * \returns SSH_OK, or SSH_ERROR
  * \warning has no effect on socket before a flush
  */
-int ssh_socket_write(ssh_socket s, const void *buffer, int len)
+int ssh_socket_write(ssh_socket s, const void *buffer, uint32_t len)
 {
     if (len > 0) {
         if (ssh_buffer_add_data(s->out_buffer, buffer, len) < 0) {

src/wrapper.c

@@ -108,7 +108,7 @@ const char *ssh_hmac_type_to_string(enum ssh_hmac_e hmac_type, bool etm)
 }
 
 /* it allocates a new cipher structure based on its offset into the global table */
-static struct ssh_cipher_struct *cipher_new(int offset) {
+static struct ssh_cipher_struct *cipher_new(uint8_t offset) {
   struct ssh_cipher_struct *cipher = NULL;
 
   cipher = malloc(sizeof(struct ssh_cipher_struct));
@@ -239,7 +239,7 @@ static int crypt_set_algorithms2(ssh_session session)
     const char *wanted = NULL;
     struct ssh_cipher_struct *ssh_ciphertab=ssh_get_ciphertab();
     struct ssh_hmac_struct *ssh_hmactab=ssh_get_hmactab();
-    size_t i = 0;
+    uint8_t i = 0;
     int cmp;
 
     /*