From 5fec8989b533500e9ad082aae938946220792a82 Mon Sep 17 00:00:00 2001 From: Taylor R Campbell Date: Tue, 20 Jun 2023 11:41:32 +0000 Subject: [PATCH] gssapi: Sprinkle const and rk_UNCONST to pacify -Wwrite-strings. All for read-only krb5_data or gss_buffer_desc. --- lib/gssapi/mech/context.c | 4 ++-- lib/gssapi/mech/gss_authorize_localname.c | 2 +- lib/gssapi/sanon/crypto.c | 2 +- lib/gssapi/sanon/external.c | 4 ++-- lib/gssapi/sanon/negoex.c | 4 ++-- lib/gssapi/spnego/negoex_util.c | 2 +- lib/gssapi/test_context.c | 14 +++++++------- 7 files changed, 16 insertions(+), 16 deletions(-) diff --git a/lib/gssapi/mech/context.c b/lib/gssapi/mech/context.c index de9d4099a..5bfa9711a 100644 --- a/lib/gssapi/mech/context.c +++ b/lib/gssapi/mech/context.c @@ -307,8 +307,8 @@ _gss_mg_log_name(int level, int ret; if (mn == NULL) { - namebuf.value = "no name"; - namebuf.length = strlen((char *)namebuf.value); + namebuf.value = rk_UNCONST("no name"); + namebuf.length = strlen(namebuf.value); } else { maj_stat = m->gm_display_name(&junk, mn->gmn_name, &namebuf, NULL); diff --git a/lib/gssapi/mech/gss_authorize_localname.c b/lib/gssapi/mech/gss_authorize_localname.c index a0efd38c6..a7501f813 100644 --- a/lib/gssapi/mech/gss_authorize_localname.c +++ b/lib/gssapi/mech/gss_authorize_localname.c @@ -34,7 +34,7 @@ gss_buffer_desc GSSAPI_LIB_VARIABLE __gss_c_attr_local_login_user = { sizeof("local-login-user") - 1, - "local-login-user" + rk_UNCONST("local-login-user") }; static OM_uint32 diff --git a/lib/gssapi/sanon/crypto.c b/lib/gssapi/sanon/crypto.c index 85599cb35..15d8b6648 100644 --- a/lib/gssapi/sanon/crypto.c +++ b/lib/gssapi/sanon/crypto.c @@ -329,7 +329,7 @@ _gss_sanon_curve25519(OM_uint32 *minor, kdf_K1.data = shared; kdf_K1.length = sizeof(shared); - kdf_label.data = "sanon-x25519"; + kdf_label.data = rk_UNCONST("sanon-x25519"); kdf_label.length = sizeof("sanon-x25519") - 1; ret = krb5_data_alloc(&kdf_context, diff --git a/lib/gssapi/sanon/external.c b/lib/gssapi/sanon/external.c index 8812f9e08..7617ad0aa 100644 --- a/lib/gssapi/sanon/external.c +++ b/lib/gssapi/sanon/external.c @@ -47,14 +47,14 @@ _gss_sanon_non_anonymous_cred = (gss_cred_id_t)&non_anonymous_identity; static gss_buffer_desc wellknown_user_name = { SANON_WELLKNOWN_USER_NAME_LEN, - SANON_WELLKNOWN_USER_NAME + rk_UNCONST(SANON_WELLKNOWN_USER_NAME) }; gss_buffer_t _gss_sanon_wellknown_user_name = &wellknown_user_name; static gss_buffer_desc wellknown_service_name = { SANON_WELLKNOWN_SERVICE_NAME_LEN, - SANON_WELLKNOWN_SERVICE_NAME + rk_UNCONST(SANON_WELLKNOWN_SERVICE_NAME) }; gss_buffer_t _gss_sanon_wellknown_service_name = &wellknown_service_name; diff --git a/lib/gssapi/sanon/negoex.c b/lib/gssapi/sanon/negoex.c index 10574de58..04ddab21c 100644 --- a/lib/gssapi/sanon/negoex.c +++ b/lib/gssapi/sanon/negoex.c @@ -73,10 +73,10 @@ _gss_sanon_inquire_negoex_key(OM_uint32 *minor, if (initiator_key) { salt.length = sizeof("sanon-x25519-initiator-negoex-key") - 1; - salt.value = "sanon-x25519-initiator-negoex-key"; + salt.value = rk_UNCONST("sanon-x25519-initiator-negoex-key"); } else { salt.length = sizeof("sanon-x25519-acceptor-negoex-key") - 1; - salt.value = "sanon-x25519-acceptor-negoex-key"; + salt.value = rk_UNCONST("sanon-x25519-acceptor-negoex-key"); } _gss_mg_encode_le_uint32(KRB5_ENCTYPE_AES128_CTS_HMAC_SHA256_128, typebytes); diff --git a/lib/gssapi/spnego/negoex_util.c b/lib/gssapi/spnego/negoex_util.c index d1c7af0d1..4cf038b61 100644 --- a/lib/gssapi/spnego/negoex_util.c +++ b/lib/gssapi/spnego/negoex_util.c @@ -152,7 +152,7 @@ _gss_negoex_log_message(int direction, unsigned int msg_len) { char conv_str[37]; - char *typestr; + const char *typestr; if (type == INITIATOR_NEGO) typestr = "INITIATOR_NEGO"; diff --git a/lib/gssapi/test_context.c b/lib/gssapi/test_context.c index c7bc42c14..b8bc81447 100644 --- a/lib/gssapi/test_context.c +++ b/lib/gssapi/test_context.c @@ -160,7 +160,7 @@ show_pac_client_info(gss_name_t n) errx(1, "gss_inquire_name: %s", gssapi_err(maj, min, GSS_KRB5_MECHANISM)); - a.value = "urn:mspac:client-info"; + a.value = rk_UNCONST("urn:mspac:client-info"); a.length = sizeof("urn:mspac:client-info") - 1; for (found = 0, i = 0; i < attrs->count; i++) { @@ -317,7 +317,7 @@ loop(gss_OID mechoid, if (kret) errx(1, "Could not encode AD-ON-BEHALF-OF AuthorizationDataElement"); attr.value = - GSS_KRB5_NAME_ATTRIBUTE_BASE_URN "authenticator-authz-data"; + rk_UNCONST(GSS_KRB5_NAME_ATTRIBUTE_BASE_URN "authenticator-authz-data"); attr.length = sizeof(GSS_KRB5_NAME_ATTRIBUTE_BASE_URN "authenticator-authz-data") - 1; maj_stat = gss_set_name_attribute(&min_stat, gss_target_name, 1, &attr, @@ -495,7 +495,7 @@ loop(gss_OID mechoid, gss_buffer_desc attr, value; attr.value = - GSS_KRB5_NAME_ATTRIBUTE_BASE_URN "authz-data#580"; + rk_UNCONST(GSS_KRB5_NAME_ATTRIBUTE_BASE_URN "authz-data#580"); attr.length = sizeof(GSS_KRB5_NAME_ATTRIBUTE_BASE_URN "authz-data#580") - 1; maj_stat = gss_get_name_attribute(&min_stat, src_name, &attr, NULL, @@ -609,7 +609,7 @@ wrapunwrap(gss_ctx_id_t cctx, gss_ctx_id_t sctx, int flags, gss_OID mechoid) gss_qop_t qop_state; int conf_state; - input_token.value = "foo"; + input_token.value = rk_UNCONST("foo"); input_token.length = 3; maj_stat = gss_wrap(&min_stat, cctx, flags, 0, &input_token, @@ -857,7 +857,7 @@ getverifymic(gss_ctx_id_t cctx, gss_ctx_id_t sctx, gss_OID mechoid) OM_uint32 min_stat, maj_stat; gss_qop_t qop_state; - input_token.value = "bar"; + input_token.value = rk_UNCONST("bar"); input_token.length = 3; maj_stat = gss_get_mic(&min_stat, cctx, 0, &input_token, @@ -1431,7 +1431,7 @@ main(int argc, char **argv) memset(&out1, 0, sizeof(out1)); memset(&out2, 0, sizeof(out2)); - in.value = "foo"; + in.value = rk_UNCONST("foo"); in.length = 3; gss_pseudo_random(&min_stat, sctx, GSS_C_PRF_KEY_FULL, &in, @@ -1457,7 +1457,7 @@ main(int argc, char **argv) gss_release_buffer(&min_stat, &out1); gss_release_buffer(&min_stat, &out2); - in.value = "bar"; + in.value = rk_UNCONST("bar"); in.length = 3; gss_pseudo_random(&min_stat, sctx, GSS_C_PRF_KEY_PARTIAL, &in,