Misc minor cleanups.

Fix various [-Wunused-parameter], [-Wsign-compare], [-Wshift-negative-value], etc.
warnings that exist with recent compilers.

Author: dougnazar

include/ssl.h

@@ -34,7 +34,6 @@ extern const SSL_METHOD *meth;
 # endif
 extern SSL_CTX  *ctx;
 extern SslParms sslprm;
-#endif
 
 extern int       use_ssl;
 
@@ -45,3 +44,4 @@ void ssl_log_startup(int server);
 int ssl_load_certificates(void);
 int ssl_set_ciphers(void);
 int ssl_verify_callback_common(int preverify_ok, X509_STORE_CTX * ctx, int is_invalid);
+#endif

src/acl.c

@@ -241,7 +241,7 @@ int add_ipv4_to_acl(char *ipv4) {
 
         /* Convert ip and mask to unsigned long */
         ip = htonl((data[0] << 24) + (data[1] << 16) + (data[2] << 8) + data[3]);
-        mask =  htonl(-1 << (32 - data[4]));
+        mask =  htonl(~0u << (32 - data[4]));
 
         /* Wrong network address */
         if ( (ip & mask) != ip) {

src/check_nrpe.c

@@ -331,7 +331,9 @@ int process_arguments(int argc, char **argv, int from_config_file)
 			break;
 
 		case 'n':
+#ifdef HAVE_SSL
 			use_ssl = FALSE;
+#endif
 			break;
 
 		case 'u':
@@ -554,7 +556,7 @@ int read_config_file(char *fname)
 		logit(LOG_ERR, "Error: read_config_file fail to allocate memory");
 		return ERROR;
 	}
-	if ((sz = fread(buf, 1, st.st_size, f)) != st.st_size) {
+	if ((sz = fread(buf, 1, st.st_size, f)) != (size_t)st.st_size) {
 		fclose(f);
 		free(buf);
 		logit(LOG_ERR, "Error: Failed to completely read config file %s", fname);
@@ -993,7 +995,8 @@ int send_request(void)
 	v2_packet *v2_send_packet = NULL;
 	v3_packet *v3_send_packet = NULL;
 	u_int32_t calculated_crc32;
-	int rc, bytes_to_send, pkt_size;
+	int rc, bytes_to_send;
+	size_t pkt_size;
 	char *send_pkt;
 
 	if (packet_ver == NRPE_PACKET_VERSION_2) {
@@ -1229,10 +1232,13 @@ int read_packet(int sock, void *ssl_ptr, v2_packet ** v2_pkt, v3_packet ** v3_pk
 	int rc;
 	char *buff_ptr;
 
+	(void)ssl_ptr;
 	/* Read only the part that's common between versions 2 & 3 */
 	common_size = tot_bytes = bytes_to_recv = (char *)packet.buffer - (char *)&packet;
 
+#ifdef HAVE_SSL
 	if (use_ssl == FALSE) {
+#endif
 		rc = recvall(sock, (char *)&packet, &tot_bytes, socket_timeout);
 
 		if (rc <= 0 || rc != bytes_to_recv) {
@@ -1318,8 +1324,8 @@ int read_packet(int sock, void *ssl_ptr, v2_packet ** v2_pkt, v3_packet ** v3_pk
 			return -1;
 		} else
 			tot_bytes += rc;
-	}
 #ifdef HAVE_SSL
+	}
 	else {
 		SSL *ssl = (SSL *) ssl_ptr;
 
@@ -1450,6 +1456,8 @@ void alarm_handler(int sig)
 	const char	*text = state_text(timeout_return_code);
 	size_t		lth1 = 0, lth2 = 0;
 
+	(void)sig;
+
 	for (lth1 = 0; lth1 < 10; ++lth1)
 		if (text[lth1] == 0)
 			break;

src/nrpe.c

@@ -230,8 +230,8 @@ void init_ssl(void)
 #ifdef HAVE_SSL
 	char          seedfile[FILENAME_MAX];
 	char          errstr[256] = { "" };
-	int           i, c, x, vrfy;
-	unsigned long ssl_opts = SSL_OP_ALL | SSL_OP_SINGLE_DH_USE;
+	int           i, x, vrfy;
+	unsigned long c, ssl_opts = SSL_OP_ALL | SSL_OP_SINGLE_DH_USE;
 
 	if (use_ssl == FALSE) {
 		if (debug == TRUE)
@@ -954,7 +954,7 @@ int read_config_dir(char *dirname)
 
 		/* create the full path to the config file or subdirectory */
 		rc = snprintf(config_file, sizeof(config_file) - 1, "%s/%s", dirname, dirfile->d_name);
-		if (rc >= sizeof(config_file) - 1) {
+		if (rc >= (long)sizeof(config_file) - 1) {
 			logit(LOG_ERR, "Config file path too long '%s/%s'.\n", dirname, dirfile->d_name);
 			return ERROR;
 		}
@@ -1769,12 +1769,12 @@ void handle_connection(int sock)
 
 	/* send the response back to the client */
 	bytes_to_send = pkt_size;
-	if (use_ssl == FALSE)
-		sendall(sock, send_pkt, &bytes_to_send);
 #ifdef HAVE_SSL
-	else
+	if (use_ssl)
 		SSL_write(ssl, send_pkt, bytes_to_send);
+	else
 #endif
+		sendall(sock, send_pkt, &bytes_to_send);
 
 #ifdef HAVE_SSL
 	if (ssl) {
@@ -1818,9 +1818,9 @@ void init_handle_conn(void)
 	alarm(connection_timeout);
 }
 
+#ifdef HAVE_SSL
 int handle_conn_ssl(int sock, void *ssl_ptr)
 {
-#ifdef HAVE_SSL
 # if (defined(__sun) && defined(SOLARIS_10)) || defined(_AIX) || defined(__hpux)
 	SSL_CIPHER *c;
 #else
@@ -1923,21 +1923,24 @@ int handle_conn_ssl(int sock, void *ssl_ptr)
 			logit(LOG_NOTICE, "SSL Client %s did not present a certificate",
 				   remote_host);
 	}
-#endif
 
 	return OK;
 }
+#endif
 
 int read_packet(int sock, void *ssl_ptr, v2_packet * v2_pkt, v3_packet ** v3_pkt)
 {
 	int32_t   common_size, tot_bytes, bytes_to_recv, buffer_size;
 	int       rc;
 	char     *buff_ptr;
 
+	(void)ssl_ptr;
 	/* Read only the part that's common between versions 2 & 3 */
 	common_size = tot_bytes = bytes_to_recv = (char *)&v2_pkt->buffer - (char *)v2_pkt;
 
+#ifdef HAVE_SSL
 	if (use_ssl == FALSE) {
+#endif
 		rc = recvall(sock, (char *)v2_pkt, &tot_bytes, socket_timeout);
 
 		if (rc <= 0 || rc != bytes_to_recv)
@@ -1997,8 +2000,8 @@ int read_packet(int sock, void *ssl_ptr, v2_packet * v2_pkt, v3_packet ** v3_pkt
 			return -1;
 		} else
 			tot_bytes += rc;
-	}
 #ifdef HAVE_SSL
+	}
 	else {
 		SSL      *ssl = (SSL *) ssl_ptr;
 		int       sockfd, retval;
@@ -2338,7 +2341,7 @@ int my_system_child(const char *command, int timeout, int fd)
 
 			FD_ZERO(&rfds);
 			FD_ZERO(&wfds);
-			if (do_read && bytes_read < sizeof(buffer)) {
+			if (do_read && bytes_read < (long)sizeof(buffer)) {
 				FD_SET(fileno(fp), &rfds);
 				max_fd = fileno(fp);
 			}
@@ -2405,12 +2408,14 @@ int my_system_child(const char *command, int timeout, int fd)
 /* handle timeouts when executing commands via my_system() */
 void my_system_sighandler(int sig)
 {
+	(void)sig;
 	exit(STATE_CRITICAL);		/* force the child process to exit... */
 }
 
 /* handle errors where connection takes too long */
 void my_connection_sighandler(int sig)
 {
+	(void)sig;
 	logit(LOG_ERR, "Connection has taken too long to establish. Exiting...");
 	exit(STATE_CRITICAL);
 }
@@ -2566,6 +2571,7 @@ int remove_pid_file(void)
 
 void my_disconnect_sighandler(int sig)
 {
+	(void)sig;
 	logit(LOG_ERR, "SSL_shutdown() has taken too long to complete. Exiting now..");
 	exit(STATE_CRITICAL);
 }
@@ -2651,6 +2657,7 @@ void sighandler(int sig)
 /* handle signals (child processes) */
 void child_sighandler(int sig)
 {
+	(void)sig;
 	exit(0);					/* terminate */
 }
 
@@ -2789,7 +2796,7 @@ int contains_nasty_metachars(char *str)
 		return FALSE;
 
 	result = strcspn(str, nasty_metachars);
-	if (result != strlen(str))
+	if (result != (long)strlen(str))
 		return TRUE;
 
 	return FALSE;
@@ -2813,15 +2820,15 @@ int process_macros(char *input_buffer, char *output_buffer, int buffer_length)
 		selected_macro = NULL;
 
 		if (in_macro == FALSE) {
-			if (strlen(output_buffer) + strlen(temp_buffer) < buffer_length - 1) {
+			if (strlen(output_buffer) + strlen(temp_buffer) < (size_t)buffer_length - 1) {
 				strncat(output_buffer, temp_buffer, buffer_length - strlen(output_buffer) - 1);
 				output_buffer[buffer_length - 1] = '\x0';
 			}
 			in_macro = TRUE;
 
 		} else {
 
-			if (strlen(output_buffer) + strlen(temp_buffer) < buffer_length - 1) {
+			if (strlen(output_buffer) + strlen(temp_buffer) < (size_t)buffer_length - 1) {
 
 				/* argument macro */
 				if (strstr(temp_buffer, "ARG") == temp_buffer) {
@@ -2940,7 +2947,9 @@ int process_arguments(int argc, char **argv)
 			break;
 
 		case 'n':
+#ifdef HAVE_SSL
 			use_ssl = FALSE;
+#endif
 			break;
 
 		case 's':				/* Argument s to indicate SRC option */

src/ssl.c

@@ -34,7 +34,7 @@ void ssl_initialize(void)
 void ssl_set_protocol_version(SslVer ssl_proto_ver, unsigned long *ssl_opts)
 {
 #if OPENSSL_VERSION_NUMBER >= 0x10100000
-
+	(void)ssl_opts;
 	SSL_CTX_set_max_proto_version(ctx, 0);
 
 	switch(ssl_proto_ver) {
@@ -223,7 +223,7 @@ int ssl_load_certificates(void)
 
 int ssl_set_ciphers(void)
 {
-    int x;
+    size_t x;
     int changed = FALSE;
 	char errstr[256] = { "" };
 

src/utils.c

@@ -28,8 +28,12 @@
  *
  ****************************************************************************/
 
-#include "../include/common.h"
-#include "../include/utils.h"
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include "common.h"
+#include "utils.h"
 #include <stdarg.h>
 #ifdef HAVE_PATHS_H
 #include <paths.h>