diff options
-rw-r--r-- | Makefile.am | 51 | ||||
-rw-r--r-- | NEWS | 3 | ||||
-rw-r--r-- | client/remctl.c | 6 | ||||
-rw-r--r-- | m4/cc-flags.m4 | 8 | ||||
-rw-r--r-- | perl/lib/Net/Remctl.xs | 5 | ||||
-rw-r--r-- | python/_remctlmodule.c | 2 | ||||
-rw-r--r-- | ruby/remctl.c | 5 | ||||
-rw-r--r-- | server/config.c | 2 | ||||
-rw-r--r-- | server/internal.h | 3 | ||||
-rw-r--r-- | server/remctl-shell.c | 7 | ||||
-rw-r--r-- | server/remctld.c | 5 | ||||
-rw-r--r-- | tests/server/anonymous-t.c | 2 | ||||
-rw-r--r-- | tests/util/faketoken.c | 18 | ||||
-rw-r--r-- | tests/util/faketoken.h | 65 | ||||
-rw-r--r-- | tests/util/gss-tokens-t.c | 13 |
15 files changed, 128 insertions, 67 deletions
diff --git a/Makefile.am b/Makefile.am index 1869f86..0b1b7b7 100644 --- a/Makefile.am +++ b/Makefile.am @@ -324,17 +324,21 @@ distclean-local: clean-local fi # Suppress some warnings for Perl, PHP, Python, and Ruby code because the -# auto-generated code otherwise generates them. +# auto-generated code otherwise generates them. This suppression list +# covers both GCC and Clang. PERL_WARNINGS = -Wno-write-strings -Wno-nested-externs \ -Wno-strict-prototypes -Wno-missing-declarations \ -Wno-missing-prototypes -Wno-redundant-decls -Wno-shadow \ - -Wno-old-style-definition -Wno-conversion + -Wno-old-style-definition -Wno-conversion \ + -Wno-gnu-statement-expression -Wno-cast-align -Wno-comma PHP_WARNINGS = -Wno-strict-prototypes -Wno-write-strings \ -Wno-missing-prototypes -Wno-unused-parameter -Wno-sign-compare \ -Wno-redundant-decls -Wno-old-style-definition -Wno-float-equal \ - -Wno-strict-overflow -Wno-conversion -Wno-missing-declarations + -Wno-strict-overflow -Wno-conversion -Wno-missing-declarations \ + -Wno-double-promotion -Wno-cast-align PYTHON_WARNINGS = -Wno-unused-parameter -Wno-strict-aliasing -RUBY_WARNINGS = -Wno-strict-prototypes -Wno-redundant-decls -Wno-conversion +RUBY_WARNINGS = -Wno-strict-prototypes -Wno-redundant-decls -Wno-conversion \ + -Wno-shift-sign-overflow -Wno-gnu-statement-expression warnings: $(MAKE) V=0 CFLAGS='$(WARNINGS_CFLAGS) $(AM_CFLAGS)' \ @@ -543,8 +547,9 @@ tests_util_buffer_t_LDADD = tests/tap/libtap.a util/libutil.la \ portable/libportable.la tests_util_fdflag_t_LDADD = tests/tap/libtap.a util/libutil.la \ portable/libportable.la -tests_util_gss_tokens_t_SOURCES = tests/util/faketoken.c \ - tests/util/gss-tokens.c tests/util/gss-tokens-t.c +tests_util_gss_tokens_t_SOURCES = tests/util/faketoken.c \ + tests/util/faketoken.h tests/util/gss-tokens.c \ + tests/util/gss-tokens-t.c tests_util_gss_tokens_t_LDFLAGS = $(GSSAPI_LDFLAGS) $(KRB5_LDFLAGS) tests_util_gss_tokens_t_LDADD = tests/tap/libtap.a util/libutil.la \ portable/libportable.la $(GSSAPI_LIBS) $(KRB5_LIBS) @@ -653,7 +658,7 @@ perl/lib/Net/Remctl.o: $(srcdir)/perl/lib/Net/Remctl.pm \ $(srcdir)/perl/lib/Net/Remctl.xs \ $(srcdir)/perl/lib/Net/Remctl/Backend.pm \ $(srcdir)/perl/typemap client/libremctl.la perl/Build.PL - set -e; if [ x"$(builddir)" != x"$(srcdir)" ] ; then \ + set -e; if [ x'$(builddir)' != x'$(srcdir)' ] ; then \ for d in $(PERL_DIRECTORIES) ; do \ [ -d "$(builddir)/$$d" ] || mkdir "$(builddir)/$$d" ; \ done ; \ @@ -664,6 +669,7 @@ perl/lib/Net/Remctl.o: $(srcdir)/perl/lib/Net/Remctl.pm \ cp -R $(srcdir)/tests/tap/perl/* perl/t/lib/ rm -f perl/lib/Net/Remctl.o cd perl && perl Build.PL \ + --config cc='$(CC)' \ --config lddlflags='$(PERL_LDFLAGS_FULL)' \ --config optimize='$(CFLAGS) $(PERL_CFLAGS_EXTRA)' \ --extra-compiler-flags '$(PERL_CFLAGS)' \ @@ -684,16 +690,16 @@ endif php/modules/remctl.so: php/config.m4 php/php_remctl.h \ $(srcdir)/php/php_remctl.c client/libremctl.la - set -e; if [ x"$(builddir)" != x"$(srcdir)" ] ; then \ + set -e; if [ x'$(builddir)' != x'$(srcdir)' ] ; then \ mkdir php/tests 2>/dev/null || true ; \ for f in $(PHP_FILES) ; do \ cp "$(srcdir)/$$f" "$(builddir)/$$f" ; \ done \ fi cd php && $(PHPIZE) --clean && $(PHPIZE) - cd php && ./configure CPPFLAGS="$(CPPFLAGS)" \ - CFLAGS="$(CFLAGS) $(PHP_CFLAGS_EXTRA)" LDFLAGS="$(LDFLAGS)" - cd php && $(MAKE) CFLAGS="$(CFLAGS) $(PHP_WARNINGS)" + cd php && ./configure CC='$(CC)' CPPFLAGS='$(CPPFLAGS)' \ + CFLAGS='$(AM_CFLAGS)' LDFLAGS='$(LDFLAGS)' + cd php && $(MAKE) CFLAGS='$(CFLAGS) $(PHP_WARNINGS)' # PHP's build system uses INSTALL_ROOT where everyone else uses DESTDIR. install-data-local-php: php/modules/remctl.so @@ -712,15 +718,16 @@ endif stamp-python: $(srcdir)/python/_remctlmodule.c python/remctl.py \ client/libremctl.la - set -e; if [ x"$(builddir)" != x"$(srcdir)" ] ; then \ + set -e; if [ x'$(builddir)' != x'$(srcdir)' ] ; then \ for f in $(PYTHON_FILES) ; do \ cp "$(srcdir)/$$f" "$(builddir)/$$f" ; \ done \ fi - set -e; for python in $(REMCTL_PYTHON_VERSIONS) ; do \ - cd python \ - && CFLAGS="$(CPPFLAGS) $(CFLAGS) $(PYTHON_CFLAGS_EXTRA)" \ - "$$python" setup.py build && cd .. ; \ + set -e; for python in $(REMCTL_PYTHON_VERSIONS) ; do \ + cd python \ + && BASECFLAGS='$(CPPFLAGS) $(CFLAGS) $(PYTHON_CFLAGS_EXTRA)' \ + CFLAGS='' CC='$(CC)' "$$python" setup.py build \ + && cd .. ; \ done touch stamp-python @@ -729,12 +736,12 @@ stamp-python: $(srcdir)/python/_remctlmodule.c python/remctl.py \ install-data-local-python: stamp-python set -e; for python in $(REMCTL_PYTHON_VERSIONS) ; do \ cd python ; \ - if [ -n "$(DESTDIR)" ] ; then \ + if [ -n '$(DESTDIR)' ] ; then \ "$$python" setup.py install $(REMCTL_PYTHON_INSTALL) \ - --root $(DESTDIR) ; \ - elif [ -n "$(RPM_BUILD_ROOT)" ] ; then \ + --root '$(DESTDIR)' ; \ + elif [ -n '$(RPM_BUILD_ROOT)' ] ; then \ "$$python" setup.py install $(REMCTL_PYTHON_INSTALL) \ - --root $(RPM_BUILD_ROOT) ; \ + --root '$(RPM_BUILD_ROOT)' ; \ else \ "$$python" setup.py install $(REMCTL_PYTHON_INSTALL) ; \ fi ; \ @@ -757,13 +764,13 @@ RUBY_CFLAGS = -I$(abs_top_builddir) -I$(abs_top_srcdir) \ # the two lines aren't important to suppress for people who want quiet # builds. (PHP and Perl are way noisier.) ruby/remctl.so: ruby/extconf.rb $(srcdir)/ruby/remctl.c client/libremctl.la - set -e; if [ x"$(builddir)" != x"$(srcdir)" ] ; then \ + set -e; if [ x'$(builddir)' != x'$(srcdir)' ] ; then \ for f in $(RUBY_FILES) ; do \ cp "$(srcdir)/$$f" "$(builddir)/$$f" ; \ done \ fi cd ruby && $(REMCTL_RUBY) extconf.rb $(REMCTL_RUBY_FLAGS) - cd ruby && $(MAKE) V=1 CFLAGS="$(RUBY_CFLAGS)" + cd ruby && $(MAKE) V=1 CC='$(CC)' CFLAGS='$(RUBY_CFLAGS)' install-data-local-ruby: ruby/remctl.so cd ruby && $(MAKE) install DESTDIR=$(DESTDIR) @@ -25,6 +25,9 @@ remctl 3.15 (unreleased) the end of the test suite. This catches the bad free that caused the security issue in 3.14. + Flesh out support for Clang warnings and compile cleanly under Clang + with most warnings enabled (-Weverything with some exclusions). + Update to rra-c-util 7.1: * Avoid spurious test failures from the network library. diff --git a/client/remctl.c b/client/remctl.c index 4625283..025e379 100644 --- a/client/remctl.c +++ b/client/remctl.c @@ -41,7 +41,7 @@ Options:\n\ /* * Display the usage message for remctl. */ -static void +static void __attribute__((__noreturn__)) usage(int status) { fprintf((status == 0) ? stdout : stderr, "%s", usage_message); @@ -149,7 +149,6 @@ main(int argc, char *argv[]) break; case 'h': usage(0); - break; case 'p': tmp_port = strtol(optarg, &end, 10); if (*end != '\0' || tmp_port < 1 || tmp_port > (1L << 16) - 1) @@ -162,14 +161,11 @@ main(int argc, char *argv[]) case 'v': printf("%s\n", PACKAGE_STRING); exit(0); - break; case '+': fprintf(stderr, "%s: invalid option -- +\n", argv[0]); usage(1); - break; default: usage(1); - break; } } argc -= optind; diff --git a/m4/cc-flags.m4 b/m4/cc-flags.m4 index 0f35555..8a5aa8a 100644 --- a/m4/cc-flags.m4 +++ b/m4/cc-flags.m4 @@ -70,6 +70,7 @@ dnl For Clang, we try to use -Weverything, but we have to disable some of the dnl warnings: dnl dnl -Wcast-qual Some structs require casting away const +dnl -Wdisabled-macro-expansion Triggers on libc (sigaction.sa_handler) dnl -Wpadded Not an actual problem dnl -Wreserved-id-macros Autoconf sets several of these normally dnl -Wsign-conversion Too many fiddly changes for the benefit @@ -86,9 +87,10 @@ AC_DEFUN([RRA_PROG_CC_WARNINGS_FLAGS], AS_IF([test x"$CLANG" = xyes], [WARNINGS_CFLAGS="-Werror" m4_foreach_w([flag], - [-Weverything -Wno-cast-qual -Wno-padded -Wno-sign-conversion - -Wno-reserved-id-macro -Wno-tautological-pointer-compare -Wno-undef - -Wno-unreachable-code -Wno-unreachable-code-return -Wno-unused-macros + [-Weverything -Wno-cast-qual -Wno-disabled-macro-expansion -Wno-padded + -Wno-sign-conversion -Wno-reserved-id-macro + -Wno-tautological-pointer-compare -Wno-undef -Wno-unreachable-code + -Wno-unreachable-code-return -Wno-unused-macros -Wno-used-but-marked-unused], [RRA_PROG_CC_FLAG(flag, [WARNINGS_CFLAGS="${WARNINGS_CFLAGS} flag"])])], diff --git a/perl/lib/Net/Remctl.xs b/perl/lib/Net/Remctl.xs index f8a2926..c90843b 100644 --- a/perl/lib/Net/Remctl.xs +++ b/perl/lib/Net/Remctl.xs @@ -21,7 +21,8 @@ * members of the struct. * * Written by Russ Allbery <eagle@eyrie.org> - * Copyright 2007, 2008, 2011, 2012, 2014 + * Copyright 2018 Russ Allbery <eagle@eyrie.org> + * Copyright 2007-2008, 2011-2012, 2014 * The Board of Trustees of the Leland Stanford Junior University * * See LICENSE for licensing terms. @@ -45,7 +46,7 @@ typedef struct remctl_result * Net__Remctl__Result; typedef struct remctl_output * Net__Remctl__Output; /* Map the remctl_output type constants to strings. */ -const struct { +static const struct { enum remctl_output_type type; const char *name; } OUTPUT_TYPE[] = { diff --git a/python/_remctlmodule.c b/python/_remctlmodule.c index b928e31..bf052c5 100644 --- a/python/_remctlmodule.c +++ b/python/_remctlmodule.c @@ -48,7 +48,7 @@ typedef int Py_ssize_t; PyMODINIT_FUNC init_remctl(void); /* Map the remctl_output type constants to strings. */ -const struct { +static const struct { enum remctl_output_type type; const char *name; } OUTPUT_TYPE[] = { diff --git a/ruby/remctl.c b/ruby/remctl.c index d691e69..9737621 100644 --- a/ruby/remctl.c +++ b/ruby/remctl.c @@ -5,9 +5,10 @@ * simple and complex forms of the API. * * Original implementation by Anthony M. Martinez <twopir@nmt.edu> - * Copyright 2010 Anthony M. Martinez <twopir@nmt.edu> + * Copyright 2018 Russ Allbery <eagle@eyrie.org> * Copyright 2010, 2011, 2012, 2013 * The Board of Trustees of the Leland Stanford Junior University + * Copyright 2010 Anthony M. Martinez <twopir@nmt.edu> * * Permission to use, copy, modify, and distribute this software and its * documentation for any purpose and without fee is hereby granted, provided @@ -66,7 +67,7 @@ static ID AAccache, AAsource_ip, AAtimeout; static ID Ahost, Aport, Aprincipal; /* Map the remctl_output type constants to strings. */ -const struct { +static const struct { enum remctl_output_type type; const char *name; } OUTPUT_TYPE[] = { diff --git a/server/config.c b/server/config.c index 9157c3e..ebfc717 100644 --- a/server/config.c +++ b/server/config.c @@ -770,8 +770,8 @@ acl_check_deny(const struct client *client, const char *data, case CONFIG_NOMATCH: return CONFIG_NOMATCH; case CONFIG_DENY: return CONFIG_NOMATCH; case CONFIG_ERROR: return CONFIG_ERROR; - default: return s; } + return s; } diff --git a/server/internal.h b/server/internal.h index bf210ef..1c36b0b 100644 --- a/server/internal.h +++ b/server/internal.h @@ -190,7 +190,8 @@ struct iovec **server_ssh_parse_command(const char *); /* libevent utility functions. */ void server_event_log_callback(int, const char *); -void server_event_fatal_callback(int); +void server_event_fatal_callback(int) + __attribute__((__noreturn__)); END_DECLS diff --git a/server/remctl-shell.c b/server/remctl-shell.c index efc26ac..ea06549 100644 --- a/server/remctl-shell.c +++ b/server/remctl-shell.c @@ -9,7 +9,7 @@ * This file handles parsing of the user's command and the main control flow. * * Written by Russ Allbery - * Copyright 2016 Russ Allbery <eagle@eyrie.org> + * Copyright 2016, 2018 Russ Allbery <eagle@eyrie.org> * Copyright 2016 Dropbox, Inc. * * See LICENSE for licensing terms. @@ -50,7 +50,7 @@ Supported ACL methods: file, princ, deny"; /* * Display the usage message for remctl-shell. */ -static void +static void __attribute__((__noreturn__)) usage(int status) { FILE *output; @@ -125,7 +125,6 @@ main(int argc, char *argv[]) break; case 'h': usage(0); - break; case 'q': quiet = true; break; @@ -135,11 +134,9 @@ main(int argc, char *argv[]) case 'v': printf("remctl-shell %s\n", PACKAGE_VERSION); exit(0); - break; default: warn("unknown option -%c", optopt); usage(1); - break; } } argc -= optind; diff --git a/server/remctld.c b/server/remctld.c index 59f5b41..9107169 100644 --- a/server/remctld.c +++ b/server/remctld.c @@ -90,7 +90,7 @@ struct options { /* * Display the usage message for remctld. */ -static void +static void __attribute__((__noreturn__)) usage(int status) { FILE *output; @@ -553,7 +553,6 @@ main(int argc, char *argv[]) break; case 'h': usage(0); - break; case 'k': if (setenv("KRB5_KTNAME", optarg, 1) < 0) sysdie("cannot set KRB5_KTNAME"); @@ -579,13 +578,11 @@ main(int argc, char *argv[]) case 'v': printf("remctld %s\n", PACKAGE_VERSION); exit(0); - break; case 'Z': options.suspend = true; break; default: usage(1); - break; } } diff --git a/tests/server/anonymous-t.c b/tests/server/anonymous-t.c index 3c16b5d..b3acf9b 100644 --- a/tests/server/anonymous-t.c +++ b/tests/server/anonymous-t.c @@ -81,7 +81,7 @@ cache_init_anonymous(krb5_context ctx, const char *principal) * memory cache whose name is based on the pointer value of our Kerberos * context, since that should be unique among threads. */ - basprintf(&name, "MEMORY:%p", ctx); + basprintf(&name, "MEMORY:%p", (void *) ctx); retval = krb5_cc_resolve(ctx, name, &ccache); if (retval != 0) bail_krb5(ctx, retval, "cannot create memory ticket cache %s", name); diff --git a/tests/util/faketoken.c b/tests/util/faketoken.c index 3b7faaf..270e579 100644 --- a/tests/util/faketoken.c +++ b/tests/util/faketoken.c @@ -2,7 +2,8 @@ * Fake token_send and token_recv functions for testing. * * Written by Russ Allbery <eagle@eyrie.org> - * Copyright 2006, 2009, 2010, 2012 + * Copyright 2018 Russ Allbery <eagle@eyrie.org> + * Copyright 2006, 2009-2010, 2012 * The Board of Trustees of the Leland Stanford Junior University * * See LICENSE for licensing terms. @@ -15,21 +16,18 @@ #include <time.h> +#include <tests/util/faketoken.h> #include <util/macros.h> #include <util/tokens.h> -enum token_status fake_token_send(socket_type, int, gss_buffer_t, time_t); -enum token_status fake_token_recv(socket_type, int *, gss_buffer_t, size_t, - time_t); - -/* - * The token and flags are actually read from or written to these variables. - */ +/* The data, length, and flags sent by the last fake_token_send. */ char send_buffer[2048]; -char recv_buffer[2048]; size_t send_length; -size_t recv_length; int send_flags; + +/* The data, length, and flags returned by the next fake_token_recv. */ +char recv_buffer[2048]; +size_t recv_length; int recv_flags; /* If set to true, return timeout from the fake token functions. */ diff --git a/tests/util/faketoken.h b/tests/util/faketoken.h new file mode 100644 index 0000000..ac96aa0 --- /dev/null +++ b/tests/util/faketoken.h @@ -0,0 +1,65 @@ +/* + * Testing interface to fake token functions. + * + * This header defines the interfaces to fake token functions used to test the + * utility functions for sending and retrieving GSS-API tokens. + * + * Copyright 2018 Russ Allbery <eagle@eyrie.org> + * + * Permission is hereby granted, free of charge, to any person obtaining a + * copy of this software and associated documentation files (the "Software"), + * to deal in the Software without restriction, including without limitation + * the rights to use, copy, modify, merge, publish, distribute, sublicense, + * and/or sell copies of the Software, and to permit persons to whom the + * Software is furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL + * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER + * DEALINGS IN THE SOFTWARE. + * + * SPDX-License-Identifier: MIT + */ + +#ifndef TESTS_UTIL_FAKETOKEN_H +#define TESTS_UTIL_FAKETOKEN_H 1 + +#include <config.h> +#include <portable/gssapi.h> +#include <portable/macros.h> +#include <portable/socket.h> + +#include <sys/types.h> +#include <time.h> + +#include <util/tokens.h> + +BEGIN_DECLS + +/* Replacement functions called instead of normal utility functions. */ +enum token_status fake_token_send(socket_type, int, gss_buffer_t, time_t); +enum token_status fake_token_recv(socket_type, int *, gss_buffer_t, size_t, + time_t); + +/* The data, length, and flags sent by the last fake_token_send. */ +extern char send_buffer[2048]; +extern size_t send_length; +extern int send_flags; + +/* The data, length, and flags returned by the next fake_token_recv. */ +extern char recv_buffer[2048]; +extern size_t recv_length; +extern int recv_flags; + +/* If set to true, return timeout from the fake token functions. */ +extern bool fail_timeout; + +END_DECLS + +#endif /* !TESTS_UTIL_FAKEWRITE_H */ diff --git a/tests/util/gss-tokens-t.c b/tests/util/gss-tokens-t.c index 4a84dc0..e3d8a11 100644 --- a/tests/util/gss-tokens-t.c +++ b/tests/util/gss-tokens-t.c @@ -2,7 +2,8 @@ * gss-tokens test suite. * * Written by Russ Allbery <eagle@eyrie.org> - * Copyright 2006, 2007, 2009, 2010, 2012 + * Copyright 2018 Russ Allbery <eagle@eyrie.org> + * Copyright 2006-2007, 2009-2010, 2012 * The Board of Trustees of the Leland Stanford Junior University * * See LICENSE for licensing terms. @@ -14,17 +15,9 @@ #include <tests/tap/basic.h> #include <tests/tap/kerberos.h> +#include <tests/util/faketoken.h> #include <util/gss-tokens.h> -/* From faketoken.c. */ -extern char send_buffer[2048]; -extern char recv_buffer[2048]; -extern size_t send_length; -extern size_t recv_length; -extern int send_flags; -extern int recv_flags; -extern bool fail_timeout; - int main(void) |