Merge pull request #49 from fperrad/20170812_lint

Some linting, const parameters

rsa.h

@@ -43,14 +43,14 @@ typedef struct {
 } dropbear_rsa_key;
-void buf_put_rsa_sign(buffer* buf, dropbear_rsa_key *key, buffer *data_buf);
+void buf_put_rsa_sign(buffer* buf, const dropbear_rsa_key *key, const buffer *data_buf);
 #if DROPBEAR_SIGNKEY_VERIFY
-int buf_rsa_verify(buffer * buf, dropbear_rsa_key *key, buffer *data_buf);
+int buf_rsa_verify(buffer * buf, const dropbear_rsa_key *key, const buffer *data_buf);
 #endif
 int buf_get_rsa_pub_key(buffer* buf, dropbear_rsa_key *key);
 int buf_get_rsa_priv_key(buffer* buf, dropbear_rsa_key *key);
-void buf_put_rsa_pub_key(buffer* buf, dropbear_rsa_key *key);
-void buf_put_rsa_priv_key(buffer* buf, dropbear_rsa_key *key);
+void buf_put_rsa_pub_key(buffer* buf, const dropbear_rsa_key *key);
+void buf_put_rsa_priv_key(buffer* buf, const dropbear_rsa_key *key);
 void rsa_key_free(dropbear_rsa_key *key);
 #endif /* DROPBEAR_RSA */

signkey.c

@@ -400,7 +400,7 @@ static char hexdig(unsigned char x) {
 /* Since we're not sure if we'll have md5 or sha1, we present both.
  * MD5 is used in preference, but sha1 could still be useful */
 #if DROPBEAR_MD5_HMAC
-static char * sign_key_md5_fingerprint(unsigned char* keyblob,
+static char * sign_key_md5_fingerprint(const unsigned char* keyblob,
 		unsigned int keybloblen) {
 	char * ret;
@@ -435,7 +435,7 @@ static char * sign_key_md5_fingerprint(unsigned char* keyblob,
 }
 #else /* use SHA1 rather than MD5 for fingerprint */
-static char * sign_key_sha1_fingerprint(unsigned char* keyblob, 
+static char * sign_key_sha1_fingerprint(const unsigned char* keyblob,
 		unsigned int keybloblen) {
 	char * ret;
@@ -472,7 +472,7 @@ static char * sign_key_sha1_fingerprint(unsigned char* keyblob,
 /* This will return a freshly malloced string, containing a fingerprint
  * in either sha1 or md5 */
-char * sign_key_fingerprint(unsigned char* keyblob, unsigned int keybloblen) {
+char * sign_key_fingerprint(const unsigned char* keyblob, unsigned int keybloblen) {
 #if DROPBEAR_MD5_HMAC
 	return sign_key_md5_fingerprint(keyblob, keybloblen);
@@ -482,7 +482,7 @@ char * sign_key_fingerprint(unsigned char* keyblob, unsigned int keybloblen) {
 }
 void buf_put_sign(buffer* buf, sign_key *key, enum signkey_type type, 
-	buffer *data_buf) {
+	const buffer *data_buf) {
 	buffer *sigblob;
 	sigblob = buf_new(MAX_PUBKEY_SIZE);
@@ -517,7 +517,7 @@ void buf_put_sign(buffer* buf, sign_key *key, enum signkey_type type,
  * If FAILURE is returned, the position of
  * buf is undefined. If SUCCESS is returned, buf will be positioned after the
  * signature blob */
-int buf_verify(buffer * buf, sign_key *key, buffer *data_buf) {
+int buf_verify(buffer * buf, sign_key *key, const buffer *data_buf) {
 	
 	char *type_name = NULL;
 	unsigned int type_name_len = 0;
@@ -570,7 +570,7 @@ int buf_verify(buffer * buf, sign_key *key, buffer *data_buf) {
    of the key if it is successfully decoded */
 int cmp_base64_key(const unsigned char* keyblob, unsigned int keybloblen, 
 					const unsigned char* algoname, unsigned int algolen, 
-					buffer * line, char ** fingerprint) {
+					const buffer * line, char ** fingerprint) {
 	buffer * decodekey = NULL;
 	int ret = DROPBEAR_FAILURE;

signkey.h

@@ -90,14 +90,14 @@ int buf_get_priv_key(buffer* buf, sign_key *key, enum signkey_type *type);
 void buf_put_pub_key(buffer* buf, sign_key *key, enum signkey_type type);
 void buf_put_priv_key(buffer* buf, sign_key *key, enum signkey_type type);
 void sign_key_free(sign_key *key);
-void buf_put_sign(buffer* buf, sign_key *key, enum signkey_type type, buffer *data_buf);
+void buf_put_sign(buffer* buf, sign_key *key, enum signkey_type type, const buffer *data_buf);
 #if DROPBEAR_SIGNKEY_VERIFY
-int buf_verify(buffer * buf, sign_key *key, buffer *data_buf);
-char * sign_key_fingerprint(unsigned char* keyblob, unsigned int keybloblen);
+int buf_verify(buffer * buf, sign_key *key, const buffer *data_buf);
+char * sign_key_fingerprint(const unsigned char* keyblob, unsigned int keybloblen);
 #endif
 int cmp_base64_key(const unsigned char* keyblob, unsigned int keybloblen, 
 					const unsigned char* algoname, unsigned int algolen, 
-					buffer * line, char ** fingerprint);
+					const buffer * line, char ** fingerprint);
 void** signkey_key_ptr(sign_key *key, enum signkey_type type);

svr-agentfwd.c

@@ -45,7 +45,7 @@
 static int send_msg_channel_open_agent(int fd);
 static int bindagent(int fd, struct ChanSess * chansess);
-static void agentaccept(struct Listener * listener, int sock);
+static void agentaccept(const struct Listener * listener, int sock);
 /* Handles client requests to start agent forwarding, sets up listening socket.
  * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */
@@ -100,7 +100,7 @@ fail:
 /* accepts a connection on the forwarded socket and opens a new channel for it
  * back to the client */
 /* returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */
-static void agentaccept(struct Listener *UNUSED(listener), int sock) {
+static void agentaccept(const struct Listener *UNUSED(listener), int sock) {
 	int fd;
@@ -118,7 +118,7 @@ static void agentaccept(struct Listener *UNUSED(listener), int sock) {
 /* set up the environment variable pointing to the socket. This is called
  * just before command/shell execution, after dropping privileges */
-void svr_agentset(struct ChanSess * chansess) {
+void svr_agentset(const struct ChanSess * chansess) {
 	char *path = NULL;
 	int len;

svr-auth.c

@@ -81,7 +81,7 @@ static void authclear() {
 /* Send a banner message if specified to the client. The client might
  * ignore this, but possibly serves as a legal "no trespassing" sign */
-void send_msg_userauth_banner(buffer *banner) {
+void send_msg_userauth_banner(const buffer *banner) {
 	TRACE(("enter send_msg_userauth_banner"))

svr-authpubkey.c

@@ -70,11 +70,11 @@
 #define MIN_AUTHKEYS_LINE 10 /* "ssh-rsa AB" - short but doesn't matter */
 #define MAX_AUTHKEYS_LINE 4200 /* max length of a line in authkeys */
-static int checkpubkey(char* algo, unsigned int algolen,
-		unsigned char* keyblob, unsigned int keybloblen);
+static int checkpubkey(const char* algo, unsigned int algolen,
+		const unsigned char* keyblob, unsigned int keybloblen);
 static int checkpubkeyperms(void);
-static void send_msg_userauth_pk_ok(char* algo, unsigned int algolen,
-		unsigned char* keyblob, unsigned int keybloblen);
+static void send_msg_userauth_pk_ok(const char* algo, unsigned int algolen,
+		const unsigned char* keyblob, unsigned int keybloblen);
 static int checkfileperm(char * filename);
 /* process a pubkey auth request, sending success or failure message as
@@ -173,8 +173,8 @@ out:
 /* Reply that the key is valid for auth, this is sent when the user sends
  * a straight copy of their pubkey to test, to avoid having to perform
  * expensive signing operations with a worthless key */
-static void send_msg_userauth_pk_ok(char* algo, unsigned int algolen,
-		unsigned char* keyblob, unsigned int keybloblen) {
+static void send_msg_userauth_pk_ok(const char* algo, unsigned int algolen,
+		const unsigned char* keyblob, unsigned int keybloblen) {
 	TRACE(("enter send_msg_userauth_pk_ok"))
 	CHECKCLEARTOWRITE();
@@ -188,7 +188,7 @@ static void send_msg_userauth_pk_ok(char* algo, unsigned int algolen,
 }
-static int checkpubkey_line(buffer* line, int line_num, char* filename,
+static int checkpubkey_line(buffer* line, int line_num, const char* filename,
 		const char* algo, unsigned int algolen,
 		const unsigned char* keyblob, unsigned int keybloblen) {
 	buffer *options_buf = NULL;
@@ -292,8 +292,8 @@ out:
 /* Checks whether a specified publickey (and associated algorithm) is an
  * acceptable key for authentication */
 /* Returns DROPBEAR_SUCCESS if key is ok for auth, DROPBEAR_FAILURE otherwise */
-static int checkpubkey(char* algo, unsigned int algolen,
-		unsigned char* keyblob, unsigned int keybloblen) {
+static int checkpubkey(const char* algo, unsigned int algolen,
+		const unsigned char* keyblob, unsigned int keybloblen) {
 	FILE * authfile = NULL;
 	char * filename = NULL;

svr-chansession.c

@@ -43,24 +43,24 @@
 static int sessioncommand(struct Channel *channel, struct ChanSess *chansess,
 		int iscmd, int issubsys);
 static int sessionpty(struct ChanSess * chansess);
-static int sessionsignal(struct ChanSess *chansess);
+static int sessionsignal(const struct ChanSess *chansess);
 static int noptycommand(struct Channel *channel, struct ChanSess *chansess);
 static int ptycommand(struct Channel *channel, struct ChanSess *chansess);
-static int sessionwinchange(struct ChanSess *chansess);
-static void execchild(void *user_data_chansess);
+static int sessionwinchange(const struct ChanSess *chansess);
+static void execchild(const void *user_data_chansess);
 static void addchildpid(struct ChanSess *chansess, pid_t pid);
 static void sesssigchild_handler(int val);
-static void closechansess(struct Channel *channel);
+static void closechansess(const struct Channel *channel);
 static int newchansess(struct Channel *channel);
 static void chansessionrequest(struct Channel *channel);
-static int sesscheckclose(struct Channel *channel);
-static void send_exitsignalstatus(struct Channel *channel);
-static void send_msg_chansess_exitstatus(struct Channel * channel,
-		struct ChanSess * chansess);
-static void send_msg_chansess_exitsignal(struct Channel * channel,
-		struct ChanSess * chansess);
-static void get_termmodes(struct ChanSess *chansess);
+static int sesscheckclose(const struct Channel *channel);
+static void send_exitsignalstatus(const struct Channel *channel);
+static void send_msg_chansess_exitstatus(const struct Channel * channel,
+		const struct ChanSess * chansess);
+static void send_msg_chansess_exitsignal(const struct Channel * channel,
+		const struct ChanSess * chansess);
+static void get_termmodes(const struct ChanSess *chansess);
 const struct ChanType svrchansess = {
 	0, /* sepfds */
@@ -74,7 +74,7 @@ const struct ChanType svrchansess = {
 /* required to clear environment */
 extern char** environ;
-static int sesscheckclose(struct Channel *channel) {
+static int sesscheckclose(const struct Channel *channel) {
 	struct ChanSess *chansess = (struct ChanSess*)channel->typedata;
 	TRACE(("sesscheckclose, pid is %d", chansess->exit.exitpid))
 	return chansess->exit.exitpid != -1;
@@ -159,7 +159,7 @@ static void sesssigchild_handler(int UNUSED(dummy)) {
 }
 /* send the exit status or the signal causing termination for a session */
-static void send_exitsignalstatus(struct Channel *channel) {
+static void send_exitsignalstatus(const struct Channel *channel) {
 	struct ChanSess *chansess = (struct ChanSess*)channel->typedata;
@@ -173,8 +173,8 @@ static void send_exitsignalstatus(struct Channel *channel) {
 }
 /* send the exitstatus to the client */
-static void send_msg_chansess_exitstatus(struct Channel * channel,
-		struct ChanSess * chansess) {
+static void send_msg_chansess_exitstatus(const struct Channel * channel,
+		const struct ChanSess * chansess) {
 	dropbear_assert(chansess->exit.exitpid != -1);
 	dropbear_assert(chansess->exit.exitsignal == -1);
@@ -192,8 +192,8 @@ static void send_msg_chansess_exitstatus(struct Channel * channel,
 }
 /* send the signal causing the exit to the client */
-static void send_msg_chansess_exitsignal(struct Channel * channel,
-		struct ChanSess * chansess) {
+static void send_msg_chansess_exitsignal(const struct Channel * channel,
+		const struct ChanSess * chansess) {
 	int i;
 	char* signame = NULL;
@@ -273,7 +273,7 @@ static int newchansess(struct Channel *channel) {
 }
 static struct logininfo* 
-chansess_login_alloc(struct ChanSess *chansess) {
+chansess_login_alloc(const struct ChanSess *chansess) {
 	struct logininfo * li;
 	li = login_alloc_entry(chansess->pid, ses.authstate.username,
 			svr_ses.remotehost, chansess->tty);
@@ -281,7 +281,7 @@ chansess_login_alloc(struct ChanSess *chansess) {
 }
 /* clean a session channel */
-static void closechansess(struct Channel *channel) {
+static void closechansess(const struct Channel *channel) {
 	struct ChanSess *chansess;
 	unsigned int i;
@@ -403,7 +403,7 @@ out:
 /* Send a signal to a session's process as requested by the client*/
-static int sessionsignal(struct ChanSess *chansess) {
+static int sessionsignal(const struct ChanSess *chansess) {
 	int sig = 0;
 	char* signame = NULL;
@@ -441,7 +441,7 @@ static int sessionsignal(struct ChanSess *chansess) {
 /* Let the process know that the window size has changed, as notified from the
  * client. Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */
-static int sessionwinchange(struct ChanSess *chansess) {
+static int sessionwinchange(const struct ChanSess *chansess) {
 	int termc, termr, termw, termh;
@@ -460,7 +460,7 @@ static int sessionwinchange(struct ChanSess *chansess) {
 	return DROPBEAR_SUCCESS;
 }
-static void get_termmodes(struct ChanSess *chansess) {
+static void get_termmodes(const struct ChanSess *chansess) {
 	struct termios termio;
 	unsigned char opcode;
@@ -898,7 +898,7 @@ static void addchildpid(struct ChanSess *chansess, pid_t pid) {
 /* Clean up, drop to user privileges, set up the environment and execute
  * the command/shell. This function does not return. */
-static void execchild(void *user_data) {
+static void execchild(const void *user_data) {
 	struct ChanSess *chansess = user_data;
 	char *usershell = NULL;

svr-tcpfwd.c

@@ -107,7 +107,7 @@ out:
 	TRACE(("leave recv_msg_global_request"))
 }
-static int matchtcp(void* typedata1, void* typedata2) {
+static int matchtcp(const void* typedata1, const void* typedata2) {
 	const struct TCPListener *info1 = (struct TCPListener*)typedata1;
 	const struct TCPListener *info2 = (struct TCPListener*)typedata2;

svr-x11fwd.c

@@ -38,9 +38,9 @@
 #define X11BASEPORT 6000
 #define X11BINDBASE 6010
-static void x11accept(struct Listener* listener, int sock);
+static void x11accept(const struct Listener* listener, int sock);
 static int bindport(int fd);
-static int send_msg_channel_open_x11(int fd, struct sockaddr_in* addr);
+static int send_msg_channel_open_x11(int fd, const struct sockaddr_in* addr);
 /* Check untrusted xauth strings for metacharacters */
 /* Returns DROPBEAR_SUCCESS/DROPBEAR_FAILURE */
@@ -126,7 +126,7 @@ fail:
 /* accepts a new X11 socket */
 /* returns DROPBEAR_FAILURE or DROPBEAR_SUCCESS */
-static void x11accept(struct Listener* listener, int sock) {
+static void x11accept(const struct Listener* listener, int sock) {
 	int fd;
 	struct sockaddr_in addr;
@@ -154,7 +154,7 @@ static void x11accept(struct Listener* listener, int sock) {
 /* This is called after switching to the user, and sets up the xauth
  * and environment variables.  */
-void x11setauth(struct ChanSess *chansess) {
+void x11setauth(const struct ChanSess *chansess) {
 	char display[20]; /* space for "localhost:12345.123" */
 	FILE * authprog = NULL;
@@ -220,7 +220,7 @@ static const struct ChanType chan_x11 = {
 };
-static int send_msg_channel_open_x11(int fd, struct sockaddr_in* addr) {
+static int send_msg_channel_open_x11(int fd, const struct sockaddr_in* addr) {
 	char* ipstring = NULL;

tcp-accept.c

@@ -35,7 +35,7 @@
 #if DROPBEAR_TCP_ACCEPT
-static void cleanup_tcp(struct Listener *listener) {
+static void cleanup_tcp(const struct Listener *listener) {
 	struct TCPListener *tcpinfo = (struct TCPListener*)(listener->typedata);
@@ -52,7 +52,7 @@ int tcp_prio_inithandler(struct Channel* channel)
 	return 0;
 }
-static void tcp_acceptor(struct Listener *listener, int sock) {
+static void tcp_acceptor(const struct Listener *listener, int sock) {
 	int fd;
 	struct sockaddr_storage sa;

x11fwd.h

@@ -30,7 +30,7 @@
 #include "channel.h"
 int x11req(struct ChanSess * chansess);
-void x11setauth(struct ChanSess *chansess);
+void x11setauth(const struct ChanSess *chansess);
 void x11cleanup(struct ChanSess *chansess);
 #endif /* DROPBEAR_X11FWD */