Author: rcritten
Update of /cvs/dirsec/mod_nss
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10135
Modified Files:
mod_nss.c mod_nss.h nss_engine_config.c nss_engine_init.c
nss_engine_pphrase.c
Log Message:
196070
Fix compilation warnings
Index: mod_nss.c
===================================================================
RCS file: /cvs/dirsec/mod_nss/mod_nss.c,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- mod_nss.c 2 Mar 2006 19:21:54 -0000 1.11
+++ mod_nss.c 20 Jun 2006 20:25:20 -0000 1.12
@@ -224,7 +224,7 @@
if (rv != SECSuccess) {
char *remote = CERT_GetCommonName(&peerCert->subject);
ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL,
- "SSL Proxy: Possible man-in-the-middle attack. The remove
server is %s, we expected %s", remote, c->remote_host, rv);
+ "SSL Proxy: Possible man-in-the-middle attack. The remove
server is %s, we expected %s", remote, c->remote_host);
PORT_Free(remote);
}
} else {
@@ -234,7 +234,7 @@
break;
default:
ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL,
- "Bad remote server certificate.", err);
+ "Bad remote server certificate: %d", err);
nss_log_nss_error(APLOG_MARK, APLOG_ERR, NULL);
break;
}
Index: mod_nss.h
===================================================================
RCS file: /cvs/dirsec/mod_nss/mod_nss.h,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- mod_nss.h 7 Apr 2006 20:17:12 -0000 1.11
+++ mod_nss.h 20 Jun 2006 20:25:20 -0000 1.12
@@ -439,6 +439,7 @@
void nss_util_ppclose(server_rec *, apr_pool_t *, apr_file_t *);
char *nss_util_readfilter(server_rec *, apr_pool_t *, const char *,
const char * const *);
+int nss_rand_seed(server_rec *s, apr_pool_t *p, ssl_rsctx_t nCtx, char *prefix);
/* Pass Phrase Handling */
SECStatus nss_Init_Tokens(server_rec *s);
Index: nss_engine_config.c
===================================================================
RCS file: /cvs/dirsec/mod_nss/nss_engine_config.c,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- nss_engine_config.c 2 Mar 2006 19:21:54 -0000 1.10
+++ nss_engine_config.c 20 Jun 2006 20:25:20 -0000 1.11
@@ -383,7 +383,7 @@
{
SSLDirConfigRec *dc = (SSLDirConfigRec *)dcfg;
SSLSrvConfigRec *sc = mySrvConfig(cmd->server);
- nss_verify_t mode;
+ nss_verify_t mode = SSL_CVERIFY_UNSET;
const char *err;
if ((err = nss_cmd_verify_parse(cmd, arg, &mode))) {
@@ -451,6 +451,8 @@
SSLSrvConfigRec *sc = mySrvConfig(cmd->server);
sc->proxy->auth.protocols = arg;
+
+ return NULL;
}
const char *nss_cmd_NSSProxyCipherSuite(cmd_parms *cmd,
Index: nss_engine_init.c
===================================================================
RCS file: /cvs/dirsec/mod_nss/nss_engine_init.c,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -r1.18 -r1.19
--- nss_engine_init.c 7 Apr 2006 20:17:12 -0000 1.18
+++ nss_engine_init.c 20 Jun 2006 20:25:20 -0000 1.19
@@ -19,6 +19,8 @@
#include "secmod.h"
#include "sslerr.h"
#include "pk11func.h"
+#include "ocsp.h"
+#include "keyhi.h"
static SECStatus ownBadCertHandler(void *arg, PRFileDesc * socket);
static SECStatus ownHandshakeCallback(PRFileDesc * socket, void *arg);
@@ -902,11 +904,8 @@
apr_pool_t *ptemp,
modnss_ctx_t *mctx)
{
- SECCertTimeValidity certtimestatus;
SECStatus secstatus;
- PK11SlotInfo* slot = NULL;
-
/*
* Get own certificate and private key.
*/
@@ -1066,7 +1065,7 @@
switch (err) {
default:
ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL,
- "Bad remote server certificate.", err);
+ "Bad remote server certificate: %d", err);
nss_log_nss_error(APLOG_MARK, APLOG_ERR, NULL);
return SECFailure;
break;
Index: nss_engine_pphrase.c
===================================================================
RCS file: /cvs/dirsec/mod_nss/nss_engine_pphrase.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- nss_engine_pphrase.c 7 Apr 2006 20:17:12 -0000 1.5
+++ nss_engine_pphrase.c 20 Jun 2006 20:25:20 -0000 1.6
@@ -24,7 +24,7 @@
static char * nss_password_prompt(PK11SlotInfo *slot, PRBool retry, void *arg);
static char * nss_no_password(PK11SlotInfo *slot, PRBool retry, void *arg);
-static unsigned char * nss_get_password(FILE *input, FILE *output, PK11SlotInfo *slot,
PRBool (*ok)(unsigned char *), pphrase_arg_t * parg);
+static char * nss_get_password(FILE *input, FILE *output, PK11SlotInfo *slot, PRBool
(*ok)(unsigned char *), pphrase_arg_t * parg);
static PRBool nss_check_password(unsigned char *cp);
static void echoOff(int fd);
static void echoOn(int fd);
@@ -139,8 +139,8 @@
memset(buf, 0, sizeof(buf));
rv = apr_file_read(parg->mc->proc.out, buf, &nBytes);
- if (rv = APR_SUCCESS)
- res = atoi(buf);
+ if (rv == APR_SUCCESS)
+ res = atoi(buf);
if (rv != APR_SUCCESS ||
(res != PIN_SUCCESS && res != PIN_INCORRECTPW)) {
ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL,
@@ -192,7 +192,7 @@
* twiddling with the tty. Alternatively, if the file password.conf
* exists then it may be used to store the token password(s).
*/
-static unsigned char *nss_get_password(FILE *input, FILE *output,
+static char *nss_get_password(FILE *input, FILE *output,
PK11SlotInfo *slot,
PRBool (*ok)(unsigned char *),
pphrase_arg_t *parg)
@@ -298,7 +298,7 @@
fprintf(output, "non-alphabetic characters\n");
continue;
}
- return (unsigned char*) PORT_Strdup((char*)phrase);
+ return (char*) PORT_Strdup((char*)phrase);
}
}