ipa-kdb: fix compiler warnings

There are few fields in KDB structures that have 'conflicting' types but need to be compared. They come from MIT Kerberos and we have no choice here. In the same way, SID structures have own requirements. Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com> Reviewed-By: Robbie Harwood <rharwood@redhat.com> Reviewed-By: Rob Crittenden <rcritten@redhat.com>
2025-02-25 18:55:28 -06:00 · 2021-02-23 10:06:25 +02:00 · 2021-02-23 10:06:25 +02:00 · 1d2a14a2d2
commit 1d2a14a2d2
parent 47d49aa7b7
4 changed files with 9 additions and 9 deletions
--- a/daemons/ipa-kdb/ipa_kdb_audit_as.c
+++ b/daemons/ipa-kdb/ipa_kdb_audit_as.c
@ -112,13 +112,13 @@ void ipadb_audit_as_req(krb5_context kcontext,

        if (krb5_ts_after(krb5_ts_incr(client->last_failed,
                        ied->pol->lockout_duration), authtime) &&
-            (client->fail_auth_count >= ied->pol->max_fail && 
+            (client->fail_auth_count >= (krb5_kvno) ied->pol->max_fail &&
             ied->pol->max_fail != 0)) {
            /* client already locked, nothing more to do */
            break;
        }
        if (ied->pol->max_fail == 0 ||
-            client->fail_auth_count < ied->pol->max_fail) {
+            client->fail_auth_count < (krb5_kvno) ied->pol->max_fail) {
            /* let's increase the fail counter */
            client->fail_auth_count++;
            client->mask |= KMASK_FAIL_AUTH_COUNT;
--- a/daemons/ipa-kdb/ipa_kdb_mspac.c
+++ b/daemons/ipa-kdb/ipa_kdb_mspac.c
@ -148,9 +148,9 @@ int string_to_sid(const char *str, struct dom_sid *sid)

 char *dom_sid_string(TALLOC_CTX *memctx, const struct dom_sid *dom_sid)
 {
-    size_t c;
+    int8_t c;
    size_t len;
-    int ofs;
+    size_t ofs;
    uint32_t ia;
    char *buf;

@ -2612,7 +2612,7 @@ krb5_error_code ipadb_mspac_get_trusted_domains(struct ipadb_context *ipactx)

        t[n].upn_suffixes_len = NULL;
        if (t[n].upn_suffixes != NULL) {
-            size_t len = 0;
+            int len = 0;

            for (; t[n].upn_suffixes[len] != NULL; len++);

--- a/daemons/ipa-kdb/ipa_kdb_principals.c
+++ b/daemons/ipa-kdb/ipa_kdb_principals.c
@ -494,7 +494,7 @@ static krb5_error_code ipadb_get_ldap_auth_ind(krb5_context kcontext,
    l = len;
    for (i = 0; i < count; i++) {
        ret = snprintf(ap, l, "%s ", authinds[i]);
-        if (ret <= 0 || ret > l) {
+        if (ret <= 0 || ret > (int) l) {
            ret = ENOMEM;
            goto cleanup;
        }
@ -2086,7 +2086,7 @@ static krb5_error_code ipadb_get_ldap_mod_auth_ind(krb5_context kcontext,
    char *s = NULL;
    size_t ai_size = 0;
    int cnt = 0;
-    int i = 0;
+    size_t i = 0;

    ret = krb5_dbe_get_string(kcontext, entry, "require_auth", &ais);
    if (ret) {
@ -2467,7 +2467,7 @@ static krb5_error_code ipadb_entry_default_attrs(struct ipadb_mods *imods)
 {
    krb5_error_code kerr;
    LDAPMod *m = NULL;
-    int i;
+    size_t i;

    kerr = ipadb_mods_new(imods, &m);
    if (kerr) {
--- a/daemons/ipa-kdb/ipa_kdb_pwdpolicy.c
+++ b/daemons/ipa-kdb/ipa_kdb_pwdpolicy.c
@ -361,7 +361,7 @@ krb5_error_code ipadb_check_policy_as(krb5_context kcontext,
    }

    if (ied->pol->max_fail == 0 ||
-        client->fail_auth_count < ied->pol->max_fail) {
+        client->fail_auth_count < (krb5_kvno) ied->pol->max_fail) {
        /* still within allowed failures range */
        return 0;
    }