addressed all but one of the remaining compile warnings (#793)

* Fix the mismatched char, uint8_t warnings

* Ensure we leave room for zero termination and then ensure the string is terminated

* GCC has a warning if it thinks your could overflow your snprintf buffer, but dont check for said overflow

include/auth.h

@@ -24,17 +24,17 @@
 #define AUTH_H
 
 
-int bin_to_ascii (uint8_t *out, uint8_t *in, size_t in_len);
+int bin_to_ascii (char *out, uint8_t *in, size_t in_len);
 
-int ascii_to_bin (uint8_t *out, uint8_t *in);
+int ascii_to_bin (uint8_t *out, char *in);
 
-int generate_private_key(n2n_private_public_key_t key, uint8_t *in);
+int generate_private_key(n2n_private_public_key_t key, char *in);
 
 int generate_public_key (n2n_private_public_key_t pub, n2n_private_public_key_t prv);
 
 int generate_shared_secret (n2n_private_public_key_t shared, n2n_private_public_key_t prv, n2n_private_public_key_t pub);
 
-int bind_private_key_to_username (n2n_private_public_key_t prv, uint8_t *username);
+int bind_private_key_to_username (n2n_private_public_key_t prv, char *username);
 
 int calculate_dynamic_key (uint8_t out_key[N2N_AUTH_CHALLENGE_SIZE],
                            uint32_t key_time, n2n_community_t comm, n2n_community_t fed);

include/header_encryption.h

@@ -30,6 +30,6 @@ void packet_header_setup_key (const char *community_name,
                               he_context_t **ctx_static, he_context_t **ctx_dynamic,
                               he_context_t **ctx_iv_static, he_context_t **ctx_iv_dynamic);
 
-void packet_header_change_dynamic_key (const char *key_dynamic,
+void packet_header_change_dynamic_key (uint8_t *key_dynamic,
                                        he_context_t **ctx_dynamic,
                                        he_context_t **ctx_iv_dynamic);

src/auth.c

@@ -35,7 +35,7 @@ static uint8_t a2b[256] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
                             0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0xff, 0xff, 0xff, 0xff, 0xff }; /* 0x70 ... 0x7f */
 
 
-int bin_to_ascii (uint8_t *out, uint8_t *in, size_t in_len) {
+int bin_to_ascii (char *out, uint8_t *in, size_t in_len) {
 
     // in buffer contains binary data of length in_len
 
@@ -64,7 +64,7 @@ int bin_to_ascii (uint8_t *out, uint8_t *in, size_t in_len) {
 }
 
 
-int ascii_to_bin (uint8_t *out, uint8_t *in) {
+int ascii_to_bin (uint8_t *out, char *in) {
 
     // in buffer contains 0x00-terminated string to be decoded
 
@@ -79,9 +79,10 @@ int ascii_to_bin (uint8_t *out, uint8_t *in) {
     for(in_count = 0; in_count < strlen(in); in_count++) {
         buf <<= 6;
 
-        if((in[in_count] > 0x20) && (in[in_count] < 0x80)) {
-            if(a2b[in[in_count]] != 0xFF) {
-                buf |= a2b[in[in_count] - 0x20];
+        int ch = in[in_count];
+        if((ch > 0x20) && (ch < 0x80)) {
+            if(a2b[ch] != 0xFF) {
+                buf |= a2b[ch - 0x20];
             } else {
                 traceEvent(TRACE_NORMAL, "ascii_to_bin encountered the unknown character '%c'", in[in_count]);
             }
@@ -101,11 +102,11 @@ int ascii_to_bin (uint8_t *out, uint8_t *in) {
 }
 
 
-int generate_private_key (n2n_private_public_key_t key, uint8_t *in) {
+int generate_private_key (n2n_private_public_key_t key, char *in) {
 
     // hash the 0-terminated string input twice to generate private key
 
-    pearson_hash_256(key, in, strlen(in));
+    pearson_hash_256(key, (uint8_t *)in, strlen(in));
     pearson_hash_256(key, key, sizeof(n2n_private_public_key_t));
 
     return 0;
@@ -133,11 +134,11 @@ int generate_shared_secret (n2n_private_public_key_t shared, n2n_private_public_
 }
 
 
-int bind_private_key_to_username (n2n_private_public_key_t prv, uint8_t *username) {
+int bind_private_key_to_username (n2n_private_public_key_t prv, char *username) {
 
     uint8_t tmp[32];
 
-    pearson_hash_256(tmp, username, strlen(username));
+    pearson_hash_256(tmp, (uint8_t *)username, strlen(username));
     memxor(prv, tmp, sizeof(n2n_private_public_key_t));
 
     return 0;

src/edge.c

@@ -1029,7 +1029,7 @@ int main (int argc, char* argv[]) {
         // calculate public key and shared secret
         if(conf.federation_public_key) {
             traceEvent(TRACE_NORMAL, "using username and password for edge authentication");
-            bind_private_key_to_username(*(conf.shared_secret), conf.dev_desc);
+            bind_private_key_to_username(*(conf.shared_secret), (char *)conf.dev_desc);
             conf.public_key = calloc(1, sizeof(n2n_private_public_key_t));
             if(conf.public_key)
                 generate_public_key(*conf.public_key, *(conf.shared_secret));

src/edge_utils.c

@@ -2692,11 +2692,15 @@ void process_udp (n2n_edge_t *eee, const struct sockaddr_in *sender_sock, const
                 if(eee->conf.tuntap_ip_mode == TUNTAP_IP_MODE_SN_ASSIGN) {
                     if((ra.dev_addr.net_addr != 0) && (ra.dev_addr.net_bitlen != 0)) {
                         net = htonl(ra.dev_addr.net_addr);
-                        if((ip_str = inet_ntoa(*(struct in_addr *) &net)) != NULL)
-                            strncpy(eee->tuntap_priv_conf.ip_addr, ip_str, N2N_NETMASK_STR_SIZE);
+                        if((ip_str = inet_ntoa(*(struct in_addr *) &net)) != NULL) {
+                            strncpy(eee->tuntap_priv_conf.ip_addr, ip_str, N2N_NETMASK_STR_SIZE-1);
+                            eee->tuntap_priv_conf.ip_addr[N2N_NETMASK_STR_SIZE-1] = '\0';
+                        }
                         net = htonl(bitlen2mask(ra.dev_addr.net_bitlen));
-                        if((ip_str = inet_ntoa(*(struct in_addr *) &net)) != NULL)
-                            strncpy(eee->tuntap_priv_conf.netmask, ip_str, N2N_NETMASK_STR_SIZE);
+                        if((ip_str = inet_ntoa(*(struct in_addr *) &net)) != NULL) {
+                            strncpy(eee->tuntap_priv_conf.netmask, ip_str, N2N_NETMASK_STR_SIZE-1);
+                            eee->tuntap_priv_conf.netmask[N2N_NETMASK_STR_SIZE-1] = '\0';
+                        }
                     }
                 }
 

src/header_encryption.c

@@ -153,11 +153,11 @@ void packet_header_setup_key (const char *community_name,
 }
 
 
-void packet_header_change_dynamic_key (const char *key_dynamic,
+void packet_header_change_dynamic_key (uint8_t *key_dynamic,
                                        he_context_t **ctx_dynamic, he_context_t **ctx_iv_dynamic) {
 
     uint8_t key[16];
-    pearson_hash_128(key, (uint8_t*)key_dynamic, N2N_AUTH_CHALLENGE_SIZE);
+    pearson_hash_128(key, key_dynamic, N2N_AUTH_CHALLENGE_SIZE);
 
     // for REGISTER_SUPER, REGISTER_SUPER_ACK, REGISTER_SUPER_NAK only
     // for all other packets, same as static by default (changed by user/pw auth scheme)

src/sn_selection.c

@@ -167,11 +167,17 @@ extern char * sn_selection_criterion_str (selection_criterion_str_t out, peer_in
     // easier to sort to the end of the list).
     // Alternatively, typecast to (int16_t) and check for greater or equal zero
     if(peer->selection_criterion < (UINT32_MAX >> 2)) {
+
 #ifndef SN_SELECTION_RTT
-      snprintf(out, SN_SELECTION_CRITERION_BUF_SIZE, "load = %8d", peer->selection_criterion);
+      int chars = snprintf(out, SN_SELECTION_CRITERION_BUF_SIZE, "load = %8d", peer->selection_criterion);
 #else
-      snprintf(out, SN_SELECTION_CRITERION_BUF_SIZE, "rtt = %6d ms", peer->selection_criterion);
+      int chars = snprintf(out, SN_SELECTION_CRITERION_BUF_SIZE, "rtt = %6d ms", peer->selection_criterion);
 #endif
+
+      /* this test is to make "-Wformat-truncation" less sad */
+      if (chars > SN_SELECTION_CRITERION_BUF_SIZE) {
+        traceEvent(TRACE_INFO, "selection_criterion buffer overflow");
+      }
     }
 
     return out;

src/sn_utils.c

@@ -153,8 +153,8 @@ void calculate_dynamic_keys (n2n_sn_t *sss) {
         if(comm->allowed_users) {
             calculate_dynamic_key(comm->dynamic_key,           /* destination */
                                   sss->dynamic_key_time,       /* time - same for all */
-                                  comm->community,             /* community name */
-                                  sss->federation->community); /* federation name */
+                                  (uint8_t *)comm->community,  /* community name */
+                                  (uint8_t *)sss->federation->community); /* federation name */
             packet_header_change_dynamic_key(comm->dynamic_key,
                                              &(comm->header_encryption_ctx_dynamic),
                                              &(comm->header_iv_ctx_dynamic));
@@ -217,7 +217,7 @@ int load_allowed_sn_community (n2n_sn_t *sss) {
     sn_user_t *user, *tmp_user;
     n2n_desc_t username;
     n2n_private_public_key_t public_key;
-    uint8_t ascii_public_key[(N2N_PRIVATE_PUBLIC_KEY_SIZE * 8 + 5) / 6 + 1];
+    char ascii_public_key[(N2N_PRIVATE_PUBLIC_KEY_SIZE * 8 + 5) / 6 + 1];
 
     dec_ip_str_t ip_str = {'\0'};
     uint8_t bitlen;

tools/keygen.c

@@ -24,7 +24,7 @@ int main(int argc, char * argv[]) {
 
     n2n_private_public_key_t prv;  /* 32 bytes private key                        */
     n2n_private_public_key_t bin;  /* 32 bytes public key binary output buffer    */
-    uint8_t asc[44];               /* 43 bytes + 0-terminator ascii string output */
+    char asc[44];               /* 43 bytes + 0-terminator ascii string output */
     uint8_t fed = 0;
 
     // exactly two parameters required
@@ -50,11 +50,11 @@ int main(int argc, char * argv[]) {
     // to username but username and password are not interchangeable),
     // finally xor the result
     // in federation mode: only hash federation name, twice
-    generate_private_key(prv, (uint8_t*)argv[2]);
+    generate_private_key(prv, argv[2]);
 
     // hash user name only if required
     if(!fed) {
-        bind_private_key_to_username(prv, (uint8_t*)argv[1]);
+        bind_private_key_to_username(prv, argv[1]);
     }
 
     // calculate the public key into binary output buffer