Index: /trunk/configure.ac =================================================================== --- /trunk/configure.ac (revision 209) +++ /trunk/configure.ac (revision 210) @@ -12,5 +12,5 @@ dnl start dnl -AM_INIT_AUTOMAKE(samhain, 2.5.2a) +AM_INIT_AUTOMAKE(samhain, 2.5.2b) AC_DEFINE([SAMHAIN], 1, [Application is samhain]) AC_CANONICAL_HOST Index: /trunk/docs/Changelog =================================================================== --- /trunk/docs/Changelog (revision 209) +++ /trunk/docs/Changelog (revision 210) @@ -1,2 +1,7 @@ +2.5.2b (29-01-2009): + * turn warnings into errors in the compile test suite + * fix missing define in sh_portcheck.c to eliminate compiler warning + (reported by joerg) + 2.5.2a (26-01-2009): * fix problem building deb package (bit rot; reported by joerg) Index: /trunk/src/sh_err_log.c =================================================================== --- /trunk/src/sh_err_log.c (revision 209) +++ /trunk/src/sh_err_log.c (revision 210) @@ -380,5 +380,5 @@ { if (key[0] != '\n' && key[0] != '\0') - fprintf(stdout, _("New audit trail, enter key: ")); + fprintf(stdout, "%s",_("New audit trail, enter key: ")); else if (key[0] == '\n') { @@ -418,5 +418,5 @@ { chk_mode = CHK_KEY; - fprintf(stdout, _("Key not found in file\n")); + fprintf(stdout, "%s",_("Key not found in file\n")); goto findKey; } Index: /trunk/src/sh_forward.c =================================================================== --- /trunk/src/sh_forward.c (revision 209) +++ /trunk/src/sh_forward.c (revision 210) @@ -1883,5 +1883,5 @@ _exit(EXIT_SUCCESS); } - fprintf(stdout, _("ERROR initializing BigNum library.\n")); + fprintf(stdout, "%s",_("ERROR initializing BigNum library.\n")); fflush (stdout); _exit(EXIT_FAILURE); Index: /trunk/src/sh_getopt.c =================================================================== --- /trunk/src/sh_getopt.c (revision 209) +++ /trunk/src/sh_getopt.c (revision 210) @@ -321,9 +321,9 @@ #ifndef DEFAULT_CONSOLE if (num > 0) fputc ('\n', stdout); - printf (_(" console (/dev/console)")); ++num; + printf ("%s", _(" console (/dev/console)")); ++num; #else if (num > 0) fputc ('\n', stdout); if (0 == strcmp (DEFAULT_CONSOLE, _("NULL"))) - { printf (_("console (/dev/console)")); ++num; } + { printf ("%s", _("console (/dev/console)")); ++num; } else { printf (_("console (%s)"), DEFAULT_CONSOLE); ++num; } @@ -406,8 +406,8 @@ #if defined(USE_SYSTEM_MALLOC) if (num > 0) fputc ('\n', stdout); - printf (_(" using system malloc")); ++num; + fputs (_(" using system malloc"), stdout); ++num; #else if (num > 0) fputc ('\n', stdout); - printf (_(" using dnmalloc")); ++num; + fputs (_(" using dnmalloc"), stdout); ++num; #endif @@ -554,6 +554,6 @@ "(c) 1999-2008 Rainer Wichmann (http://la-samhna.de).\n"), VERSION); - fprintf (stdout, _("This software comes with ABSOLUTELY NO WARRANTY. ")); - fprintf (stdout, _("Use at own risk.\n\n")); + fprintf (stdout, "%s",_("This software comes with ABSOLUTELY NO WARRANTY. ")); + fprintf (stdout, "%s",_("Use at own risk.\n\n")); sh_getopt_print_log_facilities (); @@ -567,56 +567,56 @@ static int sh_getopt_copyright (const char * dummy) { - fprintf (stdout, + fprintf (stdout, "%s", _("Copyright (C) 1999-2008 Rainer Wichmann"\ " (http://la-samhna.de).\n\n")); - fprintf (stdout, + fprintf (stdout, "%s", _("This program is free software; "\ "you can redistribute it and/or modify\n")); - fprintf (stdout, _("it under the terms of the GNU General "\ + fprintf (stdout, "%s",_("it under the terms of the GNU General "\ "Public License as published by\n")); - fprintf (stdout, _("the Free Software Foundation; either version 2 "\ + fprintf (stdout, "%s",_("the Free Software Foundation; either version 2 "\ "of the License, or\n")); - fprintf (stdout, _("(at your option) any later version.\n\n")); - - fprintf (stdout, _("This program is distributed in the hope "\ + fprintf (stdout, "%s",_("(at your option) any later version.\n\n")); + + fprintf (stdout, "%s",_("This program is distributed in the hope "\ "that it will be useful,\n")); - fprintf (stdout, _("but WITHOUT ANY WARRANTY; "\ + fprintf (stdout, "%s",_("but WITHOUT ANY WARRANTY; "\ "without even the implied warranty of\n")); - fprintf (stdout, _("MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."\ - " See the\n")); - fprintf (stdout, _("GNU General Public License for more details.\n\n")); - - fprintf (stdout, _("You should have received a copy of the "\ + fprintf (stdout, "%s",_("MERCHANTABILITY or FITNESS FOR A PARTICULAR "\ + "PURPOSE. See the\n")); + fprintf (stdout, "%s",_("GNU General Public License for more details.\n\n")); + + fprintf (stdout, "%s",_("You should have received a copy of the "\ "GNU General Public License\n")); - fprintf (stdout, _("along with this program; "\ + fprintf (stdout, "%s",_("along with this program; "\ "if not, write to the Free Software\n")); - fprintf (stdout, _("Foundation, Inc., 59 Temple Place - Suite 330, "\ + fprintf (stdout, "%s",_("Foundation, Inc., 59 Temple Place - Suite 330, "\ "Boston, MA 02111-1307, USA.\n\n")); - fprintf (stdout, _("This product makes use of the reference implementation "\ - "of the TIGER message\n")); - fprintf (stdout, _("digest algorithm. This code is copyright Eli Biham "\ + fprintf (stdout, "%s",_("This product makes use of the reference "\ + "implementation of the TIGER message\n")); + fprintf (stdout, "%s",_("digest algorithm. This code is copyright Eli Biham "\ "(biham@cs.technion.ac.il)\n")); - fprintf (stdout, _("and Ross Anderson (rja14@cl.cam.ac.uk). It can be used "\ + fprintf (stdout, "%s",_("and Ross Anderson (rja14@cl.cam.ac.uk). It can be used "\ "freely without any\n")); - fprintf (stdout, _("restrictions.\n")); + fprintf (stdout, "%s",_("restrictions.\n")); #if defined(USE_SRP_PROTOCOL) && !defined(SH_STANDALONE) #if (!defined(HAVE_LIBGMP) || !defined(HAVE_GMP_H)) - fprintf (stdout, _("This product makes use of the 'bignum' library by "\ + fprintf (stdout, "%s",_("This product makes use of the 'bignum' library by "\ "Henrik Johansson\n")); - fprintf (stdout, _("(Henrik.Johansson@Nexus.Comm.SE). If you are including "\ - "this library in a\n")); - fprintf (stdout, _("commercial product, be sure to distribute ALL of"\ + fprintf (stdout, "%s",_("(Henrik.Johansson@Nexus.Comm.SE). If you are "\ + "including this library in a\n")); + fprintf (stdout, "%s",_("commercial product, be sure to distribute ALL of"\ " it with the product.\n")); #endif - fprintf (stdout, _("This product uses the 'Secure Remote Password' "\ + fprintf (stdout, "%s",_("This product uses the 'Secure Remote Password' "\ "cryptographic\n")); - fprintf (stdout, _("authentication system developed by Tom Wu "\ + fprintf (stdout, "%s",_("authentication system developed by Tom Wu "\ "(tjw@CS.Stanford.EDU).\n")); #endif - fprintf (stdout, _("\nPlease refer to the file COPYING in the source "\ + fprintf (stdout, "%s",_("\nPlease refer to the file COPYING in the source "\ "distribution for a")); - fprintf (stdout, _("\nfull list of incorporated code and associated "\ + fprintf (stdout, "%s",_("\nfull list of incorporated code and associated "\ "licenses.\n")); @@ -644,8 +644,8 @@ "(c) 1999-2006 Rainer Wichmann (http://la-samhna.de).\n"), VERSION); - fprintf (stdout, _("This software comes with ABSOLUTELY NO WARRANTY. ")); - fprintf (stdout, _("Use at own risk.\n")); - - fprintf (stdout, _("Usage:\n\n")); + fprintf (stdout, "%s",_("This software comes with ABSOLUTELY NO WARRANTY. ")); + fprintf (stdout, "%s",_("Use at own risk.\n")); + + fprintf (stdout, "%s",_("Usage:\n\n")); for (i = 0; op_table[i].longopt != NULL; ++i) { @@ -656,5 +656,5 @@ if (op_table[i].shortopt != '-' && strchr(opts, op_table[i].shortopt) != NULL) - fprintf (stdout, _("Short option char collision !\n")); + fprintf (stdout, "%s",_("Short option char collision !\n")); opts[i] = op_table[i].shortopt; @@ -689,5 +689,5 @@ } - fprintf (stdout, + fprintf (stdout, "%s", _("\nPlease report bugs to support@la-samhna.de.\n")); @@ -767,5 +767,5 @@ /* not last option */ - fprintf (stderr, + fprintf (stderr, "%s", _("Error: short option with argument is not last in option string\n")); (void) sh_getopt_usage(_("fail")); @@ -775,5 +775,6 @@ /* argument required, but no avail */ - fprintf (stderr, _("Error: missing argument\n")); + fprintf (stderr, "%s", + _("Error: missing argument\n")); (void) sh_getopt_usage(_("fail")); } @@ -813,5 +814,5 @@ { /* unrecognized short option */ - fprintf (stderr, _("Error: unrecognized short option\n")); + fprintf (stderr, "%s",_("Error: unrecognized short option\n")); (void) sh_getopt_usage(_("fail")); } @@ -840,5 +841,6 @@ /* argument required, but no avail */ - fprintf (stderr, _("Error: missing argument\n")); + fprintf (stderr, "%s", + _("Error: missing argument\n")); (void) sh_getopt_usage(_("fail")); } @@ -870,5 +872,6 @@ else { - fprintf (stderr, _("Error: invalid argument\n")); + fprintf (stderr, "%s", + _("Error: invalid argument\n")); /* argument required, but no avail */ (void) sh_getopt_usage(_("fail")); @@ -899,5 +902,5 @@ { /* unrecognized long option */ - fprintf (stderr, _("Error: unrecognized long option\n")); + fprintf (stderr, "%s",_("Error: unrecognized long option\n")); (void) sh_getopt_usage(_("fail")); } Index: /trunk/src/sh_hash.c =================================================================== --- /trunk/src/sh_hash.c (revision 209) +++ /trunk/src/sh_hash.c (revision 210) @@ -1778,9 +1778,9 @@ sl_write (pushdata_fd, "\n", 1); } else { - printf (_("\n#Host ")); + printf ("%s",_("\n#Host ")); printf ("%s", sh.host.name); - printf (_(" Version ")); + printf ("%s",_(" Version ")); printf ("%s", sh_db_version_string); - printf (_(" Date ")); + printf ("%s",_(" Date ")); (void) sh_unix_time(0, timestring, sizeof(timestring)); printf ("%s\n", timestring); @@ -3868,5 +3868,5 @@ { if (ListWithDelimiter == S_TRUE) - printf(_(" no_attr")); + printf("%s",_(" no_attr")); } putchar('\n'); @@ -3961,7 +3961,7 @@ res = uncompress(decompressed, &clen, decoded, dlen); if (res == Z_MEM_ERROR) - { fprintf(stderr, _("Error: Not enough memory\n")); return -1; } + { fprintf(stderr, "%s",_("Error: Not enough memory\n")); return -1; } if (res == Z_DATA_ERROR) - { fprintf(stderr, _("Error: Data corrupt or incomplete\n")); return -1; } + { fprintf(stderr, "%s",_("Error: Data corrupt or incomplete\n")); return -1; } } while (res == Z_BUF_ERROR || clen == clen_o); @@ -3973,5 +3973,5 @@ (void) linkpath; #endif - fprintf(stderr, _("Error: No data available\n")); + fprintf(stderr, "%s",_("Error: No data available\n")); return -1; } @@ -3991,5 +3991,5 @@ if (sl_is_suid()) { - fprintf(stderr, _("ERROR: insufficient privilege\n")); + fprintf(stderr, "%s",_("ERROR: insufficient privilege\n")); _exit (EXIT_FAILURE); return -1; /* for Mac OSX compiler */ @@ -4047,5 +4047,5 @@ else { - fprintf(stderr, _("File is a link\n")); + fprintf(stderr, "%s",_("File is a link\n")); _exit(EXIT_FAILURE); return -1; @@ -4068,5 +4068,5 @@ if (flag == 0) { - fprintf(stderr, _("File not found\n")); + fprintf(stderr, "%s",_("File not found\n")); _exit(EXIT_FAILURE); } Index: /trunk/src/sh_mail.c =================================================================== --- /trunk/src/sh_mail.c (revision 209) +++ /trunk/src/sh_mail.c (revision 210) @@ -197,5 +197,5 @@ if (numsig > 0) { - fprintf (stderr, _("ERROR (no key -- cannot check)\n")); + fprintf (stderr, "%s",_("ERROR (no key -- cannot check)\n")); continue; } @@ -211,5 +211,5 @@ else if (numsig == 0) { - fprintf (stderr, _("ERROR (repeated audit trail)\n")); + fprintf (stderr, "%s",_("ERROR (repeated audit trail)\n")); continue; } @@ -220,5 +220,5 @@ sh_util_encode(key, bufc, 1, 'A'); (void) sl_strlcpy (mail_trail_ptr->trail_key, key, KEY_LEN+1); - fprintf (stderr, _("(unchecked)\n")); + fprintf (stderr, "%s",_("(unchecked)\n")); } else @@ -244,9 +244,9 @@ KEY_LEN) != 0) { - fprintf (stderr, _("(FAILED)\n")); + fprintf (stderr, "%s",_("(FAILED)\n")); } else { - fprintf (stderr, _("(passed)\n")); + fprintf (stderr, "%s",_("(passed)\n")); } Index: /trunk/src/sh_portcheck.c =================================================================== --- /trunk/src/sh_portcheck.c (revision 209) +++ /trunk/src/sh_portcheck.c (revision 210) @@ -129,4 +129,5 @@ #include "sh_utils.h" #include "sh_modules.h" +#define SH_NEED_GETHOSTBYXXX #include "sh_static.h" #include "sh_pthread.h" @@ -655,5 +656,5 @@ else { - snprintf (buf, sizeof(buf), _("unknown")); + snprintf (buf, sizeof(buf), "%s",_("unknown")); } return buf; @@ -975,4 +976,8 @@ int sh_portchk_init (struct mod_type * arg) { +#ifndef HAVE_PTHREAD + (void) arg; +#endif + if (sh_portchk_active == S_FALSE) return SH_MOD_FAILED; Index: /trunk/src/sh_processcheck.c =================================================================== --- /trunk/src/sh_processcheck.c (revision 209) +++ /trunk/src/sh_processcheck.c (revision 210) @@ -1314,4 +1314,8 @@ int sh_prochk_init (struct mod_type * arg) { +#ifndef HAVE_PTHREAD + (void) arg; +#endif + if (ShProchkActive == S_FALSE) return SH_MOD_FAILED; Index: /trunk/src/sh_utils.c =================================================================== --- /trunk/src/sh_utils.c (revision 209) +++ /trunk/src/sh_utils.c (revision 210) @@ -181,5 +181,5 @@ else { - fprintf(stderr, _("Please answer y(es) or n(o)\n")); + fprintf(stderr, "%s", _("Please answer y(es) or n(o)\n")); } /*@-charintliteral@*/ @@ -1123,5 +1123,5 @@ if (0 != sl_is_suid()) { - fprintf(stderr, _("ERROR: insufficient privilege\n")); + fprintf(stderr, "%s", _("ERROR: insufficient privilege\n")); _exit (EXIT_FAILURE); /*@notreached@*/ @@ -1131,5 +1131,5 @@ if (new_in == NULL || new_in[0] == '\0') { - fprintf(stderr, + fprintf(stderr, "%s", _("ERROR: no key given\n Argument must be 'key@path'\n")); _exit (EXIT_FAILURE); @@ -1153,5 +1153,5 @@ if (j == 0) { - fprintf(stderr, + fprintf(stderr, "%s", _("ERROR: no path to executable given\n Argument must be 'key@path'\n")); free(new); @@ -1221,5 +1221,5 @@ UINT32 kbuf[KEY_BYT/sizeof(UINT32)]; - printf(_("old key found\n")); + printf("%s", _("old key found\n")); h1 = sh_tiger_hash_uint32 (key, TIGER_DATA, (unsigned long)strlen(key), @@ -1237,5 +1237,5 @@ } - fprintf(stderr, + fprintf(stderr, "%s", _("ERROR: old key not found\n")); free(new); free (outpath); free(image); @@ -1246,5 +1246,5 @@ bail_mem: - fprintf(stderr, + fprintf(stderr, "%s", _("ERROR: out of memory\n")); if (new) free(new); Index: /trunk/test/testcompile.sh =================================================================== --- /trunk/test/testcompile.sh (revision 209) +++ /trunk/test/testcompile.sh (revision 210) @@ -20,6 +20,6 @@ # -# dnmalloc + flawfinder + (35 * 3) -MAXTEST=107; export MAXTEST +# dnmalloc + flawfinder + (36 * 3) +MAXTEST=110; export MAXTEST run_dnmalloc () @@ -202,4 +202,15 @@ { fail=0 + # + # Compiler warnings can be OS specific, but at least + # on Linux there should be none + # + isLinux=0 + uname -a | grep Linux >/dev/null + if [ $? -eq 0 ]; then + isLinux=1 + sed --in-place 's/-Wall/-Wall -Werror/' Makefile + fi + # if test x$1 = x0; then [ -z "$verbose" ] || log_msg_ok "configure... $TEST"; @@ -219,4 +230,7 @@ fail=1 fi + if [ $isLinux -eq 1 ]; then + sed --in-place 's/-Wall -Werror/-Wall/' Makefile + fi if [ $fail -eq 1 ]; then [ -z "$quiet" ] && log_fail $2 ${MAXTEST} "$TEST"; @@ -335,4 +349,22 @@ # test standalone compilation # + TEST="${S}standalone w/procchk w/portchk w/static${E}" + # + if test -r "Makefile"; then + $MAKE distclean + fi + # + ${TOP_SRCDIR}/configure --quiet --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$PW_DIR/samhainrc.test --enable-process-check --enable-port-check --enable-static > /dev/null 2>> test_log + # + let "num = num + 1" >/dev/null + testmake $? $num || let "numfail = numfail + 1" >/dev/null + let "num = num + 1" >/dev/null + run_smatch $? $num || let "numfail = numfail + 1" >/dev/null + let "num = num + 1" >/dev/null + run_uno $? $num || let "numfail = numfail + 1" >/dev/null + + # + # test standalone compilation + # TEST="${S}standalone w/procchk w/portchk w/stealth${E}" #