Hi, When compiling netcat with WARNINGS=yes, gcc produces a bunch of warnings.
/crypt/home/bluhm/openbsd/cvs/src/usr.bin/nc/netcat.c:1348: warning: no previous prototype for 'strtoport' /crypt/home/bluhm/openbsd/cvs/src/usr.bin/nc/netcat.c: In function 'save_peer_cert': /crypt/home/bluhm/openbsd/cvs/src/usr.bin/nc/netcat.c:1576: warning: field precision should have type 'int', but argument 3 has type 'size_t' /crypt/home/bluhm/openbsd/cvs/src/usr.bin/nc/netcat.c:1572: warning: unused variable 'out' /crypt/home/bluhm/openbsd/cvs/src/usr.bin/nc/netcat.c: In function 'report_tls': /crypt/home/bluhm/openbsd/cvs/src/usr.bin/nc/netcat.c:1583: warning: declaration of 'tls_expectname' shadows a global declaration /crypt/home/bluhm/openbsd/cvs/src/usr.bin/nc/netcat.c:107: warning: shadowed declaration is here /crypt/home/bluhm/openbsd/cvs/src/usr.bin/nc/netcat.c: In function 'main': /crypt/home/bluhm/openbsd/cvs/src/usr.bin/nc/netcat.c:154: warning: 'proxy' may be used uninitialized in this function The uninitialized proxy is a false positive, but I fixed it anyway. ok? bluhm Index: usr.bin/nc/netcat.c =================================================================== RCS file: /data/mirror/openbsd/cvs/src/usr.bin/nc/netcat.c,v retrieving revision 1.181 diff -u -p -r1.181 netcat.c --- usr.bin/nc/netcat.c 16 Apr 2017 15:11:01 -0000 1.181 +++ usr.bin/nc/netcat.c 10 May 2017 13:06:42 -0000 @@ -116,6 +116,7 @@ int ttl = -1; int minttl = -1; void atelnet(int, unsigned char *, unsigned int); +int strtoport(char *portstr, int udp); void build_ports(char *); void help(void); int local_listen(char *, char *, struct addrinfo); @@ -133,9 +134,9 @@ int unix_listen(char *); void set_common_sockopts(int, int); int map_tos(char *, int *); int map_tls(char *, int *); -void save_peer_cert(struct tls *_tls_ctx, FILE *_fp); +void save_peer_cert(struct tls *_tls_ctx, FILE *_fp); void report_connect(const struct sockaddr *, socklen_t, char *); -void report_tls(struct tls *tls_ctx, char * host, char *tls_expectname); +void report_tls(struct tls *tls_ctx, char * host); void usage(int); ssize_t drainbuf(int, unsigned char *, size_t *, struct tls *); ssize_t fillbuf(int, unsigned char *, size_t *, struct tls *); @@ -151,7 +152,7 @@ main(int argc, char *argv[]) struct servent *sv; socklen_t len; struct sockaddr_storage cliaddr; - char *proxy, *proxyport = NULL; + char *proxy = NULL, *proxyport = NULL; const char *errstr; struct addrinfo proxyhints; char unix_dg_tmp_socket_buf[UNIX_DG_TMP_SOCKET_SIZE]; @@ -773,7 +774,7 @@ tls_setup_client(struct tls *tls_ctx, in errx(1, "tls handshake failed (%s)", errstr); } if (vflag) - report_tls(tls_ctx, host, tls_expectname); + report_tls(tls_ctx, host); if (tls_expecthash && tls_peer_cert_hash(tls_ctx) && strcmp(tls_expecthash, tls_peer_cert_hash(tls_ctx)) != 0) errx(1, "peer certificate is not %s", tls_expecthash); @@ -800,7 +801,7 @@ tls_setup_server(struct tls *tls_ctx, in int gotcert = tls_peer_cert_provided(tls_cctx); if (vflag && gotcert) - report_tls(tls_cctx, host, tls_expectname); + report_tls(tls_cctx, host); if ((TLSopt & TLS_CCERT) && !gotcert) warnx("No client certificate provided"); else if (gotcert && tls_peer_cert_hash(tls_ctx) && tls_expecthash && @@ -1569,18 +1570,17 @@ save_peer_cert(struct tls *tls_ctx, FILE { const char *pem; size_t plen; - FILE *out; if ((pem = tls_peer_cert_chain_pem(tls_ctx, &plen)) == NULL) errx(1, "Can't get peer certificate"); - if (fprintf(fp, "%.*s", plen, pem) < 0) + if (fprintf(fp, "%.*s", (int)plen, pem) < 0) err(1, "unable to save peer cert"); if (fflush(fp) != 0) err(1, "unable to flush peer cert"); } void -report_tls(struct tls * tls_ctx, char * host, char *tls_expectname) +report_tls(struct tls * tls_ctx, char * host) { time_t t; const char *ocsp_url;