Miscellaneous portability fixes

b64.c

@@ -75,7 +75,7 @@ int b64_decode(const char *in, void **ptr, size_t *len) {
   if (bio_b64 == NULL)
     goto fail;
 
-  bio_mem = BIO_new_mem_buf((void *) in, -1);
+  bio_mem = BIO_new_mem_buf((const void *) in, -1);
   if (bio_mem == NULL)
     goto fail;
 

drop_privs.h

@@ -55,8 +55,10 @@ struct _ykpam_privs {
 
 #define PAM_MODUTIL_DEF_PRIVS(n)                                               \
   gid_t n##_saved_groups[SAVED_GROUPS_MAX_LEN];                                \
-  struct _ykpam_privs n = {-1, -1, n##_saved_groups, SAVED_GROUPS_MAX_LEN,     \
-                           cfg->debug_file}
+  struct _ykpam_privs n = {                                                    \
+    (uid_t) -1,           (gid_t) -1,      n##_saved_groups,                   \
+    SAVED_GROUPS_MAX_LEN, cfg->debug_file,                                     \
+  }
 
 int pam_modutil_drop_priv(pam_handle_t *, struct _ykpam_privs *,
                           struct passwd *);

pam-u2f.c

@@ -13,6 +13,7 @@
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <unistd.h>
+#include <stdint.h>
 #include <stdlib.h>
 #include <syslog.h>
 #include <pwd.h>
@@ -168,10 +169,11 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc,
   int should_free_appid = 0;
   int should_free_auth_file = 0;
   int should_free_authpending_file = 0;
-  PAM_MODUTIL_DEF_PRIVS(privs);
 
   parse_cfg(flags, argc, argv, cfg);
 
+  PAM_MODUTIL_DEF_PRIVS(privs);
+
   if (!cfg->origin) {
     strcpy(buffer, DEFAULT_ORIGIN_PREFIX);
 
@@ -427,24 +429,24 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc,
     free(buf);
     buf = NULL;
   }
-
+#define free_const(a) free((void *) (uintptr_t)(a))
   if (should_free_origin) {
-    free((char *) cfg->origin);
+    free_const(cfg->origin);
     cfg->origin = NULL;
   }
 
   if (should_free_appid) {
-    free((char *) cfg->appid);
+    free_const(cfg->appid);
     cfg->appid = NULL;
   }
 
   if (should_free_auth_file) {
-    free((char *) cfg->auth_file);
+    free_const(cfg->auth_file);
     cfg->auth_file = NULL;
   }
 
   if (should_free_authpending_file) {
-    free((char *) cfg->authpending_file);
+    free_const(cfg->authpending_file);
     cfg->authpending_file = NULL;
   }
 
@@ -470,3 +472,7 @@ PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc,
 
   return PAM_SUCCESS;
 }
+
+#ifdef PAM_MODULE_ENTRY
+PAM_MODULE_ENTRY("pam_u2f");
+#endif

util.c

@@ -236,7 +236,7 @@ int get_devices_from_authfile(const char *authfile, const char *username,
       *n_devs = 0;
 
       i = 0;
-      while ((s_token = strtok_r(NULL, ",", &saveptr))) {
+      while ((s_token = strtok_r(NULL, ",", &saveptr)) != NULL) {
         if ((*n_devs)++ > max_devs - 1) {
           *n_devs = max_devs;
           if (verbose)
@@ -1131,7 +1131,7 @@ static int _converse(pam_handle_t *pamh, int nargs,
 
 char *converse(pam_handle_t *pamh, int echocode, const char *prompt) {
   const struct pam_message msg = {.msg_style = echocode,
-                                  .msg = (char *) prompt};
+                                  .msg = (char *) (uintptr_t) prompt};
   const struct pam_message *msgs = &msg;
   struct pam_response *resp = NULL;
   int retval = _converse(pamh, 1, &msgs, &resp);
@@ -1163,7 +1163,7 @@ void _debug(FILE *debug_file, const char *file, int line, const char *func,
             const char *fmt, ...) {
   va_list ap;
   va_start(ap, fmt);
-#ifdef __linux__
+#ifdef LOG_DEBUG
   if (debug_file == (FILE *) -1) {
     syslog(LOG_AUTHPRIV | LOG_DEBUG, DEBUG_STR, file, line, func);
     vsyslog(LOG_AUTHPRIV | LOG_DEBUG, fmt, ap);

util.h

@@ -25,7 +25,7 @@
 #if defined(DEBUG_PAM)
 #define D(file, ...) _debug(file, __FILE__, __LINE__, __func__, __VA_ARGS__)
 #else
-#define D(file, ...)
+#define D(file, ...) ((void) 0)
 #endif /* DEBUG_PAM */
 
 typedef struct {