changeset 55:5685fad38195

Fixed compiler warnings from clang (including small bug in private key loading)
author Ivo Smits <Ivo@UCIS.nl>
date Fri, 31 Jan 2014 22:52:46 +0100
parents 4ff8003d0973
children 377e7d4fbc10
files src/common.c src/proto.nacl0.c src/proto.nacltai.c src/proto.salty.c src/run.combined.c
diffstat 5 files changed, 54 insertions(+), 46 deletions(-) [+]
line wrap: on
line diff
--- a/src/common.c	Sat Nov 23 16:58:54 2013 +0100
+++ b/src/common.c	Fri Jan 31 22:52:46 2014 +0100
@@ -27,7 +27,9 @@
 #include <stdlib.h>
 #include <string.h>
 #include <fcntl.h>
+#include <unistd.h>
 #include <pwd.h>
+#include <grp.h>
 #ifndef HAVE_NETINET_IN_H
 #include <netinet/in.h>
 #endif
@@ -36,6 +38,7 @@
 #include <poll.h>
 #include <netdb.h>
 #include <stdlib.h>
+#include <arpa/inet.h>
 #include <net/if.h>
 #ifdef linux
 	#include <linux/if_tun.h>
@@ -87,8 +90,10 @@
 	extern int errorexit(const char*);
 	extern int errorexitp(const char*);
 	extern void print_header();
-	extern void hex2bin(unsigned char*, unsigned char*, int);
+	extern void hex2bin(unsigned char*, const char*, const int);
 	extern int debug;
+	extern int qtrun(struct qtproto* p);
+	extern int qtprocessargs(int argc, char** argv);
 #else
 
 char* (*getconf)(const char*) = getenv;
@@ -161,14 +166,14 @@
 	struct addrinfo *ai_local = NULL, *ai_remote = NULL;
 	unsigned short af = 0;
 	int ret;
-	if (envval = getconf("LOCAL_ADDRESS")) {
-		if (ret = getaddrinfo(envval, NULL, NULL, &ai_local)) return errorexit2("getaddrinfo(LOCAL_ADDRESS)", gai_strerror(ret));
+	if ((envval = getconf("LOCAL_ADDRESS"))) {
+		if ((ret = getaddrinfo(envval, NULL, NULL, &ai_local))) return errorexit2("getaddrinfo(LOCAL_ADDRESS)", gai_strerror(ret));
 		if (!ai_local) return errorexit("LOCAL_ADDRESS lookup failed");
 		if (ai_local->ai_addrlen > sizeof(sockaddr_any)) return errorexit("Resolved LOCAL_ADDRESS is too big");
 		af = ai_local->ai_family;
 	}
-	if (envval = getconf("REMOTE_ADDRESS")) {
-		if (ret = getaddrinfo(envval, NULL, NULL, &ai_remote)) return errorexit2("getaddrinfo(REMOTE_ADDRESS)", gai_strerror(ret));
+	if ((envval = getconf("REMOTE_ADDRESS"))) {
+		if ((ret = getaddrinfo(envval, NULL, NULL, &ai_remote))) return errorexit2("getaddrinfo(REMOTE_ADDRESS)", gai_strerror(ret));
 		if (!ai_remote) return errorexit("REMOTE_ADDRESS lookup failed");
 		if (ai_remote->ai_addrlen > sizeof(sockaddr_any)) return errorexit("Resolved REMOTE_ADDRESS is too big");
 		if (af && af != ai_remote->ai_family) return errorexit("Address families do not match");
@@ -182,7 +187,7 @@
 	udpaddr.any.sa_family = af;
 	if (ai_local) memcpy(&udpaddr, ai_local->ai_addr, ai_local->ai_addrlen);
 	int port = 2998;
-	if (envval = getconf("LOCAL_PORT")) port = atoi(envval);
+	if ((envval = getconf("LOCAL_PORT"))) port = atoi(envval);
 	if (sockaddr_set_port(&udpaddr, port)) return -1;
 	if (bind(sfd, (struct sockaddr*)&udpaddr, sizeof(udpaddr))) return errorexitp("Could not bind socket");
 	memset(&udpaddr, 0, sizeof(udpaddr));
@@ -193,7 +198,7 @@
 	} else {
 		session->remote_float = getconf("REMOTE_FLOAT") ? 1 : 0;
 		port = 2998;
-		if (envval = getconf("REMOTE_PORT")) port = atoi(envval);
+		if ((envval = getconf("REMOTE_PORT"))) port = atoi(envval);
 		if (sockaddr_set_port(&udpaddr, port)) return -1;
 		session->remote_addr = udpaddr;
 		if (session->remote_float) {
@@ -213,14 +218,14 @@
 	fprintf(stderr, "Initializing tun/tap device...\n");
 	int ttfd; //Tap device file descriptor
 	int tunmode = 0;
-	if (envval = getconf("TUN_MODE")) tunmode = atoi(envval);
+	if ((envval = getconf("TUN_MODE"))) tunmode = atoi(envval);
 	session->use_pi = 0;
 	if (tunmode && (envval = getconf("USE_PI"))) session->use_pi = atoi(envval);
 #if defined(__linux__)
 	struct ifreq ifr; //required for tun/tap setup
 	memset(&ifr, 0, sizeof(ifr));
 	if ((ttfd = open("/dev/net/tun", O_RDWR)) < 0) return errorexitp("Could not open tun/tap device file");
-	if (envval = getconf("INTERFACE")) strcpy(ifr.ifr_name, envval);
+	if ((envval = getconf("INTERFACE"))) strcpy(ifr.ifr_name, envval);
 	ifr.ifr_flags = tunmode ? IFF_TUN : IFF_TAP;
 	if (!session->use_pi) ifr.ifr_flags |= IFF_NO_PI;
 	if (ioctl(ttfd, TUNSETIFF, (void *)&ifr) < 0) return errorexitp("TUNSETIFF ioctl failed");
@@ -251,12 +256,12 @@
 #endif
 	}
 #endif
-	if (envval = getconf("TUN_UP_SCRIPT")) system(envval);
+	if ((envval = getconf("TUN_UP_SCRIPT"))) system(envval);
 	session->fd_dev = ttfd;
 	return ttfd;
 }
 
-void hex2bin(unsigned char* dest, unsigned char* src, int count) {
+void hex2bin(unsigned char* dest, const char* src, const int count) {
 	int i;
 	for (i = 0; i < count; i++) {
 		if (*src >= '0' && *src <= '9') *dest = *src - '0';
@@ -273,11 +278,11 @@
 static int drop_privileges() {
 	char* envval;
 	struct passwd *pw = NULL;
-	if (envval = getconf("SETUID")) {
+	if ((envval = getconf("SETUID"))) {
 		pw = getpwnam(envval);
 		if (!pw) return errorexitp("getpwnam");
 	}
-	if (envval = getconf("CHROOT")) {
+	if ((envval = getconf("CHROOT"))) {
 		if (chroot(envval)) return errorexitp("chroot");
 		if (chdir("/")) return errorexitp("chdir /");
 	}
@@ -286,6 +291,7 @@
 		if (setgid(pw->pw_gid) == -1) return errorexitp("setgid");
 		if (setuid(pw->pw_uid) == -1) return errorexitp("setuid");
 	}
+	return 0;
 }
 
 static void qtsendnetworkpacket(struct qtsession* session, char* msg, int len) {
@@ -351,8 +357,8 @@
 		}
 		if (fds[1].revents & POLLERR) {
 			int out;
-			len = sizeof(out);
-			getsockopt(sfd, SOL_SOCKET, SO_ERROR, &out, &len);
+			socklen_t slen = sizeof(out);
+			getsockopt(sfd, SOL_SOCKET, SO_ERROR, &out, &slen);
 			fprintf(stderr, "Received error %d on udp socket\n", out);
 		}
 		if (fds[1].revents & POLLIN) {
@@ -365,8 +371,8 @@
 			}
 			if (len < 0) {
 				long long out;
-				len = sizeof(out);
-				getsockopt(sfd, SOL_SOCKET, SO_ERROR, &out, &len);
+				socklen_t slen = sizeof(out);
+				getsockopt(sfd, SOL_SOCKET, SO_ERROR, &out, &slen);
 				fprintf(stderr, "Received end of file on udp socket (error %lld)\n", out);
 			} else {
 				len = p->decode(&session, buffer_enc, buffer_raw + pi_length, len);
@@ -424,6 +430,7 @@
 			return errorexit("Unexpected command line argument");
 		}
 	}
+	return 0;
 }
 #endif
 
--- a/src/proto.nacl0.c	Sat Nov 23 16:58:54 2013 +0100
+++ b/src/proto.nacl0.c	Fri Jan 31 22:52:46 2014 +0100
@@ -33,21 +33,20 @@
 static int encode(struct qtsession* sess, char* raw, char* enc, int len) {
 	struct qt_proto_data_nacl0* d = (struct qt_proto_data_nacl0*)sess->protocol_data;
 	memset(raw, 0, crypto_box_curve25519xsalsa20poly1305_ZEROBYTES);
-	if (crypto_box_curve25519xsalsa20poly1305_afternm(enc, raw, len+crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, d->cnonce, d->cbefore)) return errorexit("Crypto failed");
+	if (crypto_box_curve25519xsalsa20poly1305_afternm((unsigned char*)enc, (unsigned char*)raw, len+crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, d->cnonce, d->cbefore)) return errorexit("Crypto failed");
 	return len + crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES;
 }
 
 static int decode(struct qtsession* sess, char* enc, char* raw, int len) {
 	struct qt_proto_data_nacl0* d = (struct qt_proto_data_nacl0*)sess->protocol_data;
-	int i;
 	if (len < crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES) {
 		fprintf(stderr, "Short packet received: %d\n", len);
 		return -1;
 	}
 	len -= crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES;
 	memset(enc, 0, crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES);
-	if (i = crypto_box_curve25519xsalsa20poly1305_open_afternm(raw, enc, len+crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, d->cnonce, d->cbefore)) {
-		fprintf(stderr, "Decryption failed len=%d result=%d\n", len, i);
+	if (crypto_box_curve25519xsalsa20poly1305_open_afternm((unsigned char*)raw, (unsigned char*)enc, len+crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, d->cnonce, d->cbefore)) {
+		fprintf(stderr, "Decryption failed len=%d\n", len);
 		return -1;
 	}
 	return len;
@@ -62,17 +61,17 @@
 	if (!(envval = getconf("PUBLIC_KEY"))) return errorexit("Missing PUBLIC_KEY");
 	if (strlen(envval) != 2*crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES) return errorexit("PUBLIC_KEY length");
 	hex2bin(cpublickey, envval, crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES);
-	if (envval = getconf("PRIVATE_KEY")) {
+	if ((envval = getconf("PRIVATE_KEY"))) {
 		if (strlen(envval) != 2*crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES) return errorexit("PRIVATE_KEY length");
 		hex2bin(csecretkey, envval, crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES);
-	} else if (envval = getconf("PRIVATE_KEY_FILE")) {
+	} else if ((envval = getconf("PRIVATE_KEY_FILE"))) {
 		FILE* pkfile = fopen(envval, "rb");
 		if (!pkfile) return errorexitp("Could not open PRIVATE_KEY_FILE");
 		char pktextbuf[crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES * 2];
-		size_t pktextsize = fread(pktextbuf, 1, sizeof(pktextbuf), pkfile);
+		const size_t pktextsize = fread(pktextbuf, 1, sizeof(pktextbuf), pkfile);
 		if (pktextsize == crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES) {
 			memcpy(csecretkey, pktextbuf, crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES);
-		} else if (pktextsize = 2 * crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES) {
+		} else if (pktextsize == 2 * crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES) {
 			hex2bin(csecretkey, pktextbuf, crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES);
 		} else {
 			return errorexit("PRIVATE_KEY length");
--- a/src/proto.nacltai.c	Sat Nov 23 16:58:54 2013 +0100
+++ b/src/proto.nacltai.c	Fri Jan 31 22:52:46 2014 +0100
@@ -60,7 +60,7 @@
 	b[9] = (nano >> 16) & 0xff;
 	b[10] = (nano >> 8) & 0xff;
 	b[11] = (nano >> 0) & 0xff;
-	++b[15] == 0 && ++b[14] == 0 && ++b[13] == 0 && ++b[12] == 0;
+	if (++b[15] == 0 && ++b[14] == 0 && ++b[13] == 0) ++b[12];
 }
 
 //Packet format: <16 bytes taia packed timestamp><16 bytes checksum><n bytes encrypted data>
@@ -70,7 +70,7 @@
 	struct qt_proto_data_nacltai* d = (struct qt_proto_data_nacltai*)sess->protocol_data;
 	memset(raw, 0, crypto_box_curve25519xsalsa20poly1305_ZEROBYTES);
 	taia_now_packed(d->cenonce + nonceoffset, 0);
-	if (crypto_box_curve25519xsalsa20poly1305_afternm(enc, raw, len + crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, d->cenonce, d->cbefore)) return errorexit("Encryption failed");
+	if (crypto_box_curve25519xsalsa20poly1305_afternm((unsigned char*)enc, (unsigned char*)raw, len + crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, d->cenonce, d->cbefore)) return errorexit("Encryption failed");
 	memcpy((void*)(enc + crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES - noncelength), d->cenonce + nonceoffset, noncelength);
 	len += overhead;
 	if (debug) fprintf(stderr, "Encoded packet of %d bytes from %p to %p\n", len, raw, enc);
@@ -102,8 +102,8 @@
 	}
 	memcpy(d->cdnonce + nonceoffset, enc, noncelength);
 	memset(enc, 0, crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES);
-	if (i = crypto_box_curve25519xsalsa20poly1305_open_afternm(raw, enc, len + crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, d->cdnonce, d->cbefore)) {
-		fprintf(stderr, "Decryption failed len=%d result=%d\n", len, i);
+	if (crypto_box_curve25519xsalsa20poly1305_open_afternm((unsigned char*)raw, (unsigned char*)enc, len + crypto_box_curve25519xsalsa20poly1305_ZEROBYTES, d->cdnonce, d->cbefore)) {
+		fprintf(stderr, "Decryption failed len=%d\n", len);
 		return -1;
 	}
 	memcpy(taiold, d->cdnonce + nonceoffset, 16);
@@ -119,17 +119,17 @@
 	if (!(envval = getconf("PUBLIC_KEY"))) return errorexit("Missing PUBLIC_KEY");
 	if (strlen(envval) != 2*crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES) return errorexit("PUBLIC_KEY length");
 	hex2bin(cpublickey, envval, crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES);
-	if (envval = getconf("PRIVATE_KEY")) {
+	if ((envval = getconf("PRIVATE_KEY"))) {
 		if (strlen(envval) != 2*crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES) return errorexit("PRIVATE_KEY length");
 		hex2bin(csecretkey, envval, crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES);
-	} else if (envval = getconf("PRIVATE_KEY_FILE")) {
+	} else if ((envval = getconf("PRIVATE_KEY_FILE"))) {
 		FILE* pkfile = fopen(envval, "rb");
 		if (!pkfile) return errorexitp("Could not open PRIVATE_KEY_FILE");
 		char pktextbuf[crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES * 2];
-		size_t pktextsize = fread(pktextbuf, 1, sizeof(pktextbuf), pkfile);
+		const size_t pktextsize = fread(pktextbuf, 1, sizeof(pktextbuf), pkfile);
 		if (pktextsize == crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES) {
 			memcpy(csecretkey, pktextbuf, crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES);
-		} else if (pktextsize = 2 * crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES) {
+		} else if (pktextsize == 2 * crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES) {
 			hex2bin(csecretkey, pktextbuf, crypto_box_curve25519xsalsa20poly1305_SECRETKEYBYTES);
 		} else {
 			return errorexit("PRIVATE_KEY length");
@@ -146,7 +146,7 @@
 
 	crypto_scalarmult_curve25519_base(cownpublickey, csecretkey);
 
-	if (envval = getconf("TIME_WINDOW")) {
+	if ((envval = getconf("TIME_WINDOW"))) {
 		struct packedtaia* tailog = d->cdtailog;
 		taia_now_packed((unsigned char*)&tailog[0], -atol(envval));
 		tailog[4] = tailog[3] = tailog[2] = tailog[1] = tailog[0];
@@ -154,7 +154,7 @@
 		fprintf(stderr, "Warning: TIME_WINDOW not set, risking an initial replay attack\n");
 	}
 	int role = memcmp(cownpublickey, cpublickey, crypto_box_curve25519xsalsa20poly1305_PUBLICKEYBYTES);
-	if (envval = getconf("ROLE")) role = atoi(envval) ? 1 : -1;
+	if ((envval = getconf("ROLE"))) role = atoi(envval) ? 1 : -1;
 	role = (role == 0) ? 0 : ((role > 0) ? 1 : 2);
 	d->cenonce[nonceoffset-1] = role & 1;
 	d->cdnonce[nonceoffset-1] = (role >> 1) & 1;
--- a/src/proto.salty.c	Sat Nov 23 16:58:54 2013 +0100
+++ b/src/proto.salty.c	Fri Jan 31 22:52:46 2014 +0100
@@ -120,6 +120,7 @@
 #include <sys/types.h>
 #include <sys/time.h>
 #include <stdbool.h>
+#include <time.h>
 
 #define NONCEBYTES crypto_box_curve25519xsalsa20poly1305_NONCEBYTES
 #define BEFORENMBYTES crypto_box_curve25519xsalsa20poly1305_BEFORENMBYTES
@@ -167,7 +168,7 @@
 	unsigned char* b = (unsigned char*)sb;
 	return (b[0] << 24) | (b[1] << 16) | (b[2] << 8) | b[3];
 }
-static void encodeuint64(char* b, uint64 v) {
+static void encodeuint64(unsigned char* b, uint64 v) {
 	b[0] = (v >> 56) & 255;
 	b[1] = (v >> 48) & 255;
 	b[2] = (v >> 40) & 255;
@@ -184,7 +185,7 @@
 
 static int devurandomfd = -1;
 
-static void dumphex(unsigned char* lbl, unsigned char* buffer, int len) {
+static void dumphex(char* lbl, unsigned char* buffer, int len) {
 	fprintf(stderr, "%s: ", lbl);
 	for (; len > 0; len--, buffer++) fprintf(stderr, "%02x", *buffer);
 	fprintf(stderr, "\n");
@@ -232,7 +233,7 @@
 	if (crypto_box_curve25519xsalsa20poly1305_afternm(encbuffer, buffer, 32 + (1 + 32 + 24 + 32 + 24 + 8), nonce, d->controlkey)) return;
 	memcpy(encbuffer + 16 - 8, nonce + 16, 8);
 	encbuffer[16 - 1 - 8] = 0x80;
-	if (sess->sendnetworkpacket) sess->sendnetworkpacket(sess, encbuffer + 16 - 1 - 8, 1 + 8 + 16 + (1 + 32 + 24 + 32 + 24 + 8));
+	if (sess->sendnetworkpacket) sess->sendnetworkpacket(sess, (char*)encbuffer + 16 - 1 - 8, 1 + 8 + 16 + (1 + 32 + 24 + 32 + 24 + 8));
 	d->lastkeyupdatesent = time(NULL);
 }
 
@@ -250,6 +251,7 @@
 	initdecoder(&d->datadecoders[(d->dataremotekeyid << 1) | d->datalocalkeynextid], d->dataremotekey, enckey->privatekey, d->dataremotenonce);
 	sendkeyupdate(sess, false);
 	d->lastkeyupdate = time(NULL);
+	return true;
 }
 
 static void beginkeyupdateifnecessary(struct qtsession* sess) {
@@ -270,17 +272,17 @@
 	if (!(envval = getconf("PUBLIC_KEY"))) return errorexit("Missing PUBLIC_KEY");
 	if (strlen(envval) != 2*PUBLICKEYBYTES) return errorexit("PUBLIC_KEY length");
 	hex2bin(cpublickey, envval, PUBLICKEYBYTES);
-	if (envval = getconf("PRIVATE_KEY")) {
+	if ((envval = getconf("PRIVATE_KEY"))) {
 		if (strlen(envval) != 2 * PUBLICKEYBYTES) return errorexit("PRIVATE_KEY length");
 		hex2bin(csecretkey, envval, PRIVATEKEYBYTES);
-	} else if (envval = getconf("PRIVATE_KEY_FILE")) {
+	} else if ((envval = getconf("PRIVATE_KEY_FILE"))) {
 		FILE* pkfile = fopen(envval, "rb");
 		if (!pkfile) return errorexitp("Could not open PRIVATE_KEY_FILE");
 		char pktextbuf[PRIVATEKEYBYTES * 2];
-		size_t pktextsize = fread(pktextbuf, 1, sizeof(pktextbuf), pkfile);
+		const size_t pktextsize = fread(pktextbuf, 1, sizeof(pktextbuf), pkfile);
 		if (pktextsize == PRIVATEKEYBYTES) {
 			memcpy(csecretkey, pktextbuf, PRIVATEKEYBYTES);
-		} else if (pktextsize = 2 * PRIVATEKEYBYTES) {
+		} else if (pktextsize == 2 * PRIVATEKEYBYTES) {
 			hex2bin(csecretkey, pktextbuf, PRIVATEKEYBYTES);
 		} else {
 			return errorexit("PRIVATE_KEY length");
@@ -329,7 +331,7 @@
 	if (e->nonce[20] & 0xE0) return 0;
 	if (debug) dumphex("ENCODE KEY", e->sharedkey, 32);
 	memset(raw, 0, crypto_box_curve25519xsalsa20poly1305_ZEROBYTES);
-	if (crypto_box_curve25519xsalsa20poly1305_afternm(enc, raw, len + 32, e->nonce, e->sharedkey)) return errorexit("Encryption failed");
+	if (crypto_box_curve25519xsalsa20poly1305_afternm((unsigned char*)enc, (unsigned char*)raw, len + 32, e->nonce, e->sharedkey)) return errorexit("Encryption failed");
 	enc[12] = (e->nonce[20] & 0x1F) | (0 << 7) | (d->datalocalkeyid << 6) | (d->dataremotekeyid << 5);
 	enc[13] = e->nonce[21];
 	enc[14] = e->nonce[22];
@@ -379,7 +381,7 @@
 		dec->nonce[23] = enc[15];
 		memset(enc, 0, crypto_box_curve25519xsalsa20poly1305_BOXZEROBYTES);
 		if (debug) dumphex("DECODE KEY", dec->sharedkey, 32);
-		if (crypto_box_curve25519xsalsa20poly1305_open_afternm(raw, enc, len - 4 + 16, dec->nonce, dec->sharedkey)) {
+		if (crypto_box_curve25519xsalsa20poly1305_open_afternm((unsigned char*)raw, (unsigned char*)enc, len - 4 + 16, dec->nonce, dec->sharedkey)) {
 			fprintf(stderr, "Decryption of data packet failed len=%d\n", len);
 			return -1;
 		}
@@ -402,7 +404,7 @@
 		cnonce[0] = (d->controlroles >> 1) & 1;
 		memcpy(cnonce + 16, enc + 13, 8);
 		memset(enc + 12 + 1 + 8 - 16, 0, 16);
-		if (crypto_box_curve25519xsalsa20poly1305_open_afternm(raw, enc + 12 + 1 + 8 - 16, len - 1 - 8 + 16, cnonce, d->controlkey)) {
+		if (crypto_box_curve25519xsalsa20poly1305_open_afternm((unsigned char*)raw, (unsigned char*)enc + 12 + 1 + 8 - 16, len - 1 - 8 + 16, cnonce, d->controlkey)) {
 			fprintf(stderr, "Decryption of control packet failed len=%d\n", len);
 			return -1;
 		}
--- a/src/run.combined.c	Sat Nov 23 16:58:54 2013 +0100
+++ b/src/run.combined.c	Fri Jan 31 22:52:46 2014 +0100
@@ -52,7 +52,7 @@
 #endif
 	if (qtprocessargs(argc, argv) < 0) return -1;
 	char* envval;
-	if (envval = getconf("PROTOCOL")) {
+	if ((envval = getconf("PROTOCOL"))) {
 		if (strcmp(envval, "raw") == 0) {
 			return qtrun(&qtproto_raw);
 		} else if (strcmp(envval, "nacl0") == 0) {