From 23f9905d9a38b5089b99321dc56b6567605505db Mon Sep 17 00:00:00 2001
From: Fabian Keil <fk@fabiankeil.de>
Date: Mon, 24 Aug 2009 18:59:13 +0200
Subject: [PATCH 01/17] In print_crl(), initialize aki_idx and crl_nr once before entering the for loop instead of each run.

Otherwise the "error: more than one AKI extension\n" and
"error: more than one CRL number\n" checks want work.
---
 lib/x509/output.c |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/x509/output.c b/lib/x509/output.c
index c04beb1..fa2844f 100644
--- a/lib/x509/output.c
+++ b/lib/x509/output.c
@@ -1555,14 +1555,14 @@ print_crl (gnutls_string * str, gnutls_x509_crl_t crl, int notsigned)
     {
       size_t i;
       int err = 0;
+      int aki_idx = 0;
+      int crl_nr = 0;
 
       for (i = 0;; i++)
 	{
 	  char oid[MAX_OID_SIZE] = "";
 	  size_t sizeof_oid = sizeof (oid);
 	  int critical;
-	  int crl_nr = 0;
-	  int aki_idx = 0;
 
 	  err = gnutls_x509_crl_get_extension_info (crl, i,
 						    oid, &sizeof_oid,
-- 
1.6.4.1


From 5e6f9fc5de67134c409a5cef3419deb838196b94 Mon Sep 17 00:00:00 2001
From: Fabian Keil <fk@fabiankeil.de>
Date: Mon, 24 Aug 2009 19:19:41 +0200
Subject: [PATCH 02/17] In print_crq(), initialize challenge and extensions once before entering the for loop instead of each run.

---
 lib/x509/output.c |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/x509/output.c b/lib/x509/output.c
index fa2844f..8cbd886 100644
--- a/lib/x509/output.c
+++ b/lib/x509/output.c
@@ -1919,13 +1919,13 @@ print_crq (gnutls_string * str, gnutls_x509_crq_t cert)
   {
     size_t i;
     int err = 0;
+    int extensions = 0;
+    int challenge = 0;
 
     for (i = 0;; i++)
       {
 	char oid[MAX_OID_SIZE] = "";
 	size_t sizeof_oid = sizeof (oid);
-	int extensions = 0;
-	int challenge = 0;
 
 	err = gnutls_x509_crq_get_attribute_info (cert, i, oid, &sizeof_oid);
 	if (err < 0)
-- 
1.6.4.1


From 8e3f23d447bc5437a7101a5e48718b02fc1d3ddf Mon Sep 17 00:00:00 2001
From: Fabian Keil <fk@fabiankeil.de>
Date: Mon, 24 Aug 2009 19:06:43 +0200
Subject: [PATCH 03/17] In print_extensions(), initialize *_idx variables once before entering the for loop instead of each run.

Otherwise checking them is pointless as they always will be zero.
---
 lib/x509/output.c |   16 ++++++++--------
 1 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/lib/x509/output.c b/lib/x509/output.c
index 8cbd886..0b9f305 100644
--- a/lib/x509/output.c
+++ b/lib/x509/output.c
@@ -691,20 +691,20 @@ print_extensions (gnutls_string * str, const char *prefix, int type,
 		  cert_type_t cert)
 {
   int i, err;
+  size_t san_idx = 0;
+  size_t proxy_idx = 0;
+  size_t basic_idx = 0;
+  size_t keyusage_idx = 0;
+  size_t keypurpose_idx = 0;
+  size_t ski_idx = 0;
+  size_t aki_idx = 0;
+  size_t crldist_idx = 0;
 
   for (i = 0;; i++)
     {
       char oid[MAX_OID_SIZE] = "";
       size_t sizeof_oid = sizeof (oid);
       int critical;
-      size_t san_idx = 0;
-      size_t proxy_idx = 0;
-      size_t basic_idx = 0;
-      size_t keyusage_idx = 0;
-      size_t keypurpose_idx = 0;
-      size_t ski_idx = 0;
-      size_t aki_idx = 0;
-      size_t crldist_idx = 0;
 
       if (type == TYPE_CRT)
 	err = gnutls_x509_crt_get_extension_info (cert.crt, i,
-- 
1.6.4.1


From f6654a1aac31c3f04e01a8527e98c1e206961a92 Mon Sep 17 00:00:00 2001
From: Fabian Keil <fk@fabiankeil.de>
Date: Mon, 24 Aug 2009 19:09:22 +0200
Subject: [PATCH 04/17] In print_extensions(), declare the *_idx variables as int instead of size_t.

While it shouldn't make a difference, it makes more sense to me.
It's also consistent with (at least) print_crl().
---
 lib/x509/output.c |   16 ++++++++--------
 1 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/lib/x509/output.c b/lib/x509/output.c
index 0b9f305..854affb 100644
--- a/lib/x509/output.c
+++ b/lib/x509/output.c
@@ -691,14 +691,14 @@ print_extensions (gnutls_string * str, const char *prefix, int type,
 		  cert_type_t cert)
 {
   int i, err;
-  size_t san_idx = 0;
-  size_t proxy_idx = 0;
-  size_t basic_idx = 0;
-  size_t keyusage_idx = 0;
-  size_t keypurpose_idx = 0;
-  size_t ski_idx = 0;
-  size_t aki_idx = 0;
-  size_t crldist_idx = 0;
+  int san_idx = 0;
+  int proxy_idx = 0;
+  int basic_idx = 0;
+  int keyusage_idx = 0;
+  int keypurpose_idx = 0;
+  int ski_idx = 0;
+  int aki_idx = 0;
+  int crldist_idx = 0;
 
   for (i = 0;; i++)
     {
-- 
1.6.4.1


From e554a1408c5289d553050050dd1262071e894ce0 Mon Sep 17 00:00:00 2001
From: Fabian Keil <fk@fabiankeil.de>
Date: Mon, 24 Aug 2009 18:41:25 +0200
Subject: [PATCH 05/17] In cdk_strlist_next, root is expected to be non-NULL and the check wasn't sufficient anyway.

---
 lib/opencdk/misc.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/lib/opencdk/misc.c b/lib/opencdk/misc.c
index 50977bf..abb2ff5 100644
--- a/lib/opencdk/misc.c
+++ b/lib/opencdk/misc.c
@@ -118,7 +118,7 @@ cdk_strlist_next (cdk_strlist_t root, const char **r_str)
 {
   cdk_strlist_t node;
 
-  if (root && r_str)
+  if (r_str)
     *r_str = root->d;
   for (node = root->next; node; node = node->next)
     return node;
-- 
1.6.4.1


From 97f412627d3751438d952a797c957770a0402ff2 Mon Sep 17 00:00:00 2001
From: Fabian Keil <fk@fabiankeil.de>
Date: Mon, 24 Aug 2009 20:16:11 +0200
Subject: [PATCH 06/17] In main(), rename salt to salt_size and don't bother reading info.salt which we don't use anyway.

---
 src/crypt.c |    8 +++-----
 1 files changed, 3 insertions(+), 5 deletions(-)

diff --git a/src/crypt.c b/src/crypt.c
index e7e872d..a9b71d2 100644
--- a/src/crypt.c
+++ b/src/crypt.c
@@ -394,7 +394,7 @@ main (int argc, char **argv)
 {
   gaainfo info;
   const char *passwd;
-  int salt, ret;
+  int salt_size, ret;
   struct passwd *pwd;
 
   set_program_name (argv[0]);
@@ -413,8 +413,6 @@ main (int argc, char **argv)
       return -1;
     }
 
-  salt = info.salt;
-
   if (info.create_conf != NULL)
     {
       return generate_create_conf (info.create_conf);
@@ -443,7 +441,7 @@ main (int argc, char **argv)
 #endif
     }
 
-  salt = 16;
+  salt_size = 16;
 
   passwd = getpass ("Enter password: ");
   if (passwd == NULL)
@@ -460,7 +458,7 @@ main (int argc, char **argv)
     }
 
 
-  return crypt_int (info.username, passwd, salt,
+  return crypt_int (info.username, passwd, salt_size,
 		    info.passwd_conf, info.passwd, info.index);
 
 }
-- 
1.6.4.1


From 0cb1cc33c45c2da19f8e685fe3f6209fd5e03cc4 Mon Sep 17 00:00:00 2001
From: Fabian Keil <fk@fabiankeil.de>
Date: Tue, 25 Aug 2009 18:15:35 +0200
Subject: [PATCH 07/17] Mark what looks like a bug in in _gnutls_srp_pwd_read_entry()

---
 lib/auth_srp_passwd.c |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/lib/auth_srp_passwd.c b/lib/auth_srp_passwd.c
index 4475abb..376effd 100644
--- a/lib/auth_srp_passwd.c
+++ b/lib/auth_srp_passwd.c
@@ -347,7 +347,8 @@ _gnutls_srp_pwd_read_entry (gnutls_session_t state, char *username,
 	      /* Keep the last index in memory, so we can retrieve fake parameters (g,n)
 	       * when the user does not exist.
 	       */
-	      last_idx = idx;
+              /* XXX: last_idx will not be read as both if block branches return. */
+              last_idx = idx;
 	      if (pwd_read_conf (cred->password_conf_file, entry, idx) == 0)
 		{
 		  return 0;
-- 
1.6.4.1


From 8499fd507084699b1da1ca056f3ca00a8e55e3ba Mon Sep 17 00:00:00 2001
From: Fabian Keil <fk@fabiankeil.de>
Date: Sat, 29 Aug 2009 11:47:29 +0200
Subject: [PATCH 08/17] Remove duplicates. Two exact ones and a pretty close one.

---
 THANKS |    3 ---
 1 files changed, 0 insertions(+), 3 deletions(-)

diff --git a/THANKS b/THANKS
index 3d09fc8..fb6a87b 100644
--- a/THANKS
+++ b/THANKS
@@ -35,7 +35,6 @@ Stéphane LOEUILLET              <stephane.loeuillet@tiscali.fr>
 Aleix Conchillo Flaque          <aleix@member.fsf.org>
 Martijn Koster                  <mak@greenhills.co.uk>
 Marcin Garski                   <mgarski@post.pl>
-Martijn Koster                  <m.koster@greenhills.co.uk>
 Martin Lambers                  <marlam@web.de>
 Michael Ringe                   <Michael.Ringe@aachen.utimaco.de>
 Daniel Black                    <dragonheart@gentoo.org>
@@ -49,7 +48,6 @@ Thomas Klausner                 <tk@giga.or.at>
 Matthias Urlichs                <smurf@smurf.noris.de>
 Ralph Giles                     <giles@onlinegamegroup.com>
 Daniel Stenberg                 <daniel@haxx.se>
-Thomas Klausner                 <tk@giga.or.at>
 Jouni Malinen                   <jkmaline@cc.hut.fi>
 Evgeny Legerov                  <admin@gleg.net>
 John Heiden                     <JHeiden@UTNet.UToledo.Edu>
@@ -102,7 +100,6 @@ Fabian Keil                     <fk@fabiankeil.de>
 Brad Hards                      <bradh@frogmouth.net>
 Daiki Ueno                      <ueno@unixuser.org>
 Tomas Hoger                     <thoger@redhat.com>
-Tim Kosse                       <tim.kosse@filezilla-project.org>
 
 ----------------------------------------------------------------------
 Copying and distribution of this file, with or without modification,
-- 
1.6.4.1


From c818d5315672f6e63577de5efa9c4d2910e03215 Mon Sep 17 00:00:00 2001
From: Fabian Keil <fk@fabiankeil.de>
Date: Mon, 24 Aug 2009 20:12:29 +0200
Subject: [PATCH 09/17] Remove write-only variable tmp_size in _pkcs12_decode_safe_content().

---
 lib/x509/pkcs12.c |    3 +--
 1 files changed, 1 insertions(+), 2 deletions(-)

diff --git a/lib/x509/pkcs12.c b/lib/x509/pkcs12.c
index a0f8312..3434e7f 100644
--- a/lib/x509/pkcs12.c
+++ b/lib/x509/pkcs12.c
@@ -50,7 +50,7 @@ _decode_pkcs12_auth_safe (ASN1_TYPE pkcs12, ASN1_TYPE * authen_safe,
   char oid[MAX_OID_SIZE];
   ASN1_TYPE c2 = ASN1_TYPE_EMPTY;
   gnutls_datum_t auth_safe = { NULL, 0 };
-  int tmp_size, len, result;
+  int len, result;
   char error_str[ASN1_MAX_ERROR_DESCRIPTION_SIZE];
   
   len = sizeof (oid) - 1;
@@ -71,7 +71,6 @@ _decode_pkcs12_auth_safe (ASN1_TYPE pkcs12, ASN1_TYPE * authen_safe,
   /* Step 1. Read the content data
    */
 
-  tmp_size = 0;
   result =
     _gnutls_x509_read_value (pkcs12, "authSafe.content", &auth_safe, 1);
   if (result < 0)
-- 
1.6.4.1


From f3a8907f3e7371b8fa6a0cfad81e2d54f39654dd Mon Sep 17 00:00:00 2001
From: Fabian Keil <fk@fabiankeil.de>
Date: Tue, 25 Aug 2009 18:44:25 +0200
Subject: [PATCH 10/17] Remove write-only variable sep_ar_idx in split_multi_arg().

---
 src/cfg/shared.c |    4 +---
 1 files changed, 1 insertions(+), 3 deletions(-)

diff --git a/src/cfg/shared.c b/src/cfg/shared.c
index 1219f47..ef919c0 100644
--- a/src/cfg/shared.c
+++ b/src/cfg/shared.c
@@ -837,7 +837,7 @@ split_multi_arg(arg, ar, quote_prefix_ar, quote_postfix_ar, separator_ar)
 	char	**separator_ar;
 { /* {{{ */
 	register int i;
-	int sep_ar_idx, quote_idx, sep_size, tmp_sep_size;
+	int quote_idx, sep_size, tmp_sep_size;
 	char *p_quote, *p_sep, *tmp_s;
 	char *arg_base = arg;
 
@@ -850,7 +850,6 @@ split_multi_arg(arg, ar, quote_prefix_ar, quote_postfix_ar, separator_ar)
 		   and set quotation variables */
 		p_quote    = PLATON_FUNC(strdyn_str2)(arg, quote_prefix_ar, &quote_idx);
 		p_sep      = NULL; /* pointer to separator */
-		sep_ar_idx = -1;   /* index of separator */
 		sep_size   =  0;   /* length of separator string */
 
 		/* Searching first separator string (p_sep) */
@@ -858,7 +857,6 @@ split_multi_arg(arg, ar, quote_prefix_ar, quote_postfix_ar, separator_ar)
 			if ((tmp_s = PLATON_FUNC(str_white_str)(arg, separator_ar[i], &tmp_sep_size))
 					!= NULL && (p_sep == NULL || tmp_s < p_sep)) {
 				p_sep      = tmp_s;
-				sep_ar_idx = i;
 				sep_size   = tmp_sep_size;
 			}
 		}
-- 
1.6.4.1


From e34110d25d0c86c398f626d80cba984925edf347 Mon Sep 17 00:00:00 2001
From: Fabian Keil <fk@fabiankeil.de>
Date: Tue, 25 Aug 2009 18:48:41 +0200
Subject: [PATCH 11/17] Remove write-only variable info in gen_rsa_export_server_kx().

---
 lib/auth_rsa_export.c |    2 --
 1 files changed, 0 insertions(+), 2 deletions(-)

diff --git a/lib/auth_rsa_export.c b/lib/auth_rsa_export.c
index b561063..606f85c 100644
--- a/lib/auth_rsa_export.c
+++ b/lib/auth_rsa_export.c
@@ -76,7 +76,6 @@ gen_rsa_export_server_kx (gnutls_session_t session, opaque ** data)
   gnutls_privkey *apr_pkey;
   int apr_cert_list_length;
   gnutls_datum_t signature, ddata;
-  cert_auth_info_t info;
   gnutls_certificate_credentials_t cred;
 
   cred = (gnutls_certificate_credentials_t)
@@ -122,7 +121,6 @@ gen_rsa_export_server_kx (gnutls_session_t session, opaque ** data)
       return ret;
     }
 
-  info = _gnutls_get_auth_info (session);
   _gnutls_rsa_export_set_pubkey (session, rsa_mpis[1], rsa_mpis[0]);
 
   _gnutls_mpi_print (rsa_mpis[0], NULL, &n_m);
-- 
1.6.4.1


From fa778f079dfe488549f43eba0d01acd3fd692f51 Mon Sep 17 00:00:00 2001
From: Fabian Keil <fk@fabiankeil.de>
Date: Tue, 25 Aug 2009 18:50:58 +0200
Subject: [PATCH 12/17] Remove write-only variable info in _gnutls_proc_cert_cert_req().

---
 lib/auth_cert.c |    3 ---
 1 files changed, 0 insertions(+), 3 deletions(-)

diff --git a/lib/auth_cert.c b/lib/auth_cert.c
index a5244c8..5b8c163 100644
--- a/lib/auth_cert.c
+++ b/lib/auth_cert.c
@@ -1299,7 +1299,6 @@ _gnutls_proc_cert_cert_req (gnutls_session_t session, opaque * data,
   int size, ret;
   opaque *p;
   gnutls_certificate_credentials_t cred;
-  cert_auth_info_t info;
   ssize_t dsize;
   int i, j;
   gnutls_pk_algorithm_t pk_algos[MAX_SIGN_ALGOS];
@@ -1322,8 +1321,6 @@ _gnutls_proc_cert_cert_req (gnutls_session_t session, opaque * data,
       return ret;
     }
 
-  info = _gnutls_get_auth_info (session);
-
   p = data;
   dsize = data_size;
 
-- 
1.6.4.1


From b196c552f13e16e5ed1cebb1b871075cc8b8935c Mon Sep 17 00:00:00 2001
From: Fabian Keil <fk@fabiankeil.de>
Date: Mon, 24 Aug 2009 19:30:49 +0200
Subject: [PATCH 13/17] Remove dead store in pkcs12_info().

---
 src/certtool.c |    2 --
 1 files changed, 0 insertions(+), 2 deletions(-)

diff --git a/src/certtool.c b/src/certtool.c
index 9e972b2..c1f4134 100644
--- a/src/certtool.c
+++ b/src/certtool.c
@@ -2734,8 +2734,6 @@ pkcs12_info (void)
   if (result < 0)
     error (0, 0, "verify_mac: %s", gnutls_strerror (result));
 
-  indx = 0;
-
   for (indx = 0;; indx++)
     {
       result = gnutls_pkcs12_bag_init (&bag);
-- 
1.6.4.1


From d0afe0d2fcae9fc5dd2713e6096a2720894ba446 Mon Sep 17 00:00:00 2001
From: Fabian Keil <fk@fabiankeil.de>
Date: Mon, 24 Aug 2009 19:33:09 +0200
Subject: [PATCH 14/17] Remove dead store in pwd_put_values().

---
 lib/auth_srp_passwd.c |    1 -
 1 files changed, 0 insertions(+), 1 deletions(-)

diff --git a/lib/auth_srp_passwd.c b/lib/auth_srp_passwd.c
index 376effd..6a1e986 100644
--- a/lib/auth_srp_passwd.c
+++ b/lib/auth_srp_passwd.c
@@ -65,7 +65,6 @@ pwd_put_values (SRP_PWD_ENTRY * entry, char *str)
   *p = '\0';
   p++;
 
-  len = strlen (p);
   indx = atoi (p);
   if (indx == 0)
     {
-- 
1.6.4.1


From c3b244a07c3920e97cac21d5dda29c21384cb20f Mon Sep 17 00:00:00 2001
From: Fabian Keil <fk@fabiankeil.de>
Date: Mon, 24 Aug 2009 20:08:35 +0200
Subject: [PATCH 15/17] Remove dead store in gnutls_x509_crt_list_import().

---
 lib/x509/x509.c |    1 -
 1 files changed, 0 insertions(+), 1 deletions(-)

diff --git a/lib/x509/x509.c b/lib/x509/x509.c
index e1746a4..2fa3c6b 100644
--- a/lib/x509/x509.c
+++ b/lib/x509/x509.c
@@ -2894,7 +2894,6 @@ gnutls_x509_crt_list_import (gnutls_x509_crt_t * certs,
       gnutls_assert ();
       return GNUTLS_E_BASE64_DECODING_ERROR;
     }
-  size = data->size - (ptr - (char *) data->data);
 
   count = 0;
 
-- 
1.6.4.1


From d9a4b49b354b4021b4ea8408b2c71884eac58cdf Mon Sep 17 00:00:00 2001
From: Fabian Keil <fk@fabiankeil.de>
Date: Tue, 25 Aug 2009 18:39:41 +0200
Subject: [PATCH 16/17] Remove dead store in _gnutls_io_write_buffered().

---
 lib/gnutls_buffers.c |    1 -
 1 files changed, 0 insertions(+), 1 deletions(-)

diff --git a/lib/gnutls_buffers.c b/lib/gnutls_buffers.c
index 6faa5ea..4e54df6 100644
--- a/lib/gnutls_buffers.c
+++ b/lib/gnutls_buffers.c
@@ -664,7 +664,6 @@ _gnutls_io_write_buffered (gnutls_session_t session,
 
   _gnutls_write_log ("WRITE: Will write %d bytes to %p.\n", (int)n, fd);
 
-  i = 0;
   left = n;
   while (left > 0)
     {
-- 
1.6.4.1


From aa3bfc6be81a9d534ed1b2e477fdb014c68371b7 Mon Sep 17 00:00:00 2001
From: Fabian Keil <fk@fabiankeil.de>
Date: Tue, 25 Aug 2009 18:42:17 +0200
Subject: [PATCH 17/17] Remove dead store in listen_socket().

---
 src/serv.c |    1 -
 1 files changed, 0 insertions(+), 1 deletions(-)

diff --git a/src/serv.c b/src/serv.c
index ede5117..aaeda8e 100644
--- a/src/serv.c
+++ b/src/serv.c
@@ -697,7 +697,6 @@ listen_socket (const char *name, int listen_port)
       fprintf (stderr, "getaddrinfo() failed: %s\n", gai_strerror (s));
       return -1;
     }
-  s = -1;
 
   for (ptr = res; ptr != NULL; ptr = ptr->ai_next)
     {
-- 
1.6.4.1