make effects of casting more explicit

src/agent/Core/AdminPanelConnector.h

@@ -471,7 +471,7 @@ class AdminPanelConnector {
 						pipe.second.close();
 						closeAllFileDescriptors(2);
 
-						execvp(execArgs[0], (char * const *) &execArgs[0]);
+						execvp(execArgs[0], const_cast<char * const *>(&execArgs[0]));
 
 						int e = errno;
 						char buf[256];

src/agent/Core/SecurityUpdateChecker.h

@@ -594,7 +594,7 @@ class SecurityUpdateChecker {
 			long responseCode;
 			CURLcode code;
 
-			if (!verifyFileReadable((char *) clientCertPath.c_str())) {
+			if (!verifyFileReadable(const_cast<char *>(clientCertPath.c_str()))) {
 				logUpdateFail("File not readable: " + clientCertPath);
 				break;
 			}

src/agent/ExecHelper/ExecHelperMain.cpp

@@ -266,7 +266,7 @@ execHelperMain(int argc, char *argv[]) {
 	}
 
 	Options options;
-	if (!parseOptions(argc, (const char **) argv, options)) {
+	if (!parseOptions(argc, const_cast<const char **>(argv), options)) {
 		fprintf(stderr, "Error parsing arguments.\n");
 		usage();
 		exit(1);
@@ -289,7 +289,7 @@ execHelperMain(int argc, char *argv[]) {
 		(char * const *) &argv[options.programArgStart]);
 	int e = errno;
 	fprintf(stderr, "ERROR: unable to execute %s: %s (errno=%d)\n",
-		describeCommand(argc, (const char **) argv, options).c_str(),
+		describeCommand(argc, const_cast<const char **>(argv), options).c_str(),
 		strerror(e),
 		e);
 	return 1;

src/agent/Shared/Fundamentals/Initialization.cpp

@@ -588,7 +588,7 @@ initializeAgent(int argc, char **argv[], const char *processName,
 			context->feedbackFdAvailable = true;
 			readConfigFromFd(FEEDBACK_FD, config);
 		} else if (optionParser != NULL) {
-			optionParser(argc, (const char **) *argv, config);
+			optionParser(argc, const_cast<const char **>(*argv), config);
 		} else {
 			readConfigFromJsonPassedToArgs(argc, argv, argStartIndex, config);
 		}

src/cxx_supportlib/IOTools/IOUtils.cpp

@@ -915,7 +915,7 @@ staticStringArrayToIoVec(const StaticString ary[], size_t count, struct iovec *v
 			 * platforms it's still defined as non-const char *
 			 * :-(
 			 */
-			vec[vecCount].iov_base = (char *) ary[i].data();
+			vec[vecCount].iov_base = const_cast<char *>(ary[i].data());
 			vec[vecCount].iov_len  = ary[i].size();
 			total += ary[i].size();
 			vecCount++;
@@ -1026,7 +1026,7 @@ realGatheredWrite(int fd, const StaticString *data, unsigned int dataCount, stri
 			return totalSize;
 		}
 	} else {
-		iov[0].iov_base = (char *) restBuffer.data();
+		iov[0].iov_base = const_cast<char *>(restBuffer.data());
 		iov[0].iov_len  = restBuffer.size();
 		totalSize = staticStringArrayToIoVec(data, dataCount, iov + 1, iovCount);
 		totalSize += restBuffer.size();

src/cxx_supportlib/SecurityKit/Crypto.cpp

@@ -73,18 +73,6 @@ CFDictionaryRef Crypto::createQueryDict(const char *label) {
 	return NULL;
 }
 
-OSStatus Crypto::lookupKeychainItem(const char *label, SecIdentityRef *oIdentity) {
-	OSStatus status = errSecItemNotFound;
-
-	CFDictionaryRef queryDict = createQueryDict(label);
-	if (queryDict) {
-		/* Do we have a match? */
-		status = SecItemCopyMatching(queryDict, (CFTypeRef *) oIdentity);
-		CFRelease(queryDict);
-	}
-	return status;
-}
-
 SecAccessRef Crypto::createAccess(const char *cLabel) {
 	SecAccessRef access = NULL;
 	CFStringRef label = CFStringCreateWithCString(NULL, cLabel, kCFStringEncodingUTF8);
@@ -162,85 +150,6 @@ OSStatus Crypto::copyIdentityFromPKCS12File(const char *cPath,
 	return status;
 }
 
-#if PRE_HIGH_SIERRA
-void Crypto::killKey(const char *cLabel) {
-	SecIdentityRef id = NULL;
-	OSStatus status = lookupKeychainItem(cLabel, &id);
-	if (status != errSecItemNotFound) {
-
-		CFArrayRef itemList = CFArrayCreate(NULL, (const void **) &id, 1, NULL);
-		CFTypeRef keys[]   = { kSecClass,  kSecMatchItemList,  kSecMatchLimit };
-		CFTypeRef values[] = { kSecClassCertificate, itemList, kSecMatchLimitOne };
-
-		CFDictionaryRef dict = CFDictionaryCreate(NULL, keys, values, 3L, NULL, NULL);
-		OSStatus oserr = SecItemDelete(dict);
-		if (oserr) {
-			CFStringRef str = SecCopyErrorMessageString(oserr, NULL);
-			logError(string("Removing Passenger Cert from keychain failed: ") + CFStringGetCStringPtr(str, kCFStringEncodingUTF8) +
-					". Please remove the certificate labeled " + cLabel + " in your keychain.");
-			CFRelease(str);
-		}
-		CFRelease(dict);
-		CFRelease(itemList);
-
-		if(id){
-			CFTypeRef keys2[]   = { kSecClass,  kSecAttrSubjectKeyID,  kSecMatchLimit };
-			CFTypeRef values2[] = { kSecClassKey, id, kSecMatchLimitOne };
-			dict = CFDictionaryCreate(NULL, keys2, values2, 3L, NULL, NULL);
-			oserr = SecItemDelete(dict);
-			if (oserr) {
-				CFStringRef str = SecCopyErrorMessageString(oserr, NULL);
-				logError(string("Removing Passenger private key from keychain failed: ") + CFStringGetCStringPtr(str, kCFStringEncodingUTF8) +
-						 ". Please remove the private key from the certificate labeled " + cLabel + " in your keychain.");
-				CFRelease(str);
-			}
-			CFRelease(dict);
-			CFRelease(id);
-			id = NULL;
-		}
-
-	} else {
-		CFStringRef str = SecCopyErrorMessageString(status, NULL);
-		logError(string("Finding Passenger Cert failed: ") + CFStringGetCStringPtr(str, kCFStringEncodingUTF8) );
-		CFRelease(str);
-	}
-}
-
-bool Crypto::preAuthKey(const char *path, const char *passwd, const char *cLabel) {
-	SecIdentityRef id = NULL;
-	if (lookupKeychainItem(cLabel, &id) == errSecItemNotFound) {
-		OSStatus oserr = SecKeychainSetUserInteractionAllowed(false);
-		if (oserr) {
-			CFStringRef str = SecCopyErrorMessageString(oserr, NULL);
-			logError(string("Disabling GUI Keychain interaction failed: ") + CFStringGetCStringPtr(str, kCFStringEncodingUTF8));
-			CFRelease(str);
-		}
-		oserr = copyIdentityFromPKCS12File(path, passwd, cLabel);
-		bool success = (noErr == oserr);
-		if (!success) {
-			CFStringRef str = SecCopyErrorMessageString(oserr, NULL);
-			logError(string("Pre authorizing the Passenger client certificate failed: ") + CFStringGetCStringPtr(str, kCFStringEncodingUTF8));
-			CFRelease(str);
-		}
-		oserr = SecKeychainSetUserInteractionAllowed(true);
-		if (oserr) {
-			//This is really bad, we should probably ask the user to reboot.
-			CFStringRef str = SecCopyErrorMessageString(oserr, NULL);
-			logError(string("Re-enabling GUI Keychain interaction failed with error: ") + CFStringGetCStringPtr(str, kCFStringEncodingUTF8) +
-					" Please reboot as soon as possible, thanks.");
-			CFRelease(str);
-		}
-		return success;
-	} else {
-		logError(string("Passenger client certificate was found in the keychain unexpectedly, skipping security update check. Please remove the private key from the certificate labeled ") + cLabel + " in your keychain.");
-		if (id) {
-			CFRelease(id);
-		}
-		return false;
-	}
-}
-#endif
-
 bool Crypto::generateRandomChars(unsigned char *rndChars, int rndLen) {
 	FILE *fPtr = fopen("/dev/random", "r");
 	if (fPtr == NULL) {
@@ -546,7 +455,7 @@ bool Crypto::verifySignature(string signaturePubKeyPath, char *signatureChars, i
 
 		CFDataRef signatureRef = CFDataCreateWithBytesNoCopy(NULL, (UInt8*) signatureChars, signatureLen, kCFAllocatorNull);
 
-		CFDataRef dataRef = CFDataCreateWithBytesNoCopy(NULL, (UInt8*) data.c_str(), data.length(), kCFAllocatorNull);
+		CFDataRef dataRef = CFDataCreateWithBytesNoCopy(NULL, reinterpret_cast<const UInt8*>(data.c_str()), data.length(), kCFAllocatorNull);
 
 		CFErrorRef error = NULL;
 		verifier = SecVerifyTransformCreate(rsaPubKey, signatureRef, &error);
@@ -609,7 +518,7 @@ PUBKEY_TYPE Crypto::loadPubKey(const char *filename) {
 	CFArrayRef temparray = NULL;
 	do {
 		url = CFURLCreateFromFileSystemRepresentation(kCFAllocatorDefault,
-													  (UInt8*) filename, strlen(filename), false);
+													  reinterpret_cast<const UInt8*>(filename), strlen(filename), false);
 		if (url == NULL) {
 			logError("CFURLCreateFromFileSystemRepresentation failed.");
 			break;
@@ -655,7 +564,7 @@ PUBKEY_TYPE Crypto::loadPubKey(const char *filename) {
 			CFRelease(str);
 			break;
 		}
-		pubKey = (SecKeyRef) CFArrayGetValueAtIndex(temparray, 0);
+		pubKey = reinterpret_cast<SecKeyRef>(const_cast<void*>(CFArrayGetValueAtIndex(temparray, 0)));
 		CFRetain(pubKey); //bump ref count, now we own this and need to release it eventually
 	} while (0);
 

src/cxx_supportlib/SecurityKit/Crypto.h

@@ -90,7 +90,6 @@ class Crypto {
 	void logFreeErrorExtended(const StaticString &prefix, CFErrorRef &additional);
 	CFDictionaryRef createQueryDict(const char *label);
 	SecAccessRef createAccess(const char *cLabel);
-	OSStatus lookupKeychainItem(const char *label, SecIdentityRef *oIdentity);
 	OSStatus copyIdentityFromPKCS12File(const char *cPath, const char *cPassword, const char *cLabel);
 	CFDataRef genIV(size_t iv_size);
 	bool getKeyBytes(SecKeyRef cryptokey, void **target, size_t &len);
@@ -110,13 +109,6 @@ class Crypto {
 	bool generateAndAppendNonce(string &nonce);
 
 #if BOOST_OS_MACOS
-#if PRE_HIGH_SIERRA
-	/**
-	 * sets the permissions on the certificate so that curl doesn't prompt
-	 */
-	bool preAuthKey(const char *path, const char *passwd, const char *cLabel);
-	void killKey(const char *cLabel);
-#endif
 	bool generateRandomChars(unsigned char *rndChars, int rndLen);
 #endif
 

src/cxx_supportlib/StrIntTools/DateParsing.h

@@ -125,7 +125,7 @@ skipImfFixdate_comment(const char **pos, const char *end) {
 	assert(**pos == '(');
 	(*pos)++;
 
-	char *result = (char *) std::memchr(*pos, ')', end - *pos);
+	const char *result = static_cast<const char*>(std::memchr(*pos, ')', end - *pos));
 	if (result == NULL) {
 		return false;
 	} else {

src/cxx_supportlib/StrIntTools/StrIntUtils.cpp

@@ -348,7 +348,7 @@ hexatriToULL(const StaticString &str) {
 string
 toHex(const StaticString &data) {
 	string result(data.size() * 2, '\0');
-	toHex(data, (char *) result.data());
+	toHex(data, const_cast<char *>(result.data()));
 	return result;
 }