No functional change, but big code cleanup. WARNS, lint(1) and style(9).

4 files changed, 92 insertions, 216 deletions

diff --git a/secure/lib/libcrypt/blowfish.c b/secure/lib/libcrypt/blowfish.c
index d4e4fae..f3f1d24 100644
--- a/secure/lib/libcrypt/blowfish.c
+++ b/secure/lib/libcrypt/blowfish.c
@@ -53,27 +53,17 @@ __FBSDID("$FreeBSD$");
 #include <sys/types.h>
 #include "blowfish.h"
 
-#undef inline
-#ifdef __GNUC__
-#define inline __inline
-#else				/* !__GNUC__ */
-#define inline
-#endif				/* !__GNUC__ */
-
 /* Function for Feistel Networks */
 
-#define F(s, x) ((((s)[        (((x)>>24)&0xFF)]  \
+#define _F(s, x) ((((s)[        (((x)>>24)&0xFF)]  \
 		 + (s)[0x100 + (((x)>>16)&0xFF)]) \
 		 ^ (s)[0x200 + (((x)>> 8)&0xFF)]) \
 		 + (s)[0x300 + ( (x)     &0xFF)])
 
-#define BLFRND(s,p,i,j,n) (i ^= F(s,j) ^ (p)[n])
+#define BLFRND(s, p, i, j, n) (i ^= _F(s, j) ^ (p)[n])
 
 void
-Blowfish_encipher(c, xl, xr)
-	blf_ctx *c;
-	u_int32_t *xl;
-	u_int32_t *xr;
+Blowfish_encipher(blf_ctx *c, u_int32_t *xl, u_int32_t *xr)
 {
 	u_int32_t Xl;
 	u_int32_t Xr;
@@ -98,10 +88,7 @@ Blowfish_encipher(c, xl, xr)
 }
 
 void
-Blowfish_decipher(c, xl, xr)
-	blf_ctx *c;
-	u_int32_t *xl;
-	u_int32_t *xr;
+Blowfish_decipher(blf_ctx *c, u_int32_t *xl, u_int32_t *xr)
 {
 	u_int32_t Xl;
 	u_int32_t Xr;
@@ -126,8 +113,7 @@ Blowfish_decipher(c, xl, xr)
 }
 
 void
-Blowfish_initstate(c)
-	blf_ctx *c;
+Blowfish_initstate(blf_ctx *c)
 {
 
 /* P-box and S-box tables initialized with digits of Pi */
@@ -199,7 +185,7 @@ Blowfish_initstate(c)
 			0xd60f573f, 0xbc9bc6e4, 0x2b60a476, 0x81e67400,
 			0x08ba6fb5, 0x571be91f, 0xf296ec6b, 0x2a0dd915,
 			0xb6636521, 0xe7b9f9b6, 0xff34052e, 0xc5855664,
-		0x53b02d5d, 0xa99f8fa1, 0x08ba4799, 0x6e85076a},
+			0x53b02d5d, 0xa99f8fa1, 0x08ba4799, 0x6e85076a},
 		{
 			0x4b7a70e9, 0xb5b32944, 0xdb75092e, 0xc4192623,
 			0xad6ea6b0, 0x49a7df7d, 0x9cee60b8, 0x8fedb266,
@@ -264,7 +250,7 @@ Blowfish_initstate(c)
 			0x9e447a2e, 0xc3453484, 0xfdd56705, 0x0e1e9ec9,
 			0xdb73dbd3, 0x105588cd, 0x675fda79, 0xe3674340,
 			0xc5c43465, 0x713e38d8, 0x3d28f89e, 0xf16dff20,
-		0x153e21e7, 0x8fb03d4a, 0xe6e39f2b, 0xdb83adf7},
+			0x153e21e7, 0x8fb03d4a, 0xe6e39f2b, 0xdb83adf7},
 		{
 			0xe93d5a68, 0x948140f7, 0xf64c261c, 0x94692934,
 			0x411520f7, 0x7602d4f7, 0xbcf46b2e, 0xd4a20068,
@@ -329,7 +315,7 @@ Blowfish_initstate(c)
 			0xed545578, 0x08fca5b5, 0xd83d7cd3, 0x4dad0fc4,
 			0x1e50ef5e, 0xb161e6f8, 0xa28514d9, 0x6c51133c,
 			0x6fd5c7e7, 0x56e14ec4, 0x362abfce, 0xddc6c837,
-		0xd79a3234, 0x92638212, 0x670efa8e, 0x406000e0},
+			0xd79a3234, 0x92638212, 0x670efa8e, 0x406000e0},
 		{
 			0x3a39ce37, 0xd3faf5cf, 0xabc27737, 0x5ac52d1b,
 			0x5cb0679e, 0x4fa33742, 0xd3822740, 0x99bc9bbe,
@@ -394,7 +380,7 @@ Blowfish_initstate(c)
 			0x85cbfe4e, 0x8ae88dd8, 0x7aaaf9b0, 0x4cf9aa7e,
 			0x1948c25c, 0x02fb8a8c, 0x01c36ae4, 0xd6ebe1f9,
 			0x90d4f869, 0xa65cdea0, 0x3f09252d, 0xc208e69f,
-		0xb74e6132, 0xce77e25b, 0x578fdfe3, 0x3ac372e6}
+			0xb74e6132, 0xce77e25b, 0x578fdfe3, 0x3ac372e6}
 	},
 	{
 		0x243f6a88, 0x85a308d3, 0x13198a2e, 0x03707344,
@@ -408,16 +394,9 @@ Blowfish_initstate(c)
 
 }
 
-#ifdef __STDC__
-u_int32_t
-Blowfish_stream2word(const u_int8_t *data, u_int16_t databytes, u_int16_t *current)
-#else
 u_int32_t
-Blowfish_stream2word(data, databytes, current)
-	const u_int8_t *data;
-	u_int16_t databytes;
-	u_int16_t *current;
-#endif
+Blowfish_stream2word(const u_int8_t *data, u_int16_t databytes,
+    u_int16_t *current)
 {
 	u_int8_t i;
 	u_int16_t j;
@@ -436,16 +415,8 @@ Blowfish_stream2word(data, databytes, current)
 	return temp;
 }
 
-#if __STDC__
 void
 Blowfish_expand0state(blf_ctx *c, const u_int8_t *key, u_int16_t keybytes)
-#else
-void
-Blowfish_expand0state(c, key, keybytes)
-	blf_ctx *c;
-	const u_int8_t *key;
-	u_int16_t keybytes;
-#endif
 {
 	u_int16_t i;
 	u_int16_t j;
@@ -482,19 +453,9 @@ Blowfish_expand0state(c, key, keybytes)
 }
 
 
-#if __STDC__
 void
 Blowfish_expandstate(blf_ctx *c, const u_int8_t *data, u_int16_t databytes,
-		     const u_int8_t *key, u_int16_t keybytes)
-#else
-void
-Blowfish_expandstate(c, data, databytes, key, keybytes)
-	blf_ctx *c;
-	const u_int8_t *data;
-	u_int16_t databytes;
-	const u_int8_t *key;
-	u_int16_t keybytes;
-#endif
+    const u_int8_t *key, u_int16_t keybytes)
 {
 	u_int16_t i;
 	u_int16_t j;
@@ -535,16 +496,8 @@ Blowfish_expandstate(c, data, databytes, key, keybytes)
 
 }
 
-#if __STDC__
 void
 blf_key(blf_ctx *c, const u_int8_t *k, u_int16_t len)
-#else
-void
-blf_key(c, k, len)
-	blf_ctx *c;
-	const u_int8_t *k;
-	u_int16_t len;
-#endif
 {
 	/* Initalize S-boxes and subkeys with Pi */
 	Blowfish_initstate(c);
@@ -553,16 +506,8 @@ blf_key(c, k, len)
 	Blowfish_expand0state(c, k, len);
 }
 
-#if __STDC__
 void
 blf_enc(blf_ctx *c, u_int32_t *data, u_int16_t blocks)
-#else
-void
-blf_enc(c, data, blocks)
-	blf_ctx *c;
-	u_int32_t *data;
-	u_int16_t blocks;
-#endif
 {
 	u_int32_t *d;
 	u_int16_t i;
@@ -574,16 +519,8 @@ blf_enc(c, data, blocks)
 	}
 }
 
-#if __STDC__
 void
 blf_dec(blf_ctx *c, u_int32_t *data, u_int16_t blocks)
-#else
-void
-blf_dec(c, data, blocks)
-	blf_ctx *c;
-	u_int32_t *data;
-	u_int16_t blocks;
-#endif
 {
 	u_int32_t *d;
 	u_int16_t i;
@@ -595,16 +532,8 @@ blf_dec(c, data, blocks)
 	}
 }
 
-#if __STDC__
 void
 blf_ecb_encrypt(blf_ctx *c, u_int8_t *data, u_int32_t len)
-#else
-void
-blf_ecb_encrypt(c, data, len)
-     blf_ctx *c;
-     u_int8_t *data;
-     u_int32_t len;
-#endif
 {
 	u_int32_t l, r;
 	u_int32_t i;
@@ -625,16 +554,8 @@ blf_ecb_encrypt(c, data, len)
 	}
 }
 
-#if __STDC__
 void
 blf_ecb_decrypt(blf_ctx *c, u_int8_t *data, u_int32_t len)
-#else
-void
-blf_ecb_decrypt(c, data, len)
-     blf_ctx *c;
-     u_int8_t *data;
-     u_int32_t len;
-#endif
 {
 	u_int32_t l, r;
 	u_int32_t i;
@@ -655,17 +576,8 @@ blf_ecb_decrypt(c, data, len)
 	}
 }
 
-#if __STDC__
 void
 blf_cbc_encrypt(blf_ctx *c, u_int8_t *iv, u_int8_t *data, u_int32_t len)
-#else
-void
-blf_cbc_encrypt(c, iv, data, len)
-     blf_ctx *c;
-     u_int8_t *iv;
-     u_int8_t *data;
-     u_int32_t len;
-#endif
 {
 	u_int32_t l, r;
 	u_int32_t i, j;
@@ -689,17 +601,8 @@ blf_cbc_encrypt(c, iv, data, len)
 	}
 }
 
-#if __STDC__
 void
 blf_cbc_decrypt(blf_ctx *c, u_int8_t *iva, u_int8_t *data, u_int32_t len)
-#else
-void
-blf_cbc_decrypt(c, iva, data, len)
-     blf_ctx *c;
-     u_int8_t *iva;
-     u_int8_t *data;
-     u_int32_t len;
-#endif
 {
 	u_int32_t l, r;
 	u_int8_t *iv;
@@ -758,7 +661,7 @@ main(void)
 
 	u_int32_t data[10];
 	u_int32_t data2[] =
-	{0x424c4f57l, 0x46495348l};
+	{0x424c4f57L, 0x46495348L};
 
 	u_int16_t i;
 
diff --git a/secure/lib/libcrypt/blowfish.h b/secure/lib/libcrypt/blowfish.h
index 12e60cc..f53eab1 100644
--- a/secure/lib/libcrypt/blowfish.h
+++ b/secure/lib/libcrypt/blowfish.h
@@ -61,26 +61,26 @@ typedef struct BlowfishContext {
  *	Blowfish_expand0state( state, key, keylen )
  */
 
-void Blowfish_encipher __P((blf_ctx *, u_int32_t *, u_int32_t *));
-void Blowfish_decipher __P((blf_ctx *, u_int32_t *, u_int32_t *));
-void Blowfish_initstate __P((blf_ctx *));
-void Blowfish_expand0state __P((blf_ctx *, const u_int8_t *, u_int16_t));
+void Blowfish_encipher(blf_ctx *, u_int32_t *, u_int32_t *);
+void Blowfish_decipher(blf_ctx *, u_int32_t *, u_int32_t *);
+void Blowfish_initstate(blf_ctx *);
+void Blowfish_expand0state(blf_ctx *, const u_int8_t *, u_int16_t);
 void Blowfish_expandstate
-    __P((blf_ctx *, const u_int8_t *, u_int16_t, const u_int8_t *, u_int16_t));
+   (blf_ctx *, const u_int8_t *, u_int16_t, const u_int8_t *, u_int16_t);
 
 /* Standard Blowfish */
 
-void blf_key __P((blf_ctx *, const u_int8_t *, u_int16_t));
-void blf_enc __P((blf_ctx *, u_int32_t *, u_int16_t));
-void blf_dec __P((blf_ctx *, u_int32_t *, u_int16_t));
+void blf_key(blf_ctx *, const u_int8_t *, u_int16_t);
+void blf_enc(blf_ctx *, u_int32_t *, u_int16_t);
+void blf_dec(blf_ctx *, u_int32_t *, u_int16_t);
 
-void blf_ecb_encrypt __P((blf_ctx *, u_int8_t *, u_int32_t));
-void blf_ecb_decrypt __P((blf_ctx *, u_int8_t *, u_int32_t));
+void blf_ecb_encrypt(blf_ctx *, u_int8_t *, u_int32_t);
+void blf_ecb_decrypt(blf_ctx *, u_int8_t *, u_int32_t);
 
-void blf_cbc_encrypt __P((blf_ctx *, u_int8_t *, u_int8_t *, u_int32_t));
-void blf_cbc_decrypt __P((blf_ctx *, u_int8_t *, u_int8_t *, u_int32_t));
+void blf_cbc_encrypt(blf_ctx *, u_int8_t *, u_int8_t *, u_int32_t);
+void blf_cbc_decrypt(blf_ctx *, u_int8_t *, u_int8_t *, u_int32_t);
 
 /* Converts u_int8_t to u_int32_t */
-u_int32_t Blowfish_stream2word __P((const u_int8_t *, u_int16_t , u_int16_t *));
+u_int32_t Blowfish_stream2word(const u_int8_t *, u_int16_t , u_int16_t *);
 
 #endif
diff --git a/secure/lib/libcrypt/crypt-blowfish.c b/secure/lib/libcrypt/crypt-blowfish.c
index 6add0f06..f63d7e8 100644
--- a/secure/lib/libcrypt/crypt-blowfish.c
+++ b/secure/lib/libcrypt/crypt-blowfish.c
@@ -50,16 +50,13 @@ __FBSDID("$FreeBSD$");
  * FreeBSD implementation by Paul Herman <pherman@frenchfries.net>
  */
 
-#if 0
-#include <stdio.h>
-#endif
-
 #include <stdio.h>
 #include <stdlib.h>
 #include <sys/types.h>
 #include <string.h>
 #include <pwd.h>
 #include "blowfish.h"
+#include "crypt.h"
 
 /* This implementation is adaptable to current computing power.
  * You can have up to 2^31 rounds which should be enough for some
@@ -71,20 +68,20 @@ __FBSDID("$FreeBSD$");
 #define BCRYPT_BLOCKS 6		/* Ciphertext blocks */
 #define BCRYPT_MINROUNDS 16	/* we have log2(rounds) in salt */
 
-char   *bcrypt_gensalt __P((u_int8_t));
+char   *bcrypt_gensalt(u_int8_t);
 
-static void encode_salt __P((char *, u_int8_t *, u_int16_t, u_int8_t));
-static void encode_base64 __P((u_int8_t *, u_int8_t *, u_int16_t));
-static void decode_base64 __P((u_int8_t *, u_int16_t, u_int8_t *));
+static void encode_salt(char *, u_int8_t *, u_int16_t, u_int8_t);
+static void encode_base64(u_int8_t *, u_int8_t *, u_int16_t);
+static void decode_base64(u_int8_t *, u_int16_t, const u_int8_t *);
 
 static char    encrypted[_PASSWORD_LEN];
 static char    gsalt[BCRYPT_MAXSALT * 4 / 3 + 1];
 static char    error[] = ":";
 
-const static u_int8_t Base64Code[] =
+static const u_int8_t Base64Code[] =
 "./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
 
-const static u_int8_t index_64[128] =
+static const u_int8_t index_64[128] =
 {
 	255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
 	255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
@@ -102,19 +99,11 @@ const static u_int8_t index_64[128] =
 };
 #define CHAR64(c)  ( (c) > 127 ? 255 : index_64[(c)])
 
-#ifdef __STDC__
 static void
-decode_base64(u_int8_t *buffer, u_int16_t len, u_int8_t *data)
-#else
-static void
-decode_base64(buffer, len, data)
-	u_int8_t *buffer;
-	u_int16_t len;
-	u_int8_t *data;
-#endif
+decode_base64(u_int8_t *buffer, u_int16_t len, const u_int8_t *data)
 {
 	u_int8_t *bp = buffer;
-	u_int8_t *p = data;
+	const u_int8_t *p = data;
 	u_int8_t c1, c2, c3, c4;
 	while (bp < buffer + len) {
 		c1 = CHAR64(*p);
@@ -124,7 +113,7 @@ decode_base64(buffer, len, data)
 		if (c1 == 255 || c2 == 255)
 			break;
 
-		*bp++ = (c1 << 2) | ((c2 & 0x30) >> 4);
+		*bp++ = (u_int8_t)((c1 << 2) | ((c2 & 0x30) >> 4));
 		if (bp >= buffer + len)
 			break;
 
@@ -145,17 +134,8 @@ decode_base64(buffer, len, data)
 	}
 }
 
-#ifdef __STDC__
 static void
 encode_salt(char *salt, u_int8_t *csalt, u_int16_t clen, u_int8_t logr)
-#else
-static void
-encode_salt(salt, csalt, clen, logr)
-	char   *salt;
-	u_int8_t *csalt;
-	u_int16_t clen;
-	u_int8_t logr;
-#endif
 {
 	salt[0] = '$';
 	salt[1] = BCRYPT_VERSION;
@@ -171,14 +151,8 @@ encode_salt(salt, csalt, clen, logr)
    seems sensible.
  */
 
-#ifdef __STDC__
 char *
 bcrypt_gensalt(u_int8_t log_rounds)
-#else
-char *
-bcrypt_gensalt(log_rounds)
-	u_int8_t log_rounds;
-#endif
 {
 	u_int8_t csalt[BCRYPT_MAXSALT];
 	u_int16_t i;
@@ -201,21 +175,19 @@ bcrypt_gensalt(log_rounds)
    i.e. $2$04$iwouldntknowwhattosayetKdJ6iFtacBqJdKe6aW7ou */
 
 char   *
-crypt_blowfish(key, salt)
-	const char   *key;
-	const char   *salt;
+crypt_blowfish(const char *key, const char *salt)
 {
 	blf_ctx state;
 	u_int32_t rounds, i, k;
 	u_int16_t j;
-	u_int8_t key_len, salt_len, logr, minor;
+	u_int8_t key_len, salt_len, logr, minr;
 	u_int8_t ciphertext[4 * BCRYPT_BLOCKS] = "OrpheanBeholderScryDoubt";
 	u_int8_t csalt[BCRYPT_MAXSALT];
 	u_int32_t cdata[BCRYPT_BLOCKS];
-	static char     *magic = "$2a$04$";
+	static const char     *magic = "$2a$04$";
                                    
 		/* Defaults */
-	minor = 'a';
+	minr = 'a';
 	logr = 4;
 	rounds = 1 << logr;
 
@@ -238,14 +210,14 @@ crypt_blowfish(key, salt)
 			 switch (salt[1]) {
 			 case 'a':
 				 /* 'ab' should not yield the same as 'abab' */
-				 minor = salt[1];
+				 minr = (u_int8_t)salt[1];
 				 salt++;
 				 break;
 			 default:
 				 return error;
 			 }
 		} else
-			 minor = 0;
+			 minr = 0;
 
 		/* Discard version + "$" identifier */
 		salt += 2;
@@ -255,7 +227,9 @@ crypt_blowfish(key, salt)
 			return error;
 
 		/* Computer power doesnt increase linear, 2^x should be fine */
-		if ((rounds = (u_int32_t) 1 << (logr = atoi(salt))) < BCRYPT_MINROUNDS)
+		logr = (u_int8_t)atoi(salt);
+		rounds = 1 << logr;
+		if (rounds < BCRYPT_MINROUNDS)
 			return error;
 
 		/* Discard num rounds + "$" identifier */
@@ -264,16 +238,16 @@ crypt_blowfish(key, salt)
 
 
 	/* We dont want the base64 salt but the raw data */
-	decode_base64(csalt, BCRYPT_MAXSALT, (u_int8_t *) salt);
+	decode_base64(csalt, BCRYPT_MAXSALT, salt);
 	salt_len = BCRYPT_MAXSALT;
-	key_len = strlen(key) + (minor >= 'a' ? 1 : 0);
+	key_len = (u_int8_t)(strlen(key) + (minr >= 'a' ? 1 : 0));
 
 	/* Setting up S-Boxes and Subkeys */
 	Blowfish_initstate(&state);
 	Blowfish_expandstate(&state, csalt, salt_len,
-	    (u_int8_t *) key, key_len);
+	    (const u_int8_t *) key, key_len);
 	for (k = 0; k < rounds; k++) {
-		Blowfish_expand0state(&state, (u_int8_t *) key, key_len);
+		Blowfish_expand0state(&state, (const u_int8_t *) key, key_len);
 		Blowfish_expand0state(&state, csalt, salt_len);
 	}
 
@@ -300,8 +274,8 @@ crypt_blowfish(key, salt)
 	i = 0;
 	encrypted[i++] = '$';
 	encrypted[i++] = BCRYPT_VERSION;
-	if (minor)
-		encrypted[i++] = minor;
+	if (minr)
+		encrypted[i++] = (int8_t)minr;
 	encrypted[i++] = '$';
 
 	snprintf(encrypted + i, 4, "%2.2u$", logr);
@@ -312,16 +286,8 @@ crypt_blowfish(key, salt)
 	return encrypted;
 }
 
-#ifdef __STDC__
 static void
 encode_base64(u_int8_t *buffer, u_int8_t *data, u_int16_t len)
-#else
-static void
-encode_base64(buffer, data, len)
-	u_int8_t *buffer;
-	u_int8_t *data;
-	u_int16_t len;
-#endif
 {
 	u_int8_t *bp = buffer;
 	u_int8_t *p = data;
@@ -349,6 +315,7 @@ encode_base64(buffer, data, len)
 	}
 	*bp = '\0';
 }
+
 #if 0
 void
 main()
diff --git a/secure/lib/libcrypt/crypt-des.c b/secure/lib/libcrypt/crypt-des.c
index 2e86eac..9adff93 100644
--- a/secure/lib/libcrypt/crypt-des.c
+++ b/secure/lib/libcrypt/crypt-des.c
@@ -67,8 +67,10 @@ __FBSDID("$FreeBSD$");
 #include "crypt.h"
 
 /* We can't always assume gcc */
-#ifdef __GNUC__
+#if	defined(__GNUC__) && !defined(lint)
 #define INLINE inline
+#else
+#define INLINE
 #endif
 
 
@@ -80,7 +82,6 @@ static u_char	IP[64] = {
 };
 
 static u_char	inv_key_perm[64];
-static u_char	u_key_perm[56];
 static u_char	key_perm[56] = {
 	57, 49, 41, 33, 25, 17,  9,  1, 58, 50, 42, 34, 26, 18,
 	10,  2, 59, 51, 43, 35, 27, 19, 11,  3, 60, 52, 44, 36,
@@ -177,7 +178,7 @@ static u_int32_t	bits32[32] =
 static u_char	bits8[8] = { 0x80, 0x40, 0x20, 0x10, 0x08, 0x04, 0x02, 0x01 };
 
 static u_int32_t	saltbits;
-static long		old_salt;
+static u_int32_t	old_salt;
 static u_int32_t	*bits28, *bits24;
 static u_char		init_perm[64], final_perm[64];
 static u_int32_t	en_keysl[16], en_keysr[16];
@@ -215,7 +216,7 @@ ascii_to_bin(char ch)
 }
 
 static void
-des_init()
+des_init(void)
 {
 	int	i, j, b, k, inbit, obit;
 	u_int32_t	*p, *il, *ir, *fl, *fr;
@@ -242,15 +243,15 @@ des_init()
 		for (i = 0; i < 64; i++)
 			for (j = 0; j < 64; j++)
 				m_sbox[b][(i << 6) | j] =
-					(u_sbox[(b << 1)][i] << 4) |
-					u_sbox[(b << 1) + 1][j];
+					(u_char)((u_sbox[(b << 1)][i] << 4) |
+					u_sbox[(b << 1) + 1][j]);
 
 	/*
 	 * Set up the initial & final permutations into a useful form, and
 	 * initialise the inverted key permutation.
 	 */
 	for (i = 0; i < 64; i++) {
-		init_perm[final_perm[i] = IP[i] - 1] = i;
+		init_perm[final_perm[i] = IP[i] - 1] = (u_char)i;
 		inv_key_perm[i] = 255;
 	}
 
@@ -259,8 +260,7 @@ des_init()
 	 * compression permutation.
 	 */
 	for (i = 0; i < 56; i++) {
-		u_key_perm[i] = key_perm[i] - 1;
-		inv_key_perm[key_perm[i] - 1] = i;
+		inv_key_perm[key_perm[i] - 1] = (u_char)i;
 		inv_comp_perm[i] = 255;
 	}
 
@@ -268,7 +268,7 @@ des_init()
 	 * Invert the key compression permutation.
 	 */
 	for (i = 0; i < 48; i++) {
-		inv_comp_perm[comp_perm[i] - 1] = i;
+		inv_comp_perm[comp_perm[i] - 1] = (u_char)i;
 	}
 
 	/*
@@ -330,7 +330,7 @@ des_init()
 	 * handling the output of the S-box arrays setup above.
 	 */
 	for (i = 0; i < 32; i++)
-		un_pbox[pbox[i] - 1] = i;
+		un_pbox[pbox[i] - 1] = (u_char)i;
 
 	for (b = 0; b < 4; b++)
 		for (i = 0; i < 256; i++) {
@@ -345,7 +345,7 @@ des_init()
 }
 
 static void
-setup_salt(long salt)
+setup_salt(u_int32_t salt)
 {
 	u_int32_t	obit, saltbit;
 	int		i;
@@ -374,8 +374,8 @@ des_setkey(const char *key)
 	if (!des_initialised)
 		des_init();
 
-	rawkey0 = ntohl(*(u_int32_t *) key);
-	rawkey1 = ntohl(*(u_int32_t *) (key + 4));
+	rawkey0 = ntohl(*(const u_int32_t *) key);
+	rawkey1 = ntohl(*(const u_int32_t *) (key + 4));
 
 	if ((rawkey0 | rawkey1)
 	    && rawkey0 == old_rawkey0
@@ -562,23 +562,29 @@ do_des(	u_int32_t l_in, u_int32_t r_in, u_int32_t *l_out, u_int32_t *r_out, int
 }
 
 static int
-des_cipher(const char *in, char *out, long salt, int count)
+des_cipher(const char *in, char *out, u_long salt, int count)
 {
 	u_int32_t	l_out, r_out, rawl, rawr;
 	int		retval;
+	union {
+		u_int32_t	*ui32;
+		const char	*c;
+	} trans;
 
 	if (!des_initialised)
 		des_init();
 
 	setup_salt(salt);
 
-	rawl = ntohl(*((u_int32_t *) in)++);
-	rawr = ntohl(*((u_int32_t *) in));
+	trans.c = in;
+	rawl = ntohl(*trans.ui32++);
+	rawr = ntohl(*trans.ui32);
 
 	retval = do_des(rawl, rawr, &l_out, &r_out, count);
 
-	*((u_int32_t *) out)++ = htonl(l_out);
-	*((u_int32_t *) out) = htonl(r_out);
+	trans.c = out;
+	*trans.ui32++ = htonl(l_out);
+	*trans.ui32 = htonl(r_out);
 	return(retval);
 }
 
@@ -588,22 +594,22 @@ crypt_des(const char *key, const char *setting)
 	int		i;
 	u_int32_t	count, salt, l, r0, r1, keybuf[2];
 	u_char		*p, *q;
-	static u_char	output[21];
+	static char	output[21];
 
 	if (!des_initialised)
 		des_init();
 
-
 	/*
 	 * Copy the key, shifting each character up by one bit
 	 * and padding with zeros.
 	 */
-	q = (u_char *) keybuf;
-	while (q - (u_char *) keybuf - 8) {
-		if ((*q++ = *key << 1))
+	q = (u_char *)keybuf;
+	while (q - (u_char *)keybuf - 8) {
+		*q++ = *key << 1;
+		if (*(q - 1))
 			key++;
 	}
-	if (des_setkey((u_char *) keybuf))
+	if (des_setkey((char *)keybuf))
 		return(NULL);
 
 	if (*setting == _PASSWORD_EFMT1) {
@@ -613,25 +619,25 @@ crypt_des(const char *key, const char *setting)
 		 *	key - unlimited characters
 		 */
 		for (i = 1, count = 0L; i < 5; i++)
-			count |= ascii_to_bin(setting[i]) << (i - 1) * 6;
+			count |= ascii_to_bin(setting[i]) << ((i - 1) * 6);
 
 		for (i = 5, salt = 0L; i < 9; i++)
-			salt |= ascii_to_bin(setting[i]) << (i - 5) * 6;
+			salt |= ascii_to_bin(setting[i]) << ((i - 5) * 6);
 
 		while (*key) {
 			/*
 			 * Encrypt the key with itself.
 			 */
-			if (des_cipher((u_char*)keybuf, (u_char*)keybuf, 0L, 1))
+			if (des_cipher((char *)keybuf, (char *)keybuf, 0L, 1))
 				return(NULL);
 			/*
 			 * And XOR with the next 8 characters of the key.
 			 */
-			q = (u_char *) keybuf;
-			while (q - (u_char *) keybuf - 8 && *key)
+			q = (u_char *)keybuf;
+			while (q - (u_char *)keybuf - 8 && *key)
 				*q++ ^= *key++ << 1;
 
-			if (des_setkey((u_char *) keybuf))
+			if (des_setkey((char *)keybuf))
 				return(NULL);
 		}
 		strncpy(output, setting, 9);
@@ -644,7 +650,7 @@ crypt_des(const char *key, const char *setting)
 		 * NUL in it.
 		 */
 		output[9] = '\0';
-		p = output + strlen(output);
+		p = (u_char *)output + strlen(output);
 	} else {
 		/*
 		 * "old"-style:
@@ -665,13 +671,13 @@ crypt_des(const char *key, const char *setting)
 		 */
 		output[1] = setting[1] ? setting[1] : output[0];
 
-		p = output + 2;
+		p = (u_char *)output + 2;
 	}
 	setup_salt(salt);
 	/*
 	 * Do it.
 	 */
-	if (do_des(0L, 0L, &r0, &r1, count))
+	if (do_des(0L, 0L, &r0, &r1, (int)count))
 		return(NULL);
 	/*
 	 * Now encode the result...