Clean up warnings

Eliminate compiler warnings due to various issues (listed below).  This
allows Zephyr to build cleanly under GCC versions ranging from 4.1.0 to
4.7.2 with all of the options shown below:

  -g -O2 -Wall -Werror
  -Wno-deprecated-declarations
  -Wmissing-declarations
  -Wpointer-arith
  -Wstrict-prototypes
  -Wshadow
  -Wextra
  -Wno-missing-field-initializers
  -Wno-unused-parameter

  and, on recent versions, -Wunreachable-code

Test builds were done
  - On Ubuntu 12.10 (Quantal Quetzal) using both MIT Kerberos 1.10.1 and
    Heimdal 1.6, without krb4 and both with and without C-Ares and Hesiod
  - On Fedora 14 using Heimdal 0.6, without C-Ares or Hesiod and both
    with and without krb4 (KTH Kerberos 1.3rc2)
  - On Fedora Core 3, Fedora Core 5, Fedora 7, and Fedora 10, using
    Heimdal 0.6 and without C-Ares, Hesiod, or krb4

It also allows clean builds  on Solaris 10 under the Sun Studio 12 (9/07)
C compiler with the following options:

  -g -fd -v -errfmt -errhdr=%user -errtags=yes -errwarn=%all
  -erroff=E_OLD_STYLE_FUNC_DECL,E_ENUM_TYPE_MISMATCH_ARG,E_ARG_INCOMPATIBLE_WITH_ARG

... and under Solaris 9 with the Sun Forte 7 (3/02) C compiler with the above
options and -erroff=E_FUNC_HAS_NO_RETURN_STMT.  Solaris builds were done
with Heimdal 0.6 and without C-Ares, Hesiod, or krb4.

The following types of issues are addressed in this change:

- Parameters and local variables with the same names as library functions
- Parameters and local variables with the same names as globals
- Declarations for exported global variables missing from headers
- Prototypes for exported functions missing from headers
- Missing 'static' on functions that shouldn't be exported
- Old-style function declarations
- Duplicate declarations
- Type mismatches
- Unused variables and functions
- Uninitialized variables
- Forward references to enums
- Necessary header files not included
- Violations of the aliasing rules, where GCC was able to detect them
- Missing braces on if blocks that might be empty
- Attempts to do pointer arithmetic on pointers of type void *, which
  is not permitted in standard C.
- An attempt to pass a function pointer via a void * parameter, which is
  not permitted in standard C.  Instead, we now pass a pointer to a
  structure, which then contains the required function pointer.
- Unnecessary inclusion of <krb5_err.h>, which is already included by
  <krb5.h> when the former exists, and might not be protected against
  double inclusion, depending on which com_err was used.
- Missing include of <com_err.h>, which was masked by the fact that it is
  included by headers generated by e2fsprogs compile_et
- Use of com_err() with a non-constant value in place of the format string,
  which in every case was a fixed-size buffer in which a message was built
  using sprintf(!).  Both the calls to sprintf and the fixed-size buffers
  have been removed, in favor of just letting com_err() do the formatting.
- Various cases where X library functions expecting a parameter of type
  wchar_t * were instead passed a parameter of type XChar2b *.  The two
  types look similar, but are not the same and are _not_ interchangeable.
- An overly-simplistic configure test which failed to detect existence of
  <term.h> on Solaris, due to not including <curses.h>.
- Using the wrong type for the flags output of krb5_auth_con_getflags()
  when building against Heimdal.  A configure test is added to detect
  the correct type.

12 files changed, 108 insertions, 116 deletions

diff --git a/server/access.h b/server/access.h
index d9802d0..910770f 100644
--- a/server/access.h
+++ b/server/access.h
@@ -36,7 +36,3 @@ void access_reinit(void);
 
 /* found in acl_files.c */
 int acl_load(char *);
-
-/* external data relevant */
-extern int zdebug;
-
diff --git a/server/acl_files.c b/server/acl_files.c
index e62451a..e7bfc0c 100644
--- a/server/acl_files.c
+++ b/server/acl_files.c
@@ -60,8 +60,8 @@ static const char rcsid_acl_files_c[] = "$Id$";
 /* If realm is missing, it becomes the local realm */
 /* Canonicalized form is put in canon, which must be big enough to hold
    MAX_PRINCIPAL_SIZE characters */
-void acl_canonicalize_principal(char *principal,
-				char *canon)
+static void
+acl_canonicalize_principal(char *principal, char *canon)
 {
     char *end;
     char *dot, *atsign;
@@ -240,7 +240,8 @@ add_host(struct host_ace **list,
 {
     struct host_ace *e;
     struct in_addr addr;
-    unsigned long mask = 0, i;
+    unsigned long mask = 0;
+    long i;
     char *m, *x;
 
     m = strchr(buf, '/');
@@ -395,7 +396,7 @@ acl_cache_reset(void)
 /* Returns nonzero if it can be determined that acl contains principal */
 /* Principal is not canonicalized, and no wildcarding is done */
 /* If neg is nonzero, we look for negative entries */
-int
+static int
 acl_exact_match(char *acl,
 		char *principal,
 		int neg)
@@ -412,7 +413,7 @@ acl_exact_match(char *acl,
 
 /* Returns nonzero if it can be determined that acl contains who */
 /* If neg is nonzero, we look for negative entries */
-int
+static int
 acl_host_match(char *acl,
                unsigned long who,
                int neg)
@@ -442,7 +443,6 @@ acl_check(char *acl,
     char buf[MAX_PRINCIPAL_SIZE];
     char canon[MAX_PRINCIPAL_SIZE];
     char *instance, *realm;
-    unsigned long mask;
     int p, i, r, result = 0;
 
     if (principal) {
diff --git a/server/bdump.c b/server/bdump.c
index 9982271..c790d8f 100644
--- a/server/bdump.c
+++ b/server/bdump.c
@@ -411,7 +411,7 @@ bdump_send(void)
 	(void) strcpy(instance, "*"); 		/* let Kerberos fill it in */
 
 	ticket.length = len;
-	memcpy(&ticket.dat, data, MIN(len, sizeof(ticket.dat)));
+	memcpy(&ticket.dat, data, MIN(len, (int)sizeof(ticket.dat)));
 	retval = krb_rd_req(&ticket, SERVER_SERVICE, instance,
 			    from.sin_addr.s_addr, &kdata, srvtab_file);
 	/*
@@ -858,7 +858,8 @@ transmit_tcp(char *pack, int packlen)
 	    syslog(LOG_WARNING, "transmit_tcp: writing length: %m");
 	    retval = errno;
 	} else {
-	    syslog(LOG_WARNING, "transmit_tcp: writing length: %d vs %d", sizeof(length), count);
+	    syslog(LOG_WARNING, "transmit_tcp: writing length: %lu vs %d",
+		   (unsigned long)sizeof(length), count);
 	    retval = ZSRV_LEN;
 	}
 	goto cleanup;
@@ -1177,6 +1178,8 @@ bdump_recv_loop(Server *server)
     Client *client = NULL;
     struct sockaddr_in who;
 #ifdef HAVE_KRB5
+    uint32_t client_enctype;
+    uint32_t client_keysize;
     unsigned char buf[512];
     int blen;
 #endif
@@ -1318,9 +1321,11 @@ bdump_recv_loop(Server *server)
 			syslog(LOG_ERR,"bdump_recv_loop: bad keyblock read: %s (%s)",
 			       error_message(retval), cp);
 		    } else {
+			memcpy(&client_enctype, &buf[0], sizeof(uint32_t));
+			memcpy(&client_keysize, &buf[4], sizeof(uint32_t));
 			retval = Z_krb5_init_keyblock(Z_krb5_ctx,
-						    ntohl(*(krb5_enctype *)&buf[0]),
-						    ntohl(*(uint32_t *)&buf[4]),
+						    ntohl(client_enctype),
+						    ntohl(client_keysize),
 						    &client->session_keyblock);
 			if (retval) {
 			    syslog(LOG_ERR, "bdump_recv_loop: failed to allocate keyblock: %s",
@@ -1533,12 +1538,12 @@ get_packet(char **packet, int *buflen, int *retlen)
     char *p;
 
     result = net_read(input, (char *) &length, sizeof(unsigned short));
-    if (result < sizeof(short)) {
+    if (result < (int)sizeof(short)) {
 	if (result < 0) {
 	    return errno;
 	} else {
-	    syslog(LOG_ERR, "get_packet: received length: %d vs %d (%m)", result,
-		   sizeof(short));
+	    syslog(LOG_ERR, "get_packet: received length: %d vs %lu (%m)",
+		   result, (unsigned long)sizeof(short));
 	    return ZSRV_LEN;
 	}
     }
diff --git a/server/dispatch.c b/server/dispatch.c
index eaacc2c..8b9507a 100644
--- a/server/dispatch.c
+++ b/server/dispatch.c
@@ -230,7 +230,6 @@ dispatch(ZNotice_t *notice,
 {
     Code_t status;
     String *notice_class;
-    struct sockaddr_in who2;
     int authflag;
     ZRealm *realm;
     char *cp;
@@ -252,8 +251,6 @@ dispatch(ZNotice_t *notice,
 	return;
     }
 
-    who2 = *who;
-
     notice_class = make_string(notice->z_class,1);
 
     if (from_server) {
@@ -681,12 +678,13 @@ xmit(ZNotice_t *notice,
     }
 
     /* now we've sent it, mark it as not ack'ed */
-    if (!retval)
+    if (!retval) {
 	nacked = (Unacked *) malloc(sizeof(Unacked));
-    if (!nacked) {
-	/* no space: just punt */
-	syslog(LOG_WARNING, "xmit nack malloc");
-	retval = ENOMEM;
+	if (!nacked) {
+	    /* no space: just punt */
+	    syslog(LOG_WARNING, "xmit nack malloc");
+	    retval = ENOMEM;
+	}
     }
 
     if (!retval) {
@@ -777,7 +775,6 @@ clt_ack(ZNotice_t *notice,
     ZNotice_t acknotice;
     ZPacket_t ackpack;
     int packlen;
-    char *sent_name;
     Code_t retval;
 
     if (bdumping) {		/* don't ack while dumping */
@@ -791,21 +788,17 @@ clt_ack(ZNotice_t *notice,
     switch (sent) {
       case SENT:
 	acknotice.z_message = ZSRVACK_SENT;
-	sent_name = "sent";
 	break;
       case NOT_FOUND:
 	acknotice.z_message = ZSRVACK_FAIL;
 	acknotice.z_kind = SERVNAK;
-	sent_name = "fail";
 	break;
       case AUTH_FAILED:
 	acknotice.z_kind = SERVNAK;
 	acknotice.z_message = ZSRVACK_NOTSENT;
-	sent_name = "nak/not_sent";
 	break;
       case NOT_SENT:
 	acknotice.z_message = ZSRVACK_NOTSENT;
-	sent_name = "not_sent";
 	break;
       default:
 	abort ();
@@ -892,7 +885,7 @@ hostm_dispatch(ZNotice_t *notice,
 	       Server *server)
 {
     char *opcode = notice->z_opcode;
-    int i, add = 0, remove = 0;
+    int i, add_it = 0, remove_it = 0;
 
     if (notice->z_kind == HMACK) {
 	/* Ignore. */
@@ -908,23 +901,23 @@ hostm_dispatch(ZNotice_t *notice,
 	if (server == me_server) {
 	    server_forward(notice, auth, who);
 	    ack(notice, who);
-	    add = 1;
+	    add_it = 1;
 	}
     } else if (strcmp(opcode, HM_ATTACH) == 0) {
 	if (server == me_server) {
 	    server_forward(notice, auth, who);
 	    ack(notice, who);
-	    add = 1;
+	    add_it = 1;
 	} else {
-	    remove = 1;
+	    remove_it = 1;
 	}
     } else if (strcmp(opcode, HM_DETACH) == 0) {
-	remove = 1;
+	remove_it = 1;
     } else {
 	syslog(LOG_WARNING, "hm_dispatch: unknown opcode %s", opcode);
     }
 
-    if (add) {
+    if (add_it) {
 	for (i = 0; i < num_hosts; i++) {
 	    if (hosts[i].s_addr == who->sin_addr.s_addr)
 		break;
@@ -945,7 +938,7 @@ hostm_dispatch(ZNotice_t *notice,
 	    }
 	    hosts[num_hosts++] = who->sin_addr;
 	}
-    } else if (remove) {
+    } else if (remove_it) {
 	for (i = 0; i < num_hosts; i++) {
 	    if (hosts[i].s_addr == who->sin_addr.s_addr) {
 		memmove(&hosts[i], &hosts[i + 1], num_hosts - (i + 1));
diff --git a/server/kstuff.c b/server/kstuff.c
index 290a1e4..e405734 100644
--- a/server/kstuff.c
+++ b/server/kstuff.c
@@ -45,7 +45,7 @@ GetKerberosData(int fd, /* file descr. to read from */
 {
     char p[20];
     KTEXT_ST ticket;		/* will get Kerberos ticket from client */
-    int i;
+    unsigned int i;
     char instance[INST_SZ];
 
     /*
@@ -105,8 +105,8 @@ SendKerberosData(int fd,	/* file descriptor to write onto */
 {
     int rem;
     char p[32];
-    int written;
-    int size_to_write;
+    size_t written;
+    size_t size_to_write;
 
     rem = krb_mk_req(ticket, service, host, (char *)ZGetRealm(), (u_long) 0);
     if (rem != KSUCCESS)
@@ -115,10 +115,10 @@ SendKerberosData(int fd,	/* file descriptor to write onto */
     (void) sprintf(p,"%d ",ticket->length);
     size_to_write = strlen (p);
     if ((written = write(fd, p, size_to_write)) != size_to_write)
-	return (written < 0) ? errno : ZSRV_PKSHORT;
+	return ((ssize_t)written < 0) ? errno : ZSRV_PKSHORT;
     if ((written = write(fd, ticket->dat, ticket->length))
 	!= ticket->length)
-	return (written < 0) ? errno : ZSRV_PKSHORT;
+	return ((ssize_t)written < 0) ? errno : ZSRV_PKSHORT;
 
     return 0;
 }
@@ -190,7 +190,7 @@ ReadKerberosData(int fd, int *size, char **data, int *proto) {
 Code_t
 GetKrb5Data(int fd, krb5_data *data) {
     char p[20];
-    int i;
+    unsigned int i;
     char *dst;
 
     for (i=0; i<20; i++) {
@@ -229,12 +229,12 @@ GetKrb5Data(int fd, krb5_data *data) {
 Code_t
 SendKrb5Data(int fd, krb5_data *data) {
     char p[32];
-    int written, size_to_write;
-    sprintf(p, "V5-%d ", data->length);
+    size_t written, size_to_write;
+    sprintf(p, "V5-%lu ", (unsigned long)data->length);
     size_to_write = strlen (p);
     if (size_to_write != (written = write(fd, p, size_to_write)) ||
         data->length != (written = write(fd, data->data, data->length))) {
-        return (written < 0) ? errno : ZSRV_PKSHORT;
+        return ((ssize_t)written < 0) ? errno : ZSRV_PKSHORT;
     }
     return 0;
 }
@@ -262,9 +262,9 @@ ZCheckSrvAuthentication(ZNotice_t *notice,
     int valid;
     char *cksum0_base, *cksum1_base = NULL, *cksum2_base;
     char *x;
-    unsigned char *asn1_data, *key_data;
+    unsigned char *asn1_data, *key_data, *cksum_data;
     int asn1_len, key_len, cksum0_len = 0, cksum1_len = 0, cksum2_len = 0;
-    krb5_flags acflags;
+    KRB5_AUTH_CON_FLAGS_TYPE acflags;
 #ifdef KRB5_AUTH_CON_GETAUTHENTICATOR_TAKES_DOUBLE_POINTER
     krb5_authenticator *authenticator;
 #define KRB5AUTHENT authenticator
@@ -511,9 +511,9 @@ ZCheckSrvAuthentication(ZNotice_t *notice,
     /*XXX we may wish to ditch this code someday?*/
     if ((!notice->z_ascii_checksum || *notice->z_ascii_checksum != 'Z') &&
         key_len == 8 &&
-        (enctype == ENCTYPE_DES_CBC_CRC ||
-         enctype == ENCTYPE_DES_CBC_MD4 ||
-         enctype == ENCTYPE_DES_CBC_MD5)) {
+        (enctype == (krb5_enctype)ENCTYPE_DES_CBC_CRC ||
+         enctype == (krb5_enctype)ENCTYPE_DES_CBC_MD4 ||
+         enctype == (krb5_enctype)ENCTYPE_DES_CBC_MD5)) {
       /* try old-format checksum (covers cksum0 only) */
 
       ZChecksum_t our_checksum;
@@ -548,10 +548,11 @@ ZCheckSrvAuthentication(ZNotice_t *notice,
     }
     /* HOLDING: authctx, authenticator, cksumbuf.data */
 
-    memcpy(cksumbuf.data, cksum0_base, cksum0_len);
+    cksum_data = (unsigned char *)cksumbuf.data;
+    memcpy(cksum_data, cksum0_base, cksum0_len);
     if (cksum1_len)
-	memcpy(cksumbuf.data + cksum0_len, cksum1_base, cksum1_len);
-    memcpy(cksumbuf.data + cksum0_len + cksum1_len,
+	memcpy(cksum_data + cksum0_len, cksum1_base, cksum1_len);
+    memcpy(cksum_data + cksum0_len + cksum1_len,
            cksum2_base, cksum2_len);
 
     /* decode zcoded checksum */
@@ -685,10 +686,9 @@ static ZChecksum_t compute_rlm_checksum(ZNotice_t *notice,
 					unsigned char *session_key)
 {
     ZChecksum_t checksum;
-    char *cstart, *cend, *hstart = notice->z_packet;
+    char *cstart, *hstart = notice->z_packet;
 
     cstart = notice->z_default_format + strlen(notice->z_default_format) + 1;
-    cend = cstart + strlen(cstart) + 1;
     checksum = z_quad_cksum((unsigned char *)hstart, NULL,
 			    cstart - hstart, 0, session_key);
 
@@ -734,7 +734,7 @@ ZSetSession(krb5_keyblock *keyblock) {
     }
 
     if (result) /*XXX we're out of memory? */
-	;
+	return;
 }
 #endif
 #ifdef HAVE_KRB4
diff --git a/server/main.c b/server/main.c
index ee4cc18..6cab996 100644
--- a/server/main.c
+++ b/server/main.c
@@ -151,8 +151,6 @@ main(int argc,
     struct sigaction action;
 #endif
     int optchar;			/* option processing */
-    extern char *optarg;
-    extern int optind;
 
     sprintf(list_file, "%s/zephyr/%s", SYSCONFDIR, SERVER_LIST_FILE);
 #ifdef HAVE_KRB4
diff --git a/server/realm.c b/server/realm.c
index aef23c5..858a397 100644
--- a/server/realm.c
+++ b/server/realm.c
@@ -144,7 +144,7 @@ kill_realm_pids(void)
     return;
 }
 
-ZRealmname *
+static ZRealmname *
 get_realm_lists(char *file)
 {
     ZRealmname *rlm_list, *rlm;
@@ -277,18 +277,6 @@ realm_sender_in_realm(const char *realm, char *sender)
     return 0;
 }
 
-int sender_in_realm(ZNotice_t *notice)
-{
-  char *realm;
-
-  realm = strchr(notice->z_sender, '@');
-
-  if (!realm || !strcmp(realm + 1, ZGetRealm()))
-    return 1;
-
-  return 0;
-}
-
 ZRealm *
 realm_which_realm(struct sockaddr_in *who)
 {
@@ -471,11 +459,11 @@ realm_init(void)
     int ii, jj, found;
     struct in_addr *addresses;
     struct hostent *hp;
-    char list_file[128];
+    char realm_list_file[128];
     char rlmprinc[MAX_PRINCIPAL_SIZE];
 
-    sprintf(list_file, "%s/zephyr/%s", SYSCONFDIR, REALM_LIST_FILE);
-    rlmnames = get_realm_lists(list_file);
+    sprintf(realm_list_file, "%s/zephyr/%s", SYSCONFDIR, REALM_LIST_FILE);
+    rlmnames = get_realm_lists(realm_list_file);
     if (!rlmnames) {
 	zdbug((LOG_DEBUG, "No other realms"));
 	nrealms = 0;
@@ -1035,9 +1023,10 @@ rlm_rexmit(void *arg)
     nackpacket->timer =
 	timer_set_rel(rexmit_times[nackpacket->rexmits%NUM_REXMIT_TIMES],
 		      rlm_rexmit, nackpacket);
-    if (rexmit_times[nackpacket->rexmits%NUM_REXMIT_TIMES] == -1)
+    if (rexmit_times[nackpacket->rexmits%NUM_REXMIT_TIMES] == -1) {
 	zdbug((LOG_DEBUG, "rlm_rexmit(%s): would send at -1 to %s",
 	       realm->name, inet_ntoa((realm->addrs[realm->idx]).sin_addr)));
+    }
 
     return;
 }
@@ -1142,7 +1131,7 @@ realm_sendit_auth(ZNotice_t *notice,
      */
 
     if (!retval &&
-	((notice->z_message_len+hdrlen > sizeof(ZPacket_t)) ||
+	((notice->z_message_len+hdrlen > (int)sizeof(ZPacket_t)) ||
 	 (notice->z_message_len+hdrlen > Z_MAXPKTLEN))) {
 
 	/* Reallocate buffers inside the refragmenter */
diff --git a/server/server.c b/server/server.c
index b393f64..40551bc 100644
--- a/server/server.c
+++ b/server/server.c
@@ -446,7 +446,7 @@ server_timo(void *arg)
 	auth = 0;
 	break;
       default:
-	syslog(LOG_ERR,"Bad server state, server 0x%p\n", which);
+	syslog(LOG_ERR,"Bad server state, server 0x%p\n", (void *)which);
 	abort();
     }
     /* now he's either TARDY, STARTING, or DEAD
diff --git a/server/subscr.c b/server/subscr.c
index d276958..b788663 100644
--- a/server/subscr.c
+++ b/server/subscr.c
@@ -20,6 +20,10 @@ static const char rcsid_subscr_c[] = "$Id$";
 #endif
 #endif
 
+#ifndef INADDR_NONE
+#define INADDR_NONE 0xffffffff
+#endif
+
 /*
  * The subscription manager.
  *
@@ -347,7 +351,6 @@ subscr_realm_cancel(struct sockaddr_in *sin,
 		    ZRealm *realm)
 {
     Destlist *cancel_subs, *subs, *client_subs, *next, *next2;
-    Code_t retval;
     int found = 0;
 
     if (!realm)
@@ -366,7 +369,7 @@ subscr_realm_cancel(struct sockaddr_in *sin,
             next2 = client_subs->next;
             if (ZDest_eq(&client_subs->dest, &subs->dest)) {
                 Destlist_delete(client_subs);
-                retval = triplet_deregister(realm->client, &client_subs->dest, realm);
+                triplet_deregister(realm->client, &client_subs->dest, realm);
 		free_subscription(client_subs);
                 found = 1;
                 break;
@@ -1235,19 +1238,24 @@ Code_t subscr_foreign_user(ZNotice_t *notice,
   Client *client;
   ZNotice_t snotice;
   struct sockaddr_in newwho;
-  char *cp, *tp0, *tp1;
+  char *cp, *tp0;
+#ifdef DEBUG
+  char *tp1;
+#endif
   char rlm_recipient[REALM_SZ + 1];
 
   tp0 = cp = notice->z_message;
 
   newwho.sin_addr.s_addr = inet_addr(cp);
-  if (newwho.sin_addr.s_addr == -1) {
+  if (newwho.sin_addr.s_addr == INADDR_NONE) {
     syslog(LOG_ERR, "malformed addr from %s", notice->z_sender);
     return(ZERR_NONE);
   }
 
   I_ADVANCE(0);
+#ifdef DEBUG
   tp1 = cp;
+#endif
 
   snotice = *notice;
 
diff --git a/server/utf8proc.c b/server/utf8proc.c
index 1c02241..40530b9 100644
--- a/server/utf8proc.c
+++ b/server/utf8proc.c
@@ -385,7 +385,7 @@ ssize_t utf8proc_decompose(
       if (decomp_result < 0) return decomp_result;
       wpos += decomp_result;
       // prohibiting integer overflows due to too long strings:
-      if (wpos < 0 || wpos > SSIZE_MAX/sizeof(int32_t)/2)
+      if (wpos < 0 || wpos > (ssize_t)(SSIZE_MAX/sizeof(int32_t)/2))
         return UTF8PROC_ERROR_OVERFLOW;
     }
   }
diff --git a/server/zserver.h b/server/zserver.h
index 874b11a..cb36749 100644
--- a/server/zserver.h
+++ b/server/zserver.h
@@ -64,6 +64,27 @@ typedef struct {
 } Sched;
 #endif
 
+enum _ZRealm_state {
+    REALM_UP,				/* ZRealm is up */
+    REALM_TARDY,			/* ZRealm due for a hello XXX */
+    REALM_DEAD,				/* ZRealm is considered dead */
+    REALM_STARTING			/* ZRealm is between dead and up */
+};
+
+enum _Server_state {
+    SERV_UP,				/* Server is up */
+    SERV_TARDY,				/* Server due for a hello */
+    SERV_DEAD,				/* Server is considered dead */
+    SERV_STARTING			/* Server is between dead and up */
+};
+
+enum _Sent_type {
+    NOT_SENT,				/* message was not xmitted */
+    SENT,				/* message was xmitted */
+    AUTH_FAILED,			/* authentication failed */
+    NOT_FOUND				/* user not found for uloc */
+};
+
 typedef struct _Destination Destination;
 typedef struct _Destlist Destlist;
 typedef struct _ZRealm ZRealm;
@@ -89,13 +110,6 @@ struct _Destlist {
     struct _Destlist	*next, **prev_p;
 };
 
-enum _ZRealm_state {
-    REALM_UP,				/* ZRealm is up */
-    REALM_TARDY,			/* ZRealm due for a hello XXX */
-    REALM_DEAD,				/* ZRealm is considered dead */
-    REALM_STARTING			/* ZRealm is between dead and up */
-};
-
 struct _ZRealm {
     char name[REALM_SZ];
     int count;
@@ -141,13 +155,6 @@ struct _Triplet {
     struct _Triplet	*next, **prev_p;
 };
 
-enum _Server_state {
-    SERV_UP,				/* Server is up */
-    SERV_TARDY,				/* Server due for a hello */
-    SERV_DEAD,				/* Server is considered dead */
-    SERV_STARTING			/* Server is between dead and up */
-};
-
 struct _Unacked {
     Timer		*timer;		/* timer for retransmit */
     Client		*client;	/* responsible client, or NULL */
@@ -188,13 +195,6 @@ struct _Server {
     char		addr_str[16];	/* text version of address */
 };
 
-enum _Sent_type {
-    NOT_SENT,				/* message was not xmitted */
-    SENT,				/* message was xmitted */
-    AUTH_FAILED,			/* authentication failed */
-    NOT_FOUND				/* user not found for uloc */
-};
-
 /* statistics gathering */
 struct _Statistic {
     int			val;
@@ -226,14 +226,14 @@ struct _Statistic {
 	if((elem)->next) (elem)->next->prev_p = (elem)->prev_p;	\
     }
 
-MAKE_LIST_INSERT(Destlist);
-MAKE_LIST_DELETE(Destlist);
-MAKE_LIST_INSERT(Client);
-MAKE_LIST_DELETE(Client);
-MAKE_LIST_INSERT(Triplet);
-MAKE_LIST_DELETE(Triplet);
-MAKE_LIST_INSERT(Unacked);
-MAKE_LIST_DELETE(Unacked);
+MAKE_LIST_INSERT(Destlist)
+MAKE_LIST_DELETE(Destlist)
+MAKE_LIST_INSERT(Client)
+MAKE_LIST_DELETE(Client)
+MAKE_LIST_INSERT(Triplet)
+MAKE_LIST_DELETE(Triplet)
+MAKE_LIST_INSERT(Unacked)
+MAKE_LIST_DELETE(Unacked)
 
 /* found in bdump.c */
 void bdump_get(ZNotice_t *notice, int auth, struct sockaddr_in *who,
@@ -339,6 +339,7 @@ void subscr_reset(void);
 Code_t subscr_def_subs(Client *who);
 Code_t subscr_realm(ZRealm *, ZNotice_t *);
 Code_t subscr_send_realm_subs(ZRealm *);
+Code_t subscr_realm_subs(ZRealm *);
 Code_t subscr_realm_cancel(struct sockaddr_in *, ZNotice_t *, ZRealm *);
 
 /* found in uloc.c */
@@ -411,7 +412,7 @@ extern char subs_file[];
 extern const char version[];
 extern u_long npackets;			/* num of packets processed */
 extern time_t uptime;			/* time we started */
-extern struct in_addr my_addr;
+extern struct in_addr my_addr;		/* my inet address */
 extern struct timeval t_local;		/* current time */
 
 /* found in bdump.c */
@@ -435,7 +436,6 @@ extern String *wildcard_instance;
 extern ZRealm *otherrealms;
 extern int nrealms;
 
-extern struct in_addr my_addr;	/* my inet address */
 
 #define class_is_control(classname) (classname == class_control)
 #define class_is_admin(classname) (classname == class_admin)
diff --git a/server/zstring.c b/server/zstring.c
index 8ae9ade..e7d0820 100644
--- a/server/zstring.c
+++ b/server/zstring.c
@@ -22,7 +22,8 @@ static const char rcsid_zstring_c[] =
 
 static String *zhash[STRING_HASH_TABLE_SIZE];
 
-int valid_utf8_p(const char* s)
+static int
+valid_utf8_p(const char* s)
 {
     ssize_t len;
     int32_t uc;
@@ -38,16 +39,18 @@ int valid_utf8_p(const char* s)
 
 static char *zdowncase(const char* s)
 {
+    unsigned char *new_s_u; /* Avoid strict aliasing violation */
     char *new_s, *p;
 
     if (valid_utf8_p(s)) {
         /* Use utf8proc if we're dealing with UTF-8.
          * Rather than downcase, casefold and normalize to NFKC.
          */
-        utf8proc_map((const unsigned char *)s, 0, (unsigned char **)&new_s,
+        utf8proc_map((const unsigned char *)s, 0, (unsigned char **)&new_s_u,
                      UTF8PROC_NULLTERM   | UTF8PROC_STABLE
                      | UTF8PROC_CASEFOLD | UTF8PROC_COMPAT
                      | UTF8PROC_COMPOSE);
+        new_s = (char *)new_s_u;
     } else {
         /* If not, fall back to old methods. */
         new_s = strsave(s);