From: Tobias Brunner <tobias@strongswan.org>
Date: Tue, 2 May 2023 12:11:44 +0000 (+0200)
Subject: libimcv: Fix build with DEBUG_LEVEL < 3
X-Git-Tag: 5.9.11rc1~12^2~31
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0841280cdde884617f5ef40470057633a44d3a1f;p=thirdparty%2Fstrongswan.git

libimcv: Fix build with DEBUG_LEVEL < 3
---

diff --git a/src/libimcv/generic/generic_attr_bool.c b/src/libimcv/generic/generic_attr_bool.c
index 3469ae8558..d024f98e92 100644
--- a/src/libimcv/generic/generic_attr_bool.c
+++ b/src/libimcv/generic/generic_attr_bool.c
@@ -121,7 +121,7 @@ METHOD(pa_tnc_attr_t, build, void,
 METHOD(pa_tnc_attr_t, process, status_t,
 	private_generic_attr_bool_t *this, uint32_t *offset)
 {
-	enum_name_t *pa_attr_names;
+	enum_name_t *pa_attr_names DBG_UNUSED;
 	bio_reader_t *reader;
 	uint32_t status;
 
diff --git a/src/libimcv/generic/generic_attr_chunk.c b/src/libimcv/generic/generic_attr_chunk.c
index e0c9f91353..699e4173fe 100644
--- a/src/libimcv/generic/generic_attr_chunk.c
+++ b/src/libimcv/generic/generic_attr_chunk.c
@@ -96,7 +96,7 @@ METHOD(pa_tnc_attr_t, build, void,
 METHOD(pa_tnc_attr_t, process, status_t,
 	private_generic_attr_chunk_t *this, uint32_t *offset)
 {
-	enum_name_t *pa_attr_names;
+	enum_name_t *pa_attr_names DBG_UNUSED;
 	*offset = 0;
 
 	if (this->value.len < this->length)
diff --git a/src/libimcv/generic/generic_attr_string.c b/src/libimcv/generic/generic_attr_string.c
index 75d3fc4d5f..c00c4636c3 100644
--- a/src/libimcv/generic/generic_attr_string.c
+++ b/src/libimcv/generic/generic_attr_string.c
@@ -91,7 +91,7 @@ METHOD(pa_tnc_attr_t, build, void,
 METHOD(pa_tnc_attr_t, process, status_t,
 	private_generic_attr_string_t *this, uint32_t *offset)
 {
-	enum_name_t *pa_attr_names;
+	enum_name_t *pa_attr_names DBG_UNUSED;
 	u_char *pos;
 	*offset = 0;
 
diff --git a/src/libimcv/imc/imc_agent.c b/src/libimcv/imc/imc_agent.c
index 0b3428574e..f3aa21f9f4 100644
--- a/src/libimcv/imc/imc_agent.c
+++ b/src/libimcv/imc/imc_agent.c
@@ -346,7 +346,7 @@ METHOD(imc_agent_t, create_state, TNC_Result,
 {
 	TNC_ConnectionID conn_id;
 	char *tnccs_p = NULL, *tnccs_v = NULL, *t_p = NULL, *t_v = NULL;
-	bool has_long = FALSE, has_excl = FALSE, has_soh = FALSE;
+	bool has_long = FALSE, has_excl = FALSE, has_soh DBG_UNUSED = FALSE;
 	uint32_t max_msg_len;
 
 	conn_id = state->get_connection_id(state);
diff --git a/src/libimcv/imc/imc_msg.c b/src/libimcv/imc/imc_msg.c
index 44338d70a8..2abc2cb2cd 100644
--- a/src/libimcv/imc/imc_msg.c
+++ b/src/libimcv/imc/imc_msg.c
@@ -254,7 +254,6 @@ METHOD(imc_msg_t, receive, TNC_Result,
 	enumerator_t *enumerator;
 	pa_tnc_attr_t *attr;
 	pen_type_t attr_type;
-	chunk_t msg;
 	bool first = TRUE;
 
 	if (this->state->has_long(this->state))
@@ -282,8 +281,10 @@ METHOD(imc_msg_t, receive, TNC_Result,
 					   this->agent->get_name(this->agent),
 					   this->connection_id);
 	}
-	msg = this->pa_msg->get_encoding(this->pa_msg);
+#if DEBUG_LEVEL >= 3
+	chunk_t msg = this->pa_msg->get_encoding(this->pa_msg);
 	DBG3(DBG_IMC, "%B", &msg);
+#endif
 
 	switch (this->pa_msg->process(this->pa_msg))
 	{
@@ -522,7 +523,7 @@ METHOD(imc_msg_t, receive, TNC_Result,
 		{
 			ietf_attr_remediation_instr_t *attr_cast;
 			pen_type_t parameters_type;
-			chunk_t parameters, string, lang_code;
+			chunk_t parameters DBG_UNUSED, string DBG_UNUSED, lang_code;
 
 			attr_cast = (ietf_attr_remediation_instr_t*)attr;
 			parameters_type = attr_cast->get_parameters_type(attr_cast);
diff --git a/src/libimcv/imv/imv_agent.c b/src/libimcv/imv/imv_agent.c
index 6631c5d1fc..cf04960900 100644
--- a/src/libimcv/imv/imv_agent.c
+++ b/src/libimcv/imv/imv_agent.c
@@ -413,7 +413,7 @@ METHOD(imv_agent_t, create_state, TNC_Result,
 {
 	TNC_ConnectionID conn_id;
 	char *tnccs_p = NULL, *tnccs_v = NULL, *t_p = NULL, *t_v = NULL;
-	bool has_long = FALSE, has_excl = FALSE, has_soh = FALSE;
+	bool has_long = FALSE, has_excl = FALSE, has_soh DBG_UNUSED = FALSE;
 	linked_list_t *ar_identities;
 	imv_session_t *session;
 	uint32_t max_msg_len;
diff --git a/src/libimcv/imv/imv_msg.c b/src/libimcv/imv/imv_msg.c
index 73ac2008e2..a1de808495 100644
--- a/src/libimcv/imv/imv_msg.c
+++ b/src/libimcv/imv/imv_msg.c
@@ -293,7 +293,6 @@ METHOD(imv_msg_t, receive, TNC_Result,
 	linked_list_t *non_fatal_types;
 	enumerator_t *enumerator;
 	pa_tnc_attr_t *attr;
-	chunk_t msg;
 
 	if (this->state->has_long(this->state))
 	{
@@ -320,8 +319,10 @@ METHOD(imv_msg_t, receive, TNC_Result,
 					   this->agent->get_name(this->agent),
 					   this->connection_id);
 	}
-	msg = this->pa_msg->get_encoding(this->pa_msg);
+#if DEBUG_LEVEL >= 3
+	chunk_t msg = this->pa_msg->get_encoding(this->pa_msg);
 	DBG3(DBG_IMV, "%B", &msg);
+#endif
 
 	switch (this->pa_msg->process(this->pa_msg))
 	{
diff --git a/src/libimcv/imv/imv_session_manager.c b/src/libimcv/imv/imv_session_manager.c
index 9f2ce8df51..4d8216d23e 100644
--- a/src/libimcv/imv/imv_session_manager.c
+++ b/src/libimcv/imv/imv_session_manager.c
@@ -50,7 +50,6 @@ METHOD(imv_session_manager_t, add_session, imv_session_t*,
 	linked_list_t *ar_identities)
 {
 	enumerator_t *enumerator;
-	tncif_identity_t *tnc_id;
 	imv_session_t *current, *session = NULL;
 
 	this->mutex->lock(this->mutex);
@@ -77,6 +76,8 @@ METHOD(imv_session_manager_t, add_session, imv_session_t*,
 	}
 
 	/* Output list of Access Requestor identities */
+#if DEBUG_LEVEL >= 2
+	tncif_identity_t *tnc_id;
 	enumerator = ar_identities->create_enumerator(ar_identities);
 	while (enumerator->enumerate(enumerator, &tnc_id))
 	{
@@ -103,6 +104,7 @@ METHOD(imv_session_manager_t, add_session, imv_session_t*,
 			 TNC_Authentication_names, tcg_auth_type);
 	}
 	enumerator->destroy(enumerator);
+#endif /* DEBUG_LEVEL */
 
 	/* create a new session entry */
 	session = imv_session_create(conn_id, ar_identities);
diff --git a/src/libimcv/pa_tnc/pa_tnc_msg.c b/src/libimcv/pa_tnc/pa_tnc_msg.c
index 963be7c986..9560e6f127 100644
--- a/src/libimcv/pa_tnc/pa_tnc_msg.c
+++ b/src/libimcv/pa_tnc/pa_tnc_msg.c
@@ -277,13 +277,10 @@ METHOD(pa_tnc_msg_t, process_ietf_std_errors, bool,
 		{
 			ietf_attr_pa_tnc_error_t *error_attr;
 			pen_type_t error_code, *non_fatal_type;
-			chunk_t msg_info;
-			uint32_t offset;
 			bool fatal_current_error = TRUE;
 
 			error_attr = (ietf_attr_pa_tnc_error_t*)attr;
 			error_code = error_attr->get_error_code(error_attr);
-			msg_info = error_attr->get_msg_info(error_attr);
 
 			/* skip errors from non-IETF namespaces and non PA-TNC msg errors */
 			if (error_code.vendor_id != PEN_IETF ||
@@ -291,15 +288,17 @@ METHOD(pa_tnc_msg_t, process_ietf_std_errors, bool,
 			{
 				continue;
 			}
+#if DEBUG_LEVEL >= 1
+			chunk_t msg_info = error_attr->get_msg_info(error_attr);
 			DBG1(DBG_TNC, "received PA-TNC error '%N' concerning message "
 				 "0x%08x/0x%08x", pa_tnc_error_code_names, error_code.type,
 				 untoh32(msg_info.ptr), untoh32(msg_info.ptr + 4));
-
+#endif
 			switch (error_code.type)
 			{
 				case PA_ERROR_INVALID_PARAMETER:
-					offset = error_attr->get_offset(error_attr);
-					DBG1(DBG_TNC, "  occurred at offset of %u bytes", offset);
+					DBG1(DBG_TNC, "  occurred at offset of %u bytes",
+						 error_attr->get_offset(error_attr));
 					break;
 				case PA_ERROR_ATTR_TYPE_NOT_SUPPORTED:
 					unsupported_type =
diff --git a/src/libimcv/plugins/imc_attestation/imc_attestation.c b/src/libimcv/plugins/imc_attestation/imc_attestation.c
index 308fa1e67f..abdf27f7fb 100644
--- a/src/libimcv/plugins/imc_attestation/imc_attestation.c
+++ b/src/libimcv/plugins/imc_attestation/imc_attestation.c
@@ -174,19 +174,18 @@ static TNC_Result receive_message(imc_state_t *state, imc_msg_t *in_msg)
 			{
 				ietf_attr_pa_tnc_error_t *error_attr;
 				pen_type_t error_code;
-				chunk_t msg_info;
 
 				error_attr = (ietf_attr_pa_tnc_error_t*)attr;
 				error_code = error_attr->get_error_code(error_attr);
 
 				if (error_code.vendor_id == PEN_TCG)
 				{
-					msg_info = error_attr->get_msg_info(error_attr);
-
+#if DEBUG_LEVEL >= 1
+					chunk_t msg_info = error_attr->get_msg_info(error_attr);
 					DBG1(DBG_IMC, "received TCG-PTS error '%N'",
 						 pts_error_code_names, error_code.type);
 					DBG1(DBG_IMC, "error information: %B", &msg_info);
-
+#endif /* DEBUG_LEVEL */
 					result = TNC_RESULT_FATAL;
 				}
 			}
diff --git a/src/libimcv/plugins/imc_swima/imc_swima.c b/src/libimcv/plugins/imc_swima/imc_swima.c
index 0cd407833c..3c9b336d08 100644
--- a/src/libimcv/plugins/imc_swima/imc_swima.c
+++ b/src/libimcv/plugins/imc_swima/imc_swima.c
@@ -229,7 +229,7 @@ static void fulfill_request(imc_state_t *state, imc_msg_t *msg,
 	size_t msg_len = 64;
 	char error_msg[msg_len], *id_str;
 	bool collect_inventory = TRUE;
-	int items;
+	int items DBG_UNUSED;
 
 	collector = swima_collector_create();
 	id_str = sw_id_only ? " ID" : "";
diff --git a/src/libimcv/plugins/imc_test/imc_test.c b/src/libimcv/plugins/imc_test/imc_test.c
index 4bd1d1c5be..e50d4e83dd 100644
--- a/src/libimcv/plugins/imc_test/imc_test.c
+++ b/src/libimcv/plugins/imc_test/imc_test.c
@@ -293,19 +293,19 @@ static TNC_Result receive_message(imc_state_t *state, imc_msg_t *in_msg)
 		}
 		if (attr_type.type == ITA_ATTR_COMMAND)
 		{
-			ita_attr_command_t *ita_attr;
-
-			ita_attr = (ita_attr_command_t*)attr;
+#if DEBUG_LEVEL >= 1
+			ita_attr_command_t *ita_attr = (ita_attr_command_t*)attr;
 			DBG1(DBG_IMC, "received command '%s'",
 				 ita_attr->get_command(ita_attr));
+#endif
 		}
 		else if (attr_type.type == ITA_ATTR_DUMMY)
 		{
-			ita_attr_dummy_t *ita_attr;
-
-			ita_attr = (ita_attr_dummy_t*)attr;
+#if DEBUG_LEVEL >= 1
+			ita_attr_dummy_t *ita_attr = (ita_attr_dummy_t*)attr;
 			DBG1(DBG_IMC, "received dummy attribute value (%d bytes)",
 				 ita_attr->get_size(ita_attr));
+#endif
 		}
 	}
 	enumerator->destroy(enumerator);
diff --git a/src/libimcv/plugins/imv_attestation/imv_attestation_agent.c b/src/libimcv/plugins/imv_attestation/imv_attestation_agent.c
index 5d0444f44f..2e92b83794 100644
--- a/src/libimcv/plugins/imv_attestation/imv_attestation_agent.c
+++ b/src/libimcv/plugins/imv_attestation/imv_attestation_agent.c
@@ -206,19 +206,18 @@ static TNC_Result receive_msg(private_imv_attestation_agent_t *this,
 				{
 					ietf_attr_pa_tnc_error_t *error_attr;
 					pen_type_t error_code;
-					chunk_t msg_info;
 
 					error_attr = (ietf_attr_pa_tnc_error_t*)attr;
 					error_code = error_attr->get_error_code(error_attr);
 
 					if (error_code.vendor_id == PEN_TCG)
 					{
-						msg_info = error_attr->get_msg_info(error_attr);
-
+#if DEBUG_LEVEL >= 1
+						chunk_t msg_info = error_attr->get_msg_info(error_attr);
 						DBG1(DBG_IMV, "received TCG-PTS error '%N'",
 							 pts_error_code_names, error_code.type);
 						DBG1(DBG_IMV, "error information: %B", &msg_info);
-
+#endif /* DEBUG_LEVEL */
 						/* TPM 2.0 doesn't return TPM Version Information */
 						if (error_code.type != TCG_PTS_TPM_VERS_NOT_SUPPORTED)
 						{
diff --git a/src/libimcv/plugins/imv_attestation/imv_attestation_process.c b/src/libimcv/plugins/imv_attestation/imv_attestation_process.c
index 6c15aa3e8e..cfef7de91e 100644
--- a/src/libimcv/plugins/imv_attestation/imv_attestation_process.c
+++ b/src/libimcv/plugins/imv_attestation/imv_attestation_process.c
@@ -228,7 +228,7 @@ bool imv_attestation_process(pa_tnc_attr_t *attr, imv_msg_t *out_msg,
 			TNC_IMV_Action_Recommendation rec;
 			tcg_pts_attr_file_meas_t *attr_cast;
 			uint16_t request_id;
-			int arg_int, file_count;
+			int arg_int, file_count DBG_UNUSED;
 			pts_meas_algorithms_t algo;
 			pts_file_meas_t *measurements;
 			imv_workitem_t *workitem, *found = NULL;
@@ -364,6 +364,7 @@ bool imv_attestation_process(pa_tnc_attr_t *attr, imv_msg_t *out_msg,
 		}
 		case TCG_PTS_UNIX_FILE_META:
 		{
+#if DEBUG_LEVEL >= 1
 			tcg_pts_attr_file_meta_t *attr_cast;
 			int file_count;
 			pts_file_meta_t *metadata;
@@ -395,6 +396,7 @@ bool imv_attestation_process(pa_tnc_attr_t *attr, imv_msg_t *out_msg,
 					 &created, utc, &modified, utc, &accessed, utc);
 			}
 			e->destroy(e);
+#endif /* DEBUG_LEVEL */
 			break;
 		}
 		case TCG_PTS_SIMPLE_COMP_EVID:
diff --git a/src/libimcv/plugins/imv_hcd/imv_hcd_agent.c b/src/libimcv/plugins/imv_hcd/imv_hcd_agent.c
index 1f6035d1ef..612c5e53bc 100644
--- a/src/libimcv/plugins/imv_hcd/imv_hcd_agent.c
+++ b/src/libimcv/plugins/imv_hcd/imv_hcd_agent.c
@@ -175,7 +175,7 @@ static TNC_Result receive_msg(private_imv_hcd_agent_t *this, imv_state_t *state,
 	imv_msg_t *out_msg;
 	imv_hcd_state_t *hcd_state;
 	pa_tnc_attr_t *attr;
-	enum_name_t *pa_subtype_names;
+	enum_name_t *pa_subtype_names DBG_UNUSED;
 	pen_type_t type, msg_type;
 	TNC_Result result;
 	bool fatal_error = FALSE, assessment = FALSE;
@@ -220,6 +220,7 @@ static TNC_Result receive_msg(private_imv_hcd_agent_t *this, imv_state_t *state,
 			{
 				case IETF_ATTR_FORWARDING_ENABLED:
 				{
+#if DEBUG_LEVEL >= 2
 					ietf_attr_fwd_enabled_t *attr_cast;
 					os_fwd_status_t fwd_status;
 
@@ -227,12 +228,14 @@ static TNC_Result receive_msg(private_imv_hcd_agent_t *this, imv_state_t *state,
 					fwd_status = attr_cast->get_status(attr_cast);
 					DBG2(DBG_IMV, "  %N: %N", ietf_attr_names, type.type,
 								   os_fwd_status_names, fwd_status);
+#endif /* DEBUG_LEVEL */
 					state->set_action_flags(state,
 											IMV_HCD_ATTR_FORWARDING_ENABLED);
 					break;
 				}
 				case IETF_ATTR_FACTORY_DEFAULT_PWD_ENABLED:
 				{
+#if DEBUG_LEVEL >= 2
 					generic_attr_bool_t *attr_cast;
 					bool status;
 
@@ -240,6 +243,7 @@ static TNC_Result receive_msg(private_imv_hcd_agent_t *this, imv_state_t *state,
 					status = attr_cast->get_status(attr_cast);
 					DBG2(DBG_IMV, "  %N: %s", ietf_attr_names, type.type,
 								   status ? "yes" : "no");
+#endif /* DEBUG_LEVEL */
 					state->set_action_flags(state,
 											IMV_HCD_ATTR_DEFAULT_PWD_ENABLED);
 					break;
@@ -265,49 +269,47 @@ static TNC_Result receive_msg(private_imv_hcd_agent_t *this, imv_state_t *state,
 				case PWG_HCD_USER_APP_NAME:
 				case PWG_HCD_USER_APP_STRING_VERSION:
 				{
-					chunk_t value;
-
-					value = attr->get_value(attr);
+#if DEBUG_LEVEL >= 2
+					chunk_t value = attr->get_value(attr);
 					DBG2(DBG_IMV, "  %N: %.*s", pwg_attr_names, type.type,
-								  value.len, value.ptr);
+								  (int)value.len, value.ptr);
+#endif /* DEBUG_LEVEL */
 					break;
 				}
 				case PWG_HCD_FIRMWARE_PATCHES:
 				case PWG_HCD_RESIDENT_APP_PATCHES:
 				case PWG_HCD_USER_APP_PATCHES:
 				{
-					chunk_t value;
-					size_t len;
-
-					value = attr->get_value(attr);
-					len = value.len;
+#if DEBUG_LEVEL >= 2
+					chunk_t value = attr->get_value(attr);
 
 					/* remove any trailing LF from patches string */
-					if (len && (value.ptr[len - 1] == '\n'))
+					if (value.len && (value.ptr[value.len - 1] == '\n'))
 					{
-						len--;
+						value.len--;
 					}
 					DBG2(DBG_IMV, "  %N:%s%.*s", pwg_attr_names, type.type,
-								  len ? "\n" : " ", len, value.ptr);
+						 value.len ? "\n" : " ", (int)value.len, value.ptr);
+#endif /* DEBUG_LEVEL */
 					break;
 				}
 				case PWG_HCD_FIRMWARE_VERSION:
 				case PWG_HCD_RESIDENT_APP_VERSION:
 				case PWG_HCD_USER_APP_VERSION:
 				{
-					chunk_t value;
-
-					value = attr->get_value(attr);
+#if DEBUG_LEVEL >= 2
+					chunk_t value = attr->get_value(attr);
 					DBG2(DBG_IMV, "  %N: %#B", pwg_attr_names, type.type, &value);
+#endif /* DEBUG_LEVEL */
 					break;
 				}
 				case PWG_HCD_CERTIFICATION_STATE:
 				case PWG_HCD_CONFIGURATION_STATE:
 				{
-					chunk_t value;
-
-					value = attr->get_value(attr);
+#if DEBUG_LEVEL >= 2
+					chunk_t value = attr->get_value(attr);
 					DBG2(DBG_IMV, "  %N: %B", pwg_attr_names, type.type, &value);
+#endif /* DEBUG_LEVEL */
 					break;
 				}
 				case PWG_HCD_DEFAULT_PWD_ENABLED:
@@ -332,6 +334,7 @@ static TNC_Result receive_msg(private_imv_hcd_agent_t *this, imv_state_t *state,
 				}
 				case PWG_HCD_FORWARDING_ENABLED:
 				{
+#if DEBUG_LEVEL >= 2
 					ietf_attr_fwd_enabled_t *attr_cast;
 					os_fwd_status_t fwd_status;
 
@@ -339,11 +342,13 @@ static TNC_Result receive_msg(private_imv_hcd_agent_t *this, imv_state_t *state,
 					fwd_status = attr_cast->get_status(attr_cast);
 					DBG2(DBG_IMV, "  %N: %N", pwg_attr_names, type.type,
 								  os_fwd_status_names, fwd_status);
+#endif /* DEBUG_LEVEL */
 					break;
 				}
 
 				case PWG_HCD_VENDOR_SMI_CODE:
 				{
+#if DEBUG_LEVEL >= 2
 					pwg_attr_vendor_smi_code_t *attr_cast;
 					uint32_t smi_code;
 
@@ -351,6 +356,7 @@ static TNC_Result receive_msg(private_imv_hcd_agent_t *this, imv_state_t *state,
 					smi_code = attr_cast->get_vendor_smi_code(attr_cast);
 					DBG2(DBG_IMV, "  %N: 0x%06x (%u)", pwg_attr_names, type.type,
 								  smi_code, smi_code);
+#endif /* DEBUG_LEVEL */
 					break;
 				}
 				default:
@@ -590,7 +596,7 @@ METHOD(imv_agent_if_t, solicit_recommendation, TNC_Result,
 	imv_state_t *state;
 	imv_hcd_state_t* hcd_state;
 	imv_hcd_handshake_state_t handshake_state;
-	enum_name_t *pa_subtype_names;
+	enum_name_t *pa_subtype_names DBG_UNUSED;
 	bool missing = FALSE;
 	uint32_t received;
 	int i;
diff --git a/src/libimcv/plugins/imv_os/imv_os_agent.c b/src/libimcv/plugins/imv_os/imv_os_agent.c
index 0ddda2792d..4138632048 100644
--- a/src/libimcv/plugins/imv_os/imv_os_agent.c
+++ b/src/libimcv/plugins/imv_os/imv_os_agent.c
@@ -250,20 +250,17 @@ static TNC_Result receive_msg(private_imv_os_agent_t *this, imv_state_t *state,
 				}
 				case IETF_ATTR_OPERATIONAL_STATUS:
 				{
-					ietf_attr_op_status_t *attr_cast;
-					op_status_t op_status;
-					op_result_t op_result;
-					time_t last_boot;
-
 					state->set_action_flags(state,
 											IMV_OS_ATTR_OPERATIONAL_STATUS);
-					attr_cast = (ietf_attr_op_status_t*)attr;
-					op_status = attr_cast->get_status(attr_cast);
-					op_result = attr_cast->get_result(attr_cast);
-					last_boot = attr_cast->get_last_use(attr_cast);
+#if DEBUG_LEVEL >= 1
+					ietf_attr_op_status_t *attr_cast = (ietf_attr_op_status_t*)attr;
+					op_status_t op_status = attr_cast->get_status(attr_cast);
+					op_result_t op_result = attr_cast->get_result(attr_cast);
+					time_t last_boot = attr_cast->get_last_use(attr_cast);
 					DBG1(DBG_IMV, "operational status: %N, result: %N",
 						 op_status_names, op_status, op_result_names, op_result);
 					DBG1(DBG_IMV, "last boot: %T", &last_boot, TRUE);
+#endif /* DEBUG_LEVEL */
 					break;
 				}
 				case IETF_ATTR_FORWARDING_ENABLED:
diff --git a/src/libimcv/plugins/imv_swima/imv_swima_agent.c b/src/libimcv/plugins/imv_swima/imv_swima_agent.c
index a6e6dd1263..3bb8aca4ae 100644
--- a/src/libimcv/plugins/imv_swima/imv_swima_agent.c
+++ b/src/libimcv/plugins/imv_swima/imv_swima_agent.c
@@ -134,7 +134,7 @@ static TNC_Result receive_msg(private_imv_swima_agent_t *this,
 	enumerator = in_msg->create_attribute_enumerator(in_msg);
 	while (enumerator->enumerate(enumerator, &attr))
 	{
-		uint32_t request_id = 0, last_eid, eid_epoch;
+		uint32_t request_id = 0, last_eid DBG_UNUSED, eid_epoch;
 		swima_inventory_t *inventory;
 		swima_events_t *events;
 		pen_type_t type;
diff --git a/src/libimcv/plugins/imv_swima/imv_swima_state.c b/src/libimcv/plugins/imv_swima/imv_swima_state.c
index c6116706bb..9695e46a24 100644
--- a/src/libimcv/plugins/imv_swima/imv_swima_state.c
+++ b/src/libimcv/plugins/imv_swima/imv_swima_state.c
@@ -312,7 +312,7 @@ METHOD(imv_swima_state_t, set_inventory, void,
     private_imv_swima_state_t *this, swima_inventory_t *inventory)
 {
 	chunk_t sw_id, sw_locator;
-	uint32_t record_id;
+	uint32_t record_id DBG_UNUSED;
 	char *sw_id_str;
 	json_object *jstring;
 	swima_record_t *sw_record;
diff --git a/src/libimcv/plugins/imv_test/imv_test_agent.c b/src/libimcv/plugins/imv_test/imv_test_agent.c
index 1fe6cab374..27f111e800 100644
--- a/src/libimcv/plugins/imv_test/imv_test_agent.c
+++ b/src/libimcv/plugins/imv_test/imv_test_agent.c
@@ -163,11 +163,11 @@ static TNC_Result receive_msg(private_imv_test_agent_t *this, imv_state_t *state
 		}
 		else if (attr_type.type == ITA_ATTR_DUMMY)
 		{
-			ita_attr_dummy_t *ita_attr;
-
-			ita_attr = (ita_attr_dummy_t*)attr;
+#if DEBUG_LEVEL >= 1
+			ita_attr_dummy_t *ita_attr = (ita_attr_dummy_t*)attr;
 			DBG1(DBG_IMV, "received dummy attribute value (%d bytes)",
 						   ita_attr->get_size(ita_attr));
+#endif
 		}
 	}
 	enumerator->destroy(enumerator);
diff --git a/src/libimcv/pts/components/ita/ita_comp_ima.c b/src/libimcv/pts/components/ita/ita_comp_ima.c
index 08d91c4322..9031cda538 100644
--- a/src/libimcv/pts/components/ita/ita_comp_ima.c
+++ b/src/libimcv/pts/components/ita/ita_comp_ima.c
@@ -964,7 +964,7 @@ METHOD(pts_component_t, get_ref, pts_component_t*,
 METHOD(pts_component_t, destroy, void,
 	pts_ita_comp_ima_t *this)
 {
-	int count;
+	int count DBG_UNUSED;
 
 	if (ref_put(&this->ref))
 	{
diff --git a/src/libimcv/pts/components/ita/ita_comp_tboot.c b/src/libimcv/pts/components/ita/ita_comp_tboot.c
index 3849ff2a6a..f40189d2e7 100644
--- a/src/libimcv/pts/components/ita/ita_comp_tboot.c
+++ b/src/libimcv/pts/components/ita/ita_comp_tboot.c
@@ -192,8 +192,8 @@ METHOD(pts_component_t, verify, status_t,
 	pts_comp_evidence_t *evidence)
 {
 	bool has_pcr_info;
-	uint32_t extended_pcr, vid, name;
-	enum_name_t *names;
+	uint32_t extended_pcr, vid, name DBG_UNUSED;
+	enum_name_t *names DBG_UNUSED;
 	pts_meas_algorithms_t algo;
 	pts_pcr_transform_t transform;
 	pts_pcr_t *pcrs;
@@ -312,9 +312,9 @@ METHOD(pts_component_t, get_ref, pts_component_t*,
 METHOD(pts_component_t, destroy, void,
 	   pts_ita_comp_tboot_t *this)
 {
-	int count;
-	uint32_t vid, name;
-	enum_name_t *names;
+	int count DBG_UNUSED;
+	uint32_t vid, name DBG_UNUSED;
+	enum_name_t *names DBG_UNUSED;
 
 	if (ref_put(&this->ref))
 	{
diff --git a/src/libimcv/pts/components/pts_comp_func_name.c b/src/libimcv/pts/components/pts_comp_func_name.c
index 00bd0af175..f66e0eada4 100644
--- a/src/libimcv/pts/components/pts_comp_func_name.c
+++ b/src/libimcv/pts/components/pts_comp_func_name.c
@@ -107,7 +107,7 @@ METHOD(pts_comp_func_name_t, log_, void,
 {
 	enum_name_t *names, *types;
 	char flags[8];
-	int type;
+	int type DBG_UNUSED;
 
 	names = imcv_pts_components->get_comp_func_names(imcv_pts_components,
 											this->vid);
diff --git a/src/libimcv/pts/pts.c b/src/libimcv/pts/pts.c
index 742e45b5a9..104f885651 100644
--- a/src/libimcv/pts/pts.c
+++ b/src/libimcv/pts/pts.c
@@ -798,7 +798,6 @@ METHOD(pts_t, quote, bool,
 	private_pts_t *this, tpm_quote_mode_t *quote_mode,
 	tpm_tss_quote_info_t **quote_info, chunk_t *quote_sig)
 {
-	chunk_t pcr_value, pcr_computed;
 	hash_algorithm_t hash_alg;
 	uint32_t pcr, pcr_sel = 0;
 	enumerator_t *enumerator;
@@ -810,14 +809,16 @@ METHOD(pts_t, quote, bool,
 	enumerator = this->pcrs->create_enumerator(this->pcrs);
 	while (enumerator->enumerate(enumerator, &pcr))
 	{
+#if DEBUG_LEVEL >= 2
+		chunk_t pcr_value;
 		if (this->tpm->read_pcr(this->tpm, pcr, &pcr_value, hash_alg))
 		{
-			pcr_computed = this->pcrs->get(this->pcrs, pcr);
+			chunk_t pcr_computed = this->pcrs->get(this->pcrs, pcr);
 			DBG2(DBG_PTS, "PCR %2d %#B  %s", pcr, &pcr_value,
 				 chunk_equals(pcr_value, pcr_computed) ? "ok" : "differs");
 			chunk_free(&pcr_value);
-		};
-
+		}
+#endif
 		/* add PCR to selection list */
 		pcr_sel |= (1 << pcr);
 	}
diff --git a/src/libimcv/pts/pts_dh_group.c b/src/libimcv/pts/pts_dh_group.c
index 91b5f2bfe4..9b0d5ced76 100644
--- a/src/libimcv/pts/pts_dh_group.c
+++ b/src/libimcv/pts/pts_dh_group.c
@@ -26,43 +26,40 @@ bool pts_dh_group_probe(pts_dh_group_t *dh_groups, bool mandatory_dh_groups)
 	enumerator_t *enumerator;
 	key_exchange_method_t dh_group;
 	const char *plugin_name;
-	char format1[] = "  %s PTS DH group %N[%s] available";
-	char format2[] = "  %s PTS DH group %N not available";
 
 	*dh_groups = PTS_DH_GROUP_NONE;
 
 	enumerator = lib->crypto->create_ke_enumerator(lib->crypto);
 	while (enumerator->enumerate(enumerator, &dh_group, &plugin_name))
 	{
-		if (dh_group == MODP_1024_BIT)
-		{
-			*dh_groups |= PTS_DH_GROUP_IKE2;
-			DBG2(DBG_PTS, format1, "optional ", key_exchange_method_names,
-									dh_group, plugin_name);
-		}
-		else if (dh_group == MODP_1536_BIT)
-		{
-			*dh_groups |= PTS_DH_GROUP_IKE5;
-			DBG2(DBG_PTS, format1, "optional ", key_exchange_method_names,
-									dh_group, plugin_name);
-		}
-		else if (dh_group == MODP_2048_BIT)
-		{
-			*dh_groups |= PTS_DH_GROUP_IKE14;
-			DBG2(DBG_PTS, format1, "optional ", key_exchange_method_names,
-									dh_group, plugin_name);
-		}
-		else if (dh_group == ECP_256_BIT)
+		pts_dh_group_t mapped = PTS_DH_GROUP_NONE;
+
+		switch (dh_group)
 		{
-			*dh_groups |= PTS_DH_GROUP_IKE19;
-			DBG2(DBG_PTS, format1, "mandatory", key_exchange_method_names,
-									dh_group, plugin_name);
+			case MODP_1024_BIT:
+				mapped = PTS_DH_GROUP_IKE2;
+				break;
+			case MODP_1536_BIT:
+				mapped = PTS_DH_GROUP_IKE5;
+				break;
+			case MODP_2048_BIT:
+				mapped = PTS_DH_GROUP_IKE14;
+				break;
+			case ECP_256_BIT:
+				mapped = PTS_DH_GROUP_IKE19;
+				break;
+			case ECP_384_BIT:
+				mapped = PTS_DH_GROUP_IKE20;
+				break;
+			default:
+				break;
 		}
-		else if (dh_group == ECP_384_BIT)
+		if (mapped != PTS_DH_GROUP_NONE)
 		{
-			*dh_groups |= PTS_DH_GROUP_IKE20;
-			DBG2(DBG_PTS, format1, "optional ", key_exchange_method_names,
-									dh_group, plugin_name);
+			*dh_groups |= mapped;
+			DBG2(DBG_PTS, "  %s PTS DH group %N[%s] available",
+				 mapped == PTS_DH_GROUP_IKE19 ? "mandatory" : "optional ",
+				 key_exchange_method_names, dh_group, plugin_name);
 		}
 	}
 	enumerator->destroy(enumerator);
@@ -79,8 +76,8 @@ bool pts_dh_group_probe(pts_dh_group_t *dh_groups, bool mandatory_dh_groups)
 	}
 	if (mandatory_dh_groups)
 	{
-		DBG1(DBG_PTS, format2, "mandatory", key_exchange_method_names,
-											ECP_256_BIT);
+		DBG1(DBG_PTS, "  mandatory PTS DH group %N[%s] available",
+			 key_exchange_method_names, ECP_256_BIT);
 		return FALSE;
 	}
 
diff --git a/src/libimcv/pts/pts_ima_bios_list.c b/src/libimcv/pts/pts_ima_bios_list.c
index 47856efa1f..a732300c74 100644
--- a/src/libimcv/pts/pts_ima_bios_list.c
+++ b/src/libimcv/pts/pts_ima_bios_list.c
@@ -201,11 +201,10 @@ pts_ima_bios_list_t* pts_ima_bios_list_create(tpm_tss_t *tpm, char *file,
 											  pts_meas_algorithms_t algo)
 {
 	private_pts_ima_bios_list_t *this;
-	uint32_t pcr, ev_type, event_type, event_len, seek_len, count = 1;
+	uint32_t pcr, event_type, event_len, seek_len, count = 1;
 	uint32_t buf_len = 8192;
 	uint8_t event_buf[buf_len];
 	hash_algorithm_t hash_alg;
-	chunk_t event;
 	bios_entry_t *entry;
 	struct stat st;
 	ssize_t res;
@@ -276,10 +275,12 @@ pts_ima_bios_list_t* pts_ima_bios_list_create(tpm_tss_t *tpm, char *file,
 		{
 			break;
 		}
-		ev_type = (event_type < EV_EFI_EVENT_BASE) ?
-				   event_type : event_type - EV_EFI_OFFSET;
+#if DEBUG_LEVEL >= 2
+		uint32_t ev_type = (event_type < EV_EFI_EVENT_BASE) ?
+							event_type : event_type - EV_EFI_OFFSET;
 		DBG2(DBG_PTS, "%3u %2u  %N  (%u bytes)", count, pcr, event_type_names,
-												 ev_type,  event_len);
+			 ev_type, event_len);
+#endif
 		seek_len = (event_len > buf_len) ? event_len - buf_len : 0;
 		event_len -= seek_len;
 
@@ -310,8 +311,7 @@ pts_ima_bios_list_t* pts_ima_bios_list_create(tpm_tss_t *tpm, char *file,
 			default:
 				break;
 		}
-		event = chunk_create(event_buf, event_len);
-		DBG3(DBG_PTS,"%B", &event);
+		DBG3(DBG_PTS, "%b", event_buf, event_len);
 
 		if (seek_len > 0 && lseek(fd, seek_len, SEEK_CUR) == -1)
 		{
diff --git a/src/libimcv/pts/pts_ima_event_list.c b/src/libimcv/pts/pts_ima_event_list.c
index 1b4edccd5b..031729a274 100644
--- a/src/libimcv/pts/pts_ima_event_list.c
+++ b/src/libimcv/pts/pts_ima_event_list.c
@@ -139,7 +139,7 @@ pts_ima_event_list_t* pts_ima_event_list_create(char *file,
 	size_t hash_size;
 	char type[IMA_TYPE_LEN_MAX];
 	char algo_digest[IMA_ALGO_DIGEST_LEN_MAX];
-	char *pos, *error = "";
+	char *pos, *error DBG_UNUSED = "";
 	struct stat st;
 	ssize_t res;
 	bool ima_ng;
diff --git a/src/libimcv/pts/pts_meas_algo.c b/src/libimcv/pts/pts_meas_algo.c
index 0d303aa4a9..9fb2555fe9 100644
--- a/src/libimcv/pts/pts_meas_algo.c
+++ b/src/libimcv/pts/pts_meas_algo.c
@@ -34,6 +34,8 @@ ENUM_NEXT(pts_meas_algorithm_names,	PTS_MEAS_ALGO_SHA1, PTS_MEAS_ALGO_SHA1,
 	"SHA1");
 ENUM_END(pts_meas_algorithm_names,  PTS_MEAS_ALGO_SHA1);
 
+#define ALG_UNAVAIL "  %s PTS measurement algorithm %N not available"
+
 /**
  * Described in header.
  */
@@ -42,48 +44,51 @@ bool pts_meas_algo_probe(pts_meas_algorithms_t *algorithms)
 	enumerator_t *enumerator;
 	hash_algorithm_t hash_alg;
 	const char *plugin_name;
-	char format1[] = "  %s PTS measurement algorithm %N[%s] available";
-	char format2[] = "  %s PTS measurement algorithm %N not available";
 
 	*algorithms = 0;
 
 	enumerator = lib->crypto->create_hasher_enumerator(lib->crypto);
 	while (enumerator->enumerate(enumerator, &hash_alg, &plugin_name))
 	{
-		if (hash_alg == HASH_SHA1)
-		{
-			*algorithms |= PTS_MEAS_ALGO_SHA1;
-			DBG2(DBG_PTS, format1, "mandatory", hash_algorithm_names, hash_alg,
-								  plugin_name);
-		}
-		else if (hash_alg == HASH_SHA256)
-		{
-			*algorithms |= PTS_MEAS_ALGO_SHA256;
-			DBG2(DBG_PTS, format1, "mandatory", hash_algorithm_names, hash_alg,
-								  plugin_name);
-		}
-		else if (hash_alg == HASH_SHA384)
+		pts_meas_algorithms_t mapped = 0;
+		bool mandatory DBG_UNUSED = FALSE;
+
+		switch (hash_alg)
 		{
-			*algorithms |= PTS_MEAS_ALGO_SHA384;
-			DBG2(DBG_PTS, format1, "optional ", hash_algorithm_names, hash_alg,
-								  plugin_name);
+			case HASH_SHA1:
+				mapped = PTS_MEAS_ALGO_SHA1;
+				mandatory = TRUE;
+				break;
+			case HASH_SHA256:
+				mapped = PTS_MEAS_ALGO_SHA256;
+				mandatory = TRUE;
+				break;
+			case HASH_SHA384:
+				mapped = PTS_MEAS_ALGO_SHA384;
+				break;
+			case HASH_SHA512:
+				mapped = PTS_MEAS_ALGO_SHA512;
+				break;
+			default:
+				break;
 		}
-		else if (hash_alg == HASH_SHA512)
+		if (mapped)
 		{
-			*algorithms |= PTS_MEAS_ALGO_SHA512;
-			DBG2(DBG_PTS, format1, "optional ", hash_algorithm_names, hash_alg,
-								  plugin_name);
+			*algorithms |= mapped;
+			DBG2(DBG_PTS, "  %s PTS measurement algorithm %N[%s] available",
+				 mandatory ? "mandatory" : "optional ", hash_algorithm_names,
+				 hash_alg, plugin_name);
 		}
 	}
 	enumerator->destroy(enumerator);
 
 	if (!(*algorithms & PTS_MEAS_ALGO_SHA512))
 	{
-		DBG1(DBG_PTS, format2, "optional ", hash_algorithm_names, HASH_SHA512);
+		DBG1(DBG_PTS, ALG_UNAVAIL, "optional ", hash_algorithm_names, HASH_SHA512);
 	}
 	if (!(*algorithms & PTS_MEAS_ALGO_SHA384))
 	{
-		DBG1(DBG_PTS, format2, "optional ", hash_algorithm_names, HASH_SHA384);
+		DBG1(DBG_PTS, ALG_UNAVAIL, "optional ", hash_algorithm_names, HASH_SHA384);
 	}
 	if ((*algorithms & PTS_MEAS_ALGO_SHA1) &&
 		(*algorithms & PTS_MEAS_ALGO_SHA256))
@@ -92,11 +97,11 @@ bool pts_meas_algo_probe(pts_meas_algorithms_t *algorithms)
 	}
 	if (!(*algorithms & PTS_MEAS_ALGO_SHA256))
 	{
-		DBG1(DBG_PTS, format2, "mandatory", hash_algorithm_names, HASH_SHA256);
+		DBG1(DBG_PTS, ALG_UNAVAIL, "mandatory", hash_algorithm_names, HASH_SHA256);
 	}
 	if (!(*algorithms & PTS_MEAS_ALGO_SHA1))
 	{
-		DBG1(DBG_PTS, format2, "mandatory", hash_algorithm_names, HASH_SHA1);
+		DBG1(DBG_PTS, ALG_UNAVAIL, "mandatory", hash_algorithm_names, HASH_SHA1);
 	}
 	return FALSE;
 }
diff --git a/src/libimcv/suites/test_imcv_swima.c b/src/libimcv/suites/test_imcv_swima.c
index 80bb58382f..175d0cc355 100644
--- a/src/libimcv/suites/test_imcv_swima.c
+++ b/src/libimcv/suites/test_imcv_swima.c
@@ -1000,9 +1000,9 @@ START_TEST(test_imcv_swima_sw_collector)
 	swima_events_t *events;
 	swima_record_t *sw_record;
 	swima_event_t *sw_event;
-	chunk_t sw_id, sw_locator, swid_tag;
+	chunk_t sw_id DBG_UNUSED, sw_locator, swid_tag DBG_UNUSED;
 	enumerator_t *enumerator;
-	uint8_t source_id;
+	uint8_t source_id DBG_UNUSED;
 	int item = 0, items;
 
 	targets = swima_inventory_create();