svn rev #23836: trunk/src/plugins/preauth/encrypted_challenge/

ghudson@MIT.EDU ghudson at MIT.EDU
Wed Mar 24 23:08:12 EDT 2010 

http://src.mit.edu/fisheye/changelog/krb5/?cs=23836
Commit By: ghudson
Log Message:
Straighten the if-ladder in encrypted challenge's process_preauth,
making it clearer that control drops through if one of the first
couple of steps fails.



Changed Files:
U   trunk/src/plugins/preauth/encrypted_challenge/encrypted_challenge_main.c
Modified: trunk/src/plugins/preauth/encrypted_challenge/encrypted_challenge_main.c
===================================================================
--- trunk/src/plugins/preauth/encrypted_challenge/encrypted_challenge_main.c	2010-03-23 22:31:00 UTC (rev 23835)
+++ trunk/src/plugins/preauth/encrypted_challenge/encrypted_challenge_main.c	2010-03-25 03:08:12 UTC (rev 23836)
@@ -72,15 +72,15 @@
                              salt, s2kparams,
                              as_key, gak_data);
     }
-    if (padata->length) {
+    if (retval == 0 && padata->length) {
         krb5_enc_data *enc = NULL;
         krb5_data scratch;
         scratch.length = padata->length;
         scratch.data = (char *) padata->contents;
+        retval = krb5_c_fx_cf2_simple(context,armor_key, "kdcchallengearmor",
+                                      as_key, "challengelongterm",
+                                      &challenge_key);
         if (retval == 0)
-            retval = krb5_c_fx_cf2_simple(context,armor_key, "kdcchallengearmor",
-                                          as_key, "challengelongterm", &challenge_key);
-        if (retval == 0)
             retval =kaccess.decode_enc_data(&scratch, &enc);
         scratch.data = NULL;
         if (retval == 0) {
@@ -104,16 +104,15 @@
             fast_set_kdc_verified(context, get_data_proc, rock);
         if (enc)
             kaccess.free_enc_data(context, enc);
-    } else { /*No padata; we send*/
+    } else if (retval == 0) { /*No padata; we send*/
         krb5_enc_data enc;
         krb5_pa_data *pa = NULL;
         krb5_pa_data **pa_array = NULL;
         krb5_data *encoded_ts = NULL;
         krb5_pa_enc_ts ts;
         enc.ciphertext.data = NULL;
+        retval = krb5_us_timeofday(context, &ts.patimestamp, &ts.pausec);
         if (retval == 0)
-            retval = krb5_us_timeofday(context, &ts.patimestamp, &ts.pausec);
-        if (retval == 0)
             retval = kaccess.encode_enc_ts(&ts, &encoded_ts);
         if (retval == 0)
             retval = krb5_c_fx_cf2_simple(context,

More information about the cvs-krb5 mailing list