svn rev #24888: trunk/src/kadmin/server/
ghudson@MIT.EDU
ghudson at MIT.EDU
Tue Apr 19 14:13:41 EDT 2011
http://src.mit.edu/fisheye/changelog/krb5/?cs=24888
Commit By: ghudson
Log Message:
Clean up schpw.c in kadmind a bit, making use of new k5-int.h helpers
where appropriate.
Changed Files:
U trunk/src/kadmin/server/schpw.c
Modified: trunk/src/kadmin/server/schpw.c
===================================================================
--- trunk/src/kadmin/server/schpw.c 2011-04-19 16:46:37 UTC (rev 24887)
+++ trunk/src/kadmin/server/schpw.c 2011-04-19 18:13:41 UTC (rev 24888)
@@ -16,27 +16,21 @@
#define RFC3244_VERSION 0xff80
-krb5_error_code
-process_chpw_request(context, server_handle, realm, keytab,
- local_faddr, remote_faddr, req, rep)
- krb5_context context;
- void *server_handle;
- char *realm;
- krb5_keytab keytab;
- krb5_fulladdr *local_faddr;
- krb5_fulladdr *remote_faddr;
- krb5_data *req;
- krb5_data *rep;
+static krb5_error_code
+process_chpw_request(krb5_context context, void *server_handle, char *realm,
+ krb5_keytab keytab, const krb5_fulladdr *local_faddr,
+ const krb5_fulladdr *remote_faddr, krb5_data *req,
+ krb5_data *rep)
{
krb5_error_code ret;
char *ptr;
- int plen, vno;
- krb5_data ap_req, ap_rep;
- krb5_auth_context auth_context;
- krb5_principal changepw;
+ unsigned int plen, vno;
+ krb5_data ap_req, ap_rep = empty_data();
+ krb5_data cipher = empty_data(), clear = empty_data();
+ krb5_auth_context auth_context = NULL;
+ krb5_principal changepw = NULL;
krb5_principal client, target = NULL;
- krb5_ticket *ticket;
- krb5_data cipher, clear;
+ krb5_ticket *ticket = NULL;
krb5_replay_data replay;
krb5_error krberror;
int numresult;
@@ -50,17 +44,8 @@
char addrbuf[100];
krb5_address *addr = remote_faddr->address;
- ret = 0;
- rep->length = 0;
- rep->data = NULL;
+ *rep = empty_data();
- auth_context = NULL;
- changepw = NULL;
- ap_rep.length = 0;
- ticket = NULL;
- clear.length = 0;
- cipher.length = 0;
-
if (req->length < 4) {
/* either this, or the server is printing bad messages,
or the caller passed in garbage */
@@ -211,8 +196,7 @@
goto chpwfail;
}
- memset(clear.data, 0, clear.length);
- free(clear.data);
+ zapfree(clear.data, clear.length);
clear = *clear_data;
free(clear_data);
@@ -258,11 +242,9 @@
errmsg = krb5_get_error_message(context, ret);
/* zap the password */
- memset(clear.data, 0, clear.length);
- memset(ptr, 0, clear.length);
- free(clear.data);
- free(ptr);
- clear.length = 0;
+ zapfree(clear.data, clear.length);
+ zapfree(ptr, clear.length);
+ clear = empty_data();
clen = strlen(clientstr);
trunc_name(&clen, &cdots);
@@ -361,7 +343,7 @@
memcpy(ptr, strresult, strlen(strresult));
- cipher.length = 0;
+ cipher = empty_data();
if (ap_rep.length) {
ret = krb5_auth_con_setaddrs(context, auth_context,
@@ -391,7 +373,7 @@
if (ap_rep.length) {
free(ap_rep.data);
- ap_rep.length = 0;
+ ap_rep = empty_data();
}
krberror.ctime = 0;
@@ -428,13 +410,9 @@
/* construct the reply */
- rep->length = 6 + ap_rep.length + cipher.length;
- rep->data = (char *) malloc(rep->length);
- if (rep->data == NULL) {
- rep->length = 0; /* checked by caller */
- ret = ENOMEM;
+ ret = alloc_data(rep, 6 + ap_rep.length + cipher.length);
+ if (ret)
goto bailout;
- }
ptr = rep->data;
/* length */
@@ -464,43 +442,33 @@
memcpy(ptr, cipher.data, cipher.length);
bailout:
- if (auth_context)
- krb5_auth_con_free(context, auth_context);
- if (changepw)
- krb5_free_principal(context, changepw);
- if (ap_rep.length)
- free(ap_rep.data);
- if (ticket)
- krb5_free_ticket(context, ticket);
- if (clear.length)
- free(clear.data);
- if (cipher.length)
- free(cipher.data);
- if (target)
- krb5_free_principal(context, target);
- if (targetstr)
- krb5_free_unparsed_name(context, targetstr);
- if (clientstr)
- krb5_free_unparsed_name(context, clientstr);
- if (errmsg)
- krb5_free_error_message(context, errmsg);
-
- return(ret);
+ krb5_auth_con_free(context, auth_context);
+ krb5_free_principal(context, changepw);
+ krb5_free_ticket(context, ticket);
+ free(ap_rep.data);
+ free(clear.data);
+ free(cipher.data);
+ krb5_free_principal(context, target);
+ krb5_free_unparsed_name(context, targetstr);
+ krb5_free_unparsed_name(context, clientstr);
+ krb5_free_error_message(context, errmsg);
+ return ret;
}
/* Dispatch routine for set/change password */
krb5_error_code
dispatch(void *handle,
struct sockaddr *local_saddr, const krb5_fulladdr *remote_faddr,
- krb5_data *request, krb5_data **response, int is_tcp)
+ krb5_data *request, krb5_data **response_out, int is_tcp)
{
krb5_error_code ret;
krb5_keytab kt = NULL;
kadm5_server_handle_t server_handle = (kadm5_server_handle_t)handle;
krb5_fulladdr local_faddr;
krb5_address **local_kaddrs = NULL, local_kaddr_buf;
+ krb5_data *response = NULL;
- *response = NULL;
+ *response_out = NULL;
if (local_saddr == NULL) {
ret = krb5_os_localaddr(server_handle->context, &local_kaddrs);
@@ -521,11 +489,9 @@
goto cleanup;
}
- *response = (krb5_data *)malloc(sizeof(krb5_data));
- if (*response == NULL) {
- ret = ENOMEM;
+ response = k5alloc(sizeof(krb5_data), &ret);
+ if (response == NULL)
goto cleanup;
- }
ret = process_chpw_request(server_handle->context,
handle,
@@ -534,17 +500,16 @@
&local_faddr,
remote_faddr,
request,
- *response);
+ response);
+ if (ret)
+ goto cleanup;
-cleanup:
- if (local_kaddrs != NULL)
- krb5_free_addresses(server_handle->context, local_kaddrs);
+ *response_out = response;
+ response = NULL;
- if ((*response)->data == NULL) {
- free(*response);
- *response = NULL;
- }
+cleanup:
+ krb5_free_addresses(server_handle->context, local_kaddrs);
+ krb5_free_data(server_handle->context, response);
krb5_kt_close(server_handle->context, kt);
-
return ret;
}
More information about the cvs-krb5
mailing list