svn rev #25014: trunk/src/lib/kadm5/

ghudson@MIT.EDU ghudson at MIT.EDU
Wed Jul 6 12:33:27 EDT 2011 

http://src.mit.edu/fisheye/changelog/krb5/?cs=25014
Commit By: ghudson
Log Message:
Simplify and fix chpass_util error generation.

If a principal has no associated kadm5 policy, we may still get
password quality errors from a module (KDB or pwqual).  There was a
bug in the error generation for this case which caused only a generic
error to be returned.

Also use snprintf() instead of multiple string operations to compose
errors.

>From Simo Sorce <ssorce at redhat.com>.


Changed Files:
U   trunk/src/lib/kadm5/chpass_util.c
Modified: trunk/src/lib/kadm5/chpass_util.c
===================================================================
--- trunk/src/lib/kadm5/chpass_util.c	2011-07-05 18:51:43 UTC (rev 25013)
+++ trunk/src/lib/kadm5/chpass_util.c	2011-07-06 16:33:27 UTC (rev 25014)
@@ -102,12 +102,10 @@
                 msg_ret[msg_len - 1] = '\0';
                 return(code);
             } else {
-                strncpy(msg_ret, error_message(code), msg_len - 1);
-                strncat(msg_ret, " ", msg_len - 1);
-                strncat(msg_ret, string_text(CHPASS_UTIL_WHILE_READING_PASSWORD),
-                        msg_len - 1);
-                strncat(msg_ret, string_text(CHPASS_UTIL_PASSWORD_NOT_CHANGED),
-                        msg_len - 1);
+                snprintf(msg_ret, msg_len, "%s %s\n\n%s",
+                         error_message(code),
+                         string_text(CHPASS_UTIL_WHILE_READING_PASSWORD),
+                         string_text(CHPASS_UTIL_PASSWORD_NOT_CHANGED));
                 msg_ret[msg_len - 1] = '\0';
                 return(code);
             }
@@ -142,11 +140,10 @@
         (code != KADM5_PASS_REUSE) &&(code != KADM5_PASS_Q_CLASS) &&
         (code != KADM5_PASS_Q_DICT) && (code != KADM5_PASS_TOOSOON)) {
         /* Can't get more info for other errors */
-        snprintf(buffer, sizeof(buffer), "%s %s", error_message(code),
-                 string_text(CHPASS_UTIL_WHILE_TRYING_TO_CHANGE));
-        snprintf(msg_ret, msg_len, "%s\n%s\n",
+        snprintf(msg_ret, msg_len, "%s\n%s %s\n",
                  string_text(CHPASS_UTIL_PASSWORD_NOT_CHANGED),
-                 buffer);
+                 error_message(code),
+                 string_text(CHPASS_UTIL_WHILE_TRYING_TO_CHANGE));
         return(code);
     }
 
@@ -170,32 +167,22 @@
     code2 = kadm5_get_principal (lhandle, princ, &princ_ent,
                                  KADM5_PRINCIPAL_NORMAL_MASK);
     if (code2 != 0) {
-        strncpy(msg_ret, error_message(code2), msg_len - 1);
-        strncat(msg_ret, " ", msg_len - 1 - strlen(msg_ret));
-        strncat(msg_ret, string_text(CHPASS_UTIL_GET_PRINC_INFO), msg_len - 1 - strlen(msg_ret));
-        strncat(msg_ret, "\n", msg_len - 1 - strlen(msg_ret));
-        strncat(msg_ret, error_message(code), msg_len - 1 - strlen(msg_ret));
-        strncat(msg_ret, " ", msg_len - 1 - strlen(msg_ret));
-        strncat(msg_ret, string_text(CHPASS_UTIL_WHILE_TRYING_TO_CHANGE),
-                msg_len - 1 - strlen(msg_ret));
-        strncat(msg_ret, "\n\n", msg_len - 1 - strlen(msg_ret));
-        strncat(msg_ret, string_text(CHPASS_UTIL_PASSWORD_NOT_CHANGED),
-                msg_len - 1 - strlen(msg_ret));
-        strncat(msg_ret, "\n", msg_len - 1 - strlen(msg_ret));
+        snprintf(msg_ret, msg_len, "%s %s\n%s %s\n\n%s\n",
+                 error_message(code2),
+                 string_text(CHPASS_UTIL_GET_PRINC_INFO),
+                 error_message(code),
+                 string_text(CHPASS_UTIL_WHILE_TRYING_TO_CHANGE),
+                 string_text(CHPASS_UTIL_PASSWORD_NOT_CHANGED));
         msg_ret[msg_len - 1] = '\0';
         return(code);
     }
 
     if ((princ_ent.aux_attributes & KADM5_POLICY) == 0) {
-        strncpy(msg_ret, error_message(code), msg_len - 1 - strlen(msg_ret));
-        strncat(msg_ret, " ", msg_len - 1 - strlen(msg_ret));
-        strncpy(msg_ret, string_text(CHPASS_UTIL_NO_POLICY_YET_Q_ERROR),
-                msg_len - 1 - strlen(msg_ret));
-        strncat(msg_ret, "\n\n", msg_len - 1 - strlen(msg_ret));
-        strncpy(msg_ret, string_text(CHPASS_UTIL_PASSWORD_NOT_CHANGED),
-                msg_len - 1 - strlen(msg_ret));
+        /* Some module implements its own password policy. */
+        snprintf(msg_ret, msg_len, "%s\n\n%s",
+                 error_message(code),
+                 string_text(CHPASS_UTIL_PASSWORD_NOT_CHANGED));
         msg_ret[msg_len - 1] = '\0';
-
         (void) kadm5_free_principal_ent(lhandle, &princ_ent);
         return(code);
     }
@@ -248,11 +235,10 @@
     }
 
     /* We should never get here, but just in case ... */
-    snprintf(buffer, sizeof(buffer), "%s %s", error_message(code),
-             string_text(CHPASS_UTIL_WHILE_TRYING_TO_CHANGE));
-    snprintf(msg_ret, msg_len, "%s\n%s\n",
+    snprintf(msg_ret, msg_len, "%s\n%s %s\n",
              string_text(CHPASS_UTIL_PASSWORD_NOT_CHANGED),
-             buffer);
+             error_message(code),
+             string_text(CHPASS_UTIL_WHILE_TRYING_TO_CHANGE));
     (void) kadm5_free_principal_ent(lhandle, &princ_ent);
     (void) kadm5_free_policy_ent(lhandle, &policy_ent);
     return(code);

More information about the cvs-krb5 mailing list