svn rev #25489: trunk/src/lib/krb5/krb/
ghudson@MIT.EDU
ghudson at MIT.EDU
Wed Nov 23 01:10:08 EST 2011
http://src.mit.edu/fisheye/changelog/krb5/?cs=25489
Commit By: ghudson
Log Message:
Whitespace, style changes to past two commits
Changed Files:
U trunk/src/lib/krb5/krb/decode_kdc.c
U trunk/src/lib/krb5/krb/fast.c
U trunk/src/lib/krb5/krb/fast.h
U trunk/src/lib/krb5/krb/gc_via_tkt.c
U trunk/src/lib/krb5/krb/send_tgs.c
Modified: trunk/src/lib/krb5/krb/decode_kdc.c
===================================================================
--- trunk/src/lib/krb5/krb/decode_kdc.c 2011-11-23 01:04:38 UTC (rev 25488)
+++ trunk/src/lib/krb5/krb/decode_kdc.c 2011-11-23 06:10:07 UTC (rev 25489)
@@ -44,14 +44,14 @@
krb5_error_code
krb5int_decode_tgs_rep(krb5_context context,
struct krb5int_fast_request_state *fast_state,
-krb5_data *enc_rep, const krb5_keyblock *key,
+ krb5_data *enc_rep, const krb5_keyblock *key,
krb5_keyusage usage, krb5_kdc_rep **dec_rep)
{
krb5_error_code retval;
krb5_kdc_rep *local_dec_rep;
krb5_keyblock *strengthen_key = NULL, tgs_key;
- tgs_key.contents = NULL;
+ tgs_key.contents = NULL;
if (krb5_is_as_rep(enc_rep)) {
retval = decode_krb5_as_rep(enc_rep, &local_dec_rep);
} else if (krb5_is_tgs_rep(enc_rep)) {
@@ -63,13 +63,13 @@
if (retval)
return retval;
- retval = krb5int_fast_process_response(context, fast_state,
- local_dec_rep, &strengthen_key);
- if (retval == KRB5_ERR_FAST_REQUIRED)
- retval = 0;
- else if (retval)
- goto cleanup;
- retval = krb5int_fast_reply_key(context, strengthen_key, key, &tgs_key);
+ retval = krb5int_fast_process_response(context, fast_state,
+ local_dec_rep, &strengthen_key);
+ if (retval == KRB5_ERR_FAST_REQUIRED)
+ retval = 0;
+ else if (retval)
+ goto cleanup;
+ retval = krb5int_fast_reply_key(context, strengthen_key, key, &tgs_key);
if (retval)
goto cleanup;
@@ -82,4 +82,4 @@
krb5_free_keyblock(context, strengthen_key);
krb5_free_keyblock_contents(context, &tgs_key);
return (retval);
- }
+}
Modified: trunk/src/lib/krb5/krb/fast.c
===================================================================
--- trunk/src/lib/krb5/krb/fast.c 2011-11-23 01:04:38 UTC (rev 25488)
+++ trunk/src/lib/krb5/krb/fast.c 2011-11-23 06:10:07 UTC (rev 25489)
@@ -106,10 +106,11 @@
return retval;
}
-krb5_error_code krb5int_fast_tgs_armor(krb5_context context, struct krb5int_fast_request_state *state,
- krb5_keyblock *subkey,krb5_keyblock *session_key,
- krb5_ccache ccache,
- krb5_data *target_realm)
+krb5_error_code
+krb5int_fast_tgs_armor(krb5_context context,
+ struct krb5int_fast_request_state *state,
+ krb5_keyblock *subkey, krb5_keyblock *session_key,
+ krb5_ccache ccache, krb5_data *target_realm)
{
krb5_principal target_principal = NULL;
krb5_keyblock *existing_armor = NULL;
@@ -119,24 +120,26 @@
retval = krb5int_tgtname(context, target_realm, target_realm,
&target_principal);
if (retval == 0)
- retval = fast_armor_ap_request(context, state, ccache, target_principal);
+ retval = fast_armor_ap_request(context, state, ccache,
+ target_principal);
if (retval == 0) {
existing_armor = state->armor_key;
state->armor_key = NULL;
retval = krb5_c_fx_cf2_simple(context, existing_armor,
- "explicitarmor", subkey,
+ "explicitarmor", subkey,
"tgsarmor", &state->armor_key);
}
- } else retval = krb5_c_fx_cf2_simple(context,
- subkey, "subkeyarmor",
- session_key, "ticketarmor", &state->armor_key);
+ } else {
+ retval = krb5_c_fx_cf2_simple(context, subkey, "subkeyarmor",
+ session_key, "ticketarmor",
+ &state->armor_key);
+ }
if (target_principal)
krb5_free_principal(context, target_principal);
krb5_free_keyblock(context, existing_armor);
- return retval;
+ return retval;
}
-
krb5_error_code
krb5int_fast_prep_req_body(krb5_context context,
struct krb5int_fast_request_state *state,
@@ -235,22 +238,22 @@
krb5_pa_data pa[2];
krb5_fast_req fast_req;
krb5_pa_data *tgs = NULL;
- krb5_fast_armored_req *armored_req = NULL;
+ krb5_fast_armored_req *armored_req = NULL;
krb5_data *encoded_fast_req = NULL;
krb5_data *encoded_armored_req = NULL;
krb5_data *local_encoded_result = NULL;
- int i,j;
+ int i, j;
assert(state != NULL);
assert(state->fast_outer_request.padata == NULL);
- memset(pa_array, 0, sizeof pa_array);
+ memset(pa_array, 0, sizeof(pa_array));
if (state->armor_key == NULL) {
return encoder(request, encoded_request);
}
TRACE_FAST_ENCODE(context);
state->nonce = request->nonce;
- fast_req.req_body = request;
+ fast_req.req_body = request;
if (fast_req.req_body->padata == NULL) {
fast_req.req_body->padata = calloc(1, sizeof(krb5_pa_data *));
if (fast_req.req_body->padata == NULL)
@@ -258,14 +261,16 @@
}
fast_req.fast_options = state->fast_options;
if (retval == 0
- && (tgs = krb5int_find_pa_data(context,fast_req.req_body->padata,
- KRB5_PADATA_AP_REQ))) {
+ && (tgs = krb5int_find_pa_data(context, fast_req.req_body->padata,
+ KRB5_PADATA_AP_REQ)) != NULL) {
krb5_pa_data **paptr = &fast_req.req_body->padata[0];
- for (i=0,j=0;paptr[j]; j++)
+ for (i = 0, j = 0; paptr[j] != NULL; j++) {
if (paptr[j]->pa_type == KRB5_PADATA_AP_REQ)
paptr[j] = NULL;
- else paptr[i++] = paptr[j];
- paptr[i++] = NULL;
+ else
+ paptr[i++] = paptr[j];
+ }
+ paptr[i] = NULL;
}
if (retval == 0)
retval = encode_krb5_fast_req(&fast_req, &encoded_fast_req);
@@ -288,17 +293,18 @@
if (retval == 0)
retval = encode_krb5_pa_fx_fast_request(armored_req,
&encoded_armored_req);
- if (retval==0) {
+ if (retval == 0) {
pa[0].pa_type = KRB5_PADATA_FX_FAST;
pa[0].contents = (unsigned char *) encoded_armored_req->data;
pa[0].length = encoded_armored_req->length;
if (tgs) {
pa_array[0] = tgs;
pa_array[1] = &pa[0];
- } else pa_array[0] = &pa[0];
+ } else
+ pa_array[0] = &pa[0];
}
state->fast_outer_request.padata = pa_array;
- if(retval == 0)
+ if (retval == 0)
retval = encoder(&state->fast_outer_request, &local_encoded_result);
if (retval == 0) {
*encoded_request = local_encoded_result;
@@ -399,19 +405,17 @@
{
krb5_error_code retval = 0;
krb5_error *err_reply = *err_replyptr;
- krb5_pa_data *fx_error_pa;
- krb5_pa_data **result = NULL;
- krb5_data scratch;
- krb5_error *fx_error = NULL;
- krb5_fast_response *fast_response = NULL;
- scratch.data = NULL;
+ krb5_pa_data *fx_error_pa;
+ krb5_pa_data **result = NULL;
+ krb5_data scratch = empty_data();
+ krb5_error *fx_error = NULL;
+ krb5_fast_response *fast_response = NULL;
if (out_padata)
*out_padata = NULL;
if (retry)
*retry = 0;
-
if (state->armor_key) {
retval = decode_krb5_padata_sequence(&err_reply->e_data, &result);
if (retval == 0)
@@ -424,9 +428,8 @@
* KDC seems reasonable.
*/
if (retry != NULL)
- *retry = 0;
+ *retry = 0;
krb5_free_pa_data(context, result);
- result = NULL;
return 0;
}
if (retval == 0) {
@@ -440,8 +443,7 @@
}
}
if (retval == 0) {
- scratch.data = (char *) fx_error_pa->contents;
- scratch.length = fx_error_pa->length;
+ scratch = make_data(fx_error_pa->contents, fx_error_pa->length);
retval = decode_krb5_error(&scratch, &fx_error);
}
if (retval == 0) {
@@ -449,8 +451,8 @@
*err_replyptr = fx_error;
fx_error = NULL;
if (out_padata) {
- *out_padata = fast_response->padata;
- fast_response->padata = NULL;
+ *out_padata = fast_response->padata;
+ fast_response->padata = NULL;
}
/*
* If there is more than the fx_error padata, then we want
@@ -466,22 +468,24 @@
} else { /*not FAST*/
/* Possibly retry if there's any e_data to process. */
if (retry)
- *retry = (err_reply->e_data.length > 0);
+ *retry = (err_reply->e_data.length > 0);
/* Try to decode e_data as pa-data or typed-data for out_padata. */
- if (out_padata)
- retval = decode_krb5_padata_sequence(&err_reply->e_data, out_padata);
- if ((out_padata != NULL) && (retval != 0)) {
- krb5_typed_data **tdata;
- /* krb5_typed data and krb5_pa_data are compatible structures. */
- if (decode_krb5_typed_data(&err_reply->e_data, &tdata) == 0)
- *out_padata = (krb5_pa_data **)tdata;
- retval = 0;
+ if (out_padata) {
+ retval = decode_krb5_padata_sequence(&err_reply->e_data,
+ out_padata);
+ if (retval != 0) {
+ krb5_typed_data **tdata;
+ /* krb5_typed data and krb5_pa_data are compatible. */
+ if (decode_krb5_typed_data(&err_reply->e_data, &tdata) == 0)
+ *out_padata = (krb5_pa_data **)tdata;
+ retval = 0;
+ }
}
}
- krb5_free_pa_data(context, result);
- krb5_free_fast_response(context, fast_response);
-if (fx_error)
- krb5_free_error(context, fx_error);
+ krb5_free_pa_data(context, result);
+ krb5_free_fast_response(context, fast_response);
+ if (fx_error)
+ krb5_free_error(context, fx_error);
return retval;
}
@@ -551,8 +555,9 @@
krb5_error_code retval = 0;
krb5_free_keyblock_contents(context, out_key);
if (strengthen_key) {
- retval = krb5_c_fx_cf2_simple(context, (krb5_keyblock *) strengthen_key,
- "strengthenkey", (krb5_keyblock *) existing_key,
+ retval = krb5_c_fx_cf2_simple(context, (krb5_keyblock *)strengthen_key,
+ "strengthenkey",
+ (krb5_keyblock *)existing_key,
"replykey", &key);
if (retval == 0) {
TRACE_FAST_REPLY_KEY(context, key);
Modified: trunk/src/lib/krb5/krb/fast.h
===================================================================
--- trunk/src/lib/krb5/krb/fast.h 2011-11-23 01:04:38 UTC (rev 25488)
+++ trunk/src/lib/krb5/krb/fast.h 2011-11-23 06:10:07 UTC (rev 25489)
@@ -102,10 +102,13 @@
krb5int_upgrade_to_fast_p(krb5_context context,
struct krb5int_fast_request_state *state,
krb5_pa_data **padata);
-krb5_error_code krb5int_fast_tgs_armor(krb5_context context, struct krb5int_fast_request_state *state,
- krb5_keyblock *subkey,
- krb5_keyblock *session_key,
- krb5_ccache ccache,
- krb5_data *target_realm);
+krb5_error_code
+krb5int_fast_tgs_armor(krb5_context context,
+ struct krb5int_fast_request_state *state,
+ krb5_keyblock *subkey,
+ krb5_keyblock *session_key,
+ krb5_ccache ccache,
+ krb5_data *target_realm);
+
#endif
Modified: trunk/src/lib/krb5/krb/gc_via_tkt.c
===================================================================
--- trunk/src/lib/krb5/krb/gc_via_tkt.c 2011-11-23 01:04:38 UTC (rev 25488)
+++ trunk/src/lib/krb5/krb/gc_via_tkt.c 2011-11-23 06:10:07 UTC (rev 25489)
@@ -33,7 +33,6 @@
#include "int-proto.h"
#include "fast.h"
-
static krb5_error_code
kdcrep2creds(krb5_context context, krb5_kdc_rep *pkdcrep, krb5_address *const *address,
krb5_data *psectkt, krb5_creds **ppcreds)
@@ -217,7 +216,8 @@
enctypes[1] = 0;
}
- retval = krb5int_make_tgs_request_ext(context, fast_state, kdcoptions, &in_cred->times,
+ retval = krb5int_make_tgs_request_ext(context, fast_state, kdcoptions,
+ &in_cred->times,
enctypes, in_cred->server, address,
in_cred->authdata, in_padata,
second_tkt ?
@@ -300,9 +300,7 @@
/* Unfortunately, Heimdal at least up through 1.2 encrypts using
the session key not the subsession key. So we try both. */
- retval = krb5int_decode_tgs_rep(context, fast_state,
- response_data,
- subkey,
+ retval = krb5int_decode_tgs_rep(context, fast_state, response_data, subkey,
KRB5_KEYUSAGE_TGS_REP_ENCPART_SUBKEY,
&dec_rep);
if (retval) {
Modified: trunk/src/lib/krb5/krb/send_tgs.c
===================================================================
--- trunk/src/lib/krb5/krb/send_tgs.c 2011-11-23 01:04:38 UTC (rev 25488)
+++ trunk/src/lib/krb5/krb/send_tgs.c 2011-11-23 06:10:07 UTC (rev 25489)
@@ -214,7 +214,7 @@
&in_cred->keyblock, NULL, NULL);
if (retval)
goto cleanup;
- if (authorization_data) {
+ if (authorization_data) {
/* need to encrypt it in the request */
if ((retval = encode_krb5_authdata(authorization_data, &scratch)))
@@ -255,7 +255,9 @@
tgsreq.second_ticket = 0;
/* encode the body; then checksum it */
- if ((retval = krb5int_fast_prep_req_body(context, fast_state, &tgsreq, &scratch)))
+ retval = krb5int_fast_prep_req_body(context, fast_state, &tgsreq,
+ &scratch);
+ if (retval)
goto cleanup;
/*
@@ -326,9 +328,9 @@
goto cleanup;
}
/* the TGS_REQ is assembled in tgsreq, so encode it */
- if ((retval = krb5int_fast_prep_req(context, fast_state, &tgsreq,
- &scratch2, encode_krb5_tgs_req,
- &scratch)))
+ retval = krb5int_fast_prep_req(context, fast_state, &tgsreq, &scratch2,
+ encode_krb5_tgs_req, &scratch);
+ if (retval)
goto cleanup;
*request_data = *scratch;
More information about the cvs-krb5
mailing list