svn rev #25209: trunk/src/ include/ include/krb5/ lib/gssapi/mechglue/ lib/krb5/asn.1/ ...

ghudson@MIT.EDU ghudson at MIT.EDU
Mon Sep 19 01:34:17 EDT 2011


http://src.mit.edu/fisheye/changelog/krb5/?cs=25209
Commit By: ghudson
Log Message:
Formatting fixes.


Changed Files:
U   trunk/src/include/k5-int-pkinit.h
U   trunk/src/include/krb5/krb5.hin
U   trunk/src/lib/gssapi/mechglue/g_initialize.c
U   trunk/src/lib/krb5/asn.1/asn1_encode.h
U   trunk/src/lib/krb5/asn.1/asn1_k_decode.c
U   trunk/src/lib/krb5/asn.1/asn1_k_decode.h
U   trunk/src/lib/krb5/asn.1/asn1_k_decode_kdc.c
U   trunk/src/lib/krb5/asn.1/asn1_k_encode.c
U   trunk/src/plugins/preauth/pkinit/Makefile.in
U   trunk/src/plugins/preauth/pkinit/pkinit.h
U   trunk/src/plugins/preauth/pkinit/pkinit_clnt.c
U   trunk/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
U   trunk/src/plugins/preauth/pkinit/pkinit_kdf_constants.c
U   trunk/src/plugins/preauth/pkinit/pkinit_kdf_test.c
U   trunk/src/plugins/preauth/pkinit/pkinit_lib.c
Modified: trunk/src/include/k5-int-pkinit.h
===================================================================
--- trunk/src/include/k5-int-pkinit.h	2011-09-19 01:00:56 UTC (rev 25208)
+++ trunk/src/include/k5-int-pkinit.h	2011-09-19 05:34:17 UTC (rev 25209)
@@ -65,7 +65,7 @@
     krb5_octet_data             subjectPublicKey; /* BIT STRING */
 } krb5_subject_pk_info;
 
-/** AuthPack  from RFC 4556*/
+/** AuthPack from RFC 4556*/
 typedef struct _krb5_auth_pack {
     krb5_pk_authenticator       pkAuthenticator;
     krb5_subject_pk_info        *clientPublicValue; /* Optional */
@@ -241,10 +241,12 @@
                              krb5_data **code);
 
 krb5_error_code
-encode_krb5_sp80056a_other_info(const krb5_sp80056a_other_info *,  krb5_data **);
+encode_krb5_sp80056a_other_info(const krb5_sp80056a_other_info *,
+                                krb5_data **);
 
 krb5_error_code
-encode_krb5_pkinit_supp_pub_info(const krb5_pkinit_supp_pub_info *, krb5_data **);
+encode_krb5_pkinit_supp_pub_info(const krb5_pkinit_supp_pub_info *,
+                                 krb5_data **);
 
 /*************************************************************************
  * Prototypes for pkinit asn.1 decode routines

Modified: trunk/src/include/krb5/krb5.hin
===================================================================
--- trunk/src/include/krb5/krb5.hin	2011-09-19 01:00:56 UTC (rev 25208)
+++ trunk/src/include/krb5/krb5.hin	2011-09-19 05:34:17 UTC (rev 25209)
@@ -4647,10 +4647,10 @@
 krb5_free_data(krb5_context context, krb5_data *val);
 
 /**
- * @brief Free storage associated with a @c krb5_octet_data structure and its pointer.
+ * Free storage associated with a @c krb5_octet_data structure and its pointer.
  *
- * @param context           Context structure [input, output]
- * @param val               Pointer to data structure to be freed [input, output]
+ * @param [in] context          Context structure
+ * @param [in] val              Data structure to be freed
  *
  * @return
  * None
@@ -4659,11 +4659,8 @@
 krb5_free_octet_data(krb5_context context, krb5_octet_data *val);
 
 /**
- * @brief Free the contents of a @c _krb5_data structure and zero the data field.
+ * Free the contents of a krb5_data structure and zero the data field.
  *
- * @param context           Context structure [input, output]
- * @param val               Pointer to data structure to be freed [input, output]
- *
  * @param [in] context          Library context
  * @param [in] val              Data structure to free contents of
  *

Modified: trunk/src/lib/gssapi/mechglue/g_initialize.c
===================================================================
--- trunk/src/lib/gssapi/mechglue/g_initialize.c	2011-09-19 01:00:56 UTC (rev 25208)
+++ trunk/src/lib/gssapi/mechglue/g_initialize.c	2011-09-19 05:34:17 UTC (rev 25209)
@@ -579,13 +579,12 @@
 updateMechList(void)
 {
 #if defined(_WIN32)
-    time_t lastConfModTime = getRegConfigModTime(MECH_KEY);
-    if (g_confFileModTime < lastConfModTime)
-    {
-        g_confFileModTime = lastConfModTime;
-        loadConfigFromRegistry(HKEY_CURRENT_USER, MECH_KEY);
-        loadConfigFromRegistry(HKEY_LOCAL_MACHINE, MECH_KEY);
-    }
+	time_t lastConfModTime = getRegConfigModTime(MECH_KEY);
+	if (g_confFileModTime < lastConfModTime) {
+		g_confFileModTime = lastConfModTime;
+		loadConfigFromRegistry(HKEY_CURRENT_USER, MECH_KEY);
+		loadConfigFromRegistry(HKEY_LOCAL_MACHINE, MECH_KEY);
+	}
 #else /* _WIN32 */
 	char *fileName;
 	struct stat fileInfo;
@@ -1058,6 +1057,7 @@
 	char *sharedLib, *kernMod, *modOptions, *oid, *endp;
 	char buffer[BUFSIZ], *oidStr;
 	FILE *confFile;
+
 	if ((confFile = fopen(fileName, "r")) == NULL) {
 		return;
 	}
@@ -1090,77 +1090,77 @@
 		if (! *endp)
 			continue;
 
-	    /* Find the end of the oid and make sure it is NULL-ended */
-	    for (oid=endp; *endp && !isspace(*endp); endp++)
-		    ;
+		/* Find the end of the oid and make sure it is NULL-ended */
+		for (oid = endp; *endp && !isspace(*endp); endp++)
+			;
 
-	    if (*endp) {
-		    *endp = '\0';
-            endp++;
-	    }
+		if (*endp) {
+			*endp = '\0';
+			endp++;
+		}
 
-	    /* Find the start of the shared lib name */
-	    for (sharedLib = endp; *sharedLib && isspace(*sharedLib);
-		    sharedLib++)
-		    ;
+		/* Find the start of the shared lib name */
+		for (sharedLib = endp; *sharedLib && isspace(*sharedLib);
+		     sharedLib++)
+			;
 
-	    /*
-	     * Find the end of the shared lib name and make sure it is
-	     *  NULL-terminated.
-	     */
-	    for (endp = sharedLib; *endp && !isspace(*endp); endp++)
-		    ;
+		/*
+		 * Find the end of the shared lib name and make sure it is
+		 *  NULL-terminated.
+		 */
+		for (endp = sharedLib; *endp && !isspace(*endp); endp++)
+			;
 
-	    if (*endp) {
-		    *endp = '\0';
-            endp++;
-	    }
+		if (*endp) {
+			*endp = '\0';
+			endp++;
+		}
 
-	    /* Find the start of the optional kernel module lib name */
-	    for (kernMod = endp; *kernMod && isspace(*kernMod);
-		    kernMod++)
-		    ;
+		/* Find the start of the optional kernel module lib name */
+		for (kernMod = endp; *kernMod && isspace(*kernMod);
+		     kernMod++)
+			;
 
-	    /*
-	     * If this item starts with a bracket "[", then
-	     * it is not a kernel module, but is a list of
-	     * options for the user module to parse later.
-	     */
-	    if (*kernMod && *kernMod != '[') {
-		    /*
-		     * Find the end of the shared lib name and make sure
-		     * it is NULL-terminated.
-		     */
-	        for (endp = kernMod; *endp && !isspace(*endp); endp++)
-		        ;
+		/*
+		 * If this item starts with a bracket "[", then
+		 * it is not a kernel module, but is a list of
+		 * options for the user module to parse later.
+		 */
+		if (*kernMod && *kernMod != '[') {
+			/*
+			 * Find the end of the shared lib name and make sure
+			 * it is NULL-terminated.
+			 */
+			for (endp = kernMod; *endp && !isspace(*endp); endp++)
+				;
 
-	        if (*endp) {
-		        *endp = '\0';
-                endp++;
-	        }
-	    } else
-		    kernMod = NULL;
+			if (*endp) {
+				*endp = '\0';
+				endp++;
+			}
+		} else
+			kernMod = NULL;
 
-	    /* Find the start of the optional module options list */
-	    for (modOptions = endp; *modOptions && isspace(*modOptions);
-		    modOptions++);
+		/* Find the start of the optional module options list */
+		for (modOptions = endp; *modOptions && isspace(*modOptions);
+		     modOptions++);
 
-	    if (*modOptions == '[')  {
-		    /* move past the opening bracket */
-		    for (modOptions = modOptions+1;
-			    *modOptions && isspace(*modOptions);
-			    modOptions++);
+		if (*modOptions == '[')  {
+			/* move past the opening bracket */
+			for (modOptions = modOptions+1;
+			     *modOptions && isspace(*modOptions);
+			     modOptions++);
 
-		    /* Find the closing bracket */
-		    for (endp = modOptions;
-			    *endp && *endp != ']'; endp++);
+			/* Find the closing bracket */
+			for (endp = modOptions;
+			     *endp && *endp != ']'; endp++);
 
-		    *endp = '\0';
-	    } else {
-		    modOptions = NULL;
-	    }
+			*endp = '\0';
+		} else {
+			modOptions = NULL;
+		}
 
-        addConfigEntry(oidStr, oid, sharedLib, kernMod, modOptions);
+		addConfigEntry(oidStr, oid, sharedLib, kernMod, modOptions);
 	} /* while */
 	(void) fclose(confFile);
 } /* loadConfigFile */
@@ -1170,150 +1170,166 @@
 static time_t
 filetimeToTimet(const FILETIME *ft)
 {
-    ULARGE_INTEGER ull;
-    ull.LowPart = ft->dwLowDateTime;
-    ull.HighPart = ft->dwHighDateTime;
-    return (time_t )(ull.QuadPart / 10000000ULL - 11644473600ULL);
+	ULARGE_INTEGER ull;
+
+	ull.LowPart = ft->dwLowDateTime;
+	ull.HighPart = ft->dwHighDateTime;
+	return (time_t)(ull.QuadPart / 10000000ULL - 11644473600ULL);
 }
 
 static time_t
 getRegConfigModTime(const char *keyPath)
 {
-    time_t currentUserModTime = getRegKeyModTime(HKEY_CURRENT_USER, keyPath);
-    time_t localMachineModTime = getRegKeyModTime(HKEY_LOCAL_MACHINE, keyPath);
-    return currentUserModTime > localMachineModTime ? currentUserModTime : localMachineModTime;
+	time_t currentUserModTime = getRegKeyModTime(HKEY_CURRENT_USER,
+						     keyPath);
+	time_t localMachineModTime = getRegKeyModTime(HKEY_LOCAL_MACHINE,
+						      keyPath);
+
+	return currentUserModTime > localMachineModTime ? currentUserModTime :
+		localMachineModTime;
 }
 
 static time_t
 getRegKeyModTime(HKEY hBaseKey, const char *keyPath)
 {
-    HKEY hConfigKey;
-    HRESULT rc;
-    int iSubKey = 0;
-    time_t modTime = 0, keyModTime;
-    FILETIME keyLastWriteTime;
-    char subKeyName[256];
-    if ((rc = RegOpenKeyEx(hBaseKey, keyPath, 0, KEY_ENUMERATE_SUB_KEYS,
-                           &hConfigKey)) != ERROR_SUCCESS) {
-        /* TODO: log error message */
-        return 0;
-    }
-    do {
-        int subKeyNameSize=256;
-        if ((rc = RegEnumKeyEx(hConfigKey, iSubKey++, subKeyName, &subKeyNameSize, NULL, NULL, NULL, &keyLastWriteTime)) != ERROR_SUCCESS) {
-            break;
-        }
-        keyModTime = filetimeToTimet(&keyLastWriteTime);
-        if (modTime < keyModTime) {
-            modTime = keyModTime;
-        }
-    } while (1);
-    RegCloseKey(hConfigKey);
-    return modTime;
+	HKEY hConfigKey;
+	HRESULT rc;
+	int iSubKey = 0;
+	time_t modTime = 0, keyModTime;
+	FILETIME keyLastWriteTime;
+	char subKeyName[256];
+
+	if ((rc = RegOpenKeyEx(hBaseKey, keyPath, 0, KEY_ENUMERATE_SUB_KEYS,
+			       &hConfigKey)) != ERROR_SUCCESS) {
+		/* TODO: log error message */
+		return 0;
+	}
+	do {
+		int subKeyNameSize=256;
+		if ((rc = RegEnumKeyEx(hConfigKey, iSubKey++, subKeyName,
+				       &subKeyNameSize, NULL, NULL, NULL,
+				       &keyLastWriteTime)) != ERROR_SUCCESS) {
+			break;
+		}
+		keyModTime = filetimeToTimet(&keyLastWriteTime);
+		if (modTime < keyModTime) {
+			modTime = keyModTime;
+		}
+	} while (1);
+	RegCloseKey(hConfigKey);
+	return modTime;
 }
 
 static void
-getRegKeyValue(HKEY hKey, const char *keyPath, const char *valueName, void **data, DWORD* dataLen)
+getRegKeyValue(HKEY hKey, const char *keyPath, const char *valueName,
+	       void **data, DWORD* dataLen)
 {
-    DWORD sizeRequired=*dataLen;
-    HRESULT hr;
-    /* Get data length required */
-    if ((hr=RegGetValue(hKey, keyPath, valueName, RRF_RT_REG_SZ, NULL, NULL, &sizeRequired)) != ERROR_SUCCESS)
-    {
-        /* TODO: LOG registry error */
-        return;
-    }
-    /* adjust data buffer size if necessary */
-    if (*dataLen < sizeRequired)
-    {
-        *dataLen = sizeRequired;
-        *data = realloc(*data, sizeRequired);
-        if (!*data)
-        {
-            *dataLen = 0;
-            /* TODO: LOG OOM ERROR! */
-            return;
-        }
-    }
-    /* get data */
-    if ((hr=RegGetValue(hKey, keyPath, valueName, RRF_RT_REG_SZ, NULL, *data, &sizeRequired)) != ERROR_SUCCESS)
-    {
-        /* LOG registry error */
-        return;
-    }
+	DWORD sizeRequired=*dataLen;
+	HRESULT hr;
+	/* Get data length required */
+	if ((hr = RegGetValue(hKey, keyPath, valueName, RRF_RT_REG_SZ, NULL,
+			      NULL, &sizeRequired)) != ERROR_SUCCESS) {
+		/* TODO: LOG registry error */
+		return;
+	}
+	/* adjust data buffer size if necessary */
+	if (*dataLen < sizeRequired) {
+		*dataLen = sizeRequired;
+		*data = realloc(*data, sizeRequired);
+		if (!*data) {
+			*dataLen = 0;
+			/* TODO: LOG OOM ERROR! */
+			return;
+		}
+	}
+	/* get data */
+	if ((hr = RegGetValue(hKey, keyPath, valueName, RRF_RT_REG_SZ, NULL,
+			      *data, &sizeRequired)) != ERROR_SUCCESS) {
+		/* LOG registry error */
+		return;
+	}
 }
 
 static void
 loadConfigFromRegistry(HKEY hBaseKey, const char *keyPath)
 {
-    HKEY hConfigKey;
-    DWORD iSubKey, nSubKeys, maxSubKeyNameLen;
-    DWORD dataBufferSize, dataSizeRequired;
-    char *oidStr=NULL, *oid=NULL, *sharedLib=NULL, *kernMod=NULL, *modOptions=NULL;
-    DWORD oidStrLen=0, oidLen=0, sharedLibLen=0, kernModLen=0, modOptionsLen=0;
-    HRESULT rc;
+	HKEY hConfigKey;
+	DWORD iSubKey, nSubKeys, maxSubKeyNameLen;
+	DWORD dataBufferSize, dataSizeRequired;
+	char *oidStr = NULL, *oid = NULL, *sharedLib = NULL, *kernMod = NULL;
+	char *modOptions = NULL;
+	DWORD oidStrLen = 0, oidLen = 0, sharedLibLen = 0, kernModLen = 0;
+	DWORD modOptionsLen = 0;
+	HRESULT rc;
 
-    if ((rc = RegOpenKeyEx(hBaseKey, keyPath, 0, KEY_ENUMERATE_SUB_KEYS|KEY_QUERY_VALUE,
-                           &hConfigKey)) != ERROR_SUCCESS) {
-        /* TODO: log registry error */
-        return;
-    }
+	if ((rc = RegOpenKeyEx(hBaseKey, keyPath, 0,
+			       KEY_ENUMERATE_SUB_KEYS|KEY_QUERY_VALUE,
+			       &hConfigKey)) != ERROR_SUCCESS) {
+		/* TODO: log registry error */
+		return;
+	}
 
-    if ((rc = RegQueryInfoKey(hConfigKey,
-        NULL, /* lpClass */
-        NULL, /* lpcClass */
-        NULL, /* lpReserved */
-        &nSubKeys,
-        &maxSubKeyNameLen,
-        NULL, /* lpcMaxClassLen */
-        NULL, /* lpcValues */
-        NULL, /* lpcMaxValueNameLen */
-        NULL, /* lpcMaxValueLen */
-        NULL, /* lpcbSecurityDescriptor */
-        NULL  /* lpftLastWriteTime */ )) != ERROR_SUCCESS) {
-        goto cleanup;
-    }
-    oidStr = malloc(++maxSubKeyNameLen);
-    if (!oidStr) {
-        goto cleanup;
-    }
-    for (iSubKey=0; iSubKey<nSubKeys; iSubKey++) {
-        oidStrLen = maxSubKeyNameLen;
-        if ((rc = RegEnumKeyEx(hConfigKey, iSubKey, oidStr, &oidStrLen, NULL, NULL, NULL, NULL)) != ERROR_SUCCESS) {
-            /* TODO: log registry error */
-            continue;
-        }
-        getRegKeyValue(hConfigKey, oidStr, "OID", &oid, &oidLen);
-        getRegKeyValue(hConfigKey, oidStr, "Shared Library", &sharedLib, &sharedLibLen);
-        getRegKeyValue(hConfigKey, oidStr, "Kernel Module", &kernMod, &kernModLen);
-        getRegKeyValue(hConfigKey, oidStr, "Options", &modOptions, &modOptionsLen);
-        addConfigEntry(oidStr, oid, sharedLib, kernMod, modOptions);
-    }
+	if ((rc = RegQueryInfoKey(hConfigKey,
+		NULL, /* lpClass */
+		NULL, /* lpcClass */
+		NULL, /* lpReserved */
+		&nSubKeys,
+		&maxSubKeyNameLen,
+		NULL, /* lpcMaxClassLen */
+		NULL, /* lpcValues */
+		NULL, /* lpcMaxValueNameLen */
+		NULL, /* lpcMaxValueLen */
+		NULL, /* lpcbSecurityDescriptor */
+		NULL  /* lpftLastWriteTime */ )) != ERROR_SUCCESS) {
+		goto cleanup;
+	}
+	oidStr = malloc(++maxSubKeyNameLen);
+	if (!oidStr) {
+		goto cleanup;
+	}
+	for (iSubKey=0; iSubKey<nSubKeys; iSubKey++) {
+		oidStrLen = maxSubKeyNameLen;
+		if ((rc = RegEnumKeyEx(hConfigKey, iSubKey, oidStr, &oidStrLen,
+				       NULL, NULL, NULL, NULL)) !=
+		    ERROR_SUCCESS) {
+			/* TODO: log registry error */
+			continue;
+		}
+		getRegKeyValue(hConfigKey, oidStr, "OID", &oid, &oidLen);
+		getRegKeyValue(hConfigKey, oidStr, "Shared Library",
+			       &sharedLib, &sharedLibLen);
+		getRegKeyValue(hConfigKey, oidStr, "Kernel Module", &kernMod,
+			       &kernModLen);
+		getRegKeyValue(hConfigKey, oidStr, "Options", &modOptions,
+			       &modOptionsLen);
+		addConfigEntry(oidStr, oid, sharedLib, kernMod, modOptions);
+	}
 cleanup:
-    RegCloseKey(hConfigKey);
-    if (oidStr) {
-        free(oidStr);
-    }
-    if (oid) {
-        free(oid);
-    }
-    if (sharedLib) {
-        free(sharedLib);
-    }
-    if (kernMod) {
-        free(kernMod);
-    }
-    if (modOptions) {
-        free(modOptions);
-    }
+	RegCloseKey(hConfigKey);
+	if (oidStr) {
+		free(oidStr);
+	}
+	if (oid) {
+		free(oid);
+	}
+	if (sharedLib) {
+		free(sharedLib);
+	}
+	if (kernMod) {
+		free(kernMod);
+	}
+	if (modOptions) {
+		free(modOptions);
+	}
 }
 #endif
 
 static void
-addConfigEntry(const char *oidStr, const char *oid, const char *sharedLib, const char *kernMod, const char *modOptions)
+addConfigEntry(const char *oidStr, const char *oid, const char *sharedLib,
+	       const char *kernMod, const char *modOptions)
 {
 #if defined(_WIN32)
-    const char *sharedPath;
+	const char *sharedPath;
 #else
 	char sharedPath[sizeof (MECH_LIB_PREFIX) + BUFSIZ];
 #endif
@@ -1323,9 +1339,9 @@
 	OM_uint32 minor;
 	gss_buffer_desc oidBuf;
 
-    if ((!oid) || (!oidStr)) {
-        return;
-    }
+	if ((!oid) || (!oidStr)) {
+		return;
+	}
 	/*
 	 * check if an entry for this oid already exists
 	 * if it does, and the library is already loaded then
@@ -1339,8 +1355,8 @@
 		(void) syslog(LOG_INFO, "invalid mechanism oid"
 				" [%s] in configuration file", oid);
 #endif
-			return;
-		}
+		return;
+	}
 
 	aMech = searchMechList(mechOid);
 	if (aMech && aMech->mech) {
@@ -1356,13 +1372,13 @@
 		return;
 	}
 #if defined(_WIN32)
-    sharedPath = sharedLib;
+	sharedPath = sharedLib;
 #else
 	if (sharedLib[0] == '/')
 		snprintf(sharedPath, sizeof(sharedPath), "%s", sharedLib);
 	else
 		snprintf(sharedPath, sizeof(sharedPath), "%s%s",
-				MECH_LIB_PREFIX, sharedLib);
+			 MECH_LIB_PREFIX, sharedLib);
 #endif
 	/*
 	 * are we creating a new mechanism entry or

Modified: trunk/src/lib/krb5/asn.1/asn1_encode.h
===================================================================
--- trunk/src/lib/krb5/asn.1/asn1_encode.h	2011-09-19 01:00:56 UTC (rev 25208)
+++ trunk/src/lib/krb5/asn.1/asn1_encode.h	2011-09-19 05:34:17 UTC (rev 25209)
@@ -400,26 +400,26 @@
         &aux_seqinfo_##DESCNAME,                                \
     }
 /* Integer types.  */
-#define DEFINTTYPE(DESCNAME, CTYPENAME)                         \
-    typedef CTYPENAME aux_typedefname_##DESCNAME;               \
-    static asn1_intmax loadint_##DESCNAME(const void *p)        \
-    {                                                           \
-        assert(sizeof(CTYPENAME) <= sizeof(asn1_intmax));       \
-        return *(const aux_typedefname_##DESCNAME *)p;          \
-    }                                                           \
-    const struct atype_info krb5int_asn1type_##DESCNAME = {     \
+#define DEFINTTYPE(DESCNAME, CTYPENAME)                                 \
+    typedef CTYPENAME aux_typedefname_##DESCNAME;                       \
+    static asn1_intmax loadint_##DESCNAME(const void *p)                \
+    {                                                                   \
+        assert(sizeof(CTYPENAME) <= sizeof(asn1_intmax));               \
+        return *(const aux_typedefname_##DESCNAME *)p;                  \
+    }                                                                   \
+    const struct atype_info krb5int_asn1type_##DESCNAME = {             \
         atype_int, sizeof(CTYPENAME), 0, 0, 0, 0, 0, 0, 0, 0, 0,        \
-        loadint_##DESCNAME, 0,                                  \
+        loadint_##DESCNAME, 0,                                          \
     }
-#define DEFUINTTYPE(DESCNAME, CTYPENAME)                        \
-    typedef CTYPENAME aux_typedefname_##DESCNAME;               \
-    static asn1_uintmax loaduint_##DESCNAME(const void *p)      \
-    {                                                           \
-        assert(sizeof(CTYPENAME) <= sizeof(asn1_uintmax));      \
-        return *(const aux_typedefname_##DESCNAME *)p;          \
-    }                                                           \
-    const struct atype_info krb5int_asn1type_##DESCNAME = {     \
-        atype_uint, sizeof(CTYPENAME), 0, 0, 0, 0, 0, 0, 0, 0,  \
+#define DEFUINTTYPE(DESCNAME, CTYPENAME)                         \
+    typedef CTYPENAME aux_typedefname_##DESCNAME;                \
+    static asn1_uintmax loaduint_##DESCNAME(const void *p)       \
+    {                                                            \
+        assert(sizeof(CTYPENAME) <= sizeof(asn1_uintmax));       \
+        return *(const aux_typedefname_##DESCNAME *)p;           \
+    }                                                            \
+    const struct atype_info krb5int_asn1type_##DESCNAME = {      \
+        atype_uint, sizeof(CTYPENAME), 0, 0, 0, 0, 0, 0, 0, 0,   \
         0, 0, loaduint_##DESCNAME,                               \
     }
 /* Pointers to other types, to be encoded as those other types.  */
@@ -492,17 +492,19 @@
     typedef aux_typedefname_##BASEDESC aux_typedefname_##DESCNAME;      \
     const struct atype_info krb5int_asn1type_##DESCNAME = {             \
         atype_tagged_thing, sizeof(aux_typedefname_##DESCNAME),         \
-        0, 0, 0, &krb5int_asn1type_##BASEDESC, 0, 0, TAG, APPLICATION, CONSTRUCTED \
+        0, 0, 0, &krb5int_asn1type_##BASEDESC, 0, 0, TAG, APPLICATION,  \
+        CONSTRUCTED                                                     \
     }
 
 /**
  * An encoding wrapped in an octet string
  */
-#define DEFOCTETWRAPTYPE(DESCNAME, BASEDESC)                           \
+#define DEFOCTETWRAPTYPE(DESCNAME, BASEDESC)                            \
     typedef aux_typedefname_##BASEDESC aux_typedefname_##DESCNAME;      \
     const struct atype_info krb5int_asn1type_##DESCNAME = {             \
         atype_tagged_thing, sizeof(aux_typedefname_##DESCNAME),         \
-        0, 0, 0, &krb5int_asn1type_##BASEDESC, 0, 0, ASN1_OCTETSTRING, UNIVERSAL, PRIMITIVE \
+        0, 0, 0, &krb5int_asn1type_##BASEDESC, 0, 0, ASN1_OCTETSTRING,  \
+        UNIVERSAL, PRIMITIVE                                            \
     }
 
 /*

Modified: trunk/src/lib/krb5/asn.1/asn1_k_decode.c
===================================================================
--- trunk/src/lib/krb5/asn.1/asn1_k_decode.c	2011-09-19 01:00:56 UTC (rev 25208)
+++ trunk/src/lib/krb5/asn.1/asn1_k_decode.c	2011-09-19 05:34:17 UTC (rev 25209)
@@ -1349,8 +1349,7 @@
 }
 
 static asn1_error_code
-asn1_decode_kdf_alg_id_ptr( asn1buf *buf,
-                            krb5_octet_data **valptr)
+asn1_decode_kdf_alg_id_ptr(asn1buf *buf, krb5_octet_data **valptr)
 {
     decode_ptr(krb5_octet_data *, asn1_decode_kdf_alg_id);
 }
@@ -1733,8 +1732,8 @@
 asn1_error_code
 asn1_decode_kdf_alg_id( asn1buf *buf, krb5_octet_data *val)
 {
-        setup();
-        val->data = NULL;
+    setup();
+    val->data = NULL;
     { begin_structure();
         get_lenfield(val->length,val->data,0,asn1_decode_oid);
         end_structure();
@@ -1745,7 +1744,7 @@
     return retval;
 }
 
- asn1_error_code
+asn1_error_code
 asn1_decode_sequence_of_kdf_alg_id(asn1buf *buf,
                                    krb5_octet_data ***val)
 {

Modified: trunk/src/lib/krb5/asn.1/asn1_k_decode.h
===================================================================
--- trunk/src/lib/krb5/asn.1/asn1_k_decode.h	2011-09-19 01:00:56 UTC (rev 25208)
+++ trunk/src/lib/krb5/asn.1/asn1_k_decode.h	2011-09-19 05:34:17 UTC (rev 25209)
@@ -277,7 +277,7 @@
                                             krb5_iakerb_finished *val);
 
 asn1_error_code
-asn1_decode_kdf_alg_id( asn1buf *buf, krb5_octet_data *val);
+asn1_decode_kdf_alg_id(asn1buf *buf, krb5_octet_data *val);
 
  asn1_error_code
 asn1_decode_sequence_of_kdf_alg_id(asn1buf *buf,

Modified: trunk/src/lib/krb5/asn.1/asn1_k_decode_kdc.c
===================================================================
--- trunk/src/lib/krb5/asn.1/asn1_k_decode_kdc.c	2011-09-19 01:00:56 UTC (rev 25208)
+++ trunk/src/lib/krb5/asn.1/asn1_k_decode_kdc.c	2011-09-19 05:34:17 UTC (rev 25209)
@@ -240,7 +240,7 @@
         }
         opt_lenfield(val->clientDHNonce.length, val->clientDHNonce.data, 3, asn1_decode_octetstring);
         opt_field(val->supportedKDFs, 4, asn1_decode_sequence_of_kdf_alg_id, NULL);
-                end_structure();
+        end_structure();
     }
     return 0;
 error_out:
@@ -258,8 +258,7 @@
     }
     free(val->clientDHNonce.data);
     if (val->supportedKDFs) {
-
-        for (i=0; val->supportedKDFs[i]; i++)
+        for (i = 0; val->supportedKDFs[i]; i++)
             krb5_free_octet_data(NULL, val->supportedKDFs[i]);
         free(val->supportedKDFs);
         val->supportedKDFs = NULL;

Modified: trunk/src/lib/krb5/asn.1/asn1_k_encode.c
===================================================================
--- trunk/src/lib/krb5/asn.1/asn1_k_encode.c	2011-09-19 01:00:56 UTC (rev 25208)
+++ trunk/src/lib/krb5/asn.1/asn1_k_encode.c	2011-09-19 05:34:17 UTC (rev 25209)
@@ -1820,7 +1820,7 @@
     asn1_setup();
 
     if (val->supportedKDFs != NULL)
-        asn1_addfield( val->supportedKDFs, 4, asn1_encode_supported_kdfs);
+        asn1_addfield(val->supportedKDFs, 4, asn1_encode_supported_kdfs);
     if (val->clientDHNonce.length != 0)
         asn1_addlenfield(val->clientDHNonce.length, val->clientDHNonce.data, 3, asn1_encode_octetstring);
     if (val->supportedCMSTypes != NULL)

Modified: trunk/src/plugins/preauth/pkinit/Makefile.in
===================================================================
--- trunk/src/plugins/preauth/pkinit/Makefile.in	2011-09-19 01:00:56 UTC (rev 25208)
+++ trunk/src/plugins/preauth/pkinit/Makefile.in	2011-09-19 05:34:17 UTC (rev 25209)
@@ -30,7 +30,7 @@
 	pkinit_srv.o \
 	pkinit_lib.o \
 	pkinit_clnt.o \
-        pkinit_kdf_constants.o \
+	pkinit_kdf_constants.o \
 	pkinit_profile.o \
 	pkinit_identity.o \
 	pkinit_matching.o \
@@ -57,10 +57,10 @@
 	$(RM) pkinit_test_kdf
 
 check-unix:: pkinit_kdf_test
-	     $(RUN_SETUP) $(VALGRIND) ./pkinit_kdf_test
+	$(RUN_SETUP) $(VALGRIND) ./pkinit_kdf_test
 
 pkinit_kdf_test: pkinit_kdf_test.o $(STLIBOBJS) $(SHLIB_EXPDEPS)
-		 $(CC_LINK) -o $@ pkinit_kdf_test.o $(STLIBOBJS) $(SHLIB_EXPLIBS)
+	$(CC_LINK) -o $@ pkinit_kdf_test.o $(STLIBOBJS) $(SHLIB_EXPLIBS)
 
 @libnover_frag@
 @libobj_frag@

Modified: trunk/src/plugins/preauth/pkinit/pkinit.h
===================================================================
--- trunk/src/plugins/preauth/pkinit/pkinit.h	2011-09-19 01:00:56 UTC (rev 25208)
+++ trunk/src/plugins/preauth/pkinit/pkinit.h	2011-09-19 05:34:17 UTC (rev 25209)
@@ -219,13 +219,13 @@
  * Client's per-request context
  */
 struct _pkinit_req_context {
-  unsigned int magic;
+    unsigned int magic;
     pkinit_req_crypto_context cryptoctx;
     pkinit_req_opts *opts;
     pkinit_identity_crypto_context idctx;
     pkinit_identity_opts *idopts;
     krb5_preauthtype pa_type;
-  int rfc6112_kdc;
+    int rfc6112_kdc;
 };
 typedef struct _pkinit_req_context *pkinit_req_context;
 

Modified: trunk/src/plugins/preauth/pkinit/pkinit_clnt.c
===================================================================
--- trunk/src/plugins/preauth/pkinit/pkinit_clnt.c	2011-09-19 01:00:56 UTC (rev 25208)
+++ trunk/src/plugins/preauth/pkinit/pkinit_clnt.c	2011-09-19 05:34:17 UTC (rev 25209)
@@ -70,9 +70,9 @@
         return 0;
     if (krb5_principal_compare_any_realm(context, client,
                                          krb5_anonymous_principal()))
-                return 1;
+        return 1;
     return 0;
-    }
+}
 
 static krb5_error_code
 pkinit_as_req_create(krb5_context context, pkinit_context plgctx,
@@ -364,7 +364,7 @@
             retval = ENOMEM;
             goto cleanup;
         }
-        if (use_content_info(context, reqctx, client))
+        if (use_content_info(context, reqctx, client)) {
             retval = cms_contentinfo_create(context, plgctx->cryptoctx,
                                             reqctx->cryptoctx, reqctx->idctx,
                                             CMS_SIGN_CLIENT, (unsigned char *)
@@ -372,7 +372,7 @@
                                             coded_auth_pack->length,
                                             &req->signedAuthPack.data,
                                             &req->signedAuthPack.length);
-        else {
+        } else {
             retval = cms_signeddata_create(context, plgctx->cryptoctx,
                                            reqctx->cryptoctx, reqctx->idctx,
                                            CMS_SIGN_CLIENT, 1,
@@ -1030,7 +1030,7 @@
     case KRB5_PADATA_PKINIT_KX:
         reqctx->rfc6112_kdc = 1;
         return 0;
-            case KRB5_PADATA_PK_AS_REQ:
+    case KRB5_PADATA_PK_AS_REQ:
         pkiDebug("processing KRB5_PADATA_PK_AS_REQ\n");
         processing_request = 1;
         break;

Modified: trunk/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c
===================================================================
--- trunk/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c	2011-09-19 01:00:56 UTC (rev 25208)
+++ trunk/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c	2011-09-19 05:34:17 UTC (rev 25209)
@@ -2103,7 +2103,8 @@
                        unsigned char *key,
                        unsigned int dh_key_len,
                        krb5_keyblock *key_block)
-{   krb5_error_code retval;
+{
+    krb5_error_code retval;
     unsigned char *buf = NULL;
     unsigned char md[SHA_DIGEST_LENGTH];
     unsigned char counter;
@@ -2183,22 +2184,19 @@
         *hash_bytes = 20;
         *func = &EVP_sha1;
         return 0;
-    }
-    else if ((alg_id->length == krb5_pkinit_sha256_oid_len) &&
-             (0 == memcmp(alg_id->data, krb5_pkinit_sha256_oid,
-                          krb5_pkinit_sha256_oid_len))) {
+    } else if ((alg_id->length == krb5_pkinit_sha256_oid_len) &&
+               (0 == memcmp(alg_id->data, krb5_pkinit_sha256_oid,
+                            krb5_pkinit_sha256_oid_len))) {
         *hash_bytes = 32;
         *func = &EVP_sha256;
         return 0;
-    }
-    else if ((alg_id->length == krb5_pkinit_sha512_oid_len) &&
-             (0 == memcmp(alg_id->data, krb5_pkinit_sha512_oid,
-                          krb5_pkinit_sha512_oid_len))) {
+    } else if ((alg_id->length == krb5_pkinit_sha512_oid_len) &&
+               (0 == memcmp(alg_id->data, krb5_pkinit_sha512_oid,
+                            krb5_pkinit_sha512_oid_len))) {
         *hash_bytes = 32;
         *func = &EVP_sha512;
         return 0;
-    }
-    else {
+    } else {
         krb5_set_error_message(context, KRB5_ERR_BAD_S2K_PARAMS,
                                "Bad algorithm ID passed to PK-INIT KDF.");
         return KRB5_ERR_BAD_S2K_PARAMS;

Modified: trunk/src/plugins/preauth/pkinit/pkinit_kdf_constants.c
===================================================================
--- trunk/src/plugins/preauth/pkinit/pkinit_kdf_constants.c	2011-09-19 01:00:56 UTC (rev 25208)
+++ trunk/src/plugins/preauth/pkinit/pkinit_kdf_constants.c	2011-09-19 05:34:17 UTC (rev 25209)
@@ -1,5 +1,5 @@
 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* prototype/prototype.c */
+/* plugins/preauth/pkinit/pkinit_kdf_constants.c */
 /*
  * Copyright (C) 2011 by the Massachusetts Institute of Technology.
  * All rights reserved.

Modified: trunk/src/plugins/preauth/pkinit/pkinit_kdf_test.c
===================================================================
--- trunk/src/plugins/preauth/pkinit/pkinit_kdf_test.c	2011-09-19 01:00:56 UTC (rev 25208)
+++ trunk/src/plugins/preauth/pkinit/pkinit_kdf_test.c	2011-09-19 05:34:17 UTC (rev 25209)
@@ -1,5 +1,5 @@
 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/* prototype/prototype.c */
+/* plugins/preauth/pkinit/pkinit_kdf_test.c */
 /*
  * Copyright (C) 2011 by the Massachusetts Institute of Technology.
  * All rights reserved.
@@ -55,10 +55,10 @@
 int secret_len = 256;
 char twenty_as[10];
 char eighteen_bs[9] ;
-char party_u_name [] = "lha at SU.SE";
-char party_v_name [] = "krbtgt/SU.SE at SU.SE";
+char party_u_name[] = "lha at SU.SE";
+char party_v_name[] = "krbtgt/SU.SE at SU.SE";
 int enctype_value = 18;
-krb5_octet key_hex [] =
+krb5_octet key_hex[] =
 {0xe6, 0xAB, 0x38, 0xC9, 0x41, 0x3E, 0x03, 0x5B,
  0xB0, 0x79, 0x20, 0x1E, 0xD0, 0xB6, 0xB7, 0x3D,
  0x8D, 0x49, 0xA8, 0x14, 0xA7, 0x37, 0xC0, 0x4E,
@@ -66,8 +66,7 @@
 const krb5_data lha_data = DATA_FROM_STRING("lha");
 
 int
-main (int argc,
-      char  **argv)
+main(int argc, char **argv)
 {
     /* arguments for calls to pkinit_alg_agility_kdf() */
     krb5_context context = 0;
@@ -87,13 +86,13 @@
 
     /* initialize variables that get malloc'ed, so cleanup is safe */
     krb5_init_context (&context);
-    memset (&alg_id, 0, sizeof(alg_id));
-    memset (&as_req, 0, sizeof(as_req));
-    memset (&pk_as_rep, 0, sizeof(pk_as_rep));
-    memset (&key_block, 0, sizeof(key_block));
+    memset(&alg_id, 0, sizeof(alg_id));
+    memset(&as_req, 0, sizeof(as_req));
+    memset(&pk_as_rep, 0, sizeof(pk_as_rep));
+    memset(&key_block, 0, sizeof(key_block));
 
     /* set up algorithm id */
-    alg_id.algorithm.data = (unsigned char *) &krb5_pkinit_sha1_oid;
+    alg_id.algorithm.data = (unsigned char *)&krb5_pkinit_sha1_oid;
     alg_id.algorithm.length = krb5_pkinit_sha1_oid_len;
 
     /* set up a 256-byte, ALL-ZEROS secret */
@@ -134,7 +133,8 @@
     }
 
     /* call pkinit_alg_agility_kdf() with test vector values*/
-    if (0 != (retval = pkinit_alg_agility_kdf(context, &secret, &alg_id.algorithm,
+    if (0 != (retval = pkinit_alg_agility_kdf(context, &secret,
+                                              &alg_id.algorithm,
                                               u_principal, v_principal,
                                               enctype, &as_req, &pk_as_rep,
                                               &key_block))) {
@@ -149,20 +149,16 @@
         (0 == memcmp(key_block.contents, key_hex, key_block.length))) {
         printf("SUCCESS: Correct key value generated!");
         retval = 0;
-    }
-    else {
+    } else {
         printf("FAILURE: Incorrect key value generated!");
         retval = 1;
     }
 
 cleanup:
     /* release all allocated resources, whether good or bad return */
-    if (secret.data)
-        free(secret.data);
-    if (u_principal)
-        free(u_principal);
-    if (v_principal)
-        free(v_principal);
+    free(secret.data);
+    free(u_principal);
+    free(v_principal);
     krb5_free_keyblock_contents(context, &key_block);
     exit(retval);
 }

Modified: trunk/src/plugins/preauth/pkinit/pkinit_lib.c
===================================================================
--- trunk/src/plugins/preauth/pkinit/pkinit_lib.c	2011-09-19 01:00:56 UTC (rev 25208)
+++ trunk/src/plugins/preauth/pkinit/pkinit_lib.c	2011-09-19 05:34:17 UTC (rev 25209)
@@ -164,8 +164,7 @@
     if ((*in)->supportedCMSTypes != NULL)
         free_krb5_algorithm_identifiers(&((*in)->supportedCMSTypes));
     if ((*in)->supportedKDFs) {
-        krb5_octet_data **supportedKDFs =
-            (*in)->supportedKDFs;
+        krb5_octet_data **supportedKDFs = (*in)->supportedKDFs;
         unsigned i;
         for (i = 0; supportedKDFs[i]; i++)
             krb5_free_octet_data(NULL, supportedKDFs[i]);




More information about the cvs-krb5 mailing list