encrypted_challenge_main.c
Jeff Blaine
jblaine at kickflop.net
Wed Mar 24 10:15:16 EDT 2010
src/plugins/preauth/encrypted_challenge_main.c contains
the following (with a little different formatting than
this email shows).
Please take note of the 'retval' usage, specifically the
final 'if (retval == 0)' shown (C), which seems really poor as
it's checking on the return value of either "A" or "B" and
it doesn't know/care which.
Do I just not understand?
/* ... */
retval = get_data_proc(context, rock, /* A */
krb5plugin_preauth_client_get_etype,
&etype_data);
if (retval == 0) {
enctype = *((krb5_enctype *)etype_data->data);
if (as_key->length == 0 || as_key->enctype != enctype)
retval = gak_fct(context, request->client, /* B */
enctype, prompter, prompter_data,
salt, s2kparams,
as_key, gak_data);
}
if (padata->length) {
/* We've got padata. Try to decrypt the timestamp */
krb5_enc_data *enc = NULL;
krb5_data scratch;
scratch.length = padata->length;
scratch.data = (char *) padata->contents;
if (retval == 0) /* C */
retval = krb5_c_fx_cf2_simple(context, armor_key,
"kdcchallengearmor",
as_key, "challengelongterm",
&challenge_key);
/* ... */
More information about the krbdev
mailing list