+Thu Jun 8 16:06:44 1995 <tytso@rsx-11.mit.edu>
+
+ * compat_recv.c, auth_con.c, chk_trans.c, encrypt_tk.c,
+ gc_frm_kdc.c, gc_via_tkt.c, gen_seqnum.c, gen_subkey.c,
+ get_creds.c, get_in_tkt.c, in_tkt_ktb.c, in_tkt_pwd.c,
+ in_tkt_skey.c, init_ctx.c, kdc_rep_dc.c, mk_cred.c,
+ mk_error.c, mk_priv.c, mk_rep.c, mk_req.c, mk_req_ext.c,
+ mk_cred.c, mk_safe.c, parse.c, preauth.c, rd_cred.c,
+ rd_rep.c, rd_req.c, rd_req_dec.c, rd_safe.c, recvauth.c,
+ sendauth.c, send_tgs.c, srv_rcache.c, walk_rtree.c: Clean
+ up GCC -Wall flames.
+
Wed Jun 7 15:23:21 1995 <tytso@rsx-11.mit.edu>
* conv_princ.c (krb5_425_conv_principal): Remove old CONFIG_FILES
krb5_context context;
krb5_auth_context ** auth_context;
{
- if (*auth_context = (krb5_auth_context *)malloc(sizeof(krb5_auth_context))){
- memset(*auth_context, 0, sizeof(krb5_auth_context));
+ *auth_context = (krb5_auth_context *)malloc(sizeof(krb5_auth_context));
+ if (!*auth_context)
+ return ENOMEM;
+
+ memset(*auth_context, 0, sizeof(krb5_auth_context));
- /* Default flags, do time not seq */
- (*auth_context)->auth_context_flags =
- KRB5_AUTH_CONTEXT_DO_TIME | KRB5_AUTH_CONN_INITIALIZED;
+ /* Default flags, do time not seq */
+ (*auth_context)->auth_context_flags =
+ KRB5_AUTH_CONTEXT_DO_TIME | KRB5_AUTH_CONN_INITIALIZED;
- (*auth_context)->cksumtype = CKSUMTYPE_RSA_MD4_DES;
- /* (*auth_context)->cksumtype = CKSUMTYPE_CRC32; */
- return 0;
- }
- return ENOMEM;
+ (*auth_context)->cksumtype = CKSUMTYPE_RSA_MD4_DES;
+ /* (*auth_context)->cksumtype = CKSUMTYPE_CRC32; */
+ return 0;
}
krb5_error_code
krb5_address * tmp_addr;
if (local_addr && auth_context->local_addr) {
- if ((tmp_addr = (krb5_address *)malloc(sizeof(krb5_address))) == NULL)
+ if (!(tmp_addr = (krb5_address *)malloc(sizeof(krb5_address))))
return ENOMEM;
- if (tmp_addr->contents = malloc(auth_context->local_addr->length)) {
+ if ((tmp_addr->contents = malloc(auth_context->local_addr->length))) {
memcpy(tmp_addr->contents, auth_context->local_addr->contents,
auth_context->local_addr->length);
tmp_addr->addrtype = auth_context->local_addr->addrtype;
}
return ENOMEM;
}
- if (tmp_addr->contents = malloc(auth_context->remote_addr->length)) {
+ if ((tmp_addr->contents = malloc(auth_context->remote_addr->length))) {
memcpy(tmp_addr->contents, auth_context->remote_addr->contents,
auth_context->remote_addr->length);
tmp_addr->addrtype = auth_context->remote_addr->addrtype;
free(auth_context->remote_port);
if (local_port) {
- if ((auth_context->local_port = (krb5_address *)
- malloc(sizeof(krb5_address) + local_port->length)) == NULL) {
+ if (((auth_context->local_port = (krb5_address *)
+ malloc(sizeof(krb5_address) + local_port->length)) == NULL)) {
return ENOMEM;
}
auth_context->local_port->addrtype = local_port->addrtype;
int size = krb5_keytype_array[auth_context->keyblock->keytype]->
system->block_length;
- if (auth_context->i_vector = (krb5_pointer)malloc(size)) {
+ if ((auth_context->i_vector = (krb5_pointer)malloc(size))) {
memset(auth_context->i_vector, 0, size);
return 0;
}
trans_length = trans->data[trans->length-1] ?
trans->length : trans->length - 1;
- if (retval = krb5_walk_realm_tree(context, realm1, realm2, &tgs_list,
- KRB5_REALM_BRANCH_CHAR)) {
+ if ((retval = krb5_walk_realm_tree(context, realm1, realm2, &tgs_list,
+ KRB5_REALM_BRANCH_CHAR))) {
return(retval);
}
#include "k5-int.h"
#ifndef _MSDOS
#include <kerberosIV/krb.h>
+#include <kerberosIV/krb4-proto.h>
#include "com_err.h"
#include <errno.h>
Key_schedule schedule; /* key schedule (return) */
char *version; /* version string (filled in) */
{
- int i, cc, old_vers = 0;
- char krb_vers[KRB_SENDAUTH_VLEN + 1]; /* + 1 for the null terminator */
- char *cp;
+ int cc, old_vers = 0;
int rem;
krb5_int32 tkt_len, priv_len;
krb5_ui_4 cksum;
u_char tmp_buf[MAX_KTXT_LEN+max(KRB_SENDAUTH_VLEN+1,21)];
/* read the application version string */
- if (krb_net_read(fd, version, KRB_SENDAUTH_VLEN) !=
- KRB_SENDAUTH_VLEN)
+ if ((krb_net_read(fd, version, KRB_SENDAUTH_VLEN) !=
+ KRB_SENDAUTH_VLEN))
return(errno);
version[KRB_SENDAUTH_VLEN] = '\0';
register krb5_enc_tkt_part *dec_tkt_part = dec_ticket->enc_part2;
/* start by encoding the to-be-encrypted part. */
- if (retval = encode_krb5_enc_tkt_part(dec_tkt_part, &scratch)) {
+ if ((retval = encode_krb5_enc_tkt_part(dec_tkt_part, &scratch))) {
return retval;
}
dec_ticket->enc_part.ciphertext.data = 0;}
/* do any necessary key pre-processing */
- if (retval = krb5_process_key(context, eblock, srv_key)) {
+ if ((retval = krb5_process_key(context, eblock, srv_key))) {
goto clean_encpart;
}
#define cleanup_prockey() {(void) krb5_finish_key(context, eblock);}
/* call the encryption routine */
- if (retval = krb5_encrypt(context, (krb5_pointer) scratch->data,
- (krb5_pointer) dec_ticket->enc_part.ciphertext.data,
- scratch->length, eblock, 0)) {
+ if ((retval = krb5_encrypt(context, (krb5_pointer) scratch->data,
+ (krb5_pointer) dec_ticket->enc_part.ciphertext.data,
+ scratch->length, eblock, 0))) {
goto clean_prockey;
}
/* ticket is now assembled-- do some cleanup */
cleanup_scratch();
- if (retval = krb5_finish_key(context, eblock)) {
+ if ((retval = krb5_finish_key(context, eblock))) {
cleanup_encpart();
return retval;
}
* (the ticket may be issued by some other intermediate
* realm's KDC; so we use KRB5_TC_MATCH_SRV_NAMEONLY)
*/
- if (retval = krb5_copy_principal(context, in_cred->client, &tgtq.client))
+ if ((retval = krb5_copy_principal(context, in_cred->client, &tgtq.client)))
goto cleanup;
/* get target tgt from cache */
- if (retval = krb5_tgtname(context, krb5_princ_realm(context, in_cred->server),
- krb5_princ_realm(context, in_cred->client),
- &int_server)) {
+ if ((retval = krb5_tgtname(context, krb5_princ_realm(context, in_cred->server),
+ krb5_princ_realm(context, in_cred->client),
+ &int_server))) {
goto cleanup;
}
- if (retval = krb5_copy_principal(context, int_server, &tgtq.server)) {
+ if ((retval = krb5_copy_principal(context, int_server, &tgtq.server))) {
goto cleanup;
}
- if (retval = krb5_cc_retrieve_cred(context, ccache,
- KRB5_TC_MATCH_SRV_NAMEONLY,
- &tgtq,
- &tgt)) {
+ if ((retval = krb5_cc_retrieve_cred(context, ccache,
+ KRB5_TC_MATCH_SRV_NAMEONLY,
+ &tgtq, &tgt))) {
if (retval != KRB5_CC_NOTFOUND) {
goto cleanup;
*/
krb5_free_principal(context, int_server);
int_server = NULL;
- if (retval = krb5_tgtname(context,
- krb5_princ_realm(context, in_cred->client),
- krb5_princ_realm(context, in_cred->client),
- &int_server)) {
+ if ((retval = krb5_tgtname(context,
+ krb5_princ_realm(context, in_cred->client),
+ krb5_princ_realm(context, in_cred->client),
+ &int_server))) {
goto cleanup;
}
krb5_free_cred_contents(context, &tgtq);
memset((char *)&tgtq, 0, sizeof(tgtq));
- if(retval = krb5_copy_principal(context, in_cred->client, &tgtq.client))
+ if ((retval = krb5_copy_principal(context, in_cred->client, &tgtq.client)))
goto cleanup;
- if(retval = krb5_copy_principal(context, int_server, &tgtq.server))
+ if ((retval = krb5_copy_principal(context, int_server, &tgtq.server)))
goto cleanup;
- if (retval = krb5_cc_retrieve_cred(context, ccache,
- KRB5_TC_MATCH_SRV_NAMEONLY,
- &tgtq,
- &tgt)) {
+ if ((retval = krb5_cc_retrieve_cred(context, ccache,
+ KRB5_TC_MATCH_SRV_NAMEONLY,
+ &tgtq, &tgt))) {
goto cleanup;
}
/* get a list of realms to consult */
- if (retval = krb5_walk_realm_tree(context,
- krb5_princ_realm(context,in_cred->client),
- krb5_princ_realm(context,in_cred->server),
- &tgs_list,
- KRB5_REALM_BRANCH_CHAR)) {
+ if ((retval = krb5_walk_realm_tree(context,
+ krb5_princ_realm(context,in_cred->client),
+ krb5_princ_realm(context,in_cred->server),
+ &tgs_list,
+ KRB5_REALM_BRANCH_CHAR))) {
goto cleanup;
}
krb5_free_cred_contents(context, &tgtq);
memset(&tgtq, 0, sizeof(tgtq));
- if(retval = krb5_copy_principal(context, tgt.client, &tgtq.client))
+ if ((retval = krb5_copy_principal(context, tgt.client, &tgtq.client)))
goto cleanup;
krb5_free_principal(context, int_server);
int_server = NULL;
- if (retval = krb5_tgtname(context,
- krb5_princ_realm(context, in_cred->server),
- krb5_princ_realm(context, *top_server),
- &int_server)) {
+ if ((retval = krb5_tgtname(context,
+ krb5_princ_realm(context, in_cred->server),
+ krb5_princ_realm(context, *top_server),
+ &int_server))) {
goto cleanup;
}
- if(retval = krb5_copy_principal(context, int_server, &tgtq.server))
+ if ((retval = krb5_copy_principal(context, int_server, &tgtq.server)))
goto cleanup;
- if (retval = krb5_cc_retrieve_cred(context, ccache,
- KRB5_TC_MATCH_SRV_NAMEONLY,
- &tgtq,
- &tgt)) {
+ if ((retval = krb5_cc_retrieve_cred(context, ccache,
+ KRB5_TC_MATCH_SRV_NAMEONLY,
+ &tgtq, &tgt))) {
if (retval != KRB5_CC_NOTFOUND) {
goto cleanup;
memcpy(&tgtq.times, &tgt.times, sizeof(krb5_ticket_times));
#endif
- if (retval = krb5_copy_principal(context, tgt.client, &tgtq.client))
+ if ((retval = krb5_copy_principal(context, tgt.client, &tgtq.client)))
goto cleanup;
- if(retval = krb5_copy_principal(context, int_server, &tgtq.server))
+ if ((retval = krb5_copy_principal(context, int_server, &tgtq.server)))
goto cleanup;
tgtq.is_skey = FALSE;
tgtq.ticket_flags = tgt.ticket_flags;
etype = TGT_ETYPE;
- if (retval = krb5_get_cred_via_tkt(context, &tgt,
- FLAGS2OPTS(tgtq.ticket_flags),
- tgt.addresses, &tgtq, &tgtr)) {
+ if ((retval = krb5_get_cred_via_tkt(context, &tgt,
+ FLAGS2OPTS(tgtq.ticket_flags),
+ tgt.addresses, &tgtq, &tgtr))) {
/*
* couldn't get one so now loop backwards through the realms
next_server--) {
krb5_free_cred_contents(context, &tgtq);
memset(&tgtq, 0, sizeof(tgtq));
- if (retval = krb5_copy_principal(context, tgt.client, &tgtq.client))
+ if ((retval = krb5_copy_principal(context, tgt.client,
+ &tgtq.client)))
goto cleanup;
krb5_free_principal(context, int_server);
int_server = NULL;
- if (retval = krb5_tgtname(context,
- krb5_princ_realm(context, *next_server),
- krb5_princ_realm(context, *top_server),
- &int_server)) {
+ if ((retval = krb5_tgtname(context,
+ krb5_princ_realm(context, *next_server),
+ krb5_princ_realm(context, *top_server),
+ &int_server))) {
goto cleanup;
}
- if(retval = krb5_copy_principal(context, int_server, &tgtq.server))
+ if ((retval = krb5_copy_principal(context, int_server,
+ &tgtq.server)))
goto cleanup;
- if(retval = krb5_cc_retrieve_cred(context, ccache,
- KRB5_TC_MATCH_SRV_NAMEONLY,
- &tgtq, &tgt)) {
+ if ((retval = krb5_cc_retrieve_cred(context, ccache,
+ KRB5_TC_MATCH_SRV_NAMEONLY,
+ &tgtq, &tgt))) {
if (retval != KRB5_CC_NOTFOUND) {
goto cleanup;
}
krb5_free_cred_contents(context, &tgtq);
memset(&tgtq, 0, sizeof(tgtq));
tgtq.times = tgt.times;
- if (retval = krb5_copy_principal(context,tgt.client,&tgtq.client))
+ if ((retval = krb5_copy_principal(context, tgt.client,
+ &tgtq.client)))
goto cleanup;
- if(retval = krb5_copy_principal(context,int_server,&tgtq.server))
+ if ((retval = krb5_copy_principal(context, int_server,
+ &tgtq.server)))
goto cleanup;
tgtq.is_skey = FALSE;
tgtq.ticket_flags = tgt.ticket_flags;
etype = TGT_ETYPE;
- if (retval = krb5_get_cred_via_tkt(context, &tgt,
- FLAGS2OPTS(tgtq.ticket_flags),
- tgt.addresses, &tgtq, &tgtr)) {
+ if ((retval = krb5_get_cred_via_tkt(context, &tgt,
+ FLAGS2OPTS(tgtq.ticket_flags),
+ tgt.addresses,
+ &tgtq, &tgtr))) {
continue;
}
/* save tgt in return array */
- if (retval = krb5_copy_creds(context, tgtr, &ret_tgts[ntgts])) {
+ if ((retval = krb5_copy_creds(context, tgtr,
+ &ret_tgts[ntgts]))) {
goto cleanup;
}
krb5_free_creds(context, tgtr);
goto cleanup;
}
- if (retval = krb5_copy_creds(context, tgtr, &ret_tgts[ntgts])) {
+ if ((retval = krb5_copy_creds(context, tgtr, &ret_tgts[ntgts]))) {
goto cleanup;
}
krb5_free_creds(context, tgtr);
memset(*ppcreds, 0, sizeof(krb5_creds));
- if (retval = krb5_copy_principal(context, pkdcrep->client,
- &(*ppcreds)->client))
+ if ((retval = krb5_copy_principal(context, pkdcrep->client,
+ &(*ppcreds)->client)))
goto cleanup;
- if (retval = krb5_copy_principal(context, pkdcrep->enc_part2->server,
- &(*ppcreds)->server))
+ if ((retval = krb5_copy_principal(context, pkdcrep->enc_part2->server,
+ &(*ppcreds)->server)))
goto cleanup;
- if (retval = krb5_copy_keyblock_contents(context,
- pkdcrep->enc_part2->session,
- &(*ppcreds)->keyblock))
+ if ((retval = krb5_copy_keyblock_contents(context,
+ pkdcrep->enc_part2->session,
+ &(*ppcreds)->keyblock)))
goto cleanup;
- if (retval = krb5_copy_data(context, psectkt, &pdata))
+ if ((retval = krb5_copy_data(context, psectkt, &pdata)))
goto cleanup;
(*ppcreds)->second_ticket = *pdata;
krb5_xfree(pdata);
(*ppcreds)->is_skey = 0; /* not used */
if (pkdcrep->enc_part2->caddrs) {
- if (retval = krb5_copy_addresses(context, pkdcrep->enc_part2->caddrs,
- &(*ppcreds)->addresses))
+ if ((retval = krb5_copy_addresses(context, pkdcrep->enc_part2->caddrs,
+ &(*ppcreds)->addresses)))
goto cleanup_keyblock;
} else {
/* no addresses in the list means we got what we had */
- if (retval = krb5_copy_addresses(context, address,
- &(*ppcreds)->addresses))
+ if ((retval = krb5_copy_addresses(context, address,
+ &(*ppcreds)->addresses)))
goto cleanup_keyblock;
}
- if (retval = encode_krb5_ticket(pkdcrep->ticket, &pdata))
+ if ((retval = encode_krb5_ticket(pkdcrep->ticket, &pdata)))
goto cleanup_keyblock;
(*ppcreds)->ticket = *pdata;
}
*/
- if (retval = krb5_send_tgs(context, kdcoptions, &in_cred->times, NULL,
- in_cred->server, address, in_cred->authdata,
- 0, /* no padata */
- (kdcoptions & KDC_OPT_ENC_TKT_IN_SKEY) ?
- &in_cred->second_ticket : NULL,
- tkt, &tgsrep))
+ if ((retval = krb5_send_tgs(context, kdcoptions, &in_cred->times, NULL,
+ in_cred->server, address, in_cred->authdata,
+ 0, /* no padata */
+ (kdcoptions & KDC_OPT_ENC_TKT_IN_SKEY) ?
+ &in_cred->second_ticket : NULL,
+ tkt, &tgsrep)))
return retval;
switch (tgsrep.message_type) {
goto error_4;
}
- if (retval = krb5_decode_kdc_rep(context, &tgsrep.response, &tkt->keyblock,
- tkt->keyblock.etype, &dec_rep))
+ if ((retval = krb5_decode_kdc_rep(context, &tgsrep.response,
+ &tkt->keyblock,
+ tkt->keyblock.etype, &dec_rep)))
goto error_4;
if (dec_rep->msg_type != KRB5_TGS_REP) {
krb5_use_keytype(context, &eblock, key->keytype);
- if (retval = krb5_init_random_key(context, &eblock, key, &random_state))
+ if ((retval = krb5_init_random_key(context, &eblock, key, &random_state)))
return(retval);
- if (retval = krb5_random_key(context, &eblock, random_state, &subkey)) {
+ if ((retval = krb5_random_key(context, &eblock, random_state, &subkey))) {
(void) krb5_finish_random_key(context, &eblock, &random_state);
return retval;
}
/* ignore the error if any, since we've already gotten the key out */
- if (retval = krb5_finish_random_key(context, &eblock, &random_state)) {
+ if ((retval = krb5_finish_random_key(context, &eblock, &random_state))) {
krb5_free_keyblock(context, subkey);
return retval;
}
retval = ENOMEM;
goto cleanup;
}
- if (retval = krb5_process_key(context, &eblock, subkey)) {
+ if ((retval = krb5_process_key(context, &eblock, subkey))) {
goto cleanup;
}
- if (retval = krb5_us_timeofday(context, &timenow.seconds,
- &timenow.microseconds)) {
+ if ((retval = krb5_us_timeofday(context, &timenow.seconds,
+ &timenow.microseconds))) {
goto cleanup;
}
memcpy((char *)intmp, (char *)&timenow, sizeof(timenow));
krb5_use_keytype(context, &eblock, key->keytype);
- if (retval = krb5_init_random_key(context, &eblock, key, &random_state))
+ if ((retval = krb5_init_random_key(context, &eblock, key, &random_state)))
return(retval);
*subkey = (krb5_keyblock *)malloc(sizeof(**subkey));
if (!*subkey) {
return ENOMEM;
}
- if (retval = krb5_random_key(context, &eblock, random_state, subkey)) {
+ if ((retval = krb5_random_key(context, &eblock, random_state, subkey))) {
(void) krb5_finish_random_key(context, &eblock, &random_state);
krb5_xfree(*subkey);
return retval;
ncreds->magic = KV5M_CREDS;
/* The caller is now responsible for cleaning up in_creds */
- if (retval = krb5_cc_retrieve_cred(context,ccache,fields,&mcreds,ncreds)) {
+ if ((retval = krb5_cc_retrieve_cred(context, ccache, fields, &mcreds,
+ ncreds))) {
krb5_xfree(ncreds);
ncreds = in_creds;
} else {
if (tgts) {
register int i = 0;
while (tgts[i]) {
- if (rv2 = krb5_cc_store_cred(context, ccache, tgts[i])) {
+ if ((rv2 = krb5_cc_store_cred(context, ccache, tgts[i]))) {
retval = rv2;
break;
}
request.from = creds->times.starttime;
request.till = creds->times.endtime;
request.rtime = creds->times.renew_till;
- if (retval = krb5_timeofday(context, &time_now))
+ if ((retval = krb5_timeofday(context, &time_now)))
goto cleanup;
/* XXX we know they are the same size... */
/* now decode the reply...could be error or as_rep */
if (krb5_is_krb_error(&reply)) {
- if (retval = decode_krb5_error(&reply, &err_reply))
+ if ((retval = decode_krb5_error(&reply, &err_reply)))
/* some other error code--??? */
goto cleanup;
}
goto cleanup;
}
- if (retval = decode_krb5_as_rep(&reply, &as_reply))
+ if ((retval = decode_krb5_as_rep(&reply, &as_reply)))
/* some other error code ??? */
goto cleanup;
}
if (!use_salt) {
/* need to use flattened principal */
- if (retval = krb5_principal2salt(context, creds->client, &salt))
+ if ((retval = krb5_principal2salt(context, creds->client, &salt)))
return(retval);
f_salt = 1;
}
/* it was a kdc_rep--decrypt & check */
/* Generate the key, if we haven't done so already. */
if (!decrypt_key) {
- if (retval = (*key_proc)(context, keytype, & salt, keyseed,
- &decrypt_key))
+ if ((retval = (*key_proc)(context, keytype, & salt, keyseed,
+ &decrypt_key)))
goto cleanup;
}
- if (retval = (*decrypt_proc)(context, decrypt_key, decryptarg, as_reply))
+ if ((retval = (*decrypt_proc)(context, decrypt_key, decryptarg, as_reply)))
goto cleanup;
krb5_free_keyblock(context, decrypt_key);
/* XXX issue warning if as_reply->enc_part2->key_exp is nearby */
/* fill in the credentials */
- if (retval = krb5_copy_keyblock_contents(context,
- as_reply->enc_part2->session,
- &creds->keyblock))
+ if ((retval = krb5_copy_keyblock_contents(context,
+ as_reply->enc_part2->session,
+ &creds->keyblock)))
goto cleanup;
creds->keyblock.etype = as_reply->ticket->enc_part.etype;
creds->is_skey = FALSE; /* this is an AS_REQ, so cannot
be encrypted in skey */
creds->ticket_flags = as_reply->enc_part2->flags;
- if (retval = krb5_copy_addresses(context, as_reply->enc_part2->caddrs,
- &creds->addresses))
+ if ((retval = krb5_copy_addresses(context, as_reply->enc_part2->caddrs,
+ &creds->addresses)))
goto cred_cleanup;
creds->second_ticket.length = 0;
creds->second_ticket.data = 0;
- if (retval = encode_krb5_ticket(as_reply->ticket, &packet))
+ if ((retval = encode_krb5_ticket(as_reply->ticket, &packet)))
goto cred_cleanup;
creds->ticket = *packet;
krb5_xfree(packet);
/* store it in the ccache! */
- if (retval = krb5_cc_store_cred(context, ccache, creds))
+ if ((retval = krb5_cc_store_cred(context, ccache, creds)))
goto cred_cleanup;
if (ret_as_reply) {
if (kt_id == NULL)
/* Fetch from default keytab location */
- if (retval = krb5_kt_default(context, &kt_id))
+ if ((retval = krb5_kt_default(context, &kt_id)))
return retval;
- if (retval = krb5_kt_get_entry(context, kt_id, arg->client,
- 0, /* don't have vno available */
- type, &kt_ent))
+ if ((retval = krb5_kt_get_entry(context, kt_id, arg->client,
+ 0, /* don't have vno available */
+ type, &kt_ent)))
return retval;
- if (retval = krb5_copy_keyblock(context, &kt_ent.key, &realkey)) {
+ if ((retval = krb5_copy_keyblock(context, &kt_ent.key, &realkey))) {
(void) krb5_kt_free_entry(context, &kt_ent);
return retval;
}
password = (krb5_data *)keyseed;
if (!password->length) {
- if (retval = krb5_read_password(context, krb5_default_pwd_prompt1, 0,
- pwdbuf, &pwsize)) {
+ if ((retval = krb5_read_password(context, krb5_default_pwd_prompt1, 0,
+ pwdbuf, &pwsize))) {
return retval;
}
password->length = pwsize;
if (!(*key = (krb5_keyblock *)malloc(sizeof(**key))))
return ENOMEM;
- if (retval = krb5_string_to_key(context,&eblock,type,*key,password,salt))
+ if ((retval = krb5_string_to_key(context,&eblock,type,*key,password,salt)))
krb5_xfree(*key);
return(retval);
}
krb5_data data;
- if (data.data = (char *)password) {
+ if ((data.data = (char *)password)) {
data.length = strlen(password);
} else {
data.length = 0;
if (!valid_keytype(type))
return KRB5_PROG_ETYPE_NOSUPP;
- if (retval = krb5_copy_keyblock(context, keyblock, &realkey))
+ if ((retval = krb5_copy_keyblock(context, keyblock, &realkey)))
return retval;
if (realkey->keytype != type) {
ctx->magic = KV5M_CONTEXT;
/* Set the default encryption types, possible defined in krb5/conf */
- if (retval = krb5_set_default_in_tkt_etypes(ctx, NULL))
+ if ((retval = krb5_set_default_in_tkt_etypes(ctx, NULL)))
goto cleanup;
- if (retval = krb5_os_init_context(ctx))
+ if ((retval = krb5_os_init_context(ctx)))
goto cleanup;
}
/* Now copy the default etypes into the context pointer */
- if (new_etypes = (krb5_enctype *)malloc(sizeof(krb5_enctype) * i))
+ if ((new_etypes = (krb5_enctype *)malloc(sizeof(krb5_enctype) * i)))
memcpy(new_etypes, etypes, sizeof(krb5_enctype) * i);
else
return ENOMEM;
i = 2;
/* Should reset the list to the runtime defaults */
- if (new_etypes = (krb5_enctype *)malloc(sizeof(krb5_enctype) * i)) {
+ if ((new_etypes = (krb5_enctype *)malloc(sizeof(krb5_enctype) * i))) {
new_etypes[0] = ETYPE_DES_CBC_MD5;
new_etypes[1] = ETYPE_DES_CBC_CRC;
} else {
{
krb5_enctype * old_etypes;
- if (old_etypes = (krb5_enctype *)malloc(sizeof(krb5_enctype) *
- (context->etype_count + 1))) {
+ if ((old_etypes = (krb5_enctype *)malloc(sizeof(krb5_enctype) *
+ (context->etype_count + 1)))) {
memcpy(old_etypes, context->etypes, sizeof(krb5_enctype) *
context->etype_count);
old_etypes[context->etype_count] = 0;
krb5_use_cstype(context, &eblock, dec_rep->enc_part.etype);
/* do any necessary key pre-processing */
- if (retval = krb5_process_key(context, &eblock, key)) {
+ if ((retval = krb5_process_key(context, &eblock, key))) {
free(scratch.data);
return(retval);
}
/* call the decryption routine */
- if (retval = krb5_decrypt(context, (krb5_pointer) dec_rep->enc_part.ciphertext.data,
- (krb5_pointer) scratch.data,
- scratch.length, &eblock, 0)) {
+ if ((retval = krb5_decrypt(context, (krb5_pointer) dec_rep->enc_part.ciphertext.data,
+ (krb5_pointer) scratch.data,
+ scratch.length, &eblock, 0))) {
(void) krb5_finish_key(context, &eblock);
free(scratch.data);
return retval;
}
#define clean_scratch() {memset(scratch.data, 0, scratch.length); \
free(scratch.data);}
- if (retval = krb5_finish_key(context, &eblock)) {
+ if ((retval = krb5_finish_key(context, &eblock))) {
clean_scratch();
return retval;
}
return KRB5_PROG_ETYPE_NOSUPP;
/* start by encoding to-be-encrypted part of the message */
- if (retval = encode_krb5_enc_cred_part(pcredpart, &scratch))
+ if ((retval = encode_krb5_enc_cred_part(pcredpart, &scratch)))
return retval;
/* put together an eblock for this encryption */
}
/* do any necessary key pre-processing */
- if (retval = krb5_process_key(context, &eblock, pkeyblock)) {
+ if ((retval = krb5_process_key(context, &eblock, pkeyblock))) {
goto clean_encpart;
}
/* call the encryption routine */
- if (retval = krb5_encrypt(context, (krb5_pointer)scratch->data,
- (krb5_pointer)pencdata->ciphertext.data,
- scratch->length, &eblock, 0)) {
+ if ((retval = krb5_encrypt(context, (krb5_pointer)scratch->data,
+ (krb5_pointer)pencdata->ciphertext.data,
+ scratch->length, &eblock, 0))) {
krb5_finish_key(context, &eblock);
goto clean_encpart;
}
credenc.ticket_info[i]->times = ppcreds[i]->times;
credenc.ticket_info[i]->flags = ppcreds[i]->ticket_flags;
- if (retval = decode_krb5_ticket(&ppcreds[i]->ticket,
- &pcred->tickets[i]))
+ if ((retval = decode_krb5_ticket(&ppcreds[i]->ticket,
+ &pcred->tickets[i])))
goto cleanup_info_ptrs;
- if (retval = krb5_copy_keyblock(context, &ppcreds[i]->keyblock,
- &credenc.ticket_info[i]->session))
+ if ((retval = krb5_copy_keyblock(context, &ppcreds[i]->keyblock,
+ &credenc.ticket_info[i]->session)))
goto cleanup_info_ptrs;
- if (retval = krb5_copy_principal(context, ppcreds[i]->client,
- &credenc.ticket_info[i]->client))
+ if ((retval = krb5_copy_principal(context, ppcreds[i]->client,
+ &credenc.ticket_info[i]->client)))
goto cleanup_info_ptrs;
- if (retval = krb5_copy_principal(context, ppcreds[i]->server,
- &credenc.ticket_info[i]->server))
+ if ((retval = krb5_copy_principal(context, ppcreds[i]->server,
+ &credenc.ticket_info[i]->server)))
goto cleanup_info_ptrs;
- if (retval = krb5_copy_addresses(context, ppcreds[i]->addresses,
- &credenc.ticket_info[i]->caddrs))
+ if ((retval = krb5_copy_addresses(context, ppcreds[i]->addresses,
+ &credenc.ticket_info[i]->caddrs)))
goto cleanup_info_ptrs;
}
if ((auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_DO_TIME) ||
(auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_RET_TIME)) {
- if (retval = krb5_us_timeofday(context, &replaydata.timestamp,
- &replaydata.usec))
+ if ((retval = krb5_us_timeofday(context, &replaydata.timestamp,
+ &replaydata.usec)))
return retval;
if (auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_RET_TIME) {
outdata->timestamp = replaydata.timestamp;
}
/* Setup creds structure */
- if (retval = krb5_mk_ncred_basic(context, ppcreds, ncred, keyblock,
- &replaydata, plocal_fulladdr,
- premote_fulladdr, pcred)) {
+ if ((retval = krb5_mk_ncred_basic(context, ppcreds, ncred, keyblock,
+ &replaydata, plocal_fulladdr,
+ premote_fulladdr, pcred))) {
CLEANUP_DONE();
goto error;
}
if (auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_DO_TIME) {
krb5_donot_replay replay;
- if (retval = krb5_gen_replay_name(context, auth_context->local_addr,
- "_forw", &replay.client))
+ if ((retval = krb5_gen_replay_name(context, auth_context->local_addr,
+ "_forw", &replay.client)))
goto error;
replay.server = ""; /* XXX */
replay.cusec = replaydata.usec;
replay.ctime = replaydata.timestamp;
- if (retval = krb5_rc_store(context, auth_context->rcache, &replay)) {
+ if ((retval = krb5_rc_store(context, auth_context->rcache, &replay))) {
/* should we really error out here? XXX */
krb5_xfree(replay.client);
goto error;
ppcreds[0] = pcreds;
ppcreds[1] = NULL;
- if (retval = krb5_mk_ncred(context, auth_context, ppcreds, ppdata, outdata))
+ if ((retval = krb5_mk_ncred(context, auth_context, ppcreds,
+ ppdata, outdata)))
free(ppcreds);
return retval;
}
krb5_error_code retval;
krb5_data *new_enc_err;
- if (retval = encode_krb5_error(dec_err, &new_enc_err))
+ if ((retval = encode_krb5_error(dec_err, &new_enc_err)))
return(retval);
*enc_err = *new_enc_err;
krb5_xfree(new_enc_err);
privmsg_enc_part.seq_number = replaydata->seq;
/* start by encoding to-be-encrypted part of the message */
- if (retval = encode_krb5_enc_priv_part(&privmsg_enc_part, &scratch1))
+ if ((retval = encode_krb5_enc_priv_part(&privmsg_enc_part, &scratch1)))
return retval;
/* put together an eblock for this encryption */
}
/* do any necessary key pre-processing */
- if (retval = krb5_process_key(context, &eblock, keyblock))
+ if ((retval = krb5_process_key(context, &eblock, keyblock)))
goto clean_encpart;
/* call the encryption routine */
- if (retval = krb5_encrypt(context, (krb5_pointer) scratch1->data,
- (krb5_pointer) privmsg.enc_part.ciphertext.data,
- scratch1->length, &eblock,
- i_vector)) {
+ if ((retval = krb5_encrypt(context, (krb5_pointer) scratch1->data,
+ (krb5_pointer) privmsg.enc_part.ciphertext.data,
+ scratch1->length, &eblock, i_vector))) {
krb5_finish_key(context, &eblock);
goto clean_encpart;
}
eblock.crypto_entry->block_length),
eblock.crypto_entry->block_length);
- if (retval = encode_krb5_priv(&privmsg, &scratch2)) {
+ if ((retval = encode_krb5_priv(&privmsg, &scratch2))) {
krb5_finish_key(context, &eblock);
goto clean_encpart;
}
/* encode private message */
- if (retval = krb5_finish_key(context, &eblock))
+ if ((retval = krb5_finish_key(context, &eblock)))
goto clean_encpart;
*outbuf = *scratch2;
if ((auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_DO_TIME) ||
(auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_RET_TIME)) {
- if (retval = krb5_us_timeofday(context, &replaydata.timestamp,
- &replaydata.usec))
+ if ((retval = krb5_us_timeofday(context, &replaydata.timestamp,
+ &replaydata.usec)))
return retval;
if (auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_RET_TIME) {
outdata->timestamp = replaydata.timestamp;
}
}
- if (retval = krb5_mk_priv_basic(context, userdata, keyblock, &replaydata,
- plocal_fulladdr, premote_fulladdr,
- auth_context->i_vector, outbuf)) {
+ if ((retval = krb5_mk_priv_basic(context, userdata, keyblock, &replaydata,
+ plocal_fulladdr, premote_fulladdr,
+ auth_context->i_vector, outbuf))) {
CLEANUP_DONE();
goto error;
}
if (auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_DO_TIME) {
krb5_donot_replay replay;
- if (retval = krb5_gen_replay_name(context, auth_context->local_addr,
- "_priv", &replay.client)) {
+ if ((retval = krb5_gen_replay_name(context, auth_context->local_addr,
+ "_priv", &replay.client))) {
krb5_xfree(outbuf);
goto error;
}
replay.server = ""; /* XXX */
replay.cusec = replaydata.usec;
replay.ctime = replaydata.timestamp;
- if (retval = krb5_rc_store(context, auth_context->rcache, &replay)) {
+ if ((retval = krb5_rc_store(context, auth_context->rcache, &replay))) {
/* should we really error out here? XXX */
krb5_xfree(replay.client);
goto error;
if (((auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) ||
(auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_RET_SEQUENCE)) &&
(auth_context->local_seq_number == 0)) {
- if (retval = krb5_generate_seq_number(context, auth_context->keyblock,
- &auth_context->local_seq_number))
+ if ((retval = krb5_generate_seq_number(context, auth_context->keyblock,
+ &auth_context->local_seq_number)))
return(retval);
}
repl.seq_number = auth_context->local_seq_number;
/* encode it before encrypting */
- if (retval = encode_krb5_ap_rep_enc_part(&repl, &scratch))
+ if ((retval = encode_krb5_ap_rep_enc_part(&repl, &scratch)))
return retval;
/* put together an eblock for this encryption */
}
/* do any necessary key pre-processing */
- if (retval = krb5_process_key(context, &eblock, auth_context->keyblock))
+ if ((retval = krb5_process_key(context, &eblock, auth_context->keyblock)))
goto cleanup_encpart;
/* call the encryption routine */
- if (retval = krb5_encrypt(context, (krb5_pointer) scratch->data,
- (krb5_pointer) reply.enc_part.ciphertext.data,
- scratch->length, &eblock, 0)) {
+ if ((retval = krb5_encrypt(context, (krb5_pointer) scratch->data,
+ (krb5_pointer) reply.enc_part.ciphertext.data,
+ scratch->length, &eblock, 0))) {
krb5_finish_key(context, &eblock);
goto cleanup_encpart;
}
- if (retval = krb5_finish_key(context, &eblock))
+ if ((retval = krb5_finish_key(context, &eblock)))
goto cleanup_encpart;
if (!(retval = encode_krb5_ap_rep(&reply, &toutbuf))) {
/* obtain ticket & session key */
memset((char *)&creds, 0, sizeof(creds));
- if (retval = krb5_copy_principal(context, server, &creds.server))
+ if ((retval = krb5_copy_principal(context, server, &creds.server)))
goto cleanup_princ;
- if (retval = krb5_cc_get_principal(context, ccache, &creds.client))
+ if ((retval = krb5_cc_get_principal(context, ccache, &creds.client)))
goto cleanup_creds;
- if (retval = krb5_get_credentials(context, krb5_kdc_default_options,
- ccache, &creds, &credsp))
+ if ((retval = krb5_get_credentials(context, krb5_kdc_default_options,
+ ccache, &creds, &credsp)))
goto cleanup_creds;
retval = krb5_mk_req_extended(context, auth_context, ap_req_options,
return(KRB5_NO_TKT_SUPPLIED);
/* we need a native ticket */
- if (retval = decode_krb5_ticket(&(in_creds)->ticket, &request.ticket))
+ if ((retval = decode_krb5_ticket(&(in_creds)->ticket, &request.ticket)))
return(retval);
/* verify a valid etype is available */
/* generate auth_context if needed */
if (*auth_context == NULL) {
- if (retval = krb5_auth_con_init(context, &new_auth_context))
+ if ((retval = krb5_auth_con_init(context, &new_auth_context)))
goto cleanup;
*auth_context = new_auth_context;
}
/* set auth context keyblock */
- if (retval = krb5_copy_keyblock(context, &in_creds->keyblock,
- &((*auth_context)->keyblock)))
+ if ((retval = krb5_copy_keyblock(context, &in_creds->keyblock,
+ &((*auth_context)->keyblock))))
goto cleanup;
/* generate seq number if needed */
if ((((*auth_context)->auth_context_flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE)
|| ((*auth_context)->auth_context_flags & KRB5_AUTH_CONTEXT_RET_SEQUENCE))
&& ((*auth_context)->local_seq_number == 0))
- if (retval = krb5_generate_seq_number(context, &in_creds->keyblock,
- &(*auth_context)->local_seq_number))
+ if ((retval = krb5_generate_seq_number(context, &in_creds->keyblock,
+ &(*auth_context)->local_seq_number)))
goto cleanup;
/* generate subkey if needed */
if ((ap_req_options & AP_OPTS_USE_SUBKEY)&&(!(*auth_context)->local_subkey))
- if (retval = krb5_generate_subkey(context, &(in_creds)->keyblock,
- &(*auth_context)->local_subkey))
+ if ((retval = krb5_generate_subkey(context, &(in_creds)->keyblock,
+ &(*auth_context)->local_subkey)))
goto cleanup;
retval = ENOMEM;
goto cleanup;
}
- if (retval = krb5_calculate_checksum(context,
- (*auth_context)->cksumtype,
- in_data->data, in_data->length,
- (*auth_context)->keyblock->contents,
- (*auth_context)->keyblock->length,
- &checksum))
+ if ((retval = krb5_calculate_checksum(context,
+ (*auth_context)->cksumtype,
+ in_data->data, in_data->length,
+ (*auth_context)->keyblock->contents,
+ (*auth_context)->keyblock->length,
+ &checksum)))
goto cleanup_cksum;
}
checksump = &checksum;
goto cleanup_cksum;
}
- if (retval = krb5_generate_authenticator(context, (*auth_context)->authentp,
- (in_creds)->client, checksump,
- (*auth_context)->local_subkey,
- (*auth_context)->local_seq_number,
- (in_creds)->authdata))
+ if ((retval = krb5_generate_authenticator(context,
+ (*auth_context)->authentp,
+ (in_creds)->client, checksump,
+ (*auth_context)->local_subkey,
+ (*auth_context)->local_seq_number,
+ (in_creds)->authdata)))
goto cleanup_cksum;
/* encode the authenticator */
- if (retval = encode_krb5_authenticator((*auth_context)->authentp, &scratch))
+ if ((retval = encode_krb5_authenticator((*auth_context)->authentp,
+ &scratch)))
goto cleanup_cksum;
/* Null out these fields, to prevent pointer sharing problems;
}
/* do any necessary key pre-processing */
- if (retval = krb5_process_key(context, &eblock, &(in_creds)->keyblock))
+ if ((retval = krb5_process_key(context, &eblock, &(in_creds)->keyblock)))
goto cleanup;
/* call the encryption routine */
- if (retval = krb5_encrypt(context, (krb5_pointer) scratch->data,
- (krb5_pointer) request.authenticator.ciphertext.data,
- scratch->length, &eblock, 0)) {
+ if ((retval = krb5_encrypt(context, (krb5_pointer) scratch->data,
+ (krb5_pointer) request.authenticator.ciphertext.data,
+ scratch->length, &eblock, 0))) {
krb5_finish_key(context, &eblock);
goto cleanup_cksum;
}
- if (retval = krb5_finish_key(context, &eblock))
+ if ((retval = krb5_finish_key(context, &eblock)))
goto cleanup_cksum;
- if (retval = encode_krb5_ap_req(&request, &toutbuf))
+ if ((retval = encode_krb5_ap_req(&request, &toutbuf)))
goto cleanup_cksum;
#ifdef HAVE_C_STRUCTURE_ASSIGNMENT
*outbuf = *toutbuf;
safemsg.checksum = &safe_checksum;
- if (retval = encode_krb5_safe(&safemsg, &scratch1))
+ if ((retval = encode_krb5_safe(&safemsg, &scratch1)))
return retval;
if (!(safe_checksum.contents =
retval = ENOMEM;
goto cleanup_scratch;
}
- if (retval = krb5_calculate_checksum(context, sumtype, scratch1->data,
- scratch1->length,
- (krb5_pointer) keyblock->contents,
- keyblock->length, &safe_checksum)) {
+ if ((retval = krb5_calculate_checksum(context, sumtype, scratch1->data,
+ scratch1->length,
+ (krb5_pointer) keyblock->contents,
+ keyblock->length, &safe_checksum))) {
goto cleanup_checksum;
}
safemsg.checksum = &safe_checksum;
- if (retval = encode_krb5_safe(&safemsg, &scratch2)) {
+ if ((retval = encode_krb5_safe(&safemsg, &scratch2))) {
goto cleanup_checksum;
}
*outbuf = *scratch2;
if ((auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_DO_TIME) ||
(auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_RET_TIME)) {
- if (retval = krb5_us_timeofday(context, &replaydata.timestamp,
- &replaydata.usec))
+ if ((retval = krb5_us_timeofday(context, &replaydata.timestamp,
+ &replaydata.usec)))
return retval;
if (auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_RET_TIME) {
outdata->timestamp = replaydata.timestamp;
}
}
- if (retval = krb5_mk_safe_basic(context, userdata, keyblock, &replaydata,
- plocal_fulladdr, premote_fulladdr,
- auth_context->cksumtype, outbuf)) {
+ if ((retval = krb5_mk_safe_basic(context, userdata, keyblock, &replaydata,
+ plocal_fulladdr, premote_fulladdr,
+ auth_context->cksumtype, outbuf))) {
CLEANUP_DONE();
goto error;
}
if (auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_DO_TIME) {
krb5_donot_replay replay;
- if (retval = krb5_gen_replay_name(context, auth_context->local_addr,
- "_safe", &replay.client)) {
+ if ((retval = krb5_gen_replay_name(context, auth_context->local_addr,
+ "_safe", &replay.client))) {
krb5_xfree(outbuf);
goto error;
}
replay.server = ""; /* XXX */
replay.cusec = replaydata.usec;
replay.ctime = replaydata.timestamp;
- if (retval = krb5_rc_store(context, auth_context->rcache, &replay)) {
+ if ((retval = krb5_rc_store(context, auth_context->rcache, &replay))) {
/* should we really error out here? XXX */
krb5_xfree(outbuf);
goto error;
* and get string sizes for the first FCOMPNUM components.
*/
size = 0;
- for (i=0,cp = name; c = *cp; cp++) {
+ for (i=0,cp = name; (c = *cp); cp++) {
if (c == QUOTECHAR) {
cp++;
if (!(c = *cp))
if (components >= FCOMPNUM) {
size = 0;
parsed_realm = NULL;
- for (i=0,cp = name; c = *cp; cp++) {
+ for (i=0,cp = name; (c = *cp); cp++) {
if (c == QUOTECHAR) {
cp++;
size++;
* allocated.
*/
q = krb5_princ_component(context, principal, 0)->data;
- for (i=0,cp = name; c = *cp; cp++) {
+ for (i=0,cp = name; (c = *cp); cp++) {
if (c == QUOTECHAR) {
cp++;
switch (c = *cp) {
scratch.data[3] = data->length;
/* Encrypt preauth data in encryption key */
- if (retval = krb5_encrypt(context, (krb5_pointer) data->contents,
- (char *) scratch.data + 4,
- data->length, &eblock, 0)) {
+ if ((retval = krb5_encrypt(context, (krb5_pointer) data->contents,
+ (char *) scratch.data + 4,
+ data->length, &eblock, 0))) {
(void) krb5_finish_key(context, &eblock);
free(scratch.data);
goto error_out;
return ENOMEM;
/* do any necessary key pre-processing */
- if (retval = krb5_process_key(context, &eblock, pkeyblock))
+ if ((retval = krb5_process_key(context, &eblock, pkeyblock)))
goto cleanup;
/* call the decryption routine */
- if (retval = krb5_decrypt(context,
- (krb5_pointer) pcred->enc_part.ciphertext.data,
- (krb5_pointer) scratch.data,
- scratch.length, &eblock, 0)) {
+ if ((retval = krb5_decrypt(context,
+ (krb5_pointer) pcred->enc_part.ciphertext.data,
+ (krb5_pointer) scratch.data,
+ scratch.length, &eblock, 0))) {
(void)krb5_finish_key(context, &eblock);
goto cleanup;
}
- if (retval = krb5_finish_key(context, &eblock))
+ if ((retval = krb5_finish_key(context, &eblock)))
goto cleanup;
/* now decode the decrypted stuff */
- if (retval = decode_krb5_enc_cred_part(&scratch, &ppart))
+ if ((retval = decode_krb5_enc_cred_part(&scratch, &ppart)))
goto cleanup_encpart;
*pcredenc = *ppart;
krb5_cred_enc_part encpart;
/* decode cred message */
- if (retval = decode_krb5_cred(pcreddata, &pcred))
+ if ((retval = decode_krb5_cred(pcreddata, &pcred)))
return retval;
- if (retval = decrypt_credencdata(context, pcred, pkeyblock, &encpart))
+ if ((retval = decrypt_credencdata(context, pcred, pkeyblock, &encpart)))
goto cleanup_cred;
if (!krb5_address_compare(context, remote_addr, encpart.s_address)) {
} else {
krb5_address **our_addrs;
- if (retval = krb5_os_localaddr(&our_addrs)) {
+ if ((retval = krb5_os_localaddr(&our_addrs))) {
goto cleanup_cred;
}
if (!krb5_address_search(context, encpart.r_address, our_addrs)) {
pinfo = encpart.ticket_info[i++];
memset(pcur, 0, sizeof(krb5_creds));
- if (retval = krb5_copy_principal(context, pinfo->client, &pcur->client))
+ if ((retval = krb5_copy_principal(context, pinfo->client,
+ &pcur->client)))
goto cleanup;
- if (retval = krb5_copy_principal(context, pinfo->server, &pcur->server))
+ if ((retval = krb5_copy_principal(context, pinfo->server,
+ &pcur->server)))
goto cleanup;
- if (retval = krb5_copy_keyblock_contents(context, pinfo->session,
- &pcur->keyblock))
+ if ((retval = krb5_copy_keyblock_contents(context, pinfo->session,
+ &pcur->keyblock)))
goto cleanup;
- if (retval = krb5_copy_addresses(context, pinfo->caddrs,
- &pcur->addresses))
+ if ((retval = krb5_copy_addresses(context, pinfo->caddrs,
+ &pcur->addresses)))
goto cleanup;
- if (retval = encode_krb5_ticket(pcred->tickets[i - 1], &pdata))
+ if ((retval = encode_krb5_ticket(pcred->tickets[i - 1], &pdata)))
goto cleanup;
pcur->ticket = *pdata;
}
}
- if (retval = krb5_rd_cred_basic(context, pcreddata, keyblock,
- plocal_fulladdr, premote_fulladdr,
- &replaydata, pppcreds)) {
+ if ((retval = krb5_rd_cred_basic(context, pcreddata, keyblock,
+ plocal_fulladdr, premote_fulladdr,
+ &replaydata, pppcreds))) {
CLEANUP_DONE();
return retval;
}
krb5_donot_replay replay;
krb5_timestamp currenttime;
- if (retval = krb5_timeofday(context, ¤ttime))
+ if ((retval = krb5_timeofday(context, ¤ttime)))
goto error;
if (!in_clock_skew(replaydata.timestamp)) {
goto error;
}
- if (retval = krb5_gen_replay_name(context, auth_context->remote_addr,
- "_forw", &replay.client))
+ if ((retval = krb5_gen_replay_name(context, auth_context->remote_addr,
+ "_forw", &replay.client)))
goto error;
replay.server = ""; /* XXX */
replay.cusec = replaydata.usec;
replay.ctime = replaydata.timestamp;
- if (retval = krb5_rc_store(context, auth_context->rcache, &replay)) {
+ if ((retval = krb5_rc_store(context, auth_context->rcache, &replay))) {
krb5_xfree(replay.client);
goto error;
}
return KRB5KRB_AP_ERR_MSG_TYPE;
/* decode private message */
- if (retval = decode_krb5_priv(inbuf, &privmsg))
+ if ((retval = decode_krb5_priv(inbuf, &privmsg)))
return retval;
if (!valid_etype(privmsg->enc_part.etype)) {
}
/* do any necessary key pre-processing */
- if (retval = krb5_process_key(context, &eblock, keyblock))
+ if ((retval = krb5_process_key(context, &eblock, keyblock)))
goto cleanup_scratch;
/* call the decryption routine */
- if (retval = krb5_decrypt(context,
- (krb5_pointer) privmsg->enc_part.ciphertext.data,
- (krb5_pointer) scratch.data,
- scratch.length, &eblock, i_vector)) {
+ if ((retval = krb5_decrypt(context,
+ (krb5_pointer) privmsg->enc_part.ciphertext.data,
+ (krb5_pointer) scratch.data,
+ scratch.length, &eblock, i_vector))) {
krb5_finish_key(context, &eblock);
goto cleanup_scratch;
}
eblock.crypto_entry->block_length),
eblock.crypto_entry->block_length);
- if (retval = krb5_finish_key(context, &eblock))
+ if ((retval = krb5_finish_key(context, &eblock)))
goto cleanup_scratch;
/* now decode the decrypted stuff */
- if (retval = decode_krb5_enc_priv_part(&scratch, &privmsg_enc_part))
+ if ((retval = decode_krb5_enc_priv_part(&scratch, &privmsg_enc_part)))
goto cleanup_scratch;
if (!krb5_address_compare(context,remote_addr,privmsg_enc_part->s_address)){
} else {
krb5_address **our_addrs;
- if (retval = krb5_os_localaddr(&our_addrs)) {
+ if ((retval = krb5_os_localaddr(&our_addrs))) {
goto cleanup_data;
}
if (!krb5_address_search(context, privmsg_enc_part->r_address,
}
}
- if (retval = krb5_rd_priv_basic(context, inbuf, keyblock, plocal_fulladdr,
- premote_fulladdr, auth_context->i_vector,
- &replaydata, outbuf)) {
+ if ((retval = krb5_rd_priv_basic(context, inbuf, keyblock,
+ plocal_fulladdr,
+ premote_fulladdr,
+ auth_context->i_vector,
+ &replaydata, outbuf))) {
CLEANUP_DONE();
return retval;
}
krb5_donot_replay replay;
krb5_timestamp currenttime;
- if (retval = krb5_timeofday(context, ¤ttime))
+ if ((retval = krb5_timeofday(context, ¤ttime)))
goto error;
if (!in_clock_skew(replaydata.timestamp)) {
goto error;
}
- if (retval = krb5_gen_replay_name(context, auth_context->remote_addr,
- "_priv", &replay.client))
+ if ((retval = krb5_gen_replay_name(context, auth_context->remote_addr,
+ "_priv", &replay.client)))
goto error;
replay.server = ""; /* XXX */
replay.cusec = replaydata.usec;
replay.ctime = replaydata.timestamp;
- if (retval = krb5_rc_store(context, auth_context->rcache, &replay)) {
+ if ((retval = krb5_rc_store(context, auth_context->rcache, &replay))) {
krb5_xfree(replay.client);
goto error;
}
/* decode it */
- if (retval = decode_krb5_ap_rep(inbuf, &reply))
+ if ((retval = decode_krb5_ap_rep(inbuf, &reply)))
return retval;
/* put together an eblock for this encryption */
}
/* do any necessary key pre-processing */
- if (retval = krb5_process_key(context, &eblock, auth_context->keyblock)) {
+ if ((retval = krb5_process_key(context, &eblock,
+ auth_context->keyblock))) {
goto errout;
}
/* call the encryption routine */
- if (retval = krb5_decrypt(context,
- (krb5_pointer) reply->enc_part.ciphertext.data,
- (krb5_pointer) scratch.data,
- scratch.length, &eblock, 0)) {
+ if ((retval = krb5_decrypt(context,
+ (krb5_pointer) reply->enc_part.ciphertext.data,
+ (krb5_pointer) scratch.data,
+ scratch.length, &eblock, 0))) {
(void) krb5_finish_key(context, &eblock);
goto errout;
}
/* finished with the top-level encoding of the ap_rep */
- if (retval = krb5_finish_key(context, &eblock))
+ if ((retval = krb5_finish_key(context, &eblock)))
goto clean_scratch;
/* now decode the decrypted stuff */
if (!krb5_is_ap_req(inbuf))
return KRB5KRB_AP_ERR_MSG_TYPE;
- if (retval = decode_krb5_ap_req(inbuf, &request)) {
+ if ((retval = decode_krb5_ap_req(inbuf, &request))) {
switch (retval) {
case KRB5_BADMSGTYPE:
return KRB5KRB_AP_ERR_BADVERSION;
/* Get an auth context if necessary. */
new_auth_context = NULL;
if (*auth_context == NULL) {
- if (retval = krb5_auth_con_init(context, &new_auth_context))
+ if ((retval = krb5_auth_con_init(context, &new_auth_context)))
goto cleanup_request;
*auth_context = new_auth_context;
}
/* Get an rcache if necessary. */
if (((*auth_context)->rcache == NULL) && server) {
- if (retval = krb5_get_server_rcache(context,
- krb5_princ_component(context,server,0), &(*auth_context)->rcache))
+ if ((retval = krb5_get_server_rcache(context,
+ krb5_princ_component(context,server,0), &(*auth_context)->rcache)))
goto cleanup_auth_context;
}
/* Get a keytab if necessary. */
if (keytab == NULL) {
- if (retval = krb5_kt_default(context, &new_keytab))
+ if ((retval = krb5_kt_default(context, &new_keytab)))
goto cleanup_auth_context;
keytab = new_keytab;
}
*/
keytype = krb5_csarray[req->ticket->enc_part.etype]->system->proto_keytype;
- if (retval = krb5_kt_get_entry(context, keytab, req->ticket->server,
- req->ticket->enc_part.kvno, keytype, &ktent))
+ if ((retval = krb5_kt_get_entry(context, keytab, req->ticket->server,
+ req->ticket->enc_part.kvno,
+ keytype, &ktent)))
return retval;
- if (retval = krb5_decrypt_tkt_part(context, &ktent.key, req->ticket))
+ if ((retval = krb5_decrypt_tkt_part(context, &ktent.key, req->ticket)))
return retval;
(void) krb5_kt_free_entry(context, &ktent);
/* decrypt the ticket */
if ((*auth_context)->keyblock) { /* User to User authentication */
- if (retval = krb5_decrypt_tkt_part(context, (*auth_context)->keyblock,
- req->ticket))
+ if ((retval = krb5_decrypt_tkt_part(context, (*auth_context)->keyblock,
+ req->ticket)))
return retval;
krb5_free_keyblock(context, (*auth_context)->keyblock);
(*auth_context)->keyblock = NULL;
} else {
- if (retval = krb5_rd_req_decrypt_tkt_part(context, req, keytab))
+ if ((retval = krb5_rd_req_decrypt_tkt_part(context, req, keytab)))
return retval;
}
- if (retval = decrypt_authenticator(context, req,
- &((*auth_context)->authentp)))
+ if ((retval = decrypt_authenticator(context, req,
+ &((*auth_context)->authentp))))
goto cleanup;
if (!krb5_principal_compare(context, (*auth_context)->authentp->client,
}
if (ticket)
- if (retval = krb5_copy_ticket(context, req->ticket, ticket))
+ if ((retval = krb5_copy_ticket(context, req->ticket, ticket)))
goto cleanup;
if (ap_req_options)
*ap_req_options = req->ap_options;
return(ENOMEM);
/* do any necessary key pre-processing */
- if (retval = krb5_process_key(context, &eblock, sesskey)) {
+ if ((retval = krb5_process_key(context, &eblock, sesskey))) {
free(scratch.data);
return(retval);
}
/* call the encryption routine */
- if (retval = krb5_decrypt(context,
- (krb5_pointer)request->authenticator.ciphertext.data,
- (krb5_pointer)scratch.data,
- scratch.length, &eblock, 0)) {
+ if ((retval = krb5_decrypt(context,
+ (krb5_pointer)request->authenticator.ciphertext.data,
+ (krb5_pointer)scratch.data,
+ scratch.length, &eblock, 0))) {
(void) krb5_finish_key(context, &eblock);
free(scratch.data);
return retval;
}
#define clean_scratch() {memset(scratch.data, 0, scratch.length); \
free(scratch.data);}
- if (retval = krb5_finish_key(context, &eblock)) {
+ if ((retval = krb5_finish_key(context, &eblock))) {
clean_scratch();
return retval;
if (!krb5_is_krb_safe(inbuf))
return KRB5KRB_AP_ERR_MSG_TYPE;
- if (retval = decode_krb5_safe(inbuf, &message))
+ if ((retval = decode_krb5_safe(inbuf, &message)))
return retval;
if (!valid_cksumtype(message->checksum->checksum_type)) {
} else {
krb5_address **our_addrs;
- if (retval = krb5_os_localaddr( &our_addrs))
+ if ((retval = krb5_os_localaddr( &our_addrs)))
goto cleanup;
if (!krb5_address_search(context, message->r_address, our_addrs)) {
message->checksum = &our_cksum;
- if (retval = encode_krb5_safe(message, &scratch))
+ if ((retval = encode_krb5_safe(message, &scratch)))
goto cleanup;
message->checksum = his_cksum;
}
}
- if (retval = krb5_rd_safe_basic(context, inbuf, keyblock, plocal_fulladdr,
- premote_fulladdr, &replaydata, outbuf)) {
+ if ((retval = krb5_rd_safe_basic(context, inbuf, keyblock,
+ plocal_fulladdr, premote_fulladdr,
+ &replaydata, outbuf))) {
CLEANUP_DONE();
return retval;
}
krb5_donot_replay replay;
krb5_timestamp currenttime;
- if (retval = krb5_timeofday(context, ¤ttime))
+ if ((retval = krb5_timeofday(context, ¤ttime)))
goto error;
if (!in_clock_skew(replaydata.timestamp)) {
goto error;
}
- if (retval = krb5_gen_replay_name(context, auth_context->remote_addr,
- "_safe", &replay.client))
+ if ((retval = krb5_gen_replay_name(context, auth_context->remote_addr,
+ "_safe", &replay.client)))
goto error;
replay.server = ""; /* XXX */
replay.cusec = replaydata.usec;
replay.ctime = replaydata.timestamp;
- if (retval = krb5_rc_store(context, auth_context->rcache, &replay)) {
+ if ((retval = krb5_rc_store(context, auth_context->rcache, &replay))) {
krb5_xfree(replay.client);
goto error;
}
/*
* First read the sendauth version string and check it.
*/
- if (retval = krb5_read_message(context, fd, &inbuf))
+ if ((retval = krb5_read_message(context, fd, &inbuf)))
return(retval);
if (strcmp(inbuf.data, sendauth_version)) {
krb5_xfree(inbuf.data);
/*
* Do the same thing for the application version string.
*/
- if (retval = krb5_read_message(context, fd, &inbuf))
+ if ((retval = krb5_read_message(context, fd, &inbuf)))
return(retval);
if (strcmp(inbuf.data, appl_version)) {
krb5_xfree(inbuf.data);
* If the rc_recover() didn't work, then try
* initializing the replay cache.
*/
- if (problem = krb5_rc_initialize(context, rcache, krb5_clockskew)) {
+ if ((problem = krb5_rc_initialize(context, rcache,
+ krb5_clockskew))) {
krb5_rc_close(context, rcache);
rcache = NULL;
}
/*
* Now, let's read the AP_REQ message and decode it
*/
- if (retval = krb5_read_message(context, fd, &inbuf)) {
+ if ((retval = krb5_read_message(context, fd, &inbuf))) {
if (problem) /* Return top level problem */
retval = problem;
goto cleanup;
goto cleanup;
}
strcpy(error.text.data, message);
- if (retval = krb5_mk_error(context, &error, &outbuf)) {
+ if ((retval = krb5_mk_error(context, &error, &outbuf))) {
free(error.text.data);
goto cleanup;
}
/* Here lies the mutual authentication stuff... */
if ((ap_option & AP_OPTS_MUTUAL_REQUIRED)) {
- if (retval = krb5_mk_rep(context, *auth_context, &outbuf)) {
+ if ((retval = krb5_mk_rep(context, *auth_context, &outbuf))) {
return(retval);
}
retval = krb5_write_message(context, fd, &outbuf);
malloc(krb5_checksum_size(context, krb5_kdc_req_sumtype))) == NULL)
return(ENOMEM);
- if (retval = krb5_calculate_checksum(context, krb5_kdc_req_sumtype,
- in_data->data, in_data->length,
- (krb5_pointer) in_cred->keyblock.contents,
- in_cred->keyblock.length, &checksum)) {
+ if ((retval = krb5_calculate_checksum(context, krb5_kdc_req_sumtype,
+ in_data->data, in_data->length,
+ (krb5_pointer) in_cred->keyblock.contents,
+ in_cred->keyblock.length,
+ &checksum))) {
free(checksum.contents);
return(retval);
}
authent.checksum = &checksum;
authent.client = in_cred->client;
authent.authorization_data = in_cred->authdata;
- if (retval = krb5_us_timeofday(context, &authent.ctime, &authent.cusec)) {
+ if ((retval = krb5_us_timeofday(context, &authent.ctime,
+ &authent.cusec))) {
free(checksum.contents);
return(retval);
}
/* encode the authenticator */
- if (retval = encode_krb5_authenticator(&authent, &scratch)) {
+ if ((retval = encode_krb5_authenticator(&authent, &scratch))) {
free(checksum.contents);
return(retval);
}
request.ap_options = 0;
request.ticket = 0;
- if (retval = decode_krb5_ticket(&(in_cred)->ticket, &request.ticket))
+ if ((retval = decode_krb5_ticket(&(in_cred)->ticket, &request.ticket)))
/* Cleanup scratch and scratch data */
goto cleanup_data;
}
/* do any necessary key pre-processing */
- if (retval = krb5_process_key(context, &eblock, &(in_cred)->keyblock))
+ if ((retval = krb5_process_key(context, &eblock, &(in_cred)->keyblock)))
goto cleanup;
/* call the encryption routine */
- if (retval=krb5_encrypt(context, (krb5_pointer) scratch->data,
- (krb5_pointer)request.authenticator.ciphertext.data,
- scratch->length, &eblock, 0)) {
+ if ((retval=krb5_encrypt(context, (krb5_pointer) scratch->data,
+ (krb5_pointer)request.authenticator.ciphertext.data,
+ scratch->length, &eblock, 0))) {
krb5_finish_key(context, &eblock);
goto cleanup;
}
- if (retval = krb5_finish_key(context, &eblock))
+ if ((retval = krb5_finish_key(context, &eblock)))
goto cleanup;
retval = encode_krb5_ap_req(&request, &toutbuf);
tgsreq.from = timestruct->starttime;
tgsreq.till = timestruct->endtime;
tgsreq.rtime = timestruct->renew_till;
- if (retval = krb5_timeofday(context, &time_now))
+ if ((retval = krb5_timeofday(context, &time_now)))
return(retval);
/* XXX we know they are the same size... */
tgsreq.nonce = (krb5_int32) time_now;
/* need to encrypt it in the request */
krb5_encrypt_block eblock;
- if (retval = encode_krb5_authdata((const krb5_authdata**)authorization_data,
- &scratch))
+ if ((retval = encode_krb5_authdata((const krb5_authdata**)authorization_data,
+ &scratch)))
return(retval);
krb5_use_cstype(context, &eblock, in_cred->keyblock.etype);
tgsreq.authorization_data.etype = in_cred->keyblock.etype;
krb5_free_data(context, scratch);
return ENOMEM;
}
- if (retval = krb5_process_key(context, &eblock, &in_cred->keyblock)) {
+ if ((retval = krb5_process_key(context, &eblock,
+ &in_cred->keyblock))) {
krb5_free_data(context, scratch);
return retval;
}
/* call the encryption routine */
- if (retval = krb5_encrypt(context, (krb5_pointer) scratch->data,
- (krb5_pointer) tgsreq.authorization_data.ciphertext.data,
- scratch->length, &eblock, 0)) {
+ if ((retval = krb5_encrypt(context, (krb5_pointer) scratch->data,
+ (krb5_pointer) tgsreq.authorization_data.ciphertext.data,
+ scratch->length, &eblock, 0))) {
(void) krb5_finish_key(context, &eblock);
krb5_xfree(tgsreq.authorization_data.ciphertext.data);
krb5_free_data(context, scratch);
return retval;
}
krb5_free_data(context, scratch);
- if (retval = krb5_finish_key(context, &eblock)) {
+ if ((retval = krb5_finish_key(context, &eblock))) {
krb5_xfree(tgsreq.authorization_data.ciphertext.data);
return retval;
}
}
if (second_ticket) {
- if (retval = decode_krb5_ticket(second_ticket, &sec_ticket))
+ if ((retval = decode_krb5_ticket(second_ticket, &sec_ticket)))
goto send_tgs_error_1;
sec_ticket_arr[0] = sec_ticket;
sec_ticket_arr[1] = 0;
tgsreq.second_ticket = 0;
/* encode the body; then checksum it */
- if (retval = encode_krb5_kdc_req_body(&tgsreq, &scratch))
+ if ((retval = encode_krb5_kdc_req_body(&tgsreq, &scratch)))
goto send_tgs_error_2;
/*
* Get an ap_req.
*/
- if (retval = krb5_send_tgs_basic(context, scratch, in_cred, &scratch2)) {
+ if ((retval = krb5_send_tgs_basic(context, scratch, in_cred, &scratch2))) {
krb5_free_data(context, scratch);
goto send_tgs_error_2;
}
tgsreq.padata = combined_padata;
/* the TGS_REQ is assembled in tgsreq, so encode it */
- if (retval = encode_krb5_tgs_req(&tgsreq, &scratch)) {
+ if ((retval = encode_krb5_tgs_req(&tgsreq, &scratch))) {
krb5_xfree(ap_req_padata.contents);
krb5_xfree(combined_padata);
goto send_tgs_error_2;
*/
outbuf.length = strlen(sendauth_version) + 1;
outbuf.data = sendauth_version;
- if (retval = krb5_write_message(context, fd, &outbuf))
+ if ((retval = krb5_write_message(context, fd, &outbuf)))
return(retval);
outbuf.length = strlen(appl_version) + 1;
outbuf.data = appl_version;
- if (retval = krb5_write_message(context, fd, &outbuf))
+ if ((retval = krb5_write_message(context, fd, &outbuf)))
return(retval);
/*
* Now, read back a byte: 0 means no error, 1 means bad sendauth
if (!in_creds || !in_creds->ticket.length) {
if (ccache)
use_ccache = ccache;
- else if (retval = krb5_cc_default(context, &use_ccache))
+ else if ((retval = krb5_cc_default(context, &use_ccache)))
goto error_return;
}
if (!in_creds) {
- if (retval = krb5_copy_principal(context, server, &creds.server))
+ if ((retval = krb5_copy_principal(context, server,
+ &creds.server)))
goto error_return;
if (client)
retval = krb5_copy_principal(context, client,
in_creds = &creds;
}
if (!in_creds->ticket.length) {
- if (retval = krb5_get_credentials(context, kdc_options, use_ccache,
- in_creds, &credsp))
+ if ((retval = krb5_get_credentials(context, kdc_options,
+ use_ccache, in_creds, &credsp)))
goto error_return;
credspout = credsp;
} else {
credsp = in_creds;
}
- if (retval = krb5_mk_req_extended(context, auth_context, ap_req_options,
- in_data, credsp, &outbuf))
+ if ((retval = krb5_mk_req_extended(context, auth_context, ap_req_options,
+ in_data, credsp, &outbuf)))
goto error_return;
/*
* authentication was rejected, and we need to return the
* error structure.
*/
- if (retval = krb5_read_message(context, fd, &inbuf))
+ if ((retval = krb5_read_message(context, fd, &inbuf)))
goto error_return;
if (inbuf.length) {
if (error) {
- if (retval = krb5_rd_error(context, &inbuf, error)) {
+ if ((retval = krb5_rd_error(context, &inbuf, error))) {
krb5_xfree(inbuf.data);
goto error_return;
}
if ((ap_req_options & AP_OPTS_MUTUAL_REQUIRED)) {
krb5_ap_rep_enc_part *repl = 0;
- if (retval = krb5_read_message(context, fd, &inbuf))
+ if ((retval = krb5_read_message(context, fd, &inbuf)))
goto error_return;
- if (retval = krb5_rd_rep(context, *auth_context, &inbuf, &repl)) {
+ if ((retval = krb5_rd_rep(context, *auth_context, &inbuf,
+ &repl))) {
if (repl)
krb5_free_ap_rep_enc_part(context, repl);
krb5_xfree(inbuf.data);
}
cachename[p++] = '\0';
- if (retval = krb5_rc_resolve(context, rcache, cachename))
+ if ((retval = krb5_rc_resolve(context, rcache, cachename)))
goto cleanup;
/*
* initialize it.
*/
if (krb5_rc_recover(context, rcache)) {
- if (retval = krb5_rc_initialize(context, rcache, krb5_clockskew)) {
+ if ((retval = krb5_rc_initialize(context, rcache, krb5_clockskew))) {
krb5_rc_close(context, rcache);
rcache = 0;
goto cleanup;
return ENOMEM;
}
i = 1;
- if (retval = krb5_tgtname(context, client,
- client, &rettree[0])) {
+ if ((retval = krb5_tgtname(context, client, client, &rettree[0]))) {
krb5_xfree(rettree);
return retval;
}
tmpsrealm.data = ccp;
tmpsrealm.length = client->length -
(ccp - client->data);
- if (retval = krb5_tgtname(context, &tmpsrealm, &tmpcrealm, &rettree[i])) {
+ if ((retval = krb5_tgtname(context, &tmpsrealm, &tmpcrealm,
+ &rettree[i]))) {
while (i) {
krb5_free_principal(context, rettree[i-1]);
i--;
tmpsrealm.data = com_sdot + 1;
tmpsrealm.length = server->length -
(com_sdot + 1 - server->data);
- if (retval = krb5_tgtname(context, &tmpsrealm, &tmpcrealm, &rettree[i])) {
+ if ((retval = krb5_tgtname(context, &tmpsrealm, &tmpcrealm,
+ &rettree[i]))) {
while (i) {
krb5_free_principal(context, rettree[i-1]);
i--;
tmpsrealm.data = scp + 1;
tmpsrealm.length = server->length -
(scp + 1 - server->data);
- if (retval = krb5_tgtname(context, &tmpsrealm, &tmpcrealm, &rettree[i])) {
+ if ((retval = krb5_tgtname(context, &tmpsrealm, &tmpcrealm,
+ &rettree[i]))) {
while (i) {
krb5_free_principal(context, rettree[i-1]);
i--;
tmpcrealm.data = prevscp;
tmpcrealm.length = server->length -
(prevscp - server->data);
- if (retval = krb5_tgtname(context, server, &tmpcrealm,
- &rettree[i])) {
+ if ((retval = krb5_tgtname(context, server, &tmpcrealm,
+ &rettree[i]))) {
while (i) {
krb5_free_principal(context, rettree[i-1]);
i--;
projects / krb5.git / commitdiff