*/
#include "k5-int.h"
#include "adm.h"
+#include "adm_proto.h"
#include "com_err.h"
#include "kadm5_defs.h"
#define KEY_DEF_MAX_LIFE (2*60*60)
#define KEY_DEF_MAX_RLIFE (2*60*60)
-static const char *key_cpw_ufokey_fmt = "%s: no keys in database entry for %s.\n";
static const char *key_cpw_decerr_fmt = "%s: cannot decode keys for %s.\n";
static const char *key_add_cpw_err_fmt = "%s: cannot add entry for %s (%s).\n";
static const char *key_add_cpw_succ_fmt = "Added password changing service principal (%s).";
static const char *key_def_realm_fmt = "%s: cannot find default realm (%s).\n";
static const char *key_setup_mkey_fmt = "%s: cannot setup master key name (%s).\n";
static const char *key_get_mkey_fmt = "%s: cannot retrieve master key (%s).\n";
-static const char *key_vfy_mkey_fmt = "%s: cannot verify master key (%s).\n";
-static const char *key_proc_mkey_fmt = "%s: cannot process master key (%s).\n";
-static const char *key_kgen_initf_fmt = "%s: disabling key type %d because initialization failed (%s).\n";
static const char *key_bad_name_fmt = "%s: cannot set database name to %s (%s).\n";
static const char *key_cant_init_fmt = "%s: cannot initialize database (%s).\n";
static const char *key_vmast_key_fmt = "%s: cannot verify master key (%s).\n";
) {
madmin_entry.n_key_data =
(krb5_int16) madmin_num_keys;
- if (kret =
- krb5_db_put_principal(kcontext,
+ if ((kret = krb5_db_put_principal(kcontext,
&madmin_entry,
- &number_of_entries)) {
+ &number_of_entries))) {
fprintf(stderr,
key_add_cpw_err_fmt,
programname,
char *mkey_name;
krb5_error_code kret;
- int one_success;
int number_of_entries;
krb5_boolean more_entries;
* First, try to set up our keytab if supplied.
*/
if (kt_name) {
- if (kret = krb5_kt_resolve(kcontext, kt_name, &key_keytab)) {
+ if ((kret = krb5_kt_resolve(kcontext, kt_name, &key_keytab))) {
fprintf(stderr, key_keytab_fmt, programname,
kt_name, error_message(kret));
goto leave;
goto leave;
}
} else {
- if (kret = krb5_set_default_realm(kcontext, db_realm))
+ if ((kret = krb5_set_default_realm(kcontext, db_realm)))
goto leave;
master_realm = (char *) malloc(strlen(db_realm)+1);
if (!master_realm) {
}
/* Initialize database */
- if (kret = krb5_db_init(kcontext)) {
+ if ((kret = krb5_db_init(kcontext))) {
fprintf(stderr, key_cant_init_fmt, programname,
error_message(kret));
goto leave;
}
/* Verify the master key */
- if (kret = krb5_db_verify_master_key(kcontext,
- master_principal,
- &master_keyblock,
- &master_encblock)) {
+ if ((kret = krb5_db_verify_master_key(kcontext,
+ master_principal,
+ &master_keyblock,
+ &master_encblock))) {
fprintf(stderr, key_vmast_key_fmt, programname,
error_message(kret));
goto leave;
}
/* Do any key pre-processing */
- if (kret = krb5_process_key(kcontext,
- &master_encblock,
- &master_keyblock)) {
+ if ((kret = krb5_process_key(kcontext,
+ &master_encblock,
+ &master_keyblock))) {
fprintf(stderr, key_key_pp_fmt, programname, error_message(kret));
goto leave;
}
mrand_init = 1;
if (!kret) {
- if (key_num_ktents = nktent)
+ if ((key_num_ktents = nktent))
key_ktents = ktents;
else {
key_num_ktents = 1;
break;
case KRB5_KDB_SALTTYPE_NORMAL:
/* Normal salt */
- if (kret = krb5_principal2salt(argp->context,
- argp->dbentry->princ,
- &salt))
+ if ((kret = krb5_principal2salt(argp->context,
+ argp->dbentry->princ,
+ &salt)))
goto done;
break;
case KRB5_KDB_SALTTYPE_NOREALM:
- if (kret = krb5_principal2salt_norealm(argp->context,
- argp->dbentry->princ,
- &salt))
+ if ((kret = krb5_principal2salt_norealm(argp->context,
+ argp->dbentry->princ,
+ &salt)))
goto done;
break;
case KRB5_KDB_SALTTYPE_ONLYREALM:
{
krb5_data *xsalt;
- if (kret = krb5_copy_data(argp->context,
- krb5_princ_realm(argp->context,
- argp->dbentry->princ
- ),
- &xsalt))
+ if ((kret = krb5_copy_data(argp->context,
+ krb5_princ_realm(argp->context,
+ argp->dbentry->princ),
+ &xsalt)))
goto done;
salt.length = xsalt->length;
salt.data = xsalt->data;
}
}
else {
- if (salt.length = kdata->key_data_length[1]) {
- if (salt.data = (char *) malloc(salt.length))
+ if ((salt.length = kdata->key_data_length[1])) {
+ if ((salt.data = (char *) malloc(salt.length)))
memcpy(salt.data,
(char *) kdata->key_data_contents[1],
(size_t) salt.length);
/*
* salt contains the salt.
*/
- if (kret = krb5_string_to_key(argp->context,
- &master_encblock,
- kdata->key_data_type[0],
- &key,
- argp->string,
- &salt))
+ if ((kret = krb5_string_to_key(argp->context,
+ &master_encblock,
+ kdata->key_data_type[0],
+ &key,
+ argp->string,
+ &salt)))
goto done;
/*
did_alloc = 1;
}
if (keysalts && nkeysalts) {
- if (keys = (krb5_key_data *)
- malloc((size_t) (nkeysalts * sizeof(krb5_key_data)))) {
+ if ((keys = (krb5_key_data *)
+ malloc((size_t) (nkeysalts * sizeof(krb5_key_data))))) {
memset(keys, 0, nkeysalts * sizeof(krb5_key_data));
ksargs.context = kcontext;
ksargs.string = string;
if (did_alloc)
krb5_xfree(keysalts);
}
- done:
if (!kret) {
*nkeysp = ksargs.index;
*keysp = keys;
krb5_pointer ptr;
{
struct keysalt_iterate_args *argp;
- krb5_boolean salted;
krb5_key_data *kdata;
krb5_error_code kret;
krb5_keyblock *key;
* Determine how many and of what kind of keys to generate.
*/
if (!(kret = key_dbent_to_keysalts(dbentp, &nkeysalts, &keysalts))) {
- if (keys = (krb5_key_data *)
- malloc((size_t) (nkeysalts * sizeof(krb5_key_data)))) {
+ if ((keys = (krb5_key_data *)
+ malloc((size_t) (nkeysalts * sizeof(krb5_key_data))))) {
memset(keys, 0, nkeysalts * sizeof(krb5_key_data));
ksargs.context = kcontext;
ksargs.string = (krb5_data *) NULL;
kret = ENOMEM;
krb5_xfree(keysalts);
}
- done:
if (!kret) {
*nkeysp = ksargs.index;
*keysp = keys;
if (!(kret = krb5_dbe_create_key_data(kcontext, &loser))) {
tmpkey.enctype = inkeys[i].key_data_type[0];
tmpkey.length = inkeys[i].key_data_length[0];
- if (tmpkey.contents = (krb5_octet *) malloc((size_t)tmpkey.length))
+ if ((tmpkey.contents = (krb5_octet *) malloc((size_t)tmpkey.length)))
memcpy(tmpkey.contents,
inkeys[i].key_data_contents[0],
tmpkey.length);
else
break;
salt.type = inkeys[i].key_data_type[1];
- if (salt.data.length = inkeys[i].key_data_length[1]) {
- if (salt.data.data = (char *)
- malloc((size_t) salt.data.length))
+ if ((salt.data.length = inkeys[i].key_data_length[1])) {
+ if ((salt.data.data = (char *)
+ malloc((size_t) salt.data.length)))
memcpy(salt.data.data,
inkeys[i].key_data_contents[1],
(size_t) salt.data.length);
else
salt.data.data = (char *) NULL;
- if (kret = krb5_dbekd_encrypt_key_data(kcontext,
- &master_encblock,
- &tmpkey,
- &salt,
- (int) inkeys[i].
- key_data_kvno,
- &loser.key_data[i]))
+ if ((kret = krb5_dbekd_encrypt_key_data(kcontext,
+ &master_encblock,
+ &tmpkey,
+ &salt,
+ (int) inkeys[i].key_data_kvno,
+ &loser.key_data[i])))
break;
else
ndone++;
else
break;
}
- done:
if (kret) {
if (loser.key_data && loser.n_key_data)
key_free_key_data(loser.key_data, (krb5_int32) loser.n_key_data);
ndone = 0;
nkeys = *nkeysp;
for (i=0; i<nkeys; i++) {
- krb5_use_enctype(kcontext,
- &master_encblock,
- (krb5_enctype) inkeys[i].key_data_type[0]);
if (!(kret = krb5_dbe_create_key_data(kcontext, &loser))) {
- if (kret = krb5_dbekd_decrypt_key_data(kcontext,
- &master_encblock,
- &inkeys[i],
- &tmpkey,
- &salt))
+ if ((kret = krb5_dbekd_decrypt_key_data(kcontext,
+ &master_encblock,
+ &inkeys[i],
+ &tmpkey,
+ &salt)))
break;
loser.key_data[i].key_data_ver = KRB5_KDB_V1_KEY_DATA_ARRAY;
loser.key_data[i].key_data_type[0] = tmpkey.enctype;
else
break;
}
- done:
if (kret) {
if (loser.key_data && loser.n_key_data)
key_free_key_data(loser.key_data, (krb5_int32) loser.n_key_data);
krb5_key_salt_tuple **ksentsp;
{
krb5_error_code kret;
- int i, j;
+ int i;
krb5_int32 num;
- krb5_boolean found;
krb5_key_salt_tuple *ksp;
kret = 0;
if (dbentp->n_key_data) {
/* The hard case */
- if (ksp = (krb5_key_salt_tuple *)
- malloc(dbentp->n_key_data * sizeof(krb5_key_salt_tuple))) {
+ if ((ksp = (krb5_key_salt_tuple *)
+ malloc(dbentp->n_key_data * sizeof(krb5_key_salt_tuple)))) {
memset(ksp, 0,
dbentp->n_key_data * sizeof(krb5_key_salt_tuple));
num = 0;
}
else {
/* The easy case. */
- if (*ksentsp = (krb5_key_salt_tuple *)
- malloc(key_num_ktents * sizeof(krb5_key_salt_tuple))) {
+ if ((*ksentsp = (krb5_key_salt_tuple *)
+ malloc(key_num_ktents * sizeof(krb5_key_salt_tuple)))) {
memcpy(*ksentsp, key_ktents,
key_num_ktents * sizeof(krb5_key_salt_tuple));
*nentsp = key_num_ktents;
linked = 0;
if (!pwchg) {
/* No, allocate a new one */
- if (pwchg = (krb5_tl_data *) malloc(sizeof(krb5_tl_data))) {
+ if ((pwchg = (krb5_tl_data *) malloc(sizeof(krb5_tl_data)))) {
memset(pwchg, 0, sizeof(krb5_tl_data));
if (!(pwchg->tl_data_contents =
(krb5_octet *) malloc(sizeof(krb5_timestamp)))) {
projects / krb5.git / commitdiff