Mark and reindent lib/gssapi, with some exceptions
authorTom Yu <tlyu@mit.edu>
Tue, 8 Dec 2009 00:04:48 +0000 (00:04 +0000)
committerTom Yu <tlyu@mit.edu>
Tue, 8 Dec 2009 00:04:48 +0000 (00:04 +0000)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23457 dc483132-0cff-0310-8789-dd5450dbe970

65 files changed:
src/Makefile.in
src/lib/gssapi/generic/disp_com_err_status.c
src/lib/gssapi/generic/disp_major_status.c
src/lib/gssapi/generic/gssapi_generic.c
src/lib/gssapi/generic/gssapi_generic.h
src/lib/gssapi/generic/maptest.c
src/lib/gssapi/generic/rel_buffer.c
src/lib/gssapi/generic/rel_oid_set.c
src/lib/gssapi/generic/util_buffer.c
src/lib/gssapi/generic/util_canonhost.c
src/lib/gssapi/generic/util_errmap.c
src/lib/gssapi/generic/util_localhost.c
src/lib/gssapi/generic/util_ordering.c
src/lib/gssapi/generic/util_set.c
src/lib/gssapi/generic/util_token.c
src/lib/gssapi/generic/util_validate.c
src/lib/gssapi/generic/utl_nohash_validate.c
src/lib/gssapi/krb5/accept_sec_context.c
src/lib/gssapi/krb5/acquire_cred.c
src/lib/gssapi/krb5/add_cred.c
src/lib/gssapi/krb5/canon_name.c
src/lib/gssapi/krb5/compare_name.c
src/lib/gssapi/krb5/context_time.c
src/lib/gssapi/krb5/copy_ccache.c
src/lib/gssapi/krb5/delete_sec_context.c
src/lib/gssapi/krb5/disp_name.c
src/lib/gssapi/krb5/disp_status.c
src/lib/gssapi/krb5/duplicate_name.c
src/lib/gssapi/krb5/export_name.c
src/lib/gssapi/krb5/export_sec_context.c
src/lib/gssapi/krb5/get_tkt_flags.c
src/lib/gssapi/krb5/gssapi_krb5.c
src/lib/gssapi/krb5/import_name.c
src/lib/gssapi/krb5/import_sec_context.c
src/lib/gssapi/krb5/indicate_mechs.c
src/lib/gssapi/krb5/init_sec_context.c
src/lib/gssapi/krb5/inq_context.c
src/lib/gssapi/krb5/inq_cred.c
src/lib/gssapi/krb5/inq_names.c
src/lib/gssapi/krb5/k5seal.c
src/lib/gssapi/krb5/k5sealiov.c
src/lib/gssapi/krb5/k5sealv3.c
src/lib/gssapi/krb5/k5sealv3iov.c
src/lib/gssapi/krb5/k5unseal.c
src/lib/gssapi/krb5/k5unsealiov.c
src/lib/gssapi/krb5/lucid_context.c
src/lib/gssapi/krb5/naming_exts.c
src/lib/gssapi/krb5/process_context_token.c
src/lib/gssapi/krb5/rel_cred.c
src/lib/gssapi/krb5/rel_name.c
src/lib/gssapi/krb5/rel_oid.c
src/lib/gssapi/krb5/s4u_gss_glue.c
src/lib/gssapi/krb5/seal.c
src/lib/gssapi/krb5/ser_sctx.c
src/lib/gssapi/krb5/set_allowable_enctypes.c
src/lib/gssapi/krb5/set_ccache.c
src/lib/gssapi/krb5/sign.c
src/lib/gssapi/krb5/unseal.c
src/lib/gssapi/krb5/util_cksum.c
src/lib/gssapi/krb5/util_crypt.c
src/lib/gssapi/krb5/util_seed.c
src/lib/gssapi/krb5/util_seqnum.c
src/lib/gssapi/krb5/val_cred.c
src/lib/gssapi/krb5/verify.c
src/lib/gssapi/krb5/wrap_size_limit.c

index fc3364b549771f9562f9158b6e3b1aa669781b53..5818aa82d3ac98c04dc78b8abd3380d10c535f14 100644 (file)
@@ -666,6 +666,7 @@ INDENTDIRS = \
        kdc \
        lib/apputils \
        lib/crypto \
+       lib/gssapi \
        lib/kadm5 \
        lib/kdb \
        lib/krb5 \
@@ -700,6 +701,11 @@ OTHEREXCLUDES = \
        include/gssrpc \
        lib/apputils/dummy.c \
        lib/crypto/builtin/aes \
+       lib/gssapi/generic/gssapiP_generic.h \
+       lib/gssapi/generic/gssapi_ext.h \
+       lib/gssapi/krb5/gssapiP_krb5.h \
+       lib/gssapi/mechglue \
+       lib/gssapi/spnego \
        lib/krb5/krb/deltat.c \
        lib/krb5/unicode \
        plugins/kdb/db2/libdb2 \
index d7a2e1d85c669f68e3d186ead584ab49e690f757..4c410cc468ff82cccbde2d8cc424d7c509733db5 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 1993 by OpenVision Technologies, Inc.
  *
index f9ff2814772a7adcb0cb1f5ecbee7c6ac6e743d0..5098e3abd4400111159614215d9d85b6173fb9ea 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 1993 by OpenVision Technologies, Inc.
  *
@@ -32,9 +32,9 @@
 /* This code has knowledge of the min and max errors of each type
    within the gssapi major status */
 
-#define GSS_ERROR_STR(value, array, select, min, max, num) \
-   (((select(value) < (min)) || (select(value) > (max))) ? NULL : \
-    (array)[num(value)])
+#define GSS_ERROR_STR(value, array, select, min, max, num)              \
+    (((select(value) < (min)) || (select(value) > (max))) ? NULL :      \
+     (array)[num(value)])
 
 /**/
 
@@ -47,10 +47,10 @@ static const char * const calling_error_string[] = {
 
 static const char * const calling_error = "calling error";
 
-#define GSS_CALLING_ERROR_STR(x) \
-   GSS_ERROR_STR((x), calling_error_string, GSS_CALLING_ERROR, \
-                 GSS_S_CALL_INACCESSIBLE_READ, GSS_S_CALL_BAD_STRUCTURE, \
-                 GSS_CALLING_ERROR_FIELD)
+#define GSS_CALLING_ERROR_STR(x)                                        \
+    GSS_ERROR_STR((x), calling_error_string, GSS_CALLING_ERROR,         \
+                  GSS_S_CALL_INACCESSIBLE_READ, GSS_S_CALL_BAD_STRUCTURE, \
+                  GSS_CALLING_ERROR_FIELD)
 
 /**/
 
@@ -76,10 +76,10 @@ static const char * const routine_error_string[] = {
 
 static const char * const routine_error = "routine error";
 
-#define GSS_ROUTINE_ERROR_STR(x) \
-   GSS_ERROR_STR((x), routine_error_string, GSS_ROUTINE_ERROR, \
-                 GSS_S_BAD_MECH, GSS_S_FAILURE, \
-                 GSS_ROUTINE_ERROR_FIELD)
+#define GSS_ROUTINE_ERROR_STR(x)                                \
+    GSS_ERROR_STR((x), routine_error_string, GSS_ROUTINE_ERROR, \
+                  GSS_S_BAD_MECH, GSS_S_FAILURE,                \
+                  GSS_ROUTINE_ERROR_FIELD)
 
 /**/
 
@@ -97,9 +97,9 @@ static const char * const sinfo_code = "supplementary info code";
 #define LSBGET(x) ((((x)^((x)-1))+1)>>1)
 #define LSBMASK(n) ((1<<(n))^((1<<(n))-1))
 
-#define GSS_SINFO_STR(x) \
-   ((((1<<(x)) < GSS_S_CONTINUE_NEEDED) || ((1<<(x)) > GSS_S_UNSEQ_TOKEN)) ? \
-    /**/NULL:sinfo_string[(x)])
+#define GSS_SINFO_STR(x)                                                \
+    ((((1<<(x)) < GSS_S_CONTINUE_NEEDED) || ((1<<(x)) > GSS_S_UNSEQ_TOKEN)) ? \
+     /**/NULL:sinfo_string[(x)])
 
 /**/
 
index 8b1e4def49d58e9cf0d9751c8b823efd32fc5b2a..1d77d3f815ada22db2ec31bc808fd22bb139e3ad 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 1993 by OpenVision Technologies, Inc.
  *
index c5399dc7275aa3ec0f3cfbbcf65445351eb098d8..e11f938c672b4a56139db73edfb158a1c482d81d 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 1993 by OpenVision Technologies, Inc.
  *
@@ -38,8 +38,8 @@
 #define GSSAPIGENERIC_END_DECLS
 #endif
 
-#define GSS_EMPTY_BUFFER(buf)   ((buf) == NULL ||\
-        (buf)->value == NULL || (buf)->length == 0)
+#define GSS_EMPTY_BUFFER(buf)   ((buf) == NULL ||                       \
+                                 (buf)->value == NULL || (buf)->length == 0)
 
 GSSAPIGENERIC_BEGIN_DECLS
 
index ce594218d2cc2cc34f6e7ac667dd0e63b895da20..566d88c316f15e7bb386fa5fa8cf25a8951585ce 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 #include <stdio.h>
 #include <stdarg.h>
 #include <assert.h>
index 8b35e803711d73c91b8e44844743c680f001836c..fb671236300f164059c9c25d4ff648c7abe61965 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /* #ident  "@(#)g_rel_buffer.c 1.2     96/02/06 SMI" */
 
 /*
index 137a513a0f6a29fd519de5e48eace08c304933c9..61c15cdab0faa712199aa81d16b219cd89b5ebf8 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /* #ident  "@(#)gss_release_oid_set.c 1.12     95/08/23 SMI" */
 
 /*
index b707d15fbeb24d3a861f67e8b4bda6be52999434..cd16862f6de317e0d98d6393434ceb00af11c708 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 1993 by OpenVision Technologies, Inc.
  *
index 6e953186df1f8431597b8543921ef433cc9d3136..e27d656e6bf6b57e14eb47494ef826a347b9ee40 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 1993 by OpenVision Technologies, Inc.
  *
index 2634e667b5965e4b2f59d76050eb122642a7610a..5a863b6c08f613c62a1a1c9051706af4a71b01f0 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 2007, 2008 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
index 85e0980479358eeb854afa4517ab2e4023a27eaa..7956a072260b7aa255808d797f1ed7483e7c12d6 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 1993 by OpenVision Technologies, Inc.
  *
index 274790e4e01796b55eded35c458604df679c5c22..95609a992b0f5d04140793af5ce8c923c4edc7a5 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 1993 by OpenVision Technologies, Inc.
  *
@@ -133,8 +133,8 @@ g_order_check(void **vqueue, gssint_uint64 seqnum)
     seqnum -= q->firstnum;
     /* If we're only doing 32-bit values, adjust for that again.
 
-    Note that this will probably be the wrong thing to if we get
-    2**32 messages sent with 32-bit sequence numbers.  */
+       Note that this will probably be the wrong thing to if we get
+       2**32 messages sent with 32-bit sequence numbers.  */
     seqnum &= q->mask;
 
     /* rule 1: expected sequence number */
@@ -160,16 +160,16 @@ g_order_check(void **vqueue, gssint_uint64 seqnum)
     if ((seqnum < QELEM(q,q->start)) &&
         /* Is top bit of whatever width we're using set?
 
-        We used to check for greater than or equal to firstnum, but
-        (1) we've since switched to compute values relative to
-        firstnum, so the lowest we can have is 0, and (2) the effect
-        of the original scheme was highly dependent on whether
-        firstnum was close to either side of 0.  (Consider
-        firstnum==0xFFFFFFFE and we miss three packets; the next
-        packet is *new* but would look old.)
+           We used to check for greater than or equal to firstnum, but
+           (1) we've since switched to compute values relative to
+           firstnum, so the lowest we can have is 0, and (2) the effect
+           of the original scheme was highly dependent on whether
+           firstnum was close to either side of 0.  (Consider
+           firstnum==0xFFFFFFFE and we miss three packets; the next
+           packet is *new* but would look old.)
 
-        This check should give us 2**31 or 2**63 messages "new", and
-        just as many "old".  That's not quite right either.  */
+           This check should give us 2**31 or 2**63 messages "new", and
+           just as many "old".  That's not quite right either.  */
         (seqnum & (1 + (q->mask >> 1)))
     ) {
         if (q->do_replay && !q->do_sequence)
index d437f1ea78fcdb26fd39189c8fb4a2dbe41bcb27..8866f525fbc96a2e5c8e5ae7b2e57b183a714374 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 1995 by OpenVision Technologies, Inc.
  *
index b59778836fbc1987e8863a4aca20703183ebabc4..3acbd8e6a6f5b0052a761c97814f8b9770503e06 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 1993 by OpenVision Technologies, Inc.
  *
index 00dac321c3883cb04ad578c3d5fb7ff352b23837..afb47eabfad2d0a92c8e520a6dfef309daff69bd 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 1993 by OpenVision Technologies, Inc.
  *
index d221b3722efb10a344f4173ebd345a8796f035df..066780a527cae48703f8e5c0f7e3ef8b31514bd3 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  *  Copyright 1990,1994 by the Massachusetts Institute of Technology.
  *  All Rights Reserved.
index 52cf6fadcae87fdabdeac3c44cde07e52908031c..ce3075fadd00d7eb0a097b10e2c39ed982751959 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 2000, 2004, 2007, 2008  by the Massachusetts Institute of Technology.
  * All Rights Reserved.
@@ -292,104 +292,104 @@ static OM_uint32
 kg_accept_dce(minor_status, context_handle, verifier_cred_handle,
               input_token, input_chan_bindings, src_name, mech_type,
               output_token, ret_flags, time_rec, delegated_cred_handle)
-     OM_uint32 *minor_status;
-     gss_ctx_id_t *context_handle;
-     gss_cred_id_t verifier_cred_handle;
-     gss_buffer_t input_token;
-     gss_channel_bindings_t input_chan_bindings;
-     gss_name_t *src_name;
-     gss_OID *mech_type;
-     gss_buffer_t output_token;
-     OM_uint32 *ret_flags;
-     OM_uint32 *time_rec;
-     gss_cred_id_t *delegated_cred_handle;
+    OM_uint32 *minor_status;
+    gss_ctx_id_t *context_handle;
+    gss_cred_id_t verifier_cred_handle;
+    gss_buffer_t input_token;
+    gss_channel_bindings_t input_chan_bindings;
+    gss_name_t *src_name;
+    gss_OID *mech_type;
+    gss_buffer_t output_token;
+    OM_uint32 *ret_flags;
+    OM_uint32 *time_rec;
+    gss_cred_id_t *delegated_cred_handle;
 {
-   krb5_error_code code;
-   krb5_gss_ctx_id_rec *ctx = 0;
-   krb5_timestamp now;
-   krb5_gss_name_t name = NULL;
-   krb5_ui_4 nonce = 0;
-   krb5_data ap_rep;
-   OM_uint32 major_status = GSS_S_FAILURE;
-
-   output_token->length = 0;
-   output_token->value = NULL;
-
-   if (mech_type)
-      *mech_type = GSS_C_NULL_OID;
-   /* return a bogus cred handle */
-   if (delegated_cred_handle)
-      *delegated_cred_handle = GSS_C_NO_CREDENTIAL;
-
-   ctx = (krb5_gss_ctx_id_rec *)*context_handle;
-
-   code = krb5_timeofday(ctx->k5_context, &now);
-   if (code != 0) {
-       major_status = GSS_S_FAILURE;
-       goto fail;
-   }
-
-   if (ctx->krb_times.endtime < now) {
-       code = 0;
-       major_status = GSS_S_CREDENTIALS_EXPIRED;
-       goto fail;
-   }
-
-   ap_rep.data = input_token->value;
-   ap_rep.length = input_token->length;
-
-   code = krb5_rd_rep_dce(ctx->k5_context,
-                          ctx->auth_context,
-                          &ap_rep,
-                          &nonce);
-   if (code != 0) {
-       major_status = GSS_S_FAILURE;
-       goto fail;
-   }
-
-   ctx->established = 1;
-
-   if (src_name) {
-       if ((code = kg_duplicate_name(ctx->k5_context, ctx->there,
-                                     KG_INIT_NAME_INTERN, &name))) {
-           major_status = GSS_S_FAILURE;
-           goto fail;
-       }
-      *src_name = (gss_name_t) name;
-   }
-
-   if (mech_type)
-      *mech_type = ctx->mech_used;
-
-   if (time_rec)
-      *time_rec = ctx->krb_times.endtime - now;
-
-   if (ret_flags)
-      *ret_flags = ctx->gss_flags;
-
-   /* XXX no support for delegated credentials yet */
-
-   *minor_status = 0;
-
-   return GSS_S_COMPLETE;
-
- fail:
-   /* real failure code follows */
-
-   (void) krb5_gss_delete_sec_context(minor_status, (gss_ctx_id_t *) &ctx,
-                                      NULL);
-   *context_handle = GSS_C_NO_CONTEXT;
-   *minor_status = code;
-
-   return major_status;
+    krb5_error_code code;
+    krb5_gss_ctx_id_rec *ctx = 0;
+    krb5_timestamp now;
+    krb5_gss_name_t name = NULL;
+    krb5_ui_4 nonce = 0;
+    krb5_data ap_rep;
+    OM_uint32 major_status = GSS_S_FAILURE;
+
+    output_token->length = 0;
+    output_token->value = NULL;
+
+    if (mech_type)
+        *mech_type = GSS_C_NULL_OID;
+    /* return a bogus cred handle */
+    if (delegated_cred_handle)
+        *delegated_cred_handle = GSS_C_NO_CREDENTIAL;
+
+    ctx = (krb5_gss_ctx_id_rec *)*context_handle;
+
+    code = krb5_timeofday(ctx->k5_context, &now);
+    if (code != 0) {
+        major_status = GSS_S_FAILURE;
+        goto fail;
+    }
+
+    if (ctx->krb_times.endtime < now) {
+        code = 0;
+        major_status = GSS_S_CREDENTIALS_EXPIRED;
+        goto fail;
+    }
+
+    ap_rep.data = input_token->value;
+    ap_rep.length = input_token->length;
+
+    code = krb5_rd_rep_dce(ctx->k5_context,
+                           ctx->auth_context,
+                           &ap_rep,
+                           &nonce);
+    if (code != 0) {
+        major_status = GSS_S_FAILURE;
+        goto fail;
+    }
+
+    ctx->established = 1;
+
+    if (src_name) {
+        if ((code = kg_duplicate_name(ctx->k5_context, ctx->there,
+                                      KG_INIT_NAME_INTERN, &name))) {
+            major_status = GSS_S_FAILURE;
+            goto fail;
+        }
+        *src_name = (gss_name_t) name;
+    }
+
+    if (mech_type)
+        *mech_type = ctx->mech_used;
+
+    if (time_rec)
+        *time_rec = ctx->krb_times.endtime - now;
+
+    if (ret_flags)
+        *ret_flags = ctx->gss_flags;
+
+    /* XXX no support for delegated credentials yet */
+
+    *minor_status = 0;
+
+    return GSS_S_COMPLETE;
+
+fail:
+    /* real failure code follows */
+
+    (void) krb5_gss_delete_sec_context(minor_status, (gss_ctx_id_t *) &ctx,
+                                       NULL);
+    *context_handle = GSS_C_NO_CONTEXT;
+    *minor_status = code;
+
+    return major_status;
 }
 
 static OM_uint32
 kg_accept_krb5(minor_status, context_handle,
-              verifier_cred_handle, input_token,
-              input_chan_bindings, src_name, mech_type,
-              output_token, ret_flags, time_rec,
-              delegated_cred_handle)
+               verifier_cred_handle, input_token,
+               input_chan_bindings, src_name, mech_type,
+               output_token, ret_flags, time_rec,
+               delegated_cred_handle)
     OM_uint32 *minor_status;
     gss_ctx_id_t *context_handle;
     gss_cred_id_t verifier_cred_handle;
@@ -607,37 +607,37 @@ kg_accept_krb5(minor_status, context_handle,
     }
 #endif
 
-   if (authdat->checksum->checksum_type != CKSUMTYPE_KG_CB) {
-      /* Samba does not send 0x8003 GSS-API checksums */
-      krb5_boolean valid;
-      krb5_key subkey;
-      krb5_data zero;
-
-      code = krb5_auth_con_getkey_k(context, auth_context, &subkey);
-      if (code) {
-         major_status = GSS_S_FAILURE;
-         goto fail;
-      }
-
-      zero.length = 0;
-      zero.data = "";
-
-      code = krb5_k_verify_checksum(context,
-                                    subkey,
-                                    KRB5_KEYUSAGE_AP_REQ_AUTH_CKSUM,
-                                    &zero,
-                                    authdat->checksum,
-                                    &valid);
-      krb5_k_free_key(context, subkey);
-      if (code || !valid) {
-          major_status = GSS_S_BAD_SIG;
-          goto fail;
-      }
-
-      gss_flags = GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG | GSS_C_SEQUENCE_FLAG;
-      bigend = 0;
-      decode_req_message = 0;
-   } else {
+    if (authdat->checksum->checksum_type != CKSUMTYPE_KG_CB) {
+        /* Samba does not send 0x8003 GSS-API checksums */
+        krb5_boolean valid;
+        krb5_key subkey;
+        krb5_data zero;
+
+        code = krb5_auth_con_getkey_k(context, auth_context, &subkey);
+        if (code) {
+            major_status = GSS_S_FAILURE;
+            goto fail;
+        }
+
+        zero.length = 0;
+        zero.data = "";
+
+        code = krb5_k_verify_checksum(context,
+                                      subkey,
+                                      KRB5_KEYUSAGE_AP_REQ_AUTH_CKSUM,
+                                      &zero,
+                                      authdat->checksum,
+                                      &valid);
+        krb5_k_free_key(context, subkey);
+        if (code || !valid) {
+            major_status = GSS_S_BAD_SIG;
+            goto fail;
+        }
+
+        gss_flags = GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG | GSS_C_SEQUENCE_FLAG;
+        bigend = 0;
+        decode_req_message = 0;
+    } else {
         /* gss krb5 v1 */
 
         /* stash this now, for later. */
@@ -856,9 +856,9 @@ kg_accept_krb5(minor_status, context_handle,
 
     /* XXX move this into gss_name_t */
     if (        (code = krb5_merge_authdata(context,
-                                   ticket->enc_part2->authorization_data,
+                                            ticket->enc_part2->authorization_data,
                                             authdat->authorization_data,
-                                   &ctx->authdata))) {
+                                            &ctx->authdata))) {
         major_status = GSS_S_FAILURE;
         goto fail;
     }
@@ -1120,7 +1120,7 @@ kg_accept_krb5(minor_status, context_handle,
         *src_name = (gss_name_t) name;
 
     if (delegated_cred_handle) {
-       if (!kg_save_cred_id((gss_cred_id_t) deleg_cred)) {
+        if (!kg_save_cred_id((gss_cred_id_t) deleg_cred)) {
             major_status = GSS_S_FAILURE;
             code = G_VALIDATE_FAILED;
             goto fail;
@@ -1288,8 +1288,8 @@ krb5_gss_accept_sec_context(minor_status, context_handle,
     }
 
     return kg_accept_krb5(minor_status, context_handle,
-                         verifier_cred_handle, input_token,
-                         input_chan_bindings, src_name, mech_type,
-                         output_token, ret_flags, time_rec,
-                         delegated_cred_handle);
+                          verifier_cred_handle, input_token,
+                          input_chan_bindings, src_name, mech_type,
+                          output_token, ret_flags, time_rec,
+                          delegated_cred_handle);
 }
index 2c5ca9a661a52bd4b94969085a9cdef6972fbe8c..64efa1bfd069aaa025be6907dfa8d5c4f3a00d9f 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 2000, 2007, 2008 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
@@ -724,45 +724,45 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req,
 
 OM_uint32
 gss_krb5int_set_cred_rcache(OM_uint32 *minor_status,
-    gss_cred_id_t cred_handle,
-    const gss_OID desired_oid,
-    const gss_buffer_t value)
+                            gss_cred_id_t cred_handle,
+                            const gss_OID desired_oid,
+                            const gss_buffer_t value)
 {
-   krb5_gss_cred_id_t cred;
-   krb5_error_code code;
-   krb5_context context;
-   krb5_rcache rcache;
+    krb5_gss_cred_id_t cred;
+    krb5_error_code code;
+    krb5_context context;
+    krb5_rcache rcache;
 
-   assert(value->length == sizeof(rcache));
+    assert(value->length == sizeof(rcache));
 
-   if (value->length != sizeof(rcache))
-      return GSS_S_FAILURE;
+    if (value->length != sizeof(rcache))
+        return GSS_S_FAILURE;
 
-   rcache = (krb5_rcache)value->value;
+    rcache = (krb5_rcache)value->value;
 
-   if (cred_handle == GSS_C_NO_CREDENTIAL)
-      return GSS_S_NO_CRED;
+    if (cred_handle == GSS_C_NO_CREDENTIAL)
+        return GSS_S_NO_CRED;
 
-   cred = (krb5_gss_cred_id_t)cred_handle;
+    cred = (krb5_gss_cred_id_t)cred_handle;
 
-   code = krb5_gss_init_context(&context);
-   if (code) {
-       *minor_status = code;
-       return GSS_S_FAILURE;
-   }
-   if (cred->rcache != NULL) {
-      code = krb5_rc_close(context, cred->rcache);
-      if (code) {
-         *minor_status = code;
-         krb5_free_context(context);
-         return GSS_S_FAILURE;
-      }
-   }
+    code = krb5_gss_init_context(&context);
+    if (code) {
+        *minor_status = code;
+        return GSS_S_FAILURE;
+    }
+    if (cred->rcache != NULL) {
+        code = krb5_rc_close(context, cred->rcache);
+        if (code) {
+            *minor_status = code;
+            krb5_free_context(context);
+            return GSS_S_FAILURE;
+        }
+    }
 
-   cred->rcache = rcache;
+    cred->rcache = rcache;
 
-   krb5_free_context(context);
+    krb5_free_context(context);
 
-   *minor_status = 0;
-   return GSS_S_COMPLETE;
+    *minor_status = 0;
+    return GSS_S_COMPLETE;
 }
index cb14a5c9bdc198cb211f9b27c2be679dd7e940c1..6f6707c1afc2e2fd081e3d7b79479494d794c38e 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 2000, 2008 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
index b4f4d4bc175b40501ae0c1ebbb4dcaadf2f2cc4a..3dd01dcd316c7c11bc6b1acbd6f8ea25da778fb9 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * lib/gssapi/krb5/canon_name.c
  *
index 1e106da92f3e9a1718d4dbbd300537d08ff55f8a..14f707601705a024a0b1b071b06e0001ec9fcab6 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 1993 by OpenVision Technologies, Inc.
  *
index b263b50e6502c43a447fb5b68a56f117ce1524bb..df8e088543d196cfa56a82effb8c4ca2d94f18a2 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 1993 by OpenVision Technologies, Inc.
  *
index 19fe1d788a3b0819b58c9eff6604161d55fc8b5f..632c8664ea51870e412ade5ea6623fcb868aaf06 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 #include "gssapiP_krb5.h"
 
 OM_uint32 KRB5_CALLCONV
index 2032d5585e9b518518df23b37c161f78b7291cac..d6b49a0aa22379e6c13f9616c54c34e0c21b76fe 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 1993 by OpenVision Technologies, Inc.
  *
index 676dc4d6b0d42f8dec212badec042ea6c4689b80..ac576f5b460dc768e4e2f4409977945e1d240bd9 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 1993 by OpenVision Technologies, Inc.
  *
index 6cc1bc144cc6c78fd3ab658e48fa16889bb51b3d..6b164c249d094e4a56a9d2ae40f760b826fa44a8 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 1993 by OpenVision Technologies, Inc.
  *
index 678349324230ca3694d0a910e788acb3cbd09558..c054d74aa0fa8d6353aae4a4943fcd966615e748 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * lib/gssapi/krb5/duplicate_name.c
  *
index 67d9ce0b2812e61da1f4850a88b25e198b743ce2..52c2440f69eda25f7ef20b17e3e08e9c40f85099 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * lib/gssapi/krb5/export_name.c
  *
index f408d09ff34bf4ac17dd9e0c216561da9f99f1a5..271c58cabf6b0140185ebc16438a5fa98edd4b12 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * lib/gssapi/krb5/export_sec_context.c
  *
index 29126d6c8a93658b29e34eb7ba96acfbd71a2862..07f0c97279fd6a934b9c67cb40d9df2d346c526f 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 1993 by OpenVision Technologies, Inc.
  *
index d2509df329ade5e8e66318a7e8a22cc9ed731a23..2892e788553eef9d1e0bb6c08fa27ccb03664fab 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 1993 by OpenVision Technologies, Inc.
  *
@@ -306,9 +306,9 @@ kg_set_ccache_name (OM_uint32 *minor_status, const char *name)
     return GSS_S_COMPLETE;
 }
 
-#define g_OID_prefix_equal(o1, o2) \
-        (((o1)->length >= (o2)->length) && \
-        (memcmp((o1)->elements, (o2)->elements, (o2)->length) == 0))
+#define g_OID_prefix_equal(o1, o2)                                      \
+    (((o1)->length >= (o2)->length) &&                                  \
+     (memcmp((o1)->elements, (o2)->elements, (o2)->length) == 0))
 
 /*
  * gss_inquire_sec_context_by_oid() methods
@@ -370,7 +370,7 @@ krb5_gss_inquire_sec_context_by_oid (OM_uint32 *minor_status,
         return GSS_S_NO_CONTEXT;
 
     for (i = 0; i < sizeof(krb5_gss_inquire_sec_context_by_oid_ops)/
-                    sizeof(krb5_gss_inquire_sec_context_by_oid_ops[0]); i++) {
+             sizeof(krb5_gss_inquire_sec_context_by_oid_ops[0]); i++) {
         if (g_OID_prefix_equal(desired_object, &krb5_gss_inquire_sec_context_by_oid_ops[i].oid)) {
             return (*krb5_gss_inquire_sec_context_by_oid_ops[i].func)(minor_status,
                                                                       context_handle,
@@ -432,7 +432,7 @@ krb5_gss_inquire_cred_by_oid(OM_uint32 *minor_status,
 
 #if 0
     for (i = 0; i < sizeof(krb5_gss_inquire_cred_by_oid_ops)/
-                    sizeof(krb5_gss_inquire_cred_by_oid_ops[0]); i++) {
+             sizeof(krb5_gss_inquire_cred_by_oid_ops[0]); i++) {
         if (g_OID_prefix_equal(desired_object, &krb5_gss_inquire_cred_by_oid_ops[i].oid)) {
             return (*krb5_gss_inquire_cred_by_oid_ops[i].func)(minor_status,
                                                                cred_handle,
@@ -488,7 +488,7 @@ krb5_gss_set_sec_context_option (OM_uint32 *minor_status,
 
 #if 0
     for (i = 0; i < sizeof(krb5_gss_set_sec_context_option_ops)/
-                    sizeof(krb5_gss_set_sec_context_option_ops[0]); i++) {
+             sizeof(krb5_gss_set_sec_context_option_ops[0]); i++) {
         if (g_OID_prefix_equal(desired_object, &krb5_gss_set_sec_context_option_ops[i].oid)) {
             return (*krb5_gss_set_sec_context_option_ops[i].func)(minor_status,
                                                                   context_handle,
@@ -551,7 +551,7 @@ krb5_gssspi_set_cred_option(OM_uint32 *minor_status,
         return major_status;
 
     for (i = 0; i < sizeof(krb5_gssspi_set_cred_option_ops)/
-                    sizeof(krb5_gssspi_set_cred_option_ops[0]); i++) {
+             sizeof(krb5_gssspi_set_cred_option_ops[0]); i++) {
         if (g_OID_prefix_equal(desired_object, &krb5_gssspi_set_cred_option_ops[i].oid)) {
             return (*krb5_gssspi_set_cred_option_ops[i].func)(minor_status,
                                                               cred_handle,
@@ -610,7 +610,7 @@ krb5_gssspi_mech_invoke (OM_uint32 *minor_status,
         return GSS_S_CALL_INACCESSIBLE_READ;
 
     for (i = 0; i < sizeof(krb5_gssspi_mech_invoke_ops)/
-                    sizeof(krb5_gssspi_mech_invoke_ops[0]); i++) {
+             sizeof(krb5_gssspi_mech_invoke_ops[0]); i++) {
         if (g_OID_prefix_equal(desired_object, &krb5_gssspi_mech_invoke_ops[i].oid)) {
             return (*krb5_gssspi_mech_invoke_ops[i].func)(minor_status,
                                                           desired_mech,
index b33619583e7c5c4919e957b3689ac4588a3c1751..cd2748b561cb422da72088e21bf86a914e1c6b46 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 1993 by OpenVision Technologies, Inc.
  *
index b31d7acf133b03b3d332523be66d22dc463591d4..d4ef1e345a0887e98c150102b9b106602693bcde 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * lib/gssapi/krb5/import_sec_context.c
  *
index d744af724a81b8a1549a692adfb333e750d273f8..7707f65148ede51e2a755bea68f6d3de356c4290 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 1993 by OpenVision Technologies, Inc.
  *
index e04818f7608feddf0cf92770fba92317847381c4..9b6f3ecff8fdb35bfe3cdb134757c38eaef4aa8b 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 2000, 2002, 2003, 2007, 2008 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
@@ -152,8 +152,8 @@ static krb5_error_code get_credentials(context, cred, server, now,
         krb5_creds mcreds;
 
         flags |= KRB5_GC_CANONICALIZE |
-                 KRB5_GC_NO_STORE |
-                 KRB5_GC_CONSTRAINED_DELEGATION;
+            KRB5_GC_NO_STORE |
+            KRB5_GC_CONSTRAINED_DELEGATION;
 
         memset(&mcreds, 0, sizeof(mcreds));
 
@@ -765,9 +765,9 @@ mutual_auth(
         ap_rep.length = input_token->length;
         ap_rep.data = (char *)input_token->value;
     } else if (g_verify_token_header(ctx->mech_used,
-                              &(ap_rep.length),
-                              &ptr, KG_TOK_CTX_AP_REP,
-                              input_token->length, 1)) {
+                                     &(ap_rep.length),
+                                     &ptr, KG_TOK_CTX_AP_REP,
+                                     input_token->length, 1)) {
         if (g_verify_token_header((gss_OID) ctx->mech_used,
                                   &(ap_rep.length),
                                   &ptr, KG_TOK_CTX_ERROR,
@@ -1006,11 +1006,11 @@ krb5_gss_init_sec_context(minor_status, claimant_cred_handle,
     /*SUPPRESS 29*/
     if (*context_handle == GSS_C_NO_CONTEXT) {
         major_status = kg_new_connection(minor_status, cred, context_handle,
-                                        target_name, mech_type, req_flags,
-                                        time_req, input_chan_bindings,
-                                        input_token, actual_mech_type,
-                                        output_token, ret_flags, time_rec,
-                                        context, default_mech);
+                                         target_name, mech_type, req_flags,
+                                         time_req, input_chan_bindings,
+                                         input_token, actual_mech_type,
+                                         output_token, ret_flags, time_rec,
+                                         context, default_mech);
         k5_mutex_unlock(&cred->lock);
         if (*context_handle == GSS_C_NO_CONTEXT) {
             save_error_info (*minor_status, context);
index 5cec4b927ee3d6a6518ff08532556aa937a0a70a..0c926401a9132aff0e691404e99b198ac738a727 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 1993 by OpenVision Technologies, Inc.
  *
@@ -235,10 +235,10 @@ cleanup:
 
 OM_uint32
 gss_krb5int_extract_authz_data_from_sec_context(
-   OM_uint32 *minor_status,
-   const gss_ctx_id_t context_handle,
-   const gss_OID desired_object,
-   gss_buffer_set_t *data_set)
+    OM_uint32 *minor_status,
+    const gss_ctx_id_t context_handle,
+    const gss_OID desired_object,
+    gss_buffer_set_t *data_set)
 {
     OM_uint32 major_status;
     krb5_gss_ctx_id_rec *ctx;
index 5c358eb9f55ece9466942dc0cdd1798ba30267a4..9af0e4e85739d34e0febcbfab718b136cd66112e 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 2000, 2007 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
index 5db0ae0ee9b43c11046c1715983f60d7a9f0c44c..a3de420cb11235a2530756e66f06b08e8c0fe0a9 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * lib/gssapi/krb5/inq_names.c
  *
index d071462c14c0e180737d525933f3c8c9742824ea..51faaaa63d5b404ae6d9c8dc525ec23877528879 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 1993 by OpenVision Technologies, Inc.
  *
@@ -336,10 +336,10 @@ kg_seal(minor_status, context_handle, conf_req_flag, qop_req,
 
     /* Only default qop or matching established cryptosystem is allowed.
 
-    There are NO EXTENSIONS to this set for AES and friends!  The
-    new spec says "just use 0".  The old spec plus extensions would
-    actually allow for certain non-zero values.  Fix this to handle
-    them later.  */
+       There are NO EXTENSIONS to this set for AES and friends!  The
+       new spec says "just use 0".  The old spec plus extensions would
+       actually allow for certain non-zero values.  Fix this to handle
+       them later.  */
     if (qop_req != 0) {
         *minor_status = (OM_uint32) G_UNKNOWN_QOP;
         return GSS_S_FAILURE;
index 8eb5310c4c50a7c032735ad480c2ec1a10b1e7b5..9ff823e08b279ec83fc0988f1dce837a0b0bb7f4 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * lib/gssapi/krb5/k5sealiov.c
  *
@@ -336,9 +336,9 @@ kg_seal_iov(OM_uint32 *minor_status,
     return (ctx->krb_times.endtime < now) ? GSS_S_CONTEXT_EXPIRED : GSS_S_COMPLETE;
 }
 
-#define INIT_IOV_DATA(_iov)     do { (_iov)->buffer.value = NULL; \
-                                     (_iov)->buffer.length = 0; } \
-                                while (0)
+#define INIT_IOV_DATA(_iov)     do { (_iov)->buffer.value = NULL;       \
+        (_iov)->buffer.length = 0; }                                    \
+    while (0)
 
 OM_uint32
 kg_seal_iov_length(OM_uint32 *minor_status,
@@ -418,7 +418,7 @@ kg_seal_iov_length(OM_uint32 *minor_status,
 
         code = krb5_c_crypto_length(context, enctype,
                                     conf_req_flag ?
-                                        KRB5_CRYPTO_TYPE_TRAILER : KRB5_CRYPTO_TYPE_CHECKSUM,
+                                    KRB5_CRYPTO_TYPE_TRAILER : KRB5_CRYPTO_TYPE_CHECKSUM,
                                     &k5_trailerlen);
         if (code != 0) {
             *minor_status = code;
index ad5c03a3988589939bd147f488a007f9cd285c32..0e9b359755a98d0f2a7e43c5479cca239919fdcc 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * lib/gssapi/krb5/k5sealv3.c
  *
@@ -178,7 +178,7 @@ gss_krb5int_make_seal_token_v3 (krb5_context context,
 #ifdef CFX_EXERCISE
         rrc = rand() & 0xffff;
         if (gss_krb5int_rotate_left(outbuf+16, bufsize-16,
-                        (bufsize-16) - (rrc % (bufsize - 16))))
+                                    (bufsize-16) - (rrc % (bufsize - 16))))
             store_16_be(rrc, outbuf+6);
         /* If the rotate fails, don't worry about it.  */
 #endif
@@ -267,7 +267,7 @@ gss_krb5int_make_seal_token_v3 (krb5_context context,
             rrc = rand() & 0xffff;
             /* If the rotate fails, don't worry about it.  */
             if (gss_krb5int_rotate_left(outbuf+16, bufsize-16,
-                            (bufsize-16) - (rrc % (bufsize - 16))))
+                                        (bufsize-16) - (rrc % (bufsize - 16))))
                 store_16_be(rrc, outbuf+6);
 #endif
             /* Fix up EC field.  */
@@ -352,19 +352,19 @@ gss_krb5int_unseal_token_v3(krb5_context *contextptr,
 
     /* Two things to note here.
 
-    First, we can't really enforce the use of the acceptor's subkey,
-    if we're the acceptor; the initiator may have sent messages
-    before getting the subkey.  We could probably enforce it if
-    we're the initiator.
-
-    Second, if someone tweaks the code to not set the flag telling
-    the krb5 library to generate a new subkey in the AP-REP
-    message, the MIT library may include a subkey anyways --
-    namely, a copy of the AP-REQ subkey, if it was provided.  So
-    the initiator may think we wanted a subkey, and set the flag,
-    even though we weren't trying to set the subkey.  The "other"
-    key, the one not asserted by the acceptor, will have the same
-    value in that case, though, so we can just ignore the flag.  */
+       First, we can't really enforce the use of the acceptor's subkey,
+       if we're the acceptor; the initiator may have sent messages
+       before getting the subkey.  We could probably enforce it if
+       we're the initiator.
+
+       Second, if someone tweaks the code to not set the flag telling
+       the krb5 library to generate a new subkey in the AP-REP
+       message, the MIT library may include a subkey anyways --
+       namely, a copy of the AP-REQ subkey, if it was provided.  So
+       the initiator may think we wanted a subkey, and set the flag,
+       even though we weren't trying to set the subkey.  The "other"
+       key, the one not asserted by the acceptor, will have the same
+       value in that case, though, so we can just ignore the flag.  */
     if (ctx->have_acceptor_subkey && (ptr[2] & FLAG_ACCEPTOR_SUBKEY)) {
         key = ctx->acceptor_subkey;
         cksumtype = ctx->acceptor_subkey_cksumtype;
@@ -396,8 +396,8 @@ gss_krb5int_unseal_token_v3(krb5_context *contextptr,
                 *conf_state = 1;
             /* Do we have no decrypt_size function?
 
-            For all current cryptosystems, the ciphertext size will
-            be larger than the plaintext size.  */
+               For all current cryptosystems, the ciphertext size will
+               be larger than the plaintext size.  */
             cipher.enctype = key->keyblock.enctype;
             cipher.ciphertext.length = bodysize - 16;
             cipher.ciphertext.data = (char *)ptr + 16;
index b5b979310f0c68196e848926171b1032df8f5426..f977d9b194d52db472c40bd31a2495d284fa73a4 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * lib/gssapi/krb5/k5sealv3iov.c
  *
@@ -363,7 +363,7 @@ gss_krb5int_unseal_v3_iov(krb5_context context,
 
         code = krb5_c_crypto_length(context, key->keyblock.enctype,
                                     conf_flag ? KRB5_CRYPTO_TYPE_TRAILER :
-                                                KRB5_CRYPTO_TYPE_CHECKSUM,
+                                    KRB5_CRYPTO_TYPE_CHECKSUM,
                                     &k5_trailerlen);
         if (code != 0) {
             *minor_status = code;
index e96dce89a8ac947c2a6826d7e4af393cb1bbc44b..b56cd2dee819b8784025d52054c9fbba6caeeb46 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 2001, 2007 by the Massachusetts Institute of Technology.
  * Copyright 1993 by OpenVision Technologies, Inc.
index a9896c55bd347e4203917e49c17caededaa0cc0e..a489f0d841a9f344b90d79ab3b252562116a9d1e 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * lib/gssapi/krb5/k5unsealiov.c
  *
@@ -551,7 +551,7 @@ kg_unseal_stream_iov(OM_uint32 *minor_status,
 
         ttrailer->buffer.length = ec + (conf_req_flag ? 16 : 0 /* E(Header) */) + k5_trailerlen;
         ttrailer->buffer.value = (unsigned char *)stream->buffer.value +
-                                 stream->buffer.length - ttrailer->buffer.length;
+            stream->buffer.length - ttrailer->buffer.length;
         break;
     }
     case KG_TOK_MIC_MSG:
@@ -586,8 +586,8 @@ kg_unseal_stream_iov(OM_uint32 *minor_status,
 
     /* validate lengths */
     if (stream->buffer.length < theader->buffer.length +
-                                tpadding->buffer.length +
-                                ttrailer->buffer.length)
+        tpadding->buffer.length +
+        ttrailer->buffer.length)
     {
         code = (OM_uint32)KRB5_BAD_MSIZE;
         major_status = GSS_S_DEFECTIVE_TOKEN;
@@ -596,7 +596,7 @@ kg_unseal_stream_iov(OM_uint32 *minor_status,
 
     /* setup data */
     tdata->buffer.length = stream->buffer.length - ttrailer->buffer.length -
-                           tpadding->buffer.length - theader->buffer.length;
+        tpadding->buffer.length - theader->buffer.length;
 
     assert(data != NULL);
 
index fb5a8e7877177956de696f826e642b4af5b761e9..b1454cf71dd1cb17ada7de443879b094f14810e6 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * lib/gssapi/krb5/lucid_context.c
  *
index 4e7247e4236439f0da0ee688de7d570484a9acc6..8cb21bf602fa21e28f3f1102beb5c35549dba934 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * lib/gssapi/krb5/naming_exts.c
  *
index 9a4d282ac8fb102a2d4f57b6f85b9365d3afdff6..ac41ad6f1d6ae24e62034240abc7add13fd730c0 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 1993 by OpenVision Technologies, Inc.
  *
index b6b25887efe40ba2d1287e17f0bf97decd51e5bf..05e24b23daeb548115c0a3e3cf38dd0a6217289c 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 1993 by OpenVision Technologies, Inc.
  *
index 5490b8a50e143465f70ca086baed2cb4bf370ce1..89758655596356e3862503bd780af27850e9a5e8 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 1993 by OpenVision Technologies, Inc.
  *
index 7a08da2beaa4629dbc4a7e95812db3069fccfcb0..dfa2738c61ec23b1bed3c82d200aefdbf66a2c00 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * lib/gssapi/krb5/rel_oid.c
  *
index 866159f049e1c85ae2089fdad36e710d04163bab..c47a15d200b92078c8d26b49b459c69e5f4ffb52 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 2009  by the Massachusetts Institute of Technology.
  * All Rights Reserved.
@@ -103,7 +103,7 @@ static int
 kg_is_initiator_cred(krb5_gss_cred_id_t cred)
 {
     return (cred->usage == GSS_C_INITIATE || cred->usage == GSS_C_BOTH) &&
-           (cred->ccache != NULL);
+        (cred->ccache != NULL);
 }
 
 static OM_uint32
@@ -311,7 +311,7 @@ kg_compose_deleg_cred(OM_uint32 *minor_status,
 
     code = krb5_cc_initialize(context, cred->ccache,
                               cred->proxy_cred ? impersonator_cred->name->princ :
-                                    subject_creds->client);
+                              subject_creds->client);
     if (code != 0)
         goto cleanup;
 
index 7bdcb344b1c1e67c2a959803b473d755c5af12d2..7f48c7ae60e45477cb3ec3a52d7d32750aba4848 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 1993 by OpenVision Technologies, Inc.
  *
index 4987b2e9ca7ff0c830f3c7995e7c50c759fb8268..f5c1081cc4ef8403578cb5bd6a980a73ea128cf0 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * lib/gssapi/krb5/ser_sctx.c
  *
@@ -364,7 +364,7 @@ kg_ctx_size(kcontext, arg, sizep)
                                         &required);
             }
         }
-            *sizep += required;
+        *sizep += required;
     }
     return(kret);
 }
@@ -665,8 +665,8 @@ kg_ctx_internalize(kcontext, argp, buffer, lenremain)
             /* Now get substructure data */
             kret = krb5_internalize_opaque(kcontext,
                                            KV5M_PRINCIPAL,
-                                            (krb5_pointer *) &princ,
-                                            &bp, &remain);
+                                           (krb5_pointer *) &princ,
+                                           &bp, &remain);
             if (kret == 0) {
                 kret = kg_init_name(kcontext, princ, NULL,
                                     KG_INIT_NAME_NO_COPY, &ctx->here);
index 5cc72df8bd30d9d60f1ae83c47aac31a6db94f07..cdfc9658398f4949717026e836b528b3b1687ab0 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * lib/gssapi/krb5/set_allowable_enctypes.c
  *
index 273182637dbf57564b6ab270f2e8af291c0cb404..7d52608df4916d399798a9f17b26d5bcb45c92ad 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * lib/gssapi/krb5/set_ccache.c
  *
index 069768c74bd434c226e5428126f5a8b167ccf9ef..028423b7c431396480259049a48d8c89c6f0ea39 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 1993 by OpenVision Technologies, Inc.
  *
index 4b612a241d490003a0d32c92d8be67e5e8755ffc..a764a4565fc4eebbbc9b2234828dfcd39b15a291 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 1993 by OpenVision Technologies, Inc.
  *
index 88a55bb8170bbb7f66788746fd7ac58d61160d66..5228df3362345d722c45c4732b2706f2f3153201 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 1993 by OpenVision Technologies, Inc.
  *
index 51e6487502c983756562de38fb3355527d8ca58a..9699c265677200e0cc8f5879b4090cd46067c690 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 2001, 2008 by the Massachusetts Institute of Technology.
  * Copyright 1993 by OpenVision Technologies, Inc.
index 5c696ea3b525ae0214ce0ddb1147012a9a461ef9..6e1c9ac8aecb3f860f0d6c235201659b7777c32b 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 1993 by OpenVision Technologies, Inc.
  *
index 388990a30cf29245cd7161f9694f74720f53abe1..bef631da9d1ae154ecb91fd83ab018f053c029bb 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 2001, 2009 by the Massachusetts Institute of Technology.
  * Copyright 1993 by OpenVision Technologies, Inc.
index 747d8222e6372ea21a80adb580a23404425bdf76..2351d9f77cdac3c9eb0b614359b2ae8003bf74e4 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 1997, 2007 by Massachusetts Institute of Technology
  * All Rights Reserved.
index 033a489b725bd8a9bd8bc9b84e80763ebc0af3e7..e4433534fb7dd9ea8f664576bca653a048972f02 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 1993 by OpenVision Technologies, Inc.
  *
index 2b62386dadc40edabc7c2e7ac708903b57b19bc0..b047483cbd6f566d965208256a0f063d3fedddd9 100644 (file)
@@ -1,4 +1,4 @@
-/* -*- mode: c; indent-tabs-mode: nil -*- */
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 /*
  * Copyright 2000 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
@@ -118,7 +118,7 @@ krb5_gss_wrap_size_limit(minor_status, context_handle, conf_req_flag,
             krb5_enctype enctype;
 
             key = ctx->have_acceptor_subkey ? ctx->acceptor_subkey
-                                            : ctx->subkey;
+                : ctx->subkey;
             enctype = key->keyblock.enctype;
 
             while (sz > 0 && krb5_encrypt_size(sz, enctype) + 16 > req_output_size)
@@ -142,7 +142,7 @@ krb5_gss_wrap_size_limit(minor_status, context_handle, conf_req_flag,
             size_t cksumsize;
 
             cksumtype = ctx->have_acceptor_subkey ? ctx->acceptor_subkey_cksumtype
-                                                  : ctx->cksumtype;
+                : ctx->cksumtype;
 
             err = krb5_c_checksum_length(ctx->k5_context, cksumtype, &cksumsize);
             if (err) {