krb5_c_is_keyed_cksum() is a boolean function. It cannot safely return
authorJeffrey Altman <jaltman@secure-endpoints.com>
Tue, 15 Mar 2005 06:32:39 +0000 (06:32 +0000)
committerJeffrey Altman <jaltman@secure-endpoints.com>
Tue, 15 Mar 2005 06:32:39 +0000 (06:32 +0000)
an error value.  Change the error condition to return False (0) instead
of 0xFFFFFFFF.

ticket: new

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17127 dc483132-0cff-0310-8789-dd5450dbe970

src/lib/crypto/ChangeLog
src/lib/crypto/keyed_cksum.c

index feccaa79125db713373c0318d5edaf4d2f6eb167..fa03524a3aff5da880fa1a4ea0247888539a54ba 100644 (file)
@@ -1,3 +1,12 @@
+2005-03-15  Jeffrey Altman <jaltman@mit.edu>
+
+        * keyed_cksum.c: (krb5_c_is_keyed_cksum): this is a boolean 
+          function.  It should not return -1U on error.  Instead return
+          0 (false) so that the caller doesn't think it succeeded.
+
+          The only two callers are rd_safe and mk_safe.  Neither checks
+          for special cases.
+
 2005-01-13  Ken Raeburn  <raeburn@mit.edu>
 
        * prng.c (krb5int_prng_init): Incorporate do_yarrow_init body.
index 7056f8f99eae0524782739f1d7ebfd8fef281a69..4d50c2c4aefb180429788dec5fd917f44c667c64 100644 (file)
@@ -45,7 +45,7 @@ krb5_c_is_keyed_cksum(krb5_cksumtype ctype)
 
     /* ick, but it's better than coredumping, which is what the
        old code would have done */
-    return -1U;
+    return 0;   /* error case */
 }
 
 krb5_boolean KRB5_CALLCONV