status = kdb_free_library(kcontext->dal_handle->lib_handle);
if (status)
return status;
- /* The dal_handle holds an alias to the most recent mkey_list*/
+ /* The dal_handle holds an alias to the most recent mkey_list. */
if (kcontext->dal_handle->free_keylist) {
- kcontext->dal_handle->master_keylist = NULL; /*force freeing*/
+ kcontext->dal_handle->master_keylist = NULL; /* Force freeing. */
krb5_db_free_mkey_list(kcontext, old_keylist);
}
krb5_free_principal(kcontext, kcontext->dal_handle->master_princ);
return 0;
}
-static krb5_error_code
+static krb5_error_code
get_vftabl(krb5_context kcontext, kdb_vftabl **vftabl_ptr)
{
krb5_error_code status;
if (status)
return status;
if (!context->dal_handle->master_princ) {
- status = krb5_copy_principal(context, mname, &context->dal_handle->master_princ);
+ status = krb5_copy_principal(context, mname,
+ &context->dal_handle->master_princ);
if (status)
return status;
}
if (mkey_list == NULL)
mkey_list = &local_keylist;
- status = v->fetch_master_key_list(context, mname, mkey, mkvno, mkey_list);
+ status = v->fetch_master_key_list(context, mname, mkey, mkvno, mkey_list);
if (status == 0) {
- /* The dal_handle holds an alias to the most recent master_keylist*/
+ /* The dal_handle holds an alias to the most recent master_keylist. */
krb5_keylist_node *old_keylist = context->dal_handle->master_keylist;
context->dal_handle->master_keylist = *mkey_list;
if (context->dal_handle->free_keylist)
krb5_keylist_node *cur, *prev;
/*
- * The dal_handle holds onto the most recent master
- * keylist that has been fetched throughout the lifetime of the context; if
- * this function is called on that keylist, then the dal_handle is updated to
- * indicate that the keylist should be freed on next call to
- * krb5_db_fetch_mkey_list() or when the database is closed. Otherwise, the
- * master_keylist is freed. Either way, the caller must not access this master
- * keylist after calling this function.
+ * The dal_handle holds onto the most recent master keylist that has been
+ * fetched throughout the lifetime of the context; if this function is
+ * called on that keylist, then the dal_handle is updated to indicate that
+ * the keylist should be freed on next call to krb5_db_fetch_mkey_list() or
+ * when the database is closed. Otherwise, the master_keylist is freed.
+ * Either way, the caller must not access this master keylist after calling
+ * this function.
*/
- if (context&& context->dal_handle->master_keylist == mkey_list) {
+ if (context && context->dal_handle->master_keylist == mkey_list) {
context->dal_handle->free_keylist = 1;
return;
}
}
static krb5_error_code
-decrypt_iterator(krb5_context kcontext,
- const krb5_key_data * key_data,
- krb5_keyblock * dbkey,
- krb5_keysalt * keysalt)
+decrypt_iterator(krb5_context kcontext, const krb5_key_data * key_data,
+ krb5_keyblock *dbkey, krb5_keysalt *keysalt)
{
krb5_error_code status = 0;
kdb_vftabl *v;
krb5_keylist_node *n = kcontext->dal_handle->master_keylist;
+
status = get_vftabl(kcontext, &v);
if (status)
return status;
- for (;n; n = n->next) {
+ for (; n; n = n->next) {
krb5_clear_error_message(kcontext);
- status= v->decrypt_key_data(kcontext, &n->keyblock, key_data, dbkey, keysalt);
+ status = v->decrypt_key_data(kcontext, &n->keyblock, key_data, dbkey,
+ keysalt);
if (status == 0)
return 0;
}
krb5_error_code status = 0;
kdb_vftabl *v;
krb5_keylist_node *n = kcontext->dal_handle->master_keylist;
+ krb5_keyblock *cur_mkey;
+
status = get_vftabl(kcontext, &v);
if (status)
return status;
- if (mkey ||!n)
+ if (mkey || !n)
return v->decrypt_key_data(kcontext, mkey, key_data, dbkey, keysalt);
status = decrypt_iterator(kcontext, key_data, dbkey, keysalt);
if (status == 0)
return 0;
if (kcontext->dal_handle->master_keylist) {
- /* Try reloading master keys*/
- krb5_keyblock *cur_mkey = &kcontext->dal_handle->master_keylist->keyblock;
- if (krb5_db_fetch_mkey_list(kcontext, kcontext->dal_handle->master_princ,
- cur_mkey, -1, NULL) == 0) {
+ /* Try reloading master keys. */
+ cur_mkey = &kcontext->dal_handle->master_keylist->keyblock;
+ if (krb5_db_fetch_mkey_list(kcontext,
+ kcontext->dal_handle->master_princ,
+ cur_mkey, -1, NULL) == 0)
return decrypt_iterator(kcontext, key_data, dbkey, keysalt);
- }
}
return status;
}