kadm5_principal_ent_rec princ;
kadm5_server_handle_t handle = server_handle;
- if (ret = krb5_timeofday(handle->context, &now))
+ ret = krb5_timeofday(handle->context, &now);
+ if (ret)
return ret;
- if((ret = kadm5_get_principal(handle->lhandle, principal,
- &princ,
- KADM5_PRINCIPAL_NORMAL_MASK)) !=
- KADM5_OK)
+ ret = kadm5_get_principal(handle->lhandle, principal,
+ &princ, KADM5_PRINCIPAL_NORMAL_MASK);
+ if(ret != KADM5_OK)
return ret;
if(princ.aux_attributes & KADM5_POLICY) {
if((ret=kadm5_get_policy(handle->lhandle,
(void) kadm5_free_principal_ent(handle->lhandle, &princ);
return KADM5_PASS_TOOSOON;
}
- if (ret = kadm5_free_policy_ent(handle->lhandle, &pol)) {
+
+ ret = kadm5_free_policy_ent(handle->lhandle, &pol);
+ if (ret) {
(void) kadm5_free_principal_ent(handle->lhandle, &princ);
return ret;
}
}
- if (ret = kadm5_free_principal_ent(handle->lhandle, &princ))
+
+ ret = kadm5_free_principal_ent(handle->lhandle, &princ);
+ if (ret)
return ret;
return kadm5_chpass_principal(server_handle, principal, password);
kadm5_principal_ent_rec princ;
kadm5_server_handle_t handle = server_handle;
- if (ret = krb5_timeofday(handle->context, &now))
+ ret = krb5_timeofday(handle->context, &now);
+ if (ret)
return ret;
- if((ret = kadm5_get_principal(handle->lhandle,
- principal, &princ,
- KADM5_PRINCIPAL_NORMAL_MASK)) !=
- OSA_ADB_OK)
+ ret = kadm5_get_principal(handle->lhandle, principal,
+ &princ, KADM5_PRINCIPAL_NORMAL_MASK);
+ if(ret != OSA_ADB_OK)
return ret;
if(princ.aux_attributes & KADM5_POLICY) {
if((ret=kadm5_get_policy(handle->lhandle,
(void) kadm5_free_principal_ent(handle->lhandle, &princ);
return KADM5_PASS_TOOSOON;
}
- if (ret = kadm5_free_policy_ent(handle->lhandle, &pol)) {
+
+ ret = kadm5_free_policy_ent(handle->lhandle, &pol);
+ if (ret) {
(void) kadm5_free_principal_ent(handle->lhandle, &princ);
return ret;
}
}
- if (ret = kadm5_free_principal_ent(handle->lhandle, &princ))
+
+ ret = kadm5_free_principal_ent(handle->lhandle, &princ);
+ if (ret)
return ret;
return kadm5_randkey_principal(server_handle, principal, keys, n_keys);
}
ap_req.data = ptr;
ptr += ap_req.length;
- if (ret = krb5_auth_con_init(context, &auth_context)) {
+ ret = krb5_auth_con_init(context, &auth_context);
+ if (ret) {
numresult = KRB5_KPASSWD_HARDERROR;
strcpy(strresult, "Failed initializing auth context");
goto chpwfail;
}
- if (ret = krb5_auth_con_setflags(context, auth_context,
- KRB5_AUTH_CONTEXT_DO_SEQUENCE)) {
+ ret = krb5_auth_con_setflags(context, auth_context,
+ KRB5_AUTH_CONTEXT_DO_SEQUENCE);
+ if (ret) {
numresult = KRB5_KPASSWD_HARDERROR;
strcpy(strresult, "Failed initializing auth context");
goto chpwfail;
}
- if (ret = krb5_build_principal(context, &changepw, strlen(realm), realm,
- "kadmin", "changepw", NULL)) {
+ ret = krb5_build_principal(context, &changepw, strlen(realm), realm,
+ "kadmin", "changepw", NULL);
+ if (ret) {
numresult = KRB5_KPASSWD_HARDERROR;
strcpy(strresult, "Failed building kadmin/changepw principal");
goto chpwfail;
specified. when rd_priv is called, *only* a remote address
is specified. Are we having fun yet? */
- if (ret = krb5_auth_con_setaddrs(context, auth_context, NULL,
- &remote_kaddr)) {
+ ret = krb5_auth_con_setaddrs(context, auth_context, NULL,
+ &remote_kaddr);
+ if (ret) {
numresult = KRB5_KPASSWD_HARDERROR;
strcpy(strresult, "Failed storing client internet address");
goto chpwfail;
/* construct the ap-rep */
- if (ret = krb5_mk_rep(context, auth_context, &ap_rep)) {
+ ret = krb5_mk_rep(context, auth_context, &ap_rep);
+ if (ret) {
numresult = KRB5_KPASSWD_AUTHERROR;
strcpy(strresult, "Failed replying to application request");
goto chpwfail;
cipher.length = (req->data + req->length) - ptr;
cipher.data = ptr;
- if (ret = krb5_rd_priv(context, auth_context, &cipher, &clear, &replay)) {
+ ret = krb5_rd_priv(context, auth_context, &cipher, &clear, &replay);
+ if (ret) {
numresult = KRB5_KPASSWD_HARDERROR;
strcpy(strresult, "Failed decrypting request");
goto chpwfail;
cipher.length = 0;
if (ap_rep.length) {
- if (ret = krb5_auth_con_setaddrs(context, auth_context, &local_kaddr,
- NULL)) {
+ ret = krb5_auth_con_setaddrs(context, auth_context, &local_kaddr,
+ NULL);
+ if (ret) {
numresult = KRB5_KPASSWD_HARDERROR;
strcpy(strresult,
"Failed storing client and server internet addresses");
} else {
- if (ret = krb5_mk_priv(context, auth_context, &clear, &cipher,
- &replay)) {
+ ret = krb5_mk_priv(context, auth_context, &clear, &cipher,
+ &replay);
+ if (ret) {
numresult = KRB5_KPASSWD_HARDERROR;
strcpy(strresult, "Failed encrypting reply");
}
krberror.ctime = 0;
krberror.cusec = 0;
krberror.susec = 0;
- if (ret = krb5_timeofday(context, &krberror.stime))
+ ret = krb5_timeofday(context, &krberror.stime);
+ if (ret)
goto bailout;
/* this is really icky. but it's what all the other callers
krberror.error = KRB_ERR_GENERIC;
krberror.client = NULL;
- if (ret = krb5_build_principal(context, &krberror.server,
- strlen(realm), realm,
- "kadmin", "changepw", NULL))
+
+ ret = krb5_build_principal(context, &krberror.server,
+ strlen(realm), realm,
+ "kadmin", "changepw", NULL);
+ if (ret)
goto bailout;
krberror.text.length = 0;
krberror.e_data = clear;
projects / krb5.git / commitdiff