-1, -1, -1, &client_securid_key_data);
if (retval) {
com_err("krb5kdc", retval,
- "while getting key from client's SAM SecurID "
- "entry");
+ "while getting key from client's SAM SecurID entry");
goto cleanup;
}
retval = krb5_dbe_decrypt_key_data(context, NULL, client_securid_key_data,
client_securid_key, NULL);
if (retval) {
com_err("krb5kdc", retval,
- "while decrypting key from client's SAM "
- "SecurID entry ");
+ "while decrypting key from client's SAM SecurID entry");
goto cleanup;
}
cleanup:
sc2b->sam_response_prompt.data = PASSCODE_message;
sc2b->sam_response_prompt.length = strlen(sc2b->sam_response_prompt.data);
sc2b->sam_pk_for_sad.length = 0;
- sc2b->sam_type = PA_SAM_TYPE_SECURID;
+ sc2b->sam_type = PA_SAM_TYPE_SECURID;
sid_track_data.state = SECURID_STATE_INITIAL;
sid_track_data.hostid = gethostid();
retval = securid_encrypt_track_data_2(context, client, &tmp_data,
&sc2b->sam_track_id);
if (retval != 0) {
- com_err("krb5kdc", retval,
- "While encrypting nonce track data");
+ com_err("krb5kdc", retval, "while encrypting nonce track data");
goto cleanup;
}
retval = krb5_c_random_make_octets(context, &scratch);
if (retval) {
com_err("krb5kdc", retval,
- "while generating nonce data in "
- "get_securid_edata_2 (%s)",
- user ? user : def_user);
+ "while generating nonce data in get_securid_edata_2 (%s)",
+ user ? user : def_user);
goto cleanup;
}
sc2, sc2b, client_key);
if (retval) {
com_err("krb5kdc", retval,
- "while making SAM_CHALLENGE_2 checksum (%s)",
- user ? user : def_user);
+ "while making SAM_CHALLENGE_2 checksum (%s)",
+ user ? user : def_user);
}
cleanup:
retval = krb5_unparse_name(context, client->princ, &user);
if (retval != 0) {
com_err("krb5kdc", retval,
- "while unparsing client name in "
- "verify_securid_data_2");
+ "while unparsing client name in verify_securid_data_2");
return retval;
}
&client_key_data);
if (retval) {
com_err("krb5kdc", retval,
- "while getting client key in "
- "verify_securid_data_2 (%s)", user);
+ "while getting client key in verify_securid_data_2 (%s)",
+ user);
goto cleanup;
}
&client_key, NULL);
if (retval != 0) {
com_err("krb5kdc", retval,
- "while decrypting client key in "
- "verify_securid_data_2 (%s)",
- user);
+ "while decrypting client key in verify_securid_data_2 (%s)",
+ user);
goto cleanup;
}
&sr2->sam_enc_nonce_or_sad, &scratch);
if (retval) {
com_err("krb5kdc", retval,
- "while decrypting SAD in "
- "verify_securid_data_2 (%s)", user);
+ "while decrypting SAD in verify_securid_data_2 (%s)", user);
goto cleanup;
}
retval = decode_krb5_enc_sam_response_enc_2(&scratch, &esre2);
if (retval) {
com_err("krb5kdc", retval,
- "while decoding SAD in "
- "verify_securid_data_2 (%s)", user);
+ "while decoding SAD in verify_securid_data_2 (%s)", user);
esre2 = NULL;
goto cleanup;
}
if (sr2->sam_nonce != esre2->sam_nonce) {
com_err("krb5kdc", KRB5KDC_ERR_PREAUTH_FAILED,
- "while checking nonce in "
- "verify_securid_data_2 (%s)", user);
+ "while checking nonce in verify_securid_data_2 (%s)", user);
retval = KRB5KDC_ERR_PREAUTH_FAILED;
goto cleanup;
}
if (esre2->sam_sad.length == 0 || esre2->sam_sad.data == NULL) {
com_err("krb5kdc", KRB5KDC_ERR_PREAUTH_FAILED,
- "No SecurID passcode in "
- "verify_securid_data_2 (%s)", user);
+ "No SecurID passcode in verify_securid_data_2 (%s)", user);
retval = KRB5KDC_ERR_PREAUTH_FAILED;
goto cleanup;
}
if (esre2->sam_sad.length > (sizeof(passcode) - 1)) {
retval = KRB5KDC_ERR_PREAUTH_FAILED;
com_err("krb5kdc", retval,
- "SecurID passcode/PIN too long (%d bytes) in "
- "verify_securid_data_2 (%s)",
- esre2->sam_sad.length, user);
+ "SecurID passcode/PIN too long (%d bytes) in "
+ "verify_securid_data_2 (%s)",
+ esre2->sam_sad.length, user);
goto cleanup;
}
memcpy(passcode, esre2->sam_sad.data, esre2->sam_sad.length);
if (!securid_user) {
retval = ENOMEM;
com_err("krb5kdc", ENOMEM,
- "while copying user name in "
- "verify_securid_data_2 (%s)", user);
+ "while copying user name in verify_securid_data_2 (%s)", user);
goto cleanup;
}
cp = strchr(securid_user, '@');
&track_id_data);
if (retval) {
com_err("krb5kdc", retval,
- "while decrypting SecurID trackID in "
- "verify_securid_data_2 (%s)", user);
+ "while decrypting SecurID trackID in "
+ "verify_securid_data_2 (%s)", user);
goto cleanup;
}
if (track_id_data.length < sizeof (struct securid_track_data)) {
retval = KRB5KDC_ERR_PREAUTH_FAILED;
- com_err("krb5kdc", retval,
- "Length of track data incorrect");
+ com_err("krb5kdc", retval, "Length of track data incorrect");
goto cleanup;
}
trackp = (struct securid_track_data *)track_id_data.data;
tmp_data.length = sizeof(sc2b.sam_nonce);
if ((retval = krb5_c_random_make_octets(context, &tmp_data))) {
com_err("krb5kdc", retval,
- "while making nonce for SecurID new "
- "PIN2 SAM_CHALLENGE_2 (%s)", user);
+ "while making nonce for SecurID new "
+ "PIN2 SAM_CHALLENGE_2 (%s)", user);
goto cleanup;
}
sid_track_data.state = SECURID_STATE_NEW_PIN_AGAIN;
&tmp_data,
&sc2b.sam_track_id))) {
com_err("krb5kdc", retval,
- "while encrypting NEW PIN2 SecurID "
- "track data for SAM_CHALLENGE_2 (%s)",
- securid_user);
+ "while encrypting NEW PIN2 SecurID "
+ "track data for SAM_CHALLENGE_2 (%s)",
+ securid_user);
goto cleanup;
}
retval = securid_make_sam_challenge_2_and_cksum(context, sc2p,
&client_key);
if (retval) {
com_err("krb5kdc", retval,
- "while making cksum for "
- "SAM_CHALLENGE_2 (new PIN2) (%s)",
- securid_user);
+ "while making cksum for "
+ "SAM_CHALLENGE_2 (new PIN2) (%s)", securid_user);
goto cleanup;
}
krb5_klog_syslog(LOG_INFO,
retval = SD_Init(&sd_handle);
if (retval) {
com_err("krb5kdc", KRB5KDC_ERR_PREAUTH_FAILED,
- "SD_Init() returns error %d in "
- "verify_securid_data_2 (%s)",
- retval, securid_user);
+ "SD_Init() returns error %d in verify_securid_data_2 (%s)",
+ retval, securid_user);
retval = KRB5KDC_ERR_PREAUTH_FAILED;
goto cleanup;
}
tmp_data.data = (char *)&sc2b.sam_nonce;
tmp_data.length = sizeof(sc2b.sam_nonce);
if ((retval = krb5_c_random_make_octets(context, &tmp_data))) {
- com_err("krb5kdc", retval, "while making nonce "
- "for SecurID SAM_CHALLENGE_2 (%s)",
- user);
+ com_err("krb5kdc", retval,
+ "while making nonce for SecurID SAM_CHALLENGE_2 (%s)",
+ user);
goto cleanup;
}
if (new_pin)
&sc2b.sam_track_id);
if (retval) {
com_err("krb5kdc", retval,
- "while encrypting SecurID track "
- "data for SAM_CHALLENGE_2 (%s)",
- securid_user);
+ "while encrypting SecurID track "
+ "data for SAM_CHALLENGE_2 (%s)",
+ securid_user);
goto cleanup;
}
retval = securid_make_sam_challenge_2_and_cksum(context, sc2p,
&sc2b,
&client_key);
if (retval) {
- com_err("krb5kdc", retval, "while making cksum "
- "for SAM_CHALLENGE_2 (%s)",
- securid_user);
+ com_err("krb5kdc", retval,
+ "while making cksum for SAM_CHALLENGE_2 (%s)",
+ securid_user);
}
if (new_pin)
krb5_klog_syslog(LOG_INFO, "New SecurID PIN required for "
}
default:
com_err("krb5kdc", KRB5KDC_ERR_PREAUTH_FAILED,
- "AceServer returns unknown error code %d "
- "in verify_securid_data_2\n", retval);
+ "AceServer returns unknown error code %d "
+ "in verify_securid_data_2\n", retval);
retval = KRB5KDC_ERR_PREAUTH_FAILED;
goto cleanup;
}