Whitespace changes, mostly horizontal, for consistency with current
authorKen Raeburn <raeburn@mit.edu>
Fri, 5 Sep 2008 20:39:19 +0000 (20:39 +0000)
committerKen Raeburn <raeburn@mit.edu>
Fri, 5 Sep 2008 20:39:19 +0000 (20:39 +0000)
style: indentation levels, spacing around if/else/for/while and
braces.  Still plenty of inconsistency with current coding standards,
especially for when line breaks are to be used.  Didn't touch
multi-line macro definitions, or .h function declarations.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20707 dc483132-0cff-0310-8789-dd5450dbe970

12 files changed:
src/lib/krb5/asn.1/asn1_decode.c
src/lib/krb5/asn.1/asn1_encode.c
src/lib/krb5/asn.1/asn1_get.c
src/lib/krb5/asn.1/asn1_k_decode.c
src/lib/krb5/asn.1/asn1_k_encode.c
src/lib/krb5/asn.1/asn1_make.c
src/lib/krb5/asn.1/asn1_misc.c
src/lib/krb5/asn.1/asn1buf.c
src/lib/krb5/asn.1/asn1buf.h
src/lib/krb5/asn.1/krb5_decode.c
src/lib/krb5/asn.1/krb5_encode.c
src/lib/krb5/asn.1/ldap_key_seq.c

index 5fc1cc3ecee33b4b9eedf477fc2a5b3d5c69dd1b..dffd93b44a02bd6fe8acf2f5094326a9bd4f3bb5 100644 (file)
@@ -49,8 +49,8 @@ taginfo tinfo
 
 #define tag(type)\
 retval = asn1_get_tag_2(buf,&tinfo);\
-if(retval) return retval;\
-if(asn1class != UNIVERSAL || construction != PRIMITIVE || tagnum != type)\
+if (retval) return retval;\
+if (asn1class != UNIVERSAL || construction != PRIMITIVE || tagnum != type)\
   return ASN1_BAD_ID
   
 #define cleanup()\
@@ -58,51 +58,51 @@ return 0
 
 asn1_error_code asn1_decode_integer(asn1buf *buf, long int *val)
 {
-  setup();
-  asn1_octet o;
-  long n = 0; /* initialize to keep gcc happy */
-  unsigned int i;
+    setup();
+    asn1_octet o;
+    long n = 0; /* initialize to keep gcc happy */
+    unsigned int i;
 
-  tag(ASN1_INTEGER);
+    tag(ASN1_INTEGER);
 
-  for (i = 0; i < length; i++) {
-    retval = asn1buf_remove_octet(buf, &o);
-    if (retval) return retval;
-    if (!i) {
-      n = (0x80 & o) ? -1 : 0; /* grab sign bit */
-      if (n < 0 && length > sizeof (long))
-       return ASN1_OVERFLOW;
-      else if (length > sizeof (long) + 1) /* allow extra octet for positive */
-       return ASN1_OVERFLOW;
+    for (i = 0; i < length; i++) {
+       retval = asn1buf_remove_octet(buf, &o);
+       if (retval) return retval;
+       if (!i) {
+           n = (0x80 & o) ? -1 : 0;    /* grab sign bit */
+           if (n < 0 && length > sizeof (long))
+               return ASN1_OVERFLOW;
+           else if (length > sizeof (long) + 1) /* allow extra octet for positive */
+               return ASN1_OVERFLOW;
+       }
+       n = (n << 8) | o;
     }
-    n = (n << 8) | o;
-  }
-  *val = n;
-  cleanup();
+    *val = n;
+    cleanup();
 }
 
 asn1_error_code asn1_decode_unsigned_integer(asn1buf *buf, long unsigned int *val)
 {
-  setup();
-  asn1_octet o;
-  unsigned long n;
-  unsigned int i;
+    setup();
+    asn1_octet o;
+    unsigned long n;
+    unsigned int i;
 
-  tag(ASN1_INTEGER);
+    tag(ASN1_INTEGER);
 
-  for (i = 0, n = 0; i < length; i++) {
-    retval = asn1buf_remove_octet(buf, &o);
-    if(retval) return retval;
-    if (!i) {
-      if (0x80 & o)
-       return ASN1_OVERFLOW;
-      else if (length > sizeof (long) + 1)
-       return ASN1_OVERFLOW;
+    for (i = 0, n = 0; i < length; i++) {
+       retval = asn1buf_remove_octet(buf, &o);
+       if (retval) return retval;
+       if (!i) {
+           if (0x80 & o)
+               return ASN1_OVERFLOW;
+           else if (length > sizeof (long) + 1)
+               return ASN1_OVERFLOW;
+       }
+       n = (n << 8) | o;
     }
-    n = (n << 8) | o;
-  }
-  *val = n;
-  cleanup();
+    *val = n;
+    cleanup();
 }
 
 /*
@@ -117,144 +117,144 @@ asn1_error_code asn1_decode_unsigned_integer(asn1buf *buf, long unsigned int *va
  */
 asn1_error_code asn1_decode_maybe_unsigned(asn1buf *buf, unsigned long *val)
 {
-  setup();
-  asn1_octet o;
-  unsigned long n, bitsremain;
-  unsigned int i;
+    setup();
+    asn1_octet o;
+    unsigned long n, bitsremain;
+    unsigned int i;
 
-  tag(ASN1_INTEGER);
-  o = 0;
-  n = 0;
-  bitsremain = ~0UL;
-  for (i = 0; i < length; i++) {
-    /* Accounts for u_long width not being a multiple of 8. */
-    if (bitsremain < 0xff) return ASN1_OVERFLOW;
-    retval = asn1buf_remove_octet(buf, &o);
-    if (retval) return retval;
-    if (bitsremain == ~0UL) {
-      if (i == 0)
-       n = (o & 0x80) ? ~0UL : 0UL; /* grab sign bit */
-      /*
-       * Skip leading zero or 0xFF octets to humor non-compliant encoders.
-       */
-      if (n == 0 && o == 0)
-       continue;
-      if (n == ~0UL && o == 0xff)
-       continue;
+    tag(ASN1_INTEGER);
+    o = 0;
+    n = 0;
+    bitsremain = ~0UL;
+    for (i = 0; i < length; i++) {
+       /* Accounts for u_long width not being a multiple of 8. */
+       if (bitsremain < 0xff) return ASN1_OVERFLOW;
+       retval = asn1buf_remove_octet(buf, &o);
+       if (retval) return retval;
+       if (bitsremain == ~0UL) {
+           if (i == 0)
+               n = (o & 0x80) ? ~0UL : 0UL; /* grab sign bit */
+           /*
+            * Skip leading zero or 0xFF octets to humor non-compliant encoders.
+            */
+           if (n == 0 && o == 0)
+               continue;
+           if (n == ~0UL && o == 0xff)
+               continue;
+       }
+       n = (n << 8) | o;
+       bitsremain >>= 8;
     }
-    n = (n << 8) | o;
-    bitsremain >>= 8;
-  }
-  *val = n;
-  cleanup();
+    *val = n;
+    cleanup();
 }
 
 asn1_error_code asn1_decode_oid(asn1buf *buf, unsigned int *retlen, asn1_octet **val)
 {
-  setup();
-  tag(ASN1_OBJECTIDENTIFIER);
-  retval = asn1buf_remove_octetstring(buf, length, val);
-  if (retval) return retval;
-  *retlen = length;
-  cleanup();
+    setup();
+    tag(ASN1_OBJECTIDENTIFIER);
+    retval = asn1buf_remove_octetstring(buf, length, val);
+    if (retval) return retval;
+    *retlen = length;
+    cleanup();
 }
 
 asn1_error_code asn1_decode_octetstring(asn1buf *buf, unsigned int *retlen, asn1_octet **val)
 {
-  setup();
-  tag(ASN1_OCTETSTRING);
-  retval = asn1buf_remove_octetstring(buf,length,val);
-  if(retval) return retval;
-  *retlen = length;
-  cleanup();
+    setup();
+    tag(ASN1_OCTETSTRING);
+    retval = asn1buf_remove_octetstring(buf,length,val);
+    if (retval) return retval;
+    *retlen = length;
+    cleanup();
 }
 
 asn1_error_code asn1_decode_charstring(asn1buf *buf, unsigned int *retlen, char **val)
 {
-  setup();
-  tag(ASN1_OCTETSTRING);
-  retval = asn1buf_remove_charstring(buf,length,val);
-  if(retval) return retval;
-  *retlen = length;
-  cleanup();
+    setup();
+    tag(ASN1_OCTETSTRING);
+    retval = asn1buf_remove_charstring(buf,length,val);
+    if (retval) return retval;
+    *retlen = length;
+    cleanup();
 }
 
 
 asn1_error_code asn1_decode_generalstring(asn1buf *buf, unsigned int *retlen, char **val)
 {
-  setup();
-  tag(ASN1_GENERALSTRING);
-  retval = asn1buf_remove_charstring(buf,length,val);
-  if(retval) return retval;
-  *retlen = length;
-  cleanup();
+    setup();
+    tag(ASN1_GENERALSTRING);
+    retval = asn1buf_remove_charstring(buf,length,val);
+    if (retval) return retval;
+    *retlen = length;
+    cleanup();
 }
 
 
 asn1_error_code asn1_decode_null(asn1buf *buf)
 {
-  setup();
-  tag(ASN1_NULL);
-  if(length != 0) return ASN1_BAD_LENGTH;
-  cleanup();
+    setup();
+    tag(ASN1_NULL);
+    if (length != 0) return ASN1_BAD_LENGTH;
+    cleanup();
 }
 
 asn1_error_code asn1_decode_printablestring(asn1buf *buf, int *retlen, char **val)
 {
-  setup();
-  tag(ASN1_PRINTABLESTRING);
-  retval = asn1buf_remove_charstring(buf,length,val);
-  if(retval) return retval;
-  *retlen = length;
-  cleanup();
+    setup();
+    tag(ASN1_PRINTABLESTRING);
+    retval = asn1buf_remove_charstring(buf,length,val);
+    if (retval) return retval;
+    *retlen = length;
+    cleanup();
 }
 
 asn1_error_code asn1_decode_ia5string(asn1buf *buf, int *retlen, char **val)
 {
-  setup();
-  tag(ASN1_IA5STRING);
-  retval = asn1buf_remove_charstring(buf,length,val);
-  if(retval) return retval;
-  *retlen = length;
-  cleanup();
+    setup();
+    tag(ASN1_IA5STRING);
+    retval = asn1buf_remove_charstring(buf,length,val);
+    if (retval) return retval;
+    *retlen = length;
+    cleanup();
 }
 
 asn1_error_code asn1_decode_generaltime(asn1buf *buf, time_t *val)
 {
-  setup();
-  char *s;
-  struct tm ts;
-  time_t t;
+    setup();
+    char *s;
+    struct tm ts;
+    time_t t;
 
-  tag(ASN1_GENERALTIME);
+    tag(ASN1_GENERALTIME);
 
-  if(length != 15) return ASN1_BAD_LENGTH;
-  retval = asn1buf_remove_charstring(buf,15,&s);
-  /* Time encoding: YYYYMMDDhhmmssZ */
-  if(s[14] != 'Z') {
-      free(s);
-      return ASN1_BAD_FORMAT;
-  }
-  if(s[0] == '1' && !memcmp("19700101000000Z", s, 15)) {
-      t = 0;
-      free(s);
-      goto done;
-  }
+    if (length != 15) return ASN1_BAD_LENGTH;
+    retval = asn1buf_remove_charstring(buf,15,&s);
+    /* Time encoding: YYYYMMDDhhmmssZ */
+    if (s[14] != 'Z') {
+       free(s);
+       return ASN1_BAD_FORMAT;
+    }
+    if (s[0] == '1' && !memcmp("19700101000000Z", s, 15)) {
+       t = 0;
+       free(s);
+       goto done;
+    }
 #define c2i(c) ((c)-'0')
-  ts.tm_year = 1000*c2i(s[0]) + 100*c2i(s[1]) + 10*c2i(s[2]) + c2i(s[3])
-    - 1900;
-  ts.tm_mon = 10*c2i(s[4]) + c2i(s[5]) - 1;
-  ts.tm_mday = 10*c2i(s[6]) + c2i(s[7]);
-  ts.tm_hour = 10*c2i(s[8]) + c2i(s[9]);
-  ts.tm_min = 10*c2i(s[10]) + c2i(s[11]);
-  ts.tm_sec = 10*c2i(s[12]) + c2i(s[13]);
-  ts.tm_isdst = -1;
-  t = krb5int_gmt_mktime(&ts);
-  free(s);
+    ts.tm_year = 1000*c2i(s[0]) + 100*c2i(s[1]) + 10*c2i(s[2]) + c2i(s[3])
+       - 1900;
+    ts.tm_mon = 10*c2i(s[4]) + c2i(s[5]) - 1;
+    ts.tm_mday = 10*c2i(s[6]) + c2i(s[7]);
+    ts.tm_hour = 10*c2i(s[8]) + c2i(s[9]);
+    ts.tm_min = 10*c2i(s[10]) + c2i(s[11]);
+    ts.tm_sec = 10*c2i(s[12]) + c2i(s[13]);
+    ts.tm_isdst = -1;
+    t = krb5int_gmt_mktime(&ts);
+    free(s);
 
-  if(t == -1) return ASN1_BAD_TIMEFORMAT;
+    if (t == -1) return ASN1_BAD_TIMEFORMAT;
 
 done:
-  *val = t;
-  cleanup();
+    *val = t;
+    cleanup();
 }
index 5ef2a3efa8a1545c52710a60965f6b68d315b7a5..add932ecb181edea893064ef11cc3124f4a7023a 100644 (file)
 static asn1_error_code asn1_encode_integer_internal(asn1buf *buf,  long val,
                                                    unsigned int *retlen)
 {
-  asn1_error_code retval;
-  unsigned int length = 0;
-  long valcopy;
-  int digit;
+    asn1_error_code retval;
+    unsigned int length = 0;
+    long valcopy;
+    int digit;
   
-  valcopy = val;
-  do {
-    digit = (int) (valcopy&0xFF);
-    retval = asn1buf_insert_octet(buf,(asn1_octet) digit);
-    if(retval) return retval;
-    length++;
-    valcopy = valcopy >> 8;
-  } while (valcopy != 0 && valcopy != ~0);
-
-  if((val > 0) && ((digit&0x80) == 0x80)) { /* make sure the high bit is */
-    retval = asn1buf_insert_octet(buf,0); /* of the proper signed-ness */
-    if(retval) return retval;
-    length++;
-  }else if((val < 0) && ((digit&0x80) != 0x80)){
-    retval = asn1buf_insert_octet(buf,0xFF);
-    if(retval) return retval;
-    length++;
-  }
-
-
-  *retlen = length;
-  return 0;
+    valcopy = val;
+    do {
+       digit = (int) (valcopy&0xFF);
+       retval = asn1buf_insert_octet(buf,(asn1_octet) digit);
+       if (retval) return retval;
+       length++;
+       valcopy = valcopy >> 8;
+    } while (valcopy != 0 && valcopy != ~0);
+
+    if ((val > 0) && ((digit&0x80) == 0x80)) { /* make sure the high bit is */
+       retval = asn1buf_insert_octet(buf,0); /* of the proper signed-ness */
+       if (retval) return retval;
+       length++;
+    } else if ((val < 0) && ((digit&0x80) != 0x80)) {
+       retval = asn1buf_insert_octet(buf,0xFF);
+       if (retval) return retval;
+       length++;
+    }
+
+
+    *retlen = length;
+    return 0;
 }
 
 asn1_error_code asn1_encode_integer(asn1buf * buf,  long val,
- unsigned int *retlen)
                                  unsigned int *retlen)
 {
-  asn1_error_code retval;
-  unsigned int length = 0;
-  unsigned  int partlen;
-  retval = asn1_encode_integer_internal(buf, val, &partlen);
-  if (retval) return retval;
+    asn1_error_code retval;
+    unsigned int length = 0;
+    unsigned  int partlen;
+    retval = asn1_encode_integer_internal(buf, val, &partlen);
+    if (retval) return retval;
 
-  length = partlen;
+    length = partlen;
     retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_INTEGER,length, &partlen); 
-  if(retval) return retval;
-  length += partlen;
+    if (retval) return retval;
+    length += partlen;
 
-  *retlen = length;
-  return 0;
+    *retlen = length;
+    return 0;
 }
 
 asn1_error_code
 asn1_encode_enumerated(asn1buf * buf, long val,
                       unsigned int *retlen)
 {
-  asn1_error_code retval;
-  unsigned int length = 0;
-  unsigned  int partlen;
-  retval = asn1_encode_integer_internal(buf, val, &partlen);
-  if (retval) return retval;
+    asn1_error_code retval;
+    unsigned int length = 0;
+    unsigned  int partlen;
+    retval = asn1_encode_integer_internal(buf, val, &partlen);
+    if (retval) return retval;
 
-  length = partlen;
+    length = partlen;
     retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_ENUMERATED,length, &partlen); 
-  if(retval) return retval;
-  length += partlen;
+    if (retval) return retval;
+    length += partlen;
 
-  *retlen = length;
-  return 0;
+    *retlen = length;
+    return 0;
 }
 
 asn1_error_code asn1_encode_unsigned_integer(asn1buf *buf, unsigned long val,
                                             unsigned int *retlen)
 {
-  asn1_error_code retval;
-  unsigned int length = 0;
-  unsigned int partlen;
-  unsigned long valcopy;
-  int digit;
+    asn1_error_code retval;
+    unsigned int length = 0;
+    unsigned int partlen;
+    unsigned long valcopy;
+    int digit;
   
-  valcopy = val;
-  do {
-    digit = (int) (valcopy&0xFF);
-    retval = asn1buf_insert_octet(buf,(asn1_octet) digit);
-    if(retval) return retval;
-    length++;
-    valcopy = valcopy >> 8;
-  } while (valcopy != 0 && valcopy != ~0);
-
-  if(digit&0x80) {                       /* make sure the high bit is */
-    retval = asn1buf_insert_octet(buf,0); /* of the proper signed-ness */
-    if(retval) return retval;
-    length++;
-  }
-
-  retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_INTEGER,length, &partlen); 
-  if(retval) return retval;
-  length += partlen;
-
-  *retlen = length;
-  return 0;
+    valcopy = val;
+    do {
+       digit = (int) (valcopy&0xFF);
+       retval = asn1buf_insert_octet(buf,(asn1_octet) digit);
+       if (retval) return retval;
+       length++;
+       valcopy = valcopy >> 8;
+    } while (valcopy != 0 && valcopy != ~0);
+
+    if (digit&0x80) {                    /* make sure the high bit is */
+       retval = asn1buf_insert_octet(buf,0); /* of the proper signed-ness */
+       if (retval) return retval;
+       length++;
+    }
+
+    retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_INTEGER,length, &partlen); 
+    if (retval) return retval;
+    length += partlen;
+
+    *retlen = length;
+    return 0;
 }
 
 asn1_error_code asn1_encode_oid(asn1buf *buf, unsigned int len,
                                const asn1_octet *val,
                                unsigned int *retlen)
 {
-  asn1_error_code retval;
-  unsigned int length;
+    asn1_error_code retval;
+    unsigned int length;
 
-  retval = asn1buf_insert_octetstring(buf, len, val);
-  if (retval) return retval;
-  retval = asn1_make_tag(buf, UNIVERSAL, PRIMITIVE, ASN1_OBJECTIDENTIFIER,
-                        len, &length);
-  if (retval) return retval;
+    retval = asn1buf_insert_octetstring(buf, len, val);
+    if (retval) return retval;
+    retval = asn1_make_tag(buf, UNIVERSAL, PRIMITIVE, ASN1_OBJECTIDENTIFIER,
+                          len, &length);
+    if (retval) return retval;
 
-  *retlen = len + length;
-  return 0;
+    *retlen = len + length;
+    return 0;
 }
 
 asn1_error_code asn1_encode_octetstring(asn1buf *buf, unsigned int len,
                                        const asn1_octet *val,
                                        unsigned int *retlen)
 {
-  asn1_error_code retval;
-  unsigned int length;
+    asn1_error_code retval;
+    unsigned int length;
 
-  retval = asn1buf_insert_octetstring(buf,len,val);
-  if(retval) return retval;
-  retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_OCTETSTRING,len,&length);
-  if(retval) return retval;
+    retval = asn1buf_insert_octetstring(buf,len,val);
+    if (retval) return retval;
+    retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_OCTETSTRING,len,&length);
+    if (retval) return retval;
 
-  *retlen = len + length;
-  return 0;
+    *retlen = len + length;
+    return 0;
 }
 
 asn1_error_code asn1_encode_charstring(asn1buf *buf, unsigned int len,
                                       const char *val, unsigned int *retlen)
 {
-  asn1_error_code retval;
-  unsigned int length;
+    asn1_error_code retval;
+    unsigned int length;
 
-  retval = asn1buf_insert_charstring(buf,len,val);
-  if(retval) return retval;
-  retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_OCTETSTRING,len,&length);
-  if(retval) return retval;
+    retval = asn1buf_insert_charstring(buf,len,val);
+    if (retval) return retval;
+    retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_OCTETSTRING,len,&length);
+    if (retval) return retval;
 
-  *retlen = len + length;
-  return 0;
+    *retlen = len + length;
+    return 0;
 }
 
 asn1_error_code asn1_encode_null(asn1buf *buf, int *retlen)
 {
-  asn1_error_code retval;
+    asn1_error_code retval;
   
-  retval = asn1buf_insert_octet(buf,0x00);
-  if(retval) return retval;
-  retval = asn1buf_insert_octet(buf,0x05);
-  if(retval) return retval;
+    retval = asn1buf_insert_octet(buf,0x00);
+    if (retval) return retval;
+    retval = asn1buf_insert_octet(buf,0x05);
+    if (retval) return retval;
 
-  *retlen = 2;
-  return 0;
+    *retlen = 2;
+    return 0;
 }
 
 asn1_error_code asn1_encode_printablestring(asn1buf *buf, unsigned int len,
                                            const char *val, int *retlen)
 {
-  asn1_error_code retval;
-  unsigned int length;
+    asn1_error_code retval;
+    unsigned int length;
 
-  retval = asn1buf_insert_charstring(buf,len,val);
-  if(retval) return retval;
-  retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_PRINTABLESTRING,len,                      &length);
-  if(retval) return retval;
+    retval = asn1buf_insert_charstring(buf,len,val);
+    if (retval) return retval;
+    retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_PRINTABLESTRING,len,                    &length);
+    if (retval) return retval;
 
-  *retlen = len + length;
-  return 0;
+    *retlen = len + length;
+    return 0;
 }
 
 asn1_error_code asn1_encode_ia5string(asn1buf *buf, unsigned int len,
                                      const char *val, int *retlen)
 {
-  asn1_error_code retval;
-  unsigned int length;
+    asn1_error_code retval;
+    unsigned int length;
 
-  retval = asn1buf_insert_charstring(buf,len,val);
-  if(retval) return retval;
-  retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_IA5STRING,len,                    &length);
-  if(retval) return retval;
+    retval = asn1buf_insert_charstring(buf,len,val);
+    if (retval) return retval;
+    retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_IA5STRING,len,                  &length);
+    if (retval) return retval;
 
-  *retlen = len + length;
-  return 0;
+    *retlen = len + length;
+    return 0;
 }
 
 asn1_error_code asn1_encode_generaltime(asn1buf *buf, time_t val,
                                        unsigned int *retlen)
 {
-  asn1_error_code retval;
-  struct tm *gtime, gtimebuf;
-  char s[16], *sp;
-  unsigned int length, sum=0;
-  time_t gmt_time = val;
-
-  /*
-   * Time encoding: YYYYMMDDhhmmssZ
-   */
-  if (gmt_time == 0) {
-      sp = "19700101000000Z";
-  } else {
-
-      /*
-       * Sanity check this just to be paranoid, as gmtime can return NULL,
-       * and some bogus implementations might overrun on the sprintf.
-       */
+    asn1_error_code retval;
+    struct tm *gtime, gtimebuf;
+    char s[16], *sp;
+    unsigned int length, sum=0;
+    time_t gmt_time = val;
+
+    /*
+     * Time encoding: YYYYMMDDhhmmssZ
+     */
+    if (gmt_time == 0) {
+       sp = "19700101000000Z";
+    } else {
+
+       /*
+        * Sanity check this just to be paranoid, as gmtime can return NULL,
+        * and some bogus implementations might overrun on the sprintf.
+        */
 #ifdef HAVE_GMTIME_R
 # ifdef GMTIME_R_RETURNS_INT
-      if (gmtime_r(&gmt_time, &gtimebuf) != 0)
-         return ASN1_BAD_GMTIME;
+       if (gmtime_r(&gmt_time, &gtimebuf) != 0)
+           return ASN1_BAD_GMTIME;
 # else
-      if (gmtime_r(&gmt_time, &gtimebuf) == NULL)
-         return ASN1_BAD_GMTIME;
+       if (gmtime_r(&gmt_time, &gtimebuf) == NULL)
+           return ASN1_BAD_GMTIME;
 # endif
 #else
-      gtime = gmtime(&gmt_time);
-      if (gtime == NULL)
-         return ASN1_BAD_GMTIME;
-      memcpy(&gtimebuf, gtime, sizeof(gtimebuf));
+       gtime = gmtime(&gmt_time);
+       if (gtime == NULL)
+           return ASN1_BAD_GMTIME;
+       memcpy(&gtimebuf, gtime, sizeof(gtimebuf));
 #endif
-      gtime = &gtimebuf;
-
-      if (gtime->tm_year > 8099 || gtime->tm_mon > 11 ||
-         gtime->tm_mday > 31 || gtime->tm_hour > 23 ||
-         gtime->tm_min > 59 || gtime->tm_sec > 59)
-         return ASN1_BAD_GMTIME;
-      if (snprintf(s, sizeof(s), "%04d%02d%02d%02d%02d%02dZ",
-                  1900+gtime->tm_year, gtime->tm_mon+1, gtime->tm_mday,
-                  gtime->tm_hour, gtime->tm_min, gtime->tm_sec)
-         >= sizeof(s))
-         /* Shouldn't be possible given above tests.  */
-         return ASN1_BAD_GMTIME;
-      sp = s;
-  }
-
-  retval = asn1buf_insert_charstring(buf,15,sp);
-  if(retval) return retval;
-  sum = 15;
-
-  retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_GENERALTIME,sum,&length);
-  if(retval) return retval;
-  sum += length;
-
-  *retlen = sum;
-  return 0;
+       gtime = &gtimebuf;
+
+       if (gtime->tm_year > 8099 || gtime->tm_mon > 11 ||
+           gtime->tm_mday > 31 || gtime->tm_hour > 23 ||
+           gtime->tm_min > 59 || gtime->tm_sec > 59)
+           return ASN1_BAD_GMTIME;
+       if (snprintf(s, sizeof(s), "%04d%02d%02d%02d%02d%02dZ",
+                    1900+gtime->tm_year, gtime->tm_mon+1, gtime->tm_mday,
+                    gtime->tm_hour, gtime->tm_min, gtime->tm_sec)
+           >= sizeof(s))
+           /* Shouldn't be possible given above tests.  */
+           return ASN1_BAD_GMTIME;
+       sp = s;
+    }
+
+    retval = asn1buf_insert_charstring(buf,15,sp);
+    if (retval) return retval;
+    sum = 15;
+
+    retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_GENERALTIME,sum,&length);
+    if (retval) return retval;
+    sum += length;
+
+    *retlen = sum;
+    return 0;
 }
 
 asn1_error_code asn1_encode_generalstring(asn1buf *buf, unsigned int len,
                                          const char *val,
                                          unsigned int *retlen)
 {
-  asn1_error_code retval;
-  unsigned int length;
+    asn1_error_code retval;
+    unsigned int length;
 
-  retval = asn1buf_insert_charstring(buf,len,val);
-  if(retval) return retval;
-  retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_GENERALSTRING,len,
-                        &length);
-  if(retval) return retval;
+    retval = asn1buf_insert_charstring(buf,len,val);
+    if (retval) return retval;
+    retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_GENERALSTRING,len,
+                          &length);
+    if (retval) return retval;
 
-  *retlen = len + length;
-  return 0;
+    *retlen = len + length;
+    return 0;
 }
index 8da5fd88062ce51b7a71dc32b3365a1b376b5b3f..66fd1b6cbece4557cda9e33541d0bcd5c4207ff6 100644 (file)
@@ -55,7 +55,7 @@ asn1_get_tag_2(asn1buf *buf, taginfo *t)
 
        t->asn1class = (asn1_class)(o&ASN1_CLASS_MASK);
        t->construction = (asn1_construction)(o&ASN1_CONSTRUCTION_MASK);
-       if ((o&ASN1_TAG_NUMBER_MASK) != ASN1_TAG_NUMBER_MASK){
+       if ((o&ASN1_TAG_NUMBER_MASK) != ASN1_TAG_NUMBER_MASK) {
            /* low-tag-number form */
            t->tagnum = (asn1_tagnum)(o&ASN1_TAG_NUMBER_MASK);
        } else {
@@ -64,7 +64,7 @@ asn1_get_tag_2(asn1buf *buf, taginfo *t)
                retval = asn1buf_remove_octet(buf,&o);
                if (retval) return retval;
                tn = (tn<<7) + (asn1_tagnum)(o&0x7F);
-           }while(o&0x80);
+           } while (o&0x80);
            t->tagnum = tn;
        }
     }
@@ -84,7 +84,7 @@ asn1_get_tag_2(asn1buf *buf, taginfo *t)
     
            for (num = (int)(o&0x7F); num>0; num--) {
                retval = asn1buf_remove_octet(buf,&o);
-               if(retval) return retval;
+               if (retval) return retval;
                len = (len<<8) + (int)o;
            }
            if (len < 0)
index b332e13925a4f05faa52d55a570e66c61e136dfa..4290561d7a6ddeedc5cf1de87a84efe6cfea1e7a 100644 (file)
@@ -70,7 +70,7 @@ asn1_get_eoc_tag (asn1buf *buf)
 #define get_eoc()                              \
     {                                          \
        retval = asn1_get_eoc_tag(&subbuf);     \
-       if(retval) return retval;               \
+       if (retval) return retval;              \
     }
 
 #define alloc_field(var, type)                 \
@@ -370,7 +370,7 @@ asn1_error_code fname(asn1buf * buf, ktype * val)\
   asn1_error_code retval;\
   long n;\
   retval = asn1_decode_integer(buf,&n);\
-  if(retval) return retval;\
+  if (retval) return retval;\
   *val = (ktype)n;\
   return 0;\
 }
@@ -380,7 +380,7 @@ asn1_error_code fname(asn1buf * buf, ktype * val)\
   asn1_error_code retval;\
   unsigned long n;\
   retval = asn1_decode_unsigned_integer(buf,&n);\
-  if(retval) return retval;\
+  if (retval) return retval;\
   *val = (ktype)n;\
   return 0;\
 }
@@ -397,145 +397,145 @@ unsigned_integer_convert(asn1_decode_ui_4,krb5_ui_4)
 
 asn1_error_code asn1_decode_seqnum(asn1buf *buf, krb5_ui_4 *val)
 {
-  asn1_error_code retval;
-  unsigned long n;
+    asn1_error_code retval;
+    unsigned long n;
 
-  retval = asn1_decode_maybe_unsigned(buf, &n);
-  if (retval) return retval;
-  *val = (krb5_ui_4)n & 0xffffffff;
-  return 0;
+    retval = asn1_decode_maybe_unsigned(buf, &n);
+    if (retval) return retval;
+    *val = (krb5_ui_4)n & 0xffffffff;
+    return 0;
 }
 
 asn1_error_code asn1_decode_msgtype(asn1buf *buf, krb5_msgtype *val)
 {
-  asn1_error_code retval;
-  unsigned long n;
+    asn1_error_code retval;
+    unsigned long n;
   
-  retval = asn1_decode_unsigned_integer(buf,&n);
-  if(retval) return retval;
+    retval = asn1_decode_unsigned_integer(buf,&n);
+    if (retval) return retval;
   
-  *val = (krb5_msgtype) n;
-  return 0;
+    *val = (krb5_msgtype) n;
+    return 0;
 }
 
 
 /* structures */
 asn1_error_code asn1_decode_realm(asn1buf *buf, krb5_principal *val)
 {
-  return asn1_decode_generalstring(buf,
-                                  &((*val)->realm.length),
-                                  &((*val)->realm.data));
+    return asn1_decode_generalstring(buf,
+                                    &((*val)->realm.length),
+                                    &((*val)->realm.data));
 }
 
 asn1_error_code asn1_decode_principal_name(asn1buf *buf, krb5_principal *val)
 {
-  setup();
-  { begin_structure();
-    get_field((*val)->type,0,asn1_decode_int32);
+    setup();
+    { begin_structure();
+       get_field((*val)->type,0,asn1_decode_int32);
   
-    { sequence_of_no_tagvars(&subbuf);
-      while(asn1buf_remains(&seqbuf,seqofindef) > 0){
-       size++;
-       if ((*val)->data == NULL)
-         (*val)->data = (krb5_data*)malloc(size*sizeof(krb5_data));
-       else
-         (*val)->data = (krb5_data*)realloc((*val)->data,
-                                            size*sizeof(krb5_data));
-       if((*val)->data == NULL) return ENOMEM;
-       retval = asn1_decode_generalstring(&seqbuf,
-                                          &((*val)->data[size-1].length),
-                                          &((*val)->data[size-1].data));
-       if(retval) return retval;
-      }
-      (*val)->length = size;
-      end_sequence_of_no_tagvars(&subbuf);
-    }
-    if (indef) {
-       get_eoc();
+       { sequence_of_no_tagvars(&subbuf);
+           while (asn1buf_remains(&seqbuf,seqofindef) > 0) {
+               size++;
+               if ((*val)->data == NULL)
+                   (*val)->data = (krb5_data*)malloc(size*sizeof(krb5_data));
+               else
+                   (*val)->data = (krb5_data*)realloc((*val)->data,
+                                                      size*sizeof(krb5_data));
+               if ((*val)->data == NULL) return ENOMEM;
+               retval = asn1_decode_generalstring(&seqbuf,
+                                                  &((*val)->data[size-1].length),
+                                                  &((*val)->data[size-1].data));
+               if (retval) return retval;
+           }
+           (*val)->length = size;
+           end_sequence_of_no_tagvars(&subbuf);
+       }
+       if (indef) {
+           get_eoc();
+       }
+       next_tag();
+       end_structure();
+       (*val)->magic = KV5M_PRINCIPAL;
     }
-    next_tag();
-    end_structure();
-    (*val)->magic = KV5M_PRINCIPAL;
-  }
-  cleanup();
+    cleanup();
 }
 
 asn1_error_code asn1_decode_checksum(asn1buf *buf, krb5_checksum *val)
 {
-  setup();
-  { begin_structure();
-    get_field(val->checksum_type,0,asn1_decode_cksumtype);
-    get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
-    end_structure();
-    val->magic = KV5M_CHECKSUM;
-  }
-  cleanup();
+    setup();
+    { begin_structure();
+       get_field(val->checksum_type,0,asn1_decode_cksumtype);
+       get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
+       end_structure();
+       val->magic = KV5M_CHECKSUM;
+    }
+    cleanup();
 }
 
 asn1_error_code asn1_decode_encryption_key(asn1buf *buf, krb5_keyblock *val)
 {
-  setup();
-  { begin_structure();
-    get_field(val->enctype,0,asn1_decode_enctype);
-    get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
-    end_structure();
-    val->magic = KV5M_KEYBLOCK;
-  }
-  cleanup();
+    setup();
+    { begin_structure();
+       get_field(val->enctype,0,asn1_decode_enctype);
+       get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
+       end_structure();
+       val->magic = KV5M_KEYBLOCK;
+    }
+    cleanup();
 }
 
 asn1_error_code asn1_decode_encrypted_data(asn1buf *buf, krb5_enc_data *val)
 {
-  setup();
-  { begin_structure();
-    get_field(val->enctype,0,asn1_decode_enctype);
-    opt_field(val->kvno,1,asn1_decode_kvno,0);
-    get_lenfield(val->ciphertext.length,val->ciphertext.data,2,asn1_decode_charstring);
-    end_structure();
-    val->magic = KV5M_ENC_DATA;
-  }
-  cleanup();
+    setup();
+    { begin_structure();
+       get_field(val->enctype,0,asn1_decode_enctype);
+       opt_field(val->kvno,1,asn1_decode_kvno,0);
+       get_lenfield(val->ciphertext.length,val->ciphertext.data,2,asn1_decode_charstring);
+       end_structure();
+       val->magic = KV5M_ENC_DATA;
+    }
+    cleanup();
 }
 
 asn1_error_code asn1_decode_krb5_flags(asn1buf *buf, krb5_flags *val)
 {
-  asn1_error_code retval;
-  asn1_octet unused, o;
-  taginfo t;
-  unsigned int i;
-  krb5_flags f=0;
-  unsigned int length;
+    asn1_error_code retval;
+    asn1_octet unused, o;
+    taginfo t;
+    unsigned int i;
+    krb5_flags f=0;
+    unsigned int length;
 
-  retval = asn1_get_tag_2(buf, &t);
-  if (retval) return retval;
-  if (t.asn1class != UNIVERSAL || t.construction != PRIMITIVE ||
-      t.tagnum != ASN1_BITSTRING)
-      return ASN1_BAD_ID;
-  length = t.length;
-
-  retval = asn1buf_remove_octet(buf,&unused); /* # of padding bits */
-  if(retval) return retval;
-
-  /* Number of unused bits must be between 0 and 7. */
-  if (unused > 7) return ASN1_BAD_FORMAT;
-  length--;
-
-  for(i = 0; i < length; i++) {
-    retval = asn1buf_remove_octet(buf,&o);
-    if(retval) return retval;
-    /* ignore bits past number 31 */
-    if (i < 4)
-      f = (f<<8) | ((krb5_flags)o&0xFF);
-  }
-  if (length <= 4) {
-    /* Mask out unused bits, but only if necessary. */
-    f &= ~(krb5_flags)0 << unused;
-  }
-  /* left-justify */
-  if (length < 4)
-    f <<= (4 - length) * 8;
-  *val = f;
-  return 0;
+    retval = asn1_get_tag_2(buf, &t);
+    if (retval) return retval;
+    if (t.asn1class != UNIVERSAL || t.construction != PRIMITIVE ||
+       t.tagnum != ASN1_BITSTRING)
+       return ASN1_BAD_ID;
+    length = t.length;
+
+    retval = asn1buf_remove_octet(buf,&unused); /* # of padding bits */
+    if (retval) return retval;
+
+    /* Number of unused bits must be between 0 and 7. */
+    if (unused > 7) return ASN1_BAD_FORMAT;
+    length--;
+
+    for (i = 0; i < length; i++) {
+       retval = asn1buf_remove_octet(buf,&o);
+       if (retval) return retval;
+       /* ignore bits past number 31 */
+       if (i < 4)
+           f = (f<<8) | ((krb5_flags)o&0xFF);
+    }
+    if (length <= 4) {
+       /* Mask out unused bits, but only if necessary. */
+       f &= ~(krb5_flags)0 << unused;
+    }
+    /* left-justify */
+    if (length < 4)
+       f <<= (4 - length) * 8;
+    *val = f;
+    return 0;
 }
 
 asn1_error_code asn1_decode_ticket_flags(asn1buf *buf, krb5_flags *val)
@@ -549,188 +549,188 @@ asn1_error_code asn1_decode_kdc_options(asn1buf *buf, krb5_flags *val)
 
 asn1_error_code asn1_decode_transited_encoding(asn1buf *buf, krb5_transited *val)
 {
-  setup();
-  { begin_structure();
-    get_field(val->tr_type,0,asn1_decode_octet);
-    get_lenfield(val->tr_contents.length,val->tr_contents.data,1,asn1_decode_charstring);
-    end_structure();
-    val->magic = KV5M_TRANSITED;
-  }
-  cleanup();
+    setup();
+    { begin_structure();
+       get_field(val->tr_type,0,asn1_decode_octet);
+       get_lenfield(val->tr_contents.length,val->tr_contents.data,1,asn1_decode_charstring);
+       end_structure();
+       val->magic = KV5M_TRANSITED;
+    }
+    cleanup();
 }
 
 asn1_error_code asn1_decode_enc_kdc_rep_part(asn1buf *buf, krb5_enc_kdc_rep_part *val)
 {
-  setup();
-  { begin_structure();
-    alloc_field(val->session,krb5_keyblock);
-    get_field(*(val->session),0,asn1_decode_encryption_key);
-    get_field(val->last_req,1,asn1_decode_last_req);
-    get_field(val->nonce,2,asn1_decode_int32);
-    opt_field(val->key_exp,3,asn1_decode_kerberos_time,0);
-    get_field(val->flags,4,asn1_decode_ticket_flags);
-    get_field(val->times.authtime,5,asn1_decode_kerberos_time);
-    /* Set to authtime if missing */
-    opt_field(val->times.starttime,6,asn1_decode_kerberos_time,val->times.authtime);
-    get_field(val->times.endtime,7,asn1_decode_kerberos_time);
-    opt_field(val->times.renew_till,8,asn1_decode_kerberos_time,0);
-    alloc_field(val->server,krb5_principal_data);
-    get_field(val->server,9,asn1_decode_realm);
-    get_field(val->server,10,asn1_decode_principal_name);
-    opt_field(val->caddrs,11,asn1_decode_host_addresses,NULL);
-    end_structure();
-    val->magic = KV5M_ENC_KDC_REP_PART;
-  }
-  cleanup();
+    setup();
+    { begin_structure();
+       alloc_field(val->session,krb5_keyblock);
+       get_field(*(val->session),0,asn1_decode_encryption_key);
+       get_field(val->last_req,1,asn1_decode_last_req);
+       get_field(val->nonce,2,asn1_decode_int32);
+       opt_field(val->key_exp,3,asn1_decode_kerberos_time,0);
+       get_field(val->flags,4,asn1_decode_ticket_flags);
+       get_field(val->times.authtime,5,asn1_decode_kerberos_time);
+       /* Set to authtime if missing */
+       opt_field(val->times.starttime,6,asn1_decode_kerberos_time,val->times.authtime);
+       get_field(val->times.endtime,7,asn1_decode_kerberos_time);
+       opt_field(val->times.renew_till,8,asn1_decode_kerberos_time,0);
+       alloc_field(val->server,krb5_principal_data);
+       get_field(val->server,9,asn1_decode_realm);
+       get_field(val->server,10,asn1_decode_principal_name);
+       opt_field(val->caddrs,11,asn1_decode_host_addresses,NULL);
+       end_structure();
+       val->magic = KV5M_ENC_KDC_REP_PART;
+    }
+    cleanup();
 }
 
 asn1_error_code asn1_decode_ticket(asn1buf *buf, krb5_ticket *val)
 {
-  setup();
-  unsigned int applen;
-  apptag(1);
-  { begin_structure();
-    { krb5_kvno vno;
-      get_field(vno,0,asn1_decode_kvno);
-      if(vno != KVNO) return KRB5KDC_ERR_BAD_PVNO; }
-    alloc_field(val->server,krb5_principal_data);
-    get_field(val->server,1,asn1_decode_realm);
-    get_field(val->server,2,asn1_decode_principal_name);
-    get_field(val->enc_part,3,asn1_decode_encrypted_data);
-    end_structure();
-    val->magic = KV5M_TICKET;
-  }
-  if (!applen) {
-      taginfo t;
-      retval = asn1_get_tag_2(buf, &t);
-      if (retval) return retval;
-  }
-  cleanup();
+    setup();
+    unsigned int applen;
+    apptag(1);
+    { begin_structure();
+       { krb5_kvno vno;
+           get_field(vno,0,asn1_decode_kvno);
+           if (vno != KVNO) return KRB5KDC_ERR_BAD_PVNO; }
+       alloc_field(val->server,krb5_principal_data);
+       get_field(val->server,1,asn1_decode_realm);
+       get_field(val->server,2,asn1_decode_principal_name);
+       get_field(val->enc_part,3,asn1_decode_encrypted_data);
+       end_structure();
+       val->magic = KV5M_TICKET;
+    }
+    if (!applen) {
+       taginfo t;
+       retval = asn1_get_tag_2(buf, &t);
+       if (retval) return retval;
+    }
+    cleanup();
 }
 
 asn1_error_code asn1_decode_kdc_req(asn1buf *buf, krb5_kdc_req *val)
 {
-  setup();
-  { begin_structure();
-    { krb5_kvno kvno;
-      get_field(kvno,1,asn1_decode_kvno);
-      if(kvno != KVNO) return KRB5KDC_ERR_BAD_PVNO; }
-    get_field(val->msg_type,2,asn1_decode_msgtype);
-    opt_field(val->padata,3,asn1_decode_sequence_of_pa_data,NULL);
-    get_field(*val,4,asn1_decode_kdc_req_body);
-    end_structure();
-    val->magic = KV5M_KDC_REQ;
-  }
-  cleanup();
+    setup();
+    { begin_structure();
+       { krb5_kvno kvno;
+           get_field(kvno,1,asn1_decode_kvno);
+           if (kvno != KVNO) return KRB5KDC_ERR_BAD_PVNO; }
+       get_field(val->msg_type,2,asn1_decode_msgtype);
+       opt_field(val->padata,3,asn1_decode_sequence_of_pa_data,NULL);
+       get_field(*val,4,asn1_decode_kdc_req_body);
+       end_structure();
+       val->magic = KV5M_KDC_REQ;
+    }
+    cleanup();
 }
 
 asn1_error_code asn1_decode_kdc_req_body(asn1buf *buf, krb5_kdc_req *val)
 {
-  setup();
-  { 
-    krb5_principal psave;
-    begin_structure();
-    get_field(val->kdc_options,0,asn1_decode_kdc_options);
-    if(tagnum == 1){ alloc_field(val->client,krb5_principal_data); }
-    opt_field(val->client,1,asn1_decode_principal_name,NULL);
-    alloc_field(val->server,krb5_principal_data);
-    get_field(val->server,2,asn1_decode_realm);
-    if(val->client != NULL){
-      retval = asn1_krb5_realm_copy(val->client,val->server);
-      if(retval) return retval; }
-
-    /* If opt_field server is missing, memory reference to server is
-       lost and results in memory leak */
-    psave = val->server;
-    opt_field(val->server,3,asn1_decode_principal_name,NULL);
-    if(val->server == NULL){
-      if(psave->realm.data) {
-       free(psave->realm.data);
-       psave->realm.data = NULL;
-       psave->realm.length=0;
-      }
-      free(psave);
-    }
-    opt_field(val->from,4,asn1_decode_kerberos_time,0);
-    get_field(val->till,5,asn1_decode_kerberos_time);
-    opt_field(val->rtime,6,asn1_decode_kerberos_time,0);
-    get_field(val->nonce,7,asn1_decode_int32);
-    get_lenfield(val->nktypes,val->ktype,8,asn1_decode_sequence_of_enctype);
-    opt_field(val->addresses,9,asn1_decode_host_addresses,0);
-    if(tagnum == 10){
-      get_field(val->authorization_data,10,asn1_decode_encrypted_data); }
-    else{
-      val->authorization_data.magic = KV5M_ENC_DATA;
-      val->authorization_data.enctype = 0;
-      val->authorization_data.kvno = 0;
-      val->authorization_data.ciphertext.data = NULL;
-      val->authorization_data.ciphertext.length = 0;
+    setup();
+    { 
+       krb5_principal psave;
+       begin_structure();
+       get_field(val->kdc_options,0,asn1_decode_kdc_options);
+       if (tagnum == 1) { alloc_field(val->client,krb5_principal_data); }
+       opt_field(val->client,1,asn1_decode_principal_name,NULL);
+       alloc_field(val->server,krb5_principal_data);
+       get_field(val->server,2,asn1_decode_realm);
+       if (val->client != NULL) {
+           retval = asn1_krb5_realm_copy(val->client,val->server);
+           if (retval) return retval; }
+
+       /* If opt_field server is missing, memory reference to server is
+          lost and results in memory leak */
+       psave = val->server;
+       opt_field(val->server,3,asn1_decode_principal_name,NULL);
+       if (val->server == NULL) {
+           if (psave->realm.data) {
+               free(psave->realm.data);
+               psave->realm.data = NULL;
+               psave->realm.length=0;
+           }
+           free(psave);
+       }
+       opt_field(val->from,4,asn1_decode_kerberos_time,0);
+       get_field(val->till,5,asn1_decode_kerberos_time);
+       opt_field(val->rtime,6,asn1_decode_kerberos_time,0);
+       get_field(val->nonce,7,asn1_decode_int32);
+       get_lenfield(val->nktypes,val->ktype,8,asn1_decode_sequence_of_enctype);
+       opt_field(val->addresses,9,asn1_decode_host_addresses,0);
+       if (tagnum == 10) {
+           get_field(val->authorization_data,10,asn1_decode_encrypted_data); }
+       else {
+           val->authorization_data.magic = KV5M_ENC_DATA;
+           val->authorization_data.enctype = 0;
+           val->authorization_data.kvno = 0;
+           val->authorization_data.ciphertext.data = NULL;
+           val->authorization_data.ciphertext.length = 0;
+       }
+       opt_field(val->second_ticket,11,asn1_decode_sequence_of_ticket,NULL);
+       end_structure();
+       val->magic = KV5M_KDC_REQ;
     }
-    opt_field(val->second_ticket,11,asn1_decode_sequence_of_ticket,NULL);
-    end_structure();
-    val->magic = KV5M_KDC_REQ;
-  }
-  cleanup();
+    cleanup();
 }
 
 asn1_error_code asn1_decode_krb_safe_body(asn1buf *buf, krb5_safe *val)
 {
-  setup();
-  { begin_structure();
-    get_lenfield(val->user_data.length,val->user_data.data,0,asn1_decode_charstring);
-    opt_field(val->timestamp,1,asn1_decode_kerberos_time,0);
-    opt_field(val->usec,2,asn1_decode_int32,0);
-    opt_field(val->seq_number,3,asn1_decode_seqnum,0);
-    alloc_field(val->s_address,krb5_address);
-    get_field(*(val->s_address),4,asn1_decode_host_address);
-    if(tagnum == 5){
-      alloc_field(val->r_address,krb5_address);
-      get_field(*(val->r_address),5,asn1_decode_host_address);
-    } else val->r_address = NULL;
-    end_structure();
-    val->magic = KV5M_SAFE;
-  }
-  cleanup();
+    setup();
+    { begin_structure();
+       get_lenfield(val->user_data.length,val->user_data.data,0,asn1_decode_charstring);
+       opt_field(val->timestamp,1,asn1_decode_kerberos_time,0);
+       opt_field(val->usec,2,asn1_decode_int32,0);
+       opt_field(val->seq_number,3,asn1_decode_seqnum,0);
+       alloc_field(val->s_address,krb5_address);
+       get_field(*(val->s_address),4,asn1_decode_host_address);
+       if (tagnum == 5) {
+           alloc_field(val->r_address,krb5_address);
+           get_field(*(val->r_address),5,asn1_decode_host_address);
+       } else val->r_address = NULL;
+       end_structure();
+       val->magic = KV5M_SAFE;
+    }
+    cleanup();
 }
 
 asn1_error_code asn1_decode_host_address(asn1buf *buf, krb5_address *val)
 {
-  setup();
-  { begin_structure();
-    get_field(val->addrtype,0,asn1_decode_addrtype);
-    get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
-    end_structure();
-    val->magic = KV5M_ADDRESS;
-  }
-  cleanup();
+    setup();
+    { begin_structure();
+       get_field(val->addrtype,0,asn1_decode_addrtype);
+       get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
+       end_structure();
+       val->magic = KV5M_ADDRESS;
+    }
+    cleanup();
 }
 
 asn1_error_code asn1_decode_kdc_rep(asn1buf *buf, krb5_kdc_rep *val)
 {
-  setup();
-  { begin_structure();
-    { krb5_kvno pvno;
-      get_field(pvno,0,asn1_decode_kvno);
-      if(pvno != KVNO) return KRB5KDC_ERR_BAD_PVNO; }
-    get_field(val->msg_type,1,asn1_decode_msgtype);
-    opt_field(val->padata,2,asn1_decode_sequence_of_pa_data,NULL);
-    alloc_field(val->client,krb5_principal_data);
-    get_field(val->client,3,asn1_decode_realm);
-    get_field(val->client,4,asn1_decode_principal_name);
-    alloc_field(val->ticket,krb5_ticket);
-    get_field(*(val->ticket),5,asn1_decode_ticket);
-    get_field(val->enc_part,6,asn1_decode_encrypted_data);
-    end_structure();
-    val->magic = KV5M_KDC_REP;
-  }
-  cleanup();
+    setup();
+    { begin_structure();
+       { krb5_kvno pvno;
+           get_field(pvno,0,asn1_decode_kvno);
+           if (pvno != KVNO) return KRB5KDC_ERR_BAD_PVNO; }
+       get_field(val->msg_type,1,asn1_decode_msgtype);
+       opt_field(val->padata,2,asn1_decode_sequence_of_pa_data,NULL);
+       alloc_field(val->client,krb5_principal_data);
+       get_field(val->client,3,asn1_decode_realm);
+       get_field(val->client,4,asn1_decode_principal_name);
+       alloc_field(val->ticket,krb5_ticket);
+       get_field(*(val->ticket),5,asn1_decode_ticket);
+       get_field(val->enc_part,6,asn1_decode_encrypted_data);
+       end_structure();
+       val->magic = KV5M_KDC_REP;
+    }
+    cleanup();
 }
 
 
 /* arrays */
 #define get_element(element,decoder)\
 retval = decoder(&seqbuf,element);\
-if(retval) return retval
+if (retval) return retval
      
 static void *
 array_expand (void *array, int n_elts, size_t elt_size)
@@ -754,7 +754,7 @@ array_expand (void *array, int n_elts, size_t elt_size)
 #define array_append(array,size,element,type)\
 size++;\
 *(array) = array_expand(*(array), (size+1), sizeof(type*));\
-if(*(array) == NULL) return ENOMEM;\
+if (*(array) == NULL) return ENOMEM;\
 (*(array))[(size)-1] = elt
 
 #define decode_array_body(type,decoder)\
@@ -762,7 +762,7 @@ if(*(array) == NULL) return ENOMEM;\
   type *elt;\
 \
   { sequence_of(buf);\
-    while(asn1buf_remains(&seqbuf,seqofindef) > 0){\
+    while (asn1buf_remains(&seqbuf,seqofindef) > 0) {\
       alloc_field(elt,type);\
       get_element(elt,decoder);\
       array_append(val,size,elt,type);\
@@ -777,204 +777,204 @@ if(*(array) == NULL) return ENOMEM;\
 
 asn1_error_code asn1_decode_authorization_data(asn1buf *buf, krb5_authdata ***val)
 {
-  decode_array_body(krb5_authdata,asn1_decode_authdata_elt);
+    decode_array_body(krb5_authdata,asn1_decode_authdata_elt);
 }
 
 asn1_error_code asn1_decode_authdata_elt(asn1buf *buf, krb5_authdata *val)
 {
-  setup();
-  { begin_structure();
-    get_field(val->ad_type,0,asn1_decode_authdatatype);
-    get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
-    end_structure();
-    val->magic = KV5M_AUTHDATA;
-  }
-  cleanup();
+    setup();
+    { begin_structure();
+       get_field(val->ad_type,0,asn1_decode_authdatatype);
+       get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
+       end_structure();
+       val->magic = KV5M_AUTHDATA;
+    }
+    cleanup();
 }
 
 asn1_error_code asn1_decode_host_addresses(asn1buf *buf, krb5_address ***val)
 {
-  decode_array_body(krb5_address,asn1_decode_host_address);
+    decode_array_body(krb5_address,asn1_decode_host_address);
 }
 
 asn1_error_code asn1_decode_sequence_of_ticket(asn1buf *buf, krb5_ticket ***val)
 {
-  decode_array_body(krb5_ticket,asn1_decode_ticket);
+    decode_array_body(krb5_ticket,asn1_decode_ticket);
 }
 
 asn1_error_code asn1_decode_sequence_of_krb_cred_info(asn1buf *buf, krb5_cred_info ***val)
 {
-  decode_array_body(krb5_cred_info,asn1_decode_krb_cred_info);
+    decode_array_body(krb5_cred_info,asn1_decode_krb_cred_info);
 }
 
 asn1_error_code asn1_decode_krb_cred_info(asn1buf *buf, krb5_cred_info *val)
 {
-  setup();
-  { begin_structure();
-    alloc_field(val->session,krb5_keyblock);
-    get_field(*(val->session),0,asn1_decode_encryption_key);
-    if(tagnum == 1){
-      alloc_field(val->client,krb5_principal_data);
-      opt_field(val->client,1,asn1_decode_realm,NULL);
-      opt_field(val->client,2,asn1_decode_principal_name,NULL); }
-    opt_field(val->flags,3,asn1_decode_ticket_flags,0);
-    opt_field(val->times.authtime,4,asn1_decode_kerberos_time,0);
-    opt_field(val->times.starttime,5,asn1_decode_kerberos_time,0);
-    opt_field(val->times.endtime,6,asn1_decode_kerberos_time,0);
-    opt_field(val->times.renew_till,7,asn1_decode_kerberos_time,0);
-    if(tagnum == 8){
-      alloc_field(val->server,krb5_principal_data);
-      opt_field(val->server,8,asn1_decode_realm,NULL);
-      opt_field(val->server,9,asn1_decode_principal_name,NULL); }
-    opt_field(val->caddrs,10,asn1_decode_host_addresses,NULL);
-    end_structure();
-    val->magic = KV5M_CRED_INFO;
-  }
-  cleanup();
+    setup();
+    { begin_structure();
+       alloc_field(val->session,krb5_keyblock);
+       get_field(*(val->session),0,asn1_decode_encryption_key);
+       if (tagnum == 1) {
+           alloc_field(val->client,krb5_principal_data);
+           opt_field(val->client,1,asn1_decode_realm,NULL);
+           opt_field(val->client,2,asn1_decode_principal_name,NULL); }
+       opt_field(val->flags,3,asn1_decode_ticket_flags,0);
+       opt_field(val->times.authtime,4,asn1_decode_kerberos_time,0);
+       opt_field(val->times.starttime,5,asn1_decode_kerberos_time,0);
+       opt_field(val->times.endtime,6,asn1_decode_kerberos_time,0);
+       opt_field(val->times.renew_till,7,asn1_decode_kerberos_time,0);
+       if (tagnum == 8) {
+           alloc_field(val->server,krb5_principal_data);
+           opt_field(val->server,8,asn1_decode_realm,NULL);
+           opt_field(val->server,9,asn1_decode_principal_name,NULL); }
+       opt_field(val->caddrs,10,asn1_decode_host_addresses,NULL);
+       end_structure();
+       val->magic = KV5M_CRED_INFO;
+    }
+    cleanup();
 }
 
 asn1_error_code asn1_decode_sequence_of_pa_data(asn1buf *buf, krb5_pa_data ***val)
 {
-  decode_array_body(krb5_pa_data,asn1_decode_pa_data);
+    decode_array_body(krb5_pa_data,asn1_decode_pa_data);
 }
 
 asn1_error_code asn1_decode_pa_data(asn1buf *buf, krb5_pa_data *val)
 {
-  setup();
-  { begin_structure();
-    get_field(val->pa_type,1,asn1_decode_int32);
-    get_lenfield(val->length,val->contents,2,asn1_decode_octetstring);
-    end_structure();
-    val->magic = KV5M_PA_DATA;
-  }
-  cleanup();
+    setup();
+    { begin_structure();
+       get_field(val->pa_type,1,asn1_decode_int32);
+       get_lenfield(val->length,val->contents,2,asn1_decode_octetstring);
+       end_structure();
+       val->magic = KV5M_PA_DATA;
+    }
+    cleanup();
 }
 
 asn1_error_code asn1_decode_last_req(asn1buf *buf, krb5_last_req_entry ***val)
 {
-  decode_array_body(krb5_last_req_entry,asn1_decode_last_req_entry);
+    decode_array_body(krb5_last_req_entry,asn1_decode_last_req_entry);
 }
 
 asn1_error_code asn1_decode_last_req_entry(asn1buf *buf, krb5_last_req_entry *val)
 {
-  setup();
-  { begin_structure();
-    get_field(val->lr_type,0,asn1_decode_int32);
-    get_field(val->value,1,asn1_decode_kerberos_time);
-    end_structure();
-    val->magic = KV5M_LAST_REQ_ENTRY;
+    setup();
+    { begin_structure();
+       get_field(val->lr_type,0,asn1_decode_int32);
+       get_field(val->value,1,asn1_decode_kerberos_time);
+       end_structure();
+       val->magic = KV5M_LAST_REQ_ENTRY;
 #ifdef KRB5_GENEROUS_LR_TYPE
-    /* If we are only a single byte wide and negative - fill in the
-       other bits */
-    if((val->lr_type & 0xffffff80U) == 0x80) val->lr_type |= 0xffffff00U;
+       /* If we are only a single byte wide and negative - fill in the
+          other bits */
+       if ((val->lr_type & 0xffffff80U) == 0x80) val->lr_type |= 0xffffff00U;
 #endif
-  }
-  cleanup();
+    }
+    cleanup();
 }
 
 asn1_error_code asn1_decode_sequence_of_enctype(asn1buf *buf, int *num, krb5_enctype **val)
 {
-  asn1_error_code retval;
-  { sequence_of(buf);
-    while(asn1buf_remains(&seqbuf,seqofindef) > 0){
-      size++;
-      if (*val == NULL)
-        *val = (krb5_enctype*)malloc(size*sizeof(krb5_enctype));
-      else
-        *val = (krb5_enctype*)realloc(*val,size*sizeof(krb5_enctype));
-      if(*val == NULL) return ENOMEM;
-      retval = asn1_decode_enctype(&seqbuf,&((*val)[size-1]));
-      if(retval) return retval;
+    asn1_error_code retval;
+    { sequence_of(buf);
+       while (asn1buf_remains(&seqbuf,seqofindef) > 0) {
+           size++;
+           if (*val == NULL)
+               *val = (krb5_enctype*)malloc(size*sizeof(krb5_enctype));
+           else
+               *val = (krb5_enctype*)realloc(*val,size*sizeof(krb5_enctype));
+           if (*val == NULL) return ENOMEM;
+           retval = asn1_decode_enctype(&seqbuf,&((*val)[size-1]));
+           if (retval) return retval;
+       }
+       *num = size;
+       end_sequence_of(buf);
     }
-    *num = size;
-    end_sequence_of(buf);
-  }
-  cleanup();
+    cleanup();
 }
 
 asn1_error_code asn1_decode_sequence_of_checksum(asn1buf *buf, krb5_checksum ***val)
 {
-  decode_array_body(krb5_checksum, asn1_decode_checksum);
+    decode_array_body(krb5_checksum, asn1_decode_checksum);
 }
 
 static asn1_error_code asn1_decode_etype_info2_entry(asn1buf *buf, krb5_etype_info_entry *val )
 {
-  setup();
-  { begin_structure();
-    get_field(val->etype,0,asn1_decode_enctype);
-    if (tagnum == 1) {
-       char *salt;
-       get_lenfield(val->length,salt,1,asn1_decode_generalstring);
-       val->salt = (krb5_octet *) salt;
-    } else {
+    setup();
+    { begin_structure();
+       get_field(val->etype,0,asn1_decode_enctype);
+       if (tagnum == 1) {
+           char *salt;
+           get_lenfield(val->length,salt,1,asn1_decode_generalstring);
+           val->salt = (krb5_octet *) salt;
+       } else {
            val->length = KRB5_ETYPE_NO_SALT;
            val->salt = 0;
+       }
+       if ( tagnum ==2) {
+           krb5_octet *params ;
+           get_lenfield( val->s2kparams.length, params,
+                         2, asn1_decode_octetstring);
+           val->s2kparams.data = ( char *) params;
+       } else {
+           val->s2kparams.data = NULL;
+           val->s2kparams.length = 0;
+       }
+       end_structure();
+       val->magic = KV5M_ETYPE_INFO_ENTRY;
     }
-    if ( tagnum ==2) {
-      krb5_octet *params ;
-      get_lenfield( val->s2kparams.length, params,
-                     2, asn1_decode_octetstring);
-      val->s2kparams.data = ( char *) params;
-    } else {
-       val->s2kparams.data = NULL;
-       val->s2kparams.length = 0;
-    }
-    end_structure();
-    val->magic = KV5M_ETYPE_INFO_ENTRY;
-  }
-  cleanup();
+    cleanup();
 }
 
 static asn1_error_code asn1_decode_etype_info2_entry_1_3(asn1buf *buf, krb5_etype_info_entry *val )
 {
-  setup();
-  { begin_structure();
-    get_field(val->etype,0,asn1_decode_enctype);
-    if (tagnum == 1) {
+    setup();
+    { begin_structure();
+       get_field(val->etype,0,asn1_decode_enctype);
+       if (tagnum == 1) {
            get_lenfield(val->length,val->salt,1,asn1_decode_octetstring);
-    } else {
+       } else {
            val->length = KRB5_ETYPE_NO_SALT;
            val->salt = 0;
+       }
+       if ( tagnum ==2) {
+           krb5_octet *params ;
+           get_lenfield( val->s2kparams.length, params,
+                         2, asn1_decode_octetstring);
+           val->s2kparams.data = ( char *) params;
+       } else {
+           val->s2kparams.data = NULL;
+           val->s2kparams.length = 0;
+       }
+       end_structure();
+       val->magic = KV5M_ETYPE_INFO_ENTRY;
     }
-    if ( tagnum ==2) {
-      krb5_octet *params ;
-      get_lenfield( val->s2kparams.length, params,
-                     2, asn1_decode_octetstring);
-      val->s2kparams.data = ( char *) params;
-    } else {
-       val->s2kparams.data = NULL;
-       val->s2kparams.length = 0;
-    }
-    end_structure();
-    val->magic = KV5M_ETYPE_INFO_ENTRY;
-  }
-  cleanup();
+    cleanup();
 }
 
 
 static asn1_error_code asn1_decode_etype_info_entry(asn1buf *buf, krb5_etype_info_entry *val )
 {
-  setup();
-  { begin_structure();
-    get_field(val->etype,0,asn1_decode_enctype);
-    if (tagnum == 1) {
+    setup();
+    { begin_structure();
+       get_field(val->etype,0,asn1_decode_enctype);
+       if (tagnum == 1) {
            get_lenfield(val->length,val->salt,1,asn1_decode_octetstring);
-    } else {
+       } else {
            val->length = KRB5_ETYPE_NO_SALT;
            val->salt = 0;
-    }
-    val->s2kparams.data = NULL;
-    val->s2kparams.length = 0;
+       }
+       val->s2kparams.data = NULL;
+       val->s2kparams.length = 0;
     
-    end_structure();
-    val->magic = KV5M_ETYPE_INFO_ENTRY;
-  }
-  cleanup();
+       end_structure();
+       val->magic = KV5M_ETYPE_INFO_ENTRY;
+    }
+    cleanup();
 }
 
 asn1_error_code asn1_decode_etype_info(asn1buf *buf, krb5_etype_info_entry ***val )
 {
-  decode_array_body(krb5_etype_info_entry,asn1_decode_etype_info_entry);
+    decode_array_body(krb5_etype_info_entry,asn1_decode_etype_info_entry);
 }
 
 asn1_error_code asn1_decode_etype_info2(asn1buf *buf, krb5_etype_info_entry ***val ,
@@ -991,25 +991,25 @@ asn1_error_code asn1_decode_etype_info2(asn1buf *buf, krb5_etype_info_entry ***v
 
 asn1_error_code asn1_decode_passwdsequence(asn1buf *buf, passwd_phrase_element *val)
 {
-  setup();
-  { begin_structure();
-    alloc_field(val->passwd,krb5_data);
-    get_lenfield(val->passwd->length,val->passwd->data,
-                0,asn1_decode_charstring);
-    val->passwd->magic = KV5M_DATA;
-    alloc_field(val->phrase,krb5_data);
-    get_lenfield(val->phrase->length,val->phrase->data,
-                1,asn1_decode_charstring);
-    val->phrase->magic = KV5M_DATA;
-    end_structure();
-    val->magic = KV5M_PASSWD_PHRASE_ELEMENT;
-  }
-  cleanup();
+    setup();
+    { begin_structure();
+       alloc_field(val->passwd,krb5_data);
+       get_lenfield(val->passwd->length,val->passwd->data,
+                    0,asn1_decode_charstring);
+       val->passwd->magic = KV5M_DATA;
+       alloc_field(val->phrase,krb5_data);
+       get_lenfield(val->phrase->length,val->phrase->data,
+                    1,asn1_decode_charstring);
+       val->phrase->magic = KV5M_DATA;
+       end_structure();
+       val->magic = KV5M_PASSWD_PHRASE_ELEMENT;
+    }
+    cleanup();
 }
 
 asn1_error_code asn1_decode_sequence_of_passwdsequence(asn1buf *buf, passwd_phrase_element ***val)
 {
-  decode_array_body(passwd_phrase_element,asn1_decode_passwdsequence);
+    decode_array_body(passwd_phrase_element,asn1_decode_passwdsequence);
 }
 
 asn1_error_code asn1_decode_sam_flags(asn1buf *buf, krb5_flags *val)
@@ -1017,116 +1017,116 @@ asn1_error_code asn1_decode_sam_flags(asn1buf *buf, krb5_flags *val)
 
 #define opt_string(val,n,fn) opt_lenfield((val).length,(val).data,n,fn)
 #define opt_cksum(var,tagexpect,decoder)\
-if(tagnum == (tagexpect)){\
+if (tagnum == (tagexpect)) {\
   get_field_body(var,decoder); }\
 else var.length = 0
 
 asn1_error_code asn1_decode_sam_challenge(asn1buf *buf, krb5_sam_challenge *val)
 {
-  setup();
-  { begin_structure();
-    get_field(val->sam_type,0,asn1_decode_int32);
-    get_field(val->sam_flags,1,asn1_decode_sam_flags);
-    opt_string(val->sam_type_name,2,asn1_decode_charstring);
-    opt_string(val->sam_track_id,3,asn1_decode_charstring);
-    opt_string(val->sam_challenge_label,4,asn1_decode_charstring);
-    opt_string(val->sam_challenge,5,asn1_decode_charstring);
-    opt_string(val->sam_response_prompt,6,asn1_decode_charstring);
-    opt_string(val->sam_pk_for_sad,7,asn1_decode_charstring);
-    opt_field(val->sam_nonce,8,asn1_decode_int32,0);
-    opt_cksum(val->sam_cksum,9,asn1_decode_checksum);
-    end_structure();
-    val->magic = KV5M_SAM_CHALLENGE;
-  }
-  cleanup();
+    setup();
+    { begin_structure();
+       get_field(val->sam_type,0,asn1_decode_int32);
+       get_field(val->sam_flags,1,asn1_decode_sam_flags);
+       opt_string(val->sam_type_name,2,asn1_decode_charstring);
+       opt_string(val->sam_track_id,3,asn1_decode_charstring);
+       opt_string(val->sam_challenge_label,4,asn1_decode_charstring);
+       opt_string(val->sam_challenge,5,asn1_decode_charstring);
+       opt_string(val->sam_response_prompt,6,asn1_decode_charstring);
+       opt_string(val->sam_pk_for_sad,7,asn1_decode_charstring);
+       opt_field(val->sam_nonce,8,asn1_decode_int32,0);
+       opt_cksum(val->sam_cksum,9,asn1_decode_checksum);
+       end_structure();
+       val->magic = KV5M_SAM_CHALLENGE;
+    }
+    cleanup();
 }
 asn1_error_code asn1_decode_sam_challenge_2(asn1buf *buf, krb5_sam_challenge_2 *val)
 {
-  setup();
-  { char *save, *end;
-    size_t alloclen;
-    begin_structure();
-    if (tagnum != 0) return ASN1_MISSING_FIELD;
-    if (asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED) 
-      return ASN1_BAD_ID;
-    save = subbuf.next;
-    { sequence_of_no_tagvars(&subbuf);
-      unused_var(size);
-      end_sequence_of_no_tagvars(&subbuf);
+    setup();
+    { char *save, *end;
+       size_t alloclen;
+       begin_structure();
+       if (tagnum != 0) return ASN1_MISSING_FIELD;
+       if (asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED) 
+           return ASN1_BAD_ID;
+       save = subbuf.next;
+       { sequence_of_no_tagvars(&subbuf);
+           unused_var(size);
+           end_sequence_of_no_tagvars(&subbuf);
+       }
+       end = subbuf.next;
+       alloclen = end - save;
+       if ((val->sam_challenge_2_body.data = (char *) malloc(alloclen)) == NULL)
+           return ENOMEM;
+       val->sam_challenge_2_body.length = alloclen;
+       memcpy(val->sam_challenge_2_body.data, save, alloclen);
+       next_tag();
+       get_field(val->sam_cksum, 1, asn1_decode_sequence_of_checksum);
+       end_structure();
     }
-    end = subbuf.next;
-    alloclen = end - save;
-    if ((val->sam_challenge_2_body.data = (char *) malloc(alloclen)) == NULL)
-      return ENOMEM;
-    val->sam_challenge_2_body.length = alloclen;
-    memcpy(val->sam_challenge_2_body.data, save, alloclen);
-    next_tag();
-    get_field(val->sam_cksum, 1, asn1_decode_sequence_of_checksum);
-    end_structure();
-  }
-  cleanup();
+    cleanup();
 }
 asn1_error_code asn1_decode_sam_challenge_2_body(asn1buf *buf, krb5_sam_challenge_2_body *val)
 {
-  setup();
-  { begin_structure();
-    get_field(val->sam_type,0,asn1_decode_int32);
-    get_field(val->sam_flags,1,asn1_decode_sam_flags);
-    opt_string(val->sam_type_name,2,asn1_decode_charstring);
-    opt_string(val->sam_track_id,3,asn1_decode_charstring);
-    opt_string(val->sam_challenge_label,4,asn1_decode_charstring);
-    opt_string(val->sam_challenge,5,asn1_decode_charstring);
-    opt_string(val->sam_response_prompt,6,asn1_decode_charstring);
-    opt_string(val->sam_pk_for_sad,7,asn1_decode_charstring);
-    get_field(val->sam_nonce,8,asn1_decode_int32);
-    get_field(val->sam_etype, 9, asn1_decode_int32);
-    end_structure();
-    val->magic = KV5M_SAM_CHALLENGE;
-  }
-  cleanup();
+    setup();
+    { begin_structure();
+       get_field(val->sam_type,0,asn1_decode_int32);
+       get_field(val->sam_flags,1,asn1_decode_sam_flags);
+       opt_string(val->sam_type_name,2,asn1_decode_charstring);
+       opt_string(val->sam_track_id,3,asn1_decode_charstring);
+       opt_string(val->sam_challenge_label,4,asn1_decode_charstring);
+       opt_string(val->sam_challenge,5,asn1_decode_charstring);
+       opt_string(val->sam_response_prompt,6,asn1_decode_charstring);
+       opt_string(val->sam_pk_for_sad,7,asn1_decode_charstring);
+       get_field(val->sam_nonce,8,asn1_decode_int32);
+       get_field(val->sam_etype, 9, asn1_decode_int32);
+       end_structure();
+       val->magic = KV5M_SAM_CHALLENGE;
+    }
+    cleanup();
 }
 asn1_error_code asn1_decode_enc_sam_key(asn1buf *buf, krb5_sam_key *val)
 {
-  setup();
-  { begin_structure();
-    /* alloc_field(val->sam_key,krb5_keyblock); */
-    get_field(val->sam_key,0,asn1_decode_encryption_key);
-    end_structure();
-    val->magic = KV5M_SAM_KEY;
-  }
-  cleanup();
+    setup();
+    { begin_structure();
+       /* alloc_field(val->sam_key,krb5_keyblock); */
+       get_field(val->sam_key,0,asn1_decode_encryption_key);
+       end_structure();
+       val->magic = KV5M_SAM_KEY;
+    }
+    cleanup();
 }
 
 asn1_error_code asn1_decode_enc_sam_response_enc(asn1buf *buf, krb5_enc_sam_response_enc *val)
 {
-  setup();
-  { begin_structure();
-    opt_field(val->sam_nonce,0,asn1_decode_int32,0);
-    opt_field(val->sam_timestamp,1,asn1_decode_kerberos_time,0);
-    opt_field(val->sam_usec,2,asn1_decode_int32,0);
-    opt_string(val->sam_sad,3,asn1_decode_charstring);
-    end_structure();
-    val->magic = KV5M_ENC_SAM_RESPONSE_ENC;
-  }
-  cleanup();
+    setup();
+    { begin_structure();
+       opt_field(val->sam_nonce,0,asn1_decode_int32,0);
+       opt_field(val->sam_timestamp,1,asn1_decode_kerberos_time,0);
+       opt_field(val->sam_usec,2,asn1_decode_int32,0);
+       opt_string(val->sam_sad,3,asn1_decode_charstring);
+       end_structure();
+       val->magic = KV5M_ENC_SAM_RESPONSE_ENC;
+    }
+    cleanup();
 }
 
 asn1_error_code asn1_decode_enc_sam_response_enc_2(asn1buf *buf, krb5_enc_sam_response_enc_2 *val)
 {
-  setup();
-  { begin_structure();
-    get_field(val->sam_nonce,0,asn1_decode_int32);
-    opt_string(val->sam_sad,1,asn1_decode_charstring);
-    end_structure();
-    val->magic = KV5M_ENC_SAM_RESPONSE_ENC_2;
-  }
-  cleanup();
+    setup();
+    { begin_structure();
+       get_field(val->sam_nonce,0,asn1_decode_int32);
+       opt_string(val->sam_sad,1,asn1_decode_charstring);
+       end_structure();
+       val->magic = KV5M_ENC_SAM_RESPONSE_ENC_2;
+    }
+    cleanup();
 }
 
 #define opt_encfield(fld,tag,fn) \
-    if(tagnum == tag){ \
+    if (tagnum == tag) { \
       get_field(fld,tag,fn); } \
-    else{\
+    else {\
       fld.magic = 0;\
       fld.enctype = 0;\
       fld.kvno = 0;\
@@ -1136,53 +1136,53 @@ asn1_error_code asn1_decode_enc_sam_response_enc_2(asn1buf *buf, krb5_enc_sam_re
 
 asn1_error_code asn1_decode_sam_response(asn1buf *buf, krb5_sam_response *val)
 {
-  setup();
-  { begin_structure();
-    get_field(val->sam_type,0,asn1_decode_int32);
-    get_field(val->sam_flags,1,asn1_decode_sam_flags);
-    opt_string(val->sam_track_id,2,asn1_decode_charstring);
-    opt_encfield(val->sam_enc_key,3,asn1_decode_encrypted_data);
-    get_field(val->sam_enc_nonce_or_ts,4,asn1_decode_encrypted_data);
-    opt_field(val->sam_nonce,5,asn1_decode_int32,0);
-    opt_field(val->sam_patimestamp,6,asn1_decode_kerberos_time,0);
-    end_structure();
-    val->magic = KV5M_SAM_RESPONSE;
-  }
-  cleanup();
+    setup();
+    { begin_structure();
+       get_field(val->sam_type,0,asn1_decode_int32);
+       get_field(val->sam_flags,1,asn1_decode_sam_flags);
+       opt_string(val->sam_track_id,2,asn1_decode_charstring);
+       opt_encfield(val->sam_enc_key,3,asn1_decode_encrypted_data);
+       get_field(val->sam_enc_nonce_or_ts,4,asn1_decode_encrypted_data);
+       opt_field(val->sam_nonce,5,asn1_decode_int32,0);
+       opt_field(val->sam_patimestamp,6,asn1_decode_kerberos_time,0);
+       end_structure();
+       val->magic = KV5M_SAM_RESPONSE;
+    }
+    cleanup();
 }
 
 asn1_error_code asn1_decode_sam_response_2(asn1buf *buf, krb5_sam_response_2 *val)
 {
-  setup();
-  { begin_structure();
-    get_field(val->sam_type,0,asn1_decode_int32);
-    get_field(val->sam_flags,1,asn1_decode_sam_flags);
-    opt_string(val->sam_track_id,2,asn1_decode_charstring);
-    get_field(val->sam_enc_nonce_or_sad,3,asn1_decode_encrypted_data);
-    get_field(val->sam_nonce,4,asn1_decode_int32);
-    end_structure();
-    val->magic = KV5M_SAM_RESPONSE;
-  }
-  cleanup();
+    setup();
+    { begin_structure();
+       get_field(val->sam_type,0,asn1_decode_int32);
+       get_field(val->sam_flags,1,asn1_decode_sam_flags);
+       opt_string(val->sam_track_id,2,asn1_decode_charstring);
+       get_field(val->sam_enc_nonce_or_sad,3,asn1_decode_encrypted_data);
+       get_field(val->sam_nonce,4,asn1_decode_int32);
+       end_structure();
+       val->magic = KV5M_SAM_RESPONSE;
+    }
+    cleanup();
 }
 
 
 asn1_error_code asn1_decode_predicted_sam_response(asn1buf *buf, krb5_predicted_sam_response *val)
 {
-  setup();
-  { begin_structure();
-    get_field(val->sam_key,0,asn1_decode_encryption_key);
-    get_field(val->sam_flags,1,asn1_decode_sam_flags);
-    get_field(val->stime,2,asn1_decode_kerberos_time);
-    get_field(val->susec,3,asn1_decode_int32);
-    alloc_field(val->client,krb5_principal_data);
-    get_field(val->client,4,asn1_decode_realm);
-    get_field(val->client,5,asn1_decode_principal_name);
-    opt_string(val->msd,6,asn1_decode_charstring); /* should be octet */
-    end_structure();
-    val->magic = KV5M_PREDICTED_SAM_RESPONSE;
-  }
-  cleanup();
+    setup();
+    { begin_structure();
+       get_field(val->sam_key,0,asn1_decode_encryption_key);
+       get_field(val->sam_flags,1,asn1_decode_sam_flags);
+       get_field(val->stime,2,asn1_decode_kerberos_time);
+       get_field(val->susec,3,asn1_decode_int32);
+       alloc_field(val->client,krb5_principal_data);
+       get_field(val->client,4,asn1_decode_realm);
+       get_field(val->client,5,asn1_decode_principal_name);
+       opt_string(val->msd,6,asn1_decode_charstring); /* should be octet */
+       end_structure();
+       val->magic = KV5M_PREDICTED_SAM_RESPONSE;
+    }
+    cleanup();
 }
 
 #ifndef DISABLE_PKINIT
@@ -1192,11 +1192,11 @@ asn1_error_code asn1_decode_external_principal_identifier(asn1buf *buf, krb5_ext
 {
     setup();
     {
-      begin_structure();
-      opt_implicit_octet_string(val->subjectName.length, val->subjectName.data, 0);
-      opt_implicit_octet_string(val->issuerAndSerialNumber.length, val->issuerAndSerialNumber.data, 1);
-      opt_implicit_octet_string(val->subjectKeyIdentifier.length, val->subjectKeyIdentifier.data, 2);
-      end_structure();
+       begin_structure();
+       opt_implicit_octet_string(val->subjectName.length, val->subjectName.data, 0);
+       opt_implicit_octet_string(val->issuerAndSerialNumber.length, val->issuerAndSerialNumber.data, 1);
+       opt_implicit_octet_string(val->subjectKeyIdentifier.length, val->subjectKeyIdentifier.data, 2);
+       end_structure();
     }
     cleanup();
 }
@@ -1208,15 +1208,15 @@ asn1_error_code asn1_decode_sequence_of_external_principal_identifier(asn1buf *b
 
 asn1_error_code asn1_decode_pa_pk_as_req(asn1buf *buf, krb5_pa_pk_as_req *val)
 {
-  setup();
-  {
-    begin_structure();
-    get_implicit_octet_string(val->signedAuthPack.length, val->signedAuthPack.data, 0);
-    opt_field(val->trustedCertifiers, 1, asn1_decode_sequence_of_external_principal_identifier, NULL);
-    opt_implicit_octet_string(val->kdcPkId.length, val->kdcPkId.data, 2);
-    end_structure();
-  }
-  cleanup();
+    setup();
+    {
+       begin_structure();
+       get_implicit_octet_string(val->signedAuthPack.length, val->signedAuthPack.data, 0);
+       opt_field(val->trustedCertifiers, 1, asn1_decode_sequence_of_external_principal_identifier, NULL);
+       opt_implicit_octet_string(val->kdcPkId.length, val->kdcPkId.data, 2);
+       end_structure();
+    }
+    cleanup();
 }
 
 #if 0  /* XXX   This needs to be tested!!! XXX */
@@ -1224,46 +1224,46 @@ asn1_error_code asn1_decode_trusted_ca(asn1buf *buf, krb5_trusted_ca *val)
 {
     setup();
     { 
-      char *start, *end;
-      size_t alloclen;
-
-      begin_explicit_choice();
-      if (t.tagnum == choice_trusted_cas_principalName) {
-       val->choice = choice_trusted_cas_principalName;
-      } else if (t.tagnum == choice_trusted_cas_caName) {
-       val->choice = choice_trusted_cas_caName;
-       start = subbuf.next;
-       {
-         sequence_of_no_tagvars(&subbuf);
-         unused_var(size);
-         end_sequence_of_no_tagvars(&subbuf);
-       }
-       end = subbuf.next;
-       alloclen = end - start;
-       val->u.caName.data = malloc(alloclen);
-       if (val->u.caName.data == NULL)
-         return ENOMEM;
-       memcpy(val->u.caName.data, start, alloclen);
-       val->u.caName.length = alloclen;
-       next_tag();
-      } else if (t.tagnum == choice_trusted_cas_issuerAndSerial) {
-       val->choice = choice_trusted_cas_issuerAndSerial;
-       start = subbuf.next;
-       {
-         sequence_of_no_tagvars(&subbuf);
-         unused_var(size);
-         end_sequence_of_no_tagvars(&subbuf);
-       }
-       end = subbuf.next;
-       alloclen = end - start;
-       val->u.issuerAndSerial.data = malloc(alloclen);
-       if (val->u.issuerAndSerial.data == NULL)
-         return ENOMEM;
-       memcpy(val->u.issuerAndSerial.data, start, alloclen);
-       val->u.issuerAndSerial.length = alloclen;
-       next_tag();
-      } else return ASN1_BAD_ID;
-      end_explicit_choice();
+       char *start, *end;
+       size_t alloclen;
+
+       begin_explicit_choice();
+       if (t.tagnum == choice_trusted_cas_principalName) {
+           val->choice = choice_trusted_cas_principalName;
+       } else if (t.tagnum == choice_trusted_cas_caName) {
+           val->choice = choice_trusted_cas_caName;
+           start = subbuf.next;
+           {
+               sequence_of_no_tagvars(&subbuf);
+               unused_var(size);
+               end_sequence_of_no_tagvars(&subbuf);
+           }
+           end = subbuf.next;
+           alloclen = end - start;
+           val->u.caName.data = malloc(alloclen);
+           if (val->u.caName.data == NULL)
+               return ENOMEM;
+           memcpy(val->u.caName.data, start, alloclen);
+           val->u.caName.length = alloclen;
+           next_tag();
+       } else if (t.tagnum == choice_trusted_cas_issuerAndSerial) {
+           val->choice = choice_trusted_cas_issuerAndSerial;
+           start = subbuf.next;
+           {
+               sequence_of_no_tagvars(&subbuf);
+               unused_var(size);
+               end_sequence_of_no_tagvars(&subbuf);
+           }
+           end = subbuf.next;
+           alloclen = end - start;
+           val->u.issuerAndSerial.data = malloc(alloclen);
+           if (val->u.issuerAndSerial.data == NULL)
+               return ENOMEM;
+           memcpy(val->u.issuerAndSerial.data, start, alloclen);
+           val->u.issuerAndSerial.length = alloclen;
+           next_tag();
+       } else return ASN1_BAD_ID;
+       end_explicit_choice();
     }
     cleanup();
 }
@@ -1272,18 +1272,18 @@ asn1_error_code asn1_decode_trusted_ca(asn1buf *buf, krb5_trusted_ca *val)
 {
     setup();
     { begin_choice();
-      if (tagnum == choice_trusted_cas_principalName) {
-       val->choice = choice_trusted_cas_principalName;
-       asn1_decode_krb5_principal_name(&subbuf, &(val->u.principalName));
-      } else if (tagnum == choice_trusted_cas_caName) {
-       val->choice = choice_trusted_cas_caName;
-       get_implicit_octet_string(val->u.caName.length, val->u.caName.data, choice_trusted_cas_caName);
-      } else if (tagnum == choice_trusted_cas_issuerAndSerial) {
-       val->choice = choice_trusted_cas_issuerAndSerial;
-       get_implicit_octet_string(val->u.issuerAndSerial.length, val->u.issuerAndSerial.data,
-                                 choice_trusted_cas_issuerAndSerial);
-      } else return ASN1_BAD_ID;
-      end_choice();
+       if (tagnum == choice_trusted_cas_principalName) {
+           val->choice = choice_trusted_cas_principalName;
+           asn1_decode_krb5_principal_name(&subbuf, &(val->u.principalName));
+       } else if (tagnum == choice_trusted_cas_caName) {
+           val->choice = choice_trusted_cas_caName;
+           get_implicit_octet_string(val->u.caName.length, val->u.caName.data, choice_trusted_cas_caName);
+       } else if (tagnum == choice_trusted_cas_issuerAndSerial) {
+           val->choice = choice_trusted_cas_issuerAndSerial;
+           get_implicit_octet_string(val->u.issuerAndSerial.length, val->u.issuerAndSerial.data,
+                                     choice_trusted_cas_issuerAndSerial);
+       } else return ASN1_BAD_ID;
+       end_choice();
     }
     cleanup();
 }
@@ -1296,25 +1296,25 @@ asn1_error_code asn1_decode_sequence_of_trusted_ca(asn1buf *buf, krb5_trusted_ca
 
 asn1_error_code asn1_decode_pa_pk_as_req_draft9(asn1buf *buf, krb5_pa_pk_as_req_draft9 *val)
 {
-  setup();
-  { begin_structure();
-    get_implicit_octet_string(val->signedAuthPack.length, val->signedAuthPack.data, 0);
-    opt_field(val->trustedCertifiers, 1, asn1_decode_sequence_of_trusted_ca, NULL);
-    opt_lenfield(val->kdcCert.length, val->kdcCert.data, 2, asn1_decode_octetstring);
-    opt_lenfield(val->encryptionCert.length, val->encryptionCert.data, 2, asn1_decode_octetstring);
-    end_structure();
-  }
-  cleanup();
+    setup();
+    { begin_structure();
+       get_implicit_octet_string(val->signedAuthPack.length, val->signedAuthPack.data, 0);
+       opt_field(val->trustedCertifiers, 1, asn1_decode_sequence_of_trusted_ca, NULL);
+       opt_lenfield(val->kdcCert.length, val->kdcCert.data, 2, asn1_decode_octetstring);
+       opt_lenfield(val->encryptionCert.length, val->encryptionCert.data, 2, asn1_decode_octetstring);
+       end_structure();
+    }
+    cleanup();
 }
 
 asn1_error_code asn1_decode_dh_rep_info(asn1buf *buf, krb5_dh_rep_info *val)
 {
     setup();
     { begin_structure();
-      get_implicit_octet_string(val->dhSignedData.length, val->dhSignedData.data, 0);
+       get_implicit_octet_string(val->dhSignedData.length, val->dhSignedData.data, 0);
 
-      opt_lenfield(val->serverDHNonce.length, val->serverDHNonce.data, 1, asn1_decode_octetstring);
-      end_structure();
+       opt_lenfield(val->serverDHNonce.length, val->serverDHNonce.data, 1, asn1_decode_octetstring);
+       end_structure();
     }
     cleanup();
 }
@@ -1323,11 +1323,11 @@ asn1_error_code asn1_decode_pk_authenticator(asn1buf *buf, krb5_pk_authenticator
 {
     setup();
     { begin_structure();
-      get_field(val->cusec, 0, asn1_decode_int32);
-      get_field(val->ctime, 1, asn1_decode_kerberos_time);
-      get_field(val->nonce, 2, asn1_decode_int32);
-      opt_lenfield(val->paChecksum.length, val->paChecksum.contents, 3, asn1_decode_octetstring);
-      end_structure();
+       get_field(val->cusec, 0, asn1_decode_int32);
+       get_field(val->ctime, 1, asn1_decode_kerberos_time);
+       get_field(val->nonce, 2, asn1_decode_int32);
+       opt_lenfield(val->paChecksum.length, val->paChecksum.contents, 3, asn1_decode_octetstring);
+       end_structure();
     }
     cleanup();
 }
@@ -1336,54 +1336,54 @@ asn1_error_code asn1_decode_pk_authenticator_draft9(asn1buf *buf, krb5_pk_authen
 {
     setup();
     { begin_structure();
-      alloc_field(val->kdcName,krb5_principal_data);
-      get_field(val->kdcName, 0, asn1_decode_principal_name); 
-      get_field(val->kdcName, 1, asn1_decode_realm); 
-      get_field(val->cusec, 2, asn1_decode_int32);
-      get_field(val->ctime, 3, asn1_decode_kerberos_time);
-      get_field(val->nonce, 4, asn1_decode_int32);
-      end_structure();
+       alloc_field(val->kdcName,krb5_principal_data);
+       get_field(val->kdcName, 0, asn1_decode_principal_name); 
+       get_field(val->kdcName, 1, asn1_decode_realm); 
+       get_field(val->cusec, 2, asn1_decode_int32);
+       get_field(val->ctime, 3, asn1_decode_kerberos_time);
+       get_field(val->nonce, 4, asn1_decode_int32);
+       end_structure();
     }
     cleanup();
 }
 
 asn1_error_code asn1_decode_algorithm_identifier(asn1buf *buf,  krb5_algorithm_identifier *val) {
 
-  setup();
-  { begin_structure_no_tag();
-    /*
-     * Forbid indefinite encoding because we don't read enough tag
-     * information from the trailing octets ("ANY DEFINED BY") to
-     * synchronize EOC tags, etc.
-     */
-    if (seqindef) return ASN1_BAD_FORMAT;
-    /*
-     * Set up tag variables because we don't actually call anything
-     * that fetches tag info for us; it's all buried in the decoder
-     * primitives.
-     */
-    tagnum = ASN1_TAGNUM_CEILING;
-    asn1class = UNIVERSAL;
-    construction = PRIMITIVE;
-    taglen = 0;
-    indef = 0;
-    retval = asn1_decode_oid(&subbuf, &val->algorithm.length, 
-                            &val->algorithm.data);
-    if(retval) return retval;
-    val->parameters.length = 0;
-    val->parameters.data = NULL;
-
-    if(length > subbuf.next - subbuf.base) {
-      unsigned int size = length - (subbuf.next - subbuf.base);
-      retval = asn1buf_remove_octetstring(&subbuf, size, 
-                                         &val->parameters.data);
-      if(retval) return retval;
-      val->parameters.length = size;
-    }
+    setup();
+    { begin_structure_no_tag();
+       /*
+        * Forbid indefinite encoding because we don't read enough tag
+        * information from the trailing octets ("ANY DEFINED BY") to
+        * synchronize EOC tags, etc.
+        */
+       if (seqindef) return ASN1_BAD_FORMAT;
+       /*
+        * Set up tag variables because we don't actually call anything
+        * that fetches tag info for us; it's all buried in the decoder
+        * primitives.
+        */
+       tagnum = ASN1_TAGNUM_CEILING;
+       asn1class = UNIVERSAL;
+       construction = PRIMITIVE;
+       taglen = 0;
+       indef = 0;
+       retval = asn1_decode_oid(&subbuf, &val->algorithm.length, 
+                                &val->algorithm.data);
+       if (retval) return retval;
+       val->parameters.length = 0;
+       val->parameters.data = NULL;
+
+       if (length > subbuf.next - subbuf.base) {
+           unsigned int size = length - (subbuf.next - subbuf.base);
+           retval = asn1buf_remove_octetstring(&subbuf, size, 
+                                               &val->parameters.data);
+           if (retval) return retval;
+           val->parameters.length = size;
+       }
     
-    end_structure();
-  }
-  cleanup();      
+       end_structure();
+    }
+    cleanup();      
 }
 
 asn1_error_code asn1_decode_subject_pk_info(asn1buf *buf, krb5_subject_pk_info *val)
@@ -1392,35 +1392,35 @@ asn1_error_code asn1_decode_subject_pk_info(asn1buf *buf, krb5_subject_pk_info *
     setup();
     { begin_structure_no_tag();
 
-      retval = asn1_decode_algorithm_identifier(&subbuf, &val->algorithm);
-      if (retval) return retval;
-
-      /* SubjectPublicKey encoded as a BIT STRING */
-      next_tag();
-      if (asn1class != UNIVERSAL || construction != PRIMITIVE ||
-          tagnum != ASN1_BITSTRING)
-        return ASN1_BAD_ID;
-
-      retval = asn1buf_remove_octet(&subbuf, &unused);
-      if(retval) return retval;
-
-      /* Number of unused bits must be between 0 and 7. */
-      /* What to do if unused is not zero? */
-      if (unused > 7) return ASN1_BAD_FORMAT;
-      taglen--;
-
-      val->subjectPublicKey.length = 0;
-      val->subjectPublicKey.data = NULL;
-      retval = asn1buf_remove_octetstring(&subbuf, taglen, 
-                                         &val->subjectPublicKey.data);
-      if(retval) return retval;
-      val->subjectPublicKey.length = taglen;
-      /*
-       * We didn't call any macro that does next_tag(); do so now to
-       * preload tag of any trailing encodings.
-       */
-      next_tag();
-      end_structure();
+       retval = asn1_decode_algorithm_identifier(&subbuf, &val->algorithm);
+       if (retval) return retval;
+
+       /* SubjectPublicKey encoded as a BIT STRING */
+       next_tag();
+       if (asn1class != UNIVERSAL || construction != PRIMITIVE ||
+           tagnum != ASN1_BITSTRING)
+           return ASN1_BAD_ID;
+
+       retval = asn1buf_remove_octet(&subbuf, &unused);
+       if (retval) return retval;
+
+       /* Number of unused bits must be between 0 and 7. */
+       /* What to do if unused is not zero? */
+       if (unused > 7) return ASN1_BAD_FORMAT;
+       taglen--;
+
+       val->subjectPublicKey.length = 0;
+       val->subjectPublicKey.data = NULL;
+       retval = asn1buf_remove_octetstring(&subbuf, taglen, 
+                                           &val->subjectPublicKey.data);
+       if (retval) return retval;
+       val->subjectPublicKey.length = taglen;
+       /*
+        * We didn't call any macro that does next_tag(); do so now to
+        * preload tag of any trailing encodings.
+        */
+       next_tag();
+       end_structure();
     }
     cleanup();
 }
@@ -1434,13 +1434,13 @@ asn1_error_code asn1_decode_kdc_dh_key_info (asn1buf *buf, krb5_kdc_dh_key_info
 {
     setup();
     { begin_structure();
-      retval = asn1buf_remove_octetstring(&subbuf, taglen, &val->subjectPublicKey.data);
-      if(retval) return retval;
-      val->subjectPublicKey.length = taglen;
-      next_tag();
-      get_field(val->nonce, 1, asn1_decode_int32);
-      opt_field(val->dhKeyExpiration, 2, asn1_decode_kerberos_time, 0);
-      end_structure();
+       retval = asn1buf_remove_octetstring(&subbuf, taglen, &val->subjectPublicKey.data);
+       if (retval) return retval;
+       val->subjectPublicKey.length = taglen;
+       next_tag();
+       get_field(val->nonce, 1, asn1_decode_int32);
+       opt_field(val->dhKeyExpiration, 2, asn1_decode_kerberos_time, 0);
+       end_structure();
     }
     cleanup();
 }
@@ -1449,9 +1449,9 @@ asn1_error_code asn1_decode_reply_key_pack (asn1buf *buf, krb5_reply_key_pack *v
 {
     setup();
     { begin_structure();
-      get_field(val->replyKey, 0, asn1_decode_encryption_key);
-      get_field(val->asChecksum, 1, asn1_decode_checksum); 
-      end_structure();
+       get_field(val->replyKey, 0, asn1_decode_encryption_key);
+       get_field(val->asChecksum, 1, asn1_decode_checksum); 
+       end_structure();
     }
     cleanup();
 }
@@ -1460,9 +1460,9 @@ asn1_error_code asn1_decode_reply_key_pack_draft9 (asn1buf *buf, krb5_reply_key_
 {
     setup();
     { begin_structure();
-      get_field(val->replyKey, 0, asn1_decode_encryption_key);
-      get_field(val->nonce, 1, asn1_decode_int32); 
-      end_structure();
+       get_field(val->replyKey, 0, asn1_decode_encryption_key);
+       get_field(val->nonce, 1, asn1_decode_int32); 
+       end_structure();
     }
     cleanup();
 }
@@ -1472,9 +1472,9 @@ asn1_error_code asn1_decode_krb5_principal_name (asn1buf *buf, krb5_principal *v
 {
     setup();
     { begin_structure();
-      get_field(*val, 0, asn1_decode_realm);
-      get_field(*val, 1, asn1_decode_principal_name);
-      end_structure();
+       get_field(*val, 0, asn1_decode_realm);
+       get_field(*val, 1, asn1_decode_principal_name);
+       end_structure();
     }
     cleanup();
 }
@@ -1483,30 +1483,30 @@ asn1_error_code asn1_decode_auth_pack(asn1buf *buf, krb5_auth_pack *val)
 {
     setup();
     { begin_structure();
-      get_field(val->pkAuthenticator, 0, asn1_decode_pk_authenticator);
-      if (tagnum == 1) { alloc_field(val->clientPublicValue, krb5_subject_pk_info); }      
-      /* can't call opt_field because it does decoder(&subbuf, &(val)); */
-      if (asn1buf_remains(&subbuf, seqindef)) {                             
-       if ((asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)  
-           && (tagnum || taglen || asn1class != UNIVERSAL))                
-         return ASN1_BAD_ID;                                               
-       if (tagnum == 1) {                                        
-         retval = asn1_decode_subject_pk_info(&subbuf, 
-                                              val->clientPublicValue);
-         if (!taglen && indef) { get_eoc(); }
-         next_tag();
-       } else val->clientPublicValue = NULL;  
-      }      
-      /* can't call opt_field because it does decoder(&subbuf, &(val)); */
-      if (asn1buf_remains(&subbuf, seqindef)) {
-        if (tagnum == 2) {
-         asn1_decode_sequence_of_algorithm_identifier(&subbuf, &val->supportedCMSTypes);
-         if (!taglen && indef) { get_eoc(); }
-         next_tag();
-       } else val->supportedCMSTypes = NULL;
-      }
-      opt_lenfield(val->clientDHNonce.length, val->clientDHNonce.data, 3, asn1_decode_octetstring);
-      end_structure();
+       get_field(val->pkAuthenticator, 0, asn1_decode_pk_authenticator);
+       if (tagnum == 1) { alloc_field(val->clientPublicValue, krb5_subject_pk_info); }      
+       /* can't call opt_field because it does decoder(&subbuf, &(val)); */
+       if (asn1buf_remains(&subbuf, seqindef)) {                             
+           if ((asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)  
+               && (tagnum || taglen || asn1class != UNIVERSAL))                
+               return ASN1_BAD_ID;                                               
+           if (tagnum == 1) {                                        
+               retval = asn1_decode_subject_pk_info(&subbuf, 
+                                                    val->clientPublicValue);
+               if (!taglen && indef) { get_eoc(); }
+               next_tag();
+           } else val->clientPublicValue = NULL;  
+       }      
+       /* can't call opt_field because it does decoder(&subbuf, &(val)); */
+       if (asn1buf_remains(&subbuf, seqindef)) {
+           if (tagnum == 2) {
+               asn1_decode_sequence_of_algorithm_identifier(&subbuf, &val->supportedCMSTypes);
+               if (!taglen && indef) { get_eoc(); }
+               next_tag();
+           } else val->supportedCMSTypes = NULL;
+       }
+       opt_lenfield(val->clientDHNonce.length, val->clientDHNonce.data, 3, asn1_decode_octetstring);
+       end_structure();
     }
     cleanup();
 }
@@ -1515,64 +1515,64 @@ asn1_error_code asn1_decode_auth_pack_draft9(asn1buf *buf, krb5_auth_pack_draft9
 {
     setup();
     { begin_structure();
-      get_field(val->pkAuthenticator, 0, asn1_decode_pk_authenticator_draft9);
-      if (tagnum == 1) {
-       alloc_field(val->clientPublicValue, krb5_subject_pk_info);      
-       /* can't call opt_field because it does decoder(&subbuf, &(val)); */
-       if (asn1buf_remains(&subbuf, seqindef)) {                             
-         if ((asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)  
-           && (tagnum || taglen || asn1class != UNIVERSAL))                
-           return ASN1_BAD_ID;                                               
-         if (tagnum == 1) {                                        
-           retval = asn1_decode_subject_pk_info(&subbuf, 
-                                                val->clientPublicValue);
-           if (!taglen && indef) { get_eoc(); }
-           next_tag();
-         } else val->clientPublicValue = NULL;  
+       get_field(val->pkAuthenticator, 0, asn1_decode_pk_authenticator_draft9);
+       if (tagnum == 1) {
+           alloc_field(val->clientPublicValue, krb5_subject_pk_info);      
+           /* can't call opt_field because it does decoder(&subbuf, &(val)); */
+           if (asn1buf_remains(&subbuf, seqindef)) {                             
+               if ((asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)  
+                   && (tagnum || taglen || asn1class != UNIVERSAL))                
+                   return ASN1_BAD_ID;                                               
+               if (tagnum == 1) {                                        
+                   retval = asn1_decode_subject_pk_info(&subbuf, 
+                                                        val->clientPublicValue);
+                   if (!taglen && indef) { get_eoc(); }
+                   next_tag();
+               } else val->clientPublicValue = NULL;  
+           }
        }
-      }
-      end_structure();
+       end_structure();
     }
     cleanup();
 }
 
 asn1_error_code asn1_decode_pa_pk_as_rep(asn1buf *buf, krb5_pa_pk_as_rep *val)
 {
-  setup();
-  { begin_choice();
-    if (tagnum == choice_pa_pk_as_rep_dhInfo) {
-      val->choice = choice_pa_pk_as_rep_dhInfo;
-      get_field_body(val->u.dh_Info, asn1_decode_dh_rep_info);
-    } else if (tagnum == choice_pa_pk_as_rep_encKeyPack) {
-      val->choice = choice_pa_pk_as_rep_encKeyPack;
-      get_implicit_octet_string(val->u.encKeyPack.length, val->u.encKeyPack.data,
-                               choice_pa_pk_as_rep_encKeyPack);
-    } else {
-      val->choice = choice_pa_pk_as_rep_UNKNOWN;
+    setup();
+    { begin_choice();
+       if (tagnum == choice_pa_pk_as_rep_dhInfo) {
+           val->choice = choice_pa_pk_as_rep_dhInfo;
+           get_field_body(val->u.dh_Info, asn1_decode_dh_rep_info);
+       } else if (tagnum == choice_pa_pk_as_rep_encKeyPack) {
+           val->choice = choice_pa_pk_as_rep_encKeyPack;
+           get_implicit_octet_string(val->u.encKeyPack.length, val->u.encKeyPack.data,
+                                     choice_pa_pk_as_rep_encKeyPack);
+       } else {
+           val->choice = choice_pa_pk_as_rep_UNKNOWN;
+       }
+       end_choice();
     }
-    end_choice();
-  }
-  cleanup();
+    cleanup();
 }
 
 asn1_error_code asn1_decode_pa_pk_as_rep_draft9(asn1buf *buf, krb5_pa_pk_as_rep_draft9 *val)
 {
-  setup();
-  { begin_structure();
-    if (tagnum == choice_pa_pk_as_rep_draft9_dhSignedData) {
-      val->choice = choice_pa_pk_as_rep_draft9_dhSignedData;
-      get_lenfield(val->u.dhSignedData.length, val->u.dhSignedData.data,
-                   choice_pa_pk_as_rep_draft9_dhSignedData, asn1_decode_octetstring);
-    } else if (tagnum == choice_pa_pk_as_rep_draft9_encKeyPack) {
-      val->choice = choice_pa_pk_as_rep_draft9_encKeyPack;
-      get_lenfield(val->u.encKeyPack.length, val->u.encKeyPack.data,
-                   choice_pa_pk_as_rep_draft9_encKeyPack, asn1_decode_octetstring);
-    } else {
-      val->choice = choice_pa_pk_as_rep_draft9_UNKNOWN;
+    setup();
+    { begin_structure();
+       if (tagnum == choice_pa_pk_as_rep_draft9_dhSignedData) {
+           val->choice = choice_pa_pk_as_rep_draft9_dhSignedData;
+           get_lenfield(val->u.dhSignedData.length, val->u.dhSignedData.data,
+                        choice_pa_pk_as_rep_draft9_dhSignedData, asn1_decode_octetstring);
+       } else if (tagnum == choice_pa_pk_as_rep_draft9_encKeyPack) {
+           val->choice = choice_pa_pk_as_rep_draft9_encKeyPack;
+           get_lenfield(val->u.encKeyPack.length, val->u.encKeyPack.data,
+                        choice_pa_pk_as_rep_draft9_encKeyPack, asn1_decode_octetstring);
+       } else {
+           val->choice = choice_pa_pk_as_rep_draft9_UNKNOWN;
+       }
+       end_structure();
     }
-    end_structure();
-  }
-  cleanup();
+    cleanup();
 }
 
 asn1_error_code asn1_decode_sequence_of_typed_data(asn1buf *buf, krb5_typed_data ***val)
@@ -1582,12 +1582,12 @@ asn1_error_code asn1_decode_sequence_of_typed_data(asn1buf *buf, krb5_typed_data
 
 asn1_error_code asn1_decode_typed_data(asn1buf *buf, krb5_typed_data *val) 
 {
-  setup();
-  { begin_structure();
-    get_field(val->type,0,asn1_decode_int32);
-    get_lenfield(val->length,val->data,1,asn1_decode_octetstring);
-    end_structure();
-  }
-  cleanup();
+    setup();
+    { begin_structure();
+       get_field(val->type,0,asn1_decode_int32);
+       get_lenfield(val->length,val->data,1,asn1_decode_octetstring);
+       end_structure();
+    }
+    cleanup();
 }
 #endif /* DISABLE_PKINIT */
index 4cd9f05722f446e7aeb19cdfcc0df4f09e72873d..de5c60180e363ce599e4830528a78e16a4a30cbe 100644 (file)
@@ -44,7 +44,7 @@
      ...
 
      /* for OPTIONAL fields */
-     if(rep->field_i == should_not_be_omitted)
+     if (rep->field_i == should_not_be_omitted)
        asn1_addfield(rep->field_i, i, asn1_type);
 
      /* for string fields (these encoders take an additional argument,
 
      /* if you really have to do things yourself... */
      retval = asn1_encode_asn1_type(buf,rep->field,&length);
-     if(retval) return retval;
+     if (retval) return retval;
      sum += length;
      retval = asn1_make_etag(buf, CONTEXT_SPECIFIC, tag_number, length,
                             &length);
-     if(retval) return retval;
+     if (retval) return retval;
      sum += length;
 
      ...
 /* asn1_addfield -- add a field, or component, to the encoding */
 #define asn1_addfield(value,tag,encoder)\
 { retval = encoder(buf,value,&length);\
-  if(retval){\
+  if (retval) {\
     asn1buf_destroy(&buf);\
     return retval; }\
   sum += length;\
   retval = asn1_make_etag(buf,CONTEXT_SPECIFIC,tag,length,&length);\
-  if(retval){\
+  if (retval) {\
     asn1buf_destroy(&buf);\
     return retval; }\
   sum += length; }
 /* asn1_addlenfield -- add a field whose length must be separately specified */
 #define asn1_addlenfield(len,value,tag,encoder)\
 { retval = encoder(buf,len,value,&length);\
-  if(retval){\
+  if (retval) {\
     asn1buf_destroy(&buf);\
     return retval; }\
   sum += length;\
   retval = asn1_make_etag(buf,CONTEXT_SPECIFIC,tag,length,&length);\
-  if(retval){\
+  if (retval) {\
     asn1buf_destroy(&buf);\
     return retval; }\
   sum += length; }
 /* asn1_addfield_implicit -- add an implicitly tagged field, or component, to the encoding */
 #define asn1_addfield_implicit(value,tag,encoder)\
 { retval = encoder(buf,value,&length);\
-  if(retval){\
+  if (retval) {\
     asn1buf_destroy(&buf);\
     return retval; }\
   sum += length;\
   retval = asn1_make_tag(buf,CONTEXT_SPECIFIC,PRIMITIVE,tag,length,&length); \
-  if(retval){\
+  if (retval) {\
     asn1buf_destroy(&buf);\
     return retval; }\
   sum += length; }
 /* asn1_insert_implicit_octetstring -- add an octet string with implicit tagging */
 #define asn1_insert_implicit_octetstring(len,value,tag)\
 { retval = asn1buf_insert_octetstring(buf,len,value);\
-  if(retval){\
+  if (retval) {\
     asn1buf_destroy(&buf);\
     return retval; }\
   sum += len;\
   retval = asn1_make_tag(buf,CONTEXT_SPECIFIC,PRIMITIVE,tag,len,&length); \
-  if(retval){\
+  if (retval) {\
     asn1buf_destroy(&buf);\
     return retval; }\
   sum += length; }
 /* asn1_insert_implicit_bitstring -- add a bitstring with implicit tagging */
 #define asn1_insert_implicit_bitstring(len,value,tag)\
 { retval = asn1buf_insert_octetstring(buf,len,value);\
-  if(retval){\
+  if (retval) {\
     asn1buf_destroy(&buf);\
     return retval; }\
   sum += len;\
   retval = asn1buf_insert_octet(buf, 0);\
-  if(retval){\
+  if (retval) {\
     asn1buf_destroy(&buf);\
     return retval; }\
   sum++;\
   retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,tag,len+1,&length); \
-  if(retval){\
+  if (retval) {\
     asn1buf_destroy(&buf);\
     return retval; }\
   sum += length; }
 /* form a sequence (by adding a sequence header to the current encoding) */
 #define asn1_makeseq()\
   retval = asn1_make_sequence(buf,sum,&length);\
-  if(retval){\
+  if (retval) {\
     asn1buf_destroy(&buf);\
     return retval; }\
   sum += length
 /* add an APPLICATION class tag to the current encoding */
 #define asn1_apptag(num)\
   retval = asn1_make_etag(buf,APPLICATION,num,sum,&length);\
-  if(retval){\
+  if (retval) {\
     asn1buf_destroy(&buf);\
     return retval; }\
   sum += length
 
 asn1_error_code asn1_encode_ui_4(asn1buf *buf, const krb5_ui_4 val, unsigned int *retlen)
 {
-  return asn1_encode_unsigned_integer(buf,val,retlen);
+    return asn1_encode_unsigned_integer(buf,val,retlen);
 }
 
 
 asn1_error_code asn1_encode_realm(asn1buf *buf, const krb5_principal val, unsigned int *retlen)
 {
-  if (val == NULL ||
-      (val->realm.length && val->realm.data == NULL))
-         return ASN1_MISSING_FIELD;
-  return asn1_encode_generalstring(buf,val->realm.length,val->realm.data,
-                                  retlen);
+    if (val == NULL ||
+       (val->realm.length && val->realm.data == NULL))
+       return ASN1_MISSING_FIELD;
+    return asn1_encode_generalstring(buf,val->realm.length,val->realm.data,
+                                    retlen);
 }
 
 asn1_error_code asn1_encode_principal_name(asn1buf *buf, const krb5_principal val, unsigned int *retlen)
 {
-  asn1_setup();
-  int n;
+    asn1_setup();
+    int n;
 
-  if (val == NULL || val->data == NULL) return ASN1_MISSING_FIELD;
+    if (val == NULL || val->data == NULL) return ASN1_MISSING_FIELD;
 
-  for(n = (int) ((val->length)-1); n >= 0; n--){
-    if (val->data[n].length &&
-       val->data[n].data == NULL)
+    for (n = (int) ((val->length)-1); n >= 0; n--) {
+       if (val->data[n].length &&
+           val->data[n].data == NULL)
            return ASN1_MISSING_FIELD;
-    retval = asn1_encode_generalstring(buf,
-                                      (val->data)[n].length,
-                                      (val->data)[n].data,
-                                      &length);
-    if(retval) return retval;
+       retval = asn1_encode_generalstring(buf,
+                                          (val->data)[n].length,
+                                          (val->data)[n].data,
+                                          &length);
+       if (retval) return retval;
+       sum += length;
+    }
+    asn1_makeseq();
+    retval = asn1_make_etag(buf,CONTEXT_SPECIFIC,1,sum,&length);
+    if (retval) return retval;
     sum += length;
-  }
-  asn1_makeseq();
-  retval = asn1_make_etag(buf,CONTEXT_SPECIFIC,1,sum,&length);
-  if(retval) return retval;
-  sum += length;
 
-  asn1_addfield(val->type,0,asn1_encode_integer);
+    asn1_addfield(val->type,0,asn1_encode_integer);
 
-  asn1_makeseq();
+    asn1_makeseq();
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_kerberos_time(asn1buf *buf, const krb5_timestamp val, unsigned int *retlen)
 {
-  return asn1_encode_generaltime(buf,val,retlen);
+    return asn1_encode_generaltime(buf,val,retlen);
 }
 
 asn1_error_code asn1_encode_host_address(asn1buf *buf, const krb5_address *val, unsigned int *retlen)
 {
-  asn1_setup();
+    asn1_setup();
 
-  if (val == NULL || val->contents == NULL) return ASN1_MISSING_FIELD;
+    if (val == NULL || val->contents == NULL) return ASN1_MISSING_FIELD;
 
-  asn1_addlenfield(val->length,val->contents,1,asn1_encode_octetstring);
-  asn1_addfield(val->addrtype,0,asn1_encode_integer);
-  asn1_makeseq();
+    asn1_addlenfield(val->length,val->contents,1,asn1_encode_octetstring);
+    asn1_addfield(val->addrtype,0,asn1_encode_integer);
+    asn1_makeseq();
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_host_addresses(asn1buf *buf, const krb5_address **val, unsigned int *retlen)
 {
-  asn1_setup();
-  int i;
+    asn1_setup();
+    int i;
 
-  if(val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
+    if (val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
 
-  for(i=0; val[i] != NULL; i++); /* go to end of array */
-  for(i--; i>=0; i--){
-    retval = asn1_encode_host_address(buf,val[i],&length);
-    if(retval) return retval;
-    sum += length;
-  }
-  asn1_makeseq();
+    for (i=0; val[i] != NULL; i++); /* go to end of array */
+    for (i--; i>=0; i--) {
+       retval = asn1_encode_host_address(buf,val[i],&length);
+       if (retval) return retval;
+       sum += length;
+    }
+    asn1_makeseq();
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_encrypted_data(asn1buf *buf, const krb5_enc_data *val, unsigned int *retlen)
 {
-  asn1_setup();
+    asn1_setup();
 
-  if(val == NULL ||
-     (val->ciphertext.length && val->ciphertext.data == NULL))
-         return ASN1_MISSING_FIELD;
+    if (val == NULL ||
+       (val->ciphertext.length && val->ciphertext.data == NULL))
+       return ASN1_MISSING_FIELD;
 
-  asn1_addlenfield(val->ciphertext.length,val->ciphertext.data,2,asn1_encode_charstring);
-  /* krb5_kvno should be int */
-  if(val->kvno)
-    asn1_addfield((int) val->kvno,1,asn1_encode_integer);
-  asn1_addfield(val->enctype,0,asn1_encode_integer);
+    asn1_addlenfield(val->ciphertext.length,val->ciphertext.data,2,asn1_encode_charstring);
+    /* krb5_kvno should be int */
+    if (val->kvno)
+       asn1_addfield((int) val->kvno,1,asn1_encode_integer);
+    asn1_addfield(val->enctype,0,asn1_encode_integer);
 
-  asn1_makeseq();
+    asn1_makeseq();
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_krb5_flags(asn1buf *buf, const krb5_flags val, unsigned int *retlen)
 {
-  asn1_setup();
-  krb5_flags valcopy = val;
-  int i;
+    asn1_setup();
+    krb5_flags valcopy = val;
+    int i;
 
-  for(i=0; i<4; i++){
-    retval = asn1buf_insert_octet(buf,(asn1_octet) (valcopy&0xFF));
-    if(retval) return retval;
-    valcopy >>= 8;
-  }
-  retval = asn1buf_insert_octet(buf,0);        /* 0 padding bits */
-  if(retval) return retval;
-  sum = 5;
+    for (i=0; i<4; i++) {
+       retval = asn1buf_insert_octet(buf,(asn1_octet) (valcopy&0xFF));
+       if (retval) return retval;
+       valcopy >>= 8;
+    }
+    retval = asn1buf_insert_octet(buf,0);      /* 0 padding bits */
+    if (retval) return retval;
+    sum = 5;
 
-  retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_BITSTRING,sum,
-                        &length);
-  if(retval) return retval;
-  sum += length;
+    retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_BITSTRING,sum,
+                          &length);
+    if (retval) return retval;
+    sum += length;
 
-  *retlen = sum;
-  return 0;
+    *retlen = sum;
+    return 0;
 }
 
 asn1_error_code asn1_encode_ap_options(asn1buf *buf, const krb5_flags val, unsigned int *retlen)
 {
-  return asn1_encode_krb5_flags(buf,val,retlen);
+    return asn1_encode_krb5_flags(buf,val,retlen);
 }
 
 asn1_error_code asn1_encode_ticket_flags(asn1buf *buf, const krb5_flags val, unsigned int *retlen)
 {
-  return asn1_encode_krb5_flags(buf,val,retlen);
+    return asn1_encode_krb5_flags(buf,val,retlen);
 }
 
 asn1_error_code asn1_encode_kdc_options(asn1buf *buf, const krb5_flags val, unsigned int *retlen)
 {
-  return asn1_encode_krb5_flags(buf,val,retlen);
+    return asn1_encode_krb5_flags(buf,val,retlen);
 }
 
 asn1_error_code asn1_encode_authorization_data(asn1buf *buf, const krb5_authdata **val, unsigned int *retlen)
 {
-  asn1_setup();
-  int i;
+    asn1_setup();
+    int i;
   
-  if(val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
+    if (val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
   
-  for(i=0; val[i] != NULL; i++); /* get to the end of the array */
-  for(i--; i>=0; i--){
-    retval = asn1_encode_krb5_authdata_elt(buf,val[i],&length);
-    if(retval) return retval;
-    sum += length;
-  }
-  asn1_makeseq();
+    for (i=0; val[i] != NULL; i++); /* get to the end of the array */
+    for (i--; i>=0; i--) {
+       retval = asn1_encode_krb5_authdata_elt(buf,val[i],&length);
+       if (retval) return retval;
+       sum += length;
+    }
+    asn1_makeseq();
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_krb5_authdata_elt(asn1buf *buf, const krb5_authdata *val, unsigned int *retlen)
 {
-  asn1_setup();
+    asn1_setup();
 
-  if (val == NULL ||
-     (val->length && val->contents == NULL))
-         return ASN1_MISSING_FIELD;
+    if (val == NULL ||
+       (val->length && val->contents == NULL))
+       return ASN1_MISSING_FIELD;
 
-  /* ad-data[1]                OCTET STRING */
-  asn1_addlenfield(val->length,val->contents,1,asn1_encode_octetstring);
-  /* ad-type[0]                INTEGER */
-  asn1_addfield(val->ad_type,0,asn1_encode_integer);
-  /* SEQUENCE */
-  asn1_makeseq();
+    /* ad-data[1]              OCTET STRING */
+    asn1_addlenfield(val->length,val->contents,1,asn1_encode_octetstring);
+    /* ad-type[0]              INTEGER */
+    asn1_addfield(val->ad_type,0,asn1_encode_integer);
+    /* SEQUENCE */
+    asn1_makeseq();
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_kdc_rep(int msg_type, asn1buf *buf, const krb5_kdc_rep *val, unsigned int *retlen)
 {
-  asn1_setup();
+    asn1_setup();
 
-  if(val == NULL) return ASN1_MISSING_FIELD;
+    if (val == NULL) return ASN1_MISSING_FIELD;
 
-  asn1_addfield(&(val->enc_part),6,asn1_encode_encrypted_data);
-  asn1_addfield(val->ticket,5,asn1_encode_ticket);
-  asn1_addfield(val->client,4,asn1_encode_principal_name);
-  asn1_addfield(val->client,3,asn1_encode_realm);
-  if(val->padata != NULL && val->padata[0] != NULL)
-    asn1_addfield((const krb5_pa_data**)val->padata,2,asn1_encode_sequence_of_pa_data);
-  if (msg_type != KRB5_AS_REP && msg_type != KRB5_TGS_REP)
-         return KRB5_BADMSGTYPE;
-  asn1_addfield(msg_type,1,asn1_encode_integer);
-  asn1_addfield(KVNO,0,asn1_encode_integer);
-  asn1_makeseq();
+    asn1_addfield(&(val->enc_part),6,asn1_encode_encrypted_data);
+    asn1_addfield(val->ticket,5,asn1_encode_ticket);
+    asn1_addfield(val->client,4,asn1_encode_principal_name);
+    asn1_addfield(val->client,3,asn1_encode_realm);
+    if (val->padata != NULL && val->padata[0] != NULL)
+       asn1_addfield((const krb5_pa_data**)val->padata,2,asn1_encode_sequence_of_pa_data);
+    if (msg_type != KRB5_AS_REP && msg_type != KRB5_TGS_REP)
+       return KRB5_BADMSGTYPE;
+    asn1_addfield(msg_type,1,asn1_encode_integer);
+    asn1_addfield(KVNO,0,asn1_encode_integer);
+    asn1_makeseq();
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_enc_kdc_rep_part(asn1buf *buf, const krb5_enc_kdc_rep_part *val, unsigned int *retlen)
 {
-  asn1_setup();
+    asn1_setup();
 
-  if(val == NULL) return ASN1_MISSING_FIELD;
+    if (val == NULL) return ASN1_MISSING_FIELD;
 
-  /* caddr[11]         HostAddresses OPTIONAL */
-  if(val->caddrs != NULL && val->caddrs[0] != NULL)
-    asn1_addfield((const krb5_address**)(val->caddrs),11,asn1_encode_host_addresses);
+    /* caddr[11]               HostAddresses OPTIONAL */
+    if (val->caddrs != NULL && val->caddrs[0] != NULL)
+       asn1_addfield((const krb5_address**)(val->caddrs),11,asn1_encode_host_addresses);
 
-  /* sname[10]         PrincipalName */
-  asn1_addfield(val->server,10,asn1_encode_principal_name);
+    /* sname[10]               PrincipalName */
+    asn1_addfield(val->server,10,asn1_encode_principal_name);
 
-  /* srealm[9]         Realm */
-  asn1_addfield(val->server,9,asn1_encode_realm);
+    /* srealm[9]               Realm */
+    asn1_addfield(val->server,9,asn1_encode_realm);
 
-  /* renew-till[8]     KerberosTime OPTIONAL */
-  if(val->flags & TKT_FLG_RENEWABLE)
-    asn1_addfield(val->times.renew_till,8,asn1_encode_kerberos_time);
+    /* renew-till[8]   KerberosTime OPTIONAL */
+    if (val->flags & TKT_FLG_RENEWABLE)
+       asn1_addfield(val->times.renew_till,8,asn1_encode_kerberos_time);
 
-  /* endtime[7]                KerberosTime */
-  asn1_addfield(val->times.endtime,7,asn1_encode_kerberos_time);
+    /* endtime[7]              KerberosTime */
+    asn1_addfield(val->times.endtime,7,asn1_encode_kerberos_time);
 
-  /* starttime[6]      KerberosTime OPTIONAL */
-  if(val->times.starttime)
-    asn1_addfield(val->times.starttime,6,asn1_encode_kerberos_time);
+    /* starttime[6]    KerberosTime OPTIONAL */
+    if (val->times.starttime)
+       asn1_addfield(val->times.starttime,6,asn1_encode_kerberos_time);
 
-  /* authtime[5]       KerberosTime */
-  asn1_addfield(val->times.authtime,5,asn1_encode_kerberos_time);
+    /* authtime[5]     KerberosTime */
+    asn1_addfield(val->times.authtime,5,asn1_encode_kerberos_time);
 
-  /* flags[4]          TicketFlags */
-  asn1_addfield(val->flags,4,asn1_encode_ticket_flags);
+    /* flags[4]                TicketFlags */
+    asn1_addfield(val->flags,4,asn1_encode_ticket_flags);
 
-  /* key-expiration[3] KerberosTime OPTIONAL */
-  if(val->key_exp)
-    asn1_addfield(val->key_exp,3,asn1_encode_kerberos_time);
+    /* key-expiration[3]       KerberosTime OPTIONAL */
+    if (val->key_exp)
+       asn1_addfield(val->key_exp,3,asn1_encode_kerberos_time);
 
-  /* nonce[2]          INTEGER */
-  asn1_addfield(val->nonce,2,asn1_encode_integer);
+    /* nonce[2]                INTEGER */
+    asn1_addfield(val->nonce,2,asn1_encode_integer);
 
-  /* last-req[1]       LastReq */
-  asn1_addfield((const krb5_last_req_entry**)val->last_req,1,asn1_encode_last_req);
+    /* last-req[1]     LastReq */
+    asn1_addfield((const krb5_last_req_entry**)val->last_req,1,asn1_encode_last_req);
 
-  /* key[0]            EncryptionKey */
-  asn1_addfield(val->session,0,asn1_encode_encryption_key);
+    /* key[0]          EncryptionKey */
+    asn1_addfield(val->session,0,asn1_encode_encryption_key);
 
-  /* EncKDCRepPart ::= SEQUENCE */
-  asn1_makeseq();
+    /* EncKDCRepPart ::= SEQUENCE */
+    asn1_makeseq();
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_sequence_of_checksum(asn1buf *buf, const krb5_checksum ** val, unsigned int *retlen)
 {
-  asn1_setup();
-  int i;
+    asn1_setup();
+    int i;
 
-  if(val == NULL) return ASN1_MISSING_FIELD;
+    if (val == NULL) return ASN1_MISSING_FIELD;
 
-  for (i=0; val[i] != NULL; i++);
-  for (i--; i>=0; i--){
-    retval = asn1_encode_checksum(buf,val[i],&length);
-    if(retval) return retval;
-    sum += length;
-  }
-  asn1_makeseq();
+    for (i=0; val[i] != NULL; i++);
+    for (i--; i>=0; i--) {
+       retval = asn1_encode_checksum(buf,val[i],&length);
+       if (retval) return retval;
+       sum += length;
+    }
+    asn1_makeseq();
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_kdc_req_body(asn1buf *buf, const krb5_kdc_req *rep, unsigned int *retlen)
 {
-  asn1_setup();
+    asn1_setup();
   
-  if(rep == NULL) return ASN1_MISSING_FIELD;
-
-  /* additional-tickets[11]    SEQUENCE OF Ticket OPTIONAL */
-  if(rep->second_ticket != NULL && rep->second_ticket[0] != NULL)
-    asn1_addfield((const krb5_ticket**)rep->second_ticket,
-                 11,asn1_encode_sequence_of_ticket);
-
-  /* enc-authorization-data[10]        EncryptedData OPTIONAL, */
-  /*                           -- Encrypted AuthorizationData encoding */
-  if(rep->authorization_data.ciphertext.data != NULL)
-    asn1_addfield(&(rep->authorization_data),10,asn1_encode_encrypted_data);
-
-  /* addresses[9]              HostAddresses OPTIONAL, */
-  if(rep->addresses != NULL && rep->addresses[0] != NULL)
-    asn1_addfield((const krb5_address**)rep->addresses,9,asn1_encode_host_addresses);
-
-  /* etype[8]                  SEQUENCE OF INTEGER, -- EncryptionType, */
-  /*                           -- in preference order */
-  asn1_addlenfield(rep->nktypes,rep->ktype,8,asn1_encode_sequence_of_enctype);
-
-  /* nonce[7]                  INTEGER, */
-  asn1_addfield(rep->nonce,7,asn1_encode_integer);
-
-  /* rtime[6]                  KerberosTime OPTIONAL, */
-  if(rep->rtime)
-    asn1_addfield(rep->rtime,6,asn1_encode_kerberos_time);
-
-  /* till[5]                   KerberosTime, */
-  asn1_addfield(rep->till,5,asn1_encode_kerberos_time);
-
-  /* from[4]                   KerberosTime OPTIONAL, */
-  if(rep->from)
-  asn1_addfield(rep->from,4,asn1_encode_kerberos_time);
-
-  /* sname[3]                  PrincipalName OPTIONAL, */
-  if(rep->server != NULL)
-    asn1_addfield(rep->server,3,asn1_encode_principal_name);
-
-  /* realm[2]                  Realm, -- Server's realm */
-  /*                           -- Also client's in AS-REQ */
-  if(rep->kdc_options & KDC_OPT_ENC_TKT_IN_SKEY){
-    if(rep->second_ticket != NULL && rep->second_ticket[0] != NULL){
-      asn1_addfield(rep->second_ticket[0]->server,2,asn1_encode_realm)
+    if (rep == NULL) return ASN1_MISSING_FIELD;
+
+    /* additional-tickets[11]  SEQUENCE OF Ticket OPTIONAL */
+    if (rep->second_ticket != NULL && rep->second_ticket[0] != NULL)
+       asn1_addfield((const krb5_ticket**)rep->second_ticket,
+                     11,asn1_encode_sequence_of_ticket);
+
+    /* enc-authorization-data[10]      EncryptedData OPTIONAL, */
+    /*                                 -- Encrypted AuthorizationData encoding */
+    if (rep->authorization_data.ciphertext.data != NULL)
+       asn1_addfield(&(rep->authorization_data),10,asn1_encode_encrypted_data);
+
+    /* addresses[9]            HostAddresses OPTIONAL, */
+    if (rep->addresses != NULL && rep->addresses[0] != NULL)
+       asn1_addfield((const krb5_address**)rep->addresses,9,asn1_encode_host_addresses);
+
+    /* etype[8]                        SEQUENCE OF INTEGER, -- EncryptionType, */
+    /*                                 -- in preference order */
+    asn1_addlenfield(rep->nktypes,rep->ktype,8,asn1_encode_sequence_of_enctype);
+
+    /* nonce[7]                        INTEGER, */
+    asn1_addfield(rep->nonce,7,asn1_encode_integer);
+
+    /* rtime[6]                        KerberosTime OPTIONAL, */
+    if (rep->rtime)
+       asn1_addfield(rep->rtime,6,asn1_encode_kerberos_time);
+
+    /* till[5]                 KerberosTime, */
+    asn1_addfield(rep->till,5,asn1_encode_kerberos_time);
+
+    /* from[4]                 KerberosTime OPTIONAL, */
+    if (rep->from)
+       asn1_addfield(rep->from,4,asn1_encode_kerberos_time);
+
+    /* sname[3]                        PrincipalName OPTIONAL, */
+    if (rep->server != NULL)
+       asn1_addfield(rep->server,3,asn1_encode_principal_name);
+
+    /* realm[2]                        Realm, -- Server's realm */
+    /*                                 -- Also client's in AS-REQ */
+    if (rep->kdc_options & KDC_OPT_ENC_TKT_IN_SKEY) {
+       if (rep->second_ticket != NULL && rep->second_ticket[0] != NULL) {
+           asn1_addfield(rep->second_ticket[0]->server,2,asn1_encode_realm)
+               } else return ASN1_MISSING_FIELD;
+    } else if (rep->server != NULL) {
+       asn1_addfield(rep->server,2,asn1_encode_realm);
     } else return ASN1_MISSING_FIELD;
-  }else if(rep->server != NULL){
-    asn1_addfield(rep->server,2,asn1_encode_realm);
-  }else return ASN1_MISSING_FIELD;
 
-  /* cname[1]                  PrincipalName OPTIONAL, */
-  /*                           -- Used only in AS-REQ */
-  if(rep->client != NULL)
-    asn1_addfield(rep->client,1,asn1_encode_principal_name);
+    /* cname[1]                        PrincipalName OPTIONAL, */
+    /*                                 -- Used only in AS-REQ */
+    if (rep->client != NULL)
+       asn1_addfield(rep->client,1,asn1_encode_principal_name);
 
-  /* kdc-options[0]            KDCOptions, */
-  asn1_addfield(rep->kdc_options,0,asn1_encode_kdc_options);
+    /* kdc-options[0]          KDCOptions, */
+    asn1_addfield(rep->kdc_options,0,asn1_encode_kdc_options);
 
-  /* KDC-REQ-BODY ::= SEQUENCE */
-  asn1_makeseq();
+    /* KDC-REQ-BODY ::= SEQUENCE */
+    asn1_makeseq();
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_encryption_key(asn1buf *buf, const krb5_keyblock *val, unsigned int *retlen)
 {
-  asn1_setup();
+    asn1_setup();
 
-  if (val == NULL ||
-      (val->length && val->contents == NULL))
-         return ASN1_MISSING_FIELD;
+    if (val == NULL ||
+       (val->length && val->contents == NULL))
+       return ASN1_MISSING_FIELD;
 
-  asn1_addlenfield(val->length,val->contents,1,asn1_encode_octetstring);
-  asn1_addfield(val->enctype,0,asn1_encode_integer);
-  asn1_makeseq();
+    asn1_addlenfield(val->length,val->contents,1,asn1_encode_octetstring);
+    asn1_addfield(val->enctype,0,asn1_encode_integer);
+    asn1_makeseq();
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_checksum(asn1buf *buf, const krb5_checksum *val, unsigned int *retlen)
 {
-  asn1_setup();
+    asn1_setup();
 
-  if (val == NULL ||
-     (val->length && val->contents == NULL))
-         return ASN1_MISSING_FIELD;
+    if (val == NULL ||
+       (val->length && val->contents == NULL))
+       return ASN1_MISSING_FIELD;
 
-  asn1_addlenfield(val->length,val->contents,1,asn1_encode_octetstring);
-  asn1_addfield(val->checksum_type,0,asn1_encode_integer);
-  asn1_makeseq();
+    asn1_addlenfield(val->length,val->contents,1,asn1_encode_octetstring);
+    asn1_addfield(val->checksum_type,0,asn1_encode_integer);
+    asn1_makeseq();
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_transited_encoding(asn1buf *buf, const krb5_transited *val, unsigned int *retlen)
 {
-  asn1_setup();
+    asn1_setup();
 
-  if(val == NULL ||
-     (val->tr_contents.length != 0 && val->tr_contents.data == NULL))
-    return ASN1_MISSING_FIELD;
+    if (val == NULL ||
+       (val->tr_contents.length != 0 && val->tr_contents.data == NULL))
+       return ASN1_MISSING_FIELD;
 
-  asn1_addlenfield(val->tr_contents.length,val->tr_contents.data,
-                  1,asn1_encode_charstring);
-  asn1_addfield(val->tr_type,0,asn1_encode_integer);
-  asn1_makeseq();
+    asn1_addlenfield(val->tr_contents.length,val->tr_contents.data,
+                    1,asn1_encode_charstring);
+    asn1_addfield(val->tr_type,0,asn1_encode_integer);
+    asn1_makeseq();
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_last_req(asn1buf *buf, const krb5_last_req_entry **val, unsigned int *retlen)
 {
-  asn1_setup();
-  int i;
+    asn1_setup();
+    int i;
 
-  if(val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
+    if (val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
 
-  for(i=0; val[i] != NULL; i++); /* go to end of array */
-  for(i--; i>=0; i--){
-    retval = asn1_encode_last_req_entry(buf,val[i],&length);
-    if(retval) return retval;
-    sum += length;
-  }
-  asn1_makeseq();
+    for (i=0; val[i] != NULL; i++); /* go to end of array */
+    for (i--; i>=0; i--) {
+       retval = asn1_encode_last_req_entry(buf,val[i],&length);
+       if (retval) return retval;
+       sum += length;
+    }
+    asn1_makeseq();
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_last_req_entry(asn1buf *buf, const krb5_last_req_entry *val, unsigned int *retlen)
 {
-  asn1_setup();
+    asn1_setup();
 
-  if(val == NULL) return ASN1_MISSING_FIELD;
+    if (val == NULL) return ASN1_MISSING_FIELD;
 
-  asn1_addfield(val->value,1,asn1_encode_kerberos_time);
-  asn1_addfield(val->lr_type,0,asn1_encode_integer);
-  asn1_makeseq();
+    asn1_addfield(val->value,1,asn1_encode_kerberos_time);
+    asn1_addfield(val->lr_type,0,asn1_encode_integer);
+    asn1_makeseq();
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_sequence_of_pa_data(asn1buf *buf, const krb5_pa_data **val, unsigned int *retlen)
 {
-  asn1_setup();
-  int i;
+    asn1_setup();
+    int i;
 
-  if (val == NULL) return ASN1_MISSING_FIELD;
+    if (val == NULL) return ASN1_MISSING_FIELD;
 
-  for(i=0; val[i] != NULL; i++);
-  for(i--; i>=0; i--){
-    retval = asn1_encode_pa_data(buf,val[i],&length);
-    if(retval) return retval;
-    sum += length;
-  }
-  asn1_makeseq();
+    for (i=0; val[i] != NULL; i++);
+    for (i--; i>=0; i--) {
+       retval = asn1_encode_pa_data(buf,val[i],&length);
+       if (retval) return retval;
+       sum += length;
+    }
+    asn1_makeseq();
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_pa_data(asn1buf *buf, const krb5_pa_data *val, unsigned int *retlen)
 {
-  asn1_setup();
+    asn1_setup();
 
-  if(val == NULL || (val->length != 0 && val->contents == NULL))
-     return ASN1_MISSING_FIELD;
+    if (val == NULL || (val->length != 0 && val->contents == NULL))
+       return ASN1_MISSING_FIELD;
 
-  asn1_addlenfield(val->length,val->contents,2,asn1_encode_octetstring);
-  asn1_addfield(val->pa_type,1,asn1_encode_integer);
-  asn1_makeseq();
+    asn1_addlenfield(val->length,val->contents,2,asn1_encode_octetstring);
+    asn1_addfield(val->pa_type,1,asn1_encode_integer);
+    asn1_makeseq();
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_sequence_of_ticket(asn1buf *buf, const krb5_ticket **val, unsigned int *retlen)
 {
-  asn1_setup();
-  int i;
+    asn1_setup();
+    int i;
 
-  if(val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
+    if (val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
 
-  for(i=0; val[i] != NULL; i++);
-  for(i--; i>=0; i--){
-    retval = asn1_encode_ticket(buf,val[i],&length);
-    if(retval) return retval;
-    sum += length;
-  }
-  asn1_makeseq();
+    for (i=0; val[i] != NULL; i++);
+    for (i--; i>=0; i--) {
+       retval = asn1_encode_ticket(buf,val[i],&length);
+       if (retval) return retval;
+       sum += length;
+    }
+    asn1_makeseq();
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_ticket(asn1buf *buf, const krb5_ticket *val, unsigned int *retlen)
 {
-  asn1_setup();
+    asn1_setup();
 
-  if(val == NULL) return ASN1_MISSING_FIELD;
+    if (val == NULL) return ASN1_MISSING_FIELD;
 
-  asn1_addfield(&(val->enc_part),3,asn1_encode_encrypted_data);
-  asn1_addfield(val->server,2,asn1_encode_principal_name);
-  asn1_addfield(val->server,1,asn1_encode_realm);
-  asn1_addfield(KVNO,0,asn1_encode_integer);
-  asn1_makeseq();
-  asn1_apptag(1);
+    asn1_addfield(&(val->enc_part),3,asn1_encode_encrypted_data);
+    asn1_addfield(val->server,2,asn1_encode_principal_name);
+    asn1_addfield(val->server,1,asn1_encode_realm);
+    asn1_addfield(KVNO,0,asn1_encode_integer);
+    asn1_makeseq();
+    asn1_apptag(1);
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_sequence_of_enctype(asn1buf *buf, const int len, const krb5_enctype *val, unsigned int *retlen)
 {
-  asn1_setup();
-  int i;
+    asn1_setup();
+    int i;
 
-  if(val == NULL) return ASN1_MISSING_FIELD;
+    if (val == NULL) return ASN1_MISSING_FIELD;
 
-  for(i=len-1; i>=0; i--){
-    retval = asn1_encode_integer(buf,val[i],&length);
-    if(retval) return retval;
-    sum += length;
-  }
-  asn1_makeseq();
+    for (i=len-1; i>=0; i--) {
+       retval = asn1_encode_integer(buf,val[i],&length);
+       if (retval) return retval;
+       sum += length;
+    }
+    asn1_makeseq();
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_kdc_req(int msg_type, asn1buf *buf, const krb5_kdc_req *val, unsigned int *retlen)
 {
-  asn1_setup();
+    asn1_setup();
 
-  if(val == NULL) return ASN1_MISSING_FIELD;
+    if (val == NULL) return ASN1_MISSING_FIELD;
 
-  asn1_addfield(val,4,asn1_encode_kdc_req_body);
-  if(val->padata != NULL && val->padata[0] != NULL)
-    asn1_addfield((const krb5_pa_data**)val->padata,3,asn1_encode_sequence_of_pa_data);
-  if (msg_type != KRB5_AS_REQ && msg_type != KRB5_TGS_REQ)
-         return KRB5_BADMSGTYPE;
-  asn1_addfield(msg_type,2,asn1_encode_integer);
-  asn1_addfield(KVNO,1,asn1_encode_integer);
-  asn1_makeseq();
+    asn1_addfield(val,4,asn1_encode_kdc_req_body);
+    if (val->padata != NULL && val->padata[0] != NULL)
+       asn1_addfield((const krb5_pa_data**)val->padata,3,asn1_encode_sequence_of_pa_data);
+    if (msg_type != KRB5_AS_REQ && msg_type != KRB5_TGS_REQ)
+       return KRB5_BADMSGTYPE;
+    asn1_addfield(msg_type,2,asn1_encode_integer);
+    asn1_addfield(KVNO,1,asn1_encode_integer);
+    asn1_makeseq();
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_krb_safe_body(asn1buf *buf, const krb5_safe *val, unsigned int *retlen)
 {
-  asn1_setup();
+    asn1_setup();
 
-  if(val == NULL) return ASN1_MISSING_FIELD;
+    if (val == NULL) return ASN1_MISSING_FIELD;
 
-  if(val->r_address != NULL)
-    asn1_addfield(val->r_address,5,asn1_encode_host_address);
-  asn1_addfield(val->s_address,4,asn1_encode_host_address);
-  if(val->seq_number)
-    asn1_addfield(val->seq_number,3,asn1_encode_unsigned_integer);
-  if(val->timestamp){
-    asn1_addfield(val->usec,2,asn1_encode_integer);
-    asn1_addfield(val->timestamp,1,asn1_encode_kerberos_time);
-  }
-  if (val->user_data.length && val->user_data.data == NULL)
-         return ASN1_MISSING_FIELD;
-  asn1_addlenfield(val->user_data.length,val->user_data.data,0,asn1_encode_charstring)
-;
+    if (val->r_address != NULL)
+       asn1_addfield(val->r_address,5,asn1_encode_host_address);
+    asn1_addfield(val->s_address,4,asn1_encode_host_address);
+    if (val->seq_number)
+       asn1_addfield(val->seq_number,3,asn1_encode_unsigned_integer);
+    if (val->timestamp) {
+       asn1_addfield(val->usec,2,asn1_encode_integer);
+       asn1_addfield(val->timestamp,1,asn1_encode_kerberos_time);
+    }
+    if (val->user_data.length && val->user_data.data == NULL)
+       return ASN1_MISSING_FIELD;
+    asn1_addlenfield(val->user_data.length,val->user_data.data,0,asn1_encode_charstring)
+       ;
 
-  asn1_makeseq();
-  asn1_cleanup();
+    asn1_makeseq();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_sequence_of_krb_cred_info(asn1buf *buf, const krb5_cred_info **val, unsigned int *retlen)
 {
-  asn1_setup();
-  int i;
+    asn1_setup();
+    int i;
 
-  if(val == NULL) return ASN1_MISSING_FIELD;
+    if (val == NULL) return ASN1_MISSING_FIELD;
 
-  for(i=0; val[i] != NULL; i++);
-  for(i--; i>=0; i--){
-    retval = asn1_encode_krb_cred_info(buf,val[i],&length);
-    if(retval) return retval;
-    sum += length;
-  }
-  asn1_makeseq();
+    for (i=0; val[i] != NULL; i++);
+    for (i--; i>=0; i--) {
+       retval = asn1_encode_krb_cred_info(buf,val[i],&length);
+       if (retval) return retval;
+       sum += length;
+    }
+    asn1_makeseq();
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_krb_cred_info(asn1buf *buf, const krb5_cred_info *val, unsigned int *retlen)
 {
-  asn1_setup();
-
-  if(val == NULL) return ASN1_MISSING_FIELD;
-
-  if(val->caddrs != NULL && val->caddrs[0] != NULL)
-    asn1_addfield((const krb5_address**)val->caddrs,10,asn1_encode_host_addresses);
-  if(val->server != NULL){
-    asn1_addfield(val->server,9,asn1_encode_principal_name);
-    asn1_addfield(val->server,8,asn1_encode_realm);
-  }
-  if(val->times.renew_till)
-    asn1_addfield(val->times.renew_till,7,asn1_encode_kerberos_time);
-  if(val->times.endtime)
-    asn1_addfield(val->times.endtime,6,asn1_encode_kerberos_time);
-  if(val->times.starttime)
-    asn1_addfield(val->times.starttime,5,asn1_encode_kerberos_time);
-  if(val->times.authtime)
-    asn1_addfield(val->times.authtime,4,asn1_encode_kerberos_time);
-  if(val->flags)
-    asn1_addfield(val->flags,3,asn1_encode_ticket_flags);
-  if(val->client != NULL){
-    asn1_addfield(val->client,2,asn1_encode_principal_name);
-    asn1_addfield(val->client,1,asn1_encode_realm);
-  }
-  asn1_addfield(val->session,0,asn1_encode_encryption_key);
-
-  asn1_makeseq();
-
-  asn1_cleanup();
+    asn1_setup();
+
+    if (val == NULL) return ASN1_MISSING_FIELD;
+
+    if (val->caddrs != NULL && val->caddrs[0] != NULL)
+       asn1_addfield((const krb5_address**)val->caddrs,10,asn1_encode_host_addresses);
+    if (val->server != NULL) {
+       asn1_addfield(val->server,9,asn1_encode_principal_name);
+       asn1_addfield(val->server,8,asn1_encode_realm);
+    }
+    if (val->times.renew_till)
+       asn1_addfield(val->times.renew_till,7,asn1_encode_kerberos_time);
+    if (val->times.endtime)
+       asn1_addfield(val->times.endtime,6,asn1_encode_kerberos_time);
+    if (val->times.starttime)
+       asn1_addfield(val->times.starttime,5,asn1_encode_kerberos_time);
+    if (val->times.authtime)
+       asn1_addfield(val->times.authtime,4,asn1_encode_kerberos_time);
+    if (val->flags)
+       asn1_addfield(val->flags,3,asn1_encode_ticket_flags);
+    if (val->client != NULL) {
+       asn1_addfield(val->client,2,asn1_encode_principal_name);
+       asn1_addfield(val->client,1,asn1_encode_realm);
+    }
+    asn1_addfield(val->session,0,asn1_encode_encryption_key);
+
+    asn1_makeseq();
+
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_etype_info_entry(asn1buf *buf, const krb5_etype_info_entry *val,
                                             unsigned int *retlen, int etype_info2)
 {
-  asn1_setup();
+    asn1_setup();
 
-  assert(val->s2kparams.data == NULL || etype_info2);
-  if(val == NULL || (val->length > 0 && val->length != KRB5_ETYPE_NO_SALT &&
-                    val->salt == NULL))
-     return ASN1_MISSING_FIELD;
-  if(val->s2kparams.data != NULL)
-      asn1_addlenfield(val->s2kparams.length, val->s2kparams.data, 2,
-                      asn1_encode_octetstring);
-  if (val->length >= 0 && val->length != KRB5_ETYPE_NO_SALT){
-      if (etype_info2)
-         asn1_addlenfield(val->length,val->salt,1,
-                          asn1_encode_generalstring)
-      else       asn1_addlenfield(val->length,val->salt,1,
-                                  asn1_encode_octetstring);
-  }
-asn1_addfield(val->etype,0,asn1_encode_integer);
-  asn1_makeseq();
+    assert(val->s2kparams.data == NULL || etype_info2);
+    if (val == NULL || (val->length > 0 && val->length != KRB5_ETYPE_NO_SALT &&
+                       val->salt == NULL))
+       return ASN1_MISSING_FIELD;
+    if (val->s2kparams.data != NULL)
+       asn1_addlenfield(val->s2kparams.length, val->s2kparams.data, 2,
+                        asn1_encode_octetstring);
+    if (val->length >= 0 && val->length != KRB5_ETYPE_NO_SALT) {
+       if (etype_info2)
+           asn1_addlenfield(val->length,val->salt,1,
+                            asn1_encode_generalstring)
+           else          asn1_addlenfield(val->length,val->salt,1,
+                                          asn1_encode_octetstring);
+    }
+    asn1_addfield(val->etype,0,asn1_encode_integer);
+    asn1_makeseq();
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_etype_info(asn1buf *buf, const krb5_etype_info_entry **val,
@@ -786,10 +786,10 @@ asn1_error_code asn1_encode_etype_info(asn1buf *buf, const krb5_etype_info_entry
   
     if (val == NULL) return ASN1_MISSING_FIELD;
   
-    for(i=0; val[i] != NULL; i++); /* get to the end of the array */
-    for(i--; i>=0; i--){
+    for (i=0; val[i] != NULL; i++); /* get to the end of the array */
+    for (i--; i>=0; i--) {
        retval = asn1_encode_etype_info_entry(buf,val[i],&length, etype_info2);
-       if(retval) return retval;
+       if (retval) return retval;
        sum += length;
     }
     asn1_makeseq();
@@ -798,193 +798,193 @@ asn1_error_code asn1_encode_etype_info(asn1buf *buf, const krb5_etype_info_entry
 
 asn1_error_code asn1_encode_sequence_of_passwdsequence(asn1buf *buf, const passwd_phrase_element **val, unsigned int *retlen)
 {
-  asn1_setup();
-  int i;
+    asn1_setup();
+    int i;
   
-  if(val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
+    if (val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
   
-  for(i=0; val[i] != NULL; i++); /* get to the end of the array */
-  for(i--; i>=0; i--){
-    retval = asn1_encode_passwdsequence(buf,val[i],&length);
-    if(retval) return retval;
-    sum += length;
-  }
-  asn1_makeseq();
-  asn1_cleanup();
+    for (i=0; val[i] != NULL; i++); /* get to the end of the array */
+    for (i--; i>=0; i--) {
+       retval = asn1_encode_passwdsequence(buf,val[i],&length);
+       if (retval) return retval;
+       sum += length;
+    }
+    asn1_makeseq();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_passwdsequence(asn1buf *buf, const passwd_phrase_element *val, unsigned int *retlen)
 {
-  asn1_setup();
-  asn1_addlenfield(val->phrase->length,val->phrase->data,1,asn1_encode_charstring);
-  asn1_addlenfield(val->passwd->length,val->passwd->data,0,asn1_encode_charstring);
-  asn1_makeseq();
-  asn1_cleanup();
+    asn1_setup();
+    asn1_addlenfield(val->phrase->length,val->phrase->data,1,asn1_encode_charstring);
+    asn1_addlenfield(val->passwd->length,val->passwd->data,0,asn1_encode_charstring);
+    asn1_makeseq();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_sam_flags(asn1buf *buf, const krb5_flags val, unsigned int *retlen)
 {
-  return asn1_encode_krb5_flags(buf,val,retlen);
+    return asn1_encode_krb5_flags(buf,val,retlen);
 }
 
-#define add_optstring(val,n,fn) \
-     if ((val).length > 0) {asn1_addlenfield((val).length,(val).data,n,fn);}
+#define add_optstring(val,n,fn)                                                \
+    if ((val).length > 0) {asn1_addlenfield((val).length,(val).data,n,fn);}
 
 asn1_error_code asn1_encode_sam_challenge(asn1buf *buf, const krb5_sam_challenge *val, unsigned int *retlen)
 {
-  asn1_setup();
-  /* possibly wrong */
-  if (val->sam_cksum.length)
-    asn1_addfield(&(val->sam_cksum),9,asn1_encode_checksum);
+    asn1_setup();
+    /* possibly wrong */
+    if (val->sam_cksum.length)
+       asn1_addfield(&(val->sam_cksum),9,asn1_encode_checksum);
 
-  if (val->sam_nonce)
-    asn1_addfield(val->sam_nonce,8,asn1_encode_integer);
+    if (val->sam_nonce)
+       asn1_addfield(val->sam_nonce,8,asn1_encode_integer);
 
-  add_optstring(val->sam_pk_for_sad,7,asn1_encode_charstring);
-  add_optstring(val->sam_response_prompt,6,asn1_encode_charstring);
-  add_optstring(val->sam_challenge,5,asn1_encode_charstring);
-  add_optstring(val->sam_challenge_label,4,asn1_encode_charstring);
-  add_optstring(val->sam_track_id,3,asn1_encode_charstring);
-  add_optstring(val->sam_type_name,2,asn1_encode_charstring);
+    add_optstring(val->sam_pk_for_sad,7,asn1_encode_charstring);
+    add_optstring(val->sam_response_prompt,6,asn1_encode_charstring);
+    add_optstring(val->sam_challenge,5,asn1_encode_charstring);
+    add_optstring(val->sam_challenge_label,4,asn1_encode_charstring);
+    add_optstring(val->sam_track_id,3,asn1_encode_charstring);
+    add_optstring(val->sam_type_name,2,asn1_encode_charstring);
 
-  asn1_addfield(val->sam_flags,1,asn1_encode_sam_flags);
-  asn1_addfield(val->sam_type,0,asn1_encode_integer);
+    asn1_addfield(val->sam_flags,1,asn1_encode_sam_flags);
+    asn1_addfield(val->sam_type,0,asn1_encode_integer);
 
-  asn1_makeseq();
-  asn1_cleanup();
+    asn1_makeseq();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_sam_challenge_2(asn1buf *buf, const krb5_sam_challenge_2 *val, unsigned int *retlen)
 {
-  asn1_setup();
-  if ( (!val) || (!val->sam_cksum) || (!val->sam_cksum[0]))
-      return ASN1_MISSING_FIELD;
-
-  asn1_addfield((const krb5_checksum **) val->sam_cksum, 1, asn1_encode_sequence_of_checksum);
-  retval = asn1buf_insert_octetstring(buf, val->sam_challenge_2_body.length,
-                                     (unsigned char *)val->sam_challenge_2_body.data);
-  if(retval){
-         asn1buf_destroy(&buf);
-         return retval; 
-  }
-  sum += val->sam_challenge_2_body.length;
-  retval = asn1_make_etag(buf, CONTEXT_SPECIFIC, 0,
-                         val->sam_challenge_2_body.length, &length);
-  if(retval) {
-         asn1buf_destroy(&buf);
-         return retval;
-  }
-  sum += length;
+    asn1_setup();
+    if ( (!val) || (!val->sam_cksum) || (!val->sam_cksum[0]))
+       return ASN1_MISSING_FIELD;
+
+    asn1_addfield((const krb5_checksum **) val->sam_cksum, 1, asn1_encode_sequence_of_checksum);
+    retval = asn1buf_insert_octetstring(buf, val->sam_challenge_2_body.length,
+                                       (unsigned char *)val->sam_challenge_2_body.data);
+    if (retval) {
+       asn1buf_destroy(&buf);
+       return retval; 
+    }
+    sum += val->sam_challenge_2_body.length;
+    retval = asn1_make_etag(buf, CONTEXT_SPECIFIC, 0,
+                           val->sam_challenge_2_body.length, &length);
+    if (retval) {
+       asn1buf_destroy(&buf);
+       return retval;
+    }
+    sum += length;
   
-  asn1_makeseq();
-  asn1_cleanup();
+    asn1_makeseq();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_sam_challenge_2_body(asn1buf *buf, const krb5_sam_challenge_2_body *val, unsigned int *retlen)
 {
-  asn1_setup();
+    asn1_setup();
 
-  asn1_addfield(val->sam_etype, 9, asn1_encode_integer);
-  asn1_addfield(val->sam_nonce,8,asn1_encode_integer);
-  add_optstring(val->sam_pk_for_sad,7,asn1_encode_charstring);
-  add_optstring(val->sam_response_prompt,6,asn1_encode_charstring);
-  add_optstring(val->sam_challenge,5,asn1_encode_charstring);
-  add_optstring(val->sam_challenge_label,4,asn1_encode_charstring);
-  add_optstring(val->sam_track_id,3,asn1_encode_charstring);
-  add_optstring(val->sam_type_name,2,asn1_encode_charstring);
+    asn1_addfield(val->sam_etype, 9, asn1_encode_integer);
+    asn1_addfield(val->sam_nonce,8,asn1_encode_integer);
+    add_optstring(val->sam_pk_for_sad,7,asn1_encode_charstring);
+    add_optstring(val->sam_response_prompt,6,asn1_encode_charstring);
+    add_optstring(val->sam_challenge,5,asn1_encode_charstring);
+    add_optstring(val->sam_challenge_label,4,asn1_encode_charstring);
+    add_optstring(val->sam_track_id,3,asn1_encode_charstring);
+    add_optstring(val->sam_type_name,2,asn1_encode_charstring);
 
-  asn1_addfield(val->sam_flags,1,asn1_encode_sam_flags);
-  asn1_addfield(val->sam_type,0,asn1_encode_integer);
+    asn1_addfield(val->sam_flags,1,asn1_encode_sam_flags);
+    asn1_addfield(val->sam_type,0,asn1_encode_integer);
 
-  asn1_makeseq();
-  asn1_cleanup();
+    asn1_makeseq();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_sam_key(asn1buf *buf, const krb5_sam_key *val, unsigned int *retlen)
 {
-  asn1_setup();
-  asn1_addfield(&(val->sam_key),0,asn1_encode_encryption_key);
+    asn1_setup();
+    asn1_addfield(&(val->sam_key),0,asn1_encode_encryption_key);
 
-  asn1_makeseq();
+    asn1_makeseq();
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 
 asn1_error_code asn1_encode_enc_sam_response_enc(asn1buf *buf, const krb5_enc_sam_response_enc *val, unsigned int *retlen)
 {
-  asn1_setup();
-  add_optstring(val->sam_sad,3,asn1_encode_charstring);
-  asn1_addfield(val->sam_usec,2,asn1_encode_integer);
-  asn1_addfield(val->sam_timestamp,1,asn1_encode_kerberos_time);
-  asn1_addfield(val->sam_nonce,0,asn1_encode_integer);
+    asn1_setup();
+    add_optstring(val->sam_sad,3,asn1_encode_charstring);
+    asn1_addfield(val->sam_usec,2,asn1_encode_integer);
+    asn1_addfield(val->sam_timestamp,1,asn1_encode_kerberos_time);
+    asn1_addfield(val->sam_nonce,0,asn1_encode_integer);
 
-  asn1_makeseq();
+    asn1_makeseq();
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_enc_sam_response_enc_2(asn1buf *buf, const krb5_enc_sam_response_enc_2 *val, unsigned int *retlen)
 {
-  asn1_setup();
-  add_optstring(val->sam_sad,1,asn1_encode_charstring);
-  asn1_addfield(val->sam_nonce,0,asn1_encode_integer);
+    asn1_setup();
+    add_optstring(val->sam_sad,1,asn1_encode_charstring);
+    asn1_addfield(val->sam_nonce,0,asn1_encode_integer);
 
-  asn1_makeseq();
+    asn1_makeseq();
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_sam_response(asn1buf *buf, const krb5_sam_response *val, unsigned int *retlen)
 {
-  asn1_setup();
+    asn1_setup();
 
-  if (val->sam_patimestamp)
-    asn1_addfield(val->sam_patimestamp,6,asn1_encode_kerberos_time);
-  if (val->sam_nonce)
-    asn1_addfield(val->sam_nonce,5,asn1_encode_integer);
-  asn1_addfield(&(val->sam_enc_nonce_or_ts),4,asn1_encode_encrypted_data);
-  if (val->sam_enc_key.ciphertext.length)
-    asn1_addfield(&(val->sam_enc_key),3,asn1_encode_encrypted_data);
-  add_optstring(val->sam_track_id,2,asn1_encode_charstring);
-  asn1_addfield(val->sam_flags,1,asn1_encode_sam_flags);
-  asn1_addfield(val->sam_type,0,asn1_encode_integer);
+    if (val->sam_patimestamp)
+       asn1_addfield(val->sam_patimestamp,6,asn1_encode_kerberos_time);
+    if (val->sam_nonce)
+       asn1_addfield(val->sam_nonce,5,asn1_encode_integer);
+    asn1_addfield(&(val->sam_enc_nonce_or_ts),4,asn1_encode_encrypted_data);
+    if (val->sam_enc_key.ciphertext.length)
+       asn1_addfield(&(val->sam_enc_key),3,asn1_encode_encrypted_data);
+    add_optstring(val->sam_track_id,2,asn1_encode_charstring);
+    asn1_addfield(val->sam_flags,1,asn1_encode_sam_flags);
+    asn1_addfield(val->sam_type,0,asn1_encode_integer);
 
-  asn1_makeseq();
+    asn1_makeseq();
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_sam_response_2(asn1buf *buf, const krb5_sam_response_2 *val, unsigned int *retlen)
 {
-  asn1_setup();
+    asn1_setup();
 
-  asn1_addfield(val->sam_nonce,4,asn1_encode_integer);
-  asn1_addfield(&(val->sam_enc_nonce_or_sad),3,asn1_encode_encrypted_data);
-  add_optstring(val->sam_track_id,2,asn1_encode_charstring);
-  asn1_addfield(val->sam_flags,1,asn1_encode_sam_flags);
-  asn1_addfield(val->sam_type,0,asn1_encode_integer);
+    asn1_addfield(val->sam_nonce,4,asn1_encode_integer);
+    asn1_addfield(&(val->sam_enc_nonce_or_sad),3,asn1_encode_encrypted_data);
+    add_optstring(val->sam_track_id,2,asn1_encode_charstring);
+    asn1_addfield(val->sam_flags,1,asn1_encode_sam_flags);
+    asn1_addfield(val->sam_type,0,asn1_encode_integer);
 
-  asn1_makeseq();
+    asn1_makeseq();
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_predicted_sam_response(asn1buf *buf, const krb5_predicted_sam_response *val, unsigned int *retlen)
 {
-  asn1_setup();
+    asn1_setup();
 
-  add_optstring(val->msd,6,asn1_encode_charstring);
-  asn1_addfield(val->client,5,asn1_encode_principal_name);
-  asn1_addfield(val->client,4,asn1_encode_realm);
-  asn1_addfield(val->susec,3,asn1_encode_integer);
-  asn1_addfield(val->stime,2,asn1_encode_kerberos_time);
-  asn1_addfield(val->sam_flags,1,asn1_encode_sam_flags);
-  asn1_addfield(&(val->sam_key),0,asn1_encode_encryption_key);
+    add_optstring(val->msd,6,asn1_encode_charstring);
+    asn1_addfield(val->client,5,asn1_encode_principal_name);
+    asn1_addfield(val->client,4,asn1_encode_realm);
+    asn1_addfield(val->susec,3,asn1_encode_integer);
+    asn1_addfield(val->stime,2,asn1_encode_kerberos_time);
+    asn1_addfield(val->sam_flags,1,asn1_encode_sam_flags);
+    asn1_addfield(&(val->sam_key),0,asn1_encode_encryption_key);
 
-  asn1_makeseq();
+    asn1_makeseq();
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 /*
@@ -992,16 +992,16 @@ asn1_error_code asn1_encode_predicted_sam_response(asn1buf *buf, const krb5_pred
  */
 asn1_error_code asn1_encode_krb_saved_safe_body(asn1buf *buf, const krb5_data *body, unsigned int *retlen)
 {
-  asn1_error_code retval;
+    asn1_error_code retval;
 
-  retval = asn1buf_insert_octetstring(buf, body->length,
-                                     (krb5_octet *)body->data);
-  if (retval){
-    asn1buf_destroy(&buf);
-    return retval; 
-  }
-  *retlen = body->length;
-  return 0;
+    retval = asn1buf_insert_octetstring(buf, body->length,
+                                       (krb5_octet *)body->data);
+    if (retval) {
+       asn1buf_destroy(&buf);
+       return retval; 
+    }
+    *retlen = body->length;
+    return 0;
 }
 
 #ifndef DISABLE_PKINIT
@@ -1011,387 +1011,387 @@ asn1_error_code asn1_encode_krb_saved_safe_body(asn1buf *buf, const krb5_data *b
 
 asn1_error_code asn1_encode_pk_authenticator(asn1buf *buf, const krb5_pk_authenticator *val, unsigned int *retlen)
 {
-  asn1_setup();
-  asn1_addlenfield(val->paChecksum.length, val->paChecksum.contents, 3, asn1_encode_octetstring);
-  asn1_addfield(val->nonce, 2, asn1_encode_integer);
-  asn1_addfield(val->ctime, 1, asn1_encode_kerberos_time);
-  asn1_addfield(val->cusec, 0, asn1_encode_integer);
+    asn1_setup();
+    asn1_addlenfield(val->paChecksum.length, val->paChecksum.contents, 3, asn1_encode_octetstring);
+    asn1_addfield(val->nonce, 2, asn1_encode_integer);
+    asn1_addfield(val->ctime, 1, asn1_encode_kerberos_time);
+    asn1_addfield(val->cusec, 0, asn1_encode_integer);
 
-  asn1_makeseq();
-  asn1_cleanup();
+    asn1_makeseq();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_pk_authenticator_draft9(asn1buf *buf, const krb5_pk_authenticator_draft9 *val, unsigned int *retlen)
 {
-  asn1_setup();
+    asn1_setup();
 
-  asn1_addfield(val->nonce, 4, asn1_encode_integer);
-  asn1_addfield(val->ctime, 3, asn1_encode_kerberos_time);
-  asn1_addfield(val->cusec, 2, asn1_encode_integer);
-  asn1_addfield(val->kdcName, 1, asn1_encode_realm);
-  asn1_addfield(val->kdcName, 0, asn1_encode_principal_name);
+    asn1_addfield(val->nonce, 4, asn1_encode_integer);
+    asn1_addfield(val->ctime, 3, asn1_encode_kerberos_time);
+    asn1_addfield(val->cusec, 2, asn1_encode_integer);
+    asn1_addfield(val->kdcName, 1, asn1_encode_realm);
+    asn1_addfield(val->kdcName, 0, asn1_encode_principal_name);
 
-  asn1_makeseq();
-  asn1_cleanup();
+    asn1_makeseq();
+    asn1_cleanup();
 }
 
 
 asn1_error_code asn1_encode_algorithm_identifier(asn1buf *buf, const krb5_algorithm_identifier *val, unsigned int *retlen)
 {
-  asn1_setup();
+    asn1_setup();
 
-  if (val->parameters.length != 0) {
-    retval = asn1buf_insert_octetstring(buf, val->parameters.length, 
-                                       val->parameters.data);
-    if(retval) {
-      asn1buf_destroy(&buf);
-      return retval;
+    if (val->parameters.length != 0) {
+       retval = asn1buf_insert_octetstring(buf, val->parameters.length, 
+                                           val->parameters.data);
+       if (retval) {
+           asn1buf_destroy(&buf);
+           return retval;
+       }
+       sum += val->parameters.length;
     }
-    sum += val->parameters.length;
-  }
   
-  retval = asn1_encode_oid(buf, val->algorithm.length, 
-                          val->algorithm.data,
-                          &length);
+    retval = asn1_encode_oid(buf, val->algorithm.length, 
+                            val->algorithm.data,
+                            &length);
   
-  if(retval) {
-    asn1buf_destroy(&buf);
-    return retval;
-  }
-  sum += length;  
+    if (retval) {
+       asn1buf_destroy(&buf);
+       return retval;
+    }
+    sum += length;  
 
-  asn1_makeseq();
-  asn1_cleanup();
+    asn1_makeseq();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_subject_pk_info(asn1buf *buf, const krb5_subject_pk_info *val, unsigned int *retlen)
 {
-  asn1_setup();
+    asn1_setup();
 
-  asn1_insert_implicit_bitstring(val->subjectPublicKey.length,val->subjectPublicKey.data,ASN1_BITSTRING);
+    asn1_insert_implicit_bitstring(val->subjectPublicKey.length,val->subjectPublicKey.data,ASN1_BITSTRING);
 
-  if (val->algorithm.parameters.length != 0) {
-    retval = asn1buf_insert_octetstring(buf, val->algorithm.parameters.length, 
-                                       val->algorithm.parameters.data);
-    if(retval) {
-      asn1buf_destroy(&buf);
-      return retval;
+    if (val->algorithm.parameters.length != 0) {
+       retval = asn1buf_insert_octetstring(buf, val->algorithm.parameters.length, 
+                                           val->algorithm.parameters.data);
+       if (retval) {
+           asn1buf_destroy(&buf);
+           return retval;
+       }
+       sum += val->algorithm.parameters.length;
     }
-    sum += val->algorithm.parameters.length;
-  }
   
-  retval = asn1_encode_oid(buf, val->algorithm.algorithm.length, 
-                          val->algorithm.algorithm.data,
-                          &length);
+    retval = asn1_encode_oid(buf, val->algorithm.algorithm.length, 
+                            val->algorithm.algorithm.data,
+                            &length);
   
-  if(retval) {
-    asn1buf_destroy(&buf);
-    return retval;
-  }
-  sum += length;  
+    if (retval) {
+       asn1buf_destroy(&buf);
+       return retval;
+    }
+    sum += length;  
   
-  retval = asn1_make_etag(buf, UNIVERSAL, ASN1_SEQUENCE, 
-                         val->algorithm.parameters.length + length, 
-                         &length);
+    retval = asn1_make_etag(buf, UNIVERSAL, ASN1_SEQUENCE, 
+                           val->algorithm.parameters.length + length, 
+                           &length);
 
-  if(retval) {
-    asn1buf_destroy(&buf);
-    return retval;
-  }
-  sum += length;  
+    if (retval) {
+       asn1buf_destroy(&buf);
+       return retval;
+    }
+    sum += length;  
 
-  asn1_makeseq();
-  asn1_cleanup();
+    asn1_makeseq();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_sequence_of_algorithm_identifier(asn1buf *buf, const krb5_algorithm_identifier **val, unsigned int *retlen)
 {
-  asn1_setup();
-  int i;
+    asn1_setup();
+    int i;
 
-  if(val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
+    if (val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
 
-  for(i=0; val[i] != NULL; i++);
-  for(i--; i>=0; i--){
-    retval = asn1_encode_algorithm_identifier(buf,val[i],&length);
-    if(retval) return retval;
-    sum += length;
-  }
-  asn1_makeseq();
+    for (i=0; val[i] != NULL; i++);
+    for (i--; i>=0; i--) {
+       retval = asn1_encode_algorithm_identifier(buf,val[i],&length);
+       if (retval) return retval;
+       sum += length;
+    }
+    asn1_makeseq();
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_auth_pack(asn1buf *buf, const krb5_auth_pack *val, unsigned int *retlen)
 {
-  asn1_setup();
+    asn1_setup();
 
-  if (val->clientDHNonce.length != 0)
-    asn1_addlenfield(val->clientDHNonce.length, val->clientDHNonce.data, 3, asn1_encode_octetstring);
-  if (val->supportedCMSTypes != NULL)
-    asn1_addfield((const krb5_algorithm_identifier **)val->supportedCMSTypes,2,asn1_encode_sequence_of_algorithm_identifier);
-  if (val->clientPublicValue != NULL)
-    asn1_addfield(val->clientPublicValue,1,asn1_encode_subject_pk_info);
-  asn1_addfield(&(val->pkAuthenticator),0,asn1_encode_pk_authenticator);
+    if (val->clientDHNonce.length != 0)
+       asn1_addlenfield(val->clientDHNonce.length, val->clientDHNonce.data, 3, asn1_encode_octetstring);
+    if (val->supportedCMSTypes != NULL)
+       asn1_addfield((const krb5_algorithm_identifier **)val->supportedCMSTypes,2,asn1_encode_sequence_of_algorithm_identifier);
+    if (val->clientPublicValue != NULL)
+       asn1_addfield(val->clientPublicValue,1,asn1_encode_subject_pk_info);
+    asn1_addfield(&(val->pkAuthenticator),0,asn1_encode_pk_authenticator);
 
-  asn1_makeseq();
-  asn1_cleanup();
+    asn1_makeseq();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_auth_pack_draft9(asn1buf *buf, const krb5_auth_pack_draft9 *val, unsigned int *retlen)
 {
-  asn1_setup();
+    asn1_setup();
 
-  if (val->clientPublicValue != NULL)
-    asn1_addfield(val->clientPublicValue, 1, asn1_encode_subject_pk_info);
-  asn1_addfield(&(val->pkAuthenticator), 0, asn1_encode_pk_authenticator_draft9);
+    if (val->clientPublicValue != NULL)
+       asn1_addfield(val->clientPublicValue, 1, asn1_encode_subject_pk_info);
+    asn1_addfield(&(val->pkAuthenticator), 0, asn1_encode_pk_authenticator_draft9);
 
-  asn1_makeseq();
-  asn1_cleanup();
+    asn1_makeseq();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_external_principal_identifier(asn1buf *buf, const krb5_external_principal_identifier *val, unsigned int *retlen)
 {
-  asn1_setup();
+    asn1_setup();
 
-  /* Verify there is something to encode */
-  if (val->subjectKeyIdentifier.length == 0 && val->issuerAndSerialNumber.length == 0 && val->subjectName.length == 0)
-    return ASN1_MISSING_FIELD;
+    /* Verify there is something to encode */
+    if (val->subjectKeyIdentifier.length == 0 && val->issuerAndSerialNumber.length == 0 && val->subjectName.length == 0)
+       return ASN1_MISSING_FIELD;
 
-  if (val->subjectKeyIdentifier.length != 0) 
-    asn1_insert_implicit_octetstring(val->subjectKeyIdentifier.length,val->subjectKeyIdentifier.data,2);
+    if (val->subjectKeyIdentifier.length != 0) 
+       asn1_insert_implicit_octetstring(val->subjectKeyIdentifier.length,val->subjectKeyIdentifier.data,2);
 
-  if (val->issuerAndSerialNumber.length != 0) 
-    asn1_insert_implicit_octetstring(val->issuerAndSerialNumber.length,val->issuerAndSerialNumber.data,1);
+    if (val->issuerAndSerialNumber.length != 0) 
+       asn1_insert_implicit_octetstring(val->issuerAndSerialNumber.length,val->issuerAndSerialNumber.data,1);
 
-  if (val->subjectName.length != 0) 
-    asn1_insert_implicit_octetstring(val->subjectName.length,val->subjectName.data,0);
+    if (val->subjectName.length != 0) 
+       asn1_insert_implicit_octetstring(val->subjectName.length,val->subjectName.data,0);
 
-  asn1_makeseq();
-  asn1_cleanup();
+    asn1_makeseq();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_sequence_of_external_principal_identifier(asn1buf *buf, const krb5_external_principal_identifier **val, unsigned int *retlen)
 {
-  asn1_setup();
-  int i;
+    asn1_setup();
+    int i;
 
-  if(val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
+    if (val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
 
-  for(i=0; val[i] != NULL; i++);
-  for(i--; i>=0; i--){
-    retval = asn1_encode_external_principal_identifier(buf,val[i],&length);
-    if(retval) return retval;
-    sum += length;
-  }
-  asn1_makeseq();
+    for (i=0; val[i] != NULL; i++);
+    for (i--; i>=0; i--) {
+       retval = asn1_encode_external_principal_identifier(buf,val[i],&length);
+       if (retval) return retval;
+       sum += length;
+    }
+    asn1_makeseq();
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_pa_pk_as_req(asn1buf *buf, const krb5_pa_pk_as_req *val, unsigned int *retlen)
 {
-  asn1_setup();
+    asn1_setup();
 
-  if (val->kdcPkId.length != 0) 
-    asn1_insert_implicit_octetstring(val->kdcPkId.length,val->kdcPkId.data,2);
+    if (val->kdcPkId.length != 0) 
+       asn1_insert_implicit_octetstring(val->kdcPkId.length,val->kdcPkId.data,2);
 
-  if (val->trustedCertifiers != NULL)
-    asn1_addfield((const krb5_external_principal_identifier **)val->trustedCertifiers,1,asn1_encode_sequence_of_external_principal_identifier);
+    if (val->trustedCertifiers != NULL)
+       asn1_addfield((const krb5_external_principal_identifier **)val->trustedCertifiers,1,asn1_encode_sequence_of_external_principal_identifier);
 
-  asn1_insert_implicit_octetstring(val->signedAuthPack.length,val->signedAuthPack.data,0);
+    asn1_insert_implicit_octetstring(val->signedAuthPack.length,val->signedAuthPack.data,0);
 
-  asn1_makeseq();
-  asn1_cleanup();
+    asn1_makeseq();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_trusted_ca(asn1buf *buf, const krb5_trusted_ca *val, unsigned int *retlen)
 {
-  asn1_setup();
+    asn1_setup();
 
-  switch (val->choice) {
+    switch (val->choice) {
     case choice_trusted_cas_issuerAndSerial:
-      asn1_insert_implicit_octetstring(val->u.issuerAndSerial.length,val->u.issuerAndSerial.data,2);
-      break;
+       asn1_insert_implicit_octetstring(val->u.issuerAndSerial.length,val->u.issuerAndSerial.data,2);
+       break;
     case choice_trusted_cas_caName:
-      asn1_insert_implicit_octetstring(val->u.caName.length,val->u.caName.data,1);
-      break;
+       asn1_insert_implicit_octetstring(val->u.caName.length,val->u.caName.data,1);
+       break;
     case choice_trusted_cas_principalName:
-      asn1_addfield_implicit(val->u.principalName,0,asn1_encode_principal_name);
-      break;
+       asn1_addfield_implicit(val->u.principalName,0,asn1_encode_principal_name);
+       break;
     default:
-      return ASN1_MISSING_FIELD;
-  }
+       return ASN1_MISSING_FIELD;
+    }
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_sequence_of_trusted_ca(asn1buf *buf, const krb5_trusted_ca **val, unsigned int *retlen)
 {
-  asn1_setup();
-  int i;
+    asn1_setup();
+    int i;
 
-  if(val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
+    if (val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
 
-  for(i=0; val[i] != NULL; i++);
-  for(i--; i>=0; i--){
-    retval = asn1_encode_trusted_ca(buf,val[i],&length);
-    if(retval) return retval;
-    sum += length;
-  }
-  asn1_makeseq();
-  asn1_cleanup();
+    for (i=0; val[i] != NULL; i++);
+    for (i--; i>=0; i--) {
+       retval = asn1_encode_trusted_ca(buf,val[i],&length);
+       if (retval) return retval;
+       sum += length;
+    }
+    asn1_makeseq();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_pa_pk_as_req_draft9(asn1buf *buf, const krb5_pa_pk_as_req_draft9 *val, unsigned int *retlen)
 {
-  asn1_setup();
+    asn1_setup();
 
-  if (val->encryptionCert.length != 0)
-    asn1_insert_implicit_octetstring(val->encryptionCert.length,val->encryptionCert.data,3);
+    if (val->encryptionCert.length != 0)
+       asn1_insert_implicit_octetstring(val->encryptionCert.length,val->encryptionCert.data,3);
 
-  if (val->kdcCert.length != 0) 
-    asn1_insert_implicit_octetstring(val->kdcCert.length,val->kdcCert.data,2);
+    if (val->kdcCert.length != 0) 
+       asn1_insert_implicit_octetstring(val->kdcCert.length,val->kdcCert.data,2);
 
-  if (val->trustedCertifiers != NULL)
-    asn1_addfield((const krb5_trusted_ca **)val->trustedCertifiers,1,asn1_encode_sequence_of_trusted_ca);
+    if (val->trustedCertifiers != NULL)
+       asn1_addfield((const krb5_trusted_ca **)val->trustedCertifiers,1,asn1_encode_sequence_of_trusted_ca);
 
-  asn1_insert_implicit_octetstring(val->signedAuthPack.length,val->signedAuthPack.data,0);
+    asn1_insert_implicit_octetstring(val->signedAuthPack.length,val->signedAuthPack.data,0);
 
-  asn1_makeseq();
-  asn1_cleanup();
+    asn1_makeseq();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_dh_rep_info(asn1buf *buf, const krb5_dh_rep_info *val, unsigned int *retlen)
 {
-  asn1_setup();
+    asn1_setup();
 
-  if (val->serverDHNonce.length != 0)
-    asn1_insert_implicit_octetstring(val->serverDHNonce.length,val->serverDHNonce.data,1);
+    if (val->serverDHNonce.length != 0)
+       asn1_insert_implicit_octetstring(val->serverDHNonce.length,val->serverDHNonce.data,1);
   
-  asn1_insert_implicit_octetstring(val->dhSignedData.length,val->dhSignedData.data,0);
+    asn1_insert_implicit_octetstring(val->dhSignedData.length,val->dhSignedData.data,0);
 
-  asn1_makeseq();
-  asn1_cleanup();
+    asn1_makeseq();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_kdc_dh_key_info(asn1buf *buf, const krb5_kdc_dh_key_info *val, unsigned int *retlen)
 {
-  asn1_setup();
-
-  if (val->dhKeyExpiration != 0) 
-    asn1_addfield(val->dhKeyExpiration, 2, asn1_encode_kerberos_time);
-  asn1_addfield(val->nonce, 1, asn1_encode_integer);
+    asn1_setup();
 
-  asn1_insert_implicit_bitstring(val->subjectPublicKey.length,val->subjectPublicKey.data,3);
-  retval = asn1_make_etag(buf, CONTEXT_SPECIFIC, 0, 
-                         val->subjectPublicKey.length + 1 + length,
-                         &length);
-  if(retval) {
-    asn1buf_destroy(&buf);
-    return retval;
-  }
-  sum += length; 
+    if (val->dhKeyExpiration != 0) 
+       asn1_addfield(val->dhKeyExpiration, 2, asn1_encode_kerberos_time);
+    asn1_addfield(val->nonce, 1, asn1_encode_integer);
+
+    asn1_insert_implicit_bitstring(val->subjectPublicKey.length,val->subjectPublicKey.data,3);
+    retval = asn1_make_etag(buf, CONTEXT_SPECIFIC, 0, 
+                           val->subjectPublicKey.length + 1 + length,
+                           &length);
+    if (retval) {
+       asn1buf_destroy(&buf);
+       return retval;
+    }
+    sum += length; 
 
-  asn1_makeseq();
-  asn1_cleanup();
+    asn1_makeseq();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_reply_key_pack(asn1buf *buf, const krb5_reply_key_pack *val, unsigned int *retlen)
 {
-  asn1_setup();
+    asn1_setup();
 
-  asn1_addfield(&(val->asChecksum), 1, asn1_encode_checksum);
-  asn1_addfield(&(val->replyKey), 0, asn1_encode_encryption_key);
+    asn1_addfield(&(val->asChecksum), 1, asn1_encode_checksum);
+    asn1_addfield(&(val->replyKey), 0, asn1_encode_encryption_key);
 
-  asn1_makeseq();
-  asn1_cleanup();
+    asn1_makeseq();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_reply_key_pack_draft9(asn1buf *buf, const krb5_reply_key_pack_draft9 *val, unsigned int *retlen)
 {
-  asn1_setup();
+    asn1_setup();
 
-  asn1_addfield(val->nonce, 1, asn1_encode_integer);
-  asn1_addfield(&(val->replyKey), 0, asn1_encode_encryption_key);
+    asn1_addfield(val->nonce, 1, asn1_encode_integer);
+    asn1_addfield(&(val->replyKey), 0, asn1_encode_encryption_key);
 
-  asn1_makeseq();
-  asn1_cleanup();
+    asn1_makeseq();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_pa_pk_as_rep(asn1buf *buf, const krb5_pa_pk_as_rep *val, unsigned int *retlen)
 {
-  asn1_setup();
+    asn1_setup();
 
-  switch (val->choice)
-  {
+    switch (val->choice)
+    {
     case choice_pa_pk_as_rep_dhInfo:
-      asn1_addfield(&(val->u.dh_Info), choice_pa_pk_as_rep_dhInfo, asn1_encode_dh_rep_info);
-      break;
+       asn1_addfield(&(val->u.dh_Info), choice_pa_pk_as_rep_dhInfo, asn1_encode_dh_rep_info);
+       break;
     case choice_pa_pk_as_rep_encKeyPack:
-      asn1_insert_implicit_octetstring(val->u.encKeyPack.length,val->u.encKeyPack.data,1);
-      break;
+       asn1_insert_implicit_octetstring(val->u.encKeyPack.length,val->u.encKeyPack.data,1);
+       break;
     default:
-      return ASN1_MISSING_FIELD;
-  }
+       return ASN1_MISSING_FIELD;
+    }
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_pa_pk_as_rep_draft9(asn1buf *buf, const krb5_pa_pk_as_rep_draft9 *val, unsigned int *retlen)
 {
-  asn1_setup();
+    asn1_setup();
 
-  switch (val->choice)
-  {
+    switch (val->choice)
+    {
     case choice_pa_pk_as_rep_draft9_dhSignedData:
-      asn1_insert_implicit_octetstring(val->u.dhSignedData.length,val->u.dhSignedData.data,0);
-      break;
+       asn1_insert_implicit_octetstring(val->u.dhSignedData.length,val->u.dhSignedData.data,0);
+       break;
     case choice_pa_pk_as_rep_encKeyPack:
-      asn1_insert_implicit_octetstring(val->u.encKeyPack.length,val->u.encKeyPack.data,1);
-      break;
+       asn1_insert_implicit_octetstring(val->u.encKeyPack.length,val->u.encKeyPack.data,1);
+       break;
     default:
-      return ASN1_MISSING_FIELD;
-  }
+       return ASN1_MISSING_FIELD;
+    }
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_td_trusted_certifiers(asn1buf *buf, const krb5_external_principal_identifier **val, unsigned int *retlen)
 {
-  asn1_setup();
-  retval = asn1_encode_sequence_of_external_principal_identifier(buf, val, &length);
-  if (retval) {
-    asn1buf_destroy(&buf);
-    return retval;
-  }
-  asn1_cleanup();
+    asn1_setup();
+    retval = asn1_encode_sequence_of_external_principal_identifier(buf, val, &length);
+    if (retval) {
+       asn1buf_destroy(&buf);
+       return retval;
+    }
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_sequence_of_typed_data(asn1buf *buf, const krb5_typed_data **val, unsigned int *retlen)
 {
-  asn1_setup();
-  int i;
+    asn1_setup();
+    int i;
 
-  if(val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
+    if (val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
 
-  for(i=0; val[i] != NULL; i++);
-  for(i--; i>=0; i--){
-    retval = asn1_encode_typed_data(buf,val[i],&length);
-    if(retval) return retval;
-    sum += length;
-  }
-  asn1_makeseq();
+    for (i=0; val[i] != NULL; i++);
+    for (i--; i>=0; i--) {
+       retval = asn1_encode_typed_data(buf,val[i],&length);
+       if (retval) return retval;
+       sum += length;
+    }
+    asn1_makeseq();
 
-  asn1_cleanup();
+    asn1_cleanup();
 }
 
 asn1_error_code asn1_encode_typed_data(asn1buf *buf, const krb5_typed_data *val, unsigned int *retlen)
 {
-  asn1_setup();
-  asn1_addlenfield(val->length, val->data, 1, asn1_encode_octetstring);
-  asn1_addfield(val->type, 0, asn1_encode_integer);
-  asn1_makeseq();
-  asn1_cleanup();
+    asn1_setup();
+    asn1_addlenfield(val->length, val->data, 1, asn1_encode_octetstring);
+    asn1_addfield(val->type, 0, asn1_encode_integer);
+    asn1_makeseq();
+    asn1_cleanup();
 }
 #endif /* DISABLE_PKINIT */
index dddf2da8fe66a92357ea17d263ca0b91e83c034f..5c13c035a5f9a1bd56a0bc775609534a32de10d6 100644 (file)
@@ -30,7 +30,7 @@ asn1_error_code asn1_make_etag(asn1buf *buf, asn1_class asn1class,
                               asn1_tagnum tagnum, unsigned int in_len,
                               unsigned int *retlen)
 {
-  return asn1_make_tag(buf,asn1class,CONSTRUCTED,tagnum,in_len,retlen);
+    return asn1_make_tag(buf,asn1class,CONSTRUCTED,tagnum,in_len,retlen);
 }
 
 
@@ -39,122 +39,122 @@ asn1_error_code asn1_make_tag(asn1buf *buf, asn1_class asn1class,
                              asn1_tagnum tagnum, unsigned int in_len,
                              unsigned int *retlen)
 {
-  asn1_error_code retval;
-  unsigned int sumlen=0, length;
+    asn1_error_code retval;
+    unsigned int sumlen=0, length;
 
-  if(tagnum > ASN1_TAGNUM_MAX) return ASN1_OVERFLOW;
+    if (tagnum > ASN1_TAGNUM_MAX) return ASN1_OVERFLOW;
 
-  retval = asn1_make_length(buf,in_len, &length);
-  if(retval) return retval;
-  sumlen += length;
-  retval = asn1_make_id(buf,asn1class,construction,tagnum,&length);
-  if(retval) return retval;
-  sumlen += length;
+    retval = asn1_make_length(buf,in_len, &length);
+    if (retval) return retval;
+    sumlen += length;
+    retval = asn1_make_id(buf,asn1class,construction,tagnum,&length);
+    if (retval) return retval;
+    sumlen += length;
 
-  *retlen = sumlen;
-  return 0;
+    *retlen = sumlen;
+    return 0;
 }
 
 asn1_error_code asn1_make_length(asn1buf *buf, const unsigned int in_len, unsigned int *retlen)
 {
-  asn1_error_code retval;
-
-  if(in_len < 128){
-    retval = asn1buf_insert_octet(buf, (asn1_octet)(in_len&0x7F));
-    if(retval) return retval;
-    *retlen = 1;
-  }else{
-    int in_copy=in_len, length=0;
-
-    while(in_copy != 0){
-      retval = asn1buf_insert_octet(buf, (asn1_octet)(in_copy&0xFF));
-      if(retval) return retval;
-      in_copy = in_copy >> 8;
-      length++;
+    asn1_error_code retval;
+
+    if (in_len < 128) {
+       retval = asn1buf_insert_octet(buf, (asn1_octet)(in_len&0x7F));
+       if (retval) return retval;
+       *retlen = 1;
+    } else {
+       int in_copy=in_len, length=0;
+
+       while (in_copy != 0) {
+           retval = asn1buf_insert_octet(buf, (asn1_octet)(in_copy&0xFF));
+           if (retval) return retval;
+           in_copy = in_copy >> 8;
+           length++;
+       }
+       retval = asn1buf_insert_octet(buf, (asn1_octet) (0x80 | (asn1_octet)(length&0x7F)));
+       if (retval) return retval;
+       length++;
+       *retlen = length;
     }
-    retval = asn1buf_insert_octet(buf, (asn1_octet) (0x80 | (asn1_octet)(length&0x7F)));
-    if(retval) return retval;
-    length++;
-    *retlen = length;
-  }
 
-  return 0;
+    return 0;
 }
 
 asn1_error_code asn1_make_id(asn1buf *buf, asn1_class asn1class,
                             asn1_construction construction,
                             asn1_tagnum tagnum, unsigned int *retlen)
 {
-  asn1_error_code retval;
-
-  if(tagnum < 31) {
-    retval = asn1buf_insert_octet(buf, (asn1_octet) (asn1class | construction |
-                                                    (asn1_octet)tagnum));
-    if(retval) return retval;
-    *retlen = 1;
-  }else{
-    asn1_tagnum tagcopy = tagnum;
-    int length = 0;
-
-    retval = asn1buf_insert_octet(buf, (asn1_octet)(tagcopy&0x7F));
-    if(retval) return retval;
-    tagcopy >>= 7;
-    length++;
-
-    for(; tagcopy != 0; tagcopy >>= 7){
-      retval = asn1buf_insert_octet(buf, (asn1_octet) (0x80 | (asn1_octet)(tagcopy&0x7F)));
-      if(retval) return retval;
-      length++;
+    asn1_error_code retval;
+
+    if (tagnum < 31) {
+       retval = asn1buf_insert_octet(buf, (asn1_octet) (asn1class | construction |
+                                                        (asn1_octet)tagnum));
+       if (retval) return retval;
+       *retlen = 1;
+    } else {
+       asn1_tagnum tagcopy = tagnum;
+       int length = 0;
+
+       retval = asn1buf_insert_octet(buf, (asn1_octet)(tagcopy&0x7F));
+       if (retval) return retval;
+       tagcopy >>= 7;
+       length++;
+
+       for (; tagcopy != 0; tagcopy >>= 7) {
+           retval = asn1buf_insert_octet(buf, (asn1_octet) (0x80 | (asn1_octet)(tagcopy&0x7F)));
+           if (retval) return retval;
+           length++;
+       }
+
+       retval = asn1buf_insert_octet(buf, (asn1_octet) (asn1class | construction | 0x1F));
+       if (retval) return retval;
+       length++;
+       *retlen = length;
     }
 
-    retval = asn1buf_insert_octet(buf, (asn1_octet) (asn1class | construction | 0x1F));
-    if(retval) return retval;
-    length++;
-    *retlen = length;
-  }
-
-  return 0;
+    return 0;
 }
 
 asn1_error_code asn1_make_sequence(asn1buf *buf, const unsigned int seq_len, unsigned int *retlen)
 {
-  asn1_error_code retval;
-  unsigned int len, sum=0;
-
-  retval = asn1_make_length(buf,seq_len,&len);
-  if(retval) return retval;
-  sum += len;
-  retval = asn1_make_id(buf,UNIVERSAL,CONSTRUCTED,ASN1_SEQUENCE,&len);
-  if(retval) return retval;
-  sum += len;
-
-  *retlen = sum;
-  return 0;
+    asn1_error_code retval;
+    unsigned int len, sum=0;
+
+    retval = asn1_make_length(buf,seq_len,&len);
+    if (retval) return retval;
+    sum += len;
+    retval = asn1_make_id(buf,UNIVERSAL,CONSTRUCTED,ASN1_SEQUENCE,&len);
+    if (retval) return retval;
+    sum += len;
+
+    *retlen = sum;
+    return 0;
 }
 
 asn1_error_code asn1_make_set(asn1buf *buf, const unsigned int set_len, unsigned int *retlen)
 {
-  asn1_error_code retval;
-  unsigned int len, sum=0;
-
-  retval = asn1_make_length(buf,set_len,&len);
-  if(retval) return retval;
-  sum += len;
-  retval = asn1_make_id(buf,UNIVERSAL,CONSTRUCTED,ASN1_SET,&len);
-  if(retval) return retval;
-  sum += len;
-
-  *retlen = sum;
-  return 0;
+    asn1_error_code retval;
+    unsigned int len, sum=0;
+
+    retval = asn1_make_length(buf,set_len,&len);
+    if (retval) return retval;
+    sum += len;
+    retval = asn1_make_id(buf,UNIVERSAL,CONSTRUCTED,ASN1_SET,&len);
+    if (retval) return retval;
+    sum += len;
+
+    *retlen = sum;
+    return 0;
 }
 
 asn1_error_code asn1_make_string(asn1buf *buf, const unsigned int length, const char *string, int *retlen)
 {
-  asn1_error_code retval;
+    asn1_error_code retval;
 
-  retval = asn1buf_insert_charstring(buf,length,string);
-  if(retval) return retval;
+    retval = asn1buf_insert_charstring(buf,length,string);
+    if (retval) return retval;
 
-  *retlen = length;
-  return 0;
+    *retlen = length;
+    return 0;
 }
index 62412ae6e1c9a2ad57823b1165a321a38d4e11df..54ed273ce14870b6eb74b59cfbaed85a0721a084 100644 (file)
 
 asn1_error_code asn1_krb5_realm_copy(krb5_principal target, krb5_principal source)
 {
-  target->realm.length = source->realm.length;
-  target->realm.data = (char*)malloc(target->realm.length); /* copy realm */
-  if (target->realm.data == NULL) return ENOMEM;
-  memcpy(target->realm.data,source->realm.data, /* to client */
-        target->realm.length);
-  return 0;
+    target->realm.length = source->realm.length;
+    target->realm.data = (char*)malloc(target->realm.length); /* copy realm */
+    if (target->realm.data == NULL) return ENOMEM;
+    memcpy(target->realm.data,source->realm.data, /* to client */
+          target->realm.length);
+    return 0;
 }
index 43ef97ca830b64d7ffa548cf49e79f2deab66892..5320e184e4ee2fecb22a41d097cb6809637e5d91 100644 (file)
 
 asn1_error_code asn1buf_create(asn1buf **buf)
 {
-  *buf = (asn1buf*)malloc(sizeof(asn1buf));
-  if (*buf == NULL) return ENOMEM;
-  (*buf)->base = NULL;
-  (*buf)->bound = NULL;
-  (*buf)->next = NULL;
-  return 0;
+    *buf = (asn1buf*)malloc(sizeof(asn1buf));
+    if (*buf == NULL) return ENOMEM;
+    (*buf)->base = NULL;
+    (*buf)->bound = NULL;
+    (*buf)->next = NULL;
+    return 0;
 }
 
 asn1_error_code asn1buf_wrap_data(asn1buf *buf, const krb5_data *code)
 {
-  if(code == NULL || code->data == NULL) return ASN1_MISSING_FIELD;
-  buf->next = buf->base = code->data;
-  buf->bound = code->data + code->length - 1;
-  return 0;
+    if (code == NULL || code->data == NULL) return ASN1_MISSING_FIELD;
+    buf->next = buf->base = code->data;
+    buf->bound = code->data + code->length - 1;
+    return 0;
 }
 
 asn1_error_code asn1buf_imbed(asn1buf *subbuf, const asn1buf *buf, const unsigned int length, const int indef)
 {
-  subbuf->base = subbuf->next = buf->next;
-  if (!indef) {
-      subbuf->bound = subbuf->base + length - 1;
-      if (subbuf->bound > buf->bound)
-         return ASN1_OVERRUN;
-  } else /* constructed indefinite */
-      subbuf->bound = buf->bound;
-  return 0;
+    subbuf->base = subbuf->next = buf->next;
+    if (!indef) {
+       subbuf->bound = subbuf->base + length - 1;
+       if (subbuf->bound > buf->bound)
+           return ASN1_OVERRUN;
+    } else /* constructed indefinite */
+       subbuf->bound = buf->bound;
+    return 0;
 }
 
 asn1_error_code asn1buf_sync(asn1buf *buf, asn1buf *subbuf,
                             asn1_class asn1class, asn1_tagnum lasttag,
                             unsigned int length, int indef, int seqindef)
 {
-  asn1_error_code retval;
-
-  if (!seqindef) {
-    /* sequence was encoded as definite length */
-    buf->next = subbuf->bound + 1;
-  } else if (!asn1_is_eoc(asn1class, lasttag, indef)) {
-      retval = asn1buf_skiptail(subbuf, length, indef);
-      if (retval)
-         return retval;
-  } else {
-    /* We have just read the EOC octets. */
-    buf->next = subbuf->next;
-  }
-  return 0;
+    asn1_error_code retval;
+
+    if (!seqindef) {
+       /* sequence was encoded as definite length */
+       buf->next = subbuf->bound + 1;
+    } else if (!asn1_is_eoc(asn1class, lasttag, indef)) {
+       retval = asn1buf_skiptail(subbuf, length, indef);
+       if (retval)
+           return retval;
+    } else {
+       /* We have just read the EOC octets. */
+       buf->next = subbuf->next;
+    }
+    return 0;
 }
 
 asn1_error_code asn1buf_skiptail(asn1buf *buf, const unsigned int length, const int indef)
 {
-  asn1_error_code retval;
-  taginfo t;
-  int nestlevel;
-
-  nestlevel = 1 + indef;
-  if (!indef) {
-    if (length <= buf->bound - buf->next + 1)
-      buf->next += length;
-    else
-      return ASN1_OVERRUN;
-  }
-  while (nestlevel > 0) {
-    if (buf->bound - buf->next + 1 <= 0)
-      return ASN1_OVERRUN;
-    retval = asn1_get_tag_2(buf, &t);
-    if (retval) return retval;
-    if (!t.indef) {
-      if (t.length <= buf->bound - buf->next + 1)
-       buf->next += t.length;
-      else
-       return ASN1_OVERRUN;
+    asn1_error_code retval;
+    taginfo t;
+    int nestlevel;
+
+    nestlevel = 1 + indef;
+    if (!indef) {
+       if (length <= buf->bound - buf->next + 1)
+           buf->next += length;
+       else
+           return ASN1_OVERRUN;
+    }
+    while (nestlevel > 0) {
+       if (buf->bound - buf->next + 1 <= 0)
+           return ASN1_OVERRUN;
+       retval = asn1_get_tag_2(buf, &t);
+       if (retval) return retval;
+       if (!t.indef) {
+           if (t.length <= buf->bound - buf->next + 1)
+               buf->next += t.length;
+           else
+               return ASN1_OVERRUN;
+       }
+       if (t.indef)
+           nestlevel++;
+       if (asn1_is_eoc(t.asn1class, t.tagnum, t.indef))
+           nestlevel--;                /* got an EOC encoding */
     }
-    if (t.indef)
-      nestlevel++;
-    if (asn1_is_eoc(t.asn1class, t.tagnum, t.indef))
-      nestlevel--;             /* got an EOC encoding */
-  }
-  return 0;
+    return 0;
 }
 
 asn1_error_code asn1buf_destroy(asn1buf **buf)
 {
-  if (*buf != NULL) {
-    free((*buf)->base);
-    free(*buf);
-    *buf = NULL;
-  }
-  return 0;
+    if (*buf != NULL) {
+       free((*buf)->base);
+       free(*buf);
+       *buf = NULL;
+    }
+    return 0;
 }
 
 #ifdef asn1buf_insert_octet
@@ -155,115 +155,115 @@ asn1_error_code asn1buf_destroy(asn1buf **buf)
 #endif
 asn1_error_code asn1buf_insert_octet(asn1buf *buf, const int o)
 {
-  asn1_error_code retval;
+    asn1_error_code retval;
 
-  retval = asn1buf_ensure_space(buf,1U);
-  if(retval) return retval;
-  *(buf->next) = (char)o;
-  (buf->next)++;
-  return 0;
+    retval = asn1buf_ensure_space(buf,1U);
+    if (retval) return retval;
+    *(buf->next) = (char)o;
+    (buf->next)++;
+    return 0;
 }
 
 asn1_error_code asn1buf_insert_octetstring(asn1buf *buf, const unsigned int len, const krb5_octet *s)
 {
-  asn1_error_code retval;
-  unsigned int length;
-
-  retval = asn1buf_ensure_space(buf,len);
-  if(retval) return retval;
-  for(length=1; length<=len; length++,(buf->next)++)
-    *(buf->next) = (char)(s[len-length]);
-  return 0;
+    asn1_error_code retval;
+    unsigned int length;
+
+    retval = asn1buf_ensure_space(buf,len);
+    if (retval) return retval;
+    for (length=1; length<=len; length++,(buf->next)++)
+       *(buf->next) = (char)(s[len-length]);
+    return 0;
 }
 
 asn1_error_code asn1buf_insert_charstring(asn1buf *buf, const unsigned int len, const char *s)
 {
-  asn1_error_code retval;
-  unsigned int length;
-
-  retval = asn1buf_ensure_space(buf,len);
-  if(retval) return retval;
-  for(length=1; length<=len; length++,(buf->next)++)
-    *(buf->next) = (char)(s[len-length]);
-  return 0;
+    asn1_error_code retval;
+    unsigned int length;
+
+    retval = asn1buf_ensure_space(buf,len);
+    if (retval) return retval;
+    for (length=1; length<=len; length++,(buf->next)++)
+       *(buf->next) = (char)(s[len-length]);
+    return 0;
 }
 
 #undef asn1buf_remove_octet
 asn1_error_code asn1buf_remove_octet(asn1buf *buf, asn1_octet *o)
 {
-  if(buf->next > buf->bound) return ASN1_OVERRUN;
-  *o = (asn1_octet)(*((buf->next)++));
-  return 0;
+    if (buf->next > buf->bound) return ASN1_OVERRUN;
+    *o = (asn1_octet)(*((buf->next)++));
+    return 0;
 }
 
 asn1_error_code asn1buf_remove_octetstring(asn1buf *buf, const unsigned int len, asn1_octet **s)
 {
-  unsigned int i;
-
-  if (len > buf->bound + 1 - buf->next) return ASN1_OVERRUN;
-  if (len == 0) {
-      *s = 0;
-      return 0;
-  }
-  *s = (asn1_octet*)malloc(len*sizeof(asn1_octet));
-  if (*s == NULL)
-      return ENOMEM;
-  for(i=0; i<len; i++)
-    (*s)[i] = (asn1_octet)(buf->next)[i];
-  buf->next += len;
-  return 0;
+    unsigned int i;
+
+    if (len > buf->bound + 1 - buf->next) return ASN1_OVERRUN;
+    if (len == 0) {
+       *s = 0;
+       return 0;
+    }
+    *s = (asn1_octet*)malloc(len*sizeof(asn1_octet));
+    if (*s == NULL)
+       return ENOMEM;
+    for (i=0; i<len; i++)
+       (*s)[i] = (asn1_octet)(buf->next)[i];
+    buf->next += len;
+    return 0;
 }
 
 asn1_error_code asn1buf_remove_charstring(asn1buf *buf, const unsigned int len, char **s)
 {
-  unsigned int i;
-
-  if (len > buf->bound + 1 - buf->next) return ASN1_OVERRUN;
-  if (len == 0) {
-      *s = 0;
-      return 0;
-  }
-  *s = (char*)malloc(len*sizeof(char));
-  if (*s == NULL) return ENOMEM;
-  for(i=0; i<len; i++)
-    (*s)[i] = (char)(buf->next)[i];
-  buf->next += len;
-  return 0;
+    unsigned int i;
+
+    if (len > buf->bound + 1 - buf->next) return ASN1_OVERRUN;
+    if (len == 0) {
+       *s = 0;
+       return 0;
+    }
+    *s = (char*)malloc(len*sizeof(char));
+    if (*s == NULL) return ENOMEM;
+    for (i=0; i<len; i++)
+       (*s)[i] = (char)(buf->next)[i];
+    buf->next += len;
+    return 0;
 }
 
 int asn1buf_remains(asn1buf *buf, int indef)
 {
-  int remain;
-  if(buf == NULL || buf->base == NULL) return 0;
-  remain = buf->bound - buf->next +1;
-  if (remain <= 0) return remain;
-  /*
-   * Two 0 octets means the end of an indefinite encoding.
-   */
-  if (indef && remain >= 2 && !*(buf->next) && !*(buf->next + 1))
-      return 0;
-  else return remain;
+    int remain;
+    if (buf == NULL || buf->base == NULL) return 0;
+    remain = buf->bound - buf->next +1;
+    if (remain <= 0) return remain;
+    /*
+     * Two 0 octets means the end of an indefinite encoding.
+     */
+    if (indef && remain >= 2 && !*(buf->next) && !*(buf->next + 1))
+       return 0;
+    else return remain;
 }
 
 asn1_error_code asn12krb5_buf(const asn1buf *buf, krb5_data **code)
 {
-  unsigned int i;
-  *code = (krb5_data*)calloc(1,sizeof(krb5_data));
-  if(*code == NULL) return ENOMEM;
-  (*code)->magic = KV5M_DATA;
-  (*code)->data = NULL;
-  (*code)->length = 0;
-  (*code)->length = asn1buf_len(buf);
-  (*code)->data = (char*)malloc((((*code)->length)+1)*sizeof(char));
-  if ((*code)->data == NULL) {
-    free(*code);
-    *code = NULL;
-    return ENOMEM;
-  }
-  for(i=0; i < (*code)->length; i++)
-    ((*code)->data)[i] = (buf->base)[((*code)->length)-i-1];
-  ((*code)->data)[(*code)->length] = '\0';
-  return 0;
+    unsigned int i;
+    *code = (krb5_data*)calloc(1,sizeof(krb5_data));
+    if (*code == NULL) return ENOMEM;
+    (*code)->magic = KV5M_DATA;
+    (*code)->data = NULL;
+    (*code)->length = 0;
+    (*code)->length = asn1buf_len(buf);
+    (*code)->data = (char*)malloc((((*code)->length)+1)*sizeof(char));
+    if ((*code)->data == NULL) {
+       free(*code);
+       *code = NULL;
+       return ENOMEM;
+    }
+    for (i=0; i < (*code)->length; i++)
+       ((*code)->data)[i] = (buf->base)[((*code)->length)-i-1];
+    ((*code)->data)[(*code)->length] = '\0';
+    return 0;
 }
 
 
@@ -273,58 +273,58 @@ asn1_error_code asn12krb5_buf(const asn1buf *buf, krb5_data **code)
 
 asn1_error_code asn1buf_unparse(const asn1buf *buf, char **s)
 {
-  free(*s);
-  if(buf == NULL){
-    *s = malloc(sizeof("<NULL>"));
-    if(*s == NULL) return ENOMEM;
-    strcpy(*s,"<NULL>");
-  }else if(buf->base == NULL){
-    *s = malloc(sizeof("<EMPTY>"));
-    if(*s == NULL) return ENOMEM;
-    strcpy(*s,"<EMPTY>");
-  }else{
-    unsigned int length = asn1buf_len(buf);
-    unsigned int i;
-
-    *s = calloc(length+1, sizeof(char));
-    if(*s == NULL) return ENOMEM;
-    (*s)[length] = '\0';
-    for(i=0; i<length; i++) ;
+    free(*s);
+    if (buf == NULL) {
+       *s = malloc(sizeof("<NULL>"));
+       if (*s == NULL) return ENOMEM;
+       strcpy(*s,"<NULL>");
+    } else if (buf->base == NULL) {
+       *s = malloc(sizeof("<EMPTY>"));
+       if (*s == NULL) return ENOMEM;
+       strcpy(*s,"<EMPTY>");
+    } else {
+       unsigned int length = asn1buf_len(buf);
+       unsigned int i;
+
+       *s = calloc(length+1, sizeof(char));
+       if (*s == NULL) return ENOMEM;
+       (*s)[length] = '\0';
+       for (i=0; i<length; i++) ;
 /*      OLDDECLARG( (*s)[i] = , (buf->base)[length-i-1]) */
-  }
-  return 0;
+    }
+    return 0;
 }
 
 asn1_error_code asn1buf_hex_unparse(const asn1buf *buf, char **s)
 {
-#define hexchar(d) ((d)<=9 ? ('0'+(d)) :\
-                   ((d)<=15 ? ('A'+(d)-10) :\
-                   'X'))
-
-  free(*s);
-
-  if(buf == NULL){
-    *s = malloc(sizeof("<NULL>"));
-    if(*s == NULL) return ENOMEM;
-    strcpy(*s,"<NULL>");
-  }else if(buf->base == NULL){
-    *s = malloc(sizeof("<EMPTY>"));
-    if(*s == NULL) return ENOMEM;
-    strcpy(*s,"<EMPTY>");
-  }else{
-    unsigned int length = asn1buf_len(buf);
-    int i;
-
-    *s = malloc(3*length);
-    if(*s == NULL) return ENOMEM;
-    for(i = length-1; i >= 0; i--){
-      (*s)[3*(length-i-1)] = hexchar(((buf->base)[i]&0xF0)>>4);
-      (*s)[3*(length-i-1)+1] = hexchar((buf->base)[i]&0x0F);
-      (*s)[3*(length-i-1)+2] = ' ';
+#define hexchar(d) ((d)<=9 ? ('0'+(d)) :       \
+                   ((d)<=15 ? ('A'+(d)-10) :   \
+                    'X'))
+
+    free(*s);
+
+    if (buf == NULL) {
+       *s = malloc(sizeof("<NULL>"));
+       if (*s == NULL) return ENOMEM;
+       strcpy(*s,"<NULL>");
+    } else if (buf->base == NULL) {
+       *s = malloc(sizeof("<EMPTY>"));
+       if (*s == NULL) return ENOMEM;
+       strcpy(*s,"<EMPTY>");
+    } else {
+       unsigned int length = asn1buf_len(buf);
+       int i;
+
+       *s = malloc(3*length);
+       if (*s == NULL) return ENOMEM;
+       for (i = length-1; i >= 0; i--) {
+           (*s)[3*(length-i-1)] = hexchar(((buf->base)[i]&0xF0)>>4);
+           (*s)[3*(length-i-1)+1] = hexchar((buf->base)[i]&0x0F);
+           (*s)[3*(length-i-1)+2] = ' ';
+       }
+       (*s)[3*length-1] = '\0';
     }
-    (*s)[3*length-1] = '\0';
-  }
-  return 0;
+    return 0;
 }
 
 /****************************************************************/
@@ -333,52 +333,52 @@ asn1_error_code asn1buf_hex_unparse(const asn1buf *buf, char **s)
 #undef asn1buf_size
 int asn1buf_size(const asn1buf *buf)
 {
-  if(buf == NULL || buf->base == NULL) return 0;
-  return buf->bound - buf->base + 1;
+    if (buf == NULL || buf->base == NULL) return 0;
+    return buf->bound - buf->base + 1;
 }
 
 #undef asn1buf_free
 unsigned int asn1buf_free(const asn1buf *buf)
 {
-  if(buf == NULL || buf->base == NULL) return 0;
-  else return buf->bound - buf->next + 1;
+    if (buf == NULL || buf->base == NULL) return 0;
+    else return buf->bound - buf->next + 1;
 }
 
 #undef asn1buf_ensure_space
 asn1_error_code asn1buf_ensure_space(asn1buf *buf, const unsigned int amount)
 {
-  int avail = asn1buf_free(buf);
-  if(avail < amount){
-    asn1_error_code retval = asn1buf_expand(buf, amount-avail);
-    if(retval) return retval;
-  }
-  return 0;
+    int avail = asn1buf_free(buf);
+    if (avail < amount) {
+       asn1_error_code retval = asn1buf_expand(buf, amount-avail);
+       if (retval) return retval;
+    }
+    return 0;
 }
 
 asn1_error_code asn1buf_expand(asn1buf *buf, unsigned int inc)
 {
 #define STANDARD_INCREMENT 200
-  int next_offset = buf->next - buf->base;
-  int bound_offset;
-  if (buf->base == NULL) bound_offset = -1;
-  else bound_offset = buf->bound - buf->base;
-
-  if (inc < STANDARD_INCREMENT)
-    inc = STANDARD_INCREMENT;
-
-  if (buf->base == NULL)
-    buf->base = malloc((asn1buf_size(buf)+inc) * sizeof(asn1_octet));
-  else
-    buf->base = realloc(buf->base,
-                       (asn1buf_size(buf)+inc) * sizeof(asn1_octet));
-  if (buf->base == NULL) return ENOMEM;
-  buf->bound = (buf->base) + bound_offset + inc;
-  buf->next = (buf->base) + next_offset;
-  return 0;
+    int next_offset = buf->next - buf->base;
+    int bound_offset;
+    if (buf->base == NULL) bound_offset = -1;
+    else bound_offset = buf->bound - buf->base;
+
+    if (inc < STANDARD_INCREMENT)
+       inc = STANDARD_INCREMENT;
+
+    if (buf->base == NULL)
+       buf->base = malloc((asn1buf_size(buf)+inc) * sizeof(asn1_octet));
+    else
+       buf->base = realloc(buf->base,
+                           (asn1buf_size(buf)+inc) * sizeof(asn1_octet));
+    if (buf->base == NULL) return ENOMEM;
+    buf->bound = (buf->base) + bound_offset + inc;
+    buf->next = (buf->base) + next_offset;
+    return 0;
 }
 
 #undef asn1buf_len
 int asn1buf_len(const asn1buf *buf)
 {
-  return buf->next - buf->base;
+    return buf->next - buf->base;
 }
index b24ce68a627cbc40fb2594502d1ca2bab7c20bd4..66daaba691fc2d9144b2b50ad413407d6f0f9be2 100644 (file)
@@ -151,13 +151,13 @@ asn1_error_code asn1buf_insert_octet
 #if ((__GNUC__ >= 2) && !defined(ASN1BUF_OMIT_INLINE_FUNCS)) && !defined(CONFIG_SMALL)
 extern __inline__ asn1_error_code asn1buf_insert_octet(asn1buf *buf, const int o)
 {
-  asn1_error_code retval;
+    asn1_error_code retval;
 
-  retval = asn1buf_ensure_space(buf,1U);
-  if(retval) return retval;
-  *(buf->next) = (char)o;
-  (buf->next)++;
-  return 0;
+    retval = asn1buf_ensure_space(buf,1U);
+    if (retval) return retval;
+    *(buf->next) = (char)o;
+    (buf->next)++;
+    return 0;
 }
 #endif
 
index d743a5317b0bb95cc1ac7a391ebd2434bf38a0eb..22e42a3360f971b8384e05b1573ed6cf3586bef1 100644 (file)
@@ -39,7 +39,7 @@ asn1_error_code retval;\
 asn1buf buf;\
 \
 retval = asn1buf_wrap_data(&buf,code);\
-if(retval) return retval
+if (retval) return retval
 
 #define setup_no_tagnum()\
 asn1_class asn1class;\
@@ -60,7 +60,7 @@ setup_no_length()
 /* alloc_field is the first thing to allocate storage that may need cleanup */
 #define alloc_field(var,type)\
 var = (type*)calloc(1,sizeof(type));\
-if((var) == NULL) clean_return(ENOMEM)
+if ((var) == NULL) clean_return(ENOMEM)
 
 /* process encoding header ***************************************/
 /* decode tag and check that it == [APPLICATION tagnum] */
@@ -85,7 +85,7 @@ if((var) == NULL) clean_return(ENOMEM)
 #define next_tag()                             \
 { taginfo t2;                                  \
   retval = asn1_get_tag_2(&subbuf, &t2);       \
-  if(retval) clean_return(retval);             \
+  if (retval) clean_return(retval);            \
   asn1class = t2.asn1class;                    \
   construction = t2.construction;              \
   tagnum = t2.tagnum;                          \
@@ -120,9 +120,9 @@ asn1buf subbuf;\
 int seqindef;\
 int indef;\
 retval = asn1_get_sequence(&buf,&length,&seqindef);\
-if(retval) clean_return(retval);\
+if (retval) clean_return(retval);\
 retval = asn1buf_imbed(&subbuf,&buf,length,seqindef);\
-if(retval) clean_return(retval);\
+if (retval) clean_return(retval);\
 next_tag()
 
 #define end_structure()\
@@ -133,7 +133,7 @@ if (retval) clean_return(retval)
 /* normal fields ************************/
 #define get_field_body(var,decoder)\
 retval = decoder(&subbuf,&(var));\
-if(retval) clean_return(retval);\
+if (retval) clean_return(retval);\
 if (indef) { get_eoc(); }\
 next_tag()
 
@@ -152,7 +152,7 @@ next_tag()
     get the next tag */
 #define get_field(var,tagexpect,decoder)\
 error_if_bad_tag(tagexpect);\
-if(asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)\
+if (asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)\
   clean_return(ASN1_BAD_ID);\
 get_field_body(var,decoder)
 
@@ -169,14 +169,14 @@ get_field_body(var,decoder)
 /* field w/ accompanying length *********/
 #define get_lenfield_body(len,var,decoder)\
 retval = decoder(&subbuf,&(len),&(var));\
-if(retval) clean_return(retval);\
+if (retval) clean_return(retval);\
 if (indef) { get_eoc(); }\
 next_tag()
 
 /* decode a field w/ its length (for string types) */
 #define get_lenfield(len,var,tagexpect,decoder)\
 error_if_bad_tag(tagexpect);\
-if(asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)\
+if (asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)\
   clean_return(ASN1_BAD_ID);\
 get_lenfield_body(len,var,decoder)
 
@@ -216,42 +216,42 @@ error_out: \
 
 krb5_error_code decode_krb5_authenticator(const krb5_data *code, krb5_authenticator **rep)
 {
-  setup();
-  alloc_field(*rep,krb5_authenticator);
-  clear_field(rep,subkey);
-  clear_field(rep,checksum);
-  clear_field(rep,client);
-
-  check_apptag(2);
-  { begin_structure();
-    { krb5_kvno kvno;
-      get_field(kvno,0,asn1_decode_kvno);
-      if(kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
-    alloc_field((*rep)->client,krb5_principal_data);
-    get_field((*rep)->client,1,asn1_decode_realm);
-    get_field((*rep)->client,2,asn1_decode_principal_name);
-    if(tagnum == 3){
-      alloc_field((*rep)->checksum,krb5_checksum);
-      get_field(*((*rep)->checksum),3,asn1_decode_checksum); }
-    get_field((*rep)->cusec,4,asn1_decode_int32);
-    get_field((*rep)->ctime,5,asn1_decode_kerberos_time);
-    if(tagnum == 6){ alloc_field((*rep)->subkey,krb5_keyblock); }
-    opt_field(*((*rep)->subkey),6,asn1_decode_encryption_key);
-    opt_field((*rep)->seq_number,7,asn1_decode_seqnum);
-    opt_field((*rep)->authorization_data,8,asn1_decode_authorization_data);
-    (*rep)->magic = KV5M_AUTHENTICATOR;
-    end_structure();
-  }
-  cleanup_manual();
+    setup();
+    alloc_field(*rep,krb5_authenticator);
+    clear_field(rep,subkey);
+    clear_field(rep,checksum);
+    clear_field(rep,client);
+
+    check_apptag(2);
+    { begin_structure();
+       { krb5_kvno kvno;
+           get_field(kvno,0,asn1_decode_kvno);
+           if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
+       alloc_field((*rep)->client,krb5_principal_data);
+       get_field((*rep)->client,1,asn1_decode_realm);
+       get_field((*rep)->client,2,asn1_decode_principal_name);
+       if (tagnum == 3) {
+           alloc_field((*rep)->checksum,krb5_checksum);
+           get_field(*((*rep)->checksum),3,asn1_decode_checksum); }
+       get_field((*rep)->cusec,4,asn1_decode_int32);
+       get_field((*rep)->ctime,5,asn1_decode_kerberos_time);
+       if (tagnum == 6) { alloc_field((*rep)->subkey,krb5_keyblock); }
+       opt_field(*((*rep)->subkey),6,asn1_decode_encryption_key);
+       opt_field((*rep)->seq_number,7,asn1_decode_seqnum);
+       opt_field((*rep)->authorization_data,8,asn1_decode_authorization_data);
+       (*rep)->magic = KV5M_AUTHENTICATOR;
+       end_structure();
+    }
+    cleanup_manual();
 error_out:
-  if (rep && *rep) {
-      free_field(*rep,subkey);
-      free_field(*rep,checksum);
-      free_field(*rep,client);
-      free(*rep);
-      *rep = NULL;
-  }
-  return retval;
+    if (rep && *rep) {
+       free_field(*rep,subkey);
+       free_field(*rep,checksum);
+       free_field(*rep,client);
+       free(*rep);
+       *rep = NULL;
+    }
+    return retval;
 }
 
 krb5_error_code
@@ -263,258 +263,258 @@ krb5_decode_ticket(const krb5_data *code, krb5_ticket **rep)
 
 krb5_error_code decode_krb5_ticket(const krb5_data *code, krb5_ticket **rep)
 {
-  setup();
-  alloc_field(*rep,krb5_ticket);
-  clear_field(rep,server);
+    setup();
+    alloc_field(*rep,krb5_ticket);
+    clear_field(rep,server);
   
-  check_apptag(1);
-  { begin_structure();
-    { krb5_kvno kvno;
-      get_field(kvno,0,asn1_decode_kvno);
-      if(kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO);
+    check_apptag(1);
+    { begin_structure();
+       { krb5_kvno kvno;
+           get_field(kvno,0,asn1_decode_kvno);
+           if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO);
+       }
+       alloc_field((*rep)->server,krb5_principal_data);
+       get_field((*rep)->server,1,asn1_decode_realm);
+       get_field((*rep)->server,2,asn1_decode_principal_name);
+       get_field((*rep)->enc_part,3,asn1_decode_encrypted_data);
+       (*rep)->magic = KV5M_TICKET;
+       end_structure();
     }
-    alloc_field((*rep)->server,krb5_principal_data);
-    get_field((*rep)->server,1,asn1_decode_realm);
-    get_field((*rep)->server,2,asn1_decode_principal_name);
-    get_field((*rep)->enc_part,3,asn1_decode_encrypted_data);
-    (*rep)->magic = KV5M_TICKET;
-    end_structure();
-  }
-  cleanup_manual();
+    cleanup_manual();
 error_out:
-  if (rep && *rep) {
-      free_field(*rep,server);
-      free(*rep);
-      *rep = NULL;
-  }
-  return retval;
+    if (rep && *rep) {
+       free_field(*rep,server);
+       free(*rep);
+       *rep = NULL;
+    }
+    return retval;
 }
 
 krb5_error_code decode_krb5_encryption_key(const krb5_data *code, krb5_keyblock **rep)
 {
-  setup();
-  alloc_field(*rep,krb5_keyblock);
-
-  { begin_structure();
-    get_field((*rep)->enctype,0,asn1_decode_enctype);
-    get_lenfield((*rep)->length,(*rep)->contents,1,asn1_decode_octetstring);
-    end_structure();
-    (*rep)->magic = KV5M_KEYBLOCK;
-  }
-  cleanup(free);
+    setup();
+    alloc_field(*rep,krb5_keyblock);
+
+    { begin_structure();
+       get_field((*rep)->enctype,0,asn1_decode_enctype);
+       get_lenfield((*rep)->length,(*rep)->contents,1,asn1_decode_octetstring);
+       end_structure();
+       (*rep)->magic = KV5M_KEYBLOCK;
+    }
+    cleanup(free);
 }
 
 krb5_error_code decode_krb5_enc_tkt_part(const krb5_data *code, krb5_enc_tkt_part **rep)
 {
-  setup();
-  alloc_field(*rep,krb5_enc_tkt_part);
-  clear_field(rep,session);
-  clear_field(rep,client);
-
-  check_apptag(3);
-  { begin_structure();
-    get_field((*rep)->flags,0,asn1_decode_ticket_flags);
-    alloc_field((*rep)->session,krb5_keyblock);
-    get_field(*((*rep)->session),1,asn1_decode_encryption_key);
-    alloc_field((*rep)->client,krb5_principal_data);
-    get_field((*rep)->client,2,asn1_decode_realm);
-    get_field((*rep)->client,3,asn1_decode_principal_name);
-    get_field((*rep)->transited,4,asn1_decode_transited_encoding);
-    get_field((*rep)->times.authtime,5,asn1_decode_kerberos_time);
-    if (tagnum == 6)
-      { get_field((*rep)->times.starttime,6,asn1_decode_kerberos_time); }
-    else
-      (*rep)->times.starttime=(*rep)->times.authtime;
-    get_field((*rep)->times.endtime,7,asn1_decode_kerberos_time);
-    opt_field((*rep)->times.renew_till,8,asn1_decode_kerberos_time);
-    opt_field((*rep)->caddrs,9,asn1_decode_host_addresses);
-    opt_field((*rep)->authorization_data,10,asn1_decode_authorization_data);
-    (*rep)->magic = KV5M_ENC_TKT_PART;
-    end_structure();
-  }
-  cleanup_manual();
+    setup();
+    alloc_field(*rep,krb5_enc_tkt_part);
+    clear_field(rep,session);
+    clear_field(rep,client);
+
+    check_apptag(3);
+    { begin_structure();
+       get_field((*rep)->flags,0,asn1_decode_ticket_flags);
+       alloc_field((*rep)->session,krb5_keyblock);
+       get_field(*((*rep)->session),1,asn1_decode_encryption_key);
+       alloc_field((*rep)->client,krb5_principal_data);
+       get_field((*rep)->client,2,asn1_decode_realm);
+       get_field((*rep)->client,3,asn1_decode_principal_name);
+       get_field((*rep)->transited,4,asn1_decode_transited_encoding);
+       get_field((*rep)->times.authtime,5,asn1_decode_kerberos_time);
+       if (tagnum == 6)
+       { get_field((*rep)->times.starttime,6,asn1_decode_kerberos_time); }
+       else
+           (*rep)->times.starttime=(*rep)->times.authtime;
+       get_field((*rep)->times.endtime,7,asn1_decode_kerberos_time);
+       opt_field((*rep)->times.renew_till,8,asn1_decode_kerberos_time);
+       opt_field((*rep)->caddrs,9,asn1_decode_host_addresses);
+       opt_field((*rep)->authorization_data,10,asn1_decode_authorization_data);
+       (*rep)->magic = KV5M_ENC_TKT_PART;
+       end_structure();
+    }
+    cleanup_manual();
 error_out:
-  if (rep && *rep) {
-      free_field(*rep,session);
-      free_field(*rep,client);
-      free(*rep);
-      *rep = NULL;
-  }
-  return retval;
+    if (rep && *rep) {
+       free_field(*rep,session);
+       free_field(*rep,client);
+       free(*rep);
+       *rep = NULL;
+    }
+    return retval;
 }
 
 krb5_error_code decode_krb5_enc_kdc_rep_part(const krb5_data *code, krb5_enc_kdc_rep_part **rep)
 {
-  taginfo t4;
-  setup_buf_only();
-  alloc_field(*rep,krb5_enc_kdc_rep_part);
+    taginfo t4;
+    setup_buf_only();
+    alloc_field(*rep,krb5_enc_kdc_rep_part);
 
-  retval = asn1_get_tag_2(&buf, &t4);
-  if (retval) clean_return(retval);
-  if (t4.asn1class != APPLICATION || t4.construction != CONSTRUCTED) clean_return(ASN1_BAD_ID);
-  if (t4.tagnum == 25) (*rep)->msg_type = KRB5_AS_REP;
-  else if(t4.tagnum == 26) (*rep)->msg_type = KRB5_TGS_REP;
-  else clean_return(KRB5_BADMSGTYPE);
+    retval = asn1_get_tag_2(&buf, &t4);
+    if (retval) clean_return(retval);
+    if (t4.asn1class != APPLICATION || t4.construction != CONSTRUCTED) clean_return(ASN1_BAD_ID);
+    if (t4.tagnum == 25) (*rep)->msg_type = KRB5_AS_REP;
+    else if (t4.tagnum == 26) (*rep)->msg_type = KRB5_TGS_REP;
+    else clean_return(KRB5_BADMSGTYPE);
 
-  retval = asn1_decode_enc_kdc_rep_part(&buf,*rep);
-  if(retval) clean_return(retval);
+    retval = asn1_decode_enc_kdc_rep_part(&buf,*rep);
+    if (retval) clean_return(retval);
 
-  cleanup(free);
+    cleanup(free);
 }
 
 krb5_error_code decode_krb5_as_rep(const krb5_data *code, krb5_kdc_rep **rep)
 {
-  setup_no_length();
-  alloc_field(*rep,krb5_kdc_rep);
+    setup_no_length();
+    alloc_field(*rep,krb5_kdc_rep);
 
-  check_apptag(11);
-  retval = asn1_decode_kdc_rep(&buf,*rep);
-  if(retval) clean_return(retval);
+    check_apptag(11);
+    retval = asn1_decode_kdc_rep(&buf,*rep);
+    if (retval) clean_return(retval);
 #ifdef KRB5_MSGTYPE_STRICT
-  if((*rep)->msg_type != KRB5_AS_REP)
-    clean_return(KRB5_BADMSGTYPE);
+    if ((*rep)->msg_type != KRB5_AS_REP)
+       clean_return(KRB5_BADMSGTYPE);
 #endif
 
-  cleanup(free);
+    cleanup(free);
 }
 
 krb5_error_code decode_krb5_tgs_rep(const krb5_data *code, krb5_kdc_rep **rep)
 {
-  setup_no_length();
-  alloc_field(*rep,krb5_kdc_rep);
+    setup_no_length();
+    alloc_field(*rep,krb5_kdc_rep);
 
-  check_apptag(13);
-  retval = asn1_decode_kdc_rep(&buf,*rep);
-  if(retval) clean_return(retval);
+    check_apptag(13);
+    retval = asn1_decode_kdc_rep(&buf,*rep);
+    if (retval) clean_return(retval);
 #ifdef KRB5_MSGTYPE_STRICT
-  if((*rep)->msg_type != KRB5_TGS_REP) clean_return(KRB5_BADMSGTYPE);
+    if ((*rep)->msg_type != KRB5_TGS_REP) clean_return(KRB5_BADMSGTYPE);
 #endif
 
-  cleanup(free);
+    cleanup(free);
 }
 
 krb5_error_code decode_krb5_ap_req(const krb5_data *code, krb5_ap_req **rep)
 {
-  setup();
-  alloc_field(*rep,krb5_ap_req);
-  clear_field(rep,ticket);
-
-  check_apptag(14);
-  { begin_structure();
-    { krb5_kvno kvno;
-      get_field(kvno,0,asn1_decode_kvno);
-      if(kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
-    { krb5_msgtype msg_type;
-      get_field(msg_type,1,asn1_decode_msgtype);
+    setup();
+    alloc_field(*rep,krb5_ap_req);
+    clear_field(rep,ticket);
+
+    check_apptag(14);
+    { begin_structure();
+       { krb5_kvno kvno;
+           get_field(kvno,0,asn1_decode_kvno);
+           if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
+       { krb5_msgtype msg_type;
+           get_field(msg_type,1,asn1_decode_msgtype);
 #ifdef KRB5_MSGTYPE_STRICT
-      if(msg_type != KRB5_AP_REQ) clean_return(KRB5_BADMSGTYPE);
+           if (msg_type != KRB5_AP_REQ) clean_return(KRB5_BADMSGTYPE);
 #endif
+       }
+       get_field((*rep)->ap_options,2,asn1_decode_ap_options);
+       alloc_field((*rep)->ticket,krb5_ticket);
+       get_field(*((*rep)->ticket),3,asn1_decode_ticket);
+       get_field((*rep)->authenticator,4,asn1_decode_encrypted_data);
+       end_structure();
+       (*rep)->magic = KV5M_AP_REQ;
     }
-    get_field((*rep)->ap_options,2,asn1_decode_ap_options);
-    alloc_field((*rep)->ticket,krb5_ticket);
-    get_field(*((*rep)->ticket),3,asn1_decode_ticket);
-    get_field((*rep)->authenticator,4,asn1_decode_encrypted_data);
-    end_structure();
-    (*rep)->magic = KV5M_AP_REQ;
-  }
-  cleanup_manual();
+    cleanup_manual();
 error_out:
-  if (rep && *rep) {
-      free_field(*rep,ticket);
-      free(*rep);
-      *rep = NULL;
-  }
-  return retval;
+    if (rep && *rep) {
+       free_field(*rep,ticket);
+       free(*rep);
+       *rep = NULL;
+    }
+    return retval;
 }
 
 krb5_error_code decode_krb5_ap_rep(const krb5_data *code, krb5_ap_rep **rep)
 {
-  setup();
-  alloc_field(*rep,krb5_ap_rep);
-
-  check_apptag(15);
-  { begin_structure();
-    { krb5_kvno kvno;
-      get_field(kvno,0,asn1_decode_kvno);
-      if(kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
-    { krb5_msgtype msg_type;
-      get_field(msg_type,1,asn1_decode_msgtype);
+    setup();
+    alloc_field(*rep,krb5_ap_rep);
+
+    check_apptag(15);
+    { begin_structure();
+       { krb5_kvno kvno;
+           get_field(kvno,0,asn1_decode_kvno);
+           if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
+       { krb5_msgtype msg_type;
+           get_field(msg_type,1,asn1_decode_msgtype);
 #ifdef KRB5_MSGTYPE_STRICT
-      if(msg_type != KRB5_AP_REP) clean_return(KRB5_BADMSGTYPE);
+           if (msg_type != KRB5_AP_REP) clean_return(KRB5_BADMSGTYPE);
 #endif
+       }
+       get_field((*rep)->enc_part,2,asn1_decode_encrypted_data);
+       end_structure();
+       (*rep)->magic = KV5M_AP_REP;
     }
-    get_field((*rep)->enc_part,2,asn1_decode_encrypted_data);
-    end_structure();
-    (*rep)->magic = KV5M_AP_REP;
-  }
-  cleanup(free);
+    cleanup(free);
 }
 
 krb5_error_code decode_krb5_ap_rep_enc_part(const krb5_data *code, krb5_ap_rep_enc_part **rep)
 {
-  setup();
-  alloc_field(*rep,krb5_ap_rep_enc_part);
-  clear_field(rep,subkey);
-
-  check_apptag(27);
-  { begin_structure();
-    get_field((*rep)->ctime,0,asn1_decode_kerberos_time);
-    get_field((*rep)->cusec,1,asn1_decode_int32);
-    if(tagnum == 2){ alloc_field((*rep)->subkey,krb5_keyblock); }
-    opt_field(*((*rep)->subkey),2,asn1_decode_encryption_key);
-    opt_field((*rep)->seq_number,3,asn1_decode_seqnum);
-    end_structure();
-    (*rep)->magic = KV5M_AP_REP_ENC_PART;
-  }
-  cleanup_manual();
+    setup();
+    alloc_field(*rep,krb5_ap_rep_enc_part);
+    clear_field(rep,subkey);
+
+    check_apptag(27);
+    { begin_structure();
+       get_field((*rep)->ctime,0,asn1_decode_kerberos_time);
+       get_field((*rep)->cusec,1,asn1_decode_int32);
+       if (tagnum == 2) { alloc_field((*rep)->subkey,krb5_keyblock); }
+       opt_field(*((*rep)->subkey),2,asn1_decode_encryption_key);
+       opt_field((*rep)->seq_number,3,asn1_decode_seqnum);
+       end_structure();
+       (*rep)->magic = KV5M_AP_REP_ENC_PART;
+    }
+    cleanup_manual();
 error_out:
-  if (rep && *rep) {
-      free_field(*rep,subkey);
-      free(*rep);
-      *rep = NULL;
-  }
-  return retval;
+    if (rep && *rep) {
+       free_field(*rep,subkey);
+       free(*rep);
+       *rep = NULL;
+    }
+    return retval;
 }
 
 krb5_error_code decode_krb5_as_req(const krb5_data *code, krb5_kdc_req **rep)
 {
-  setup_no_length();
-  alloc_field(*rep,krb5_kdc_req);
+    setup_no_length();
+    alloc_field(*rep,krb5_kdc_req);
 
-  check_apptag(10);
-  retval = asn1_decode_kdc_req(&buf,*rep);
-  if(retval) clean_return(retval);
+    check_apptag(10);
+    retval = asn1_decode_kdc_req(&buf,*rep);
+    if (retval) clean_return(retval);
 #ifdef KRB5_MSGTYPE_STRICT
-  if((*rep)->msg_type != KRB5_AS_REQ) clean_return(KRB5_BADMSGTYPE);
+    if ((*rep)->msg_type != KRB5_AS_REQ) clean_return(KRB5_BADMSGTYPE);
 #endif
   
-  cleanup(free);
+    cleanup(free);
 }
 
 krb5_error_code decode_krb5_tgs_req(const krb5_data *code, krb5_kdc_req **rep)
 {
-  setup_no_length();
-  alloc_field(*rep,krb5_kdc_req);
+    setup_no_length();
+    alloc_field(*rep,krb5_kdc_req);
 
-  check_apptag(12);
-  retval = asn1_decode_kdc_req(&buf,*rep);
-  if(retval) clean_return(retval);
+    check_apptag(12);
+    retval = asn1_decode_kdc_req(&buf,*rep);
+    if (retval) clean_return(retval);
 #ifdef KRB5_MSGTYPE_STRICT
-  if((*rep)->msg_type != KRB5_TGS_REQ) clean_return(KRB5_BADMSGTYPE);
+    if ((*rep)->msg_type != KRB5_TGS_REQ) clean_return(KRB5_BADMSGTYPE);
 #endif
   
-  cleanup(free);
+    cleanup(free);
 }
 
 krb5_error_code decode_krb5_kdc_req_body(const krb5_data *code, krb5_kdc_req **rep)
 {
-  setup_buf_only();
-  alloc_field(*rep,krb5_kdc_req);
+    setup_buf_only();
+    alloc_field(*rep,krb5_kdc_req);
 
-  retval = asn1_decode_kdc_req_body(&buf,*rep);
-  if(retval) clean_return(retval);
+    retval = asn1_decode_kdc_req_body(&buf,*rep);
+    if (retval) clean_return(retval);
 
-  cleanup(free);
+    cleanup(free);
 }
 
 /*
@@ -532,281 +532,281 @@ krb5_error_code decode_krb5_kdc_req_body(const krb5_data *code, krb5_kdc_req **r
  * encoded KRB-SAFE-BODY points into the input buffer.
  */
 krb5_error_code decode_krb5_safe_with_body(
-  const krb5_data *code,
-  krb5_safe **rep,
-  krb5_data *body)
+    const krb5_data *code,
+    krb5_safe **rep,
+    krb5_data *body)
 {
-  krb5_data tmpbody;
-  setup();
-  alloc_field(*rep,krb5_safe);
-  clear_field(rep,checksum);
-  tmpbody.magic = 0;
-
-  check_apptag(20);
-  { begin_structure();
-    { krb5_kvno kvno;
-      get_field(kvno,0,asn1_decode_kvno);
-      if(kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
-    { krb5_msgtype msg_type;
-      get_field(msg_type,1,asn1_decode_msgtype);
+    krb5_data tmpbody;
+    setup();
+    alloc_field(*rep,krb5_safe);
+    clear_field(rep,checksum);
+    tmpbody.magic = 0;
+
+    check_apptag(20);
+    { begin_structure();
+       { krb5_kvno kvno;
+           get_field(kvno,0,asn1_decode_kvno);
+           if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
+       { krb5_msgtype msg_type;
+           get_field(msg_type,1,asn1_decode_msgtype);
 #ifdef KRB5_MSGTYPE_STRICT
-      if(msg_type != KRB5_SAFE) clean_return(KRB5_BADMSGTYPE);
+           if (msg_type != KRB5_SAFE) clean_return(KRB5_BADMSGTYPE);
 #endif
+       }
+       /*
+        * Gross kludge to extract pointer to encoded safe-body.  Relies
+        * on tag prefetch done by next_tag().  Don't handle indefinite
+        * encoding, as it's too much work.
+        */
+       if (!indef) {
+           tmpbody.length = taglen;
+           tmpbody.data = subbuf.next;
+       } else {
+           tmpbody.length = 0;
+           tmpbody.data = NULL;
+       }
+       get_field(**rep,2,asn1_decode_krb_safe_body);
+       alloc_field((*rep)->checksum,krb5_checksum);
+       get_field(*((*rep)->checksum),3,asn1_decode_checksum);
+       (*rep)->magic = KV5M_SAFE;
+       end_structure();
     }
-    /*
-     * Gross kludge to extract pointer to encoded safe-body.  Relies
-     * on tag prefetch done by next_tag().  Don't handle indefinite
-     * encoding, as it's too much work.
-     */
-    if (!indef) {
-      tmpbody.length = taglen;
-      tmpbody.data = subbuf.next;
-    } else {
-      tmpbody.length = 0;
-      tmpbody.data = NULL;
-    }
-    get_field(**rep,2,asn1_decode_krb_safe_body);
-    alloc_field((*rep)->checksum,krb5_checksum);
-    get_field(*((*rep)->checksum),3,asn1_decode_checksum);
-  (*rep)->magic = KV5M_SAFE;
-    end_structure();
-  }
-  if (body != NULL)
-    *body = tmpbody;
-  cleanup_manual();
+    if (body != NULL)
+       *body = tmpbody;
+    cleanup_manual();
 error_out:
-  if (rep && *rep) {
-      free_field(*rep,checksum);
-      free(*rep);
-      *rep = NULL;
-  }
-  return retval;
+    if (rep && *rep) {
+       free_field(*rep,checksum);
+       free(*rep);
+       *rep = NULL;
+    }
+    return retval;
 }
 
 krb5_error_code decode_krb5_safe(const krb5_data *code, krb5_safe **rep)
 {
-  return decode_krb5_safe_with_body(code, rep, NULL);
+    return decode_krb5_safe_with_body(code, rep, NULL);
 }
 
 krb5_error_code decode_krb5_priv(const krb5_data *code, krb5_priv **rep)
 {
-  setup();
-  alloc_field(*rep,krb5_priv);
-
-  check_apptag(21);
-  { begin_structure();
-    { krb5_kvno kvno;
-      get_field(kvno,0,asn1_decode_kvno);
-      if(kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
-    { krb5_msgtype msg_type;
-      get_field(msg_type,1,asn1_decode_msgtype);
+    setup();
+    alloc_field(*rep,krb5_priv);
+
+    check_apptag(21);
+    { begin_structure();
+       { krb5_kvno kvno;
+           get_field(kvno,0,asn1_decode_kvno);
+           if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
+       { krb5_msgtype msg_type;
+           get_field(msg_type,1,asn1_decode_msgtype);
 #ifdef KRB5_MSGTYPE_STRICT
-      if(msg_type != KRB5_PRIV) clean_return(KRB5_BADMSGTYPE);
+           if (msg_type != KRB5_PRIV) clean_return(KRB5_BADMSGTYPE);
 #endif
+       }
+       get_field((*rep)->enc_part,3,asn1_decode_encrypted_data);
+       (*rep)->magic = KV5M_PRIV;
+       end_structure();
     }
-    get_field((*rep)->enc_part,3,asn1_decode_encrypted_data);
-    (*rep)->magic = KV5M_PRIV;
-    end_structure();
-  }
-  cleanup(free);
+    cleanup(free);
 }
 
 krb5_error_code decode_krb5_enc_priv_part(const krb5_data *code, krb5_priv_enc_part **rep)
 {
-  setup();
-  alloc_field(*rep,krb5_priv_enc_part);
-  clear_field(rep,r_address);
-  clear_field(rep,s_address);
-
-  check_apptag(28);
-  { begin_structure();
-    get_lenfield((*rep)->user_data.length,(*rep)->user_data.data,0,asn1_decode_charstring);
-    opt_field((*rep)->timestamp,1,asn1_decode_kerberos_time);
-    opt_field((*rep)->usec,2,asn1_decode_int32);
-    opt_field((*rep)->seq_number,3,asn1_decode_seqnum);
-    alloc_field((*rep)->s_address,krb5_address);
-    get_field(*((*rep)->s_address),4,asn1_decode_host_address);
-    if(tagnum == 5){ alloc_field((*rep)->r_address,krb5_address); }
-    opt_field(*((*rep)->r_address),5,asn1_decode_host_address);
-    (*rep)->magic = KV5M_PRIV_ENC_PART;
-    end_structure();
-  }
-  cleanup_manual();
+    setup();
+    alloc_field(*rep,krb5_priv_enc_part);
+    clear_field(rep,r_address);
+    clear_field(rep,s_address);
+
+    check_apptag(28);
+    { begin_structure();
+       get_lenfield((*rep)->user_data.length,(*rep)->user_data.data,0,asn1_decode_charstring);
+       opt_field((*rep)->timestamp,1,asn1_decode_kerberos_time);
+       opt_field((*rep)->usec,2,asn1_decode_int32);
+       opt_field((*rep)->seq_number,3,asn1_decode_seqnum);
+       alloc_field((*rep)->s_address,krb5_address);
+       get_field(*((*rep)->s_address),4,asn1_decode_host_address);
+       if (tagnum == 5) { alloc_field((*rep)->r_address,krb5_address); }
+       opt_field(*((*rep)->r_address),5,asn1_decode_host_address);
+       (*rep)->magic = KV5M_PRIV_ENC_PART;
+       end_structure();
+    }
+    cleanup_manual();
 error_out:
-  if (rep && *rep) {
-      free_field(*rep,r_address);
-      free_field(*rep,s_address);
-      free(*rep);
-      *rep = NULL;
-  }
-  return retval;
+    if (rep && *rep) {
+       free_field(*rep,r_address);
+       free_field(*rep,s_address);
+       free(*rep);
+       *rep = NULL;
+    }
+    return retval;
 }
 
 krb5_error_code decode_krb5_cred(const krb5_data *code, krb5_cred **rep)
 {
-  setup();
-  alloc_field(*rep,krb5_cred);
-
-  check_apptag(22);
-  { begin_structure();
-    { krb5_kvno kvno;
-      get_field(kvno,0,asn1_decode_kvno);
-      if(kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
-    { krb5_msgtype msg_type;
-      get_field(msg_type,1,asn1_decode_msgtype);
+    setup();
+    alloc_field(*rep,krb5_cred);
+
+    check_apptag(22);
+    { begin_structure();
+       { krb5_kvno kvno;
+           get_field(kvno,0,asn1_decode_kvno);
+           if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
+       { krb5_msgtype msg_type;
+           get_field(msg_type,1,asn1_decode_msgtype);
 #ifdef KRB5_MSGTYPE_STRICT
-      if(msg_type != KRB5_CRED) clean_return(KRB5_BADMSGTYPE);
+           if (msg_type != KRB5_CRED) clean_return(KRB5_BADMSGTYPE);
 #endif
+       }
+       get_field((*rep)->tickets,2,asn1_decode_sequence_of_ticket);
+       get_field((*rep)->enc_part,3,asn1_decode_encrypted_data);
+       (*rep)->magic = KV5M_CRED;
+       end_structure();
     }
-    get_field((*rep)->tickets,2,asn1_decode_sequence_of_ticket);
-    get_field((*rep)->enc_part,3,asn1_decode_encrypted_data);
-    (*rep)->magic = KV5M_CRED;
-    end_structure();
-  }
-  cleanup(free);
+    cleanup(free);
 }
 
 krb5_error_code decode_krb5_enc_cred_part(const krb5_data *code, krb5_cred_enc_part **rep)
 {
-  setup();
-  alloc_field(*rep,krb5_cred_enc_part);
-  clear_field(rep,r_address);
-  clear_field(rep,s_address);
-
-  check_apptag(29);
-  { begin_structure();
-    get_field((*rep)->ticket_info,0,asn1_decode_sequence_of_krb_cred_info);
-    opt_field((*rep)->nonce,1,asn1_decode_int32);
-    opt_field((*rep)->timestamp,2,asn1_decode_kerberos_time);
-    opt_field((*rep)->usec,3,asn1_decode_int32);
-    if(tagnum == 4){ alloc_field((*rep)->s_address,krb5_address); }
-    opt_field(*((*rep)->s_address),4,asn1_decode_host_address);
-    if(tagnum == 5){ alloc_field((*rep)->r_address,krb5_address); }
-    opt_field(*((*rep)->r_address),5,asn1_decode_host_address);
-    (*rep)->magic = KV5M_CRED_ENC_PART;
-    end_structure();
-  }
-  cleanup_manual();
+    setup();
+    alloc_field(*rep,krb5_cred_enc_part);
+    clear_field(rep,r_address);
+    clear_field(rep,s_address);
+
+    check_apptag(29);
+    { begin_structure();
+       get_field((*rep)->ticket_info,0,asn1_decode_sequence_of_krb_cred_info);
+       opt_field((*rep)->nonce,1,asn1_decode_int32);
+       opt_field((*rep)->timestamp,2,asn1_decode_kerberos_time);
+       opt_field((*rep)->usec,3,asn1_decode_int32);
+       if (tagnum == 4) { alloc_field((*rep)->s_address,krb5_address); }
+       opt_field(*((*rep)->s_address),4,asn1_decode_host_address);
+       if (tagnum == 5) { alloc_field((*rep)->r_address,krb5_address); }
+       opt_field(*((*rep)->r_address),5,asn1_decode_host_address);
+       (*rep)->magic = KV5M_CRED_ENC_PART;
+       end_structure();
+    }
+    cleanup_manual();
 error_out:
-  if (rep && *rep) {
-      free_field(*rep,r_address);
-      free_field(*rep,s_address);
-      free(*rep);
-      *rep = NULL;
-  }
-  return retval;
+    if (rep && *rep) {
+       free_field(*rep,r_address);
+       free_field(*rep,s_address);
+       free(*rep);
+       *rep = NULL;
+    }
+    return retval;
 }
 
 
 krb5_error_code decode_krb5_error(const krb5_data *code, krb5_error **rep)
 {
-  setup();
-  alloc_field(*rep,krb5_error);
-  clear_field(rep,server);
-  clear_field(rep,client);
+    setup();
+    alloc_field(*rep,krb5_error);
+    clear_field(rep,server);
+    clear_field(rep,client);
   
-  check_apptag(30);
-  { begin_structure();
-    { krb5_kvno kvno;
-      get_field(kvno,0,asn1_decode_kvno);
-      if(kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
-    { krb5_msgtype msg_type;
-      get_field(msg_type,1,asn1_decode_msgtype);
+    check_apptag(30);
+    { begin_structure();
+       { krb5_kvno kvno;
+           get_field(kvno,0,asn1_decode_kvno);
+           if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
+       { krb5_msgtype msg_type;
+           get_field(msg_type,1,asn1_decode_msgtype);
 #ifdef KRB5_MSGTYPE_STRICT
-      if(msg_type != KRB5_ERROR) clean_return(KRB5_BADMSGTYPE);
+           if (msg_type != KRB5_ERROR) clean_return(KRB5_BADMSGTYPE);
 #endif
+       }
+       opt_field((*rep)->ctime,2,asn1_decode_kerberos_time);
+       opt_field((*rep)->cusec,3,asn1_decode_int32);
+       get_field((*rep)->stime,4,asn1_decode_kerberos_time);
+       get_field((*rep)->susec,5,asn1_decode_int32);
+       get_field((*rep)->error,6,asn1_decode_ui_4);
+       if (tagnum == 7) { alloc_field((*rep)->client,krb5_principal_data); }
+       opt_field((*rep)->client,7,asn1_decode_realm);
+       opt_field((*rep)->client,8,asn1_decode_principal_name);
+       alloc_field((*rep)->server,krb5_principal_data);
+       get_field((*rep)->server,9,asn1_decode_realm);
+       get_field((*rep)->server,10,asn1_decode_principal_name);
+       opt_lenfield((*rep)->text.length,(*rep)->text.data,11,asn1_decode_generalstring);
+       opt_lenfield((*rep)->e_data.length,(*rep)->e_data.data,12,asn1_decode_charstring);
+       (*rep)->magic = KV5M_ERROR;
+       end_structure();
     }
-    opt_field((*rep)->ctime,2,asn1_decode_kerberos_time);
-    opt_field((*rep)->cusec,3,asn1_decode_int32);
-    get_field((*rep)->stime,4,asn1_decode_kerberos_time);
-    get_field((*rep)->susec,5,asn1_decode_int32);
-    get_field((*rep)->error,6,asn1_decode_ui_4);
-    if(tagnum == 7){ alloc_field((*rep)->client,krb5_principal_data); }
-    opt_field((*rep)->client,7,asn1_decode_realm);
-    opt_field((*rep)->client,8,asn1_decode_principal_name);
-    alloc_field((*rep)->server,krb5_principal_data);
-    get_field((*rep)->server,9,asn1_decode_realm);
-    get_field((*rep)->server,10,asn1_decode_principal_name);
-    opt_lenfield((*rep)->text.length,(*rep)->text.data,11,asn1_decode_generalstring);
-    opt_lenfield((*rep)->e_data.length,(*rep)->e_data.data,12,asn1_decode_charstring);
-    (*rep)->magic = KV5M_ERROR;
-    end_structure();
-  }
-  cleanup_manual();
+    cleanup_manual();
 error_out:
-  if (rep && *rep) {
-      free_field(*rep,server);
-      free_field(*rep,client);
-      free(*rep);
-      *rep = NULL;
-  }
-  return retval;
+    if (rep && *rep) {
+       free_field(*rep,server);
+       free_field(*rep,client);
+       free(*rep);
+       *rep = NULL;
+    }
+    return retval;
 }
 
 krb5_error_code decode_krb5_authdata(const krb5_data *code, krb5_authdata ***rep)
 {
-  setup_buf_only();
-  *rep = 0;
-  retval = asn1_decode_authorization_data(&buf,rep);
-  if(retval) clean_return(retval);
-  cleanup_none();              /* we're not allocating anything here... */
+    setup_buf_only();
+    *rep = 0;
+    retval = asn1_decode_authorization_data(&buf,rep);
+    if (retval) clean_return(retval);
+    cleanup_none();            /* we're not allocating anything here... */
 }
 
 krb5_error_code decode_krb5_pwd_sequence(const krb5_data *code, passwd_phrase_element **rep)
 {
-  setup_buf_only();
-  alloc_field(*rep,passwd_phrase_element);
-  retval = asn1_decode_passwdsequence(&buf,*rep);
-  if(retval) clean_return(retval);
-  cleanup(free);
+    setup_buf_only();
+    alloc_field(*rep,passwd_phrase_element);
+    retval = asn1_decode_passwdsequence(&buf,*rep);
+    if (retval) clean_return(retval);
+    cleanup(free);
 }
 
 krb5_error_code decode_krb5_pwd_data(const krb5_data *code, krb5_pwd_data **rep)
 {
-  setup();
-  alloc_field(*rep,krb5_pwd_data);
-  { begin_structure();
-    get_field((*rep)->sequence_count,0,asn1_decode_int);
-    get_field((*rep)->element,1,asn1_decode_sequence_of_passwdsequence);
-    (*rep)->magic = KV5M_PWD_DATA;
-    end_structure (); }
-  cleanup(free);
+    setup();
+    alloc_field(*rep,krb5_pwd_data);
+    { begin_structure();
+       get_field((*rep)->sequence_count,0,asn1_decode_int);
+       get_field((*rep)->element,1,asn1_decode_sequence_of_passwdsequence);
+       (*rep)->magic = KV5M_PWD_DATA;
+       end_structure (); }
+    cleanup(free);
 }
 
 krb5_error_code decode_krb5_padata_sequence(const krb5_data *code, krb5_pa_data ***rep)
 {
-  setup_buf_only();
-  *rep = 0;
-  retval = asn1_decode_sequence_of_pa_data(&buf,rep);
-  if(retval) clean_return(retval);
-  cleanup_none();              /* we're not allocating anything here */
+    setup_buf_only();
+    *rep = 0;
+    retval = asn1_decode_sequence_of_pa_data(&buf,rep);
+    if (retval) clean_return(retval);
+    cleanup_none();            /* we're not allocating anything here */
 }
 
 krb5_error_code decode_krb5_alt_method(const krb5_data *code, krb5_alt_method **rep)
 {
-  setup();
-  alloc_field(*rep,krb5_alt_method);
-  { begin_structure();
-    get_field((*rep)->method,0,asn1_decode_int32);
-    if (tagnum == 1) {
-       get_lenfield((*rep)->length,(*rep)->data,1,asn1_decode_octetstring);
-    } else {
-       (*rep)->length = 0;
-       (*rep)->data = 0;
+    setup();
+    alloc_field(*rep,krb5_alt_method);
+    { begin_structure();
+       get_field((*rep)->method,0,asn1_decode_int32);
+       if (tagnum == 1) {
+           get_lenfield((*rep)->length,(*rep)->data,1,asn1_decode_octetstring);
+       } else {
+           (*rep)->length = 0;
+           (*rep)->data = 0;
+       }
+       (*rep)->magic = KV5M_ALT_METHOD;
+       end_structure();
     }
-    (*rep)->magic = KV5M_ALT_METHOD;
-    end_structure();
-  }
-  cleanup(free);
+    cleanup(free);
 }
 
 krb5_error_code decode_krb5_etype_info(const krb5_data *code, krb5_etype_info_entry ***rep)
 {
-  setup_buf_only();
-  *rep = 0;
-  retval = asn1_decode_etype_info(&buf,rep);
-  if(retval) clean_return(retval);
-  cleanup_none();              /* we're not allocating anything here */
+    setup_buf_only();
+    *rep = 0;
+    retval = asn1_decode_etype_info(&buf,rep);
+    if (retval) clean_return(retval);
+    cleanup_none();            /* we're not allocating anything here */
 }
 
 krb5_error_code decode_krb5_etype_info2(const krb5_data *code, krb5_etype_info_entry ***rep)
@@ -816,282 +816,282 @@ krb5_error_code decode_krb5_etype_info2(const krb5_data *code, krb5_etype_info_e
     retval = asn1_decode_etype_info2(&buf,rep, 0);
     if (retval == ASN1_BAD_ID) {
        retval = asn1buf_wrap_data(&buf,code);
-       if(retval) clean_return(retval);
+       if (retval) clean_return(retval);
        retval = asn1_decode_etype_info2(&buf, rep, 1);
     }
-    if(retval) clean_return(retval);
+    if (retval) clean_return(retval);
     cleanup_none();            /* we're not allocating anything here */
 }
 
 
 krb5_error_code decode_krb5_enc_data(const krb5_data *code, krb5_enc_data **rep)
 {
-  setup_buf_only();
-  alloc_field(*rep,krb5_enc_data);
+    setup_buf_only();
+    alloc_field(*rep,krb5_enc_data);
 
-  retval = asn1_decode_encrypted_data(&buf,*rep);
-  if(retval) clean_return(retval);
+    retval = asn1_decode_encrypted_data(&buf,*rep);
+    if (retval) clean_return(retval);
 
-  cleanup(free);
+    cleanup(free);
 }
 
 krb5_error_code decode_krb5_pa_enc_ts(const krb5_data *code, krb5_pa_enc_ts **rep)
 {
-  setup();
-  alloc_field(*rep,krb5_pa_enc_ts);
-  { begin_structure();
-    get_field((*rep)->patimestamp,0,asn1_decode_kerberos_time);
-    if (tagnum == 1) {
-       get_field((*rep)->pausec,1,asn1_decode_int32);
-    } else
-       (*rep)->pausec = 0;
-    end_structure (); }
-  cleanup(free);
+    setup();
+    alloc_field(*rep,krb5_pa_enc_ts);
+    { begin_structure();
+       get_field((*rep)->patimestamp,0,asn1_decode_kerberos_time);
+       if (tagnum == 1) {
+           get_field((*rep)->pausec,1,asn1_decode_int32);
+       } else
+           (*rep)->pausec = 0;
+       end_structure (); }
+    cleanup(free);
 }
 
 krb5_error_code decode_krb5_sam_challenge(const krb5_data *code, krb5_sam_challenge **rep)
 {
-  setup_buf_only();
-  alloc_field(*rep,krb5_sam_challenge);
+    setup_buf_only();
+    alloc_field(*rep,krb5_sam_challenge);
 
-  retval = asn1_decode_sam_challenge(&buf,*rep);
-  if(retval) clean_return(retval);
+    retval = asn1_decode_sam_challenge(&buf,*rep);
+    if (retval) clean_return(retval);
 
-  cleanup(free);
+    cleanup(free);
 }
 
 krb5_error_code decode_krb5_sam_challenge_2(const krb5_data *code, krb5_sam_challenge_2 **rep)
 {
-  setup_buf_only();
-  alloc_field(*rep,krb5_sam_challenge_2);
+    setup_buf_only();
+    alloc_field(*rep,krb5_sam_challenge_2);
 
-  retval = asn1_decode_sam_challenge_2(&buf,*rep);
-  if(retval) clean_return(retval);
+    retval = asn1_decode_sam_challenge_2(&buf,*rep);
+    if (retval) clean_return(retval);
 
-  cleanup(free);
+    cleanup(free);
 }
 
 krb5_error_code decode_krb5_sam_challenge_2_body(const krb5_data *code, krb5_sam_challenge_2_body **rep)
 {
-  setup_buf_only();
-  alloc_field(*rep, krb5_sam_challenge_2_body);
+    setup_buf_only();
+    alloc_field(*rep, krb5_sam_challenge_2_body);
 
-  retval = asn1_decode_sam_challenge_2_body(&buf, *rep);
-  if(retval) clean_return(retval);
+    retval = asn1_decode_sam_challenge_2_body(&buf, *rep);
+    if (retval) clean_return(retval);
 
-  cleanup(free);
+    cleanup(free);
 }
 
 krb5_error_code decode_krb5_enc_sam_key(const krb5_data *code, krb5_sam_key **rep)
 {
-  setup_buf_only();
-  alloc_field(*rep,krb5_sam_key);
+    setup_buf_only();
+    alloc_field(*rep,krb5_sam_key);
 
-  retval = asn1_decode_enc_sam_key(&buf,*rep);
-  if(retval) clean_return(retval);
+    retval = asn1_decode_enc_sam_key(&buf,*rep);
+    if (retval) clean_return(retval);
 
-  cleanup(free);
+    cleanup(free);
 }
 
 krb5_error_code decode_krb5_enc_sam_response_enc(const krb5_data *code, krb5_enc_sam_response_enc **rep)
 {
-  setup_buf_only();
-  alloc_field(*rep,krb5_enc_sam_response_enc);
+    setup_buf_only();
+    alloc_field(*rep,krb5_enc_sam_response_enc);
 
-  retval = asn1_decode_enc_sam_response_enc(&buf,*rep);
-  if(retval) clean_return(retval);
+    retval = asn1_decode_enc_sam_response_enc(&buf,*rep);
+    if (retval) clean_return(retval);
 
-  cleanup(free);
+    cleanup(free);
 }
 
 krb5_error_code decode_krb5_enc_sam_response_enc_2(const krb5_data *code, krb5_enc_sam_response_enc_2 **rep)
 {
-  setup_buf_only();
-  alloc_field(*rep,krb5_enc_sam_response_enc_2);
+    setup_buf_only();
+    alloc_field(*rep,krb5_enc_sam_response_enc_2);
 
-  retval = asn1_decode_enc_sam_response_enc_2(&buf,*rep);
-  if(retval) clean_return(retval);
+    retval = asn1_decode_enc_sam_response_enc_2(&buf,*rep);
+    if (retval) clean_return(retval);
 
-  cleanup(free);
+    cleanup(free);
 }
 
 krb5_error_code decode_krb5_sam_response(const krb5_data *code, krb5_sam_response **rep)
 {
-  setup_buf_only();
-  alloc_field(*rep,krb5_sam_response);
+    setup_buf_only();
+    alloc_field(*rep,krb5_sam_response);
 
-  retval = asn1_decode_sam_response(&buf,*rep);
-  if(retval) clean_return(retval);
+    retval = asn1_decode_sam_response(&buf,*rep);
+    if (retval) clean_return(retval);
 
-  cleanup(free);
+    cleanup(free);
 }
 
 krb5_error_code decode_krb5_sam_response_2(const krb5_data *code, krb5_sam_response_2 **rep)
 {
-  setup_buf_only();
-  alloc_field(*rep,krb5_sam_response_2);
+    setup_buf_only();
+    alloc_field(*rep,krb5_sam_response_2);
 
-  retval = asn1_decode_sam_response_2(&buf,*rep);
-  if(retval) clean_return(retval);
+    retval = asn1_decode_sam_response_2(&buf,*rep);
+    if (retval) clean_return(retval);
 
-  cleanup(free);
+    cleanup(free);
 }
 
 krb5_error_code decode_krb5_predicted_sam_response(const krb5_data *code, krb5_predicted_sam_response **rep)
 {
-  setup_buf_only();            /* preallocated */
-  alloc_field(*rep,krb5_predicted_sam_response);
+    setup_buf_only();          /* preallocated */
+    alloc_field(*rep,krb5_predicted_sam_response);
 
-  retval = asn1_decode_predicted_sam_response(&buf,*rep);
-  if(retval) clean_return(retval);
+    retval = asn1_decode_predicted_sam_response(&buf,*rep);
+    if (retval) clean_return(retval);
 
-  cleanup(free);
+    cleanup(free);
 }
 
 #ifndef DISABLE_PKINIT
 krb5_error_code decode_krb5_pa_pk_as_req(const krb5_data *code, krb5_pa_pk_as_req **rep)
 {
-  setup_buf_only();
-  alloc_field(*rep, krb5_pa_pk_as_req);
+    setup_buf_only();
+    alloc_field(*rep, krb5_pa_pk_as_req);
 
-  retval = asn1_decode_pa_pk_as_req(&buf, *rep);
-  if (retval) clean_return(retval);
+    retval = asn1_decode_pa_pk_as_req(&buf, *rep);
+    if (retval) clean_return(retval);
 
-  cleanup(free);
+    cleanup(free);
 }
 
 krb5_error_code decode_krb5_pa_pk_as_req_draft9(const krb5_data *code, krb5_pa_pk_as_req_draft9 **rep)
 {
-  setup_buf_only();
-  alloc_field(*rep, krb5_pa_pk_as_req_draft9);
+    setup_buf_only();
+    alloc_field(*rep, krb5_pa_pk_as_req_draft9);
 
-  retval = asn1_decode_pa_pk_as_req_draft9(&buf, *rep);
-  if (retval) clean_return(retval);
+    retval = asn1_decode_pa_pk_as_req_draft9(&buf, *rep);
+    if (retval) clean_return(retval);
 
-  cleanup(free);
+    cleanup(free);
 }
 
 krb5_error_code decode_krb5_pa_pk_as_rep(const krb5_data *code, krb5_pa_pk_as_rep **rep)
 {
-  setup_buf_only();
-  alloc_field(*rep, krb5_pa_pk_as_rep);
+    setup_buf_only();
+    alloc_field(*rep, krb5_pa_pk_as_rep);
 
-  retval = asn1_decode_pa_pk_as_rep(&buf, *rep);
-  if (retval) clean_return(retval);
+    retval = asn1_decode_pa_pk_as_rep(&buf, *rep);
+    if (retval) clean_return(retval);
 
-  cleanup(free);
+    cleanup(free);
 }
 
 krb5_error_code decode_krb5_pa_pk_as_rep_draft9(const krb5_data *code, krb5_pa_pk_as_rep_draft9 **rep)
 {
-  setup_buf_only();
-  alloc_field(*rep, krb5_pa_pk_as_rep_draft9);
+    setup_buf_only();
+    alloc_field(*rep, krb5_pa_pk_as_rep_draft9);
 
-  retval = asn1_decode_pa_pk_as_rep_draft9(&buf, *rep);
-  if (retval) clean_return(retval);
+    retval = asn1_decode_pa_pk_as_rep_draft9(&buf, *rep);
+    if (retval) clean_return(retval);
 
-  cleanup(free);
+    cleanup(free);
 }
 
 krb5_error_code decode_krb5_auth_pack(const krb5_data *code, krb5_auth_pack **rep)
 {
-  setup_buf_only();
-  alloc_field(*rep, krb5_auth_pack);
+    setup_buf_only();
+    alloc_field(*rep, krb5_auth_pack);
 
-  retval = asn1_decode_auth_pack(&buf, *rep);
-  if (retval) clean_return(retval);
+    retval = asn1_decode_auth_pack(&buf, *rep);
+    if (retval) clean_return(retval);
 
-  cleanup(free);
+    cleanup(free);
 }
 
 krb5_error_code decode_krb5_auth_pack_draft9(const krb5_data *code, krb5_auth_pack_draft9 **rep)
 {
-  setup_buf_only();
-  alloc_field(*rep, krb5_auth_pack_draft9);
+    setup_buf_only();
+    alloc_field(*rep, krb5_auth_pack_draft9);
 
-  retval = asn1_decode_auth_pack_draft9(&buf, *rep);
-  if (retval) clean_return(retval);
+    retval = asn1_decode_auth_pack_draft9(&buf, *rep);
+    if (retval) clean_return(retval);
 
-  cleanup(free);
+    cleanup(free);
 }
 
 krb5_error_code decode_krb5_kdc_dh_key_info(const krb5_data *code, krb5_kdc_dh_key_info **rep)
 {
-  setup_buf_only();
-  alloc_field(*rep, krb5_kdc_dh_key_info);
+    setup_buf_only();
+    alloc_field(*rep, krb5_kdc_dh_key_info);
 
-  retval = asn1_decode_kdc_dh_key_info(&buf, *rep);
-  if (retval) clean_return(retval);
+    retval = asn1_decode_kdc_dh_key_info(&buf, *rep);
+    if (retval) clean_return(retval);
 
-  cleanup(free);
+    cleanup(free);
 }
 
 krb5_error_code decode_krb5_principal_name(const krb5_data *code, krb5_principal_data **rep) 
 {
-  setup_buf_only();
-  alloc_field(*rep, krb5_principal_data);
+    setup_buf_only();
+    alloc_field(*rep, krb5_principal_data);
 
-  retval = asn1_decode_krb5_principal_name(&buf, rep);
-  if (retval) clean_return(retval);
+    retval = asn1_decode_krb5_principal_name(&buf, rep);
+    if (retval) clean_return(retval);
 
-  cleanup(free);
+    cleanup(free);
 }
 
 krb5_error_code decode_krb5_reply_key_pack(const krb5_data *code, krb5_reply_key_pack **rep)
 {
-  setup_buf_only();
-  alloc_field(*rep, krb5_reply_key_pack);
+    setup_buf_only();
+    alloc_field(*rep, krb5_reply_key_pack);
 
-  retval = asn1_decode_reply_key_pack(&buf, *rep);
-  if (retval)
-    goto error_out;
+    retval = asn1_decode_reply_key_pack(&buf, *rep);
+    if (retval)
+       goto error_out;
 
-  cleanup_manual();
+    cleanup_manual();
 error_out:
-  if (rep && *rep) {
-    free((*rep)->replyKey.contents);
-    free((*rep)->asChecksum.contents);
-    free(*rep);
-    *rep = NULL;
-  }
-  return retval;
+    if (rep && *rep) {
+       free((*rep)->replyKey.contents);
+       free((*rep)->asChecksum.contents);
+       free(*rep);
+       *rep = NULL;
+    }
+    return retval;
 }
 
 krb5_error_code decode_krb5_reply_key_pack_draft9(const krb5_data *code, krb5_reply_key_pack_draft9 **rep)
 {
-  setup_buf_only();
-  alloc_field(*rep, krb5_reply_key_pack_draft9);
+    setup_buf_only();
+    alloc_field(*rep, krb5_reply_key_pack_draft9);
 
-  retval = asn1_decode_reply_key_pack_draft9(&buf, *rep);
-  if (retval) clean_return(retval);
+    retval = asn1_decode_reply_key_pack_draft9(&buf, *rep);
+    if (retval) clean_return(retval);
 
-  cleanup(free);
+    cleanup(free);
 }
 
 krb5_error_code decode_krb5_typed_data(const krb5_data *code, krb5_typed_data ***rep)
 {
-  setup_buf_only();
-  retval = asn1_decode_sequence_of_typed_data(&buf, rep);
-  if (retval) clean_return(retval);
+    setup_buf_only();
+    retval = asn1_decode_sequence_of_typed_data(&buf, rep);
+    if (retval) clean_return(retval);
 
-  cleanup(free);
+    cleanup(free);
 }
 
 krb5_error_code decode_krb5_td_trusted_certifiers(const krb5_data *code, krb5_external_principal_identifier ***rep)
 {
-  setup_buf_only();
-  retval = asn1_decode_sequence_of_external_principal_identifier(&buf, rep);
-  if (retval) clean_return(retval);
+    setup_buf_only();
+    retval = asn1_decode_sequence_of_external_principal_identifier(&buf, rep);
+    if (retval) clean_return(retval);
 
-  cleanup(free);
+    cleanup(free);
 }
 
 krb5_error_code decode_krb5_td_dh_parameters(const krb5_data *code, krb5_algorithm_identifier ***rep)
 {
-  setup_buf_only();
-  retval = asn1_decode_sequence_of_algorithm_identifier(&buf, rep);
-  if (retval) clean_return(retval);
+    setup_buf_only();
+    retval = asn1_decode_sequence_of_algorithm_identifier(&buf, rep);
+    if (retval) clean_return(retval);
 
-  cleanup(free);
+    cleanup(free);
 }
 #endif /* DISABLE_PKINIT */
index 68b95b9e5d12b245d50b6c268e70db0698d071e9..d6120178714c58e4ef44ed6dfa2b301121614fca 100644 (file)
@@ -47,7 +47,7 @@
      ...
 
      /* for OPTIONAL fields */
-     if(rep->field_i == should_not_be_omitted)
+     if (rep->field_i == should_not_be_omitted)
        krb5_addfield(rep->field_i, i, asn1_type);
 
      /* for string fields (these encoders take an additional argument,
 
      /* if you really have to do things yourself... */
      retval = asn1_encode_asn1_type(buf,rep->field,&length);
-     if(retval) return retval;
+     if (retval) return retval;
      sum += length;
      retval = asn1_make_etag(buf,
                            [UNIVERSAL/APPLICATION/CONTEXT_SPECIFIC/PRIVATE],
                            tag_number, length, &length);
-     if(retval) return retval;
+     if (retval) return retval;
      sum += length;
 
      ...
   asn1buf *buf=NULL;\
   unsigned int length, sum=0;\
 \
-  if(rep == NULL) return ASN1_MISSING_FIELD;\
+  if (rep == NULL) return ASN1_MISSING_FIELD;\
 \
   retval = asn1buf_create(&buf);\
-  if(retval) return retval
+  if (retval) return retval
   
 /* krb5_addfield -- add a field, or component, to the encoding */
 #define krb5_addfield(value,tag,encoder)\
 { retval = encoder(buf,value,&length);\
-  if(retval){\
+  if (retval) {\
     asn1buf_destroy(&buf);\
     return retval; }\
   sum += length;\
   retval = asn1_make_etag(buf,CONTEXT_SPECIFIC,tag,length,&length);\
-  if(retval){\
+  if (retval) {\
     asn1buf_destroy(&buf);\
     return retval; }\
   sum += length; }
 /* krb5_addlenfield -- add a field whose length must be separately specified */
 #define krb5_addlenfield(len,value,tag,encoder)\
 { retval = encoder(buf,len,value,&length);\
-  if(retval){\
+  if (retval) {\
     asn1buf_destroy(&buf);\
     return retval; }\
   sum += length;\
   retval = asn1_make_etag(buf,CONTEXT_SPECIFIC,tag,length,&length);\
-  if(retval){\
+  if (retval) {\
     asn1buf_destroy(&buf);\
     return retval; }\
   sum += length; }
 /* form a sequence (by adding a sequence header to the current encoding) */
 #define krb5_makeseq()\
   retval = asn1_make_sequence(buf,sum,&length);\
-  if(retval){\
+  if (retval) {\
     asn1buf_destroy(&buf);\
     return retval; }\
   sum += length
 /* add an APPLICATION class tag to the current encoding */
 #define krb5_apptag(num)\
   retval = asn1_make_etag(buf,APPLICATION,num,sum,&length);\
-  if(retval){\
+  if (retval) {\
     asn1buf_destroy(&buf);\
     return retval; }\
   sum += length
 /* produce the final output and clean up the workspace */
 #define krb5_cleanup()\
   retval = asn12krb5_buf(buf,code);\
-  if(retval){\
+  if (retval) {\
     asn1buf_destroy(&buf);\
     return retval; }\
   retval = asn1buf_destroy(&buf);\
-  if(retval){\
+  if (retval) {\
     return retval; }\
 \
   return 0
 
 krb5_error_code encode_krb5_authenticator(const krb5_authenticator *rep, krb5_data **code)
 {
-  krb5_setup();
+    krb5_setup();
 
-  /* authorization-data[8]     AuthorizationData OPTIONAL */
-  if(rep->authorization_data != NULL &&
-     rep->authorization_data[0] != NULL){
-    retval = asn1_encode_authorization_data(buf, (const krb5_authdata **)
-                                           rep->authorization_data,
-                                           &length);
-    if(retval){
-      asn1buf_destroy(&buf);
-      return retval; }
-    sum += length;
-    retval = asn1_make_etag(buf,CONTEXT_SPECIFIC,8,length,&length);
-    if(retval){
-      asn1buf_destroy(&buf);
-      return retval; }
-    sum += length;
-  }
+    /* authorization-data[8]   AuthorizationData OPTIONAL */
+    if (rep->authorization_data != NULL &&
+       rep->authorization_data[0] != NULL) {
+       retval = asn1_encode_authorization_data(buf, (const krb5_authdata **)
+                                               rep->authorization_data,
+                                               &length);
+       if (retval) {
+           asn1buf_destroy(&buf);
+           return retval; }
+       sum += length;
+       retval = asn1_make_etag(buf,CONTEXT_SPECIFIC,8,length,&length);
+       if (retval) {
+           asn1buf_destroy(&buf);
+           return retval; }
+       sum += length;
+    }
 
-  /* seq-number[7]             INTEGER OPTIONAL */
-  if(rep->seq_number != 0)
-    krb5_addfield(rep->seq_number,7,asn1_encode_unsigned_integer);
+    /* seq-number[7]           INTEGER OPTIONAL */
+    if (rep->seq_number != 0)
+       krb5_addfield(rep->seq_number,7,asn1_encode_unsigned_integer);
 
-  /* subkey[6]                 EncryptionKey OPTIONAL */
-  if(rep->subkey != NULL)
-    krb5_addfield(rep->subkey,6,asn1_encode_encryption_key);
+    /* subkey[6]                       EncryptionKey OPTIONAL */
+    if (rep->subkey != NULL)
+       krb5_addfield(rep->subkey,6,asn1_encode_encryption_key);
 
-  /* ctime[5]                  KerberosTime */
-  krb5_addfield(rep->ctime,5,asn1_encode_kerberos_time);
+    /* ctime[5]                        KerberosTime */
+    krb5_addfield(rep->ctime,5,asn1_encode_kerberos_time);
 
-  /* cusec[4]                  INTEGER */
-  krb5_addfield(rep->cusec,4,asn1_encode_integer);
+    /* cusec[4]                        INTEGER */
+    krb5_addfield(rep->cusec,4,asn1_encode_integer);
 
-  /* cksum[3]                  Checksum OPTIONAL */
-  if(rep->checksum != NULL)
-    krb5_addfield(rep->checksum,3,asn1_encode_checksum);
+    /* cksum[3]                        Checksum OPTIONAL */
+    if (rep->checksum != NULL)
+       krb5_addfield(rep->checksum,3,asn1_encode_checksum);
 
-  /* cname[2]                  PrincipalName */
-  krb5_addfield(rep->client,2,asn1_encode_principal_name);
+    /* cname[2]                        PrincipalName */
+    krb5_addfield(rep->client,2,asn1_encode_principal_name);
 
-  /* crealm[1]                 Realm */
-  krb5_addfield(rep->client,1,asn1_encode_realm);
+    /* crealm[1]                       Realm */
+    krb5_addfield(rep->client,1,asn1_encode_realm);
 
-  /* authenticator-vno[0]      INTEGER */
-  krb5_addfield(KVNO,0,asn1_encode_integer);
+    /* authenticator-vno[0]    INTEGER */
+    krb5_addfield(KVNO,0,asn1_encode_integer);
 
-  /* Authenticator ::= [APPLICATION 2] SEQUENCE */
-  krb5_makeseq();
-  krb5_apptag(2);
+    /* Authenticator ::= [APPLICATION 2] SEQUENCE */
+    krb5_makeseq();
+    krb5_apptag(2);
 
-  krb5_cleanup();
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_ticket(const krb5_ticket *rep, krb5_data **code)
 {
-  krb5_setup();
+    krb5_setup();
 
-  /* enc-part[3]       EncryptedData */
-  krb5_addfield(&(rep->enc_part),3,asn1_encode_encrypted_data);
+    /* enc-part[3]     EncryptedData */
+    krb5_addfield(&(rep->enc_part),3,asn1_encode_encrypted_data);
 
-  /* sname [2]         PrincipalName */
-  krb5_addfield(rep->server,2,asn1_encode_principal_name);
+    /* sname [2]               PrincipalName */
+    krb5_addfield(rep->server,2,asn1_encode_principal_name);
 
-  /* realm [1]         Realm */
-  krb5_addfield(rep->server,1,asn1_encode_realm);
+    /* realm [1]               Realm */
+    krb5_addfield(rep->server,1,asn1_encode_realm);
 
-  /* tkt-vno [0]       INTEGER */
-  krb5_addfield(KVNO,0,asn1_encode_integer);
+    /* tkt-vno [0]     INTEGER */
+    krb5_addfield(KVNO,0,asn1_encode_integer);
 
-  /* Ticket ::= [APPLICATION 1] SEQUENCE */
-  krb5_makeseq();
-  krb5_apptag(1);
+    /* Ticket ::= [APPLICATION 1] SEQUENCE */
+    krb5_makeseq();
+    krb5_apptag(1);
 
-  krb5_cleanup();
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_encryption_key(const krb5_keyblock *rep, krb5_data **code)
 {
-  krb5_setup();
+    krb5_setup();
 
-  /* keyvalue[1]       OCTET STRING */
-  krb5_addlenfield(rep->length,rep->contents,1,asn1_encode_octetstring);
+    /* keyvalue[1]     OCTET STRING */
+    krb5_addlenfield(rep->length,rep->contents,1,asn1_encode_octetstring);
 
-  /* enctype[0]                INTEGER */
-  krb5_addfield(rep->enctype,0,asn1_encode_integer);
+    /* enctype[0]              INTEGER */
+    krb5_addfield(rep->enctype,0,asn1_encode_integer);
 
-  /* EncryptionKey ::= SEQUENCE */
-  krb5_makeseq();
+    /* EncryptionKey ::= SEQUENCE */
+    krb5_makeseq();
 
-  krb5_cleanup();
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_enc_tkt_part(const krb5_enc_tkt_part *rep, krb5_data **code)
 {
-  krb5_setup();
+    krb5_setup();
 
-  /* authorization-data[10]    AuthorizationData OPTIONAL */
-  if(rep->authorization_data != NULL &&
-     rep->authorization_data[0] != NULL)
-    krb5_addfield((const krb5_authdata**)rep->authorization_data,
-                 10,asn1_encode_authorization_data);
+    /* authorization-data[10]  AuthorizationData OPTIONAL */
+    if (rep->authorization_data != NULL &&
+       rep->authorization_data[0] != NULL)
+       krb5_addfield((const krb5_authdata**)rep->authorization_data,
+                     10,asn1_encode_authorization_data);
 
-  /* caddr[9]                  HostAddresses OPTIONAL */
-  if(rep->caddrs != NULL && rep->caddrs[0] != NULL)
-    krb5_addfield((const krb5_address**)rep->caddrs,9,asn1_encode_host_addresses);
+    /* caddr[9]                        HostAddresses OPTIONAL */
+    if (rep->caddrs != NULL && rep->caddrs[0] != NULL)
+       krb5_addfield((const krb5_address**)rep->caddrs,9,asn1_encode_host_addresses);
 
-  /* renew-till[8]             KerberosTime OPTIONAL */
-  if(rep->times.renew_till)
-    krb5_addfield(rep->times.renew_till,8,asn1_encode_kerberos_time);
+    /* renew-till[8]           KerberosTime OPTIONAL */
+    if (rep->times.renew_till)
+       krb5_addfield(rep->times.renew_till,8,asn1_encode_kerberos_time);
 
-  /* endtime[7]                        KerberosTime */
-  krb5_addfield(rep->times.endtime,7,asn1_encode_kerberos_time);
+    /* endtime[7]                      KerberosTime */
+    krb5_addfield(rep->times.endtime,7,asn1_encode_kerberos_time);
 
-  /* starttime[6]              KerberosTime OPTIONAL */
-  if(rep->times.starttime)
-    krb5_addfield(rep->times.starttime,6,asn1_encode_kerberos_time);
+    /* starttime[6]            KerberosTime OPTIONAL */
+    if (rep->times.starttime)
+       krb5_addfield(rep->times.starttime,6,asn1_encode_kerberos_time);
 
-  /* authtime[5]               KerberosTime */
-  krb5_addfield(rep->times.authtime,5,asn1_encode_kerberos_time);
+    /* authtime[5]             KerberosTime */
+    krb5_addfield(rep->times.authtime,5,asn1_encode_kerberos_time);
 
-  /* transited[4]              TransitedEncoding */
-  krb5_addfield(&(rep->transited),4,asn1_encode_transited_encoding);
+    /* transited[4]            TransitedEncoding */
+    krb5_addfield(&(rep->transited),4,asn1_encode_transited_encoding);
 
-  /* cname[3]                  PrincipalName */
-  krb5_addfield(rep->client,3,asn1_encode_principal_name);
+    /* cname[3]                        PrincipalName */
+    krb5_addfield(rep->client,3,asn1_encode_principal_name);
 
-  /* crealm[2]                 Realm */
-  krb5_addfield(rep->client,2,asn1_encode_realm);
+    /* crealm[2]                       Realm */
+    krb5_addfield(rep->client,2,asn1_encode_realm);
 
-  /* key[1]                    EncryptionKey */
-  krb5_addfield(rep->session,1,asn1_encode_encryption_key);
+    /* key[1]                  EncryptionKey */
+    krb5_addfield(rep->session,1,asn1_encode_encryption_key);
 
-  /* flags[0]                  TicketFlags */
-  krb5_addfield(rep->flags,0,asn1_encode_ticket_flags);
+    /* flags[0]                        TicketFlags */
+    krb5_addfield(rep->flags,0,asn1_encode_ticket_flags);
 
-  /* EncTicketPart ::= [APPLICATION 3] SEQUENCE */
-  krb5_makeseq();
-  krb5_apptag(3);
+    /* EncTicketPart ::= [APPLICATION 3] SEQUENCE */
+    krb5_makeseq();
+    krb5_apptag(3);
 
-  krb5_cleanup();
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_enc_kdc_rep_part(const krb5_enc_kdc_rep_part *rep, krb5_data **code)
 {
-  asn1_error_code retval;
-  asn1buf *buf=NULL;
-  unsigned int length, sum=0;
+    asn1_error_code retval;
+    asn1buf *buf=NULL;
+    unsigned int length, sum=0;
 
-  if(rep == NULL) return ASN1_MISSING_FIELD;
+    if (rep == NULL) return ASN1_MISSING_FIELD;
 
-  retval = asn1buf_create(&buf);
-  if(retval) return retval;
+    retval = asn1buf_create(&buf);
+    if (retval) return retval;
 
-  retval = asn1_encode_enc_kdc_rep_part(buf,rep,&length);
-  if(retval) return retval;
-  sum += length;
+    retval = asn1_encode_enc_kdc_rep_part(buf,rep,&length);
+    if (retval) return retval;
+    sum += length;
 
 #ifdef KRB5_ENCKRB5KDCREPPART_COMPAT
-  krb5_apptag(26);
+    krb5_apptag(26);
 #else
-  /* XXX WRONG!!! Should use 25 || 26, not the outer KDC_REP tags! */
-  if (rep->msg_type == KRB5_AS_REP) { krb5_apptag(ASN1_KRB_AS_REP); }
-  else if (rep->msg_type == KRB5_TGS_REP) { krb5_apptag(ASN1_KRB_TGS_REP); }
-  else return KRB5_BADMSGTYPE;
+    /* XXX WRONG!!! Should use 25 || 26, not the outer KDC_REP tags! */
+    if (rep->msg_type == KRB5_AS_REP) { krb5_apptag(ASN1_KRB_AS_REP); }
+    else if (rep->msg_type == KRB5_TGS_REP) { krb5_apptag(ASN1_KRB_TGS_REP); }
+    else return KRB5_BADMSGTYPE;
 #endif
-  krb5_cleanup();
+    krb5_cleanup();
 }
 
 /* yes, the translation is identical to that used for KDC__REP */ 
 krb5_error_code encode_krb5_as_rep(const krb5_kdc_rep *rep, krb5_data **code)
 {
-  krb5_setup();
+    krb5_setup();
 
-  /* AS-REP ::= [APPLICATION 11] KDC-REP */
-  retval = asn1_encode_kdc_rep(KRB5_AS_REP,buf,rep,&length);
-  if(retval) return retval;
-  sum += length;
+    /* AS-REP ::= [APPLICATION 11] KDC-REP */
+    retval = asn1_encode_kdc_rep(KRB5_AS_REP,buf,rep,&length);
+    if (retval) return retval;
+    sum += length;
 
-  krb5_apptag(11);
+    krb5_apptag(11);
 
-  krb5_cleanup();
+    krb5_cleanup();
 }
 
 /* yes, the translation is identical to that used for KDC__REP */ 
 krb5_error_code encode_krb5_tgs_rep(const krb5_kdc_rep *rep, krb5_data **code)
 {
-  krb5_setup();
+    krb5_setup();
 
-  /* TGS-REP ::= [APPLICATION 13] KDC-REP */
-  retval = asn1_encode_kdc_rep(KRB5_TGS_REP,buf,rep,&length);
-  if(retval) return retval;
-  sum += length;
+    /* TGS-REP ::= [APPLICATION 13] KDC-REP */
+    retval = asn1_encode_kdc_rep(KRB5_TGS_REP,buf,rep,&length);
+    if (retval) return retval;
+    sum += length;
 
-  krb5_apptag(13);
+    krb5_apptag(13);
 
-  krb5_cleanup();
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_ap_req(const krb5_ap_req *rep, krb5_data **code)
 {
-  krb5_setup();
+    krb5_setup();
 
-  /* authenticator[4]  EncryptedData */
-  krb5_addfield(&(rep->authenticator),4,asn1_encode_encrypted_data);
+    /* authenticator[4]        EncryptedData */
+    krb5_addfield(&(rep->authenticator),4,asn1_encode_encrypted_data);
 
-  /* ticket[3]         Ticket */
-  krb5_addfield(rep->ticket,3,asn1_encode_ticket);
+    /* ticket[3]               Ticket */
+    krb5_addfield(rep->ticket,3,asn1_encode_ticket);
 
-  /* ap-options[2]     APOptions */
-  krb5_addfield(rep->ap_options,2,asn1_encode_ap_options);
+    /* ap-options[2]   APOptions */
+    krb5_addfield(rep->ap_options,2,asn1_encode_ap_options);
 
-  /* msg-type[1]       INTEGER */
-  krb5_addfield(ASN1_KRB_AP_REQ,1,asn1_encode_integer);
+    /* msg-type[1]     INTEGER */
+    krb5_addfield(ASN1_KRB_AP_REQ,1,asn1_encode_integer);
 
-  /* pvno[0]           INTEGER */
-  krb5_addfield(KVNO,0,asn1_encode_integer);
+    /* pvno[0]         INTEGER */
+    krb5_addfield(KVNO,0,asn1_encode_integer);
 
-  /* AP-REQ ::=        [APPLICATION 14] SEQUENCE */
-  krb5_makeseq();
-  krb5_apptag(14);
+    /* AP-REQ ::=      [APPLICATION 14] SEQUENCE */
+    krb5_makeseq();
+    krb5_apptag(14);
 
-  krb5_cleanup();
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_ap_rep(const krb5_ap_rep *rep, krb5_data **code)
 {
-  krb5_setup();
+    krb5_setup();
 
-  /* enc-part[2]       EncryptedData */
-  krb5_addfield(&(rep->enc_part),2,asn1_encode_encrypted_data);
+    /* enc-part[2]     EncryptedData */
+    krb5_addfield(&(rep->enc_part),2,asn1_encode_encrypted_data);
   
-  /* msg-type[1]       INTEGER */
-  krb5_addfield(ASN1_KRB_AP_REP,1,asn1_encode_integer);
+    /* msg-type[1]     INTEGER */
+    krb5_addfield(ASN1_KRB_AP_REP,1,asn1_encode_integer);
   
-  /* pvno[0]           INTEGER */
-  krb5_addfield(KVNO,0,asn1_encode_integer);
+    /* pvno[0]         INTEGER */
+    krb5_addfield(KVNO,0,asn1_encode_integer);
   
-  /* AP-REP ::=        [APPLICATION 15] SEQUENCE */
-  krb5_makeseq();
-  krb5_apptag(15);
+    /* AP-REP ::=      [APPLICATION 15] SEQUENCE */
+    krb5_makeseq();
+    krb5_apptag(15);
   
-  krb5_cleanup();
+    krb5_cleanup();
 }
 
 
 krb5_error_code encode_krb5_ap_rep_enc_part(const krb5_ap_rep_enc_part *rep, krb5_data **code)
 {
-  krb5_setup();
+    krb5_setup();
 
-  /* seq-number[3]     INTEGER OPTIONAL */
-  if(rep->seq_number)
-    krb5_addfield(rep->seq_number,3,asn1_encode_unsigned_integer);
+    /* seq-number[3]   INTEGER OPTIONAL */
+    if (rep->seq_number)
+       krb5_addfield(rep->seq_number,3,asn1_encode_unsigned_integer);
 
-  /* subkey[2]         EncryptionKey OPTIONAL */
-  if(rep->subkey != NULL)
-    krb5_addfield(rep->subkey,2,asn1_encode_encryption_key);
+    /* subkey[2]               EncryptionKey OPTIONAL */
+    if (rep->subkey != NULL)
+       krb5_addfield(rep->subkey,2,asn1_encode_encryption_key);
 
-  /* cusec[1]          INTEGER */
-  krb5_addfield(rep->cusec,1,asn1_encode_integer);
+    /* cusec[1]                INTEGER */
+    krb5_addfield(rep->cusec,1,asn1_encode_integer);
 
-  /* ctime[0]          KerberosTime */
-  krb5_addfield(rep->ctime,0,asn1_encode_kerberos_time);
+    /* ctime[0]                KerberosTime */
+    krb5_addfield(rep->ctime,0,asn1_encode_kerberos_time);
 
-  /* EncAPRepPart ::= [APPLICATION 27] SEQUENCE */
-  krb5_makeseq();
-  krb5_apptag(27);
+    /* EncAPRepPart ::= [APPLICATION 27] SEQUENCE */
+    krb5_makeseq();
+    krb5_apptag(27);
 
-  krb5_cleanup();
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_as_req(const krb5_kdc_req *rep, krb5_data **code)
 {
-  krb5_setup();
+    krb5_setup();
 
-  /* AS-REQ ::= [APPLICATION 10] KDC-REQ */
-  retval = asn1_encode_kdc_req(KRB5_AS_REQ,buf,rep,&length);
-  if(retval) return retval;
-  sum += length;
+    /* AS-REQ ::= [APPLICATION 10] KDC-REQ */
+    retval = asn1_encode_kdc_req(KRB5_AS_REQ,buf,rep,&length);
+    if (retval) return retval;
+    sum += length;
 
-  krb5_apptag(10);
+    krb5_apptag(10);
 
-  krb5_cleanup();
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_tgs_req(const krb5_kdc_req *rep, krb5_data **code)
 {
-  krb5_setup();
+    krb5_setup();
 
-  /* TGS-REQ ::= [APPLICATION 12] KDC-REQ */
-  retval = asn1_encode_kdc_req(KRB5_TGS_REQ,buf,rep,&length);
-  if(retval) return retval;
-  sum += length;
+    /* TGS-REQ ::= [APPLICATION 12] KDC-REQ */
+    retval = asn1_encode_kdc_req(KRB5_TGS_REQ,buf,rep,&length);
+    if (retval) return retval;
+    sum += length;
 
-  krb5_apptag(12);
+    krb5_apptag(12);
 
-  krb5_cleanup();
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_kdc_req_body(const krb5_kdc_req *rep, krb5_data **code)
 {
-  krb5_setup();
+    krb5_setup();
 
-  retval = asn1_encode_kdc_req_body(buf,rep,&length);
-  if(retval) return retval;
-  sum += length;
+    retval = asn1_encode_kdc_req_body(buf,rep,&length);
+    if (retval) return retval;
+    sum += length;
 
-  krb5_cleanup();
+    krb5_cleanup();
 }
 
 
 krb5_error_code encode_krb5_safe(const krb5_safe *rep, krb5_data **code)
 {
-  krb5_setup();
+    krb5_setup();
 
-  /* cksum[3]          Checksum */
-  krb5_addfield(rep->checksum,3,asn1_encode_checksum);
+    /* cksum[3]                Checksum */
+    krb5_addfield(rep->checksum,3,asn1_encode_checksum);
 
-  /* safe-body[2]      KRB-SAFE-BODY */
-  krb5_addfield(rep,2,asn1_encode_krb_safe_body);
+    /* safe-body[2]    KRB-SAFE-BODY */
+    krb5_addfield(rep,2,asn1_encode_krb_safe_body);
 
-  /* msg-type[1]       INTEGER */
-  krb5_addfield(ASN1_KRB_SAFE,1,asn1_encode_integer);
+    /* msg-type[1]     INTEGER */
+    krb5_addfield(ASN1_KRB_SAFE,1,asn1_encode_integer);
 
-  /* pvno[0]           INTEGER */
-  krb5_addfield(KVNO,0,asn1_encode_integer);
+    /* pvno[0]         INTEGER */
+    krb5_addfield(KVNO,0,asn1_encode_integer);
 
-  /* KRB-SAFE ::= [APPLICATION 20] SEQUENCE */
-  krb5_makeseq();
-  krb5_apptag(20);
+    /* KRB-SAFE ::= [APPLICATION 20] SEQUENCE */
+    krb5_makeseq();
+    krb5_apptag(20);
 
-  krb5_cleanup();
+    krb5_cleanup();
 }
 
 /*
@@ -485,532 +485,532 @@ krb5_error_code encode_krb5_safe(const krb5_safe *rep, krb5_data **code)
  * encoding to avoid problems with re-encoding.
  */
 krb5_error_code encode_krb5_safe_with_body(
-  const krb5_safe *rep,
-  const krb5_data *body,
-  krb5_data **code)
+    const krb5_safe *rep,
+    const krb5_data *body,
+    krb5_data **code)
 {
-  krb5_setup();
+    krb5_setup();
 
-  if (body == NULL) {
-      asn1buf_destroy(&buf);
-      return ASN1_MISSING_FIELD;
-  }
+    if (body == NULL) {
+       asn1buf_destroy(&buf);
+       return ASN1_MISSING_FIELD;
+    }
 
-  /* cksum[3]          Checksum */
-  krb5_addfield(rep->checksum,3,asn1_encode_checksum);
+    /* cksum[3]                Checksum */
+    krb5_addfield(rep->checksum,3,asn1_encode_checksum);
 
-  /* safe-body[2]      KRB-SAFE-BODY */
-  krb5_addfield(body,2,asn1_encode_krb_saved_safe_body);
+    /* safe-body[2]    KRB-SAFE-BODY */
+    krb5_addfield(body,2,asn1_encode_krb_saved_safe_body);
 
-  /* msg-type[1]       INTEGER */
-  krb5_addfield(ASN1_KRB_SAFE,1,asn1_encode_integer);
+    /* msg-type[1]     INTEGER */
+    krb5_addfield(ASN1_KRB_SAFE,1,asn1_encode_integer);
 
-  /* pvno[0]           INTEGER */
-  krb5_addfield(KVNO,0,asn1_encode_integer);
+    /* pvno[0]         INTEGER */
+    krb5_addfield(KVNO,0,asn1_encode_integer);
 
-  /* KRB-SAFE ::= [APPLICATION 20] SEQUENCE */
-  krb5_makeseq();
-  krb5_apptag(20);
+    /* KRB-SAFE ::= [APPLICATION 20] SEQUENCE */
+    krb5_makeseq();
+    krb5_apptag(20);
 
-  krb5_cleanup();
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_priv(const krb5_priv *rep, krb5_data **code)
 {
-  krb5_setup();
+    krb5_setup();
 
-  /* enc-part[3]       EncryptedData */
-  krb5_addfield(&(rep->enc_part),3,asn1_encode_encrypted_data);
+    /* enc-part[3]     EncryptedData */
+    krb5_addfield(&(rep->enc_part),3,asn1_encode_encrypted_data);
 
-  /* msg-type[1]       INTEGER */
-  krb5_addfield(ASN1_KRB_PRIV,1,asn1_encode_integer);
+    /* msg-type[1]     INTEGER */
+    krb5_addfield(ASN1_KRB_PRIV,1,asn1_encode_integer);
 
-  /* pvno[0]           INTEGER */
-  krb5_addfield(KVNO,0,asn1_encode_integer);
+    /* pvno[0]         INTEGER */
+    krb5_addfield(KVNO,0,asn1_encode_integer);
 
-  /* KRB-PRIV ::= [APPLICATION 21] SEQUENCE */
-  krb5_makeseq();
-  krb5_apptag(21);
+    /* KRB-PRIV ::= [APPLICATION 21] SEQUENCE */
+    krb5_makeseq();
+    krb5_apptag(21);
 
-  krb5_cleanup();
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_enc_priv_part(const krb5_priv_enc_part *rep, krb5_data **code)
 {
-  krb5_setup();
+    krb5_setup();
 
-  /* r-address[5]      HostAddress OPTIONAL -- recip's addr */
-  if(rep->r_address)
-    krb5_addfield(rep->r_address,5,asn1_encode_host_address);
+    /* r-address[5]    HostAddress OPTIONAL -- recip's addr */
+    if (rep->r_address)
+       krb5_addfield(rep->r_address,5,asn1_encode_host_address);
 
-  /* s-address[4]      HostAddress -- sender's addr */
-  krb5_addfield(rep->s_address,4,asn1_encode_host_address);
+    /* s-address[4]    HostAddress -- sender's addr */
+    krb5_addfield(rep->s_address,4,asn1_encode_host_address);
 
-  /* seq-number[3]     INTEGER OPTIONAL */
-  if(rep->seq_number)
-    krb5_addfield(rep->seq_number,3,asn1_encode_unsigned_integer);
+    /* seq-number[3]   INTEGER OPTIONAL */
+    if (rep->seq_number)
+       krb5_addfield(rep->seq_number,3,asn1_encode_unsigned_integer);
 
-  /* usec[2]           INTEGER OPTIONAL */
-  if(rep->timestamp){
-    krb5_addfield(rep->usec,2,asn1_encode_integer);
-    /* timestamp[1]    KerberosTime OPTIONAL */
-    krb5_addfield(rep->timestamp,1,asn1_encode_kerberos_time);
-  }
+    /* usec[2]         INTEGER OPTIONAL */
+    if (rep->timestamp) {
+       krb5_addfield(rep->usec,2,asn1_encode_integer);
+       /* timestamp[1] KerberosTime OPTIONAL */
+       krb5_addfield(rep->timestamp,1,asn1_encode_kerberos_time);
+    }
 
-  /* user-data[0]      OCTET STRING */
-  krb5_addlenfield(rep->user_data.length,rep->user_data.data,0,asn1_encode_charstring);
+    /* user-data[0]    OCTET STRING */
+    krb5_addlenfield(rep->user_data.length,rep->user_data.data,0,asn1_encode_charstring);
 
-  /* EncKrbPrivPart ::= [APPLICATION 28] SEQUENCE */
-  krb5_makeseq();
-  krb5_apptag(28);
+    /* EncKrbPrivPart ::= [APPLICATION 28] SEQUENCE */
+    krb5_makeseq();
+    krb5_apptag(28);
 
-  krb5_cleanup();
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_cred(const krb5_cred *rep, krb5_data **code)
 {
-  krb5_setup();
+    krb5_setup();
 
-  /* enc-part[3]       EncryptedData */
-  krb5_addfield(&(rep->enc_part),3,asn1_encode_encrypted_data);
+    /* enc-part[3]     EncryptedData */
+    krb5_addfield(&(rep->enc_part),3,asn1_encode_encrypted_data);
 
-  /* tickets[2]                SEQUENCE OF Ticket */
-  krb5_addfield((const krb5_ticket**)rep->tickets,2,asn1_encode_sequence_of_ticket);
+    /* tickets[2]              SEQUENCE OF Ticket */
+    krb5_addfield((const krb5_ticket**)rep->tickets,2,asn1_encode_sequence_of_ticket);
 
-  /* msg-type[1]       INTEGER, -- KRB_CRED */
-  krb5_addfield(ASN1_KRB_CRED,1,asn1_encode_integer);
+    /* msg-type[1]     INTEGER, -- KRB_CRED */
+    krb5_addfield(ASN1_KRB_CRED,1,asn1_encode_integer);
 
-  /* pvno[0]           INTEGER */
-  krb5_addfield(KVNO,0,asn1_encode_integer);
+    /* pvno[0]         INTEGER */
+    krb5_addfield(KVNO,0,asn1_encode_integer);
 
-  /* KRB-CRED ::= [APPLICATION 22] SEQUENCE */
-  krb5_makeseq();
-  krb5_apptag(22);
+    /* KRB-CRED ::= [APPLICATION 22] SEQUENCE */
+    krb5_makeseq();
+    krb5_apptag(22);
 
-  krb5_cleanup();
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_enc_cred_part(const krb5_cred_enc_part *rep, krb5_data **code)
 {
-  krb5_setup();
+    krb5_setup();
 
-  /* r-address[5]      HostAddress OPTIONAL */
-  if(rep->r_address != NULL)
-    krb5_addfield(rep->r_address,5,asn1_encode_host_address);
+    /* r-address[5]    HostAddress OPTIONAL */
+    if (rep->r_address != NULL)
+       krb5_addfield(rep->r_address,5,asn1_encode_host_address);
 
-  /* s-address[4]      HostAddress OPTIONAL */
-  if(rep->s_address != NULL)
-    krb5_addfield(rep->s_address,4,asn1_encode_host_address);
+    /* s-address[4]    HostAddress OPTIONAL */
+    if (rep->s_address != NULL)
+       krb5_addfield(rep->s_address,4,asn1_encode_host_address);
 
-  /* usec[3]           INTEGER OPTIONAL */
-  if(rep->timestamp){
-    krb5_addfield(rep->usec,3,asn1_encode_integer);
-    /* timestamp[2]    KerberosTime OPTIONAL */
-    krb5_addfield(rep->timestamp,2,asn1_encode_kerberos_time);
-  }
+    /* usec[3]         INTEGER OPTIONAL */
+    if (rep->timestamp) {
+       krb5_addfield(rep->usec,3,asn1_encode_integer);
+       /* timestamp[2] KerberosTime OPTIONAL */
+       krb5_addfield(rep->timestamp,2,asn1_encode_kerberos_time);
+    }
 
-  /* nonce[1]          INTEGER OPTIONAL */
-  if(rep->nonce)
-    krb5_addfield(rep->nonce,1,asn1_encode_integer);
+    /* nonce[1]                INTEGER OPTIONAL */
+    if (rep->nonce)
+       krb5_addfield(rep->nonce,1,asn1_encode_integer);
 
-  /* ticket-info[0]    SEQUENCE OF KrbCredInfo */
-  krb5_addfield((const krb5_cred_info**)rep->ticket_info,
-               0,asn1_encode_sequence_of_krb_cred_info);
+    /* ticket-info[0]  SEQUENCE OF KrbCredInfo */
+    krb5_addfield((const krb5_cred_info**)rep->ticket_info,
+                 0,asn1_encode_sequence_of_krb_cred_info);
 
-  /* EncKrbCredPart ::= [APPLICATION 29] SEQUENCE */
-  krb5_makeseq();
-  krb5_apptag(29);
+    /* EncKrbCredPart ::= [APPLICATION 29] SEQUENCE */
+    krb5_makeseq();
+    krb5_apptag(29);
 
-  krb5_cleanup();
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_error(const krb5_error *rep, krb5_data **code)
 {
-  krb5_setup();
+    krb5_setup();
 
-  /* e-data[12]                OCTET STRING OPTIONAL */
-  if(rep->e_data.data != NULL && rep->e_data.length > 0)
-    krb5_addlenfield(rep->e_data.length,rep->e_data.data,12,asn1_encode_charstring);
+    /* e-data[12]              OCTET STRING OPTIONAL */
+    if (rep->e_data.data != NULL && rep->e_data.length > 0)
+       krb5_addlenfield(rep->e_data.length,rep->e_data.data,12,asn1_encode_charstring);
 
-  /* e-text[11]                GeneralString OPTIONAL */
-  if(rep->text.data != NULL && rep->text.length > 0)
-    krb5_addlenfield(rep->text.length,rep->text.data,11,asn1_encode_generalstring);
+    /* e-text[11]              GeneralString OPTIONAL */
+    if (rep->text.data != NULL && rep->text.length > 0)
+       krb5_addlenfield(rep->text.length,rep->text.data,11,asn1_encode_generalstring);
 
-  /* sname[10]         PrincipalName -- Correct name */
-  krb5_addfield(rep->server,10,asn1_encode_principal_name);
+    /* sname[10]               PrincipalName -- Correct name */
+    krb5_addfield(rep->server,10,asn1_encode_principal_name);
 
-  /* realm[9]          Realm -- Correct realm */
-  krb5_addfield(rep->server,9,asn1_encode_realm);
+    /* realm[9]                Realm -- Correct realm */
+    krb5_addfield(rep->server,9,asn1_encode_realm);
 
-  /* cname[8]          PrincipalName OPTIONAL */
-  if(rep->client != NULL){
-    krb5_addfield(rep->client,8,asn1_encode_principal_name);
-    /* crealm[7]               Realm OPTIONAL */
-    krb5_addfield(rep->client,7,asn1_encode_realm);
-  }
+    /* cname[8]                PrincipalName OPTIONAL */
+    if (rep->client != NULL) {
+       krb5_addfield(rep->client,8,asn1_encode_principal_name);
+       /* crealm[7]            Realm OPTIONAL */
+       krb5_addfield(rep->client,7,asn1_encode_realm);
+    }
 
-  /* error-code[6]     INTEGER */
-  krb5_addfield(rep->error,6,asn1_encode_ui_4);
+    /* error-code[6]   INTEGER */
+    krb5_addfield(rep->error,6,asn1_encode_ui_4);
 
-  /* susec[5]          INTEGER */
-  krb5_addfield(rep->susec,5,asn1_encode_integer);
+    /* susec[5]                INTEGER */
+    krb5_addfield(rep->susec,5,asn1_encode_integer);
 
-  /* stime[4]          KerberosTime */
-  krb5_addfield(rep->stime,4,asn1_encode_kerberos_time);
+    /* stime[4]                KerberosTime */
+    krb5_addfield(rep->stime,4,asn1_encode_kerberos_time);
 
-  /* cusec[3]          INTEGER OPTIONAL */
-  if(rep->cusec)
-    krb5_addfield(rep->cusec,3,asn1_encode_integer);
+    /* cusec[3]                INTEGER OPTIONAL */
+    if (rep->cusec)
+       krb5_addfield(rep->cusec,3,asn1_encode_integer);
 
-  /* ctime[2]          KerberosTime OPTIONAL */
-  if(rep->ctime)
-    krb5_addfield(rep->ctime,2,asn1_encode_kerberos_time);
+    /* ctime[2]                KerberosTime OPTIONAL */
+    if (rep->ctime)
+       krb5_addfield(rep->ctime,2,asn1_encode_kerberos_time);
 
-  /* msg-type[1]       INTEGER */
-  krb5_addfield(ASN1_KRB_ERROR,1,asn1_encode_integer);
+    /* msg-type[1]     INTEGER */
+    krb5_addfield(ASN1_KRB_ERROR,1,asn1_encode_integer);
 
-  /* pvno[0]           INTEGER */
-  krb5_addfield(KVNO,0,asn1_encode_integer);
+    /* pvno[0]         INTEGER */
+    krb5_addfield(KVNO,0,asn1_encode_integer);
 
-  /* KRB-ERROR ::= [APPLICATION 30] SEQUENCE */
-  krb5_makeseq();
-  krb5_apptag(30);
+    /* KRB-ERROR ::= [APPLICATION 30] SEQUENCE */
+    krb5_makeseq();
+    krb5_apptag(30);
 
-  krb5_cleanup();
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_authdata(const krb5_authdata **rep, krb5_data **code)
 {
-  asn1_error_code retval;
-  asn1buf *buf=NULL;
-  unsigned int length;
+    asn1_error_code retval;
+    asn1buf *buf=NULL;
+    unsigned int length;
   
-  if(rep == NULL) return ASN1_MISSING_FIELD;
+    if (rep == NULL) return ASN1_MISSING_FIELD;
 
-  retval = asn1buf_create(&buf);
-  if(retval) return retval;
+    retval = asn1buf_create(&buf);
+    if (retval) return retval;
 
-  retval = asn1_encode_authorization_data(buf,(const krb5_authdata**)rep,
-                                         &length);
-  if(retval) return retval;
+    retval = asn1_encode_authorization_data(buf,(const krb5_authdata**)rep,
+                                           &length);
+    if (retval) return retval;
 
-  krb5_cleanup();
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_authdata_elt(const krb5_authdata *rep, krb5_data **code)
 {
-  asn1_error_code retval;
-  asn1buf *buf=NULL;
-  unsigned int length;
+    asn1_error_code retval;
+    asn1buf *buf=NULL;
+    unsigned int length;
   
-  if(rep == NULL) return ASN1_MISSING_FIELD;
+    if (rep == NULL) return ASN1_MISSING_FIELD;
 
-  retval = asn1buf_create(&buf);
-  if(retval) return retval;
+    retval = asn1buf_create(&buf);
+    if (retval) return retval;
 
-  retval = asn1_encode_krb5_authdata_elt(buf,rep, &length);
-  if(retval) return retval;
+    retval = asn1_encode_krb5_authdata_elt(buf,rep, &length);
+    if (retval) return retval;
 
-  krb5_cleanup();
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_alt_method(const krb5_alt_method *rep, krb5_data **code)
 {
-  krb5_setup();
+    krb5_setup();
 
-  /* method-data[1]            OctetString OPTIONAL */
-  if(rep->data != NULL && rep->length > 0)
-    krb5_addlenfield(rep->length,rep->data,1,asn1_encode_octetstring);
+    /* method-data[1]          OctetString OPTIONAL */
+    if (rep->data != NULL && rep->length > 0)
+       krb5_addlenfield(rep->length,rep->data,1,asn1_encode_octetstring);
 
-  /* method-type[0]            Integer */
-  krb5_addfield(rep->method,0,asn1_encode_integer);
+    /* method-type[0]          Integer */
+    krb5_addfield(rep->method,0,asn1_encode_integer);
 
-  krb5_makeseq();
+    krb5_makeseq();
 
-  krb5_cleanup();
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_etype_info(const krb5_etype_info_entry **rep, krb5_data **code)
 {
-  krb5_setup();
-  retval = asn1_encode_etype_info(buf,rep,&length, 0);
-  if(retval) return retval;
-  sum += length;
-  krb5_cleanup();
+    krb5_setup();
+    retval = asn1_encode_etype_info(buf,rep,&length, 0);
+    if (retval) return retval;
+    sum += length;
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_etype_info2(const krb5_etype_info_entry **rep, krb5_data **code)
 {
-  krb5_setup();
-  retval = asn1_encode_etype_info(buf,rep,&length, 1);
-  if(retval) return retval;
-  sum += length;
-  krb5_cleanup();
+    krb5_setup();
+    retval = asn1_encode_etype_info(buf,rep,&length, 1);
+    if (retval) return retval;
+    sum += length;
+    krb5_cleanup();
 }
   
 
 krb5_error_code encode_krb5_enc_data(const krb5_enc_data *rep, krb5_data **code)
 {
-  krb5_setup();
+    krb5_setup();
 
-  retval = asn1_encode_encrypted_data(buf,rep,&length);
-  if(retval) return retval;
-  sum += length;
+    retval = asn1_encode_encrypted_data(buf,rep,&length);
+    if (retval) return retval;
+    sum += length;
 
-  krb5_cleanup();
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_pa_enc_ts(const krb5_pa_enc_ts *rep, krb5_data **code)
 {
-  krb5_setup();
+    krb5_setup();
 
-  /* pausec[1]                    INTEGER OPTIONAL */
-  if (rep->pausec)
-         krb5_addfield(rep->pausec,1,asn1_encode_integer);
+    /* pausec[1]                    INTEGER OPTIONAL */
+    if (rep->pausec)
+       krb5_addfield(rep->pausec,1,asn1_encode_integer);
 
-  /* patimestamp[0]               KerberosTime, -- client's time */
-  krb5_addfield(rep->patimestamp,0,asn1_encode_kerberos_time);
+    /* patimestamp[0]               KerberosTime, -- client's time */
+    krb5_addfield(rep->patimestamp,0,asn1_encode_kerberos_time);
 
-  krb5_makeseq();
+    krb5_makeseq();
 
-  krb5_cleanup();
+    krb5_cleanup();
 }
 
 /* Sandia Additions */
 krb5_error_code encode_krb5_pwd_sequence(const passwd_phrase_element *rep, krb5_data **code)
 {
-  krb5_setup();
-  retval = asn1_encode_passwdsequence(buf,rep,&length);
-  if(retval) return retval;
-  sum += length;
-  krb5_cleanup();
+    krb5_setup();
+    retval = asn1_encode_passwdsequence(buf,rep,&length);
+    if (retval) return retval;
+    sum += length;
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_pwd_data(const krb5_pwd_data *rep, krb5_data **code)
 {
-  krb5_setup();
-  krb5_addfield((const passwd_phrase_element**)rep->element,1,asn1_encode_sequence_of_passwdsequence);
-  krb5_addfield(rep->sequence_count,0,asn1_encode_integer);
-  krb5_makeseq();
-  krb5_cleanup();
+    krb5_setup();
+    krb5_addfield((const passwd_phrase_element**)rep->element,1,asn1_encode_sequence_of_passwdsequence);
+    krb5_addfield(rep->sequence_count,0,asn1_encode_integer);
+    krb5_makeseq();
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_padata_sequence(const krb5_pa_data **rep, krb5_data **code)
 {
-  krb5_setup();
+    krb5_setup();
 
-  retval = asn1_encode_sequence_of_pa_data(buf,rep,&length);
-  if(retval) return retval;
-  sum += length;
+    retval = asn1_encode_sequence_of_pa_data(buf,rep,&length);
+    if (retval) return retval;
+    sum += length;
 
-  krb5_cleanup();
+    krb5_cleanup();
 }
 
 /* sam preauth additions */
 krb5_error_code encode_krb5_sam_challenge(const krb5_sam_challenge *rep, krb5_data **code)
 {
-  krb5_setup();
-  retval = asn1_encode_sam_challenge(buf,rep,&length);
-  if(retval) return retval;
-  sum += length;
-  krb5_cleanup();
+    krb5_setup();
+    retval = asn1_encode_sam_challenge(buf,rep,&length);
+    if (retval) return retval;
+    sum += length;
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_sam_challenge_2(const krb5_sam_challenge_2 *rep, krb5_data **code)
 {
-  krb5_setup();
-  retval = asn1_encode_sam_challenge_2(buf,rep,&length);
-  if(retval) return retval;
-  sum += length;
-  krb5_cleanup();
+    krb5_setup();
+    retval = asn1_encode_sam_challenge_2(buf,rep,&length);
+    if (retval) return retval;
+    sum += length;
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_sam_challenge_2_body(const krb5_sam_challenge_2_body *rep, krb5_data **code)
 {
-  krb5_setup();
-  retval = asn1_encode_sam_challenge_2_body(buf,rep,&length);
-  if(retval) return retval;
-  sum += length;
-  krb5_cleanup();
+    krb5_setup();
+    retval = asn1_encode_sam_challenge_2_body(buf,rep,&length);
+    if (retval) return retval;
+    sum += length;
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_sam_key(const krb5_sam_key *rep, krb5_data **code)
 {
-  krb5_setup();
-  retval = asn1_encode_sam_key(buf,rep,&length);
-  if(retval) return retval;
-  sum += length;
-  krb5_cleanup();
+    krb5_setup();
+    retval = asn1_encode_sam_key(buf,rep,&length);
+    if (retval) return retval;
+    sum += length;
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_enc_sam_response_enc(const krb5_enc_sam_response_enc *rep, krb5_data **code)
 {
-  krb5_setup();
-  retval = asn1_encode_enc_sam_response_enc(buf,rep,&length);
-  if(retval) return retval;
-  sum += length;
-  krb5_cleanup();
+    krb5_setup();
+    retval = asn1_encode_enc_sam_response_enc(buf,rep,&length);
+    if (retval) return retval;
+    sum += length;
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_enc_sam_response_enc_2(const krb5_enc_sam_response_enc_2 *rep, krb5_data **code)
 {
-  krb5_setup();
-  retval = asn1_encode_enc_sam_response_enc_2(buf,rep,&length);
-  if(retval) return retval;
-  sum += length;
-  krb5_cleanup();
+    krb5_setup();
+    retval = asn1_encode_enc_sam_response_enc_2(buf,rep,&length);
+    if (retval) return retval;
+    sum += length;
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_sam_response(const krb5_sam_response *rep, krb5_data **code)
 {
-  krb5_setup();
-  retval = asn1_encode_sam_response(buf,rep,&length);
-  if(retval) return retval;
-  sum += length;
-  krb5_cleanup();
+    krb5_setup();
+    retval = asn1_encode_sam_response(buf,rep,&length);
+    if (retval) return retval;
+    sum += length;
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_sam_response_2(const krb5_sam_response_2 *rep, krb5_data **code)
 {
-  krb5_setup();
-  retval = asn1_encode_sam_response_2(buf,rep,&length);
-  if(retval) return retval;
-  sum += length;
-  krb5_cleanup();
+    krb5_setup();
+    retval = asn1_encode_sam_response_2(buf,rep,&length);
+    if (retval) return retval;
+    sum += length;
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_predicted_sam_response(const krb5_predicted_sam_response *rep, krb5_data **code)
 {
-  krb5_setup();
-  retval = asn1_encode_predicted_sam_response(buf,rep,&length);
-  if(retval) return retval;
-  sum += length;
-  krb5_cleanup();
+    krb5_setup();
+    retval = asn1_encode_predicted_sam_response(buf,rep,&length);
+    if (retval) return retval;
+    sum += length;
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_setpw_req(const krb5_principal target,
                                      char *password, krb5_data **code)
 {
-  /* Macros really want us to have a variable called rep which we do not need*/
-  const char *rep = "dummy string";
+    /* Macros really want us to have a variable called rep which we do not need*/
+    const char *rep = "dummy string";
 
-  krb5_setup();
+    krb5_setup();
 
-  krb5_addfield(target,2,asn1_encode_realm);
-  krb5_addfield(target,1,asn1_encode_principal_name);
-  krb5_addlenfield(strlen(password), password,0,asn1_encode_octetstring);
-  krb5_makeseq();
+    krb5_addfield(target,2,asn1_encode_realm);
+    krb5_addfield(target,1,asn1_encode_principal_name);
+    krb5_addlenfield(strlen(password), password,0,asn1_encode_octetstring);
+    krb5_makeseq();
 
 
-  krb5_cleanup();
+    krb5_cleanup();
 }
 
 #ifndef DISABLE_PKINIT
 krb5_error_code encode_krb5_pa_pk_as_req(const krb5_pa_pk_as_req *rep, krb5_data **code)
 {
-  krb5_setup();
-  retval = asn1_encode_pa_pk_as_req(buf,rep,&length);
-  if(retval) return retval;
-  sum += length;
-  krb5_cleanup();
+    krb5_setup();
+    retval = asn1_encode_pa_pk_as_req(buf,rep,&length);
+    if (retval) return retval;
+    sum += length;
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_pa_pk_as_req_draft9(const krb5_pa_pk_as_req_draft9 *rep, krb5_data **code)
 {
-  krb5_setup();
-  retval = asn1_encode_pa_pk_as_req_draft9(buf,rep,&length);
-  if(retval) return retval;
-  sum += length;
-  krb5_cleanup();
+    krb5_setup();
+    retval = asn1_encode_pa_pk_as_req_draft9(buf,rep,&length);
+    if (retval) return retval;
+    sum += length;
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_pa_pk_as_rep(const krb5_pa_pk_as_rep *rep, krb5_data **code)
 {
-  krb5_setup();
-  retval = asn1_encode_pa_pk_as_rep(buf,rep,&length);
-  if(retval) return retval;
-  sum += length;
-  krb5_cleanup();
+    krb5_setup();
+    retval = asn1_encode_pa_pk_as_rep(buf,rep,&length);
+    if (retval) return retval;
+    sum += length;
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_pa_pk_as_rep_draft9(const krb5_pa_pk_as_rep_draft9 *rep, krb5_data **code)
 {
-  krb5_setup();
-  retval = asn1_encode_pa_pk_as_rep_draft9(buf,rep,&length);
-  if(retval) return retval;
-  sum += length;
-  krb5_cleanup();
+    krb5_setup();
+    retval = asn1_encode_pa_pk_as_rep_draft9(buf,rep,&length);
+    if (retval) return retval;
+    sum += length;
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_auth_pack(const krb5_auth_pack *rep, krb5_data **code)
 {
-  krb5_setup();
-  retval = asn1_encode_auth_pack(buf,rep,&length);
-  if(retval) return retval;
-  sum += length;
-  krb5_cleanup();
+    krb5_setup();
+    retval = asn1_encode_auth_pack(buf,rep,&length);
+    if (retval) return retval;
+    sum += length;
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_auth_pack_draft9(const krb5_auth_pack_draft9 *rep, krb5_data **code)
 {
-  krb5_setup();
-  retval = asn1_encode_auth_pack_draft9(buf,rep,&length);
-  if(retval) return retval;
-  sum += length;
-  krb5_cleanup();
+    krb5_setup();
+    retval = asn1_encode_auth_pack_draft9(buf,rep,&length);
+    if (retval) return retval;
+    sum += length;
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_kdc_dh_key_info(const krb5_kdc_dh_key_info *rep, krb5_data **code)
 {
-  krb5_setup();
-  retval = asn1_encode_kdc_dh_key_info(buf,rep,&length);
-  if(retval) return retval;
-  sum += length;
-  krb5_cleanup();
+    krb5_setup();
+    retval = asn1_encode_kdc_dh_key_info(buf,rep,&length);
+    if (retval) return retval;
+    sum += length;
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_reply_key_pack(const krb5_reply_key_pack *rep, krb5_data **code)
 {
-  krb5_setup();
-  retval = asn1_encode_reply_key_pack(buf,rep,&length);
-  if(retval) return retval;
-  sum += length;
-  krb5_cleanup();
+    krb5_setup();
+    retval = asn1_encode_reply_key_pack(buf,rep,&length);
+    if (retval) return retval;
+    sum += length;
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_reply_key_pack_draft9(const krb5_reply_key_pack_draft9 *rep, krb5_data **code)
 {
-  krb5_setup();
-  retval = asn1_encode_reply_key_pack_draft9(buf,rep,&length);
-  if(retval) return retval;
-  sum += length;
-  krb5_cleanup();
+    krb5_setup();
+    retval = asn1_encode_reply_key_pack_draft9(buf,rep,&length);
+    if (retval) return retval;
+    sum += length;
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_td_trusted_certifiers(const krb5_external_principal_identifier **rep, krb5_data **code)
 {
-  krb5_setup();
-  retval = asn1_encode_td_trusted_certifiers(buf,rep,&length);
-  if(retval) return retval;
-  sum += length;
-  krb5_cleanup();
+    krb5_setup();
+    retval = asn1_encode_td_trusted_certifiers(buf,rep,&length);
+    if (retval) return retval;
+    sum += length;
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_typed_data(const krb5_typed_data **rep, krb5_data **code)
 {
-  krb5_setup();
-  retval = asn1_encode_sequence_of_typed_data(buf,rep,&length);
-  if(retval) return retval;
-  sum += length;
-  krb5_cleanup();
+    krb5_setup();
+    retval = asn1_encode_sequence_of_typed_data(buf,rep,&length);
+    if (retval) return retval;
+    sum += length;
+    krb5_cleanup();
 }
 
 krb5_error_code encode_krb5_td_dh_parameters(const krb5_algorithm_identifier **rep, krb5_data **code)
 {
-  krb5_setup();
-  retval = asn1_encode_sequence_of_algorithm_identifier(buf,rep,&length);
-  if(retval) return retval;
-  sum += length;
-  krb5_cleanup();
+    krb5_setup();
+    retval = asn1_encode_sequence_of_algorithm_identifier(buf,rep,&length);
+    if (retval) return retval;
+    sum += length;
+    krb5_cleanup();
 }
 #endif /* DISABLE_PKINIT */
index 7518b16e5fa72bf669e63ff95271a9cb2d397979..e18739cb504ea94b3ab5ce8c343239b3ef35663e 100644 (file)
@@ -341,7 +341,8 @@ static asn1_error_code asn1_decode_key(asn1buf *buf, krb5_key_data *key)
 
        if (asn1buf_remains(&slt, 0) != 0) { /* Salt value is optional */
            ret = decode_tagged_octetstring (&slt, 1, &keylen,
-                   &key->key_data_contents[1]); checkerr;
+                                            &key->key_data_contents[1]);
+           checkerr;
        } else
            keylen = 0;
        safe_syncbuf (&subbuf, &slt, salt_buflen);