Untabify; trim trailing whitespace; add emacs local variables to avoid tabs
authorKen Raeburn <raeburn@mit.edu>
Tue, 9 Sep 2008 21:23:35 +0000 (21:23 +0000)
committerKen Raeburn <raeburn@mit.edu>
Tue, 9 Sep 2008 21:23:35 +0000 (21:23 +0000)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20711 dc483132-0cff-0310-8789-dd5450dbe970

21 files changed:
src/lib/krb5/asn.1/asn1_decode.c
src/lib/krb5/asn.1/asn1_decode.h
src/lib/krb5/asn.1/asn1_encode.c
src/lib/krb5/asn.1/asn1_encode.h
src/lib/krb5/asn.1/asn1_get.c
src/lib/krb5/asn.1/asn1_get.h
src/lib/krb5/asn.1/asn1_k_decode.c
src/lib/krb5/asn.1/asn1_k_decode.h
src/lib/krb5/asn.1/asn1_k_encode.c
src/lib/krb5/asn.1/asn1_k_encode.h
src/lib/krb5/asn.1/asn1_make.c
src/lib/krb5/asn.1/asn1_make.h
src/lib/krb5/asn.1/asn1_misc.c
src/lib/krb5/asn.1/asn1_misc.h
src/lib/krb5/asn.1/asn1buf.c
src/lib/krb5/asn.1/asn1buf.h
src/lib/krb5/asn.1/asn1glue.h
src/lib/krb5/asn.1/krb5_decode.c
src/lib/krb5/asn.1/krb5_encode.c
src/lib/krb5/asn.1/krbasn1.h
src/lib/krb5/asn.1/ldap_key_seq.c

index dffd93b44a02bd6fe8acf2f5094326a9bd4f3bb5..62c04270614c5d0df526f3614a2d6590246d025a 100644 (file)
@@ -1,6 +1,7 @@
+/* -*- mode: c; indent-tabs-mode: nil -*- */
 /*
  * src/lib/krb5/asn.1/asn1_decode.c
- * 
+ *
  * Copyright 1994, 2003 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
@@ -8,7 +9,7 @@
  *   require a specific license from the United States Government.
  *   It is the responsibility of any person or organization contemplating
  *   export to obtain such a license before exporting.
- * 
+ *
  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
  * distribute this software and its documentation for any purpose and
  * without fee is hereby granted, provided that the above copyright
 asn1_error_code retval;\
 taginfo tinfo
 
-#define asn1class      (tinfo.asn1class)
-#define construction   (tinfo.construction)
-#define tagnum         (tinfo.tagnum)
-#define length         (tinfo.length)
+#define asn1class       (tinfo.asn1class)
+#define construction    (tinfo.construction)
+#define tagnum          (tinfo.tagnum)
+#define length          (tinfo.length)
 
 #define tag(type)\
 retval = asn1_get_tag_2(buf,&tinfo);\
 if (retval) return retval;\
 if (asn1class != UNIVERSAL || construction != PRIMITIVE || tagnum != type)\
   return ASN1_BAD_ID
-  
+
 #define cleanup()\
 return 0
 
@@ -66,16 +67,16 @@ asn1_error_code asn1_decode_integer(asn1buf *buf, long int *val)
     tag(ASN1_INTEGER);
 
     for (i = 0; i < length; i++) {
-       retval = asn1buf_remove_octet(buf, &o);
-       if (retval) return retval;
-       if (!i) {
-           n = (0x80 & o) ? -1 : 0;    /* grab sign bit */
-           if (n < 0 && length > sizeof (long))
-               return ASN1_OVERFLOW;
-           else if (length > sizeof (long) + 1) /* allow extra octet for positive */
-               return ASN1_OVERFLOW;
-       }
-       n = (n << 8) | o;
+        retval = asn1buf_remove_octet(buf, &o);
+        if (retval) return retval;
+        if (!i) {
+            n = (0x80 & o) ? -1 : 0;    /* grab sign bit */
+            if (n < 0 && length > sizeof (long))
+                return ASN1_OVERFLOW;
+            else if (length > sizeof (long) + 1) /* allow extra octet for positive */
+                return ASN1_OVERFLOW;
+        }
+        n = (n << 8) | o;
     }
     *val = n;
     cleanup();
@@ -91,15 +92,15 @@ asn1_error_code asn1_decode_unsigned_integer(asn1buf *buf, long unsigned int *va
     tag(ASN1_INTEGER);
 
     for (i = 0, n = 0; i < length; i++) {
-       retval = asn1buf_remove_octet(buf, &o);
-       if (retval) return retval;
-       if (!i) {
-           if (0x80 & o)
-               return ASN1_OVERFLOW;
-           else if (length > sizeof (long) + 1)
-               return ASN1_OVERFLOW;
-       }
-       n = (n << 8) | o;
+        retval = asn1buf_remove_octet(buf, &o);
+        if (retval) return retval;
+        if (!i) {
+            if (0x80 & o)
+                return ASN1_OVERFLOW;
+            else if (length > sizeof (long) + 1)
+                return ASN1_OVERFLOW;
+        }
+        n = (n << 8) | o;
     }
     *val = n;
     cleanup();
@@ -127,23 +128,23 @@ asn1_error_code asn1_decode_maybe_unsigned(asn1buf *buf, unsigned long *val)
     n = 0;
     bitsremain = ~0UL;
     for (i = 0; i < length; i++) {
-       /* Accounts for u_long width not being a multiple of 8. */
-       if (bitsremain < 0xff) return ASN1_OVERFLOW;
-       retval = asn1buf_remove_octet(buf, &o);
-       if (retval) return retval;
-       if (bitsremain == ~0UL) {
-           if (i == 0)
-               n = (o & 0x80) ? ~0UL : 0UL; /* grab sign bit */
-           /*
-            * Skip leading zero or 0xFF octets to humor non-compliant encoders.
-            */
-           if (n == 0 && o == 0)
-               continue;
-           if (n == ~0UL && o == 0xff)
-               continue;
-       }
-       n = (n << 8) | o;
-       bitsremain >>= 8;
+        /* Accounts for u_long width not being a multiple of 8. */
+        if (bitsremain < 0xff) return ASN1_OVERFLOW;
+        retval = asn1buf_remove_octet(buf, &o);
+        if (retval) return retval;
+        if (bitsremain == ~0UL) {
+            if (i == 0)
+                n = (o & 0x80) ? ~0UL : 0UL; /* grab sign bit */
+            /*
+             * Skip leading zero or 0xFF octets to humor non-compliant encoders.
+             */
+            if (n == 0 && o == 0)
+                continue;
+            if (n == ~0UL && o == 0xff)
+                continue;
+        }
+        n = (n << 8) | o;
+        bitsremain >>= 8;
     }
     *val = n;
     cleanup();
@@ -232,17 +233,17 @@ asn1_error_code asn1_decode_generaltime(asn1buf *buf, time_t *val)
     retval = asn1buf_remove_charstring(buf,15,&s);
     /* Time encoding: YYYYMMDDhhmmssZ */
     if (s[14] != 'Z') {
-       free(s);
-       return ASN1_BAD_FORMAT;
+        free(s);
+        return ASN1_BAD_FORMAT;
     }
     if (s[0] == '1' && !memcmp("19700101000000Z", s, 15)) {
-       t = 0;
-       free(s);
-       goto done;
+        t = 0;
+        free(s);
+        goto done;
     }
 #define c2i(c) ((c)-'0')
     ts.tm_year = 1000*c2i(s[0]) + 100*c2i(s[1]) + 10*c2i(s[2]) + c2i(s[3])
-       - 1900;
+        - 1900;
     ts.tm_mon = 10*c2i(s[4]) + c2i(s[5]) - 1;
     ts.tm_mday = 10*c2i(s[6]) + c2i(s[7]);
     ts.tm_hour = 10*c2i(s[8]) + c2i(s[9]);
index cafbf3fd34846e49a997f8bebbfc651c852103ff..373826ceb6b5a5dd23c253346896fb39945c5d01 100644 (file)
@@ -1,6 +1,7 @@
+/* -*- mode: c; indent-tabs-mode: nil -*- */
 /*
  * src/lib/krb5/asn.1/asn1_decode.h
- * 
+ *
  * Copyright 1994 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
@@ -8,7 +9,7 @@
  *   require a specific license from the United States Government.
  *   It is the responsibility of any person or organization contemplating
  *   export to obtain such a license before exporting.
- * 
+ *
  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
  * distribute this software and its documentation for any purpose and
  * without fee is hereby granted, provided that the above copyright
    modifies  *buf, *len
    effects   Decodes the octet string in *buf into *val.
              Returns ENOMEM if memory is exhausted.
-            Returns asn1 errors. */
+             Returns asn1 errors. */
 
 asn1_error_code asn1_decode_integer
-       (asn1buf *buf, long *val);
+        (asn1buf *buf, long *val);
 asn1_error_code asn1_decode_unsigned_integer
-       (asn1buf *buf, unsigned long *val);
+        (asn1buf *buf, unsigned long *val);
 asn1_error_code asn1_decode_maybe_unsigned
-       (asn1buf *buf, unsigned long *val);
+        (asn1buf *buf, unsigned long *val);
 asn1_error_code asn1_decode_null
-       (asn1buf *buf);
+        (asn1buf *buf);
 
 asn1_error_code asn1_decode_oid
-       (asn1buf *buf, unsigned int *retlen, asn1_octet **val);
+        (asn1buf *buf, unsigned int *retlen, asn1_octet **val);
 asn1_error_code asn1_decode_octetstring
-       (asn1buf *buf, unsigned int *retlen, asn1_octet **val);
+        (asn1buf *buf, unsigned int *retlen, asn1_octet **val);
 asn1_error_code asn1_decode_generalstring
-       (asn1buf *buf, unsigned int *retlen, char **val);
+        (asn1buf *buf, unsigned int *retlen, char **val);
 asn1_error_code asn1_decode_charstring
-       (asn1buf *buf, unsigned int *retlen, char **val);
+        (asn1buf *buf, unsigned int *retlen, char **val);
 /* Note: A charstring is a special hack to account for the fact that
          krb5 structures store some OCTET STRING values in krb5_octet
-        arrays and others in krb5_data structures 
-        (which use char arrays).
-        From the ASN.1 point of view, the two string types are the same,
-        only the receptacles differ. */
+         arrays and others in krb5_data structures
+         (which use char arrays).
+         From the ASN.1 point of view, the two string types are the same,
+         only the receptacles differ. */
 asn1_error_code asn1_decode_printablestring
-       (asn1buf *buf, int *retlen, char **val);
+        (asn1buf *buf, int *retlen, char **val);
 asn1_error_code asn1_decode_ia5string
-       (asn1buf *buf, int *retlen, char **val);
+        (asn1buf *buf, int *retlen, char **val);
 
 asn1_error_code asn1_decode_generaltime
-       (asn1buf *buf, time_t *val);
+        (asn1buf *buf, time_t *val);
 
 #endif
index add932ecb181edea893064ef11cc3124f4a7023a..d55e1832f38502a8773323b2de03ebfdade2cff4 100644 (file)
@@ -1,6 +1,7 @@
+/* -*- mode: c; indent-tabs-mode: nil -*- */
 /*
  * src/lib/krb5/asn.1/asn1_encode.c
- * 
+ *
  * Copyright 1994 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
@@ -8,7 +9,7 @@
  *   require a specific license from the United States Government.
  *   It is the responsibility of any person or organization contemplating
  *   export to obtain such a license before exporting.
- * 
+ *
  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
  * distribute this software and its documentation for any purpose and
  * without fee is hereby granted, provided that the above copyright
 #include "asn1_make.h"
 
 static asn1_error_code asn1_encode_integer_internal(asn1buf *buf,  long val,
-                                                   unsigned int *retlen)
+                                                    unsigned int *retlen)
 {
     asn1_error_code retval;
     unsigned int length = 0;
     long valcopy;
     int digit;
-  
+
     valcopy = val;
     do {
-       digit = (int) (valcopy&0xFF);
-       retval = asn1buf_insert_octet(buf,(asn1_octet) digit);
-       if (retval) return retval;
-       length++;
-       valcopy = valcopy >> 8;
+        digit = (int) (valcopy&0xFF);
+        retval = asn1buf_insert_octet(buf,(asn1_octet) digit);
+        if (retval) return retval;
+        length++;
+        valcopy = valcopy >> 8;
     } while (valcopy != 0 && valcopy != ~0);
 
     if ((val > 0) && ((digit&0x80) == 0x80)) { /* make sure the high bit is */
-       retval = asn1buf_insert_octet(buf,0); /* of the proper signed-ness */
-       if (retval) return retval;
-       length++;
+        retval = asn1buf_insert_octet(buf,0); /* of the proper signed-ness */
+        if (retval) return retval;
+        length++;
     } else if ((val < 0) && ((digit&0x80) != 0x80)) {
-       retval = asn1buf_insert_octet(buf,0xFF);
-       if (retval) return retval;
-       length++;
+        retval = asn1buf_insert_octet(buf,0xFF);
+        if (retval) return retval;
+        length++;
     }
 
 
@@ -62,7 +63,7 @@ static asn1_error_code asn1_encode_integer_internal(asn1buf *buf,  long val,
 }
 
 asn1_error_code asn1_encode_integer(asn1buf * buf,  long val,
-                                   unsigned int *retlen)
+                                    unsigned int *retlen)
 {
     asn1_error_code retval;
     unsigned int length = 0;
@@ -71,7 +72,7 @@ asn1_error_code asn1_encode_integer(asn1buf * buf,  long val,
     if (retval) return retval;
 
     length = partlen;
-    retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_INTEGER,length, &partlen); 
+    retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_INTEGER,length, &partlen);
     if (retval) return retval;
     length += partlen;
 
@@ -81,7 +82,7 @@ asn1_error_code asn1_encode_integer(asn1buf * buf,  long val,
 
 asn1_error_code
 asn1_encode_enumerated(asn1buf * buf, long val,
-                      unsigned int *retlen)
+                       unsigned int *retlen)
 {
     asn1_error_code retval;
     unsigned int length = 0;
@@ -90,7 +91,7 @@ asn1_encode_enumerated(asn1buf * buf, long val,
     if (retval) return retval;
 
     length = partlen;
-    retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_ENUMERATED,length, &partlen); 
+    retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_ENUMERATED,length, &partlen);
     if (retval) return retval;
     length += partlen;
 
@@ -99,30 +100,30 @@ asn1_encode_enumerated(asn1buf * buf, long val,
 }
 
 asn1_error_code asn1_encode_unsigned_integer(asn1buf *buf, unsigned long val,
-                                            unsigned int *retlen)
+                                             unsigned int *retlen)
 {
     asn1_error_code retval;
     unsigned int length = 0;
     unsigned int partlen;
     unsigned long valcopy;
     int digit;
-  
+
     valcopy = val;
     do {
-       digit = (int) (valcopy&0xFF);
-       retval = asn1buf_insert_octet(buf,(asn1_octet) digit);
-       if (retval) return retval;
-       length++;
-       valcopy = valcopy >> 8;
+        digit = (int) (valcopy&0xFF);
+        retval = asn1buf_insert_octet(buf,(asn1_octet) digit);
+        if (retval) return retval;
+        length++;
+        valcopy = valcopy >> 8;
     } while (valcopy != 0 && valcopy != ~0);
 
-    if (digit&0x80) {                    /* make sure the high bit is */
-       retval = asn1buf_insert_octet(buf,0); /* of the proper signed-ness */
-       if (retval) return retval;
-       length++;
+    if (digit&0x80) {                     /* make sure the high bit is */
+        retval = asn1buf_insert_octet(buf,0); /* of the proper signed-ness */
+        if (retval) return retval;
+        length++;
     }
 
-    retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_INTEGER,length, &partlen); 
+    retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_INTEGER,length, &partlen);
     if (retval) return retval;
     length += partlen;
 
@@ -131,8 +132,8 @@ asn1_error_code asn1_encode_unsigned_integer(asn1buf *buf, unsigned long val,
 }
 
 asn1_error_code asn1_encode_oid(asn1buf *buf, unsigned int len,
-                               const asn1_octet *val,
-                               unsigned int *retlen)
+                                const asn1_octet *val,
+                                unsigned int *retlen)
 {
     asn1_error_code retval;
     unsigned int length;
@@ -140,7 +141,7 @@ asn1_error_code asn1_encode_oid(asn1buf *buf, unsigned int len,
     retval = asn1buf_insert_octetstring(buf, len, val);
     if (retval) return retval;
     retval = asn1_make_tag(buf, UNIVERSAL, PRIMITIVE, ASN1_OBJECTIDENTIFIER,
-                          len, &length);
+                           len, &length);
     if (retval) return retval;
 
     *retlen = len + length;
@@ -148,8 +149,8 @@ asn1_error_code asn1_encode_oid(asn1buf *buf, unsigned int len,
 }
 
 asn1_error_code asn1_encode_octetstring(asn1buf *buf, unsigned int len,
-                                       const asn1_octet *val,
-                                       unsigned int *retlen)
+                                        const asn1_octet *val,
+                                        unsigned int *retlen)
 {
     asn1_error_code retval;
     unsigned int length;
@@ -164,7 +165,7 @@ asn1_error_code asn1_encode_octetstring(asn1buf *buf, unsigned int len,
 }
 
 asn1_error_code asn1_encode_charstring(asn1buf *buf, unsigned int len,
-                                      const char *val, unsigned int *retlen)
+                                       const char *val, unsigned int *retlen)
 {
     asn1_error_code retval;
     unsigned int length;
@@ -181,7 +182,7 @@ asn1_error_code asn1_encode_charstring(asn1buf *buf, unsigned int len,
 asn1_error_code asn1_encode_null(asn1buf *buf, int *retlen)
 {
     asn1_error_code retval;
-  
+
     retval = asn1buf_insert_octet(buf,0x00);
     if (retval) return retval;
     retval = asn1buf_insert_octet(buf,0x05);
@@ -192,14 +193,14 @@ asn1_error_code asn1_encode_null(asn1buf *buf, int *retlen)
 }
 
 asn1_error_code asn1_encode_printablestring(asn1buf *buf, unsigned int len,
-                                           const char *val, int *retlen)
+                                            const char *val, int *retlen)
 {
     asn1_error_code retval;
     unsigned int length;
 
     retval = asn1buf_insert_charstring(buf,len,val);
     if (retval) return retval;
-    retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_PRINTABLESTRING,len,                    &length);
+    retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_PRINTABLESTRING,len,                     &length);
     if (retval) return retval;
 
     *retlen = len + length;
@@ -207,14 +208,14 @@ asn1_error_code asn1_encode_printablestring(asn1buf *buf, unsigned int len,
 }
 
 asn1_error_code asn1_encode_ia5string(asn1buf *buf, unsigned int len,
-                                     const char *val, int *retlen)
+                                      const char *val, int *retlen)
 {
     asn1_error_code retval;
     unsigned int length;
 
     retval = asn1buf_insert_charstring(buf,len,val);
     if (retval) return retval;
-    retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_IA5STRING,len,                  &length);
+    retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_IA5STRING,len,                   &length);
     if (retval) return retval;
 
     *retlen = len + length;
@@ -222,7 +223,7 @@ asn1_error_code asn1_encode_ia5string(asn1buf *buf, unsigned int len,
 }
 
 asn1_error_code asn1_encode_generaltime(asn1buf *buf, time_t val,
-                                       unsigned int *retlen)
+                                        unsigned int *retlen)
 {
     asn1_error_code retval;
     struct tm *gtime, gtimebuf;
@@ -234,40 +235,40 @@ asn1_error_code asn1_encode_generaltime(asn1buf *buf, time_t val,
      * Time encoding: YYYYMMDDhhmmssZ
      */
     if (gmt_time == 0) {
-       sp = "19700101000000Z";
+        sp = "19700101000000Z";
     } else {
 
-       /*
-        * Sanity check this just to be paranoid, as gmtime can return NULL,
-        * and some bogus implementations might overrun on the sprintf.
-        */
+        /*
+         * Sanity check this just to be paranoid, as gmtime can return NULL,
+         * and some bogus implementations might overrun on the sprintf.
+         */
 #ifdef HAVE_GMTIME_R
 # ifdef GMTIME_R_RETURNS_INT
-       if (gmtime_r(&gmt_time, &gtimebuf) != 0)
-           return ASN1_BAD_GMTIME;
+        if (gmtime_r(&gmt_time, &gtimebuf) != 0)
+            return ASN1_BAD_GMTIME;
 # else
-       if (gmtime_r(&gmt_time, &gtimebuf) == NULL)
-           return ASN1_BAD_GMTIME;
+        if (gmtime_r(&gmt_time, &gtimebuf) == NULL)
+            return ASN1_BAD_GMTIME;
 # endif
 #else
-       gtime = gmtime(&gmt_time);
-       if (gtime == NULL)
-           return ASN1_BAD_GMTIME;
-       memcpy(&gtimebuf, gtime, sizeof(gtimebuf));
+        gtime = gmtime(&gmt_time);
+        if (gtime == NULL)
+            return ASN1_BAD_GMTIME;
+        memcpy(&gtimebuf, gtime, sizeof(gtimebuf));
 #endif
-       gtime = &gtimebuf;
-
-       if (gtime->tm_year > 8099 || gtime->tm_mon > 11 ||
-           gtime->tm_mday > 31 || gtime->tm_hour > 23 ||
-           gtime->tm_min > 59 || gtime->tm_sec > 59)
-           return ASN1_BAD_GMTIME;
-       if (snprintf(s, sizeof(s), "%04d%02d%02d%02d%02d%02dZ",
-                    1900+gtime->tm_year, gtime->tm_mon+1, gtime->tm_mday,
-                    gtime->tm_hour, gtime->tm_min, gtime->tm_sec)
-           >= sizeof(s))
-           /* Shouldn't be possible given above tests.  */
-           return ASN1_BAD_GMTIME;
-       sp = s;
+        gtime = &gtimebuf;
+
+        if (gtime->tm_year > 8099 || gtime->tm_mon > 11 ||
+            gtime->tm_mday > 31 || gtime->tm_hour > 23 ||
+            gtime->tm_min > 59 || gtime->tm_sec > 59)
+            return ASN1_BAD_GMTIME;
+        if (snprintf(s, sizeof(s), "%04d%02d%02d%02d%02d%02dZ",
+                     1900+gtime->tm_year, gtime->tm_mon+1, gtime->tm_mday,
+                     gtime->tm_hour, gtime->tm_min, gtime->tm_sec)
+            >= sizeof(s))
+            /* Shouldn't be possible given above tests.  */
+            return ASN1_BAD_GMTIME;
+        sp = s;
     }
 
     retval = asn1buf_insert_charstring(buf,15,sp);
@@ -283,8 +284,8 @@ asn1_error_code asn1_encode_generaltime(asn1buf *buf, time_t val,
 }
 
 asn1_error_code asn1_encode_generalstring(asn1buf *buf, unsigned int len,
-                                         const char *val,
-                                         unsigned int *retlen)
+                                          const char *val,
+                                          unsigned int *retlen)
 {
     asn1_error_code retval;
     unsigned int length;
@@ -292,7 +293,7 @@ asn1_error_code asn1_encode_generalstring(asn1buf *buf, unsigned int len,
     retval = asn1buf_insert_charstring(buf,len,val);
     if (retval) return retval;
     retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_GENERALSTRING,len,
-                          &length);
+                           &length);
     if (retval) return retval;
 
     *retlen = len + length;
index 79eee48d5f1f9d7e77b818e2a9952b90af40b459..c75f4e8791037dff654c7c09e6c3ac1192501f59 100644 (file)
@@ -1,6 +1,7 @@
+/* -*- mode: c; indent-tabs-mode: nil -*- */
 /*
  * src/lib/krb5/asn.1/asn1_encode.h
- * 
+ *
  * Copyright 1994 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
@@ -8,7 +9,7 @@
  *   require a specific license from the United States Government.
  *   It is the responsibility of any person or organization contemplating
  *   export to obtain such a license before exporting.
- * 
+ *
  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
  * distribute this software and its documentation for any purpose and
  * without fee is hereby granted, provided that the above copyright
 */
 
 asn1_error_code asn1_encode_integer
-       (asn1buf *buf, long val, unsigned int *retlen);
+        (asn1buf *buf, long val, unsigned int *retlen);
 /* requires  *buf is allocated
    modifies  *buf, *retlen
-   effects   Inserts the encoding of val into *buf and returns 
+   effects   Inserts the encoding of val into *buf and returns
               the length of the encoding in *retlen.
              Returns ENOMEM to signal an unsuccesful attempt
               to expand the buffer. */
@@ -62,81 +63,81 @@ asn1_error_code asn1_encode_enumerated
 (asn1buf *buf, long val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_unsigned_integer
-       (asn1buf *buf, unsigned long val, 
-                  unsigned int *retlen);
+        (asn1buf *buf, unsigned long val,
+                   unsigned int *retlen);
 /* requires  *buf is allocated
    modifies  *buf, *retlen
-   effects   Inserts the encoding of val into *buf and returns 
+   effects   Inserts the encoding of val into *buf and returns
               the length of the encoding in *retlen.
              Returns ENOMEM to signal an unsuccesful attempt
               to expand the buffer. */
 
 asn1_error_code asn1_encode_octetstring
-       (asn1buf *buf,
-                  unsigned int len, const asn1_octet *val,
-                  unsigned int *retlen);
+        (asn1buf *buf,
+                   unsigned int len, const asn1_octet *val,
+                   unsigned int *retlen);
 /* requires  *buf is allocated
    modifies  *buf, *retlen
-   effects   Inserts the encoding of val into *buf and returns 
+   effects   Inserts the encoding of val into *buf and returns
               the length of the encoding in *retlen.
              Returns ENOMEM to signal an unsuccesful attempt
               to expand the buffer. */
 
 asn1_error_code asn1_encode_oid
-       (asn1buf *buf,
-                  unsigned int len, const asn1_octet *val,
-                  unsigned int *retlen);
+        (asn1buf *buf,
+                   unsigned int len, const asn1_octet *val,
+                   unsigned int *retlen);
 /* requires  *buf is allocated
    modifies  *buf, *retlen
-   effects   Inserts the encoding of val into *buf and returns 
+   effects   Inserts the encoding of val into *buf and returns
               the length of the encoding in *retlen.
              Returns ENOMEM to signal an unsuccesful attempt
               to expand the buffer. */
 
 asn1_error_code asn1_encode_charstring
-       (asn1buf *buf,
-                  unsigned int len, const char *val,
-                  unsigned int *retlen);
+        (asn1buf *buf,
+                   unsigned int len, const char *val,
+                   unsigned int *retlen);
 /* requires  *buf is allocated
    modifies  *buf, *retlen
-   effects   Inserts the encoding of val into *buf and returns 
+   effects   Inserts the encoding of val into *buf and returns
               the length of the encoding in *retlen.
              Returns ENOMEM to signal an unsuccesful attempt
               to expand the buffer. */
 
 asn1_error_code asn1_encode_null
-       (asn1buf *buf, int *retlen);
+        (asn1buf *buf, int *retlen);
 /* requires  *buf is allocated
    modifies  *buf, *retlen
-   effects   Inserts the encoding of NULL into *buf and returns 
+   effects   Inserts the encoding of NULL into *buf and returns
               the length of the encoding in *retlen.
              Returns ENOMEM to signal an unsuccesful attempt
               to expand the buffer. */
 
 asn1_error_code asn1_encode_printablestring
-       (asn1buf *buf,
-                  unsigned int len, const char *val,
-                  int *retlen);
+        (asn1buf *buf,
+                   unsigned int len, const char *val,
+                   int *retlen);
 /* requires  *buf is allocated
    modifies  *buf, *retlen
-   effects   Inserts the encoding of val into *buf and returns 
+   effects   Inserts the encoding of val into *buf and returns
               the length of the encoding in *retlen.
              Returns ENOMEM to signal an unsuccesful attempt
               to expand the buffer. */
 
 asn1_error_code asn1_encode_ia5string
-       (asn1buf *buf,
-                  unsigned int len, const char *val,
-                  int *retlen);
+        (asn1buf *buf,
+                   unsigned int len, const char *val,
+                   int *retlen);
 /* requires  *buf is allocated
    modifies  *buf, *retlen
-   effects   Inserts the encoding of val into *buf and returns 
+   effects   Inserts the encoding of val into *buf and returns
               the length of the encoding in *retlen.
              Returns ENOMEM to signal an unsuccesful attempt
               to expand the buffer. */
 
 asn1_error_code asn1_encode_generaltime
-       (asn1buf *buf, time_t val, unsigned int *retlen);
+        (asn1buf *buf, time_t val, unsigned int *retlen);
 /* requires  *buf is allocated
    modifies  *buf, *retlen
    effects   Inserts the encoding of val into *buf and returns
@@ -146,12 +147,12 @@ asn1_error_code asn1_encode_generaltime
    Note: The encoding of GeneralizedTime is YYYYMMDDhhmmZ */
 
 asn1_error_code asn1_encode_generalstring
-       (asn1buf *buf,
-                  unsigned int len, const char *val,
-                  unsigned int *retlen);
+        (asn1buf *buf,
+                   unsigned int len, const char *val,
+                   unsigned int *retlen);
 /* requires  *buf is allocated,  val has a length of len characters
    modifies  *buf, *retlen
-   effects   Inserts the encoding of val into *buf and returns 
+   effects   Inserts the encoding of val into *buf and returns
               the length of the encoding in *retlen.
              Returns ENOMEM to signal an unsuccesful attempt
               to expand the buffer. */
index 66fd1b6cbece4557cda9e33541d0bcd5c4207ff6..d3706fbd6274e16bd2699724131ac654e583630c 100644 (file)
@@ -1,6 +1,7 @@
+/* -*- mode: c; indent-tabs-mode: nil -*- */
 /*
  * src/lib/krb5/asn.1/asn1_get.c
- * 
+ *
  * Copyright 1994 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
@@ -8,7 +9,7 @@
  *   require a specific license from the United States Government.
  *   It is the responsibility of any person or organization contemplating
  *   export to obtain such a license before exporting.
- * 
+ *
  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
  * distribute this software and its documentation for any purpose and
  * without fee is hereby granted, provided that the above copyright
@@ -32,70 +33,70 @@ asn1_get_tag_2(asn1buf *buf, taginfo *t)
     asn1_error_code retval;
 
     if (buf == NULL || buf->base == NULL ||
-       buf->bound - buf->next + 1 <= 0) {
-       t->tagnum = ASN1_TAGNUM_CEILING; /* emphatically not an EOC tag */
-       t->asn1class = UNIVERSAL;
-       t->construction = PRIMITIVE;
-       t->length = 0;
-       t->indef = 0;
-       return 0;
+        buf->bound - buf->next + 1 <= 0) {
+        t->tagnum = ASN1_TAGNUM_CEILING; /* emphatically not an EOC tag */
+        t->asn1class = UNIVERSAL;
+        t->construction = PRIMITIVE;
+        t->length = 0;
+        t->indef = 0;
+        return 0;
     }
     {
-       /* asn1_get_id(buf, t) */
-       asn1_tagnum tn=0;
-       asn1_octet o;
+        /* asn1_get_id(buf, t) */
+        asn1_tagnum tn=0;
+        asn1_octet o;
 
 #define ASN1_CLASS_MASK 0xC0
 #define ASN1_CONSTRUCTION_MASK 0x20
 #define ASN1_TAG_NUMBER_MASK 0x1F
 
-       retval = asn1buf_remove_octet(buf,&o);
-       if (retval)
-           return retval;
+        retval = asn1buf_remove_octet(buf,&o);
+        if (retval)
+            return retval;
 
-       t->asn1class = (asn1_class)(o&ASN1_CLASS_MASK);
-       t->construction = (asn1_construction)(o&ASN1_CONSTRUCTION_MASK);
-       if ((o&ASN1_TAG_NUMBER_MASK) != ASN1_TAG_NUMBER_MASK) {
-           /* low-tag-number form */
-           t->tagnum = (asn1_tagnum)(o&ASN1_TAG_NUMBER_MASK);
-       } else {
-           /* high-tag-number form */
-           do {
-               retval = asn1buf_remove_octet(buf,&o);
-               if (retval) return retval;
-               tn = (tn<<7) + (asn1_tagnum)(o&0x7F);
-           } while (o&0x80);
-           t->tagnum = tn;
-       }
+        t->asn1class = (asn1_class)(o&ASN1_CLASS_MASK);
+        t->construction = (asn1_construction)(o&ASN1_CONSTRUCTION_MASK);
+        if ((o&ASN1_TAG_NUMBER_MASK) != ASN1_TAG_NUMBER_MASK) {
+            /* low-tag-number form */
+            t->tagnum = (asn1_tagnum)(o&ASN1_TAG_NUMBER_MASK);
+        } else {
+            /* high-tag-number form */
+            do {
+                retval = asn1buf_remove_octet(buf,&o);
+                if (retval) return retval;
+                tn = (tn<<7) + (asn1_tagnum)(o&0x7F);
+            } while (o&0x80);
+            t->tagnum = tn;
+        }
     }
 
     {
-       /* asn1_get_length(buf, t) */
-       asn1_octet o;
+        /* asn1_get_length(buf, t) */
+        asn1_octet o;
+
+        t->indef = 0;
+        retval = asn1buf_remove_octet(buf,&o);
+        if (retval) return retval;
+        if ((o&0x80) == 0) {
+            t->length = (int)(o&0x7F);
+        } else {
+            int num;
+            int len=0;
 
-       t->indef = 0;
-       retval = asn1buf_remove_octet(buf,&o);
-       if (retval) return retval;
-       if ((o&0x80) == 0) {
-           t->length = (int)(o&0x7F);
-       } else {
-           int num;
-           int len=0;
-    
-           for (num = (int)(o&0x7F); num>0; num--) {
-               retval = asn1buf_remove_octet(buf,&o);
-               if (retval) return retval;
-               len = (len<<8) + (int)o;
-           }
-           if (len < 0)
-               return ASN1_OVERRUN;
-           if (!len)
-               t->indef = 1;
-           t->length = len;
-       }
+            for (num = (int)(o&0x7F); num>0; num--) {
+                retval = asn1buf_remove_octet(buf,&o);
+                if (retval) return retval;
+                len = (len<<8) + (int)o;
+            }
+            if (len < 0)
+                return ASN1_OVERRUN;
+            if (!len)
+                t->indef = 1;
+            t->length = len;
+        }
     }
     if (t->indef && t->construction != CONSTRUCTED)
-       return ASN1_MISMATCH_INDEF;
+        return ASN1_MISMATCH_INDEF;
     return 0;
 }
 
@@ -106,13 +107,13 @@ asn1_error_code asn1_get_sequence(asn1buf *buf, unsigned int *retlen, int *indef
 
     retval = asn1_get_tag_2(buf, &t);
     if (retval)
-       return retval;
+        return retval;
     if (t.asn1class != UNIVERSAL || t.construction != CONSTRUCTED ||
-       t.tagnum != ASN1_SEQUENCE)
-       return ASN1_BAD_ID;
+        t.tagnum != ASN1_SEQUENCE)
+        return ASN1_BAD_ID;
     if (retlen)
-       *retlen = t.length;
+        *retlen = t.length;
     if (indef)
-       *indef = t.indef;
+        *indef = t.indef;
     return 0;
 }
index 1b78014624562743017a812ef0139806f0123e6a..ecafa2aecd72ef7702220cacddfd6746a839a0dd 100644 (file)
@@ -1,6 +1,7 @@
+/* -*- mode: c; indent-tabs-mode: nil -*- */
 /*
  * src/lib/krb5/asn.1/asn1_get.h
- * 
+ *
  * Copyright 1994 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
@@ -8,7 +9,7 @@
  *   require a specific license from the United States Government.
  *   It is the responsibility of any person or organization contemplating
  *   export to obtain such a license before exporting.
- * 
+ *
  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
  * distribute this software and its documentation for any purpose and
  * without fee is hereby granted, provided that the above copyright
@@ -35,9 +36,9 @@
 
 typedef struct {
 #if 1 /* Smaller run-time storage, and on x86 the compiler can use
-        byte loads, stores, and compares, but on other platforms the
-        compiler may need to load and widen before comparing... see
-        how this works out. */
+         byte loads, stores, and compares, but on other platforms the
+         compiler may need to load and widen before comparing... see
+         how this works out. */
     unsigned int asn1class : 8, construction : 8;
 #else
     asn1_class asn1class;
@@ -52,33 +53,33 @@ asn1_error_code asn1_get_tag_2 (asn1buf *buf, taginfo *tinfo);
 
 #if 0
 asn1_error_code asn1_get_tag_indef
-       (asn1buf *buf,
-                  asn1_class *Class,
-                  asn1_construction *construction,
-                  asn1_tagnum *tagnum,
-                  unsigned int *retlen, int *indef);
+        (asn1buf *buf,
+                   asn1_class *Class,
+                   asn1_construction *construction,
+                   asn1_tagnum *tagnum,
+                   unsigned int *retlen, int *indef);
 
 asn1_error_code asn1_get_tag
-       (asn1buf *buf,
-                  asn1_class *Class,
-                  asn1_construction *construction,
-                  asn1_tagnum *tagnum,
-                  unsigned int *retlen);
+        (asn1buf *buf,
+                   asn1_class *Class,
+                   asn1_construction *construction,
+                   asn1_tagnum *tagnum,
+                   unsigned int *retlen);
 /* requires  *buf is allocated
    effects   Decodes the tag in *buf.  If class != NULL, returns
               the class in *Class.  Similarly, the construction,
-             tag number, and length are returned in *construction,
-             *tagnum, and *retlen, respectively.
-            If *buf is empty to begin with,
-             *tagnum is set to ASN1_TAGNUM_CEILING.
-            Returns ASN1_OVERRUN if *buf is exhausted during the parse. */
+              tag number, and length are returned in *construction,
+              *tagnum, and *retlen, respectively.
+             If *buf is empty to begin with,
+              *tagnum is set to ASN1_TAGNUM_CEILING.
+             Returns ASN1_OVERRUN if *buf is exhausted during the parse. */
 #endif
 
 asn1_error_code asn1_get_sequence
-       (asn1buf *buf, unsigned int *retlen, int *indef);
+        (asn1buf *buf, unsigned int *retlen, int *indef);
 /* requires  *buf is allocated
    effects   Decodes a tag from *buf and returns ASN1_BAD_ID if it
               doesn't have a sequence ID.  If retlen != NULL, the
-             associated length is returned in *retlen. */
+              associated length is returned in *retlen. */
 
 #endif
index 4290561d7a6ddeedc5cf1de87a84efe6cfea1e7a..e47ca6f0c4776201b8821b6e437b0b61f4720213 100644 (file)
@@ -1,6 +1,7 @@
+/* -*- mode: c; indent-tabs-mode: nil -*- */
 /*
  * src/lib/krb5/asn.1/asn1_k_decode.c
- * 
+ *
  * Copyright 1994, 2007, 2008 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
@@ -8,7 +9,7 @@
  *   require a specific license from the United States Government.
  *   It is the responsibility of any person or organization contemplating
  *   export to obtain such a license before exporting.
- * 
+ *
  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
  * distribute this software and its documentation for any purpose and
  * without fee is hereby granted, provided that the above copyright
 #include "asn1_misc.h"
 
 /* Declare useful decoder variables. */
-#define setup()                                        \
-  asn1_error_code retval;                      \
-  asn1_class asn1class;                                \
-  asn1_construction construction;              \
-  asn1_tagnum tagnum;                          \
+#define setup()                                 \
+  asn1_error_code retval;                       \
+  asn1_class asn1class;                         \
+  asn1_construction construction;               \
+  asn1_tagnum tagnum;                           \
   unsigned int length, taglen
 
 #define unused_var(x) if (0) { x = 0; x = x - x; }
 
 /* This is used for prefetch of next tag in sequence. */
-#define next_tag()                                                             \
-{ taginfo t2;                                                                  \
-  retval = asn1_get_tag_2(&subbuf, &t2);                                       \
-  if (retval) return retval;                                                   \
-  /* Copy out to match previous functionality, until better integrated.  */    \
-  asn1class = t2.asn1class;                                                    \
-  construction = t2.construction;                                              \
-  tagnum = t2.tagnum;                                                          \
-  taglen = t2.length;                                                          \
-  indef = t2.indef;                                                            \
+#define next_tag()                                                              \
+{ taginfo t2;                                                                   \
+  retval = asn1_get_tag_2(&subbuf, &t2);                                        \
+  if (retval) return retval;                                                    \
+  /* Copy out to match previous functionality, until better integrated.  */     \
+  asn1class = t2.asn1class;                                                     \
+  construction = t2.construction;                                               \
+  tagnum = t2.tagnum;                                                           \
+  taglen = t2.length;                                                           \
+  indef = t2.indef;                                                             \
 }
 
 static asn1_error_code
@@ -60,36 +61,36 @@ asn1_get_eoc_tag (asn1buf *buf)
 
     retval = asn1_get_tag_2(buf, &t);
     if (retval)
-       return retval;
+        return retval;
     if (t.asn1class != UNIVERSAL || t.tagnum || t.indef)
-       return ASN1_MISSING_EOC;
+        return ASN1_MISSING_EOC;
     return 0;
 }
 
 /* Force check for EOC tag. */
-#define get_eoc()                              \
-    {                                          \
-       retval = asn1_get_eoc_tag(&subbuf);     \
-       if (retval) return retval;              \
+#define get_eoc()                               \
+    {                                           \
+        retval = asn1_get_eoc_tag(&subbuf);     \
+        if (retval) return retval;              \
     }
 
-#define alloc_field(var, type)                 \
-  var = (type*)calloc(1, sizeof(type));                \
+#define alloc_field(var, type)                  \
+  var = (type*)calloc(1, sizeof(type));         \
   if ((var) == NULL) return ENOMEM
 
 /* Fetch an expected APPLICATION class tag and verify. */
-#define apptag(tagexpect)                                                              \
-  {                                                                                    \
-      taginfo t1;                                                                      \
-      retval = asn1_get_tag_2(buf, &t1);                                               \
-      if (retval) return retval;                                                       \
-      if (t1.asn1class != APPLICATION || t1.construction != CONSTRUCTED ||             \
-         t1.tagnum != (tagexpect)) return ASN1_BAD_ID;                                 \
-      /* Copy out to match previous functionality, until better integrated.  */                \
-      asn1class = t1.asn1class;                                                                \
-      construction = t1.construction;                                                  \
-      tagnum = t1.tagnum;                                                              \
-      applen = t1.length;                                                              \
+#define apptag(tagexpect)                                                               \
+  {                                                                                     \
+      taginfo t1;                                                                       \
+      retval = asn1_get_tag_2(buf, &t1);                                                \
+      if (retval) return retval;                                                        \
+      if (t1.asn1class != APPLICATION || t1.construction != CONSTRUCTED ||              \
+          t1.tagnum != (tagexpect)) return ASN1_BAD_ID;                                 \
+      /* Copy out to match previous functionality, until better integrated.  */         \
+      asn1class = t1.asn1class;                                                         \
+      construction = t1.construction;                                                   \
+      tagnum = t1.tagnum;                                                               \
+      applen = t1.length;                                                               \
   }
 
 /**** normal fields ****/
@@ -101,10 +102,10 @@ asn1_get_eoc_tag (asn1buf *buf)
  * get_eoc() assumes that any values fetched by this macro are
  * enclosed in a context-specific tag.
  */
-#define get_field_body(var, decoder)           \
-  retval = decoder(&subbuf, &(var));           \
-  if (retval) return retval;                   \
-  if (!taglen && indef) { get_eoc(); }         \
+#define get_field_body(var, decoder)            \
+  retval = decoder(&subbuf, &(var));            \
+  if (retval) return retval;                    \
+  if (!taglen && indef) { get_eoc(); }          \
   next_tag()
 
 /*
@@ -123,11 +124,11 @@ asn1_get_eoc_tag (asn1buf *buf)
  * that context-specific tags are monotonically increasing in its
  * verification of tag numbers.
  */
-#define get_field(var, tagexpect, decoder)                             \
-  error_if_bad_tag(tagexpect);                                         \
-  if ((asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)   \
-      && (tagnum || taglen || asn1class != UNIVERSAL))                 \
-    return ASN1_BAD_ID;                                                        \
+#define get_field(var, tagexpect, decoder)                              \
+  error_if_bad_tag(tagexpect);                                          \
+  if ((asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)    \
+      && (tagnum || taglen || asn1class != UNIVERSAL))                  \
+    return ASN1_BAD_ID;                                                 \
   get_field_body(var,decoder)
 
 /*
@@ -138,59 +139,59 @@ asn1_get_eoc_tag (asn1buf *buf)
  * distinguish between absent optional values and present optional
  * values that happen to have the value of OPTVAL.
  */
-#define opt_field(var, tagexpect, decoder, optvalue)                   \
-  if (asn1buf_remains(&subbuf, seqindef)) {                            \
-    if ((asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED) \
-       && (tagnum || taglen || asn1class != UNIVERSAL))                \
-      return ASN1_BAD_ID;                                              \
-    if (tagnum == (tagexpect)) {                                       \
-      get_field_body(var, decoder);                                    \
-    } else var = optvalue;                                             \
+#define opt_field(var, tagexpect, decoder, optvalue)                    \
+  if (asn1buf_remains(&subbuf, seqindef)) {                             \
+    if ((asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)  \
+        && (tagnum || taglen || asn1class != UNIVERSAL))                \
+      return ASN1_BAD_ID;                                               \
+    if (tagnum == (tagexpect)) {                                        \
+      get_field_body(var, decoder);                                     \
+    } else var = optvalue;                                              \
   }
-  
+
 /**** fields w/ length ****/
 
 /* similar to get_field_body */
-#define get_lenfield_body(len, var, decoder)   \
-  retval = decoder(&subbuf, &(len), &(var));   \
-  if (retval) return retval;                   \
-  if (!taglen && indef) { get_eoc(); }         \
+#define get_lenfield_body(len, var, decoder)    \
+  retval = decoder(&subbuf, &(len), &(var));    \
+  if (retval) return retval;                    \
+  if (!taglen && indef) { get_eoc(); }          \
   next_tag()
 
 /* similar to get_field_body */
-#define get_lenfield(len, var, tagexpect, decoder)                     \
-  error_if_bad_tag(tagexpect);                                         \
-  if ((asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)   \
-      && (tagnum || taglen || asn1class != UNIVERSAL))                 \
-    return ASN1_BAD_ID;                                                        \
+#define get_lenfield(len, var, tagexpect, decoder)                      \
+  error_if_bad_tag(tagexpect);                                          \
+  if ((asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)    \
+      && (tagnum || taglen || asn1class != UNIVERSAL))                  \
+    return ASN1_BAD_ID;                                                 \
   get_lenfield_body(len, var, decoder)
 
 /* similar to opt_field */
-#define opt_lenfield(len, var, tagexpect, decoder)     \
-  if (tagnum == (tagexpect)) {                         \
-    get_lenfield_body(len, var, decoder);              \
+#define opt_lenfield(len, var, tagexpect, decoder)      \
+  if (tagnum == (tagexpect)) {                          \
+    get_lenfield_body(len, var, decoder);               \
   } else { len = 0; var = 0; }
 
 /*
  * Deal with implicitly tagged fields
  */
-#define get_implicit_octet_string(len, var, tagexpect)             \
-  if (tagnum != (tagexpect)) return ASN1_MISSING_FIELD;                    \
+#define get_implicit_octet_string(len, var, tagexpect)              \
+  if (tagnum != (tagexpect)) return ASN1_MISSING_FIELD;             \
   if (asn1class != CONTEXT_SPECIFIC || construction != PRIMITIVE)   \
-     return ASN1_BAD_ID;                                           \
-  retval = asn1buf_remove_octetstring(&subbuf, taglen, &(var));            \
-  if (retval) return retval;                                       \
-  (len) = taglen;                                                  \
+     return ASN1_BAD_ID;                                            \
+  retval = asn1buf_remove_octetstring(&subbuf, taglen, &(var));     \
+  if (retval) return retval;                                        \
+  (len) = taglen;                                                   \
   next_tag()
 
-#define opt_implicit_octet_string(len, var, tagexpect)             \
-  if (tagnum == (tagexpect)) {                                     \
+#define opt_implicit_octet_string(len, var, tagexpect)              \
+  if (tagnum == (tagexpect)) {                                      \
     if (asn1class != CONTEXT_SPECIFIC || construction != PRIMITIVE) \
-       return ASN1_BAD_ID;                                         \
+        return ASN1_BAD_ID;                                         \
     retval = asn1buf_remove_octetstring(&subbuf, taglen, &(var));   \
-    if (retval) return retval;                                     \
-    (len) = taglen;                                                \
-    next_tag();                                                            \
+    if (retval) return retval;                                      \
+    (len) = taglen;                                                 \
+    next_tag();                                                     \
   } else { (len) = 0; (var) = NULL; }
 
 /*
@@ -200,14 +201,14 @@ asn1_get_eoc_tag (asn1buf *buf)
  * to be called in an inner block that ends with a call to
  * end_structure().
  */
-#define begin_structure()                                      \
-  asn1buf subbuf;                                              \
-  int seqindef;                                                        \
-  int indef;                                                   \
-  retval = asn1_get_sequence(buf, &length, &seqindef);         \
-  if (retval) return retval;                                   \
-  retval = asn1buf_imbed(&subbuf, buf, length, seqindef);      \
-  if (retval) return retval;                                   \
+#define begin_structure()                                       \
+  asn1buf subbuf;                                               \
+  int seqindef;                                                 \
+  int indef;                                                    \
+  retval = asn1_get_sequence(buf, &length, &seqindef);          \
+  if (retval) return retval;                                    \
+  retval = asn1buf_imbed(&subbuf, buf, length, seqindef);       \
+  if (retval) return retval;                                    \
   next_tag()
 
 /*
@@ -215,19 +216,19 @@ asn1_get_eoc_tag (asn1buf *buf)
  * It is the same as begin_structure() except next_tag()
  * is not called.
  */
-#define begin_structure_no_tag()                               \
-  asn1buf subbuf;                                              \
-  int seqindef;                                                        \
-  int indef;                                                   \
-  retval = asn1_get_sequence(buf, &length, &seqindef);         \
-  if (retval) return retval;                                   \
-  retval = asn1buf_imbed(&subbuf, buf, length, seqindef);      \
+#define begin_structure_no_tag()                                \
+  asn1buf subbuf;                                               \
+  int seqindef;                                                 \
+  int indef;                                                    \
+  retval = asn1_get_sequence(buf, &length, &seqindef);          \
+  if (retval) return retval;                                    \
+  retval = asn1buf_imbed(&subbuf, buf, length, seqindef);       \
   if (retval) return retval
 
 /* skip trailing garbage */
-#define end_structure()                                                \
-  retval = asn1buf_sync(buf, &subbuf, asn1class, tagnum,       \
-                       length, indef, seqindef);               \
+#define end_structure()                                         \
+  retval = asn1buf_sync(buf, &subbuf, asn1class, tagnum,        \
+                        length, indef, seqindef);               \
   if (retval) return retval
 
 /*
@@ -237,28 +238,28 @@ asn1_get_eoc_tag (asn1buf *buf)
  * to be called in an inner block that ends with a call to
  * end_choice().
  */
-#define begin_choice()                                         \
-  asn1buf subbuf;                                              \
-  int seqindef;                                                        \
-  int indef;                                                   \
-  taginfo t;                                                   \
-  retval = asn1_get_tag_2(buf, &t);                            \
-  if (retval) return retval;                                   \
+#define begin_choice()                                          \
+  asn1buf subbuf;                                               \
+  int seqindef;                                                 \
+  int indef;                                                    \
+  taginfo t;                                                    \
+  retval = asn1_get_tag_2(buf, &t);                             \
+  if (retval) return retval;                                    \
   tagnum = t.tagnum;                                            \
   taglen = t.length;                                            \
   indef = t.indef;                                              \
   length = t.length;                                            \
   seqindef = t.indef;                                           \
-  asn1class = t.asn1class;                                     \
-  construction = t.construction;                               \
-  retval = asn1buf_imbed(&subbuf, buf, length, seqindef);      \
+  asn1class = t.asn1class;                                      \
+  construction = t.construction;                                \
+  retval = asn1buf_imbed(&subbuf, buf, length, seqindef);       \
   if (retval) return retval
 
 /* skip trailing garbage */
-#define end_choice()                                           \
-  length -= t.length;                                          \
-  retval = asn1buf_sync(buf, &subbuf, t.asn1class, t.tagnum,   \
-                       length, t.indef, seqindef);             \
+#define end_choice()                                            \
+  length -= t.length;                                           \
+  retval = asn1buf_sync(buf, &subbuf, t.asn1class, t.tagnum,    \
+                        length, t.indef, seqindef);             \
   if (retval) return retval
 
 /*
@@ -268,12 +269,12 @@ asn1_get_eoc_tag (asn1buf *buf)
  * meant to be called in an inner block that ends with a call to
  * end_sequence_of().
  */
-#define sequence_of(buf)                       \
-  unsigned int length, taglen;                 \
-  asn1_class asn1class;                                \
-  asn1_construction construction;              \
-  asn1_tagnum tagnum;                          \
-  int indef;                                   \
+#define sequence_of(buf)                        \
+  unsigned int length, taglen;                  \
+  asn1_class asn1class;                         \
+  asn1_construction construction;               \
+  asn1_tagnum tagnum;                           \
+  int indef;                                    \
   sequence_of_common(buf)
 
 /*
@@ -283,7 +284,7 @@ asn1_get_eoc_tag (asn1buf *buf)
  * sequence structure and thus declares variables of different names
  * than does sequence_of() to avoid shadowing.
  */
-#define sequence_of_no_tagvars(buf)            \
+#define sequence_of_no_tagvars(buf)             \
   sequence_of_common(buf)
 
 /*
@@ -293,13 +294,13 @@ asn1_get_eoc_tag (asn1buf *buf)
  * and imbeds an inner buffer seqbuf.  Unlike begin_structure(), it
  * does not prefetch the next tag.
  */
-#define sequence_of_common(buf)                                        \
-  int size = 0;                                                        \
-  asn1buf seqbuf;                                              \
-  int seqofindef;                                              \
-  retval = asn1_get_sequence(buf, &length, &seqofindef);       \
-  if (retval) return retval;                                   \
-  retval = asn1buf_imbed(&seqbuf, buf, length, seqofindef);    \
+#define sequence_of_common(buf)                                 \
+  int size = 0;                                                 \
+  asn1buf seqbuf;                                               \
+  int seqofindef;                                               \
+  retval = asn1_get_sequence(buf, &length, &seqofindef);        \
+  if (retval) return retval;                                    \
+  retval = asn1buf_imbed(&seqbuf, buf, length, seqofindef);     \
   if (retval) return retval
 
 /*
@@ -308,20 +309,20 @@ asn1_get_eoc_tag (asn1buf *buf)
  * Attempts to fetch an EOC tag, if any, and to sync over trailing
  * garbage, if any.
  */
-#define end_sequence_of(buf)                                                   \
-  {                                                                            \
-      taginfo t4;                                                              \
-      retval = asn1_get_tag_2(&seqbuf, &t4);                                   \
-      if (retval) return retval;                                               \
-      /* Copy out to match previous functionality, until better integrated.  */        \
-      asn1class = t4.asn1class;                                                        \
-      construction = t4.construction;                                          \
-      tagnum = t4.tagnum;                                                      \
-      taglen = t4.length;                                                      \
-      indef = t4.indef;                                                                \
-  }                                                                            \
-  retval = asn1buf_sync(buf, &seqbuf, asn1class, tagnum,                       \
-                       length, indef, seqofindef);                             \
+#define end_sequence_of(buf)                                                    \
+  {                                                                             \
+      taginfo t4;                                                               \
+      retval = asn1_get_tag_2(&seqbuf, &t4);                                    \
+      if (retval) return retval;                                                \
+      /* Copy out to match previous functionality, until better integrated.  */ \
+      asn1class = t4.asn1class;                                                 \
+      construction = t4.construction;                                           \
+      tagnum = t4.tagnum;                                                       \
+      taglen = t4.length;                                                       \
+      indef = t4.indef;                                                         \
+  }                                                                             \
+  retval = asn1buf_sync(buf, &seqbuf, asn1class, tagnum,                        \
+                        length, indef, seqofindef);                             \
   if (retval) return retval;
 
 /*
@@ -332,33 +333,33 @@ asn1_get_eoc_tag (asn1buf *buf)
  */
 static asn1_error_code
 end_sequence_of_no_tagvars_helper(asn1buf *buf, asn1buf *seqbufp,
-                                 int seqofindef)
+                                  int seqofindef)
 {
     taginfo t;
     asn1_error_code retval;
 
     retval = asn1_get_tag_2(seqbufp, &t);
     if (retval)
-       return retval;
+        return retval;
     retval = asn1buf_sync(buf, seqbufp, t.asn1class, t.tagnum,
-                         t.length, t.indef, seqofindef);
+                          t.length, t.indef, seqofindef);
     return retval;
 }
 #define end_sequence_of_no_tagvars(buf) \
     end_sequence_of_no_tagvars_helper(buf, &seqbuf, seqofindef)
 
-#define cleanup()                              \
+#define cleanup()                               \
   return 0
 
 /* scalars */
 asn1_error_code asn1_decode_kerberos_time(asn1buf *buf, krb5_timestamp *val)
 {
-    time_t     t;
+    time_t      t;
     asn1_error_code retval;
-    
+
     retval =  asn1_decode_generaltime(buf,&t);
     if (retval)
-       return retval;
+        return retval;
 
     *val = t;
     return 0;
@@ -410,10 +411,10 @@ asn1_error_code asn1_decode_msgtype(asn1buf *buf, krb5_msgtype *val)
 {
     asn1_error_code retval;
     unsigned long n;
-  
+
     retval = asn1_decode_unsigned_integer(buf,&n);
     if (retval) return retval;
-  
+
     *val = (krb5_msgtype) n;
     return 0;
 }
@@ -423,39 +424,39 @@ asn1_error_code asn1_decode_msgtype(asn1buf *buf, krb5_msgtype *val)
 asn1_error_code asn1_decode_realm(asn1buf *buf, krb5_principal *val)
 {
     return asn1_decode_generalstring(buf,
-                                    &((*val)->realm.length),
-                                    &((*val)->realm.data));
+                                     &((*val)->realm.length),
+                                     &((*val)->realm.data));
 }
 
 asn1_error_code asn1_decode_principal_name(asn1buf *buf, krb5_principal *val)
 {
     setup();
     { begin_structure();
-       get_field((*val)->type,0,asn1_decode_int32);
-  
-       { sequence_of_no_tagvars(&subbuf);
-           while (asn1buf_remains(&seqbuf,seqofindef) > 0) {
-               size++;
-               if ((*val)->data == NULL)
-                   (*val)->data = (krb5_data*)malloc(size*sizeof(krb5_data));
-               else
-                   (*val)->data = (krb5_data*)realloc((*val)->data,
-                                                      size*sizeof(krb5_data));
-               if ((*val)->data == NULL) return ENOMEM;
-               retval = asn1_decode_generalstring(&seqbuf,
-                                                  &((*val)->data[size-1].length),
-                                                  &((*val)->data[size-1].data));
-               if (retval) return retval;
-           }
-           (*val)->length = size;
-           end_sequence_of_no_tagvars(&subbuf);
-       }
-       if (indef) {
-           get_eoc();
-       }
-       next_tag();
-       end_structure();
-       (*val)->magic = KV5M_PRINCIPAL;
+        get_field((*val)->type,0,asn1_decode_int32);
+
+        { sequence_of_no_tagvars(&subbuf);
+            while (asn1buf_remains(&seqbuf,seqofindef) > 0) {
+                size++;
+                if ((*val)->data == NULL)
+                    (*val)->data = (krb5_data*)malloc(size*sizeof(krb5_data));
+                else
+                    (*val)->data = (krb5_data*)realloc((*val)->data,
+                                                       size*sizeof(krb5_data));
+                if ((*val)->data == NULL) return ENOMEM;
+                retval = asn1_decode_generalstring(&seqbuf,
+                                                   &((*val)->data[size-1].length),
+                                                   &((*val)->data[size-1].data));
+                if (retval) return retval;
+            }
+            (*val)->length = size;
+            end_sequence_of_no_tagvars(&subbuf);
+        }
+        if (indef) {
+            get_eoc();
+        }
+        next_tag();
+        end_structure();
+        (*val)->magic = KV5M_PRINCIPAL;
     }
     cleanup();
 }
@@ -464,10 +465,10 @@ asn1_error_code asn1_decode_checksum(asn1buf *buf, krb5_checksum *val)
 {
     setup();
     { begin_structure();
-       get_field(val->checksum_type,0,asn1_decode_cksumtype);
-       get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
-       end_structure();
-       val->magic = KV5M_CHECKSUM;
+        get_field(val->checksum_type,0,asn1_decode_cksumtype);
+        get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
+        end_structure();
+        val->magic = KV5M_CHECKSUM;
     }
     cleanup();
 }
@@ -476,10 +477,10 @@ asn1_error_code asn1_decode_encryption_key(asn1buf *buf, krb5_keyblock *val)
 {
     setup();
     { begin_structure();
-       get_field(val->enctype,0,asn1_decode_enctype);
-       get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
-       end_structure();
-       val->magic = KV5M_KEYBLOCK;
+        get_field(val->enctype,0,asn1_decode_enctype);
+        get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
+        end_structure();
+        val->magic = KV5M_KEYBLOCK;
     }
     cleanup();
 }
@@ -488,11 +489,11 @@ asn1_error_code asn1_decode_encrypted_data(asn1buf *buf, krb5_enc_data *val)
 {
     setup();
     { begin_structure();
-       get_field(val->enctype,0,asn1_decode_enctype);
-       opt_field(val->kvno,1,asn1_decode_kvno,0);
-       get_lenfield(val->ciphertext.length,val->ciphertext.data,2,asn1_decode_charstring);
-       end_structure();
-       val->magic = KV5M_ENC_DATA;
+        get_field(val->enctype,0,asn1_decode_enctype);
+        opt_field(val->kvno,1,asn1_decode_kvno,0);
+        get_lenfield(val->ciphertext.length,val->ciphertext.data,2,asn1_decode_charstring);
+        end_structure();
+        val->magic = KV5M_ENC_DATA;
     }
     cleanup();
 }
@@ -509,8 +510,8 @@ asn1_error_code asn1_decode_krb5_flags(asn1buf *buf, krb5_flags *val)
     retval = asn1_get_tag_2(buf, &t);
     if (retval) return retval;
     if (t.asn1class != UNIVERSAL || t.construction != PRIMITIVE ||
-       t.tagnum != ASN1_BITSTRING)
-       return ASN1_BAD_ID;
+        t.tagnum != ASN1_BITSTRING)
+        return ASN1_BAD_ID;
     length = t.length;
 
     retval = asn1buf_remove_octet(buf,&unused); /* # of padding bits */
@@ -521,19 +522,19 @@ asn1_error_code asn1_decode_krb5_flags(asn1buf *buf, krb5_flags *val)
     length--;
 
     for (i = 0; i < length; i++) {
-       retval = asn1buf_remove_octet(buf,&o);
-       if (retval) return retval;
-       /* ignore bits past number 31 */
-       if (i < 4)
-           f = (f<<8) | ((krb5_flags)o&0xFF);
+        retval = asn1buf_remove_octet(buf,&o);
+        if (retval) return retval;
+        /* ignore bits past number 31 */
+        if (i < 4)
+            f = (f<<8) | ((krb5_flags)o&0xFF);
     }
     if (length <= 4) {
-       /* Mask out unused bits, but only if necessary. */
-       f &= ~(krb5_flags)0 << unused;
+        /* Mask out unused bits, but only if necessary. */
+        f &= ~(krb5_flags)0 << unused;
     }
     /* left-justify */
     if (length < 4)
-       f <<= (4 - length) * 8;
+        f <<= (4 - length) * 8;
     *val = f;
     return 0;
 }
@@ -551,10 +552,10 @@ asn1_error_code asn1_decode_transited_encoding(asn1buf *buf, krb5_transited *val
 {
     setup();
     { begin_structure();
-       get_field(val->tr_type,0,asn1_decode_octet);
-       get_lenfield(val->tr_contents.length,val->tr_contents.data,1,asn1_decode_charstring);
-       end_structure();
-       val->magic = KV5M_TRANSITED;
+        get_field(val->tr_type,0,asn1_decode_octet);
+        get_lenfield(val->tr_contents.length,val->tr_contents.data,1,asn1_decode_charstring);
+        end_structure();
+        val->magic = KV5M_TRANSITED;
     }
     cleanup();
 }
@@ -563,23 +564,23 @@ asn1_error_code asn1_decode_enc_kdc_rep_part(asn1buf *buf, krb5_enc_kdc_rep_part
 {
     setup();
     { begin_structure();
-       alloc_field(val->session,krb5_keyblock);
-       get_field(*(val->session),0,asn1_decode_encryption_key);
-       get_field(val->last_req,1,asn1_decode_last_req);
-       get_field(val->nonce,2,asn1_decode_int32);
-       opt_field(val->key_exp,3,asn1_decode_kerberos_time,0);
-       get_field(val->flags,4,asn1_decode_ticket_flags);
-       get_field(val->times.authtime,5,asn1_decode_kerberos_time);
-       /* Set to authtime if missing */
-       opt_field(val->times.starttime,6,asn1_decode_kerberos_time,val->times.authtime);
-       get_field(val->times.endtime,7,asn1_decode_kerberos_time);
-       opt_field(val->times.renew_till,8,asn1_decode_kerberos_time,0);
-       alloc_field(val->server,krb5_principal_data);
-       get_field(val->server,9,asn1_decode_realm);
-       get_field(val->server,10,asn1_decode_principal_name);
-       opt_field(val->caddrs,11,asn1_decode_host_addresses,NULL);
-       end_structure();
-       val->magic = KV5M_ENC_KDC_REP_PART;
+        alloc_field(val->session,krb5_keyblock);
+        get_field(*(val->session),0,asn1_decode_encryption_key);
+        get_field(val->last_req,1,asn1_decode_last_req);
+        get_field(val->nonce,2,asn1_decode_int32);
+        opt_field(val->key_exp,3,asn1_decode_kerberos_time,0);
+        get_field(val->flags,4,asn1_decode_ticket_flags);
+        get_field(val->times.authtime,5,asn1_decode_kerberos_time);
+        /* Set to authtime if missing */
+        opt_field(val->times.starttime,6,asn1_decode_kerberos_time,val->times.authtime);
+        get_field(val->times.endtime,7,asn1_decode_kerberos_time);
+        opt_field(val->times.renew_till,8,asn1_decode_kerberos_time,0);
+        alloc_field(val->server,krb5_principal_data);
+        get_field(val->server,9,asn1_decode_realm);
+        get_field(val->server,10,asn1_decode_principal_name);
+        opt_field(val->caddrs,11,asn1_decode_host_addresses,NULL);
+        end_structure();
+        val->magic = KV5M_ENC_KDC_REP_PART;
     }
     cleanup();
 }
@@ -590,20 +591,20 @@ asn1_error_code asn1_decode_ticket(asn1buf *buf, krb5_ticket *val)
     unsigned int applen;
     apptag(1);
     { begin_structure();
-       { krb5_kvno vno;
-           get_field(vno,0,asn1_decode_kvno);
-           if (vno != KVNO) return KRB5KDC_ERR_BAD_PVNO; }
-       alloc_field(val->server,krb5_principal_data);
-       get_field(val->server,1,asn1_decode_realm);
-       get_field(val->server,2,asn1_decode_principal_name);
-       get_field(val->enc_part,3,asn1_decode_encrypted_data);
-       end_structure();
-       val->magic = KV5M_TICKET;
+        { krb5_kvno vno;
+            get_field(vno,0,asn1_decode_kvno);
+            if (vno != KVNO) return KRB5KDC_ERR_BAD_PVNO; }
+        alloc_field(val->server,krb5_principal_data);
+        get_field(val->server,1,asn1_decode_realm);
+        get_field(val->server,2,asn1_decode_principal_name);
+        get_field(val->enc_part,3,asn1_decode_encrypted_data);
+        end_structure();
+        val->magic = KV5M_TICKET;
     }
     if (!applen) {
-       taginfo t;
-       retval = asn1_get_tag_2(buf, &t);
-       if (retval) return retval;
+        taginfo t;
+        retval = asn1_get_tag_2(buf, &t);
+        if (retval) return retval;
     }
     cleanup();
 }
@@ -612,14 +613,14 @@ asn1_error_code asn1_decode_kdc_req(asn1buf *buf, krb5_kdc_req *val)
 {
     setup();
     { begin_structure();
-       { krb5_kvno kvno;
-           get_field(kvno,1,asn1_decode_kvno);
-           if (kvno != KVNO) return KRB5KDC_ERR_BAD_PVNO; }
-       get_field(val->msg_type,2,asn1_decode_msgtype);
-       opt_field(val->padata,3,asn1_decode_sequence_of_pa_data,NULL);
-       get_field(*val,4,asn1_decode_kdc_req_body);
-       end_structure();
-       val->magic = KV5M_KDC_REQ;
+        { krb5_kvno kvno;
+            get_field(kvno,1,asn1_decode_kvno);
+            if (kvno != KVNO) return KRB5KDC_ERR_BAD_PVNO; }
+        get_field(val->msg_type,2,asn1_decode_msgtype);
+        opt_field(val->padata,3,asn1_decode_sequence_of_pa_data,NULL);
+        get_field(*val,4,asn1_decode_kdc_req_body);
+        end_structure();
+        val->magic = KV5M_KDC_REQ;
     }
     cleanup();
 }
@@ -627,48 +628,48 @@ asn1_error_code asn1_decode_kdc_req(asn1buf *buf, krb5_kdc_req *val)
 asn1_error_code asn1_decode_kdc_req_body(asn1buf *buf, krb5_kdc_req *val)
 {
     setup();
-    { 
-       krb5_principal psave;
-       begin_structure();
-       get_field(val->kdc_options,0,asn1_decode_kdc_options);
-       if (tagnum == 1) { alloc_field(val->client,krb5_principal_data); }
-       opt_field(val->client,1,asn1_decode_principal_name,NULL);
-       alloc_field(val->server,krb5_principal_data);
-       get_field(val->server,2,asn1_decode_realm);
-       if (val->client != NULL) {
-           retval = asn1_krb5_realm_copy(val->client,val->server);
-           if (retval) return retval; }
-
-       /* If opt_field server is missing, memory reference to server is
-          lost and results in memory leak */
-       psave = val->server;
-       opt_field(val->server,3,asn1_decode_principal_name,NULL);
-       if (val->server == NULL) {
-           if (psave->realm.data) {
-               free(psave->realm.data);
-               psave->realm.data = NULL;
-               psave->realm.length=0;
-           }
-           free(psave);
-       }
-       opt_field(val->from,4,asn1_decode_kerberos_time,0);
-       get_field(val->till,5,asn1_decode_kerberos_time);
-       opt_field(val->rtime,6,asn1_decode_kerberos_time,0);
-       get_field(val->nonce,7,asn1_decode_int32);
-       get_lenfield(val->nktypes,val->ktype,8,asn1_decode_sequence_of_enctype);
-       opt_field(val->addresses,9,asn1_decode_host_addresses,0);
-       if (tagnum == 10) {
-           get_field(val->authorization_data,10,asn1_decode_encrypted_data); }
-       else {
-           val->authorization_data.magic = KV5M_ENC_DATA;
-           val->authorization_data.enctype = 0;
-           val->authorization_data.kvno = 0;
-           val->authorization_data.ciphertext.data = NULL;
-           val->authorization_data.ciphertext.length = 0;
-       }
-       opt_field(val->second_ticket,11,asn1_decode_sequence_of_ticket,NULL);
-       end_structure();
-       val->magic = KV5M_KDC_REQ;
+    {
+        krb5_principal psave;
+        begin_structure();
+        get_field(val->kdc_options,0,asn1_decode_kdc_options);
+        if (tagnum == 1) { alloc_field(val->client,krb5_principal_data); }
+        opt_field(val->client,1,asn1_decode_principal_name,NULL);
+        alloc_field(val->server,krb5_principal_data);
+        get_field(val->server,2,asn1_decode_realm);
+        if (val->client != NULL) {
+            retval = asn1_krb5_realm_copy(val->client,val->server);
+            if (retval) return retval; }
+
+        /* If opt_field server is missing, memory reference to server is
+           lost and results in memory leak */
+        psave = val->server;
+        opt_field(val->server,3,asn1_decode_principal_name,NULL);
+        if (val->server == NULL) {
+            if (psave->realm.data) {
+                free(psave->realm.data);
+                psave->realm.data = NULL;
+                psave->realm.length=0;
+            }
+            free(psave);
+        }
+        opt_field(val->from,4,asn1_decode_kerberos_time,0);
+        get_field(val->till,5,asn1_decode_kerberos_time);
+        opt_field(val->rtime,6,asn1_decode_kerberos_time,0);
+        get_field(val->nonce,7,asn1_decode_int32);
+        get_lenfield(val->nktypes,val->ktype,8,asn1_decode_sequence_of_enctype);
+        opt_field(val->addresses,9,asn1_decode_host_addresses,0);
+        if (tagnum == 10) {
+            get_field(val->authorization_data,10,asn1_decode_encrypted_data); }
+        else {
+            val->authorization_data.magic = KV5M_ENC_DATA;
+            val->authorization_data.enctype = 0;
+            val->authorization_data.kvno = 0;
+            val->authorization_data.ciphertext.data = NULL;
+            val->authorization_data.ciphertext.length = 0;
+        }
+        opt_field(val->second_ticket,11,asn1_decode_sequence_of_ticket,NULL);
+        end_structure();
+        val->magic = KV5M_KDC_REQ;
     }
     cleanup();
 }
@@ -677,18 +678,18 @@ asn1_error_code asn1_decode_krb_safe_body(asn1buf *buf, krb5_safe *val)
 {
     setup();
     { begin_structure();
-       get_lenfield(val->user_data.length,val->user_data.data,0,asn1_decode_charstring);
-       opt_field(val->timestamp,1,asn1_decode_kerberos_time,0);
-       opt_field(val->usec,2,asn1_decode_int32,0);
-       opt_field(val->seq_number,3,asn1_decode_seqnum,0);
-       alloc_field(val->s_address,krb5_address);
-       get_field(*(val->s_address),4,asn1_decode_host_address);
-       if (tagnum == 5) {
-           alloc_field(val->r_address,krb5_address);
-           get_field(*(val->r_address),5,asn1_decode_host_address);
-       } else val->r_address = NULL;
-       end_structure();
-       val->magic = KV5M_SAFE;
+        get_lenfield(val->user_data.length,val->user_data.data,0,asn1_decode_charstring);
+        opt_field(val->timestamp,1,asn1_decode_kerberos_time,0);
+        opt_field(val->usec,2,asn1_decode_int32,0);
+        opt_field(val->seq_number,3,asn1_decode_seqnum,0);
+        alloc_field(val->s_address,krb5_address);
+        get_field(*(val->s_address),4,asn1_decode_host_address);
+        if (tagnum == 5) {
+            alloc_field(val->r_address,krb5_address);
+            get_field(*(val->r_address),5,asn1_decode_host_address);
+        } else val->r_address = NULL;
+        end_structure();
+        val->magic = KV5M_SAFE;
     }
     cleanup();
 }
@@ -697,10 +698,10 @@ asn1_error_code asn1_decode_host_address(asn1buf *buf, krb5_address *val)
 {
     setup();
     { begin_structure();
-       get_field(val->addrtype,0,asn1_decode_addrtype);
-       get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
-       end_structure();
-       val->magic = KV5M_ADDRESS;
+        get_field(val->addrtype,0,asn1_decode_addrtype);
+        get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
+        end_structure();
+        val->magic = KV5M_ADDRESS;
     }
     cleanup();
 }
@@ -709,19 +710,19 @@ asn1_error_code asn1_decode_kdc_rep(asn1buf *buf, krb5_kdc_rep *val)
 {
     setup();
     { begin_structure();
-       { krb5_kvno pvno;
-           get_field(pvno,0,asn1_decode_kvno);
-           if (pvno != KVNO) return KRB5KDC_ERR_BAD_PVNO; }
-       get_field(val->msg_type,1,asn1_decode_msgtype);
-       opt_field(val->padata,2,asn1_decode_sequence_of_pa_data,NULL);
-       alloc_field(val->client,krb5_principal_data);
-       get_field(val->client,3,asn1_decode_realm);
-       get_field(val->client,4,asn1_decode_principal_name);
-       alloc_field(val->ticket,krb5_ticket);
-       get_field(*(val->ticket),5,asn1_decode_ticket);
-       get_field(val->enc_part,6,asn1_decode_encrypted_data);
-       end_structure();
-       val->magic = KV5M_KDC_REP;
+        { krb5_kvno pvno;
+            get_field(pvno,0,asn1_decode_kvno);
+            if (pvno != KVNO) return KRB5KDC_ERR_BAD_PVNO; }
+        get_field(val->msg_type,1,asn1_decode_msgtype);
+        opt_field(val->padata,2,asn1_decode_sequence_of_pa_data,NULL);
+        alloc_field(val->client,krb5_principal_data);
+        get_field(val->client,3,asn1_decode_realm);
+        get_field(val->client,4,asn1_decode_principal_name);
+        alloc_field(val->ticket,krb5_ticket);
+        get_field(*(val->ticket),5,asn1_decode_ticket);
+        get_field(val->enc_part,6,asn1_decode_encrypted_data);
+        end_structure();
+        val->magic = KV5M_KDC_REP;
     }
     cleanup();
 }
@@ -731,7 +732,7 @@ asn1_error_code asn1_decode_kdc_rep(asn1buf *buf, krb5_kdc_rep *val)
 #define get_element(element,decoder)\
 retval = decoder(&seqbuf,element);\
 if (retval) return retval
-     
+
 static void *
 array_expand (void *array, int n_elts, size_t elt_size)
 {
@@ -739,14 +740,14 @@ array_expand (void *array, int n_elts, size_t elt_size)
     size_t new_size;
 
     if (n_elts <= 0)
-       return NULL;
+        return NULL;
     if (n_elts > SIZE_MAX / elt_size)
-       return NULL;
+        return NULL;
     new_size = n_elts * elt_size;
     if (new_size == 0)
-       return NULL;
+        return NULL;
     if (new_size / elt_size != n_elts)
-       return NULL;
+        return NULL;
     new_array = realloc(array, new_size);
     return new_array;
 }
@@ -768,7 +769,7 @@ if (*(array) == NULL) return ENOMEM;\
       array_append(val,size,elt,type);\
     }\
     if (*val == NULL)\
-       *val = (type **)malloc(sizeof(type*));\
+        *val = (type **)malloc(sizeof(type*));\
     (*val)[size] = NULL;\
     end_sequence_of(buf);\
   }\
@@ -784,10 +785,10 @@ asn1_error_code asn1_decode_authdata_elt(asn1buf *buf, krb5_authdata *val)
 {
     setup();
     { begin_structure();
-       get_field(val->ad_type,0,asn1_decode_authdatatype);
-       get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
-       end_structure();
-       val->magic = KV5M_AUTHDATA;
+        get_field(val->ad_type,0,asn1_decode_authdatatype);
+        get_lenfield(val->length,val->contents,1,asn1_decode_octetstring);
+        end_structure();
+        val->magic = KV5M_AUTHDATA;
     }
     cleanup();
 }
@@ -811,24 +812,24 @@ asn1_error_code asn1_decode_krb_cred_info(asn1buf *buf, krb5_cred_info *val)
 {
     setup();
     { begin_structure();
-       alloc_field(val->session,krb5_keyblock);
-       get_field(*(val->session),0,asn1_decode_encryption_key);
-       if (tagnum == 1) {
-           alloc_field(val->client,krb5_principal_data);
-           opt_field(val->client,1,asn1_decode_realm,NULL);
-           opt_field(val->client,2,asn1_decode_principal_name,NULL); }
-       opt_field(val->flags,3,asn1_decode_ticket_flags,0);
-       opt_field(val->times.authtime,4,asn1_decode_kerberos_time,0);
-       opt_field(val->times.starttime,5,asn1_decode_kerberos_time,0);
-       opt_field(val->times.endtime,6,asn1_decode_kerberos_time,0);
-       opt_field(val->times.renew_till,7,asn1_decode_kerberos_time,0);
-       if (tagnum == 8) {
-           alloc_field(val->server,krb5_principal_data);
-           opt_field(val->server,8,asn1_decode_realm,NULL);
-           opt_field(val->server,9,asn1_decode_principal_name,NULL); }
-       opt_field(val->caddrs,10,asn1_decode_host_addresses,NULL);
-       end_structure();
-       val->magic = KV5M_CRED_INFO;
+        alloc_field(val->session,krb5_keyblock);
+        get_field(*(val->session),0,asn1_decode_encryption_key);
+        if (tagnum == 1) {
+            alloc_field(val->client,krb5_principal_data);
+            opt_field(val->client,1,asn1_decode_realm,NULL);
+            opt_field(val->client,2,asn1_decode_principal_name,NULL); }
+        opt_field(val->flags,3,asn1_decode_ticket_flags,0);
+        opt_field(val->times.authtime,4,asn1_decode_kerberos_time,0);
+        opt_field(val->times.starttime,5,asn1_decode_kerberos_time,0);
+        opt_field(val->times.endtime,6,asn1_decode_kerberos_time,0);
+        opt_field(val->times.renew_till,7,asn1_decode_kerberos_time,0);
+        if (tagnum == 8) {
+            alloc_field(val->server,krb5_principal_data);
+            opt_field(val->server,8,asn1_decode_realm,NULL);
+            opt_field(val->server,9,asn1_decode_principal_name,NULL); }
+        opt_field(val->caddrs,10,asn1_decode_host_addresses,NULL);
+        end_structure();
+        val->magic = KV5M_CRED_INFO;
     }
     cleanup();
 }
@@ -842,10 +843,10 @@ asn1_error_code asn1_decode_pa_data(asn1buf *buf, krb5_pa_data *val)
 {
     setup();
     { begin_structure();
-       get_field(val->pa_type,1,asn1_decode_int32);
-       get_lenfield(val->length,val->contents,2,asn1_decode_octetstring);
-       end_structure();
-       val->magic = KV5M_PA_DATA;
+        get_field(val->pa_type,1,asn1_decode_int32);
+        get_lenfield(val->length,val->contents,2,asn1_decode_octetstring);
+        end_structure();
+        val->magic = KV5M_PA_DATA;
     }
     cleanup();
 }
@@ -859,14 +860,14 @@ asn1_error_code asn1_decode_last_req_entry(asn1buf *buf, krb5_last_req_entry *va
 {
     setup();
     { begin_structure();
-       get_field(val->lr_type,0,asn1_decode_int32);
-       get_field(val->value,1,asn1_decode_kerberos_time);
-       end_structure();
-       val->magic = KV5M_LAST_REQ_ENTRY;
+        get_field(val->lr_type,0,asn1_decode_int32);
+        get_field(val->value,1,asn1_decode_kerberos_time);
+        end_structure();
+        val->magic = KV5M_LAST_REQ_ENTRY;
 #ifdef KRB5_GENEROUS_LR_TYPE
-       /* If we are only a single byte wide and negative - fill in the
-          other bits */
-       if ((val->lr_type & 0xffffff80U) == 0x80) val->lr_type |= 0xffffff00U;
+        /* If we are only a single byte wide and negative - fill in the
+           other bits */
+        if ((val->lr_type & 0xffffff80U) == 0x80) val->lr_type |= 0xffffff00U;
 #endif
     }
     cleanup();
@@ -876,18 +877,18 @@ asn1_error_code asn1_decode_sequence_of_enctype(asn1buf *buf, int *num, krb5_enc
 {
     asn1_error_code retval;
     { sequence_of(buf);
-       while (asn1buf_remains(&seqbuf,seqofindef) > 0) {
-           size++;
-           if (*val == NULL)
-               *val = (krb5_enctype*)malloc(size*sizeof(krb5_enctype));
-           else
-               *val = (krb5_enctype*)realloc(*val,size*sizeof(krb5_enctype));
-           if (*val == NULL) return ENOMEM;
-           retval = asn1_decode_enctype(&seqbuf,&((*val)[size-1]));
-           if (retval) return retval;
-       }
-       *num = size;
-       end_sequence_of(buf);
+        while (asn1buf_remains(&seqbuf,seqofindef) > 0) {
+            size++;
+            if (*val == NULL)
+                *val = (krb5_enctype*)malloc(size*sizeof(krb5_enctype));
+            else
+                *val = (krb5_enctype*)realloc(*val,size*sizeof(krb5_enctype));
+            if (*val == NULL) return ENOMEM;
+            retval = asn1_decode_enctype(&seqbuf,&((*val)[size-1]));
+            if (retval) return retval;
+        }
+        *num = size;
+        end_sequence_of(buf);
     }
     cleanup();
 }
@@ -901,26 +902,26 @@ static asn1_error_code asn1_decode_etype_info2_entry(asn1buf *buf, krb5_etype_in
 {
     setup();
     { begin_structure();
-       get_field(val->etype,0,asn1_decode_enctype);
-       if (tagnum == 1) {
-           char *salt;
-           get_lenfield(val->length,salt,1,asn1_decode_generalstring);
-           val->salt = (krb5_octet *) salt;
-       } else {
-           val->length = KRB5_ETYPE_NO_SALT;
-           val->salt = 0;
-       }
-       if ( tagnum ==2) {
-           krb5_octet *params ;
-           get_lenfield( val->s2kparams.length, params,
-                         2, asn1_decode_octetstring);
-           val->s2kparams.data = ( char *) params;
-       } else {
-           val->s2kparams.data = NULL;
-           val->s2kparams.length = 0;
-       }
-       end_structure();
-       val->magic = KV5M_ETYPE_INFO_ENTRY;
+        get_field(val->etype,0,asn1_decode_enctype);
+        if (tagnum == 1) {
+            char *salt;
+            get_lenfield(val->length,salt,1,asn1_decode_generalstring);
+            val->salt = (krb5_octet *) salt;
+        } else {
+            val->length = KRB5_ETYPE_NO_SALT;
+            val->salt = 0;
+        }
+        if ( tagnum ==2) {
+            krb5_octet *params ;
+            get_lenfield( val->s2kparams.length, params,
+                          2, asn1_decode_octetstring);
+            val->s2kparams.data = ( char *) params;
+        } else {
+            val->s2kparams.data = NULL;
+            val->s2kparams.length = 0;
+        }
+        end_structure();
+        val->magic = KV5M_ETYPE_INFO_ENTRY;
     }
     cleanup();
 }
@@ -929,24 +930,24 @@ static asn1_error_code asn1_decode_etype_info2_entry_1_3(asn1buf *buf, krb5_etyp
 {
     setup();
     { begin_structure();
-       get_field(val->etype,0,asn1_decode_enctype);
-       if (tagnum == 1) {
-           get_lenfield(val->length,val->salt,1,asn1_decode_octetstring);
-       } else {
-           val->length = KRB5_ETYPE_NO_SALT;
-           val->salt = 0;
-       }
-       if ( tagnum ==2) {
-           krb5_octet *params ;
-           get_lenfield( val->s2kparams.length, params,
-                         2, asn1_decode_octetstring);
-           val->s2kparams.data = ( char *) params;
-       } else {
-           val->s2kparams.data = NULL;
-           val->s2kparams.length = 0;
-       }
-       end_structure();
-       val->magic = KV5M_ETYPE_INFO_ENTRY;
+        get_field(val->etype,0,asn1_decode_enctype);
+        if (tagnum == 1) {
+            get_lenfield(val->length,val->salt,1,asn1_decode_octetstring);
+        } else {
+            val->length = KRB5_ETYPE_NO_SALT;
+            val->salt = 0;
+        }
+        if ( tagnum ==2) {
+            krb5_octet *params ;
+            get_lenfield( val->s2kparams.length, params,
+                          2, asn1_decode_octetstring);
+            val->s2kparams.data = ( char *) params;
+        } else {
+            val->s2kparams.data = NULL;
+            val->s2kparams.length = 0;
+        }
+        end_structure();
+        val->magic = KV5M_ETYPE_INFO_ENTRY;
     }
     cleanup();
 }
@@ -956,18 +957,18 @@ static asn1_error_code asn1_decode_etype_info_entry(asn1buf *buf, krb5_etype_inf
 {
     setup();
     { begin_structure();
-       get_field(val->etype,0,asn1_decode_enctype);
-       if (tagnum == 1) {
-           get_lenfield(val->length,val->salt,1,asn1_decode_octetstring);
-       } else {
-           val->length = KRB5_ETYPE_NO_SALT;
-           val->salt = 0;
-       }
-       val->s2kparams.data = NULL;
-       val->s2kparams.length = 0;
-    
-       end_structure();
-       val->magic = KV5M_ETYPE_INFO_ENTRY;
+        get_field(val->etype,0,asn1_decode_enctype);
+        if (tagnum == 1) {
+            get_lenfield(val->length,val->salt,1,asn1_decode_octetstring);
+        } else {
+            val->length = KRB5_ETYPE_NO_SALT;
+            val->salt = 0;
+        }
+        val->s2kparams.data = NULL;
+        val->s2kparams.length = 0;
+
+        end_structure();
+        val->magic = KV5M_ETYPE_INFO_ENTRY;
     }
     cleanup();
 }
@@ -978,14 +979,14 @@ asn1_error_code asn1_decode_etype_info(asn1buf *buf, krb5_etype_info_entry ***va
 }
 
 asn1_error_code asn1_decode_etype_info2(asn1buf *buf, krb5_etype_info_entry ***val ,
-                                       krb5_boolean v1_3_behavior)
+                                        krb5_boolean v1_3_behavior)
 {
     if (v1_3_behavior) {
-       decode_array_body(krb5_etype_info_entry,
-                         asn1_decode_etype_info2_entry_1_3);
+        decode_array_body(krb5_etype_info_entry,
+                          asn1_decode_etype_info2_entry_1_3);
     } else {
-       decode_array_body(krb5_etype_info_entry,
-                         asn1_decode_etype_info2_entry);
+        decode_array_body(krb5_etype_info_entry,
+                          asn1_decode_etype_info2_entry);
     }
 }
 
@@ -993,16 +994,16 @@ asn1_error_code asn1_decode_passwdsequence(asn1buf *buf, passwd_phrase_element *
 {
     setup();
     { begin_structure();
-       alloc_field(val->passwd,krb5_data);
-       get_lenfield(val->passwd->length,val->passwd->data,
-                    0,asn1_decode_charstring);
-       val->passwd->magic = KV5M_DATA;
-       alloc_field(val->phrase,krb5_data);
-       get_lenfield(val->phrase->length,val->phrase->data,
-                    1,asn1_decode_charstring);
-       val->phrase->magic = KV5M_DATA;
-       end_structure();
-       val->magic = KV5M_PASSWD_PHRASE_ELEMENT;
+        alloc_field(val->passwd,krb5_data);
+        get_lenfield(val->passwd->length,val->passwd->data,
+                     0,asn1_decode_charstring);
+        val->passwd->magic = KV5M_DATA;
+        alloc_field(val->phrase,krb5_data);
+        get_lenfield(val->phrase->length,val->phrase->data,
+                     1,asn1_decode_charstring);
+        val->phrase->magic = KV5M_DATA;
+        end_structure();
+        val->magic = KV5M_PASSWD_PHRASE_ELEMENT;
     }
     cleanup();
 }
@@ -1025,18 +1026,18 @@ asn1_error_code asn1_decode_sam_challenge(asn1buf *buf, krb5_sam_challenge *val)
 {
     setup();
     { begin_structure();
-       get_field(val->sam_type,0,asn1_decode_int32);
-       get_field(val->sam_flags,1,asn1_decode_sam_flags);
-       opt_string(val->sam_type_name,2,asn1_decode_charstring);
-       opt_string(val->sam_track_id,3,asn1_decode_charstring);
-       opt_string(val->sam_challenge_label,4,asn1_decode_charstring);
-       opt_string(val->sam_challenge,5,asn1_decode_charstring);
-       opt_string(val->sam_response_prompt,6,asn1_decode_charstring);
-       opt_string(val->sam_pk_for_sad,7,asn1_decode_charstring);
-       opt_field(val->sam_nonce,8,asn1_decode_int32,0);
-       opt_cksum(val->sam_cksum,9,asn1_decode_checksum);
-       end_structure();
-       val->magic = KV5M_SAM_CHALLENGE;
+        get_field(val->sam_type,0,asn1_decode_int32);
+        get_field(val->sam_flags,1,asn1_decode_sam_flags);
+        opt_string(val->sam_type_name,2,asn1_decode_charstring);
+        opt_string(val->sam_track_id,3,asn1_decode_charstring);
+        opt_string(val->sam_challenge_label,4,asn1_decode_charstring);
+        opt_string(val->sam_challenge,5,asn1_decode_charstring);
+        opt_string(val->sam_response_prompt,6,asn1_decode_charstring);
+        opt_string(val->sam_pk_for_sad,7,asn1_decode_charstring);
+        opt_field(val->sam_nonce,8,asn1_decode_int32,0);
+        opt_cksum(val->sam_cksum,9,asn1_decode_checksum);
+        end_structure();
+        val->magic = KV5M_SAM_CHALLENGE;
     }
     cleanup();
 }
@@ -1044,25 +1045,25 @@ asn1_error_code asn1_decode_sam_challenge_2(asn1buf *buf, krb5_sam_challenge_2 *
 {
     setup();
     { char *save, *end;
-       size_t alloclen;
-       begin_structure();
-       if (tagnum != 0) return ASN1_MISSING_FIELD;
-       if (asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED) 
-           return ASN1_BAD_ID;
-       save = subbuf.next;
-       { sequence_of_no_tagvars(&subbuf);
-           unused_var(size);
-           end_sequence_of_no_tagvars(&subbuf);
-       }
-       end = subbuf.next;
-       alloclen = end - save;
-       if ((val->sam_challenge_2_body.data = (char *) malloc(alloclen)) == NULL)
-           return ENOMEM;
-       val->sam_challenge_2_body.length = alloclen;
-       memcpy(val->sam_challenge_2_body.data, save, alloclen);
-       next_tag();
-       get_field(val->sam_cksum, 1, asn1_decode_sequence_of_checksum);
-       end_structure();
+        size_t alloclen;
+        begin_structure();
+        if (tagnum != 0) return ASN1_MISSING_FIELD;
+        if (asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)
+            return ASN1_BAD_ID;
+        save = subbuf.next;
+        { sequence_of_no_tagvars(&subbuf);
+            unused_var(size);
+            end_sequence_of_no_tagvars(&subbuf);
+        }
+        end = subbuf.next;
+        alloclen = end - save;
+        if ((val->sam_challenge_2_body.data = (char *) malloc(alloclen)) == NULL)
+            return ENOMEM;
+        val->sam_challenge_2_body.length = alloclen;
+        memcpy(val->sam_challenge_2_body.data, save, alloclen);
+        next_tag();
+        get_field(val->sam_cksum, 1, asn1_decode_sequence_of_checksum);
+        end_structure();
     }
     cleanup();
 }
@@ -1070,18 +1071,18 @@ asn1_error_code asn1_decode_sam_challenge_2_body(asn1buf *buf, krb5_sam_challeng
 {
     setup();
     { begin_structure();
-       get_field(val->sam_type,0,asn1_decode_int32);
-       get_field(val->sam_flags,1,asn1_decode_sam_flags);
-       opt_string(val->sam_type_name,2,asn1_decode_charstring);
-       opt_string(val->sam_track_id,3,asn1_decode_charstring);
-       opt_string(val->sam_challenge_label,4,asn1_decode_charstring);
-       opt_string(val->sam_challenge,5,asn1_decode_charstring);
-       opt_string(val->sam_response_prompt,6,asn1_decode_charstring);
-       opt_string(val->sam_pk_for_sad,7,asn1_decode_charstring);
-       get_field(val->sam_nonce,8,asn1_decode_int32);
-       get_field(val->sam_etype, 9, asn1_decode_int32);
-       end_structure();
-       val->magic = KV5M_SAM_CHALLENGE;
+        get_field(val->sam_type,0,asn1_decode_int32);
+        get_field(val->sam_flags,1,asn1_decode_sam_flags);
+        opt_string(val->sam_type_name,2,asn1_decode_charstring);
+        opt_string(val->sam_track_id,3,asn1_decode_charstring);
+        opt_string(val->sam_challenge_label,4,asn1_decode_charstring);
+        opt_string(val->sam_challenge,5,asn1_decode_charstring);
+        opt_string(val->sam_response_prompt,6,asn1_decode_charstring);
+        opt_string(val->sam_pk_for_sad,7,asn1_decode_charstring);
+        get_field(val->sam_nonce,8,asn1_decode_int32);
+        get_field(val->sam_etype, 9, asn1_decode_int32);
+        end_structure();
+        val->magic = KV5M_SAM_CHALLENGE;
     }
     cleanup();
 }
@@ -1089,10 +1090,10 @@ asn1_error_code asn1_decode_enc_sam_key(asn1buf *buf, krb5_sam_key *val)
 {
     setup();
     { begin_structure();
-       /* alloc_field(val->sam_key,krb5_keyblock); */
-       get_field(val->sam_key,0,asn1_decode_encryption_key);
-       end_structure();
-       val->magic = KV5M_SAM_KEY;
+        /* alloc_field(val->sam_key,krb5_keyblock); */
+        get_field(val->sam_key,0,asn1_decode_encryption_key);
+        end_structure();
+        val->magic = KV5M_SAM_KEY;
     }
     cleanup();
 }
@@ -1101,12 +1102,12 @@ asn1_error_code asn1_decode_enc_sam_response_enc(asn1buf *buf, krb5_enc_sam_resp
 {
     setup();
     { begin_structure();
-       opt_field(val->sam_nonce,0,asn1_decode_int32,0);
-       opt_field(val->sam_timestamp,1,asn1_decode_kerberos_time,0);
-       opt_field(val->sam_usec,2,asn1_decode_int32,0);
-       opt_string(val->sam_sad,3,asn1_decode_charstring);
-       end_structure();
-       val->magic = KV5M_ENC_SAM_RESPONSE_ENC;
+        opt_field(val->sam_nonce,0,asn1_decode_int32,0);
+        opt_field(val->sam_timestamp,1,asn1_decode_kerberos_time,0);
+        opt_field(val->sam_usec,2,asn1_decode_int32,0);
+        opt_string(val->sam_sad,3,asn1_decode_charstring);
+        end_structure();
+        val->magic = KV5M_ENC_SAM_RESPONSE_ENC;
     }
     cleanup();
 }
@@ -1115,10 +1116,10 @@ asn1_error_code asn1_decode_enc_sam_response_enc_2(asn1buf *buf, krb5_enc_sam_re
 {
     setup();
     { begin_structure();
-       get_field(val->sam_nonce,0,asn1_decode_int32);
-       opt_string(val->sam_sad,1,asn1_decode_charstring);
-       end_structure();
-       val->magic = KV5M_ENC_SAM_RESPONSE_ENC_2;
+        get_field(val->sam_nonce,0,asn1_decode_int32);
+        opt_string(val->sam_sad,1,asn1_decode_charstring);
+        end_structure();
+        val->magic = KV5M_ENC_SAM_RESPONSE_ENC_2;
     }
     cleanup();
 }
@@ -1138,15 +1139,15 @@ asn1_error_code asn1_decode_sam_response(asn1buf *buf, krb5_sam_response *val)
 {
     setup();
     { begin_structure();
-       get_field(val->sam_type,0,asn1_decode_int32);
-       get_field(val->sam_flags,1,asn1_decode_sam_flags);
-       opt_string(val->sam_track_id,2,asn1_decode_charstring);
-       opt_encfield(val->sam_enc_key,3,asn1_decode_encrypted_data);
-       get_field(val->sam_enc_nonce_or_ts,4,asn1_decode_encrypted_data);
-       opt_field(val->sam_nonce,5,asn1_decode_int32,0);
-       opt_field(val->sam_patimestamp,6,asn1_decode_kerberos_time,0);
-       end_structure();
-       val->magic = KV5M_SAM_RESPONSE;
+        get_field(val->sam_type,0,asn1_decode_int32);
+        get_field(val->sam_flags,1,asn1_decode_sam_flags);
+        opt_string(val->sam_track_id,2,asn1_decode_charstring);
+        opt_encfield(val->sam_enc_key,3,asn1_decode_encrypted_data);
+        get_field(val->sam_enc_nonce_or_ts,4,asn1_decode_encrypted_data);
+        opt_field(val->sam_nonce,5,asn1_decode_int32,0);
+        opt_field(val->sam_patimestamp,6,asn1_decode_kerberos_time,0);
+        end_structure();
+        val->magic = KV5M_SAM_RESPONSE;
     }
     cleanup();
 }
@@ -1155,13 +1156,13 @@ asn1_error_code asn1_decode_sam_response_2(asn1buf *buf, krb5_sam_response_2 *va
 {
     setup();
     { begin_structure();
-       get_field(val->sam_type,0,asn1_decode_int32);
-       get_field(val->sam_flags,1,asn1_decode_sam_flags);
-       opt_string(val->sam_track_id,2,asn1_decode_charstring);
-       get_field(val->sam_enc_nonce_or_sad,3,asn1_decode_encrypted_data);
-       get_field(val->sam_nonce,4,asn1_decode_int32);
-       end_structure();
-       val->magic = KV5M_SAM_RESPONSE;
+        get_field(val->sam_type,0,asn1_decode_int32);
+        get_field(val->sam_flags,1,asn1_decode_sam_flags);
+        opt_string(val->sam_track_id,2,asn1_decode_charstring);
+        get_field(val->sam_enc_nonce_or_sad,3,asn1_decode_encrypted_data);
+        get_field(val->sam_nonce,4,asn1_decode_int32);
+        end_structure();
+        val->magic = KV5M_SAM_RESPONSE;
     }
     cleanup();
 }
@@ -1171,16 +1172,16 @@ asn1_error_code asn1_decode_predicted_sam_response(asn1buf *buf, krb5_predicted_
 {
     setup();
     { begin_structure();
-       get_field(val->sam_key,0,asn1_decode_encryption_key);
-       get_field(val->sam_flags,1,asn1_decode_sam_flags);
-       get_field(val->stime,2,asn1_decode_kerberos_time);
-       get_field(val->susec,3,asn1_decode_int32);
-       alloc_field(val->client,krb5_principal_data);
-       get_field(val->client,4,asn1_decode_realm);
-       get_field(val->client,5,asn1_decode_principal_name);
-       opt_string(val->msd,6,asn1_decode_charstring); /* should be octet */
-       end_structure();
-       val->magic = KV5M_PREDICTED_SAM_RESPONSE;
+        get_field(val->sam_key,0,asn1_decode_encryption_key);
+        get_field(val->sam_flags,1,asn1_decode_sam_flags);
+        get_field(val->stime,2,asn1_decode_kerberos_time);
+        get_field(val->susec,3,asn1_decode_int32);
+        alloc_field(val->client,krb5_principal_data);
+        get_field(val->client,4,asn1_decode_realm);
+        get_field(val->client,5,asn1_decode_principal_name);
+        opt_string(val->msd,6,asn1_decode_charstring); /* should be octet */
+        end_structure();
+        val->magic = KV5M_PREDICTED_SAM_RESPONSE;
     }
     cleanup();
 }
@@ -1192,11 +1193,11 @@ asn1_error_code asn1_decode_external_principal_identifier(asn1buf *buf, krb5_ext
 {
     setup();
     {
-       begin_structure();
-       opt_implicit_octet_string(val->subjectName.length, val->subjectName.data, 0);
-       opt_implicit_octet_string(val->issuerAndSerialNumber.length, val->issuerAndSerialNumber.data, 1);
-       opt_implicit_octet_string(val->subjectKeyIdentifier.length, val->subjectKeyIdentifier.data, 2);
-       end_structure();
+        begin_structure();
+        opt_implicit_octet_string(val->subjectName.length, val->subjectName.data, 0);
+        opt_implicit_octet_string(val->issuerAndSerialNumber.length, val->issuerAndSerialNumber.data, 1);
+        opt_implicit_octet_string(val->subjectKeyIdentifier.length, val->subjectKeyIdentifier.data, 2);
+        end_structure();
     }
     cleanup();
 }
@@ -1210,60 +1211,60 @@ asn1_error_code asn1_decode_pa_pk_as_req(asn1buf *buf, krb5_pa_pk_as_req *val)
 {
     setup();
     {
-       begin_structure();
-       get_implicit_octet_string(val->signedAuthPack.length, val->signedAuthPack.data, 0);
-       opt_field(val->trustedCertifiers, 1, asn1_decode_sequence_of_external_principal_identifier, NULL);
-       opt_implicit_octet_string(val->kdcPkId.length, val->kdcPkId.data, 2);
-       end_structure();
+        begin_structure();
+        get_implicit_octet_string(val->signedAuthPack.length, val->signedAuthPack.data, 0);
+        opt_field(val->trustedCertifiers, 1, asn1_decode_sequence_of_external_principal_identifier, NULL);
+        opt_implicit_octet_string(val->kdcPkId.length, val->kdcPkId.data, 2);
+        end_structure();
     }
     cleanup();
 }
 
-#if 0  /* XXX   This needs to be tested!!! XXX */
+#if 0   /* XXX   This needs to be tested!!! XXX */
 asn1_error_code asn1_decode_trusted_ca(asn1buf *buf, krb5_trusted_ca *val)
 {
     setup();
-    { 
-       char *start, *end;
-       size_t alloclen;
-
-       begin_explicit_choice();
-       if (t.tagnum == choice_trusted_cas_principalName) {
-           val->choice = choice_trusted_cas_principalName;
-       } else if (t.tagnum == choice_trusted_cas_caName) {
-           val->choice = choice_trusted_cas_caName;
-           start = subbuf.next;
-           {
-               sequence_of_no_tagvars(&subbuf);
-               unused_var(size);
-               end_sequence_of_no_tagvars(&subbuf);
-           }
-           end = subbuf.next;
-           alloclen = end - start;
-           val->u.caName.data = malloc(alloclen);
-           if (val->u.caName.data == NULL)
-               return ENOMEM;
-           memcpy(val->u.caName.data, start, alloclen);
-           val->u.caName.length = alloclen;
-           next_tag();
-       } else if (t.tagnum == choice_trusted_cas_issuerAndSerial) {
-           val->choice = choice_trusted_cas_issuerAndSerial;
-           start = subbuf.next;
-           {
-               sequence_of_no_tagvars(&subbuf);
-               unused_var(size);
-               end_sequence_of_no_tagvars(&subbuf);
-           }
-           end = subbuf.next;
-           alloclen = end - start;
-           val->u.issuerAndSerial.data = malloc(alloclen);
-           if (val->u.issuerAndSerial.data == NULL)
-               return ENOMEM;
-           memcpy(val->u.issuerAndSerial.data, start, alloclen);
-           val->u.issuerAndSerial.length = alloclen;
-           next_tag();
-       } else return ASN1_BAD_ID;
-       end_explicit_choice();
+    {
+        char *start, *end;
+        size_t alloclen;
+
+        begin_explicit_choice();
+        if (t.tagnum == choice_trusted_cas_principalName) {
+            val->choice = choice_trusted_cas_principalName;
+        } else if (t.tagnum == choice_trusted_cas_caName) {
+            val->choice = choice_trusted_cas_caName;
+            start = subbuf.next;
+            {
+                sequence_of_no_tagvars(&subbuf);
+                unused_var(size);
+                end_sequence_of_no_tagvars(&subbuf);
+            }
+            end = subbuf.next;
+            alloclen = end - start;
+            val->u.caName.data = malloc(alloclen);
+            if (val->u.caName.data == NULL)
+                return ENOMEM;
+            memcpy(val->u.caName.data, start, alloclen);
+            val->u.caName.length = alloclen;
+            next_tag();
+        } else if (t.tagnum == choice_trusted_cas_issuerAndSerial) {
+            val->choice = choice_trusted_cas_issuerAndSerial;
+            start = subbuf.next;
+            {
+                sequence_of_no_tagvars(&subbuf);
+                unused_var(size);
+                end_sequence_of_no_tagvars(&subbuf);
+            }
+            end = subbuf.next;
+            alloclen = end - start;
+            val->u.issuerAndSerial.data = malloc(alloclen);
+            if (val->u.issuerAndSerial.data == NULL)
+                return ENOMEM;
+            memcpy(val->u.issuerAndSerial.data, start, alloclen);
+            val->u.issuerAndSerial.length = alloclen;
+            next_tag();
+        } else return ASN1_BAD_ID;
+        end_explicit_choice();
     }
     cleanup();
 }
@@ -1272,18 +1273,18 @@ asn1_error_code asn1_decode_trusted_ca(asn1buf *buf, krb5_trusted_ca *val)
 {
     setup();
     { begin_choice();
-       if (tagnum == choice_trusted_cas_principalName) {
-           val->choice = choice_trusted_cas_principalName;
-           asn1_decode_krb5_principal_name(&subbuf, &(val->u.principalName));
-       } else if (tagnum == choice_trusted_cas_caName) {
-           val->choice = choice_trusted_cas_caName;
-           get_implicit_octet_string(val->u.caName.length, val->u.caName.data, choice_trusted_cas_caName);
-       } else if (tagnum == choice_trusted_cas_issuerAndSerial) {
-           val->choice = choice_trusted_cas_issuerAndSerial;
-           get_implicit_octet_string(val->u.issuerAndSerial.length, val->u.issuerAndSerial.data,
-                                     choice_trusted_cas_issuerAndSerial);
-       } else return ASN1_BAD_ID;
-       end_choice();
+        if (tagnum == choice_trusted_cas_principalName) {
+            val->choice = choice_trusted_cas_principalName;
+            asn1_decode_krb5_principal_name(&subbuf, &(val->u.principalName));
+        } else if (tagnum == choice_trusted_cas_caName) {
+            val->choice = choice_trusted_cas_caName;
+            get_implicit_octet_string(val->u.caName.length, val->u.caName.data, choice_trusted_cas_caName);
+        } else if (tagnum == choice_trusted_cas_issuerAndSerial) {
+            val->choice = choice_trusted_cas_issuerAndSerial;
+            get_implicit_octet_string(val->u.issuerAndSerial.length, val->u.issuerAndSerial.data,
+                                      choice_trusted_cas_issuerAndSerial);
+        } else return ASN1_BAD_ID;
+        end_choice();
     }
     cleanup();
 }
@@ -1298,11 +1299,11 @@ asn1_error_code asn1_decode_pa_pk_as_req_draft9(asn1buf *buf, krb5_pa_pk_as_req_
 {
     setup();
     { begin_structure();
-       get_implicit_octet_string(val->signedAuthPack.length, val->signedAuthPack.data, 0);
-       opt_field(val->trustedCertifiers, 1, asn1_decode_sequence_of_trusted_ca, NULL);
-       opt_lenfield(val->kdcCert.length, val->kdcCert.data, 2, asn1_decode_octetstring);
-       opt_lenfield(val->encryptionCert.length, val->encryptionCert.data, 2, asn1_decode_octetstring);
-       end_structure();
+        get_implicit_octet_string(val->signedAuthPack.length, val->signedAuthPack.data, 0);
+        opt_field(val->trustedCertifiers, 1, asn1_decode_sequence_of_trusted_ca, NULL);
+        opt_lenfield(val->kdcCert.length, val->kdcCert.data, 2, asn1_decode_octetstring);
+        opt_lenfield(val->encryptionCert.length, val->encryptionCert.data, 2, asn1_decode_octetstring);
+        end_structure();
     }
     cleanup();
 }
@@ -1311,10 +1312,10 @@ asn1_error_code asn1_decode_dh_rep_info(asn1buf *buf, krb5_dh_rep_info *val)
 {
     setup();
     { begin_structure();
-       get_implicit_octet_string(val->dhSignedData.length, val->dhSignedData.data, 0);
+        get_implicit_octet_string(val->dhSignedData.length, val->dhSignedData.data, 0);
 
-       opt_lenfield(val->serverDHNonce.length, val->serverDHNonce.data, 1, asn1_decode_octetstring);
-       end_structure();
+        opt_lenfield(val->serverDHNonce.length, val->serverDHNonce.data, 1, asn1_decode_octetstring);
+        end_structure();
     }
     cleanup();
 }
@@ -1323,11 +1324,11 @@ asn1_error_code asn1_decode_pk_authenticator(asn1buf *buf, krb5_pk_authenticator
 {
     setup();
     { begin_structure();
-       get_field(val->cusec, 0, asn1_decode_int32);
-       get_field(val->ctime, 1, asn1_decode_kerberos_time);
-       get_field(val->nonce, 2, asn1_decode_int32);
-       opt_lenfield(val->paChecksum.length, val->paChecksum.contents, 3, asn1_decode_octetstring);
-       end_structure();
+        get_field(val->cusec, 0, asn1_decode_int32);
+        get_field(val->ctime, 1, asn1_decode_kerberos_time);
+        get_field(val->nonce, 2, asn1_decode_int32);
+        opt_lenfield(val->paChecksum.length, val->paChecksum.contents, 3, asn1_decode_octetstring);
+        end_structure();
     }
     cleanup();
 }
@@ -1336,13 +1337,13 @@ asn1_error_code asn1_decode_pk_authenticator_draft9(asn1buf *buf, krb5_pk_authen
 {
     setup();
     { begin_structure();
-       alloc_field(val->kdcName,krb5_principal_data);
-       get_field(val->kdcName, 0, asn1_decode_principal_name); 
-       get_field(val->kdcName, 1, asn1_decode_realm); 
-       get_field(val->cusec, 2, asn1_decode_int32);
-       get_field(val->ctime, 3, asn1_decode_kerberos_time);
-       get_field(val->nonce, 4, asn1_decode_int32);
-       end_structure();
+        alloc_field(val->kdcName,krb5_principal_data);
+        get_field(val->kdcName, 0, asn1_decode_principal_name);
+        get_field(val->kdcName, 1, asn1_decode_realm);
+        get_field(val->cusec, 2, asn1_decode_int32);
+        get_field(val->ctime, 3, asn1_decode_kerberos_time);
+        get_field(val->nonce, 4, asn1_decode_int32);
+        end_structure();
     }
     cleanup();
 }
@@ -1351,39 +1352,39 @@ asn1_error_code asn1_decode_algorithm_identifier(asn1buf *buf,  krb5_algorithm_i
 
     setup();
     { begin_structure_no_tag();
-       /*
-        * Forbid indefinite encoding because we don't read enough tag
-        * information from the trailing octets ("ANY DEFINED BY") to
-        * synchronize EOC tags, etc.
-        */
-       if (seqindef) return ASN1_BAD_FORMAT;
-       /*
-        * Set up tag variables because we don't actually call anything
-        * that fetches tag info for us; it's all buried in the decoder
-        * primitives.
-        */
-       tagnum = ASN1_TAGNUM_CEILING;
-       asn1class = UNIVERSAL;
-       construction = PRIMITIVE;
-       taglen = 0;
-       indef = 0;
-       retval = asn1_decode_oid(&subbuf, &val->algorithm.length, 
-                                &val->algorithm.data);
-       if (retval) return retval;
-       val->parameters.length = 0;
-       val->parameters.data = NULL;
-
-       if (length > subbuf.next - subbuf.base) {
-           unsigned int size = length - (subbuf.next - subbuf.base);
-           retval = asn1buf_remove_octetstring(&subbuf, size, 
-                                               &val->parameters.data);
-           if (retval) return retval;
-           val->parameters.length = size;
-       }
-    
-       end_structure();
+        /*
+         * Forbid indefinite encoding because we don't read enough tag
+         * information from the trailing octets ("ANY DEFINED BY") to
+         * synchronize EOC tags, etc.
+         */
+        if (seqindef) return ASN1_BAD_FORMAT;
+        /*
+         * Set up tag variables because we don't actually call anything
+         * that fetches tag info for us; it's all buried in the decoder
+         * primitives.
+         */
+        tagnum = ASN1_TAGNUM_CEILING;
+        asn1class = UNIVERSAL;
+        construction = PRIMITIVE;
+        taglen = 0;
+        indef = 0;
+        retval = asn1_decode_oid(&subbuf, &val->algorithm.length,
+                                 &val->algorithm.data);
+        if (retval) return retval;
+        val->parameters.length = 0;
+        val->parameters.data = NULL;
+
+        if (length > subbuf.next - subbuf.base) {
+            unsigned int size = length - (subbuf.next - subbuf.base);
+            retval = asn1buf_remove_octetstring(&subbuf, size,
+                                                &val->parameters.data);
+            if (retval) return retval;
+            val->parameters.length = size;
+        }
+
+        end_structure();
     }
-    cleanup();      
+    cleanup();
 }
 
 asn1_error_code asn1_decode_subject_pk_info(asn1buf *buf, krb5_subject_pk_info *val)
@@ -1392,35 +1393,35 @@ asn1_error_code asn1_decode_subject_pk_info(asn1buf *buf, krb5_subject_pk_info *
     setup();
     { begin_structure_no_tag();
 
-       retval = asn1_decode_algorithm_identifier(&subbuf, &val->algorithm);
-       if (retval) return retval;
-
-       /* SubjectPublicKey encoded as a BIT STRING */
-       next_tag();
-       if (asn1class != UNIVERSAL || construction != PRIMITIVE ||
-           tagnum != ASN1_BITSTRING)
-           return ASN1_BAD_ID;
-
-       retval = asn1buf_remove_octet(&subbuf, &unused);
-       if (retval) return retval;
-
-       /* Number of unused bits must be between 0 and 7. */
-       /* What to do if unused is not zero? */
-       if (unused > 7) return ASN1_BAD_FORMAT;
-       taglen--;
-
-       val->subjectPublicKey.length = 0;
-       val->subjectPublicKey.data = NULL;
-       retval = asn1buf_remove_octetstring(&subbuf, taglen, 
-                                           &val->subjectPublicKey.data);
-       if (retval) return retval;
-       val->subjectPublicKey.length = taglen;
-       /*
-        * We didn't call any macro that does next_tag(); do so now to
-        * preload tag of any trailing encodings.
-        */
-       next_tag();
-       end_structure();
+        retval = asn1_decode_algorithm_identifier(&subbuf, &val->algorithm);
+        if (retval) return retval;
+
+        /* SubjectPublicKey encoded as a BIT STRING */
+        next_tag();
+        if (asn1class != UNIVERSAL || construction != PRIMITIVE ||
+            tagnum != ASN1_BITSTRING)
+            return ASN1_BAD_ID;
+
+        retval = asn1buf_remove_octet(&subbuf, &unused);
+        if (retval) return retval;
+
+        /* Number of unused bits must be between 0 and 7. */
+        /* What to do if unused is not zero? */
+        if (unused > 7) return ASN1_BAD_FORMAT;
+        taglen--;
+
+        val->subjectPublicKey.length = 0;
+        val->subjectPublicKey.data = NULL;
+        retval = asn1buf_remove_octetstring(&subbuf, taglen,
+                                            &val->subjectPublicKey.data);
+        if (retval) return retval;
+        val->subjectPublicKey.length = taglen;
+        /*
+         * We didn't call any macro that does next_tag(); do so now to
+         * preload tag of any trailing encodings.
+         */
+        next_tag();
+        end_structure();
     }
     cleanup();
 }
@@ -1434,13 +1435,13 @@ asn1_error_code asn1_decode_kdc_dh_key_info (asn1buf *buf, krb5_kdc_dh_key_info
 {
     setup();
     { begin_structure();
-       retval = asn1buf_remove_octetstring(&subbuf, taglen, &val->subjectPublicKey.data);
-       if (retval) return retval;
-       val->subjectPublicKey.length = taglen;
-       next_tag();
-       get_field(val->nonce, 1, asn1_decode_int32);
-       opt_field(val->dhKeyExpiration, 2, asn1_decode_kerberos_time, 0);
-       end_structure();
+        retval = asn1buf_remove_octetstring(&subbuf, taglen, &val->subjectPublicKey.data);
+        if (retval) return retval;
+        val->subjectPublicKey.length = taglen;
+        next_tag();
+        get_field(val->nonce, 1, asn1_decode_int32);
+        opt_field(val->dhKeyExpiration, 2, asn1_decode_kerberos_time, 0);
+        end_structure();
     }
     cleanup();
 }
@@ -1449,9 +1450,9 @@ asn1_error_code asn1_decode_reply_key_pack (asn1buf *buf, krb5_reply_key_pack *v
 {
     setup();
     { begin_structure();
-       get_field(val->replyKey, 0, asn1_decode_encryption_key);
-       get_field(val->asChecksum, 1, asn1_decode_checksum); 
-       end_structure();
+        get_field(val->replyKey, 0, asn1_decode_encryption_key);
+        get_field(val->asChecksum, 1, asn1_decode_checksum);
+        end_structure();
     }
     cleanup();
 }
@@ -1460,9 +1461,9 @@ asn1_error_code asn1_decode_reply_key_pack_draft9 (asn1buf *buf, krb5_reply_key_
 {
     setup();
     { begin_structure();
-       get_field(val->replyKey, 0, asn1_decode_encryption_key);
-       get_field(val->nonce, 1, asn1_decode_int32); 
-       end_structure();
+        get_field(val->replyKey, 0, asn1_decode_encryption_key);
+        get_field(val->nonce, 1, asn1_decode_int32);
+        end_structure();
     }
     cleanup();
 }
@@ -1472,9 +1473,9 @@ asn1_error_code asn1_decode_krb5_principal_name (asn1buf *buf, krb5_principal *v
 {
     setup();
     { begin_structure();
-       get_field(*val, 0, asn1_decode_realm);
-       get_field(*val, 1, asn1_decode_principal_name);
-       end_structure();
+        get_field(*val, 0, asn1_decode_realm);
+        get_field(*val, 1, asn1_decode_principal_name);
+        end_structure();
     }
     cleanup();
 }
@@ -1483,30 +1484,30 @@ asn1_error_code asn1_decode_auth_pack(asn1buf *buf, krb5_auth_pack *val)
 {
     setup();
     { begin_structure();
-       get_field(val->pkAuthenticator, 0, asn1_decode_pk_authenticator);
-       if (tagnum == 1) { alloc_field(val->clientPublicValue, krb5_subject_pk_info); }      
-       /* can't call opt_field because it does decoder(&subbuf, &(val)); */
-       if (asn1buf_remains(&subbuf, seqindef)) {                             
-           if ((asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)  
-               && (tagnum || taglen || asn1class != UNIVERSAL))                
-               return ASN1_BAD_ID;                                               
-           if (tagnum == 1) {                                        
-               retval = asn1_decode_subject_pk_info(&subbuf, 
-                                                    val->clientPublicValue);
-               if (!taglen && indef) { get_eoc(); }
-               next_tag();
-           } else val->clientPublicValue = NULL;  
-       }      
-       /* can't call opt_field because it does decoder(&subbuf, &(val)); */
-       if (asn1buf_remains(&subbuf, seqindef)) {
-           if (tagnum == 2) {
-               asn1_decode_sequence_of_algorithm_identifier(&subbuf, &val->supportedCMSTypes);
-               if (!taglen && indef) { get_eoc(); }
-               next_tag();
-           } else val->supportedCMSTypes = NULL;
-       }
-       opt_lenfield(val->clientDHNonce.length, val->clientDHNonce.data, 3, asn1_decode_octetstring);
-       end_structure();
+        get_field(val->pkAuthenticator, 0, asn1_decode_pk_authenticator);
+        if (tagnum == 1) { alloc_field(val->clientPublicValue, krb5_subject_pk_info); }
+        /* can't call opt_field because it does decoder(&subbuf, &(val)); */
+        if (asn1buf_remains(&subbuf, seqindef)) {
+            if ((asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)
+                && (tagnum || taglen || asn1class != UNIVERSAL))
+                return ASN1_BAD_ID;
+            if (tagnum == 1) {
+                retval = asn1_decode_subject_pk_info(&subbuf,
+                                                     val->clientPublicValue);
+                if (!taglen && indef) { get_eoc(); }
+                next_tag();
+            } else val->clientPublicValue = NULL;
+        }
+        /* can't call opt_field because it does decoder(&subbuf, &(val)); */
+        if (asn1buf_remains(&subbuf, seqindef)) {
+            if (tagnum == 2) {
+                asn1_decode_sequence_of_algorithm_identifier(&subbuf, &val->supportedCMSTypes);
+                if (!taglen && indef) { get_eoc(); }
+                next_tag();
+            } else val->supportedCMSTypes = NULL;
+        }
+        opt_lenfield(val->clientDHNonce.length, val->clientDHNonce.data, 3, asn1_decode_octetstring);
+        end_structure();
     }
     cleanup();
 }
@@ -1515,23 +1516,23 @@ asn1_error_code asn1_decode_auth_pack_draft9(asn1buf *buf, krb5_auth_pack_draft9
 {
     setup();
     { begin_structure();
-       get_field(val->pkAuthenticator, 0, asn1_decode_pk_authenticator_draft9);
-       if (tagnum == 1) {
-           alloc_field(val->clientPublicValue, krb5_subject_pk_info);      
-           /* can't call opt_field because it does decoder(&subbuf, &(val)); */
-           if (asn1buf_remains(&subbuf, seqindef)) {                             
-               if ((asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)  
-                   && (tagnum || taglen || asn1class != UNIVERSAL))                
-                   return ASN1_BAD_ID;                                               
-               if (tagnum == 1) {                                        
-                   retval = asn1_decode_subject_pk_info(&subbuf, 
-                                                        val->clientPublicValue);
-                   if (!taglen && indef) { get_eoc(); }
-                   next_tag();
-               } else val->clientPublicValue = NULL;  
-           }
-       }
-       end_structure();
+        get_field(val->pkAuthenticator, 0, asn1_decode_pk_authenticator_draft9);
+        if (tagnum == 1) {
+            alloc_field(val->clientPublicValue, krb5_subject_pk_info);
+            /* can't call opt_field because it does decoder(&subbuf, &(val)); */
+            if (asn1buf_remains(&subbuf, seqindef)) {
+                if ((asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)
+                    && (tagnum || taglen || asn1class != UNIVERSAL))
+                    return ASN1_BAD_ID;
+                if (tagnum == 1) {
+                    retval = asn1_decode_subject_pk_info(&subbuf,
+                                                         val->clientPublicValue);
+                    if (!taglen && indef) { get_eoc(); }
+                    next_tag();
+                } else val->clientPublicValue = NULL;
+            }
+        }
+        end_structure();
     }
     cleanup();
 }
@@ -1540,17 +1541,17 @@ asn1_error_code asn1_decode_pa_pk_as_rep(asn1buf *buf, krb5_pa_pk_as_rep *val)
 {
     setup();
     { begin_choice();
-       if (tagnum == choice_pa_pk_as_rep_dhInfo) {
-           val->choice = choice_pa_pk_as_rep_dhInfo;
-           get_field_body(val->u.dh_Info, asn1_decode_dh_rep_info);
-       } else if (tagnum == choice_pa_pk_as_rep_encKeyPack) {
-           val->choice = choice_pa_pk_as_rep_encKeyPack;
-           get_implicit_octet_string(val->u.encKeyPack.length, val->u.encKeyPack.data,
-                                     choice_pa_pk_as_rep_encKeyPack);
-       } else {
-           val->choice = choice_pa_pk_as_rep_UNKNOWN;
-       }
-       end_choice();
+        if (tagnum == choice_pa_pk_as_rep_dhInfo) {
+            val->choice = choice_pa_pk_as_rep_dhInfo;
+            get_field_body(val->u.dh_Info, asn1_decode_dh_rep_info);
+        } else if (tagnum == choice_pa_pk_as_rep_encKeyPack) {
+            val->choice = choice_pa_pk_as_rep_encKeyPack;
+            get_implicit_octet_string(val->u.encKeyPack.length, val->u.encKeyPack.data,
+                                      choice_pa_pk_as_rep_encKeyPack);
+        } else {
+            val->choice = choice_pa_pk_as_rep_UNKNOWN;
+        }
+        end_choice();
     }
     cleanup();
 }
@@ -1559,18 +1560,18 @@ asn1_error_code asn1_decode_pa_pk_as_rep_draft9(asn1buf *buf, krb5_pa_pk_as_rep_
 {
     setup();
     { begin_structure();
-       if (tagnum == choice_pa_pk_as_rep_draft9_dhSignedData) {
-           val->choice = choice_pa_pk_as_rep_draft9_dhSignedData;
-           get_lenfield(val->u.dhSignedData.length, val->u.dhSignedData.data,
-                        choice_pa_pk_as_rep_draft9_dhSignedData, asn1_decode_octetstring);
-       } else if (tagnum == choice_pa_pk_as_rep_draft9_encKeyPack) {
-           val->choice = choice_pa_pk_as_rep_draft9_encKeyPack;
-           get_lenfield(val->u.encKeyPack.length, val->u.encKeyPack.data,
-                        choice_pa_pk_as_rep_draft9_encKeyPack, asn1_decode_octetstring);
-       } else {
-           val->choice = choice_pa_pk_as_rep_draft9_UNKNOWN;
-       }
-       end_structure();
+        if (tagnum == choice_pa_pk_as_rep_draft9_dhSignedData) {
+            val->choice = choice_pa_pk_as_rep_draft9_dhSignedData;
+            get_lenfield(val->u.dhSignedData.length, val->u.dhSignedData.data,
+                         choice_pa_pk_as_rep_draft9_dhSignedData, asn1_decode_octetstring);
+        } else if (tagnum == choice_pa_pk_as_rep_draft9_encKeyPack) {
+            val->choice = choice_pa_pk_as_rep_draft9_encKeyPack;
+            get_lenfield(val->u.encKeyPack.length, val->u.encKeyPack.data,
+                         choice_pa_pk_as_rep_draft9_encKeyPack, asn1_decode_octetstring);
+        } else {
+            val->choice = choice_pa_pk_as_rep_draft9_UNKNOWN;
+        }
+        end_structure();
     }
     cleanup();
 }
@@ -1580,13 +1581,13 @@ asn1_error_code asn1_decode_sequence_of_typed_data(asn1buf *buf, krb5_typed_data
     decode_array_body(krb5_typed_data,asn1_decode_typed_data);
 }
 
-asn1_error_code asn1_decode_typed_data(asn1buf *buf, krb5_typed_data *val) 
+asn1_error_code asn1_decode_typed_data(asn1buf *buf, krb5_typed_data *val)
 {
     setup();
     { begin_structure();
-       get_field(val->type,0,asn1_decode_int32);
-       get_lenfield(val->length,val->data,1,asn1_decode_octetstring);
-       end_structure();
+        get_field(val->type,0,asn1_decode_int32);
+        get_lenfield(val->length,val->data,1,asn1_decode_octetstring);
+        end_structure();
     }
     cleanup();
 }
index 72c4e293c0aa6bd9a4ebec0ed2b09b629b5a22ae..8541a822d02db84b1c95d081db6d8ec09d1f95b9 100644 (file)
@@ -1,6 +1,7 @@
+/* -*- mode: c; indent-tabs-mode: nil -*- */
 /*
  * src/lib/krb5/asn.1/asn1_k_decode.h
- * 
+ *
  * Copyright 1994 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
@@ -8,7 +9,7 @@
  *   require a specific license from the United States Government.
  *   It is the responsibility of any person or organization contemplating
  *   export to obtain such a license before exporting.
- * 
+ *
  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
  * distribute this software and its documentation for any purpose and
  * without fee is hereby granted, provided that the above copyright
 /* asn1_error_code asn1_decode_scalar_type(asn1buf *buf, krb5_scalar *val); */
 /* requires  *buf is allocated, *buf's current position points to the
               beginning of an encoding (<id> <len> <contents>),
-             *val is allocated
+              *val is allocated
    effects   Decodes the encoding in *buf, returning the result in *val.
              Returns ASN1_BAD_ID if the encoded id does not
-             indicate the proper type.
+              indicate the proper type.
              Returns ASN1_OVERRUN if the encoded length exceeds
-             the bounds of *buf */
+              the bounds of *buf */
 
 
 /* asn1_error_code asn1_decode_structure_type(asn1buf *buf,
                                               krb5_structure *val); */
 /* requires  *buf is allocated, *buf's current position points to the
               beginning of an encoding (<id> <len> <contents>),
-             *val is allocated
-            Assumes that *val is a freshly-allocated structure (i.e.
-             does not attempt to clean up or free *val).
+              *val is allocated
+             Assumes that *val is a freshly-allocated structure (i.e.
+              does not attempt to clean up or free *val).
    effects   Decodes the encoding in *buf, returning the result in *val.
              Returns ASN1_BAD_ID if the encoded id does not
-             indicate the proper type.
+              indicate the proper type.
              Returns ASN1_OVERRUN if the encoded length exceeds
-             the bounds of *buf */
+              the bounds of *buf */
 
 /* asn1_error_code asn1_decode_array_type(asn1buf *buf, krb5_scalar ***val); */
 /* requires  *buf is allocated, *buf's current position points to the
               beginning of an encoding (<id> <len> <contents>)
-            Assumes that *val is empty (i.e. does not attempt to
-             clean up or free *val).
+             Assumes that *val is empty (i.e. does not attempt to
+              clean up or free *val).
    effects   Decodes the encoding in *buf, returning the result in *val.
              Returns ASN1_BAD_ID if the encoded id does not
-             indicate the proper type.
+              indicate the proper type.
              Returns ASN1_OVERRUN if the encoded length exceeds
-             the bounds of *buf */
+              the bounds of *buf */
 
 /* scalars */
 asn1_error_code asn1_decode_int
-       (asn1buf *buf, int *val);
+        (asn1buf *buf, int *val);
 asn1_error_code asn1_decode_int32
-       (asn1buf *buf, krb5_int32 *val);
+        (asn1buf *buf, krb5_int32 *val);
 asn1_error_code asn1_decode_kvno
-       (asn1buf *buf, krb5_kvno *val);
+        (asn1buf *buf, krb5_kvno *val);
 asn1_error_code asn1_decode_enctype
-       (asn1buf *buf, krb5_enctype *val);
+        (asn1buf *buf, krb5_enctype *val);
 asn1_error_code asn1_decode_msgtype
-       (asn1buf *buf, krb5_msgtype *val);
+        (asn1buf *buf, krb5_msgtype *val);
 asn1_error_code asn1_decode_cksumtype
-       (asn1buf *buf, krb5_cksumtype *val);
+        (asn1buf *buf, krb5_cksumtype *val);
 asn1_error_code asn1_decode_octet
-       (asn1buf *buf, krb5_octet *val);
+        (asn1buf *buf, krb5_octet *val);
 asn1_error_code asn1_decode_addrtype
-       (asn1buf *buf, krb5_addrtype *val);
+        (asn1buf *buf, krb5_addrtype *val);
 asn1_error_code asn1_decode_authdatatype
-       (asn1buf *buf, krb5_authdatatype *val);
+        (asn1buf *buf, krb5_authdatatype *val);
 asn1_error_code asn1_decode_ui_2
-       (asn1buf *buf, krb5_ui_2 *val);
+        (asn1buf *buf, krb5_ui_2 *val);
 asn1_error_code asn1_decode_ui_4
-       (asn1buf *buf, krb5_ui_4 *val);
+        (asn1buf *buf, krb5_ui_4 *val);
 asn1_error_code asn1_decode_seqnum
-       (asn1buf *buf, krb5_ui_4 *val);
+        (asn1buf *buf, krb5_ui_4 *val);
 asn1_error_code asn1_decode_kerberos_time
-       (asn1buf *buf, krb5_timestamp *val);
+        (asn1buf *buf, krb5_timestamp *val);
 asn1_error_code asn1_decode_sam_flags
-       (asn1buf *buf, krb5_flags *val);
+        (asn1buf *buf, krb5_flags *val);
 
 /* structures */
 asn1_error_code asn1_decode_realm
-       (asn1buf *buf, krb5_principal *val);
+        (asn1buf *buf, krb5_principal *val);
 asn1_error_code asn1_decode_principal_name
-       (asn1buf *buf, krb5_principal *val);
+        (asn1buf *buf, krb5_principal *val);
 asn1_error_code asn1_decode_checksum
-       (asn1buf *buf, krb5_checksum *val);
+        (asn1buf *buf, krb5_checksum *val);
 asn1_error_code asn1_decode_encryption_key
-       (asn1buf *buf, krb5_keyblock *val);
+        (asn1buf *buf, krb5_keyblock *val);
 asn1_error_code asn1_decode_encrypted_data
-       (asn1buf *buf, krb5_enc_data *val);
+        (asn1buf *buf, krb5_enc_data *val);
 asn1_error_code asn1_decode_ticket_flags
-       (asn1buf *buf, krb5_flags *val);
+        (asn1buf *buf, krb5_flags *val);
 asn1_error_code asn1_decode_transited_encoding
-       (asn1buf *buf, krb5_transited *val);
+        (asn1buf *buf, krb5_transited *val);
 asn1_error_code asn1_decode_enc_kdc_rep_part
-       (asn1buf *buf, krb5_enc_kdc_rep_part *val);
+        (asn1buf *buf, krb5_enc_kdc_rep_part *val);
 asn1_error_code asn1_decode_krb5_flags
-       (asn1buf *buf, krb5_flags *val);
+        (asn1buf *buf, krb5_flags *val);
 asn1_error_code asn1_decode_ap_options
-       (asn1buf *buf, krb5_flags *val);
+        (asn1buf *buf, krb5_flags *val);
 asn1_error_code asn1_decode_kdc_options
-       (asn1buf *buf, krb5_flags *val);
+        (asn1buf *buf, krb5_flags *val);
 asn1_error_code asn1_decode_ticket
-       (asn1buf *buf, krb5_ticket *val);
+        (asn1buf *buf, krb5_ticket *val);
 asn1_error_code asn1_decode_kdc_req
-       (asn1buf *buf, krb5_kdc_req *val);
+        (asn1buf *buf, krb5_kdc_req *val);
 asn1_error_code asn1_decode_kdc_req_body
-       (asn1buf *buf, krb5_kdc_req *val);
+        (asn1buf *buf, krb5_kdc_req *val);
 asn1_error_code asn1_decode_krb_safe_body
-       (asn1buf *buf, krb5_safe *val);
+        (asn1buf *buf, krb5_safe *val);
 asn1_error_code asn1_decode_host_address
-       (asn1buf *buf, krb5_address *val);
+        (asn1buf *buf, krb5_address *val);
 asn1_error_code asn1_decode_kdc_rep
-       (asn1buf *buf, krb5_kdc_rep *val);
+        (asn1buf *buf, krb5_kdc_rep *val);
 asn1_error_code asn1_decode_last_req_entry
-       (asn1buf *buf, krb5_last_req_entry *val);
+        (asn1buf *buf, krb5_last_req_entry *val);
 asn1_error_code asn1_decode_authdata_elt
-       (asn1buf *buf, krb5_authdata *val);
+        (asn1buf *buf, krb5_authdata *val);
 asn1_error_code asn1_decode_krb_cred_info
-       (asn1buf *buf, krb5_cred_info *val);
+        (asn1buf *buf, krb5_cred_info *val);
 asn1_error_code asn1_decode_pa_data
-       (asn1buf *buf, krb5_pa_data *val);
+        (asn1buf *buf, krb5_pa_data *val);
 asn1_error_code asn1_decode_passwdsequence
-       (asn1buf *buf, passwd_phrase_element *val);
+        (asn1buf *buf, passwd_phrase_element *val);
 asn1_error_code asn1_decode_sam_challenge
-       (asn1buf *buf, krb5_sam_challenge *val);
+        (asn1buf *buf, krb5_sam_challenge *val);
 asn1_error_code asn1_decode_sam_challenge_2
-       (asn1buf *buf, krb5_sam_challenge_2 *val);
+        (asn1buf *buf, krb5_sam_challenge_2 *val);
 asn1_error_code asn1_decode_sam_challenge_2_body
-       (asn1buf *buf, krb5_sam_challenge_2_body *val);
+        (asn1buf *buf, krb5_sam_challenge_2_body *val);
 asn1_error_code asn1_decode_enc_sam_key
-       (asn1buf *buf, krb5_sam_key *val);
+        (asn1buf *buf, krb5_sam_key *val);
 asn1_error_code asn1_decode_enc_sam_response_enc
-       (asn1buf *buf, krb5_enc_sam_response_enc *val);
+        (asn1buf *buf, krb5_enc_sam_response_enc *val);
 asn1_error_code asn1_decode_enc_sam_response_enc_2
-       (asn1buf *buf, krb5_enc_sam_response_enc_2 *val);
+        (asn1buf *buf, krb5_enc_sam_response_enc_2 *val);
 asn1_error_code asn1_decode_sam_response
-       (asn1buf *buf, krb5_sam_response *val);
+        (asn1buf *buf, krb5_sam_response *val);
 asn1_error_code asn1_decode_sam_response_2
-       (asn1buf *buf, krb5_sam_response_2 *val);
+        (asn1buf *buf, krb5_sam_response_2 *val);
 asn1_error_code asn1_decode_predicted_sam_response
-       (asn1buf *buf, krb5_predicted_sam_response *val);
+        (asn1buf *buf, krb5_predicted_sam_response *val);
 asn1_error_code asn1_decode_external_principal_identifier
-       (asn1buf *buf, krb5_external_principal_identifier *val);
+        (asn1buf *buf, krb5_external_principal_identifier *val);
 asn1_error_code asn1_decode_pa_pk_as_req
-       (asn1buf *buf, krb5_pa_pk_as_req *val);
+        (asn1buf *buf, krb5_pa_pk_as_req *val);
 asn1_error_code asn1_decode_trusted_ca
-       (asn1buf *buf, krb5_trusted_ca *val);
+        (asn1buf *buf, krb5_trusted_ca *val);
 asn1_error_code asn1_decode_pa_pk_as_req_draft9
-       (asn1buf *buf, krb5_pa_pk_as_req_draft9 *val);
+        (asn1buf *buf, krb5_pa_pk_as_req_draft9 *val);
 asn1_error_code asn1_decode_dh_rep_info
-       (asn1buf *buf, krb5_dh_rep_info *val);
+        (asn1buf *buf, krb5_dh_rep_info *val);
 asn1_error_code asn1_decode_pk_authenticator
-       (asn1buf *buf, krb5_pk_authenticator *val);
+        (asn1buf *buf, krb5_pk_authenticator *val);
 asn1_error_code asn1_decode_pk_authenticator_draft9
-       (asn1buf *buf, krb5_pk_authenticator_draft9 *val);
+        (asn1buf *buf, krb5_pk_authenticator_draft9 *val);
 asn1_error_code asn1_decode_subject_pk_info
-       (asn1buf *buf, krb5_subject_pk_info *val);
+        (asn1buf *buf, krb5_subject_pk_info *val);
 asn1_error_code asn1_decode_algorithm_identifier
-       (asn1buf *buf, krb5_algorithm_identifier *val);
+        (asn1buf *buf, krb5_algorithm_identifier *val);
 asn1_error_code asn1_decode_auth_pack
-       (asn1buf *buf, krb5_auth_pack *val);
+        (asn1buf *buf, krb5_auth_pack *val);
 asn1_error_code asn1_decode_auth_pack_draft9
-       (asn1buf *buf, krb5_auth_pack_draft9 *val);
+        (asn1buf *buf, krb5_auth_pack_draft9 *val);
 asn1_error_code asn1_decode_pa_pk_as_rep
-       (asn1buf *buf, krb5_pa_pk_as_rep *val);
+        (asn1buf *buf, krb5_pa_pk_as_rep *val);
 asn1_error_code asn1_decode_pa_pk_as_rep_draft9
-       (asn1buf *buf, krb5_pa_pk_as_rep_draft9 *val);
+        (asn1buf *buf, krb5_pa_pk_as_rep_draft9 *val);
 asn1_error_code asn1_decode_kdc_dh_key_info
         (asn1buf *buf, krb5_kdc_dh_key_info *val);
 asn1_error_code asn1_decode_krb5_principal_name
-       (asn1buf *buf, krb5_principal *val);
+        (asn1buf *buf, krb5_principal *val);
 asn1_error_code asn1_decode_reply_key_pack
         (asn1buf *buf, krb5_reply_key_pack *val);
 asn1_error_code asn1_decode_reply_key_pack_draft9
@@ -200,36 +201,36 @@ asn1_error_code asn1_decode_typed_data
 
 /* arrays */
 asn1_error_code asn1_decode_authorization_data
-       (asn1buf *buf, krb5_authdata ***val);
+        (asn1buf *buf, krb5_authdata ***val);
 asn1_error_code asn1_decode_host_addresses
-       (asn1buf *buf, krb5_address ***val);
+        (asn1buf *buf, krb5_address ***val);
 asn1_error_code asn1_decode_sequence_of_ticket
-       (asn1buf *buf, krb5_ticket ***val);
+        (asn1buf *buf, krb5_ticket ***val);
 asn1_error_code asn1_decode_sequence_of_krb_cred_info
-       (asn1buf *buf, krb5_cred_info ***val);
+        (asn1buf *buf, krb5_cred_info ***val);
 asn1_error_code asn1_decode_sequence_of_pa_data
-       (asn1buf *buf, krb5_pa_data ***val);
+        (asn1buf *buf, krb5_pa_data ***val);
 asn1_error_code asn1_decode_last_req
-       (asn1buf *buf, krb5_last_req_entry ***val);
+        (asn1buf *buf, krb5_last_req_entry ***val);
 
 asn1_error_code asn1_decode_sequence_of_enctype
-       (asn1buf *buf, int *num, krb5_enctype **val);
+        (asn1buf *buf, int *num, krb5_enctype **val);
 
 asn1_error_code asn1_decode_sequence_of_checksum
-       (asn1buf *buf, krb5_checksum ***val);
+        (asn1buf *buf, krb5_checksum ***val);
 
 asn1_error_code asn1_decode_sequence_of_passwdsequence
-       (asn1buf *buf, passwd_phrase_element ***val);
+        (asn1buf *buf, passwd_phrase_element ***val);
 
 asn1_error_code asn1_decode_etype_info
-       (asn1buf *buf, krb5_etype_info_entry ***val);
+        (asn1buf *buf, krb5_etype_info_entry ***val);
 asn1_error_code asn1_decode_etype_info2
-       (asn1buf *buf, krb5_etype_info_entry ***val, krb5_boolean v1_3_behavior);
+        (asn1buf *buf, krb5_etype_info_entry ***val, krb5_boolean v1_3_behavior);
 asn1_error_code asn1_decode_sequence_of_external_principal_identifier
-       (asn1buf *buf, krb5_external_principal_identifier ***val);
+        (asn1buf *buf, krb5_external_principal_identifier ***val);
 asn1_error_code asn1_decode_sequence_of_trusted_ca
-       (asn1buf *buf, krb5_trusted_ca ***val);
+        (asn1buf *buf, krb5_trusted_ca ***val);
 asn1_error_code asn1_decode_sequence_of_algorithm_identifier
-       (asn1buf *buf, krb5_algorithm_identifier ***val);
+        (asn1buf *buf, krb5_algorithm_identifier ***val);
 
 #endif
index 0ad6fd3cf283bf579031fa6574b4dec871e96d0b..e2577d8f732eb6473a810d2aa6dae710960f22d5 100644 (file)
@@ -1,6 +1,7 @@
+/* -*- mode: c; indent-tabs-mode: nil -*- */
 /*
  * src/lib/krb5/asn.1/asn1_k_encode.c
- * 
+ *
  * Copyright 1994, 2008 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
@@ -8,7 +9,7 @@
  *   require a specific license from the United States Government.
  *   It is the responsibility of any person or organization contemplating
  *   export to obtain such a license before exporting.
- * 
+ *
  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
  * distribute this software and its documentation for any purpose and
  * without fee is hereby granted, provided that the above copyright
@@ -48,7 +49,7 @@
        asn1_addfield(rep->field_i, i, asn1_type);
 
      /* for string fields (these encoders take an additional argument,
-       the length of the string) */
+        the length of the string) */
      addlenfield(rep->field_length, rep->field, i-1, asn1_type);
 
      /* if you really have to do things yourself... */
@@ -56,7 +57,7 @@
      if (retval) return retval;
      sum += length;
      retval = asn1_make_etag(buf, CONTEXT_SPECIFIC, tag_number, length,
-                            &length);
+                             &length);
      if (retval) return retval;
      sum += length;
 
@@ -76,7 +77,7 @@
 #define asn1_setup()\
   asn1_error_code retval;\
   unsigned int length, sum=0
-  
+
 /* asn1_addfield -- add a field, or component, to the encoding */
 #define asn1_addfield(value,tag,encoder)\
 { retval = encoder(buf,value,&length);\
@@ -177,10 +178,10 @@ asn1_error_code asn1_encode_ui_4(asn1buf *buf, const krb5_ui_4 val, unsigned int
 asn1_error_code asn1_encode_realm(asn1buf *buf, const krb5_principal val, unsigned int *retlen)
 {
     if (val == NULL ||
-       (val->realm.length && val->realm.data == NULL))
-       return ASN1_MISSING_FIELD;
+        (val->realm.length && val->realm.data == NULL))
+        return ASN1_MISSING_FIELD;
     return asn1_encode_generalstring(buf,val->realm.length,val->realm.data,
-                                    retlen);
+                                     retlen);
 }
 
 asn1_error_code asn1_encode_principal_name(asn1buf *buf, const krb5_principal val, unsigned int *retlen)
@@ -191,15 +192,15 @@ asn1_error_code asn1_encode_principal_name(asn1buf *buf, const krb5_principal va
     if (val == NULL || val->data == NULL) return ASN1_MISSING_FIELD;
 
     for (n = (int) ((val->length)-1); n >= 0; n--) {
-       if (val->data[n].length &&
-           val->data[n].data == NULL)
-           return ASN1_MISSING_FIELD;
-       retval = asn1_encode_generalstring(buf,
-                                          (val->data)[n].length,
-                                          (val->data)[n].data,
-                                          &length);
-       if (retval) return retval;
-       sum += length;
+        if (val->data[n].length &&
+            val->data[n].data == NULL)
+            return ASN1_MISSING_FIELD;
+        retval = asn1_encode_generalstring(buf,
+                                           (val->data)[n].length,
+                                           (val->data)[n].data,
+                                           &length);
+        if (retval) return retval;
+        sum += length;
     }
     asn1_makeseq();
     retval = asn1_make_etag(buf,CONTEXT_SPECIFIC,1,sum,&length);
@@ -240,9 +241,9 @@ asn1_error_code asn1_encode_host_addresses(asn1buf *buf, const krb5_address **va
 
     for (i=0; val[i] != NULL; i++); /* go to end of array */
     for (i--; i>=0; i--) {
-       retval = asn1_encode_host_address(buf,val[i],&length);
-       if (retval) return retval;
-       sum += length;
+        retval = asn1_encode_host_address(buf,val[i],&length);
+        if (retval) return retval;
+        sum += length;
     }
     asn1_makeseq();
 
@@ -254,13 +255,13 @@ asn1_error_code asn1_encode_encrypted_data(asn1buf *buf, const krb5_enc_data *va
     asn1_setup();
 
     if (val == NULL ||
-       (val->ciphertext.length && val->ciphertext.data == NULL))
-       return ASN1_MISSING_FIELD;
+        (val->ciphertext.length && val->ciphertext.data == NULL))
+        return ASN1_MISSING_FIELD;
 
     asn1_addlenfield(val->ciphertext.length,val->ciphertext.data,2,asn1_encode_charstring);
     /* krb5_kvno should be int */
     if (val->kvno)
-       asn1_addfield((int) val->kvno,1,asn1_encode_integer);
+        asn1_addfield((int) val->kvno,1,asn1_encode_integer);
     asn1_addfield(val->enctype,0,asn1_encode_integer);
 
     asn1_makeseq();
@@ -275,16 +276,16 @@ asn1_error_code asn1_encode_krb5_flags(asn1buf *buf, const krb5_flags val, unsig
     int i;
 
     for (i=0; i<4; i++) {
-       retval = asn1buf_insert_octet(buf,(asn1_octet) (valcopy&0xFF));
-       if (retval) return retval;
-       valcopy >>= 8;
+        retval = asn1buf_insert_octet(buf,(asn1_octet) (valcopy&0xFF));
+        if (retval) return retval;
+        valcopy >>= 8;
     }
-    retval = asn1buf_insert_octet(buf,0);      /* 0 padding bits */
+    retval = asn1buf_insert_octet(buf,0);       /* 0 padding bits */
     if (retval) return retval;
     sum = 5;
 
     retval = asn1_make_tag(buf,UNIVERSAL,PRIMITIVE,ASN1_BITSTRING,sum,
-                          &length);
+                           &length);
     if (retval) return retval;
     sum += length;
 
@@ -311,14 +312,14 @@ asn1_error_code asn1_encode_authorization_data(asn1buf *buf, const krb5_authdata
 {
     asn1_setup();
     int i;
-  
+
     if (val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
-  
+
     for (i=0; val[i] != NULL; i++); /* get to the end of the array */
     for (i--; i>=0; i--) {
-       retval = asn1_encode_krb5_authdata_elt(buf,val[i],&length);
-       if (retval) return retval;
-       sum += length;
+        retval = asn1_encode_krb5_authdata_elt(buf,val[i],&length);
+        if (retval) return retval;
+        sum += length;
     }
     asn1_makeseq();
 
@@ -330,12 +331,12 @@ asn1_error_code asn1_encode_krb5_authdata_elt(asn1buf *buf, const krb5_authdata
     asn1_setup();
 
     if (val == NULL ||
-       (val->length && val->contents == NULL))
-       return ASN1_MISSING_FIELD;
+        (val->length && val->contents == NULL))
+        return ASN1_MISSING_FIELD;
 
-    /* ad-data[1]              OCTET STRING */
+    /* ad-data[1]               OCTET STRING */
     asn1_addlenfield(val->length,val->contents,1,asn1_encode_octetstring);
-    /* ad-type[0]              INTEGER */
+    /* ad-type[0]               INTEGER */
     asn1_addfield(val->ad_type,0,asn1_encode_integer);
     /* SEQUENCE */
     asn1_makeseq();
@@ -354,9 +355,9 @@ asn1_error_code asn1_encode_kdc_rep(int msg_type, asn1buf *buf, const krb5_kdc_r
     asn1_addfield(val->client,4,asn1_encode_principal_name);
     asn1_addfield(val->client,3,asn1_encode_realm);
     if (val->padata != NULL && val->padata[0] != NULL)
-       asn1_addfield((const krb5_pa_data**)val->padata,2,asn1_encode_sequence_of_pa_data);
+        asn1_addfield((const krb5_pa_data**)val->padata,2,asn1_encode_sequence_of_pa_data);
     if (msg_type != KRB5_AS_REP && msg_type != KRB5_TGS_REP)
-       return KRB5_BADMSGTYPE;
+        return KRB5_BADMSGTYPE;
     asn1_addfield(msg_type,1,asn1_encode_integer);
     asn1_addfield(KVNO,0,asn1_encode_integer);
     asn1_makeseq();
@@ -370,44 +371,44 @@ asn1_error_code asn1_encode_enc_kdc_rep_part(asn1buf *buf, const krb5_enc_kdc_re
 
     if (val == NULL) return ASN1_MISSING_FIELD;
 
-    /* caddr[11]               HostAddresses OPTIONAL */
+    /* caddr[11]                HostAddresses OPTIONAL */
     if (val->caddrs != NULL && val->caddrs[0] != NULL)
-       asn1_addfield((const krb5_address**)(val->caddrs),11,asn1_encode_host_addresses);
+        asn1_addfield((const krb5_address**)(val->caddrs),11,asn1_encode_host_addresses);
 
-    /* sname[10]               PrincipalName */
+    /* sname[10]                PrincipalName */
     asn1_addfield(val->server,10,asn1_encode_principal_name);
 
-    /* srealm[9]               Realm */
+    /* srealm[9]                Realm */
     asn1_addfield(val->server,9,asn1_encode_realm);
 
-    /* renew-till[8]   KerberosTime OPTIONAL */
+    /* renew-till[8]    KerberosTime OPTIONAL */
     if (val->flags & TKT_FLG_RENEWABLE)
-       asn1_addfield(val->times.renew_till,8,asn1_encode_kerberos_time);
+        asn1_addfield(val->times.renew_till,8,asn1_encode_kerberos_time);
 
-    /* endtime[7]              KerberosTime */
+    /* endtime[7]               KerberosTime */
     asn1_addfield(val->times.endtime,7,asn1_encode_kerberos_time);
 
-    /* starttime[6]    KerberosTime OPTIONAL */
+    /* starttime[6]     KerberosTime OPTIONAL */
     if (val->times.starttime)
-       asn1_addfield(val->times.starttime,6,asn1_encode_kerberos_time);
+        asn1_addfield(val->times.starttime,6,asn1_encode_kerberos_time);
 
-    /* authtime[5]     KerberosTime */
+    /* authtime[5]      KerberosTime */
     asn1_addfield(val->times.authtime,5,asn1_encode_kerberos_time);
 
-    /* flags[4]                TicketFlags */
+    /* flags[4]         TicketFlags */
     asn1_addfield(val->flags,4,asn1_encode_ticket_flags);
 
-    /* key-expiration[3]       KerberosTime OPTIONAL */
+    /* key-expiration[3]        KerberosTime OPTIONAL */
     if (val->key_exp)
-       asn1_addfield(val->key_exp,3,asn1_encode_kerberos_time);
+        asn1_addfield(val->key_exp,3,asn1_encode_kerberos_time);
 
-    /* nonce[2]                INTEGER */
+    /* nonce[2]         INTEGER */
     asn1_addfield(val->nonce,2,asn1_encode_integer);
 
-    /* last-req[1]     LastReq */
+    /* last-req[1]      LastReq */
     asn1_addfield((const krb5_last_req_entry**)val->last_req,1,asn1_encode_last_req);
 
-    /* key[0]          EncryptionKey */
+    /* key[0]           EncryptionKey */
     asn1_addfield(val->session,0,asn1_encode_encryption_key);
 
     /* EncKDCRepPart ::= SEQUENCE */
@@ -425,9 +426,9 @@ asn1_error_code asn1_encode_sequence_of_checksum(asn1buf *buf, const krb5_checks
 
     for (i=0; val[i] != NULL; i++);
     for (i--; i>=0; i--) {
-       retval = asn1_encode_checksum(buf,val[i],&length);
-       if (retval) return retval;
-       sum += length;
+        retval = asn1_encode_checksum(buf,val[i],&length);
+        if (retval) return retval;
+        sum += length;
     }
     asn1_makeseq();
 
@@ -437,61 +438,61 @@ asn1_error_code asn1_encode_sequence_of_checksum(asn1buf *buf, const krb5_checks
 asn1_error_code asn1_encode_kdc_req_body(asn1buf *buf, const krb5_kdc_req *rep, unsigned int *retlen)
 {
     asn1_setup();
-  
+
     if (rep == NULL) return ASN1_MISSING_FIELD;
 
-    /* additional-tickets[11]  SEQUENCE OF Ticket OPTIONAL */
+    /* additional-tickets[11]   SEQUENCE OF Ticket OPTIONAL */
     if (rep->second_ticket != NULL && rep->second_ticket[0] != NULL)
-       asn1_addfield((const krb5_ticket**)rep->second_ticket,
-                     11,asn1_encode_sequence_of_ticket);
+        asn1_addfield((const krb5_ticket**)rep->second_ticket,
+                      11,asn1_encode_sequence_of_ticket);
 
-    /* enc-authorization-data[10]      EncryptedData OPTIONAL, */
-    /*                                 -- Encrypted AuthorizationData encoding */
+    /* enc-authorization-data[10]       EncryptedData OPTIONAL, */
+    /*                          -- Encrypted AuthorizationData encoding */
     if (rep->authorization_data.ciphertext.data != NULL)
-       asn1_addfield(&(rep->authorization_data),10,asn1_encode_encrypted_data);
+        asn1_addfield(&(rep->authorization_data),10,asn1_encode_encrypted_data);
 
-    /* addresses[9]            HostAddresses OPTIONAL, */
+    /* addresses[9]             HostAddresses OPTIONAL, */
     if (rep->addresses != NULL && rep->addresses[0] != NULL)
-       asn1_addfield((const krb5_address**)rep->addresses,9,asn1_encode_host_addresses);
+        asn1_addfield((const krb5_address**)rep->addresses,9,asn1_encode_host_addresses);
 
-    /* etype[8]                        SEQUENCE OF INTEGER, -- EncryptionType, */
-    /*                                 -- in preference order */
+    /* etype[8]                 SEQUENCE OF INTEGER, -- EncryptionType, */
+    /*                          -- in preference order */
     asn1_addlenfield(rep->nktypes,rep->ktype,8,asn1_encode_sequence_of_enctype);
 
-    /* nonce[7]                        INTEGER, */
+    /* nonce[7]                 INTEGER, */
     asn1_addfield(rep->nonce,7,asn1_encode_integer);
 
-    /* rtime[6]                        KerberosTime OPTIONAL, */
+    /* rtime[6]                 KerberosTime OPTIONAL, */
     if (rep->rtime)
-       asn1_addfield(rep->rtime,6,asn1_encode_kerberos_time);
+        asn1_addfield(rep->rtime,6,asn1_encode_kerberos_time);
 
-    /* till[5]                 KerberosTime, */
+    /* till[5]                  KerberosTime, */
     asn1_addfield(rep->till,5,asn1_encode_kerberos_time);
 
-    /* from[4]                 KerberosTime OPTIONAL, */
+    /* from[4]                  KerberosTime OPTIONAL, */
     if (rep->from)
-       asn1_addfield(rep->from,4,asn1_encode_kerberos_time);
+        asn1_addfield(rep->from,4,asn1_encode_kerberos_time);
 
-    /* sname[3]                        PrincipalName OPTIONAL, */
+    /* sname[3]                 PrincipalName OPTIONAL, */
     if (rep->server != NULL)
-       asn1_addfield(rep->server,3,asn1_encode_principal_name);
+        asn1_addfield(rep->server,3,asn1_encode_principal_name);
 
-    /* realm[2]                        Realm, -- Server's realm */
-    /*                                 -- Also client's in AS-REQ */
+    /* realm[2]                 Realm, -- Server's realm */
+    /*                          -- Also client's in AS-REQ */
     if (rep->kdc_options & KDC_OPT_ENC_TKT_IN_SKEY) {
-       if (rep->second_ticket != NULL && rep->second_ticket[0] != NULL) {
-           asn1_addfield(rep->second_ticket[0]->server,2,asn1_encode_realm)
-               } else return ASN1_MISSING_FIELD;
+        if (rep->second_ticket != NULL && rep->second_ticket[0] != NULL) {
+            asn1_addfield(rep->second_ticket[0]->server,2,asn1_encode_realm)
+                } else return ASN1_MISSING_FIELD;
     } else if (rep->server != NULL) {
-       asn1_addfield(rep->server,2,asn1_encode_realm);
+        asn1_addfield(rep->server,2,asn1_encode_realm);
     } else return ASN1_MISSING_FIELD;
 
-    /* cname[1]                        PrincipalName OPTIONAL, */
-    /*                                 -- Used only in AS-REQ */
+    /* cname[1]                 PrincipalName OPTIONAL, */
+    /*                          -- Used only in AS-REQ */
     if (rep->client != NULL)
-       asn1_addfield(rep->client,1,asn1_encode_principal_name);
+        asn1_addfield(rep->client,1,asn1_encode_principal_name);
 
-    /* kdc-options[0]          KDCOptions, */
+    /* kdc-options[0]           KDCOptions, */
     asn1_addfield(rep->kdc_options,0,asn1_encode_kdc_options);
 
     /* KDC-REQ-BODY ::= SEQUENCE */
@@ -505,8 +506,8 @@ asn1_error_code asn1_encode_encryption_key(asn1buf *buf, const krb5_keyblock *va
     asn1_setup();
 
     if (val == NULL ||
-       (val->length && val->contents == NULL))
-       return ASN1_MISSING_FIELD;
+        (val->length && val->contents == NULL))
+        return ASN1_MISSING_FIELD;
 
     asn1_addlenfield(val->length,val->contents,1,asn1_encode_octetstring);
     asn1_addfield(val->enctype,0,asn1_encode_integer);
@@ -520,8 +521,8 @@ asn1_error_code asn1_encode_checksum(asn1buf *buf, const krb5_checksum *val, uns
     asn1_setup();
 
     if (val == NULL ||
-       (val->length && val->contents == NULL))
-       return ASN1_MISSING_FIELD;
+        (val->length && val->contents == NULL))
+        return ASN1_MISSING_FIELD;
 
     asn1_addlenfield(val->length,val->contents,1,asn1_encode_octetstring);
     asn1_addfield(val->checksum_type,0,asn1_encode_integer);
@@ -535,11 +536,11 @@ asn1_error_code asn1_encode_transited_encoding(asn1buf *buf, const krb5_transite
     asn1_setup();
 
     if (val == NULL ||
-       (val->tr_contents.length != 0 && val->tr_contents.data == NULL))
-       return ASN1_MISSING_FIELD;
+        (val->tr_contents.length != 0 && val->tr_contents.data == NULL))
+        return ASN1_MISSING_FIELD;
 
     asn1_addlenfield(val->tr_contents.length,val->tr_contents.data,
-                    1,asn1_encode_charstring);
+                     1,asn1_encode_charstring);
     asn1_addfield(val->tr_type,0,asn1_encode_integer);
     asn1_makeseq();
 
@@ -555,9 +556,9 @@ asn1_error_code asn1_encode_last_req(asn1buf *buf, const krb5_last_req_entry **v
 
     for (i=0; val[i] != NULL; i++); /* go to end of array */
     for (i--; i>=0; i--) {
-       retval = asn1_encode_last_req_entry(buf,val[i],&length);
-       if (retval) return retval;
-       sum += length;
+        retval = asn1_encode_last_req_entry(buf,val[i],&length);
+        if (retval) return retval;
+        sum += length;
     }
     asn1_makeseq();
 
@@ -586,9 +587,9 @@ asn1_error_code asn1_encode_sequence_of_pa_data(asn1buf *buf, const krb5_pa_data
 
     for (i=0; val[i] != NULL; i++);
     for (i--; i>=0; i--) {
-       retval = asn1_encode_pa_data(buf,val[i],&length);
-       if (retval) return retval;
-       sum += length;
+        retval = asn1_encode_pa_data(buf,val[i],&length);
+        if (retval) return retval;
+        sum += length;
     }
     asn1_makeseq();
 
@@ -600,7 +601,7 @@ asn1_error_code asn1_encode_pa_data(asn1buf *buf, const krb5_pa_data *val, unsig
     asn1_setup();
 
     if (val == NULL || (val->length != 0 && val->contents == NULL))
-       return ASN1_MISSING_FIELD;
+        return ASN1_MISSING_FIELD;
 
     asn1_addlenfield(val->length,val->contents,2,asn1_encode_octetstring);
     asn1_addfield(val->pa_type,1,asn1_encode_integer);
@@ -618,9 +619,9 @@ asn1_error_code asn1_encode_sequence_of_ticket(asn1buf *buf, const krb5_ticket *
 
     for (i=0; val[i] != NULL; i++);
     for (i--; i>=0; i--) {
-       retval = asn1_encode_ticket(buf,val[i],&length);
-       if (retval) return retval;
-       sum += length;
+        retval = asn1_encode_ticket(buf,val[i],&length);
+        if (retval) return retval;
+        sum += length;
     }
     asn1_makeseq();
 
@@ -651,9 +652,9 @@ asn1_error_code asn1_encode_sequence_of_enctype(asn1buf *buf, const int len, con
     if (val == NULL) return ASN1_MISSING_FIELD;
 
     for (i=len-1; i>=0; i--) {
-       retval = asn1_encode_integer(buf,val[i],&length);
-       if (retval) return retval;
-       sum += length;
+        retval = asn1_encode_integer(buf,val[i],&length);
+        if (retval) return retval;
+        sum += length;
     }
     asn1_makeseq();
 
@@ -668,9 +669,9 @@ asn1_error_code asn1_encode_kdc_req(int msg_type, asn1buf *buf, const krb5_kdc_r
 
     asn1_addfield(val,4,asn1_encode_kdc_req_body);
     if (val->padata != NULL && val->padata[0] != NULL)
-       asn1_addfield((const krb5_pa_data**)val->padata,3,asn1_encode_sequence_of_pa_data);
+        asn1_addfield((const krb5_pa_data**)val->padata,3,asn1_encode_sequence_of_pa_data);
     if (msg_type != KRB5_AS_REQ && msg_type != KRB5_TGS_REQ)
-       return KRB5_BADMSGTYPE;
+        return KRB5_BADMSGTYPE;
     asn1_addfield(msg_type,2,asn1_encode_integer);
     asn1_addfield(KVNO,1,asn1_encode_integer);
     asn1_makeseq();
@@ -685,18 +686,18 @@ asn1_error_code asn1_encode_krb_safe_body(asn1buf *buf, const krb5_safe *val, un
     if (val == NULL) return ASN1_MISSING_FIELD;
 
     if (val->r_address != NULL)
-       asn1_addfield(val->r_address,5,asn1_encode_host_address);
+        asn1_addfield(val->r_address,5,asn1_encode_host_address);
     asn1_addfield(val->s_address,4,asn1_encode_host_address);
     if (val->seq_number)
-       asn1_addfield(val->seq_number,3,asn1_encode_unsigned_integer);
+        asn1_addfield(val->seq_number,3,asn1_encode_unsigned_integer);
     if (val->timestamp) {
-       asn1_addfield(val->usec,2,asn1_encode_integer);
-       asn1_addfield(val->timestamp,1,asn1_encode_kerberos_time);
+        asn1_addfield(val->usec,2,asn1_encode_integer);
+        asn1_addfield(val->timestamp,1,asn1_encode_kerberos_time);
     }
     if (val->user_data.length && val->user_data.data == NULL)
-       return ASN1_MISSING_FIELD;
+        return ASN1_MISSING_FIELD;
     asn1_addlenfield(val->user_data.length,val->user_data.data,0,asn1_encode_charstring)
-       ;
+        ;
 
     asn1_makeseq();
     asn1_cleanup();
@@ -711,9 +712,9 @@ asn1_error_code asn1_encode_sequence_of_krb_cred_info(asn1buf *buf, const krb5_c
 
     for (i=0; val[i] != NULL; i++);
     for (i--; i>=0; i--) {
-       retval = asn1_encode_krb_cred_info(buf,val[i],&length);
-       if (retval) return retval;
-       sum += length;
+        retval = asn1_encode_krb_cred_info(buf,val[i],&length);
+        if (retval) return retval;
+        sum += length;
     }
     asn1_makeseq();
 
@@ -727,24 +728,24 @@ asn1_error_code asn1_encode_krb_cred_info(asn1buf *buf, const krb5_cred_info *va
     if (val == NULL) return ASN1_MISSING_FIELD;
 
     if (val->caddrs != NULL && val->caddrs[0] != NULL)
-       asn1_addfield((const krb5_address**)val->caddrs,10,asn1_encode_host_addresses);
+        asn1_addfield((const krb5_address**)val->caddrs,10,asn1_encode_host_addresses);
     if (val->server != NULL) {
-       asn1_addfield(val->server,9,asn1_encode_principal_name);
-       asn1_addfield(val->server,8,asn1_encode_realm);
+        asn1_addfield(val->server,9,asn1_encode_principal_name);
+        asn1_addfield(val->server,8,asn1_encode_realm);
     }
     if (val->times.renew_till)
-       asn1_addfield(val->times.renew_till,7,asn1_encode_kerberos_time);
+        asn1_addfield(val->times.renew_till,7,asn1_encode_kerberos_time);
     if (val->times.endtime)
-       asn1_addfield(val->times.endtime,6,asn1_encode_kerberos_time);
+        asn1_addfield(val->times.endtime,6,asn1_encode_kerberos_time);
     if (val->times.starttime)
-       asn1_addfield(val->times.starttime,5,asn1_encode_kerberos_time);
+        asn1_addfield(val->times.starttime,5,asn1_encode_kerberos_time);
     if (val->times.authtime)
-       asn1_addfield(val->times.authtime,4,asn1_encode_kerberos_time);
+        asn1_addfield(val->times.authtime,4,asn1_encode_kerberos_time);
     if (val->flags)
-       asn1_addfield(val->flags,3,asn1_encode_ticket_flags);
+        asn1_addfield(val->flags,3,asn1_encode_ticket_flags);
     if (val->client != NULL) {
-       asn1_addfield(val->client,2,asn1_encode_principal_name);
-       asn1_addfield(val->client,1,asn1_encode_realm);
+        asn1_addfield(val->client,2,asn1_encode_principal_name);
+        asn1_addfield(val->client,1,asn1_encode_realm);
     }
     asn1_addfield(val->session,0,asn1_encode_encryption_key);
 
@@ -754,25 +755,25 @@ asn1_error_code asn1_encode_krb_cred_info(asn1buf *buf, const krb5_cred_info *va
 }
 
 asn1_error_code asn1_encode_etype_info_entry(asn1buf *buf, const krb5_etype_info_entry *val,
-                                            unsigned int *retlen, int etype_info2)
+                                             unsigned int *retlen, int etype_info2)
 {
     asn1_setup();
 
     assert(val->s2kparams.data == NULL || etype_info2);
     if (val == NULL || (val->length > 0 && val->length != KRB5_ETYPE_NO_SALT &&
-                       val->salt == NULL))
-       return ASN1_MISSING_FIELD;
+                        val->salt == NULL))
+        return ASN1_MISSING_FIELD;
     if (val->s2kparams.data != NULL)
-       asn1_addlenfield(val->s2kparams.length, val->s2kparams.data, 2,
-                        asn1_encode_octetstring);
+        asn1_addlenfield(val->s2kparams.length, val->s2kparams.data, 2,
+                         asn1_encode_octetstring);
     if (val->length >= 0 && val->length != KRB5_ETYPE_NO_SALT) {
-       if (etype_info2) {
-           asn1_addlenfield(val->length,val->salt,1,
-                            asn1_encode_generalstring);
-       } else {
-           asn1_addlenfield(val->length,val->salt,1,
-                            asn1_encode_octetstring);
-       }
+        if (etype_info2) {
+            asn1_addlenfield(val->length,val->salt,1,
+                             asn1_encode_generalstring);
+        } else {
+            asn1_addlenfield(val->length,val->salt,1,
+                             asn1_encode_octetstring);
+        }
     }
     asn1_addfield(val->etype,0,asn1_encode_integer);
     asn1_makeseq();
@@ -781,18 +782,18 @@ asn1_error_code asn1_encode_etype_info_entry(asn1buf *buf, const krb5_etype_info
 }
 
 asn1_error_code asn1_encode_etype_info(asn1buf *buf, const krb5_etype_info_entry **val,
-                                      unsigned int *retlen, int etype_info2)
+                                       unsigned int *retlen, int etype_info2)
 {
     asn1_setup();
     int i;
-  
+
     if (val == NULL) return ASN1_MISSING_FIELD;
-  
+
     for (i=0; val[i] != NULL; i++); /* get to the end of the array */
     for (i--; i>=0; i--) {
-       retval = asn1_encode_etype_info_entry(buf,val[i],&length, etype_info2);
-       if (retval) return retval;
-       sum += length;
+        retval = asn1_encode_etype_info_entry(buf,val[i],&length, etype_info2);
+        if (retval) return retval;
+        sum += length;
     }
     asn1_makeseq();
     asn1_cleanup();
@@ -802,14 +803,14 @@ asn1_error_code asn1_encode_sequence_of_passwdsequence(asn1buf *buf, const passw
 {
     asn1_setup();
     int i;
-  
+
     if (val == NULL || val[0] == NULL) return ASN1_MISSING_FIELD;
-  
+
     for (i=0; val[i] != NULL; i++); /* get to the end of the array */
     for (i--; i>=0; i--) {
-       retval = asn1_encode_passwdsequence(buf,val[i],&length);
-       if (retval) return retval;
-       sum += length;
+        retval = asn1_encode_passwdsequence(buf,val[i],&length);
+        if (retval) return retval;
+        sum += length;
     }
     asn1_makeseq();
     asn1_cleanup();
@@ -829,7 +830,7 @@ asn1_error_code asn1_encode_sam_flags(asn1buf *buf, const krb5_flags val, unsign
     return asn1_encode_krb5_flags(buf,val,retlen);
 }
 
-#define add_optstring(val,n,fn)                                                \
+#define add_optstring(val,n,fn)                                         \
     if ((val).length > 0) {asn1_addlenfield((val).length,(val).data,n,fn);}
 
 asn1_error_code asn1_encode_sam_challenge(asn1buf *buf, const krb5_sam_challenge *val, unsigned int *retlen)
@@ -837,10 +838,10 @@ asn1_error_code asn1_encode_sam_challenge(asn1buf *buf, const krb5_sam_challenge
     asn1_setup();
     /* possibly wrong */
     if (val->sam_cksum.length)
-       asn1_addfield(&(val->sam_cksum),9,asn1_encode_checksum);
+        asn1_addfield(&(val->sam_cksum),9,asn1_encode_checksum);
 
     if (val->sam_nonce)
-       asn1_addfield(val->sam_nonce,8,asn1_encode_integer);
+        asn1_addfield(val->sam_nonce,8,asn1_encode_integer);
 
     add_optstring(val->sam_pk_for_sad,7,asn1_encode_charstring);
     add_optstring(val->sam_response_prompt,6,asn1_encode_charstring);
@@ -860,24 +861,24 @@ asn1_error_code asn1_encode_sam_challenge_2(asn1buf *buf, const krb5_sam_challen
 {
     asn1_setup();
     if ( (!val) || (!val->sam_cksum) || (!val->sam_cksum[0]))
-       return ASN1_MISSING_FIELD;
+        return ASN1_MISSING_FIELD;
 
     asn1_addfield((const krb5_checksum **) val->sam_cksum, 1, asn1_encode_sequence_of_checksum);
     retval = asn1buf_insert_octetstring(buf, val->sam_challenge_2_body.length,
-                                       (unsigned char *)val->sam_challenge_2_body.data);
+                                        (unsigned char *)val->sam_challenge_2_body.data);
     if (retval) {
-       asn1buf_destroy(&buf);
-       return retval; 
+        asn1buf_destroy(&buf);
+        return retval;
     }
     sum += val->sam_challenge_2_body.length;
     retval = asn1_make_etag(buf, CONTEXT_SPECIFIC, 0,
-                           val->sam_challenge_2_body.length, &length);
+                            val->sam_challenge_2_body.length, &length);
     if (retval) {
-       asn1buf_destroy(&buf);
-       return retval;
+        asn1buf_destroy(&buf);
+        return retval;
     }
     sum += length;
-  
+
     asn1_makeseq();
     asn1_cleanup();
 }
@@ -942,12 +943,12 @@ asn1_error_code asn1_encode_sam_response(asn1buf *buf, const krb5_sam_response *
     asn1_setup();
 
     if (val->sam_patimestamp)
-       asn1_addfield(val->sam_patimestamp,6,asn1_encode_kerberos_time);
+        asn1_addfield(val->sam_patimestamp,6,asn1_encode_kerberos_time);
     if (val->sam_nonce)
-       asn1_addfield(val->sam_nonce,5,asn1_encode_integer);
+        asn1_addfield(val->sam_nonce,5,asn1_encode_integer);
     asn1_addfield(&(val->sam_enc_nonce_or_ts),4,asn1_encode_encrypted_data);
     if (val->sam_enc_key.ciphertext.length)
-       asn1_addfield(&(val->sam_enc_key),3,asn1_encode_encrypted_data);
+        asn1_addfield(&(val->sam_enc_key),3,asn1_encode_encrypted_data);
     add_optstring(val->sam_track_id,2,asn1_encode_charstring);
     asn1_addfield(val->sam_flags,1,asn1_encode_sam_flags);
     asn1_addfield(val->sam_type,0,asn1_encode_integer);
@@ -997,10 +998,10 @@ asn1_error_code asn1_encode_krb_saved_safe_body(asn1buf *buf, const krb5_data *b
     asn1_error_code retval;
 
     retval = asn1buf_insert_octetstring(buf, body->length,
-                                       (krb5_octet *)body->data);
+                                        (krb5_octet *)body->data);
     if (retval) {
-       asn1buf_destroy(&buf);
-       return retval; 
+        asn1buf_destroy(&buf);
+        return retval;
     }
     *retlen = body->length;
     return 0;
@@ -1043,24 +1044,24 @@ asn1_error_code asn1_encode_algorithm_identifier(asn1buf *buf, const krb5_algori
     asn1_setup();
 
     if (val->parameters.length != 0) {
-       retval = asn1buf_insert_octetstring(buf, val->parameters.length, 
-                                           val->parameters.data);
-       if (retval) {
-           asn1buf_destroy(&buf);
-           return retval;
-       }
-       sum += val->parameters.length;
+        retval = asn1buf_insert_octetstring(buf, val->parameters.length,
+                                            val->parameters.data);
+        if (retval) {
+            asn1buf_destroy(&buf);
+            return retval;
+        }
+        sum += val->parameters.length;
     }
-  
-    retval = asn1_encode_oid(buf, val->algorithm.length, 
-                            val->algorithm.data,
-                            &length);
-  
+
+    retval = asn1_encode_oid(buf, val->algorithm.length,
+                             val->algorithm.data,
+                             &length);
+
     if (retval) {
-       asn1buf_destroy(&buf);
-       return retval;
+        asn1buf_destroy(&buf);
+        return retval;
     }
-    sum += length;  
+    sum += length;
 
     asn1_makeseq();
     asn1_cleanup();
@@ -1073,34 +1074,34 @@ asn1_error_code asn1_encode_subject_pk_info(asn1buf *buf, const krb5_subject_pk_
     asn1_insert_implicit_bitstring(val->subjectPublicKey.length,val->subjectPublicKey.data,ASN1_BITSTRING);
 
     if (val->algorithm.parameters.length != 0) {
-       retval = asn1buf_insert_octetstring(buf, val->algorithm.parameters.length, 
-                                           val->algorithm.parameters.data);
-       if (retval) {
-           asn1buf_destroy(&buf);
-           return retval;
-       }
-       sum += val->algorithm.parameters.length;
+        retval = asn1buf_insert_octetstring(buf, val->algorithm.parameters.length,
+                                            val->algorithm.parameters.data);
+        if (retval) {
+            asn1buf_destroy(&buf);
+            return retval;
+        }
+        sum += val->algorithm.parameters.length;
     }
-  
-    retval = asn1_encode_oid(buf, val->algorithm.algorithm.length, 
-                            val->algorithm.algorithm.data,
-                            &length);
-  
+
+    retval = asn1_encode_oid(buf, val->algorithm.algorithm.length,
+                             val->algorithm.algorithm.data,
+                             &length);
+
     if (retval) {
-       asn1buf_destroy(&buf);
-       return retval;
+        asn1buf_destroy(&buf);
+        return retval;
     }
-    sum += length;  
-  
-    retval = asn1_make_etag(buf, UNIVERSAL, ASN1_SEQUENCE, 
-                           val->algorithm.parameters.length + length, 
-                           &length);
+    sum += length;
+
+    retval = asn1_make_etag(buf, UNIVERSAL, ASN1_SEQUENCE,
+                            val->algorithm.parameters.length + length,
+                            &length);
 
     if (retval) {
-       asn1buf_destroy(&buf);
-       return retval;
+        asn1buf_destroy(&buf);
+        return retval;
     }
-    sum += length;  
+    sum += length;
 
     asn1_makeseq();
     asn1_cleanup();
@@ -1115,9 +1116,9 @@ asn1_error_code asn1_encode_sequence_of_algorithm_identifier(asn1buf *buf, const
 
     for (i=0; val[i] != NULL; i++);
     for (i--; i>=0; i--) {
-       retval = asn1_encode_algorithm_identifier(buf,val[i],&length);
-       if (retval) return retval;
-       sum += length;
+        retval = asn1_encode_algorithm_identifier(buf,val[i],&length);
+        if (retval) return retval;
+        sum += length;
     }
     asn1_makeseq();
 
@@ -1129,11 +1130,11 @@ asn1_error_code asn1_encode_auth_pack(asn1buf *buf, const krb5_auth_pack *val, u
     asn1_setup();
 
     if (val->clientDHNonce.length != 0)
-       asn1_addlenfield(val->clientDHNonce.length, val->clientDHNonce.data, 3, asn1_encode_octetstring);
+        asn1_addlenfield(val->clientDHNonce.length, val->clientDHNonce.data, 3, asn1_encode_octetstring);
     if (val->supportedCMSTypes != NULL)
-       asn1_addfield((const krb5_algorithm_identifier **)val->supportedCMSTypes,2,asn1_encode_sequence_of_algorithm_identifier);
+        asn1_addfield((const krb5_algorithm_identifier **)val->supportedCMSTypes,2,asn1_encode_sequence_of_algorithm_identifier);
     if (val->clientPublicValue != NULL)
-       asn1_addfield(val->clientPublicValue,1,asn1_encode_subject_pk_info);
+        asn1_addfield(val->clientPublicValue,1,asn1_encode_subject_pk_info);
     asn1_addfield(&(val->pkAuthenticator),0,asn1_encode_pk_authenticator);
 
     asn1_makeseq();
@@ -1145,7 +1146,7 @@ asn1_error_code asn1_encode_auth_pack_draft9(asn1buf *buf, const krb5_auth_pack_
     asn1_setup();
 
     if (val->clientPublicValue != NULL)
-       asn1_addfield(val->clientPublicValue, 1, asn1_encode_subject_pk_info);
+        asn1_addfield(val->clientPublicValue, 1, asn1_encode_subject_pk_info);
     asn1_addfield(&(val->pkAuthenticator), 0, asn1_encode_pk_authenticator_draft9);
 
     asn1_makeseq();
@@ -1158,16 +1159,16 @@ asn1_error_code asn1_encode_external_principal_identifier(asn1buf *buf, const kr
 
     /* Verify there is something to encode */
     if (val->subjectKeyIdentifier.length == 0 && val->issuerAndSerialNumber.length == 0 && val->subjectName.length == 0)
-       return ASN1_MISSING_FIELD;
+        return ASN1_MISSING_FIELD;
 
-    if (val->subjectKeyIdentifier.length != 0) 
-       asn1_insert_implicit_octetstring(val->subjectKeyIdentifier.length,val->subjectKeyIdentifier.data,2);
+    if (val->subjectKeyIdentifier.length != 0)
+        asn1_insert_implicit_octetstring(val->subjectKeyIdentifier.length,val->subjectKeyIdentifier.data,2);
 
-    if (val->issuerAndSerialNumber.length != 0) 
-       asn1_insert_implicit_octetstring(val->issuerAndSerialNumber.length,val->issuerAndSerialNumber.data,1);
+    if (val->issuerAndSerialNumber.length != 0)
+        asn1_insert_implicit_octetstring(val->issuerAndSerialNumber.length,val->issuerAndSerialNumber.data,1);
 
-    if (val->subjectName.length != 0) 
-       asn1_insert_implicit_octetstring(val->subjectName.length,val->subjectName.data,0);
+    if (val->subjectName.length != 0)
+        asn1_insert_implicit_octetstring(val->subjectName.length,val->subjectName.data,0);
 
     asn1_makeseq();
     asn1_cleanup();
@@ -1182,9 +1183,9 @@ asn1_error_code asn1_encode_sequence_of_external_principal_identifier(asn1buf *b
 
     for (i=0; val[i] != NULL; i++);
     for (i--; i>=0; i--) {
-       retval = asn1_encode_external_principal_identifier(buf,val[i],&length);
-       if (retval) return retval;
-       sum += length;
+        retval = asn1_encode_external_principal_identifier(buf,val[i],&length);
+        if (retval) return retval;
+        sum += length;
     }
     asn1_makeseq();
 
@@ -1195,11 +1196,11 @@ asn1_error_code asn1_encode_pa_pk_as_req(asn1buf *buf, const krb5_pa_pk_as_req *
 {
     asn1_setup();
 
-    if (val->kdcPkId.length != 0) 
-       asn1_insert_implicit_octetstring(val->kdcPkId.length,val->kdcPkId.data,2);
+    if (val->kdcPkId.length != 0)
+        asn1_insert_implicit_octetstring(val->kdcPkId.length,val->kdcPkId.data,2);
 
     if (val->trustedCertifiers != NULL)
-       asn1_addfield((const krb5_external_principal_identifier **)val->trustedCertifiers,1,asn1_encode_sequence_of_external_principal_identifier);
+        asn1_addfield((const krb5_external_principal_identifier **)val->trustedCertifiers,1,asn1_encode_sequence_of_external_principal_identifier);
 
     asn1_insert_implicit_octetstring(val->signedAuthPack.length,val->signedAuthPack.data,0);
 
@@ -1213,16 +1214,16 @@ asn1_error_code asn1_encode_trusted_ca(asn1buf *buf, const krb5_trusted_ca *val,
 
     switch (val->choice) {
     case choice_trusted_cas_issuerAndSerial:
-       asn1_insert_implicit_octetstring(val->u.issuerAndSerial.length,val->u.issuerAndSerial.data,2);
-       break;
+        asn1_insert_implicit_octetstring(val->u.issuerAndSerial.length,val->u.issuerAndSerial.data,2);
+        break;
     case choice_trusted_cas_caName:
-       asn1_insert_implicit_octetstring(val->u.caName.length,val->u.caName.data,1);
-       break;
+        asn1_insert_implicit_octetstring(val->u.caName.length,val->u.caName.data,1);
+        break;
     case choice_trusted_cas_principalName:
-       asn1_addfield_implicit(val->u.principalName,0,asn1_encode_principal_name);
-       break;
+        asn1_addfield_implicit(val->u.principalName,0,asn1_encode_principal_name);
+        break;
     default:
-       return ASN1_MISSING_FIELD;
+        return ASN1_MISSING_FIELD;
     }
 
     asn1_cleanup();
@@ -1237,9 +1238,9 @@ asn1_error_code asn1_encode_sequence_of_trusted_ca(asn1buf *buf, const krb5_trus
 
     for (i=0; val[i] != NULL; i++);
     for (i--; i>=0; i--) {
-       retval = asn1_encode_trusted_ca(buf,val[i],&length);
-       if (retval) return retval;
-       sum += length;
+        retval = asn1_encode_trusted_ca(buf,val[i],&length);
+        if (retval) return retval;
+        sum += length;
     }
     asn1_makeseq();
     asn1_cleanup();
@@ -1250,13 +1251,13 @@ asn1_error_code asn1_encode_pa_pk_as_req_draft9(asn1buf *buf, const krb5_pa_pk_a
     asn1_setup();
 
     if (val->encryptionCert.length != 0)
-       asn1_insert_implicit_octetstring(val->encryptionCert.length,val->encryptionCert.data,3);
+        asn1_insert_implicit_octetstring(val->encryptionCert.length,val->encryptionCert.data,3);
 
-    if (val->kdcCert.length != 0) 
-       asn1_insert_implicit_octetstring(val->kdcCert.length,val->kdcCert.data,2);
+    if (val->kdcCert.length != 0)
+        asn1_insert_implicit_octetstring(val->kdcCert.length,val->kdcCert.data,2);
 
     if (val->trustedCertifiers != NULL)
-       asn1_addfield((const krb5_trusted_ca **)val->trustedCertifiers,1,asn1_encode_sequence_of_trusted_ca);
+        asn1_addfield((const krb5_trusted_ca **)val->trustedCertifiers,1,asn1_encode_sequence_of_trusted_ca);
 
     asn1_insert_implicit_octetstring(val->signedAuthPack.length,val->signedAuthPack.data,0);
 
@@ -1269,8 +1270,8 @@ asn1_error_code asn1_encode_dh_rep_info(asn1buf *buf, const krb5_dh_rep_info *va
     asn1_setup();
 
     if (val->serverDHNonce.length != 0)
-       asn1_insert_implicit_octetstring(val->serverDHNonce.length,val->serverDHNonce.data,1);
-  
+        asn1_insert_implicit_octetstring(val->serverDHNonce.length,val->serverDHNonce.data,1);
+
     asn1_insert_implicit_octetstring(val->dhSignedData.length,val->dhSignedData.data,0);
 
     asn1_makeseq();
@@ -1281,19 +1282,19 @@ asn1_error_code asn1_encode_kdc_dh_key_info(asn1buf *buf, const krb5_kdc_dh_key_
 {
     asn1_setup();
 
-    if (val->dhKeyExpiration != 0) 
-       asn1_addfield(val->dhKeyExpiration, 2, asn1_encode_kerberos_time);
+    if (val->dhKeyExpiration != 0)
+        asn1_addfield(val->dhKeyExpiration, 2, asn1_encode_kerberos_time);
     asn1_addfield(val->nonce, 1, asn1_encode_integer);
 
     asn1_insert_implicit_bitstring(val->subjectPublicKey.length,val->subjectPublicKey.data,3);
-    retval = asn1_make_etag(buf, CONTEXT_SPECIFIC, 0, 
-                           val->subjectPublicKey.length + 1 + length,
-                           &length);
+    retval = asn1_make_etag(buf, CONTEXT_SPECIFIC, 0,
+                            val->subjectPublicKey.length + 1 + length,
+                            &length);
     if (retval) {
-       asn1buf_destroy(&buf);
-       return retval;
+        asn1buf_destroy(&buf);
+        return retval;
     }
-    sum += length; 
+    sum += length;
 
     asn1_makeseq();
     asn1_cleanup();
@@ -1328,13 +1329,13 @@ asn1_error_code asn1_encode_pa_pk_as_rep(asn1buf *buf, const krb5_pa_pk_as_rep *
     switch (val->choice)
     {
     case choice_pa_pk_as_rep_dhInfo:
-       asn1_addfield(&(val->u.dh_Info), choice_pa_pk_as_rep_dhInfo, asn1_encode_dh_rep_info);
-       break;
+        asn1_addfield(&(val->u.dh_Info), choice_pa_pk_as_rep_dhInfo, asn1_encode_dh_rep_info);
+        break;
     case choice_pa_pk_as_rep_encKeyPack:
-       asn1_insert_implicit_octetstring(val->u.encKeyPack.length,val->u.encKeyPack.data,1);
-       break;
+        asn1_insert_implicit_octetstring(val->u.encKeyPack.length,val->u.encKeyPack.data,1);
+        break;
     default:
-       return ASN1_MISSING_FIELD;
+        return ASN1_MISSING_FIELD;
     }
 
     asn1_cleanup();
@@ -1347,13 +1348,13 @@ asn1_error_code asn1_encode_pa_pk_as_rep_draft9(asn1buf *buf, const krb5_pa_pk_a
     switch (val->choice)
     {
     case choice_pa_pk_as_rep_draft9_dhSignedData:
-       asn1_insert_implicit_octetstring(val->u.dhSignedData.length,val->u.dhSignedData.data,0);
-       break;
+        asn1_insert_implicit_octetstring(val->u.dhSignedData.length,val->u.dhSignedData.data,0);
+        break;
     case choice_pa_pk_as_rep_encKeyPack:
-       asn1_insert_implicit_octetstring(val->u.encKeyPack.length,val->u.encKeyPack.data,1);
-       break;
+        asn1_insert_implicit_octetstring(val->u.encKeyPack.length,val->u.encKeyPack.data,1);
+        break;
     default:
-       return ASN1_MISSING_FIELD;
+        return ASN1_MISSING_FIELD;
     }
 
     asn1_cleanup();
@@ -1364,8 +1365,8 @@ asn1_error_code asn1_encode_td_trusted_certifiers(asn1buf *buf, const krb5_exter
     asn1_setup();
     retval = asn1_encode_sequence_of_external_principal_identifier(buf, val, &length);
     if (retval) {
-       asn1buf_destroy(&buf);
-       return retval;
+        asn1buf_destroy(&buf);
+        return retval;
     }
     asn1_cleanup();
 }
@@ -1379,9 +1380,9 @@ asn1_error_code asn1_encode_sequence_of_typed_data(asn1buf *buf, const krb5_type
 
     for (i=0; val[i] != NULL; i++);
     for (i--; i>=0; i--) {
-       retval = asn1_encode_typed_data(buf,val[i],&length);
-       if (retval) return retval;
-       sum += length;
+        retval = asn1_encode_typed_data(buf,val[i],&length);
+        if (retval) return retval;
+        sum += length;
     }
     asn1_makeseq();
 
index b5f24c42b70e973e81930086a2915c1628a7b810..7ec2b063215f8fec02dccce293874857daec88fb 100644 (file)
@@ -1,6 +1,7 @@
+/* -*- mode: c; indent-tabs-mode: nil -*- */
 /*
  * src/lib/krb5/asn.1/asn1_k_encode.h
- * 
+ *
  * Copyright 1994 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
@@ -8,7 +9,7 @@
  *   require a specific license from the United States Government.
  *   It is the responsibility of any person or organization contemplating
  *   export to obtain such a license before exporting.
- * 
+ *
  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
  * distribute this software and its documentation for any purpose and
  * without fee is hereby granted, provided that the above copyright
 **** for simple val's ****
 asn1_error_code asn1_encode_asn1_type(asn1buf *buf,
                                       const krb5_type val,
-                                     int *retlen);
+                                      int *retlen);
    requires  *buf is allocated
    effects   Inserts the encoding of val into *buf and
               returns the length of this encoding in *retlen.
-            Returns ASN1_MISSING_FIELD if a required field is empty in val.
-            Returns ENOMEM if memory runs out.
+             Returns ASN1_MISSING_FIELD if a required field is empty in val.
+             Returns ENOMEM if memory runs out.
 
 **** for struct val's ****
 asn1_error_code asn1_encode_asn1_type(asn1buf *buf,
                                       const krb5_type *val,
-                                     int *retlen);
+                                      int *retlen);
    requires  *buf is allocated
    effects   Inserts the encoding of *val into *buf and
               returns the length of this encoding in *retlen.
-            Returns ASN1_MISSING_FIELD if a required field is empty in val.
-            Returns ENOMEM if memory runs out.
+             Returns ASN1_MISSING_FIELD if a required field is empty in val.
+             Returns ENOMEM if memory runs out.
 
 **** for array val's ****
 asn1_error_code asn1_encode_asn1_type(asn1buf *buf,
                                       const krb5_type **val,
-                                     int *retlen);
+                                      int *retlen);
    requires  *buf is allocated, **val != NULL, *val[0] != NULL,
               **val is a NULL-terminated array of pointers to krb5_type
    effects   Inserts the encoding of **val into *buf and
               returns the length of this encoding in *retlen.
-            Returns ASN1_MISSING_FIELD if a required field is empty in val.
-            Returns ENOMEM if memory runs out.
+             Returns ASN1_MISSING_FIELD if a required field is empty in val.
+             Returns ENOMEM if memory runs out.
 */
 
 asn1_error_code asn1_encode_ui_4 (asn1buf *buf,
-                                           const krb5_ui_4 val,
-                                           unsigned int *retlen);
+                                            const krb5_ui_4 val,
+                                            unsigned int *retlen);
 
 asn1_error_code asn1_encode_msgtype (asn1buf *buf,
-                                              const /*krb5_msgtype*/int val,
-                                              unsigned int *retlen);
+                                               const /*krb5_msgtype*/int val,
+                                               unsigned int *retlen);
 
 asn1_error_code asn1_encode_realm
-       (asn1buf *buf, const krb5_principal val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_principal val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_principal_name
-       (asn1buf *buf, const krb5_principal val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_principal val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_encrypted_data
-       (asn1buf *buf, const krb5_enc_data *val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_enc_data *val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_krb5_flags
-       (asn1buf *buf, const krb5_flags val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_flags val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_ap_options
-       (asn1buf *buf, const krb5_flags val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_flags val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_ticket_flags
-       (asn1buf *buf, const krb5_flags val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_flags val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_kdc_options
-       (asn1buf *buf, const krb5_flags val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_flags val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_authorization_data
-       (asn1buf *buf, const krb5_authdata **val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_authdata **val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_krb5_authdata_elt
-       (asn1buf *buf, const krb5_authdata *val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_authdata *val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_kdc_rep
-       (int msg_type, asn1buf *buf, const krb5_kdc_rep *val,
-                  unsigned int *retlen);
+        (int msg_type, asn1buf *buf, const krb5_kdc_rep *val,
+                   unsigned int *retlen);
 
 asn1_error_code asn1_encode_enc_kdc_rep_part
-       (asn1buf *buf, const krb5_enc_kdc_rep_part *val,
-                  unsigned int *retlen);
+        (asn1buf *buf, const krb5_enc_kdc_rep_part *val,
+                   unsigned int *retlen);
 
 asn1_error_code asn1_encode_ticket
-       (asn1buf *buf, const krb5_ticket *val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_ticket *val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_encryption_key
-       (asn1buf *buf, const krb5_keyblock *val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_keyblock *val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_kerberos_time
-       (asn1buf *buf, const krb5_timestamp val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_timestamp val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_checksum
-       (asn1buf *buf, const krb5_checksum *val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_checksum *val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_host_address
-       (asn1buf *buf, const krb5_address *val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_address *val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_host_addresses
-       (asn1buf *buf, const krb5_address **val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_address **val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_transited_encoding
-       (asn1buf *buf, const krb5_transited *val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_transited *val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_last_req
-       (asn1buf *buf, const krb5_last_req_entry **val,
-                  unsigned int *retlen);
+        (asn1buf *buf, const krb5_last_req_entry **val,
+                   unsigned int *retlen);
 
 asn1_error_code asn1_encode_sequence_of_pa_data
-       (asn1buf *buf, const krb5_pa_data **val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_pa_data **val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_sequence_of_ticket
-       (asn1buf *buf, const krb5_ticket **val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_ticket **val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_sequence_of_enctype
-       (asn1buf *buf,
-                  const int len, const krb5_enctype *val,
-                  unsigned int *retlen);
+        (asn1buf *buf,
+                   const int len, const krb5_enctype *val,
+                   unsigned int *retlen);
 
 asn1_error_code asn1_encode_sequence_of_checksum
-       (asn1buf *buf, const krb5_checksum **val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_checksum **val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_kdc_req
-       (int msg_type,
-                  asn1buf *buf,
-                  const krb5_kdc_req *val,
-                  unsigned int *retlen);
+        (int msg_type,
+                   asn1buf *buf,
+                   const krb5_kdc_req *val,
+                   unsigned int *retlen);
 
 asn1_error_code asn1_encode_kdc_req_body
-       (asn1buf *buf, const krb5_kdc_req *val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_kdc_req *val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_krb_safe_body
-       (asn1buf *buf, const krb5_safe *val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_safe *val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_sequence_of_krb_cred_info
-       (asn1buf *buf, const krb5_cred_info **val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_cred_info **val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_krb_cred_info
-       (asn1buf *buf, const krb5_cred_info *val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_cred_info *val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_last_req_entry
-       (asn1buf *buf, const krb5_last_req_entry *val,
-                  unsigned int *retlen);
+        (asn1buf *buf, const krb5_last_req_entry *val,
+                   unsigned int *retlen);
 
 asn1_error_code asn1_encode_pa_data
-       (asn1buf *buf, const krb5_pa_data *val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_pa_data *val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_alt_method
-       (asn1buf *buf, const krb5_alt_method *val,
-                  unsigned int *retlen);
+        (asn1buf *buf, const krb5_alt_method *val,
+                   unsigned int *retlen);
 
 asn1_error_code asn1_encode_etype_info_entry
-       (asn1buf *buf, const krb5_etype_info_entry *val,
-                  unsigned int *retlen, int etype_info2);
+        (asn1buf *buf, const krb5_etype_info_entry *val,
+                   unsigned int *retlen, int etype_info2);
 
 asn1_error_code asn1_encode_etype_info
-       (asn1buf *buf, const krb5_etype_info_entry **val,
-                  unsigned int *retlen, int etype_info2);
+        (asn1buf *buf, const krb5_etype_info_entry **val,
+                   unsigned int *retlen, int etype_info2);
 
 asn1_error_code asn1_encode_passwdsequence
-       (asn1buf *buf, const passwd_phrase_element *val, unsigned int *retlen);
+        (asn1buf *buf, const passwd_phrase_element *val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_sequence_of_passwdsequence
-       (asn1buf *buf, const passwd_phrase_element **val,
-       unsigned int *retlen);
+        (asn1buf *buf, const passwd_phrase_element **val,
+        unsigned int *retlen);
 
 asn1_error_code asn1_encode_sam_flags
-       (asn1buf * buf, const krb5_flags val, unsigned int *retlen);
+        (asn1buf * buf, const krb5_flags val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_sam_challenge
-       (asn1buf *buf, const krb5_sam_challenge * val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_sam_challenge * val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_sam_challenge_2
-       (asn1buf *buf, const krb5_sam_challenge_2 * val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_sam_challenge_2 * val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_sam_challenge_2_body
-       (asn1buf *buf, const krb5_sam_challenge_2_body * val,
-                  unsigned int *retlen);
+        (asn1buf *buf, const krb5_sam_challenge_2_body * val,
+                   unsigned int *retlen);
 
 asn1_error_code asn1_encode_sam_key
-       (asn1buf *buf, const krb5_sam_key *val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_sam_key *val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_enc_sam_response_enc
-       (asn1buf *buf, const krb5_enc_sam_response_enc *val,
-                  unsigned int *retlen);
+        (asn1buf *buf, const krb5_enc_sam_response_enc *val,
+                   unsigned int *retlen);
 
 asn1_error_code asn1_encode_enc_sam_response_enc_2
-       (asn1buf *buf, const krb5_enc_sam_response_enc_2 *val,
-                  unsigned int *retlen);
+        (asn1buf *buf, const krb5_enc_sam_response_enc_2 *val,
+                   unsigned int *retlen);
 
 asn1_error_code asn1_encode_sam_response
-       (asn1buf *buf, const krb5_sam_response *val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_sam_response *val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_sam_response_2
-       (asn1buf *buf, const krb5_sam_response_2 *val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_sam_response_2 *val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_predicted_sam_response
-       (asn1buf *buf, const krb5_predicted_sam_response *val, 
-                  unsigned int *retlen);
+        (asn1buf *buf, const krb5_predicted_sam_response *val,
+                   unsigned int *retlen);
 
 asn1_error_code asn1_encode_krb_saved_safe_body
-       (asn1buf *buf, const krb5_data *body, unsigned int *retlen);
+        (asn1buf *buf, const krb5_data *body, unsigned int *retlen);
 
 /* PKINIT */
 
 asn1_error_code asn1_encode_pk_authenticator
-       (asn1buf *buf, const krb5_pk_authenticator *val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_pk_authenticator *val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_pk_authenticator_draft9
-       (asn1buf *buf, const krb5_pk_authenticator_draft9 *val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_pk_authenticator_draft9 *val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_algorithm_identifier
-       (asn1buf *buf, const krb5_algorithm_identifier *val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_algorithm_identifier *val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_subject_pk_info
-       (asn1buf *buf, const krb5_subject_pk_info *val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_subject_pk_info *val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_sequence_of_algorithm_identifier
-       (asn1buf *buf, const krb5_algorithm_identifier **val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_algorithm_identifier **val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_auth_pack
-       (asn1buf *buf, const krb5_auth_pack *val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_auth_pack *val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_auth_pack_draft9
-       (asn1buf *buf, const krb5_auth_pack_draft9 *val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_auth_pack_draft9 *val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_external_principal_identifier
-       (asn1buf *buf, const krb5_external_principal_identifier *val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_external_principal_identifier *val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_sequence_of_external_principal_identifier
-       (asn1buf *buf, const krb5_external_principal_identifier **val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_external_principal_identifier **val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_pa_pk_as_req
-       (asn1buf *buf, const krb5_pa_pk_as_req *val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_pa_pk_as_req *val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_trusted_ca
-       (asn1buf *buf, const krb5_trusted_ca *val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_trusted_ca *val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_sequence_of_trusted_ca
-       (asn1buf *buf, const krb5_trusted_ca **val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_trusted_ca **val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_pa_pk_as_req_draft9
-       (asn1buf *buf, const krb5_pa_pk_as_req_draft9 *val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_pa_pk_as_req_draft9 *val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_dh_rep_info
-       (asn1buf *buf, const krb5_dh_rep_info *val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_dh_rep_info *val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_kdc_dh_key_info
-       (asn1buf *buf, const krb5_kdc_dh_key_info *val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_kdc_dh_key_info *val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_reply_key_pack
-       (asn1buf *buf, const krb5_reply_key_pack *val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_reply_key_pack *val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_reply_key_pack_draft9
-       (asn1buf *buf, const krb5_reply_key_pack_draft9 *val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_reply_key_pack_draft9 *val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_pa_pk_as_rep
-       (asn1buf *buf, const krb5_pa_pk_as_rep *val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_pa_pk_as_rep *val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_pa_pk_as_rep_draft9
-       (asn1buf *buf, const krb5_pa_pk_as_rep_draft9 *val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_pa_pk_as_rep_draft9 *val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_td_trusted_certifiers
-       (asn1buf *buf, const krb5_external_principal_identifier **val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_external_principal_identifier **val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_typed_data
-       (asn1buf *buf, const krb5_typed_data *val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_typed_data *val, unsigned int *retlen);
 
 asn1_error_code asn1_encode_sequence_of_typed_data
-       (asn1buf *buf, const krb5_typed_data **val, unsigned int *retlen);
+        (asn1buf *buf, const krb5_typed_data **val, unsigned int *retlen);
 #endif
index 5c13c035a5f9a1bd56a0bc775609534a32de10d6..c4f740c7fbcc86d3f0ab6b026dc37b0d4aafc8f9 100644 (file)
@@ -1,6 +1,7 @@
+/* -*- mode: c; indent-tabs-mode: nil -*- */
 /*
  * src/lib/krb5/asn.1/asn1_make.c
- * 
+ *
  * Copyright 1994 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
@@ -8,7 +9,7 @@
  *   require a specific license from the United States Government.
  *   It is the responsibility of any person or organization contemplating
  *   export to obtain such a license before exporting.
- * 
+ *
  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
  * distribute this software and its documentation for any purpose and
  * without fee is hereby granted, provided that the above copyright
 #include "asn1_make.h"
 
 asn1_error_code asn1_make_etag(asn1buf *buf, asn1_class asn1class,
-                              asn1_tagnum tagnum, unsigned int in_len,
-                              unsigned int *retlen)
+                               asn1_tagnum tagnum, unsigned int in_len,
+                               unsigned int *retlen)
 {
     return asn1_make_tag(buf,asn1class,CONSTRUCTED,tagnum,in_len,retlen);
 }
 
 
 asn1_error_code asn1_make_tag(asn1buf *buf, asn1_class asn1class,
-                             asn1_construction construction,
-                             asn1_tagnum tagnum, unsigned int in_len,
-                             unsigned int *retlen)
+                              asn1_construction construction,
+                              asn1_tagnum tagnum, unsigned int in_len,
+                              unsigned int *retlen)
 {
     asn1_error_code retval;
     unsigned int sumlen=0, length;
@@ -60,57 +61,57 @@ asn1_error_code asn1_make_length(asn1buf *buf, const unsigned int in_len, unsign
     asn1_error_code retval;
 
     if (in_len < 128) {
-       retval = asn1buf_insert_octet(buf, (asn1_octet)(in_len&0x7F));
-       if (retval) return retval;
-       *retlen = 1;
+        retval = asn1buf_insert_octet(buf, (asn1_octet)(in_len&0x7F));
+        if (retval) return retval;
+        *retlen = 1;
     } else {
-       int in_copy=in_len, length=0;
-
-       while (in_copy != 0) {
-           retval = asn1buf_insert_octet(buf, (asn1_octet)(in_copy&0xFF));
-           if (retval) return retval;
-           in_copy = in_copy >> 8;
-           length++;
-       }
-       retval = asn1buf_insert_octet(buf, (asn1_octet) (0x80 | (asn1_octet)(length&0x7F)));
-       if (retval) return retval;
-       length++;
-       *retlen = length;
+        int in_copy=in_len, length=0;
+
+        while (in_copy != 0) {
+            retval = asn1buf_insert_octet(buf, (asn1_octet)(in_copy&0xFF));
+            if (retval) return retval;
+            in_copy = in_copy >> 8;
+            length++;
+        }
+        retval = asn1buf_insert_octet(buf, (asn1_octet) (0x80 | (asn1_octet)(length&0x7F)));
+        if (retval) return retval;
+        length++;
+        *retlen = length;
     }
 
     return 0;
 }
 
 asn1_error_code asn1_make_id(asn1buf *buf, asn1_class asn1class,
-                            asn1_construction construction,
-                            asn1_tagnum tagnum, unsigned int *retlen)
+                             asn1_construction construction,
+                             asn1_tagnum tagnum, unsigned int *retlen)
 {
     asn1_error_code retval;
 
     if (tagnum < 31) {
-       retval = asn1buf_insert_octet(buf, (asn1_octet) (asn1class | construction |
-                                                        (asn1_octet)tagnum));
-       if (retval) return retval;
-       *retlen = 1;
+        retval = asn1buf_insert_octet(buf, (asn1_octet) (asn1class | construction |
+                                                         (asn1_octet)tagnum));
+        if (retval) return retval;
+        *retlen = 1;
     } else {
-       asn1_tagnum tagcopy = tagnum;
-       int length = 0;
-
-       retval = asn1buf_insert_octet(buf, (asn1_octet)(tagcopy&0x7F));
-       if (retval) return retval;
-       tagcopy >>= 7;
-       length++;
-
-       for (; tagcopy != 0; tagcopy >>= 7) {
-           retval = asn1buf_insert_octet(buf, (asn1_octet) (0x80 | (asn1_octet)(tagcopy&0x7F)));
-           if (retval) return retval;
-           length++;
-       }
-
-       retval = asn1buf_insert_octet(buf, (asn1_octet) (asn1class | construction | 0x1F));
-       if (retval) return retval;
-       length++;
-       *retlen = length;
+        asn1_tagnum tagcopy = tagnum;
+        int length = 0;
+
+        retval = asn1buf_insert_octet(buf, (asn1_octet)(tagcopy&0x7F));
+        if (retval) return retval;
+        tagcopy >>= 7;
+        length++;
+
+        for (; tagcopy != 0; tagcopy >>= 7) {
+            retval = asn1buf_insert_octet(buf, (asn1_octet) (0x80 | (asn1_octet)(tagcopy&0x7F)));
+            if (retval) return retval;
+            length++;
+        }
+
+        retval = asn1buf_insert_octet(buf, (asn1_octet) (asn1class | construction | 0x1F));
+        if (retval) return retval;
+        length++;
+        *retlen = length;
     }
 
     return 0;
index de13d7b52018113e7a0e4c78440fcfedc4f80bf8..c866572b2f40665fbb57ec21b74328840c24e312 100644 (file)
@@ -1,6 +1,7 @@
+/* -*- mode: c; indent-tabs-mode: nil -*- */
 /*
  * src/lib/krb5/asn.1/asn1_make.h
- * 
+ *
  * Copyright 1994 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
@@ -8,7 +9,7 @@
  *   require a specific license from the United States Government.
  *   It is the responsibility of any person or organization contemplating
  *   export to obtain such a license before exporting.
- * 
+ *
  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
  * distribute this software and its documentation for any purpose and
  * without fee is hereby granted, provided that the above copyright
 */
 
 asn1_error_code asn1_make_etag
-       (asn1buf *buf,
-                  asn1_class asn1class,
-                  asn1_tagnum tagnum,
-                  unsigned int in_len,
-                  unsigned int *retlen);
+        (asn1buf *buf,
+                   asn1_class asn1class,
+                   asn1_tagnum tagnum,
+                   unsigned int in_len,
+                   unsigned int *retlen);
 /* requires  *buf is allocated, in_len is the length of an ASN.1 encoding
              which has just been inserted in *buf
    modifies  *buf, *retlen
    effects   Inserts an explicit tag with class = asn1class, id# = tag
               length = in_len into *buf.
-            Returns the length of this encoding in *retlen.
-            Returns ENOMEM if memory runs out. */
+             Returns the length of this encoding in *retlen.
+             Returns ENOMEM if memory runs out. */
 
 asn1_error_code asn1_make_tag
-       (asn1buf *buf, asn1_class asn1class,
-                  asn1_construction construction,
-                  asn1_tagnum tagnum,
-                  unsigned int in_len,
-                  unsigned int *retlen);
+        (asn1buf *buf, asn1_class asn1class,
+                   asn1_construction construction,
+                   asn1_tagnum tagnum,
+                   unsigned int in_len,
+                   unsigned int *retlen);
 /* requires  *buf is allocated, in_len is the length of an ASN.1 encoding
              which has just been inserted in *buf
    modifies  *buf, *retlen
    effects   Inserts the encoding of a tag with class = asn1class,
               primitive/constructed staus = construction,
-             id# = tag and length = in_len into *buf.
-            Returns the length of this encoding in *retlen.
-            Returns ENOMEM if memory runs out.
-            Returns ASN1_OVERFLOW if tagnum exceeds the limits of
-             the implementation. */
+              id# = tag and length = in_len into *buf.
+             Returns the length of this encoding in *retlen.
+             Returns ENOMEM if memory runs out.
+             Returns ASN1_OVERFLOW if tagnum exceeds the limits of
+              the implementation. */
 
 asn1_error_code asn1_make_sequence
-       (asn1buf *buf, const unsigned int seq_len, unsigned int *len);
+        (asn1buf *buf, const unsigned int seq_len, unsigned int *len);
 /* requires  *buf is allocated, seq_len is the length of a series of
              sequence components which have just been inserted in *buf
    modifies  *buf, *retlen
@@ -87,8 +88,8 @@ asn1_error_code asn1_make_sequence
              Returns ENOMEM if memory runs out. */
 
 asn1_error_code asn1_make_set
-       (asn1buf *buf, const unsigned int set_len, 
-                  unsigned int *retlen);
+        (asn1buf *buf, const unsigned int set_len,
+                   unsigned int *retlen);
 /* requires  *buf is allocated, seq_len is the length of a series of
              sequence components which have just been inserted in *buf
    modifies  *buf, *retlen
@@ -97,9 +98,9 @@ asn1_error_code asn1_make_set
              Returns ENOMEM if memory runs out. */
 
 asn1_error_code asn1_make_string
-       (asn1buf *buf,
-                  const unsigned int len, const char *string,
-                  int *retlen);
+        (asn1buf *buf,
+                   const unsigned int len, const char *string,
+                   int *retlen);
 /* requires  *buf is allocated, len is the length of *string
    effects   Inserts the encoding of *string (a series of octets) in *buf.
              Returns the length of this encoding in *retlen.
@@ -111,8 +112,8 @@ asn1_error_code asn1_make_string
 
 /* "helper" procedure for asn1_make_tag */
 asn1_error_code asn1_make_length
-       (asn1buf *buf, const unsigned int in_len, 
-                  unsigned int *retlen);
+        (asn1buf *buf, const unsigned int in_len,
+                   unsigned int *retlen);
 /* requires  *buf is allocated, in_len is the length of an ASN.1 encoding
              which has just been inserted in *buf
    modifies  *buf, *retlen
@@ -120,11 +121,11 @@ asn1_error_code asn1_make_length
 
 /* "helper" procedure for asn1_make_tag */
 asn1_error_code asn1_make_id
-       (asn1buf *buf,
-                  asn1_class asn1class,
-                  asn1_construction construction,
-                  asn1_tagnum tagnum,
-                  unsigned int *retlen);
+        (asn1buf *buf,
+                   asn1_class asn1class,
+                   asn1_construction construction,
+                   asn1_tagnum tagnum,
+                   unsigned int *retlen);
 /* requires  *buf is allocated, asn1class and tagnum are appropriate for
              the ASN.1 encoding which has just been inserted in *buf
    modifies  *buf, *retlen
index 54ed273ce14870b6eb74b59cfbaed85a0721a084..c357f60c29ec446e550edd6e9507742cb79c3e56 100644 (file)
@@ -1,6 +1,7 @@
+/* -*- mode: c; indent-tabs-mode: nil -*- */
 /*
  * src/lib/krb5/asn.1/asn1_misc.c
- * 
+ *
  * Copyright 1994 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
@@ -8,7 +9,7 @@
  *   require a specific license from the United States Government.
  *   It is the responsibility of any person or organization contemplating
  *   export to obtain such a license before exporting.
- * 
+ *
  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
  * distribute this software and its documentation for any purpose and
  * without fee is hereby granted, provided that the above copyright
@@ -32,6 +33,6 @@ asn1_error_code asn1_krb5_realm_copy(krb5_principal target, krb5_principal sourc
     target->realm.data = (char*)malloc(target->realm.length); /* copy realm */
     if (target->realm.data == NULL) return ENOMEM;
     memcpy(target->realm.data,source->realm.data, /* to client */
-          target->realm.length);
+           target->realm.length);
     return 0;
 }
index 31b30dac216967bab1f94b16f07e64916d3cefce..ca9d57999fd6895198b9810a34a0a16a05e7b711 100644 (file)
@@ -1,6 +1,7 @@
+/* -*- mode: c; indent-tabs-mode: nil -*- */
 /*
  * src/lib/krb5/asn.1/asn1_misc.h
- * 
+ *
  * Copyright 1994 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
@@ -8,7 +9,7 @@
  *   require a specific license from the United States Government.
  *   It is the responsibility of any person or organization contemplating
  *   export to obtain such a license before exporting.
- * 
+ *
  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
  * distribute this software and its documentation for any purpose and
  * without fee is hereby granted, provided that the above copyright
@@ -31,7 +32,7 @@
 #include "krbasn1.h"
 
 asn1_error_code asn1_krb5_realm_copy
-       (krb5_principal target, krb5_principal source);
+        (krb5_principal target, krb5_principal source);
 /* requires  target, source, and source->realm are allocated
    effects   Copies source->realm into target->realm.
              Returns ENOMEM if memory is exhausted. */
index 5320e184e4ee2fecb22a41d097cb6809637e5d91..49ef84fbb61e87475db1ac5a9c3fc414a8edf707 100644 (file)
@@ -1,3 +1,4 @@
+/* -*- mode: c; indent-tabs-mode: nil -*- */
 /* Coding Buffer Implementation */
 
 /*
@@ -47,7 +48,7 @@
    next >= base
    next <= bound+2  (i.e. next should be able to step just past the bound,
                      but no further.  (The bound should move out in response
-                    to being crossed by next.)) */
+                     to being crossed by next.)) */
 
 #define ASN1BUF_OMIT_INLINE_FUNCS
 #include "asn1buf.h"
@@ -55,7 +56,7 @@
 #include <stdio.h>
 #include "asn1_get.h"
 
-#define asn1_is_eoc(class, num, indef) \
+#define asn1_is_eoc(class, num, indef)  \
 ((class) == UNIVERSAL && !(num) && !(indef))
 
 asn1_error_code asn1buf_create(asn1buf **buf)
@@ -80,30 +81,30 @@ asn1_error_code asn1buf_imbed(asn1buf *subbuf, const asn1buf *buf, const unsigne
 {
     subbuf->base = subbuf->next = buf->next;
     if (!indef) {
-       subbuf->bound = subbuf->base + length - 1;
-       if (subbuf->bound > buf->bound)
-           return ASN1_OVERRUN;
+        subbuf->bound = subbuf->base + length - 1;
+        if (subbuf->bound > buf->bound)
+            return ASN1_OVERRUN;
     } else /* constructed indefinite */
-       subbuf->bound = buf->bound;
+        subbuf->bound = buf->bound;
     return 0;
 }
 
 asn1_error_code asn1buf_sync(asn1buf *buf, asn1buf *subbuf,
-                            asn1_class asn1class, asn1_tagnum lasttag,
-                            unsigned int length, int indef, int seqindef)
+                             asn1_class asn1class, asn1_tagnum lasttag,
+                             unsigned int length, int indef, int seqindef)
 {
     asn1_error_code retval;
 
     if (!seqindef) {
-       /* sequence was encoded as definite length */
-       buf->next = subbuf->bound + 1;
+        /* sequence was encoded as definite length */
+        buf->next = subbuf->bound + 1;
     } else if (!asn1_is_eoc(asn1class, lasttag, indef)) {
-       retval = asn1buf_skiptail(subbuf, length, indef);
-       if (retval)
-           return retval;
+        retval = asn1buf_skiptail(subbuf, length, indef);
+        if (retval)
+            return retval;
     } else {
-       /* We have just read the EOC octets. */
-       buf->next = subbuf->next;
+        /* We have just read the EOC octets. */
+        buf->next = subbuf->next;
     }
     return 0;
 }
@@ -116,26 +117,26 @@ asn1_error_code asn1buf_skiptail(asn1buf *buf, const unsigned int length, const
 
     nestlevel = 1 + indef;
     if (!indef) {
-       if (length <= buf->bound - buf->next + 1)
-           buf->next += length;
-       else
-           return ASN1_OVERRUN;
+        if (length <= buf->bound - buf->next + 1)
+            buf->next += length;
+        else
+            return ASN1_OVERRUN;
     }
     while (nestlevel > 0) {
-       if (buf->bound - buf->next + 1 <= 0)
-           return ASN1_OVERRUN;
-       retval = asn1_get_tag_2(buf, &t);
-       if (retval) return retval;
-       if (!t.indef) {
-           if (t.length <= buf->bound - buf->next + 1)
-               buf->next += t.length;
-           else
-               return ASN1_OVERRUN;
-       }
-       if (t.indef)
-           nestlevel++;
-       if (asn1_is_eoc(t.asn1class, t.tagnum, t.indef))
-           nestlevel--;                /* got an EOC encoding */
+        if (buf->bound - buf->next + 1 <= 0)
+            return ASN1_OVERRUN;
+        retval = asn1_get_tag_2(buf, &t);
+        if (retval) return retval;
+        if (!t.indef) {
+            if (t.length <= buf->bound - buf->next + 1)
+                buf->next += t.length;
+            else
+                return ASN1_OVERRUN;
+        }
+        if (t.indef)
+            nestlevel++;
+        if (asn1_is_eoc(t.asn1class, t.tagnum, t.indef))
+            nestlevel--;                /* got an EOC encoding */
     }
     return 0;
 }
@@ -143,9 +144,9 @@ asn1_error_code asn1buf_skiptail(asn1buf *buf, const unsigned int length, const
 asn1_error_code asn1buf_destroy(asn1buf **buf)
 {
     if (*buf != NULL) {
-       free((*buf)->base);
-       free(*buf);
-       *buf = NULL;
+        free((*buf)->base);
+        free(*buf);
+        *buf = NULL;
     }
     return 0;
 }
@@ -172,7 +173,7 @@ asn1_error_code asn1buf_insert_octetstring(asn1buf *buf, const unsigned int len,
     retval = asn1buf_ensure_space(buf,len);
     if (retval) return retval;
     for (length=1; length<=len; length++,(buf->next)++)
-       *(buf->next) = (char)(s[len-length]);
+        *(buf->next) = (char)(s[len-length]);
     return 0;
 }
 
@@ -184,7 +185,7 @@ asn1_error_code asn1buf_insert_charstring(asn1buf *buf, const unsigned int len,
     retval = asn1buf_ensure_space(buf,len);
     if (retval) return retval;
     for (length=1; length<=len; length++,(buf->next)++)
-       *(buf->next) = (char)(s[len-length]);
+        *(buf->next) = (char)(s[len-length]);
     return 0;
 }
 
@@ -202,14 +203,14 @@ asn1_error_code asn1buf_remove_octetstring(asn1buf *buf, const unsigned int len,
 
     if (len > buf->bound + 1 - buf->next) return ASN1_OVERRUN;
     if (len == 0) {
-       *s = 0;
-       return 0;
+        *s = 0;
+        return 0;
     }
     *s = (asn1_octet*)malloc(len*sizeof(asn1_octet));
     if (*s == NULL)
-       return ENOMEM;
+        return ENOMEM;
     for (i=0; i<len; i++)
-       (*s)[i] = (asn1_octet)(buf->next)[i];
+        (*s)[i] = (asn1_octet)(buf->next)[i];
     buf->next += len;
     return 0;
 }
@@ -220,13 +221,13 @@ asn1_error_code asn1buf_remove_charstring(asn1buf *buf, const unsigned int len,
 
     if (len > buf->bound + 1 - buf->next) return ASN1_OVERRUN;
     if (len == 0) {
-       *s = 0;
-       return 0;
+        *s = 0;
+        return 0;
     }
     *s = (char*)malloc(len*sizeof(char));
     if (*s == NULL) return ENOMEM;
     for (i=0; i<len; i++)
-       (*s)[i] = (char)(buf->next)[i];
+        (*s)[i] = (char)(buf->next)[i];
     buf->next += len;
     return 0;
 }
@@ -241,7 +242,7 @@ int asn1buf_remains(asn1buf *buf, int indef)
      * Two 0 octets means the end of an indefinite encoding.
      */
     if (indef && remain >= 2 && !*(buf->next) && !*(buf->next + 1))
-       return 0;
+        return 0;
     else return remain;
 }
 
@@ -256,12 +257,12 @@ asn1_error_code asn12krb5_buf(const asn1buf *buf, krb5_data **code)
     (*code)->length = asn1buf_len(buf);
     (*code)->data = (char*)malloc((((*code)->length)+1)*sizeof(char));
     if ((*code)->data == NULL) {
-       free(*code);
-       *code = NULL;
-       return ENOMEM;
+        free(*code);
+        *code = NULL;
+        return ENOMEM;
     }
     for (i=0; i < (*code)->length; i++)
-       ((*code)->data)[i] = (buf->base)[((*code)->length)-i-1];
+        ((*code)->data)[i] = (buf->base)[((*code)->length)-i-1];
     ((*code)->data)[(*code)->length] = '\0';
     return 0;
 }
@@ -275,21 +276,21 @@ asn1_error_code asn1buf_unparse(const asn1buf *buf, char **s)
 {
     free(*s);
     if (buf == NULL) {
-       *s = malloc(sizeof("<NULL>"));
-       if (*s == NULL) return ENOMEM;
-       strcpy(*s,"<NULL>");
+        *s = malloc(sizeof("<NULL>"));
+        if (*s == NULL) return ENOMEM;
+        strcpy(*s,"<NULL>");
     } else if (buf->base == NULL) {
-       *s = malloc(sizeof("<EMPTY>"));
-       if (*s == NULL) return ENOMEM;
-       strcpy(*s,"<EMPTY>");
+        *s = malloc(sizeof("<EMPTY>"));
+        if (*s == NULL) return ENOMEM;
+        strcpy(*s,"<EMPTY>");
     } else {
-       unsigned int length = asn1buf_len(buf);
-       unsigned int i;
+        unsigned int length = asn1buf_len(buf);
+        unsigned int i;
 
-       *s = calloc(length+1, sizeof(char));
-       if (*s == NULL) return ENOMEM;
-       (*s)[length] = '\0';
-       for (i=0; i<length; i++) ;
+        *s = calloc(length+1, sizeof(char));
+        if (*s == NULL) return ENOMEM;
+        (*s)[length] = '\0';
+        for (i=0; i<length; i++) ;
 /*      OLDDECLARG( (*s)[i] = , (buf->base)[length-i-1]) */
     }
     return 0;
@@ -297,32 +298,32 @@ asn1_error_code asn1buf_unparse(const asn1buf *buf, char **s)
 
 asn1_error_code asn1buf_hex_unparse(const asn1buf *buf, char **s)
 {
-#define hexchar(d) ((d)<=9 ? ('0'+(d)) :       \
-                   ((d)<=15 ? ('A'+(d)-10) :   \
-                    'X'))
+#define hexchar(d) ((d)<=9 ? ('0'+(d)) :        \
+                    ((d)<=15 ? ('A'+(d)-10) :   \
+                     'X'))
 
     free(*s);
 
     if (buf == NULL) {
-       *s = malloc(sizeof("<NULL>"));
-       if (*s == NULL) return ENOMEM;
-       strcpy(*s,"<NULL>");
+        *s = malloc(sizeof("<NULL>"));
+        if (*s == NULL) return ENOMEM;
+        strcpy(*s,"<NULL>");
     } else if (buf->base == NULL) {
-       *s = malloc(sizeof("<EMPTY>"));
-       if (*s == NULL) return ENOMEM;
-       strcpy(*s,"<EMPTY>");
+        *s = malloc(sizeof("<EMPTY>"));
+        if (*s == NULL) return ENOMEM;
+        strcpy(*s,"<EMPTY>");
     } else {
-       unsigned int length = asn1buf_len(buf);
-       int i;
-
-       *s = malloc(3*length);
-       if (*s == NULL) return ENOMEM;
-       for (i = length-1; i >= 0; i--) {
-           (*s)[3*(length-i-1)] = hexchar(((buf->base)[i]&0xF0)>>4);
-           (*s)[3*(length-i-1)+1] = hexchar((buf->base)[i]&0x0F);
-           (*s)[3*(length-i-1)+2] = ' ';
-       }
-       (*s)[3*length-1] = '\0';
+        unsigned int length = asn1buf_len(buf);
+        int i;
+
+        *s = malloc(3*length);
+        if (*s == NULL) return ENOMEM;
+        for (i = length-1; i >= 0; i--) {
+            (*s)[3*(length-i-1)] = hexchar(((buf->base)[i]&0xF0)>>4);
+            (*s)[3*(length-i-1)+1] = hexchar((buf->base)[i]&0x0F);
+            (*s)[3*(length-i-1)+2] = ' ';
+        }
+        (*s)[3*length-1] = '\0';
     }
     return 0;
 }
@@ -349,8 +350,8 @@ asn1_error_code asn1buf_ensure_space(asn1buf *buf, const unsigned int amount)
 {
     int avail = asn1buf_free(buf);
     if (avail < amount) {
-       asn1_error_code retval = asn1buf_expand(buf, amount-avail);
-       if (retval) return retval;
+        asn1_error_code retval = asn1buf_expand(buf, amount-avail);
+        if (retval) return retval;
     }
     return 0;
 }
@@ -364,13 +365,13 @@ asn1_error_code asn1buf_expand(asn1buf *buf, unsigned int inc)
     else bound_offset = buf->bound - buf->base;
 
     if (inc < STANDARD_INCREMENT)
-       inc = STANDARD_INCREMENT;
+        inc = STANDARD_INCREMENT;
 
     if (buf->base == NULL)
-       buf->base = malloc((asn1buf_size(buf)+inc) * sizeof(asn1_octet));
+        buf->base = malloc((asn1buf_size(buf)+inc) * sizeof(asn1_octet));
     else
-       buf->base = realloc(buf->base,
-                           (asn1buf_size(buf)+inc) * sizeof(asn1_octet));
+        buf->base = realloc(buf->base,
+                            (asn1buf_size(buf)+inc) * sizeof(asn1_octet));
     if (buf->base == NULL) return ENOMEM;
     buf->bound = (buf->base) + bound_offset + inc;
     buf->next = (buf->base) + next_offset;
index 66daaba691fc2d9144b2b50ad413407d6f0f9be2..c4920764832d34ad2e2b6614e47780d8c31cc19a 100644 (file)
@@ -1,3 +1,4 @@
+/* -*- mode: c; indent-tabs-mode: nil -*- */
 /* Coding Buffer Specifications */
 #ifndef __ASN1BUF_H__
 #define __ASN1BUF_H__
@@ -13,17 +14,17 @@ typedef struct code_buffer_rep {
 /**************** Private Procedures ****************/
 
 int asn1buf_size
-       (const asn1buf *buf);
+        (const asn1buf *buf);
 /* requires  *buf has been created and not destroyed
-   effects   Returns the total size 
-       (in octets) of buf's octet buffer. */
+   effects   Returns the total size
+        (in octets) of buf's octet buffer. */
 #define asn1buf_size(buf) \
   (((buf) == NULL || (buf)->base == NULL) \
    ? 0 \
    : ((buf)->bound - (buf)->base + 1))
 
 unsigned int asn1buf_free
-       (const asn1buf *buf);
+        (const asn1buf *buf);
 /* requires  *buf is allocated
    effects   Returns the number of unused, allocated octets in *buf. */
 #define asn1buf_free(buf) \
@@ -33,7 +34,7 @@ unsigned int asn1buf_free
 
 
 asn1_error_code asn1buf_ensure_space
-       (asn1buf *buf, const unsigned int amount);
+        (asn1buf *buf, const unsigned int amount);
 /* requires  *buf is allocated
    modifies  *buf
    effects  If buf has less than amount octets of free space, then it is
@@ -48,23 +49,23 @@ asn1_error_code asn1buf_ensure_space
 
 
 asn1_error_code asn1buf_expand
-       (asn1buf *buf, unsigned int inc);
+        (asn1buf *buf, unsigned int inc);
 /* requires  *buf is allocated
    modifies  *buf
    effects   Expands *buf by allocating space for inc more octets.
              Returns ENOMEM if memory is exhausted. */
 
 int asn1buf_len
-       (const asn1buf *buf);
+        (const asn1buf *buf);
 /* requires  *buf is allocated
    effects   Returns the length of the encoding in *buf. */
-#define asn1buf_len(buf)       ((buf)->next - (buf)->base)
+#define asn1buf_len(buf)        ((buf)->next - (buf)->base)
 
 /****** End of private procedures *****/
-       
+
 /*
-  Overview 
-    
+  Overview
+
     The coding buffer is an array of char (to match a krb5_data structure)
      with 3 reference pointers:
      1) base - The bottom of the octet array.  Used for memory management
@@ -72,12 +73,12 @@ int asn1buf_len
      2) next - Points to the next available octet position in the array.
                During encoding, this is the next free position, and it
                  advances as octets are added to the array.
-              During decoding, this is the next unread position, and it
+               During decoding, this is the next unread position, and it
                  advances as octets are read from the array.
      3) bound - Points to the top of the array. Used for bounds-checking.
-    
+
     All pointers to encoding buffers should be initalized to NULL.
-    
+
   Operations
 
     asn1buf_create
@@ -100,51 +101,51 @@ int asn1buf_len
 */
 
 asn1_error_code asn1buf_create
-       (asn1buf **buf);
+        (asn1buf **buf);
 /* effects   Creates a new encoding buffer pointed to by *buf.
              Returns ENOMEM if the buffer can't be created. */
 
 asn1_error_code asn1buf_wrap_data
-       (asn1buf *buf, const krb5_data *code);
+        (asn1buf *buf, const krb5_data *code);
 /* requires  *buf has already been allocated
    effects   Turns *buf into a "wrapper" for *code.  i.e. *buf is set up
               such that its bottom is the beginning of *code, and its top
-             is the top of *code.
-            Returns ASN1_MISSING_FIELD if code is empty. */
+              is the top of *code.
+             Returns ASN1_MISSING_FIELD if code is empty. */
 
 asn1_error_code asn1buf_imbed
-       (asn1buf *subbuf, const asn1buf *buf, 
-                  const unsigned int length,
-                  const int indef);
+        (asn1buf *subbuf, const asn1buf *buf,
+                   const unsigned int length,
+                   const int indef);
 /* requires  *subbuf and *buf are allocated
    effects   *subbuf becomes a sub-buffer of *buf.  *subbuf begins
               at *buf's current position and is length octets long.
               (Unless this would exceed the bounds of *buf -- in
-             that case, ASN1_OVERRUN is returned)  *subbuf's current
-             position starts at the beginning of *subbuf. */
+              that case, ASN1_OVERRUN is returned)  *subbuf's current
+              position starts at the beginning of *subbuf. */
 
 asn1_error_code asn1buf_sync
-       (asn1buf *buf, asn1buf *subbuf, asn1_class Class, 
-                  asn1_tagnum lasttag,
-                  unsigned int length, int indef,
-                  int seqindef);
+        (asn1buf *buf, asn1buf *subbuf, asn1_class Class,
+                   asn1_tagnum lasttag,
+                   unsigned int length, int indef,
+                   int seqindef);
 /* requires  *subbuf is a sub-buffer of *buf, as created by asn1buf_imbed.
              lasttag is the last tagnumber read.
    effects   Synchronizes *buf's current position to match that of *subbuf. */
 
 asn1_error_code asn1buf_skiptail
-       (asn1buf *buf, const unsigned int length,
-                  const int indef);
+        (asn1buf *buf, const unsigned int length,
+                   const int indef);
 /* requires  *buf is a subbuffer used in a decoding of a
              constructed indefinite sequence.
    effects   skips trailing fields. */
 
 asn1_error_code asn1buf_destroy
-       (asn1buf **buf);
+        (asn1buf **buf);
 /* effects   Deallocates **buf, sets *buf to NULL. */
 
 asn1_error_code asn1buf_insert_octet
-       (asn1buf *buf, const int o);
+        (asn1buf *buf, const int o);
 /* requires  *buf is allocated
    effects   Inserts o into the buffer *buf, expanding the buffer if
              necessary.  Returns ENOMEM memory is exhausted. */
@@ -162,70 +163,70 @@ extern __inline__ asn1_error_code asn1buf_insert_octet(asn1buf *buf, const int o
 #endif
 
 asn1_error_code asn1buf_insert_octetstring
-       (asn1buf *buf, const unsigned int len, const asn1_octet *s);
+        (asn1buf *buf, const unsigned int len, const asn1_octet *s);
 /* requires  *buf is allocated
    modifies  *buf
    effects   Inserts the contents of s (an octet array of length len)
               into the buffer *buf, expanding the buffer if necessary.
-            Returns ENOMEM if memory is exhausted. */
+             Returns ENOMEM if memory is exhausted. */
 
 asn1_error_code asn1buf_insert_charstring
-       (asn1buf *buf, const unsigned int len, const char *s);
+        (asn1buf *buf, const unsigned int len, const char *s);
 /* requires  *buf is allocated
    modifies  *buf
    effects   Inserts the contents of s (a character array of length len)
               into the buffer *buf, expanding the buffer if necessary.
-            Returns ENOMEM if memory is exhausted. */
+             Returns ENOMEM if memory is exhausted. */
 
 asn1_error_code asn1buf_remove_octet
-       (asn1buf *buf, asn1_octet *o);
+        (asn1buf *buf, asn1_octet *o);
 /* requires  *buf is allocated
    effects   Returns *buf's current octet in *o and advances to
               the next octet.
-            Returns ASN1_OVERRUN if *buf has already been exhausted. */
+             Returns ASN1_OVERRUN if *buf has already been exhausted. */
 #define asn1buf_remove_octet(buf,o) \
   (((buf)->next > (buf)->bound) \
    ? ASN1_OVERRUN \
    : ((*(o) = (asn1_octet)(*(((buf)->next)++))),0))
 
 asn1_error_code asn1buf_remove_octetstring
-       (asn1buf *buf, const unsigned int len, asn1_octet **s);
+        (asn1buf *buf, const unsigned int len, asn1_octet **s);
 /* requires  *buf is allocated
    effects   Removes the next len octets of *buf and returns them in **s.
-            Returns ASN1_OVERRUN if there are fewer than len unread octets
-             left in *buf.
-            Returns ENOMEM if *s could not be allocated. */
+             Returns ASN1_OVERRUN if there are fewer than len unread octets
+              left in *buf.
+             Returns ENOMEM if *s could not be allocated. */
 
 asn1_error_code asn1buf_remove_charstring
-       (asn1buf *buf, const unsigned int len,
-                                         char **s);
+        (asn1buf *buf, const unsigned int len,
+                                          char **s);
 /* requires  *buf is allocated
    effects   Removes the next len octets of *buf and returns them in **s.
-            Returns ASN1_OVERRUN if there are fewer than len unread octets
-             left in *buf.
-            Returns ENOMEM if *s could not be allocated. */
+             Returns ASN1_OVERRUN if there are fewer than len unread octets
+              left in *buf.
+             Returns ENOMEM if *s could not be allocated. */
 
 asn1_error_code asn1buf_unparse
-       (const asn1buf *buf, char **s);
+        (const asn1buf *buf, char **s);
 /* modifies  *s
    effects   Returns a human-readable representation of *buf in *s,
              where each octet in *buf is represented by a character in *s. */
 
 asn1_error_code asn1buf_hex_unparse
-       (const asn1buf *buf, char **s);
+        (const asn1buf *buf, char **s);
 /* modifies  *s
    effects   Returns a human-readable representation of *buf in *s,
              where each octet in *buf is represented by a 2-digit
-            hexadecimal number in *s. */
+             hexadecimal number in *s. */
 
 asn1_error_code asn12krb5_buf
-       (const asn1buf *buf, krb5_data **code);
+        (const asn1buf *buf, krb5_data **code);
 /* modifies  *code
    effects   Instantiates **code with the krb5_data representation of **buf. */
 
 
 int asn1buf_remains
-       (asn1buf *buf, int indef);
+        (asn1buf *buf, int indef);
 /* requires  *buf is a buffer containing an asn.1 structure or array
    modifies  *buf
    effects   Returns the number of unprocessed octets remaining in *buf. */
index fa3c956758ae3969fa3a4f91cc9a082f274827d4..48cdc7429038ae05a140cf99a94ab020cbe71b99 100644 (file)
@@ -1,3 +1,4 @@
+/* -*- mode: c; indent-tabs-mode: nil -*- */
 /*
  * lib/krb5/asn.1/asn1glue.h
  *
@@ -8,7 +9,7 @@
  *   require a specific license from the United States Government.
  *   It is the responsibility of any person or organization contemplating
  *   export to obtain such a license before exporting.
- * 
+ *
  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
  * distribute this software and its documentation for any purpose and
  * without fee is hereby granted, provided that the above copyright
@@ -22,7 +23,7 @@
  * M.I.T. makes no representations about the suitability of
  * this software for any purpose.  It is provided "as is" without express
  * or implied warranty.
- * 
+ *
  *
  * Header file for some glue functions (macros, mostly)
  */
index 22e42a3360f971b8384e05b1573ed6cf3586bef1..ca0eb9e3734ba12a87aab83b7696fc7818350c67 100644 (file)
@@ -1,6 +1,7 @@
+/* -*- mode: c; indent-tabs-mode: nil -*- */
 /*
  * src/lib/krb5/asn.1/krb5_decode.c
- * 
+ *
  * Copyright 1994, 2008 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
@@ -8,7 +9,7 @@
  *   require a specific license from the United States Government.
  *   It is the responsibility of any person or organization contemplating
  *   export to obtain such a license before exporting.
- * 
+ *
  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
  * distribute this software and its documentation for any purpose and
  * without fee is hereby granted, provided that the above copyright
@@ -64,17 +65,17 @@ if ((var) == NULL) clean_return(ENOMEM)
 
 /* process encoding header ***************************************/
 /* decode tag and check that it == [APPLICATION tagnum] */
-#define check_apptag(tagexpect)                                                \
-{                                                                      \
-    taginfo t1;                                                                \
-    retval = asn1_get_tag_2(&buf, &t1);                                        \
-    if (retval) clean_return (retval);                                 \
-    if (t1.asn1class != APPLICATION || t1.construction != CONSTRUCTED) \
-       clean_return(ASN1_BAD_ID);                                      \
-    if (t1.tagnum != (tagexpect)) clean_return(KRB5_BADMSGTYPE);       \
-    asn1class = t1.asn1class;                                          \
-    construction = t1.construction;                                    \
-    tagnum = t1.tagnum;                                                        \
+#define check_apptag(tagexpect)                                         \
+{                                                                       \
+    taginfo t1;                                                         \
+    retval = asn1_get_tag_2(&buf, &t1);                                 \
+    if (retval) clean_return (retval);                                  \
+    if (t1.asn1class != APPLICATION || t1.construction != CONSTRUCTED)  \
+        clean_return(ASN1_BAD_ID);                                      \
+    if (t1.tagnum != (tagexpect)) clean_return(KRB5_BADMSGTYPE);        \
+    asn1class = t1.asn1class;                                           \
+    construction = t1.construction;                                     \
+    tagnum = t1.tagnum;                                                 \
 }
 
 
@@ -82,15 +83,15 @@ if ((var) == NULL) clean_return(ENOMEM)
 /* process a structure *******************************************/
 
 /* decode an explicit tag and place the number in tagnum */
-#define next_tag()                             \
-{ taginfo t2;                                  \
-  retval = asn1_get_tag_2(&subbuf, &t2);       \
-  if (retval) clean_return(retval);            \
-  asn1class = t2.asn1class;                    \
-  construction = t2.construction;              \
-  tagnum = t2.tagnum;                          \
-  indef = t2.indef;                            \
-  taglen = t2.length;                          \
+#define next_tag()                              \
+{ taginfo t2;                                   \
+  retval = asn1_get_tag_2(&subbuf, &t2);        \
+  if (retval) clean_return(retval);             \
+  asn1class = t2.asn1class;                     \
+  construction = t2.construction;               \
+  tagnum = t2.tagnum;                           \
+  indef = t2.indef;                             \
+  taglen = t2.length;                           \
 }
 
 static asn1_error_code
@@ -101,16 +102,16 @@ asn1_get_eoc_tag (asn1buf *buf)
 
     retval = asn1_get_tag_2(buf, &t);
     if (retval)
-       return retval;
+        return retval;
     if (t.asn1class != UNIVERSAL || t.tagnum || t.indef)
-       return ASN1_MISSING_EOC;
+        return ASN1_MISSING_EOC;
     return 0;
 }
 
-#define get_eoc()                      \
-{                                      \
-    retval = asn1_get_eoc_tag(&subbuf);        \
-    if (retval) return retval;         \
+#define get_eoc()                       \
+{                                       \
+    retval = asn1_get_eoc_tag(&subbuf); \
+    if (retval) return retval;          \
 }
 
 /* decode sequence header and initialize tagnum with the first field */
@@ -157,13 +158,13 @@ if (asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)\
 get_field_body(var,decoder)
 
 /* decode (or skip, if not present) an optional field */
-#define opt_field(var,tagexpect,decoder)                               \
-  if (asn1buf_remains(&subbuf, seqindef)) {                            \
-    if (asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)  \
-      clean_return(ASN1_BAD_ID);                                       \
-    if (tagnum == (tagexpect)) {                                       \
-      get_field_body(var,decoder);                                     \
-    }                                                                  \
+#define opt_field(var,tagexpect,decoder)                                \
+  if (asn1buf_remains(&subbuf, seqindef)) {                             \
+    if (asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)   \
+      clean_return(ASN1_BAD_ID);                                        \
+    if (tagnum == (tagexpect)) {                                        \
+      get_field_body(var,decoder);                                      \
+    }                                                                   \
   }
 
 /* field w/ accompanying length *********/
@@ -181,15 +182,15 @@ if (asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)\
 get_lenfield_body(len,var,decoder)
 
 /* decode an optional field w/ length */
-#define opt_lenfield(len,var,tagexpect,decoder)                                \
-  if (asn1buf_remains(&subbuf, seqindef)) {                            \
-    if (asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)  \
-      clean_return(ASN1_BAD_ID);                                       \
-    if (tagnum == (tagexpect)) {                                       \
-      get_lenfield_body(len,var,decoder);                              \
-    }                                                                  \
+#define opt_lenfield(len,var,tagexpect,decoder)                         \
+  if (asn1buf_remains(&subbuf, seqindef)) {                             \
+    if (asn1class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)   \
+      clean_return(ASN1_BAD_ID);                                        \
+    if (tagnum == (tagexpect)) {                                        \
+      get_lenfield_body(len,var,decoder);                               \
+    }                                                                   \
   }
-  
+
 
 /* clean up ******************************************************/
 /* finish up */
@@ -198,8 +199,8 @@ get_lenfield_body(len,var,decoder)
    return 0; \
 error_out: \
    if (rep && *rep) { \
-       cleanup_routine(*rep); \
-       *rep = NULL; \
+        cleanup_routine(*rep); \
+        *rep = NULL; \
    } \
    return retval;
 
@@ -207,7 +208,7 @@ error_out: \
    return 0; \
 error_out: \
    return retval;
-       
+
 #define cleanup_manual()\
    return 0;
 
@@ -224,32 +225,32 @@ krb5_error_code decode_krb5_authenticator(const krb5_data *code, krb5_authentica
 
     check_apptag(2);
     { begin_structure();
-       { krb5_kvno kvno;
-           get_field(kvno,0,asn1_decode_kvno);
-           if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
-       alloc_field((*rep)->client,krb5_principal_data);
-       get_field((*rep)->client,1,asn1_decode_realm);
-       get_field((*rep)->client,2,asn1_decode_principal_name);
-       if (tagnum == 3) {
-           alloc_field((*rep)->checksum,krb5_checksum);
-           get_field(*((*rep)->checksum),3,asn1_decode_checksum); }
-       get_field((*rep)->cusec,4,asn1_decode_int32);
-       get_field((*rep)->ctime,5,asn1_decode_kerberos_time);
-       if (tagnum == 6) { alloc_field((*rep)->subkey,krb5_keyblock); }
-       opt_field(*((*rep)->subkey),6,asn1_decode_encryption_key);
-       opt_field((*rep)->seq_number,7,asn1_decode_seqnum);
-       opt_field((*rep)->authorization_data,8,asn1_decode_authorization_data);
-       (*rep)->magic = KV5M_AUTHENTICATOR;
-       end_structure();
+        { krb5_kvno kvno;
+            get_field(kvno,0,asn1_decode_kvno);
+            if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
+        alloc_field((*rep)->client,krb5_principal_data);
+        get_field((*rep)->client,1,asn1_decode_realm);
+        get_field((*rep)->client,2,asn1_decode_principal_name);
+        if (tagnum == 3) {
+            alloc_field((*rep)->checksum,krb5_checksum);
+            get_field(*((*rep)->checksum),3,asn1_decode_checksum); }
+        get_field((*rep)->cusec,4,asn1_decode_int32);
+        get_field((*rep)->ctime,5,asn1_decode_kerberos_time);
+        if (tagnum == 6) { alloc_field((*rep)->subkey,krb5_keyblock); }
+        opt_field(*((*rep)->subkey),6,asn1_decode_encryption_key);
+        opt_field((*rep)->seq_number,7,asn1_decode_seqnum);
+        opt_field((*rep)->authorization_data,8,asn1_decode_authorization_data);
+        (*rep)->magic = KV5M_AUTHENTICATOR;
+        end_structure();
     }
     cleanup_manual();
 error_out:
     if (rep && *rep) {
-       free_field(*rep,subkey);
-       free_field(*rep,checksum);
-       free_field(*rep,client);
-       free(*rep);
-       *rep = NULL;
+        free_field(*rep,subkey);
+        free_field(*rep,checksum);
+        free_field(*rep,client);
+        free(*rep);
+        *rep = NULL;
     }
     return retval;
 }
@@ -266,26 +267,26 @@ krb5_error_code decode_krb5_ticket(const krb5_data *code, krb5_ticket **rep)
     setup();
     alloc_field(*rep,krb5_ticket);
     clear_field(rep,server);
-  
+
     check_apptag(1);
     { begin_structure();
-       { krb5_kvno kvno;
-           get_field(kvno,0,asn1_decode_kvno);
-           if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO);
-       }
-       alloc_field((*rep)->server,krb5_principal_data);
-       get_field((*rep)->server,1,asn1_decode_realm);
-       get_field((*rep)->server,2,asn1_decode_principal_name);
-       get_field((*rep)->enc_part,3,asn1_decode_encrypted_data);
-       (*rep)->magic = KV5M_TICKET;
-       end_structure();
+        { krb5_kvno kvno;
+            get_field(kvno,0,asn1_decode_kvno);
+            if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO);
+        }
+        alloc_field((*rep)->server,krb5_principal_data);
+        get_field((*rep)->server,1,asn1_decode_realm);
+        get_field((*rep)->server,2,asn1_decode_principal_name);
+        get_field((*rep)->enc_part,3,asn1_decode_encrypted_data);
+        (*rep)->magic = KV5M_TICKET;
+        end_structure();
     }
     cleanup_manual();
 error_out:
     if (rep && *rep) {
-       free_field(*rep,server);
-       free(*rep);
-       *rep = NULL;
+        free_field(*rep,server);
+        free(*rep);
+        *rep = NULL;
     }
     return retval;
 }
@@ -296,10 +297,10 @@ krb5_error_code decode_krb5_encryption_key(const krb5_data *code, krb5_keyblock
     alloc_field(*rep,krb5_keyblock);
 
     { begin_structure();
-       get_field((*rep)->enctype,0,asn1_decode_enctype);
-       get_lenfield((*rep)->length,(*rep)->contents,1,asn1_decode_octetstring);
-       end_structure();
-       (*rep)->magic = KV5M_KEYBLOCK;
+        get_field((*rep)->enctype,0,asn1_decode_enctype);
+        get_lenfield((*rep)->length,(*rep)->contents,1,asn1_decode_octetstring);
+        end_structure();
+        (*rep)->magic = KV5M_KEYBLOCK;
     }
     cleanup(free);
 }
@@ -313,32 +314,32 @@ krb5_error_code decode_krb5_enc_tkt_part(const krb5_data *code, krb5_enc_tkt_par
 
     check_apptag(3);
     { begin_structure();
-       get_field((*rep)->flags,0,asn1_decode_ticket_flags);
-       alloc_field((*rep)->session,krb5_keyblock);
-       get_field(*((*rep)->session),1,asn1_decode_encryption_key);
-       alloc_field((*rep)->client,krb5_principal_data);
-       get_field((*rep)->client,2,asn1_decode_realm);
-       get_field((*rep)->client,3,asn1_decode_principal_name);
-       get_field((*rep)->transited,4,asn1_decode_transited_encoding);
-       get_field((*rep)->times.authtime,5,asn1_decode_kerberos_time);
-       if (tagnum == 6)
-       { get_field((*rep)->times.starttime,6,asn1_decode_kerberos_time); }
-       else
-           (*rep)->times.starttime=(*rep)->times.authtime;
-       get_field((*rep)->times.endtime,7,asn1_decode_kerberos_time);
-       opt_field((*rep)->times.renew_till,8,asn1_decode_kerberos_time);
-       opt_field((*rep)->caddrs,9,asn1_decode_host_addresses);
-       opt_field((*rep)->authorization_data,10,asn1_decode_authorization_data);
-       (*rep)->magic = KV5M_ENC_TKT_PART;
-       end_structure();
+        get_field((*rep)->flags,0,asn1_decode_ticket_flags);
+        alloc_field((*rep)->session,krb5_keyblock);
+        get_field(*((*rep)->session),1,asn1_decode_encryption_key);
+        alloc_field((*rep)->client,krb5_principal_data);
+        get_field((*rep)->client,2,asn1_decode_realm);
+        get_field((*rep)->client,3,asn1_decode_principal_name);
+        get_field((*rep)->transited,4,asn1_decode_transited_encoding);
+        get_field((*rep)->times.authtime,5,asn1_decode_kerberos_time);
+        if (tagnum == 6)
+        { get_field((*rep)->times.starttime,6,asn1_decode_kerberos_time); }
+        else
+            (*rep)->times.starttime=(*rep)->times.authtime;
+        get_field((*rep)->times.endtime,7,asn1_decode_kerberos_time);
+        opt_field((*rep)->times.renew_till,8,asn1_decode_kerberos_time);
+        opt_field((*rep)->caddrs,9,asn1_decode_host_addresses);
+        opt_field((*rep)->authorization_data,10,asn1_decode_authorization_data);
+        (*rep)->magic = KV5M_ENC_TKT_PART;
+        end_structure();
     }
     cleanup_manual();
 error_out:
     if (rep && *rep) {
-       free_field(*rep,session);
-       free_field(*rep,client);
-       free(*rep);
-       *rep = NULL;
+        free_field(*rep,session);
+        free_field(*rep,client);
+        free(*rep);
+        *rep = NULL;
     }
     return retval;
 }
@@ -372,7 +373,7 @@ krb5_error_code decode_krb5_as_rep(const krb5_data *code, krb5_kdc_rep **rep)
     if (retval) clean_return(retval);
 #ifdef KRB5_MSGTYPE_STRICT
     if ((*rep)->msg_type != KRB5_AS_REP)
-       clean_return(KRB5_BADMSGTYPE);
+        clean_return(KRB5_BADMSGTYPE);
 #endif
 
     cleanup(free);
@@ -401,28 +402,28 @@ krb5_error_code decode_krb5_ap_req(const krb5_data *code, krb5_ap_req **rep)
 
     check_apptag(14);
     { begin_structure();
-       { krb5_kvno kvno;
-           get_field(kvno,0,asn1_decode_kvno);
-           if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
-       { krb5_msgtype msg_type;
-           get_field(msg_type,1,asn1_decode_msgtype);
+        { krb5_kvno kvno;
+            get_field(kvno,0,asn1_decode_kvno);
+            if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
+        { krb5_msgtype msg_type;
+            get_field(msg_type,1,asn1_decode_msgtype);
 #ifdef KRB5_MSGTYPE_STRICT
-           if (msg_type != KRB5_AP_REQ) clean_return(KRB5_BADMSGTYPE);
+            if (msg_type != KRB5_AP_REQ) clean_return(KRB5_BADMSGTYPE);
 #endif
-       }
-       get_field((*rep)->ap_options,2,asn1_decode_ap_options);
-       alloc_field((*rep)->ticket,krb5_ticket);
-       get_field(*((*rep)->ticket),3,asn1_decode_ticket);
-       get_field((*rep)->authenticator,4,asn1_decode_encrypted_data);
-       end_structure();
-       (*rep)->magic = KV5M_AP_REQ;
+        }
+        get_field((*rep)->ap_options,2,asn1_decode_ap_options);
+        alloc_field((*rep)->ticket,krb5_ticket);
+        get_field(*((*rep)->ticket),3,asn1_decode_ticket);
+        get_field((*rep)->authenticator,4,asn1_decode_encrypted_data);
+        end_structure();
+        (*rep)->magic = KV5M_AP_REQ;
     }
     cleanup_manual();
 error_out:
     if (rep && *rep) {
-       free_field(*rep,ticket);
-       free(*rep);
-       *rep = NULL;
+        free_field(*rep,ticket);
+        free(*rep);
+        *rep = NULL;
     }
     return retval;
 }
@@ -434,18 +435,18 @@ krb5_error_code decode_krb5_ap_rep(const krb5_data *code, krb5_ap_rep **rep)
 
     check_apptag(15);
     { begin_structure();
-       { krb5_kvno kvno;
-           get_field(kvno,0,asn1_decode_kvno);
-           if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
-       { krb5_msgtype msg_type;
-           get_field(msg_type,1,asn1_decode_msgtype);
+        { krb5_kvno kvno;
+            get_field(kvno,0,asn1_decode_kvno);
+            if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
+        { krb5_msgtype msg_type;
+            get_field(msg_type,1,asn1_decode_msgtype);
 #ifdef KRB5_MSGTYPE_STRICT
-           if (msg_type != KRB5_AP_REP) clean_return(KRB5_BADMSGTYPE);
+            if (msg_type != KRB5_AP_REP) clean_return(KRB5_BADMSGTYPE);
 #endif
-       }
-       get_field((*rep)->enc_part,2,asn1_decode_encrypted_data);
-       end_structure();
-       (*rep)->magic = KV5M_AP_REP;
+        }
+        get_field((*rep)->enc_part,2,asn1_decode_encrypted_data);
+        end_structure();
+        (*rep)->magic = KV5M_AP_REP;
     }
     cleanup(free);
 }
@@ -458,20 +459,20 @@ krb5_error_code decode_krb5_ap_rep_enc_part(const krb5_data *code, krb5_ap_rep_e
 
     check_apptag(27);
     { begin_structure();
-       get_field((*rep)->ctime,0,asn1_decode_kerberos_time);
-       get_field((*rep)->cusec,1,asn1_decode_int32);
-       if (tagnum == 2) { alloc_field((*rep)->subkey,krb5_keyblock); }
-       opt_field(*((*rep)->subkey),2,asn1_decode_encryption_key);
-       opt_field((*rep)->seq_number,3,asn1_decode_seqnum);
-       end_structure();
-       (*rep)->magic = KV5M_AP_REP_ENC_PART;
+        get_field((*rep)->ctime,0,asn1_decode_kerberos_time);
+        get_field((*rep)->cusec,1,asn1_decode_int32);
+        if (tagnum == 2) { alloc_field((*rep)->subkey,krb5_keyblock); }
+        opt_field(*((*rep)->subkey),2,asn1_decode_encryption_key);
+        opt_field((*rep)->seq_number,3,asn1_decode_seqnum);
+        end_structure();
+        (*rep)->magic = KV5M_AP_REP_ENC_PART;
     }
     cleanup_manual();
 error_out:
     if (rep && *rep) {
-       free_field(*rep,subkey);
-       free(*rep);
-       *rep = NULL;
+        free_field(*rep,subkey);
+        free(*rep);
+        *rep = NULL;
     }
     return retval;
 }
@@ -487,7 +488,7 @@ krb5_error_code decode_krb5_as_req(const krb5_data *code, krb5_kdc_req **rep)
 #ifdef KRB5_MSGTYPE_STRICT
     if ((*rep)->msg_type != KRB5_AS_REQ) clean_return(KRB5_BADMSGTYPE);
 #endif
-  
+
     cleanup(free);
 }
 
@@ -502,7 +503,7 @@ krb5_error_code decode_krb5_tgs_req(const krb5_data *code, krb5_kdc_req **rep)
 #ifdef KRB5_MSGTYPE_STRICT
     if ((*rep)->msg_type != KRB5_TGS_REQ) clean_return(KRB5_BADMSGTYPE);
 #endif
-  
+
     cleanup(free);
 }
 
@@ -544,41 +545,41 @@ krb5_error_code decode_krb5_safe_with_body(
 
     check_apptag(20);
     { begin_structure();
-       { krb5_kvno kvno;
-           get_field(kvno,0,asn1_decode_kvno);
-           if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
-       { krb5_msgtype msg_type;
-           get_field(msg_type,1,asn1_decode_msgtype);
+        { krb5_kvno kvno;
+            get_field(kvno,0,asn1_decode_kvno);
+            if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
+        { krb5_msgtype msg_type;
+            get_field(msg_type,1,asn1_decode_msgtype);
 #ifdef KRB5_MSGTYPE_STRICT
-           if (msg_type != KRB5_SAFE) clean_return(KRB5_BADMSGTYPE);
+            if (msg_type != KRB5_SAFE) clean_return(KRB5_BADMSGTYPE);
 #endif
-       }
-       /*
-        * Gross kludge to extract pointer to encoded safe-body.  Relies
-        * on tag prefetch done by next_tag().  Don't handle indefinite
-        * encoding, as it's too much work.
-        */
-       if (!indef) {
-           tmpbody.length = taglen;
-           tmpbody.data = subbuf.next;
-       } else {
-           tmpbody.length = 0;
-           tmpbody.data = NULL;
-       }
-       get_field(**rep,2,asn1_decode_krb_safe_body);
-       alloc_field((*rep)->checksum,krb5_checksum);
-       get_field(*((*rep)->checksum),3,asn1_decode_checksum);
-       (*rep)->magic = KV5M_SAFE;
-       end_structure();
+        }
+        /*
+         * Gross kludge to extract pointer to encoded safe-body.  Relies
+         * on tag prefetch done by next_tag().  Don't handle indefinite
+         * encoding, as it's too much work.
+         */
+        if (!indef) {
+            tmpbody.length = taglen;
+            tmpbody.data = subbuf.next;
+        } else {
+            tmpbody.length = 0;
+            tmpbody.data = NULL;
+        }
+        get_field(**rep,2,asn1_decode_krb_safe_body);
+        alloc_field((*rep)->checksum,krb5_checksum);
+        get_field(*((*rep)->checksum),3,asn1_decode_checksum);
+        (*rep)->magic = KV5M_SAFE;
+        end_structure();
     }
     if (body != NULL)
-       *body = tmpbody;
+        *body = tmpbody;
     cleanup_manual();
 error_out:
     if (rep && *rep) {
-       free_field(*rep,checksum);
-       free(*rep);
-       *rep = NULL;
+        free_field(*rep,checksum);
+        free(*rep);
+        *rep = NULL;
     }
     return retval;
 }
@@ -595,18 +596,18 @@ krb5_error_code decode_krb5_priv(const krb5_data *code, krb5_priv **rep)
 
     check_apptag(21);
     { begin_structure();
-       { krb5_kvno kvno;
-           get_field(kvno,0,asn1_decode_kvno);
-           if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
-       { krb5_msgtype msg_type;
-           get_field(msg_type,1,asn1_decode_msgtype);
+        { krb5_kvno kvno;
+            get_field(kvno,0,asn1_decode_kvno);
+            if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
+        { krb5_msgtype msg_type;
+            get_field(msg_type,1,asn1_decode_msgtype);
 #ifdef KRB5_MSGTYPE_STRICT
-           if (msg_type != KRB5_PRIV) clean_return(KRB5_BADMSGTYPE);
+            if (msg_type != KRB5_PRIV) clean_return(KRB5_BADMSGTYPE);
 #endif
-       }
-       get_field((*rep)->enc_part,3,asn1_decode_encrypted_data);
-       (*rep)->magic = KV5M_PRIV;
-       end_structure();
+        }
+        get_field((*rep)->enc_part,3,asn1_decode_encrypted_data);
+        (*rep)->magic = KV5M_PRIV;
+        end_structure();
     }
     cleanup(free);
 }
@@ -620,24 +621,24 @@ krb5_error_code decode_krb5_enc_priv_part(const krb5_data *code, krb5_priv_enc_p
 
     check_apptag(28);
     { begin_structure();
-       get_lenfield((*rep)->user_data.length,(*rep)->user_data.data,0,asn1_decode_charstring);
-       opt_field((*rep)->timestamp,1,asn1_decode_kerberos_time);
-       opt_field((*rep)->usec,2,asn1_decode_int32);
-       opt_field((*rep)->seq_number,3,asn1_decode_seqnum);
-       alloc_field((*rep)->s_address,krb5_address);
-       get_field(*((*rep)->s_address),4,asn1_decode_host_address);
-       if (tagnum == 5) { alloc_field((*rep)->r_address,krb5_address); }
-       opt_field(*((*rep)->r_address),5,asn1_decode_host_address);
-       (*rep)->magic = KV5M_PRIV_ENC_PART;
-       end_structure();
+        get_lenfield((*rep)->user_data.length,(*rep)->user_data.data,0,asn1_decode_charstring);
+        opt_field((*rep)->timestamp,1,asn1_decode_kerberos_time);
+        opt_field((*rep)->usec,2,asn1_decode_int32);
+        opt_field((*rep)->seq_number,3,asn1_decode_seqnum);
+        alloc_field((*rep)->s_address,krb5_address);
+        get_field(*((*rep)->s_address),4,asn1_decode_host_address);
+        if (tagnum == 5) { alloc_field((*rep)->r_address,krb5_address); }
+        opt_field(*((*rep)->r_address),5,asn1_decode_host_address);
+        (*rep)->magic = KV5M_PRIV_ENC_PART;
+        end_structure();
     }
     cleanup_manual();
 error_out:
     if (rep && *rep) {
-       free_field(*rep,r_address);
-       free_field(*rep,s_address);
-       free(*rep);
-       *rep = NULL;
+        free_field(*rep,r_address);
+        free_field(*rep,s_address);
+        free(*rep);
+        *rep = NULL;
     }
     return retval;
 }
@@ -649,19 +650,19 @@ krb5_error_code decode_krb5_cred(const krb5_data *code, krb5_cred **rep)
 
     check_apptag(22);
     { begin_structure();
-       { krb5_kvno kvno;
-           get_field(kvno,0,asn1_decode_kvno);
-           if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
-       { krb5_msgtype msg_type;
-           get_field(msg_type,1,asn1_decode_msgtype);
+        { krb5_kvno kvno;
+            get_field(kvno,0,asn1_decode_kvno);
+            if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
+        { krb5_msgtype msg_type;
+            get_field(msg_type,1,asn1_decode_msgtype);
 #ifdef KRB5_MSGTYPE_STRICT
-           if (msg_type != KRB5_CRED) clean_return(KRB5_BADMSGTYPE);
+            if (msg_type != KRB5_CRED) clean_return(KRB5_BADMSGTYPE);
 #endif
-       }
-       get_field((*rep)->tickets,2,asn1_decode_sequence_of_ticket);
-       get_field((*rep)->enc_part,3,asn1_decode_encrypted_data);
-       (*rep)->magic = KV5M_CRED;
-       end_structure();
+        }
+        get_field((*rep)->tickets,2,asn1_decode_sequence_of_ticket);
+        get_field((*rep)->enc_part,3,asn1_decode_encrypted_data);
+        (*rep)->magic = KV5M_CRED;
+        end_structure();
     }
     cleanup(free);
 }
@@ -675,24 +676,24 @@ krb5_error_code decode_krb5_enc_cred_part(const krb5_data *code, krb5_cred_enc_p
 
     check_apptag(29);
     { begin_structure();
-       get_field((*rep)->ticket_info,0,asn1_decode_sequence_of_krb_cred_info);
-       opt_field((*rep)->nonce,1,asn1_decode_int32);
-       opt_field((*rep)->timestamp,2,asn1_decode_kerberos_time);
-       opt_field((*rep)->usec,3,asn1_decode_int32);
-       if (tagnum == 4) { alloc_field((*rep)->s_address,krb5_address); }
-       opt_field(*((*rep)->s_address),4,asn1_decode_host_address);
-       if (tagnum == 5) { alloc_field((*rep)->r_address,krb5_address); }
-       opt_field(*((*rep)->r_address),5,asn1_decode_host_address);
-       (*rep)->magic = KV5M_CRED_ENC_PART;
-       end_structure();
+        get_field((*rep)->ticket_info,0,asn1_decode_sequence_of_krb_cred_info);
+        opt_field((*rep)->nonce,1,asn1_decode_int32);
+        opt_field((*rep)->timestamp,2,asn1_decode_kerberos_time);
+        opt_field((*rep)->usec,3,asn1_decode_int32);
+        if (tagnum == 4) { alloc_field((*rep)->s_address,krb5_address); }
+        opt_field(*((*rep)->s_address),4,asn1_decode_host_address);
+        if (tagnum == 5) { alloc_field((*rep)->r_address,krb5_address); }
+        opt_field(*((*rep)->r_address),5,asn1_decode_host_address);
+        (*rep)->magic = KV5M_CRED_ENC_PART;
+        end_structure();
     }
     cleanup_manual();
 error_out:
     if (rep && *rep) {
-       free_field(*rep,r_address);
-       free_field(*rep,s_address);
-       free(*rep);
-       *rep = NULL;
+        free_field(*rep,r_address);
+        free_field(*rep,s_address);
+        free(*rep);
+        *rep = NULL;
     }
     return retval;
 }
@@ -704,41 +705,41 @@ krb5_error_code decode_krb5_error(const krb5_data *code, krb5_error **rep)
     alloc_field(*rep,krb5_error);
     clear_field(rep,server);
     clear_field(rep,client);
-  
+
     check_apptag(30);
     { begin_structure();
-       { krb5_kvno kvno;
-           get_field(kvno,0,asn1_decode_kvno);
-           if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
-       { krb5_msgtype msg_type;
-           get_field(msg_type,1,asn1_decode_msgtype);
+        { krb5_kvno kvno;
+            get_field(kvno,0,asn1_decode_kvno);
+            if (kvno != KVNO) clean_return(KRB5KDC_ERR_BAD_PVNO); }
+        { krb5_msgtype msg_type;
+            get_field(msg_type,1,asn1_decode_msgtype);
 #ifdef KRB5_MSGTYPE_STRICT
-           if (msg_type != KRB5_ERROR) clean_return(KRB5_BADMSGTYPE);
+            if (msg_type != KRB5_ERROR) clean_return(KRB5_BADMSGTYPE);
 #endif
-       }
-       opt_field((*rep)->ctime,2,asn1_decode_kerberos_time);
-       opt_field((*rep)->cusec,3,asn1_decode_int32);
-       get_field((*rep)->stime,4,asn1_decode_kerberos_time);
-       get_field((*rep)->susec,5,asn1_decode_int32);
-       get_field((*rep)->error,6,asn1_decode_ui_4);
-       if (tagnum == 7) { alloc_field((*rep)->client,krb5_principal_data); }
-       opt_field((*rep)->client,7,asn1_decode_realm);
-       opt_field((*rep)->client,8,asn1_decode_principal_name);
-       alloc_field((*rep)->server,krb5_principal_data);
-       get_field((*rep)->server,9,asn1_decode_realm);
-       get_field((*rep)->server,10,asn1_decode_principal_name);
-       opt_lenfield((*rep)->text.length,(*rep)->text.data,11,asn1_decode_generalstring);
-       opt_lenfield((*rep)->e_data.length,(*rep)->e_data.data,12,asn1_decode_charstring);
-       (*rep)->magic = KV5M_ERROR;
-       end_structure();
+        }
+        opt_field((*rep)->ctime,2,asn1_decode_kerberos_time);
+        opt_field((*rep)->cusec,3,asn1_decode_int32);
+        get_field((*rep)->stime,4,asn1_decode_kerberos_time);
+        get_field((*rep)->susec,5,asn1_decode_int32);
+        get_field((*rep)->error,6,asn1_decode_ui_4);
+        if (tagnum == 7) { alloc_field((*rep)->client,krb5_principal_data); }
+        opt_field((*rep)->client,7,asn1_decode_realm);
+        opt_field((*rep)->client,8,asn1_decode_principal_name);
+        alloc_field((*rep)->server,krb5_principal_data);
+        get_field((*rep)->server,9,asn1_decode_realm);
+        get_field((*rep)->server,10,asn1_decode_principal_name);
+        opt_lenfield((*rep)->text.length,(*rep)->text.data,11,asn1_decode_generalstring);
+        opt_lenfield((*rep)->e_data.length,(*rep)->e_data.data,12,asn1_decode_charstring);
+        (*rep)->magic = KV5M_ERROR;
+        end_structure();
     }
     cleanup_manual();
 error_out:
     if (rep && *rep) {
-       free_field(*rep,server);
-       free_field(*rep,client);
-       free(*rep);
-       *rep = NULL;
+        free_field(*rep,server);
+        free_field(*rep,client);
+        free(*rep);
+        *rep = NULL;
     }
     return retval;
 }
@@ -749,7 +750,7 @@ krb5_error_code decode_krb5_authdata(const krb5_data *code, krb5_authdata ***rep
     *rep = 0;
     retval = asn1_decode_authorization_data(&buf,rep);
     if (retval) clean_return(retval);
-    cleanup_none();            /* we're not allocating anything here... */
+    cleanup_none();             /* we're not allocating anything here... */
 }
 
 krb5_error_code decode_krb5_pwd_sequence(const krb5_data *code, passwd_phrase_element **rep)
@@ -766,10 +767,10 @@ krb5_error_code decode_krb5_pwd_data(const krb5_data *code, krb5_pwd_data **rep)
     setup();
     alloc_field(*rep,krb5_pwd_data);
     { begin_structure();
-       get_field((*rep)->sequence_count,0,asn1_decode_int);
-       get_field((*rep)->element,1,asn1_decode_sequence_of_passwdsequence);
-       (*rep)->magic = KV5M_PWD_DATA;
-       end_structure (); }
+        get_field((*rep)->sequence_count,0,asn1_decode_int);
+        get_field((*rep)->element,1,asn1_decode_sequence_of_passwdsequence);
+        (*rep)->magic = KV5M_PWD_DATA;
+        end_structure (); }
     cleanup(free);
 }
 
@@ -779,7 +780,7 @@ krb5_error_code decode_krb5_padata_sequence(const krb5_data *code, krb5_pa_data
     *rep = 0;
     retval = asn1_decode_sequence_of_pa_data(&buf,rep);
     if (retval) clean_return(retval);
-    cleanup_none();            /* we're not allocating anything here */
+    cleanup_none();             /* we're not allocating anything here */
 }
 
 krb5_error_code decode_krb5_alt_method(const krb5_data *code, krb5_alt_method **rep)
@@ -787,15 +788,15 @@ krb5_error_code decode_krb5_alt_method(const krb5_data *code, krb5_alt_method **
     setup();
     alloc_field(*rep,krb5_alt_method);
     { begin_structure();
-       get_field((*rep)->method,0,asn1_decode_int32);
-       if (tagnum == 1) {
-           get_lenfield((*rep)->length,(*rep)->data,1,asn1_decode_octetstring);
-       } else {
-           (*rep)->length = 0;
-           (*rep)->data = 0;
-       }
-       (*rep)->magic = KV5M_ALT_METHOD;
-       end_structure();
+        get_field((*rep)->method,0,asn1_decode_int32);
+        if (tagnum == 1) {
+            get_lenfield((*rep)->length,(*rep)->data,1,asn1_decode_octetstring);
+        } else {
+            (*rep)->length = 0;
+            (*rep)->data = 0;
+        }
+        (*rep)->magic = KV5M_ALT_METHOD;
+        end_structure();
     }
     cleanup(free);
 }
@@ -806,7 +807,7 @@ krb5_error_code decode_krb5_etype_info(const krb5_data *code, krb5_etype_info_en
     *rep = 0;
     retval = asn1_decode_etype_info(&buf,rep);
     if (retval) clean_return(retval);
-    cleanup_none();            /* we're not allocating anything here */
+    cleanup_none();             /* we're not allocating anything here */
 }
 
 krb5_error_code decode_krb5_etype_info2(const krb5_data *code, krb5_etype_info_entry ***rep)
@@ -815,12 +816,12 @@ krb5_error_code decode_krb5_etype_info2(const krb5_data *code, krb5_etype_info_e
     *rep = 0;
     retval = asn1_decode_etype_info2(&buf,rep, 0);
     if (retval == ASN1_BAD_ID) {
-       retval = asn1buf_wrap_data(&buf,code);
-       if (retval) clean_return(retval);
-       retval = asn1_decode_etype_info2(&buf, rep, 1);
+        retval = asn1buf_wrap_data(&buf,code);
+        if (retval) clean_return(retval);
+        retval = asn1_decode_etype_info2(&buf, rep, 1);
     }
     if (retval) clean_return(retval);
-    cleanup_none();            /* we're not allocating anything here */
+    cleanup_none();             /* we're not allocating anything here */
 }
 
 
@@ -840,12 +841,12 @@ krb5_error_code decode_krb5_pa_enc_ts(const krb5_data *code, krb5_pa_enc_ts **re
     setup();
     alloc_field(*rep,krb5_pa_enc_ts);
     { begin_structure();
-       get_field((*rep)->patimestamp,0,asn1_decode_kerberos_time);
-       if (tagnum == 1) {
-           get_field((*rep)->pausec,1,asn1_decode_int32);
-       } else
-           (*rep)->pausec = 0;
-       end_structure (); }
+        get_field((*rep)->patimestamp,0,asn1_decode_kerberos_time);
+        if (tagnum == 1) {
+            get_field((*rep)->pausec,1,asn1_decode_int32);
+        } else
+            (*rep)->pausec = 0;
+        end_structure (); }
     cleanup(free);
 }
 
@@ -939,7 +940,7 @@ krb5_error_code decode_krb5_sam_response_2(const krb5_data *code, krb5_sam_respo
 
 krb5_error_code decode_krb5_predicted_sam_response(const krb5_data *code, krb5_predicted_sam_response **rep)
 {
-    setup_buf_only();          /* preallocated */
+    setup_buf_only();           /* preallocated */
     alloc_field(*rep,krb5_predicted_sam_response);
 
     retval = asn1_decode_predicted_sam_response(&buf,*rep);
@@ -1026,7 +1027,7 @@ krb5_error_code decode_krb5_kdc_dh_key_info(const krb5_data *code, krb5_kdc_dh_k
     cleanup(free);
 }
 
-krb5_error_code decode_krb5_principal_name(const krb5_data *code, krb5_principal_data **rep) 
+krb5_error_code decode_krb5_principal_name(const krb5_data *code, krb5_principal_data **rep)
 {
     setup_buf_only();
     alloc_field(*rep, krb5_principal_data);
@@ -1044,15 +1045,15 @@ krb5_error_code decode_krb5_reply_key_pack(const krb5_data *code, krb5_reply_key
 
     retval = asn1_decode_reply_key_pack(&buf, *rep);
     if (retval)
-       goto error_out;
+        goto error_out;
 
     cleanup_manual();
 error_out:
     if (rep && *rep) {
-       free((*rep)->replyKey.contents);
-       free((*rep)->asChecksum.contents);
-       free(*rep);
-       *rep = NULL;
+        free((*rep)->replyKey.contents);
+        free((*rep)->asChecksum.contents);
+        free(*rep);
+        *rep = NULL;
     }
     return retval;
 }
index d6120178714c58e4ef44ed6dfa2b301121614fca..7efbbae9f32237406c23f6184783059bf8b90f07 100644 (file)
@@ -1,6 +1,7 @@
+/* -*- mode: c; indent-tabs-mode: nil -*- */
 /*
  * src/lib/krb5/asn.1/krb5_encode.c
- * 
+ *
  * Copyright 1994, 2008 by the Massachusetts Institute of Technology.
  * All Rights Reserved.
  *
@@ -8,7 +9,7 @@
  *   require a specific license from the United States Government.
  *   It is the responsibility of any person or organization contemplating
  *   export to obtain such a license before exporting.
- * 
+ *
  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
  * distribute this software and its documentation for any purpose and
  * without fee is hereby granted, provided that the above copyright
@@ -51,7 +52,7 @@
        krb5_addfield(rep->field_i, i, asn1_type);
 
      /* for string fields (these encoders take an additional argument,
-       the length of the string) */
+        the length of the string) */
      addlenfield(rep->field_length, rep->field, i-1, asn1_type);
 
      /* if you really have to do things yourself... */
@@ -59,8 +60,8 @@
      if (retval) return retval;
      sum += length;
      retval = asn1_make_etag(buf,
-                           [UNIVERSAL/APPLICATION/CONTEXT_SPECIFIC/PRIVATE],
-                           tag_number, length, &length);
+                            [UNIVERSAL/APPLICATION/CONTEXT_SPECIFIC/PRIVATE],
+                            tag_number, length, &length);
      if (retval) return retval;
      sum += length;
 
@@ -88,7 +89,7 @@
 \
   retval = asn1buf_create(&buf);\
   if (retval) return retval
-  
+
 /* krb5_addfield -- add a field, or component, to the encoding */
 #define krb5_addfield(value,tag,encoder)\
 { retval = encoder(buf,value,&length);\
@@ -147,48 +148,48 @@ krb5_error_code encode_krb5_authenticator(const krb5_authenticator *rep, krb5_da
 {
     krb5_setup();
 
-    /* authorization-data[8]   AuthorizationData OPTIONAL */
+    /* authorization-data[8]    AuthorizationData OPTIONAL */
     if (rep->authorization_data != NULL &&
-       rep->authorization_data[0] != NULL) {
-       retval = asn1_encode_authorization_data(buf, (const krb5_authdata **)
-                                               rep->authorization_data,
-                                               &length);
-       if (retval) {
-           asn1buf_destroy(&buf);
-           return retval; }
-       sum += length;
-       retval = asn1_make_etag(buf,CONTEXT_SPECIFIC,8,length,&length);
-       if (retval) {
-           asn1buf_destroy(&buf);
-           return retval; }
-       sum += length;
+        rep->authorization_data[0] != NULL) {
+        retval = asn1_encode_authorization_data(buf, (const krb5_authdata **)
+                                                rep->authorization_data,
+                                                &length);
+        if (retval) {
+            asn1buf_destroy(&buf);
+            return retval; }
+        sum += length;
+        retval = asn1_make_etag(buf,CONTEXT_SPECIFIC,8,length,&length);
+        if (retval) {
+            asn1buf_destroy(&buf);
+            return retval; }
+        sum += length;
     }
 
-    /* seq-number[7]           INTEGER OPTIONAL */
+    /* seq-number[7]            INTEGER OPTIONAL */
     if (rep->seq_number != 0)
-       krb5_addfield(rep->seq_number,7,asn1_encode_unsigned_integer);
+        krb5_addfield(rep->seq_number,7,asn1_encode_unsigned_integer);
 
-    /* subkey[6]                       EncryptionKey OPTIONAL */
+    /* subkey[6]                        EncryptionKey OPTIONAL */
     if (rep->subkey != NULL)
-       krb5_addfield(rep->subkey,6,asn1_encode_encryption_key);
+        krb5_addfield(rep->subkey,6,asn1_encode_encryption_key);
 
-    /* ctime[5]                        KerberosTime */
+    /* ctime[5]                 KerberosTime */
     krb5_addfield(rep->ctime,5,asn1_encode_kerberos_time);
 
-    /* cusec[4]                        INTEGER */
+    /* cusec[4]                 INTEGER */
     krb5_addfield(rep->cusec,4,asn1_encode_integer);
 
-    /* cksum[3]                        Checksum OPTIONAL */
+    /* cksum[3]                 Checksum OPTIONAL */
     if (rep->checksum != NULL)
-       krb5_addfield(rep->checksum,3,asn1_encode_checksum);
+        krb5_addfield(rep->checksum,3,asn1_encode_checksum);
 
-    /* cname[2]                        PrincipalName */
+    /* cname[2]                 PrincipalName */
     krb5_addfield(rep->client,2,asn1_encode_principal_name);
 
-    /* crealm[1]                       Realm */
+    /* crealm[1]                        Realm */
     krb5_addfield(rep->client,1,asn1_encode_realm);
 
-    /* authenticator-vno[0]    INTEGER */
+    /* authenticator-vno[0]     INTEGER */
     krb5_addfield(KVNO,0,asn1_encode_integer);
 
     /* Authenticator ::= [APPLICATION 2] SEQUENCE */
@@ -202,16 +203,16 @@ krb5_error_code encode_krb5_ticket(const krb5_ticket *rep, krb5_data **code)
 {
     krb5_setup();
 
-    /* enc-part[3]     EncryptedData */
+    /* enc-part[3]      EncryptedData */
     krb5_addfield(&(rep->enc_part),3,asn1_encode_encrypted_data);
 
-    /* sname [2]               PrincipalName */
+    /* sname [2]                PrincipalName */
     krb5_addfield(rep->server,2,asn1_encode_principal_name);
 
-    /* realm [1]               Realm */
+    /* realm [1]                Realm */
     krb5_addfield(rep->server,1,asn1_encode_realm);
 
-    /* tkt-vno [0]     INTEGER */
+    /* tkt-vno [0]      INTEGER */
     krb5_addfield(KVNO,0,asn1_encode_integer);
 
     /* Ticket ::= [APPLICATION 1] SEQUENCE */
@@ -225,10 +226,10 @@ krb5_error_code encode_krb5_encryption_key(const krb5_keyblock *rep, krb5_data *
 {
     krb5_setup();
 
-    /* keyvalue[1]     OCTET STRING */
+    /* keyvalue[1]      OCTET STRING */
     krb5_addlenfield(rep->length,rep->contents,1,asn1_encode_octetstring);
 
-    /* enctype[0]              INTEGER */
+    /* enctype[0]               INTEGER */
     krb5_addfield(rep->enctype,0,asn1_encode_integer);
 
     /* EncryptionKey ::= SEQUENCE */
@@ -241,43 +242,43 @@ krb5_error_code encode_krb5_enc_tkt_part(const krb5_enc_tkt_part *rep, krb5_data
 {
     krb5_setup();
 
-    /* authorization-data[10]  AuthorizationData OPTIONAL */
+    /* authorization-data[10]   AuthorizationData OPTIONAL */
     if (rep->authorization_data != NULL &&
-       rep->authorization_data[0] != NULL)
-       krb5_addfield((const krb5_authdata**)rep->authorization_data,
-                     10,asn1_encode_authorization_data);
+        rep->authorization_data[0] != NULL)
+        krb5_addfield((const krb5_authdata**)rep->authorization_data,
+                      10,asn1_encode_authorization_data);
 
-    /* caddr[9]                        HostAddresses OPTIONAL */
+    /* caddr[9]                 HostAddresses OPTIONAL */
     if (rep->caddrs != NULL && rep->caddrs[0] != NULL)
-       krb5_addfield((const krb5_address**)rep->caddrs,9,asn1_encode_host_addresses);
+        krb5_addfield((const krb5_address**)rep->caddrs,9,asn1_encode_host_addresses);
 
-    /* renew-till[8]           KerberosTime OPTIONAL */
+    /* renew-till[8]            KerberosTime OPTIONAL */
     if (rep->times.renew_till)
-       krb5_addfield(rep->times.renew_till,8,asn1_encode_kerberos_time);
+        krb5_addfield(rep->times.renew_till,8,asn1_encode_kerberos_time);
 
-    /* endtime[7]                      KerberosTime */
+    /* endtime[7]                       KerberosTime */
     krb5_addfield(rep->times.endtime,7,asn1_encode_kerberos_time);
 
-    /* starttime[6]            KerberosTime OPTIONAL */
+    /* starttime[6]             KerberosTime OPTIONAL */
     if (rep->times.starttime)
-       krb5_addfield(rep->times.starttime,6,asn1_encode_kerberos_time);
+        krb5_addfield(rep->times.starttime,6,asn1_encode_kerberos_time);
 
-    /* authtime[5]             KerberosTime */
+    /* authtime[5]              KerberosTime */
     krb5_addfield(rep->times.authtime,5,asn1_encode_kerberos_time);
 
-    /* transited[4]            TransitedEncoding */
+    /* transited[4]             TransitedEncoding */
     krb5_addfield(&(rep->transited),4,asn1_encode_transited_encoding);
 
-    /* cname[3]                        PrincipalName */
+    /* cname[3]                 PrincipalName */
     krb5_addfield(rep->client,3,asn1_encode_principal_name);
 
-    /* crealm[2]                       Realm */
+    /* crealm[2]                        Realm */
     krb5_addfield(rep->client,2,asn1_encode_realm);
 
-    /* key[1]                  EncryptionKey */
+    /* key[1]                   EncryptionKey */
     krb5_addfield(rep->session,1,asn1_encode_encryption_key);
 
-    /* flags[0]                        TicketFlags */
+    /* flags[0]                 TicketFlags */
     krb5_addfield(rep->flags,0,asn1_encode_ticket_flags);
 
     /* EncTicketPart ::= [APPLICATION 3] SEQUENCE */
@@ -313,7 +314,7 @@ krb5_error_code encode_krb5_enc_kdc_rep_part(const krb5_enc_kdc_rep_part *rep, k
     krb5_cleanup();
 }
 
-/* yes, the translation is identical to that used for KDC__REP */ 
+/* yes, the translation is identical to that used for KDC__REP */
 krb5_error_code encode_krb5_as_rep(const krb5_kdc_rep *rep, krb5_data **code)
 {
     krb5_setup();
@@ -328,7 +329,7 @@ krb5_error_code encode_krb5_as_rep(const krb5_kdc_rep *rep, krb5_data **code)
     krb5_cleanup();
 }
 
-/* yes, the translation is identical to that used for KDC__REP */ 
+/* yes, the translation is identical to that used for KDC__REP */
 krb5_error_code encode_krb5_tgs_rep(const krb5_kdc_rep *rep, krb5_data **code)
 {
     krb5_setup();
@@ -347,22 +348,22 @@ krb5_error_code encode_krb5_ap_req(const krb5_ap_req *rep, krb5_data **code)
 {
     krb5_setup();
 
-    /* authenticator[4]        EncryptedData */
+    /* authenticator[4] EncryptedData */
     krb5_addfield(&(rep->authenticator),4,asn1_encode_encrypted_data);
 
-    /* ticket[3]               Ticket */
+    /* ticket[3]                Ticket */
     krb5_addfield(rep->ticket,3,asn1_encode_ticket);
 
-    /* ap-options[2]   APOptions */
+    /* ap-options[2]    APOptions */
     krb5_addfield(rep->ap_options,2,asn1_encode_ap_options);
 
-    /* msg-type[1]     INTEGER */
+    /* msg-type[1]      INTEGER */
     krb5_addfield(ASN1_KRB_AP_REQ,1,asn1_encode_integer);
 
-    /* pvno[0]         INTEGER */
+    /* pvno[0]          INTEGER */
     krb5_addfield(KVNO,0,asn1_encode_integer);
 
-    /* AP-REQ ::=      [APPLICATION 14] SEQUENCE */
+    /* AP-REQ ::=       [APPLICATION 14] SEQUENCE */
     krb5_makeseq();
     krb5_apptag(14);
 
@@ -373,19 +374,19 @@ krb5_error_code encode_krb5_ap_rep(const krb5_ap_rep *rep, krb5_data **code)
 {
     krb5_setup();
 
-    /* enc-part[2]     EncryptedData */
+    /* enc-part[2]      EncryptedData */
     krb5_addfield(&(rep->enc_part),2,asn1_encode_encrypted_data);
-  
-    /* msg-type[1]     INTEGER */
+
+    /* msg-type[1]      INTEGER */
     krb5_addfield(ASN1_KRB_AP_REP,1,asn1_encode_integer);
-  
-    /* pvno[0]         INTEGER */
+
+    /* pvno[0]          INTEGER */
     krb5_addfield(KVNO,0,asn1_encode_integer);
-  
-    /* AP-REP ::=      [APPLICATION 15] SEQUENCE */
+
+    /* AP-REP ::=       [APPLICATION 15] SEQUENCE */
     krb5_makeseq();
     krb5_apptag(15);
-  
+
     krb5_cleanup();
 }
 
@@ -394,18 +395,18 @@ krb5_error_code encode_krb5_ap_rep_enc_part(const krb5_ap_rep_enc_part *rep, krb
 {
     krb5_setup();
 
-    /* seq-number[3]   INTEGER OPTIONAL */
+    /* seq-number[3]    INTEGER OPTIONAL */
     if (rep->seq_number)
-       krb5_addfield(rep->seq_number,3,asn1_encode_unsigned_integer);
+        krb5_addfield(rep->seq_number,3,asn1_encode_unsigned_integer);
 
-    /* subkey[2]               EncryptionKey OPTIONAL */
+    /* subkey[2]                EncryptionKey OPTIONAL */
     if (rep->subkey != NULL)
-       krb5_addfield(rep->subkey,2,asn1_encode_encryption_key);
+        krb5_addfield(rep->subkey,2,asn1_encode_encryption_key);
 
-    /* cusec[1]                INTEGER */
+    /* cusec[1]         INTEGER */
     krb5_addfield(rep->cusec,1,asn1_encode_integer);
 
-    /* ctime[0]                KerberosTime */
+    /* ctime[0]         KerberosTime */
     krb5_addfield(rep->ctime,0,asn1_encode_kerberos_time);
 
     /* EncAPRepPart ::= [APPLICATION 27] SEQUENCE */
@@ -459,16 +460,16 @@ krb5_error_code encode_krb5_safe(const krb5_safe *rep, krb5_data **code)
 {
     krb5_setup();
 
-    /* cksum[3]                Checksum */
+    /* cksum[3]         Checksum */
     krb5_addfield(rep->checksum,3,asn1_encode_checksum);
 
-    /* safe-body[2]    KRB-SAFE-BODY */
+    /* safe-body[2]     KRB-SAFE-BODY */
     krb5_addfield(rep,2,asn1_encode_krb_safe_body);
 
-    /* msg-type[1]     INTEGER */
+    /* msg-type[1]      INTEGER */
     krb5_addfield(ASN1_KRB_SAFE,1,asn1_encode_integer);
 
-    /* pvno[0]         INTEGER */
+    /* pvno[0]          INTEGER */
     krb5_addfield(KVNO,0,asn1_encode_integer);
 
     /* KRB-SAFE ::= [APPLICATION 20] SEQUENCE */
@@ -492,20 +493,20 @@ krb5_error_code encode_krb5_safe_with_body(
     krb5_setup();
 
     if (body == NULL) {
-       asn1buf_destroy(&buf);
-       return ASN1_MISSING_FIELD;
+        asn1buf_destroy(&buf);
+        return ASN1_MISSING_FIELD;
     }
 
-    /* cksum[3]                Checksum */
+    /* cksum[3]         Checksum */
     krb5_addfield(rep->checksum,3,asn1_encode_checksum);
 
-    /* safe-body[2]    KRB-SAFE-BODY */
+    /* safe-body[2]     KRB-SAFE-BODY */
     krb5_addfield(body,2,asn1_encode_krb_saved_safe_body);
 
-    /* msg-type[1]     INTEGER */
+    /* msg-type[1]      INTEGER */
     krb5_addfield(ASN1_KRB_SAFE,1,asn1_encode_integer);
 
-    /* pvno[0]         INTEGER */
+    /* pvno[0]          INTEGER */
     krb5_addfield(KVNO,0,asn1_encode_integer);
 
     /* KRB-SAFE ::= [APPLICATION 20] SEQUENCE */
@@ -519,13 +520,13 @@ krb5_error_code encode_krb5_priv(const krb5_priv *rep, krb5_data **code)
 {
     krb5_setup();
 
-    /* enc-part[3]     EncryptedData */
+    /* enc-part[3]      EncryptedData */
     krb5_addfield(&(rep->enc_part),3,asn1_encode_encrypted_data);
 
-    /* msg-type[1]     INTEGER */
+    /* msg-type[1]      INTEGER */
     krb5_addfield(ASN1_KRB_PRIV,1,asn1_encode_integer);
 
-    /* pvno[0]         INTEGER */
+    /* pvno[0]          INTEGER */
     krb5_addfield(KVNO,0,asn1_encode_integer);
 
     /* KRB-PRIV ::= [APPLICATION 21] SEQUENCE */
@@ -539,25 +540,25 @@ krb5_error_code encode_krb5_enc_priv_part(const krb5_priv_enc_part *rep, krb5_da
 {
     krb5_setup();
 
-    /* r-address[5]    HostAddress OPTIONAL -- recip's addr */
+    /* r-address[5]     HostAddress OPTIONAL -- recip's addr */
     if (rep->r_address)
-       krb5_addfield(rep->r_address,5,asn1_encode_host_address);
+        krb5_addfield(rep->r_address,5,asn1_encode_host_address);
 
-    /* s-address[4]    HostAddress -- sender's addr */
+    /* s-address[4]     HostAddress -- sender's addr */
     krb5_addfield(rep->s_address,4,asn1_encode_host_address);
 
-    /* seq-number[3]   INTEGER OPTIONAL */
+    /* seq-number[3]    INTEGER OPTIONAL */
     if (rep->seq_number)
-       krb5_addfield(rep->seq_number,3,asn1_encode_unsigned_integer);
+        krb5_addfield(rep->seq_number,3,asn1_encode_unsigned_integer);
 
-    /* usec[2]         INTEGER OPTIONAL */
+    /* usec[2]          INTEGER OPTIONAL */
     if (rep->timestamp) {
-       krb5_addfield(rep->usec,2,asn1_encode_integer);
-       /* timestamp[1] KerberosTime OPTIONAL */
-       krb5_addfield(rep->timestamp,1,asn1_encode_kerberos_time);
+        krb5_addfield(rep->usec,2,asn1_encode_integer);
+        /* timestamp[1] KerberosTime OPTIONAL */
+        krb5_addfield(rep->timestamp,1,asn1_encode_kerberos_time);
     }
 
-    /* user-data[0]    OCTET STRING */
+    /* user-data[0]     OCTET STRING */
     krb5_addlenfield(rep->user_data.length,rep->user_data.data,0,asn1_encode_charstring);
 
     /* EncKrbPrivPart ::= [APPLICATION 28] SEQUENCE */
@@ -571,16 +572,16 @@ krb5_error_code encode_krb5_cred(const krb5_cred *rep, krb5_data **code)
 {
     krb5_setup();
 
-    /* enc-part[3]     EncryptedData */
+    /* enc-part[3]      EncryptedData */
     krb5_addfield(&(rep->enc_part),3,asn1_encode_encrypted_data);
 
-    /* tickets[2]              SEQUENCE OF Ticket */
+    /* tickets[2]               SEQUENCE OF Ticket */
     krb5_addfield((const krb5_ticket**)rep->tickets,2,asn1_encode_sequence_of_ticket);
 
-    /* msg-type[1]     INTEGER, -- KRB_CRED */
+    /* msg-type[1]      INTEGER, -- KRB_CRED */
     krb5_addfield(ASN1_KRB_CRED,1,asn1_encode_integer);
 
-    /* pvno[0]         INTEGER */
+    /* pvno[0]          INTEGER */
     krb5_addfield(KVNO,0,asn1_encode_integer);
 
     /* KRB-CRED ::= [APPLICATION 22] SEQUENCE */
@@ -594,28 +595,28 @@ krb5_error_code encode_krb5_enc_cred_part(const krb5_cred_enc_part *rep, krb5_da
 {
     krb5_setup();
 
-    /* r-address[5]    HostAddress OPTIONAL */
+    /* r-address[5]     HostAddress OPTIONAL */
     if (rep->r_address != NULL)
-       krb5_addfield(rep->r_address,5,asn1_encode_host_address);
+        krb5_addfield(rep->r_address,5,asn1_encode_host_address);
 
-    /* s-address[4]    HostAddress OPTIONAL */
+    /* s-address[4]     HostAddress OPTIONAL */
     if (rep->s_address != NULL)
-       krb5_addfield(rep->s_address,4,asn1_encode_host_address);
+        krb5_addfield(rep->s_address,4,asn1_encode_host_address);
 
-    /* usec[3]         INTEGER OPTIONAL */
+    /* usec[3]          INTEGER OPTIONAL */
     if (rep->timestamp) {
-       krb5_addfield(rep->usec,3,asn1_encode_integer);
-       /* timestamp[2] KerberosTime OPTIONAL */
-       krb5_addfield(rep->timestamp,2,asn1_encode_kerberos_time);
+        krb5_addfield(rep->usec,3,asn1_encode_integer);
+        /* timestamp[2] KerberosTime OPTIONAL */
+        krb5_addfield(rep->timestamp,2,asn1_encode_kerberos_time);
     }
 
-    /* nonce[1]                INTEGER OPTIONAL */
+    /* nonce[1]         INTEGER OPTIONAL */
     if (rep->nonce)
-       krb5_addfield(rep->nonce,1,asn1_encode_integer);
+        krb5_addfield(rep->nonce,1,asn1_encode_integer);
 
-    /* ticket-info[0]  SEQUENCE OF KrbCredInfo */
+    /* ticket-info[0]   SEQUENCE OF KrbCredInfo */
     krb5_addfield((const krb5_cred_info**)rep->ticket_info,
-                 0,asn1_encode_sequence_of_krb_cred_info);
+                  0,asn1_encode_sequence_of_krb_cred_info);
 
     /* EncKrbCredPart ::= [APPLICATION 29] SEQUENCE */
     krb5_makeseq();
@@ -628,48 +629,48 @@ krb5_error_code encode_krb5_error(const krb5_error *rep, krb5_data **code)
 {
     krb5_setup();
 
-    /* e-data[12]              OCTET STRING OPTIONAL */
+    /* e-data[12]               OCTET STRING OPTIONAL */
     if (rep->e_data.data != NULL && rep->e_data.length > 0)
-       krb5_addlenfield(rep->e_data.length,rep->e_data.data,12,asn1_encode_charstring);
+        krb5_addlenfield(rep->e_data.length,rep->e_data.data,12,asn1_encode_charstring);
 
-    /* e-text[11]              GeneralString OPTIONAL */
+    /* e-text[11]               GeneralString OPTIONAL */
     if (rep->text.data != NULL && rep->text.length > 0)
-       krb5_addlenfield(rep->text.length,rep->text.data,11,asn1_encode_generalstring);
+        krb5_addlenfield(rep->text.length,rep->text.data,11,asn1_encode_generalstring);
 
-    /* sname[10]               PrincipalName -- Correct name */
+    /* sname[10]                PrincipalName -- Correct name */
     krb5_addfield(rep->server,10,asn1_encode_principal_name);
 
-    /* realm[9]                Realm -- Correct realm */
+    /* realm[9]         Realm -- Correct realm */
     krb5_addfield(rep->server,9,asn1_encode_realm);
 
-    /* cname[8]                PrincipalName OPTIONAL */
+    /* cname[8]         PrincipalName OPTIONAL */
     if (rep->client != NULL) {
-       krb5_addfield(rep->client,8,asn1_encode_principal_name);
-       /* crealm[7]            Realm OPTIONAL */
-       krb5_addfield(rep->client,7,asn1_encode_realm);
+        krb5_addfield(rep->client,8,asn1_encode_principal_name);
+        /* crealm[7]            Realm OPTIONAL */
+        krb5_addfield(rep->client,7,asn1_encode_realm);
     }
 
-    /* error-code[6]   INTEGER */
+    /* error-code[6]    INTEGER */
     krb5_addfield(rep->error,6,asn1_encode_ui_4);
 
-    /* susec[5]                INTEGER */
+    /* susec[5]         INTEGER */
     krb5_addfield(rep->susec,5,asn1_encode_integer);
 
-    /* stime[4]                KerberosTime */
+    /* stime[4]         KerberosTime */
     krb5_addfield(rep->stime,4,asn1_encode_kerberos_time);
 
-    /* cusec[3]                INTEGER OPTIONAL */
+    /* cusec[3]         INTEGER OPTIONAL */
     if (rep->cusec)
-       krb5_addfield(rep->cusec,3,asn1_encode_integer);
+        krb5_addfield(rep->cusec,3,asn1_encode_integer);
 
-    /* ctime[2]                KerberosTime OPTIONAL */
+    /* ctime[2]         KerberosTime OPTIONAL */
     if (rep->ctime)
-       krb5_addfield(rep->ctime,2,asn1_encode_kerberos_time);
+        krb5_addfield(rep->ctime,2,asn1_encode_kerberos_time);
 
-    /* msg-type[1]     INTEGER */
+    /* msg-type[1]      INTEGER */
     krb5_addfield(ASN1_KRB_ERROR,1,asn1_encode_integer);
 
-    /* pvno[0]         INTEGER */
+    /* pvno[0]          INTEGER */
     krb5_addfield(KVNO,0,asn1_encode_integer);
 
     /* KRB-ERROR ::= [APPLICATION 30] SEQUENCE */
@@ -684,14 +685,14 @@ krb5_error_code encode_krb5_authdata(const krb5_authdata **rep, krb5_data **code
     asn1_error_code retval;
     asn1buf *buf=NULL;
     unsigned int length;
-  
+
     if (rep == NULL) return ASN1_MISSING_FIELD;
 
     retval = asn1buf_create(&buf);
     if (retval) return retval;
 
     retval = asn1_encode_authorization_data(buf,(const krb5_authdata**)rep,
-                                           &length);
+                                            &length);
     if (retval) return retval;
 
     krb5_cleanup();
@@ -702,7 +703,7 @@ krb5_error_code encode_krb5_authdata_elt(const krb5_authdata *rep, krb5_data **c
     asn1_error_code retval;
     asn1buf *buf=NULL;
     unsigned int length;
-  
+
     if (rep == NULL) return ASN1_MISSING_FIELD;
 
     retval = asn1buf_create(&buf);
@@ -718,11 +719,11 @@ krb5_error_code encode_krb5_alt_method(const krb5_alt_method *rep, krb5_data **c
 {
     krb5_setup();
 
-    /* method-data[1]          OctetString OPTIONAL */
+    /* method-data[1]           OctetString OPTIONAL */
     if (rep->data != NULL && rep->length > 0)
-       krb5_addlenfield(rep->length,rep->data,1,asn1_encode_octetstring);
+        krb5_addlenfield(rep->length,rep->data,1,asn1_encode_octetstring);
 
-    /* method-type[0]          Integer */
+    /* method-type[0]           Integer */
     krb5_addfield(rep->method,0,asn1_encode_integer);
 
     krb5_makeseq();
@@ -747,7 +748,7 @@ krb5_error_code encode_krb5_etype_info2(const krb5_etype_info_entry **rep, krb5_
     sum += length;
     krb5_cleanup();
 }
-  
+
 
 krb5_error_code encode_krb5_enc_data(const krb5_enc_data *rep, krb5_data **code)
 {
@@ -766,7 +767,7 @@ krb5_error_code encode_krb5_pa_enc_ts(const krb5_pa_enc_ts *rep, krb5_data **cod
 
     /* pausec[1]                    INTEGER OPTIONAL */
     if (rep->pausec)
-       krb5_addfield(rep->pausec,1,asn1_encode_integer);
+        krb5_addfield(rep->pausec,1,asn1_encode_integer);
 
     /* patimestamp[0]               KerberosTime, -- client's time */
     krb5_addfield(rep->patimestamp,0,asn1_encode_kerberos_time);
@@ -889,7 +890,7 @@ krb5_error_code encode_krb5_predicted_sam_response(const krb5_predicted_sam_resp
 }
 
 krb5_error_code encode_krb5_setpw_req(const krb5_principal target,
-                                     char *password, krb5_data **code)
+                                      char *password, krb5_data **code)
 {
     /* Macros really want us to have a variable called rep which we do not need*/
     const char *rep = "dummy string";
index 7a45298adac235b7827321b41511905a09472697..cc41dfdceca0673d267e1027126a911f70d756fa 100644 (file)
@@ -1,10 +1,11 @@
+/* -*- mode: c; indent-tabs-mode: nil -*- */
 #ifndef __KRBASN1_H__
 #define __KRBASN1_H__
 
 #include "k5-int.h"
 #include <stdio.h>
 #include <errno.h>
-#include <limits.h>            /* For INT_MAX */
+#include <limits.h>             /* For INT_MAX */
 #ifdef HAVE_STDLIB_H
 #include <stdlib.h>
 #endif
@@ -42,7 +43,7 @@ typedef krb5_error_code asn1_error_code;
 typedef enum { PRIMITIVE = 0x00, CONSTRUCTED = 0x20 } asn1_construction;
 
 typedef enum { UNIVERSAL = 0x00, APPLICATION = 0x40,
-                CONTEXT_SPECIFIC = 0x80, PRIVATE = 0xC0 } asn1_class;
+                 CONTEXT_SPECIFIC = 0x80, PRIVATE = 0xC0 } asn1_class;
 
 typedef int asn1_tagnum;
 #define ASN1_TAGNUM_CEILING INT_MAX
@@ -52,30 +53,30 @@ typedef int asn1_tagnum;
 #define KVNO 5
 
 /* Universal Tag Numbers */
-#define ASN1_INTEGER           2
-#define ASN1_BITSTRING         3
-#define ASN1_OCTETSTRING       4
-#define ASN1_NULL              5
-#define ASN1_OBJECTIDENTIFIER  6
+#define ASN1_INTEGER            2
+#define ASN1_BITSTRING          3
+#define ASN1_OCTETSTRING        4
+#define ASN1_NULL               5
+#define ASN1_OBJECTIDENTIFIER   6
 #define ASN1_ENUMERATED 10
-#define ASN1_SEQUENCE          16
-#define ASN1_SET               17
-#define ASN1_PRINTABLESTRING   19
-#define ASN1_IA5STRING         22
-#define ASN1_UTCTIME           23
-#define ASN1_GENERALTIME       24
-#define ASN1_GENERALSTRING     27
+#define ASN1_SEQUENCE           16
+#define ASN1_SET                17
+#define ASN1_PRINTABLESTRING    19
+#define ASN1_IA5STRING          22
+#define ASN1_UTCTIME            23
+#define ASN1_GENERALTIME        24
+#define ASN1_GENERALSTRING      27
 
 /* Kerberos Message Types */
-#define ASN1_KRB_AS_REQ                10
-#define ASN1_KRB_AS_REP                11
-#define ASN1_KRB_TGS_REQ       12
-#define ASN1_KRB_TGS_REP       13
-#define ASN1_KRB_AP_REQ                14
-#define ASN1_KRB_AP_REP                15
-#define ASN1_KRB_SAFE          20
-#define ASN1_KRB_PRIV          21
-#define ASN1_KRB_CRED          22
-#define ASN1_KRB_ERROR         30
+#define ASN1_KRB_AS_REQ         10
+#define ASN1_KRB_AS_REP         11
+#define ASN1_KRB_TGS_REQ        12
+#define ASN1_KRB_TGS_REP        13
+#define ASN1_KRB_AP_REQ         14
+#define ASN1_KRB_AP_REP         15
+#define ASN1_KRB_SAFE           20
+#define ASN1_KRB_PRIV           21
+#define ASN1_KRB_CRED           22
+#define ASN1_KRB_ERROR          30
 
 #endif
index e18739cb504ea94b3ab5ce8c343239b3ef35663e..7f0355d9fdae42559a0511937c83c517bc2d6fdf 100644 (file)
@@ -1,3 +1,4 @@
+/* -*- mode: c; indent-tabs-mode: nil -*- */
 /* ... copyright ... */
 
 /* Novell key-format scheme:
 #define asn1_encode_sequence_of_keys krb5int_ldap_encode_sequence_of_keys
 #define asn1_decode_sequence_of_keys krb5int_ldap_decode_sequence_of_keys
 
-#define cleanup(err)                                                   \
-       {                                                               \
-               ret = err;                                              \
-               goto last;                                              \
-       }
+#define cleanup(err)                                                    \
+        {                                                               \
+                ret = err;                                              \
+                goto last;                                              \
+        }
 
-#define checkerr                                                       \
-               if (ret != 0)                                           \
-                       goto last
+#define checkerr                                                        \
+                if (ret != 0)                                           \
+                        goto last
 
 /************************************************************************/
-/* Encode the Principal's keys                                         */
+/* Encode the Principal's keys                                          */
 /************************************************************************/
 
 static asn1_error_code
 asn1_encode_key(asn1buf *buf,
-               krb5_key_data key_data,
-               unsigned int *retlen)
+                krb5_key_data key_data,
+                unsigned int *retlen)
 {
     asn1_error_code ret = 0;
     unsigned int length, sum = 0;
 
     /* Encode the key type and value.  */
     {
-       unsigned int key_len = 0;
-       /* key value */
-       ret = asn1_encode_octetstring (buf,
-                                      key_data.key_data_length[0],
-                                      key_data.key_data_contents[0],
-                                      &length); checkerr;
-       key_len += length;
-       ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 1, length, &length); checkerr;
-       key_len += length;
-       /* key type */
-       ret = asn1_encode_integer (buf, key_data.key_data_type[0], &length);
-       checkerr;
-       key_len += length;
-       ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 0, length, &length); checkerr;
-       key_len += length;
-
-       ret = asn1_make_sequence(buf, key_len, &length); checkerr;
-       key_len += length;
-       ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 1, key_len, &length); checkerr;
-       key_len += length;
-
-       sum += key_len;
+        unsigned int key_len = 0;
+        /* key value */
+        ret = asn1_encode_octetstring (buf,
+                                       key_data.key_data_length[0],
+                                       key_data.key_data_contents[0],
+                                       &length); checkerr;
+        key_len += length;
+        ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 1, length, &length); checkerr;
+        key_len += length;
+        /* key type */
+        ret = asn1_encode_integer (buf, key_data.key_data_type[0], &length);
+        checkerr;
+        key_len += length;
+        ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 0, length, &length); checkerr;
+        key_len += length;
+
+        ret = asn1_make_sequence(buf, key_len, &length); checkerr;
+        key_len += length;
+        ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 1, key_len, &length); checkerr;
+        key_len += length;
+
+        sum += key_len;
     }
     /* Encode the salt type and value (optional) */
     if (key_data.key_data_ver > 1) {
-       unsigned int salt_len = 0;
-       /* salt value (optional) */
-       if (key_data.key_data_length[1] > 0) {
-           ret = asn1_encode_octetstring (buf,
-                                          key_data.key_data_length[1],
-                                          key_data.key_data_contents[1],
-                                          &length); checkerr;
-           salt_len += length;
-           ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 1, length, &length);
-           checkerr;
-           salt_len += length;
-       }
-       /* salt type */
-       ret = asn1_encode_integer (buf, key_data.key_data_type[1], &length);
-       checkerr;
-       salt_len += length;
-       ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 0, length, &length); checkerr;
-       salt_len += length;
-
-       ret = asn1_make_sequence(buf, salt_len, &length); checkerr;
-       salt_len += length;
-       ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 0, salt_len, &length); checkerr;
-       salt_len += length;
-
-       sum += salt_len;
+        unsigned int salt_len = 0;
+        /* salt value (optional) */
+        if (key_data.key_data_length[1] > 0) {
+            ret = asn1_encode_octetstring (buf,
+                                           key_data.key_data_length[1],
+                                           key_data.key_data_contents[1],
+                                           &length); checkerr;
+            salt_len += length;
+            ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 1, length, &length);
+            checkerr;
+            salt_len += length;
+        }
+        /* salt type */
+        ret = asn1_encode_integer (buf, key_data.key_data_type[1], &length);
+        checkerr;
+        salt_len += length;
+        ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 0, length, &length); checkerr;
+        salt_len += length;
+
+        ret = asn1_make_sequence(buf, salt_len, &length); checkerr;
+        salt_len += length;
+        ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 0, salt_len, &length); checkerr;
+        salt_len += length;
+
+        sum += salt_len;
     }
 
     ret = asn1_make_sequence(buf, sum, &length); checkerr;
@@ -133,9 +134,9 @@ last:
 /* asn1_error_code asn1_encode_sequence_of_keys (krb5_key_data *key_data, */
 krb5_error_code
 asn1_encode_sequence_of_keys (krb5_key_data *key_data,
-                             krb5_int16 n_key_data,
-                             krb5_int32 mkvno, /* Master key version number */
-                             krb5_data **code)
+                              krb5_int16 n_key_data,
+                              krb5_int32 mkvno, /* Master key version number */
+                              krb5_data **code)
 {
     asn1_error_code ret = 0;
     asn1buf *buf = NULL;
@@ -152,24 +153,24 @@ asn1_encode_sequence_of_keys (krb5_key_data *key_data,
 
     /* Sequence of keys */
     {
-       int i;
-       unsigned int seq_len = 0;
-
-       for (i = n_key_data - 1; i >= 0; i--) {
-           ret = asn1_encode_key (buf, key_data[i], &length); checkerr;
-           seq_len += length;
-       }
-       ret = asn1_make_sequence(buf, seq_len, &length); checkerr;
-       seq_len += length;
-       ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 4, seq_len, &length); checkerr;
-       seq_len += length;
-
-       sum += seq_len;
+        int i;
+        unsigned int seq_len = 0;
+
+        for (i = n_key_data - 1; i >= 0; i--) {
+            ret = asn1_encode_key (buf, key_data[i], &length); checkerr;
+            seq_len += length;
+        }
+        ret = asn1_make_sequence(buf, seq_len, &length); checkerr;
+        seq_len += length;
+        ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 4, seq_len, &length); checkerr;
+        seq_len += length;
+
+        sum += seq_len;
     }
 
     /* mkvno */
     if (mkvno < 0)
-       cleanup (ASN1_BAD_FORMAT);
+        cleanup (ASN1_BAD_FORMAT);
     tmp_ul = (unsigned long)mkvno;
     ret = asn1_encode_unsigned_integer (buf, tmp_ul, &length); checkerr;
     sum += length;
@@ -178,7 +179,7 @@ asn1_encode_sequence_of_keys (krb5_key_data *key_data,
 
     /* kvno (assuming all keys in array have same version) */
     if (key_data[0].key_data_kvno < 0)
-       cleanup (ASN1_BAD_FORMAT);
+        cleanup (ASN1_BAD_FORMAT);
     tmp_ul = (unsigned long)key_data[0].key_data_kvno;
     ret = asn1_encode_unsigned_integer (buf, tmp_ul, &length);
     checkerr;
@@ -208,7 +209,7 @@ last:
     asn1buf_destroy (&buf);
 
     if (ret != 0 && *code != NULL) {
-       free ((*code)->data);
+        free ((*code)->data);
         free (*code);
     }
 
@@ -216,14 +217,14 @@ last:
 }
 
 /************************************************************************/
-/* Decode the Principal's keys                                         */
+/* Decode the Principal's keys                                          */
 /************************************************************************/
 
-#define safe_syncbuf(outer,inner,buflen)                               \
-       if (! ((inner)->next == (inner)->bound + 1 &&                   \
-              (inner)->next == (outer)->next + buflen))                \
-           cleanup (ASN1_BAD_LENGTH);                                  \
-       asn1buf_sync((outer), (inner), 0, 0, 0, 0, 0);
+#define safe_syncbuf(outer,inner,buflen)                                \
+        if (! ((inner)->next == (inner)->bound + 1 &&                   \
+               (inner)->next == (outer)->next + buflen))                \
+            cleanup (ASN1_BAD_LENGTH);                                  \
+        asn1buf_sync((outer), (inner), 0, 0, 0, 0, 0);
 
 static asn1_error_code
 decode_tagged_integer (asn1buf *buf, asn1_tagnum expectedtag, long *val)
@@ -237,7 +238,7 @@ decode_tagged_integer (asn1buf *buf, asn1_tagnum expectedtag, long *val)
     ret = asn1buf_imbed(&tmp, buf, 0, 1); checkerr;
     ret = asn1_get_tag_2(&tmp, &t); checkerr;
     if (t.tagnum != expectedtag)
-       cleanup (ASN1_MISSING_FIELD);
+        cleanup (ASN1_MISSING_FIELD);
 
     buflen = t.length;
     ret = asn1buf_imbed(&subbuf, &tmp, t.length, 0); checkerr;
@@ -263,7 +264,7 @@ decode_tagged_unsigned_integer (asn1buf *buf, int expectedtag, unsigned long *va
     ret = asn1buf_imbed(&tmp, buf, 0, 1); checkerr;
     ret = asn1_get_tag_2(&tmp, &t); checkerr;
     if (t.tagnum != expectedtag)
-       cleanup (ASN1_MISSING_FIELD);
+        cleanup (ASN1_MISSING_FIELD);
 
     buflen = t.length;
     ret = asn1buf_imbed(&subbuf, &tmp, t.length, 0); checkerr;
@@ -279,7 +280,7 @@ last:
 
 static asn1_error_code
 decode_tagged_octetstring (asn1buf *buf, asn1_tagnum expectedtag, int *len,
-                          asn1_octet **val)
+                           asn1_octet **val)
 {
     int buflen;
     asn1_error_code ret = 0;
@@ -292,7 +293,7 @@ decode_tagged_octetstring (asn1buf *buf, asn1_tagnum expectedtag, int *len,
     ret = asn1buf_imbed(&tmp, buf, 0, 1); checkerr;
     ret = asn1_get_tag_2(&tmp, &t); checkerr;
     if (t.tagnum != expectedtag)
-       cleanup (ASN1_MISSING_FIELD);
+        cleanup (ASN1_MISSING_FIELD);
 
     buflen = t.length;
     ret = asn1buf_imbed(&subbuf, &tmp, t.length, 0); checkerr;
@@ -303,7 +304,7 @@ decode_tagged_octetstring (asn1buf *buf, asn1_tagnum expectedtag, int *len,
 
 last:
     if (ret != 0)
-       free (*val);
+        free (*val);
     return ret;
 }
 
@@ -325,75 +326,75 @@ static asn1_error_code asn1_decode_key(asn1buf *buf, krb5_key_data *key)
     asn1_get_tag_2(&subbuf, &t);
     /* Salt */
     if (t.tagnum == 0) {
-       int salt_buflen;
-       asn1buf slt;
-       unsigned long keytype;
-       int keylen;
-
-       key->key_data_ver = 2;
-       asn1_get_sequence(&subbuf, &length, &seqindef);
-       salt_buflen = length;
-       asn1buf_imbed(&slt, &subbuf, length, seqindef);
-
-       ret = decode_tagged_integer (&slt, 0, &keytype);
-       key->key_data_type[1] = keytype; /* XXX range check?? */
-       checkerr;
-
-       if (asn1buf_remains(&slt, 0) != 0) { /* Salt value is optional */
-           ret = decode_tagged_octetstring (&slt, 1, &keylen,
-                                            &key->key_data_contents[1]);
-           checkerr;
-       } else
-           keylen = 0;
-       safe_syncbuf (&subbuf, &slt, salt_buflen);
-       key->key_data_length[1] = keylen; /* XXX range check?? */
-
-       ret = asn1_get_tag_2(&subbuf, &t); checkerr;
+        int salt_buflen;
+        asn1buf slt;
+        unsigned long keytype;
+        int keylen;
+
+        key->key_data_ver = 2;
+        asn1_get_sequence(&subbuf, &length, &seqindef);
+        salt_buflen = length;
+        asn1buf_imbed(&slt, &subbuf, length, seqindef);
+
+        ret = decode_tagged_integer (&slt, 0, &keytype);
+        key->key_data_type[1] = keytype; /* XXX range check?? */
+        checkerr;
+
+        if (asn1buf_remains(&slt, 0) != 0) { /* Salt value is optional */
+            ret = decode_tagged_octetstring (&slt, 1, &keylen,
+                                             &key->key_data_contents[1]);
+            checkerr;
+        } else
+            keylen = 0;
+        safe_syncbuf (&subbuf, &slt, salt_buflen);
+        key->key_data_length[1] = keylen; /* XXX range check?? */
+
+        ret = asn1_get_tag_2(&subbuf, &t); checkerr;
     } else
-       key->key_data_ver = 1;
+        key->key_data_ver = 1;
 
     /* Key */
     {
-       int key_buflen;
-       asn1buf kbuf;
-       long lval;
-       int ival;
+        int key_buflen;
+        asn1buf kbuf;
+        long lval;
+        int ival;
 
-       if (t.tagnum != 1)
-           cleanup (ASN1_MISSING_FIELD);
+        if (t.tagnum != 1)
+            cleanup (ASN1_MISSING_FIELD);
 
-       ret = asn1_get_sequence(&subbuf, &length, &seqindef); checkerr;
-       key_buflen = length;
-       ret = asn1buf_imbed(&kbuf, &subbuf, length, seqindef); checkerr;
+        ret = asn1_get_sequence(&subbuf, &length, &seqindef); checkerr;
+        key_buflen = length;
+        ret = asn1buf_imbed(&kbuf, &subbuf, length, seqindef); checkerr;
 
-       ret = decode_tagged_integer (&kbuf, 0, &lval);
-       checkerr;
-       key->key_data_type[0] = lval; /* XXX range check? */
+        ret = decode_tagged_integer (&kbuf, 0, &lval);
+        checkerr;
+        key->key_data_type[0] = lval; /* XXX range check? */
 
-       ret = decode_tagged_octetstring (&kbuf, 1, &ival,
-                                        &key->key_data_contents[0]); checkerr;
-       key->key_data_length[0] = ival; /* XXX range check? */
+        ret = decode_tagged_octetstring (&kbuf, 1, &ival,
+                                         &key->key_data_contents[0]); checkerr;
+        key->key_data_length[0] = ival; /* XXX range check? */
 
-       safe_syncbuf (&subbuf, &kbuf, key_buflen);
+        safe_syncbuf (&subbuf, &kbuf, key_buflen);
     }
 
     safe_syncbuf (buf, &subbuf, full_buflen);
 
 last:
     if (ret != 0) {
-       free (key->key_data_contents[0]);
-       key->key_data_contents[0] = NULL;
-       free (key->key_data_contents[1]);
-       key->key_data_contents[1] = NULL;
+        free (key->key_data_contents[0]);
+        key->key_data_contents[0] = NULL;
+        free (key->key_data_contents[1]);
+        key->key_data_contents[1] = NULL;
     }
     return ret;
 }
 
 /* asn1_error_code asn1_decode_sequence_of_keys (krb5_data *in, */
 krb5_error_code asn1_decode_sequence_of_keys (krb5_data *in,
-                                             krb5_key_data **out,
-                                             krb5_int16 *n_key_data,
-                                             int *mkvno)
+                                              krb5_key_data **out,
+                                              krb5_int16 *n_key_data,
+                                              int *mkvno)
 {
     asn1_error_code ret;
     asn1buf buf, subbuf;
@@ -413,47 +414,47 @@ krb5_error_code asn1_decode_sequence_of_keys (krb5_data *in,
 
     /* attribute-major-vno */
     ret = decode_tagged_integer (&subbuf, 0, &lval); checkerr;
-    maj = lval;                        /* XXX range check? */
+    maj = lval;                 /* XXX range check? */
 
     /* attribute-minor-vno */
     ret = decode_tagged_integer (&subbuf, 1, &lval); checkerr;
-    min = lval;                        /* XXX range check? */
+    min = lval;                 /* XXX range check? */
 
     if (maj != 1 || min != 1)
-       cleanup (ASN1_BAD_FORMAT);
+        cleanup (ASN1_BAD_FORMAT);
 
     /* kvno (assuming all keys in array have same version) */
     ret = decode_tagged_integer (&subbuf, 2, &lval); checkerr;
-    kvno = lval;               /* XXX range check? */
+    kvno = lval;                /* XXX range check? */
 
     /* mkvno (optional) */
     ret = decode_tagged_integer (&subbuf, 3, &lval); checkerr;
-    *mkvno = lval;             /* XXX range check? */
+    *mkvno = lval;              /* XXX range check? */
 
     ret = asn1_get_tag_2(&subbuf, &t); checkerr;
 
     /* Sequence of keys */
     {
-       int i, seq_buflen;
-       asn1buf keyseq;
-       if (t.tagnum != 4)
-           cleanup (ASN1_MISSING_FIELD);
-       ret = asn1_get_sequence(&subbuf, &length, &seqindef); checkerr;
-       seq_buflen = length;
-       ret = asn1buf_imbed(&keyseq, &subbuf, length, seqindef); checkerr;
-       for (i = 1, *out = NULL; ; i++) {
-           krb5_key_data *tmp;
-           tmp = (krb5_key_data *) realloc (*out, i * sizeof (krb5_key_data));
-           if (tmp == NULL)
-               cleanup (ENOMEM);
-           *out = tmp;
-           (*out)[i - 1].key_data_kvno = kvno;
-           ret = asn1_decode_key(&keyseq, &(*out)[i - 1]); checkerr;
-           (*n_key_data)++;
-           if (asn1buf_remains(&keyseq, 0) == 0)
-               break; /* Not freeing the last key structure */
-       }
-       safe_syncbuf (&subbuf, &keyseq, seq_buflen);
+        int i, seq_buflen;
+        asn1buf keyseq;
+        if (t.tagnum != 4)
+            cleanup (ASN1_MISSING_FIELD);
+        ret = asn1_get_sequence(&subbuf, &length, &seqindef); checkerr;
+        seq_buflen = length;
+        ret = asn1buf_imbed(&keyseq, &subbuf, length, seqindef); checkerr;
+        for (i = 1, *out = NULL; ; i++) {
+            krb5_key_data *tmp;
+            tmp = (krb5_key_data *) realloc (*out, i * sizeof (krb5_key_data));
+            if (tmp == NULL)
+                cleanup (ENOMEM);
+            *out = tmp;
+            (*out)[i - 1].key_data_kvno = kvno;
+            ret = asn1_decode_key(&keyseq, &(*out)[i - 1]); checkerr;
+            (*n_key_data)++;
+            if (asn1buf_remains(&keyseq, 0) == 0)
+                break; /* Not freeing the last key structure */
+        }
+        safe_syncbuf (&subbuf, &keyseq, seq_buflen);
     }
 
     /*
@@ -463,13 +464,13 @@ krb5_error_code asn1_decode_sequence_of_keys (krb5_data *in,
 
 last:
     if (ret != 0) {
-       int i;
-       for (i = 0; i < *n_key_data; i++) {
-           free ((*out)[i].key_data_contents[0]);
-           free ((*out)[i].key_data_contents[1]);
-       }
-       free (*out);
-       *out = NULL;
+        int i;
+        for (i = 0; i < *n_key_data; i++) {
+            free ((*out)[i].key_data_contents[0]);
+            free ((*out)[i].key_data_contents[1]);
+        }
+        free (*out);
+        *out = NULL;
     }
 
     return ret;