Simplify and fix chpass_util error generation

If a principal has no associated kadm5 policy, we may still get
password quality errors from a module (KDB or pwqual).  There was a
bug in the error generation for this case which caused only a generic
error to be returned.

Also use snprintf() instead of multiple string operations to compose
errors.

From Simo Sorce <ssorce@redhat.com>.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25014 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/lib/kadm5/chpass_util.c b/src/lib/kadm5/chpass_util.c
index 9e8111b3c793eb5df44cec6e1d5becb2f1af6ba5..7a75136658fbf30a43314adabcc999da15dc5be3 100644 (file)
--- a/src/lib/kadm5/chpass_util.c
+++ b/src/lib/kadm5/chpass_util.c
@@ -102,12 +102,10 @@ kadm5_ret_t _kadm5_chpass_principal_util(void *server_handle,
                 msg_ret[msg_len - 1] = '\0';
                 return(code);
             } else {
-                strncpy(msg_ret, error_message(code), msg_len - 1);
-                strncat(msg_ret, " ", msg_len - 1);
-                strncat(msg_ret, string_text(CHPASS_UTIL_WHILE_READING_PASSWORD),
-                        msg_len - 1);
-                strncat(msg_ret, string_text(CHPASS_UTIL_PASSWORD_NOT_CHANGED),
-                        msg_len - 1);
+                snprintf(msg_ret, msg_len, "%s %s\n\n%s",
+                         error_message(code),
+                         string_text(CHPASS_UTIL_WHILE_READING_PASSWORD),
+                         string_text(CHPASS_UTIL_PASSWORD_NOT_CHANGED));
                 msg_ret[msg_len - 1] = '\0';
                 return(code);
             }
@@ -142,11 +140,10 @@ kadm5_ret_t _kadm5_chpass_principal_util(void *server_handle,
         (code != KADM5_PASS_REUSE) &&(code != KADM5_PASS_Q_CLASS) &&
         (code != KADM5_PASS_Q_DICT) && (code != KADM5_PASS_TOOSOON)) {
         /* Can't get more info for other errors */
-        snprintf(buffer, sizeof(buffer), "%s %s", error_message(code),
-                 string_text(CHPASS_UTIL_WHILE_TRYING_TO_CHANGE));
-        snprintf(msg_ret, msg_len, "%s\n%s\n",
+        snprintf(msg_ret, msg_len, "%s\n%s %s\n",
                  string_text(CHPASS_UTIL_PASSWORD_NOT_CHANGED),
-                 buffer);
+                 error_message(code),
+                 string_text(CHPASS_UTIL_WHILE_TRYING_TO_CHANGE));
         return(code);
     }
 
@@ -170,32 +167,22 @@ kadm5_ret_t _kadm5_chpass_principal_util(void *server_handle,
     code2 = kadm5_get_principal (lhandle, princ, &princ_ent,
                                  KADM5_PRINCIPAL_NORMAL_MASK);
     if (code2 != 0) {
-        strncpy(msg_ret, error_message(code2), msg_len - 1);
-        strncat(msg_ret, " ", msg_len - 1 - strlen(msg_ret));
-        strncat(msg_ret, string_text(CHPASS_UTIL_GET_PRINC_INFO), msg_len - 1 - strlen(msg_ret));
-        strncat(msg_ret, "\n", msg_len - 1 - strlen(msg_ret));
-        strncat(msg_ret, error_message(code), msg_len - 1 - strlen(msg_ret));
-        strncat(msg_ret, " ", msg_len - 1 - strlen(msg_ret));
-        strncat(msg_ret, string_text(CHPASS_UTIL_WHILE_TRYING_TO_CHANGE),
-                msg_len - 1 - strlen(msg_ret));
-        strncat(msg_ret, "\n\n", msg_len - 1 - strlen(msg_ret));
-        strncat(msg_ret, string_text(CHPASS_UTIL_PASSWORD_NOT_CHANGED),
-                msg_len - 1 - strlen(msg_ret));
-        strncat(msg_ret, "\n", msg_len - 1 - strlen(msg_ret));
+        snprintf(msg_ret, msg_len, "%s %s\n%s %s\n\n%s\n",
+                 error_message(code2),
+                 string_text(CHPASS_UTIL_GET_PRINC_INFO),
+                 error_message(code),
+                 string_text(CHPASS_UTIL_WHILE_TRYING_TO_CHANGE),
+                 string_text(CHPASS_UTIL_PASSWORD_NOT_CHANGED));
         msg_ret[msg_len - 1] = '\0';
         return(code);
     }
 
     if ((princ_ent.aux_attributes & KADM5_POLICY) == 0) {
-        strncpy(msg_ret, error_message(code), msg_len - 1 - strlen(msg_ret));
-        strncat(msg_ret, " ", msg_len - 1 - strlen(msg_ret));
-        strncpy(msg_ret, string_text(CHPASS_UTIL_NO_POLICY_YET_Q_ERROR),
-                msg_len - 1 - strlen(msg_ret));
-        strncat(msg_ret, "\n\n", msg_len - 1 - strlen(msg_ret));
-        strncpy(msg_ret, string_text(CHPASS_UTIL_PASSWORD_NOT_CHANGED),
-                msg_len - 1 - strlen(msg_ret));
+        /* Some module implements its own password policy. */
+        snprintf(msg_ret, msg_len, "%s\n\n%s",
+                 error_message(code),
+                 string_text(CHPASS_UTIL_PASSWORD_NOT_CHANGED));
         msg_ret[msg_len - 1] = '\0';
-
         (void) kadm5_free_principal_ent(lhandle, &princ_ent);
         return(code);
     }
@@ -248,11 +235,10 @@ kadm5_ret_t _kadm5_chpass_principal_util(void *server_handle,
     }
 
     /* We should never get here, but just in case ... */
-    snprintf(buffer, sizeof(buffer), "%s %s", error_message(code),
-             string_text(CHPASS_UTIL_WHILE_TRYING_TO_CHANGE));
-    snprintf(msg_ret, msg_len, "%s\n%s\n",
+    snprintf(msg_ret, msg_len, "%s\n%s %s\n",
              string_text(CHPASS_UTIL_PASSWORD_NOT_CHANGED),
-             buffer);
+             error_message(code),
+             string_text(CHPASS_UTIL_WHILE_TRYING_TO_CHANGE));
     (void) kadm5_free_principal_ent(lhandle, &princ_ent);
     (void) kadm5_free_policy_ent(lhandle, &policy_ent);
     return(code);