whitespace
authorTom Yu <tlyu@mit.edu>
Thu, 22 Jan 2009 23:21:11 +0000 (23:21 +0000)
committerTom Yu <tlyu@mit.edu>
Thu, 22 Jan 2009 23:21:11 +0000 (23:21 +0000)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21778 dc483132-0cff-0310-8789-dd5450dbe970

47 files changed:
src/include/k5-buf.h
src/lib/gssapi/generic/gssapiP_generic.h
src/lib/gssapi/generic/gssapi_generic.c
src/lib/gssapi/generic/gssapi_generic.h
src/lib/gssapi/generic/util_canonhost.c
src/lib/gssapi/generic/util_localhost.c
src/lib/gssapi/generic/util_token.c
src/lib/gssapi/krb5/accept_sec_context.c
src/lib/gssapi/krb5/acquire_cred.c
src/lib/gssapi/krb5/copy_ccache.c
src/lib/gssapi/krb5/delete_sec_context.c
src/lib/gssapi/krb5/get_tkt_flags.c
src/lib/gssapi/krb5/gssapiP_krb5.h
src/lib/gssapi/krb5/gssapi_krb5.c
src/lib/gssapi/krb5/gssapi_krb5.hin
src/lib/gssapi/krb5/init_sec_context.c
src/lib/gssapi/krb5/inq_context.c
src/lib/gssapi/krb5/k5seal.c
src/lib/gssapi/krb5/k5sealiov.c
src/lib/gssapi/krb5/k5sealv3.c
src/lib/gssapi/krb5/k5sealv3iov.c
src/lib/gssapi/krb5/k5unseal.c
src/lib/gssapi/krb5/k5unsealiov.c
src/lib/gssapi/krb5/krb5_gss_glue.c
src/lib/gssapi/krb5/lucid_context.c
src/lib/gssapi/krb5/seal.c
src/lib/gssapi/krb5/ser_sctx.c
src/lib/gssapi/krb5/set_ccache.c
src/lib/gssapi/krb5/sign.c
src/lib/gssapi/krb5/unseal.c
src/lib/gssapi/krb5/util_cksum.c
src/lib/gssapi/krb5/util_crypt.c
src/lib/gssapi/krb5/util_seed.c
src/lib/gssapi/krb5/util_seqnum.c
src/lib/gssapi/krb5/verify.c
src/lib/gssapi/krb5/wrap_size_limit.c
src/lib/krb5/asn.1/asn1_decode.h
src/lib/krb5/asn.1/asn1_encode.c
src/lib/krb5/asn.1/asn1_encode.h
src/lib/krb5/asn.1/asn1_k_decode.c
src/lib/krb5/asn.1/asn1_k_decode.h
src/lib/krb5/asn.1/asn1_k_encode.c
src/lib/krb5/asn.1/krb5_decode.c
src/lib/krb5/asn.1/krbasn1.h
src/util/support/k5buf-int.h
src/util/support/k5buf.c
src/util/support/t_k5buf.c

index de869d34798065795767fc1e3c75c246249f2d93..0af4b52b899759e7d05758d896e866e16d989780 100644 (file)
@@ -17,7 +17,7 @@
  * this permission notice appear in supporting documentation, and that
  * the name of M.I.T. not be used in advertising or publicity pertaining
  * to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
+ * permission.  Furthermore if you modify this software you must label
  * your software as modified software and not distribute it in such a
  * fashion that it might be confused with the original M.I.T. software.
  * M.I.T. makes no representations about the suitability of
index 894899b95c14d4c4ec4be7ca3a9637390a49f9a4..b84f69e6a50f7510e8e868c4426d625c54c614c4 100644 (file)
@@ -175,8 +175,8 @@ void g_make_token_header (const gss_OID_desc * mech, unsigned int body_size,
                           unsigned char **buf, int tok_type);
 
 /* flags for g_verify_token_header() */
-#define        G_VFY_TOKEN_HDR_WRAPPER_REQUIRED        0x01
-#define G_VFY_TOKEN_HDR_IGNORE_SEQ_SIZE                0x02
+#define G_VFY_TOKEN_HDR_WRAPPER_REQUIRED        0x01
+#define G_VFY_TOKEN_HDR_IGNORE_SEQ_SIZE         0x02
 
 gss_int32 g_verify_token_header (const gss_OID_desc * mech,
                                  unsigned int *body_size,
@@ -263,19 +263,19 @@ generic_gss_str_to_oid(
 
 OM_uint32
 generic_gss_oid_compose(
-    OM_uint32 *,       /* minor_status */
-    const char *,      /* prefix */
-    size_t,            /* prefix_len */
-    int,               /* suffix */
-    gss_OID_desc *);   /* oid */
+    OM_uint32 *,        /* minor_status */
+    const char *,       /* prefix */
+    size_t,             /* prefix_len */
+    int,                /* suffix */
+    gss_OID_desc *);    /* oid */
 
 OM_uint32
 generic_gss_oid_decompose(
-    OM_uint32 *,       /* minor_status */
-    const char *,      /*prefix */
-    size_t,            /* prefix_len */
-    gss_OID_desc *,    /* oid */
-    int *);            /* suffix */
+    OM_uint32 *,        /* minor_status */
+    const char *,       /*prefix */
+    size_t,             /* prefix_len */
+    gss_OID_desc *,     /* oid */
+    int *);             /* suffix */
 
 int gssint_mecherrmap_init(void);
 void gssint_mecherrmap_destroy(void);
@@ -299,7 +299,7 @@ OM_uint32 generic_gss_release_buffer_set
 
 OM_uint32 generic_gss_copy_oid_set
 (OM_uint32 *, /* minor_status */
-           const gss_OID_set_desc *, /* const oidset*/
-           gss_OID_set * /*new_oidset*/);
+            const gss_OID_set_desc *, /* const oidset*/
+            gss_OID_set * /*new_oidset*/);
 
 #endif /* _GSSAPIP_GENERIC_H_ */
index 9497c3dc31799dbf88b7e9c3d91803349ba5e37d..14724619a9d2c66476cd21b11ca950a5a9818520 100644 (file)
@@ -151,5 +151,5 @@ GSS_DLLIMP gss_OID GSS_C_NT_ANONYMOUS           = oids+5;
 GSS_DLLIMP gss_OID GSS_C_NT_EXPORT_NAME         = oids+6;
 gss_OID gss_nt_exported_name                    = oids+6;
 
-GSS_DLLIMP gss_OID GSS_C_INQ_SSPI_SESSION_KEY  = oids+7;
+GSS_DLLIMP gss_OID GSS_C_INQ_SSPI_SESSION_KEY   = oids+7;
 
index cd872e6edb9ae160187db1ef24969c88b2a176bf..c5399dc7275aa3ec0f3cfbbcf65445351eb098d8 100644 (file)
@@ -38,8 +38,8 @@
 #define GSSAPIGENERIC_END_DECLS
 #endif
 
-#define        GSS_EMPTY_BUFFER(buf)   ((buf) == NULL ||\
-       (buf)->value == NULL || (buf)->length == 0)
+#define GSS_EMPTY_BUFFER(buf)   ((buf) == NULL ||\
+        (buf)->value == NULL || (buf)->length == 0)
 
 GSSAPIGENERIC_BEGIN_DECLS
 
index ef093e621f027eaff2fe0a9be0192092ca973691..6e953186df1f8431597b8543921ef433cc9d3136 100644 (file)
@@ -45,25 +45,25 @@ g_canonicalize_host(char *hostname)
     char *canon, *str;
 
     if ((hent = gethostbyname(hostname)) == NULL)
-       return(NULL);
+        return(NULL);
 
     if (! (haddr = (char *) xmalloc(hent->h_length))) {
-       return(NULL);
+        return(NULL);
     }
 
     memcpy(haddr, hent->h_addr_list[0], hent->h_length);
 
     if (! (hent = gethostbyaddr(haddr, hent->h_length, hent->h_addrtype))) {
-       return(NULL);
+        return(NULL);
     }
 
     xfree(haddr);
 
     if ((canon = (char *) strdup(hent->h_name)) == NULL)
-       return(NULL);
+        return(NULL);
 
     for (str = canon; *str; str++)
-       if (isupper(*str)) *str = tolower(*str);
+        if (isupper(*str)) *str = tolower(*str);
 
     return(canon);
 }
index c014400fb8d82e1328dedefec4e1919c576ae6a3..85e0980479358eeb854afa4517ab2e4023a27eaa 100644 (file)
@@ -41,7 +41,7 @@ g_local_host_name(void)
     char buf[MAXHOSTNAMELEN+1], *ptr;
 
     if (gethostname(buf, sizeof(buf)) < 0)
-       return 0;
+        return 0;
 
     buf[sizeof(buf)-1] = '\0';
 
index 24d5325483ed70a1ecd1bd760d947ac6b1d79a3f..b59778836fbc1987e8863a4aca20703183ebabc4 100644 (file)
@@ -195,7 +195,7 @@ g_verify_token_header(
         return(G_BAD_TOK_HEADER);
 
     if ((flags & G_VFY_TOKEN_HDR_IGNORE_SEQ_SIZE) == 0 &&
-       seqsize != toksize)
+        seqsize != toksize)
         return(G_BAD_TOK_HEADER);
 
     if ((toksize-=1) < 0)
index 63ce92c1bbc6712179c7a97955d96bc22e44863c..5cdb5dca81c88ff509ff21c6ed904313f259df41 100644 (file)
@@ -243,8 +243,8 @@ cleanup:
  */
 static OM_uint32
 kg_accept_dce(minor_status, context_handle, verifier_cred_handle,
-             input_token, input_chan_bindings, src_name, mech_type,
-             output_token, ret_flags, time_rec, delegated_cred_handle)
+              input_token, input_chan_bindings, src_name, mech_type,
+              output_token, ret_flags, time_rec, delegated_cred_handle)
      OM_uint32 *minor_status;
      gss_ctx_id_t *context_handle;
      gss_cred_id_t verifier_cred_handle;
@@ -292,9 +292,9 @@ kg_accept_dce(minor_status, context_handle, verifier_cred_handle,
    ap_rep.length = input_token->length;
 
    code = krb5_rd_rep_dce(ctx->k5_context,
-                         ctx->auth_context,
-                         &ap_rep,
-                         &nonce);
+                          ctx->auth_context,
+                          &ap_rep,
+                          &nonce);
    if (code != 0) {
        major_status = GSS_S_FAILURE;
        goto fail;
@@ -304,14 +304,14 @@ kg_accept_dce(minor_status, context_handle, verifier_cred_handle,
 
    if (src_name) {
        if ((code = krb5_copy_principal(ctx->k5_context, ctx->there, &name))) {
-          major_status = GSS_S_FAILURE;
-          goto fail;
+           major_status = GSS_S_FAILURE;
+           goto fail;
        }
        /* intern the src_name */
        if (! kg_save_name((gss_name_t) name)) {
-          code = G_VALIDATE_FAILED;
-          major_status = GSS_S_FAILURE;
-          goto fail;
+           code = G_VALIDATE_FAILED;
+           major_status = GSS_S_FAILURE;
+           goto fail;
        }
       *src_name = (gss_name_t) name;
    }
@@ -336,7 +336,7 @@ kg_accept_dce(minor_status, context_handle, verifier_cred_handle,
 
    if (ctx)
        (void) krb5_gss_delete_sec_context(minor_status, 
-                                         (gss_ctx_id_t *) &ctx, NULL);
+                                          (gss_ctx_id_t *) &ctx, NULL);
    *context_handle = GSS_C_NO_CONTEXT;
    *minor_status = code;
 
@@ -345,10 +345,10 @@ kg_accept_dce(minor_status, context_handle, verifier_cred_handle,
 
 static OM_uint32
 kg_accept_krb5(minor_status, context_handle,
-             verifier_cred_handle, input_token,
-             input_chan_bindings, src_name, mech_type,
-             output_token, ret_flags, time_rec,
-             delegated_cred_handle)
+              verifier_cred_handle, input_token,
+              input_chan_bindings, src_name, mech_type,
+              output_token, ret_flags, time_rec,
+              delegated_cred_handle)
     OM_uint32 *minor_status;
     gss_ctx_id_t *context_handle;
     gss_cred_id_t verifier_cred_handle;
@@ -492,11 +492,11 @@ kg_accept_krb5(minor_status, context_handle,
         mech_used = gss_mech_krb5;
         goto fail;
     } else if (code == G_BAD_TOK_HEADER) {
-       /* DCE style not encapsulated */
-       ap_req.length = input_token->length;
-       ap_req.data = input_token->value;
-       mech_used = gss_mech_krb5;
-       no_encap = 1;
+        /* DCE style not encapsulated */
+        ap_req.length = input_token->length;
+        ap_req.data = input_token->value;
+        mech_used = gss_mech_krb5;
+        no_encap = 1;
     } else {
         major_status = GSS_S_DEFECTIVE_TOKEN;
         goto fail;
@@ -570,23 +570,23 @@ kg_accept_krb5(minor_status, context_handle,
 
       code = krb5_auth_con_getkey(context, auth_context, &subkey);
       if (code) {
-        major_status = GSS_S_FAILURE;
-        goto fail;
+         major_status = GSS_S_FAILURE;
+         goto fail;
       }
 
       zero.length = 0;
       zero.data = "";
 
       code = krb5_c_verify_checksum(context,
-                                   subkey,
-                                   KRB5_KEYUSAGE_AP_REQ_AUTH_CKSUM,
-                                   &zero,
-                                   authdat->checksum,
-                                   &valid);
+                                    subkey,
+                                    KRB5_KEYUSAGE_AP_REQ_AUTH_CKSUM,
+                                    &zero,
+                                    authdat->checksum,
+                                    &valid);
       if (code || !valid) {
-         major_status = GSS_S_BAD_SIG;
-         krb5_free_keyblock(context, subkey);
-         goto fail;
+          major_status = GSS_S_BAD_SIG;
+          krb5_free_keyblock(context, subkey);
+          goto fail;
       }
 
       gss_flags = GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG | GSS_C_SEQUENCE_FLAG;
@@ -774,8 +774,8 @@ kg_accept_krb5(minor_status, context_handle,
 
     /* only DCE_STYLE clients are allowed to send raw AP-REQs */
     if (no_encap != ((gss_flags & GSS_C_DCE_STYLE) != 0)) {
-       major_status = GSS_S_DEFECTIVE_TOKEN;
-       goto fail;
+        major_status = GSS_S_DEFECTIVE_TOKEN;
+        goto fail;
     }
 
     /* create the ctx struct and start filling it in */
@@ -795,8 +795,8 @@ kg_accept_krb5(minor_status, context_handle,
                       ((gss_flags) & (GSS_C_INTEG_FLAG | GSS_C_CONF_FLAG |
                                       GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG |
                                       GSS_C_SEQUENCE_FLAG | GSS_C_DELEG_FLAG |
-                                     GSS_C_DCE_STYLE | GSS_C_IDENTIFY_FLAG |
-                                     GSS_C_EXTENDED_ERROR_FLAG)));
+                                      GSS_C_DCE_STYLE | GSS_C_IDENTIFY_FLAG |
+                                      GSS_C_EXTENDED_ERROR_FLAG)));
     ctx->seed_init = 0;
     ctx->big_endian = bigend;
     ctx->cred_rcache = cred_rcache;
@@ -813,11 +813,11 @@ kg_accept_krb5(minor_status, context_handle,
 
     /* XXX move this into gss_name_t */
     if (ticket->enc_part2->authorization_data != NULL &&
-       (code = krb5_copy_authdata(context,
-                                  ticket->enc_part2->authorization_data,
-                                  &ctx->authdata))) {
-       major_status = GSS_S_FAILURE;
-       goto fail;
+        (code = krb5_copy_authdata(context,
+                                   ticket->enc_part2->authorization_data,
+                                   &ctx->authdata))) {
+        major_status = GSS_S_FAILURE;
+        goto fail;
     }
     if ((code = krb5_copy_principal(context, ticket->server, &ctx->here))) {
         major_status = GSS_S_FAILURE;
@@ -858,11 +858,11 @@ kg_accept_krb5(minor_status, context_handle,
     ctx->have_acceptor_subkey = 0;
     /* DCE_STYLE implies acceptor_subkey */
     if ((ctx->gss_flags & GSS_C_DCE_STYLE) == 0) {
-       code = kg_setup_keys(context, ctx, ctx->subkey, &ctx->cksumtype);
-       if (code) {
-           major_status = GSS_S_FAILURE;
-           goto fail;
-       }
+        code = kg_setup_keys(context, ctx, ctx->subkey, &ctx->cksumtype);
+        if (code) {
+            major_status = GSS_S_FAILURE;
+            goto fail;
+        }
     }
     ctx->krb_times = ticket->enc_part2->times; /* struct copy */
     ctx->krb_flags = ticket->enc_part2->flags;
@@ -892,7 +892,7 @@ kg_accept_krb5(minor_status, context_handle,
 
     /* DCE_STYLE implies mutual authentication */
     if (ctx->gss_flags & GSS_C_DCE_STYLE)
-       ctx->gss_flags |= GSS_C_MUTUAL_FLAG;
+        ctx->gss_flags |= GSS_C_MUTUAL_FLAG;
 
     /* at this point, the entire context structure is filled in,
        so it can be released.  */
@@ -904,36 +904,36 @@ kg_accept_krb5(minor_status, context_handle,
         krb5_int32 seq_temp;
         int cfx_generate_subkey;
 
-       /*
-        * Do not generate a subkey per RFC 4537 unless we are upgrading to CFX,
-        * because pre-CFX tokens do not indicate which key to use. (Note that
-        * DCE_STYLE implies that we will use a subkey.)
-        */
-       if (ctx->proto == 0 &&
-           (ctx->gss_flags & GSS_C_DCE_STYLE) == 0 && 
-           (ap_req_options & AP_OPTS_USE_SUBKEY)) {
-           code = (*kaccess.krb5_auth_con_get_subkey_enctype) (context,
-                                                               auth_context,
-                                                               &negotiated_etype);
-           if (code != 0) {
-               major_status = GSS_S_FAILURE;
-               goto fail;
-           }
-
-           switch (negotiated_etype) {
-           case ENCTYPE_DES_CBC_MD5:
-           case ENCTYPE_DES_CBC_MD4:
-           case ENCTYPE_DES_CBC_CRC:
-           case ENCTYPE_DES3_CBC_SHA1:
-           case ENCTYPE_ARCFOUR_HMAC:
-           case ENCTYPE_ARCFOUR_HMAC_EXP:
-               ap_req_options &= ~(AP_OPTS_USE_SUBKEY);
-               break;
-           }
-       }
+        /*
+         * Do not generate a subkey per RFC 4537 unless we are upgrading to CFX,
+         * because pre-CFX tokens do not indicate which key to use. (Note that
+         * DCE_STYLE implies that we will use a subkey.)
+         */
+        if (ctx->proto == 0 &&
+            (ctx->gss_flags & GSS_C_DCE_STYLE) == 0 && 
+            (ap_req_options & AP_OPTS_USE_SUBKEY)) {
+            code = (*kaccess.krb5_auth_con_get_subkey_enctype) (context,
+                                                                auth_context,
+                                                                &negotiated_etype);
+            if (code != 0) {
+                major_status = GSS_S_FAILURE;
+                goto fail;
+            }
+
+            switch (negotiated_etype) {
+            case ENCTYPE_DES_CBC_MD5:
+            case ENCTYPE_DES_CBC_MD4:
+            case ENCTYPE_DES_CBC_CRC:
+            case ENCTYPE_DES3_CBC_SHA1:
+            case ENCTYPE_ARCFOUR_HMAC:
+            case ENCTYPE_ARCFOUR_HMAC_EXP:
+                ap_req_options &= ~(AP_OPTS_USE_SUBKEY);
+                break;
+            }
+        }
 
         if (ctx->proto == 1 || (ctx->gss_flags & GSS_C_DCE_STYLE) ||
-           (ap_req_options & AP_OPTS_USE_SUBKEY))
+            (ap_req_options & AP_OPTS_USE_SUBKEY))
             cfx_generate_subkey = CFX_ACCEPTOR_SUBKEY;
         else
             cfx_generate_subkey = 0;
@@ -970,35 +970,35 @@ kg_accept_krb5(minor_status, context_handle,
             }
             ctx->have_acceptor_subkey = 1;
 
-           code = kg_setup_keys(context, ctx, ctx->acceptor_subkey,
-                                &ctx->acceptor_subkey_cksumtype);
-           if (code) {
-               major_status = GSS_S_FAILURE;
-               goto fail;
-           }
+            code = kg_setup_keys(context, ctx, ctx->acceptor_subkey,
+                                 &ctx->acceptor_subkey_cksumtype);
+            if (code) {
+                major_status = GSS_S_FAILURE;
+                goto fail;
+            }
         }
 
         /* the reply token hasn't been sent yet, but that's ok. */
-       if (ctx->gss_flags & GSS_C_DCE_STYLE) {
-           assert(ctx->have_acceptor_subkey);
+        if (ctx->gss_flags & GSS_C_DCE_STYLE) {
+            assert(ctx->have_acceptor_subkey);
 
-           /* in order to force acceptor subkey to be used, don't set PROT_READY */
+            /* in order to force acceptor subkey to be used, don't set PROT_READY */
 
-           /* Raw AP-REP is returned */
-           output_token->length = ap_rep.length;
-           output_token->value = ap_rep.data;
-           ap_rep.data = NULL; /* don't double free */
+            /* Raw AP-REP is returned */
+            output_token->length = ap_rep.length;
+            output_token->value = ap_rep.data;
+            ap_rep.data = NULL; /* don't double free */
 
-           ctx->established = 0;
+            ctx->established = 0;
 
-           *context_handle = (gss_ctx_id_t)ctx;
-           *minor_status = 0;
-           major_status = GSS_S_CONTINUE_NEEDED;
+            *context_handle = (gss_ctx_id_t)ctx;
+            *minor_status = 0;
+            major_status = GSS_S_CONTINUE_NEEDED;
 
-           /* Only last leg should set return arguments */
-           goto fail;
-       } else
-           ctx->gss_flags |= GSS_C_PROT_READY_FLAG;
+            /* Only last leg should set return arguments */
+            goto fail;
+        } else
+            ctx->gss_flags |= GSS_C_PROT_READY_FLAG;
 
         ctx->established = 1;
 
@@ -1086,7 +1086,7 @@ fail:
     if (ap_rep.data)
         krb5_free_data_contents(context, &ap_rep);
     if (major_status == GSS_S_COMPLETE ||
-       (major_status == GSS_S_CONTINUE_NEEDED && code != KRB5KRB_AP_ERR_MSG_TYPE)) {
+        (major_status == GSS_S_CONTINUE_NEEDED && code != KRB5KRB_AP_ERR_MSG_TYPE)) {
         ctx->k5_context = context;
         context = NULL;
         goto done;
@@ -1212,22 +1212,22 @@ krb5_gss_accept_sec_context(minor_status, context_handle,
      */
     /*SUPPRESS 29*/
     if (ctx != NULL) {
-       if (ctx->established == 0 && (ctx->gss_flags & GSS_C_DCE_STYLE)) {
-           return kg_accept_dce(minor_status, context_handle,
-                                verifier_cred_handle, input_token,
-                                input_chan_bindings, src_name, mech_type,
-                                output_token, ret_flags, time_rec,
-                                delegated_cred_handle);
-       } else {
-           *minor_status = EINVAL;
-           save_error_string(EINVAL, "accept_sec_context called with existing context handle");
-           return GSS_S_FAILURE;
-       }
+        if (ctx->established == 0 && (ctx->gss_flags & GSS_C_DCE_STYLE)) {
+            return kg_accept_dce(minor_status, context_handle,
+                                 verifier_cred_handle, input_token,
+                                 input_chan_bindings, src_name, mech_type,
+                                 output_token, ret_flags, time_rec,
+                                 delegated_cred_handle);
+        } else {
+            *minor_status = EINVAL;
+            save_error_string(EINVAL, "accept_sec_context called with existing context handle");
+            return GSS_S_FAILURE;
+        }
     }
 
     return kg_accept_krb5(minor_status, context_handle,
-                        verifier_cred_handle, input_token,
-                        input_chan_bindings, src_name, mech_type,
-                        output_token, ret_flags, time_rec,
-                        delegated_cred_handle);
+                         verifier_cred_handle, input_token,
+                         input_chan_bindings, src_name, mech_type,
+                         output_token, ret_flags, time_rec,
+                         delegated_cred_handle);
 }
index 98617d570fcfdd0e837be1a3a4b515d1545fb312..f32cd81c66ef6df4b49f439322d737761faa6b57 100644 (file)
@@ -99,9 +99,9 @@ static char *krb5_gss_keytab = NULL;
 /* Heimdal calls this gsskrb5_register_acceptor_identity. */
 OM_uint32
 gss_krb5int_register_acceptor_identity(OM_uint32 *minor_status,
-                                      const gss_OID desired_mech,
-                                      const gss_OID desired_object,
-                                      gss_buffer_t value)
+                                       const gss_OID desired_mech,
+                                       const gss_OID desired_object,
+                                       gss_buffer_t value)
 {
     char *new, *old;
     int err;
@@ -746,9 +746,9 @@ gss_krb5int_set_cred_rcache(OM_uint32 *minor_status,
    if (cred->rcache != NULL) {
       code = krb5_rc_close(context, cred->rcache);
       if (code) {
-        *minor_status = code;
-        krb5_free_context(context);
-        return GSS_S_FAILURE;
+         *minor_status = code;
+         krb5_free_context(context);
+         return GSS_S_FAILURE;
       }
    }
 
index 430b50d282540fd1681a0bd44f0fbd7ffdcc3ab0..06caa71716d9075a9ed6503a3e6aeb245afcd295 100644 (file)
@@ -3,9 +3,9 @@
 
 OM_uint32 KRB5_CALLCONV
 gss_krb5int_copy_ccache(OM_uint32 *minor_status,
-                       gss_cred_id_t cred_handle,
-                       const gss_OID desired_object,
-                       const gss_buffer_t value)
+                        gss_cred_id_t cred_handle,
+                        const gss_OID desired_object,
+                        const gss_buffer_t value)
 {
     krb5_gss_cred_id_t k5creds;
     krb5_cc_cursor cursor;
@@ -17,7 +17,7 @@ gss_krb5int_copy_ccache(OM_uint32 *minor_status,
     assert(value->length == sizeof(out_ccache));
 
     if (value->length != sizeof(out_ccache))
-       return GSS_S_FAILURE;
+        return GSS_S_FAILURE;
 
     out_ccache = (krb5_ccache)value->value;
 
index 9544524d30d4032c99535b22ca32a8ac1d84d1a6..33e0e313e2269770a038c89da7e2ff42acfb8ddf 100644 (file)
@@ -107,7 +107,7 @@ krb5_gss_delete_sec_context(minor_status, context_handle, output_token)
         krb5_gss_release_oid(minor_status, &ctx->mech_used);
 
     if (ctx->authdata)
-       krb5_free_authdata(context, ctx->authdata);
+        krb5_free_authdata(context, ctx->authdata);
 
     if (ctx->k5_context)
         krb5_free_context(ctx->k5_context);
index 2c12080bb1b8bf24a6856e1eea80f8a85c66aaa4..29126d6c8a93658b29e34eb7ba96acfbd71a2862 100644 (file)
@@ -29,9 +29,9 @@
 
 OM_uint32 KRB5_CALLCONV
 gss_krb5int_get_tkt_flags(OM_uint32 *minor_status,
-                         const gss_ctx_id_t context_handle,
-                         const gss_OID desired_object,
-                         gss_buffer_set_t *data_set)
+                          const gss_ctx_id_t context_handle,
+                          const gss_OID desired_object,
+                          gss_buffer_set_t *data_set)
 {
     krb5_gss_ctx_id_rec *ctx;
     gss_buffer_desc rep;
index 76dfd4429a28e91974209261bd1891de38ab32e9..3c4f7e0385453a93ab23093e17a1ed4046d89d2f 100644 (file)
@@ -264,9 +264,9 @@ krb5_error_code kg_make_seed (krb5_context context,
 
 krb5_error_code
 kg_setup_keys(krb5_context context,
-             krb5_gss_ctx_id_rec *ctx,
-             krb5_keyblock *subkey,
-             krb5_cksumtype *cksumtype);
+              krb5_gss_ctx_id_rec *ctx,
+              krb5_keyblock *subkey,
+              krb5_cksumtype *cksumtype);
 
 int kg_confounder_size (krb5_context context, krb5_keyblock *key);
 
@@ -282,10 +282,10 @@ krb5_error_code kg_encrypt (krb5_context context,
 
 krb5_error_code kg_encrypt_iov (krb5_context context,
                                 int proto, int dce_style,
-                               size_t ec, size_t rrc,
-                               krb5_keyblock *key, int usage,
+                                size_t ec, size_t rrc,
+                                krb5_keyblock *key, int usage,
                                 krb5_pointer iv,
-                               gss_iov_buffer_desc *iov,
+                                gss_iov_buffer_desc *iov,
                                 int iov_count);
 
 krb5_error_code
@@ -296,9 +296,9 @@ kg_arcfour_docrypt (const krb5_keyblock *longterm_key , int ms_usage,
 
 krb5_error_code
 kg_arcfour_docrypt_iov (krb5_context context,
-                       const krb5_keyblock *longterm_key , int ms_usage,
+                        const krb5_keyblock *longterm_key , int ms_usage,
                         const unsigned char *kd_data, size_t kd_data_len,
-                       gss_iov_buffer_desc *iov,
+                        gss_iov_buffer_desc *iov,
                         int iov_count);
 
 krb5_error_code kg_decrypt (krb5_context context,
@@ -310,10 +310,10 @@ krb5_error_code kg_decrypt (krb5_context context,
 
 krb5_error_code kg_decrypt_iov (krb5_context context,
                                 int proto, int dce_style,
-                               size_t ec, size_t rrc,
+                                size_t ec, size_t rrc,
                                 krb5_keyblock *key,  int usage,
                                 krb5_pointer iv,
-                               gss_iov_buffer_desc *iov,
+                                gss_iov_buffer_desc *iov,
                                 int iov_count);
 
 OM_uint32 kg_seal (OM_uint32 *minor_status,
@@ -368,92 +368,92 @@ OM_uint32 kg_set_ccache_name (OM_uint32 *minor_status,
 /* AEAD */
 
 krb5_error_code gss_krb5int_make_seal_token_v3_iov(krb5_context context,
-                          krb5_gss_ctx_id_rec *ctx,
-                          int conf_req_flag,
-                          int *conf_state,
-                          gss_iov_buffer_desc *iov,
-                          int iov_count,
-                          int toktype);
+                           krb5_gss_ctx_id_rec *ctx,
+                           int conf_req_flag,
+                           int *conf_state,
+                           gss_iov_buffer_desc *iov,
+                           int iov_count,
+                           int toktype);
 
 OM_uint32 gss_krb5int_unseal_v3_iov(krb5_context context,
-                         OM_uint32 *minor_status,
-                         krb5_gss_ctx_id_rec *ctx,
-                         gss_iov_buffer_desc *iov,
-                         int iov_count,
-                         int *conf_state,
-                         gss_qop_t *qop_state,
-                         int toktype);
+                          OM_uint32 *minor_status,
+                          krb5_gss_ctx_id_rec *ctx,
+                          gss_iov_buffer_desc *iov,
+                          int iov_count,
+                          int *conf_state,
+                          gss_qop_t *qop_state,
+                          int toktype);
 
 gss_iov_buffer_t kg_locate_iov (gss_iov_buffer_desc *iov,
-             int iov_count,
-             OM_uint32 type);
+              int iov_count,
+              OM_uint32 type);
 
 void kg_iov_msglen(gss_iov_buffer_desc *iov,
-             int iov_count,
-             size_t *data_length,
-             size_t *assoc_data_length);
+              int iov_count,
+              size_t *data_length,
+              size_t *assoc_data_length);
 
 void kg_release_iov(gss_iov_buffer_desc *iov,
-              int iov_count);
+               int iov_count);
 
 krb5_error_code kg_make_checksum_iov_v1(krb5_context context,
-               krb5_cksumtype type,
-               size_t token_cksum_len,
-               krb5_keyblock *seq,
-               krb5_keyblock *enc, /* for conf len */
-               krb5_keyusage sign_usage,
-               gss_iov_buffer_desc *iov,
-               int iov_count,
-               int toktype,
-               krb5_checksum *checksum);
+                krb5_cksumtype type,
+                size_t token_cksum_len,
+                krb5_keyblock *seq,
+                krb5_keyblock *enc, /* for conf len */
+                krb5_keyusage sign_usage,
+                gss_iov_buffer_desc *iov,
+                int iov_count,
+                int toktype,
+                krb5_checksum *checksum);
 
 krb5_error_code kg_make_checksum_iov_v3(krb5_context context,
-               krb5_cksumtype type,
-               size_t rrc,
-               krb5_keyblock *key,
-               krb5_keyusage sign_usage,
-               gss_iov_buffer_desc *iov,
-               int iov_count);
+                krb5_cksumtype type,
+                size_t rrc,
+                krb5_keyblock *key,
+                krb5_keyusage sign_usage,
+                gss_iov_buffer_desc *iov,
+                int iov_count);
 
 krb5_error_code kg_verify_checksum_iov_v3(krb5_context context,
-               krb5_cksumtype type,
-               size_t rrc,
-               krb5_keyblock *key,
-               krb5_keyusage sign_usage,
-               gss_iov_buffer_desc *iov,
-               int iov_count,
-               krb5_boolean *valid);
+                krb5_cksumtype type,
+                size_t rrc,
+                krb5_keyblock *key,
+                krb5_keyusage sign_usage,
+                gss_iov_buffer_desc *iov,
+                int iov_count,
+                krb5_boolean *valid);
 
 OM_uint32 kg_seal_iov (OM_uint32 *minor_status,
-           gss_ctx_id_t context_handle,
-           int conf_req_flag,
-           gss_qop_t qop_req,
-           int *conf_state,
-           gss_iov_buffer_desc *iov,
-           int iov_count,
-           int toktype);
+            gss_ctx_id_t context_handle,
+            int conf_req_flag,
+            gss_qop_t qop_req,
+            int *conf_state,
+            gss_iov_buffer_desc *iov,
+            int iov_count,
+            int toktype);
 
 OM_uint32 kg_unseal_iov (OM_uint32 *minor_status,
-           gss_ctx_id_t context_handle,
-           int *conf_state,
-           gss_qop_t *qop_state,
-           gss_iov_buffer_desc *iov,
-           int iov_count,
-           int toktype);
+            gss_ctx_id_t context_handle,
+            int *conf_state,
+            gss_qop_t *qop_state,
+            gss_iov_buffer_desc *iov,
+            int iov_count,
+            int toktype);
 
 OM_uint32 kg_seal_iov_length(OM_uint32 *minor_status,
-          gss_ctx_id_t context_handle,
-          int conf_req_flag,
-          gss_qop_t qop_req,
-          int *conf_state,
-          gss_iov_buffer_desc *iov,
-          int iov_count);
+           gss_ctx_id_t context_handle,
+           int conf_req_flag,
+           gss_qop_t qop_req,
+           int *conf_state,
+           gss_iov_buffer_desc *iov,
+           int iov_count);
 
 krb5_cryptotype kg_translate_flag_iov(OM_uint32 type);
 
 OM_uint32 kg_fixup_padding_iov(OM_uint32 *minor_status,
-       gss_iov_buffer_desc *iov,
-       int iov_count);
+        gss_iov_buffer_desc *iov,
+        int iov_count);
 
 int kg_map_toktype(int proto, int toktype);
 
@@ -621,24 +621,24 @@ OM_uint32 krb5_gss_wrap
 );
 
 OM_uint32 krb5_gss_wrap_iov
-(OM_uint32 *,          /* minor_status */
- gss_ctx_id_t,             /* context_handle */
- int,                      /* conf_req_flag */
- gss_qop_t,                /* qop_req */
- int *,                            /* conf_state */
- gss_iov_buffer_desc *,            /* iov */
- int                       /* iov_count */
+(OM_uint32 *,           /* minor_status */
+ gss_ctx_id_t,              /* context_handle */
+ int,                       /* conf_req_flag */
+ gss_qop_t,                 /* qop_req */
+ int *,                     /* conf_state */
+ gss_iov_buffer_desc *,     /* iov */
+ int                        /* iov_count */
 );
 
 OM_uint32
 krb5_gss_wrap_iov_length
-(OM_uint32 *,          /* minor_status */
- gss_ctx_id_t,             /* context_handle */
- int,                      /* conf_req_flag */
- gss_qop_t,                /* qop_req */
- int *,                            /* conf_state */
- gss_iov_buffer_desc *,            /* iov */
- int                       /* iov_count */
+(OM_uint32 *,           /* minor_status */
+ gss_ctx_id_t,              /* context_handle */
+ int,                       /* conf_req_flag */
+ gss_qop_t,                 /* qop_req */
+ int *,                     /* conf_state */
+ gss_iov_buffer_desc *,     /* iov */
+ int                        /* iov_count */
 );
 
 OM_uint32 krb5_gss_unwrap
@@ -651,12 +651,12 @@ OM_uint32 krb5_gss_unwrap
 );
 
 OM_uint32 krb5_gss_unwrap_iov
-(OM_uint32 *,          /* minor_status */
- gss_ctx_id_t,             /* context_handle */
- int *,                            /* conf_state */
- gss_qop_t *,              /* qop_state */
- gss_iov_buffer_desc *,            /* iov */
- int                       /* iov_count */
+(OM_uint32 *,           /* minor_status */
+ gss_ctx_id_t,              /* context_handle */
+ int *,                     /* conf_state */
+ gss_qop_t *,               /* qop_state */
+ gss_iov_buffer_desc *,     /* iov */
+ int                        /* iov_count */
 );
 
 OM_uint32 krb5_gss_wrap_size_limit
@@ -855,7 +855,7 @@ gss_krb5int_export_lucid_sec_context(OM_uint32 *minor_status,
 
 OM_uint32
 gss_krb5int_free_lucid_sec_context(OM_uint32 *, const gss_OID,
-                                  const gss_OID, gss_buffer_t);
+                                   const gss_OID, gss_buffer_t);
 
 extern k5_mutex_t kg_kdc_flag_mutex;
 krb5_error_code krb5_gss_init_context (krb5_context *ctxp);
@@ -864,7 +864,7 @@ krb5_error_code krb5_gss_init_context (krb5_context *ctxp);
 #define GSS_KRB5_USE_KDC_CONTEXT_OID "\x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x05\x08"
 
 OM_uint32 krb5int_gss_use_kdc_context(OM_uint32 *, const gss_OID,
-                                     const gss_OID, gss_buffer_t);
+                                      const gss_OID, gss_buffer_t);
 
 krb5_error_code krb5_gss_use_kdc_context(void);
 
@@ -879,9 +879,9 @@ gss_krb5int_register_acceptor_identity(OM_uint32 *, const gss_OID, const gss_OID
 
 OM_uint32
 gss_krb5int_extract_authz_data_from_sec_context(OM_uint32 *minor_status,
-                                               const gss_ctx_id_t context_handle,
-                                               const gss_OID desired_object,
-                                               gss_buffer_set_t *ad_data);
+                                                const gss_ctx_id_t context_handle,
+                                                const gss_OID desired_object,
+                                                gss_buffer_set_t *ad_data);
 
 #define GSS_KRB5_SET_CRED_RCACHE_OID_LENGTH 11
 #define GSS_KRB5_SET_CRED_RCACHE_OID "\x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x05\x0b"
@@ -894,9 +894,9 @@ gss_krb5int_set_cred_rcache(OM_uint32 *, gss_cred_id_t, const gss_OID, const gss
 
 OM_uint32
 gss_krb5int_extract_authtime_from_sec_context(OM_uint32 *,
-                                             const gss_ctx_id_t,
-                                             const gss_OID,
-                                             gss_buffer_set_t *);
+                                              const gss_ctx_id_t,
+                                              const gss_OID,
+                                              gss_buffer_set_t *);
 
 #ifdef _GSS_STATIC_LINK
 int gss_krb5int_lib_init(void);
index a7f4f9e23d2e8f1e9abf75a5a9d7b68bb81fcfff..bc5055cd4981d2088a182f7a5dafc80848a5bcbd 100644 (file)
@@ -306,8 +306,8 @@ kg_set_ccache_name (OM_uint32 *minor_status, const char *name)
 }
 
 #define g_OID_prefix_equal(o1, o2) \
-       (((o1)->length >= (o2)->length) && \
-       (memcmp((o1)->elements, (o2)->elements, (o2)->length) == 0))
+        (((o1)->length >= (o2)->length) && \
+        (memcmp((o1)->elements, (o2)->elements, (o2)->length) == 0))
 
 /*
  * gss_inquire_sec_context_by_oid() methods
@@ -317,65 +317,65 @@ static struct {
     OM_uint32 (*func)(OM_uint32 *, const gss_ctx_id_t, const gss_OID, gss_buffer_set_t *);
 } krb5_gss_inquire_sec_context_by_oid_ops[] = {
     {
-       {GSS_KRB5_GET_TKT_FLAGS_OID_LENGTH, GSS_KRB5_GET_TKT_FLAGS_OID},
-       gss_krb5int_get_tkt_flags
+        {GSS_KRB5_GET_TKT_FLAGS_OID_LENGTH, GSS_KRB5_GET_TKT_FLAGS_OID},
+        gss_krb5int_get_tkt_flags
     },
     {
-       {GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_OID_LENGTH, GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_OID},
-       gss_krb5int_extract_authz_data_from_sec_context
+        {GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_OID_LENGTH, GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_OID},
+        gss_krb5int_extract_authz_data_from_sec_context
     },
     {
-       {GSS_KRB5_INQ_SSPI_SESSION_KEY_OID_LENGTH, GSS_KRB5_INQ_SSPI_SESSION_KEY_OID},
-       gss_krb5int_inq_session_key
+        {GSS_KRB5_INQ_SSPI_SESSION_KEY_OID_LENGTH, GSS_KRB5_INQ_SSPI_SESSION_KEY_OID},
+        gss_krb5int_inq_session_key
     },
     {
-       {GSS_KRB5_EXPORT_LUCID_SEC_CONTEXT_OID_LENGTH, GSS_KRB5_EXPORT_LUCID_SEC_CONTEXT_OID},
-       gss_krb5int_export_lucid_sec_context
+        {GSS_KRB5_EXPORT_LUCID_SEC_CONTEXT_OID_LENGTH, GSS_KRB5_EXPORT_LUCID_SEC_CONTEXT_OID},
+        gss_krb5int_export_lucid_sec_context
     },
     {
-       {GSS_KRB5_EXTRACT_AUTHTIME_FROM_SEC_CONTEXT_OID_LENGTH, GSS_KRB5_EXTRACT_AUTHTIME_FROM_SEC_CONTEXT_OID},
-       gss_krb5int_extract_authtime_from_sec_context
+        {GSS_KRB5_EXTRACT_AUTHTIME_FROM_SEC_CONTEXT_OID_LENGTH, GSS_KRB5_EXTRACT_AUTHTIME_FROM_SEC_CONTEXT_OID},
+        gss_krb5int_extract_authtime_from_sec_context
     }
 };
 
 static OM_uint32
 krb5_gss_inquire_sec_context_by_oid (OM_uint32 *minor_status,
-                                    const gss_ctx_id_t context_handle,
-                                    const gss_OID desired_object,
-                                    gss_buffer_set_t *data_set)
+                                     const gss_ctx_id_t context_handle,
+                                     const gss_OID desired_object,
+                                     gss_buffer_set_t *data_set)
 {
     krb5_gss_ctx_id_rec *ctx;
     size_t i;
 
     if (minor_status == NULL)
-       return GSS_S_CALL_INACCESSIBLE_WRITE;
+        return GSS_S_CALL_INACCESSIBLE_WRITE;
 
     *minor_status = 0;
 
     if (desired_object == GSS_C_NO_OID)
-       return GSS_S_CALL_INACCESSIBLE_READ;
+        return GSS_S_CALL_INACCESSIBLE_READ;
 
     if (data_set == NULL)
-       return GSS_S_CALL_INACCESSIBLE_WRITE;
+        return GSS_S_CALL_INACCESSIBLE_WRITE;
 
     *data_set = GSS_C_NO_BUFFER_SET;
 
     if (!kg_validate_ctx_id(context_handle))
-       return GSS_S_NO_CONTEXT;
+        return GSS_S_NO_CONTEXT;
 
     ctx = (krb5_gss_ctx_id_rec *) context_handle;
 
     if (!ctx->established)
-       return GSS_S_NO_CONTEXT;
+        return GSS_S_NO_CONTEXT;
 
     for (i = 0; i < sizeof(krb5_gss_inquire_sec_context_by_oid_ops)/
-                   sizeof(krb5_gss_inquire_sec_context_by_oid_ops[0]); i++) {
-       if (g_OID_prefix_equal(desired_object, &krb5_gss_inquire_sec_context_by_oid_ops[i].oid)) {
-           return (*krb5_gss_inquire_sec_context_by_oid_ops[i].func)(minor_status,
-                                                                     context_handle,
-                                                                     desired_object,
-                                                                     data_set);
-       }
+                    sizeof(krb5_gss_inquire_sec_context_by_oid_ops[0]); i++) {
+        if (g_OID_prefix_equal(desired_object, &krb5_gss_inquire_sec_context_by_oid_ops[i].oid)) {
+            return (*krb5_gss_inquire_sec_context_by_oid_ops[i].func)(minor_status,
+                                                                      context_handle,
+                                                                      desired_object,
+                                                                      data_set);
+        }
     }
 
     *minor_status = EINVAL;
@@ -396,46 +396,46 @@ static struct {
 
 static OM_uint32
 krb5_gss_inquire_cred_by_oid(OM_uint32 *minor_status,
-                            const gss_cred_id_t cred_handle,
-                            const gss_OID desired_object,
-                            gss_buffer_set_t *data_set)
+                             const gss_cred_id_t cred_handle,
+                             const gss_OID desired_object,
+                             gss_buffer_set_t *data_set)
 {
     OM_uint32 major_status = GSS_S_FAILURE;
     krb5_gss_cred_id_t cred;
     size_t i;
 
     if (minor_status == NULL)
-       return GSS_S_CALL_INACCESSIBLE_WRITE;
+        return GSS_S_CALL_INACCESSIBLE_WRITE;
 
     *minor_status = 0;
 
     if (desired_object == GSS_C_NO_OID)
-       return GSS_S_CALL_INACCESSIBLE_READ;
+        return GSS_S_CALL_INACCESSIBLE_READ;
 
     if (data_set == NULL)
-       return GSS_S_CALL_INACCESSIBLE_WRITE;
+        return GSS_S_CALL_INACCESSIBLE_WRITE;
 
     *data_set = GSS_C_NO_BUFFER_SET;
     if (cred_handle == GSS_C_NO_CREDENTIAL) {
-       *minor_status = (OM_uint32)KRB5_NOCREDS_SUPPLIED;
-       return GSS_S_NO_CRED;
+        *minor_status = (OM_uint32)KRB5_NOCREDS_SUPPLIED;
+        return GSS_S_NO_CRED;
     }
 
     major_status = krb5_gss_validate_cred(minor_status, cred_handle);
     if (GSS_ERROR(major_status))
-       return major_status;
+        return major_status;
 
     cred = (krb5_gss_cred_id_t) cred_handle;
 
 #if 0
     for (i = 0; i < sizeof(krb5_gss_inquire_cred_by_oid_ops)/
-                   sizeof(krb5_gss_inquire_cred_by_oid_ops[0]); i++) {
-       if (g_OID_prefix_equal(desired_object, &krb5_gss_inquire_cred_by_oid_ops[i].oid)) {
-           return (*krb5_gss_inquire_cred_by_oid_ops[i].func)(minor_status,
-                                                              cred_handle,
-                                                              desired_object,
-                                                              data_set);
-       }
+                    sizeof(krb5_gss_inquire_cred_by_oid_ops[0]); i++) {
+        if (g_OID_prefix_equal(desired_object, &krb5_gss_inquire_cred_by_oid_ops[i].oid)) {
+            return (*krb5_gss_inquire_cred_by_oid_ops[i].func)(minor_status,
+                                                               cred_handle,
+                                                               desired_object,
+                                                               data_set);
+        }
     }
 #endif
 
@@ -457,44 +457,44 @@ static struct {
 
 static OM_uint32
 krb5_gss_set_sec_context_option (OM_uint32 *minor_status,
-                                gss_ctx_id_t *context_handle,
-                                const gss_OID desired_object,
-                                const gss_buffer_t value)
+                                 gss_ctx_id_t *context_handle,
+                                 const gss_OID desired_object,
+                                 const gss_buffer_t value)
 {
     size_t i;
 
     if (minor_status == NULL)
-       return GSS_S_CALL_INACCESSIBLE_WRITE;
+        return GSS_S_CALL_INACCESSIBLE_WRITE;
 
     *minor_status = 0;
 
     if (context_handle == NULL)
-       return GSS_S_CALL_INACCESSIBLE_READ;
+        return GSS_S_CALL_INACCESSIBLE_READ;
 
     if (desired_object == GSS_C_NO_OID)
-       return GSS_S_CALL_INACCESSIBLE_READ;
+        return GSS_S_CALL_INACCESSIBLE_READ;
 
     if (*context_handle != GSS_C_NO_CONTEXT) {
-       krb5_gss_ctx_id_rec *ctx;
+        krb5_gss_ctx_id_rec *ctx;
 
-       if (!kg_validate_ctx_id(*context_handle))
-           return GSS_S_NO_CONTEXT;
+        if (!kg_validate_ctx_id(*context_handle))
+            return GSS_S_NO_CONTEXT;
 
-       ctx = (krb5_gss_ctx_id_rec *) context_handle;
+        ctx = (krb5_gss_ctx_id_rec *) context_handle;
 
-       if (!ctx->established)
-           return GSS_S_NO_CONTEXT;
+        if (!ctx->established)
+            return GSS_S_NO_CONTEXT;
     }
 
 #if 0
     for (i = 0; i < sizeof(krb5_gss_set_sec_context_option_ops)/
-                   sizeof(krb5_gss_set_sec_context_option_ops[0]); i++) {
-       if (g_OID_prefix_equal(desired_object, &krb5_gss_set_sec_context_option_ops[i].oid)) {
-           return (*krb5_gss_set_sec_context_option_ops[i].func)(minor_status,
-                                                                 context_handle,
-                                                                 desired_object,
-                                                                 value);
-       }
+                    sizeof(krb5_gss_set_sec_context_option_ops[0]); i++) {
+        if (g_OID_prefix_equal(desired_object, &krb5_gss_set_sec_context_option_ops[i].oid)) {
+            return (*krb5_gss_set_sec_context_option_ops[i].func)(minor_status,
+                                                                  context_handle,
+                                                                  desired_object,
+                                                                  value);
+        }
     }
 #endif
 
@@ -511,53 +511,53 @@ static struct {
     OM_uint32 (*func)(OM_uint32 *, gss_cred_id_t, const gss_OID, const gss_buffer_t);
 } krb5_gssspi_set_cred_option_ops[] = {
     {
-       {GSS_KRB5_COPY_CCACHE_OID_LENGTH, GSS_KRB5_COPY_CCACHE_OID},
-       gss_krb5int_copy_ccache
+        {GSS_KRB5_COPY_CCACHE_OID_LENGTH, GSS_KRB5_COPY_CCACHE_OID},
+        gss_krb5int_copy_ccache
     },
     {
-       {GSS_KRB5_SET_ALLOWABLE_ENCTYPES_OID_LENGTH, GSS_KRB5_SET_ALLOWABLE_ENCTYPES_OID},
-       gss_krb5int_set_allowable_enctypes
+        {GSS_KRB5_SET_ALLOWABLE_ENCTYPES_OID_LENGTH, GSS_KRB5_SET_ALLOWABLE_ENCTYPES_OID},
+        gss_krb5int_set_allowable_enctypes
     },
     {
-       {GSS_KRB5_SET_CRED_RCACHE_OID_LENGTH, GSS_KRB5_SET_CRED_RCACHE_OID},
-       gss_krb5int_set_cred_rcache
+        {GSS_KRB5_SET_CRED_RCACHE_OID_LENGTH, GSS_KRB5_SET_CRED_RCACHE_OID},
+        gss_krb5int_set_cred_rcache
     }
 };
 
 static OM_uint32
 krb5_gssspi_set_cred_option(OM_uint32 *minor_status,
-                           gss_cred_id_t cred_handle,
-                           const gss_OID desired_object,
-                           const gss_buffer_t value)
+                            gss_cred_id_t cred_handle,
+                            const gss_OID desired_object,
+                            const gss_buffer_t value)
 {
     OM_uint32 major_status = GSS_S_FAILURE;
     size_t i;
 
     if (minor_status == NULL)
-       return GSS_S_CALL_INACCESSIBLE_WRITE;
+        return GSS_S_CALL_INACCESSIBLE_WRITE;
 
     *minor_status = 0;
 
     if (cred_handle == GSS_C_NO_CREDENTIAL) {
-       *minor_status = (OM_uint32)KRB5_NOCREDS_SUPPLIED;
-       return GSS_S_NO_CRED;
+        *minor_status = (OM_uint32)KRB5_NOCREDS_SUPPLIED;
+        return GSS_S_NO_CRED;
     }
 
     if (desired_object == GSS_C_NO_OID)
-       return GSS_S_CALL_INACCESSIBLE_READ;
+        return GSS_S_CALL_INACCESSIBLE_READ;
 
     major_status = krb5_gss_validate_cred(minor_status, cred_handle);
     if (GSS_ERROR(major_status))
-       return major_status;
+        return major_status;
 
     for (i = 0; i < sizeof(krb5_gssspi_set_cred_option_ops)/
-                   sizeof(krb5_gssspi_set_cred_option_ops[0]); i++) {
-       if (g_OID_prefix_equal(desired_object, &krb5_gssspi_set_cred_option_ops[i].oid)) {
-           return (*krb5_gssspi_set_cred_option_ops[i].func)(minor_status,
-                                                             cred_handle,
-                                                             desired_object,
-                                                             value);
-       }
+                    sizeof(krb5_gssspi_set_cred_option_ops[0]); i++) {
+        if (g_OID_prefix_equal(desired_object, &krb5_gssspi_set_cred_option_ops[i].oid)) {
+            return (*krb5_gssspi_set_cred_option_ops[i].func)(minor_status,
+                                                              cred_handle,
+                                                              desired_object,
+                                                              value);
+        }
     }
 
     *minor_status = EINVAL;
@@ -573,50 +573,50 @@ static struct {
     OM_uint32 (*func)(OM_uint32 *, const gss_OID, const gss_OID, gss_buffer_t);
 } krb5_gssspi_mech_invoke_ops[] = {
     {
-       {GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_OID_LENGTH, GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_OID},
-       gss_krb5int_register_acceptor_identity
+        {GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_OID_LENGTH, GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_OID},
+        gss_krb5int_register_acceptor_identity
     },
     {
-       {GSS_KRB5_CCACHE_NAME_OID_LENGTH, GSS_KRB5_CCACHE_NAME_OID},
-       gss_krb5int_ccache_name
+        {GSS_KRB5_CCACHE_NAME_OID_LENGTH, GSS_KRB5_CCACHE_NAME_OID},
+        gss_krb5int_ccache_name
     },
     {
-       {GSS_KRB5_FREE_LUCID_SEC_CONTEXT_OID_LENGTH, GSS_KRB5_FREE_LUCID_SEC_CONTEXT_OID},
-       gss_krb5int_free_lucid_sec_context
+        {GSS_KRB5_FREE_LUCID_SEC_CONTEXT_OID_LENGTH, GSS_KRB5_FREE_LUCID_SEC_CONTEXT_OID},
+        gss_krb5int_free_lucid_sec_context
     },
     {
-       {GSS_KRB5_USE_KDC_CONTEXT_OID_LENGTH, GSS_KRB5_USE_KDC_CONTEXT_OID},
-       krb5int_gss_use_kdc_context
+        {GSS_KRB5_USE_KDC_CONTEXT_OID_LENGTH, GSS_KRB5_USE_KDC_CONTEXT_OID},
+        krb5int_gss_use_kdc_context
     }
 };
 
 static OM_uint32
 krb5_gssspi_mech_invoke (OM_uint32 *minor_status,
-                        const gss_OID desired_mech,
-                        const gss_OID desired_object,
-                        gss_buffer_t value)
+                         const gss_OID desired_mech,
+                         const gss_OID desired_object,
+                         gss_buffer_t value)
 {
     size_t i;
 
     if (minor_status == NULL)
-       return GSS_S_CALL_INACCESSIBLE_WRITE;
+        return GSS_S_CALL_INACCESSIBLE_WRITE;
 
     *minor_status = 0;
 
     if (desired_mech == GSS_C_NO_OID)
-       return GSS_S_BAD_MECH;
+        return GSS_S_BAD_MECH;
 
     if (desired_object == GSS_C_NO_OID)
-       return GSS_S_CALL_INACCESSIBLE_READ;
+        return GSS_S_CALL_INACCESSIBLE_READ;
 
     for (i = 0; i < sizeof(krb5_gssspi_mech_invoke_ops)/
-                   sizeof(krb5_gssspi_mech_invoke_ops[0]); i++) {
-       if (g_OID_prefix_equal(desired_object, &krb5_gssspi_mech_invoke_ops[i].oid)) {
-           return (*krb5_gssspi_mech_invoke_ops[i].func)(minor_status,
-                                                         desired_mech,
-                                                         desired_object,
-                                                         value);
-       }
+                    sizeof(krb5_gssspi_mech_invoke_ops[0]); i++) {
+        if (g_OID_prefix_equal(desired_object, &krb5_gssspi_mech_invoke_ops[i].oid)) {
+            return (*krb5_gssspi_mech_invoke_ops[i].func)(minor_status,
+                                                          desired_mech,
+                                                          desired_object,
+                                                          value);
+        }
     }
 
     *minor_status = EINVAL;
@@ -674,12 +674,12 @@ static struct gss_config krb5_mechanism = {
     krb5_gss_set_sec_context_option,
     krb5_gssspi_set_cred_option,
     krb5_gssspi_mech_invoke,
-    NULL,               /* wrap_aead */        
-    NULL,               /* unwrap_aead */      
+    NULL,                /* wrap_aead */        
+    NULL,                /* unwrap_aead */      
     krb5_gss_wrap_iov,
     krb5_gss_unwrap_iov,
     krb5_gss_wrap_iov_length,
-    NULL,              /* complete_auth_token */
+    NULL,               /* complete_auth_token */
 };
 
 
@@ -748,12 +748,12 @@ int gss_krb5int_lib_init(void)
         return err;
     err = k5_mutex_finish_init(&kg_vdb.mutex);
     if (err)
-       return err;
+        return err;
 #endif
 #ifdef _GSS_STATIC_LINK
     err = gss_krb5mechglue_init();
     if (err)
-       return err;
+        return err;
 #endif
 
     return 0;
index bf74fe9d042a6477c90d8325713b890be02caf9f..783387a525aaa951d72b31a8a7bf838489df838d 100644 (file)
@@ -269,14 +269,14 @@ gss_krb5_free_lucid_sec_context(OM_uint32 *minor_status,
 
 OM_uint32 KRB5_CALLCONV
 gsskrb5_extract_authz_data_from_sec_context(OM_uint32 *minor_status,
-                                           const gss_ctx_id_t context_handle,
-                                           int ad_type,
-                                           gss_buffer_t ad_data);
+                                            const gss_ctx_id_t context_handle,
+                                            int ad_type,
+                                            gss_buffer_t ad_data);
 
 OM_uint32 KRB5_CALLCONV
 gss_krb5_set_cred_rcache(OM_uint32 *minor_status,
-                        gss_cred_id_t cred,
-                        krb5_rcache rcache);
+                         gss_cred_id_t cred,
+                         krb5_rcache rcache);
 
 OM_uint32 KRB5_CALLCONV
 gsskrb5_extract_authtime_from_sec_context(OM_uint32 *, gss_ctx_id_t, krb5_timestamp *);
index 8744590e1c6a04f8d117ffc293f93339a29bc473..9a778a19510880bb8fff33a6aca5ac319b935c78 100644 (file)
@@ -341,35 +341,35 @@ make_ap_req_v1(context, ctx, cred, k_cred, chan_bindings, mech_type, token)
 
     /* build up the token */
     if (ctx->gss_flags & GSS_C_DCE_STYLE) {
-       /*
-        * For DCE RPC, do not encapsulate the AP-REQ in the
-        * typical GSS wrapping.
-        */
-       token->length = ap_req.length;
-       token->value = ap_req.data;
-
-       ap_req.data = NULL; /* don't double free */
+        /*
+         * For DCE RPC, do not encapsulate the AP-REQ in the
+         * typical GSS wrapping.
+         */
+        token->length = ap_req.length;
+        token->value = ap_req.data;
+
+        ap_req.data = NULL; /* don't double free */
     } else {
-       /* allocate space for the token */
-       tlen = g_token_size((gss_OID) mech_type, ap_req.length);
+        /* allocate space for the token */
+        tlen = g_token_size((gss_OID) mech_type, ap_req.length);
 
-       if ((t = (unsigned char *) xmalloc(tlen)) == NULL) {
-           code = ENOMEM;
-           goto cleanup;
-       }
+        if ((t = (unsigned char *) xmalloc(tlen)) == NULL) {
+            code = ENOMEM;
+            goto cleanup;
+        }
 
-       /* fill in the buffer */
-       ptr = t;
+        /* fill in the buffer */
+        ptr = t;
 
-       g_make_token_header(mech_type, ap_req.length,
-                           &ptr, KG_TOK_CTX_AP_REQ);
+        g_make_token_header(mech_type, ap_req.length,
+                            &ptr, KG_TOK_CTX_AP_REQ);
 
-       TWRITE_STR(ptr, (unsigned char *) ap_req.data, ap_req.length);
+        TWRITE_STR(ptr, (unsigned char *) ap_req.data, ap_req.length);
 
-       /* pass it back */
+        /* pass it back */
 
-       token->length = tlen;
-       token->value = (void *) t;
+        token->length = tlen;
+        token->value = (void *) t;
     }
 
     code = 0;
@@ -462,14 +462,14 @@ new_connection(
                       GSS_C_TRANS_FLAG |
                       ((req_flags) & (GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG |
                                       GSS_C_SEQUENCE_FLAG | GSS_C_DELEG_FLAG |
-                                     GSS_C_DCE_STYLE | GSS_C_IDENTIFY_FLAG |
-                                     GSS_C_EXTENDED_ERROR_FLAG)));
+                                      GSS_C_DCE_STYLE | GSS_C_IDENTIFY_FLAG |
+                                      GSS_C_EXTENDED_ERROR_FLAG)));
     ctx->seed_init = 0;
     ctx->big_endian = 0;  /* all initiators do little-endian, as per spec */
     ctx->seqstate = 0;
 
     if (req_flags & GSS_C_DCE_STYLE)
-       ctx->gss_flags |= GSS_C_MUTUAL_FLAG;
+        ctx->gss_flags |= GSS_C_MUTUAL_FLAG;
 
     if ((code = krb5_timeofday(context, &now)))
         goto fail;
@@ -537,7 +537,7 @@ new_connection(
     ctx->have_acceptor_subkey = 0;
     code = kg_setup_keys(context, ctx, ctx->subkey, &ctx->cksumtype);
     if (code != 0)
-       goto fail;
+        goto fail;
 
     /* at this point, the context is constructed and valid,
        hence, releaseable */
@@ -679,9 +679,9 @@ mutual_auth(
     ptr = (unsigned char *) input_token->value;
 
     if (ctx->gss_flags & GSS_C_DCE_STYLE) {
-       /* Raw AP-REP */
-       ap_rep.length = input_token->length;
-       ap_rep.data = (char *)input_token->value;
+        /* Raw AP-REP */
+        ap_rep.length = input_token->length;
+        ap_rep.data = (char *)input_token->value;
     } else if (g_verify_token_header(ctx->mech_used,
                               &(ap_rep.length),
                               &ptr, KG_TOK_CTX_AP_REP,
@@ -735,35 +735,35 @@ mutual_auth(
                  (ctx->gss_flags & GSS_C_SEQUENCE_FLAG) !=0, ctx->proto);
 
     if (ap_rep_data->subkey != NULL &&
-       (ctx->proto == 1 || (ctx->gss_flags & GSS_C_DCE_STYLE) ||
-        ap_rep_data->subkey->enctype != ctx->subkey->enctype)) {
+        (ctx->proto == 1 || (ctx->gss_flags & GSS_C_DCE_STYLE) ||
+         ap_rep_data->subkey->enctype != ctx->subkey->enctype)) {
         /* Keep acceptor's subkey.  */
         ctx->have_acceptor_subkey = 1;
         code = krb5_copy_keyblock(context, ap_rep_data->subkey,
                                   &ctx->acceptor_subkey);
         if (code) {
-           krb5_free_ap_rep_enc_part(context, ap_rep_data);
+            krb5_free_ap_rep_enc_part(context, ap_rep_data);
             goto fail;
-       }
-       code = kg_setup_keys(context, ctx, ctx->acceptor_subkey,
-                            &ctx->acceptor_subkey_cksumtype);
-       if (code) {
-           krb5_free_ap_rep_enc_part(context, ap_rep_data);
-           goto fail;
-       }
+        }
+        code = kg_setup_keys(context, ctx, ctx->acceptor_subkey,
+                             &ctx->acceptor_subkey_cksumtype);
+        if (code) {
+            krb5_free_ap_rep_enc_part(context, ap_rep_data);
+            goto fail;
+        }
     }
     /* free the ap_rep_data */
     krb5_free_ap_rep_enc_part(context, ap_rep_data);
 
     if (ctx->gss_flags & GSS_C_DCE_STYLE) {
-       krb5_data outbuf;
+        krb5_data outbuf;
 
-       code = krb5_mk_rep_dce(context, ctx->auth_context, &outbuf);
-       if (code)
-           goto fail;
+        code = krb5_mk_rep_dce(context, ctx->auth_context, &outbuf);
+        if (code)
+            goto fail;
 
-       output_token->value = outbuf.data;
-       output_token->length = outbuf.length;
+        output_token->value = outbuf.data;
+        output_token->length = outbuf.length;
     }
 
     /* set established */
@@ -988,9 +988,9 @@ krb5_gss_init_context (krb5_context *ctxp)
 #ifndef _WIN32
 OM_uint32
 krb5int_gss_use_kdc_context(OM_uint32 *minor_status,
-                           const gss_OID desired_mech,
-                           const gss_OID desired_object,
-                           gss_buffer_t value)
+                            const gss_OID desired_mech,
+                            const gss_OID desired_object,
+                            gss_buffer_t value)
 {
     OM_uint32 err;
 
@@ -1001,7 +1001,7 @@ krb5int_gss_use_kdc_context(OM_uint32 *minor_status,
         return err;
     *minor_status = k5_mutex_lock(&kg_kdc_flag_mutex);
     if (*minor_status) {
-       return GSS_S_FAILURE;
+        return GSS_S_FAILURE;
     }
     kdc_flag = 1;
     k5_mutex_unlock(&kg_kdc_flag_mutex);
index ed46d9d51af956db37597b34a1494a65a60c7613..f3e44cdf56b77397784fb528864ea989acbbf4be 100644 (file)
@@ -211,33 +211,33 @@ gss_krb5int_inq_session_key(
 
     major_status = generic_gss_add_buffer_set_member(minor_status, &keyvalue, data_set);
     if (GSS_ERROR(major_status))
-       goto cleanup;
+        goto cleanup;
 
     oid.elements = oid_buf;
     oid.length = sizeof(oid_buf);
 
     major_status = generic_gss_oid_compose(minor_status,
-                                          GSS_KRB5_SESSION_KEY_ENCTYPE_OID,
-                                          GSS_KRB5_SESSION_KEY_ENCTYPE_OID_LENGTH,
-                                          key->enctype,
-                                          &oid);
+                                           GSS_KRB5_SESSION_KEY_ENCTYPE_OID,
+                                           GSS_KRB5_SESSION_KEY_ENCTYPE_OID_LENGTH,
+                                           key->enctype,
+                                           &oid);
     if (GSS_ERROR(major_status))
-       goto cleanup;
+        goto cleanup;
 
     keyinfo.value = oid.elements;
     keyinfo.length = oid.length;
 
     major_status = generic_gss_add_buffer_set_member(minor_status, &keyinfo, data_set);
     if (GSS_ERROR(major_status))
-       goto cleanup;
+        goto cleanup;
 
     return GSS_S_COMPLETE;
 
 cleanup:
     if (*data_set != GSS_C_NO_BUFFER_SET) {
-       if ((*data_set)->count != 0)
-           memset((*data_set)->elements[0].value, 0, (*data_set)->elements[0].length);
-       gss_release_buffer_set(&minor, data_set);
+        if ((*data_set)->count != 0)
+            memset((*data_set)->elements[0].value, 0, (*data_set)->elements[0].length);
+        gss_release_buffer_set(&minor, data_set);
     }
 
     return major_status;
@@ -260,35 +260,35 @@ gss_krb5int_extract_authz_data_from_sec_context(
     ctx = (krb5_gss_ctx_id_rec *) context_handle;
 
     major_status = generic_gss_oid_decompose(minor_status,
-                                            GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_OID,
-                                            GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_OID_LENGTH,
-                                            desired_object,
-                                            &ad_type);
+                                             GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_OID,
+                                             GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_OID_LENGTH,
+                                             desired_object,
+                                             &ad_type);
     if (major_status != GSS_S_COMPLETE || ad_type == 0) {
-       *minor_status = ENOENT;
-       return GSS_S_FAILURE;
+        *minor_status = ENOENT;
+        return GSS_S_FAILURE;
     }
 
     if (ctx->authdata != NULL) {
-       for (i = 0; ctx->authdata[i] != NULL; i++) {
-           if (ctx->authdata[i]->ad_type == ad_type) {
-               gss_buffer_desc ad_data;
-
-               ad_data.length = ctx->authdata[i]->length;
-               ad_data.value = ctx->authdata[i]->contents;
-
-               major_status = generic_gss_add_buffer_set_member(minor_status,
-                                                                &ad_data, data_set);
-               if (GSS_ERROR(major_status))
-                   break;
-           }
-       }
+        for (i = 0; ctx->authdata[i] != NULL; i++) {
+            if (ctx->authdata[i]->ad_type == ad_type) {
+                gss_buffer_desc ad_data;
+
+                ad_data.length = ctx->authdata[i]->length;
+                ad_data.value = ctx->authdata[i]->contents;
+
+                major_status = generic_gss_add_buffer_set_member(minor_status,
+                                                                 &ad_data, data_set);
+                if (GSS_ERROR(major_status))
+                    break;
+            }
+        }
     }
 
     if (GSS_ERROR(major_status)) {
-       OM_uint32 tmp;
+        OM_uint32 tmp;
 
-       generic_gss_release_buffer_set(&tmp, data_set);
+        generic_gss_release_buffer_set(&tmp, data_set);
     }
 
     return major_status;
@@ -296,7 +296,7 @@ gss_krb5int_extract_authz_data_from_sec_context(
 
 OM_uint32
 gss_krb5int_extract_authtime_from_sec_context(OM_uint32 *minor_status,
-                                             const gss_ctx_id_t context_handle,
+                                              const gss_ctx_id_t context_handle,
                                               const gss_OID desired_oid,
                                               gss_buffer_set_t *data_set)
 {
index dd3603b2692097b17f958ad76a22d288db806ef1..aba8d81d6b98b4c6f6596019f847110153873b5e 100644 (file)
@@ -247,7 +247,7 @@ make_seal_token_v1 (krb5_context context,
     /* create the seq_num */
 
     if ((code = kg_make_seq_num(context, seq, direction?0:0xff,
-                               (krb5_ui_4)*seqnum, ptr+14, ptr+6))) {
+                                (krb5_ui_4)*seqnum, ptr+14, ptr+6))) {
         xfree (plain);
         xfree(t);
         return(code);
index a0808addb07d2f606d806c5ebcbac730c1afa022..bbc124034931f85e156ca6823c3daa47a6a0ce65 100644 (file)
  */
 
 #include <assert.h>
-#include "k5-platform.h"       /* for 64-bit support */
-#include "k5-int.h"         /* for zap() */
+#include "k5-platform.h"        /* for 64-bit support */
+#include "k5-int.h"          /* for zap() */
 #include "gssapiP_krb5.h"
 #include <stdarg.h>
 
 static krb5_error_code
 make_seal_token_v1_iov(krb5_context context,
-                      krb5_gss_ctx_id_rec *ctx,
-                      int conf_req_flag,
-                      int *conf_state,
-                      gss_iov_buffer_desc *iov,
-                      int iov_count,
-                      int toktype)
+                       krb5_gss_ctx_id_rec *ctx,
+                       int conf_req_flag,
+                       int *conf_state,
+                       gss_iov_buffer_desc *iov,
+                       int iov_count,
+                       int toktype)
 {
     krb5_error_code code = 0;
     gss_iov_buffer_t header;
@@ -61,58 +61,58 @@ make_seal_token_v1_iov(krb5_context context,
 
     header = kg_locate_iov(iov, iov_count, GSS_IOV_BUFFER_TYPE_HEADER);
     if (header == NULL)
-       return EINVAL;
+        return EINVAL;
 
     padding = kg_locate_iov(iov, iov_count, GSS_IOV_BUFFER_TYPE_PADDING);
     if (padding == NULL && (ctx->gss_flags & GSS_C_DCE_STYLE) == 0)
-       return EINVAL;
+        return EINVAL;
 
     trailer = kg_locate_iov(iov, iov_count, GSS_IOV_BUFFER_TYPE_TRAILER);
     if (trailer != NULL)
-       trailer->buffer.length = 0;
+        trailer->buffer.length = 0;
 
     /* Determine confounder length */
     if (toktype == KG_TOK_WRAP_MSG || conf_req_flag)
-       k5_headerlen = kg_confounder_size(context, ctx->enc);
+        k5_headerlen = kg_confounder_size(context, ctx->enc);
 
     /* Check padding length */
     if (toktype == KG_TOK_WRAP_MSG) {
-       size_t k5_padlen = (ctx->sealalg == SEAL_ALG_MICROSOFT_RC4) ? 1 : 8;
-       size_t gss_padlen;
-       size_t conf_data_length;
-
-       kg_iov_msglen(iov, iov_count, &data_length, &assoc_data_length);
-       conf_data_length = k5_headerlen + data_length - assoc_data_length;
-
-       if (k5_padlen == 1)
-           gss_padlen = 1; /* one byte to indicate one byte of padding */
-       else
-           gss_padlen = k5_padlen - (conf_data_length % k5_padlen);
-
-       if (ctx->gss_flags & GSS_C_DCE_STYLE) {
-           /* DCE will pad the actual data itself; padding buffer optional and will be zeroed */
-           gss_padlen = 0;
-
-           if (conf_data_length % k5_padlen)
-               code = KRB5_BAD_MSIZE;
-       } else if (padding->type & GSS_IOV_BUFFER_FLAG_ALLOCATE) {
-           code = kg_allocate_iov(padding, gss_padlen);
-       } else if (padding->buffer.length < gss_padlen) {
-           code = KRB5_BAD_MSIZE;
-       }
-       if (code != 0)
-           goto cleanup;
-
-       /* Initialize padding buffer to pad itself */
-       if (padding != NULL) {
-           padding->buffer.length = gss_padlen;
-           memset(padding->buffer.value, (int)gss_padlen, gss_padlen);
-       }
-
-       if (ctx->gss_flags & GSS_C_DCE_STYLE)
-           tmsglen = k5_headerlen; /* confounder length */
-       else
-           tmsglen = conf_data_length + padding->buffer.length;
+        size_t k5_padlen = (ctx->sealalg == SEAL_ALG_MICROSOFT_RC4) ? 1 : 8;
+        size_t gss_padlen;
+        size_t conf_data_length;
+
+        kg_iov_msglen(iov, iov_count, &data_length, &assoc_data_length);
+        conf_data_length = k5_headerlen + data_length - assoc_data_length;
+
+        if (k5_padlen == 1)
+            gss_padlen = 1; /* one byte to indicate one byte of padding */
+        else
+            gss_padlen = k5_padlen - (conf_data_length % k5_padlen);
+
+        if (ctx->gss_flags & GSS_C_DCE_STYLE) {
+            /* DCE will pad the actual data itself; padding buffer optional and will be zeroed */
+            gss_padlen = 0;
+
+            if (conf_data_length % k5_padlen)
+                code = KRB5_BAD_MSIZE;
+        } else if (padding->type & GSS_IOV_BUFFER_FLAG_ALLOCATE) {
+            code = kg_allocate_iov(padding, gss_padlen);
+        } else if (padding->buffer.length < gss_padlen) {
+            code = KRB5_BAD_MSIZE;
+        }
+        if (code != 0)
+            goto cleanup;
+
+        /* Initialize padding buffer to pad itself */
+        if (padding != NULL) {
+            padding->buffer.length = gss_padlen;
+            memset(padding->buffer.value, (int)gss_padlen, gss_padlen);
+        }
+
+        if (ctx->gss_flags & GSS_C_DCE_STYLE)
+            tmsglen = k5_headerlen; /* confounder length */
+        else
+            tmsglen = conf_data_length + padding->buffer.length;
     }
 
     /* Determine token size */
@@ -121,11 +121,11 @@ make_seal_token_v1_iov(krb5_context context,
     k5_headerlen += tlen - tmsglen;
 
     if (header->type & GSS_IOV_BUFFER_FLAG_ALLOCATE)
-       code = kg_allocate_iov(header, k5_headerlen);
+        code = kg_allocate_iov(header, k5_headerlen);
     else if (header->buffer.length < k5_headerlen)
-       code = KRB5_BAD_MSIZE;
+        code = KRB5_BAD_MSIZE;
     if (code != 0)
-       goto cleanup;
+        goto cleanup;
 
     header->buffer.length = k5_headerlen;
 
@@ -138,12 +138,12 @@ make_seal_token_v1_iov(krb5_context context,
 
     /* 2..3 SEAL_ALG or Filler */
     if (toktype == KG_TOK_WRAP_MSG && conf_req_flag) {
-       ptr[2] = (ctx->sealalg     ) & 0xFF;
-       ptr[3] = (ctx->sealalg >> 8) & 0xFF;
+        ptr[2] = (ctx->sealalg     ) & 0xFF;
+        ptr[3] = (ctx->sealalg >> 8) & 0xFF;
     } else {
-       /* No seal */
-       ptr[2] = 0xFF;
-       ptr[3] = 0xFF;
+        /* No seal */
+        ptr[2] = 0xFF;
+        ptr[3] = 0xFF;
     }
 
     /* 4..5 Filler */
@@ -156,103 +156,103 @@ make_seal_token_v1_iov(krb5_context context,
     switch (ctx->signalg) {
     case SGN_ALG_DES_MAC_MD5:
     case SGN_ALG_MD2_5:
-       md5cksum.checksum_type = CKSUMTYPE_RSA_MD5;
-       break;
+        md5cksum.checksum_type = CKSUMTYPE_RSA_MD5;
+        break;
     case SGN_ALG_HMAC_SHA1_DES3_KD:
-       md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3;
-       break;
+        md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3;
+        break;
     case SGN_ALG_HMAC_MD5:
-       md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
-       if (toktype != KG_TOK_WRAP_MSG)
-           sign_usage = 15;
-       break;
+        md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
+        if (toktype != KG_TOK_WRAP_MSG)
+            sign_usage = 15;
+        break;
     default:
     case SGN_ALG_DES_MAC:
-       abort ();
+        abort ();
     }
 
     code = krb5_c_checksum_length(context, md5cksum.checksum_type, &k5_trailerlen);
     if (code != 0)
-       goto cleanup;
+        goto cleanup;
     md5cksum.length = k5_trailerlen;
 
     if (k5_headerlen != 0) {
-       code = kg_make_confounder(context, ctx->enc, ptr + 14 + ctx->cksum_size);
-       if (code != 0)
-           goto cleanup;
+        code = kg_make_confounder(context, ctx->enc, ptr + 14 + ctx->cksum_size);
+        if (code != 0)
+            goto cleanup;
     }
 
     /* compute the checksum */
     code = kg_make_checksum_iov_v1(context, md5cksum.checksum_type,
-                                  ctx->cksum_size, ctx->seq, ctx->enc,
-                                  sign_usage, iov, iov_count, toktype,
-                                  &md5cksum);
+                                   ctx->cksum_size, ctx->seq, ctx->enc,
+                                   sign_usage, iov, iov_count, toktype,
+                                   &md5cksum);
     if (code != 0)
-       goto cleanup;
+        goto cleanup;
 
     switch (ctx->signalg) {
     case SGN_ALG_DES_MAC_MD5:
     case SGN_ALG_3:
-       code = kg_encrypt(context, ctx->seq, KG_USAGE_SEAL,
-                         (g_OID_equal(ctx->mech_used, gss_mech_krb5_old) ?
-                          ctx->seq->contents : NULL),
-                         md5cksum.contents, md5cksum.contents, 16);
-       if (code != 0)
-           goto cleanup;
-
-       cksum.length = ctx->cksum_size;
-       cksum.contents = md5cksum.contents + 16 - cksum.length;
-
-       memcpy(ptr + 14, cksum.contents, cksum.length);
-       break;
+        code = kg_encrypt(context, ctx->seq, KG_USAGE_SEAL,
+                          (g_OID_equal(ctx->mech_used, gss_mech_krb5_old) ?
+                           ctx->seq->contents : NULL),
+                          md5cksum.contents, md5cksum.contents, 16);
+        if (code != 0)
+            goto cleanup;
+
+        cksum.length = ctx->cksum_size;
+        cksum.contents = md5cksum.contents + 16 - cksum.length;
+
+        memcpy(ptr + 14, cksum.contents, cksum.length);
+        break;
     case SGN_ALG_HMAC_SHA1_DES3_KD:
-       assert(md5cksum.length == ctx->cksum_size);
-       memcpy(ptr + 14, md5cksum.contents, md5cksum.length);
-       break;
+        assert(md5cksum.length == ctx->cksum_size);
+        memcpy(ptr + 14, md5cksum.contents, md5cksum.length);
+        break;
     case SGN_ALG_HMAC_MD5:
-       memcpy(ptr + 14, md5cksum.contents, ctx->cksum_size);
-       break;
+        memcpy(ptr + 14, md5cksum.contents, ctx->cksum_size);
+        break;
     }
 
     /* create the seq_num */
     code = kg_make_seq_num(context, ctx->seq, ctx->initiate ? 0 : 0xFF,
-                          (OM_uint32)ctx->seq_send, ptr + 14, ptr + 6);
+                           (OM_uint32)ctx->seq_send, ptr + 14, ptr + 6);
     if (code != 0)
-       goto cleanup;
+        goto cleanup;
 
     if (conf_req_flag) {
-       if (ctx->sealalg == SEAL_ALG_MICROSOFT_RC4) {
-           unsigned char bigend_seqnum[4];
-           krb5_keyblock *enc_key;
-           size_t i;
-
-           bigend_seqnum[0] = (ctx->seq_send >> 24) & 0xFF;
-           bigend_seqnum[1] = (ctx->seq_send >> 16) & 0xFF;
-           bigend_seqnum[2] = (ctx->seq_send >> 8 ) & 0xFF;
-           bigend_seqnum[3] = (ctx->seq_send      ) & 0xFF;
-
-           code = krb5_copy_keyblock(context, ctx->enc, &enc_key);
-           if (code != 0)
-               goto cleanup;
-
-           assert(enc_key->length == 16);
-
-           for (i = 0; i < enc_key->length; i++)
-               ((char *)enc_key->contents)[i] ^= 0xF0;
-
-           code = kg_arcfour_docrypt_iov(context, enc_key, 0,
-                                         bigend_seqnum, 4,
-                                         iov, iov_count);
-           krb5_free_keyblock(context, enc_key);
-       } else {
-           code = kg_encrypt_iov(context, ctx->proto,
-                                 ((ctx->gss_flags & GSS_C_DCE_STYLE) != 0),
-                                 0 /*EC*/, 0 /*RRC*/,
-                                 ctx->enc, KG_USAGE_SEAL, NULL,
-                                 iov, iov_count);
-       }
-       if (code != 0)
-           goto cleanup;
+        if (ctx->sealalg == SEAL_ALG_MICROSOFT_RC4) {
+            unsigned char bigend_seqnum[4];
+            krb5_keyblock *enc_key;
+            size_t i;
+
+            bigend_seqnum[0] = (ctx->seq_send >> 24) & 0xFF;
+            bigend_seqnum[1] = (ctx->seq_send >> 16) & 0xFF;
+            bigend_seqnum[2] = (ctx->seq_send >> 8 ) & 0xFF;
+            bigend_seqnum[3] = (ctx->seq_send      ) & 0xFF;
+
+            code = krb5_copy_keyblock(context, ctx->enc, &enc_key);
+            if (code != 0)
+                goto cleanup;
+
+            assert(enc_key->length == 16);
+
+            for (i = 0; i < enc_key->length; i++)
+                ((char *)enc_key->contents)[i] ^= 0xF0;
+
+            code = kg_arcfour_docrypt_iov(context, enc_key, 0,
+                                          bigend_seqnum, 4,
+                                          iov, iov_count);
+            krb5_free_keyblock(context, enc_key);
+        } else {
+            code = kg_encrypt_iov(context, ctx->proto,
+                                  ((ctx->gss_flags & GSS_C_DCE_STYLE) != 0),
+                                  0 /*EC*/, 0 /*RRC*/,
+                                  ctx->enc, KG_USAGE_SEAL, NULL,
+                                  iov, iov_count);
+        }
+        if (code != 0)
+            goto cleanup;
     }
 
     ctx->seq_send++;
@@ -261,11 +261,11 @@ make_seal_token_v1_iov(krb5_context context,
     code = 0;
 
     if (conf_state != NULL)
-       *conf_state = conf_req_flag;
+        *conf_state = conf_req_flag;
 
 cleanup:
     if (code != 0)
-       kg_release_iov(iov, iov_count);
+        kg_release_iov(iov, iov_count);
     krb5_free_checksum_contents(context, &md5cksum);
 
     return code;
@@ -273,13 +273,13 @@ cleanup:
 
 OM_uint32
 kg_seal_iov(OM_uint32 *minor_status,
-           gss_ctx_id_t context_handle,
-           int conf_req_flag,
-           gss_qop_t qop_req,
-           int *conf_state,
-           gss_iov_buffer_desc *iov,
-           int iov_count,
-           int toktype)
+            gss_ctx_id_t context_handle,
+            int conf_req_flag,
+            gss_qop_t qop_req,
+            int *conf_state,
+            gss_iov_buffer_desc *iov,
+            int iov_count,
+            int toktype)
 {
     krb5_gss_ctx_id_rec *ctx;
     krb5_error_code code;
@@ -287,52 +287,52 @@ kg_seal_iov(OM_uint32 *minor_status,
     krb5_context context;
 
     if (qop_req != 0) {
-       *minor_status = (OM_uint32)G_UNKNOWN_QOP;
-       return GSS_S_FAILURE;
+        *minor_status = (OM_uint32)G_UNKNOWN_QOP;
+        return GSS_S_FAILURE;
     }
 
     if (!kg_validate_ctx_id(context_handle)) {
-       *minor_status = (OM_uint32)G_VALIDATE_FAILED;
-       return GSS_S_NO_CONTEXT;
+        *minor_status = (OM_uint32)G_VALIDATE_FAILED;
+        return GSS_S_NO_CONTEXT;
     }
 
     ctx = (krb5_gss_ctx_id_rec *)context_handle;
     if (!ctx->established) {
-       *minor_status = KG_CTX_INCOMPLETE;
-       return GSS_S_NO_CONTEXT;
+        *minor_status = KG_CTX_INCOMPLETE;
+        return GSS_S_NO_CONTEXT;
     }
 
     context = ctx->k5_context;
     code = krb5_timeofday(context, &now);
     if (code != 0) {
-       *minor_status = code;
-       save_error_info(*minor_status, context);
-       return GSS_S_FAILURE;
+        *minor_status = code;
+        save_error_info(*minor_status, context);
+        return GSS_S_FAILURE;
     }
 
     if (conf_req_flag && kg_integ_only_iov(iov, iov_count)) {
-       /* may be more sensible to return an error here */
-       conf_req_flag = FALSE;
+        /* may be more sensible to return an error here */
+        conf_req_flag = FALSE;
     }
 
     switch (ctx->proto) {
     case 0:
-       code = make_seal_token_v1_iov(context, ctx, conf_req_flag,
-                                     conf_state, iov, iov_count, toktype);
-       break;
+        code = make_seal_token_v1_iov(context, ctx, conf_req_flag,
+                                      conf_state, iov, iov_count, toktype);
+        break;
     case 1:
-       code = gss_krb5int_make_seal_token_v3_iov(context, ctx, conf_req_flag,
-                                                 conf_state, iov, iov_count, toktype);
-       break;
+        code = gss_krb5int_make_seal_token_v3_iov(context, ctx, conf_req_flag,
+                                                  conf_state, iov, iov_count, toktype);
+        break;
     default:
-       code = G_UNKNOWN_QOP;
-       break;
+        code = G_UNKNOWN_QOP;
+        break;
     }
 
     if (code != 0) {
-       *minor_status = code;
-       save_error_info(*minor_status, context);
-       return GSS_S_FAILURE;
+        *minor_status = code;
+        save_error_info(*minor_status, context);
+        return GSS_S_FAILURE;
     }
 
     *minor_status = 0;
@@ -340,18 +340,18 @@ kg_seal_iov(OM_uint32 *minor_status,
     return (ctx->krb_times.endtime < now) ? GSS_S_CONTEXT_EXPIRED : GSS_S_COMPLETE;
 }
 
-#define INIT_IOV_DATA(_iov)    do { (_iov)->buffer.value = NULL; \
-                                    (_iov)->buffer.length = 0; } \
-                               while (0)
+#define INIT_IOV_DATA(_iov)     do { (_iov)->buffer.value = NULL; \
+                                     (_iov)->buffer.length = 0; } \
+                                while (0)
 
 OM_uint32
 kg_seal_iov_length(OM_uint32 *minor_status,
-                  gss_ctx_id_t context_handle,
-                  int conf_req_flag,
-                  gss_qop_t qop_req,
-                  int *conf_state,
-                  gss_iov_buffer_desc *iov,
-                  int iov_count)
+                   gss_ctx_id_t context_handle,
+                   int conf_req_flag,
+                   gss_qop_t qop_req,
+                   int *conf_state,
+                   gss_iov_buffer_desc *iov,
+                   int iov_count)
 {
     krb5_gss_ctx_id_rec *ctx;
     gss_iov_buffer_t header, trailer, padding;
@@ -363,31 +363,31 @@ kg_seal_iov_length(OM_uint32 *minor_status,
     int dce_style;
 
     if (qop_req != GSS_C_QOP_DEFAULT) {
-       *minor_status = (OM_uint32)G_UNKNOWN_QOP;
-       return GSS_S_FAILURE;
+        *minor_status = (OM_uint32)G_UNKNOWN_QOP;
+        return GSS_S_FAILURE;
     }
 
     if (!kg_validate_ctx_id(context_handle)) {
-       *minor_status = (OM_uint32)G_VALIDATE_FAILED;
-       return GSS_S_NO_CONTEXT;
+        *minor_status = (OM_uint32)G_VALIDATE_FAILED;
+        return GSS_S_NO_CONTEXT;
     }
 
     ctx = (krb5_gss_ctx_id_rec *)context_handle;
     if (!ctx->established) {
-       *minor_status = KG_CTX_INCOMPLETE;
-       return GSS_S_NO_CONTEXT;
+        *minor_status = KG_CTX_INCOMPLETE;
+        return GSS_S_NO_CONTEXT;
     }
 
     header = kg_locate_iov(iov, iov_count, GSS_IOV_BUFFER_TYPE_HEADER);
     if (header == NULL) {
-       *minor_status = EINVAL;
-       return GSS_S_FAILURE;
+        *minor_status = EINVAL;
+        return GSS_S_FAILURE;
     }
     INIT_IOV_DATA(header);
 
     trailer = kg_locate_iov(iov, iov_count, GSS_IOV_BUFFER_TYPE_TRAILER);
     if (trailer != NULL) {
-       INIT_IOV_DATA(trailer);
+        INIT_IOV_DATA(trailer);
     }
 
     dce_style = ((ctx->gss_flags & GSS_C_DCE_STYLE) != 0);
@@ -395,122 +395,122 @@ kg_seal_iov_length(OM_uint32 *minor_status,
     /* For CFX, EC is used instead of padding, and is placed in header or trailer */
     padding = kg_locate_iov(iov, iov_count, GSS_IOV_BUFFER_TYPE_PADDING);
     if (padding == NULL) {
-       if (conf_req_flag && ctx->proto == 0 && !dce_style) {
-           *minor_status = EINVAL;
-           return GSS_S_FAILURE;
-       }
+        if (conf_req_flag && ctx->proto == 0 && !dce_style) {
+            *minor_status = EINVAL;
+            return GSS_S_FAILURE;
+        }
     } else {
-       INIT_IOV_DATA(padding);
+        INIT_IOV_DATA(padding);
     }
 
     kg_iov_msglen(iov, iov_count, &data_length, &assoc_data_length);
 
     if (conf_req_flag && kg_integ_only_iov(iov, iov_count))
-       conf_req_flag = FALSE;
+        conf_req_flag = FALSE;
 
     context = ctx->k5_context;
 
     gss_headerlen = gss_padlen = gss_trailerlen = 0;
 
     if (ctx->proto == 1) {
-       krb5_enctype enctype;
-       size_t ec;
-
-       if (ctx->have_acceptor_subkey)
-           enctype = ctx->acceptor_subkey->enctype;
-       else
-           enctype = ctx->subkey->enctype;
-
-       code = krb5_c_crypto_length(context, enctype,
-                                   conf_req_flag ?
-                                       KRB5_CRYPTO_TYPE_TRAILER : KRB5_CRYPTO_TYPE_CHECKSUM,
-                                   &k5_trailerlen);
-       if (code != 0) {
-           *minor_status = code;
-           return GSS_S_FAILURE;
-       }
-
-       if (conf_req_flag) {
-           code = krb5_c_crypto_length(context, enctype, KRB5_CRYPTO_TYPE_HEADER, &k5_headerlen);
-           if (code != 0) {
-               *minor_status = code;
-               return GSS_S_FAILURE;
-           }
-       }
-
-       gss_headerlen = 16; /* Header */
-       if (conf_req_flag) {
-           gss_headerlen += k5_headerlen; /* Kerb-Header */
-           gss_trailerlen = 16 /* E(Header) */ + k5_trailerlen; /* Kerb-Trailer */
-
-           code = krb5_c_padding_length(context, enctype,
-                                        data_length - assoc_data_length + 16 /* E(Header) */, &k5_padlen);
-           if (code != 0) {
-               *minor_status = code;
-               return GSS_S_FAILURE;
-           }
-        
-           if (k5_padlen == 0 && dce_style) {
-               /* Windows rejects AEAD tokens with non-zero EC */
-               code = krb5_c_block_size(context, enctype, &ec);
-               if (code != 0) {
-                   *minor_status = code;
-                   return GSS_S_FAILURE;
-               }
-           } else
-               ec = k5_padlen;
-
-           gss_trailerlen += ec;
-       } else {
-           gss_trailerlen = k5_trailerlen; /* Kerb-Checksum */
-       }
+        krb5_enctype enctype;
+        size_t ec;
+
+        if (ctx->have_acceptor_subkey)
+            enctype = ctx->acceptor_subkey->enctype;
+        else
+            enctype = ctx->subkey->enctype;
+
+        code = krb5_c_crypto_length(context, enctype,
+                                    conf_req_flag ?
+                                        KRB5_CRYPTO_TYPE_TRAILER : KRB5_CRYPTO_TYPE_CHECKSUM,
+                                    &k5_trailerlen);
+        if (code != 0) {
+            *minor_status = code;
+            return GSS_S_FAILURE;
+        }
+
+        if (conf_req_flag) {
+            code = krb5_c_crypto_length(context, enctype, KRB5_CRYPTO_TYPE_HEADER, &k5_headerlen);
+            if (code != 0) {
+                *minor_status = code;
+                return GSS_S_FAILURE;
+            }
+        }
+
+        gss_headerlen = 16; /* Header */
+        if (conf_req_flag) {
+            gss_headerlen += k5_headerlen; /* Kerb-Header */
+            gss_trailerlen = 16 /* E(Header) */ + k5_trailerlen; /* Kerb-Trailer */
+
+            code = krb5_c_padding_length(context, enctype,
+                                         data_length - assoc_data_length + 16 /* E(Header) */, &k5_padlen);
+            if (code != 0) {
+                *minor_status = code;
+                return GSS_S_FAILURE;
+            }
+         
+            if (k5_padlen == 0 && dce_style) {
+                /* Windows rejects AEAD tokens with non-zero EC */
+                code = krb5_c_block_size(context, enctype, &ec);
+                if (code != 0) {
+                    *minor_status = code;
+                    return GSS_S_FAILURE;
+                }
+            } else
+                ec = k5_padlen;
+
+            gss_trailerlen += ec;
+        } else {
+            gss_trailerlen = k5_trailerlen; /* Kerb-Checksum */
+        }
     } else if (!dce_style) {
-       k5_padlen = (ctx->sealalg == SEAL_ALG_MICROSOFT_RC4) ? 1 : 8;
+        k5_padlen = (ctx->sealalg == SEAL_ALG_MICROSOFT_RC4) ? 1 : 8;
 
-       if (k5_padlen == 1)
-           gss_padlen = 1;
-       else
-           gss_padlen = k5_padlen - ((data_length - assoc_data_length) % k5_padlen);
+        if (k5_padlen == 1)
+            gss_padlen = 1;
+        else
+            gss_padlen = k5_padlen - ((data_length - assoc_data_length) % k5_padlen);
     }
 
     data_length += gss_padlen;
 
     if (ctx->proto == 0) {
-       /* Header | Checksum | Confounder | Data | Pad */
-       size_t data_size;
+        /* Header | Checksum | Confounder | Data | Pad */
+        size_t data_size;
 
-       k5_headerlen = kg_confounder_size(context, ctx->enc);
+        k5_headerlen = kg_confounder_size(context, ctx->enc);
 
-       data_size = 14 /* Header */ + ctx->cksum_size + k5_headerlen;
+        data_size = 14 /* Header */ + ctx->cksum_size + k5_headerlen;
 
-       if (!dce_style)
-           data_size += data_length;
+        if (!dce_style)
+            data_size += data_length;
 
-       gss_headerlen = g_token_size(ctx->mech_used, data_size);
+        gss_headerlen = g_token_size(ctx->mech_used, data_size);
 
-       /* g_token_size() will include data_size as well as the overhead, so
-        * subtract data_length just to get the overhead (ie. token size) */
-       if (!dce_style)
-           gss_headerlen -= data_length;
+        /* g_token_size() will include data_size as well as the overhead, so
+         * subtract data_length just to get the overhead (ie. token size) */
+        if (!dce_style)
+            gss_headerlen -= data_length;
     }
 
     if (minor_status != NULL)
-       *minor_status = 0;
+        *minor_status = 0;
 
     if (trailer == NULL)
-       gss_headerlen += gss_trailerlen;
+        gss_headerlen += gss_trailerlen;
     else
-       trailer->buffer.length = gss_trailerlen;
+        trailer->buffer.length = gss_trailerlen;
 
     assert(gss_padlen == 0 || padding != NULL);
 
     if (padding != NULL)
-       padding->buffer.length = gss_padlen;
+        padding->buffer.length = gss_padlen;
 
     header->buffer.length = gss_headerlen;
 
     if (conf_state != NULL)
-       *conf_state = conf_req_flag;
+        *conf_state = conf_req_flag;
 
     return GSS_S_COMPLETE;
 }
index b12284fb19a27e507a75f38b0ba23a3413786ad2..26e20d73b4ea15b3af6e9460feb24e852f6e168c 100644 (file)
@@ -96,10 +96,10 @@ gss_krb5int_make_seal_token_v3 (krb5_context context,
                     : KG_USAGE_ACCEPTOR_SIGN));
     if (ctx->have_acceptor_subkey) {
         key = ctx->acceptor_subkey;
-       cksumtype = ctx->acceptor_subkey_cksumtype;
+        cksumtype = ctx->acceptor_subkey_cksumtype;
     } else {
         key = ctx->subkey;
-       cksumtype = ctx->cksumtype;
+        cksumtype = ctx->cksumtype;
     }
     assert(key != NULL);
 
@@ -184,7 +184,7 @@ gss_krb5int_make_seal_token_v3 (krb5_context context,
 #endif
     } else if (toktype == KG_TOK_WRAP_MSG && !conf_req_flag) {
         krb5_data plain;
-       size_t cksumsize;
+        size_t cksumsize;
 
         /* Here, message is the application-supplied data; message2 is
            what goes into the output token.  They may be the same, or
@@ -198,11 +198,11 @@ gss_krb5int_make_seal_token_v3 (krb5_context context,
         if (plain.data == NULL)
             return ENOMEM;
 
-       err = krb5_c_checksum_length(context, cksumtype, &cksumsize);
-       if (err)
-           goto error;
+        err = krb5_c_checksum_length(context, cksumtype, &cksumsize);
+        if (err)
+            goto error;
 
-       assert(cksumsize <= 0xffff);
+        assert(cksumsize <= 0xffff);
 
         bufsize = 16 + message2->length + cksumsize;
         outbuf = malloc(bufsize);
@@ -321,7 +321,7 @@ gss_krb5int_unseal_token_v3(krb5_context *contextptr,
     krb5_cksumtype cksumtype;
 
     if (ctx->big_endian != 0)
-       goto defective;
+        goto defective;
 
     if (qop_state)
         *qop_state = GSS_C_QOP_DEFAULT;
@@ -367,10 +367,10 @@ gss_krb5int_unseal_token_v3(krb5_context *contextptr,
     value in that case, though, so we can just ignore the flag.  */
     if (ctx->have_acceptor_subkey && (ptr[2] & FLAG_ACCEPTOR_SUBKEY)) {
         key = ctx->acceptor_subkey;
-       cksumtype = ctx->acceptor_subkey_cksumtype;
+        cksumtype = ctx->acceptor_subkey_cksumtype;
     } else {
         key = ctx->subkey;
-       cksumtype = ctx->cksumtype;
+        cksumtype = ctx->cksumtype;
     }
     assert(key != NULL);
 
@@ -429,11 +429,11 @@ gss_krb5int_unseal_token_v3(krb5_context *contextptr,
                 message_buffer->value = NULL;
             }
         } else {
-           size_t cksumsize;
+            size_t cksumsize;
 
-           err = krb5_c_checksum_length(context, cksumtype, &cksumsize);
-           if (err)
-               goto error;
+            err = krb5_c_checksum_length(context, cksumtype, &cksumsize);
+            if (err)
+                goto error;
 
             /* no confidentiality */
             if (conf_state)
index e39665febe5c21f75d2bf095ede362bd6a99e28e..718903c3aab3ac588df4e59a51f5790d12f5576d 100644 (file)
  */
 
 #include <assert.h>
-#include "k5-platform.h"       /* for 64-bit support */
-#include "k5-int.h"         /* for zap() */
+#include "k5-platform.h"        /* for 64-bit support */
+#include "k5-int.h"          /* for zap() */
 #include "gssapiP_krb5.h"
 #include <stdarg.h>
 
 krb5_error_code
 gss_krb5int_make_seal_token_v3_iov(krb5_context context,
-                                  krb5_gss_ctx_id_rec *ctx,
-                                  int conf_req_flag,
-                                  int *conf_state,
-                                  gss_iov_buffer_desc *iov,
-                                  int iov_count,
-                                  int toktype)
+                                   krb5_gss_ctx_id_rec *ctx,
+                                   int conf_req_flag,
+                                   int *conf_state,
+                                   gss_iov_buffer_desc *iov,
+                                   int iov_count,
+                                   int toktype)
 {
     krb5_error_code code = 0;
     gss_iov_buffer_t header;
@@ -62,18 +62,18 @@ gss_krb5int_make_seal_token_v3_iov(krb5_context context,
 
     acceptor_flag = ctx->initiate ? 0 : FLAG_SENDER_IS_ACCEPTOR;
     key_usage = (toktype == KG_TOK_WRAP_MSG
-                ? (ctx->initiate
-                   ? KG_USAGE_INITIATOR_SEAL
-                   : KG_USAGE_ACCEPTOR_SEAL)
-                : (ctx->initiate
-                   ? KG_USAGE_INITIATOR_SIGN
-                   : KG_USAGE_ACCEPTOR_SIGN));
+                 ? (ctx->initiate
+                    ? KG_USAGE_INITIATOR_SEAL
+                    : KG_USAGE_ACCEPTOR_SEAL)
+                 : (ctx->initiate
+                    ? KG_USAGE_INITIATOR_SIGN
+                    : KG_USAGE_ACCEPTOR_SIGN));
     if (ctx->have_acceptor_subkey) {
-       key = ctx->acceptor_subkey;
-       cksumtype = ctx->acceptor_subkey_cksumtype;
+        key = ctx->acceptor_subkey;
+        cksumtype = ctx->acceptor_subkey_cksumtype;
     } else {
-       key = ctx->subkey;
-       cksumtype = ctx->cksumtype;
+        key = ctx->subkey;
+        cksumtype = ctx->cksumtype;
     }
     assert(key != NULL);
     assert(cksumtype != 0);
@@ -82,205 +82,205 @@ gss_krb5int_make_seal_token_v3_iov(krb5_context context,
 
     header = kg_locate_iov(iov, iov_count, GSS_IOV_BUFFER_TYPE_HEADER);
     if (header == NULL)
-       return EINVAL;
+        return EINVAL;
 
     padding = kg_locate_iov(iov, iov_count, GSS_IOV_BUFFER_TYPE_PADDING);
     if (padding != NULL)
-       padding->buffer.length = 0;
+        padding->buffer.length = 0;
 
     trailer = kg_locate_iov(iov, iov_count, GSS_IOV_BUFFER_TYPE_TRAILER);
 
     outbuf = (unsigned char *)header->buffer.value;
 
     if (toktype == KG_TOK_WRAP_MSG && conf_req_flag) {
-       unsigned int k5_headerlen, k5_trailerlen, k5_padlen;
-       size_t ec = 0;
-       size_t conf_data_length = data_length - assoc_data_length;
-
-       code = krb5_c_crypto_length(context, key->enctype, KRB5_CRYPTO_TYPE_HEADER, &k5_headerlen);
-       if (code != 0)
-           goto cleanup;
-
-       code = krb5_c_padding_length(context, key->enctype,
-                                    conf_data_length + 16 /* E(Header) */, &k5_padlen);
-       if (code != 0)
-           goto cleanup;
-
-       if (k5_padlen == 0 && (ctx->gss_flags & GSS_C_DCE_STYLE)) {
-           /* Windows rejects AEAD tokens with non-zero EC */
-           code = krb5_c_block_size(context, key->enctype, &ec);
-           if (code != 0)
-               goto cleanup;
-       } else
-           ec = k5_padlen;
-
-       code = krb5_c_crypto_length(context, key->enctype, KRB5_CRYPTO_TYPE_TRAILER, &k5_trailerlen);
-       if (code != 0)
-           goto cleanup;
-
-       gss_headerlen = 16 /* Header */ + k5_headerlen;
-       gss_trailerlen = ec + 16 /* E(Header) */ + k5_trailerlen;
-
-       if (trailer == NULL) {
-           rrc = gss_trailerlen;
-           /* Workaround for Windows bug where it rotates by EC + RRC */
-           if (ctx->gss_flags & GSS_C_DCE_STYLE)
-               rrc -= ec;
-           gss_headerlen += gss_trailerlen;
-       }
-
-       if (header->type & GSS_IOV_BUFFER_FLAG_ALLOCATE)
-           code = kg_allocate_iov(header, gss_headerlen);
-       else if (header->buffer.length < gss_headerlen)
-           code = KRB5_BAD_MSIZE;
-       if (code != 0)
-           goto cleanup;
-       header->buffer.length = gss_headerlen;
-
-       if (trailer != NULL) {
-           if (trailer->type & GSS_IOV_BUFFER_FLAG_ALLOCATE)
-               code = kg_allocate_iov(trailer, gss_trailerlen);
-           else if (trailer->buffer.length < gss_trailerlen)
-               code = KRB5_BAD_MSIZE;
-           if (code != 0)
-               goto cleanup;
-           trailer->buffer.length = gss_trailerlen;
-       }
-
-       /* TOK_ID */
-       store_16_be(KG2_TOK_WRAP_MSG, outbuf);
-       /* flags */
-       outbuf[2] = (acceptor_flag
-                    | (conf_req_flag ? FLAG_WRAP_CONFIDENTIAL : 0)
-                    | (ctx->have_acceptor_subkey ? FLAG_ACCEPTOR_SUBKEY : 0));
-       /* filler */
-       outbuf[3] = 0xFF;
-       /* EC */
-       store_16_be(ec, outbuf + 4);
-       /* RRC */
-       store_16_be(0, outbuf + 6);
-       store_64_be(ctx->seq_send, outbuf + 8);
-
-       /* EC | copy of header to be encrypted, located in (possibly rotated) trailer */
-       if (trailer == NULL)
-           tbuf = (unsigned char *)header->buffer.value + 16; /* Header */
-       else
-           tbuf = (unsigned char *)trailer->buffer.value;
-
-       memset(tbuf, 0xFF, ec);
-       memcpy(tbuf + ec, header->buffer.value, 16);
-
-       code = kg_encrypt_iov(context, ctx->proto,
-                             ((ctx->gss_flags & GSS_C_DCE_STYLE) != 0),
-                             ec, rrc, key, key_usage, 0, iov, iov_count);
-       if (code != 0)
-           goto cleanup;
-
-       /* RRC */
-       store_16_be(rrc, outbuf + 6);
-
-       ctx->seq_send++;
+        unsigned int k5_headerlen, k5_trailerlen, k5_padlen;
+        size_t ec = 0;
+        size_t conf_data_length = data_length - assoc_data_length;
+
+        code = krb5_c_crypto_length(context, key->enctype, KRB5_CRYPTO_TYPE_HEADER, &k5_headerlen);
+        if (code != 0)
+            goto cleanup;
+
+        code = krb5_c_padding_length(context, key->enctype,
+                                     conf_data_length + 16 /* E(Header) */, &k5_padlen);
+        if (code != 0)
+            goto cleanup;
+
+        if (k5_padlen == 0 && (ctx->gss_flags & GSS_C_DCE_STYLE)) {
+            /* Windows rejects AEAD tokens with non-zero EC */
+            code = krb5_c_block_size(context, key->enctype, &ec);
+            if (code != 0)
+                goto cleanup;
+        } else
+            ec = k5_padlen;
+
+        code = krb5_c_crypto_length(context, key->enctype, KRB5_CRYPTO_TYPE_TRAILER, &k5_trailerlen);
+        if (code != 0)
+            goto cleanup;
+
+        gss_headerlen = 16 /* Header */ + k5_headerlen;
+        gss_trailerlen = ec + 16 /* E(Header) */ + k5_trailerlen;
+
+        if (trailer == NULL) {
+            rrc = gss_trailerlen;
+            /* Workaround for Windows bug where it rotates by EC + RRC */
+            if (ctx->gss_flags & GSS_C_DCE_STYLE)
+                rrc -= ec;
+            gss_headerlen += gss_trailerlen;
+        }
+
+        if (header->type & GSS_IOV_BUFFER_FLAG_ALLOCATE)
+            code = kg_allocate_iov(header, gss_headerlen);
+        else if (header->buffer.length < gss_headerlen)
+            code = KRB5_BAD_MSIZE;
+        if (code != 0)
+            goto cleanup;
+        header->buffer.length = gss_headerlen;
+
+        if (trailer != NULL) {
+            if (trailer->type & GSS_IOV_BUFFER_FLAG_ALLOCATE)
+                code = kg_allocate_iov(trailer, gss_trailerlen);
+            else if (trailer->buffer.length < gss_trailerlen)
+                code = KRB5_BAD_MSIZE;
+            if (code != 0)
+                goto cleanup;
+            trailer->buffer.length = gss_trailerlen;
+        }
+
+        /* TOK_ID */
+        store_16_be(KG2_TOK_WRAP_MSG, outbuf);
+        /* flags */
+        outbuf[2] = (acceptor_flag
+                     | (conf_req_flag ? FLAG_WRAP_CONFIDENTIAL : 0)
+                     | (ctx->have_acceptor_subkey ? FLAG_ACCEPTOR_SUBKEY : 0));
+        /* filler */
+        outbuf[3] = 0xFF;
+        /* EC */
+        store_16_be(ec, outbuf + 4);
+        /* RRC */
+        store_16_be(0, outbuf + 6);
+        store_64_be(ctx->seq_send, outbuf + 8);
+
+        /* EC | copy of header to be encrypted, located in (possibly rotated) trailer */
+        if (trailer == NULL)
+            tbuf = (unsigned char *)header->buffer.value + 16; /* Header */
+        else
+            tbuf = (unsigned char *)trailer->buffer.value;
+
+        memset(tbuf, 0xFF, ec);
+        memcpy(tbuf + ec, header->buffer.value, 16);
+
+        code = kg_encrypt_iov(context, ctx->proto,
+                              ((ctx->gss_flags & GSS_C_DCE_STYLE) != 0),
+                              ec, rrc, key, key_usage, 0, iov, iov_count);
+        if (code != 0)
+            goto cleanup;
+
+        /* RRC */
+        store_16_be(rrc, outbuf + 6);
+
+        ctx->seq_send++;
     } else if (toktype == KG_TOK_WRAP_MSG && !conf_req_flag) {
-       tok_id = KG2_TOK_WRAP_MSG;
+        tok_id = KG2_TOK_WRAP_MSG;
 
     wrap_with_checksum:
 
-       gss_headerlen = 16;
-
-       code = krb5_c_crypto_length(context, key->enctype, KRB5_CRYPTO_TYPE_CHECKSUM, &gss_trailerlen);
-       if (code != 0)
-           goto cleanup;
-
-       assert(gss_trailerlen <= 0xFFFF);
-
-       if (trailer == NULL) {
-           rrc = gss_trailerlen;
-           gss_headerlen += gss_trailerlen;
-       }
-
-       if (header->type & GSS_IOV_BUFFER_FLAG_ALLOCATE)
-           code = kg_allocate_iov(header, gss_headerlen);
-       else if (header->buffer.length < gss_headerlen)
-           code = KRB5_BAD_MSIZE;
-       if (code != 0)
-           goto cleanup;
-       header->buffer.length = gss_headerlen;
-
-       if (trailer != NULL) {
-           if (trailer->type & GSS_IOV_BUFFER_FLAG_ALLOCATE)
-               code = kg_allocate_iov(trailer, gss_trailerlen);
-           else if (trailer->buffer.length < gss_trailerlen)
-               code = KRB5_BAD_MSIZE;
-           if (code != 0)
-               goto cleanup;
-           trailer->buffer.length = gss_trailerlen;
-       }
-
-       /* TOK_ID */
-       store_16_be(tok_id, outbuf);
-       /* flags */
-       outbuf[2] = (acceptor_flag
-                    | (ctx->have_acceptor_subkey ? FLAG_ACCEPTOR_SUBKEY : 0));
-       /* filler */
-       outbuf[3] = 0xFF;
-       if (toktype == KG_TOK_WRAP_MSG) {
-           /* Use 0 for checksum calculation, substitute
-            * checksum length later.
-            */
-           /* EC */
-           store_16_be(0, outbuf + 4);
-           /* RRC */
-           store_16_be(0, outbuf + 6);
-       } else {
-           /* MIC and DEL store 0xFF in EC and RRC */
-           store_16_be(0xFFFF, outbuf + 4);
-           store_16_be(0xFFFF, outbuf + 6);
-       }
-       store_64_be(ctx->seq_send, outbuf + 8);
-
-       code = kg_make_checksum_iov_v3(context, cksumtype,
-                                      rrc, key, key_usage,
-                                      iov, iov_count);
-       if (code != 0)
-           goto cleanup;
-
-       ctx->seq_send++;
-
-       if (toktype == KG_TOK_WRAP_MSG) {
-           /* Fix up EC field */
-           store_16_be(gss_trailerlen, outbuf + 4);
-           /* Fix up RRC field */
-           store_16_be(rrc, outbuf + 6);
-       }
+        gss_headerlen = 16;
+
+        code = krb5_c_crypto_length(context, key->enctype, KRB5_CRYPTO_TYPE_CHECKSUM, &gss_trailerlen);
+        if (code != 0)
+            goto cleanup;
+
+        assert(gss_trailerlen <= 0xFFFF);
+
+        if (trailer == NULL) {
+            rrc = gss_trailerlen;
+            gss_headerlen += gss_trailerlen;
+        }
+
+        if (header->type & GSS_IOV_BUFFER_FLAG_ALLOCATE)
+            code = kg_allocate_iov(header, gss_headerlen);
+        else if (header->buffer.length < gss_headerlen)
+            code = KRB5_BAD_MSIZE;
+        if (code != 0)
+            goto cleanup;
+        header->buffer.length = gss_headerlen;
+
+        if (trailer != NULL) {
+            if (trailer->type & GSS_IOV_BUFFER_FLAG_ALLOCATE)
+                code = kg_allocate_iov(trailer, gss_trailerlen);
+            else if (trailer->buffer.length < gss_trailerlen)
+                code = KRB5_BAD_MSIZE;
+            if (code != 0)
+                goto cleanup;
+            trailer->buffer.length = gss_trailerlen;
+        }
+
+        /* TOK_ID */
+        store_16_be(tok_id, outbuf);
+        /* flags */
+        outbuf[2] = (acceptor_flag
+                     | (ctx->have_acceptor_subkey ? FLAG_ACCEPTOR_SUBKEY : 0));
+        /* filler */
+        outbuf[3] = 0xFF;
+        if (toktype == KG_TOK_WRAP_MSG) {
+            /* Use 0 for checksum calculation, substitute
+             * checksum length later.
+             */
+            /* EC */
+            store_16_be(0, outbuf + 4);
+            /* RRC */
+            store_16_be(0, outbuf + 6);
+        } else {
+            /* MIC and DEL store 0xFF in EC and RRC */
+            store_16_be(0xFFFF, outbuf + 4);
+            store_16_be(0xFFFF, outbuf + 6);
+        }
+        store_64_be(ctx->seq_send, outbuf + 8);
+
+        code = kg_make_checksum_iov_v3(context, cksumtype,
+                                       rrc, key, key_usage,
+                                       iov, iov_count);
+        if (code != 0)
+            goto cleanup;
+
+        ctx->seq_send++;
+
+        if (toktype == KG_TOK_WRAP_MSG) {
+            /* Fix up EC field */
+            store_16_be(gss_trailerlen, outbuf + 4);
+            /* Fix up RRC field */
+            store_16_be(rrc, outbuf + 6);
+        }
     } else if (toktype == KG_TOK_MIC_MSG) {
-       tok_id = KG2_TOK_MIC_MSG;
-       trailer = NULL;
-       goto wrap_with_checksum;
+        tok_id = KG2_TOK_MIC_MSG;
+        trailer = NULL;
+        goto wrap_with_checksum;
     } else if (toktype == KG_TOK_DEL_CTX) {
-       tok_id = KG2_TOK_DEL_CTX;
-       goto wrap_with_checksum;
+        tok_id = KG2_TOK_DEL_CTX;
+        goto wrap_with_checksum;
     } else {
-       abort();
+        abort();
     }
 
     code = 0;
 
 cleanup:
     if (code != 0)
-       kg_release_iov(iov, iov_count);
+        kg_release_iov(iov, iov_count);
 
     return code;
 }
 
 OM_uint32
 gss_krb5int_unseal_v3_iov(krb5_context context,
-                         OM_uint32 *minor_status,
-                         krb5_gss_ctx_id_rec *ctx,
-                         gss_iov_buffer_desc *iov,
-                         int iov_count,
-                         int *conf_state,
-                         gss_qop_t *qop_state,
-                         int toktype)
+                          OM_uint32 *minor_status,
+                          krb5_gss_ctx_id_rec *ctx,
+                          gss_iov_buffer_desc *iov,
+                          int iov_count,
+                          int *conf_state,
+                          gss_qop_t *qop_state,
+                          int toktype)
 {
     OM_uint32 code;
     gss_iov_buffer_t header;
@@ -298,167 +298,167 @@ gss_krb5int_unseal_v3_iov(krb5_context context,
     int conf_flag = 0;
 
     if (ctx->big_endian != 0)
-       return GSS_S_DEFECTIVE_TOKEN;
+        return GSS_S_DEFECTIVE_TOKEN;
 
     if (qop_state != NULL)
-       *qop_state = GSS_C_QOP_DEFAULT;
+        *qop_state = GSS_C_QOP_DEFAULT;
 
     header = kg_locate_iov(iov, iov_count, GSS_IOV_BUFFER_TYPE_HEADER);
     assert(header != NULL);
 
     padding = kg_locate_iov(iov, iov_count, GSS_IOV_BUFFER_TYPE_PADDING);
     if (padding != NULL && padding->buffer.length != 0)
-       return GSS_S_DEFECTIVE_TOKEN;
+        return GSS_S_DEFECTIVE_TOKEN;
 
     trailer = kg_locate_iov(iov, iov_count, GSS_IOV_BUFFER_TYPE_TRAILER);
 
     acceptor_flag = ctx->initiate ? FLAG_SENDER_IS_ACCEPTOR : 0;
     key_usage = (toktype == KG_TOK_WRAP_MSG
-                ? (!ctx->initiate 
-                   ? KG_USAGE_INITIATOR_SEAL
-                   : KG_USAGE_ACCEPTOR_SEAL)
-                : (!ctx->initiate
-                   ? KG_USAGE_INITIATOR_SIGN 
-                   : KG_USAGE_ACCEPTOR_SIGN));
+                 ? (!ctx->initiate 
+                    ? KG_USAGE_INITIATOR_SEAL
+                    : KG_USAGE_ACCEPTOR_SEAL)
+                 : (!ctx->initiate
+                    ? KG_USAGE_INITIATOR_SIGN 
+                    : KG_USAGE_ACCEPTOR_SIGN));
 
     kg_iov_msglen(iov, iov_count, &data_length, &assoc_data_length);
 
     ptr = (unsigned char *)header->buffer.value;
 
     if (header->buffer.length < 16) {
-       *minor_status = 0;
-       return GSS_S_DEFECTIVE_TOKEN;
+        *minor_status = 0;
+        return GSS_S_DEFECTIVE_TOKEN;
     }
 
     if ((ptr[2] & FLAG_SENDER_IS_ACCEPTOR) != acceptor_flag) {
-       *minor_status = (OM_uint32)G_BAD_DIRECTION;
-       return GSS_S_BAD_SIG;
+        *minor_status = (OM_uint32)G_BAD_DIRECTION;
+        return GSS_S_BAD_SIG;
     }
 
     if (ctx->have_acceptor_subkey && (ptr[2] & FLAG_ACCEPTOR_SUBKEY)) {
-       key = ctx->acceptor_subkey;
-       cksumtype = ctx->acceptor_subkey_cksumtype;
+        key = ctx->acceptor_subkey;
+        cksumtype = ctx->acceptor_subkey_cksumtype;
     } else {
-       key = ctx->subkey;
-       cksumtype = ctx->cksumtype;
+        key = ctx->subkey;
+        cksumtype = ctx->cksumtype;
     }
     assert(key != NULL);
 
 
     if (toktype == KG_TOK_WRAP_MSG) {
-       unsigned int k5_trailerlen;
-
-       if (load_16_be(ptr) != KG2_TOK_WRAP_MSG)
-           goto defective;
-       conf_flag = ((ptr[2] & FLAG_WRAP_CONFIDENTIAL) != 0);
-       if (ptr[3] != 0xFF)
-           goto defective;
-       ec = load_16_be(ptr + 4);
-       rrc = load_16_be(ptr + 6);
-       seqnum = load_64_be(ptr + 8);
-
-       code = krb5_c_crypto_length(context, key->enctype,
-                                   conf_flag ? KRB5_CRYPTO_TYPE_TRAILER :
-                                               KRB5_CRYPTO_TYPE_CHECKSUM,
-                                   &k5_trailerlen);
-       if (code != 0) {
-           *minor_status = code;
-           return GSS_S_FAILURE;
-       }
-
-       /* Deal with RRC */
-       if (trailer == NULL) {
-           size_t desired_rrc = k5_trailerlen;
-
-           if (conf_flag) {
-               desired_rrc += 16; /* E(Header) */
-
-               if ((ctx->gss_flags & GSS_C_DCE_STYLE) == 0)
-                   desired_rrc += ec;
-           }
-
-           /* According to MS, we only need to deal with a fixed RRC for DCE */
-           if (rrc != desired_rrc)
-               goto defective;
-       } else if (rrc != 0) {
-           /* Should have been rotated by kg_unseal_stream_iov() */
-           goto defective;
-       }
-
-       if (conf_flag) {
-           unsigned char *althdr;
-
-           /* Decrypt */
-           code = kg_decrypt_iov(context, ctx->proto,
-                                 ((ctx->gss_flags & GSS_C_DCE_STYLE) != 0),
-                                 ec, rrc,
-                                 key, key_usage, 0, iov, iov_count);
-           if (code != 0) {
-               *minor_status = code;
-               return GSS_S_BAD_SIG;
-           }
-
-           /* Validate header integrity */
-           if (trailer == NULL)
-               althdr = (unsigned char *)header->buffer.value + 16 + ec;
-           else
-               althdr = (unsigned char *)trailer->buffer.value + ec;
-
-           if (load_16_be(althdr) != KG2_TOK_WRAP_MSG
-               || althdr[2] != ptr[2]
-               || althdr[3] != ptr[3]
-               || memcmp(althdr + 8, ptr + 8, 8) != 0) {
-               *minor_status = 0;
-               return GSS_S_BAD_SIG;
-           }
-       } else {
-           /* Verify checksum: note EC is checksum size here, not padding */
-           if (ec != k5_trailerlen)
-               goto defective;
-
-           /* Zero EC, RRC before computing checksum */
-           store_16_be(0, ptr + 4);
-           store_16_be(0, ptr + 6);
-
-           code = kg_verify_checksum_iov_v3(context, cksumtype, rrc,
-                                            key, key_usage,
-                                            iov, iov_count, &valid);
-           if (code != 0 || valid == FALSE) {
-               *minor_status = code;
-               return GSS_S_BAD_SIG;
-           }
-       }
-
-       code = g_order_check(&ctx->seqstate, seqnum);
+        unsigned int k5_trailerlen;
+
+        if (load_16_be(ptr) != KG2_TOK_WRAP_MSG)
+            goto defective;
+        conf_flag = ((ptr[2] & FLAG_WRAP_CONFIDENTIAL) != 0);
+        if (ptr[3] != 0xFF)
+            goto defective;
+        ec = load_16_be(ptr + 4);
+        rrc = load_16_be(ptr + 6);
+        seqnum = load_64_be(ptr + 8);
+
+        code = krb5_c_crypto_length(context, key->enctype,
+                                    conf_flag ? KRB5_CRYPTO_TYPE_TRAILER :
+                                                KRB5_CRYPTO_TYPE_CHECKSUM,
+                                    &k5_trailerlen);
+        if (code != 0) {
+            *minor_status = code;
+            return GSS_S_FAILURE;
+        }
+
+        /* Deal with RRC */
+        if (trailer == NULL) {
+            size_t desired_rrc = k5_trailerlen;
+
+            if (conf_flag) {
+                desired_rrc += 16; /* E(Header) */
+
+                if ((ctx->gss_flags & GSS_C_DCE_STYLE) == 0)
+                    desired_rrc += ec;
+            }
+
+            /* According to MS, we only need to deal with a fixed RRC for DCE */
+            if (rrc != desired_rrc)
+                goto defective;
+        } else if (rrc != 0) {
+            /* Should have been rotated by kg_unseal_stream_iov() */
+            goto defective;
+        }
+
+        if (conf_flag) {
+            unsigned char *althdr;
+
+            /* Decrypt */
+            code = kg_decrypt_iov(context, ctx->proto,
+                                  ((ctx->gss_flags & GSS_C_DCE_STYLE) != 0),
+                                  ec, rrc,
+                                  key, key_usage, 0, iov, iov_count);
+            if (code != 0) {
+                *minor_status = code;
+                return GSS_S_BAD_SIG;
+            }
+
+            /* Validate header integrity */
+            if (trailer == NULL)
+                althdr = (unsigned char *)header->buffer.value + 16 + ec;
+            else
+                althdr = (unsigned char *)trailer->buffer.value + ec;
+
+            if (load_16_be(althdr) != KG2_TOK_WRAP_MSG
+                || althdr[2] != ptr[2]
+                || althdr[3] != ptr[3]
+                || memcmp(althdr + 8, ptr + 8, 8) != 0) {
+                *minor_status = 0;
+                return GSS_S_BAD_SIG;
+            }
+        } else {
+            /* Verify checksum: note EC is checksum size here, not padding */
+            if (ec != k5_trailerlen)
+                goto defective;
+
+            /* Zero EC, RRC before computing checksum */
+            store_16_be(0, ptr + 4);
+            store_16_be(0, ptr + 6);
+
+            code = kg_verify_checksum_iov_v3(context, cksumtype, rrc,
+                                             key, key_usage,
+                                             iov, iov_count, &valid);
+            if (code != 0 || valid == FALSE) {
+                *minor_status = code;
+                return GSS_S_BAD_SIG;
+            }
+        }
+
+        code = g_order_check(&ctx->seqstate, seqnum);
     } else if (toktype == KG_TOK_MIC_MSG) {
-       if (load_16_be(ptr) != KG2_TOK_MIC_MSG)
-           goto defective;
+        if (load_16_be(ptr) != KG2_TOK_MIC_MSG)
+            goto defective;
 
     verify_mic_1:
-       if (ptr[3] != 0xFF)
-           goto defective;
-       seqnum = load_64_be(ptr + 8);
-
-       code = kg_verify_checksum_iov_v3(context, cksumtype, 0,
-                                        key, key_usage,
-                                        iov, iov_count, &valid);
-       if (code != 0 || valid == FALSE) {
-           *minor_status = code;
-           return GSS_S_BAD_SIG;
-       }
-       code = g_order_check(&ctx->seqstate, seqnum);
+        if (ptr[3] != 0xFF)
+            goto defective;
+        seqnum = load_64_be(ptr + 8);
+
+        code = kg_verify_checksum_iov_v3(context, cksumtype, 0,
+                                         key, key_usage,
+                                         iov, iov_count, &valid);
+        if (code != 0 || valid == FALSE) {
+            *minor_status = code;
+            return GSS_S_BAD_SIG;
+        }
+        code = g_order_check(&ctx->seqstate, seqnum);
     } else if (toktype == KG_TOK_DEL_CTX) {
-       if (load_16_be(ptr) != KG2_TOK_DEL_CTX)
-           goto defective;
-       goto verify_mic_1;
+        if (load_16_be(ptr) != KG2_TOK_DEL_CTX)
+            goto defective;
+        goto verify_mic_1;
     } else {
-       goto defective;
+        goto defective;
     }
 
     *minor_status = 0;
 
     if (conf_state != NULL)
-       *conf_state = conf_flag;
+        *conf_state = conf_flag;
 
     return code;
 
index a94ac9ef053782cc45aeaba7388feb4b27c46943..8020b15f32b1188642e6755462b56631a0628236 100644 (file)
@@ -527,8 +527,8 @@ kg_unseal(minor_status, context_handle, input_token_buffer,
     }
 
     if (bodysize < 2) {
-       *minor_status = (OM_uint32)G_BAD_TOK_HEADER;
-       return GSS_S_DEFECTIVE_TOKEN;
+        *minor_status = (OM_uint32)G_BAD_TOK_HEADER;
+        return GSS_S_DEFECTIVE_TOKEN;
     }
 
     toktype2 = load_16_be(ptr);
@@ -543,18 +543,18 @@ kg_unseal(minor_status, context_handle, input_token_buffer,
         ret = gss_krb5int_unseal_token_v3(&ctx->k5_context, minor_status, ctx,
                                           ptr, bodysize, message_buffer,
                                           conf_state, qop_state, toktype);
-       break;
+        break;
     case KG_TOK_MIC_MSG:
     case KG_TOK_WRAP_MSG:
     case KG_TOK_DEL_CTX:
         ret = kg_unseal_v1(ctx->k5_context, minor_status, ctx, ptr, bodysize,
                            message_buffer, conf_state, qop_state,
                            toktype);
-       break;
+        break;
     default:
-       *minor_status = (OM_uint32)G_BAD_TOK_HEADER;
-       ret = GSS_S_DEFECTIVE_TOKEN;
-       break;
+        *minor_status = (OM_uint32)G_BAD_TOK_HEADER;
+        ret = GSS_S_DEFECTIVE_TOKEN;
+        break;
     }
 
     if (ret != 0)
index a9d4c9effb68d4ec58a4c68e872e45c7d3aa032b..b2eeee70015006ae2c0585cd85c2b6fcd1264894 100644 (file)
  */
 
 #include <assert.h>
-#include "k5-platform.h"       /* for 64-bit support */
-#include "k5-int.h"         /* for zap() */
+#include "k5-platform.h"        /* for 64-bit support */
+#include "k5-int.h"          /* for zap() */
 #include "gssapiP_krb5.h"
 #include <stdarg.h>
 
 static OM_uint32
 kg_unseal_v1_iov(krb5_context context,
-                OM_uint32 *minor_status,
-                krb5_gss_ctx_id_rec *ctx,
-                gss_iov_buffer_desc *iov,
-                int iov_count,
-                size_t token_wrapper_len,
-                int *conf_state,
-                gss_qop_t *qop_state,
-                int toktype)
+                 OM_uint32 *minor_status,
+                 krb5_gss_ctx_id_rec *ctx,
+                 gss_iov_buffer_desc *iov,
+                 int iov_count,
+                 size_t token_wrapper_len,
+                 int *conf_state,
+                 gss_qop_t *qop_state,
+                 int toktype)
 {
     OM_uint32 code;
     gss_iov_buffer_t header;
@@ -71,13 +71,13 @@ kg_unseal_v1_iov(krb5_context context,
 
     trailer = kg_locate_iov(iov, iov_count, GSS_IOV_BUFFER_TYPE_TRAILER);
     if (trailer != NULL && trailer->buffer.length != 0) {
-       *minor_status = (OM_uint32)KRB5_BAD_MSIZE;
-       return GSS_S_DEFECTIVE_TOKEN;
+        *minor_status = (OM_uint32)KRB5_BAD_MSIZE;
+        return GSS_S_DEFECTIVE_TOKEN;
     }
 
     if (header->buffer.length < token_wrapper_len + 14) {
-       *minor_status = 0;
-       return GSS_S_DEFECTIVE_TOKEN;
+        *minor_status = 0;
+        return GSS_S_DEFECTIVE_TOKEN;
     }
 
     ptr = (unsigned char *)header->buffer.value + token_wrapper_len;
@@ -89,106 +89,106 @@ kg_unseal_v1_iov(krb5_context context,
     sealalg |= ptr[3] << 8;
 
     if (ptr[4] != 0xFF || ptr[5] != 0xFF) {
-       *minor_status = 0;
-       return GSS_S_DEFECTIVE_TOKEN;
+        *minor_status = 0;
+        return GSS_S_DEFECTIVE_TOKEN;
     }
 
     if (toktype != KG_TOK_WRAP_MSG && sealalg != 0xFFFF) {
-       *minor_status = 0;
-       return GSS_S_DEFECTIVE_TOKEN;
+        *minor_status = 0;
+        return GSS_S_DEFECTIVE_TOKEN;
     }
 
     if (toktype == KG_TOK_WRAP_MSG &&
-       !(sealalg == 0xFFFF || sealalg == ctx->sealalg)) {
-       *minor_status = 0;
-       return GSS_S_DEFECTIVE_TOKEN;
+        !(sealalg == 0xFFFF || sealalg == ctx->sealalg)) {
+        *minor_status = 0;
+        return GSS_S_DEFECTIVE_TOKEN;
     }
 
     if ((ctx->sealalg == SEAL_ALG_NONE && signalg > 1) ||
-       (ctx->sealalg == SEAL_ALG_1 && signalg != SGN_ALG_3) ||
-       (ctx->sealalg == SEAL_ALG_DES3KD &&
-        signalg != SGN_ALG_HMAC_SHA1_DES3_KD)||
-       (ctx->sealalg == SEAL_ALG_MICROSOFT_RC4 &&
-        signalg != SGN_ALG_HMAC_MD5)) {
-       *minor_status = 0;
-       return GSS_S_DEFECTIVE_TOKEN;
+        (ctx->sealalg == SEAL_ALG_1 && signalg != SGN_ALG_3) ||
+        (ctx->sealalg == SEAL_ALG_DES3KD &&
+         signalg != SGN_ALG_HMAC_SHA1_DES3_KD)||
+        (ctx->sealalg == SEAL_ALG_MICROSOFT_RC4 &&
+         signalg != SGN_ALG_HMAC_MD5)) {
+        *minor_status = 0;
+        return GSS_S_DEFECTIVE_TOKEN;
     }
 
     switch (signalg) {
     case SGN_ALG_DES_MAC_MD5:
     case SGN_ALG_MD2_5:
     case SGN_ALG_HMAC_MD5:
-       cksum_len = 8;
-       if (toktype != KG_TOK_WRAP_MSG)
-           sign_usage = 15;
-       break;
+        cksum_len = 8;
+        if (toktype != KG_TOK_WRAP_MSG)
+            sign_usage = 15;
+        break;
     case SGN_ALG_3:
-       cksum_len = 16;
-       break;
+        cksum_len = 16;
+        break;
     case SGN_ALG_HMAC_SHA1_DES3_KD:
-       cksum_len = 20;
-       break;
+        cksum_len = 20;
+        break;
     default:
-       *minor_status = 0;
-       return GSS_S_DEFECTIVE_TOKEN;
+        *minor_status = 0;
+        return GSS_S_DEFECTIVE_TOKEN;
     }
 
     /* get the token parameters */
     code = kg_get_seq_num(context, ctx->seq, ptr + 14, ptr + 6, &direction,
-                         &seqnum);
+                          &seqnum);
     if (code != 0) {
-       *minor_status = code;
-       return GSS_S_BAD_SIG;
+        *minor_status = code;
+        return GSS_S_BAD_SIG;
     }
 
     assert(ctx->big_endian == 0);
 
     /* decode the message, if SEAL */
     if (toktype == KG_TOK_WRAP_MSG) {
-       if (sealalg != 0xFFFF) {
-           if (ctx->sealalg == SEAL_ALG_MICROSOFT_RC4) {
-               unsigned char bigend_seqnum[4];
-               krb5_keyblock *enc_key;
-               size_t i;
-
-               bigend_seqnum[0] = (seqnum >> 24) & 0xFF;
-               bigend_seqnum[1] = (seqnum >> 16) & 0xFF;
-               bigend_seqnum[2] = (seqnum >> 8 ) & 0xFF;
-               bigend_seqnum[3] = (seqnum      ) & 0xFF;
-
-               code = krb5_copy_keyblock(context, ctx->enc, &enc_key);
-               if (code != 0) {
-                   retval = GSS_S_FAILURE;
-                   goto cleanup;
-               }
-
-               assert(enc_key->length == 16);
-
-               for (i = 0; i < enc_key->length; i++)
-                   ((char *)enc_key->contents)[i] ^= 0xF0;
-
-               code = kg_arcfour_docrypt_iov(context, enc_key, 0,
-                                             &bigend_seqnum[0], 4,
-                                             iov, iov_count);
-               krb5_free_keyblock(context, enc_key);
-           } else {
-               code = kg_decrypt_iov(context, 0,
-                                     ((ctx->gss_flags & GSS_C_DCE_STYLE) != 0),
-                                     0 /*EC*/, 0 /*RRC*/,
-                                     ctx->enc, KG_USAGE_SEAL, NULL,
-                                     iov, iov_count);
-           }
-           if (code != 0) {
-               retval = GSS_S_FAILURE;
-               goto cleanup;
-           }
-       }
-       conflen = kg_confounder_size(context, ctx->enc);
+        if (sealalg != 0xFFFF) {
+            if (ctx->sealalg == SEAL_ALG_MICROSOFT_RC4) {
+                unsigned char bigend_seqnum[4];
+                krb5_keyblock *enc_key;
+                size_t i;
+
+                bigend_seqnum[0] = (seqnum >> 24) & 0xFF;
+                bigend_seqnum[1] = (seqnum >> 16) & 0xFF;
+                bigend_seqnum[2] = (seqnum >> 8 ) & 0xFF;
+                bigend_seqnum[3] = (seqnum      ) & 0xFF;
+
+                code = krb5_copy_keyblock(context, ctx->enc, &enc_key);
+                if (code != 0) {
+                    retval = GSS_S_FAILURE;
+                    goto cleanup;
+                }
+
+                assert(enc_key->length == 16);
+
+                for (i = 0; i < enc_key->length; i++)
+                    ((char *)enc_key->contents)[i] ^= 0xF0;
+
+                code = kg_arcfour_docrypt_iov(context, enc_key, 0,
+                                              &bigend_seqnum[0], 4,
+                                              iov, iov_count);
+                krb5_free_keyblock(context, enc_key);
+            } else {
+                code = kg_decrypt_iov(context, 0,
+                                      ((ctx->gss_flags & GSS_C_DCE_STYLE) != 0),
+                                      0 /*EC*/, 0 /*RRC*/,
+                                      ctx->enc, KG_USAGE_SEAL, NULL,
+                                      iov, iov_count);
+            }
+            if (code != 0) {
+                retval = GSS_S_FAILURE;
+                goto cleanup;
+            }
+        }
+        conflen = kg_confounder_size(context, ctx->enc);
     }
 
     if (header->buffer.length != token_wrapper_len + 14 + cksum_len + conflen) {
-       retval = GSS_S_DEFECTIVE_TOKEN;
-       goto cleanup;
+        retval = GSS_S_DEFECTIVE_TOKEN;
+        goto cleanup;
     }
 
     /* compute the checksum of the message */
@@ -200,67 +200,67 @@ kg_unseal_v1_iov(krb5_context context,
     case SGN_ALG_MD2_5:
     case SGN_ALG_DES_MAC:
     case SGN_ALG_3:
-       md5cksum.checksum_type = CKSUMTYPE_RSA_MD5;
-       break;
+        md5cksum.checksum_type = CKSUMTYPE_RSA_MD5;
+        break;
     case SGN_ALG_HMAC_MD5:
-       md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
-       break;
+        md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR;
+        break;
     case SGN_ALG_HMAC_SHA1_DES3_KD:
-       md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3;
-       break;
+        md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3;
+        break;
     default:
-       abort();
+        abort();
     }
 
     code = krb5_c_checksum_length(context, md5cksum.checksum_type, &sumlen);
     if (code != 0) {
-       retval = GSS_S_FAILURE;
-       goto cleanup;
+        retval = GSS_S_FAILURE;
+        goto cleanup;
     }
     md5cksum.length = sumlen;
 
     /* compute the checksum of the message */
     code = kg_make_checksum_iov_v1(context, md5cksum.checksum_type,
-                                  cksum_len, ctx->seq, ctx->enc,
-                                  sign_usage, iov, iov_count, toktype,
-                                  &md5cksum);
+                                   cksum_len, ctx->seq, ctx->enc,
+                                   sign_usage, iov, iov_count, toktype,
+                                   &md5cksum);
     if (code != 0) {
-       retval = GSS_S_FAILURE;
-       goto cleanup;
+        retval = GSS_S_FAILURE;
+        goto cleanup;
     }
 
     switch (signalg) {
     case SGN_ALG_DES_MAC_MD5:
     case SGN_ALG_3:
-       code = kg_encrypt(context, ctx->seq, KG_USAGE_SEAL,
-                         (g_OID_equal(ctx->mech_used, gss_mech_krb5_old) ?
-                          ctx->seq->contents : NULL),
-                         md5cksum.contents, md5cksum.contents, 16);
-       if (code != 0) {
-           retval = GSS_S_FAILURE;
-           goto cleanup;
-       }
-
-       cksum.length = cksum_len;
-       cksum.contents = md5cksum.contents + 16 - cksum.length;
-
-       code = memcmp(cksum.contents, ptr + 14, cksum.length);
-       break;
+        code = kg_encrypt(context, ctx->seq, KG_USAGE_SEAL,
+                          (g_OID_equal(ctx->mech_used, gss_mech_krb5_old) ?
+                           ctx->seq->contents : NULL),
+                          md5cksum.contents, md5cksum.contents, 16);
+        if (code != 0) {
+            retval = GSS_S_FAILURE;
+            goto cleanup;
+        }
+
+        cksum.length = cksum_len;
+        cksum.contents = md5cksum.contents + 16 - cksum.length;
+
+        code = memcmp(cksum.contents, ptr + 14, cksum.length);
+        break;
     case SGN_ALG_HMAC_SHA1_DES3_KD:
     case SGN_ALG_HMAC_MD5:
-       code = memcmp(md5cksum.contents, ptr + 14, cksum_len);
-       break;
+        code = memcmp(md5cksum.contents, ptr + 14, cksum_len);
+        break;
     default:
-       code = 0;
-       retval = GSS_S_DEFECTIVE_TOKEN;
-       goto cleanup;
-       break;
+        code = 0;
+        retval = GSS_S_DEFECTIVE_TOKEN;
+        goto cleanup;
+        break;
     }
 
     if (code != 0) {
-       code = 0;
-       retval = GSS_S_BAD_SIG;
-       goto cleanup;
+        code = 0;
+        retval = GSS_S_BAD_SIG;
+        goto cleanup;
     }
 
     /*
@@ -271,35 +271,35 @@ kg_unseal_v1_iov(krb5_context context,
      * this and fixup the last data IOV appropriately.
      */
     if (toktype == KG_TOK_WRAP_MSG &&
-       (ctx->gss_flags & GSS_C_DCE_STYLE) == 0) {
-       retval = kg_fixup_padding_iov(&code, iov, iov_count);
-       if (retval != GSS_S_COMPLETE)
-           goto cleanup;
+        (ctx->gss_flags & GSS_C_DCE_STYLE) == 0) {
+        retval = kg_fixup_padding_iov(&code, iov, iov_count);
+        if (retval != GSS_S_COMPLETE)
+            goto cleanup;
     }
 
     if (conf_state != NULL)
-       *conf_state = (sealalg != 0xFFFF);
+        *conf_state = (sealalg != 0xFFFF);
 
     if (qop_state != NULL)
-       *qop_state = GSS_C_QOP_DEFAULT;
+        *qop_state = GSS_C_QOP_DEFAULT;
 
     code = krb5_timeofday(context, &now);
     if (code != 0) {
-       *minor_status = code;
-       retval = GSS_S_FAILURE;
-       goto cleanup;
+        *minor_status = code;
+        retval = GSS_S_FAILURE;
+        goto cleanup;
     }
 
     if (now > ctx->krb_times.endtime) {
-       *minor_status = 0;
-       retval = GSS_S_CONTEXT_EXPIRED;
-       goto cleanup;
+        *minor_status = 0;
+        retval = GSS_S_CONTEXT_EXPIRED;
+        goto cleanup;
     }
 
     if ((ctx->initiate && direction != 0xff) ||
-       (!ctx->initiate && direction != 0)) {
-       *minor_status = (OM_uint32)G_BAD_DIRECTION;
-       retval = GSS_S_BAD_SIG;
+        (!ctx->initiate && direction != 0)) {
+        *minor_status = (OM_uint32)G_BAD_DIRECTION;
+        retval = GSS_S_BAD_SIG;
     }
 
     code = 0;
@@ -320,12 +320,12 @@ cleanup:
  */
 static OM_uint32
 kg_unseal_iov_token(OM_uint32 *minor_status,
-                   krb5_gss_ctx_id_rec *ctx,
-                   int *conf_state,
-                   gss_qop_t *qop_state,
-                   gss_iov_buffer_desc *iov,
-                   int iov_count,
-                   int toktype)
+                    krb5_gss_ctx_id_rec *ctx,
+                    int *conf_state,
+                    gss_qop_t *qop_state,
+                    gss_iov_buffer_desc *iov,
+                    int iov_count,
+                    int toktype)
 {
     krb5_error_code code;
     krb5_context context = ctx->k5_context;
@@ -340,8 +340,8 @@ kg_unseal_iov_token(OM_uint32 *minor_status,
 
     header = kg_locate_iov(iov, iov_count, GSS_IOV_BUFFER_TYPE_HEADER);
     if (header == NULL) {
-       *minor_status = EINVAL;
-       return GSS_S_FAILURE;
+        *minor_status = EINVAL;
+        return GSS_S_FAILURE;
     }
 
     padding = kg_locate_iov(iov, iov_count, GSS_IOV_BUFFER_TYPE_PADDING);
@@ -351,33 +351,33 @@ kg_unseal_iov_token(OM_uint32 *minor_status,
     input_length = header->buffer.length;
 
     if ((ctx->gss_flags & GSS_C_DCE_STYLE) == 0) {
-       size_t data_length, assoc_data_length;
+        size_t data_length, assoc_data_length;
 
-       kg_iov_msglen(iov, iov_count, &data_length, &assoc_data_length);
+        kg_iov_msglen(iov, iov_count, &data_length, &assoc_data_length);
 
-       input_length += data_length - assoc_data_length;
+        input_length += data_length - assoc_data_length;
 
-       if (padding != NULL)
-           input_length += padding->buffer.length;
+        if (padding != NULL)
+            input_length += padding->buffer.length;
 
-       if (trailer != NULL)
-           input_length += trailer->buffer.length;
+        if (trailer != NULL)
+            input_length += trailer->buffer.length;
     }
 
     if (ctx->gss_flags & GSS_C_DCE_STYLE)
-       vfyflags |= G_VFY_TOKEN_HDR_IGNORE_SEQ_SIZE;
+        vfyflags |= G_VFY_TOKEN_HDR_IGNORE_SEQ_SIZE;
 
     code = g_verify_token_header(ctx->mech_used,
-                                &bodysize, &ptr, -1,
-                                input_length, 0);
+                                 &bodysize, &ptr, -1,
+                                 input_length, 0);
     if (code != 0) {
         *minor_status = code;
         return GSS_S_DEFECTIVE_TOKEN;
     }
 
     if (bodysize < 2) {
-       *minor_status = (OM_uint32)G_BAD_TOK_HEADER;
-       return GSS_S_DEFECTIVE_TOKEN;
+        *minor_status = (OM_uint32)G_BAD_TOK_HEADER;
+        return GSS_S_DEFECTIVE_TOKEN;
     }
 
     toktype2 = load_16_be(ptr);
@@ -389,24 +389,24 @@ kg_unseal_iov_token(OM_uint32 *minor_status,
     case KG2_TOK_MIC_MSG:
     case KG2_TOK_WRAP_MSG:
     case KG2_TOK_DEL_CTX:
-       code = gss_krb5int_unseal_v3_iov(context, minor_status, ctx, iov, iov_count,
-                                        conf_state, qop_state, toktype);
-       break;
+        code = gss_krb5int_unseal_v3_iov(context, minor_status, ctx, iov, iov_count,
+                                         conf_state, qop_state, toktype);
+        break;
     case KG_TOK_MIC_MSG:
     case KG_TOK_WRAP_MSG:
     case KG_TOK_DEL_CTX:
-       code = kg_unseal_v1_iov(context, minor_status, ctx, iov, iov_count,
-                               (size_t)(ptr - (unsigned char *)header->buffer.value),
-                               conf_state, qop_state, toktype);
-       break;
+        code = kg_unseal_v1_iov(context, minor_status, ctx, iov, iov_count,
+                                (size_t)(ptr - (unsigned char *)header->buffer.value),
+                                conf_state, qop_state, toktype);
+        break;
     default:
-       *minor_status = (OM_uint32)G_BAD_TOK_HEADER;
-       code = GSS_S_DEFECTIVE_TOKEN;
-       break;
+        *minor_status = (OM_uint32)G_BAD_TOK_HEADER;
+        code = GSS_S_DEFECTIVE_TOKEN;
+        break;
     }
 
     if (code != 0)
-       save_error_info(*minor_status, context);
+        save_error_info(*minor_status, context);
 
     return code;
 }
@@ -417,12 +417,12 @@ kg_unseal_iov_token(OM_uint32 *minor_status,
  */
 static OM_uint32
 kg_unseal_stream_iov(OM_uint32 *minor_status,
-                    krb5_gss_ctx_id_rec *ctx,
-                    int *conf_state,
-                    gss_qop_t *qop_state,
-                    gss_iov_buffer_desc *iov,
-                    int iov_count,
-                    int toktype)
+                     krb5_gss_ctx_id_rec *ctx,
+                     int *conf_state,
+                     gss_qop_t *qop_state,
+                     gss_iov_buffer_desc *iov,
+                     int iov_count,
+                     int toktype)
 {
     unsigned char *ptr;
     unsigned int bodysize;
@@ -437,8 +437,8 @@ kg_unseal_stream_iov(OM_uint32 *minor_status,
     assert(toktype == KG_TOK_WRAP_MSG);
 
     if (toktype != KG_TOK_WRAP_MSG || (ctx->gss_flags & GSS_C_DCE_STYLE)) {
-       code = EINVAL;
-       goto cleanup;
+        code = EINVAL;
+        goto cleanup;
     }
 
     stream = kg_locate_iov(iov, iov_count, GSS_IOV_BUFFER_TYPE_STREAM);
@@ -447,16 +447,16 @@ kg_unseal_stream_iov(OM_uint32 *minor_status,
     ptr = (unsigned char *)stream->buffer.value;
 
     code = g_verify_token_header(ctx->mech_used,
-                                &bodysize, &ptr, -1,
-                                stream->buffer.length, 0);
+                                 &bodysize, &ptr, -1,
+                                 stream->buffer.length, 0);
     if (code != 0) {
-       major_status = GSS_S_DEFECTIVE_TOKEN;
-       goto cleanup;
+        major_status = GSS_S_DEFECTIVE_TOKEN;
+        goto cleanup;
     }
 
     if (bodysize < 2) {
-       *minor_status = (OM_uint32)G_BAD_TOK_HEADER;
-       return GSS_S_DEFECTIVE_TOKEN;
+        *minor_status = (OM_uint32)G_BAD_TOK_HEADER;
+        return GSS_S_DEFECTIVE_TOKEN;
     }
 
     toktype2 = load_16_be(ptr);
@@ -466,8 +466,8 @@ kg_unseal_stream_iov(OM_uint32 *minor_status,
 
     tiov = (gss_iov_buffer_desc *)calloc((size_t)iov_count + 2, sizeof(gss_iov_buffer_desc));
     if (tiov == NULL) {
-       code = ENOMEM;
-       goto cleanup;
+        code = ENOMEM;
+        goto cleanup;
     }
 
     /* HEADER */
@@ -476,35 +476,35 @@ kg_unseal_stream_iov(OM_uint32 *minor_status,
     theader->buffer.value = stream->buffer.value;
     theader->buffer.length = ptr - (unsigned char *)stream->buffer.value;
     if (bodysize < 14 ||
-       stream->buffer.length != theader->buffer.length + bodysize) {
-       major_status = GSS_S_DEFECTIVE_TOKEN;
-       goto cleanup;
+        stream->buffer.length != theader->buffer.length + bodysize) {
+        major_status = GSS_S_DEFECTIVE_TOKEN;
+        goto cleanup;
     }
     theader->buffer.length += 14;
 
     /* n[SIGN_DATA] | DATA | m[SIGN_DATA] */
     for (j = 0; j < iov_count; j++) {
-       OM_uint32 type = GSS_IOV_BUFFER_TYPE(iov[j].type);
+        OM_uint32 type = GSS_IOV_BUFFER_TYPE(iov[j].type);
 
-       if (type == GSS_IOV_BUFFER_TYPE_DATA) {
-           if (data != NULL) {
-               /* only a single DATA buffer can appear */
-               code = EINVAL;
-               goto cleanup;
-           }
+        if (type == GSS_IOV_BUFFER_TYPE_DATA) {
+            if (data != NULL) {
+                /* only a single DATA buffer can appear */
+                code = EINVAL;
+                goto cleanup;
+            }
 
-           data = &iov[j];
-           tdata = &tiov[i];
-       }
-       if (type == GSS_IOV_BUFFER_TYPE_DATA ||
-           type == GSS_IOV_BUFFER_TYPE_SIGN_ONLY)
-           tiov[i++] = iov[j];
+            data = &iov[j];
+            tdata = &tiov[i];
+        }
+        if (type == GSS_IOV_BUFFER_TYPE_DATA ||
+            type == GSS_IOV_BUFFER_TYPE_SIGN_ONLY)
+            tiov[i++] = iov[j];
     }
 
     if (data == NULL) {
-       /* a single DATA buffer must be present */
-       code = EINVAL;
-       goto cleanup;
+        /* a single DATA buffer must be present */
+        code = EINVAL;
+        goto cleanup;
     }
 
     /* PADDING | TRAILER */
@@ -520,65 +520,65 @@ kg_unseal_stream_iov(OM_uint32 *minor_status,
     case KG2_TOK_MIC_MSG:
     case KG2_TOK_WRAP_MSG:
     case KG2_TOK_DEL_CTX: {
-       size_t ec, rrc;
-       krb5_enctype enctype = ctx->enc->enctype;
-       unsigned int k5_headerlen = 0;
-       unsigned int k5_trailerlen = 0;
-
-       conf_req_flag = ((ptr[0] & FLAG_WRAP_CONFIDENTIAL) != 0);
-       ec = conf_req_flag ? load_16_be(ptr + 2) : 0;
-       rrc = load_16_be(ptr + 4);
-
-       if (rrc != 0) {
-           if (!gss_krb5int_rotate_left((unsigned char *)stream->buffer.value + 16,
-                                        stream->buffer.length - 16, rrc)) {
-               code = ENOMEM;
-               goto cleanup;
-           }
-           store_16_be(0, ptr + 4); /* set RRC to zero */
-       }
-
-       if (conf_req_flag) {
-           code = krb5_c_crypto_length(context, enctype, KRB5_CRYPTO_TYPE_HEADER, &k5_headerlen);
-           if (code != 0)
-               goto cleanup;
-           theader->buffer.length += k5_headerlen; /* length validated later */
-       }
-
-       /* no PADDING for CFX, EC is used instead */
-       code = krb5_c_crypto_length(context, enctype,
-                                   conf_req_flag ? KRB5_CRYPTO_TYPE_TRAILER : KRB5_CRYPTO_TYPE_CHECKSUM,
-                                   &k5_trailerlen);
-       if (code != 0)
-           goto cleanup;
-
-       ttrailer->buffer.length = ec + (conf_req_flag ? 16 : 0 /* E(Header) */) + k5_trailerlen;
-       ttrailer->buffer.value = (unsigned char *)stream->buffer.value +
-                                stream->buffer.length - ttrailer->buffer.length;
-       break;
+        size_t ec, rrc;
+        krb5_enctype enctype = ctx->enc->enctype;
+        unsigned int k5_headerlen = 0;
+        unsigned int k5_trailerlen = 0;
+
+        conf_req_flag = ((ptr[0] & FLAG_WRAP_CONFIDENTIAL) != 0);
+        ec = conf_req_flag ? load_16_be(ptr + 2) : 0;
+        rrc = load_16_be(ptr + 4);
+
+        if (rrc != 0) {
+            if (!gss_krb5int_rotate_left((unsigned char *)stream->buffer.value + 16,
+                                         stream->buffer.length - 16, rrc)) {
+                code = ENOMEM;
+                goto cleanup;
+            }
+            store_16_be(0, ptr + 4); /* set RRC to zero */
+        }
+
+        if (conf_req_flag) {
+            code = krb5_c_crypto_length(context, enctype, KRB5_CRYPTO_TYPE_HEADER, &k5_headerlen);
+            if (code != 0)
+                goto cleanup;
+            theader->buffer.length += k5_headerlen; /* length validated later */
+        }
+
+        /* no PADDING for CFX, EC is used instead */
+        code = krb5_c_crypto_length(context, enctype,
+                                    conf_req_flag ? KRB5_CRYPTO_TYPE_TRAILER : KRB5_CRYPTO_TYPE_CHECKSUM,
+                                    &k5_trailerlen);
+        if (code != 0)
+            goto cleanup;
+
+        ttrailer->buffer.length = ec + (conf_req_flag ? 16 : 0 /* E(Header) */) + k5_trailerlen;
+        ttrailer->buffer.value = (unsigned char *)stream->buffer.value +
+                                 stream->buffer.length - ttrailer->buffer.length;
+        break;
     }
     case KG_TOK_MIC_MSG:
     case KG_TOK_WRAP_MSG:
     case KG_TOK_DEL_CTX:
-       theader->buffer.length += ctx->cksum_size + kg_confounder_size(context, ctx->enc);
+        theader->buffer.length += ctx->cksum_size + kg_confounder_size(context, ctx->enc);
 
-       /*
-        * we can't set the padding accurately until decryption;
-        * kg_fixup_padding_iov() will take care of this
-        */
-       tpadding->buffer.length = 1;
-       tpadding->buffer.value = (unsigned char *)stream->buffer.value + stream->buffer.length - 1;
+        /*
+         * we can't set the padding accurately until decryption;
+         * kg_fixup_padding_iov() will take care of this
+         */
+        tpadding->buffer.length = 1;
+        tpadding->buffer.value = (unsigned char *)stream->buffer.value + stream->buffer.length - 1;
 
-       /* no TRAILER for pre-CFX */
-       ttrailer->buffer.length = 0;
-       ttrailer->buffer.value = NULL;
+        /* no TRAILER for pre-CFX */
+        ttrailer->buffer.length = 0;
+        ttrailer->buffer.value = NULL;
 
-       break;
+        break;
     default:
-       code = (OM_uint32)G_BAD_TOK_HEADER;
-       major_status = GSS_S_DEFECTIVE_TOKEN;
-       goto cleanup;
-       break;
+        code = (OM_uint32)G_BAD_TOK_HEADER;
+        major_status = GSS_S_DEFECTIVE_TOKEN;
+        goto cleanup;
+        break;
     }
 
     /* IOV: -----------0-------------+---1---+--2--+----------------3--------------*/
@@ -588,45 +588,45 @@ kg_unseal_stream_iov(OM_uint32 *minor_status,
 
     /* validate lengths */
     if (stream->buffer.length < theader->buffer.length +
-                               tpadding->buffer.length +
-                               ttrailer->buffer.length)
+                                tpadding->buffer.length +
+                                ttrailer->buffer.length)
     {
-       code = (OM_uint32)KRB5_BAD_MSIZE;
-       major_status = GSS_S_DEFECTIVE_TOKEN;
-       goto cleanup;
+        code = (OM_uint32)KRB5_BAD_MSIZE;
+        major_status = GSS_S_DEFECTIVE_TOKEN;
+        goto cleanup;
     }
 
     /* setup data */
     tdata->buffer.length = stream->buffer.length - ttrailer->buffer.length -
-                          tpadding->buffer.length - theader->buffer.length;
+                           tpadding->buffer.length - theader->buffer.length;
 
     assert(data != NULL);
 
     if (data->type & GSS_IOV_BUFFER_FLAG_ALLOCATE) {
-       code = kg_allocate_iov(tdata, tdata->buffer.length);
-       if (code != 0)
-           goto cleanup;
-       memcpy(tdata->buffer.value,
-              (unsigned char *)stream->buffer.value + theader->buffer.length, tdata->buffer.length);
+        code = kg_allocate_iov(tdata, tdata->buffer.length);
+        if (code != 0)
+            goto cleanup;
+        memcpy(tdata->buffer.value,
+               (unsigned char *)stream->buffer.value + theader->buffer.length, tdata->buffer.length);
     } else
-       tdata->buffer.value = (unsigned char *)stream->buffer.value + theader->buffer.length;
+        tdata->buffer.value = (unsigned char *)stream->buffer.value + theader->buffer.length;
 
     assert(i <= iov_count + 2);
 
     major_status = kg_unseal_iov_token(&code, ctx, conf_state, qop_state,
-                                      tiov, i, toktype);
+                                       tiov, i, toktype);
     if (major_status == GSS_S_COMPLETE)
-       *data = *tdata;
+        *data = *tdata;
     else if (tdata->type & GSS_IOV_BUFFER_FLAG_ALLOCATED) {
-       OM_uint32 tmp;
+        OM_uint32 tmp;
 
-       gss_release_buffer(&tmp, &tdata->buffer);
-       tdata->type &= ~(GSS_IOV_BUFFER_FLAG_ALLOCATED);
+        gss_release_buffer(&tmp, &tdata->buffer);
+        tdata->type &= ~(GSS_IOV_BUFFER_FLAG_ALLOCATED);
     }
 
 cleanup:
     if (tiov != NULL)
-       free(tiov);
+        free(tiov);
 
     *minor_status = code;
 
@@ -635,33 +635,33 @@ cleanup:
 
 OM_uint32
 kg_unseal_iov(OM_uint32 *minor_status,
-             gss_ctx_id_t context_handle,
-             int *conf_state,
-             gss_qop_t *qop_state,
-             gss_iov_buffer_desc *iov,
-             int iov_count,
-             int toktype)
+              gss_ctx_id_t context_handle,
+              int *conf_state,
+              gss_qop_t *qop_state,
+              gss_iov_buffer_desc *iov,
+              int iov_count,
+              int toktype)
 {
     krb5_gss_ctx_id_rec *ctx;
     OM_uint32 code;
 
     if (!kg_validate_ctx_id(context_handle)) {
-       *minor_status = (OM_uint32)G_VALIDATE_FAILED;
-       return GSS_S_NO_CONTEXT;
+        *minor_status = (OM_uint32)G_VALIDATE_FAILED;
+        return GSS_S_NO_CONTEXT;
     }
 
     ctx = (krb5_gss_ctx_id_rec *)context_handle;
     if (!ctx->established) {
-       *minor_status = KG_CTX_INCOMPLETE;
-       return GSS_S_NO_CONTEXT;
+        *minor_status = KG_CTX_INCOMPLETE;
+        return GSS_S_NO_CONTEXT;
     }
 
     if (kg_locate_iov(iov, iov_count, GSS_IOV_BUFFER_TYPE_STREAM) != NULL) {
-       code = kg_unseal_stream_iov(minor_status, ctx, conf_state, qop_state,
-                                   iov, iov_count, toktype);
+        code = kg_unseal_stream_iov(minor_status, ctx, conf_state, qop_state,
+                                    iov, iov_count, toktype);
     } else {
-       code = kg_unseal_iov_token(minor_status, ctx, conf_state, qop_state,
-                                  iov, iov_count, toktype);
+        code = kg_unseal_iov_token(minor_status, ctx, conf_state, qop_state,
+                                   iov, iov_count, toktype);
     }
 
     return code;
index cd3459cd72f79c680d2f6ae53dfbca07e759fc7e..fd10408fd77fa9af11b0d3901c6639ff123e2e0e 100644 (file)
@@ -61,26 +61,26 @@ gss_krb5_get_tkt_flags(
     krb5_flags *ticket_flags)
 {
     static const gss_OID_desc const req_oid = {
-       GSS_KRB5_GET_TKT_FLAGS_OID_LENGTH,
-       GSS_KRB5_GET_TKT_FLAGS_OID };
+        GSS_KRB5_GET_TKT_FLAGS_OID_LENGTH,
+        GSS_KRB5_GET_TKT_FLAGS_OID };
     OM_uint32 major_status;
     gss_buffer_set_t data_set = GSS_C_NO_BUFFER_SET;
 
     if (ticket_flags == NULL)
-       return GSS_S_CALL_INACCESSIBLE_WRITE;
+        return GSS_S_CALL_INACCESSIBLE_WRITE;
 
     major_status = gss_inquire_sec_context_by_oid(minor_status,
-                                                 context_handle,
-                                                 (const gss_OID)&req_oid,
-                                                 &data_set);
+                                                  context_handle,
+                                                  (const gss_OID)&req_oid,
+                                                  &data_set);
     if (major_status != GSS_S_COMPLETE)
-       return major_status;
+        return major_status;
 
     if (data_set == GSS_C_NO_BUFFER_SET ||
         data_set->count != 1 ||
-       data_set->elements[0].length != sizeof(*ticket_flags)) {
-       *minor_status = EINVAL;
-       return GSS_S_FAILURE;
+        data_set->elements[0].length != sizeof(*ticket_flags)) {
+        *minor_status = EINVAL;
+        return GSS_S_FAILURE;
     }
 
     *ticket_flags = *((krb5_flags *)data_set->elements[0].value);
@@ -99,21 +99,21 @@ gss_krb5_copy_ccache(
     krb5_ccache out_ccache)
 {
     static const gss_OID_desc const req_oid = {
-       GSS_KRB5_COPY_CCACHE_OID_LENGTH,
-       GSS_KRB5_COPY_CCACHE_OID };
+        GSS_KRB5_COPY_CCACHE_OID_LENGTH,
+        GSS_KRB5_COPY_CCACHE_OID };
     OM_uint32 major_status;
     gss_buffer_desc req_buffer;
 
     if (out_ccache == NULL)
-       return GSS_S_CALL_INACCESSIBLE_WRITE;
+        return GSS_S_CALL_INACCESSIBLE_WRITE;
 
     req_buffer.value = out_ccache;
     req_buffer.length = sizeof(out_ccache);
 
     major_status = gssspi_set_cred_option(minor_status,
-                                         cred_handle,
-                                         (const gss_OID)&req_oid,
-                                         &req_buffer);
+                                          cred_handle,
+                                          (const gss_OID)&req_oid,
+                                          &req_buffer);
 
     return major_status;
 }
@@ -131,7 +131,7 @@ gss_krb5_export_lucid_sec_context(
     gss_buffer_set_t data_set = GSS_C_NO_BUFFER_SET;
 
     if (kctx == NULL)
-       return GSS_S_CALL_INACCESSIBLE_WRITE;
+        return GSS_S_CALL_INACCESSIBLE_WRITE;
 
     *kctx = NULL;
 
@@ -139,25 +139,25 @@ gss_krb5_export_lucid_sec_context(
     req_oid.length = sizeof(oid_buf);
 
     major_status = generic_gss_oid_compose(minor_status,
-                                          GSS_KRB5_EXPORT_LUCID_SEC_CONTEXT_OID,
-                                          GSS_KRB5_EXPORT_LUCID_SEC_CONTEXT_OID_LENGTH,
-                                          (int)version,
-                                          &req_oid);
+                                           GSS_KRB5_EXPORT_LUCID_SEC_CONTEXT_OID,
+                                           GSS_KRB5_EXPORT_LUCID_SEC_CONTEXT_OID_LENGTH,
+                                           (int)version,
+                                           &req_oid);
     if (GSS_ERROR(major_status))
-       return major_status;
+        return major_status;
 
     major_status = gss_inquire_sec_context_by_oid(minor_status,
-                                                 *context_handle,
-                                                 &req_oid,
-                                                 &data_set);
+                                                  *context_handle,
+                                                  &req_oid,
+                                                  &data_set);
     if (GSS_ERROR(major_status))
-       return major_status;
+        return major_status;
 
     if (data_set == GSS_C_NO_BUFFER_SET ||
         data_set->count != 1 ||
-       data_set->elements[0].length != sizeof(void *)) {
-       *minor_status = EINVAL;
-       return GSS_S_FAILURE;
+        data_set->elements[0].length != sizeof(void *)) {
+        *minor_status = EINVAL;
+        return GSS_S_FAILURE;
     }
 
     *kctx = *((void **)data_set->elements[0].value);
@@ -181,8 +181,8 @@ gss_krb5_set_allowable_enctypes(
     krb5_enctype *ktypes)
 {
     static const gss_OID_desc const req_oid = {
-       GSS_KRB5_SET_ALLOWABLE_ENCTYPES_OID_LENGTH,
-       GSS_KRB5_SET_ALLOWABLE_ENCTYPES_OID };
+        GSS_KRB5_SET_ALLOWABLE_ENCTYPES_OID_LENGTH,
+        GSS_KRB5_SET_ALLOWABLE_ENCTYPES_OID };
     OM_uint32 major_status;
     struct krb5_gss_set_allowable_enctypes_req req;
     gss_buffer_desc req_buffer;
@@ -194,9 +194,9 @@ gss_krb5_set_allowable_enctypes(
     req_buffer.value = &req;
 
     major_status = gssspi_set_cred_option(minor_status,
-                                         cred,
-                                         (const gss_OID)&req_oid,
-                                         &req_buffer);
+                                          cred,
+                                          (const gss_OID)&req_oid,
+                                          &req_buffer);
 
     return major_status;
 }
@@ -208,8 +208,8 @@ gss_krb5_ccache_name(
     const char **out_name)
 {
     static const gss_OID_desc const req_oid = {
-       GSS_KRB5_CCACHE_NAME_OID_LENGTH,
-       GSS_KRB5_CCACHE_NAME_OID };
+        GSS_KRB5_CCACHE_NAME_OID_LENGTH,
+        GSS_KRB5_CCACHE_NAME_OID };
     OM_uint32 major_status;
     struct krb5_gss_ccache_name_req req;
     gss_buffer_desc req_buffer;
@@ -221,9 +221,9 @@ gss_krb5_ccache_name(
     req_buffer.value = &req;
 
     major_status = gssspi_mech_invoke(minor_status,
-                                     (const gss_OID)gss_mech_krb5,
-                                     (const gss_OID)&req_oid,
-                                     &req_buffer);
+                                      (const gss_OID)gss_mech_krb5,
+                                      (const gss_OID)&req_oid,
+                                      &req_buffer);
 
     return major_status;    
 }
@@ -234,8 +234,8 @@ gss_krb5_free_lucid_sec_context(
     void *kctx)
 {
     static const gss_OID_desc const req_oid = {
-       GSS_KRB5_FREE_LUCID_SEC_CONTEXT_OID_LENGTH,
-       GSS_KRB5_FREE_LUCID_SEC_CONTEXT_OID };
+        GSS_KRB5_FREE_LUCID_SEC_CONTEXT_OID_LENGTH,
+        GSS_KRB5_FREE_LUCID_SEC_CONTEXT_OID };
     OM_uint32 major_status;
     gss_buffer_desc req_buffer;
 
@@ -243,9 +243,9 @@ gss_krb5_free_lucid_sec_context(
     req_buffer.value = kctx;
 
     major_status = gssspi_mech_invoke(minor_status,
-                                     (const gss_OID)gss_mech_krb5,
-                                     (const gss_OID)&req_oid,
-                                     &req_buffer);
+                                      (const gss_OID)gss_mech_krb5,
+                                      (const gss_OID)&req_oid,
+                                      &req_buffer);
 
     return major_status;    
 }
@@ -254,8 +254,8 @@ OM_uint32 KRB5_CALLCONV
 krb5_gss_register_acceptor_identity(const char *keytab)
 {
     static const gss_OID_desc const req_oid = {
-       GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_OID_LENGTH,
-       GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_OID };
+        GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_OID_LENGTH,
+        GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_OID };
     OM_uint32 major_status;
     OM_uint32 minor_status;
     gss_buffer_desc req_buffer;
@@ -264,9 +264,9 @@ krb5_gss_register_acceptor_identity(const char *keytab)
     req_buffer.value = (char *)keytab;
 
     major_status = gssspi_mech_invoke(&minor_status,
-                                     (const gss_OID)gss_mech_krb5,
-                                     (const gss_OID)&req_oid,
-                                     &req_buffer);
+                                      (const gss_OID)gss_mech_krb5,
+                                      (const gss_OID)&req_oid,
+                                      &req_buffer);
 
     return major_status;    
 }
@@ -275,8 +275,8 @@ krb5_error_code
 krb5_gss_use_kdc_context(void)
 {
     static const gss_OID_desc const req_oid = {
-       GSS_KRB5_USE_KDC_CONTEXT_OID_LENGTH,
-       GSS_KRB5_USE_KDC_CONTEXT_OID };
+        GSS_KRB5_USE_KDC_CONTEXT_OID_LENGTH,
+        GSS_KRB5_USE_KDC_CONTEXT_OID };
     OM_uint32 major_status;
     OM_uint32 minor_status;
     gss_buffer_desc req_buffer;
@@ -286,9 +286,9 @@ krb5_gss_use_kdc_context(void)
     req_buffer.value = NULL;
 
     major_status = gssspi_mech_invoke(&minor_status,
-                                     (const gss_OID)gss_mech_krb5,
-                                     (const gss_OID)&req_oid,
-                                     &req_buffer);
+                                      (const gss_OID)gss_mech_krb5,
+                                      (const gss_OID)&req_oid,
+                                      &req_buffer);
 
     if (major_status != GSS_S_COMPLETE) {
         if (minor_status != 0)
@@ -318,30 +318,30 @@ gsskrb5_extract_authz_data_from_sec_context(
     gss_buffer_set_t data_set = GSS_C_NO_BUFFER_SET;
 
     if (ad_data == NULL)
-       return GSS_S_CALL_INACCESSIBLE_WRITE;
+        return GSS_S_CALL_INACCESSIBLE_WRITE;
 
     req_oid.elements = oid_buf;
     req_oid.length = sizeof(oid_buf);
 
     major_status = generic_gss_oid_compose(minor_status,
-                                          GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_OID,
-                                          GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_OID_LENGTH,
-                                          ad_type,
-                                          &req_oid);
+                                           GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_OID,
+                                           GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_OID_LENGTH,
+                                           ad_type,
+                                           &req_oid);
     if (GSS_ERROR(major_status))
-       return major_status;
+        return major_status;
 
     major_status = gss_inquire_sec_context_by_oid(minor_status,
-                                                 context_handle,
-                                                 (const gss_OID)&req_oid,
-                                                 &data_set);
+                                                  context_handle,
+                                                  (const gss_OID)&req_oid,
+                                                  &data_set);
     if (major_status != GSS_S_COMPLETE) {
-       return major_status;
+        return major_status;
     }
 
     if (data_set == GSS_C_NO_BUFFER_SET ||
-       data_set->count != 1) {
-       return GSS_S_FAILURE;
+        data_set->count != 1) {
+        return GSS_S_FAILURE;
     }
 
     ad_data->length = data_set->elements[0].length;
@@ -364,8 +364,8 @@ gss_krb5_set_cred_rcache(
     krb5_rcache rcache)
 {
     static const gss_OID_desc const req_oid = {
-       GSS_KRB5_SET_CRED_RCACHE_OID_LENGTH,
-       GSS_KRB5_SET_CRED_RCACHE_OID };
+        GSS_KRB5_SET_CRED_RCACHE_OID_LENGTH,
+        GSS_KRB5_SET_CRED_RCACHE_OID };
     OM_uint32 major_status;
     gss_buffer_desc req_buffer;
     
@@ -373,39 +373,39 @@ gss_krb5_set_cred_rcache(
     req_buffer.value = rcache;
 
     major_status = gssspi_set_cred_option(minor_status,
-                                         cred,
-                                         (const gss_OID)&req_oid,
-                                         &req_buffer);
+                                          cred,
+                                          (const gss_OID)&req_oid,
+                                          &req_buffer);
 
     return major_status;
 }
 
 OM_uint32 KRB5_CALLCONV
 gsskrb5_extract_authtime_from_sec_context(OM_uint32 *minor_status,
-                                         gss_ctx_id_t context_handle,
-                                         krb5_timestamp *authtime)
+                                          gss_ctx_id_t context_handle,
+                                          krb5_timestamp *authtime)
 {
     static const gss_OID_desc const req_oid = {
-       GSS_KRB5_EXTRACT_AUTHTIME_FROM_SEC_CONTEXT_OID_LENGTH,
-       GSS_KRB5_EXTRACT_AUTHTIME_FROM_SEC_CONTEXT_OID };
+        GSS_KRB5_EXTRACT_AUTHTIME_FROM_SEC_CONTEXT_OID_LENGTH,
+        GSS_KRB5_EXTRACT_AUTHTIME_FROM_SEC_CONTEXT_OID };
     OM_uint32 major_status;
     gss_buffer_set_t data_set = GSS_C_NO_BUFFER_SET;
 
     if (authtime == NULL)
-       return GSS_S_CALL_INACCESSIBLE_WRITE;
+        return GSS_S_CALL_INACCESSIBLE_WRITE;
 
     major_status = gss_inquire_sec_context_by_oid(minor_status,
-                                                 context_handle,
-                                                 (const gss_OID)&req_oid,
-                                                 &data_set);
+                                                  context_handle,
+                                                  (const gss_OID)&req_oid,
+                                                  &data_set);
     if (major_status != GSS_S_COMPLETE)
-       return major_status;
+        return major_status;
 
     if (data_set == GSS_C_NO_BUFFER_SET ||
         data_set->count != 1 ||
-       data_set->elements[0].length != sizeof(*authtime)) {
-       *minor_status = EINVAL;
-       return GSS_S_FAILURE;
+        data_set->elements[0].length != sizeof(*authtime)) {
+        *minor_status = EINVAL;
+        return GSS_S_FAILURE;
     }
 
     *authtime = *((krb5_timestamp *)data_set->elements[0].value);
index b66fe5c7b5f65692516abe3d5f7638b165478d7c..32b0e13f72ba313db4438b77812ac8f2c58bcd54 100644 (file)
@@ -64,15 +64,15 @@ OM_uint32 KRB5_CALLCONV
 gss_krb5int_export_lucid_sec_context(
     OM_uint32           *minor_status,
     gss_ctx_id_t        context_handle,
-    const gss_OID      desired_object,
-    gss_buffer_set_t   *data_set)
+    const gss_OID       desired_object,
+    gss_buffer_set_t    *data_set)
 {
     krb5_error_code     kret = 0;
     OM_uint32           retval;
     krb5_gss_ctx_id_t   ctx = (krb5_gss_ctx_id_t)context_handle;
     void                *lctx = NULL;
-    int                        version = 0;
-    gss_buffer_desc    rep;
+    int                 version = 0;
+    gss_buffer_desc     rep;
 
     /* Assume failure */
     retval = GSS_S_FAILURE;
@@ -80,12 +80,12 @@ gss_krb5int_export_lucid_sec_context(
     *data_set = GSS_C_NO_BUFFER_SET;
 
     retval = generic_gss_oid_decompose(minor_status,
-                                      GSS_KRB5_EXPORT_LUCID_SEC_CONTEXT_OID,
-                                      GSS_KRB5_EXPORT_LUCID_SEC_CONTEXT_OID_LENGTH,
-                                      desired_object,
-                                      &version);
+                                       GSS_KRB5_EXPORT_LUCID_SEC_CONTEXT_OID,
+                                       GSS_KRB5_EXPORT_LUCID_SEC_CONTEXT_OID_LENGTH,
+                                       desired_object,
+                                       &version);
     if (GSS_ERROR(retval))
-       return retval;
+        return retval;
 
     /* Externalize a structure of the right version */
     switch (version) {
@@ -112,7 +112,7 @@ gss_krb5int_export_lucid_sec_context(
 
     retval = generic_gss_add_buffer_set_member(minor_status, &rep, data_set);
     if (GSS_ERROR(retval))
-       goto error_out;
+        goto error_out;
 
 error_out:
     if (*minor_status == 0)
@@ -134,7 +134,7 @@ gss_krb5int_free_lucid_sec_context(
     OM_uint32           retval;
     krb5_error_code     kret = 0;
     int                 version;
-    void               *kctx;
+    void                *kctx;
 
     /* Assume failure */
     retval = GSS_S_FAILURE;
index 7265193b3b7247650abfa366d736fc348c4b2a60..d84e2eecfc00865e71fa192fae372381751842c5 100644 (file)
@@ -48,35 +48,35 @@ krb5_gss_wrap(minor_status, context_handle, conf_req_flag,
 /* AEAD interfaces */
 OM_uint32
 krb5_gss_wrap_iov(OM_uint32 *minor_status,
-                 gss_ctx_id_t context_handle,
-                 int conf_req_flag,
-                 gss_qop_t qop_req,
-                 int *conf_state,
-                 gss_iov_buffer_desc *iov,
-                 int iov_count)
+                  gss_ctx_id_t context_handle,
+                  int conf_req_flag,
+                  gss_qop_t qop_req,
+                  int *conf_state,
+                  gss_iov_buffer_desc *iov,
+                  int iov_count)
 {
     OM_uint32 major_status;
 
     major_status = kg_seal_iov(minor_status, context_handle, conf_req_flag,
-                              qop_req, conf_state,
-                              iov, iov_count, KG_TOK_WRAP_MSG);
+                               qop_req, conf_state,
+                               iov, iov_count, KG_TOK_WRAP_MSG);
 
     return major_status;
 }
 
 OM_uint32
 krb5_gss_wrap_iov_length(OM_uint32 *minor_status,
-                        gss_ctx_id_t context_handle,
-                        int conf_req_flag,
-                        gss_qop_t qop_req,
-                        int *conf_state,
-                        gss_iov_buffer_desc *iov,
-                        int iov_count)
+                         gss_ctx_id_t context_handle,
+                         int conf_req_flag,
+                         gss_qop_t qop_req,
+                         int *conf_state,
+                         gss_iov_buffer_desc *iov,
+                         int iov_count)
 {
     OM_uint32 major_status;
 
     major_status = kg_seal_iov_length(minor_status, context_handle, conf_req_flag,
-                                     qop_req, conf_state, iov, iov_count);
+                                      qop_req, conf_state, iov, iov_count);
     return major_status;
 }
 
index 20cc6f9dd0f4c45636e791826360bf10167ca830..60ea9058cbf4891b1ea98f1d1bcb731406b15fcf 100644 (file)
@@ -342,16 +342,16 @@ kg_ctx_size(kcontext, arg, sizep)
                                     KV5M_KEYBLOCK,
                                     (krb5_pointer) ctx->acceptor_subkey,
                                     &required);
-       if (!kret && ctx->authdata) {
-           krb5_int32 i;
-
-           for (i = 0; !kret && ctx->authdata[i]; i++) {
-               kret = krb5_size_opaque(kcontext,
-                                       KV5M_AUTHDATA,
-                                       (krb5_pointer)ctx->authdata[i],
-                                       &required);
-           }
-       }
+        if (!kret && ctx->authdata) {
+            krb5_int32 i;
+
+            for (i = 0; !kret && ctx->authdata[i]; i++) {
+                kret = krb5_size_opaque(kcontext,
+                                        KV5M_AUTHDATA,
+                                        (krb5_pointer)ctx->authdata[i],
+                                        &required);
+            }
+        }
         if (!kret)
             *sizep += required;
     }
@@ -498,25 +498,25 @@ kg_ctx_externalize(kcontext, arg, buffer, lenremain)
             if (!kret)
                 kret = krb5_ser_pack_int32((krb5_int32) ctx->cred_rcache,
                                            &bp, &remain);
-           if (!kret) {
-               krb5_int32 i = 0;
-
-               if (ctx->authdata) {
-                   for (; ctx->authdata[i]; i++)
-                       ;
-               }
-               /* authdata count */
-               kret = krb5_ser_pack_int32(i, &bp, &remain);
-               if (!kret && ctx->authdata) {
-                   /* authdata */
-                   for (i = 0; !kret && ctx->authdata[i]; i++)
-                       kret = krb5_externalize_opaque(kcontext,
-                                                      KV5M_AUTHDATA,
-                                                      ctx->authdata[i],
-                                                      &bp,
-                                                      &remain);
-               }
-           }
+            if (!kret) {
+                krb5_int32 i = 0;
+
+                if (ctx->authdata) {
+                    for (; ctx->authdata[i]; i++)
+                        ;
+                }
+                /* authdata count */
+                kret = krb5_ser_pack_int32(i, &bp, &remain);
+                if (!kret && ctx->authdata) {
+                    /* authdata */
+                    for (i = 0; !kret && ctx->authdata[i]; i++)
+                        kret = krb5_externalize_opaque(kcontext,
+                                                       KV5M_AUTHDATA,
+                                                       ctx->authdata[i],
+                                                       &bp,
+                                                       &remain);
+                }
+            }
             /* trailer */
             if (!kret)
                 kret = krb5_ser_pack_int32(KG_CONTEXT, &bp, &remain);
@@ -697,27 +697,27 @@ kg_ctx_internalize(kcontext, argp, buffer, lenremain)
             if (!kret)
                 kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain);
             ctx->cred_rcache = ibuf;
-           /* authdata */
+            /* authdata */
             if (!kret)
                 kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain);
-           if (!kret) {
-               krb5_int32 nadata = ibuf, i;
-
-               if (nadata > 0) {
-                   ctx->authdata = (krb5_authdata **)calloc((size_t)nadata + 1,
-                                                            sizeof(krb5_authdata *));
-                   if (ctx->authdata == NULL) {
-                       kret = ENOMEM;
-                   } else {
-                       for (i = 0; !kret && i < nadata; i++)
-                           kret = krb5_internalize_opaque(kcontext,
-                                                          KV5M_AUTHDATA,
-                                                          (krb5_pointer *)&ctx->authdata[i],
-                                                          &bp,
-                                                          &remain);
-                   }
-               }
-           }
+            if (!kret) {
+                krb5_int32 nadata = ibuf, i;
+
+                if (nadata > 0) {
+                    ctx->authdata = (krb5_authdata **)calloc((size_t)nadata + 1,
+                                                             sizeof(krb5_authdata *));
+                    if (ctx->authdata == NULL) {
+                        kret = ENOMEM;
+                    } else {
+                        for (i = 0; !kret && i < nadata; i++)
+                            kret = krb5_internalize_opaque(kcontext,
+                                                           KV5M_AUTHDATA,
+                                                           (krb5_pointer *)&ctx->authdata[i],
+                                                           &bp,
+                                                           &remain);
+                    }
+                }
+            }
             /* Get trailer */
             if (!kret)
                 kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain);
index 883eb97e569e3b4658ba4ed5a914a7068bc54dc7..273182637dbf57564b6ab270f2e8af291c0cb404 100644 (file)
@@ -33,9 +33,9 @@
 
 OM_uint32 KRB5_CALLCONV
 gss_krb5int_ccache_name(OM_uint32 *minor_status,
-                       const gss_OID desired_mech,
-                       const gss_OID desired_object,
-                       gss_buffer_t value)
+                        const gss_OID desired_mech,
+                        const gss_OID desired_object,
+                        gss_buffer_t value)
 {
     char *old_name = NULL;
     OM_uint32 err = 0;
@@ -52,7 +52,7 @@ gss_krb5int_ccache_name(OM_uint32 *minor_status,
     assert(value->length == sizeof(*req));
 
     if (value->length != sizeof(*req))
-       return GSS_S_FAILURE;
+        return GSS_S_FAILURE;
 
     req = (struct krb5_gss_ccache_name_req *)value->value;
 
index 2d047206cfa7c62607728478c1776bc95a26716f..069768c74bd434c226e5428126f5a8b167ccf9ef 100644 (file)
@@ -45,33 +45,33 @@ krb5_gss_get_mic(minor_status, context_handle, qop_req,
 #if 0
 OM_uint32
 krb5_gss_get_mic_iov(OM_uint32 *minor_status,
-                    gss_ctx_id_t context_handle,
-                    gss_qop_t qop_req,
-                    gss_iov_buffer_desc *iov,
-                    int iov_count)
+                     gss_ctx_id_t context_handle,
+                     gss_qop_t qop_req,
+                     gss_iov_buffer_desc *iov,
+                     int iov_count)
 {
     OM_uint32 major_status;
 
     major_status = kg_seal_iov(minor_status, context_handle, FALSE,
-                              qop_req, NULL,
-                              iov, iov_count, KG_TOK_MIC_MSG);
+                               qop_req, NULL,
+                               iov, iov_count, KG_TOK_MIC_MSG);
 
     return major_status;
 }
 
 OM_uint32
 krb5_gss_get_mic_iov_length(OM_uint32 *minor_status,
-                           gss_ctx_id_t context_handle,
-                           int conf_req_flag,
-                           gss_qop_t qop_req,
-                           int *conf_state,
-                           gss_iov_buffer_desc *iov,
-                           int iov_count)
+                            gss_ctx_id_t context_handle,
+                            int conf_req_flag,
+                            gss_qop_t qop_req,
+                            int *conf_state,
+                            gss_iov_buffer_desc *iov,
+                            int iov_count)
 {
     OM_uint32 major_status;
 
     major_status = kg_seal_iov_length(minor_status, context_handle, conf_req_flag,
-                                     qop_req, conf_state, iov, iov_count);
+                                      qop_req, conf_state, iov, iov_count);
     return major_status;
 }
 #endif
index 82764a9939462fa1361558b90fdaaba70cd83830..5366effc10679a9267f5703540edeecb1ba4d7d0 100644 (file)
@@ -50,17 +50,17 @@ krb5_gss_unwrap(minor_status, context_handle,
 /* AEAD interface */
 OM_uint32
 krb5_gss_unwrap_iov(OM_uint32 *minor_status,
-                   gss_ctx_id_t context_handle,
-                   int *conf_state,
-                   gss_qop_t *qop_state,
-                   gss_iov_buffer_desc *iov,
-                   int iov_count)
+                    gss_ctx_id_t context_handle,
+                    int *conf_state,
+                    gss_qop_t *qop_state,
+                    gss_iov_buffer_desc *iov,
+                    int iov_count)
 {
     OM_uint32 major_status;
 
     major_status = kg_unseal_iov(minor_status, context_handle,
-                                conf_state, qop_state,
-                                iov, iov_count, KG_TOK_WRAP_MSG);
+                                 conf_state, qop_state,
+                                 iov, iov_count, KG_TOK_WRAP_MSG);
 
     return major_status;
 }
index 8dcf75129296d0ad9b4de3d5ae8611474f30ca7e..fc6c849c95c63e7551958753ef2d1c8a199ea641 100644 (file)
@@ -110,15 +110,15 @@ cleanup:
 
 krb5_error_code
 kg_make_checksum_iov_v1(krb5_context context,
-                       krb5_cksumtype type,
-                       size_t cksum_len,
-                       krb5_keyblock *seq,
-                       krb5_keyblock *enc,
-                       krb5_keyusage sign_usage,
-                       gss_iov_buffer_desc *iov,
-                       int iov_count,
-                       int toktype,
-                       krb5_checksum *checksum)
+                        krb5_cksumtype type,
+                        size_t cksum_len,
+                        krb5_keyblock *seq,
+                        krb5_keyblock *enc,
+                        krb5_keyusage sign_usage,
+                        gss_iov_buffer_desc *iov,
+                        int iov_count,
+                        int toktype,
+                        krb5_checksum *checksum)
 {
     krb5_error_code code;
     gss_iov_buffer_desc *header;
@@ -133,19 +133,19 @@ kg_make_checksum_iov_v1(krb5_context context,
     kiov_count = 3 + iov_count;
     kiov = (krb5_crypto_iov *)xmalloc(kiov_count * sizeof(krb5_crypto_iov));
     if (kiov == NULL)
-       return ENOMEM;
+        return ENOMEM;
 
     /* Checksum over ( Header | Confounder | Data | Pad ) */
     if (toktype == KG_TOK_WRAP_MSG)
-       conf_len = kg_confounder_size(context, (krb5_keyblock *)enc);
+        conf_len = kg_confounder_size(context, (krb5_keyblock *)enc);
 
     /* Checksum output */
     kiov[i].flags = KRB5_CRYPTO_TYPE_CHECKSUM;
     kiov[i].data.length = checksum->length;
     kiov[i].data.data = xmalloc(checksum->length);
     if (kiov[i].data.data == NULL) {
-       xfree(kiov);
-       return ENOMEM;
+        xfree(kiov);
+        return ENOMEM;
     }
     i++;
 
@@ -160,25 +160,25 @@ kg_make_checksum_iov_v1(krb5_context context,
 
     /* Confounder */
     if (toktype == KG_TOK_WRAP_MSG) {
-       kiov[i].flags = KRB5_CRYPTO_TYPE_DATA;
-       kiov[i].data.length = conf_len;
-       kiov[i].data.data = (char *)header->buffer.value + header->buffer.length - conf_len;
-       i++;
+        kiov[i].flags = KRB5_CRYPTO_TYPE_DATA;
+        kiov[i].data.length = conf_len;
+        kiov[i].data.data = (char *)header->buffer.value + header->buffer.length - conf_len;
+        i++;
     }
 
     for (j = 0; j < iov_count; j++) {
-       kiov[i].flags = kg_translate_flag_iov(iov[j].type);
-       kiov[i].data.length = iov[j].buffer.length;
-       kiov[i].data.data = (char *)iov[j].buffer.value;
-       i++;
+        kiov[i].flags = kg_translate_flag_iov(iov[j].type);
+        kiov[i].data.length = iov[j].buffer.length;
+        kiov[i].data.data = (char *)iov[j].buffer.value;
+        i++;
     }
 
     code = krb5_c_make_checksum_iov(context, type, seq, sign_usage, kiov, kiov_count);
     if (code == 0) {
-       checksum->length = kiov[0].data.length;
-       checksum->contents = (unsigned char *)kiov[0].data.data;
+        checksum->length = kiov[0].data.length;
+        checksum->contents = (unsigned char *)kiov[0].data.data;
     } else
-       free(kiov[0].data.data);
+        free(kiov[0].data.data);
 
     xfree(kiov);
 
@@ -187,14 +187,14 @@ kg_make_checksum_iov_v1(krb5_context context,
 
 static krb5_error_code
 checksum_iov_v3(krb5_context context,
-               krb5_cksumtype type,
-               size_t rrc,
-               krb5_keyblock *key,
-               krb5_keyusage sign_usage,
-               gss_iov_buffer_desc *iov,
-               int iov_count,
-               krb5_boolean verify,
-               krb5_boolean *valid)
+                krb5_cksumtype type,
+                size_t rrc,
+                krb5_keyblock *key,
+                krb5_keyusage sign_usage,
+                gss_iov_buffer_desc *iov,
+                int iov_count,
+                krb5_boolean verify,
+                krb5_boolean *valid)
 {
     krb5_error_code code;
     gss_iov_buffer_desc *header;
@@ -205,11 +205,11 @@ checksum_iov_v3(krb5_context context,
     unsigned int k5_checksumlen;
 
     if (verify)
-       *valid = FALSE;
+        *valid = FALSE;
 
     code = krb5_c_crypto_length(context, key->enctype, KRB5_CRYPTO_TYPE_CHECKSUM, &k5_checksumlen);
     if (code != 0)
-       return code;
+        return code;
 
     header = kg_locate_iov(iov, iov_count, GSS_IOV_BUFFER_TYPE_HEADER);
     assert(header != NULL);
@@ -218,26 +218,26 @@ checksum_iov_v3(krb5_context context,
     assert(rrc != 0 || trailer != NULL);
 
     if (trailer == NULL) {
-       if (rrc != k5_checksumlen)
-           return KRB5_BAD_MSIZE;
-       if (header->buffer.length != 16 + k5_checksumlen)
-           return KRB5_BAD_MSIZE;
+        if (rrc != k5_checksumlen)
+            return KRB5_BAD_MSIZE;
+        if (header->buffer.length != 16 + k5_checksumlen)
+            return KRB5_BAD_MSIZE;
     } else if (trailer->buffer.length != k5_checksumlen)
-       return KRB5_BAD_MSIZE;
+        return KRB5_BAD_MSIZE;
 
     kiov_count = 2 + iov_count;
     kiov = (krb5_crypto_iov *)xmalloc(kiov_count * sizeof(krb5_crypto_iov));
     if (kiov == NULL)
-       return ENOMEM;
+        return ENOMEM;
 
     /* Checksum over ( Data | Header ) */
 
     /* Data */
     for (j = 0; j < iov_count; j++) {
-       kiov[i].flags = kg_translate_flag_iov(iov[j].type);
-       kiov[i].data.length = iov[j].buffer.length;
-       kiov[i].data.data = (char *)iov[j].buffer.value;
-       i++;
+        kiov[i].flags = kg_translate_flag_iov(iov[j].type);
+        kiov[i].data.length = iov[j].buffer.length;
+        kiov[i].data.data = (char *)iov[j].buffer.value;
+        i++;
     }
 
     /* Header */
@@ -249,18 +249,18 @@ checksum_iov_v3(krb5_context context,
     /* Checksum */
     kiov[i].flags = KRB5_CRYPTO_TYPE_CHECKSUM;
     if (trailer == NULL) {
-       kiov[i].data.length = header->buffer.length - 16;
-       kiov[i].data.data = (char *)header->buffer.value + 16;
+        kiov[i].data.length = header->buffer.length - 16;
+        kiov[i].data.data = (char *)header->buffer.value + 16;
     } else {
-       kiov[i].data.length = trailer->buffer.length;
-       kiov[i].data.data = (char *)trailer->buffer.value;
+        kiov[i].data.length = trailer->buffer.length;
+        kiov[i].data.data = (char *)trailer->buffer.value;
     }
     i++;
 
     if (verify)
-       code = krb5_c_verify_checksum_iov(context, type, key, sign_usage, kiov, kiov_count, valid);
+        code = krb5_c_verify_checksum_iov(context, type, key, sign_usage, kiov, kiov_count, valid);
     else
-       code = krb5_c_make_checksum_iov(context, type, key, sign_usage, kiov, kiov_count);
+        code = krb5_c_make_checksum_iov(context, type, key, sign_usage, kiov, kiov_count);
 
     xfree(kiov);
 
@@ -269,27 +269,27 @@ checksum_iov_v3(krb5_context context,
 
 krb5_error_code
 kg_make_checksum_iov_v3(krb5_context context,
-                       krb5_cksumtype type,
-                       size_t rrc,
-                       krb5_keyblock *key,
-                       krb5_keyusage sign_usage,
-                       gss_iov_buffer_desc *iov,
-                       int iov_count)
+                        krb5_cksumtype type,
+                        size_t rrc,
+                        krb5_keyblock *key,
+                        krb5_keyusage sign_usage,
+                        gss_iov_buffer_desc *iov,
+                        int iov_count)
 {
     return checksum_iov_v3(context, type, rrc, key,
-                          sign_usage, iov, iov_count, 0, NULL);
+                           sign_usage, iov, iov_count, 0, NULL);
 }
 
 krb5_error_code
 kg_verify_checksum_iov_v3(krb5_context context,
-                         krb5_cksumtype type,
-                         size_t rrc,
-                         krb5_keyblock *key,
-                         krb5_keyusage sign_usage,
-                         gss_iov_buffer_desc *iov,
-                         int iov_count,
-                         krb5_boolean *valid)
+                          krb5_cksumtype type,
+                          size_t rrc,
+                          krb5_keyblock *key,
+                          krb5_keyusage sign_usage,
+                          gss_iov_buffer_desc *iov,
+                          int iov_count,
+                          krb5_boolean *valid)
 {
     return checksum_iov_v3(context, type, rrc, key,
-                          sign_usage, iov, iov_count, 1, valid);
+                           sign_usage, iov, iov_count, 1, valid);
 }
index e2f306e979aed198afc9a25ef661b0f2d4f3bd4f..4932bd98cab63aa8e0c7aa49dc64def278a5c9f6 100644 (file)
@@ -58,37 +58,37 @@ const char const kg_arcfour_l40[] = "fortybits";
 
 static krb5_error_code
 kg_copy_keys(krb5_context context,
-            krb5_gss_ctx_id_rec *ctx,
-            krb5_keyblock *subkey)
+             krb5_gss_ctx_id_rec *ctx,
+             krb5_keyblock *subkey)
 {
     krb5_error_code code;
 
     if (ctx->enc != NULL) {
-       krb5_free_keyblock(context, ctx->enc);
-       ctx->enc = NULL;
+        krb5_free_keyblock(context, ctx->enc);
+        ctx->enc = NULL;
     }
 
     code = krb5_copy_keyblock(context, subkey, &ctx->enc);
     if (code != 0)
-       return code;
+        return code;
 
     if (ctx->seq != NULL) {
-       krb5_free_keyblock(context, ctx->seq);
-       ctx->seq = NULL;
+        krb5_free_keyblock(context, ctx->seq);
+        ctx->seq = NULL;
     }
 
     code = krb5_copy_keyblock(context, subkey, &ctx->seq);
     if (code != 0)
-       return code;
+        return code;
 
     return 0;
 }
 
 krb5_error_code
 kg_setup_keys(krb5_context context,
-             krb5_gss_ctx_id_rec *ctx,
-             krb5_keyblock *subkey,
-             krb5_cksumtype *cksumtype)
+              krb5_gss_ctx_id_rec *ctx,
+              krb5_keyblock *subkey,
+              krb5_cksumtype *cksumtype)
 {
     krb5_error_code code;
     unsigned int i;
@@ -101,61 +101,61 @@ kg_setup_keys(krb5_context context,
     ctx->proto = 0;
 
     if (ctx->enc == NULL) {
-       ctx->signalg = -1;
-       ctx->sealalg = -1;
+        ctx->signalg = -1;
+        ctx->sealalg = -1;
     }
         
     code = krb5int_accessor(&kaccess, KRB5INT_ACCESS_VERSION);
     if (code != 0)
-       return code;
+        return code;
 
     code = (*kaccess.krb5int_c_mandatory_cksumtype)(context, subkey->enctype,
-                                                   cksumtype);
+                                                    cksumtype);
     if (code != 0)
-       return code;
+        return code;
 
     switch (subkey->enctype) {
     case ENCTYPE_DES_CBC_MD5:
     case ENCTYPE_DES_CBC_MD4:
     case ENCTYPE_DES_CBC_CRC:
-       code = kg_copy_keys(context, ctx, subkey);
-       if (code != 0)
-           return code;
-
-       ctx->enc->enctype = ENCTYPE_DES_CBC_RAW;
-       ctx->seq->enctype = ENCTYPE_DES_CBC_RAW;
-       ctx->signalg = SGN_ALG_DES_MAC_MD5;
-       ctx->cksum_size = 8;
-       ctx->sealalg = SEAL_ALG_DES;
-
-       for (i = 0; i < ctx->enc->length; i++)
-           /*SUPPRESS 113*/
-           ctx->enc->contents[i] ^= 0xF0;
-       break;
+        code = kg_copy_keys(context, ctx, subkey);
+        if (code != 0)
+            return code;
+
+        ctx->enc->enctype = ENCTYPE_DES_CBC_RAW;
+        ctx->seq->enctype = ENCTYPE_DES_CBC_RAW;
+        ctx->signalg = SGN_ALG_DES_MAC_MD5;
+        ctx->cksum_size = 8;
+        ctx->sealalg = SEAL_ALG_DES;
+
+        for (i = 0; i < ctx->enc->length; i++)
+            /*SUPPRESS 113*/
+            ctx->enc->contents[i] ^= 0xF0;
+        break;
     case ENCTYPE_DES3_CBC_SHA1:
-       code = kg_copy_keys(context, ctx, subkey);
-       if (code != 0)
-           return code;
-
-       ctx->enc->enctype = ENCTYPE_DES3_CBC_RAW;
-       ctx->seq->enctype = ENCTYPE_DES3_CBC_RAW;
-       ctx->signalg = SGN_ALG_HMAC_SHA1_DES3_KD;
-       ctx->cksum_size = 20;
-       ctx->sealalg = SEAL_ALG_DES3KD;
-       break;
+        code = kg_copy_keys(context, ctx, subkey);
+        if (code != 0)
+            return code;
+
+        ctx->enc->enctype = ENCTYPE_DES3_CBC_RAW;
+        ctx->seq->enctype = ENCTYPE_DES3_CBC_RAW;
+        ctx->signalg = SGN_ALG_HMAC_SHA1_DES3_KD;
+        ctx->cksum_size = 20;
+        ctx->sealalg = SEAL_ALG_DES3KD;
+        break;
     case ENCTYPE_ARCFOUR_HMAC:
     case ENCTYPE_ARCFOUR_HMAC_EXP:
-       code = kg_copy_keys(context, ctx, subkey);
-       if (code != 0)
-           return code;
-
-       ctx->signalg = SGN_ALG_HMAC_MD5;
-       ctx->cksum_size = 8;
-       ctx->sealalg = SEAL_ALG_MICROSOFT_RC4;
-       break;
+        code = kg_copy_keys(context, ctx, subkey);
+        if (code != 0)
+            return code;
+
+        ctx->signalg = SGN_ALG_HMAC_MD5;
+        ctx->cksum_size = 8;
+        ctx->sealalg = SEAL_ALG_MICROSOFT_RC4;
+        break;
     default:
-       ctx->proto = 1;
-       break;
+        ctx->proto = 1;
+        break;
     }
 
     return 0;
@@ -170,7 +170,7 @@ kg_confounder_size(context, key)
     size_t blocksize;
     /* We special case rc4*/
     if (key->enctype == ENCTYPE_ARCFOUR_HMAC ||
-       key->enctype == ENCTYPE_ARCFOUR_HMAC_EXP)
+        key->enctype == ENCTYPE_ARCFOUR_HMAC_EXP)
         return 8;
     code = krb5_c_block_size(context, key->enctype, &blocksize);
     if (code)
@@ -190,7 +190,7 @@ kg_make_confounder(context, key, buf)
 
     confsize = kg_confounder_size(context, key);
     if (confsize < 0)
-       return KRB5_BAD_MSIZE;
+        return KRB5_BAD_MSIZE;
 
     lrandom.length = confsize;
     lrandom.data = (char *)buf;
@@ -314,8 +314,8 @@ kg_arcfour_docrypt (const krb5_keyblock *longterm_key , int ms_usage,
         goto cleanup_arcfour;
 
     if (exportable) {
-       memcpy(t, kg_arcfour_l40, sizeof(kg_arcfour_l40));
-       i += sizeof(kg_arcfour_l40);
+        memcpy(t, kg_arcfour_l40, sizeof(kg_arcfour_l40));
+        i += sizeof(kg_arcfour_l40);
     }
     t[i++] = ms_usage &0xff;
     t[i++] = (ms_usage>>8) & 0xff;
@@ -330,7 +330,7 @@ kg_arcfour_docrypt (const krb5_keyblock *longterm_key , int ms_usage,
     if (code)
         goto cleanup_arcfour;
     if (exportable)
-       memset(usage_key.contents + 7, 0xab, 9);
+        memset(usage_key.contents + 7, 0xab, 9);
 
     input.data = ( void *) kd_data;
     input.length = kd_data_len;
@@ -380,7 +380,7 @@ kg_translate_iov_v1(context, key, iov, iov_count, pkiov, pkiov_count)
     assert(header != NULL);
 
     if (header->buffer.length < conf_len)
-       return KRB5_BAD_MSIZE;
+        return KRB5_BAD_MSIZE;
 
     trailer = kg_locate_iov(iov, iov_count, GSS_IOV_BUFFER_TYPE_TRAILER);
     assert(trailer == NULL || trailer->buffer.length == 0);
@@ -388,7 +388,7 @@ kg_translate_iov_v1(context, key, iov, iov_count, pkiov, pkiov_count)
     kiov_count = 3 + iov_count;
     kiov = (krb5_crypto_iov *)malloc(kiov_count * sizeof(krb5_crypto_iov));
     if (kiov == NULL)
-       return ENOMEM;
+        return ENOMEM;
 
     /* For pre-CFX (raw enctypes) there is no krb5 header */
     kiov[i].flags = KRB5_CRYPTO_TYPE_HEADER;
@@ -403,13 +403,13 @@ kg_translate_iov_v1(context, key, iov, iov_count, pkiov, pkiov_count)
     i++;
 
     for (j = 0; j < iov_count; j++) {
-       kiov[i].flags = kg_translate_flag_iov(iov[j].type);
-       if (kiov[i].flags == KRB5_CRYPTO_TYPE_EMPTY)
-           continue;
+        kiov[i].flags = kg_translate_flag_iov(iov[j].type);
+        if (kiov[i].flags == KRB5_CRYPTO_TYPE_EMPTY)
+            continue;
 
-       kiov[i].data.length = iov[j].buffer.length;
-       kiov[i].data.data = (char *)iov[j].buffer.value;
-       i++;
+        kiov[i].data.length = iov[j].buffer.length;
+        kiov[i].data.data = (char *)iov[j].buffer.value;
+        i++;
     }
 
     kiov[i].flags = KRB5_CRYPTO_TYPE_TRAILER;
@@ -426,9 +426,9 @@ kg_translate_iov_v1(context, key, iov, iov_count, pkiov, pkiov_count)
 static krb5_error_code
 kg_translate_iov_v3(context, dce_style, ec, rrc, key, iov, iov_count, pkiov, pkiov_count)
     krb5_context context;
-    int dce_style;             /* DCE_STYLE indicates actual RRC is EC + RRC */
-    size_t ec;                 /* Extra rotate count for DCE_STYLE, pad length otherwise */
-    size_t rrc;                        /* Rotate count */
+    int dce_style;              /* DCE_STYLE indicates actual RRC is EC + RRC */
+    size_t ec;                  /* Extra rotate count for DCE_STYLE, pad length otherwise */
+    size_t rrc;                 /* Rotate count */
     const krb5_keyblock *key;
     gss_iov_buffer_desc *iov;
     int iov_count;
@@ -455,11 +455,11 @@ kg_translate_iov_v3(context, dce_style, ec, rrc, key, iov, iov_count, pkiov, pki
 
     code = krb5_c_crypto_length(context, key->enctype, KRB5_CRYPTO_TYPE_HEADER, &k5_headerlen);
     if (code != 0)
-       return code;
+        return code;
 
     code = krb5_c_crypto_length(context, key->enctype, KRB5_CRYPTO_TYPE_TRAILER, &k5_trailerlen);
     if (code != 0)
-       return code;
+        return code;
 
     /* Check header and trailer sizes */
     gss_headerlen = 16 /* GSS-Header */ + k5_headerlen; /* Kerb-Header */
@@ -467,28 +467,28 @@ kg_translate_iov_v3(context, dce_style, ec, rrc, key, iov, iov_count, pkiov, pki
 
     /* If we're caller without a trailer, we must rotate by trailer length */
     if (trailer == NULL) {
-       size_t actual_rrc = rrc;
+        size_t actual_rrc = rrc;
 
-       if (dce_style)
-           actual_rrc += ec; /* compensate for Windows bug */
+        if (dce_style)
+            actual_rrc += ec; /* compensate for Windows bug */
 
-       if (actual_rrc != gss_trailerlen)
-           return KRB5_BAD_MSIZE;
+        if (actual_rrc != gss_trailerlen)
+            return KRB5_BAD_MSIZE;
 
-       gss_headerlen += gss_trailerlen;
-       gss_trailerlen = 0;
+        gss_headerlen += gss_trailerlen;
+        gss_trailerlen = 0;
     } else {
-       if (trailer->buffer.length != gss_trailerlen)
-           return KRB5_BAD_MSIZE;
+        if (trailer->buffer.length != gss_trailerlen)
+            return KRB5_BAD_MSIZE;
     }
 
     if (header->buffer.length != gss_headerlen)
-       return KRB5_BAD_MSIZE;
+        return KRB5_BAD_MSIZE;
 
     kiov_count = 3 + iov_count;
     kiov = (krb5_crypto_iov *)malloc(kiov_count * sizeof(krb5_crypto_iov));
     if (kiov == NULL)
-       return ENOMEM;
+        return ENOMEM;
 
     /*
      * The krb5 header is located at the end of the GSS header.
@@ -499,13 +499,13 @@ kg_translate_iov_v3(context, dce_style, ec, rrc, key, iov, iov_count, pkiov, pki
     i++;
 
     for (j = 0; j < iov_count; j++) {
-       kiov[i].flags = kg_translate_flag_iov(iov[j].type);
-       if (kiov[i].flags == KRB5_CRYPTO_TYPE_EMPTY)
-           continue;
+        kiov[i].flags = kg_translate_flag_iov(iov[j].type);
+        if (kiov[i].flags == KRB5_CRYPTO_TYPE_EMPTY)
+            continue;
 
-       kiov[i].data.length = iov[j].buffer.length;
-       kiov[i].data.data = (char *)iov[j].buffer.value;
-       i++;
+        kiov[i].data.length = iov[j].buffer.length;
+        kiov[i].data.data = (char *)iov[j].buffer.value;
+        i++;
     }
 
     /*
@@ -516,9 +516,9 @@ kg_translate_iov_v3(context, dce_style, ec, rrc, key, iov, iov_count, pkiov, pki
     kiov[i].flags = KRB5_CRYPTO_TYPE_DATA;
     kiov[i].data.length = ec + 16; /* E(Header) */
     if (trailer == NULL)
-       kiov[i].data.data = (char *)header->buffer.value + 16;
+        kiov[i].data.data = (char *)header->buffer.value + 16;
     else
-       kiov[i].data.data = (char *)trailer->buffer.value;
+        kiov[i].data.data = (char *)trailer->buffer.value;
     i++;
 
     /*
@@ -539,7 +539,7 @@ kg_translate_iov_v3(context, dce_style, ec, rrc, key, iov, iov_count, pkiov, pki
 static krb5_error_code
 kg_translate_iov(context, proto, dce_style, ec, rrc, key, iov, iov_count, pkiov, pkiov_count)
     krb5_context context;
-    int proto;                 /* 1 if CFX, 0 for pre-CFX */
+    int proto;                  /* 1 if CFX, 0 for pre-CFX */
     int dce_style;
     size_t ec;
     size_t rrc;
@@ -550,8 +550,8 @@ kg_translate_iov(context, proto, dce_style, ec, rrc, key, iov, iov_count, pkiov,
     size_t *pkiov_count;
 {
     return proto ?
-       kg_translate_iov_v3(context, dce_style, ec, rrc, key, iov, iov_count, pkiov, pkiov_count) :
-       kg_translate_iov_v1(context, key, iov, iov_count, pkiov, pkiov_count);
+        kg_translate_iov_v3(context, dce_style, ec, rrc, key, iov, iov_count, pkiov, pkiov_count) :
+        kg_translate_iov_v1(context, key, iov, iov_count, pkiov, pkiov_count);
 }
 
 krb5_error_code
@@ -589,10 +589,10 @@ kg_encrypt_iov(context, proto, dce_style, ec, rrc, key, usage, iv, iov, iov_coun
     }
 
     code = kg_translate_iov(context, proto, dce_style, ec, rrc, key,
-                           iov, iov_count, &kiov, &kiov_count);
+                            iov, iov_count, &kiov, &kiov_count);
     if (code == 0) {
-       code = krb5_c_encrypt_iov(context, key, usage, pivd, kiov, kiov_count);
-       free(kiov);
+        code = krb5_c_encrypt_iov(context, key, usage, pivd, kiov, kiov_count);
+        free(kiov);
     }
 
     if (pivd != NULL)
@@ -638,10 +638,10 @@ kg_decrypt_iov(context, proto, dce_style, ec, rrc, key, usage, iv, iov, iov_coun
     }
 
     code = kg_translate_iov(context, proto, dce_style, ec, rrc, key,
-                           iov, iov_count, &kiov, &kiov_count);
+                            iov, iov_count, &kiov, &kiov_count);
     if (code == 0) {
-       code = krb5_c_decrypt_iov(context, key, usage, pivd, kiov, kiov_count);
-       free(kiov);
+        code = krb5_c_decrypt_iov(context, key, usage, pivd, kiov, kiov_count);
+        free(kiov);
     }
 
     if (pivd != NULL)
@@ -652,7 +652,7 @@ kg_decrypt_iov(context, proto, dce_style, ec, rrc, key, usage, iv, iov, iov_coun
 
 krb5_error_code
 kg_arcfour_docrypt_iov (krb5_context context,
-                       const krb5_keyblock *longterm_key , int ms_usage,
+                        const krb5_keyblock *longterm_key , int ms_usage,
                         const unsigned char *kd_data, size_t kd_data_len,
                         gss_iov_buffer_desc *iov, int iov_count)
 {
@@ -681,8 +681,8 @@ kg_arcfour_docrypt_iov (krb5_context context,
         goto cleanup_arcfour;
 
     if (exportable) {
-       memcpy(t, kg_arcfour_l40, sizeof(kg_arcfour_l40));
-       i += sizeof(kg_arcfour_l40);
+        memcpy(t, kg_arcfour_l40, sizeof(kg_arcfour_l40));
+        i += sizeof(kg_arcfour_l40);
     }
     t[i++] = ms_usage &0xff;
     t[i++] = (ms_usage>>8) & 0xff;
@@ -697,7 +697,7 @@ kg_arcfour_docrypt_iov (krb5_context context,
     if (code)
         goto cleanup_arcfour;
     if (exportable)
-       memset(usage_key.contents + 7, 0xab, 9);
+        memset(usage_key.contents + 7, 0xab, 9);
 
     input.data = ( void *) kd_data;
     input.length = kd_data_len;
@@ -708,10 +708,10 @@ kg_arcfour_docrypt_iov (krb5_context context,
         goto cleanup_arcfour;
 
     code = kg_translate_iov(context, 0 /* proto */, 0 /* dce_style */,
-                           0 /* ec */, 0 /* rrc */, longterm_key,
-                           iov, iov_count, &kiov, &kiov_count);
+                            0 /* ec */, 0 /* rrc */, longterm_key,
+                            iov, iov_count, &kiov, &kiov_count);
     if (code)
-       goto cleanup_arcfour;
+        goto cleanup_arcfour;
 
     code =  ((*kaccess.arcfour_enc_provider->encrypt_iov)(
                  &seq_enc_key, 0,
@@ -722,7 +722,7 @@ cleanup_arcfour:
     free ((void *) usage_key.contents);
     free ((void *) seq_enc_key.contents);
     if (kiov != NULL)
-       free(kiov);
+        free(kiov);
     return (code);
 }
 
@@ -734,14 +734,14 @@ kg_translate_flag_iov(OM_uint32 type)
     switch (GSS_IOV_BUFFER_TYPE(type)) {
     case GSS_IOV_BUFFER_TYPE_DATA:
     case GSS_IOV_BUFFER_TYPE_PADDING:
-       ktype = KRB5_CRYPTO_TYPE_DATA;
-       break;
+        ktype = KRB5_CRYPTO_TYPE_DATA;
+        break;
     case GSS_IOV_BUFFER_TYPE_SIGN_ONLY:
-       ktype = KRB5_CRYPTO_TYPE_SIGN_ONLY;
-       break;
+        ktype = KRB5_CRYPTO_TYPE_SIGN_ONLY;
+        break;
     default:
-       ktype = KRB5_CRYPTO_TYPE_EMPTY;
-       break;
+        ktype = KRB5_CRYPTO_TYPE_EMPTY;
+        break;
     }
 
     return ktype;
@@ -749,22 +749,22 @@ kg_translate_flag_iov(OM_uint32 type)
 
 gss_iov_buffer_t
 kg_locate_iov(gss_iov_buffer_desc *iov,
-             int iov_count,
-             OM_uint32 type)
+              int iov_count,
+              OM_uint32 type)
 {
     int i;
     gss_iov_buffer_t p = GSS_C_NO_IOV_BUFFER;
 
     if (iov == GSS_C_NO_IOV_BUFFER)
-       return GSS_C_NO_IOV_BUFFER;
+        return GSS_C_NO_IOV_BUFFER;
 
     for (i = iov_count - 1; i >= 0; i--) {
-       if (GSS_IOV_BUFFER_TYPE(iov[i].type) == type) {
-           if (p == GSS_C_NO_IOV_BUFFER)
-               p = &iov[i];
-           else
-               return GSS_C_NO_IOV_BUFFER;
-       }
+        if (GSS_IOV_BUFFER_TYPE(iov[i].type) == type) {
+            if (p == GSS_C_NO_IOV_BUFFER)
+                p = &iov[i];
+            else
+                return GSS_C_NO_IOV_BUFFER;
+        }
     }
 
     return p;
@@ -772,9 +772,9 @@ kg_locate_iov(gss_iov_buffer_desc *iov,
 
 void
 kg_iov_msglen(gss_iov_buffer_desc *iov,
-             int iov_count,
-             size_t *data_length_p,
-             size_t *assoc_data_length_p)
+              int iov_count,
+              size_t *data_length_p,
+              size_t *assoc_data_length_p)
 {
     int i;
     size_t data_length = 0, assoc_data_length = 0;
@@ -784,14 +784,14 @@ kg_iov_msglen(gss_iov_buffer_desc *iov,
     *data_length_p = *assoc_data_length_p = 0;
 
     for (i = 0; i < iov_count; i++) {
-       OM_uint32 type = GSS_IOV_BUFFER_TYPE(iov[i].type);
+        OM_uint32 type = GSS_IOV_BUFFER_TYPE(iov[i].type);
 
-       if (type == GSS_IOV_BUFFER_TYPE_SIGN_ONLY)
-           assoc_data_length += iov[i].buffer.length;
+        if (type == GSS_IOV_BUFFER_TYPE_SIGN_ONLY)
+            assoc_data_length += iov[i].buffer.length;
 
-       if (type == GSS_IOV_BUFFER_TYPE_DATA ||
-           type == GSS_IOV_BUFFER_TYPE_SIGN_ONLY)
-           data_length += iov[i].buffer.length;
+        if (type == GSS_IOV_BUFFER_TYPE_DATA ||
+            type == GSS_IOV_BUFFER_TYPE_SIGN_ONLY)
+            data_length += iov[i].buffer.length;
     }
 
     *data_length_p = data_length;
@@ -807,17 +807,17 @@ kg_release_iov(gss_iov_buffer_desc *iov, int iov_count)
     assert(iov != GSS_C_NO_IOV_BUFFER);
 
     for (i = 0; i < iov_count; i++) {
-       if (iov[i].type & GSS_IOV_BUFFER_FLAG_ALLOCATED) {
-           gss_release_buffer(&min_stat, &iov[i].buffer);
-           iov[i].type &= ~(GSS_IOV_BUFFER_FLAG_ALLOCATED);
-       }
+        if (iov[i].type & GSS_IOV_BUFFER_FLAG_ALLOCATED) {
+            gss_release_buffer(&min_stat, &iov[i].buffer);
+            iov[i].type &= ~(GSS_IOV_BUFFER_FLAG_ALLOCATED);
+        }
     }
 }
 
 OM_uint32
 kg_fixup_padding_iov(OM_uint32 *minor_status,
-                    gss_iov_buffer_desc *iov,
-                    int iov_count)
+                     gss_iov_buffer_desc *iov,
+                     int iov_count)
 {
     gss_iov_buffer_t padding = NULL;
     gss_iov_buffer_t data = NULL;
@@ -829,13 +829,13 @@ kg_fixup_padding_iov(OM_uint32 *minor_status,
     padding = kg_locate_iov(iov, iov_count, GSS_IOV_BUFFER_TYPE_PADDING);
 
     if (data == NULL) {
-       *minor_status = 0;
-       return GSS_S_COMPLETE;
+        *minor_status = 0;
+        return GSS_S_COMPLETE;
     }
 
     if (padding == NULL || padding->buffer.length == 0) {
-       *minor_status = EINVAL;
-       return GSS_S_FAILURE;
+        *minor_status = EINVAL;
+        return GSS_S_FAILURE;
     }
 
     p = (unsigned char *)padding->buffer.value;
@@ -843,8 +843,8 @@ kg_fixup_padding_iov(OM_uint32 *minor_status,
 
     if (data->buffer.length + padding->buffer.length < padlength ||
         padlength == 0) {
-       *minor_status = (OM_uint32)KRB5_BAD_MSIZE;
-       return GSS_S_DEFECTIVE_TOKEN;
+        *minor_status = (OM_uint32)KRB5_BAD_MSIZE;
+        return GSS_S_DEFECTIVE_TOKEN;
     }
 
     /*
@@ -860,15 +860,15 @@ kg_fixup_padding_iov(OM_uint32 *minor_status,
      *
      * eg. if the buffers are structured as follows:
      *
-     *     +---DATA---+-PAD-+
-     *     | ABCDE444 | 4   |
-     *     +----------+-----+
+     *      +---DATA---+-PAD-+
+     *      | ABCDE444 | 4   |
+     *      +----------+-----+
      *
      * after compensation they would look like:
      *
-     *     +-DATA--+-PAD--+
-     *     | ABCDE | NULL |
-     *     +-------+------+
+     *      +-DATA--+-PAD--+
+     *      | ABCDE | NULL |
+     *      +-------+------+
      */
     relative_padlength = padlength - padding->buffer.length;
 
@@ -877,8 +877,8 @@ kg_fixup_padding_iov(OM_uint32 *minor_status,
     data->buffer.length -= relative_padlength;
 
     if (padding->type & GSS_IOV_BUFFER_FLAG_ALLOCATED) {
-       gss_release_buffer(&minor, &padding->buffer);
-       padding->type &= ~(GSS_IOV_BUFFER_FLAG_ALLOCATED);
+        gss_release_buffer(&minor, &padding->buffer);
+        padding->type &= ~(GSS_IOV_BUFFER_FLAG_ALLOCATED);
     }
 
     padding->buffer.length = 0;
@@ -896,7 +896,7 @@ int kg_map_toktype(int proto, int toktype)
         case KG_TOK_SIGN_MSG:
             toktype2 = KG2_TOK_MIC_MSG;
             break;
-       case KG_TOK_WRAP_MSG:
+        case KG_TOK_WRAP_MSG:
             toktype2 = KG2_TOK_WRAP_MSG;
             break;
         case KG_TOK_DEL_CTX:
@@ -920,10 +920,10 @@ krb5_boolean kg_integ_only_iov(gss_iov_buffer_desc *iov, int iov_count)
     assert(iov != GSS_C_NO_IOV_BUFFER);
 
     for (i = 0; i < iov_count; i++) {
-       if (GSS_IOV_BUFFER_TYPE(iov[i].type) == GSS_IOV_BUFFER_TYPE_DATA) {
-           has_conf_data = TRUE;
-           break;
-       }
+        if (GSS_IOV_BUFFER_TYPE(iov[i].type) == GSS_IOV_BUFFER_TYPE_DATA) {
+            has_conf_data = TRUE;
+            break;
+        }
     }
 
     return (has_conf_data == FALSE);
@@ -937,8 +937,8 @@ krb5_error_code kg_allocate_iov(gss_iov_buffer_t iov, size_t size)
     iov->buffer.length = size;
     iov->buffer.value = xmalloc(size);
     if (iov->buffer.value == NULL) {
-       iov->buffer.length = 0;
-       return ENOMEM;
+        iov->buffer.length = 0;
+        return ENOMEM;
     }
 
     iov->type |= GSS_IOV_BUFFER_FLAG_ALLOCATED;
index 17d49a587241a4db6948c45d81d1f935f8899824..b559f5e088b8658b17173e2260d4ae19641207b4 100644 (file)
@@ -40,12 +40,12 @@ kg_make_seed(context, key, seed)
 
     code = krb5_copy_keyblock(context, key, &tmpkey);
     if (code)
-       return(code);
+        return(code);
 
     /* reverse the key bytes, as per spec */
 
     for (i=0; i<tmpkey->length; i++)
-       tmpkey->contents[i] = key->contents[key->length - 1 - i];
+        tmpkey->contents[i] = key->contents[key->length - 1 - i];
 
     code = kg_encrypt(context, tmpkey, KG_USAGE_SEAL, NULL, zeros, seed, 16);
 
index d5d7ffa57d8f0346abeb3087d82b2d1b5f4e96ee..372cb62a9116dfa406831665d6d105e8e8133607 100644 (file)
@@ -45,7 +45,7 @@ kg_make_seq_num(context, key, direction, seqnum, cksum, buf)
     plain[6] = direction;
     plain[7] = direction;
     if (key->enctype == ENCTYPE_ARCFOUR_HMAC ||
-       key->enctype == ENCTYPE_ARCFOUR_HMAC_EXP) {
+        key->enctype == ENCTYPE_ARCFOUR_HMAC_EXP) {
         /* Yes, Microsoft used big-endian sequence number.*/
         plain[0] = (seqnum>>24) & 0xff;
         plain[1] = (seqnum>>16) & 0xff;
@@ -78,7 +78,7 @@ krb5_error_code kg_get_seq_num(context, key, cksum, buf, direction, seqnum)
     unsigned char plain[8];
 
     if (key->enctype == ENCTYPE_ARCFOUR_HMAC ||
-       key->enctype == ENCTYPE_ARCFOUR_HMAC_EXP) {
+        key->enctype == ENCTYPE_ARCFOUR_HMAC_EXP) {
         code = kg_arcfour_docrypt (key, 0,
                                    cksum, 8,
                                    buf, 8,
@@ -96,7 +96,7 @@ krb5_error_code kg_get_seq_num(context, key, cksum, buf, direction, seqnum)
 
     *direction = plain[4];
     if (key->enctype == ENCTYPE_ARCFOUR_HMAC ||
-       key->enctype == ENCTYPE_ARCFOUR_HMAC_EXP) {
+        key->enctype == ENCTYPE_ARCFOUR_HMAC_EXP) {
         *seqnum = (plain[3]|(plain[2]<<8) | (plain[1]<<16)| (plain[0]<<24));
     } else {
         *seqnum = ((plain[0]) |
index 31e8ff29616868e360033d4c72e3f0107a788c9f..033a489b725bd8a9bd8bc9b84e80763ebc0af3e7 100644 (file)
@@ -49,16 +49,16 @@ krb5_gss_verify_mic(minor_status, context_handle,
 #if 0
 OM_uint32
 krb5_gss_verify_mic_iov(OM_uint32 *minor_status,
-                       gss_ctx_id_t context_handle,
-                       gss_qop_t *qop_state,
-                       gss_iov_buffer_desc *iov,
-                       int iov_count)
+                        gss_ctx_id_t context_handle,
+                        gss_qop_t *qop_state,
+                        gss_iov_buffer_desc *iov,
+                        int iov_count)
 {
     OM_uint32 major_status;
 
     major_status = kg_unseal_iov(minor_status, context_handle,
-                                NULL, qop_state,
-                                iov, iov_count, KG_TOK_WRAP_MSG);
+                                 NULL, qop_state,
+                                 iov, iov_count, KG_TOK_WRAP_MSG);
 
     return major_status;
 }
index 59e876187374dca6720f32a80dd6d83bbcc8793b..7fa9c44d6684eef3f3e1ee94d30935a18dd0107b 100644 (file)
@@ -114,10 +114,10 @@ krb5_gss_wrap_size_limit(minor_status, context_handle, conf_req_flag,
 
         /* Token header: 16 octets.  */
         if (conf_req_flag) {
-           krb5_enctype enctype;
+            krb5_enctype enctype;
 
-           enctype = ctx->have_acceptor_subkey ? ctx->acceptor_subkey->enctype
-                                               : ctx->subkey->enctype;
+            enctype = ctx->have_acceptor_subkey ? ctx->acceptor_subkey->enctype
+                                                : ctx->subkey->enctype;
 
             while (sz > 0 && krb5_encrypt_size(sz, enctype) + 16 > req_output_size)
                 sz--;
@@ -135,18 +135,18 @@ krb5_gss_wrap_size_limit(minor_status, context_handle, conf_req_flag,
                 sz = 0;
 #endif
         } else {
-           krb5_cksumtype cksumtype;
-           krb5_error_code err;
-           size_t cksumsize;
-
-           cksumtype = ctx->have_acceptor_subkey ? ctx->acceptor_subkey_cksumtype
-                                                 : ctx->cksumtype;
-
-           err = krb5_c_checksum_length(ctx->k5_context, cksumtype, &cksumsize);
-           if (err) {
-               *minor_status = err;
-               return GSS_S_FAILURE;
-           }
+            krb5_cksumtype cksumtype;
+            krb5_error_code err;
+            size_t cksumsize;
+
+            cksumtype = ctx->have_acceptor_subkey ? ctx->acceptor_subkey_cksumtype
+                                                  : ctx->cksumtype;
+
+            err = krb5_c_checksum_length(ctx->k5_context, cksumtype, &cksumsize);
+            if (err) {
+                *minor_status = err;
+                return GSS_S_FAILURE;
+            }
 
             /* Allow for token header and checksum.  */
             if (sz < 16 + cksumsize)
index 3e8bac4c6d6db81517a5817ddc6ead359b82f4d0..b90a369d678bf137c3a63c3b5862fa94aea784a6 100644 (file)
@@ -61,7 +61,7 @@
 
 
 asn1_error_code asn1_decode_boolean
-       (asn1buf *buf, unsigned int *val);
+        (asn1buf *buf, unsigned int *val);
 asn1_error_code asn1_decode_integer
         (asn1buf *buf, long *val);
 asn1_error_code asn1_decode_unsigned_integer
index c4cc674e02e52cc0cdc6bb4edbbe59916dd17424..d7954649397fe09cd7002befa653be8b0149d6b7 100644 (file)
@@ -31,7 +31,7 @@
 #include "asn1_make.h"
 
 asn1_error_code asn1_encode_boolean(asn1buf *buf, asn1_intmax val,
-                                   unsigned int *retlen)
+                                    unsigned int *retlen)
 {
     asn1_error_code retval;
     unsigned int length = 0;
@@ -321,10 +321,10 @@ asn1_error_code asn1_encode_opaque(asn1buf *buf, unsigned int len,
    correct byte order, in an allocated krb5_data.  */
 
 #ifdef POINTERS_ARE_ALL_THE_SAME
-#define LOADPTR(PTR,TYPE)      \
+#define LOADPTR(PTR,TYPE)       \
     (assert((TYPE)->loadptr != NULL), (TYPE)->loadptr(PTR))
 #else
-#define LOADPTR(PTR,TYPE)      \
+#define LOADPTR(PTR,TYPE)       \
     (*(const void *const *)(PTR))
 #endif
 
index 94ab67fe4e9ea662fbebc2eeb616ca457674af5e..289b98db10b192a3c6ba6ac31e635deb8568aa07 100644 (file)
@@ -52,7 +52,7 @@
 */
 
 asn1_error_code asn1_encode_boolean
-       (asn1buf *buf, asn1_intmax val, unsigned int *retlen);
+        (asn1buf *buf, asn1_intmax val, unsigned int *retlen);
 asn1_error_code asn1_encode_integer
         (asn1buf *buf, asn1_intmax val, unsigned int *retlen);
 /* requires  *buf is allocated
index b4dbd2fe84c83d0e4b88d377c49e6accdd22552f..035aff17eaec7c4f4eb96c0c3b1b5e5be0d0fe5a 100644 (file)
@@ -1193,13 +1193,13 @@ asn1_error_code asn1_decode_setpw_req(asn1buf *buf, krb5_data *newpasswd, krb5_p
     *principal = NULL;
 
     { begin_structure();
-       get_lenfield(newpasswd->length, newpasswd->data, 0, asn1_decode_charstring);
-       if (tagnum == 1) {
-           alloc_field(*principal, krb5_principal_data);
-           opt_field(*principal, 1, asn1_decode_principal_name, 0);
-           opt_field(*principal, 2, asn1_decode_realm, 0);
-       }
-       end_structure();
+        get_lenfield(newpasswd->length, newpasswd->data, 0, asn1_decode_charstring);
+        if (tagnum == 1) {
+            alloc_field(*principal, krb5_principal_data);
+            opt_field(*principal, 1, asn1_decode_principal_name, 0);
+            opt_field(*principal, 2, asn1_decode_realm, 0);
+        }
+        end_structure();
     }
     cleanup();
 }
@@ -1208,11 +1208,11 @@ asn1_error_code asn1_decode_pa_for_user(asn1buf *buf, krb5_pa_for_user *val)
 {
     setup();
     { begin_structure();
-       get_field(val->user,0,asn1_decode_principal_name);
-       get_field(val->user,1,asn1_decode_realm);
-       get_field(val->cksum,2,asn1_decode_checksum);
-       get_lenfield(val->auth_package.length,val->auth_package.data,3,asn1_decode_generalstring);
-       end_structure();
+        get_field(val->user,0,asn1_decode_principal_name);
+        get_field(val->user,1,asn1_decode_realm);
+        get_field(val->cksum,2,asn1_decode_checksum);
+        get_lenfield(val->auth_package.length,val->auth_package.data,3,asn1_decode_generalstring);
+        end_structure();
     }
     cleanup();
 }
@@ -1221,8 +1221,8 @@ asn1_error_code asn1_decode_pa_pac_req(asn1buf *buf, krb5_pa_pac_req *val)
 {
     setup();
     { begin_structure();
-       get_field(val->include_pac,0,asn1_decode_boolean);
-       end_structure();
+        get_field(val->include_pac,0,asn1_decode_boolean);
+        end_structure();
     }
     cleanup();
 }
index 22ef2643183d87c9ff87a2543391bf40f9257ab3..3ec84c051eba28086e0ade36f8415c11c73101fc 100644 (file)
@@ -234,10 +234,10 @@ asn1_error_code asn1_decode_sequence_of_algorithm_identifier
         (asn1buf *buf, krb5_algorithm_identifier ***val);
 
 asn1_error_code asn1_decode_setpw_req
-       (asn1buf *buf, krb5_data *rep, krb5_principal *principal);
+        (asn1buf *buf, krb5_data *rep, krb5_principal *principal);
 asn1_error_code asn1_decode_pa_for_user
-       (asn1buf *buf, krb5_pa_for_user *val);
+        (asn1buf *buf, krb5_pa_for_user *val);
 asn1_error_code asn1_decode_pa_pac_req
-       (asn1buf *buf, krb5_pa_pac_req *val);
+        (asn1buf *buf, krb5_pa_pac_req *val);
 
 #endif
index 3308d0ea14dbcfd624c259f061572e7d5b722243..ac52ebead2f273e56042524f191a74a7e11cd103 100644 (file)
@@ -247,7 +247,7 @@ static const struct field_info enc_kdc_rep_part_fields[] = {
     /* caddr[11]                HostAddresses OPTIONAL */
     FIELDOF_OPT(krb5_enc_kdc_rep_part, ptr_seqof_host_addresses, caddrs,
                 11, 11),
-    /* encrypted-pa-data[12]   SEQUENCE OF PA-DATA OPTIONAL */
+    /* encrypted-pa-data[12]    SEQUENCE OF PA-DATA OPTIONAL */
     FIELDOF_OPT(krb5_enc_kdc_rep_part, ptr_seqof_pa_data, enc_padata, 12, 12),
 };
 static unsigned int optional_enc_kdc_rep_part(const void *p)
index c413a32f19c6f8b6eafb66c6c41362f97a420288..2d9a3daf7fc5ae82fd27f653d25a89fa1120fc70 100644 (file)
@@ -952,8 +952,8 @@ krb5_error_code decode_krb5_predicted_sam_response(const krb5_data *code, krb5_p
 }
 
 krb5_error_code decode_krb5_setpw_req(const krb5_data *code,
-                                     krb5_data **rep,
-                                     krb5_principal *principal)
+                                      krb5_data **rep,
+                                      krb5_principal *principal)
 {
     setup_buf_only();
     alloc_field(*rep, krb5_data);
index 53feb6dd6ba0b8d93a558d706463acbbb3d0f27e..985381a25414fc26c39d7468935618929be25456 100644 (file)
@@ -46,13 +46,13 @@ typedef int asn1_tagnum;
 #define KVNO 5
 
 /* Universal Tag Numbers */
-#define ASN1_BOOLEAN           1
+#define ASN1_BOOLEAN            1
 #define ASN1_INTEGER            2
 #define ASN1_BITSTRING          3
 #define ASN1_OCTETSTRING        4
 #define ASN1_NULL               5
 #define ASN1_OBJECTIDENTIFIER   6
-#define ASN1_ENUMERATED                10
+#define ASN1_ENUMERATED         10
 #define ASN1_SEQUENCE           16
 #define ASN1_SET                17
 #define ASN1_PRINTABLESTRING    19
index 20aefc3679b9505efb2c1ab904869938f1afe940..ade9ec37f93b5e7ca27abd3754119a843137a850 100644 (file)
@@ -18,7 +18,7 @@
  * this permission notice appear in supporting documentation, and that
  * the name of M.I.T. not be used in advertising or publicity pertaining
  * to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
+ * permission.  Furthermore if you modify this software you must label
  * your software as modified software and not distribute it in such a
  * fashion that it might be confused with the original M.I.T. software.
  * M.I.T. makes no representations about the suitability of
index 0bdffb1ad254dcbed7e3c7f01bcc9ef1ca0f0e63..01dcbabf85743eabd5b1750a6add536db80408b7 100644 (file)
@@ -18,7 +18,7 @@
  * this permission notice appear in supporting documentation, and that
  * the name of M.I.T. not be used in advertising or publicity pertaining
  * to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
+ * permission.  Furthermore if you modify this software you must label
  * your software as modified software and not distribute it in such a
  * fashion that it might be confused with the original M.I.T. software.
  * M.I.T. makes no representations about the suitability of
index bb60db44027544dd0c1c82c4fb5303290ef3d38f..5eb0b9bf3a5137c57de903318edfc12ff3acab93 100644 (file)
@@ -18,7 +18,7 @@
  * this permission notice appear in supporting documentation, and that
  * the name of M.I.T. not be used in advertising or publicity pertaining
  * to distribution of the software without specific, written prior
- * permission. Furthermore if you modify this software you must label
+ * permission.  Furthermore if you modify this software you must label
  * your software as modified software and not distribute it in such a
  * fashion that it might be confused with the original M.I.T. software.
  * M.I.T. makes no representations about the suitability of
@@ -35,8 +35,8 @@
 static void fail_if(int condition, const char *name)
 {
     if (condition) {
-       fprintf(stderr, "%s failed\n", name);
-       exit(1);
+        fprintf(stderr, "%s failed\n", name);
+        exit(1);
     }
 }
 
@@ -44,9 +44,9 @@ static void fail_if(int condition, const char *name)
 static void check_buf(struct k5buf *buf, const char *name)
 {
     fail_if(buf->buftype != FIXED && buf->buftype != DYNAMIC
-           && buf->buftype != ERROR, name);
+            && buf->buftype != ERROR, name);
     if (buf->buftype == ERROR)
-       return;
+        return;
     fail_if(buf->space == 0, name);
     fail_if(buf->space > SPACE_MAX, name);
     fail_if(buf->len >= buf->space, name);
@@ -85,7 +85,7 @@ static void test_realloc()
     size_t i;
 
     for (i = 0; i < sizeof(data); i++)
-       data[i] = 'a';
+        data[i] = 'a';
 
     /* Cause the buffer size to double from 128 to 256 bytes. */
     krb5int_buf_init_dynamic(&buf);
@@ -236,7 +236,7 @@ static void test_fmt()
     size_t i;
 
     for (i = 0; i < sizeof(data) - 1; i++)
-       data[i] = 'a';
+        data[i] = 'a';
     data[i] = '\0';
 
     /* Format some text into a non-empty fixed buffer. */