* lib/krb5/krb/rd_req_dec.c
*
* Copyright (c) 1994 CyberSAFE Corporation.
- * Copyright 1990,1991,2007 by the Massachusetts Institute of Technology.
+ * Copyright 1990,1991,2007,2008 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* Export of this software from the United States of America may
/* no etype check needed */;
} else if ((*auth_context)->permitted_etypes == NULL) {
int etype;
- size_t size_etype_enc = 3 * sizeof(krb5_enctype); /* upto three types */
+ size_t size_etype_enc = 3 * sizeof(krb5_enctype); /* upto three types */
size_t size_etype_bool = 3 * sizeof(krb5_boolean);
krb5_etypes_permitted etypes;
memset(&etypes, 0, sizeof etypes);
- etypes.etype = (krb5_enctype*) malloc( size_etype_enc );
- etypes.etype_ok = (krb5_boolean*) malloc( size_etype_bool );
- memset(etypes.etype, 0, size_etype_enc );
- memset(etypes.etype_ok, 0, size_etype_bool );
+ etypes.etype = (krb5_enctype*) malloc(size_etype_enc);
+ if (etypes.etype == NULL) {
+ retval = ENOMEM;
+ goto cleanup;
+ }
+ etypes.etype_ok = (krb5_boolean*) malloc(size_etype_bool);
+ if (etypes.etype_ok == NULL) {
+ retval = ENOMEM;
+ free(etypes.etype);
+ goto cleanup;
+ }
+ memset(etypes.etype, 0, size_etype_enc);
+ memset(etypes.etype_ok, 0, size_etype_bool);
etypes.etype[etypes.etype_count++] = req->ticket->enc_part.enctype;
etypes.etype[etypes.etype_count++] = req->ticket->enc_part2->session->enctype;
- if ( (*auth_context)->authentp->subkey) {
+ if ((*auth_context)->authentp->subkey) {
etypes.etype[etypes.etype_count++] = (*auth_context)->authentp->subkey->enctype;
}
retval = krb5_is_permitted_enctype_ext(context, &etypes);
-
#if 0
/* check against the default set */
if ((!krb5_is_permitted_enctype(context,
!krb5_is_permitted_enctype(context,
etype = (*auth_context)->authentp->subkey->enctype))) {
#endif
- if ( retval == 0 /* all etypes are not permitted */ ||
- ( !etypes.etype_ok[0] || !etypes.etype_ok[1] ||
- (((*auth_context)->authentp->subkey) && !etypes.etype_ok[etypes.etype_count-1])))
- {
+ if (retval == 0 /* all etypes are not permitted */ ||
+ (!etypes.etype_ok[0] || !etypes.etype_ok[1] ||
+ (((*auth_context)->authentp->subkey) && !etypes.etype_ok[etypes.etype_count-1]))) {
char enctype_name[30];
retval = KRB5_NOPERM_ETYPE;
- if ( !etypes.etype_ok[0] )
- {
- etype = etypes.etype[1];
- }
- else if ( !etypes.etype_ok[1] )
- {
- etype = etypes.etype[1];
- }
- else
- {
- etype = etypes.etype[2];
+ if (!etypes.etype_ok[0]) {
+ etype = etypes.etype[1];
+ } else if (!etypes.etype_ok[1]) {
+ etype = etypes.etype[1];
+ } else {
+ etype = etypes.etype[2];
}
+ free(etypes.etype);
+ free(etypes.etype_ok);
if (krb5_enctype_to_string(etype, enctype_name, sizeof(enctype_name)) == 0)
krb5_set_error_message(context, retval,
enctype_name);
goto cleanup;
}
+ free(etypes.etype);
+ free(etypes.etype_ok);
} else {
/* check against the set in the auth_context */
int i;