From: Ken Raeburn Date: Mon, 8 Sep 2008 21:53:21 +0000 (+0000) Subject: whitespace X-Git-Tag: krb5-1.7-alpha1~441 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=0a17118f906570bdd2366aad3a7346df42f3221d;p=krb5.git whitespace git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20710 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/lib/krb5/krb/chpw.c b/src/lib/krb5/krb/chpw.c index 51623c2f4..287adfa0f 100644 --- a/src/lib/krb5/krb/chpw.c +++ b/src/lib/krb5/krb/chpw.c @@ -8,12 +8,11 @@ krb5_error_code -krb5int_mk_chpw_req( - krb5_context context, - krb5_auth_context auth_context, - krb5_data *ap_req, - char *passwd, - krb5_data *packet) +krb5int_mk_chpw_req(krb5_context context, + krb5_auth_context auth_context, + krb5_data *ap_req, + char *passwd, + krb5_data *packet) { krb5_error_code ret = 0; krb5_data clearpw; @@ -25,22 +24,21 @@ krb5int_mk_chpw_req( if ((ret = krb5_auth_con_setflags(context, auth_context, KRB5_AUTH_CONTEXT_DO_SEQUENCE))) - goto cleanup; + goto cleanup; clearpw.length = strlen(passwd); clearpw.data = passwd; if ((ret = krb5_mk_priv(context, auth_context, &clearpw, &cipherpw, &replay))) - goto cleanup; + goto cleanup; packet->length = 6 + ap_req->length + cipherpw.length; packet->data = (char *) malloc(packet->length); - if (packet->data == NULL) - { - ret = ENOMEM; - goto cleanup; - } + if (packet->data == NULL) { + ret = ENOMEM; + goto cleanup; + } ptr = packet->data; /* length */ @@ -68,14 +66,15 @@ krb5int_mk_chpw_req( memcpy(ptr, cipherpw.data, cipherpw.length); cleanup: - if(cipherpw.data != NULL) /* allocated by krb5_mk_priv */ - free(cipherpw.data); + if (cipherpw.data != NULL) /* allocated by krb5_mk_priv */ + free(cipherpw.data); return(ret); } krb5_error_code -krb5int_rd_chpw_rep(krb5_context context, krb5_auth_context auth_context, krb5_data *packet, int *result_code, krb5_data *result_data) +krb5int_rd_chpw_rep(krb5_context context, krb5_auth_context auth_context, + krb5_data *packet, int *result_code, krb5_data *result_data) { char *ptr; int plen, vno; @@ -100,29 +99,26 @@ krb5int_rd_chpw_rep(krb5_context context, krb5_auth_context auth_context, krb5_d plen = (*ptr++ & 0xff); plen = (plen<<8) | (*ptr++ & 0xff); - if (plen != packet->length) - { - /* - * MS KDCs *may* send back a KRB_ERROR. Although - * not 100% correct via RFC3244, it's something - * we can workaround here. - */ - if (krb5_is_krb_error(packet)) { - - if ((ret = krb5_rd_error(context, packet, &krberror))) - return(ret); - - if (krberror->e_data.data == NULL) { - ret = ERROR_TABLE_BASE_krb5 + (krb5_error_code) krberror->error; - krb5_free_error(context, krberror); - return (ret); - } - } - else - { - return(KRB5KRB_AP_ERR_MODIFIED); - } + if (plen != packet->length) { + /* + * MS KDCs *may* send back a KRB_ERROR. Although + * not 100% correct via RFC3244, it's something + * we can workaround here. + */ + if (krb5_is_krb_error(packet)) { + + if ((ret = krb5_rd_error(context, packet, &krberror))) + return(ret); + + if (krberror->e_data.data == NULL) { + ret = ERROR_TABLE_BASE_krb5 + (krb5_error_code) krberror->error; + krb5_free_error(context, krberror); + return (ret); + } + } else { + return(KRB5KRB_AP_ERR_MODIFIED); } + } /* verify version number */ @@ -238,37 +234,37 @@ cleanup: } krb5_error_code KRB5_CALLCONV -krb5_chpw_result_code_string(krb5_context context, int result_code, char **code_string) +krb5_chpw_result_code_string(krb5_context context, int result_code, + char **code_string) { - switch (result_code) { - case KRB5_KPASSWD_MALFORMED: - *code_string = "Malformed request error"; - break; - case KRB5_KPASSWD_HARDERROR: - *code_string = "Server error"; - break; - case KRB5_KPASSWD_AUTHERROR: - *code_string = "Authentication error"; - break; - case KRB5_KPASSWD_SOFTERROR: - *code_string = "Password change rejected"; - break; - default: - *code_string = "Password change failed"; - break; - } - - return(0); + switch (result_code) { + case KRB5_KPASSWD_MALFORMED: + *code_string = "Malformed request error"; + break; + case KRB5_KPASSWD_HARDERROR: + *code_string = "Server error"; + break; + case KRB5_KPASSWD_AUTHERROR: + *code_string = "Authentication error"; + break; + case KRB5_KPASSWD_SOFTERROR: + *code_string = "Password change rejected"; + break; + default: + *code_string = "Password change failed"; + break; + } + + return(0); } krb5_error_code -krb5int_mk_setpw_req( - krb5_context context, - krb5_auth_context auth_context, - krb5_data *ap_req, - krb5_principal targprinc, - char *passwd, - krb5_data *packet ) +krb5int_mk_setpw_req(krb5_context context, + krb5_auth_context auth_context, + krb5_data *ap_req, + krb5_principal targprinc, + char *passwd, + krb5_data *packet) { krb5_error_code ret; krb5_data cipherpw; @@ -276,23 +272,23 @@ krb5int_mk_setpw_req( char *ptr; - cipherpw.data = NULL; - cipherpw.length = 0; + cipherpw.data = NULL; + cipherpw.length = 0; if ((ret = krb5_auth_con_setflags(context, auth_context, KRB5_AUTH_CONTEXT_DO_SEQUENCE))) - return(ret); + return(ret); ret = encode_krb5_setpw_req(targprinc, passwd, &encoded_setpw); if (ret) { return ret; } - if ( (ret = krb5_mk_priv(context, auth_context, encoded_setpw, &cipherpw, NULL)) != 0) { - krb5_free_data( context, encoded_setpw); + if ((ret = krb5_mk_priv(context, auth_context, encoded_setpw, &cipherpw, NULL)) != 0) { + krb5_free_data(context, encoded_setpw); return(ret); } - krb5_free_data( context, encoded_setpw); + krb5_free_data(context, encoded_setpw); packet->length = 6 + ap_req->length + cipherpw.length; @@ -302,39 +298,40 @@ krb5int_mk_setpw_req( goto cleanup; } ptr = packet->data; -/* -** build the packet - -*/ -/* put in the length */ + /* + ** build the packet - + */ + /* put in the length */ *ptr++ = (packet->length>>8) & 0xff; *ptr++ = packet->length & 0xff; -/* put in the version */ + /* put in the version */ *ptr++ = (char)0xff; *ptr++ = (char)0x80; -/* the ap_req length is big endian */ + /* the ap_req length is big endian */ *ptr++ = (ap_req->length>>8) & 0xff; *ptr++ = ap_req->length & 0xff; -/* put in the request data */ + /* put in the request data */ memcpy(ptr, ap_req->data, ap_req->length); ptr += ap_req->length; -/* -** put in the "private" password data - -*/ + /* + ** put in the "private" password data - + */ memcpy(ptr, cipherpw.data, cipherpw.length); ret = 0; - cleanup: +cleanup: if (cipherpw.data) krb5_free_data_contents(context, &cipherpw); if ((ret != 0) && packet->data) { - free( packet->data); + free(packet->data); packet->data = NULL; } return ret; } krb5_error_code -krb5int_rd_setpw_rep( krb5_context context, krb5_auth_context auth_context, krb5_data *packet, - int *result_code, krb5_data *result_data ) +krb5int_rd_setpw_rep(krb5_context context, krb5_auth_context auth_context, + krb5_data *packet, + int *result_code, krb5_data *result_data) { char *ptr; unsigned int message_length, version_number; @@ -344,17 +341,17 @@ krb5int_rd_setpw_rep( krb5_context context, krb5_auth_context auth_context, krb5 krb5_data cipherresult; krb5_data clearresult; krb5_keyblock *tmpkey; -/* -** validate the packet length - -*/ + /* + ** validate the packet length - + */ if (packet->length < 4) return(KRB5KRB_AP_ERR_MODIFIED); ptr = packet->data; -/* -** see if it is an error -*/ + /* + ** see if it is an error + */ if (krb5_is_krb_error(packet)) { krb5_error *krberror; if ((ret = krb5_rd_error(context, packet, &krberror))) @@ -368,50 +365,50 @@ krb5int_rd_setpw_rep( krb5_context context, krb5_auth_context auth_context, krb5 krberror->e_data.data = NULL; /*So we can free it later*/ krberror->e_data.length = 0; krb5_free_error(context, krberror); - + } else { /* Not an error*/ -/* -** validate the message length - -** length is big endian -*/ + /* + ** validate the message length - + ** length is big endian + */ message_length = (((ptr[0] << 8)&0xff) | (ptr[1]&0xff)); ptr += 2; -/* -** make sure the message length and packet length agree - -*/ + /* + ** make sure the message length and packet length agree - + */ if (message_length != packet->length) return(KRB5KRB_AP_ERR_MODIFIED); -/* -** get the version number - -*/ + /* + ** get the version number - + */ version_number = (((ptr[0] << 8)&0xff) | (ptr[1]&0xff)); ptr += 2; -/* -** make sure we support the version returned - -*/ -/* -** set password version is 0xff80, change password version is 1 -*/ + /* + ** make sure we support the version returned - + */ + /* + ** set password version is 0xff80, change password version is 1 + */ if (version_number != 1 && version_number != 0xff80) return(KRB5KDC_ERR_BAD_PVNO); -/* -** now fill in ap_rep with the reply - -*/ -/* -** get the reply length - -*/ + /* + ** now fill in ap_rep with the reply - + */ + /* + ** get the reply length - + */ ap_rep.length = (((ptr[0] << 8)&0xff) | (ptr[1]&0xff)); ptr += 2; -/* -** validate ap_rep length agrees with the packet length - -*/ + /* + ** validate ap_rep length agrees with the packet length - + */ if (ptr + ap_rep.length >= packet->data + packet->length) return(KRB5KRB_AP_ERR_MODIFIED); -/* -** if data was returned, set the ap_rep ptr - -*/ - if( ap_rep.length ) { + /* + ** if data was returned, set the ap_rep ptr - + */ + if (ap_rep.length) { ap_rep.data = ptr; ptr += ap_rep.length; @@ -429,9 +426,9 @@ krb5int_rd_setpw_rep( krb5_context context, krb5_auth_context auth_context, krb5 } krb5_free_ap_rep_enc_part(context, ap_rep_enc); -/* -** now decrypt the result - -*/ + /* + ** now decrypt the result - + */ cipherresult.data = ptr; cipherresult.length = (packet->data + packet->length) - ptr; @@ -452,34 +449,32 @@ krb5int_rd_setpw_rep( krb5_context context, krb5_auth_context auth_context, krb5 return (KRB5KRB_AP_ERR_MODIFIED); } /*Response instead of error*/ -/* -** validate the cleartext length -*/ + /* + ** validate the cleartext length + */ if (clearresult.length < 2) { ret = KRB5KRB_AP_ERR_MODIFIED; goto cleanup; } -/* -** now decode the result - -*/ + /* + ** now decode the result - + */ ptr = clearresult.data; *result_code = (((ptr[0] << 8)&0xff) | (ptr[1]&0xff)); ptr += 2; -/* -** result code 5 is access denied -*/ - if ((*result_code < KRB5_KPASSWD_SUCCESS) || (*result_code > 5)) - { + /* + ** result code 5 is access denied + */ + if ((*result_code < KRB5_KPASSWD_SUCCESS) || (*result_code > 5)) { ret = KRB5KRB_AP_ERR_MODIFIED; goto cleanup; } -/* -** all success replies should be authenticated/encrypted -*/ - if( (ap_rep.length == 0) && (*result_code == KRB5_KPASSWD_SUCCESS) ) - { + /* + ** all success replies should be authenticated/encrypted + */ + if ((ap_rep.length == 0) && (*result_code == KRB5_KPASSWD_SUCCESS)) { ret = KRB5KRB_AP_ERR_MODIFIED; goto cleanup; } @@ -487,13 +482,11 @@ krb5int_rd_setpw_rep( krb5_context context, krb5_auth_context auth_context, krb5 if (result_data) { result_data->length = (clearresult.data + clearresult.length) - ptr; - if (result_data->length) - { + if (result_data->length) { result_data->data = (char *) malloc(result_data->length); if (result_data->data) memcpy(result_data->data, ptr, result_data->length); - } - else + } else result_data->data = NULL; } ret = 0; @@ -504,38 +497,38 @@ krb5int_rd_setpw_rep( krb5_context context, krb5_auth_context auth_context, krb5 } krb5_error_code -krb5int_setpw_result_code_string( krb5_context context, int result_code, const char **code_string ) +krb5int_setpw_result_code_string(krb5_context context, int result_code, + const char **code_string) { - switch (result_code) - { - case KRB5_KPASSWD_MALFORMED: - *code_string = "Malformed request error"; - break; - case KRB5_KPASSWD_HARDERROR: - *code_string = "Server error"; - break; - case KRB5_KPASSWD_AUTHERROR: - *code_string = "Authentication error"; - break; - case KRB5_KPASSWD_SOFTERROR: - *code_string = "Password change rejected"; - break; - case 5: /* access denied */ - *code_string = "Access denied"; - break; - case 6: /* bad version */ - *code_string = "Wrong protocol version"; - break; - case 7: /* initial flag is needed */ - *code_string = "Initial password required"; - break; - case 0: - *code_string = "Success"; - default: - *code_string = "Password change failed"; - break; - } - - return(0); + switch (result_code) { + case KRB5_KPASSWD_MALFORMED: + *code_string = "Malformed request error"; + break; + case KRB5_KPASSWD_HARDERROR: + *code_string = "Server error"; + break; + case KRB5_KPASSWD_AUTHERROR: + *code_string = "Authentication error"; + break; + case KRB5_KPASSWD_SOFTERROR: + *code_string = "Password change rejected"; + break; + case 5: /* access denied */ + *code_string = "Access denied"; + break; + case 6: /* bad version */ + *code_string = "Wrong protocol version"; + break; + case 7: /* initial flag is needed */ + *code_string = "Initial password required"; + break; + case 0: + *code_string = "Success"; + default: + *code_string = "Password change failed"; + break; + } + + return(0); }