From: Greg Hudson Date: Wed, 23 Nov 2011 06:10:07 +0000 (+0000) Subject: Whitespace, style changes to past two commits X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=17a528ade6b62014247a616f0019d8d7c93cee6b;p=krb5.git Whitespace, style changes to past two commits git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25489 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/lib/krb5/krb/decode_kdc.c b/src/lib/krb5/krb/decode_kdc.c index f4d167a7d..b24ae9605 100644 --- a/src/lib/krb5/krb/decode_kdc.c +++ b/src/lib/krb5/krb/decode_kdc.c @@ -44,14 +44,14 @@ krb5_error_code krb5int_decode_tgs_rep(krb5_context context, struct krb5int_fast_request_state *fast_state, -krb5_data *enc_rep, const krb5_keyblock *key, + krb5_data *enc_rep, const krb5_keyblock *key, krb5_keyusage usage, krb5_kdc_rep **dec_rep) { krb5_error_code retval; krb5_kdc_rep *local_dec_rep; krb5_keyblock *strengthen_key = NULL, tgs_key; - tgs_key.contents = NULL; + tgs_key.contents = NULL; if (krb5_is_as_rep(enc_rep)) { retval = decode_krb5_as_rep(enc_rep, &local_dec_rep); } else if (krb5_is_tgs_rep(enc_rep)) { @@ -63,13 +63,13 @@ krb5_data *enc_rep, const krb5_keyblock *key, if (retval) return retval; - retval = krb5int_fast_process_response(context, fast_state, - local_dec_rep, &strengthen_key); - if (retval == KRB5_ERR_FAST_REQUIRED) - retval = 0; - else if (retval) - goto cleanup; - retval = krb5int_fast_reply_key(context, strengthen_key, key, &tgs_key); + retval = krb5int_fast_process_response(context, fast_state, + local_dec_rep, &strengthen_key); + if (retval == KRB5_ERR_FAST_REQUIRED) + retval = 0; + else if (retval) + goto cleanup; + retval = krb5int_fast_reply_key(context, strengthen_key, key, &tgs_key); if (retval) goto cleanup; @@ -82,4 +82,4 @@ cleanup: krb5_free_keyblock(context, strengthen_key); krb5_free_keyblock_contents(context, &tgs_key); return (retval); - } +} diff --git a/src/lib/krb5/krb/fast.c b/src/lib/krb5/krb/fast.c index ab852a8b3..ec660563a 100644 --- a/src/lib/krb5/krb/fast.c +++ b/src/lib/krb5/krb/fast.c @@ -106,10 +106,11 @@ fast_armor_ap_request(krb5_context context, return retval; } -krb5_error_code krb5int_fast_tgs_armor(krb5_context context, struct krb5int_fast_request_state *state, - krb5_keyblock *subkey,krb5_keyblock *session_key, - krb5_ccache ccache, - krb5_data *target_realm) +krb5_error_code +krb5int_fast_tgs_armor(krb5_context context, + struct krb5int_fast_request_state *state, + krb5_keyblock *subkey, krb5_keyblock *session_key, + krb5_ccache ccache, krb5_data *target_realm) { krb5_principal target_principal = NULL; krb5_keyblock *existing_armor = NULL; @@ -119,24 +120,26 @@ krb5_error_code krb5int_fast_tgs_armor(krb5_context context, struct krb5int_fast retval = krb5int_tgtname(context, target_realm, target_realm, &target_principal); if (retval == 0) - retval = fast_armor_ap_request(context, state, ccache, target_principal); + retval = fast_armor_ap_request(context, state, ccache, + target_principal); if (retval == 0) { existing_armor = state->armor_key; state->armor_key = NULL; retval = krb5_c_fx_cf2_simple(context, existing_armor, - "explicitarmor", subkey, + "explicitarmor", subkey, "tgsarmor", &state->armor_key); } - } else retval = krb5_c_fx_cf2_simple(context, - subkey, "subkeyarmor", - session_key, "ticketarmor", &state->armor_key); + } else { + retval = krb5_c_fx_cf2_simple(context, subkey, "subkeyarmor", + session_key, "ticketarmor", + &state->armor_key); + } if (target_principal) krb5_free_principal(context, target_principal); krb5_free_keyblock(context, existing_armor); - return retval; + return retval; } - krb5_error_code krb5int_fast_prep_req_body(krb5_context context, struct krb5int_fast_request_state *state, @@ -235,22 +238,22 @@ krb5int_fast_prep_req(krb5_context context, krb5_pa_data pa[2]; krb5_fast_req fast_req; krb5_pa_data *tgs = NULL; - krb5_fast_armored_req *armored_req = NULL; + krb5_fast_armored_req *armored_req = NULL; krb5_data *encoded_fast_req = NULL; krb5_data *encoded_armored_req = NULL; krb5_data *local_encoded_result = NULL; - int i,j; + int i, j; assert(state != NULL); assert(state->fast_outer_request.padata == NULL); - memset(pa_array, 0, sizeof pa_array); + memset(pa_array, 0, sizeof(pa_array)); if (state->armor_key == NULL) { return encoder(request, encoded_request); } TRACE_FAST_ENCODE(context); state->nonce = request->nonce; - fast_req.req_body = request; + fast_req.req_body = request; if (fast_req.req_body->padata == NULL) { fast_req.req_body->padata = calloc(1, sizeof(krb5_pa_data *)); if (fast_req.req_body->padata == NULL) @@ -258,14 +261,16 @@ krb5int_fast_prep_req(krb5_context context, } fast_req.fast_options = state->fast_options; if (retval == 0 - && (tgs = krb5int_find_pa_data(context,fast_req.req_body->padata, - KRB5_PADATA_AP_REQ))) { + && (tgs = krb5int_find_pa_data(context, fast_req.req_body->padata, + KRB5_PADATA_AP_REQ)) != NULL) { krb5_pa_data **paptr = &fast_req.req_body->padata[0]; - for (i=0,j=0;paptr[j]; j++) + for (i = 0, j = 0; paptr[j] != NULL; j++) { if (paptr[j]->pa_type == KRB5_PADATA_AP_REQ) paptr[j] = NULL; - else paptr[i++] = paptr[j]; - paptr[i++] = NULL; + else + paptr[i++] = paptr[j]; + } + paptr[i] = NULL; } if (retval == 0) retval = encode_krb5_fast_req(&fast_req, &encoded_fast_req); @@ -288,17 +293,18 @@ krb5int_fast_prep_req(krb5_context context, if (retval == 0) retval = encode_krb5_pa_fx_fast_request(armored_req, &encoded_armored_req); - if (retval==0) { + if (retval == 0) { pa[0].pa_type = KRB5_PADATA_FX_FAST; pa[0].contents = (unsigned char *) encoded_armored_req->data; pa[0].length = encoded_armored_req->length; if (tgs) { pa_array[0] = tgs; pa_array[1] = &pa[0]; - } else pa_array[0] = &pa[0]; + } else + pa_array[0] = &pa[0]; } state->fast_outer_request.padata = pa_array; - if(retval == 0) + if (retval == 0) retval = encoder(&state->fast_outer_request, &local_encoded_result); if (retval == 0) { *encoded_request = local_encoded_result; @@ -399,19 +405,17 @@ krb5int_fast_process_error(krb5_context context, { krb5_error_code retval = 0; krb5_error *err_reply = *err_replyptr; - krb5_pa_data *fx_error_pa; - krb5_pa_data **result = NULL; - krb5_data scratch; - krb5_error *fx_error = NULL; - krb5_fast_response *fast_response = NULL; - scratch.data = NULL; + krb5_pa_data *fx_error_pa; + krb5_pa_data **result = NULL; + krb5_data scratch = empty_data(); + krb5_error *fx_error = NULL; + krb5_fast_response *fast_response = NULL; if (out_padata) *out_padata = NULL; if (retry) *retry = 0; - if (state->armor_key) { retval = decode_krb5_padata_sequence(&err_reply->e_data, &result); if (retval == 0) @@ -424,9 +428,8 @@ krb5int_fast_process_error(krb5_context context, * KDC seems reasonable. */ if (retry != NULL) - *retry = 0; + *retry = 0; krb5_free_pa_data(context, result); - result = NULL; return 0; } if (retval == 0) { @@ -440,8 +443,7 @@ krb5int_fast_process_error(krb5_context context, } } if (retval == 0) { - scratch.data = (char *) fx_error_pa->contents; - scratch.length = fx_error_pa->length; + scratch = make_data(fx_error_pa->contents, fx_error_pa->length); retval = decode_krb5_error(&scratch, &fx_error); } if (retval == 0) { @@ -449,8 +451,8 @@ krb5int_fast_process_error(krb5_context context, *err_replyptr = fx_error; fx_error = NULL; if (out_padata) { - *out_padata = fast_response->padata; - fast_response->padata = NULL; + *out_padata = fast_response->padata; + fast_response->padata = NULL; } /* * If there is more than the fx_error padata, then we want @@ -466,22 +468,24 @@ krb5int_fast_process_error(krb5_context context, } else { /*not FAST*/ /* Possibly retry if there's any e_data to process. */ if (retry) - *retry = (err_reply->e_data.length > 0); + *retry = (err_reply->e_data.length > 0); /* Try to decode e_data as pa-data or typed-data for out_padata. */ - if (out_padata) - retval = decode_krb5_padata_sequence(&err_reply->e_data, out_padata); - if ((out_padata != NULL) && (retval != 0)) { - krb5_typed_data **tdata; - /* krb5_typed data and krb5_pa_data are compatible structures. */ - if (decode_krb5_typed_data(&err_reply->e_data, &tdata) == 0) - *out_padata = (krb5_pa_data **)tdata; - retval = 0; + if (out_padata) { + retval = decode_krb5_padata_sequence(&err_reply->e_data, + out_padata); + if (retval != 0) { + krb5_typed_data **tdata; + /* krb5_typed data and krb5_pa_data are compatible. */ + if (decode_krb5_typed_data(&err_reply->e_data, &tdata) == 0) + *out_padata = (krb5_pa_data **)tdata; + retval = 0; + } } } - krb5_free_pa_data(context, result); - krb5_free_fast_response(context, fast_response); -if (fx_error) - krb5_free_error(context, fx_error); + krb5_free_pa_data(context, result); + krb5_free_fast_response(context, fast_response); + if (fx_error) + krb5_free_error(context, fx_error); return retval; } @@ -551,8 +555,9 @@ krb5int_fast_reply_key(krb5_context context, krb5_error_code retval = 0; krb5_free_keyblock_contents(context, out_key); if (strengthen_key) { - retval = krb5_c_fx_cf2_simple(context, (krb5_keyblock *) strengthen_key, - "strengthenkey", (krb5_keyblock *) existing_key, + retval = krb5_c_fx_cf2_simple(context, (krb5_keyblock *)strengthen_key, + "strengthenkey", + (krb5_keyblock *)existing_key, "replykey", &key); if (retval == 0) { TRACE_FAST_REPLY_KEY(context, key); diff --git a/src/lib/krb5/krb/fast.h b/src/lib/krb5/krb/fast.h index 159e6e77f..88456741a 100644 --- a/src/lib/krb5/krb/fast.h +++ b/src/lib/krb5/krb/fast.h @@ -102,10 +102,13 @@ krb5_boolean krb5int_upgrade_to_fast_p(krb5_context context, struct krb5int_fast_request_state *state, krb5_pa_data **padata); -krb5_error_code krb5int_fast_tgs_armor(krb5_context context, struct krb5int_fast_request_state *state, - krb5_keyblock *subkey, - krb5_keyblock *session_key, - krb5_ccache ccache, - krb5_data *target_realm); + +krb5_error_code +krb5int_fast_tgs_armor(krb5_context context, + struct krb5int_fast_request_state *state, + krb5_keyblock *subkey, + krb5_keyblock *session_key, + krb5_ccache ccache, + krb5_data *target_realm); #endif diff --git a/src/lib/krb5/krb/gc_via_tkt.c b/src/lib/krb5/krb/gc_via_tkt.c index 37c6ce3f5..0c25f7919 100644 --- a/src/lib/krb5/krb/gc_via_tkt.c +++ b/src/lib/krb5/krb/gc_via_tkt.c @@ -33,7 +33,6 @@ #include "int-proto.h" #include "fast.h" - static krb5_error_code kdcrep2creds(krb5_context context, krb5_kdc_rep *pkdcrep, krb5_address *const *address, krb5_data *psectkt, krb5_creds **ppcreds) @@ -217,7 +216,8 @@ krb5int_make_tgs_request(krb5_context context, enctypes[1] = 0; } - retval = krb5int_make_tgs_request_ext(context, fast_state, kdcoptions, &in_cred->times, + retval = krb5int_make_tgs_request_ext(context, fast_state, kdcoptions, + &in_cred->times, enctypes, in_cred->server, address, in_cred->authdata, in_padata, second_tkt ? @@ -300,9 +300,7 @@ krb5int_process_tgs_reply(krb5_context context, /* Unfortunately, Heimdal at least up through 1.2 encrypts using the session key not the subsession key. So we try both. */ - retval = krb5int_decode_tgs_rep(context, fast_state, - response_data, - subkey, + retval = krb5int_decode_tgs_rep(context, fast_state, response_data, subkey, KRB5_KEYUSAGE_TGS_REP_ENCPART_SUBKEY, &dec_rep); if (retval) { diff --git a/src/lib/krb5/krb/send_tgs.c b/src/lib/krb5/krb/send_tgs.c index 8f6ca0bab..b215acfa4 100644 --- a/src/lib/krb5/krb/send_tgs.c +++ b/src/lib/krb5/krb/send_tgs.c @@ -214,7 +214,7 @@ krb5int_make_tgs_request_ext(krb5_context context, &in_cred->keyblock, NULL, NULL); if (retval) goto cleanup; - if (authorization_data) { + if (authorization_data) { /* need to encrypt it in the request */ if ((retval = encode_krb5_authdata(authorization_data, &scratch))) @@ -255,7 +255,9 @@ krb5int_make_tgs_request_ext(krb5_context context, tgsreq.second_ticket = 0; /* encode the body; then checksum it */ - if ((retval = krb5int_fast_prep_req_body(context, fast_state, &tgsreq, &scratch))) + retval = krb5int_fast_prep_req_body(context, fast_state, &tgsreq, + &scratch); + if (retval) goto cleanup; /* @@ -326,9 +328,9 @@ krb5int_make_tgs_request_ext(krb5_context context, goto cleanup; } /* the TGS_REQ is assembled in tgsreq, so encode it */ - if ((retval = krb5int_fast_prep_req(context, fast_state, &tgsreq, - &scratch2, encode_krb5_tgs_req, - &scratch))) + retval = krb5int_fast_prep_req(context, fast_state, &tgsreq, &scratch2, + encode_krb5_tgs_req, &scratch); + if (retval) goto cleanup; *request_data = *scratch;