From 0ae36bbcb328f0f75880400fc962198ba238cf35 Mon Sep 17 00:00:00 2001 From: Ezra Peisach Date: Mon, 4 Jun 2001 16:04:03 +0000 Subject: [PATCH] * kdc_util.c (add_to_transited): Add braces to provide unambiguous if - if - else statements. * kdc_preauth.c (verify_sam_response): Cleanup assignments in conditionals. * main.c (main): Likewise. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13265 dc483132-0cff-0310-8789-dd5450dbe970 --- src/kdc/ChangeLog | 9 ++++++ src/kdc/kdc_preauth.c | 3 +- src/kdc/kdc_util.c | 64 +++++++++++++++++++++---------------------- src/kdc/main.c | 3 +- 4 files changed, 45 insertions(+), 34 deletions(-) diff --git a/src/kdc/ChangeLog b/src/kdc/ChangeLog index e9dc7149d..595c84444 100644 --- a/src/kdc/ChangeLog +++ b/src/kdc/ChangeLog @@ -1,3 +1,12 @@ +2001-06-04 Ezra Peisach + + * kdc_util.c (add_to_transited): Add braces to provide unambiguous + if - if - else statements. + + * kdc_preauth.c (verify_sam_response): Cleanup assignments in + conditionals. + * main.c (main): Likewise. + 2001-04-26 Ken Raeburn * configure.in: Don't use HAS_ANSI_VOLATILE. diff --git a/src/kdc/kdc_preauth.c b/src/kdc/kdc_preauth.c index 9721a2cea..b073e786d 100644 --- a/src/kdc/kdc_preauth.c +++ b/src/kdc/kdc_preauth.c @@ -1284,7 +1284,8 @@ verify_sam_response(context, client, request, enc_tkt_reply, pa) rep.server = "SAM/rc"; /* Should not match any principal name. */ rep.ctime = psr->stime; rep.cusec = psr->susec; - if (retval = krb5_rc_store(kdc_context, kdc_rcache, &rep)) { + retval = krb5_rc_store(kdc_context, kdc_rcache, &rep); + if (retval) { com_err("krb5kdc", retval, "SAM psr replay attack!"); goto cleanup; } diff --git a/src/kdc/kdc_util.c b/src/kdc/kdc_util.c index 3660ff552..6d25764ec 100644 --- a/src/kdc/kdc_util.c +++ b/src/kdc/kdc_util.c @@ -213,8 +213,8 @@ kdc_process_tgs_req(request, from, pkt, ticket, subkey) krb5_auth_context auth_context = NULL; krb5_authenticator * authenticator = NULL; krb5_checksum * his_cksum = NULL; - krb5_keyblock * key = NULL; - krb5_kvno kvno = 0; +/* krb5_keyblock * key = NULL;*/ +/* krb5_kvno kvno = 0;*/ if (!request->padata) return KRB5KDC_ERR_PADATA_TYPE_NOSUPP; @@ -401,7 +401,6 @@ kdc_get_server_key(ticket, key, kvno) krb5_boolean more; int nprincs; krb5_key_data * server_key; - int i; nprincs = 1; @@ -629,20 +628,21 @@ add_to_transited(tgt_trans, new_trans, tgs, client, server) /* read field into current */ for (i = 0; *otrans != '\0';) { - if (*otrans == '\\') - if (*(++otrans) == '\0') - break; - else - continue; - if (*otrans == ',') { - otrans++; - break; - } - current[i++] = *otrans++; - if (i >= MAX_REALM_LN) { - retval = KRB5KRB_AP_ERR_ILL_CR_TKT; - goto fail; - } + if (*otrans == '\\') { + if (*(++otrans) == '\0') + break; + else + continue; + } + if (*otrans == ',') { + otrans++; + break; + } + current[i++] = *otrans++; + if (i >= MAX_REALM_LN) { + retval = KRB5KRB_AP_ERR_ILL_CR_TKT; + goto fail; + } } current[i] = '\0'; @@ -685,20 +685,21 @@ add_to_transited(tgt_trans, new_trans, tgs, client, server) /* read field into next */ for (i = 0; *otrans != '\0';) { - if (*otrans == '\\') - if (*(++otrans) == '\0') - break; - else - continue; - if (*otrans == ',') { - otrans++; - break; - } - next[i++] = *otrans++; - if (i >= MAX_REALM_LN) { - retval = KRB5KRB_AP_ERR_ILL_CR_TKT; - goto fail; - } + if (*otrans == '\\') { + if (*(++otrans) == '\0') + break; + else + continue; + } + if (*otrans == ',') { + otrans++; + break; + } + next[i++] = *otrans++; + if (i >= MAX_REALM_LN) { + retval = KRB5KRB_AP_ERR_ILL_CR_TKT; + goto fail; + } } next[i] = '\0'; nlst = i - 1; @@ -1450,7 +1451,6 @@ select_session_keytype(context, server, nktypes, ktype) krb5_enctype *ktype; { int i; - krb5_enctype dfl = 0; for (i = 0; i < nktypes; i++) { if (!valid_enctype(ktype[i])) diff --git a/src/kdc/main.c b/src/kdc/main.c index fdaec3562..2de048413 100644 --- a/src/kdc/main.c +++ b/src/kdc/main.c @@ -808,7 +808,8 @@ int main(argc, argv) setup_signal_handlers(); - if (retval = setup_sam()) { + retval = setup_sam(); + if (retval) { com_err(argv[0], retval, "while initializing SAM"); finish_realms(argv[0]); return 1; -- 2.26.2