From 1c4f3aa73062270b7a52000aead421c32729c612 Mon Sep 17 00:00:00 2001 From: Greg Hudson Date: Mon, 10 Aug 2009 04:42:44 +0000 Subject: [PATCH] Remove pkinit_identity_process_option, which wasn't doing anything besides picking a subsidiary function based on the (constant) input argument. Remove the associated constants from pkinit.h as well. No functional change. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22512 dc483132-0cff-0310-8789-dd5450dbe970 --- src/plugins/preauth/pkinit/pkinit.h | 7 -- src/plugins/preauth/pkinit/pkinit_identity.c | 96 ++++---------------- 2 files changed, 19 insertions(+), 84 deletions(-) diff --git a/src/plugins/preauth/pkinit/pkinit.h b/src/plugins/preauth/pkinit/pkinit.h index 754bf5a21..380d13b15 100644 --- a/src/plugins/preauth/pkinit/pkinit.h +++ b/src/plugins/preauth/pkinit/pkinit.h @@ -182,13 +182,6 @@ typedef struct _pkinit_req_opts { * information about identity from config file or command line */ -#define PKINIT_ID_OPT_USER_IDENTITY 1 -#define PKINIT_ID_OPT_ANCHOR_CAS 2 -#define PKINIT_ID_OPT_INTERMEDIATE_CAS 3 -#define PKINIT_ID_OPT_CRLS 4 -#define PKINIT_ID_OPT_OCSP 5 -#define PKINIT_ID_OPT_DN_MAPPING 6 /* XXX ? */ - typedef struct _pkinit_identity_opts { char *identity; char **identity_alt; diff --git a/src/plugins/preauth/pkinit/pkinit_identity.c b/src/plugins/preauth/pkinit/pkinit_identity.c index 227c55d0f..4e9f61ef5 100644 --- a/src/plugins/preauth/pkinit/pkinit_identity.c +++ b/src/plugins/preauth/pkinit/pkinit_identity.c @@ -503,51 +503,6 @@ process_option_ca_crl(krb5_context context, idtype, catype, residual); } -static krb5_error_code -pkinit_identity_process_option(krb5_context context, - pkinit_plg_crypto_context plg_cryptoctx, - pkinit_req_crypto_context req_cryptoctx, - pkinit_identity_opts *idopts, - pkinit_identity_crypto_context id_cryptoctx, - int attr, - const char *value) -{ - krb5_error_code retval = 0; - - switch (attr) { - case PKINIT_ID_OPT_USER_IDENTITY: - retval = process_option_identity(context, plg_cryptoctx, - req_cryptoctx, idopts, - id_cryptoctx, value); - break; - case PKINIT_ID_OPT_ANCHOR_CAS: - retval = process_option_ca_crl(context, plg_cryptoctx, - req_cryptoctx, idopts, - id_cryptoctx, value, - CATYPE_ANCHORS); - break; - case PKINIT_ID_OPT_INTERMEDIATE_CAS: - retval = process_option_ca_crl(context, plg_cryptoctx, - req_cryptoctx, idopts, - id_cryptoctx, - value, CATYPE_INTERMEDIATES); - break; - case PKINIT_ID_OPT_CRLS: - retval = process_option_ca_crl(context, plg_cryptoctx, - req_cryptoctx, idopts, - id_cryptoctx, - value, CATYPE_CRLS); - break; - case PKINIT_ID_OPT_OCSP: - retval = ENOTSUP; - break; - default: - retval = EINVAL; - break; - } - return retval; -} - krb5_error_code pkinit_identity_initialize(krb5_context context, pkinit_plg_crypto_context plg_cryptoctx, @@ -573,18 +528,15 @@ pkinit_identity_initialize(krb5_context context, * in the config file. */ if (idopts->identity != NULL) { - retval = pkinit_identity_process_option(context, plg_cryptoctx, - req_cryptoctx, idopts, - id_cryptoctx, - PKINIT_ID_OPT_USER_IDENTITY, - idopts->identity); + retval = process_option_identity(context, plg_cryptoctx, req_cryptoctx, + idopts, id_cryptoctx, + idopts->identity); } else if (idopts->identity_alt != NULL) { for (i = 0; retval != 0 && idopts->identity_alt[i] != NULL; i++) - retval = pkinit_identity_process_option(context, plg_cryptoctx, - req_cryptoctx, idopts, - id_cryptoctx, - PKINIT_ID_OPT_USER_IDENTITY, - idopts->identity_alt[i]); + retval = process_option_identity(context, plg_cryptoctx, + req_cryptoctx, idopts, + id_cryptoctx, + idopts->identity_alt[i]); } else { pkiDebug("%s: no user identity options specified\n", __FUNCTION__); goto errout; @@ -625,41 +577,31 @@ pkinit_identity_initialize(krb5_context context, goto errout; for (i = 0; idopts->anchors != NULL && idopts->anchors[i] != NULL; i++) { - retval = pkinit_identity_process_option(context, plg_cryptoctx, - req_cryptoctx, idopts, - id_cryptoctx, - PKINIT_ID_OPT_ANCHOR_CAS, - idopts->anchors[i]); + retval = process_option_ca_crl(context, plg_cryptoctx, req_cryptoctx, + idopts, id_cryptoctx, + idopts->anchors[i], CATYPE_ANCHORS); if (retval) goto errout; } for (i = 0; idopts->intermediates != NULL && idopts->intermediates[i] != NULL; i++) { - retval = pkinit_identity_process_option(context, plg_cryptoctx, - req_cryptoctx, idopts, - id_cryptoctx, - PKINIT_ID_OPT_INTERMEDIATE_CAS, - idopts->intermediates[i]); + retval = process_option_ca_crl(context, plg_cryptoctx, req_cryptoctx, + idopts, id_cryptoctx, + idopts->intermediates[i], + CATYPE_INTERMEDIATES); if (retval) goto errout; } for (i = 0; idopts->crls != NULL && idopts->crls[i] != NULL; i++) { - retval = pkinit_identity_process_option(context, plg_cryptoctx, - req_cryptoctx, idopts, - id_cryptoctx, - PKINIT_ID_OPT_CRLS, - idopts->crls[i]); + retval = process_option_ca_crl(context, plg_cryptoctx, req_cryptoctx, + idopts, id_cryptoctx, idopts->crls[i], + CATYPE_CRLS); if (retval) goto errout; } if (idopts->ocsp != NULL) { - retval = pkinit_identity_process_option(context, plg_cryptoctx, - req_cryptoctx, idopts, - id_cryptoctx, - PKINIT_ID_OPT_OCSP, - idopts->ocsp); - if (retval) - goto errout; + retval = ENOTSUP; + goto errout; } errout: -- 2.26.2