diff options
| author | Greg Hudson <ghudson@mit.edu> | 2011-07-06 16:33:27 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2011-07-06 16:33:27 +0000 |
| commit | e50226d3c63e89938dcf24e8df876885b1823aa2 (patch) | |
| tree | 7392abc4411307bb1cf7f8c6d624cd3d1e2549c3 /src/lib/kadm5 | |
| parent | c0dd57f3c90c45feb9898b6ea5b45ef0ccd081f4 (diff) | |
| download | krb5-e50226d3c63e89938dcf24e8df876885b1823aa2.tar.gz krb5-e50226d3c63e89938dcf24e8df876885b1823aa2.tar.xz krb5-e50226d3c63e89938dcf24e8df876885b1823aa2.zip | |
Simplify and fix chpass_util error generation
If a principal has no associated kadm5 policy, we may still get
password quality errors from a module (KDB or pwqual). There was a
bug in the error generation for this case which caused only a generic
error to be returned.
Also use snprintf() instead of multiple string operations to compose
errors.
From Simo Sorce <ssorce@redhat.com>.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25014 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/kadm5')
| -rw-r--r-- | src/lib/kadm5/chpass_util.c | 54 |
1 files changed, 20 insertions, 34 deletions
diff --git a/src/lib/kadm5/chpass_util.c b/src/lib/kadm5/chpass_util.c index 9e8111b3c7..7a75136658 100644 --- a/src/lib/kadm5/chpass_util.c +++ b/src/lib/kadm5/chpass_util.c @@ -102,12 +102,10 @@ kadm5_ret_t _kadm5_chpass_principal_util(void *server_handle, msg_ret[msg_len - 1] = '\0'; return(code); } else { - strncpy(msg_ret, error_message(code), msg_len - 1); - strncat(msg_ret, " ", msg_len - 1); - strncat(msg_ret, string_text(CHPASS_UTIL_WHILE_READING_PASSWORD), - msg_len - 1); - strncat(msg_ret, string_text(CHPASS_UTIL_PASSWORD_NOT_CHANGED), - msg_len - 1); + snprintf(msg_ret, msg_len, "%s %s\n\n%s", + error_message(code), + string_text(CHPASS_UTIL_WHILE_READING_PASSWORD), + string_text(CHPASS_UTIL_PASSWORD_NOT_CHANGED)); msg_ret[msg_len - 1] = '\0'; return(code); } @@ -142,11 +140,10 @@ kadm5_ret_t _kadm5_chpass_principal_util(void *server_handle, (code != KADM5_PASS_REUSE) &&(code != KADM5_PASS_Q_CLASS) && (code != KADM5_PASS_Q_DICT) && (code != KADM5_PASS_TOOSOON)) { /* Can't get more info for other errors */ - snprintf(buffer, sizeof(buffer), "%s %s", error_message(code), - string_text(CHPASS_UTIL_WHILE_TRYING_TO_CHANGE)); - snprintf(msg_ret, msg_len, "%s\n%s\n", + snprintf(msg_ret, msg_len, "%s\n%s %s\n", string_text(CHPASS_UTIL_PASSWORD_NOT_CHANGED), - buffer); + error_message(code), + string_text(CHPASS_UTIL_WHILE_TRYING_TO_CHANGE)); return(code); } @@ -170,32 +167,22 @@ kadm5_ret_t _kadm5_chpass_principal_util(void *server_handle, code2 = kadm5_get_principal (lhandle, princ, &princ_ent, KADM5_PRINCIPAL_NORMAL_MASK); if (code2 != 0) { - strncpy(msg_ret, error_message(code2), msg_len - 1); - strncat(msg_ret, " ", msg_len - 1 - strlen(msg_ret)); - strncat(msg_ret, string_text(CHPASS_UTIL_GET_PRINC_INFO), msg_len - 1 - strlen(msg_ret)); - strncat(msg_ret, "\n", msg_len - 1 - strlen(msg_ret)); - strncat(msg_ret, error_message(code), msg_len - 1 - strlen(msg_ret)); - strncat(msg_ret, " ", msg_len - 1 - strlen(msg_ret)); - strncat(msg_ret, string_text(CHPASS_UTIL_WHILE_TRYING_TO_CHANGE), - msg_len - 1 - strlen(msg_ret)); - strncat(msg_ret, "\n\n", msg_len - 1 - strlen(msg_ret)); - strncat(msg_ret, string_text(CHPASS_UTIL_PASSWORD_NOT_CHANGED), - msg_len - 1 - strlen(msg_ret)); - strncat(msg_ret, "\n", msg_len - 1 - strlen(msg_ret)); + snprintf(msg_ret, msg_len, "%s %s\n%s %s\n\n%s\n", + error_message(code2), + string_text(CHPASS_UTIL_GET_PRINC_INFO), + error_message(code), + string_text(CHPASS_UTIL_WHILE_TRYING_TO_CHANGE), + string_text(CHPASS_UTIL_PASSWORD_NOT_CHANGED)); msg_ret[msg_len - 1] = '\0'; return(code); } if ((princ_ent.aux_attributes & KADM5_POLICY) == 0) { - strncpy(msg_ret, error_message(code), msg_len - 1 - strlen(msg_ret)); - strncat(msg_ret, " ", msg_len - 1 - strlen(msg_ret)); - strncpy(msg_ret, string_text(CHPASS_UTIL_NO_POLICY_YET_Q_ERROR), - msg_len - 1 - strlen(msg_ret)); - strncat(msg_ret, "\n\n", msg_len - 1 - strlen(msg_ret)); - strncpy(msg_ret, string_text(CHPASS_UTIL_PASSWORD_NOT_CHANGED), - msg_len - 1 - strlen(msg_ret)); + /* Some module implements its own password policy. */ + snprintf(msg_ret, msg_len, "%s\n\n%s", + error_message(code), + string_text(CHPASS_UTIL_PASSWORD_NOT_CHANGED)); msg_ret[msg_len - 1] = '\0'; - (void) kadm5_free_principal_ent(lhandle, &princ_ent); return(code); } @@ -248,11 +235,10 @@ kadm5_ret_t _kadm5_chpass_principal_util(void *server_handle, } /* We should never get here, but just in case ... */ - snprintf(buffer, sizeof(buffer), "%s %s", error_message(code), - string_text(CHPASS_UTIL_WHILE_TRYING_TO_CHANGE)); - snprintf(msg_ret, msg_len, "%s\n%s\n", + snprintf(msg_ret, msg_len, "%s\n%s %s\n", string_text(CHPASS_UTIL_PASSWORD_NOT_CHANGED), - buffer); + error_message(code), + string_text(CHPASS_UTIL_WHILE_TRYING_TO_CHANGE)); (void) kadm5_free_principal_ent(lhandle, &princ_ent); (void) kadm5_free_policy_ent(lhandle, &policy_ent); return(code); |