diff options
Diffstat (limited to 'src/lib/kadm5')
-rw-r--r-- | src/lib/kadm5/clnt/client_init.c | 17 | ||||
-rw-r--r-- | src/lib/kadm5/kadm_rpc_xdr.c | 3 | ||||
-rw-r--r-- | src/lib/kadm5/srv/server_acl.c | 2 | ||||
-rw-r--r-- | src/lib/kadm5/srv/server_kdb.c | 4 | ||||
-rw-r--r-- | src/lib/kadm5/srv/svr_principal.c | 13 |
5 files changed, 17 insertions, 22 deletions
diff --git a/src/lib/kadm5/clnt/client_init.c b/src/lib/kadm5/clnt/client_init.c index adc050c957..9d51991f4a 100644 --- a/src/lib/kadm5/clnt/client_init.c +++ b/src/lib/kadm5/clnt/client_init.c @@ -613,7 +613,6 @@ static kadm5_ret_t setup_gss(kadm5_server_handle_t handle, kadm5_config_params *params_in, char *client_name, char *full_svcname) { - kadm5_ret_t code; OM_uint32 gssstat, minor_stat; gss_buffer_desc buf; gss_name_t gss_client; @@ -622,7 +621,6 @@ setup_gss(kadm5_server_handle_t handle, kadm5_config_params *params_in, const char *c_ccname_orig; char *ccname_orig; - code = KADM5_GSS_ERROR; gss_client_creds = GSS_C_NO_CREDENTIAL; ccname_orig = NULL; gss_client = gss_target = GSS_C_NO_NAME; @@ -630,10 +628,8 @@ setup_gss(kadm5_server_handle_t handle, kadm5_config_params *params_in, /* Temporarily use the kadm5 cache. */ gssstat = gss_krb5_ccache_name(&minor_stat, handle->cache_name, &c_ccname_orig); - if (gssstat != GSS_S_COMPLETE) { - code = KADM5_GSS_ERROR; + if (gssstat != GSS_S_COMPLETE) goto error; - } if (c_ccname_orig) ccname_orig = strdup(c_ccname_orig); else @@ -643,10 +639,8 @@ setup_gss(kadm5_server_handle_t handle, kadm5_config_params *params_in, buf.length = strlen((char *)buf.value) + 1; gssstat = gss_import_name(&minor_stat, &buf, (gss_OID) gss_nt_krb5_name, &gss_target); - if (gssstat != GSS_S_COMPLETE) { - code = KADM5_GSS_ERROR; + if (gssstat != GSS_S_COMPLETE) goto error; - } if (client_name) { buf.value = client_name; @@ -655,16 +649,13 @@ setup_gss(kadm5_server_handle_t handle, kadm5_config_params *params_in, (gss_OID) gss_nt_krb5_name, &gss_client); } else gss_client = GSS_C_NO_NAME; - if (gssstat != GSS_S_COMPLETE) { - code = KADM5_GSS_ERROR; + if (gssstat != GSS_S_COMPLETE) goto error; - } gssstat = gss_acquire_cred(&minor_stat, gss_client, 0, GSS_C_NULL_OID_SET, GSS_C_INITIATE, &gss_client_creds, NULL, NULL); if (gssstat != GSS_S_COMPLETE) { - code = KADM5_GSS_ERROR; #if 0 /* for debugging only */ { OM_uint32 maj_status, min_status, message_context = 0; @@ -762,7 +753,7 @@ rpc_auth(kadm5_server_handle_t handle, kadm5_config_params *params_in, /* Use RPCSEC_GSS by default. */ if (params_in == NULL || !(params_in->mask & KADM5_CONFIG_OLD_AUTH_GSSAPI)) { - sec.mech = gss_mech_krb5; + sec.mech = (gss_OID)gss_mech_krb5; sec.qop = GSS_C_QOP_DEFAULT; sec.svc = RPCSEC_GSS_SVC_PRIVACY; sec.cred = gss_client_creds; diff --git a/src/lib/kadm5/kadm_rpc_xdr.c b/src/lib/kadm5/kadm_rpc_xdr.c index 153b96297b..42ac783ad1 100644 --- a/src/lib/kadm5/kadm_rpc_xdr.c +++ b/src/lib/kadm5/kadm_rpc_xdr.c @@ -819,7 +819,8 @@ xdr_chrand_ret(XDR *xdrs, chrand_ret *objp) return (FALSE); } if (objp->code == KADM5_OK) { - if (!xdr_array(xdrs, (char **)&objp->keys, &objp->n_keys, ~0, + if (!xdr_array(xdrs, (char **)&objp->keys, + (unsigned int *)&objp->n_keys, ~0, sizeof(krb5_keyblock), xdr_krb5_keyblock)) return FALSE; } diff --git a/src/lib/kadm5/srv/server_acl.c b/src/lib/kadm5/srv/server_acl.c index 7094f49a8c..b2aeb7daa4 100644 --- a/src/lib/kadm5/srv/server_acl.c +++ b/src/lib/kadm5/srv/server_acl.c @@ -112,7 +112,7 @@ kadm5int_acl_get_line(fp, lnp) line_incr = 0; for (domore = 1; domore && !feof(fp); ) { /* Copy in the line, with continuations */ - for (i=0; ((i < sizeof acl_buf) && !feof(fp)); i++ ) { + for (i = 0; ((i < BUFSIZ) && !feof(fp)); i++) { int byte; byte = fgetc(fp); acl_buf[i] = byte; diff --git a/src/lib/kadm5/srv/server_kdb.c b/src/lib/kadm5/srv/server_kdb.c index f4217dd498..23661448a0 100644 --- a/src/lib/kadm5/srv/server_kdb.c +++ b/src/lib/kadm5/srv/server_kdb.c @@ -282,7 +282,7 @@ kdb_get_entry(kadm5_server_handle_t handle, return(ret); } - xdrmem_create(&xdrs, tl_data.tl_data_contents, + xdrmem_create(&xdrs, (caddr_t)tl_data.tl_data_contents, tl_data.tl_data_length, XDR_DECODE); if (! xdr_osa_princ_ent_rec(&xdrs, adb)) { xdr_destroy(&xdrs); @@ -373,7 +373,7 @@ kdb_put_entry(kadm5_server_handle_t handle, } tl_data.tl_data_type = KRB5_TL_KADM_DATA; tl_data.tl_data_length = xdr_getpos(&xdrs); - tl_data.tl_data_contents = xdralloc_getdata(&xdrs); + tl_data.tl_data_contents = (krb5_octet *)xdralloc_getdata(&xdrs); ret = krb5_dbe_update_tl_data(handle->context, kdb, &tl_data); diff --git a/src/lib/kadm5/srv/svr_principal.c b/src/lib/kadm5/srv/svr_principal.c index 6d90628dcf..6c7a2c0d5e 100644 --- a/src/lib/kadm5/srv/svr_principal.c +++ b/src/lib/kadm5/srv/svr_principal.c @@ -245,10 +245,12 @@ apply_keysalt_policy(kadm5_server_handle_t handle, const char *policy, ks_tuple = handle->params.keysalts; } /* Dup the requested or defaulted keysalt tuples. */ - new_ks_tuple = k5memdup(ks_tuple, n_ks_tuple * sizeof(*new_ks_tuple), - &ret); - if (new_ks_tuple == NULL) + new_ks_tuple = malloc(n_ks_tuple * sizeof(*new_ks_tuple)); + if (new_ks_tuple == NULL) { + ret = ENOMEM; goto cleanup; + } + memcpy(new_ks_tuple, ks_tuple, n_ks_tuple * sizeof(*new_ks_tuple)); new_n_ks_tuple = n_ks_tuple; ret = 0; goto cleanup; @@ -363,7 +365,7 @@ kadm5_create_principal_3(void *server_handle, kadm5_policy_ent_rec polent; krb5_boolean have_polent = FALSE; krb5_int32 now; - krb5_tl_data *tl_data_orig, *tl_data_tail; + krb5_tl_data *tl_data_tail; unsigned int ret; kadm5_server_handle_t handle = server_handle; krb5_keyblock *act_mkey; @@ -487,7 +489,6 @@ kadm5_create_principal_3(void *server_handle, if (mask & KADM5_TL_DATA) { /* splice entry->tl_data onto the front of kdb->tl_data */ - tl_data_orig = kdb->tl_data; for (tl_data_tail = entry->tl_data; tl_data_tail; tl_data_tail = tl_data_tail->tl_data_next) { @@ -1265,6 +1266,8 @@ kadm5_use_password_server (void) } #endif +void kadm5_set_use_password_server (void); + void kadm5_set_use_password_server (void) { |