summaryrefslogtreecommitdiffstats
path: root/src/lib/krb5/krb/init_ctx.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/krb5/krb/init_ctx.c')
-rw-r--r--src/lib/krb5/krb/init_ctx.c507
1 files changed, 254 insertions, 253 deletions
diff --git a/src/lib/krb5/krb/init_ctx.c b/src/lib/krb5/krb/init_ctx.c
index ea78e0da7c..8667897b94 100644
--- a/src/lib/krb5/krb/init_ctx.c
+++ b/src/lib/krb5/krb/init_ctx.c
@@ -1,3 +1,4 @@
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
/*
* lib/krb5/krb/init_ctx.c
*
@@ -8,7 +9,7 @@
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
- *
+ *
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
@@ -28,14 +29,14 @@
/*
* Copyright (C) 1998 by the FundsXpress, INC.
- *
+ *
* All rights reserved.
- *
+ *
* Export of this software from the United States of America may require
* a specific license from the United States Government. It is the
* responsibility of any person or organization contemplating export to
* obtain such a license before exporting.
- *
+ *
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
@@ -46,7 +47,7 @@
* permission. FundsXpress makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
- *
+ *
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
@@ -86,16 +87,16 @@ krb5_error_code KRB5_CALLCONV
krb5_init_context(krb5_context *context)
{
- return init_common (context, FALSE, FALSE);
+ return init_common (context, FALSE, FALSE);
}
krb5_error_code KRB5_CALLCONV
krb5_init_secure_context(krb5_context *context)
{
- /* This is to make gcc -Wall happy */
- if(0) krb5_brand[0] = krb5_brand[0];
- return init_common (context, TRUE, FALSE);
+ /* This is to make gcc -Wall happy */
+ if(0) krb5_brand[0] = krb5_brand[0];
+ return init_common (context, TRUE, FALSE);
}
krb5_error_code
@@ -107,179 +108,179 @@ krb5int_init_context_kdc(krb5_context *context)
static krb5_error_code
init_common (krb5_context *context, krb5_boolean secure, krb5_boolean kdc)
{
- krb5_context ctx = 0;
- krb5_error_code retval;
- struct {
- krb5_int32 now, now_usec;
- long pid;
- } seed_data;
- krb5_data seed;
- int tmp;
-
- /* Verify some assumptions. If the assumptions hold and the
- compiler is optimizing, this should result in no code being
- executed. If we're guessing "unsigned long long" instead
- of using uint64_t, the possibility does exist that we're
- wrong. */
- {
- krb5_ui_8 i64;
- assert(sizeof(i64) == 8);
- i64 = 0, i64--, i64 >>= 62;
- assert(i64 == 3);
- i64 = 1, i64 <<= 31, i64 <<= 31, i64 <<= 1;
- assert(i64 != 0);
- i64 <<= 1;
- assert(i64 == 0);
- }
-
- retval = krb5int_initialize_library();
- if (retval)
- return retval;
+ krb5_context ctx = 0;
+ krb5_error_code retval;
+ struct {
+ krb5_int32 now, now_usec;
+ long pid;
+ } seed_data;
+ krb5_data seed;
+ int tmp;
+
+ /* Verify some assumptions. If the assumptions hold and the
+ compiler is optimizing, this should result in no code being
+ executed. If we're guessing "unsigned long long" instead
+ of using uint64_t, the possibility does exist that we're
+ wrong. */
+ {
+ krb5_ui_8 i64;
+ assert(sizeof(i64) == 8);
+ i64 = 0, i64--, i64 >>= 62;
+ assert(i64 == 3);
+ i64 = 1, i64 <<= 31, i64 <<= 31, i64 <<= 1;
+ assert(i64 != 0);
+ i64 <<= 1;
+ assert(i64 == 0);
+ }
+
+ retval = krb5int_initialize_library();
+ if (retval)
+ return retval;
#if (defined(_WIN32))
- /*
- * Load the krbcc32.dll if necessary. We do this here so that
- * we know to use API: later on during initialization.
- * The context being NULL is ok.
- */
- krb5_win_ccdll_load(ctx);
-
- /*
- * krb5_vercheck() is defined in win_glue.c, and this is
- * where we handle the timebomb and version server checks.
- */
- retval = krb5_vercheck();
- if (retval)
- return retval;
+ /*
+ * Load the krbcc32.dll if necessary. We do this here so that
+ * we know to use API: later on during initialization.
+ * The context being NULL is ok.
+ */
+ krb5_win_ccdll_load(ctx);
+
+ /*
+ * krb5_vercheck() is defined in win_glue.c, and this is
+ * where we handle the timebomb and version server checks.
+ */
+ retval = krb5_vercheck();
+ if (retval)
+ return retval;
#endif
- *context = 0;
+ *context = 0;
- ctx = calloc(1, sizeof(struct _krb5_context));
- if (!ctx)
- return ENOMEM;
- ctx->magic = KV5M_CONTEXT;
+ ctx = calloc(1, sizeof(struct _krb5_context));
+ if (!ctx)
+ return ENOMEM;
+ ctx->magic = KV5M_CONTEXT;
- ctx->profile_secure = secure;
+ ctx->profile_secure = secure;
- /* Set the default encryption types, possible defined in krb5/conf */
- if ((retval = krb5_set_default_in_tkt_ktypes(ctx, NULL)))
- goto cleanup;
+ /* Set the default encryption types, possible defined in krb5/conf */
+ if ((retval = krb5_set_default_in_tkt_ktypes(ctx, NULL)))
+ goto cleanup;
- if ((retval = krb5_set_default_tgs_ktypes(ctx, NULL)))
- goto cleanup;
+ if ((retval = krb5_set_default_tgs_ktypes(ctx, NULL)))
+ goto cleanup;
- if ((retval = krb5_os_init_context(ctx, kdc)))
- goto cleanup;
+ if ((retval = krb5_os_init_context(ctx, kdc)))
+ goto cleanup;
- retval = profile_get_boolean(ctx->profile, KRB5_CONF_LIBDEFAULTS,
- KRB5_CONF_ALLOW_WEAK_CRYPTO, NULL, 1, &tmp);
- if (retval)
- goto cleanup;
- ctx->allow_weak_crypto = tmp;
+ retval = profile_get_boolean(ctx->profile, KRB5_CONF_LIBDEFAULTS,
+ KRB5_CONF_ALLOW_WEAK_CRYPTO, NULL, 1, &tmp);
+ if (retval)
+ goto cleanup;
+ ctx->allow_weak_crypto = tmp;
- /* initialize the prng (not well, but passable) */
- if ((retval = krb5_c_random_os_entropy( ctx, 0, NULL)) !=0)
- goto cleanup;
- if ((retval = krb5_crypto_us_timeofday(&seed_data.now, &seed_data.now_usec)))
- goto cleanup;
- seed_data.pid = getpid ();
- seed.length = sizeof(seed_data);
- seed.data = (char *) &seed_data;
- if ((retval = krb5_c_random_add_entropy(ctx, KRB5_C_RANDSOURCE_TIMING, &seed)))
- goto cleanup;
+ /* initialize the prng (not well, but passable) */
+ if ((retval = krb5_c_random_os_entropy( ctx, 0, NULL)) !=0)
+ goto cleanup;
+ if ((retval = krb5_crypto_us_timeofday(&seed_data.now, &seed_data.now_usec)))
+ goto cleanup;
+ seed_data.pid = getpid ();
+ seed.length = sizeof(seed_data);
+ seed.data = (char *) &seed_data;
+ if ((retval = krb5_c_random_add_entropy(ctx, KRB5_C_RANDSOURCE_TIMING, &seed)))
+ goto cleanup;
- ctx->default_realm = 0;
- profile_get_integer(ctx->profile, KRB5_CONF_LIBDEFAULTS, KRB5_CONF_CLOCKSKEW,
- 0, 5 * 60, &tmp);
- ctx->clockskew = tmp;
+ ctx->default_realm = 0;
+ profile_get_integer(ctx->profile, KRB5_CONF_LIBDEFAULTS, KRB5_CONF_CLOCKSKEW,
+ 0, 5 * 60, &tmp);
+ ctx->clockskew = tmp;
#if 0
- /* Default ticket lifetime is currently not supported */
- profile_get_integer(ctx->profile, KRB5_CONF_LIBDEFAULTS, "tkt_lifetime",
- 0, 10 * 60 * 60, &tmp);
- ctx->tkt_lifetime = tmp;
+ /* Default ticket lifetime is currently not supported */
+ profile_get_integer(ctx->profile, KRB5_CONF_LIBDEFAULTS, "tkt_lifetime",
+ 0, 10 * 60 * 60, &tmp);
+ ctx->tkt_lifetime = tmp;
#endif
- /* DCE 1.1 and below only support CKSUMTYPE_RSA_MD4 (2) */
- /* DCE add kdc_req_checksum_type = 2 to krb5.conf */
- profile_get_integer(ctx->profile, KRB5_CONF_LIBDEFAULTS,
- KRB5_CONF_KDC_REQ_CHECKSUM_TYPE, 0, CKSUMTYPE_RSA_MD5,
- &tmp);
- ctx->kdc_req_sumtype = tmp;
-
- profile_get_integer(ctx->profile, KRB5_CONF_LIBDEFAULTS,
- KRB5_CONF_AP_REQ_CHECKSUM_TYPE, 0, 0,
- &tmp);
- ctx->default_ap_req_sumtype = tmp;
-
- profile_get_integer(ctx->profile, KRB5_CONF_LIBDEFAULTS,
- KRB5_CONF_SAFE_CHECKSUM_TYPE, 0,
- CKSUMTYPE_RSA_MD5_DES, &tmp);
- ctx->default_safe_sumtype = tmp;
-
- profile_get_integer(ctx->profile, KRB5_CONF_LIBDEFAULTS,
- KRB5_CONF_KDC_DEFAULT_OPTIONS, 0,
- KDC_OPT_RENEWABLE_OK, &tmp);
- ctx->kdc_default_options = tmp;
+ /* DCE 1.1 and below only support CKSUMTYPE_RSA_MD4 (2) */
+ /* DCE add kdc_req_checksum_type = 2 to krb5.conf */
+ profile_get_integer(ctx->profile, KRB5_CONF_LIBDEFAULTS,
+ KRB5_CONF_KDC_REQ_CHECKSUM_TYPE, 0, CKSUMTYPE_RSA_MD5,
+ &tmp);
+ ctx->kdc_req_sumtype = tmp;
+
+ profile_get_integer(ctx->profile, KRB5_CONF_LIBDEFAULTS,
+ KRB5_CONF_AP_REQ_CHECKSUM_TYPE, 0, 0,
+ &tmp);
+ ctx->default_ap_req_sumtype = tmp;
+
+ profile_get_integer(ctx->profile, KRB5_CONF_LIBDEFAULTS,
+ KRB5_CONF_SAFE_CHECKSUM_TYPE, 0,
+ CKSUMTYPE_RSA_MD5_DES, &tmp);
+ ctx->default_safe_sumtype = tmp;
+
+ profile_get_integer(ctx->profile, KRB5_CONF_LIBDEFAULTS,
+ KRB5_CONF_KDC_DEFAULT_OPTIONS, 0,
+ KDC_OPT_RENEWABLE_OK, &tmp);
+ ctx->kdc_default_options = tmp;
#define DEFAULT_KDC_TIMESYNC 1
- profile_get_integer(ctx->profile, KRB5_CONF_LIBDEFAULTS,
- KRB5_CONF_KDC_TIMESYNC, 0, DEFAULT_KDC_TIMESYNC,
- &tmp);
- ctx->library_options = tmp ? KRB5_LIBOPT_SYNC_KDCTIME : 0;
-
- /*
- * We use a default file credentials cache of 3. See
- * lib/krb5/krb/ccache/file/fcc.h for a description of the
- * credentials cache types.
- *
- * Note: DCE 1.0.3a only supports a cache type of 1
- * DCE 1.1 supports a cache type of 2.
- */
+ profile_get_integer(ctx->profile, KRB5_CONF_LIBDEFAULTS,
+ KRB5_CONF_KDC_TIMESYNC, 0, DEFAULT_KDC_TIMESYNC,
+ &tmp);
+ ctx->library_options = tmp ? KRB5_LIBOPT_SYNC_KDCTIME : 0;
+
+ /*
+ * We use a default file credentials cache of 3. See
+ * lib/krb5/krb/ccache/file/fcc.h for a description of the
+ * credentials cache types.
+ *
+ * Note: DCE 1.0.3a only supports a cache type of 1
+ * DCE 1.1 supports a cache type of 2.
+ */
#define DEFAULT_CCACHE_TYPE 4
- profile_get_integer(ctx->profile, KRB5_CONF_LIBDEFAULTS, KRB5_CONF_CCACHE_TYPE,
- 0, DEFAULT_CCACHE_TYPE, &tmp);
- ctx->fcc_default_format = tmp + 0x0500;
- ctx->prompt_types = 0;
- ctx->use_conf_ktypes = 0;
-
- ctx->udp_pref_limit = -1;
- *context = ctx;
- return 0;
+ profile_get_integer(ctx->profile, KRB5_CONF_LIBDEFAULTS, KRB5_CONF_CCACHE_TYPE,
+ 0, DEFAULT_CCACHE_TYPE, &tmp);
+ ctx->fcc_default_format = tmp + 0x0500;
+ ctx->prompt_types = 0;
+ ctx->use_conf_ktypes = 0;
+
+ ctx->udp_pref_limit = -1;
+ *context = ctx;
+ return 0;
cleanup:
- krb5_free_context(ctx);
- return retval;
+ krb5_free_context(ctx);
+ return retval;
}
void KRB5_CALLCONV
krb5_free_context(krb5_context ctx)
{
- if (ctx == NULL)
- return;
- krb5_os_free_context(ctx);
-
- free(ctx->in_tkt_etypes);
- ctx->in_tkt_etypes = NULL;
- free(ctx->tgs_etypes);
- ctx->tgs_etypes = NULL;
- free(ctx->default_realm);
- ctx->default_realm = 0;
- if (ctx->ser_ctx_count && ctx->ser_ctx) {
- free(ctx->ser_ctx);
- ctx->ser_ctx = 0;
- }
-
- krb5_clear_error_message(ctx);
-
- ctx->magic = 0;
- free(ctx);
+ if (ctx == NULL)
+ return;
+ krb5_os_free_context(ctx);
+
+ free(ctx->in_tkt_etypes);
+ ctx->in_tkt_etypes = NULL;
+ free(ctx->tgs_etypes);
+ ctx->tgs_etypes = NULL;
+ free(ctx->default_realm);
+ ctx->default_realm = 0;
+ if (ctx->ser_ctx_count && ctx->ser_ctx) {
+ free(ctx->ser_ctx);
+ ctx->ser_ctx = 0;
+ }
+
+ krb5_clear_error_message(ctx);
+
+ ctx->magic = 0;
+ free(ctx);
}
/* Copy the zero-terminated enctype list old_list into *new_list. */
static krb5_error_code
copy_enctypes(krb5_context context, const krb5_enctype *old_list,
- krb5_enctype **new_list)
+ krb5_enctype **new_list)
{
unsigned int count;
krb5_enctype *list;
@@ -288,7 +289,7 @@ copy_enctypes(krb5_context context, const krb5_enctype *old_list,
for (count = 0; old_list[count]; count++);
list = malloc(sizeof(krb5_enctype) * (count + 1));
if (list == NULL)
- return ENOMEM;
+ return ENOMEM;
memcpy(list, old_list, sizeof(krb5_enctype) * (count + 1));
*new_list = list;
return 0;
@@ -299,25 +300,25 @@ copy_enctypes(krb5_context context, const krb5_enctype *old_list,
*/
static krb5_error_code
set_default_etype_var(krb5_context context, const krb5_enctype *etypes,
- krb5_enctype **var)
+ krb5_enctype **var)
{
krb5_error_code code;
krb5_enctype *list;
int i;
if (etypes) {
- for (i = 0; etypes[i]; i++) {
- if (!krb5_c_valid_enctype(etypes[i]))
- return KRB5_PROG_ETYPE_NOSUPP;
- if (!context->allow_weak_crypto && krb5int_c_weak_enctype(etypes[i]))
- return KRB5_PROG_ETYPE_NOSUPP;
- }
-
- code = copy_enctypes(context, etypes, &list);
- if (code)
- return code;
+ for (i = 0; etypes[i]; i++) {
+ if (!krb5_c_valid_enctype(etypes[i]))
+ return KRB5_PROG_ETYPE_NOSUPP;
+ if (!context->allow_weak_crypto && krb5int_c_weak_enctype(etypes[i]))
+ return KRB5_PROG_ETYPE_NOSUPP;
+ }
+
+ code = copy_enctypes(context, etypes, &list);
+ if (code)
+ return code;
} else {
- list = NULL;
+ list = NULL;
}
free(*var);
@@ -327,7 +328,7 @@ set_default_etype_var(krb5_context context, const krb5_enctype *etypes,
krb5_error_code
krb5_set_default_in_tkt_ktypes(krb5_context context,
- const krb5_enctype *etypes)
+ const krb5_enctype *etypes)
{
return set_default_etype_var(context, etypes, &context->in_tkt_etypes);
}
@@ -352,26 +353,26 @@ krb5_set_default_tgs_ktypes(krb5_context context, const krb5_enctype *etypes)
*/
static void
mod_list(krb5_enctype etype, krb5_boolean add, krb5_boolean allow_weak,
- krb5_enctype *list, unsigned int *count)
+ krb5_enctype *list, unsigned int *count)
{
unsigned int i;
assert(etype > 0 && etype <= MAX_ENCTYPE);
if (!allow_weak && krb5int_c_weak_enctype(etype))
- return;
+ return;
for (i = 0; i < *count; i++) {
- if (list[i] == etype) {
- if (!add) {
- for (; i < *count - 1; i++)
- list[i] = list[i + 1];
- (*count)--;
- }
- return;
- }
+ if (list[i] == etype) {
+ if (!add) {
+ for (; i < *count - 1; i++)
+ list[i] = list[i + 1];
+ (*count)--;
+ }
+ return;
+ }
}
if (add) {
- assert(*count < MAX_ENCTYPE);
- list[(*count)++] = etype;
+ assert(*count < MAX_ENCTYPE);
+ list[(*count)++] = etype;
}
}
@@ -381,7 +382,7 @@ mod_list(krb5_enctype etype, krb5_boolean add, krb5_boolean allow_weak,
*/
krb5_error_code
krb5int_parse_enctype_list(krb5_context context, char *profstr,
- krb5_enctype *default_list, krb5_enctype **result)
+ krb5_enctype *default_list, krb5_enctype **result)
{
char *token, *delim = " \t\r\n,", *save = NULL;
krb5_boolean sel, weak = context->allow_weak_crypto;
@@ -392,31 +393,31 @@ krb5int_parse_enctype_list(krb5_context context, char *profstr,
/* Walk through the words in profstr. */
for (token = strtok_r(profstr, delim, &save); token;
- token = strtok_r(NULL, delim, &save)) {
- /* Determine if we are adding or removing enctypes. */
- sel = TRUE;
- if (*token == '+' || *token == '-')
- sel = (*token++ == '+');
-
- if (strcasecmp(token, "DEFAULT") == 0) {
- /* Set all enctypes in the default list. */
- for (i = 0; default_list[i]; i++)
- mod_list(default_list[i], sel, weak, list, &count);
- } else if (strcasecmp(token, "des") == 0) {
- mod_list(ENCTYPE_DES_CBC_CRC, sel, weak, list, &count);
- mod_list(ENCTYPE_DES_CBC_MD5, sel, weak, list, &count);
- mod_list(ENCTYPE_DES_CBC_MD4, sel, weak, list, &count);
- } else if (strcasecmp(token, "des3") == 0) {
- mod_list(ENCTYPE_DES3_CBC_SHA1, sel, weak, list, &count);
- } else if (strcasecmp(token, "aes") == 0) {
- mod_list(ENCTYPE_AES256_CTS_HMAC_SHA1_96, sel, weak, list, &count);
- mod_list(ENCTYPE_AES128_CTS_HMAC_SHA1_96, sel, weak, list, &count);
- } else if (strcasecmp(token, "rc4") == 0) {
- mod_list(ENCTYPE_ARCFOUR_HMAC, sel, weak, list, &count);
- } else if (krb5_string_to_enctype(token, &etype) == 0) {
- /* Set a specific enctype. */
- mod_list(etype, sel, weak, list, &count);
- }
+ token = strtok_r(NULL, delim, &save)) {
+ /* Determine if we are adding or removing enctypes. */
+ sel = TRUE;
+ if (*token == '+' || *token == '-')
+ sel = (*token++ == '+');
+
+ if (strcasecmp(token, "DEFAULT") == 0) {
+ /* Set all enctypes in the default list. */
+ for (i = 0; default_list[i]; i++)
+ mod_list(default_list[i], sel, weak, list, &count);
+ } else if (strcasecmp(token, "des") == 0) {
+ mod_list(ENCTYPE_DES_CBC_CRC, sel, weak, list, &count);
+ mod_list(ENCTYPE_DES_CBC_MD5, sel, weak, list, &count);
+ mod_list(ENCTYPE_DES_CBC_MD4, sel, weak, list, &count);
+ } else if (strcasecmp(token, "des3") == 0) {
+ mod_list(ENCTYPE_DES3_CBC_SHA1, sel, weak, list, &count);
+ } else if (strcasecmp(token, "aes") == 0) {
+ mod_list(ENCTYPE_AES256_CTS_HMAC_SHA1_96, sel, weak, list, &count);
+ mod_list(ENCTYPE_AES128_CTS_HMAC_SHA1_96, sel, weak, list, &count);
+ } else if (strcasecmp(token, "rc4") == 0) {
+ mod_list(ENCTYPE_ARCFOUR_HMAC, sel, weak, list, &count);
+ } else if (krb5_string_to_enctype(token, &etype) == 0) {
+ /* Set a specific enctype. */
+ mod_list(etype, sel, weak, list, &count);
+ }
}
list[count] = 0;
@@ -433,8 +434,8 @@ krb5int_parse_enctype_list(krb5_context context, char *profstr,
*/
static krb5_error_code
get_profile_etype_list(krb5_context context, krb5_enctype **etypes_ptr,
- char *profkey, krb5_enctype *ctx_list,
- krb5_enctype *default_list)
+ char *profkey, krb5_enctype *ctx_list,
+ krb5_enctype *default_list)
{
krb5_enctype *etypes;
krb5_error_code code;
@@ -443,26 +444,26 @@ get_profile_etype_list(krb5_context context, krb5_enctype **etypes_ptr,
*etypes_ptr = NULL;
if (ctx_list) {
- /* Use application defaults. */
- code = copy_enctypes(context, ctx_list, &etypes);
- if (code)
- return code;
+ /* Use application defaults. */
+ code = copy_enctypes(context, ctx_list, &etypes);
+ if (code)
+ return code;
} else {
- /* Parse profile setting, or "DEFAULT" if not specified. */
- code = profile_get_string(context->profile, KRB5_CONF_LIBDEFAULTS,
- profkey, NULL, "DEFAULT", &profstr);
- if (code)
- return code;
- code = krb5int_parse_enctype_list(context, profstr, default_list,
- &etypes);
- profile_release_string(profstr);
- if (code)
- return code;
+ /* Parse profile setting, or "DEFAULT" if not specified. */
+ code = profile_get_string(context->profile, KRB5_CONF_LIBDEFAULTS,
+ profkey, NULL, "DEFAULT", &profstr);
+ if (code)
+ return code;
+ code = krb5int_parse_enctype_list(context, profstr, default_list,
+ &etypes);
+ profile_release_string(profstr);
+ if (code)
+ return code;
}
if (etypes[0] == 0) {
- free(etypes);
- return KRB5_CONFIG_ETYPE_NOSUPP;
+ free(etypes);
+ return KRB5_CONFIG_ETYPE_NOSUPP;
}
*etypes_ptr = etypes;
@@ -473,9 +474,9 @@ krb5_error_code
krb5_get_default_in_tkt_ktypes(krb5_context context, krb5_enctype **ktypes)
{
return get_profile_etype_list(context, ktypes,
- KRB5_CONF_DEFAULT_TKT_ENCTYPES,
- context->in_tkt_etypes,
- default_enctype_list);
+ KRB5_CONF_DEFAULT_TKT_ENCTYPES,
+ context->in_tkt_etypes,
+ default_enctype_list);
}
void
@@ -490,24 +491,24 @@ KRB5_CALLCONV
krb5_get_tgs_ktypes(krb5_context context, krb5_const_principal princ, krb5_enctype **ktypes)
{
if (context->use_conf_ktypes)
- /* This one is set *only* by reading the config file; it's not
- set by the application. */
- return get_profile_etype_list(context, ktypes,
- KRB5_CONF_DEFAULT_TKT_ENCTYPES, NULL,
- default_enctype_list);
+ /* This one is set *only* by reading the config file; it's not
+ set by the application. */
+ return get_profile_etype_list(context, ktypes,
+ KRB5_CONF_DEFAULT_TKT_ENCTYPES, NULL,
+ default_enctype_list);
else
- return get_profile_etype_list(context, ktypes,
- KRB5_CONF_DEFAULT_TGS_ENCTYPES,
- context->tgs_etypes,
- default_enctype_list);
+ return get_profile_etype_list(context, ktypes,
+ KRB5_CONF_DEFAULT_TGS_ENCTYPES,
+ context->tgs_etypes,
+ default_enctype_list);
}
krb5_error_code KRB5_CALLCONV
krb5_get_permitted_enctypes(krb5_context context, krb5_enctype **ktypes)
{
return get_profile_etype_list(context, ktypes,
- KRB5_CONF_PERMITTED_ENCTYPES,
- context->tgs_etypes, default_enctype_list);
+ KRB5_CONF_PERMITTED_ENCTYPES,
+ context->tgs_etypes, default_enctype_list);
}
krb5_boolean
@@ -517,14 +518,14 @@ krb5_is_permitted_enctype(krb5_context context, krb5_enctype etype)
krb5_boolean ret;
if (krb5_get_permitted_enctypes(context, &list))
- return(0);
+ return(0);
+
-
ret = 0;
for (ptr = list; *ptr; ptr++)
- if (*ptr == etype)
- ret = 1;
+ if (*ptr == etype)
+ ret = 1;
krb5_free_ktypes (context, list);
@@ -571,11 +572,11 @@ krb5_copy_context(krb5_context ctx, krb5_context *nctx_out)
*nctx_out = NULL;
if (ctx == NULL)
- return EINVAL; /* XXX */
+ return EINVAL; /* XXX */
nctx = malloc(sizeof(*nctx));
if (nctx == NULL)
- return ENOMEM;
+ return ENOMEM;
*nctx = *ctx;
@@ -600,28 +601,28 @@ krb5_copy_context(krb5_context ctx, krb5_context *nctx_out)
ret = copy_enctypes(nctx, ctx->in_tkt_etypes, &nctx->in_tkt_etypes);
if (ret)
- goto errout;
+ goto errout;
ret = copy_enctypes(nctx, ctx->tgs_etypes, &nctx->tgs_etypes);
if (ret)
- goto errout;
+ goto errout;
if (ctx->os_context.default_ccname != NULL) {
- nctx->os_context.default_ccname =
- strdup(ctx->os_context.default_ccname);
- if (nctx->os_context.default_ccname == NULL) {
- ret = ENOMEM;
- goto errout;
- }
+ nctx->os_context.default_ccname =
+ strdup(ctx->os_context.default_ccname);
+ if (nctx->os_context.default_ccname == NULL) {
+ ret = ENOMEM;
+ goto errout;
+ }
}
ret = krb5_get_profile(ctx, &nctx->profile);
if (ret)
- goto errout;
+ goto errout;
errout:
if (ret) {
- krb5_free_context(nctx);
+ krb5_free_context(nctx);
} else {
- *nctx_out = nctx;
+ *nctx_out = nctx;
}
return ret;
}
generated by cgit (git 2.34.1) at 2024-10-02 13:41:53 +0000