diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/kdc/ChangeLog | 13 | ||||
| -rw-r--r-- | src/kdc/Makefile.in | 2 | ||||
| -rw-r--r-- | src/kdc/configure.in | 6 | ||||
| -rw-r--r-- | src/kdc/dispatch.c | 2 | ||||
| -rw-r--r-- | src/kdc/do_as_req.c | 47 | ||||
| -rw-r--r-- | src/kdc/do_tgs_req.c | 70 | ||||
| -rw-r--r-- | src/kdc/kdc_util.c | 45 | ||||
| -rw-r--r-- | src/kdc/kdc_util.h | 7 | ||||
| -rw-r--r-- | src/kdc/kerberos_v4.c | 17 | ||||
| -rw-r--r-- | src/kdc/main.c | 61 | ||||
| -rw-r--r-- | src/kdc/network.c | 2 |
11 files changed, 147 insertions, 125 deletions
diff --git a/src/kdc/ChangeLog b/src/kdc/ChangeLog index 7c499dbb79..1357d6a592 100644 --- a/src/kdc/ChangeLog +++ b/src/kdc/ChangeLog @@ -1,3 +1,16 @@ +Fri Jun 9 19:13:08 1995 <tytso@rsx-11.mit.edu> + + * dispatch.c, kdc_util.h, kerberos_v4.c: Use KRB5_KRB4_COMPAT + instead of KRB4 for determining whether to compile in + Kerberos V4 backwards compatibility + + * configure.in: Remove standardized set of autoconf macros, which + are now handled by CONFIG_RULES. + +Thu Jun 8 23:35:27 1995 <tytso@rsx-11.mit.edu> + + * do_as_req.c, do_tgs_req.c, kdc_util.c, kerberos_v4.c, main.c, + network.c: Fix -Wall nits. Thu Jun 8 14:52:40 EDT 1995 Paul Park (pjpark@mit.edu) * Makefile.in - Add libkadm. diff --git a/src/kdc/Makefile.in b/src/kdc/Makefile.in index 82fd2f3d91..dda9be6f26 100644 --- a/src/kdc/Makefile.in +++ b/src/kdc/Makefile.in @@ -17,8 +17,6 @@ KRB4INCLUDES=-I$(SRCTOP)/include/kerberosIV all:: -DEFINES = -DBACKWARD_COMPAT $(KRB4DEF) - LOCALINCLUDE = $(KRB4INCLUDES) -I. SRCS= \ kdc5_err.c \ diff --git a/src/kdc/configure.in b/src/kdc/configure.in index 1544e5d200..32f2d668ed 100644 --- a/src/kdc/configure.in +++ b/src/kdc/configure.in @@ -1,15 +1,9 @@ AC_INIT(main.c) -WITH_CCOPTS CONFIG_RULES -AC_SET_BUILDTOP AC_PROG_INSTALL -WITH_NETLIB AC_CHECK_LIB(ndbm,main) AC_CHECK_LIB(dbm,main) AC_HEADER_CHECK(termios.h,AC_FUNC_CHECK([tcsetattr],AC_DEFINE(POSIX_TERMIOS))) ET_RULES HAS_ANSI_VOLATILE -KRB_INCLUDE -WITH_KRB4 -WITH_KRB5ROOT V5_AC_OUTPUT_MAKEFILE diff --git a/src/kdc/dispatch.c b/src/kdc/dispatch.c index 3b132ac164..b16e55fac1 100644 --- a/src/kdc/dispatch.c +++ b/src/kdc/dispatch.c @@ -58,7 +58,7 @@ dispatch(pkt, from, is_secondary, response) krb5_free_kdc_req(kdc_context, as_req); } } -#ifdef KRB4 +#ifdef KRB5_KRB4_COMPAT else if (pkt->data[0] == 4) /* old version */ retval = process_v4(pkt, from, is_secondary, response); #endif diff --git a/src/kdc/do_as_req.c b/src/kdc/do_as_req.c index da76b41b32..f7a4d72716 100644 --- a/src/kdc/do_as_req.c +++ b/src/kdc/do_as_req.c @@ -86,7 +86,7 @@ check_padata (client, src_addr, padata, pa_id, flags) */ enckey = &(client->alt_key); /* Extract client key/alt_key from master key */ - if (retval = KDB_CONVERT_KEY_OUTOF_DB(kdc_context,enckey,&tmpkey)) { + if ((retval = KDB_CONVERT_KEY_OUTOF_DB(kdc_context,enckey,&tmpkey))) { krb5_klog_syslog( LOG_ERR, "AS_REQ: Unable to extract client alt_key: %s", error_message(retval)); return retval; @@ -114,9 +114,7 @@ krb5_data **response; /* filled in with a response packet */ krb5_ticket ticket_reply; krb5_enc_tkt_part enc_tkt_reply; krb5_error_code retval; - int errcode; int c_nprincs = 0, s_nprincs = 0; - char cpw_service[255]; int pwreq, pa_id, pa_flags; krb5_boolean more; krb5_timestamp kdc_time, authtime; @@ -140,13 +138,13 @@ krb5_data **response; /* filled in with a response packet */ if (!request->client) return(prepare_error_as(request, KDC_ERR_C_PRINCIPAL_UNKNOWN, response)); - if (retval = krb5_unparse_name(kdc_context, request->client, &cname)) { + if ((retval = krb5_unparse_name(kdc_context, request->client, &cname))) { krb5_klog_syslog(LOG_INFO, "AS_REQ: %s while unparsing client name", error_message(retval)); return(prepare_error_as(request, KDC_ERR_C_PRINCIPAL_UNKNOWN, response)); } - if (retval = krb5_unparse_name(kdc_context, request->server, &sname)) { + if ((retval = krb5_unparse_name(kdc_context, request->server, &sname))) { free(cname); krb5_klog_syslog(LOG_INFO, "AS_REQ: %s while unparsing server name", error_message(retval)); @@ -180,8 +178,8 @@ krb5_data **response; /* filled in with a response packet */ pwreq++; c_nprincs = 1; - if (retval = krb5_db_get_principal(kdc_context, request->client, &client, - &c_nprincs, &more)) { + if ((retval = krb5_db_get_principal(kdc_context, request->client, &client, + &c_nprincs, &more))) { c_nprincs = 0; goto errout; } @@ -200,8 +198,8 @@ krb5_data **response; /* filled in with a response packet */ } s_nprincs = 1; - if (retval = krb5_db_get_principal(kdc_context, request->server, &server, - &s_nprincs, &more)) { + if ((retval = krb5_db_get_principal(kdc_context, request->server, &server, + &s_nprincs, &more))) { s_nprincs = 0; goto errout; } @@ -215,15 +213,15 @@ krb5_data **response; /* filled in with a response packet */ goto errout; } - if (retval = krb5_timeofday(kdc_context, &kdc_time)) { + if ((retval = krb5_timeofday(kdc_context, &kdc_time))) { krb5_klog_syslog(LOG_INFO, "AS_REQ: TIME_OF_DAY: host %s, %s for %s", fromstring, cname, sname); goto errout; } status = "UNKNOWN REASON"; - if (retval = validate_as_request(request, client, server, - kdc_time, &status)) { + if ((retval = validate_as_request(request, client, server, + kdc_time, &status))) { krb5_klog_syslog(LOG_INFO, "AS_REQ: %s: host %s, %s for %s", status, fromstring, cname, sname); retval = prepare_error_as(request, retval, response); @@ -258,9 +256,9 @@ krb5_data **response; /* filled in with a response packet */ useetype = request->etype[i]; krb5_use_cstype(kdc_context, &eblock, useetype); - if (retval = krb5_random_key(kdc_context, &eblock, - krb5_csarray[useetype]->random_sequence, - &session_key)) { + if ((retval = krb5_random_key(kdc_context, &eblock, + krb5_csarray[useetype]->random_sequence, + &session_key))) { /* random key failed */ krb5_klog_syslog(LOG_INFO, "AS_REQ: RANDOM KEY FAILED: host %s, %s for %s", fromstring, cname, sname); @@ -407,7 +405,7 @@ krb5_data **response; /* filled in with a response packet */ /* convert server.key into a real key (it may be encrypted in the database) */ - if (retval = KDB_CONVERT_KEY_OUTOF_DB(kdc_context, &server.key, &encrypting_key)) + if ((retval = KDB_CONVERT_KEY_OUTOF_DB(kdc_context, &server.key, &encrypting_key))) goto errout; retval = krb5_encrypt_tkt_part(kdc_context, &eblock, &encrypting_key, &ticket_reply); memset((char *)encrypting_key.contents, 0, encrypting_key.length); @@ -437,9 +435,9 @@ krb5_data **response; /* filled in with a response packet */ padat_tmp[0]->length = 0; break; case KRB5_KDB_SALTTYPE_NOREALM: - if (retval = krb5_principal2salt_norealm(kdc_context, - request->client, - &salt_data)) + if ((retval = krb5_principal2salt_norealm(kdc_context, + request->client, + &salt_data))) goto errout; padat_tmp[0]->length = salt_data.length; padat_tmp[0]->contents = (krb5_octet *)salt_data.data; @@ -462,7 +460,7 @@ krb5_data **response; /* filled in with a response packet */ reply.ticket = &ticket_reply; reply_encpart.session = session_key; - if (retval = fetch_last_req_info(&client, &reply_encpart.last_req)) + if ((retval = fetch_last_req_info(&client, &reply_encpart.last_req))) goto errout; reply_encpart.nonce = request->nonce; @@ -481,7 +479,7 @@ krb5_data **response; /* filled in with a response packet */ /* convert client.key into a real key (it may be encrypted in the database) */ - if (retval = KDB_CONVERT_KEY_OUTOF_DB(kdc_context, &client.key, &encrypting_key)) + if ((retval = KDB_CONVERT_KEY_OUTOF_DB(kdc_context, &client.key, &encrypting_key))) goto errout; reply.enc_part.etype = useetype; reply.enc_part.kvno = client.kvno; @@ -542,10 +540,10 @@ krb5_data **response; krb5_data *scratch; char *cname = 0, *sname = 0; - if (retval = krb5_unparse_name(kdc_context, request->client, &cname)) + if ((retval = krb5_unparse_name(kdc_context, request->client, &cname))) krb5_klog_syslog(LOG_INFO, "AS_REQ: %s while unparsing client name for error", error_message(retval)); - if (retval = krb5_unparse_name(kdc_context, request->server, &sname)) + if ((retval = krb5_unparse_name(kdc_context, request->server, &sname))) krb5_klog_syslog(LOG_INFO, "AS_REQ: %s while unparsing server name for error", error_message(retval)); @@ -561,7 +559,8 @@ krb5_data **response; errpkt.ctime = request->nonce; errpkt.cusec = 0; - if (retval = krb5_us_timeofday(kdc_context, &errpkt.stime, &errpkt.susec)) + if ((retval = krb5_us_timeofday(kdc_context, &errpkt.stime, + &errpkt.susec))) return(retval); errpkt.error = error; errpkt.server = request->server; diff --git a/src/kdc/do_tgs_req.c b/src/kdc/do_tgs_req.c index 9aeacd7adc..fbf7ccc5d7 100644 --- a/src/kdc/do_tgs_req.c +++ b/src/kdc/do_tgs_req.c @@ -107,7 +107,7 @@ krb5_data **response; /* filled in with a response packet */ if (!fromstring) fromstring = "<unknown>"; - if (errcode = krb5_unparse_name(kdc_context, request->server, &sname)) { + if ((errcode = krb5_unparse_name(kdc_context, request->server, &sname))) { status = "UNPARSING SERVER"; goto cleanup; } @@ -146,8 +146,8 @@ krb5_data **response; /* filled in with a response packet */ header? */ nprincs = 1; - if (retval = krb5_db_get_principal(kdc_context, request->server, &server, - &nprincs, &more)) { + if ((retval = krb5_db_get_principal(kdc_context, request->server, &server, + &nprincs, &more))) { krb5_klog_syslog(LOG_INFO, "TGS_REQ: GET_PRINCIPAL: authtime %d, host %s, %s for %s (%s)", authtime, fromstring, cname, sname, error_message(retval)); @@ -182,13 +182,13 @@ tgt_again: goto cleanup; } - if (retval = krb5_timeofday(kdc_context, &kdc_time)) { + if ((retval = krb5_timeofday(kdc_context, &kdc_time))) { status = "TIME_OF_DAY"; goto cleanup; } - if (retval = validate_tgs_request(request, server, header_ticket, - kdc_time, &status)) { + if ((retval = validate_tgs_request(request, server, header_ticket, + kdc_time, &status))) { if (!status) status = "UNKNOWN_REASON"; errcode = retval + ERROR_TABLE_BASE_krb5; @@ -399,23 +399,23 @@ tgt_again: goto cleanup; } /* do any necessary key pre-processing */ - if (retval = krb5_process_key(kdc_context, &eblock, - header_ticket->enc_part2->session)) { + if ((retval = krb5_process_key(kdc_context, &eblock, + header_ticket->enc_part2->session))) { status = "AUTH_PROCESS_KEY"; free(scratch.data); goto cleanup; } /* call the encryption routine */ - if (retval = krb5_decrypt(kdc_context, (krb5_pointer) request->authorization_data.ciphertext.data, + if ((retval = krb5_decrypt(kdc_context, (krb5_pointer) request->authorization_data.ciphertext.data, (krb5_pointer) scratch.data, - scratch.length, &eblock, 0)) { + scratch.length, &eblock, 0))) { status = "AUTH_ENCRYPT_FAIL"; (void) krb5_finish_key(kdc_context, &eblock); free(scratch.data); goto cleanup; } - if (retval = krb5_finish_key(kdc_context, &eblock)) { + if ((retval = krb5_finish_key(kdc_context, &eblock))) { status = "AUTH_FINISH_KEY"; free(scratch.data); goto cleanup; @@ -432,10 +432,10 @@ tgt_again: goto cleanup; } - if (retval = - concat_authorization_data(request->unenc_authdata, - header_ticket->enc_part2->authorization_data, - &enc_tkt_reply.authorization_data)) { + if ((retval = + concat_authorization_data(request->unenc_authdata, + header_ticket->enc_part2->authorization_data, + &enc_tkt_reply.authorization_data))) { status = "CONCAT_AUTH"; goto cleanup; } @@ -474,12 +474,12 @@ tgt_again: enc_tkt_transited.tr_contents.data = 0; enc_tkt_transited.tr_contents.length = 0; enc_tkt_reply.transited = enc_tkt_transited; - if (retval = - add_to_transited(&header_ticket->enc_part2->transited.tr_contents, - &enc_tkt_reply.transited.tr_contents, - header_ticket->server, - enc_tkt_reply.client, - request->server)) { + if ((retval = + add_to_transited(&header_ticket->enc_part2->transited.tr_contents, + &enc_tkt_reply.transited.tr_contents, + header_ticket->server, + enc_tkt_reply.client, + request->server))) { status = "ADD_TR_FAIL"; goto cleanup; } @@ -498,9 +498,9 @@ tgt_again: krb5_keyblock *st_sealing_key; krb5_kvno st_srv_kvno; - if (retval = kdc_get_server_key(request->second_ticket[st_idx], - &st_sealing_key, - &st_srv_kvno)) { + if ((retval = kdc_get_server_key(request->second_ticket[st_idx], + &st_sealing_key, + &st_srv_kvno))) { status = "2ND_TKT_SERVER"; goto cleanup; } @@ -520,7 +520,9 @@ tgt_again: */ if (!krb5_principal_compare(kdc_context, request->server, request->second_ticket[st_idx]->enc_part2->client)) { - if (retval = krb5_unparse_name(kdc_context, request->second_ticket[st_idx]->enc_part2->client, &tmp)) + if ((retval = krb5_unparse_name(kdc_context, + request->second_ticket[st_idx]->enc_part2->client, + &tmp))) tmp = 0; krb5_klog_syslog(LOG_INFO, "TGS_REQ: 2ND_TKT_MISMATCH: authtime %d, host %s, %s for %s, 2nd tkt client %s", authtime, fromstring, cname, sname, @@ -532,9 +534,9 @@ tgt_again: ticket_reply.enc_part.etype = request->second_ticket[st_idx]->enc_part2->session->etype; krb5_use_cstype(kdc_context, &eblock, ticket_reply.enc_part.etype); - if (retval = krb5_encrypt_tkt_part(kdc_context, &eblock, - request->second_ticket[st_idx]->enc_part2->session, - &ticket_reply)) { + if ((retval = krb5_encrypt_tkt_part(kdc_context, &eblock, + request->second_ticket[st_idx]->enc_part2->session, + &ticket_reply))) { status = "2ND_TKT_ENCRYPT"; goto cleanup; } @@ -542,7 +544,8 @@ tgt_again: } else { /* convert server.key into a real key (it may be encrypted in the database) */ - if (retval = KDB_CONVERT_KEY_OUTOF_DB(kdc_context, &server.key, &encrypting_key)) { + if ((retval = KDB_CONVERT_KEY_OUTOF_DB(kdc_context, &server.key, + &encrypting_key))) { status = "CONV_KEY"; goto cleanup; } @@ -666,7 +669,8 @@ krb5_data **response; errpkt.ctime = request->nonce; errpkt.cusec = 0; - if (retval = krb5_us_timeofday(kdc_context, &errpkt.stime, &errpkt.susec)) + if ((retval = krb5_us_timeofday(kdc_context, &errpkt.stime, + &errpkt.susec))) return(retval); errpkt.error = error; errpkt.server = request->server; @@ -711,10 +715,10 @@ int *nprincs; *nprincs = 0; *more = FALSE; - if (retval = krb5_walk_realm_tree(kdc_context, + if ((retval = krb5_walk_realm_tree(kdc_context, krb5_princ_realm(kdc_context, request->server), krb5_princ_component(kdc_context, request->server, 1), - &plist, KRB5_REALM_BRANCH_CHAR)) + &plist, KRB5_REALM_BRANCH_CHAR))) return; /* move to the end */ @@ -746,7 +750,7 @@ int *nprincs; tmp = *krb5_princ_realm(kdc_context, *pl2); krb5_princ_set_realm(kdc_context, *pl2, krb5_princ_realm(kdc_context, tgs_server)); - if (retval = krb5_copy_principal(kdc_context, *pl2, &tmpprinc)) { + if ((retval = krb5_copy_principal(kdc_context, *pl2, &tmpprinc))) { krb5_db_free_principal(kdc_context, server, *nprincs); krb5_princ_set_realm(kdc_context, *pl2, &tmp); continue; diff --git a/src/kdc/kdc_util.c b/src/kdc/kdc_util.c index b147eb96dd..ca68cabe75 100644 --- a/src/kdc/kdc_util.c +++ b/src/kdc/kdc_util.c @@ -139,10 +139,10 @@ comp_cksum(kdc_context, source, ticket, his_cksum) return ENOMEM; /* compute checksum */ - if (retval = krb5_calculate_checksum(kdc_context, our_cksum.checksum_type, - source->data, source->length, - ticket->enc_part2->session->contents, - ticket->enc_part2->session->length,&our_cksum)){ + if ((retval = krb5_calculate_checksum(kdc_context, our_cksum.checksum_type, + source->data, source->length, + ticket->enc_part2->session->contents, + ticket->enc_part2->session->length,&our_cksum))) { goto comp_cksum_cleanup; } @@ -190,7 +190,7 @@ kdc_process_tgs_req(request, from, pkt, ticket, subkey) scratch1.length = (*tmppa)->length; scratch1.data = (char *)(*tmppa)->contents; - if (retval = decode_krb5_ap_req(&scratch1, &apreq)) + if ((retval = decode_krb5_ap_req(&scratch1, &apreq))) return retval; if (isflagset(apreq->ap_options, AP_OPTS_USE_SESSION_KEY) || @@ -217,17 +217,18 @@ kdc_process_tgs_req(request, from, pkt, ticket, subkey) krb5_princ_realm(kdc_context, tgs_server)->length)) foreign_server = TRUE; - if (retval = krb5_auth_con_init(kdc_context, &auth_context)) + if ((retval = krb5_auth_con_init(kdc_context, &auth_context))) goto cleanup; - if (retval = krb5_auth_con_setaddrs(kdc_context, auth_context, NULL, - from->address)) + if ((retval = krb5_auth_con_setaddrs(kdc_context, auth_context, NULL, + from->address)) ) goto cleanup_auth_context; - if (retval = krb5_auth_con_setrcache(kdc_context, auth_context, kdc_rcache)) + if ((retval = krb5_auth_con_setrcache(kdc_context, auth_context, + kdc_rcache))) goto cleanup_auth_context; - if (retval = kdc_get_server_key(apreq->ticket, &key, &kvno)) + if ((retval = kdc_get_server_key(apreq->ticket, &key, &kvno))) goto cleanup_auth_context; /* @@ -239,15 +240,17 @@ kdc_process_tgs_req(request, from, pkt, ticket, subkey) if (retval) goto cleanup_auth_context; - if (retval = krb5_rd_req_decoded(kdc_context, &auth_context, apreq, - apreq->ticket->server, NULL, NULL, ticket)) + if ((retval = krb5_rd_req_decoded(kdc_context, &auth_context, apreq, + apreq->ticket->server, NULL, + NULL, ticket))) goto cleanup_auth_context; - if (retval = krb5_auth_con_getremotesubkey(kdc_context,auth_context,subkey)) + if ((retval = krb5_auth_con_getremotesubkey(kdc_context, + auth_context, subkey))) goto cleanup_auth_context; - if (retval = krb5_auth_con_getauthenticator(kdc_context, auth_context, - &authenticator)) + if ((retval = krb5_auth_con_getauthenticator(kdc_context, auth_context, + &authenticator))) goto cleanup_auth_context; /* Check for a checksum */ @@ -314,9 +317,9 @@ krb5_kvno *kvno; } else { nprincs = 1; - if (retval = krb5_db_get_principal(kdc_context, ticket->server, - &server, &nprincs, - &more)) { + if ((retval = krb5_db_get_principal(kdc_context, ticket->server, + &server, &nprincs, + &more))) { return(retval); } if (more) { @@ -335,7 +338,7 @@ krb5_kvno *kvno; } /* convert server.key into a real key (it may be encrypted in the database) */ - if (*key = (krb5_keyblock *)malloc(sizeof **key)) { + if ((*key = (krb5_keyblock *)malloc(sizeof **key))) { retval = KDB_CONVERT_KEY_OUTOF_DB(kdc_context, &server.key, *key); } else retval = ENOMEM; @@ -604,10 +607,10 @@ add_to_transited(tgt_trans, new_trans, tgs, client, server) /* previous realm, it would have been added earlier, and */ /* we would not reach this step this time around. */ - else if (pl = subrealm(realm, exp)) { + else if ((pl = subrealm(realm, exp))) { added = TRUE; current[0] = '\0'; - if (pl1 = subrealm(prev,realm)) { + if ((pl1 = subrealm(prev,realm))) { if (pl1 > 0) { strncat(current, realm, pl1); } diff --git a/src/kdc/kdc_util.h b/src/kdc/kdc_util.h index 8dc21ee1c0..05886cd32b 100644 --- a/src/kdc/kdc_util.h +++ b/src/kdc/kdc_util.h @@ -26,6 +26,11 @@ #ifndef __KRB5_KDC_UTIL__ #define __KRB5_KDC_UTIL__ +typedef struct _krb5_fulladdr { + krb5_address * address; + krb5_ui_4 port; +} krb5_fulladdr; + krb5_error_code check_hot_list PROTOTYPE((krb5_ticket *)); krb5_boolean realm_compare PROTOTYPE((krb5_principal, krb5_principal)); krb5_boolean krb5_is_tgs_principal PROTOTYPE((krb5_principal)); @@ -91,7 +96,7 @@ void kdc_insert_lookaside PROTOTYPE((krb5_data *, krb5_data *)); #define setflag(flagfield, flag) (flagfield |= (flag)) #define clear(flagfield, flag) (flagfield &= ~(flag)) -#ifdef KRB4 +#ifdef KRB5_KRB4_COMPAT krb5_error_code process_v4 PROTOTYPE((const krb5_data *, const krb5_fulladdr *, int is_secondary, diff --git a/src/kdc/kerberos_v4.c b/src/kdc/kerberos_v4.c index 98562b3be7..36951a178e 100644 --- a/src/kdc/kerberos_v4.c +++ b/src/kdc/kerberos_v4.c @@ -23,9 +23,11 @@ * */ -#ifdef KRB4 +#ifdef KRB5_KRB4_COMPAT +#define BACKWARD_COMPAT #include "k5-int.h" +#include "kdc_util.h" #include "adm_proto.h" #ifdef HAVE_STDARG_H @@ -61,6 +63,7 @@ /* v4 include files: */ #include <krb.h> +#include <krb4-proto.h> #include <des.h> #include <klog.h> #include <prot.h> @@ -406,7 +409,7 @@ krb5_data **resp; KTEXT_ST v4_pkt; char *lrealm; - if (retval = krb5_timeofday(kdc_context, (krb5_timestamp *) &kerb_time.tv_sec)) + if ((retval = krb5_timeofday(kdc_context, (krb5_timestamp *) &kerb_time.tv_sec))) return(retval); if (!*local_realm) { /* local-realm name already set up */ @@ -779,8 +782,8 @@ kerberos_v4(client, pkt) "Initial ticket request Host: %s User: \"%s\" \"%s\"", inet_ntoa(client_host), req_name_ptr, req_inst_ptr, 0); - if (i = check_princ(req_name_ptr, req_inst_ptr, 0, - &a_name_data)) { + if ((i = check_princ(req_name_ptr, req_inst_ptr, 0, + &a_name_data))) { kerb_err_reply(client, pkt, i, lt); a_name_data.key_low = a_name_data.key_high = 0; return; @@ -791,8 +794,8 @@ kerberos_v4(client, pkt) "INITIAL request from %s.%s for %s.%s", req_name_ptr, req_inst_ptr, service, instance, 0); /* this does all the checking */ - if (i = check_princ(service, instance, lifetime, - &s_name_data)) { + if ((i = check_princ(service, instance, lifetime, + &s_name_data))) { kerb_err_reply(client, pkt, i, lt); a_name_data.key_high = a_name_data.key_low = 0; s_name_data.key_high = s_name_data.key_low = 0; @@ -1223,4 +1226,4 @@ hang() } } #endif /* BACKWARD_COMPAT */ -#endif /* KRB4 */ +#endif /* KRB5_KRB4_COMPAT */ diff --git a/src/kdc/main.c b/src/kdc/main.c index 848ccada42..b7c460be70 100644 --- a/src/kdc/main.c +++ b/src/kdc/main.c @@ -124,7 +124,7 @@ char **argv; } if (!db_realm) { /* no realm specified, use default realm */ - if (retval = krb5_get_default_realm(kdc_context, &lrealm)) { + if ((retval = krb5_get_default_realm(kdc_context, &lrealm))) { com_err(argv[0], retval, "while attempting to retrieve default realm"); exit(1); @@ -140,7 +140,7 @@ char **argv; if (!rcname) rcname = KDCRCACHE; - if (retval = krb5_rc_resolve_full(kdc_context, &kdc_rcache, rcname)) { + if ((retval = krb5_rc_resolve_full(kdc_context, &kdc_rcache, rcname))) { com_err(argv[0], retval, "while resolving replay cache '%s'", rcname); exit(1); } @@ -162,8 +162,9 @@ char **argv; } /* assemble & parse the master key name */ - if (retval = krb5_db_setup_mkey_name(kdc_context, mkey_name, db_realm, (char **) 0, - &master_princ)) { + if ((retval = krb5_db_setup_mkey_name(kdc_context, mkey_name, + db_realm, (char **) 0, + &master_princ))) { com_err(argv[0], retval, "while setting up master key name"); (void) krb5_rc_close(kdc_context, kdc_rcache); exit(1); @@ -176,9 +177,10 @@ char **argv; } krb5_use_cstype(kdc_context, &master_encblock, kdc_etype); - if (retval = krb5_db_fetch_mkey(kdc_context, master_princ, &master_encblock, manual, - FALSE, /* only read it once, if at all */ - 0, &master_keyblock)) { + if ((retval = krb5_db_fetch_mkey(kdc_context, master_princ, + &master_encblock, manual, + FALSE, /* only read it once, if at all */ + 0, &master_keyblock))) { com_err(argv[0], retval, "while fetching master key"); (void) krb5_rc_close(kdc_context, kdc_rcache); exit(1); @@ -186,9 +188,9 @@ char **argv; /* initialize random key generators */ for (etype = 0; etype <= krb5_max_cryptosystem; etype++) { if (krb5_csarray[etype]) { - if (retval = (*krb5_csarray[etype]->system-> + if ((retval = (*krb5_csarray[etype]->system-> init_random_key)(&master_keyblock, - &krb5_csarray[etype]->random_sequence)) { + &krb5_csarray[etype]->random_sequence))) { com_err(argv[0], retval, "while setting up random key generator for etype %d--etype disabled", etype); krb5_csarray[etype] = 0; } @@ -211,7 +213,7 @@ char *prog; else rtype = strdup("Unknown_rcache_type"); rname = strdup(krb5_rc_get_name(kdc_context, kdc_rcache)); - if (retval = krb5_rc_close(kdc_context, kdc_rcache)) { + if ((retval = krb5_rc_close(kdc_context, kdc_rcache))) { com_err(prog, retval, "while closing replay cache '%s:%s'", rtype, rname); } @@ -232,7 +234,7 @@ krb5_keyblock *masterkeyblock; int nprincs; krb5_boolean more; krb5_db_entry server; -#ifdef KRB4 +#ifdef KRB5_KRB4_COMPAT extern unsigned char master_key_version; #endif @@ -241,21 +243,21 @@ krb5_keyblock *masterkeyblock; return(retval); /* initialize database */ - if (retval = krb5_db_init(kdc_context)) + if ((retval = krb5_db_init(kdc_context))) return(retval); - if (retval = krb5_db_verify_master_key(kdc_context, masterkeyname, - masterkeyblock, &master_encblock)) { + if ((retval = krb5_db_verify_master_key(kdc_context, masterkeyname, + masterkeyblock, + &master_encblock))) { master_encblock.crypto_entry = 0; return(retval); } -#ifdef KRB4 +#ifdef KRB5_KRB4_COMPAT /* get the master key, to extract the master key version number */ nprincs = 1; - if (retval = krb5_db_get_principal(kdc_context, masterkeyname, - &server, &nprincs, - &more)) { + if ((retval = krb5_db_get_principal(kdc_context, masterkeyname, + &server, &nprincs, &more))) { return(retval); } if (nprincs != 1) { @@ -271,7 +273,8 @@ krb5_keyblock *masterkeyblock; #endif /* do any necessary key pre-processing */ - if (retval = krb5_process_key(kdc_context, &master_encblock, masterkeyblock)) { + if ((retval = krb5_process_key(kdc_context, &master_encblock, + masterkeyblock))) { master_encblock.crypto_entry = 0; (void) krb5_db_fini(kdc_context); return(retval); @@ -289,9 +292,8 @@ krb5_keyblock *masterkeyblock; *krb5_princ_realm(kdc_context, masterkeyname); nprincs = 1; - if (retval = krb5_db_get_principal(kdc_context, tgs_server, - &server, &nprincs, - &more)) { + if ((retval = krb5_db_get_principal(kdc_context, tgs_server, + &server, &nprincs, &more))) { return(retval); } if (more) { @@ -309,7 +311,8 @@ krb5_keyblock *masterkeyblock; } /* convert server.key into a real key (it may be encrypted in the database) */ - if (retval = KDB_CONVERT_KEY_OUTOF_DB(kdc_context, &server.key, &tgs_key)) { + if ((retval = KDB_CONVERT_KEY_OUTOF_DB(kdc_context, &server.key, + &tgs_key))) { krb5_db_free_principal(kdc_context, &server, nprincs); (void) krb5_finish_key(kdc_context, &master_encblock); memset((char *)&master_encblock, 0, sizeof(master_encblock)); @@ -369,7 +372,7 @@ closedown_db() krb5_context kdc_context; -main(argc, argv) +int main(argc, argv) int argc; char *argv[]; { @@ -387,12 +390,12 @@ char *argv[]; setup_signal_handlers(); - if (retval = init_db(dbm_db_name, master_princ, &master_keyblock)) { + if ((retval = init_db(dbm_db_name, master_princ, &master_keyblock))) { com_err(argv[0], retval, "while initializing database"); finish_args(argv[0]); return 1; } - if (retval = setup_network(argv[0])) { + if ((retval = setup_network(argv[0]))) { com_err(argv[0], retval, "while initializing network"); finish_args(argv[0]); return 1; @@ -403,15 +406,15 @@ char *argv[]; return 1; } krb5_klog_syslog(LOG_INFO, "commencing operation"); - if (retval = listen_and_process(argv[0])){ + if ((retval = listen_and_process(argv[0]))) { com_err(argv[0], retval, "while processing network requests"); errout++; } - if (retval = closedown_network(argv[0])) { + if ((retval = closedown_network(argv[0]))) { com_err(argv[0], retval, "while shutting down network"); errout++; } - if (retval = closedown_db()) { + if ((retval = closedown_db())) { com_err(argv[0], retval, "while closing database"); errout++; } diff --git a/src/kdc/network.c b/src/kdc/network.c index ff99911d1d..f7bcec2eab 100644 --- a/src/kdc/network.c +++ b/src/kdc/network.c @@ -148,7 +148,7 @@ void process_packet(port_fd, prog, is_secondary) addr.length = 4; /* this address is in net order */ addr.contents = (krb5_octet *) &saddr.sin_addr; - if (retval = dispatch(&request, &faddr, is_secondary, &response)) { + if ((retval = dispatch(&request, &faddr, is_secondary, &response))) { com_err(prog, retval, "while dispatching"); return; } |