From e5d5a93ab88e5313a11056130060662c97285336 Mon Sep 17 00:00:00 2001
From: Ondrej Kos <okos@redhat.com>
Date: Wed, 17 Jul 2013 19:15:39 +0200
Subject: KRB: Replace multiple calls with variable

Instead of multiple calls of sss_authtok_get_type, perform the call just
once and store into variable.
---
 src/providers/krb5/krb5_auth.c | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/src/providers/krb5/krb5_auth.c b/src/providers/krb5/krb5_auth.c
index 4c2fe0f24..506ca520a 100644
--- a/src/providers/krb5/krb5_auth.c
+++ b/src/providers/krb5/krb5_auth.c
@@ -467,6 +467,7 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx,
     const char *realm;
     struct tevent_req *req;
     struct tevent_req *subreq;
+    int authtok_type;
     int ret;
 
     req = tevent_req_create(mem_ctx, &state, struct krb5_auth_state);
@@ -491,12 +492,14 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx,
 
     state->sysdb = state->domain->sysdb;
 
+    authtok_type = sss_authtok_get_type(pd->authtok);
+
     switch (pd->cmd) {
         case SSS_PAM_AUTHENTICATE:
         case SSS_PAM_CHAUTHTOK:
-            if (sss_authtok_get_type(pd->authtok) != SSS_AUTHTOK_TYPE_PASSWORD) {
+            if (authtok_type != SSS_AUTHTOK_TYPE_PASSWORD) {
                 /* handle empty password gracefully */
-                if (sss_authtok_get_type(pd->authtok) == SSS_AUTHTOK_TYPE_EMPTY) {
+                if (authtok_type == SSS_AUTHTOK_TYPE_EMPTY) {
                     DEBUG(SSSDBG_CRIT_FAILURE,
                           ("Illegal zero-length authtok for user [%s]\n",
                            pd->user));
@@ -510,7 +513,7 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx,
                       ("Wrong authtok type for user [%s]. " \
                        "Expected [%d], got [%d]\n", pd->user,
                           SSS_AUTHTOK_TYPE_PASSWORD,
-                          sss_authtok_get_type(pd->authtok)));
+                          authtok_type));
                 state->pam_status = PAM_SYSTEM_ERR;
                 state->dp_err = DP_ERR_FATAL;
                 ret = EINVAL;
@@ -519,7 +522,7 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx,
             break;
         case SSS_PAM_CHAUTHTOK_PRELIM:
             if (pd->priv == 1 &&
-                sss_authtok_get_type(pd->authtok) != SSS_AUTHTOK_TYPE_PASSWORD) {
+                authtok_type != SSS_AUTHTOK_TYPE_PASSWORD) {
                 DEBUG(SSSDBG_MINOR_FAILURE,
                       ("Password reset by root is not supported.\n"));
                 state->pam_status = PAM_PERM_DENIED;
@@ -529,12 +532,12 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx,
             }
             break;
         case SSS_CMD_RENEW:
-            if (sss_authtok_get_type(pd->authtok) != SSS_AUTHTOK_TYPE_CCFILE) {
+            if (authtok_type != SSS_AUTHTOK_TYPE_CCFILE) {
                 DEBUG(SSSDBG_CRIT_FAILURE,
                       ("Wrong authtok type for user [%s]. " \
                        "Expected [%d], got [%d]\n", pd->user,
                           SSS_AUTHTOK_TYPE_CCFILE,
-                          sss_authtok_get_type(pd->authtok)));
+                          authtok_type));
                 state->pam_status = PAM_SYSTEM_ERR;
                 state->dp_err = DP_ERR_FATAL;
                 ret = EINVAL;
-- 
cgit