diff options
| author | Günther Deschner <gd@samba.org> | 2007-02-27 13:31:42 +0000 |
|---|---|---|
| committer | Günther Deschner <gd@samba.org> | 2007-02-27 13:31:42 +0000 |
| commit | 97def5acc7bbd421391629ace8c389ba186ad9b4 (patch) | |
| tree | b8e7e262a2272b9325771df441862ea9ea4717f1 | |
| parent | cdd1b90bd7b48d53fbe3efc4b704c19add45348a (diff) | |
| download | samba-97def5acc7bbd421391629ace8c389ba186ad9b4.tar.gz samba-97def5acc7bbd421391629ace8c389ba186ad9b4.tar.xz samba-97def5acc7bbd421391629ace8c389ba186ad9b4.zip | |
r21558: Safe more indent, again no code changes.
Guenther
| -rw-r--r-- | source/libads/kerberos_verify.c | 74 |
1 files changed, 37 insertions, 37 deletions
diff --git a/source/libads/kerberos_verify.c b/source/libads/kerberos_verify.c index 72b6ac34e93..2c114b1240e 100644 --- a/source/libads/kerberos_verify.c +++ b/source/libads/kerberos_verify.c @@ -96,44 +96,44 @@ static BOOL ads_keytab_verify_ticket(krb5_context context, krb5_auth_context aut goto out; } - for (i = 0; i < sizeof(valid_princ_formats) / sizeof(valid_princ_formats[0]); i++) { - if (strequal(entry_princ_s, valid_princ_formats[i])) { - number_matched_principals++; - p_packet->length = ticket->length; - p_packet->data = (char *)ticket->data; - *pp_tkt = NULL; - - ret = krb5_rd_req_return_keyblock_from_keytab(context, &auth_context, p_packet, - kt_entry.principal, keytab, - NULL, pp_tkt, keyblock); - - if (ret) { - DEBUG(10,("ads_keytab_verify_ticket: " - "krb5_rd_req_return_keyblock_from_keytab(%s) failed: %s\n", - entry_princ_s, error_message(ret))); - - /* workaround for MIT: - * as krb5_ktfile_get_entry will - * explicitly close the - * krb5_keytab as soon as - * krb5_rd_req has sucessfully - * decrypted the ticket but the - * ticket is not valid yet (due - * to clockskew) there is no - * point in querying more - * keytab entries - Guenther */ - - if (ret == KRB5KRB_AP_ERR_TKT_NYV || - ret == KRB5KRB_AP_ERR_TKT_EXPIRED) { - break; - } - } else { - DEBUG(3,("ads_keytab_verify_ticket: " - "krb5_rd_req_return_keyblock_from_keytab succeeded for principal %s\n", - entry_princ_s)); - auth_ok = True; + for (i = 0; i < ARRAY_SIZE(valid_princ_formats); i++) { + + if (!strequal(entry_princ_s, valid_princ_formats[i])) { + continue; + } + + number_matched_principals++; + p_packet->length = ticket->length; + p_packet->data = (char *)ticket->data; + *pp_tkt = NULL; + + ret = krb5_rd_req_return_keyblock_from_keytab(context, &auth_context, p_packet, + kt_entry.principal, keytab, + NULL, pp_tkt, keyblock); + + if (ret) { + DEBUG(10,("ads_keytab_verify_ticket: " + "krb5_rd_req_return_keyblock_from_keytab(%s) failed: %s\n", + entry_princ_s, error_message(ret))); + + /* workaround for MIT: + * as krb5_ktfile_get_entry will explicitly + * close the krb5_keytab as soon as krb5_rd_req + * has sucessfully decrypted the ticket but the + * ticket is not valid yet (due to clockskew) + * there is no point in querying more keytab + * entries - Guenther */ + + if (ret == KRB5KRB_AP_ERR_TKT_NYV || + ret == KRB5KRB_AP_ERR_TKT_EXPIRED) { break; } + } else { + DEBUG(3,("ads_keytab_verify_ticket: " + "krb5_rd_req_return_keyblock_from_keytab succeeded for principal %s\n", + entry_princ_s)); + auth_ok = True; + break; } } @@ -150,7 +150,7 @@ static BOOL ads_keytab_verify_ticket(krb5_context context, krb5_auth_context aut out: - for (i = 0; i < sizeof(valid_princ_formats) / sizeof(valid_princ_formats[0]); i++) { + for (i = 0; i < ARRAY_SIZE(valid_princ_formats); i++) { SAFE_FREE(valid_princ_formats[i]); } |