diff options
author | Greg Hudson <ghudson@mit.edu> | 2009-12-28 18:03:31 +0000 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2009-12-28 18:03:31 +0000 |
commit | 92516277cb0205a1781b06d204d9d103d599f8a7 (patch) | |
tree | 0c1fdfa704f8c8e31dba09768d216f0ae7d23607 /src/lib | |
parent | ec49e6e673ab229462ef18aa2986167eaa643643 (diff) | |
download | krb5-92516277cb0205a1781b06d204d9d103d599f8a7.tar.gz krb5-92516277cb0205a1781b06d204d9d103d599f8a7.tar.xz krb5-92516277cb0205a1781b06d204d9d103d599f8a7.zip |
Whitespace fixes for new anonymous support
ticket: 6607
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23528 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib')
-rw-r--r-- | src/lib/gssapi/krb5/import_name.c | 3 | ||||
-rw-r--r-- | src/lib/kadm5/clnt/client_init.c | 5 | ||||
-rw-r--r-- | src/lib/krb5/krb/bld_princ.c | 14 | ||||
-rw-r--r-- | src/lib/krb5/krb/chk_trans.c | 6 | ||||
-rw-r--r-- | src/lib/krb5/krb/get_in_tkt.c | 45 |
5 files changed, 41 insertions, 32 deletions
diff --git a/src/lib/gssapi/krb5/import_name.c b/src/lib/gssapi/krb5/import_name.c index cfb75fb22..23a6df951 100644 --- a/src/lib/gssapi/krb5/import_name.c +++ b/src/lib/gssapi/krb5/import_name.c @@ -156,7 +156,8 @@ krb5_gss_import_name(minor_status, input_name_buffer, } } else if ((input_name_type != NULL) && g_OID_equal(input_name_type, GSS_C_NT_ANONYMOUS)) { - code = krb5_copy_principal(context, krb5_anonymous_principal(), &princ); + code = krb5_copy_principal(context, krb5_anonymous_principal(), + &princ); if (code != 0) { krb5_free_context(context); *minor_status = code; diff --git a/src/lib/kadm5/clnt/client_init.c b/src/lib/kadm5/clnt/client_init.c index 82033e9fd..03e0a9c55 100644 --- a/src/lib/kadm5/clnt/client_init.c +++ b/src/lib/kadm5/clnt/client_init.c @@ -59,7 +59,7 @@ #define ADM_CCACHE "/tmp/ovsec_adm.XXXXXX" -enum init_type { INIT_PASS, INIT_SKEY, INIT_CREDS , INIT_ANONYMOUS}; +enum init_type { INIT_PASS, INIT_SKEY, INIT_CREDS, INIT_ANONYMOUS }; static kadm5_ret_t _kadm5_init_any(krb5_context context, char *client_name, @@ -356,7 +356,8 @@ static kadm5_ret_t _kadm5_init_any(krb5_context context, char *client_name, * The RPC connection is open; establish the GSS-API * authentication context. */ - code = kadm5_setup_gss(handle, params_in, (init_type == INIT_CREDS)?client_name:NULL, + code = kadm5_setup_gss(handle, params_in, + (init_type == INIT_CREDS) ? client_name : NULL, full_svcname); if (code) goto error; diff --git a/src/lib/krb5/krb/bld_princ.c b/src/lib/krb5/krb/bld_princ.c index 8378599d3..372f6c991 100644 --- a/src/lib/krb5/krb/bld_princ.c +++ b/src/lib/krb5/krb/bld_princ.c @@ -189,21 +189,20 @@ krb5_build_principal(krb5_context context, } /*Anonymous and well known principals*/ -static const char anon_realm_str[] -= KRB5_ANONYMOUS_REALMSTR; +static const char anon_realm_str[] = KRB5_ANONYMOUS_REALMSTR; static const krb5_data anon_realm_data = { - KV5M_DATA, sizeof(anon_realm_str)-1, - (char *) anon_realm_str}; + KV5M_DATA, sizeof(anon_realm_str) - 1, (char *) anon_realm_str +}; static const char wellknown_str[] = KRB5_WELLKNOWN_NAMESTR; static const char anon_str[] = KRB5_ANONYMOUS_PRINCSTR; static const krb5_data anon_princ_data[] = { - {KV5M_DATA, sizeof(wellknown_str)-1, (char *) wellknown_str}, - {KV5M_DATA, sizeof(anon_str)-1, (char *)anon_str} + { KV5M_DATA, sizeof(wellknown_str) - 1, (char *) wellknown_str }, + { KV5M_DATA, sizeof(anon_str) - 1, (char *) anon_str } }; const krb5_principal_data anon_princ = { KV5M_PRINCIPAL, - {KV5M_DATA, sizeof(anon_realm_str)-1, (char *) anon_realm_str}, + { KV5M_DATA, sizeof(anon_realm_str) - 1, (char *) anon_realm_str }, (krb5_data *) anon_princ_data, 2, KRB5_NT_WELLKNOWN }; @@ -212,6 +211,7 @@ krb5_anonymous_realm() { return &anon_realm_data; } + krb5_const_principal KRB5_CALLCONV krb5_anonymous_principal() { diff --git a/src/lib/krb5/krb/chk_trans.c b/src/lib/krb5/krb/chk_trans.c index def50885c..64ccb3030 100644 --- a/src/lib/krb5/krb/chk_trans.c +++ b/src/lib/krb5/krb/chk_trans.c @@ -329,9 +329,9 @@ krb5_check_transited_list (krb5_context ctx, const krb5_data *trans_in, if (trans.length == 0) return 0; anonymous = krb5_anonymous_realm(); - if (crealm->length == anonymous->length - && (memcmp(crealm->data, anonymous->data, anonymous->length) == 0)) - return 0; /*Nothing to check for anonymous*/ + if (crealm->length == anonymous->length && + (memcmp(crealm->data, anonymous->data, anonymous->length) == 0)) + return 0; /* Nothing to check for anonymous */ r = krb5_walk_realm_tree (ctx, crealm, srealm, &cdata.tgs, KRB5_REALM_BRANCH_CHAR); diff --git a/src/lib/krb5/krb/get_in_tkt.c b/src/lib/krb5/krb/get_in_tkt.c index 315bdc943..09df3f052 100644 --- a/src/lib/krb5/krb/get_in_tkt.c +++ b/src/lib/krb5/krb/get_in_tkt.c @@ -300,14 +300,15 @@ verify_anonymous( krb5_context context, krb5_kdc_req *request, krb5_keyblock *kdc_key = NULL, *expected = NULL; krb5_enc_data *enc = NULL; krb5_keyblock *session = reply->enc_part2->session; + if (!krb5_principal_compare_any_realm(context, request->client, krb5_anonymous_principal())) - return 0; /*Only applies to fully anonymous*/ + return 0; /* Only applies to fully anonymous */ pa = krb5int_find_pa_data(context, reply->padata, KRB5_PADATA_PKINIT_KX); if (pa == NULL) goto verification_error; scratch.length = pa->length; - scratch.data = (char *) pa->contents; + scratch.data = (char *) pa->contents; ret = decode_krb5_enc_data( &scratch, &enc); if (ret) goto cleanup; @@ -318,7 +319,7 @@ verify_anonymous( krb5_context context, krb5_kdc_req *request, ret = krb5_c_decrypt(context, as_key, KRB5_KEYUSAGE_PA_PKINIT_KX, NULL /*cipherstate*/, enc, &scratch); if (ret) { - free( scratch.data); + free(scratch.data); goto cleanup; } ret = decode_krb5_encryption_key( &scratch, &kdc_key); @@ -326,13 +327,13 @@ verify_anonymous( krb5_context context, krb5_kdc_req *request, free(scratch.data); if (ret) goto cleanup; - ret = krb5_c_fx_cf2_simple( context, kdc_key, "PKINIT", - as_key, "KEYEXCHANGE", &expected); + ret = krb5_c_fx_cf2_simple(context, kdc_key, "PKINIT", + as_key, "KEYEXCHANGE", &expected); if (ret) goto cleanup; - if ((expected->enctype != session->enctype) - || (expected->length != session->length) - || (memcmp(expected->contents, session->contents, expected->length) != 0)) + if ((expected->enctype != session->enctype) || + (expected->length != session->length) || + (memcmp(expected->contents, session->contents, expected->length) != 0)) goto verification_error; cleanup: if (kdc_key) @@ -344,7 +345,8 @@ cleanup: return ret; verification_error: ret = KRB5_KDCREP_MODIFIED; - krb5_set_error_message(context, ret, "Reply has wrong form of session key for anonymous request"); + krb5_set_error_message(context, ret, "Reply has wrong form of session key " + "for anonymous request"); goto cleanup; } @@ -369,14 +371,17 @@ verify_as_reply(krb5_context context, * principal) and we requested (and received) a TGT. */ canon_req = ((request->kdc_options & KDC_OPT_CANONICALIZE) != 0) || - (krb5_princ_type(context, request->client) == KRB5_NT_ENTERPRISE_PRINCIPAL) - || (request->kdc_options & KDC_OPT_REQUEST_ANONYMOUS); + (krb5_princ_type(context, request->client) == + KRB5_NT_ENTERPRISE_PRINCIPAL) || + (request->kdc_options & KDC_OPT_REQUEST_ANONYMOUS); if (canon_req) { canon_ok = IS_TGS_PRINC(context, request->server) && IS_TGS_PRINC(context, as_reply->enc_part2->server); - if ((!canon_ok ) && (request->kdc_options &KDC_OPT_REQUEST_ANONYMOUS)) - canon_ok = krb5_principal_compare_any_realm(context, as_reply->client, + if (!canon_ok && (request->kdc_options & KDC_OPT_REQUEST_ANONYMOUS)) { + canon_ok = krb5_principal_compare_any_realm(context, + as_reply->client, krb5_anonymous_principal()); + } } else canon_ok = 0; @@ -1463,13 +1468,14 @@ krb5_init_creds_init(krb5_context context, ctx->salt.data = NULL; } - /*Anonymous*/ + /* Anonymous. */ if(opte->flags & KRB5_GET_INIT_CREDS_OPT_ANONYMOUS) { ctx->request->kdc_options |= KDC_OPT_REQUEST_ANONYMOUS; - /*Remap @REALM to WELLKNOWN/ANONYMOUS@REALM*/ + /* Remap @REALM to WELLKNOWN/ANONYMOUS@REALM. */ if (client->length == 1 && client->data[0].length ==0) { krb5_principal new_client; - code = krb5_build_principal_ext(context, &new_client, client->realm.length, + code = krb5_build_principal_ext(context, &new_client, + client->realm.length, client->realm.data, strlen(KRB5_WELLKNOWN_NAMESTR), KRB5_WELLKNOWN_NAMESTR, @@ -1483,7 +1489,8 @@ krb5_init_creds_init(krb5_context context, krb5_princ_type(context, ctx->request->client) = KRB5_NT_WELLKNOWN; } } - /*We will also handle anonymous if the input principal is the anonymous principal*/ + /* We will also handle anonymous if the input principal is the anonymous + * principal. */ if (krb5_principal_compare_any_realm(context, ctx->request->client, krb5_anonymous_principal())) { ctx->request->kdc_options |= KDC_OPT_REQUEST_ANONYMOUS; @@ -1924,8 +1931,8 @@ init_creds_step_reply(krb5_context context, ctx->request, ctx->reply); if (code != 0) goto cleanup; - code = verify_anonymous( context, ctx->request, ctx->reply, - &encrypting_key); + code = verify_anonymous(context, ctx->request, ctx->reply, + &encrypting_key); if (code) goto cleanup; |