diff options
| author | Ezra Peisach <epeisach@mit.edu> | 2000-06-30 19:55:18 +0000 |
|---|---|---|
| committer | Ezra Peisach <epeisach@mit.edu> | 2000-06-30 19:55:18 +0000 |
| commit | 872a18cb0cdec1de6b40772a6938f602eff8f844 (patch) | |
| tree | e266f2e892f87a27560ad7e549f4c21c16b34e5b /src | |
| parent | 6ea92e4dddac9d2a2b5c52aeb17d9b831cabeb34 (diff) | |
| download | krb5-872a18cb0cdec1de6b40772a6938f602eff8f844.tar.gz krb5-872a18cb0cdec1de6b40772a6938f602eff8f844.tar.xz krb5-872a18cb0cdec1de6b40772a6938f602eff8f844.zip | |
* t_walk_rtree.c (main): Declare as returning int
* get_in_tkt.c (_krb5_conf_boolean): Declare as taking a const char *
* str_conv.c (krb5_timestamp_to_string): Work around gcc's warning
that %c format in strftime might return only two digits for the
year.
* mk_safe.c, rd_rep.c, send_tgs.c: Remove unused goto label.
* kdc_rep_dc.c (krb5_kdc_rep_decrypt_proc): Remove code with no
effect.
* init_ctx.c: Make krb5_brand[] look used.
* chpw.c, decode_kdc.c, decrypt_tk.c, enc_helper.c, get_creds.c,
get_in_tkt.c, gic_keytab.c, gic_pwd.c, preauth2.c, vfy_increds.c:
Add parentheses around assignment used as truth value
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12483 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/krb5/krb/ChangeLog | 21 | ||||
| -rw-r--r-- | src/lib/krb5/krb/chpw.c | 12 | ||||
| -rw-r--r-- | src/lib/krb5/krb/decode_kdc.c | 4 | ||||
| -rw-r--r-- | src/lib/krb5/krb/decrypt_tk.c | 4 | ||||
| -rw-r--r-- | src/lib/krb5/krb/enc_helper.c | 4 | ||||
| -rw-r--r-- | src/lib/krb5/krb/get_creds.c | 6 | ||||
| -rw-r--r-- | src/lib/krb5/krb/get_in_tkt.c | 54 | ||||
| -rw-r--r-- | src/lib/krb5/krb/gic_keytab.c | 4 | ||||
| -rw-r--r-- | src/lib/krb5/krb/gic_pwd.c | 8 | ||||
| -rw-r--r-- | src/lib/krb5/krb/init_ctx.c | 4 | ||||
| -rw-r--r-- | src/lib/krb5/krb/kdc_rep_dc.c | 2 | ||||
| -rw-r--r-- | src/lib/krb5/krb/mk_safe.c | 1 | ||||
| -rw-r--r-- | src/lib/krb5/krb/preauth2.c | 42 | ||||
| -rw-r--r-- | src/lib/krb5/krb/rd_rep.c | 2 | ||||
| -rw-r--r-- | src/lib/krb5/krb/send_tgs.c | 5 | ||||
| -rw-r--r-- | src/lib/krb5/krb/str_conv.c | 4 | ||||
| -rw-r--r-- | src/lib/krb5/krb/t_walk_rtree.c | 5 | ||||
| -rw-r--r-- | src/lib/krb5/krb/vfy_increds.c | 32 |
18 files changed, 120 insertions, 94 deletions
diff --git a/src/lib/krb5/krb/ChangeLog b/src/lib/krb5/krb/ChangeLog index 68ee72826..dfdf646c7 100644 --- a/src/lib/krb5/krb/ChangeLog +++ b/src/lib/krb5/krb/ChangeLog @@ -1,3 +1,24 @@ +2000-06-29 Ezra Peisach <epeisach@engrailed.mit.edu> + + * t_walk_rtree.c (main): Declare as returning int. + + * get_in_tkt.c (_krb5_conf_boolean): Declare as taking a const char * + + * str_conv.c (krb5_timestamp_to_string): Work around gcc's warning + that %c format in strftime might return only two digits for the + year. + + * mk_safe.c, rd_rep.c, send_tgs.c: Remove unused goto label. + + * kdc_rep_dc.c (krb5_kdc_rep_decrypt_proc): Remove code with no + effect. + + * init_ctx.c: Make krb5_brand[] look used. + + * chpw.c, decode_kdc.c, decrypt_tk.c, enc_helper.c, get_creds.c, + get_in_tkt.c, gic_keytab.c, gic_pwd.c, preauth2.c, vfy_increds.c: + Add parentheses around assignment used as truth value + 2000-06-28 Ezra Peisach <epeisach@mit.edu> * conv_princ.c, get_creds.c, get_in_tkt.c, mk_rep.c, parse.c, diff --git a/src/lib/krb5/krb/chpw.c b/src/lib/krb5/krb/chpw.c index f3c6eb6de..c1c40dc1a 100644 --- a/src/lib/krb5/krb/chpw.c +++ b/src/lib/krb5/krb/chpw.c @@ -20,15 +20,15 @@ krb5_mk_chpw_req(context, auth_context, ap_req, passwd, packet) cipherpw.data = NULL; - if (ret = krb5_auth_con_setflags(context, auth_context, - KRB5_AUTH_CONTEXT_DO_SEQUENCE)) + if ((ret = krb5_auth_con_setflags(context, auth_context, + KRB5_AUTH_CONTEXT_DO_SEQUENCE))) goto cleanup; clearpw.length = strlen(passwd); clearpw.data = passwd; - if (ret = krb5_mk_priv(context, auth_context, - &clearpw, &cipherpw, &replay)) + if ((ret = krb5_mk_priv(context, auth_context, + &clearpw, &cipherpw, &replay))) goto cleanup; packet->length = 6 + ap_req->length + cipherpw.length; @@ -126,7 +126,7 @@ krb5_rd_chpw_rep(context, auth_context, packet, result_code, result_data) ap_rep.data = ptr; ptr += ap_rep.length; - if (ret = krb5_rd_rep(context, auth_context, &ap_rep, &ap_rep_enc)) + if ((ret = krb5_rd_rep(context, auth_context, &ap_rep, &ap_rep_enc))) return(ret); krb5_free_ap_rep_enc_part(context, ap_rep_enc); @@ -154,7 +154,7 @@ krb5_rd_chpw_rep(context, auth_context, packet, result_code, result_data) cipherresult.data = ptr; cipherresult.length = (packet->data + packet->length) - ptr; - if (ret = krb5_rd_error(context, &cipherresult, &krberror)) + if ((ret = krb5_rd_error(context, &cipherresult, &krberror))) return(ret); clearresult = krberror->e_data; diff --git a/src/lib/krb5/krb/decode_kdc.c b/src/lib/krb5/krb/decode_kdc.c index 38990aed7..23869c627 100644 --- a/src/lib/krb5/krb/decode_kdc.c +++ b/src/lib/krb5/krb/decode_kdc.c @@ -71,8 +71,8 @@ krb5_decode_kdc_rep(context, enc_rep, key, dec_rep) if (retval) return retval; - if (retval = krb5_kdc_rep_decrypt_proc(context, key, &usage, - local_dec_rep)) + if ((retval = krb5_kdc_rep_decrypt_proc(context, key, &usage, + local_dec_rep))) krb5_free_kdc_rep(context, local_dec_rep); else *dec_rep = local_dec_rep; diff --git a/src/lib/krb5/krb/decrypt_tk.c b/src/lib/krb5/krb/decrypt_tk.c index e988c2d31..498d5d1d9 100644 --- a/src/lib/krb5/krb/decrypt_tk.c +++ b/src/lib/krb5/krb/decrypt_tk.c @@ -56,9 +56,9 @@ krb5_decrypt_tkt_part(context, srv_key, ticket) return(ENOMEM); /* call the encryption routine */ - if (retval = krb5_c_decrypt(context, srv_key, + if ((retval = krb5_c_decrypt(context, srv_key, KRB5_KEYUSAGE_KDC_REP_TICKET, 0, - &ticket->enc_part, &scratch)) { + &ticket->enc_part, &scratch))) { free(scratch.data); return retval; } diff --git a/src/lib/krb5/krb/enc_helper.c b/src/lib/krb5/krb/enc_helper.c index 0e988a08c..c40d9e292 100644 --- a/src/lib/krb5/krb/enc_helper.c +++ b/src/lib/krb5/krb/enc_helper.c @@ -37,8 +37,8 @@ krb5_encrypt_helper(context, key, usage, plain, cipher) krb5_error_code ret; size_t enclen; - if (ret = krb5_c_encrypt_length(context, key->enctype, plain->length, - &enclen)) + if ((ret = krb5_c_encrypt_length(context, key->enctype, plain->length, + &enclen))) return(ret); cipher->ciphertext.length = enclen; diff --git a/src/lib/krb5/krb/get_creds.c b/src/lib/krb5/krb/get_creds.c index de8d29f6d..2538735da 100644 --- a/src/lib/krb5/krb/get_creds.c +++ b/src/lib/krb5/krb/get_creds.c @@ -265,7 +265,7 @@ krb5_validate_or_renew_creds(context, creds, client, ccache, in_tkt_service, in the library, so I'm going to manipulate the data structures directly, otherwise, it will be worse. */ - if (ret = krb5_parse_name(context, in_tkt_service, &in_creds.server)) + if ((ret = krb5_parse_name(context, in_tkt_service, &in_creds.server))) goto cleanup; /* stuff the client realm into the server principal. @@ -282,14 +282,14 @@ krb5_validate_or_renew_creds(context, creds, client, ccache, in_tkt_service, memcpy(in_creds.server->realm.data, in_creds.client->realm.data, in_creds.client->realm.length); } else { - if (ret = krb5_build_principal_ext(context, &in_creds.server, + if ((ret = krb5_build_principal_ext(context, &in_creds.server, in_creds.client->realm.length, in_creds.client->realm.data, KRB5_TGS_NAME_SIZE, KRB5_TGS_NAME, in_creds.client->realm.length, in_creds.client->realm.data, - 0)) + 0))) goto cleanup; } diff --git a/src/lib/krb5/krb/get_in_tkt.c b/src/lib/krb5/krb/get_in_tkt.c index 5065c9a48..a75f90a48 100644 --- a/src/lib/krb5/krb/get_in_tkt.c +++ b/src/lib/krb5/krb/get_in_tkt.c @@ -292,12 +292,12 @@ stash_as_reply(context, time_now, request, as_reply, creds, ccache) server = NULL; if (!creds->client) - if (retval = krb5_copy_principal(context, as_reply->client, &client)) + if ((retval = krb5_copy_principal(context, as_reply->client, &client))) goto cleanup; if (!creds->server) - if (retval = krb5_copy_principal(context, as_reply->enc_part2->server, - &server)) + if ((retval = krb5_copy_principal(context, as_reply->enc_part2->server, + &server))) goto cleanup; /* fill in the credentials */ @@ -598,7 +598,7 @@ static char *conf_no[] = { int _krb5_conf_boolean(s) - char *s; + const char *s; { char **p; @@ -799,7 +799,7 @@ krb5_get_init_creds(context, creds, client, prompter, prompter_data, } else if ((ret = krb5_libdefault_string(context, &client->realm, "renew_lifetime", &tempstr)) == 0) { - if (ret = krb5_string_to_deltat(tempstr, &renew_life)) { + if ((ret = krb5_string_to_deltat(tempstr, &renew_life))) { free(tempstr); goto cleanup; } @@ -823,7 +823,7 @@ krb5_get_init_creds(context, creds, client, prompter, prompter_data, in the library, so I'm going to manipulate the data structures directly, otherwise, it will be worse. */ - if (ret = krb5_parse_name(context, in_tkt_service, &request.server)) + if ((ret = krb5_parse_name(context, in_tkt_service, &request.server))) goto cleanup; /* stuff the client realm into the server principal. @@ -840,18 +840,18 @@ krb5_get_init_creds(context, creds, client, prompter, prompter_data, memcpy(request.server->realm.data, request.client->realm.data, request.client->realm.length); } else { - if (ret = krb5_build_principal_ext(context, &request.server, + if ((ret = krb5_build_principal_ext(context, &request.server, request.client->realm.length, request.client->realm.data, KRB5_TGS_NAME_SIZE, KRB5_TGS_NAME, request.client->realm.length, request.client->realm.data, - 0)) + 0))) goto cleanup; } - if (ret = krb5_timeofday(context, &request.from)) + if ((ret = krb5_timeofday(context, &request.from))) goto cleanup; request.from += start_time; @@ -906,9 +906,9 @@ krb5_get_init_creds(context, creds, client, prompter, prompter_data, /* set up the other state. */ if (options && (options->flags & KRB5_GET_INIT_CREDS_OPT_PREAUTH_LIST)) { - if (ret = make_preauth_list(context, options->preauth_list, + if ((ret = make_preauth_list(context, options->preauth_list, options->preauth_list_length, - &padata)) + &padata))) goto cleanup; } @@ -930,10 +930,10 @@ krb5_get_init_creds(context, creds, client, prompter, prompter_data, request.padata = NULL; } - if (ret = krb5_do_preauth(context, &request, + if ((ret = krb5_do_preauth(context, &request, padata, &request.padata, &salt, &etype, &as_key, prompter, - prompter_data, gak_fct, gak_data)) + prompter_data, gak_fct, gak_data))) goto cleanup; if (padata) { @@ -975,10 +975,10 @@ krb5_get_init_creds(context, creds, client, prompter, prompter_data, /* process any preauth data in the as_reply */ - if (ret = krb5_do_preauth(context, &request, - local_as_reply->padata, &padata, - &salt, &etype, &as_key, prompter, - prompter_data, gak_fct, gak_data)) + if ((ret = krb5_do_preauth(context, &request, + local_as_reply->padata, &padata, + &salt, &etype, &as_key, prompter, + prompter_data, gak_fct, gak_data))) goto cleanup; /* XXX if there's padata on output, something is wrong, but it's @@ -1007,19 +1007,19 @@ krb5_get_init_creds(context, creds, client, prompter, prompter_data, if (ret) { /* if we haven't get gotten a key, get it now */ - if (ret = ((*gak_fct)(context, request.client, - local_as_reply->enc_part.enctype, - prompter, prompter_data, &salt, - &as_key, gak_data))) + if ((ret = ((*gak_fct)(context, request.client, + local_as_reply->enc_part.enctype, + prompter, prompter_data, &salt, + &as_key, gak_data)))) goto cleanup; - if (ret = decrypt_as_reply(context, NULL, local_as_reply, NULL, - NULL, &as_key, krb5_kdc_rep_decrypt_proc, - NULL)) + if ((ret = decrypt_as_reply(context, NULL, local_as_reply, NULL, + NULL, &as_key, krb5_kdc_rep_decrypt_proc, + NULL))) goto cleanup; } - if (ret = verify_as_reply(context, time_now, &request, local_as_reply)) + if ((ret = verify_as_reply(context, time_now, &request, local_as_reply))) goto cleanup; /* XXX this should be inside stash_as_reply, but as long as @@ -1027,8 +1027,8 @@ krb5_get_init_creds(context, creds, client, prompter, prompter_data, do that */ memset(creds, 0, sizeof(*creds)); - if (ret = stash_as_reply(context, time_now, &request, local_as_reply, - creds, NULL)) + if ((ret = stash_as_reply(context, time_now, &request, local_as_reply, + creds, NULL))) goto cleanup; /* success */ diff --git a/src/lib/krb5/krb/gic_keytab.c b/src/lib/krb5/krb/gic_keytab.c index 98bbbd0f8..009c75fb3 100644 --- a/src/lib/krb5/krb/gic_keytab.c +++ b/src/lib/krb5/krb/gic_keytab.c @@ -65,8 +65,8 @@ krb5_get_init_creds_keytab(context, creds, client, arg_keytab, krb5_keytab keytab; if (arg_keytab == NULL) { - if (ret = krb5_kt_default(context, &keytab)) - return ret; + if ((ret = krb5_kt_default(context, &keytab))) + return ret; } else { keytab = arg_keytab; } diff --git a/src/lib/krb5/krb/gic_pwd.c b/src/lib/krb5/krb/gic_pwd.c index eeb3f03ff..76594e953 100644 --- a/src/lib/krb5/krb/gic_pwd.c +++ b/src/lib/krb5/krb/gic_pwd.c @@ -58,8 +58,8 @@ krb5_get_as_key_password(context, client, etype, prompter, prompter_data, /* PROMPTER_INVOCATION */ krb5int_set_prompt_types(context, &prompt_type); - if (ret = (((*prompter)(context, prompter_data, NULL, NULL, - 1, &prompt)))) { + if ((ret = (((*prompter)(context, prompter_data, NULL, NULL, + 1, &prompt))))) { krb5int_set_prompt_types(context, 0); return(ret); } @@ -223,8 +223,8 @@ krb5_get_init_creds_password(context, creds, client, password, prompter, data, /* PROMPTER_INVOCATION */ krb5int_set_prompt_types(context, prompt_types); - if (ret = ((*prompter)(context, data, 0, banner, - sizeof(prompt)/sizeof(prompt[0]), prompt))) + if ((ret = ((*prompter)(context, data, 0, banner, + sizeof(prompt)/sizeof(prompt[0]), prompt)))) goto cleanup; krb5int_set_prompt_types(context, 0); diff --git a/src/lib/krb5/krb/init_ctx.c b/src/lib/krb5/krb/init_ctx.c index c10c6f7e2..b04cd971f 100644 --- a/src/lib/krb5/krb/init_ctx.c +++ b/src/lib/krb5/krb/init_ctx.c @@ -67,6 +67,7 @@ KRB5_DLLIMP krb5_error_code KRB5_CALLCONV krb5_init_context(context) krb5_context *context; { + return init_common (context, FALSE); } @@ -74,6 +75,9 @@ KRB5_DLLIMP krb5_error_code KRB5_CALLCONV krb5_init_secure_context(context) krb5_context *context; { + + /* This is to make gcc -Wall happy */ + if(0) krb5_brand[0] = krb5_brand[0]; return init_common (context, TRUE); } diff --git a/src/lib/krb5/krb/kdc_rep_dc.c b/src/lib/krb5/krb/kdc_rep_dc.c index 764c0a5c2..7a0fb2e67 100644 --- a/src/lib/krb5/krb/kdc_rep_dc.c +++ b/src/lib/krb5/krb/kdc_rep_dc.c @@ -61,7 +61,7 @@ krb5_kdc_rep_decrypt_proc(context, key, decryptarg, dec_rep) return(ENOMEM); } - dec_rep->enc_part.enctype; + /*dec_rep->enc_part.enctype;*/ if ((retval = krb5_c_decrypt(context, key, usage, 0, &dec_rep->enc_part, &scratch))) { diff --git a/src/lib/krb5/krb/mk_safe.c b/src/lib/krb5/krb/mk_safe.c index 781e256c9..5d1e3bf4a 100644 --- a/src/lib/krb5/krb/mk_safe.c +++ b/src/lib/krb5/krb/mk_safe.c @@ -109,7 +109,6 @@ krb5_mk_safe_basic(context, userdata, keyblock, replaydata, local_addr, cleanup_checksum: krb5_xfree(safe_checksum.contents); -cleanup_scratch: memset((char *)scratch1->data, 0, scratch1->length); krb5_free_data(context, scratch1); return retval; diff --git a/src/lib/krb5/krb/preauth2.c b/src/lib/krb5/krb/preauth2.c index 5ea61c9dc..2327f1eec 100644 --- a/src/lib/krb5/krb/preauth2.c +++ b/src/lib/krb5/krb/preauth2.c @@ -116,19 +116,19 @@ krb5_error_code pa_enc_timestamp(krb5_context context, fprintf (stderr, "; *etype=%d request->ktype[0]=%d\n", *etype, request->ktype[0]); #endif - if (ret = ((*gak_fct)(context, request->client, - *etype ? *etype : request->ktype[0], - prompter, prompter_data, - salt, as_key, gak_data))) + if ((ret = ((*gak_fct)(context, request->client, + *etype ? *etype : request->ktype[0], + prompter, prompter_data, + salt, as_key, gak_data)))) return(ret); } /* now get the time of day, and encrypt it accordingly */ - if (ret = krb5_us_timeofday(context, &pa_enc.patimestamp, &pa_enc.pausec)) + if ((ret = krb5_us_timeofday(context, &pa_enc.patimestamp, &pa_enc.pausec))) return(ret); - if (ret = encode_krb5_pa_enc_ts(&pa_enc, &tmp)) + if ((ret = encode_krb5_pa_enc_ts(&pa_enc, &tmp))) return(ret); #ifdef DEBUG @@ -258,7 +258,7 @@ krb5_error_code pa_sam(krb5_context context, tmpsam.length = in_padata->length; tmpsam.data = (char *) in_padata->contents; - if (ret = decode_krb5_sam_challenge(&tmpsam, &sam_challenge)) + if ((ret = decode_krb5_sam_challenge(&tmpsam, &sam_challenge))) return(ret); if (sam_challenge->sam_flags & KRB5_SAM_MUST_PK_ENCRYPT_SAD) { @@ -292,8 +292,8 @@ krb5_error_code pa_sam(krb5_context context, /* PROMPTER_INVOCATION */ krb5int_set_prompt_types(context, &prompt_type); - if (ret = ((*prompter)(context, prompter_data, name, - banner, 1, &kprompt))) { + if ((ret = ((*prompter)(context, prompter_data, name, + banner, 1, &kprompt)))) { krb5_xfree(sam_challenge); krb5int_set_prompt_types(context, 0); return(ret); @@ -302,9 +302,9 @@ krb5_error_code pa_sam(krb5_context context, enc_sam_response_enc.sam_nonce = sam_challenge->sam_nonce; if (sam_challenge->sam_nonce == 0) { - if (ret = krb5_us_timeofday(context, + if ((ret = krb5_us_timeofday(context, &enc_sam_response_enc.sam_timestamp, - &enc_sam_response_enc.sam_usec)) { + &enc_sam_response_enc.sam_usec))) { krb5_xfree(sam_challenge); return(ret); } @@ -323,8 +323,8 @@ krb5_error_code pa_sam(krb5_context context, /* generate a salt using the requested principal */ if ((salt->length == -1) && (salt->data == NULL)) { - if (ret = krb5_principal2salt(context, request->client, - &defsalt)) { + if ((ret = krb5_principal2salt(context, request->client, + &defsalt))) { krb5_xfree(sam_challenge); return(ret); } @@ -408,8 +408,8 @@ krb5_error_code pa_sam(krb5_context context, krb5_xfree(sam_challenge); /* encode the encoded part of the response */ - if (ret = encode_krb5_enc_sam_response_enc(&enc_sam_response_enc, - &scratch)) + if ((ret = encode_krb5_enc_sam_response_enc(&enc_sam_response_enc, + &scratch))) return(ret); ret = krb5_encrypt_data(context, as_key, 0, scratch, @@ -426,7 +426,7 @@ krb5_error_code pa_sam(krb5_context context, if ((pa = malloc(sizeof(krb5_pa_data))) == NULL) return(ENOMEM); - if (ret = encode_krb5_sam_response(&sam_response, &scratch)) { + if ((ret = encode_krb5_sam_response(&sam_response, &scratch))) { free(pa); return(ret); } @@ -557,11 +557,11 @@ krb5_do_preauth(krb5_context context, (pa_types[j].flags & paorder[h])) { out_pa = NULL; - if (ret = ((*pa_types[j].fct)(context, request, - in_padata[i], &out_pa, - salt, etype, as_key, - prompter, prompter_data, - gak_fct, gak_data))) { + if ((ret = ((*pa_types[j].fct)(context, request, + in_padata[i], &out_pa, + salt, etype, as_key, + prompter, prompter_data, + gak_fct, gak_data)))) { if (out_pa_list) { out_pa_list[out_pa_list_size++] = NULL; krb5_free_pa_data(context, out_pa_list); diff --git a/src/lib/krb5/krb/rd_rep.c b/src/lib/krb5/krb/rd_rep.c index 3b6f7cb8d..4938594dd 100644 --- a/src/lib/krb5/krb/rd_rep.c +++ b/src/lib/krb5/krb/rd_rep.c @@ -94,7 +94,7 @@ krb5_rd_rep(context, auth_context, inbuf, repl) clean_scratch: memset(scratch.data, 0, scratch.length); -errout: + krb5_free_ap_rep(context, reply); free(scratch.data); return retval; diff --git a/src/lib/krb5/krb/send_tgs.c b/src/lib/krb5/krb/send_tgs.c index 49bc1c935..3d65eb61d 100644 --- a/src/lib/krb5/krb/send_tgs.c +++ b/src/lib/krb5/krb/send_tgs.c @@ -109,7 +109,7 @@ krb5_send_tgs_basic(context, in_data, in_cred, outbuf) *outbuf = *toutbuf; krb5_xfree(toutbuf); -cleanup: + memset(request.authenticator.ciphertext.data, 0, request.authenticator.ciphertext.length); free(request.authenticator.ciphertext.data); @@ -121,7 +121,6 @@ cleanup_data: memset(scratch->data, 0, scratch->length); free(scratch->data); -cleanup_scratch: free(scratch); return retval; @@ -273,7 +272,7 @@ krb5_send_tgs(context, kdcoptions, timestruct, ktypes, sname, addrs, /* now send request & get response from KDC */ retval = krb5_sendto_kdc(context, scratch, krb5_princ_realm(context, sname), - &rep->response, NULL); + &rep->response, 0); krb5_free_data(context, scratch); if (retval == 0) { diff --git a/src/lib/krb5/krb/str_conv.c b/src/lib/krb5/krb/str_conv.c index 61113db33..38cef50e3 100644 --- a/src/lib/krb5/krb/str_conv.c +++ b/src/lib/krb5/krb/str_conv.c @@ -199,8 +199,10 @@ krb5_timestamp_to_string(timestamp, buffer, buflen) { int ret; time_t timestamp2 = timestamp; + const char *fmt = "%c"; /* This is to get around gcc -Wall warning that + the year returned might be two digits */ - ret = strftime(buffer, buflen, "%c", localtime(×tamp2)); + ret = strftime(buffer, buflen, fmt, localtime(×tamp2)); if (ret == 0 || ret == buflen) return(ENOMEM); return(0); diff --git a/src/lib/krb5/krb/t_walk_rtree.c b/src/lib/krb5/krb/t_walk_rtree.c index 6654b7d2f..8b49c2a68 100644 --- a/src/lib/krb5/krb/t_walk_rtree.c +++ b/src/lib/krb5/krb/t_walk_rtree.c @@ -6,6 +6,7 @@ #include <stdio.h> #include "com_err.h" +int main(argc, argv) int argc; char **argv; @@ -37,14 +38,14 @@ main(argc, argv) retval = krb5_walk_realm_tree(context, &client, &server, &tree, realm_branch_char); if (retval) { - com_err("krb5_walk_realm_tree", retval, ""); + com_err("krb5_walk_realm_tree", retval, " "); exit(1); } for (p = tree; *p; p++) { retval = krb5_unparse_name(context, *p, &name); if (retval) { - com_err("krb5_unprase_name", retval, ""); + com_err("krb5_unprase_name", retval, " "); exit(2); } printf("%s\n", name); diff --git a/src/lib/krb5/krb/vfy_increds.c b/src/lib/krb5/krb/vfy_increds.c index f046ab5ea..d3389b81a 100644 --- a/src/lib/krb5/krb/vfy_increds.c +++ b/src/lib/krb5/krb/vfy_increds.c @@ -81,8 +81,8 @@ krb5_verify_init_creds(krb5_context context, if (server_arg) { server = server_arg; } else { - if (ret = krb5_sname_to_principal(context, NULL, NULL, - KRB5_NT_SRV_HST, &server)) + if ((ret = krb5_sname_to_principal(context, NULL, NULL, + KRB5_NT_SRV_HST, &server))) goto cleanup; } @@ -94,11 +94,11 @@ krb5_verify_init_creds(krb5_context context, if (keytab_arg) { keytab = keytab_arg; } else { - if (ret = krb5_kt_default(context, &keytab)) + if ((ret = krb5_kt_default(context, &keytab))) goto cleanup; } - if (ret = krb5_kt_get_entry(context, keytab, server, 0, 0, &kte)) { + if ((ret = krb5_kt_get_entry(context, keytab, server, 0, 0, &kte))) { /* this means there is no keying material. This is ok, as long as it is not prohibited by the configuration */ @@ -129,8 +129,8 @@ krb5_verify_init_creds(krb5_context context, if (krb5_principal_compare(context, server, creds->server)) { /* make an ap_req */ - if (ret = krb5_mk_req_extended(context, &authcon, 0, NULL, creds, - &ap_req)) + if ((ret = krb5_mk_req_extended(context, &authcon, 0, NULL, creds, + &ap_req))) goto cleanup; } else { /* this is unclean, but it's the easiest way without ripping the @@ -142,30 +142,30 @@ krb5_verify_init_creds(krb5_context context, /* insert the initial cred into the ccache */ - if (ret = krb5_cc_resolve(context, "MEMORY:rd_req", &ccache)) + if ((ret = krb5_cc_resolve(context, "MEMORY:rd_req", &ccache))) goto cleanup; - if (ret = krb5_cc_initialize(context, ccache, creds->client)) + if ((ret = krb5_cc_initialize(context, ccache, creds->client))) goto cleanup; - if (ret = krb5_cc_store_cred(context, ccache, creds)) + if ((ret = krb5_cc_store_cred(context, ccache, creds))) goto cleanup; /* set up for get_creds */ memset(&in_creds, 0, sizeof(in_creds)); in_creds.client = creds->client; in_creds.server = server; - if (ret = krb5_timeofday(context, &in_creds.times.endtime)) + if ((ret = krb5_timeofday(context, &in_creds.times.endtime))) goto cleanup; in_creds.times.endtime += 5*60; - if (ret = krb5_get_credentials(context, 0, ccache, &in_creds, - &out_creds)) + if ((ret = krb5_get_credentials(context, 0, ccache, &in_creds, + &out_creds))) goto cleanup; /* make an ap_req */ - if (ret = krb5_mk_req_extended(context, &authcon, 0, NULL, out_creds, - &ap_req)) + if ((ret = krb5_mk_req_extended(context, &authcon, 0, NULL, out_creds, + &ap_req))) goto cleanup; } @@ -177,8 +177,8 @@ krb5_verify_init_creds(krb5_context context, /* verify the ap_req */ - if (ret = krb5_rd_req(context, &authcon, &ap_req, server, keytab, - NULL, NULL)) + if ((ret = krb5_rd_req(context, &authcon, &ap_req, server, keytab, + NULL, NULL))) goto cleanup; /* if we get this far, then the verification succeeded. We can |