From 25e068f5d5dd4df02c18c09104a2ec71c7556882 Mon Sep 17 00:00:00 2001 From: Tom Yu Date: Tue, 8 Dec 2009 00:04:48 +0000 Subject: Mark and reindent lib/gssapi, with some exceptions git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23457 dc483132-0cff-0310-8789-dd5450dbe970 --- src/Makefile.in | 6 + src/lib/gssapi/generic/disp_com_err_status.c | 2 +- src/lib/gssapi/generic/disp_major_status.c | 30 +-- src/lib/gssapi/generic/gssapi_generic.c | 2 +- src/lib/gssapi/generic/gssapi_generic.h | 6 +- src/lib/gssapi/generic/maptest.c | 2 +- src/lib/gssapi/generic/rel_buffer.c | 2 +- src/lib/gssapi/generic/rel_oid_set.c | 2 +- src/lib/gssapi/generic/util_buffer.c | 2 +- src/lib/gssapi/generic/util_canonhost.c | 2 +- src/lib/gssapi/generic/util_errmap.c | 2 +- src/lib/gssapi/generic/util_localhost.c | 2 +- src/lib/gssapi/generic/util_ordering.c | 24 +-- src/lib/gssapi/generic/util_set.c | 2 +- src/lib/gssapi/generic/util_token.c | 2 +- src/lib/gssapi/generic/util_validate.c | 2 +- src/lib/gssapi/generic/utl_nohash_validate.c | 2 +- src/lib/gssapi/krb5/accept_sec_context.c | 264 +++++++++++++-------------- src/lib/gssapi/krb5/acquire_cred.c | 64 +++---- src/lib/gssapi/krb5/add_cred.c | 2 +- src/lib/gssapi/krb5/canon_name.c | 2 +- src/lib/gssapi/krb5/compare_name.c | 2 +- src/lib/gssapi/krb5/context_time.c | 2 +- src/lib/gssapi/krb5/copy_ccache.c | 2 +- src/lib/gssapi/krb5/delete_sec_context.c | 2 +- src/lib/gssapi/krb5/disp_name.c | 2 +- src/lib/gssapi/krb5/disp_status.c | 2 +- src/lib/gssapi/krb5/duplicate_name.c | 2 +- src/lib/gssapi/krb5/export_name.c | 2 +- src/lib/gssapi/krb5/export_sec_context.c | 2 +- src/lib/gssapi/krb5/get_tkt_flags.c | 2 +- src/lib/gssapi/krb5/gssapi_krb5.c | 18 +- src/lib/gssapi/krb5/import_name.c | 2 +- src/lib/gssapi/krb5/import_sec_context.c | 2 +- src/lib/gssapi/krb5/indicate_mechs.c | 2 +- src/lib/gssapi/krb5/init_sec_context.c | 22 +-- src/lib/gssapi/krb5/inq_context.c | 10 +- src/lib/gssapi/krb5/inq_cred.c | 2 +- src/lib/gssapi/krb5/inq_names.c | 2 +- src/lib/gssapi/krb5/k5seal.c | 10 +- src/lib/gssapi/krb5/k5sealiov.c | 10 +- src/lib/gssapi/krb5/k5sealv3.c | 36 ++-- src/lib/gssapi/krb5/k5sealv3iov.c | 4 +- src/lib/gssapi/krb5/k5unseal.c | 2 +- src/lib/gssapi/krb5/k5unsealiov.c | 10 +- src/lib/gssapi/krb5/lucid_context.c | 2 +- src/lib/gssapi/krb5/naming_exts.c | 2 +- src/lib/gssapi/krb5/process_context_token.c | 2 +- src/lib/gssapi/krb5/rel_cred.c | 2 +- src/lib/gssapi/krb5/rel_name.c | 2 +- src/lib/gssapi/krb5/rel_oid.c | 2 +- src/lib/gssapi/krb5/s4u_gss_glue.c | 6 +- src/lib/gssapi/krb5/seal.c | 2 +- src/lib/gssapi/krb5/ser_sctx.c | 8 +- src/lib/gssapi/krb5/set_allowable_enctypes.c | 2 +- src/lib/gssapi/krb5/set_ccache.c | 2 +- src/lib/gssapi/krb5/sign.c | 2 +- src/lib/gssapi/krb5/unseal.c | 2 +- src/lib/gssapi/krb5/util_cksum.c | 2 +- src/lib/gssapi/krb5/util_crypt.c | 2 +- src/lib/gssapi/krb5/util_seed.c | 2 +- src/lib/gssapi/krb5/util_seqnum.c | 2 +- src/lib/gssapi/krb5/val_cred.c | 2 +- src/lib/gssapi/krb5/verify.c | 2 +- src/lib/gssapi/krb5/wrap_size_limit.c | 6 +- 65 files changed, 318 insertions(+), 312 deletions(-) diff --git a/src/Makefile.in b/src/Makefile.in index fc3364b54..5818aa82d 100644 --- a/src/Makefile.in +++ b/src/Makefile.in @@ -666,6 +666,7 @@ INDENTDIRS = \ kdc \ lib/apputils \ lib/crypto \ + lib/gssapi \ lib/kadm5 \ lib/kdb \ lib/krb5 \ @@ -700,6 +701,11 @@ OTHEREXCLUDES = \ include/gssrpc \ lib/apputils/dummy.c \ lib/crypto/builtin/aes \ + lib/gssapi/generic/gssapiP_generic.h \ + lib/gssapi/generic/gssapi_ext.h \ + lib/gssapi/krb5/gssapiP_krb5.h \ + lib/gssapi/mechglue \ + lib/gssapi/spnego \ lib/krb5/krb/deltat.c \ lib/krb5/unicode \ plugins/kdb/db2/libdb2 \ diff --git a/src/lib/gssapi/generic/disp_com_err_status.c b/src/lib/gssapi/generic/disp_com_err_status.c index d7a2e1d85..4c410cc46 100644 --- a/src/lib/gssapi/generic/disp_com_err_status.c +++ b/src/lib/gssapi/generic/disp_com_err_status.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/generic/disp_major_status.c b/src/lib/gssapi/generic/disp_major_status.c index f9ff28147..5098e3abd 100644 --- a/src/lib/gssapi/generic/disp_major_status.c +++ b/src/lib/gssapi/generic/disp_major_status.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * @@ -32,9 +32,9 @@ /* This code has knowledge of the min and max errors of each type within the gssapi major status */ -#define GSS_ERROR_STR(value, array, select, min, max, num) \ - (((select(value) < (min)) || (select(value) > (max))) ? NULL : \ - (array)[num(value)]) +#define GSS_ERROR_STR(value, array, select, min, max, num) \ + (((select(value) < (min)) || (select(value) > (max))) ? NULL : \ + (array)[num(value)]) /**/ @@ -47,10 +47,10 @@ static const char * const calling_error_string[] = { static const char * const calling_error = "calling error"; -#define GSS_CALLING_ERROR_STR(x) \ - GSS_ERROR_STR((x), calling_error_string, GSS_CALLING_ERROR, \ - GSS_S_CALL_INACCESSIBLE_READ, GSS_S_CALL_BAD_STRUCTURE, \ - GSS_CALLING_ERROR_FIELD) +#define GSS_CALLING_ERROR_STR(x) \ + GSS_ERROR_STR((x), calling_error_string, GSS_CALLING_ERROR, \ + GSS_S_CALL_INACCESSIBLE_READ, GSS_S_CALL_BAD_STRUCTURE, \ + GSS_CALLING_ERROR_FIELD) /**/ @@ -76,10 +76,10 @@ static const char * const routine_error_string[] = { static const char * const routine_error = "routine error"; -#define GSS_ROUTINE_ERROR_STR(x) \ - GSS_ERROR_STR((x), routine_error_string, GSS_ROUTINE_ERROR, \ - GSS_S_BAD_MECH, GSS_S_FAILURE, \ - GSS_ROUTINE_ERROR_FIELD) +#define GSS_ROUTINE_ERROR_STR(x) \ + GSS_ERROR_STR((x), routine_error_string, GSS_ROUTINE_ERROR, \ + GSS_S_BAD_MECH, GSS_S_FAILURE, \ + GSS_ROUTINE_ERROR_FIELD) /**/ @@ -97,9 +97,9 @@ static const char * const sinfo_code = "supplementary info code"; #define LSBGET(x) ((((x)^((x)-1))+1)>>1) #define LSBMASK(n) ((1<<(n))^((1<<(n))-1)) -#define GSS_SINFO_STR(x) \ - ((((1<<(x)) < GSS_S_CONTINUE_NEEDED) || ((1<<(x)) > GSS_S_UNSEQ_TOKEN)) ? \ - /**/NULL:sinfo_string[(x)]) +#define GSS_SINFO_STR(x) \ + ((((1<<(x)) < GSS_S_CONTINUE_NEEDED) || ((1<<(x)) > GSS_S_UNSEQ_TOKEN)) ? \ + /**/NULL:sinfo_string[(x)]) /**/ diff --git a/src/lib/gssapi/generic/gssapi_generic.c b/src/lib/gssapi/generic/gssapi_generic.c index 8b1e4def4..1d77d3f81 100644 --- a/src/lib/gssapi/generic/gssapi_generic.c +++ b/src/lib/gssapi/generic/gssapi_generic.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/generic/gssapi_generic.h b/src/lib/gssapi/generic/gssapi_generic.h index c5399dc72..e11f938c6 100644 --- a/src/lib/gssapi/generic/gssapi_generic.h +++ b/src/lib/gssapi/generic/gssapi_generic.h @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * @@ -38,8 +38,8 @@ #define GSSAPIGENERIC_END_DECLS #endif -#define GSS_EMPTY_BUFFER(buf) ((buf) == NULL ||\ - (buf)->value == NULL || (buf)->length == 0) +#define GSS_EMPTY_BUFFER(buf) ((buf) == NULL || \ + (buf)->value == NULL || (buf)->length == 0) GSSAPIGENERIC_BEGIN_DECLS diff --git a/src/lib/gssapi/generic/maptest.c b/src/lib/gssapi/generic/maptest.c index ce594218d..566d88c31 100644 --- a/src/lib/gssapi/generic/maptest.c +++ b/src/lib/gssapi/generic/maptest.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ #include #include #include diff --git a/src/lib/gssapi/generic/rel_buffer.c b/src/lib/gssapi/generic/rel_buffer.c index 8b35e8037..fb6712363 100644 --- a/src/lib/gssapi/generic/rel_buffer.c +++ b/src/lib/gssapi/generic/rel_buffer.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* #ident "@(#)g_rel_buffer.c 1.2 96/02/06 SMI" */ /* diff --git a/src/lib/gssapi/generic/rel_oid_set.c b/src/lib/gssapi/generic/rel_oid_set.c index 137a513a0..61c15cdab 100644 --- a/src/lib/gssapi/generic/rel_oid_set.c +++ b/src/lib/gssapi/generic/rel_oid_set.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* #ident "@(#)gss_release_oid_set.c 1.12 95/08/23 SMI" */ /* diff --git a/src/lib/gssapi/generic/util_buffer.c b/src/lib/gssapi/generic/util_buffer.c index b707d15fb..cd16862f6 100644 --- a/src/lib/gssapi/generic/util_buffer.c +++ b/src/lib/gssapi/generic/util_buffer.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/generic/util_canonhost.c b/src/lib/gssapi/generic/util_canonhost.c index 6e953186d..e27d656e6 100644 --- a/src/lib/gssapi/generic/util_canonhost.c +++ b/src/lib/gssapi/generic/util_canonhost.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/generic/util_errmap.c b/src/lib/gssapi/generic/util_errmap.c index 2634e667b..5a863b6c0 100644 --- a/src/lib/gssapi/generic/util_errmap.c +++ b/src/lib/gssapi/generic/util_errmap.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 2007, 2008 by the Massachusetts Institute of Technology. * All Rights Reserved. diff --git a/src/lib/gssapi/generic/util_localhost.c b/src/lib/gssapi/generic/util_localhost.c index 85e098047..7956a0722 100644 --- a/src/lib/gssapi/generic/util_localhost.c +++ b/src/lib/gssapi/generic/util_localhost.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/generic/util_ordering.c b/src/lib/gssapi/generic/util_ordering.c index 274790e4e..95609a992 100644 --- a/src/lib/gssapi/generic/util_ordering.c +++ b/src/lib/gssapi/generic/util_ordering.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * @@ -133,8 +133,8 @@ g_order_check(void **vqueue, gssint_uint64 seqnum) seqnum -= q->firstnum; /* If we're only doing 32-bit values, adjust for that again. - Note that this will probably be the wrong thing to if we get - 2**32 messages sent with 32-bit sequence numbers. */ + Note that this will probably be the wrong thing to if we get + 2**32 messages sent with 32-bit sequence numbers. */ seqnum &= q->mask; /* rule 1: expected sequence number */ @@ -160,16 +160,16 @@ g_order_check(void **vqueue, gssint_uint64 seqnum) if ((seqnum < QELEM(q,q->start)) && /* Is top bit of whatever width we're using set? - We used to check for greater than or equal to firstnum, but - (1) we've since switched to compute values relative to - firstnum, so the lowest we can have is 0, and (2) the effect - of the original scheme was highly dependent on whether - firstnum was close to either side of 0. (Consider - firstnum==0xFFFFFFFE and we miss three packets; the next - packet is *new* but would look old.) + We used to check for greater than or equal to firstnum, but + (1) we've since switched to compute values relative to + firstnum, so the lowest we can have is 0, and (2) the effect + of the original scheme was highly dependent on whether + firstnum was close to either side of 0. (Consider + firstnum==0xFFFFFFFE and we miss three packets; the next + packet is *new* but would look old.) - This check should give us 2**31 or 2**63 messages "new", and - just as many "old". That's not quite right either. */ + This check should give us 2**31 or 2**63 messages "new", and + just as many "old". That's not quite right either. */ (seqnum & (1 + (q->mask >> 1))) ) { if (q->do_replay && !q->do_sequence) diff --git a/src/lib/gssapi/generic/util_set.c b/src/lib/gssapi/generic/util_set.c index d437f1ea7..8866f525f 100644 --- a/src/lib/gssapi/generic/util_set.c +++ b/src/lib/gssapi/generic/util_set.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1995 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/generic/util_token.c b/src/lib/gssapi/generic/util_token.c index b59778836..3acbd8e6a 100644 --- a/src/lib/gssapi/generic/util_token.c +++ b/src/lib/gssapi/generic/util_token.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/generic/util_validate.c b/src/lib/gssapi/generic/util_validate.c index 00dac321c..afb47eabf 100644 --- a/src/lib/gssapi/generic/util_validate.c +++ b/src/lib/gssapi/generic/util_validate.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/generic/utl_nohash_validate.c b/src/lib/gssapi/generic/utl_nohash_validate.c index d221b3722..066780a52 100644 --- a/src/lib/gssapi/generic/utl_nohash_validate.c +++ b/src/lib/gssapi/generic/utl_nohash_validate.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1990,1994 by the Massachusetts Institute of Technology. * All Rights Reserved. diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c index 52cf6fadc..ce3075fad 100644 --- a/src/lib/gssapi/krb5/accept_sec_context.c +++ b/src/lib/gssapi/krb5/accept_sec_context.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 2000, 2004, 2007, 2008 by the Massachusetts Institute of Technology. * All Rights Reserved. @@ -292,104 +292,104 @@ static OM_uint32 kg_accept_dce(minor_status, context_handle, verifier_cred_handle, input_token, input_chan_bindings, src_name, mech_type, output_token, ret_flags, time_rec, delegated_cred_handle) - OM_uint32 *minor_status; - gss_ctx_id_t *context_handle; - gss_cred_id_t verifier_cred_handle; - gss_buffer_t input_token; - gss_channel_bindings_t input_chan_bindings; - gss_name_t *src_name; - gss_OID *mech_type; - gss_buffer_t output_token; - OM_uint32 *ret_flags; - OM_uint32 *time_rec; - gss_cred_id_t *delegated_cred_handle; + OM_uint32 *minor_status; + gss_ctx_id_t *context_handle; + gss_cred_id_t verifier_cred_handle; + gss_buffer_t input_token; + gss_channel_bindings_t input_chan_bindings; + gss_name_t *src_name; + gss_OID *mech_type; + gss_buffer_t output_token; + OM_uint32 *ret_flags; + OM_uint32 *time_rec; + gss_cred_id_t *delegated_cred_handle; { - krb5_error_code code; - krb5_gss_ctx_id_rec *ctx = 0; - krb5_timestamp now; - krb5_gss_name_t name = NULL; - krb5_ui_4 nonce = 0; - krb5_data ap_rep; - OM_uint32 major_status = GSS_S_FAILURE; - - output_token->length = 0; - output_token->value = NULL; - - if (mech_type) - *mech_type = GSS_C_NULL_OID; - /* return a bogus cred handle */ - if (delegated_cred_handle) - *delegated_cred_handle = GSS_C_NO_CREDENTIAL; - - ctx = (krb5_gss_ctx_id_rec *)*context_handle; - - code = krb5_timeofday(ctx->k5_context, &now); - if (code != 0) { - major_status = GSS_S_FAILURE; - goto fail; - } - - if (ctx->krb_times.endtime < now) { - code = 0; - major_status = GSS_S_CREDENTIALS_EXPIRED; - goto fail; - } - - ap_rep.data = input_token->value; - ap_rep.length = input_token->length; - - code = krb5_rd_rep_dce(ctx->k5_context, - ctx->auth_context, - &ap_rep, - &nonce); - if (code != 0) { - major_status = GSS_S_FAILURE; - goto fail; - } - - ctx->established = 1; - - if (src_name) { - if ((code = kg_duplicate_name(ctx->k5_context, ctx->there, - KG_INIT_NAME_INTERN, &name))) { - major_status = GSS_S_FAILURE; - goto fail; - } - *src_name = (gss_name_t) name; - } - - if (mech_type) - *mech_type = ctx->mech_used; - - if (time_rec) - *time_rec = ctx->krb_times.endtime - now; - - if (ret_flags) - *ret_flags = ctx->gss_flags; - - /* XXX no support for delegated credentials yet */ - - *minor_status = 0; - - return GSS_S_COMPLETE; - - fail: - /* real failure code follows */ - - (void) krb5_gss_delete_sec_context(minor_status, (gss_ctx_id_t *) &ctx, - NULL); - *context_handle = GSS_C_NO_CONTEXT; - *minor_status = code; - - return major_status; + krb5_error_code code; + krb5_gss_ctx_id_rec *ctx = 0; + krb5_timestamp now; + krb5_gss_name_t name = NULL; + krb5_ui_4 nonce = 0; + krb5_data ap_rep; + OM_uint32 major_status = GSS_S_FAILURE; + + output_token->length = 0; + output_token->value = NULL; + + if (mech_type) + *mech_type = GSS_C_NULL_OID; + /* return a bogus cred handle */ + if (delegated_cred_handle) + *delegated_cred_handle = GSS_C_NO_CREDENTIAL; + + ctx = (krb5_gss_ctx_id_rec *)*context_handle; + + code = krb5_timeofday(ctx->k5_context, &now); + if (code != 0) { + major_status = GSS_S_FAILURE; + goto fail; + } + + if (ctx->krb_times.endtime < now) { + code = 0; + major_status = GSS_S_CREDENTIALS_EXPIRED; + goto fail; + } + + ap_rep.data = input_token->value; + ap_rep.length = input_token->length; + + code = krb5_rd_rep_dce(ctx->k5_context, + ctx->auth_context, + &ap_rep, + &nonce); + if (code != 0) { + major_status = GSS_S_FAILURE; + goto fail; + } + + ctx->established = 1; + + if (src_name) { + if ((code = kg_duplicate_name(ctx->k5_context, ctx->there, + KG_INIT_NAME_INTERN, &name))) { + major_status = GSS_S_FAILURE; + goto fail; + } + *src_name = (gss_name_t) name; + } + + if (mech_type) + *mech_type = ctx->mech_used; + + if (time_rec) + *time_rec = ctx->krb_times.endtime - now; + + if (ret_flags) + *ret_flags = ctx->gss_flags; + + /* XXX no support for delegated credentials yet */ + + *minor_status = 0; + + return GSS_S_COMPLETE; + +fail: + /* real failure code follows */ + + (void) krb5_gss_delete_sec_context(minor_status, (gss_ctx_id_t *) &ctx, + NULL); + *context_handle = GSS_C_NO_CONTEXT; + *minor_status = code; + + return major_status; } static OM_uint32 kg_accept_krb5(minor_status, context_handle, - verifier_cred_handle, input_token, - input_chan_bindings, src_name, mech_type, - output_token, ret_flags, time_rec, - delegated_cred_handle) + verifier_cred_handle, input_token, + input_chan_bindings, src_name, mech_type, + output_token, ret_flags, time_rec, + delegated_cred_handle) OM_uint32 *minor_status; gss_ctx_id_t *context_handle; gss_cred_id_t verifier_cred_handle; @@ -607,37 +607,37 @@ kg_accept_krb5(minor_status, context_handle, } #endif - if (authdat->checksum->checksum_type != CKSUMTYPE_KG_CB) { - /* Samba does not send 0x8003 GSS-API checksums */ - krb5_boolean valid; - krb5_key subkey; - krb5_data zero; - - code = krb5_auth_con_getkey_k(context, auth_context, &subkey); - if (code) { - major_status = GSS_S_FAILURE; - goto fail; - } - - zero.length = 0; - zero.data = ""; - - code = krb5_k_verify_checksum(context, - subkey, - KRB5_KEYUSAGE_AP_REQ_AUTH_CKSUM, - &zero, - authdat->checksum, - &valid); - krb5_k_free_key(context, subkey); - if (code || !valid) { - major_status = GSS_S_BAD_SIG; - goto fail; - } - - gss_flags = GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG | GSS_C_SEQUENCE_FLAG; - bigend = 0; - decode_req_message = 0; - } else { + if (authdat->checksum->checksum_type != CKSUMTYPE_KG_CB) { + /* Samba does not send 0x8003 GSS-API checksums */ + krb5_boolean valid; + krb5_key subkey; + krb5_data zero; + + code = krb5_auth_con_getkey_k(context, auth_context, &subkey); + if (code) { + major_status = GSS_S_FAILURE; + goto fail; + } + + zero.length = 0; + zero.data = ""; + + code = krb5_k_verify_checksum(context, + subkey, + KRB5_KEYUSAGE_AP_REQ_AUTH_CKSUM, + &zero, + authdat->checksum, + &valid); + krb5_k_free_key(context, subkey); + if (code || !valid) { + major_status = GSS_S_BAD_SIG; + goto fail; + } + + gss_flags = GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG | GSS_C_SEQUENCE_FLAG; + bigend = 0; + decode_req_message = 0; + } else { /* gss krb5 v1 */ /* stash this now, for later. */ @@ -856,9 +856,9 @@ kg_accept_krb5(minor_status, context_handle, /* XXX move this into gss_name_t */ if ( (code = krb5_merge_authdata(context, - ticket->enc_part2->authorization_data, + ticket->enc_part2->authorization_data, authdat->authorization_data, - &ctx->authdata))) { + &ctx->authdata))) { major_status = GSS_S_FAILURE; goto fail; } @@ -1120,7 +1120,7 @@ kg_accept_krb5(minor_status, context_handle, *src_name = (gss_name_t) name; if (delegated_cred_handle) { - if (!kg_save_cred_id((gss_cred_id_t) deleg_cred)) { + if (!kg_save_cred_id((gss_cred_id_t) deleg_cred)) { major_status = GSS_S_FAILURE; code = G_VALIDATE_FAILED; goto fail; @@ -1288,8 +1288,8 @@ krb5_gss_accept_sec_context(minor_status, context_handle, } return kg_accept_krb5(minor_status, context_handle, - verifier_cred_handle, input_token, - input_chan_bindings, src_name, mech_type, - output_token, ret_flags, time_rec, - delegated_cred_handle); + verifier_cred_handle, input_token, + input_chan_bindings, src_name, mech_type, + output_token, ret_flags, time_rec, + delegated_cred_handle); } diff --git a/src/lib/gssapi/krb5/acquire_cred.c b/src/lib/gssapi/krb5/acquire_cred.c index 2c5ca9a66..64efa1bfd 100644 --- a/src/lib/gssapi/krb5/acquire_cred.c +++ b/src/lib/gssapi/krb5/acquire_cred.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 2000, 2007, 2008 by the Massachusetts Institute of Technology. * All Rights Reserved. @@ -724,45 +724,45 @@ krb5_gss_acquire_cred(minor_status, desired_name, time_req, OM_uint32 gss_krb5int_set_cred_rcache(OM_uint32 *minor_status, - gss_cred_id_t cred_handle, - const gss_OID desired_oid, - const gss_buffer_t value) + gss_cred_id_t cred_handle, + const gss_OID desired_oid, + const gss_buffer_t value) { - krb5_gss_cred_id_t cred; - krb5_error_code code; - krb5_context context; - krb5_rcache rcache; + krb5_gss_cred_id_t cred; + krb5_error_code code; + krb5_context context; + krb5_rcache rcache; - assert(value->length == sizeof(rcache)); + assert(value->length == sizeof(rcache)); - if (value->length != sizeof(rcache)) - return GSS_S_FAILURE; + if (value->length != sizeof(rcache)) + return GSS_S_FAILURE; - rcache = (krb5_rcache)value->value; + rcache = (krb5_rcache)value->value; - if (cred_handle == GSS_C_NO_CREDENTIAL) - return GSS_S_NO_CRED; + if (cred_handle == GSS_C_NO_CREDENTIAL) + return GSS_S_NO_CRED; - cred = (krb5_gss_cred_id_t)cred_handle; + cred = (krb5_gss_cred_id_t)cred_handle; - code = krb5_gss_init_context(&context); - if (code) { - *minor_status = code; - return GSS_S_FAILURE; - } - if (cred->rcache != NULL) { - code = krb5_rc_close(context, cred->rcache); - if (code) { - *minor_status = code; - krb5_free_context(context); - return GSS_S_FAILURE; - } - } + code = krb5_gss_init_context(&context); + if (code) { + *minor_status = code; + return GSS_S_FAILURE; + } + if (cred->rcache != NULL) { + code = krb5_rc_close(context, cred->rcache); + if (code) { + *minor_status = code; + krb5_free_context(context); + return GSS_S_FAILURE; + } + } - cred->rcache = rcache; + cred->rcache = rcache; - krb5_free_context(context); + krb5_free_context(context); - *minor_status = 0; - return GSS_S_COMPLETE; + *minor_status = 0; + return GSS_S_COMPLETE; } diff --git a/src/lib/gssapi/krb5/add_cred.c b/src/lib/gssapi/krb5/add_cred.c index cb14a5c9b..6f6707c1a 100644 --- a/src/lib/gssapi/krb5/add_cred.c +++ b/src/lib/gssapi/krb5/add_cred.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 2000, 2008 by the Massachusetts Institute of Technology. * All Rights Reserved. diff --git a/src/lib/gssapi/krb5/canon_name.c b/src/lib/gssapi/krb5/canon_name.c index b4f4d4bc1..3dd01dcd3 100644 --- a/src/lib/gssapi/krb5/canon_name.c +++ b/src/lib/gssapi/krb5/canon_name.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/gssapi/krb5/canon_name.c * diff --git a/src/lib/gssapi/krb5/compare_name.c b/src/lib/gssapi/krb5/compare_name.c index 1e106da92..14f707601 100644 --- a/src/lib/gssapi/krb5/compare_name.c +++ b/src/lib/gssapi/krb5/compare_name.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/context_time.c b/src/lib/gssapi/krb5/context_time.c index b263b50e6..df8e08854 100644 --- a/src/lib/gssapi/krb5/context_time.c +++ b/src/lib/gssapi/krb5/context_time.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/copy_ccache.c b/src/lib/gssapi/krb5/copy_ccache.c index 19fe1d788..632c8664e 100644 --- a/src/lib/gssapi/krb5/copy_ccache.c +++ b/src/lib/gssapi/krb5/copy_ccache.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ #include "gssapiP_krb5.h" OM_uint32 KRB5_CALLCONV diff --git a/src/lib/gssapi/krb5/delete_sec_context.c b/src/lib/gssapi/krb5/delete_sec_context.c index 2032d5585..d6b49a0aa 100644 --- a/src/lib/gssapi/krb5/delete_sec_context.c +++ b/src/lib/gssapi/krb5/delete_sec_context.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/disp_name.c b/src/lib/gssapi/krb5/disp_name.c index 676dc4d6b..ac576f5b4 100644 --- a/src/lib/gssapi/krb5/disp_name.c +++ b/src/lib/gssapi/krb5/disp_name.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/disp_status.c b/src/lib/gssapi/krb5/disp_status.c index 6cc1bc144..6b164c249 100644 --- a/src/lib/gssapi/krb5/disp_status.c +++ b/src/lib/gssapi/krb5/disp_status.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/duplicate_name.c b/src/lib/gssapi/krb5/duplicate_name.c index 678349324..c054d74aa 100644 --- a/src/lib/gssapi/krb5/duplicate_name.c +++ b/src/lib/gssapi/krb5/duplicate_name.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/gssapi/krb5/duplicate_name.c * diff --git a/src/lib/gssapi/krb5/export_name.c b/src/lib/gssapi/krb5/export_name.c index 67d9ce0b2..52c2440f6 100644 --- a/src/lib/gssapi/krb5/export_name.c +++ b/src/lib/gssapi/krb5/export_name.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/gssapi/krb5/export_name.c * diff --git a/src/lib/gssapi/krb5/export_sec_context.c b/src/lib/gssapi/krb5/export_sec_context.c index f408d09ff..271c58cab 100644 --- a/src/lib/gssapi/krb5/export_sec_context.c +++ b/src/lib/gssapi/krb5/export_sec_context.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/gssapi/krb5/export_sec_context.c * diff --git a/src/lib/gssapi/krb5/get_tkt_flags.c b/src/lib/gssapi/krb5/get_tkt_flags.c index 29126d6c8..07f0c9727 100644 --- a/src/lib/gssapi/krb5/get_tkt_flags.c +++ b/src/lib/gssapi/krb5/get_tkt_flags.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/gssapi_krb5.c b/src/lib/gssapi/krb5/gssapi_krb5.c index d2509df32..2892e7885 100644 --- a/src/lib/gssapi/krb5/gssapi_krb5.c +++ b/src/lib/gssapi/krb5/gssapi_krb5.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * @@ -306,9 +306,9 @@ kg_set_ccache_name (OM_uint32 *minor_status, const char *name) return GSS_S_COMPLETE; } -#define g_OID_prefix_equal(o1, o2) \ - (((o1)->length >= (o2)->length) && \ - (memcmp((o1)->elements, (o2)->elements, (o2)->length) == 0)) +#define g_OID_prefix_equal(o1, o2) \ + (((o1)->length >= (o2)->length) && \ + (memcmp((o1)->elements, (o2)->elements, (o2)->length) == 0)) /* * gss_inquire_sec_context_by_oid() methods @@ -370,7 +370,7 @@ krb5_gss_inquire_sec_context_by_oid (OM_uint32 *minor_status, return GSS_S_NO_CONTEXT; for (i = 0; i < sizeof(krb5_gss_inquire_sec_context_by_oid_ops)/ - sizeof(krb5_gss_inquire_sec_context_by_oid_ops[0]); i++) { + sizeof(krb5_gss_inquire_sec_context_by_oid_ops[0]); i++) { if (g_OID_prefix_equal(desired_object, &krb5_gss_inquire_sec_context_by_oid_ops[i].oid)) { return (*krb5_gss_inquire_sec_context_by_oid_ops[i].func)(minor_status, context_handle, @@ -432,7 +432,7 @@ krb5_gss_inquire_cred_by_oid(OM_uint32 *minor_status, #if 0 for (i = 0; i < sizeof(krb5_gss_inquire_cred_by_oid_ops)/ - sizeof(krb5_gss_inquire_cred_by_oid_ops[0]); i++) { + sizeof(krb5_gss_inquire_cred_by_oid_ops[0]); i++) { if (g_OID_prefix_equal(desired_object, &krb5_gss_inquire_cred_by_oid_ops[i].oid)) { return (*krb5_gss_inquire_cred_by_oid_ops[i].func)(minor_status, cred_handle, @@ -488,7 +488,7 @@ krb5_gss_set_sec_context_option (OM_uint32 *minor_status, #if 0 for (i = 0; i < sizeof(krb5_gss_set_sec_context_option_ops)/ - sizeof(krb5_gss_set_sec_context_option_ops[0]); i++) { + sizeof(krb5_gss_set_sec_context_option_ops[0]); i++) { if (g_OID_prefix_equal(desired_object, &krb5_gss_set_sec_context_option_ops[i].oid)) { return (*krb5_gss_set_sec_context_option_ops[i].func)(minor_status, context_handle, @@ -551,7 +551,7 @@ krb5_gssspi_set_cred_option(OM_uint32 *minor_status, return major_status; for (i = 0; i < sizeof(krb5_gssspi_set_cred_option_ops)/ - sizeof(krb5_gssspi_set_cred_option_ops[0]); i++) { + sizeof(krb5_gssspi_set_cred_option_ops[0]); i++) { if (g_OID_prefix_equal(desired_object, &krb5_gssspi_set_cred_option_ops[i].oid)) { return (*krb5_gssspi_set_cred_option_ops[i].func)(minor_status, cred_handle, @@ -610,7 +610,7 @@ krb5_gssspi_mech_invoke (OM_uint32 *minor_status, return GSS_S_CALL_INACCESSIBLE_READ; for (i = 0; i < sizeof(krb5_gssspi_mech_invoke_ops)/ - sizeof(krb5_gssspi_mech_invoke_ops[0]); i++) { + sizeof(krb5_gssspi_mech_invoke_ops[0]); i++) { if (g_OID_prefix_equal(desired_object, &krb5_gssspi_mech_invoke_ops[i].oid)) { return (*krb5_gssspi_mech_invoke_ops[i].func)(minor_status, desired_mech, diff --git a/src/lib/gssapi/krb5/import_name.c b/src/lib/gssapi/krb5/import_name.c index b33619583..cd2748b56 100644 --- a/src/lib/gssapi/krb5/import_name.c +++ b/src/lib/gssapi/krb5/import_name.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/import_sec_context.c b/src/lib/gssapi/krb5/import_sec_context.c index b31d7acf1..d4ef1e345 100644 --- a/src/lib/gssapi/krb5/import_sec_context.c +++ b/src/lib/gssapi/krb5/import_sec_context.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/gssapi/krb5/import_sec_context.c * diff --git a/src/lib/gssapi/krb5/indicate_mechs.c b/src/lib/gssapi/krb5/indicate_mechs.c index d744af724..7707f6514 100644 --- a/src/lib/gssapi/krb5/indicate_mechs.c +++ b/src/lib/gssapi/krb5/indicate_mechs.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/init_sec_context.c b/src/lib/gssapi/krb5/init_sec_context.c index e04818f76..9b6f3ecff 100644 --- a/src/lib/gssapi/krb5/init_sec_context.c +++ b/src/lib/gssapi/krb5/init_sec_context.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 2000, 2002, 2003, 2007, 2008 by the Massachusetts Institute of Technology. * All Rights Reserved. @@ -152,8 +152,8 @@ static krb5_error_code get_credentials(context, cred, server, now, krb5_creds mcreds; flags |= KRB5_GC_CANONICALIZE | - KRB5_GC_NO_STORE | - KRB5_GC_CONSTRAINED_DELEGATION; + KRB5_GC_NO_STORE | + KRB5_GC_CONSTRAINED_DELEGATION; memset(&mcreds, 0, sizeof(mcreds)); @@ -765,9 +765,9 @@ mutual_auth( ap_rep.length = input_token->length; ap_rep.data = (char *)input_token->value; } else if (g_verify_token_header(ctx->mech_used, - &(ap_rep.length), - &ptr, KG_TOK_CTX_AP_REP, - input_token->length, 1)) { + &(ap_rep.length), + &ptr, KG_TOK_CTX_AP_REP, + input_token->length, 1)) { if (g_verify_token_header((gss_OID) ctx->mech_used, &(ap_rep.length), &ptr, KG_TOK_CTX_ERROR, @@ -1006,11 +1006,11 @@ krb5_gss_init_sec_context(minor_status, claimant_cred_handle, /*SUPPRESS 29*/ if (*context_handle == GSS_C_NO_CONTEXT) { major_status = kg_new_connection(minor_status, cred, context_handle, - target_name, mech_type, req_flags, - time_req, input_chan_bindings, - input_token, actual_mech_type, - output_token, ret_flags, time_rec, - context, default_mech); + target_name, mech_type, req_flags, + time_req, input_chan_bindings, + input_token, actual_mech_type, + output_token, ret_flags, time_rec, + context, default_mech); k5_mutex_unlock(&cred->lock); if (*context_handle == GSS_C_NO_CONTEXT) { save_error_info (*minor_status, context); diff --git a/src/lib/gssapi/krb5/inq_context.c b/src/lib/gssapi/krb5/inq_context.c index 5cec4b927..0c926401a 100644 --- a/src/lib/gssapi/krb5/inq_context.c +++ b/src/lib/gssapi/krb5/inq_context.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * @@ -235,10 +235,10 @@ cleanup: OM_uint32 gss_krb5int_extract_authz_data_from_sec_context( - OM_uint32 *minor_status, - const gss_ctx_id_t context_handle, - const gss_OID desired_object, - gss_buffer_set_t *data_set) + OM_uint32 *minor_status, + const gss_ctx_id_t context_handle, + const gss_OID desired_object, + gss_buffer_set_t *data_set) { OM_uint32 major_status; krb5_gss_ctx_id_rec *ctx; diff --git a/src/lib/gssapi/krb5/inq_cred.c b/src/lib/gssapi/krb5/inq_cred.c index 5c358eb9f..9af0e4e85 100644 --- a/src/lib/gssapi/krb5/inq_cred.c +++ b/src/lib/gssapi/krb5/inq_cred.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 2000, 2007 by the Massachusetts Institute of Technology. * All Rights Reserved. diff --git a/src/lib/gssapi/krb5/inq_names.c b/src/lib/gssapi/krb5/inq_names.c index 5db0ae0ee..a3de420cb 100644 --- a/src/lib/gssapi/krb5/inq_names.c +++ b/src/lib/gssapi/krb5/inq_names.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/gssapi/krb5/inq_names.c * diff --git a/src/lib/gssapi/krb5/k5seal.c b/src/lib/gssapi/krb5/k5seal.c index d071462c1..51faaaa63 100644 --- a/src/lib/gssapi/krb5/k5seal.c +++ b/src/lib/gssapi/krb5/k5seal.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * @@ -336,10 +336,10 @@ kg_seal(minor_status, context_handle, conf_req_flag, qop_req, /* Only default qop or matching established cryptosystem is allowed. - There are NO EXTENSIONS to this set for AES and friends! The - new spec says "just use 0". The old spec plus extensions would - actually allow for certain non-zero values. Fix this to handle - them later. */ + There are NO EXTENSIONS to this set for AES and friends! The + new spec says "just use 0". The old spec plus extensions would + actually allow for certain non-zero values. Fix this to handle + them later. */ if (qop_req != 0) { *minor_status = (OM_uint32) G_UNKNOWN_QOP; return GSS_S_FAILURE; diff --git a/src/lib/gssapi/krb5/k5sealiov.c b/src/lib/gssapi/krb5/k5sealiov.c index 8eb5310c4..9ff823e08 100644 --- a/src/lib/gssapi/krb5/k5sealiov.c +++ b/src/lib/gssapi/krb5/k5sealiov.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/gssapi/krb5/k5sealiov.c * @@ -336,9 +336,9 @@ kg_seal_iov(OM_uint32 *minor_status, return (ctx->krb_times.endtime < now) ? GSS_S_CONTEXT_EXPIRED : GSS_S_COMPLETE; } -#define INIT_IOV_DATA(_iov) do { (_iov)->buffer.value = NULL; \ - (_iov)->buffer.length = 0; } \ - while (0) +#define INIT_IOV_DATA(_iov) do { (_iov)->buffer.value = NULL; \ + (_iov)->buffer.length = 0; } \ + while (0) OM_uint32 kg_seal_iov_length(OM_uint32 *minor_status, @@ -418,7 +418,7 @@ kg_seal_iov_length(OM_uint32 *minor_status, code = krb5_c_crypto_length(context, enctype, conf_req_flag ? - KRB5_CRYPTO_TYPE_TRAILER : KRB5_CRYPTO_TYPE_CHECKSUM, + KRB5_CRYPTO_TYPE_TRAILER : KRB5_CRYPTO_TYPE_CHECKSUM, &k5_trailerlen); if (code != 0) { *minor_status = code; diff --git a/src/lib/gssapi/krb5/k5sealv3.c b/src/lib/gssapi/krb5/k5sealv3.c index ad5c03a39..0e9b35975 100644 --- a/src/lib/gssapi/krb5/k5sealv3.c +++ b/src/lib/gssapi/krb5/k5sealv3.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/gssapi/krb5/k5sealv3.c * @@ -178,7 +178,7 @@ gss_krb5int_make_seal_token_v3 (krb5_context context, #ifdef CFX_EXERCISE rrc = rand() & 0xffff; if (gss_krb5int_rotate_left(outbuf+16, bufsize-16, - (bufsize-16) - (rrc % (bufsize - 16)))) + (bufsize-16) - (rrc % (bufsize - 16)))) store_16_be(rrc, outbuf+6); /* If the rotate fails, don't worry about it. */ #endif @@ -267,7 +267,7 @@ gss_krb5int_make_seal_token_v3 (krb5_context context, rrc = rand() & 0xffff; /* If the rotate fails, don't worry about it. */ if (gss_krb5int_rotate_left(outbuf+16, bufsize-16, - (bufsize-16) - (rrc % (bufsize - 16)))) + (bufsize-16) - (rrc % (bufsize - 16)))) store_16_be(rrc, outbuf+6); #endif /* Fix up EC field. */ @@ -352,19 +352,19 @@ gss_krb5int_unseal_token_v3(krb5_context *contextptr, /* Two things to note here. - First, we can't really enforce the use of the acceptor's subkey, - if we're the acceptor; the initiator may have sent messages - before getting the subkey. We could probably enforce it if - we're the initiator. - - Second, if someone tweaks the code to not set the flag telling - the krb5 library to generate a new subkey in the AP-REP - message, the MIT library may include a subkey anyways -- - namely, a copy of the AP-REQ subkey, if it was provided. So - the initiator may think we wanted a subkey, and set the flag, - even though we weren't trying to set the subkey. The "other" - key, the one not asserted by the acceptor, will have the same - value in that case, though, so we can just ignore the flag. */ + First, we can't really enforce the use of the acceptor's subkey, + if we're the acceptor; the initiator may have sent messages + before getting the subkey. We could probably enforce it if + we're the initiator. + + Second, if someone tweaks the code to not set the flag telling + the krb5 library to generate a new subkey in the AP-REP + message, the MIT library may include a subkey anyways -- + namely, a copy of the AP-REQ subkey, if it was provided. So + the initiator may think we wanted a subkey, and set the flag, + even though we weren't trying to set the subkey. The "other" + key, the one not asserted by the acceptor, will have the same + value in that case, though, so we can just ignore the flag. */ if (ctx->have_acceptor_subkey && (ptr[2] & FLAG_ACCEPTOR_SUBKEY)) { key = ctx->acceptor_subkey; cksumtype = ctx->acceptor_subkey_cksumtype; @@ -396,8 +396,8 @@ gss_krb5int_unseal_token_v3(krb5_context *contextptr, *conf_state = 1; /* Do we have no decrypt_size function? - For all current cryptosystems, the ciphertext size will - be larger than the plaintext size. */ + For all current cryptosystems, the ciphertext size will + be larger than the plaintext size. */ cipher.enctype = key->keyblock.enctype; cipher.ciphertext.length = bodysize - 16; cipher.ciphertext.data = (char *)ptr + 16; diff --git a/src/lib/gssapi/krb5/k5sealv3iov.c b/src/lib/gssapi/krb5/k5sealv3iov.c index b5b979310..f977d9b19 100644 --- a/src/lib/gssapi/krb5/k5sealv3iov.c +++ b/src/lib/gssapi/krb5/k5sealv3iov.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/gssapi/krb5/k5sealv3iov.c * @@ -363,7 +363,7 @@ gss_krb5int_unseal_v3_iov(krb5_context context, code = krb5_c_crypto_length(context, key->keyblock.enctype, conf_flag ? KRB5_CRYPTO_TYPE_TRAILER : - KRB5_CRYPTO_TYPE_CHECKSUM, + KRB5_CRYPTO_TYPE_CHECKSUM, &k5_trailerlen); if (code != 0) { *minor_status = code; diff --git a/src/lib/gssapi/krb5/k5unseal.c b/src/lib/gssapi/krb5/k5unseal.c index e96dce89a..b56cd2dee 100644 --- a/src/lib/gssapi/krb5/k5unseal.c +++ b/src/lib/gssapi/krb5/k5unseal.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 2001, 2007 by the Massachusetts Institute of Technology. * Copyright 1993 by OpenVision Technologies, Inc. diff --git a/src/lib/gssapi/krb5/k5unsealiov.c b/src/lib/gssapi/krb5/k5unsealiov.c index a9896c55b..a489f0d84 100644 --- a/src/lib/gssapi/krb5/k5unsealiov.c +++ b/src/lib/gssapi/krb5/k5unsealiov.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/gssapi/krb5/k5unsealiov.c * @@ -551,7 +551,7 @@ kg_unseal_stream_iov(OM_uint32 *minor_status, ttrailer->buffer.length = ec + (conf_req_flag ? 16 : 0 /* E(Header) */) + k5_trailerlen; ttrailer->buffer.value = (unsigned char *)stream->buffer.value + - stream->buffer.length - ttrailer->buffer.length; + stream->buffer.length - ttrailer->buffer.length; break; } case KG_TOK_MIC_MSG: @@ -586,8 +586,8 @@ kg_unseal_stream_iov(OM_uint32 *minor_status, /* validate lengths */ if (stream->buffer.length < theader->buffer.length + - tpadding->buffer.length + - ttrailer->buffer.length) + tpadding->buffer.length + + ttrailer->buffer.length) { code = (OM_uint32)KRB5_BAD_MSIZE; major_status = GSS_S_DEFECTIVE_TOKEN; @@ -596,7 +596,7 @@ kg_unseal_stream_iov(OM_uint32 *minor_status, /* setup data */ tdata->buffer.length = stream->buffer.length - ttrailer->buffer.length - - tpadding->buffer.length - theader->buffer.length; + tpadding->buffer.length - theader->buffer.length; assert(data != NULL); diff --git a/src/lib/gssapi/krb5/lucid_context.c b/src/lib/gssapi/krb5/lucid_context.c index fb5a8e787..b1454cf71 100644 --- a/src/lib/gssapi/krb5/lucid_context.c +++ b/src/lib/gssapi/krb5/lucid_context.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/gssapi/krb5/lucid_context.c * diff --git a/src/lib/gssapi/krb5/naming_exts.c b/src/lib/gssapi/krb5/naming_exts.c index 4e7247e42..8cb21bf60 100644 --- a/src/lib/gssapi/krb5/naming_exts.c +++ b/src/lib/gssapi/krb5/naming_exts.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/gssapi/krb5/naming_exts.c * diff --git a/src/lib/gssapi/krb5/process_context_token.c b/src/lib/gssapi/krb5/process_context_token.c index 9a4d282ac..ac41ad6f1 100644 --- a/src/lib/gssapi/krb5/process_context_token.c +++ b/src/lib/gssapi/krb5/process_context_token.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/rel_cred.c b/src/lib/gssapi/krb5/rel_cred.c index b6b25887e..05e24b23d 100644 --- a/src/lib/gssapi/krb5/rel_cred.c +++ b/src/lib/gssapi/krb5/rel_cred.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/rel_name.c b/src/lib/gssapi/krb5/rel_name.c index 5490b8a50..897586555 100644 --- a/src/lib/gssapi/krb5/rel_name.c +++ b/src/lib/gssapi/krb5/rel_name.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/rel_oid.c b/src/lib/gssapi/krb5/rel_oid.c index 7a08da2be..dfa2738c6 100644 --- a/src/lib/gssapi/krb5/rel_oid.c +++ b/src/lib/gssapi/krb5/rel_oid.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/gssapi/krb5/rel_oid.c * diff --git a/src/lib/gssapi/krb5/s4u_gss_glue.c b/src/lib/gssapi/krb5/s4u_gss_glue.c index 866159f04..c47a15d20 100644 --- a/src/lib/gssapi/krb5/s4u_gss_glue.c +++ b/src/lib/gssapi/krb5/s4u_gss_glue.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 2009 by the Massachusetts Institute of Technology. * All Rights Reserved. @@ -103,7 +103,7 @@ static int kg_is_initiator_cred(krb5_gss_cred_id_t cred) { return (cred->usage == GSS_C_INITIATE || cred->usage == GSS_C_BOTH) && - (cred->ccache != NULL); + (cred->ccache != NULL); } static OM_uint32 @@ -311,7 +311,7 @@ kg_compose_deleg_cred(OM_uint32 *minor_status, code = krb5_cc_initialize(context, cred->ccache, cred->proxy_cred ? impersonator_cred->name->princ : - subject_creds->client); + subject_creds->client); if (code != 0) goto cleanup; diff --git a/src/lib/gssapi/krb5/seal.c b/src/lib/gssapi/krb5/seal.c index 7bdcb344b..7f48c7ae6 100644 --- a/src/lib/gssapi/krb5/seal.c +++ b/src/lib/gssapi/krb5/seal.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/ser_sctx.c b/src/lib/gssapi/krb5/ser_sctx.c index 4987b2e9c..f5c1081cc 100644 --- a/src/lib/gssapi/krb5/ser_sctx.c +++ b/src/lib/gssapi/krb5/ser_sctx.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/gssapi/krb5/ser_sctx.c * @@ -364,7 +364,7 @@ kg_ctx_size(kcontext, arg, sizep) &required); } } - *sizep += required; + *sizep += required; } return(kret); } @@ -665,8 +665,8 @@ kg_ctx_internalize(kcontext, argp, buffer, lenremain) /* Now get substructure data */ kret = krb5_internalize_opaque(kcontext, KV5M_PRINCIPAL, - (krb5_pointer *) &princ, - &bp, &remain); + (krb5_pointer *) &princ, + &bp, &remain); if (kret == 0) { kret = kg_init_name(kcontext, princ, NULL, KG_INIT_NAME_NO_COPY, &ctx->here); diff --git a/src/lib/gssapi/krb5/set_allowable_enctypes.c b/src/lib/gssapi/krb5/set_allowable_enctypes.c index 5cc72df8b..cdfc96583 100644 --- a/src/lib/gssapi/krb5/set_allowable_enctypes.c +++ b/src/lib/gssapi/krb5/set_allowable_enctypes.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/gssapi/krb5/set_allowable_enctypes.c * diff --git a/src/lib/gssapi/krb5/set_ccache.c b/src/lib/gssapi/krb5/set_ccache.c index 273182637..7d52608df 100644 --- a/src/lib/gssapi/krb5/set_ccache.c +++ b/src/lib/gssapi/krb5/set_ccache.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * lib/gssapi/krb5/set_ccache.c * diff --git a/src/lib/gssapi/krb5/sign.c b/src/lib/gssapi/krb5/sign.c index 069768c74..028423b7c 100644 --- a/src/lib/gssapi/krb5/sign.c +++ b/src/lib/gssapi/krb5/sign.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/unseal.c b/src/lib/gssapi/krb5/unseal.c index 4b612a241..a764a4565 100644 --- a/src/lib/gssapi/krb5/unseal.c +++ b/src/lib/gssapi/krb5/unseal.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/util_cksum.c b/src/lib/gssapi/krb5/util_cksum.c index 88a55bb81..5228df336 100644 --- a/src/lib/gssapi/krb5/util_cksum.c +++ b/src/lib/gssapi/krb5/util_cksum.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/util_crypt.c b/src/lib/gssapi/krb5/util_crypt.c index 51e648750..9699c2656 100644 --- a/src/lib/gssapi/krb5/util_crypt.c +++ b/src/lib/gssapi/krb5/util_crypt.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 2001, 2008 by the Massachusetts Institute of Technology. * Copyright 1993 by OpenVision Technologies, Inc. diff --git a/src/lib/gssapi/krb5/util_seed.c b/src/lib/gssapi/krb5/util_seed.c index 5c696ea3b..6e1c9ac8a 100644 --- a/src/lib/gssapi/krb5/util_seed.c +++ b/src/lib/gssapi/krb5/util_seed.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/util_seqnum.c b/src/lib/gssapi/krb5/util_seqnum.c index 388990a30..bef631da9 100644 --- a/src/lib/gssapi/krb5/util_seqnum.c +++ b/src/lib/gssapi/krb5/util_seqnum.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 2001, 2009 by the Massachusetts Institute of Technology. * Copyright 1993 by OpenVision Technologies, Inc. diff --git a/src/lib/gssapi/krb5/val_cred.c b/src/lib/gssapi/krb5/val_cred.c index 747d8222e..2351d9f77 100644 --- a/src/lib/gssapi/krb5/val_cred.c +++ b/src/lib/gssapi/krb5/val_cred.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1997, 2007 by Massachusetts Institute of Technology * All Rights Reserved. diff --git a/src/lib/gssapi/krb5/verify.c b/src/lib/gssapi/krb5/verify.c index 033a489b7..e4433534f 100644 --- a/src/lib/gssapi/krb5/verify.c +++ b/src/lib/gssapi/krb5/verify.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 1993 by OpenVision Technologies, Inc. * diff --git a/src/lib/gssapi/krb5/wrap_size_limit.c b/src/lib/gssapi/krb5/wrap_size_limit.c index 2b62386da..b047483cb 100644 --- a/src/lib/gssapi/krb5/wrap_size_limit.c +++ b/src/lib/gssapi/krb5/wrap_size_limit.c @@ -1,4 +1,4 @@ -/* -*- mode: c; indent-tabs-mode: nil -*- */ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ /* * Copyright 2000 by the Massachusetts Institute of Technology. * All Rights Reserved. @@ -118,7 +118,7 @@ krb5_gss_wrap_size_limit(minor_status, context_handle, conf_req_flag, krb5_enctype enctype; key = ctx->have_acceptor_subkey ? ctx->acceptor_subkey - : ctx->subkey; + : ctx->subkey; enctype = key->keyblock.enctype; while (sz > 0 && krb5_encrypt_size(sz, enctype) + 16 > req_output_size) @@ -142,7 +142,7 @@ krb5_gss_wrap_size_limit(minor_status, context_handle, conf_req_flag, size_t cksumsize; cksumtype = ctx->have_acceptor_subkey ? ctx->acceptor_subkey_cksumtype - : ctx->cksumtype; + : ctx->cksumtype; err = krb5_c_checksum_length(ctx->k5_context, cksumtype, &cksumsize); if (err) { -- cgit