diff options
| author | Ken Raeburn <raeburn@mit.edu> | 2008-08-27 16:36:00 +0000 |
|---|---|---|
| committer | Ken Raeburn <raeburn@mit.edu> | 2008-08-27 16:36:00 +0000 |
| commit | 8acb29c6f3259749c85985c2df6b0cbd870c52f6 (patch) | |
| tree | 0a79e57cf8714e3a10df69586ce445abe7c36a31 /src/lib/gssapi | |
| parent | 6f207872f88b0c63e0ec81041f8c54b6b68f73f5 (diff) | |
| download | krb5-8acb29c6f3259749c85985c2df6b0cbd870c52f6.zip krb5-8acb29c6f3259749c85985c2df6b0cbd870c52f6.tar.gz krb5-8acb29c6f3259749c85985c2df6b0cbd870c52f6.tar.bz2 | |
Based on patch from lxs, with some changes:
Add several new gcc warning flags, used in the KfM build process.
Put declarations before code.
Fix a bunch of signed/unsigned type mixes, mostly by changing variable
types to unsigned int.
Fix constness in handling name of default ccache name.
Make sure functions get declared with prototypes:
krb5int_pthread_loaded krb5int_gmt_mktime krb5int_aes_encrypt
krb5int_aes_decrypt gssint_mecherrmap_init gssint_mecherramp_get.
Don't shadow global names: stat accept index open encrypt. Fix
variable shadowing in LDAP ASN.1 support.
Don't define unused krb5int_local_addresses.
Don't export internal krb5_change_set_password.
Fix error return indications from gssint_oid_to_mech.
Create and use k5-gmt_mktime.h to provide one global declaration of
krb5int_gmt_mktime, needed before we've generated krb5.h on some
platforms.
Not incorporated from initial patch: const changes in function
signatures.
ticket: 6096
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20697 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/gssapi')
21 files changed, 105 insertions, 116 deletions
diff --git a/src/lib/gssapi/generic/gssapiP_generic.h b/src/lib/gssapi/generic/gssapiP_generic.h index 1ec5417..c4a030d 100644 --- a/src/lib/gssapi/generic/gssapiP_generic.h +++ b/src/lib/gssapi/generic/gssapiP_generic.h @@ -255,6 +255,8 @@ OM_uint32 generic_gss_str_to_oid gss_OID * /* oid */ ); +int gssint_mecherrmap_init(void); +void gssint_mecherrmap_destroy(void); OM_uint32 gssint_mecherrmap_map(OM_uint32 minor, const gss_OID_desc *oid); int gssint_mecherrmap_get(OM_uint32 minor, gss_OID mech_oid, OM_uint32 *mech_minor); diff --git a/src/lib/gssapi/generic/util_buffer.c b/src/lib/gssapi/generic/util_buffer.c index 9b814b0..1ce9f89 100644 --- a/src/lib/gssapi/generic/util_buffer.c +++ b/src/lib/gssapi/generic/util_buffer.c @@ -31,9 +31,7 @@ make sure that buffer is consistent (release'able) when this function exits, no matter what the exit value */ -int g_make_string_buffer(str, buffer) - const char *str; - gss_buffer_t buffer; +int g_make_string_buffer(const char *str, gss_buffer_t buffer) { buffer->length = strlen(str); diff --git a/src/lib/gssapi/generic/util_errmap.c b/src/lib/gssapi/generic/util_errmap.c index 4142c3c..9e2f7e9 100644 --- a/src/lib/gssapi/generic/util_errmap.c +++ b/src/lib/gssapi/generic/util_errmap.c @@ -102,7 +102,7 @@ mecherror_print(struct mecherror value, FILE *f) { "{ 1 2 840 48018 1 2 2 }", "krb5-microsoft" }, { "{ 1 3 6 1 5 5 2 }", "spnego" }, }; - int i; + unsigned int i; fprintf(f, "%lu@", (unsigned long) value.code); diff --git a/src/lib/gssapi/gss_libinit.c b/src/lib/gssapi/gss_libinit.c index 4c1755f..3c26c98 100644 --- a/src/lib/gssapi/gss_libinit.c +++ b/src/lib/gssapi/gss_libinit.c @@ -3,6 +3,7 @@ #include "gssapi_err_generic.h" #include "gssapi_err_krb5.h" #include "gssapiP_krb5.h" +#include "gssapiP_generic.h" #include "gss_libinit.h" #include "k5-platform.h" diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c index 6b3e0bf..3ae460e 100644 --- a/src/lib/gssapi/krb5/accept_sec_context.c +++ b/src/lib/gssapi/krb5/accept_sec_context.c @@ -236,7 +236,7 @@ krb5_gss_accept_sec_context(minor_status, context_handle, int bigend; krb5_gss_cred_id_t cred = 0; krb5_data ap_rep, ap_req; - int i; + unsigned int i; krb5_error_code code; krb5_address addr, *paddr; krb5_authenticator *authdat = 0; diff --git a/src/lib/gssapi/krb5/copy_ccache.c b/src/lib/gssapi/krb5/copy_ccache.c index 8ade9c5..8553d92 100644 --- a/src/lib/gssapi/krb5/copy_ccache.c +++ b/src/lib/gssapi/krb5/copy_ccache.c @@ -6,7 +6,7 @@ gss_krb5int_copy_ccache(minor_status, cred_handle, out_ccache) gss_cred_id_t cred_handle; krb5_ccache out_ccache; { - OM_uint32 stat; + OM_uint32 major_status; krb5_gss_cred_id_t k5creds; krb5_cc_cursor cursor; krb5_creds creds; @@ -14,9 +14,9 @@ gss_krb5int_copy_ccache(minor_status, cred_handle, out_ccache) krb5_context context; /* validate the cred handle */ - stat = krb5_gss_validate_cred(minor_status, cred_handle); - if (stat) - return(stat); + major_status = krb5_gss_validate_cred(minor_status, cred_handle); + if (major_status) + return(major_status); k5creds = (krb5_gss_cred_id_t) cred_handle; code = k5_mutex_lock(&k5creds->lock); diff --git a/src/lib/gssapi/krb5/import_sec_context.c b/src/lib/gssapi/krb5/import_sec_context.c index 2e73b9f..b0d71c8 100644 --- a/src/lib/gssapi/krb5/import_sec_context.c +++ b/src/lib/gssapi/krb5/import_sec_context.c @@ -60,7 +60,7 @@ krb5_gss_ser_init (krb5_context context) krb5_ser_context_init, krb5_ser_auth_context_init, krb5_ser_ccache_init, krb5_ser_rcache_init, krb5_ser_keytab_init, }; - int i; + unsigned int i; for (i = 0; i < sizeof(fns)/sizeof(fns[0]); i++) if ((code = (fns[i])(context)) != 0) diff --git a/src/lib/gssapi/krb5/init_sec_context.c b/src/lib/gssapi/krb5/init_sec_context.c index ce4b5d7..3e3f019 100644 --- a/src/lib/gssapi/krb5/init_sec_context.c +++ b/src/lib/gssapi/krb5/init_sec_context.c @@ -359,7 +359,7 @@ setup_enc( krb5_context context) { krb5_error_code code; - int i; + unsigned int i; krb5int_access kaccess; code = krb5int_accessor (&kaccess, KRB5INT_ACCESS_VERSION); diff --git a/src/lib/gssapi/krb5/inq_context.c b/src/lib/gssapi/krb5/inq_context.c index 8f46a95..ab9d81a 100644 --- a/src/lib/gssapi/krb5/inq_context.c +++ b/src/lib/gssapi/krb5/inq_context.c @@ -25,7 +25,7 @@ OM_uint32 krb5_gss_inquire_context(minor_status, context_handle, initiator_name, acceptor_name, lifetime_rec, mech_type, ret_flags, - locally_initiated, open) + locally_initiated, opened) OM_uint32 *minor_status; gss_ctx_id_t context_handle; gss_name_t *initiator_name; @@ -34,12 +34,12 @@ krb5_gss_inquire_context(minor_status, context_handle, initiator_name, gss_OID *mech_type; OM_uint32 *ret_flags; int *locally_initiated; - int *open; + int *opened; { krb5_context context; krb5_error_code code; krb5_gss_ctx_id_rec *ctx; - krb5_principal init, accept; + krb5_principal initiator, acceptor; krb5_timestamp now; krb5_deltat lifetime; @@ -61,8 +61,8 @@ krb5_gss_inquire_context(minor_status, context_handle, initiator_name, return(GSS_S_NO_CONTEXT); } - init = NULL; - accept = NULL; + initiator = NULL; + acceptor = NULL; context = ctx->k5_context; if ((code = krb5_timeofday(context, &now))) { @@ -77,13 +77,13 @@ krb5_gss_inquire_context(minor_status, context_handle, initiator_name, if (initiator_name) { if ((code = krb5_copy_principal(context, ctx->initiate?ctx->here:ctx->there, - &init))) { + &initiator))) { *minor_status = code; save_error_info(*minor_status, context); return(GSS_S_FAILURE); } - if (! kg_save_name((gss_name_t) init)) { - krb5_free_principal(context, init); + if (! kg_save_name((gss_name_t) initiator)) { + krb5_free_principal(context, initiator); *minor_status = (OM_uint32) G_VALIDATE_FAILED; return(GSS_S_FAILURE); } @@ -92,17 +92,17 @@ krb5_gss_inquire_context(minor_status, context_handle, initiator_name, if (acceptor_name) { if ((code = krb5_copy_principal(context, ctx->initiate?ctx->there:ctx->here, - &accept))) { - if (init) krb5_free_principal(context, init); + &acceptor))) { + if (initiator) krb5_free_principal(context, initiator); *minor_status = code; save_error_info(*minor_status, context); return(GSS_S_FAILURE); } - if (! kg_save_name((gss_name_t) accept)) { - krb5_free_principal(context, accept); - if (init) { - kg_delete_name((gss_name_t) init); - krb5_free_principal(context, init); + if (! kg_save_name((gss_name_t) acceptor)) { + krb5_free_principal(context, acceptor); + if (initiator) { + kg_delete_name((gss_name_t) initiator); + krb5_free_principal(context, initiator); } *minor_status = (OM_uint32) G_VALIDATE_FAILED; return(GSS_S_FAILURE); @@ -110,10 +110,10 @@ krb5_gss_inquire_context(minor_status, context_handle, initiator_name, } if (initiator_name) - *initiator_name = (gss_name_t) init; + *initiator_name = (gss_name_t) initiator; if (acceptor_name) - *acceptor_name = (gss_name_t) accept; + *acceptor_name = (gss_name_t) acceptor; if (lifetime_rec) *lifetime_rec = lifetime; @@ -127,8 +127,8 @@ krb5_gss_inquire_context(minor_status, context_handle, initiator_name, if (locally_initiated) *locally_initiated = ctx->initiate; - if (open) - *open = ctx->established; + if (opened) + *opened = ctx->established; *minor_status = 0; return((lifetime == 0)?GSS_S_CONTEXT_EXPIRED:GSS_S_COMPLETE); diff --git a/src/lib/gssapi/krb5/k5seal.c b/src/lib/gssapi/krb5/k5seal.c index edd3319..e019e1b 100644 --- a/src/lib/gssapi/krb5/k5seal.c +++ b/src/lib/gssapi/krb5/k5seal.c @@ -61,7 +61,7 @@ make_seal_token_v1 (krb5_context context, int signalg, size_t cksum_size, int sealalg, - int encrypt, + int do_encrypt, int toktype, int bigend, gss_OID oid) @@ -85,10 +85,10 @@ make_seal_token_v1 (krb5_context context, krb5_keyusage sign_usage = KG_USAGE_SIGN; - assert((!encrypt) || (toktype == KG_TOK_SEAL_MSG)); + assert((!do_encrypt) || (toktype == KG_TOK_SEAL_MSG)); /* create the token buffer */ /* Do we need confounder? */ - if (encrypt || (!bigend && (toktype == KG_TOK_SEAL_MSG))) + if (do_encrypt || (!bigend && (toktype == KG_TOK_SEAL_MSG))) conflen = kg_confounder_size(context, enc); else conflen = 0; @@ -124,7 +124,7 @@ make_seal_token_v1 (krb5_context context, ptr[1] = (signalg >> 8) & 0xff; /* 2..3 SEAL_ALG or Filler */ - if ((toktype == KG_TOK_SEAL_MSG) && encrypt) { + if ((toktype == KG_TOK_SEAL_MSG) && do_encrypt) { ptr[2] = sealalg & 0xff; ptr[3] = (sealalg >> 8) & 0xff; } else { @@ -252,7 +252,7 @@ make_seal_token_v1 (krb5_context context, return(code); } - if (encrypt) { + if (do_encrypt) { switch(sealalg) { case SEAL_ALG_MICROSOFT_RC4: { diff --git a/src/lib/gssapi/krb5/krb5_gss_glue.c b/src/lib/gssapi/krb5/krb5_gss_glue.c index 3b2054b..2bdac00 100644 --- a/src/lib/gssapi/krb5/krb5_gss_glue.c +++ b/src/lib/gssapi/krb5/krb5_gss_glue.c @@ -439,9 +439,7 @@ static gss_mechanism krb5_mech_configs_hack[] = { }; #endif -#if 1 #define gssint_get_mech_configs krb5_gss_get_mech_configs -#endif gss_mechanism * gssint_get_mech_configs(void) @@ -729,7 +727,7 @@ k5glue_init_sec_context(ctx, minor_status, claimant_cred_handle, context_handle, static OM_uint32 k5glue_inquire_context(ctx, minor_status, context_handle, initiator_name, acceptor_name, lifetime_rec, mech_type, ret_flags, - locally_initiated, open) + locally_initiated, opened) void *ctx; OM_uint32 *minor_status; gss_ctx_id_t context_handle; @@ -739,12 +737,12 @@ k5glue_inquire_context(ctx, minor_status, context_handle, initiator_name, accept gss_OID *mech_type; OM_uint32 *ret_flags; int *locally_initiated; - int *open; + int *opened; { return(krb5_gss_inquire_context(minor_status, context_handle, initiator_name, acceptor_name, lifetime_rec, mech_type, ret_flags, locally_initiated, - open)); + opened)); } static OM_uint32 diff --git a/src/lib/gssapi/krb5/set_allowable_enctypes.c b/src/lib/gssapi/krb5/set_allowable_enctypes.c index f573d7d..396a6f6 100644 --- a/src/lib/gssapi/krb5/set_allowable_enctypes.c +++ b/src/lib/gssapi/krb5/set_allowable_enctypes.c @@ -64,7 +64,7 @@ gss_krb5int_set_allowable_enctypes(OM_uint32 *minor_status, OM_uint32 num_ktypes, krb5_enctype *ktypes) { - int i; + unsigned int i; krb5_enctype * new_ktypes; OM_uint32 major_status; krb5_gss_cred_id_t cred; diff --git a/src/lib/gssapi/krb5/util_seed.c b/src/lib/gssapi/krb5/util_seed.c index 9d39e49..06a5c2a 100644 --- a/src/lib/gssapi/krb5/util_seed.c +++ b/src/lib/gssapi/krb5/util_seed.c @@ -35,7 +35,7 @@ kg_make_seed(context, key, seed) { krb5_error_code code; krb5_keyblock *tmpkey; - int i; + unsigned int i; code = krb5_copy_keyblock(context, key, &tmpkey); if (code) diff --git a/src/lib/gssapi/mechglue/g_acquire_cred.c b/src/lib/gssapi/mechglue/g_acquire_cred.c index fbe6668..f2e8cd1 100644 --- a/src/lib/gssapi/mechglue/g_acquire_cred.c +++ b/src/lib/gssapi/mechglue/g_acquire_cred.c @@ -145,7 +145,7 @@ OM_uint32 * time_rec; gss_OID_set mechs; gss_OID_desc default_OID; gss_mechanism mech; - int i; + unsigned int i; gss_union_cred_t creds; major = val_acq_cred_args(minor_status, diff --git a/src/lib/gssapi/mechglue/g_initialize.c b/src/lib/gssapi/mechglue/g_initialize.c index 518eeed..f2f1226 100644 --- a/src/lib/gssapi/mechglue/g_initialize.c +++ b/src/lib/gssapi/mechglue/g_initialize.c @@ -146,7 +146,7 @@ gss_indicate_mechs(minorStatus, mechSet) OM_uint32 *minorStatus; gss_OID_set *mechSet; { - int i, j; + unsigned int i, j; gss_OID curItem; /* Initialize outputs. */ @@ -232,7 +232,7 @@ gss_OID_set *mechSet; static void free_mechSet(void) { - int i; + unsigned int i; if (g_mechSet.count != 0) { for (i = 0; i < g_mechSet.count; i++) @@ -415,7 +415,7 @@ gssint_oid_to_mech(const gss_OID oid) /* ensure we have fresh data */ if (k5_mutex_lock(&g_mechListLock) != 0) - return GSS_S_FAILURE; + return NULL; updateMechList(); aMech = searchMechList(oid); (void) k5_mutex_unlock(&g_mechListLock); @@ -539,8 +539,6 @@ register_mech(gss_mechanism mech, const char *namestr, void *dl_handle) static void init_hardcoded(void) { - extern gss_mechanism *krb5_gss_get_mech_configs(void); - extern gss_mechanism *spnego_gss_get_mech_configs(void); gss_mechanism *cflist; static int inited; @@ -579,7 +577,7 @@ gssint_get_mechanism(gss_OID oid) return NULL; if (k5_mutex_lock(&g_mechListLock) != 0) - return GSS_S_FAILURE; + return NULL; /* check if the mechanism is already loaded */ if ((aMech = searchMechList(oid)) != NULL && aMech->mech) { (void) k5_mutex_unlock(&g_mechListLock); diff --git a/src/lib/gssapi/mechglue/g_inq_context.c b/src/lib/gssapi/mechglue/g_inq_context.c index a473834..201c8bb 100644 --- a/src/lib/gssapi/mechglue/g_inq_context.c +++ b/src/lib/gssapi/mechglue/g_inq_context.c @@ -41,7 +41,7 @@ val_inq_ctx_args( gss_OID *mech_type, OM_uint32 *ctx_flags, int *locally_initiated, - int *open) + int *opened) { /* Initialize outputs. */ @@ -73,27 +73,15 @@ val_inq_ctx_args( /* Last argument new for V2 */ OM_uint32 KRB5_CALLCONV gss_inquire_context( - minor_status, - context_handle, - src_name, - targ_name, - lifetime_rec, - mech_type, - ctx_flags, - locally_initiated, - open) - -OM_uint32 * minor_status; -gss_ctx_id_t context_handle; -gss_name_t * src_name; -gss_name_t * targ_name; -OM_uint32 * lifetime_rec; -gss_OID * mech_type; -OM_uint32 * ctx_flags; -int * locally_initiated; -int * open; - - + OM_uint32 *minor_status, + gss_ctx_id_t context_handle, + gss_name_t *src_name, + gss_name_t *targ_name, + OM_uint32 *lifetime_rec, + gss_OID *mech_type, + OM_uint32 *ctx_flags, + int *locally_initiated, + int *opened) { gss_union_ctx_id_t ctx; gss_mechanism mech; @@ -105,7 +93,7 @@ int * open; src_name, targ_name, lifetime_rec, mech_type, ctx_flags, - locally_initiated, open); + locally_initiated, opened); if (status != GSS_S_COMPLETE) return (status); @@ -132,7 +120,7 @@ int * open; NULL, ctx_flags, locally_initiated, - open); + opened); if (status != GSS_S_COMPLETE) { map_error(minor_status, mech); diff --git a/src/lib/gssapi/mechglue/g_rel_oid_set.c b/src/lib/gssapi/mechglue/g_rel_oid_set.c index f712a89..f55c907 100644 --- a/src/lib/gssapi/mechglue/g_rel_oid_set.c +++ b/src/lib/gssapi/mechglue/g_rel_oid_set.c @@ -39,19 +39,19 @@ gss_release_oid_set (minor_status, OM_uint32 * minor_status; gss_OID_set * set; { - OM_uint32 index; + OM_uint32 i; gss_OID oid; if (minor_status) *minor_status = 0; - if (set ==NULL) + if (set == NULL) return GSS_S_COMPLETE; if (*set == GSS_C_NULL_OID_SET) return(GSS_S_COMPLETE); - for (index=0; index<(*set)->count; index++) { - oid = &(*set)->elements[index]; + for (i=0; i<(*set)->count; i++) { + oid = &(*set)->elements[i]; free(oid->elements); } free((*set)->elements); diff --git a/src/lib/gssapi/mechglue/mglueP.h b/src/lib/gssapi/mechglue/mglueP.h index a2470fb..1f14ee2 100644 --- a/src/lib/gssapi/mechglue/mglueP.h +++ b/src/lib/gssapi/mechglue/mglueP.h @@ -390,6 +390,11 @@ typedef struct gss_mech_config { struct gss_mech_config *next; /* next element in the list */ } *gss_mech_info; +/* Mechanisms defined within our library */ + +extern gss_mechanism *krb5_gss_get_mech_configs(void); +extern gss_mechanism *spnego_gss_get_mech_configs(void); + /********************************************************/ /* Internal mechglue routines */ diff --git a/src/lib/gssapi/mechglue/oid_ops.c b/src/lib/gssapi/mechglue/oid_ops.c index 4a79028..11a5099 100644 --- a/src/lib/gssapi/mechglue/oid_ops.c +++ b/src/lib/gssapi/mechglue/oid_ops.c @@ -310,7 +310,7 @@ generic_gss_str_to_oid(minor_status, oid_str, oid) long numbuf; long onumbuf; OM_uint32 nbytes; - int index; + int i; unsigned char *op; if (minor_status != NULL) @@ -412,12 +412,12 @@ generic_gss_str_to_oid(minor_status, oid_str, oid) } numbuf = onumbuf; op += nbytes; - index = -1; + i = -1; while (numbuf) { - op[index] = (unsigned char) numbuf & 0x7f; - if (index != -1) - op[index] |= 0x80; - index--; + op[i] = (unsigned char) numbuf & 0x7f; + if (i != -1) + op[i] |= 0x80; + i--; numbuf >>= 7; } while (isdigit(*bp)) @@ -466,7 +466,7 @@ gssint_copy_oid_set( gss_OID_set_desc *copy; OM_uint32 minor = 0; OM_uint32 major = GSS_S_COMPLETE; - OM_uint32 index; + OM_uint32 i; if (minor_status != NULL) *minor_status = 0; @@ -492,9 +492,9 @@ gssint_copy_oid_set( } copy->count = oidset->count; - for (index = 0; index < copy->count; index++) { - gss_OID_desc *out = ©->elements[index]; - gss_OID_desc *in = &oidset->elements[index]; + for (i = 0; i < copy->count; i++) { + gss_OID_desc *out = ©->elements[i]; + gss_OID_desc *in = &oidset->elements[i]; if ((out->elements = (void *) malloc(in->length)) == NULL) { major = GSS_S_FAILURE; diff --git a/src/lib/gssapi/spnego/gssapiP_spnego.h b/src/lib/gssapi/spnego/gssapiP_spnego.h index 717181c..6d7d4c4 100644 --- a/src/lib/gssapi/spnego/gssapiP_spnego.h +++ b/src/lib/gssapi/spnego/gssapiP_spnego.h @@ -307,7 +307,7 @@ OM_uint32 spnego_gss_inquire_context gss_OID *mech_type, OM_uint32 *ctx_flags, int *locally_initiated, - int *open + int *opened ); OM_uint32 spnego_gss_wrap_size_limit diff --git a/src/lib/gssapi/spnego/spnego_mech.c b/src/lib/gssapi/spnego/spnego_mech.c index 775306f..b0dc70b 100644 --- a/src/lib/gssapi/spnego/spnego_mech.c +++ b/src/lib/gssapi/spnego/spnego_mech.c @@ -205,9 +205,7 @@ static gss_mechanism spnego_mech_configs[] = { &spnego_mechanism, NULL }; -#if 1 #define gssint_get_mech_configs spnego_gss_get_mech_configs -#endif gss_mechanism * gssint_get_mech_configs(void) @@ -1580,7 +1578,7 @@ spnego_gss_inquire_context(void *context, gss_OID *mech_type, OM_uint32 *ctx_flags, int *locally_initiated, - int *open) + int *opened) { OM_uint32 ret = GSS_S_COMPLETE; @@ -1592,7 +1590,7 @@ spnego_gss_inquire_context(void *context, mech_type, ctx_flags, locally_initiated, - open); + opened); return (ret); } @@ -1696,35 +1694,35 @@ get_available_mechs(OM_uint32 *minor_status, gss_name_t name, gss_cred_usage_t usage, gss_cred_id_t *creds, gss_OID_set *rmechs) { - int i; + unsigned int i; int found = 0; - OM_uint32 stat = GSS_S_COMPLETE, tmpmin; + OM_uint32 major_status = GSS_S_COMPLETE, tmpmin; gss_OID_set mechs, goodmechs; - stat = gss_indicate_mechs(minor_status, &mechs); + major_status = gss_indicate_mechs(minor_status, &mechs); - if (stat != GSS_S_COMPLETE) { - return (stat); + if (major_status != GSS_S_COMPLETE) { + return (major_status); } - stat = gss_create_empty_oid_set(minor_status, rmechs); + major_status = gss_create_empty_oid_set(minor_status, rmechs); - if (stat != GSS_S_COMPLETE) { + if (major_status != GSS_S_COMPLETE) { (void) gss_release_oid_set(minor_status, &mechs); - return (stat); + return (major_status); } - for (i = 0; i < mechs->count && stat == GSS_S_COMPLETE; i++) { + for (i = 0; i < mechs->count && major_status == GSS_S_COMPLETE; i++) { if ((mechs->elements[i].length != spnego_mechanism.mech_type.length) || memcmp(mechs->elements[i].elements, spnego_mechanism.mech_type.elements, spnego_mechanism.mech_type.length)) { - stat = gss_add_oid_set_member(minor_status, - &mechs->elements[i], - rmechs); - if (stat == GSS_S_COMPLETE) + major_status = gss_add_oid_set_member(minor_status, + &mechs->elements[i], + rmechs); + if (major_status == GSS_S_COMPLETE) found++; } } @@ -1734,17 +1732,18 @@ get_available_mechs(OM_uint32 *minor_status, * trim the list of mechanisms down to only those * for which the creds are valid. */ - if (found > 0 && stat == GSS_S_COMPLETE && creds != NULL) { - stat = gss_acquire_cred(minor_status, - name, GSS_C_INDEFINITE, *rmechs, usage, creds, - &goodmechs, NULL); + if (found > 0 && major_status == GSS_S_COMPLETE && creds != NULL) { + major_status = gss_acquire_cred(minor_status, + name, GSS_C_INDEFINITE, + *rmechs, usage, creds, + &goodmechs, NULL); /* * Drop the old list in favor of the new * "trimmed" list. */ (void) gss_release_oid_set(&tmpmin, rmechs); - if (stat == GSS_S_COMPLETE) { + if (major_status == GSS_S_COMPLETE) { (void) gssint_copy_oid_set(&tmpmin, goodmechs, rmechs); (void) gss_release_oid_set(&tmpmin, &goodmechs); @@ -1752,14 +1751,14 @@ get_available_mechs(OM_uint32 *minor_status, } (void) gss_release_oid_set(&tmpmin, &mechs); - if (found == 0 || stat != GSS_S_COMPLETE) { + if (found == 0 || major_status != GSS_S_COMPLETE) { *minor_status = ERR_SPNEGO_NO_MECHS_AVAILABLE; map_errcode(minor_status); - if (stat == GSS_S_COMPLETE) - stat = GSS_S_FAILURE; + if (major_status == GSS_S_COMPLETE) + major_status = GSS_S_FAILURE; } - return (stat); + return (major_status); } /* following are token creation and reading routines */ @@ -1939,7 +1938,7 @@ static int put_mech_set(gss_OID_set mechSet, gss_buffer_t buf) { unsigned char *ptr; - int i; + unsigned int i; unsigned int tlen, ilen; tlen = ilen = 0; @@ -2236,7 +2235,7 @@ negotiate_mech_type(OM_uint32 *minor_status, gss_OID returned_mech; OM_uint32 status; int present; - int i; + unsigned int i; for (i = 0; i < mechset->count; i++) { gss_test_oid_set_member(minor_status, &mechset->elements[i], |