diff options
Diffstat (limited to 'src/lib/krb5/ccache/ccapi/stdcc_util.c')
-rw-r--r-- | src/lib/krb5/ccache/ccapi/stdcc_util.c | 717 |
1 files changed, 391 insertions, 326 deletions
diff --git a/src/lib/krb5/ccache/ccapi/stdcc_util.c b/src/lib/krb5/ccache/ccapi/stdcc_util.c index 4262eed..cf2054e 100644 --- a/src/lib/krb5/ccache/ccapi/stdcc_util.c +++ b/src/lib/krb5/ccache/ccapi/stdcc_util.c @@ -23,112 +23,170 @@ * - copy and translate the null terminated arrays of data records * used in k5 tickets */ -int copyCCDataArrayToK5(cc_creds *cc, krb5_creds *kc, char whichArray) { - - cc_data *ccAdr, **cbase; - krb5_address *kAdr, **kbase, **constKBase; - int numRecords = 0; - - - if (whichArray == kAddressArray) { - /* check pointer */ - if (cc->addresses == NULL) { - kc->addresses = NULL; - return 0; - } - } else if (whichArray == kAuthDataArray) { - /* check pointer */ - if (cc->authdata == NULL) { - kc->authdata = NULL; - return 0; - } - } else - return -1; - - - cbase = (whichArray == kAddressArray) ? cc->addresses : cc->authdata; - /* calc number of records */ - while (*cbase++ != NULL) numRecords++; - /* allocate new array */ - constKBase = kbase = (krb5_address **)malloc((numRecords+1)*sizeof(char *)); - //reset base - cbase = (whichArray == kAddressArray) ? cc->addresses : cc->authdata; - - - //copy records - while (*cbase != NULL) { - *kbase = (krb5_address *)malloc(sizeof(krb5_address)); - kAdr = *kbase; - ccAdr = *cbase; - kAdr->magic = (whichArray == kAddressArray) ? KV5M_ADDRESS : KV5M_AUTHDATA; - kAdr->addrtype = ccAdr->type; - kAdr->length = ccAdr->length; - kAdr->contents = (krb5_octet *)malloc(kAdr->length); - memcpy(kAdr->contents, ccAdr->data, kAdr->length); - //next element please - kbase++; cbase++; +int copyCCDataArrayToK5(cc_creds *ccCreds, krb5_creds *v5Creds, char whichArray) { + + if (whichArray == kAddressArray) { + if (ccCreds->addresses == NULL) { + v5Creds->addresses = NULL; + } else { + + krb5_address **addrPtr, *addr; + cc_data **dataPtr, *data; + unsigned int numRecords = 0; + + /* Allocate the array of pointers: */ + for (dataPtr = ccCreds->addresses; *dataPtr != NULL; numRecords++, dataPtr++) {} + + v5Creds->addresses = (krb5_address **) malloc (sizeof(krb5_address *) * (numRecords + 1)); + if (v5Creds->addresses == NULL) + return ENOMEM; + + /* Fill in the array, allocating the address structures: */ + for (dataPtr = ccCreds->addresses, addrPtr = v5Creds->addresses; *dataPtr != NULL; addrPtr++, dataPtr++) { + + *addrPtr = (krb5_address *) malloc (sizeof(krb5_address)); + if (*addrPtr == NULL) + return ENOMEM; + data = *dataPtr; + addr = *addrPtr; + + addr->addrtype = data->type; + addr->magic = KV5M_ADDRESS; + addr->length = data->length; + addr->contents = (krb5_octet *) malloc (sizeof(krb5_octet) * addr->length); + if (addr->contents == NULL) + return ENOMEM; + memmove(addr->contents, data->data, addr->length); /* copy contents */ + } + + /* Write terminator: */ + *addrPtr = NULL; + } + } + + if (whichArray == kAuthDataArray) { + if (ccCreds->authdata == NULL) { + v5Creds->authdata = NULL; + } else { + krb5_authdata **authPtr, *auth; + cc_data **dataPtr, *data; + unsigned int numRecords = 0; + + /* Allocate the array of pointers: */ + for (dataPtr = ccCreds->authdata; *dataPtr != NULL; numRecords++, dataPtr++) {} + + v5Creds->authdata = (krb5_authdata **) malloc (sizeof(krb5_authdata *) * (numRecords + 1)); + if (v5Creds->authdata == NULL) + return ENOMEM; + + /* Fill in the array, allocating the address structures: */ + for (dataPtr = ccCreds->authdata, authPtr = v5Creds->authdata; *dataPtr != NULL; authPtr++, dataPtr++) { + + *authPtr = (krb5_authdata *) malloc (sizeof(krb5_authdata)); + if (*authPtr == NULL) + return ENOMEM; + data = *dataPtr; + auth = *authPtr; + + auth->ad_type = data->type; + auth->magic = KV5M_AUTHDATA; + auth->length = data->length; + auth->contents = (krb5_octet *) malloc (sizeof(krb5_octet) * auth->length); + if (auth->contents == NULL) + return ENOMEM; + memmove(auth->contents, data->data, auth->length); /* copy contents */ + } + + /* Write terminator: */ + *authPtr = NULL; } - - //write terminator - *kbase = NULL; - if (whichArray == kAddressArray) kc->addresses = constKBase; - else kc->authdata = (krb5_authdata **)constKBase; + } - return 0; + return 0; } /* * copyK5DataArrayToCC * - analagous to above, but in the other direction */ -int copyK5DataArrayToCC(krb5_creds *kc, cc_creds *cc, char whichArray) { - - cc_data *ccAdr, **cbase, **constCBase; - krb5_address *kAdr, **kbase; - int numRecords = 0; - - - if (whichArray == kAddressArray) { - //check pointer - if (kc->addresses == NULL) { - cc->addresses = NULL; - return 0; } - } else if (whichArray == kAuthDataArray) { - //check pointer - if (kc->authdata == NULL) { - cc->authdata = NULL; - return 0; } - } else return -1; - - - kbase = (whichArray == kAddressArray) ? kc->addresses : (krb5_address **)kc->authdata; - //calc number of records - while (*kbase++ != NULL) numRecords++; - //allocate new array - constCBase = cbase = (cc_data **)malloc((numRecords+1)*sizeof(char *)); - //reset base - kbase = (whichArray == kAddressArray) ? kc->addresses : (krb5_address **)kc->authdata; - - - //copy records - while (*kbase != NULL) { - *cbase = (cc_data *)malloc(sizeof(krb5_address)); - kAdr = *kbase; - ccAdr = *cbase; - ccAdr->type = kAdr->addrtype; - ccAdr->length = kAdr->length; - ccAdr->data = (unsigned char *)malloc(ccAdr->length); - memcpy(ccAdr->data, kAdr->contents, kAdr->length); - //next element please - kbase++; cbase++; +int copyK5DataArrayToCC(krb5_creds *v5Creds, cc_creds *ccCreds, char whichArray) +{ + if (whichArray == kAddressArray) { + if (v5Creds->addresses == NULL) { + ccCreds->addresses = NULL; + } else { + + krb5_address **addrPtr, *addr; + cc_data **dataPtr, *data; + unsigned int numRecords = 0; + + /* Allocate the array of pointers: */ + for (addrPtr = v5Creds->addresses; *addrPtr != NULL; numRecords++, addrPtr++) {} + + ccCreds->addresses = (cc_data **) malloc (sizeof(cc_data *) * (numRecords + 1)); + if (ccCreds->addresses == NULL) + return ENOMEM; + + /* Fill in the array, allocating the address structures: */ + for (dataPtr = ccCreds->addresses, addrPtr = v5Creds->addresses; *addrPtr != NULL; addrPtr++, dataPtr++) { + + *dataPtr = (cc_data *) malloc (sizeof(cc_data)); + if (*dataPtr == NULL) + return ENOMEM; + data = *dataPtr; + addr = *addrPtr; + + data->type = addr->addrtype; + data->length = addr->length; + data->data = malloc (sizeof(char) * data->length); + if (data->data == NULL) + return ENOMEM; + memmove(data->data, addr->contents, data->length); /* copy contents */ + } + + /* Write terminator: */ + *dataPtr = NULL; + } + } + + if (whichArray == kAuthDataArray) { + if (v5Creds->authdata == NULL) { + ccCreds->authdata = NULL; + } else { + krb5_authdata **authPtr, *auth; + cc_data **dataPtr, *data; + unsigned int numRecords = 0; + + /* Allocate the array of pointers: */ + for (authPtr = v5Creds->authdata; *authPtr != NULL; numRecords++, authPtr++) {} + + ccCreds->authdata = (cc_data **) malloc (sizeof(cc_data *) * (numRecords + 1)); + if (ccCreds->authdata == NULL) + return ENOMEM; + + /* Fill in the array, allocating the address structures: */ + for (dataPtr = ccCreds->authdata, authPtr = v5Creds->authdata; *authPtr != NULL; authPtr++, dataPtr++) { + + *dataPtr = (cc_data *) malloc (sizeof(cc_data)); + if (*dataPtr == NULL) + return ENOMEM; + data = *dataPtr; + auth = *authPtr; + + data->type = auth->ad_type; + data->length = auth->length; + data->data = malloc (sizeof(char) * data->length); + if (data->data == NULL) + return ENOMEM; + memmove(data->data, auth->contents, data->length); /* copy contents */ + } + + /* Write terminator: */ + *dataPtr = NULL; } - - //write terminator - *cbase = NULL; - if (whichArray == kAddressArray) cc->addresses = (cc_data **)constCBase; - else cc->authdata = (cc_data **)constCBase; + } - return 0; + return 0; } /* @@ -136,52 +194,56 @@ int copyK5DataArrayToCC(krb5_creds *kc, cc_creds *cc, char whichArray) { * - allocate an empty k5 style ticket and copy info from the cc_creds ticket */ -void dupCCtoK5(krb5_context context, cc_creds *src, krb5_creds *dest) { - - int err; - - /* - * allocate and copy - * copy all of those damn fields back - */ - err = krb5_parse_name(context, src->client, &(dest->client)); - err = krb5_parse_name(context, src->server, &(dest->server)); - if (err) return; //parsename fails w/o krb5.ini for example - - /* copy keyblock */ - dest->keyblock.enctype = src->keyblock.type; - dest->keyblock.length = src->keyblock.length; - dest->keyblock.contents = (krb5_octet *)malloc(dest->keyblock.length); - memcpy(dest->keyblock.contents, src->keyblock.data, dest->keyblock.length); - - /* copy times */ - dest->times.authtime = src->authtime; - dest->times.starttime = src->starttime; - dest->times.endtime = src->endtime; - dest->times.renew_till = src->renew_till; - dest->is_skey = src->is_skey; - dest->ticket_flags = src->ticket_flags; - - /* more branching fields */ - copyCCDataArrayToK5(src, dest, kAddressArray); - dest->ticket.length = src->ticket.length; - dest->ticket.data = (char *)malloc(src->ticket.length); - memcpy(dest->ticket.data, src->ticket.data, src->ticket.length); - dest->second_ticket.length = src->second_ticket.length; - (dest->second_ticket).data = ( char *)malloc(src->second_ticket.length); - memcpy(dest->second_ticket.data, src->second_ticket.data, src->second_ticket.length); - - /* zero out magic number */ - dest->magic = 0; - /* - * later - * copyCCDataArrayToK5(src, dest, kAuthDataArray); - * krb5 docs say that authdata can be nulled out if we - * only want default behavior - */ - dest->authdata = NULL; - - return; +void dupCCtoK5(krb5_context context, cc_creds *src, krb5_creds *dest) +{ + krb5_int32 offset_seconds = 0, offset_microseconds = 0; + int err; + + /* + * allocate and copy + * copy all of those damn fields back + */ + err = krb5_parse_name(context, src->client, &(dest->client)); + err = krb5_parse_name(context, src->server, &(dest->server)); + if (err) return; /* parsename fails w/o krb5.ini for example */ + + /* copy keyblock */ + dest->keyblock.enctype = src->keyblock.type; + dest->keyblock.length = src->keyblock.length; + dest->keyblock.contents = (krb5_octet *)malloc(dest->keyblock.length); + memcpy(dest->keyblock.contents, src->keyblock.data, dest->keyblock.length); + + /* copy times */ +#if TARGET_OS_MAC + err = krb5_get_time_offsets(context, &offset_seconds, &offset_microseconds); + if (err) return; +#endif + dest->times.authtime = src->authtime + offset_seconds; + dest->times.starttime = src->starttime + offset_seconds; + dest->times.endtime = src->endtime + offset_seconds; + dest->times.renew_till = src->renew_till + offset_seconds; + dest->is_skey = src->is_skey; + dest->ticket_flags = src->ticket_flags; + + /* more branching fields */ + err = copyCCDataArrayToK5(src, dest, kAddressArray); + if (err) return; + + dest->ticket.length = src->ticket.length; + dest->ticket.data = (char *)malloc(src->ticket.length); + memcpy(dest->ticket.data, src->ticket.data, src->ticket.length); + dest->second_ticket.length = src->second_ticket.length; + (dest->second_ticket).data = ( char *)malloc(src->second_ticket.length); + memcpy(dest->second_ticket.data, src->second_ticket.data, src->second_ticket.length); + + /* zero out magic number */ + dest->magic = 0; + + /* authdata */ + err = copyCCDataArrayToK5(src, dest, kAuthDataArray); + if (err) return; + + return; } /* @@ -190,90 +252,97 @@ void dupCCtoK5(krb5_context context, cc_creds *src, krb5_creds *dest) { */ void dupK5toCC(krb5_context context, krb5_creds *creds, cred_union **cu) { - cc_creds *c; - int err; + cc_creds *c; + int err; + krb5_int32 offset_seconds = 0, offset_microseconds = 0; #ifdef macintosh - char *tempname = NULL; + char *tempname = NULL; #endif - - if (cu == NULL) return; - - /* allocate the cred_union */ - *cu = (cred_union *)malloc(sizeof(cred_union)); - if ((*cu) == NULL) - return; - - (*cu)->cred_type = CC_CRED_V5; - - /* allocate creds structure (and install) */ - c = (cc_creds *)malloc(sizeof(cc_creds)); - if (c == NULL) return; - (*cu)->cred.pV5Cred = c; - - /* convert krb5 principals to flat principals */ + + if (cu == NULL) return; + + /* allocate the cred_union */ + *cu = (cred_union *)malloc(sizeof(cred_union)); + if ((*cu) == NULL) + return; + + (*cu)->cred_type = CC_CRED_V5; + + /* allocate creds structure (and install) */ + c = (cc_creds *)malloc(sizeof(cc_creds)); + if (c == NULL) return; + (*cu)->cred.pV5Cred = c; + + /* convert krb5 principals to flat principals */ #ifdef macintosh - /* - * and make sure the memory for c->client and c->server is on - * the system heap with NewPtr for the Mac (krb5_unparse_name - * puts it in appl heap with malloc) - */ - err = krb5_unparse_name(context, creds->client, &tempname); - c->client = malloc(strlen(tempname)+1); - if (c->client != NULL) - strcpy(c->client,tempname); - free(tempname); - tempname = NULL; - - err = krb5_unparse_name(context, creds->server, &tempname); - c->server = malloc(strlen(tempname)+1); - if (c->server != NULL) - strcpy(c->server,tempname); - free(tempname); + /* + * and make sure the memory for c->client and c->server is on + * the system heap with NewPtr for the Mac (krb5_unparse_name + * puts it in appl heap with malloc) + */ + err = krb5_unparse_name(context, creds->client, &tempname); + c->client = malloc(strlen(tempname)+1); + if (c->client != NULL) + strcpy(c->client,tempname); + free(tempname); + tempname = NULL; + + err = krb5_unparse_name(context, creds->server, &tempname); + c->server = malloc(strlen(tempname)+1); + if (c->server != NULL) + strcpy(c->server,tempname); + free(tempname); #else - err = krb5_unparse_name(context, creds->client, &(c->client)); - err = krb5_unparse_name(context, creds->server, &(c->server)); + err = krb5_unparse_name(context, creds->client, &(c->client)); + err = krb5_unparse_name(context, creds->server, &(c->server)); #endif - if (err) return; - - /* copy more fields */ - c->keyblock.type = creds->keyblock.enctype; - c->keyblock.length = creds->keyblock.length; - - if (creds->keyblock.contents != NULL) { - c->keyblock.data = (unsigned char *)malloc(creds->keyblock.length); - memcpy(c->keyblock.data, creds->keyblock.contents, creds->keyblock.length); - } else { - c->keyblock.data = NULL; - } - - c->authtime = creds->times.authtime; - c->starttime = creds->times.starttime; - c->endtime = creds->times.endtime; - c->renew_till = creds->times.renew_till; - c->is_skey = creds->is_skey; - c->ticket_flags = creds->ticket_flags; - - copyK5DataArrayToCC(creds, c, kAddressArray); - - c->ticket.length = creds->ticket.length; - if (creds->ticket.data != NULL) { - c->ticket.data = (unsigned char *)malloc(creds->ticket.length); - memcpy(c->ticket.data, creds->ticket.data, creds->ticket.length); - } else { - c->ticket.data = NULL; - } - - c->second_ticket.length = creds->second_ticket.length; - if (creds->second_ticket.data != NULL) { - c->second_ticket.data = (unsigned char *)malloc(creds->second_ticket.length); - memcpy(c->second_ticket.data, creds->second_ticket.data, creds->second_ticket.length); - } else { - c->second_ticket.data = NULL; - } - - c->authdata = NULL; - - return; + if (err) return; + + /* copy more fields */ + c->keyblock.type = creds->keyblock.enctype; + c->keyblock.length = creds->keyblock.length; + + if (creds->keyblock.contents != NULL) { + c->keyblock.data = (unsigned char *)malloc(creds->keyblock.length); + memcpy(c->keyblock.data, creds->keyblock.contents, creds->keyblock.length); + } else { + c->keyblock.data = NULL; + } + +#if TARGET_OS_MAC + err = krb5_get_time_offsets(context, &offset_seconds, &offset_microseconds); + if (err) return; +#endif + c->authtime = creds->times.authtime - offset_seconds; + c->starttime = creds->times.starttime - offset_seconds; + c->endtime = creds->times.endtime - offset_seconds; + c->renew_till = creds->times.renew_till - offset_seconds; + c->is_skey = creds->is_skey; + c->ticket_flags = creds->ticket_flags; + + err = copyK5DataArrayToCC(creds, c, kAddressArray); + if (err) return; + + c->ticket.length = creds->ticket.length; + if (creds->ticket.data != NULL) { + c->ticket.data = (unsigned char *)malloc(creds->ticket.length); + memcpy(c->ticket.data, creds->ticket.data, creds->ticket.length); + } else { + c->ticket.data = NULL; + } + + c->second_ticket.length = creds->second_ticket.length; + if (creds->second_ticket.data != NULL) { + c->second_ticket.data = (unsigned char *)malloc(creds->second_ticket.length); + memcpy(c->second_ticket.data, creds->second_ticket.data, creds->second_ticket.length); + } else { + c->second_ticket.data = NULL; + } + + err = copyK5DataArrayToCC(creds, c, kAuthDataArray); + if (err) return; + + return; } /* @@ -281,7 +350,7 @@ void dupK5toCC(krb5_context context, krb5_creds *creds, cred_union **cu) */ static krb5_boolean times_match(t1, t2) -register const krb5_ticket_times *t1; + register const krb5_ticket_times *t1; register const krb5_ticket_times *t2; { if (t1->renew_till) { @@ -308,7 +377,7 @@ times_match_exact (t1, t2) static krb5_boolean standard_fields_match(context, mcreds, creds) - krb5_context context; + krb5_context context; register const krb5_creds *mcreds, *creds; { return (krb5_principal_compare(context, mcreds->client,creds->client) && @@ -319,12 +388,12 @@ register const krb5_creds *mcreds, *creds; static krb5_boolean srvname_match(context, mcreds, creds) - krb5_context context; + krb5_context context; register const krb5_creds *mcreds, *creds; { krb5_boolean retval; krb5_principal_data p1, p2; - + retval = krb5_principal_compare(context, mcreds->client,creds->client); if (retval != TRUE) return retval; @@ -368,7 +437,7 @@ authdata_match(mdata, data) static krb5_boolean data_match(data1, data2) -register const krb5_data *data1, *data2; + register const krb5_data *data1, *data2; { if (!data1) { if (!data2) @@ -396,117 +465,113 @@ register const krb5_data *data1, *data2; int stdccCredsMatch(krb5_context context, krb5_creds *base, krb5_creds *match, int whichfields) { - krb5_ticket_times b, m; - krb5_authdata **bp, **mp; - krb5_boolean retval; - - if (((MATCH_SET(KRB5_TC_MATCH_SRV_NAMEONLY) && - srvname_match(context, match, base)) || - standard_fields_match(context, match, base)) - && - (! MATCH_SET(KRB5_TC_MATCH_IS_SKEY) || - match->is_skey == base->is_skey) - && - (! MATCH_SET(KRB5_TC_MATCH_FLAGS_EXACT) || - match->ticket_flags == base->ticket_flags) - && - (! MATCH_SET(KRB5_TC_MATCH_FLAGS) || - flags_match(match->ticket_flags, base->ticket_flags)) - && - (! MATCH_SET(KRB5_TC_MATCH_TIMES_EXACT) || - times_match_exact(&match->times, &base->times)) - && - (! MATCH_SET(KRB5_TC_MATCH_TIMES) || - times_match(&match->times, &base->times)) - && - (! MATCH_SET(KRB5_TC_MATCH_AUTHDATA) || - authdata_match (match->authdata, base->authdata)) - && - (! MATCH_SET(KRB5_TC_MATCH_2ND_TKT) || - data_match (&match->second_ticket, &base->second_ticket)) - && - ((! MATCH_SET(KRB5_TC_MATCH_KTYPE))|| - (match->keyblock.enctype == base->keyblock.enctype)) - ) - return TRUE; - return FALSE; - + if (((MATCH_SET(KRB5_TC_MATCH_SRV_NAMEONLY) && + srvname_match(context, match, base)) || + standard_fields_match(context, match, base)) + && + (! MATCH_SET(KRB5_TC_MATCH_IS_SKEY) || + match->is_skey == base->is_skey) + && + (! MATCH_SET(KRB5_TC_MATCH_FLAGS_EXACT) || + match->ticket_flags == base->ticket_flags) + && + (! MATCH_SET(KRB5_TC_MATCH_FLAGS) || + flags_match(match->ticket_flags, base->ticket_flags)) + && + (! MATCH_SET(KRB5_TC_MATCH_TIMES_EXACT) || + times_match_exact(&match->times, &base->times)) + && + (! MATCH_SET(KRB5_TC_MATCH_TIMES) || + times_match(&match->times, &base->times)) + && + (! MATCH_SET(KRB5_TC_MATCH_AUTHDATA) || + authdata_match (match->authdata, base->authdata)) + && + (! MATCH_SET(KRB5_TC_MATCH_2ND_TKT) || + data_match (&match->second_ticket, &base->second_ticket)) + && + ((! MATCH_SET(KRB5_TC_MATCH_KTYPE))|| + (match->keyblock.enctype == base->keyblock.enctype)) + ) + return TRUE; + return FALSE; } -// ----- free_cc_cred_union, etc -------------- +/* ----- free_cc_cred_union, etc -------------- */ /* - Since the Kerberos5 library allocates a credentials cache structure - (in dupK5toCC() above) with its own memory allocation routines - which - may be different than how the CCache allocates memory - the Kerb5 library - must have its own version of cc_free_creds() to deallocate it. These - functions do that. The top-level function to substitue for cc_free_creds() - is krb5_free_cc_cred_union(). - - If the CCache library wants to use a cred_union structure created by - the Kerb5 library, it should make a deep copy of it to "translate" to its - own memory allocation space. + Since the Kerberos5 library allocates a credentials cache structure + (in dupK5toCC() above) with its own memory allocation routines - which + may be different than how the CCache allocates memory - the Kerb5 library + must have its own version of cc_free_creds() to deallocate it. These + functions do that. The top-level function to substitue for cc_free_creds() + is krb5_free_cc_cred_union(). + + If the CCache library wants to use a cred_union structure created by + the Kerb5 library, it should make a deep copy of it to "translate" to its + own memory allocation space. */ -static void deep_free_cc_data (cc_data data) { - - if (data.data != NULL) - free (data.data); +static void deep_free_cc_data (cc_data data) +{ + if (data.data != NULL) + free (data.data); } static void deep_free_cc_data_array (cc_data** data) { - - unsigned int index; - - if (data == NULL) - return; - - for (index = 0; data [index] != NULL; index++) { - deep_free_cc_data (*(data [index])); - free (data [index]); - } - - free (data); + + unsigned int index; + + if (data == NULL) + return; + + for (index = 0; data [index] != NULL; index++) { + deep_free_cc_data (*(data [index])); + free (data [index]); + } + + free (data); } -static void deep_free_cc_v5_creds (cc_creds* creds) { - - if (creds == NULL) - return; - - if (creds -> client != NULL) - free (creds -> client); - if (creds -> server != NULL) - free (creds -> server); - - deep_free_cc_data (creds -> keyblock); - deep_free_cc_data (creds -> ticket); - deep_free_cc_data (creds -> second_ticket); - - deep_free_cc_data_array (creds -> addresses); - deep_free_cc_data_array (creds -> authdata); - - free(creds); +static void deep_free_cc_v5_creds (cc_creds* creds) +{ + if (creds == NULL) + return; + + if (creds -> client != NULL) + free (creds -> client); + if (creds -> server != NULL) + free (creds -> server); + + deep_free_cc_data (creds -> keyblock); + deep_free_cc_data (creds -> ticket); + deep_free_cc_data (creds -> second_ticket); + + deep_free_cc_data_array (creds -> addresses); + deep_free_cc_data_array (creds -> authdata); + + free(creds); } -static void deep_free_cc_creds (cred_union creds) { - - if (creds.cred_type == CC_CRED_V4) { // we shouldn't get this, of course - free (creds.cred.pV4Cred); - } else if (creds.cred_type == CC_CRED_V5) { - deep_free_cc_v5_creds (creds.cred.pV5Cred); - } +static void deep_free_cc_creds (cred_union creds) +{ + if (creds.cred_type == CC_CRED_V4) { + /* we shouldn't get this, of course */ + free (creds.cred.pV4Cred); + } else if (creds.cred_type == CC_CRED_V5) { + deep_free_cc_v5_creds (creds.cred.pV5Cred); + } } -// top-level exported function -cc_int32 krb5_free_cc_cred_union (cred_union** creds) { - - if (creds == NULL) - return CC_BAD_PARM; - - if (*creds != NULL) { - deep_free_cc_creds (**creds); - free (*creds); - *creds = NULL; - } - - return CC_NOERROR; +/* top-level exported function */ +cc_int32 krb5_free_cc_cred_union (cred_union** creds) +{ + if (creds == NULL) + return CC_BAD_PARM; + + if (*creds != NULL) { + deep_free_cc_creds (**creds); + free (*creds); + *creds = NULL; + } + + return CC_NOERROR; } |