diff options
Diffstat (limited to 'src/lib/krb5/krb')
36 files changed, 410 insertions, 376 deletions
diff --git a/src/lib/krb5/krb/ChangeLog b/src/lib/krb5/krb/ChangeLog index e00b927..93e7314 100644 --- a/src/lib/krb5/krb/ChangeLog +++ b/src/lib/krb5/krb/ChangeLog @@ -1,3 +1,15 @@ +Thu Jun 8 16:06:44 1995 <tytso@rsx-11.mit.edu> + + * compat_recv.c, auth_con.c, chk_trans.c, encrypt_tk.c, + gc_frm_kdc.c, gc_via_tkt.c, gen_seqnum.c, gen_subkey.c, + get_creds.c, get_in_tkt.c, in_tkt_ktb.c, in_tkt_pwd.c, + in_tkt_skey.c, init_ctx.c, kdc_rep_dc.c, mk_cred.c, + mk_error.c, mk_priv.c, mk_rep.c, mk_req.c, mk_req_ext.c, + mk_cred.c, mk_safe.c, parse.c, preauth.c, rd_cred.c, + rd_rep.c, rd_req.c, rd_req_dec.c, rd_safe.c, recvauth.c, + sendauth.c, send_tgs.c, srv_rcache.c, walk_rtree.c: Clean + up GCC -Wall flames. + Wed Jun 7 15:23:21 1995 <tytso@rsx-11.mit.edu> * conv_princ.c (krb5_425_conv_principal): Remove old CONFIG_FILES diff --git a/src/lib/krb5/krb/auth_con.c b/src/lib/krb5/krb/auth_con.c index f960525..44828cb 100644 --- a/src/lib/krb5/krb/auth_con.c +++ b/src/lib/krb5/krb/auth_con.c @@ -7,18 +7,19 @@ krb5_auth_con_init(context, auth_context) krb5_context context; krb5_auth_context ** auth_context; { - if (*auth_context = (krb5_auth_context *)malloc(sizeof(krb5_auth_context))){ - memset(*auth_context, 0, sizeof(krb5_auth_context)); + *auth_context = (krb5_auth_context *)malloc(sizeof(krb5_auth_context)); + if (!*auth_context) + return ENOMEM; + + memset(*auth_context, 0, sizeof(krb5_auth_context)); - /* Default flags, do time not seq */ - (*auth_context)->auth_context_flags = - KRB5_AUTH_CONTEXT_DO_TIME | KRB5_AUTH_CONN_INITIALIZED; + /* Default flags, do time not seq */ + (*auth_context)->auth_context_flags = + KRB5_AUTH_CONTEXT_DO_TIME | KRB5_AUTH_CONN_INITIALIZED; - (*auth_context)->cksumtype = CKSUMTYPE_RSA_MD4_DES; - /* (*auth_context)->cksumtype = CKSUMTYPE_CRC32; */ - return 0; - } - return ENOMEM; + (*auth_context)->cksumtype = CKSUMTYPE_RSA_MD4_DES; + /* (*auth_context)->cksumtype = CKSUMTYPE_CRC32; */ + return 0; } krb5_error_code @@ -103,9 +104,9 @@ krb5_auth_con_getaddrs(context, auth_context, local_addr, remote_addr) krb5_address * tmp_addr; if (local_addr && auth_context->local_addr) { - if ((tmp_addr = (krb5_address *)malloc(sizeof(krb5_address))) == NULL) + if (!(tmp_addr = (krb5_address *)malloc(sizeof(krb5_address)))) return ENOMEM; - if (tmp_addr->contents = malloc(auth_context->local_addr->length)) { + if ((tmp_addr->contents = malloc(auth_context->local_addr->length))) { memcpy(tmp_addr->contents, auth_context->local_addr->contents, auth_context->local_addr->length); tmp_addr->addrtype = auth_context->local_addr->addrtype; @@ -123,7 +124,7 @@ krb5_auth_con_getaddrs(context, auth_context, local_addr, remote_addr) } return ENOMEM; } - if (tmp_addr->contents = malloc(auth_context->remote_addr->length)) { + if ((tmp_addr->contents = malloc(auth_context->remote_addr->length))) { memcpy(tmp_addr->contents, auth_context->remote_addr->contents, auth_context->remote_addr->length); tmp_addr->addrtype = auth_context->remote_addr->addrtype; @@ -154,8 +155,8 @@ krb5_auth_con_setports(context, auth_context, local_port, remote_port) free(auth_context->remote_port); if (local_port) { - if ((auth_context->local_port = (krb5_address *) - malloc(sizeof(krb5_address) + local_port->length)) == NULL) { + if (((auth_context->local_port = (krb5_address *) + malloc(sizeof(krb5_address) + local_port->length)) == NULL)) { return ENOMEM; } auth_context->local_port->addrtype = local_port->addrtype; @@ -291,7 +292,7 @@ krb5_auth_con_initivector(context, auth_context) int size = krb5_keytype_array[auth_context->keyblock->keytype]-> system->block_length; - if (auth_context->i_vector = (krb5_pointer)malloc(size)) { + if ((auth_context->i_vector = (krb5_pointer)malloc(size))) { memset(auth_context->i_vector, 0, size); return 0; } diff --git a/src/lib/krb5/krb/chk_trans.c b/src/lib/krb5/krb/chk_trans.c index c324667..0961d6a 100644 --- a/src/lib/krb5/krb/chk_trans.c +++ b/src/lib/krb5/krb/chk_trans.c @@ -44,8 +44,8 @@ krb5_data *realm2; trans_length = trans->data[trans->length-1] ? trans->length : trans->length - 1; - if (retval = krb5_walk_realm_tree(context, realm1, realm2, &tgs_list, - KRB5_REALM_BRANCH_CHAR)) { + if ((retval = krb5_walk_realm_tree(context, realm1, realm2, &tgs_list, + KRB5_REALM_BRANCH_CHAR))) { return(retval); } diff --git a/src/lib/krb5/krb/compat_recv.c b/src/lib/krb5/krb/compat_recv.c index 554dc29..5041056 100644 --- a/src/lib/krb5/krb/compat_recv.c +++ b/src/lib/krb5/krb/compat_recv.c @@ -37,6 +37,7 @@ #include "k5-int.h" #ifndef _MSDOS #include <kerberosIV/krb.h> +#include <kerberosIV/krb4-proto.h> #include "com_err.h" #include <errno.h> @@ -211,17 +212,15 @@ char *filename; /* name of file with service keys */ Key_schedule schedule; /* key schedule (return) */ char *version; /* version string (filled in) */ { - int i, cc, old_vers = 0; - char krb_vers[KRB_SENDAUTH_VLEN + 1]; /* + 1 for the null terminator */ - char *cp; + int cc, old_vers = 0; int rem; krb5_int32 tkt_len, priv_len; krb5_ui_4 cksum; u_char tmp_buf[MAX_KTXT_LEN+max(KRB_SENDAUTH_VLEN+1,21)]; /* read the application version string */ - if (krb_net_read(fd, version, KRB_SENDAUTH_VLEN) != - KRB_SENDAUTH_VLEN) + if ((krb_net_read(fd, version, KRB_SENDAUTH_VLEN) != + KRB_SENDAUTH_VLEN)) return(errno); version[KRB_SENDAUTH_VLEN] = '\0'; diff --git a/src/lib/krb5/krb/encrypt_tk.c b/src/lib/krb5/krb/encrypt_tk.c index 101b6b7..0220e42 100644 --- a/src/lib/krb5/krb/encrypt_tk.c +++ b/src/lib/krb5/krb/encrypt_tk.c @@ -50,7 +50,7 @@ krb5_encrypt_tkt_part(context, eblock, srv_key, dec_ticket) register krb5_enc_tkt_part *dec_tkt_part = dec_ticket->enc_part2; /* start by encoding the to-be-encrypted part. */ - if (retval = encode_krb5_enc_tkt_part(dec_tkt_part, &scratch)) { + if ((retval = encode_krb5_enc_tkt_part(dec_tkt_part, &scratch))) { return retval; } @@ -82,16 +82,16 @@ dec_ticket->enc_part.ciphertext.length = 0; \ dec_ticket->enc_part.ciphertext.data = 0;} /* do any necessary key pre-processing */ - if (retval = krb5_process_key(context, eblock, srv_key)) { + if ((retval = krb5_process_key(context, eblock, srv_key))) { goto clean_encpart; } #define cleanup_prockey() {(void) krb5_finish_key(context, eblock);} /* call the encryption routine */ - if (retval = krb5_encrypt(context, (krb5_pointer) scratch->data, - (krb5_pointer) dec_ticket->enc_part.ciphertext.data, - scratch->length, eblock, 0)) { + if ((retval = krb5_encrypt(context, (krb5_pointer) scratch->data, + (krb5_pointer) dec_ticket->enc_part.ciphertext.data, + scratch->length, eblock, 0))) { goto clean_prockey; } @@ -100,7 +100,7 @@ dec_ticket->enc_part.ciphertext.data = 0;} /* ticket is now assembled-- do some cleanup */ cleanup_scratch(); - if (retval = krb5_finish_key(context, eblock)) { + if ((retval = krb5_finish_key(context, eblock))) { cleanup_encpart(); return retval; } diff --git a/src/lib/krb5/krb/gc_frm_kdc.c b/src/lib/krb5/krb/gc_frm_kdc.c index f2a3267..255c449 100644 --- a/src/lib/krb5/krb/gc_frm_kdc.c +++ b/src/lib/krb5/krb/gc_frm_kdc.c @@ -107,24 +107,23 @@ krb5_get_cred_from_kdc(context, ccache, in_cred, out_cred, tgts) * (the ticket may be issued by some other intermediate * realm's KDC; so we use KRB5_TC_MATCH_SRV_NAMEONLY) */ - if (retval = krb5_copy_principal(context, in_cred->client, &tgtq.client)) + if ((retval = krb5_copy_principal(context, in_cred->client, &tgtq.client))) goto cleanup; /* get target tgt from cache */ - if (retval = krb5_tgtname(context, krb5_princ_realm(context, in_cred->server), - krb5_princ_realm(context, in_cred->client), - &int_server)) { + if ((retval = krb5_tgtname(context, krb5_princ_realm(context, in_cred->server), + krb5_princ_realm(context, in_cred->client), + &int_server))) { goto cleanup; } - if (retval = krb5_copy_principal(context, int_server, &tgtq.server)) { + if ((retval = krb5_copy_principal(context, int_server, &tgtq.server))) { goto cleanup; } - if (retval = krb5_cc_retrieve_cred(context, ccache, - KRB5_TC_MATCH_SRV_NAMEONLY, - &tgtq, - &tgt)) { + if ((retval = krb5_cc_retrieve_cred(context, ccache, + KRB5_TC_MATCH_SRV_NAMEONLY, + &tgtq, &tgt))) { if (retval != KRB5_CC_NOTFOUND) { goto cleanup; @@ -144,34 +143,33 @@ krb5_get_cred_from_kdc(context, ccache, in_cred, out_cred, tgts) */ krb5_free_principal(context, int_server); int_server = NULL; - if (retval = krb5_tgtname(context, - krb5_princ_realm(context, in_cred->client), - krb5_princ_realm(context, in_cred->client), - &int_server)) { + if ((retval = krb5_tgtname(context, + krb5_princ_realm(context, in_cred->client), + krb5_princ_realm(context, in_cred->client), + &int_server))) { goto cleanup; } krb5_free_cred_contents(context, &tgtq); memset((char *)&tgtq, 0, sizeof(tgtq)); - if(retval = krb5_copy_principal(context, in_cred->client, &tgtq.client)) + if ((retval = krb5_copy_principal(context, in_cred->client, &tgtq.client))) goto cleanup; - if(retval = krb5_copy_principal(context, int_server, &tgtq.server)) + if ((retval = krb5_copy_principal(context, int_server, &tgtq.server))) goto cleanup; - if (retval = krb5_cc_retrieve_cred(context, ccache, - KRB5_TC_MATCH_SRV_NAMEONLY, - &tgtq, - &tgt)) { + if ((retval = krb5_cc_retrieve_cred(context, ccache, + KRB5_TC_MATCH_SRV_NAMEONLY, + &tgtq, &tgt))) { goto cleanup; } /* get a list of realms to consult */ - if (retval = krb5_walk_realm_tree(context, - krb5_princ_realm(context,in_cred->client), - krb5_princ_realm(context,in_cred->server), - &tgs_list, - KRB5_REALM_BRANCH_CHAR)) { + if ((retval = krb5_walk_realm_tree(context, + krb5_princ_realm(context,in_cred->client), + krb5_princ_realm(context,in_cred->server), + &tgs_list, + KRB5_REALM_BRANCH_CHAR))) { goto cleanup; } @@ -207,25 +205,24 @@ krb5_get_cred_from_kdc(context, ccache, in_cred, out_cred, tgts) krb5_free_cred_contents(context, &tgtq); memset(&tgtq, 0, sizeof(tgtq)); - if(retval = krb5_copy_principal(context, tgt.client, &tgtq.client)) + if ((retval = krb5_copy_principal(context, tgt.client, &tgtq.client))) goto cleanup; krb5_free_principal(context, int_server); int_server = NULL; - if (retval = krb5_tgtname(context, - krb5_princ_realm(context, in_cred->server), - krb5_princ_realm(context, *top_server), - &int_server)) { + if ((retval = krb5_tgtname(context, + krb5_princ_realm(context, in_cred->server), + krb5_princ_realm(context, *top_server), + &int_server))) { goto cleanup; } - if(retval = krb5_copy_principal(context, int_server, &tgtq.server)) + if ((retval = krb5_copy_principal(context, int_server, &tgtq.server))) goto cleanup; - if (retval = krb5_cc_retrieve_cred(context, ccache, - KRB5_TC_MATCH_SRV_NAMEONLY, - &tgtq, - &tgt)) { + if ((retval = krb5_cc_retrieve_cred(context, ccache, + KRB5_TC_MATCH_SRV_NAMEONLY, + &tgtq, &tgt))) { if (retval != KRB5_CC_NOTFOUND) { goto cleanup; @@ -247,16 +244,16 @@ krb5_get_cred_from_kdc(context, ccache, in_cred, out_cred, tgts) memcpy(&tgtq.times, &tgt.times, sizeof(krb5_ticket_times)); #endif - if (retval = krb5_copy_principal(context, tgt.client, &tgtq.client)) + if ((retval = krb5_copy_principal(context, tgt.client, &tgtq.client))) goto cleanup; - if(retval = krb5_copy_principal(context, int_server, &tgtq.server)) + if ((retval = krb5_copy_principal(context, int_server, &tgtq.server))) goto cleanup; tgtq.is_skey = FALSE; tgtq.ticket_flags = tgt.ticket_flags; etype = TGT_ETYPE; - if (retval = krb5_get_cred_via_tkt(context, &tgt, - FLAGS2OPTS(tgtq.ticket_flags), - tgt.addresses, &tgtq, &tgtr)) { + if ((retval = krb5_get_cred_via_tkt(context, &tgt, + FLAGS2OPTS(tgtq.ticket_flags), + tgt.addresses, &tgtq, &tgtr))) { /* * couldn't get one so now loop backwards through the realms @@ -270,24 +267,26 @@ krb5_get_cred_from_kdc(context, ccache, in_cred, out_cred, tgts) next_server--) { krb5_free_cred_contents(context, &tgtq); memset(&tgtq, 0, sizeof(tgtq)); - if (retval = krb5_copy_principal(context, tgt.client, &tgtq.client)) + if ((retval = krb5_copy_principal(context, tgt.client, + &tgtq.client))) goto cleanup; krb5_free_principal(context, int_server); int_server = NULL; - if (retval = krb5_tgtname(context, - krb5_princ_realm(context, *next_server), - krb5_princ_realm(context, *top_server), - &int_server)) { + if ((retval = krb5_tgtname(context, + krb5_princ_realm(context, *next_server), + krb5_princ_realm(context, *top_server), + &int_server))) { goto cleanup; } - if(retval = krb5_copy_principal(context, int_server, &tgtq.server)) + if ((retval = krb5_copy_principal(context, int_server, + &tgtq.server))) goto cleanup; - if(retval = krb5_cc_retrieve_cred(context, ccache, - KRB5_TC_MATCH_SRV_NAMEONLY, - &tgtq, &tgt)) { + if ((retval = krb5_cc_retrieve_cred(context, ccache, + KRB5_TC_MATCH_SRV_NAMEONLY, + &tgtq, &tgt))) { if (retval != KRB5_CC_NOTFOUND) { goto cleanup; } @@ -302,21 +301,25 @@ krb5_get_cred_from_kdc(context, ccache, in_cred, out_cred, tgts) krb5_free_cred_contents(context, &tgtq); memset(&tgtq, 0, sizeof(tgtq)); tgtq.times = tgt.times; - if (retval = krb5_copy_principal(context,tgt.client,&tgtq.client)) + if ((retval = krb5_copy_principal(context, tgt.client, + &tgtq.client))) goto cleanup; - if(retval = krb5_copy_principal(context,int_server,&tgtq.server)) + if ((retval = krb5_copy_principal(context, int_server, + &tgtq.server))) goto cleanup; tgtq.is_skey = FALSE; tgtq.ticket_flags = tgt.ticket_flags; etype = TGT_ETYPE; - if (retval = krb5_get_cred_via_tkt(context, &tgt, - FLAGS2OPTS(tgtq.ticket_flags), - tgt.addresses, &tgtq, &tgtr)) { + if ((retval = krb5_get_cred_via_tkt(context, &tgt, + FLAGS2OPTS(tgtq.ticket_flags), + tgt.addresses, + &tgtq, &tgtr))) { continue; } /* save tgt in return array */ - if (retval = krb5_copy_creds(context, tgtr, &ret_tgts[ntgts])) { + if ((retval = krb5_copy_creds(context, tgtr, + &ret_tgts[ntgts]))) { goto cleanup; } krb5_free_creds(context, tgtr); @@ -358,7 +361,7 @@ krb5_get_cred_from_kdc(context, ccache, in_cred, out_cred, tgts) goto cleanup; } - if (retval = krb5_copy_creds(context, tgtr, &ret_tgts[ntgts])) { + if ((retval = krb5_copy_creds(context, tgtr, &ret_tgts[ntgts]))) { goto cleanup; } krb5_free_creds(context, tgtr); diff --git a/src/lib/krb5/krb/gc_via_tkt.c b/src/lib/krb5/krb/gc_via_tkt.c index 19114cc..c2f531f 100644 --- a/src/lib/krb5/krb/gc_via_tkt.c +++ b/src/lib/krb5/krb/gc_via_tkt.c @@ -45,20 +45,20 @@ krb5_kdcrep2creds(context, pkdcrep, address, psectkt, ppcreds) memset(*ppcreds, 0, sizeof(krb5_creds)); - if (retval = krb5_copy_principal(context, pkdcrep->client, - &(*ppcreds)->client)) + if ((retval = krb5_copy_principal(context, pkdcrep->client, + &(*ppcreds)->client))) goto cleanup; - if (retval = krb5_copy_principal(context, pkdcrep->enc_part2->server, - &(*ppcreds)->server)) + if ((retval = krb5_copy_principal(context, pkdcrep->enc_part2->server, + &(*ppcreds)->server))) goto cleanup; - if (retval = krb5_copy_keyblock_contents(context, - pkdcrep->enc_part2->session, - &(*ppcreds)->keyblock)) + if ((retval = krb5_copy_keyblock_contents(context, + pkdcrep->enc_part2->session, + &(*ppcreds)->keyblock))) goto cleanup; - if (retval = krb5_copy_data(context, psectkt, &pdata)) + if ((retval = krb5_copy_data(context, psectkt, &pdata))) goto cleanup; (*ppcreds)->second_ticket = *pdata; krb5_xfree(pdata); @@ -72,17 +72,17 @@ krb5_kdcrep2creds(context, pkdcrep, address, psectkt, ppcreds) (*ppcreds)->is_skey = 0; /* not used */ if (pkdcrep->enc_part2->caddrs) { - if (retval = krb5_copy_addresses(context, pkdcrep->enc_part2->caddrs, - &(*ppcreds)->addresses)) + if ((retval = krb5_copy_addresses(context, pkdcrep->enc_part2->caddrs, + &(*ppcreds)->addresses))) goto cleanup_keyblock; } else { /* no addresses in the list means we got what we had */ - if (retval = krb5_copy_addresses(context, address, - &(*ppcreds)->addresses)) + if ((retval = krb5_copy_addresses(context, address, + &(*ppcreds)->addresses))) goto cleanup_keyblock; } - if (retval = encode_krb5_ticket(pkdcrep->ticket, &pdata)) + if ((retval = encode_krb5_ticket(pkdcrep->ticket, &pdata))) goto cleanup_keyblock; (*ppcreds)->ticket = *pdata; @@ -141,12 +141,12 @@ krb5_get_cred_via_tkt (context, tkt, kdcoptions, address, in_cred, out_cred) } */ - if (retval = krb5_send_tgs(context, kdcoptions, &in_cred->times, NULL, - in_cred->server, address, in_cred->authdata, - 0, /* no padata */ - (kdcoptions & KDC_OPT_ENC_TKT_IN_SKEY) ? - &in_cred->second_ticket : NULL, - tkt, &tgsrep)) + if ((retval = krb5_send_tgs(context, kdcoptions, &in_cred->times, NULL, + in_cred->server, address, in_cred->authdata, + 0, /* no padata */ + (kdcoptions & KDC_OPT_ENC_TKT_IN_SKEY) ? + &in_cred->second_ticket : NULL, + tkt, &tgsrep))) return retval; switch (tgsrep.message_type) { @@ -177,8 +177,9 @@ krb5_get_cred_via_tkt (context, tkt, kdcoptions, address, in_cred, out_cred) goto error_4; } - if (retval = krb5_decode_kdc_rep(context, &tgsrep.response, &tkt->keyblock, - tkt->keyblock.etype, &dec_rep)) + if ((retval = krb5_decode_kdc_rep(context, &tgsrep.response, + &tkt->keyblock, + tkt->keyblock.etype, &dec_rep))) goto error_4; if (dec_rep->msg_type != KRB5_TGS_REP) { diff --git a/src/lib/krb5/krb/gen_seqnum.c b/src/lib/krb5/krb/gen_seqnum.c index ec6e032..0dde74e 100644 --- a/src/lib/krb5/krb/gen_seqnum.c +++ b/src/lib/krb5/krb/gen_seqnum.c @@ -54,15 +54,15 @@ krb5_generate_seq_number(context, key, seqno) krb5_use_keytype(context, &eblock, key->keytype); - if (retval = krb5_init_random_key(context, &eblock, key, &random_state)) + if ((retval = krb5_init_random_key(context, &eblock, key, &random_state))) return(retval); - if (retval = krb5_random_key(context, &eblock, random_state, &subkey)) { + if ((retval = krb5_random_key(context, &eblock, random_state, &subkey))) { (void) krb5_finish_random_key(context, &eblock, &random_state); return retval; } /* ignore the error if any, since we've already gotten the key out */ - if (retval = krb5_finish_random_key(context, &eblock, &random_state)) { + if ((retval = krb5_finish_random_key(context, &eblock, &random_state))) { krb5_free_keyblock(context, subkey); return retval; } @@ -78,12 +78,12 @@ krb5_generate_seq_number(context, key, seqno) retval = ENOMEM; goto cleanup; } - if (retval = krb5_process_key(context, &eblock, subkey)) { + if ((retval = krb5_process_key(context, &eblock, subkey))) { goto cleanup; } - if (retval = krb5_us_timeofday(context, &timenow.seconds, - &timenow.microseconds)) { + if ((retval = krb5_us_timeofday(context, &timenow.seconds, + &timenow.microseconds))) { goto cleanup; } memcpy((char *)intmp, (char *)&timenow, sizeof(timenow)); diff --git a/src/lib/krb5/krb/gen_subkey.c b/src/lib/krb5/krb/gen_subkey.c index bd8ae4b..9d8ad84 100644 --- a/src/lib/krb5/krb/gen_subkey.c +++ b/src/lib/krb5/krb/gen_subkey.c @@ -41,7 +41,7 @@ krb5_generate_subkey(context, key, subkey) krb5_use_keytype(context, &eblock, key->keytype); - if (retval = krb5_init_random_key(context, &eblock, key, &random_state)) + if ((retval = krb5_init_random_key(context, &eblock, key, &random_state))) return(retval); *subkey = (krb5_keyblock *)malloc(sizeof(**subkey)); if (!*subkey) { @@ -49,7 +49,7 @@ krb5_generate_subkey(context, key, subkey) return ENOMEM; } - if (retval = krb5_random_key(context, &eblock, random_state, subkey)) { + if ((retval = krb5_random_key(context, &eblock, random_state, subkey))) { (void) krb5_finish_random_key(context, &eblock, &random_state); krb5_xfree(*subkey); return retval; diff --git a/src/lib/krb5/krb/get_creds.c b/src/lib/krb5/krb/get_creds.c index 2f6f0bc..8ea0bf9 100644 --- a/src/lib/krb5/krb/get_creds.c +++ b/src/lib/krb5/krb/get_creds.c @@ -91,7 +91,8 @@ krb5_get_credentials(context, options, ccache, in_creds, out_creds) ncreds->magic = KV5M_CREDS; /* The caller is now responsible for cleaning up in_creds */ - if (retval = krb5_cc_retrieve_cred(context,ccache,fields,&mcreds,ncreds)) { + if ((retval = krb5_cc_retrieve_cred(context, ccache, fields, &mcreds, + ncreds))) { krb5_xfree(ncreds); ncreds = in_creds; } else { @@ -105,7 +106,7 @@ krb5_get_credentials(context, options, ccache, in_creds, out_creds) if (tgts) { register int i = 0; while (tgts[i]) { - if (rv2 = krb5_cc_store_cred(context, ccache, tgts[i])) { + if ((rv2 = krb5_cc_store_cred(context, ccache, tgts[i]))) { retval = rv2; break; } diff --git a/src/lib/krb5/krb/get_in_tkt.c b/src/lib/krb5/krb/get_in_tkt.c index ed34087..b31f28e 100644 --- a/src/lib/krb5/krb/get_in_tkt.c +++ b/src/lib/krb5/krb/get_in_tkt.c @@ -158,7 +158,7 @@ krb5_get_in_tkt(context, options, addrs, etypes, ptypes, key_proc, keyseed, request.from = creds->times.starttime; request.till = creds->times.endtime; request.rtime = creds->times.renew_till; - if (retval = krb5_timeofday(context, &time_now)) + if ((retval = krb5_timeofday(context, &time_now))) goto cleanup; /* XXX we know they are the same size... */ @@ -191,7 +191,7 @@ krb5_get_in_tkt(context, options, addrs, etypes, ptypes, key_proc, keyseed, /* now decode the reply...could be error or as_rep */ if (krb5_is_krb_error(&reply)) { - if (retval = decode_krb5_error(&reply, &err_reply)) + if ((retval = decode_krb5_error(&reply, &err_reply))) /* some other error code--??? */ goto cleanup; @@ -232,7 +232,7 @@ krb5_get_in_tkt(context, options, addrs, etypes, ptypes, key_proc, keyseed, } goto cleanup; } - if (retval = decode_krb5_as_rep(&reply, &as_reply)) + if ((retval = decode_krb5_as_rep(&reply, &as_reply))) /* some other error code ??? */ goto cleanup; @@ -261,7 +261,7 @@ krb5_get_in_tkt(context, options, addrs, etypes, ptypes, key_proc, keyseed, } if (!use_salt) { /* need to use flattened principal */ - if (retval = krb5_principal2salt(context, creds->client, &salt)) + if ((retval = krb5_principal2salt(context, creds->client, &salt))) return(retval); f_salt = 1; } @@ -269,12 +269,12 @@ krb5_get_in_tkt(context, options, addrs, etypes, ptypes, key_proc, keyseed, /* it was a kdc_rep--decrypt & check */ /* Generate the key, if we haven't done so already. */ if (!decrypt_key) { - if (retval = (*key_proc)(context, keytype, & salt, keyseed, - &decrypt_key)) + if ((retval = (*key_proc)(context, keytype, & salt, keyseed, + &decrypt_key))) goto cleanup; } - if (retval = (*decrypt_proc)(context, decrypt_key, decryptarg, as_reply)) + if ((retval = (*decrypt_proc)(context, decrypt_key, decryptarg, as_reply))) goto cleanup; krb5_free_keyblock(context, decrypt_key); @@ -315,9 +315,9 @@ krb5_get_in_tkt(context, options, addrs, etypes, ptypes, key_proc, keyseed, /* XXX issue warning if as_reply->enc_part2->key_exp is nearby */ /* fill in the credentials */ - if (retval = krb5_copy_keyblock_contents(context, - as_reply->enc_part2->session, - &creds->keyblock)) + if ((retval = krb5_copy_keyblock_contents(context, + as_reply->enc_part2->session, + &creds->keyblock))) goto cleanup; creds->keyblock.etype = as_reply->ticket->enc_part.etype; @@ -325,21 +325,21 @@ krb5_get_in_tkt(context, options, addrs, etypes, ptypes, key_proc, keyseed, creds->is_skey = FALSE; /* this is an AS_REQ, so cannot be encrypted in skey */ creds->ticket_flags = as_reply->enc_part2->flags; - if (retval = krb5_copy_addresses(context, as_reply->enc_part2->caddrs, - &creds->addresses)) + if ((retval = krb5_copy_addresses(context, as_reply->enc_part2->caddrs, + &creds->addresses))) goto cred_cleanup; creds->second_ticket.length = 0; creds->second_ticket.data = 0; - if (retval = encode_krb5_ticket(as_reply->ticket, &packet)) + if ((retval = encode_krb5_ticket(as_reply->ticket, &packet))) goto cred_cleanup; creds->ticket = *packet; krb5_xfree(packet); /* store it in the ccache! */ - if (retval = krb5_cc_store_cred(context, ccache, creds)) + if ((retval = krb5_cc_store_cred(context, ccache, creds))) goto cred_cleanup; if (ret_as_reply) { diff --git a/src/lib/krb5/krb/in_tkt_ktb.c b/src/lib/krb5/krb/in_tkt_ktb.c index 29701cc..d5cbf11 100644 --- a/src/lib/krb5/krb/in_tkt_ktb.c +++ b/src/lib/krb5/krb/in_tkt_ktb.c @@ -65,16 +65,16 @@ keytab_keyproc(context, type, salt, keyseed, key) if (kt_id == NULL) /* Fetch from default keytab location */ - if (retval = krb5_kt_default(context, &kt_id)) + if ((retval = krb5_kt_default(context, &kt_id))) return retval; - if (retval = krb5_kt_get_entry(context, kt_id, arg->client, - 0, /* don't have vno available */ - type, &kt_ent)) + if ((retval = krb5_kt_get_entry(context, kt_id, arg->client, + 0, /* don't have vno available */ + type, &kt_ent))) return retval; - if (retval = krb5_copy_keyblock(context, &kt_ent.key, &realkey)) { + if ((retval = krb5_copy_keyblock(context, &kt_ent.key, &realkey))) { (void) krb5_kt_free_entry(context, &kt_ent); return retval; } diff --git a/src/lib/krb5/krb/in_tkt_pwd.c b/src/lib/krb5/krb/in_tkt_pwd.c index 2c899bf..7ef8705 100644 --- a/src/lib/krb5/krb/in_tkt_pwd.c +++ b/src/lib/krb5/krb/in_tkt_pwd.c @@ -60,8 +60,8 @@ pwd_keyproc(context, type, salt, keyseed, key) password = (krb5_data *)keyseed; if (!password->length) { - if (retval = krb5_read_password(context, krb5_default_pwd_prompt1, 0, - pwdbuf, &pwsize)) { + if ((retval = krb5_read_password(context, krb5_default_pwd_prompt1, 0, + pwdbuf, &pwsize))) { return retval; } password->length = pwsize; @@ -71,7 +71,7 @@ pwd_keyproc(context, type, salt, keyseed, key) if (!(*key = (krb5_keyblock *)malloc(sizeof(**key)))) return ENOMEM; - if (retval = krb5_string_to_key(context,&eblock,type,*key,password,salt)) + if ((retval = krb5_string_to_key(context,&eblock,type,*key,password,salt))) krb5_xfree(*key); return(retval); } @@ -112,7 +112,7 @@ krb5_get_in_tkt_with_password(context, options, addrs, etypes, pre_auth_types, krb5_data data; - if (data.data = (char *)password) { + if ((data.data = (char *)password)) { data.length = strlen(password); } else { data.length = 0; diff --git a/src/lib/krb5/krb/in_tkt_sky.c b/src/lib/krb5/krb/in_tkt_sky.c index ab5d24c..8cc03a0 100644 --- a/src/lib/krb5/krb/in_tkt_sky.c +++ b/src/lib/krb5/krb/in_tkt_sky.c @@ -61,7 +61,7 @@ skey_keyproc(context, type, salt, keyseed, key) if (!valid_keytype(type)) return KRB5_PROG_ETYPE_NOSUPP; - if (retval = krb5_copy_keyblock(context, keyblock, &realkey)) + if ((retval = krb5_copy_keyblock(context, keyblock, &realkey))) return retval; if (realkey->keytype != type) { diff --git a/src/lib/krb5/krb/init_ctx.c b/src/lib/krb5/krb/init_ctx.c index 7b69be4..c861bb1 100644 --- a/src/lib/krb5/krb/init_ctx.c +++ b/src/lib/krb5/krb/init_ctx.c @@ -41,10 +41,10 @@ krb5_init_context(context) ctx->magic = KV5M_CONTEXT; /* Set the default encryption types, possible defined in krb5/conf */ - if (retval = krb5_set_default_in_tkt_etypes(ctx, NULL)) + if ((retval = krb5_set_default_in_tkt_etypes(ctx, NULL))) goto cleanup; - if (retval = krb5_os_init_context(ctx)) + if ((retval = krb5_os_init_context(ctx))) goto cleanup; @@ -92,7 +92,7 @@ krb5_set_default_in_tkt_etypes(context, etypes) } /* Now copy the default etypes into the context pointer */ - if (new_etypes = (krb5_enctype *)malloc(sizeof(krb5_enctype) * i)) + if ((new_etypes = (krb5_enctype *)malloc(sizeof(krb5_enctype) * i))) memcpy(new_etypes, etypes, sizeof(krb5_enctype) * i); else return ENOMEM; @@ -101,7 +101,7 @@ krb5_set_default_in_tkt_etypes(context, etypes) i = 2; /* Should reset the list to the runtime defaults */ - if (new_etypes = (krb5_enctype *)malloc(sizeof(krb5_enctype) * i)) { + if ((new_etypes = (krb5_enctype *)malloc(sizeof(krb5_enctype) * i))) { new_etypes[0] = ETYPE_DES_CBC_MD5; new_etypes[1] = ETYPE_DES_CBC_CRC; } else { @@ -123,8 +123,8 @@ krb5_get_default_in_tkt_etypes(context, etypes) { krb5_enctype * old_etypes; - if (old_etypes = (krb5_enctype *)malloc(sizeof(krb5_enctype) * - (context->etype_count + 1))) { + if ((old_etypes = (krb5_enctype *)malloc(sizeof(krb5_enctype) * + (context->etype_count + 1)))) { memcpy(old_etypes, context->etypes, sizeof(krb5_enctype) * context->etype_count); old_etypes[context->etype_count] = 0; diff --git a/src/lib/krb5/krb/kdc_rep_dc.c b/src/lib/krb5/krb/kdc_rep_dc.c index 881a587..b1f9a7d 100644 --- a/src/lib/krb5/krb/kdc_rep_dc.c +++ b/src/lib/krb5/krb/kdc_rep_dc.c @@ -60,22 +60,22 @@ krb5_kdc_rep_decrypt_proc(context, key, decryptarg, dec_rep) krb5_use_cstype(context, &eblock, dec_rep->enc_part.etype); /* do any necessary key pre-processing */ - if (retval = krb5_process_key(context, &eblock, key)) { + if ((retval = krb5_process_key(context, &eblock, key))) { free(scratch.data); return(retval); } /* call the decryption routine */ - if (retval = krb5_decrypt(context, (krb5_pointer) dec_rep->enc_part.ciphertext.data, - (krb5_pointer) scratch.data, - scratch.length, &eblock, 0)) { + if ((retval = krb5_decrypt(context, (krb5_pointer) dec_rep->enc_part.ciphertext.data, + (krb5_pointer) scratch.data, + scratch.length, &eblock, 0))) { (void) krb5_finish_key(context, &eblock); free(scratch.data); return retval; } #define clean_scratch() {memset(scratch.data, 0, scratch.length); \ free(scratch.data);} - if (retval = krb5_finish_key(context, &eblock)) { + if ((retval = krb5_finish_key(context, &eblock))) { clean_scratch(); return retval; } diff --git a/src/lib/krb5/krb/mk_cred.c b/src/lib/krb5/krb/mk_cred.c index d5b5f4e..e476aaa 100644 --- a/src/lib/krb5/krb/mk_cred.c +++ b/src/lib/krb5/krb/mk_cred.c @@ -35,7 +35,7 @@ encrypt_credencpart(context, pcredpart, pkeyblock, pencdata) return KRB5_PROG_ETYPE_NOSUPP; /* start by encoding to-be-encrypted part of the message */ - if (retval = encode_krb5_enc_cred_part(pcredpart, &scratch)) + if ((retval = encode_krb5_enc_cred_part(pcredpart, &scratch))) return retval; /* put together an eblock for this encryption */ @@ -64,14 +64,14 @@ encrypt_credencpart(context, pcredpart, pkeyblock, pencdata) } /* do any necessary key pre-processing */ - if (retval = krb5_process_key(context, &eblock, pkeyblock)) { + if ((retval = krb5_process_key(context, &eblock, pkeyblock))) { goto clean_encpart; } /* call the encryption routine */ - if (retval = krb5_encrypt(context, (krb5_pointer)scratch->data, - (krb5_pointer)pencdata->ciphertext.data, - scratch->length, &eblock, 0)) { + if ((retval = krb5_encrypt(context, (krb5_pointer)scratch->data, + (krb5_pointer)pencdata->ciphertext.data, + scratch->length, &eblock, 0))) { krb5_finish_key(context, &eblock); goto clean_encpart; } @@ -142,24 +142,24 @@ krb5_mk_ncred_basic(context, ppcreds, nppcreds, keyblock, credenc.ticket_info[i]->times = ppcreds[i]->times; credenc.ticket_info[i]->flags = ppcreds[i]->ticket_flags; - if (retval = decode_krb5_ticket(&ppcreds[i]->ticket, - &pcred->tickets[i])) + if ((retval = decode_krb5_ticket(&ppcreds[i]->ticket, + &pcred->tickets[i]))) goto cleanup_info_ptrs; - if (retval = krb5_copy_keyblock(context, &ppcreds[i]->keyblock, - &credenc.ticket_info[i]->session)) + if ((retval = krb5_copy_keyblock(context, &ppcreds[i]->keyblock, + &credenc.ticket_info[i]->session))) goto cleanup_info_ptrs; - if (retval = krb5_copy_principal(context, ppcreds[i]->client, - &credenc.ticket_info[i]->client)) + if ((retval = krb5_copy_principal(context, ppcreds[i]->client, + &credenc.ticket_info[i]->client))) goto cleanup_info_ptrs; - if (retval = krb5_copy_principal(context, ppcreds[i]->server, - &credenc.ticket_info[i]->server)) + if ((retval = krb5_copy_principal(context, ppcreds[i]->server, + &credenc.ticket_info[i]->server))) goto cleanup_info_ptrs; - if (retval = krb5_copy_addresses(context, ppcreds[i]->addresses, - &credenc.ticket_info[i]->caddrs)) + if ((retval = krb5_copy_addresses(context, ppcreds[i]->addresses, + &credenc.ticket_info[i]->caddrs))) goto cleanup_info_ptrs; } @@ -236,8 +236,8 @@ krb5_mk_ncred(context, auth_context, ppcreds, ppdata, outdata) if ((auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_DO_TIME) || (auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_RET_TIME)) { - if (retval = krb5_us_timeofday(context, &replaydata.timestamp, - &replaydata.usec)) + if ((retval = krb5_us_timeofday(context, &replaydata.timestamp, + &replaydata.usec))) return retval; if (auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_RET_TIME) { outdata->timestamp = replaydata.timestamp; @@ -297,9 +297,9 @@ krb5_mk_ncred(context, auth_context, ppcreds, ppdata, outdata) } /* Setup creds structure */ - if (retval = krb5_mk_ncred_basic(context, ppcreds, ncred, keyblock, - &replaydata, plocal_fulladdr, - premote_fulladdr, pcred)) { + if ((retval = krb5_mk_ncred_basic(context, ppcreds, ncred, keyblock, + &replaydata, plocal_fulladdr, + premote_fulladdr, pcred))) { CLEANUP_DONE(); goto error; } @@ -310,14 +310,14 @@ krb5_mk_ncred(context, auth_context, ppcreds, ppdata, outdata) if (auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_DO_TIME) { krb5_donot_replay replay; - if (retval = krb5_gen_replay_name(context, auth_context->local_addr, - "_forw", &replay.client)) + if ((retval = krb5_gen_replay_name(context, auth_context->local_addr, + "_forw", &replay.client))) goto error; replay.server = ""; /* XXX */ replay.cusec = replaydata.usec; replay.ctime = replaydata.timestamp; - if (retval = krb5_rc_store(context, auth_context->rcache, &replay)) { + if ((retval = krb5_rc_store(context, auth_context->rcache, &replay))) { /* should we really error out here? XXX */ krb5_xfree(replay.client); goto error; @@ -362,7 +362,8 @@ krb5_mk_1cred(context, auth_context, pcreds, ppdata, outdata) ppcreds[0] = pcreds; ppcreds[1] = NULL; - if (retval = krb5_mk_ncred(context, auth_context, ppcreds, ppdata, outdata)) + if ((retval = krb5_mk_ncred(context, auth_context, ppcreds, + ppdata, outdata))) free(ppcreds); return retval; } diff --git a/src/lib/krb5/krb/mk_error.c b/src/lib/krb5/krb/mk_error.c index 1e772e5..292ffea 100644 --- a/src/lib/krb5/krb/mk_error.c +++ b/src/lib/krb5/krb/mk_error.c @@ -43,7 +43,7 @@ krb5_mk_error(context, dec_err, enc_err) krb5_error_code retval; krb5_data *new_enc_err; - if (retval = encode_krb5_error(dec_err, &new_enc_err)) + if ((retval = encode_krb5_error(dec_err, &new_enc_err))) return(retval); *enc_err = *new_enc_err; krb5_xfree(new_enc_err); diff --git a/src/lib/krb5/krb/mk_priv.c b/src/lib/krb5/krb/mk_priv.c index 5d5bd1f..7e9e37f 100644 --- a/src/lib/krb5/krb/mk_priv.c +++ b/src/lib/krb5/krb/mk_priv.c @@ -62,7 +62,7 @@ krb5_mk_priv_basic(context, userdata, keyblock, replaydata, local_addr, privmsg_enc_part.seq_number = replaydata->seq; /* start by encoding to-be-encrypted part of the message */ - if (retval = encode_krb5_enc_priv_part(&privmsg_enc_part, &scratch1)) + if ((retval = encode_krb5_enc_priv_part(&privmsg_enc_part, &scratch1))) return retval; /* put together an eblock for this encryption */ @@ -86,14 +86,13 @@ krb5_mk_priv_basic(context, userdata, keyblock, replaydata, local_addr, } /* do any necessary key pre-processing */ - if (retval = krb5_process_key(context, &eblock, keyblock)) + if ((retval = krb5_process_key(context, &eblock, keyblock))) goto clean_encpart; /* call the encryption routine */ - if (retval = krb5_encrypt(context, (krb5_pointer) scratch1->data, - (krb5_pointer) privmsg.enc_part.ciphertext.data, - scratch1->length, &eblock, - i_vector)) { + if ((retval = krb5_encrypt(context, (krb5_pointer) scratch1->data, + (krb5_pointer) privmsg.enc_part.ciphertext.data, + scratch1->length, &eblock, i_vector))) { krb5_finish_key(context, &eblock); goto clean_encpart; } @@ -106,13 +105,13 @@ krb5_mk_priv_basic(context, userdata, keyblock, replaydata, local_addr, eblock.crypto_entry->block_length), eblock.crypto_entry->block_length); - if (retval = encode_krb5_priv(&privmsg, &scratch2)) { + if ((retval = encode_krb5_priv(&privmsg, &scratch2))) { krb5_finish_key(context, &eblock); goto clean_encpart; } /* encode private message */ - if (retval = krb5_finish_key(context, &eblock)) + if ((retval = krb5_finish_key(context, &eblock))) goto clean_encpart; *outbuf = *scratch2; @@ -167,8 +166,8 @@ krb5_mk_priv(context, auth_context, userdata, outbuf, outdata) if ((auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_DO_TIME) || (auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_RET_TIME)) { - if (retval = krb5_us_timeofday(context, &replaydata.timestamp, - &replaydata.usec)) + if ((retval = krb5_us_timeofday(context, &replaydata.timestamp, + &replaydata.usec))) return retval; if (auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_RET_TIME) { outdata->timestamp = replaydata.timestamp; @@ -223,9 +222,9 @@ krb5_mk_priv(context, auth_context, userdata, outbuf, outdata) } } - if (retval = krb5_mk_priv_basic(context, userdata, keyblock, &replaydata, - plocal_fulladdr, premote_fulladdr, - auth_context->i_vector, outbuf)) { + if ((retval = krb5_mk_priv_basic(context, userdata, keyblock, &replaydata, + plocal_fulladdr, premote_fulladdr, + auth_context->i_vector, outbuf))) { CLEANUP_DONE(); goto error; } @@ -236,8 +235,8 @@ krb5_mk_priv(context, auth_context, userdata, outbuf, outdata) if (auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_DO_TIME) { krb5_donot_replay replay; - if (retval = krb5_gen_replay_name(context, auth_context->local_addr, - "_priv", &replay.client)) { + if ((retval = krb5_gen_replay_name(context, auth_context->local_addr, + "_priv", &replay.client))) { krb5_xfree(outbuf); goto error; } @@ -245,7 +244,7 @@ krb5_mk_priv(context, auth_context, userdata, outbuf, outdata) replay.server = ""; /* XXX */ replay.cusec = replaydata.usec; replay.ctime = replaydata.timestamp; - if (retval = krb5_rc_store(context, auth_context->rcache, &replay)) { + if ((retval = krb5_rc_store(context, auth_context->rcache, &replay))) { /* should we really error out here? XXX */ krb5_xfree(replay.client); goto error; diff --git a/src/lib/krb5/krb/mk_rep.c b/src/lib/krb5/krb/mk_rep.c index fcd231e..cea6404 100644 --- a/src/lib/krb5/krb/mk_rep.c +++ b/src/lib/krb5/krb/mk_rep.c @@ -64,8 +64,8 @@ krb5_mk_rep(context, auth_context, outbuf) if (((auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) || (auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_RET_SEQUENCE)) && (auth_context->local_seq_number == 0)) { - if (retval = krb5_generate_seq_number(context, auth_context->keyblock, - &auth_context->local_seq_number)) + if ((retval = krb5_generate_seq_number(context, auth_context->keyblock, + &auth_context->local_seq_number))) return(retval); } @@ -75,7 +75,7 @@ krb5_mk_rep(context, auth_context, outbuf) repl.seq_number = auth_context->local_seq_number; /* encode it before encrypting */ - if (retval = encode_krb5_ap_rep_enc_part(&repl, &scratch)) + if ((retval = encode_krb5_ap_rep_enc_part(&repl, &scratch))) return retval; /* put together an eblock for this encryption */ @@ -101,18 +101,18 @@ krb5_mk_rep(context, auth_context, outbuf) } /* do any necessary key pre-processing */ - if (retval = krb5_process_key(context, &eblock, auth_context->keyblock)) + if ((retval = krb5_process_key(context, &eblock, auth_context->keyblock))) goto cleanup_encpart; /* call the encryption routine */ - if (retval = krb5_encrypt(context, (krb5_pointer) scratch->data, - (krb5_pointer) reply.enc_part.ciphertext.data, - scratch->length, &eblock, 0)) { + if ((retval = krb5_encrypt(context, (krb5_pointer) scratch->data, + (krb5_pointer) reply.enc_part.ciphertext.data, + scratch->length, &eblock, 0))) { krb5_finish_key(context, &eblock); goto cleanup_encpart; } - if (retval = krb5_finish_key(context, &eblock)) + if ((retval = krb5_finish_key(context, &eblock))) goto cleanup_encpart; if (!(retval = encode_krb5_ap_rep(&reply, &toutbuf))) { diff --git a/src/lib/krb5/krb/mk_req.c b/src/lib/krb5/krb/mk_req.c index 9f1cd63..98b0b69 100644 --- a/src/lib/krb5/krb/mk_req.c +++ b/src/lib/krb5/krb/mk_req.c @@ -72,14 +72,14 @@ krb5_mk_req(context, auth_context, ap_req_options, service, hostname, in_data, /* obtain ticket & session key */ memset((char *)&creds, 0, sizeof(creds)); - if (retval = krb5_copy_principal(context, server, &creds.server)) + if ((retval = krb5_copy_principal(context, server, &creds.server))) goto cleanup_princ; - if (retval = krb5_cc_get_principal(context, ccache, &creds.client)) + if ((retval = krb5_cc_get_principal(context, ccache, &creds.client))) goto cleanup_creds; - if (retval = krb5_get_credentials(context, krb5_kdc_default_options, - ccache, &creds, &credsp)) + if ((retval = krb5_get_credentials(context, krb5_kdc_default_options, + ccache, &creds, &credsp))) goto cleanup_creds; retval = krb5_mk_req_extended(context, auth_context, ap_req_options, diff --git a/src/lib/krb5/krb/mk_req_ext.c b/src/lib/krb5/krb/mk_req_ext.c index b9cd8f4..48554e0 100644 --- a/src/lib/krb5/krb/mk_req_ext.c +++ b/src/lib/krb5/krb/mk_req_ext.c @@ -95,7 +95,7 @@ krb5_mk_req_extended(context, auth_context, ap_req_options, in_data, in_creds, return(KRB5_NO_TKT_SUPPLIED); /* we need a native ticket */ - if (retval = decode_krb5_ticket(&(in_creds)->ticket, &request.ticket)) + if ((retval = decode_krb5_ticket(&(in_creds)->ticket, &request.ticket))) return(retval); /* verify a valid etype is available */ @@ -106,29 +106,29 @@ krb5_mk_req_extended(context, auth_context, ap_req_options, in_data, in_creds, /* generate auth_context if needed */ if (*auth_context == NULL) { - if (retval = krb5_auth_con_init(context, &new_auth_context)) + if ((retval = krb5_auth_con_init(context, &new_auth_context))) goto cleanup; *auth_context = new_auth_context; } /* set auth context keyblock */ - if (retval = krb5_copy_keyblock(context, &in_creds->keyblock, - &((*auth_context)->keyblock))) + if ((retval = krb5_copy_keyblock(context, &in_creds->keyblock, + &((*auth_context)->keyblock)))) goto cleanup; /* generate seq number if needed */ if ((((*auth_context)->auth_context_flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) || ((*auth_context)->auth_context_flags & KRB5_AUTH_CONTEXT_RET_SEQUENCE)) && ((*auth_context)->local_seq_number == 0)) - if (retval = krb5_generate_seq_number(context, &in_creds->keyblock, - &(*auth_context)->local_seq_number)) + if ((retval = krb5_generate_seq_number(context, &in_creds->keyblock, + &(*auth_context)->local_seq_number))) goto cleanup; /* generate subkey if needed */ if ((ap_req_options & AP_OPTS_USE_SUBKEY)&&(!(*auth_context)->local_subkey)) - if (retval = krb5_generate_subkey(context, &(in_creds)->keyblock, - &(*auth_context)->local_subkey)) + if ((retval = krb5_generate_subkey(context, &(in_creds)->keyblock, + &(*auth_context)->local_subkey))) goto cleanup; @@ -145,12 +145,12 @@ krb5_mk_req_extended(context, auth_context, ap_req_options, in_data, in_creds, retval = ENOMEM; goto cleanup; } - if (retval = krb5_calculate_checksum(context, - (*auth_context)->cksumtype, - in_data->data, in_data->length, - (*auth_context)->keyblock->contents, - (*auth_context)->keyblock->length, - &checksum)) + if ((retval = krb5_calculate_checksum(context, + (*auth_context)->cksumtype, + in_data->data, in_data->length, + (*auth_context)->keyblock->contents, + (*auth_context)->keyblock->length, + &checksum))) goto cleanup_cksum; } checksump = &checksum; @@ -163,15 +163,17 @@ krb5_mk_req_extended(context, auth_context, ap_req_options, in_data, in_creds, goto cleanup_cksum; } - if (retval = krb5_generate_authenticator(context, (*auth_context)->authentp, - (in_creds)->client, checksump, - (*auth_context)->local_subkey, - (*auth_context)->local_seq_number, - (in_creds)->authdata)) + if ((retval = krb5_generate_authenticator(context, + (*auth_context)->authentp, + (in_creds)->client, checksump, + (*auth_context)->local_subkey, + (*auth_context)->local_seq_number, + (in_creds)->authdata))) goto cleanup_cksum; /* encode the authenticator */ - if (retval = encode_krb5_authenticator((*auth_context)->authentp, &scratch)) + if ((retval = encode_krb5_authenticator((*auth_context)->authentp, + &scratch))) goto cleanup_cksum; /* Null out these fields, to prevent pointer sharing problems; @@ -204,21 +206,21 @@ krb5_mk_req_extended(context, auth_context, ap_req_options, in_data, in_creds, } /* do any necessary key pre-processing */ - if (retval = krb5_process_key(context, &eblock, &(in_creds)->keyblock)) + if ((retval = krb5_process_key(context, &eblock, &(in_creds)->keyblock))) goto cleanup; /* call the encryption routine */ - if (retval = krb5_encrypt(context, (krb5_pointer) scratch->data, - (krb5_pointer) request.authenticator.ciphertext.data, - scratch->length, &eblock, 0)) { + if ((retval = krb5_encrypt(context, (krb5_pointer) scratch->data, + (krb5_pointer) request.authenticator.ciphertext.data, + scratch->length, &eblock, 0))) { krb5_finish_key(context, &eblock); goto cleanup_cksum; } - if (retval = krb5_finish_key(context, &eblock)) + if ((retval = krb5_finish_key(context, &eblock))) goto cleanup_cksum; - if (retval = encode_krb5_ap_req(&request, &toutbuf)) + if ((retval = encode_krb5_ap_req(&request, &toutbuf))) goto cleanup_cksum; #ifdef HAVE_C_STRUCTURE_ASSIGNMENT *outbuf = *toutbuf; diff --git a/src/lib/krb5/krb/mk_safe.c b/src/lib/krb5/krb/mk_safe.c index 06861fb..b105da8 100644 --- a/src/lib/krb5/krb/mk_safe.c +++ b/src/lib/krb5/krb/mk_safe.c @@ -87,7 +87,7 @@ krb5_mk_safe_basic(context, userdata, keyblock, replaydata, local_addr, safemsg.checksum = &safe_checksum; - if (retval = encode_krb5_safe(&safemsg, &scratch1)) + if ((retval = encode_krb5_safe(&safemsg, &scratch1))) return retval; if (!(safe_checksum.contents = @@ -95,14 +95,14 @@ krb5_mk_safe_basic(context, userdata, keyblock, replaydata, local_addr, retval = ENOMEM; goto cleanup_scratch; } - if (retval = krb5_calculate_checksum(context, sumtype, scratch1->data, - scratch1->length, - (krb5_pointer) keyblock->contents, - keyblock->length, &safe_checksum)) { + if ((retval = krb5_calculate_checksum(context, sumtype, scratch1->data, + scratch1->length, + (krb5_pointer) keyblock->contents, + keyblock->length, &safe_checksum))) { goto cleanup_checksum; } safemsg.checksum = &safe_checksum; - if (retval = encode_krb5_safe(&safemsg, &scratch2)) { + if ((retval = encode_krb5_safe(&safemsg, &scratch2))) { goto cleanup_checksum; } *outbuf = *scratch2; @@ -151,8 +151,8 @@ krb5_mk_safe(context, auth_context, userdata, outbuf, outdata) if ((auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_DO_TIME) || (auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_RET_TIME)) { - if (retval = krb5_us_timeofday(context, &replaydata.timestamp, - &replaydata.usec)) + if ((retval = krb5_us_timeofday(context, &replaydata.timestamp, + &replaydata.usec))) return retval; if (auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_RET_TIME) { outdata->timestamp = replaydata.timestamp; @@ -207,9 +207,9 @@ krb5_mk_safe(context, auth_context, userdata, outbuf, outdata) } } - if (retval = krb5_mk_safe_basic(context, userdata, keyblock, &replaydata, - plocal_fulladdr, premote_fulladdr, - auth_context->cksumtype, outbuf)) { + if ((retval = krb5_mk_safe_basic(context, userdata, keyblock, &replaydata, + plocal_fulladdr, premote_fulladdr, + auth_context->cksumtype, outbuf))) { CLEANUP_DONE(); goto error; } @@ -220,8 +220,8 @@ krb5_mk_safe(context, auth_context, userdata, outbuf, outdata) if (auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_DO_TIME) { krb5_donot_replay replay; - if (retval = krb5_gen_replay_name(context, auth_context->local_addr, - "_safe", &replay.client)) { + if ((retval = krb5_gen_replay_name(context, auth_context->local_addr, + "_safe", &replay.client))) { krb5_xfree(outbuf); goto error; } @@ -229,7 +229,7 @@ krb5_mk_safe(context, auth_context, userdata, outbuf, outdata) replay.server = ""; /* XXX */ replay.cusec = replaydata.usec; replay.ctime = replaydata.timestamp; - if (retval = krb5_rc_store(context, auth_context->rcache, &replay)) { + if ((retval = krb5_rc_store(context, auth_context->rcache, &replay))) { /* should we really error out here? XXX */ krb5_xfree(outbuf); goto error; diff --git a/src/lib/krb5/krb/parse.c b/src/lib/krb5/krb/parse.c index 8b862b7..bcc4a83 100644 --- a/src/lib/krb5/krb/parse.c +++ b/src/lib/krb5/krb/parse.c @@ -84,7 +84,7 @@ krb5_parse_name(context, name, nprincipal) * and get string sizes for the first FCOMPNUM components. */ size = 0; - for (i=0,cp = name; c = *cp; cp++) { + for (i=0,cp = name; (c = *cp); cp++) { if (c == QUOTECHAR) { cp++; if (!(c = *cp)) @@ -166,7 +166,7 @@ krb5_parse_name(context, name, nprincipal) if (components >= FCOMPNUM) { size = 0; parsed_realm = NULL; - for (i=0,cp = name; c = *cp; cp++) { + for (i=0,cp = name; (c = *cp); cp++) { if (c == QUOTECHAR) { cp++; size++; @@ -234,7 +234,7 @@ krb5_parse_name(context, name, nprincipal) * allocated. */ q = krb5_princ_component(context, principal, 0)->data; - for (i=0,cp = name; c = *cp; cp++) { + for (i=0,cp = name; (c = *cp); cp++) { if (c == QUOTECHAR) { cp++; switch (c = *cp) { diff --git a/src/lib/krb5/krb/preauth.c b/src/lib/krb5/krb/preauth.c index 24269e0..6645976 100644 --- a/src/lib/krb5/krb/preauth.c +++ b/src/lib/krb5/krb/preauth.c @@ -149,9 +149,9 @@ krb5_obtain_padata(context, type, client, src_addr, encrypt_key, ret_data) scratch.data[3] = data->length; /* Encrypt preauth data in encryption key */ - if (retval = krb5_encrypt(context, (krb5_pointer) data->contents, - (char *) scratch.data + 4, - data->length, &eblock, 0)) { + if ((retval = krb5_encrypt(context, (krb5_pointer) data->contents, + (char *) scratch.data + 4, + data->length, &eblock, 0))) { (void) krb5_finish_key(context, &eblock); free(scratch.data); goto error_out; diff --git a/src/lib/krb5/krb/rd_cred.c b/src/lib/krb5/krb/rd_cred.c index 05c99ac..0260b21 100644 --- a/src/lib/krb5/krb/rd_cred.c +++ b/src/lib/krb5/krb/rd_cred.c @@ -34,23 +34,23 @@ decrypt_credencdata(context, pcred, pkeyblock, pcredenc) return ENOMEM; /* do any necessary key pre-processing */ - if (retval = krb5_process_key(context, &eblock, pkeyblock)) + if ((retval = krb5_process_key(context, &eblock, pkeyblock))) goto cleanup; /* call the decryption routine */ - if (retval = krb5_decrypt(context, - (krb5_pointer) pcred->enc_part.ciphertext.data, - (krb5_pointer) scratch.data, - scratch.length, &eblock, 0)) { + if ((retval = krb5_decrypt(context, + (krb5_pointer) pcred->enc_part.ciphertext.data, + (krb5_pointer) scratch.data, + scratch.length, &eblock, 0))) { (void)krb5_finish_key(context, &eblock); goto cleanup; } - if (retval = krb5_finish_key(context, &eblock)) + if ((retval = krb5_finish_key(context, &eblock))) goto cleanup; /* now decode the decrypted stuff */ - if (retval = decode_krb5_enc_cred_part(&scratch, &ppart)) + if ((retval = decode_krb5_enc_cred_part(&scratch, &ppart))) goto cleanup_encpart; *pcredenc = *ppart; @@ -86,10 +86,10 @@ krb5_rd_cred_basic(context, pcreddata, pkeyblock, local_addr, remote_addr, krb5_cred_enc_part encpart; /* decode cred message */ - if (retval = decode_krb5_cred(pcreddata, &pcred)) + if ((retval = decode_krb5_cred(pcreddata, &pcred))) return retval; - if (retval = decrypt_credencdata(context, pcred, pkeyblock, &encpart)) + if ((retval = decrypt_credencdata(context, pcred, pkeyblock, &encpart))) goto cleanup_cred; if (!krb5_address_compare(context, remote_addr, encpart.s_address)) { @@ -106,7 +106,7 @@ krb5_rd_cred_basic(context, pcreddata, pkeyblock, local_addr, remote_addr, } else { krb5_address **our_addrs; - if (retval = krb5_os_localaddr(&our_addrs)) { + if ((retval = krb5_os_localaddr(&our_addrs))) { goto cleanup_cred; } if (!krb5_address_search(context, encpart.r_address, our_addrs)) { @@ -152,21 +152,23 @@ krb5_rd_cred_basic(context, pcreddata, pkeyblock, local_addr, remote_addr, pinfo = encpart.ticket_info[i++]; memset(pcur, 0, sizeof(krb5_creds)); - if (retval = krb5_copy_principal(context, pinfo->client, &pcur->client)) + if ((retval = krb5_copy_principal(context, pinfo->client, + &pcur->client))) goto cleanup; - if (retval = krb5_copy_principal(context, pinfo->server, &pcur->server)) + if ((retval = krb5_copy_principal(context, pinfo->server, + &pcur->server))) goto cleanup; - if (retval = krb5_copy_keyblock_contents(context, pinfo->session, - &pcur->keyblock)) + if ((retval = krb5_copy_keyblock_contents(context, pinfo->session, + &pcur->keyblock))) goto cleanup; - if (retval = krb5_copy_addresses(context, pinfo->caddrs, - &pcur->addresses)) + if ((retval = krb5_copy_addresses(context, pinfo->caddrs, + &pcur->addresses))) goto cleanup; - if (retval = encode_krb5_ticket(pcred->tickets[i - 1], &pdata)) + if ((retval = encode_krb5_ticket(pcred->tickets[i - 1], &pdata))) goto cleanup; pcur->ticket = *pdata; @@ -270,9 +272,9 @@ krb5_rd_cred(context, auth_context, pcreddata, pppcreds, outdata) } } - if (retval = krb5_rd_cred_basic(context, pcreddata, keyblock, - plocal_fulladdr, premote_fulladdr, - &replaydata, pppcreds)) { + if ((retval = krb5_rd_cred_basic(context, pcreddata, keyblock, + plocal_fulladdr, premote_fulladdr, + &replaydata, pppcreds))) { CLEANUP_DONE(); return retval; } @@ -285,7 +287,7 @@ krb5_rd_cred(context, auth_context, pcreddata, pppcreds, outdata) krb5_donot_replay replay; krb5_timestamp currenttime; - if (retval = krb5_timeofday(context, ¤ttime)) + if ((retval = krb5_timeofday(context, ¤ttime))) goto error; if (!in_clock_skew(replaydata.timestamp)) { @@ -293,14 +295,14 @@ krb5_rd_cred(context, auth_context, pcreddata, pppcreds, outdata) goto error; } - if (retval = krb5_gen_replay_name(context, auth_context->remote_addr, - "_forw", &replay.client)) + if ((retval = krb5_gen_replay_name(context, auth_context->remote_addr, + "_forw", &replay.client))) goto error; replay.server = ""; /* XXX */ replay.cusec = replaydata.usec; replay.ctime = replaydata.timestamp; - if (retval = krb5_rc_store(context, auth_context->rcache, &replay)) { + if ((retval = krb5_rc_store(context, auth_context->rcache, &replay))) { krb5_xfree(replay.client); goto error; } diff --git a/src/lib/krb5/krb/rd_priv.c b/src/lib/krb5/krb/rd_priv.c index c8d3565..00ccd28 100644 --- a/src/lib/krb5/krb/rd_priv.c +++ b/src/lib/krb5/krb/rd_priv.c @@ -74,7 +74,7 @@ krb5_rd_priv_basic(context, inbuf, keyblock, local_addr, remote_addr, return KRB5KRB_AP_ERR_MSG_TYPE; /* decode private message */ - if (retval = decode_krb5_priv(inbuf, &privmsg)) + if ((retval = decode_krb5_priv(inbuf, &privmsg))) return retval; if (!valid_etype(privmsg->enc_part.etype)) { @@ -92,14 +92,14 @@ krb5_rd_priv_basic(context, inbuf, keyblock, local_addr, remote_addr, } /* do any necessary key pre-processing */ - if (retval = krb5_process_key(context, &eblock, keyblock)) + if ((retval = krb5_process_key(context, &eblock, keyblock))) goto cleanup_scratch; /* call the decryption routine */ - if (retval = krb5_decrypt(context, - (krb5_pointer) privmsg->enc_part.ciphertext.data, - (krb5_pointer) scratch.data, - scratch.length, &eblock, i_vector)) { + if ((retval = krb5_decrypt(context, + (krb5_pointer) privmsg->enc_part.ciphertext.data, + (krb5_pointer) scratch.data, + scratch.length, &eblock, i_vector))) { krb5_finish_key(context, &eblock); goto cleanup_scratch; } @@ -112,11 +112,11 @@ krb5_rd_priv_basic(context, inbuf, keyblock, local_addr, remote_addr, eblock.crypto_entry->block_length), eblock.crypto_entry->block_length); - if (retval = krb5_finish_key(context, &eblock)) + if ((retval = krb5_finish_key(context, &eblock))) goto cleanup_scratch; /* now decode the decrypted stuff */ - if (retval = decode_krb5_enc_priv_part(&scratch, &privmsg_enc_part)) + if ((retval = decode_krb5_enc_priv_part(&scratch, &privmsg_enc_part))) goto cleanup_scratch; if (!krb5_address_compare(context,remote_addr,privmsg_enc_part->s_address)){ @@ -134,7 +134,7 @@ krb5_rd_priv_basic(context, inbuf, keyblock, local_addr, remote_addr, } else { krb5_address **our_addrs; - if (retval = krb5_os_localaddr(&our_addrs)) { + if ((retval = krb5_os_localaddr(&our_addrs))) { goto cleanup_data; } if (!krb5_address_search(context, privmsg_enc_part->r_address, @@ -236,9 +236,11 @@ krb5_rd_priv(context, auth_context, inbuf, outbuf, outdata) } } - if (retval = krb5_rd_priv_basic(context, inbuf, keyblock, plocal_fulladdr, - premote_fulladdr, auth_context->i_vector, - &replaydata, outbuf)) { + if ((retval = krb5_rd_priv_basic(context, inbuf, keyblock, + plocal_fulladdr, + premote_fulladdr, + auth_context->i_vector, + &replaydata, outbuf))) { CLEANUP_DONE(); return retval; } @@ -250,7 +252,7 @@ krb5_rd_priv(context, auth_context, inbuf, outbuf, outdata) krb5_donot_replay replay; krb5_timestamp currenttime; - if (retval = krb5_timeofday(context, ¤ttime)) + if ((retval = krb5_timeofday(context, ¤ttime))) goto error; if (!in_clock_skew(replaydata.timestamp)) { @@ -258,14 +260,14 @@ krb5_rd_priv(context, auth_context, inbuf, outbuf, outdata) goto error; } - if (retval = krb5_gen_replay_name(context, auth_context->remote_addr, - "_priv", &replay.client)) + if ((retval = krb5_gen_replay_name(context, auth_context->remote_addr, + "_priv", &replay.client))) goto error; replay.server = ""; /* XXX */ replay.cusec = replaydata.usec; replay.ctime = replaydata.timestamp; - if (retval = krb5_rc_store(context, auth_context->rcache, &replay)) { + if ((retval = krb5_rc_store(context, auth_context->rcache, &replay))) { krb5_xfree(replay.client); goto error; } diff --git a/src/lib/krb5/krb/rd_rep.c b/src/lib/krb5/krb/rd_rep.c index bc253e2..2a96f4c 100644 --- a/src/lib/krb5/krb/rd_rep.c +++ b/src/lib/krb5/krb/rd_rep.c @@ -55,7 +55,7 @@ krb5_rd_rep(context, auth_context, inbuf, repl) /* decode it */ - if (retval = decode_krb5_ap_rep(inbuf, &reply)) + if ((retval = decode_krb5_ap_rep(inbuf, &reply))) return retval; /* put together an eblock for this encryption */ @@ -73,21 +73,22 @@ krb5_rd_rep(context, auth_context, inbuf, repl) } /* do any necessary key pre-processing */ - if (retval = krb5_process_key(context, &eblock, auth_context->keyblock)) { + if ((retval = krb5_process_key(context, &eblock, + auth_context->keyblock))) { goto errout; } /* call the encryption routine */ - if (retval = krb5_decrypt(context, - (krb5_pointer) reply->enc_part.ciphertext.data, - (krb5_pointer) scratch.data, - scratch.length, &eblock, 0)) { + if ((retval = krb5_decrypt(context, + (krb5_pointer) reply->enc_part.ciphertext.data, + (krb5_pointer) scratch.data, + scratch.length, &eblock, 0))) { (void) krb5_finish_key(context, &eblock); goto errout; } /* finished with the top-level encoding of the ap_rep */ - if (retval = krb5_finish_key(context, &eblock)) + if ((retval = krb5_finish_key(context, &eblock))) goto clean_scratch; /* now decode the decrypted stuff */ diff --git a/src/lib/krb5/krb/rd_req.c b/src/lib/krb5/krb/rd_req.c index a2dfb3c..35c3483 100644 --- a/src/lib/krb5/krb/rd_req.c +++ b/src/lib/krb5/krb/rd_req.c @@ -60,7 +60,7 @@ krb5_rd_req(context, auth_context, inbuf, server, keytab, if (!krb5_is_ap_req(inbuf)) return KRB5KRB_AP_ERR_MSG_TYPE; - if (retval = decode_krb5_ap_req(inbuf, &request)) { + if ((retval = decode_krb5_ap_req(inbuf, &request))) { switch (retval) { case KRB5_BADMSGTYPE: return KRB5KRB_AP_ERR_BADVERSION; @@ -72,21 +72,21 @@ krb5_rd_req(context, auth_context, inbuf, server, keytab, /* Get an auth context if necessary. */ new_auth_context = NULL; if (*auth_context == NULL) { - if (retval = krb5_auth_con_init(context, &new_auth_context)) + if ((retval = krb5_auth_con_init(context, &new_auth_context))) goto cleanup_request; *auth_context = new_auth_context; } /* Get an rcache if necessary. */ if (((*auth_context)->rcache == NULL) && server) { - if (retval = krb5_get_server_rcache(context, - krb5_princ_component(context,server,0), &(*auth_context)->rcache)) + if ((retval = krb5_get_server_rcache(context, + krb5_princ_component(context,server,0), &(*auth_context)->rcache))) goto cleanup_auth_context; } /* Get a keytab if necessary. */ if (keytab == NULL) { - if (retval = krb5_kt_default(context, &new_keytab)) + if ((retval = krb5_kt_default(context, &new_keytab))) goto cleanup_auth_context; keytab = new_keytab; } diff --git a/src/lib/krb5/krb/rd_req_dec.c b/src/lib/krb5/krb/rd_req_dec.c index 0cee98c..f90d439 100644 --- a/src/lib/krb5/krb/rd_req_dec.c +++ b/src/lib/krb5/krb/rd_req_dec.c @@ -79,11 +79,12 @@ krb5_rd_req_decrypt_tkt_part(context, req, keytab) */ keytype = krb5_csarray[req->ticket->enc_part.etype]->system->proto_keytype; - if (retval = krb5_kt_get_entry(context, keytab, req->ticket->server, - req->ticket->enc_part.kvno, keytype, &ktent)) + if ((retval = krb5_kt_get_entry(context, keytab, req->ticket->server, + req->ticket->enc_part.kvno, + keytype, &ktent))) return retval; - if (retval = krb5_decrypt_tkt_part(context, &ktent.key, req->ticket)) + if ((retval = krb5_decrypt_tkt_part(context, &ktent.key, req->ticket))) return retval; (void) krb5_kt_free_entry(context, &ktent); @@ -112,18 +113,18 @@ krb5_rd_req_decoded(context, auth_context, req, server, keytab, /* decrypt the ticket */ if ((*auth_context)->keyblock) { /* User to User authentication */ - if (retval = krb5_decrypt_tkt_part(context, (*auth_context)->keyblock, - req->ticket)) + if ((retval = krb5_decrypt_tkt_part(context, (*auth_context)->keyblock, + req->ticket))) return retval; krb5_free_keyblock(context, (*auth_context)->keyblock); (*auth_context)->keyblock = NULL; } else { - if (retval = krb5_rd_req_decrypt_tkt_part(context, req, keytab)) + if ((retval = krb5_rd_req_decrypt_tkt_part(context, req, keytab))) return retval; } - if (retval = decrypt_authenticator(context, req, - &((*auth_context)->authentp))) + if ((retval = decrypt_authenticator(context, req, + &((*auth_context)->authentp)))) goto cleanup; if (!krb5_principal_compare(context, (*auth_context)->authentp->client, @@ -270,7 +271,7 @@ krb5_rd_req_decoded(context, auth_context, req, server, keytab, } if (ticket) - if (retval = krb5_copy_ticket(context, req->ticket, ticket)) + if ((retval = krb5_copy_ticket(context, req->ticket, ticket))) goto cleanup; if (ap_req_options) *ap_req_options = req->ap_options; @@ -315,23 +316,23 @@ decrypt_authenticator(context, request, authpp) return(ENOMEM); /* do any necessary key pre-processing */ - if (retval = krb5_process_key(context, &eblock, sesskey)) { + if ((retval = krb5_process_key(context, &eblock, sesskey))) { free(scratch.data); return(retval); } /* call the encryption routine */ - if (retval = krb5_decrypt(context, - (krb5_pointer)request->authenticator.ciphertext.data, - (krb5_pointer)scratch.data, - scratch.length, &eblock, 0)) { + if ((retval = krb5_decrypt(context, + (krb5_pointer)request->authenticator.ciphertext.data, + (krb5_pointer)scratch.data, + scratch.length, &eblock, 0))) { (void) krb5_finish_key(context, &eblock); free(scratch.data); return retval; } #define clean_scratch() {memset(scratch.data, 0, scratch.length); \ free(scratch.data);} - if (retval = krb5_finish_key(context, &eblock)) { + if ((retval = krb5_finish_key(context, &eblock))) { clean_scratch(); return retval; diff --git a/src/lib/krb5/krb/rd_safe.c b/src/lib/krb5/krb/rd_safe.c index 676d4d3..2e4a2fc 100644 --- a/src/lib/krb5/krb/rd_safe.c +++ b/src/lib/krb5/krb/rd_safe.c @@ -64,7 +64,7 @@ krb5_rd_safe_basic(context, inbuf, keyblock, recv_addr, sender_addr, if (!krb5_is_krb_safe(inbuf)) return KRB5KRB_AP_ERR_MSG_TYPE; - if (retval = decode_krb5_safe(inbuf, &message)) + if ((retval = decode_krb5_safe(inbuf, &message))) return retval; if (!valid_cksumtype(message->checksum->checksum_type)) { @@ -91,7 +91,7 @@ krb5_rd_safe_basic(context, inbuf, keyblock, recv_addr, sender_addr, } else { krb5_address **our_addrs; - if (retval = krb5_os_localaddr( &our_addrs)) + if ((retval = krb5_os_localaddr( &our_addrs))) goto cleanup; if (!krb5_address_search(context, message->r_address, our_addrs)) { @@ -115,7 +115,7 @@ krb5_rd_safe_basic(context, inbuf, keyblock, recv_addr, sender_addr, message->checksum = &our_cksum; - if (retval = encode_krb5_safe(message, &scratch)) + if ((retval = encode_krb5_safe(message, &scratch))) goto cleanup; message->checksum = his_cksum; @@ -226,8 +226,9 @@ krb5_rd_safe(context, auth_context, inbuf, outbuf, outdata) } } - if (retval = krb5_rd_safe_basic(context, inbuf, keyblock, plocal_fulladdr, - premote_fulladdr, &replaydata, outbuf)) { + if ((retval = krb5_rd_safe_basic(context, inbuf, keyblock, + plocal_fulladdr, premote_fulladdr, + &replaydata, outbuf))) { CLEANUP_DONE(); return retval; } @@ -240,7 +241,7 @@ krb5_rd_safe(context, auth_context, inbuf, outbuf, outdata) krb5_donot_replay replay; krb5_timestamp currenttime; - if (retval = krb5_timeofday(context, ¤ttime)) + if ((retval = krb5_timeofday(context, ¤ttime))) goto error; if (!in_clock_skew(replaydata.timestamp)) { @@ -248,14 +249,14 @@ krb5_rd_safe(context, auth_context, inbuf, outbuf, outdata) goto error; } - if (retval = krb5_gen_replay_name(context, auth_context->remote_addr, - "_safe", &replay.client)) + if ((retval = krb5_gen_replay_name(context, auth_context->remote_addr, + "_safe", &replay.client))) goto error; replay.server = ""; /* XXX */ replay.cusec = replaydata.usec; replay.ctime = replaydata.timestamp; - if (retval = krb5_rc_store(context, auth_context->rcache, &replay)) { + if ((retval = krb5_rc_store(context, auth_context->rcache, &replay))) { krb5_xfree(replay.client); goto error; } diff --git a/src/lib/krb5/krb/recvauth.c b/src/lib/krb5/krb/recvauth.c index 7ef5979..2cfdf48 100644 --- a/src/lib/krb5/krb/recvauth.c +++ b/src/lib/krb5/krb/recvauth.c @@ -73,7 +73,7 @@ krb5_recvauth(context, auth_context, /* * First read the sendauth version string and check it. */ - if (retval = krb5_read_message(context, fd, &inbuf)) + if ((retval = krb5_read_message(context, fd, &inbuf))) return(retval); if (strcmp(inbuf.data, sendauth_version)) { krb5_xfree(inbuf.data); @@ -87,7 +87,7 @@ krb5_recvauth(context, auth_context, /* * Do the same thing for the application version string. */ - if (retval = krb5_read_message(context, fd, &inbuf)) + if ((retval = krb5_read_message(context, fd, &inbuf))) return(retval); if (strcmp(inbuf.data, appl_version)) { krb5_xfree(inbuf.data); @@ -151,7 +151,8 @@ krb5_recvauth(context, auth_context, * If the rc_recover() didn't work, then try * initializing the replay cache. */ - if (problem = krb5_rc_initialize(context, rcache, krb5_clockskew)) { + if ((problem = krb5_rc_initialize(context, rcache, + krb5_clockskew))) { krb5_rc_close(context, rcache); rcache = NULL; } @@ -161,7 +162,7 @@ krb5_recvauth(context, auth_context, /* * Now, let's read the AP_REQ message and decode it */ - if (retval = krb5_read_message(context, fd, &inbuf)) { + if ((retval = krb5_read_message(context, fd, &inbuf))) { if (problem) /* Return top level problem */ retval = problem; goto cleanup; @@ -204,7 +205,7 @@ krb5_recvauth(context, auth_context, goto cleanup; } strcpy(error.text.data, message); - if (retval = krb5_mk_error(context, &error, &outbuf)) { + if ((retval = krb5_mk_error(context, &error, &outbuf))) { free(error.text.data); goto cleanup; } @@ -228,7 +229,7 @@ krb5_recvauth(context, auth_context, /* Here lies the mutual authentication stuff... */ if ((ap_option & AP_OPTS_MUTUAL_REQUIRED)) { - if (retval = krb5_mk_rep(context, *auth_context, &outbuf)) { + if ((retval = krb5_mk_rep(context, *auth_context, &outbuf))) { return(retval); } retval = krb5_write_message(context, fd, &outbuf); diff --git a/src/lib/krb5/krb/send_tgs.c b/src/lib/krb5/krb/send_tgs.c index 8a31203..64331d8 100644 --- a/src/lib/krb5/krb/send_tgs.c +++ b/src/lib/krb5/krb/send_tgs.c @@ -66,10 +66,11 @@ krb5_send_tgs_basic(context, in_data, in_cred, outbuf) malloc(krb5_checksum_size(context, krb5_kdc_req_sumtype))) == NULL) return(ENOMEM); - if (retval = krb5_calculate_checksum(context, krb5_kdc_req_sumtype, - in_data->data, in_data->length, - (krb5_pointer) in_cred->keyblock.contents, - in_cred->keyblock.length, &checksum)) { + if ((retval = krb5_calculate_checksum(context, krb5_kdc_req_sumtype, + in_data->data, in_data->length, + (krb5_pointer) in_cred->keyblock.contents, + in_cred->keyblock.length, + &checksum))) { free(checksum.contents); return(retval); } @@ -80,13 +81,14 @@ krb5_send_tgs_basic(context, in_data, in_cred, outbuf) authent.checksum = &checksum; authent.client = in_cred->client; authent.authorization_data = in_cred->authdata; - if (retval = krb5_us_timeofday(context, &authent.ctime, &authent.cusec)) { + if ((retval = krb5_us_timeofday(context, &authent.ctime, + &authent.cusec))) { free(checksum.contents); return(retval); } /* encode the authenticator */ - if (retval = encode_krb5_authenticator(&authent, &scratch)) { + if ((retval = encode_krb5_authenticator(&authent, &scratch))) { free(checksum.contents); return(retval); } @@ -98,7 +100,7 @@ krb5_send_tgs_basic(context, in_data, in_cred, outbuf) request.ap_options = 0; request.ticket = 0; - if (retval = decode_krb5_ticket(&(in_cred)->ticket, &request.ticket)) + if ((retval = decode_krb5_ticket(&(in_cred)->ticket, &request.ticket))) /* Cleanup scratch and scratch data */ goto cleanup_data; @@ -126,18 +128,18 @@ krb5_send_tgs_basic(context, in_data, in_cred, outbuf) } /* do any necessary key pre-processing */ - if (retval = krb5_process_key(context, &eblock, &(in_cred)->keyblock)) + if ((retval = krb5_process_key(context, &eblock, &(in_cred)->keyblock))) goto cleanup; /* call the encryption routine */ - if (retval=krb5_encrypt(context, (krb5_pointer) scratch->data, - (krb5_pointer)request.authenticator.ciphertext.data, - scratch->length, &eblock, 0)) { + if ((retval=krb5_encrypt(context, (krb5_pointer) scratch->data, + (krb5_pointer)request.authenticator.ciphertext.data, + scratch->length, &eblock, 0))) { krb5_finish_key(context, &eblock); goto cleanup; } - if (retval = krb5_finish_key(context, &eblock)) + if ((retval = krb5_finish_key(context, &eblock))) goto cleanup; retval = encode_krb5_ap_req(&request, &toutbuf); @@ -201,7 +203,7 @@ krb5_send_tgs(context, kdcoptions, timestruct, etypes, sname, addrs, tgsreq.from = timestruct->starttime; tgsreq.till = timestruct->endtime; tgsreq.rtime = timestruct->renew_till; - if (retval = krb5_timeofday(context, &time_now)) + if ((retval = krb5_timeofday(context, &time_now))) return(retval); /* XXX we know they are the same size... */ tgsreq.nonce = (krb5_int32) time_now; @@ -212,8 +214,8 @@ krb5_send_tgs(context, kdcoptions, timestruct, etypes, sname, addrs, /* need to encrypt it in the request */ krb5_encrypt_block eblock; - if (retval = encode_krb5_authdata((const krb5_authdata**)authorization_data, - &scratch)) + if ((retval = encode_krb5_authdata((const krb5_authdata**)authorization_data, + &scratch))) return(retval); krb5_use_cstype(context, &eblock, in_cred->keyblock.etype); tgsreq.authorization_data.etype = in_cred->keyblock.etype; @@ -235,21 +237,22 @@ krb5_send_tgs(context, kdcoptions, timestruct, etypes, sname, addrs, krb5_free_data(context, scratch); return ENOMEM; } - if (retval = krb5_process_key(context, &eblock, &in_cred->keyblock)) { + if ((retval = krb5_process_key(context, &eblock, + &in_cred->keyblock))) { krb5_free_data(context, scratch); return retval; } /* call the encryption routine */ - if (retval = krb5_encrypt(context, (krb5_pointer) scratch->data, - (krb5_pointer) tgsreq.authorization_data.ciphertext.data, - scratch->length, &eblock, 0)) { + if ((retval = krb5_encrypt(context, (krb5_pointer) scratch->data, + (krb5_pointer) tgsreq.authorization_data.ciphertext.data, + scratch->length, &eblock, 0))) { (void) krb5_finish_key(context, &eblock); krb5_xfree(tgsreq.authorization_data.ciphertext.data); krb5_free_data(context, scratch); return retval; } krb5_free_data(context, scratch); - if (retval = krb5_finish_key(context, &eblock)) { + if ((retval = krb5_finish_key(context, &eblock))) { krb5_xfree(tgsreq.authorization_data.ciphertext.data); return retval; } @@ -270,7 +273,7 @@ krb5_send_tgs(context, kdcoptions, timestruct, etypes, sname, addrs, } if (second_ticket) { - if (retval = decode_krb5_ticket(second_ticket, &sec_ticket)) + if ((retval = decode_krb5_ticket(second_ticket, &sec_ticket))) goto send_tgs_error_1; sec_ticket_arr[0] = sec_ticket; sec_ticket_arr[1] = 0; @@ -279,13 +282,13 @@ krb5_send_tgs(context, kdcoptions, timestruct, etypes, sname, addrs, tgsreq.second_ticket = 0; /* encode the body; then checksum it */ - if (retval = encode_krb5_kdc_req_body(&tgsreq, &scratch)) + if ((retval = encode_krb5_kdc_req_body(&tgsreq, &scratch))) goto send_tgs_error_2; /* * Get an ap_req. */ - if (retval = krb5_send_tgs_basic(context, scratch, in_cred, &scratch2)) { + if ((retval = krb5_send_tgs_basic(context, scratch, in_cred, &scratch2))) { krb5_free_data(context, scratch); goto send_tgs_error_2; } @@ -323,7 +326,7 @@ krb5_send_tgs(context, kdcoptions, timestruct, etypes, sname, addrs, tgsreq.padata = combined_padata; /* the TGS_REQ is assembled in tgsreq, so encode it */ - if (retval = encode_krb5_tgs_req(&tgsreq, &scratch)) { + if ((retval = encode_krb5_tgs_req(&tgsreq, &scratch))) { krb5_xfree(ap_req_padata.contents); krb5_xfree(combined_padata); goto send_tgs_error_2; diff --git a/src/lib/krb5/krb/sendauth.c b/src/lib/krb5/krb/sendauth.c index dca998c..bd2fc02 100644 --- a/src/lib/krb5/krb/sendauth.c +++ b/src/lib/krb5/krb/sendauth.c @@ -83,11 +83,11 @@ krb5_sendauth(context, auth_context, */ outbuf.length = strlen(sendauth_version) + 1; outbuf.data = sendauth_version; - if (retval = krb5_write_message(context, fd, &outbuf)) + if ((retval = krb5_write_message(context, fd, &outbuf))) return(retval); outbuf.length = strlen(appl_version) + 1; outbuf.data = appl_version; - if (retval = krb5_write_message(context, fd, &outbuf)) + if ((retval = krb5_write_message(context, fd, &outbuf))) return(retval); /* * Now, read back a byte: 0 means no error, 1 means bad sendauth @@ -118,11 +118,12 @@ krb5_sendauth(context, auth_context, if (!in_creds || !in_creds->ticket.length) { if (ccache) use_ccache = ccache; - else if (retval = krb5_cc_default(context, &use_ccache)) + else if ((retval = krb5_cc_default(context, &use_ccache))) goto error_return; } if (!in_creds) { - if (retval = krb5_copy_principal(context, server, &creds.server)) + if ((retval = krb5_copy_principal(context, server, + &creds.server))) goto error_return; if (client) retval = krb5_copy_principal(context, client, @@ -142,16 +143,16 @@ krb5_sendauth(context, auth_context, in_creds = &creds; } if (!in_creds->ticket.length) { - if (retval = krb5_get_credentials(context, kdc_options, use_ccache, - in_creds, &credsp)) + if ((retval = krb5_get_credentials(context, kdc_options, + use_ccache, in_creds, &credsp))) goto error_return; credspout = credsp; } else { credsp = in_creds; } - if (retval = krb5_mk_req_extended(context, auth_context, ap_req_options, - in_data, credsp, &outbuf)) + if ((retval = krb5_mk_req_extended(context, auth_context, ap_req_options, + in_data, credsp, &outbuf))) goto error_return; /* @@ -169,12 +170,12 @@ krb5_sendauth(context, auth_context, * authentication was rejected, and we need to return the * error structure. */ - if (retval = krb5_read_message(context, fd, &inbuf)) + if ((retval = krb5_read_message(context, fd, &inbuf))) goto error_return; if (inbuf.length) { if (error) { - if (retval = krb5_rd_error(context, &inbuf, error)) { + if ((retval = krb5_rd_error(context, &inbuf, error))) { krb5_xfree(inbuf.data); goto error_return; } @@ -191,10 +192,11 @@ krb5_sendauth(context, auth_context, if ((ap_req_options & AP_OPTS_MUTUAL_REQUIRED)) { krb5_ap_rep_enc_part *repl = 0; - if (retval = krb5_read_message(context, fd, &inbuf)) + if ((retval = krb5_read_message(context, fd, &inbuf))) goto error_return; - if (retval = krb5_rd_rep(context, *auth_context, &inbuf, &repl)) { + if ((retval = krb5_rd_rep(context, *auth_context, &inbuf, + &repl))) { if (repl) krb5_free_ap_rep_enc_part(context, repl); krb5_xfree(inbuf.data); diff --git a/src/lib/krb5/krb/srv_rcache.c b/src/lib/krb5/krb/srv_rcache.c index 32e87f4..8c88edd 100644 --- a/src/lib/krb5/krb/srv_rcache.c +++ b/src/lib/krb5/krb/srv_rcache.c @@ -80,7 +80,7 @@ krb5_get_server_rcache(context, piece, rcptr) } cachename[p++] = '\0'; - if (retval = krb5_rc_resolve(context, rcache, cachename)) + if ((retval = krb5_rc_resolve(context, rcache, cachename))) goto cleanup; /* @@ -88,7 +88,7 @@ krb5_get_server_rcache(context, piece, rcptr) * initialize it. */ if (krb5_rc_recover(context, rcache)) { - if (retval = krb5_rc_initialize(context, rcache, krb5_clockskew)) { + if ((retval = krb5_rc_initialize(context, rcache, krb5_clockskew))) { krb5_rc_close(context, rcache); rcache = 0; goto cleanup; diff --git a/src/lib/krb5/krb/walk_rtree.c b/src/lib/krb5/krb/walk_rtree.c index 3e3945b..85d6674 100644 --- a/src/lib/krb5/krb/walk_rtree.c +++ b/src/lib/krb5/krb/walk_rtree.c @@ -129,8 +129,7 @@ krb5_walk_realm_tree(context, client, server, tree, realm_branch_char) return ENOMEM; } i = 1; - if (retval = krb5_tgtname(context, client, - client, &rettree[0])) { + if ((retval = krb5_tgtname(context, client, client, &rettree[0]))) { krb5_xfree(rettree); return retval; } @@ -146,7 +145,8 @@ krb5_walk_realm_tree(context, client, server, tree, realm_branch_char) tmpsrealm.data = ccp; tmpsrealm.length = client->length - (ccp - client->data); - if (retval = krb5_tgtname(context, &tmpsrealm, &tmpcrealm, &rettree[i])) { + if ((retval = krb5_tgtname(context, &tmpsrealm, &tmpcrealm, + &rettree[i]))) { while (i) { krb5_free_principal(context, rettree[i-1]); i--; @@ -164,7 +164,8 @@ krb5_walk_realm_tree(context, client, server, tree, realm_branch_char) tmpsrealm.data = com_sdot + 1; tmpsrealm.length = server->length - (com_sdot + 1 - server->data); - if (retval = krb5_tgtname(context, &tmpsrealm, &tmpcrealm, &rettree[i])) { + if ((retval = krb5_tgtname(context, &tmpsrealm, &tmpcrealm, + &rettree[i]))) { while (i) { krb5_free_principal(context, rettree[i-1]); i--; @@ -188,7 +189,8 @@ krb5_walk_realm_tree(context, client, server, tree, realm_branch_char) tmpsrealm.data = scp + 1; tmpsrealm.length = server->length - (scp + 1 - server->data); - if (retval = krb5_tgtname(context, &tmpsrealm, &tmpcrealm, &rettree[i])) { + if ((retval = krb5_tgtname(context, &tmpsrealm, &tmpcrealm, + &rettree[i]))) { while (i) { krb5_free_principal(context, rettree[i-1]); i--; @@ -207,8 +209,8 @@ krb5_walk_realm_tree(context, client, server, tree, realm_branch_char) tmpcrealm.data = prevscp; tmpcrealm.length = server->length - (prevscp - server->data); - if (retval = krb5_tgtname(context, server, &tmpcrealm, - &rettree[i])) { + if ((retval = krb5_tgtname(context, server, &tmpcrealm, + &rettree[i]))) { while (i) { krb5_free_principal(context, rettree[i-1]); i--; |