diff options
author | Stefan Metzmacher <metze@samba.org> | 2011-07-15 09:10:30 +0200 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2011-07-15 11:15:05 +0200 |
commit | 255e3e18e00f717d99f3bc57c8a8895ff624f3c3 (patch) | |
tree | a2933c88f38e8dd7fe612be8dd458d05918b1f15 /source4/heimdal/lib/krb5/init_creds_pw.c | |
parent | 70da27838bb3f6ed9c36add06ce0ccdf467ab1c3 (diff) | |
download | samba-255e3e18e00f717d99f3bc57c8a8895ff624f3c3.tar.gz samba-255e3e18e00f717d99f3bc57c8a8895ff624f3c3.tar.bz2 samba-255e3e18e00f717d99f3bc57c8a8895ff624f3c3.zip |
s4:heimdal: import lorikeet-heimdal-201107150856 (commit 48936803fae4a2fb362c79365d31f420c917b85b)
Diffstat (limited to 'source4/heimdal/lib/krb5/init_creds_pw.c')
-rw-r--r-- | source4/heimdal/lib/krb5/init_creds_pw.c | 55 |
1 files changed, 28 insertions, 27 deletions
diff --git a/source4/heimdal/lib/krb5/init_creds_pw.c b/source4/heimdal/lib/krb5/init_creds_pw.c index 29b882d053..f2185628e5 100644 --- a/source4/heimdal/lib/krb5/init_creds_pw.c +++ b/source4/heimdal/lib/krb5/init_creds_pw.c @@ -71,7 +71,7 @@ typedef struct krb5_get_init_creds_ctx { KRB_ERROR error; AS_REP as_rep; EncKDCRepPart enc_part; - + krb5_prompter_fct prompter; void *prompter_data; @@ -313,14 +313,14 @@ process_last_request(krb5_context context, if (lr->val[i].lr_value <= t) { switch (abs(lr->val[i].lr_type)) { case LR_PW_EXPTIME : - report_expiration(context, ctx->prompter, + report_expiration(context, ctx->prompter, ctx->prompter_data, "Your password will expire at ", lr->val[i].lr_value); reported = TRUE; break; case LR_ACCT_EXPTIME : - report_expiration(context, ctx->prompter, + report_expiration(context, ctx->prompter, ctx->prompter_data, "Your account will expire at ", lr->val[i].lr_value); @@ -333,7 +333,7 @@ process_last_request(krb5_context context, if (!reported && ctx->enc_part.key_expiration && *ctx->enc_part.key_expiration <= t) { - report_expiration(context, ctx->prompter, + report_expiration(context, ctx->prompter, ctx->prompter_data, "Your password/account will expire at ", *ctx->enc_part.key_expiration); @@ -367,7 +367,7 @@ get_init_creds_common(krb5_context context, if (options->opt_private) { if (options->opt_private->password) { - ret = krb5_init_creds_set_password(context, ctx, + ret = krb5_init_creds_set_password(context, ctx, options->opt_private->password); if (ret) goto out; @@ -384,7 +384,7 @@ get_init_creds_common(krb5_context context, ctx->keyproc = default_s2k_func; /* Enterprise name implicitly turns on canonicalize */ - if ((ctx->ic_flags & KRB5_INIT_CREDS_CANONICALIZE) || + if ((ctx->ic_flags & KRB5_INIT_CREDS_CANONICALIZE) || krb5_principal_get_type(context, client) == KRB5_NT_ENTERPRISE_PRINCIPAL) ctx->flags.canonicalize = 1; @@ -671,7 +671,8 @@ init_as_req (krb5_context context, *a->req_body.rtime = creds->times.renew_till; } a->req_body.nonce = 0; - ret = krb5_init_etype (context, + ret = _krb5_init_etype(context, + KRB5_PDU_AS_REQUEST, &a->req_body.etype.len, &a->req_body.etype.val, etypes); @@ -759,7 +760,7 @@ pa_etype_info2(krb5_context context, krb5_error_code ret; ETYPE_INFO2 e; size_t sz; - int i, j; + size_t i, j; memset(&e, 0, sizeof(e)); ret = decode_ETYPE_INFO2(data->data, data->length, &e, &sz); @@ -808,7 +809,7 @@ pa_etype_info(krb5_context context, krb5_error_code ret; ETYPE_INFO e; size_t sz; - int i, j; + size_t i, j; memset(&e, 0, sizeof(e)); ret = decode_ETYPE_INFO(data->data, data->length, &e, &sz); @@ -889,9 +890,9 @@ static struct pa_info pa_prefs[] = { }; static PA_DATA * -find_pa_data(const METHOD_DATA *md, int type) +find_pa_data(const METHOD_DATA *md, unsigned type) { - int i; + size_t i; if (md == NULL) return NULL; for (i = 0; i < md->len; i++) @@ -908,7 +909,7 @@ process_pa_info(krb5_context context, METHOD_DATA *md) { struct pa_info_data *p = NULL; - int i; + size_t i; for (i = 0; p == NULL && i < sizeof(pa_prefs)/sizeof(pa_prefs[0]); i++) { PA_DATA *pa = find_pa_data(md, pa_prefs[i].type); @@ -928,7 +929,7 @@ make_pa_enc_timestamp(krb5_context context, METHOD_DATA *md, PA_ENC_TS_ENC p; unsigned char *buf; size_t buf_size; - size_t len; + size_t len = 0; EncryptedData encdata; krb5_error_code ret; int32_t usec; @@ -989,7 +990,7 @@ add_enc_ts_padata(krb5_context context, krb5_error_code ret; krb5_salt salt2; krb5_enctype *ep; - int i; + size_t i; if(salt == NULL) { /* default to standard salt */ @@ -1109,7 +1110,7 @@ pa_data_add_pac_request(krb5_context context, krb5_get_init_creds_ctx *ctx, METHOD_DATA *md) { - size_t len, length; + size_t len = 0, length; krb5_error_code ret; PA_PAC_REQUEST req; void *buf; @@ -1179,14 +1180,14 @@ process_pa_data_to_md(krb5_context context, _krb5_debug(context, 5, "krb5_get_init_creds: " "prepareing PKINIT padata (%s)", (ctx->used_pa_types & USED_PKINIT_W2K) ? "win2k" : "ietf"); - + if (ctx->used_pa_types & USED_PKINIT_W2K) { krb5_set_error_message(context, KRB5_GET_IN_TKT_LOOP, "Already tried pkinit, looping"); return KRB5_GET_IN_TKT_LOOP; } - ret = pa_data_to_md_pkinit(context, a, creds->client, + ret = pa_data_to_md_pkinit(context, a, creds->client, (ctx->used_pa_types & USED_PKINIT), ctx, *out_md); if (ret) @@ -1526,14 +1527,14 @@ krb5_init_creds_set_keytab(krb5_context context, krb5_error_code ret; size_t netypes = 0; int kvno = 0; - + a = malloc(sizeof(*a)); if (a == NULL) { krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); return ENOMEM; } - + a->principal = ctx->cred.client; a->keytab = keytab; @@ -1568,7 +1569,7 @@ krb5_init_creds_set_keytab(krb5_context context, kvno = entry.vno; } else if (entry.vno != kvno) goto next; - + /* check if enctype is supported */ if (krb5_enctype_valid(context, entry.keyblock.keytype) != 0) goto next; @@ -1619,7 +1620,7 @@ krb5_init_creds_set_keyblock(krb5_context context, /** * The core loop if krb5_get_init_creds() function family. Create the - * packets and have the caller send them off to the KDC. + * packets and have the caller send them off to the KDC. * * If the caller want all work been done for them, use * krb5_init_creds_get() instead. @@ -1647,7 +1648,7 @@ krb5_init_creds_step(krb5_context context, unsigned int *flags) { krb5_error_code ret; - size_t len; + size_t len = 0; size_t size; krb5_data_zero(out); @@ -1768,13 +1769,13 @@ krb5_init_creds_step(krb5_context context, "options send by KDC", "")); } } else if (ret == KRB5KRB_AP_ERR_SKEW && context->kdc_sec_offset == 0) { - /* + /* * Try adapt to timeskrew when we are using pre-auth, and * if there was a time skew, try again. */ krb5_set_real_time(context, ctx->error.stime, -1); if (context->kdc_sec_offset) - ret = 0; + ret = 0; _krb5_debug(context, 10, "init_creds: err skew updateing kdc offset to %d", context->kdc_sec_offset); @@ -1793,7 +1794,7 @@ krb5_init_creds_step(krb5_context context, "krb5_get_init_creds: got referal to realm %s", *ctx->error.crealm); - ret = krb5_principal_set_realm(context, + ret = krb5_principal_set_realm(context, ctx->cred.client, *ctx->error.crealm); @@ -1934,7 +1935,7 @@ krb5_init_creds_get(krb5_context context, krb5_init_creds_context ctx) if ((flags & 1) == 0) break; - ret = krb5_sendto_context (context, stctx, &out, + ret = krb5_sendto_context (context, stctx, &out, ctx->cred.client->realm, &in); if (ret) goto out; @@ -2013,7 +2014,7 @@ krb5_get_init_creds_password(krb5_context context, } ret = krb5_init_creds_get(context, ctx); - + if (ret == 0) process_last_request(context, options, ctx); |