summaryrefslogtreecommitdiff
path: root/source4/heimdal/lib/krb5
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2009-08-05 11:25:50 +1000
committerAndrew Bartlett <abartlet@samba.org>2009-08-05 12:18:17 +1000
commitcd1d7f4be7d31388ab79c797acaf6d7730113112 (patch)
tree3d25e28089d1cffa5d7dadca529e29b936681607 /source4/heimdal/lib/krb5
parent8bba340e65e84ee09a7da4d97bc7838d3eefbb15 (diff)
downloadsamba-cd1d7f4be7d31388ab79c797acaf6d7730113112.tar.gz
samba-cd1d7f4be7d31388ab79c797acaf6d7730113112.tar.bz2
samba-cd1d7f4be7d31388ab79c797acaf6d7730113112.zip
s4:heimdal: import lorikeet-heimdal-200908050050 (commit 8714779fa7376fd9f7761587639e68b48afc8c9c)
This also adds a new hdb-glue.c file, to cope with Heimdal's uncondtional enabling of SQLITE. (Very reasonable, but not required for Samba4's use). Andrew Bartlett
Diffstat (limited to 'source4/heimdal/lib/krb5')
-rw-r--r--source4/heimdal/lib/krb5/crypto.c13
-rw-r--r--source4/heimdal/lib/krb5/get_cred.c60
-rw-r--r--source4/heimdal/lib/krb5/kcm.c2
-rw-r--r--source4/heimdal/lib/krb5/keytab_file.c2
-rw-r--r--source4/heimdal/lib/krb5/log.c7
-rw-r--r--source4/heimdal/lib/krb5/pkinit.c10
-rw-r--r--source4/heimdal/lib/krb5/plugin.c200
-rw-r--r--source4/heimdal/lib/krb5/principal.c38
-rw-r--r--source4/heimdal/lib/krb5/store_fd.c2
-rw-r--r--source4/heimdal/lib/krb5/store_mem.c6
-rw-r--r--source4/heimdal/lib/krb5/transited.c47
-rw-r--r--source4/heimdal/lib/krb5/warn.c6
12 files changed, 218 insertions, 175 deletions
diff --git a/source4/heimdal/lib/krb5/crypto.c b/source4/heimdal/lib/krb5/crypto.c
index a30780d1ed..42e2fdf359 100644
--- a/source4/heimdal/lib/krb5/crypto.c
+++ b/source4/heimdal/lib/krb5/crypto.c
@@ -3260,10 +3260,8 @@ krb5_encrypt_iov_ivec(krb5_context context,
memcpy(q, data[i].data.data, data[i].data.length);
q += data[i].data.length;
}
- if (piv) {
+ if (piv)
memset(q, 0, piv->data.length);
- q += piv->data.length;
- }
ret = create_checksum(context,
et->keyed_checksum,
@@ -3299,10 +3297,9 @@ krb5_encrypt_iov_ivec(krb5_context context,
memcpy(q, data[i].data.data, data[i].data.length);
q += data[i].data.length;
}
- if (piv) {
+ if (piv)
memset(q, 0, piv->data.length);
- q += piv->data.length;
- }
+
ret = _get_derived_key(context, crypto, ENCRYPTION_USAGE(usage), &dkey);
if(ret) {
@@ -3333,10 +3330,8 @@ krb5_encrypt_iov_ivec(krb5_context context,
memcpy(data[i].data.data, q, data[i].data.length);
q += data[i].data.length;
}
- if (piv) {
+ if (piv)
memcpy(piv->data.data, q, pad_sz);
- q += pad_sz;
- }
free(p);
diff --git a/source4/heimdal/lib/krb5/get_cred.c b/source4/heimdal/lib/krb5/get_cred.c
index e609bcadcc..10417f1a52 100644
--- a/source4/heimdal/lib/krb5/get_cred.c
+++ b/source4/heimdal/lib/krb5/get_cred.c
@@ -652,13 +652,16 @@ krb5_get_kdc_cred(krb5_context context,
&krbtgt);
if(ret) {
free(*out_creds);
+ *out_creds = NULL;
return ret;
}
ret = get_cred_kdc(context, id, flags, addresses,
in_creds, krbtgt, NULL, NULL, *out_creds);
krb5_free_creds (context, krbtgt);
- if(ret)
+ if(ret) {
free(*out_creds);
+ *out_creds = NULL;
+ }
return ret;
}
@@ -1038,15 +1041,15 @@ out:
* codebase.
*/
-static krb5_error_code
-get_cred_kdc_any(krb5_context context,
- krb5_kdc_flags flags,
- krb5_ccache ccache,
- krb5_creds *in_creds,
- krb5_principal impersonate_principal,
- Ticket *second_ticket,
- krb5_creds **out_creds,
- krb5_creds ***ret_tgts)
+krb5_error_code
+_krb5_get_cred_kdc_any(krb5_context context,
+ krb5_kdc_flags flags,
+ krb5_ccache ccache,
+ krb5_creds *in_creds,
+ krb5_principal impersonate_principal,
+ Ticket *second_ticket,
+ krb5_creds **out_creds,
+ krb5_creds ***ret_tgts)
{
krb5_error_code ret;
@@ -1072,33 +1075,6 @@ get_cred_kdc_any(krb5_context context,
krb5_error_code KRB5_LIB_FUNCTION
-krb5_get_cred_from_kdc_opt(krb5_context context,
- krb5_ccache ccache,
- krb5_creds *in_creds,
- krb5_creds **out_creds,
- krb5_creds ***ret_tgts,
- krb5_flags flags)
-{
- krb5_kdc_flags f;
- f.i = flags;
- return get_cred_kdc_any(context, f, ccache,
- in_creds, NULL, NULL,
- out_creds, ret_tgts);
-}
-
-krb5_error_code KRB5_LIB_FUNCTION
-krb5_get_cred_from_kdc(krb5_context context,
- krb5_ccache ccache,
- krb5_creds *in_creds,
- krb5_creds **out_creds,
- krb5_creds ***ret_tgts)
-{
- return krb5_get_cred_from_kdc_opt(context, ccache,
- in_creds, out_creds, ret_tgts, 0);
-}
-
-
-krb5_error_code KRB5_LIB_FUNCTION
krb5_get_credentials_with_flags(krb5_context context,
krb5_flags options,
krb5_kdc_flags flags,
@@ -1166,8 +1142,8 @@ krb5_get_credentials_with_flags(krb5_context context,
options |= KRB5_GC_NO_STORE;
tgts = NULL;
- ret = get_cred_kdc_any(context, flags, ccache,
- in_creds, NULL, NULL, out_creds, &tgts);
+ ret = _krb5_get_cred_kdc_any(context, flags, ccache,
+ in_creds, NULL, NULL, out_creds, &tgts);
for(i = 0; tgts && tgts[i]; i++) {
krb5_cc_store_cred(context, ccache, tgts[i]);
krb5_free_creds(context, tgts[i]);
@@ -1387,9 +1363,9 @@ krb5_get_creds(krb5_context context,
flags.b.canonicalize = 1;
tgts = NULL;
- ret = get_cred_kdc_any(context, flags, ccache,
- &in_creds, opt->self, opt->ticket,
- out_creds, &tgts);
+ ret = _krb5_get_cred_kdc_any(context, flags, ccache,
+ &in_creds, opt->self, opt->ticket,
+ out_creds, &tgts);
krb5_free_principal(context, in_creds.client);
for(i = 0; tgts && tgts[i]; i++) {
krb5_cc_store_cred(context, ccache, tgts[i]);
diff --git a/source4/heimdal/lib/krb5/kcm.c b/source4/heimdal/lib/krb5/kcm.c
index f034341972..c94dea551f 100644
--- a/source4/heimdal/lib/krb5/kcm.c
+++ b/source4/heimdal/lib/krb5/kcm.c
@@ -1097,8 +1097,8 @@ _krb5_kcm_get_initial_ticket(krb5_context context,
krb5_principal server,
krb5_keyblock *key)
{
- krb5_error_code ret;
krb5_kcmcache *k = KCMCACHE(id);
+ krb5_error_code ret;
krb5_storage *request;
ret = kcm_storage_request(context, KCM_OP_GET_INITIAL_TICKET, &request);
diff --git a/source4/heimdal/lib/krb5/keytab_file.c b/source4/heimdal/lib/krb5/keytab_file.c
index 819366443f..9a21db0cbb 100644
--- a/source4/heimdal/lib/krb5/keytab_file.c
+++ b/source4/heimdal/lib/krb5/keytab_file.c
@@ -490,7 +490,7 @@ loop:
if(len + 4 + pos - curpos >= 8) {
ret = krb5_ret_uint32(cursor->sp, &utmp32);
if (ret == 0)
- entry->flags = tmp32;
+ entry->flags = utmp32;
} else
entry->flags = 0;
diff --git a/source4/heimdal/lib/krb5/log.c b/source4/heimdal/lib/krb5/log.c
index ee5c1159b1..5b84bc2f4c 100644
--- a/source4/heimdal/lib/krb5/log.c
+++ b/source4/heimdal/lib/krb5/log.c
@@ -220,17 +220,16 @@ log_file(const char *timestr,
{
struct file_data *f = data;
char *msgclean;
- size_t len = strlen(msg) + 1;
+ size_t len = strlen(msg);
if(f->keep_open == 0)
f->fd = fopen(f->filename, f->mode);
if(f->fd == NULL)
return;
/* make sure the log doesn't contain special chars */
- len *= 4;
- msgclean = malloc(len);
+ msgclean = malloc((len + 1) * 4);
if (msgclean == NULL)
goto out;
- strvisx(rk_UNCONST(msg), msgclean, len, VIS_OCTAL);
+ strvisx(msgclean, rk_UNCONST(msg), len, VIS_OCTAL);
fprintf(f->fd, "%s %s\n", timestr, msgclean);
free(msgclean);
out:
diff --git a/source4/heimdal/lib/krb5/pkinit.c b/source4/heimdal/lib/krb5/pkinit.c
index 18b5b5e017..af5568f44b 100644
--- a/source4/heimdal/lib/krb5/pkinit.c
+++ b/source4/heimdal/lib/krb5/pkinit.c
@@ -1402,6 +1402,7 @@ pk_rd_pa_reply_dh(krb5_context context,
kdc_dh_pubkey, ctx->u.dh);
if (dh_gen_keylen == -1) {
ret = KRB5KRB_ERR_GENERIC;
+ dh_gen_keylen = 0;
krb5_set_error_message(context, ret,
N_("PKINIT: Can't compute Diffie-Hellman key", ""));
goto out;
@@ -1446,6 +1447,7 @@ pk_rd_pa_reply_dh(krb5_context context,
EC_KEY_free(public);
if (dh_gen_keylen == -1) {
ret = KRB5KRB_ERR_GENERIC;
+ dh_gen_keylen = 0;
krb5_set_error_message(context, ret,
N_("PKINIT: Can't compute ECDH public key", ""));
goto out;
@@ -1455,6 +1457,14 @@ pk_rd_pa_reply_dh(krb5_context context,
#endif
}
+ if (dh_gen_keylen <= 0) {
+ ret = EINVAL;
+ krb5_set_error_message(context, ret,
+ N_("PKINIT: resulting DH key <= 0", ""));
+ dh_gen_keylen = 0;
+ goto out;
+ }
+
*key = malloc (sizeof (**key));
if (*key == NULL) {
ret = ENOMEM;
diff --git a/source4/heimdal/lib/krb5/plugin.c b/source4/heimdal/lib/krb5/plugin.c
index 844cb7ab88..027f2a72a7 100644
--- a/source4/heimdal/lib/krb5/plugin.c
+++ b/source4/heimdal/lib/krb5/plugin.c
@@ -40,19 +40,28 @@
struct krb5_plugin {
void *symbol;
- void *dsohandle;
struct krb5_plugin *next;
};
struct plugin {
- enum krb5_plugin_type type;
- void *name;
- void *symbol;
+ enum { DSO, SYMBOL } type;
+ union {
+ struct {
+ char *path;
+ void *dsohandle;
+ } dso;
+ struct {
+ enum krb5_plugin_type type;
+ char *name;
+ char *symbol;
+ } symbol;
+ } u;
struct plugin *next;
};
static HEIMDAL_MUTEX plugin_mutex = HEIMDAL_MUTEX_INITIALIZER;
static struct plugin *registered = NULL;
+static int plugins_needs_scan = 1;
static const char *sysplugin_dirs[] = {
LIBDIR "/plugin/krb5",
@@ -85,15 +94,14 @@ _krb5_plugin_get_next(struct krb5_plugin *p)
#ifdef HAVE_DLOPEN
static krb5_error_code
-loadlib(krb5_context context,
- enum krb5_plugin_type type,
- const char *name,
- const char *lib,
- struct krb5_plugin **e)
+loadlib(krb5_context context, char *path)
{
- *e = calloc(1, sizeof(**e));
- if (*e == NULL) {
+ struct plugin *e;
+
+ e = calloc(1, sizeof(*e));
+ if (e == NULL) {
krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
+ free(path);
return ENOMEM;
}
@@ -103,24 +111,13 @@ loadlib(krb5_context context,
#ifndef RTLD_LOCAL
#define RTLD_LOCAL 0
#endif
+ e->type = DSO;
+ /* ignore error from dlopen, and just keep it as negative cache entry */
+ e->u.dso.dsohandle = dlopen(path, RTLD_LOCAL|RTLD_LAZY);
+ e->u.dso.path = path;
- (*e)->dsohandle = dlopen(lib, RTLD_LOCAL|RTLD_LAZY);
- if ((*e)->dsohandle == NULL) {
- free(*e);
- *e = NULL;
- krb5_set_error_message(context, ENOMEM, "Failed to load %s: %s",
- lib, dlerror());
- return ENOMEM;
- }
-
- /* dlsym doesn't care about the type */
- (*e)->symbol = dlsym((*e)->dsohandle, name);
- if ((*e)->symbol == NULL) {
- dlclose((*e)->dsohandle);
- free(*e);
- krb5_clear_error_message(context);
- return ENOMEM;
- }
+ e->next = registered;
+ registered = e;
return 0;
}
@@ -146,26 +143,35 @@ krb5_plugin_register(krb5_context context,
{
struct plugin *e;
+ HEIMDAL_MUTEX_lock(&plugin_mutex);
+
/* check for duplicates */
- for (e = registered; e != NULL; e = e->next)
- if (e->type == type && strcmp(e->name,name)== 0 && e->symbol == symbol)
+ for (e = registered; e != NULL; e = e->next) {
+ if (e->type == SYMBOL &&
+ strcmp(e->u.symbol.name, name) == 0 &&
+ e->u.symbol.type == type && e->u.symbol.symbol == symbol) {
+ HEIMDAL_MUTEX_unlock(&plugin_mutex);
return 0;
+ }
+ }
e = calloc(1, sizeof(*e));
if (e == NULL) {
+ HEIMDAL_MUTEX_unlock(&plugin_mutex);
krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM;
}
- e->type = type;
- e->name = strdup(name);
- if (e->name == NULL) {
+ e->type = SYMBOL;
+ e->u.symbol.type = type;
+ e->u.symbol.name = strdup(name);
+ if (e->u.symbol.name == NULL) {
+ HEIMDAL_MUTEX_unlock(&plugin_mutex);
free(e);
krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return ENOMEM;
}
- e->symbol = symbol;
+ e->u.symbol.symbol = symbol;
- HEIMDAL_MUTEX_lock(&plugin_mutex);
e->next = registered;
registered = e;
HEIMDAL_MUTEX_unlock(&plugin_mutex);
@@ -173,41 +179,19 @@ krb5_plugin_register(krb5_context context,
return 0;
}
-krb5_error_code
-_krb5_plugin_find(krb5_context context,
- enum krb5_plugin_type type,
- const char *name,
- struct krb5_plugin **list)
+static krb5_error_code
+load_plugins(krb5_context context)
{
- struct krb5_plugin *e;
- struct plugin *p;
+ struct plugin *e;
krb5_error_code ret;
char **dirs = NULL, **di;
struct dirent *entry;
char *path;
DIR *d = NULL;
- *list = NULL;
-
- HEIMDAL_MUTEX_lock(&plugin_mutex);
-
- for (p = registered; p != NULL; p = p->next) {
- if (p->type != type || strcmp(p->name, name) != 0)
- continue;
-
- e = calloc(1, sizeof(*e));
- if (e == NULL) {
- HEIMDAL_MUTEX_unlock(&plugin_mutex);
- ret = ENOMEM;
- krb5_set_error_message(context, ret, "malloc: out of memory");
- goto out;
- }
- e->symbol = p->symbol;
- e->dsohandle = NULL;
- e->next = *list;
- *list = e;
- }
- HEIMDAL_MUTEX_unlock(&plugin_mutex);
+ if (!plugins_needs_scan)
+ return 0;
+ plugins_needs_scan = 0;
#ifdef HAVE_DLOPEN
@@ -244,21 +228,83 @@ _krb5_plugin_find(krb5_context context,
if (path == NULL) {
ret = ENOMEM;
krb5_set_error_message(context, ret, "malloc: out of memory");
- goto out;
+ return ret;
+ }
+
+ /* check if already tried */
+ for (e = registered; e != NULL; e = e->next)
+ if (e->type == DSO && strcmp(e->u.dso.path, path) == 0)
+ break;
+ if (e) {
+ free(path);
+ } else {
+ loadlib(context, path); /* store or frees path */
}
- ret = loadlib(context, type, name, path, &e);
- free(path);
- if (ret)
- continue;
-
- e->next = *list;
- *list = e;
}
closedir(d);
}
if (dirs != rk_UNCONST(sysplugin_dirs))
krb5_config_free_strings(dirs);
#endif /* HAVE_DLOPEN */
+ return 0;
+}
+
+static krb5_error_code
+add_symbol(krb5_context context, struct krb5_plugin **list, void *symbol)
+{
+ struct krb5_plugin *e;
+
+ e = calloc(1, sizeof(*e));
+ if (e == NULL) {
+ krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
+ return ENOMEM;
+ }
+ e->symbol = symbol;
+ e->next = *list;
+ *list = e;
+ return 0;
+}
+
+krb5_error_code
+_krb5_plugin_find(krb5_context context,
+ enum krb5_plugin_type type,
+ const char *name,
+ struct krb5_plugin **list)
+{
+ struct plugin *e;
+ krb5_error_code ret;
+
+ *list = NULL;
+
+ HEIMDAL_MUTEX_lock(&plugin_mutex);
+
+ load_plugins(context);
+
+ for (ret = 0, e = registered; e != NULL; e = e->next) {
+ switch(e->type) {
+ case DSO: {
+ void *sym;
+ if (e->u.dso.dsohandle == NULL)
+ continue;
+ sym = dlsym(e->u.dso.dsohandle, name);
+ if (sym)
+ ret = add_symbol(context, list, sym);
+ break;
+ }
+ case SYMBOL:
+ if (strcmp(e->u.symbol.name, name) == 0 && e->u.symbol.type == type)
+ ret = add_symbol(context, list, e->u.symbol.symbol);
+ break;
+ }
+ if (ret) {
+ _krb5_plugin_free(*list);
+ *list = NULL;
+ }
+ }
+
+ HEIMDAL_MUTEX_unlock(&plugin_mutex);
+ if (ret)
+ return ret;
if (*list == NULL) {
krb5_set_error_message(context, ENOENT, "Did not find a plugin for %s", name);
@@ -266,16 +312,6 @@ _krb5_plugin_find(krb5_context context,
}
return 0;
-
-out:
- if (dirs != rk_UNCONST(sysplugin_dirs))
- krb5_config_free_strings(dirs);
- if (d)
- closedir(d);
- _krb5_plugin_free(*list);
- *list = NULL;
-
- return ret;
}
void
@@ -284,8 +320,6 @@ _krb5_plugin_free(struct krb5_plugin *list)
struct krb5_plugin *next;
while (list) {
next = list->next;
- if (list->dsohandle)
- dlclose(list->dsohandle);
free(list);
list = next;
}
diff --git a/source4/heimdal/lib/krb5/principal.c b/source4/heimdal/lib/krb5/principal.c
index 50b7bb8813..9899f5661f 100644
--- a/source4/heimdal/lib/krb5/principal.c
+++ b/source4/heimdal/lib/krb5/principal.c
@@ -496,6 +496,18 @@ unparse_name(krb5_context context,
return ret;
}
+/**
+ * Unparse the Kerberos name into a string
+ *
+ * @param context Kerberos 5 context
+ * @param principal principal to query
+ * @param name resulting string, free with krb5_xfree()
+ *
+ * @return An krb5 error code, see krb5_get_error_message().
+ *
+ * @ingroup krb5_principal
+ */
+
krb5_error_code KRB5_LIB_FUNCTION
krb5_unparse_name(krb5_context context,
krb5_const_principal principal,
@@ -504,6 +516,19 @@ krb5_unparse_name(krb5_context context,
return unparse_name(context, principal, name, 0);
}
+/**
+ * Unparse the Kerberos name into a string
+ *
+ * @param context Kerberos 5 context
+ * @param principal principal to query
+ * @param flags flag to determine the behavior
+ * @param name resulting string, free with krb5_xfree()
+ *
+ * @return An krb5 error code, see krb5_get_error_message().
+ *
+ * @ingroup krb5_principal
+ */
+
krb5_error_code KRB5_LIB_FUNCTION
krb5_unparse_name_flags(krb5_context context,
krb5_const_principal principal,
@@ -620,7 +645,6 @@ va_princ(krb5_context context, krb5_principal p, va_list ap)
}
}
-
static krb5_error_code
build_principal(krb5_context context,
krb5_principal *principal,
@@ -733,8 +757,16 @@ krb5_copy_principal(krb5_context context,
return 0;
}
-/*
- * return TRUE iff princ1 == princ2 (without considering the realm)
+/**
+ * Return TRUE iff princ1 == princ2 (without considering the realm)
+ *
+ * @param context Kerberos 5 context
+ * @param princ1 first principal to compare
+ * @param princ2 second principal to compare
+ *
+ * @return non zero if equal, 0 if not
+ *
+ * @ingroup krb5_principal
*/
krb5_boolean KRB5_LIB_FUNCTION
diff --git a/source4/heimdal/lib/krb5/store_fd.c b/source4/heimdal/lib/krb5/store_fd.c
index 38d67ae4d3..4150175927 100644
--- a/source4/heimdal/lib/krb5/store_fd.c
+++ b/source4/heimdal/lib/krb5/store_fd.c
@@ -79,7 +79,7 @@ fd_free(krb5_storage * sp)
*
* @ingroup krb5_storage
*
- * @sa krb5_storage_from_emem()
+ * @sa krb5_storage_emem()
* @sa krb5_storage_from_mem()
* @sa krb5_storage_from_readonly_mem()
* @sa krb5_storage_from_data()
diff --git a/source4/heimdal/lib/krb5/store_mem.c b/source4/heimdal/lib/krb5/store_mem.c
index db1abc1e90..a7b0c2d2dc 100644
--- a/source4/heimdal/lib/krb5/store_mem.c
+++ b/source4/heimdal/lib/krb5/store_mem.c
@@ -116,7 +116,7 @@ mem_no_trunc(krb5_storage *sp, off_t offset)
*
* @ingroup krb5_storage
*
- * @sa krb5_storage_from_emem()
+ * @sa krb5_storage_mem()
* @sa krb5_storage_from_readonly_mem()
* @sa krb5_storage_from_data()
* @sa krb5_storage_from_fd()
@@ -155,7 +155,7 @@ krb5_storage_from_mem(void *buf, size_t len)
*
* @ingroup krb5_storage
*
- * @sa krb5_storage_from_emem()
+ * @sa krb5_storage_mem()
* @sa krb5_storage_from_mem()
* @sa krb5_storage_from_readonly_mem()
* @sa krb5_storage_from_fd()
@@ -174,7 +174,7 @@ krb5_storage_from_data(krb5_data *data)
*
* @ingroup krb5_storage
*
- * @sa krb5_storage_from_emem()
+ * @sa krb5_storage_mem()
* @sa krb5_storage_from_mem()
* @sa krb5_storage_from_data()
* @sa krb5_storage_from_fd()
diff --git a/source4/heimdal/lib/krb5/transited.c b/source4/heimdal/lib/krb5/transited.c
index 196ef447ee..1ff4ce1658 100644
--- a/source4/heimdal/lib/krb5/transited.c
+++ b/source4/heimdal/lib/krb5/transited.c
@@ -62,9 +62,8 @@ static int
make_path(krb5_context context, struct tr_realm *r,
const char *from, const char *to)
{
- const char *p;
- struct tr_realm *path = r->next;
struct tr_realm *tmp;
+ const char *p;
if(strlen(from) < strlen(to)){
const char *str;
@@ -90,11 +89,12 @@ make_path(krb5_context context, struct tr_realm *r,
N_("malloc: out of memory", ""));
return ENOMEM;
}
- tmp->next = path;
- path = tmp;
- path->realm = strdup(p);
- if(path->realm == NULL){
- r->next = path; /* XXX */
+ tmp->next = r->next;
+ r->next = tmp;
+ tmp->realm = strdup(p);
+ if(tmp->realm == NULL){
+ r->next = tmp->next;
+ free(tmp);
krb5_set_error_message(context, ENOMEM,
N_("malloc: out of memory", ""));
return ENOMEM;;
@@ -104,10 +104,9 @@ make_path(krb5_context context, struct tr_realm *r,
p = from + strlen(from);
while(1){
while(p >= from && *p != '/') p--;
- if(p == from) {
- r->next = path; /* XXX */
+ if(p == from)
return KRB5KDC_ERR_POLICY;
- }
+
if(strncmp(to, from, p - from) == 0)
break;
tmp = calloc(1, sizeof(*tmp));
@@ -116,24 +115,24 @@ make_path(krb5_context context, struct tr_realm *r,
N_("malloc: out of memory", ""));
return ENOMEM;
}
- tmp->next = path;
- path = tmp;
- path->realm = malloc(p - from + 1);
- if(path->realm == NULL){
- r->next = path; /* XXX */
+ tmp->next = r->next;
+ r->next = tmp;
+ tmp->realm = malloc(p - from + 1);
+ if(tmp->realm == NULL){
+ r->next = tmp->next;
+ free(tmp);
krb5_set_error_message(context, ENOMEM,
N_("malloc: out of memory", ""));
return ENOMEM;
}
- memcpy(path->realm, from, p - from);
- path->realm[p - from] = '\0';
+ memcpy(tmp->realm, from, p - from);
+ tmp->realm[p - from] = '\0';
p--;
}
} else {
krb5_clear_error_message (context);
return KRB5KDC_ERR_POLICY;
}
- r->next = path;
return 0;
}
@@ -359,17 +358,15 @@ krb5_domain_x500_decode(krb5_context context,
return ret;
/* remove empty components and count realms */
- q = &r;
*num_realms = 0;
- for(p = r; p; ){
- if(p->realm[0] == '\0'){
+ for(q = &r; *q; ){
+ if((*q)->realm[0] == '\0'){
+ p = *q;
+ *q = (*q)->next;
free(p->realm);
- *q = p->next;
free(p);
- p = *q;
}else{
- q = &p->next;
- p = p->next;
+ q = &(*q)->next;
(*num_realms)++;
}
}
diff --git a/source4/heimdal/lib/krb5/warn.c b/source4/heimdal/lib/krb5/warn.c
index 58fb73189e..b88b2004fb 100644
--- a/source4/heimdal/lib/krb5/warn.c
+++ b/source4/heimdal/lib/krb5/warn.c
@@ -65,13 +65,13 @@ _warnerr(krb5_context context, int do_errtext,
err_str = krb5_get_error_message(context, code);
if (err_str != NULL) {
- *arg++ = err_str;
+ *arg = err_str;
} else {
err_msg = krb5_get_err_text(context, code);
if (err_msg)
- *arg++ = err_msg;
+ *arg = err_msg;
else
- *arg++ = "<unknown error>";
+ *arg= "<unknown error>";
}
}