From 255e3e18e00f717d99f3bc57c8a8895ff624f3c3 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 15 Jul 2011 09:10:30 +0200 Subject: s4:heimdal: import lorikeet-heimdal-201107150856 (commit 48936803fae4a2fb362c79365d31f420c917b85b) --- source4/heimdal/lib/hdb/dbinfo.c | 2 +- source4/heimdal/lib/hdb/ext.c | 20 +++++++-------- source4/heimdal/lib/hdb/hdb-keytab.c | 2 +- source4/heimdal/lib/hdb/hdb.c | 12 +++++---- source4/heimdal/lib/hdb/hdb.h | 4 +-- source4/heimdal/lib/hdb/keys.c | 16 ++++++------ source4/heimdal/lib/hdb/keytab.c | 48 ++++++++++++++++++------------------ source4/heimdal/lib/hdb/mkey.c | 18 +++++++------- 8 files changed, 62 insertions(+), 60 deletions(-) (limited to 'source4/heimdal/lib/hdb') diff --git a/source4/heimdal/lib/hdb/dbinfo.c b/source4/heimdal/lib/hdb/dbinfo.c index 5019016ed5..52e394106e 100644 --- a/source4/heimdal/lib/hdb/dbinfo.c +++ b/source4/heimdal/lib/hdb/dbinfo.c @@ -112,7 +112,7 @@ hdb_get_dbinfo(krb5_context context, struct hdb_dbinfo **dbp) if (ret == 0 && di) { databases = di; dt = &di->next; - } + } for ( ; db_binding != NULL; db_binding = db_binding->next) { diff --git a/source4/heimdal/lib/hdb/ext.c b/source4/heimdal/lib/hdb/ext.c index fb32fdb845..d2a4373b9b 100644 --- a/source4/heimdal/lib/hdb/ext.c +++ b/source4/heimdal/lib/hdb/ext.c @@ -37,7 +37,7 @@ krb5_error_code hdb_entry_check_mandatory(krb5_context context, const hdb_entry *ent) { - int i; + size_t i; if (ent->extensions == NULL) return 0; @@ -63,13 +63,13 @@ hdb_entry_check_mandatory(krb5_context context, const hdb_entry *ent) HDB_extension * hdb_find_extension(const hdb_entry *entry, int type) { - int i; + size_t i; if (entry->extensions == NULL) return NULL; for (i = 0; i < entry->extensions->len; i++) - if (entry->extensions->val[i].data.element == type) + if (entry->extensions->val[i].data.element == (unsigned)type) return &entry->extensions->val[i]; return NULL; } @@ -112,7 +112,7 @@ hdb_replace_extension(krb5_context context, Der_type replace_type, list_type; unsigned int replace_tag, list_tag; size_t size; - int i; + size_t i; ret = der_get_tag(ext->data.u.asn1_ellipsis.data, ext->data.u.asn1_ellipsis.length, @@ -180,13 +180,13 @@ hdb_clear_extension(krb5_context context, hdb_entry *entry, int type) { - int i; + size_t i; if (entry->extensions == NULL) return 0; for (i = 0; i < entry->extensions->len; i++) { - if (entry->extensions->val[i].data.element == type) { + if (entry->extensions->val[i].data.element == (unsigned)type) { free_HDB_extension(&entry->extensions->val[i]); memmove(&entry->extensions->val[i], &entry->extensions->val[i + 1], @@ -286,7 +286,7 @@ hdb_entry_get_password(krb5_context context, HDB *db, ext = hdb_find_extension(entry, choice_HDB_extension_data_password); if (ext) { - heim_utf8_string str; + heim_utf8_string xstr; heim_octet_string pw; if (db->hdb_master_key_set && ext->data.u.password.mkvno) { @@ -314,13 +314,13 @@ hdb_entry_get_password(krb5_context context, HDB *db, return ret; } - str = pw.data; - if (str[pw.length - 1] != '\0') { + xstr = pw.data; + if (xstr[pw.length - 1] != '\0') { krb5_set_error_message(context, EINVAL, "malformed password"); return EINVAL; } - *p = strdup(str); + *p = strdup(xstr); der_free_octet_string(&pw); if (*p == NULL) { diff --git a/source4/heimdal/lib/hdb/hdb-keytab.c b/source4/heimdal/lib/hdb/hdb-keytab.c index c1bad86796..ab2afb5d74 100644 --- a/source4/heimdal/lib/hdb/hdb-keytab.c +++ b/source4/heimdal/lib/hdb/hdb-keytab.c @@ -206,7 +206,7 @@ hdb_keytab_create(krb5_context context, HDB ** db, const char *arg) krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return ENOMEM; } - + (*db)->hdb_db = k; diff --git a/source4/heimdal/lib/hdb/hdb.c b/source4/heimdal/lib/hdb/hdb.c index 2c1de8b3d7..ca05cc4a17 100644 --- a/source4/heimdal/lib/hdb/hdb.c +++ b/source4/heimdal/lib/hdb/hdb.c @@ -78,7 +78,9 @@ static struct hdb_method methods[] = { { HDB_INTERFACE_VERSION, "ldap:", hdb_ldap_create}, { HDB_INTERFACE_VERSION, "ldapi:", hdb_ldapi_create}, #endif +#ifdef HAVE_SQLITE3 { HDB_INTERFACE_VERSION, "sqlite:", hdb_sqlite_create}, +#endif {0, NULL, NULL} }; @@ -166,7 +168,7 @@ hdb_unlock(int fd) void hdb_free_entry(krb5_context context, hdb_entry_ex *ent) { - int i; + size_t i; if (ent->free_entry) (*ent->free_entry)(context, ent); @@ -215,7 +217,7 @@ hdb_check_db_format(krb5_context context, HDB *db) if (ret) return ret; - tag.data = HDB_DB_FORMAT_ENTRY; + tag.data = (void *)(intptr_t)HDB_DB_FORMAT_ENTRY; tag.length = strlen(tag.data); ret = (*db->hdb__get)(context, db, tag, &version); ret2 = db->hdb_unlock(context, db); @@ -248,7 +250,7 @@ hdb_init_db(krb5_context context, HDB *db) if (ret) return ret; - tag.data = HDB_DB_FORMAT_ENTRY; + tag.data = (void *)(intptr_t)HDB_DB_FORMAT_ENTRY; tag.length = strlen(tag.data); snprintf(ver, sizeof(ver), "%u", HDB_DB_FORMAT); version.data = ver; @@ -317,7 +319,7 @@ find_dynamic_method (krb5_context context, if (asprintf(&symbol, "hdb_%s_interface", prefix) == -1) krb5_errx(context, 1, "out of memory"); - + mso = (struct hdb_so_method *) dlsym(dl, symbol); if (mso == NULL) { krb5_warnx(context, "error finding symbol %s in %s: %s\n", @@ -432,7 +434,7 @@ _hdb_keytab2hdb_entry(krb5_context context, entry->entry.keys.val[0].mkvno = NULL; entry->entry.keys.val[0].salt = NULL; - + return krb5_copy_keyblock_contents(context, &ktentry->keyblock, &entry->entry.keys.val[0].key); diff --git a/source4/heimdal/lib/hdb/hdb.h b/source4/heimdal/lib/hdb/hdb.h index fffda7aef0..469ec82ec0 100644 --- a/source4/heimdal/lib/hdb/hdb.h +++ b/source4/heimdal/lib/hdb/hdb.h @@ -153,7 +153,7 @@ typedef struct HDB{ /** * As part of iteration, fetch next entry */ - krb5_error_code (*hdb_nextkey)(krb5_context, struct HDB*, + krb5_error_code (*hdb_nextkey)(krb5_context, struct HDB*, unsigned, hdb_entry_ex*); /** * Lock database @@ -221,7 +221,7 @@ typedef struct HDB{ * ->hdb_store() into the database. The backend will still perform * all other operations, increasing the kvno, and update * modification timestamp. - * + * * The backend needs to call _kadm5_set_keys() and perform password * quality checks. */ diff --git a/source4/heimdal/lib/hdb/keys.c b/source4/heimdal/lib/hdb/keys.c index 63f254d002..3d0b9d7c1b 100644 --- a/source4/heimdal/lib/hdb/keys.c +++ b/source4/heimdal/lib/hdb/keys.c @@ -221,10 +221,10 @@ add_enctype_to_key_set(Key **key_set, size_t *nkeyset, free_Key(&key); return ENOMEM; } - + key.salt->type = salt->salttype; krb5_data_zero (&key.salt->salt); - + ret = krb5_data_copy(&key.salt->salt, salt->saltvalue.data, salt->saltvalue.length); @@ -256,8 +256,8 @@ hdb_generate_key_set(krb5_context context, krb5_principal principal, char **ktypes, **kp; krb5_error_code ret; Key *k, *key_set; - int i, j; - char *default_keytypes[] = { + size_t i, j; + static const char *default_keytypes[] = { "aes256-cts-hmac-sha1-96:pw-salt", "des3-cbc-sha1:pw-salt", "arcfour-hmac-md5:pw-salt", @@ -267,7 +267,7 @@ hdb_generate_key_set(krb5_context context, krb5_principal principal, ktypes = krb5_config_get_strings(context, NULL, "kadmin", "default_keys", NULL); if (ktypes == NULL) - ktypes = default_keytypes; + ktypes = (char **)(intptr_t)default_keytypes; *ret_key_set = key_set = NULL; *nkeyset = 0; @@ -290,7 +290,7 @@ hdb_generate_key_set(krb5_context context, krb5_principal principal, p = "des:afs3-salt"; else if (strcmp(p, "arcfour-hmac-md5") == 0) p = "arcfour-hmac-md5:pw-salt"; - + memset(&salt, 0, sizeof(salt)); ret = parse_key_set(context, p, @@ -337,7 +337,7 @@ hdb_generate_key_set(krb5_context context, krb5_principal principal, *ret_key_set = key_set; out: - if (ktypes != default_keytypes) + if (ktypes != (char **)(intptr_t)default_keytypes) krb5_config_free_strings(ktypes); if (ret) { @@ -364,7 +364,7 @@ hdb_generate_key_set_password(krb5_context context, Key **keys, size_t *num_keys) { krb5_error_code ret; - int i; + size_t i; ret = hdb_generate_key_set(context, principal, keys, num_keys, 0); diff --git a/source4/heimdal/lib/hdb/keytab.c b/source4/heimdal/lib/hdb/keytab.c index 05b78dafc5..c72b797dab 100644 --- a/source4/heimdal/lib/hdb/keytab.c +++ b/source4/heimdal/lib/hdb/keytab.c @@ -37,7 +37,7 @@ struct hdb_data { char *dbname; - char *mkey; + char *mkey; }; struct hdb_cursor { @@ -184,7 +184,7 @@ hdb_get_entry(krb5_context context, const char *mkey = d->mkey; char *fdbname = NULL, *fmkey = NULL; HDB *db; - int i; + size_t i; memset(&ent, 0, sizeof(ent)); @@ -204,13 +204,13 @@ hdb_get_entry(krb5_context context, (*db->hdb_destroy)(context, db); goto out2; } - + ret = (*db->hdb_open)(context, db, O_RDONLY, 0); if (ret) { (*db->hdb_destroy)(context, db); goto out2; } - + ret = (*db->hdb_fetch_kvno)(context, db, principal, HDB_F_DECRYPT|HDB_F_KVNO_SPECIFIED| HDB_F_GET_CLIENT|HDB_F_GET_SERVER|HDB_F_GET_KRBTGT, @@ -222,7 +222,7 @@ hdb_get_entry(krb5_context context, }else if(ret) goto out; - if(kvno && ent.entry.kvno != kvno) { + if(kvno && (krb5_kvno)ent.entry.kvno != kvno) { hdb_free_entry(context, &ent); ret = KRB5_KT_NOTFOUND; goto out; @@ -268,10 +268,10 @@ hdb_start_seq_get(krb5_context context, const char *dbname = d->dbname; const char *mkey = d->mkey; HDB *db; - + if (dbname == NULL) { /* - * We don't support enumerating without being told what + * We don't support enumerating without being told what * backend to enumerate on */ ret = KRB5_KT_NOTFOUND; @@ -286,7 +286,7 @@ hdb_start_seq_get(krb5_context context, (*db->hdb_destroy)(context, db); return ret; } - + ret = (*db->hdb_open)(context, db, O_RDONLY, 0); if (ret) { (*db->hdb_destroy)(context, db); @@ -314,16 +314,16 @@ static int KRB5_CALLCONV hdb_next_entry(krb5_context context, krb5_keytab id, krb5_keytab_entry *entry, - krb5_kt_cursor *cursor) + krb5_kt_cursor *cursor) { struct hdb_cursor *c = cursor->data; krb5_error_code ret; - + memset(entry, 0, sizeof(*entry)); if (c->first) { c->first = FALSE; - ret = (c->db->hdb_firstkey)(context, c->db, + ret = (c->db->hdb_firstkey)(context, c->db, HDB_F_DECRYPT| HDB_F_GET_CLIENT|HDB_F_GET_SERVER|HDB_F_GET_KRBTGT, &c->hdb_entry); @@ -331,15 +331,15 @@ hdb_next_entry(krb5_context context, return KRB5_KT_END; else if (ret) return ret; - + if (c->hdb_entry.entry.keys.len == 0) hdb_free_entry(context, &c->hdb_entry); else c->next = FALSE; - } - + } + while (c->next) { - ret = (c->db->hdb_nextkey)(context, c->db, + ret = (c->db->hdb_nextkey)(context, c->db, HDB_F_DECRYPT| HDB_F_GET_CLIENT|HDB_F_GET_SERVER|HDB_F_GET_KRBTGT, &c->hdb_entry); @@ -347,21 +347,21 @@ hdb_next_entry(krb5_context context, return KRB5_KT_END; else if (ret) return ret; - + /* If no keys on this entry, try again */ if (c->hdb_entry.entry.keys.len == 0) hdb_free_entry(context, &c->hdb_entry); else c->next = FALSE; } - + /* * Return next enc type (keytabs are one slot per key, while * hdb is one record per principal. */ - - ret = krb5_copy_principal(context, - c->hdb_entry.entry.principal, + + ret = krb5_copy_principal(context, + c->hdb_entry.entry.principal, &entry->principal); if (ret) return ret; @@ -376,13 +376,13 @@ hdb_next_entry(krb5_context context, return ret; } c->key_idx++; - - /* + + /* * Once we get to the end of the list, signal that we want the * next entry */ - - if (c->key_idx == c->hdb_entry.entry.keys.len) { + + if ((size_t)c->key_idx == c->hdb_entry.entry.keys.len) { hdb_free_entry(context, &c->hdb_entry); c->next = TRUE; c->key_idx = 0; diff --git a/source4/heimdal/lib/hdb/mkey.c b/source4/heimdal/lib/hdb/mkey.c index 760eccfd43..9a13d55a51 100644 --- a/source4/heimdal/lib/hdb/mkey.c +++ b/source4/heimdal/lib/hdb/mkey.c @@ -153,7 +153,7 @@ read_master_mit(krb5_context context, const char *filename, krb5_storage *sp; int16_t enctype; krb5_keyblock key; - + fd = open(filename, O_RDONLY | O_BINARY); if(fd < 0) { int save_errno = errno; @@ -200,7 +200,7 @@ read_master_encryptionkey(krb5_context context, const char *filename, unsigned char buf[256]; ssize_t len; size_t ret_len; - + fd = open(filename, O_RDONLY | O_BINARY); if(fd < 0) { int save_errno = errno; @@ -246,7 +246,7 @@ read_master_krb4(krb5_context context, const char *filename, krb5_error_code ret; unsigned char buf[256]; ssize_t len; - + fd = open(filename, O_RDONLY | O_BINARY); if(fd < 0) { int save_errno = errno; @@ -372,7 +372,7 @@ _hdb_find_master_key(uint32_t *mkvno, hdb_master_key mkey) if(mkvno == NULL) { if(ret == NULL || mkey->keytab.vno > ret->keytab.vno) ret = mkey; - } else if(mkey->keytab.vno == *mkvno) + } else if((uint32_t)mkey->keytab.vno == *mkvno) return mkey; mkey = mkey->next; } @@ -406,7 +406,7 @@ _hdb_mkey_encrypt(krb5_context context, hdb_master_key key, krb5_error_code hdb_unseal_key_mkey(krb5_context context, Key *k, hdb_master_key mkey) { - + krb5_error_code ret; krb5_data res; size_t keysize; @@ -415,7 +415,7 @@ hdb_unseal_key_mkey(krb5_context context, Key *k, hdb_master_key mkey) if(k->mkvno == NULL) return 0; - + key = _hdb_find_master_key(k->mkvno, mkey); if (key == NULL) @@ -459,7 +459,7 @@ hdb_unseal_key_mkey(krb5_context context, Key *k, hdb_master_key mkey) krb5_error_code hdb_unseal_keys_mkey(krb5_context context, hdb_entry *ent, hdb_master_key mkey) { - int i; + size_t i; for(i = 0; i < ent->keys.len; i++){ krb5_error_code ret; @@ -519,14 +519,14 @@ hdb_seal_key_mkey(krb5_context context, Key *k, hdb_master_key mkey) return ENOMEM; } *k->mkvno = key->keytab.vno; - + return 0; } krb5_error_code hdb_seal_keys_mkey(krb5_context context, hdb_entry *ent, hdb_master_key mkey) { - int i; + size_t i; for(i = 0; i < ent->keys.len; i++){ krb5_error_code ret; -- cgit