106 lines
3.4 KiB
Diff
106 lines
3.4 KiB
Diff
|
commit ef8e19af863158e4c1abc15fc710aa8cfad38406
|
||
|
Author: Greg Hudson <ghudson@mit.edu>
|
||
|
Date: Wed Jan 15 12:51:42 2014 -0500
|
||
|
|
||
|
Clean up GSS krb5 acquire_accept_cred
|
||
|
|
||
|
Use a cleanup handler instead of releasing kt in multiple error
|
||
|
clauses. Wrap a long line and fix a comment with a missing word.
|
||
|
Rewrap the function arguments to use fewer lines.
|
||
|
|
||
|
diff --git a/src/lib/gssapi/krb5/acquire_cred.c b/src/lib/gssapi/krb5/acquire_cred.c
|
||
|
index 9547207..37cc6b5 100644
|
||
|
--- a/src/lib/gssapi/krb5/acquire_cred.c
|
||
|
+++ b/src/lib/gssapi/krb5/acquire_cred.c
|
||
|
@@ -179,13 +179,13 @@ cleanup:
|
||
|
*/
|
||
|
|
||
|
static OM_uint32
|
||
|
-acquire_accept_cred(krb5_context context,
|
||
|
- OM_uint32 *minor_status,
|
||
|
- krb5_keytab req_keytab,
|
||
|
- krb5_gss_cred_id_rec *cred)
|
||
|
+acquire_accept_cred(krb5_context context, OM_uint32 *minor_status,
|
||
|
+ krb5_keytab req_keytab, krb5_gss_cred_id_rec *cred)
|
||
|
{
|
||
|
+ OM_uint32 major;
|
||
|
krb5_error_code code;
|
||
|
- krb5_keytab kt;
|
||
|
+ krb5_keytab kt = NULL;
|
||
|
+ krb5_rcache rc = NULL;
|
||
|
|
||
|
assert(cred->keytab == NULL);
|
||
|
|
||
|
@@ -202,46 +202,54 @@ acquire_accept_cred(krb5_context context,
|
||
|
}
|
||
|
}
|
||
|
if (code) {
|
||
|
- *minor_status = code;
|
||
|
- return GSS_S_CRED_UNAVAIL;
|
||
|
+ major = GSS_S_CRED_UNAVAIL;
|
||
|
+ goto cleanup;
|
||
|
}
|
||
|
|
||
|
if (cred->name != NULL) {
|
||
|
- /* Make sure we keys matching the desired name in the keytab. */
|
||
|
+ /* Make sure we have keys matching the desired name in the keytab. */
|
||
|
code = check_keytab(context, kt, cred->name);
|
||
|
if (code) {
|
||
|
- krb5_kt_close(context, kt);
|
||
|
if (code == KRB5_KT_NOTFOUND) {
|
||
|
char *errstr = (char *)krb5_get_error_message(context, code);
|
||
|
- krb5_set_error_message(context, KG_KEYTAB_NOMATCH, "%s", errstr);
|
||
|
+ krb5_set_error_message(context, KG_KEYTAB_NOMATCH, "%s",
|
||
|
+ errstr);
|
||
|
krb5_free_error_message(context, errstr);
|
||
|
- *minor_status = KG_KEYTAB_NOMATCH;
|
||
|
- } else
|
||
|
- *minor_status = code;
|
||
|
- return GSS_S_CRED_UNAVAIL;
|
||
|
+ code = KG_KEYTAB_NOMATCH;
|
||
|
+ }
|
||
|
+ major = GSS_S_CRED_UNAVAIL;
|
||
|
+ goto cleanup;
|
||
|
}
|
||
|
|
||
|
/* Open the replay cache for this principal. */
|
||
|
code = krb5_get_server_rcache(context, &cred->name->princ->data[0],
|
||
|
- &cred->rcache);
|
||
|
+ &rc);
|
||
|
if (code) {
|
||
|
- krb5_kt_close(context, kt);
|
||
|
- *minor_status = code;
|
||
|
- return GSS_S_FAILURE;
|
||
|
+ major = GSS_S_FAILURE;
|
||
|
+ goto cleanup;
|
||
|
}
|
||
|
} else {
|
||
|
/* Make sure we have a keytab with keys in it. */
|
||
|
code = krb5_kt_have_content(context, kt);
|
||
|
if (code) {
|
||
|
- krb5_kt_close(context, kt);
|
||
|
- *minor_status = code;
|
||
|
- return GSS_S_CRED_UNAVAIL;
|
||
|
+ major = GSS_S_CRED_UNAVAIL;
|
||
|
+ goto cleanup;
|
||
|
}
|
||
|
}
|
||
|
|
||
|
cred->keytab = kt;
|
||
|
+ kt = NULL;
|
||
|
+ cred->rcache = rc;
|
||
|
+ rc = NULL;
|
||
|
+ major = GSS_S_COMPLETE;
|
||
|
|
||
|
- return GSS_S_COMPLETE;
|
||
|
+cleanup:
|
||
|
+ if (kt != NULL)
|
||
|
+ krb5_kt_close(context, kt);
|
||
|
+ if (rc != NULL)
|
||
|
+ krb5_rc_close(context, rc);
|
||
|
+ *minor_status = code;
|
||
|
+ return major;
|
||
|
}
|
||
|
#endif /* LEAN_CLIENT */
|
||
|
|