]> git.ipfire.org Git - thirdparty/samba.git/commitdiff
auth: Refactor check_pac_checksum to improve readability
authorVolker Lendecke <vl@samba.org>
Tue, 3 Feb 2026 17:34:44 +0000 (18:34 +0100)
committerAnoop C S <anoopcs@samba.org>
Sun, 15 Feb 2026 10:42:34 +0000 (10:42 +0000)
Use ARRAY_SIZE over terminating array element. Easier to read for me.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Anoop C S <anoopcs@samba.org>
auth/kerberos/kerberos_pac.c

index 321c6cafb379f6f9ef81c5000b92abc76c2d940b..ef1c0fa484ccfd4de060ed43764ebd73a6b26d5b 100644 (file)
@@ -55,10 +55,10 @@ krb5_error_code check_pac_checksum(DATA_BLOB pac_data,
                /* RFC8009 types. Not supported by AD yet but used by FreeIPA and MIT Kerberos */
                {CKSUMTYPE_HMAC_SHA256_128_AES128, ENCTYPE_AES128_CTS_HMAC_SHA256_128},
                {CKSUMTYPE_HMAC_SHA384_192_AES256, ENCTYPE_AES256_CTS_HMAC_SHA384_192},
-               {0, 0},
        };
+       size_t num_supported_types = ARRAY_SIZE(supported_types);
 
-       for(idx = 0; supported_types[idx].cksum_type != 0; idx++) {
+       for (idx = 0; idx < num_supported_types; idx++) {
                if (sig->type == supported_types[idx].cksum_type) {
                        if (KRB5_KEY_TYPE(keyblock) != supported_types[idx].enc_type) {
                                return EINVAL;
@@ -70,7 +70,7 @@ krb5_error_code check_pac_checksum(DATA_BLOB pac_data,
 
        /* do not do key type check for HMAC-MD5 */
        if ((sig->type != CKSUMTYPE_HMAC_MD5) &&
-           (supported_types[idx].cksum_type == 0)) {
+           (idx == num_supported_types)) {
                DEBUG(2,("check_pac_checksum: Checksum Type %d is not supported\n",
                        (int)sig->type));
                return EINVAL;