From: Michael Mattioli Date: Thu, 27 Apr 2017 01:34:57 +0000 (-0400) Subject: Modernize coding style of most client programs X-Git-Tag: krb5-1.16-beta1~60 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F651%2Fhead;p=thirdparty%2Fkrb5.git Modernize coding style of most client programs Adjust the style of kcpytkt, kdeltkt, kdestroy, kinit, klist, kpasswd, and kvno to conform to current coding practices. [ghudson@mit.edu: made additional style and naming changes; edited commit message] --- diff --git a/src/clients/kcpytkt/kcpytkt.c b/src/clients/kcpytkt/kcpytkt.c index 47147cdc32..0b8802261e 100644 --- a/src/clients/kcpytkt/kcpytkt.c +++ b/src/clients/kcpytkt/kcpytkt.c @@ -7,26 +7,29 @@ #include "k5-platform.h" static char *prog; +static int quiet = 0; -static void xusage() +static void +xusage() { - fprintf(stderr, "xusage: %s [-c from_ccache] [-e etype] [-f flags] dest_ccache service1 service2 ...\n", prog); + fprintf(stderr, "xusage: %s [-c from_ccache] [-e etype] [-f flags] " + "dest_ccache service1 service2 ...\n", prog); exit(1); } -int quiet = 0; +static void +do_kcpytkt(int argc, char *argv[], char *fromccachestr, char *etypestr, + int flags); -static void do_kcpytkt (int argc, char *argv[], char *fromccachestr, char *etypestr, int flags); - -int main(int argc, char *argv[]) +int +main(int argc, char *argv[]) { int option; - char *etypestr = 0; - char *fromccachestr = 0; + char *etypestr = NULL, *fromccachestr = NULL; int flags = 0; prog = strrchr(argv[0], '/'); - prog = prog ? (prog + 1) : argv[0]; + prog = (prog != NULL) ? prog + 1 : argv[0]; while ((option = getopt(argc, argv, "c:e:f:hq")) != -1) { switch (option) { @@ -49,25 +52,24 @@ int main(int argc, char *argv[]) } } - if ((argc - optind) < 2) + if (argc - optind < 2) xusage(); do_kcpytkt(argc - optind, argv + optind, fromccachestr, etypestr, flags); return 0; } -static void do_kcpytkt (int count, char *names[], - char *fromccachestr, char *etypestr, int flags) +static void +do_kcpytkt(int count, char *names[], const char *fromccachestr, char *etypestr, + int flags) { krb5_context context; krb5_error_code ret; - int i, errors; krb5_enctype etype; - krb5_ccache fromccache; - krb5_ccache destccache; + krb5_ccache fromccache, destccache; krb5_principal me; krb5_creds in_creds, out_creds; - int retflags; + int i, errors, retflags; char *princ; ret = krb5_init_context(&context); @@ -75,8 +77,7 @@ static void do_kcpytkt (int count, char *names[], com_err(prog, ret, "while initializing krb5 library"); exit(1); } - - if (etypestr) { + if (etypestr != NULL) { ret = krb5_string_to_enctype(etypestr, &etype); if (ret) { com_err(prog, ret, "while converting etype"); @@ -88,7 +89,7 @@ static void do_kcpytkt (int count, char *names[], retflags = KRB5_TC_MATCH_SRV_NAMEONLY; } - if (fromccachestr) + if (fromccachestr != NULL) ret = krb5_cc_resolve(context, fromccachestr, &fromccache); else ret = krb5_cc_default(context, &fromccache); @@ -118,9 +119,10 @@ static void do_kcpytkt (int count, char *names[], ret = krb5_parse_name(context, names[i], &in_creds.server); if (ret) { - if (!quiet) + if (!quiet) { fprintf(stderr, "%s: %s while parsing principal name\n", names[i], error_message(ret)); + } errors++; continue; } @@ -140,24 +142,18 @@ static void do_kcpytkt (int count, char *names[], if (ret) { fprintf(stderr, "%s: %s while retrieving credentials\n", princ, error_message(ret)); - krb5_free_unparsed_name(context, princ); - errors++; continue; } ret = krb5_cc_store_cred(context, destccache, &out_creds); - krb5_free_principal(context, in_creds.server); - if (ret) { fprintf(stderr, "%s: %s while removing credentials\n", princ, error_message(ret)); - krb5_free_cred_contents(context, &out_creds); krb5_free_unparsed_name(context, princ); - errors++; continue; } diff --git a/src/clients/kdeltkt/kdeltkt.c b/src/clients/kdeltkt/kdeltkt.c index 9c7a549f97..cd0bf637db 100644 --- a/src/clients/kdeltkt/kdeltkt.c +++ b/src/clients/kdeltkt/kdeltkt.c @@ -7,26 +7,28 @@ #include "k5-platform.h" static char *prog; +static int quiet = 0; -static void xusage() +static void +xusage() { - fprintf(stderr, "xusage: %s [-c ccache] [-e etype] [-f flags] service1 service2 ...\n", prog); + fprintf(stderr, "xusage: %s [-c ccache] [-e etype] [-f flags] service1 " + "service2 ...\n", prog); exit(1); } -int quiet = 0; +static void +do_kdeltkt(int argc, char *argv[], char *ccachestr, char *etypestr, int flags); -static void do_kdeltkt (int argc, char *argv[], char *ccachestr, char *etypestr, int flags); - -int main(int argc, char *argv[]) +int +main(int argc, char *argv[]) { int option; - char *etypestr = 0; - char *ccachestr = 0; + char *etypestr = NULL, *ccachestr = NULL; int flags = 0; prog = strrchr(argv[0], '/'); - prog = prog ? (prog + 1) : argv[0]; + prog = (prog != NULL) ? prog + 1 : argv[0]; while ((option = getopt(argc, argv, "c:e:f:hq")) != -1) { switch (option) { @@ -49,15 +51,16 @@ int main(int argc, char *argv[]) } } - if ((argc - optind) < 1) + if (argc - optind < 1) xusage(); do_kdeltkt(argc - optind, argv + optind, ccachestr, etypestr, flags); return 0; } -static void do_kdeltkt (int count, char *names[], - char *ccachestr, char *etypestr, int flags) +static void +do_kdeltkt(int count, char *names[], const char *ccachestr, char *etypestr, + int flags) { krb5_context context; krb5_error_code ret; @@ -75,7 +78,7 @@ static void do_kdeltkt (int count, char *names[], exit(1); } - if (etypestr) { + if (etypestr != NULL) { ret = krb5_string_to_enctype(etypestr, &etype); if (ret) { com_err(prog, ret, "while converting etype"); @@ -111,9 +114,10 @@ static void do_kdeltkt (int count, char *names[], ret = krb5_parse_name(context, names[i], &in_creds.server); if (ret) { - if (!quiet) + if (!quiet) { fprintf(stderr, "%s: %s while parsing principal name\n", names[i], error_message(ret)); + } errors++; continue; } @@ -133,9 +137,7 @@ static void do_kdeltkt (int count, char *names[], if (ret) { fprintf(stderr, "%s: %s while retrieving credentials\n", princ, error_message(ret)); - krb5_free_unparsed_name(context, princ); - errors++; continue; } @@ -147,14 +149,11 @@ static void do_kdeltkt (int count, char *names[], if (ret) { fprintf(stderr, "%s: %s while removing credentials\n", princ, error_message(ret)); - krb5_free_cred_contents(context, &out_creds); krb5_free_unparsed_name(context, princ); - errors++; continue; } - krb5_free_unparsed_name(context, princ); krb5_free_cred_contents(context, &out_creds); } diff --git a/src/clients/kdestroy/kdestroy.c b/src/clients/kdestroy/kdestroy.c index f95554903e..4d8c6e6f0e 100644 --- a/src/clients/kdestroy/kdestroy.c +++ b/src/clients/kdestroy/kdestroy.c @@ -41,7 +41,7 @@ extern int optind; extern char *optarg; #ifndef _WIN32 -#define GET_PROGNAME(x) (strrchr((x), '/') ? strrchr((x), '/')+1 : (x)) +#define GET_PROGNAME(x) (strrchr((x), '/') ? strrchr((x), '/') + 1 : (x)) #else #define GET_PROGNAME(x) max(max(strrchr((x), '/'), strrchr((x), '\\')) + 1,(x)) #endif @@ -49,10 +49,9 @@ extern char *optarg; char *progname; -static void usage() +static void +usage() { -#define KRB_AVAIL_STRING(x) ((x)?"available":"not available") - fprintf(stderr, _("Usage: %s [-A] [-q] [-c cache_name]\n"), progname); fprintf(stderr, _("\t-A destroy all credential caches in collection\n")); fprintf(stderr, _("\t-q quiet mode\n")); @@ -64,18 +63,18 @@ static void usage() static void print_remaining_cc_warning(krb5_context context) { - krb5_error_code retval; + krb5_error_code ret; krb5_ccache cache; krb5_cccol_cursor cursor; - retval = krb5_cccol_cursor_new(context, &cursor); - if (retval) { - com_err(progname, retval, _("while listing credential caches")); + ret = krb5_cccol_cursor_new(context, &cursor); + if (ret) { + com_err(progname, ret, _("while listing credential caches")); exit(1); } - retval = krb5_cccol_cursor_next(context, cursor, &cache); - if (retval == 0 && cache != NULL) { + ret = krb5_cccol_cursor_next(context, cursor, &cache); + if (ret == 0 && cache != NULL) { fprintf(stderr, _("Other credential caches present, use -A to destroy all\n")); krb5_cc_close(context, cache); @@ -85,20 +84,14 @@ print_remaining_cc_warning(krb5_context context) } int -main(argc, argv) - int argc; - char **argv; +main(int argc, char *argv[]) { - krb5_context kcontext; - krb5_error_code retval; - int c; + krb5_context context; + krb5_error_code ret; krb5_ccache cache = NULL; krb5_cccol_cursor cursor; char *cache_name = NULL; - int code = 0; - int errflg = 0; - int quiet = 0; - int all = 0; + int code = 0, errflg = 0, quiet = 0, all = 0, c; setlocale(LC_ALL, ""); progname = GET_PROGNAME(argv[0]); @@ -135,62 +128,61 @@ main(argc, argv) if (optind != argc) errflg++; - if (errflg) { + if (errflg) usage(); - } - retval = krb5_init_context(&kcontext); - if (retval) { - com_err(progname, retval, _("while initializing krb5")); + ret = krb5_init_context(&context); + if (ret) { + com_err(progname, ret, _("while initializing krb5")); exit(1); } if (all) { - code = krb5_cccol_cursor_new(kcontext, &cursor); + code = krb5_cccol_cursor_new(context, &cursor); if (code) { com_err(progname, code, _("while listing credential caches")); exit(1); } - while ((code = krb5_cccol_cursor_next(kcontext, cursor, - &cache)) == 0 && cache != NULL) { - code = krb5_cc_get_full_name(kcontext, cache, &cache_name); + while (krb5_cccol_cursor_next(context, cursor, &cache) == 0 && + cache != NULL) { + code = krb5_cc_get_full_name(context, cache, &cache_name); if (code) { com_err(progname, code, _("composing ccache name")); exit(1); } - code = krb5_cc_destroy(kcontext, cache); + code = krb5_cc_destroy(context, cache); if (code && code != KRB5_FCC_NOFILE) { com_err(progname, code, _("while destroying cache %s"), cache_name); } - krb5_free_string(kcontext, cache_name); + krb5_free_string(context, cache_name); } - krb5_cccol_cursor_free(kcontext, &cursor); - krb5_free_context(kcontext); + krb5_cccol_cursor_free(context, &cursor); + krb5_free_context(context); return 0; } - if (cache_name) { - code = krb5_cc_resolve (kcontext, cache_name, &cache); + if (cache_name != NULL) { + code = krb5_cc_resolve(context, cache_name, &cache); if (code != 0) { com_err(progname, code, _("while resolving %s"), cache_name); exit(1); } } else { - code = krb5_cc_default(kcontext, &cache); + code = krb5_cc_default(context, &cache); if (code) { com_err(progname, code, _("while getting default ccache")); exit(1); } } - code = krb5_cc_destroy (kcontext, cache); + code = krb5_cc_destroy(context, cache); if (code != 0) { - com_err (progname, code, _("while destroying cache")); + com_err(progname, code, _("while destroying cache")); if (code != KRB5_FCC_NOFILE) { - if (quiet) + if (quiet) { fprintf(stderr, _("Ticket cache NOT destroyed!\n")); - else { + } else { fprintf(stderr, _("Ticket cache %cNOT%c destroyed!\n"), BELL_CHAR, BELL_CHAR); } @@ -199,8 +191,9 @@ main(argc, argv) } if (!quiet && !errflg) - print_remaining_cc_warning(kcontext); + print_remaining_cc_warning(context); + + krb5_free_context(context); - krb5_free_context(kcontext); return errflg; } diff --git a/src/clients/kinit/kinit.c b/src/clients/kinit/kinit.c index 50065e32ee..a518284ea5 100644 --- a/src/clients/kinit/kinit.c +++ b/src/clients/kinit/kinit.c @@ -26,7 +26,7 @@ #include "autoconf.h" #include -#include "k5-platform.h" /* for asprintf and getopt */ +#include "k5-platform.h" /* For asprintf and getopt */ #include #include "extern.h" #include @@ -37,40 +37,41 @@ #include #ifndef _WIN32 -#define GET_PROGNAME(x) (strrchr((x), '/') ? strrchr((x), '/')+1 : (x)) +#define GET_PROGNAME(x) (strrchr((x), '/') ? strrchr((x), '/') + 1 : (x)) #else #define GET_PROGNAME(x) max(max(strrchr((x), '/'), strrchr((x), '\\')) + 1,(x)) #endif #ifdef HAVE_PWD_H #include -static -char * get_name_from_os() +static char * +get_name_from_os() { struct passwd *pw; - if ((pw = getpwuid((int) getuid()))) - return pw->pw_name; - return 0; + + pw = getpwuid(getuid()); + return (pw != NULL) ? pw->pw_name : NULL; } #else /* HAVE_PWD_H */ #ifdef _WIN32 -static -char * get_name_from_os() +static char * +get_name_from_os() { static char name[1024]; DWORD name_size = sizeof(name); + if (GetUserName(name, &name_size)) { - name[sizeof(name)-1] = 0; /* Just to be extra safe */ + name[sizeof(name) - 1] = '\0'; /* Just to be extra safe */ return name; } else { - return 0; + return NULL; } } #else /* _WIN32 */ -static -char * get_name_from_os() +static char * +get_name_from_os() { - return 0; + return NULL; } #endif /* _WIN32 */ #endif /* HAVE_PWD_H */ @@ -81,7 +82,7 @@ typedef enum { INIT_PW, INIT_KT, RENEW, VALIDATE } action_type; struct k_opts { - /* in seconds */ + /* In seconds */ krb5_deltat starttime; krb5_deltat lifetime; krb5_deltat rlife; @@ -99,11 +100,11 @@ struct k_opts int verbose; - char* principal_name; - char* service_name; - char* keytab_name; - char* k5_in_cache_name; - char* k5_out_cache_name; + char *principal_name; + char *service_name; + char *keytab_name; + char *k5_in_cache_name; + char *k5_out_cache_name; char *armor_ccache; action_type action; @@ -121,46 +122,39 @@ struct k5_data krb5_context ctx; krb5_ccache in_cc, out_cc; krb5_principal me; - char* name; + char *name; krb5_boolean switch_to_cache; }; -/* if struct[2] == NULL, then long_getopt acts as if the short flag - struct[3] was specified. If struct[2] != NULL, then struct[3] is - stored in *(struct[2]), the array index which was specified is - stored in *index, and long_getopt() returns 0. */ - +/* + * If struct[2] == NULL, then long_getopt acts as if the short flag struct[3] + * were specified. If struct[2] != NULL, then struct[3] is stored in + * *(struct[2]), the array index which was specified is stored in *index, and + * long_getopt() returns 0. + */ const char *shopts = "r:fpFPn54aAVl:s:c:kit:T:RS:vX:CEI:"; +#define USAGE_BREAK "\n\t" + static void usage() { -#define USAGE_BREAK "\n\t" - -#define USAGE_LONG_FORWARDABLE " | --forwardable | --noforwardable" -#define USAGE_LONG_PROXIABLE " | --proxiable | --noproxiable" -#define USAGE_LONG_ADDRESSES " | --addresses | --noaddresses" -#define USAGE_LONG_CANONICALIZE " | --canonicalize" -#define USAGE_LONG_ENTERPRISE " | --enterprise" -#define USAGE_LONG_REQUESTPAC "--request-pac | --no-request-pac" -#define USAGE_BREAK_LONG USAGE_BREAK - fprintf(stderr, "Usage: %s [-V] " "[-l lifetime] [-s start_time] " USAGE_BREAK "[-r renewable_life] " - "[-f | -F" USAGE_LONG_FORWARDABLE "] " - USAGE_BREAK_LONG - "[-p | -P" USAGE_LONG_PROXIABLE "] " - USAGE_BREAK_LONG + "[-f | -F | --forwardable | --noforwardable] " + USAGE_BREAK + "[-p | -P | --proxiable | --noproxiable] " + USAGE_BREAK "-n " - "[-a | -A" USAGE_LONG_ADDRESSES "] " - USAGE_BREAK_LONG - "[" USAGE_LONG_REQUESTPAC "] " - USAGE_BREAK_LONG - "[-C" USAGE_LONG_CANONICALIZE "] " + "[-a | -A | --addresses | --noaddresses] " USAGE_BREAK - "[-E" USAGE_LONG_ENTERPRISE "] " + "[--request-pac | --no-request-pac] " + USAGE_BREAK + "[-C | --canonicalize] " + USAGE_BREAK + "[-E | --enterprise] " USAGE_BREAK "[-v] [-R] " "[-k [-i|-t keytab_file]] " @@ -199,15 +193,17 @@ usage() } static krb5_context errctx; -static void extended_com_err_fn (const char *myprog, errcode_t code, - const char *fmt, va_list args) +static void +extended_com_err_fn(const char *myprog, errcode_t code, const char *fmt, + va_list args) { const char *emsg; - emsg = krb5_get_error_message (errctx, code); - fprintf (stderr, "%s: %s ", myprog, emsg); - krb5_free_error_message (errctx, emsg); - vfprintf (stderr, fmt, args); - fprintf (stderr, "\n"); + + emsg = krb5_get_error_message(errctx, code); + fprintf(stderr, "%s: %s ", myprog, emsg); + krb5_free_error_message(errctx, emsg); + vfprintf(stderr, fmt, args); + fprintf(stderr, "\n"); } static int @@ -215,18 +211,13 @@ add_preauth_opt(struct k_opts *opts, char *av) { char *sep, *v; krb5_gic_opt_pa_data *p, *x; + size_t newsize = (opts->num_pa_opts + 1) * sizeof(*opts->pa_opts); + + x = realloc(opts->pa_opts, newsize); + if (x == NULL) + return ENOMEM; + opts->pa_opts = x; - if (opts->num_pa_opts == 0) { - opts->pa_opts = malloc(sizeof(krb5_gic_opt_pa_data)); - if (opts->pa_opts == NULL) - return ENOMEM; - } else { - size_t newsize = (opts->num_pa_opts + 1) * sizeof(krb5_gic_opt_pa_data); - x = realloc(opts->pa_opts, newsize); - if (x == NULL) - return ENOMEM; - opts->pa_opts = x; - } p = &opts->pa_opts[opts->num_pa_opts]; sep = strchr(av, '='); if (sep) { @@ -242,10 +233,7 @@ add_preauth_opt(struct k_opts *opts, char *av) } static char * -parse_options(argc, argv, opts) - int argc; - char **argv; - struct k_opts* opts; +parse_options(int argc, char **argv, struct k_opts *opts) { struct option long_options[] = { { "noforwardable", 0, NULL, 'F' }, @@ -260,7 +248,7 @@ parse_options(argc, argv, opts) { "no-request-pac", 0, &opts->not_request_pac, 1 }, { NULL, 0, NULL, 0 } }; - krb5_error_code code; + krb5_error_code ret; int errflg = 0; int i; @@ -271,16 +259,16 @@ parse_options(argc, argv, opts) break; case 'l': /* Lifetime */ - code = krb5_string_to_deltat(optarg, &opts->lifetime); - if (code != 0 || opts->lifetime == 0) { + ret = krb5_string_to_deltat(optarg, &opts->lifetime); + if (ret || opts->lifetime == 0) { fprintf(stderr, _("Bad lifetime value %s\n"), optarg); errflg++; } break; case 'r': /* Renewable Time */ - code = krb5_string_to_deltat(optarg, &opts->rlife); - if (code != 0 || opts->rlife == 0) { + ret = krb5_string_to_deltat(optarg, &opts->rlife); + if (ret || opts->rlife == 0) { fprintf(stderr, _("Bad lifetime value %s\n"), optarg); errflg++; } @@ -307,14 +295,14 @@ parse_options(argc, argv, opts) opts->no_addresses = 1; break; case 's': - code = krb5_string_to_deltat(optarg, &opts->starttime); - if (code != 0 || opts->starttime == 0) { + ret = krb5_string_to_deltat(optarg, &opts->starttime); + if (ret || opts->starttime == 0) { /* Parse as an absolute time; intentionally undocumented * but left for backwards compatibility. */ krb5_timestamp abs_starttime; - code = krb5_string_to_timestamp(optarg, &abs_starttime); - if (code != 0 || abs_starttime == 0) { + ret = krb5_string_to_timestamp(optarg, &abs_starttime); + if (ret || abs_starttime == 0) { fprintf(stderr, _("Bad start time value %s\n"), optarg); errflg++; } else { @@ -332,8 +320,7 @@ parse_options(argc, argv, opts) opts->use_client_keytab = 1; break; case 't': - if (opts->keytab_name) - { + if (opts->keytab_name != NULL) { fprintf(stderr, _("Only one -t option allowed.\n")); errflg++; } else { @@ -341,10 +328,12 @@ parse_options(argc, argv, opts) } break; case 'T': - if (opts->armor_ccache) { + if (opts->armor_ccache != NULL) { fprintf(stderr, _("Only one armor_ccache\n")); errflg++; - } else opts->armor_ccache = optarg; + } else { + opts->armor_ccache = optarg; + } break; case 'R': opts->action = RENEW; @@ -353,8 +342,7 @@ parse_options(argc, argv, opts) opts->action = VALIDATE; break; case 'c': - if (opts->k5_out_cache_name) - { + if (opts->k5_out_cache_name != NULL) { fprintf(stderr, _("Only one -c option allowed\n")); errflg++; } else { @@ -362,7 +350,7 @@ parse_options(argc, argv, opts) } break; case 'I': - if (opts->k5_in_cache_name) { + if (opts->k5_in_cache_name != NULL) { fprintf(stderr, _("Only one -I option allowed\n")); errflg++; } else { @@ -370,10 +358,9 @@ parse_options(argc, argv, opts) } break; case 'X': - code = add_preauth_opt(opts, optarg); - if (code) - { - com_err(progname, code, _("while adding preauth option")); + ret = add_preauth_opt(opts, optarg); + if (ret) { + com_err(progname, ret, _("while adding preauth option")); errflg++; } break; @@ -398,59 +385,49 @@ parse_options(argc, argv, opts) } } - if (opts->forwardable && opts->not_forwardable) - { + if (opts->forwardable && opts->not_forwardable) { fprintf(stderr, _("Only one of -f and -F allowed\n")); errflg++; } - if (opts->proxiable && opts->not_proxiable) - { + if (opts->proxiable && opts->not_proxiable) { fprintf(stderr, _("Only one of -p and -P allowed\n")); errflg++; } - if (opts->request_pac && opts->not_request_pac) - { + if (opts->request_pac && opts->not_request_pac) { fprintf(stderr, _("Only one of --request-pac and --no-request-pac " "allowed\n")); errflg++; } - if (opts->addresses && opts->no_addresses) - { + if (opts->addresses && opts->no_addresses) { fprintf(stderr, _("Only one of -a and -A allowed\n")); errflg++; } - if (opts->keytab_name != NULL && opts->use_client_keytab == 1) - { + if (opts->keytab_name != NULL && opts->use_client_keytab == 1) { fprintf(stderr, _("Only one of -t and -i allowed\n")); errflg++; } if ((opts->keytab_name != NULL || opts->use_client_keytab == 1) && - opts->action != INIT_KT) - { + opts->action != INIT_KT) { opts->action = INIT_KT; fprintf(stderr, _("keytab specified, forcing -k\n")); } - if (argc - optind > 1) { fprintf(stderr, _("Extra arguments (starting with \"%s\").\n"), - argv[optind+1]); + argv[optind + 1]); errflg++; } - if (errflg) { + if (errflg) usage(); - } - opts->principal_name = (optind == argc-1) ? argv[optind] : 0; + opts->principal_name = (optind == argc - 1) ? argv[optind] : 0; return opts->principal_name; } static int -k5_begin(opts, k5) - struct k_opts* opts; - struct k5_data* k5; +k5_begin(struct k_opts *opts, struct k5_data *k5) { - krb5_error_code code = 0; + krb5_error_code ret; int success = 0; int flags = opts->enterprise ? KRB5_PRINCIPAL_PARSE_ENTERPRISE : 0; krb5_ccache defcache = NULL; @@ -459,17 +436,17 @@ k5_begin(opts, k5) const char *deftype = NULL; char *defrealm, *name; - code = krb5_init_context(&k5->ctx); - if (code) { - com_err(progname, code, _("while initializing Kerberos 5 library")); + ret = krb5_init_context(&k5->ctx); + if (ret) { + com_err(progname, ret, _("while initializing Kerberos 5 library")); return 0; } errctx = k5->ctx; if (opts->k5_out_cache_name) { - code = krb5_cc_resolve(k5->ctx, opts->k5_out_cache_name, &k5->out_cc); - if (code != 0) { - com_err(progname, code, _("resolving ccache %s"), + ret = krb5_cc_resolve(k5->ctx, opts->k5_out_cache_name, &k5->out_cc); + if (ret) { + com_err(progname, ret, _("resolving ccache %s"), opts->k5_out_cache_name); goto cleanup; } @@ -480,9 +457,9 @@ k5_begin(opts, k5) } else { /* Resolve the default ccache and get its type and default principal * (if it is initialized). */ - code = krb5_cc_default(k5->ctx, &defcache); - if (code) { - com_err(progname, code, _("while getting default ccache")); + ret = krb5_cc_default(k5->ctx, &defcache); + if (ret) { + com_err(progname, ret, _("while getting default ccache")); goto cleanup; } deftype = krb5_cc_get_type(k5->ctx, defcache); @@ -493,59 +470,58 @@ k5_begin(opts, k5) /* Choose a client principal name. */ if (opts->principal_name != NULL) { /* Use the specified principal name. */ - code = krb5_parse_name_flags(k5->ctx, opts->principal_name, flags, - &k5->me); - if (code) { - com_err(progname, code, _("when parsing name %s"), + ret = krb5_parse_name_flags(k5->ctx, opts->principal_name, flags, + &k5->me); + if (ret) { + com_err(progname, ret, _("when parsing name %s"), opts->principal_name); goto cleanup; } } else if (opts->anonymous) { /* Use the anonymous principal for the local realm. */ - code = krb5_get_default_realm(k5->ctx, &defrealm); - if (code) { - com_err(progname, code, _("while getting default realm")); + ret = krb5_get_default_realm(k5->ctx, &defrealm); + if (ret) { + com_err(progname, ret, _("while getting default realm")); goto cleanup; } - code = krb5_build_principal_ext(k5->ctx, &k5->me, - strlen(defrealm), defrealm, - strlen(KRB5_WELLKNOWN_NAMESTR), - KRB5_WELLKNOWN_NAMESTR, - strlen(KRB5_ANONYMOUS_PRINCSTR), - KRB5_ANONYMOUS_PRINCSTR, - 0); + ret = krb5_build_principal_ext(k5->ctx, &k5->me, + strlen(defrealm), defrealm, + strlen(KRB5_WELLKNOWN_NAMESTR), + KRB5_WELLKNOWN_NAMESTR, + strlen(KRB5_ANONYMOUS_PRINCSTR), + KRB5_ANONYMOUS_PRINCSTR, 0); krb5_free_default_realm(k5->ctx, defrealm); - if (code) { - com_err(progname, code, _("while building principal")); + if (ret) { + com_err(progname, ret, _("while building principal")); goto cleanup; } } else if (opts->action == INIT_KT && opts->use_client_keytab) { /* Use the first entry from the client keytab. */ - code = krb5_kt_client_default(k5->ctx, &keytab); - if (code) { - com_err(progname, code, + ret = krb5_kt_client_default(k5->ctx, &keytab); + if (ret) { + com_err(progname, ret, _("When resolving the default client keytab")); goto cleanup; } - code = k5_kt_get_principal(k5->ctx, keytab, &k5->me); + ret = k5_kt_get_principal(k5->ctx, keytab, &k5->me); krb5_kt_close(k5->ctx, keytab); - if (code) { - com_err(progname, code, + if (ret) { + com_err(progname, ret, _("When determining client principal name from keytab")); goto cleanup; } } else if (opts->action == INIT_KT) { /* Use the default host/service name. */ - code = krb5_sname_to_principal(k5->ctx, NULL, NULL, KRB5_NT_SRV_HST, - &k5->me); - if (code) { - com_err(progname, code, + ret = krb5_sname_to_principal(k5->ctx, NULL, NULL, KRB5_NT_SRV_HST, + &k5->me); + if (ret) { + com_err(progname, ret, _("when creating default server principal name")); goto cleanup; } if (k5->me->realm.data[0] == 0) { - code = krb5_unparse_name(k5->ctx, k5->me, &k5->name); - if (code == 0) { + ret = krb5_unparse_name(k5->ctx, k5->me, &k5->name); + if (ret == 0) { com_err(progname, KRB5_ERR_HOST_REALM_UNKNOWN, _("(principal %s)"), k5->name); } else { @@ -574,23 +550,22 @@ k5_begin(opts, k5) fprintf(stderr, _("Unable to identify user\n")); goto cleanup; } - code = krb5_parse_name_flags(k5->ctx, name, flags, &k5->me); - if (code) { - com_err(progname, code, _("when parsing name %s"), - name); + ret = krb5_parse_name_flags(k5->ctx, name, flags, &k5->me); + if (ret) { + com_err(progname, ret, _("when parsing name %s"), name); goto cleanup; } } if (k5->out_cc == NULL && krb5_cc_support_switch(k5->ctx, deftype)) { /* Use an existing cache for the client principal if we can. */ - code = krb5_cc_cache_match(k5->ctx, k5->me, &k5->out_cc); - if (code != 0 && code != KRB5_CC_NOTFOUND) { - com_err(progname, code, _("while searching for ccache for %s"), + ret = krb5_cc_cache_match(k5->ctx, k5->me, &k5->out_cc); + if (ret && ret != KRB5_CC_NOTFOUND) { + com_err(progname, ret, _("while searching for ccache for %s"), opts->principal_name); goto cleanup; } - if (code == 0) { + if (!ret) { if (opts->verbose) { fprintf(stderr, _("Using existing cache: %s\n"), krb5_cc_get_name(k5->ctx, k5->out_cc)); @@ -599,9 +574,9 @@ k5_begin(opts, k5) } else if (defcache_princ != NULL) { /* Create a new cache to avoid overwriting the initialized default * cache. */ - code = krb5_cc_new_unique(k5->ctx, deftype, NULL, &k5->out_cc); - if (code) { - com_err(progname, code, _("while generating new ccache")); + ret = krb5_cc_new_unique(k5->ctx, deftype, NULL, &k5->out_cc); + if (ret) { + com_err(progname, ret, _("while generating new ccache")); goto cleanup; } if (opts->verbose) { @@ -623,9 +598,9 @@ k5_begin(opts, k5) } if (opts->k5_in_cache_name) { - code = krb5_cc_resolve(k5->ctx, opts->k5_in_cache_name, &k5->in_cc); - if (code != 0) { - com_err(progname, code, _("resolving ccache %s"), + ret = krb5_cc_resolve(k5->ctx, opts->k5_in_cache_name, &k5->in_cc); + if (ret) { + com_err(progname, ret, _("resolving ccache %s"), opts->k5_in_cache_name); goto cleanup; } @@ -635,10 +610,9 @@ k5_begin(opts, k5) } } - - code = krb5_unparse_name(k5->ctx, k5->me, &k5->name); - if (code) { - com_err(progname, code, _("when unparsing name")); + ret = krb5_unparse_name(k5->ctx, k5->me, &k5->name); + if (ret) { + com_err(progname, ret, _("when unparsing name")); goto cleanup; } if (opts->verbose) @@ -656,33 +630,22 @@ cleanup: } static void -k5_end(k5) - struct k5_data* k5; +k5_end(struct k5_data *k5) { - if (k5->name) - krb5_free_unparsed_name(k5->ctx, k5->name); - if (k5->me) - krb5_free_principal(k5->ctx, k5->me); - if (k5->in_cc) + krb5_free_unparsed_name(k5->ctx, k5->name); + krb5_free_principal(k5->ctx, k5->me); + if (k5->in_cc != NULL) krb5_cc_close(k5->ctx, k5->in_cc); - if (k5->out_cc) + if (k5->out_cc != NULL) krb5_cc_close(k5->ctx, k5->out_cc); - if (k5->ctx) - krb5_free_context(k5->ctx); + krb5_free_context(k5->ctx); errctx = NULL; memset(k5, 0, sizeof(*k5)); } -static krb5_error_code -KRB5_CALLCONV -kinit_prompter( - krb5_context ctx, - void *data, - const char *name, - const char *banner, - int num_prompts, - krb5_prompt prompts[] -) +static krb5_error_code KRB5_CALLCONV +kinit_prompter(krb5_context ctx, void *data, const char *name, + const char *banner, int num_prompts, krb5_prompt prompts[]) { krb5_boolean *pwprompt = data; krb5_prompt_type *ptypes; @@ -694,34 +657,27 @@ kinit_prompter( if (ptypes != NULL && ptypes[i] == KRB5_PROMPT_TYPE_PASSWORD) *pwprompt = TRUE; } - return krb5_prompter_posix(ctx, data, name, banner, num_prompts, prompts); } static int -k5_kinit(opts, k5) - struct k_opts* opts; - struct k5_data* k5; +k5_kinit(struct k_opts *opts, struct k5_data *k5) { int notix = 1; krb5_keytab keytab = 0; krb5_creds my_creds; - krb5_error_code code = 0; + krb5_error_code ret; krb5_get_init_creds_opt *options = NULL; krb5_boolean pwprompt = FALSE; + krb5_address **addresses = NULL; int i; memset(&my_creds, 0, sizeof(my_creds)); - code = krb5_get_init_creds_opt_alloc(k5->ctx, &options); - if (code) + ret = krb5_get_init_creds_opt_alloc(k5->ctx, &options); + if (ret) goto cleanup; - /* - From this point on, we can goto cleanup because my_creds is - initialized. - */ - if (opts->lifetime) krb5_get_init_creds_opt_set_tkt_life(options, opts->lifetime); if (opts->rlife) @@ -738,63 +694,61 @@ k5_kinit(opts, k5) krb5_get_init_creds_opt_set_canonicalize(options, 1); if (opts->anonymous) krb5_get_init_creds_opt_set_anonymous(options, 1); - if (opts->addresses) - { - krb5_address **addresses = NULL; - code = krb5_os_localaddr(k5->ctx, &addresses); - if (code != 0) { - com_err(progname, code, _("getting local addresses")); + if (opts->addresses) { + ret = krb5_os_localaddr(k5->ctx, &addresses); + if (ret) { + com_err(progname, ret, _("getting local addresses")); goto cleanup; } krb5_get_init_creds_opt_set_address_list(options, addresses); } if (opts->no_addresses) krb5_get_init_creds_opt_set_address_list(options, NULL); - if (opts->armor_ccache) - krb5_get_init_creds_opt_set_fast_ccache_name(k5->ctx, options, opts->armor_ccache); + if (opts->armor_ccache != NULL) { + krb5_get_init_creds_opt_set_fast_ccache_name(k5->ctx, options, + opts->armor_ccache); + } if (opts->request_pac) krb5_get_init_creds_opt_set_pac_request(k5->ctx, options, TRUE); if (opts->not_request_pac) krb5_get_init_creds_opt_set_pac_request(k5->ctx, options, FALSE); - if ((opts->action == INIT_KT) && opts->keytab_name) - { + if (opts->action == INIT_KT && opts->keytab_name != NULL) { #ifndef _WIN32 if (strncmp(opts->keytab_name, "KDB:", 4) == 0) { - code = kinit_kdb_init(&k5->ctx, - krb5_princ_realm(k5->ctx, k5->me)->data); - if (code != 0) { - com_err(progname, code, + ret = kinit_kdb_init(&k5->ctx, k5->me->realm.data); + if (ret) { + com_err(progname, ret, _("while setting up KDB keytab for realm %s"), - krb5_princ_realm(k5->ctx, k5->me)->data); + k5->me->realm.data); goto cleanup; } } #endif - code = krb5_kt_resolve(k5->ctx, opts->keytab_name, &keytab); - if (code != 0) { - com_err(progname, code, _("resolving keytab %s"), + ret = krb5_kt_resolve(k5->ctx, opts->keytab_name, &keytab); + if (ret) { + com_err(progname, ret, _("resolving keytab %s"), opts->keytab_name); goto cleanup; } if (opts->verbose) fprintf(stderr, _("Using keytab: %s\n"), opts->keytab_name); } else if (opts->action == INIT_KT && opts->use_client_keytab) { - code = krb5_kt_client_default(k5->ctx, &keytab); - if (code != 0) { - com_err(progname, code, _("resolving default client keytab")); + ret = krb5_kt_client_default(k5->ctx, &keytab); + if (ret) { + com_err(progname, ret, _("resolving default client keytab")); goto cleanup; } } for (i = 0; i < opts->num_pa_opts; i++) { - code = krb5_get_init_creds_opt_set_pa(k5->ctx, options, - opts->pa_opts[i].attr, - opts->pa_opts[i].value); - if (code != 0) { - com_err(progname, code, _("while setting '%s'='%s'"), + ret = krb5_get_init_creds_opt_set_pa(k5->ctx, options, + opts->pa_opts[i].attr, + opts->pa_opts[i].value); + if (ret) { + com_err(progname, ret, _("while setting '%s'='%s'"), opts->pa_opts[i].attr, opts->pa_opts[i].value); goto cleanup; } @@ -804,43 +758,39 @@ k5_kinit(opts, k5) } } if (k5->in_cc) { - code = krb5_get_init_creds_opt_set_in_ccache(k5->ctx, options, - k5->in_cc); - if (code) + ret = krb5_get_init_creds_opt_set_in_ccache(k5->ctx, options, + k5->in_cc); + if (ret) goto cleanup; } - code = krb5_get_init_creds_opt_set_out_ccache(k5->ctx, options, - k5->out_cc); - if (code) + ret = krb5_get_init_creds_opt_set_out_ccache(k5->ctx, options, k5->out_cc); + if (ret) goto cleanup; switch (opts->action) { case INIT_PW: - code = krb5_get_init_creds_password(k5->ctx, &my_creds, k5->me, - 0, kinit_prompter, &pwprompt, - opts->starttime, - opts->service_name, - options); + ret = krb5_get_init_creds_password(k5->ctx, &my_creds, k5->me, 0, + kinit_prompter, &pwprompt, + opts->starttime, opts->service_name, + options); break; case INIT_KT: - code = krb5_get_init_creds_keytab(k5->ctx, &my_creds, k5->me, - keytab, - opts->starttime, - opts->service_name, - options); + ret = krb5_get_init_creds_keytab(k5->ctx, &my_creds, k5->me, keytab, + opts->starttime, opts->service_name, + options); break; case VALIDATE: - code = krb5_get_validated_creds(k5->ctx, &my_creds, k5->me, k5->out_cc, - opts->service_name); + ret = krb5_get_validated_creds(k5->ctx, &my_creds, k5->me, k5->out_cc, + opts->service_name); break; case RENEW: - code = krb5_get_renewed_creds(k5->ctx, &my_creds, k5->me, k5->out_cc, - opts->service_name); + ret = krb5_get_renewed_creds(k5->ctx, &my_creds, k5->me, k5->out_cc, + opts->service_name); break; } - if (code) { - char *doing = 0; + if (ret) { + char *doing = NULL; switch (opts->action) { case INIT_PW: case INIT_KT: @@ -856,41 +806,40 @@ k5_kinit(opts, k5) /* If reply decryption failed, or if pre-authentication failed and we * were prompted for a password, assume the password was wrong. */ - if (code == KRB5KRB_AP_ERR_BAD_INTEGRITY || - (pwprompt && code == KRB5KDC_ERR_PREAUTH_FAILED)) { + if (ret == KRB5KRB_AP_ERR_BAD_INTEGRITY || + (pwprompt && ret == KRB5KDC_ERR_PREAUTH_FAILED)) { fprintf(stderr, _("%s: Password incorrect while %s\n"), progname, doing); } else { - com_err(progname, code, _("while %s"), doing); + com_err(progname, ret, _("while %s"), doing); } goto cleanup; } - if ((opts->action != INIT_PW) && (opts->action != INIT_KT)) { - code = krb5_cc_initialize(k5->ctx, k5->out_cc, opts->canonicalize ? - my_creds.client : k5->me); - if (code) { - com_err(progname, code, _("when initializing cache %s"), - opts->k5_out_cache_name?opts->k5_out_cache_name:""); + if (opts->action != INIT_PW && opts->action != INIT_KT) { + ret = krb5_cc_initialize(k5->ctx, k5->out_cc, opts->canonicalize ? + my_creds.client : k5->me); + if (ret) { + com_err(progname, ret, _("when initializing cache %s"), + opts->k5_out_cache_name ? opts->k5_out_cache_name : ""); goto cleanup; } if (opts->verbose) fprintf(stderr, _("Initialized cache\n")); - code = krb5_cc_store_cred(k5->ctx, k5->out_cc, &my_creds); - if (code) { - com_err(progname, code, _("while storing credentials")); + ret = krb5_cc_store_cred(k5->ctx, k5->out_cc, &my_creds); + if (ret) { + com_err(progname, ret, _("while storing credentials")); goto cleanup; } if (opts->verbose) fprintf(stderr, _("Stored credentials\n")); } notix = 0; - if (k5->switch_to_cache) { - code = krb5_cc_switch(k5->ctx, k5->out_cc); - if (code) { - com_err(progname, code, _("while switching to new ccache")); + ret = krb5_cc_switch(k5->ctx, k5->out_cc); + if (ret) { + com_err(progname, ret, _("while switching to new ccache")); goto cleanup; } } @@ -901,24 +850,21 @@ cleanup: #endif if (options) krb5_get_init_creds_opt_free(k5->ctx, options); - if (my_creds.client == k5->me) { + if (my_creds.client == k5->me) my_creds.client = 0; - } if (opts->pa_opts) { free(opts->pa_opts); opts->pa_opts = NULL; opts->num_pa_opts = 0; } krb5_free_cred_contents(k5->ctx, &my_creds); - if (keytab) + if (keytab != NULL) krb5_kt_close(k5->ctx, keytab); - return notix?0:1; + return notix ? 0 : 1; } int -main(argc, argv) - int argc; - char **argv; +main(int argc, char *argv[]) { struct k_opts opts; struct k5_data k5; @@ -928,11 +874,11 @@ main(argc, argv) progname = GET_PROGNAME(argv[0]); /* Ensure we can be driven from a pipe */ - if(!isatty(fileno(stdin))) + if (!isatty(fileno(stdin))) setvbuf(stdin, 0, _IONBF, 0); - if(!isatty(fileno(stdout))) + if (!isatty(fileno(stdout))) setvbuf(stdout, 0, _IONBF, 0); - if(!isatty(fileno(stderr))) + if (!isatty(fileno(stderr))) setvbuf(stderr, 0, _IONBF, 0); memset(&opts, 0, sizeof(opts)); @@ -940,7 +886,7 @@ main(argc, argv) memset(&k5, 0, sizeof(k5)); - set_com_err_hook (extended_com_err_fn); + set_com_err_hook(extended_com_err_fn); parse_options(argc, argv, &opts); diff --git a/src/clients/kinit/kinit_kdb.c b/src/clients/kinit/kinit_kdb.c index 47baf9010a..fbd174bf0c 100644 --- a/src/clients/kinit/kinit_kdb.c +++ b/src/clients/kinit/kinit_kdb.c @@ -36,38 +36,36 @@ #include #include "extern.h" -/** Server handle */ +/* Server handle */ static void *server_handle; -/** - * @internal Initialize KDB for given realm - * @param context pointer to context that will be re-initialized - * @@param realm name of realm to initialize - */ +/* Free and reinitialize *pcontext with the KDB opened to the given realm, so + * that it can be used with the KDB keytab type. */ krb5_error_code kinit_kdb_init(krb5_context *pcontext, char *realm) { kadm5_config_params config; - krb5_error_code retval = 0; + krb5_error_code ret; if (*pcontext) { krb5_free_context(*pcontext); *pcontext = NULL; } memset(&config, 0, sizeof config); - retval = kadm5_init_krb5_context(pcontext); - if (retval) - return retval; + + ret = kadm5_init_krb5_context(pcontext); + if (ret) + return ret; + config.mask = KADM5_CONFIG_REALM; config.realm = realm; - retval = kadm5_init(*pcontext, "kinit", NULL /*pass*/, - "kinit", &config, - KADM5_STRUCT_VERSION, KADM5_API_VERSION_4, NULL, - &server_handle); - if (retval) - return retval; - retval = krb5_db_register_keytab(*pcontext); - return retval; + ret = kadm5_init(*pcontext, "kinit", NULL, "kinit", &config, + KADM5_STRUCT_VERSION, KADM5_API_VERSION_4, NULL, + &server_handle); + if (ret) + return ret; + + return krb5_db_register_keytab(*pcontext); } void diff --git a/src/clients/klist/klist.c b/src/clients/klist/klist.c index 4334415be9..4763bd3f70 100644 --- a/src/clients/klist/klist.c +++ b/src/clients/klist/klist.c @@ -32,13 +32,14 @@ #include #include #include + /* Need definition of INET6 before network headers, for IRIX. */ #if defined(HAVE_ARPA_INET_H) #include #endif #ifndef _WIN32 -#define GET_PROGNAME(x) (strrchr((x), '/') ? strrchr((x), '/')+1 : (x)) +#define GET_PROGNAME(x) (strrchr((x), '/') ? strrchr((x), '/') + 1 : (x)) #else #define GET_PROGNAME(x) max(max(strrchr((x), '/'), strrchr((x), '\\')) + 1,(x)) #endif @@ -59,31 +60,30 @@ char *progname; krb5_timestamp now; unsigned int timestamp_width; -krb5_context kcontext; +krb5_context context; -krb5_boolean is_local_tgt (krb5_principal princ, krb5_data *realm); -char * etype_string (krb5_enctype ); -void show_credential (krb5_creds *); +static krb5_boolean is_local_tgt(krb5_principal princ, krb5_data *realm); +static char *etype_string(krb5_enctype ); +static void show_credential(krb5_creds *); -void list_all_ccaches (void); -int list_ccache (krb5_ccache); -void show_all_ccaches (void); -void do_ccache_name (char *); -int show_ccache (krb5_ccache); -int check_ccache (krb5_ccache); -void do_keytab (char *); -void printtime (krb5_timestamp); -void one_addr (krb5_address *); -void fillit (FILE *, unsigned int, int); +static void list_all_ccaches(void); +static int list_ccache(krb5_ccache); +static void show_all_ccaches(void); +static void do_ccache_name(char *); +static int show_ccache(krb5_ccache); +static int check_ccache(krb5_ccache); +static void do_keytab(const char *); +static void printtime(krb5_timestamp); +static void one_addr(krb5_address *); +static void fillit(FILE *, unsigned int, int); #define DEFAULT 0 #define CCACHE 1 #define KEYTAB 2 -static void usage() +static void +usage() { -#define KRB_AVAIL_STRING(x) ((x)?"available":"not available") - fprintf(stderr, _("Usage: %s [-e] [-V] [[-c] [-l] [-A] [-d] [-f] [-s] " "[-a [-n]]] [-k [-t] [-K]] [name]\n"), progname); fprintf(stderr, _("\t-c specifies credentials cache\n")); @@ -114,21 +114,19 @@ extended_com_err_fn(const char *prog, errcode_t code, const char *fmt, { const char *msg; - msg = krb5_get_error_message(kcontext, code); + msg = krb5_get_error_message(context, code); fprintf(stderr, "%s: %s%s", prog, msg, (*fmt == '\0') ? "" : " "); - krb5_free_error_message(kcontext, msg); + krb5_free_error_message(context, msg); vfprintf(stderr, fmt, args); fprintf(stderr, "\n"); } int -main(argc, argv) - int argc; - char **argv; +main(int argc, char *argv[]) { - int c; - char *name; - int mode; + krb5_error_code ret; + char *name, tmp[BUFSIZ]; + int c, mode; setlocale(LC_ALL, ""); progname = GET_PROGNAME(argv[0]); @@ -136,7 +134,7 @@ main(argc, argv) name = NULL; mode = DEFAULT; - /* V=version so v can be used for verbose later if desired. */ + /* V = version so v can be used for verbose later if desired. */ while ((c = getopt(argc, argv, "dfetKsnacki45lAVC")) != -1) { switch (c) { case 'd': @@ -164,11 +162,13 @@ main(argc, argv) show_addresses = 1; break; case 'c': - if (mode != DEFAULT) usage(); + if (mode != DEFAULT) + usage(); mode = CCACHE; break; case 'k': - if (mode != DEFAULT) usage(); + if (mode != DEFAULT) + usage(); mode = KEYTAB; break; case 'i': @@ -198,9 +198,8 @@ main(argc, argv) } } - if (no_resolve && !show_addresses) { + if (no_resolve && !show_addresses) usage(); - } if (mode == DEFAULT || mode == CCACHE) { if (show_time || show_keys) @@ -215,7 +214,7 @@ main(argc, argv) if (argc - optind > 1) { fprintf(stderr, _("Extra arguments (starting with \"%s\").\n"), - argv[optind+1]); + argv[optind + 1]); usage(); } @@ -228,77 +227,74 @@ main(argc, argv) exit(0); } - name = (optind == argc-1) ? argv[optind] : 0; - + name = (optind == argc - 1) ? argv[optind] : NULL; now = time(0); - { - char tmp[BUFSIZ]; - if (!krb5_timestamp_to_sfstring(now, tmp, 20, (char *) NULL) || - !krb5_timestamp_to_sfstring(now, tmp, sizeof(tmp), - (char *) NULL)) - timestamp_width = (int) strlen(tmp); - else - timestamp_width = 15; - } - - { - krb5_error_code retval; - retval = krb5_init_context(&kcontext); - if (retval) { - com_err(progname, retval, _("while initializing krb5")); - exit(1); - } + if (!krb5_timestamp_to_sfstring(now, tmp, 20, NULL) || + !krb5_timestamp_to_sfstring(now, tmp, sizeof(tmp), NULL)) + timestamp_width = (int)strlen(tmp); + else + timestamp_width = 15; - if (list_all) - list_all_ccaches(); - else if (show_all) - show_all_ccaches(); - else if (mode == DEFAULT || mode == CCACHE) - do_ccache_name(name); - else - do_keytab(name); + ret = krb5_init_context(&context); + if (ret) { + com_err(progname, ret, _("while initializing krb5")); + exit(1); } + if (list_all) + list_all_ccaches(); + else if (show_all) + show_all_ccaches(); + else if (mode == DEFAULT || mode == CCACHE) + do_ccache_name(name); + else + do_keytab(name); return 0; } -void do_keytab(name) - char *name; +static void +do_keytab(const char *name) { + krb5_error_code ret; krb5_keytab kt; krb5_keytab_entry entry; krb5_kt_cursor cursor; - char buf[BUFSIZ]; /* hopefully large enough for any type */ + unsigned int i; + char buf[BUFSIZ]; /* Hopefully large enough for any type */ char *pname; - int code; if (name == NULL && use_client_keytab) { - if ((code = krb5_kt_client_default(kcontext, &kt))) { - com_err(progname, code, _("while getting default client keytab")); + ret = krb5_kt_client_default(context, &kt); + if (ret) { + com_err(progname, ret, _("while getting default client keytab")); exit(1); } } else if (name == NULL) { - if ((code = krb5_kt_default(kcontext, &kt))) { - com_err(progname, code, _("while getting default keytab")); + ret = krb5_kt_default(context, &kt); + if (ret) { + com_err(progname, ret, _("while getting default keytab")); exit(1); } } else { - if ((code = krb5_kt_resolve(kcontext, name, &kt))) { - com_err(progname, code, _("while resolving keytab %s"), name); + ret = krb5_kt_resolve(context, name, &kt); + if (ret) { + com_err(progname, ret, _("while resolving keytab %s"), name); exit(1); } } - if ((code = krb5_kt_get_name(kcontext, kt, buf, BUFSIZ))) { - com_err(progname, code, _("while getting keytab name")); + ret = krb5_kt_get_name(context, kt, buf, BUFSIZ); + if (ret) { + com_err(progname, ret, _("while getting keytab name")); exit(1); } printf("Keytab name: %s\n", buf); - if ((code = krb5_kt_start_seq_get(kcontext, kt, &cursor))) { - com_err(progname, code, _("while starting keytab scan")); + ret = krb5_kt_start_seq_get(context, kt, &cursor); + if (ret) { + com_err(progname, ret, _("while starting keytab scan")); exit(1); } @@ -314,12 +310,14 @@ void do_keytab(name) printf("\n"); } else { printf("KVNO Principal\n"); - printf("---- --------------------------------------------------------------------------\n"); + printf("---- ------------------------------------------------" + "--------------------------\n"); } - while ((code = krb5_kt_next_entry(kcontext, kt, &entry, &cursor)) == 0) { - if ((code = krb5_unparse_name(kcontext, entry.principal, &pname))) { - com_err(progname, code, _("while unparsing principal name")); + while ((ret = krb5_kt_next_entry(context, kt, &entry, &cursor)) == 0) { + ret = krb5_unparse_name(context, entry.principal, &pname); + if (ret) { + com_err(progname, ret, _("while unparsing principal name")); exit(1); } printf("%4d ", entry.vno); @@ -332,40 +330,38 @@ void do_keytab(name) printf(" (%s) " , etype_string(entry.key.enctype)); if (show_keys) { printf(" (0x"); - { - unsigned int i; - for (i = 0; i < entry.key.length; i++) - printf("%02x", entry.key.contents[i]); - } + for (i = 0; i < entry.key.length; i++) + printf("%02x", entry.key.contents[i]); printf(")"); } printf("\n"); - krb5_free_unparsed_name(kcontext, pname); - krb5_free_keytab_entry_contents(kcontext, &entry); + krb5_free_unparsed_name(context, pname); + krb5_free_keytab_entry_contents(context, &entry); } - if (code && code != KRB5_KT_END) { - com_err(progname, code, _("while scanning keytab")); + if (ret && ret != KRB5_KT_END) { + com_err(progname, ret, _("while scanning keytab")); exit(1); } - if ((code = krb5_kt_end_seq_get(kcontext, kt, &cursor))) { - com_err(progname, code, _("while ending keytab scan")); + ret = krb5_kt_end_seq_get(context, kt, &cursor); + if (ret) { + com_err(progname, ret, _("while ending keytab scan")); exit(1); } exit(0); } -void -list_all_ccaches(void) +static void +list_all_ccaches() { - krb5_error_code code; + krb5_error_code ret; krb5_ccache cache; krb5_cccol_cursor cursor; int exit_status; - code = krb5_cccol_cursor_new(kcontext, &cursor); - if (code) { + ret = krb5_cccol_cursor_new(context, &cursor); + if (ret) { if (!status_only) - com_err(progname, code, _("while listing ccache collection")); + com_err(progname, ret, _("while listing ccache collection")); exit(1); } @@ -373,31 +369,31 @@ list_all_ccaches(void) printf("%-30s %s\n", "Principal name", "Cache name"); printf("%-30s %s\n", "--------------", "----------"); exit_status = 1; - while (!(code = krb5_cccol_cursor_next(kcontext, cursor, &cache)) && + while ((ret = krb5_cccol_cursor_next(context, cursor, &cache)) == 0 && cache != NULL) { exit_status = list_ccache(cache) && exit_status; - krb5_cc_close(kcontext, cache); + krb5_cc_close(context, cache); } - krb5_cccol_cursor_free(kcontext, &cursor); + krb5_cccol_cursor_free(context, &cursor); exit(exit_status); } -int +static int list_ccache(krb5_ccache cache) { - krb5_error_code code; + krb5_error_code ret; krb5_principal princ = NULL; char *princname = NULL, *ccname = NULL; int expired, status = 1; - code = krb5_cc_get_principal(kcontext, cache, &princ); - if (code) /* Uninitialized cache file, probably. */ + ret = krb5_cc_get_principal(context, cache, &princ); + if (ret) /* Uninitialized cache file, probably. */ goto cleanup; - code = krb5_unparse_name(kcontext, princ, &princname); - if (code) + ret = krb5_unparse_name(context, princ, &princname); + if (ret) goto cleanup; - code = krb5_cc_get_full_name(kcontext, cache, &ccname); - if (code) + ret = krb5_cc_get_full_name(context, cache, &ccname); + if (ret) goto cleanup; expired = check_ccache(cache); @@ -408,60 +404,62 @@ list_ccache(krb5_ccache cache) printf("\n"); status = 0; + cleanup: - krb5_free_principal(kcontext, princ); - krb5_free_unparsed_name(kcontext, princname); - krb5_free_string(kcontext, ccname); + krb5_free_principal(context, princ); + krb5_free_unparsed_name(context, princname); + krb5_free_string(context, ccname); return status; } -void +static void show_all_ccaches(void) { - krb5_error_code code; + krb5_error_code ret; krb5_ccache cache; krb5_cccol_cursor cursor; krb5_boolean first; int exit_status, st; - code = krb5_cccol_cursor_new(kcontext, &cursor); - if (code) { + ret = krb5_cccol_cursor_new(context, &cursor); + if (ret) { if (!status_only) - com_err(progname, code, _("while listing ccache collection")); + com_err(progname, ret, _("while listing ccache collection")); exit(1); } exit_status = 1; first = TRUE; - while (!(code = krb5_cccol_cursor_next(kcontext, cursor, &cache)) && + while ((ret = krb5_cccol_cursor_next(context, cursor, &cache)) == 0 && cache != NULL) { if (!status_only && !first) printf("\n"); first = FALSE; st = status_only ? check_ccache(cache) : show_ccache(cache); exit_status = st && exit_status; - krb5_cc_close(kcontext, cache); + krb5_cc_close(context, cache); } - krb5_cccol_cursor_free(kcontext, &cursor); + krb5_cccol_cursor_free(context, &cursor); exit(exit_status); } -void +static void do_ccache_name(char *name) { - krb5_error_code code; + krb5_error_code ret; krb5_ccache cache; if (name == NULL) { - if ((code = krb5_cc_default(kcontext, &cache))) { + ret = krb5_cc_default(context, &cache); + if (ret) { if (!status_only) - com_err(progname, code, _("while getting default ccache")); + com_err(progname, ret, _("while getting default ccache")); exit(1); } } else { - if ((code = krb5_cc_resolve(kcontext, name, &cache))) { + ret = krb5_cc_resolve(context, name, &cache); + if (ret) { if (!status_only) - com_err(progname, code, _("while resolving ccache %s"), - name); + com_err(progname, ret, _("while resolving ccache %s"), name); exit(1); } } @@ -469,26 +467,28 @@ do_ccache_name(char *name) } /* Display the contents of cache. */ -int +static int show_ccache(krb5_ccache cache) { krb5_cc_cursor cur; krb5_creds creds; krb5_principal princ; - krb5_error_code code; + krb5_error_code ret; - if ((code = krb5_cc_get_principal(kcontext, cache, &princ))) { - com_err(progname, code, ""); + ret = krb5_cc_get_principal(context, cache, &princ); + if (ret) { + com_err(progname, ret, ""); return 1; } - if ((code = krb5_unparse_name(kcontext, princ, &defname))) { - com_err(progname, code, _("while unparsing principal name")); + ret = krb5_unparse_name(context, princ, &defname); + if (ret) { + com_err(progname, ret, _("while unparsing principal name")); return 1; } printf(_("Ticket cache: %s:%s\nDefault principal: %s\n\n"), - krb5_cc_get_type(kcontext, cache), - krb5_cc_get_name(kcontext, cache), defname); + krb5_cc_get_type(context, cache), krb5_cc_get_name(context, cache), + defname); /* XXX Translating would disturb table alignment; skip for now. */ fputs("Valid starting", stdout); fillit(stdout, timestamp_width - sizeof("Valid starting") + 3, (int) ' '); @@ -496,32 +496,34 @@ show_ccache(krb5_ccache cache) fillit(stdout, timestamp_width - sizeof("Expires") + 3, (int) ' '); fputs("Service principal\n", stdout); - if ((code = krb5_cc_start_seq_get(kcontext, cache, &cur))) { - com_err(progname, code, _("while starting to retrieve tickets")); + ret = krb5_cc_start_seq_get(context, cache, &cur); + if (ret) { + com_err(progname, ret, _("while starting to retrieve tickets")); return 1; } - while (!(code = krb5_cc_next_cred(kcontext, cache, &cur, &creds))) { - if (show_config || !krb5_is_config_principal(kcontext, creds.server)) + while ((ret = krb5_cc_next_cred(context, cache, &cur, &creds)) == 0) { + if (show_config || !krb5_is_config_principal(context, creds.server)) show_credential(&creds); - krb5_free_cred_contents(kcontext, &creds); + krb5_free_cred_contents(context, &creds); } - krb5_free_principal(kcontext, princ); - krb5_free_unparsed_name(kcontext, defname); + krb5_free_principal(context, princ); + krb5_free_unparsed_name(context, defname); defname = NULL; - if (code == KRB5_CC_END) { - if ((code = krb5_cc_end_seq_get(kcontext, cache, &cur))) { - com_err(progname, code, _("while finishing ticket retrieval")); + if (ret == KRB5_CC_END) { + ret = krb5_cc_end_seq_get(context, cache, &cur); + if (ret) { + com_err(progname, ret, _("while finishing ticket retrieval")); return 1; } return 0; } else { - com_err(progname, code, _("while retrieving a ticket")); + com_err(progname, ret, _("while retrieving a ticket")); return 1; } } /* Return 0 if cache is accessible, present, and unexpired; return 1 if not. */ -int +static int check_ccache(krb5_ccache cache) { krb5_error_code ret; @@ -530,26 +532,26 @@ check_ccache(krb5_ccache cache) krb5_principal princ; krb5_boolean found_tgt, found_current_tgt, found_current_cred; - if (krb5_cc_get_principal(kcontext, cache, &princ) != 0) + if (krb5_cc_get_principal(context, cache, &princ) != 0) return 1; - if (krb5_cc_start_seq_get(kcontext, cache, &cur) != 0) + if (krb5_cc_start_seq_get(context, cache, &cur) != 0) return 1; found_tgt = found_current_tgt = found_current_cred = FALSE; - while (!(ret = krb5_cc_next_cred(kcontext, cache, &cur, &creds))) { + while ((ret = krb5_cc_next_cred(context, cache, &cur, &creds)) == 0) { if (is_local_tgt(creds.server, &princ->realm)) { found_tgt = TRUE; if (ts_after(creds.times.endtime, now)) found_current_tgt = TRUE; - } else if (!krb5_is_config_principal(kcontext, creds.server) && + } else if (!krb5_is_config_principal(context, creds.server) && ts_after(creds.times.endtime, now)) { found_current_cred = TRUE; } - krb5_free_cred_contents(kcontext, &creds); + krb5_free_cred_contents(context, &creds); } - krb5_free_principal(kcontext, princ); + krb5_free_principal(context, princ); if (ret != KRB5_CC_END) return 1; - if (krb5_cc_end_seq_get(kcontext, cache, &cur) != 0) + if (krb5_cc_end_seq_get(context, cache, &cur) != 0) return 1; /* If the cache contains at least one local TGT, require that it be @@ -560,7 +562,7 @@ check_ccache(krb5_ccache cache) } /* Return true if princ is the local krbtgt principal for local_realm. */ -krb5_boolean +static krb5_boolean is_local_tgt(krb5_principal princ, krb5_data *realm) { return princ->length == 2 && data_eq(princ->realm, *realm) && @@ -568,24 +570,20 @@ is_local_tgt(krb5_principal princ, krb5_data *realm) data_eq(princ->data[1], *realm); } -char * -etype_string(enctype) - krb5_enctype enctype; +static char * +etype_string(krb5_enctype enctype) { static char buf[100]; - krb5_error_code retval; + krb5_error_code ret; - if ((retval = krb5_enctype_to_name(enctype, FALSE, buf, sizeof(buf)))) { - /* XXX if there's an error != EINVAL, I should probably report it */ + ret = krb5_enctype_to_name(enctype, FALSE, buf, sizeof(buf)); + if (ret) snprintf(buf, sizeof(buf), "etype %d", enctype); - } - return buf; } static char * -flags_string(cred) - register krb5_creds *cred; +flags_string(krb5_creds *cred) { static char buf[32]; int i = 0; @@ -615,14 +613,14 @@ flags_string(cred) if (cred->ticket_flags & TKT_FLG_TRANSIT_POLICY_CHECKED) buf[i++] = 'T'; if (cred->ticket_flags & TKT_FLG_OK_AS_DELEGATE) - buf[i++] = 'O'; /* D/d are taken. Use short strings? */ + buf[i++] = 'O'; /* D/d are taken. Use short strings? */ if (cred->ticket_flags & TKT_FLG_ANONYMOUS) buf[i++] = 'a'; buf[i] = '\0'; - return(buf); + return buf; } -void +static void printtime(krb5_timestamp ts) { char timestring[BUFSIZ], fill = ' '; @@ -657,35 +655,35 @@ print_config_data(int col, krb5_data *data) putchar('\n'); } -void -show_credential(cred) - register krb5_creds * cred; +static void +show_credential(krb5_creds *cred) { - krb5_error_code retval; + krb5_error_code ret; krb5_ticket *tkt; char *name, *sname, *flags; int extra_field = 0, ccol = 0, i; - retval = krb5_unparse_name(kcontext, cred->client, &name); - if (retval) { - com_err(progname, retval, _("while unparsing client name")); + ret = krb5_unparse_name(context, cred->client, &name); + if (ret) { + com_err(progname, ret, _("while unparsing client name")); return; } - retval = krb5_unparse_name(kcontext, cred->server, &sname); - if (retval) { - com_err(progname, retval, _("while unparsing server name")); - krb5_free_unparsed_name(kcontext, name); + ret = krb5_unparse_name(context, cred->server, &sname); + if (ret) { + com_err(progname, ret, _("while unparsing server name")); + krb5_free_unparsed_name(context, name); return; } if (!cred->times.starttime) cred->times.starttime = cred->times.authtime; - if (!krb5_is_config_principal(kcontext, cred->server)) { + if (!krb5_is_config_principal(context, cred->server)) { printtime(cred->times.starttime); - putchar(' '); putchar(' '); + putchar(' '); + putchar(' '); printtime(cred->times.endtime); - putchar(' '); putchar(' '); - + putchar(' '); + putchar(' '); printf("%s\n", sname); } else { fputs("config: ", stdout); @@ -706,7 +704,7 @@ show_credential(cred) extra_field++; } - if (krb5_is_config_principal(kcontext, cred->server)) + if (krb5_is_config_principal(context, cred->server)) print_config_data(ccol, &cred->ticket); if (cred->times.renew_till) { @@ -742,8 +740,8 @@ show_credential(cred) } if (show_etype) { - retval = krb5_decode_ticket(&cred->ticket, &tkt); - if (retval) + ret = krb5_decode_ticket(&cred->ticket, &tkt); + if (ret) goto err_tkt; if (!extra_field) @@ -752,13 +750,12 @@ show_credential(cred) fputs(", ",stdout); printf(_("Etype (skey, tkt): %s, "), etype_string(cred->keyblock.enctype)); - printf("%s ", - etype_string(tkt->enc_part.enctype)); + printf("%s ", etype_string(tkt->enc_part.enctype)); extra_field++; err_tkt: if (tkt != NULL) - krb5_free_ticket(kcontext, tkt); + krb5_free_ticket(context, tkt); } if (show_adtype) { @@ -777,19 +774,18 @@ show_credential(cred) } } - /* if any additional info was printed, extra_field is non-zero */ + /* If any additional info was printed, extra_field is non-zero. */ if (extra_field) putchar('\n'); - if (show_addresses) { - if (!cred->addresses || !cred->addresses[0]) { + if (cred->addresses == NULL || cred->addresses[0] == NULL) { printf(_("\tAddresses: (none)\n")); } else { printf(_("\tAddresses: ")); one_addr(cred->addresses[0]); - for (i=1; cred->addresses[i]; i++) { + for (i = 1; cred->addresses[i] != NULL; i++) { printf(", "); one_addr(cred->addresses[i]); } @@ -798,45 +794,45 @@ show_credential(cred) } } - krb5_free_unparsed_name(kcontext, name); - krb5_free_unparsed_name(kcontext, sname); + krb5_free_unparsed_name(context, name); + krb5_free_unparsed_name(context, sname); } #include "port-sockets.h" -#include "socket-utils.h" /* for ss2sin etc */ +#include "socket-utils.h" /* For ss2sin etc. */ #include "fake-addrinfo.h" -void one_addr(a) - krb5_address *a; +static void +one_addr(krb5_address *a) { struct sockaddr_storage ss; + struct sockaddr_in *sinp; + struct sockaddr_in6 *sin6p; int err; char namebuf[NI_MAXHOST]; - memset (&ss, 0, sizeof (ss)); + memset(&ss, 0, sizeof(ss)); switch (a->addrtype) { case ADDRTYPE_INET: if (a->length != 4) { - broken: printf(_("broken address (type %d length %d)"), a->addrtype, a->length); return; } - { - struct sockaddr_in *sinp = ss2sin (&ss); - sinp->sin_family = AF_INET; - memcpy (&sinp->sin_addr, a->contents, 4); - } + sinp = ss2sin(&ss); + sinp->sin_family = AF_INET; + memcpy(&sinp->sin_addr, a->contents, 4); break; case ADDRTYPE_INET6: - if (a->length != 16) - goto broken; - { - struct sockaddr_in6 *sin6p = ss2sin6 (&ss); - sin6p->sin6_family = AF_INET6; - memcpy (&sin6p->sin6_addr, a->contents, 16); + if (a->length != 16) { + printf(_("broken address (type %d length %d)"), + a->addrtype, a->length); + return; } + sin6p = ss2sin6(&ss); + sin6p->sin6_family = AF_INET6; + memcpy(&sin6p->sin6_addr, a->contents, 16); break; default: printf(_("unknown addrtype %d"), a->addrtype); @@ -844,25 +840,22 @@ void one_addr(a) } namebuf[0] = 0; - err = getnameinfo (ss2sa (&ss), sa_socklen (ss2sa (&ss)), - namebuf, sizeof (namebuf), 0, 0, - no_resolve ? NI_NUMERICHOST : 0U); + err = getnameinfo(ss2sa(&ss), sa_socklen(ss2sa(&ss)), namebuf, + sizeof(namebuf), 0, 0, + no_resolve ? NI_NUMERICHOST : 0U); if (err) { printf(_("unprintable address (type %d, error %d %s)"), a->addrtype, - err, gai_strerror (err)); + err, gai_strerror(err)); return; } - printf ("%s", namebuf); + printf("%s", namebuf); } -void -fillit(f, num, c) - FILE *f; - unsigned int num; - int c; +static void +fillit(FILE *f, unsigned int num, int c) { unsigned int i; - for (i=0; i #include @@ -15,18 +16,18 @@ #ifdef HAVE_PWD_H #include -static -void get_name_from_passwd_file(program_name, kcontext, me) - char * program_name; - krb5_context kcontext; - krb5_principal * me; +static void +get_name_from_passwd_file(char *program_name, krb5_context context, + krb5_principal *me) { struct passwd *pw; - krb5_error_code code; - if ((pw = getpwuid(getuid()))) { - if ((code = krb5_parse_name(kcontext, pw->pw_name, me))) { - com_err(program_name, code, _("when parsing name %s"), - pw->pw_name); + krb5_error_code ret; + + pw = getpwuid(getuid()); + if (pw != NULL) { + ret = krb5_parse_name(context, pw->pw_name, me); + if (ret) { + com_err(program_name, ret, _("when parsing name %s"), pw->pw_name); exit(1); } } else { @@ -35,9 +36,8 @@ void get_name_from_passwd_file(program_name, kcontext, me) } } #else /* HAVE_PWD_H */ -void get_name_from_passwd_file(kcontext, me) - krb5_context kcontext; - krb5_principal * me; +static void +get_name_from_passwd_file(krb5_context context, krb5_principal *me) { fprintf(stderr, _("Unable to identify user\n")); exit(1); @@ -49,13 +49,11 @@ int main(int argc, char *argv[]) krb5_error_code ret; krb5_context context; krb5_principal princ = NULL; - char *pname; + char *pname, *message; + char pw[1024]; krb5_ccache ccache; krb5_get_init_creds_opt *opts = NULL; krb5_creds creds; - char *message; - - char pw[1024]; unsigned int pwlen; int result_code; krb5_data result_code_string, result_string; @@ -73,48 +71,48 @@ int main(int argc, char *argv[]) com_err(argv[0], ret, _("initializing kerberos library")); exit(1); } - if ((ret = krb5_get_init_creds_opt_alloc(context, &opts))) { + ret = krb5_get_init_creds_opt_alloc(context, &opts); + if (ret) { com_err(argv[0], ret, _("allocating krb5_get_init_creds_opt")); exit(1); } - /* in order, use the first of: - - a name specified on the command line - - the principal name from an existing ccache - - the name corresponding to the ruid of the process - - otherwise, it's an error. - We always attempt to open the default ccache in order to use FAST if - possible. - */ + /* + * In order, use the first of: + * - A name specified on the command line + * - The principal name from an existing ccache + * - The name corresponding to the ruid of the process + * + * Otherwise, it's an error. + * We always attempt to open the default ccache in order to use FAST if + * possible. + */ ret = krb5_cc_default(context, &ccache); - if (ret != 0) { + if (ret) { com_err(argv[0], ret, _("opening default ccache")); exit(1); } ret = krb5_cc_get_principal(context, ccache, &princ); - if (ret != 0 && ret != KRB5_CC_NOTFOUND && ret != KRB5_FCC_NOFILE) { + if (ret && ret != KRB5_CC_NOTFOUND && ret != KRB5_FCC_NOFILE) { com_err(argv[0], ret, _("getting principal from ccache")); exit(1); - } else { - if (princ != NULL) { - ret = krb5_get_init_creds_opt_set_fast_ccache(context, opts, - ccache); - if (ret) { - com_err(argv[0], ret, _("while setting FAST ccache")); - exit(1); - } + } else if (princ != NULL) { + ret = krb5_get_init_creds_opt_set_fast_ccache(context, opts, ccache); + if (ret) { + com_err(argv[0], ret, _("while setting FAST ccache")); + exit(1); } } ret = krb5_cc_close(context, ccache); - if (ret != 0) { + if (ret) { com_err(argv[0], ret, _("closing ccache")); exit(1); } - if (pname) { + if (pname != NULL) { krb5_free_principal(context, princ); princ = NULL; - if ((ret = krb5_parse_name(context, pname, &princ))) { + ret = krb5_parse_name(context, pname, &princ); + if (ret) { com_err(argv[0], ret, _("parsing client name")); exit(1); } @@ -122,33 +120,37 @@ int main(int argc, char *argv[]) if (princ == NULL) get_name_from_passwd_file(argv[0], context, &princ); - krb5_get_init_creds_opt_set_tkt_life(opts, 5*60); + krb5_get_init_creds_opt_set_tkt_life(opts, 5 * 60); krb5_get_init_creds_opt_set_renew_life(opts, 0); krb5_get_init_creds_opt_set_forwardable(opts, 0); krb5_get_init_creds_opt_set_proxiable(opts, 0); - if ((ret = krb5_get_init_creds_password(context, &creds, princ, NULL, - krb5_prompter_posix, NULL, - 0, "kadmin/changepw", opts))) { - if (ret == KRB5KRB_AP_ERR_BAD_INTEGRITY) + ret = krb5_get_init_creds_password(context, &creds, princ, NULL, + krb5_prompter_posix, NULL, 0, + "kadmin/changepw", opts); + if (ret) { + if (ret == KRB5KRB_AP_ERR_BAD_INTEGRITY) { com_err(argv[0], 0, _("Password incorrect while getting initial ticket")); - else + } else { com_err(argv[0], ret, _("getting initial ticket")); + } + krb5_get_init_creds_opt_free(context, opts); exit(1); } pwlen = sizeof(pw); - if ((ret = krb5_read_password(context, P1, P2, pw, &pwlen))) { + ret = krb5_read_password(context, P1, P2, pw, &pwlen); + if (ret) { com_err(argv[0], ret, _("while reading password")); krb5_get_init_creds_opt_free(context, opts); exit(1); } - if ((ret = krb5_change_password(context, &creds, pw, - &result_code, &result_code_string, - &result_string))) { + ret = krb5_change_password(context, &creds, pw, &result_code, + &result_code_string, &result_string); + if (ret) { com_err(argv[0], ret, _("changing password")); krb5_get_init_creds_opt_free(context, opts); exit(1); @@ -158,17 +160,15 @@ int main(int argc, char *argv[]) if (krb5_chpw_message(context, &result_string, &message) != 0) message = NULL; printf("%.*s%s%s\n", - (int) result_code_string.length, result_code_string.data, + (int)result_code_string.length, result_code_string.data, message ? ": " : "", message ? message : NULL); krb5_free_string(context, message); krb5_get_init_creds_opt_free(context, opts); exit(2); } - if (result_string.data != NULL) - free(result_string.data); - if (result_code_string.data != NULL) - free(result_code_string.data); + free(result_string.data); + free(result_code_string.data); krb5_get_init_creds_opt_free(context, opts); printf(_("Password changed.\n")); diff --git a/src/clients/kvno/kvno.c b/src/clients/kvno/kvno.c index b4c72c3623..77a128d5db 100644 --- a/src/clients/kvno/kvno.c +++ b/src/clients/kvno/kvno.c @@ -36,8 +36,10 @@ extern int optind; extern char *optarg; static char *prog; +static int quiet = 0; -static void xusage() +static void +xusage() { fprintf(stderr, _("usage: %s [-C] [-u] [-c ccache] [-e etype]\n"), prog); fprintf(stderr, _("\t[-k keytab] [-S sname] [-U for_user [-P]]\n")); @@ -45,18 +47,16 @@ static void xusage() exit(1); } -int quiet = 0; - -static void do_v5_kvno (int argc, char *argv[], - char *ccachestr, char *etypestr, char *keytab_name, - char *sname, int canon, int unknown, - char *for_user, int proxy); +static void do_v5_kvno(int argc, char *argv[], char *ccachestr, char *etypestr, + char *keytab_name, char *sname, int canon, int unknown, + char *for_user, int proxy); #include -static void extended_com_err_fn (const char *, errcode_t, const char *, - va_list); +static void extended_com_err_fn(const char *myprog, errcode_t code, + const char *fmt, va_list args); -int main(int argc, char *argv[]) +int +main(int argc, char *argv[]) { int option; char *etypestr = NULL, *ccachestr = NULL, *keytab_name = NULL; @@ -64,7 +64,7 @@ int main(int argc, char *argv[]) int canon = 0, unknown = 0, proxy = 0; setlocale(LC_ALL, ""); - set_com_err_hook (extended_com_err_fn); + set_com_err_hook(extended_com_err_fn); prog = strrchr(argv[0], '/'); prog = prog ? (prog + 1) : argv[0]; @@ -94,7 +94,7 @@ int main(int argc, char *argv[]) break; case 'S': sname = optarg; - if (unknown == 1){ + if (unknown == 1) { fprintf(stderr, _("Options -u and -S are mutually exclusive\n")); xusage(); @@ -102,7 +102,7 @@ int main(int argc, char *argv[]) break; case 'u': unknown = 1; - if (sname){ + if (sname != NULL) { fprintf(stderr, _("Options -u and -S are mutually exclusive\n")); xusage(); @@ -129,26 +129,26 @@ int main(int argc, char *argv[]) } } - if ((argc - optind) < 1) + if (argc - optind < 1) xusage(); - do_v5_kvno(argc - optind, argv + optind, - ccachestr, etypestr, keytab_name, sname, - canon, unknown, for_user, proxy); + do_v5_kvno(argc - optind, argv + optind, ccachestr, etypestr, keytab_name, + sname, canon, unknown, for_user, proxy); return 0; } #include static krb5_context context; -static void extended_com_err_fn (const char *myprog, errcode_t code, - const char *fmt, va_list args) +static void extended_com_err_fn(const char *myprog, errcode_t code, + const char *fmt, va_list args) { const char *emsg; - emsg = krb5_get_error_message (context, code); - fprintf (stderr, "%s: %s ", myprog, emsg); - krb5_free_error_message (context, emsg); - vfprintf (stderr, fmt, args); - fprintf (stderr, "\n"); + + emsg = krb5_get_error_message(context, code); + fprintf(stderr, "%s: %s ", myprog, emsg); + krb5_free_error_message(context, emsg); + vfprintf(stderr, fmt, args); + fprintf(stderr, "\n"); } /* Request a single service ticket and display its status (unless quiet is @@ -199,7 +199,6 @@ kvno(const char *name, krb5_ccache ccache, krb5_principal me, in_creds.client = for_user_princ; in_creds.server = me; - ret = krb5_get_credentials_for_user(context, options, ccache, &in_creds, NULL, &out_creds); } else { @@ -214,7 +213,7 @@ kvno(const char *name, krb5_ccache ccache, krb5_principal me, goto cleanup; } - /* we need a native ticket */ + /* We need a native ticket. */ ret = krb5_decode_ticket(&out_creds->ticket, &ticket); if (ret) { com_err(prog, ret, _("while decoding ticket for %s"), princ); @@ -264,10 +263,10 @@ cleanup: return ret; } -static void do_v5_kvno (int count, char *names[], - char * ccachestr, char *etypestr, char *keytab_name, - char *sname, int canon, int unknown, char *for_user, - int proxy) +static void +do_v5_kvno(int count, char *names[], char * ccachestr, char *etypestr, + char *keytab_name, char *sname, int canon, int unknown, + char *for_user, int proxy) { krb5_error_code ret; int i, errors; @@ -303,7 +302,7 @@ static void do_v5_kvno (int count, char *names[], exit(1); } - if (keytab_name) { + if (keytab_name != NULL) { ret = krb5_kt_resolve(context, keytab_name, &keytab); if (ret) { com_err(prog, ret, _("resolving keytab %s"), keytab_name); @@ -327,19 +326,16 @@ static void do_v5_kvno (int count, char *names[], exit(1); } - errors = 0; - - options = 0; - if (canon) - options |= KRB5_GC_CANONICALIZE; + options = canon ? KRB5_GC_CANONICALIZE : 0; + errors = 0; for (i = 0; i < count; i++) { if (kvno(names[i], ccache, me, etype, keytab, sname, options, unknown, for_user_princ, proxy) != 0) errors++; } - if (keytab) + if (keytab != NULL) krb5_kt_close(context, keytab); krb5_free_principal(context, me); krb5_free_principal(context, for_user_princ);