From: Nathaniel McCallum Date: Mon, 15 Oct 2012 01:29:26 +0000 (-0400) Subject: Move pa_data encoding into a separate function X-Git-Tag: krb5-1.11-alpha1~87 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=089781d43b05880a1fd39b8e5d634a17eea75eae;p=thirdparty%2Fkrb5.git Move pa_data encoding into a separate function --- diff --git a/src/lib/krb5/krb/preauth_otp.c b/src/lib/krb5/krb/preauth_otp.c index b0044ae33c..de97e0ddd0 100644 --- a/src/lib/krb5/krb/preauth_otp.c +++ b/src/lib/krb5/krb/preauth_otp.c @@ -452,6 +452,41 @@ make_request(krb5_context context, krb5_prompter_fct prompter, return 0; } +/* Encode the OTP request into a krb5_pa_data buffer. */ +static krb5_error_code +set_pa_data(const krb5_pa_otp_req *req, krb5_pa_data ***pa_data_out) +{ + krb5_pa_data **out = NULL; + krb5_data *tmp; + + /* Allocate the preauth data array and one item. */ + out = calloc(2, sizeof(krb5_pa_data *)); + if (out == NULL) + goto error; + out[0] = calloc(1, sizeof(krb5_pa_data)); + out[1] = NULL; + if (out[0] == NULL) + goto error; + + /* Encode our request into the preauth data item. */ + memset(out[0], 0, sizeof(krb5_pa_data)); + out[0]->pa_type = KRB5_PADATA_OTP_REQUEST; + if (encode_krb5_pa_otp_req(req, &tmp) != 0) + goto error; + out[0]->contents = (krb5_octet *)tmp->data; + out[0]->length = tmp->length; + + *pa_data_out = out; + return 0; + +error: + if (out != NULL) { + free(out[0]); + free(out); + } + return ENOMEM; +} + static int otp_client_get_flags(krb5_context context, krb5_preauthtype pa_type) { @@ -468,11 +503,10 @@ otp_client_process(krb5_context context, krb5_clpreauth_moddata moddata, krb5_pa_data ***pa_data_out) { krb5_pa_otp_challenge *chl = NULL; - krb5_pa_data **out_data = NULL; krb5_keyblock *as_key = NULL; krb5_pa_otp_req *req = NULL; krb5_error_code retval = 0; - krb5_data tmp, *tmpp; + krb5_data tmp; *pa_data_out = NULL; @@ -495,48 +529,20 @@ otp_client_process(krb5_context context, krb5_clpreauth_moddata moddata, /* Fill in the request info from the TokenInfo structs .*/ retval = make_request(context, prompter, prompter_data, chl->tokeninfo, &req); - if (retval != 0) { - k5_free_pa_otp_challenge(context, chl); - return retval; - } + if (retval != 0) + goto error; /* Encrypt the challenge's nonce and set it in the request. */ retval = encrypt_nonce(context, as_key, chl, req); - k5_free_pa_otp_challenge(context, chl); - if (retval != 0) { - k5_free_pa_otp_req(context, req); - return retval; - } - - /* Allocate the preauth data array and one item. */ - out_data = calloc(2, sizeof(krb5_pa_data *)); - if (out_data == NULL) { - k5_free_pa_otp_req(context, req); - return ENOMEM; - } - out_data[0] = calloc(1, sizeof(krb5_pa_data)); - out_data[1] = NULL; - if (out_data[0] == NULL) { - free(out_data); - k5_free_pa_otp_req(context, req); - return ENOMEM; - } + if (retval != 0) + goto error; - /* Encode our request into the preauth data item. */ - memset(out_data[0], 0, sizeof(krb5_pa_data)); - out_data[0]->pa_type = KRB5_PADATA_OTP_REQUEST; - retval = encode_krb5_pa_otp_req(req, &tmpp); + /* Encode the request into the pa_data output. */ + retval = set_pa_data(req, pa_data_out); +error: + k5_free_pa_otp_challenge(context, chl); k5_free_pa_otp_req(context, req); - if (retval != 0) { - free(out_data[0]); - free(out_data); - return ENOMEM; - } - out_data[0]->contents = (krb5_octet*)tmpp->data; - out_data[0]->length = tmpp->length; - - *pa_data_out = out_data; - return 0; + return retval; } krb5_error_code