*************************************************/
/* Copyright (c) University of Cambridge 1995 - 2018 */
+/* Copyright (c) The Exim Maintainers 2020 */
/* See the file NOTICE for conditions of use and distribution. */
/* Copyright (c) Twitter Inc 2012
/* Authenticator-specific options. */
optionlist auth_heimdal_gssapi_options[] = {
{ "server_hostname", opt_stringptr,
- (void *)(offsetof(auth_heimdal_gssapi_options_block, server_hostname)) },
+ OPT_OFF(auth_heimdal_gssapi_options_block, server_hostname) },
{ "server_keytab", opt_stringptr,
- (void *)(offsetof(auth_heimdal_gssapi_options_block, server_keytab)) },
+ OPT_OFF(auth_heimdal_gssapi_options_block, server_keytab) },
{ "server_service", opt_stringptr,
- (void *)(offsetof(auth_heimdal_gssapi_options_block, server_service)) }
+ OPT_OFF(auth_heimdal_gssapi_options_block, server_service) }
};
int auth_heimdal_gssapi_options_count =
{
HDEBUG(D_auth) debug_printf("heimdal: missing server_service\n");
return;
-}
+ }
-krc = krb5_init_context(&context);
-if (krc != 0)
+if ((krc = krb5_init_context(&context)))
{
int kerr = errno;
HDEBUG(D_auth) debug_printf("heimdal: failed to initialise krb5 context: %s\n",
{
k_keytab_typed_name = CCS string_sprintf("file:%s", expand_string(ob->server_keytab));
HDEBUG(D_auth) debug_printf("heimdal: using keytab %s\n", k_keytab_typed_name);
- krc = krb5_kt_resolve(context, k_keytab_typed_name, &keytab);
- if (krc)
+ if ((krc = krb5_kt_resolve(context, k_keytab_typed_name, &keytab)))
{
HDEBUG(D_auth) exim_heimdal_error_debug("krb5_kt_resolve", context, krc);
return;
else
{
HDEBUG(D_auth) debug_printf("heimdal: using system default keytab\n");
- krc = krb5_kt_default(context, &keytab);
- if (krc)
+ if ((krc = krb5_kt_default(context, &keytab)))
{
HDEBUG(D_auth) exim_heimdal_error_debug("krb5_kt_default", context, krc);
return;
HDEBUG(D_auth)
{
/* http://www.h5l.org/manual/HEAD/krb5/krb5_keytab_intro.html */
- krc = krb5_kt_start_seq_get(context, keytab, &cursor);
- if (krc)
+ if ((krc = krb5_kt_start_seq_get(context, keytab, &cursor)))
exim_heimdal_error_debug("krb5_kt_start_seq_get", context, krc);
else
{
- while ((krc = krb5_kt_next_entry(context, keytab, &entry, &cursor)) == 0)
+ while (!(krc = krb5_kt_next_entry(context, keytab, &entry, &cursor)))
{
principal = enctype_s = NULL;
krb5_unparse_name(context, entry.principal, &principal);
free(enctype_s);
krb5_kt_free_entry(context, &entry);
}
- krc = krb5_kt_end_seq_get(context, keytab, &cursor);
- if (krc)
+ if ((krc = krb5_kt_end_seq_get(context, keytab, &cursor)))
exim_heimdal_error_debug("krb5_kt_end_seq_get", context, krc);
}
}
-krc = krb5_kt_close(context, keytab);
-if (krc)
+if ((krc = krb5_kt_close(context, keytab)))
HDEBUG(D_auth) exim_heimdal_error_debug("krb5_kt_close", context, krc);
krb5_free_context(context);
switch (step)
{
case 0:
- if (!from_client || *from_client == '\0')
+ if (!from_client || !*from_client)
{
if (handled_empty_ir)
{
error_out = BAD64;
goto ERROR_OUT;
}
- else
- {
- HDEBUG(D_auth) debug_printf("gssapi: missing initial response, nudging.\n");
- error_out = auth_get_data(&from_client, US"", 0);
- if (error_out != OK)
- goto ERROR_OUT;
- handled_empty_ir = TRUE;
- continue;
- }
+
+ HDEBUG(D_auth) debug_printf("gssapi: missing initial response, nudging.\n");
+ if ((error_out = auth_get_data(&from_client, US"", 0)) != OK)
+ goto ERROR_OUT;
+ handled_empty_ir = TRUE;
+ continue;
}
/* We should now have the opening data from the client, base64-encoded. */
step += 1;
}
requested_qop = (CS gbufdesc_out.value)[0];
- if ((requested_qop & 0x01) == 0)
+ if (!(requested_qop & 0x01))
{
HDEBUG(D_auth)
debug_printf("gssapi: client requested security layers (%x)\n",
/* $auth1 is GSSAPI display name */
maj_stat = gss_display_name(&min_stat,
- gclient,
- &gbufdesc_out,
- &mech_type);
+ gclient, &gbufdesc_out, &mech_type);
if (GSS_ERROR(maj_stat))
{
auth_vars[1] = expand_nstring[2] = NULL;