1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00

s3:librpc: Improve calling of krb5_kt_end_seq_get()

Remove indentation with early return, best reviewed with
git show -b

Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Nov  3 08:36:00 UTC 2021 on sn-devel-184
This commit is contained in:
Pavel Filipenský 2021-10-21 15:01:48 +02:00 committed by Andreas Schneider
parent 5199eb1412
commit a8a0667263

View File

@ -37,9 +37,8 @@ static krb5_error_code flush_keytab(krb5_context krbctx, krb5_keytab keytab)
ZERO_STRUCT(kt_entry);
ret = krb5_kt_start_seq_get(krbctx, keytab, &kt_cursor);
if (ret == KRB5_KT_END || ret == ENOENT ) {
/* no entries */
return 0;
if (ret != 0) {
return ret;
}
ret = krb5_kt_next_entry(krbctx, keytab, &kt_entry, &kt_cursor);
@ -48,7 +47,7 @@ static krb5_error_code flush_keytab(krb5_context krbctx, krb5_keytab keytab)
/* we need to close and reopen enumeration because we modify
* the keytab */
ret = krb5_kt_end_seq_get(krbctx, keytab, &kt_cursor);
if (ret) {
if (ret != 0) {
DEBUG(1, (__location__ ": krb5_kt_end_seq_get() "
"failed (%s)\n", error_message(ret)));
goto out;
@ -56,7 +55,7 @@ static krb5_error_code flush_keytab(krb5_context krbctx, krb5_keytab keytab)
/* remove the entry */
ret = krb5_kt_remove_entry(krbctx, keytab, &kt_entry);
if (ret) {
if (ret != 0) {
DEBUG(1, (__location__ ": krb5_kt_remove_entry() "
"failed (%s)\n", error_message(ret)));
goto out;
@ -66,7 +65,7 @@ static krb5_error_code flush_keytab(krb5_context krbctx, krb5_keytab keytab)
/* now reopen */
ret = krb5_kt_start_seq_get(krbctx, keytab, &kt_cursor);
if (ret) {
if (ret != 0) {
DEBUG(1, (__location__ ": krb5_kt_start_seq() failed "
"(%s)\n", error_message(ret)));
goto out;
@ -81,6 +80,12 @@ static krb5_error_code flush_keytab(krb5_context krbctx, krb5_keytab keytab)
error_message(ret)));
}
ret = krb5_kt_end_seq_get(krbctx, keytab, &kt_cursor);
if (ret != 0) {
DEBUG(1, (__location__ ": krb5_kt_end_seq_get() "
"failed (%s)\n", error_message(ret)));
goto out;
}
ret = 0;
out:
@ -156,7 +161,7 @@ static krb5_error_code fill_mem_keytab_from_secrets(krb5_context krbctx,
krb5_keytab *keytab)
{
TALLOC_CTX *frame = talloc_stackframe();
krb5_error_code ret;
krb5_error_code ret, ret2;
const char *domain = lp_workgroup();
struct secrets_domain_info1 *info = NULL;
const char *realm = NULL;
@ -198,57 +203,63 @@ static krb5_error_code fill_mem_keytab_from_secrets(krb5_context krbctx,
/* check if the keytab already has any entry */
ret = krb5_kt_start_seq_get(krbctx, *keytab, &kt_cursor);
if (ret != KRB5_KT_END && ret != ENOENT ) {
/* check if we have our special enctype used to hold
* the clear text password. If so, check it out so that
* we can verify if the keytab needs to be upgraded */
while ((ret = krb5_kt_next_entry(krbctx, *keytab,
&kt_entry, &kt_cursor)) == 0) {
if (smb_krb5_kt_get_enctype_from_entry(&kt_entry) ==
CLEARTEXT_PRIV_ENCTYPE) {
break;
}
smb_krb5_kt_free_entry(krbctx, &kt_entry);
ZERO_STRUCT(kt_entry);
}
if (ret != 0) {
goto out;
}
if (ret != 0 && ret != KRB5_KT_END && ret != ENOENT ) {
/* Error parsing keytab */
DEBUG(1, (__location__ ": Failed to parse memory "
"keytab!\n"));
/* check if we have our special enctype used to hold
* the clear text password. If so, check it out so that
* we can verify if the keytab needs to be upgraded */
while ((ret = krb5_kt_next_entry(krbctx, *keytab,
&kt_entry, &kt_cursor)) == 0) {
if (smb_krb5_kt_get_enctype_from_entry(&kt_entry) ==
CLEARTEXT_PRIV_ENCTYPE) {
break;
}
smb_krb5_kt_free_entry(krbctx, &kt_entry);
ZERO_STRUCT(kt_entry);
}
ret2 = krb5_kt_end_seq_get(krbctx, *keytab, &kt_cursor);
if (ret2 != 0) {
ret = ret2;
DEBUG(1, (__location__ ": krb5_kt_end_seq_get() "
"failed (%s)\n", error_message(ret)));
goto out;
}
if (ret != 0 && ret != KRB5_KT_END && ret != ENOENT ) {
/* Error parsing keytab */
DEBUG(1, (__location__ ": Failed to parse memory "
"keytab!\n"));
goto out;
}
if (ret == 0) {
/* found private entry,
* check if keytab is up to date */
if ((ct->length == KRB5_KEY_LENGTH(KRB5_KT_KEY(&kt_entry))) &&
(memcmp(KRB5_KEY_DATA(KRB5_KT_KEY(&kt_entry)),
ct->data, ct->length) == 0)) {
/* keytab is already up to date, return */
smb_krb5_kt_free_entry(krbctx, &kt_entry);
goto out;
}
if (ret == 0) {
/* found private entry,
* check if keytab is up to date */
if ((ct->length == KRB5_KEY_LENGTH(KRB5_KT_KEY(&kt_entry))) &&
(memcmp(KRB5_KEY_DATA(KRB5_KT_KEY(&kt_entry)),
ct->data, ct->length) == 0)) {
/* keytab is already up to date, return */
smb_krb5_kt_free_entry(krbctx, &kt_entry);
goto out;
}
smb_krb5_kt_free_entry(krbctx, &kt_entry);
ZERO_STRUCT(kt_entry);
smb_krb5_kt_free_entry(krbctx, &kt_entry);
ZERO_STRUCT(kt_entry);
/* flush keytab, we need to regen it */
ret = flush_keytab(krbctx, *keytab);
if (ret) {
DEBUG(1, (__location__ ": Failed to flush "
"memory keytab!\n"));
goto out;
}
/* flush keytab, we need to regen it */
ret = flush_keytab(krbctx, *keytab);
if (ret) {
DEBUG(1, (__location__ ": Failed to flush "
"memory keytab!\n"));
goto out;
}
}
if (!all_zero((uint8_t *)&kt_cursor, sizeof(kt_cursor)) && *keytab) {
krb5_kt_end_seq_get(krbctx, *keytab, &kt_cursor);
}
/* keytab is not up to date, fill it up */
ret = smb_krb5_make_principal(krbctx, &princ, realm,
@ -321,9 +332,6 @@ static krb5_error_code fill_mem_keytab_from_secrets(krb5_context krbctx,
ret = 0;
out:
if (!all_zero((uint8_t *)&kt_cursor, sizeof(kt_cursor)) && *keytab) {
krb5_kt_end_seq_get(krbctx, *keytab, &kt_cursor);
}
if (princ) {
krb5_free_principal(krbctx, princ);
@ -533,7 +541,7 @@ static krb5_error_code fill_mem_keytab_from_dedicated_keytab(krb5_context krbctx
krb5_kt_end_seq_get(krbctx, keytab, &kt_cursor);
out:
krb5_kt_close(krbctx, keytab);
return ret;