oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Fixes to make Heimdal -Wall -Werror clean

Browse Source 
These fixes make developer mode build, at least on Ubuntu.
This commit is contained in:
Nicolas Williams
2011-11-02 21:39:07 -05:00
parent 9c830f5237
commit 3bebbe5323
24 changed files with 286 additions and 172 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
appl/popper/pop_debug.c
View File

@@ -103,6 +103,7 @@ doit_v5 (char *host, int port)
krb5_auth_context auth_context = NULL;
krb5_principal server;
int s = get_socket (host, port);
const char *estr;
ret = krb5_init_context (&context);
if (ret)
@@ -114,8 +115,9 @@ doit_v5 (char *host, int port)
KRB5_NT_SRV_HST,
&server);
if (ret) {
warnx ("krb5_sname_to_principal: %s",
krb5_get_err_text (context, ret));
estr = krb5_get_error_message(context, ret);
warnx ("krb5_sname_to_principal: %s", estr);
krb5_free_error_message(context, estr);
return 1;
}
ret = krb5_sendauth (context,
@@ -131,13 +133,14 @@ doit_v5 (char *host, int port)
NULL,
NULL,
NULL);
if (ret) {
warnx ("krb5_sendauth: %s",
krb5_get_err_text (context, ret));
return 1;
}
loop (s);
return 0;
if (ret) {
estr = krb5_get_error_message(context, ret);
warnx ("krb5_sendauth: %s", estr);
krb5_free_error_message(context, estr);
return 1;
}
loop (s);
return 0;
}
#endif

11
appl/popper/pop_init.c
View File

@@ -57,6 +57,7 @@ krb5_authenticate (POP *p, int s, u_char *buf, struct sockaddr *addr)
krb5_auth_context auth_context = NULL;
uint32_t len;
krb5_ticket *ticket;
const char *estr;
char *server;
if (memcmp (buf, "\x00\x00\x00\x13", 4) != 0)
@@ -78,16 +79,18 @@ krb5_authenticate (POP *p, int s, u_char *buf, struct sockaddr *addr)
NULL,
&ticket);
if (ret) {
pop_log(p, POP_PRIORITY, "krb5_recvauth: %s",
krb5_get_err_text(p->context, ret));
estr = krb5_get_error_message(p->context, ret);
pop_log(p, POP_PRIORITY, "krb5_recvauth: %s", estr);
krb5_free_error_message(p->context, estr);
return -1;
}
ret = krb5_unparse_name(p->context, ticket->server, &server);
if(ret) {
pop_log(p, POP_PRIORITY, "krb5_unparse_name: %s",
krb5_get_err_text(p->context, ret));
estr = krb5_get_error_message(p->context, ret);
pop_log(p, POP_PRIORITY, "krb5_unparse_name: %s", estr);
krb5_free_error_message(p->context, estr);
ret = -1;
goto out;
}

23
appl/popper/pop_pass.c
View File

@@ -21,11 +21,13 @@ krb5_verify_password (POP *p)
krb5_error_code ret;
krb5_principal client, server;
krb5_creds creds;
const char *estr;
ret = krb5_get_init_creds_opt_alloc (p->context, &get_options);
if (ret) {
pop_log(p, POP_PRIORITY, "krb5_get_init_creds_opt_alloc: %s",
krb5_get_err_text (p->context, ret));
estr = krb5_get_error_message(p->context, ret);
pop_log(p, POP_PRIORITY, "krb5_get_init_creds_opt_alloc: %s", estr);
krb5_free_error_message(p->context, estr);
return 1;
}
@@ -38,8 +40,9 @@ krb5_verify_password (POP *p)
ret = krb5_parse_name (p->context, p->user, &client);
if (ret) {
krb5_get_init_creds_opt_free(p->context, get_options);
pop_log(p, POP_PRIORITY, "krb5_parse_name: %s",
krb5_get_err_text (p->context, ret));
estr = krb5_get_error_message(p->context, ret);
pop_log(p, POP_PRIORITY, "krb5_parse_name: %s", estr);
krb5_free_error_message(p->context, estr);
return 1;
}
@@ -54,9 +57,9 @@ krb5_verify_password (POP *p)
get_options);
krb5_get_init_creds_opt_free(p->context, get_options);
if (ret) {
pop_log(p, POP_PRIORITY,
"krb5_get_init_creds_password: %s",
krb5_get_err_text (p->context, ret));
estr = krb5_get_error_message(p->context, ret);
pop_log(p, POP_PRIORITY, "krb5_get_init_creds_password: %s", estr);
krb5_free_error_message(p->context, estr);
return 1;
}
@@ -66,9 +69,9 @@ krb5_verify_password (POP *p)
KRB5_NT_SRV_HST,
&server);
if (ret) {
pop_log(p, POP_PRIORITY,
"krb5_get_init_creds_password: %s",
krb5_get_err_text (p->context, ret));
estr = krb5_get_error_message(p->context, ret);
pop_log(p, POP_PRIORITY, "krb5_get_init_creds_password: %s", estr);
krb5_free_error_message(p->context, estr);
return 1;
}

11
appl/push/push.c
View File

@@ -524,6 +524,7 @@ do_v5 (const char *host,
krb5_error_code ret;
krb5_auth_context auth_context = NULL;
krb5_principal server;
const char *estr;
int s;
s = do_connect (host, port, 1);
@@ -536,8 +537,9 @@ do_v5 (const char *host,
KRB5_NT_SRV_HST,
&server);
if (ret) {
warnx ("krb5_sname_to_principal: %s",
krb5_get_err_text (context, ret));
estr = krb5_get_error_message(context, ret);
warnx ("krb5_sname_to_principal: %s", estr);
krb5_free_error_message(context, estr);
return 1;
}
@@ -556,8 +558,9 @@ do_v5 (const char *host,
NULL);
krb5_free_principal (context, server);
if (ret) {
warnx ("krb5_sendauth: %s",
krb5_get_err_text (context, ret));
estr = krb5_get_error_message(context, ret);
warnx ("krb5_sendauth: %s", estr);
krb5_free_error_message(context, estr);
return 1;
}
return doit (s, host, user, filename, header_str, leavep, verbose, forkp);

47
appl/rsh/rsh.c
View File

@@ -167,20 +167,23 @@ krb5_forward_cred (krb5_auth_context auth_context,
krb5_kdc_flags flags;
krb5_data out_data;
krb5_principal principal;
const char *estr;
memset (&creds, 0, sizeof(creds));
ret = krb5_cc_default (context, &ccache);
if (ret) {
warnx ("could not forward creds: krb5_cc_default: %s",
krb5_get_err_text (context, ret));
estr = krb5_get_error_message(context, ret);
warnx ("could not forward creds: krb5_cc_default: %s", estr);
krb5_free_error_message(context, estr);
return 1;
}
ret = krb5_cc_get_principal (context, ccache, &principal);
if (ret) {
warnx ("could not forward creds: krb5_cc_get_principal: %s",
krb5_get_err_text (context, ret));
estr = krb5_get_error_message(context, ret);
warnx ("could not forward creds: krb5_cc_get_principal: %s", estr);
krb5_free_error_message(context, estr);
return 1;
}
@@ -194,8 +197,9 @@ krb5_forward_cred (krb5_auth_context auth_context,
NULL);
if (ret) {
warnx ("could not forward creds: krb5_make_principal: %s",
krb5_get_err_text (context, ret));
estr = krb5_get_error_message(context, ret);
warnx ("could not forward creds: krb5_make_principal: %s", estr);
krb5_free_error_message(context, estr);
return 1;
}
@@ -213,8 +217,9 @@ krb5_forward_cred (krb5_auth_context auth_context,
&creds,
&out_data);
if (ret) {
warnx ("could not forward creds: krb5_get_forwarded_creds: %s",
krb5_get_err_text (context, ret));
estr = krb5_get_error_message(context, ret);
warnx ("could not forward creds: krb5_get_forwarded_creds: %s", estr);
krb5_free_error_message(context, estr);
return 1;
}
@@ -223,9 +228,11 @@ krb5_forward_cred (krb5_auth_context auth_context,
&out_data);
krb5_data_free (&out_data);
if (ret)
warnx ("could not forward creds: krb5_write_message: %s",
krb5_get_err_text (context, ret));
if (ret) {
estr = krb5_get_error_message(context, ret);
warnx ("could not forward creds: krb5_write_message: %s", estr);
krb5_free_error_message(context, estr);
}
return 0;
}
@@ -248,6 +255,7 @@ send_krb5_auth(int s,
krb5_auth_context auth_context = NULL;
const char *protocol_string = NULL;
krb5_flags ap_opts;
const char *estr;
char *str;
status = krb5_sname_to_principal(context,
@@ -256,7 +264,9 @@ send_krb5_auth(int s,
KRB5_NT_SRV_HST,
&server);
if (status) {
warnx ("%s: %s", hostname, krb5_get_err_text(context, status));
estr = krb5_get_error_message(context, status);
warnx ("%s: %s", hostname, estr);
krb5_free_error_message(context, estr);
return 1;
}
@@ -341,7 +351,9 @@ send_krb5_auth(int s,
if(keyblock == NULL)
status = krb5_auth_con_getkey (context, auth_context, &keyblock);
if (status) {
warnx ("krb5_auth_con_getkey: %s", krb5_get_err_text(context, status));
estr = krb5_get_error_message(context, status);
warnx ("krb5_auth_con_getkey: %s", estr);
krb5_free_error_message(context, estr);
return 1;
}
@@ -349,14 +361,17 @@ send_krb5_auth(int s,
auth_context,
&s);
if (status) {
warnx("krb5_auth_con_setaddrs_from_fd: %s",
krb5_get_err_text(context, status));
estr = krb5_get_error_message(context, status);
warnx("krb5_auth_con_setaddrs_from_fd: %s", estr);
krb5_free_error_message(context, estr);
return(1);
}
status = krb5_crypto_init(context, keyblock, 0, &crypto);
if(status) {
warnx ("krb5_crypto_init: %s", krb5_get_err_text(context, status));
estr = krb5_get_error_message(context, status);
warnx ("krb5_crypto_init: %s", estr);
krb5_free_error_message(context, estr);
return 1;
}

65
appl/rsh/rshd.c
View File

@@ -162,6 +162,7 @@ save_krb5_creds (int s,
{
int ret;
krb5_data remote_cred;
const char *estr;
krb5_data_zero (&remote_cred);
ret= krb5_read_message (context, (void *)&s, &remote_cred);
@@ -180,9 +181,11 @@ save_krb5_creds (int s,
krb5_cc_initialize(context,ccache,client);
ret = krb5_rd_cred2(context, auth_context, ccache, &remote_cred);
if(ret != 0)
syslog(LOG_INFO|LOG_AUTH,
"reading creds: %s", krb5_get_err_text(context, ret));
if(ret != 0) {
estr = krb5_get_error_message(context, ret);
syslog(LOG_INFO|LOG_AUTH, "reading creds: %s", estr);
krb5_free_error_message(context, estr);
}
krb5_data_free (&remote_cred);
if (ret)
return 0;
@@ -193,25 +196,24 @@ static void
krb5_start_session (void)
{
krb5_error_code ret;
char *estr;
const char *estr;
ret = krb5_cc_resolve (context, tkfile, &ccache2);
if (ret) {
estr = krb5_get_error_string(context);
estr = krb5_get_error_message(context, ret);
syslog(LOG_WARNING, "resolve cred cache %s: %s",
tkfile,
estr ? estr : krb5_get_err_text(context, ret));
free(estr);
estr ? estr : "could not get error string");
krb5_free_error_message(context, estr);
krb5_cc_destroy(context, ccache);
return;
}
ret = krb5_cc_copy_cache (context, ccache, ccache2);
if (ret) {
estr = krb5_get_error_string(context);
syslog(LOG_WARNING, "storing credentials: %s",
estr ? estr : krb5_get_err_text(context, ret));
free(estr);
estr = krb5_get_error_message(context, ret);
syslog(LOG_WARNING, "storing credentials: %s", estr);
krb5_free_error_message(context, estr);
krb5_cc_destroy(context, ccache);
return ;
}
@@ -253,6 +255,7 @@ recv_krb5_auth (int s, u_char *buf,
krb5_error_code status;
krb5_data cksum_data;
krb5_principal server;
const char *estr;
char *str;
if (memcmp (buf, "\x00\x00\x00\x13", 4) != 0)
@@ -270,9 +273,11 @@ recv_krb5_auth (int s, u_char *buf,
"host",
KRB5_NT_SRV_HST,
&server);
if (status)
syslog_and_die ("krb5_sock_to_principal: %s",
krb5_get_err_text(context, status));
if (status) {
estr = krb5_get_error_message(context, status);
syslog_and_die ("krb5_sock_to_principal: %s", estr);
krb5_free_error_message(context, estr);
}
status = krb5_recvauth_match_version(context,
&auth_context,
@@ -284,9 +289,11 @@ recv_krb5_auth (int s, u_char *buf,
NULL,
&ticket);
krb5_free_principal (context, server);
if (status)
syslog_and_die ("krb5_recvauth: %s",
krb5_get_err_text(context, status));
if (status) {
estr = krb5_get_error_message(context, status);
syslog_and_die ("krb5_recvauth: %s", estr);
krb5_free_error_message(context, estr);
}
*server_username = read_str (s, USERNAME_SZ, "remote username");
*cmd = read_str (s, ARG_MAX + 1, "command");
@@ -302,14 +309,18 @@ recv_krb5_auth (int s, u_char *buf,
if(status != 0 || keyblock == NULL)
syslog_and_die("failed to get key");
}
if (status != 0 || keyblock == NULL)
syslog_and_die ("krb5_auth_con_getkey: %s",
krb5_get_err_text(context, status));
if (status != 0 || keyblock == NULL) {
estr = krb5_get_error_message(context, status);
syslog_and_die ("krb5_auth_con_getkey: %s", estr);
krb5_free_error_message(context, estr);
}
status = krb5_crypto_init(context, keyblock, 0, &crypto);
if(status)
syslog_and_die("krb5_crypto_init: %s",
krb5_get_err_text(context, status));
if (status) {
estr = krb5_get_error_message(context, status);
syslog_and_die("krb5_crypto_init: %s", estr);
krb5_free_error_message(context, estr);
}
cksum_data.length = asprintf (&str,
@@ -326,9 +337,11 @@ recv_krb5_auth (int s, u_char *buf,
cksum_data.data,
cksum_data.length);
if (status)
syslog_and_die ("krb5_verify_authenticator_checksum: %s",
krb5_get_err_text(context, status));
if (status) {
estr = krb5_get_error_message(context, status);
syslog_and_die ("krb5_verify_authenticator_checksum: %s", estr);
krb5_free_error_message(context, estr);
}
free (cksum_data.data);

156
appl/telnet/libtelnet/kerberos5.c
View File

@@ -198,6 +198,7 @@ kerberos5_send(char *name, Authenticator *ap)
krb5_ccache ccache;
int ap_opts;
krb5_data cksum_data;
const char *estr;
char ap_msg[2];
if (!UserNameRequested) {
@@ -210,8 +211,9 @@ kerberos5_send(char *name, Authenticator *ap)
ret = krb5_cc_default(context, &ccache);
if (ret) {
if (auth_debug_mode) {
printf("Kerberos V5: could not get default ccache: %s\r\n",
krb5_get_err_text (context, ret));
estr = krb5_get_error_message (context, ret);
printf("Kerberos V5: could not get default ccache: %s\r\n", estr);
krb5_free_error_message(context, estr);
}
return 0;
}
@@ -226,8 +228,9 @@ kerberos5_send(char *name, Authenticator *ap)
ret = krb5_auth_con_init (context, &auth_context);
if (ret) {
if (auth_debug_mode) {
printf("Kerberos V5: krb5_auth_con_init failed (%s)\r\n",
krb5_get_err_text(context, ret));
estr = krb5_get_error_message (context, ret);
printf("Kerberos V5: krb5_auth_con_init failed (%s)\r\n", estr);
krb5_free_error_message(context, estr);
}
return(0);
}
@@ -237,9 +240,10 @@ kerberos5_send(char *name, Authenticator *ap)
&net);
if (ret) {
if (auth_debug_mode) {
estr = krb5_get_error_message (context, ret);
printf ("Kerberos V5:"
" krb5_auth_con_setaddrs_from_fd failed (%s)\r\n",
krb5_get_err_text(context, ret));
" krb5_auth_con_setaddrs_from_fd failed (%s)\r\n", estr);
krb5_free_error_message(context, estr);
}
return(0);
}
@@ -265,18 +269,21 @@ kerberos5_send(char *name, Authenticator *ap)
&service);
if(ret) {
if (auth_debug_mode) {
estr = krb5_get_error_message (context, ret);
printf ("Kerberos V5:"
" krb5_sname_to_principal(%s) failed (%s)\r\n",
RemoteHostName, krb5_get_err_text(context, ret));
RemoteHostName, estr);
krb5_free_error_message(context, estr);
}
return 0;
}
ret = krb5_unparse_name_fixed(context, service, sname, sizeof(sname));
if(ret) {
if (auth_debug_mode) {
estr = krb5_get_error_message (context, ret);
printf ("Kerberos V5:"
" krb5_unparse_name_fixed failed (%s)\r\n",
krb5_get_err_text(context, ret));
" krb5_unparse_name_fixed failed (%s)\r\n", estr);
krb5_free_error_message(context, estr);
}
return 0;
}
@@ -289,8 +296,9 @@ kerberos5_send(char *name, Authenticator *ap)
}
if (ret) {
if (1 || auth_debug_mode) {
printf("Kerberos V5: mk_req failed (%s)\r\n",
krb5_get_err_text(context, ret));
estr = krb5_get_error_message (context, ret);
printf("Kerberos V5: mk_req failed (%s)\r\n", estr);
krb5_free_error_message(context, estr);
}
return(0);
}
@@ -345,6 +353,7 @@ kerberos5_is(Authenticator *ap, unsigned char *data, int cnt)
krb5_error_code ret;
krb5_data outbuf;
krb5_keyblock *key_block;
const char *estr;
char *name;
krb5_principal server;
int zero = 0;
@@ -362,8 +371,9 @@ kerberos5_is(Authenticator *ap, unsigned char *data, int cnt)
if (ret) {
Data(ap, KRB_REJECT, "krb5_auth_con_init failed", -1);
auth_finished(ap, AUTH_REJECT);
log_message("Kerberos V5: krb5_auth_con_init failed (%s)",
krb5_get_err_text(context, ret));
estr = krb5_get_error_message (context, ret);
log_message("Kerberos V5: krb5_auth_con_init failed (%s)", estr);
krb5_free_error_message(context, estr);
return;
}
@@ -373,9 +383,10 @@ kerberos5_is(Authenticator *ap, unsigned char *data, int cnt)
if (ret) {
Data(ap, KRB_REJECT, "krb5_auth_con_setaddrs_from_fd failed", -1);
auth_finished(ap, AUTH_REJECT);
estr = krb5_get_error_message (context, ret);
log_message("Kerberos V5: "
"krb5_auth_con_setaddrs_from_fd failed (%s)",
krb5_get_err_text(context, ret));
"krb5_auth_con_setaddrs_from_fd failed (%s)", estr);
krb5_free_error_message(context, estr);
return;
}
@@ -387,9 +398,10 @@ kerberos5_is(Authenticator *ap, unsigned char *data, int cnt)
if (ret) {
Data(ap, KRB_REJECT, "krb5_sock_to_principal failed", -1);
auth_finished(ap, AUTH_REJECT);
estr = krb5_get_error_message (context, ret);
log_message("Kerberos V5: "
"krb5_sock_to_principal failed (%s)",
krb5_get_err_text(context, ret));
"krb5_sock_to_principal failed (%s)", estr);
krb5_free_error_message(context, estr);
return;
}
@@ -407,9 +419,9 @@ kerberos5_is(Authenticator *ap, unsigned char *data, int cnt)
char *errbuf;
int ret2;
ret2 = asprintf(&errbuf,
"Read req failed: %s",
krb5_get_err_text(context, ret));
estr = krb5_get_error_message (context, ret);
ret2 = asprintf(&errbuf, "Read req failed: %s", estr);
krb5_free_error_message(context, estr);
if (ret2 != -1)
errbuf2 = errbuf;
Data(ap, KRB_REJECT, errbuf2, -1);
@@ -435,8 +447,9 @@ kerberos5_is(Authenticator *ap, unsigned char *data, int cnt)
char *errbuf;
int ret2;
ret2 = asprintf(&errbuf, "Bad checksum: %s",
krb5_get_err_text(context, ret));
estr = krb5_get_error_message (context, ret);
ret2 = asprintf(&errbuf, "Bad checksum: %s", estr);
krb5_free_error_message(context, estr);
if (ret2 != -1)
errbuf2 = errbuf;
Data(ap, KRB_REJECT, errbuf2, -1);
@@ -453,9 +466,10 @@ kerberos5_is(Authenticator *ap, unsigned char *data, int cnt)
if (ret) {
Data(ap, KRB_REJECT, "krb5_auth_con_getremotesubkey failed", -1);
auth_finished(ap, AUTH_REJECT);
estr = krb5_get_error_message (context, ret);
log_message("Kerberos V5: "
"krb5_auth_con_getremotesubkey failed (%s)",
krb5_get_err_text(context, ret));
"krb5_auth_con_getremotesubkey failed (%s)", estr);
krb5_free_error_message(context, estr);
return;
}
@@ -467,9 +481,10 @@ kerberos5_is(Authenticator *ap, unsigned char *data, int cnt)
if (ret) {
Data(ap, KRB_REJECT, "krb5_auth_con_getkey failed", -1);
auth_finished(ap, AUTH_REJECT);
estr = krb5_get_error_message (context, ret);
log_message("Kerberos V5: "
"krb5_auth_con_getkey failed (%s)",
krb5_get_err_text(context, ret));
"krb5_auth_con_getkey failed (%s)", estr);
krb5_free_error_message(context, estr);
return;
}
if (key_block == NULL) {
@@ -486,9 +501,10 @@ kerberos5_is(Authenticator *ap, unsigned char *data, int cnt)
Data(ap, KRB_REJECT,
"krb5_mk_rep failed", -1);
auth_finished(ap, AUTH_REJECT);
estr = krb5_get_error_message (context, ret);
log_message("Kerberos V5: "
"krb5_mk_rep failed (%s)",
krb5_get_err_text(context, ret));
"krb5_mk_rep failed (%s)", estr);
krb5_free_error_message(context, estr);
krb5_free_keyblock(context, key_block);
return;
}
@@ -555,8 +571,9 @@ kerberos5_is(Authenticator *ap, unsigned char *data, int cnt)
ret = krb5_cc_resolve (context, ccname, &ccache);
if (ret) {
log_message("Kerberos V5: could not get ccache: %s",
krb5_get_err_text(context, ret));
estr = krb5_get_error_message (context, ret);
log_message("Kerberos V5: could not get ccache: %s", estr);
krb5_free_error_message(context, estr);
break;
}
@@ -564,8 +581,9 @@ kerberos5_is(Authenticator *ap, unsigned char *data, int cnt)
ccache,
ticket->client);
if (ret) {
log_message("Kerberos V5: could not init ccache: %s",
krb5_get_err_text(context, ret));
estr = krb5_get_error_message (context, ret);
log_message("Kerberos V5: could not init ccache: %s", estr);
krb5_free_error_message(context, estr);
break;
}
@@ -581,9 +599,9 @@ kerberos5_is(Authenticator *ap, unsigned char *data, int cnt)
char *errbuf;
int ret2;
ret2 = asprintf (&errbuf,
"Read forwarded creds failed: %s",
krb5_get_err_text (context, ret));
estr = krb5_get_error_message (context, ret);
ret2 = asprintf (&errbuf, "Read forwarded creds failed: %s", estr);
krb5_free_error_message(context, estr);
if (ret2 != -1)
errbuf2 = errbuf;
Data(ap, KRB_FORWARD_REJECT, errbuf, -1);
@@ -612,6 +630,7 @@ void
kerberos5_reply(Authenticator *ap, unsigned char *data, int cnt)
{
static int mutual_complete = 0;
const char *estr;
if (cnt-- < 1)
return;
@@ -648,8 +667,9 @@ kerberos5_reply(Authenticator *ap, unsigned char *data, int cnt)
auth_context,
&keyblock);
if(ret) {
printf("[ krb5_auth_con_getkey: %s ]\r\n",
krb5_get_err_text(context, ret));
estr = krb5_get_error_message (context, ret);
printf("[ krb5_auth_con_getkey: %s ]\r\n", estr);
krb5_free_error_message(context, estr);
auth_send_retry();
return;
}
@@ -667,22 +687,23 @@ kerberos5_reply(Authenticator *ap, unsigned char *data, int cnt)
case KRB_RESPONSE:
if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) {
/* the rest of the reply should contain a krb_ap_rep */
krb5_ap_rep_enc_part *reply;
krb5_data inbuf;
krb5_error_code ret;
krb5_ap_rep_enc_part *reply;
krb5_data inbuf;
krb5_error_code ret;
inbuf.length = cnt;
inbuf.data = (char *)data;
inbuf.length = cnt;
inbuf.data = (char *)data;
ret = krb5_rd_rep(context, auth_context, &inbuf, &reply);
if (ret) {
printf("[ Mutual authentication failed: %s ]\r\n",
krb5_get_err_text (context, ret));
auth_send_retry();
return;
}
krb5_free_ap_rep_enc_part(context, reply);
mutual_complete = 1;
ret = krb5_rd_rep(context, auth_context, &inbuf, &reply);
if (ret) {
estr = krb5_get_error_message (context, ret);
printf("[ Mutual authentication failed: %s ]\r\n", estr);
krb5_free_error_message(context, estr);
auth_send_retry();
return;
}
krb5_free_ap_rep_enc_part(context, reply);
mutual_complete = 1;
}
return;
case KRB_FORWARD_ACCEPT:
@@ -792,20 +813,25 @@ kerberos5_forward(Authenticator *ap)
KDCOptions flags;
krb5_data out_data;
krb5_principal principal;
const char *estr;
ret = krb5_cc_default (context, &ccache);
if (ret) {
if (auth_debug_mode)
printf ("KerberosV5: could not get default ccache: %s\r\n",
krb5_get_err_text (context, ret));
if (auth_debug_mode) {
estr = krb5_get_error_message (context, ret);
printf ("KerberosV5: could not get default ccache: %s\r\n", estr);
krb5_free_error_message(context, estr);
}
return;
}
ret = krb5_cc_get_principal (context, ccache, &principal);
if (ret) {
if (auth_debug_mode)
printf ("KerberosV5: could not get principal: %s\r\n",
krb5_get_err_text (context, ret));
if (auth_debug_mode) {
estr = krb5_get_error_message (context, ret);
printf ("KerberosV5: could not get principal: %s\r\n", estr);
krb5_free_error_message(context, estr);
}
return;
}
@@ -821,9 +847,11 @@ kerberos5_forward(Authenticator *ap)
NULL);
if (ret) {
if (auth_debug_mode)
printf ("KerberosV5: could not get principal: %s\r\n",
krb5_get_err_text (context, ret));
if (auth_debug_mode) {
estr = krb5_get_error_message (context, ret);
printf ("KerberosV5: could not get principal: %s\r\n", estr);
krb5_free_error_message(context, estr);
}
return;
}
@@ -842,9 +870,11 @@ kerberos5_forward(Authenticator *ap)
&creds,
&out_data);
if (ret) {
if (auth_debug_mode)
printf ("Kerberos V5: error getting forwarded creds: %s\r\n",
krb5_get_err_text (context, ret));
if (auth_debug_mode) {
estr = krb5_get_error_message (context, ret);
printf ("Kerberos V5: error getting forwarded creds: %s\r\n", estr);
krb5_free_error_message(context, estr);
}
return;
}