diff --git a/lib/kadm5/get_s.c b/lib/kadm5/get_s.c index 56aec67a2..b612e3726 100644 --- a/lib/kadm5/get_s.c +++ b/lib/kadm5/get_s.c @@ -331,13 +331,11 @@ kadm5_s_get_principal(void *server_handle, ret = add_tl_data(out, KRB5_TL_KRB5_CONFIG, krb5_config.data, krb5_config.length); } - if (ret) - goto out; /* * If the client was allowed to get key data, let it have the * password too. */ - if (mask & KADM5_KEY_DATA) { + if (ret == 0 && (mask & KADM5_KEY_DATA)) { heim_utf8_string pw; /* XXX But not if the client doesn't have ext-keys */ @@ -350,7 +348,8 @@ kadm5_s_get_principal(void *server_handle, krb5_clear_error_message(context->context); } - ret = hdb_entry_get_pkinit_acl(&ent.entry, &acl); + if (ret == 0) + ret = hdb_entry_get_pkinit_acl(&ent.entry, &acl); if (ret == 0 && acl) { krb5_data buf; size_t len; @@ -367,10 +366,9 @@ kadm5_s_get_principal(void *server_handle, if (ret) goto out; } - if (ret) - goto out; - ret = hdb_entry_get_aliases(&ent.entry, &aliases); + if (ret == 0) + ret = hdb_entry_get_aliases(&ent.entry, &aliases); if (ret == 0 && aliases) { krb5_data buf; size_t len; @@ -387,28 +385,19 @@ kadm5_s_get_principal(void *server_handle, if (ret) goto out; } - if (ret) - goto out; - ret = hdb_entry_get_key_rotation(context->context, &ent.entry, &kr); + if (ret == 0) + ret = hdb_entry_get_key_rotation(context->context, &ent.entry, &kr); if (ret == 0 && kr) { krb5_data buf; size_t len; ASN1_MALLOC_ENCODE(HDB_Ext_KeyRotation, buf.data, buf.length, kr, &len, ret); - if (ret) - goto out; - if (len != buf.length) - krb5_abortx(context->context, - "internal ASN.1 encoder error"); - ret = add_tl_data(out, KRB5_TL_KEY_ROTATION, buf.data, buf.length); + if (ret == 0) + ret = add_tl_data(out, KRB5_TL_KEY_ROTATION, buf.data, buf.length); free(buf.data); - if (ret) - goto out; } - if (ret) - goto out; } out: diff --git a/lib/kadm5/init_c.c b/lib/kadm5/init_c.c index a0a344389..a709e3e7c 100644 --- a/lib/kadm5/init_c.c +++ b/lib/kadm5/init_c.c @@ -509,9 +509,9 @@ kadm_connect(kadm5_client_context *ctx) hints.ai_socktype = SOCK_STREAM; hints.ai_protocol = IPPROTO_TCP; - snprintf(portstr, sizeof(portstr), "%u", ntohs(ctx->kadmind_port)); + snprintf(portstr, sizeof(portstr), "%u", ntohs(kadmin_port)); - hostname = ctx->admin_server; + hostname = admin_server; slash = strchr(hostname, '/'); if (slash != NULL) hostname = slash + 1; @@ -640,7 +640,7 @@ kadm5_c_init_with_context(krb5_context context, void **server_handle) { kadm5_ret_t ret; - kadm5_client_context *ctx; + kadm5_client_context *ctx = NULL; krb5_ccache cc; ret = _kadm5_c_init_context(&ctx, realm_params, context); diff --git a/lib/kadm5/ipropd_master.c b/lib/kadm5/ipropd_master.c index a27d8f75a..167c7e15a 100644 --- a/lib/kadm5/ipropd_master.c +++ b/lib/kadm5/ipropd_master.c @@ -450,6 +450,8 @@ write_dump (krb5_context context, krb5_storage *dump, */ ret = krb5_store_uint32(dump, 0); + if (ret) + return ret; ret = hdb_create (context, &db, database); if (ret) @@ -1494,7 +1496,10 @@ write_stats(krb5_context context, slave *slaves, uint32_t current_version) rtbl_add_column_entry(tbl, SLAVE_STATUS, "Up"); ret = krb5_format_time(context, slaves->seen, str, sizeof(str), TRUE); - rtbl_add_column_entry(tbl, SLAVE_SEEN, str); + if (ret) + rtbl_add_column_entry(tbl, SLAVE_SEEN, ""); + else + rtbl_add_column_entry(tbl, SLAVE_SEEN, str); slaves = slaves->next; } diff --git a/lib/kadm5/set_keys.c b/lib/kadm5/set_keys.c index 1f4582585..c30c5d829 100644 --- a/lib/kadm5/set_keys.c +++ b/lib/kadm5/set_keys.c @@ -177,6 +177,8 @@ _kadm5_set_keys2(kadm5_server_context *context, /* A current key; add to current key set */ setup_Key(&key, &salt, key_data, i); ret = add_Keys(&keys, &key); + if (ret) + goto out; continue; }