diff --git a/kadmin/load.c b/kadmin/load.c index 09f1622fb..190f73daf 100644 --- a/kadmin/load.c +++ b/kadmin/load.c @@ -395,7 +395,6 @@ doit(const char *filename, int mergep) line = 0; ret = 0; while(fgets(s, sizeof(s), f) != NULL) { - ret = 0; line++; p = s; @@ -441,7 +440,7 @@ doit(const char *filename, int mergep) p = skip_next(p); e.generation = p; - p = skip_next(p); + skip_next(p); e.extensions = p; p = skip_next(p); diff --git a/kdc/pkinit.c b/kdc/pkinit.c index 22734be81..96bac4dfa 100644 --- a/kdc/pkinit.c +++ b/kdc/pkinit.c @@ -284,7 +284,7 @@ generate_dh_keyblock(krb5_context context, dh_gen_keylen = ECDH_compute_key(dh_gen_key, size, EC_KEY_get0_public_key(client_params->u.ecdh.public_key), client_params->u.ecdh.key, NULL); - ret = 0; + #endif /* HAVE_OPENSSL */ } else { ret = KRB5KRB_ERR_GENERIC; @@ -1979,12 +1979,14 @@ _kdc_pk_initialize(krb5_context context, hx509_name name; char *str; ret = hx509_cert_get_subject(cert, &name); - hx509_name_to_string(name, &str); - krb5_warnx(context, "WARNING Found KDC certificate (%s)" - "is missing the PK-INIT KDC EKU, this is bad for " - "interoperability.", str); - hx509_name_free(&name); - free(str); + if (ret == 0) { + hx509_name_to_string(name, &str); + krb5_warnx(context, "WARNING Found KDC certificate (%s)" + "is missing the PK-INIT KDC EKU, this is bad for " + "interoperability.", str); + hx509_name_free(&name); + free(str); + } } hx509_cert_free(cert); } else diff --git a/lib/asn1/der_put.c b/lib/asn1/der_put.c index 7e71443da..10fc00233 100644 --- a/lib/asn1/der_put.c +++ b/lib/asn1/der_put.c @@ -165,7 +165,6 @@ der_put_general_string (unsigned char *p, size_t len, if (len < slen) return ASN1_OVERFLOW; p -= slen; - len -= slen; memcpy (p+1, *str, slen); *size = slen; return 0; @@ -200,7 +199,6 @@ der_put_bmp_string (unsigned char *p, size_t len, if (len / 2 < data->length) return ASN1_OVERFLOW; p -= data->length * 2; - len -= data->length * 2; for (i = 0; i < data->length; i++) { p[1] = (data->data[i] >> 8) & 0xff; p[2] = data->data[i] & 0xff; @@ -218,7 +216,6 @@ der_put_universal_string (unsigned char *p, size_t len, if (len / 4 < data->length) return ASN1_OVERFLOW; p -= data->length * 4; - len -= data->length * 4; for (i = 0; i < data->length; i++) { p[1] = (data->data[i] >> 24) & 0xff; p[2] = (data->data[i] >> 16) & 0xff; @@ -244,7 +241,6 @@ der_put_octet_string (unsigned char *p, size_t len, if (len < data->length) return ASN1_OVERFLOW; p -= data->length; - len -= data->length; memcpy (p+1, data->data, data->length); *size = data->length; return 0; @@ -421,8 +417,7 @@ der_put_length_and_tag (unsigned char *p, size_t len, size_t len_val, e = der_put_tag (p, len, class, type, tag, &l); if(e) return e; - p -= l; - len -= l; + ret += l; *size = ret; return 0; @@ -459,7 +454,7 @@ der_put_bit_string (unsigned char *p, size_t len, if (len < data_size + 1) return ASN1_OVERFLOW; p -= data_size + 1; - len -= data_size + 1; + memcpy (p+2, data->data, data_size); if (data->length && (data->length % 8) != 0) p[1] = 8 - (data->length % 8); diff --git a/lib/krb5/crypto.c b/lib/krb5/crypto.c index a30780d1e..42e2fdf35 100644 --- a/lib/krb5/crypto.c +++ b/lib/krb5/crypto.c @@ -3260,10 +3260,8 @@ krb5_encrypt_iov_ivec(krb5_context context, memcpy(q, data[i].data.data, data[i].data.length); q += data[i].data.length; } - if (piv) { + if (piv) memset(q, 0, piv->data.length); - q += piv->data.length; - } ret = create_checksum(context, et->keyed_checksum, @@ -3299,10 +3297,9 @@ krb5_encrypt_iov_ivec(krb5_context context, memcpy(q, data[i].data.data, data[i].data.length); q += data[i].data.length; } - if (piv) { + if (piv) memset(q, 0, piv->data.length); - q += piv->data.length; - } + ret = _get_derived_key(context, crypto, ENCRYPTION_USAGE(usage), &dkey); if(ret) { @@ -3333,10 +3330,8 @@ krb5_encrypt_iov_ivec(krb5_context context, memcpy(data[i].data.data, q, data[i].data.length); q += data[i].data.length; } - if (piv) { + if (piv) memcpy(piv->data.data, q, pad_sz); - q += pad_sz; - } free(p); diff --git a/lib/krb5/kcm.c b/lib/krb5/kcm.c index f03434197..faa1e6969 100644 --- a/lib/krb5/kcm.c +++ b/lib/krb5/kcm.c @@ -1098,7 +1098,6 @@ _krb5_kcm_get_initial_ticket(krb5_context context, krb5_keyblock *key) { krb5_error_code ret; - krb5_kcmcache *k = KCMCACHE(id); krb5_storage *request; ret = kcm_storage_request(context, KCM_OP_GET_INITIAL_TICKET, &request); diff --git a/lib/krb5/plugin.c b/lib/krb5/plugin.c index f8375f6ae..027f2a72a 100644 --- a/lib/krb5/plugin.c +++ b/lib/krb5/plugin.c @@ -238,7 +238,7 @@ load_plugins(krb5_context context) if (e) { free(path); } else { - ret = loadlib(context, path); /* store or frees path */ + loadlib(context, path); /* store or frees path */ } } closedir(d); diff --git a/lib/krb5/warn.c b/lib/krb5/warn.c index 58fb73189..b88b2004f 100644 --- a/lib/krb5/warn.c +++ b/lib/krb5/warn.c @@ -65,13 +65,13 @@ _warnerr(krb5_context context, int do_errtext, err_str = krb5_get_error_message(context, code); if (err_str != NULL) { - *arg++ = err_str; + *arg = err_str; } else { err_msg = krb5_get_err_text(context, code); if (err_msg) - *arg++ = err_msg; + *arg = err_msg; else - *arg++ = ""; + *arg= ""; } }