base: change ret fieldname to error_code in request struct
This commit is contained in:
52
kdc/bx509d.c
52
kdc/bx509d.c
@@ -657,53 +657,53 @@ bx509_param_cb(void *d,
|
||||
if (strcmp(key, "eku") == 0 && val) {
|
||||
heim_audit_addkv((heim_svc_req_desc)r, KDC_AUDIT_VIS, "requested_eku",
|
||||
"%s", val);
|
||||
r->ret = der_parse_heim_oid(val, ".", &oid);
|
||||
if (r->ret == 0)
|
||||
r->ret = hx509_request_add_eku(r->context->hx509ctx, r->req, &oid);
|
||||
r->error_code = der_parse_heim_oid(val, ".", &oid);
|
||||
if (r->error_code == 0)
|
||||
r->error_code = hx509_request_add_eku(r->context->hx509ctx, r->req, &oid);
|
||||
der_free_oid(&oid);
|
||||
} else if (strcmp(key, "dNSName") == 0 && val) {
|
||||
heim_audit_addkv((heim_svc_req_desc)r, KDC_AUDIT_VIS,
|
||||
"requested_dNSName", "%s", val);
|
||||
r->ret = hx509_request_add_dns_name(r->context->hx509ctx, r->req, val);
|
||||
r->error_code = hx509_request_add_dns_name(r->context->hx509ctx, r->req, val);
|
||||
} else if (strcmp(key, "rfc822Name") == 0 && val) {
|
||||
heim_audit_addkv((heim_svc_req_desc)r, KDC_AUDIT_VIS,
|
||||
"requested_rfc822Name", "%s", val);
|
||||
r->ret = hx509_request_add_email(r->context->hx509ctx, r->req, val);
|
||||
r->error_code = hx509_request_add_email(r->context->hx509ctx, r->req, val);
|
||||
} else if (strcmp(key, "xMPPName") == 0 && val) {
|
||||
heim_audit_addkv((heim_svc_req_desc)r, KDC_AUDIT_VIS,
|
||||
"requested_xMPPName", "%s", val);
|
||||
r->ret = hx509_request_add_xmpp_name(r->context->hx509ctx, r->req,
|
||||
r->error_code = hx509_request_add_xmpp_name(r->context->hx509ctx, r->req,
|
||||
val);
|
||||
} else if (strcmp(key, "krb5PrincipalName") == 0 && val) {
|
||||
heim_audit_addkv((heim_svc_req_desc)r, KDC_AUDIT_VIS,
|
||||
"requested_krb5PrincipalName", "%s", val);
|
||||
r->ret = hx509_request_add_pkinit(r->context->hx509ctx, r->req,
|
||||
r->error_code = hx509_request_add_pkinit(r->context->hx509ctx, r->req,
|
||||
val);
|
||||
} else if (strcmp(key, "ms-upn") == 0 && val) {
|
||||
heim_audit_addkv((heim_svc_req_desc)r, KDC_AUDIT_VIS,
|
||||
"requested_ms_upn", "%s", val);
|
||||
r->ret = hx509_request_add_ms_upn_name(r->context->hx509ctx, r->req,
|
||||
r->error_code = hx509_request_add_ms_upn_name(r->context->hx509ctx, r->req,
|
||||
val);
|
||||
} else if (strcmp(key, "registeredID") == 0 && val) {
|
||||
heim_audit_addkv((heim_svc_req_desc)r, KDC_AUDIT_VIS,
|
||||
"requested_registered_id", "%s", val);
|
||||
r->ret = der_parse_heim_oid(val, ".", &oid);
|
||||
if (r->ret == 0)
|
||||
r->ret = hx509_request_add_registered(r->context->hx509ctx, r->req,
|
||||
r->error_code = der_parse_heim_oid(val, ".", &oid);
|
||||
if (r->error_code == 0)
|
||||
r->error_code = hx509_request_add_registered(r->context->hx509ctx, r->req,
|
||||
&oid);
|
||||
der_free_oid(&oid);
|
||||
} else if (strcmp(key, "csr") == 0 && val) {
|
||||
heim_audit_setkv_bool((heim_svc_req_desc)r, "requested_csr", TRUE);
|
||||
r->ret = 0; /* Handled upstairs */
|
||||
r->error_code = 0; /* Handled upstairs */
|
||||
} else if (strcmp(key, "lifetime") == 0 && val) {
|
||||
r->req_life = parse_time(val, "day");
|
||||
} else {
|
||||
/* Produce error for unknown params */
|
||||
heim_audit_setkv_bool((heim_svc_req_desc)r, "requested_unknown", TRUE);
|
||||
krb5_set_error_message(r->context, r->ret = ENOTSUP,
|
||||
krb5_set_error_message(r->context, r->error_code = ENOTSUP,
|
||||
"Query parameter %s not supported", key);
|
||||
}
|
||||
return r->ret == 0 ? MHD_YES : MHD_NO /* Stop iterating */;
|
||||
return r->error_code == 0 ? MHD_YES : MHD_NO /* Stop iterating */;
|
||||
}
|
||||
|
||||
static krb5_error_code
|
||||
@@ -717,10 +717,10 @@ authorize_CSR(struct bx509_request_desc *r,
|
||||
if (ret)
|
||||
return bad_req(r, ret, MHD_HTTP_SERVICE_UNAVAILABLE,
|
||||
"Could not parse CSR");
|
||||
r->ret = 0;
|
||||
r->error_code = 0;
|
||||
(void) MHD_get_connection_values(r->connection, MHD_GET_ARGUMENT_KIND,
|
||||
bx509_param_cb, r);
|
||||
ret = r->ret;
|
||||
ret = r->error_code;
|
||||
if (ret)
|
||||
return bad_req(r, ret, MHD_HTTP_SERVICE_UNAVAILABLE,
|
||||
"Could not handle query parameters");
|
||||
@@ -903,11 +903,11 @@ set_req_desc(struct MHD_Connection *connection,
|
||||
r->addr = NULL;
|
||||
r->req = NULL;
|
||||
r->req_life = 0;
|
||||
r->ret = ret;
|
||||
r->error_code = ret;
|
||||
r->kv = heim_dict_create(10);
|
||||
r->attributes = heim_dict_create(1);
|
||||
if (ret == 0 && (r->kv == NULL || r->attributes == NULL))
|
||||
r->ret = ret = ENOMEM;
|
||||
r->error_code = ret = ENOMEM;
|
||||
ci = MHD_get_connection_info(connection,
|
||||
MHD_CONNECTION_INFO_CLIENT_ADDRESS);
|
||||
if (ci) {
|
||||
@@ -1755,15 +1755,15 @@ get_tgt_param_cb(void *d,
|
||||
if (!krb5_config_get_bool_default(r->context, NULL,
|
||||
FALSE,
|
||||
"get-tgt", "allow_addresses", NULL)) {
|
||||
krb5_set_error_message(r->context, r->ret = ENOTSUP,
|
||||
krb5_set_error_message(r->context, r->error_code = ENOTSUP,
|
||||
"Query parameter %s not allowed", key);
|
||||
} else {
|
||||
krb5_addresses addresses;
|
||||
|
||||
r->ret = _krb5_parse_address_no_lookup(r->context, val,
|
||||
r->error_code = _krb5_parse_address_no_lookup(r->context, val,
|
||||
&addresses);
|
||||
if (r->ret == 0)
|
||||
r->ret = krb5_append_addresses(r->context, &r->tgt_addresses,
|
||||
if (r->error_code == 0)
|
||||
r->error_code = krb5_append_addresses(r->context, &r->tgt_addresses,
|
||||
&addresses);
|
||||
krb5_free_addresses(r->context, &addresses);
|
||||
}
|
||||
@@ -1775,10 +1775,10 @@ get_tgt_param_cb(void *d,
|
||||
} else {
|
||||
/* Produce error for unknown params */
|
||||
heim_audit_setkv_bool((heim_svc_req_desc)r, "requested_unknown", TRUE);
|
||||
krb5_set_error_message(r->context, r->ret = ENOTSUP,
|
||||
krb5_set_error_message(r->context, r->error_code = ENOTSUP,
|
||||
"Query parameter %s not supported", key);
|
||||
}
|
||||
return r->ret == 0 ? MHD_YES : MHD_NO /* Stop iterating */;
|
||||
return r->error_code == 0 ? MHD_YES : MHD_NO /* Stop iterating */;
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -1808,10 +1808,10 @@ get_tgt(struct bx509_request_desc *r)
|
||||
if (ret)
|
||||
return ret;
|
||||
|
||||
r->ret = 0;
|
||||
r->error_code = 0;
|
||||
(void) MHD_get_connection_values(r->connection, MHD_GET_ARGUMENT_KIND,
|
||||
get_tgt_param_cb, r);
|
||||
ret = r->ret;
|
||||
ret = r->error_code;
|
||||
|
||||
/* k5_get_creds() calls bad_req() */
|
||||
if (ret == 0)
|
||||
|
@@ -1065,8 +1065,8 @@ param_cb(void *d,
|
||||
krb5_set_error_message(r->context, ret = ENOTSUP,
|
||||
"Query parameter %s not supported", key);
|
||||
}
|
||||
if (ret && !r->ret)
|
||||
r->ret = ret;
|
||||
if (ret && !r->error_code)
|
||||
r->error_code = ret;
|
||||
heim_release(s);
|
||||
return ret ? MHD_NO /* Stop iterating */ : MHD_YES;
|
||||
}
|
||||
@@ -1082,7 +1082,7 @@ authorize_req(kadmin_request_desc r)
|
||||
return bad_enomem(r, ret);
|
||||
(void) MHD_get_connection_values(r->connection, MHD_GET_ARGUMENT_KIND,
|
||||
param_cb, r);
|
||||
ret = r->ret;
|
||||
ret = r->error_code;
|
||||
if (ret == EACCES)
|
||||
return bad_403(r, ret, "Not authorized to requested principal(s)");
|
||||
if (ret)
|
||||
@@ -1588,7 +1588,7 @@ set_req_desc(struct MHD_Connection *connection,
|
||||
|
||||
if (ret == 0 && r->kv == NULL) {
|
||||
krb5_log_msg(r->context, logfac, 1, NULL, "Out of memory");
|
||||
ret = r->ret = ENOMEM;
|
||||
ret = r->error_code = ENOMEM;
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
@@ -1685,7 +1685,7 @@ get_config(kadmin_request_desc r)
|
||||
break;
|
||||
}
|
||||
} else {
|
||||
r->ret = ret;
|
||||
r->error_code = ret;
|
||||
return bad_404(r, "/get-config");
|
||||
}
|
||||
}
|
||||
|
@@ -38,6 +38,7 @@
|
||||
|
||||
#include <krb5.h>
|
||||
#include <kdc.h>
|
||||
#include <kdc-accessors.h>
|
||||
#include <hdb.h>
|
||||
|
||||
/*
|
||||
|
@@ -2149,7 +2149,7 @@ _kdc_as_rep(astgs_request_t r)
|
||||
r->e_text = NULL;
|
||||
ret = _kdc_fast_mk_error(r, r->rep.padata, r->armor_crypto,
|
||||
&req->req_body,
|
||||
r->ret = KRB5_KDC_ERR_WRONG_REALM,
|
||||
r->error_code = KRB5_KDC_ERR_WRONG_REALM,
|
||||
r->client->principal, r->server_princ,
|
||||
NULL, NULL, r->reply);
|
||||
goto out;
|
||||
@@ -2714,7 +2714,7 @@ _kdc_as_rep(astgs_request_t r)
|
||||
}
|
||||
|
||||
out:
|
||||
r->ret = ret;
|
||||
r->error_code = ret;
|
||||
_kdc_audit_request(r);
|
||||
|
||||
/*
|
||||
@@ -2725,7 +2725,7 @@ out:
|
||||
r->rep.padata,
|
||||
r->armor_crypto,
|
||||
&req->req_body,
|
||||
r->ret,
|
||||
r->error_code,
|
||||
r->client_princ,
|
||||
r->server_princ,
|
||||
NULL, NULL,
|
||||
|
@@ -1499,7 +1499,7 @@ server_lookup:
|
||||
Realm req_rlm;
|
||||
krb5_realm *realms;
|
||||
|
||||
priv->ret = ret; /* advise policy plugin of failure reason */
|
||||
priv->error_code = ret; /* advise policy plugin of failure reason */
|
||||
ret2 = _kdc_referral_policy(priv);
|
||||
if (ret2 == 0) {
|
||||
krb5_xfree(priv->sname);
|
||||
@@ -2155,7 +2155,7 @@ _kdc_tgs_rep(astgs_request_t r)
|
||||
}
|
||||
|
||||
out:
|
||||
r->ret = ret;
|
||||
r->error_code = ret;
|
||||
_kdc_audit_request(r);
|
||||
|
||||
if(ret && ret != HDB_ERR_NOT_FOUND_HERE && data->data == NULL){
|
||||
@@ -2166,7 +2166,7 @@ out:
|
||||
&error_method,
|
||||
r->armor_crypto,
|
||||
&req->req_body,
|
||||
r->ret,
|
||||
r->error_code,
|
||||
r->client_princ,
|
||||
r->server_princ,
|
||||
csec, cusec,
|
||||
|
@@ -161,7 +161,7 @@ _kdc_audit_trail(kdc_request_t r, krb5_error_code ret)
|
||||
|
||||
/* Get a symbolic name for some error codes */
|
||||
#define CASE(x) case x : retname = #x; break
|
||||
switch (ret ? ret : r->ret) {
|
||||
switch (ret ? ret : r->error_code) {
|
||||
CASE(ENOMEM);
|
||||
CASE(EACCES);
|
||||
CASE(HDB_ERR_NOT_FOUND_HERE);
|
||||
|
@@ -73,6 +73,6 @@
|
||||
/* auditing key/value store */ \
|
||||
heim_dict_t kv; \
|
||||
heim_dict_t attributes; \
|
||||
int32_t ret
|
||||
int32_t error_code
|
||||
|
||||
#endif /* HEIMBASE_SVC_H */
|
||||
|
@@ -1042,7 +1042,7 @@ heim_audit_trail(heim_svc_req_desc r, heim_error_code ret, const char *retname)
|
||||
#define CASE(x) case x : retval = #x; break
|
||||
if (retname) {
|
||||
retval = retname;
|
||||
} else switch (ret ? ret : r->ret) {
|
||||
} else switch (ret ? ret : r->error_code) {
|
||||
CASE(ENOMEM);
|
||||
CASE(ENOENT);
|
||||
CASE(EACCES);
|
||||
|
Reference in New Issue
Block a user