From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Sat, 15 Mar 2003 19:10:38 +0000 (+0000)
Subject: Make this compile w/ Heimdal and fix some gcc warnings.
X-Git-Tag: SUDO_1_6_7~35
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=80013dd9156d9a0b53a7b87ab6d20fbd16e6b03d;p=sudo

Make this compile w/ Heimdal and fix some gcc warnings.
---

diff --git a/auth/kerb5.c b/auth/kerb5.c
index 7ebb4f30b..3f1df08ce 100644
--- a/auth/kerb5.c
+++ b/auth/kerb5.c
@@ -93,16 +93,12 @@ kerb5_init(pw, promptp, auth)
 
     auth->data = (VOID *) &sudo_krb5_data; /* Stash all our data here */
 
-    if (error = krb5_init_context(&(sudo_krb5_data.sudo_context))) {
-	log_error(NO_EXIT|NO_MAIL, 
-		  "%s: unable to initialize context: %s", auth->name,
-		  error_message(error));
+    if ((error = krb5_init_context(&(sudo_krb5_data.sudo_context))))
 	return(AUTH_FAILURE);
-    }
     sudo_context = sudo_krb5_data.sudo_context;
 
-    if (error = krb5_parse_name(sudo_context, pw->pw_name,
-	&(sudo_krb5_data.princ))) {
+    if ((error = krb5_parse_name(sudo_context, pw->pw_name,
+	&(sudo_krb5_data.princ)))) {
 	log_error(NO_EXIT|NO_MAIL, 
 		  "%s: unable to parse '%s': %s", auth->name, pw->pw_name,
 		  error_message(error));
@@ -115,7 +111,7 @@ kerb5_init(pw, promptp, auth)
      * The API does not currently provide this unless the auth is standalone.
      */
 #if 1
-    if (error = krb5_unparse_name(sudo_context, princ, &pname)) {
+    if ((error = krb5_unparse_name(sudo_context, princ, &pname))) {
 	log_error(NO_EXIT|NO_MAIL,
 		  "%s: unable to unparse princ ('%s'): %s", auth->name,
 		  pw->pw_name, error_message(error));
@@ -130,7 +126,7 @@ kerb5_init(pw, promptp, auth)
 #endif
 
     /* For CNS compatibility */
-    if (error = krb5_cc_register(sudo_context, &krb5_mcc_ops, FALSE)) {
+    if ((error = krb5_cc_register(sudo_context, &krb5_mcc_ops, FALSE))) {
 	if (error != KRB5_CC_TYPE_EXISTS) {
 	    log_error(NO_EXIT|NO_MAIL, 
 		      "%s: unable to use Memory ccache: %s", auth->name,
@@ -141,8 +137,8 @@ kerb5_init(pw, promptp, auth)
 
     (void) snprintf(cache_name, sizeof(cache_name), "MEMORY:sudocc_%ld",
 		    (long) getpid());
-    if (error = krb5_cc_resolve(sudo_context, cache_name,
-	&(sudo_krb5_data.ccache))) {
+    if ((error = krb5_cc_resolve(sudo_context, cache_name,
+	&(sudo_krb5_data.ccache)))) {
 	log_error(NO_EXIT|NO_MAIL, 
 		  "%s: unable to resolve ccache: %s", auth->name,
 		  error_message(error));
@@ -150,7 +146,7 @@ kerb5_init(pw, promptp, auth)
     }
     ccache = sudo_krb5_data.ccache;
 
-    if (error = krb5_cc_initialize(sudo_context, ccache, princ)) {
+    if ((error = krb5_cc_initialize(sudo_context, ccache, princ))) {
 	log_error(NO_EXIT|NO_MAIL, 
 		  "%s: unable to initialize ccache: %s", auth->name,
 		  error_message(error));
@@ -172,7 +168,6 @@ kerb5_verify(pw, pass, auth)
     krb5_creds		creds;
     krb5_error_code	error;
     krb5_get_init_creds_opt opts;
-    char		cache_name[64];
 
     sudo_context = ((sudo_krb5_datap) auth->data)->sudo_context;
     princ = ((sudo_krb5_datap) auth->data)->princ;
@@ -182,9 +177,9 @@ kerb5_verify(pw, pass, auth)
     krb5_get_init_creds_opt_init(&opts);
 
     /* Note that we always obtain a new TGT to verify the user */
-    if (error = krb5_get_init_creds_password(sudo_context, &creds, princ,
+    if ((error = krb5_get_init_creds_password(sudo_context, &creds, princ,
 					     pass, krb5_prompter_posix,
-					     NULL, 0, NULL, &opts)) {
+					     NULL, 0, NULL, &opts))) {
 	if (error == KRB5KRB_AP_ERR_BAD_INTEGRITY) /* Bad password */
 	    return(AUTH_FAILURE);
 	/* Some other error */
@@ -195,7 +190,7 @@ kerb5_verify(pw, pass, auth)
     }
 
     /* Stash the TGT so we can verify it. */
-    if (error = krb5_cc_store_cred(sudo_context, ccache, &creds)) {
+    if ((error = krb5_cc_store_cred(sudo_context, ccache, &creds))) {
 	log_error(NO_EXIT|NO_MAIL, 
 		  "%s: unable to store credentials: %s", auth->name,
 		  error_message(error));
@@ -263,26 +258,25 @@ verify_krb_v5_tgt(sudo_context, ccache, auth_name)
      * Get the server principal for the local host.
      * (Use defaults of "host" and canonicalized local name.)
      */
-    if (error = krb5_sname_to_principal(sudo_context, NULL, NULL,
-					KRB5_NT_SRV_HST, &princ)) {
+    if ((error = krb5_sname_to_principal(sudo_context, NULL, NULL,
+					KRB5_NT_SRV_HST, &princ))) {
 	log_error(NO_EXIT|NO_MAIL, 
 		  "%s: unable to get host principal: %s", auth_name,
 		  error_message(error));
 	return(-1);
     }
 
-    /* Extract the name directly. Yow. */
-    strncpy(phost, krb5_princ_component(sudo_context, princ, 1)->data,
-	    sizeof(phost) - 1);
-    phost[sizeof(phost) - 1] = '\0';
+    /* Extract the name directly. 
+    strlcpy(phost, krb5_principal_get_realm(sudo_context, princ, 1),
+	    sizeof(phost));
 
     /*
      * Do we have host/<host> keys?
      * (use default keytab, kvno IGNORE_VNO to get the first match,
      * and enctype is currently ignored anyhow.)
      */
-    if (error = krb5_kt_read_service_key(sudo_context, NULL, princ, 0,
-					 ENCTYPE_DES_CBC_MD5, &keyblock)) {
+    if ((error = krb5_kt_read_service_key(sudo_context, NULL, princ, 0,
+					 ETYPE_DES_CBC_MD5, &keyblock))) {
 	/* Keytab or service key does not exist. */
 	log_error(NO_EXIT,
 		  "%s: host service key not found: %s", auth_name,
@@ -307,7 +301,7 @@ verify_krb_v5_tgt(sudo_context, ccache, auth_name)
 			    NULL, NULL, NULL);
 cleanup:
     if (packet.data)
-	krb5_free_data_contents(sudo_context, &packet);
+	krb5_data_free(&packet);
     krb5_free_principal(sudo_context, princ);
 
     if (error)