[CalendarServer-changes] [2447] PyKerberos/trunk/src
source_changes at macosforge.org
source_changes at macosforge.org
Thu May 22 19:16:23 PDT 2008
Revision: 2447
http://trac.macosforge.org/projects/calendarserver/changeset/2447
Author: wsanchez at apple.com
Date: 2008-05-22 19:16:22 -0700 (Thu, 22 May 2008)
Log Message:
-----------
Indent with stroustrup style in emacs, which is the closest I could find to what Cyrus is doing
Modified Paths:
--------------
PyKerberos/trunk/src/base64.c
PyKerberos/trunk/src/kerberos.c
PyKerberos/trunk/src/kerberosbasic.c
PyKerberos/trunk/src/kerberosgss.c
PyKerberos/trunk/src/kerberospw.c
Modified: PyKerberos/trunk/src/base64.c
===================================================================
--- PyKerberos/trunk/src/base64.c 2008-05-23 01:25:15 UTC (rev 2446)
+++ PyKerberos/trunk/src/base64.c 2008-05-23 02:16:22 UTC (rev 2447)
@@ -23,7 +23,7 @@
// base64 tables
static char basis_64[] =
-"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
static signed char index_64[128] =
{
-1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
@@ -90,29 +90,29 @@
c1 = value[0];
if (CHAR64(c1) == -1)
goto base64_decode_error;;
- c2 = value[1];
- if (CHAR64(c2) == -1)
- goto base64_decode_error;;
- c3 = value[2];
- if ((c3 != '=') && (CHAR64(c3) == -1))
- goto base64_decode_error;;
- c4 = value[3];
- if ((c4 != '=') && (CHAR64(c4) == -1))
- goto base64_decode_error;;
+ c2 = value[1];
+ if (CHAR64(c2) == -1)
+ goto base64_decode_error;;
+ c3 = value[2];
+ if ((c3 != '=') && (CHAR64(c3) == -1))
+ goto base64_decode_error;;
+ c4 = value[3];
+ if ((c4 != '=') && (CHAR64(c4) == -1))
+ goto base64_decode_error;;
- value += 4;
- *out++ = (CHAR64(c1) << 2) | (CHAR64(c2) >> 4);
- *rlen += 1;
- if (c3 != '=')
- {
- *out++ = ((CHAR64(c2) << 4) & 0xf0) | (CHAR64(c3) >> 2);
- *rlen += 1;
- if (c4 != '=')
- {
- *out++ = ((CHAR64(c3) << 6) & 0xc0) | CHAR64(c4);
- *rlen += 1;
- }
- }
+ value += 4;
+ *out++ = (CHAR64(c1) << 2) | (CHAR64(c2) >> 4);
+ *rlen += 1;
+ if (c3 != '=')
+ {
+ *out++ = ((CHAR64(c2) << 4) & 0xf0) | (CHAR64(c3) >> 2);
+ *rlen += 1;
+ if (c4 != '=')
+ {
+ *out++ = ((CHAR64(c3) << 6) & 0xc0) | CHAR64(c4);
+ *rlen += 1;
+ }
+ }
}
base64_decode_error:
Modified: PyKerberos/trunk/src/kerberos.c
===================================================================
--- PyKerberos/trunk/src/kerberos.c 2008-05-23 01:25:15 UTC (rev 2446)
+++ PyKerberos/trunk/src/kerberos.c 2008-05-23 02:16:22 UTC (rev 2447)
@@ -270,31 +270,31 @@
static PyMethodDef KerberosMethods[] = {
{"checkPassword", checkPassword, METH_VARARGS,
- "Check the supplied user/password against Kerberos KDC."},
+ "Check the supplied user/password against Kerberos KDC."},
{"changePassword", changePassword, METH_VARARGS,
- "Change the user password."},
+ "Change the user password."},
{"getServerPrincipalDetails", getServerPrincipalDetails, METH_VARARGS,
- "Return the service principal for a given service and hostname."},
+ "Return the service principal for a given service and hostname."},
{"authGSSClientInit", authGSSClientInit, METH_VARARGS,
- "Initialize client-side GSSAPI operations."},
+ "Initialize client-side GSSAPI operations."},
{"authGSSClientClean", authGSSClientClean, METH_VARARGS,
- "Terminate client-side GSSAPI operations."},
+ "Terminate client-side GSSAPI operations."},
{"authGSSClientStep", authGSSClientStep, METH_VARARGS,
- "Do a client-side GSSAPI step."},
+ "Do a client-side GSSAPI step."},
{"authGSSClientResponse", authGSSClientResponse, METH_VARARGS,
- "Get the response from the last client-side GSSAPI step."},
+ "Get the response from the last client-side GSSAPI step."},
{"authGSSClientUserName", authGSSClientUserName, METH_VARARGS,
- "Get the user name from the last client-side GSSAPI step."},
+ "Get the user name from the last client-side GSSAPI step."},
{"authGSSServerInit", authGSSServerInit, METH_VARARGS,
- "Initialize server-side GSSAPI operations."},
+ "Initialize server-side GSSAPI operations."},
{"authGSSServerClean", authGSSServerClean, METH_VARARGS,
- "Terminate server-side GSSAPI operations."},
+ "Terminate server-side GSSAPI operations."},
{"authGSSServerStep", authGSSServerStep, METH_VARARGS,
- "Do a server-side GSSAPI step."},
+ "Do a server-side GSSAPI step."},
{"authGSSServerResponse", authGSSServerResponse, METH_VARARGS,
- "Get the response from the last server-side GSSAPI step."},
+ "Get the response from the last server-side GSSAPI step."},
{"authGSSServerUserName", authGSSServerUserName, METH_VARARGS,
- "Get the user name from the last server-side GSSAPI step."},
+ "Get the user name from the last server-side GSSAPI step."},
{NULL, NULL, 0, NULL} /* Sentinel */
};
Modified: PyKerberos/trunk/src/kerberosbasic.c
===================================================================
--- PyKerberos/trunk/src/kerberosbasic.c 2008-05-23 01:25:15 UTC (rev 2446)
+++ PyKerberos/trunk/src/kerberosbasic.c 2008-05-23 02:16:22 UTC (rev 2447)
@@ -44,7 +44,7 @@
if (code)
{
PyErr_SetObject(BasicAuthException_class, Py_BuildValue("((s:i))",
- "Cannot initialize Kerberos5 context", code));
+ "Cannot initialize Kerberos5 context", code));
return 0;
}
Modified: PyKerberos/trunk/src/kerberosgss.c
===================================================================
--- PyKerberos/trunk/src/kerberosgss.c 2008-05-23 01:25:15 UTC (rev 2446)
+++ PyKerberos/trunk/src/kerberosgss.c 2008-05-23 02:16:22 UTC (rev 2447)
@@ -50,57 +50,57 @@
code = krb5_init_context(&kcontext);
if (code)
{
- PyErr_SetObject(KrbException_class, Py_BuildValue("((s:i))",
- "Cannot initialize Kerberos5 context", code));
- return NULL;
+ PyErr_SetObject(KrbException_class, Py_BuildValue("((s:i))",
+ "Cannot initialize Kerberos5 context", code));
+ return NULL;
}
if ((code = krb5_kt_default(kcontext, &kt)))
{
- PyErr_SetObject(KrbException_class, Py_BuildValue("((s:i))",
- "Cannot get default keytab", code));
- goto end;
+ PyErr_SetObject(KrbException_class, Py_BuildValue("((s:i))",
+ "Cannot get default keytab", code));
+ goto end;
}
if ((code = krb5_kt_start_seq_get(kcontext, kt, &cursor)))
{
- PyErr_SetObject(KrbException_class, Py_BuildValue("((s:i))",
- "Cannot get sequence cursor from keytab", code));
- goto end;
+ PyErr_SetObject(KrbException_class, Py_BuildValue("((s:i))",
+ "Cannot get sequence cursor from keytab", code));
+ goto end;
}
while ((code = krb5_kt_next_entry(kcontext, kt, &entry, &cursor)) == 0)
{
- if ((code = krb5_unparse_name(kcontext, entry.principal, &pname)))
- {
- PyErr_SetObject(KrbException_class, Py_BuildValue("((s:i))",
- "Cannot parse principal name from keytab", code));
- goto end;
- }
+ if ((code = krb5_unparse_name(kcontext, entry.principal, &pname)))
+ {
+ PyErr_SetObject(KrbException_class, Py_BuildValue("((s:i))",
+ "Cannot parse principal name from keytab", code));
+ goto end;
+ }
- if (strncmp(pname, match, match_len) == 0)
- {
- result = malloc(strlen(pname) + 1);
- strcpy(result, pname);
- krb5_free_unparsed_name(kcontext, pname);
- break;
- }
+ if (strncmp(pname, match, match_len) == 0)
+ {
+ result = malloc(strlen(pname) + 1);
+ strcpy(result, pname);
+ krb5_free_unparsed_name(kcontext, pname);
+ break;
+ }
- krb5_free_unparsed_name(kcontext, pname);
- krb5_free_keytab_entry_contents(kcontext, &entry);
+ krb5_free_unparsed_name(kcontext, pname);
+ krb5_free_keytab_entry_contents(kcontext, &entry);
}
if (result == NULL)
{
- PyErr_SetObject(KrbException_class, Py_BuildValue("((s:i))",
- "Principal not found in keytab", -1));
+ PyErr_SetObject(KrbException_class, Py_BuildValue("((s:i))",
+ "Principal not found in keytab", -1));
}
end:
if (cursor)
- krb5_kt_end_seq_get(kcontext, kt, &cursor);
+ krb5_kt_end_seq_get(kcontext, kt, &cursor);
if (kt)
- krb5_kt_close(kcontext, kt);
+ krb5_kt_close(kcontext, kt);
krb5_free_context(kcontext);
return result;
@@ -126,9 +126,9 @@
if (GSS_ERROR(maj_stat))
{
- set_gss_error(maj_stat, min_stat);
- ret = AUTH_GSS_ERROR;
- goto end;
+ set_gss_error(maj_stat, min_stat);
+ ret = AUTH_GSS_ERROR;
+ goto end;
}
end:
@@ -142,18 +142,18 @@
int ret = AUTH_GSS_COMPLETE;
if (state->context != GSS_C_NO_CONTEXT)
- maj_stat = gss_delete_sec_context(&min_stat, &state->context, GSS_C_NO_BUFFER);
+ maj_stat = gss_delete_sec_context(&min_stat, &state->context, GSS_C_NO_BUFFER);
if (state->server_name != GSS_C_NO_NAME)
- maj_stat = gss_release_name(&min_stat, &state->server_name);
+ maj_stat = gss_release_name(&min_stat, &state->server_name);
if (state->username != NULL)
{
- free(state->username);
- state->username = NULL;
+ free(state->username);
+ state->username = NULL;
}
if (state->response != NULL)
{
- free(state->response);
- state->response = NULL;
+ free(state->response);
+ state->response = NULL;
}
return ret;
@@ -170,87 +170,87 @@
// Always clear out the old response
if (state->response != NULL)
{
- free(state->response);
- state->response = NULL;
+ free(state->response);
+ state->response = NULL;
}
// If there is a challenge (data from the server) we need to give it to GSS
if (challenge && *challenge)
{
- int len;
- input_token.value = base64_decode(challenge, &len);
- input_token.length = len;
+ int len;
+ input_token.value = base64_decode(challenge, &len);
+ input_token.length = len;
}
// Do GSSAPI step
maj_stat = gss_init_sec_context(&min_stat,
- GSS_C_NO_CREDENTIAL,
- &state->context,
- state->server_name,
- GSS_C_NO_OID,
- GSS_C_MUTUAL_FLAG | GSS_C_SEQUENCE_FLAG,
- 0,
- GSS_C_NO_CHANNEL_BINDINGS,
- &input_token,
- NULL,
- &output_token,
- NULL,
- NULL);
+ GSS_C_NO_CREDENTIAL,
+ &state->context,
+ state->server_name,
+ GSS_C_NO_OID,
+ GSS_C_MUTUAL_FLAG | GSS_C_SEQUENCE_FLAG,
+ 0,
+ GSS_C_NO_CHANNEL_BINDINGS,
+ &input_token,
+ NULL,
+ &output_token,
+ NULL,
+ NULL);
if ((maj_stat != GSS_S_COMPLETE) && (maj_stat != GSS_S_CONTINUE_NEEDED))
{
- set_gss_error(maj_stat, min_stat);
- ret = AUTH_GSS_ERROR;
- goto end;
+ set_gss_error(maj_stat, min_stat);
+ ret = AUTH_GSS_ERROR;
+ goto end;
}
ret = (maj_stat == GSS_S_COMPLETE) ? AUTH_GSS_COMPLETE : AUTH_GSS_CONTINUE;
// Grab the client response to send back to the server
if (output_token.length)
{
- state->response = base64_encode((const unsigned char *)output_token.value, output_token.length);;
- maj_stat = gss_release_buffer(&min_stat, &output_token);
+ state->response = base64_encode((const unsigned char *)output_token.value, output_token.length);;
+ maj_stat = gss_release_buffer(&min_stat, &output_token);
}
// Try to get the user name if we have completed all GSS operations
if (ret == AUTH_GSS_COMPLETE)
{
- gss_name_t gssuser = GSS_C_NO_NAME;
- maj_stat = gss_inquire_context(&min_stat, state->context, &gssuser, NULL, NULL, NULL, NULL, NULL, NULL);
- if (GSS_ERROR(maj_stat))
- {
- set_gss_error(maj_stat, min_stat);
- ret = AUTH_GSS_ERROR;
- goto end;
- }
+ gss_name_t gssuser = GSS_C_NO_NAME;
+ maj_stat = gss_inquire_context(&min_stat, state->context, &gssuser, NULL, NULL, NULL, NULL, NULL, NULL);
+ if (GSS_ERROR(maj_stat))
+ {
+ set_gss_error(maj_stat, min_stat);
+ ret = AUTH_GSS_ERROR;
+ goto end;
+ }
- gss_buffer_desc name_token;
- name_token.length = 0;
- maj_stat = gss_display_name(&min_stat, gssuser, &name_token, NULL);
- if (GSS_ERROR(maj_stat))
- {
- if (name_token.value)
- gss_release_buffer(&min_stat, &name_token);
- gss_release_name(&min_stat, &gssuser);
+ gss_buffer_desc name_token;
+ name_token.length = 0;
+ maj_stat = gss_display_name(&min_stat, gssuser, &name_token, NULL);
+ if (GSS_ERROR(maj_stat))
+ {
+ if (name_token.value)
+ gss_release_buffer(&min_stat, &name_token);
+ gss_release_name(&min_stat, &gssuser);
- set_gss_error(maj_stat, min_stat);
- ret = AUTH_GSS_ERROR;
- goto end;
- }
- else
- {
- state->username = (char *)malloc(name_token.length + 1);
- strncpy(state->username, (char*) name_token.value, name_token.length);
- state->username[name_token.length] = 0;
- gss_release_buffer(&min_stat, &name_token);
- gss_release_name(&min_stat, &gssuser);
- }
+ set_gss_error(maj_stat, min_stat);
+ ret = AUTH_GSS_ERROR;
+ goto end;
+ }
+ else
+ {
+ state->username = (char *)malloc(name_token.length + 1);
+ strncpy(state->username, (char*) name_token.value, name_token.length);
+ state->username[name_token.length] = 0;
+ gss_release_buffer(&min_stat, &name_token);
+ gss_release_name(&min_stat, &gssuser);
+ }
}
end:
if (output_token.value)
- gss_release_buffer(&min_stat, &output_token);
+ gss_release_buffer(&min_stat, &output_token);
if (input_token.value)
- free(input_token.value);
+ free(input_token.value);
return ret;
}
@@ -277,20 +277,20 @@
if (GSS_ERROR(maj_stat))
{
- set_gss_error(maj_stat, min_stat);
- ret = AUTH_GSS_ERROR;
- goto end;
+ set_gss_error(maj_stat, min_stat);
+ ret = AUTH_GSS_ERROR;
+ goto end;
}
// Get credentials
maj_stat = gss_acquire_cred(&min_stat, state->server_name, GSS_C_INDEFINITE,
- GSS_C_NO_OID_SET, GSS_C_ACCEPT, &state->server_creds, NULL, NULL);
+ GSS_C_NO_OID_SET, GSS_C_ACCEPT, &state->server_creds, NULL, NULL);
if (GSS_ERROR(maj_stat))
{
- set_gss_error(maj_stat, min_stat);
- ret = AUTH_GSS_ERROR;
- goto end;
+ set_gss_error(maj_stat, min_stat);
+ ret = AUTH_GSS_ERROR;
+ goto end;
}
end:
@@ -304,24 +304,24 @@
int ret = AUTH_GSS_COMPLETE;
if (state->context != GSS_C_NO_CONTEXT)
- maj_stat = gss_delete_sec_context(&min_stat, &state->context, GSS_C_NO_BUFFER);
+ maj_stat = gss_delete_sec_context(&min_stat, &state->context, GSS_C_NO_BUFFER);
if (state->server_name != GSS_C_NO_NAME)
- maj_stat = gss_release_name(&min_stat, &state->server_name);
+ maj_stat = gss_release_name(&min_stat, &state->server_name);
if (state->client_name != GSS_C_NO_NAME)
- maj_stat = gss_release_name(&min_stat, &state->client_name);
+ maj_stat = gss_release_name(&min_stat, &state->client_name);
if (state->server_creds != GSS_C_NO_CREDENTIAL)
- maj_stat = gss_release_cred(&min_stat, &state->server_creds);
+ maj_stat = gss_release_cred(&min_stat, &state->server_creds);
if (state->client_creds != GSS_C_NO_CREDENTIAL)
- maj_stat = gss_release_cred(&min_stat, &state->client_creds);
+ maj_stat = gss_release_cred(&min_stat, &state->client_creds);
if (state->username != NULL)
{
- free(state->username);
- state->username = NULL;
+ free(state->username);
+ state->username = NULL;
}
if (state->response != NULL)
{
- free(state->response);
- state->response = NULL;
+ free(state->response);
+ state->response = NULL;
}
return ret;
@@ -338,56 +338,56 @@
// Always clear out the old response
if (state->response != NULL)
{
- free(state->response);
- state->response = NULL;
+ free(state->response);
+ state->response = NULL;
}
// If there is a challenge (data from the server) we need to give it to GSS
if (challenge && *challenge)
{
- int len;
- input_token.value = base64_decode(challenge, &len);
- input_token.length = len;
+ int len;
+ input_token.value = base64_decode(challenge, &len);
+ input_token.length = len;
}
else
{
- PyErr_SetString(KrbException_class, "No challenge parameter in request from client");
- ret = AUTH_GSS_ERROR;
- goto end;
+ PyErr_SetString(KrbException_class, "No challenge parameter in request from client");
+ ret = AUTH_GSS_ERROR;
+ goto end;
}
maj_stat = gss_accept_sec_context(&min_stat,
- &state->context,
- state->server_creds,
- &input_token,
- GSS_C_NO_CHANNEL_BINDINGS,
- &state->client_name,
- NULL,
- &output_token,
- NULL,
- NULL,
- &state->client_creds);
+ &state->context,
+ state->server_creds,
+ &input_token,
+ GSS_C_NO_CHANNEL_BINDINGS,
+ &state->client_name,
+ NULL,
+ &output_token,
+ NULL,
+ NULL,
+ &state->client_creds);
if (GSS_ERROR(maj_stat))
{
- set_gss_error(maj_stat, min_stat);
- ret = AUTH_GSS_ERROR;
- goto end;
+ set_gss_error(maj_stat, min_stat);
+ ret = AUTH_GSS_ERROR;
+ goto end;
}
// Grab the server response to send back to the client
if (output_token.length)
{
- state->response = base64_encode((const unsigned char *)output_token.value, output_token.length);;
- maj_stat = gss_release_buffer(&min_stat, &output_token);
+ state->response = base64_encode((const unsigned char *)output_token.value, output_token.length);;
+ maj_stat = gss_release_buffer(&min_stat, &output_token);
}
maj_stat = gss_display_name(&min_stat, state->client_name, &output_token, NULL);
if (GSS_ERROR(maj_stat))
{
- set_gss_error(maj_stat, min_stat);
- ret = AUTH_GSS_ERROR;
- goto end;
+ set_gss_error(maj_stat, min_stat);
+ ret = AUTH_GSS_ERROR;
+ goto end;
}
state->username = (char *)malloc(output_token.length + 1);
strncpy(state->username, (char*) output_token.value, output_token.length);
@@ -397,9 +397,9 @@
end:
if (output_token.length)
- gss_release_buffer(&min_stat, &output_token);
+ gss_release_buffer(&min_stat, &output_token);
if (input_token.value)
- free(input_token.value);
+ free(input_token.value);
return ret;
}
@@ -414,30 +414,29 @@
do
{
- maj_stat = gss_display_status (&min_stat,
- err_maj,
- GSS_C_GSS_CODE,
- GSS_C_NO_OID,
- &msg_ctx,
- &status_string);
- if (GSS_ERROR(maj_stat))
- break;
- strncpy(buf_maj, (char*) status_string.value, sizeof(buf_maj));
- gss_release_buffer(&min_stat, &status_string);
+ maj_stat = gss_display_status (&min_stat,
+ err_maj,
+ GSS_C_GSS_CODE,
+ GSS_C_NO_OID,
+ &msg_ctx,
+ &status_string);
+ if (GSS_ERROR(maj_stat))
+ break;
+ strncpy(buf_maj, (char*) status_string.value, sizeof(buf_maj));
+ gss_release_buffer(&min_stat, &status_string);
- maj_stat = gss_display_status (&min_stat,
- err_min,
- GSS_C_MECH_CODE,
- GSS_C_NULL_OID,
- &msg_ctx,
- &status_string);
- if (!GSS_ERROR(maj_stat))
- {
- strncpy(buf_min, (char*) status_string.value, sizeof(buf_min));
- gss_release_buffer(&min_stat, &status_string);
- }
+ maj_stat = gss_display_status (&min_stat,
+ err_min,
+ GSS_C_MECH_CODE,
+ GSS_C_NULL_OID,
+ &msg_ctx,
+ &status_string);
+ if (!GSS_ERROR(maj_stat))
+ {
+ strncpy(buf_min, (char*) status_string.value, sizeof(buf_min));
+ gss_release_buffer(&min_stat, &status_string);
+ }
} while (!GSS_ERROR(maj_stat) && msg_ctx != 0);
PyErr_SetObject(GssException_class, Py_BuildValue("((s:i)(s:i))", buf_maj, err_maj, buf_min, err_min));
}
-
Modified: PyKerberos/trunk/src/kerberospw.c
===================================================================
--- PyKerberos/trunk/src/kerberospw.c 2008-05-23 01:25:15 UTC (rev 2446)
+++ PyKerberos/trunk/src/kerberospw.c 2008-05-23 02:16:22 UTC (rev 2447)
@@ -28,15 +28,15 @@
static void set_pwchange_error(krb5_context context, krb5_error_code code)
{
PyErr_SetObject(PwdChangeException_class, Py_BuildValue("(s:i)",
- krb5_get_err_text(context, code), code));
+ krb5_get_err_text(context, code), code));
}
/* Inspired by krb5_verify_user from Heimdal */
static krb5_error_code verify_krb5_user(krb5_context context,
krb5_principal principal,
const char *password,
- const char *service,
- krb5_creds* creds)
+ const char *service,
+ krb5_creds* creds)
{
krb5_get_init_creds_opt gic_options;
krb5_error_code code;
@@ -104,7 +104,7 @@
goto end;
code = krb5_change_password(kcontext, &creds, (char*)newpswd,
- &result_code, &result_code_string, &result_string);
+ &result_code, &result_code_string, &result_string);
if (code) {
set_pwchange_error(kcontext, code);
goto end;
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20080522/484af9ed/attachment-0001.htm
More information about the calendarserver-changes
mailing list