static krb5_error_code
pk_check_pkauthenticator(krb5_context context,
- PKAuthenticator *a,
+ const PKAuthenticator *a,
const KDC_REQ *req)
{
krb5_error_code ret;
if (ret) {
close(fd);
kdc_log(r->context, config, 0,
- "PKINIT failed to stat ocsp data %d", ret);
+ "PKINIT failed to allocate ocsp data %d", ret);
goto out_ocsp;
}
ocsp.data.length = sb.st_size;
goto out;
if (list.len != 1) {
- kdc_log(context, config, 0,
- "More than one PKINIT MS UPN SAN");
+ if (list.len)
+ kdc_log(context, config, 0,
+ "More than one PKINIT MS UPN SAN");
+ else
+ kdc_log(context, config, 0,
+ "No PKINIT MS UPN SAN");
ret = KRB5_KDC_ERR_CLIENT_NAME_MISMATCH;
goto out;
}
}
if (size != list.val[0].length) {
free_MS_UPN_SAN(&upn);
- kdc_log(context, config, 0, "Trailing data in ");
+ kdc_log(context, config, 0, "Trailing data in MS UPN SAN");
ret = KRB5_KDC_ERR_CLIENT_NAME_MISMATCH;
goto out;
}
NULL,
NULL);
if (ret) {
- krb5_warn(context, ret, "PKINIT: ");
+ krb5_warn(context, ret, "PKINIT: failed to load ID");
config->enable_pkinit = 0;
return ret;
}
pk_anon_fast_armor = 0;
} else if (argc && argv[0][0] == '@' &&
(gss_preauth_mech || anonymous_flag)) {
- const char *instance;
+ const char *instance = NULL;
if (gss_preauth_mech) {
instance = KRB5_FEDERATED_NAME;
unsigned char* to, RSA* rsa, int padding)
{
unsigned char *p = NULL, *p0 = NULL;
- size_t size, ssize, padlen;
+ size_t size, ssize = 0, padlen;
mp_int enc, dec, n, e;
mp_err ret;
int where = __LINE__;
ltm_rsa_public_decrypt(int flen, const unsigned char* from,
unsigned char* to, RSA* rsa, int padding)
{
- unsigned char *p;
+ unsigned char *p = NULL;
mp_err ret;
- size_t size;
+ size_t size = 0;
mp_int s, us, n, e;
int where = __LINE__;
ltm_rsa_private_encrypt(int flen, const unsigned char* from,
unsigned char* to, RSA* rsa, int padding)
{
- unsigned char *ptr, *ptr0 = NULL;
+ unsigned char *ptr = NULL, *ptr0 = NULL;
mp_err ret;
mp_int in, out, n, e;
mp_int bi, b;
hx509_request req)
{
hx509_san_type san_type;
- heim_oid oid = { 0, 0 };
+ heim_oid oid = { 0, NULL };
KeyUsage ku;
size_t i;
char *s = NULL;
size_t i;
for (i = 0; ret == 0 && ekus[i]; i++) {
- heim_oid oid = { 0, 0 };
+ heim_oid oid = { 0, NULL };
if ((ret = der_find_or_parse_heim_oid(ekus[i], ".", &oid)) == 0)
ret = hx509_ca_tbs_add_eku(context, tbs, &oid);
if (len < 0)
return ENOMEM;
- ret = asprintf(str, "certificate with id %s", keyid);
+ if (len)
+ ret = asprintf(str, "certificate with id %s", keyid);
+ else
+ ret = asprintf(str, "certificate");
free(keyid);
break;
}
}
for (found_valid_sig = 0, i = 0; i < sd.signerInfos.len; i++) {
- heim_octet_string signed_data = { 0, 0 };
+ heim_octet_string signed_data = { 0, NULL };
const heim_oid *match_oid;
heim_oid decode_oid;
}
/**
- * Decode SignedData and verify that the signature is correct.
+ * Sign and encode a SignedData structure.
*
* @param context A hx509 context.
* @param flags
heim_octet_string *signed_data)
{
unsigned int i, j;
- hx509_name name;
int ret;
size_t size;
struct sigctx sigctx;
memset(&sigctx, 0, sizeof(sigctx));
- memset(&name, 0, sizeof(name));
if (eContentType == NULL)
eContentType = &asn1_oid_id_pkcs7_data;
ENGINE *engine)
{
HMAC_CTX *ctx;
- krb5_data current = {0, 0};
+ krb5_data current = {0, NULL};
int i;
if (crypto != NULL) {
#include <errno.h>
extern int sys_nerr;
-extern char *sys_errlist[];
+extern const char *const sys_errlist[];
ROKEN_LIB_FUNCTION char* ROKEN_LIB_CALL
strerror(int eno)
#!/usr/local/bin/python
-# -*- coding: iso-8859-1 -*-
+# -*- coding: utf-8 -*-
# $Id$
#!/usr/local/bin/python
-# -*- coding: iso-8859-1 -*-
+# -*- coding: utf-8 -*-
# $Id$
#!/usr/local/bin/python
-# -*- coding: iso-8859-1 -*-
+# -*- coding: utf-8 -*-
# $Id$
#!/usr/local/bin/python
-# -*- coding: iso-8859-1 -*-
+# -*- coding: utf-8 -*-
# $Id$
#!/usr/local/bin/python
-# -*- coding: iso-8859-1 -*-
+# -*- coding: utf-8 -*-
# $Id$
#!/usr/local/bin/python
-# -*- coding: iso-8859-1 -*-
+# -*- coding: utf-8 -*-
# $Id$
#!/usr/local/bin/python
-# -*- coding: iso-8859-1 -*-
+# -*- coding: utf-8 -*-
# $Id$
#!/usr/local/bin/python
-# -*- coding: iso-8859-1 -*-
+# -*- coding: utf-8 -*-
# $Id$
#!/usr/local/bin/python
-# -*- coding: iso-8859-1 -*-
+# -*- coding: utf-8 -*-
# $Id$
if not l:
break
if inTable:
- m = re.search('^ *----- End Table ([A-Z0-9\.]+) ----- *$', l)
+ m = re.search(r'^ *----- End Table ([A-Z0-9\.]+) ----- *$', l)
if m:
ret[m.group(1)] = t
inTable = False
else:
t.append(l)
- if re.search('^ *----- Start Table ([A-Z0-9\.]+) ----- *$', l):
+ if re.search(r'^ *----- Start Table ([A-Z0-9\.]+) ----- *$', l):
inTable = True
t = []
f.close()
#!/usr/local/bin/python
-# -*- coding: iso-8859-1 -*-
+# -*- coding: utf-8 -*-
# $Id$
#!/usr/local/bin/python
-# -*- coding: iso-8859-1 -*-
+# -*- coding: utf-8 -*-
# $Id$
#!/usr/local/bin/python
-# -*- coding: iso-8859-1 -*-
+# -*- coding: utf-8 -*-
# $Id$