auth/credentials: simplify password_tries state

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/auth/credentials/credentials.c b/auth/credentials/credentials.c
index f33446501c7413fe2dca77172535940b5244d961..4ac53564418040a56592d067d7bb5c0242581822 100644 (file)
--- a/auth/credentials/credentials.c
+++ b/auth/credentials/credentials.c
@@ -104,7 +104,7 @@ _PUBLIC_ struct cli_credentials *cli_credentials_init(TALLOC_CTX *mem_ctx)
 
        cred->machine_account = false;
 
-       cred->tries = 3;
+       cred->password_tries = 0;
 
        cred->callback_running = false;
 
@@ -397,6 +397,7 @@ _PUBLIC_ bool cli_credentials_set_password(struct cli_credentials *cred,
                                  enum credentials_obtained obtained)
 {
        if (obtained >= cred->password_obtained) {
+               cred->password_tries = 0;
                cred->password = talloc_strdup(cred, val);
                if (cred->password) {
                        /* Don't print the actual password in talloc memory dumps */
@@ -418,6 +419,7 @@ _PUBLIC_ bool cli_credentials_set_password_callback(struct cli_credentials *cred
                                           const char *(*password_cb) (struct cli_credentials *))
 {
        if (cred->password_obtained < CRED_CALLBACK) {
+               cred->password_tries = 3;
                cred->password_cb = password_cb;
                cred->password_obtained = CRED_CALLBACK;
                cli_credentials_invalidate_ccache(cred, cred->password_obtained);
@@ -897,12 +899,19 @@ _PUBLIC_ bool cli_credentials_wrong_password(struct cli_credentials *cred)
        if (cred->password_obtained != CRED_CALLBACK_RESULT) {
                return false;
        }
-       
-       cred->password_obtained = CRED_CALLBACK;
 
-       cred->tries--;
+       if (cred->password_tries == 0) {
+               return false;
+       }
+
+       cred->password_tries--;
 
-       return (cred->tries > 0);
+       if (cred->password_tries == 0) {
+               return false;
+       }
+
+       cred->password_obtained = CRED_CALLBACK;
+       return true;
 }
 
 _PUBLIC_ void cli_credentials_get_ntlm_username_domain(struct cli_credentials *cred, TALLOC_CTX *mem_ctx, 

diff --git a/auth/credentials/credentials_internal.h b/auth/credentials/credentials_internal.h
index 5a3655b7352828895df6bf0f3e4ea3afc765c0fb..f2f79b9f774e064c2733bb98db73fcfca3ab4d89 100644 (file)
--- a/auth/credentials/credentials_internal.h
+++ b/auth/credentials/credentials_internal.h
@@ -105,7 +105,7 @@ struct cli_credentials {
        uint32_t gensec_features;
 
        /* Number of retries left before bailing out */
-       int tries;
+       uint32_t password_tries;
 
        /* Whether any callback is currently running */
        bool callback_running;