diff options
| author | Stefan Metzmacher <metze@samba.org> | 2017-06-14 03:36:22 +0200 |
|---|---|---|
| committer | Stefan Metzmacher <metze@samba.org> | 2017-07-05 02:17:12 +0200 |
| commit | 9d7a01dea9396f0ddf8558a86d5d6eb6bd6163b1 (patch) | |
| tree | 8add94b638fe035b4ad6420d45b8207e89c80647 /auth/gensec/spnego.c | |
| parent | 7ba307a4c884c149cc7ec1c6910d363b2b1f44be (diff) | |
| download | samba-9d7a01dea9396f0ddf8558a86d5d6eb6bd6163b1.tar.gz | |
auth/spnego: add a struct spnego_negTokenTarg *ta variable to make some lines shorter
This makes future modifications easier to review.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Diffstat (limited to 'auth/gensec/spnego.c')
| -rw-r--r-- | auth/gensec/spnego.c | 21 |
1 files changed, 11 insertions, 10 deletions
diff --git a/auth/gensec/spnego.c b/auth/gensec/spnego.c index 831dafdd817..4dcb9275f06 100644 --- a/auth/gensec/spnego.c +++ b/auth/gensec/spnego.c @@ -723,6 +723,7 @@ static NTSTATUS gensec_spnego_update_client(struct gensec_security *gensec_secur case SPNEGO_CLIENT_TARG: { NTSTATUS nt_status = NT_STATUS_INTERNAL_ERROR; + const struct spnego_negTokenTarg *ta = NULL; if (!in.length) { return NT_STATUS_INVALID_PARAMETER; @@ -744,11 +745,11 @@ static NTSTATUS gensec_spnego_update_client(struct gensec_security *gensec_secur spnego_free_data(&spnego); return NT_STATUS_INVALID_PARAMETER; } + ta = &spnego.negTokenTarg; spnego_state->num_targs++; - if (spnego.negTokenTarg.negResult == SPNEGO_REJECT) { - spnego_free_data(&spnego); + if (ta->negResult == SPNEGO_REJECT) { return NT_STATUS_LOGON_FAILURE; } @@ -757,13 +758,13 @@ static NTSTATUS gensec_spnego_update_client(struct gensec_security *gensec_secur } /* Server didn't like our choice of mech, and chose something else */ - if (((spnego.negTokenTarg.negResult == SPNEGO_ACCEPT_INCOMPLETE) || - (spnego.negTokenTarg.negResult == SPNEGO_REQUEST_MIC)) && - spnego.negTokenTarg.supportedMech && - strcmp(spnego.negTokenTarg.supportedMech, spnego_state->neg_oid) != 0) { + if (((ta->negResult == SPNEGO_ACCEPT_INCOMPLETE) || + (ta->negResult == SPNEGO_REQUEST_MIC)) && + ta->supportedMech != NULL&& + strcmp(ta->supportedMech, spnego_state->neg_oid) != 0) { DEBUG(3,("GENSEC SPNEGO: client preferred mech (%s) not accepted, server wants: %s\n", gensec_get_name_by_oid(gensec_security, spnego_state->neg_oid), - gensec_get_name_by_oid(gensec_security, spnego.negTokenTarg.supportedMech))); + gensec_get_name_by_oid(gensec_security, ta->supportedMech))); spnego_state->downgraded = true; gensec_spnego_update_sub_abort(spnego_state); nt_status = gensec_subcontext_start(spnego_state, @@ -775,14 +776,14 @@ static NTSTATUS gensec_spnego_update_client(struct gensec_security *gensec_secur } /* select the sub context */ nt_status = gensec_start_mech_by_oid(spnego_state->sub_sec_security, - spnego.negTokenTarg.supportedMech); + ta->supportedMech); if (!NT_STATUS_IS_OK(nt_status)) { spnego_free_data(&spnego); return nt_status; } spnego_state->neg_oid = talloc_strdup(spnego_state, - spnego.negTokenTarg.supportedMech); + ta->supportedMech); if (spnego_state->neg_oid == NULL) { spnego_free_data(&spnego); return NT_STATUS_NO_MEMORY; @@ -1032,7 +1033,7 @@ static NTSTATUS gensec_spnego_update_client(struct gensec_security *gensec_secur /* all done - server has accepted, and we agree */ *out = data_blob_null; - if (spnego.negTokenTarg.negResult != SPNEGO_ACCEPT_COMPLETED) { + if (ta->negResult != SPNEGO_ACCEPT_COMPLETED) { /* unless of course it did not accept */ DEBUG(1,("gensec_update ok but not accepted\n")); nt_status = NT_STATUS_INVALID_PARAMETER; |