diff options
| author | Stefan Metzmacher <metze@samba.org> | 2017-07-13 16:26:42 +0200 |
|---|---|---|
| committer | Andreas Schneider <asn@cryptomilk.org> | 2017-07-25 13:51:11 +0200 |
| commit | 9b4d44a0559e57d921e0a1c033b2ca0c35326f57 (patch) | |
| tree | d6b4c0e309bb74d02377dd48dc59224954335a71 /auth | |
| parent | d9e764ed9b134f3c7e0869bd5567dbf49513d45f (diff) | |
| download | samba-9b4d44a0559e57d921e0a1c033b2ca0c35326f57.tar.gz | |
auth/spnego: use better variable names in gensec_spnego_create_negTokenInit()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Diffstat (limited to 'auth')
| -rw-r--r-- | auth/gensec/spnego.c | 27 |
1 files changed, 17 insertions, 10 deletions
diff --git a/auth/gensec/spnego.c b/auth/gensec/spnego.c index d8c62b350e3..9a2fdbdb48c 100644 --- a/auth/gensec/spnego.c +++ b/auth/gensec/spnego.c @@ -213,11 +213,12 @@ static NTSTATUS gensec_spnego_create_negTokenInit(struct gensec_security *gensec struct tevent_context *ev, DATA_BLOB *out) { - int i; NTSTATUS status; const char **mechTypes = NULL; DATA_BLOB unwrapped_out = data_blob_null; + size_t all_idx = 0; const struct gensec_security_ops_wrapper *all_sec; + const struct gensec_security_ops_wrapper *cur_sec = NULL; const char **send_mech_types = NULL; struct spnego_data spnego_out; bool ok; @@ -238,11 +239,13 @@ static NTSTATUS gensec_spnego_create_negTokenInit(struct gensec_security *gensec return NT_STATUS_NO_MEMORY; } - for (i=0; all_sec && all_sec[i].op; i++) { + for (; all_sec[all_idx].op != NULL; all_idx++) { const char *next = NULL; const char *principal = NULL; int dbg_level = DBGLVL_WARNING; + cur_sec = &all_sec[all_idx]; + status = gensec_subcontext_start(spnego_state, gensec_security, &spnego_state->sub_sec_security); @@ -251,7 +254,7 @@ static NTSTATUS gensec_spnego_create_negTokenInit(struct gensec_security *gensec } /* select the sub context */ status = gensec_start_mech_by_ops(spnego_state->sub_sec_security, - all_sec[i].op); + cur_sec->op); if (!NT_STATUS_IS_OK(status)) { gensec_spnego_update_sub_abort(spnego_state); continue; @@ -278,8 +281,8 @@ static NTSTATUS gensec_spnego_create_negTokenInit(struct gensec_security *gensec goto reply; } - if (all_sec[i+1].op != NULL) { - next = all_sec[i+1].op->name; + if (cur_sec[1].op != NULL) { + next = cur_sec[1].op->name; dbg_level = DBGLVL_NOTICE; } @@ -298,8 +301,7 @@ static NTSTATUS gensec_spnego_create_negTokenInit(struct gensec_security *gensec DBG_PREFIX(dbg_level, ( "%s: creating NEG_TOKEN_INIT for %s failed " - "(next[%s]): %s\n", - spnego_state->sub_sec_security->ops->name, + "(next[%s]): %s\n", cur_sec->op->name, principal, next, nt_errstr(status))); if (next == NULL) { @@ -322,7 +324,7 @@ reply: spnego_out.type = SPNEGO_NEG_TOKEN_INIT; send_mech_types = gensec_security_oids_from_ops_wrapped(out_mem_ctx, - &all_sec[i]); + cur_sec); if (send_mech_types == NULL) { DBG_WARNING("gensec_security_oids_from_ops_wrapped() failed\n"); return NT_STATUS_NO_MEMORY; @@ -355,9 +357,14 @@ reply: return NT_STATUS_INVALID_PARAMETER; } - /* set next state */ - spnego_state->neg_oid = all_sec[i].oid; + /* + * Note that 'cur_sec' is temporary memory, but + * cur_sec->oid points to a const string in the + * backends gensec_security_ops structure. + */ + spnego_state->neg_oid = cur_sec->oid; + /* set next state */ if (spnego_state->state_position == SPNEGO_SERVER_START) { spnego_state->state_position = SPNEGO_SERVER_START; spnego_state->expected_packet = SPNEGO_NEG_TOKEN_INIT; |