On 07/21/2011 02:53 PM, Martin Kosek wrote: > On Thu, 2011-07-21 at 14:40 +0200, Jan Cholasta wrote: >> On 20.7.2011 17:10, Jakub Hrozek wrote: >>> I was playing with ipa_kpasswd (long story short - I needed it running >>> on a non-standard port) and I noticed there was a compilation warning - >>> rtag was set but never checked. >>> >>> Also removes one unused #define. >>> >> >> Found just a minor issue: you use spaces for indentation, but the rest >> of the file uses tabs. >> >> Honza >> > > To put my 2 cents in - I don't like throwing the same error message in > more places. > > When it really ends with this message we wouldn't know the exact spot > with the error. IMO it would make the following investigation simpler if > we fix this. > > Martin >
A new patch is attached.
From c29100c7a74fe7212f10cd935049bed2108d561c Mon Sep 17 00:00:00 2001 From: Jakub Hrozek <jhro...@redhat.com> Date: Tue, 19 Jul 2011 16:07:57 +0200 Subject: [PATCH] Silence a compilation warning in ipa_kpasswd rtag was set but never checked which resulted in a compilation warning --- daemons/ipa-kpasswd/ipa_kpasswd.c | 18 ++++++++++++++++-- 1 files changed, 16 insertions(+), 2 deletions(-) diff --git a/daemons/ipa-kpasswd/ipa_kpasswd.c b/daemons/ipa-kpasswd/ipa_kpasswd.c index acec3db..cfafac3 100644 --- a/daemons/ipa-kpasswd/ipa_kpasswd.c +++ b/daemons/ipa-kpasswd/ipa_kpasswd.c @@ -45,7 +45,6 @@ #define DEFAULT_KEYTAB "FILE:/var/kerberos/krb5kdc/kpasswd.keytab" #define TMP_TEMPLATE "/var/cache/ipa/kpasswd/krb5_cc.XXXXXX" -#define KPASSWD_PORT 464 /* blacklist entries are released only BLCAKLIST_TIMEOUT seconds * after the children performing the noperation has finished. @@ -576,8 +575,17 @@ int ldap_pwd_change(char *client_name, char *realm_name, krb5_data pwd, char **e ber_tag_t rtag, btag; ber_int_t bint; rtag = ber_scanf(sctrl, "{t", &btag); + if (rtag == LBER_ERROR) { + syslog(LOG_ERR, "Could not decode the tag BER element"); + goto done; + } + if (btag == LDAP_TAG_PWP_WARNING) { rtag = ber_scanf(sctrl, "{ti}", &btag, &bint); + if (rtag == LBER_ERROR) { + syslog(LOG_ERR, "Could not decode the warning BER element"); + goto done; + } if (btag == LDAP_TAG_PWP_SECSLEFT) { ret = asprintf(&exterr2, " (%d seconds left before password expires)", bint); } else { @@ -587,10 +595,16 @@ int ldap_pwd_change(char *client_name, char *realm_name, krb5_data pwd, char **e syslog(LOG_ERR, "OOM while creating error message ..."); exterr2 = NULL; } - rtag = ber_scanf(sctrl, "t", &btag); + /* The next element might or might not be there (the control is a sequence) */ + ber_scanf(sctrl, "t", &btag); } if (btag == LDAP_TAG_PWP_ERROR) { rtag = ber_scanf(sctrl, "e", &bint); + if (rtag == LBER_ERROR) { + syslog(LOG_ERR, "Could not decode the error BER element"); + goto done; + } + switch(bint) { case 0: ret = asprintf(&exterr1, " Err%d: Password Expired.", bint); -- 1.7.6
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel