On 07/21/2011 02:53 PM, Martin Kosek wrote: > On Thu, 2011-07-21 at 14:40 +0200, Jan Cholasta wrote: >> On 20.7.2011 17:10, Jakub Hrozek wrote: >>> I was playing with ipa_kpasswd (long story short - I needed it running >>> on a non-standard port) and I noticed there was a compilation warning - >>> rtag was set but never checked. >>> >>> Also removes one unused #define. >>> >> >> Found just a minor issue: you use spaces for indentation, but the rest >> of the file uses tabs. >> >> Honza >> > > To put my 2 cents in - I don't like throwing the same error message in > more places. > > When it really ends with this message we wouldn't know the exact spot > with the error. IMO it would make the following investigation simpler if > we fix this. > > Martin >
A new patch is attached.
From c29100c7a74fe7212f10cd935049bed2108d561c Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhro...@redhat.com>
Date: Tue, 19 Jul 2011 16:07:57 +0200
Subject: [PATCH] Silence a compilation warning in ipa_kpasswd
rtag was set but never checked which resulted in a compilation warning
---
daemons/ipa-kpasswd/ipa_kpasswd.c | 18 ++++++++++++++++--
1 files changed, 16 insertions(+), 2 deletions(-)
diff --git a/daemons/ipa-kpasswd/ipa_kpasswd.c b/daemons/ipa-kpasswd/ipa_kpasswd.c
index acec3db..cfafac3 100644
--- a/daemons/ipa-kpasswd/ipa_kpasswd.c
+++ b/daemons/ipa-kpasswd/ipa_kpasswd.c
@@ -45,7 +45,6 @@
#define DEFAULT_KEYTAB "FILE:/var/kerberos/krb5kdc/kpasswd.keytab"
#define TMP_TEMPLATE "/var/cache/ipa/kpasswd/krb5_cc.XXXXXX"
-#define KPASSWD_PORT 464
/* blacklist entries are released only BLCAKLIST_TIMEOUT seconds
* after the children performing the noperation has finished.
@@ -576,8 +575,17 @@ int ldap_pwd_change(char *client_name, char *realm_name, krb5_data pwd, char **e
ber_tag_t rtag, btag;
ber_int_t bint;
rtag = ber_scanf(sctrl, "{t", &btag);
+ if (rtag == LBER_ERROR) {
+ syslog(LOG_ERR, "Could not decode the tag BER element");
+ goto done;
+ }
+
if (btag == LDAP_TAG_PWP_WARNING) {
rtag = ber_scanf(sctrl, "{ti}", &btag, &bint);
+ if (rtag == LBER_ERROR) {
+ syslog(LOG_ERR, "Could not decode the warning BER element");
+ goto done;
+ }
if (btag == LDAP_TAG_PWP_SECSLEFT) {
ret = asprintf(&exterr2, " (%d seconds left before password expires)", bint);
} else {
@@ -587,10 +595,16 @@ int ldap_pwd_change(char *client_name, char *realm_name, krb5_data pwd, char **e
syslog(LOG_ERR, "OOM while creating error message ...");
exterr2 = NULL;
}
- rtag = ber_scanf(sctrl, "t", &btag);
+ /* The next element might or might not be there (the control is a sequence) */
+ ber_scanf(sctrl, "t", &btag);
}
if (btag == LDAP_TAG_PWP_ERROR) {
rtag = ber_scanf(sctrl, "e", &bint);
+ if (rtag == LBER_ERROR) {
+ syslog(LOG_ERR, "Could not decode the error BER element");
+ goto done;
+ }
+
switch(bint) {
case 0:
ret = asprintf(&exterr1, " Err%d: Password Expired.", bint);
--
1.7.6
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
