A small improvement upon simo's fix for https://fedorahosted.org/freeipa/ticket/4914

--
Martin^3 Babinsky
From 51f8bcd716fbddf5913cd79ba574a396e0956f0d Mon Sep 17 00:00:00 2001
From: Martin Babinsky <mbabi...@redhat.com>
Date: Fri, 22 May 2015 17:23:00 +0200
Subject: [PATCH] ipa-kdb: common function to get key encodings/salt types


This patch moves duplicate code in `ipadb_get_connection` to get default and
supported key encodings/salt types from Kerberos container to a common
function handling this task.

It is actually a small cosmetic enhancement of the fix of
https://fedorahosted.org/freeipa/ticket/4914
---
 daemons/ipa-kdb/ipa_kdb.c | 131 +++++++++++++++++++++-------------------------
 daemons/ipa-kdb/ipa_kdb.h |   3 ++
 2 files changed, 63 insertions(+), 71 deletions(-)

diff --git a/daemons/ipa-kdb/ipa_kdb.c b/daemons/ipa-kdb/ipa_kdb.c
index fff35c9c9b4cf0a1c7fd9a4e13d1029aa01160c3..3d5e1568020b97fc089f9b59fb6625fccebf3a51 100644
--- a/daemons/ipa-kdb/ipa_kdb.c
+++ b/daemons/ipa-kdb/ipa_kdb.c
@@ -317,19 +317,68 @@ ipadb_get_global_config(struct ipadb_context *ipactx)
     return &ipactx->config;
 }
 
-int ipadb_get_connection(struct ipadb_context *ipactx)
+int ipadb_get_enc_salt_types(struct ipadb_context *ipactx,
+                             LDAPMessage *entry, char *attr,
+                             krb5_key_salt_tuple **enc_salt_types,
+                             int *n_enc_salt_types)
 {
     struct berval **vals = NULL;
-    struct timeval tv = { 5, 0 };
-    LDAPMessage *res = NULL;
-    LDAPMessage *first;
+    char **cvals = NULL;
+    int c = 0;
+    int i;
+    int ret = 0;
     krb5_key_salt_tuple *kst;
     int n_kst;
+
+    vals = ldap_get_values_len(ipactx->lcontext, entry, attr);
+    if (!vals || !vals[0]) {
+        goto done;
+    }
+
+    for (c = 0; vals[c]; c++) /* count */ ;
+    cvals = calloc(c, sizeof(char *));
+    if (!cvals) {
+        ret = ENOMEM;
+        goto done;
+    }
+    for (i = 0; i < c; i++) {
+        cvals[i] = strndup(vals[i]->bv_val, vals[i]->bv_len);
+        if (!cvals[i]) {
+            ret = ENOMEM;
+            goto done;
+        }
+    }
+
+    ret = parse_bval_key_salt_tuples(ipactx->kcontext,
+                                     (const char * const *)cvals, c,
+                                     &kst, &n_kst);
+    if (ret) {
+        goto done;
+    }
+
+    if (*enc_salt_types) {
+        free(*enc_salt_types);
+    }
+
+    *enc_salt_types = kst;
+    *n_enc_salt_types = n_kst;
+
+done:
+    ldap_value_free_len(vals);
+    for (i = 0; i < c && cvals[i]; i++) {
+        free(cvals[i]);
+    }
+    free(cvals);
+    return ret;
+}
+
+int ipadb_get_connection(struct ipadb_context *ipactx)
+{
+    struct timeval tv = { 5, 0 };
+    LDAPMessage *res = NULL;
+    LDAPMessage *first;
     int ret;
     int v3;
-    int i;
-    char **cvals = NULL;
-    int c = 0;
 
     if (!ipactx->uri) {
         return EINVAL;
@@ -386,74 +435,20 @@ int ipadb_get_connection(struct ipadb_context *ipactx)
 
     /* defaults first, this is used to tell what default enc:salts to use
      * for kadmin password changes */
-    vals = ldap_get_values_len(ipactx->lcontext, first,
-                               "krbDefaultEncSaltTypes");
-    if (!vals || !vals[0]) {
-        goto done;
-    }
-
-    for (c = 0; vals[c]; c++) /* count */ ;
-    cvals = calloc(c, sizeof(char *));
-    if (!cvals) {
-        ret = ENOMEM;
-        goto done;
-    }
-    for (i = 0; i < c; i++) {
-        cvals[i] = strndup(vals[i]->bv_val, vals[i]->bv_len);
-        if (!cvals[i]) {
-            ret = ENOMEM;
-            goto done;
-        }
-    }
-
-    ret = parse_bval_key_salt_tuples(ipactx->kcontext,
-                                     (const char * const *)cvals, c,
-                                     &kst, &n_kst);
+    ret = ipadb_get_enc_salt_types(ipactx, first,  "krbDefaultEncSaltTypes",
+                                   &ipactx->def_encs, &ipactx->n_def_encs);
     if (ret) {
         goto done;
     }
 
-    if (ipactx->def_encs) {
-        free(ipactx->def_encs);
-    }
-    ipactx->def_encs = kst;
-    ipactx->n_def_encs = n_kst;
-
     /* supported enc salt types, use to tell kadmin what to accept
      * but also to detect if kadmin is requesting the default set */
-    vals = ldap_get_values_len(ipactx->lcontext, first,
-                               "krbSupportedEncSaltTypes");
-    if (!vals || !vals[0]) {
-        goto done;
-    }
-
-    for (c = 0; vals[c]; c++) /* count */ ;
-    cvals = calloc(c, sizeof(char *));
-    if (!cvals) {
-        ret = ENOMEM;
-        goto done;
-    }
-    for (i = 0; i < c; i++) {
-        cvals[i] = strndup(vals[i]->bv_val, vals[i]->bv_len);
-        if (!cvals[i]) {
-            ret = ENOMEM;
-            goto done;
-        }
-    }
-
-    ret = parse_bval_key_salt_tuples(ipactx->kcontext,
-                                     (const char * const *)cvals, c,
-                                     &kst, &n_kst);
+    ret = ipadb_get_enc_salt_types(ipactx, first, "krbSupportedEncSaltTypes",
+                                   &ipactx->supp_encs, &ipactx->n_supp_encs);
     if (ret) {
         goto done;
     }
 
-    if (ipactx->supp_encs) {
-        free(ipactx->supp_encs);
-    }
-    ipactx->supp_encs = kst;
-    ipactx->n_supp_encs = n_kst;
-
     /* get additional options */
     ret = ipadb_load_global_config(ipactx);
     if (ret) {
@@ -471,12 +466,6 @@ int ipadb_get_connection(struct ipadb_context *ipactx)
 done:
     ldap_msgfree(res);
 
-    ldap_value_free_len(vals);
-    for (i = 0; i < c && cvals[i]; i++) {
-        free(cvals[i]);
-    }
-    free(cvals);
-
     if (ret) {
         if (ipactx->lcontext) {
             ldap_unbind_ext_s(ipactx->lcontext, NULL, NULL);
diff --git a/daemons/ipa-kdb/ipa_kdb.h b/daemons/ipa-kdb/ipa_kdb.h
index 3c6138599fe202029cfc47d3f635525e4701b4be..4abb7335d356f976eb5dc777c94b35c81655ad79 100644
--- a/daemons/ipa-kdb/ipa_kdb.h
+++ b/daemons/ipa-kdb/ipa_kdb.h
@@ -295,3 +295,6 @@ void ipadb_parse_user_auth(LDAP *lcontext, LDAPMessage *le,
                            enum ipadb_user_auth *user_auth);
 const struct ipadb_global_config *
 ipadb_get_global_config(struct ipadb_context *ipactx);
+int ipadb_get_enc_salt_types(struct ipadb_context *ipactx, LDAPMessage *entry,
+                             char *attr, krb5_key_salt_tuple **enc_salt_types,
+                             int *n_enc_salt_types);
-- 
2.1.0

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to