Declare fast forward from 3.1-2

[kerberos/krb5-strength.git] / plugin / cdb.c

diff --git a/plugin/cdb.c b/plugin/cdb.c
index 708b24b7fa422df989a423bcd1680a913ce7327c..7b268d95f848f8ce59e51d21c45453ce2ece396b 100644 (file)
--- a/plugin/cdb.c
+++ b/plugin/cdb.c
@@ -8,11 +8,11 @@
  * or end, two characters removed from the start, two from the end, or one
  * character from both start and end.
  *
- * Written by Russ Allbery <rra@stanford.edu>
+ * Written by Russ Allbery <eagle@eyrie.org>
  * Copyright 2013
  *     The Board of Trustees of the Leland Stanford Junior University
  *
- * See LICENSE for licensing terms.
+ * SPDX-License-Identifier: MIT
  */
 
 #include <config.h>
@@ -21,7 +21,7 @@
 #include <portable/system.h>
 
 #ifdef HAVE_CDB_H
-# include <cdb.h>
+#    include <cdb.h>
 #endif
 #include <errno.h>
 #include <fcntl.h>
@@ -35,9 +35,8 @@
  * Stub for strength_init_cdb if not built with CDB support.
  */
 #ifndef HAVE_CDB
-static krb5_error_code
-strength_init_cdb(krb5_context ctx, krb5_pwqual_moddata data UNUSED,
-                  const char *database UNUSED)
+krb5_error_code
+strength_init_cdb(krb5_context ctx, krb5_pwqual_moddata data UNUSED)
 {
     char *path = NULL;
 
@@ -48,8 +47,9 @@ strength_init_cdb(krb5_context ctx, krb5_pwqual_moddata data UNUSED,
     if (path == NULL)
         return 0;
     free(path);
-    krb5_set_error_message(ctx, KADM5_BAD_SERVER_PARAMS, "CDB dictionary"
-                           " requested but not built with CDB support");
+    krb5_set_error_message(ctx, KADM5_BAD_SERVER_PARAMS,
+                           "CDB dictionary requested but not built with CDB"
+                           " support");
     return KADM5_BAD_SERVER_PARAMS;
 }
 #endif
@@ -58,21 +58,6 @@ strength_init_cdb(krb5_context ctx, krb5_pwqual_moddata data UNUSED,
 /* Skip the rest of this file if CDB is not available. */
 #ifdef HAVE_CDB
 
-/*
- * Macro used to make password checks more readable.  Assumes that the found
- * and fail labels are available for the abort cases of finding a password or
- * failing to look it up.
- */
-# define CHECK_PASSWORD(ctx, data, password)                    \
-    do {                                                        \
-        code = in_cdb_dictionary(ctx, data, password, &found);  \
-        if (code != 0)                                          \
-            goto fail;                                          \
-        if (found)                                              \
-            goto found;                                         \
-    } while (0)
-
-
 /*
  * Look up a password in CDB and set the found parameter to true if it is
  * found, false otherwise.  Returns a Kerberos status code, which will be 0 on
@@ -85,7 +70,7 @@ in_cdb_dictionary(krb5_context ctx, krb5_pwqual_moddata data,
     int status;
 
     *found = false;
-    status = cdb_find(&data->cdb, password, strlen(password));
+    status = cdb_find(&data->cdb, password, (unsigned int) strlen(password));
     if (status < 0)
         return strength_error_system(ctx, "cannot query CDB database");
     else {
@@ -131,6 +116,21 @@ strength_init_cdb(krb5_context ctx, krb5_pwqual_moddata data)
 }
 
 
+/*
+ * Macro used to make password checks more readable.  Assumes that the found
+ * and fail labels are available for the abort cases of finding a password or
+ * failing to look it up.
+ */
+#    define CHECK_PASSWORD(ctx, data, password)                    \
+        do {                                                       \
+            code = in_cdb_dictionary(ctx, data, password, &found); \
+            if (code != 0)                                         \
+                goto fail;                                         \
+            if (found)                                             \
+                goto found;                                        \
+        } while (0)
+
+
 /*
  * Given a password, try the various transformations that we want to apply and
  * check for each of them in the dictionary.  Returns a Kerberos status code,