auth/spnego: remove one more useless indentation level from gensec_spnego_parse_negTo...
authorStefan Metzmacher <metze@samba.org>
Fri, 7 Jul 2017 09:03:37 +0000 (11:03 +0200)
committerAndreas Schneider <asn@cryptomilk.org>
Tue, 25 Jul 2017 11:51:09 +0000 (13:51 +0200)
Check with 'git show -w -U45' and carefully check the 'break' vs. 'continue'
changes.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
auth/gensec/spnego.c

index 17cf911e4aa091296c49ee8543557787ac435580..9543494d8c3a4920e6a0996b9a9f705772775bfb 100644 (file)
@@ -255,69 +255,73 @@ static NTSTATUS gensec_spnego_parse_negTokenInit(struct gensec_security *gensec_
        }
 
        for (j=0; mechType && mechType[j]; j++) {
-               for (i=0; all_sec && all_sec[i].op; i++) {
-                       if (strcmp(mechType[j], all_sec[i].oid) != 0) {
-                               continue;
-                       }
-
-                       nt_status = gensec_subcontext_start(spnego_state,
-                                                           gensec_security,
-                                                           &spnego_state->sub_sec_security);
-                       if (!NT_STATUS_IS_OK(nt_status)) {
-                               return nt_status;
-                       }
-                       /* select the sub context */
-                       nt_status = gensec_start_mech_by_ops(spnego_state->sub_sec_security,
-                                                            all_sec[i].op);
-                       if (!NT_STATUS_IS_OK(nt_status)) {
-                               /*
-                                * Pretend we never started it
-                                */
-                               gensec_spnego_update_sub_abort(spnego_state);
-                               break;
-                       }
+               const struct gensec_security_ops_wrapper *cur_sec = NULL;
 
-                       if (j > 0) {
-                               /* no optimistic token */
-                               spnego_state->neg_oid = all_sec[i].oid;
-                               *unwrapped_out = data_blob_null;
-                               nt_status = NT_STATUS_MORE_PROCESSING_REQUIRED;
-                               /*
-                                * Indicate the downgrade and request a
-                                * mic.
-                                */
-                               spnego_state->downgraded = true;
-                               spnego_state->mic_requested = true;
+               for (i=0; all_sec && all_sec[i].op; i++) {
+                       if (strcmp(mechType[j], all_sec[i].oid) == 0) {
+                               cur_sec = &all_sec[i];
                                break;
                        }
+               }
 
-                       nt_status = gensec_update_ev(spnego_state->sub_sec_security,
-                                                 out_mem_ctx,
-                                                 ev,
-                                                 unwrapped_in,
-                                                 unwrapped_out);
-                       if (NT_STATUS_IS_OK(nt_status)) {
-                               spnego_state->sub_sec_ready = true;
-                       }
-                       if (NT_STATUS_EQUAL(nt_status, NT_STATUS_INVALID_PARAMETER) ||
-                           NT_STATUS_EQUAL(nt_status, NT_STATUS_CANT_ACCESS_DOMAIN_INFO)) {
-
-                               DEBUG(1, ("SPNEGO(%s) NEG_TOKEN_INIT failed to parse contents: %s\n",
-                                         spnego_state->sub_sec_security->ops->name, nt_errstr(nt_status)));
+               if (cur_sec == NULL) {
+                       continue;
+               }
 
-                               /*
-                                * Pretend we never started it
-                                */
-                               gensec_spnego_update_sub_abort(spnego_state);
-                               break;
-                       }
+               nt_status = gensec_subcontext_start(spnego_state,
+                                                   gensec_security,
+                                                   &spnego_state->sub_sec_security);
+               if (!NT_STATUS_IS_OK(nt_status)) {
+                       return nt_status;
+               }
+               /* select the sub context */
+               nt_status = gensec_start_mech_by_ops(spnego_state->sub_sec_security,
+                                                    cur_sec->op);
+               if (!NT_STATUS_IS_OK(nt_status)) {
+                       /*
+                        * Pretend we never started it
+                        */
+                       gensec_spnego_update_sub_abort(spnego_state);
+                       continue;
+               }
 
-                       spnego_state->neg_oid = all_sec[i].oid;
+               if (j > 0) {
+                       /* no optimistic token */
+                       spnego_state->neg_oid = cur_sec->oid;
+                       *unwrapped_out = data_blob_null;
+                       nt_status = NT_STATUS_MORE_PROCESSING_REQUIRED;
+                       /*
+                        * Indicate the downgrade and request a
+                        * mic.
+                        */
+                       spnego_state->downgraded = true;
+                       spnego_state->mic_requested = true;
                        break;
                }
-               if (spnego_state->sub_sec_security) {
-                       break;
+
+               nt_status = gensec_update_ev(spnego_state->sub_sec_security,
+                                         out_mem_ctx,
+                                         ev,
+                                         unwrapped_in,
+                                         unwrapped_out);
+               if (NT_STATUS_IS_OK(nt_status)) {
+                       spnego_state->sub_sec_ready = true;
                }
+               if (NT_STATUS_EQUAL(nt_status, NT_STATUS_INVALID_PARAMETER) ||
+                   NT_STATUS_EQUAL(nt_status, NT_STATUS_CANT_ACCESS_DOMAIN_INFO)) {
+
+                       DEBUG(1, ("SPNEGO(%s) NEG_TOKEN_INIT failed to parse contents: %s\n",
+                                 spnego_state->sub_sec_security->ops->name, nt_errstr(nt_status)));
+
+                       /*
+                        * Pretend we never started it
+                        */
+                       gensec_spnego_update_sub_abort(spnego_state);
+                       continue;
+               }
+
+               spnego_state->neg_oid = cur_sec->oid;
+               break;
        }
 
        if (!spnego_state->sub_sec_security) {