now smells like sudo

1 files changed, 89 insertions, 78 deletions

diff --git a/dce_pwent.c b/dce_pwent.c
index 2513d45dc..6fd5908c9 100644
--- a/dce_pwent.c
+++ b/dce_pwent.c
@@ -16,6 +16,7 @@
 #ifdef HAVE_DCE
 
 #include <stdio.h>
+#include <stdlib.h>
 #include <pwd.h>
 #include <sys/time.h>
 #include <dce/rpc.h>
@@ -25,91 +26,101 @@
 static int            error_stat;
 static unsigned char  error_string[dce_c_error_string_len];
 int check(error_status_t input_status, char *comment);
-void exit();
 
-int dce_pwent(char *username, char *plain_pw)
-/* returns 1 ("true") if user is a valid DCE principal, 0 otherwise */
+/* returns 1 (true) if user is a valid DCE principal, 0 (false) otherwise */
+int dce_pwent(username, plain_pw)
+    char *username;
+    char *plain_pw;
 {
-	struct passwd		*pwd;
-	sec_passwd_rec_t	password_rec;
-	sec_login_handle_t	login_context;
-	boolean32			reset_passwd;
-	sec_login_auth_src_t	auth_src;
-	error_status_t		status;
-	unsigned32			nbytes;
-
-	if(sec_login_setup_identity((unsigned_char_p_t) username,
-		sec_login_no_flags,&login_context,&status))
-	{
-		if(check(status,"sec_login_setup_identity(1):")) return(0);
-
-		password_rec.key.key_type = sec_passwd_plain;
-		password_rec.key.tagged_union.plain = (idl_char *) plain_pw;
-
-		if(sec_login_validate_identity(login_context,&password_rec,
-			&reset_passwd,&auth_src,&status))
-		{
-			if(check(status,"sec_login_validate_identity(1):")) return(0);
-
-			if(!sec_login_certify_identity(login_context,&status))
-			{
-				fprintf(stderr,"Whoa! Bogus authentication server!\n");
-				(void) check(status,"sec_login_certify_identity(1):"); 
-				return(0);
-			}
-			if(check(status,"sec_login_certify_identity(2):")) return(0);
-
-			sec_login_set_context(login_context,&status);
-			if(check(status,"sec_login_set_context:")) return(0);
-
-			if(auth_src != sec_login_auth_src_network)
-			{
-				fprintf(stderr,"You have no network credentials\n");
-				return(0);
-			}
-			if(reset_passwd)
-			{
-				fprintf(stderr,"Your DCE password needs resetting\n");
-				return(0);
-			}
-
-			/* malloc space for passwd structure */
-			nbytes = sizeof(struct passwd);
-			if((pwd = (struct passwd *) malloc(nbytes)) == NULL)
-			{
-				fprintf(stderr,"malloc for passwd struct failed\n");
-				return(0);;
-			}
-			sec_login_get_pwent(login_context,&pwd,&status);
-			free(pwd);
-			if(check(status,"sec_login_get_pwent:")) return(0);
-
-			/* if we get to here, then the pwent above */
-			/* properly fetched the password structure */
-			/* from the DCE registry, so the user must */
-			/* be valid.  We don't really care what    */
-			/* the user's registry password is, just   */
-			/* that the user could be validated....    */
-			return(1);
-		}
-		else
-		{
-			if(check(status,"sec_login_validate_identity(2):")) return(0);
-			sec_login_purge_context(&login_context,&status);
-			if(check(status,"sec_login_purge_context:")) return(0);
-		}
+    struct passwd		*pwd;
+    sec_passwd_rec_t		password_rec;
+    sec_login_handle_t		login_context;
+    boolean32			reset_passwd;
+    sec_login_auth_src_t	auth_src;
+    error_status_t		status;
+    unsigned32			nbytes;
+
+    if(sec_login_setup_identity((unsigned_char_p_t) username,
+	sec_login_no_flags, &login_context, &status)) {
+
+	if (check(status, "sec_login_setup_identity(1):"))
+	    return(0);
+
+	password_rec.key.key_type = sec_passwd_plain;
+	password_rec.key.tagged_union.plain = (idl_char *) plain_pw;
+
+	if(sec_login_validate_identity(login_context, &password_rec,
+	    &reset_passwd, &auth_src, &status)) {
+
+	    if (check(status, "sec_login_validate_identity(1):"))
+		return(0);
+
+	    if (!sec_login_certify_identity(login_context, &status)) {
+		    (void) fprintf(stderr, "Whoa! Bogus authentication server!\n");
+		    (void) check(status, "sec_login_certify_identity(1):"); 
+		    return(0);
+	    }
+
+	    if(check(status, "sec_login_certify_identity(2):"))
+		return(0);
+
+	    (void) sec_login_set_context(login_context, &status);
+	    if (check(status, "sec_login_set_context:"))
+	    	return(0);
+
+	    if (auth_src != sec_login_auth_src_network) {
+		    (void) fprintf(stderr, "You have no network credentials\n");
+		    return(0);
+	    }
+	    if (reset_passwd) {
+		    (void) fprintf(stderr, "Your DCE password needs resetting\n");
+		    return(0);
+	    }
+
+	    /* malloc space for passwd structure */
+	    nbytes = sizeof(struct passwd);
+	    if((pwd = (struct passwd *) malloc(nbytes)) == NULL) {
+		    (void) fprintf(stderr, "malloc for passwd struct failed\n");
+		    return(0);;
+	    }
+	    (void) sec_login_get_pwent(login_context, &pwd, &status);
+	    (void) free(pwd);
+
+	    if (check(status, "sec_login_get_pwent:"))
+	    	return(0);
+
+	    /* if we get to here, then the pwent above */
+	    /* properly fetched the password structure */
+	    /* from the DCE registry, so the user must */
+	    /* be valid.  We don't really care what    */
+	    /* the user's registry password is, just   */
+	    /* that the user could be validated....    */
+	    return(1);
+	} else {
+		if (check(status, "sec_login_validate_identity(2):"))
+		    return(0);
+		sec_login_purge_context(&login_context, &status);
+		if (check(status, "sec_login_purge_context:"))
+		    return(0);
 	}
-	if(check(status,"sec_login_setup_identity(2):")) return(0);
+    }
+    if (check(status, "sec_login_setup_identity(2):"))
 	return(0);
+
+    return(0);
 }
 
-int check(error_status_t input_status, char *comment) 
-/* returns 1 (aka, true) for DCE "ok" status, 0 otherwise */
+/* returns 1 (true) for DCE "ok" status, 0 (false) otherwise */
+int check(input_status, comment) 
+    error_status_t input_status;
+    char *comment;
 { 
-	if(input_status == rpc_s_ok) return(0);
-	dce_error_inq_text(input_status, error_string, &error_stat); 
-	fprintf(stderr, "%s %s\n", comment, error_string); 
-	return(1);
+    if (input_status == rpc_s_ok)
+    	return(0);
+    (void) dce_error_inq_text(input_status, error_string, &error_stat); 
+    (void) fprintf(stderr, "%s %s\n", comment, error_string); 
+
+    return(1);
 }
 
 #endif	/* HAVE_DCE */