Fix incorrect uses of abs()

[openafs.git] / src / kauth / kaprocs.c

diff --git a/src/kauth/kaprocs.c b/src/kauth/kaprocs.c
index 43fb481..8a4914d 100644 (file)
--- a/src/kauth/kaprocs.c
+++ b/src/kauth/kaprocs.c
@@ -33,6 +33,7 @@
 #include <rx/xdr.h>
 #include <rx/rx.h>
 #include <rx/rxkad.h>
+#include <rx/rxkad_convert.h>
 #include <afs/cellconfig.h>
 #include <afs/auth.h>
 #include <afs/com_err.h>
@@ -370,13 +371,13 @@ check_auth(struct rx_call *call,
        noAuthenticationRequired = afsconf_GetNoAuthFlag(KA_conf);
 
     si = rx_SecurityClassOf(rx_ConnectionOf(call));
-    if (si == RX_SCINDEX_VAB) {
+    if (si == RX_SECIDX_VAB) {
        printf("No support for VAB security module yet.\n");
        return -1;
-    } else if (si == RX_SCINDEX_NULL) {
+    } else if (si == RX_SECIDX_NULL) {
        code = KANOAUTH;
        goto no_auth;
-    } else if (si != RX_SCINDEX_KAD) {
+    } else if (si != RX_SECIDX_KAD) {
        es_Report("Unknown security index %d\n", si);
        return -1;
     }
@@ -647,8 +648,8 @@ kamCreateUser(struct rx_call *call, char *aname, char *ainstance,
        return code;
     }
     code = ubik_EndTrans(tt);
-    KALOG(aname, ainstance, NULL, NULL, NULL, rx_PeerOf(call->conn)->host,
-         LOG_CRUSER);
+    KALOG(aname, ainstance, NULL, NULL, NULL,
+         rx_HostOf(rx_PeerOf(rx_ConnectionOf(call))), LOG_CRUSER);
     return code;
 }
 
@@ -710,7 +711,9 @@ ChangePassWord(struct rx_call *call, char *aname, char *ainstance,
     /* validate the request */
     request_time = ntohl(request.time);        /* reorder date */
     kvno = ntohl(request.kvno);
-    if ((abs(request_time - time(0)) > KTC_TIME_UNCERTAINTY) || strncmp(request.label, KA_CPW_REQ_LABEL, sizeof(request.label)) || (request.spare) || (kvno > MAXKAKVNO)) {    /* these are reseved */
+    if (labs(request_time - time(NULL)) > KTC_TIME_UNCERTAINTY ||
+       strncmp(request.label, KA_CPW_REQ_LABEL, sizeof(request.label)) ||
+       request.spare || kvno > MAXKAKVNO) {    /* these are reserved */
        code = KABADREQUEST;
        goto abort;
     }
@@ -923,8 +926,8 @@ kamSetPassword(struct rx_call *call, char *aname, char *ainstance,
        goto abort;
 
     code = ubik_EndTrans(tt);
-    KALOG(aname, ainstance, NULL, NULL, NULL, rx_PeerOf(call->conn)->host,
-         LOG_CHPASSWD);
+    KALOG(aname, ainstance, NULL, NULL, NULL,
+         rx_HostOf(rx_PeerOf(rx_ConnectionOf(call))), LOG_CHPASSWD);
     return code;
 
   abort:
@@ -1140,7 +1143,7 @@ Authenticate(int version, struct rx_call *call, char *aname, char *ainstance,
     }
 #endif /* EXPIREPW */
 
-    if (abs(request.time - now) > KTC_TIME_UNCERTAINTY) {
+    if (request.time - now > KTC_TIME_UNCERTAINTY) {
 #if 0
        if (oanswer->MaxSeqLen < sizeof(afs_int32))
            code = KAANSWERTOOLONG;
@@ -1246,15 +1249,15 @@ Authenticate(int version, struct rx_call *call, char *aname, char *ainstance,
     DES_pcbc_encrypt(oanswer->SeqBody, oanswer->SeqBody, oanswer->SeqLen,
                     &user_schedule, ktc_to_cblockptr(&tentry.key), ENCRYPT);
     code = ubik_EndTrans(tt);
-    KALOG(aname, ainstance, sname, sinst, NULL, rx_PeerOf(call->conn)->host,
-         LOG_AUTHENTICATE);
+    KALOG(aname, ainstance, sname, sinst, NULL,
+         rx_HostOf(rx_PeerOf(rx_ConnectionOf(call))), LOG_AUTHENTICATE);
     return code;
 
   abort:
     COUNT_ABO;
     ubik_AbortTrans(tt);
-    KALOG(aname, ainstance, sname, sinst, NULL, rx_PeerOf(call->conn)->host,
-         LOG_AUTHFAILED);
+    KALOG(aname, ainstance, sname, sinst, NULL,
+         rx_HostOf(rx_PeerOf(rx_ConnectionOf(call))), LOG_AUTHFAILED);
     return code;
 }
 
@@ -1455,8 +1458,8 @@ kamSetFields(struct rx_call *call,
        goto abort;
 
     code = ubik_EndTrans(tt);
-    KALOG(aname, ainstance, NULL, NULL, NULL, rx_PeerOf(call->conn)->host,
-         LOG_SETFIELDS);
+    KALOG(aname, ainstance, NULL, NULL, NULL,
+         rx_HostOf(rx_PeerOf(rx_ConnectionOf(call))), LOG_SETFIELDS);
     return code;
 
   abort:
@@ -1528,8 +1531,8 @@ kamDeleteUser(struct rx_call *call, char *aname, char *ainstance)
        goto abort;
 
     code = ubik_EndTrans(tt);
-    KALOG(aname, ainstance, NULL, NULL, NULL, rx_PeerOf(call->conn)->host,
-         LOG_DELUSER);
+    KALOG(aname, ainstance, NULL, NULL, NULL,
+         rx_HostOf(rx_PeerOf(rx_ConnectionOf(call))), LOG_DELUSER);
     return code;
 }
 
@@ -1631,13 +1634,17 @@ kamGetEntry(struct rx_call *call,
      * only return user's key if security disabled or if admin and
      * we have an encrypted connection to the user
      */
-    rxkad_GetServerInfo(call->conn, &enc_level, 0, 0, 0, 0, 0);
+    rxkad_GetServerInfo(rx_ConnectionOf(call), &enc_level, 0, 0, 0, 0, 0);
     if ((noAuthenticationRequired)
        || (callerIsAdmin && enc_level == rxkad_crypt))
        memcpy(&aentry->key, &tentry.key, sizeof(struct ktc_encryptionKey));
     else
        memset(&aentry->key, 0, sizeof(aentry->key));
+
     code = ka_KeyCheckSum((char *)&tentry.key, &aentry->keyCheckSum);
+    if (code)
+       goto abort;
+
     if (!tentry.pwsums[0] && npwSums > 1 && !tentry.pwsums[1]) {
        aentry->reserved3 = 0x12340000;
     } else {
@@ -1932,7 +1939,7 @@ GetTicket(int version,
                     &schedule, ktc_to_cblockptr(&authSessionKey), ENCRYPT);
     code = ubik_EndTrans(tt);
     KALOG(name, instance, sname, sinstance, (import ? authDomain : NULL),
-         rx_PeerOf(call->conn)->host, LOG_GETTICKET);
+         rx_HostOf(rx_PeerOf(rx_ConnectionOf(call))), LOG_GETTICKET);
     return code;
 
   abort:
@@ -2258,8 +2265,8 @@ SKAM_Unlock(struct rx_call *call,
     kaux_write(to, 0, 0);      /* zero failure counters at this offset */
 
     code = ubik_EndTrans(tt);
-    KALOG(aname, ainstance, NULL, NULL, NULL, rx_PeerOf(call->conn)->host,
-         LOG_UNLOCK);
+    KALOG(aname, ainstance, NULL, NULL, NULL,
+         rx_HostOf(rx_PeerOf(rx_ConnectionOf(call))), LOG_UNLOCK);
     goto exit;
 
   abort: