From 0d2c2b454bc83f6b8d1b5d7294dcaccdaf96455c Mon Sep 17 00:00:00 2001 From: Simon Wilkinson Date: Fri, 30 Mar 2012 19:21:41 +0100 Subject: [PATCH 1/1] pam: Use &, not && for bitwise operations All of the LOG_MASK() checks are performing bitwise operations, and so should be using '&', not && (which will always be true, providing logmask is non-zero) Caught by clang's new error messages Change-Id: Idce9229b7351adc6c15279c94e1cc1e7fc45596e Reviewed-on: http://gerrit.openafs.org/7078 Reviewed-by: Derrick Brashear Tested-by: Derrick Brashear --- src/pam/afs_auth.c | 30 +++++++++++++++--------------- src/pam/afs_password.c | 8 ++++---- src/pam/afs_session.c | 4 ++-- src/pam/afs_setcred.c | 20 ++++++++++---------- 4 files changed, 31 insertions(+), 31 deletions(-) diff --git a/src/pam/afs_auth.c b/src/pam/afs_auth.c index 26a3900..b4c220f 100644 --- a/src/pam/afs_auth.c +++ b/src/pam/afs_auth.c @@ -143,7 +143,7 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc, if (use_first_pass) try_first_pass = 0; - if (logmask && LOG_MASK(LOG_DEBUG)) + if (logmask & LOG_MASK(LOG_DEBUG)) pam_afs_syslog(LOG_DEBUG, PAMAFS_OPTIONS, nowarn, use_first_pass, try_first_pass, ignore_uid, ignore_uid_id, refresh_token, set_token, dont_fork, use_klog); @@ -163,7 +163,7 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc, RET(PAM_USER_UNKNOWN); } - if (logmask && LOG_MASK(LOG_DEBUG)) + if (logmask & LOG_MASK(LOG_DEBUG)) pam_afs_syslog(LOG_DEBUG, PAMAFS_USERNAMEDEBUG, user); /* @@ -204,14 +204,14 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc, RET(PAM_AUTH_ERR); } password = NULL; /* In case it isn't already NULL */ - if (logmask && LOG_MASK(LOG_DEBUG)) + if (logmask & LOG_MASK(LOG_DEBUG)) pam_afs_syslog(LOG_DEBUG, PAMAFS_NOFIRSTPASS, user); } else if (password[0] == '\0') { /* Actually we *did* get one but it was empty. */ pam_afs_syslog(LOG_INFO, PAMAFS_NILPASSWORD, user); RET(PAM_NEW_AUTHTOK_REQD); } else { - if (logmask && LOG_MASK(LOG_DEBUG)) + if (logmask & LOG_MASK(LOG_DEBUG)) pam_afs_syslog(LOG_DEBUG, PAMAFS_GOTPASS, user); got_authtok = 1; } @@ -272,7 +272,7 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc, #ifdef AFS_KERBEROS_ENV ktc_newpag(); #endif - if (logmask && LOG_MASK(LOG_DEBUG)) + if (logmask & LOG_MASK(LOG_DEBUG)) syslog(LOG_DEBUG, "New PAG created in pam_authenticate()"); } @@ -298,15 +298,15 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc, i = do_klog(user, password, "00:00:01", cell_ptr); ktc_ForgetAllTokens(); } - if (logmask && LOG_MASK(LOG_DEBUG)) + if (logmask & LOG_MASK(LOG_DEBUG)) syslog(LOG_DEBUG, "do_klog returned %d", i); auth_ok = i ? 0 : 1; } else { - if (logmask && LOG_MASK(LOG_DEBUG)) + if (logmask & LOG_MASK(LOG_DEBUG)) syslog(LOG_DEBUG, "forking ..."); cpid = fork(); if (cpid <= 0) { /* The child process */ - if (logmask && LOG_MASK(LOG_DEBUG)) + if (logmask & LOG_MASK(LOG_DEBUG)) syslog(LOG_DEBUG, "in child"); if (refresh_token || set_token) code = ka_UserAuthenticateGeneral(KA_USERAUTH_VERSION, (char *)user, /* kerberos name */ @@ -331,13 +331,13 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc, } else { auth_ok = 1; } - if (logmask && LOG_MASK(LOG_DEBUG)) + if (logmask & LOG_MASK(LOG_DEBUG)) syslog(LOG_DEBUG, "child: auth_ok=%d", auth_ok); if (cpid == 0) exit(auth_ok); } else { do { - if (logmask && LOG_MASK(LOG_DEBUG)) + if (logmask & LOG_MASK(LOG_DEBUG)) syslog(LOG_DEBUG, "in parent, waiting ..."); rcpid = waitpid(cpid, &status, 0); } while ((rcpid == -1) && (errno == EINTR)); @@ -347,7 +347,7 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc, } else { auth_ok = 0; } - if (logmask && LOG_MASK(LOG_DEBUG)) + if (logmask & LOG_MASK(LOG_DEBUG)) syslog(LOG_DEBUG, "parent: auth_ok=%d", auth_ok); } } @@ -357,7 +357,7 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc, pam_afs_syslog(LOG_ERR, PAMAFS_PAMERROR, errno); } } else { /* dont_fork, used by httpd */ - if (logmask && LOG_MASK(LOG_DEBUG)) + if (logmask & LOG_MASK(LOG_DEBUG)) syslog(LOG_DEBUG, "dont_fork"); if (refresh_token || set_token) code = ka_UserAuthenticateGeneral(KA_USERAUTH_VERSION, (char *)user, /* kerberos name */ @@ -374,7 +374,7 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc, (char *)password, /* password */ 0, /* spare 2 */ &reason /* error string */ ); - if (logmask && LOG_MASK(LOG_DEBUG)) + if (logmask & LOG_MASK(LOG_DEBUG)) syslog(LOG_DEBUG, "dont_fork, code = %d", code); if (code) { pam_afs_syslog(LOG_ERR, PAMAFS_LOGIN_FAILED, user, reason); @@ -382,7 +382,7 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc, } else { auth_ok = 1; } - if (logmask && LOG_MASK(LOG_DEBUG)) + if (logmask & LOG_MASK(LOG_DEBUG)) syslog(LOG_DEBUG, "dont_fork: auth_ok=%d", auth_ok); } @@ -401,7 +401,7 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc, (void)pam_set_item(pamh, PAM_AUTHTOK, password); } - if (logmask && LOG_MASK(LOG_DEBUG)) + if (logmask & LOG_MASK(LOG_DEBUG)) syslog(LOG_DEBUG, "leaving auth: auth_ok=%d", auth_ok); if (code == KANOENT) RET(PAM_USER_UNKNOWN); diff --git a/src/pam/afs_password.c b/src/pam/afs_password.c index 07fa47f..d282902 100644 --- a/src/pam/afs_password.c +++ b/src/pam/afs_password.c @@ -88,7 +88,7 @@ pam_sm_chauthtok(pam_handle_t * pamh, int flags, int argc, const char **argv) if (use_first_pass) try_first_pass = 0; - if (logmask && LOG_MASK(LOG_DEBUG)) { + if (logmask & LOG_MASK(LOG_DEBUG)) { pam_afs_syslog(LOG_DEBUG, PAMAFS_OPTIONS, nowarn, use_first_pass, try_first_pass); pam_afs_syslog(LOG_DEBUG, PAMAFS_PAMERROR, flags); @@ -109,7 +109,7 @@ pam_sm_chauthtok(pam_handle_t * pamh, int flags, int argc, const char **argv) RET(PAM_USER_UNKNOWN); } - if (logmask && LOG_MASK(LOG_DEBUG)) + if (logmask & LOG_MASK(LOG_DEBUG)) pam_afs_syslog(LOG_DEBUG, PAMAFS_USERNAMEDEBUG, user); /* @@ -148,14 +148,14 @@ pam_sm_chauthtok(pam_handle_t * pamh, int flags, int argc, const char **argv) RET(PAM_AUTH_ERR); } password = NULL; /* In case it isn't already NULL */ - if (logmask && LOG_MASK(LOG_DEBUG)) + if (logmask & LOG_MASK(LOG_DEBUG)) pam_afs_syslog(LOG_DEBUG, PAMAFS_NOFIRSTPASS, user); } else if (password[0] == '\0') { /* Actually we *did* get one but it was empty. */ pam_afs_syslog(LOG_INFO, PAMAFS_NILPASSWORD, user); RET(PAM_NEW_AUTHTOK_REQD); } else { - if (logmask && LOG_MASK(LOG_DEBUG)) + if (logmask & LOG_MASK(LOG_DEBUG)) pam_afs_syslog(LOG_DEBUG, PAMAFS_GOTPASS, user); } if (!(use_first_pass || try_first_pass)) { diff --git a/src/pam/afs_session.c b/src/pam/afs_session.c index 9dee59b..4ff997d 100644 --- a/src/pam/afs_session.c +++ b/src/pam/afs_session.c @@ -72,7 +72,7 @@ pam_sm_close_session(pam_handle_t * pamh, int flags, int argc, } } - if (logmask && LOG_MASK(LOG_DEBUG)) + if (logmask & LOG_MASK(LOG_DEBUG)) syslog(LOG_DEBUG, "pam_afs_session_close: remain: %d, remainlifetime: %d, no_unlog: %d", remain, remainlifetime, no_unlog); @@ -98,7 +98,7 @@ pam_sm_close_session(pam_handle_t * pamh, int flags, int argc, } if (!no_unlog && ktc_ForgetAllTokens()) return PAM_SESSION_ERR; - if (logmask && LOG_MASK(LOG_DEBUG)) + if (logmask & LOG_MASK(LOG_DEBUG)) syslog(LOG_DEBUG, "pam_afs_session_close: Session closed"); return PAM_SUCCESS; } diff --git a/src/pam/afs_setcred.c b/src/pam/afs_setcred.c index bb73cee..f3d2cb8 100644 --- a/src/pam/afs_setcred.c +++ b/src/pam/afs_setcred.c @@ -126,13 +126,13 @@ pam_sm_setcred(pam_handle_t * pamh, int flags, int argc, const char **argv) if (use_first_pass) try_first_pass = 0; - if (logmask && LOG_MASK(LOG_DEBUG)) + if (logmask & LOG_MASK(LOG_DEBUG)) pam_afs_syslog(LOG_DEBUG, PAMAFS_OPTIONS, nowarn, use_first_pass, try_first_pass, ignore_uid, ignore_uid_id, 8, 8, 8, 8); /* Try to get the user-interaction info, if available. */ errcode = pam_get_item(pamh, PAM_CONV, (PAM_CONST void **)&pam_convp); if (errcode != PAM_SUCCESS) { - if (logmask && LOG_MASK(LOG_DEBUG)) + if (logmask & LOG_MASK(LOG_DEBUG)) pam_afs_syslog(LOG_DEBUG, PAMAFS_NO_USER_INT); pam_convp = NULL; } @@ -177,19 +177,19 @@ pam_sm_setcred(pam_handle_t * pamh, int flags, int argc, const char **argv) #endif if (flags & PAM_DELETE_CRED) { - if (logmask && LOG_MASK(LOG_DEBUG)) + if (logmask & LOG_MASK(LOG_DEBUG)) pam_afs_syslog(LOG_DEBUG, PAMAFS_DELCRED, user); RET(PAM_SUCCESS); } else if (flags & PAM_REINITIALIZE_CRED) { - if (logmask && LOG_MASK(LOG_DEBUG)) + if (logmask & LOG_MASK(LOG_DEBUG)) pam_afs_syslog(LOG_DEBUG, PAMAFS_REINITCRED, user); RET(PAM_SUCCESS); } else { /* flags are PAM_REFRESH_CRED, PAM_ESTABLISH_CRED, unknown */ - if (logmask && LOG_MASK(LOG_DEBUG)) + if (logmask & LOG_MASK(LOG_DEBUG)) pam_afs_syslog(LOG_DEBUG, PAMAFS_ESTABCRED, user); errcode = pam_get_data(pamh, pam_afs_lh, (const void **)&password); @@ -199,7 +199,7 @@ pam_sm_setcred(pam_handle_t * pamh, int flags, int argc, const char **argv) RET(PAM_AUTH_ERR); } password = NULL; /* In case it isn't already NULL */ - if (logmask && LOG_MASK(LOG_DEBUG)) + if (logmask & LOG_MASK(LOG_DEBUG)) pam_afs_syslog(LOG_DEBUG, PAMAFS_NOFIRSTPASS, user); } else if (password[0] == '\0') { /* Actually we *did* get one but it was empty. */ @@ -209,10 +209,10 @@ pam_sm_setcred(pam_handle_t * pamh, int flags, int argc, const char **argv) pam_afs_syslog(LOG_ERR, PAMAFS_PASSWD_REQ, user); RET(PAM_NEW_AUTHTOK_REQD); } - if (logmask && LOG_MASK(LOG_DEBUG)) + if (logmask & LOG_MASK(LOG_DEBUG)) pam_afs_syslog(LOG_DEBUG, PAMAFS_NILPASSWORD, user); } else { - if (logmask && LOG_MASK(LOG_DEBUG)) + if (logmask & LOG_MASK(LOG_DEBUG)) pam_afs_syslog(LOG_DEBUG, PAMAFS_GOTPASS, user); } if (!(use_first_pass || try_first_pass)) { @@ -240,7 +240,7 @@ pam_sm_setcred(pam_handle_t * pamh, int flags, int argc, const char **argv) RET(PAM_AUTH_ERR); } if (prompt_password[0] == '\0') { - if (logmask && LOG_MASK(LOG_DEBUG)) + if (logmask & LOG_MASK(LOG_DEBUG)) pam_afs_syslog(LOG_DEBUG, PAMAFS_NILPASSWORD); RET(PAM_NEW_AUTHTOK_REQD); } @@ -263,7 +263,7 @@ pam_sm_setcred(pam_handle_t * pamh, int flags, int argc, const char **argv) * pam_sm_authenticate() or if it was destroyed by the application */ if ((!refresh_token) && (getPAG() == -1)) { - if (logmask && LOG_MASK(LOG_DEBUG)) + if (logmask & LOG_MASK(LOG_DEBUG)) syslog(LOG_DEBUG, "New PAG created in pam_setcred()"); setpag(); #ifdef AFS_KERBEROS_ENV -- 1.9.4