aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2015-05-22 16:43:58 +0200
committerDaniel Stenberg <daniel@haxx.se>2015-05-22 16:46:01 +0200
commit1514977bcde37c59f863a0f40c7d9f66d9e33370 (patch)
tree87c21f0ed7e61460b85a82260e6691467c9a4bcb
parentfda0e74c226b75a1379f43c46a0e0de4297eb9fc (diff)
security: simplify choose_mech
Coverity CID 1299424 identified dead code because of checks that could never equal true (if the mechanism's name was NULL). Simplified the function by removing a level of pointers and removing the loop and array that weren't used.
-rw-r--r--lib/security.c52
1 files changed, 19 insertions, 33 deletions
diff --git a/lib/security.c b/lib/security.c
index ccaa1f6e9..524f9cef4 100644
--- a/lib/security.c
+++ b/lib/security.c
@@ -109,13 +109,6 @@ static char level_to_char(int level) {
return 'P';
}
-static const struct Curl_sec_client_mech * const mechs[] = {
-#ifdef HAVE_GSSAPI
- &Curl_krb5_client_mech,
-#endif
- NULL
-};
-
/* Send an FTP command defined by |message| and the optional arguments. The
function returns the ftp_code. If an error occurs, -1 is returned. */
static int ftp_send_command(struct connectdata *conn, const char *message, ...)
@@ -484,36 +477,29 @@ static CURLcode choose_mech(struct connectdata *conn)
{
int ret;
struct SessionHandle *data = conn->data;
- const struct Curl_sec_client_mech * const *mech;
void *tmp_allocation;
- const char *mech_name;
-
- for(mech = mechs; (*mech); ++mech) {
- mech_name = (*mech)->name;
- /* We have no mechanism with a NULL name but keep this check */
- DEBUGASSERT(mech_name != NULL);
- if(mech_name == NULL) {
- infof(data, "Skipping mechanism with empty name (%p)\n", (void *)mech);
- continue;
- }
- tmp_allocation = realloc(conn->app_data, (*mech)->size);
+ const struct Curl_sec_client_mech *mech = &Curl_krb5_client_mech;
+
+ do {
+ tmp_allocation = realloc(conn->app_data, mech->size);
if(tmp_allocation == NULL) {
- failf(data, "Failed realloc of size %u", (*mech)->size);
+ failf(data, "Failed realloc of size %u", mech->size);
mech = NULL;
return CURLE_OUT_OF_MEMORY;
}
conn->app_data = tmp_allocation;
- if((*mech)->init) {
- ret = (*mech)->init(conn->app_data);
- if(ret != 0) {
- infof(data, "Failed initialization for %s. Skipping it.\n", mech_name);
+ if(mech->init) {
+ ret = mech->init(conn->app_data);
+ if(ret) {
+ infof(data, "Failed initialization for %s. Skipping it.\n",
+ mech->name);
continue;
}
}
- infof(data, "Trying mechanism %s...\n", mech_name);
- ret = ftp_send_command(conn, "AUTH %s", mech_name);
+ infof(data, "Trying mechanism %s...\n", mech->name);
+ ret = ftp_send_command(conn, "AUTH %s", mech->name);
if(ret < 0)
/* FIXME: This error is too generic but it is OK for now. */
return CURLE_COULDNT_CONNECT;
@@ -522,11 +508,11 @@ static CURLcode choose_mech(struct connectdata *conn)
switch(ret) {
case 504:
infof(data, "Mechanism %s is not supported by the server (server "
- "returned ftp code: 504).\n", mech_name);
+ "returned ftp code: 504).\n", mech->name);
break;
case 534:
infof(data, "Mechanism %s was rejected by the server (server returned "
- "ftp code: 534).\n", mech_name);
+ "ftp code: 534).\n", mech->name);
break;
default:
if(ret/100 == 5) {
@@ -539,7 +525,7 @@ static CURLcode choose_mech(struct connectdata *conn)
}
/* Authenticate */
- ret = (*mech)->auth(conn->app_data, conn);
+ ret = mech->auth(conn->app_data, conn);
if(ret == AUTH_CONTINUE)
continue;
@@ -549,7 +535,7 @@ static CURLcode choose_mech(struct connectdata *conn)
}
DEBUGASSERT(ret == AUTH_OK);
- conn->mech = *mech;
+ conn->mech = mech;
conn->sec_complete = 1;
conn->recv[FIRSTSOCKET] = sec_recv;
conn->send[FIRSTSOCKET] = sec_send;
@@ -559,10 +545,10 @@ static CURLcode choose_mech(struct connectdata *conn)
/* Set the requested protection level */
/* BLOCKING */
(void)sec_set_protection_level(conn);
- break;
- }
- return *mech != NULL ? CURLE_OK : CURLE_FAILED_INIT;
+ } WHILE_FALSE;
+
+ return CURLE_OK;
}
CURLcode