From 7a7cdf264dbf40210c728d1fb3293968826a0d38 Mon Sep 17 00:00:00 2001
From: Steve Holme <steve_holme@hotmail.com>
Date: Sun, 3 Apr 2016 17:32:10 +0100
Subject: spnego: Small code tidy up

* Prefer dereference of string pointer rather than strlen()
* Free challenge pointer in one place
* Additional comments
---
 lib/vauth/spnego_gssapi.c |  6 ++++--
 lib/vauth/spnego_sspi.c   | 13 ++++++-------
 2 files changed, 10 insertions(+), 9 deletions(-)

(limited to 'lib')

diff --git a/lib/vauth/spnego_gssapi.c b/lib/vauth/spnego_gssapi.c
index cf1fcf0d6..fd9a0ef7a 100644
--- a/lib/vauth/spnego_gssapi.c
+++ b/lib/vauth/spnego_gssapi.c
@@ -87,8 +87,8 @@ CURLcode Curl_auth_decode_spnego_message(struct SessionHandle *data,
     return CURLE_LOGIN_DENIED;
   }
 
-  /* Generate our SPN */
   if(!nego->spn) {
+    /* Generate our SPN */
     char *spn = Curl_auth_build_gssapi_spn(service, host);
     if(!spn)
       return CURLE_OUT_OF_MEMORY;
@@ -113,7 +113,7 @@ CURLcode Curl_auth_decode_spnego_message(struct SessionHandle *data,
     free(spn);
   }
 
-  if(chlg64 && strlen(chlg64)) {
+  if(chlg64 && *chlg64) {
     /* Decode the base-64 encoded challenge message */
     if(*chlg64 != '=') {
       result = Curl_base64_decode(chlg64, &chlg, &chlglen);
@@ -144,6 +144,8 @@ CURLcode Curl_auth_decode_spnego_message(struct SessionHandle *data,
                                            &output_token,
                                            TRUE,
                                            NULL);
+
+  /* Free the decoded challenge as it is not required anymore */
   Curl_safefree(input_token.value);
 
   nego->status = major_status;
diff --git a/lib/vauth/spnego_sspi.c b/lib/vauth/spnego_sspi.c
index acab2bc9d..3dc5ccaeb 100644
--- a/lib/vauth/spnego_sspi.c
+++ b/lib/vauth/spnego_sspi.c
@@ -88,8 +88,8 @@ CURLcode Curl_auth_decode_spnego_message(struct SessionHandle *data,
     return CURLE_LOGIN_DENIED;
   }
 
-  /* Generate our SPN */
   if(!nego->spn) {
+    /* Generate our SPN */
     nego->spn = Curl_auth_build_spn(service, host);
     if(!nego->spn)
       return CURLE_OUT_OF_MEMORY;
@@ -115,6 +115,7 @@ CURLcode Curl_auth_decode_spnego_message(struct SessionHandle *data,
  }
 
   if(!nego->credentials) {
+    /* Do we have credientials to use or are we using single sign-on? */
     if(user && *user) {
       /* Populate our identity structure */
       result = Curl_create_sspi_identity(user, password, &nego->identity);
@@ -153,7 +154,7 @@ CURLcode Curl_auth_decode_spnego_message(struct SessionHandle *data,
     memset(nego->context, 0, sizeof(CtxtHandle));
   }
 
-  if(chlg64 && strlen(chlg64)) {
+  if(chlg64 && *chlg64) {
     /* Decode the base-64 encoded challenge message */
     if(*chlg64 != '=') {
       result = Curl_base64_decode(chlg64, &chlg, &chlglen);
@@ -197,8 +198,10 @@ CURLcode Curl_auth_decode_spnego_message(struct SessionHandle *data,
                                                      &resp_desc, &attrs,
                                                      &expiry);
 
+  /* Free the decoded challenge as it is not required anymore */
+  free(chlg);
+
   if(GSS_ERROR(nego->status)) {
-    free(chlg);
     return CURLE_OUT_OF_MEMORY;
   }
 
@@ -206,16 +209,12 @@ CURLcode Curl_auth_decode_spnego_message(struct SessionHandle *data,
      nego->status == SEC_I_COMPLETE_AND_CONTINUE) {
     nego->status = s_pSecFn->CompleteAuthToken(nego->context, &resp_desc);
     if(GSS_ERROR(nego->status)) {
-      free(chlg);
       return CURLE_RECV_ERROR;
     }
   }
 
   nego->output_token_length = resp_buf.cbBuffer;
 
-  /* Free the decoded challenge */
-  free(chlg);
-
   return result;
 }
 
-- 
cgit v1.2.3