sspi: Minor code tidy up to standardise coding style

Following the recent changes and in attempt to align the SSPI based authentication code performed the following: * Use NULL and SECBUFFVERSION rather than hard coded constants. * Avoid comparison of zero in if statements. * Standardised the buf and desc setup code.
curl · Aug 8, 2014 · b91e97e · b91e97e
1 parent cda4aab
commit b91e97e
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 22 deletions.
diff --git a/lib/curl_ntlm_msgs.c b/lib/curl_ntlm_msgs.c
@@ -469,9 +469,9 @@ CURLcode Curl_ntlm_create_type1_message(const char *userp,
   type_1_desc.ulVersion = SECBUFFER_VERSION;
   type_1_desc.cBuffers  = 1;
   type_1_desc.pBuffers  = &type_1_buf;
-  type_1_buf.cbBuffer   = curlx_uztoul(ntlm->max_token_length);
   type_1_buf.BufferType = SECBUFFER_TOKEN;
   type_1_buf.pvBuffer   = ntlm->output_token;
+  type_1_buf.cbBuffer   = curlx_uztoul(ntlm->max_token_length);
 
   /* Generate our type-1 message */
   status = s_pSecFn->InitializeSecurityContext(&ntlm->handle, NULL,

diff --git a/lib/http_negotiate_sspi.c b/lib/http_negotiate_sspi.c
@@ -68,7 +68,7 @@ get_gss_name(struct connectdata *conn, bool proxy,
 int Curl_input_negotiate(struct connectdata *conn, bool proxy,
                          const char *header)
 {
-  BYTE              *input_token = 0;
+  BYTE              *input_token = NULL;
   SecBufferDesc     out_buff_desc;
   SecBuffer         out_sec_buff;
   SecBufferDesc     in_buff_desc;
@@ -113,7 +113,7 @@ int Curl_input_negotiate(struct connectdata *conn, bool proxy,
     return -1;
   }
 
-  if(0 == strlen(neg_ctx->server_name)) {
+  if(!strlen(neg_ctx->server_name)) {
     ret = get_gss_name(conn, proxy, neg_ctx);
     if(ret)
       return ret;
@@ -181,42 +181,41 @@ int Curl_input_negotiate(struct connectdata *conn, bool proxy,
     error = Curl_base64_decode(header,
                                (unsigned char **)&input_token,
                                &input_token_len);
-    if(error || input_token_len == 0)
+    if(error || !input_token_len)
       return -1;
   }
 
-  /* prepare the output buffers, and input buffers if present */
-  out_buff_desc.ulVersion = 0;
+  /* Setup the "output" security buffer */
+  out_buff_desc.ulVersion = SECBUFFER_VERSION;
   out_buff_desc.cBuffers  = 1;
   out_buff_desc.pBuffers  = &out_sec_buff;
-
-  out_sec_buff.cbBuffer   = curlx_uztoul(neg_ctx->max_token_length);
   out_sec_buff.BufferType = SECBUFFER_TOKEN;
   out_sec_buff.pvBuffer   = neg_ctx->output_token;
+  out_sec_buff.cbBuffer   = curlx_uztoul(neg_ctx->max_token_length);
 
-
+  /* Setup the "input" security buffer if present */
   if(input_token) {
-    in_buff_desc.ulVersion = 0;
+    in_buff_desc.ulVersion = SECBUFFER_VERSION;
     in_buff_desc.cBuffers  = 1;
     in_buff_desc.pBuffers  = &in_sec_buff;
-
-    in_sec_buff.cbBuffer   = curlx_uztoul(input_token_len);
     in_sec_buff.BufferType = SECBUFFER_TOKEN;
     in_sec_buff.pvBuffer   = input_token;
+    in_sec_buff.cbBuffer   = curlx_uztoul(input_token_len);
   }
 
   sname = Curl_convert_UTF8_to_tchar(neg_ctx->server_name);
   if(!sname)
     return CURLE_OUT_OF_MEMORY;
 
+  /* Generate our message */
   neg_ctx->status = s_pSecFn->InitializeSecurityContext(
     neg_ctx->credentials,
-    input_token ? neg_ctx->context : 0,
+    input_token ? neg_ctx->context : NULL,
     sname,
     ISC_REQ_CONFIDENTIALITY,
     0,
     SECURITY_NATIVE_DREP,
-    input_token ? &in_buff_desc : 0,
+    input_token ? &in_buff_desc : NULL,
     0,
     neg_ctx->context,
     &out_buff_desc,
@@ -259,7 +258,7 @@ CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy)
   if(error)
     return error;
 
-  if(len == 0)
+  if(!len)
     return CURLE_REMOTE_ACCESS_DENIED;
 
   userp = aprintf("%sAuthorization: Negotiate %s\r\n", proxy ? "Proxy-" : "",
@@ -282,21 +281,17 @@ static void cleanup(struct negotiatedata *neg_ctx)
   if(neg_ctx->context) {
     s_pSecFn->DeleteSecurityContext(neg_ctx->context);
     free(neg_ctx->context);
-    neg_ctx->context = 0;
+    neg_ctx->context = NULL;
   }
 
   if(neg_ctx->credentials) {
     s_pSecFn->FreeCredentialsHandle(neg_ctx->credentials);
     free(neg_ctx->credentials);
-    neg_ctx->credentials = 0;
-  }
-
-  if(neg_ctx->output_token) {
-    free(neg_ctx->output_token);
-    neg_ctx->output_token = 0;
+    neg_ctx->credentials = NULL;
   }
 
   neg_ctx->max_token_length = 0;
+  Curl_safefree(neg_ctx->output_token);
 
   Curl_sspi_free_identity(neg_ctx->p_identity);
   neg_ctx->p_identity = NULL;