From 4d93aaedd99c1dc4f6ecbc0588da12aa16904593 Mon Sep 17 00:00:00 2001 From: Luke Howard Date: Fri, 16 Sep 2011 16:14:48 +1000 Subject: [PATCH] use GSSEAP_ASSERT macro instead of assert --- mech_eap/accept_sec_context.c | 18 +++++++++--------- mech_eap/eap_mech.c | 2 +- mech_eap/export_sec_context.c | 4 ++-- mech_eap/import_sec_context.c | 4 ++-- mech_eap/init_sec_context.c | 40 ++++++++++++++++++++-------------------- mech_eap/unwrap_iov.c | 10 +++++----- mech_eap/util.h | 7 ++++++- mech_eap/util_adshim.c | 2 +- mech_eap/util_attr.cpp | 24 ++++++++++++------------ mech_eap/util_cksum.c | 4 ++-- mech_eap/util_context.c | 12 ++++++------ mech_eap/util_cred.c | 2 +- mech_eap/util_crypt.c | 14 +++++++------- mech_eap/util_krb.c | 2 +- mech_eap/util_moonshot.c | 2 +- mech_eap/util_name.c | 8 ++++---- mech_eap/util_radius.cpp | 8 ++++---- mech_eap/util_reauth.c | 6 +++--- mech_eap/util_saml.cpp | 6 +++--- mech_eap/util_shib.cpp | 20 ++++++++++---------- mech_eap/util_sm.c | 18 +++++++++--------- mech_eap/util_token.c | 10 +++++----- mech_eap/wrap_iov.c | 2 +- mech_eap/wrap_iov_length.c | 2 +- 24 files changed, 116 insertions(+), 111 deletions(-) diff --git a/mech_eap/accept_sec_context.c b/mech_eap/accept_sec_context.c index d010e34..12f6862 100644 --- a/mech_eap/accept_sec_context.c +++ b/mech_eap/accept_sec_context.c @@ -328,7 +328,7 @@ setAcceptorIdentity(OM_uint32 *minor, krb5_principal krbPrinc; struct rs_context *rc = ctx->acceptorCtx.radContext; - assert(rc != NULL); + GSSEAP_ASSERT(rc != NULL); if (ctx->acceptorName == GSS_C_NO_NAME) { *minor = 0; @@ -343,8 +343,8 @@ setAcceptorIdentity(OM_uint32 *minor, GSSEAP_KRB_INIT(&krbContext); krbPrinc = ctx->acceptorName->krbPrincipal; - assert(krbPrinc != NULL); - assert(KRB_PRINC_LENGTH(krbPrinc) >= 2); + GSSEAP_ASSERT(krbPrinc != NULL); + GSSEAP_ASSERT(KRB_PRINC_LENGTH(krbPrinc) >= 2); /* Acceptor-Service-Name */ krbPrincComponentToGssBuffer(krbPrinc, 0, &nameBuf); @@ -423,8 +423,8 @@ createRadiusHandle(OM_uint32 *minor, struct rs_alloc_scheme ralloc; struct rs_error *err; - assert(actx->radContext == NULL); - assert(actx->radConn == NULL); + GSSEAP_ASSERT(actx->radContext == NULL); + GSSEAP_ASSERT(actx->radConn == NULL); if (rs_context_create(&actx->radContext) != 0) { *minor = GSSEAP_RADSEC_CONTEXT_FAILURE; @@ -550,7 +550,7 @@ eapGssSmAcceptAuthenticate(OM_uint32 *minor, goto cleanup; } - assert(resp != NULL); + GSSEAP_ASSERT(resp != NULL); frresp = rs_packet_frpkt(resp); switch (frresp->code) { @@ -606,7 +606,7 @@ cleanup: if (resp != NULL) rs_packet_destroy(resp); if (GSSEAP_SM_STATE(ctx) == GSSEAP_STATE_INITIATOR_EXTS) { - assert(major == GSS_S_CONTINUE_NEEDED); + GSSEAP_ASSERT(major == GSS_S_CONTINUE_NEEDED); rs_conn_destroy(ctx->acceptorCtx.radConn); ctx->acceptorCtx.radConn = NULL; @@ -631,7 +631,7 @@ eapGssSmAcceptGssFlags(OM_uint32 *minor, unsigned char *p; OM_uint32 initiatorGssFlags; - assert((ctx->flags & CTX_FLAG_KRB_REAUTH) == 0); + GSSEAP_ASSERT((ctx->flags & CTX_FLAG_KRB_REAUTH) == 0); if (inputToken->length < 4) { *minor = GSSEAP_TOK_TRUNC; @@ -943,7 +943,7 @@ gssEapAcceptSecContext(OM_uint32 *minor, } } - assert(CTX_IS_ESTABLISHED(ctx) || major == GSS_S_CONTINUE_NEEDED); + GSSEAP_ASSERT(CTX_IS_ESTABLISHED(ctx) || major == GSS_S_CONTINUE_NEEDED); cleanup: if (cred != GSS_C_NO_CREDENTIAL) diff --git a/mech_eap/eap_mech.c b/mech_eap/eap_mech.c index bec319b..4821a9c 100644 --- a/mech_eap/eap_mech.c +++ b/mech_eap/eap_mech.c @@ -214,6 +214,6 @@ gssEapInitiatorInitAssert(void) major = gssEapInitiatorInit(&minor); - assert(!GSS_ERROR(major)); + GSSEAP_ASSERT(!GSS_ERROR(major)); } #endif diff --git a/mech_eap/export_sec_context.c b/mech_eap/export_sec_context.c index 50f90f7..e5be6d8 100644 --- a/mech_eap/export_sec_context.c +++ b/mech_eap/export_sec_context.c @@ -86,7 +86,7 @@ gssEapExportPartialContext(OM_uint32 *minor, p += ctx->acceptorCtx.state.length; } - assert(p == (unsigned char *)token->value + token->length); + GSSEAP_ASSERT(p == (unsigned char *)token->value + token->length); major = GSS_S_COMPLETE; *minor = 0; @@ -195,7 +195,7 @@ gssEapExportSecContext(OM_uint32 *minor, if (partialCtx.value != NULL) p = store_buffer(&partialCtx, p, FALSE); - assert(p == (unsigned char *)token->value + token->length); + GSSEAP_ASSERT(p == (unsigned char *)token->value + token->length); major = GSS_S_COMPLETE; *minor = 0; diff --git a/mech_eap/import_sec_context.c b/mech_eap/import_sec_context.c index 9e824fa..56ee8d8 100644 --- a/mech_eap/import_sec_context.c +++ b/mech_eap/import_sec_context.c @@ -106,7 +106,7 @@ gssEapImportPartialContext(OM_uint32 *minor, } #ifdef GSSEAP_DEBUG - assert(remain == 0); + GSSEAP_ASSERT(remain == 0); #endif *pBuf = p; @@ -319,7 +319,7 @@ gssEapImportContext(OM_uint32 *minor, } #ifdef GSSEAP_DEBUG - assert(remain == 0); + GSSEAP_ASSERT(remain == 0); #endif #endif /* GSSEAP_ENABLE_ACCEPTOR */ diff --git a/mech_eap/init_sec_context.c b/mech_eap/init_sec_context.c index e5bc107..dc5c70f 100644 --- a/mech_eap/init_sec_context.c +++ b/mech_eap/init_sec_context.c @@ -123,7 +123,7 @@ peerGetInt(void *data, enum eapol_int_var variable) if (ctx == GSS_C_NO_CONTEXT) return FALSE; - assert(CTX_IS_INITIATOR(ctx)); + GSSEAP_ASSERT(CTX_IS_INITIATOR(ctx)); switch (variable) { case EAPOL_idleWhile: @@ -143,7 +143,7 @@ peerSetInt(void *data, enum eapol_int_var variable, if (ctx == GSS_C_NO_CONTEXT) return; - assert(CTX_IS_INITIATOR(ctx)); + GSSEAP_ASSERT(CTX_IS_INITIATOR(ctx)); switch (variable) { case EAPOL_idleWhile: @@ -211,7 +211,7 @@ peerConfigInit(OM_uint32 *minor, gss_ctx_id_t ctx) eapPeerConfig->password = NULL; eapPeerConfig->password_len = 0; - assert(cred != GSS_C_NO_CREDENTIAL); + GSSEAP_ASSERT(cred != GSS_C_NO_CREDENTIAL); GSSEAP_KRB_INIT(&krbContext); @@ -220,7 +220,7 @@ peerConfigInit(OM_uint32 *minor, gss_ctx_id_t ctx) wpa_debug_level = 0; #endif - assert(cred->name != GSS_C_NO_NAME); + GSSEAP_ASSERT(cred->name != GSS_C_NO_NAME); if ((cred->name->flags & (NAME_FLAG_NAI | NAME_FLAG_SERVICE)) == 0) { *minor = GSSEAP_BAD_INITIATOR_NAME; @@ -355,7 +355,7 @@ initBegin(OM_uint32 *minor, OM_uint32 major; gss_cred_id_t cred = ctx->cred; - assert(cred != GSS_C_NO_CREDENTIAL); + GSSEAP_ASSERT(cred != GSS_C_NO_CREDENTIAL); if (cred->expiryTime) ctx->expiryTime = cred->expiryTime; @@ -433,7 +433,7 @@ eapGssSmInitError(OM_uint32 *minor, *minor = GSSEAP_BAD_ERROR_TOKEN; } - assert(GSS_ERROR(major)); + GSSEAP_ASSERT(GSS_ERROR(major)); return major; } @@ -457,7 +457,7 @@ eapGssSmInitGssReauth(OM_uint32 *minor, gss_OID actualMech = GSS_C_NO_OID; OM_uint32 gssFlags, timeRec; - assert(cred != GSS_C_NO_CREDENTIAL); + GSSEAP_ASSERT(cred != GSS_C_NO_CREDENTIAL); if (GSSEAP_SM_STATE(ctx) == GSSEAP_STATE_INITIAL) { if (!gssEapCanReauthP(cred, target, timeReq)) @@ -493,7 +493,7 @@ eapGssSmInitGssReauth(OM_uint32 *minor, ctx->gssFlags = gssFlags; if (major == GSS_S_COMPLETE) { - assert(GSSEAP_SM_STATE(ctx) == GSSEAP_STATE_REAUTHENTICATE); + GSSEAP_ASSERT(GSSEAP_SM_STATE(ctx) == GSSEAP_STATE_REAUTHENTICATE); major = gssEapReauthComplete(minor, ctx, cred, actualMech, timeRec); if (GSS_ERROR(major)) @@ -607,8 +607,8 @@ eapGssSmInitIdentity(OM_uint32 *minor, #endif *smFlags |= SM_FLAG_FORCE_SEND_TOKEN; - assert((ctx->flags & CTX_FLAG_KRB_REAUTH) == 0); - assert(inputToken == GSS_C_NO_BUFFER); + GSSEAP_ASSERT((ctx->flags & CTX_FLAG_KRB_REAUTH) == 0); + GSSEAP_ASSERT(inputToken == GSS_C_NO_BUFFER); memset(&eapConfig, 0, sizeof(eapConfig)); @@ -655,14 +655,14 @@ eapGssSmInitAuthenticate(OM_uint32 *minor, *minor = 0; - assert(inputToken != GSS_C_NO_BUFFER); + GSSEAP_ASSERT(inputToken != GSS_C_NO_BUFFER); major = peerConfigInit(minor, ctx); if (GSS_ERROR(major)) goto cleanup; - assert(ctx->initiatorCtx.eap != NULL); - assert(ctx->flags & CTX_FLAG_EAP_PORT_ENABLED); + GSSEAP_ASSERT(ctx->initiatorCtx.eap != NULL); + GSSEAP_ASSERT(ctx->flags & CTX_FLAG_EAP_PORT_ENABLED); ctx->flags |= CTX_FLAG_EAP_REQ; /* we have a Request from the acceptor */ @@ -697,7 +697,7 @@ cleanup: OM_uint32 tmpMajor; gss_buffer_desc respBuf; - assert(major == GSS_S_CONTINUE_NEEDED); + GSSEAP_ASSERT(major == GSS_S_CONTINUE_NEEDED); respBuf.length = wpabuf_len(resp); respBuf.value = (void *)wpabuf_head(resp); @@ -765,7 +765,7 @@ eapGssSmInitGssChannelBindings(OM_uint32 *minor, if (GSS_ERROR(major)) return major; - assert(outputToken->value != NULL); + GSSEAP_ASSERT(outputToken->value != NULL); *minor = 0; *smFlags |= SM_FLAG_OUTPUT_TOKEN_CRITICAL; @@ -969,13 +969,13 @@ gssEapInitSecContext(OM_uint32 *minor, if (GSS_ERROR(major)) goto cleanup; - assert(ctx->cred != GSS_C_NO_CREDENTIAL); + GSSEAP_ASSERT(ctx->cred != GSS_C_NO_CREDENTIAL); } GSSEAP_MUTEX_LOCK(&ctx->cred->mutex); - assert(ctx->cred->flags & CRED_FLAG_RESOLVED); - assert(ctx->cred->flags & CRED_FLAG_INITIATE); + GSSEAP_ASSERT(ctx->cred->flags & CRED_FLAG_RESOLVED); + GSSEAP_ASSERT(ctx->cred->flags & CRED_FLAG_INITIATE); if (initialContextToken) { major = initBegin(minor, ctx, target_name, mech_type, @@ -1014,7 +1014,7 @@ gssEapInitSecContext(OM_uint32 *minor, if (time_rec != NULL) gssEapContextTime(&tmpMinor, ctx, time_rec); - assert(CTX_IS_ESTABLISHED(ctx) || major == GSS_S_CONTINUE_NEEDED); + GSSEAP_ASSERT(CTX_IS_ESTABLISHED(ctx) || major == GSS_S_CONTINUE_NEEDED); cleanup: if (cred != GSS_C_NO_CREDENTIAL) @@ -1048,7 +1048,7 @@ gss_init_sec_context(OM_uint32 *minor, output_token->length = 0; output_token->value = NULL; - assert(ctx == GSS_C_NO_CONTEXT || ctx->mechanismUsed != GSS_C_NO_OID); + GSSEAP_ASSERT(ctx == GSS_C_NO_CONTEXT || ctx->mechanismUsed != GSS_C_NO_OID); if (ctx == GSS_C_NO_CONTEXT) { if (input_token != GSS_C_NO_BUFFER && input_token->length != 0) { diff --git a/mech_eap/unwrap_iov.c b/mech_eap/unwrap_iov.c index 9e3ef19..6291172 100644 --- a/mech_eap/unwrap_iov.c +++ b/mech_eap/unwrap_iov.c @@ -103,7 +103,7 @@ unwrapToken(OM_uint32 *minor, *qop_state = GSS_C_QOP_DEFAULT; header = gssEapLocateIov(iov, iov_count, GSS_IOV_BUFFER_TYPE_HEADER); - assert(header != NULL); + GSSEAP_ASSERT(header != NULL); padding = gssEapLocateIov(iov, iov_count, GSS_IOV_BUFFER_TYPE_PADDING); if (padding != NULL && padding->buffer.length != 0) { @@ -330,7 +330,7 @@ unwrapStream(OM_uint32 *minor, GSSEAP_KRB_INIT(&krbContext); - assert(toktype == TOK_TYPE_WRAP); + GSSEAP_ASSERT(toktype == TOK_TYPE_WRAP); if (toktype != TOK_TYPE_WRAP) { code = GSSEAP_WRONG_TOK_ID; @@ -338,7 +338,7 @@ unwrapStream(OM_uint32 *minor, } stream = gssEapLocateIov(iov, iov_count, GSS_IOV_BUFFER_TYPE_STREAM); - assert(stream != NULL); + GSSEAP_ASSERT(stream != NULL); if (stream->buffer.length < 16) { major = GSS_S_DEFECTIVE_TOKEN; @@ -458,7 +458,7 @@ unwrapStream(OM_uint32 *minor, tdata->buffer.length = stream->buffer.length - ttrailer->buffer.length - tpadding->buffer.length - theader->buffer.length; - assert(data != NULL); + GSSEAP_ASSERT(data != NULL); if (data->type & GSS_IOV_BUFFER_FLAG_ALLOCATE) { code = gssEapAllocIov(tdata, tdata->buffer.length); @@ -473,7 +473,7 @@ unwrapStream(OM_uint32 *minor, theader->buffer.length; } - assert(i <= iov_count + 2); + GSSEAP_ASSERT(i <= iov_count + 2); major = unwrapToken(&code, ctx, KRB_CRYPTO_CONTEXT(ctx), conf_state, qop_state, tiov, i, toktype); diff --git a/mech_eap/util.h b/mech_eap/util.h index 7c08583..7fa3495 100644 --- a/mech_eap/util.h +++ b/mech_eap/util.h @@ -761,6 +761,11 @@ verifyTokenHeader(OM_uint32 *minor, #define GSSAPI_CALLCONV KRB5_CALLCONV #endif +#ifndef GSSEAP_ASSERT +#include +#define GSSEAP_ASSERT(x) assert((x)) +#endif /* !GSSEAP_ASSERT */ + #ifdef WIN32 #define GSSEAP_CONSTRUCTOR #define GSSEAP_DESTRUCTOR @@ -770,7 +775,7 @@ verifyTokenHeader(OM_uint32 *minor, #endif #define GSSEAP_NOT_IMPLEMENTED do { \ - assert(0 && "not implemented"); \ + GSSEAP_ASSERT(0 && "not implemented"); \ *minor = ENOSYS; \ return GSS_S_FAILURE; \ } while (0) diff --git a/mech_eap/util_adshim.c b/mech_eap/util_adshim.c index b74a29a..513a1a8 100644 --- a/mech_eap/util_adshim.c +++ b/mech_eap/util_adshim.c @@ -125,7 +125,7 @@ radius_ad_import_authdata(krb5_context kcontext, krb5_free_data_contents(kcontext, &radius_ad->avpdata); radius_ad->verified = FALSE; - assert(authdata[0] != NULL); + GSSEAP_ASSERT(authdata[0] != NULL); radius_ad->avpdata.data = GSSEAP_MALLOC(authdata[0]->length); if (radius_ad->avpdata.data == NULL) diff --git a/mech_eap/util_attr.cpp b/mech_eap/util_attr.cpp index d24615d..acd7a8f 100644 --- a/mech_eap/util_attr.cpp +++ b/mech_eap/util_attr.cpp @@ -50,7 +50,7 @@ GSSEAP_ONCE_CALLBACK(gssEapAttrProvidersInitInternal) { OM_uint32 major, minor; - assert(gssEapAttrProvidersInitStatus == GSS_S_UNAVAILABLE); + GSSEAP_ASSERT(gssEapAttrProvidersInitStatus == GSS_S_UNAVAILABLE); major = gssEapRadiusAttrProviderInit(&minor); if (GSS_ERROR(major)) @@ -69,7 +69,7 @@ GSSEAP_ONCE_CALLBACK(gssEapAttrProvidersInitInternal) cleanup: #ifdef GSSEAP_DEBUG - assert(major == GSS_S_COMPLETE); + GSSEAP_ASSERT(major == GSS_S_COMPLETE); #endif gssEapAttrProvidersInitStatus = major; @@ -115,9 +115,9 @@ void gss_eap_attr_ctx::registerProvider(unsigned int type, gss_eap_attr_create_provider factory) { - assert(type <= ATTR_TYPE_MAX); + GSSEAP_ASSERT(type <= ATTR_TYPE_MAX); - assert(gssEapAttrFactories[type] == NULL); + GSSEAP_ASSERT(gssEapAttrFactories[type] == NULL); gssEapAttrFactories[type] = factory; } @@ -128,7 +128,7 @@ gss_eap_attr_ctx::registerProvider(unsigned int type, void gss_eap_attr_ctx::unregisterProvider(unsigned int type) { - assert(type <= ATTR_TYPE_MAX); + GSSEAP_ASSERT(type <= ATTR_TYPE_MAX); gssEapAttrFactories[type] = NULL; } @@ -416,7 +416,7 @@ gss_eap_attr_ctx::~gss_eap_attr_ctx(void) gss_eap_attr_provider * gss_eap_attr_ctx::getProvider(unsigned int type) const { - assert(type >= ATTR_TYPE_MIN && type <= ATTR_TYPE_MAX); + GSSEAP_ASSERT(type >= ATTR_TYPE_MIN && type <= ATTR_TYPE_MAX); return m_providers[type]; } @@ -714,7 +714,7 @@ gss_eap_attr_ctx::mapException(OM_uint32 *minor, std::exception &e) const } cleanup: - assert(GSS_ERROR(major)); + GSSEAP_ASSERT(GSS_ERROR(major)); return major; } @@ -1008,7 +1008,7 @@ gssEapImportAttrContext(OM_uint32 *minor, gss_eap_attr_ctx *ctx = NULL; OM_uint32 major = GSS_S_FAILURE; - assert(name->attrCtx == NULL); + GSSEAP_ASSERT(name->attrCtx == NULL); if (GSS_ERROR(gssEapAttrProvidersInit(minor))) return GSS_S_UNAVAILABLE; @@ -1032,7 +1032,7 @@ gssEapImportAttrContext(OM_uint32 *minor, major = ctx->mapException(minor, e); } - assert(major == GSS_S_COMPLETE || name->attrCtx == NULL); + GSSEAP_ASSERT(major == GSS_S_COMPLETE || name->attrCtx == NULL); if (GSS_ERROR(major)) delete ctx; @@ -1048,7 +1048,7 @@ gssEapDuplicateAttrContext(OM_uint32 *minor, gss_eap_attr_ctx *ctx = NULL; OM_uint32 major = GSS_S_FAILURE; - assert(out->attrCtx == NULL); + GSSEAP_ASSERT(out->attrCtx == NULL); if (in->attrCtx == NULL) { *minor = 0; @@ -1073,7 +1073,7 @@ gssEapDuplicateAttrContext(OM_uint32 *minor, major = in->attrCtx->mapException(minor, e); } - assert(major == GSS_S_COMPLETE || out->attrCtx == NULL); + GSSEAP_ASSERT(major == GSS_S_COMPLETE || out->attrCtx == NULL); if (GSS_ERROR(major)) delete ctx; @@ -1155,7 +1155,7 @@ gssEapCreateAttrContext(OM_uint32 *minor, gss_eap_attr_ctx *ctx = NULL; OM_uint32 major; - assert(gssCtx != GSS_C_NO_CONTEXT); + GSSEAP_ASSERT(gssCtx != GSS_C_NO_CONTEXT); *pAttrContext = NULL; diff --git a/mech_eap/util_cksum.c b/mech_eap/util_cksum.c index ba76fd2..aedc93e 100644 --- a/mech_eap/util_cksum.c +++ b/mech_eap/util_cksum.c @@ -88,10 +88,10 @@ gssEapChecksum(krb5_context context, return code; header = gssEapLocateIov(iov, iov_count, GSS_IOV_BUFFER_TYPE_HEADER); - assert(header != NULL); + GSSEAP_ASSERT(header != NULL); trailer = gssEapLocateIov(iov, iov_count, GSS_IOV_BUFFER_TYPE_TRAILER); - assert(rrc != 0 || trailer != NULL); + GSSEAP_ASSERT(rrc != 0 || trailer != NULL); if (trailer == NULL) { if (rrc != k5_checksumlen) diff --git a/mech_eap/util_context.c b/mech_eap/util_context.c index 78c3636..ba0dc87 100644 --- a/mech_eap/util_context.c +++ b/mech_eap/util_context.c @@ -43,7 +43,7 @@ gssEapAllocContext(OM_uint32 *minor, OM_uint32 tmpMinor; gss_ctx_id_t ctx; - assert(*pCtx == GSS_C_NO_CONTEXT); + GSSEAP_ASSERT(*pCtx == GSS_C_NO_CONTEXT); ctx = (gss_ctx_id_t)GSSEAP_CALLOC(1, sizeof(*ctx)); if (ctx == NULL) { @@ -156,7 +156,7 @@ gssEapMakeToken(OM_uint32 *minor, { unsigned char *p; - assert(ctx->mechanismUsed != GSS_C_NO_OID); + GSSEAP_ASSERT(ctx->mechanismUsed != GSS_C_NO_OID); outputToken->length = tokenSize(ctx->mechanismUsed, innerToken->length); outputToken->value = GSSEAP_MALLOC(outputToken->length); @@ -253,7 +253,7 @@ gssEapMakeOrVerifyTokenMIC(OM_uint32 *minor, tokens = verifyMIC ? ctx->inputTokens : ctx->outputTokens; - assert(tokens != NULL); + GSSEAP_ASSERT(tokens != NULL); iov = GSSEAP_CALLOC(2 + (3 * tokens->buffers.count) + 1, sizeof(*iov)); if (iov == NULL) { @@ -277,7 +277,7 @@ gssEapMakeOrVerifyTokenMIC(OM_uint32 *minor, } /* Mechanism OID */ - assert(ctx->mechanismUsed != GSS_C_NO_OID); + GSSEAP_ASSERT(ctx->mechanismUsed != GSS_C_NO_OID); iov[i].type = GSS_IOV_BUFFER_TYPE_DATA; iov[i].buffer.length = ctx->mechanismUsed->length; iov[i].buffer.value = ctx->mechanismUsed->elements; @@ -323,9 +323,9 @@ gssEapMakeOrVerifyTokenMIC(OM_uint32 *minor, } if (verifyMIC) { - assert(tokenMIC->length >= 16); + GSSEAP_ASSERT(tokenMIC->length >= 16); - assert(i < 2 + (3 * tokens->buffers.count)); + GSSEAP_ASSERT(i < 2 + (3 * tokens->buffers.count)); iov[i].type = GSS_IOV_BUFFER_TYPE_HEADER; iov[i].buffer.length = 16; diff --git a/mech_eap/util_cred.c b/mech_eap/util_cred.c index bd5bf66..fad8bad 100644 --- a/mech_eap/util_cred.c +++ b/mech_eap/util_cred.c @@ -338,7 +338,7 @@ gssEapCredAvailable(gss_cred_id_t cred, gss_OID mech) OM_uint32 minor; int present = 0; - assert(mech != GSS_C_NO_OID); + GSSEAP_ASSERT(mech != GSS_C_NO_OID); if (cred == GSS_C_NO_CREDENTIAL || cred->mechanisms == GSS_C_NO_OID_SET) return TRUE; diff --git a/mech_eap/util_crypt.c b/mech_eap/util_crypt.c index 8d7a9d3..b6e203e 100644 --- a/mech_eap/util_crypt.c +++ b/mech_eap/util_crypt.c @@ -112,10 +112,10 @@ mapIov(krb5_context context, int dce_style, size_t ec, size_t rrc, *pkiov_count = 0; header = gssEapLocateIov(iov, iov_count, GSS_IOV_BUFFER_TYPE_HEADER); - assert(header != NULL); + GSSEAP_ASSERT(header != NULL); trailer = gssEapLocateIov(iov, iov_count, GSS_IOV_BUFFER_TYPE_TRAILER); - assert(trailer == NULL || rrc == 0); + GSSEAP_ASSERT(trailer == NULL || rrc == 0); code = krbCryptoLength(context, crypto, KRB5_CRYPTO_TYPE_HEADER, &k5_headerlen); if (code != 0) @@ -325,7 +325,7 @@ gssEapIovMessageLength(gss_iov_buffer_desc *iov, int i; size_t data_length = 0, assoc_data_length = 0; - assert(iov != GSS_C_NO_IOV_BUFFER); + GSSEAP_ASSERT(iov != GSS_C_NO_IOV_BUFFER); *data_length_p = *assoc_data_length_p = 0; @@ -350,7 +350,7 @@ gssEapReleaseIov(gss_iov_buffer_desc *iov, int iov_count) int i; OM_uint32 min_stat; - assert(iov != GSS_C_NO_IOV_BUFFER); + GSSEAP_ASSERT(iov != GSS_C_NO_IOV_BUFFER); for (i = 0; i < iov_count; i++) { if (iov[i].type & GSS_IOV_BUFFER_FLAG_ALLOCATED) { @@ -366,7 +366,7 @@ gssEapIsIntegrityOnly(gss_iov_buffer_desc *iov, int iov_count) int i; krb5_boolean has_conf_data = FALSE; - assert(iov != GSS_C_NO_IOV_BUFFER); + GSSEAP_ASSERT(iov != GSS_C_NO_IOV_BUFFER); for (i = 0; i < iov_count; i++) { if (GSS_IOV_BUFFER_TYPE(iov[i].type) == GSS_IOV_BUFFER_TYPE_DATA) { @@ -381,8 +381,8 @@ gssEapIsIntegrityOnly(gss_iov_buffer_desc *iov, int iov_count) int gssEapAllocIov(gss_iov_buffer_t iov, size_t size) { - assert(iov != GSS_C_NO_IOV_BUFFER); - assert(iov->type & GSS_IOV_BUFFER_FLAG_ALLOCATE); + GSSEAP_ASSERT(iov != GSS_C_NO_IOV_BUFFER); + GSSEAP_ASSERT(iov->type & GSS_IOV_BUFFER_FLAG_ALLOCATE); iov->buffer.length = size; iov->buffer.value = GSSEAP_MALLOC(size); diff --git a/mech_eap/util_krb.c b/mech_eap/util_krb.c index d56c7a8..db6e4fb 100644 --- a/mech_eap/util_krb.c +++ b/mech_eap/util_krb.c @@ -123,7 +123,7 @@ gssEapDeriveRfc3961Key(OM_uint32 *minor, unsigned char constant[4 + sizeof("rfc4121-gss-eap") - 1], *p; ssize_t i, remain; - assert(encryptionType != ENCTYPE_NULL); + GSSEAP_ASSERT(encryptionType != ENCTYPE_NULL); memset(pKey, 0, sizeof(*pKey)); diff --git a/mech_eap/util_moonshot.c b/mech_eap/util_moonshot.c index 75db452..dc0c35e 100644 --- a/mech_eap/util_moonshot.c +++ b/mech_eap/util_moonshot.c @@ -41,7 +41,7 @@ libMoonshotMapError(OM_uint32 *minor, { MoonshotError *error = *pError; - assert(error != NULL); + GSSEAP_ASSERT(error != NULL); switch (error->code) { case MOONSHOT_ERROR_UNABLE_TO_START_SERVICE: diff --git a/mech_eap/util_name.c b/mech_eap/util_name.c index 6f038ef..187d444 100644 --- a/mech_eap/util_name.c +++ b/mech_eap/util_name.c @@ -283,7 +283,7 @@ importEapNameFlags(OM_uint32 *minor, return GSS_S_FAILURE; } - assert(krbPrinc != NULL); + GSSEAP_ASSERT(krbPrinc != NULL); major = krbPrincipalToName(minor, &krbPrinc, pName); if (GSS_ERROR(major)) @@ -515,8 +515,8 @@ gssEapImportName(OM_uint32 *minor, if (major == GSS_S_COMPLETE && mechType != GSS_C_NO_OID) { - assert(gssEapIsConcreteMechanismOid(mechType)); - assert(name->mechanismUsed == GSS_C_NO_OID); + GSSEAP_ASSERT(gssEapIsConcreteMechanismOid(mechType)); + GSSEAP_ASSERT(name->mechanismUsed == GSS_C_NO_OID); major = gssEapCanonicalizeOid(minor, mechType, 0, &name->mechanismUsed); } @@ -617,7 +617,7 @@ gssEapExportNameInternal(OM_uint32 *minor, p += attrs.length; } - assert(p == (unsigned char *)exportedName->value + exportedNameLen); + GSSEAP_ASSERT(p == (unsigned char *)exportedName->value + exportedNameLen); major = GSS_S_COMPLETE; *minor = 0; diff --git a/mech_eap/util_radius.cpp b/mech_eap/util_radius.cpp index 9769287..76fba7b 100644 --- a/mech_eap/util_radius.cpp +++ b/mech_eap/util_radius.cpp @@ -96,7 +96,7 @@ gss_eap_radius_attr_provider::initWithGssContext(const gss_eap_attr_ctx *manager return false; /* We assume libradsec validated this for us */ - assert(pairfind(m_vps, PW_MESSAGE_AUTHENTICATOR) != NULL); + GSSEAP_ASSERT(pairfind(m_vps, PW_MESSAGE_AUTHENTICATOR) != NULL); m_authenticated = true; } } @@ -151,7 +151,7 @@ isInternalAttributeP(uint16_t attrid, uint16_t vendor) bool bInternalAttribute = false; /* should have been filtered */ - assert(!isSecretAttributeP(attrid, vendor)); + GSSEAP_ASSERT(!isSecretAttributeP(attrid, vendor)); switch (vendor) { case VENDORPEC_UKERNA: @@ -671,7 +671,7 @@ avpToJson(const VALUE_PAIR *vp) { JSONObject obj; - assert(vp->length <= MAX_STRING_LEN); + GSSEAP_ASSERT(vp->length <= MAX_STRING_LEN); switch (vp->type) { case PW_TYPE_INTEGER: @@ -855,7 +855,7 @@ gssEapRadiusMapError(OM_uint32 *minor, { int code; - assert(err != NULL); + GSSEAP_ASSERT(err != NULL); code = rs_err_code(err, 0); diff --git a/mech_eap/util_reauth.c b/mech_eap/util_reauth.c index a1d7251..1d8dbb1 100644 --- a/mech_eap/util_reauth.c +++ b/mech_eap/util_reauth.c @@ -429,8 +429,8 @@ getDefaultReauthCredentials(OM_uint32 *minor, GSSEAP_KRB_INIT(&krbContext); - assert(cred != GSS_C_NO_CREDENTIAL); - assert(target != GSS_C_NO_NAME); + GSSEAP_ASSERT(cred != GSS_C_NO_CREDENTIAL); + GSSEAP_ASSERT(target != GSS_C_NO_NAME); if (cred->name == GSS_C_NO_NAME || !reauthUseCredsCache(krbContext, cred->name->krbPrincipal)) @@ -480,7 +480,7 @@ gssEapCanReauthP(gss_cred_id_t cred, time_t now, expiryReq; OM_uint32 minor; - assert(cred != GSS_C_NO_CREDENTIAL); + GSSEAP_ASSERT(cred != GSS_C_NO_CREDENTIAL); now = time(NULL); expiryReq = now; diff --git a/mech_eap/util_saml.cpp b/mech_eap/util_saml.cpp index 9a3862a..ce7582e 100644 --- a/mech_eap/util_saml.cpp +++ b/mech_eap/util_saml.cpp @@ -83,7 +83,7 @@ gss_eap_saml_assertion_provider::initWithExistingContext(const gss_eap_attr_ctx /* Then we may be creating from an existing attribute context */ const gss_eap_saml_assertion_provider *saml; - assert(m_assertion == NULL); + GSSEAP_ASSERT(m_assertion == NULL); if (!gss_eap_attr_provider::initWithExistingContext(manager, ctx)) return false; @@ -104,7 +104,7 @@ gss_eap_saml_assertion_provider::initWithGssContext(const gss_eap_attr_ctx *mana int authenticated, complete; OM_uint32 minor; - assert(m_assertion == NULL); + GSSEAP_ASSERT(m_assertion == NULL); if (!gss_eap_attr_provider::initWithGssContext(manager, gssCred, gssCtx)) return false; @@ -509,7 +509,7 @@ gss_eap_saml_attr_provider::setAttribute(int complete GSSEAP_UNUSED, attribute->getAttributeValues().push_back(attributeValue); - assert(attributeStatement != NULL); + GSSEAP_ASSERT(attributeStatement != NULL); attributeStatement->getAttributes().push_back(attribute); delete components; diff --git a/mech_eap/util_shib.cpp b/mech_eap/util_shib.cpp index 4c268ec..f8c702b 100644 --- a/mech_eap/util_shib.cpp +++ b/mech_eap/util_shib.cpp @@ -198,7 +198,7 @@ gss_eap_shib_attr_provider::getAttributeIndex(const gss_buffer_t attr) const { int i = 0; - assert(m_initialized); + GSSEAP_ASSERT(m_initialized); for (vector::const_iterator a = m_attributes.begin(); a != m_attributes.end(); @@ -226,7 +226,7 @@ gss_eap_shib_attr_provider::setAttribute(int complete GSSEAP_UNUSED, vector ids(1, attrStr); BinaryAttribute *a = new BinaryAttribute(ids); - assert(m_initialized); + GSSEAP_ASSERT(m_initialized); if (value->length != 0) { string valueStr((char *)value->value, value->length); @@ -245,7 +245,7 @@ gss_eap_shib_attr_provider::deleteAttribute(const gss_buffer_t attr) { int i; - assert(m_initialized); + GSSEAP_ASSERT(m_initialized); i = getAttributeIndex(attr); if (i >= 0) @@ -260,7 +260,7 @@ bool gss_eap_shib_attr_provider::getAttributeTypes(gss_eap_attr_enumeration_cb addAttribute, void *data) const { - assert(m_initialized); + GSSEAP_ASSERT(m_initialized); for (vector::const_iterator a = m_attributes.begin(); a != m_attributes.end(); @@ -283,7 +283,7 @@ gss_eap_shib_attr_provider::getAttribute(const gss_buffer_t attr) const { const Attribute *ret = NULL; - assert(m_initialized); + GSSEAP_ASSERT(m_initialized); for (vector::const_iterator a = m_attributes.begin(); a != m_attributes.end(); @@ -319,7 +319,7 @@ gss_eap_shib_attr_provider::getAttribute(const gss_buffer_t attr, gss_buffer_desc displayValueBuf = GSS_C_EMPTY_BUFFER; int nvalues, i = *more; - assert(m_initialized); + GSSEAP_ASSERT(m_initialized); *more = 0; @@ -374,7 +374,7 @@ gss_eap_shib_attr_provider::mapToAny(int authenticated, { gss_any_t output; - assert(m_initialized); + GSSEAP_ASSERT(m_initialized); if (authenticated && !m_authenticated) return (gss_any_t)NULL; @@ -390,7 +390,7 @@ void gss_eap_shib_attr_provider::releaseAnyNameMapping(gss_buffer_t type_id GSSEAP_UNUSED, gss_any_t input) const { - assert(m_initialized); + GSSEAP_ASSERT(m_initialized); vector *v = ((vector *)input); delete v; @@ -439,8 +439,8 @@ gss_eap_shib_attr_provider::initWithJsonObject(const gss_eap_attr_ctx *ctx, if (!gss_eap_attr_provider::initWithJsonObject(ctx, obj)) return false; - assert(m_authenticated == false); - assert(m_attributes.size() == 0); + GSSEAP_ASSERT(m_authenticated == false); + GSSEAP_ASSERT(m_attributes.size() == 0); JSONObject jattrs = obj["attributes"]; size_t nelems = jattrs.size(); diff --git a/mech_eap/util_sm.c b/mech_eap/util_sm.c index 8d36085..7010f99 100644 --- a/mech_eap/util_sm.c +++ b/mech_eap/util_sm.c @@ -40,7 +40,7 @@ #define SM_FLAG_TRANSITED 0x80000000 #define SM_ASSERT_VALID(ctx, status) do { \ - assert(GSS_ERROR((status)) || \ + GSSEAP_ASSERT(GSS_ERROR((status)) || \ ((status) == GSS_S_CONTINUE_NEEDED && ((ctx)->state > GSSEAP_STATE_INITIAL && (ctx)->state < GSSEAP_STATE_ESTABLISHED)) || \ ((status) == GSS_S_COMPLETE && (ctx)->state == GSSEAP_STATE_ESTABLISHED)); \ } while (0) @@ -83,8 +83,8 @@ gssEapStateToString(enum gss_eap_state state) void gssEapSmTransition(gss_ctx_id_t ctx, enum gss_eap_state state) { - assert(state >= GSSEAP_STATE_INITIAL); - assert(state <= GSSEAP_STATE_ESTABLISHED); + GSSEAP_ASSERT(state >= GSSEAP_STATE_INITIAL); + GSSEAP_ASSERT(state <= GSSEAP_STATE_ESTABLISHED); fprintf(stderr, "GSS-EAP: state transition %s->%s\n", gssEapStateToString(GSSEAP_SM_STATE(ctx)), @@ -104,7 +104,7 @@ makeErrorToken(OM_uint32 *minor, unsigned char errorData[8]; gss_buffer_desc errorBuffer; - assert(GSS_ERROR(majorStatus)); + GSSEAP_ASSERT(GSS_ERROR(majorStatus)); /* * Only return error codes that the initiator could have caused, @@ -169,7 +169,7 @@ gssEapSmStep(OM_uint32 *minor, int initialContextToken = 0; enum gss_eap_token_type tokType; - assert(smCount > 0); + GSSEAP_ASSERT(smCount > 0); *minor = 0; @@ -202,7 +202,7 @@ gssEapSmStep(OM_uint32 *minor, goto cleanup; } - assert(ctx->state < GSSEAP_STATE_ESTABLISHED); + GSSEAP_ASSERT(ctx->state < GSSEAP_STATE_ESTABLISHED); major = gssEapDecodeInnerTokens(minor, &unwrappedInputToken, &inputTokens); if (GSS_ERROR(major)) @@ -279,7 +279,7 @@ gssEapSmStep(OM_uint32 *minor, if (innerOutputToken.value != NULL) { outputTokens.buffers.elements[outputTokens.buffers.count] = innerOutputToken; - assert(smp->outputTokenType != ITOK_TYPE_NONE); + GSSEAP_ASSERT(smp->outputTokenType != ITOK_TYPE_NONE); outputTokens.types[outputTokens.buffers.count] = smp->outputTokenType; if (smFlags & SM_FLAG_OUTPUT_TOKEN_CRITICAL) outputTokens.types[outputTokens.buffers.count] |= ITOK_FLAG_CRITICAL; @@ -302,7 +302,7 @@ gssEapSmStep(OM_uint32 *minor, } } - assert(outputTokens.buffers.count <= smCount); + GSSEAP_ASSERT(outputTokens.buffers.count <= smCount); /* Check we understood all critical tokens sent by peer */ if (!GSS_ERROR(major)) { @@ -354,7 +354,7 @@ gssEapSmStep(OM_uint32 *minor, } /* If the context is established, empty tokens only to be emitted by initiator */ - assert(!CTX_IS_ESTABLISHED(ctx) || ((outputToken->length == 0) == CTX_IS_INITIATOR(ctx))); + GSSEAP_ASSERT(!CTX_IS_ESTABLISHED(ctx) || ((outputToken->length == 0) == CTX_IS_INITIATOR(ctx))); SM_ASSERT_VALID(ctx, major); diff --git a/mech_eap/util_token.c b/mech_eap/util_token.c index 9b05560..a1aea0c 100644 --- a/mech_eap/util_token.c +++ b/mech_eap/util_token.c @@ -91,7 +91,7 @@ gssEapEncodeInnerTokens(OM_uint32 *minor, for (i = 0; i < tokens->buffers.count; i++) { gss_buffer_t tokenBuffer = &tokens->buffers.elements[i]; - assert((tokens->types[i] & ITOK_FLAG_VERIFIED) == 0); /* private flag */ + GSSEAP_ASSERT((tokens->types[i] & ITOK_FLAG_VERIFIED) == 0); /* private flag */ /* * Extensions are encoded as type-length-value, where the upper @@ -104,8 +104,8 @@ gssEapEncodeInnerTokens(OM_uint32 *minor, p += 8 + tokenBuffer->length; } - assert(p == (unsigned char *)buffer->value + required); - assert(buffer->value != NULL); + GSSEAP_ASSERT(p == (unsigned char *)buffer->value + required); + GSSEAP_ASSERT(buffer->value != NULL); major = GSS_S_COMPLETE; *minor = 0; @@ -316,7 +316,7 @@ der_read_length(unsigned char **buf, ssize_t *bufsize) size_t tokenSize(const gss_OID_desc *mech, size_t body_size) { - assert(mech != GSS_C_NO_OID); + GSSEAP_ASSERT(mech != GSS_C_NO_OID); /* set body_size to sequence contents size */ body_size += 4 + (size_t) mech->length; /* NEED overflow check */ @@ -339,7 +339,7 @@ makeTokenHeader( *(*buf)++ = (unsigned char)mech->length; memcpy(*buf, mech->elements, mech->length); *buf += mech->length; - assert(tok_type != TOK_TYPE_NONE); + GSSEAP_ASSERT(tok_type != TOK_TYPE_NONE); *(*buf)++ = (unsigned char)((tok_type>>8) & 0xff); *(*buf)++ = (unsigned char)(tok_type & 0xff); } diff --git a/mech_eap/wrap_iov.c b/mech_eap/wrap_iov.c index a40b980..be890b6 100644 --- a/mech_eap/wrap_iov.c +++ b/mech_eap/wrap_iov.c @@ -248,7 +248,7 @@ gssEapWrapOrGetMIC(OM_uint32 *minor, if (code != 0) goto cleanup; - assert(gssTrailerLen <= 0xFFFF); + GSSEAP_ASSERT(gssTrailerLen <= 0xFFFF); if (trailer == NULL) { rrc = gssTrailerLen; diff --git a/mech_eap/wrap_iov_length.c b/mech_eap/wrap_iov_length.c index 65bb6ec..247b78d 100644 --- a/mech_eap/wrap_iov_length.c +++ b/mech_eap/wrap_iov_length.c @@ -182,7 +182,7 @@ gssEapWrapIovLength(OM_uint32 *minor, else trailer->buffer.length = gssTrailerLen; - assert(gssPadLen == 0 || padding != NULL); + GSSEAP_ASSERT(gssPadLen == 0 || padding != NULL); if (padding != NULL) padding->buffer.length = gssPadLen; -- 2.1.4