From c85a38c595c6f45609f9984c3254a33996ed587d Mon Sep 17 00:00:00 2001
From: Sean Timothy Noonan <stnoonan@obsolescence.net>
Date: Mon, 20 Jul 2015 08:21:32 -0400
Subject: [PATCH] Indentation and compile fixups after last merged pull
 requests

Closes #52
---
 ngx_http_auth_spnego_module.c | 159 +++++++++++++++++-----------------
 1 file changed, 79 insertions(+), 80 deletions(-)

diff --git a/ngx_http_auth_spnego_module.c b/ngx_http_auth_spnego_module.c
index 19882e1..6d9740b 100644
--- a/ngx_http_auth_spnego_module.c
+++ b/ngx_http_auth_spnego_module.c
@@ -65,11 +65,11 @@ static ngx_int_t ngx_http_auth_spnego_init(ngx_conf_t *);
 ngx_int_t
 ngx_http_auth_spnego_set_bogus_authorization(ngx_http_request_t * r);
 
-const char *
+    const char *
 get_gss_error(
-    ngx_pool_t * p,
-    OM_uint32 error_status,
-    char *prefix)
+        ngx_pool_t * p,
+        OM_uint32 error_status,
+        char *prefix)
 {
     OM_uint32 maj_stat, min_stat;
     OM_uint32 msg_ctx = 0;
@@ -118,9 +118,9 @@ typedef struct {
 
 #define SPNEGO_NGX_CONF_FLAGS NGX_HTTP_MAIN_CONF\
     | NGX_HTTP_SRV_CONF\
-    | NGX_HTTP_LOC_CONF\
-    | NGX_HTTP_LMT_CONF\
-    | NGX_CONF_FLAG
+| NGX_HTTP_LOC_CONF\
+| NGX_HTTP_LMT_CONF\
+| NGX_CONF_FLAG
 
 /* Module Directives */
 static ngx_command_t ngx_http_auth_spnego_commands[] = {
@@ -214,9 +214,9 @@ ngx_module_t ngx_http_auth_spnego_module = {
     /* uintptr_t spare_hook{0-7}; */
 };
 
-static void *
+    static void *
 ngx_http_auth_spnego_create_loc_conf(
-    ngx_conf_t * cf)
+        ngx_conf_t * cf)
 {
     ngx_http_auth_spnego_loc_conf_t *conf;
 
@@ -234,11 +234,11 @@ ngx_http_auth_spnego_create_loc_conf(
     return conf;
 }
 
-static char *
+    static char *
 ngx_http_auth_spnego_merge_loc_conf(
-    ngx_conf_t * cf,
-    void *parent,
-    void *child)
+        ngx_conf_t * cf,
+        void *parent,
+        void *child)
 {
     ngx_http_auth_spnego_loc_conf_t *prev = parent;
     ngx_http_auth_spnego_loc_conf_t *conf = child;
@@ -274,7 +274,7 @@ ngx_http_auth_spnego_merge_loc_conf(
         ngx_str_t *auth_princs = conf->auth_princs->elts;
         for (; ii < conf->auth_princs->nelts; ++ii) {
             ngx_conf_log_error(NGX_LOG_DEBUG, cf, 0,
-                "auth_spnego: auth_princs = %.*s", auth_princs[ii].len, auth_princs[ii].data);
+                    "auth_spnego: auth_princs = %.*s", auth_princs[ii].len, auth_princs[ii].data);
         }
     }
 #endif
@@ -282,9 +282,9 @@ ngx_http_auth_spnego_merge_loc_conf(
     return NGX_CONF_OK;
 }
 
-static ngx_int_t
+    static ngx_int_t
 ngx_http_auth_spnego_init(
-    ngx_conf_t * cf)
+        ngx_conf_t * cf)
 {
     ngx_http_handler_pt *h;
     ngx_http_core_main_conf_t *cmcf;
@@ -301,12 +301,12 @@ ngx_http_auth_spnego_init(
     return NGX_OK;
 }
 
-static ngx_int_t
+    static ngx_int_t
 ngx_http_auth_spnego_headers(
-    ngx_http_request_t *r,
-    ngx_http_auth_spnego_ctx_t *ctx,
-    ngx_str_t *token,
-    ngx_http_auth_spnego_loc_conf_t *alcf)
+        ngx_http_request_t *r,
+        ngx_http_auth_spnego_ctx_t *ctx,
+        ngx_str_t *token,
+        ngx_http_auth_spnego_loc_conf_t *alcf)
 {
     ngx_str_t value = ngx_null_string;
     /* only use token if authorized as there appears to be a bug in
@@ -362,11 +362,11 @@ ngx_http_auth_spnego_headers(
     return NGX_OK;
 }
 
-static bool
+    static bool
 ngx_spnego_authorized_principal(
-    ngx_http_request_t * r,
-    ngx_str_t *princ,
-    ngx_http_auth_spnego_loc_conf_t *alcf)
+        ngx_http_request_t * r,
+        ngx_str_t *princ,
+        ngx_http_auth_spnego_loc_conf_t *alcf)
 {
     if (NGX_CONF_UNSET_PTR == alcf->auth_princs) {
         return true;
@@ -386,10 +386,10 @@ ngx_spnego_authorized_principal(
     return false;
 }
 
-ngx_int_t
+    ngx_int_t
 ngx_http_auth_spnego_token(
-    ngx_http_request_t *r,
-    ngx_http_auth_spnego_ctx_t *ctx)
+        ngx_http_request_t *r,
+        ngx_http_auth_spnego_ctx_t *ctx)
 {
     ngx_str_t token;
     ngx_str_t decoded;
@@ -408,7 +408,7 @@ ngx_http_auth_spnego_token(
     if (token.len < nego_sz ||
             ngx_strncasecmp(token.data, (u_char *) "Negotiate ", nego_sz) != 0) {
         if (ngx_strncasecmp(
-                token.data, (u_char *) "NTLM", sizeof("NTLM")) == 0) {
+                    token.data, (u_char *) "NTLM", sizeof("NTLM")) == 0) {
             spnego_log_error("Detected unsupported mechanism: NTLM");
         }
         return NGX_DECLINED;
@@ -443,17 +443,17 @@ ngx_http_auth_spnego_token(
     return NGX_OK;
 }
 
-ngx_int_t
+    ngx_int_t
 ngx_http_auth_spnego_basic(
-    ngx_http_request_t * r,
-    ngx_http_auth_spnego_ctx_t * ctx,
-    ngx_http_auth_spnego_loc_conf_t * alcf)
+        ngx_http_request_t * r,
+        ngx_http_auth_spnego_ctx_t * ctx,
+        ngx_http_auth_spnego_loc_conf_t * alcf)
 {
     ngx_str_t host_name;
     ngx_str_t service;
-    ngx_str_t user, new_user;
-    int len;
-
+    ngx_str_t user;
+    user.data = NULL;
+    ngx_str_t new_user;
     ngx_int_t ret = NGX_DECLINED;
 
     krb5_context kcontext = NULL;
@@ -523,7 +523,7 @@ ngx_http_auth_spnego_basic(
                 spnego_error(NGX_ERROR);
             }
             ngx_snprintf(user.data, user.len, "%V@%V%Z", &r->headers_in.user,
-                &alcf->realm);
+                    &alcf->realm);
         } else {
             user.data = ngx_palloc(r->pool, user.len);
             if (NULL == user.data) {
@@ -534,14 +534,14 @@ ngx_http_auth_spnego_basic(
         }
     } else {
         if (alcf->realm.len && alcf->realm.data && ngx_strncmp(p + 1,
-	    alcf->realm.data, alcf->realm.len) == 0) {
+                    alcf->realm.data, alcf->realm.len) == 0) {
             user.data = ngx_palloc(r->pool, user.len);
             if (NULL == user.data) {
                 spnego_log_error("Not enough memory");
                 spnego_error(NGX_ERROR);
             }
             ngx_snprintf(user.data, user.len, "%V%Z",
-                &r->headers_in.user);
+                    &r->headers_in.user);
             if (alcf->fqun == 0) {
                 /*
                  * Specified realm is identical to configured realm.
@@ -549,22 +549,22 @@ ngx_http_auth_spnego_basic(
                  */
                 r->headers_in.user.len -= alcf->realm.len + 1;
             }
-	} else if (alcf->force_realm) {
+        } else if (alcf->force_realm) {
             *p = '\0';
             user.len = ngx_strlen(r->headers_in.user.data) + 1;
-	    if (alcf->realm.len && alcf->realm.data)
-		user.len += alcf->realm.len + 1;
+            if (alcf->realm.len && alcf->realm.data)
+                user.len += alcf->realm.len + 1;
             user.data = ngx_pcalloc(r->pool, user.len);
             if (NULL == user.data) {
                 spnego_log_error("Not enough memory");
                 spnego_error(NGX_ERROR);
             }
-	    if (alcf->realm.len && alcf->realm.data)
-		ngx_snprintf(user.data, user.len, "%s@%V%Z",
-                    r->headers_in.user.data, &alcf->realm);
-	    else
-		ngx_snprintf(user.data, user.len, "%s%Z",
-                    r->headers_in.user.data);
+            if (alcf->realm.len && alcf->realm.data)
+                ngx_snprintf(user.data, user.len, "%s@%V%Z",
+                        r->headers_in.user.data, &alcf->realm);
+            else
+                ngx_snprintf(user.data, user.len, "%s%Z",
+                        r->headers_in.user.data);
             /*
              * Rewrite $remote_user with the forced realm.
              * If the forced realm is shorter than the
@@ -585,7 +585,7 @@ ngx_http_auth_spnego_basic(
                 r->headers_in.user.len = new_user.len;
             }
             ngx_memcpy(r->headers_in.user.data, user.data,
-		r->headers_in.user.len);
+                    r->headers_in.user.len);
         } else {
             user.data = ngx_palloc(r->pool, user.len);
             if (NULL == user.data) {
@@ -597,7 +597,7 @@ ngx_http_auth_spnego_basic(
     }
 
     spnego_debug1("Attempting authentication with principal %s",
-	(const char *)user.data);
+            (const char *)user.data);
 
     code = krb5_parse_name(kcontext, (const char *) user.data, &client);
     if (code) {
@@ -618,8 +618,7 @@ ngx_http_auth_spnego_basic(
 
     krb5_get_init_creds_opt_alloc(kcontext, &gic_options);
 
-    code =
-        krb5_get_init_creds_password(kcontext, &creds, client,
+    code = krb5_get_init_creds_password(kcontext, &creds, client,
                 (char *) r->headers_in.passwd.data,
                 NULL, NULL, 0, NULL, gic_options);
 
@@ -641,21 +640,21 @@ ngx_http_auth_spnego_basic(
          */
         const char *realm = krb5_princ_realm(kcontext, client)->data;
 #else
-	const char *realm = krb5_principal_get_realm(kcontext, client);
+        const char *realm = krb5_principal_get_realm(kcontext, client);
 #endif
-	if (realm) {
-	    new_user.len = r->headers_in.user.len + 1 + ngx_strlen(realm);
-	    new_user.data = ngx_palloc(r->pool, new_user.len);
-	    if (NULL == new_user.data) {
-		spnego_log_error("Not enough memory");
-		spnego_error(NGX_ERROR);
-	    }
-	    ngx_snprintf(new_user.data, new_user.len, "%V@%s",
-		&r->headers_in.user, realm);
-	    ngx_pfree(r->pool, r->headers_in.user.data);
-	    r->headers_in.user.data = new_user.data;
-	    r->headers_in.user.len = new_user.len;
-	}
+        if (realm) {
+            new_user.len = r->headers_in.user.len + 1 + ngx_strlen(realm);
+            new_user.data = ngx_palloc(r->pool, new_user.len);
+            if (NULL == new_user.data) {
+                spnego_log_error("Not enough memory");
+                spnego_error(NGX_ERROR);
+            }
+            ngx_snprintf(new_user.data, new_user.len, "%V@%s",
+                    &r->headers_in.user, realm);
+            ngx_pfree(r->pool, r->headers_in.user.data);
+            r->headers_in.user.data = new_user.data;
+            r->headers_in.user.len = new_user.len;
+        }
     }
 
     spnego_debug1("Setting $remote_user to %V", &r->headers_in.user);
@@ -692,9 +691,9 @@ ngx_http_auth_spnego_basic(
  * non-Negotiate authorization header. This may possibly clobber Negotiate
  * token too soon.
  */
-ngx_int_t
+    ngx_int_t
 ngx_http_auth_spnego_set_bogus_authorization(
-    ngx_http_request_t *r)
+        ngx_http_request_t *r)
 {
     const char *bogus_passwd = "bogus_auth_gss_passwd";
     ngx_str_t plain, encoded, final;
@@ -738,10 +737,10 @@ ngx_http_auth_spnego_set_bogus_authorization(
     return NGX_OK;
 }
 
-static bool
+    static bool
 use_keytab(
-    ngx_http_request_t * r,
-    ngx_str_t *keytab)
+        ngx_http_request_t * r,
+        ngx_str_t *keytab)
 {
     size_t kt_env_sz = sizeof("KRB5_KTNAME=") + keytab->len;
     char *kt_env = (char *) ngx_pcalloc(r->pool, kt_env_sz + 1);
@@ -773,11 +772,11 @@ use_keytab(
     return true;
 }
 
-ngx_int_t
+    ngx_int_t
 ngx_http_auth_spnego_auth_user_gss(
-    ngx_http_request_t * r,
-    ngx_http_auth_spnego_ctx_t * ctx,
-    ngx_http_auth_spnego_loc_conf_t * alcf)
+        ngx_http_request_t * r,
+        ngx_http_auth_spnego_ctx_t * ctx,
+        ngx_http_auth_spnego_loc_conf_t * alcf)
 {
     ngx_int_t ret = NGX_DECLINED;
     u_char *pu;
@@ -854,7 +853,7 @@ ngx_http_auth_spnego_auth_user_gss(
             NULL, &output_token, NULL, NULL, NULL);
     if (GSS_ERROR(major_status)) {
         spnego_debug1("%s", get_gss_error(
-            r->pool, minor_status, "gss_accept_sec_context() failed"));
+                    r->pool, minor_status, "gss_accept_sec_context() failed"));
         spnego_error(NGX_DECLINED);
     }
 
@@ -883,7 +882,7 @@ ngx_http_auth_spnego_auth_user_gss(
     gss_release_name(&minor_status, &client_name);
     if (GSS_ERROR(major_status)) {
         spnego_log_error("%s", get_gss_error(r->pool, minor_status,
-            "gss_display_name() failed"));
+                    "gss_display_name() failed"));
         spnego_error(NGX_ERROR);
     }
 
@@ -903,7 +902,7 @@ ngx_http_auth_spnego_auth_user_gss(
         r->headers_in.user.len = user.len;
         if (alcf->fqun == 0) {
             pu = ngx_strlchr(r->headers_in.user.data,
-                r->headers_in.user.data + r->headers_in.user.len, '@');
+                    r->headers_in.user.data + r->headers_in.user.len, '@');
             if (pu != NULL && ngx_strncmp(pu + 1, alcf->realm.data, alcf->realm.len) == 0) {
                 *pu = '\0';
                 r->headers_in.user.len = ngx_strlen(r->headers_in.user.data);
@@ -942,9 +941,9 @@ ngx_http_auth_spnego_auth_user_gss(
     return ret;
 }
 
-static ngx_int_t
+    static ngx_int_t
 ngx_http_auth_spnego_handler(
-    ngx_http_request_t * r)
+        ngx_http_request_t * r)
 {
     ngx_int_t ret = NGX_DECLINED;
     ngx_http_auth_spnego_ctx_t *ctx;