clang-format: copy latest and re-format
clang-format-16 has some backwards incompatible changes that require
additional settings for best compatibility and re-running the formatter.
Copy the latest .clang-format from the docs repository and reformat the
repository.
Change-Id: I67a8e53501042adf9b23a7f48e201d079aff5d69
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
diff --git a/.clang-format b/.clang-format
index 5ac7bba..ebdee49 100644
--- a/.clang-format
+++ b/.clang-format
@@ -1,22 +1,10 @@
----
BasedOnStyle: LLVM
-Language: Cpp
IndentWidth: 8
UseTab: Always
-ColumnLimit: 80
BreakBeforeBraces: Linux
-AlwaysBreakBeforeMultilineStrings: true
+AllowShortBlocksOnASingleLine: Empty
+AllowShortCaseLabelsOnASingleLine: false
+AllowShortFunctionsOnASingleLine: Empty
AllowShortIfStatementsOnASingleLine: false
AllowShortLoopsOnASingleLine: false
-AllowShortFunctionsOnASingleLine: false
IndentCaseLabels: false
-AlignEscapedNewlinesLeft: false
-AlignTrailingComments: true
-AllowAllParametersOfDeclarationOnNextLine: false
-AlignAfterOpenBracket: true
-SpaceAfterCStyleCast: false
-MaxEmptyLinesToKeep: 2
-BreakBeforeBinaryOperators: NonAssignment
-BreakStringLiterals: false
-SortIncludes: false
-ContinuationIndentWidth: 8
diff --git a/src/pam_ipmicheck/pam_ipmicheck.c b/src/pam_ipmicheck/pam_ipmicheck.c
index 100168c..afd8704 100644
--- a/src/pam_ipmicheck/pam_ipmicheck.c
+++ b/src/pam_ipmicheck/pam_ipmicheck.c
@@ -14,11 +14,11 @@
// limitations under the License.
*/
-#include <syslog.h>
+#include <stdarg.h>
#include <stdio.h>
#include <stdlib.h>
-#include <stdarg.h>
#include <string.h>
+#include <syslog.h>
#include <security/pam_ext.h>
#include <security/pam_modules.h>
@@ -27,7 +27,6 @@
#define MAX_SPEC_GRP_PASS_LENGTH 20
#define MAX_SPEC_GRP_USER_LENGTH 16
-
/*
* This module is intended to verify special group user password matches the
* restrictions needed.
@@ -38,7 +37,6 @@
* the passwords of the special group users.
*/
-
static const char *get_option(const pam_handle_t *pamh, const char *option,
int argc, const char **argv)
{
@@ -64,7 +62,7 @@
const char *user = NULL;
const char *pass_new = NULL, *pass_old = NULL;
const char *spec_grp_name =
- get_option(pamh, "spec_grp_name", argc, argv);
+ get_option(pamh, "spec_grp_name", argc, argv);
pam_syslog(pamh, LOG_DEBUG, "Special group name is %s", spec_grp_name);
@@ -109,16 +107,16 @@
// verify the new password is acceptable.
size_t pass_len = strlen(pass_new);
size_t user_len = strlen(user);
- if (pass_len > MAX_SPEC_GRP_PASS_LENGTH
- || user_len > MAX_SPEC_GRP_USER_LENGTH) {
- pam_syslog(
- pamh, LOG_ERR,
- "Password length (%zu) / User name length (%zu) is not acceptable for IPMI",
- pass_len, user_len);
- pam_error(
- pamh,
- "Username %zu / Password %zu exceeds IPMI 16/20 limit",
- user_len, pass_len);
+ if (pass_len > MAX_SPEC_GRP_PASS_LENGTH ||
+ user_len > MAX_SPEC_GRP_USER_LENGTH) {
+ pam_syslog(pamh, LOG_ERR,
+ "Password length (%zu) / User name length "
+ "(%zu) is not acceptable for IPMI",
+ pass_len, user_len);
+ pam_error(pamh,
+ "Username %zu / Password %zu exceeds IPMI "
+ "16/20 limit",
+ user_len, pass_len);
pass_new = pass_old = NULL;
return PAM_AUTHTOK_ERR;
}
diff --git a/src/pam_ipmisave/pam_ipmisave.c b/src/pam_ipmisave/pam_ipmisave.c
index c105ba6..eec1f72 100644
--- a/src/pam_ipmisave/pam_ipmisave.c
+++ b/src/pam_ipmisave/pam_ipmisave.c
@@ -14,17 +14,17 @@
// limitations under the License.
*/
-#include <syslog.h>
+#include <fcntl.h>
+#include <stdarg.h>
#include <stdio.h>
#include <stdlib.h>
-#include <stdarg.h>
#include <string.h>
-#include <unistd.h>
#include <sys/stat.h>
-#include <fcntl.h>
+#include <syslog.h>
+#include <unistd.h>
-#include <security/pam_modules.h>
#include <security/pam_ext.h>
+#include <security/pam_modules.h>
#include <security/pam_modutil.h>
#include <openssl/evp.h>
@@ -150,10 +150,10 @@
int retval = 0;
size_t outlen = 0;
- if (cipher == NULL || key == NULL || iv == NULL || inbytes == NULL
- || outbytes == NULL || mac == NULL || inbyteslen == 0
- || EVP_CIPHER_key_length(cipher) > keylen
- || EVP_CIPHER_iv_length(cipher) > ivlen) {
+ if (cipher == NULL || key == NULL || iv == NULL || inbytes == NULL ||
+ outbytes == NULL || mac == NULL || inbyteslen == 0 ||
+ EVP_CIPHER_key_length(cipher) > keylen ||
+ EVP_CIPHER_iv_length(cipher) > ivlen) {
pam_syslog(pamh, LOG_DEBUG, "Invalid inputs");
return -1;
}
@@ -163,16 +163,15 @@
char calmac[EVP_MAX_MD_SIZE];
size_t calmaclen = 0;
// calculate MAC for the encrypted message.
- if (NULL
- == HMAC(digest, key, keylen, inbytes, inbyteslen, calmac,
- &calmaclen)) {
+ if (NULL == HMAC(digest, key, keylen, inbytes, inbyteslen,
+ calmac, &calmaclen)) {
pam_syslog(pamh, LOG_DEBUG,
"Failed to verify authentication %d",
retval);
return -1;
}
- if (!((calmaclen == *maclen)
- && (memcmp(calmac, mac, calmaclen) == 0))) {
+ if (!((calmaclen == *maclen) &&
+ (memcmp(calmac, mac, calmaclen) == 0))) {
pam_syslog(pamh, LOG_DEBUG,
"Authenticated message doesn't match %d, %d",
calmaclen, *maclen);
@@ -194,8 +193,8 @@
if ((retval = EVP_CipherUpdate(ctx, outbytes + outlen, &outEVPlen,
inbytes, inbyteslen))) {
outlen += outEVPlen;
- if ((retval = EVP_CipherFinal(ctx, outbytes + outlen,
- &outEVPlen))) {
+ if ((retval =
+ EVP_CipherFinal(ctx, outbytes + outlen, &outEVPlen))) {
outlen += outEVPlen;
*outbyteslen = outlen;
} else {
@@ -214,9 +213,8 @@
if (isencrypt) {
// Create MAC for the encrypted message.
- if (NULL
- == HMAC(digest, key, keylen, outbytes, *outbyteslen, mac,
- maclen)) {
+ if (NULL == HMAC(digest, key, keylen, outbytes, *outbyteslen,
+ mac, maclen)) {
pam_syslog(pamh, LOG_DEBUG,
"Failed to create authentication %d",
retval);
@@ -226,7 +224,6 @@
return 0;
}
-
/**
* @brief get temporary file handle
* Function to get the temporary file handle, created using mkstemp
@@ -253,7 +250,6 @@
return tempfile;
}
-
/**
* @brief updates special password file
* Function to update the special password file. Stores the password against
@@ -307,8 +303,8 @@
// verify the tempfilename buffer is enough to hold
// filename_XXXXXX (+1 for null).
- if (strlen(filename)
- > (sizeof(tempfilename) - strlen("__XXXXXX") - 1)) {
+ if (strlen(filename) >
+ (sizeof(tempfilename) - strlen("__XXXXXX") - 1)) {
pam_syslog(pamh, LOG_DEBUG, "Not enough buffer, bailing out");
return PAM_AUTHTOK_ERR;
}
@@ -350,8 +346,8 @@
}
// Override the file permission with S_IWUSR | S_IRUSR
st.st_mode = S_IWUSR | S_IRUSR;
- if ((fchown(fileno(pwfile), st.st_uid, st.st_gid) == -1)
- || (fchmod(fileno(pwfile), st.st_mode) == -1)) {
+ if ((fchown(fileno(pwfile), st.st_uid, st.st_gid) == -1) ||
+ (fchmod(fileno(pwfile), st.st_mode) == -1)) {
if (opwfile != NULL) {
fclose(opwfile);
}
@@ -384,8 +380,8 @@
// User & password pairs are mapped as <user
// name>:<password>\n. Add +3 for special chars ':',
// '\n' and '\0'.
- pwptextlen = opwmp->datasize + forwholen + towhatlen + 3
- + EVP_CIPHER_block_size(cipher);
+ pwptextlen = opwmp->datasize + forwholen + towhatlen +
+ 3 + EVP_CIPHER_block_size(cipher);
pwptext = malloc(pwptextlen);
if (pwptext == NULL) {
free(opwptext);
@@ -405,22 +401,18 @@
if (opwmp->datasize != 0) {
// Do the decryption
if (encrypt_decrypt_data(
- pamh, 0, cipher, key, keylen,
- opwfilebuff + sizeof(*opwmp)
- + opwmp->hashsize,
- opwmp->ivsize,
- opwfilebuff + sizeof(*opwmp)
- + opwmp->hashsize
- + opwmp->ivsize,
+ pamh, 0, cipher, key, keylen,
+ opwfilebuff + sizeof(*opwmp) +
+ opwmp->hashsize,
+ opwmp->ivsize,
+ opwfilebuff + sizeof(*opwmp) +
+ opwmp->hashsize + opwmp->ivsize,
+ opwmp->datasize + opwmp->padsize,
+ opwptext, &opwptextlen,
+ opwfilebuff + sizeof(*opwmp) +
+ opwmp->hashsize + opwmp->ivsize +
opwmp->datasize + opwmp->padsize,
- opwptext, &opwptextlen,
- opwfilebuff + sizeof(*opwmp)
- + opwmp->hashsize
- + opwmp->ivsize
- + opwmp->datasize
- + opwmp->padsize,
- &opwmp->macsize)
- != 0) {
+ &opwmp->macsize) != 0) {
pam_syslog(pamh, LOG_DEBUG,
"Decryption failed");
free(pwptext);
@@ -441,18 +433,18 @@
// to the new buffer, and update the password if user
// already exists.
while (linebuff != NULL) {
- if ((!strncmp(linebuff, forwho, forwholen))
- && (linebuff[forwholen] == ':')) {
- writtensize += snprintf(
- pwptext + writtensize,
- pwptextlen - writtensize,
- "%s:%s\n", forwho, towhat);
+ if ((!strncmp(linebuff, forwho, forwholen)) &&
+ (linebuff[forwholen] == ':')) {
+ writtensize +=
+ snprintf(pwptext + writtensize,
+ pwptextlen - writtensize,
+ "%s:%s\n", forwho, towhat);
wroteentry = 1;
} else {
- writtensize += snprintf(
- pwptext + writtensize,
- pwptextlen - writtensize,
- "%s\n", linebuff);
+ writtensize +=
+ snprintf(pwptext + writtensize,
+ pwptextlen - writtensize,
+ "%s\n", linebuff);
}
linebuff = strtok(NULL, "\n");
}
@@ -462,8 +454,8 @@
free(opwfilebuff);
free(opwptext);
} else {
- pwptextlen = forwholen + towhatlen + 3
- + EVP_CIPHER_block_size(cipher);
+ pwptextlen =
+ forwholen + towhatlen + 3 + EVP_CIPHER_block_size(cipher);
pwptext = malloc(pwptextlen);
if (pwptext == NULL) {
if (opwfile != NULL) {
@@ -481,9 +473,9 @@
if (!wroteentry) {
// Write the new user:password pair at the end.
- writtensize += snprintf(pwptext + writtensize,
- pwptextlen - writtensize, "%s:%s\n",
- forwho, towhat);
+ writtensize +=
+ snprintf(pwptext + writtensize, pwptextlen - writtensize,
+ "%s:%s\n", forwho, towhat);
}
pwptextlen = writtensize;
@@ -521,10 +513,9 @@
}
// Do the encryption
- if (encrypt_decrypt_data(pamh, 1, cipher, key, keylen, iv,
- EVP_CIPHER_iv_length(cipher), pwptext,
- pwptextlen, pwctext, &pwctextlen, mac, &maclen)
- != 0) {
+ if (encrypt_decrypt_data(
+ pamh, 1, cipher, key, keylen, iv, EVP_CIPHER_iv_length(cipher),
+ pwptext, pwptextlen, pwctext, &pwctextlen, mac, &maclen) != 0) {
pam_syslog(pamh, LOG_DEBUG, "Encryption failed");
free(pwctext);
free(pwptext);
@@ -568,9 +559,9 @@
if (fflush(pwfile) || fsync(fileno(pwfile))) {
pam_syslog(
- pamh, LOG_DEBUG,
- "fflush or fsync error writing entries to special file: %s",
- tempfilename);
+ pamh, LOG_DEBUG,
+ "fflush or fsync error writing entries to special file: %s",
+ tempfilename);
err = 1;
}
@@ -604,7 +595,6 @@
}
}
-
/* Password Management API's */
/**
@@ -624,12 +614,11 @@
const char *user = NULL;
const char *pass_new = NULL, *pass_old = NULL;
const char *spec_grp_name =
- get_option(pamh, "spec_grp_name", argc, argv);
+ get_option(pamh, "spec_grp_name", argc, argv);
const char *spec_pass_file =
- get_option(pamh, "spec_pass_file", argc, argv);
+ get_option(pamh, "spec_pass_file", argc, argv);
const char *key_file = get_option(pamh, "key_file", argc, argv);
-
if (spec_grp_name == NULL || key_file == NULL) {
return PAM_IGNORE;
}
@@ -674,21 +663,21 @@
// verify the new password is acceptable.
size_t pass_len = strlen(pass_new);
size_t user_len = strlen(user);
- if (pass_len > MAX_SPEC_GRP_PASS_LENGTH
- || user_len > MAX_SPEC_GRP_USER_LENGTH) {
- pam_syslog(
- pamh, LOG_ERR,
- "Password length (%zu) / User name length (%zu) is not acceptable for IPMI",
- pass_len, user_len);
+ if (pass_len > MAX_SPEC_GRP_PASS_LENGTH ||
+ user_len > MAX_SPEC_GRP_USER_LENGTH) {
+ pam_syslog(pamh, LOG_ERR,
+ "Password length (%zu) / User name length "
+ "(%zu) is not acceptable for IPMI",
+ pass_len, user_len);
pass_new = pass_old = NULL;
return PAM_AUTHTOK_ERR;
}
if (spec_pass_file == NULL) {
spec_pass_file = DEFAULT_SPEC_PASS_FILE;
pam_syslog(
- pamh, LOG_ERR,
- "Using default special password file name :%s",
- spec_pass_file);
+ pamh, LOG_ERR,
+ "Using default special password file name :%s",
+ spec_pass_file);
}
if (retval = lock_pwdf()) {
pam_syslog(pamh, LOG_ERR,
@@ -696,7 +685,7 @@
return retval;
}
retval = update_pass_special_file(
- pamh, key_file, spec_pass_file, user, pass_new);
+ pamh, key_file, spec_pass_file, user, pass_new);
unlock_pwdf();
return retval;
}