server.c

clang -cc1 -cc1 -triple x86_64-redhat-linux-gnu -analyze -disable-free -clear-ast-before-backend -disable-llvm-verifier -discard-value-names -main-file-name server.c -analyzer-store=region -analyzer-opt-analyze-nested-blocks -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model static -mframe-pointer=none -fmath-errno -ffp-contract=on -fno-rounding-math -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb -fcoverage-compilation-dir=/builds/gsasl/shishi/examples -resource-dir /usr/lib64/clang/14.0.0 -D HAVE_CONFIG_H -I . -I .. -I ../lib/gl -I ../lib/gl -I ../lib -I ../lib -internal-isystem /usr/lib64/clang/14.0.0/include -internal-isystem /usr/local/include -internal-isystem /usr/bin/../lib/gcc/x86_64-redhat-linux/12/../../../../x86_64-redhat-linux/include -internal-externc-isystem /include -internal-externc-isystem /usr/include -O2 -fdebug-compilation-dir=/builds/gsasl/shishi/examples -ferror-limit 19 -fgnuc-version=4.2.1 -vectorize-loops -vectorize-slp -analyzer-output=html -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /builds/gsasl/shishi/clang-analyzer/2022-08-08-065803-50050-1 -x c server.c

File:	examples/server.c
Warning:	line 164, column 3 Value stored to 'rc' is never read

Bug Summary

Annotated Source Code

1	/* server.c --- Sample server with authentication using Shishi.
2	* Copyright (C) 2003-2022 Simon Josefsson
3	*
4	* This file is part of Shishi.
5	*
6	* Shishi is free software; you can redistribute it and/or modify it
7	* under the terms of the GNU General Public License as published by
8	* the Free Software Foundation; either version 3 of the License, or
9	* (at your option) any later version.
10	*
11	* Shishi is distributed in the hope that it will be useful, but
12	* WITHOUT ANY WARRANTY; without even the implied warranty of
13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14	* General Public License for more details.
15	*
16	* You should have received a copy of the GNU General Public License
17	* along with Shishi; if not, see http://www.gnu.org/licenses or write
18	* to the Free Software Foundation, Inc., 51 Franklin Street, Fifth
19	* Floor, Boston, MA 02110-1301, USA
20	*
21	*/
22
23	#ifdef HAVE_CONFIG_H1
24	# include <config.h>
25	#endif
26
27	#include <stdio.h>
28	#include <stdlib.h>
29
30	#include <shishi.h>
31
32	#define SERVICE"sample" "sample"
33
34	/* XXX remove this */
35	const char *program_name = "client";
36
37	static int
38	doit (Shishi * h, Shishi_ap * ap, int verbose)
39	{
40	Shishi_asn1 asn1safe;
41	Shishi_safe *safe;
42	char *userdata;
43	size_t userdatalen;
44	int res;
45
46	printf ("Application exchange start. Press ^D to finish.\n");
47
48	while ((res = shishi_safe_parse (h, stdinstdin, &asn1safe)) == SHISHI_OK)
49	{
50	if (res != SHISHI_OK)
51	{
52	fprintf (stderrstderr, "Could not read SAFE:\n%s\n%s\n",
53	shishi_strerror (res), shishi_error (h));
54	return 1;
55	}
56
57	res = shishi_safe (h, &safe);
58	if (res != SHISHI_OK)
59	{
60	fprintf (stderrstderr, "Could not create SAFE:\n%s\n%s\n",
61	shishi_strerror (res), shishi_error (h));
62	return 1;
63	}
64
65	shishi_safe_safe_set (safe, asn1safe);
66
67	res = shishi_safe_verify (safe, shishi_ap_key (ap));
68	if (res != SHISHI_OK)
69	{
70	fprintf (stderrstderr, "Could not verify SAFE:\n%s\n%s\n",
71	shishi_strerror (res), shishi_error (h));
72	return 1;
73	}
74
75	printf ("Verified SAFE successfully...\n");
76
77	res = shishi_safe_user_data (h, asn1safe, &userdata, &userdatalen);
78	if (res != SHISHI_OK)
79	{
80	fprintf (stderrstderr, "Could not extract user data:\n%s\n%s\n",
81	shishi_strerror (res), shishi_error (h));
82	return 1;
83	}
84	userdata[userdatalen] = '\0';
85	printf ("user data: `%s'\n", userdata);
86
87	}
88
89	if (ferror (stdinstdin))
90	{
91	printf ("error reading stdin\n");
92	return 1;
93	}
94
95	return 0;
96	}
97
98	static Shishi_ap *
99	auth (Shishi * h, int verbose, const char cname, const char sname)
100	{
101	Shishi_key *key;
102	Shishi_ap *ap;
103	Shishi_asn1 apreq;
104	char *buf;
105	size_t buflen;
106	int rc;
107
108	printf ("Client: %s\n", cname);
109	printf ("Server: %s\n", sname);
110
111	/* Get key for the server. */
112
113	key = shishi_hostkeys_for_server (h, sname);
114	if (!key)
115	{
116	printf ("could not find key: %s\n", shishi_error (h));
117	return NULL((void*)0);
118	}
119
120	if (verbose)
121	shishi_key_print (h, stderrstderr, key);
122
123	/* Read Authentication request from client */
124
125	printf ("Waiting for client to authenticate itself...\n");
126
127	rc = shishi_apreq_parse (h, stdinstdin, &apreq);
128	if (rc != SHISHI_OK)
129	{
130	printf ("could not read AP-REQ: %s\n", shishi_strerror (rc));
131	return NULL((void*)0);
132	}
133
134	/* Create Authentication context */
135
136	rc = shishi_ap (h, &ap);
137	if (rc != SHISHI_OK)
138	{
139	printf ("Could not create AP: %s\n", shishi_strerror (rc));
140	return NULL((void*)0);
141	}
142
143	/* Store request in context */
144
145	shishi_ap_req_set (ap, apreq);
146
147	/* Process authentication request */
148
149	rc = shishi_ap_req_process (ap, key);
150	if (rc != SHISHI_OK)
151	{
152	printf ("Could not process AP-REQ: %s\n", shishi_strerror (rc));
153	return NULL((void*)0);
154	}
155
156	if (verbose)
157	shishi_authenticator_print (h, stderrstderr, shishi_ap_authenticator (ap));
158
159	rc = shishi_authenticator_client (h, shishi_ap_authenticator (ap),
160	&buf, &buflen);
161	printf ("Client name (from authenticator): %.*s\n", (int) buflen, buf);
162	free (buf);
163
164	rc = shishi_encticketpart_clientrealm
	Value stored to 'rc' is never read
165	(h, shishi_tkt_encticketpart (shishi_ap_tkt (ap)), &buf, &buflen);
166	printf ("Client name (from encticketpart): %.*s\n", (int) buflen, buf);
167	free (buf);
168
169	rc = shishi_ticket_server (h, shishi_tkt_ticket (shishi_ap_tkt (ap)),
170	&buf, &buflen);
171	printf ("Server name (from ticket): %.*s\n", (int) buflen, buf);
172	free (buf);
173
174	/* User is authenticated. */
175
176	printf ("User authenticated.\n");
177
178	/* Authenticate ourself to client, if request */
179
180	if (shishi_apreq_mutual_required_p (h, apreq))
181	{
182	Shishi_asn1 aprep;
183
184	printf ("Mutual authentication required.\n");
185
186	rc = shishi_ap_rep_asn1 (ap, &aprep);
187	if (rc != SHISHI_OK)
188	{
189	printf ("Error creating AP-REP: %s\n", shishi_strerror (rc));
190	return NULL((void*)0);
191	}
192
193	if (verbose)
194	shishi_encapreppart_print (h, stderrstderr, shishi_ap_encapreppart (ap));
195
196	shishi_aprep_print (h, stdoutstdout, aprep);
197
198	/* We are authenticated to client */
199	}
200
201	return ap;
202	}
203
204	int
205	main (int argc, char *argv[])
206	{
207	Shishi *h;
208	Shishi_ap *ap;
209	char *sname;
210	int rc;
211
212	printf ("sample-server (shishi " SHISHI_VERSION"1.0.3.7-c46a" ")\n");
213
214	if (!shishi_check_version (SHISHI_VERSION"1.0.3.7-c46a"))
215	{
216	printf ("shishi_check_version() failed:\n"
217	"Header file incompatible with shared library.\n");
218	return 1;
219	}
220
221	rc = shishi_init_server (&h);
222	if (rc != SHISHI_OK)
223	{
224	printf ("error initializing shishi: %s\n", shishi_strerror (rc));
225	return 1;
226	}
227
228	if (argc > 1)
229	sname = argv[1];
230	else
231	sname = shishi_server_for_local_service (h, SERVICE"sample");
232
233	ap = auth (h, 1, shishi_principal_default (h), sname);
234
235	if (ap)
236	rc = doit (h, ap, 1);
237	else
238	rc = 1;
239
240	shishi_done (h);
241
242	return rc;
243	}