static krb5_error_code krb5_kt_get_entry_wrapped(krb5_context context, krb5_keytab id, krb5_const_principal principal, krb5_kvno kvno, krb5_enctype enctype, krb5_keytab_entry *entry) { krb5_keytab_entry tmp; krb5_error_code ret; krb5_kt_cursor cursor; if(id->get) return (*id->get)(context, id, principal, kvno, enctype, entry); ret = krb5_kt_start_seq_get (context, id, &cursor); if (ret) { /* This is needed for krb5_verify_init_creds, but keep error * string from previous error for the human. */ context->error_code = KRB5_KT_NOTFOUND; return KRB5_KT_NOTFOUND; } entry->vno = 0; while (krb5_kt_next_entry(context, id, &tmp, &cursor) == 0) { if (krb5_kt_compare(context, &tmp, principal, 0, enctype)) { /* the file keytab might only store the lower 8 bits of the kvno, so only compare those bits */ if (kvno == tmp.vno || (tmp.vno < 256 && kvno % 256 == tmp.vno)) { krb5_kt_copy_entry_contents (context, &tmp, entry); krb5_kt_free_entry (context, &tmp); krb5_kt_end_seq_get(context, id, &cursor); return 0; } else if (kvno == 0 && tmp.vno > entry->vno) { if (entry->vno) krb5_kt_free_entry (context, entry); krb5_kt_copy_entry_contents (context, &tmp, entry); } } krb5_kt_free_entry(context, &tmp); } krb5_kt_end_seq_get (context, id, &cursor); if (entry->vno == 0) return _krb5_kt_principal_not_found(context, KRB5_KT_NOTFOUND, id, principal, enctype, kvno); return 0; }
mit_krb5_error_code KRB5_CALLCONV krb5_kt_get_entry(mit_krb5_context context, mit_krb5_keytab id, mit_krb5_const_principal principal, mit_krb5_kvno kvno, mit_krb5_enctype enctype, mit_krb5_keytab_entry *entry) { mit_krb5_keytab_entry tmp; mit_krb5_error_code ret; mit_krb5_kt_cursor cursor; LOG_ENTRY(); memset(entry, 0, sizeof(*entry)); ret = krb5_kt_start_seq_get (context, id, &cursor); if (ret) return KRB5_KT_NOTFOUND; entry->vno = 0; while (krb5_kt_next_entry(context, id, &tmp, &cursor) == 0) { if (krb5_kt_compare(context, &tmp, principal, 0, enctype)) { /* the file keytab might only store the lower 8 bits of the kvno, so only compare those bits */ if (kvno == tmp.vno || (tmp.vno < 256 && kvno % 256 == tmp.vno)) { krb5_kt_copy_entry_contents (context, &tmp, entry); krb5_kt_free_entry (context, &tmp); krb5_kt_end_seq_get(context, id, &cursor); return 0; } else if (kvno == 0 && tmp.vno > entry->vno) { if (entry->vno) krb5_kt_free_entry (context, entry); krb5_kt_copy_entry_contents (context, &tmp, entry); } } krb5_kt_free_entry(context, &tmp); } krb5_kt_end_seq_get (context, id, &cursor); if (entry->vno == 0) return KRB5_KT_NOTFOUND; return 0; }
static krb5_error_code mkt_next_entry(krb5_context context, krb5_keytab id, krb5_keytab_entry *entry, krb5_kt_cursor *c) { struct mkt_data *d = id->data; if(c->fd >= d->num_entries) return KRB5_KT_END; return krb5_kt_copy_entry_contents(context, &d->entries[c->fd++], entry); }
static krb5_error_code mkt_add_entry(krb5_context context, krb5_keytab id, krb5_keytab_entry *entry) { struct mkt_data *d = id->data; krb5_keytab_entry *tmp; tmp = realloc(d->entries, (d->num_entries + 1) * sizeof(*d->entries)); if(tmp == NULL) { krb5_set_error_string (context, "malloc: out of memory"); return ENOMEM; } d->entries = tmp; return krb5_kt_copy_entry_contents(context, entry, &d->entries[d->num_entries++]); }
krb5_error_code KRB5_LIB_FUNCTION krb5_kt_get_entry(krb5_context context, krb5_keytab id, krb5_const_principal principal, krb5_kvno kvno, krb5_enctype enctype, krb5_keytab_entry *entry) { krb5_keytab_entry tmp; krb5_error_code ret; krb5_kt_cursor cursor; if(id->get) return (*id->get)(context, id, principal, kvno, enctype, entry); ret = krb5_kt_start_seq_get (context, id, &cursor); if (ret) { /* This is needed for krb5_verify_init_creds, but keep error * string from previous error for the human. */ context->error_code = KRB5_KT_NOTFOUND; return KRB5_KT_NOTFOUND; } entry->vno = 0; while (krb5_kt_next_entry(context, id, &tmp, &cursor) == 0) { if (krb5_kt_compare(context, &tmp, principal, 0, enctype)) { /* the file keytab might only store the lower 8 bits of the kvno, so only compare those bits */ if (kvno == tmp.vno || (tmp.vno < 256 && kvno % 256 == tmp.vno)) { krb5_kt_copy_entry_contents (context, &tmp, entry); krb5_kt_free_entry (context, &tmp); krb5_kt_end_seq_get(context, id, &cursor); return 0; } else if (kvno == 0 && tmp.vno > entry->vno) { if (entry->vno) krb5_kt_free_entry (context, entry); krb5_kt_copy_entry_contents (context, &tmp, entry); } } krb5_kt_free_entry(context, &tmp); } krb5_kt_end_seq_get (context, id, &cursor); if (entry->vno) { return 0; } else { char princ[256], kvno_str[25], *kt_name; char *enctype_str = NULL; krb5_unparse_name_fixed (context, principal, princ, sizeof(princ)); krb5_kt_get_full_name (context, id, &kt_name); krb5_enctype_to_string(context, enctype, &enctype_str); if (kvno) snprintf(kvno_str, sizeof(kvno_str), "(kvno %d)", kvno); else kvno_str[0] = '\0'; krb5_set_error_message (context, KRB5_KT_NOTFOUND, N_("Failed to find %s%s in keytab %s (%s)", "principal, kvno, keytab file, enctype"), princ, kvno_str, kt_name ? kt_name : "unknown keytab", enctype_str ? enctype_str : "unknown enctype"); free(kt_name); free(enctype_str); return KRB5_KT_NOTFOUND; } }
krb5_error_code KRB5_LIB_FUNCTION krb5_kt_get_entry(krb5_context context, krb5_keytab id, krb5_const_principal principal, krb5_kvno kvno, krb5_enctype enctype, krb5_keytab_entry *entry) { krb5_keytab_entry tmp; krb5_error_code ret; krb5_kt_cursor cursor; if(id->get) return (*id->get)(context, id, principal, kvno, enctype, entry); ret = krb5_kt_start_seq_get (context, id, &cursor); if (ret) { krb5_clear_error_string(context); return KRB5_KT_NOTFOUND; /* XXX i.e. file not found */ } entry->vno = 0; while (krb5_kt_next_entry(context, id, &tmp, &cursor) == 0) { if (krb5_kt_compare(context, &tmp, principal, 0, enctype)) { /* the file keytab might only store the lower 8 bits of the kvno, so only compare those bits */ if (kvno == tmp.vno || (tmp.vno < 256 && kvno % 256 == tmp.vno)) { krb5_kt_copy_entry_contents (context, &tmp, entry); krb5_kt_free_entry (context, &tmp); krb5_kt_end_seq_get(context, id, &cursor); return 0; } else if (kvno == 0 && tmp.vno > entry->vno) { if (entry->vno) krb5_kt_free_entry (context, entry); krb5_kt_copy_entry_contents (context, &tmp, entry); } } krb5_kt_free_entry(context, &tmp); } krb5_kt_end_seq_get (context, id, &cursor); if (entry->vno) { return 0; } else { char princ[256], kt_name[256], kvno_str[25]; char *enctype_str = NULL; krb5_unparse_name_fixed (context, principal, princ, sizeof(princ)); krb5_kt_get_name (context, id, kt_name, sizeof(kt_name)); krb5_enctype_to_string(context, enctype, &enctype_str); if (kvno) snprintf(kvno_str, sizeof(kvno_str), "(kvno %d)", kvno); else kvno_str[0] = '\0'; krb5_set_error_string (context, "failed to find %s%s in keytab %s (%s)", princ, kvno_str, kt_name, enctype_str ? enctype_str : "unknown enctype"); free(enctype_str); return KRB5_KT_NOTFOUND; } }