/* Get the system default realm using hostrealm modules. */ static krb5_error_code get_default_realm(krb5_context context, char **realm_out) { krb5_error_code ret; struct hostrealm_module_handle **hp; char **realms; *realm_out = NULL; if (context->hostrealm_handles == NULL) { ret = load_hostrealm_modules(context); if (ret) return ret; } /* Give each module a chance to determine the default realm. */ for (hp = context->hostrealm_handles; *hp != NULL; hp++) { ret = default_realm(context, *hp, &realms); if (ret == 0) { if (*realms == NULL) { ret = KRB5_CONFIG_NODEFREALM; } else { *realm_out = strdup(realms[0]); if (*realm_out == NULL) ret = ENOMEM; } free_list(context, *hp, realms); return ret; } else if (ret != KRB5_PLUGIN_NO_HANDLE) { return ret; } } return KRB5_CONFIG_NODEFREALM; }
/* * Load a boolean option from Kerberos appdefaults. Takes the Kerberos * context, the option, and the result location. */ void sync_config_boolean(krb5_context ctx, const char *opt, bool *result) { realm_type realm; int tmp; /* * The MIT version of krb5_appdefault_boolean takes an int * and the * Heimdal version takes a krb5_boolean *, so hope that Heimdal always * defines krb5_boolean to int or this will require more portability work. */ realm = default_realm(ctx); krb5_appdefault_boolean(ctx, "krb5-sync", realm, opt, *result, &tmp); *result = tmp; free_default_realm(ctx, realm); }
/* * Load a string option from Kerberos appdefaults. Takes the Kerberos * context, the option, and the result location. * * This requires an annoying workaround because one cannot specify a default * value of NULL with MIT Kerberos, since MIT Kerberos unconditionally calls * strdup on the default value. There's also no way to determine if memory * allocation failed while parsing or while setting the default value, so we * don't return an error code. */ void sync_config_string(krb5_context ctx, const char *opt, char **result) { realm_type realm; char *value = NULL; /* Obtain the string from [appdefaults]. */ realm = default_realm(ctx); krb5_appdefault_string(ctx, "krb5-sync", realm, opt, "", &value); free_default_realm(ctx, realm); /* If we got something back, store it in result. */ if (value != NULL) { if (value[0] != '\0') { free(*result); *result = strdup(value); } krb5_free_string(ctx, value); } }
/* * Load a list option from Kerberos appdefaults. Takes the Kerberos context, * the option, and the result location. The option is read as a string and * the split on spaces and tabs into a list. * * This requires an annoying workaround because one cannot specify a default * value of NULL with MIT Kerberos, since MIT Kerberos unconditionally calls * strdup on the default value. There's also no way to determine if memory * allocation failed while parsing or while setting the default value. */ krb5_error_code sync_config_list(krb5_context ctx, const char *opt, struct vector **result) { realm_type realm; char *value = NULL; /* Obtain the string from [appdefaults]. */ realm = default_realm(ctx); krb5_appdefault_string(ctx, "krb5-sync", realm, opt, "", &value); free_default_realm(ctx, realm); /* If we got something back, store it in result. */ if (value != NULL) { if (value[0] != '\0') { *result = sync_vector_split_multi(value, " \t", *result); if (*result == NULL) return sync_error_system(ctx, "cannot allocate memory"); } krb5_free_string(ctx, value); } return 0; }