static krb5_error_code validate_keytab(krb5_context context, const char *name, krb5_keytab *id) { krb5_error_code ret; ret = krb5_kt_resolve(context, name, id); if (ret) return ret; ret = krb5_kt_have_content(context, *id); if (ret) { krb5_kt_close(context, *id); *id = NULL; } return ret; }
krb5_error_code sss_krb5_kt_have_content(krb5_context context, krb5_keytab keytab) { #ifdef HAVE_KRB5_KT_HAVE_CONTENT return krb5_kt_have_content(context, keytab); #else krb5_keytab_entry entry; krb5_kt_cursor cursor; krb5_error_code kerr; krb5_error_code kerr_end; kerr = krb5_kt_start_seq_get(context, keytab, &cursor); if (kerr != 0) { DEBUG(SSSDBG_OP_FAILURE, "krb5_kt_start_seq_get failed, assuming no entries.\n"); return KRB5_KT_NOTFOUND; } kerr = krb5_kt_next_entry(context, keytab, &entry, &cursor); kerr_end = krb5_kt_end_seq_get(context, keytab, &cursor); if (kerr != 0) { DEBUG(SSSDBG_OP_FAILURE, "krb5_kt_next_entry failed, assuming no entries.\n"); return KRB5_KT_NOTFOUND; } kerr = krb5_free_keytab_entry_contents(context, &entry); if (kerr_end != 0) { DEBUG(SSSDBG_TRACE_FUNC, "krb5_kt_end_seq_get failed, ignored.\n"); } if (kerr != 0) { DEBUG(SSSDBG_TRACE_FUNC, "krb5_free_keytab_entry_contents failed, ignored.\n"); } return 0; #endif }
int server_setup(krb5_context *context, int argc, char **argv) { int port = common_setup(context, &argc, argv, server_usage); krb5_error_code ret; if(argv[argc] != NULL) server_usage(1, args, num_args); if (keytab_str != NULL) { ret = krb5_kt_resolve (*context, keytab_str, &keytab); if (ret) krb5_err (*context, 1, ret, "krb5_kt_resolve"); } else { ret = krb5_kt_default (*context, &keytab); if (ret) krb5_err (*context, 1, ret, "krb5_kt_default"); } ret = krb5_kt_have_content(*context, keytab); if (ret) krb5_err (*context, 1, ret, "krb5_kt_have_content"); return port; }
static void test_empty_keytab(krb5_context context, const char *keytab) { krb5_error_code ret; krb5_keytab id; krb5_keytab_entry entry; ret = krb5_kt_resolve(context, keytab, &id); if (ret) krb5_err(context, 1, ret, "krb5_kt_resolve"); memset(&entry, 0, sizeof(entry)); krb5_kt_remove_entry(context, id, &entry); ret = krb5_kt_have_content(context, id); if (ret == 0) krb5_errx(context, 1, "supposed to be empty keytab isn't"); ret = krb5_kt_close(context, id); if (ret) krb5_err(context, 1, ret, "krb5_kt_close"); }