diff options
| author | Greg Hudson <ghudson@mit.edu> | 2013-04-01 13:25:33 -0400 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2013-04-01 13:25:33 -0400 |
| commit | f9c5d2277c23e40b2e929cef6e4654113b66da68 (patch) | |
| tree | 00d2e3882db74ca5cb11b4e9a31b5a8408eac9a2 | |
| parent | f43dfa88148724fb8a9543015c69fa1b2b24bb66 (diff) | |
| download | krb5-f9c5d2277c23e40b2e929cef6e4654113b66da68.tar.gz krb5-f9c5d2277c23e40b2e929cef6e4654113b66da68.tar.xz krb5-f9c5d2277c23e40b2e929cef6e4654113b66da68.zip | |
Add krb5_kt_dup API and use it in two places
Add an API to duplicate keytab handles, mirroring krb5_cc_dup. Use it
to simplify the krb5 GSS acquire_cred code.
ticket: 7599 (new)
| -rw-r--r-- | doc/appdev/refs/api/index.rst | 1 | ||||
| -rw-r--r-- | src/include/krb5/krb5.hin | 15 | ||||
| -rw-r--r-- | src/lib/gssapi/krb5/acquire_cred.c | 31 | ||||
| -rw-r--r-- | src/lib/krb5/keytab/ktbase.c | 10 | ||||
| -rw-r--r-- | src/lib/krb5/libkrb5.exports | 1 | ||||
| -rw-r--r-- | src/lib/krb5_32.def | 1 |
6 files changed, 34 insertions, 25 deletions
diff --git a/doc/appdev/refs/api/index.rst b/doc/appdev/refs/api/index.rst index b87859f45c..7009b30dca 100644 --- a/doc/appdev/refs/api/index.rst +++ b/doc/appdev/refs/api/index.rst @@ -69,6 +69,7 @@ Frequently used public interfaces krb5_kt_client_default.rst krb5_kt_default.rst krb5_kt_default_name.rst + krb5_kt_dup.rst krb5_kt_get_name.rst krb5_kt_get_type.rst krb5_kt_resolve.rst diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin index e0c6f12396..97810b5c8f 100644 --- a/src/include/krb5/krb5.hin +++ b/src/include/krb5/krb5.hin @@ -4188,6 +4188,21 @@ krb5_error_code KRB5_CALLCONV krb5_kt_resolve(krb5_context context, const char *name, krb5_keytab *ktid); /** + * Duplicate keytab handle. + * + * @param [in] context Library context + * @param [in] in Key table handle to be duplicated + * @param [out] out Key table handle + * + * Create a new handle referring to the same key table as @a in. The new + * handle and @a in can be closed independently. + * + * @version New in 1.12 + */ +krb5_error_code KRB5_CALLCONV +krb5_kt_dup(krb5_context context, krb5_keytab in, krb5_keytab *out); + +/** * Get the default key table name. * * @param [in] context Library context diff --git a/src/lib/gssapi/krb5/acquire_cred.c b/src/lib/gssapi/krb5/acquire_cred.c index c4c596b871..dbc5a701aa 100644 --- a/src/lib/gssapi/krb5/acquire_cred.c +++ b/src/lib/gssapi/krb5/acquire_cred.c @@ -194,15 +194,7 @@ acquire_accept_cred(krb5_context context, assert(cred->keytab == NULL); if (req_keytab != NULL) { - char ktname[BUFSIZ]; - - /* Duplicate keytab handle */ - code = krb5_kt_get_name(context, req_keytab, ktname, sizeof(ktname)); - if (code) { - *minor_status = code; - return GSS_S_CRED_UNAVAIL; - } - code = krb5_kt_resolve(context, ktname, &kt); + code = krb5_kt_dup(context, req_keytab, &kt); } else { code = k5_mutex_lock(&gssint_krb5_keytab_lock); if (code) { @@ -660,23 +652,12 @@ acquire_init_cred(krb5_context context, goto error; } - if (client_keytab != NULL) { - char ktname[BUFSIZ]; - - /* Duplicate keytab handle */ - code = krb5_kt_get_name(context, client_keytab, ktname, - sizeof(ktname)); - if (code) - goto error; - - code = krb5_kt_resolve(context, ktname, &cred->client_keytab); - if (code) - goto error; - } else { + if (client_keytab != NULL) + code = krb5_kt_dup(context, client_keytab, &cred->client_keytab); + else code = krb5_kt_client_default(context, &cred->client_keytab); - if (code) - goto error; - } + if (code) + goto error; if (password != GSS_C_NO_BUFFER) { pwdata = make_data(password->value, password->length); diff --git a/src/lib/krb5/keytab/ktbase.c b/src/lib/krb5/keytab/ktbase.c index 0f3562f339..848b047f45 100644 --- a/src/lib/krb5/keytab/ktbase.c +++ b/src/lib/krb5/keytab/ktbase.c @@ -218,6 +218,16 @@ cleanup: return err; } +krb5_error_code KRB5_CALLCONV +krb5_kt_dup(krb5_context context, krb5_keytab in, krb5_keytab *out) +{ + krb5_error_code err; + char name[BUFSIZ]; + + err = in->ops->get_name(context, in, name, sizeof(name)); + return err ? err : krb5_kt_resolve(context, name, out); +} + /* * Routines to deal with externalizingt krb5_keytab. * keytab_size(); diff --git a/src/lib/krb5/libkrb5.exports b/src/lib/krb5/libkrb5.exports index b0547d52af..03273df1ab 100644 --- a/src/lib/krb5/libkrb5.exports +++ b/src/lib/krb5/libkrb5.exports @@ -411,6 +411,7 @@ krb5_kt_close krb5_kt_default krb5_kt_default_name krb5_kt_dfl_ops +krb5_kt_dup krb5_kt_end_seq_get krb5_kt_free_entry krb5_kt_get_entry diff --git a/src/lib/krb5_32.def b/src/lib/krb5_32.def index 57604ade49..9bff8a7ebc 100644 --- a/src/lib/krb5_32.def +++ b/src/lib/krb5_32.def @@ -446,3 +446,4 @@ EXPORTS ; new in 1.12 krb5_free_enctypes @419 + krb5_kt_dup @420 |