diff options
| author | Greg Hudson <ghudson@mit.edu> | 2013-01-11 12:06:37 -0500 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2013-01-11 12:27:43 -0500 |
| commit | e73890eaf0f6f287132de882df8462e45ffe4987 (patch) | |
| tree | c45050167d093e6c520dae188c4efa4d4aa4ae5e /src/lib/krb5 | |
| parent | 6338d039cbd0b138642e3b123ac58dc802d1d907 (diff) | |
| download | krb5-e73890eaf0f6f287132de882df8462e45ffe4987.tar.gz krb5-e73890eaf0f6f287132de882df8462e45ffe4987.tar.xz krb5-e73890eaf0f6f287132de882df8462e45ffe4987.zip | |
Clean up k5_locate_server error handling
profile_get_values() cannot return success with an empty list of
values, so don't bother counting them. Return 0 from
locate_srv_conf_1 if no profile values exist and from
dns_locate_server if we decide not to make a SRV query. Adjust
k5_locate_server to match the new helper behavior, and return
KRB5_REALM_UNKNOWN if neither profile nor DNS come up with any answers
(not KRB5_REALM_CANT_RESOLVE, which doesn't make sense now that we're
deferring KDC hostname resolution).
Diffstat (limited to 'src/lib/krb5')
| -rw-r--r-- | src/lib/krb5/os/locate_kdc.c | 35 |
1 files changed, 10 insertions, 25 deletions
diff --git a/src/lib/krb5/os/locate_kdc.c b/src/lib/krb5/os/locate_kdc.c index 89ef549a09..ed8cc641e7 100644 --- a/src/lib/krb5/os/locate_kdc.c +++ b/src/lib/krb5/os/locate_kdc.c @@ -192,7 +192,7 @@ locate_srv_conf_1(krb5_context context, const krb5_data *realm, const char *realm_srv_names[4]; char **hostlist, *host, *port, *cp; krb5_error_code code; - int i, count; + int i; Tprintf ("looking in krb5.conf for realm %s entry %s; ports %d,%d\n", realm->data, name, ntohs (udpport), ntohs (sec_udpport)); @@ -216,21 +216,10 @@ locate_srv_conf_1(krb5_context context, const krb5_data *realm, Tprintf ("config file lookup failed: %s\n", error_message(code)); if (code == PROF_NO_SECTION || code == PROF_NO_RELATION) - code = KRB5_REALM_UNKNOWN; + code = 0; return code; } - count = 0; - while (hostlist && hostlist[count]) - count++; - Tprintf ("found %d entries under 'kdc'\n", count); - - if (count == 0) { - profile_free_list(hostlist); - serverlist->nservers = 0; - return 0; - } - for (i=0; hostlist[i]; i++) { int p1, p2; @@ -527,7 +516,7 @@ dns_locate_server(krb5_context context, const krb5_data *realm, krb5_error_code code; if (!use_dns) - return KRB5_PLUGIN_NO_HANDLE; + return 0; switch (svc) { case locate_service_kdc: @@ -546,7 +535,7 @@ dns_locate_server(krb5_context context, const krb5_data *realm, dnsname = "_kpasswd"; break; default: - return KRB5_PLUGIN_NO_HANDLE; + return 0; } code = 0; @@ -596,12 +585,8 @@ k5_locate_server(krb5_context context, const krb5_data *realm, code = prof_locate_server(context, realm, &al, svc, socktype); #ifdef KRB5_DNS_LOOKUP - if (code) { /* Try DNS for all profile errors? */ - krb5_error_code code2; - code2 = dns_locate_server(context, realm, &al, svc, socktype); - if (code2 != KRB5_PLUGIN_NO_HANDLE) - code = code2; - } + if (code == 0 && al.nservers == 0) + code = dns_locate_server(context, realm, &al, svc, socktype); #endif /* KRB5_DNS_LOOKUP */ /* We could put more heuristics here, like looking up a hostname @@ -619,10 +604,10 @@ k5_locate_server(krb5_context context, const krb5_data *realm, } if (al.nservers == 0) { /* No good servers */ k5_free_serverlist(&al); - krb5_set_error_message(context, KRB5_REALM_CANT_RESOLVE, - _("Cannot resolve servers for KDC in realm " - "\"%.*s\""), realm->length, realm->data); - return KRB5_REALM_CANT_RESOLVE; + krb5_set_error_message(context, KRB5_REALM_UNKNOWN, + _("Cannot find KDC for realm \"%.*s\""), + realm->length, realm->data); + return KRB5_REALM_UNKNOWN; } *serverlist = al; return 0; |