diff options
| -rw-r--r-- | src/lib/gssapi/krb5/ChangeLog | 6 | ||||
| -rw-r--r-- | src/lib/gssapi/krb5/acquire_cred.c | 44 |
2 files changed, 14 insertions, 36 deletions
diff --git a/src/lib/gssapi/krb5/ChangeLog b/src/lib/gssapi/krb5/ChangeLog index fb51f0dba6..e1c1d98491 100644 --- a/src/lib/gssapi/krb5/ChangeLog +++ b/src/lib/gssapi/krb5/ChangeLog @@ -1,3 +1,9 @@ +Wed Dec 4 13:06:13 1996 Barry Jaspan <bjaspan@mit.edu> + + * acquire_cred.c (acquire_accept_cred): use krb5_kt_get_entry + instead of scanning through keytab to find matching principal + [krb5-libs/210] + Sat Oct 19 00:38:22 1996 Theodore Y. Ts'o <tytso@mit.edu> * ser_sctx.c (kg_oid_externalize, kg_oid_internalize, diff --git a/src/lib/gssapi/krb5/acquire_cred.c b/src/lib/gssapi/krb5/acquire_cred.c index 06acb88771..a99177758f 100644 --- a/src/lib/gssapi/krb5/acquire_cred.c +++ b/src/lib/gssapi/krb5/acquire_cred.c @@ -77,43 +77,15 @@ acquire_accept_cred(context, minor_status, desired_name, output_princ, cred) princ = (krb5_principal) desired_name; } - /* iterate over the keytab searching for the principal */ - - if (code = krb5_kt_start_seq_get(context, kt, &cur)) { - (void) krb5_kt_close(context, kt); - *minor_status = code; - return(GSS_S_FAILURE); - } - - while (!(code = krb5_kt_next_entry(context, kt, &entry, &cur))) { - if (krb5_principal_compare(context, entry.principal, princ)) { - code = 0; - krb5_kt_free_entry(context, &entry); - break; - } - krb5_kt_free_entry(context, &entry); - } - - if (code == KRB5_KT_END) { - /* this means that the principal wasn't in the keytab */ - (void)krb5_kt_end_seq_get(context, kt, &cur); - (void) krb5_kt_close(context, kt); - *minor_status = KG_KEYTAB_NOMATCH; - return(GSS_S_CRED_UNAVAIL); - } else if (code) { - /* this means some error occurred reading the keytab */ - (void)krb5_kt_end_seq_get(context, kt, &cur); - (void) krb5_kt_close(context, kt); - *minor_status = code; - return(GSS_S_FAILURE); - } else { - /* this means that we found a matching entry */ - if (code = krb5_kt_end_seq_get(context, kt, &cur)) { - (void) krb5_kt_close(context, kt); - *minor_status = code; - return(GSS_S_FAILURE); - } + if (code = krb5_kt_get_entry(context, kt, princ, 0, 0, &entry)) { + (void) krb5_kt_close(context, kt); + if (code == KRB5_KT_NOTFOUND) + *minor_status = KG_KEYTAB_NOMATCH; + else + *minor_status = code; + return(GSS_S_CRED_UNAVAIL); } + krb5_kt_free_entry(context, &entry); /* hooray. we made it */ |