From 6625843761468d79b0121a97d16fb2ca1db7542e Mon Sep 17 00:00:00 2001 From: Greg Hudson Date: Mon, 10 Feb 2014 15:26:34 -0500 Subject: Correctly get default realm in kdb5.c Call krb5_get_default_realm instead of directly accessing context->default_realm, to remove the requirement that krb5_get_default_realm or krb5_set_default_realm be used before krb5_db_open. --- src/lib/kdb/kdb5.c | 23 +++++++++++++---------- src/tests/kdbtest.c | 5 ----- 2 files changed, 13 insertions(+), 15 deletions(-) diff --git a/src/lib/kdb/kdb5.c b/src/lib/kdb/kdb5.c index ca2040d3bc..0af6a75f2f 100644 --- a/src/lib/kdb/kdb5.c +++ b/src/lib/kdb/kdb5.c @@ -212,12 +212,12 @@ static krb5_error_code get_conf_section(krb5_context context, char **section) { krb5_error_code status; - char *result = NULL; - char *value = NULL; + char *result = NULL, *value = NULL, *defrealm; *section = NULL; - if (context->default_realm == NULL) { + status = krb5_get_default_realm(context, &defrealm); + if (status) { krb5_set_error_message(context, KRB5_KDB_SERVER_INTERNAL_ERR, _("No default realm set; cannot initialize " "KDB")); @@ -226,12 +226,13 @@ get_conf_section(krb5_context context, char **section) status = profile_get_string(context->profile, /* realms */ KDB_REALM_SECTION, - context->default_realm, + defrealm, /* under the realm name, database_module */ KDB_MODULE_POINTER, /* default value is the realm name itself */ - context->default_realm, + defrealm, &value); + krb5_free_default_realm(context, defrealm); if (status) return status; result = strdup(value); @@ -246,18 +247,19 @@ static char * kdb_get_library_name(krb5_context kcontext) { krb5_error_code status = 0; - char *result = NULL; - char *value = NULL; - char *lib = NULL; + char *result = NULL, *value = NULL, *lib = NULL, *defrealm = NULL; + status = krb5_get_default_realm(kcontext, &defrealm); + if (status) + goto clean_n_exit; status = profile_get_string(kcontext->profile, /* realms */ KDB_REALM_SECTION, - kcontext->default_realm, + defrealm, /* under the realm name, database_module */ KDB_MODULE_POINTER, /* default value is the realm name itself */ - kcontext->default_realm, + defrealm, &value); if (status) goto clean_n_exit; @@ -276,6 +278,7 @@ kdb_get_library_name(krb5_context kcontext) result = strdup(lib); clean_n_exit: + krb5_free_default_realm(kcontext, defrealm); profile_release_string(value); profile_release_string(lib); return result; diff --git a/src/tests/kdbtest.c b/src/tests/kdbtest.c index 93de07be87..64f28bbca1 100644 --- a/src/tests/kdbtest.c +++ b/src/tests/kdbtest.c @@ -276,14 +276,10 @@ main() osa_policy_ent_t pol; krb5_pa_data **e_data; const char *status; - char *defrealm; int count; CHECK(krb5_init_context_profile(NULL, KRB5_INIT_CONTEXT_KDC, &ctx)); - /* Currently necessary for krb5_db_open to work. */ - CHECK(krb5_get_default_realm(ctx, &defrealm)); - /* If we can, revert to requiring all entries match sample_princ in * iter_princ_handler */ CHECK_COND(krb5_db_inited(ctx) != 0); @@ -401,7 +397,6 @@ main() /* It might be nice to exercise krb5_db_destroy here, but the LDAP module * doesn't support it. */ - krb5_free_default_realm(ctx, defrealm); krb5_free_context(ctx); return 0; } -- cgit