diff options
author | Greg Hudson <ghudson@mit.edu> | 2010-08-23 22:03:25 +0000 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2010-08-23 22:03:25 +0000 |
commit | 63a020538575070aeb66faf948467b877139384e (patch) | |
tree | e286e07be134692e3c19a5170b58646b119b929c /src/util | |
parent | 41103fb180d78f349a5c3fe45f96008b50a11587 (diff) | |
download | krb5-63a020538575070aeb66faf948467b877139384e.tar.gz krb5-63a020538575070aeb66faf948467b877139384e.tar.xz krb5-63a020538575070aeb66faf948467b877139384e.zip |
Fail properly when profile can't be accessed
Make profile_init() return EACCESS or EPERM if one of those errors was
encountered when failing to open any of the specified profile files.
This causes krb5_init_os_context() to fail properly when krb5.conf is
unreadable, instead of treating that situation like a nonexistent
krb5.conf.
The library will continue to soldier on if one profile file is
readable and another is not. This is deliberate as of r14116, whether
or not it's a good idea.
ticket: 6760
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24250 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/util')
-rw-r--r-- | src/util/profile/prof_init.c | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/src/util/profile/prof_init.c b/src/util/profile/prof_init.c index bd42b1380..408549dca 100644 --- a/src/util/profile/prof_init.c +++ b/src/util/profile/prof_init.c @@ -27,7 +27,7 @@ profile_init(const_profile_filespec_t *files, profile_t *ret_profile) const_profile_filespec_t *fs; profile_t profile; prf_file_t new_file, last = 0; - errcode_t retval = 0; + errcode_t retval = 0, access_retval = 0; profile = malloc(sizeof(struct _profile_t)); if (!profile) @@ -43,7 +43,12 @@ profile_init(const_profile_filespec_t *files, profile_t *ret_profile) for (fs = files; !PROFILE_LAST_FILESPEC(*fs); fs++) { retval = profile_open_file(*fs, &new_file); /* if this file is missing, skip to the next */ - if (retval == ENOENT || retval == EACCES || retval == EPERM) { + if (retval == ENOENT) { + continue; + } + /* If we can't read this file, remember it but keep going. */ + if (retval == EACCES || retval == EPERM) { + access_retval = retval; continue; } if (retval) { @@ -58,11 +63,11 @@ profile_init(const_profile_filespec_t *files, profile_t *ret_profile) } /* * If last is still null after the loop, then all the files were - * missing, so return the appropriate error. + * missing or unreadable, so return the appropriate error. */ if (!last) { profile_release(profile); - return ENOENT; + return access_retval ? access_retval : ENOENT; } } |