diff options
Diffstat (limited to 'src/lib/kdb/keytab.c')
-rw-r--r-- | src/lib/kdb/keytab.c | 27 |
1 files changed, 10 insertions, 17 deletions
diff --git a/src/lib/kdb/keytab.c b/src/lib/kdb/keytab.c index ae02e918f..4d56915b9 100644 --- a/src/lib/kdb/keytab.c +++ b/src/lib/kdb/keytab.c @@ -128,9 +128,7 @@ krb5_ktkdb_get_entry(in_context, id, principal, kvno, enctype, entry) krb5_keyblock * master_key; krb5_error_code kerror = 0; krb5_key_data * key_data; - krb5_db_entry db_entry; - krb5_boolean more = 0; - int n = 0; + krb5_db_entry * db_entry; int xrealm_tgt; krb5_boolean similar; @@ -146,19 +144,14 @@ krb5_ktkdb_get_entry(in_context, id, principal, kvno, enctype, entry) return(kerror); /* get_principal */ - kerror = krb5_db_get_principal(context, principal, & - db_entry, &n, &more); - if (kerror) { - /* krb5_db_close_database(context); */ + kerror = krb5_db_get_principal(context, principal, 0, &db_entry); + if (kerror == KRB5_KDB_NOENTRY) + return(KRB5_KT_NOTFOUND); + if (kerror) return(kerror); - } - if (n != 1) { - /* krb5_db_close_database(context); */ - return KRB5_KT_NOTFOUND; - } - if (db_entry.attributes & KRB5_KDB_DISALLOW_SVR - || db_entry.attributes & KRB5_KDB_DISALLOW_ALL_TIX) { + if (db_entry->attributes & KRB5_KDB_DISALLOW_SVR + || db_entry->attributes & KRB5_KDB_DISALLOW_ALL_TIX) { kerror = KRB5_KT_NOTFOUND; goto error; } @@ -168,7 +161,7 @@ krb5_ktkdb_get_entry(in_context, id, principal, kvno, enctype, entry) if (kerror) goto error; - kerror = krb5_dbe_find_mkey(context, master_keylist, &db_entry, &master_key); + kerror = krb5_dbe_find_mkey(context, master_keylist, db_entry, &master_key); if (kerror) goto error; @@ -176,7 +169,7 @@ krb5_ktkdb_get_entry(in_context, id, principal, kvno, enctype, entry) * for other principals, we only match the first enctype that is * found. Since the TGS and AS code do the same thing, then we * will only successfully decrypt tickets we have issued.*/ - kerror = krb5_dbe_find_enctype(context, &db_entry, + kerror = krb5_dbe_find_enctype(context, db_entry, xrealm_tgt?enctype:-1, -1, kvno, &key_data); if (kerror == KRB5_KDB_NO_MATCHING_KEY) @@ -213,7 +206,7 @@ krb5_ktkdb_get_entry(in_context, id, principal, kvno, enctype, entry) /* Close database */ error: - krb5_db_free_principal(context, &db_entry, 1); + krb5_db_free_principal(context, db_entry); /* krb5_db_close_database(context); */ return(kerror); } |