diff options
Diffstat (limited to 'src/lib')
-rw-r--r-- | src/lib/krb5/keytab/ktfns.c | 23 | ||||
-rw-r--r-- | src/lib/krb5/keytab/t_keytab.c | 6 | ||||
-rw-r--r-- | src/lib/krb5/libkrb5.exports | 1 | ||||
-rw-r--r-- | src/lib/krb5_32.def | 1 |
4 files changed, 31 insertions, 0 deletions
diff --git a/src/lib/krb5/keytab/ktfns.c b/src/lib/krb5/keytab/ktfns.c index ecf0acfc5..e0c411efe 100644 --- a/src/lib/krb5/keytab/ktfns.c +++ b/src/lib/krb5/keytab/ktfns.c @@ -98,6 +98,29 @@ krb5_kt_end_seq_get(krb5_context context, krb5_keytab keytab, return krb5_x((keytab)->ops->end_get,(context, keytab, cursor)); } +krb5_error_code KRB5_CALLCONV +krb5_kt_have_content(krb5_context context, krb5_keytab keytab) +{ + krb5_keytab_entry entry; + krb5_kt_cursor cursor; + krb5_error_code ret; + + /* If the keytab is not iterable, assume that it has content. */ + if (keytab->ops->start_seq_get == NULL) + return 0; + + /* See if we can get at least one entry via iteration. */ + ret = krb5_kt_start_seq_get(context, keytab, &cursor); + if (ret) + return KRB5_KT_NOTFOUND; + ret = krb5_kt_next_entry(context, keytab, &entry, &cursor); + krb5_kt_end_seq_get(context, keytab, &cursor); + if (ret) + return KRB5_KT_NOTFOUND; + krb5_kt_free_entry(context, &entry); + return 0; +} + /* * In a couple of places we need to get a principal name from a keytab: when * verifying credentials against a keytab, and when querying the name of a diff --git a/src/lib/krb5/keytab/t_keytab.c b/src/lib/krb5/keytab/t_keytab.c index 6b64d52f4..80a94eafe 100644 --- a/src/lib/krb5/keytab/t_keytab.c +++ b/src/lib/krb5/keytab/t_keytab.c @@ -132,6 +132,9 @@ kt_test(krb5_context context, const char *name) CHECK_ERR(kret, KRB5_KT_NOTFOUND, "Getting non-existent entry"); } + kret = krb5_kt_have_content(context, kt); + CHECK_ERR(kret, KRB5_KT_NOTFOUND, "Checking for keytab content (empty)"); + /* =================== Add entries to keytab ================= */ /* @@ -169,6 +172,9 @@ kt_test(krb5_context context, const char *name) /* ============== Test iterating over contents of keytab ========= */ + kret = krb5_kt_have_content(context, kt); + CHECK(kret, "Checking for keytab content (full)"); + kret = krb5_kt_start_seq_get(context, kt, &cursor); CHECK(kret, "Start sequence get"); diff --git a/src/lib/krb5/libkrb5.exports b/src/lib/krb5/libkrb5.exports index 337e781d2..d294e1eed 100644 --- a/src/lib/krb5/libkrb5.exports +++ b/src/lib/krb5/libkrb5.exports @@ -400,6 +400,7 @@ krb5_kt_free_entry krb5_kt_get_entry krb5_kt_get_name krb5_kt_get_type +krb5_kt_have_content krb5_kt_next_entry krb5_kt_read_service_key krb5_kt_register diff --git a/src/lib/krb5_32.def b/src/lib/krb5_32.def index e3da5c2fe..54fd081de 100644 --- a/src/lib/krb5_32.def +++ b/src/lib/krb5_32.def @@ -427,3 +427,4 @@ EXPORTS ; new in 1.11 (note that 399-400 are used above) krb5_chpw_message @398 + krb5_kt_have_content @401 |