svn rev #24487: trunk/src/ kadmin/cli/ lib/krb5/keytab/ util/

ghudson@MIT.EDU ghudson at MIT.EDU
Tue Oct 26 15:36:59 EDT 2010 

http://src.mit.edu/fisheye/changelog/krb5/?cs=24487
Commit By: ghudson
Log Message:
FILE keytabs have been able to handle write operations since krb5 1.7,
as an apparently unintended side effect of r20594.  Clean up the code
by combining the identical resolve functions for FILE and WRFILE, and
removing the code to set up a WRFILE default keytab name in kadmin.c.
Also fixes a slight display bug; k5test.py needs to be adjusted to
expect the correct output.



Changed Files:
U   trunk/src/kadmin/cli/kadmin.c
U   trunk/src/lib/krb5/keytab/kt_file.c
U   trunk/src/util/k5test.py
Modified: trunk/src/kadmin/cli/kadmin.c
===================================================================
--- trunk/src/kadmin/cli/kadmin.c	2010-10-26 17:34:41 UTC (rev 24486)
+++ trunk/src/kadmin/cli/kadmin.c	2010-10-26 19:36:58 UTC (rev 24487)
@@ -536,15 +536,6 @@
         exit(1);
     }
 
-    /* register the WRFILE keytab type and set it as the default */
-    {
-#define DEFAULT_KEYTAB "WRFILE:/etc/krb5.keytab"
-        /* XXX krb5_defkeyname is an internal library global and
-           should go away */
-        extern char *krb5_defkeyname;
-        krb5_defkeyname = DEFAULT_KEYTAB;
-    }
-
     retval = kadm5_init_iprop(handle, 0);
     if (retval) {
         com_err(whoami, retval, _("while mapping update log"));

Modified: trunk/src/lib/krb5/keytab/kt_file.c
===================================================================
--- trunk/src/lib/krb5/keytab/kt_file.c	2010-10-26 17:34:41 UTC (rev 24486)
+++ trunk/src/lib/krb5/keytab/kt_file.c	2010-10-26 19:36:58 UTC (rev 24487)
@@ -98,9 +98,6 @@
 krb5_ktfile_resolve(krb5_context, const char *, krb5_keytab *);
 
 static krb5_error_code KRB5_CALLCONV
-krb5_ktfile_wresolve(krb5_context, const char *, krb5_keytab *);
-
-static krb5_error_code KRB5_CALLCONV
 krb5_ktfile_get_name(krb5_context, krb5_keytab, char *, unsigned int);
 
 static krb5_error_code KRB5_CALLCONV
@@ -163,20 +160,20 @@
  */
 
 static krb5_error_code
-ktfile_common_resolve(krb5_context context, const char *name,
-                      krb5_keytab *idptr, const struct _krb5_kt_ops *ops)
+krb5_ktfile_resolve(krb5_context context, const char *name,
+                    krb5_keytab *id_out)
 {
     krb5_ktfile_data *data = NULL;
     krb5_error_code err = ENOMEM;
     krb5_keytab id;
 
-    *idptr = NULL;
+    *id_out = NULL;
 
     id = calloc(1, sizeof(*id));
     if (id == NULL)
         return ENOMEM;
 
-    id->ops = ops;
+    id->ops = &krb5_ktf_ops;
     data = calloc(1, sizeof(krb5_ktfile_data));
     if (data == NULL)
         goto cleanup;
@@ -195,7 +192,7 @@
 
     id->data = (krb5_pointer) data;
     id->magic = KV5M_KEYTAB;
-    *idptr = id;
+    *id_out = id;
     return 0;
 cleanup:
     if (data)
@@ -205,13 +202,7 @@
     return err;
 }
 
-static krb5_error_code KRB5_CALLCONV
-krb5_ktfile_resolve(krb5_context context, const char *name, krb5_keytab *id)
-{
-    return ktfile_common_resolve(context, name, id, &krb5_ktf_writable_ops);
-}
 
-
 /*
  * "Close" a file-based keytab and invalidate the id.  This means
  * free memory hidden in the structures.
@@ -737,8 +728,7 @@
     if (kret)
         goto cleanup;
 
-    if (keytab->ops != &krb5_ktf_writable_ops
-        && keytab->ops != &krb5_ktf_ops) {
+    if (keytab->ops != &krb5_ktf_ops) {
         kret = EINVAL;
         goto cleanup;
     }
@@ -790,18 +780,7 @@
     return kret;
 }
 
-/*
- * This is an implementation specific resolver.  It returns a keytab id
- * initialized with file keytab routines.
- */
 
-static krb5_error_code KRB5_CALLCONV
-krb5_ktfile_wresolve(krb5_context context, const char *name, krb5_keytab *id)
-{
-    return ktfile_common_resolve(context, name, id, &krb5_ktf_writable_ops);
-}
-
-
 /*
  * krb5_ktfile_add()
  */
@@ -916,19 +895,21 @@
     krb5_ktfile_start_seq_get,
     krb5_ktfile_get_next,
     krb5_ktfile_end_get,
-    0,
-    0,
+    krb5_ktfile_add,
+    krb5_ktfile_remove,
     &krb5_ktfile_ser_entry
 };
 
 /*
- * krb5_ktf_writable_ops
+ * krb5_ktf_writable_ops -- this is the same as krb5_ktf_ops except for the
+ * prefix.  WRFILE should no longer be needed, but is effectively aliased to
+ * FILE for compatibility.
  */
 
 const struct _krb5_kt_ops krb5_ktf_writable_ops = {
     0,
     "WRFILE",   /* Prefix -- this string should not appear anywhere else! */
-    krb5_ktfile_wresolve,
+    krb5_ktfile_resolve,
     krb5_ktfile_get_name,
     krb5_ktfile_close,
     krb5_ktfile_get_entry,

Modified: trunk/src/util/k5test.py
===================================================================
--- trunk/src/util/k5test.py	2010-10-26 17:34:41 UTC (rev 24486)
+++ trunk/src/util/k5test.py	2010-10-26 19:36:58 UTC (rev 24487)
@@ -878,7 +878,7 @@
         if keytab is None:
             keytab = self.keytab
         output = self.run_as_client([klist, '-k', keytab])
-        if (('Keytab name: WRFILE:%s\n' % keytab) not in output or
+        if (('Keytab name: FILE:%s\n' % keytab) not in output or
             'KVNO Principal\n----' not in output or
             princ not in output):
             fail('Unexpected klist output.')

More information about the cvs-krb5 mailing list