krb5 commit: Add krb5_kt_have_content API

Greg Hudson ghudson at MIT.EDU
Sat Jun 2 14:08:14 EDT 2012 

https://github.com/krb5/krb5/commit/246a24f393ffd3c9dfcce56618804ad59edc996e
commit 246a24f393ffd3c9dfcce56618804ad59edc996e
Author: Greg Hudson <ghudson at mit.edu>
Date:   Sat Jun 2 14:06:58 2012 -0400

    Add krb5_kt_have_content API
    
    Add the krb5_kt_have_content API from Heimdal, which can be used to
    test whether a keytab exists and contains entries.  Add tests to
    t_keytab.c.
    
    There is a deviation from Heimdal in the function signature.
    Heimdal's signature returns a krb5_boolean at the moment, because the
    Heimdal implementation actually returns a krb5_error_code.  These are
    generally the same type anyway (int).
    
    ticket: 7158 (new)

 doc/rst_source/krb_appldev/refs/api/index.rst |    1 +
 src/include/krb5/krb5.hin                     |   12 ++++++++++++
 src/lib/krb5/keytab/ktfns.c                   |   23 +++++++++++++++++++++++
 src/lib/krb5/keytab/t_keytab.c                |    6 ++++++
 src/lib/krb5/libkrb5.exports                  |    1 +
 src/lib/krb5_32.def                           |    1 +
 6 files changed, 44 insertions(+), 0 deletions(-)

diff --git a/doc/rst_source/krb_appldev/refs/api/index.rst b/doc/rst_source/krb_appldev/refs/api/index.rst
index 743de67..67e32cf 100644
--- a/doc/rst_source/krb_appldev/refs/api/index.rst
+++ b/doc/rst_source/krb_appldev/refs/api/index.rst
@@ -215,6 +215,7 @@ Rarely used public interfaces
    krb5_kt_add_entry.rst
    krb5_kt_end_seq_get.rst
    krb5_kt_get_entry.rst
+   krb5_kt_have_content.rst
    krb5_kt_next_entry.rst
    krb5_kt_read_service_key.rst
    krb5_kt_remove_entry.rst
diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin
index 3208be5..ca5ccbd 100644
--- a/src/include/krb5/krb5.hin
+++ b/src/include/krb5/krb5.hin
@@ -2872,6 +2872,18 @@ krb5_error_code KRB5_CALLCONV
 krb5_kt_end_seq_get(krb5_context context, krb5_keytab keytab,
                     krb5_kt_cursor *cursor);
 
+/**
+ * Check if a keytab exists and contains entries.
+ *
+ * @param [in]  context         Library context
+ * @param [in]  keytab          Key table handle
+ *
+ * @retval 0 Keytab exists and contains entries
+ * @retval KRB5_KT_NOTFOUND Keytab does not contain entries
+ */
+krb5_error_code KRB5_CALLCONV
+krb5_kt_have_content(krb5_context context, krb5_keytab keytab);
+
 /*
  * end "keytab.h"
  */
diff --git a/src/lib/krb5/keytab/ktfns.c b/src/lib/krb5/keytab/ktfns.c
index ecf0acf..e0c411e 100644
--- a/src/lib/krb5/keytab/ktfns.c
+++ b/src/lib/krb5/keytab/ktfns.c
@@ -98,6 +98,29 @@ krb5_kt_end_seq_get(krb5_context context, krb5_keytab keytab,
     return krb5_x((keytab)->ops->end_get,(context, keytab, cursor));
 }
 
+krb5_error_code KRB5_CALLCONV
+krb5_kt_have_content(krb5_context context, krb5_keytab keytab)
+{
+    krb5_keytab_entry entry;
+    krb5_kt_cursor cursor;
+    krb5_error_code ret;
+
+    /* If the keytab is not iterable, assume that it has content. */
+    if (keytab->ops->start_seq_get == NULL)
+        return 0;
+
+    /* See if we can get at least one entry via iteration. */
+    ret = krb5_kt_start_seq_get(context, keytab, &cursor);
+    if (ret)
+	return KRB5_KT_NOTFOUND;
+    ret = krb5_kt_next_entry(context, keytab, &entry, &cursor);
+    krb5_kt_end_seq_get(context, keytab, &cursor);
+    if (ret)
+	return KRB5_KT_NOTFOUND;
+    krb5_kt_free_entry(context, &entry);
+    return 0;
+}
+
 /*
  * In a couple of places we need to get a principal name from a keytab: when
  * verifying credentials against a keytab, and when querying the name of a
diff --git a/src/lib/krb5/keytab/t_keytab.c b/src/lib/krb5/keytab/t_keytab.c
index 6b64d52..80a94ea 100644
--- a/src/lib/krb5/keytab/t_keytab.c
+++ b/src/lib/krb5/keytab/t_keytab.c
@@ -132,6 +132,9 @@ kt_test(krb5_context context, const char *name)
         CHECK_ERR(kret, KRB5_KT_NOTFOUND, "Getting non-existent entry");
     }
 
+    kret = krb5_kt_have_content(context, kt);
+    CHECK_ERR(kret, KRB5_KT_NOTFOUND, "Checking for keytab content (empty)");
+
 
     /* ===================   Add entries to keytab ================= */
     /*
@@ -169,6 +172,9 @@ kt_test(krb5_context context, const char *name)
 
     /* ==============   Test iterating over contents of keytab ========= */
 
+    kret = krb5_kt_have_content(context, kt);
+    CHECK(kret, "Checking for keytab content (full)");
+
     kret = krb5_kt_start_seq_get(context, kt, &cursor);
     CHECK(kret, "Start sequence get");
 
diff --git a/src/lib/krb5/libkrb5.exports b/src/lib/krb5/libkrb5.exports
index 337e781..d294e1e 100644
--- a/src/lib/krb5/libkrb5.exports
+++ b/src/lib/krb5/libkrb5.exports
@@ -400,6 +400,7 @@ krb5_kt_free_entry
 krb5_kt_get_entry
 krb5_kt_get_name
 krb5_kt_get_type
+krb5_kt_have_content
 krb5_kt_next_entry
 krb5_kt_read_service_key
 krb5_kt_register
diff --git a/src/lib/krb5_32.def b/src/lib/krb5_32.def
index e3da5c2..54fd081 100644
--- a/src/lib/krb5_32.def
+++ b/src/lib/krb5_32.def
@@ -427,3 +427,4 @@ EXPORTS
 
 ; new in 1.11 (note that 399-400 are used above)
 	krb5_chpw_message				@398
+	krb5_kt_have_content				@401

More information about the cvs-krb5 mailing list