daemon: Support reading the keytab from config

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/src/pakfire/daemon.c b/src/pakfire/daemon.c
index f171881949ae350e6f8f3ff21fe63a39de967aa9..d57affef1e344c45fae4af9c4936354c5fadbe8b 100644 (file)
--- a/src/pakfire/daemon.c
+++ b/src/pakfire/daemon.c
@@ -57,6 +57,9 @@ struct pakfire_daemon {
        // URL
        char url[PATH_MAX];
 
+       // Kerberos Keytab
+       char keytab[PATH_MAX];
+
        // Event Loop
        sd_event* loop;
 
@@ -705,18 +708,14 @@ static int pakfire_daemon_auth(sd_event_source* s, uint64_t usec, void* data) {
        krb5_keytab keytab = NULL;
        krb5_creds creds = {};
        const char* error = NULL;
-       const char* path = NULL;
        char time[128];
        char* p = NULL;
        int r;
 
        DEBUG(daemon->ctx, "Authenticating...\n");
 
-       // XXX We should read this from the configuration
-       path = KRB5_DEFAULT_KEYTAB;
-
        // Resolve the keytab
-       r = krb5_kt_resolve(daemon->krb5.ctx, path, &keytab);
+       r = krb5_kt_resolve(daemon->krb5.ctx, daemon->keytab, &keytab);
        if (r) {
                error = krb5_get_error_message(daemon->krb5.ctx, r);
 
@@ -866,6 +865,7 @@ static int pakfire_daemon_setup_loop(struct pakfire_daemon* daemon) {
 
 static int pakfire_daemon_configure(struct pakfire_daemon* daemon) {
        struct pakfire_config* config = NULL;
+       const char* keytab = NULL;
        const char* url = NULL;
        int r;
 
@@ -885,6 +885,14 @@ static int pakfire_daemon_configure(struct pakfire_daemon* daemon) {
        if (r < 0)
                goto ERROR;
 
+       // Fetch the keytab
+       keytab = pakfire_config_get(config, "daemon", "keytab", KRB5_DEFAULT_KEYTAB);
+
+       // Store the keytab
+       r = pakfire_string_set(daemon->keytab, keytab);
+       if (r < 0)
+               goto ERROR;
+
 ERROR:
        if (config)
                pakfire_config_unref(config);