Add krb5_kt_dup API and use it in two places

author Greg Hudson <ghudson@mit.edu>

Mon, 1 Apr 2013 17:25:33 +0000 (13:25 -0400)

committer Greg Hudson <ghudson@mit.edu>

Mon, 1 Apr 2013 17:25:33 +0000 (13:25 -0400)
author Greg Hudson <ghudson@mit.edu>
Mon, 1 Apr 2013 17:25:33 +0000 (13:25 -0400)
committer Greg Hudson <ghudson@mit.edu>
Mon, 1 Apr 2013 17:25:33 +0000 (13:25 -0400)
diff --git a/doc/appdev/refs/api/index.rst b/doc/appdev/refs/api/index.rst

index b87859f45c2ec69d97af308c6f50faab0b3aa56e..7009b30dca9f21b046d3cb165f20c045e57f07b6 100644 (file)
--- a/doc/appdev/refs/api/index.rst
+++ b/doc/appdev/refs/api/index.rst
@@ -69,6 +69,7 @@ Frequently used public interfaces
     krb5_kt_client_default.rst
     krb5_kt_default.rst
     krb5_kt_default_name.rst
+   krb5_kt_dup.rst
     krb5_kt_get_name.rst
     krb5_kt_get_type.rst
     krb5_kt_resolve.rst
diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin

index e0c6f12396227e3fcae9c3a8d9f4ef02baafac49..97810b5c8f5663841221735e548d64e1c0aa6b86 100644 (file)
--- a/src/include/krb5/krb5.hin
+++ b/src/include/krb5/krb5.hin
@@ -4187,6 +4187,21 @@ krb5_524_convert_creds(krb5_context context, krb5_creds *v5creds,
  krb5_error_code KRB5_CALLCONV
  krb5_kt_resolve(krb5_context context, const char *name, krb5_keytab *ktid);
  
+/**
+ * Duplicate keytab handle.
+ *
+ * @param [in]  context         Library context
+ * @param [in]  in              Key table handle to be duplicated
+ * @param [out] out             Key table handle
+ *
+ * Create a new handle referring to the same key table as @a in.  The new
+ * handle and @a in can be closed independently.
+ *
+ * @version New in 1.12
+ */
+krb5_error_code KRB5_CALLCONV
+krb5_kt_dup(krb5_context context, krb5_keytab in, krb5_keytab *out);
+
  /**
   * Get the default key table name.
   *
diff --git a/src/lib/gssapi/krb5/acquire_cred.c b/src/lib/gssapi/krb5/acquire_cred.c

index c4c596b871976e5d493747cdc489de258b6db1d4..dbc5a701aa13c54812690eb50add0bf727df3043 100644 (file)
--- a/src/lib/gssapi/krb5/acquire_cred.c
+++ b/src/lib/gssapi/krb5/acquire_cred.c
@@ -194,15 +194,7 @@ acquire_accept_cred(krb5_context context,
      assert(cred->keytab == NULL);
  
      if (req_keytab != NULL) {
-        char ktname[BUFSIZ];
-
-        /* Duplicate keytab handle */
-        code = krb5_kt_get_name(context, req_keytab, ktname, sizeof(ktname));
-        if (code) {
-            *minor_status = code;
-            return GSS_S_CRED_UNAVAIL;
-        }
-        code = krb5_kt_resolve(context, ktname, &kt);
+        code = krb5_kt_dup(context, req_keytab, &kt);
      } else {
          code = k5_mutex_lock(&gssint_krb5_keytab_lock);
          if (code) {
@@ -660,23 +652,12 @@ acquire_init_cred(krb5_context context,
              goto error;
      }
  
-    if (client_keytab != NULL) {
-        char ktname[BUFSIZ];
-
-        /* Duplicate keytab handle */
-        code = krb5_kt_get_name(context, client_keytab, ktname,
-                                sizeof(ktname));
-        if (code)
-            goto error;
-
-        code = krb5_kt_resolve(context, ktname, &cred->client_keytab);
-        if (code)
-            goto error;
-    } else {
+    if (client_keytab != NULL)
+        code = krb5_kt_dup(context, client_keytab, &cred->client_keytab);
+    else
          code = krb5_kt_client_default(context, &cred->client_keytab);
-        if (code)
-            goto error;
-    }
+    if (code)
+        goto error;
  
      if (password != GSS_C_NO_BUFFER) {
          pwdata = make_data(password->value, password->length);
diff --git a/src/lib/krb5/keytab/ktbase.c b/src/lib/krb5/keytab/ktbase.c

index 0f3562f3391a29ca2d3dc79c5ccd0e0e63f646a8..848b047f45e8a9054520868c32eeb6807b7d8b5d 100644 (file)
--- a/src/lib/krb5/keytab/ktbase.c
+++ b/src/lib/krb5/keytab/ktbase.c
@@ -218,6 +218,16 @@ cleanup:
      return err;
  }
  
+krb5_error_code KRB5_CALLCONV
+krb5_kt_dup(krb5_context context, krb5_keytab in, krb5_keytab *out)
+{
+    krb5_error_code err;
+    char name[BUFSIZ];
+
+    err = in->ops->get_name(context, in, name, sizeof(name));
+    return err ? err : krb5_kt_resolve(context, name, out);
+}
+
  /*
   * Routines to deal with externalizingt krb5_keytab.
   *      keytab_size();
diff --git a/src/lib/krb5/libkrb5.exports b/src/lib/krb5/libkrb5.exports

index b0547d52afe341d2d3a8dd275d83d2271802920c..03273df1ab3b1a680ea1bf4a27d0b807c6a88f90 100644 (file)
--- a/src/lib/krb5/libkrb5.exports
+++ b/src/lib/krb5/libkrb5.exports
@@ -411,6 +411,7 @@ krb5_kt_close
  krb5_kt_default
  krb5_kt_default_name
  krb5_kt_dfl_ops
+krb5_kt_dup
  krb5_kt_end_seq_get
  krb5_kt_free_entry
  krb5_kt_get_entry
diff --git a/src/lib/krb5_32.def b/src/lib/krb5_32.def

index 57604ade498b927ac04bee229d2d54cdbca4b827..9bff8a7ebce6bd05177883330b88d692bdda7bd7 100644 (file)
--- a/src/lib/krb5_32.def
+++ b/src/lib/krb5_32.def
@@ -446,3 +446,4 @@ EXPORTS
  
  ; new in 1.12
         krb5_free_enctypes                              @419
+       krb5_kt_dup                                     @420
author	Greg Hudson <ghudson@mit.edu>
	Mon, 1 Apr 2013 17:25:33 +0000 (13:25 -0400)
committer	Greg Hudson <ghudson@mit.edu>
	Mon, 1 Apr 2013 17:25:33 +0000 (13:25 -0400)
doc/appdev/refs/api/index.rst		patch \| blob \| blame \| history
src/include/krb5/krb5.hin		patch \| blob \| blame \| history
src/lib/gssapi/krb5/acquire_cred.c		patch \| blob \| blame \| history
src/lib/krb5/keytab/ktbase.c		patch \| blob \| blame \| history
src/lib/krb5/libkrb5.exports		patch \| blob \| blame \| history
src/lib/krb5_32.def		patch \| blob \| blame \| history