libnet keytab: add parameter ingnore_kvno to libnet_keytab_remove_entries()

to allow for removing all entries with given principal and enctype without
repecting the kvno (i.e. cleaning "old" entries...)

This is called with ignore_kvno == false from libnet_keytab_add_entry() to
keep the original behaviour.

Michael

diff --git a/source/libnet/libnet_keytab.c b/source/libnet/libnet_keytab.c
index ffff0f59ab48755bb18eb98914176a5732506ce2..87d83fc46e73523291145af193b0e3c1e5bbea28 100644 (file)
--- a/source/libnet/libnet_keytab.c
+++ b/source/libnet/libnet_keytab.c
@@ -113,7 +113,8 @@ static krb5_error_code libnet_keytab_remove_entries(krb5_context context,
                                                    krb5_keytab keytab,
                                                    const char *principal,
                                                    int kvno,
-                                                   const krb5_enctype enctype)
+                                                   const krb5_enctype enctype,
+                                                   bool ignore_kvno)
 {
        krb5_error_code ret;
        krb5_kt_cursor cursor;
@@ -131,7 +132,7 @@ static krb5_error_code libnet_keytab_remove_entries(krb5_context context,
        {
                char *princ_s = NULL;
 
-               if (kt_entry.vno != kvno) {
+               if (kt_entry.vno != kvno && !ignore_kvno) {
                        goto cont;
                }
 
@@ -210,7 +211,7 @@ static krb5_error_code libnet_keytab_add_entry(krb5_context context,
 
        /* remove duplicates first ... */
        ret = libnet_keytab_remove_entries(context, keytab, princ_s, kvno,
-                                          enctype);
+                                          enctype, false);
        if (ret) {
                DEBUG(1, ("libnet_keytab_remove_entries failed: %s\n",
                          error_message(ret)));