From: Michael Adam <obnox@samba.org>
Date: Wed, 16 Jul 2008 22:53:13 +0000 (+0200)
Subject: libnet_keytab: add a libnet_keytab_search() function
X-Git-Tag: samba-3.3.0pre1~337
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=a51a60066b6703fc4e5db3536903abf1cdaca885;p=thirdparty%2Fsamba.git

libnet_keytab: add a libnet_keytab_search() function

that searches and fetches an entry from a keytab file by principal and kvno.

This code is by metze.

Michael
---

diff --git a/source/libnet/libnet_keytab.c b/source/libnet/libnet_keytab.c
index 02c2b6f7615..cec39273e3b 100644
--- a/source/libnet/libnet_keytab.c
+++ b/source/libnet/libnet_keytab.c
@@ -141,4 +141,81 @@ krb5_error_code libnet_keytab_add(struct libnet_keytab_context *ctx)
 #endif /* defined(ENCTYPE_ARCFOUR_HMAC) */
 }
 
+struct libnet_keytab_entry *libnet_keytab_search(struct libnet_keytab_context *ctx,
+						 const char *principal, int kvno,
+						 TALLOC_CTX *mem_ctx)
+{
+	krb5_error_code ret = 0;
+	krb5_kt_cursor cursor;
+	krb5_keytab_entry kt_entry;
+	struct libnet_keytab_entry *entry = NULL;
+
+	ZERO_STRUCT(kt_entry);
+	ZERO_STRUCT(cursor);
+
+	ret = krb5_kt_start_seq_get(ctx->context, ctx->keytab, &cursor);
+	if (ret) {
+		return NULL;
+	}
+
+	while (krb5_kt_next_entry(ctx->context, ctx->keytab, &kt_entry, &cursor) == 0) {
+		char *princ_s = NULL;
+
+		if (kt_entry.vno != kvno) {
+			smb_krb5_kt_free_entry(ctx->context, &kt_entry);
+			continue;
+		}
+
+		ret = smb_krb5_unparse_name(ctx->context, kt_entry.principal, &princ_s);
+		if (ret) {
+			smb_krb5_kt_free_entry(ctx->context, &kt_entry);
+			continue;
+		}
+
+		if (strcmp(principal, princ_s) != 0) {
+			smb_krb5_kt_free_entry(ctx->context, &kt_entry);
+			SAFE_FREE(princ_s);
+			continue;
+		}
+
+		entry = talloc_zero(mem_ctx, struct libnet_keytab_entry);
+		if (!entry) {
+			smb_krb5_kt_free_entry(ctx->context, &kt_entry);
+			SAFE_FREE(princ_s);
+			break;
+		}
+
+		entry->name = talloc_strdup(entry, princ_s);
+		if (!entry->name) {
+			smb_krb5_kt_free_entry(ctx->context, &kt_entry);
+			SAFE_FREE(princ_s);
+			TALLOC_FREE(entry);
+			break;
+		}
+
+		entry->principal = talloc_strdup(entry, princ_s);
+		if (!entry->principal) {
+			smb_krb5_kt_free_entry(ctx->context, &kt_entry);
+			SAFE_FREE(princ_s);
+			TALLOC_FREE(entry);
+			break;
+		}
+
+		entry->password = data_blob_talloc(entry, kt_entry.key.contents, kt_entry.key.length);
+		if (!entry->password.data) {
+			smb_krb5_kt_free_entry(ctx->context, &kt_entry);
+			SAFE_FREE(princ_s);
+			TALLOC_FREE(entry);
+			break;
+		}
+
+		smb_krb5_kt_free_entry(ctx->context, &kt_entry);
+		SAFE_FREE(princ_s);
+		break;
+	}
+
+	krb5_kt_end_seq_get(ctx->context, ctx->keytab, &cursor);
+	return entry;
+}
+
 #endif /* HAVE_KRB5 */
diff --git a/source/libnet/libnet_proto.h b/source/libnet/libnet_proto.h
index ddd730b1a8a..65d37b0ab88 100644
--- a/source/libnet/libnet_proto.h
+++ b/source/libnet/libnet_proto.h
@@ -50,6 +50,10 @@ krb5_error_code libnet_keytab_init(TALLOC_CTX *mem_ctx,
 				   const char *keytab_name,
 				   struct libnet_keytab_context **ctx);
 krb5_error_code libnet_keytab_add(struct libnet_keytab_context *ctx);
+
+struct libnet_keytab_entry *libnet_keytab_search(struct libnet_keytab_context *ctx,
+						 const char *principal, int kvno,
+						 TALLOC_CTX *mem_ctx);
 #endif
 
 /* The following definitions come from libnet/libnet_samsync.c  */