tell if keytab is missing principal

lib/krb5/init_creds_pw.c

@@ -1552,7 +1552,7 @@ krb5_init_creds_set_keytab(krb5_context context,
     krb5_enctype *etypes = NULL;
     krb5_error_code ret;
     size_t netypes = 0;
-    int kvno = 0;
+    int kvno = 0, found = 0;
 
     a = malloc(sizeof(*a));
     if (a == NULL) {
@@ -1585,6 +1585,8 @@ krb5_init_creds_set_keytab(krb5_context context,
 	if (!krb5_principal_compare(context, entry.principal, ctx->cred.client))
 	    goto next;
 
+	found = 1;
+
 	/* check if we ahve this kvno already */
 	if (entry.vno > kvno) {
 	    /* remove old list of etype */
@@ -1602,8 +1604,11 @@ krb5_init_creds_set_keytab(krb5_context context,
 
 	/* add enctype to supported list */
 	ptr = realloc(etypes, sizeof(etypes[0]) * (netypes + 2));
-	if (ptr == NULL)
+	if (ptr == NULL) {
-	    goto next;
+	    free(etypes);
+	    ret = krb5_enomem(context);
+	    goto out;
+	}
 
 	etypes = ptr;
 	etypes[netypes] = entry.keyblock.keytype;
@@ -1621,7 +1626,13 @@ krb5_init_creds_set_keytab(krb5_context context,
     }
 
  out:
-    return 0;
+    if (!found) {
+	if (ret == 0)
+	    ret = KRB5_KT_NOTFOUND;
+	_krb5_kt_principal_not_found(context, ret, keytab, ctx->cred.client, 0, 0);
+    }
+
+    return ret;
 }
 
 static krb5_error_code KRB5_CALLCONV

lib/krb5/keytab.c

@@ -563,7 +563,8 @@ _krb5_kt_principal_not_found(krb5_context context,
 
     krb5_unparse_name_fixed (context, principal, princ, sizeof(princ));
     krb5_kt_get_full_name (context, id, &kt_name);
-    krb5_enctype_to_string(context, enctype, &enctype_str);
+    if (enctype)
+	krb5_enctype_to_string(context, enctype, &enctype_str);
 
     if (kvno)
 	snprintf(kvno_str, sizeof(kvno_str), "(kvno %d)", kvno);
@@ -578,7 +579,8 @@ _krb5_kt_principal_not_found(krb5_context context,
 			    kt_name ? kt_name : "unknown keytab",
 			    enctype_str ? enctype_str : "unknown enctype");
     free(kt_name);
-    free(enctype_str);
+    if (enctype_str)
+	free(enctype_str);
     return ret;
 }