From 1cff67e8cecaba20b15efdf7ef38973768d3cbc5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= Date: Thu, 1 Dec 2005 15:50:42 +0000 Subject: [PATCH] (acquire_acceptor_cred): check that the acceptor exists in the keytab before returning ok. git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16336 ec53bebd-3082-4978-b11e-865c3cabbd6b --- lib/gssapi/acquire_cred.c | 9 +++++++++ lib/gssapi/krb5/acquire_cred.c | 9 +++++++++ 2 files changed, 18 insertions(+) diff --git a/lib/gssapi/acquire_cred.c b/lib/gssapi/acquire_cred.c index 43e56432c..e765b3940 100644 --- a/lib/gssapi/acquire_cred.c +++ b/lib/gssapi/acquire_cred.c @@ -239,12 +239,21 @@ static OM_uint32 acquire_acceptor_cred { OM_uint32 ret; krb5_error_code kret; + krb5_keytab_entry entry; kret = 0; ret = GSS_S_FAILURE; kret = get_keytab(&handle->keytab); if (kret) goto end; + + /* check that the requested principal exists in the keytab */ + kret = krb5_kt_get_entry(gssapi_krb5_context, handle->keytab, + handle->principal, 0, 0, &entry); + if (kret) + goto end; + krb5_kt_free_entry(gssapi_krb5_context, &entry); + ret = GSS_S_COMPLETE; end: diff --git a/lib/gssapi/krb5/acquire_cred.c b/lib/gssapi/krb5/acquire_cred.c index 43e56432c..e765b3940 100644 --- a/lib/gssapi/krb5/acquire_cred.c +++ b/lib/gssapi/krb5/acquire_cred.c @@ -239,12 +239,21 @@ static OM_uint32 acquire_acceptor_cred { OM_uint32 ret; krb5_error_code kret; + krb5_keytab_entry entry; kret = 0; ret = GSS_S_FAILURE; kret = get_keytab(&handle->keytab); if (kret) goto end; + + /* check that the requested principal exists in the keytab */ + kret = krb5_kt_get_entry(gssapi_krb5_context, handle->keytab, + handle->principal, 0, 0, &entry); + if (kret) + goto end; + krb5_kt_free_entry(gssapi_krb5_context, &entry); + ret = GSS_S_COMPLETE; end: