kadm5: Revert part of 69eee19541
This commit is contained in:
Nicolas Williams
@@ -325,17 +325,19 @@ kadm5_s_get_principal(void *server_handle,
|
|||||||
_krb5_put_int(buf, last_pw_expire, sizeof(buf));
|
_krb5_put_int(buf, last_pw_expire, sizeof(buf));
|
||||||
ret = add_tl_data(out, KRB5_TL_LAST_PWD_CHANGE, buf, sizeof(buf));
|
ret = add_tl_data(out, KRB5_TL_LAST_PWD_CHANGE, buf, sizeof(buf));
|
||||||
}
|
}
|
||||||
if (ret == 0)
|
|
||||||
ret = hdb_entry_get_krb5_config(&ent.entry, &krb5_config);
|
ret = hdb_entry_get_krb5_config(&ent.entry, &krb5_config);
|
||||||
if (ret == 0 && krb5_config.length) {
|
if (ret == 0 && krb5_config.length) {
|
||||||
ret = add_tl_data(out, KRB5_TL_KRB5_CONFIG, krb5_config.data,
|
ret = add_tl_data(out, KRB5_TL_KRB5_CONFIG, krb5_config.data,
|
||||||
krb5_config.length);
|
krb5_config.length);
|
||||||
|
if (ret)
|
||||||
|
goto out;
|
||||||
}
|
}
|
||||||
/*
|
/*
|
||||||
* If the client was allowed to get key data, let it have the
|
* If the client was allowed to get key data, let it have the
|
||||||
* password too.
|
* password too.
|
||||||
*/
|
*/
|
||||||
if (ret == 0 && (mask & KADM5_KEY_DATA)) {
|
if (mask & KADM5_KEY_DATA) {
|
||||||
heim_utf8_string pw;
|
heim_utf8_string pw;
|
||||||
|
|
||||||
/* XXX But not if the client doesn't have ext-keys */
|
/* XXX But not if the client doesn't have ext-keys */
|
||||||
@@ -344,12 +346,13 @@ kadm5_s_get_principal(void *server_handle,
|
|||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
ret = add_tl_data(out, KRB5_TL_PASSWORD, pw, strlen(pw) + 1);
|
ret = add_tl_data(out, KRB5_TL_PASSWORD, pw, strlen(pw) + 1);
|
||||||
free(pw);
|
free(pw);
|
||||||
|
if (ret)
|
||||||
|
goto out;
|
||||||
}
|
}
|
||||||
krb5_clear_error_message(context->context);
|
krb5_clear_error_message(context->context);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ret == 0)
|
ret = hdb_entry_get_pkinit_acl(&ent.entry, &acl);
|
||||||
ret = hdb_entry_get_pkinit_acl(&ent.entry, &acl);
|
|
||||||
if (ret == 0 && acl) {
|
if (ret == 0 && acl) {
|
||||||
krb5_data buf;
|
krb5_data buf;
|
||||||
size_t len;
|
size_t len;
|
||||||
@@ -367,8 +370,7 @@ kadm5_s_get_principal(void *server_handle,
|
|||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ret == 0)
|
ret = hdb_entry_get_aliases(&ent.entry, &aliases);
|
||||||
ret = hdb_entry_get_aliases(&ent.entry, &aliases);
|
|
||||||
if (ret == 0 && aliases) {
|
if (ret == 0 && aliases) {
|
||||||
krb5_data buf;
|
krb5_data buf;
|
||||||
size_t len;
|
size_t len;
|
||||||
@@ -386,8 +388,7 @@ kadm5_s_get_principal(void *server_handle,
|
|||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ret == 0)
|
ret = hdb_entry_get_key_rotation(context->context, &ent.entry, &kr);
|
||||||
ret = hdb_entry_get_key_rotation(context->context, &ent.entry, &kr);
|
|
||||||
if (ret == 0 && kr) {
|
if (ret == 0 && kr) {
|
||||||
krb5_data buf;
|
krb5_data buf;
|
||||||
size_t len;
|
size_t len;
|
||||||
|
|||||||
Reference in New Issue
Block a user