don't copy an entry that already exists in the keytab, and warn if the

keyblock differs


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9407 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Johan Danielsson
2000-12-16 00:45:29 +00:00
parent 956c878eb8
commit c6d3be50e3

View File

@@ -35,13 +35,24 @@
RCSID("$Id$");
static krb5_boolean
compare_keyblock(const krb5_keyblock *a, const krb5_keyblock *b)
{
if(a->keytype != b->keytype ||
a->keyvalue.length != b->keyvalue.length ||
memcmp(a->keyvalue.data, b->keyvalue.data, a->keyvalue.length) != 0)
return FALSE;
return TRUE;
}
static int
kt_copy_int (const char *from, const char *to)
{
krb5_error_code ret;
krb5_keytab src_keytab, dst_keytab;
krb5_kt_cursor cursor;
krb5_keytab_entry entry;
krb5_keytab_entry entry, dummy;
ret = krb5_kt_resolve (context, from, &src_keytab);
if (ret) {
@@ -64,21 +75,53 @@ kt_copy_int (const char *from, const char *to)
while((ret = krb5_kt_next_entry(context, src_keytab,
&entry, &cursor)) == 0) {
char name_str[128];
krb5_unparse_name_fixed (context, entry.principal,
name_str, sizeof(name_str));
char *name_str;
char *etype_str;
krb5_unparse_name (context, entry.principal, &name_str);
krb5_enctype_to_string(context, entry.keyblock.keytype, &etype_str);
ret = krb5_kt_get_entry(context, dst_keytab,
entry.principal,
entry.vno,
entry.keyblock.keytype,
&dummy);
if(ret == 0) {
/* this entry is already in the new keytab, so no need to
copy it; if the keyblocks are not the same, something
is weird, so complain about that */
if(!compare_keyblock(&entry.keyblock, &dummy.keyblock)) {
krb5_warnx(context, "entry with different keyvalue "
"already exists for %s, keytype %s, kvno %d",
name_str, etype_str, entry.vno);
}
krb5_kt_free_entry(context, &dummy);
krb5_kt_free_entry (context, &entry);
free(name_str);
free(etype_str);
continue;
} else if(ret != KRB5_KT_NOTFOUND) {
krb5_warn(context, ret, "krb5_kt_get_entry(%s)", name_str);
krb5_kt_free_entry (context, &entry);
free(name_str);
free(etype_str);
break;
}
if (verbose_flag)
printf ("copying %s\n", name_str);
fprintf (stderr, "copying %s, keytype %s, kvno %d\n", name_str,
etype_str, entry.vno);
ret = krb5_kt_add_entry (context, dst_keytab, &entry);
krb5_kt_free_entry (context, &entry);
if (ret) {
krb5_warn (context, ret, "krb5_kt_add_entry(%s)", name_str);
free(name_str);
free(etype_str);
break;
}
free(name_str);
free(etype_str);
}
krb5_kt_end_seq_get (context, src_keytab, &cursor);
fail:
fail:
krb5_kt_close (context, src_keytab);
krb5_kt_close (context, dst_keytab);
return 0;