don't open connection to server until we loop over the principals, at

that time we know the realm of the (first) principal and we can default to that admin server git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@10388 ec53bebd-3082-4978-b11e-865c3cabbd6b
2001-07-23 14:30:09 +00:00
parent e18c7ab0f7
commit fe6bf34316
1 changed files with 66 additions and 33 deletions
--- a/admin/get.c
+++ b/admin/get.c
@@ -35,12 +35,53 @@

 RCSID("$Id$");

+static void*
+open_kadmin_connection(char *principal,
+		       const char *realm, 
+		       char *admin_server, 
+		       int server_port)
+{
+    krb5_error_code ret;
+    kadm5_config_params conf;
+    void *kadm_handle;
+    memset(&conf, 0, sizeof(conf));
+
+    if(realm) {
+	conf.realm = (char*)realm;
+	conf.mask |= KADM5_CONFIG_REALM;
+    }
+    
+    if (admin_server) {
+	conf.admin_server = admin_server;
+	conf.mask |= KADM5_CONFIG_ADMIN_SERVER;
+    }
+
+    if (server_port) {
+	conf.kadmind_port = htons(server_port);
+	conf.mask |= KADM5_CONFIG_KADMIND_PORT;
+    }
+
+    /* should get realm from each principal, instead of doing
+       everything with the same (local) realm */
+
+    ret = kadm5_init_with_password_ctx(context, 
+				       principal,
+				       NULL,
+				       KADM5_ADMIN_SERVICE,
+				       &conf, 0, 0, 
+				       &kadm_handle);
+    if(ret) {
+	krb5_warn(context, ret, "kadm5_init_with_password");
+	return NULL;
+    }
+    return kadm_handle;
+}
+
 int
 kt_get(int argc, char **argv)
 {
    krb5_error_code ret = 0;
    krb5_keytab keytab;
-    kadm5_config_params conf;
    void *kadm_handle = NULL;
    char *principal = NULL;
    char *realm = NULL;
@@ -78,18 +119,25 @@ kt_get(int argc, char **argv)
    args[4].value = &server_port;
    args[5].value = &help_flag;

-    memset(&conf, 0, sizeof(conf));
-
    if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optind)
       || help_flag) {
 	arg_printusage(args, sizeof(args) / sizeof(args[0]), 
 		       "ktutil get", "principal...");
 	return 1;
    }
+    if(optind == argc) {
+	krb5_warnx(context, "no principals specified");
+	arg_printusage(args, sizeof(args) / sizeof(args[0]), 
+		       "ktutil get", "principal...");
+	return 1;
+    }
    
    if((keytab = ktutil_open_keytab()) == NULL)
 	return 1;

+    if(realm)
+	krb5_set_default_realm(context, realm);
+
    if (etype_strs.num_strings) {
 	int i;

@@ -111,36 +159,6 @@ kt_get(int argc, char **argv)
 	}
    }

-    if(realm) {
-	krb5_set_default_realm(context, realm); /* XXX should be fixed
-						   some other way */
-	conf.realm = realm;
-	conf.mask |= KADM5_CONFIG_REALM;
-    }
-    
-    if (admin_server) {
-	conf.admin_server = admin_server;
-	conf.mask |= KADM5_CONFIG_ADMIN_SERVER;
-    }
-
-    if (server_port) {
-	conf.kadmind_port = htons(server_port);
-	conf.mask |= KADM5_CONFIG_KADMIND_PORT;
-    }
-
-    /* should get realm from each principal, instead of doing
-       everything with the same (local) realm */
-
-    ret = kadm5_init_with_password_ctx(context, 
-				       principal,
-				       NULL,
-				       KADM5_ADMIN_SERVICE,
-				       &conf, 0, 0, 
-				       &kadm_handle);
-    if(ret) {
-	krb5_warn(context, ret, "kadm5_init_with_password");
-	goto out;
-    }
    
    for(i = optind; i < argc; i++){
 	krb5_principal princ_ent;
@@ -160,6 +178,21 @@ kt_get(int argc, char **argv)
 	princ.princ_expire_time = 0;
 	mask |= KADM5_PRINC_EXPIRE_TIME;

+	if(kadm_handle == NULL) {
+	    const char *r;
+	    if(realm != NULL)
+		r = realm;
+	    else
+		r = krb5_principal_get_realm(context, princ_ent);
+	    kadm_handle = open_kadmin_connection(principal, 
+						 r, 
+						 admin_server, 
+						 server_port);
+	    if(kadm_handle == NULL) {
+		break;
+	    }
+	}
+	
 	ret = kadm5_create_principal(kadm_handle, &princ, mask, "x");
 	if(ret == 0)
 	    created++;