summaryrefslogtreecommitdiff
path: root/source4/heimdal/lib/hdb/keytab.c
diff options
context:
space:
mode:
Diffstat (limited to 'source4/heimdal/lib/hdb/keytab.c')
-rw-r--r--source4/heimdal/lib/hdb/keytab.c171
1 files changed, 97 insertions, 74 deletions
diff --git a/source4/heimdal/lib/hdb/keytab.c b/source4/heimdal/lib/hdb/keytab.c
index 2ec7837ae3..a557de036d 100644
--- a/source4/heimdal/lib/hdb/keytab.c
+++ b/source4/heimdal/lib/hdb/keytab.c
@@ -43,7 +43,7 @@ struct hdb_data {
struct hdb_cursor {
HDB *db;
hdb_entry_ex hdb_entry;
- bool first, next;
+ int first, next;
int key_idx;
};
@@ -272,7 +272,10 @@ hdb_start_seq_get(krb5_context context,
HDB *db;
if (dbname == NULL) {
- /* We don't support enumerating without being told what backend to enumerate on */
+ /*
+ * We don't support enumerating without being told what
+ * backend to enumerate on
+ */
ret = KRB5_KT_NOTFOUND;
return ret;
}
@@ -301,91 +304,111 @@ hdb_start_seq_get(krb5_context context,
}
c->db = db;
- c->first = true;
- c->next = true;
+ c->first = TRUE;
+ c->next = TRUE;
c->key_idx = 0;
cursor->data = c;
return ret;
}
-static int hdb_next_entry(krb5_context context,
+static int
+hdb_next_entry(krb5_context context,
krb5_keytab id,
krb5_keytab_entry *entry,
krb5_kt_cursor *cursor)
{
- struct hdb_cursor *c = cursor->data;
- krb5_error_code ret;
-
- if (c->first) {
- c->first = false;
- ret = (c->db->hdb_firstkey)(context, c->db,
- HDB_F_DECRYPT|
- HDB_F_GET_CLIENT|HDB_F_GET_SERVER|HDB_F_GET_KRBTGT,
- &c->hdb_entry);
- if (ret == HDB_ERR_NOENTRY) {
- return KRB5_KT_END;
- } else if (ret) {
- return ret;
- }
-
- if (c->hdb_entry.entry.keys.len == 0) {
- hdb_free_entry(context, &c->hdb_entry);
- } else {
- c->next = false;
- }
- }
-
- while (c->next) {
- ret = (c->db->hdb_nextkey)(context, c->db,
- HDB_F_DECRYPT|
- HDB_F_GET_CLIENT|HDB_F_GET_SERVER|HDB_F_GET_KRBTGT,
- &c->hdb_entry);
- if (ret == HDB_ERR_NOENTRY) {
- return KRB5_KT_END;
- } else if (ret) {
- return ret;
- }
- if (c->hdb_entry.entry.keys.len == 0) {
- /* If no keys on this entry, try again */
- hdb_free_entry(context, &c->hdb_entry);
- } else {
- /* We have an entry, set the flag */
- c->next = false;
- }
- };
-
- /* return next enc type (keytabs are one slot per key, while hdb is one record per principal */
- krb5_copy_principal(context,
- c->hdb_entry.entry.principal,
- &entry->principal);
- entry->vno = c->hdb_entry.entry.kvno;
- krb5_copy_keyblock_contents(context,
- &c->hdb_entry.entry.keys.val[c->key_idx].key,
- &entry->keyblock);
- c->key_idx++;
-
- /* Once we get to the end of the list, signal that we want the next entry */
- if (c->key_idx == c->hdb_entry.entry.keys.len) {
- hdb_free_entry(context, &c->hdb_entry);
- c->next = true;
- c->key_idx = 0;
- }
- return 0;
+ struct hdb_cursor *c = cursor->data;
+ krb5_error_code ret;
+
+ memset(entry, 0, sizeof(*entry));
+
+ if (c->first) {
+ c->first = FALSE;
+ ret = (c->db->hdb_firstkey)(context, c->db,
+ HDB_F_DECRYPT|
+ HDB_F_GET_CLIENT|HDB_F_GET_SERVER|HDB_F_GET_KRBTGT,
+ &c->hdb_entry);
+ if (ret == HDB_ERR_NOENTRY)
+ return KRB5_KT_END;
+ else if (ret)
+ return ret;
+
+ if (c->hdb_entry.entry.keys.len == 0)
+ hdb_free_entry(context, &c->hdb_entry);
+ else
+ c->next = FALSE;
+ }
+
+ while (c->next) {
+ ret = (c->db->hdb_nextkey)(context, c->db,
+ HDB_F_DECRYPT|
+ HDB_F_GET_CLIENT|HDB_F_GET_SERVER|HDB_F_GET_KRBTGT,
+ &c->hdb_entry);
+ if (ret == HDB_ERR_NOENTRY)
+ return KRB5_KT_END;
+ else if (ret)
+ return ret;
+
+ /* If no keys on this entry, try again */
+ if (c->hdb_entry.entry.keys.len == 0)
+ hdb_free_entry(context, &c->hdb_entry);
+ else
+ c->next = FALSE;
+ }
+
+ /*
+ * Return next enc type (keytabs are one slot per key, while
+ * hdb is one record per principal.
+ */
+
+ ret = krb5_copy_principal(context,
+ c->hdb_entry.entry.principal,
+ &entry->principal);
+ if (ret)
+ return ret;
+
+ entry->vno = c->hdb_entry.entry.kvno;
+ ret = krb5_copy_keyblock_contents(context,
+ &c->hdb_entry.entry.keys.val[c->key_idx].key,
+ &entry->keyblock);
+ if (ret) {
+ krb5_free_principal(context, entry->principal);
+ memset(entry, 0, sizeof(*entry));
+ return ret;
+ }
+ c->key_idx++;
+
+ /*
+ * Once we get to the end of the list, signal that we want the
+ * next entry
+ */
+
+ if (c->key_idx == c->hdb_entry.entry.keys.len) {
+ hdb_free_entry(context, &c->hdb_entry);
+ c->next = TRUE;
+ c->key_idx = 0;
+ }
+
+ return 0;
}
-static int hdb_end_seq_get(krb5_context context,
- krb5_keytab id,
- krb5_kt_cursor *cursor) {
- struct hdb_cursor *c = cursor->data;
- (c->db->hdb_close)(context, c->db);
- (c->db->hdb_destroy)(context, c->db);
- if (!c->next) {
- hdb_free_entry(context, &c->hdb_entry);
- }
- free(c);
- return 0;
+static int
+hdb_end_seq_get(krb5_context context,
+ krb5_keytab id,
+ krb5_kt_cursor *cursor)
+{
+ struct hdb_cursor *c = cursor->data;
+
+ (c->db->hdb_close)(context, c->db);
+ (c->db->hdb_destroy)(context, c->db);
+
+ if (!c->next)
+ hdb_free_entry(context, &c->hdb_entry);
+
+ free(c);
+ return 0;
}
krb5_kt_ops hdb_kt_ops = {