From 54d6ae09e268e169ee7f0f5ab02a465b030f4ba4 Mon Sep 17 00:00:00 2001
From: Michael Adam <obnox@samba.org>
Date: Thu, 17 Jul 2008 00:53:13 +0200
Subject: libnet_keytab: add a libnet_keytab_search() function

that searches and fetches an entry from a keytab file by principal and kvno.

This code is by metze.

Michael
(This used to be commit a51a60066b6703fc4e5db3536903abf1cdaca885)
---
 source3/libnet/libnet_keytab.c | 77 ++++++++++++++++++++++++++++++++++++++++++
 source3/libnet/libnet_proto.h  |  4 +++
 2 files changed, 81 insertions(+)

(limited to 'source3')

diff --git a/source3/libnet/libnet_keytab.c b/source3/libnet/libnet_keytab.c
index 02c2b6f761..cec39273e3 100644
--- a/source3/libnet/libnet_keytab.c
+++ b/source3/libnet/libnet_keytab.c
@@ -141,4 +141,81 @@ krb5_error_code libnet_keytab_add(struct libnet_keytab_context *ctx)
 #endif /* defined(ENCTYPE_ARCFOUR_HMAC) */
 }
 
+struct libnet_keytab_entry *libnet_keytab_search(struct libnet_keytab_context *ctx,
+						 const char *principal, int kvno,
+						 TALLOC_CTX *mem_ctx)
+{
+	krb5_error_code ret = 0;
+	krb5_kt_cursor cursor;
+	krb5_keytab_entry kt_entry;
+	struct libnet_keytab_entry *entry = NULL;
+
+	ZERO_STRUCT(kt_entry);
+	ZERO_STRUCT(cursor);
+
+	ret = krb5_kt_start_seq_get(ctx->context, ctx->keytab, &cursor);
+	if (ret) {
+		return NULL;
+	}
+
+	while (krb5_kt_next_entry(ctx->context, ctx->keytab, &kt_entry, &cursor) == 0) {
+		char *princ_s = NULL;
+
+		if (kt_entry.vno != kvno) {
+			smb_krb5_kt_free_entry(ctx->context, &kt_entry);
+			continue;
+		}
+
+		ret = smb_krb5_unparse_name(ctx->context, kt_entry.principal, &princ_s);
+		if (ret) {
+			smb_krb5_kt_free_entry(ctx->context, &kt_entry);
+			continue;
+		}
+
+		if (strcmp(principal, princ_s) != 0) {
+			smb_krb5_kt_free_entry(ctx->context, &kt_entry);
+			SAFE_FREE(princ_s);
+			continue;
+		}
+
+		entry = talloc_zero(mem_ctx, struct libnet_keytab_entry);
+		if (!entry) {
+			smb_krb5_kt_free_entry(ctx->context, &kt_entry);
+			SAFE_FREE(princ_s);
+			break;
+		}
+
+		entry->name = talloc_strdup(entry, princ_s);
+		if (!entry->name) {
+			smb_krb5_kt_free_entry(ctx->context, &kt_entry);
+			SAFE_FREE(princ_s);
+			TALLOC_FREE(entry);
+			break;
+		}
+
+		entry->principal = talloc_strdup(entry, princ_s);
+		if (!entry->principal) {
+			smb_krb5_kt_free_entry(ctx->context, &kt_entry);
+			SAFE_FREE(princ_s);
+			TALLOC_FREE(entry);
+			break;
+		}
+
+		entry->password = data_blob_talloc(entry, kt_entry.key.contents, kt_entry.key.length);
+		if (!entry->password.data) {
+			smb_krb5_kt_free_entry(ctx->context, &kt_entry);
+			SAFE_FREE(princ_s);
+			TALLOC_FREE(entry);
+			break;
+		}
+
+		smb_krb5_kt_free_entry(ctx->context, &kt_entry);
+		SAFE_FREE(princ_s);
+		break;
+	}
+
+	krb5_kt_end_seq_get(ctx->context, ctx->keytab, &cursor);
+	return entry;
+}
+
 #endif /* HAVE_KRB5 */
diff --git a/source3/libnet/libnet_proto.h b/source3/libnet/libnet_proto.h
index ddd730b1a8..65d37b0ab8 100644
--- a/source3/libnet/libnet_proto.h
+++ b/source3/libnet/libnet_proto.h
@@ -50,6 +50,10 @@ krb5_error_code libnet_keytab_init(TALLOC_CTX *mem_ctx,
 				   const char *keytab_name,
 				   struct libnet_keytab_context **ctx);
 krb5_error_code libnet_keytab_add(struct libnet_keytab_context *ctx);
+
+struct libnet_keytab_entry *libnet_keytab_search(struct libnet_keytab_context *ctx,
+						 const char *principal, int kvno,
+						 TALLOC_CTX *mem_ctx);
 #endif
 
 /* The following definitions come from libnet/libnet_samsync.c  */
-- 
cgit