IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Better detection when not working with a real keytab in ipa-rmkeytab.

Browse Source 
Resolving the keytab isn't enough, this just creates a name. Try to
create a cursor into the keytab to see if it is a valid keytab.

ticket 654
This commit is contained in:
Rob Crittenden
2011-01-04 14:54:41 -05:00
committed by Simo Sorce
parent 1fb2ccf105
commit a1188d95e8
1 changed files with 11 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
ipa-client/ipa-rmkeytab.c
View File

@@ -147,6 +147,7 @@ main(int argc, const char **argv)
krb5_context context;
krb5_error_code krberr;
krb5_keytab ktid;
krb5_kt_cursor cursor;
char * ktname;
char * atrealm;
poptContext pc;
@@ -212,10 +213,19 @@ main(int argc, const char **argv)
krberr = krb5_kt_resolve(context, ktname, &ktid);
if (krberr) {
fprintf(stderr, _("Failed to open keytab '%s'\n"), keytab);
fprintf(stderr, _("Failed to open keytab '%s': %s\n"), keytab,
error_message(krberr));
rval = 3;
goto cleanup;
}
krberr = krb5_kt_start_seq_get(context, ktid, &cursor);
if (krberr) {
fprintf(stderr, _("Failed to open keytab '%s': %s\n"), keytab,
error_message(krberr));
rval = 3;
goto cleanup;
}
krb5_kt_end_seq_get(context, ktid, &cursor);
if (principal)
rval = remove_principal(context, ktid, principal, debug);