db02be5754449d8a49e2d5a695ba0237d964b5dc/*
db02be5754449d8a49e2d5a695ba0237d964b5dc * CDDL HEADER START
db02be5754449d8a49e2d5a695ba0237d964b5dc *
db02be5754449d8a49e2d5a695ba0237d964b5dc * The contents of this file are subject to the terms of the
db02be5754449d8a49e2d5a695ba0237d964b5dc * Common Development and Distribution License (the "License").
db02be5754449d8a49e2d5a695ba0237d964b5dc * You may not use this file except in compliance with the License.
db02be5754449d8a49e2d5a695ba0237d964b5dc *
db02be5754449d8a49e2d5a695ba0237d964b5dc * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
db02be5754449d8a49e2d5a695ba0237d964b5dc * or http://www.opensolaris.org/os/licensing.
db02be5754449d8a49e2d5a695ba0237d964b5dc * See the License for the specific language governing permissions
db02be5754449d8a49e2d5a695ba0237d964b5dc * and limitations under the License.
db02be5754449d8a49e2d5a695ba0237d964b5dc *
db02be5754449d8a49e2d5a695ba0237d964b5dc * When distributing Covered Code, include this CDDL HEADER in each
db02be5754449d8a49e2d5a695ba0237d964b5dc * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
db02be5754449d8a49e2d5a695ba0237d964b5dc * If applicable, add the following below this CDDL HEADER, with the
db02be5754449d8a49e2d5a695ba0237d964b5dc * fields enclosed by brackets "[]" replaced with your own identifying
db02be5754449d8a49e2d5a695ba0237d964b5dc * information: Portions Copyright [yyyy] [name of copyright owner]
db02be5754449d8a49e2d5a695ba0237d964b5dc *
db02be5754449d8a49e2d5a695ba0237d964b5dc * CDDL HEADER END
db02be5754449d8a49e2d5a695ba0237d964b5dc */
db02be5754449d8a49e2d5a695ba0237d964b5dc/*
db02be5754449d8a49e2d5a695ba0237d964b5dc * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
db02be5754449d8a49e2d5a695ba0237d964b5dc * Use is subject to license terms.
db02be5754449d8a49e2d5a695ba0237d964b5dc */
db02be5754449d8a49e2d5a695ba0237d964b5dc
db02be5754449d8a49e2d5a695ba0237d964b5dc/*
db02be5754449d8a49e2d5a695ba0237d964b5dc * Solaris Kerberos:
db02be5754449d8a49e2d5a695ba0237d964b5dc * Iterate through a keytab (keytab) looking for an entry which matches
db02be5754449d8a49e2d5a695ba0237d964b5dc * the components of a principal (princ) but match on any realm. When a
db02be5754449d8a49e2d5a695ba0237d964b5dc * suitable entry is found return the entry's realm.
db02be5754449d8a49e2d5a695ba0237d964b5dc */
db02be5754449d8a49e2d5a695ba0237d964b5dc
db02be5754449d8a49e2d5a695ba0237d964b5dc#include "k5-int.h"
db02be5754449d8a49e2d5a695ba0237d964b5dc
db02be5754449d8a49e2d5a695ba0237d964b5dckrb5_error_code krb5_kt_find_realm(krb5_context context, krb5_keytab keytab,
db02be5754449d8a49e2d5a695ba0237d964b5dc krb5_principal princ, krb5_data *realm) {
db02be5754449d8a49e2d5a695ba0237d964b5dc
db02be5754449d8a49e2d5a695ba0237d964b5dc krb5_kt_cursor cur;
db02be5754449d8a49e2d5a695ba0237d964b5dc krb5_keytab_entry ent;
db02be5754449d8a49e2d5a695ba0237d964b5dc krb5_boolean match;
db02be5754449d8a49e2d5a695ba0237d964b5dc krb5_data tmp_realm;
db02be5754449d8a49e2d5a695ba0237d964b5dc krb5_error_code ret, ret2;
db02be5754449d8a49e2d5a695ba0237d964b5dc
db02be5754449d8a49e2d5a695ba0237d964b5dc ret = krb5_kt_start_seq_get(context, keytab, &cur);
db02be5754449d8a49e2d5a695ba0237d964b5dc if (ret != 0) {
db02be5754449d8a49e2d5a695ba0237d964b5dc return (ret);
db02be5754449d8a49e2d5a695ba0237d964b5dc }
db02be5754449d8a49e2d5a695ba0237d964b5dc
db02be5754449d8a49e2d5a695ba0237d964b5dc while ((ret = krb5_kt_next_entry(context, keytab, &ent, &cur)) == 0) {
db02be5754449d8a49e2d5a695ba0237d964b5dc /* For the comparison the realms should be the same. */
db02be5754449d8a49e2d5a695ba0237d964b5dc memcpy(&tmp_realm, &ent.principal->realm, sizeof (krb5_data));
db02be5754449d8a49e2d5a695ba0237d964b5dc memcpy(&ent.principal->realm, &princ->realm,
db02be5754449d8a49e2d5a695ba0237d964b5dc sizeof (krb5_data));
db02be5754449d8a49e2d5a695ba0237d964b5dc
db02be5754449d8a49e2d5a695ba0237d964b5dc match = krb5_principal_compare(context, ent.principal, princ);
db02be5754449d8a49e2d5a695ba0237d964b5dc
db02be5754449d8a49e2d5a695ba0237d964b5dc /* Copy the realm back */
db02be5754449d8a49e2d5a695ba0237d964b5dc memcpy(&ent.principal->realm, &tmp_realm, sizeof (krb5_data));
db02be5754449d8a49e2d5a695ba0237d964b5dc
db02be5754449d8a49e2d5a695ba0237d964b5dc if (match) {
db02be5754449d8a49e2d5a695ba0237d964b5dc /*
db02be5754449d8a49e2d5a695ba0237d964b5dc * A suitable entry was found in the keytab.
db02be5754449d8a49e2d5a695ba0237d964b5dc * Copy its realm
db02be5754449d8a49e2d5a695ba0237d964b5dc */
db02be5754449d8a49e2d5a695ba0237d964b5dc ret = krb5int_copy_data_contents(context,
db02be5754449d8a49e2d5a695ba0237d964b5dc &ent.principal->realm, realm);
db02be5754449d8a49e2d5a695ba0237d964b5dc if (ret) {
db02be5754449d8a49e2d5a695ba0237d964b5dc krb5_kt_free_entry(context, &ent);
db02be5754449d8a49e2d5a695ba0237d964b5dc krb5_kt_end_seq_get(context, keytab, &cur);
db02be5754449d8a49e2d5a695ba0237d964b5dc return (ret);
db02be5754449d8a49e2d5a695ba0237d964b5dc }
db02be5754449d8a49e2d5a695ba0237d964b5dc
db02be5754449d8a49e2d5a695ba0237d964b5dc krb5_kt_free_entry(context, &ent);
db02be5754449d8a49e2d5a695ba0237d964b5dc break;
db02be5754449d8a49e2d5a695ba0237d964b5dc }
db02be5754449d8a49e2d5a695ba0237d964b5dc
db02be5754449d8a49e2d5a695ba0237d964b5dc krb5_kt_free_entry(context, &ent);
db02be5754449d8a49e2d5a695ba0237d964b5dc }
db02be5754449d8a49e2d5a695ba0237d964b5dc
db02be5754449d8a49e2d5a695ba0237d964b5dc ret2 = krb5_kt_end_seq_get(context, keytab, &cur);
db02be5754449d8a49e2d5a695ba0237d964b5dc
db02be5754449d8a49e2d5a695ba0237d964b5dc if (ret == KRB5_KT_END) {
db02be5754449d8a49e2d5a695ba0237d964b5dc return (KRB5_KT_NOTFOUND);
db02be5754449d8a49e2d5a695ba0237d964b5dc }
db02be5754449d8a49e2d5a695ba0237d964b5dc
db02be5754449d8a49e2d5a695ba0237d964b5dc return (ret ? ret : ret2);
db02be5754449d8a49e2d5a695ba0237d964b5dc}