/*
*
* Copyright 1995 by the Massachusetts Institute of Technology.
* All Rights Reserved.
*
* Export of this software from the United States of America may
* require a specific license from the United States Government.
* It is the responsibility of any person or organization contemplating
* export to obtain such a license before exporting.
*
* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
* distribute this software and its documentation for any purpose and
* without fee is hereby granted, provided that the above copyright
* notice appear in all copies and that both that copyright notice and
* this permission notice appear in supporting documentation, and that
* the name of M.I.T. not be used in advertising or publicity pertaining
* to distribution of the software without specific, written prior
* permission. Furthermore if you modify this software you must label
* your software as modified software and not distribute it in such a
* fashion that it might be confused with the original M.I.T. software.
* M.I.T. makes no representations about the suitability of
* this software for any purpose. It is provided "as is" without express
* or implied warranty.
*
*/
#include <string.h>
#include "k5-int.h"
#include "kdb_kt.h"
static int
static krb5_error_code
{
if (namelen < sizeof("KDB:"))
return KRB5_KT_NAME_TOOLONG;
return 0;
}
0,
"KDB", /* Prefix -- this string should not appear anywhere else! */
krb5_ktkdb_resolve, /* resolve */
krb5_ktkdb_get_name, /* get_name */
krb5_ktkdb_close, /* close */
krb5_ktkdb_get_entry, /* get */
NULL, /* start_seq_get */
NULL, /* get_next */
NULL, /* end_get */
NULL, /* add (extended) */
NULL, /* remove (extended) */
NULL, /* (void *) &krb5_ktfile_ser_entry */
};
typedef struct krb5_ktkdb_data {
char * name;
const char * name;
krb5_keytab * id;
{
return(ENOMEM);
return(0);
}
{
/*
* This routine is responsible for freeing all memory allocated
* for this keytab. There are no system resources that need
* to be freed nor are there any open files.
*
* This routine should undo anything done by krb5_ktkdb_resolve().
*/
krb5_xfree(kt);
return 0;
}
/*
* Set a different context for use with ktkdb_get_entry(). This is
* primarily useful for kadmind, where the gssapi library context,
* which will be used for the keytab, will necessarily have a
* different context than that used by the kadm5 library to access the
* database for its own purposes.
*/
{
return 0;
}
{
int n = 0;
int xrealm_tgt;
if (ktkdb_ctx)
else
/* Open database */
/* krb5_db_init(context); */
return(kerror);
/* get_principal */
if (kerror) {
/* krb5_db_close_database(context); */
return(kerror);
}
if (n != 1) {
/* krb5_db_close_database(context); */
return KRB5_KT_NOTFOUND;
}
goto error;
}
/* match key */
if (kerror)
goto error;
/* For cross realm tgts, we match whatever enctype is provided;
* for other principals, we only match the first enctype that is
* found. Since the TGS and AS code do the same thing, then we
* will only successfully decrypt tickets we have issued.*/
if (kerror)
goto error;
if (kerror)
goto error;
if (enctype > 0) {
if (kerror)
goto error;
if (!similar) {
goto error;
}
}
/*
* Coerce the enctype of the output keyblock in case we got an
* inexact match on the enctype.
*/
if (kerror)
goto error;
/* Close database */
/* krb5_db_close_database(context); */
return(kerror);
}
/*
* is_xrealm_tgt: Returns true if the principal is a cross-realm TGT
* principal-- a principal with first component krbtgt and second
* component not equal to realm.
*/
static int
{
return 0;
return 0;
return 1;
return 0;
return 1;
}