1*db02be57S /*
2*db02be57S  * CDDL HEADER START
3*db02be57S  *
4*db02be57S  * The contents of this file are subject to the terms of the
5*db02be57S  * Common Development and Distribution License (the "License").
6*db02be57S  * You may not use this file except in compliance with the License.
7*db02be57S  *
8*db02be57S  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9*db02be57S  * or http://www.opensolaris.org/os/licensing.
10*db02be57S  * See the License for the specific language governing permissions
11*db02be57S  * and limitations under the License.
12*db02be57S  *
13*db02be57S  * When distributing Covered Code, include this CDDL HEADER in each
14*db02be57S  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15*db02be57S  * If applicable, add the following below this CDDL HEADER, with the
16*db02be57S  * fields enclosed by brackets "[]" replaced with your own identifying
17*db02be57S  * information: Portions Copyright [yyyy] [name of copyright owner]
18*db02be57S  *
19*db02be57S  * CDDL HEADER END
20*db02be57S  */
21*db02be57S /*
22*db02be57S  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
23*db02be57S  * Use is subject to license terms.
24*db02be57S  */
25*db02be57S 
26*db02be57S /*
27*db02be57S  * Solaris Kerberos:
28*db02be57S  * Iterate through a keytab (keytab) looking for an entry which matches
29*db02be57S  * the components of a principal (princ) but match on any realm. When a
30*db02be57S  * suitable entry is found return the entry's realm.
31*db02be57S  */
32*db02be57S 
33*db02be57S #include "k5-int.h"
34*db02be57S 
krb5_kt_find_realm(krb5_context context,krb5_keytab keytab,krb5_principal princ,krb5_data * realm)35*db02be57S krb5_error_code krb5_kt_find_realm(krb5_context context, krb5_keytab keytab,
36*db02be57S     krb5_principal princ, krb5_data *realm) {
37*db02be57S 
38*db02be57S 	krb5_kt_cursor cur;
39*db02be57S 	krb5_keytab_entry ent;
40*db02be57S 	krb5_boolean match;
41*db02be57S 	krb5_data tmp_realm;
42*db02be57S 	krb5_error_code ret, ret2;
43*db02be57S 
44*db02be57S 	ret = krb5_kt_start_seq_get(context, keytab, &cur);
45*db02be57S 	if (ret != 0) {
46*db02be57S 		return (ret);
47*db02be57S 	}
48*db02be57S 
49*db02be57S 	while ((ret = krb5_kt_next_entry(context, keytab, &ent, &cur)) == 0) {
50*db02be57S 		/* For the comparison the realms should be the same. */
51*db02be57S 		memcpy(&tmp_realm, &ent.principal->realm, sizeof (krb5_data));
52*db02be57S 		memcpy(&ent.principal->realm, &princ->realm,
53*db02be57S 		    sizeof (krb5_data));
54*db02be57S 
55*db02be57S 		match = krb5_principal_compare(context, ent.principal, princ);
56*db02be57S 
57*db02be57S 		/* Copy the realm back */
58*db02be57S 		memcpy(&ent.principal->realm, &tmp_realm, sizeof (krb5_data));
59*db02be57S 
60*db02be57S 		if (match) {
61*db02be57S 			/*
62*db02be57S 			 * A suitable entry was found in the keytab.
63*db02be57S 			 * Copy its realm
64*db02be57S 			 */
65*db02be57S 			ret = krb5int_copy_data_contents(context,
66*db02be57S 			    &ent.principal->realm, realm);
67*db02be57S 			if (ret) {
68*db02be57S 				krb5_kt_free_entry(context, &ent);
69*db02be57S 				krb5_kt_end_seq_get(context, keytab, &cur);
70*db02be57S 				return (ret);
71*db02be57S 			}
72*db02be57S 
73*db02be57S 			krb5_kt_free_entry(context, &ent);
74*db02be57S 			break;
75*db02be57S 		}
76*db02be57S 
77*db02be57S 		krb5_kt_free_entry(context, &ent);
78*db02be57S 	}
79*db02be57S 
80*db02be57S 	ret2 = krb5_kt_end_seq_get(context, keytab, &cur);
81*db02be57S 
82*db02be57S 	if (ret == KRB5_KT_END) {
83*db02be57S 		return (KRB5_KT_NOTFOUND);
84*db02be57S 	}
85*db02be57S 
86*db02be57S 	return (ret ? ret : ret2);
87*db02be57S }
88