1*db02be57S /*
2*db02be57S * CDDL HEADER START
3*db02be57S *
4*db02be57S * The contents of this file are subject to the terms of the
5*db02be57S * Common Development and Distribution License (the "License").
6*db02be57S * You may not use this file except in compliance with the License.
7*db02be57S *
8*db02be57S * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9*db02be57S * or http://www.opensolaris.org/os/licensing.
10*db02be57S * See the License for the specific language governing permissions
11*db02be57S * and limitations under the License.
12*db02be57S *
13*db02be57S * When distributing Covered Code, include this CDDL HEADER in each
14*db02be57S * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15*db02be57S * If applicable, add the following below this CDDL HEADER, with the
16*db02be57S * fields enclosed by brackets "[]" replaced with your own identifying
17*db02be57S * information: Portions Copyright [yyyy] [name of copyright owner]
18*db02be57S *
19*db02be57S * CDDL HEADER END
20*db02be57S */
21*db02be57S /*
22*db02be57S * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
23*db02be57S * Use is subject to license terms.
24*db02be57S */
25*db02be57S
26*db02be57S /*
27*db02be57S * Solaris Kerberos:
28*db02be57S * Iterate through a keytab (keytab) looking for an entry which matches
29*db02be57S * the components of a principal (princ) but match on any realm. When a
30*db02be57S * suitable entry is found return the entry's realm.
31*db02be57S */
32*db02be57S
33*db02be57S #include "k5-int.h"
34*db02be57S
krb5_kt_find_realm(krb5_context context,krb5_keytab keytab,krb5_principal princ,krb5_data * realm)35*db02be57S krb5_error_code krb5_kt_find_realm(krb5_context context, krb5_keytab keytab,
36*db02be57S krb5_principal princ, krb5_data *realm) {
37*db02be57S
38*db02be57S krb5_kt_cursor cur;
39*db02be57S krb5_keytab_entry ent;
40*db02be57S krb5_boolean match;
41*db02be57S krb5_data tmp_realm;
42*db02be57S krb5_error_code ret, ret2;
43*db02be57S
44*db02be57S ret = krb5_kt_start_seq_get(context, keytab, &cur);
45*db02be57S if (ret != 0) {
46*db02be57S return (ret);
47*db02be57S }
48*db02be57S
49*db02be57S while ((ret = krb5_kt_next_entry(context, keytab, &ent, &cur)) == 0) {
50*db02be57S /* For the comparison the realms should be the same. */
51*db02be57S memcpy(&tmp_realm, &ent.principal->realm, sizeof (krb5_data));
52*db02be57S memcpy(&ent.principal->realm, &princ->realm,
53*db02be57S sizeof (krb5_data));
54*db02be57S
55*db02be57S match = krb5_principal_compare(context, ent.principal, princ);
56*db02be57S
57*db02be57S /* Copy the realm back */
58*db02be57S memcpy(&ent.principal->realm, &tmp_realm, sizeof (krb5_data));
59*db02be57S
60*db02be57S if (match) {
61*db02be57S /*
62*db02be57S * A suitable entry was found in the keytab.
63*db02be57S * Copy its realm
64*db02be57S */
65*db02be57S ret = krb5int_copy_data_contents(context,
66*db02be57S &ent.principal->realm, realm);
67*db02be57S if (ret) {
68*db02be57S krb5_kt_free_entry(context, &ent);
69*db02be57S krb5_kt_end_seq_get(context, keytab, &cur);
70*db02be57S return (ret);
71*db02be57S }
72*db02be57S
73*db02be57S krb5_kt_free_entry(context, &ent);
74*db02be57S break;
75*db02be57S }
76*db02be57S
77*db02be57S krb5_kt_free_entry(context, &ent);
78*db02be57S }
79*db02be57S
80*db02be57S ret2 = krb5_kt_end_seq_get(context, keytab, &cur);
81*db02be57S
82*db02be57S if (ret == KRB5_KT_END) {
83*db02be57S return (KRB5_KT_NOTFOUND);
84*db02be57S }
85*db02be57S
86*db02be57S return (ret ? ret : ret2);
87*db02be57S }
88