17c478bd9Sstevel@tonic-gate /*
27c478bd9Sstevel@tonic-gate * lib/krb5/keytab/read_servi.c
37c478bd9Sstevel@tonic-gate *
47c478bd9Sstevel@tonic-gate * Copyright 1990 by the Massachusetts Institute of Technology.
57c478bd9Sstevel@tonic-gate * All Rights Reserved.
67c478bd9Sstevel@tonic-gate *
77c478bd9Sstevel@tonic-gate * Export of this software from the United States of America may
87c478bd9Sstevel@tonic-gate * require a specific license from the United States Government.
97c478bd9Sstevel@tonic-gate * It is the responsibility of any person or organization contemplating
107c478bd9Sstevel@tonic-gate * export to obtain such a license before exporting.
11*55fea89dSDan Cross *
127c478bd9Sstevel@tonic-gate * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
137c478bd9Sstevel@tonic-gate * distribute this software and its documentation for any purpose and
147c478bd9Sstevel@tonic-gate * without fee is hereby granted, provided that the above copyright
157c478bd9Sstevel@tonic-gate * notice appear in all copies and that both that copyright notice and
167c478bd9Sstevel@tonic-gate * this permission notice appear in supporting documentation, and that
177c478bd9Sstevel@tonic-gate * the name of M.I.T. not be used in advertising or publicity pertaining
187c478bd9Sstevel@tonic-gate * to distribution of the software without specific, written prior
197c478bd9Sstevel@tonic-gate * permission. Furthermore if you modify this software you must label
207c478bd9Sstevel@tonic-gate * your software as modified software and not distribute it in such a
217c478bd9Sstevel@tonic-gate * fashion that it might be confused with the original M.I.T. software.
227c478bd9Sstevel@tonic-gate * M.I.T. makes no representations about the suitability of
237c478bd9Sstevel@tonic-gate * this software for any purpose. It is provided "as is" without express
247c478bd9Sstevel@tonic-gate * or implied warranty.
257c478bd9Sstevel@tonic-gate *
26*55fea89dSDan Cross *
27*55fea89dSDan Cross * This routine is designed to be passed to krb5_rd_req.
287c478bd9Sstevel@tonic-gate * It is a convenience function that reads a key out of a keytab.
29*55fea89dSDan Cross * It handles all of the opening and closing of the keytab
30*55fea89dSDan Cross * internally.
317c478bd9Sstevel@tonic-gate */
327c478bd9Sstevel@tonic-gate
33159d09a2SMark Phalan #include "k5-int.h"
347c478bd9Sstevel@tonic-gate
357c478bd9Sstevel@tonic-gate #define KSUCCESS 0
367c478bd9Sstevel@tonic-gate
377c478bd9Sstevel@tonic-gate /*
38*55fea89dSDan Cross * effects: If keyprocarg is not NULL, it is taken to be the name of a
39*55fea89dSDan Cross * keytab. Otherwise, the default keytab will be used. This
407c478bd9Sstevel@tonic-gate * routine opens the keytab and finds the principal associated with
41*55fea89dSDan Cross * principal, vno, and enctype and returns the resulting key in *key
42*55fea89dSDan Cross * or returning an error code if it is not found.
437c478bd9Sstevel@tonic-gate * returns: Either KSUCCESS or error code.
447c478bd9Sstevel@tonic-gate * errors: error code if not found or keyprocarg is invalid.
457c478bd9Sstevel@tonic-gate */
46505d05c7Sgtb krb5_error_code KRB5_CALLCONV
krb5_kt_read_service_key(krb5_context context,krb5_pointer keyprocarg,krb5_principal principal,krb5_kvno vno,krb5_enctype enctype,krb5_keyblock ** key)47505d05c7Sgtb krb5_kt_read_service_key(krb5_context context, krb5_pointer keyprocarg, krb5_principal principal, krb5_kvno vno, krb5_enctype enctype, krb5_keyblock **key)
487c478bd9Sstevel@tonic-gate {
497c478bd9Sstevel@tonic-gate krb5_error_code kerror = KSUCCESS;
507c478bd9Sstevel@tonic-gate char keytabname[MAX_KEYTAB_NAME_LEN + 1]; /* + 1 for NULL termination */
517c478bd9Sstevel@tonic-gate krb5_keytab id;
527c478bd9Sstevel@tonic-gate krb5_keytab_entry entry;
53*55fea89dSDan Cross
547c478bd9Sstevel@tonic-gate /*
55*55fea89dSDan Cross * Get the name of the file that we should use.
567c478bd9Sstevel@tonic-gate */
577c478bd9Sstevel@tonic-gate if (!keyprocarg) {
58*55fea89dSDan Cross if ((kerror = krb5_kt_default_name(context, (char *)keytabname,
597c478bd9Sstevel@tonic-gate sizeof(keytabname) - 1))!= KSUCCESS)
607c478bd9Sstevel@tonic-gate return (kerror);
617c478bd9Sstevel@tonic-gate } else {
627c478bd9Sstevel@tonic-gate memset(keytabname, 0, sizeof(keytabname));
63*55fea89dSDan Cross (void) strncpy(keytabname, (char *)keyprocarg,
647c478bd9Sstevel@tonic-gate sizeof(keytabname) - 1);
657c478bd9Sstevel@tonic-gate }
667c478bd9Sstevel@tonic-gate
677c478bd9Sstevel@tonic-gate if ((kerror = krb5_kt_resolve(context, (char *)keytabname, &id)))
687c478bd9Sstevel@tonic-gate return (kerror);
697c478bd9Sstevel@tonic-gate
707c478bd9Sstevel@tonic-gate kerror = krb5_kt_get_entry(context, id, principal, vno, enctype, &entry);
71159d09a2SMark Phalan /* Solaris Kerberos */
727c478bd9Sstevel@tonic-gate (void) krb5_kt_close(context, id);
737c478bd9Sstevel@tonic-gate
747c478bd9Sstevel@tonic-gate if (kerror)
757c478bd9Sstevel@tonic-gate return(kerror);
767c478bd9Sstevel@tonic-gate
777c478bd9Sstevel@tonic-gate krb5_copy_keyblock(context, &entry.key, key);
787c478bd9Sstevel@tonic-gate
797c478bd9Sstevel@tonic-gate krb5_kt_free_entry(context, &entry);
807c478bd9Sstevel@tonic-gate
817c478bd9Sstevel@tonic-gate return (KSUCCESS);
827c478bd9Sstevel@tonic-gate }
83