xref: /illumos-gate/usr/src/lib/gss_mechs/mech_krb5/krb5/keytab/kt_findrealm.c (revision 87884d7fa2dc61e663d503661bd6383cdcc1e2a8) 
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  *
25  * Copyright 2024 RackTop Systems, Inc.
26  */
27 
28 /*
29  * Solaris Kerberos:
30  * Iterate through a keytab (keytab) looking for an entry which matches
31  * the components of a principal (princ) but match on any realm. When a
32  * suitable entry is found return the entry's realm.
33  */
34 
35 #include "k5-int.h"
36 
krb5_kt_find_realm(krb5_context context,krb5_keytab keytab,krb5_principal princ,krb5_data * realm)37 krb5_error_code krb5_kt_find_realm(krb5_context context, krb5_keytab keytab,
38     krb5_principal princ, krb5_data *realm) {
39 
40 	krb5_kt_cursor cur;
41 	krb5_keytab_entry ent;
42 	krb5_boolean match;
43 	krb5_data tmp_realm;
44 	krb5_error_code ret, ret2;
45 
46 	ret = krb5_kt_start_seq_get(context, keytab, &cur);
47 	if (ret != 0) {
48 		return (ret);
49 	}
50 
51 	while ((ret = krb5_kt_next_entry(context, keytab, &ent, &cur)) == 0) {
52 		/* For the comparison the realms should be the same. */
53 		memcpy(&tmp_realm, &ent.principal->realm, sizeof (krb5_data));
54 		memcpy(&ent.principal->realm, &princ->realm,
55 		    sizeof (krb5_data));
56 
57 		match = krb5_principal_compare(context, ent.principal, princ);
58 
59 		/* Copy the realm back */
60 		memcpy(&ent.principal->realm, &tmp_realm, sizeof (krb5_data));
61 
62 		if (match) {
63 			/*
64 			 * A suitable entry was found in the keytab.
65 			 * Copy its realm
66 			 */
67 			ret = krb5int_copy_data_contents_add0(context,
68 			    &ent.principal->realm, realm);
69 			if (ret) {
70 				krb5_kt_free_entry(context, &ent);
71 				krb5_kt_end_seq_get(context, keytab, &cur);
72 				return (ret);
73 			}
74 
75 			krb5_kt_free_entry(context, &ent);
76 			break;
77 		}
78 
79 		krb5_kt_free_entry(context, &ent);
80 	}
81 
82 	ret2 = krb5_kt_end_seq_get(context, keytab, &cur);
83 
84 	if (ret == KRB5_KT_END) {
85 		return (KRB5_KT_NOTFOUND);
86 	}
87 
88 	return (ret ? ret : ret2);
89 }
90