1 /* 2 * lib/krb5/keytab/read_servi.c 3 * 4 * Copyright 1990 by the Massachusetts Institute of Technology. 5 * All Rights Reserved. 6 * 7 * Export of this software from the United States of America may 8 * require a specific license from the United States Government. 9 * It is the responsibility of any person or organization contemplating 10 * export to obtain such a license before exporting. 11 * 12 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and 13 * distribute this software and its documentation for any purpose and 14 * without fee is hereby granted, provided that the above copyright 15 * notice appear in all copies and that both that copyright notice and 16 * this permission notice appear in supporting documentation, and that 17 * the name of M.I.T. not be used in advertising or publicity pertaining 18 * to distribution of the software without specific, written prior 19 * permission. Furthermore if you modify this software you must label 20 * your software as modified software and not distribute it in such a 21 * fashion that it might be confused with the original M.I.T. software. 22 * M.I.T. makes no representations about the suitability of 23 * this software for any purpose. It is provided "as is" without express 24 * or implied warranty. 25 * 26 * 27 * This routine is designed to be passed to krb5_rd_req. 28 * It is a convenience function that reads a key out of a keytab. 29 * It handles all of the opening and closing of the keytab 30 * internally. 31 */ 32 33 #include "k5-int.h" 34 35 #define KSUCCESS 0 36 37 /* 38 * effects: If keyprocarg is not NULL, it is taken to be the name of a 39 * keytab. Otherwise, the default keytab will be used. This 40 * routine opens the keytab and finds the principal associated with 41 * principal, vno, and enctype and returns the resulting key in *key 42 * or returning an error code if it is not found. 43 * returns: Either KSUCCESS or error code. 44 * errors: error code if not found or keyprocarg is invalid. 45 */ 46 krb5_error_code KRB5_CALLCONV 47 krb5_kt_read_service_key(krb5_context context, krb5_pointer keyprocarg, krb5_principal principal, krb5_kvno vno, krb5_enctype enctype, krb5_keyblock **key) 48 { 49 krb5_error_code kerror = KSUCCESS; 50 char keytabname[MAX_KEYTAB_NAME_LEN + 1]; /* + 1 for NULL termination */ 51 krb5_keytab id; 52 krb5_keytab_entry entry; 53 54 /* 55 * Get the name of the file that we should use. 56 */ 57 if (!keyprocarg) { 58 if ((kerror = krb5_kt_default_name(context, (char *)keytabname, 59 sizeof(keytabname) - 1))!= KSUCCESS) 60 return (kerror); 61 } else { 62 memset(keytabname, 0, sizeof(keytabname)); 63 (void) strncpy(keytabname, (char *)keyprocarg, 64 sizeof(keytabname) - 1); 65 } 66 67 if ((kerror = krb5_kt_resolve(context, (char *)keytabname, &id))) 68 return (kerror); 69 70 kerror = krb5_kt_get_entry(context, id, principal, vno, enctype, &entry); 71 /* Solaris Kerberos */ 72 (void) krb5_kt_close(context, id); 73 74 if (kerror) 75 return(kerror); 76 77 krb5_copy_keyblock(context, &entry.key, key); 78 79 krb5_kt_free_entry(context, &entry); 80 81 return (KSUCCESS); 82 } 83