diff options
| author | Russ Allbery <rra@stanford.edu> | 2010-07-29 19:20:46 -0700 |
|---|---|---|
| committer | Russ Allbery <rra@stanford.edu> | 2010-07-29 19:20:46 -0700 |
| commit | 81b7ba2a6503b4bc7199d78adf97d956b1e932a5 (patch) | |
| tree | 305d6f6e8c0e8089264469ad9226d1975a7ef9a6 | |
| parent | ec13d7d7530d1229a83204293f28684b7d2eac7b (diff) | |
Fix wallet-rekey with foreign realm keytab entries
The loop handling finding principals to rekey was not correctly
coping with principals from foreign realms.
| -rw-r--r-- | client/keytab.c | 4 | ||||
| -rw-r--r-- | tests/data/fake-keytab-old | bin | 334 -> 785 bytes | |||
| -rw-r--r-- | tests/data/fake-keytab-rekey | bin | 698 -> 1149 bytes |
3 files changed, 2 insertions, 2 deletions
diff --git a/client/keytab.c b/client/keytab.c index 41baa73..e00c2dd 100644 --- a/client/keytab.c +++ b/client/keytab.c @@ -51,7 +51,7 @@ keytab_principals(krb5_context ctx, const char *file, char *realm) while ((status = krb5_kt_next_entry(ctx, keytab, &entry, &cursor)) == 0) { status = krb5_unparse_name(ctx, entry.principal, &princname); if (status != 0) - sysdie("error, cannot unparse name for a principal"); + die_krb5(ctx, status, "cannot unparse name for a principal"); /* Separate into principal and realm. */ princrealm = strchr(princname, '@'); @@ -60,7 +60,7 @@ keytab_principals(krb5_context ctx, const char *file, char *realm) princrealm++; } if (princrealm == NULL || strcmp(princrealm, realm) != 0) - break; + continue; /* Check to see if the principal has already been listed. */ found = false; diff --git a/tests/data/fake-keytab-old b/tests/data/fake-keytab-old Binary files differindex 714d9b6..f7ee9c0 100644 --- a/tests/data/fake-keytab-old +++ b/tests/data/fake-keytab-old diff --git a/tests/data/fake-keytab-rekey b/tests/data/fake-keytab-rekey Binary files differindex 6c9c7f2..4e7a507 100644 --- a/tests/data/fake-keytab-rekey +++ b/tests/data/fake-keytab-rekey |