The wallet client can now get the server, port, principal, and remctl

type from krb5.conf as well as from compile-time defaults and
command-line options.

1 files changed, 14 insertions, 73 deletions

diff --git a/client/srvtab.c b/client/srvtab.c
index dd1cd58..b454720 100644
--- a/client/srvtab.c
+++ b/client/srvtab.c
@@ -3,7 +3,7 @@
 **  Implementation of srvtab handling for the wallet client.
 **
 **  Written by Russ Allbery <rra@stanford.edu>
-**  Copyright 2007 Board of Trustees, Leland Stanford Jr. University
+**  Copyright 2007, 2008 Board of Trustees, Leland Stanford Jr. University
 **
 **  See LICENSE for licensing terms.
 */
@@ -22,67 +22,12 @@
 # define REALM_SZ 40
 #endif
 
-#ifdef HAVE_KRB5_GET_ERROR_MESSAGE
-static const char *
-strerror_krb5(krb5_context ctx, krb5_error_code code)
-{
-    const char *msg;
-
-    msg = krb5_get_error_message(ctx, code);
-    if (msg == NULL)
-        return "unknown error";
-    else
-        return msg;
-}
-#elif HAVE_KRB5_GET_ERR_TEXT
-static const char *
-strerror_krb5(krb5_context ctx, krb5_error_code code)
-{
-    return krb5_get_err_text(ctx, code);
-}
-#else /* !HAVE_KRB5_GET_ERROR_MESSAGE */
-static const char *
-strerror_krb5(krb5_context ctx UNUSED, krb5_error_code code)
-{
-    return error_message(code);
-}
-#endif
-
-#ifdef HAVE_KRB5_FREE_ERROR_MESSAGE
-static void
-strerror_krb5_free(krb5_context ctx, const char *msg)
-{
-    krb5_free_error_message(ctx, msg);
-}
-#else /* !HAVE_KRB5_FREE_ERROR_MESSAGE */
-static void
-strerror_krb5_free(krb5_context ctx UNUSED, const char *msg UNUSED)
-{
-    return;
-}
-#endif /* !HAVE_KRB5_FREE_ERROR_MESSAGE */
-
 
 /*
-**  Report a Kerberos error and exit.
-*/
-static void
-die_krb5(krb5_context ctx, const char *message, krb5_error_code code)
-{
-    const char *k5_msg = NULL;
-
-    k5_msg = strerror_krb5(ctx, code);
-    warn("%s: %s\n", message, k5_msg);
-    strerror_krb5_free(ctx, k5_msg);
-    exit(1);
-}
-
-
-/*
-**  Given the srvtab file name, a Kerberos principal (as a string), and a
-**  keytab file name, extract the des-cbc-crc key from that keytab and write
-**  it to the newly created srvtab file as a srvtab.  Convert the principal
-**  from Kerberos v5 form to Kerberos v4 form.
+**  Given the Kerberos context, srvtab file name, a Kerberos principal (as a
+**  string), and a keytab file name, extract the des-cbc-crc key from that
+**  keytab and write it to the newly created srvtab file as a srvtab.  Convert
+**  the principal from Kerberos v5 form to Kerberos v4 form.
 **
 **  We always force the kvno to 0 for the srvtab.  This works with how the
 **  wallet synchronizes keys, even though it's not particularly correct.
@@ -90,9 +35,9 @@ die_krb5(krb5_context ctx, const char *message, krb5_error_code code)
 **  On any failure, print an error message to standard error and then exit.
 */
 void
-write_srvtab(const char *srvtab, const char *principal, const char *keytab)
+write_srvtab(krb5_context ctx, const char *srvtab, const char *principal,
+             const char *keytab)
 {
-    krb5_context ctx = NULL;
     krb5_keytab kt;
     krb5_principal princ;
     krb5_keytab_entry entry;
@@ -104,28 +49,24 @@ write_srvtab(const char *srvtab, const char *principal, const char *keytab)
     char data[ANAME_SZ + 1 + INST_SZ + 1 + REALM_SZ + 1 + 1 + 8];
 
     /* Open the keytab and get the DES key. */
-    ret = krb5_init_context(&ctx);
-    if (ret != 0)
-        die_krb5(ctx, "error creating Kerberos context", ret);
     ret = krb5_parse_name(ctx, principal, &princ);
     if (ret != 0)
-        die_krb5(ctx, "error parsing Kerberos principal", ret);
+        die_krb5(ctx, ret, "error parsing Kerberos principal %s", principal);
     ret = krb5_kt_resolve(ctx, keytab, &kt);
     if (ret != 0)
-        die_krb5(ctx, "error opening keytab", ret);
+        die_krb5(ctx, ret, "error opening keytab %s", keytab);
     ret = krb5_kt_get_entry(ctx, kt, princ, 0, ENCTYPE_DES_CBC_CRC, &entry);
     if (ret != 0)
-        die_krb5(ctx, "error reading DES key from keytab", ret);
-    if (entry.key.length != 8) {
-        fprintf(stderr, "invalid DES key length in keytab\n");
-        exit(1);
-    }
+        die_krb5(ctx, ret, "error reading DES key from keytab %s", keytab);
+    if (entry.key.length != 8)
+        die("invalid DES key length in keytab");
     krb5_kt_close(ctx, kt);
 
     /* Convert the principal to a Kerberos v4 principal. */
     ret = krb5_524_conv_principal(ctx, princ, aname, inst, realm);
     if (ret != 0)
-        die_krb5(ctx, "error converting principal to Kerberos v4", ret);
+        die_krb5(ctx, ret, "error converting principal %s to Kerberos v4",
+                 principal);
 
     /* Assemble the srvtab data. */
     length = 0;