diff options
| author | Russ Allbery <rra@stanford.edu> | 2010-02-18 22:06:17 -0800 |
|---|---|---|
| committer | Russ Allbery <rra@stanford.edu> | 2010-02-18 22:06:17 -0800 |
| commit | 93eb5f8fe8d05398dd6fb364680e40eb8dae23e4 (patch) | |
| tree | ba6d9ee411933c04e9f78a7ae8792303ae80f4be /perl/Wallet/Object/Keytab.pm | |
| parent | a24d3ac3c7e8cb68fe2268f337a4edb599d5f881 (diff) | |
Refactor Wallet::Kadmin keytab_rekey to return keytab
Change the API for keytab_rekey to match keytab, returning the keytab
as data instead of writing it to a file. This simplifies the wallet
object implementation and moves the logic for reading the temporary
file into Wallet::Kadmin and its child classes. (Eventually, there may
be a kadmin backend that doesn't require using a temporary file.)
Setting KEYTAB_TMP is now required to instantiate either the ::MIT or
::Heimdal Wallet::Kadmin classes.
Diffstat (limited to 'perl/Wallet/Object/Keytab.pm')
| -rw-r--r-- | perl/Wallet/Object/Keytab.pm | 42 |
1 files changed, 9 insertions, 33 deletions
diff --git a/perl/Wallet/Object/Keytab.pm b/perl/Wallet/Object/Keytab.pm index 5c66967..edb26b3 100644 --- a/perl/Wallet/Object/Keytab.pm +++ b/perl/Wallet/Object/Keytab.pm @@ -323,43 +323,19 @@ sub get { return; } my $kadmin = $self->{kadmin}; + my $result; if ($self->flag_check ('unchanging')) { - my $result = $kadmin->keytab ($self->{name}); - if (defined $result) { - $self->log_action ('get', $user, $host, $time); - } - return $result; - } - unless (defined ($Wallet::Config::KEYTAB_TMP)) { - $self->error ('KEYTAB_TMP configuration variable not set'); - return; + $result = $kadmin->keytab ($self->{name}); + } else { + my @enctypes = $self->attr ('enctypes'); + $result = $kadmin->keytab_rekey ($self->{name}, @enctypes); } - my $file = $Wallet::Config::KEYTAB_TMP . "/keytab.$$"; - unlink $file; - my @enctypes = $self->attr ('enctypes'); - if (not $kadmin->keytab_rekey ($self->{name}, $file, @enctypes)) { + if (defined $result) { + $self->log_action ('get', $user, $host, $time); + } else { $self->error ($kadmin->error); - return; - } - local *KEYTAB; - unless (open (KEYTAB, '<', $file)) { - my $princ = $self->{name}; - $self->error ("error opening keytab for principal $princ: $!"); - return; - } - local $/; - undef $!; - my $data = <KEYTAB>; - if ($!) { - my $princ = $self->{name}; - $self->error ("error reading keytab for principal $princ: $!"); - unlink $file; - return; } - close KEYTAB; - unlink $file; - $self->log_action ('get', $user, $host, $time); - return $data; + return $result; } 1; |