We have to check the validity of enctypes ourselves since SQLite doesn't

enforce referential integrity.
author: Russ Allbery <rra@stanford.edu> 2007-10-09 19:00:44 +0000
committer: Russ Allbery <rra@stanford.edu> 2007-10-09 19:00:44 +0000
commit: a292fd7f8ef6f5322bd1cabfbbd9955da0dbd1c8 (patch)
tree: 3dcc690131cbddd2f5d6fbae2962eaf059d62cca /perl/Wallet/Object/Keytab.pm
parent: 009de8debb0cbda0b74903d07b935e830fe2b0a1 (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/perl/Wallet/Object/Keytab.pm b/perl/Wallet/Object/Keytab.pm
index 4727590..34eb171 100644
--- a/perl/Wallet/Object/Keytab.pm
+++ b/perl/Wallet/Object/Keytab.pm
@@ -425,7 +425,16 @@ sub enctypes_set {
                 $self->log_set ('type_data enctypes', $enctype, undef, @trace);
             }
         }
+
+        # When inserting new enctypes, we unfortunately have to do the
+        # consistency check against the enctypes table ourselves, since SQLite
+        # doesn't enforce integrity constraints.
         for my $enctype (keys %enctypes) {
+            $sql = 'select en_name from enctypes where en_name = ?';
+            my $status = $self->{dbh}->selectrow_array ($sql, undef, $enctype);
+            unless ($status) {
+                die "unknown encryption type $enctype\n";
+            }
             $sql = 'insert into keytab_enctypes (ke_name, ke_enctype) values
                 (?, ?)';
             $self->{dbh}->do ($sql, undef, $name, $enctype);
author	Russ Allbery <rra@stanford.edu>	2007-10-09 19:00:44 +0000
committer	Russ Allbery <rra@stanford.edu>	2007-10-09 19:00:44 +0000
commit	a292fd7f8ef6f5322bd1cabfbbd9955da0dbd1c8 (patch)
tree	3dcc690131cbddd2f5d6fbae2962eaf059d62cca /perl/Wallet/Object/Keytab.pm
parent	009de8debb0cbda0b74903d07b935e830fe2b0a1 (diff)