Refactor Wallet::Kadmin keytab_rekey to return keytab

Change the API for keytab_rekey to match keytab, returning the keytab
as data instead of writing it to a file.  This simplifies the wallet
object implementation and moves the logic for reading the temporary
file into Wallet::Kadmin and its child classes.  (Eventually, there may
be a kadmin backend that doesn't require using a temporary file.)

Setting KEYTAB_TMP is now required to instantiate either the ::MIT or
::Heimdal Wallet::Kadmin classes.

1 files changed, 9 insertions, 33 deletions

diff --git a/perl/Wallet/Object/Keytab.pm b/perl/Wallet/Object/Keytab.pm
index 5c66967..edb26b3 100644
--- a/perl/Wallet/Object/Keytab.pm
+++ b/perl/Wallet/Object/Keytab.pm
@@ -323,43 +323,19 @@ sub get {
         return;
     }
     my $kadmin = $self->{kadmin};
+    my $result;
     if ($self->flag_check ('unchanging')) {
-        my $result = $kadmin->keytab ($self->{name});
-        if (defined $result) {
-            $self->log_action ('get', $user, $host, $time);
-        }
-        return $result;
-    }
-    unless (defined ($Wallet::Config::KEYTAB_TMP)) {
-        $self->error ('KEYTAB_TMP configuration variable not set');
-        return;
+        $result = $kadmin->keytab ($self->{name});
+    } else {
+        my @enctypes = $self->attr ('enctypes');
+        $result = $kadmin->keytab_rekey ($self->{name}, @enctypes);
     }
-    my $file = $Wallet::Config::KEYTAB_TMP . "/keytab.$$";
-    unlink $file;
-    my @enctypes = $self->attr ('enctypes');
-    if (not $kadmin->keytab_rekey ($self->{name}, $file, @enctypes)) {
+    if (defined $result) {
+        $self->log_action ('get', $user, $host, $time);
+    } else {
         $self->error ($kadmin->error);
-        return;
-    }
-    local *KEYTAB;
-    unless (open (KEYTAB, '<', $file)) {
-        my $princ = $self->{name};
-        $self->error ("error opening keytab for principal $princ: $!");
-        return;
-    }
-    local $/;
-    undef $!;
-    my $data = <KEYTAB>;
-    if ($!) {
-        my $princ = $self->{name};
-        $self->error ("error reading keytab for principal $princ: $!");
-        unlink $file;
-        return;
     }
-    close KEYTAB;
-    unlink $file;
-    $self->log_action ('get', $user, $host, $time);
-    return $data;
+    return $result;
 }
 
 1;