diff options
| author | Jon Robertson <jonrober@stanford.edu> | 2009-12-16 20:32:37 -0800 |
|---|---|---|
| committer | Jon Robertson <jonrober@stanford.edu> | 2009-12-16 20:32:37 -0800 |
| commit | 236e209c3fefa0a56784ec3cd810a0bb5383b86d (patch) | |
| tree | 8d86b8c5d6acd4c0451cf4f40fd04cc46c7ad9e3 /perl/Wallet | |
| parent | 362ee72bcf4a1aea83c17c24ab7bd4f4936b479d (diff) | |
Provided path to call valid_principal directly
valid_principal used to reside in Wallet::Object::Keytab, but was moved to
the individual Wallet::Kadmin::* modules. This isn't necessary currently
and may not ever be, but it's there just in case we do ever need to
differentiate. To simplify testing, a way to still call it directly from
Wallet::Object::Keytab has been added.
Diffstat (limited to 'perl/Wallet')
| -rw-r--r-- | perl/Wallet/Kadmin.pm | 28 | ||||
| -rw-r--r-- | perl/Wallet/Object/Keytab.pm | 14 |
2 files changed, 39 insertions, 3 deletions
diff --git a/perl/Wallet/Kadmin.pm b/perl/Wallet/Kadmin.pm index b804861..33c84a1 100644 --- a/perl/Wallet/Kadmin.pm +++ b/perl/Wallet/Kadmin.pm @@ -20,12 +20,27 @@ use Wallet::Config (); # This version should be increased on any code change to this module. Always # use two digits for the minor version with a leading zero if necessary so # that it will sort properly. -$VERSION = '0.01'; +$VERSION = '0.02'; ############################################################################## -# Constructor +# Public methods ############################################################################## +# Validate a principal with a submodule's validator. We can also do this via +# creating an object with new and then running valid_principal from that, +# but there are times we might wish to run it without going through the +# object creation. +sub valid_principal { + my ($class, $principal) = @_; + if ($Wallet::Config::KEYTAB_KRBTYPE eq 'MIT') { + require Wallet::Kadmin::MIT; + return Wallet::Kadmin::MIT->valid_principal ($principal); + } elsif ($Wallet::Config::KEYTAB_KRBTYPE eq 'Heimdal') { + require Wallet::Kadmin::Heimdal; + return Wallet::Kadmin::Heimdal->valid_principal ($principal); + } +} + # Create a new kadmin object, by finding the type requested in the wallet # config and passing off to the proper module. Returns the object directly # from the specific Wallet::Kadmin::* module. @@ -96,6 +111,15 @@ Finds the proper Kerberos implementation and calls the new() constructor for that implementation's module, returning the result. If the implementation is not recognized or set, die with an error message. +=item valid_principal(PRINCIPAL) + +Finds the proper Kerberos implementation and calls its own valid_principal +method, returning the result. This tells whether a principal is valid for +that implementation. This can be achieved by using new() and then directly +calling valid_principal on the returned object -- this method is a shortcut +in case we want to check validity without creating the object and worrying +about proper setup. + =head1 SEE ALSO kadmin(8), Wallet::Config(3), Wallet::Object::Keytab(3), wallet-backend(8) diff --git a/perl/Wallet/Object/Keytab.pm b/perl/Wallet/Object/Keytab.pm index 1732070..b1c9d6d 100644 --- a/perl/Wallet/Object/Keytab.pm +++ b/perl/Wallet/Object/Keytab.pm @@ -491,6 +491,13 @@ sub create { return $self; } +# Provides wrapper to individual Kadmin class's valid_principal. Here only +# to help expose for testing. +sub valid_principal { + my ($self, $principal) = @_; + return Wallet::Kadmin->valid_principal ($principal); +} + # Override destroy to delete the principal out of Kerberos as well. sub destroy { my ($self, $user, $host, $time) = @_; @@ -547,7 +554,12 @@ sub get { unlink $file; my @enctypes = $self->attr ('enctypes'); my $kadmin = $self->{kadmin}; - return if not $kadmin->ktadd ($self->{name}, $file, @enctypes); + my $retval = eval { $kadmin->ktadd ($self->{name}, $file, @enctypes) }; + if ($@) { + $self->error ($@); + return; + } + return unless $retval; local *KEYTAB; unless (open (KEYTAB, '<', $file)) { my $princ = $self->{name}; |