1 files changed, 48 insertions, 7 deletions

diff --git a/client/keytab.c b/client/keytab.c
index b815e4a..51b3889 100644
--- a/client/keytab.c
+++ b/client/keytab.c
@@ -16,20 +16,56 @@
 #include <client/internal.h>
 #include <util/util.h>
 
+
+/*
+**  Configure a given keytab to be synchronized with an AFS kaserver if it
+**  isn't already.  Returns true on success, false on failure.
+*/
+static int
+set_sync(struct remctl *r, const char *type, const char *name)
+{
+    const char *command[7];
+    char *data = NULL;
+    size_t length = 0;
+    int status;
+
+    command[0] = type;
+    command[1] = "attr";
+    command[2] = "keytab";
+    command[3] = name;
+    command[4] = "sync";
+    command[5] = NULL;
+    status = run_command(r, command, &data, &length);
+    if (status != 0)
+        return 0;
+    if (data == NULL || strstr(data, "kaserver\n") == NULL) {
+        command[5] = "kaserver";
+        command[6] = NULL;
+        status = run_command(r, command, NULL, NULL);
+        if (status != 0)
+            return 0;
+    }
+    return 1;
+}
+
+
 /*
 **  Given a remctl object, the name of a keytab object, and a file name, call
 **  the correct wallet commands to download a keytab and write it to that
-**  file.
+**  file.  Returns the setatus or 255 on an internal error.
 */
-void
+int
 get_keytab(struct remctl *r, const char *type, const char *name,
-           const char *file)
+           const char *file, const char *srvtab)
 {
     const char *command[5];
     char *data = NULL;
     size_t length = 0;
-    int status = 255;
+    int status;
 
+    if (srvtab != NULL)
+        if (!set_sync(r, type, name))
+            return 255;
     command[0] = type;
     command[1] = "get";
     command[2] = "keytab";
@@ -37,8 +73,13 @@ get_keytab(struct remctl *r, const char *type, const char *name,
     command[4] = NULL;
     status = run_command(r, command, &data, &length);
     if (status != 0)
-        exit(status);
-    if (data == NULL)
-        die("no data returned by wallet server");
+        return status;
+    if (data == NULL) {
+        warn("no data returned by wallet server");
+        return 255;
+    }
     write_file(file, data, length);
+    if (srvtab != NULL)
+        write_srvtab(srvtab, name, file);
+    return 0;
 }