Return the most recent key (with the greatest kvno) instead of the

first key found in the keytab file. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@4375 dc483132-0cff-0310-8789-dd5450dbe970
aadamowski · Sep 29, 1994 · 912cb66 · 912cb66
1 parent 03de821
commit 912cb66
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 7 deletions.
diff --git a/src/lib/krb5/keytab/file/ChangeLog b/src/lib/krb5/keytab/file/ChangeLog
@@ -1,3 +1,9 @@
+Wed Sep 28 21:14:49 1994  Theodore Y. Ts'o  (tytso@dcl)
+
+	* ktf_get_en.c (krb5_ktfile_get_entry): Modified to return the
+		most recent key (with the greatest kvno), instead of the
+		first.
+
 Thu Sep 22 21:51:53 1994  Theodore Y. Ts'o  (tytso@dcl)
 
     	* ktf_get_en.c (krb5_ktfile_get_entry):

diff --git a/src/lib/krb5/keytab/file/ktf_get_en.c b/src/lib/krb5/keytab/file/ktf_get_en.c
@@ -42,7 +42,7 @@ OLDDECLARG(krb5_principal, principal)
 OLDDECLARG(krb5_kvno, kvno)
 OLDDECLARG(krb5_keytab_entry *, entry)
 {
-    krb5_keytab_entry cur_entry;
+    krb5_keytab_entry cur_entry, new_entry;
     krb5_error_code kerror = 0;
 
     /* Open the keyfile for reading */
@@ -53,25 +53,37 @@ OLDDECLARG(krb5_keytab_entry *, entry)
      * For efficiency and simplicity, we'll use a while true that 
      * is exited with a break statement.
      */
+    cur_entry.principal = 0;
     while (TRUE) {
-	if (kerror = krb5_ktfileint_read_entry(id, &cur_entry))
+	if (kerror = krb5_ktfileint_read_entry(id, &new_entry))
 	    break;
 
-	if (((kvno == IGNORE_VNO) || (kvno == cur_entry.vno)) &&
-	    krb5_principal_compare(principal, cur_entry.principal)) {
-	    /* found a match */
-	    break;
+	if (krb5_principal_compare(principal, cur_entry.principal)) {
+		if (kvno == IGNORE_VNO) {
+			if (cur_entry.vno < new_entry.vno) {
+				krb5_kt_free_entry(&cur_entry);
+				cur_entry = new_entry;
+			}
+		} else {
+			cur_entry = new_entry;
+			break;
+		}
+	} else {
+		krb5_kt_free_entry(&new_entry);
 	}
-	krb5_kt_free_entry(&cur_entry);
     }
     if (kerror) {
 	if (kerror == KRB5_KT_END)
 	    kerror = KRB5_KT_NOTFOUND;
 	(void) krb5_ktfileint_close(id);
+	if (cur_entry.principal)
+		krb5_kt_free_entry(&cur_entry);
 	return kerror;
     }
     if ((kerror = krb5_ktfileint_close(id)) != 0) {
 	krb5_kt_free_entry(&cur_entry);
+	if (cur_entry.principal)
+		krb5_kt_free_entry(&cur_entry);
 	return kerror;
     }
     *entry = cur_entry;