[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
lib/gssapi/acquire_cred.c:get_keytab() re-resolves file why?
Why does lib/gssapi/acquire_cred.c:get_keytab() re-resolve the
gssapi_krb5_keytab?
I want to use an in memory keytab so I can load it once as root and
then setuid/gid thereby protecting it.
Mike
static krb5_error_code
get_keytab(krb5_keytab *keytab)
{
char kt_name[256];
krb5_error_code kret;
HEIMDAL_MUTEX_lock(&gssapi_keytab_mutex);
if (gssapi_krb5_keytab != NULL) {
kret = krb5_kt_get_name(gssapi_krb5_context,
gssapi_krb5_keytab,
kt_name, sizeof(kt_name));
if (kret == 0)
kret = krb5_kt_resolve(gssapi_krb5_context, kt_name, keytab);
} else
kret = krb5_kt_default(gssapi_krb5_context, keytab);
HEIMDAL_MUTEX_unlock(&gssapi_keytab_mutex);
return (kret);
}