From: Tom Yu Date: Thu, 22 May 2003 23:13:49 +0000 (+0000) Subject: * kt_file.c (krb5_ktfile_get_entry): Check principal name prior to X-Git-Tag: krb5-1.4-beta1~935 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=712d2024ac712e210acb990ed14c658bcffdfac6;p=krb5.git * kt_file.c (krb5_ktfile_get_entry): Check principal name prior to checking enctype. Suggested by Wyllys Ingersoll. ticket: 1229 status: open tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15470 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/lib/krb5/keytab/ChangeLog b/src/lib/krb5/keytab/ChangeLog index 87f76ed2f..a3c4f8c7a 100644 --- a/src/lib/krb5/keytab/ChangeLog +++ b/src/lib/krb5/keytab/ChangeLog @@ -1,3 +1,8 @@ +2003-05-22 Tom Yu + + * kt_file.c (krb5_ktfile_get_entry): Check principal name prior to + checking enctype. Suggested by Wyllys Ingersoll. + 2003-05-19 Sam Hartman * ktbase.c: Register writable keytab by default diff --git a/src/lib/krb5/keytab/kt_file.c b/src/lib/krb5/keytab/kt_file.c index 9b7b9ae8f..3175de751 100644 --- a/src/lib/krb5/keytab/kt_file.c +++ b/src/lib/krb5/keytab/kt_file.c @@ -258,6 +258,14 @@ krb5_ktfile_get_entry(krb5_context context, krb5_keytab id, krb5_const_principal and copy new_entry there, or free new_entry. Otherwise, it leaks. */ + /* if the principal isn't the one requested, free new_entry + and continue to the next. */ + + if (!krb5_principal_compare(context, principal, new_entry.principal)) { + krb5_kt_free_entry(context, &new_entry); + continue; + } + /* if the enctype is not ignored and doesn't match, free new_entry and continue to the next */ @@ -281,14 +289,6 @@ krb5_ktfile_get_entry(krb5_context context, krb5_keytab id, krb5_const_principal } - /* if the principal isn't the one requested, free new_entry - and continue to the next. */ - - if (!krb5_principal_compare(context, principal, new_entry.principal)) { - krb5_kt_free_entry(context, &new_entry); - continue; - } - if (kvno == IGNORE_VNO) { /* if this is the first match, or if the new vno is bigger, free the current and keep the new. Otherwise,