From 63a020538575070aeb66faf948467b877139384e Mon Sep 17 00:00:00 2001 From: Greg Hudson Date: Mon, 23 Aug 2010 22:03:25 +0000 Subject: [PATCH] Fail properly when profile can't be accessed Make profile_init() return EACCESS or EPERM if one of those errors was encountered when failing to open any of the specified profile files. This causes krb5_init_os_context() to fail properly when krb5.conf is unreadable, instead of treating that situation like a nonexistent krb5.conf. The library will continue to soldier on if one profile file is readable and another is not. This is deliberate as of r14116, whether or not it's a good idea. ticket: 6760 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24250 dc483132-0cff-0310-8789-dd5450dbe970 --- src/util/profile/prof_init.c | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/src/util/profile/prof_init.c b/src/util/profile/prof_init.c index bd42b1380..408549dca 100644 --- a/src/util/profile/prof_init.c +++ b/src/util/profile/prof_init.c @@ -27,7 +27,7 @@ profile_init(const_profile_filespec_t *files, profile_t *ret_profile) const_profile_filespec_t *fs; profile_t profile; prf_file_t new_file, last = 0; - errcode_t retval = 0; + errcode_t retval = 0, access_retval = 0; profile = malloc(sizeof(struct _profile_t)); if (!profile) @@ -43,7 +43,12 @@ profile_init(const_profile_filespec_t *files, profile_t *ret_profile) for (fs = files; !PROFILE_LAST_FILESPEC(*fs); fs++) { retval = profile_open_file(*fs, &new_file); /* if this file is missing, skip to the next */ - if (retval == ENOENT || retval == EACCES || retval == EPERM) { + if (retval == ENOENT) { + continue; + } + /* If we can't read this file, remember it but keep going. */ + if (retval == EACCES || retval == EPERM) { + access_retval = retval; continue; } if (retval) { @@ -58,11 +63,11 @@ profile_init(const_profile_filespec_t *files, profile_t *ret_profile) } /* * If last is still null after the loop, then all the files were - * missing, so return the appropriate error. + * missing or unreadable, so return the appropriate error. */ if (!last) { profile_release(profile); - return ENOENT; + return access_retval ? access_retval : ENOENT; } } -- 2.26.2