From 88055006f21298a7aa93547caf00d3a6e35e8d37 Mon Sep 17 00:00:00 2001 From: Greg Hudson Date: Mon, 15 Dec 2008 18:26:47 +0000 Subject: [PATCH] In ktutil, remove code for wst (write srvtab). Reimplement rst (read srvtab) as an alias for "rkt SRVTAB:filename" and include it unconditionally. ticket: 6303 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21446 dc483132-0cff-0310-8789-dd5450dbe970 --- src/kadmin/ktutil/Makefile.in | 3 +- src/kadmin/ktutil/ktutil.c | 18 +-- src/kadmin/ktutil/ktutil.h | 5 - src/kadmin/ktutil/ktutil_funcs.c | 216 +------------------------------ 4 files changed, 9 insertions(+), 233 deletions(-) diff --git a/src/kadmin/ktutil/Makefile.in b/src/kadmin/ktutil/Makefile.in index 21ccc4ab9..8a7638405 100644 --- a/src/kadmin/ktutil/Makefile.in +++ b/src/kadmin/ktutil/Makefile.in @@ -2,8 +2,7 @@ thisconfigdir=../.. myfulldir=kadmin/ktutil mydir=kadmin/ktutil BUILDTOP=$(REL)..$(S).. -LOCALINCLUDES = $(KRB4_INCLUDES) -PROG_LIBPATH=-L$(TOPLIBD) $(KRB4_LIBPATH) +PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) DEFS= diff --git a/src/kadmin/ktutil/ktutil.c b/src/kadmin/ktutil/ktutil.c index 1138f0a37..26a2b9ddb 100644 --- a/src/kadmin/ktutil/ktutil.c +++ b/src/kadmin/ktutil/ktutil.c @@ -98,7 +98,6 @@ void ktutil_read_v4(argc, argv) int argc; char *argv[]; { -#ifdef KRB5_KRB4_COMPAT krb5_error_code retval; if (argc != 2) { @@ -108,9 +107,6 @@ void ktutil_read_v4(argc, argv) retval = ktutil_read_srvtab(kcontext, argv[1], &ktlist); if (retval) com_err(argv[0], retval, "while reading srvtab \"%s\"", argv[1]); -#else - fprintf(stderr, "%s: krb4 support not configured\n", argv[0]); -#endif } void ktutil_write_v5(argc, argv) @@ -132,19 +128,7 @@ void ktutil_write_v4(argc, argv) int argc; char *argv[]; { -#ifdef KRB5_KRB4_COMPAT - krb5_error_code retval; - - if (argc != 2) { - fprintf(stderr, "%s: must specify srvtab to write\n", argv[0]); - return; - } - retval = ktutil_write_srvtab(kcontext, ktlist, argv[1]); - if (retval) - com_err(argv[0], retval, "while writing srvtab \"%s\"", argv[1]); -#else - fprintf(stderr, "%s: krb4 support not configured\n", argv[0]); -#endif + fprintf(stderr, "%s: writing srvtabs is no longer supported\n", argv[0]); } void ktutil_add_entry(argc, argv) diff --git a/src/kadmin/ktutil/ktutil.h b/src/kadmin/ktutil/ktutil.h index d25c8d998..5ecc7d4ad 100644 --- a/src/kadmin/ktutil/ktutil.h +++ b/src/kadmin/ktutil/ktutil.h @@ -49,14 +49,9 @@ krb5_error_code ktutil_write_keytab (krb5_context, krb5_kt_list, char *); -#ifdef KRB5_KRB4_COMPAT krb5_error_code ktutil_read_srvtab (krb5_context, char *, krb5_kt_list *); -krb5_error_code ktutil_write_srvtab (krb5_context, - krb5_kt_list, - char *); -#endif void ktutil_add_entry (int, char *[]); diff --git a/src/kadmin/ktutil/ktutil_funcs.c b/src/kadmin/ktutil/ktutil_funcs.c index 4c4408c6e..bec3e288f 100644 --- a/src/kadmin/ktutil/ktutil_funcs.c +++ b/src/kadmin/ktutil/ktutil_funcs.c @@ -335,30 +335,6 @@ krb5_error_code ktutil_write_keytab(context, list, name) return retval; } -#ifdef KRB5_KRB4_COMPAT -/* - * getstr() takes a file pointer, a string and a count. It reads from - * the file until either it has read "count" characters, or until it - * reads a null byte. When finished, what has been read exists in the - * given string "s". If "count" characters were actually read, the - * last is changed to a null, so the returned string is always null- - * terminated. getstr() returns the number of characters read, - * including the null terminator. - */ - -static int getstr(fp, s, n) - FILE *fp; - register char *s; - int n; -{ - register int count = n; - while (fread(s, 1, 1, fp) > 0 && --count) - if (*s++ == '\0') - return (n - count); - *s = '\0'; - return (n - count); -} - /* * Read in a named krb4 srvtab and append to list. Allocate new list * if needed. @@ -368,190 +344,12 @@ krb5_error_code ktutil_read_srvtab(context, name, list) char *name; krb5_kt_list *list; { - krb5_kt_list lp = NULL, tail = NULL, back = NULL; - krb5_keytab_entry *entry; - krb5_error_code retval = 0; - char sname[SNAME_SZ]; /* name of service */ - char sinst[INST_SZ]; /* instance of service */ - char srealm[REALM_SZ]; /* realm of service */ - unsigned char kvno; /* key version number */ - des_cblock key; - FILE *fp; + char *ktname; + krb5_error_code result; - if (*list) { - /* point lp at the tail of the list */ - for (lp = *list; lp->next; lp = lp->next); - back = lp; - } - fp = fopen(name, "r"); - if (!fp) - return EIO; - for (;;) { - entry = (krb5_keytab_entry *)malloc(sizeof (krb5_keytab_entry)); - if (!entry) { - retval = ENOMEM; - break; - } - memset((char *)entry, 0, sizeof (*entry)); - memset(sname, 0, sizeof (sname)); - memset(sinst, 0, sizeof (sinst)); - memset(srealm, 0, sizeof (srealm)); - if (!(getstr(fp, sname, SNAME_SZ) > 0 && - getstr(fp, sinst, INST_SZ) > 0 && - getstr(fp, srealm, REALM_SZ) > 0 && - fread(&kvno, 1, 1, fp) > 0 && - fread((char *)key, sizeof (key), 1, fp) > 0)) - break; - entry->magic = KV5M_KEYTAB_ENTRY; - entry->timestamp = 0; /* XXX */ - entry->vno = kvno; - retval = krb5_425_conv_principal(context, - sname, sinst, srealm, - &entry->principal); - if (retval) - break; - entry->key.magic = KV5M_KEYBLOCK; - entry->key.enctype = ENCTYPE_DES_CBC_CRC; - entry->key.length = sizeof (key); - entry->key.contents = (krb5_octet *)malloc(sizeof (key)); - if (!entry->key.contents) { - retval = ENOMEM; - break; - } - memcpy((char *)entry->key.contents, (char *)key, sizeof (key)); - if (!lp) { /* if list is empty, start one */ - lp = (krb5_kt_list)malloc(sizeof (*lp)); - if (!lp) { - retval = ENOMEM; - break; - } - } else { - lp->next = (krb5_kt_list)malloc(sizeof (*lp)); - if (!lp->next) { - retval = ENOMEM; - break; - } - lp = lp->next; - } - lp->next = NULL; - lp->entry = entry; - if (!tail) - tail = lp; - } - if (entry) { - if (entry->magic == KV5M_KEYTAB_ENTRY) - krb5_kt_free_entry(context, entry); - free((char *)entry); - } - if (retval) { - ktutil_free_kt_list(context, tail); - tail = NULL; - if (back) - back->next = NULL; - } - if (!*list) - *list = tail; - fclose(fp); - return retval; -} - -/* - * Writes a kt_list out to a krb4 srvtab file. Note that it first - * prunes the kt_list so that it won't contain any keys that are not - * the most recent, and ignores keys that are not ENCTYPE_DES. - */ -krb5_error_code ktutil_write_srvtab(context, list, name) - krb5_context context; - krb5_kt_list list; - char *name; -{ - krb5_kt_list lp, lp1, prev, pruned = NULL; - krb5_error_code retval = 0; - FILE *fp; - char sname[SNAME_SZ]; - char sinst[INST_SZ]; - char srealm[REALM_SZ]; - - /* First do heinous stuff to prune the list. */ - for (lp = list; lp; lp = lp->next) { - if ((lp->entry->key.enctype != ENCTYPE_DES_CBC_CRC) && - (lp->entry->key.enctype != ENCTYPE_DES_CBC_MD5) && - (lp->entry->key.enctype != ENCTYPE_DES_CBC_MD4) && - (lp->entry->key.enctype != ENCTYPE_DES_CBC_RAW)) - continue; - - for (lp1 = pruned; lp1; prev = lp1, lp1 = lp1->next) { - /* Hunt for the current principal in the pruned list */ - if (krb5_principal_compare(context, - lp->entry->principal, - lp1->entry->principal)) - break; - } - if (!lp1) { /* need to add entry to tail of pruned list */ - if (!pruned) { - pruned = (krb5_kt_list) malloc(sizeof (*pruned)); - if (!pruned) - return ENOMEM; - memset((char *) pruned, 0, sizeof(*pruned)); - lp1 = pruned; - } else { - prev->next - = (krb5_kt_list) malloc(sizeof (*pruned)); - if (!prev->next) { - retval = ENOMEM; - goto free_pruned; - } - memset((char *) prev->next, 0, sizeof(*pruned)); - lp1 = prev->next; - } - lp1->entry = lp->entry; - } else { - /* This heuristic should be roughly the same as in the - keytab-reading code in libkrb5. */ - int offset = 0; - if (lp1->entry->vno > 240 || lp->entry->vno > 240) { - offset = 128; - } -#define M(X) (((X) + offset) % 256) - if (M(lp1->entry->vno) < M(lp->entry->vno)) - /* Check if lp->entry is newer kvno; if so, update */ - lp1->entry = lp->entry; - } - } - umask(0077); /*Changing umask for all of ktutil is OK - * We don't ever write out anything that should use - * default umask.*/ - fp = fopen(name, "w"); - if (!fp) { - retval = EIO; - goto free_pruned; - } - for (lp = pruned; lp; lp = lp->next) { - unsigned char kvno; - kvno = (unsigned char) lp->entry->vno; - retval = krb5_524_conv_principal(context, - lp->entry->principal, - sname, sinst, srealm); - if (retval) - break; - fwrite(sname, strlen(sname) + 1, 1, fp); - fwrite(sinst, strlen(sinst) + 1, 1, fp); - fwrite(srealm, strlen(srealm) + 1, 1, fp); - fwrite((char *)&kvno, 1, 1, fp); - fwrite((char *)lp->entry->key.contents, - sizeof (des_cblock), 1, fp); - } - fclose(fp); - free_pruned: - /* - * Loop over and free the pruned list; don't use free_kt_list - * because that kills the entries. - */ - for (lp = pruned; lp;) { - prev = lp; - lp = lp->next; - free((char *)prev); - } - return retval; + if (asprintf(&ktname, "SRVTAB:%s", name) < 0) + return ENOMEM; + result = ktutil_read_keytab(context, ktname, list); + free(ktname); + return result; } -#endif /* KRB5_KRB4_COMPAT */ -- 2.26.2