From d760a29547670f0501c8f36fcef27aaede85e4f3 Mon Sep 17 00:00:00 2001 From: Greg Hudson Date: Mon, 3 May 2010 19:02:16 +0000 Subject: [PATCH] Eliminate the use of variables for format strings in kdb5_util. Many were unused, and localization will probably be done through _() macros, not collecting all the strings together. Elminates a number of format-security static analysis defects. ticket: 6714 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23962 dc483132-0cff-0310-8789-dd5450dbe970 --- src/kadmin/dbutil/Makefile.in | 4 +- src/kadmin/dbutil/deps | 3 +- src/kadmin/dbutil/dump.c | 2 +- src/kadmin/dbutil/kadm5_create.c | 10 ++-- src/kadmin/dbutil/kdb5_util.c | 3 -- src/kadmin/dbutil/kdb5_util.h | 1 - src/kadmin/dbutil/string_table.c | 85 -------------------------------- src/kadmin/dbutil/string_table.h | 40 --------------- 8 files changed, 8 insertions(+), 140 deletions(-) delete mode 100644 src/kadmin/dbutil/string_table.c delete mode 100644 src/kadmin/dbutil/string_table.h diff --git a/src/kadmin/dbutil/Makefile.in b/src/kadmin/dbutil/Makefile.in index 829f85ae5..454077069 100644 --- a/src/kadmin/dbutil/Makefile.in +++ b/src/kadmin/dbutil/Makefile.in @@ -8,10 +8,10 @@ KDB_DEP_LIB=$(DL_LIB) $(THREAD_LINKOPTS) PROG = kdb5_util -SRCS = kdb5_util.c kdb5_create.c kadm5_create.c string_table.c kdb5_destroy.c \ +SRCS = kdb5_util.c kdb5_create.c kadm5_create.c kdb5_destroy.c \ kdb5_stash.c import_err.c strtok.c dump.c ovload.c kdb5_mkey.c -OBJS = kdb5_util.o kdb5_create.o kadm5_create.o string_table.o kdb5_destroy.o \ +OBJS = kdb5_util.o kdb5_create.o kadm5_create.o kdb5_destroy.o \ kdb5_stash.o import_err.o strtok.o dump.o ovload.o kdb5_mkey.o GETDATE = ../cli/getdate.o diff --git a/src/kadmin/dbutil/deps b/src/kadmin/dbutil/deps index eeb2c91ac..a8d2aad5d 100644 --- a/src/kadmin/dbutil/deps +++ b/src/kadmin/dbutil/deps @@ -63,8 +63,7 @@ $(OUTPRE)kadm5_create.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \ $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ - kadm5_create.c kdb5_util.h string_table.h -$(OUTPRE)string_table.$(OBJEXT): string_table.c + kadm5_create.c kdb5_util.h $(OUTPRE)kdb5_destroy.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \ $(BUILDTOP)/include/kadm5/admin.h $(BUILDTOP)/include/kadm5/chpass_util_strings.h \ diff --git a/src/kadmin/dbutil/dump.c b/src/kadmin/dbutil/dump.c index 636127184..2258e98c0 100644 --- a/src/kadmin/dbutil/dump.c +++ b/src/kadmin/dbutil/dump.c @@ -1180,7 +1180,7 @@ dump_db(argc, argv) * to be opened if we try a dump that uses it. */ if (!dbactive) { - com_err(progname, 0, Err_no_database); + com_err(progname, 0, "Database not currently opened!"); exit_status++; return; } diff --git a/src/kadmin/dbutil/kadm5_create.c b/src/kadmin/dbutil/kadm5_create.c index 5cce78cb8..c086adf75 100644 --- a/src/kadmin/dbutil/kadm5_create.c +++ b/src/kadmin/dbutil/kadm5_create.c @@ -31,8 +31,6 @@ * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ -#include "string_table.h" - #include #include #include @@ -288,7 +286,7 @@ int add_admin_princ(void *handle, krb5_context context, fullname = build_name_with_realm(name, realm); ret = krb5_parse_name(context, fullname, &ent.principal); if (ret) { - com_err(progname, ret, str_PARSE_NAME); + com_err(progname, ret, "while parsing admin principal name"); return(ERR); } ent.max_life = lifetime; @@ -300,7 +298,7 @@ int add_admin_princ(void *handle, krb5_context context, "to-be-random"); if (ret) { if (ret != KADM5_DUP) { - com_err(progname, ret, str_PUT_PRINC, fullname); + com_err(progname, ret, "while creating principal %s", fullname); krb5_free_principal(context, ent.principal); free(fullname); return ERR; @@ -309,7 +307,7 @@ int add_admin_princ(void *handle, krb5_context context, /* only randomize key if we created the principal */ ret = kadm5_randkey_principal(handle, ent.principal, NULL, NULL); if (ret) { - com_err(progname, ret, str_RANDOM_KEY, fullname); + com_err(progname, ret, "while randomizing principal %s", fullname); krb5_free_principal(context, ent.principal); free(fullname); return ERR; @@ -318,7 +316,7 @@ int add_admin_princ(void *handle, krb5_context context, ent.attributes = attrs; ret = kadm5_modify_principal(handle, &ent, KADM5_ATTRIBUTES); if (ret) { - com_err(progname, ret, str_PUT_PRINC, fullname); + com_err(progname, ret, "while setting attributes on %s", fullname); krb5_free_principal(context, ent.principal); free(fullname); return ERR; diff --git a/src/kadmin/dbutil/kdb5_util.c b/src/kadmin/dbutil/kdb5_util.c index ed6ce65c2..05db437b3 100644 --- a/src/kadmin/dbutil/kdb5_util.c +++ b/src/kadmin/dbutil/kdb5_util.c @@ -66,9 +66,6 @@ #include #include "kdb5_util.h" -char *Err_no_master_msg = "Master key not entered!\n"; -char *Err_no_database = "Database not currently opened!\n"; - /* * XXX Ick, ick, ick. These global variables shouldn't be global.... */ diff --git a/src/kadmin/dbutil/kdb5_util.h b/src/kadmin/dbutil/kdb5_util.h index 26a6a4168..ce9e73e9c 100644 --- a/src/kadmin/dbutil/kdb5_util.h +++ b/src/kadmin/dbutil/kdb5_util.h @@ -33,7 +33,6 @@ #define REALM_SEP_STR "@" extern char *progname; -extern char *Err_no_database; #ifndef V4_DECLARES_STATIC extern krb5_keyblock master_keyblock; extern krb5_principal master_princ; diff --git a/src/kadmin/dbutil/string_table.c b/src/kadmin/dbutil/string_table.c deleted file mode 100644 index 27def9d75..000000000 --- a/src/kadmin/dbutil/string_table.c +++ /dev/null @@ -1,85 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved. - * - */ - -/* String table of messages for kadm5_create */ - -char *str_PARSE_NAME = "while parsing admin principal name."; - -char *str_HISTORY_PARSE_NAME = "while parsing admin history principal name."; - -char *str_ADMIN_PRINC_EXISTS = "Warning! Admin principal already exists."; - -char *str_CHANGEPW_PRINC_EXISTS = "Warning! Changepw principal already exists."; - -char *str_HISTORY_PRINC_EXISTS = "Warning! Admin history principal already exists."; - -char *str_ADMIN_PRINC_WRONG_ATTRS = - "Warning! Admin principal has incorrect attributes.\n" - "\tDISALLOW_TGT should be set, and max_life should be three hours.\n" - "\tThis program will leave them as-is, but beware!."; - -char *str_CHANGEPW_PRINC_WRONG_ATTRS = - "Warning! Changepw principal has incorrect attributes.\n" - "\tDISALLOW_TGT and PW_CHANGE_SERVICE should both be set, and " - "max_life should be five minutes.\n" - "\tThis program will leave them as-is, but beware!."; - -char *str_HISTORY_PRINC_WRONG_ATTRS = - "Warning! Admin history principal has incorrect attributes.\n" - "\tDISALLOW_ALL_TIX should be set.\n" - "\tThis program will leave it as-is, but beware!."; - -char *str_CREATED_PRINC_DB = - "%s: Admin principal database created (or it already existed).\n"; /* whoami */ - -char *str_CREATED_POLICY_DB = - "%s: Admin policy database created (or it already existed).\n"; /* whoami */ - -char *str_RANDOM_KEY = - "while calling random key for %s."; /* principal name */ - -char *str_ENCRYPT_KEY = - "while calling encrypt key for %s."; /* principal name */ - -char *str_PUT_PRINC = - "while storing %s in Kerberos database."; /* principal name */ - -char *str_CREATING_POLICY_DB = "while creating/opening admin policy database."; - -char *str_CLOSING_POLICY_DB = "while closing admin policy database."; - -char *str_CREATING_PRINC_DB = "while creating/opening admin principal database."; - -char *str_CLOSING_PRINC_DB = "while closing admin principal database."; - -char *str_CREATING_PRINC_ENTRY = - "while creating admin principal database entry for %s."; /* princ_name */ - -char *str_A_PRINC = "a principal"; - -char *str_UNPARSE_PRINC = "while unparsing principal."; - -char *str_CREATED_PRINC = "%s: Created %s principal.\n"; /* whoami, princ_name */ - -char *str_INIT_KDB = "while initializing kdb."; - -char *str_NO_KDB = - "while initializing kdb.\nThe Kerberos KDC database needs to exist in /krb5.\n\ -If you haven't run kdb5_create you need to do so before running this command."; - - -char *str_INIT_RANDOM_KEY = "while initializing random key generator."; - -char *str_TOO_MANY_ADMIN_PRINC = - "while fetching admin princ. Can only have one admin principal."; - -char *str_TOO_MANY_CHANGEPW_PRINC = - "while fetching changepw princ. Can only have one changepw principal."; - -char *str_TOO_MANY_HIST_PRINC = - "while fetching history princ. Can only have one history principal."; - -char *str_WHILE_DESTROYING_ADMIN_SESSION = "while closing session with admin server and destroying tickets."; diff --git a/src/kadmin/dbutil/string_table.h b/src/kadmin/dbutil/string_table.h deleted file mode 100644 index 83acfefd2..000000000 --- a/src/kadmin/dbutil/string_table.h +++ /dev/null @@ -1,40 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved. - * - * $Header$ - * - */ - -#ifndef _OVSEC_ADM_STRINGS_ - -extern char *str_PARSE_NAME; -extern char *str_HISTORY_PARSE_NAME; -extern char *str_ADMIN_PRINC_EXISTS; -extern char *str_CHANGEPW_PRINC_EXISTS; -extern char *str_HISTORY_PRINC_EXISTS; -extern char *str_ADMIN_PRINC_WRONG_ATTRS; -extern char *str_CHANGEPW_PRINC_WRONG_ATTRS; -extern char *str_HISTORY_PRINC_WRONG_ATTRS; -extern char *str_CREATED_PRINC_DB; -extern char *str_CREATED_POLICY_DB; -extern char *str_RANDOM_KEY; -extern char *str_ENCRYPT_KEY; -extern char *str_PUT_PRINC; -extern char *str_CREATING_POLICY_DB; -extern char *str_CLOSING_POLICY_DB; -extern char *str_CREATING_PRINC_DB; -extern char *str_CLOSING_PRINC_DB; -extern char *str_CREATING_PRINC_ENTRY; -extern char *str_A_PRINC; -extern char *str_UNPARSE_PRINC; -extern char *str_CREATED_PRINC; -extern char *str_INIT_KDB; -extern char *str_NO_KDB; -extern char *str_INIT_RANDOM_KEY; -extern char *str_TOO_MANY_ADMIN_PRINC; -extern char *str_TOO_MANY_CHANGEPW_PRINC; -extern char *str_TOO_MANY_HIST_PRINC; -extern char *str_WHILE_DESTROYING_ADMIN_SESSION; - -#endif /* _OVSEC_ADM_STRINGS_ */ -- 2.26.2