Eliminate the use of variables for format strings in kdb5_util. Many

were unused, and localization will probably be done through _()
macros, not collecting all the strings together.  Elminates a number
of format-security static analysis defects.

ticket: 6714
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23962 dc483132-0cff-0310-8789-dd5450dbe970

8 files changed, 8 insertions, 140 deletions

diff --git a/src/kadmin/dbutil/Makefile.in b/src/kadmin/dbutil/Makefile.in
index 829f85a..4540770 100644
--- a/src/kadmin/dbutil/Makefile.in
+++ b/src/kadmin/dbutil/Makefile.in
@@ -8,10 +8,10 @@ KDB_DEP_LIB=$(DL_LIB) $(THREAD_LINKOPTS)
 
 PROG = kdb5_util
 
-SRCS = kdb5_util.c kdb5_create.c kadm5_create.c string_table.c kdb5_destroy.c \
+SRCS = kdb5_util.c kdb5_create.c kadm5_create.c kdb5_destroy.c \
 	   kdb5_stash.c import_err.c strtok.c dump.c ovload.c kdb5_mkey.c
 
-OBJS = kdb5_util.o kdb5_create.o kadm5_create.o string_table.o kdb5_destroy.o \
+OBJS = kdb5_util.o kdb5_create.o kadm5_create.o kdb5_destroy.o \
 	   kdb5_stash.o import_err.o strtok.o dump.o ovload.o kdb5_mkey.o
 
 GETDATE = ../cli/getdate.o
diff --git a/src/kadmin/dbutil/deps b/src/kadmin/dbutil/deps
index eeb2c91..a8d2aad 100644
--- a/src/kadmin/dbutil/deps
+++ b/src/kadmin/dbutil/deps
@@ -63,8 +63,7 @@ $(OUTPRE)kadm5_create.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \
   $(top_srcdir)/include/krb5/locate_plugin.h $(top_srcdir)/include/krb5/preauth_plugin.h \
   $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \
-  kadm5_create.c kdb5_util.h string_table.h
-$(OUTPRE)string_table.$(OBJEXT): string_table.c
+  kadm5_create.c kdb5_util.h
 $(OUTPRE)kdb5_destroy.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \
   $(BUILDTOP)/include/gssapi/gssapi.h $(BUILDTOP)/include/gssrpc/types.h \
   $(BUILDTOP)/include/kadm5/admin.h $(BUILDTOP)/include/kadm5/chpass_util_strings.h \
diff --git a/src/kadmin/dbutil/dump.c b/src/kadmin/dbutil/dump.c
index 6361271..2258e98 100644
--- a/src/kadmin/dbutil/dump.c
+++ b/src/kadmin/dbutil/dump.c
@@ -1180,7 +1180,7 @@ dump_db(argc, argv)
      * to be opened if we try a dump that uses it.
      */
     if (!dbactive) {
-        com_err(progname, 0, Err_no_database);
+        com_err(progname, 0, "Database not currently opened!");
         exit_status++;
         return;
     }
diff --git a/src/kadmin/dbutil/kadm5_create.c b/src/kadmin/dbutil/kadm5_create.c
index 5cce78c..c086adf 100644
--- a/src/kadmin/dbutil/kadm5_create.c
+++ b/src/kadmin/dbutil/kadm5_create.c
@@ -31,8 +31,6 @@
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
-#include "string_table.h"
-
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -288,7 +286,7 @@ int add_admin_princ(void *handle, krb5_context context,
     fullname = build_name_with_realm(name, realm);
     ret = krb5_parse_name(context, fullname, &ent.principal);
     if (ret) {
-        com_err(progname, ret, str_PARSE_NAME);
+        com_err(progname, ret, "while parsing admin principal name");
         return(ERR);
     }
     ent.max_life = lifetime;
@@ -300,7 +298,7 @@ int add_admin_princ(void *handle, krb5_context context,
                                  "to-be-random");
     if (ret) {
         if (ret != KADM5_DUP) {
-            com_err(progname, ret, str_PUT_PRINC, fullname);
+            com_err(progname, ret, "while creating principal %s", fullname);
             krb5_free_principal(context, ent.principal);
             free(fullname);
             return ERR;
@@ -309,7 +307,7 @@ int add_admin_princ(void *handle, krb5_context context,
         /* only randomize key if we created the principal */
         ret = kadm5_randkey_principal(handle, ent.principal, NULL, NULL);
         if (ret) {
-            com_err(progname, ret, str_RANDOM_KEY, fullname);
+            com_err(progname, ret, "while randomizing principal %s", fullname);
             krb5_free_principal(context, ent.principal);
             free(fullname);
             return ERR;
@@ -318,7 +316,7 @@ int add_admin_princ(void *handle, krb5_context context,
         ent.attributes = attrs;
         ret = kadm5_modify_principal(handle, &ent, KADM5_ATTRIBUTES);
         if (ret) {
-            com_err(progname, ret, str_PUT_PRINC, fullname);
+            com_err(progname, ret, "while setting attributes on %s", fullname);
             krb5_free_principal(context, ent.principal);
             free(fullname);
             return ERR;
diff --git a/src/kadmin/dbutil/kdb5_util.c b/src/kadmin/dbutil/kdb5_util.c
index ed6ce65..05db437 100644
--- a/src/kadmin/dbutil/kdb5_util.c
+++ b/src/kadmin/dbutil/kdb5_util.c
@@ -66,9 +66,6 @@
 #include <time.h>
 #include "kdb5_util.h"
 
-char    *Err_no_master_msg = "Master key not entered!\n";
-char    *Err_no_database = "Database not currently opened!\n";
-
 /*
  * XXX Ick, ick, ick.  These global variables shouldn't be global....
  */
diff --git a/src/kadmin/dbutil/kdb5_util.h b/src/kadmin/dbutil/kdb5_util.h
index 26a6a41..ce9e73e 100644
--- a/src/kadmin/dbutil/kdb5_util.h
+++ b/src/kadmin/dbutil/kdb5_util.h
@@ -33,7 +33,6 @@
 #define REALM_SEP_STR   "@"
 
 extern char *progname;
-extern char *Err_no_database;
 #ifndef V4_DECLARES_STATIC
 extern krb5_keyblock master_keyblock;
 extern krb5_principal master_princ;
diff --git a/src/kadmin/dbutil/string_table.c b/src/kadmin/dbutil/string_table.c
deleted file mode 100644
index 27def9d..0000000
--- a/src/kadmin/dbutil/string_table.c
+++ /dev/null
@@ -1,85 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved.
- *
- */
-
-/* String table of messages for kadm5_create */
-
-char *str_PARSE_NAME = "while parsing admin principal name.";
-
-char *str_HISTORY_PARSE_NAME = "while parsing admin history principal name.";
-
-char *str_ADMIN_PRINC_EXISTS = "Warning! Admin principal already exists.";
-
-char *str_CHANGEPW_PRINC_EXISTS = "Warning! Changepw principal already exists.";
-
-char *str_HISTORY_PRINC_EXISTS = "Warning! Admin history principal already exists.";
-
-char *str_ADMIN_PRINC_WRONG_ATTRS =
-    "Warning! Admin principal has incorrect attributes.\n"
-    "\tDISALLOW_TGT should be set, and max_life should be three hours.\n"
-    "\tThis program will leave them as-is, but beware!.";
-
-char *str_CHANGEPW_PRINC_WRONG_ATTRS =
-    "Warning! Changepw principal has incorrect attributes.\n"
-    "\tDISALLOW_TGT and PW_CHANGE_SERVICE should both be set, and "
-    "max_life should be five minutes.\n"
-    "\tThis program will leave them as-is, but beware!.";
-
-char *str_HISTORY_PRINC_WRONG_ATTRS =
-    "Warning! Admin history principal has incorrect attributes.\n"
-    "\tDISALLOW_ALL_TIX should be set.\n"
-    "\tThis program will leave it as-is, but beware!.";
-
-char *str_CREATED_PRINC_DB =
-    "%s: Admin principal database created (or it already existed).\n"; /* whoami */
-
-char *str_CREATED_POLICY_DB =
-    "%s: Admin policy database created (or it already existed).\n"; /* whoami */
-
-char *str_RANDOM_KEY =
-    "while calling random key for %s.";  /* principal name */
-
-char *str_ENCRYPT_KEY =
-    "while calling encrypt key for %s."; /* principal name */
-
-char *str_PUT_PRINC =
-    "while storing %s in Kerberos database.";  /* principal name */
-
-char *str_CREATING_POLICY_DB = "while creating/opening admin policy database.";
-
-char *str_CLOSING_POLICY_DB = "while closing admin policy database.";
-
-char *str_CREATING_PRINC_DB = "while creating/opening admin principal database.";
-
-char *str_CLOSING_PRINC_DB = "while closing admin principal database.";
-
-char *str_CREATING_PRINC_ENTRY =
-    "while creating admin principal database entry for %s."; /* princ_name */
-
-char *str_A_PRINC = "a principal";
-
-char *str_UNPARSE_PRINC = "while unparsing principal.";
-
-char *str_CREATED_PRINC = "%s: Created %s principal.\n"; /* whoami, princ_name */
-
-char *str_INIT_KDB = "while initializing kdb.";
-
-char *str_NO_KDB =
-    "while initializing kdb.\nThe Kerberos KDC database needs to exist in /krb5.\n\
-If you haven't run kdb5_create you need to do so before running this command.";
-
-
-char *str_INIT_RANDOM_KEY = "while initializing random key generator.";
-
-char *str_TOO_MANY_ADMIN_PRINC =
-    "while fetching admin princ. Can only have one admin principal.";
-
-char *str_TOO_MANY_CHANGEPW_PRINC =
-    "while fetching changepw princ. Can only have one changepw principal.";
-
-char *str_TOO_MANY_HIST_PRINC =
-    "while fetching history princ. Can only have one history principal.";
-
-char *str_WHILE_DESTROYING_ADMIN_SESSION = "while closing session with admin server and destroying tickets.";
diff --git a/src/kadmin/dbutil/string_table.h b/src/kadmin/dbutil/string_table.h
deleted file mode 100644
index 83acfef..0000000
--- a/src/kadmin/dbutil/string_table.h
+++ /dev/null
@@ -1,40 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * Copyright 1993 OpenVision Technologies, Inc., All Rights Reserved.
- *
- * $Header$
- *
- */
-
-#ifndef _OVSEC_ADM_STRINGS_
-
-extern char *str_PARSE_NAME;
-extern char *str_HISTORY_PARSE_NAME;
-extern char *str_ADMIN_PRINC_EXISTS;
-extern char *str_CHANGEPW_PRINC_EXISTS;
-extern char *str_HISTORY_PRINC_EXISTS;
-extern char *str_ADMIN_PRINC_WRONG_ATTRS;
-extern char *str_CHANGEPW_PRINC_WRONG_ATTRS;
-extern char *str_HISTORY_PRINC_WRONG_ATTRS;
-extern char *str_CREATED_PRINC_DB;
-extern char *str_CREATED_POLICY_DB;
-extern char *str_RANDOM_KEY;
-extern char *str_ENCRYPT_KEY;
-extern char *str_PUT_PRINC;
-extern char *str_CREATING_POLICY_DB;
-extern char *str_CLOSING_POLICY_DB;
-extern char *str_CREATING_PRINC_DB;
-extern char *str_CLOSING_PRINC_DB;
-extern char *str_CREATING_PRINC_ENTRY;
-extern char *str_A_PRINC;
-extern char *str_UNPARSE_PRINC;
-extern char *str_CREATED_PRINC;
-extern char *str_INIT_KDB;
-extern char *str_NO_KDB;
-extern char *str_INIT_RANDOM_KEY;
-extern char *str_TOO_MANY_ADMIN_PRINC;
-extern char *str_TOO_MANY_CHANGEPW_PRINC;
-extern char *str_TOO_MANY_HIST_PRINC;
-extern char *str_WHILE_DESTROYING_ADMIN_SESSION;
-
-#endif /* _OVSEC_ADM_STRINGS_ */