diff options
| author | Greg Hudson <ghudson@mit.edu> | 2009-08-13 21:25:54 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2009-08-13 21:25:54 +0000 |
| commit | 1ddf7efda0fa665d86431dfc2a57e90e892b81ab (patch) | |
| tree | 141ed4abf608f1143e4344aaae0f244dc62d578b /src/lib/kadm5/clnt | |
| parent | 45eefd6a6fa51ccf67aaf073c0237bbbd142ae81 (diff) | |
| download | krb5-1ddf7efda0fa665d86431dfc2a57e90e892b81ab.zip krb5-1ddf7efda0fa665d86431dfc2a57e90e892b81ab.tar.gz krb5-1ddf7efda0fa665d86431dfc2a57e90e892b81ab.tar.bz2 | |
Remove kadmin v1 API support
The kadmin v1 API and the even older ovsec_kadm_* API were legacy when
kadmin was first incorporated in 1996, and compatibility with them is
no longer believed to be necessary.
The uninstalled kadmin/passwd has been removed (since it used the ovsec
API). The test suite has been updated to use the v2 API where
appropriate, and the parts specifically designed to test the old API
have been excised.
ticket: 6544
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22521 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/kadm5/clnt')
| -rw-r--r-- | src/lib/kadm5/clnt/client_init.c | 18 | ||||
| -rw-r--r-- | src/lib/kadm5/clnt/client_principal.c | 169 | ||||
| -rw-r--r-- | src/lib/kadm5/clnt/clnt_policy.c | 18 | ||||
| -rw-r--r-- | src/lib/kadm5/clnt/libkadm5clnt.exports | 24 |
4 files changed, 49 insertions, 180 deletions
diff --git a/src/lib/kadm5/clnt/client_init.c b/src/lib/kadm5/clnt/client_init.c index 4395453..4ebd1b7 100644 --- a/src/lib/kadm5/clnt/client_init.c +++ b/src/lib/kadm5/clnt/client_init.c @@ -231,20 +231,10 @@ static kadm5_ret_t _kadm5_init_any(char *client_name, * empty mask, and behave like version 2. */ memset(¶ms_local, 0, sizeof(params_local)); - if (api_version == KADM5_API_VERSION_1) { - realm = params_local.realm = (char *) params_in; - if (params_in) - params_local.mask = KADM5_CONFIG_REALM; - - /* Use old AUTH_GSSAPI for version 1 protocol. */ - params_local.mask |= KADM5_CONFIG_OLD_AUTH_GSSAPI; - params_in = ¶ms_local; - } else { - if (params_in && (params_in->mask & KADM5_CONFIG_REALM)) - realm = params_in->realm; - else - realm = NULL; - } + if (params_in && (params_in->mask & KADM5_CONFIG_REALM)) + realm = params_in->realm; + else + realm = NULL; #if 0 /* Since KDC config params can now be put in krb5.conf, these could show up even when you're just using the remote kadmin diff --git a/src/lib/kadm5/clnt/client_principal.c b/src/lib/kadm5/clnt/client_principal.c index 51135f4..56ad512 100644 --- a/src/lib/kadm5/clnt/client_principal.c +++ b/src/lib/kadm5/clnt/client_principal.c @@ -43,22 +43,8 @@ kadm5_create_principal(void *server_handle, if(princ == NULL) return EINVAL; - if (handle->api_version == KADM5_API_VERSION_1) { - memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec_v1)); - } else { - memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec)); - } - if (handle->api_version == KADM5_API_VERSION_1) { - /* - * hack hack cough cough. - * krb5_unparse name dumps core if we pass it in garbage - * or null. So, since the client is not allowed to set mod_name - * anyway, we just fill it in with a dummy principal. The server of - * course ignores this. - */ - krb5_parse_name(handle->context, "bogus/bogus", &arg.rec.mod_name); - } else - arg.rec.mod_name = NULL; + memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec)); + arg.rec.mod_name = NULL; if(!(mask & KADM5_POLICY)) arg.rec.policy = NULL; @@ -73,9 +59,6 @@ kadm5_create_principal(void *server_handle, r = create_principal_2(&arg, handle->clnt); - if (handle->api_version == KADM5_API_VERSION_1) - krb5_free_principal(handle->context, arg.rec.mod_name); - if(r == NULL) eret(); return r->code; @@ -104,22 +87,8 @@ kadm5_create_principal_3(void *server_handle, if(princ == NULL) return EINVAL; - if (handle->api_version == KADM5_API_VERSION_1) { - memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec_v1)); - } else { - memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec)); - } - if (handle->api_version == KADM5_API_VERSION_1) { - /* - * hack hack cough cough. - * krb5_unparse name dumps core if we pass it in garbage - * or null. So, since the client is not allowed to set mod_name - * anyway, we just fill it in with a dummy principal. The server of - * course ignores this. - */ - krb5_parse_name(handle->context, "bogus/bogus", &arg.rec.mod_name); - } else - arg.rec.mod_name = NULL; + memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec)); + arg.rec.mod_name = NULL; if(!(mask & KADM5_POLICY)) arg.rec.policy = NULL; @@ -134,9 +103,6 @@ kadm5_create_principal_3(void *server_handle, r = create_principal3_2(&arg, handle->clnt); - if (handle->api_version == KADM5_API_VERSION_1) - krb5_free_principal(handle->context, arg.rec.mod_name); - if(r == NULL) eret(); return r->code; @@ -174,17 +140,9 @@ kadm5_modify_principal(void *server_handle, memset(&arg, 0, sizeof(arg)); arg.mask = mask; arg.api_version = handle->api_version; - /* - * cough cough gag gag - * see comment in create_principal. - */ if(princ == NULL) return EINVAL; - if (handle->api_version == KADM5_API_VERSION_1) { - memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec_v1)); - } else { - memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec)); - } + memcpy(&arg.rec, princ, sizeof(kadm5_principal_ent_rec)); if(!(mask & KADM5_POLICY)) arg.rec.policy = NULL; if (! (mask & KADM5_KEY_DATA)) { @@ -196,19 +154,10 @@ kadm5_modify_principal(void *server_handle, arg.rec.tl_data = NULL; } - if (handle->api_version == KADM5_API_VERSION_1) { - /* - * See comment in create_principal - */ - krb5_parse_name(handle->context, "bogus/bogus", &arg.rec.mod_name); - } else - arg.rec.mod_name = NULL; + arg.rec.mod_name = NULL; r = modify_principal_2(&arg, handle->clnt); - if (handle->api_version == KADM5_API_VERSION_1) - krb5_free_principal(handle->context, arg.rec.mod_name); - if(r == NULL) eret(); return r->code; @@ -228,33 +177,13 @@ kadm5_get_principal(void *server_handle, if(princ == NULL) return EINVAL; arg.princ = princ; - if (handle->api_version == KADM5_API_VERSION_1) - arg.mask = KADM5_PRINCIPAL_NORMAL_MASK; - else - arg.mask = mask; + arg.mask = mask; arg.api_version = handle->api_version; r = get_principal_2(&arg, handle->clnt); if(r == NULL) eret(); - if (handle->api_version == KADM5_API_VERSION_1) { - kadm5_principal_ent_t_v1 *entp; - - entp = (kadm5_principal_ent_t_v1 *) ent; - if (r->code == 0) { - if (!(*entp = (kadm5_principal_ent_t_v1) - malloc(sizeof(kadm5_principal_ent_rec_v1)))) - return ENOMEM; - /* this memcpy works because the v1 structure is an initial - subset of the v2 struct. C guarantees that this will - result in the same layout in memory */ - memcpy(*entp, &r->rec, sizeof(**entp)); - } else { - *entp = NULL; - } - } else { - if (r->code == 0) - memcpy(ent, &r->rec, sizeof(r->rec)); - } + if (r->code == 0) + memcpy(ent, &r->rec, sizeof(r->rec)); return r->code; } @@ -460,29 +389,23 @@ kadm5_randkey_principal_3(void *server_handle, r = chrand_principal3_2(&arg, handle->clnt); if(r == NULL) eret(); - if (handle->api_version == KADM5_API_VERSION_1) { - if (key) - krb5_copy_keyblock(handle->context, &r->key, key); - } else { - if (n_keys) - *n_keys = r->n_keys; - if (key) { - if(r->n_keys) { - *key = (krb5_keyblock *) - malloc(r->n_keys*sizeof(krb5_keyblock)); - if (*key == NULL) - return ENOMEM; - for (i = 0; i < r->n_keys; i++) { - ret = krb5_copy_keyblock_contents(handle->context, - &r->keys[i], - &(*key)[i]); - if (ret) { - free(*key); - return ENOMEM; - } - } - } else *key = NULL; - } + if (n_keys) + *n_keys = r->n_keys; + if (key) { + if(r->n_keys) { + *key = malloc(r->n_keys * sizeof(krb5_keyblock)); + if (*key == NULL) + return ENOMEM; + for (i = 0; i < r->n_keys; i++) { + ret = krb5_copy_keyblock_contents(handle->context, &r->keys[i], + &(*key)[i]); + if (ret) { + free(*key); + return ENOMEM; + } + } + } else + *key = NULL; } return r->code; @@ -508,29 +431,23 @@ kadm5_randkey_principal(void *server_handle, r = chrand_principal_2(&arg, handle->clnt); if(r == NULL) eret(); - if (handle->api_version == KADM5_API_VERSION_1) { - if (key) - krb5_copy_keyblock(handle->context, &r->key, key); - } else { - if (n_keys) - *n_keys = r->n_keys; - if (key) { - if(r->n_keys) { - *key = (krb5_keyblock *) - malloc(r->n_keys*sizeof(krb5_keyblock)); - if (*key == NULL) - return ENOMEM; - for (i = 0; i < r->n_keys; i++) { - ret = krb5_copy_keyblock_contents(handle->context, - &r->keys[i], - &(*key)[i]); - if (ret) { - free(*key); - return ENOMEM; - } - } - } else *key = NULL; - } + if (n_keys) + *n_keys = r->n_keys; + if (key) { + if(r->n_keys) { + *key = malloc(r->n_keys * sizeof(krb5_keyblock)); + if (*key == NULL) + return ENOMEM; + for (i = 0; i < r->n_keys; i++) { + ret = krb5_copy_keyblock_contents(handle->context, &r->keys[i], + &(*key)[i]); + if (ret) { + free(*key); + return ENOMEM; + } + } + } else + *key = NULL; } return r->code; diff --git a/src/lib/kadm5/clnt/clnt_policy.c b/src/lib/kadm5/clnt/clnt_policy.c index 6877ec3..fc91245 100644 --- a/src/lib/kadm5/clnt/clnt_policy.c +++ b/src/lib/kadm5/clnt/clnt_policy.c @@ -103,22 +103,8 @@ kadm5_get_policy(void *server_handle, char *name, kadm5_policy_ent_t ent) r = get_policy_2(&arg, handle->clnt); if(r == NULL) return KADM5_RPC_ERROR; - if (handle->api_version == KADM5_API_VERSION_1) { - kadm5_policy_ent_t *entp; - - entp = (kadm5_policy_ent_t *) ent; - if(r->code == 0) { - if (!(*entp = (kadm5_policy_ent_t) - malloc(sizeof(kadm5_policy_ent_rec)))) - return ENOMEM; - memcpy(*entp, &r->rec, sizeof(**entp)); - } else { - *entp = NULL; - } - } else { - if (r->code == 0) - memcpy(ent, &r->rec, sizeof(r->rec)); - } + if (r->code == 0) + memcpy(ent, &r->rec, sizeof(r->rec)); return r->code; } diff --git a/src/lib/kadm5/clnt/libkadm5clnt.exports b/src/lib/kadm5/clnt/libkadm5clnt.exports index 7f11f32..6174847 100644 --- a/src/lib/kadm5/clnt/libkadm5clnt.exports +++ b/src/lib/kadm5/clnt/libkadm5clnt.exports @@ -58,29 +58,6 @@ krb5_klog_syslog krb5_read_realm_params krb5_string_to_flags krb5_string_to_keysalts -ovsec_kadm_chpass_principal -ovsec_kadm_chpass_principal_util -ovsec_kadm_create_policy -ovsec_kadm_create_principal -ovsec_kadm_delete_policy -ovsec_kadm_delete_principal -ovsec_kadm_destroy -ovsec_kadm_flush -ovsec_kadm_free_name_list -ovsec_kadm_free_policy_ent -ovsec_kadm_free_principal_ent -ovsec_kadm_get_policies -ovsec_kadm_get_policy -ovsec_kadm_get_principal -ovsec_kadm_get_principals -ovsec_kadm_get_privs -ovsec_kadm_init -ovsec_kadm_init_with_password -ovsec_kadm_init_with_skey -ovsec_kadm_modify_policy -ovsec_kadm_modify_principal -ovsec_kadm_randkey_principal -ovsec_kadm_rename_principal xdr_chpass3_arg xdr_chpass_arg xdr_chrand3_arg @@ -103,7 +80,6 @@ xdr_gprincs_arg xdr_gprincs_ret xdr_kadm5_policy_ent_rec xdr_kadm5_principal_ent_rec -xdr_kadm5_principal_ent_rec_v1 xdr_kadm5_ret_t xdr_krb5_deltat xdr_krb5_enctype |