diff options
author | Greg Hudson <ghudson@mit.edu> | 2020-07-11 21:47:08 -0400 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2020-09-07 12:20:16 -0400 |
commit | 91596ae028cf458b61c03c13dee8c0b7039b8d76 (patch) | |
tree | 8b613fea3583702af642b3384c036a2f879355f3 /src | |
parent | 10eb93809b1af06e2b1147aee2e3e50058ba1bbd (diff) | |
download | krb5-91596ae028cf458b61c03c13dee8c0b7039b8d76.zip krb5-91596ae028cf458b61c03c13dee8c0b7039b8d76.tar.gz krb5-91596ae028cf458b61c03c13dee8c0b7039b8d76.tar.bz2 |
Rename master_kdc and iprop_master_ulogsize
Use "primary_kdc" and "iprop_ulogsize" as the preferred names of the
two relations. Fall back to the old keys if the new ones are not set.
ticket: 8921
Diffstat (limited to 'src')
-rw-r--r-- | src/include/k5-int.h | 2 | ||||
-rw-r--r-- | src/include/krb5/locate_plugin.h | 3 | ||||
-rw-r--r-- | src/lib/kadm5/alt_prof.c | 25 | ||||
-rw-r--r-- | src/lib/krb5/krb/t_krb5.conf | 2 | ||||
-rw-r--r-- | src/lib/krb5/os/locate_kdc.c | 17 | ||||
-rw-r--r-- | src/util/profile/krb5.conf | 2 | ||||
-rw-r--r-- | src/util/profile/profile.5 | 4 |
7 files changed, 32 insertions, 23 deletions
diff --git a/src/include/k5-int.h b/src/include/k5-int.h index f50cee7..b3e3469 100644 --- a/src/include/k5-int.h +++ b/src/include/k5-int.h @@ -228,6 +228,7 @@ typedef unsigned char u_char; #define KRB5_CONF_IPROP_RESYNC_TIMEOUT "iprop_resync_timeout" #define KRB5_CONF_IPROP_REPLICA_POLL "iprop_replica_poll" #define KRB5_CONF_IPROP_SLAVE_POLL "iprop_slave_poll" +#define KRB5_CONF_IPROP_ULOGSIZE "iprop_ulogsize" #define KRB5_CONF_K5LOGIN_AUTHORITATIVE "k5login_authoritative" #define KRB5_CONF_K5LOGIN_DIRECTORY "k5login_directory" #define KRB5_CONF_KADMIND_LISTEN "kadmind_listen" @@ -280,6 +281,7 @@ typedef unsigned char u_char; #define KRB5_CONF_PLUGINS "plugins" #define KRB5_CONF_PLUGIN_BASE_DIR "plugin_base_dir" #define KRB5_CONF_PREFERRED_PREAUTH_TYPES "preferred_preauth_types" +#define KRB5_CONF_PRIMARY_KDC "primary_kdc" #define KRB5_CONF_PROXIABLE "proxiable" #define KRB5_CONF_QUALIFY_SHORTNAME "qualify_shortname" #define KRB5_CONF_RDNS "rdns" diff --git a/src/include/krb5/locate_plugin.h b/src/include/krb5/locate_plugin.h index d0e8549..7a872a1 100644 --- a/src/include/krb5/locate_plugin.h +++ b/src/include/krb5/locate_plugin.h @@ -34,11 +34,12 @@ enum locate_service_type { locate_service_kdc = 1, - locate_service_master_kdc, + locate_service_primary_kdc, locate_service_kadmin, locate_service_krb524, locate_service_kpasswd }; +#define locate_service_master_kdc locate_service_primary_kdc typedef struct krb5plugin_service_locate_ftable { int minor_version; /* currently 0 */ diff --git a/src/lib/kadm5/alt_prof.c b/src/lib/kadm5/alt_prof.c index 5531a10..d166f0a 100644 --- a/src/lib/kadm5/alt_prof.c +++ b/src/lib/kadm5/alt_prof.c @@ -784,24 +784,25 @@ krb5_error_code kadm5_get_config_params(krb5_context context, GET_DELTAT_PARAM(iprop_resync_timeout, KADM5_CONFIG_IPROP_RESYNC_TIMEOUT, KRB5_CONF_IPROP_RESYNC_TIMEOUT, 60 * 5); - hierarchy[2] = KRB5_CONF_IPROP_MASTER_ULOGSIZE; - - params.iprop_ulogsize = DEF_ULOGENTRIES; - params.mask |= KADM5_CONFIG_ULOG_SIZE; - if (params_in->mask & KADM5_CONFIG_ULOG_SIZE) { params.mask |= KADM5_CONFIG_ULOG_SIZE; params.iprop_ulogsize = params_in->iprop_ulogsize; } else { + params.iprop_ulogsize = 0; + hierarchy[2] = KRB5_CONF_IPROP_ULOGSIZE; if (aprofile != NULL && - !krb5_aprof_get_int32(aprofile, hierarchy, TRUE, &ivalue)) { - if (ivalue <= 0) - params.iprop_ulogsize = DEF_ULOGENTRIES; - else - params.iprop_ulogsize = ivalue; - params.mask |= KADM5_CONFIG_ULOG_SIZE; - } + !krb5_aprof_get_int32(aprofile, hierarchy, TRUE, &ivalue) && + ivalue > 0) + params.iprop_ulogsize = ivalue; + hierarchy[2] = KRB5_CONF_IPROP_MASTER_ULOGSIZE; + if (params.iprop_ulogsize == 0 && aprofile != NULL && + !krb5_aprof_get_int32(aprofile, hierarchy, TRUE, &ivalue) && + ivalue > 0) + params.iprop_ulogsize = ivalue; + if (params.iprop_ulogsize == 0) + params.iprop_ulogsize = DEF_ULOGENTRIES; } + params.mask |= KADM5_CONFIG_ULOG_SIZE; GET_DELTAT_PARAM(iprop_poll_time, KADM5_CONFIG_POLL_TIME, KRB5_CONF_IPROP_REPLICA_POLL, -1); diff --git a/src/lib/krb5/krb/t_krb5.conf b/src/lib/krb5/krb/t_krb5.conf index a80b4ce..a851fbd 100644 --- a/src/lib/krb5/krb/t_krb5.conf +++ b/src/lib/krb5/krb/t_krb5.conf @@ -7,7 +7,7 @@ kdc = KERBEROS-2.MIT.EDU:88 kdc = KERBEROS.MIT.EDU kdc = KERBEROS-1.MIT.EDU - master_kdc = KERBEROS.MIT.EDU + primary_kdc = KERBEROS.MIT.EDU admin_server = KERBEROS.MIT.EDU default_domain = MIT.EDU v4_instance_convert = { diff --git a/src/lib/krb5/os/locate_kdc.c b/src/lib/krb5/os/locate_kdc.c index 7036c74..edca5ac 100644 --- a/src/lib/krb5/os/locate_kdc.c +++ b/src/lib/krb5/os/locate_kdc.c @@ -246,6 +246,11 @@ locate_srv_conf_1(krb5_context context, const krb5_data *realm, realm_srv_names[2] = name; realm_srv_names[3] = 0; code = profile_get_values(context->profile, realm_srv_names, &hostlist); + if (code == PROF_NO_RELATION && strcmp(name, KRB5_CONF_PRIMARY_KDC) == 0) { + realm_srv_names[2] = KRB5_CONF_MASTER_KDC; + code = profile_get_values(context->profile, realm_srv_names, + &hostlist); + } if (code) { Tprintf("config file lookup failed: %s\n", error_message(code)); if (code == PROF_NO_SECTION || code == PROF_NO_RELATION) @@ -495,8 +500,8 @@ prof_locate_server(krb5_context context, const krb5_data *realm, kdc_ports: dflport = KRB5_DEFAULT_PORT; break; - case locate_service_master_kdc: - profname = KRB5_CONF_MASTER_KDC; + case locate_service_primary_kdc: + profname = KRB5_CONF_PRIMARY_KDC; goto kdc_ports; case locate_service_kadmin: profname = KRB5_CONF_ADMIN_SERVER; @@ -663,7 +668,7 @@ dns_locate_server_uri(krb5_context context, const krb5_data *realm, return 0; switch (svc) { - case locate_service_master_kdc: + case locate_service_primary_kdc: find_primary = TRUE; /* Fall through */ case locate_service_kdc: @@ -707,7 +712,7 @@ dns_locate_server_srv(krb5_context context, const krb5_data *realm, case locate_service_kdc: dnsname = "_kerberos"; break; - case locate_service_master_kdc: + case locate_service_primary_kdc: dnsname = "_kerberos-master"; break; case locate_service_kadmin: @@ -824,7 +829,7 @@ k5_locate_kdc(krb5_context context, const krb5_data *realm, { enum locate_service_type stype; - stype = get_primaries ? locate_service_master_kdc : locate_service_kdc; + stype = get_primaries ? locate_service_primary_kdc : locate_service_kdc; return k5_locate_server(context, realm, serverlist, stype, no_udp); } @@ -838,7 +843,7 @@ k5_kdc_is_primary(krb5_context context, const krb5_data *realm, if (server->primary != -1) return server->primary; - if (locate_server(context, realm, &list, locate_service_master_kdc, + if (locate_server(context, realm, &list, locate_service_primary_kdc, server->transport) != 0) return FALSE; found = server_list_contains(&list, server); diff --git a/src/util/profile/krb5.conf b/src/util/profile/krb5.conf index 7d38e9e..de4de84 100644 --- a/src/util/profile/krb5.conf +++ b/src/util/profile/krb5.conf @@ -10,7 +10,7 @@ kdc = kerberos-1.mit.edu kdc = kerberos-2.mit.edu kdc = kerberos-3.mit.edu - master_kdc = kerberos.mit.edu + primary_kdc = kerberos.mit.edu admin_server = kerberos.mit.edu } MEDIA-LAB.MIT.EDU = { diff --git a/src/util/profile/profile.5 b/src/util/profile/profile.5 index 1b0748e..3da6557 100644 --- a/src/util/profile/profile.5 +++ b/src/util/profile/profile.5 @@ -27,7 +27,7 @@ An example profile file might look like this: kdc = kerberos.mit.edu kdc = kerberos-1.mit.edu kdc = kerberos-2.mit.edu - master_kdc = kerberos.mit.edu + primary_kdc = kerberos.mit.edu admin_server = kerberos.mit.edu } CYGNUS.COM = { @@ -66,7 +66,7 @@ sections have been marked as final: [realms] ATHENA.MIT.EDU = { kdc = kerberos.mit.edu - master_kdc = kerberos.mit.edu + primary_kdc = kerberos.mit.edu admin_server = kerberos.mit.edu }* |