nuke kerberos 4 kadmin goo

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13845 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Johan Danielsson
2004-05-13 17:46:20 +00:00
parent c3b80ba3c4
commit 2450e7b7f8
7 changed files with 14 additions and 1064 deletions

View File

@@ -2,7 +2,7 @@
include $(top_srcdir)/Makefile.am.common
INCLUDES += $(INCLUDE_readline) $(INCLUDE_krb4) $(INCLUDE_des) -I$(srcdir)/../lib/krb5
INCLUDES += $(INCLUDE_readline) $(INCLUDE_des) -I$(srcdir)/../lib/krb5
sbin_PROGRAMS = kadmin
@@ -30,11 +30,6 @@ kadmin_SOURCES = \
random_password.c \
kadmin_locl.h
if KRB4
KRB4LIB = $(LIB_krb4)
version4_c = version4.c
endif
kadmind_SOURCES = \
kadmind.c \
server.c \
@@ -42,8 +37,6 @@ kadmind_SOURCES = \
$(version4_c) \
kadm_conn.c
EXTRA_kadmind_SOURCES = version4.c
add_random_users_SOURCES = add-random-users.c
LDADD_common = \
@@ -55,7 +48,7 @@ LDADD_common = \
$(LIB_roken) \
$(DBLIB)
kadmind_LDADD = $(KRB4LIB) $(top_builddir)/lib/kadm5/libkadm5srv.la \
kadmind_LDADD = $(top_builddir)/lib/kadm5/libkadm5srv.la \
$(LDADD_common) \
$(LIB_pidfile) \
$(LIB_dlopen)

View File

@@ -1,5 +1,5 @@
/*
* Copyright (c) 2000 - 2001 Kungliga Tekniska H<>gskolan
* Copyright (c) 2000 - 2004 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -62,16 +62,10 @@ add_kadm_port(krb5_context context, const char *service, unsigned int port)
kadm_ports = p;
}
extern int do_kerberos4;
static void
add_standard_ports (krb5_context context)
{
add_kadm_port(context, "kerberos-adm", 749);
#ifdef KRB4
if(do_kerberos4)
add_kadm_port(context, "kerberos-master", 751);
#endif
}
/*

View File

@@ -1,5 +1,5 @@
/*
* Copyright (c) 1997-2001 Kungliga Tekniska H<>gskolan
* Copyright (c) 1997-2004 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -168,11 +168,6 @@ int parse_des_key (const char *key_string,
krb5_error_code
kadmind_loop (krb5_context, krb5_auth_context, krb5_keytab, int);
/* version4.c */
void
handle_v4(krb5_context context, krb5_keytab keytab, int len, int fd);
/* random_password.c */
void

View File

@@ -1,4 +1,4 @@
.\" Copyright (c) 2002 - 2003 Kungliga Tekniska H<>gskolan
.\" Copyright (c) 2002 - 2004 Kungliga Tekniska H<>gskolan
.\" (Royal Institute of Technology, Stockholm, Sweden).
.\" All rights reserved.
.\"
@@ -57,7 +57,6 @@
.Fl -ports= Ns Ar port
.Xc
.Oc
.Op Fl -no-kerberos4
.Sh DESCRIPTION
.Nm
listens for requests for changes to the Kerberos database and performs
@@ -156,10 +155,6 @@ whitespace separated list of port specifications, with the special
string
.Dq +
representing the default set of ports.
.It Fl -no-kerberos4
make
.Nm
ignore Kerberos 4 kadmin requests.
.El
.\".Sh ENVIRONMENT
.Sh FILES

View File

@@ -1,5 +1,5 @@
/*
* Copyright (c) 1997-2003 Kungliga Tekniska H<>gskolan
* Copyright (c) 1997-2004 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -45,9 +45,6 @@ static int version_flag;
static int debug_flag;
static char *port_str;
char *realm;
#ifdef KRB4
int do_kerberos4 = 0;
#endif
static struct getargs args[] = {
{
@@ -74,11 +71,6 @@ static struct getargs args[] = {
{ "debug", 'd', arg_flag, &debug_flag,
"enable debugging"
},
#ifdef KRB4
{ "kerberos4", 0, arg_flag, &do_kerberos4,
"don't respond to kerberos 4 requests"
},
#endif
{ "ports", 'p', arg_string, &port_str,
"ports to listen to", "port" },
{ "help", 'h', arg_flag, &help_flag },

View File

@@ -1,5 +1,5 @@
/*
* Copyright (c) 1997 - 2003 Kungliga Tekniska H<>gskolan
* Copyright (c) 1997 - 2004 Kungliga Tekniska H<>gskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -542,8 +542,6 @@ handle_v5(krb5_context context,
v5_loop (context, ac, initial, kadm_handle, fd);
}
extern int do_kerberos4;
krb5_error_code
kadmind_loop(krb5_context context,
krb5_auth_context ac,
@@ -560,16 +558,15 @@ kadmind_loop(krb5_context context,
if(n < 0)
krb5_err(context, 1, errno, "read");
_krb5_get_int(tmp, &len, 4);
/* this v4 test could probably also go away */
if(len > 0xffff && (len & 0xffff) == ('K' << 8) + 'A') {
len >>= 16;
#ifdef KRB4
if(do_kerberos4)
handle_v4(context, keytab, len, fd);
else
krb5_errx(context, 1, "version 4 kadmin is disabled");
#else
unsigned char v4reply[] = {
0x00, 0x0c,
'K', 'Y', 'O', 'U', 'L', 'O', 'S', 'E',
0x95, 0xb7, 0xa7, 0x08 /* KADM_BAD_VER */
};
krb5_net_write(context, &fd, v4reply, sizeof(v4reply));
krb5_errx(context, 1, "packet appears to be version 4");
#endif
} else {
handle_v5(context, ac, keytab, len, fd);
}

File diff suppressed because it is too large Load Diff