nuke kerberos 4 kadmin goo
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13845 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Johan Danielsson
@@ -2,7 +2,7 @@
|
|||||||
|
|
||||||
include $(top_srcdir)/Makefile.am.common
|
include $(top_srcdir)/Makefile.am.common
|
||||||
|
|
||||||
INCLUDES += $(INCLUDE_readline) $(INCLUDE_krb4) $(INCLUDE_des) -I$(srcdir)/../lib/krb5
|
INCLUDES += $(INCLUDE_readline) $(INCLUDE_des) -I$(srcdir)/../lib/krb5
|
||||||
|
|
||||||
sbin_PROGRAMS = kadmin
|
sbin_PROGRAMS = kadmin
|
||||||
|
|
||||||
@@ -30,11 +30,6 @@ kadmin_SOURCES = \
|
|||||||
random_password.c \
|
random_password.c \
|
||||||
kadmin_locl.h
|
kadmin_locl.h
|
||||||
|
|
||||||
if KRB4
|
|
||||||
KRB4LIB = $(LIB_krb4)
|
|
||||||
version4_c = version4.c
|
|
||||||
endif
|
|
||||||
|
|
||||||
kadmind_SOURCES = \
|
kadmind_SOURCES = \
|
||||||
kadmind.c \
|
kadmind.c \
|
||||||
server.c \
|
server.c \
|
||||||
@@ -42,8 +37,6 @@ kadmind_SOURCES = \
|
|||||||
$(version4_c) \
|
$(version4_c) \
|
||||||
kadm_conn.c
|
kadm_conn.c
|
||||||
|
|
||||||
EXTRA_kadmind_SOURCES = version4.c
|
|
||||||
|
|
||||||
add_random_users_SOURCES = add-random-users.c
|
add_random_users_SOURCES = add-random-users.c
|
||||||
|
|
||||||
LDADD_common = \
|
LDADD_common = \
|
||||||
@@ -55,7 +48,7 @@ LDADD_common = \
|
|||||||
$(LIB_roken) \
|
$(LIB_roken) \
|
||||||
$(DBLIB)
|
$(DBLIB)
|
||||||
|
|
||||||
kadmind_LDADD = $(KRB4LIB) $(top_builddir)/lib/kadm5/libkadm5srv.la \
|
kadmind_LDADD = $(top_builddir)/lib/kadm5/libkadm5srv.la \
|
||||||
$(LDADD_common) \
|
$(LDADD_common) \
|
||||||
$(LIB_pidfile) \
|
$(LIB_pidfile) \
|
||||||
$(LIB_dlopen)
|
$(LIB_dlopen)
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2000 - 2001 Kungliga Tekniska H<>gskolan
|
* Copyright (c) 2000 - 2004 Kungliga Tekniska H<>gskolan
|
||||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
@@ -62,16 +62,10 @@ add_kadm_port(krb5_context context, const char *service, unsigned int port)
|
|||||||
kadm_ports = p;
|
kadm_ports = p;
|
||||||
}
|
}
|
||||||
|
|
||||||
extern int do_kerberos4;
|
|
||||||
|
|
||||||
static void
|
static void
|
||||||
add_standard_ports (krb5_context context)
|
add_standard_ports (krb5_context context)
|
||||||
{
|
{
|
||||||
add_kadm_port(context, "kerberos-adm", 749);
|
add_kadm_port(context, "kerberos-adm", 749);
|
||||||
#ifdef KRB4
|
|
||||||
if(do_kerberos4)
|
|
||||||
add_kadm_port(context, "kerberos-master", 751);
|
|
||||||
#endif
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1997-2001 Kungliga Tekniska H<>gskolan
|
* Copyright (c) 1997-2004 Kungliga Tekniska H<>gskolan
|
||||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
@@ -168,11 +168,6 @@ int parse_des_key (const char *key_string,
|
|||||||
krb5_error_code
|
krb5_error_code
|
||||||
kadmind_loop (krb5_context, krb5_auth_context, krb5_keytab, int);
|
kadmind_loop (krb5_context, krb5_auth_context, krb5_keytab, int);
|
||||||
|
|
||||||
/* version4.c */
|
|
||||||
|
|
||||||
void
|
|
||||||
handle_v4(krb5_context context, krb5_keytab keytab, int len, int fd);
|
|
||||||
|
|
||||||
/* random_password.c */
|
/* random_password.c */
|
||||||
|
|
||||||
void
|
void
|
||||||
|
|||||||
@@ -1,4 +1,4 @@
|
|||||||
.\" Copyright (c) 2002 - 2003 Kungliga Tekniska H<>gskolan
|
.\" Copyright (c) 2002 - 2004 Kungliga Tekniska H<>gskolan
|
||||||
.\" (Royal Institute of Technology, Stockholm, Sweden).
|
.\" (Royal Institute of Technology, Stockholm, Sweden).
|
||||||
.\" All rights reserved.
|
.\" All rights reserved.
|
||||||
.\"
|
.\"
|
||||||
@@ -57,7 +57,6 @@
|
|||||||
.Fl -ports= Ns Ar port
|
.Fl -ports= Ns Ar port
|
||||||
.Xc
|
.Xc
|
||||||
.Oc
|
.Oc
|
||||||
.Op Fl -no-kerberos4
|
|
||||||
.Sh DESCRIPTION
|
.Sh DESCRIPTION
|
||||||
.Nm
|
.Nm
|
||||||
listens for requests for changes to the Kerberos database and performs
|
listens for requests for changes to the Kerberos database and performs
|
||||||
@@ -156,10 +155,6 @@ whitespace separated list of port specifications, with the special
|
|||||||
string
|
string
|
||||||
.Dq +
|
.Dq +
|
||||||
representing the default set of ports.
|
representing the default set of ports.
|
||||||
.It Fl -no-kerberos4
|
|
||||||
make
|
|
||||||
.Nm
|
|
||||||
ignore Kerberos 4 kadmin requests.
|
|
||||||
.El
|
.El
|
||||||
.\".Sh ENVIRONMENT
|
.\".Sh ENVIRONMENT
|
||||||
.Sh FILES
|
.Sh FILES
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1997-2003 Kungliga Tekniska H<>gskolan
|
* Copyright (c) 1997-2004 Kungliga Tekniska H<>gskolan
|
||||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
@@ -45,9 +45,6 @@ static int version_flag;
|
|||||||
static int debug_flag;
|
static int debug_flag;
|
||||||
static char *port_str;
|
static char *port_str;
|
||||||
char *realm;
|
char *realm;
|
||||||
#ifdef KRB4
|
|
||||||
int do_kerberos4 = 0;
|
|
||||||
#endif
|
|
||||||
|
|
||||||
static struct getargs args[] = {
|
static struct getargs args[] = {
|
||||||
{
|
{
|
||||||
@@ -74,11 +71,6 @@ static struct getargs args[] = {
|
|||||||
{ "debug", 'd', arg_flag, &debug_flag,
|
{ "debug", 'd', arg_flag, &debug_flag,
|
||||||
"enable debugging"
|
"enable debugging"
|
||||||
},
|
},
|
||||||
#ifdef KRB4
|
|
||||||
{ "kerberos4", 0, arg_flag, &do_kerberos4,
|
|
||||||
"don't respond to kerberos 4 requests"
|
|
||||||
},
|
|
||||||
#endif
|
|
||||||
{ "ports", 'p', arg_string, &port_str,
|
{ "ports", 'p', arg_string, &port_str,
|
||||||
"ports to listen to", "port" },
|
"ports to listen to", "port" },
|
||||||
{ "help", 'h', arg_flag, &help_flag },
|
{ "help", 'h', arg_flag, &help_flag },
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1997 - 2003 Kungliga Tekniska H<>gskolan
|
* Copyright (c) 1997 - 2004 Kungliga Tekniska H<>gskolan
|
||||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
@@ -542,8 +542,6 @@ handle_v5(krb5_context context,
|
|||||||
v5_loop (context, ac, initial, kadm_handle, fd);
|
v5_loop (context, ac, initial, kadm_handle, fd);
|
||||||
}
|
}
|
||||||
|
|
||||||
extern int do_kerberos4;
|
|
||||||
|
|
||||||
krb5_error_code
|
krb5_error_code
|
||||||
kadmind_loop(krb5_context context,
|
kadmind_loop(krb5_context context,
|
||||||
krb5_auth_context ac,
|
krb5_auth_context ac,
|
||||||
@@ -560,16 +558,15 @@ kadmind_loop(krb5_context context,
|
|||||||
if(n < 0)
|
if(n < 0)
|
||||||
krb5_err(context, 1, errno, "read");
|
krb5_err(context, 1, errno, "read");
|
||||||
_krb5_get_int(tmp, &len, 4);
|
_krb5_get_int(tmp, &len, 4);
|
||||||
|
/* this v4 test could probably also go away */
|
||||||
if(len > 0xffff && (len & 0xffff) == ('K' << 8) + 'A') {
|
if(len > 0xffff && (len & 0xffff) == ('K' << 8) + 'A') {
|
||||||
len >>= 16;
|
unsigned char v4reply[] = {
|
||||||
#ifdef KRB4
|
0x00, 0x0c,
|
||||||
if(do_kerberos4)
|
'K', 'Y', 'O', 'U', 'L', 'O', 'S', 'E',
|
||||||
handle_v4(context, keytab, len, fd);
|
0x95, 0xb7, 0xa7, 0x08 /* KADM_BAD_VER */
|
||||||
else
|
};
|
||||||
krb5_errx(context, 1, "version 4 kadmin is disabled");
|
krb5_net_write(context, &fd, v4reply, sizeof(v4reply));
|
||||||
#else
|
|
||||||
krb5_errx(context, 1, "packet appears to be version 4");
|
krb5_errx(context, 1, "packet appears to be version 4");
|
||||||
#endif
|
|
||||||
} else {
|
} else {
|
||||||
handle_v5(context, ac, keytab, len, fd);
|
handle_v5(context, ac, keytab, len, fd);
|
||||||
}
|
}
|
||||||
|
|||||||
1016
kadmin/version4.c
1016
kadmin/version4.c
File diff suppressed because it is too large
Load Diff
Reference in New Issue
Block a user