krb5: Remove uses of KRB5_USE_PATH_TOKENS

This commit is contained in:
Nicolas Williams
2020-05-25 16:45:55 -05:00
parent 4c34168b01
commit 886cc6026c
8 changed files with 31 additions and 76 deletions

View File

@@ -88,6 +88,7 @@ static krb5_error_code
init_ccapi(krb5_context context)
{
const char *lib = NULL;
char *explib = NULL;
HEIMDAL_MUTEX_lock(&acc_mutex);
if (init_func) {
@@ -104,26 +105,19 @@ init_ccapi(krb5_context context)
if (lib == NULL) {
#ifdef __APPLE__
lib = "/System/Library/Frameworks/Kerberos.framework/Kerberos";
#elif defined(KRB5_USE_PATH_TOKENS) && defined(_WIN32)
#elif defined(_WIN32)
lib = "%{LIBDIR}/libkrb5_cc.dll";
#else
lib = "/usr/lib/libkrb5_cc.so";
lib = "%{LIBDIR}/libkrb5_cc.so";
#endif
}
#ifdef HAVE_DLOPEN
#ifdef KRB5_USE_PATH_TOKENS
{
char * explib = NULL;
if (_krb5_expand_path_tokens(context, lib, 0, &explib) == 0) {
cc_handle = dlopen(explib, RTLD_LAZY|RTLD_LOCAL|RTLD_GROUP);
free(explib);
}
if (_krb5_expand_path_tokens(context, lib, 0, &explib) == 0) {
cc_handle = dlopen(explib, RTLD_LAZY|RTLD_LOCAL|RTLD_GROUP);
free(explib);
}
#else
cc_handle = dlopen(lib, RTLD_LAZY|RTLD_LOCAL|RTLD_GROUP);
#endif
if (cc_handle == NULL) {
HEIMDAL_MUTEX_unlock(&acc_mutex);

View File

@@ -187,8 +187,7 @@ allocate_ccache(krb5_context context,
krb5_ccache *id)
{
krb5_error_code ret;
#ifdef KRB5_USE_PATH_TOKENS
char * exp_residual = NULL;
char *exp_residual = NULL;
int filepath;
filepath = (strcmp("FILE", ops->prefix) == 0
@@ -196,37 +195,22 @@ allocate_ccache(krb5_context context,
|| strcmp("SCC", ops->prefix) == 0);
ret = _krb5_expand_path_tokens(context, residual, filepath, &exp_residual);
if (ret)
return ret;
if (ret == 0)
ret = _krb5_cc_allocate(context, ops, id);
residual = exp_residual;
#endif
ret = _krb5_cc_allocate(context, ops, id);
if (ret) {
#ifdef KRB5_USE_PATH_TOKENS
if (exp_residual)
free(exp_residual);
#endif
return ret;
}
if ((*id)->ops->version < KRB5_CC_OPS_VERSION_5
|| (*id)->ops->resolve_2 == NULL) {
ret = (*id)->ops->resolve(context, id, residual);
} else {
ret = (*id)->ops->resolve_2(context, id, residual, subsidiary);
if (ret == 0) {
if ((*id)->ops->version < KRB5_CC_OPS_VERSION_5
|| (*id)->ops->resolve_2 == NULL) {
ret = (*id)->ops->resolve(context, id, exp_residual);
} else {
ret = (*id)->ops->resolve_2(context, id, exp_residual, subsidiary);
}
}
if (ret) {
free(*id);
*id = NULL;
}
#ifdef KRB5_USE_PATH_TOKENS
if (exp_residual)
free(exp_residual);
#endif
free(exp_residual);
return ret;
}

View File

@@ -105,11 +105,7 @@ struct credentials {
#define CLOCK_SKEW 5*60
#ifndef TKT_ROOT
#ifdef KRB5_USE_PATH_TOKENS
#define TKT_ROOT "%{TEMP}/tkt"
#else
#define TKT_ROOT "/tmp/tkt"
#endif
#endif
struct _krb5_krb_auth_data {

View File

@@ -363,15 +363,7 @@ typedef AP_REQ krb5_ap_req;
struct krb5_cc_ops;
#ifdef _WIN32
#define KRB5_USE_PATH_TOKENS 1
#endif
#ifdef KRB5_USE_PATH_TOKENS
#define KRB5_DEFAULT_CCFILE_ROOT "%{TEMP}/krb5cc_"
#else
#define KRB5_DEFAULT_CCFILE_ROOT "/tmp/krb5cc_"
#endif
#define KRB5_DEFAULT_CCROOT "FILE:" KRB5_DEFAULT_CCFILE_ROOT

View File

@@ -292,13 +292,8 @@ typedef struct krb5_context_data {
krb5_boolean no_ticket_store; /* Don't store service tickets */
} krb5_context_data;
#ifndef KRB5_USE_PATH_TOKENS
#define KRB5_DEFAULT_CCNAME_FILE "FILE:/tmp/krb5cc_%{uid}"
#define KRB5_DEFAULT_CCNAME_DIR "DIR:/tmp/krb5cc_%{uid}_dir/"
#else
#define KRB5_DEFAULT_CCNAME_FILE "FILE:%{TEMP}/krb5cc_%{uid}"
#define KRB5_DEFAULT_CCNAME_DIR "DIR:%{TEMP}/krb5cc_%{uid}_dir/"
#endif
#define KRB5_DEFAULT_CCNAME_API "API:"
#define KRB5_DEFAULT_CCNAME_KCM_KCM "KCM:%{uid}"
#define KRB5_DEFAULT_CCNAME_KCM_API "API:%{uid}"

View File

@@ -2183,9 +2183,8 @@ _krb5_parse_moduli(krb5_context context, const char *file,
if (file == NULL)
file = MODULI_FILE;
#ifdef KRB5_USE_PATH_TOKENS
{
char * exp_file;
char *exp_file;
if (_krb5_expand_path_tokens(context, file, 1, &exp_file) == 0) {
f = fopen(exp_file, "r");
@@ -2194,9 +2193,6 @@ _krb5_parse_moduli(krb5_context context, const char *file,
f = NULL;
}
}
#else
f = fopen(file, "r");
#endif
if (f == NULL) {
*moduli = m;

View File

@@ -62,11 +62,7 @@ typedef struct krb5_scache {
#define SCACHE(X) ((krb5_scache *)(X)->data.data)
#define SCACHE_DEF_NAME "Default-cache"
#ifdef KRB5_USE_PATH_TOKENS
#define KRB5_SCACHE_DB "%{TEMP}/krb5scc_%{uid}"
#else
#define KRB5_SCACHE_DB "/tmp/krb5scc_%{uid}"
#endif
#define KRB5_SCACHE_DB "%{TEMP}/krb5scc_%{uid}"
#define KRB5_SCACHE_NAME "SCC:" KRB5_SCACHE_DB ":" SCACHE_DEF_NAME
#define SCACHE_INVALID_CID ((sqlite_uint64)-1)

View File

@@ -50,11 +50,8 @@ static int debug_flag = 0;
static int version_flag = 0;
static int help_flag = 0;
#ifdef KRB5_USE_PATH_TOKENS
#define TEST_CC_NAME "%{TEMP}/krb5-cc-test-foo"
#else
#define TEST_CC_NAME "/tmp/krb5-cc-test-foo"
#endif
#define EXP_TEST_CC_NAME "/tmp/krb5-cc-test-foo"
static void
test_default_name(krb5_context context)
@@ -62,6 +59,13 @@ test_default_name(krb5_context context)
krb5_error_code ret;
const char *p, *test_cc_name = TEST_CC_NAME;
char *p1, *p2, *p3;
char *exp_test_cc_name;
ret = _krb5_expand_path_tokens(context, test_cc_name, 1,
&exp_test_cc_name);
if (ret)
krb5_err(context, 1, ret, "_krb5_expand_path_tokens(%s) failed",
test_cc_name);
p = krb5_cc_default_name(context);
if (p == NULL)
@@ -89,14 +93,12 @@ test_default_name(krb5_context context)
krb5_errx (context, 1, "krb5_cc_default_name 2 failed");
p3 = estrdup(p);
#ifndef KRB5_USE_PATH_TOKENS
/* If we are using path tokens, we don't expect the p3 and
test_cc_name to match since p3 is going to have expanded
tokens. */
if (strcmp(p3, test_cc_name) != 0)
#ifndef WIN32
if (strcmp(exp_test_cc_name, EXP_TEST_CC_NAME) != 0)
krb5_errx (context, 1, "krb5_cc_set_default_name 1 failed");
#endif
free(exp_test_cc_name);
free(p1);
free(p2);
free(p3);
@@ -324,7 +326,7 @@ struct {
{ "%{nulll}", 1, NULL },
{ "%{does not exist}", 1, NULL },
{ "%{}", 1, NULL },
#ifdef KRB5_USE_PATH_TOKENS
#ifdef WIN32
{ "%{APPDATA}", 0, NULL },
{ "%{COMMON_APPDATA}", 0, NULL},
{ "%{LOCAL_APPDATA}", 0, NULL},