From 886cc6026cff66737f95490ef9943c67c47dd99b Mon Sep 17 00:00:00 2001 From: Nicolas Williams Date: Mon, 25 May 2020 16:45:55 -0500 Subject: [PATCH] krb5: Remove uses of KRB5_USE_PATH_TOKENS --- lib/krb5/acache.c | 18 ++++++------------ lib/krb5/cache.c | 38 +++++++++++--------------------------- lib/krb5/krb5-v4compat.h | 4 ---- lib/krb5/krb5.h | 8 -------- lib/krb5/krb5_locl.h | 5 ----- lib/krb5/pkinit.c | 6 +----- lib/krb5/scache.c | 6 +----- lib/krb5/test_cc.c | 22 ++++++++++++---------- 8 files changed, 31 insertions(+), 76 deletions(-) diff --git a/lib/krb5/acache.c b/lib/krb5/acache.c index 23ec58a0b..4639240c0 100644 --- a/lib/krb5/acache.c +++ b/lib/krb5/acache.c @@ -88,6 +88,7 @@ static krb5_error_code init_ccapi(krb5_context context) { const char *lib = NULL; + char *explib = NULL; HEIMDAL_MUTEX_lock(&acc_mutex); if (init_func) { @@ -104,26 +105,19 @@ init_ccapi(krb5_context context) if (lib == NULL) { #ifdef __APPLE__ lib = "/System/Library/Frameworks/Kerberos.framework/Kerberos"; -#elif defined(KRB5_USE_PATH_TOKENS) && defined(_WIN32) +#elif defined(_WIN32) lib = "%{LIBDIR}/libkrb5_cc.dll"; #else - lib = "/usr/lib/libkrb5_cc.so"; + lib = "%{LIBDIR}/libkrb5_cc.so"; #endif } #ifdef HAVE_DLOPEN -#ifdef KRB5_USE_PATH_TOKENS - { - char * explib = NULL; - if (_krb5_expand_path_tokens(context, lib, 0, &explib) == 0) { - cc_handle = dlopen(explib, RTLD_LAZY|RTLD_LOCAL|RTLD_GROUP); - free(explib); - } + if (_krb5_expand_path_tokens(context, lib, 0, &explib) == 0) { + cc_handle = dlopen(explib, RTLD_LAZY|RTLD_LOCAL|RTLD_GROUP); + free(explib); } -#else - cc_handle = dlopen(lib, RTLD_LAZY|RTLD_LOCAL|RTLD_GROUP); -#endif if (cc_handle == NULL) { HEIMDAL_MUTEX_unlock(&acc_mutex); diff --git a/lib/krb5/cache.c b/lib/krb5/cache.c index e9f2e6e81..a752f65f3 100644 --- a/lib/krb5/cache.c +++ b/lib/krb5/cache.c @@ -187,8 +187,7 @@ allocate_ccache(krb5_context context, krb5_ccache *id) { krb5_error_code ret; -#ifdef KRB5_USE_PATH_TOKENS - char * exp_residual = NULL; + char *exp_residual = NULL; int filepath; filepath = (strcmp("FILE", ops->prefix) == 0 @@ -196,37 +195,22 @@ allocate_ccache(krb5_context context, || strcmp("SCC", ops->prefix) == 0); ret = _krb5_expand_path_tokens(context, residual, filepath, &exp_residual); - if (ret) - return ret; + if (ret == 0) + ret = _krb5_cc_allocate(context, ops, id); - residual = exp_residual; -#endif - - ret = _krb5_cc_allocate(context, ops, id); - if (ret) { -#ifdef KRB5_USE_PATH_TOKENS - if (exp_residual) - free(exp_residual); -#endif - return ret; - } - - if ((*id)->ops->version < KRB5_CC_OPS_VERSION_5 - || (*id)->ops->resolve_2 == NULL) { - ret = (*id)->ops->resolve(context, id, residual); - } else { - ret = (*id)->ops->resolve_2(context, id, residual, subsidiary); + if (ret == 0) { + if ((*id)->ops->version < KRB5_CC_OPS_VERSION_5 + || (*id)->ops->resolve_2 == NULL) { + ret = (*id)->ops->resolve(context, id, exp_residual); + } else { + ret = (*id)->ops->resolve_2(context, id, exp_residual, subsidiary); + } } if (ret) { free(*id); *id = NULL; } - -#ifdef KRB5_USE_PATH_TOKENS - if (exp_residual) - free(exp_residual); -#endif - + free(exp_residual); return ret; } diff --git a/lib/krb5/krb5-v4compat.h b/lib/krb5/krb5-v4compat.h index 324c8c1d3..2992976e6 100644 --- a/lib/krb5/krb5-v4compat.h +++ b/lib/krb5/krb5-v4compat.h @@ -105,11 +105,7 @@ struct credentials { #define CLOCK_SKEW 5*60 #ifndef TKT_ROOT -#ifdef KRB5_USE_PATH_TOKENS #define TKT_ROOT "%{TEMP}/tkt" -#else -#define TKT_ROOT "/tmp/tkt" -#endif #endif struct _krb5_krb_auth_data { diff --git a/lib/krb5/krb5.h b/lib/krb5/krb5.h index e24df07a3..66e9ed19e 100644 --- a/lib/krb5/krb5.h +++ b/lib/krb5/krb5.h @@ -363,15 +363,7 @@ typedef AP_REQ krb5_ap_req; struct krb5_cc_ops; -#ifdef _WIN32 -#define KRB5_USE_PATH_TOKENS 1 -#endif - -#ifdef KRB5_USE_PATH_TOKENS #define KRB5_DEFAULT_CCFILE_ROOT "%{TEMP}/krb5cc_" -#else -#define KRB5_DEFAULT_CCFILE_ROOT "/tmp/krb5cc_" -#endif #define KRB5_DEFAULT_CCROOT "FILE:" KRB5_DEFAULT_CCFILE_ROOT diff --git a/lib/krb5/krb5_locl.h b/lib/krb5/krb5_locl.h index 738916731..381aa12fe 100644 --- a/lib/krb5/krb5_locl.h +++ b/lib/krb5/krb5_locl.h @@ -292,13 +292,8 @@ typedef struct krb5_context_data { krb5_boolean no_ticket_store; /* Don't store service tickets */ } krb5_context_data; -#ifndef KRB5_USE_PATH_TOKENS -#define KRB5_DEFAULT_CCNAME_FILE "FILE:/tmp/krb5cc_%{uid}" -#define KRB5_DEFAULT_CCNAME_DIR "DIR:/tmp/krb5cc_%{uid}_dir/" -#else #define KRB5_DEFAULT_CCNAME_FILE "FILE:%{TEMP}/krb5cc_%{uid}" #define KRB5_DEFAULT_CCNAME_DIR "DIR:%{TEMP}/krb5cc_%{uid}_dir/" -#endif #define KRB5_DEFAULT_CCNAME_API "API:" #define KRB5_DEFAULT_CCNAME_KCM_KCM "KCM:%{uid}" #define KRB5_DEFAULT_CCNAME_KCM_API "API:%{uid}" diff --git a/lib/krb5/pkinit.c b/lib/krb5/pkinit.c index 27aad7f16..72763d4a1 100644 --- a/lib/krb5/pkinit.c +++ b/lib/krb5/pkinit.c @@ -2183,9 +2183,8 @@ _krb5_parse_moduli(krb5_context context, const char *file, if (file == NULL) file = MODULI_FILE; -#ifdef KRB5_USE_PATH_TOKENS { - char * exp_file; + char *exp_file; if (_krb5_expand_path_tokens(context, file, 1, &exp_file) == 0) { f = fopen(exp_file, "r"); @@ -2194,9 +2193,6 @@ _krb5_parse_moduli(krb5_context context, const char *file, f = NULL; } } -#else - f = fopen(file, "r"); -#endif if (f == NULL) { *moduli = m; diff --git a/lib/krb5/scache.c b/lib/krb5/scache.c index 7a87382a7..8d57eaba6 100644 --- a/lib/krb5/scache.c +++ b/lib/krb5/scache.c @@ -62,11 +62,7 @@ typedef struct krb5_scache { #define SCACHE(X) ((krb5_scache *)(X)->data.data) #define SCACHE_DEF_NAME "Default-cache" -#ifdef KRB5_USE_PATH_TOKENS -#define KRB5_SCACHE_DB "%{TEMP}/krb5scc_%{uid}" -#else -#define KRB5_SCACHE_DB "/tmp/krb5scc_%{uid}" -#endif +#define KRB5_SCACHE_DB "%{TEMP}/krb5scc_%{uid}" #define KRB5_SCACHE_NAME "SCC:" KRB5_SCACHE_DB ":" SCACHE_DEF_NAME #define SCACHE_INVALID_CID ((sqlite_uint64)-1) diff --git a/lib/krb5/test_cc.c b/lib/krb5/test_cc.c index f432a328b..5eb09b699 100644 --- a/lib/krb5/test_cc.c +++ b/lib/krb5/test_cc.c @@ -50,11 +50,8 @@ static int debug_flag = 0; static int version_flag = 0; static int help_flag = 0; -#ifdef KRB5_USE_PATH_TOKENS #define TEST_CC_NAME "%{TEMP}/krb5-cc-test-foo" -#else -#define TEST_CC_NAME "/tmp/krb5-cc-test-foo" -#endif +#define EXP_TEST_CC_NAME "/tmp/krb5-cc-test-foo" static void test_default_name(krb5_context context) @@ -62,6 +59,13 @@ test_default_name(krb5_context context) krb5_error_code ret; const char *p, *test_cc_name = TEST_CC_NAME; char *p1, *p2, *p3; + char *exp_test_cc_name; + + ret = _krb5_expand_path_tokens(context, test_cc_name, 1, + &exp_test_cc_name); + if (ret) + krb5_err(context, 1, ret, "_krb5_expand_path_tokens(%s) failed", + test_cc_name); p = krb5_cc_default_name(context); if (p == NULL) @@ -89,14 +93,12 @@ test_default_name(krb5_context context) krb5_errx (context, 1, "krb5_cc_default_name 2 failed"); p3 = estrdup(p); -#ifndef KRB5_USE_PATH_TOKENS - /* If we are using path tokens, we don't expect the p3 and - test_cc_name to match since p3 is going to have expanded - tokens. */ - if (strcmp(p3, test_cc_name) != 0) +#ifndef WIN32 + if (strcmp(exp_test_cc_name, EXP_TEST_CC_NAME) != 0) krb5_errx (context, 1, "krb5_cc_set_default_name 1 failed"); #endif + free(exp_test_cc_name); free(p1); free(p2); free(p3); @@ -324,7 +326,7 @@ struct { { "%{nulll}", 1, NULL }, { "%{does not exist}", 1, NULL }, { "%{}", 1, NULL }, -#ifdef KRB5_USE_PATH_TOKENS +#ifdef WIN32 { "%{APPDATA}", 0, NULL }, { "%{COMMON_APPDATA}", 0, NULL}, { "%{LOCAL_APPDATA}", 0, NULL},