oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

krb5: Remove uses of KRB5_USE_PATH_TOKENS

Browse Source
This commit is contained in:
Nicolas Williams
2020-05-25 16:45:55 -05:00
parent 4c34168b01
commit 886cc6026c
8 changed files with 31 additions and 76 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
lib/krb5/acache.c
View File

@@ -88,6 +88,7 @@ static krb5_error_code
init_ccapi(krb5_context context) init_ccapi(krb5_context context)
{ {
const char *lib = NULL; const char *lib = NULL;
char *explib = NULL;
HEIMDAL_MUTEX_lock(&acc_mutex); HEIMDAL_MUTEX_lock(&acc_mutex);
if (init_func) { if (init_func) {
@@ -104,26 +105,19 @@ init_ccapi(krb5_context context)
if (lib == NULL) { if (lib == NULL) {
#ifdef __APPLE__ #ifdef __APPLE__
lib = "/System/Library/Frameworks/Kerberos.framework/Kerberos"; lib = "/System/Library/Frameworks/Kerberos.framework/Kerberos";
#elif defined(KRB5_USE_PATH_TOKENS) && defined(_WIN32) #elif defined(_WIN32)
lib = "%{LIBDIR}/libkrb5_cc.dll"; lib = "%{LIBDIR}/libkrb5_cc.dll";
#else #else
lib = "/usr/lib/libkrb5_cc.so"; lib = "%{LIBDIR}/libkrb5_cc.so";
#endif #endif
} }
#ifdef HAVE_DLOPEN #ifdef HAVE_DLOPEN
#ifdef KRB5_USE_PATH_TOKENS if (_krb5_expand_path_tokens(context, lib, 0, &explib) == 0) {
{ cc_handle = dlopen(explib, RTLD_LAZY|RTLD_LOCAL|RTLD_GROUP);
char * explib = NULL; free(explib);
if (_krb5_expand_path_tokens(context, lib, 0, &explib) == 0) {
cc_handle = dlopen(explib, RTLD_LAZY|RTLD_LOCAL|RTLD_GROUP);
free(explib);
}
} }
#else
cc_handle = dlopen(lib, RTLD_LAZY|RTLD_LOCAL|RTLD_GROUP);
#endif
if (cc_handle == NULL) { if (cc_handle == NULL) {
HEIMDAL_MUTEX_unlock(&acc_mutex); HEIMDAL_MUTEX_unlock(&acc_mutex);

38
lib/krb5/cache.c
View File

@@ -187,8 +187,7 @@ allocate_ccache(krb5_context context,
krb5_ccache *id) krb5_ccache *id)
{ {
krb5_error_code ret; krb5_error_code ret;
#ifdef KRB5_USE_PATH_TOKENS char *exp_residual = NULL;
char * exp_residual = NULL;
int filepath; int filepath;
filepath = (strcmp("FILE", ops->prefix) == 0 filepath = (strcmp("FILE", ops->prefix) == 0
@@ -196,37 +195,22 @@ allocate_ccache(krb5_context context,
|| strcmp("SCC", ops->prefix) == 0); || strcmp("SCC", ops->prefix) == 0);
ret = _krb5_expand_path_tokens(context, residual, filepath, &exp_residual); ret = _krb5_expand_path_tokens(context, residual, filepath, &exp_residual);
if (ret) if (ret == 0)
return ret; ret = _krb5_cc_allocate(context, ops, id);
residual = exp_residual; if (ret == 0) {
#endif if ((*id)->ops->version < KRB5_CC_OPS_VERSION_5
|| (*id)->ops->resolve_2 == NULL) {
ret = _krb5_cc_allocate(context, ops, id); ret = (*id)->ops->resolve(context, id, exp_residual);
if (ret) { } else {
#ifdef KRB5_USE_PATH_TOKENS ret = (*id)->ops->resolve_2(context, id, exp_residual, subsidiary);
if (exp_residual) }
free(exp_residual);
#endif
return ret;
}
if ((*id)->ops->version < KRB5_CC_OPS_VERSION_5
|| (*id)->ops->resolve_2 == NULL) {
ret = (*id)->ops->resolve(context, id, residual);
} else {
ret = (*id)->ops->resolve_2(context, id, residual, subsidiary);
} }
if (ret) { if (ret) {
free(*id); free(*id);
*id = NULL; *id = NULL;
} }
free(exp_residual);
#ifdef KRB5_USE_PATH_TOKENS
if (exp_residual)
free(exp_residual);
#endif
return ret; return ret;
} }

4
lib/krb5/krb5-v4compat.h
View File

@@ -105,11 +105,7 @@ struct credentials {
#define CLOCK_SKEW 5*60 #define CLOCK_SKEW 5*60
#ifndef TKT_ROOT #ifndef TKT_ROOT
#ifdef KRB5_USE_PATH_TOKENS
#define TKT_ROOT "%{TEMP}/tkt" #define TKT_ROOT "%{TEMP}/tkt"
#else
#define TKT_ROOT "/tmp/tkt"
#endif
#endif #endif
struct _krb5_krb_auth_data { struct _krb5_krb_auth_data {

8
lib/krb5/krb5.h
View File

@@ -363,15 +363,7 @@ typedef AP_REQ krb5_ap_req;
struct krb5_cc_ops; struct krb5_cc_ops;
#ifdef _WIN32
#define KRB5_USE_PATH_TOKENS 1
#endif
#ifdef KRB5_USE_PATH_TOKENS
#define KRB5_DEFAULT_CCFILE_ROOT "%{TEMP}/krb5cc_" #define KRB5_DEFAULT_CCFILE_ROOT "%{TEMP}/krb5cc_"
#else
#define KRB5_DEFAULT_CCFILE_ROOT "/tmp/krb5cc_"
#endif
#define KRB5_DEFAULT_CCROOT "FILE:" KRB5_DEFAULT_CCFILE_ROOT #define KRB5_DEFAULT_CCROOT "FILE:" KRB5_DEFAULT_CCFILE_ROOT

5
lib/krb5/krb5_locl.h
View File

@@ -292,13 +292,8 @@ typedef struct krb5_context_data {
krb5_boolean no_ticket_store; /* Don't store service tickets */ krb5_boolean no_ticket_store; /* Don't store service tickets */
} krb5_context_data; } krb5_context_data;
#ifndef KRB5_USE_PATH_TOKENS
#define KRB5_DEFAULT_CCNAME_FILE "FILE:/tmp/krb5cc_%{uid}"
#define KRB5_DEFAULT_CCNAME_DIR "DIR:/tmp/krb5cc_%{uid}_dir/"
#else
#define KRB5_DEFAULT_CCNAME_FILE "FILE:%{TEMP}/krb5cc_%{uid}" #define KRB5_DEFAULT_CCNAME_FILE "FILE:%{TEMP}/krb5cc_%{uid}"
#define KRB5_DEFAULT_CCNAME_DIR "DIR:%{TEMP}/krb5cc_%{uid}_dir/" #define KRB5_DEFAULT_CCNAME_DIR "DIR:%{TEMP}/krb5cc_%{uid}_dir/"
#endif
#define KRB5_DEFAULT_CCNAME_API "API:" #define KRB5_DEFAULT_CCNAME_API "API:"
#define KRB5_DEFAULT_CCNAME_KCM_KCM "KCM:%{uid}" #define KRB5_DEFAULT_CCNAME_KCM_KCM "KCM:%{uid}"
#define KRB5_DEFAULT_CCNAME_KCM_API "API:%{uid}" #define KRB5_DEFAULT_CCNAME_KCM_API "API:%{uid}"

6
lib/krb5/pkinit.c
View File

@@ -2183,9 +2183,8 @@ _krb5_parse_moduli(krb5_context context, const char *file,
if (file == NULL) if (file == NULL)
file = MODULI_FILE; file = MODULI_FILE;
#ifdef KRB5_USE_PATH_TOKENS
{ {
char * exp_file; char *exp_file;
if (_krb5_expand_path_tokens(context, file, 1, &exp_file) == 0) { if (_krb5_expand_path_tokens(context, file, 1, &exp_file) == 0) {
f = fopen(exp_file, "r"); f = fopen(exp_file, "r");
@@ -2194,9 +2193,6 @@ _krb5_parse_moduli(krb5_context context, const char *file,
f = NULL; f = NULL;
} }
} }
#else
f = fopen(file, "r");
#endif
if (f == NULL) { if (f == NULL) {
*moduli = m; *moduli = m;

6
lib/krb5/scache.c
View File

@@ -62,11 +62,7 @@ typedef struct krb5_scache {
#define SCACHE(X) ((krb5_scache *)(X)->data.data) #define SCACHE(X) ((krb5_scache *)(X)->data.data)
#define SCACHE_DEF_NAME "Default-cache" #define SCACHE_DEF_NAME "Default-cache"
#ifdef KRB5_USE_PATH_TOKENS #define KRB5_SCACHE_DB "%{TEMP}/krb5scc_%{uid}"
#define KRB5_SCACHE_DB "%{TEMP}/krb5scc_%{uid}"
#else
#define KRB5_SCACHE_DB "/tmp/krb5scc_%{uid}"
#endif
#define KRB5_SCACHE_NAME "SCC:" KRB5_SCACHE_DB ":" SCACHE_DEF_NAME #define KRB5_SCACHE_NAME "SCC:" KRB5_SCACHE_DB ":" SCACHE_DEF_NAME
#define SCACHE_INVALID_CID ((sqlite_uint64)-1) #define SCACHE_INVALID_CID ((sqlite_uint64)-1)

22
lib/krb5/test_cc.c
View File

@@ -50,11 +50,8 @@ static int debug_flag = 0;
static int version_flag = 0; static int version_flag = 0;
static int help_flag = 0; static int help_flag = 0;
#ifdef KRB5_USE_PATH_TOKENS
#define TEST_CC_NAME "%{TEMP}/krb5-cc-test-foo" #define TEST_CC_NAME "%{TEMP}/krb5-cc-test-foo"
#else #define EXP_TEST_CC_NAME "/tmp/krb5-cc-test-foo"
#define TEST_CC_NAME "/tmp/krb5-cc-test-foo"
#endif
static void static void
test_default_name(krb5_context context) test_default_name(krb5_context context)
@@ -62,6 +59,13 @@ test_default_name(krb5_context context)
krb5_error_code ret; krb5_error_code ret;
const char *p, *test_cc_name = TEST_CC_NAME; const char *p, *test_cc_name = TEST_CC_NAME;
char *p1, *p2, *p3; char *p1, *p2, *p3;
char *exp_test_cc_name;
ret = _krb5_expand_path_tokens(context, test_cc_name, 1,
&exp_test_cc_name);
if (ret)
krb5_err(context, 1, ret, "_krb5_expand_path_tokens(%s) failed",
test_cc_name);
p = krb5_cc_default_name(context); p = krb5_cc_default_name(context);
if (p == NULL) if (p == NULL)
@@ -89,14 +93,12 @@ test_default_name(krb5_context context)
krb5_errx (context, 1, "krb5_cc_default_name 2 failed"); krb5_errx (context, 1, "krb5_cc_default_name 2 failed");
p3 = estrdup(p); p3 = estrdup(p);
#ifndef KRB5_USE_PATH_TOKENS #ifndef WIN32
/* If we are using path tokens, we don't expect the p3 and if (strcmp(exp_test_cc_name, EXP_TEST_CC_NAME) != 0)
test_cc_name to match since p3 is going to have expanded
tokens. */
if (strcmp(p3, test_cc_name) != 0)
krb5_errx (context, 1, "krb5_cc_set_default_name 1 failed"); krb5_errx (context, 1, "krb5_cc_set_default_name 1 failed");
#endif #endif
free(exp_test_cc_name);
free(p1); free(p1);
free(p2); free(p2);
free(p3); free(p3);
@@ -324,7 +326,7 @@ struct {
{ "%{nulll}", 1, NULL }, { "%{nulll}", 1, NULL },
{ "%{does not exist}", 1, NULL }, { "%{does not exist}", 1, NULL },
{ "%{}", 1, NULL }, { "%{}", 1, NULL },
#ifdef KRB5_USE_PATH_TOKENS #ifdef WIN32
{ "%{APPDATA}", 0, NULL }, { "%{APPDATA}", 0, NULL },
{ "%{COMMON_APPDATA}", 0, NULL}, { "%{COMMON_APPDATA}", 0, NULL},
{ "%{LOCAL_APPDATA}", 0, NULL}, { "%{LOCAL_APPDATA}", 0, NULL},