From ca6053358ad1865104932bee1802073f7ac171f2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= <lha@kth.se>
Date: Sat, 23 Apr 2005 19:40:57 +0000
Subject: [PATCH] Move the kerberos v4 replacement functions to v4_glue.c

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14897 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 lib/krb5/convert_creds.c | 275 ---------------------------------------
 1 file changed, 275 deletions(-)

diff --git a/lib/krb5/convert_creds.c b/lib/krb5/convert_creds.c
index 9f2624138..07dab2e30 100644
--- a/lib/krb5/convert_creds.c
+++ b/lib/krb5/convert_creds.c
@@ -42,281 +42,6 @@ check_ticket_flags(TicketFlags f)
     return 0; /* maybe add some more tests here? */
 }
 
-/* include this here, to avoid dependencies on libkrb */
-
-static const int _tkt_lifetimes[TKTLIFENUMFIXED] = {
-   38400,   41055,   43894,   46929,   50174,   53643,   57352,   61318,
-   65558,   70091,   74937,   80119,   85658,   91581,   97914,  104684,
-  111922,  119661,  127935,  136781,  146239,  156350,  167161,  178720,
-  191077,  204289,  218415,  233517,  249664,  266926,  285383,  305116,
-  326213,  348769,  372885,  398668,  426234,  455705,  487215,  520904,
-  556921,  595430,  636601,  680618,  727680,  777995,  831789,  889303,
-  950794, 1016537, 1086825, 1161973, 1242318, 1328218, 1420057, 1518247,
- 1623226, 1735464, 1855462, 1983758, 2120925, 2267576, 2424367, 2592000
-};
-
-int KRB5_LIB_FUNCTION
-_krb5_krb_time_to_life(time_t start, time_t end)
-{
-    int i;
-    time_t life = end - start;
-
-    if (life > MAXTKTLIFETIME || life <= 0) 
-	return 0;
-#if 0    
-    if (krb_no_long_lifetimes) 
-	return (life + 5*60 - 1)/(5*60);
-#endif
-    
-    if (end >= NEVERDATE)
-	return TKTLIFENOEXPIRE;
-    if (life < _tkt_lifetimes[0]) 
-	return (life + 5*60 - 1)/(5*60);
-    for (i=0; i<TKTLIFENUMFIXED; i++)
-	if (life <= _tkt_lifetimes[i])
-	    return i + TKTLIFEMINFIXED;
-    return 0;
-    
-}
-
-time_t KRB5_LIB_FUNCTION
-_krb5_krb_life_to_time(int start, int life_)
-{
-    unsigned char life = (unsigned char) life_;
-
-#if 0    
-    if (krb_no_long_lifetimes)
-	return start + life*5*60;
-#endif
-
-    if (life == TKTLIFENOEXPIRE)
-	return NEVERDATE;
-    if (life < TKTLIFEMINFIXED)
-	return start + life*5*60;
-    if (life > TKTLIFEMAXFIXED)
-	return start + MAXTKTLIFETIME;
-    return start + _tkt_lifetimes[life - TKTLIFEMINFIXED];
-}
-
-/*
- * Get the name of the krb4 credentials cache, will use `tkfile' as
- * the name if that is passed in. `cc' must be free()ed by caller,
- */
-
-static krb5_error_code
-get_krb4_cc_name(const char *tkfile, char **cc)
-{
-
-    *cc = NULL;
-    if(tkfile == NULL) {
-	char *path;
-	if(!issuid()) {
-	    path = getenv("KRBTKFILE");
-	    if (path)
-		*cc = strdup(path);
-	}
-	if(*cc == NULL)
-	    if (asprintf(cc, "%s%u", TKT_ROOT, (unsigned)getuid()) < 0)
-		return errno;
-    } else {
-	*cc = strdup(tkfile);
-	if (*cc == NULL)
-	    return ENOMEM;
-    }
-    return 0;
-}
-
-/*
- * Write a Kerberos 4 ticket file
- */
-
-#define KRB5_TF_LCK_RETRY_COUNT 50
-#define KRB5_TF_LCK_RETRY 1
-
-static krb5_error_code
-write_v4_cc(krb5_context context, const char *tkfile, 
-	    krb5_storage *sp, int append)
-{
-    krb5_error_code ret;
-    struct stat sb;
-    krb5_data data;
-    char *path;
-    int fd, i;
-
-    ret = get_krb4_cc_name(tkfile, &path);
-    if (ret) {
-	krb5_set_error_string(context, 
-			      "krb5_krb_tf_setup: failed getting "
-			      "the krb4 credentials cache name"); 
-	return ret;
-    }
-
-    fd = open(path, O_WRONLY|O_CREAT, 0600);
-    if (fd < 0) {
-	free(path);
-	krb5_set_error_string(context, 
-			      "krb5_krb_tf_setup: error opening file %s", 
-			      path);
-	return errno;
-    }
-
-    if (fstat(fd, &sb) != 0 || !S_ISREG(sb.st_mode)) {
-	free(path);
-	close(fd);
-	krb5_set_error_string(context, 
-			      "krb5_krb_tf_setup: tktfile %s is not a file",
-			      path);
-	return KRB5_FCC_PERM;
-    }
-
-    for (i = 0; i < KRB5_TF_LCK_RETRY_COUNT; i++) {
-	if (flock(fd, LOCK_EX | LOCK_NB) < 0) {
-	    sleep(KRB5_TF_LCK_RETRY);
-	} else
-	    break;
-    }
-    if (i == KRB5_TF_LCK_RETRY_COUNT) {
-	free(path);
-	close(fd);
-	krb5_set_error_string(context,
-			      "krb5_krb_tf_setup: failed to lock %s",
-			      path);
-	return KRB5_FCC_PERM;
-    }
-
-    if (!append) {
-	ret = ftruncate(fd, 0);
-	if (ret < 0) {
-	    flock(fd, LOCK_UN);
-	    free(path);
-	    close(fd);
-	    krb5_set_error_string(context,
-				  "krb5_krb_tf_setup: failed to truncate %s",
-				  path);
-	    return KRB5_FCC_PERM;
-	}
-    }
-    ret = lseek(fd, 0L, SEEK_END);
-    if (ret < 0) {
-	ret = errno;
-	flock(fd, LOCK_UN);
-	free(path);
-	close(fd);
-	return ret;
-    }
-
-    krb5_storage_to_data(sp, &data);
-
-    ret = write(fd, data.data, data.length);
-    if (ret != data.length)
-	ret = KRB5_CC_IO;
-
-    krb5_free_data_contents(context, &data);
-
-    flock(fd, LOCK_UN);
-    free(path);
-    close(fd);
-
-    return 0;
-}
-
-
-krb5_error_code KRB5_LIB_FUNCTION
-_krb5_krb_tf_setup(krb5_context context, 
-		   struct credentials *v4creds, 
-		   const char *tkfile,
-		   int append)
-{
-    krb5_error_code ret;
-    krb5_storage *sp;
-
-    sp = krb5_storage_emem();
-    if (sp == NULL)
-	return ENOMEM;
-
-    krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_HOST);
-    krb5_storage_set_eof_code(sp, KRB5_CC_IO);
-
-    krb5_clear_error_string(context);
-
-    if (!append) {
-	ret = krb5_store_stringz(sp, v4creds->pname);
-	if (ret < 0)
-	    goto error;
-	ret = krb5_store_stringz(sp, v4creds->pinst);
-	if (ret < 0)
-	    goto error;
-    }
-
-    /* cred */
-    ret = krb5_store_stringz(sp, v4creds->service);
-    if (ret < 0)
-	goto error;
-    ret = krb5_store_stringz(sp, v4creds->instance);
-    if (ret < 0)
-	goto error;
-    ret = krb5_store_stringz(sp, v4creds->realm);
-    if (ret < 0)
-	goto error;
-    ret = krb5_storage_write(sp, v4creds->session, 8);
-    if (ret != 8) {
-	ret = KRB5_CC_IO;
-	goto error;
-    }
-    ret = krb5_store_int32(sp, v4creds->lifetime);
-    if (ret)
-	goto error;
-    ret = krb5_store_int32(sp, v4creds->kvno);
-    if (ret)
-	goto error;
-    ret = krb5_store_int32(sp, v4creds->ticket_st.length);
-    if (ret)
-	goto error;
-
-    ret = krb5_storage_write(sp, v4creds->ticket_st.dat, 
-			     v4creds->ticket_st.length);
-    if (ret != v4creds->ticket_st.length) {
-	ret = KRB5_CC_IO;
-	goto error;
-    }
-    ret = krb5_store_int32(sp, v4creds->issue_date);
-    if (ret)
-	goto error;
-
-    ret = write_v4_cc(context, tkfile, sp, append);
-
- error:
-    krb5_storage_free(sp);
-
-    return ret;
-}
-
-krb5_error_code KRB5_LIB_FUNCTION
-_krb5_krb_dest_tkt(krb5_context context, const char *tkfile)
-{
-    krb5_error_code ret;
-    char *path;
-
-    ret = get_krb4_cc_name(tkfile, &path);
-    if (ret) {
-	krb5_set_error_string(context, 
-			      "krb5_krb_tf_setup: failed getting "
-			      "the krb4 credentials cache name"); 
-	return ret;
-    }
-
-    if (unlink(path) < 0) {
-	ret = errno;
-	krb5_set_error_string(context, 
-			      "krb5_krb_dest_tkt failed removing the cache "
-			      "with error %s", strerror(ret));
-    }
-    free(path);
-
-    return ret;
-}
-
-
 /* Convert the v5 credentials in `in_cred' to v4-dito in `v4creds'.
  * This is done by sending them to the 524 function in the KDC.  If
  * `in_cred' doesn't contain a DES session key, then a new one is