diff --git a/kdc/hpropd.c b/kdc/hpropd.c index cda7d0398..b9e68568e 100644 --- a/kdc/hpropd.c +++ b/kdc/hpropd.c @@ -35,139 +35,6 @@ RCSID("$Id$"); -#ifdef KRB4 -#include -#include -#define Principal Principal4 -#include - -static des_cblock mkey4; -static des_key_schedule msched4; - -static char * -time2str(time_t t) -{ - static char buf[128]; - strftime(buf, sizeof(buf), "%Y%m%d%H%M", gmtime(&t)); - return buf; -} - -static int -dump_krb4(krb5_context context, hdb_entry *ent, int fd) -{ - char name[ANAME_SZ]; - char instance[INST_SZ]; - char realm[REALM_SZ]; - char buf[1024]; - char *p; - int i; - int ret; - char *princ_name; - Event *modifier; - krb5_realm *realms; - int cmp; - - ret = krb5_524_conv_principal(context, ent->principal, - name, instance, realm); - if (ret) { - ret = krb5_unparse_name(context, ent->principal, &princ_name); - if (ret == 0) { - krb5_warn(context, ret, "%s", princ_name); - free(princ_name); - } - return -1; - } - - ret = krb5_get_default_realms (context, &realms); - if (ret) { - krb5_warn(context, ret, "krb5_get_default_realms"); - return -1; - } - - cmp = strcmp (realms[0], ent->principal->realm); - krb5_free_host_realm (context, realms); - if (cmp != 0) - return -1; - - snprintf (buf, sizeof(buf), "%s %s ", name, - (strlen(instance) != 0) ? instance : "*"); - - if (ent->max_life) { - asprintf(&p, "%d", krb_time_to_life(0, *ent->max_life)); - strlcat(buf, p, sizeof(buf)); - free(p); - } else - strlcat(buf, "255", sizeof(buf)); - strlcat(buf, " ", sizeof(buf)); - - i = 0; - while (i < ent->keys.len && - ent->keys.val[i].key.keytype != KEYTYPE_DES) - ++i; - - if (i == ent->keys.len) { - krb5_warnx(context, "No DES key for %s.%s", name, instance); - return -1; - } - - if (ent->keys.val[i].mkvno) - asprintf(&p, "%d ", *ent->keys.val[i].mkvno); - else - asprintf(&p, "%d ", 1); - strlcat(buf, p, sizeof(buf)); - free(p); - - asprintf(&p, "%d ", ent->kvno); - strlcat(buf, p, sizeof(buf)); - free(p); - - asprintf(&p, "%d ", 0); /* Attributes are always 0*/ - strlcat(buf, p, sizeof(buf)); - free(p); - - { - uint32_t *key = ent->keys.val[i].key.keyvalue.data; - kdb_encrypt_key((des_cblock*)key, (des_cblock*)key, - &mkey4, msched4, DES_ENCRYPT); - asprintf(&p, "%x %x ", (int)htonl(*key), (int)htonl(*(key+1))); - strlcat(buf, p, sizeof(buf)); - free(p); - } - - if (ent->valid_end == NULL) - strlcat(buf, time2str(60*60*24*365*50), sizeof(buf)); /*no expiration*/ - else - strlcat(buf, time2str(*ent->valid_end), sizeof(buf)); - strlcat(buf, " ", sizeof(buf)); - - if (ent->modified_by == NULL) - modifier = &ent->created_by; - else - modifier = ent->modified_by; - - ret = krb5_524_conv_principal(context, modifier->principal, - name, instance, realm); - if (ret) { - ret = krb5_unparse_name(context, modifier->principal, &princ_name); - if (ret == 0) { - krb5_warn(context, ret, "%s", princ_name); - free(princ_name); - } - return -1; - } - asprintf(&p, "%s %s %s\n", time2str(modifier->time), - (strlen(name) != 0) ? name : "*", - (strlen(instance) != 0) ? instance : "*"); - strlcat(buf, p, sizeof(buf)); - free(p); - - ret = write(fd, buf, strlen(buf)); - if (ret == -1) - krb5_warnx(context, "write"); - return 0; -} -#endif /* KRB4 */ - static int inetd_flag = -1; static int help_flag; static int version_flag; @@ -175,9 +42,6 @@ static int print_dump; static const char *database = HDB_DEFAULT_DB; static int from_stdin; static char *local_realm; -#ifdef KRB4 -static int v4dump; -#endif static char *ktname = NULL; struct getargs args[] = { @@ -188,9 +52,6 @@ struct getargs args[] = { "Not started from inetd" }, { "keytab", 'k', arg_string, &ktname, "keytab to use for authentication", "keytab" }, { "realm", 'r', arg_string, &local_realm, "realm to use" }, -#ifdef KRB4 - { "v4dump", '4', arg_flag, &v4dump, "create v4 type DB" }, -#endif { "version", 0, arg_flag, &version_flag, NULL, NULL }, { "help", 'h', arg_flag, &help_flag, NULL, NULL} }; @@ -219,10 +80,6 @@ main(int argc, char **argv) char *tmp_db; krb5_log_facility *fac; int nprincs; -#ifdef KRB4 - int e; - int fd_out = -1; -#endif setprogname(argv[0]); @@ -238,11 +95,6 @@ main(int argc, char **argv) if(getarg(args, num_args, argc, argv, &optidx)) usage(1); -#ifdef KRB4 - if (v4dump && database == HDB_DEFAULT_DB) - database = "/var/kerberos/524_dump"; -#endif /* KRB4 */ - if(local_realm != NULL) krb5_set_default_realm(context, local_realm); @@ -289,7 +141,7 @@ main(int argc, char **argv) addr_name, sizeof(addr_name)) == NULL) strlcpy (addr_name, "unknown address", - sizeof(addr_name)); + sizeof(addr_name)); krb5_log(context, fac, 0, "Connection from %s", addr_name); @@ -347,32 +199,14 @@ main(int argc, char **argv) if(!print_dump) { asprintf(&tmp_db, "%s~", database); -#ifdef KRB4 - if (v4dump) { - fd_out = open(tmp_db, O_WRONLY | O_CREAT | O_TRUNC, 0600); - if (fd_out == -1) - krb5_errx(context, 1, "%s", strerror(errno)); - } - else -#endif /* KRB4 */ - { - ret = hdb_create(context, &db, tmp_db); - if(ret) - krb5_err(context, 1, ret, "hdb_create(%s)", tmp_db); - ret = db->hdb_open(context, db, O_RDWR | O_CREAT | O_TRUNC, 0600); - if(ret) - krb5_err(context, 1, ret, "hdb_open(%s)", tmp_db); - } - } -#ifdef KRB4 - if (v4dump) { - e = kdb_get_master_key(0, &mkey4, msched4); - if(e) - krb5_errx(context, 1, "kdb_get_master_key: %s", - krb_get_err_text(e)); + ret = hdb_create(context, &db, tmp_db); + if(ret) + krb5_err(context, 1, ret, "hdb_create(%s)", tmp_db); + ret = db->hdb_open(context, db, O_RDWR | O_CREAT | O_TRUNC, 0600); + if(ret) + krb5_err(context, 1, ret, "hdb_open(%s)", tmp_db); } -#endif /* KRB4 */ nprincs = 0; while(1){ @@ -396,24 +230,12 @@ main(int argc, char **argv) krb5_write_priv_message(context, ac, &fd, &data); } if(!print_dump) { -#ifdef KRB4 - if (v4dump) { - ret = rename(tmp_db, database); - if (ret) - krb5_errx(context, 1, "rename"); - ret = close(fd_out); - if (ret) - krb5_errx(context, 1, "close"); - } else -#endif /* KRB4 */ - { - ret = db->hdb_rename(context, db, database); - if(ret) - krb5_err(context, 1, ret, "db_rename"); - ret = db->hdb_close(context, db); - if(ret) - krb5_err(context, 1, ret, "db_close"); - } + ret = db->hdb_rename(context, db, database); + if(ret) + krb5_err(context, 1, ret, "db_rename"); + ret = db->hdb_close(context, db); + if(ret) + krb5_err(context, 1, ret, "db_close"); } break; } @@ -424,27 +246,18 @@ main(int argc, char **argv) if(print_dump) hdb_print_entry(context, db, &entry, stdout); else { -#ifdef KRB4 - if (v4dump) { - ret = dump_krb4(context, &entry, fd_out); - if(!ret) nprincs++; - } + ret = db->hdb_store(context, db, 0, &entry); + if(ret == HDB_ERR_EXISTS) { + char *s; + ret = krb5_unparse_name(context, entry.entry.principal, &s); + if (ret) + s = strdup("unparseable name"); + krb5_warnx(context, "Entry exists: %s", s); + free(s); + } else if(ret) + krb5_err(context, 1, ret, "db_store"); else -#endif /* KRB4 */ - { - ret = db->hdb_store(context, db, 0, &entry); - if(ret == HDB_ERR_EXISTS) { - char *s; - ret = krb5_unparse_name(context, entry.entry.principal, &s); - if (ret) - s = strdup("unparseable name"); - krb5_warnx(context, "Entry exists: %s", s); - free(s); - } else if(ret) - krb5_err(context, 1, ret, "db_store"); - else - nprincs++; - } + nprincs++; } hdb_free_entry(context, &entry); }