diff options
| author | Jacques Vidrine <nectar@FreeBSD.org> | 2002-08-30 21:23:27 +0000 |
|---|---|---|
| committer | Jacques Vidrine <nectar@FreeBSD.org> | 2002-08-30 21:23:27 +0000 |
| commit | 8373020d34ceb1ac55d8f43333c1ca3680185b39 (patch) | |
| tree | 6015f89700252fb05eb8fa267c46dba41913e9d8 /crypto/heimdal/lib/krb5/context.c | |
| parent | 4137ff4cc173ea2e05227027e1c9e0ea42bcc0dc (diff) | |
Import of Heimdal Kerberos from KTH repository circa 2002/08/29.
Notes
Notes:
svn path=/vendor-crypto/heimdal/dist/; revision=102644
Diffstat (limited to 'crypto/heimdal/lib/krb5/context.c')
| -rw-r--r-- | crypto/heimdal/lib/krb5/context.c | 197 |
1 files changed, 146 insertions, 51 deletions
diff --git a/crypto/heimdal/lib/krb5/context.c b/crypto/heimdal/lib/krb5/context.c index c8904013096b..d21ea7138e76 100644 --- a/crypto/heimdal/lib/krb5/context.c +++ b/crypto/heimdal/lib/krb5/context.c @@ -32,8 +32,9 @@ */ #include "krb5_locl.h" +#include <com_err.h> -RCSID("$Id: context.c,v 1.73 2002/02/12 08:24:08 joda Exp $"); +RCSID("$Id: context.c,v 1.80 2002/08/28 15:27:24 joda Exp $"); #define INIT_FIELD(C, T, E, D, F) \ (C)->E = krb5_config_get_ ## T ## _default ((C), NULL, (D), \ @@ -50,7 +51,7 @@ set_etypes (krb5_context context, krb5_enctype **ret_enctypes) { char **etypes_str; - krb5_enctype *etypes; + krb5_enctype *etypes = NULL; etypes_str = krb5_config_get_strings(context, NULL, "libdefaults", name, NULL); @@ -69,8 +70,8 @@ set_etypes (krb5_context context, } etypes[k] = ETYPE_NULL; krb5_config_free_strings(etypes_str); - *ret_enctypes = etypes; - } + } + *ret_enctypes = etypes; return 0; } @@ -83,19 +84,35 @@ init_context_from_config_file(krb5_context context) { krb5_error_code ret; const char * tmp; + krb5_enctype *tmptypes; INIT_FIELD(context, time, max_skew, 5 * 60, "clockskew"); INIT_FIELD(context, time, kdc_timeout, 3, "kdc_timeout"); INIT_FIELD(context, int, max_retries, 3, "max_retries"); INIT_FIELD(context, string, http_proxy, NULL, "http_proxy"); - - set_etypes (context, "default_etypes", &context->etypes); - set_etypes (context, "default_etypes_des", &context->etypes_des); + + ret = set_etypes (context, "default_etypes", &tmptypes); + if(ret) + return ret; + free(context->etypes); + context->etypes = tmptypes; + + ret = set_etypes (context, "default_etypes_des", &tmptypes); + if(ret) + return ret; + free(context->etypes_des); + context->etypes_des = tmptypes; /* default keytab name */ - INIT_FIELD(context, string, default_keytab, - KEYTAB_DEFAULT, "default_keytab_name"); + tmp = NULL; + if(!issuid()) + tmp = getenv("KRB5_KTNAME"); + if(tmp != NULL) + context->default_keytab = tmp; + else + INIT_FIELD(context, string, default_keytab, + KEYTAB_DEFAULT, "default_keytab_name"); INIT_FIELD(context, string, default_keytab_modify, NULL, "default_keytab_modify_name"); @@ -116,11 +133,14 @@ init_context_from_config_file(krb5_context context) "dns_proxy", NULL); if(tmp) roken_gethostby_setup(context->http_proxy, tmp); + krb5_free_host_realm (context, context->default_realms); context->default_realms = NULL; { krb5_addresses addresses; char **adr, **a; + + krb5_set_extra_addresses(context, NULL); adr = krb5_config_get_strings(context, NULL, "libdefaults", "extra_addresses", @@ -135,6 +155,7 @@ init_context_from_config_file(krb5_context context) } krb5_config_free_strings(adr); + krb5_set_ignore_addresses(context, NULL); adr = krb5_config_get_strings(context, NULL, "libdefaults", "ignore_addresses", @@ -151,22 +172,15 @@ init_context_from_config_file(krb5_context context) } INIT_FIELD(context, bool, scan_interfaces, TRUE, "scan_interfaces"); - INIT_FIELD(context, bool, srv_lookup, TRUE, "srv_lookup"); INIT_FIELD(context, int, fcache_vno, 0, "fcache_version"); - - context->cc_ops = NULL; - context->num_cc_ops = 0; - krb5_cc_register(context, &krb5_fcc_ops, TRUE); - krb5_cc_register(context, &krb5_mcc_ops, TRUE); - - context->num_kt_types = 0; - context->kt_types = NULL; - krb5_kt_register (context, &krb5_fkt_ops); - krb5_kt_register (context, &krb5_mkt_ops); - krb5_kt_register (context, &krb5_akf_ops); - krb5_kt_register (context, &krb4_fkt_ops); - krb5_kt_register (context, &krb5_srvtab_fkt_ops); - krb5_kt_register (context, &krb5_any_ops); + INIT_FIELD(context, bool, srv_lookup, TRUE, "dns_lookup_kdc"); + /* srv_lookup backwards compatibility. */ + { + const char **p; + p = krb5_config_get_strings(context, NULL, "libdefaults", "srv_lookup", NULL); + if (p != NULL) + INIT_FIELD(context, bool, srv_lookup, TRUE, "srv_lookup"); + } return 0; } @@ -174,55 +188,55 @@ krb5_error_code krb5_init_context(krb5_context *context) { krb5_context p; - const char *config_file = NULL; - krb5_config_section *tmp_cf; krb5_error_code ret; + char **files; - ALLOC(p, 1); + p = calloc(1, sizeof(*p)); if(!p) return ENOMEM; - memset(p, 0, sizeof(krb5_context_data)); + + ret = krb5_get_default_config_files(&files); + if(ret) + goto out; + ret = krb5_set_config_files(p, files); + krb5_free_config_files(files); + if(ret) + goto out; /* init error tables */ krb5_init_ets(p); - if(!issuid()) - config_file = getenv("KRB5_CONFIG"); - if (config_file == NULL) - config_file = krb5_config_file; - - ret = krb5_config_parse_file (p, config_file, &tmp_cf); - - if (ret == 0) - p->cf = tmp_cf; -#if 0 - else - krb5_warnx (p, "Unable to parse config file %s. Ignoring.", - config_file); /* XXX */ -#endif - - ret = init_context_from_config_file(p); + p->cc_ops = NULL; + p->num_cc_ops = 0; + krb5_cc_register(p, &krb5_fcc_ops, TRUE); + krb5_cc_register(p, &krb5_mcc_ops, TRUE); + + p->num_kt_types = 0; + p->kt_types = NULL; + krb5_kt_register (p, &krb5_fkt_ops); + krb5_kt_register (p, &krb5_mkt_ops); + krb5_kt_register (p, &krb5_akf_ops); + krb5_kt_register (p, &krb4_fkt_ops); + krb5_kt_register (p, &krb5_srvtab_fkt_ops); + krb5_kt_register (p, &krb5_any_ops); + +out: if(ret) { krb5_free_context(p); - return ret; + p = NULL; } - *context = p; - return 0; + return ret; } void krb5_free_context(krb5_context context) { - int i; - free(context->etypes); free(context->etypes_des); krb5_free_host_realm (context, context->default_realms); krb5_config_file_free (context, context->cf); free_error_table (context->et_list); - for(i = 0; i < context->num_cc_ops; ++i) - free(context->cc_ops[i].prefix); free(context->cc_ops); free(context->kt_types); krb5_clear_error_string(context); @@ -233,6 +247,87 @@ krb5_free_context(krb5_context context) free(context); } +krb5_error_code +krb5_set_config_files(krb5_context context, char **filenames) +{ + krb5_error_code ret; + krb5_config_binding *tmp = NULL; + while(filenames != NULL && *filenames != NULL && **filenames != '\0') { + ret = krb5_config_parse_file_multi(context, *filenames, &tmp); + if(ret != 0 && ret != ENOENT) { + krb5_config_file_free(context, tmp); + return ret; + } + filenames++; + } +#if 0 + /* with this enabled and if there are no config files, Kerberos is + considererd disabled */ + if(tmp == NULL) + return ENOENT; +#endif + krb5_config_file_free(context, context->cf); + context->cf = tmp; + ret = init_context_from_config_file(context); + return ret; +} + +krb5_error_code +krb5_get_default_config_files(char ***pfilenames) +{ + const char *p, *q; + char **pp; + int n, i; + + const char *files = NULL; + if (pfilenames == NULL) + return EINVAL; + if(!issuid()) + files = getenv("KRB5_CONFIG"); + if (files == NULL) + files = krb5_config_file; + + for(n = 0, p = files; strsep_copy(&p, ":", NULL, 0) != -1; n++); + pp = malloc((n + 1) * sizeof(*pp)); + if(pp == NULL) + return ENOMEM; + + n = 0; + p = files; + while(1) { + ssize_t l; + q = p; + l = strsep_copy(&q, ":", NULL, 0); + if(l == -1) + break; + pp[n] = malloc(l + 1); + if(pp[n] == NULL) { + krb5_free_config_files(pp); + return ENOMEM; + } + l = strsep_copy(&p, ":", pp[n], l + 1); + for(i = 0; i < n; i++) + if(strcmp(pp[i], pp[n]) == 0) { + free(pp[n]); + goto skip; + } + n++; + skip:; + } + pp[n] = NULL; + *pfilenames = pp; + return 0; +} + +void +krb5_free_config_files(char **filenames) +{ + char **p; + for(p = filenames; *p != NULL; p++) + free(*p); + free(filenames); +} + /* * set `etype' to a malloced list of the default enctypes */ |