krb5 commit: Remove -b6 and -old dump formats

Greg Hudson ghudson at MIT.EDU
Wed Feb 6 15:31:28 EST 2013


https://github.com/krb5/krb5/commit/581b1141d628ca01414bcae68e23d45320403dba
commit 581b1141d628ca01414bcae68e23d45320403dba
Author: Greg Hudson <ghudson at mit.edu>
Date:   Mon Feb 4 18:43:22 2013 -0500

    Remove -b6 and -old dump formats
    
    Get rid of the code to dump and load -b6 and -old format dump files.
    Loading these versions hasn't worked since at least 1.3.
    
    ticket: 7564 (new)

 doc/admin/admin_commands/kdb5_util.rst |   26 +--
 src/kadmin/dbutil/dump.c               |  598 +-------------------------------
 2 files changed, 13 insertions(+), 611 deletions(-)

diff --git a/doc/admin/admin_commands/kdb5_util.rst b/doc/admin/admin_commands/kdb5_util.rst
index d866777..2d7636e 100644
--- a/doc/admin/admin_commands/kdb5_util.rst
+++ b/doc/admin/admin_commands/kdb5_util.rst
@@ -130,23 +130,15 @@ dump
 
 .. _kdb5_util_dump:
 
-    **dump** [**-old**\|\ **-b6**\|\ **-b7**\|\ **-ov**\|\ **-r13**]
-    [**-verbose**] [**-mkey_convert**] [**-new_mkey_file** *mkey_file*]
-    [**-rev**] [**-recurse**] [*filename* [*principals*...]]
+    **dump** [**-b7**\|\ **-ov**\|\ **-r13**] [**-verbose**]
+    [**-mkey_convert**] [**-new_mkey_file** *mkey_file*] [**-rev**]
+    [**-recurse**] [*filename* [*principals*...]]
 
 Dumps the current Kerberos and KADM5 database into an ASCII file.  By
 default, the database is dumped in current format, "kdb5_util
 load_dump version 6".  If filename is not specified, or is the string
 "-", the dump is sent to standard output.  Options:
 
-**-old**
-    causes the dump to be in the Kerberos 5 Beta 5 and earlier dump
-    format ("kdb5_edit load_dump version 2.0").
-
-**-b6**
-    causes the dump to be in the Kerberos 5 Beta 6 format ("kdb5_edit
-    load_dump version 3.0").
-
 **-b7**
     causes the dump to be in the Kerberos 5 Beta 7 format ("kdb5_util
     load_dump version 4").  This was the dump format produced on
@@ -197,8 +189,8 @@ load
 
 .. _kdb5_util_load:
 
-    **load** [**-old**\|\ **-b6**\|\ **-b7**\|\ **-ov**\|\ **-r13**]
-    [**-hash**] [**-verbose**] [**-update**] *filename* [*dbname*]
+    **load** [**-b7**\|\ **-ov**\|\ **-r13**] [**-hash**]
+    [**-verbose**] [**-update**] *filename* [*dbname*]
 
 Loads a database dump from the named file into the named database.  If
 no option is given to determine the format of the dump file, the
@@ -210,14 +202,6 @@ database module, the **-update** flag is required.
 
 Options:
 
-**-old**
-    requires the database to be in the Kerberos 5 Beta 5 and earlier
-    format ("kdb5_edit load_dump version 2.0").
-
-**-b6**
-    requires the database to be in the Kerberos 5 Beta 6 format
-    ("kdb5_edit load_dump version 3.0").
-
 **-b7**
     requires the database to be in the Kerberos 5 Beta 7 format
     ("kdb5_util load_dump version 4").
diff --git a/src/kadmin/dbutil/dump.c b/src/kadmin/dbutil/dump.c
index 66a72be..247c923 100644
--- a/src/kadmin/dbutil/dump.c
+++ b/src/kadmin/dbutil/dump.c
@@ -80,10 +80,6 @@ struct dump_args {
     int                 flags;
 };
 
-static krb5_error_code dump_k5beta_iterator (krb5_pointer,
-                                             krb5_db_entry *);
-static krb5_error_code dump_k5beta6_iterator (krb5_pointer,
-                                              krb5_db_entry *);
 static krb5_error_code dump_k5beta6_iterator_ext (krb5_pointer,
                                                   krb5_db_entry *,
                                                   int);
@@ -103,8 +99,6 @@ static void dump_r1_11_policy (void *, osa_policy_ent_t);
 typedef krb5_error_code (*dump_func)(krb5_pointer,
                                      krb5_db_entry *);
 
-static int process_k5beta_record (char *, krb5_context,
-                                  FILE *, int, int *);
 static int process_k5beta6_record (char *, krb5_context,
                                    FILE *, int, int *);
 static int process_k5beta7_record (char *, krb5_context,
@@ -122,7 +116,6 @@ typedef struct _dump_version {
     char *name;
     char *header;
     int updateonly;
-    int create_kadm5;
     int iprop;
     int ipropx;
     dump_func dump_princ;
@@ -130,35 +123,12 @@ typedef struct _dump_version {
     load_func load_record;
 } dump_version;
 
-dump_version old_version = {
-    "Kerberos version 5 old format",
-    "kdb5_edit load_dump version 2.0\n",
-    0,
-    1,
-    0,
-    0,
-    dump_k5beta_iterator,
-    NULL,
-    process_k5beta_record,
-};
-dump_version beta6_version = {
-    "Kerberos version 5 beta 6 format",
-    "kdb5_edit load_dump version 3.0\n",
-    0,
-    1,
-    0,
-    0,
-    dump_k5beta6_iterator,
-    NULL,
-    process_k5beta6_record,
-};
 dump_version beta7_version = {
     "Kerberos version 5",
     "kdb5_util load_dump version 4\n",
     0,
     0,
     0,
-    0,
     dump_k5beta7_princ,
     dump_k5beta7_policy,
     process_k5beta7_record,
@@ -167,7 +137,6 @@ dump_version iprop_version = {
     "Kerberos iprop version",
     "iprop",
     0,
-    0,
     1,
     0,
     dump_k5beta7_princ_withpolicy,
@@ -178,7 +147,6 @@ dump_version ov_version = {
     "OpenV*Secure V1.0",
     "OpenV*Secure V1.0\t",
     1,
-    1,
     0,
     0,
     dump_ov_princ,
@@ -192,7 +160,6 @@ dump_version r1_3_version = {
     0,
     0,
     0,
-    0,
     dump_k5beta7_princ_withpolicy,
     dump_k5beta7_policy,
     process_k5beta7_record,
@@ -203,7 +170,6 @@ dump_version r1_8_version = {
     0,
     0,
     0,
-    0,
     dump_k5beta7_princ_withpolicy,
     dump_r1_8_policy,
     process_r1_8_record,
@@ -214,7 +180,6 @@ dump_version r1_11_version = {
     0,
     0,
     0,
-    0,
     dump_k5beta7_princ_withpolicy,
     dump_r1_11_policy,
     process_r1_11_record,
@@ -223,7 +188,6 @@ dump_version ipropx_1_version = {
     "Kerberos iprop extensible version",
     "ipropx",
     0,
-    0,
     1,
     1,
     dump_k5beta7_princ_withpolicy,
@@ -297,8 +261,6 @@ static const char null_mprinc_name[] = "kdb5_dump at MISSING";
 #define dbcreaterr_fmt    _("%s: cannot create database %s (%s)\n")
 #define dfile_err_fmt     _("%s: cannot open %s (%s)\n")
 
-static const char oldoption[] = "-old";
-static const char b6option[] = "-b6";
 static const char b7option[] = "-b7";
 static const char ipropoption[] = "-i";
 static const char conditionaloption[] = "-c";
@@ -633,34 +595,6 @@ name_matches(name, arglist)
     return(match);
 }
 
-static krb5_error_code
-find_enctype(dbentp, enctype, salttype, kentp)
-    krb5_db_entry       *dbentp;
-    krb5_enctype        enctype;
-    krb5_int32          salttype;
-    krb5_key_data       **kentp;
-{
-    int                 i;
-    int                 maxkvno;
-    krb5_key_data       *datap;
-
-    maxkvno = -1;
-    datap = (krb5_key_data *) NULL;
-    for (i=0; i<dbentp->n_key_data; i++) {
-        if (( (krb5_enctype)dbentp->key_data[i].key_data_type[0] == enctype) &&
-            ((dbentp->key_data[i].key_data_type[1] == salttype) ||
-             (salttype < 0))) {
-            maxkvno = dbentp->key_data[i].key_data_kvno;
-            datap = &dbentp->key_data[i];
-        }
-    }
-    if (maxkvno >= 0) {
-        *kentp = datap;
-        return(0);
-    }
-    return(ENOENT);
-}
-
 #if 0
 /*
  * dump_k5beta_header() - Make a dump header that is recognizable by Kerberos
@@ -677,193 +611,6 @@ dump_k5beta_header(arglist)
 #endif
 
 /*
- * dump_k5beta_iterator()       - Dump an entry in a format that is usable
- *                                by Kerberos Version 5 Beta 5 and previous
- *                                releases.
- */
-static krb5_error_code
-dump_k5beta_iterator(ptr, entry)
-    krb5_pointer        ptr;
-    krb5_db_entry       *entry;
-{
-    krb5_error_code     retval;
-    struct dump_args    *arg;
-    char                *name, *mod_name;
-    krb5_principal      mod_princ;
-    krb5_key_data       *pkey, *akey, nullkey;
-    krb5_timestamp      mod_date, last_pwd_change;
-    int                 i;
-
-    /* Initialize */
-    arg = (struct dump_args *) ptr;
-    name = (char *) NULL;
-    mod_name = (char *) NULL;
-    memset(&nullkey, 0, sizeof(nullkey));
-
-    /*
-     * Flatten the principal name.
-     */
-    if ((retval = krb5_unparse_name(arg->kcontext,
-                                    entry->princ,
-                                    &name))) {
-        fprintf(stderr, pname_unp_err,
-                arg->programname, error_message(retval));
-        return(retval);
-    }
-
-    /*
-     * Re-encode the keys in the new master key, if necessary.
-     */
-    if (mkey_convert) {
-        retval = master_key_convert(arg->kcontext, entry);
-        if (retval) {
-            com_err(arg->programname, retval, remaster_err_fmt, name);
-            return retval;
-        }
-    }
-
-    /*
-     * If we don't have any match strings, or if our name matches, then
-     * proceed with the dump, otherwise, just forget about it.
-     */
-    if (!arg->nnames || name_matches(name, arg)) {
-        /*
-         * Deserialize the modifier record.
-         */
-        mod_name = (char *) NULL;
-        mod_princ = NULL;
-        last_pwd_change = mod_date = 0;
-        pkey = akey = (krb5_key_data *) NULL;
-        if (!(retval = krb5_dbe_lookup_mod_princ_data(arg->kcontext,
-                                                      entry,
-                                                      &mod_date,
-                                                      &mod_princ))) {
-            if (mod_princ) {
-                /*
-                 * Flatten the modifier name.
-                 */
-                if ((retval = krb5_unparse_name(arg->kcontext,
-                                                mod_princ,
-                                                &mod_name)))
-                    fprintf(stderr, mname_unp_err, arg->programname,
-                            error_message(retval));
-                krb5_free_principal(arg->kcontext, mod_princ);
-            }
-        }
-        if (!mod_name)
-            mod_name = strdup(null_mprinc_name);
-
-        /*
-         * Find the last password change record and set it straight.
-         */
-        if ((retval =
-             krb5_dbe_lookup_last_pwd_change(arg->kcontext, entry,
-                                             &last_pwd_change))) {
-            fprintf(stderr, nokeys_err, arg->programname, name);
-            free(mod_name);
-            free(name);
-            return(retval);
-        }
-
-        /*
-         * Find the 'primary' key and the 'alternate' key.
-         */
-        if ((retval = find_enctype(entry,
-                                   ENCTYPE_DES_CBC_CRC,
-                                   KRB5_KDB_SALTTYPE_NORMAL,
-                                   &pkey)) &&
-            (retval = find_enctype(entry,
-                                   ENCTYPE_DES_CBC_CRC,
-                                   KRB5_KDB_SALTTYPE_V4,
-                                   &akey))) {
-            fprintf(stderr, nokeys_err, arg->programname, name);
-            free(mod_name);
-            free(name);
-            return(retval);
-        }
-
-        /* If we only have one type, then ship it out as the primary. */
-        if (!pkey && akey) {
-            pkey = akey;
-            akey = &nullkey;
-        }
-        else {
-            if (!akey)
-                akey = &nullkey;
-        }
-
-        /*
-         * First put out strings representing the length of the variable
-         * length data in this record, then the name and the primary key type.
-         */
-        fprintf(arg->ofile, "%lu\t%lu\t%d\t%d\t%d\t%d\t%s\t%d\t",
-                (unsigned long) strlen(name),
-                (unsigned long) strlen(mod_name),
-                (krb5_int32) pkey->key_data_length[0],
-                (krb5_int32) akey->key_data_length[0],
-                (krb5_int32) pkey->key_data_length[1],
-                (krb5_int32) akey->key_data_length[1],
-                name,
-                (krb5_int32) pkey->key_data_type[0]);
-        for (i=0; i<pkey->key_data_length[0]; i++) {
-            fprintf(arg->ofile, "%02x", pkey->key_data_contents[0][i]);
-        }
-        /*
-         * Second, print out strings representing the standard integer
-         * data in this record.
-         */
-        fprintf(arg->ofile,
-                "\t%u\t%u\t%u\t%u\t%u\t%u\t%u\t%u\t%u\t%u\t%s\t%u\t%u\t%u\t",
-                (krb5_int32) pkey->key_data_kvno,
-                entry->max_life, entry->max_renewable_life,
-                1 /* Fake mkvno */, entry->expiration, entry->pw_expiration,
-                last_pwd_change,
-                (arg->flags & FLAG_OMIT_NRA) ? 0 : entry->last_success,
-                (arg->flags & FLAG_OMIT_NRA) ? 0 : entry->last_failed,
-                (arg->flags & FLAG_OMIT_NRA) ? 0 : entry->fail_auth_count,
-                mod_name, mod_date,
-                entry->attributes, pkey->key_data_type[1]);
-
-        /* Pound out the salt data, if present. */
-        for (i=0; i<pkey->key_data_length[1]; i++) {
-            fprintf(arg->ofile, "%02x", pkey->key_data_contents[1][i]);
-        }
-        /* Pound out the alternate key type and contents */
-        fprintf(arg->ofile, "\t%u\t", akey->key_data_type[0]);
-        for (i=0; i<akey->key_data_length[0]; i++) {
-            fprintf(arg->ofile, "%02x", akey->key_data_contents[0][i]);
-        }
-        /* Pound out the alternate salt type and contents */
-        fprintf(arg->ofile, "\t%u\t", akey->key_data_type[1]);
-        for (i=0; i<akey->key_data_length[1]; i++) {
-            fprintf(arg->ofile, "%02x", akey->key_data_contents[1][i]);
-        }
-        /* Pound out the expansion data. (is null) */
-        for (i=0; i < 8; i++) {
-            fprintf(arg->ofile, "\t%u", 0);
-        }
-        fprintf(arg->ofile, ";\n");
-        /* If we're blabbing, do it */
-        if (arg->flags & FLAG_VERBOSE)
-            fprintf(stderr, "%s\n", name);
-        free(mod_name);
-    }
-    free(name);
-    return(0);
-}
-
-/*
- * dump_k5beta6_iterator()      - Output a dump record in krb5b6 format.
- */
-static krb5_error_code
-dump_k5beta6_iterator(ptr, entry)
-    krb5_pointer        ptr;
-    krb5_db_entry       *entry;
-{
-    return dump_k5beta6_iterator_ext(ptr, entry, 0);
-}
-
-/*
  * Dumps TL data; common to principals and policies.
  *
  * If filter_kadm then the KRB5_TL_KADM_DATA (where a principal's policy
@@ -1260,9 +1007,9 @@ static krb5_error_code dump_ov_princ(krb5_pointer ptr, krb5_db_entry *kdb)
 
 /*
  * usage is:
- *      dump_db [-old] [-b6] [-b7] [-ov] [-r13] [-r18] [-verbose]
- *              [-mkey_convert] [-new_mkey_file mkey_file] [-rev]
- *              [-recurse] [filename [principals...]]
+ *      dump_db [-b7] [-ov] [-r13] [-r18] [-verbose] [-mkey_convert]
+ *              [-new_mkey_file mkey_file] [-rev] [-recurse]
+ *              [filename [principals...]]
  */
 void
 dump_db(argc, argv)
@@ -1299,11 +1046,7 @@ dump_db(argc, argv)
      * Parse the qualifiers.
      */
     for (aindex = 1; aindex < argc; aindex++) {
-        if (!strcmp(argv[aindex], oldoption))
-            dump = &old_version;
-        else if (!strcmp(argv[aindex], b6option))
-            dump = &beta6_version;
-        else if (!strcmp(argv[aindex], b7option))
+        if (!strcmp(argv[aindex], b7option))
             dump = &beta7_version;
         else if (!strcmp(argv[aindex], ovoption))
             dump = &ov_version;
@@ -1687,317 +1430,6 @@ update_tl_data(kcontext, dbentp, mod_name, mod_date, last_pwd_change)
 }
 #endif
 
-/*
- * process_k5beta_record()      - Handle a dump record in old format.
- *
- * Returns -1 for end of file, 0 for success and 1 for failure.
- */
-static int
-process_k5beta_record(fname, kcontext, filep, flags, linenop)
-    char                *fname;
-    krb5_context        kcontext;
-    FILE                *filep;
-    int                 flags;
-    int                 *linenop;
-{
-    int                 nmatched;
-    int                 retval;
-    krb5_db_entry       *dbent;
-    int                 name_len, mod_name_len, key_len;
-    int                 alt_key_len, salt_len, alt_salt_len;
-    char                *name;
-    char                *mod_name;
-    int                 tmpint1 = 0, tmpint2 = 0, tmpint3 = 0;
-    int                 error;
-    const char          *try2read;
-    int                 i;
-    krb5_key_data       *pkey, *akey;
-    krb5_timestamp      last_pwd_change, mod_date;
-    krb5_principal      mod_princ;
-    krb5_error_code     kret;
-
-    try2read = (char *) NULL;
-    (*linenop)++;
-    retval = 1;
-    dbent = krb5_db_alloc(kcontext, NULL, sizeof(*dbent));
-    if (dbent == NULL)
-        return(1);
-    memset(dbent, 0, sizeof(*dbent));
-
-    /* Make sure we've got key_data entries */
-    if (krb5_dbe_create_key_data(kcontext, dbent) ||
-        krb5_dbe_create_key_data(kcontext, dbent)) {
-        krb5_db_free_principal(kcontext, dbent);
-        return(1);
-    }
-    pkey = &dbent->key_data[0];
-    akey = &dbent->key_data[1];
-
-    /*
-     * Match the sizes.  6 tokens to match.
-     */
-    nmatched = fscanf(filep, "%d\t%d\t%d\t%d\t%d\t%d\t",
-                      &name_len, &mod_name_len, &key_len,
-                      &alt_key_len, &salt_len, &alt_salt_len);
-    if (nmatched == 6) {
-        if (name_len < 0 || mod_name_len < 0 || key_len < 0 ||
-            alt_key_len < 0 || salt_len < 0 || alt_salt_len < 0) {
-            fprintf(stderr, read_err_fmt, fname, *linenop, read_negint);
-            krb5_db_free_principal(kcontext, dbent);
-            return 1;
-        }
-        pkey->key_data_length[0] = key_len;
-        akey->key_data_length[0] = alt_key_len;
-        pkey->key_data_length[1] = salt_len;
-        akey->key_data_length[1] = alt_salt_len;
-        name = (char *) NULL;
-        mod_name = (char *) NULL;
-        /*
-         * Get the memory for the variable length fields.
-         */
-        if ((name = (char *) malloc((size_t) (name_len + 1))) &&
-            (mod_name = (char *) malloc((size_t) (mod_name_len + 1))) &&
-            (!key_len ||
-             (pkey->key_data_contents[0] =
-              (krb5_octet *) malloc((size_t) (key_len + 1)))) &&
-            (!alt_key_len ||
-             (akey->key_data_contents[0] =
-              (krb5_octet *) malloc((size_t) (alt_key_len + 1)))) &&
-            (!salt_len ||
-             (pkey->key_data_contents[1] =
-              (krb5_octet *) malloc((size_t) (salt_len + 1)))) &&
-            (!alt_salt_len ||
-             (akey->key_data_contents[1] =
-              (krb5_octet *) malloc((size_t) (alt_salt_len + 1))))
-        ) {
-            error = 0;
-
-            /* Read the principal name */
-            if (read_string(filep, name, name_len, linenop)) {
-                try2read = read_name_string;
-                error++;
-            }
-            /* Read the key type */
-            if (!error && (fscanf(filep, "\t%d\t", &tmpint1) != 1)) {
-                try2read = read_key_type;
-                error++;
-            }
-            pkey->key_data_type[0] = tmpint1;
-            /* Read the old format key */
-            if (!error && read_octet_string(filep,
-                                            pkey->key_data_contents[0],
-                                            pkey->key_data_length[0])) {
-                try2read = read_key_data;
-                error++;
-            }
-            /* convert to a new format key */
-            /* the encrypted version is stored as the unencrypted key length
-               (4 bytes, MSB first) followed by the encrypted key. */
-            if ((pkey->key_data_length[0] > 4)
-                && (pkey->key_data_contents[0][0] == 0)
-                && (pkey->key_data_contents[0][1] == 0)) {
-                /* this really does look like an old key, so drop and swap */
-                /* the *new* length is 2 bytes, LSB first, sigh. */
-                size_t shortlen = pkey->key_data_length[0]-4+2;
-                krb5_octet *shortcopy = (krb5_octet *) malloc(shortlen);
-                krb5_octet *origdata = pkey->key_data_contents[0];
-                shortcopy[0] = origdata[3];
-                shortcopy[1] = origdata[2];
-                memcpy(shortcopy+2,origdata+4,shortlen-2);
-                free(origdata);
-                pkey->key_data_length[0] = shortlen;
-                pkey->key_data_contents[0] = shortcopy;
-            }
-
-            /* Read principal attributes */
-            if (!error && (fscanf(filep,
-                                  "\t%u\t%u\t%u\t%u\t%u\t%u\t%u\t%u\t%u\t%u\t",
-                                  &tmpint1, &dbent->max_life,
-                                  &dbent->max_renewable_life,
-                                  &tmpint2, &dbent->expiration,
-                                  &dbent->pw_expiration, &last_pwd_change,
-                                  &dbent->last_success, &dbent->last_failed,
-                                  &tmpint3) != 10)) {
-                try2read = read_pr_data1;
-                error++;
-            }
-            pkey->key_data_kvno = tmpint1;
-            dbent->fail_auth_count = tmpint3;
-            /* Read modifier name */
-            if (!error && read_string(filep,
-                                      mod_name,
-                                      mod_name_len,
-                                      linenop)) {
-                try2read = read_mod_name;
-                error++;
-            }
-            /* Read second set of attributes */
-            if (!error && (fscanf(filep, "\t%u\t%u\t%u\t",
-                                  &mod_date, &dbent->attributes,
-                                  &tmpint1) != 3)) {
-                try2read = read_pr_data2;
-                error++;
-            }
-            pkey->key_data_type[1] = tmpint1;
-            /* Read salt data */
-            if (!error && read_octet_string(filep,
-                                            pkey->key_data_contents[1],
-                                            pkey->key_data_length[1])) {
-                try2read = read_salt_data;
-                error++;
-            }
-            /* Read alternate key type */
-            if (!error && (fscanf(filep, "\t%u\t", &tmpint1) != 1)) {
-                try2read = read_akey_type;
-                error++;
-            }
-            akey->key_data_type[0] = tmpint1;
-            /* Read alternate key */
-            if (!error && read_octet_string(filep,
-                                            akey->key_data_contents[0],
-                                            akey->key_data_length[0])) {
-                try2read = read_akey_data;
-                error++;
-            }
-
-            /* convert to a new format key */
-            /* the encrypted version is stored as the unencrypted key length
-               (4 bytes, MSB first) followed by the encrypted key. */
-            if ((akey->key_data_length[0] > 4)
-                && (akey->key_data_contents[0][0] == 0)
-                && (akey->key_data_contents[0][1] == 0)) {
-                /* this really does look like an old key, so drop and swap */
-                /* the *new* length is 2 bytes, LSB first, sigh. */
-                size_t shortlen = akey->key_data_length[0]-4+2;
-                krb5_octet *shortcopy = (krb5_octet *) malloc(shortlen);
-                krb5_octet *origdata = akey->key_data_contents[0];
-                shortcopy[0] = origdata[3];
-                shortcopy[1] = origdata[2];
-                memcpy(shortcopy+2,origdata+4,shortlen-2);
-                free(origdata);
-                akey->key_data_length[0] = shortlen;
-                akey->key_data_contents[0] = shortcopy;
-            }
-
-            /* Read alternate salt type */
-            if (!error && (fscanf(filep, "\t%u\t", &tmpint1) != 1)) {
-                try2read = read_asalt_type;
-                error++;
-            }
-            akey->key_data_type[1] = tmpint1;
-            /* Read alternate salt data */
-            if (!error && read_octet_string(filep,
-                                            akey->key_data_contents[1],
-                                            akey->key_data_length[1])) {
-                try2read = read_asalt_data;
-                error++;
-            }
-            /* Read expansion data - discard it */
-            if (!error) {
-                for (i=0; i<8; i++) {
-                    if (fscanf(filep, "\t%u", &tmpint1) != 1) {
-                        try2read = read_exp_data;
-                        error++;
-                        break;
-                    }
-                }
-                if (!error)
-                    find_record_end(filep, fname, *linenop);
-            }
-
-            /*
-             * If no error, then we're done reading.  Now parse the names
-             * and store the database dbent.
-             */
-            if (!error) {
-                if (!(kret = krb5_parse_name(kcontext,
-                                             name,
-                                             &dbent->princ))) {
-                    if (!(kret = krb5_parse_name(kcontext,
-                                                 mod_name,
-                                                 &mod_princ))) {
-                        if (!(kret =
-                              krb5_dbe_update_mod_princ_data(kcontext,
-                                                             dbent,
-                                                             mod_date,
-                                                             mod_princ)) &&
-                            !(kret =
-                              krb5_dbe_update_last_pwd_change(kcontext,
-                                                              dbent,
-                                                              last_pwd_change))) {
-                            dbent->len = KRB5_KDB_V1_BASE_LENGTH;
-                            pkey->key_data_ver = (pkey->key_data_type[1] || pkey->key_data_length[1]) ?
-                                2 : 1;
-                            akey->key_data_ver = (akey->key_data_type[1] || akey->key_data_length[1]) ?
-                                2 : 1;
-                            if ((pkey->key_data_type[0] ==
-                                 akey->key_data_type[0]) &&
-                                (pkey->key_data_type[1] ==
-                                 akey->key_data_type[1]))
-                                dbent->n_key_data--;
-                            else if ((akey->key_data_type[0] == 0)
-                                     && (akey->key_data_length[0] == 0)
-                                     && (akey->key_data_type[1] == 0)
-                                     && (akey->key_data_length[1] == 0))
-                                dbent->n_key_data--;
-
-                            dbent->mask = KADM5_LOAD | KADM5_PRINCIPAL | KADM5_ATTRIBUTES |
-                                KADM5_MAX_LIFE | KADM5_MAX_RLIFE | KADM5_KEY_DATA |
-                                KADM5_PRINC_EXPIRE_TIME | KADM5_LAST_SUCCESS |
-                                KADM5_LAST_FAILED | KADM5_FAIL_AUTH_COUNT;
-
-                            if ((kret = krb5_db_put_principal(kcontext,
-                                                              dbent))) {
-                                fprintf(stderr, store_err_fmt,
-                                        fname, *linenop, name,
-                                        error_message(kret));
-                                error++;
-                            }
-                            else {
-                                if (flags & FLAG_VERBOSE)
-                                    fprintf(stderr, add_princ_fmt, name);
-                                retval = 0;
-                            }
-                            dbent->n_key_data = 2;
-                        }
-                        krb5_free_principal(kcontext, mod_princ);
-                    }
-                    else {
-                        fprintf(stderr, parse_err_fmt,
-                                fname, *linenop, mod_name,
-                                error_message(kret));
-                        error++;
-                    }
-                }
-                else {
-                    fprintf(stderr, parse_err_fmt,
-                            fname, *linenop, name, error_message(kret));
-                    error++;
-                }
-            }
-            else {
-                fprintf(stderr, read_err_fmt, fname, *linenop, try2read);
-            }
-        }
-        else {
-            fprintf(stderr, no_mem_fmt, fname, *linenop);
-        }
-
-        krb5_db_free_principal(kcontext, dbent);
-        if (mod_name)
-            free(mod_name);
-        if (name)
-            free(name);
-    }
-    else {
-        if (nmatched != EOF)
-            fprintf(stderr, rhead_err_fmt, fname, *linenop);
-        else
-            retval = -1;
-    }
-    return(retval);
-}
-
 /* Allocate and form a TL data list of a desired size. */
 static int
 alloc_tl_data(krb5_int16 n_tl_data, krb5_tl_data **tldp)
@@ -2632,8 +2064,8 @@ restore_dump(programname, kcontext, dumpfile, f, flags, dump)
 }
 
 /*
- * Usage: load_db [-old] [-ov] [-b6] [-b7] [-r13] [-verbose]
- *                [-update] [-hash] filename
+ * Usage: load_db [-ov] [-b7] [-r13] [-verbose] [-update] [-hash]
+ *                filename
  */
 void
 load_db(argc, argv)
@@ -2670,11 +2102,7 @@ load_db(argc, argv)
     log_ctx = util_context->kdblog_context;
 
     for (aindex = 1; aindex < argc; aindex++) {
-        if (!strcmp(argv[aindex], oldoption))
-            load = &old_version;
-        else if (!strcmp(argv[aindex], b6option))
-            load = &beta6_version;
-        else if (!strcmp(argv[aindex], b7option))
+        if (!strcmp(argv[aindex], b7option))
             load = &beta7_version;
         else if (!strcmp(argv[aindex], ovoption))
             load = &ov_version;
@@ -2764,11 +2192,7 @@ load_db(argc, argv)
         }
     } else {
         /* perhaps this should be in an array, but so what? */
-        if (strcmp(buf, old_version.header) == 0)
-            load = &old_version;
-        else if (strcmp(buf, beta6_version.header) == 0)
-            load = &beta6_version;
-        else if (strcmp(buf, beta7_version.header) == 0)
+        if (strcmp(buf, beta7_version.header) == 0)
             load = &beta7_version;
         else if (strcmp(buf, r1_3_version.header) == 0)
             load = &r1_3_version;
@@ -2921,12 +2345,6 @@ load_db(argc, argv)
         exit_status++;
     }
 
-    if (!(flags & FLAG_UPDATE) && load->create_kadm5 &&
-        ((kret = kadm5_create_magic_princs(&global_params, kcontext)))) {
-        /* error message printed by create_magic_princs */
-        exit_status++;
-    }
-
     if (db_locked && (kret = krb5_db_unlock(kcontext))) {
         /* change this error? */
         fprintf(stderr, dbunlockerr_fmt,


More information about the cvs-krb5 mailing list