krb5 commit: Use context profile for libkadm5 configuration
ghudson at mit.edu
ghudson at mit.edu
Wed May 18 17:09:39 EDT 2022
https://github.com/krb5/krb5/commit/49a857808b918440793daa81c8fe352326623fef
commit 49a857808b918440793daa81c8fe352326623fef
Author: Greg Hudson <ghudson at mit.edu>
Date: Mon May 9 10:41:47 2022 -0400
Use context profile for libkadm5 configuration
In kadm5_get_config_params(), uxe the context profile instead of
creating a new one with krb5_aprof_init().
In kproplog, obtain the context with kadm5_init_krb5_context() so that
KDC configuration is used.
ticket: 9059 (new)
src/kprop/kproplog.c | 2 +-
src/lib/kadm5/admin.h | 2 ++
src/lib/kadm5/alt_prof.c | 24 ++----------------------
3 files changed, 5 insertions(+), 23 deletions(-)
diff --git a/src/kprop/kproplog.c b/src/kprop/kproplog.c
index 9d3a91070..06af2a1d6 100644
--- a/src/kprop/kproplog.c
+++ b/src/kprop/kproplog.c
@@ -458,7 +458,7 @@ main(int argc, char **argv)
}
}
- if (krb5_init_context(&context)) {
+ if (kadm5_init_krb5_context(&context)) {
fprintf(stderr, _("Unable to initialize Kerberos\n\n"));
exit(1);
}
diff --git a/src/lib/kadm5/admin.h b/src/lib/kadm5/admin.h
index 7268be44e..296c86fa6 100644
--- a/src/lib/kadm5/admin.h
+++ b/src/lib/kadm5/admin.h
@@ -291,6 +291,8 @@ typedef struct _kadm5_key_data {
* functions
*/
+/* The use_kdc_config parameter is no longer used, as configuration is
+ * retrieved from the context profile. */
krb5_error_code kadm5_get_config_params(krb5_context context,
int use_kdc_config,
kadm5_config_params *params_in,
diff --git a/src/lib/kadm5/alt_prof.c b/src/lib/kadm5/alt_prof.c
index d166f0aba..b3ed8a139 100644
--- a/src/lib/kadm5/alt_prof.c
+++ b/src/lib/kadm5/alt_prof.c
@@ -510,8 +510,8 @@ krb5_error_code kadm5_get_config_params(krb5_context context,
kadm5_config_params *params_in,
kadm5_config_params *params_out)
{
- char *filename, *envname, *lrealm, *svalue, *sp, *ep, *tp;
- krb5_pointer aprofile = 0;
+ char *lrealm, *svalue, *sp, *ep, *tp;
+ krb5_pointer aprofile = context->profile;
const char *hierarchy[4];
krb5_int32 ivalue;
kadm5_config_params params, empty_params;
@@ -543,25 +543,6 @@ krb5_error_code kadm5_get_config_params(krb5_context context,
params.kvno = params_in->kvno;
params.mask |= KADM5_CONFIG_KVNO;
}
- /*
- * XXX These defaults should to work on both client and
- * server. kadm5_get_config_params can be implemented as a
- * wrapper function in each library that provides correct
- * defaults for NULL values.
- */
- if (use_kdc_config) {
- filename = DEFAULT_KDC_PROFILE;
- envname = KDC_PROFILE_ENV;
- } else {
- filename = DEFAULT_PROFILE_PATH;
- envname = "KRB5_CONFIG";
- }
- if (context->profile_secure == TRUE)
- envname = NULL;
-
- ret = krb5_aprof_init(filename, envname, &aprofile);
- if (ret)
- goto cleanup;
/* Initialize realm parameters. */
hierarchy[0] = KRB5_CONF_REALMS;
@@ -814,7 +795,6 @@ krb5_error_code kadm5_get_config_params(krb5_context context,
*params_out = params;
cleanup:
- krb5_aprof_finish(aprofile);
if (ret) {
kadm5_free_config_params(context, ¶ms);
params_out->mask = 0;
More information about the cvs-krb5
mailing list