krb5 commit: Remove krb5_aprof_init() and krb5_aprof_finish()

ghudson at mit.edu ghudson at mit.edu
Wed May 18 17:09:47 EDT 2022 

https://github.com/krb5/krb5/commit/6448bb43cb2ff02b3b9716b953c39a05f3b0569b
commit 6448bb43cb2ff02b3b9716b953c39a05f3b0569b
Author: Greg Hudson <ghudson at mit.edu>
Date:   Mon May 9 10:55:41 2022 -0400

    Remove krb5_aprof_init() and krb5_aprof_finish()
    
    These functions are not part of the API, as they are prototyped in the
    internal header adm_proto.h.  Stop using them in kdc/main.c (instead
    using the context profile) and stop defining them.

 src/include/adm_proto.h                     |  2 -
 src/kdc/main.c                              | 68 ++++++++++++++---------------
 src/lib/kadm5/alt_prof.c                    | 62 --------------------------
 src/lib/kadm5/clnt/libkadm5clnt_mit.exports |  2 -
 src/lib/kadm5/srv/libkadm5srv_mit.exports   |  2 -
 5 files changed, 32 insertions(+), 104 deletions(-)

diff --git a/src/include/adm_proto.h b/src/include/adm_proto.h
index 70a3bdf21..5d876aa36 100644
--- a/src/include/adm_proto.h
+++ b/src/include/adm_proto.h
@@ -58,7 +58,6 @@ int krb5_klog_syslog(int, const char *, ...)
 void krb5_klog_reopen (krb5_context);
 
 /* alt_prof.c */
-krb5_error_code krb5_aprof_init(char *, char *, krb5_pointer *);
 krb5_error_code krb5_aprof_getvals(krb5_pointer, const char **, char ***);
 krb5_error_code krb5_aprof_get_boolean(krb5_pointer, const char **, int,
                                        krb5_boolean *);
@@ -70,7 +69,6 @@ krb5_error_code krb5_aprof_get_string_all(krb5_pointer, const char **,
                                           char **);
 krb5_error_code krb5_aprof_get_int32(krb5_pointer, const char **,
                                      krb5_boolean, krb5_int32 *);
-krb5_error_code krb5_aprof_finish(krb5_pointer);
 
 /* str_conv.c */
 krb5_error_code krb5_flagspec_to_mask(const char *,
diff --git a/src/kdc/main.c b/src/kdc/main.c
index 074680da9..be6e361b8 100644
--- a/src/kdc/main.c
+++ b/src/kdc/main.c
@@ -608,7 +608,7 @@ initialize_realms(krb5_context kcontext, int argc, char **argv,
     krb5_boolean        def_restrict_anon;
     char                *def_udp_listen = NULL;
     char                *def_tcp_listen = NULL;
-    krb5_pointer        aprof = NULL;
+    krb5_pointer        aprof = kcontext->profile;
     const char          *hierarchy[3];
     char                *no_referral = NULL;
     char                *hostbased = NULL;
@@ -617,40 +617,38 @@ initialize_realms(krb5_context kcontext, int argc, char **argv,
 
     extern char *optarg;
 
-    if (!krb5_aprof_init(DEFAULT_KDC_PROFILE, KDC_PROFILE_ENV, &aprof)) {
-        hierarchy[0] = KRB5_CONF_KDCDEFAULTS;
-        hierarchy[1] = KRB5_CONF_KDC_LISTEN;
-        hierarchy[2] = (char *) NULL;
-        if (krb5_aprof_get_string(aprof, hierarchy, TRUE, &def_udp_listen)) {
-            hierarchy[1] = KRB5_CONF_KDC_PORTS;
-            if (krb5_aprof_get_string(aprof, hierarchy, TRUE, &def_udp_listen))
-                def_udp_listen = NULL;
-        }
-        hierarchy[1] = KRB5_CONF_KDC_TCP_LISTEN;
-        if (krb5_aprof_get_string(aprof, hierarchy, TRUE, &def_tcp_listen)) {
-            hierarchy[1] = KRB5_CONF_KDC_TCP_PORTS;
-            if (krb5_aprof_get_string(aprof, hierarchy, TRUE, &def_tcp_listen))
-                def_tcp_listen = NULL;
-        }
-        hierarchy[1] = KRB5_CONF_KDC_MAX_DGRAM_REPLY_SIZE;
-        if (krb5_aprof_get_int32(aprof, hierarchy, TRUE, &max_dgram_reply_size))
-            max_dgram_reply_size = MAX_DGRAM_SIZE;
-        if (tcp_listen_backlog_out != NULL) {
-            hierarchy[1] = KRB5_CONF_KDC_TCP_LISTEN_BACKLOG;
-            if (krb5_aprof_get_int32(aprof, hierarchy, TRUE,
-                                     tcp_listen_backlog_out))
-                *tcp_listen_backlog_out = DEFAULT_TCP_LISTEN_BACKLOG;
-        }
-        hierarchy[1] = KRB5_CONF_RESTRICT_ANONYMOUS_TO_TGT;
-        if (krb5_aprof_get_boolean(aprof, hierarchy, TRUE, &def_restrict_anon))
-            def_restrict_anon = FALSE;
-        hierarchy[1] = KRB5_CONF_NO_HOST_REFERRAL;
-        if (krb5_aprof_get_string_all(aprof, hierarchy, &no_referral))
-            no_referral = 0;
-        hierarchy[1] = KRB5_CONF_HOST_BASED_SERVICES;
-        if (krb5_aprof_get_string_all(aprof, hierarchy, &hostbased))
-            hostbased = 0;
+    hierarchy[0] = KRB5_CONF_KDCDEFAULTS;
+    hierarchy[1] = KRB5_CONF_KDC_LISTEN;
+    hierarchy[2] = NULL;
+    if (krb5_aprof_get_string(aprof, hierarchy, TRUE, &def_udp_listen)) {
+        hierarchy[1] = KRB5_CONF_KDC_PORTS;
+        if (krb5_aprof_get_string(aprof, hierarchy, TRUE, &def_udp_listen))
+            def_udp_listen = NULL;
+    }
+    hierarchy[1] = KRB5_CONF_KDC_TCP_LISTEN;
+    if (krb5_aprof_get_string(aprof, hierarchy, TRUE, &def_tcp_listen)) {
+        hierarchy[1] = KRB5_CONF_KDC_TCP_PORTS;
+        if (krb5_aprof_get_string(aprof, hierarchy, TRUE, &def_tcp_listen))
+            def_tcp_listen = NULL;
+    }
+    hierarchy[1] = KRB5_CONF_KDC_MAX_DGRAM_REPLY_SIZE;
+    if (krb5_aprof_get_int32(aprof, hierarchy, TRUE, &max_dgram_reply_size))
+        max_dgram_reply_size = MAX_DGRAM_SIZE;
+    if (tcp_listen_backlog_out != NULL) {
+        hierarchy[1] = KRB5_CONF_KDC_TCP_LISTEN_BACKLOG;
+        if (krb5_aprof_get_int32(aprof, hierarchy, TRUE,
+                                 tcp_listen_backlog_out))
+            *tcp_listen_backlog_out = DEFAULT_TCP_LISTEN_BACKLOG;
     }
+    hierarchy[1] = KRB5_CONF_RESTRICT_ANONYMOUS_TO_TGT;
+    if (krb5_aprof_get_boolean(aprof, hierarchy, TRUE, &def_restrict_anon))
+        def_restrict_anon = FALSE;
+    hierarchy[1] = KRB5_CONF_NO_HOST_REFERRAL;
+    if (krb5_aprof_get_string_all(aprof, hierarchy, &no_referral))
+        no_referral = 0;
+    hierarchy[1] = KRB5_CONF_HOST_BASED_SERVICES;
+    if (krb5_aprof_get_string_all(aprof, hierarchy, &hostbased))
+        hostbased = 0;
 
     if (def_udp_listen == NULL) {
         def_udp_listen = strdup(DEFAULT_KDC_UDP_PORTLIST);
@@ -836,8 +834,6 @@ initialize_realms(krb5_context kcontext, int argc, char **argv,
         free(hostbased);
     if (no_referral)
         free(no_referral);
-    if (aprof)
-        krb5_aprof_finish(aprof);
 
     return;
 }
diff --git a/src/lib/kadm5/alt_prof.c b/src/lib/kadm5/alt_prof.c
index b3ed8a139..e8c1f51ca 100644
--- a/src/lib/kadm5/alt_prof.c
+++ b/src/lib/kadm5/alt_prof.c
@@ -49,52 +49,6 @@ copy_key_salt_tuple(krb5_key_salt_tuple *ksalt, krb5_int32 len)
     return knew;
 }
 
-/*
- * krb5_aprof_init()        - Initialize alternate profile context.
- *
- * Parameters:
- *        fname             - default file name of the profile.
- *        envname           - environment variable which can override fname
- *        acontextp         - Pointer to opaque context for alternate profile
- *
- * Returns:
- *        error codes from profile_init()
- */
-krb5_error_code
-krb5_aprof_init(char *fname, char *envname, krb5_pointer *acontextp)
-{
-    krb5_error_code ret;
-    profile_t profile;
-    const char *kdc_config;
-    char **filenames;
-    int i;
-    struct k5buf buf;
-
-    ret = krb5_get_default_config_files(&filenames);
-    if (ret)
-        return ret;
-    if (envname == NULL || (kdc_config = secure_getenv(envname)) == NULL)
-        kdc_config = fname;
-    k5_buf_init_dynamic(&buf);
-    if (kdc_config)
-        k5_buf_add(&buf, kdc_config);
-    for (i = 0; filenames[i] != NULL; i++) {
-        if (buf.len > 0)
-            k5_buf_add(&buf, ":");
-        k5_buf_add(&buf, filenames[i]);
-    }
-    krb5_free_config_files(filenames);
-    if (k5_buf_status(&buf) != 0)
-        return ENOMEM;
-    profile = (profile_t) NULL;
-    ret = profile_init_path(buf.data, &profile);
-    k5_buf_free(&buf);
-    if (ret)
-        return ret;
-    *acontextp = profile;
-    return 0;
-}
-
 /*
  * krb5_aprof_getvals()     - Get values from alternate profile.
  *
@@ -344,22 +298,6 @@ krb5_aprof_get_int32(krb5_pointer acontext, const char **hierarchy,
     return ret;
 }
 
-/*
- * krb5_aprof_finish()      - Finish alternate profile context.
- *
- * Parameter:
- *        acontext          - opaque context for alternate profile.
- *
- * Returns:
- *        0 on success, something else on failure.
- */
-krb5_error_code
-krb5_aprof_finish(krb5_pointer acontext)
-{
-    profile_release(acontext);
-    return 0;
-}
-
 /*
  * Returns nonzero if it found something to copy; the caller may still need to
  * check the output field or mask to see if the copy (allocation) was
diff --git a/src/lib/kadm5/clnt/libkadm5clnt_mit.exports b/src/lib/kadm5/clnt/libkadm5clnt_mit.exports
index e41c8e4f7..9ed7d52dc 100644
--- a/src/lib/kadm5/clnt/libkadm5clnt_mit.exports
+++ b/src/lib/kadm5/clnt/libkadm5clnt_mit.exports
@@ -45,13 +45,11 @@ kadm5_setkey_principal
 kadm5_setkey_principal_3
 kadm5_setkey_principal_4
 kadm5_unlock
-krb5_aprof_finish
 krb5_aprof_get_boolean
 krb5_aprof_get_deltat
 krb5_aprof_get_int32
 krb5_aprof_get_string
 krb5_aprof_getvals
-krb5_aprof_init
 krb5_flagnum_to_string
 krb5_flagspec_to_mask
 krb5_flags_to_strings
diff --git a/src/lib/kadm5/srv/libkadm5srv_mit.exports b/src/lib/kadm5/srv/libkadm5srv_mit.exports
index 6804f1e1c..14c02a7f1 100644
--- a/src/lib/kadm5/srv/libkadm5srv_mit.exports
+++ b/src/lib/kadm5/srv/libkadm5srv_mit.exports
@@ -51,14 +51,12 @@ kdb_init_hist
 kdb_init_master
 kdb_iter_entry
 kdb_put_entry
-krb5_aprof_finish
 krb5_aprof_get_boolean
 krb5_aprof_get_deltat
 krb5_aprof_get_int32
 krb5_aprof_get_string
 krb5_aprof_get_string_all
 krb5_aprof_getvals
-krb5_aprof_init
 krb5_copy_key_data_contents
 krb5_flagnum_to_string
 krb5_flagspec_to_mask

More information about the cvs-krb5 mailing list