svn rev #3274: trunk/ bsd/ tests/krb-standalone/
ghudson@MIT.EDU
ghudson at MIT.EDU
Fri Nov 13 16:04:39 EST 2009
Commit By: ghudson
Log Message:
Remove some pre-1996 client compatibility code from rcp because it
used internal libkrb5 functions. Stop using the accompanying -C
option (which hasn't done anything in a while) in the rcp tests, but
continue accepting (and ignoring) that option for compatibility with
other scripts which might specify it.
Changed Files:
U trunk/bsd/krcp.c
U trunk/bsd/rcp.M
U trunk/tests/krb-standalone/rcp.exp
Modified: trunk/bsd/krcp.c
===================================================================
--- trunk/bsd/krcp.c 2009-11-05 20:15:06 UTC (rev 3273)
+++ trunk/bsd/krcp.c 2009-11-13 21:04:39 UTC (rev 3274)
@@ -78,7 +78,6 @@
int sock;
char *krb_realm = NULL;
char *krb_cache = NULL;
-char *krb_config = NULL;
krb5_encrypt_block eblock; /* eblock for encrypt/decrypt */
krb5_context bsd_context;
@@ -89,8 +88,7 @@
#endif
int rcmd_stream_write(), rcmd_stream_read();
void usage(void), sink(int, char **),
- source(int, char **), rsource(char *, struct stat *), verifydir(char *),
- answer_auth(char *, char *);
+ source(int, char **), rsource(char *, struct stat *), verifydir(char *);
int response(void), hosteq(char *, char *), okname(char *),
susystem(char *);
int encryptflag = 0;
@@ -210,14 +208,7 @@
exit(1);
}
goto next_arg;
- case 'C': /* Change default config file */
- argc--, argv++;
- if (argc == 0)
- usage();
- if(!(krb_config = strdup(*argv))){
- fprintf(stderr, "rcp: Cannot malloc.\n");
- exit(1);
- }
+ case 'C': /* Defunct option, accept for compatibility. */
goto next_arg;
case 'P':
if (!strcmp (*argv, "O"))
@@ -236,10 +227,6 @@
case 'f': /* "from" */
iamremote = 1;
rcmd_stream_init_normal();
-#if defined(KERBEROS)
- if (encryptflag)
- answer_auth(krb_config, krb_cache);
-#endif /* KERBEROS */
(void) response();
source(--argc, ++argv);
@@ -248,10 +235,6 @@
case 't': /* "to" */
iamremote = 1;
rcmd_stream_init_normal();
-#if defined(KERBEROS)
- if (encryptflag)
- answer_auth(krb_config, krb_cache);
-#endif /* KERBEROS */
sink(--argc, ++argv);
exit(errs);
@@ -289,7 +272,7 @@
}
#ifdef KERBEROS
- if (asprintf(&cmd, "%srcp %s%s%s%s%s%s%s%s%s",
+ if (asprintf(&cmd, "%srcp %s%s%s%s%s%s%s",
encryptflag ? "-x " : "",
iamrecursive ? " -r" : "", pflag ? " -p" : "",
@@ -297,9 +280,7 @@
krb_realm != NULL ? " -k " : "",
krb_realm != NULL ? krb_realm : "",
krb_cache != NULL ? " -c " : "",
- krb_cache != NULL ? krb_cache : "",
- krb_config != NULL ? " -C " : "",
- krb_config != NULL ? krb_config : "") < 0) {
+ krb_cache != NULL ? krb_cache : "") < 0) {
fprintf(stderr, "rcp: Cannot malloc.\n");
exit(1);
}
@@ -1279,85 +1260,6 @@
#define SIZEOF_INADDR sizeof(struct in_addr)
#endif
-
-/* This function is mostly vestigial, since under normal operation
- * the -x flag doesn't get set for the server process for encrypted
- * rcp. It only gets called by beta clients attempting user-to-user
- * authentication. */
-void
- answer_auth(config_file, ccache_file)
- char *config_file;
- char *ccache_file;
-{
- krb5_data pname_data, msg;
- krb5_creds creds, *new_creds;
- krb5_ccache cc;
- krb5_error_code status;
- krb5_auth_context auth_context = NULL;
-
- if (config_file) {
- const char * filenames[2];
- filenames[1] = NULL;
- filenames[0] = config_file;
- if ((status = krb5_set_config_files(bsd_context, filenames)))
- exit(1);
- }
-
- memset (&creds, 0, sizeof(creds));
-
- if ((status = krb5_read_message(bsd_context, (krb5_pointer)&rem,
- &pname_data)))
- exit(1);
-
- if ((status = krb5_read_message(bsd_context, (krb5_pointer) &rem,
- &creds.second_ticket)))
- exit(1);
-
- if (ccache_file == NULL) {
- if ((status = krb5_cc_default(bsd_context, &cc)))
- exit(1);
- } else {
- if ((status = krb5_cc_resolve(bsd_context, ccache_file, &cc)))
- exit(1);
- }
-
- if ((status = krb5_cc_get_principal(bsd_context, cc, &creds.client)))
- exit(1);
-
- if ((status = krb5_parse_name(bsd_context, pname_data.data,
- &creds.server)) )
- exit(1);
-
- krb5_free_data_contents(bsd_context, &pname_data);
-
- if ((status = krb5_get_credentials(bsd_context, KRB5_GC_USER_USER, cc,
- &creds, &new_creds)))
- exit(1);
-
- if ((status = krb5_mk_req_extended(bsd_context, &auth_context,
- AP_OPTS_USE_SESSION_KEY,
- NULL, new_creds, &msg)))
- exit(1);
-
- if ((status = krb5_write_message(bsd_context, (krb5_pointer) &rem,
- &msg))) {
- krb5_free_data_contents(bsd_context, &msg);
- exit(1);
- }
-
- rcmd_stream_init_krb5(&new_creds->keyblock, encryptflag, 0, 0,
- KCMD_OLD_PROTOCOL);
-
- /* cleanup */
- krb5_free_cred_contents(bsd_context, &creds);
- krb5_free_creds(bsd_context, new_creds);
- krb5_free_data_contents(bsd_context, &msg);
-
- return;
-}
-
-
-
char storage[2*RCP_BUFSIZ]; /* storage for the decryption */
int nstored = 0;
char *store_ptr = storage;
Modified: trunk/bsd/rcp.M
===================================================================
--- trunk/bsd/rcp.M 2009-11-05 20:15:06 UTC (rev 3273)
+++ trunk/bsd/rcp.M 2009-11-13 21:04:39 UTC (rev 3274)
@@ -99,10 +99,6 @@
change the default credentials cache file to
.I ccachefile
.TP
-\fB\-C\fP \fIconfigfile\fP
-change the default configuation file to
-.I configfile
-.TP
.B \-r
if any of the source files are directories, copy each subtree rooted at
that name; in this case the destination must be a directory.
Modified: trunk/tests/krb-standalone/rcp.exp
===================================================================
--- trunk/tests/krb-standalone/rcp.exp 2009-11-05 20:15:06 UTC (rev 3273)
+++ trunk/tests/krb-standalone/rcp.exp 2009-11-13 21:04:39 UTC (rev 3274)
@@ -200,11 +200,11 @@
# stop_rsh_daemon
start_rsh_daemon
- rcp_one_test "encrypted rcp from" "-x -c $env(KRB5CCNAME) -C $env(KRB5_CONFIG)" "$hostname:" ""
+ rcp_one_test "encrypted rcp from" "-x -c $env(KRB5CCNAME)" "$hostname:" ""
stop_rsh_daemon
start_rsh_daemon
- rcp_one_test "encrypted rcp to" "-x -c $env(KRB5CCNAME) -C $env(KRB5_CONFIG)" "" "$hostname:"
+ rcp_one_test "encrypted rcp to" "-x -c $env(KRB5CCNAME)" "" "$hostname:"
stop_rsh_daemon
# Doing rcp between two hosts actually just executes rsh rcp on
More information about the Krb5-appl-commits
mailing list