svn rev #3274: trunk/ bsd/ tests/krb-standalone/

ghudson@MIT.EDU ghudson at MIT.EDU
Fri Nov 13 16:04:39 EST 2009


Commit By: ghudson
Log Message:
Remove some pre-1996 client compatibility code from rcp because it
used internal libkrb5 functions.  Stop using the accompanying -C
option (which hasn't done anything in a while) in the rcp tests, but
continue accepting (and ignoring) that option for compatibility with
other scripts which might specify it.



Changed Files:
U   trunk/bsd/krcp.c
U   trunk/bsd/rcp.M
U   trunk/tests/krb-standalone/rcp.exp
Modified: trunk/bsd/krcp.c
===================================================================
--- trunk/bsd/krcp.c	2009-11-05 20:15:06 UTC (rev 3273)
+++ trunk/bsd/krcp.c	2009-11-13 21:04:39 UTC (rev 3274)
@@ -78,7 +78,6 @@
 int sock;
 char *krb_realm = NULL;
 char *krb_cache = NULL;
-char *krb_config = NULL;
 krb5_encrypt_block eblock;         /* eblock for encrypt/decrypt */
 krb5_context bsd_context;
 
@@ -89,8 +88,7 @@
 #endif
 int	rcmd_stream_write(), rcmd_stream_read();
 void 	usage(void), sink(int, char **),
-    source(int, char **), rsource(char *, struct stat *), verifydir(char *), 
-    answer_auth(char *, char *);
+    source(int, char **), rsource(char *, struct stat *), verifydir(char *);
 int	response(void), hosteq(char *, char *), okname(char *), 
     susystem(char *);
 int	encryptflag = 0;
@@ -210,14 +208,7 @@
 		exit(1);
 	    }
 	    goto next_arg;
-	  case 'C':		/* Change default config file */
-	    argc--, argv++;
-	    if (argc == 0) 
-	      usage();
-	    if(!(krb_config = strdup(*argv))){
-		fprintf(stderr, "rcp: Cannot malloc.\n");
-		exit(1);
-	    }
+	  case 'C':		/* Defunct option, accept for compatibility. */
 	    goto next_arg;
 	  case 'P':
 	    if (!strcmp (*argv, "O"))
@@ -236,10 +227,6 @@
 	  case 'f':		/* "from" */
 	    iamremote = 1;
 	    rcmd_stream_init_normal();
-#if defined(KERBEROS)
-	    if (encryptflag)
-	      answer_auth(krb_config, krb_cache);
-#endif /* KERBEROS */
 
 	    (void) response();
 	    source(--argc, ++argv);
@@ -248,10 +235,6 @@
 	  case 't':		/* "to" */
 	    iamremote = 1;
 	    rcmd_stream_init_normal();
-#if defined(KERBEROS)
-	    if (encryptflag)
-	      answer_auth(krb_config, krb_cache);
-#endif /* KERBEROS */
 
 	    sink(--argc, ++argv);
 	    exit(errs);
@@ -289,7 +272,7 @@
     }
 
 #ifdef KERBEROS
-    if (asprintf(&cmd, "%srcp %s%s%s%s%s%s%s%s%s",
+    if (asprintf(&cmd, "%srcp %s%s%s%s%s%s%s",
 		 encryptflag ? "-x " : "",
 
 		 iamrecursive ? " -r" : "", pflag ? " -p" : "", 
@@ -297,9 +280,7 @@
 		 krb_realm != NULL ? " -k " : "",
 		 krb_realm != NULL ? krb_realm : "",
 		 krb_cache != NULL ? " -c " : "",
-		 krb_cache != NULL ? krb_cache : "",
-		 krb_config != NULL ? " -C " : "",
-		 krb_config != NULL ? krb_config : "") < 0) {
+		 krb_cache != NULL ? krb_cache : "") < 0) {
 	fprintf(stderr, "rcp: Cannot malloc.\n");
 	exit(1);
     }
@@ -1279,85 +1260,6 @@
 #define SIZEOF_INADDR sizeof(struct in_addr)
 #endif
 
-
-/* This function is mostly vestigial, since under normal operation
- * the -x flag doesn't get set for the server process for encrypted
- * rcp.  It only gets called by beta clients attempting user-to-user
- * authentication. */
-void
-  answer_auth(config_file, ccache_file)
-    char *config_file;
-    char *ccache_file;
-{
-    krb5_data pname_data, msg;
-    krb5_creds creds, *new_creds;
-    krb5_ccache cc;
-    krb5_error_code status;
-    krb5_auth_context auth_context = NULL;
-    
-    if (config_file) {
-    	const char * filenames[2];
-    	filenames[1] = NULL;
-    	filenames[0] = config_file;
-    	if ((status = krb5_set_config_files(bsd_context, filenames)))
-	    exit(1);
-    }
-    
-    memset (&creds, 0, sizeof(creds));
-
-    if ((status = krb5_read_message(bsd_context, (krb5_pointer)&rem,
-				    &pname_data)))
-	exit(1);
-    
-    if ((status = krb5_read_message(bsd_context, (krb5_pointer) &rem,
-				    &creds.second_ticket)))
-	exit(1);
-    
-    if (ccache_file == NULL) {
-    	if ((status = krb5_cc_default(bsd_context, &cc)))
-	    exit(1);
-    } else {
-	if ((status = krb5_cc_resolve(bsd_context, ccache_file, &cc)))
-	    exit(1);
-    }
-
-    if ((status = krb5_cc_get_principal(bsd_context, cc, &creds.client)))
-	exit(1);
-
-    if ((status = krb5_parse_name(bsd_context, pname_data.data,
-				  &creds.server)) )
-	exit(1);
-
-    krb5_free_data_contents(bsd_context, &pname_data);
-
-    if ((status = krb5_get_credentials(bsd_context, KRB5_GC_USER_USER, cc, 
-				       &creds, &new_creds)))
-	exit(1);
-
-    if ((status = krb5_mk_req_extended(bsd_context, &auth_context,
-				       AP_OPTS_USE_SESSION_KEY,
-				       NULL, new_creds, &msg)))
-	exit(1);
-    
-    if ((status = krb5_write_message(bsd_context, (krb5_pointer) &rem,
-				     &msg))) {
-    	krb5_free_data_contents(bsd_context, &msg);
-	exit(1);
-    }
-    
-    rcmd_stream_init_krb5(&new_creds->keyblock, encryptflag, 0, 0,
-			  KCMD_OLD_PROTOCOL);
-    
-    /* cleanup */
-    krb5_free_cred_contents(bsd_context, &creds);
-    krb5_free_creds(bsd_context, new_creds);
-    krb5_free_data_contents(bsd_context, &msg);
-
-    return;
-}
-
-
-
 char storage[2*RCP_BUFSIZ];		/* storage for the decryption */
 int nstored = 0;
 char *store_ptr = storage;

Modified: trunk/bsd/rcp.M
===================================================================
--- trunk/bsd/rcp.M	2009-11-05 20:15:06 UTC (rev 3273)
+++ trunk/bsd/rcp.M	2009-11-13 21:04:39 UTC (rev 3274)
@@ -99,10 +99,6 @@
 change the default credentials cache file to 
 .I ccachefile
 .TP
-\fB\-C\fP \fIconfigfile\fP
-change the default configuation file to
-.I configfile
-.TP
 .B \-r
 if any of the source files are directories, copy each subtree rooted at
 that name; in this case the destination must be a directory.

Modified: trunk/tests/krb-standalone/rcp.exp
===================================================================
--- trunk/tests/krb-standalone/rcp.exp	2009-11-05 20:15:06 UTC (rev 3273)
+++ trunk/tests/krb-standalone/rcp.exp	2009-11-13 21:04:39 UTC (rev 3274)
@@ -200,11 +200,11 @@
     # stop_rsh_daemon
 
     start_rsh_daemon
-    rcp_one_test "encrypted rcp from" "-x -c $env(KRB5CCNAME) -C $env(KRB5_CONFIG)" "$hostname:" ""
+    rcp_one_test "encrypted rcp from" "-x -c $env(KRB5CCNAME)" "$hostname:" ""
     stop_rsh_daemon
 
     start_rsh_daemon
-    rcp_one_test "encrypted rcp to" "-x -c $env(KRB5CCNAME) -C $env(KRB5_CONFIG)" "" "$hostname:"
+    rcp_one_test "encrypted rcp to" "-x -c $env(KRB5CCNAME)" "" "$hostname:"
     stop_rsh_daemon
 
     # Doing rcp between two hosts actually just executes rsh rcp on




More information about the Krb5-appl-commits mailing list