summaryrefslogtreecommitdiffstats
path: root/crypto/heimdal/lib/krb5/context.c
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/heimdal/lib/krb5/context.c')
-rw-r--r--crypto/heimdal/lib/krb5/context.c197
1 files changed, 146 insertions, 51 deletions
diff --git a/crypto/heimdal/lib/krb5/context.c b/crypto/heimdal/lib/krb5/context.c
index c890401..d21ea71 100644
--- a/crypto/heimdal/lib/krb5/context.c
+++ b/crypto/heimdal/lib/krb5/context.c
@@ -32,8 +32,9 @@
*/
#include "krb5_locl.h"
+#include <com_err.h>
-RCSID("$Id: context.c,v 1.73 2002/02/12 08:24:08 joda Exp $");
+RCSID("$Id: context.c,v 1.80 2002/08/28 15:27:24 joda Exp $");
#define INIT_FIELD(C, T, E, D, F) \
(C)->E = krb5_config_get_ ## T ## _default ((C), NULL, (D), \
@@ -50,7 +51,7 @@ set_etypes (krb5_context context,
krb5_enctype **ret_enctypes)
{
char **etypes_str;
- krb5_enctype *etypes;
+ krb5_enctype *etypes = NULL;
etypes_str = krb5_config_get_strings(context, NULL, "libdefaults",
name, NULL);
@@ -69,8 +70,8 @@ set_etypes (krb5_context context,
}
etypes[k] = ETYPE_NULL;
krb5_config_free_strings(etypes_str);
- *ret_enctypes = etypes;
- }
+ }
+ *ret_enctypes = etypes;
return 0;
}
@@ -83,19 +84,35 @@ init_context_from_config_file(krb5_context context)
{
krb5_error_code ret;
const char * tmp;
+ krb5_enctype *tmptypes;
INIT_FIELD(context, time, max_skew, 5 * 60, "clockskew");
INIT_FIELD(context, time, kdc_timeout, 3, "kdc_timeout");
INIT_FIELD(context, int, max_retries, 3, "max_retries");
INIT_FIELD(context, string, http_proxy, NULL, "http_proxy");
-
- set_etypes (context, "default_etypes", &context->etypes);
- set_etypes (context, "default_etypes_des", &context->etypes_des);
+
+ ret = set_etypes (context, "default_etypes", &tmptypes);
+ if(ret)
+ return ret;
+ free(context->etypes);
+ context->etypes = tmptypes;
+
+ ret = set_etypes (context, "default_etypes_des", &tmptypes);
+ if(ret)
+ return ret;
+ free(context->etypes_des);
+ context->etypes_des = tmptypes;
/* default keytab name */
- INIT_FIELD(context, string, default_keytab,
- KEYTAB_DEFAULT, "default_keytab_name");
+ tmp = NULL;
+ if(!issuid())
+ tmp = getenv("KRB5_KTNAME");
+ if(tmp != NULL)
+ context->default_keytab = tmp;
+ else
+ INIT_FIELD(context, string, default_keytab,
+ KEYTAB_DEFAULT, "default_keytab_name");
INIT_FIELD(context, string, default_keytab_modify,
NULL, "default_keytab_modify_name");
@@ -116,11 +133,14 @@ init_context_from_config_file(krb5_context context)
"dns_proxy", NULL);
if(tmp)
roken_gethostby_setup(context->http_proxy, tmp);
+ krb5_free_host_realm (context, context->default_realms);
context->default_realms = NULL;
{
krb5_addresses addresses;
char **adr, **a;
+
+ krb5_set_extra_addresses(context, NULL);
adr = krb5_config_get_strings(context, NULL,
"libdefaults",
"extra_addresses",
@@ -135,6 +155,7 @@ init_context_from_config_file(krb5_context context)
}
krb5_config_free_strings(adr);
+ krb5_set_ignore_addresses(context, NULL);
adr = krb5_config_get_strings(context, NULL,
"libdefaults",
"ignore_addresses",
@@ -151,22 +172,15 @@ init_context_from_config_file(krb5_context context)
}
INIT_FIELD(context, bool, scan_interfaces, TRUE, "scan_interfaces");
- INIT_FIELD(context, bool, srv_lookup, TRUE, "srv_lookup");
INIT_FIELD(context, int, fcache_vno, 0, "fcache_version");
-
- context->cc_ops = NULL;
- context->num_cc_ops = 0;
- krb5_cc_register(context, &krb5_fcc_ops, TRUE);
- krb5_cc_register(context, &krb5_mcc_ops, TRUE);
-
- context->num_kt_types = 0;
- context->kt_types = NULL;
- krb5_kt_register (context, &krb5_fkt_ops);
- krb5_kt_register (context, &krb5_mkt_ops);
- krb5_kt_register (context, &krb5_akf_ops);
- krb5_kt_register (context, &krb4_fkt_ops);
- krb5_kt_register (context, &krb5_srvtab_fkt_ops);
- krb5_kt_register (context, &krb5_any_ops);
+ INIT_FIELD(context, bool, srv_lookup, TRUE, "dns_lookup_kdc");
+ /* srv_lookup backwards compatibility. */
+ {
+ const char **p;
+ p = krb5_config_get_strings(context, NULL, "libdefaults", "srv_lookup", NULL);
+ if (p != NULL)
+ INIT_FIELD(context, bool, srv_lookup, TRUE, "srv_lookup");
+ }
return 0;
}
@@ -174,55 +188,55 @@ krb5_error_code
krb5_init_context(krb5_context *context)
{
krb5_context p;
- const char *config_file = NULL;
- krb5_config_section *tmp_cf;
krb5_error_code ret;
+ char **files;
- ALLOC(p, 1);
+ p = calloc(1, sizeof(*p));
if(!p)
return ENOMEM;
- memset(p, 0, sizeof(krb5_context_data));
+
+ ret = krb5_get_default_config_files(&files);
+ if(ret)
+ goto out;
+ ret = krb5_set_config_files(p, files);
+ krb5_free_config_files(files);
+ if(ret)
+ goto out;
/* init error tables */
krb5_init_ets(p);
- if(!issuid())
- config_file = getenv("KRB5_CONFIG");
- if (config_file == NULL)
- config_file = krb5_config_file;
-
- ret = krb5_config_parse_file (p, config_file, &tmp_cf);
-
- if (ret == 0)
- p->cf = tmp_cf;
-#if 0
- else
- krb5_warnx (p, "Unable to parse config file %s. Ignoring.",
- config_file); /* XXX */
-#endif
-
- ret = init_context_from_config_file(p);
+ p->cc_ops = NULL;
+ p->num_cc_ops = 0;
+ krb5_cc_register(p, &krb5_fcc_ops, TRUE);
+ krb5_cc_register(p, &krb5_mcc_ops, TRUE);
+
+ p->num_kt_types = 0;
+ p->kt_types = NULL;
+ krb5_kt_register (p, &krb5_fkt_ops);
+ krb5_kt_register (p, &krb5_mkt_ops);
+ krb5_kt_register (p, &krb5_akf_ops);
+ krb5_kt_register (p, &krb4_fkt_ops);
+ krb5_kt_register (p, &krb5_srvtab_fkt_ops);
+ krb5_kt_register (p, &krb5_any_ops);
+
+out:
if(ret) {
krb5_free_context(p);
- return ret;
+ p = NULL;
}
-
*context = p;
- return 0;
+ return ret;
}
void
krb5_free_context(krb5_context context)
{
- int i;
-
free(context->etypes);
free(context->etypes_des);
krb5_free_host_realm (context, context->default_realms);
krb5_config_file_free (context, context->cf);
free_error_table (context->et_list);
- for(i = 0; i < context->num_cc_ops; ++i)
- free(context->cc_ops[i].prefix);
free(context->cc_ops);
free(context->kt_types);
krb5_clear_error_string(context);
@@ -233,6 +247,87 @@ krb5_free_context(krb5_context context)
free(context);
}
+krb5_error_code
+krb5_set_config_files(krb5_context context, char **filenames)
+{
+ krb5_error_code ret;
+ krb5_config_binding *tmp = NULL;
+ while(filenames != NULL && *filenames != NULL && **filenames != '\0') {
+ ret = krb5_config_parse_file_multi(context, *filenames, &tmp);
+ if(ret != 0 && ret != ENOENT) {
+ krb5_config_file_free(context, tmp);
+ return ret;
+ }
+ filenames++;
+ }
+#if 0
+ /* with this enabled and if there are no config files, Kerberos is
+ considererd disabled */
+ if(tmp == NULL)
+ return ENOENT;
+#endif
+ krb5_config_file_free(context, context->cf);
+ context->cf = tmp;
+ ret = init_context_from_config_file(context);
+ return ret;
+}
+
+krb5_error_code
+krb5_get_default_config_files(char ***pfilenames)
+{
+ const char *p, *q;
+ char **pp;
+ int n, i;
+
+ const char *files = NULL;
+ if (pfilenames == NULL)
+ return EINVAL;
+ if(!issuid())
+ files = getenv("KRB5_CONFIG");
+ if (files == NULL)
+ files = krb5_config_file;
+
+ for(n = 0, p = files; strsep_copy(&p, ":", NULL, 0) != -1; n++);
+ pp = malloc((n + 1) * sizeof(*pp));
+ if(pp == NULL)
+ return ENOMEM;
+
+ n = 0;
+ p = files;
+ while(1) {
+ ssize_t l;
+ q = p;
+ l = strsep_copy(&q, ":", NULL, 0);
+ if(l == -1)
+ break;
+ pp[n] = malloc(l + 1);
+ if(pp[n] == NULL) {
+ krb5_free_config_files(pp);
+ return ENOMEM;
+ }
+ l = strsep_copy(&p, ":", pp[n], l + 1);
+ for(i = 0; i < n; i++)
+ if(strcmp(pp[i], pp[n]) == 0) {
+ free(pp[n]);
+ goto skip;
+ }
+ n++;
+ skip:;
+ }
+ pp[n] = NULL;
+ *pfilenames = pp;
+ return 0;
+}
+
+void
+krb5_free_config_files(char **filenames)
+{
+ char **p;
+ for(p = filenames; *p != NULL; p++)
+ free(*p);
+ free(filenames);
+}
+
/*
* set `etype' to a malloced list of the default enctypes
*/
OpenPOWER on IntegriCloud