From a34c40915bb1e16c243b62e999571938d3715c5b Mon Sep 17 00:00:00 2001
From: Kurt Zeilenga <kurt@openldap.org>
Date: Mon, 26 Jun 2000 01:23:00 +0000
Subject: [PATCH] Ripe out Kbind

---
 servers/slurpd/args.c    | 10 +----
 servers/slurpd/config.c  | 24 +++-------
 servers/slurpd/ldap_op.c | 97 +---------------------------------------
 3 files changed, 7 insertions(+), 124 deletions(-)

diff --git a/servers/slurpd/args.c b/servers/slurpd/args.c
index ff28e0bb4f..f9cd9db8a3 100644
--- a/servers/slurpd/args.c
+++ b/servers/slurpd/args.c
@@ -24,7 +24,6 @@
 #include <ac/time.h>
 #include <ac/unistd.h>
 
-#include <lber.h>
 #include <ldap.h>
 
 #include "slurp.h"
@@ -64,7 +63,7 @@ doargs(
 	g->myname = strdup( g->myname + 1 );
     }
 
-    while ( (i = getopt( argc, argv, "hd:f:r:t:k:o" )) != EOF ) {
+    while ( (i = getopt( argc, argv, "hd:f:r:t:o" )) != EOF ) {
 	switch ( i ) {
 	case 'd':	/* set debug level and 'do not detach' flag */
 	    g->no_detach = 1;
@@ -114,13 +113,6 @@ doargs(
 	    g->slurpd_rdir = (char *)malloc (strlen(optarg) + strlen("/replica") + 1);
 	    sprintf(g->slurpd_rdir, "%s/replica", optarg);
 	    break;
-	case 'k':	/* name of kerberos srvtab file */
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
-	    g->default_srvtab = strdup( optarg );
-#else /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */
-	    fprintf( stderr, "must compile with KERBEROS to use -k option\n" );
-#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */
-	    break;
 	case 'h':
 	    usage( g->myname );
 	    return( -1 );
diff --git a/servers/slurpd/config.c b/servers/slurpd/config.c
index 1df6123240..d91a70aa23 100644
--- a/servers/slurpd/config.c
+++ b/servers/slurpd/config.c
@@ -25,7 +25,6 @@
 #include <ac/socket.h>
 #include <ac/ctype.h>
 
-#include <lber.h>
 #include <ldap.h>
 
 #include "slurp.h"
@@ -299,7 +298,7 @@ add_replica(
  * Parse a "replica" line from the config file.  replica lines should be
  * in the following format:
  * replica    host=<hostname:portnumber> binddn=<binddn>
- *            bindmethod="simple|kerberos" credentials=<creds>
+ *            bindmethod="simple" credentials=<creds>
  *
  * where:
  * <hostname:portnumber> describes the host name and port number where the
@@ -307,12 +306,10 @@ add_replica(
  *
  * <binddn> is the DN to bind to the replica slapd as,
  *
- * bindmethod is either "simple" or "kerberos", and
+ * bindmethod is "simple", and
  *
  * <creds> are the credentials (e.g. password) for binddn.  <creds> are
- * only used for bindmethod=simple.  For bindmethod=kerberos, the
- * credentials= option should be omitted.  Credentials for kerberos
- * authentication are in the system srvtab file.
+ * only used for bindmethod=simple.  
  *
  * The "replica" config file line may be split across multiple lines.  If
  * a line begins with whitespace, it is considered a continuation of the
@@ -355,21 +352,10 @@ parse_replica_line(
 		strlen( BINDMETHSTR ))) {
 	    val = cargv[ i ] + strlen( BINDMETHSTR ) + 1;
 	    if ( !strcasecmp( val, KERBEROSSTR )) {
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
-		ri->ri_bind_method = AUTH_KERBEROS;
-		if ( ri->ri_srvtab == NULL ) {
-		    ri->ri_srvtab = strdup( sglob->default_srvtab );
-		}
-		gots |= GOT_METHOD;
-#else /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */
 	    fprintf( stderr, "Error: a bind method of \"kerberos\" was\n" );
-	    fprintf( stderr, "specified in the slapd configuration file,\n" );
-	    fprintf( stderr, "but slurpd was not built with kerberos.\n" );
-	    fprintf( stderr, "You must rebuild the LDAP release with\n" );
-	    fprintf( stderr, "kerberos support if you wish to use\n" );
-	    fprintf( stderr, "bindmethod=kerberos\n" );
+	    fprintf( stderr, "specified in the slapd configuration file.\n" );
+	    fprintf( stderr, "slurpd no longer supports Kerberos.\n" );
 	    exit( EXIT_FAILURE );
-#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */
 	    } else if ( !strcasecmp( val, SIMPLESTR )) {
 		ri->ri_bind_method = AUTH_SIMPLE;
 		gots |= GOT_METHOD;
diff --git a/servers/slurpd/ldap_op.c b/servers/slurpd/ldap_op.c
index 656bd7c885..1673a12e78 100644
--- a/servers/slurpd/ldap_op.c
+++ b/servers/slurpd/ldap_op.c
@@ -27,14 +27,6 @@
 #include <ac/time.h>
 #include <ac/unistd.h>
 
-#include <ac/krb.h>
-
-#if defined( STR_TRANSLATION ) && defined( LDAP_DEFAULT_CHARSET )
-/* Get LDAP->ld_lberoptions.  Must precede slurp.h, both define ldap_debug. */
-#include "../../libraries/libldap/ldap-int.h"
-#endif
-
-#include <lber.h>
 #include <ldap.h>
 
 #include "slurp.h"
@@ -50,19 +42,10 @@ static void free_ldapmod LDAP_P(( LDAPMod * ));
 static void free_ldmarr LDAP_P(( LDAPMod ** ));
 static int getmodtype LDAP_P(( char * ));
 static void dump_ldm_array LDAP_P(( LDAPMod ** ));
-static char **read_krbnames LDAP_P(( Ri * ));
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
-static void upcase LDAP_P(( char * ));
-#endif
 static int do_bind LDAP_P(( Ri *, int * ));
 static int do_unbind LDAP_P(( Ri * ));
 
 
-static char *kattrs[] = {"kerberosName", NULL };
-static struct timeval kst = {30L, 0L};
-
-
-
 /*
  * Determine the type of ldap operation being performed and call the
  * appropriate routine.
@@ -431,7 +414,7 @@ op_ldap_modrdn(
 		Debug( LDAP_DEBUG_ANY,
 			"Error: op_ldap_modrdn: multiple newsuperior arg \"%s\"\n",
 			mi[ i ].mi_val, 0, 0 );
-		*errmsg = "Multiple newrdn argument";
+		*errmsg = "Multiple newsuperior argument";
 		return -1;
 		}
 
@@ -784,81 +767,3 @@ dump_ldm_array(
 	}
     }
 }
-
-
-/*
- * Get the kerberos names from the binddn for "replica" via an ldap search.
- * Returns a null-terminated array of char *, or NULL if the entry could
- * not be found or there were no kerberosName attributes.  The caller is
- * responsible for freeing the returned array and strings it points to.
- */
-static char **
-read_krbnames(
-    Ri	*ri
-)
-{
-    int rc;
-    char **krbnames;
-    int ne;
-    LDAPMessage *result, *entry;
-
-    /* First need to bind as NULL */
-    rc = ldap_simple_bind_s( ri->ri_ldp, NULL, NULL );
-    if ( rc != LDAP_SUCCESS ) {
-	Debug( LDAP_DEBUG_ANY,
-		"Error: null bind failed getting krbnames for %s:%d: %s\n",
-		ri->ri_hostname, ri->ri_port, ldap_err2string( rc ));
-	return( NULL );
-    }
-    rc = ldap_search_st( ri->ri_ldp, ri->ri_bind_dn, LDAP_SCOPE_BASE,
-	    NULL, kattrs, 0, &kst, &result );
-    if ( rc != LDAP_SUCCESS ) {
-	Debug( LDAP_DEBUG_ANY,
-		"Error: search failed getting krbnames for %s:%d: %s\n",
-		ri->ri_hostname, ri->ri_port, ldap_err2string( rc ));
-	return( NULL );
-    }
-    ne = ldap_count_entries( ri->ri_ldp, result );
-    if ( ne == 0 ) {
-	Debug( LDAP_DEBUG_ANY,
-		"Error: Can't find entry \"%s\" for %s:%d kerberos bind\n",
-		ri->ri_bind_dn, ri->ri_hostname, ri->ri_port );
-	    return( NULL );
-    }
-    if ( ne > 1 ) {
-	Debug( LDAP_DEBUG_ANY,
-		"Error: Kerberos binddn \"%s\" for %s:%dis ambiguous\n",
-		ri->ri_bind_dn, ri->ri_hostname, ri->ri_port );
-	    return( NULL );
-    }
-    entry = ldap_first_entry( ri->ri_ldp, result );
-    if ( entry == NULL ) {
-	Debug( LDAP_DEBUG_ANY,
-		"Error: Can't find \"%s\" for kerberos binddn for %s:%d\n",
-		    ri->ri_bind_dn, ri->ri_hostname, ri->ri_port );
-	return( NULL );
-    }
-    krbnames = ldap_get_values( ri->ri_ldp, entry, "kerberosName" );
-    ldap_msgfree( result );
-    return( krbnames );
-}
-
-
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
-
-/*
- * upcase a string
- */
-static void
-upcase(
-    char *s
-)
-{
-    char *p;
-
-    for ( p = s; ( p != NULL ) && ( *p != '\0' ); p++ ) {
-	    *p = TOUPPER( (unsigned char) *p );
-    }
-}
-
-#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */
-- 
2.39.5