From bec25494fe6b7864b4b430f955590cb46c5ee40d Mon Sep 17 00:00:00 2001 From: Howard Chu Date: Wed, 10 Jan 2007 00:20:42 +0000 Subject: [PATCH] ITS#4799 remove kerberos / kbind references --- include/ac/krb.h | 37 ----------------------------- include/ac/krb5.h | 26 --------------------- include/ldap.h | 29 ----------------------- include/ldap_features.hin | 3 --- include/ldap_int_thread.h | 2 +- include/portable.hin | 45 ------------------------------------ libraries/libldap/bind.c | 6 ++--- libraries/libldap/init.c | 9 +++----- libraries/libldap/ldap-int.h | 6 +---- libraries/libldap/open.c | 13 ----------- libraries/libldap/request.c | 5 ---- libraries/libldap/sasl.c | 6 ++--- libraries/libldap/sbind.c | 6 ++--- libraries/libldap/test.c | 26 --------------------- 14 files changed, 11 insertions(+), 208 deletions(-) delete mode 100644 include/ac/krb.h delete mode 100644 include/ac/krb5.h diff --git a/include/ac/krb.h b/include/ac/krb.h deleted file mode 100644 index 4573b7734a..0000000000 --- a/include/ac/krb.h +++ /dev/null @@ -1,37 +0,0 @@ -/* Generic krb.h */ -/* $OpenLDAP$ */ -/* This work is part of OpenLDAP Software . - * - * Copyright 1998-2007 The OpenLDAP Foundation. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted only as authorized by the OpenLDAP - * Public License. - * - * A copy of this license is available in file LICENSE in the - * top-level directory of the distribution or, alternatively, at - * . - */ - -/* Kerberos IV */ - -#ifndef _AC_KRB_H -#define _AC_KRB_H - -#if defined( HAVE_KRB4 ) - -#if defined( HAVE_KERBEROSIV_KRB_H ) -#include -#elif defined( HAVE_KRB_H ) -#include -#endif - -#if defined( HAVE_KERBEROSIV_DES_H ) -#include -#elif defined( HAVE_DES_H ) -#include -#endif - -#endif /* HAVE_KRB4 */ -#endif /* _AC_KRB_H */ diff --git a/include/ac/krb5.h b/include/ac/krb5.h deleted file mode 100644 index 72cafbdd72..0000000000 --- a/include/ac/krb5.h +++ /dev/null @@ -1,26 +0,0 @@ -/* Generic krb.h */ -/* $OpenLDAP$ */ -/* This work is part of OpenLDAP Software . - * - * Copyright 1998-2007 The OpenLDAP Foundation. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted only as authorized by the OpenLDAP - * Public License. - * - * A copy of this license is available in file LICENSE in the - * top-level directory of the distribution or, alternatively, at - * . - */ - -/* Kerberos V */ - -#ifndef _AC_KRB5_H -#define _AC_KRB5_H - -#if defined( HAVE_KRB5 ) -#include -#endif /* HAVE_KRB5 */ - -#endif /* _AC_KRB5_H */ diff --git a/include/ldap.h b/include/ldap.h index 16f7eaa603..5fada4be37 100644 --- a/include/ldap.h +++ b/include/ldap.h @@ -1153,35 +1153,6 @@ ldap_simple_bind_s LDAP_P(( /* deprecated, use ldap_sasl_bind_s */ LDAP_CONST char *who, LDAP_CONST char *passwd )); - -/* - * in kbind.c: - * (deprecated - use SASL instead) - */ -LDAP_F( int ) -ldap_kerberos_bind_s LDAP_P(( /* deprecated */ - LDAP *ld, - LDAP_CONST char *who )); - -LDAP_F( int ) -ldap_kerberos_bind1 LDAP_P(( /* deprecated */ - LDAP *ld, - LDAP_CONST char *who )); - -LDAP_F( int ) -ldap_kerberos_bind1_s LDAP_P(( /* deprecated */ - LDAP *ld, - LDAP_CONST char *who )); - -LDAP_F( int ) -ldap_kerberos_bind2 LDAP_P(( /* deprecated */ - LDAP *ld, - LDAP_CONST char *who )); - -LDAP_F( int ) -ldap_kerberos_bind2_s LDAP_P(( /* deprecated */ - LDAP *ld, - LDAP_CONST char *who )); #endif diff --git a/include/ldap_features.hin b/include/ldap_features.hin index ec323c46a1..8962b648cb 100644 --- a/include/ldap_features.hin +++ b/include/ldap_features.hin @@ -54,9 +54,6 @@ /* is -lldap_r available or not */ #undef LDAP_API_FEATURE_X_OPENLDAP_THREAD_SAFE -/* LDAP v2 Kerberos Bind */ -#undef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND - /* LDAP v2 Referrals */ #undef LDAP_API_FEATURE_X_OPENLDAP_V2_REFERRALS diff --git a/include/ldap_int_thread.h b/include/ldap_int_thread.h index feed919200..5e70f4d587 100644 --- a/include/ldap_int_thread.h +++ b/include/ldap_int_thread.h @@ -63,7 +63,7 @@ typedef pthread_cond_t ldap_int_thread_cond_t; #define LDAP_THREAD_HAVE_SETCONCURRENCY 1 #endif -#if 0 && defined( HAVE_PTHREAD_RWLOCK_DESTROY ) +#if 1 && defined( HAVE_PTHREAD_RWLOCK_DESTROY ) #define LDAP_THREAD_HAVE_RDWR 1 typedef pthread_rwlock_t ldap_int_thread_rdwr_t; #endif diff --git a/include/portable.hin b/include/portable.hin index 84c6ad59d2..2f82be5d73 100644 --- a/include/portable.hin +++ b/include/portable.hin @@ -132,12 +132,6 @@ /* Define to 1 if you have the header file. */ #undef HAVE_DB_H -/* define if you have Kerberos des_debug */ -#undef HAVE_DES_DEBUG - -/* Define to 1 if you have the header file. */ -#undef HAVE_DES_H - /* define if your system supports /dev/poll */ #undef HAVE_DEVPOLL @@ -250,12 +244,6 @@ /* Define to 1 if you have the header file. */ #undef HAVE_GRP_H -/* define if you have HEIMDAL Kerberos */ -#undef HAVE_HEIMDAL_KERBEROS - -/* Define to 1 if you have the header file. */ -#undef HAVE_HEIM_ERR_H - /* Define to 1 if you have the `hstrerror' function. */ #undef HAVE_HSTRERROR @@ -283,36 +271,6 @@ /* Define to 1 if you have the header file. */ #undef HAVE_IO_H -/* define if you have Kerberos */ -#undef HAVE_KERBEROS - -/* Define to 1 if you have the header file. */ -#undef HAVE_KERBEROSIV_DES_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_KERBEROSIV_KRB_H - -/* define if you have Kerberos IV */ -#undef HAVE_KRB4 - -/* define if you have Kerberos V with IV support */ -#undef HAVE_KRB425 - -/* define if you have Kerberos V */ -#undef HAVE_KRB5 - -/* Define to 1 if you have the header file. */ -#undef HAVE_KRB5_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_KRB_ARCHAEOLOGY_H - -/* Define to 1 if you have the header file. */ -#undef HAVE_KRB_H - -/* define if you have Kth Kerberos */ -#undef HAVE_KTH_KERBEROS - /* Define to 1 if you have the `gen' library (-lgen). */ #undef HAVE_LIBGEN @@ -819,9 +777,6 @@ /* define to 1 if library is thread safe */ #undef LDAP_API_FEATURE_X_OPENLDAP_THREAD_SAFE -/* define to LDAP VENDOR VERSION */ -#undef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND - /* define to LDAP VENDOR VERSION */ #undef LDAP_API_FEATURE_X_OPENLDAP_V2_REFERRALS diff --git a/libraries/libldap/bind.c b/libraries/libldap/bind.c index f70b1e20db..4305d313d4 100644 --- a/libraries/libldap/bind.c +++ b/libraries/libldap/bind.c @@ -36,10 +36,8 @@ * name DistinguishedName, -- who * authentication CHOICE { * simple [0] OCTET STRING -- passwd -#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND - * krbv42ldap [1] OCTET STRING - * krbv42dsa [2] OCTET STRING -#endif + * krbv42ldap [1] OCTET STRING -- OBSOLETE + * krbv42dsa [2] OCTET STRING -- OBSOLETE * sasl [3] SaslCredentials -- LDAPv3 * } * } diff --git a/libraries/libldap/init.c b/libraries/libldap/init.c index 0139c0f7ca..2aa88936e0 100644 --- a/libraries/libldap/init.c +++ b/libraries/libldap/init.c @@ -444,8 +444,7 @@ ldap_int_destroy_global_options(void) WSACleanup( ); #endif -#if defined(LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND) \ - || defined(HAVE_TLS) || defined(HAVE_CYRUS_SASL) +#if defined(HAVE_TLS) || defined(HAVE_CYRUS_SASL) if ( ldap_int_hostname ) { LDAP_FREE( ldap_int_hostname ); ldap_int_hostname = NULL; @@ -529,8 +528,7 @@ void ldap_int_initialize_global_options( struct ldapoptions *gopts, int *dbglvl return; } -#if defined(LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND) \ - || defined(HAVE_TLS) || defined(HAVE_CYRUS_SASL) +#if defined(HAVE_TLS) || defined(HAVE_CYRUS_SASL) char * ldap_int_hostname = NULL; #endif @@ -578,8 +576,7 @@ void ldap_int_initialize( struct ldapoptions *gopts, int *dbglvl ) } #endif -#if defined(LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND) \ - || defined(HAVE_TLS) || defined(HAVE_CYRUS_SASL) +#if defined(HAVE_TLS) || defined(HAVE_CYRUS_SASL) { char *name = ldap_int_hostname; diff --git a/libraries/libldap/ldap-int.h b/libraries/libldap/ldap-int.h index 8db35241a8..185cfa8aaf 100644 --- a/libraries/libldap/ldap-int.h +++ b/libraries/libldap/ldap-int.h @@ -252,9 +252,6 @@ typedef struct ldap_conn { #define LDAP_CONNST_CONNECTING 2 #define LDAP_CONNST_CONNECTED 3 LDAPURLDesc *lconn_server; -#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND - char *lconn_krbinstance; -#endif BerElement *lconn_ber; /* ber receiving on this conn. */ struct ldap_conn *lconn_next; @@ -503,8 +500,7 @@ LDAP_F (int) ldap_connect_to_host( LDAP *ld, Sockbuf *sb, LDAP_F (int) ldap_int_poll( LDAP *ld, ber_socket_t s, struct timeval *tvp ); -#if defined(LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND) || \ - defined(HAVE_TLS) || defined(HAVE_CYRUS_SASL) +#if defined(HAVE_TLS) || defined(HAVE_CYRUS_SASL) LDAP_V (char *) ldap_int_hostname; LDAP_F (char *) ldap_host_connected_to( Sockbuf *sb, const char *host ); diff --git a/libraries/libldap/open.c b/libraries/libldap/open.c index 4d28619110..a243637fc4 100644 --- a/libraries/libldap/open.c +++ b/libraries/libldap/open.c @@ -372,19 +372,6 @@ ldap_int_open_connection( } #endif -#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND - if ( conn->lconn_krbinstance == NULL ) { - char *c; - conn->lconn_krbinstance = ldap_host_connected_to( - conn->lconn_sb, host ); - - if( conn->lconn_krbinstance != NULL && - ( c = strchr( conn->lconn_krbinstance, '.' )) != NULL ) { - *c = '\0'; - } - } -#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */ - return( 0 ); } diff --git a/libraries/libldap/request.c b/libraries/libldap/request.c index 8e42db67a0..76985f3d33 100644 --- a/libraries/libldap/request.c +++ b/libraries/libldap/request.c @@ -632,11 +632,6 @@ ldap_free_connection( LDAP *ld, LDAPConn *lc, int force, int unbind ) ldap_int_sasl_close( ld, lc ); ldap_free_urllist( lc->lconn_server ); -#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND - if ( lc->lconn_krbinstance != NULL ) { - LDAP_FREE( lc->lconn_krbinstance ); - } -#endif /* FIXME: is this at all possible? * ldap_ld_free() in unbind.c calls ldap_free_connection() diff --git a/libraries/libldap/sasl.c b/libraries/libldap/sasl.c index cd42afdc7d..5fc48e2155 100644 --- a/libraries/libldap/sasl.c +++ b/libraries/libldap/sasl.c @@ -19,10 +19,8 @@ * name DistinguishedName, -- who * authentication CHOICE { * simple [0] OCTET STRING -- passwd -#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND - * krbv42ldap [1] OCTET STRING - * krbv42dsa [2] OCTET STRING -#endif + * krbv42ldap [1] OCTET STRING -- OBSOLETE + * krbv42dsa [2] OCTET STRING -- OBSOLETE * sasl [3] SaslCredentials -- LDAPv3 * } * } diff --git a/libraries/libldap/sbind.c b/libraries/libldap/sbind.c index beaa824135..41da98d08b 100644 --- a/libraries/libldap/sbind.c +++ b/libraries/libldap/sbind.c @@ -22,10 +22,8 @@ * name DistinguishedName, -- who * authentication CHOICE { * simple [0] OCTET STRING -- passwd -#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND - * krbv42ldap [1] OCTET STRING - * krbv42dsa [2] OCTET STRING -#endif + * krbv42ldap [1] OCTET STRING -- OBSOLETE + * krbv42dsa [2] OCTET STRING -- OBSOLETE * sasl [3] SaslCredentials -- LDAPv3 * } * } diff --git a/libraries/libldap/test.c b/libraries/libldap/test.c index 9a0b894462..7b87e9a90d 100644 --- a/libraries/libldap/test.c +++ b/libraries/libldap/test.c @@ -252,17 +252,7 @@ bind_prompt( LDAP *ld, printf("rebind for request=%ld msgid=%ld url=%s\n", request, (long) msgid, url ); -#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND - get_line( dn, sizeof(dn), stdin, - "re-bind method (0->simple, 1->krbv41, 2->krbv42, 3->krbv41&2)? " ); - if (( authmethod = atoi( dn )) == 3 ) { - authmethod = LDAP_AUTH_KRBV4; - } else { - authmethod |= 0x80; - } -#else /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */ authmethod = LDAP_AUTH_SIMPLE; -#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */ get_line( dn, sizeof(dn), stdin, "re-bind dn? " ); strcat( dn, dnsuffix ); @@ -412,13 +402,7 @@ main( int argc, char **argv ) break; case 'b': /* asynch bind */ -#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND - get_line( line, sizeof(line), stdin, - "method (0->simple, 1->krbv41, 2->krbv42)? " ); - method = atoi( line ) | 0x80; -#else /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */ method = LDAP_AUTH_SIMPLE; -#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */ get_line( dn, sizeof(dn), stdin, "dn? " ); strcat( dn, dnsuffix ); @@ -438,17 +422,7 @@ main( int argc, char **argv ) break; case 'B': /* synch bind */ -#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND - get_line( line, sizeof(line), stdin, - "method 0->simple 1->krbv41 2->krbv42 3->krb? " ); - method = atoi( line ); - if ( method == 3 ) - method = LDAP_AUTH_KRBV4; - else - method = method | 0x80; -#else /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */ method = LDAP_AUTH_SIMPLE; -#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */ get_line( dn, sizeof(dn), stdin, "dn? " ); strcat( dn, dnsuffix ); -- 2.39.5