diff options
author | Pavel Filipenský <pfilipen@redhat.com> | 2021-07-22 14:11:51 +0200 |
---|---|---|
committer | Volker Lendecke <vl@samba.org> | 2021-07-27 10:09:03 +0000 |
commit | 7fb741b3b1ac7c2bac355b77cf71cd8881d58d5b (patch) | |
tree | 1184863df9ed70ab3cbf3c68002e940a9b5a2f3f /lib/krb5_wrap | |
parent | 7b796b5bb735295bde252cd52283591b720d8d6e (diff) | |
download | samba-7fb741b3b1ac7c2bac355b77cf71cd8881d58d5b.tar.gz |
krb5_wrap: remove unused code
Signed-off-by: Pavel Filipenský <pfilipen@redhat.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Jul 27 10:09:03 UTC 2021 on sn-devel-184
Diffstat (limited to 'lib/krb5_wrap')
-rw-r--r-- | lib/krb5_wrap/keytab_util.c | 197 | ||||
-rw-r--r-- | lib/krb5_wrap/krb5_samba.h | 10 |
2 files changed, 0 insertions, 207 deletions
diff --git a/lib/krb5_wrap/keytab_util.c b/lib/krb5_wrap/keytab_util.c index 5fe9216470a..ba8a79cea0a 100644 --- a/lib/krb5_wrap/keytab_util.c +++ b/lib/krb5_wrap/keytab_util.c @@ -36,202 +36,6 @@ #include "includes.h" #include "krb5_samba.h" -static krb5_boolean -compare_keyblock(const krb5_keyblock *a, const krb5_keyblock *b) -{ - if (KRB5_KEY_TYPE(a) != KRB5_KEY_TYPE(b) || - KRB5_KEY_LENGTH(a) != KRB5_KEY_LENGTH(b) || - memcmp(KRB5_KEY_DATA(a), KRB5_KEY_DATA(b), KRB5_KEY_LENGTH(a)) != 0) - return false; - return true; -} - -static krb5_error_code copy_one_entry(krb5_context context, - krb5_keytab src_keytab, - krb5_keytab dst_keytab, - krb5_keytab_entry entry) -{ - krb5_error_code ret; - krb5_keytab_entry dummy; - - char *name_str; - char *etype_str; - ret = krb5_unparse_name (context, entry.principal, &name_str); - if(ret) { - krb5_set_error_message(context, ret, "krb5_unparse_name"); - name_str = NULL; /* XXX */ - return ret; - } - ret = smb_krb5_enctype_to_string(context, - KRB5_KEY_TYPE(KRB5_KT_KEY(&entry)), - &etype_str); - if(ret) { - krb5_free_unparsed_name(context, name_str); - krb5_set_error_message(context, ret, "krb5_enctype_to_string"); - etype_str = NULL; /* XXX */ - return ret; - } - ret = krb5_kt_get_entry(context, dst_keytab, - entry.principal, - entry.vno, - KRB5_KEY_TYPE(KRB5_KT_KEY(&entry)), - &dummy); - if(ret == 0) { - /* this entry is already in the new keytab, so no need to - copy it; if the keyblocks are not the same, something - is weird, so complain about that */ - if (!compare_keyblock(KRB5_KT_KEY(&entry), KRB5_KT_KEY(&dummy))) { - DEBUG(2, ("copy_one_entry: entry with different keyvalue " - "already exists for %s, keytype %s, kvno %d", - name_str, etype_str, entry.vno)); - } - krb5_kt_free_entry(context, &dummy); - krb5_kt_free_entry (context, &entry); - free(name_str); - free(etype_str); - return ret; - } else if(ret != KRB5_KT_NOTFOUND) { - krb5_set_error_message (context, ret, "fetching %s/%s/%u", - name_str, etype_str, entry.vno); - krb5_kt_free_entry (context, &entry); - free(name_str); - free(etype_str); - return ret; - } - ret = krb5_kt_add_entry (context, dst_keytab, &entry); - krb5_kt_free_entry (context, &entry); - if (ret) { - krb5_set_error_message (context, ret, "adding %s/%s/%u", - name_str, etype_str, entry.vno); - free(name_str); - free(etype_str); - return ret; - } - free(name_str); - free(etype_str); - return ret; -} - -krb5_error_code kt_copy(krb5_context context, const char *from, const char *to) -{ - krb5_error_code ret; - krb5_keytab src_keytab, dst_keytab; - krb5_kt_cursor cursor; - krb5_keytab_entry entry; - - ret = krb5_kt_resolve (context, from, &src_keytab); - if (ret) { - krb5_set_error_message (context, ret, "resolving src keytab `%s'", from); - return ret; - } - - ret = krb5_kt_resolve (context, to, &dst_keytab); - if (ret) { - krb5_kt_close (context, src_keytab); - krb5_set_error_message (context, ret, "resolving dst keytab `%s'", to); - return ret; - } - - ret = krb5_kt_start_seq_get (context, src_keytab, &cursor); - if (ret) { - krb5_set_error_message (context, ret, "krb5_kt_start_seq_get %s", from); - goto out; - } - - while((ret = krb5_kt_next_entry(context, src_keytab, - &entry, &cursor)) == 0) { - ret = copy_one_entry(context, src_keytab, dst_keytab, entry); - if (ret) { - break; - } - } - krb5_kt_end_seq_get (context, src_keytab, &cursor); - - out: - krb5_kt_close (context, src_keytab); - krb5_kt_close (context, dst_keytab); - if (ret == KRB5_KT_END) { - return 0; - } else if (ret == 0) { - return EINVAL; - } - return ret; -} - -krb5_error_code kt_copy_one_principal(krb5_context context, - const char *from, - const char *to, - const char *principal, - krb5_kvno kvno, - const krb5_enctype *enctypes) -{ - krb5_error_code ret; - krb5_keytab src_keytab, dst_keytab; - krb5_keytab_entry entry; - krb5_principal princ; - int i; - bool found_one = false; - - ret = krb5_parse_name (context, principal, &princ); - if(ret) { - krb5_set_error_message(context, ret, "krb5_unparse_name"); - return ret; - } - - ret = krb5_kt_resolve (context, from, &src_keytab); - if (ret) { - krb5_free_principal(context, princ); - krb5_set_error_message(context, ret, "resolving src keytab `%s'", from); - return ret; - } - - ret = krb5_kt_resolve (context, to, &dst_keytab); - if (ret) { - krb5_free_principal(context, princ); - krb5_kt_close (context, src_keytab); - krb5_set_error_message(context, ret, "resolving dst keytab `%s'", to); - return ret; - } - - for (i=0; enctypes[i]; i++) { - ret = krb5_kt_get_entry(context, src_keytab, - princ, - kvno, - enctypes[i], - &entry); - if (ret == KRB5_KT_NOTFOUND) { - continue; - } else if (ret) { - break; - } - found_one = true; - ret = copy_one_entry(context, src_keytab, dst_keytab, entry); - if (ret) { - break; - } - } - if (ret == KRB5_KT_NOTFOUND) { - if (!found_one) { - char *princ_string; - int ret2 = krb5_unparse_name (context, princ, &princ_string); - if (ret2) { - krb5_set_error_message(context, ret, - "failed to fetch principal %s", - princ_string); - } - } else { - /* Not finding an enc type is not an error, - * as long as we copied one for the principal */ - ret = 0; - } - } - - krb5_free_principal(context, princ); - krb5_kt_close (context, src_keytab); - krb5_kt_close (context, dst_keytab); - return ret; -} - #if !defined(HAVE_KRB5_KT_COMPARE) krb5_boolean smb_krb5_kt_compare(krb5_context context, krb5_keytab_entry *entry, @@ -259,4 +63,3 @@ krb5_boolean smb_krb5_kt_compare(krb5_context context, return true; } #endif - diff --git a/lib/krb5_wrap/krb5_samba.h b/lib/krb5_wrap/krb5_samba.h index 9550447b2c5..01a9806b670 100644 --- a/lib/krb5_wrap/krb5_samba.h +++ b/lib/krb5_wrap/krb5_samba.h @@ -320,16 +320,6 @@ char *smb_get_krb5_error_message(krb5_context context, krb5_error_code code, TALLOC_CTX *mem_ctx); -krb5_error_code kt_copy(krb5_context context, - const char *from, - const char *to); -krb5_error_code kt_copy_one_principal(krb5_context context, - const char *from, - const char *to, - const char *principal, - krb5_kvno kvno, - const krb5_enctype *enctypes); - #if defined(HAVE_KRB5_KT_COMPARE) #define smb_krb5_kt_compare krb5_kt_compare #else |