1 /* $NetBSD: deprecated.c,v 1.1.1.1 2011/04/13 18:15:33 elric Exp $ */ 2 3 /* 4 * Copyright (c) 1997 - 2009 Kungliga Tekniska H�gskolan 5 * (Royal Institute of Technology, Stockholm, Sweden). 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * 3. Neither the name of the Institute nor the names of its contributors 20 * may be used to endorse or promote products derived from this software 21 * without specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33 * SUCH DAMAGE. 34 */ 35 36 #define KRB5_DEPRECATED 37 38 #include "krb5_locl.h" 39 40 #undef __attribute__ 41 #define __attribute__(x) 42 43 #ifndef HEIMDAL_SMALLER 44 45 /** 46 * Same as krb5_data_free(). MIT compat. 47 * 48 * Deprecated: use krb5_data_free(). 49 * 50 * @param context Kerberos 5 context. 51 * @param data krb5_data to free. 52 * 53 * @ingroup krb5_deprecated 54 */ 55 56 KRB5_DEPRECATED 57 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 58 krb5_free_data_contents(krb5_context context, krb5_data *data) 59 { 60 krb5_data_free(data); 61 } 62 63 /** 64 * Deprecated: keytypes doesn't exists, they are really enctypes. 65 * 66 * @ingroup krb5_deprecated 67 */ 68 69 KRB5_DEPRECATED 70 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 71 krb5_keytype_to_enctypes_default (krb5_context context, 72 krb5_keytype keytype, 73 unsigned *len, 74 krb5_enctype **val) 75 { 76 unsigned int i, n; 77 krb5_enctype *ret; 78 79 if (keytype != KEYTYPE_DES || context->etypes_des == NULL) 80 return krb5_keytype_to_enctypes (context, keytype, len, val); 81 82 for (n = 0; context->etypes_des[n]; ++n) 83 ; 84 ret = malloc (n * sizeof(*ret)); 85 if (ret == NULL && n != 0) { 86 krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", "")); 87 return ENOMEM; 88 } 89 for (i = 0; i < n; ++i) 90 ret[i] = context->etypes_des[i]; 91 *len = n; 92 *val = ret; 93 return 0; 94 } 95 96 97 static struct { 98 const char *name; 99 krb5_keytype type; 100 } keys[] = { 101 { "null", ENCTYPE_NULL }, 102 { "des", ETYPE_DES_CBC_CRC }, 103 { "des3", ETYPE_OLD_DES3_CBC_SHA1 }, 104 { "aes-128", ETYPE_AES128_CTS_HMAC_SHA1_96 }, 105 { "aes-256", ETYPE_AES256_CTS_HMAC_SHA1_96 }, 106 { "arcfour", ETYPE_ARCFOUR_HMAC_MD5 }, 107 { "arcfour-56", ETYPE_ARCFOUR_HMAC_MD5_56 } 108 }; 109 110 static int num_keys = sizeof(keys) / sizeof(keys[0]); 111 112 /** 113 * Deprecated: keytypes doesn't exists, they are really enctypes in 114 * most cases, use krb5_enctype_to_string(). 115 * 116 * @ingroup krb5_deprecated 117 */ 118 119 KRB5_DEPRECATED 120 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 121 krb5_keytype_to_string(krb5_context context, 122 krb5_keytype keytype, 123 char **string) 124 { 125 const char *name; 126 int i; 127 128 for(i = 0; i < num_keys; i++) { 129 if(keys[i].type == keytype) { 130 name = keys[i].name; 131 break; 132 } 133 } 134 135 if(i >= num_keys) { 136 krb5_set_error_message(context, KRB5_PROG_KEYTYPE_NOSUPP, 137 "key type %d not supported", keytype); 138 return KRB5_PROG_KEYTYPE_NOSUPP; 139 } 140 *string = strdup(name); 141 if(*string == NULL) { 142 krb5_set_error_message(context, ENOMEM, 143 N_("malloc: out of memory", "")); 144 return ENOMEM; 145 } 146 return 0; 147 } 148 149 /** 150 * Deprecated: keytypes doesn't exists, they are really enctypes in 151 * most cases, use krb5_string_to_enctype(). 152 * 153 * @ingroup krb5_deprecated 154 */ 155 156 KRB5_DEPRECATED 157 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 158 krb5_string_to_keytype(krb5_context context, 159 const char *string, 160 krb5_keytype *keytype) 161 { 162 char *end; 163 int i; 164 165 for(i = 0; i < num_keys; i++) 166 if(strcasecmp(keys[i].name, string) == 0){ 167 *keytype = keys[i].type; 168 return 0; 169 } 170 171 /* check if the enctype is a number */ 172 *keytype = strtol(string, &end, 0); 173 if(*end == '\0' && *keytype != 0) { 174 if (krb5_enctype_valid(context, *keytype) == 0) 175 return 0; 176 } 177 178 krb5_set_error_message(context, KRB5_PROG_KEYTYPE_NOSUPP, 179 "key type %s not supported", string); 180 return KRB5_PROG_KEYTYPE_NOSUPP; 181 } 182 183 /** 184 * Deprecated: use krb5_get_init_creds() and friends. 185 * 186 * @ingroup krb5_deprecated 187 */ 188 189 KRB5_DEPRECATED 190 KRB5_LIB_FUNCTION krb5_error_code KRB5_CALLCONV 191 krb5_password_key_proc (krb5_context context, 192 krb5_enctype type, 193 krb5_salt salt, 194 krb5_const_pointer keyseed, 195 krb5_keyblock **key) 196 { 197 krb5_error_code ret; 198 const char *password = (const char *)keyseed; 199 char buf[BUFSIZ]; 200 201 *key = malloc (sizeof (**key)); 202 if (*key == NULL) { 203 krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); 204 return ENOMEM; 205 } 206 if (password == NULL) { 207 if(UI_UTIL_read_pw_string (buf, sizeof(buf), "Password: ", 0)) { 208 free (*key); 209 krb5_clear_error_message(context); 210 return KRB5_LIBOS_PWDINTR; 211 } 212 password = buf; 213 } 214 ret = krb5_string_to_key_salt (context, type, password, salt, *key); 215 memset (buf, 0, sizeof(buf)); 216 return ret; 217 } 218 219 /** 220 * Deprecated: use krb5_get_init_creds() and friends. 221 * 222 * @ingroup krb5_deprecated 223 */ 224 225 KRB5_DEPRECATED 226 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 227 krb5_get_in_tkt_with_password (krb5_context context, 228 krb5_flags options, 229 krb5_addresses *addrs, 230 const krb5_enctype *etypes, 231 const krb5_preauthtype *pre_auth_types, 232 const char *password, 233 krb5_ccache ccache, 234 krb5_creds *creds, 235 krb5_kdc_rep *ret_as_reply) 236 { 237 return krb5_get_in_tkt (context, 238 options, 239 addrs, 240 etypes, 241 pre_auth_types, 242 krb5_password_key_proc, 243 password, 244 NULL, 245 NULL, 246 creds, 247 ccache, 248 ret_as_reply); 249 } 250 251 static krb5_error_code KRB5_CALLCONV 252 krb5_skey_key_proc (krb5_context context, 253 krb5_enctype type, 254 krb5_salt salt, 255 krb5_const_pointer keyseed, 256 krb5_keyblock **key) 257 { 258 return krb5_copy_keyblock (context, keyseed, key); 259 } 260 261 /** 262 * Deprecated: use krb5_get_init_creds() and friends. 263 * 264 * @ingroup krb5_deprecated 265 */ 266 267 KRB5_DEPRECATED 268 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 269 krb5_get_in_tkt_with_skey (krb5_context context, 270 krb5_flags options, 271 krb5_addresses *addrs, 272 const krb5_enctype *etypes, 273 const krb5_preauthtype *pre_auth_types, 274 const krb5_keyblock *key, 275 krb5_ccache ccache, 276 krb5_creds *creds, 277 krb5_kdc_rep *ret_as_reply) 278 { 279 if(key == NULL) 280 return krb5_get_in_tkt_with_keytab (context, 281 options, 282 addrs, 283 etypes, 284 pre_auth_types, 285 NULL, 286 ccache, 287 creds, 288 ret_as_reply); 289 else 290 return krb5_get_in_tkt (context, 291 options, 292 addrs, 293 etypes, 294 pre_auth_types, 295 krb5_skey_key_proc, 296 key, 297 NULL, 298 NULL, 299 creds, 300 ccache, 301 ret_as_reply); 302 } 303 304 /** 305 * Deprecated: use krb5_get_init_creds() and friends. 306 * 307 * @ingroup krb5_deprecated 308 */ 309 310 KRB5_DEPRECATED 311 KRB5_LIB_FUNCTION krb5_error_code KRB5_CALLCONV 312 krb5_keytab_key_proc (krb5_context context, 313 krb5_enctype enctype, 314 krb5_salt salt, 315 krb5_const_pointer keyseed, 316 krb5_keyblock **key) 317 { 318 krb5_keytab_key_proc_args *args = rk_UNCONST(keyseed); 319 krb5_keytab keytab = args->keytab; 320 krb5_principal principal = args->principal; 321 krb5_error_code ret; 322 krb5_keytab real_keytab; 323 krb5_keytab_entry entry; 324 325 if(keytab == NULL) 326 krb5_kt_default(context, &real_keytab); 327 else 328 real_keytab = keytab; 329 330 ret = krb5_kt_get_entry (context, real_keytab, principal, 331 0, enctype, &entry); 332 333 if (keytab == NULL) 334 krb5_kt_close (context, real_keytab); 335 336 if (ret) 337 return ret; 338 339 ret = krb5_copy_keyblock (context, &entry.keyblock, key); 340 krb5_kt_free_entry(context, &entry); 341 return ret; 342 } 343 344 /** 345 * Deprecated: use krb5_get_init_creds() and friends. 346 * 347 * @ingroup krb5_deprecated 348 */ 349 350 KRB5_DEPRECATED 351 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 352 krb5_get_in_tkt_with_keytab (krb5_context context, 353 krb5_flags options, 354 krb5_addresses *addrs, 355 const krb5_enctype *etypes, 356 const krb5_preauthtype *pre_auth_types, 357 krb5_keytab keytab, 358 krb5_ccache ccache, 359 krb5_creds *creds, 360 krb5_kdc_rep *ret_as_reply) 361 { 362 krb5_keytab_key_proc_args a; 363 364 a.principal = creds->client; 365 a.keytab = keytab; 366 367 return krb5_get_in_tkt (context, 368 options, 369 addrs, 370 etypes, 371 pre_auth_types, 372 krb5_keytab_key_proc, 373 &a, 374 NULL, 375 NULL, 376 creds, 377 ccache, 378 ret_as_reply); 379 } 380 381 /** 382 * Generate a new ccache of type `ops' in `id'. 383 * 384 * Deprecated: use krb5_cc_new_unique() instead. 385 * 386 * @return Return an error code or 0, see krb5_get_error_message(). 387 * 388 * @ingroup krb5_ccache 389 */ 390 391 392 KRB5_DEPRECATED 393 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 394 krb5_cc_gen_new(krb5_context context, 395 const krb5_cc_ops *ops, 396 krb5_ccache *id) 397 { 398 return krb5_cc_new_unique(context, ops->prefix, NULL, id); 399 } 400 401 /** 402 * Deprecated: use krb5_principal_get_realm() 403 * 404 * @ingroup krb5_deprecated 405 */ 406 407 KRB5_DEPRECATED 408 KRB5_LIB_FUNCTION krb5_realm * KRB5_LIB_CALL 409 krb5_princ_realm(krb5_context context, 410 krb5_principal principal) 411 { 412 return &principal->realm; 413 } 414 415 416 /** 417 * Deprecated: use krb5_principal_set_realm() 418 * 419 * @ingroup krb5_deprecated 420 */ 421 422 KRB5_DEPRECATED 423 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 424 krb5_princ_set_realm(krb5_context context, 425 krb5_principal principal, 426 krb5_realm *realm) 427 { 428 principal->realm = *realm; 429 } 430 431 /** 432 * Deprecated: use krb5_free_cred_contents() 433 * 434 * @ingroup krb5_deprecated 435 */ 436 437 /* keep this for compatibility with older code */ 438 KRB5_DEPRECATED 439 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 440 krb5_free_creds_contents (krb5_context context, krb5_creds *c) 441 { 442 return krb5_free_cred_contents (context, c); 443 } 444 445 /** 446 * Free the error message returned by krb5_get_error_string(). 447 * 448 * Deprecated: use krb5_free_error_message() 449 * 450 * @param context Kerberos context 451 * @param str error message to free 452 * 453 * @ingroup krb5_deprecated 454 */ 455 456 KRB5_DEPRECATED 457 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 458 krb5_free_error_string(krb5_context context, char *str) 459 { 460 krb5_free_error_message(context, str); 461 } 462 463 /** 464 * Set the error message returned by krb5_get_error_string(). 465 * 466 * Deprecated: use krb5_get_error_message() 467 * 468 * @param context Kerberos context 469 * @param fmt error message to free 470 * 471 * @return Return an error code or 0. 472 * 473 * @ingroup krb5_deprecated 474 */ 475 476 KRB5_DEPRECATED 477 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 478 krb5_set_error_string(krb5_context context, const char *fmt, ...) 479 __attribute__((format (printf, 2, 3))) 480 { 481 va_list ap; 482 483 va_start(ap, fmt); 484 krb5_vset_error_message (context, 0, fmt, ap); 485 va_end(ap); 486 return 0; 487 } 488 489 /** 490 * Set the error message returned by krb5_get_error_string(), 491 * deprecated, use krb5_set_error_message(). 492 * 493 * Deprecated: use krb5_vset_error_message() 494 * 495 * @param context Kerberos context 496 * @param msg error message to free 497 * 498 * @return Return an error code or 0. 499 * 500 * @ingroup krb5_deprecated 501 */ 502 503 KRB5_DEPRECATED 504 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 505 krb5_vset_error_string(krb5_context context, const char *fmt, va_list args) 506 __attribute__ ((format (printf, 2, 0))) 507 { 508 krb5_vset_error_message(context, 0, fmt, args); 509 return 0; 510 } 511 512 /** 513 * Clear the error message returned by krb5_get_error_string(). 514 * 515 * Deprecated: use krb5_clear_error_message() 516 * 517 * @param context Kerberos context 518 * 519 * @ingroup krb5_deprecated 520 */ 521 522 KRB5_DEPRECATED 523 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 524 krb5_clear_error_string(krb5_context context) 525 { 526 krb5_clear_error_message(context); 527 } 528 529 /** 530 * Deprecated: use krb5_get_credentials_with_flags(). 531 * 532 * @ingroup krb5_deprecated 533 */ 534 535 KRB5_DEPRECATED 536 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 537 krb5_get_cred_from_kdc_opt(krb5_context context, 538 krb5_ccache ccache, 539 krb5_creds *in_creds, 540 krb5_creds **out_creds, 541 krb5_creds ***ret_tgts, 542 krb5_flags flags) 543 { 544 krb5_kdc_flags f; 545 f.i = flags; 546 return _krb5_get_cred_kdc_any(context, f, ccache, 547 in_creds, NULL, NULL, 548 out_creds, ret_tgts); 549 } 550 551 /** 552 * Deprecated: use krb5_get_credentials_with_flags(). 553 * 554 * @ingroup krb5_deprecated 555 */ 556 557 KRB5_DEPRECATED 558 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 559 krb5_get_cred_from_kdc(krb5_context context, 560 krb5_ccache ccache, 561 krb5_creds *in_creds, 562 krb5_creds **out_creds, 563 krb5_creds ***ret_tgts) 564 { 565 return krb5_get_cred_from_kdc_opt(context, ccache, 566 in_creds, out_creds, ret_tgts, 0); 567 } 568 569 /** 570 * Deprecated: use krb5_xfree(). 571 * 572 * @ingroup krb5_deprecated 573 */ 574 575 KRB5_DEPRECATED 576 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 577 krb5_free_unparsed_name(krb5_context context, char *str) 578 { 579 krb5_xfree(str); 580 } 581 582 /** 583 * Deprecated: use krb5_generate_subkey_extended() 584 * 585 * @ingroup krb5_deprecated 586 */ 587 588 KRB5_DEPRECATED 589 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 590 krb5_generate_subkey(krb5_context context, 591 const krb5_keyblock *key, 592 krb5_keyblock **subkey) 593 { 594 return krb5_generate_subkey_extended(context, key, ETYPE_NULL, subkey); 595 } 596 597 /** 598 * Deprecated: use krb5_auth_con_getremoteseqnumber() 599 * 600 * @ingroup krb5_deprecated 601 */ 602 603 KRB5_DEPRECATED 604 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 605 krb5_auth_getremoteseqnumber(krb5_context context, 606 krb5_auth_context auth_context, 607 int32_t *seqnumber) 608 { 609 *seqnumber = auth_context->remote_seqnumber; 610 return 0; 611 } 612 613 #endif /* HEIMDAL_SMALLER */ 614