2 * Copyright (c) 1997 - 2009 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
35 /* For some GCCs there's no way to shut them up about deprecated functions */
36 #define KRB5_DEPRECATED_FUNCTION(x)
39 #include "krb5_locl.h"
43 #define __attribute__(x)
45 #ifndef HEIMDAL_SMALLER
48 * Same as krb5_data_free(). MIT compat.
50 * Deprecated: use krb5_data_free().
52 * @param context Kerberos 5 context.
53 * @param data krb5_data to free.
55 * @ingroup krb5_deprecated
58 KRB5_LIB_FUNCTION
void KRB5_LIB_CALL
59 krb5_free_data_contents(krb5_context context
, krb5_data
*data
)
60 KRB5_DEPRECATED_FUNCTION("Use X instead")
66 * Deprecated: keytypes doesn't exists, they are really enctypes.
68 * @ingroup krb5_deprecated
71 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
72 krb5_keytype_to_enctypes_default (krb5_context context
,
76 KRB5_DEPRECATED_FUNCTION("Use X instead")
81 if (keytype
!= (krb5_keytype
)KEYTYPE_DES
|| context
->etypes_des
== NULL
)
82 return krb5_keytype_to_enctypes (context
, keytype
, len
, val
);
84 for (n
= 0; context
->etypes_des
[n
]; ++n
)
86 ret
= malloc (n
* sizeof(*ret
));
87 if (ret
== NULL
&& n
!= 0)
88 return krb5_enomem(context
);
89 for (i
= 0; i
< n
; ++i
)
90 ret
[i
] = context
->etypes_des
[i
];
101 { "null", KRB5_ENCTYPE_NULL
},
102 { "des", KRB5_ENCTYPE_DES_CBC_CRC
},
103 { "des3", KRB5_ENCTYPE_OLD_DES3_CBC_SHA1
},
104 { "aes-128", KRB5_ENCTYPE_AES128_CTS_HMAC_SHA1_96
},
105 { "aes-256", KRB5_ENCTYPE_AES256_CTS_HMAC_SHA1_96
},
106 { "arcfour", KRB5_ENCTYPE_ARCFOUR_HMAC_MD5
},
107 { "arcfour-56", KRB5_ENCTYPE_ARCFOUR_HMAC_MD5_56
}
110 static int num_keys
= sizeof(keys
) / sizeof(keys
[0]);
113 * Deprecated: keytypes doesn't exists, they are really enctypes in
114 * most cases, use krb5_enctype_to_string().
116 * @ingroup krb5_deprecated
119 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
120 krb5_keytype_to_string(krb5_context context
,
121 krb5_keytype keytype
,
123 KRB5_DEPRECATED_FUNCTION("Use X instead")
125 const char *name
= NULL
;
128 for(i
= 0; i
< num_keys
; i
++) {
129 if(keys
[i
].type
== keytype
) {
136 krb5_set_error_message(context
, KRB5_PROG_KEYTYPE_NOSUPP
,
137 "key type %d not supported", keytype
);
138 return KRB5_PROG_KEYTYPE_NOSUPP
;
140 *string
= strdup(name
);
142 return krb5_enomem(context
);
147 * Deprecated: keytypes doesn't exists, they are really enctypes in
148 * most cases, use krb5_string_to_enctype().
150 * @ingroup krb5_deprecated
153 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
154 krb5_string_to_keytype(krb5_context context
,
156 krb5_keytype
*keytype
)
157 KRB5_DEPRECATED_FUNCTION("Use X instead")
162 for(i
= 0; i
< num_keys
; i
++)
163 if(strcasecmp(keys
[i
].name
, string
) == 0){
164 *keytype
= keys
[i
].type
;
168 /* check if the enctype is a number */
169 *keytype
= strtol(string
, &end
, 0);
170 if(*end
== '\0' && *keytype
!= 0) {
171 if (krb5_enctype_valid(context
, *keytype
) == 0)
175 krb5_set_error_message(context
, KRB5_PROG_KEYTYPE_NOSUPP
,
176 "key type %s not supported", string
);
177 return KRB5_PROG_KEYTYPE_NOSUPP
;
181 * Deprecated: use krb5_get_init_creds() and friends.
183 * @ingroup krb5_deprecated
186 KRB5_LIB_FUNCTION krb5_error_code KRB5_CALLCONV
187 krb5_password_key_proc (krb5_context context
,
190 krb5_const_pointer keyseed
,
192 KRB5_DEPRECATED_FUNCTION("Use X instead")
195 const char *password
= (const char *)keyseed
;
198 *key
= malloc (sizeof (**key
));
200 return krb5_enomem(context
);
201 if (password
== NULL
) {
202 if(UI_UTIL_read_pw_string (buf
, sizeof(buf
), "Password: ", 0)) {
204 krb5_clear_error_message(context
);
205 return KRB5_LIBOS_PWDINTR
;
209 ret
= krb5_string_to_key_salt (context
, type
, password
, salt
, *key
);
210 memset (buf
, 0, sizeof(buf
));
215 * Deprecated: use krb5_get_init_creds() and friends.
217 * @ingroup krb5_deprecated
220 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
221 krb5_get_in_tkt_with_password (krb5_context context
,
223 krb5_addresses
*addrs
,
224 const krb5_enctype
*etypes
,
225 const krb5_preauthtype
*pre_auth_types
,
226 const char *password
,
229 krb5_kdc_rep
*ret_as_reply
)
230 KRB5_DEPRECATED_FUNCTION("Use X instead")
232 return krb5_get_in_tkt (context
,
237 krb5_password_key_proc
,
246 static krb5_error_code KRB5_CALLCONV
247 krb5_skey_key_proc (krb5_context context
,
250 krb5_const_pointer keyseed
,
253 return krb5_copy_keyblock (context
, keyseed
, key
);
257 * Deprecated: use krb5_get_init_creds() and friends.
259 * @ingroup krb5_deprecated
262 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
263 krb5_get_in_tkt_with_skey (krb5_context context
,
265 krb5_addresses
*addrs
,
266 const krb5_enctype
*etypes
,
267 const krb5_preauthtype
*pre_auth_types
,
268 const krb5_keyblock
*key
,
271 krb5_kdc_rep
*ret_as_reply
)
272 KRB5_DEPRECATED_FUNCTION("Use X instead")
275 return krb5_get_in_tkt_with_keytab (context
,
285 return krb5_get_in_tkt (context
,
300 * Deprecated: use krb5_get_init_creds() and friends.
302 * @ingroup krb5_deprecated
305 KRB5_LIB_FUNCTION krb5_error_code KRB5_CALLCONV
306 krb5_keytab_key_proc (krb5_context context
,
307 krb5_enctype enctype
,
309 krb5_const_pointer keyseed
,
311 KRB5_DEPRECATED_FUNCTION("Use X instead")
313 krb5_keytab_key_proc_args
*args
= rk_UNCONST(keyseed
);
314 krb5_keytab keytab
= args
->keytab
;
315 krb5_principal principal
= args
->principal
;
317 krb5_keytab real_keytab
;
318 krb5_keytab_entry entry
;
321 krb5_kt_default(context
, &real_keytab
);
323 real_keytab
= keytab
;
325 ret
= krb5_kt_get_entry (context
, real_keytab
, principal
,
329 krb5_kt_close (context
, real_keytab
);
334 ret
= krb5_copy_keyblock (context
, &entry
.keyblock
, key
);
335 krb5_kt_free_entry(context
, &entry
);
340 * Deprecated: use krb5_get_init_creds() and friends.
342 * @ingroup krb5_deprecated
345 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
346 krb5_get_in_tkt_with_keytab (krb5_context context
,
348 krb5_addresses
*addrs
,
349 const krb5_enctype
*etypes
,
350 const krb5_preauthtype
*pre_auth_types
,
354 krb5_kdc_rep
*ret_as_reply
)
355 KRB5_DEPRECATED_FUNCTION("Use X instead")
357 krb5_keytab_key_proc_args a
;
359 a
.principal
= creds
->client
;
362 return krb5_get_in_tkt (context
,
367 krb5_keytab_key_proc
,
377 * Generate a new ccache of type `ops' in `id'.
379 * Deprecated: use krb5_cc_new_unique() instead.
381 * @return Return an error code or 0, see krb5_get_error_message().
383 * @ingroup krb5_ccache
387 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
388 krb5_cc_gen_new(krb5_context context
,
389 const krb5_cc_ops
*ops
,
391 KRB5_DEPRECATED_FUNCTION("Use X instead")
393 return krb5_cc_new_unique(context
, ops
->prefix
, NULL
, id
);
397 * Deprecated: use krb5_principal_get_realm()
399 * @ingroup krb5_deprecated
402 KRB5_LIB_FUNCTION krb5_realm
* KRB5_LIB_CALL
403 krb5_princ_realm(krb5_context context
,
404 krb5_principal principal
)
405 KRB5_DEPRECATED_FUNCTION("Use X instead")
407 return &principal
->realm
;
412 * Deprecated: use krb5_principal_set_realm()
414 * @ingroup krb5_deprecated
417 KRB5_LIB_FUNCTION
void KRB5_LIB_CALL
418 krb5_princ_set_realm(krb5_context context
,
419 krb5_principal principal
,
421 KRB5_DEPRECATED_FUNCTION("Use X instead")
423 principal
->realm
= *realm
;
427 * Deprecated: use krb5_free_cred_contents()
429 * @ingroup krb5_deprecated
432 /* keep this for compatibility with older code */
433 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
434 krb5_free_creds_contents (krb5_context context
, krb5_creds
*c
)
435 KRB5_DEPRECATED_FUNCTION("Use X instead")
437 return krb5_free_cred_contents (context
, c
);
441 * Free the error message returned by krb5_get_error_string().
443 * Deprecated: use krb5_free_error_message()
445 * @param context Kerberos context
446 * @param str error message to free
448 * @ingroup krb5_deprecated
451 KRB5_LIB_FUNCTION
void KRB5_LIB_CALL
452 krb5_free_error_string(krb5_context context
, char *str
)
453 KRB5_DEPRECATED_FUNCTION("Use X instead")
455 krb5_free_error_message(context
, str
);
459 * Set the error message returned by krb5_get_error_string().
461 * Deprecated: use krb5_get_error_message()
463 * @param context Kerberos context
464 * @param fmt error message to free
466 * @return Return an error code or 0.
468 * @ingroup krb5_deprecated
471 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
472 krb5_set_error_string(krb5_context context
, const char *fmt
, ...)
473 __attribute__((format (printf
, 2, 3)))
474 KRB5_DEPRECATED_FUNCTION("Use X instead")
479 krb5_vset_error_message (context
, 0, fmt
, ap
);
485 * Set the error message returned by krb5_get_error_string(),
486 * deprecated, use krb5_set_error_message().
488 * Deprecated: use krb5_vset_error_message()
490 * @param context Kerberos context
491 * @param msg error message to free
493 * @return Return an error code or 0.
495 * @ingroup krb5_deprecated
498 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
499 krb5_vset_error_string(krb5_context context
, const char *fmt
, va_list args
)
500 __attribute__ ((format (printf
, 2, 0)))
501 KRB5_DEPRECATED_FUNCTION("Use X instead")
503 krb5_vset_error_message(context
, 0, fmt
, args
);
508 * Clear the error message returned by krb5_get_error_string().
510 * Deprecated: use krb5_clear_error_message()
512 * @param context Kerberos context
514 * @ingroup krb5_deprecated
517 KRB5_LIB_FUNCTION
void KRB5_LIB_CALL
518 krb5_clear_error_string(krb5_context context
)
519 KRB5_DEPRECATED_FUNCTION("Use X instead")
521 krb5_clear_error_message(context
);
525 * Deprecated: use krb5_get_credentials_with_flags().
527 * @ingroup krb5_deprecated
530 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
531 krb5_get_cred_from_kdc_opt(krb5_context context
,
533 krb5_creds
*in_creds
,
534 krb5_creds
**out_creds
,
535 krb5_creds
***ret_tgts
,
537 KRB5_DEPRECATED_FUNCTION("Use X instead")
541 return _krb5_get_cred_kdc_any(context
, f
, ccache
,
542 in_creds
, NULL
, NULL
,
543 out_creds
, ret_tgts
);
547 * Deprecated: use krb5_get_credentials_with_flags().
549 * @ingroup krb5_deprecated
552 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
553 krb5_get_cred_from_kdc(krb5_context context
,
555 krb5_creds
*in_creds
,
556 krb5_creds
**out_creds
,
557 krb5_creds
***ret_tgts
)
558 KRB5_DEPRECATED_FUNCTION("Use X instead")
560 return krb5_get_cred_from_kdc_opt(context
, ccache
,
561 in_creds
, out_creds
, ret_tgts
, 0);
565 * Deprecated: use krb5_xfree().
567 * @ingroup krb5_deprecated
570 KRB5_LIB_FUNCTION
void KRB5_LIB_CALL
571 krb5_free_unparsed_name(krb5_context context
, char *str
)
572 KRB5_DEPRECATED_FUNCTION("Use X instead")
578 * Deprecated: use krb5_generate_subkey_extended()
580 * @ingroup krb5_deprecated
583 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
584 krb5_generate_subkey(krb5_context context
,
585 const krb5_keyblock
*key
,
586 krb5_keyblock
**subkey
)
587 KRB5_DEPRECATED_FUNCTION("Use X instead")
589 return krb5_generate_subkey_extended(context
, key
, ETYPE_NULL
, subkey
);
593 * Deprecated: use krb5_auth_con_getremoteseqnumber()
595 * @ingroup krb5_deprecated
598 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
599 krb5_auth_getremoteseqnumber(krb5_context context
,
600 krb5_auth_context auth_context
,
602 KRB5_DEPRECATED_FUNCTION("Use X instead")
604 *seqnumber
= auth_context
->remote_seqnumber
;
609 * Return the error message in context. On error or no error string,
610 * the function returns NULL.
612 * @param context Kerberos 5 context
614 * @return an error string, needs to be freed with
615 * krb5_free_error_message(). The functions return NULL on error.
617 * @ingroup krb5_error
620 KRB5_LIB_FUNCTION
char * KRB5_LIB_CALL
621 krb5_get_error_string(krb5_context context
)
622 KRB5_DEPRECATED_FUNCTION("Use krb5_get_error_message instead")
626 HEIMDAL_MUTEX_lock(context
->mutex
);
627 if (context
->error_string
)
628 ret
= strdup(context
->error_string
);
629 HEIMDAL_MUTEX_unlock(context
->mutex
);
633 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
634 krb5_have_error_string(krb5_context context
)
635 KRB5_DEPRECATED_FUNCTION("Use krb5_get_error_message instead")
638 HEIMDAL_MUTEX_lock(context
->mutex
);
639 str
= context
->error_string
;
640 HEIMDAL_MUTEX_unlock(context
->mutex
);
645 krb5_send_to_kdc_func func
;
650 * Send the data `send' to one host from `handle` and get back the reply
654 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
655 krb5_sendto (krb5_context context
,
656 const krb5_data
*send_data
,
657 krb5_krbhst_handle handle
,
663 ret
= krb5_sendto_ctx_alloc(context
, &ctx
);
666 _krb5_sendto_ctx_set_krb5hst(context
, ctx
, handle
);
668 ret
= krb5_sendto_context(context
, ctx
, send_data
, (char *)_krb5_krbhst_get_realm(handle
), receive
);
669 krb5_sendto_ctx_free(context
, ctx
);
673 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
674 krb5_sendto_kdc(krb5_context context
,
675 const krb5_data
*send_data
,
676 const krb5_realm
*realm
,
679 return krb5_sendto_kdc_flags(context
, send_data
, realm
, receive
, 0);
682 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
683 krb5_sendto_kdc_flags(krb5_context context
,
684 const krb5_data
*send_data
,
685 const krb5_realm
*realm
,
692 ret
= krb5_sendto_ctx_alloc(context
, &ctx
);
695 krb5_sendto_ctx_add_flags(ctx
, flags
);
696 krb5_sendto_ctx_set_func(ctx
, _krb5_kdc_retry
, NULL
);
698 ret
= krb5_sendto_context(context
, ctx
, send_data
, *realm
, receive
);
699 krb5_sendto_ctx_free(context
, ctx
);
703 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
704 krb5_set_send_to_kdc_func(krb5_context context
,
705 krb5_send_to_kdc_func func
,
708 free(context
->send_to_kdc
);
710 context
->send_to_kdc
= NULL
;
714 context
->send_to_kdc
= malloc(sizeof(*context
->send_to_kdc
));
715 if (context
->send_to_kdc
== NULL
) {
716 krb5_set_error_message(context
, ENOMEM
,
717 N_("malloc: out of memory", ""));
721 context
->send_to_kdc
->func
= func
;
722 context
->send_to_kdc
->data
= data
;
726 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
727 _krb5_copy_send_to_kdc_func(krb5_context context
, krb5_context to
)
729 if (context
->send_to_kdc
)
730 return krb5_set_send_to_kdc_func(to
,
731 context
->send_to_kdc
->func
,
732 context
->send_to_kdc
->data
);
734 return krb5_set_send_to_kdc_func(to
, NULL
, NULL
);
737 #endif /* HEIMDAL_SMALLER */