search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
move krb5_generate_subkey here and deprecate
[heimdal.git] / lib / krb5 / deprecated.c
blob8c577c922dc04ffd5c5d64eb1822f6672ba3404c
1 /*
2 * Copyright (c) 1997 - 2009 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 *
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34 #define KRB5_DEPRECATED
35
36 #include "krb5_locl.h"
37
38 #undef __attribute__
39 #define __attribute__(x)
40
41 #ifndef HEIMDAL_SMALLER
42
43 /**
44 * Same as krb5_data_free(). MIT compat.
45 *
46 * @param context Kerberos 5 context.
47 * @param data krb5_data to free.
48 *
49 * @ingroup krb5
50 */
51
52 void KRB5_LIB_FUNCTION
53 krb5_free_data_contents(krb5_context context, krb5_data *data)
54 KRB5_DEPRECATED
55 {
56 krb5_data_free(data);
57 }
58
59 /*
60 * First take the configured list of etypes for `keytype' if available,
61 * else, do `krb5_keytype_to_enctypes'.
62 */
63
64 krb5_error_code KRB5_LIB_FUNCTION
65 krb5_keytype_to_enctypes_default (krb5_context context,
66 krb5_keytype keytype,
67 unsigned *len,
68 krb5_enctype **val)
69 KRB5_DEPRECATED
70 {
71 unsigned int i, n;
72 krb5_enctype *ret;
73
74 if (keytype != KEYTYPE_DES || context->etypes_des == NULL)
75 return krb5_keytype_to_enctypes (context, keytype, len, val);
76
77 for (n = 0; context->etypes_des[n]; ++n)
78 ;
79 ret = malloc (n * sizeof(*ret));
80 if (ret == NULL && n != 0) {
81 krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
82 return ENOMEM;
83 }
84 for (i = 0; i < n; ++i)
85 ret[i] = context->etypes_des[i];
86 *len = n;
87 *val = ret;
88 return 0;
89 }
90
91
92 static struct {
93 const char *name;
94 krb5_keytype type;
95 } keys[] = {
96 { "null", ENCTYPE_NULL },
97 { "des", ETYPE_DES_CBC_CRC },
98 { "des3", ETYPE_OLD_DES3_CBC_SHA1 },
99 { "aes-128", ETYPE_AES128_CTS_HMAC_SHA1_96 },
100 { "aes-256", ETYPE_AES256_CTS_HMAC_SHA1_96 },
101 { "arcfour", ETYPE_ARCFOUR_HMAC_MD5 },
102 { "arcfour-56", ETYPE_ARCFOUR_HMAC_MD5_56 }
103 };
104
105 static int num_keys = sizeof(keys) / sizeof(keys[0]);
106
107 krb5_error_code KRB5_LIB_FUNCTION
108 krb5_keytype_to_string(krb5_context context,
109 krb5_keytype keytype,
110 char **string)
111 KRB5_DEPRECATED
112 {
113 const char *name;
114 int i;
115
116 for(i = 0; i < num_keys; i++) {
117 if(keys[i].type == keytype) {
118 name = keys[i].name;
119 break;
120 }
121 }
122
123 if(i >= num_keys) {
124 krb5_set_error_message(context, KRB5_PROG_KEYTYPE_NOSUPP,
125 "key type %d not supported", keytype);
126 return KRB5_PROG_KEYTYPE_NOSUPP;
127 }
128 *string = strdup(name);
129 if(*string == NULL) {
130 krb5_set_error_message(context, ENOMEM,
131 N_("malloc: out of memory", ""));
132 return ENOMEM;
133 }
134 return 0;
135 }
136
137 krb5_error_code KRB5_LIB_FUNCTION
138 krb5_string_to_keytype(krb5_context context,
139 const char *string,
140 krb5_keytype *keytype)
141 KRB5_DEPRECATED
142 {
143 char *end;
144 int i;
145
146 for(i = 0; i < num_keys; i++)
147 if(strcasecmp(keys[i].name, string) == 0){
148 *keytype = keys[i].type;
149 return 0;
150 }
151
152 /* check if the enctype is a number */
153 *keytype = strtol(string, &end, 0);
154 if(*end == '\0' && *keytype != 0) {
155 if (krb5_enctype_valid(context, *keytype) == 0)
156 return 0;
157 }
158
159 krb5_set_error_message(context, KRB5_PROG_KEYTYPE_NOSUPP,
160 "key type %s not supported", string);
161 return KRB5_PROG_KEYTYPE_NOSUPP;
162 }
163
164 krb5_error_code KRB5_LIB_FUNCTION
165 krb5_password_key_proc (krb5_context context,
166 krb5_enctype type,
167 krb5_salt salt,
168 krb5_const_pointer keyseed,
169 krb5_keyblock **key)
170 KRB5_DEPRECATED
171 {
172 krb5_error_code ret;
173 const char *password = (const char *)keyseed;
174 char buf[BUFSIZ];
175
176 *key = malloc (sizeof (**key));
177 if (*key == NULL) {
178 krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
179 return ENOMEM;
180 }
181 if (password == NULL) {
182 if(UI_UTIL_read_pw_string (buf, sizeof(buf), "Password: ", 0)) {
183 free (*key);
184 krb5_clear_error_message(context);
185 return KRB5_LIBOS_PWDINTR;
186 }
187 password = buf;
188 }
189 ret = krb5_string_to_key_salt (context, type, password, salt, *key);
190 memset (buf, 0, sizeof(buf));
191 return ret;
192 }
193
194 krb5_error_code KRB5_LIB_FUNCTION
195 krb5_get_in_tkt_with_password (krb5_context context,
196 krb5_flags options,
197 krb5_addresses *addrs,
198 const krb5_enctype *etypes,
199 const krb5_preauthtype *pre_auth_types,
200 const char *password,
201 krb5_ccache ccache,
202 krb5_creds *creds,
203 krb5_kdc_rep *ret_as_reply)
204 KRB5_DEPRECATED
205 {
206 return krb5_get_in_tkt (context,
207 options,
208 addrs,
209 etypes,
210 pre_auth_types,
211 krb5_password_key_proc,
212 password,
213 NULL,
214 NULL,
215 creds,
216 ccache,
217 ret_as_reply);
218 }
219
220 static krb5_error_code
221 krb5_skey_key_proc (krb5_context context,
222 krb5_enctype type,
223 krb5_salt salt,
224 krb5_const_pointer keyseed,
225 krb5_keyblock **key)
226 {
227 return krb5_copy_keyblock (context, keyseed, key);
228 }
229
230 krb5_error_code KRB5_LIB_FUNCTION
231 krb5_get_in_tkt_with_skey (krb5_context context,
232 krb5_flags options,
233 krb5_addresses *addrs,
234 const krb5_enctype *etypes,
235 const krb5_preauthtype *pre_auth_types,
236 const krb5_keyblock *key,
237 krb5_ccache ccache,
238 krb5_creds *creds,
239 krb5_kdc_rep *ret_as_reply)
240 KRB5_DEPRECATED
241 {
242 if(key == NULL)
243 return krb5_get_in_tkt_with_keytab (context,
244 options,
245 addrs,
246 etypes,
247 pre_auth_types,
248 NULL,
249 ccache,
250 creds,
251 ret_as_reply);
252 else
253 return krb5_get_in_tkt (context,
254 options,
255 addrs,
256 etypes,
257 pre_auth_types,
258 krb5_skey_key_proc,
259 key,
260 NULL,
261 NULL,
262 creds,
263 ccache,
264 ret_as_reply);
265 }
266
267 krb5_error_code KRB5_LIB_FUNCTION
268 krb5_keytab_key_proc (krb5_context context,
269 krb5_enctype enctype,
270 krb5_salt salt,
271 krb5_const_pointer keyseed,
272 krb5_keyblock **key)
273 KRB5_DEPRECATED
274 {
275 krb5_keytab_key_proc_args *args = rk_UNCONST(keyseed);
276 krb5_keytab keytab = args->keytab;
277 krb5_principal principal = args->principal;
278 krb5_error_code ret;
279 krb5_keytab real_keytab;
280 krb5_keytab_entry entry;
281
282 if(keytab == NULL)
283 krb5_kt_default(context, &real_keytab);
284 else
285 real_keytab = keytab;
286
287 ret = krb5_kt_get_entry (context, real_keytab, principal,
288 0, enctype, &entry);
289
290 if (keytab == NULL)
291 krb5_kt_close (context, real_keytab);
292
293 if (ret)
294 return ret;
295
296 ret = krb5_copy_keyblock (context, &entry.keyblock, key);
297 krb5_kt_free_entry(context, &entry);
298 return ret;
299 }
300
301 krb5_error_code KRB5_LIB_FUNCTION
302 krb5_get_in_tkt_with_keytab (krb5_context context,
303 krb5_flags options,
304 krb5_addresses *addrs,
305 const krb5_enctype *etypes,
306 const krb5_preauthtype *pre_auth_types,
307 krb5_keytab keytab,
308 krb5_ccache ccache,
309 krb5_creds *creds,
310 krb5_kdc_rep *ret_as_reply)
311 KRB5_DEPRECATED
312 {
313 krb5_keytab_key_proc_args a;
314
315 a.principal = creds->client;
316 a.keytab = keytab;
317
318 return krb5_get_in_tkt (context,
319 options,
320 addrs,
321 etypes,
322 pre_auth_types,
323 krb5_keytab_key_proc,
324 &a,
325 NULL,
326 NULL,
327 creds,
328 ccache,
329 ret_as_reply);
330 }
331
332 static krb5_boolean
333 convert_func(krb5_context conxtext, void *funcctx, krb5_principal principal)
334 {
335 krb5_boolean (*func)(krb5_context, krb5_principal) = funcctx;
336 return (*func)(conxtext, principal);
337 }
338
339 krb5_error_code KRB5_LIB_FUNCTION
340 krb5_425_conv_principal_ext(krb5_context context,
341 const char *name,
342 const char *instance,
343 const char *realm,
344 krb5_boolean (*func)(krb5_context, krb5_principal),
345 krb5_boolean resolve,
346 krb5_principal *principal)
347 KRB5_DEPRECATED
348 {
349 return krb5_425_conv_principal_ext2(context,
350 name,
351 instance,
352 realm,
353 func ? convert_func : NULL,
354 func,
355 resolve,
356 principal);
357 }
358
359
360 krb5_error_code KRB5_LIB_FUNCTION
361 krb5_425_conv_principal(krb5_context context,
362 const char *name,
363 const char *instance,
364 const char *realm,
365 krb5_principal *princ)
366 KRB5_DEPRECATED
367 {
368 krb5_boolean resolve = krb5_config_get_bool(context,
369 NULL,
370 "libdefaults",
371 "v4_instance_resolve",
372 NULL);
373
374 return krb5_425_conv_principal_ext(context, name, instance, realm,
375 NULL, resolve, princ);
376 }
377
378 /**
379 * Generate a new ccache of type `ops' in `id'.
380 *
381 * Use krb5_cc_new_unique() instead.
382 *
383 * @return Return an error code or 0, see krb5_get_error_message().
384 *
385 * @ingroup krb5_ccache
386 */
387
388
389 krb5_error_code KRB5_LIB_FUNCTION
390 krb5_cc_gen_new(krb5_context context,
391 const krb5_cc_ops *ops,
392 krb5_ccache *id)
393 KRB5_DEPRECATED
394 {
395 return krb5_cc_new_unique(context, ops->prefix, NULL, id);
396 }
397
398
399
400 krb5_realm * KRB5_LIB_FUNCTION
401 krb5_princ_realm(krb5_context context,
402 krb5_principal principal)
403 KRB5_DEPRECATED
404 {
405 return &principal->realm;
406 }
407
408
409 void KRB5_LIB_FUNCTION
410 krb5_princ_set_realm(krb5_context context,
411 krb5_principal principal,
412 krb5_realm *realm)
413 KRB5_DEPRECATED
414 {
415 principal->realm = *realm;
416 }
417
418 /* keep this for compatibility with older code */
419 krb5_error_code KRB5_LIB_FUNCTION
420 krb5_free_creds_contents (krb5_context context, krb5_creds *c)
421 KRB5_DEPRECATED
422 {
423 return krb5_free_cred_contents (context, c);
424 }
425
426 /**
427 * Free the error message returned by krb5_get_error_string(),
428 * deprecated, use krb5_free_error_message().
429 *
430 * @param context Kerberos context
431 * @param str error message to free
432 *
433 * @ingroup krb5_deprecated
434 */
435
436 void KRB5_LIB_FUNCTION
437 krb5_free_error_string(krb5_context context, char *str)
438 KRB5_DEPRECATED
439 {
440 krb5_free_error_message(context, str);
441 }
442
443 /**
444 * Set the error message returned by krb5_get_error_string(),
445 * deprecated, use krb5_set_error_message().
446 *
447 * @param context Kerberos context
448 * @param fmt error message to free
449 *
450 * @return Return an error code or 0.
451 *
452 * @ingroup krb5_deprecated
453 */
454
455 krb5_error_code KRB5_LIB_FUNCTION
456 krb5_set_error_string(krb5_context context, const char *fmt, ...)
457 __attribute__((format (printf, 2, 3))) KRB5_DEPRECATED
458 {
459 va_list ap;
460
461 va_start(ap, fmt);
462 krb5_vset_error_message (context, 0, fmt, ap);
463 va_end(ap);
464 return 0;
465 }
466
467 /**
468 * Set the error message returned by krb5_get_error_string(),
469 * deprecated, use krb5_set_error_message().
470 *
471 * @param context Kerberos context
472 * @param msg error message to free
473 *
474 * @return Return an error code or 0.
475 *
476 * @ingroup krb5_deprecated
477 */
478
479 krb5_error_code KRB5_LIB_FUNCTION
480 krb5_vset_error_string(krb5_context context, const char *fmt, va_list args)
481 __attribute__ ((format (printf, 2, 0))) KRB5_DEPRECATED
482 {
483 krb5_vset_error_message(context, 0, fmt, args);
484 return 0;
485 }
486
487 /**
488 * Clar the error message returned by krb5_get_error_string(),
489 * deprecated, use krb5_clear_error_message().
490 *
491 * @param context Kerberos context
492 *
493 * @ingroup krb5_deprecated
494 */
495
496 void KRB5_LIB_FUNCTION
497 krb5_clear_error_string(krb5_context context)
498 KRB5_DEPRECATED
499 {
500 krb5_clear_error_message(context);
501 }
502
503 krb5_error_code KRB5_LIB_FUNCTION
504 krb5_get_cred_from_kdc_opt(krb5_context context,
505 krb5_ccache ccache,
506 krb5_creds *in_creds,
507 krb5_creds **out_creds,
508 krb5_creds ***ret_tgts,
509 krb5_flags flags) KRB5_DEPRECATED
510 {
511 krb5_kdc_flags f;
512 f.i = flags;
513 return _krb5_get_cred_kdc_any(context, f, ccache,
514 in_creds, NULL, NULL,
515 out_creds, ret_tgts);
516 }
517
518 krb5_error_code KRB5_LIB_FUNCTION
519 krb5_get_cred_from_kdc(krb5_context context,
520 krb5_ccache ccache,
521 krb5_creds *in_creds,
522 krb5_creds **out_creds,
523 krb5_creds ***ret_tgts) KRB5_DEPRECATED
524 {
525 return krb5_get_cred_from_kdc_opt(context, ccache,
526 in_creds, out_creds, ret_tgts, 0);
527 }
528
529 void KRB5_LIB_FUNCTION
530 krb5_free_unparsed_name(krb5_context context, char *str) KRB5_DEPRECATED
531 {
532 krb5_xfree(str);
533 }
534
535 krb5_error_code KRB5_LIB_FUNCTION
536 krb5_generate_subkey(krb5_context context,
537 const krb5_keyblock *key,
538 krb5_keyblock **subkey) KRB5_DEPRECATED
539 {
540 return krb5_generate_subkey_extended(context, key, ETYPE_NULL, subkey);
541 }
542
543 #endif /* HEIMDAL_SMALLER */
Heimdal