ITS#4799 remove kerberos / kbind references

2026-01-02 13:09:42 -05:00 · 2007-01-10 00:20:42 +00:00 · 2007-01-10 00:20:42 +00:00 · bec25494fe
commit bec25494fe
parent 15eb08e562
14 changed files with 11 additions and 208 deletions
--- a/include/ac/krb.h
+++ b/include/ac/krb.h
@ -1,37 +0,0 @@
-/* Generic krb.h */
-/* $OpenLDAP$ */
-/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
- *
- * Copyright 1998-2007 The OpenLDAP Foundation.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted only as authorized by the OpenLDAP
- * Public License.
- *
- * A copy of this license is available in file LICENSE in the
- * top-level directory of the distribution or, alternatively, at
- * <http://www.OpenLDAP.org/license.html>.
- */
-
-/* Kerberos IV */
-
-#ifndef _AC_KRB_H
-#define _AC_KRB_H
-
-#if defined( HAVE_KRB4 )
-
-#if defined( HAVE_KERBEROSIV_KRB_H )
-#include <kerberosIV/krb.h>
-#elif defined( HAVE_KRB_H )
-#include <krb.h>
-#endif
-
-#if defined( HAVE_KERBEROSIV_DES_H )
-#include <kerberosIV/des.h>
-#elif defined( HAVE_DES_H )
-#include <des.h>
-#endif
-
-#endif /* HAVE_KRB4 */
-#endif /* _AC_KRB_H */
--- a/include/ac/krb5.h
+++ b/include/ac/krb5.h
@ -1,26 +0,0 @@
-/* Generic krb.h */
-/* $OpenLDAP$ */
-/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
- *
- * Copyright 1998-2007 The OpenLDAP Foundation.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted only as authorized by the OpenLDAP
- * Public License.
- *
- * A copy of this license is available in file LICENSE in the
- * top-level directory of the distribution or, alternatively, at
- * <http://www.OpenLDAP.org/license.html>.
- */
-
-/* Kerberos V */
-
-#ifndef _AC_KRB5_H
-#define _AC_KRB5_H
-
-#if defined( HAVE_KRB5 )
-#include <krb5.h>
-#endif /* HAVE_KRB5 */
-
-#endif /* _AC_KRB5_H */
--- a/include/ldap.h
+++ b/include/ldap.h
@ -1153,35 +1153,6 @@ ldap_simple_bind_s LDAP_P(( /* deprecated, use ldap_sasl_bind_s */
 	LDAP_CONST char *who,
 	LDAP_CONST char *passwd ));

-
-/*
- * in kbind.c:
- *	(deprecated - use SASL instead)
- */
-LDAP_F( int )
-ldap_kerberos_bind_s LDAP_P((	/* deprecated */
-	LDAP *ld,
-	LDAP_CONST char *who ));
-
-LDAP_F( int )
-ldap_kerberos_bind1 LDAP_P((	/* deprecated */
-	LDAP *ld,
-	LDAP_CONST char *who ));
-
-LDAP_F( int )
-ldap_kerberos_bind1_s LDAP_P((	/* deprecated */
-	LDAP *ld,
-	LDAP_CONST char *who ));
-
-LDAP_F( int )
-ldap_kerberos_bind2 LDAP_P((	/* deprecated */
-	LDAP *ld,
-	LDAP_CONST char *who ));
-
-LDAP_F( int )
-ldap_kerberos_bind2_s LDAP_P((	/* deprecated */
-	LDAP *ld,
-	LDAP_CONST char *who ));
 #endif


--- a/include/ldap_features.hin
+++ b/include/ldap_features.hin
@ -54,9 +54,6 @@
 /* is -lldap_r available or not */
 #undef LDAP_API_FEATURE_X_OPENLDAP_THREAD_SAFE

-/* LDAP v2 Kerberos Bind */
-#undef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
-
 /* LDAP v2 Referrals */
 #undef LDAP_API_FEATURE_X_OPENLDAP_V2_REFERRALS

--- a/include/ldap_int_thread.h
+++ b/include/ldap_int_thread.h
@ -63,7 +63,7 @@ typedef pthread_cond_t		ldap_int_thread_cond_t;
 #define LDAP_THREAD_HAVE_SETCONCURRENCY 1
 #endif

-#if 0 && defined( HAVE_PTHREAD_RWLOCK_DESTROY )
+#if 1 && defined( HAVE_PTHREAD_RWLOCK_DESTROY )
 #define LDAP_THREAD_HAVE_RDWR 1
 typedef pthread_rwlock_t ldap_int_thread_rdwr_t;
 #endif
--- a/include/portable.hin
+++ b/include/portable.hin
@ -132,12 +132,6 @@
 /* Define to 1 if you have the <db.h> header file. */
 #undef HAVE_DB_H

-/* define if you have Kerberos des_debug */
-#undef HAVE_DES_DEBUG
-
-/* Define to 1 if you have the <des.h> header file. */
-#undef HAVE_DES_H
-
 /* define if your system supports /dev/poll */
 #undef HAVE_DEVPOLL

@ -250,12 +244,6 @@
 /* Define to 1 if you have the <grp.h> header file. */
 #undef HAVE_GRP_H

-/* define if you have HEIMDAL Kerberos */
-#undef HAVE_HEIMDAL_KERBEROS
-
-/* Define to 1 if you have the <heim_err.h> header file. */
-#undef HAVE_HEIM_ERR_H
-
 /* Define to 1 if you have the `hstrerror' function. */
 #undef HAVE_HSTRERROR

@ -283,36 +271,6 @@
 /* Define to 1 if you have the <io.h> header file. */
 #undef HAVE_IO_H

-/* define if you have Kerberos */
-#undef HAVE_KERBEROS
-
-/* Define to 1 if you have the <kerberosIV/des.h> header file. */
-#undef HAVE_KERBEROSIV_DES_H
-
-/* Define to 1 if you have the <kerberosIV/krb.h> header file. */
-#undef HAVE_KERBEROSIV_KRB_H
-
-/* define if you have Kerberos IV */
-#undef HAVE_KRB4
-
-/* define if you have Kerberos V with IV support */
-#undef HAVE_KRB425
-
-/* define if you have Kerberos V */
-#undef HAVE_KRB5
-
-/* Define to 1 if you have the <krb5.h> header file. */
-#undef HAVE_KRB5_H
-
-/* Define to 1 if you have the <krb-archaeology.h> header file. */
-#undef HAVE_KRB_ARCHAEOLOGY_H
-
-/* Define to 1 if you have the <krb.h> header file. */
-#undef HAVE_KRB_H
-
-/* define if you have Kth Kerberos */
-#undef HAVE_KTH_KERBEROS
-
 /* Define to 1 if you have the `gen' library (-lgen). */
 #undef HAVE_LIBGEN

@ -819,9 +777,6 @@
 /* define to 1 if library is thread safe */
 #undef LDAP_API_FEATURE_X_OPENLDAP_THREAD_SAFE

-/* define to LDAP VENDOR VERSION */
-#undef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
-
 /* define to LDAP VENDOR VERSION */
 #undef LDAP_API_FEATURE_X_OPENLDAP_V2_REFERRALS

--- a/libraries/libldap/bind.c
+++ b/libraries/libldap/bind.c
@ -36,10 +36,8 @@
 *		name		DistinguishedName,	 -- who
 *		authentication	CHOICE {
 *			simple		[0] OCTET STRING -- passwd
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
- *			krbv42ldap	[1] OCTET STRING
- *			krbv42dsa	[2] OCTET STRING
-#endif
+ *			krbv42ldap	[1] OCTET STRING -- OBSOLETE
+ *			krbv42dsa	[2] OCTET STRING -- OBSOLETE
 *			sasl		[3] SaslCredentials	-- LDAPv3
 *		}
 *	}
--- a/libraries/libldap/init.c
+++ b/libraries/libldap/init.c
@ -444,8 +444,7 @@ ldap_int_destroy_global_options(void)
 	WSACleanup( );
 #endif

-#if defined(LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND) \
-	|| defined(HAVE_TLS) || defined(HAVE_CYRUS_SASL)
+#if defined(HAVE_TLS) || defined(HAVE_CYRUS_SASL)
 	if ( ldap_int_hostname ) {
 		LDAP_FREE( ldap_int_hostname );
 		ldap_int_hostname = NULL;
@ -529,8 +528,7 @@ void ldap_int_initialize_global_options( struct ldapoptions *gopts, int *dbglvl
   	return;
 }

-#if defined(LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND) \
-	|| defined(HAVE_TLS) || defined(HAVE_CYRUS_SASL)
+#if defined(HAVE_TLS) || defined(HAVE_CYRUS_SASL)
 char * ldap_int_hostname = NULL;
 #endif

@ -578,8 +576,7 @@ void ldap_int_initialize( struct ldapoptions *gopts, int *dbglvl )
 }
 #endif

-#if defined(LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND) \
-	|| defined(HAVE_TLS) || defined(HAVE_CYRUS_SASL)
+#if defined(HAVE_TLS) || defined(HAVE_CYRUS_SASL)
 	{
 		char	*name = ldap_int_hostname;

--- a/libraries/libldap/ldap-int.h
+++ b/libraries/libldap/ldap-int.h
@ -252,9 +252,6 @@ typedef struct ldap_conn {
 #define LDAP_CONNST_CONNECTING		2
 #define LDAP_CONNST_CONNECTED		3
 	LDAPURLDesc		*lconn_server;
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
-	char			*lconn_krbinstance;
-#endif
 	BerElement		*lconn_ber;	/* ber receiving on this conn. */

 	struct ldap_conn *lconn_next;
@ -503,8 +500,7 @@ LDAP_F (int) ldap_connect_to_host( LDAP *ld, Sockbuf *sb,
 LDAP_F (int) ldap_int_poll( LDAP *ld, ber_socket_t s,
 	struct timeval *tvp );

-#if defined(LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND) || \
-	defined(HAVE_TLS) || defined(HAVE_CYRUS_SASL)
+#if defined(HAVE_TLS) || defined(HAVE_CYRUS_SASL)
 LDAP_V (char *) ldap_int_hostname;
 LDAP_F (char *) ldap_host_connected_to( Sockbuf *sb,
 	const char *host );
--- a/libraries/libldap/open.c
+++ b/libraries/libldap/open.c
@ -372,19 +372,6 @@ ldap_int_open_connection(
 	}
 #endif

-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
-	if ( conn->lconn_krbinstance == NULL ) {
-		char *c;
-		conn->lconn_krbinstance = ldap_host_connected_to(
-			conn->lconn_sb, host );
-
-		if( conn->lconn_krbinstance != NULL && 
-		    ( c = strchr( conn->lconn_krbinstance, '.' )) != NULL ) {
-			*c = '\0';
-		}
-	}
-#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */
-
 	return( 0 );
 }

--- a/libraries/libldap/request.c
+++ b/libraries/libldap/request.c
@ -632,11 +632,6 @@ ldap_free_connection( LDAP *ld, LDAPConn *lc, int force, int unbind )
 		ldap_int_sasl_close( ld, lc );

 		ldap_free_urllist( lc->lconn_server );
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
-		if ( lc->lconn_krbinstance != NULL ) {
-			LDAP_FREE( lc->lconn_krbinstance );
-		}
-#endif

 		/* FIXME: is this at all possible?
 		 * ldap_ld_free() in unbind.c calls ldap_free_connection()
--- a/libraries/libldap/sasl.c
+++ b/libraries/libldap/sasl.c
@ -19,10 +19,8 @@
 *		name		DistinguishedName,	 -- who
 *		authentication	CHOICE {
 *			simple		[0] OCTET STRING -- passwd
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
- *			krbv42ldap	[1] OCTET STRING
- *			krbv42dsa	[2] OCTET STRING
-#endif
+ *			krbv42ldap	[1] OCTET STRING -- OBSOLETE
+ *			krbv42dsa	[2] OCTET STRING -- OBSOLETE
 *			sasl		[3] SaslCredentials	-- LDAPv3
 *		}
 *	}
--- a/libraries/libldap/sbind.c
+++ b/libraries/libldap/sbind.c
@ -22,10 +22,8 @@
 *		name		DistinguishedName,	 -- who
 *		authentication	CHOICE {
 *			simple		[0] OCTET STRING -- passwd
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
- *			krbv42ldap	[1] OCTET STRING
- *			krbv42dsa	[2] OCTET STRING
-#endif
+ *			krbv42ldap	[1] OCTET STRING  -- OBSOLETE
+ *			krbv42dsa	[2] OCTET STRING  -- OBSOLETE
 *			sasl		[3] SaslCredentials	-- LDAPv3
 *		}
 *	}
--- a/libraries/libldap/test.c
+++ b/libraries/libldap/test.c
@ -252,17 +252,7 @@ bind_prompt( LDAP *ld,
 	printf("rebind for request=%ld msgid=%ld url=%s\n",
 		request, (long) msgid, url );

-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
-		get_line( dn, sizeof(dn), stdin,
-		    "re-bind method (0->simple, 1->krbv41, 2->krbv42, 3->krbv41&2)? " );
-	if (( authmethod = atoi( dn )) == 3 ) {
-		authmethod = LDAP_AUTH_KRBV4;
-		} else {
-		authmethod |= 0x80;
-		}
-#else /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */
 	authmethod = LDAP_AUTH_SIMPLE;
-#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */

 		get_line( dn, sizeof(dn), stdin, "re-bind dn? " );
 		strcat( dn, dnsuffix );
@ -412,13 +402,7 @@ main( int argc, char **argv )
 			break;

 		case 'b':	/* asynch bind */
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
-			get_line( line, sizeof(line), stdin,
-			    "method (0->simple, 1->krbv41, 2->krbv42)? " );
-			method = atoi( line ) | 0x80;
-#else /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */
 			method = LDAP_AUTH_SIMPLE;
-#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */
 			get_line( dn, sizeof(dn), stdin, "dn? " );
 			strcat( dn, dnsuffix );

@ -438,17 +422,7 @@ main( int argc, char **argv )
 			break;

 		case 'B':	/* synch bind */
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
-			get_line( line, sizeof(line), stdin,
-			    "method 0->simple 1->krbv41 2->krbv42 3->krb? " );
-			method = atoi( line );
-			if ( method == 3 )
-				method = LDAP_AUTH_KRBV4;
-			else
-				method = method | 0x80;
-#else /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */
 			method = LDAP_AUTH_SIMPLE;
-#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */
 			get_line( dn, sizeof(dn), stdin, "dn? " );
 			strcat( dn, dnsuffix );