1 /* $NetBSD: deprecated.c,v 1.1.1.2 2014/04/24 12:45:49 pettai Exp $ */
2
3 /*
4 * Copyright (c) 1997 - 2009 Kungliga Tekniska H�gskolan
5 * (Royal Institute of Technology, Stockholm, Sweden).
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 *
19 * 3. Neither the name of the Institute nor the names of its contributors
20 * may be used to endorse or promote products derived from this software
21 * without specific prior written permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * SUCH DAMAGE.
34 */
35
36 #ifdef __GNUC__
37 /* For some GCCs there's no way to shut them up about deprecated functions */
38 #define KRB5_DEPRECATED_FUNCTION(x)
39 #endif
40
41 #include "krb5_locl.h"
42
43 #undef __attribute__
44 #define __attribute__(x)
45
46 #ifndef HEIMDAL_SMALLER
47
48 /**
49 * Same as krb5_data_free(). MIT compat.
50 *
51 * Deprecated: use krb5_data_free().
52 *
53 * @param context Kerberos 5 context.
54 * @param data krb5_data to free.
55 *
56 * @ingroup krb5_deprecated
57 */
58
59 KRB5_LIB_FUNCTION void KRB5_LIB_CALL
krb5_free_data_contents(krb5_context context,krb5_data * data)60 krb5_free_data_contents(krb5_context context, krb5_data *data)
61 KRB5_DEPRECATED_FUNCTION("Use X instead")
62 {
63 krb5_data_free(data);
64 }
65
66 /**
67 * Deprecated: keytypes doesn't exists, they are really enctypes.
68 *
69 * @ingroup krb5_deprecated
70 */
71
72 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_keytype_to_enctypes_default(krb5_context context,krb5_keytype keytype,unsigned * len,krb5_enctype ** val)73 krb5_keytype_to_enctypes_default (krb5_context context,
74 krb5_keytype keytype,
75 unsigned *len,
76 krb5_enctype **val)
77 KRB5_DEPRECATED_FUNCTION("Use X instead")
78 {
79 unsigned int i, n;
80 krb5_enctype *ret;
81
82 if (keytype != KEYTYPE_DES || context->etypes_des == NULL)
83 return krb5_keytype_to_enctypes (context, keytype, len, val);
84
85 for (n = 0; context->etypes_des[n]; ++n)
86 ;
87 ret = malloc (n * sizeof(*ret));
88 if (ret == NULL && n != 0) {
89 krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
90 return ENOMEM;
91 }
92 for (i = 0; i < n; ++i)
93 ret[i] = context->etypes_des[i];
94 *len = n;
95 *val = ret;
96 return 0;
97 }
98
99
100 static struct {
101 const char *name;
102 krb5_keytype type;
103 } keys[] = {
104 { "null", ENCTYPE_NULL },
105 { "des", ETYPE_DES_CBC_CRC },
106 { "des3", ETYPE_OLD_DES3_CBC_SHA1 },
107 { "aes-128", ETYPE_AES128_CTS_HMAC_SHA1_96 },
108 { "aes-256", ETYPE_AES256_CTS_HMAC_SHA1_96 },
109 { "arcfour", ETYPE_ARCFOUR_HMAC_MD5 },
110 { "arcfour-56", ETYPE_ARCFOUR_HMAC_MD5_56 }
111 };
112
113 static int num_keys = sizeof(keys) / sizeof(keys[0]);
114
115 /**
116 * Deprecated: keytypes doesn't exists, they are really enctypes in
117 * most cases, use krb5_enctype_to_string().
118 *
119 * @ingroup krb5_deprecated
120 */
121
122 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_keytype_to_string(krb5_context context,krb5_keytype keytype,char ** string)123 krb5_keytype_to_string(krb5_context context,
124 krb5_keytype keytype,
125 char **string)
126 KRB5_DEPRECATED_FUNCTION("Use X instead")
127 {
128 const char *name = NULL;
129 int i;
130
131 for(i = 0; i < num_keys; i++) {
132 if(keys[i].type == keytype) {
133 name = keys[i].name;
134 break;
135 }
136 }
137
138 if(i >= num_keys) {
139 krb5_set_error_message(context, KRB5_PROG_KEYTYPE_NOSUPP,
140 "key type %d not supported", keytype);
141 return KRB5_PROG_KEYTYPE_NOSUPP;
142 }
143 *string = strdup(name);
144 if(*string == NULL) {
145 krb5_set_error_message(context, ENOMEM,
146 N_("malloc: out of memory", ""));
147 return ENOMEM;
148 }
149 return 0;
150 }
151
152 /**
153 * Deprecated: keytypes doesn't exists, they are really enctypes in
154 * most cases, use krb5_string_to_enctype().
155 *
156 * @ingroup krb5_deprecated
157 */
158
159 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_string_to_keytype(krb5_context context,const char * string,krb5_keytype * keytype)160 krb5_string_to_keytype(krb5_context context,
161 const char *string,
162 krb5_keytype *keytype)
163 KRB5_DEPRECATED_FUNCTION("Use X instead")
164 {
165 char *end;
166 int i;
167
168 for(i = 0; i < num_keys; i++)
169 if(strcasecmp(keys[i].name, string) == 0){
170 *keytype = keys[i].type;
171 return 0;
172 }
173
174 /* check if the enctype is a number */
175 *keytype = strtol(string, &end, 0);
176 if(*end == '\0' && *keytype != 0) {
177 if (krb5_enctype_valid(context, *keytype) == 0)
178 return 0;
179 }
180
181 krb5_set_error_message(context, KRB5_PROG_KEYTYPE_NOSUPP,
182 "key type %s not supported", string);
183 return KRB5_PROG_KEYTYPE_NOSUPP;
184 }
185
186 /**
187 * Deprecated: use krb5_get_init_creds() and friends.
188 *
189 * @ingroup krb5_deprecated
190 */
191
192 KRB5_LIB_FUNCTION krb5_error_code KRB5_CALLCONV
krb5_password_key_proc(krb5_context context,krb5_enctype type,krb5_salt salt,krb5_const_pointer keyseed,krb5_keyblock ** key)193 krb5_password_key_proc (krb5_context context,
194 krb5_enctype type,
195 krb5_salt salt,
196 krb5_const_pointer keyseed,
197 krb5_keyblock **key)
198 KRB5_DEPRECATED_FUNCTION("Use X instead")
199 {
200 krb5_error_code ret;
201 const char *password = (const char *)keyseed;
202 char buf[BUFSIZ];
203
204 *key = malloc (sizeof (**key));
205 if (*key == NULL) {
206 krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
207 return ENOMEM;
208 }
209 if (password == NULL) {
210 if(UI_UTIL_read_pw_string (buf, sizeof(buf), "Password: ", 0)) {
211 free (*key);
212 krb5_clear_error_message(context);
213 return KRB5_LIBOS_PWDINTR;
214 }
215 password = buf;
216 }
217 ret = krb5_string_to_key_salt (context, type, password, salt, *key);
218 memset (buf, 0, sizeof(buf));
219 return ret;
220 }
221
222 /**
223 * Deprecated: use krb5_get_init_creds() and friends.
224 *
225 * @ingroup krb5_deprecated
226 */
227
228 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_get_in_tkt_with_password(krb5_context context,krb5_flags options,krb5_addresses * addrs,const krb5_enctype * etypes,const krb5_preauthtype * pre_auth_types,const char * password,krb5_ccache ccache,krb5_creds * creds,krb5_kdc_rep * ret_as_reply)229 krb5_get_in_tkt_with_password (krb5_context context,
230 krb5_flags options,
231 krb5_addresses *addrs,
232 const krb5_enctype *etypes,
233 const krb5_preauthtype *pre_auth_types,
234 const char *password,
235 krb5_ccache ccache,
236 krb5_creds *creds,
237 krb5_kdc_rep *ret_as_reply)
238 KRB5_DEPRECATED_FUNCTION("Use X instead")
239 {
240 return krb5_get_in_tkt (context,
241 options,
242 addrs,
243 etypes,
244 pre_auth_types,
245 krb5_password_key_proc,
246 password,
247 NULL,
248 NULL,
249 creds,
250 ccache,
251 ret_as_reply);
252 }
253
254 static krb5_error_code KRB5_CALLCONV
krb5_skey_key_proc(krb5_context context,krb5_enctype type,krb5_salt salt,krb5_const_pointer keyseed,krb5_keyblock ** key)255 krb5_skey_key_proc (krb5_context context,
256 krb5_enctype type,
257 krb5_salt salt,
258 krb5_const_pointer keyseed,
259 krb5_keyblock **key)
260 {
261 return krb5_copy_keyblock (context, keyseed, key);
262 }
263
264 /**
265 * Deprecated: use krb5_get_init_creds() and friends.
266 *
267 * @ingroup krb5_deprecated
268 */
269
270 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_get_in_tkt_with_skey(krb5_context context,krb5_flags options,krb5_addresses * addrs,const krb5_enctype * etypes,const krb5_preauthtype * pre_auth_types,const krb5_keyblock * key,krb5_ccache ccache,krb5_creds * creds,krb5_kdc_rep * ret_as_reply)271 krb5_get_in_tkt_with_skey (krb5_context context,
272 krb5_flags options,
273 krb5_addresses *addrs,
274 const krb5_enctype *etypes,
275 const krb5_preauthtype *pre_auth_types,
276 const krb5_keyblock *key,
277 krb5_ccache ccache,
278 krb5_creds *creds,
279 krb5_kdc_rep *ret_as_reply)
280 KRB5_DEPRECATED_FUNCTION("Use X instead")
281 {
282 if(key == NULL)
283 return krb5_get_in_tkt_with_keytab (context,
284 options,
285 addrs,
286 etypes,
287 pre_auth_types,
288 NULL,
289 ccache,
290 creds,
291 ret_as_reply);
292 else
293 return krb5_get_in_tkt (context,
294 options,
295 addrs,
296 etypes,
297 pre_auth_types,
298 krb5_skey_key_proc,
299 key,
300 NULL,
301 NULL,
302 creds,
303 ccache,
304 ret_as_reply);
305 }
306
307 /**
308 * Deprecated: use krb5_get_init_creds() and friends.
309 *
310 * @ingroup krb5_deprecated
311 */
312
313 KRB5_LIB_FUNCTION krb5_error_code KRB5_CALLCONV
krb5_keytab_key_proc(krb5_context context,krb5_enctype enctype,krb5_salt salt,krb5_const_pointer keyseed,krb5_keyblock ** key)314 krb5_keytab_key_proc (krb5_context context,
315 krb5_enctype enctype,
316 krb5_salt salt,
317 krb5_const_pointer keyseed,
318 krb5_keyblock **key)
319 KRB5_DEPRECATED_FUNCTION("Use X instead")
320 {
321 krb5_keytab_key_proc_args *args = rk_UNCONST(keyseed);
322 krb5_keytab keytab = args->keytab;
323 krb5_principal principal = args->principal;
324 krb5_error_code ret;
325 krb5_keytab real_keytab;
326 krb5_keytab_entry entry;
327
328 if(keytab == NULL)
329 krb5_kt_default(context, &real_keytab);
330 else
331 real_keytab = keytab;
332
333 ret = krb5_kt_get_entry (context, real_keytab, principal,
334 0, enctype, &entry);
335
336 if (keytab == NULL)
337 krb5_kt_close (context, real_keytab);
338
339 if (ret)
340 return ret;
341
342 ret = krb5_copy_keyblock (context, &entry.keyblock, key);
343 krb5_kt_free_entry(context, &entry);
344 return ret;
345 }
346
347 /**
348 * Deprecated: use krb5_get_init_creds() and friends.
349 *
350 * @ingroup krb5_deprecated
351 */
352
353 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_get_in_tkt_with_keytab(krb5_context context,krb5_flags options,krb5_addresses * addrs,const krb5_enctype * etypes,const krb5_preauthtype * pre_auth_types,krb5_keytab keytab,krb5_ccache ccache,krb5_creds * creds,krb5_kdc_rep * ret_as_reply)354 krb5_get_in_tkt_with_keytab (krb5_context context,
355 krb5_flags options,
356 krb5_addresses *addrs,
357 const krb5_enctype *etypes,
358 const krb5_preauthtype *pre_auth_types,
359 krb5_keytab keytab,
360 krb5_ccache ccache,
361 krb5_creds *creds,
362 krb5_kdc_rep *ret_as_reply)
363 KRB5_DEPRECATED_FUNCTION("Use X instead")
364 {
365 krb5_keytab_key_proc_args a;
366
367 a.principal = creds->client;
368 a.keytab = keytab;
369
370 return krb5_get_in_tkt (context,
371 options,
372 addrs,
373 etypes,
374 pre_auth_types,
375 krb5_keytab_key_proc,
376 &a,
377 NULL,
378 NULL,
379 creds,
380 ccache,
381 ret_as_reply);
382 }
383
384 /**
385 * Generate a new ccache of type `ops' in `id'.
386 *
387 * Deprecated: use krb5_cc_new_unique() instead.
388 *
389 * @return Return an error code or 0, see krb5_get_error_message().
390 *
391 * @ingroup krb5_ccache
392 */
393
394
395 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_cc_gen_new(krb5_context context,const krb5_cc_ops * ops,krb5_ccache * id)396 krb5_cc_gen_new(krb5_context context,
397 const krb5_cc_ops *ops,
398 krb5_ccache *id)
399 KRB5_DEPRECATED_FUNCTION("Use X instead")
400 {
401 return krb5_cc_new_unique(context, ops->prefix, NULL, id);
402 }
403
404 /**
405 * Deprecated: use krb5_principal_get_realm()
406 *
407 * @ingroup krb5_deprecated
408 */
409
410 KRB5_LIB_FUNCTION krb5_realm * KRB5_LIB_CALL
krb5_princ_realm(krb5_context context,krb5_principal principal)411 krb5_princ_realm(krb5_context context,
412 krb5_principal principal)
413 KRB5_DEPRECATED_FUNCTION("Use X instead")
414 {
415 return &principal->realm;
416 }
417
418
419 /**
420 * Deprecated: use krb5_principal_set_realm()
421 *
422 * @ingroup krb5_deprecated
423 */
424
425 KRB5_LIB_FUNCTION void KRB5_LIB_CALL
krb5_princ_set_realm(krb5_context context,krb5_principal principal,krb5_realm * realm)426 krb5_princ_set_realm(krb5_context context,
427 krb5_principal principal,
428 krb5_realm *realm)
429 KRB5_DEPRECATED_FUNCTION("Use X instead")
430 {
431 principal->realm = *realm;
432 }
433
434 /**
435 * Deprecated: use krb5_free_cred_contents()
436 *
437 * @ingroup krb5_deprecated
438 */
439
440 /* keep this for compatibility with older code */
441 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_free_creds_contents(krb5_context context,krb5_creds * c)442 krb5_free_creds_contents (krb5_context context, krb5_creds *c)
443 KRB5_DEPRECATED_FUNCTION("Use X instead")
444 {
445 return krb5_free_cred_contents (context, c);
446 }
447
448 /**
449 * Free the error message returned by krb5_get_error_string().
450 *
451 * Deprecated: use krb5_free_error_message()
452 *
453 * @param context Kerberos context
454 * @param str error message to free
455 *
456 * @ingroup krb5_deprecated
457 */
458
459 KRB5_LIB_FUNCTION void KRB5_LIB_CALL
krb5_free_error_string(krb5_context context,char * str)460 krb5_free_error_string(krb5_context context, char *str)
461 KRB5_DEPRECATED_FUNCTION("Use X instead")
462 {
463 krb5_free_error_message(context, str);
464 }
465
466 /**
467 * Set the error message returned by krb5_get_error_string().
468 *
469 * Deprecated: use krb5_get_error_message()
470 *
471 * @param context Kerberos context
472 * @param fmt error message to free
473 *
474 * @return Return an error code or 0.
475 *
476 * @ingroup krb5_deprecated
477 */
478
479 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_set_error_string(krb5_context context,const char * fmt,...)480 krb5_set_error_string(krb5_context context, const char *fmt, ...)
481 __attribute__((format (printf, 2, 3)))
482 KRB5_DEPRECATED_FUNCTION("Use X instead")
483 {
484 va_list ap;
485
486 va_start(ap, fmt);
487 krb5_vset_error_message (context, 0, fmt, ap);
488 va_end(ap);
489 return 0;
490 }
491
492 /**
493 * Set the error message returned by krb5_get_error_string(),
494 * deprecated, use krb5_set_error_message().
495 *
496 * Deprecated: use krb5_vset_error_message()
497 *
498 * @param context Kerberos context
499 * @param msg error message to free
500 *
501 * @return Return an error code or 0.
502 *
503 * @ingroup krb5_deprecated
504 */
505
506 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_vset_error_string(krb5_context context,const char * fmt,va_list args)507 krb5_vset_error_string(krb5_context context, const char *fmt, va_list args)
508 __attribute__ ((format (printf, 2, 0)))
509 KRB5_DEPRECATED_FUNCTION("Use X instead")
510 {
511 krb5_vset_error_message(context, 0, fmt, args);
512 return 0;
513 }
514
515 /**
516 * Clear the error message returned by krb5_get_error_string().
517 *
518 * Deprecated: use krb5_clear_error_message()
519 *
520 * @param context Kerberos context
521 *
522 * @ingroup krb5_deprecated
523 */
524
525 KRB5_LIB_FUNCTION void KRB5_LIB_CALL
krb5_clear_error_string(krb5_context context)526 krb5_clear_error_string(krb5_context context)
527 KRB5_DEPRECATED_FUNCTION("Use X instead")
528 {
529 krb5_clear_error_message(context);
530 }
531
532 /**
533 * Deprecated: use krb5_get_credentials_with_flags().
534 *
535 * @ingroup krb5_deprecated
536 */
537
538 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_get_cred_from_kdc_opt(krb5_context context,krb5_ccache ccache,krb5_creds * in_creds,krb5_creds ** out_creds,krb5_creds *** ret_tgts,krb5_flags flags)539 krb5_get_cred_from_kdc_opt(krb5_context context,
540 krb5_ccache ccache,
541 krb5_creds *in_creds,
542 krb5_creds **out_creds,
543 krb5_creds ***ret_tgts,
544 krb5_flags flags)
545 KRB5_DEPRECATED_FUNCTION("Use X instead")
546 {
547 krb5_kdc_flags f;
548 f.i = flags;
549 return _krb5_get_cred_kdc_any(context, f, ccache,
550 in_creds, NULL, NULL,
551 out_creds, ret_tgts);
552 }
553
554 /**
555 * Deprecated: use krb5_get_credentials_with_flags().
556 *
557 * @ingroup krb5_deprecated
558 */
559
560 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_get_cred_from_kdc(krb5_context context,krb5_ccache ccache,krb5_creds * in_creds,krb5_creds ** out_creds,krb5_creds *** ret_tgts)561 krb5_get_cred_from_kdc(krb5_context context,
562 krb5_ccache ccache,
563 krb5_creds *in_creds,
564 krb5_creds **out_creds,
565 krb5_creds ***ret_tgts)
566 KRB5_DEPRECATED_FUNCTION("Use X instead")
567 {
568 return krb5_get_cred_from_kdc_opt(context, ccache,
569 in_creds, out_creds, ret_tgts, 0);
570 }
571
572 /**
573 * Deprecated: use krb5_xfree().
574 *
575 * @ingroup krb5_deprecated
576 */
577
578 KRB5_LIB_FUNCTION void KRB5_LIB_CALL
krb5_free_unparsed_name(krb5_context context,char * str)579 krb5_free_unparsed_name(krb5_context context, char *str)
580 KRB5_DEPRECATED_FUNCTION("Use X instead")
581 {
582 krb5_xfree(str);
583 }
584
585 /**
586 * Deprecated: use krb5_generate_subkey_extended()
587 *
588 * @ingroup krb5_deprecated
589 */
590
591 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_generate_subkey(krb5_context context,const krb5_keyblock * key,krb5_keyblock ** subkey)592 krb5_generate_subkey(krb5_context context,
593 const krb5_keyblock *key,
594 krb5_keyblock **subkey)
595 KRB5_DEPRECATED_FUNCTION("Use X instead")
596 {
597 return krb5_generate_subkey_extended(context, key, ETYPE_NULL, subkey);
598 }
599
600 /**
601 * Deprecated: use krb5_auth_con_getremoteseqnumber()
602 *
603 * @ingroup krb5_deprecated
604 */
605
606 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_auth_getremoteseqnumber(krb5_context context,krb5_auth_context auth_context,int32_t * seqnumber)607 krb5_auth_getremoteseqnumber(krb5_context context,
608 krb5_auth_context auth_context,
609 int32_t *seqnumber)
610 KRB5_DEPRECATED_FUNCTION("Use X instead")
611 {
612 *seqnumber = auth_context->remote_seqnumber;
613 return 0;
614 }
615
616 #endif /* HEIMDAL_SMALLER */
617