xref: /netbsd-src/crypto/external/bsd/heimdal/dist/lib/krb5/deprecated.c (revision 946379e7b37692fc43f68eb0d1c10daa0a7f3b6c) 
1 /*	$NetBSD: deprecated.c,v 1.1.1.2 2014/04/24 12:45:49 pettai Exp $	*/
2 
3 /*
4  * Copyright (c) 1997 - 2009 Kungliga Tekniska H�gskolan
5  * (Royal Institute of Technology, Stockholm, Sweden).
6  * All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  *
12  * 1. Redistributions of source code must retain the above copyright
13  *    notice, this list of conditions and the following disclaimer.
14  *
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in the
17  *    documentation and/or other materials provided with the distribution.
18  *
19  * 3. Neither the name of the Institute nor the names of its contributors
20  *    may be used to endorse or promote products derived from this software
21  *    without specific prior written permission.
22  *
23  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
24  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
27  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33  * SUCH DAMAGE.
34  */
35 
36 #ifdef __GNUC__
37 /* For some GCCs there's no way to shut them up about deprecated functions */
38 #define KRB5_DEPRECATED_FUNCTION(x)
39 #endif
40 
41 #include "krb5_locl.h"
42 
43 #undef __attribute__
44 #define __attribute__(x)
45 
46 #ifndef HEIMDAL_SMALLER
47 
48 /**
49  * Same as krb5_data_free(). MIT compat.
50  *
51  * Deprecated: use krb5_data_free().
52  *
53  * @param context Kerberos 5 context.
54  * @param data krb5_data to free.
55  *
56  * @ingroup krb5_deprecated
57  */
58 
59 KRB5_LIB_FUNCTION void KRB5_LIB_CALL
60 krb5_free_data_contents(krb5_context context, krb5_data *data)
61     KRB5_DEPRECATED_FUNCTION("Use X instead")
62 {
63     krb5_data_free(data);
64 }
65 
66 /**
67  * Deprecated: keytypes doesn't exists, they are really enctypes.
68  *
69  * @ingroup krb5_deprecated
70  */
71 
72 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
73 krb5_keytype_to_enctypes_default (krb5_context context,
74 				  krb5_keytype keytype,
75 				  unsigned *len,
76 				  krb5_enctype **val)
77     KRB5_DEPRECATED_FUNCTION("Use X instead")
78 {
79     unsigned int i, n;
80     krb5_enctype *ret;
81 
82     if (keytype != KEYTYPE_DES || context->etypes_des == NULL)
83 	return krb5_keytype_to_enctypes (context, keytype, len, val);
84 
85     for (n = 0; context->etypes_des[n]; ++n)
86 	;
87     ret = malloc (n * sizeof(*ret));
88     if (ret == NULL && n != 0) {
89 	krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
90 	return ENOMEM;
91     }
92     for (i = 0; i < n; ++i)
93 	ret[i] = context->etypes_des[i];
94     *len = n;
95     *val = ret;
96     return 0;
97 }
98 
99 
100 static struct {
101     const char *name;
102     krb5_keytype type;
103 } keys[] = {
104     { "null", ENCTYPE_NULL },
105     { "des", ETYPE_DES_CBC_CRC },
106     { "des3", ETYPE_OLD_DES3_CBC_SHA1 },
107     { "aes-128", ETYPE_AES128_CTS_HMAC_SHA1_96 },
108     { "aes-256", ETYPE_AES256_CTS_HMAC_SHA1_96 },
109     { "arcfour", ETYPE_ARCFOUR_HMAC_MD5 },
110     { "arcfour-56", ETYPE_ARCFOUR_HMAC_MD5_56 }
111 };
112 
113 static int num_keys = sizeof(keys) / sizeof(keys[0]);
114 
115 /**
116  * Deprecated: keytypes doesn't exists, they are really enctypes in
117  * most cases, use krb5_enctype_to_string().
118  *
119  * @ingroup krb5_deprecated
120  */
121 
122 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
123 krb5_keytype_to_string(krb5_context context,
124 		       krb5_keytype keytype,
125 		       char **string)
126     KRB5_DEPRECATED_FUNCTION("Use X instead")
127 {
128     const char *name = NULL;
129     int i;
130 
131     for(i = 0; i < num_keys; i++) {
132 	if(keys[i].type == keytype) {
133 	    name = keys[i].name;
134 	    break;
135 	}
136     }
137 
138     if(i >= num_keys) {
139 	krb5_set_error_message(context, KRB5_PROG_KEYTYPE_NOSUPP,
140 			       "key type %d not supported", keytype);
141 	return KRB5_PROG_KEYTYPE_NOSUPP;
142     }
143     *string = strdup(name);
144     if(*string == NULL) {
145 	krb5_set_error_message(context, ENOMEM,
146 			       N_("malloc: out of memory", ""));
147 	return ENOMEM;
148     }
149     return 0;
150 }
151 
152 /**
153  * Deprecated: keytypes doesn't exists, they are really enctypes in
154  * most cases, use krb5_string_to_enctype().
155  *
156  * @ingroup krb5_deprecated
157  */
158 
159 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
160 krb5_string_to_keytype(krb5_context context,
161 		       const char *string,
162 		       krb5_keytype *keytype)
163     KRB5_DEPRECATED_FUNCTION("Use X instead")
164 {
165     char *end;
166     int i;
167 
168     for(i = 0; i < num_keys; i++)
169 	if(strcasecmp(keys[i].name, string) == 0){
170 	    *keytype = keys[i].type;
171 	    return 0;
172 	}
173 
174     /* check if the enctype is a number */
175     *keytype = strtol(string, &end, 0);
176     if(*end == '\0' && *keytype != 0) {
177 	if (krb5_enctype_valid(context, *keytype) == 0)
178 	    return 0;
179     }
180 
181     krb5_set_error_message(context, KRB5_PROG_KEYTYPE_NOSUPP,
182 			   "key type %s not supported", string);
183     return KRB5_PROG_KEYTYPE_NOSUPP;
184 }
185 
186 /**
187  * Deprecated: use krb5_get_init_creds() and friends.
188  *
189  * @ingroup krb5_deprecated
190  */
191 
192 KRB5_LIB_FUNCTION krb5_error_code KRB5_CALLCONV
193 krb5_password_key_proc (krb5_context context,
194 			krb5_enctype type,
195 			krb5_salt salt,
196 			krb5_const_pointer keyseed,
197 			krb5_keyblock **key)
198     KRB5_DEPRECATED_FUNCTION("Use X instead")
199 {
200     krb5_error_code ret;
201     const char *password = (const char *)keyseed;
202     char buf[BUFSIZ];
203 
204     *key = malloc (sizeof (**key));
205     if (*key == NULL) {
206 	krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
207 	return ENOMEM;
208     }
209     if (password == NULL) {
210 	if(UI_UTIL_read_pw_string (buf, sizeof(buf), "Password: ", 0)) {
211 	    free (*key);
212 	    krb5_clear_error_message(context);
213 	    return KRB5_LIBOS_PWDINTR;
214 	}
215 	password = buf;
216     }
217     ret = krb5_string_to_key_salt (context, type, password, salt, *key);
218     memset (buf, 0, sizeof(buf));
219     return ret;
220 }
221 
222 /**
223  * Deprecated: use krb5_get_init_creds() and friends.
224  *
225  * @ingroup krb5_deprecated
226  */
227 
228 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
229 krb5_get_in_tkt_with_password (krb5_context context,
230 			       krb5_flags options,
231 			       krb5_addresses *addrs,
232 			       const krb5_enctype *etypes,
233 			       const krb5_preauthtype *pre_auth_types,
234 			       const char *password,
235 			       krb5_ccache ccache,
236 			       krb5_creds *creds,
237 			       krb5_kdc_rep *ret_as_reply)
238     KRB5_DEPRECATED_FUNCTION("Use X instead")
239 {
240      return krb5_get_in_tkt (context,
241 			     options,
242 			     addrs,
243 			     etypes,
244 			     pre_auth_types,
245 			     krb5_password_key_proc,
246 			     password,
247 			     NULL,
248 			     NULL,
249 			     creds,
250 			     ccache,
251 			     ret_as_reply);
252 }
253 
254 static krb5_error_code KRB5_CALLCONV
255 krb5_skey_key_proc (krb5_context context,
256 		    krb5_enctype type,
257 		    krb5_salt salt,
258 		    krb5_const_pointer keyseed,
259 		    krb5_keyblock **key)
260 {
261     return krb5_copy_keyblock (context, keyseed, key);
262 }
263 
264 /**
265  * Deprecated: use krb5_get_init_creds() and friends.
266  *
267  * @ingroup krb5_deprecated
268  */
269 
270 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
271 krb5_get_in_tkt_with_skey (krb5_context context,
272 			   krb5_flags options,
273 			   krb5_addresses *addrs,
274 			   const krb5_enctype *etypes,
275 			   const krb5_preauthtype *pre_auth_types,
276 			   const krb5_keyblock *key,
277 			   krb5_ccache ccache,
278 			   krb5_creds *creds,
279 			   krb5_kdc_rep *ret_as_reply)
280     KRB5_DEPRECATED_FUNCTION("Use X instead")
281 {
282     if(key == NULL)
283 	return krb5_get_in_tkt_with_keytab (context,
284 					    options,
285 					    addrs,
286 					    etypes,
287 					    pre_auth_types,
288 					    NULL,
289 					    ccache,
290 					    creds,
291 					    ret_as_reply);
292     else
293 	return krb5_get_in_tkt (context,
294 				options,
295 				addrs,
296 				etypes,
297 				pre_auth_types,
298 				krb5_skey_key_proc,
299 				key,
300 				NULL,
301 				NULL,
302 				creds,
303 				ccache,
304 				ret_as_reply);
305 }
306 
307 /**
308  * Deprecated: use krb5_get_init_creds() and friends.
309  *
310  * @ingroup krb5_deprecated
311  */
312 
313 KRB5_LIB_FUNCTION krb5_error_code KRB5_CALLCONV
314 krb5_keytab_key_proc (krb5_context context,
315 		      krb5_enctype enctype,
316 		      krb5_salt salt,
317 		      krb5_const_pointer keyseed,
318 		      krb5_keyblock **key)
319     KRB5_DEPRECATED_FUNCTION("Use X instead")
320 {
321     krb5_keytab_key_proc_args *args  = rk_UNCONST(keyseed);
322     krb5_keytab keytab = args->keytab;
323     krb5_principal principal  = args->principal;
324     krb5_error_code ret;
325     krb5_keytab real_keytab;
326     krb5_keytab_entry entry;
327 
328     if(keytab == NULL)
329 	krb5_kt_default(context, &real_keytab);
330     else
331 	real_keytab = keytab;
332 
333     ret = krb5_kt_get_entry (context, real_keytab, principal,
334 			     0, enctype, &entry);
335 
336     if (keytab == NULL)
337 	krb5_kt_close (context, real_keytab);
338 
339     if (ret)
340 	return ret;
341 
342     ret = krb5_copy_keyblock (context, &entry.keyblock, key);
343     krb5_kt_free_entry(context, &entry);
344     return ret;
345 }
346 
347 /**
348  * Deprecated: use krb5_get_init_creds() and friends.
349  *
350  * @ingroup krb5_deprecated
351  */
352 
353 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
354 krb5_get_in_tkt_with_keytab (krb5_context context,
355 			     krb5_flags options,
356 			     krb5_addresses *addrs,
357 			     const krb5_enctype *etypes,
358 			     const krb5_preauthtype *pre_auth_types,
359 			     krb5_keytab keytab,
360 			     krb5_ccache ccache,
361 			     krb5_creds *creds,
362 			     krb5_kdc_rep *ret_as_reply)
363     KRB5_DEPRECATED_FUNCTION("Use X instead")
364 {
365     krb5_keytab_key_proc_args a;
366 
367     a.principal = creds->client;
368     a.keytab    = keytab;
369 
370     return krb5_get_in_tkt (context,
371 			    options,
372 			    addrs,
373 			    etypes,
374 			    pre_auth_types,
375 			    krb5_keytab_key_proc,
376 			    &a,
377 			    NULL,
378 			    NULL,
379 			    creds,
380 			    ccache,
381 			    ret_as_reply);
382 }
383 
384 /**
385  * Generate a new ccache of type `ops' in `id'.
386  *
387  * Deprecated: use krb5_cc_new_unique() instead.
388  *
389  * @return Return an error code or 0, see krb5_get_error_message().
390  *
391  * @ingroup krb5_ccache
392  */
393 
394 
395 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
396 krb5_cc_gen_new(krb5_context context,
397 		const krb5_cc_ops *ops,
398 		krb5_ccache *id)
399     KRB5_DEPRECATED_FUNCTION("Use X instead")
400 {
401     return krb5_cc_new_unique(context, ops->prefix, NULL, id);
402 }
403 
404 /**
405  * Deprecated: use krb5_principal_get_realm()
406  *
407  * @ingroup krb5_deprecated
408  */
409 
410 KRB5_LIB_FUNCTION krb5_realm * KRB5_LIB_CALL
411 krb5_princ_realm(krb5_context context,
412 		 krb5_principal principal)
413     KRB5_DEPRECATED_FUNCTION("Use X instead")
414 {
415     return &principal->realm;
416 }
417 
418 
419 /**
420  * Deprecated: use krb5_principal_set_realm()
421  *
422  * @ingroup krb5_deprecated
423  */
424 
425 KRB5_LIB_FUNCTION void KRB5_LIB_CALL
426 krb5_princ_set_realm(krb5_context context,
427 		     krb5_principal principal,
428 		     krb5_realm *realm)
429     KRB5_DEPRECATED_FUNCTION("Use X instead")
430 {
431     principal->realm = *realm;
432 }
433 
434 /**
435  * Deprecated: use krb5_free_cred_contents()
436  *
437  * @ingroup krb5_deprecated
438  */
439 
440 /* keep this for compatibility with older code */
441 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
442 krb5_free_creds_contents (krb5_context context, krb5_creds *c)
443     KRB5_DEPRECATED_FUNCTION("Use X instead")
444 {
445     return krb5_free_cred_contents (context, c);
446 }
447 
448 /**
449  * Free the error message returned by krb5_get_error_string().
450  *
451  * Deprecated: use krb5_free_error_message()
452  *
453  * @param context Kerberos context
454  * @param str error message to free
455  *
456  * @ingroup krb5_deprecated
457  */
458 
459 KRB5_LIB_FUNCTION void KRB5_LIB_CALL
460 krb5_free_error_string(krb5_context context, char *str)
461     KRB5_DEPRECATED_FUNCTION("Use X instead")
462 {
463     krb5_free_error_message(context, str);
464 }
465 
466 /**
467  * Set the error message returned by krb5_get_error_string().
468  *
469  * Deprecated: use krb5_get_error_message()
470  *
471  * @param context Kerberos context
472  * @param fmt error message to free
473  *
474  * @return Return an error code or 0.
475  *
476  * @ingroup krb5_deprecated
477  */
478 
479 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
480 krb5_set_error_string(krb5_context context, const char *fmt, ...)
481     __attribute__((format (printf, 2, 3)))
482     KRB5_DEPRECATED_FUNCTION("Use X instead")
483 {
484     va_list ap;
485 
486     va_start(ap, fmt);
487     krb5_vset_error_message (context, 0, fmt, ap);
488     va_end(ap);
489     return 0;
490 }
491 
492 /**
493  * Set the error message returned by krb5_get_error_string(),
494  * deprecated, use krb5_set_error_message().
495  *
496  * Deprecated: use krb5_vset_error_message()
497  *
498  * @param context Kerberos context
499  * @param msg error message to free
500  *
501  * @return Return an error code or 0.
502  *
503  * @ingroup krb5_deprecated
504  */
505 
506 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
507 krb5_vset_error_string(krb5_context context, const char *fmt, va_list args)
508     __attribute__ ((format (printf, 2, 0)))
509     KRB5_DEPRECATED_FUNCTION("Use X instead")
510 {
511     krb5_vset_error_message(context, 0, fmt, args);
512     return 0;
513 }
514 
515 /**
516  * Clear the error message returned by krb5_get_error_string().
517  *
518  * Deprecated: use krb5_clear_error_message()
519  *
520  * @param context Kerberos context
521  *
522  * @ingroup krb5_deprecated
523  */
524 
525 KRB5_LIB_FUNCTION void KRB5_LIB_CALL
526 krb5_clear_error_string(krb5_context context)
527     KRB5_DEPRECATED_FUNCTION("Use X instead")
528 {
529     krb5_clear_error_message(context);
530 }
531 
532 /**
533  * Deprecated: use krb5_get_credentials_with_flags().
534  *
535  * @ingroup krb5_deprecated
536  */
537 
538 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
539 krb5_get_cred_from_kdc_opt(krb5_context context,
540 			   krb5_ccache ccache,
541 			   krb5_creds *in_creds,
542 			   krb5_creds **out_creds,
543 			   krb5_creds ***ret_tgts,
544 			   krb5_flags flags)
545     KRB5_DEPRECATED_FUNCTION("Use X instead")
546 {
547     krb5_kdc_flags f;
548     f.i = flags;
549     return _krb5_get_cred_kdc_any(context, f, ccache,
550 				  in_creds, NULL, NULL,
551 				  out_creds, ret_tgts);
552 }
553 
554 /**
555  * Deprecated: use krb5_get_credentials_with_flags().
556  *
557  * @ingroup krb5_deprecated
558  */
559 
560 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
561 krb5_get_cred_from_kdc(krb5_context context,
562 		       krb5_ccache ccache,
563 		       krb5_creds *in_creds,
564 		       krb5_creds **out_creds,
565 		       krb5_creds ***ret_tgts)
566     KRB5_DEPRECATED_FUNCTION("Use X instead")
567 {
568     return krb5_get_cred_from_kdc_opt(context, ccache,
569 				      in_creds, out_creds, ret_tgts, 0);
570 }
571 
572 /**
573  * Deprecated: use krb5_xfree().
574  *
575  * @ingroup krb5_deprecated
576  */
577 
578 KRB5_LIB_FUNCTION void KRB5_LIB_CALL
579 krb5_free_unparsed_name(krb5_context context, char *str)
580     KRB5_DEPRECATED_FUNCTION("Use X instead")
581 {
582     krb5_xfree(str);
583 }
584 
585 /**
586  * Deprecated: use krb5_generate_subkey_extended()
587  *
588  * @ingroup krb5_deprecated
589  */
590 
591 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
592 krb5_generate_subkey(krb5_context context,
593 		     const krb5_keyblock *key,
594 		     krb5_keyblock **subkey)
595     KRB5_DEPRECATED_FUNCTION("Use X instead")
596 {
597     return krb5_generate_subkey_extended(context, key, ETYPE_NULL, subkey);
598 }
599 
600 /**
601  * Deprecated: use krb5_auth_con_getremoteseqnumber()
602  *
603  * @ingroup krb5_deprecated
604  */
605 
606 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
607 krb5_auth_getremoteseqnumber(krb5_context context,
608 			     krb5_auth_context auth_context,
609 			     int32_t *seqnumber)
610     KRB5_DEPRECATED_FUNCTION("Use X instead")
611 {
612   *seqnumber = auth_context->remote_seqnumber;
613   return 0;
614 }
615 
616 #endif /* HEIMDAL_SMALLER */
617