diff options
author | Chuck Lever <chuck.lever@oracle.com> | 2015-06-11 17:55:21 -0400 |
---|---|---|
committer | Steve Dickson <steved@redhat.com> | 2015-06-16 11:34:39 -0400 |
commit | d6bdad36e8438d55f9470ece516ffc00a6276bff (patch) | |
tree | 360ba2a2c1d899a5aab053c590dfbf31a54fb0f2 /tirpc | |
parent | d55cc313b8fefffb87ec1c9b5aab424fe8aca712 (diff) | |
download | ti-rpc-d6bdad36e8438d55f9470ece516ffc00a6276bff.tar.gz |
Remove vestiges of AUTH_KERB
AUTH_KERB is described only briefly in the ONC+ Developer's Guide.
However, xdr_authkerb_cred(), for example, is declared in Linux's
tirpc/rpc/auth.h, but does not appear in Solaris 11's RPC headers.
It is not provided by glibc, so there isn't any backward
compatibility requirement.
The libtirpc implementation of AUTH_KERB here on Linux and in
FreeBSD seems to be incomplete and inoperative.
Seems like the scattered pieces of it can be removed safely.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Diffstat (limited to 'tirpc')
-rw-r--r-- | tirpc/rpc/auth.h | 56 | ||||
-rw-r--r-- | tirpc/rpc/auth_kerb.h | 140 |
2 files changed, 0 insertions, 196 deletions
diff --git a/tirpc/rpc/auth.h b/tirpc/rpc/auth.h index 434d35c..3e44863 100644 --- a/tirpc/rpc/auth.h +++ b/tirpc/rpc/auth.h @@ -97,18 +97,6 @@ struct des_clnt_data32 { }; #endif /* _SYSCALL32_IMPL */ -#ifdef KERBEROS -/* - * flavor specific data to hold the data for AUTH_DES/AUTH_KERB(v4) - * in sec_data->data opaque field. - */ -typedef struct krb4_svc_data { - int window; /* window option value */ -} krb4_svcdata_t; - -typedef struct krb4_svc_data des_svcdata_t; -#endif /* KERBEROS */ - /* * authentication/security specific flags */ @@ -134,7 +122,6 @@ enum auth_stat { */ AUTH_INVALIDRESP=6, /* bogus response verifier */ AUTH_FAILED=7, /* some unknown reason */ -#ifdef KERBEROS /* * kerberos errors */ @@ -143,8 +130,6 @@ enum auth_stat { AUTH_TKT_FILE = 10, /* something wrong with ticket file */ AUTH_DECODE = 11, /* can't decode authenticator */ AUTH_NET_ADDR = 12, /* wrong net address in ticket */ -#endif /* KERBEROS */ - /* * RPCSEC_GSS errors */ @@ -391,47 +376,6 @@ extern int getsecretkey (char *, char *, char *); } #endif -#ifdef KERBEROS -/* - * Kerberos style authentication - * AUTH *authkerb_seccreate(service, srv_inst, realm, window, timehost, status) - * const char *service; - service name - * const char *srv_inst; - server instance - * const char *realm; - server realm - * const u_int window; - time to live - * const char *timehost; - optional hostname to sync with - * int *status; - kerberos status returned - */ -#ifdef __cplusplus -extern "C" { -#endif -extern AUTH *authkerb_seccreate(const char *, const char *, const char *, - const u_int, const char *, int *); -#ifdef __cplusplus -} -#endif - -/* - * Map a kerberos credential into a unix cred. - * - * authkerb_getucred(rqst, uid, gid, grouplen, groups) - * const struct svc_req *rqst; - request pointer - * uid_t *uid; - * gid_t *gid; - * short *grouplen; - * int *groups; - * - */ -#ifdef __cplusplus -extern "C" { -#endif -extern int authkerb_getucred(/* struct svc_req *, uid_t *, gid_t *, - short *, int * */); -#ifdef __cplusplus -} -#endif -#endif /* KERBEROS */ - #ifdef __cplusplus extern "C" { #endif diff --git a/tirpc/rpc/auth_kerb.h b/tirpc/rpc/auth_kerb.h deleted file mode 100644 index 416b21c..0000000 --- a/tirpc/rpc/auth_kerb.h +++ /dev/null @@ -1,140 +0,0 @@ -/* $FreeBSD: src/include/rpc/auth_kerb.h,v 1.2 2002/09/04 23:58:23 alfred Exp $ */ -/* - * Copyright (c) 2009, Sun Microsystems, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * - Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * - Neither the name of Sun Microsystems, Inc. nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ -/* - * auth_kerb.h, Protocol for Kerberos style authentication for RPC - * - * Copyright (C) 1986, Sun Microsystems, Inc. - */ - -#ifndef _RPC_AUTH_KERB_H -#define _RPC_AUTH_KERB_H - -#ifdef KERBEROS - -#include <kerberos/krb.h> -#include <sys/socket.h> -#include <sys/t_kuser.h> -#include <netinet/in.h> -#include <rpc/svc.h> - -/* - * There are two kinds of "names": fullnames and nicknames - */ -enum authkerb_namekind { - AKN_FULLNAME, - AKN_NICKNAME -}; -/* - * A fullname contains the ticket and the window - */ -struct authkerb_fullname { - KTEXT_ST ticket; - u_long window; /* associated window */ -}; - -/* - * cooked credential stored in rq_clntcred - */ -struct authkerb_clnt_cred { - /* start of AUTH_DAT */ - unsigned char k_flags; /* Flags from ticket */ - char pname[ANAME_SZ]; /* Principal's name */ - char pinst[INST_SZ]; /* His Instance */ - char prealm[REALM_SZ]; /* His Realm */ - unsigned long checksum; /* Data checksum (opt) */ - C_Block session; /* Session Key */ - int life; /* Life of ticket */ - unsigned long time_sec; /* Time ticket issued */ - unsigned long address; /* Address in ticket */ - /* KTEXT_ST reply; Auth reply (opt) */ - /* end of AUTH_DAT */ - unsigned long expiry; /* time the ticket is expiring */ - u_long nickname; /* Nickname into cache */ - u_long window; /* associated window */ -}; - -typedef struct authkerb_clnt_cred authkerb_clnt_cred; - -/* - * A credential - */ -struct authkerb_cred { - enum authkerb_namekind akc_namekind; - struct authkerb_fullname akc_fullname; - u_long akc_nickname; -}; - -/* - * A kerb authentication verifier - */ -struct authkerb_verf { - union { - struct timeval akv_ctime; /* clear time */ - des_block akv_xtime; /* crypt time */ - } akv_time_u; - u_long akv_int_u; -}; - -/* - * des authentication verifier: client variety - * - * akv_timestamp is the current time. - * akv_winverf is the credential window + 1. - * Both are encrypted using the conversation key. - */ -#ifndef akv_timestamp -#define akv_timestamp akv_time_u.akv_ctime -#define akv_xtimestamp akv_time_u.akv_xtime -#define akv_winverf akv_int_u -#endif -/* - * des authentication verifier: server variety - * - * akv_timeverf is the client's timestamp + client's window - * akv_nickname is the server's nickname for the client. - * akv_timeverf is encrypted using the conversation key. - */ -#ifndef akv_timeverf -#define akv_timeverf akv_time_u.akv_ctime -#define akv_xtimeverf akv_time_u.akv_xtime -#define akv_nickname akv_int_u -#endif - -/* - * Register the service name, instance and realm. - */ -extern int authkerb_create(char *, char *, char *, u_int, - struct netbuf *, int *, dev_t, int, AUTH **); -extern bool_t xdr_authkerb_cred(XDR *, struct authkerb_cred *); -extern bool_t xdr_authkerb_verf(XDR *, struct authkerb_verf *); -extern int svc_kerb_reg(SVCXPRT *, char *, char *, char *); -extern enum auth_stat _svcauth_kerb(struct svc_req *, struct rpc_msg *); - -#endif KERBEROS -#endif /* !_RPC_AUTH_KERB_H */ |