Stop using functions deprecated by Heimdal. Also, if krb5_init_context()
fails, we can't use Kerberos functions to grab error strings, we resort to strerror(3) which is what Heimdal's deprecated function does in this case.
This commit is contained in:
elric
parent
507c30fb60
commit
89208b4ceb
|
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: krb5_passwd.c,v 1.18 2009/04/18 09:04:34 mlelstv Exp $ */
|
||||
/* $NetBSD: krb5_passwd.c,v 1.19 2011/04/24 21:16:43 elric Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2000, 2005 The NetBSD Foundation, Inc.
|
||||
|
|
@ -68,13 +68,14 @@ pwkrb5_process(const char *username, int argc, char **argv)
|
|||
{
|
||||
krb5_context context;
|
||||
krb5_error_code ret;
|
||||
krb5_get_init_creds_opt opt;
|
||||
krb5_get_init_creds_opt *opt;
|
||||
krb5_principal principal;
|
||||
krb5_creds cred;
|
||||
int result_code;
|
||||
krb5_data result_code_string, result_string;
|
||||
char pwbuf[BUFSIZ];
|
||||
int ch;
|
||||
const char *errtxt;
|
||||
|
||||
while ((ch = getopt(argc, argv, "5ku:")) != -1) {
|
||||
switch (ch) {
|
||||
|
|
@ -125,21 +126,34 @@ pwkrb5_process(const char *username, int argc, char **argv)
|
|||
if (ret != 0) {
|
||||
if (ret == ENXIO)
|
||||
errx(1, "Kerberos 5 not in use.");
|
||||
warnx("Unable to initialize Kerberos 5: %s",
|
||||
krb5_get_err_text(context, ret));
|
||||
goto bad;
|
||||
errx(1, "Unable to initialize Kerberos 5: %s", strerror(ret));
|
||||
}
|
||||
|
||||
krb5_get_init_creds_opt_init(&opt);
|
||||
ret = krb5_get_init_creds_opt_alloc(context, &opt);
|
||||
if (ret) {
|
||||
errtxt = krb5_get_error_message(context, ret);
|
||||
if (errtxt != NULL) {
|
||||
warnx("failed to allocate opts: %s", errtxt);
|
||||
krb5_free_error_message(context, errtxt);
|
||||
} else {
|
||||
warnx("failed to allocate opts: %d", ret);
|
||||
}
|
||||
goto bad;
|
||||
}
|
||||
|
||||
krb5_get_init_creds_opt_set_tkt_life(&opt, 300L);
|
||||
krb5_get_init_creds_opt_set_forwardable(&opt, FALSE);
|
||||
krb5_get_init_creds_opt_set_proxiable(&opt, FALSE);
|
||||
krb5_get_init_creds_opt_set_tkt_life(opt, 300L);
|
||||
krb5_get_init_creds_opt_set_forwardable(opt, FALSE);
|
||||
krb5_get_init_creds_opt_set_proxiable(opt, FALSE);
|
||||
|
||||
ret = krb5_parse_name(context, username, &principal);
|
||||
if (ret) {
|
||||
warnx("failed to parse principal: %s",
|
||||
krb5_get_err_text(context, ret));
|
||||
errtxt = krb5_get_error_message(context, ret);
|
||||
if (errtxt != NULL) {
|
||||
warnx("failed to parse principal: %s", errtxt);
|
||||
krb5_free_error_message(context, errtxt);
|
||||
} else {
|
||||
warnx("failed to parse principal: %d", ret);
|
||||
}
|
||||
goto bad;
|
||||
}
|
||||
|
||||
|
|
@ -151,7 +165,7 @@ pwkrb5_process(const char *username, int argc, char **argv)
|
|||
NULL,
|
||||
0L,
|
||||
"kadmin/changepw",
|
||||
&opt);
|
||||
opt);
|
||||
|
||||
|
||||
switch (ret) {
|
||||
|
|
@ -168,8 +182,13 @@ pwkrb5_process(const char *username, int argc, char **argv)
|
|||
goto bad;
|
||||
|
||||
default:
|
||||
warnx("failed to get credentials: %s",
|
||||
krb5_get_err_text(context, ret));
|
||||
errtxt = krb5_get_error_message(context, ret);
|
||||
if (errtxt != NULL) {
|
||||
warnx("failed to get credentials: %s", errtxt);
|
||||
krb5_free_error_message(context, errtxt);
|
||||
} else {
|
||||
warnx("failed to get credentials: %d", ret);
|
||||
}
|
||||
goto bad;
|
||||
}
|
||||
|
||||
|
|
@ -186,8 +205,13 @@ pwkrb5_process(const char *username, int argc, char **argv)
|
|||
&result_code_string,
|
||||
&result_string);
|
||||
if (ret) {
|
||||
warnx("unable to set password: %s",
|
||||
krb5_get_err_text(context, ret));
|
||||
errtxt = krb5_get_error_message(context, ret);
|
||||
if (errtxt != NULL) {
|
||||
warnx("unable to set password: %s", errtxt);
|
||||
krb5_free_error_message(context, errtxt);
|
||||
} else {
|
||||
warnx("unable to set password: %d", ret);
|
||||
}
|
||||
goto bad;
|
||||
}
|
||||
|
||||
|
|
@ -271,11 +295,17 @@ krb5_chpw(const char *username)
|
|||
int result_code;
|
||||
krb5_data result_code_string, result_string;
|
||||
char pwbuf[BUFSIZ];
|
||||
const char *errtxt;
|
||||
|
||||
ret = krb5_init_context (&context);
|
||||
if (ret) {
|
||||
warnx("failed kerberos initialisation: %s",
|
||||
krb5_get_err_text(context, ret));
|
||||
errtxt = krb5_get_error_message(context, ret);
|
||||
if (errtxt != NULL) {
|
||||
warnx("failed kerberos initialisation: %s", errtxt);
|
||||
krb5_free_error_message(context, errtxt);
|
||||
} else {
|
||||
warnx("failed kerberos initialisation: %d", ret);
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
|
@ -288,8 +318,13 @@ krb5_chpw(const char *username)
|
|||
if(username != NULL) {
|
||||
ret = krb5_parse_name (context, username, &principal);
|
||||
if (ret) {
|
||||
warnx("failed to parse principal: %s",
|
||||
krb5_get_err_text(context, ret));
|
||||
errtxt = krb5_get_error_message(context, ret);
|
||||
if (errtxt != NULL) {
|
||||
warnx("failed to parse principal: %s", errtxt);
|
||||
krb5_free_error_message(context, errtxt);
|
||||
} else {
|
||||
warnx("failed to parse principal: %d", ret);
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
} else
|
||||
|
|
@ -317,8 +352,13 @@ krb5_chpw(const char *username)
|
|||
return 1;
|
||||
break;
|
||||
default:
|
||||
warnx("failed to get credentials: %s",
|
||||
krb5_get_err_text(context, ret));
|
||||
errtxt = krb5_get_error_message(context, ret);
|
||||
if (errtxt != NULL) {
|
||||
warnx("failed to get credentials: %s", errtxt);
|
||||
krb5_free_error_message(context, errtxt);
|
||||
} else {
|
||||
warnx("failed to get credentials: %d", ret);
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
krb5_data_zero (&result_code_string);
|
||||
|
|
|
|||
Loading…
Reference in New Issue