svn commit: lorikeet r327 - in trunk/heimdal/kdc: .
abartlet at samba.org
abartlet at samba.org
Fri Jun 3 12:03:28 GMT 2005
Author: abartlet
Date: 2005-06-03 12:03:27 +0000 (Fri, 03 Jun 2005)
New Revision: 327
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=lorikeet&rev=327
Log:
More work on libkdc configuration:
krb5_kdc_default_config() no longer allocates memory (allow the caller
to allocate, which can mean that Samba could talloc() it).
Put more defaults into krb5_kdc_default_config()
Clean out old proto from kdc_locl.h
Andrew Bartlett
Modified:
trunk/heimdal/kdc/config.c
trunk/heimdal/kdc/default_config.c
trunk/heimdal/kdc/kdc.h
trunk/heimdal/kdc/kdc_locl.h
Changeset:
Modified: trunk/heimdal/kdc/config.c
===================================================================
--- trunk/heimdal/kdc/config.c 2005-06-02 23:17:25 UTC (rev 326)
+++ trunk/heimdal/kdc/config.c 2005-06-03 12:03:27 UTC (rev 327)
@@ -258,7 +258,7 @@
struct krb5_kdc_configuration *configure(krb5_context context, int argc, char **argv)
{
- struct krb5_kdc_configuration *config = default_krb5_kdc_config();
+ struct krb5_kdc_configuration *config = malloc(sizeof(*config));
krb5_error_code ret;
int optind = 0;
const char *p;
@@ -267,6 +267,8 @@
return NULL;
}
+ krb5_kdc_default_config(config);
+
while(getarg(args, num_args, argc, argv, &optind))
warnx("error at argument `%s'", argv[optind]);
@@ -328,8 +330,10 @@
}
if(require_preauth == -1) {
- config->require_preauth = krb5_config_get_bool(context, NULL, "kdc",
- "require-preauth", NULL);
+ config->require_preauth = krb5_config_get_bool_default(context, NULL,
+ config->require_preauth,
+ "kdc",
+ "require-preauth", NULL);
} else {
config->require_preauth = require_preauth;
}
@@ -405,8 +409,10 @@
"allow-null-ticket-addresses", NULL);
config->allow_anonymous =
- krb5_config_get_bool(context, NULL, "kdc",
- "allow-anonymous", NULL);
+ krb5_config_get_bool_default(context, NULL,
+ config->allow_anonymous,
+ "kdc",
+ "allow-anonymous", NULL);
trpolicy_str =
krb5_config_get_string_default(context, NULL, "DEFAULT", "kdc",
@@ -457,15 +463,20 @@
config->enable_kaserver = enable_kaserver;
}
- config->encode_as_rep_as_tgs_rep = krb5_config_get_bool(context, NULL, "kdc",
- "encode_as_rep_as_tgs_rep",
- NULL);
+ config->encode_as_rep_as_tgs_rep
+ = krb5_config_get_bool_default(context, NULL,
+ config->encode_as_rep_as_tgs_rep,
+ "kdc",
+ "encode_as_rep_as_tgs_rep",
+ NULL);
- config->kdc_warn_pwexpire = krb5_config_get_time (context, NULL,
- "kdc",
- "kdc_warn_pwexpire",
- NULL);
-
+ config->kdc_warn_pwexpire
+ = krb5_config_get_time_default (context, NULL,
+ config->kdc_warn_pwexpire,
+ "kdc",
+ "kdc_warn_pwexpire",
+ NULL);
+
if(detach_from_console == -1)
detach_from_console = krb5_config_get_bool_default(context, NULL,
DETACH_IS_DEFAULT,
Modified: trunk/heimdal/kdc/default_config.c
===================================================================
--- trunk/heimdal/kdc/default_config.c 2005-06-02 23:17:25 UTC (rev 326)
+++ trunk/heimdal/kdc/default_config.c 2005-06-03 12:03:27 UTC (rev 327)
@@ -33,28 +33,36 @@
#include "kdc_locl.h"
-struct krb5_kdc_configuration *default_krb5_kdc_config(void)
+/* Setup some of the defaults for the KDC configuration.
+
+ Note: Caller must also fill in:
+ - db
+ - num_db
+ - logf
+
+*/
+
+void krb5_kdc_default_config(struct krb5_kdc_configuration *config)
{
- struct krb5_kdc_configuration *config = malloc(sizeof(struct krb5_kdc_configuration));
- if (!config) {
- return NULL;
- }
-
config->require_preauth = TRUE;
+ config->kdc_warn_pwexpire = -1;
+
+ config->encode_as_rep_as_tgs_rep = FALSE; /* bug compatibility */
+
config->check_ticket_addresses = TRUE;
config->allow_null_ticket_addresses = TRUE;
+ config->allow_anonymous = FALSE;
+ config->trpolicy = TRPOLICY_ALWAYS_CHECK;
config->enable_v4 = FALSE;
config->enable_kaserver = FALSE;
+ config->enable_524 = FALSE; /* overriden by enable_v4 in configure()) */
config->enable_v4_cross_realm = FALSE;
config->enable_pkinit = FALSE;
config->enable_pkinit_princ_in_cert = TRUE;
- config->trpolicy = TRPOLICY_ALWAYS_CHECK;
-
- return config;
}
Modified: trunk/heimdal/kdc/kdc.h
===================================================================
--- trunk/heimdal/kdc/kdc.h 2005-06-02 23:17:25 UTC (rev 326)
+++ trunk/heimdal/kdc/kdc.h 2005-06-03 12:03:27 UTC (rev 327)
@@ -41,9 +41,10 @@
#ifndef __KDC_H__
#define __KDC_H__
-enum { TRPOLICY_ALWAYS_CHECK,
- TRPOLICY_ALLOW_PER_PRINCIPAL,
- TRPOLICY_ALWAYS_HONOUR_REQUEST };
+enum krb5_kdc_trpolicy
+{ TRPOLICY_ALWAYS_CHECK,
+ TRPOLICY_ALLOW_PER_PRINCIPAL,
+ TRPOLICY_ALWAYS_HONOUR_REQUEST };
struct krb5_kdc_configuration {
krb5_boolean require_preauth; /* require preauth for all principals */
@@ -58,7 +59,7 @@
krb5_boolean check_ticket_addresses;
krb5_boolean allow_null_ticket_addresses;
krb5_boolean allow_anonymous;
- int trpolicy;
+ enum krb5_kdc_trpolicy trpolicy;
char *v4_realm;
krb5_boolean enable_v4;
@@ -73,12 +74,14 @@
krb5_log_facility *logf;
};
-int kdc_process_krb5_request(krb5_context context,
- struct krb5_kdc_configuration *config,
- unsigned char *buf,
- size_t len,
- krb5_data *reply,
- const char *from,
- struct sockaddr *addr);
+int krb5_kdc_process_krb5_request(krb5_context context,
+ struct krb5_kdc_configuration *config,
+ unsigned char *buf,
+ size_t len,
+ krb5_data *reply,
+ const char *from,
+ struct sockaddr *addr);
+void krb5_kdc_default_config(struct krb5_kdc_configuration *config);
+
#endif
Modified: trunk/heimdal/kdc/kdc_locl.h
===================================================================
--- trunk/heimdal/kdc/kdc_locl.h 2005-06-02 23:17:25 UTC (rev 326)
+++ trunk/heimdal/kdc/kdc_locl.h 2005-06-03 12:03:27 UTC (rev 327)
@@ -158,6 +158,4 @@
const char *from,
struct sockaddr *addr);
-struct krb5_kdc_configuration *default_krb5_kdc_config(void);
-
#endif /* __KDC_LOCL_H__ */
More information about the samba-cvs
mailing list