krb5_boolean def_restrict_anon;
char *def_udp_listen = NULL;
char *def_tcp_listen = NULL;
- krb5_pointer aprof = NULL;
+ krb5_pointer aprof = kcontext->profile;
const char *hierarchy[3];
char *no_referral = NULL;
char *hostbased = NULL;
extern char *optarg;
- if (!krb5_aprof_init(DEFAULT_KDC_PROFILE, KDC_PROFILE_ENV, &aprof)) {
- hierarchy[0] = KRB5_CONF_KDCDEFAULTS;
- hierarchy[1] = KRB5_CONF_KDC_LISTEN;
- hierarchy[2] = (char *) NULL;
- if (krb5_aprof_get_string(aprof, hierarchy, TRUE, &def_udp_listen)) {
- hierarchy[1] = KRB5_CONF_KDC_PORTS;
- if (krb5_aprof_get_string(aprof, hierarchy, TRUE, &def_udp_listen))
- def_udp_listen = NULL;
- }
- hierarchy[1] = KRB5_CONF_KDC_TCP_LISTEN;
- if (krb5_aprof_get_string(aprof, hierarchy, TRUE, &def_tcp_listen)) {
- hierarchy[1] = KRB5_CONF_KDC_TCP_PORTS;
- if (krb5_aprof_get_string(aprof, hierarchy, TRUE, &def_tcp_listen))
- def_tcp_listen = NULL;
- }
- hierarchy[1] = KRB5_CONF_KDC_MAX_DGRAM_REPLY_SIZE;
- if (krb5_aprof_get_int32(aprof, hierarchy, TRUE, &max_dgram_reply_size))
- max_dgram_reply_size = MAX_DGRAM_SIZE;
- if (tcp_listen_backlog_out != NULL) {
- hierarchy[1] = KRB5_CONF_KDC_TCP_LISTEN_BACKLOG;
- if (krb5_aprof_get_int32(aprof, hierarchy, TRUE,
- tcp_listen_backlog_out))
- *tcp_listen_backlog_out = DEFAULT_TCP_LISTEN_BACKLOG;
- }
- hierarchy[1] = KRB5_CONF_RESTRICT_ANONYMOUS_TO_TGT;
- if (krb5_aprof_get_boolean(aprof, hierarchy, TRUE, &def_restrict_anon))
- def_restrict_anon = FALSE;
- hierarchy[1] = KRB5_CONF_NO_HOST_REFERRAL;
- if (krb5_aprof_get_string_all(aprof, hierarchy, &no_referral))
- no_referral = 0;
- hierarchy[1] = KRB5_CONF_HOST_BASED_SERVICES;
- if (krb5_aprof_get_string_all(aprof, hierarchy, &hostbased))
- hostbased = 0;
+ hierarchy[0] = KRB5_CONF_KDCDEFAULTS;
+ hierarchy[1] = KRB5_CONF_KDC_LISTEN;
+ hierarchy[2] = NULL;
+ if (krb5_aprof_get_string(aprof, hierarchy, TRUE, &def_udp_listen)) {
+ hierarchy[1] = KRB5_CONF_KDC_PORTS;
+ if (krb5_aprof_get_string(aprof, hierarchy, TRUE, &def_udp_listen))
+ def_udp_listen = NULL;
+ }
+ hierarchy[1] = KRB5_CONF_KDC_TCP_LISTEN;
+ if (krb5_aprof_get_string(aprof, hierarchy, TRUE, &def_tcp_listen)) {
+ hierarchy[1] = KRB5_CONF_KDC_TCP_PORTS;
+ if (krb5_aprof_get_string(aprof, hierarchy, TRUE, &def_tcp_listen))
+ def_tcp_listen = NULL;
+ }
+ hierarchy[1] = KRB5_CONF_KDC_MAX_DGRAM_REPLY_SIZE;
+ if (krb5_aprof_get_int32(aprof, hierarchy, TRUE, &max_dgram_reply_size))
+ max_dgram_reply_size = MAX_DGRAM_SIZE;
+ if (tcp_listen_backlog_out != NULL) {
+ hierarchy[1] = KRB5_CONF_KDC_TCP_LISTEN_BACKLOG;
+ if (krb5_aprof_get_int32(aprof, hierarchy, TRUE,
+ tcp_listen_backlog_out))
+ *tcp_listen_backlog_out = DEFAULT_TCP_LISTEN_BACKLOG;
}
+ hierarchy[1] = KRB5_CONF_RESTRICT_ANONYMOUS_TO_TGT;
+ if (krb5_aprof_get_boolean(aprof, hierarchy, TRUE, &def_restrict_anon))
+ def_restrict_anon = FALSE;
+ hierarchy[1] = KRB5_CONF_NO_HOST_REFERRAL;
+ if (krb5_aprof_get_string_all(aprof, hierarchy, &no_referral))
+ no_referral = 0;
+ hierarchy[1] = KRB5_CONF_HOST_BASED_SERVICES;
+ if (krb5_aprof_get_string_all(aprof, hierarchy, &hostbased))
+ hostbased = 0;
if (def_udp_listen == NULL) {
def_udp_listen = strdup(DEFAULT_KDC_UDP_PORTLIST);
free(hostbased);
if (no_referral)
free(no_referral);
- if (aprof)
- krb5_aprof_finish(aprof);
return;
}
return knew;
}
-/*
- * krb5_aprof_init() - Initialize alternate profile context.
- *
- * Parameters:
- * fname - default file name of the profile.
- * envname - environment variable which can override fname
- * acontextp - Pointer to opaque context for alternate profile
- *
- * Returns:
- * error codes from profile_init()
- */
-krb5_error_code
-krb5_aprof_init(char *fname, char *envname, krb5_pointer *acontextp)
-{
- krb5_error_code ret;
- profile_t profile;
- const char *kdc_config;
- char **filenames;
- int i;
- struct k5buf buf;
-
- ret = krb5_get_default_config_files(&filenames);
- if (ret)
- return ret;
- if (envname == NULL || (kdc_config = secure_getenv(envname)) == NULL)
- kdc_config = fname;
- k5_buf_init_dynamic(&buf);
- if (kdc_config)
- k5_buf_add(&buf, kdc_config);
- for (i = 0; filenames[i] != NULL; i++) {
- if (buf.len > 0)
- k5_buf_add(&buf, ":");
- k5_buf_add(&buf, filenames[i]);
- }
- krb5_free_config_files(filenames);
- if (k5_buf_status(&buf) != 0)
- return ENOMEM;
- profile = (profile_t) NULL;
- ret = profile_init_path(buf.data, &profile);
- k5_buf_free(&buf);
- if (ret)
- return ret;
- *acontextp = profile;
- return 0;
-}
-
/*
* krb5_aprof_getvals() - Get values from alternate profile.
*
return ret;
}
-/*
- * krb5_aprof_finish() - Finish alternate profile context.
- *
- * Parameter:
- * acontext - opaque context for alternate profile.
- *
- * Returns:
- * 0 on success, something else on failure.
- */
-krb5_error_code
-krb5_aprof_finish(krb5_pointer acontext)
-{
- profile_release(acontext);
- return 0;
-}
-
/*
* Returns nonzero if it found something to copy; the caller may still need to
* check the output field or mask to see if the copy (allocation) was