From: Tomas Kuthan Date: Thu, 3 Apr 2014 15:58:43 +0000 (+0200) Subject: Remove adb_policy_init and adb_policy_close X-Git-Tag: krb5-1.13-alpha1~160 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8d735931e2a93fab31d68772e8881faa6b030a10;p=thirdparty%2Fkrb5.git Remove adb_policy_init and adb_policy_close Since f72c3ffa the policy is initialized as part of database. adb_policy_close is now a no-op, and adb_policy_init just makes sure the database is initialized. adb_policy_init is only called from kadm5_flush, and only if database initialization was successful beforehand, rendering this call redundant. Remove adb_policy_init and adb_policy_close and all their references in the code and documentation. --- diff --git a/doc/kadm5/api-funcspec.tex b/doc/kadm5/api-funcspec.tex index bf885b464f..c13090a519 100644 --- a/doc/kadm5/api-funcspec.tex +++ b/doc/kadm5/api-funcspec.tex @@ -1107,9 +1107,8 @@ the Admin API open. This function behaves differently when called by local and remote clients. For local clients, the function closes and reopens the Kerberos -database with krb5_db_fini() and krb5_db_init(), and closes and -reopens the Admin policy database with adb_policy_close() and -adb_policy_open(). Although it is unlikely, any other these functions +database with krb5_db_fini() and krb5_db_init(). +Although it is unlikely, either of these functions could return errors; in that case, this function calls kadm5_destroy and returns the error code. Therefore, if kadm5_flush does not return KADM5_OK, the connection to the diff --git a/src/lib/kadm5/server_internal.h b/src/lib/kadm5/server_internal.h index e506e12ea7..623187dd56 100644 --- a/src/lib/kadm5/server_internal.h +++ b/src/lib/kadm5/server_internal.h @@ -70,8 +70,6 @@ typedef struct _osa_princ_ent_t { } osa_princ_ent_rec, *osa_princ_ent_t; -kadm5_ret_t adb_policy_init(kadm5_server_handle_t handle); -kadm5_ret_t adb_policy_close(kadm5_server_handle_t handle); kadm5_ret_t passwd_check(kadm5_server_handle_t handle, const char *pass, kadm5_policy_ent_t policy, krb5_principal principal); diff --git a/src/lib/kadm5/srv/libkadm5srv_mit.exports b/src/lib/kadm5/srv/libkadm5srv_mit.exports index 07d447a152..8602e76587 100644 --- a/src/lib/kadm5/srv/libkadm5srv_mit.exports +++ b/src/lib/kadm5/srv/libkadm5srv_mit.exports @@ -5,8 +5,6 @@ kadm5int_acl_check_krb kadm5int_acl_finish kadm5int_acl_impose_restrictions kadm5int_acl_init -adb_policy_close -adb_policy_init hist_princ kadm5_set_use_password_server kadm5_chpass_principal diff --git a/src/lib/kadm5/srv/server_init.c b/src/lib/kadm5/srv/server_init.c index 5e61f2854c..f46f89d988 100644 --- a/src/lib/kadm5/srv/server_init.c +++ b/src/lib/kadm5/srv/server_init.c @@ -346,7 +346,6 @@ kadm5_ret_t kadm5_destroy(void *server_handle) destroy_pwqual(handle); k5_kadm5_hook_free_handles(handle->context, handle->hook_handles); - adb_policy_close(handle); krb5_db_fini(handle->context); krb5_free_principal(handle->context, handle->current_caller); kadm5_free_config_params(handle->context, &handle->params); @@ -393,9 +392,7 @@ kadm5_ret_t kadm5_flush(void *server_handle) if ((ret = krb5_db_fini(handle->context)) || (ret = krb5_db_open(handle->context, handle->db_args, - KRB5_KDB_OPEN_RW | KRB5_KDB_SRV_TYPE_ADMIN)) || - (ret = adb_policy_close(handle)) || - (ret = adb_policy_init(handle))) { + KRB5_KDB_OPEN_RW | KRB5_KDB_SRV_TYPE_ADMIN))) { (void) kadm5_destroy(server_handle); return ret; } diff --git a/src/lib/kadm5/srv/server_misc.c b/src/lib/kadm5/srv/server_misc.c index 18d047b995..b361847bd5 100644 --- a/src/lib/kadm5/srv/server_misc.c +++ b/src/lib/kadm5/srv/server_misc.c @@ -34,24 +34,6 @@ #include "server_internal.h" #include -kadm5_ret_t -adb_policy_init(kadm5_server_handle_t handle) -{ - /* now policy is initialized as part of database. No seperate call needed */ - if (krb5_db_inited(handle->context) == 0) - return KADM5_OK; - - return krb5_db_open( handle->context, NULL, - KRB5_KDB_OPEN_RW | KRB5_KDB_SRV_TYPE_ADMIN ); -} - -kadm5_ret_t -adb_policy_close(kadm5_server_handle_t handle) -{ - /* will be taken care by database close */ - return KADM5_OK; -} - kadm5_ret_t init_pwqual(kadm5_server_handle_t handle) {