summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPaulo Cesar Pereira de Andrade <pcpa@mandriva.com.br>2009-02-02 16:54:20 -0200
committerPaulo Cesar Pereira de Andrade <pcpa@mandriva.com.br>2009-02-02 16:54:20 -0200
commitc147fb417582e7384b5464bb53cfd492f9d7c69d (patch)
tree97f0c296a49679845b73a763ec31f48ac8d1d2e6
parent11fbe620625520668f5e88e4f5a8fe149a7cfa3f (diff)
Remove old api kerberos.
LibXau uses a 1993 kerberos api, but the X Server side support has been already removed for quite some time. This corrects bug report https://bugs.freedesktop.org/show_bug.cgi?id=14684
-rw-r--r--Makefile.am4
-rw-r--r--README4
-rw-r--r--configure.ac3
-rw-r--r--include/X11/Xauth.h18
-rw-r--r--k5encode.c186
5 files changed, 1 insertions, 214 deletions
diff --git a/Makefile.am b/Makefile.am
index f877dbc..01e2414 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -18,10 +18,6 @@ libXau_la_SOURCES = \
AuUnlock.c \
AuWrite.c
-if KERBEROS
-libXau_la_SOURCES +=k5encode.c
-endif KERBEROS
-
xauincludedir=$(includedir)/X11
xauinclude_HEADERS = include/X11/Xauth.h
diff --git a/README b/README
index 404eef0..9ee12e7 100644
--- a/README
+++ b/README
@@ -39,9 +39,7 @@ This scheme involves changes to the following parts of the sample release:
- remove entries from user's auth file
This mechanism assumes that the superuser and the transport layer between
-the client and the server is secure. Organizations that desire stricter
-security are encouraged to look at systems such as Kerberos (at Project
-Athena).
+the client and the server is secure.
Description
diff --git a/configure.ac b/configure.ac
index 43c7992..a5888f1 100644
--- a/configure.ac
+++ b/configure.ac
@@ -47,9 +47,6 @@ XAU_CFLAGS="$CWARNFLAGS $XAU_CFLAGS"
AC_SUBST(XAU_CFLAGS)
AC_SUBST(XAU_LIBS)
-kerberos=false
-AM_CONDITIONAL(KERBEROS, test x$kerberos = xtrue)
-
AC_ARG_ENABLE(xthreads,
AC_HELP_STRING([--disable-xthreads],
[Disable libXau support for Multithreading]),
diff --git a/include/X11/Xauth.h b/include/X11/Xauth.h
index 181618a..741da24 100644
--- a/include/X11/Xauth.h
+++ b/include/X11/Xauth.h
@@ -53,7 +53,6 @@ typedef struct xauth {
# define FamilyLocal (256) /* not part of X standard (i.e. X.h) */
# define FamilyWild (65535)
# define FamilyNetname (254) /* not part of X standard */
-# define FamilyKrb5Principal (253) /* Kerberos 5 principal name */
# define FamilyLocalHost (252) /* for local non-net authentication */
@@ -128,23 +127,6 @@ void XauDisposeAuth(
Xauth* /* auth */
);
-#ifdef K5AUTH
-#include <krb5/krb5.h>
-/* 9/93: krb5.h leaks some symbols */
-#undef BITS32
-#undef xfree
-
-int XauKrb5Encode(
- krb5_principal /* princ */,
- krb5_data * /* outbuf */
-);
-
-int XauKrb5Decode(
- krb5_data /* inbuf */,
- krb5_principal * /* princ */
-);
-#endif /* K5AUTH */
-
_XFUNCPROTOEND
/* Return values from XauLockAuth */
diff --git a/k5encode.c b/k5encode.c
deleted file mode 100644
index a3c6c09..0000000
--- a/k5encode.c
+++ /dev/null
@@ -1,186 +0,0 @@
-/* $Xorg: k5encode.c,v 1.4 2001/02/09 02:03:42 xorgcvs Exp $ */
-
-/*
-
-Copyright 1993, 1994, 1998 The Open Group
-
-Permission to use, copy, modify, distribute, and sell this software and its
-documentation for any purpose is hereby granted without fee, provided that
-the above copyright notice appear in all copies and that both that
-copyright notice and this permission notice appear in supporting
-documentation.
-
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
-AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
-CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-
-Except as contained in this notice, the name of The Open Group shall not be
-used in advertising or otherwise to promote the sale, use or other dealings
-in this Software without prior written authorization from The Open Group.
-
-*/
-
-/*
- * functions to encode/decode Kerberos V5 principals
- * into something that can be reasonable spewed over
- * the wire
- *
- * Author: Tom Yu <tlyu@MIT.EDU>
- *
- * Still needs to be fixed up wrt signed/unsigned lengths, but we'll worry
- * about that later.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-#include <krb5/krb5.h>
-/* 9/93: krb5.h leaks some symbols */
-#undef BITS32
-#undef xfree
-
-#include <X11/X.h>
-#include <X11/Xos.h>
-#include <X11/Xmd.h>
-#include <X11/Xfuncs.h>
-
-/*
- * XauKrb5Encode
- *
- * this function encodes the principal passed to it in a format that can
- * easily be dealt with by stuffing it into an X packet. Encoding is as
- * follows:
- * length count of the realm name
- * realm
- * component count
- * length of component
- * actual principal component
- * etc....
- *
- * Note that this function allocates a hunk of memory, which must be
- * freed to avoid nasty memory leak type things. All counts are
- * byte-swapped if needed. (except for the total length returned)
- *
- * nevermind.... stuffing the encoded packet in net byte order just to
- * always do the right thing. Don't have to frob with alignment that way.
- */
-int
-XauKrb5Encode(princ, outbuf)
- krb5_principal princ; /* principal to encode */
- krb5_data *outbuf; /* output buffer */
-{
- CARD16 i, numparts, totlen = 0, plen, rlen;
- char *cp, *pdata;
-
- rlen = krb5_princ_realm(princ)->length;
- numparts = krb5_princ_size(princ);
- totlen = 2 + rlen + 2; /* include room for realm length
- and component count */
- for (i = 0; i < numparts; i++)
- totlen += krb5_princ_component(princ, i)->length + 2;
- /* add 2 bytes each time for length */
- if ((outbuf->data = (char *)malloc(totlen)) == NULL)
- return -1;
- cp = outbuf->data;
- *cp++ = (char)((int)(0xff00 & rlen) >> 8);
- *cp++ = (char)(0x00ff & rlen);
- memcpy(cp, krb5_princ_realm(princ)->data, rlen);
- cp += rlen;
- *cp++ = (char)((int)(0xff00 & numparts) >> 8);
- *cp++ = (char)(0x00ff & numparts);
- for (i = 0; i < numparts; i++)
- {
- plen = krb5_princ_component(princ, i)->length;
- pdata = krb5_princ_component(princ, i)->data;
- *cp++ = (char)((int)(0xff00 & plen) >> 8);
- *cp++ = (char)(0x00ff & plen);
- memcpy(cp, pdata, plen);
- cp += plen;
- }
- outbuf->length = totlen;
- return 0;
-}
-
-/*
- * XauKrb5Decode
- *
- * This function essentially reverses what XauKrb5Encode does.
- * return value: 0 if okay, -1 if malloc fails, -2 if inbuf format bad
- */
-int
-XauKrb5Decode(inbuf, princ)
- krb5_data inbuf;
- krb5_principal *princ;
-{
- CARD16 i, numparts, plen, rlen;
- CARD8 *cp, *pdata;
-
- if (inbuf.length < 4)
- {
- return -2;
- }
- *princ = (krb5_principal)malloc(sizeof (krb5_principal_data));
- if (*princ == NULL)
- return -1;
- bzero(*princ, sizeof (krb5_principal_data));
- cp = (CARD8 *)inbuf.data;
- rlen = *cp++ << 8;
- rlen |= *cp++;
- if (inbuf.length < 4 + (int)rlen + 2)
- {
- krb5_free_principal(*princ);
- return -2;
- }
- krb5_princ_realm(*princ)->data = (char *)malloc(rlen);
- if (krb5_princ_realm(*princ)->data == NULL)
- {
- krb5_free_principal(*princ);
- return -1;
- }
- krb5_princ_realm(*princ)->length = rlen;
- memcpy(krb5_princ_realm(*princ)->data, cp, rlen);
- cp += rlen;
- numparts = *cp++ << 8;
- numparts |= *cp++;
- krb5_princ_name(*princ) =
- (krb5_data *)malloc(numparts * sizeof (krb5_data));
- if (krb5_princ_name(*princ) == NULL)
- {
- krb5_free_principal(*princ);
- return -1;
- }
- krb5_princ_size(*princ) = 0;
- for (i = 0; i < numparts; i++)
- {
- if (cp + 2 > (CARD8 *)inbuf.data + inbuf.length)
- {
- krb5_free_principal(*princ);
- return -2;
- }
- plen = *cp++ << 8;
- plen |= *cp++;
- if (cp + plen > (CARD8 *)inbuf.data + inbuf.length)
- {
- krb5_free_principal(*princ);
- return -2;
- }
- pdata = (CARD8 *)malloc(plen);
- if (pdata == NULL)
- {
- krb5_free_principal(*princ);
- return -1;
- }
- krb5_princ_component(*princ, i)->data = (char *)pdata;
- krb5_princ_component(*princ, i)->length = plen;
- memcpy(pdata, cp, plen);
- cp += plen;
- krb5_princ_size(*princ)++;
- }
- return 0;
-}