Module Name: src Committed By: elric Date: Sun Apr 24 19:00:32 UTC 2011
Modified Files: src/lib/libtelnet: kerberos5.c Log Message: Stop using functions that are deprecated in Heimdal. To generate a diff of this commit: cvs rdiff -u -r1.17 -r1.18 src/lib/libtelnet/kerberos5.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/lib/libtelnet/kerberos5.c diff -u src/lib/libtelnet/kerberos5.c:1.17 src/lib/libtelnet/kerberos5.c:1.18 --- src/lib/libtelnet/kerberos5.c:1.17 Wed Mar 22 16:32:39 2006 +++ src/lib/libtelnet/kerberos5.c Sun Apr 24 19:00:31 2011 @@ -1,4 +1,4 @@ -/* $NetBSD: kerberos5.c,v 1.17 2006/03/22 16:32:39 christos Exp $ */ +/* $NetBSD: kerberos5.c,v 1.18 2011/04/24 19:00:31 elric Exp $ */ /*- * Copyright (c) 1991, 1993 @@ -74,6 +74,7 @@ int require_hwpreauth; +const char *get_krb5_err_text(krb5_context, krb5_error_code); void kerberos5_forward(Authenticator *); static unsigned char str_data[1024] = {IAC, SB, TELOPT_AUTHENTICATION, 0, @@ -125,6 +126,22 @@ return (telnet_net_write(str_data, p - str_data)); } +const char * +get_krb5_err_text(krb5_context ctx, krb5_error_code ret) +{ + static const char *str = NULL; + + if (str) + krb5_free_error_message(ctx, str); + + str = krb5_get_error_message(ctx, ret); + + if (str != NULL) + return str; + + return "unknown"; +} + int kerberos5_init(Authenticator *ap, int server) { @@ -180,7 +197,7 @@ if (auth_debug_mode) { printf( "Kerberos V5: could not get default ccache: %s\r\n", - krb5_get_err_text(telnet_context, ret)); + get_krb5_err_text(telnet_context, ret)); } return (0); } @@ -196,7 +213,7 @@ if (auth_debug_mode) { printf( "Kerberos V5: krb5_auth_con_init failed: %s\r\n", - krb5_get_err_text(telnet_context, ret)); + get_krb5_err_text(telnet_context, ret)); } return (0); } @@ -206,7 +223,7 @@ if (auth_debug_mode) { printf("Kerberos V5: " "krb5_auth_con_setaddrs_from_fd failed: %s\r\n", - krb5_get_err_text(telnet_context, ret)); + get_krb5_err_text(telnet_context, ret)); } return (0); } @@ -222,7 +239,7 @@ if (ret) { if (1 || auth_debug_mode) { printf("Kerberos V5: mk_req failed (%s)\r\n", - krb5_get_err_text(telnet_context, ret)); + get_krb5_err_text(telnet_context, ret)); } return (0); } @@ -269,7 +286,7 @@ auth_finished(ap, AUTH_REJECT); if (auth_debug_mode) printf("Kerberos V5: krb5_auth_con_init failed (%s)\r\n", - krb5_get_err_text(telnet_context, ret)); + get_krb5_err_text(telnet_context, ret)); return; } ret = krb5_auth_con_setaddrs_from_fd(telnet_context, @@ -280,7 +297,7 @@ if (auth_debug_mode) printf("Kerberos V5: " "krb5_auth_con_setaddrs_from_fd failed (%s)\r\n", - krb5_get_err_text(telnet_context, ret)); + get_krb5_err_text(telnet_context, ret)); return; } ret = krb5_sock_to_principal(telnet_context, 0, "host", @@ -291,7 +308,7 @@ if (auth_debug_mode) printf("Kerberos V5: " "krb5_sock_to_principal failed (%s)\r\n", - krb5_get_err_text(telnet_context, ret)); + get_krb5_err_text(telnet_context, ret)); return; } ret = krb5_rd_req(telnet_context, &auth_context, &auth, @@ -303,7 +320,7 @@ asprintf(&errbuf, "Read req failed: %s", - krb5_get_err_text(telnet_context, ret)); + get_krb5_err_text(telnet_context, ret)); Data(ap, KRB_REJECT, errbuf, -1); if (auth_debug_mode) printf("%s\r\n", errbuf); @@ -321,7 +338,7 @@ if (ret) { char *errbuf; asprintf(&errbuf, "Bad checksum: %s", - krb5_get_err_text(telnet_context, ret)); + get_krb5_err_text(telnet_context, ret)); Data(ap, KRB_REJECT, errbuf, -1); if (auth_debug_mode) printf("%s\r\n", errbuf); @@ -338,7 +355,7 @@ if (auth_debug_mode) printf("Kerberos V5: " "krb5_auth_con_getremotesubkey failed (%s)\r\n", - krb5_get_err_text(telnet_context, ret)); + get_krb5_err_text(telnet_context, ret)); return; } if (key_block == NULL) { @@ -352,7 +369,7 @@ if (auth_debug_mode) printf("Kerberos V5: " "krb5_auth_con_getkey failed (%s)\r\n", - krb5_get_err_text(telnet_context, ret)); + get_krb5_err_text(telnet_context, ret)); return; } if (key_block == NULL) { @@ -373,7 +390,7 @@ if (auth_debug_mode) printf("Kerberos V5: " "krb5_mk_rep failed (%s)\r\n", - krb5_get_err_text(telnet_context, + get_krb5_err_text(telnet_context, ret)); krb5_free_keyblock(telnet_context, key_block); return; @@ -440,7 +457,7 @@ if (ret) { if (auth_debug_mode) printf("Kerberos V5: could not get ccache: %s\r\n", - krb5_get_err_text(telnet_context, + get_krb5_err_text(telnet_context, ret)); break; } @@ -449,7 +466,7 @@ if (ret) { if (auth_debug_mode) printf("Kerberos V5: could not init ccache: %s\r\n", - krb5_get_err_text(telnet_context, + get_krb5_err_text(telnet_context, ret)); break; } @@ -460,7 +477,7 @@ asprintf(&errbuf, "Read forwarded creds failed: %s", - krb5_get_err_text(telnet_context, ret)); + get_krb5_err_text(telnet_context, ret)); if (errbuf == NULL) Data(ap, KRB_FORWARD_REJECT, NULL, 0); else @@ -523,7 +540,7 @@ auth_context, &keyblock); if (ret) { printf("[ krb5_auth_con_getkey: %s ]\r\n", - krb5_get_err_text(telnet_context, ret)); + get_krb5_err_text(telnet_context, ret)); auth_send_retry(); return; } @@ -551,7 +568,7 @@ auth_context, &inbuf, &reply); if (ret) { printf("[ Mutual authentication failed: %s ]\r\n", - krb5_get_err_text(telnet_context, ret)); + get_krb5_err_text(telnet_context, ret)); auth_send_retry(); return; } @@ -663,14 +680,14 @@ if (ret) { if (auth_debug_mode) printf("KerberosV5: could not get default ccache: %s\r\n", - krb5_get_err_text(telnet_context, ret)); + get_krb5_err_text(telnet_context, ret)); return; } ret = krb5_cc_get_principal(telnet_context, ccache, &principal); if (ret) { if (auth_debug_mode) printf("KerberosV5: could not get principal: %s\r\n", - krb5_get_err_text(telnet_context, ret)); + get_krb5_err_text(telnet_context, ret)); return; } memset(&creds, 0, sizeof(creds)); @@ -684,7 +701,7 @@ if (ret) { if (auth_debug_mode) printf("KerberosV5: could not get principal: %s\r\n", - krb5_get_err_text(telnet_context, ret)); + get_krb5_err_text(telnet_context, ret)); return; } creds.times.endtime = 0; @@ -699,7 +716,7 @@ if (ret) { if (auth_debug_mode) printf("Kerberos V5: error getting forwarded creds: %s\r\n", - krb5_get_err_text(telnet_context, ret)); + get_krb5_err_text(telnet_context, ret)); return; } if (!Data(ap, KRB_FORWARD, out_data.data, out_data.length)) {