Get rid of krb5_read_realm_params

Read realm parameters directly from the profile in the KDC's
init_realm(), getting rid of the intermediate krb5_realm_params
structure.  Then get rid of krb5_realm_params and
krb5_read_realm_params, since nothing else uses it.

4 files changed, 0 insertions, 180 deletions

diff --git a/src/lib/kadm5/admin.h b/src/lib/kadm5/admin.h
index 47102cd3de..189ca45cf3 100644
--- a/src/lib/kadm5/admin.h
+++ b/src/lib/kadm5/admin.h
@@ -278,36 +278,6 @@ typedef struct _kadm5_config_params {
     int                 iprop_resync_timeout;
 } kadm5_config_params;
 
-/***********************************************************************
- * This is the old krb5_realm_read_params, which I mutated into
- * kadm5_get_config_params but which old code (kdb5_* and krb5kdc)
- * still uses.
- ***********************************************************************/
-
-/*
- * Data structure returned by krb5_read_realm_params()
- */
-typedef struct __krb5_realm_params {
-    char *              realm_mkey_name;
-    char *              realm_stash_file;
-    char *              realm_kdc_ports;
-    char *              realm_kdc_tcp_ports;
-    char *              realm_hostbased;
-    char *              realm_no_referral;
-    krb5_enctype        realm_enctype;
-    krb5_deltat         realm_max_life;
-    krb5_deltat         realm_max_rlife;
-    unsigned int        realm_reject_bad_transit:1;
-    unsigned int        realm_restrict_anon:1;
-    unsigned int        realm_enctype_valid:1;
-    unsigned int        realm_max_life_valid:1;
-    unsigned int        realm_max_rlife_valid:1;
-    unsigned int        realm_reject_bad_transit_valid:1;
-    unsigned int        realm_restrict_anon_valid:1;
-    unsigned int        realm_assume_des_crc_sess:1;
-    unsigned int        realm_assume_des_crc_sess_valid:1;
-} krb5_realm_params;
-
 /*
  * functions
  */
@@ -320,9 +290,6 @@ krb5_error_code kadm5_get_config_params(krb5_context context,
 krb5_error_code kadm5_free_config_params(krb5_context context,
                                          kadm5_config_params *params);
 
-krb5_error_code kadm5_free_realm_params(krb5_context kcontext,
-                                        kadm5_config_params *params);
-
 krb5_error_code kadm5_get_admin_service_name(krb5_context, char *,
                                              char *, size_t);
 
diff --git a/src/lib/kadm5/alt_prof.c b/src/lib/kadm5/alt_prof.c
index 075e077dae..07158fcd5e 100644
--- a/src/lib/kadm5/alt_prof.c
+++ b/src/lib/kadm5/alt_prof.c
@@ -869,146 +869,3 @@ err_params:
     kadm5_free_config_params(ctx, &params_out);
     return ret;
 }
-
-/***********************************************************************
- * This is the old krb5_realm_read_params, which I mutated into
- * kadm5_get_config_params but which old KDC code still uses.
- ***********************************************************************/
-
-/*
- * krb5_read_realm_params() - Read per-realm parameters from KDC alternate
- *                            profile.
- */
-krb5_error_code
-krb5_read_realm_params(krb5_context context, char *realm,
-                       krb5_realm_params **rparamp)
-{
-    char *envname, *lrealm, *svalue;
-    char *no_referral = NULL, *hostbased = NULL;
-    krb5_pointer aprofile = NULL;
-    krb5_realm_params *rparams = NULL;
-    const char *hierarchy[4];
-    krb5_boolean bvalue;
-    krb5_deltat dtvalue;
-    krb5_error_code ret;
-
-    if (realm != NULL) {
-        lrealm = strdup(realm);
-    } else {
-        ret = krb5_get_default_realm(context, &lrealm);
-        if (ret)
-            goto cleanup;
-    }
-
-    envname = context->profile_secure ? NULL : KDC_PROFILE_ENV;
-    ret = krb5_aprof_init(DEFAULT_KDC_PROFILE, envname, &aprofile);
-    if (ret)
-        goto cleanup;
-
-    rparams = calloc(1, sizeof(krb5_realm_params));
-    if (rparams == NULL) {
-        ret = ENOMEM;
-        goto cleanup;
-    }
-
-    /* Set up the hierarchy so we can query multiple realm variables. */
-    hierarchy[0] = KRB5_CONF_REALMS;
-    hierarchy[1] = lrealm;
-    hierarchy[3] = NULL;
-
-    /* Get the value for the KDC port list */
-    hierarchy[2] = KRB5_CONF_KDC_PORTS;
-    if (!krb5_aprof_get_string(aprofile, hierarchy, TRUE, &svalue))
-        rparams->realm_kdc_ports = svalue;
-    hierarchy[2] = KRB5_CONF_KDC_TCP_PORTS;
-    if (!krb5_aprof_get_string(aprofile, hierarchy, TRUE, &svalue))
-        rparams->realm_kdc_tcp_ports = svalue;
-
-    /* Get the value for the master key name */
-    hierarchy[2] = KRB5_CONF_MASTER_KEY_NAME;
-    if (!krb5_aprof_get_string(aprofile, hierarchy, TRUE, &svalue))
-        rparams->realm_mkey_name = svalue;
-
-    /* Get the value for the master key type */
-    hierarchy[2] = KRB5_CONF_MASTER_KEY_TYPE;
-    if (!krb5_aprof_get_string(aprofile, hierarchy, TRUE, &svalue)) {
-        if (!krb5_string_to_enctype(svalue, &rparams->realm_enctype))
-            rparams->realm_enctype_valid = 1;
-        free(svalue);
-    }
-
-    /* Get the value for the stashfile */
-    hierarchy[2] = KRB5_CONF_KEY_STASH_FILE;
-    if (!krb5_aprof_get_string(aprofile, hierarchy, TRUE, &svalue))
-        rparams->realm_stash_file = svalue;
-
-    /* Get the value for maximum ticket lifetime. */
-    hierarchy[2] = KRB5_CONF_MAX_LIFE;
-    if (!krb5_aprof_get_deltat(aprofile, hierarchy, TRUE, &dtvalue)) {
-        rparams->realm_max_life = dtvalue;
-        rparams->realm_max_life_valid = 1;
-    }
-
-    /* Get the value for maximum renewable ticket lifetime. */
-    hierarchy[2] = KRB5_CONF_MAX_RENEWABLE_LIFE;
-    if (!krb5_aprof_get_deltat(aprofile, hierarchy, TRUE, &dtvalue)) {
-        rparams->realm_max_rlife = dtvalue;
-        rparams->realm_max_rlife_valid = 1;
-    }
-
-    hierarchy[2] = KRB5_CONF_REJECT_BAD_TRANSIT;
-    if (!krb5_aprof_get_boolean(aprofile, hierarchy, TRUE, &bvalue)) {
-        rparams->realm_reject_bad_transit = bvalue;
-        rparams->realm_reject_bad_transit_valid = 1;
-    }
-
-    hierarchy[2] = KRB5_CONF_RESTRICT_ANONYMOUS_TO_TGT;
-    if (!krb5_aprof_get_boolean(aprofile, hierarchy, TRUE, &bvalue)) {
-        rparams->realm_restrict_anon = bvalue;
-        rparams->realm_restrict_anon_valid = 1;
-    }
-
-    hierarchy[2] = KRB5_CONF_ASSUME_DES_CRC_SESSION;
-    if (!krb5_aprof_get_boolean(aprofile, hierarchy, TRUE, &bvalue)) {
-        rparams->realm_assume_des_crc_sess = bvalue;
-        rparams->realm_assume_des_crc_sess_valid = 1;
-    }
-
-    hierarchy[2] = KRB5_CONF_NO_HOST_REFERRAL;
-    if (!krb5_aprof_get_string_all(aprofile, hierarchy, &no_referral))
-        rparams->realm_no_referral = no_referral;
-
-    hierarchy[2] = KRB5_CONF_HOST_BASED_SERVICES;
-    if (!krb5_aprof_get_string_all(aprofile, hierarchy, &hostbased))
-        rparams->realm_hostbased = hostbased;
-
-cleanup:
-    if (aprofile)
-        krb5_aprof_finish(aprofile);
-    free(lrealm);
-    if (ret) {
-        if (rparams)
-            krb5_free_realm_params(context, rparams);
-        rparams = 0;
-    }
-    *rparamp = rparams;
-    return ret;
-}
-
-/*
- * krb5_free_realm_params() - Free data allocated by above.
- */
-krb5_error_code
-krb5_free_realm_params(krb5_context context, krb5_realm_params *rparams)
-{
-    if (rparams == NULL)
-        return 0;
-    free(rparams->realm_mkey_name);
-    free(rparams->realm_stash_file);
-    free(rparams->realm_kdc_ports);
-    free(rparams->realm_kdc_tcp_ports);
-    free(rparams->realm_no_referral);
-    free(rparams->realm_hostbased);
-    free(rparams);
-    return 0;
-}
diff --git a/src/lib/kadm5/clnt/libkadm5clnt_mit.exports b/src/lib/kadm5/clnt/libkadm5clnt_mit.exports
index 4732766ae9..f6f93b96a2 100644
--- a/src/lib/kadm5/clnt/libkadm5clnt_mit.exports
+++ b/src/lib/kadm5/clnt/libkadm5clnt_mit.exports
@@ -52,7 +52,6 @@ krb5_aprof_getvals
 krb5_aprof_init
 krb5_flags_to_string
 krb5_free_key_data_contents
-krb5_free_realm_params
 krb5_input_flag_to_string
 krb5_keysalt_is_present
 krb5_keysalt_iterate
@@ -60,7 +59,6 @@ krb5_klog_close
 krb5_klog_init
 krb5_klog_reopen
 krb5_klog_syslog
-krb5_read_realm_params
 krb5_string_to_flags
 krb5_string_to_keysalts
 xdr_chpass3_arg
diff --git a/src/lib/kadm5/srv/libkadm5srv_mit.exports b/src/lib/kadm5/srv/libkadm5srv_mit.exports
index 0788ac1fe3..07d447a152 100644
--- a/src/lib/kadm5/srv/libkadm5srv_mit.exports
+++ b/src/lib/kadm5/srv/libkadm5srv_mit.exports
@@ -69,7 +69,6 @@ krb5_aprof_init
 krb5_copy_key_data_contents
 krb5_flags_to_string
 krb5_free_key_data_contents
-krb5_free_realm_params
 krb5_input_flag_to_string
 krb5_keysalt_is_present
 krb5_keysalt_iterate
@@ -77,7 +76,6 @@ krb5_klog_close
 krb5_klog_init
 krb5_klog_reopen
 krb5_klog_syslog
-krb5_read_realm_params
 krb5_string_to_flags
 krb5_string_to_keysalts
 master_db