drop support for Kerberos5 FTP

[bagder]

It was accidentally broken in commit 0f4c439, shipped since 8.8.0 (May 2024) and yet not a single person has noticed or reported, indicating that we might as well drop support for FTP Kerberos.

Krb5 support was added in 54967d2 (July 2007), and we have been carrying the extra license information around since then for this code. This commit removes the last traces of that code and thus we can remove the extra copyright notices along with it.

Reported-by: Joshua Rogers

[dfandrich]

Now we'll find out if anyone is *actually* using it once RHEL upgrades to 8.17.0. So, sometime in 2028.

[lindevel]

Is there any workaround for users if some program is broken due to this change?

[dfandrich]

It was removed because we believed that no-one was using it and was therefore dead code. If you were depending on it, you could petition for its reinstatement, but that would likely have to come with some kind of commitment to test and maintain it. Alternately, you could try arranging a support contract.

[lindevel]

This change breaks programs even if you don't use this functionality.

[dfandrich]

If there's a bug in curl, please open a new issue with all the relevant details.

[lindevel]

Here workaround:
Install (install gcc package before this command):

sudo bash -c 'mkdir -p /usr/opt/curl-fix && cat << "EOF" | gcc -fPIC -shared -x c -std=c99 - -o /usr/opt/curl-fix/preload.so -ldl -lcurl
#include <stdint.h>
#include <stddef.h>
#include <stdlib.h>
#include <stdio.h>
#include <stdarg.h>
#include <dlfcn.h>

uint32_t (*real)(void *, uint32_t, ...) = NULL;

__attribute__((constructor))
static void init(void) {
    dlerror();
    *(void **)(&real) = dlsym(RTLD_NEXT, "curl_easy_setopt");
    char *err = dlerror();
    if (err) {
        fprintf(stderr, "ERROR: dlsym(RTLD_NEXT, \"curl_easy_setopt\") failed: %s\n", err);
        _Exit(1);
    }

    if (!real) {
        fprintf(stderr, "ERROR: dlsym(RTLD_NEXT, \"curl_easy_setopt\") returned NULL\n");
        _Exit(1);
    }
}

uint32_t curl_easy_setopt(void *curl, uint32_t option, ...) {
    void *args = __builtin_apply_args();

    if (option == 10063) {
        va_list ap;
        va_start(ap, option);
        const char *level = va_arg(ap, const char *);
        va_end(ap);

        if (level == NULL) {
            return 0;
        }
    }

    void *ret = __builtin_apply((void (*)())real, args, 1000);
    __builtin_return(ret);
}
EOF'

Usage: env LD_PRELOAD=/usr/opt/curl-fix/preload.so program_name
Uninstall: sudo bash -c 'rm -f /usr/opt/curl-fix/preload.so && rmdir /usr/opt/curl-fix'

[dfandrich]

I have no idea what that is supposed to solve, but I'm guessing you're trying to work around some broken application. Please open a bug if you are having issues, but only once you understand if the issue is with libcurl or with the application.

[lindevel]

I have no idea what that is supposed to solve, but I'm guessing you're trying to work around some broken application. Please open a bug if you are having issues, but only once you understand if the issue is with libcurl or with the application.

This fixes backward compatibility with existing programs that were written before this change was made.
https://curl.se/libcurl/c/CURLOPT_KRBLEVEL.html

[bagder]

This change breaks programs even if you don't use this functionality.

The krb5 functionality was completely broken in releases for 18 months and not a single person reported it. That was a strong signal to us that no one is using it.

You can bring it back, but that's not an easy trip so you better be prepared to put in significant amount of work (or pay someone else to do that work) to make it happen.