Use context profile for libkadm5 configuration

In kadm5_get_config_params(), uxe the context profile instead of creating a new one with krb5_aprof_init(). In kproplog, obtain the context with kadm5_init_krb5_context() so that KDC configuration is used. ticket: 9059 (new)
krb5 · May 18, 2022 · 49a8578 · 49a8578
1 parent 0bfd22f
commit 49a8578
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 23 deletions.
diff --git a/src/kprop/kproplog.c b/src/kprop/kproplog.c
@@ -458,7 +458,7 @@ main(int argc, char **argv)
         }
     }
 
-    if (krb5_init_context(&context)) {
+    if (kadm5_init_krb5_context(&context)) {
         fprintf(stderr, _("Unable to initialize Kerberos\n\n"));
         exit(1);
     }

diff --git a/src/lib/kadm5/admin.h b/src/lib/kadm5/admin.h
@@ -291,6 +291,8 @@ typedef struct _kadm5_key_data {
  * functions
  */
 
+/* The use_kdc_config parameter is no longer used, as configuration is
+ * retrieved from the context profile. */
 krb5_error_code kadm5_get_config_params(krb5_context context,
                                         int use_kdc_config,
                                         kadm5_config_params *params_in,

diff --git a/src/lib/kadm5/alt_prof.c b/src/lib/kadm5/alt_prof.c
@@ -510,8 +510,8 @@ krb5_error_code kadm5_get_config_params(krb5_context context,
                                         kadm5_config_params *params_in,
                                         kadm5_config_params *params_out)
 {
-    char *filename, *envname, *lrealm, *svalue, *sp, *ep, *tp;
-    krb5_pointer aprofile = 0;
+    char *lrealm, *svalue, *sp, *ep, *tp;
+    krb5_pointer aprofile = context->profile;
     const char *hierarchy[4];
     krb5_int32 ivalue;
     kadm5_config_params params, empty_params;
@@ -543,25 +543,6 @@ krb5_error_code kadm5_get_config_params(krb5_context context,
         params.kvno = params_in->kvno;
         params.mask |= KADM5_CONFIG_KVNO;
     }
-    /*
-     * XXX These defaults should to work on both client and
-     * server.  kadm5_get_config_params can be implemented as a
-     * wrapper function in each library that provides correct
-     * defaults for NULL values.
-     */
-    if (use_kdc_config) {
-        filename = DEFAULT_KDC_PROFILE;
-        envname = KDC_PROFILE_ENV;
-    } else {
-        filename = DEFAULT_PROFILE_PATH;
-        envname = "KRB5_CONFIG";
-    }
-    if (context->profile_secure == TRUE)
-        envname = NULL;
-
-    ret = krb5_aprof_init(filename, envname, &aprofile);
-    if (ret)
-        goto cleanup;
 
     /* Initialize realm parameters. */
     hierarchy[0] = KRB5_CONF_REALMS;
@@ -814,7 +795,6 @@ krb5_error_code kadm5_get_config_params(krb5_context context,
     *params_out = params;
 
 cleanup:
-    krb5_aprof_finish(aprofile);
     if (ret) {
         kadm5_free_config_params(context, &params);
         params_out->mask = 0;