De-Kerberise (KerberosIV). KerberosIV is no longer present, and

remote backups can still be done with Kerberos authentication using
SSH and Kerberos 5.

sbin/dump/Makefile

@@ -22,17 +22,4 @@ SRCS=	itime.c main.c optr.c dumprmt.c tape.c traverse.c unctime.c cache.c
 MAN=	dump.8
 MLINKS+=dump.8 rdump.8
 
-.if defined(MAKE_KERBEROS4) && !defined(NO_OPENSSL) && !defined(NOCRYPT)
-.PATH:	${.CURDIR}/../../crypto/kerberosIV/appl/bsd
-SRCS+=	krcmd.c kcmd.c rcmd_util.c
-DPADD=	${LIBKRB} ${LIBCRYPTO}
-LDADD+=	-lkrb -lcrypto
-CFLAGS+=-DKERBEROS -DHAVE_CONFIG_H \
-	-I${.CURDIR}/../../kerberosIV/include \
-	-I${.CURDIR}/../../crypto/kerberosIV/include \
-	-I${.CURDIR}/../../crypto/kerberosIV/lib/roken \
-	-I${.CURDIR}/../../crypto/kerberosIV/appl/bsd
-DISTRIBUTION=	krb4
-.endif
-
 .include <bsd.prog.mk>

sbin/dump/dump.8

@@ -208,12 +208,6 @@ only for dumps at or above the given
 The default honor level is 1,
 so that incremental backups omit such files
 but full backups retain them.
-.It Fl k
-Use Kerberos authentication to talk to remote tape servers.
-(Only
-available if this option was enabled when
-.Nm
-was compiled.)
 .It Fl L
 This option is to notify
 .Nm

sbin/dump/dumprmt.c

@@ -80,12 +80,8 @@ static	int rmtgetb(void);
 static	void rmtgetconn(void);
 static	void rmtgets(char *, int);
 static	int rmtreply(const char *);
-#ifdef KERBEROS
-int	krcmd(char **, int /*u_short*/, char *, char *, int *, char *);
-#endif
 
 static	int errfd = -1;
-extern	int dokerberos;
 extern	int ntrec;		/* blocking factor on tape */
 
 int
@@ -142,10 +138,9 @@ rmtgetconn(void)
 	int on;
 
 	if (sp == NULL) {
-		sp = getservbyname(dokerberos ? "kshell" : "shell", "tcp");
+		sp = getservbyname("shell", "tcp");
 		if (sp == NULL) {
-			msg("%s/tcp: unknown service\n",
+			msg("shell/tcp: unknown service\n");
-			    dokerberos ? "kshell" : "shell");
 			exit(X_STARTUP);
 		}
 		pwd = getpwuid(getuid());
@@ -165,14 +160,8 @@ rmtgetconn(void)
 	if ((rmt = getenv("RMT")) == NULL)
 		rmt = _PATH_RMT;
 	msg("");
-#ifdef KERBEROS
+	rmtape = rcmd(&rmtpeer, (u_short)sp->s_port, pwd->pw_name,
-	if (dokerberos)
+		      tuser, rmt, &errfd);
-		rmtape = krcmd(&rmtpeer, sp->s_port, tuser, rmt, &errfd,
-			       (char *)0);
-	else
-#endif
-		rmtape = rcmd(&rmtpeer, (u_short)sp->s_port, pwd->pw_name,
-			      tuser, rmt, &errfd);
 	if (rmtape < 0) {
 		msg("login to %s as %s failed.\n", rmtpeer, tuser);
 		return;

sbin/dump/main.c

@@ -81,7 +81,6 @@ int	tapeno = 0;	/* current tape number */
 int	density = 0;	/* density in bytes/0.1" " <- this is for hilit19 */
 int	ntrec = NTREC;	/* # tape blocks in each tape record */
 int	cartridge = 0;	/* Assume non-cartridge tape */
-int	dokerberos = 0;	/* Use Kerberos authentication */
 int	cachesize = 0;	/* block cache size (in bytes), defaults to 0 */
 long	dev_bsize = 1;	/* recalculated below */
 long	blocksperfile;	/* output blocks per file */
@@ -127,11 +126,7 @@ main(int argc, char *argv[])
 		usage();
 
 	obsolete(&argc, &argv);
-#ifdef KERBEROS
-#define optstring "0123456789aB:b:C:cD:d:f:h:kLnSs:T:uWw"
-#else
 #define optstring "0123456789aB:b:C:cD:d:f:h:LnSs:T:uWw"
-#endif
 	while ((ch = getopt(argc, argv, optstring)) != -1)
 #undef optstring
 		switch (ch) {
@@ -181,12 +176,6 @@ main(int argc, char *argv[])
 			honorlevel = numarg("honor level", 0L, 10L);
 			break;
 
-#ifdef KERBEROS
-		case 'k':
-			dokerberos = 1;
-			break;
-#endif
-
 		case 'L':
 			snapdump = 1;
 			break;
@@ -573,9 +562,6 @@ usage(void)
 {
 	fprintf(stderr,
 		"usage: dump [-0123456789ac"
-#ifdef KERBEROS
-		"k"
-#endif
 		"LnSu] [-B records] [-b blocksize] [-C cachesize]\n"
 		"            [-D dumpdates] [-d density] [-f file] [-h level] [-s feet]\n"
 		"            [-T date] filesystem\n"

sbin/restore/Makefile

@@ -12,17 +12,4 @@ MAN=	restore.8
 MLINKS+=restore.8 rrestore.8
 .PATH:	${.CURDIR}/../dump
 
-.if defined(MAKE_KERBEROS4) && !defined(NO_OPENSSL) && !defined(NOCRYPT)
-.PATH:	${.CURDIR}/../../crypto/kerberosIV/appl/bsd
-SRCS+=	krcmd.c kcmd.c rcmd_util.c
-DPADD+=	${LIBKRB} ${LIBCRYPTO}
-LDADD+=	-lkrb -lcrypto
-CFLAGS+=-DKERBEROS -DHAVE_CONFIG_H \
-	-I${.CURDIR}/../../kerberosIV/include \
-	-I${.CURDIR}/../../crypto/kerberosIV/include \
-	-I${.CURDIR}/../../crypto/kerberosIV/lib/roken \
-	-I${.CURDIR}/../../crypto/kerberosIV/appl/bsd
-DISTRIBUTION=	krb4
-.endif
-
 .include <bsd.prog.mk>

sbin/restore/main.c

@@ -65,7 +65,6 @@ static const char rcsid[] =
 int	bflag = 0, cvtflag = 0, dflag = 0, vflag = 0, yflag = 0;
 int	hflag = 1, mflag = 1, Nflag = 0;
 int	uflag = 0;
-int	dokerberos = 0;
 char	command = '\0';
 long	dumpnum = 1;
 long	volno = 0;
@@ -98,11 +97,7 @@ main(int argc, char *argv[])
 	if ((inputdev = getenv("TAPE")) == NULL)
 		inputdev = _PATH_DEFTAPE;
 	obsolete(&argc, &argv);
-#ifdef KERBEROS
-#define	optlist "b:df:hikmNRrs:tuvxy"
-#else
 #define	optlist "b:df:himNRrs:tuvxy"
-#endif
 	while ((ch = getopt(argc, argv, optlist)) != -1)
 		switch(ch) {
 		case 'b':
@@ -123,11 +118,6 @@ main(int argc, char *argv[])
 		case 'h':
 			hflag = 0;
 			break;
-#ifdef KERBEROS
-		case 'k':
-			dokerberos = 1;
-			break;
-#endif
 		case 'i':
 		case 'R':
 		case 'r':

sbin/restore/restore.8

@@ -309,12 +309,6 @@ or
 reads from the named file on the remote host using
 .Xr rmt 8 .
 .Pp
-.It Fl k
-Use Kerberos authentication when contacting the remote tape server.
-(Only available if this options was enabled when
-.Nm
-was compiled.)
-.Pp
 .It Fl h
 Extract the actual directory,
 rather than the files that it references.