summaryrefslogtreecommitdiffstats
path: root/crypto/heimdal/lib
diff options
context:
space:
mode:
authornectar <nectar@FreeBSD.org>2002-09-16 21:04:40 +0000
committernectar <nectar@FreeBSD.org>2002-09-16 21:04:40 +0000
commita876cfedd88823d520688032e9bde83b68098a88 (patch)
treedcd3a0c4ed207dd29fc2afc7e76bb2592c51d93a /crypto/heimdal/lib
parentfece93f6bd7aed95bbd6edfb87765c3fcdbfedd5 (diff)
parent8707f886593c300d83c76654e92ec76bcea9b858 (diff)
downloadFreeBSD-src-a876cfedd88823d520688032e9bde83b68098a88.zip
FreeBSD-src-a876cfedd88823d520688032e9bde83b68098a88.tar.gz
This commit was generated by cvs2svn to compensate for changes in r103423,
which included commits to RCS files with non-trunk default branches.
Diffstat (limited to 'crypto/heimdal/lib')
-rw-r--r--crypto/heimdal/lib/asn1/der_get.c6
-rw-r--r--crypto/heimdal/lib/asn1/gen.c25
-rw-r--r--crypto/heimdal/lib/asn1/k5.asn15
-rw-r--r--crypto/heimdal/lib/auth/pam/pam.c4
-rw-r--r--crypto/heimdal/lib/gssapi/ChangeLog10
-rw-r--r--crypto/heimdal/lib/gssapi/init_sec_context.c14
-rw-r--r--crypto/heimdal/lib/gssapi/unwrap.c6
-rw-r--r--crypto/heimdal/lib/gssapi/wrap.c6
-rw-r--r--crypto/heimdal/lib/hdb/common.c45
-rw-r--r--crypto/heimdal/lib/hdb/hdb-ldap.c27
-rw-r--r--crypto/heimdal/lib/krb5/Makefile.am9
-rw-r--r--crypto/heimdal/lib/krb5/Makefile.in27
-rw-r--r--crypto/heimdal/lib/krb5/auth_context.c22
-rw-r--r--crypto/heimdal/lib/krb5/build_ap_req.c17
-rw-r--r--crypto/heimdal/lib/krb5/build_auth.c43
-rw-r--r--crypto/heimdal/lib/krb5/changepw.c14
-rw-r--r--crypto/heimdal/lib/krb5/config_file.c4
-rw-r--r--crypto/heimdal/lib/krb5/context.c13
-rw-r--r--crypto/heimdal/lib/krb5/get_cred.c93
-rw-r--r--crypto/heimdal/lib/krb5/get_for_creds.c40
-rw-r--r--crypto/heimdal/lib/krb5/get_in_tkt.c70
-rw-r--r--crypto/heimdal/lib/krb5/keytab_keyfile.c4
-rw-r--r--crypto/heimdal/lib/krb5/krb5-protos.h12
-rw-r--r--crypto/heimdal/lib/krb5/krb5.h6
-rw-r--r--crypto/heimdal/lib/krb5/krb5_appdefault.34
-rw-r--r--crypto/heimdal/lib/krb5/krb5_auth_context.34
-rw-r--r--crypto/heimdal/lib/krb5/krb5_context.36
-rw-r--r--crypto/heimdal/lib/krb5/krb5_init_context.34
-rw-r--r--crypto/heimdal/lib/krb5/krb5_parse_name.34
-rw-r--r--crypto/heimdal/lib/krb5/krb5_unparse_name.35
-rw-r--r--crypto/heimdal/lib/krb5/kuserok.c6
-rw-r--r--crypto/heimdal/lib/krb5/log.c44
-rw-r--r--crypto/heimdal/lib/krb5/mk_error.c51
-rw-r--r--crypto/heimdal/lib/krb5/mk_priv.c71
-rw-r--r--crypto/heimdal/lib/krb5/mk_rep.c38
-rw-r--r--crypto/heimdal/lib/krb5/mk_req_ext.c10
-rw-r--r--crypto/heimdal/lib/krb5/mk_safe.c46
-rw-r--r--crypto/heimdal/lib/krb5/name-45-test.c277
-rw-r--r--crypto/heimdal/lib/krb5/prompter_posix.c5
-rw-r--r--crypto/heimdal/lib/krb5/rd_cred.c11
-rw-r--r--crypto/heimdal/lib/krb5/rd_safe.c20
-rw-r--r--crypto/heimdal/lib/krb5/sendauth.c16
-rw-r--r--crypto/heimdal/lib/krb5/transited.c25
-rw-r--r--crypto/heimdal/lib/roken/ChangeLog42
-rw-r--r--crypto/heimdal/lib/roken/Makefile.am8
-rw-r--r--crypto/heimdal/lib/roken/Makefile.in48
-rw-r--r--crypto/heimdal/lib/roken/getifaddrs.c782
-rw-r--r--crypto/heimdal/lib/roken/getnameinfo_verified.c17
-rw-r--r--crypto/heimdal/lib/roken/parse_reply-test.c129
-rw-r--r--crypto/heimdal/lib/roken/resolve.c32
-rw-r--r--crypto/heimdal/lib/roken/roken-common.h6
-rw-r--r--crypto/heimdal/lib/roken/roken.awk4
-rw-r--r--crypto/heimdal/lib/roken/rtbl.c6
53 files changed, 1676 insertions, 567 deletions
diff --git a/crypto/heimdal/lib/asn1/der_get.c b/crypto/heimdal/lib/asn1/der_get.c
index 5edb43a..429fd66 100644
--- a/crypto/heimdal/lib/asn1/der_get.c
+++ b/crypto/heimdal/lib/asn1/der_get.c
@@ -33,7 +33,7 @@
#include "der_locl.h"
-RCSID("$Id: der_get.c,v 1.32 2002/08/22 19:11:07 assar Exp $");
+RCSID("$Id: der_get.c,v 1.33 2002/09/03 16:21:49 nectar Exp $");
#include <version.h>
@@ -252,6 +252,8 @@ decode_integer (const unsigned char *p, size_t len,
p += l;
len -= l;
ret += l;
+ if (reallen > len)
+ return ASN1_OVERRUN;
e = der_get_int (p, reallen, num, &l);
if (e) return e;
p += l;
@@ -279,6 +281,8 @@ decode_unsigned (const unsigned char *p, size_t len,
p += l;
len -= l;
ret += l;
+ if (reallen > len)
+ return ASN1_OVERRUN;
e = der_get_unsigned (p, reallen, num, &l);
if (e) return e;
p += l;
diff --git a/crypto/heimdal/lib/asn1/gen.c b/crypto/heimdal/lib/asn1/gen.c
index 6d03db6..5b85a48 100644
--- a/crypto/heimdal/lib/asn1/gen.c
+++ b/crypto/heimdal/lib/asn1/gen.c
@@ -33,7 +33,7 @@
#include "gen_locl.h"
-RCSID("$Id: gen.c,v 1.48 2002/08/26 13:27:20 assar Exp $");
+RCSID("$Id: gen.c,v 1.49 2002/09/04 15:06:18 joda Exp $");
FILE *headerfile, *codefile, *logfile;
@@ -102,20 +102,29 @@ init_generate (const char *filename, const char *base)
" void *data;\n"
"} octet_string;\n\n");
fprintf (headerfile,
-#if 0
- "typedef struct general_string {\n"
- " size_t length;\n"
- " char *data;\n"
- "} general_string;\n\n"
-#else
"typedef char *general_string;\n\n"
-#endif
);
fprintf (headerfile,
"typedef struct oid {\n"
" size_t length;\n"
" unsigned *components;\n"
"} oid;\n\n");
+ fputs("#define ASN1_MALLOC_ENCODE(T, B, BL, S, L, R) \\\n"
+ " do { \\\n"
+ " (BL) = length_##T((S)); \\\n"
+ " (B) = malloc((BL)); \\\n"
+ " if((B) == NULL) { \\\n"
+ " (R) = ENOMEM; \\\n"
+ " } else { \\\n"
+ " (R) = encode_##T(((unsigned char*)(B)) + (BL) - 1, (BL), \\\n"
+ " (S), (L)); \\\n"
+ " if((R) != 0) { \\\n"
+ " free((B)); \\\n"
+ " (B) = NULL; \\\n"
+ " } \\\n"
+ " } \\\n"
+ " } while (0)\n\n",
+ headerfile);
fprintf (headerfile, "#endif\n\n");
logfile = fopen(STEM "_files", "w");
if (logfile == NULL)
diff --git a/crypto/heimdal/lib/asn1/k5.asn1 b/crypto/heimdal/lib/asn1/k5.asn1
index 381aaf6..53436c8 100644
--- a/crypto/heimdal/lib/asn1/k5.asn1
+++ b/crypto/heimdal/lib/asn1/k5.asn1
@@ -1,4 +1,4 @@
--- $Id: k5.asn1,v 1.26 2002/03/18 19:00:43 joda Exp $
+-- $Id: k5.asn1,v 1.27 2002/09/03 17:32:09 joda Exp $
KERBEROS5 DEFINITIONS ::=
BEGIN
@@ -97,8 +97,7 @@ ENCTYPE ::= INTEGER {
ETYPE_DES_CBC_NONE(-0x1000),
ETYPE_DES3_CBC_NONE(-0x1001),
ETYPE_DES_CFB64_NONE(-0x1002),
- ETYPE_DES_PCBC_NONE(-0x1003),
- ETYPE_DES3_CBC_NONE_IVEC(-0x1004)
+ ETYPE_DES_PCBC_NONE(-0x1003)
}
-- this is sugar to make something ASN1 does not have: unsigned
diff --git a/crypto/heimdal/lib/auth/pam/pam.c b/crypto/heimdal/lib/auth/pam/pam.c
index eeb2d25..68446c3 100644
--- a/crypto/heimdal/lib/auth/pam/pam.c
+++ b/crypto/heimdal/lib/auth/pam/pam.c
@@ -33,7 +33,7 @@
#ifdef HAVE_CONFIG_H
#include<config.h>
-RCSID("$Id: pam.c,v 1.27 2001/02/15 04:30:05 assar Exp $");
+RCSID("$Id: pam.c,v 1.28 2002/09/09 15:57:24 joda Exp $");
#endif
#include <stdio.h>
@@ -128,7 +128,7 @@ pdeb(const char *format, ...)
if (ctrl_off(KRB4_DEBUG))
return;
va_start(args, format);
- openlog("pam_krb4", LOG_CONS|LOG_PID, LOG_AUTH);
+ openlog("pam_krb4", LOG_PID, LOG_AUTH);
vsyslog(LOG_DEBUG, format, args);
va_end(args);
closelog();
diff --git a/crypto/heimdal/lib/gssapi/ChangeLog b/crypto/heimdal/lib/gssapi/ChangeLog
index a369cf8..cd9d9c1 100644
--- a/crypto/heimdal/lib/gssapi/ChangeLog
+++ b/crypto/heimdal/lib/gssapi/ChangeLog
@@ -1,3 +1,13 @@
+2002-09-03 Johan Danielsson <joda@pdc.kth.se>
+
+ * wrap.c (wrap_des3): use ETYPE_DES3_CBC_NONE
+
+ * unwrap.c (unwrap_des3): use ETYPE_DES3_CBC_NONE
+
+2002-09-02 Johan Danielsson <joda@pdc.kth.se>
+
+ * init_sec_context.c: we need to generate a local subkey here
+
2002-08-20 Jacques Vidrine <n@nectar.com>
* acquire_cred.c, inquire_cred.c, release_cred.c: Use default
diff --git a/crypto/heimdal/lib/gssapi/init_sec_context.c b/crypto/heimdal/lib/gssapi/init_sec_context.c
index 1be73e1..2cef3a9 100644
--- a/crypto/heimdal/lib/gssapi/init_sec_context.c
+++ b/crypto/heimdal/lib/gssapi/init_sec_context.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "gssapi_locl.h"
-RCSID("$Id: init_sec_context.c,v 1.29 2001/08/29 02:21:09 assar Exp $");
+RCSID("$Id: init_sec_context.c,v 1.31 2002/09/02 17:16:12 joda Exp $");
/*
* copy the addresses from `input_chan_bindings' (if any) to
@@ -367,6 +367,16 @@ init_auth
}
#endif
+ kret = krb5_auth_con_generatelocalsubkey(gssapi_krb5_context,
+ (*context_handle)->auth_context,
+ &cred->session);
+ if(kret) {
+ gssapi_krb5_set_error_string ();
+ *minor_status = kret;
+ ret = GSS_S_FAILURE;
+ goto failure;
+ }
+
kret = krb5_build_authenticator (gssapi_krb5_context,
(*context_handle)->auth_context,
enctype,
diff --git a/crypto/heimdal/lib/gssapi/unwrap.c b/crypto/heimdal/lib/gssapi/unwrap.c
index e5e9695..5acb2e9 100644
--- a/crypto/heimdal/lib/gssapi/unwrap.c
+++ b/crypto/heimdal/lib/gssapi/unwrap.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "gssapi_locl.h"
-RCSID("$Id: unwrap.c,v 1.20 2002/05/20 15:14:00 nectar Exp $");
+RCSID("$Id: unwrap.c,v 1.21 2002/09/03 17:33:11 joda Exp $");
OM_uint32
gss_krb5_get_remotekey(const gss_ctx_id_t context_handle,
@@ -296,7 +296,7 @@ unwrap_des3
p -= 28;
ret = krb5_crypto_init(gssapi_krb5_context, key,
- ETYPE_DES3_CBC_NONE_IVEC, &crypto);
+ ETYPE_DES3_CBC_NONE, &crypto);
if (ret) {
gssapi_krb5_set_error_string ();
*minor_status = ret;
diff --git a/crypto/heimdal/lib/gssapi/wrap.c b/crypto/heimdal/lib/gssapi/wrap.c
index 4e232c5..1a9d7ea 100644
--- a/crypto/heimdal/lib/gssapi/wrap.c
+++ b/crypto/heimdal/lib/gssapi/wrap.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "gssapi_locl.h"
-RCSID("$Id: wrap.c,v 1.19 2001/06/18 02:53:52 assar Exp $");
+RCSID("$Id: wrap.c,v 1.20 2002/09/03 17:33:36 joda Exp $");
OM_uint32
gss_krb5_get_localkey(const gss_ctx_id_t context_handle,
@@ -330,7 +330,7 @@ wrap_des3
4);
- ret = krb5_crypto_init(gssapi_krb5_context, key, ETYPE_DES3_CBC_NONE_IVEC,
+ ret = krb5_crypto_init(gssapi_krb5_context, key, ETYPE_DES3_CBC_NONE,
&crypto);
if (ret) {
free (output_message_buffer->value);
diff --git a/crypto/heimdal/lib/hdb/common.c b/crypto/heimdal/lib/hdb/common.c
index 73bddf2..9375525 100644
--- a/crypto/heimdal/lib/hdb/common.c
+++ b/crypto/heimdal/lib/hdb/common.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,35 +33,21 @@
#include "hdb_locl.h"
-RCSID("$Id: common.c,v 1.10 2001/07/13 06:30:41 assar Exp $");
+RCSID("$Id: common.c,v 1.11 2002/09/04 16:32:30 joda Exp $");
int
hdb_principal2key(krb5_context context, krb5_principal p, krb5_data *key)
{
Principal new;
size_t len;
- unsigned char *buf;
int ret;
ret = copy_Principal(p, &new);
- if(ret)
- goto out;
+ if(ret)
+ return ret;
new.name.name_type = 0;
- len = length_Principal(&new);
- buf = malloc(len);
- if(buf == NULL){
- krb5_set_error_string(context, "malloc: out of memory");
- ret = ENOMEM;
- goto out;
- }
- ret = encode_Principal(buf + len - 1, len, &new, &len);
- if(ret){
- free(buf);
- goto out;
- }
- key->data = buf;
- key->length = len;
-out:
+
+ ASN1_MALLOC_ENCODE(Principal, key->data, key->length, &new, &len, ret);
free_Principal(&new);
return ret;
}
@@ -75,24 +61,11 @@ hdb_key2principal(krb5_context context, krb5_data *key, krb5_principal p)
int
hdb_entry2value(krb5_context context, hdb_entry *ent, krb5_data *value)
{
- unsigned char *buf;
size_t len;
int ret;
-
- len = length_hdb_entry(ent);
- buf = malloc(len);
- if(buf == NULL) {
- krb5_set_error_string(context, "malloc: out of memory");
- return ENOMEM;
- }
- ret = encode_hdb_entry(buf + len - 1, len, ent, &len);
- if(ret){
- free(buf);
- return ret;
- }
- value->data = buf;
- value->length = len;
- return 0;
+
+ ASN1_MALLOC_ENCODE(hdb_entry, value->data, value->length, ent, &len, ret);
+ return ret;
}
int
diff --git a/crypto/heimdal/lib/hdb/hdb-ldap.c b/crypto/heimdal/lib/hdb/hdb-ldap.c
index a92285c..8e90798 100644
--- a/crypto/heimdal/lib/hdb/hdb-ldap.c
+++ b/crypto/heimdal/lib/hdb/hdb-ldap.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1999 - 2001, PADL Software Pty Ltd.
+ * Copyright (c) 1999-2001, PADL Software Pty Ltd.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -32,7 +32,7 @@
#include "hdb_locl.h"
-RCSID("$Id: hdb-ldap.c,v 1.9 2001/08/31 18:19:49 joda Exp $");
+RCSID("$Id: hdb-ldap.c,v 1.10 2002/09/04 18:42:22 joda Exp $");
#ifdef OPENLDAP
@@ -451,29 +451,10 @@ LDAP_entry2mods(krb5_context context, HDB * db, hdb_entry * ent,
for (i = 0; i < ent->keys.len; i++) {
unsigned char *buf;
size_t len;
- Key new;
- ret = copy_Key(&ent->keys.val[i], &new);
- if (ret != 0) {
- goto out;
- }
-
- len = length_Key(&new);
- buf = malloc(len);
- if (buf == NULL) {
- krb5_set_error_string(context, "malloc: out of memory");
- ret = ENOMEM;
- free_Key(&new);
+ ASN1_MALLOC_ENCODE(Key, buf, len, &ent->keys.val[i], &len, ret);
+ if (ret != 0)
goto out;
- }
-
- ret = encode_Key(buf + len - 1, len, &new, &len);
- if (ret != 0) {
- free(buf);
- free_Key(&new);
- goto out;
- }
- free_Key(&new);
/* addmod_len _owns_ the key, doesn't need to copy it */
ret = LDAP_addmod_len(&mods, LDAP_MOD_ADD, "krb5Key", buf, len);
diff --git a/crypto/heimdal/lib/krb5/Makefile.am b/crypto/heimdal/lib/krb5/Makefile.am
index e88a28e..ae75808 100644
--- a/crypto/heimdal/lib/krb5/Makefile.am
+++ b/crypto/heimdal/lib/krb5/Makefile.am
@@ -1,4 +1,4 @@
-# $Id: Makefile.am,v 1.145 2002/08/29 04:02:24 assar Exp $
+# $Id: Makefile.am,v 1.147 2002/09/03 14:45:13 joda Exp $
include $(top_srcdir)/Makefile.am.common
@@ -13,7 +13,8 @@ TESTS = \
string-to-key-test \
derived-key-test \
store-test \
- parse-name-test
+ parse-name-test \
+ name-45-test
check_PROGRAMS = $(TESTS)
@@ -133,10 +134,10 @@ libkrb5_la_LDFLAGS = -version-info 18:3:1
$(libkrb5_la_OBJECTS): $(srcdir)/krb5-protos.h $(srcdir)/krb5-private.h
-$(srcdir)/krb5-protos.h: $(ERR_FILES)
+$(srcdir)/krb5-protos.h:
cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -o krb5-protos.h $(libkrb5_la_SOURCES) || rm -f krb5-protos.h
-$(srcdir)/krb5-private.h: $(ERR_FILES)
+$(srcdir)/krb5-private.h:
cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -p krb5-private.h $(libkrb5_la_SOURCES) || rm -f krb5-private.h
#libkrb5_la_LIBADD = ../com_err/error.lo ../com_err/com_err.lo
diff --git a/crypto/heimdal/lib/krb5/Makefile.in b/crypto/heimdal/lib/krb5/Makefile.in
index 7126546..80ce39f 100644
--- a/crypto/heimdal/lib/krb5/Makefile.in
+++ b/crypto/heimdal/lib/krb5/Makefile.in
@@ -14,7 +14,7 @@
@SET_MAKE@
-# $Id: Makefile.am,v 1.145 2002/08/29 04:02:24 assar Exp $
+# $Id: Makefile.am,v 1.147 2002/09/03 14:45:13 joda Exp $
# $Id: Makefile.am.common,v 1.5 2002/05/19 18:35:37 joda Exp $
@@ -211,7 +211,8 @@ TESTS = \
string-to-key-test \
derived-key-test \
store-test \
- parse-name-test
+ parse-name-test \
+ name-45-test
check_PROGRAMS = $(TESTS)
@@ -406,7 +407,7 @@ libkrb5_la_OBJECTS = $(am_libkrb5_la_OBJECTS)
bin_PROGRAMS = verify_krb5_conf$(EXEEXT)
check_PROGRAMS = n-fold-test$(EXEEXT) string-to-key-test$(EXEEXT) \
derived-key-test$(EXEEXT) store-test$(EXEEXT) \
- parse-name-test$(EXEEXT)
+ parse-name-test$(EXEEXT) name-45-test$(EXEEXT)
noinst_PROGRAMS = dump_config$(EXEEXT) test_get_addrs$(EXEEXT) \
krbhst-test$(EXEEXT)
PROGRAMS = $(bin_PROGRAMS) $(noinst_PROGRAMS)
@@ -435,6 +436,12 @@ n_fold_test_LDADD = $(LDADD)
n_fold_test_DEPENDENCIES = libkrb5.la \
$(top_builddir)/lib/asn1/libasn1.la
n_fold_test_LDFLAGS =
+name_45_test_SOURCES = name-45-test.c
+name_45_test_OBJECTS = name-45-test.$(OBJEXT)
+name_45_test_LDADD = $(LDADD)
+name_45_test_DEPENDENCIES = libkrb5.la \
+ $(top_builddir)/lib/asn1/libasn1.la
+name_45_test_LDFLAGS =
parse_name_test_SOURCES = parse-name-test.c
parse_name_test_OBJECTS = parse-name-test.$(OBJEXT)
parse_name_test_LDADD = $(LDADD)
@@ -481,13 +488,14 @@ LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(AM_LDFLAGS) $(LDFLAGS) -o $@
CFLAGS = @CFLAGS@
DIST_SOURCES = $(libkrb5_la_SOURCES) derived-key-test.c dump_config.c \
- krbhst-test.c n-fold-test.c parse-name-test.c store-test.c \
- string-to-key-test.c test_get_addrs.c verify_krb5_conf.c
+ krbhst-test.c n-fold-test.c name-45-test.c parse-name-test.c \
+ store-test.c string-to-key-test.c test_get_addrs.c \
+ verify_krb5_conf.c
MANS = $(man_MANS)
HEADERS = $(include_HEADERS)
DIST_COMMON = $(include_HEADERS) Makefile.am Makefile.in
-SOURCES = $(libkrb5_la_SOURCES) derived-key-test.c dump_config.c krbhst-test.c n-fold-test.c parse-name-test.c store-test.c string-to-key-test.c test_get_addrs.c verify_krb5_conf.c
+SOURCES = $(libkrb5_la_SOURCES) derived-key-test.c dump_config.c krbhst-test.c n-fold-test.c name-45-test.c parse-name-test.c store-test.c string-to-key-test.c test_get_addrs.c verify_krb5_conf.c
all: all-am
@@ -583,6 +591,9 @@ krbhst-test$(EXEEXT): $(krbhst_test_OBJECTS) $(krbhst_test_DEPENDENCIES)
n-fold-test$(EXEEXT): $(n_fold_test_OBJECTS) $(n_fold_test_DEPENDENCIES)
@rm -f n-fold-test$(EXEEXT)
$(LINK) $(n_fold_test_LDFLAGS) $(n_fold_test_OBJECTS) $(n_fold_test_LDADD) $(LIBS)
+name-45-test$(EXEEXT): $(name_45_test_OBJECTS) $(name_45_test_DEPENDENCIES)
+ @rm -f name-45-test$(EXEEXT)
+ $(LINK) $(name_45_test_LDFLAGS) $(name_45_test_OBJECTS) $(name_45_test_LDADD) $(LIBS)
parse-name-test$(EXEEXT): $(parse_name_test_OBJECTS) $(parse_name_test_DEPENDENCIES)
@rm -f parse-name-test$(EXEEXT)
$(LINK) $(parse_name_test_LDFLAGS) $(parse_name_test_OBJECTS) $(parse_name_test_LDADD) $(LIBS)
@@ -1121,10 +1132,10 @@ install-data-local: install-cat-mans
$(libkrb5_la_OBJECTS): $(srcdir)/krb5-protos.h $(srcdir)/krb5-private.h
-$(srcdir)/krb5-protos.h: $(ERR_FILES)
+$(srcdir)/krb5-protos.h:
cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -o krb5-protos.h $(libkrb5_la_SOURCES) || rm -f krb5-protos.h
-$(srcdir)/krb5-private.h: $(ERR_FILES)
+$(srcdir)/krb5-private.h:
cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -p krb5-private.h $(libkrb5_la_SOURCES) || rm -f krb5-private.h
$(libkrb5_la_OBJECTS): krb5_err.h heim_err.h k524_err.h
diff --git a/crypto/heimdal/lib/krb5/auth_context.c b/crypto/heimdal/lib/krb5/auth_context.c
index 3b42ce7..2e7a8f4 100644
--- a/crypto/heimdal/lib/krb5/auth_context.c
+++ b/crypto/heimdal/lib/krb5/auth_context.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: auth_context.c,v 1.58 2002/08/15 08:23:07 joda Exp $");
+RCSID("$Id: auth_context.c,v 1.59 2002/09/02 17:11:02 joda Exp $");
krb5_error_code
krb5_auth_con_init(krb5_context context,
@@ -292,6 +292,24 @@ krb5_auth_con_setlocalsubkey(krb5_context context,
}
krb5_error_code
+krb5_auth_con_generatelocalsubkey(krb5_context context,
+ krb5_auth_context auth_context,
+ krb5_keyblock *key)
+{
+ krb5_error_code ret;
+ krb5_keyblock *subkey;
+
+ ret = krb5_generate_subkey (context, key, &subkey);
+ if(ret)
+ return ret;
+ if(auth_context->local_subkey)
+ krb5_free_keyblock(context, auth_context->local_subkey);
+ auth_context->local_subkey = subkey;
+ return 0;
+}
+
+
+krb5_error_code
krb5_auth_con_setremotesubkey(krb5_context context,
krb5_auth_context auth_context,
krb5_keyblock *keyblock)
diff --git a/crypto/heimdal/lib/krb5/build_ap_req.c b/crypto/heimdal/lib/krb5/build_ap_req.c
index e4f7d4e..cab5e6f 100644
--- a/crypto/heimdal/lib/krb5/build_ap_req.c
+++ b/crypto/heimdal/lib/krb5/build_ap_req.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: build_ap_req.c,v 1.17 2001/05/14 06:14:44 assar Exp $");
+RCSID("$Id: build_ap_req.c,v 1.18 2002/09/04 16:26:04 joda Exp $");
krb5_error_code
krb5_build_ap_req (krb5_context context,
@@ -66,15 +66,10 @@ krb5_build_ap_req (krb5_context context,
ap.authenticator.kvno = NULL;
ap.authenticator.cipher = authenticator;
- retdata->length = length_AP_REQ(&ap);
- retdata->data = malloc(retdata->length);
- if(retdata->data == NULL) {
- krb5_set_error_string(context, "malloc: out of memory");
- ret = ENOMEM;
- } else
- encode_AP_REQ((unsigned char *)retdata->data + retdata->length - 1,
- retdata->length, &ap, &len);
+ ASN1_MALLOC_ENCODE(AP_REQ, retdata->data, retdata->length,
+ &ap, &len, ret);
+
free_AP_REQ(&ap);
-
return ret;
+
}
diff --git a/crypto/heimdal/lib/krb5/build_auth.c b/crypto/heimdal/lib/krb5/build_auth.c
index b1650fd..9a2ca3e 100644
--- a/crypto/heimdal/lib/krb5/build_auth.c
+++ b/crypto/heimdal/lib/krb5/build_auth.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: build_auth.c,v 1.35 2001/05/14 06:14:44 assar Exp $");
+RCSID("$Id: build_auth.c,v 1.38 2002/09/04 16:26:04 joda Exp $");
krb5_error_code
krb5_build_authenticator (krb5_context context,
@@ -74,13 +74,6 @@ krb5_build_authenticator (krb5_context context,
if(ret)
goto fail;
- if(auth->subkey == NULL) {
- krb5_generate_subkey (context, &cred->session, &auth->subkey);
- ret = krb5_auth_con_setlocalsubkey(context, auth_context, auth->subkey);
- if(ret)
- goto fail;
- }
-
if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) {
krb5_generate_seq_number (context,
&cred->session,
@@ -99,36 +92,10 @@ krb5_build_authenticator (krb5_context context,
auth_context->authenticator->cusec = auth->cusec;
}
- buf_size = 1024;
- buf = malloc (buf_size);
- if (buf == NULL) {
- krb5_set_error_string(context, "malloc: out of memory");
- ret = ENOMEM;
- goto fail;
- }
+ ASN1_MALLOC_ENCODE(Authenticator, buf, buf_size, auth, &len, ret);
- do {
- ret = krb5_encode_Authenticator (context,
- buf + buf_size - 1,
- buf_size,
- auth, &len);
- if (ret) {
- if (ret == ASN1_OVERFLOW) {
- u_char *tmp;
-
- buf_size *= 2;
- tmp = realloc (buf, buf_size);
- if (tmp == NULL) {
- krb5_set_error_string(context, "malloc: out of memory");
- ret = ENOMEM;
- goto fail;
- }
- buf = tmp;
- } else {
- goto fail;
- }
- }
- } while(ret == ASN1_OVERFLOW);
+ if (ret)
+ goto fail;
ret = krb5_crypto_init(context, &cred->session, enctype, &crypto);
if (ret)
diff --git a/crypto/heimdal/lib/krb5/changepw.c b/crypto/heimdal/lib/krb5/changepw.c
index e930d87..f765a97 100644
--- a/crypto/heimdal/lib/krb5/changepw.c
+++ b/crypto/heimdal/lib/krb5/changepw.c
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: changepw.c,v 1.35 2002/06/06 13:33:13 joda Exp $");
+RCSID("$Id: changepw.c,v 1.37 2002/09/03 16:14:34 nectar Exp $");
static krb5_error_code
send_request (krb5_context context,
@@ -57,7 +57,7 @@ send_request (krb5_context context,
ret = krb5_mk_req_extended (context,
auth_context,
- AP_OPTS_MUTUAL_REQUIRED,
+ AP_OPTS_MUTUAL_REQUIRED | AP_OPTS_USE_SUBKEY,
NULL, /* in_data */
creds,
&ap_req_data);
@@ -144,7 +144,7 @@ process_reply (krb5_context context,
u_char reply[BUFSIZ];
size_t len;
u_int16_t pkt_len, pkt_ver;
- krb5_data ap_rep_data;
+ krb5_data ap_rep_data, priv_data;
int save_errno;
ret = recvfrom (sock, reply, sizeof(reply), 0, NULL, NULL);
@@ -173,10 +173,13 @@ process_reply (krb5_context context,
ap_rep_data.data = reply + 6;
ap_rep_data.length = (reply[4] << 8) | (reply[5]);
+ priv_data.data = (u_char*)ap_rep_data.data + ap_rep_data.length;
+ priv_data.length = len - ap_rep_data.length - 6;
+ if ((u_char *)priv_data.data + priv_data.length >= reply + len)
+ return KRB5_KPASSWD_MALFORMED;
if (ap_rep_data.length) {
krb5_ap_rep_enc_part *ap_rep;
- krb5_data priv_data;
u_char *p;
ret = krb5_rd_rep (context,
@@ -188,9 +191,6 @@ process_reply (krb5_context context,
krb5_free_ap_rep_enc_part (context, ap_rep);
- priv_data.data = (u_char*)ap_rep_data.data + ap_rep_data.length;
- priv_data.length = len - ap_rep_data.length - 6;
-
ret = krb5_rd_priv (context,
auth_context,
&priv_data,
diff --git a/crypto/heimdal/lib/krb5/config_file.c b/crypto/heimdal/lib/krb5/config_file.c
index 77920a8..845b14c 100644
--- a/crypto/heimdal/lib/krb5/config_file.c
+++ b/crypto/heimdal/lib/krb5/config_file.c
@@ -32,7 +32,7 @@
*/
#include "krb5_locl.h"
-RCSID("$Id: config_file.c,v 1.45 2002/08/14 17:35:03 joda Exp $");
+RCSID("$Id: config_file.c,v 1.46 2002/09/10 19:04:55 joda Exp $");
#ifndef HAVE_NETINFO
@@ -341,7 +341,7 @@ vget_next(krb5_context context,
{
const char *p = va_arg(args, const char *);
while(b != NULL) {
- if(strcmp(b->name, name) == NULL) {
+ if(strcmp(b->name, name) == 0) {
if(b->type == type && p == NULL) {
*pointer = b;
return b->u.generic;
diff --git a/crypto/heimdal/lib/krb5/context.c b/crypto/heimdal/lib/krb5/context.c
index d21ea71..75fe347 100644
--- a/crypto/heimdal/lib/krb5/context.c
+++ b/crypto/heimdal/lib/krb5/context.c
@@ -34,7 +34,7 @@
#include "krb5_locl.h"
#include <com_err.h>
-RCSID("$Id: context.c,v 1.80 2002/08/28 15:27:24 joda Exp $");
+RCSID("$Id: context.c,v 1.81 2002/09/02 17:03:12 joda Exp $");
#define INIT_FIELD(C, T, E, D, F) \
(C)->E = krb5_config_get_ ## T ## _default ((C), NULL, (D), \
@@ -173,14 +173,9 @@ init_context_from_config_file(krb5_context context)
INIT_FIELD(context, bool, scan_interfaces, TRUE, "scan_interfaces");
INIT_FIELD(context, int, fcache_vno, 0, "fcache_version");
- INIT_FIELD(context, bool, srv_lookup, TRUE, "dns_lookup_kdc");
- /* srv_lookup backwards compatibility. */
- {
- const char **p;
- p = krb5_config_get_strings(context, NULL, "libdefaults", "srv_lookup", NULL);
- if (p != NULL)
- INIT_FIELD(context, bool, srv_lookup, TRUE, "srv_lookup");
- }
+ /* prefer dns_lookup_kdc over srv_lookup. */
+ INIT_FIELD(context, bool, srv_lookup, TRUE, "srv_lookup");
+ INIT_FIELD(context, bool, srv_lookup, context->srv_lookup, "dns_lookup_kdc");
return 0;
}
diff --git a/crypto/heimdal/lib/krb5/get_cred.c b/crypto/heimdal/lib/krb5/get_cred.c
index 256234b..7aa61a3 100644
--- a/crypto/heimdal/lib/krb5/get_cred.c
+++ b/crypto/heimdal/lib/krb5/get_cred.c
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: get_cred.c,v 1.88 2002/03/10 23:11:29 assar Exp $");
+RCSID("$Id: get_cred.c,v 1.91 2002/09/04 21:12:46 joda Exp $");
/*
* Take the `body' and encode it into `padata' using the credentials
@@ -54,36 +54,14 @@ make_pa_tgs_req(krb5_context context,
krb5_data in_data;
krb5_error_code ret;
- buf_size = 1024;
- buf = malloc (buf_size);
- if (buf == NULL) {
- krb5_set_error_string(context, "malloc: out of memory");
- return ENOMEM;
- }
-
- do {
- ret = encode_KDC_REQ_BODY(buf + buf_size - 1, buf_size,
- body, &len);
- if (ret){
- if (ret == ASN1_OVERFLOW) {
- u_char *tmp;
-
- buf_size *= 2;
- tmp = realloc (buf, buf_size);
- if (tmp == NULL) {
- krb5_set_error_string(context, "malloc: out of memory");
- ret = ENOMEM;
- goto out;
- }
- buf = tmp;
- } else {
- goto out;
- }
- }
- } while (ret == ASN1_OVERFLOW);
+ ASN1_MALLOC_ENCODE(KDC_REQ_BODY, buf, buf_size, body, &len, ret);
+ if (ret)
+ goto out;
+ if(buf_size != len)
+ krb5_abortx(context, "internal error in ASN.1 encoder");
in_data.length = len;
- in_data.data = buf + buf_size - len;
+ in_data.data = buf;
ret = krb5_mk_req_internal(context, &ac, 0, &in_data, creds,
&padata->padata_value,
KRB5_KU_TGS_REQ_AUTH_CKSUM,
@@ -113,18 +91,9 @@ set_auth_data (krb5_context context,
krb5_crypto crypto;
krb5_error_code ret;
- len = length_AuthorizationData(authdata);
- buf = malloc(len);
- if (buf == NULL) {
- krb5_set_error_string(context, "malloc: out of memory");
- return ENOMEM;
- }
- ret = encode_AuthorizationData(buf + len - 1,
- len, authdata, &len);
- if (ret) {
- free (buf);
+ ASN1_MALLOC_ENCODE(AuthorizationData, buf, len, authdata, &len, ret);
+ if (ret)
return ret;
- }
ALLOC(req_body->enc_authorization_data, 1);
if (req_body->enc_authorization_data == NULL) {
@@ -173,16 +142,19 @@ init_tgs_req (krb5_context context,
TGS_REQ *t,
krb5_key_usage usage)
{
- krb5_error_code ret;
+ krb5_error_code ret = 0;
memset(t, 0, sizeof(*t));
t->pvno = 5;
t->msg_type = krb_tgs_req;
if (in_creds->session.keytype) {
- ret = krb5_keytype_to_enctypes_default (context,
- in_creds->session.keytype,
- &t->req_body.etype.len,
- &t->req_body.etype.val);
+ ALLOC_SEQ(&t->req_body.etype, 1);
+ if(t->req_body.etype.val == NULL) {
+ ret = ENOMEM;
+ krb5_set_error_string(context, "malloc: out of memory");
+ goto fail;
+ }
+ t->req_body.etype.val[0] = in_creds->session.keytype;
} else {
ret = krb5_init_etype(context,
&t->req_body.etype.len,
@@ -431,34 +403,11 @@ get_cred_kdc_usage(krb5_context context,
if (ret)
goto out;
- buf_size = 1024;
- buf = malloc (buf_size);
- if (buf == NULL) {
- krb5_set_error_string(context, "malloc: out of memory");
- ret = ENOMEM;
+ ASN1_MALLOC_ENCODE(TGS_REQ, buf, buf_size, &req, &enc.length, ret);
+ if (ret)
goto out;
- }
-
- do {
- ret = encode_TGS_REQ (buf + buf_size - 1, buf_size,
- &req, &enc.length);
- if (ret) {
- if (ret == ASN1_OVERFLOW) {
- u_char *tmp;
-
- buf_size *= 2;
- tmp = realloc (buf, buf_size);
- if (tmp == NULL) {
- krb5_set_error_string(context, "malloc: out of memory");
- ret = ENOMEM;
- goto out;
- }
- buf = tmp;
- } else {
- goto out;
- }
- }
- } while (ret == ASN1_OVERFLOW);
+ if(enc.length != buf_size)
+ krb5_abortx(context, "internal error in ASN.1 encoder");
/* don't free addresses */
req.req_body.addresses = NULL;
diff --git a/crypto/heimdal/lib/krb5/get_for_creds.c b/crypto/heimdal/lib/krb5/get_for_creds.c
index 53a3f2b..2bec9f7 100644
--- a/crypto/heimdal/lib/krb5/get_for_creds.c
+++ b/crypto/heimdal/lib/krb5/get_for_creds.c
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: get_for_creds.c,v 1.32 2002/03/10 23:12:23 assar Exp $");
+RCSID("$Id: get_for_creds.c,v 1.34 2002/09/04 16:26:04 joda Exp $");
static krb5_error_code
add_addrs(krb5_context context,
@@ -162,12 +162,14 @@ krb5_get_forwarded_creds (krb5_context context,
KrbCredInfo *krb_cred_info;
EncKrbCredPart enc_krb_cred_part;
size_t len;
- u_char buf[1024];
+ unsigned char *buf;
+ size_t buf_size;
int32_t sec, usec;
krb5_kdc_flags kdc_flags;
krb5_crypto crypto;
struct addrinfo *ai;
int save_errno;
+ krb5_keyblock *key;
addrs.len = 0;
addrs.val = NULL;
@@ -319,45 +321,51 @@ krb5_get_forwarded_creds (krb5_context context,
/* encode EncKrbCredPart */
- ret = krb5_encode_EncKrbCredPart (context,
- buf + sizeof(buf) - 1, sizeof(buf),
- &enc_krb_cred_part, &len);
+ ASN1_MALLOC_ENCODE(EncKrbCredPart, buf, buf_size,
+ &enc_krb_cred_part, &len, ret);
free_EncKrbCredPart (&enc_krb_cred_part);
if (ret) {
free_KRB_CRED(&cred);
return ret;
- }
+ }
+ if(buf_size != len)
+ krb5_abortx(context, "internal error in ASN.1 encoder");
+
+ if (auth_context->local_subkey)
+ key = auth_context->local_subkey;
+ else if (auth_context->remote_subkey)
+ key = auth_context->remote_subkey;
+ else
+ key = auth_context->keyblock;
- ret = krb5_crypto_init(context, auth_context->local_subkey, 0, &crypto);
+ ret = krb5_crypto_init(context, key, 0, &crypto);
if (ret) {
+ free(buf);
free_KRB_CRED(&cred);
return ret;
}
ret = krb5_encrypt_EncryptedData (context,
crypto,
KRB5_KU_KRB_CRED,
- buf + sizeof(buf) - len,
+ buf,
len,
0,
&cred.enc_part);
+ free(buf);
krb5_crypto_destroy(context, crypto);
if (ret) {
free_KRB_CRED(&cred);
return ret;
}
- ret = encode_KRB_CRED (buf + sizeof(buf) - 1, sizeof(buf),
- &cred, &len);
+ ASN1_MALLOC_ENCODE(KRB_CRED, buf, buf_size, &cred, &len, ret);
free_KRB_CRED (&cred);
if (ret)
return ret;
+ if(buf_size != len)
+ krb5_abortx(context, "internal error in ASN.1 encoder");
out_data->length = len;
- out_data->data = malloc(len);
- if (out_data->data == NULL) {
- krb5_set_error_string(context, "malloc: out of memory");
- return ENOMEM;
- }
- memcpy (out_data->data, buf + sizeof(buf) - len, len);
+ out_data->data = buf;
return 0;
out4:
free_EncKrbCredPart(&enc_krb_cred_part);
diff --git a/crypto/heimdal/lib/krb5/get_in_tkt.c b/crypto/heimdal/lib/krb5/get_in_tkt.c
index 04587ea..74a0204 100644
--- a/crypto/heimdal/lib/krb5/get_in_tkt.c
+++ b/crypto/heimdal/lib/krb5/get_in_tkt.c
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: get_in_tkt.c,v 1.104 2002/04/18 09:11:39 joda Exp $");
+RCSID("$Id: get_in_tkt.c,v 1.106 2002/09/04 16:26:04 joda Exp $");
krb5_error_code
krb5_init_etype (krb5_context context,
@@ -158,22 +158,12 @@ _krb5_extract_ticket(krb5_context context,
creds->client = tmp_principal;
/* extract ticket */
- {
- unsigned char *buf;
- size_t len;
- len = length_Ticket(&rep->kdc_rep.ticket);
- buf = malloc(len);
- if(buf == NULL) {
- krb5_set_error_string(context, "malloc: out of memory");
- ret = ENOMEM;
- goto out;
- }
- encode_Ticket(buf + len - 1, len, &rep->kdc_rep.ticket, &len);
- creds->ticket.data = buf;
- creds->ticket.length = len;
- creds->second_ticket.length = 0;
- creds->second_ticket.data = NULL;
- }
+ ASN1_MALLOC_ENCODE(Ticket, creds->ticket.data, creds->ticket.length,
+ &rep->kdc_rep.ticket, &creds->ticket.length, ret);
+ if(ret)
+ goto out;
+ creds->second_ticket.length = 0;
+ creds->second_ticket.data = NULL;
/* compare server */
@@ -223,7 +213,8 @@ _krb5_extract_ticket(krb5_context context,
/* set kdc-offset */
krb5_timeofday (context, &sec_now);
- if (context->kdc_sec_offset == 0
+ if (rep->enc_part.flags.initial
+ && context->kdc_sec_offset == 0
&& krb5_config_get_bool (context, NULL,
"libdefaults",
"kdc_timesync",
@@ -314,7 +305,8 @@ make_pa_enc_timestamp(krb5_context context, PA_DATA *pa,
krb5_enctype etype, krb5_keyblock *key)
{
PA_ENC_TS_ENC p;
- u_char buf[1024];
+ unsigned char *buf;
+ size_t buf_size;
size_t len;
EncryptedData encdata;
krb5_error_code ret;
@@ -327,39 +319,37 @@ make_pa_enc_timestamp(krb5_context context, PA_DATA *pa,
usec2 = usec;
p.pausec = &usec2;
- ret = encode_PA_ENC_TS_ENC(buf + sizeof(buf) - 1,
- sizeof(buf),
- &p,
- &len);
+ ASN1_MALLOC_ENCODE(PA_ENC_TS_ENC, buf, buf_size, &p, &len, ret);
if (ret)
return ret;
-
+ if(buf_size != len)
+ krb5_abortx(context, "internal error in ASN.1 encoder");
ret = krb5_crypto_init(context, key, 0, &crypto);
- if (ret)
+ if (ret) {
+ free(buf);
return ret;
+ }
ret = krb5_encrypt_EncryptedData(context,
crypto,
KRB5_KU_PA_ENC_TIMESTAMP,
- buf + sizeof(buf) - len,
+ buf,
len,
0,
&encdata);
+ free(buf);
krb5_crypto_destroy(context, crypto);
if (ret)
return ret;
- ret = encode_EncryptedData(buf + sizeof(buf) - 1,
- sizeof(buf),
- &encdata,
- &len);
+ ASN1_MALLOC_ENCODE(EncryptedData, buf, buf_size, &encdata, &len, ret);
free_EncryptedData(&encdata);
if (ret)
return ret;
+ if(buf_size != len)
+ krb5_abortx(context, "internal error in ASN.1 encoder");
pa->padata_type = KRB5_PADATA_ENC_TIMESTAMP;
- pa->padata_value.length = 0;
- krb5_data_copy(&pa->padata_value,
- buf + sizeof(buf) - len,
- len);
+ pa->padata_value.length = len;
+ pa->padata_value.data = buf;
return 0;
}
@@ -656,7 +646,7 @@ krb5_get_in_cred(krb5_context context,
AS_REQ a;
krb5_kdc_rep rep;
krb5_data req, resp;
- char buf[BUFSIZ];
+ size_t len;
krb5_salt salt;
krb5_keyblock *key;
size_t size;
@@ -692,17 +682,15 @@ krb5_get_in_cred(krb5_context context,
if (ret)
return ret;
- ret = encode_AS_REQ ((unsigned char*)buf + sizeof(buf) - 1,
- sizeof(buf),
- &a,
- &req.length);
+ ASN1_MALLOC_ENCODE(AS_REQ, req.data, req.length, &a, &len, ret);
free_AS_REQ(&a);
if (ret)
return ret;
-
- req.data = buf + sizeof(buf) - req.length;
+ if(len != req.length)
+ krb5_abortx(context, "internal error in ASN.1 encoder");
ret = krb5_sendto_kdc (context, &req, &creds->client->realm, &resp);
+ krb5_data_free(&req);
if (ret)
return ret;
diff --git a/crypto/heimdal/lib/krb5/keytab_keyfile.c b/crypto/heimdal/lib/krb5/keytab_keyfile.c
index 7dd0cd9..e4c4eb6 100644
--- a/crypto/heimdal/lib/krb5/keytab_keyfile.c
+++ b/crypto/heimdal/lib/krb5/keytab_keyfile.c
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: keytab_keyfile.c,v 1.13 2002/04/18 14:04:21 joda Exp $");
+RCSID("$Id: keytab_keyfile.c,v 1.14 2002/09/09 14:22:26 nectar Exp $");
/* afs keyfile operations --------------------------------------- */
@@ -297,7 +297,7 @@ akf_add_entry(krb5_context context,
fd = open (d->filename, O_RDWR | O_BINARY);
if (fd < 0) {
fd = open (d->filename,
- O_RDWR | O_BINARY | O_CREAT, 0600);
+ O_RDWR | O_BINARY | O_CREAT | O_EXCL, 0600);
if (fd < 0) {
ret = errno;
krb5_set_error_string(context, "open(%s): %s", d->filename,
diff --git a/crypto/heimdal/lib/krb5/krb5-protos.h b/crypto/heimdal/lib/krb5/krb5-protos.h
index 30ebf50..91a28f1 100644
--- a/crypto/heimdal/lib/krb5/krb5-protos.h
+++ b/crypto/heimdal/lib/krb5/krb5-protos.h
@@ -194,6 +194,12 @@ krb5_auth_con_genaddrs (
int /*flags*/);
krb5_error_code
+krb5_auth_con_generatelocalsubkey (
+ krb5_context /*context*/,
+ krb5_auth_context /*auth_context*/,
+ krb5_keyblock */*key*/);
+
+krb5_error_code
krb5_auth_con_getaddrs (
krb5_context /*context*/,
krb5_auth_context /*auth_context*/,
@@ -806,6 +812,12 @@ krb5_crypto_destroy (
krb5_crypto /*crypto*/);
krb5_error_code
+krb5_crypto_getblocksize (
+ krb5_context /*context*/,
+ krb5_crypto /*crypto*/,
+ size_t */*blocksize*/);
+
+krb5_error_code
krb5_crypto_init (
krb5_context /*context*/,
const krb5_keyblock */*key*/,
diff --git a/crypto/heimdal/lib/krb5/krb5.h b/crypto/heimdal/lib/krb5/krb5.h
index c50833e..cb035bc 100644
--- a/crypto/heimdal/lib/krb5/krb5.h
+++ b/crypto/heimdal/lib/krb5/krb5.h
@@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
-/* $Id: krb5.h,v 1.203 2002/08/22 10:06:20 joda Exp $ */
+/* $Id: krb5.h,v 1.205 2002/09/03 17:31:47 joda Exp $ */
#ifndef __KRB5_H__
#define __KRB5_H__
@@ -99,7 +99,6 @@ enum {
ENCTYPE_DES3_CBC_NONE = ETYPE_DES3_CBC_NONE,
ENCTYPE_DES_CFB64_NONE = ETYPE_DES_CFB64_NONE,
ENCTYPE_DES_PCBC_NONE = ETYPE_DES_PCBC_NONE,
- ENCTYPE_DES3_CBC_NONE_IVEC = ETYPE_DES3_CBC_NONE_IVEC
};
typedef PADATA_TYPE krb5_preauthtype;
@@ -208,7 +207,8 @@ typedef enum krb5_address_type {
enum {
AP_OPTS_USE_SESSION_KEY = 1,
- AP_OPTS_MUTUAL_REQUIRED = 2
+ AP_OPTS_MUTUAL_REQUIRED = 2,
+ AP_OPTS_USE_SUBKEY = 4 /* library internal */
};
typedef HostAddress krb5_address;
diff --git a/crypto/heimdal/lib/krb5/krb5_appdefault.3 b/crypto/heimdal/lib/krb5/krb5_appdefault.3
index 750bb75..f82ec7a 100644
--- a/crypto/heimdal/lib/krb5/krb5_appdefault.3
+++ b/crypto/heimdal/lib/krb5/krb5_appdefault.3
@@ -1,5 +1,5 @@
.\" Copyright (c) 2000 Kungliga Tekniska Högskolan
-.\" $Id: krb5_appdefault.3,v 1.7 2002/08/28 15:30:46 joda Exp $
+.\" $Id: krb5_appdefault.3,v 1.8 2002/09/13 14:49:31 joda Exp $
.Dd July 25, 2000
.Dt KRB5_APPDEFAULT 3
.Os HEIMDAL
@@ -19,7 +19,7 @@ Kerberos 5 Library (libkrb5, -lkrb5)
.Ft void
.Fn krb5_appdefault_time "krb5_context context" "const char *appname" "krb5_realm realm" "const char *option" "time_t def_val" "time_t *ret_val"
.Sh DESCRIPTION
-These functions get application application defaults from the
+These functions get application defaults from the
.Dv appdefaults
section of the
.Xr krb5.conf 5
diff --git a/crypto/heimdal/lib/krb5/krb5_auth_context.3 b/crypto/heimdal/lib/krb5/krb5_auth_context.3
index afc81e8..2afaec5 100644
--- a/crypto/heimdal/lib/krb5/krb5_auth_context.3
+++ b/crypto/heimdal/lib/krb5/krb5_auth_context.3
@@ -1,5 +1,5 @@
.\" Copyright (c) 2001 Kungliga Tekniska Högskolan
-.\" $Id: krb5_auth_context.3,v 1.4 2002/08/28 14:46:20 joda Exp $
+.\" $Id: krb5_auth_context.3,v 1.5 2002/09/02 12:42:00 joda Exp $
.Dd January 21, 2001
.Dt KRB5_AUTH_CONTEXT 3
.Os HEIMDAL
@@ -34,7 +34,7 @@
.Nm krb5_auth_con_setrcache ,
.Nm krb5_auth_con_initivector ,
.Nm krb5_auth_con_setivector
-.Nd manage authetication on connection level
+.Nd manage authentication on connection level
.Sh LIBRARY
Kerberos 5 Library (libkrb5, -lkrb5)
.Sh SYNOPSIS
diff --git a/crypto/heimdal/lib/krb5/krb5_context.3 b/crypto/heimdal/lib/krb5/krb5_context.3
index 6794f5a..a90ab72 100644
--- a/crypto/heimdal/lib/krb5/krb5_context.3
+++ b/crypto/heimdal/lib/krb5/krb5_context.3
@@ -1,5 +1,5 @@
.\" Copyright (c) 2001 Kungliga Tekniska Högskolan
-.\" $Id: krb5_context.3,v 1.3 2002/08/28 15:30:48 joda Exp $
+.\" $Id: krb5_context.3,v 1.4 2002/09/02 12:42:00 joda Exp $
.Dd January 21, 2001
.Dt KRB5_CONTEXT 3
.Os HEIMDAL
@@ -10,8 +10,8 @@
The
.Nm
structure is designed to hold all per thread state. All global
-variables that are context specific are stored in this struture,
-including default encryption types, credential-cache (ticket file), and
+variables that are context specific are stored in this structure,
+including default encryption types, credentials-cache (ticket file), and
default realms.
.Pp
The internals of the structure should never be accessed directly,
diff --git a/crypto/heimdal/lib/krb5/krb5_init_context.3 b/crypto/heimdal/lib/krb5/krb5_init_context.3
index e59b0d0..8a1141a 100644
--- a/crypto/heimdal/lib/krb5/krb5_init_context.3
+++ b/crypto/heimdal/lib/krb5/krb5_init_context.3
@@ -1,5 +1,5 @@
.\" Copyright (c) 2001 Kungliga Tekniska Högskolan
-.\" $Id: krb5_init_context.3,v 1.5 2002/08/28 15:30:53 joda Exp $
+.\" $Id: krb5_init_context.3,v 1.6 2002/09/02 12:42:00 joda Exp $
.Dd January 21, 2001
.Dt KRB5_CONTEXT 3
.Os HEIMDAL
@@ -20,7 +20,7 @@ The
.Fn krb5_init_context
function initializes the
.Fa context
-structure and reads the configration file
+structure and reads the configuration file
.Pa /etc/krb5.conf .
.Pp
The structure should be freed by calling
diff --git a/crypto/heimdal/lib/krb5/krb5_parse_name.3 b/crypto/heimdal/lib/krb5/krb5_parse_name.3
index 1491117..285c4e2 100644
--- a/crypto/heimdal/lib/krb5/krb5_parse_name.3
+++ b/crypto/heimdal/lib/krb5/krb5_parse_name.3
@@ -1,5 +1,5 @@
.\" Copyright (c) 1997 Kungliga Tekniska Högskolan
-.\" $Id: krb5_parse_name.3,v 1.5 2002/08/28 15:30:55 joda Exp $
+.\" $Id: krb5_parse_name.3,v 1.6 2002/09/02 12:42:00 joda Exp $
.Dd August 8, 1997
.Dt KRB5_PARSE_NAME 3
.Os HEIMDAL
@@ -14,7 +14,7 @@ Kerberos 5 Library (libkrb5, -lkrb5)
.Fn krb5_parse_name "krb5_context context" "const char *name" "krb5_principal *principal"
.Sh DESCRIPTION
.Fn krb5_parse_name
-converts a string representation of a princpal name to
+converts a string representation of a principal name to
.Nm krb5_principal .
The
.Fa principal
diff --git a/crypto/heimdal/lib/krb5/krb5_unparse_name.3 b/crypto/heimdal/lib/krb5/krb5_unparse_name.3
index 0eee63b..e58b911 100644
--- a/crypto/heimdal/lib/krb5/krb5_unparse_name.3
+++ b/crypto/heimdal/lib/krb5/krb5_unparse_name.3
@@ -1,5 +1,5 @@
.\" Copyright (c) 1997 Kungliga Tekniska Högskolan
-.\" $Id: krb5_unparse_name.3,v 1.5 2002/08/28 15:30:57 joda Exp $
+.\" $Id: krb5_unparse_name.3,v 1.6 2002/09/02 12:42:00 joda Exp $
.Dd August 8, 1997
.Dt KRB5_UNPARSE_NAME 3
.Os HEIMDAL
@@ -18,7 +18,8 @@ Kerberos 5 Library (libkrb5, -lkrb5)
.Sh DESCRIPTION
This function takes a
.Fa principal ,
-and will convert in to a printable representation with the same syntax as decribed in
+and will convert in to a printable representation with the same syntax
+as described in
.Xr krb5_parse_name 3 .
.Fa *name
will point to allocated data and should be freed by the caller.
diff --git a/crypto/heimdal/lib/krb5/kuserok.c b/crypto/heimdal/lib/krb5/kuserok.c
index ae8ddec..17770c1 100644
--- a/crypto/heimdal/lib/krb5/kuserok.c
+++ b/crypto/heimdal/lib/krb5/kuserok.c
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: kuserok.c,v 1.5 1999/12/02 17:05:11 joda Exp $");
+RCSID("$Id: kuserok.c,v 1.6 2002/09/16 17:32:11 nectar Exp $");
/*
* Return TRUE iff `principal' is allowed to login as `luser'.
@@ -88,9 +88,7 @@ krb5_kuserok (krb5_context context,
while (fgets (buf, sizeof(buf), f) != NULL) {
krb5_principal tmp;
- if(buf[strlen(buf) - 1] == '\n')
- buf[strlen(buf) - 1] = '\0';
-
+ buf[strcspn(buf, "\n")] = '\0';
ret = krb5_parse_name (context, buf, &tmp);
if (ret) {
fclose (f);
diff --git a/crypto/heimdal/lib/krb5/log.c b/crypto/heimdal/lib/krb5/log.c
index ecdb753..bd7451b 100644
--- a/crypto/heimdal/lib/krb5/log.c
+++ b/crypto/heimdal/lib/krb5/log.c
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: log.c,v 1.30 2002/08/20 09:49:09 joda Exp $");
+RCSID("$Id: log.c,v 1.31 2002/09/05 14:59:14 joda Exp $");
struct facility {
int min;
@@ -382,24 +382,33 @@ krb5_vlog_msg(krb5_context context,
va_list ap)
__attribute__((format (printf, 5, 0)))
{
- char *msg;
- const char *actual;
+
+ char *msg = NULL;
+ const char *actual = NULL;
char buf[64];
- time_t t;
+ time_t t = 0;
int i;
- vasprintf(&msg, fmt, ap);
- if (msg != NULL)
- actual = msg;
- else
- actual = fmt;
- t = time(NULL);
- krb5_format_time(context, t, buf, sizeof(buf), TRUE);
- for(i = 0; i < fac->len; i++)
+ for(i = 0; fac && i < fac->len; i++)
if(fac->val[i].min <= level &&
- (fac->val[i].max < 0 || fac->val[i].max >= level))
+ (fac->val[i].max < 0 || fac->val[i].max >= level)) {
+ if(t == 0) {
+ t = time(NULL);
+ krb5_format_time(context, t, buf, sizeof(buf), TRUE);
+ }
+ if(actual == NULL) {
+ vasprintf(&msg, fmt, ap);
+ if(msg == NULL)
+ actual = fmt;
+ else
+ actual = msg;
+ }
(*fac->val[i].log)(buf, actual, fac->val[i].data);
- *reply = msg;
+ }
+ if(reply == NULL)
+ free(msg);
+ else
+ *reply = msg;
return 0;
}
@@ -411,12 +420,7 @@ krb5_vlog(krb5_context context,
va_list ap)
__attribute__((format (printf, 4, 0)))
{
- char *msg;
- krb5_error_code ret;
-
- ret = krb5_vlog_msg(context, fac, &msg, level, fmt, ap);
- free(msg);
- return ret;
+ return krb5_vlog_msg(context, fac, NULL, level, fmt, ap);
}
krb5_error_code
diff --git a/crypto/heimdal/lib/krb5/mk_error.c b/crypto/heimdal/lib/krb5/mk_error.c
index 249f478..ae9e10a 100644
--- a/crypto/heimdal/lib/krb5/mk_error.c
+++ b/crypto/heimdal/lib/krb5/mk_error.c
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: mk_error.c,v 1.17 2002/03/27 09:29:43 joda Exp $");
+RCSID("$Id: mk_error.c,v 1.18 2002/09/04 16:26:04 joda Exp $");
krb5_error_code
krb5_mk_error(krb5_context context,
@@ -47,8 +47,6 @@ krb5_mk_error(krb5_context context,
krb5_data *reply)
{
KRB_ERROR msg;
- u_char *buf;
- size_t buf_size;
int32_t sec, usec;
size_t len;
krb5_error_code ret = 0;
@@ -84,45 +82,10 @@ krb5_mk_error(krb5_context context,
msg.cname = &client->name;
}
- buf_size = 1024;
- buf = malloc (buf_size);
- if (buf == NULL) {
- krb5_set_error_string (context, "malloc: out of memory");
- return ENOMEM;
- }
-
- do {
- ret = encode_KRB_ERROR(buf + buf_size - 1,
- buf_size,
- &msg,
- &len);
- if (ret) {
- if (ret == ASN1_OVERFLOW) {
- u_char *tmp;
-
- buf_size *= 2;
- tmp = realloc (buf, buf_size);
- if (tmp == NULL) {
- krb5_set_error_string (context, "malloc: out of memory");
- ret = ENOMEM;
- goto out;
- }
- buf = tmp;
- } else {
- goto out;
- }
- }
- } while (ret == ASN1_OVERFLOW);
-
- reply->length = len;
- reply->data = malloc(len);
- if (reply->data == NULL) {
- krb5_set_error_string (context, "malloc: out of memory");
- ret = ENOMEM;
- goto out;
- }
- memcpy (reply->data, buf + buf_size - len, len);
-out:
- free (buf);
- return ret;
+ ASN1_MALLOC_ENCODE(KRB_ERROR, reply->data, reply->length, &msg, &len, ret);
+ if (ret)
+ return ret;
+ if(reply->length != len)
+ krb5_abortx(context, "internal error in ASN.1 encoder");
+ return 0;
}
diff --git a/crypto/heimdal/lib/krb5/mk_priv.c b/crypto/heimdal/lib/krb5/mk_priv.c
index 3f49a41..b89f7e9 100644
--- a/crypto/heimdal/lib/krb5/mk_priv.c
+++ b/crypto/heimdal/lib/krb5/mk_priv.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,12 +33,9 @@
#include <krb5_locl.h>
-RCSID("$Id: mk_priv.c,v 1.30 2001/06/18 02:44:54 assar Exp $");
-
-/*
- *
- */
+RCSID("$Id: mk_priv.c,v 1.31 2002/09/04 16:26:04 joda Exp $");
+
krb5_error_code
krb5_mk_priv(krb5_context context,
krb5_auth_context auth_context,
@@ -83,35 +80,11 @@ krb5_mk_priv(krb5_context context,
part.s_address = auth_context->local_address;
part.r_address = auth_context->remote_address;
- buf_size = 1024;
- buf = malloc (buf_size);
- if (buf == NULL) {
- krb5_set_error_string (context, "malloc: out of memory");
- return ENOMEM;
- }
-
krb5_data_zero (&s.enc_part.cipher);
- do {
- ret = encode_EncKrbPrivPart (buf + buf_size - 1, buf_size,
- &part, &len);
- if (ret) {
- if (ret == ASN1_OVERFLOW) {
- u_char *tmp;
-
- buf_size *= 2;
- tmp = realloc (buf, buf_size);
- if (tmp == NULL) {
- krb5_set_error_string (context, "malloc: out of memory");
- ret = ENOMEM;
- goto fail;
- }
- buf = tmp;
- } else {
- goto fail;
- }
- }
- } while(ret == ASN1_OVERFLOW);
+ ASN1_MALLOC_ENCODE(EncKrbPrivPart, buf, buf_size, &part, &len, ret);
+ if (ret)
+ goto fail;
s.pvno = 5;
s.msg_type = krb_priv;
@@ -134,37 +107,21 @@ krb5_mk_priv(krb5_context context,
free(buf);
return ret;
}
+ free(buf);
+
- do {
- ret = encode_KRB_PRIV (buf + buf_size - 1, buf_size, &s, &len);
-
- if (ret){
- if (ret == ASN1_OVERFLOW) {
- u_char *tmp;
-
- buf_size *= 2;
- tmp = realloc (buf, buf_size);
- if (tmp == NULL) {
- krb5_set_error_string (context, "malloc: out of memory");
- ret = ENOMEM;
- goto fail;
- }
- buf = tmp;
- } else {
- goto fail;
- }
- }
- } while(ret == ASN1_OVERFLOW);
+ ASN1_MALLOC_ENCODE(KRB_PRIV, buf, buf_size, &s, &len, ret);
+
+ if(ret)
+ goto fail;
krb5_data_free (&s.enc_part.cipher);
- outbuf->length = len;
- outbuf->data = malloc (len);
- if (outbuf->data == NULL) {
+ ret = krb5_data_copy(outbuf, buf + buf_size - len, len);
+ if (ret) {
krb5_set_error_string (context, "malloc: out of memory");
free(buf);
return ENOMEM;
}
- memcpy (outbuf->data, buf + buf_size - len, len);
free (buf);
if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE)
auth_context->local_seqnumber =
diff --git a/crypto/heimdal/lib/krb5/mk_rep.c b/crypto/heimdal/lib/krb5/mk_rep.c
index fc6b4f2..b955555 100644
--- a/crypto/heimdal/lib/krb5/mk_rep.c
+++ b/crypto/heimdal/lib/krb5/mk_rep.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: mk_rep.c,v 1.19 2001/05/14 06:14:49 assar Exp $");
+RCSID("$Id: mk_rep.c,v 1.20 2002/09/04 16:26:05 joda Exp $");
krb5_error_code
krb5_mk_rep(krb5_context context,
@@ -72,21 +72,10 @@ krb5_mk_rep(krb5_context context,
ap.enc_part.etype = auth_context->keyblock->keytype;
ap.enc_part.kvno = NULL;
- buf_size = length_EncAPRepPart(&body);
- buf = malloc (buf_size);
- if (buf == NULL) {
- free_EncAPRepPart (&body);
- krb5_set_error_string (context, "malloc: out of memory");
- return ENOMEM;
- }
-
- ret = krb5_encode_EncAPRepPart (context,
- buf + buf_size - 1,
- buf_size,
- &body,
- &len);
-
+ ASN1_MALLOC_ENCODE(EncAPRepPart, buf, buf_size, &body, &len, ret);
free_EncAPRepPart (&body);
+ if(ret)
+ return ret;
ret = krb5_crypto_init(context, auth_context->keyblock,
0 /* ap.enc_part.etype */, &crypto);
if (ret) {
@@ -105,20 +94,7 @@ krb5_mk_rep(krb5_context context,
return ret;
}
- buf_size = length_AP_REP(&ap);
- buf = realloc(buf, buf_size);
- if(buf == NULL) {
- free_AP_REP (&ap);
- krb5_set_error_string (context, "malloc: out of memory");
- return ENOMEM;
- }
- ret = encode_AP_REP (buf + buf_size - 1, buf_size, &ap, &len);
-
+ ASN1_MALLOC_ENCODE(AP_REP, outbuf->data, outbuf->length, &ap, &len, ret);
free_AP_REP (&ap);
-
- if(len != buf_size)
- krb5_abortx(context, "krb5_mk_rep: encoded length != calculated length");
- outbuf->data = buf;
- outbuf->length = len;
- return 0;
+ return ret;
}
diff --git a/crypto/heimdal/lib/krb5/mk_req_ext.c b/crypto/heimdal/lib/krb5/mk_req_ext.c
index 5ab7a1c..aa5e3c4 100644
--- a/crypto/heimdal/lib/krb5/mk_req_ext.c
+++ b/crypto/heimdal/lib/krb5/mk_req_ext.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: mk_req_ext.c,v 1.25 2001/05/09 07:15:00 assar Exp $");
+RCSID("$Id: mk_req_ext.c,v 1.26 2002/09/02 17:13:52 joda Exp $");
krb5_error_code
krb5_mk_req_internal(krb5_context context,
@@ -62,6 +62,12 @@ krb5_mk_req_internal(krb5_context context,
if(ret)
return ret;
+ if(ac->local_subkey == NULL && (ap_req_options & AP_OPTS_USE_SUBKEY)) {
+ ret = krb5_auth_con_generatelocalsubkey(context, ac, &in_creds->session);
+ if(ret)
+ return ret;
+ }
+
#if 0
{
/* This is somewhat bogus since we're possibly overwriting a
diff --git a/crypto/heimdal/lib/krb5/mk_safe.c b/crypto/heimdal/lib/krb5/mk_safe.c
index 114aa8e..a839df4 100644
--- a/crypto/heimdal/lib/krb5/mk_safe.c
+++ b/crypto/heimdal/lib/krb5/mk_safe.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: mk_safe.c,v 1.27 2001/06/18 02:45:15 assar Exp $");
+RCSID("$Id: mk_safe.c,v 1.28 2002/09/04 16:26:05 joda Exp $");
krb5_error_code
krb5_mk_safe(krb5_context context,
@@ -48,7 +48,6 @@ krb5_mk_safe(krb5_context context,
KerberosTime sec2;
int usec2;
u_char *buf = NULL;
- void *tmp;
size_t buf_size;
size_t len;
u_int32_t tmp_seq;
@@ -85,17 +84,11 @@ krb5_mk_safe(krb5_context context,
s.cksum.checksum.data = NULL;
s.cksum.checksum.length = 0;
- buf_size = length_KRB_SAFE(&s);
- buf = malloc(buf_size + 128); /* add some for checksum */
- if(buf == NULL) {
- krb5_set_error_string (context, "malloc: out of memory");
- return ENOMEM;
- }
- ret = encode_KRB_SAFE (buf + buf_size - 1, buf_size, &s, &len);
- if (ret) {
- free (buf);
+ ASN1_MALLOC_ENCODE(KRB_SAFE, buf, buf_size, &s, &len, ret);
+ if (ret)
return ret;
- }
+ if(buf_size != len)
+ krb5_abortx(context, "internal error in ASN.1 encoder");
ret = krb5_crypto_init(context, key, 0, &crypto);
if (ret) {
free (buf);
@@ -105,7 +98,7 @@ krb5_mk_safe(krb5_context context,
crypto,
KRB5_KU_KRB_SAFE_CKSUM,
0,
- buf + buf_size - len,
+ buf,
len,
&s.cksum);
krb5_crypto_destroy(context, crypto);
@@ -114,27 +107,16 @@ krb5_mk_safe(krb5_context context,
return ret;
}
- buf_size = length_KRB_SAFE(&s);
- tmp = realloc(buf, buf_size);
- if(tmp == NULL) {
- free(buf);
- krb5_set_error_string (context, "malloc: out of memory");
- return ENOMEM;
- }
- buf = tmp;
-
- ret = encode_KRB_SAFE (buf + buf_size - 1, buf_size, &s, &len);
+ free(buf);
+ ASN1_MALLOC_ENCODE(KRB_SAFE, buf, buf_size, &s, &len, ret);
free_Checksum (&s.cksum);
+ if(ret)
+ return ret;
+ if(buf_size != len)
+ krb5_abortx(context, "internal error in ASN.1 encoder");
outbuf->length = len;
- outbuf->data = malloc (len);
- if (outbuf->data == NULL) {
- free (buf);
- krb5_set_error_string (context, "malloc: out of memory");
- return ENOMEM;
- }
- memcpy (outbuf->data, buf + buf_size - len, len);
- free (buf);
+ outbuf->data = buf;
if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE)
auth_context->local_seqnumber =
(auth_context->local_seqnumber + 1) & 0xFFFFFFFF;
diff --git a/crypto/heimdal/lib/krb5/name-45-test.c b/crypto/heimdal/lib/krb5/name-45-test.c
new file mode 100644
index 0000000..373586e
--- /dev/null
+++ b/crypto/heimdal/lib/krb5/name-45-test.c
@@ -0,0 +1,277 @@
+/*
+ * Copyright (c) 2002 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of KTH nor the names of its contributors may be
+ * used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
+
+#include "krb5_locl.h"
+
+RCSID("$Id: name-45-test.c,v 1.2 2002/08/31 03:33:07 assar Exp $");
+
+enum { MAX_COMPONENTS = 3 };
+
+static struct testcase {
+ const char *v4_name;
+ const char *v4_inst;
+ const char *v4_realm;
+
+ krb5_realm v5_realm;
+ unsigned ncomponents;
+ char *comp_val[MAX_COMPONENTS];
+
+ const char *config_file;
+ krb5_error_code ret; /* expected error code from 524 */
+
+ krb5_error_code ret2; /* expected error code from 425 */
+} tests[] = {
+ {"", "", "", "", 1, {""}, NULL, 0, 0},
+ {"a", "", "", "", 1, {"a"}, NULL, 0, 0},
+ {"a", "b", "", "", 2, {"a", "b"}, NULL, 0, 0},
+ {"a", "b", "c", "c", 2, {"a", "b"}, NULL, 0, 0},
+
+ {"krbtgt", "FOO.SE", "FOO.SE", "FOO.SE", 2,
+ {"krbtgt", "FOO.SE"}, NULL, 0, 0},
+
+ {"foo", "bar", "BAZ", "BAZ", 2,
+ {"foo", "bar"}, NULL, 0, 0},
+ {"foo", "bar", "BAZ", "BAZ", 2,
+ {"foo", "bar"},
+ "[libdefaults]\n"
+ " v4_name_convert = {\n"
+ " host = {\n"
+ " foo = foo5\n"
+ " }\n"
+ "}\n",
+ HEIM_ERR_V4_PRINC_NO_CONV, 0},
+ {"foo", "bar", "BAZ", "BAZ", 2,
+ {"foo5", "bar.baz"},
+ "[realms]\n"
+ " BAZ = {\n"
+ " v4_name_convert = {\n"
+ " host = {\n"
+ " foo = foo5\n"
+ " }\n"
+ " }\n"
+ " v4_instance_convert = {\n"
+ " bar = bar.baz\n"
+ " }\n"
+ " }\n",
+ 0, 0},
+
+ {"rcmd", "foo", "realm", "realm", 2, {"host", "foo"}, NULL,
+ HEIM_ERR_V4_PRINC_NO_CONV, 0},
+ {"rcmd", "foo", "realm", "realm", 2, {"host", "foo.realm"},
+ "[realms]\n"
+ " realm = {\n"
+ " v4_instance_convert = {\n"
+ " foo = foo.realm\n"
+ " }\n"
+ " }\n",
+ 0, 0},
+
+ {"pop", "mail0", "NADA.KTH.SE", "NADA.KTH.SE", 2,
+ {"pop", "mail0.nada.kth.se"}, NULL, HEIM_ERR_V4_PRINC_NO_CONV, 0},
+ {"pop", "mail0", "NADA.KTH.SE", "NADA.KTH.SE", 2,
+ {"pop", "mail0.nada.kth.se"},
+ "[realms]\n"
+ " NADA.KTH.SE = {\n"
+ " default_domain = nada.kth.se\n"
+ " }\n",
+ 0, 0},
+ {"pop", "mail0", "NADA.KTH.SE", "NADA.KTH.SE", 2,
+ {"pop", "mail0.nada.kth.se"},
+ "[libdefaults]\n"
+ " v4_instance_resolve = true\n",
+ HEIM_ERR_V4_PRINC_NO_CONV, 0},
+
+ {"rcmd", "ratatosk", "NADA.KTH.SE", "NADA.KTH.SE", 2,
+ {"host", "ratatosk.pdc.kth.se"}, NULL, HEIM_ERR_V4_PRINC_NO_CONV, 0},
+ {"rcmd", "ratatosk", "NADA.KTH.SE", "NADA.KTH.SE", 2,
+ {"host", "ratatosk.pdc.kth.se"},
+ "[libdefaults]\n"
+ " v4_instance_resolve = true\n"
+ "[realms]\n"
+ " NADA.KTH.SE = {\n"
+ " v4_name_convert = {\n"
+ " host = {\n"
+ " rcmd = host\n"
+ " }\n"
+ " }\n"
+ " default_domain = pdc.kth.se\n"
+ " }\n",
+ 0, 0},
+
+ {"0123456789012345678901234567890123456789",
+ "0123456789012345678901234567890123456789",
+ "0123456789012345678901234567890123456789",
+ "0123456789012345678901234567890123456789",
+ 2, {"0123456789012345678901234567890123456789",
+ "0123456789012345678901234567890123456789"}, NULL,
+ 0, KRB5_PARSE_MALFORMED},
+
+ {"012345678901234567890123456789012345678",
+ "012345678901234567890123456789012345678",
+ "012345678901234567890123456789012345678",
+ "012345678901234567890123456789012345678",
+ 2, {"012345678901234567890123456789012345678",
+ "012345678901234567890123456789012345678"}, NULL,
+ 0, 0},
+
+ {NULL, NULL, NULL, NULL, 0, {}, NULL, 0}
+};
+
+int
+main(int argc, char **argv)
+{
+ struct testcase *t;
+ krb5_context context;
+ krb5_error_code ret;
+ int val = 0;
+
+ for (t = tests; t->v4_name; ++t) {
+ krb5_principal princ;
+ int i;
+ char name[40], inst[40], realm[40];
+ char printable_princ[256];
+
+ ret = krb5_init_context (&context);
+ if (ret)
+ errx (1, "krb5_init_context failed: %d", ret);
+
+ if (t->config_file != NULL) {
+ char template[] = "/tmp/krb5-conf-XXXXXX";
+ int fd = mkstemp(template);
+ char *files[2];
+
+ if (fd < 0)
+ krb5_err (context, 1, errno, "mkstemp %s", template);
+
+ if (write (fd, t->config_file, strlen(t->config_file))
+ != strlen(t->config_file))
+ krb5_err (context, 1, errno, "write %s", template);
+ close (fd);
+ files[0] = template;
+ files[1] = NULL;
+
+ ret = krb5_set_config_files (context, files);
+ unlink (template);
+ if (ret)
+ krb5_err (context, 1, ret, "krb5_set_config_files");
+ }
+
+ ret = krb5_425_conv_principal (context,
+ t->v4_name,
+ t->v4_inst,
+ t->v4_realm,
+ &princ);
+ if (ret) {
+ if (ret != t->ret) {
+ krb5_warn (context, ret,
+ "krb5_425_conv_principal %s.%s@%s",
+ t->v4_name, t->v4_inst, t->v4_realm);
+ val = 1;
+ }
+ } else {
+ if (t->ret) {
+ krb5_warnx (context,
+ "krb5_425_conv_principal %s.%s@%s "
+ "passed unexpected",
+ t->v4_name, t->v4_inst, t->v4_realm);
+ val = 1;
+ continue;
+ }
+ }
+
+ if (ret)
+ continue;
+
+ if (strcmp (t->v5_realm, princ->realm) != 0) {
+ printf ("wrong realm (\"%s\" should be \"%s\")"
+ " for \"%s.%s@%s\"\n",
+ princ->realm, t->v5_realm,
+ t->v4_name,
+ t->v4_inst,
+ t->v4_realm);
+ val = 1;
+ }
+
+ if (t->ncomponents != princ->name.name_string.len) {
+ printf ("wrong number of components (%u should be %u)"
+ " for \"%s.%s@%s\"\n",
+ princ->name.name_string.len, t->ncomponents,
+ t->v4_name,
+ t->v4_inst,
+ t->v4_realm);
+ val = 1;
+ } else {
+ for (i = 0; i < t->ncomponents; ++i) {
+ if (strcmp(t->comp_val[i],
+ princ->name.name_string.val[i]) != 0) {
+ printf ("bad component %d (\"%s\" should be \"%s\")"
+ " for \"%s.%s@%s\"\n",
+ i,
+ princ->name.name_string.val[i],
+ t->comp_val[i],
+ t->v4_name,
+ t->v4_inst,
+ t->v4_realm);
+ val = 1;
+ }
+ }
+ }
+ ret = krb5_524_conv_principal (context, princ,
+ name, inst, realm);
+ if (krb5_unparse_name_fixed(context, princ,
+ printable_princ, sizeof(printable_princ)))
+ strlcpy(printable_princ, "unknown principal",
+ sizeof(printable_princ));
+ if (ret) {
+ if (ret != t->ret2) {
+ krb5_warn (context, ret,
+ "krb5_524_conv_principal %s", printable_princ);
+ val = 1;
+ }
+ } else {
+ if (t->ret2) {
+ krb5_warnx (context,
+ "krb5_524_conv_principal %s "
+ "passed unexpected", printable_princ);
+ val = 1;
+ continue;
+ }
+ }
+ if (ret) {
+ krb5_free_principal (context, princ);
+ continue;
+ }
+
+ krb5_free_principal (context, princ);
+ }
+ return val;
+}
diff --git a/crypto/heimdal/lib/krb5/prompter_posix.c b/crypto/heimdal/lib/krb5/prompter_posix.c
index 4b9c573..4aea3a4 100644
--- a/crypto/heimdal/lib/krb5/prompter_posix.c
+++ b/crypto/heimdal/lib/krb5/prompter_posix.c
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: prompter_posix.c,v 1.6 2001/05/11 20:26:49 assar Exp $");
+RCSID("$Id: prompter_posix.c,v 1.7 2002/09/16 17:32:11 nectar Exp $");
int
krb5_prompter_posix (krb5_context context,
@@ -65,8 +65,7 @@ krb5_prompter_posix (krb5_context context,
prompts[i].reply->length,
stdin) == NULL)
return 1;
- if(s[strlen(s) - 1] == '\n')
- s[strlen(s) - 1] = '\0';
+ s[strcspn(s, "\n")] = '\0';
}
}
return 0;
diff --git a/crypto/heimdal/lib/krb5/rd_cred.c b/crypto/heimdal/lib/krb5/rd_cred.c
index 401770b..4a7d74c 100644
--- a/crypto/heimdal/lib/krb5/rd_cred.c
+++ b/crypto/heimdal/lib/krb5/rd_cred.c
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: rd_cred.c,v 1.17 2002/08/09 17:07:12 joda Exp $");
+RCSID("$Id: rd_cred.c,v 1.18 2002/09/04 16:26:05 joda Exp $");
krb5_error_code
krb5_rd_cred(krb5_context context,
@@ -214,7 +214,6 @@ krb5_rd_cred(krb5_context context,
for (i = 0; i < enc_krb_cred_part.ticket_info.len; ++i) {
KrbCredInfo *kci = &enc_krb_cred_part.ticket_info.val[i];
krb5_creds *creds;
- u_char buf[1024];
size_t len;
creds = calloc(1, sizeof(*creds));
@@ -224,12 +223,12 @@ krb5_rd_cred(krb5_context context,
goto out;
}
- ret = encode_Ticket (buf + sizeof(buf) - 1, sizeof(buf),
- &cred.tickets.val[i],
- &len);
+ ASN1_MALLOC_ENCODE(Ticket, creds->ticket.data, creds->ticket.length,
+ &cred.tickets.val[i], &len, ret);
if (ret)
goto out;
- krb5_data_copy (&creds->ticket, buf + sizeof(buf) - len, len);
+ if(creds->ticket.length != len)
+ krb5_abortx(context, "internal error in ASN.1 encoder");
copy_EncryptionKey (&kci->key, &creds->session);
if (kci->prealm && kci->pname)
principalname2krb5_principal (&creds->client,
diff --git a/crypto/heimdal/lib/krb5/rd_safe.c b/crypto/heimdal/lib/krb5/rd_safe.c
index 71271c6..bbba237 100644
--- a/crypto/heimdal/lib/krb5/rd_safe.c
+++ b/crypto/heimdal/lib/krb5/rd_safe.c
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: rd_safe.c,v 1.26 2002/02/14 12:47:47 joda Exp $");
+RCSID("$Id: rd_safe.c,v 1.27 2002/09/04 16:26:05 joda Exp $");
static krb5_error_code
verify_checksum(krb5_context context,
@@ -53,19 +53,11 @@ verify_checksum(krb5_context context,
safe->cksum.checksum.data = NULL;
safe->cksum.checksum.length = 0;
- buf_size = length_KRB_SAFE(safe);
- buf = malloc(buf_size);
-
- if (buf == NULL) {
- ret = ENOMEM;
- krb5_set_error_string (context, "malloc: out of memory");
- goto out;
- }
-
- ret = encode_KRB_SAFE (buf + buf_size - 1,
- buf_size,
- safe,
- &len);
+ ASN1_MALLOC_ENCODE(KRB_SAFE, buf, buf_size, safe, &len, ret);
+ if(ret)
+ return ret;
+ if(buf_size != len)
+ krb5_abortx(context, "internal error in ASN.1 encoder");
if (auth_context->remote_subkey)
key = auth_context->remote_subkey;
diff --git a/crypto/heimdal/lib/krb5/sendauth.c b/crypto/heimdal/lib/krb5/sendauth.c
index 8f2c544..c2889ee 100644
--- a/crypto/heimdal/lib/krb5/sendauth.c
+++ b/crypto/heimdal/lib/krb5/sendauth.c
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: sendauth.c,v 1.18 2001/05/14 06:14:51 assar Exp $");
+RCSID("$Id: sendauth.c,v 1.19 2002/09/04 21:34:43 joda Exp $");
/*
* The format seems to be:
@@ -86,6 +86,7 @@ krb5_sendauth(krb5_context context,
krb5_principal this_client = NULL;
krb5_creds *creds;
ssize_t sret;
+ krb5_boolean my_ccache = FALSE;
len = strlen(version) + 1;
net_len = htonl(len);
@@ -125,12 +126,16 @@ krb5_sendauth(krb5_context context,
ret = krb5_cc_default (context, &ccache);
if (ret)
return ret;
+ my_ccache = TRUE;
}
if (client == NULL) {
ret = krb5_cc_get_principal (context, ccache, &this_client);
- if (ret)
+ if (ret) {
+ if(my_ccache)
+ krb5_cc_close(context, ccache);
return ret;
+ }
client = this_client;
}
memset(&this_cred, 0, sizeof(this_cred));
@@ -142,11 +147,16 @@ krb5_sendauth(krb5_context context,
}
if (in_creds->ticket.length == 0) {
ret = krb5_get_credentials (context, 0, ccache, in_creds, &creds);
- if (ret)
+ if (ret) {
+ if(my_ccache)
+ krb5_cc_close(context, ccache);
return ret;
+ }
} else {
creds = in_creds;
}
+ if(my_ccache)
+ krb5_cc_close(context, ccache);
ret = krb5_mk_req_extended (context,
auth_context,
ap_req_options,
diff --git a/crypto/heimdal/lib/krb5/transited.c b/crypto/heimdal/lib/krb5/transited.c
index dbe6c80..b587c63 100644
--- a/crypto/heimdal/lib/krb5/transited.c
+++ b/crypto/heimdal/lib/krb5/transited.c
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: transited.c,v 1.8 2001/05/14 06:14:52 assar Exp $");
+RCSID("$Id: transited.c,v 1.9 2002/09/09 14:03:03 nectar Exp $");
/* this is an attempt at one of the most horrible `compression'
schemes that has ever been invented; it's so amazingly brain-dead
@@ -318,8 +318,9 @@ krb5_domain_x500_decode(krb5_context context,
if(ret)
return ret;
- /* remove empty components */
+ /* remove empty components and count realms */
q = &r;
+ *num_realms = 0;
for(p = r; p; ){
if(p->realm[0] == '\0'){
free(p->realm);
@@ -329,22 +330,20 @@ krb5_domain_x500_decode(krb5_context context,
}else{
q = &p->next;
p = p->next;
+ (*num_realms)++;
}
}
+ if (*num_realms < 0 || *num_realms + 1 > UINT_MAX/sizeof(**realms))
+ return ERANGE;
+
{
char **R;
- *realms = NULL;
- *num_realms = 0;
+ R = malloc((*num_realms + 1) * sizeof(*R));
+ if (R == NULL)
+ return ENOMEM;
+ *realms = R;
while(r){
- R = realloc(*realms, (*num_realms + 1) * sizeof(**realms));
- if(R == NULL) {
- free(*realms);
- krb5_set_error_string (context, "malloc: out of memory");
- return ENOMEM;
- }
- R[*num_realms] = r->realm;
- (*num_realms)++;
- *realms = R;
+ *R++ = r->realm;
p = r->next;
free(r);
r = p;
diff --git a/crypto/heimdal/lib/roken/ChangeLog b/crypto/heimdal/lib/roken/ChangeLog
index 9f209a8..6097a89 100644
--- a/crypto/heimdal/lib/roken/ChangeLog
+++ b/crypto/heimdal/lib/roken/ChangeLog
@@ -1,3 +1,45 @@
+2002-09-10 Johan Danielsson <joda@pdc.kth.se>
+
+ * roken.awk: include config.h before stdio.h (breaks with
+ _FILE_OFFSET_BITS on solaris otherwise)
+
+2002-09-09 Johan Danielsson <joda@pdc.kth.se>
+
+ * resolve.c: fix res_nsearch call, but don't use it for now, AIX5
+ has a broken version that trashes memory
+
+ * roken-common.h: fix typo in previous
+
+ * roken-common.h: change IRIX == 4 to IRIX4
+
+2002-09-04 Assar Westerlund <assar@kth.se>
+
+ * getifaddrs.c: remove some warnings from the linux-portion
+
+ * getnameinfo_verified.c (getnameinfo_verified): handle the case
+ of forward but no backward DNS information, and also describe the
+ desired behaviour. from Love <lha@stacken.kth.se>
+
+2002-09-04 Johan Danielsson <joda@pdc.kth.se>
+
+ * rtbl.c (rtbl_destroy): free whole table
+
+ * resolve.c: use res_nsearch if we have it (from Larry Greenfield)
+
+2002-09-03 Assar Westerlund <assar@kth.se>
+
+ * getifaddrs.c: add Linux AF_NETLINK getifaddrs from Hideaki
+ YOSHIFUJI of the Usagi project
+
+ * parse_reply-test.c: make this build and return 77 if there is no
+ mmap
+
+ * Makefile.am (parse_reply-test): add
+ * parse_reply-test.c: add a test case for parse_reply reading past
+ the given buffer
+ * resolve.c (parse_reply): update the arguments to more reasonable
+ types. allow parse_reply-test to call it
+
2002-08-28 Johan Danielsson <joda@pdc.kth.se>
* resolve.c (dns_srv_order): do alignment tricks with the random()
diff --git a/crypto/heimdal/lib/roken/Makefile.am b/crypto/heimdal/lib/roken/Makefile.am
index 13121ad..a1dc45d 100644
--- a/crypto/heimdal/lib/roken/Makefile.am
+++ b/crypto/heimdal/lib/roken/Makefile.am
@@ -1,4 +1,4 @@
-# $Id: Makefile.am,v 1.120 2002/05/31 02:44:37 assar Exp $
+# $Id: Makefile.am,v 1.122 2002/09/09 19:17:01 joda Exp $
include $(top_srcdir)/Makefile.am.common
@@ -7,7 +7,7 @@ ACLOCAL_AMFLAGS = -I ../../cf
CLEANFILES = roken.h make-roken.c $(XHEADERS)
lib_LTLIBRARIES = libroken.la
-libroken_la_LDFLAGS = -version-info 16:0:7
+libroken_la_LDFLAGS = -version-info 16:0:0
noinst_PROGRAMS = make-roken snprintf-test
@@ -17,6 +17,7 @@ check_PROGRAMS = \
base64-test \
getaddrinfo-test \
parse_bytes-test \
+ parse_reply-test \
snprintf-test \
strpftime-test
@@ -29,6 +30,9 @@ noinst_LTLIBRARIES = libtest.la
libtest_la_SOURCES = strftime.c strptime.c snprintf.c
libtest_la_CFLAGS = -DTEST_SNPRINTF
+parse_reply_test_SOURCES = parse_reply-test.c resolve.c
+parse_reply_test_CFLAGS = -DTEST_RESOLVE
+
strpftime_test_SOURCES = strpftime-test.c
strpftime_test_LDADD = libtest.la $(LDADD)
snprintf_test_SOURCES = snprintf-test.c
diff --git a/crypto/heimdal/lib/roken/Makefile.in b/crypto/heimdal/lib/roken/Makefile.in
index 7969334..730821f 100644
--- a/crypto/heimdal/lib/roken/Makefile.in
+++ b/crypto/heimdal/lib/roken/Makefile.in
@@ -14,7 +14,7 @@
@SET_MAKE@
-# $Id: Makefile.am,v 1.120 2002/05/31 02:44:37 assar Exp $
+# $Id: Makefile.am,v 1.122 2002/09/09 19:17:01 joda Exp $
# $Id: Makefile.am.common,v 1.5 2002/05/19 18:35:37 joda Exp $
@@ -207,7 +207,7 @@ ACLOCAL_AMFLAGS = -I ../../cf
CLEANFILES = roken.h make-roken.c $(XHEADERS)
lib_LTLIBRARIES = libroken.la
-libroken_la_LDFLAGS = -version-info 16:0:7
+libroken_la_LDFLAGS = -version-info 16:0:0
noinst_PROGRAMS = make-roken snprintf-test
@@ -217,6 +217,7 @@ check_PROGRAMS = \
base64-test \
getaddrinfo-test \
parse_bytes-test \
+ parse_reply-test \
snprintf-test \
strpftime-test
@@ -230,6 +231,9 @@ noinst_LTLIBRARIES = libtest.la
libtest_la_SOURCES = strftime.c strptime.c snprintf.c
libtest_la_CFLAGS = -DTEST_SNPRINTF
+parse_reply_test_SOURCES = parse_reply-test.c resolve.c
+parse_reply_test_CFLAGS = -DTEST_RESOLVE
+
strpftime_test_SOURCES = strpftime-test.c
strpftime_test_LDADD = libtest.la $(LDADD)
snprintf_test_SOURCES = snprintf-test.c
@@ -422,8 +426,8 @@ am_libtest_la_OBJECTS = libtest_la-strftime.lo libtest_la-strptime.lo \
libtest_la-snprintf.lo
libtest_la_OBJECTS = $(am_libtest_la_OBJECTS)
check_PROGRAMS = base64-test$(EXEEXT) getaddrinfo-test$(EXEEXT) \
- parse_bytes-test$(EXEEXT) snprintf-test$(EXEEXT) \
- strpftime-test$(EXEEXT)
+ parse_bytes-test$(EXEEXT) parse_reply-test$(EXEEXT) \
+ snprintf-test$(EXEEXT) strpftime-test$(EXEEXT)
noinst_PROGRAMS = make-roken$(EXEEXT) snprintf-test$(EXEEXT)
PROGRAMS = $(noinst_PROGRAMS)
@@ -446,6 +450,13 @@ parse_bytes_test_OBJECTS = parse_bytes-test.$(OBJEXT)
parse_bytes_test_LDADD = $(LDADD)
parse_bytes_test_DEPENDENCIES = libroken.la
parse_bytes_test_LDFLAGS =
+am_parse_reply_test_OBJECTS = \
+ parse_reply_test-parse_reply-test.$(OBJEXT) \
+ parse_reply_test-resolve.$(OBJEXT)
+parse_reply_test_OBJECTS = $(am_parse_reply_test_OBJECTS)
+parse_reply_test_LDADD = $(LDADD)
+parse_reply_test_DEPENDENCIES = libroken.la
+parse_reply_test_LDFLAGS =
am_snprintf_test_OBJECTS = snprintf_test-snprintf-test.$(OBJEXT)
snprintf_test_OBJECTS = $(am_snprintf_test_OBJECTS)
snprintf_test_DEPENDENCIES = libtest.la libroken.la
@@ -472,15 +483,15 @@ LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
CFLAGS = @CFLAGS@
DIST_SOURCES = $(libroken_la_SOURCES) $(EXTRA_libroken_la_SOURCES) \
$(libtest_la_SOURCES) base64-test.c getaddrinfo-test.c \
- parse_bytes-test.c $(snprintf_test_SOURCES) \
- $(strpftime_test_SOURCES)
+ parse_bytes-test.c $(parse_reply_test_SOURCES) \
+ $(snprintf_test_SOURCES) $(strpftime_test_SOURCES)
MANS = $(man_MANS)
HEADERS = $(include_HEADERS) $(nodist_include_HEADERS)
DIST_COMMON = $(include_HEADERS) ChangeLog Makefile.am Makefile.in \
acinclude.m4 freeaddrinfo.c getaddrinfo.c getcap.c \
getnameinfo.c glob.c install-sh missing mkinstalldirs
-SOURCES = $(libroken_la_SOURCES) $(EXTRA_libroken_la_SOURCES) $(libtest_la_SOURCES) base64-test.c getaddrinfo-test.c $(nodist_make_roken_SOURCES) parse_bytes-test.c $(snprintf_test_SOURCES) $(strpftime_test_SOURCES)
+SOURCES = $(libroken_la_SOURCES) $(EXTRA_libroken_la_SOURCES) $(libtest_la_SOURCES) base64-test.c getaddrinfo-test.c $(nodist_make_roken_SOURCES) parse_bytes-test.c $(parse_reply_test_SOURCES) $(snprintf_test_SOURCES) $(strpftime_test_SOURCES)
all: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) all-am
@@ -562,6 +573,11 @@ make-roken$(EXEEXT): $(make_roken_OBJECTS) $(make_roken_DEPENDENCIES)
parse_bytes-test$(EXEEXT): $(parse_bytes_test_OBJECTS) $(parse_bytes_test_DEPENDENCIES)
@rm -f parse_bytes-test$(EXEEXT)
$(LINK) $(parse_bytes_test_LDFLAGS) $(parse_bytes_test_OBJECTS) $(parse_bytes_test_LDADD) $(LIBS)
+parse_reply_test-parse_reply-test.$(OBJEXT): parse_reply-test.c
+parse_reply_test-resolve.$(OBJEXT): resolve.c
+parse_reply-test$(EXEEXT): $(parse_reply_test_OBJECTS) $(parse_reply_test_DEPENDENCIES)
+ @rm -f parse_reply-test$(EXEEXT)
+ $(LINK) $(parse_reply_test_LDFLAGS) $(parse_reply_test_OBJECTS) $(parse_reply_test_LDADD) $(LIBS)
snprintf_test-snprintf-test.$(OBJEXT): snprintf-test.c
snprintf-test$(EXEEXT): $(snprintf_test_OBJECTS) $(snprintf_test_DEPENDENCIES)
@rm -f snprintf-test$(EXEEXT)
@@ -612,6 +628,24 @@ libtest_la-snprintf.obj: snprintf.c
libtest_la-snprintf.lo: snprintf.c
$(LIBTOOL) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libtest_la_CFLAGS) $(CFLAGS) -c -o libtest_la-snprintf.lo `test -f 'snprintf.c' || echo '$(srcdir)/'`snprintf.c
+parse_reply_test-parse_reply-test.o: parse_reply-test.c
+ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(parse_reply_test_CFLAGS) $(CFLAGS) -c -o parse_reply_test-parse_reply-test.o `test -f 'parse_reply-test.c' || echo '$(srcdir)/'`parse_reply-test.c
+
+parse_reply_test-parse_reply-test.obj: parse_reply-test.c
+ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(parse_reply_test_CFLAGS) $(CFLAGS) -c -o parse_reply_test-parse_reply-test.obj `cygpath -w parse_reply-test.c`
+
+parse_reply_test-parse_reply-test.lo: parse_reply-test.c
+ $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(parse_reply_test_CFLAGS) $(CFLAGS) -c -o parse_reply_test-parse_reply-test.lo `test -f 'parse_reply-test.c' || echo '$(srcdir)/'`parse_reply-test.c
+
+parse_reply_test-resolve.o: resolve.c
+ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(parse_reply_test_CFLAGS) $(CFLAGS) -c -o parse_reply_test-resolve.o `test -f 'resolve.c' || echo '$(srcdir)/'`resolve.c
+
+parse_reply_test-resolve.obj: resolve.c
+ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(parse_reply_test_CFLAGS) $(CFLAGS) -c -o parse_reply_test-resolve.obj `cygpath -w resolve.c`
+
+parse_reply_test-resolve.lo: resolve.c
+ $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(parse_reply_test_CFLAGS) $(CFLAGS) -c -o parse_reply_test-resolve.lo `test -f 'resolve.c' || echo '$(srcdir)/'`resolve.c
+
snprintf_test-snprintf-test.o: snprintf-test.c
$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(snprintf_test_CFLAGS) $(CFLAGS) -c -o snprintf_test-snprintf-test.o `test -f 'snprintf-test.c' || echo '$(srcdir)/'`snprintf-test.c
diff --git a/crypto/heimdal/lib/roken/getifaddrs.c b/crypto/heimdal/lib/roken/getifaddrs.c
index d8cf1eb..e8c53f8 100644
--- a/crypto/heimdal/lib/roken/getifaddrs.c
+++ b/crypto/heimdal/lib/roken/getifaddrs.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 2000 - 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID("$Id: getifaddrs.c,v 1.7 2001/11/30 03:27:30 assar Exp $");
+RCSID("$Id: getifaddrs.c,v 1.9 2002/09/05 03:36:23 assar Exp $");
#endif
#include "roken.h"
@@ -56,6 +56,782 @@ struct mbuf;
#include <ifaddrs.h>
+#ifdef AF_NETLINK
+
+/*
+ * The linux - AF_NETLINK version of getifaddrs - from Usagi.
+ * Linux does not return v6 addresses from SIOCGIFCONF.
+ */
+
+/* $USAGI: ifaddrs.c,v 1.18 2002/03/06 01:50:46 yoshfuji Exp $ */
+
+/**************************************************************************
+ * ifaddrs.c
+ * Copyright (C)2000 Hideaki YOSHIFUJI, All Rights Reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the author nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "config.h"
+
+#include <string.h>
+#include <time.h>
+#include <malloc.h>
+#include <errno.h>
+#include <unistd.h>
+
+#include <sys/socket.h>
+#include <asm/types.h>
+#include <linux/netlink.h>
+#include <linux/rtnetlink.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netpacket/packet.h>
+#include <net/ethernet.h> /* the L2 protocols */
+#include <sys/uio.h>
+#include <net/if.h>
+#include <net/if_arp.h>
+#include <ifaddrs.h>
+#include <netinet/in.h>
+
+#define __set_errno(e) (errno = (e))
+#define __close(fd) (close(fd))
+#undef ifa_broadaddr
+#define ifa_broadaddr ifa_dstaddr
+#define IFA_NETMASK
+
+/* ====================================================================== */
+struct nlmsg_list{
+ struct nlmsg_list *nlm_next;
+ struct nlmsghdr *nlh;
+ int size;
+ time_t seq;
+};
+
+struct rtmaddr_ifamap {
+ void *address;
+ void *local;
+#ifdef IFA_NETMASK
+ void *netmask;
+#endif
+ void *broadcast;
+#ifdef HAVE_IFADDRS_IFA_ANYCAST
+ void *anycast;
+#endif
+ int address_len;
+ int local_len;
+#ifdef IFA_NETMASK
+ int netmask_len;
+#endif
+ int broadcast_len;
+#ifdef HAVE_IFADDRS_IFA_ANYCAST
+ int anycast_len;
+#endif
+};
+
+/* ====================================================================== */
+static size_t
+ifa_sa_len(sa_family_t family, int len)
+{
+ size_t size;
+ switch(family){
+ case AF_INET:
+ size = sizeof(struct sockaddr_in);
+ break;
+ case AF_INET6:
+ size = sizeof(struct sockaddr_in6);
+ break;
+ case AF_PACKET:
+ size = (size_t)(((struct sockaddr_ll *)NULL)->sll_addr) + len;
+ if (size < sizeof(struct sockaddr_ll))
+ size = sizeof(struct sockaddr_ll);
+ break;
+ default:
+ size = (size_t)(((struct sockaddr *)NULL)->sa_data) + len;
+ if (size < sizeof(struct sockaddr))
+ size = sizeof(struct sockaddr);
+ }
+ return size;
+}
+
+static void
+ifa_make_sockaddr(sa_family_t family,
+ struct sockaddr *sa,
+ void *p, size_t len,
+ uint32_t scope, uint32_t scopeid)
+{
+ if (sa == NULL) return;
+ switch(family){
+ case AF_INET:
+ memcpy(&((struct sockaddr_in*)sa)->sin_addr, (char *)p, len);
+ break;
+ case AF_INET6:
+ memcpy(&((struct sockaddr_in6*)sa)->sin6_addr, (char *)p, len);
+ if (IN6_IS_ADDR_LINKLOCAL(p) ||
+ IN6_IS_ADDR_MC_LINKLOCAL(p)){
+ ((struct sockaddr_in6*)sa)->sin6_scope_id = scopeid;
+ }
+ break;
+ case AF_PACKET:
+ memcpy(((struct sockaddr_ll*)sa)->sll_addr, (char *)p, len);
+ ((struct sockaddr_ll*)sa)->sll_halen = len;
+ break;
+ default:
+ memcpy(sa->sa_data, p, len); /*XXX*/
+ break;
+ }
+ sa->sa_family = family;
+#ifdef HAVE_SOCKADDR_SA_LEN
+ sa->sa_len = ifa_sa_len(family, len);
+#endif
+}
+
+#ifndef IFA_NETMASK
+static struct sockaddr *
+ifa_make_sockaddr_mask(sa_family_t family,
+ struct sockaddr *sa,
+ uint32_t prefixlen)
+{
+ int i;
+ char *p = NULL, c;
+ uint32_t max_prefixlen = 0;
+
+ if (sa == NULL) return NULL;
+ switch(family){
+ case AF_INET:
+ memset(&((struct sockaddr_in*)sa)->sin_addr, 0, sizeof(((struct sockaddr_in*)sa)->sin_addr));
+ p = (char *)&((struct sockaddr_in*)sa)->sin_addr;
+ max_prefixlen = 32;
+ break;
+ case AF_INET6:
+ memset(&((struct sockaddr_in6*)sa)->sin6_addr, 0, sizeof(((struct sockaddr_in6*)sa)->sin6_addr));
+ p = (char *)&((struct sockaddr_in6*)sa)->sin6_addr;
+#if 0 /* XXX: fill scope-id? */
+ if (IN6_IS_ADDR_LINKLOCAL(p) ||
+ IN6_IS_ADDR_MC_LINKLOCAL(p)){
+ ((struct sockaddr_in6*)sa)->sin6_scope_id = scopeid;
+ }
+#endif
+ max_prefixlen = 128;
+ break;
+ default:
+ return NULL;
+ }
+ sa->sa_family = family;
+#ifdef HAVE_SOCKADDR_SA_LEN
+ sa->sa_len = ifa_sa_len(family, len);
+#endif
+ if (p){
+ if (prefixlen > max_prefixlen)
+ prefixlen = max_prefixlen;
+ for (i=0; i<(prefixlen / 8); i++)
+ *p++ = 0xff;
+ c = 0xff;
+ c <<= (8 - (prefixlen % 8));
+ *p = c;
+ }
+ return sa;
+}
+#endif
+
+/* ====================================================================== */
+static int
+nl_sendreq(int sd, int request, int flags, int *seq)
+{
+ char reqbuf[NLMSG_ALIGN(sizeof(struct nlmsghdr)) +
+ NLMSG_ALIGN(sizeof(struct rtgenmsg))];
+ struct sockaddr_nl nladdr;
+ struct nlmsghdr *req_hdr;
+ struct rtgenmsg *req_msg;
+ time_t t = time(NULL);
+
+ if (seq) *seq = t;
+ memset(&reqbuf, 0, sizeof(reqbuf));
+ req_hdr = (struct nlmsghdr *)reqbuf;
+ req_msg = (struct rtgenmsg *)NLMSG_DATA(req_hdr);
+ req_hdr->nlmsg_len = NLMSG_LENGTH(sizeof(*req_msg));
+ req_hdr->nlmsg_type = request;
+ req_hdr->nlmsg_flags = flags | NLM_F_REQUEST;
+ req_hdr->nlmsg_pid = 0;
+ req_hdr->nlmsg_seq = t;
+ req_msg->rtgen_family = AF_UNSPEC;
+ memset(&nladdr, 0, sizeof(nladdr));
+ nladdr.nl_family = AF_NETLINK;
+ return (sendto(sd, (void *)req_hdr, req_hdr->nlmsg_len, 0,
+ (struct sockaddr *)&nladdr, sizeof(nladdr)));
+}
+
+static int
+nl_recvmsg(int sd, int request, int seq,
+ void *buf, size_t buflen,
+ int *flags)
+{
+ struct msghdr msg;
+ struct iovec iov = { buf, buflen };
+ struct sockaddr_nl nladdr;
+ int read_len;
+
+ for (;;){
+ msg.msg_name = (void *)&nladdr;
+ msg.msg_namelen = sizeof(nladdr);
+ msg.msg_iov = &iov;
+ msg.msg_iovlen = 1;
+ msg.msg_control = NULL;
+ msg.msg_controllen = 0;
+ msg.msg_flags = 0;
+ read_len = recvmsg(sd, &msg, 0);
+ if ((read_len < 0 && errno == EINTR) || (msg.msg_flags & MSG_TRUNC))
+ continue;
+ if (flags) *flags = msg.msg_flags;
+ break;
+ }
+ return read_len;
+}
+
+static int
+nl_getmsg(int sd, int request, int seq,
+ struct nlmsghdr **nlhp,
+ int *done)
+{
+ struct nlmsghdr *nh;
+ size_t bufsize = 65536, lastbufsize = 0;
+ void *buff = NULL;
+ int result = 0, read_size;
+ int msg_flags;
+ pid_t pid = getpid();
+ for (;;){
+ void *newbuff = realloc(buff, bufsize);
+ if (newbuff == NULL || bufsize < lastbufsize) {
+ result = -1;
+ break;
+ }
+ buff = newbuff;
+ result = read_size = nl_recvmsg(sd, request, seq, buff, bufsize, &msg_flags);
+ if (read_size < 0 || (msg_flags & MSG_TRUNC)){
+ lastbufsize = bufsize;
+ bufsize *= 2;
+ continue;
+ }
+ if (read_size == 0) break;
+ nh = (struct nlmsghdr *)buff;
+ for (nh = (struct nlmsghdr *)buff;
+ NLMSG_OK(nh, read_size);
+ nh = (struct nlmsghdr *)NLMSG_NEXT(nh, read_size)){
+ if (nh->nlmsg_pid != pid ||
+ nh->nlmsg_seq != seq)
+ continue;
+ if (nh->nlmsg_type == NLMSG_DONE){
+ (*done)++;
+ break; /* ok */
+ }
+ if (nh->nlmsg_type == NLMSG_ERROR){
+ struct nlmsgerr *nlerr = (struct nlmsgerr *)NLMSG_DATA(nh);
+ result = -1;
+ if (nh->nlmsg_len < NLMSG_LENGTH(sizeof(struct nlmsgerr)))
+ __set_errno(EIO);
+ else
+ __set_errno(-nlerr->error);
+ break;
+ }
+ }
+ break;
+ }
+ if (result < 0)
+ if (buff){
+ int saved_errno = errno;
+ free(buff);
+ __set_errno(saved_errno);
+ }
+ *nlhp = (struct nlmsghdr *)buff;
+ return result;
+}
+
+static int
+nl_getlist(int sd, int seq,
+ int request,
+ struct nlmsg_list **nlm_list,
+ struct nlmsg_list **nlm_end)
+{
+ struct nlmsghdr *nlh = NULL;
+ int status;
+ int done = 0;
+
+ status = nl_sendreq(sd, request, NLM_F_ROOT|NLM_F_MATCH, &seq);
+ if (status < 0)
+ return status;
+ if (seq == 0)
+ seq = (int)time(NULL);
+ while(!done){
+ status = nl_getmsg(sd, request, seq, &nlh, &done);
+ if (status < 0)
+ return status;
+ if (nlh){
+ struct nlmsg_list *nlm_next = (struct nlmsg_list *)malloc(sizeof(struct nlmsg_list));
+ if (nlm_next == NULL){
+ int saved_errno = errno;
+ free(nlh);
+ __set_errno(saved_errno);
+ status = -1;
+ } else {
+ nlm_next->nlm_next = NULL;
+ nlm_next->nlh = (struct nlmsghdr *)nlh;
+ nlm_next->size = status;
+ nlm_next->seq = seq;
+ if (*nlm_list == NULL){
+ *nlm_list = nlm_next;
+ *nlm_end = nlm_next;
+ } else {
+ (*nlm_end)->nlm_next = nlm_next;
+ *nlm_end = nlm_next;
+ }
+ }
+ }
+ }
+ return status >= 0 ? seq : status;
+}
+
+/* ---------------------------------------------------------------------- */
+static void
+free_nlmsglist(struct nlmsg_list *nlm0)
+{
+ struct nlmsg_list *nlm;
+ int saved_errno;
+ if (!nlm0)
+ return;
+ saved_errno = errno;
+ for (nlm=nlm0; nlm; nlm=nlm->nlm_next){
+ if (nlm->nlh)
+ free(nlm->nlh);
+ }
+ free(nlm0);
+ __set_errno(saved_errno);
+}
+
+static void
+free_data(void *data, void *ifdata)
+{
+ int saved_errno = errno;
+ if (data != NULL) free(data);
+ if (ifdata != NULL) free(ifdata);
+ __set_errno(saved_errno);
+}
+
+/* ---------------------------------------------------------------------- */
+static void
+nl_close(int sd)
+{
+ int saved_errno = errno;
+ if (sd >= 0) __close(sd);
+ __set_errno(saved_errno);
+}
+
+/* ---------------------------------------------------------------------- */
+static int
+nl_open(void)
+{
+ struct sockaddr_nl nladdr;
+ int sd;
+
+ sd = socket(PF_NETLINK, SOCK_RAW, NETLINK_ROUTE);
+ if (sd < 0) return -1;
+ memset(&nladdr, 0, sizeof(nladdr));
+ nladdr.nl_family = AF_NETLINK;
+ if (bind(sd, (struct sockaddr*)&nladdr, sizeof(nladdr)) < 0){
+ nl_close(sd);
+ return -1;
+ }
+ return sd;
+}
+
+/* ====================================================================== */
+int getifaddrs(struct ifaddrs **ifap)
+{
+ int sd;
+ struct nlmsg_list *nlmsg_list, *nlmsg_end, *nlm;
+ /* - - - - - - - - - - - - - - - */
+ int icnt;
+ size_t dlen, xlen, nlen;
+ uint32_t max_ifindex = 0;
+
+ pid_t pid = getpid();
+ int seq;
+ int result;
+ int build ; /* 0 or 1 */
+
+/* ---------------------------------- */
+ /* initialize */
+ icnt = dlen = xlen = nlen = 0;
+ nlmsg_list = nlmsg_end = NULL;
+
+ if (ifap)
+ *ifap = NULL;
+
+/* ---------------------------------- */
+ /* open socket and bind */
+ sd = nl_open();
+ if (sd < 0)
+ return -1;
+
+/* ---------------------------------- */
+ /* gather info */
+ if ((seq = nl_getlist(sd, 0, RTM_GETLINK,
+ &nlmsg_list, &nlmsg_end)) < 0){
+ free_nlmsglist(nlmsg_list);
+ nl_close(sd);
+ return -1;
+ }
+ if ((seq = nl_getlist(sd, seq+1, RTM_GETADDR,
+ &nlmsg_list, &nlmsg_end)) < 0){
+ free_nlmsglist(nlmsg_list);
+ nl_close(sd);
+ return -1;
+ }
+
+/* ---------------------------------- */
+ /* Estimate size of result buffer and fill it */
+ for (build=0; build<=1; build++){
+ struct ifaddrs *ifl = NULL, *ifa = NULL;
+ struct nlmsghdr *nlh, *nlh0;
+ char *data = NULL, *xdata = NULL;
+ void *ifdata = NULL;
+ char *ifname = NULL, **iflist = NULL;
+ uint16_t *ifflist = NULL;
+ struct rtmaddr_ifamap ifamap;
+
+ if (build){
+ data = calloc(1,
+ NLMSG_ALIGN(sizeof(struct ifaddrs[icnt]))
+ + dlen + xlen + nlen);
+ ifa = (struct ifaddrs *)data;
+ ifdata = calloc(1,
+ NLMSG_ALIGN(sizeof(char *[max_ifindex+1]))
+ + NLMSG_ALIGN(sizeof(uint16_t [max_ifindex+1])));
+ if (ifap != NULL)
+ *ifap = (ifdata != NULL) ? ifa : NULL;
+ else{
+ free_data(data, ifdata);
+ result = 0;
+ break;
+ }
+ if (data == NULL || ifdata == NULL){
+ free_data(data, ifdata);
+ result = -1;
+ break;
+ }
+ ifl = NULL;
+ data += NLMSG_ALIGN(sizeof(struct ifaddrs)) * icnt;
+ xdata = data + dlen;
+ ifname = xdata + xlen;
+ iflist = ifdata;
+ ifflist = (uint16_t *)(((char *)iflist) + NLMSG_ALIGN(sizeof(char *[max_ifindex+1])));
+ }
+
+ for (nlm=nlmsg_list; nlm; nlm=nlm->nlm_next){
+ int nlmlen = nlm->size;
+ if (!(nlh0 = nlm->nlh))
+ continue;
+ for (nlh = nlh0;
+ NLMSG_OK(nlh, nlmlen);
+ nlh=NLMSG_NEXT(nlh,nlmlen)){
+ struct ifinfomsg *ifim = NULL;
+ struct ifaddrmsg *ifam = NULL;
+ struct rtattr *rta;
+
+ size_t nlm_struct_size = 0;
+ sa_family_t nlm_family = 0;
+ uint32_t nlm_scope = 0, nlm_index = 0;
+ size_t sockaddr_size = 0;
+ uint32_t nlm_prefixlen = 0;
+ size_t rtasize;
+
+ memset(&ifamap, 0, sizeof(ifamap));
+
+ /* check if the message is what we want */
+ if (nlh->nlmsg_pid != pid ||
+ nlh->nlmsg_seq != nlm->seq)
+ continue;
+ if (nlh->nlmsg_type == NLMSG_DONE){
+ break; /* ok */
+ }
+ switch (nlh->nlmsg_type){
+ case RTM_NEWLINK:
+ ifim = (struct ifinfomsg *)NLMSG_DATA(nlh);
+ nlm_struct_size = sizeof(*ifim);
+ nlm_family = ifim->ifi_family;
+ nlm_scope = 0;
+ nlm_index = ifim->ifi_index;
+ nlm_prefixlen = 0;
+ if (build)
+ ifflist[nlm_index] = ifa->ifa_flags = ifim->ifi_flags;
+ break;
+ case RTM_NEWADDR:
+ ifam = (struct ifaddrmsg *)NLMSG_DATA(nlh);
+ nlm_struct_size = sizeof(*ifam);
+ nlm_family = ifam->ifa_family;
+ nlm_scope = ifam->ifa_scope;
+ nlm_index = ifam->ifa_index;
+ nlm_prefixlen = ifam->ifa_prefixlen;
+ if (build)
+ ifa->ifa_flags = ifflist[nlm_index];
+ break;
+ default:
+ continue;
+ }
+
+ if (!build){
+ if (max_ifindex < nlm_index)
+ max_ifindex = nlm_index;
+ } else {
+ if (ifl != NULL)
+ ifl->ifa_next = ifa;
+ }
+
+ rtasize = NLMSG_PAYLOAD(nlh, nlmlen) - NLMSG_ALIGN(nlm_struct_size);
+ for (rta = (struct rtattr *)(((char *)NLMSG_DATA(nlh)) + NLMSG_ALIGN(nlm_struct_size));
+ RTA_OK(rta, rtasize);
+ rta = RTA_NEXT(rta, rtasize)){
+ struct sockaddr **sap = NULL;
+ void *rtadata = RTA_DATA(rta);
+ size_t rtapayload = RTA_PAYLOAD(rta);
+ socklen_t sa_len;
+
+ switch(nlh->nlmsg_type){
+ case RTM_NEWLINK:
+ switch(rta->rta_type){
+ case IFLA_ADDRESS:
+ case IFLA_BROADCAST:
+ if (build){
+ sap = (rta->rta_type == IFLA_ADDRESS) ? &ifa->ifa_addr : &ifa->ifa_broadaddr;
+ *sap = (struct sockaddr *)data;
+ }
+ sa_len = ifa_sa_len(AF_PACKET, rtapayload);
+ if (rta->rta_type == IFLA_ADDRESS)
+ sockaddr_size = NLMSG_ALIGN(sa_len);
+ if (!build){
+ dlen += NLMSG_ALIGN(sa_len);
+ } else {
+ memset(*sap, 0, sa_len);
+ ifa_make_sockaddr(AF_PACKET, *sap, rtadata,rtapayload, 0,0);
+ ((struct sockaddr_ll *)*sap)->sll_ifindex = nlm_index;
+ ((struct sockaddr_ll *)*sap)->sll_hatype = ifim->ifi_type;
+ data += NLMSG_ALIGN(sa_len);
+ }
+ break;
+ case IFLA_IFNAME:/* Name of Interface */
+ if (!build)
+ nlen += NLMSG_ALIGN(rtapayload + 1);
+ else{
+ ifa->ifa_name = ifname;
+ if (iflist[nlm_index] == NULL)
+ iflist[nlm_index] = ifa->ifa_name;
+ strncpy(ifa->ifa_name, rtadata, rtapayload);
+ ifa->ifa_name[rtapayload] = '\0';
+ ifname += NLMSG_ALIGN(rtapayload + 1);
+ }
+ break;
+ case IFLA_STATS:/* Statistics of Interface */
+ if (!build)
+ xlen += NLMSG_ALIGN(rtapayload);
+ else{
+ ifa->ifa_data = xdata;
+ memcpy(ifa->ifa_data, rtadata, rtapayload);
+ xdata += NLMSG_ALIGN(rtapayload);
+ }
+ break;
+ case IFLA_UNSPEC:
+ break;
+ case IFLA_MTU:
+ break;
+ case IFLA_LINK:
+ break;
+ case IFLA_QDISC:
+ break;
+ default:
+ }
+ break;
+ case RTM_NEWADDR:
+ if (nlm_family == AF_PACKET) break;
+ switch(rta->rta_type){
+ case IFA_ADDRESS:
+ ifamap.address = rtadata;
+ ifamap.address_len = rtapayload;
+ break;
+ case IFA_LOCAL:
+ ifamap.local = rtadata;
+ ifamap.local_len = rtapayload;
+ break;
+ case IFA_BROADCAST:
+ ifamap.broadcast = rtadata;
+ ifamap.broadcast_len = rtapayload;
+ break;
+#ifdef HAVE_IFADDRS_IFA_ANYCAST
+ case IFA_ANYCAST:
+ ifamap.anycast = rtadata;
+ ifamap.anycast_len = rtapayload;
+ break;
+#endif
+ case IFA_LABEL:
+ if (!build)
+ nlen += NLMSG_ALIGN(rtapayload + 1);
+ else{
+ ifa->ifa_name = ifname;
+ if (iflist[nlm_index] == NULL)
+ iflist[nlm_index] = ifname;
+ strncpy(ifa->ifa_name, rtadata, rtapayload);
+ ifa->ifa_name[rtapayload] = '\0';
+ ifname += NLMSG_ALIGN(rtapayload + 1);
+ }
+ break;
+ case IFA_UNSPEC:
+ break;
+ case IFA_CACHEINFO:
+ break;
+ default:
+ }
+ }
+ }
+ if (nlh->nlmsg_type == RTM_NEWADDR &&
+ nlm_family != AF_PACKET) {
+ if (!ifamap.local) {
+ ifamap.local = ifamap.address;
+ ifamap.local_len = ifamap.address_len;
+ }
+ if (!ifamap.address) {
+ ifamap.address = ifamap.local;
+ ifamap.address_len = ifamap.local_len;
+ }
+ if (ifamap.address_len != ifamap.local_len ||
+ (ifamap.address != NULL &&
+ memcmp(ifamap.address, ifamap.local, ifamap.address_len))) {
+ /* p2p; address is peer and local is ours */
+ ifamap.broadcast = ifamap.address;
+ ifamap.broadcast_len = ifamap.address_len;
+ ifamap.address = ifamap.local;
+ ifamap.address_len = ifamap.local_len;
+ }
+ if (ifamap.address) {
+#ifndef IFA_NETMASK
+ sockaddr_size = NLMSG_ALIGN(ifa_sa_len(nlm_family,ifamap.address_len));
+#endif
+ if (!build)
+ dlen += NLMSG_ALIGN(ifa_sa_len(nlm_family,ifamap.address_len));
+ else {
+ ifa->ifa_addr = (struct sockaddr *)data;
+ ifa_make_sockaddr(nlm_family, ifa->ifa_addr, ifamap.address, ifamap.address_len,
+ nlm_scope, nlm_index);
+ data += NLMSG_ALIGN(ifa_sa_len(nlm_family, ifamap.address_len));
+ }
+ }
+#ifdef IFA_NETMASK
+ if (ifamap.netmask) {
+ if (!build)
+ dlen += NLMSG_ALIGN(ifa_sa_len(nlm_family,ifamap.netmask_len));
+ else {
+ ifa->ifa_netmask = (struct sockaddr *)data;
+ ifa_make_sockaddr(nlm_family, ifa->ifa_netmask, ifamap.netmask, ifamap.netmask_len,
+ nlm_scope, nlm_index);
+ data += NLMSG_ALIGN(ifa_sa_len(nlm_family, ifamap.netmask_len));
+ }
+ }
+#endif
+ if (ifamap.broadcast) {
+ if (!build)
+ dlen += NLMSG_ALIGN(ifa_sa_len(nlm_family,ifamap.broadcast_len));
+ else {
+ ifa->ifa_broadaddr = (struct sockaddr *)data;
+ ifa_make_sockaddr(nlm_family, ifa->ifa_broadaddr, ifamap.broadcast, ifamap.broadcast_len,
+ nlm_scope, nlm_index);
+ data += NLMSG_ALIGN(ifa_sa_len(nlm_family, ifamap.broadcast_len));
+ }
+ }
+#ifdef HAVE_IFADDRS_IFA_ANYCAST
+ if (ifamap.anycast) {
+ if (!build)
+ dlen += NLMSG_ALIGN(ifa_sa_len(nlm_family,ifamap.anycast_len));
+ else {
+ ifa->ifa_anycast = (struct sockaddr *)data;
+ ifa_make_sockaddr(nlm_family, ifa->ifa_anyaddr, ifamap.anycast, ifamap.anycast_len,
+ nlm_scope, nlm_index);
+ data += NLMSG_ALIGN(ifa_sa_len(nlm_family, ifamap.anycast_len));
+ }
+ }
+#endif
+ }
+ if (!build){
+#ifndef IFA_NETMASK
+ dlen += sockaddr_size;
+#endif
+ icnt++;
+ } else {
+ if (ifa->ifa_name == NULL)
+ ifa->ifa_name = iflist[nlm_index];
+#ifndef IFA_NETMASK
+ if (ifa->ifa_addr &&
+ ifa->ifa_addr->sa_family != AF_UNSPEC &&
+ ifa->ifa_addr->sa_family != AF_PACKET){
+ ifa->ifa_netmask = (struct sockaddr *)data;
+ ifa_make_sockaddr_mask(ifa->ifa_addr->sa_family, ifa->ifa_netmask, nlm_prefixlen);
+ }
+ data += sockaddr_size;
+#endif
+ ifl = ifa++;
+ }
+ }
+ }
+ if (!build){
+ if (icnt == 0 && (dlen + nlen + xlen == 0)){
+ if (ifap != NULL)
+ *ifap = NULL;
+ break; /* cannot found any addresses */
+ }
+ }
+ else
+ free_data(NULL, ifdata);
+ }
+
+/* ---------------------------------- */
+ /* Finalize */
+ free_nlmsglist(nlmsg_list);
+ nl_close(sd);
+ return 0;
+}
+
+/* ---------------------------------------------------------------------- */
+void
+freeifaddrs(struct ifaddrs *ifa)
+{
+ free(ifa);
+}
+
+
+#else /* !AF_NETLINK */
+
+/*
+ * The generic SIOCGIFCONF version.
+ */
+
static int
getifaddrs2(struct ifaddrs **ifap,
int af, int siocgifconf, int siocgifflags,
@@ -355,6 +1131,8 @@ freeifaddrs(struct ifaddrs *ifp)
}
}
+#endif /* !AF_NETLINK */
+
#ifdef TEST
void
diff --git a/crypto/heimdal/lib/roken/getnameinfo_verified.c b/crypto/heimdal/lib/roken/getnameinfo_verified.c
index de3c8bf..0145262 100644
--- a/crypto/heimdal/lib/roken/getnameinfo_verified.c
+++ b/crypto/heimdal/lib/roken/getnameinfo_verified.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1999 - 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,11 +33,19 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID("$Id: getnameinfo_verified.c,v 1.5 2001/02/12 13:55:07 assar Exp $");
+RCSID("$Id: getnameinfo_verified.c,v 1.6 2002/09/05 01:36:27 assar Exp $");
#endif
#include "roken.h"
+/*
+ * Try to obtain a verified name for the address in `sa, salen' (much
+ * similar to getnameinfo).
+ * Verified in this context means that forwards and backwards lookups
+ * in DNS are consistent. If that fails, return an error if the
+ * NI_NAMEREQD flag is set or return the numeric address as a string.
+ */
+
int
getnameinfo_verified(const struct sockaddr *sa, socklen_t salen,
char *host, size_t hostlen,
@@ -60,13 +68,13 @@ getnameinfo_verified(const struct sockaddr *sa, socklen_t salen,
ret = getnameinfo (sa, salen, host, hostlen, serv, servlen,
flags | NI_NUMERICSERV);
if (ret)
- return ret;
+ goto fail;
memset (&hints, 0, sizeof(hints));
hints.ai_socktype = SOCK_STREAM;
ret = getaddrinfo (host, serv, &hints, &ai);
if (ret)
- return ret;
+ goto fail;
for (a = ai; a != NULL; a = a->ai_next) {
if (a->ai_addrlen == salen
&& memcmp (a->ai_addr, sa, salen) == 0) {
@@ -75,6 +83,7 @@ getnameinfo_verified(const struct sockaddr *sa, socklen_t salen,
}
}
freeaddrinfo (ai);
+ fail:
if (flags & NI_NAMEREQD)
return EAI_NONAME;
ret = getnameinfo (sa, salen, host, hostlen, serv, servlen,
diff --git a/crypto/heimdal/lib/roken/parse_reply-test.c b/crypto/heimdal/lib/roken/parse_reply-test.c
new file mode 100644
index 0000000..47e12d1
--- /dev/null
+++ b/crypto/heimdal/lib/roken/parse_reply-test.c
@@ -0,0 +1,129 @@
+/*
+ * Copyright (c) 2002 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+RCSID("$Id: parse_reply-test.c,v 1.2 2002/09/04 03:25:06 assar Exp $");
+#endif
+
+#include <sys/types.h>
+#ifdef HAVE_SYS_MMAN_H
+#include <sys/mman.h>
+#endif
+#include <fcntl.h>
+
+#include "roken.h"
+#include "resolve.h"
+
+struct dns_reply*
+parse_reply(const unsigned char *, size_t);
+
+enum { MAX_BUF = 36};
+
+static struct testcase {
+ unsigned char buf[MAX_BUF];
+ size_t buf_len;
+} tests[] = {
+ {{0x12, 0x67, 0x84, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00,
+ 0x03, 'f', 'o', 'o', 0x00,
+ 0x00, 0x10, 0x00, 0x01,
+ 0x03, 'f', 'o', 'o', 0x00,
+ 0x00, 0x10, 0x00, 0x01,
+ 0x00, 0x00, 0x12, 0x67, 0xff, 0xff}, 36}
+};
+
+#ifndef MAP_FAILED
+#define MAP_FAILED (-1)
+#endif
+
+static sig_atomic_t val = 0;
+
+static RETSIGTYPE
+segv_handler(int sig)
+{
+ val = 1;
+}
+
+int
+main(int argc, char **argv)
+{
+#ifndef HAVE_MMAP
+ return 77; /* signal to automake that this test
+ cannot be run */
+#else /* HAVE_MMAP */
+ int ret;
+ int i;
+ struct sigaction sa;
+
+ sigemptyset (&sa.sa_mask);
+ sa.sa_flags = 0;
+ sa.sa_handler = segv_handler;
+ sigaction (SIGSEGV, &sa, NULL);
+
+ for (i = 0; val == 0 && i < sizeof(tests)/sizeof(tests[0]); ++i) {
+ const struct testcase *t = &tests[i];
+ unsigned char *p1, *p2;
+ int flags;
+ int fd;
+ size_t pagesize = getpagesize();
+ unsigned char *buf;
+
+#ifdef MAP_ANON
+ flags = MAP_ANON;
+ fd = -1;
+#else
+ flags = 0;
+ fd = open ("/dev/zero", O_RDONLY);
+ if(fd < 0)
+ err (1, "open /dev/zero");
+#endif
+ flags |= MAP_PRIVATE;
+
+ p1 = (char *)mmap(0, 2 * pagesize, PROT_READ | PROT_WRITE,
+ flags, fd, 0);
+ if (p1 == (unsigned char *)MAP_FAILED)
+ err (1, "mmap");
+ p2 = p1 + pagesize;
+ ret = mprotect (p2, pagesize, 0);
+ if (ret < 0)
+ err (1, "mprotect");
+ buf = p2 - t->buf_len;
+ memcpy (buf, t->buf, t->buf_len);
+ parse_reply (buf, t->buf_len);
+ ret = munmap (p1, 2 * pagesize);
+ if (ret < 0)
+ err (1, "munmap");
+ }
+ return val;
+#endif /* HAVE_MMAP */
+}
diff --git a/crypto/heimdal/lib/roken/resolve.c b/crypto/heimdal/lib/roken/resolve.c
index f17ae4c..ac380d7 100644
--- a/crypto/heimdal/lib/roken/resolve.c
+++ b/crypto/heimdal/lib/roken/resolve.c
@@ -45,9 +45,10 @@
#include <assert.h>
-RCSID("$Id: resolve.c,v 1.33 2002/08/28 20:07:24 joda Exp $");
+RCSID("$Id: resolve.c,v 1.36 2002/09/09 21:39:19 joda Exp $");
-#if defined(HAVE_RES_SEARCH) && defined(HAVE_DN_EXPAND)
+#undef HAVE_RES_NSEARCH
+#if (defined(HAVE_RES_SEARCH) || defined(HAVE_RES_NSEARCH)) && defined(HAVE_DN_EXPAND)
#define DECL(X) {#X, T_##X}
@@ -110,8 +111,11 @@ dns_free_data(struct dns_reply *r)
free (r);
}
-static struct dns_reply*
-parse_reply(unsigned char *data, int len)
+#ifndef TEST_RESOLVE
+static
+#endif
+struct dns_reply*
+parse_reply(const unsigned char *data, size_t len)
{
const unsigned char *p;
char host[128];
@@ -366,26 +370,40 @@ dns_lookup_int(const char *domain, int rr_class, int rr_type)
{
unsigned char reply[1024];
int len;
-#ifdef HAVE__RES
+#ifdef HAVE_RES_NSEARCH
+ struct __res_state stat;
+ memset(&stat, 0, sizeof(stat));
+ if(res_ninit(&stat))
+ return NULL; /* is this the best we can do? */
+#elif defined(HAVE__RES)
u_long old_options = 0;
#endif
if (_resolve_debug) {
-#ifdef HAVE__RES
+#ifdef HAVE_RES_NSEARCH
+ stat.options |= RES_DEBUG;
+#elif defined(HAVE__RES)
old_options = _res.options;
_res.options |= RES_DEBUG;
#endif
fprintf(stderr, "dns_lookup(%s, %d, %s)\n", domain,
rr_class, dns_type_to_string(rr_type));
}
+#ifdef HAVE_RES_NSEARCH
+ len = res_nsearch(&stat, domain, rr_class, rr_type, reply, sizeof(reply));
+#else
len = res_search(domain, rr_class, rr_type, reply, sizeof(reply));
+#endif
if (_resolve_debug) {
-#ifdef HAVE__RES
+#if defined(HAVE__RES) && !defined(HAVE_RES_NSEARCH)
_res.options = old_options;
#endif
fprintf(stderr, "dns_lookup(%s, %d, %s) --> %d\n",
domain, rr_class, dns_type_to_string(rr_type), len);
}
+#ifdef HAVE_RES_NSEARCH
+ res_nclose(&stat);
+#endif
if(len < 0) {
return NULL;
} else {
diff --git a/crypto/heimdal/lib/roken/roken-common.h b/crypto/heimdal/lib/roken/roken-common.h
index 2e604ac..6e29be8 100644
--- a/crypto/heimdal/lib/roken/roken-common.h
+++ b/crypto/heimdal/lib/roken/roken-common.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1995 - 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
-/* $Id: roken-common.h,v 1.49 2002/08/20 11:55:04 joda Exp $ */
+/* $Id: roken-common.h,v 1.51 2002/09/09 13:41:12 joda Exp $ */
#ifndef __ROKEN_COMMON_H__
#define __ROKEN_COMMON_H__
@@ -252,7 +252,7 @@
ROKEN_CPP_START
-#if IRIX != 4 /* fix for compiler bug */
+#ifndef IRIX4 /* fix for compiler bug */
#ifdef RETSIGTYPE
typedef RETSIGTYPE (*SigAction)(int);
SigAction signal(int iSig, SigAction pAction); /* BSD compatible */
diff --git a/crypto/heimdal/lib/roken/roken.awk b/crypto/heimdal/lib/roken/roken.awk
index 057b4fd..b6a181c 100644
--- a/crypto/heimdal/lib/roken/roken.awk
+++ b/crypto/heimdal/lib/roken/roken.awk
@@ -1,10 +1,10 @@
-# $Id: roken.awk,v 1.7 2001/03/26 09:26:35 joda Exp $
+# $Id: roken.awk,v 1.8 2002/09/10 20:05:55 joda Exp $
BEGIN {
- print "#include <stdio.h>"
print "#ifdef HAVE_CONFIG_H"
print "#include <config.h>"
print "#endif"
+ print "#include <stdio.h>"
print ""
print "int main()"
print "{"
diff --git a/crypto/heimdal/lib/roken/rtbl.c b/crypto/heimdal/lib/roken/rtbl.c
index 098b601..5a3bc00 100644
--- a/crypto/heimdal/lib/roken/rtbl.c
+++ b/crypto/heimdal/lib/roken/rtbl.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 2000, 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID ("$Id: rtbl.c,v 1.3 2000/07/20 14:42:31 assar Exp $");
+RCSID ("$Id: rtbl.c,v 1.4 2002/09/04 21:25:09 joda Exp $");
#endif
#include "roken.h"
#include "rtbl.h"
@@ -83,12 +83,14 @@ rtbl_destroy (rtbl_t table)
for (j = 0; j < c->num_rows; j++)
free (c->rows[j].data);
+ free (c->rows);
free (c->header);
free (c->prefix);
free (c);
}
free (table->column_prefix);
free (table->columns);
+ free (table);
}
int
OpenPOWER on IntegriCloud