summaryrefslogtreecommitdiffstats
path: root/crypto/heimdal
diff options
context:
space:
mode:
authornectar <nectar@FreeBSD.org>2002-09-16 21:04:40 +0000
committernectar <nectar@FreeBSD.org>2002-09-16 21:04:40 +0000
commit8707f886593c300d83c76654e92ec76bcea9b858 (patch)
tree291ed09be4bd7c999ad1617a832aa3caae1cb274 /crypto/heimdal
parenta77dba08ca7d8ad2f2dcd653974ac66df78cfa49 (diff)
downloadFreeBSD-src-8707f886593c300d83c76654e92ec76bcea9b858.zip
FreeBSD-src-8707f886593c300d83c76654e92ec76bcea9b858.tar.gz
Import of Heimdal Kerberos from KTH repository circa 2002/09/16.
Diffstat (limited to 'crypto/heimdal')
-rw-r--r--crypto/heimdal/ChangeLog168
-rw-r--r--crypto/heimdal/aclocal.m4932
-rw-r--r--crypto/heimdal/admin/add.c4
-rw-r--r--crypto/heimdal/admin/ktutil_locl.h9
-rw-r--r--crypto/heimdal/appl/ftp/ChangeLog8
-rw-r--r--crypto/heimdal/appl/ftp/ftp/ftp.c10
-rw-r--r--crypto/heimdal/appl/ftp/ftp/ftp_locl.h8
-rw-r--r--crypto/heimdal/appl/ftp/ftp/gssapi.c7
-rw-r--r--crypto/heimdal/appl/ftp/ftp/security.c6
-rw-r--r--crypto/heimdal/appl/kf/kf.c122
-rw-r--r--crypto/heimdal/appl/kf/kf_locl.h11
-rw-r--r--crypto/heimdal/appl/kf/kfd.c189
-rw-r--r--crypto/heimdal/appl/rsh/ChangeLog24
-rw-r--r--crypto/heimdal/appl/rsh/common.c86
-rw-r--r--crypto/heimdal/appl/rsh/rsh.123
-rw-r--r--crypto/heimdal/appl/rsh/rsh.c87
-rw-r--r--crypto/heimdal/appl/rsh/rsh_locl.h22
-rw-r--r--crypto/heimdal/appl/rsh/rshd.c63
-rw-r--r--crypto/heimdal/appl/su/su.c8
-rw-r--r--crypto/heimdal/appl/telnet/ChangeLog8
-rw-r--r--crypto/heimdal/appl/telnet/libtelnet/enc_des.c8
-rw-r--r--crypto/heimdal/appl/telnet/libtelnet/encrypt.h6
-rw-r--r--crypto/heimdal/appl/telnet/libtelnet/kerberos5.c4
-rw-r--r--crypto/heimdal/cf/ChangeLog28
-rw-r--r--crypto/heimdal/cf/auth-modules.m429
-rw-r--r--crypto/heimdal/cf/crypto.m4214
-rw-r--r--crypto/heimdal/cf/db.m412
-rw-r--r--crypto/heimdal/cf/roken-frag.m423
-rw-r--r--crypto/heimdal/cf/test-package.m44
-rwxr-xr-xcrypto/heimdal/configure6074
-rw-r--r--crypto/heimdal/configure.in43
-rw-r--r--crypto/heimdal/doc/ack.texi5
-rw-r--r--crypto/heimdal/doc/install.texi7
-rw-r--r--crypto/heimdal/include/Makefile.am9
-rw-r--r--crypto/heimdal/include/Makefile.in28
-rw-r--r--crypto/heimdal/include/config.h.in57
-rw-r--r--crypto/heimdal/include/make_crypto.c95
-rw-r--r--crypto/heimdal/kadmin/ChangeLog18
-rw-r--r--crypto/heimdal/kadmin/kadmin_locl.h7
-rw-r--r--crypto/heimdal/kadmin/load.c8
-rw-r--r--crypto/heimdal/kadmin/server.c11
-rw-r--r--crypto/heimdal/kadmin/version4.c6
-rw-r--r--crypto/heimdal/kdc/headers.h8
-rw-r--r--crypto/heimdal/kdc/hprop.c4
-rw-r--r--crypto/heimdal/kdc/kaserver.c4
-rw-r--r--crypto/heimdal/kdc/kerberos5.c122
-rw-r--r--crypto/heimdal/kpasswd/kpasswd_locl.h8
-rw-r--r--crypto/heimdal/kuser/kinit.14
-rw-r--r--crypto/heimdal/kuser/kinit.c4
-rw-r--r--crypto/heimdal/lib/asn1/der_get.c6
-rw-r--r--crypto/heimdal/lib/asn1/gen.c25
-rw-r--r--crypto/heimdal/lib/asn1/k5.asn15
-rw-r--r--crypto/heimdal/lib/auth/pam/pam.c4
-rw-r--r--crypto/heimdal/lib/gssapi/ChangeLog10
-rw-r--r--crypto/heimdal/lib/gssapi/init_sec_context.c14
-rw-r--r--crypto/heimdal/lib/gssapi/unwrap.c6
-rw-r--r--crypto/heimdal/lib/gssapi/wrap.c6
-rw-r--r--crypto/heimdal/lib/hdb/common.c45
-rw-r--r--crypto/heimdal/lib/hdb/hdb-ldap.c27
-rw-r--r--crypto/heimdal/lib/hdb/hdb_locl.h8
-rw-r--r--crypto/heimdal/lib/kdfs/ChangeLog8
-rw-r--r--crypto/heimdal/lib/kdfs/Makefile.am4
-rw-r--r--crypto/heimdal/lib/kdfs/Makefile.in187
-rw-r--r--crypto/heimdal/lib/kdfs/k5dfspag.c6
-rw-r--r--crypto/heimdal/lib/krb5/Makefile.am9
-rw-r--r--crypto/heimdal/lib/krb5/Makefile.in27
-rw-r--r--crypto/heimdal/lib/krb5/auth_context.c22
-rw-r--r--crypto/heimdal/lib/krb5/build_ap_req.c17
-rw-r--r--crypto/heimdal/lib/krb5/build_auth.c43
-rw-r--r--crypto/heimdal/lib/krb5/changepw.c14
-rw-r--r--crypto/heimdal/lib/krb5/config_file.c4
-rw-r--r--crypto/heimdal/lib/krb5/context.c13
-rw-r--r--crypto/heimdal/lib/krb5/crypto.c49
-rw-r--r--crypto/heimdal/lib/krb5/get_cred.c93
-rw-r--r--crypto/heimdal/lib/krb5/get_for_creds.c40
-rw-r--r--crypto/heimdal/lib/krb5/get_in_tkt.c70
-rw-r--r--crypto/heimdal/lib/krb5/keytab_keyfile.c4
-rw-r--r--crypto/heimdal/lib/krb5/krb5-protos.h12
-rw-r--r--crypto/heimdal/lib/krb5/krb5.h6
-rw-r--r--crypto/heimdal/lib/krb5/krb5_appdefault.34
-rw-r--r--crypto/heimdal/lib/krb5/krb5_auth_context.34
-rw-r--r--crypto/heimdal/lib/krb5/krb5_context.36
-rw-r--r--crypto/heimdal/lib/krb5/krb5_init_context.34
-rw-r--r--crypto/heimdal/lib/krb5/krb5_locl.h17
-rw-r--r--crypto/heimdal/lib/krb5/krb5_parse_name.34
-rw-r--r--crypto/heimdal/lib/krb5/krb5_unparse_name.35
-rw-r--r--crypto/heimdal/lib/krb5/kuserok.c6
-rw-r--r--crypto/heimdal/lib/krb5/log.c44
-rw-r--r--crypto/heimdal/lib/krb5/mk_error.c51
-rw-r--r--crypto/heimdal/lib/krb5/mk_priv.c71
-rw-r--r--crypto/heimdal/lib/krb5/mk_rep.c38
-rw-r--r--crypto/heimdal/lib/krb5/mk_req_ext.c10
-rw-r--r--crypto/heimdal/lib/krb5/mk_safe.c46
-rw-r--r--crypto/heimdal/lib/krb5/name-45-test.c277
-rw-r--r--crypto/heimdal/lib/krb5/prompter_posix.c5
-rw-r--r--crypto/heimdal/lib/krb5/rd_cred.c11
-rw-r--r--crypto/heimdal/lib/krb5/rd_safe.c20
-rw-r--r--crypto/heimdal/lib/krb5/sendauth.c16
-rw-r--r--crypto/heimdal/lib/krb5/transited.c25
-rw-r--r--crypto/heimdal/lib/roken/ChangeLog42
-rw-r--r--crypto/heimdal/lib/roken/Makefile.am8
-rw-r--r--crypto/heimdal/lib/roken/Makefile.in48
-rw-r--r--crypto/heimdal/lib/roken/getifaddrs.c782
-rw-r--r--crypto/heimdal/lib/roken/getnameinfo_verified.c17
-rw-r--r--crypto/heimdal/lib/roken/parse_reply-test.c129
-rw-r--r--crypto/heimdal/lib/roken/resolve.c32
-rw-r--r--crypto/heimdal/lib/roken/roken-common.h6
-rw-r--r--crypto/heimdal/lib/roken/roken.awk4
-rw-r--r--crypto/heimdal/lib/roken/rtbl.c6
-rw-r--r--crypto/heimdal/tools/Makefile.am3
-rw-r--r--crypto/heimdal/tools/Makefile.in3
-rwxr-xr-xcrypto/heimdal/tools/krb5-config.in6
112 files changed, 7133 insertions, 4046 deletions
diff --git a/crypto/heimdal/ChangeLog b/crypto/heimdal/ChangeLog
index ecccf1d..700a53e 100644
--- a/crypto/heimdal/ChangeLog
+++ b/crypto/heimdal/ChangeLog
@@ -1,3 +1,171 @@
+2002-09-16 Jacques Vidrine <nectar@kth.se>
+
+ * lib/krb5/kuserok.c, lib/krb5/prompter_posix.c: use strcspn
+ to convert the newline to NUL in fgets results.
+
+2002-09-13 Johan Danielsson <joda@pdc.kth.se>
+
+ * kuser/kinit.1: remove unneeded Ns
+
+ * lib/krb5/krb5_appdefault.3: remove extra "application"
+
+ * fix-export: remove autom4ate.cache
+
+2002-09-10 Johan Danielsson <joda@pdc.kth.se>
+
+ * include/make_crypto.c: don't use function macros if possible
+
+ * lib/krb5/krb5_locl.h: get limits.h for UINT_MAX
+
+ * include/Makefile.am: use make_crypto to create crypto-headers.h
+
+ * include/make_crypto.c: crypto header generation tool
+
+ * configure.in: move crypto test to just after testing for krb4,
+ and move roken tests to after both, this speeds up various failure
+ cases with krb4
+
+ * lib/krb5/config_file.c: don't use NULL when we mean 0
+
+ * configure.in: we don't set package_libdir anymore, so no point
+ in testing for it
+
+ * tools/Makefile.am: subst INCLUDE_des
+
+ * tools/krb5-config.in: add INCLUDE_des to cflags
+
+ * configure.in: use AC_CONFIG_SRCDIR
+
+ * fix-export: remove some unneeded stuff
+
+ * kuser/kinit.c (do_524init): free principals
+
+2002-09-09 Jacques Vidrine <nectar@kth.se>
+
+ * kdc/kerberos5.c (get_pa_etype_info, fix_transited_encoding),
+ kdc/kaserver.c (krb5_ret_xdr_data),
+ lib/krb5/transited.c (krb5_domain_x500_decode): Validate some
+ counts: Check that they are non-negative, and that they are small
+ enough to avoid integer overflow when used in memory allocation
+ calculations. Potential problem areas pointed out by
+ Sebastian Krahmer <krahmer@suse.de>.
+
+ * lib/krb5/keytab_keyfile.c (akf_add_entry): Use O_EXCL when
+ creating a new keyfile.
+
+2002-09-09 Johan Danielsson <joda@pdc.kth.se>
+
+ * configure.in: don't try to build pam module
+
+2002-09-05 Johan Danielsson <joda@pdc.kth.se>
+
+ * appl/kf/kf.c: fix warning string
+
+ * lib/krb5/log.c (krb5_vlog_msg): delay message formating till we
+ know we need it
+
+2002-09-04 Assar Westerlund <assar@kth.se>
+
+ * kdc/kerberos5.c (encode_reply): correct error logging
+
+2002-09-04 Johan Danielsson <joda@pdc.kth.se>
+
+ * lib/krb5/sendauth.c: close ccache if we opened it
+
+ * appl/kf/kf.c: handle new protocol
+
+ * appl/kf/kfd.c: use krb5_err instead of sysloging directly,
+ handle the new protocol, and bail out if an old client tries to
+ connect
+
+ * appl/kf/kf_locl.h: we need a protocol version string
+
+ * lib/hdb/hdb-ldap.c: use ASN1_MALLOC_ENCODE
+
+ * kdc/kerberos5.c: use ASN1_MALLOC_ENCODE
+
+ * kdc/hprop.c: set AP_OPTS_USE_SUBKEY
+
+ * lib/hdb/common.c: use ASN1_MALLOC_ENCODE
+
+ * lib/asn1/gen.c: add convenience macro that allocates a buffer
+ and encoded into that
+
+ * lib/krb5/get_cred.c (init_tgs_req): use
+ in_creds->session.keytype literally instead of trying to convert
+ to a list of enctypes (it should already be an enctype)
+
+ * lib/krb5/get_cred.c (init_tgs_req): init ret
+
+2002-09-03 Johan Danielsson <joda@pdc.kth.se>
+
+ * lib/asn1/k5.asn1: remove ETYPE_DES3_CBC_NONE_IVEC
+
+ * lib/krb5/krb5.h: remove ENCTYPE_DES3_CBC_NONE_IVEC
+
+ * lib/krb5/crypto.c: get rid of DES3_CBC_encrypt_ivec, just use
+ zero ivec in DES3_CBC_encrypt if passed ivec is NULL
+
+ * lib/krb5/Makefile.am: back out 1.144, since it will re-create
+ krb5-protos.h at build-time, which requires perl, which is bad
+
+ * lib/krb5/get_for_creds.c (krb5_get_forwarded_creds): don't
+ blindly use the local subkey
+
+ * lib/krb5/crypto.c: add function krb5_crypto_getblocksize that
+ extracts the required blocksize from a crypto context
+
+ * lib/krb5/build_auth.c: just get the length of the encoded
+ authenticator instead of trying to grow a buffer
+
+2002-09-03 Assar Westerlund <assar@kth.se>
+
+ * configure.in: add --disable-mmap option, and tests for
+ sys/mman.h and mmap
+
+2002-09-03 Jacques Vidrine <nectar@kth.se>
+
+ * lib/krb5/changepw.c: verify lengths in response
+
+ * lib/asn1/der_get.c (decode_integer, decode_unsigned): check for
+ truncated integers
+
+2002-09-02 Johan Danielsson <joda@pdc.kth.se>
+
+ * lib/krb5/mk_req_ext.c: generate a local subkey if
+ AP_OPTS_USE_SUBKEY is set
+
+ * lib/krb5/build_auth.c: we don't have enough information about
+ whether to generate a local subkey here, so don't try to
+
+ * lib/krb5/auth_context.c: new function
+ krb5_auth_con_generatelocalsubkey
+
+ * lib/krb5/get_in_tkt.c: only set kdc_sec_offset if looking at an
+ initial ticket
+
+ * lib/krb5/context.c (init_context_from_config_file): simplify
+ initialisation of srv_lookup
+
+ * lib/krb5/changepw.c (send_request): set AP_OPTS_USE_SUBKEY
+
+ * lib/krb5/krb5.h: add AP_OPTS_USE_SUBKEY
+
+2002-08-30 Assar Westerlund <assar@kth.se>
+
+ * lib/krb5/name-45-test.c: also test krb5_524_conv_principal
+ * lib/krb5/Makefile.am (TESTS): add name-45-test
+ * lib/krb5/name-45-test.c: add testcases for
+ krb5_425_conv_principal
+
+2002-08-29 Assar Westerlund <assar@kth.se>
+
+ * lib/krb5/parse-name-test.c: also test unparse_short functions
+ * lib/asn1/asn1_print.c: use com_err/error_message API
+ * lib/krb5/Makefile.am: add parse-name-test
+ * lib/krb5/parse-name-test.c: add a program for testing parsing
+ and unparsing principal names
+
2002-08-28 Assar Westerlund <assar@kth.se>
* kdc/config.c: add missing ifdef DAEMON
diff --git a/crypto/heimdal/aclocal.m4 b/crypto/heimdal/aclocal.m4
index 006cbff..8b7a282 100644
--- a/crypto/heimdal/aclocal.m4
+++ b/crypto/heimdal/aclocal.m4
@@ -4555,7 +4555,426 @@ AC_SUBST(WFLAGS_NOUNUSED)dnl
AC_SUBST(WFLAGS_NOIMPLICITINT)dnl
])
-dnl $Id: db.m4,v 1.8 2002/05/17 15:32:21 joda Exp $
+dnl $Id: test-package.m4,v 1.12 2002/09/10 15:23:38 joda Exp $
+dnl
+dnl rk_TEST_PACKAGE(package,headers,libraries,extra libs,
+dnl default locations, conditional, config-program)
+
+AC_DEFUN(rk_TEST_PACKAGE,[
+AC_ARG_WITH($1,
+ AC_HELP_STRING([--with-$1=dir],[use $1 in dir]))
+AC_ARG_WITH($1-lib,
+ AC_HELP_STRING([--with-$1-lib=dir],[use $1 libraries in dir]),
+[if test "$withval" = "yes" -o "$withval" = "no"; then
+ AC_MSG_ERROR([No argument for --with-$1-lib])
+elif test "X$with_$1" = "X"; then
+ with_$1=yes
+fi])
+AC_ARG_WITH($1-include,
+ AC_HELP_STRING([--with-$1-include=dir],[use $1 headers in dir]),
+[if test "$withval" = "yes" -o "$withval" = "no"; then
+ AC_MSG_ERROR([No argument for --with-$1-include])
+elif test "X$with_$1" = "X"; then
+ with_$1=yes
+fi])
+AC_ARG_WITH($1-config,
+ AC_HELP_STRING([--with-$1-config=path],[config program for $1]))
+
+m4_ifval([$6],
+ m4_define([rk_pkgname], $6),
+ m4_define([rk_pkgname], AS_TR_CPP($1)))
+
+AC_MSG_CHECKING(for $1)
+
+case "$with_$1" in
+yes|"") d='$5' ;;
+no) d= ;;
+*) d="$with_$1" ;;
+esac
+
+header_dirs=
+lib_dirs=
+for i in $d; do
+ if test "$with_$1_include" = ""; then
+ if test -d "$i/include/$1"; then
+ header_dirs="$header_dirs $i/include/$1"
+ fi
+ if test -d "$i/include"; then
+ header_dirs="$header_dirs $i/include"
+ fi
+ fi
+ if test "$with_$1_lib" = ""; then
+ if test -d "$i/lib$abilibdirext"; then
+ lib_dirs="$lib_dirs $i/lib$abilibdirext"
+ fi
+ fi
+done
+
+if test "$with_$1_include"; then
+ header_dirs="$with_$1_include $header_dirs"
+fi
+if test "$with_$1_lib"; then
+ lib_dirs="$with_$1_lib $lib_dirs"
+fi
+
+if test "$with_$1_config" = ""; then
+ with_$1_config='$7'
+fi
+
+$1_cflags=
+$1_libs=
+
+case "$with_$1_config" in
+yes|no|"")
+ ;;
+*)
+ $1_cflags="`$with_$1_config --cflags 2>&1`"
+ $1_libs="`$with_$1_config --libs 2>&1`"
+ ;;
+esac
+
+found=no
+if test "$with_$1" != no; then
+ save_CFLAGS="$CFLAGS"
+ save_LIBS="$LIBS"
+ if test "$[]$1_cflags" -a "$[]$1_libs"; then
+ CFLAGS="$[]$1_cflags $save_CFLAGS"
+ LIBS="$[]$1_libs $save_LIBS"
+ AC_TRY_LINK([$2],,[
+ INCLUDE_$1="$[]$1_cflags"
+ LIB_$1="$[]$1_libs"
+ AC_MSG_RESULT([from $with_$1_config])
+ found=yes])
+ fi
+ if test "$found" = no; then
+ ires= lres=
+ for i in $header_dirs; do
+ CFLAGS="-I$i $save_CFLAGS"
+ AC_TRY_COMPILE([$2],,ires=$i;break)
+ done
+ for i in $lib_dirs; do
+ LIBS="-L$i $3 $4 $save_LIBS"
+ AC_TRY_LINK([$2],,lres=$i;break)
+ done
+ if test "$ires" -a "$lres" -a "$with_$1" != "no"; then
+ INCLUDE_$1="-I$ires"
+ LIB_$1="-L$lres $3 $4"
+ found=yes
+ AC_MSG_RESULT([headers $ires, libraries $lres])
+ fi
+ fi
+ CFLAGS="$save_CFLAGS"
+ LIBS="$save_LIBS"
+fi
+
+if test "$found" = yes; then
+ AC_DEFINE_UNQUOTED(rk_pkgname, 1, [Define if you have the $1 package.])
+ with_$1=yes
+else
+ with_$1=no
+ INCLUDE_$1=
+ LIB_$1=
+ AC_MSG_RESULT(no)
+fi
+
+AC_SUBST(INCLUDE_$1)
+AC_SUBST(LIB_$1)
+])
+
+dnl $Id: find-func.m4,v 1.1 1997/12/14 15:58:58 joda Exp $
+dnl
+dnl AC_FIND_FUNC(func, libraries, includes, arguments)
+AC_DEFUN(AC_FIND_FUNC, [
+AC_FIND_FUNC_NO_LIBS([$1], [$2], [$3], [$4])
+if test -n "$LIB_$1"; then
+ LIBS="$LIB_$1 $LIBS"
+fi
+])
+
+dnl $Id: find-func-no-libs.m4,v 1.5 1999/10/30 21:08:18 assar Exp $
+dnl
+dnl
+dnl Look for function in any of the specified libraries
+dnl
+
+dnl AC_FIND_FUNC_NO_LIBS(func, libraries, includes, arguments, extra libs, extra args)
+AC_DEFUN(AC_FIND_FUNC_NO_LIBS, [
+AC_FIND_FUNC_NO_LIBS2([$1], ["" $2], [$3], [$4], [$5], [$6])])
+
+dnl $Id: find-func-no-libs2.m4,v 1.6 2001/09/01 10:57:32 assar Exp $
+dnl
+dnl
+dnl Look for function in any of the specified libraries
+dnl
+
+dnl AC_FIND_FUNC_NO_LIBS2(func, libraries, includes, arguments, extra libs, extra args)
+AC_DEFUN(AC_FIND_FUNC_NO_LIBS2, [
+
+AC_MSG_CHECKING([for $1])
+AC_CACHE_VAL(ac_cv_funclib_$1,
+[
+if eval "test \"\$ac_cv_func_$1\" != yes" ; then
+ ac_save_LIBS="$LIBS"
+ for ac_lib in $2; do
+ case "$ac_lib" in
+ "") ;;
+ yes) ac_lib="" ;;
+ no) continue ;;
+ -l*) ;;
+ *) ac_lib="-l$ac_lib" ;;
+ esac
+ LIBS="$6 $ac_lib $5 $ac_save_LIBS"
+ AC_TRY_LINK([$3],[$1($4)],eval "if test -n \"$ac_lib\";then ac_cv_funclib_$1=$ac_lib; else ac_cv_funclib_$1=yes; fi";break)
+ done
+ eval "ac_cv_funclib_$1=\${ac_cv_funclib_$1-no}"
+ LIBS="$ac_save_LIBS"
+fi
+])
+
+eval "ac_res=\$ac_cv_funclib_$1"
+
+if false; then
+ AC_CHECK_FUNCS($1)
+dnl AC_CHECK_LIBS($2, foo)
+fi
+# $1
+eval "ac_tr_func=HAVE_[]upcase($1)"
+eval "ac_tr_lib=HAVE_LIB[]upcase($ac_res | sed -e 's/-l//')"
+eval "LIB_$1=$ac_res"
+
+case "$ac_res" in
+ yes)
+ eval "ac_cv_func_$1=yes"
+ eval "LIB_$1="
+ AC_DEFINE_UNQUOTED($ac_tr_func)
+ AC_MSG_RESULT([yes])
+ ;;
+ no)
+ eval "ac_cv_func_$1=no"
+ eval "LIB_$1="
+ AC_MSG_RESULT([no])
+ ;;
+ *)
+ eval "ac_cv_func_$1=yes"
+ eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
+ AC_DEFINE_UNQUOTED($ac_tr_func)
+ AC_DEFINE_UNQUOTED($ac_tr_lib)
+ AC_MSG_RESULT([yes, in $ac_res])
+ ;;
+esac
+AC_SUBST(LIB_$1)
+])
+
+dnl $Id: crypto.m4,v 1.13 2002/09/10 19:55:48 joda Exp $
+dnl
+dnl test for crypto libraries:
+dnl - libcrypto (from openssl)
+dnl - libdes (from krb4)
+dnl - own-built libdes
+
+m4_define([test_headers], [
+ #undef KRB5 /* makes md4.h et al unhappy */
+ #ifdef HAVE_OPENSSL
+ #include <openssl/md4.h>
+ #include <openssl/md5.h>
+ #include <openssl/sha.h>
+ #include <openssl/des.h>
+ #include <openssl/rc4.h>
+ #else
+ #include <md4.h>
+ #include <md5.h>
+ #include <sha.h>
+ #include <des.h>
+ #include <rc4.h>
+ #endif
+ #ifdef OLD_HASH_NAMES
+ typedef struct md4 MD4_CTX;
+ #define MD4_Init(C) md4_init((C))
+ #define MD4_Update(C, D, L) md4_update((C), (D), (L))
+ #define MD4_Final(D, C) md4_finito((C), (D))
+ typedef struct md5 MD5_CTX;
+ #define MD5_Init(C) md5_init((C))
+ #define MD5_Update(C, D, L) md5_update((C), (D), (L))
+ #define MD5_Final(D, C) md5_finito((C), (D))
+ typedef struct sha SHA_CTX;
+ #define SHA1_Init(C) sha_init((C))
+ #define SHA1_Update(C, D, L) sha_update((C), (D), (L))
+ #define SHA1_Final(D, C) sha_finito((C), (D))
+ #endif
+ ])
+m4_define([test_body], [
+ void *schedule = 0;
+ MD4_CTX md4;
+ MD5_CTX md5;
+ SHA_CTX sha1;
+
+ MD4_Init(&md4);
+ MD5_Init(&md5);
+ SHA1_Init(&sha1);
+
+ des_cbc_encrypt(0, 0, 0, schedule, 0, 0);
+ RC4(0, 0, 0, 0);])
+
+
+AC_DEFUN([KRB_CRYPTO],[
+crypto_lib=unknown
+AC_WITH_ALL([openssl])
+
+DIR_des=
+
+AC_MSG_CHECKING([for crypto library])
+
+openssl=no
+old_hash=no
+
+if test "$crypto_lib" = "unknown" -a "$with_krb4" != "no"; then
+ save_CPPFLAGS="$CPPFLAGS"
+ save_LIBS="$LIBS"
+
+ cdirs= clibs=
+ for i in $LIB_krb4; do
+ case "$i" in
+ -L*) cdirs="$cdirs $i";;
+ -l*) clibs="$clibs $i";;
+ esac
+ done
+
+ ires=
+ for i in $INCLUDE_krb4; do
+ CFLAGS="-DHAVE_OPENSSL $i $save_CFLAGS"
+ AC_TRY_COMPILE(test_headers, test_body,
+ openssl=yes ires="$i"; break)
+ CFLAGS="$i $save_CFLAGS"
+ AC_TRY_COMPILE(test_headers, test_body,
+ openssl=no ires="$i"; break)
+ CFLAGS="-DOLD_HASH_NAMES $i $save_CFLAGS"
+ AC_TRY_COMPILE(test_headers, test_body,
+ openssl=no ires="$i" old_hash=yes; break)
+ done
+ lres=
+ for i in $cdirs; do
+ for j in $clibs; do
+ LIBS="$i $j $save_LIBS"
+ AC_TRY_LINK(test_headers, test_body,
+ lres="$i $j"; break 2)
+ done
+ done
+ CFLAGS="$save_CFLAGS"
+ LIBS="$save_LIBS"
+ if test "$ires" -a "$lres"; then
+ INCLUDE_des="$ires"
+ LIB_des="$lres"
+ crypto_lib=krb4
+ AC_MSG_RESULT([same as krb4])
+ LIB_des_a='$(LIB_des)'
+ LIB_des_so='$(LIB_des)'
+ LIB_des_appl='$(LIB_des)'
+ fi
+fi
+
+if test "$crypto_lib" = "unknown" -a "$with_openssl" != "no"; then
+ save_CFLAGS="$CFLAGS"
+ save_LIBS="$LIBS"
+ INCLUDE_des=
+ LIB_des=
+ if test "$with_openssl_include" != ""; then
+ INCLUDE_des="-I${with_openssl}/include"
+ fi
+ if test "$with_openssl_lib" != ""; then
+ LIB_des="-L${with_openssl}/lib"
+ fi
+ CFLAGS="-DHAVE_OPENSSL ${INCLUDE_des} ${CFLAGS}"
+ LIB_des="${LIB_des} -lcrypto"
+ LIB_des_a="$LIB_des"
+ LIB_des_so="$LIB_des"
+ LIB_des_appl="$LIB_des"
+ LIBS="${LIBS} ${LIB_des}"
+ AC_TRY_LINK(test_headers, test_body, [
+ crypto_lib=libcrypto openssl=yes
+ AC_MSG_RESULT([libcrypto])
+ ])
+ CFLAGS="$save_CFLAGS"
+ LIBS="$save_LIBS"
+fi
+
+if test "$crypto_lib" = "unknown"; then
+
+ DIR_des='des'
+ LIB_des='$(top_builddir)/lib/des/libdes.la'
+ LIB_des_a='$(top_builddir)/lib/des/.libs/libdes.a'
+ LIB_des_so='$(top_builddir)/lib/des/.libs/libdes.so'
+ LIB_des_appl="-ldes"
+
+ AC_MSG_RESULT([included libdes])
+
+fi
+
+if test "$with_krb4" != no -a "$crypto_lib" != krb4; then
+ AC_MSG_ERROR([the crypto library used by krb4 lacks features
+required by Kerberos 5; to continue, you need to install a newer
+Kerberos 4 or configure --without-krb4])
+fi
+
+if test "$openssl" = "yes"; then
+ AC_DEFINE([HAVE_OPENSSL], 1, [define to use openssl's libcrypto])
+fi
+if test "$old_hash" = yes; then
+ AC_DEFINE([HAVE_OLD_HASH_NAMES], 1,
+ [define if you have hash functions like md4_finito()])
+fi
+AM_CONDITIONAL(HAVE_OPENSSL, test "$openssl" = yes)dnl
+
+AC_SUBST(DIR_des)
+AC_SUBST(INCLUDE_des)
+AC_SUBST(LIB_des)
+AC_SUBST(LIB_des_a)
+AC_SUBST(LIB_des_so)
+AC_SUBST(LIB_des_appl)
+])
+
+dnl
+dnl $Id: with-all.m4,v 1.1 2001/08/29 17:01:23 assar Exp $
+dnl
+
+dnl AC_WITH_ALL(name)
+
+AC_DEFUN([AC_WITH_ALL], [
+AC_ARG_WITH($1,
+ AC_HELP_STRING([--with-$1=dir],
+ [use $1 in dir]))
+
+AC_ARG_WITH($1-lib,
+ AC_HELP_STRING([--with-$1-lib=dir],
+ [use $1 libraries in dir]),
+[if test "$withval" = "yes" -o "$withval" = "no"; then
+ AC_MSG_ERROR([No argument for --with-$1-lib])
+elif test "X$with_$1" = "X"; then
+ with_$1=yes
+fi])
+
+AC_ARG_WITH($1-include,
+ AC_HELP_STRING([--with-$1-include=dir],
+ [use $1 headers in dir]),
+[if test "$withval" = "yes" -o "$withval" = "no"; then
+ AC_MSG_ERROR([No argument for --with-$1-include])
+elif test "X$with_$1" = "X"; then
+ with_$1=yes
+fi])
+
+case "$with_$1" in
+yes) ;;
+no) ;;
+"") ;;
+*) if test "$with_$1_include" = ""; then
+ with_$1_include="$with_$1/include"
+ fi
+ if test "$with_$1_lib" = ""; then
+ with_$1_lib="$with_$1/lib$abilibdirext"
+ fi
+ ;;
+esac
+])
+dnl $Id: db.m4,v 1.9 2002/09/10 14:29:47 joda Exp $
dnl
dnl tests for various db libraries
dnl
@@ -4747,86 +5166,18 @@ AM_CONDITIONAL(HAVE_DB1, test "$db_type" = db1)dnl
AM_CONDITIONAL(HAVE_DB3, test "$db_type" = db3)dnl
AM_CONDITIONAL(HAVE_NDBM, test "$db_type" = ndbm)dnl
-DBLIB="$LDFLAGS $DBLIB"
+z=""
+for i in $LDFLAGS; do
+ case "$i" in
+ -L*) z="$z $i";;
+ esac
+done
+DBLIB="$z $DBLIB"
AC_SUBST(DBLIB)dnl
AC_SUBST(LIB_NDBM)dnl
])
-dnl $Id: find-func-no-libs.m4,v 1.5 1999/10/30 21:08:18 assar Exp $
-dnl
-dnl
-dnl Look for function in any of the specified libraries
-dnl
-
-dnl AC_FIND_FUNC_NO_LIBS(func, libraries, includes, arguments, extra libs, extra args)
-AC_DEFUN(AC_FIND_FUNC_NO_LIBS, [
-AC_FIND_FUNC_NO_LIBS2([$1], ["" $2], [$3], [$4], [$5], [$6])])
-
-dnl $Id: find-func-no-libs2.m4,v 1.6 2001/09/01 10:57:32 assar Exp $
-dnl
-dnl
-dnl Look for function in any of the specified libraries
-dnl
-
-dnl AC_FIND_FUNC_NO_LIBS2(func, libraries, includes, arguments, extra libs, extra args)
-AC_DEFUN(AC_FIND_FUNC_NO_LIBS2, [
-
-AC_MSG_CHECKING([for $1])
-AC_CACHE_VAL(ac_cv_funclib_$1,
-[
-if eval "test \"\$ac_cv_func_$1\" != yes" ; then
- ac_save_LIBS="$LIBS"
- for ac_lib in $2; do
- case "$ac_lib" in
- "") ;;
- yes) ac_lib="" ;;
- no) continue ;;
- -l*) ;;
- *) ac_lib="-l$ac_lib" ;;
- esac
- LIBS="$6 $ac_lib $5 $ac_save_LIBS"
- AC_TRY_LINK([$3],[$1($4)],eval "if test -n \"$ac_lib\";then ac_cv_funclib_$1=$ac_lib; else ac_cv_funclib_$1=yes; fi";break)
- done
- eval "ac_cv_funclib_$1=\${ac_cv_funclib_$1-no}"
- LIBS="$ac_save_LIBS"
-fi
-])
-
-eval "ac_res=\$ac_cv_funclib_$1"
-
-if false; then
- AC_CHECK_FUNCS($1)
-dnl AC_CHECK_LIBS($2, foo)
-fi
-# $1
-eval "ac_tr_func=HAVE_[]upcase($1)"
-eval "ac_tr_lib=HAVE_LIB[]upcase($ac_res | sed -e 's/-l//')"
-eval "LIB_$1=$ac_res"
-
-case "$ac_res" in
- yes)
- eval "ac_cv_func_$1=yes"
- eval "LIB_$1="
- AC_DEFINE_UNQUOTED($ac_tr_func)
- AC_MSG_RESULT([yes])
- ;;
- no)
- eval "ac_cv_func_$1=no"
- eval "LIB_$1="
- AC_MSG_RESULT([no])
- ;;
- *)
- eval "ac_cv_func_$1=yes"
- eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
- AC_DEFINE_UNQUOTED($ac_tr_func)
- AC_DEFINE_UNQUOTED($ac_tr_lib)
- AC_MSG_RESULT([yes, in $ac_res])
- ;;
-esac
-AC_SUBST(LIB_$1)
-])
-
-dnl $Id: roken-frag.m4,v 1.42 2002/08/26 13:26:52 assar Exp $
+dnl $Id: roken-frag.m4,v 1.44 2002/09/04 20:57:30 joda Exp $
dnl
dnl some code to get roken working
dnl
@@ -4897,6 +5248,7 @@ AC_CHECK_HEADERS([\
shadow.h \
sys/bswap.h \
sys/ioctl.h \
+ sys/mman.h \
sys/param.h \
sys/proc.h \
sys/resource.h \
@@ -4954,6 +5306,24 @@ AC_FIND_FUNC(res_search, resolv,
],
[0,0,0,0,0])
+AC_FIND_FUNC(res_nsearch, resolv,
+[
+#include <stdio.h>
+#ifdef HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+#ifdef HAVE_NETINET_IN_H
+#include <netinet/in.h>
+#endif
+#ifdef HAVE_ARPA_NAMESER_H
+#include <arpa/nameser.h>
+#endif
+#ifdef HAVE_RESOLV_H
+#include <resolv.h>
+#endif
+],
+[0,0,0,0,0])
+
AC_FIND_FUNC(dn_expand, resolv,
[
#include <stdio.h>
@@ -5033,6 +5403,8 @@ fi
AC_REQUIRE([AC_FUNC_GETLOGIN])
+AC_REQUIRE([AC_FUNC_MMAP])
+
AC_FIND_FUNC_NO_LIBS(getsockopt,,
[#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
@@ -5540,16 +5912,6 @@ if false;then
fi
])
-dnl $Id: find-func.m4,v 1.1 1997/12/14 15:58:58 joda Exp $
-dnl
-dnl AC_FIND_FUNC(func, libraries, includes, arguments)
-AC_DEFUN(AC_FIND_FUNC, [
-AC_FIND_FUNC_NO_LIBS([$1], [$2], [$3], [$4])
-if test -n "$LIB_$1"; then
- LIBS="$LIB_$1 $LIBS"
-fi
-])
-
dnl $Id: krb-ipv6.m4,v 1.13 2002/04/30 16:48:13 joda Exp $
dnl
dnl test for IPv6
@@ -6104,132 +6466,6 @@ if test "$ac_cv_struct_spwd" = "yes"; then
fi
])
-dnl $Id: test-package.m4,v 1.11 2002/08/28 19:30:48 joda Exp $
-dnl
-dnl rk_TEST_PACKAGE(package,headers,libraries,extra libs,
-dnl default locations, conditional, config-program)
-
-AC_DEFUN(rk_TEST_PACKAGE,[
-AC_ARG_WITH($1,
- AC_HELP_STRING([--with-$1=dir],[use $1 in dir]))
-AC_ARG_WITH($1-lib,
- AC_HELP_STRING([--with-$1-lib=dir],[use $1 libraries in dir]),
-[if test "$withval" = "yes" -o "$withval" = "no"; then
- AC_MSG_ERROR([No argument for --with-$1-lib])
-elif test "X$with_$1" = "X"; then
- with_$1=yes
-fi])
-AC_ARG_WITH($1-include,
- AC_HELP_STRING([--with-$1-include=dir],[use $1 headers in dir]),
-[if test "$withval" = "yes" -o "$withval" = "no"; then
- AC_MSG_ERROR([No argument for --with-$1-include])
-elif test "X$with_$1" = "X"; then
- with_$1=yes
-fi])
-AC_ARG_WITH($1-config,
- AC_HELP_STRING([--with-$1-config=path],[config program for $1]))
-
-m4_ifval([$6],
- m4_define([rk_pkgname], $6),
- m4_define([rk_pkgname], AS_TR_CPP($1)))
-
-AC_MSG_CHECKING(for $1)
-
-case "$with_$1" in
-yes|"") d='$5' ;;
-no) d= ;;
-*) d="$with_$1" ;;
-esac
-
-header_dirs=
-lib_dirs=
-for i in $d; do
- if test "$with_$1_include" = ""; then
- if test -d "$i/include/$1"; then
- header_dirs="$header_dirs $i/include/$1"
- fi
- if test -d "$i/include"; then
- header_dirs="$header_dirs $i/include"
- fi
- fi
- if test "$with_$1_lib" = ""; then
- if test -d "$i/lib$abilibdirext"; then
- lib_dirs="$lib_dirs $i/lib$abilibdirext"
- fi
- fi
-done
-
-if test "$with_$1_include"; then
- header_dirs="$with_$1_include $header_dirs"
-fi
-if test "$with_$1_lib"; then
- lib_dirs="$with_$1_lib $lib_dirs"
-fi
-
-if test "$with_$1_config" = ""; then
- with_$1_config='$7'
-fi
-
-$1_cflags=
-$1_libs=
-
-case "$with_$1_config" in
-yes|no|"")
- ;;
-*)
- $1_cflags="`$with_$1_config --cflags 2>&1`"
- $1_libs="`$with_$1_config --libs 2>&1`"
- ;;
-esac
-
-found=no
-if test "$with_$1" != no; then
- save_CFLAGS="$CFLAGS"
- save_LIBS="$LIBS"
- if test "$[]$1_cflags" -a "$[]$1_libs"; then
- CFLAGS="$[]$1_cflags $save_CFLAGS"
- LIBS="$[]$1_libs $save_LIBS"
- AC_TRY_LINK([$2],,[
- INCLUDE_$1="$[]$1_cflags"
- LIB_$1="$[]$1_libs"
- AC_MSG_RESULT([from $with_$1_config])
- found=yes])
- fi
- if test "$found" = no; then
- ires= lres=
- for i in $header_dirs; do
- CFLAGS="-I$i $save_CFLAGS"
- AC_TRY_COMPILE([$2],,ires=$i;break)
- done
- for i in $lib_dirs; do
- LIBS="-L$i $3 $4 $save_LIBS"
- AC_TRY_LINK([$2],,lres=$i;break)
- done
- if test "$ires" -a "$lres" -a "$with_$1" != "no"; then
- INCLUDE_$1="-I$ires"
- LIB_$1="-L$lres $3"
- found=yes
- AC_MSG_RESULT([headers $ires, libraries $lres])
- fi
- fi
- CFLAGS="$save_CFLAGS"
- LIBS="$save_LIBS"
-fi
-
-if test "$found" = yes; then
- AC_DEFINE_UNQUOTED(rk_pkgname, 1, [Define if you have the $1 package.])
- with_$1=yes
-else
- with_$1=no
- INCLUDE_$1=
- LIB_$1=
- AC_MSG_RESULT(no)
-fi
-
-AC_SUBST(INCLUDE_$1)
-AC_SUBST(LIB_$1)
-])
-
dnl $Id: otp.m4,v 1.2 2002/05/19 20:51:08 joda Exp $
dnl
dnl check requirements for OTP library
@@ -6688,247 +6924,6 @@ if test "$ac_cv_func_getpwnam_r_posix" = yes; then
fi
fi
])
-dnl $Id: crypto.m4,v 1.11 2002/08/28 23:09:05 assar Exp $
-dnl
-dnl test for crypto libraries:
-dnl - libcrypto (from openssl)
-dnl - libdes (from krb4)
-dnl - own-built libdes
-
-AC_DEFUN([KRB_CRYPTO],[
-crypto_lib=unknown
-AC_WITH_ALL([openssl])
-
-DIR_des=
-
-AC_MSG_CHECKING([for crypto library])
-
-openssl=no
-if test "$crypto_lib" = "unknown" -a "$with_openssl" != "no"; then
-
- save_CPPFLAGS="$CPPFLAGS"
- save_LIBS="$LIBS"
- INCLUDE_des=
- LIB_des=
- if test "$with_openssl_include" != ""; then
- INCLUDE_des="-I${with_openssl}/include"
- fi
- if test "$with_openssl_lib" != ""; then
- LIB_des="-L${with_openssl}/lib"
- fi
- CPPFLAGS="${INCLUDE_des} ${CPPFLAGS}"
- LIB_des="${LIB_des} -lcrypto"
- LIB_des_a="$LIB_des"
- LIB_des_so="$LIB_des"
- LIB_des_appl="$LIB_des"
- LIBS="${LIBS} ${LIB_des}"
- AC_TRY_LINK([
- #include <openssl/md4.h>
- #include <openssl/md5.h>
- #include <openssl/sha.h>
- #include <openssl/des.h>
- #include <openssl/rc4.h>
- ],
- [
- void *schedule = 0;
- MD4_CTX md4;
- MD5_CTX md5;
- SHA_CTX sha1;
-
- MD4_Init(&md4);
- MD5_Init(&md5);
- SHA1_Init(&sha1);
-
- des_cbc_encrypt(0, 0, 0, schedule, 0, 0);
- RC4(0, 0, 0, 0);
- ], [
- crypto_lib=libcrypto openssl=yes
- AC_MSG_RESULT([libcrypto])])
- CPPFLAGS="$save_CPPFLAGS"
- LIBS="$save_LIBS"
-fi
-
-if test "$crypto_lib" = "unknown" -a "$with_krb4" != "no"; then
- save_CPPFLAGS="$CPPFLAGS"
- save_LIBS="$LIBS"
-
- cdirs= clibs=
- for i in $LIB_krb4; do
- case "$i" in
- -L*) cdirs="$cdirs $i";;
- -l*) clibs="$clibs $i";;
- esac
- done
-
- ires=
- for i in $INCLUDE_krb4; do
- CFLAGS="$i $save_CFLAGS"
- AC_TRY_COMPILE([
- #undef KRB5 /* makes md4.h et al unhappy */
- #define KRB4
- #include <openssl/md4.h>
- #include <openssl/md5.h>
- #include <openssl/sha.h>
- #include <openssl/des.h>
- #include <openssl/rc4.h>
- ], [
- MD4_CTX md4;
- MD5_CTX md5;
- SHA_CTX sha1;
-
- MD4_Init(&md4);
- MD5_Init(&md5);
- SHA1_Init(&sha1);
-
- des_cbc_encrypt(0, 0, 0, 0, 0, 0);
- RC4(0, 0, 0, 0);],openssl=yes ires="$i"; break)
- AC_TRY_COMPILE([
- #undef KRB5 /* makes md4.h et al unhappy */
- #define KRB4
- #include <md4.h>
- #include <md5.h>
- #include <sha.h>
- #include <des.h>
- #include <rc4.h>
- ], [
- MD4_CTX md4;
- MD5_CTX md5;
- SHA_CTX sha1;
-
- MD4_Init(&md4);
- MD5_Init(&md5);
- SHA1_Init(&sha1);
-
- des_cbc_encrypt(0, 0, 0, 0, 0, 0);
- RC4(0, 0, 0, 0);],ires="$i"; break)
- done
- lres=
- for i in $cdirs; do
- for j in $clibs; do
- LIBS="$i $j $save_LIBS"
- if test "$openssl" = yes; then
- AC_TRY_LINK([
- #undef KRB5 /* makes md4.h et al unhappy */
- #define KRB4
- #include <openssl/md4.h>
- #include <openssl/md5.h>
- #include <openssl/sha.h>
- #include <openssl/des.h>
- #include <openssl/rc4.h>
- ], [
- MD4_CTX md4;
- MD5_CTX md5;
- SHA_CTX sha1;
-
- MD4_Init(&md4);
- MD5_Init(&md5);
- SHA1_Init(&sha1);
-
- des_cbc_encrypt(0, 0, 0, 0, 0, 0);
- RC4(0, 0, 0, 0);],lres="$i $j"; break 2)
- else
- AC_TRY_LINK([
- #undef KRB5 /* makes md4.h et al unhappy */
- #define KRB4
- #include <md4.h>
- #include <md5.h>
- #include <sha.h>
- #include <des.h>
- #include <rc4.h>
- ], [
- MD4_CTX md4;
- MD5_CTX md5;
- SHA_CTX sha1;
-
- MD4_Init(&md4);
- MD5_Init(&md5);
- SHA1_Init(&sha1);
-
- des_cbc_encrypt(0, 0, 0, 0, 0, 0);
- RC4(0, 0, 0, 0);],lres="$i $j"; break 2)
- fi
- done
- done
- CFLAGS="$save_CFLAGS"
- LIBS="$save_LIBS"
- if test "$ires" -a "$lres"; then
- INCLUDE_des="$ires"
- LIB_des="$lres"
- crypto_lib=krb4
- AC_MSG_RESULT([same as krb4])
- LIB_des_a='$(LIB_des)'
- LIB_des_so='$(LIB_des)'
- LIB_des_appl='$(LIB_des)'
- fi
-fi
-
-if test "$crypto_lib" = "unknown"; then
-
- DIR_des='des'
- LIB_des='$(top_builddir)/lib/des/libdes.la'
- LIB_des_a='$(top_builddir)/lib/des/.libs/libdes.a'
- LIB_des_so='$(top_builddir)/lib/des/.libs/libdes.so'
- LIB_des_appl="-ldes"
-
- AC_MSG_RESULT([included libdes])
-
-fi
-
-if test "$openssl" = "yes"; then
- AC_DEFINE([HAVE_OPENSSL], 1, [define to use openssl's libcrypto])
-fi
-AM_CONDITIONAL(HAVE_OPENSSL, test "$openssl" = yes)dnl
-
-AC_SUBST(DIR_des)
-AC_SUBST(INCLUDE_des)
-AC_SUBST(LIB_des)
-AC_SUBST(LIB_des_a)
-AC_SUBST(LIB_des_so)
-AC_SUBST(LIB_des_appl)
-])
-
-dnl
-dnl $Id: with-all.m4,v 1.1 2001/08/29 17:01:23 assar Exp $
-dnl
-
-dnl AC_WITH_ALL(name)
-
-AC_DEFUN([AC_WITH_ALL], [
-AC_ARG_WITH($1,
- AC_HELP_STRING([--with-$1=dir],
- [use $1 in dir]))
-
-AC_ARG_WITH($1-lib,
- AC_HELP_STRING([--with-$1-lib=dir],
- [use $1 libraries in dir]),
-[if test "$withval" = "yes" -o "$withval" = "no"; then
- AC_MSG_ERROR([No argument for --with-$1-lib])
-elif test "X$with_$1" = "X"; then
- with_$1=yes
-fi])
-
-AC_ARG_WITH($1-include,
- AC_HELP_STRING([--with-$1-include=dir],
- [use $1 headers in dir]),
-[if test "$withval" = "yes" -o "$withval" = "no"; then
- AC_MSG_ERROR([No argument for --with-$1-include])
-elif test "X$with_$1" = "X"; then
- with_$1=yes
-fi])
-
-case "$with_$1" in
-yes) ;;
-no) ;;
-"") ;;
-*) if test "$with_$1_include" = ""; then
- with_$1_include="$with_$1/include"
- fi
- if test "$with_$1_lib" = ""; then
- with_$1_lib="$with_$1/lib$abilibdirext"
- fi
- ;;
-esac
-])
dnl $Id: krb-readline.m4,v 1.5 2002/08/29 02:22:32 assar Exp $
dnl
dnl Tests for readline functions
@@ -7126,19 +7121,25 @@ AC_SUBST(LIB_com_err_so)
])
-dnl $Id: auth-modules.m4,v 1.3 2002/08/28 15:04:57 nectar Exp $
+dnl $Id: auth-modules.m4,v 1.5 2002/09/09 13:31:45 joda Exp $
dnl
dnl Figure what authentication modules should be built
+dnl
+dnl rk_AUTH_MODULES(module-list)
-AC_DEFUN(AC_AUTH_MODULES,[
-AC_MSG_CHECKING(which authentication modules should be built)
+AC_DEFUN(rk_AUTH_MODULES,[
+AC_MSG_CHECKING([which authentication modules should be built])
+z='m4_ifval([$1], $1, [sia pam afskauthlib])'
LIB_AUTH_SUBDIRS=
-
+for i in $z; do
+case $i in
+sia)
if test "$ac_cv_header_siad_h" = yes; then
LIB_AUTH_SUBDIRS="$LIB_AUTH_SUBDIRS sia"
fi
-
+;;
+pam)
case "${host}" in
*-*-freebsd*) ac_cv_want_pam_krb4=no ;;
*) ac_cv_want_pam_krb4=yes ;;
@@ -7149,12 +7150,19 @@ if test "$ac_cv_want_pam_krb4" = yes -a \
"$enable_shared" = yes; then
LIB_AUTH_SUBDIRS="$LIB_AUTH_SUBDIRS pam"
fi
-
+;;
+afskauthlib)
case "${host}" in
*-*-irix[[56]]*) LIB_AUTH_SUBDIRS="$LIB_AUTH_SUBDIRS afskauthlib" ;;
esac
-
-AC_MSG_RESULT($LIB_AUTH_SUBDIRS)
+;;
+esac
+done
+if test "$LIB_AUTH_SUBDIRS"; then
+ AC_MSG_RESULT($LIB_AUTH_SUBDIRS)
+else
+ AC_MSG_RESULT(none)
+fi
AC_SUBST(LIB_AUTH_SUBDIRS)dnl
])
diff --git a/crypto/heimdal/admin/add.c b/crypto/heimdal/admin/add.c
index 8f8c4e3..a600380 100644
--- a/crypto/heimdal/admin/add.c
+++ b/crypto/heimdal/admin/add.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "ktutil_locl.h"
-RCSID("$Id: add.c,v 1.3 2001/07/23 09:46:40 joda Exp $");
+RCSID("$Id: add.c,v 1.5 2002/09/10 19:26:52 joda Exp $");
int
kt_add(int argc, char **argv)
diff --git a/crypto/heimdal/admin/ktutil_locl.h b/crypto/heimdal/admin/ktutil_locl.h
index f445967..da60f42 100644
--- a/crypto/heimdal/admin/ktutil_locl.h
+++ b/crypto/heimdal/admin/ktutil_locl.h
@@ -32,7 +32,7 @@
*/
/*
- * $Id: ktutil_locl.h,v 1.17 2001/08/22 20:30:18 assar Exp $
+ * $Id: ktutil_locl.h,v 1.18 2002/09/10 20:03:45 joda Exp $
*/
#ifndef __KTUTIL_LOCL_H__
@@ -54,12 +54,7 @@
#include <parse_time.h>
#include <roken.h>
-#ifdef HAVE_OPENSSL
-#include <openssl/des.h>
-#else
-#include <des.h>
-#endif
-
+#include "crypto-headers.h"
#include <krb5.h>
#include <kadm5/admin.h>
#include <kadm5/kadm5_err.h>
diff --git a/crypto/heimdal/appl/ftp/ChangeLog b/crypto/heimdal/appl/ftp/ChangeLog
index 3d4e6ed..92e0041 100644
--- a/crypto/heimdal/appl/ftp/ChangeLog
+++ b/crypto/heimdal/appl/ftp/ChangeLog
@@ -1,3 +1,11 @@
+2002-09-05 Johan Danielsson <joda@pdc.kth.se>
+
+ * ftp/security.c (sec_vfprintf): free encoded data
+
+ * ftp/gssapi.c (gss_decode): release buffer
+
+ * ftp/ftp.c (active_mode): no need to allocate buffer for EPRT
+
2002-08-28 Johan Danielsson <joda@pdc.kth.se>
* ftp/ftp.c (command): clean up va_{start,end}ing (from NetBSD)
diff --git a/crypto/heimdal/appl/ftp/ftp/ftp.c b/crypto/heimdal/appl/ftp/ftp/ftp.c
index 1ae92d7..fcf0bc4 100644
--- a/crypto/heimdal/appl/ftp/ftp/ftp.c
+++ b/crypto/heimdal/appl/ftp/ftp/ftp.c
@@ -32,7 +32,7 @@
*/
#include "ftp_locl.h"
-RCSID ("$Id: ftp.c,v 1.73 2002/08/28 16:10:39 joda Exp $");
+RCSID ("$Id: ftp.c,v 1.74 2002/09/04 22:00:12 joda Exp $");
struct sockaddr_storage hisctladdr_ss;
struct sockaddr *hisctladdr = (struct sockaddr *)&hisctladdr_ss;
@@ -1284,7 +1284,6 @@ noport:
if (listen (data, 1) < 0)
warn ("listen");
if (sendport) {
- char *cmd;
char addr_str[256];
int inet_af;
int overbose;
@@ -1305,15 +1304,14 @@ noport:
errx (1, "bad address family %d", data_addr->sa_family);
}
- asprintf (&cmd, "EPRT |%d|%s|%d|",
- inet_af, addr_str, ntohs(socket_get_port (data_addr)));
overbose = verbose;
if (debug == 0)
verbose = -1;
- result = command (cmd);
-
+ result = command ("EPRT |%d|%s|%d|",
+ inet_af, addr_str,
+ ntohs(socket_get_port (data_addr)));
verbose = overbose;
if (result == ERROR) {
diff --git a/crypto/heimdal/appl/ftp/ftp/ftp_locl.h b/crypto/heimdal/appl/ftp/ftp/ftp_locl.h
index 4412189..4749da0 100644
--- a/crypto/heimdal/appl/ftp/ftp/ftp_locl.h
+++ b/crypto/heimdal/appl/ftp/ftp/ftp_locl.h
@@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
-/* $Id: ftp_locl.h,v 1.36 2001/08/22 20:30:19 assar Exp $ */
+/* $Id: ftp_locl.h,v 1.37 2002/09/10 20:03:46 joda Exp $ */
#ifndef __FTP_LOCL_H__
#define __FTP_LOCL_H__
@@ -131,11 +131,7 @@ struct hostent *gethostbyname(const char *);
#include "security.h"
/* des_read_pw_string */
-#ifdef HAVE_OPENSSL
-#include <openssl/des.h>
-#else
-#include <des.h>
-#endif
+#include "crypto-headers.h"
#if defined(__sun__) && !defined(__svr4)
int fclose(FILE*);
diff --git a/crypto/heimdal/appl/ftp/ftp/gssapi.c b/crypto/heimdal/appl/ftp/ftp/gssapi.c
index 3f07f16..af04c1a 100644
--- a/crypto/heimdal/appl/ftp/ftp/gssapi.c
+++ b/crypto/heimdal/appl/ftp/ftp/gssapi.c
@@ -39,7 +39,7 @@
#include <gssapi.h>
#include <krb5_err.h>
-RCSID("$Id: gssapi.c,v 1.19 2002/08/20 12:47:45 joda Exp $");
+RCSID("$Id: gssapi.c,v 1.20 2002/09/04 22:00:50 joda Exp $");
struct gss_data {
gss_ctx_id_t context_hdl;
@@ -81,6 +81,7 @@ gss_decode(void *app_data, void *buf, int len, int level)
gss_qop_t qop_state;
int conf_state;
struct gss_data *d = app_data;
+ size_t ret_len;
input.length = len;
input.value = buf;
@@ -93,7 +94,9 @@ gss_decode(void *app_data, void *buf, int len, int level)
if(GSS_ERROR(maj_stat))
return -1;
memmove(buf, output.value, output.length);
- return output.length;
+ ret_len = output.length;
+ gss_release_buffer(&min_stat, &output);
+ return ret_len;
}
static int
diff --git a/crypto/heimdal/appl/ftp/ftp/security.c b/crypto/heimdal/appl/ftp/ftp/security.c
index a8fff1d..db67775 100644
--- a/crypto/heimdal/appl/ftp/ftp/security.c
+++ b/crypto/heimdal/appl/ftp/ftp/security.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1998-2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1998-2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -37,7 +37,7 @@
#include "ftp_locl.h"
#endif
-RCSID("$Id: security.c,v 1.18 2001/02/07 10:49:43 assar Exp $");
+RCSID("$Id: security.c,v 1.19 2002/09/04 22:01:28 joda Exp $");
static enum protection_level command_prot;
static enum protection_level data_prot;
@@ -387,9 +387,11 @@ sec_vfprintf(FILE *f, const char *fmt, va_list ap)
return -1;
}
if(base64_encode(enc, len, &buf) < 0){
+ free(enc);
printf("Out of memory base64-encoding.\n");
return -1;
}
+ free(enc);
#ifdef FTP_SERVER
if(command_prot == prot_safe)
fprintf(f, "631 %s\r\n", buf);
diff --git a/crypto/heimdal/appl/kf/kf.c b/crypto/heimdal/appl/kf/kf.c
index 3288dae..190101b 100644
--- a/crypto/heimdal/appl/kf/kf.c
+++ b/crypto/heimdal/appl/kf/kf.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000, 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -32,13 +32,13 @@
*/
#include "kf_locl.h"
-RCSID("$Id: kf.c,v 1.15 2001/02/20 01:44:44 assar Exp $");
+RCSID("$Id: kf.c,v 1.17 2002/09/05 15:00:03 joda Exp $");
krb5_context context;
static int help_flag;
static int version_flag;
static char *port_str;
-const char *service = SERVICE;
+const char *service = KF_SERVICE;
const char *remote_name = NULL;
int forwardable = 0;
const char *ccache_name = NULL;
@@ -107,7 +107,7 @@ client_setup(krb5_context *context, int *argc, char **argv)
}
if (port == 0)
- port = krb5_getportbyname (*context, PORT, "tcp", PORT_NUM);
+ port = krb5_getportbyname (*context, KF_PORT_NAME, "tcp", KF_PORT_NUM);
if(*argc - optind < 1)
usage(1, args, num_args);
@@ -122,22 +122,19 @@ client_setup(krb5_context *context, int *argc, char **argv)
*/
static int
-proto (int sock, const char *hostname, const char *service)
+proto (int sock, const char *hostname, const char *service,
+ char *message, size_t len)
{
krb5_auth_context auth_context;
krb5_error_code status;
krb5_principal server;
krb5_data data;
- krb5_data packet;
krb5_data data_send;
- u_int32_t len, net_len;
krb5_ccache ccache;
krb5_creds creds;
krb5_kdc_flags flags;
krb5_principal principal;
- char ret_string[10];
- ssize_t n;
status = krb5_auth_con_init (context, &auth_context);
if (status) {
@@ -166,10 +163,10 @@ proto (int sock, const char *hostname, const char *service)
status = krb5_sendauth (context,
&auth_context,
&sock,
- VERSION,
+ KF_VERSION_1,
NULL,
server,
- AP_OPTS_MUTUAL_REQUIRED,
+ AP_OPTS_MUTUAL_REQUIRED | AP_OPTS_USE_SUBKEY,
NULL,
NULL,
NULL,
@@ -181,27 +178,19 @@ proto (int sock, const char *hostname, const char *service)
return 1;
}
- if (remote_name == NULL) {
- remote_name = get_default_username ();
- if (remote_name == NULL)
- errx (1, "who are you?");
- }
+ if (ccache_name == NULL)
+ ccache_name = "";
- krb5_data_zero(&data_send);
data_send.data = (void *)remote_name;
data_send.length = strlen(remote_name) + 1;
- status = krb5_write_message(context, &sock, &data_send);
+ status = krb5_write_priv_message(context, auth_context, &sock, &data_send);
if (status) {
krb5_warn (context, status, "krb5_write_message");
return 1;
}
-
- if (ccache_name == NULL)
- ccache_name = "";
-
data_send.data = (void *)ccache_name;
data_send.length = strlen(ccache_name)+1;
- status = krb5_write_message(context, &sock, &data_send);
+ status = krb5_write_priv_message(context, auth_context, &sock, &data_send);
if (status) {
krb5_warn (context, status, "krb5_write_message");
return 1;
@@ -223,16 +212,15 @@ proto (int sock, const char *hostname, const char *service)
creds.client = principal;
- status = krb5_build_principal (context,
- &creds.server,
- strlen(principal->realm),
- principal->realm,
- KRB5_TGS_NAME,
- principal->realm,
- NULL);
+ status = krb5_make_principal (context,
+ &creds.server,
+ principal->realm,
+ KRB5_TGS_NAME,
+ principal->realm,
+ NULL);
if (status) {
- krb5_warn (context, status, "krb5_build_principal");
+ krb5_warn (context, status, "krb5_make_principal");
return 1;
}
@@ -254,60 +242,36 @@ proto (int sock, const char *hostname, const char *service)
return 1;
}
- status = krb5_mk_priv (context,
- auth_context,
- &data,
- &packet,
- NULL);
+ status = krb5_write_priv_message(context, auth_context, &sock, &data);
+
if (status) {
krb5_warn (context, status, "krb5_mk_priv");
return 1;
}
- len = packet.length;
- net_len = htonl(len);
-
- if (krb5_net_write (context, &sock, &net_len, 4) != 4) {
- krb5_warn (context, errno, "krb5_net_write");
- return 1;
- }
- if (krb5_net_write (context, &sock, packet.data, len) != len) {
- krb5_warn (context, errno, "krb5_net_write");
- return 1;
- }
-
krb5_data_free (&data);
- n = krb5_net_read (context, &sock, &net_len, 4);
- if (n == 0) {
- krb5_warnx (context, "EOF in krb5_net_read");
- return 1;
- }
- if (n < 0) {
- krb5_warn (context, errno, "krb5_net_read");
- return 1;
- }
- len = ntohl(net_len);
- if (len >= sizeof(ret_string)) {
- krb5_warnx (context, "too long string back from %s", hostname);
- return 1;
- }
- n = krb5_net_read (context, &sock, ret_string, len);
- if (n == 0) {
- krb5_warnx (context, "EOF in krb5_net_read");
+ status = krb5_read_priv_message(context, auth_context, &sock, &data);
+ if (status) {
+ krb5_warn (context, status, "krb5_mk_priv");
return 1;
}
- if (n < 0) {
- krb5_warn (context, errno, "krb5_net_read");
- return 1;
+ if(data.length >= len) {
+ krb5_warnx (context, "returned string is too long, truncating");
+ memcpy(message, data.data, len);
+ message[len - 1] = '\0';
+ } else {
+ memcpy(message, data.data, data.length);
+ message[data.length] = '\0';
}
- ret_string[sizeof(ret_string) - 1] = '\0';
+ krb5_data_free (&data);
- return(strcmp(ret_string,"ok"));
+ return(strcmp(message, "ok"));
}
static int
-doit (const char *hostname, int port, const char *service)
+doit (const char *hostname, int port, const char *service,
+ char *message, size_t len)
{
struct addrinfo *ai, *a;
struct addrinfo hints;
@@ -337,7 +301,7 @@ doit (const char *hostname, int port, const char *service)
continue;
}
freeaddrinfo (ai);
- return proto (s, hostname, service);
+ return proto (s, hostname, service, message, len);
}
warnx ("failed to contact %s", hostname);
freeaddrinfo (ai);
@@ -353,9 +317,19 @@ main(int argc, char **argv)
argcc = argc;
port = client_setup(&context, &argcc, argv);
+ if (remote_name == NULL) {
+ remote_name = get_default_username ();
+ if (remote_name == NULL)
+ errx (1, "who are you?");
+ }
+
for (i = argcc;i < argc; i++) {
- ret = doit (argv[i], port, service);
- warnx ("%s %s", argv[i], ret ? "failed" : "ok");
+ char message[128];
+ ret = doit (argv[i], port, service, message, sizeof(message));
+ if(ret == 0)
+ warnx ("%s: ok", argv[i]);
+ else
+ warnx ("%s: failed: %s", argv[i], message);
}
return(ret);
}
diff --git a/crypto/heimdal/appl/kf/kf_locl.h b/crypto/heimdal/appl/kf/kf_locl.h
index 29f5941..0a6a28f 100644
--- a/crypto/heimdal/appl/kf/kf_locl.h
+++ b/crypto/heimdal/appl/kf/kf_locl.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 1999, 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
-/* $Id: kf_locl.h,v 1.2 1999/12/02 17:04:55 joda Exp $ */
+/* $Id: kf_locl.h,v 1.3 2002/09/04 20:29:04 joda Exp $ */
#ifdef HAVE_CONFIG_H
#include <config.h>
@@ -74,7 +74,8 @@
#include <err.h>
#include <krb5.h>
-#define SERVICE "host"
+#define KF_SERVICE "host"
-#define PORT "kf"
-#define PORT_NUM 2110
+#define KF_PORT_NAME "kf"
+#define KF_PORT_NUM 2110
+#define KF_VERSION_1 "KFWDV0.1"
diff --git a/crypto/heimdal/appl/kf/kfd.c b/crypto/heimdal/appl/kf/kfd.c
index 6dc2666..7f6ea28 100644
--- a/crypto/heimdal/appl/kf/kfd.c
+++ b/crypto/heimdal/appl/kf/kfd.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -32,7 +32,7 @@
*/
#include "kf_locl.h"
-RCSID("$Id: kfd.c,v 1.9 2001/02/20 01:44:44 assar Exp $");
+RCSID("$Id: kfd.c,v 1.10 2002/09/04 20:31:48 joda Exp $");
krb5_context context;
char krb5_tkfile[MAXPATHLEN];
@@ -40,7 +40,7 @@ char krb5_tkfile[MAXPATHLEN];
static int help_flag;
static int version_flag;
static char *port_str;
-char *service = SERVICE;
+char *service = KF_SERVICE;
int do_inetd = 0;
static char *regpag_str=NULL;
@@ -92,7 +92,7 @@ server_setup(krb5_context *context, int argc, char **argv)
}
if (port == 0)
- port = krb5_getportbyname (*context, PORT, "tcp", PORT_NUM);
+ port = krb5_getportbyname (*context, KF_PORT_NAME, "tcp", KF_PORT_NUM);
if(argv[local_argc] != NULL)
usage(1, args, num_args);
@@ -100,26 +100,23 @@ server_setup(krb5_context *context, int argc, char **argv)
return port;
}
-static void
-syslog_and_die (const char *m, ...)
-{
- va_list args;
+static int protocol_version;
- va_start(args, m);
- vsyslog (LOG_ERR, m, args);
- va_end(args);
- exit (1);
-}
-
-static void
-syslog_and_cont (const char *m, ...)
+static krb5_boolean
+kfd_match_version(const void *arg, const char *version)
{
- va_list args;
-
- va_start(args, m);
- vsyslog (LOG_ERR, m, args);
- va_end(args);
- return;
+ if(strcmp(version, KF_VERSION_1) == 0) {
+ protocol_version = 1;
+ return TRUE;
+ } else if (strlen(version) == 4 &&
+ version[0] == '0' &&
+ version[1] == '.' &&
+ (version[2] == '4' || version[2] == '3') &&
+ islower(version[3])) {
+ protocol_version = 0;
+ return TRUE;
+ }
+ return FALSE;
}
static int
@@ -132,31 +129,25 @@ proto (int sock, const char *service)
char *name;
char ret_string[10];
char hostname[MAXHOSTNAMELEN];
- krb5_data packet;
krb5_data data;
krb5_data remotename;
krb5_data tk_file;
-
- u_int32_t len, net_len;
krb5_ccache ccache;
char ccname[MAXPATHLEN];
struct passwd *pwd;
- ssize_t n;
status = krb5_auth_con_init (context, &auth_context);
if (status)
- syslog_and_die("krb5_auth_con_init: %s",
- krb5_get_err_text(context, status));
+ krb5_err(context, 1, status, "krb5_auth_con_init");
status = krb5_auth_con_setaddrs_from_fd (context,
auth_context,
&sock);
if (status)
- syslog_and_die("krb5_auth_con_setaddr: %s",
- krb5_get_err_text(context, status));
+ krb5_err(context, 1, status, "krb5_auth_con_setaddr");
if(gethostname (hostname, sizeof(hostname)) < 0)
- syslog_and_die("gethostname: %s",strerror(errno));
+ krb5_err(context, 1, errno, "gethostname");
status = krb5_sname_to_principal (context,
hostname,
@@ -164,88 +155,80 @@ proto (int sock, const char *service)
KRB5_NT_SRV_HST,
&server);
if (status)
- syslog_and_die("krb5_sname_to_principal: %s",
- krb5_get_err_text(context, status));
-
- status = krb5_recvauth (context,
- &auth_context,
- &sock,
- VERSION,
- server,
- 0,
- NULL,
- &ticket);
+ krb5_err(context, 1, status, "krb5_sname_to_principal");
+
+ status = krb5_recvauth_match_version (context,
+ &auth_context,
+ &sock,
+ kfd_match_version,
+ NULL,
+ server,
+ 0,
+ NULL,
+ &ticket);
if (status)
- syslog_and_die("krb5_recvauth: %s",
- krb5_get_err_text(context, status));
+ krb5_err(context, 1, status, "krb5_recvauth");
status = krb5_unparse_name (context,
ticket->client,
&name);
if (status)
- syslog_and_die("krb5_unparse_name: %s",
- krb5_get_err_text(context, status));
-
- status=krb5_read_message (context, &sock, &remotename);
- if (status) {
- syslog_and_die("krb5_read_message: %s",
- krb5_get_err_text(context, status));
- }
- status=krb5_read_message (context, &sock, &tk_file);
- if (status) {
- syslog_and_die("krb5_read_message: %s",
- krb5_get_err_text(context, status));
+ krb5_err(context, 1, status, "krb5_unparse_name");
+
+ if(protocol_version == 0) {
+ data.data = "old clnt"; /* XXX old clients only had room for
+ 10 bytes of message, and also
+ didn't show it to the user */
+ data.length = strlen(data.data) + 1;
+ krb5_write_message(context, &sock, &data);
+ sleep(2); /* XXX give client time to finish */
+ krb5_errx(context, 1, "old client; exiting");
}
+ status=krb5_read_priv_message (context, auth_context,
+ &sock, &remotename);
+ if (status)
+ krb5_err(context, 1, status, "krb5_read_message");
+ status=krb5_read_priv_message (context, auth_context,
+ &sock, &tk_file);
+ if (status)
+ krb5_err(context, 1, status, "krb5_read_message");
+
krb5_data_zero (&data);
- krb5_data_zero (&packet);
-
- n = krb5_net_read (context, &sock, &net_len, 4);
- if (n < 0)
- syslog_and_die("krb5_net_read: %s", strerror(errno));
- if (n == 0)
- syslog_and_die("EOF in krb5_net_read");
-
- len = ntohl(net_len);
- krb5_data_alloc (&packet, len);
- n = krb5_net_read (context, &sock, packet.data, len);
- if (n < 0)
- syslog_and_die("krb5_net_read: %s", strerror(errno));
- if (n == 0)
- syslog_and_die("EOF in krb5_net_read");
-
- status = krb5_rd_priv (context,
- auth_context,
- &packet,
- &data,
- NULL);
+
+ if(((char*)remotename.data)[remotename.length-1] != '\0')
+ krb5_errx(context, 1, "unterminated received");
+ if(((char*)tk_file.data)[tk_file.length-1] != '\0')
+ krb5_errx(context, 1, "unterminated received");
+
+ status = krb5_read_priv_message(context, auth_context, &sock, &data);
+
if (status) {
- syslog_and_cont("krb5_rd_priv: %s",
- krb5_get_err_text(context, status));
+ krb5_err(context, 1, errno, "krb5_read_priv_message");
goto out;
}
pwd = getpwnam ((char *)(remotename.data));
if (pwd == NULL) {
status=1;
- syslog_and_cont("getpwnam: %s failed",(char *)(remotename.data));
+ krb5_warnx(context, "getpwnam: %s failed",(char *)(remotename.data));
goto out;
}
if(!krb5_kuserok (context,
- ticket->client,
- (char *)(remotename.data))) {
+ ticket->client,
+ (char *)(remotename.data))) {
status=1;
- syslog_and_cont("krb5_kuserok: permission denied");
+ krb5_warnx(context, "krb5_kuserok: permission denied");
goto out;
}
if (setgid(pwd->pw_gid) < 0) {
- syslog_and_cont ("setgid: %s", strerror(errno));
+ krb5_warn(context, errno, "setgid");
goto out;
}
if (setuid(pwd->pw_uid) < 0) {
- syslog_and_cont ("setuid: %s", strerror(errno));
+ krb5_warn(context, errno, "setuid");
goto out;
}
@@ -256,49 +239,41 @@ proto (int sock, const char *service)
status = krb5_cc_resolve (context, ccname, &ccache);
if (status) {
- syslog_and_cont("krb5_cc_resolve: %s",
- krb5_get_err_text(context, status));
+ krb5_warn(context, status, "krb5_cc_resolve");
goto out;
}
status = krb5_cc_initialize (context, ccache, ticket->client);
if (status) {
- syslog_and_cont("krb5_cc_initialize: %s",
- krb5_get_err_text(context, status));
+ krb5_warn(context, status, "krb5_cc_initialize");
goto out;
}
status = krb5_rd_cred2 (context, auth_context, ccache, &data);
krb5_cc_close (context, ccache);
if (status) {
- syslog_and_cont("krb5_rd_cred: %s",
- krb5_get_err_text(context, status));
+ krb5_warn(context, status, "krb5_rd_cred");
goto out;
}
strlcpy(krb5_tkfile,ccname,sizeof(krb5_tkfile));
- syslog_and_cont("%s forwarded ticket to %s,%s",
- name,
- (char *)(remotename.data),ccname);
-out:
+ krb5_warnx(context, "%s forwarded ticket to %s,%s",
+ name,
+ (char *)(remotename.data),ccname);
+ out:
if (status) {
strcpy(ret_string, "no");
- syslog_and_cont("failed");
+ krb5_warnx(context, "failed");
} else {
strcpy(ret_string, "ok");
}
krb5_data_free (&tk_file);
krb5_data_free (&remotename);
- krb5_data_free (&packet);
krb5_data_free (&data);
free(name);
- len = strlen(ret_string) + 1;
- net_len = htonl(len);
- if (krb5_net_write (context, &sock, &net_len, 4) != 4)
- return 1;
- if (krb5_net_write (context, &sock, ret_string, len) != len)
- return 1;
- return status;
+ data.data = ret_string;
+ data.length = strlen(ret_string) + 1;
+ return krb5_write_priv_message(context, auth_context, &sock, &data);
}
static int
@@ -314,10 +289,16 @@ main(int argc, char **argv)
{
int port;
int ret;
+ krb5_log_facility *fac;
setprogname (argv[0]);
roken_openlog (argv[0], LOG_ODELAY | LOG_PID,LOG_AUTH);
port = server_setup(&context, argc, argv);
+ ret = krb5_openlog(context, "kfd", &fac);
+ if(ret) krb5_err(context, 1, ret, "krb5_openlog");
+ ret = krb5_set_warn_dest(context, fac);
+ if(ret) krb5_err(context, 1, ret, "krb5_set_warn_dest");
+
ret = doit (port, service);
closelog();
if (ret == 0 && regpag_str != NULL)
diff --git a/crypto/heimdal/appl/rsh/ChangeLog b/crypto/heimdal/appl/rsh/ChangeLog
index 983bccf..ddac74f 100644
--- a/crypto/heimdal/appl/rsh/ChangeLog
+++ b/crypto/heimdal/appl/rsh/ChangeLog
@@ -1,3 +1,27 @@
+2002-09-04 Johan Danielsson <joda@pdc.kth.se>
+
+ * rsh.c: free some memory
+
+2002-09-04 Assar Westerlund <assar@kth.se>
+
+ * common.c: krb5_crypto_block_size -> krb5_crypto_getblocksize
+
+2002-09-04 Johan Danielsson <joda@pdc.kth.se>
+
+ * rsh.1: document -P
+
+2002-09-03 Johan Danielsson <joda@pdc.kth.se>
+
+ * rsh.c: revert to protocol v1 if not asked for specific protocol
+
+ * rshd.c: handle protocol version 2
+
+ * rsh.c: handle protocol version 2
+
+ * common.c: handle protocol version 2
+
+ * rsh_locl.h: handle protocol version 2
+
2002-02-18 Johan Danielsson <joda@pdc.kth.se>
* rshd.c: don't show options that doesn't apply
diff --git a/crypto/heimdal/appl/rsh/common.c b/crypto/heimdal/appl/rsh/common.c
index 686e681..69b0c9b 100644
--- a/crypto/heimdal/appl/rsh/common.c
+++ b/crypto/heimdal/appl/rsh/common.c
@@ -32,14 +32,40 @@
*/
#include "rsh_locl.h"
-RCSID("$Id: common.c,v 1.14 2002/02/18 20:01:05 joda Exp $");
+RCSID("$Id: common.c,v 1.16 2002/09/04 15:50:36 assar Exp $");
#if defined(KRB4) || defined(KRB5)
+#ifdef KRB5
+int key_usage = 1026;
+
+void *ivec_in[2];
+void *ivec_out[2];
+
+void
+init_ivecs(int client)
+{
+ size_t blocksize;
+
+ krb5_crypto_getblocksize(context, crypto, &blocksize);
+
+ ivec_in[0] = malloc(blocksize);
+ memset(ivec_in[0], client, blocksize);
+
+ ivec_in[1] = malloc(blocksize);
+ memset(ivec_in[1], 2 | client, blocksize);
+
+ ivec_out[0] = malloc(blocksize);
+ memset(ivec_out[0], !client, blocksize);
+
+ ivec_out[1] = malloc(blocksize);
+ memset(ivec_out[1], 2 | !client, blocksize);
+}
+#endif
+
+
ssize_t
-do_read (int fd,
- void *buf,
- size_t sz)
+do_read (int fd, void *buf, size_t sz, void *ivec)
{
if (do_encrypt) {
#ifdef KRB4
@@ -61,7 +87,11 @@ do_read (int fd,
len = ntohl(len);
if (len > sz)
abort ();
- outer_len = krb5_get_wrapped_length (context, crypto, len);
+ /* ivec will be non null for protocol version 2 */
+ if(ivec != NULL)
+ outer_len = krb5_get_wrapped_length (context, crypto, len + 4);
+ else
+ outer_len = krb5_get_wrapped_length (context, crypto, len);
edata = malloc (outer_len);
if (edata == NULL)
errx (1, "malloc: cannot allocate %u bytes", outer_len);
@@ -69,13 +99,22 @@ do_read (int fd,
if (ret <= 0)
return ret;
- status = krb5_decrypt(context, crypto, KRB5_KU_OTHER_ENCRYPTED,
- edata, outer_len, &data);
+ status = krb5_decrypt_ivec(context, crypto, key_usage,
+ edata, outer_len, &data, ivec);
free (edata);
if (status)
- errx (1, "%s", krb5_get_err_text (context, status));
- memcpy (buf, data.data, len);
+ krb5_err (context, 1, status, "decrypting data");
+ if(ivec != NULL) {
+ unsigned long l;
+ if(data.length < len + 4)
+ errx (1, "data received is too short");
+ _krb5_get_int(data.data, &l, 4);
+ if(l != len)
+ errx (1, "inconsistency in received data");
+ memcpy (buf, (unsigned char *)data.data+4, len);
+ } else
+ memcpy (buf, data.data, len);
krb5_data_free (&data);
return len;
} else
@@ -86,7 +125,7 @@ do_read (int fd,
}
ssize_t
-do_write (int fd, void *buf, size_t sz)
+do_write (int fd, void *buf, size_t sz, void *ivec)
{
if (do_encrypt) {
#ifdef KRB4
@@ -98,20 +137,27 @@ do_write (int fd, void *buf, size_t sz)
if(auth_method == AUTH_KRB5) {
krb5_error_code status;
krb5_data data;
- u_int32_t len;
+ unsigned char len[4];
int ret;
- status = krb5_encrypt(context, crypto, KRB5_KU_OTHER_ENCRYPTED,
- buf, sz, &data);
-
- if (status)
- errx (1, "%s", krb5_get_err_text(context, status));
+ _krb5_put_int(len, sz, 4);
+ if(ivec != NULL) {
+ unsigned char *tmp = malloc(sz + 4);
+ if(tmp == NULL)
+ err(1, "malloc");
+ _krb5_put_int(tmp, sz, 4);
+ memcpy(tmp + 4, buf, sz);
+ status = krb5_encrypt_ivec(context, crypto, key_usage,
+ tmp, sz + 4, &data, ivec);
+ free(tmp);
+ } else
+ status = krb5_encrypt_ivec(context, crypto, key_usage,
+ buf, sz, &data, ivec);
- assert (krb5_get_wrapped_length (context, crypto,
- sz) == data.length);
+ if (status)
+ krb5_err(context, 1, status, "encrypting data");
- len = htonl(sz);
- ret = krb5_net_write (context, &fd, &len, 4);
+ ret = krb5_net_write (context, &fd, len, 4);
if (ret != 4)
return ret;
ret = krb5_net_write (context, &fd, data.data, data.length);
diff --git a/crypto/heimdal/appl/rsh/rsh.1 b/crypto/heimdal/appl/rsh/rsh.1
index 284ad6d..46652d8 100644
--- a/crypto/heimdal/appl/rsh/rsh.1
+++ b/crypto/heimdal/appl/rsh/rsh.1
@@ -1,6 +1,6 @@
-.\" $Id: rsh.1,v 1.3 2002/08/20 17:07:08 joda Exp $
+.\" $Id: rsh.1,v 1.4 2002/09/04 13:01:52 joda Exp $
.\"
-.Dd July 31, 2001
+.Dd September 4, 2002
.Dt RSH 1
.Os HEIMDAL
.Sh NAME
@@ -13,6 +13,7 @@ remote shell
.Op Fl U Pa string
.Op Fl p Ar port
.Op Fl l Ar username
+.Op Fl P Ar N|O
.Ar host [command]
.Sh DESCRIPTION
.Nm
@@ -145,6 +146,22 @@ By default the remote username is the same as the local. The
option or the
.Pa username@host
format allow the remote name to be specified.
+.It Xo
+.Fl P Ar N|O|1|2 ,
+.Fl -protocol= Ns Ar N|O|1|2
+.Xc
+Specifies which protocol version to use with Kerberos 5.
+.Ar N
+and
+.Ar 2
+selects protocol version 2, while
+.Ar O
+and
+.Ar 1
+selects version 1. Version 2 is beleived to be more secure, and is the
+default. Unless asked for a specific version,
+.Nm
+will try both. This behaviour may change in the future.
.El
.\".Pp
.\"Without a
@@ -155,7 +172,7 @@ format allow the remote name to be specified.
.\"with the same arguments.
.Sh EXAMPLES
Care should be taken when issuing commands containing shell meta
-characters. Without quoting these will be expanded on the local
+characters. Without quoting, these will be expanded on the local
machine.
.Pp
The following command:
diff --git a/crypto/heimdal/appl/rsh/rsh.c b/crypto/heimdal/appl/rsh/rsh.c
index 1f68e2f..6ae9646 100644
--- a/crypto/heimdal/appl/rsh/rsh.c
+++ b/crypto/heimdal/appl/rsh/rsh.c
@@ -32,7 +32,7 @@
*/
#include "rsh_locl.h"
-RCSID("$Id: rsh.c,v 1.65 2002/02/18 20:02:06 joda Exp $");
+RCSID("$Id: rsh.c,v 1.68 2002/09/04 21:40:04 joda Exp $");
enum auth_method auth_method;
#if defined(KRB4) || defined(KRB5)
@@ -67,6 +67,8 @@ static const char *user;
static int do_version;
static int do_help;
static int do_errsock = 1;
+static char *protocol_version_str;
+static int protocol_version = 2;
/*
*
@@ -80,6 +82,11 @@ loop (int s, int errsock)
fd_set real_readset;
int count = 1;
+#ifdef KRB5
+ if(auth_method == AUTH_KRB5 && protocol_version == 2)
+ init_ivecs(1);
+#endif
+
if (s >= FD_SETSIZE || errsock >= FD_SETSIZE)
errx (1, "fd too large");
@@ -106,7 +113,7 @@ loop (int s, int errsock)
err (1, "select");
}
if (FD_ISSET(s, &readset)) {
- ret = do_read (s, buf, sizeof(buf));
+ ret = do_read (s, buf, sizeof(buf), ivec_in[0]);
if (ret < 0)
err (1, "read");
else if (ret == 0) {
@@ -118,7 +125,7 @@ loop (int s, int errsock)
net_write (STDOUT_FILENO, buf, ret);
}
if (errsock != -1 && FD_ISSET(errsock, &readset)) {
- ret = do_read (errsock, buf, sizeof(buf));
+ ret = do_read (errsock, buf, sizeof(buf), ivec_in[1]);
if (ret < 0)
err (1, "read");
else if (ret == 0) {
@@ -138,7 +145,7 @@ loop (int s, int errsock)
FD_CLR(STDIN_FILENO, &real_readset);
shutdown (s, SHUT_WR);
} else
- do_write (s, buf, ret);
+ do_write (s, buf, ret, ivec_out[0]);
}
}
}
@@ -166,7 +173,7 @@ send_krb4_auth(int s,
getpid(), &msg, &cred, schedule,
(struct sockaddr_in *)thisaddr,
(struct sockaddr_in *)thataddr,
- KCMD_VERSION);
+ KCMD_OLD_VERSION);
if (status != KSUCCESS) {
warnx("%s: %s", hostname, krb_get_err_text(status));
return 1;
@@ -267,6 +274,8 @@ krb5_forward_cred (krb5_auth_context auth_context,
return 0;
}
+static int sendauth_version_error;
+
static int
send_krb5_auth(int s,
struct sockaddr *thisaddr,
@@ -282,6 +291,8 @@ send_krb5_auth(int s,
int status;
size_t len;
krb5_auth_context auth_context = NULL;
+ const char *protocol_string = NULL;
+ krb5_flags ap_opts;
status = krb5_sname_to_principal(context,
hostname,
@@ -300,25 +311,53 @@ send_krb5_auth(int s,
cmd,
remote_user);
+ ap_opts = 0;
+
+ if(do_encrypt)
+ ap_opts |= AP_OPTS_MUTUAL_REQUIRED;
+
+ switch(protocol_version) {
+ case 2:
+ ap_opts |= AP_OPTS_USE_SUBKEY;
+ protocol_string = KCMD_NEW_VERSION;
+ break;
+ case 1:
+ protocol_string = KCMD_OLD_VERSION;
+ key_usage = KRB5_KU_OTHER_ENCRYPTED;
+ break;
+ default:
+ abort();
+ }
+
status = krb5_sendauth (context,
&auth_context,
&s,
- KCMD_VERSION,
+ protocol_string,
NULL,
server,
- do_encrypt ? AP_OPTS_MUTUAL_REQUIRED : 0,
+ ap_opts,
&cksum_data,
NULL,
NULL,
NULL,
NULL,
NULL);
+
+ krb5_free_principal(context, server);
+ krb5_data_free(&cksum_data);
+
if (status) {
- warnx("%s: %s", hostname, krb5_get_err_text(context, status));
+ if(status == KRB5_SENDAUTH_REJECTED &&
+ protocol_version == 2 && protocol_version_str == NULL)
+ sendauth_version_error = 1;
+ else
+ krb5_warn(context, status, "%s", hostname);
return 1;
}
- status = krb5_auth_con_getkey (context, auth_context, &keyblock);
+ status = krb5_auth_con_getlocalsubkey (context, auth_context, &keyblock);
+ if(keyblock == NULL)
+ status = krb5_auth_con_getkey (context, auth_context, &keyblock);
if (status) {
warnx ("krb5_auth_con_getkey: %s", krb5_get_err_text(context, status));
return 1;
@@ -552,7 +591,7 @@ proto (int s, int errsock,
(void *)&one, sizeof(one)) < 0)
warn("setsockopt stderr");
}
-
+
return loop (s, errsock2);
}
@@ -777,6 +816,8 @@ struct getargs args[] = {
"port" },
{ "user", 'l', arg_string, &user, "Run as this user", "login" },
{ "stderr", 'e', arg_negative_flag, &do_errsock, "Don't open stderr"},
+ { "protocol", 'P', arg_string, &protocol_version_str,
+ "Protocol version", "protocol" },
{ "version", 0, arg_flag, &do_version, NULL },
{ "help", 0, arg_flag, &do_help, NULL }
};
@@ -840,7 +881,24 @@ main(int argc, char **argv)
print_version (NULL);
return 0;
}
-
+
+ if(protocol_version_str != NULL) {
+ if(strcasecmp(protocol_version_str, "N") == 0)
+ protocol_version = 2;
+ else if(strcasecmp(protocol_version_str, "O") == 0)
+ protocol_version = 1;
+ else {
+ char *end;
+ int v;
+ v = strtol(protocol_version_str, &end, 0);
+ if(*end != '\0' || (v != 1 && v != 2)) {
+ errx(1, "unknown protocol version \"%s\"",
+ protocol_version_str);
+ }
+ protocol_version = v;
+ }
+ }
+
#ifdef KRB5
status = krb5_init_context (&context);
if (status) {
@@ -978,9 +1036,15 @@ main(int argc, char **argv)
errx (1, "getaddrinfo: %s", gai_strerror(error));
auth_method = AUTH_KRB5;
+ again:
ret = doit (host, ai, user, local_user, cmd, cmd_len,
do_errsock,
send_krb5_auth);
+ if(ret != 0 && sendauth_version_error &&
+ protocol_version == 2) {
+ protocol_version = 1;
+ goto again;
+ }
freeaddrinfo(ai);
}
#endif
@@ -1035,5 +1099,6 @@ main(int argc, char **argv)
cmd, cmd_len);
freeaddrinfo(ai);
}
+ free(cmd);
return ret;
}
diff --git a/crypto/heimdal/appl/rsh/rsh_locl.h b/crypto/heimdal/appl/rsh/rsh_locl.h
index a288d12..0d54a3e 100644
--- a/crypto/heimdal/appl/rsh/rsh_locl.h
+++ b/crypto/heimdal/appl/rsh/rsh_locl.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2000, 2002 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
-/* $Id: rsh_locl.h,v 1.27 2002/08/12 15:09:16 joda Exp $ */
+/* $Id: rsh_locl.h,v 1.28 2002/09/03 20:03:46 joda Exp $ */
#ifdef HAVE_CONFIG_H
#include <config.h>
@@ -99,6 +99,7 @@
#endif
#ifdef KRB5
#include <krb5.h>
+#include <krb5-private.h> /* for _krb5_{get,put}_int */
#endif
#ifdef KRB4
#include <kafs.h>
@@ -132,25 +133,30 @@ extern int do_encrypt;
extern krb5_context context;
extern krb5_keyblock *keyblock;
extern krb5_crypto crypto;
+extern int key_usage;
+extern void *ivec_in[2];
+extern void *ivec_out[2];
+void init_ivecs(int);
#endif
#ifdef KRB4
extern des_key_schedule schedule;
extern des_cblock iv;
#endif
-#define KCMD_VERSION "KCMDV0.1"
+#define KCMD_OLD_VERSION "KCMDV0.1"
+#define KCMD_NEW_VERSION "KCMDV0.2"
#define USERNAME_SZ 16
#define COMMAND_SZ 1024
-#define RSH_BUFSIZ (16 * 1024)
+#define RSH_BUFSIZ (5 * 1024) /* MIT kcmd can't handle larger buffers */
#define PATH_RSH BINDIR "/rsh"
#if defined(KRB4) || defined(KRB5)
-ssize_t do_read (int fd, void *buf, size_t sz);
-ssize_t do_write (int fd, void *buf, size_t sz);
+ssize_t do_read (int, void*, size_t, void*);
+ssize_t do_write (int, void*, size_t, void*);
#else
-#define do_write(F, B, L) write((F), (B), (L))
-#define do_read(F, B, L) read((F), (B), (L))
+#define do_write(F, B, L, I) write((F), (B), (L))
+#define do_read(F, B, L, I) read((F), (B), (L))
#endif
diff --git a/crypto/heimdal/appl/rsh/rshd.c b/crypto/heimdal/appl/rsh/rshd.c
index fc2df7f..bec9bf4 100644
--- a/crypto/heimdal/appl/rsh/rshd.c
+++ b/crypto/heimdal/appl/rsh/rshd.c
@@ -32,7 +32,7 @@
*/
#include "rsh_locl.h"
-RCSID("$Id: rshd.c,v 1.46 2002/02/18 20:02:14 joda Exp $");
+RCSID("$Id: rshd.c,v 1.47 2002/09/03 20:03:26 joda Exp $");
int
login_access( struct passwd *user, char *from);
@@ -199,7 +199,7 @@ recv_krb4_auth (int s, u_char *buf,
version);
if (status != KSUCCESS)
syslog_and_die ("recvauth: %s", krb_get_err_text(status));
- if (strncmp (version, KCMD_VERSION, KRB_SENDAUTH_VLEN) != 0)
+ if (strncmp (version, KCMD_OLD_VERSION, KRB_SENDAUTH_VLEN) != 0)
syslog_and_die ("bad version: %s", version);
read_str (s, server_username, USERNAME_SZ, "remote username");
@@ -277,6 +277,24 @@ krb5_start_session (void)
return;
}
+static int protocol_version;
+
+static krb5_boolean
+match_kcmd_version(const void *data, const char *version)
+{
+ if(strcmp(version, KCMD_NEW_VERSION) == 0) {
+ protocol_version = 2;
+ return TRUE;
+ }
+ if(strcmp(version, KCMD_OLD_VERSION) == 0) {
+ protocol_version = 1;
+ key_usage = KRB5_KU_OTHER_ENCRYPTED;
+ return TRUE;
+ }
+ return FALSE;
+}
+
+
static int
recv_krb5_auth (int s, u_char *buf,
struct sockaddr *thisaddr,
@@ -311,14 +329,15 @@ recv_krb5_auth (int s, u_char *buf,
syslog_and_die ("krb5_sock_to_principal: %s",
krb5_get_err_text(context, status));
- status = krb5_recvauth(context,
- &auth_context,
- &s,
- KCMD_VERSION,
- server,
- KRB5_RECVAUTH_IGNORE_VERSION,
- NULL,
- &ticket);
+ status = krb5_recvauth_match_version(context,
+ &auth_context,
+ &s,
+ match_kcmd_version,
+ NULL,
+ server,
+ KRB5_RECVAUTH_IGNORE_VERSION,
+ NULL,
+ &ticket);
krb5_free_principal (context, server);
if (status)
syslog_and_die ("krb5_recvauth: %s",
@@ -328,8 +347,17 @@ recv_krb5_auth (int s, u_char *buf,
read_str (s, cmd, COMMAND_SZ, "command");
read_str (s, client_username, COMMAND_SZ, "local username");
- status = krb5_auth_con_getkey (context, auth_context, &keyblock);
- if (status)
+ if(protocol_version == 2) {
+ status = krb5_auth_con_getremotesubkey(context, auth_context,
+ &keyblock);
+ if(status != 0 || keyblock == NULL)
+ syslog_and_die("failed to get remote subkey");
+ } else if(protocol_version == 1) {
+ status = krb5_auth_con_getkey (context, auth_context, &keyblock);
+ if(status != 0 || keyblock == NULL)
+ syslog_and_die("failed to get key");
+ }
+ if (status != 0 || keyblock == NULL)
syslog_and_die ("krb5_auth_con_getkey: %s",
krb5_get_err_text(context, status));
@@ -436,6 +464,11 @@ loop (int from0, int to0,
if(from0 >= FD_SETSIZE || from1 >= FD_SETSIZE || from2 >= FD_SETSIZE)
errx (1, "fd too large");
+#ifdef KRB5
+ if(auth_method == AUTH_KRB5 && protocol_version == 2)
+ init_ivecs(0);
+#endif
+
FD_ZERO(&real_readset);
FD_SET(from0, &real_readset);
FD_SET(from1, &real_readset);
@@ -454,7 +487,7 @@ loop (int from0, int to0,
syslog_and_die ("select: %m");
}
if (FD_ISSET(from0, &readset)) {
- ret = do_read (from0, buf, sizeof(buf));
+ ret = do_read (from0, buf, sizeof(buf), ivec_in[0]);
if (ret < 0)
syslog_and_die ("read: %m");
else if (ret == 0) {
@@ -475,7 +508,7 @@ loop (int from0, int to0,
if (--count == 0)
exit (0);
} else
- do_write (to1, buf, ret);
+ do_write (to1, buf, ret, ivec_out[0]);
}
if (FD_ISSET(from2, &readset)) {
ret = read (from2, buf, sizeof(buf));
@@ -488,7 +521,7 @@ loop (int from0, int to0,
if (--count == 0)
exit (0);
} else
- do_write (to2, buf, ret);
+ do_write (to2, buf, ret, ivec_out[1]);
}
}
}
diff --git a/crypto/heimdal/appl/su/su.c b/crypto/heimdal/appl/su/su.c
index 175f375..0750f4f 100644
--- a/crypto/heimdal/appl/su/su.c
+++ b/crypto/heimdal/appl/su/su.c
@@ -32,7 +32,7 @@
#include <config.h>
-RCSID("$Id: su.c,v 1.24 2002/02/19 13:01:15 joda Exp $");
+RCSID("$Id: su.c,v 1.25 2002/09/10 20:03:47 joda Exp $");
#include <stdio.h>
#include <stdlib.h>
@@ -50,11 +50,7 @@ RCSID("$Id: su.c,v 1.24 2002/02/19 13:01:15 joda Exp $");
#include <pwd.h>
-#ifdef HAVE_OPENSSL
-#include <openssl/des.h>
-#else
-#include <des.h>
-#endif
+#include "crypto-headers.h"
#ifdef KRB5
#include <krb5.h>
#endif
diff --git a/crypto/heimdal/appl/telnet/ChangeLog b/crypto/heimdal/appl/telnet/ChangeLog
index d8bc151..f696871 100644
--- a/crypto/heimdal/appl/telnet/ChangeLog
+++ b/crypto/heimdal/appl/telnet/ChangeLog
@@ -1,5 +1,13 @@
+2002-09-02 Johan Danielsson <joda@pdc.kth.se>
+
+ * libtelnet/kerberos5.c: set AP_OPTS_USE_SUBKEY
+
2002-08-28 Johan Danielsson <joda@pdc.kth.se>
+ * telnet/commands.c: remove extra "Toggle"'s
+
+ * telnet/commands.c: IRIX == 4 -> IRIX4
+
* telnet/main.c: rename functions to what they're really called
* telnet/commands.c: kill some might be uninitialized warnings
diff --git a/crypto/heimdal/appl/telnet/libtelnet/enc_des.c b/crypto/heimdal/appl/telnet/libtelnet/enc_des.c
index 6b5c989..537d22f 100644
--- a/crypto/heimdal/appl/telnet/libtelnet/enc_des.c
+++ b/crypto/heimdal/appl/telnet/libtelnet/enc_des.c
@@ -33,7 +33,7 @@
#include <config.h>
-RCSID("$Id: enc_des.c,v 1.20 2001/08/29 00:45:19 assar Exp $");
+RCSID("$Id: enc_des.c,v 1.21 2002/09/10 20:03:47 joda Exp $");
#if defined(AUTHENTICATION) && defined(ENCRYPTION) && defined(DES_ENCRYPTION)
#include <arpa/telnet.h>
@@ -50,11 +50,7 @@ RCSID("$Id: enc_des.c,v 1.20 2001/08/29 00:45:19 assar Exp $");
#include "encrypt.h"
#include "misc-proto.h"
-#ifdef HAVE_OPENSSL
-#include <openssl/des.h>
-#else
-#include <des.h>
-#endif
+#include "crypto-headers.h"
extern int encrypt_debug_mode;
diff --git a/crypto/heimdal/appl/telnet/libtelnet/encrypt.h b/crypto/heimdal/appl/telnet/libtelnet/encrypt.h
index 41a138b..3b04bd5 100644
--- a/crypto/heimdal/appl/telnet/libtelnet/encrypt.h
+++ b/crypto/heimdal/appl/telnet/libtelnet/encrypt.h
@@ -55,7 +55,7 @@
* or implied warranty.
*/
-/* $Id: encrypt.h,v 1.7 2001/08/22 20:30:22 assar Exp $ */
+/* $Id: encrypt.h,v 1.8 2002/09/10 20:03:47 joda Exp $ */
#ifndef __ENCRYPT__
#define __ENCRYPT__
@@ -90,11 +90,9 @@ typedef struct {
#define SK_DES 1 /* Matched Kerberos v5 KEYTYPE_DES */
+#include "crypto-headers.h"
#ifdef HAVE_OPENSSL
-#include <openssl/des.h>
#define des_new_random_key des_random_key
-#else
-#include <des.h>
#endif
#include "enc-proto.h"
diff --git a/crypto/heimdal/appl/telnet/libtelnet/kerberos5.c b/crypto/heimdal/appl/telnet/libtelnet/kerberos5.c
index ef4d4ac..8a4bf69 100644
--- a/crypto/heimdal/appl/telnet/libtelnet/kerberos5.c
+++ b/crypto/heimdal/appl/telnet/libtelnet/kerberos5.c
@@ -53,7 +53,7 @@
#include <config.h>
-RCSID("$Id: kerberos5.c,v 1.50 2002/08/28 20:55:53 joda Exp $");
+RCSID("$Id: kerberos5.c,v 1.51 2002/09/02 15:33:20 joda Exp $");
#ifdef KRB5
@@ -206,6 +206,8 @@ kerberos5_send(char *name, Authenticator *ap)
ap_opts = AP_OPTS_MUTUAL_REQUIRED;
else
ap_opts = 0;
+
+ ap_opts |= AP_OPTS_USE_SUBKEY;
ret = krb5_auth_con_init (context, &auth_context);
if (ret) {
diff --git a/crypto/heimdal/cf/ChangeLog b/crypto/heimdal/cf/ChangeLog
index 9629a38..5421d90 100644
--- a/crypto/heimdal/cf/ChangeLog
+++ b/crypto/heimdal/cf/ChangeLog
@@ -1,3 +1,31 @@
+2002-09-10 Johan Danielsson <joda@pdc.kth.se>
+
+ * crypto.m4: use m4 macros for test cases, also test for older
+ hash names
+
+ * test-package.m4: include dep libraries in LIB_*
+
+ * crypto.m4: move krb4 test before test for openssl, and bail out
+ if krb4 is requested, but the crypto library is not the same as
+ krb4
+
+ * db.m4: filter contents of LDFLAGS
+
+2002-09-09 Johan Danielsson <joda@pdc.kth.se>
+
+ * auth-modules.m4: rename to rk_AUTH_MODULES
+
+ * auth-modules.m4: only include modules explicitly asked for
+
+2002-09-04 Johan Danielsson <joda@pdc.kth.se>
+
+ * roken-frag.m4: test for res_nsearch
+
+2002-09-03 Assar Westerlund <assar@kth.se>
+
+ * roken-frag.m4: check for sys/mman.h and mmap (used by
+ parse_reply-test)
+
2002-08-28 Assar Westerlund <assar@kth.se>
* krb-readline.m4: also add LIB_tgetent in the case of editline
diff --git a/crypto/heimdal/cf/auth-modules.m4 b/crypto/heimdal/cf/auth-modules.m4
index 675d573..18036c2 100644
--- a/crypto/heimdal/cf/auth-modules.m4
+++ b/crypto/heimdal/cf/auth-modules.m4
@@ -1,16 +1,22 @@
-dnl $Id: auth-modules.m4,v 1.3 2002/08/28 15:04:57 nectar Exp $
+dnl $Id: auth-modules.m4,v 1.5 2002/09/09 13:31:45 joda Exp $
dnl
dnl Figure what authentication modules should be built
+dnl
+dnl rk_AUTH_MODULES(module-list)
-AC_DEFUN(AC_AUTH_MODULES,[
-AC_MSG_CHECKING(which authentication modules should be built)
+AC_DEFUN(rk_AUTH_MODULES,[
+AC_MSG_CHECKING([which authentication modules should be built])
+z='m4_ifval([$1], $1, [sia pam afskauthlib])'
LIB_AUTH_SUBDIRS=
-
+for i in $z; do
+case $i in
+sia)
if test "$ac_cv_header_siad_h" = yes; then
LIB_AUTH_SUBDIRS="$LIB_AUTH_SUBDIRS sia"
fi
-
+;;
+pam)
case "${host}" in
*-*-freebsd*) ac_cv_want_pam_krb4=no ;;
*) ac_cv_want_pam_krb4=yes ;;
@@ -21,12 +27,19 @@ if test "$ac_cv_want_pam_krb4" = yes -a \
"$enable_shared" = yes; then
LIB_AUTH_SUBDIRS="$LIB_AUTH_SUBDIRS pam"
fi
-
+;;
+afskauthlib)
case "${host}" in
*-*-irix[[56]]*) LIB_AUTH_SUBDIRS="$LIB_AUTH_SUBDIRS afskauthlib" ;;
esac
-
-AC_MSG_RESULT($LIB_AUTH_SUBDIRS)
+;;
+esac
+done
+if test "$LIB_AUTH_SUBDIRS"; then
+ AC_MSG_RESULT($LIB_AUTH_SUBDIRS)
+else
+ AC_MSG_RESULT(none)
+fi
AC_SUBST(LIB_AUTH_SUBDIRS)dnl
])
diff --git a/crypto/heimdal/cf/crypto.m4 b/crypto/heimdal/cf/crypto.m4
index 359aa30..4cd6ad0 100644
--- a/crypto/heimdal/cf/crypto.m4
+++ b/crypto/heimdal/cf/crypto.m4
@@ -1,10 +1,54 @@
-dnl $Id: crypto.m4,v 1.11 2002/08/28 23:09:05 assar Exp $
+dnl $Id: crypto.m4,v 1.13 2002/09/10 19:55:48 joda Exp $
dnl
dnl test for crypto libraries:
dnl - libcrypto (from openssl)
dnl - libdes (from krb4)
dnl - own-built libdes
+m4_define([test_headers], [
+ #undef KRB5 /* makes md4.h et al unhappy */
+ #ifdef HAVE_OPENSSL
+ #include <openssl/md4.h>
+ #include <openssl/md5.h>
+ #include <openssl/sha.h>
+ #include <openssl/des.h>
+ #include <openssl/rc4.h>
+ #else
+ #include <md4.h>
+ #include <md5.h>
+ #include <sha.h>
+ #include <des.h>
+ #include <rc4.h>
+ #endif
+ #ifdef OLD_HASH_NAMES
+ typedef struct md4 MD4_CTX;
+ #define MD4_Init(C) md4_init((C))
+ #define MD4_Update(C, D, L) md4_update((C), (D), (L))
+ #define MD4_Final(D, C) md4_finito((C), (D))
+ typedef struct md5 MD5_CTX;
+ #define MD5_Init(C) md5_init((C))
+ #define MD5_Update(C, D, L) md5_update((C), (D), (L))
+ #define MD5_Final(D, C) md5_finito((C), (D))
+ typedef struct sha SHA_CTX;
+ #define SHA1_Init(C) sha_init((C))
+ #define SHA1_Update(C, D, L) sha_update((C), (D), (L))
+ #define SHA1_Final(D, C) sha_finito((C), (D))
+ #endif
+ ])
+m4_define([test_body], [
+ void *schedule = 0;
+ MD4_CTX md4;
+ MD5_CTX md5;
+ SHA_CTX sha1;
+
+ MD4_Init(&md4);
+ MD5_Init(&md5);
+ SHA1_Init(&sha1);
+
+ des_cbc_encrypt(0, 0, 0, schedule, 0, 0);
+ RC4(0, 0, 0, 0);])
+
+
AC_DEFUN([KRB_CRYPTO],[
crypto_lib=unknown
AC_WITH_ALL([openssl])
@@ -14,49 +58,7 @@ DIR_des=
AC_MSG_CHECKING([for crypto library])
openssl=no
-if test "$crypto_lib" = "unknown" -a "$with_openssl" != "no"; then
-
- save_CPPFLAGS="$CPPFLAGS"
- save_LIBS="$LIBS"
- INCLUDE_des=
- LIB_des=
- if test "$with_openssl_include" != ""; then
- INCLUDE_des="-I${with_openssl}/include"
- fi
- if test "$with_openssl_lib" != ""; then
- LIB_des="-L${with_openssl}/lib"
- fi
- CPPFLAGS="${INCLUDE_des} ${CPPFLAGS}"
- LIB_des="${LIB_des} -lcrypto"
- LIB_des_a="$LIB_des"
- LIB_des_so="$LIB_des"
- LIB_des_appl="$LIB_des"
- LIBS="${LIBS} ${LIB_des}"
- AC_TRY_LINK([
- #include <openssl/md4.h>
- #include <openssl/md5.h>
- #include <openssl/sha.h>
- #include <openssl/des.h>
- #include <openssl/rc4.h>
- ],
- [
- void *schedule = 0;
- MD4_CTX md4;
- MD5_CTX md5;
- SHA_CTX sha1;
-
- MD4_Init(&md4);
- MD5_Init(&md5);
- SHA1_Init(&sha1);
-
- des_cbc_encrypt(0, 0, 0, schedule, 0, 0);
- RC4(0, 0, 0, 0);
- ], [
- crypto_lib=libcrypto openssl=yes
- AC_MSG_RESULT([libcrypto])])
- CPPFLAGS="$save_CPPFLAGS"
- LIBS="$save_LIBS"
-fi
+old_hash=no
if test "$crypto_lib" = "unknown" -a "$with_krb4" != "no"; then
save_CPPFLAGS="$CPPFLAGS"
@@ -72,91 +74,22 @@ if test "$crypto_lib" = "unknown" -a "$with_krb4" != "no"; then
ires=
for i in $INCLUDE_krb4; do
+ CFLAGS="-DHAVE_OPENSSL $i $save_CFLAGS"
+ AC_TRY_COMPILE(test_headers, test_body,
+ openssl=yes ires="$i"; break)
CFLAGS="$i $save_CFLAGS"
- AC_TRY_COMPILE([
- #undef KRB5 /* makes md4.h et al unhappy */
- #define KRB4
- #include <openssl/md4.h>
- #include <openssl/md5.h>
- #include <openssl/sha.h>
- #include <openssl/des.h>
- #include <openssl/rc4.h>
- ], [
- MD4_CTX md4;
- MD5_CTX md5;
- SHA_CTX sha1;
-
- MD4_Init(&md4);
- MD5_Init(&md5);
- SHA1_Init(&sha1);
-
- des_cbc_encrypt(0, 0, 0, 0, 0, 0);
- RC4(0, 0, 0, 0);],openssl=yes ires="$i"; break)
- AC_TRY_COMPILE([
- #undef KRB5 /* makes md4.h et al unhappy */
- #define KRB4
- #include <md4.h>
- #include <md5.h>
- #include <sha.h>
- #include <des.h>
- #include <rc4.h>
- ], [
- MD4_CTX md4;
- MD5_CTX md5;
- SHA_CTX sha1;
-
- MD4_Init(&md4);
- MD5_Init(&md5);
- SHA1_Init(&sha1);
-
- des_cbc_encrypt(0, 0, 0, 0, 0, 0);
- RC4(0, 0, 0, 0);],ires="$i"; break)
+ AC_TRY_COMPILE(test_headers, test_body,
+ openssl=no ires="$i"; break)
+ CFLAGS="-DOLD_HASH_NAMES $i $save_CFLAGS"
+ AC_TRY_COMPILE(test_headers, test_body,
+ openssl=no ires="$i" old_hash=yes; break)
done
lres=
for i in $cdirs; do
for j in $clibs; do
LIBS="$i $j $save_LIBS"
- if test "$openssl" = yes; then
- AC_TRY_LINK([
- #undef KRB5 /* makes md4.h et al unhappy */
- #define KRB4
- #include <openssl/md4.h>
- #include <openssl/md5.h>
- #include <openssl/sha.h>
- #include <openssl/des.h>
- #include <openssl/rc4.h>
- ], [
- MD4_CTX md4;
- MD5_CTX md5;
- SHA_CTX sha1;
-
- MD4_Init(&md4);
- MD5_Init(&md5);
- SHA1_Init(&sha1);
-
- des_cbc_encrypt(0, 0, 0, 0, 0, 0);
- RC4(0, 0, 0, 0);],lres="$i $j"; break 2)
- else
- AC_TRY_LINK([
- #undef KRB5 /* makes md4.h et al unhappy */
- #define KRB4
- #include <md4.h>
- #include <md5.h>
- #include <sha.h>
- #include <des.h>
- #include <rc4.h>
- ], [
- MD4_CTX md4;
- MD5_CTX md5;
- SHA_CTX sha1;
-
- MD4_Init(&md4);
- MD5_Init(&md5);
- SHA1_Init(&sha1);
-
- des_cbc_encrypt(0, 0, 0, 0, 0, 0);
- RC4(0, 0, 0, 0);],lres="$i $j"; break 2)
- fi
+ AC_TRY_LINK(test_headers, test_body,
+ lres="$i $j"; break 2)
done
done
CFLAGS="$save_CFLAGS"
@@ -172,6 +105,31 @@ if test "$crypto_lib" = "unknown" -a "$with_krb4" != "no"; then
fi
fi
+if test "$crypto_lib" = "unknown" -a "$with_openssl" != "no"; then
+ save_CFLAGS="$CFLAGS"
+ save_LIBS="$LIBS"
+ INCLUDE_des=
+ LIB_des=
+ if test "$with_openssl_include" != ""; then
+ INCLUDE_des="-I${with_openssl}/include"
+ fi
+ if test "$with_openssl_lib" != ""; then
+ LIB_des="-L${with_openssl}/lib"
+ fi
+ CFLAGS="-DHAVE_OPENSSL ${INCLUDE_des} ${CFLAGS}"
+ LIB_des="${LIB_des} -lcrypto"
+ LIB_des_a="$LIB_des"
+ LIB_des_so="$LIB_des"
+ LIB_des_appl="$LIB_des"
+ LIBS="${LIBS} ${LIB_des}"
+ AC_TRY_LINK(test_headers, test_body, [
+ crypto_lib=libcrypto openssl=yes
+ AC_MSG_RESULT([libcrypto])
+ ])
+ CFLAGS="$save_CFLAGS"
+ LIBS="$save_LIBS"
+fi
+
if test "$crypto_lib" = "unknown"; then
DIR_des='des'
@@ -184,9 +142,19 @@ if test "$crypto_lib" = "unknown"; then
fi
+if test "$with_krb4" != no -a "$crypto_lib" != krb4; then
+ AC_MSG_ERROR([the crypto library used by krb4 lacks features
+required by Kerberos 5; to continue, you need to install a newer
+Kerberos 4 or configure --without-krb4])
+fi
+
if test "$openssl" = "yes"; then
AC_DEFINE([HAVE_OPENSSL], 1, [define to use openssl's libcrypto])
fi
+if test "$old_hash" = yes; then
+ AC_DEFINE([HAVE_OLD_HASH_NAMES], 1,
+ [define if you have hash functions like md4_finito()])
+fi
AM_CONDITIONAL(HAVE_OPENSSL, test "$openssl" = yes)dnl
AC_SUBST(DIR_des)
diff --git a/crypto/heimdal/cf/db.m4 b/crypto/heimdal/cf/db.m4
index e2b52f2..7646bf6 100644
--- a/crypto/heimdal/cf/db.m4
+++ b/crypto/heimdal/cf/db.m4
@@ -1,4 +1,4 @@
-dnl $Id: db.m4,v 1.8 2002/05/17 15:32:21 joda Exp $
+dnl $Id: db.m4,v 1.9 2002/09/10 14:29:47 joda Exp $
dnl
dnl tests for various db libraries
dnl
@@ -190,7 +190,15 @@ AM_CONDITIONAL(HAVE_DB1, test "$db_type" = db1)dnl
AM_CONDITIONAL(HAVE_DB3, test "$db_type" = db3)dnl
AM_CONDITIONAL(HAVE_NDBM, test "$db_type" = ndbm)dnl
-DBLIB="$LDFLAGS $DBLIB"
+## it's probably not correct to include LDFLAGS here, but we might
+## need it, for now just add any possible -L
+z=""
+for i in $LDFLAGS; do
+ case "$i" in
+ -L*) z="$z $i";;
+ esac
+done
+DBLIB="$z $DBLIB"
AC_SUBST(DBLIB)dnl
AC_SUBST(LIB_NDBM)dnl
])
diff --git a/crypto/heimdal/cf/roken-frag.m4 b/crypto/heimdal/cf/roken-frag.m4
index 51e39cc..21cf12c 100644
--- a/crypto/heimdal/cf/roken-frag.m4
+++ b/crypto/heimdal/cf/roken-frag.m4
@@ -1,4 +1,4 @@
-dnl $Id: roken-frag.m4,v 1.42 2002/08/26 13:26:52 assar Exp $
+dnl $Id: roken-frag.m4,v 1.44 2002/09/04 20:57:30 joda Exp $
dnl
dnl some code to get roken working
dnl
@@ -69,6 +69,7 @@ AC_CHECK_HEADERS([\
shadow.h \
sys/bswap.h \
sys/ioctl.h \
+ sys/mman.h \
sys/param.h \
sys/proc.h \
sys/resource.h \
@@ -126,6 +127,24 @@ AC_FIND_FUNC(res_search, resolv,
],
[0,0,0,0,0])
+AC_FIND_FUNC(res_nsearch, resolv,
+[
+#include <stdio.h>
+#ifdef HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+#ifdef HAVE_NETINET_IN_H
+#include <netinet/in.h>
+#endif
+#ifdef HAVE_ARPA_NAMESER_H
+#include <arpa/nameser.h>
+#endif
+#ifdef HAVE_RESOLV_H
+#include <resolv.h>
+#endif
+],
+[0,0,0,0,0])
+
AC_FIND_FUNC(dn_expand, resolv,
[
#include <stdio.h>
@@ -205,6 +224,8 @@ fi
AC_REQUIRE([AC_FUNC_GETLOGIN])
+AC_REQUIRE([AC_FUNC_MMAP])
+
AC_FIND_FUNC_NO_LIBS(getsockopt,,
[#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
diff --git a/crypto/heimdal/cf/test-package.m4 b/crypto/heimdal/cf/test-package.m4
index 00e7f34..9cdccc7 100644
--- a/crypto/heimdal/cf/test-package.m4
+++ b/crypto/heimdal/cf/test-package.m4
@@ -1,4 +1,4 @@
-dnl $Id: test-package.m4,v 1.11 2002/08/28 19:30:48 joda Exp $
+dnl $Id: test-package.m4,v 1.12 2002/09/10 15:23:38 joda Exp $
dnl
dnl rk_TEST_PACKAGE(package,headers,libraries,extra libs,
dnl default locations, conditional, config-program)
@@ -101,7 +101,7 @@ if test "$with_$1" != no; then
done
if test "$ires" -a "$lres" -a "$with_$1" != "no"; then
INCLUDE_$1="-I$ires"
- LIB_$1="-L$lres $3"
+ LIB_$1="-L$lres $3 $4"
found=yes
AC_MSG_RESULT([headers $ires, libraries $lres])
fi
diff --git a/crypto/heimdal/configure b/crypto/heimdal/configure
index a40c6ac..0225d4c 100755
--- a/crypto/heimdal/configure
+++ b/crypto/heimdal/configure
@@ -1,5 +1,5 @@
#! /bin/sh
-# From configure.in Revision: 1.320 .
+# From configure.in Revision: 1.325 .
# Guess values for system-dependent variables and create Makefiles.
# Generated by GNU Autoconf 2.53 for Heimdal 0.4f.
#
@@ -420,6 +420,7 @@ PACKAGE_VERSION='0.4f'
PACKAGE_STRING='Heimdal 0.4f'
PACKAGE_BUGREPORT='heimdal-bugs@pdc.kth.se'
+ac_unique_file="kuser/kinit.c"
ac_default_prefix=/usr/heimdal
# Factoring default headers for most tests.
ac_includes_default="\
@@ -1001,14 +1002,16 @@ Optional Features:
--enable-FEATURE[=ARG] include FEATURE [ARG=yes]
--disable-dependency-tracking Speeds up one-time builds
--enable-dependency-tracking Do not reject slow dependency extractors
+ --disable-largefile omit support for large files
--enable-shared=PKGS build shared libraries default=no
--enable-static=PKGS build static libraries default=yes
--enable-fast-install=PKGS optimize for fast installation default=yes
--disable-libtool-lock avoid locking (might break parallel builds)
- --disable-berkeley-db if you don't want berkeley db
--enable-dce if you want support for DCE/DFS PAG's
+ --disable-berkeley-db if you don't want berkeley db
--disable-otp if you don't want OTP support
--enable-osfc2 enable some OSF C2 support
+ --disable-mmap disable use of mmap
--enable-bigendian the target is big endian
--enable-littleendian the target is little endian
--disable-dynamic-afs do not use loaded AFS library with AIX
@@ -1020,7 +1023,6 @@ Optional Packages:
--with-mips-abi=abi ABI to use for IRIX (32, n32, or 64)
--with-gnu-ld assume the C compiler uses GNU ld default=no
--with-pic try to use only PIC/non-PIC objects default=use both
- --without-ipv6 do not enable IPv6 support
--with-openldap=dir use openldap in dir
--with-openldap-lib=dir use openldap libraries in dir
--with-openldap-include=dir
@@ -1031,6 +1033,11 @@ Optional Packages:
--with-krb4-lib=dir use krb4 libraries in dir
--with-krb4-include=dir use krb4 headers in dir
--with-krb4-config=path config program for krb4
+ --with-openssl=dir use openssl in dir
+ --with-openssl-lib=dir use openssl libraries in dir
+ --with-openssl-include=dir
+ use openssl headers in dir
+ --without-ipv6 do not enable IPv6 support
--with-readline=dir use readline in dir
--with-readline-lib=dir use readline libraries in dir
--with-readline-include=dir
@@ -1044,10 +1051,6 @@ Optional Packages:
--with-hesiod-config=path
config program for hesiod
--with-x use the X Window System
- --with-openssl=dir use openssl in dir
- --with-openssl-lib=dir use openssl libraries in dir
- --with-openssl-include=dir
- use openssl headers in dir
Some influential environment variables:
CC C compiler command
@@ -1417,6 +1420,7 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
# Add the stamp file to the list of files AC keeps track of,
# along with our hook.
ac_config_headers="$ac_config_headers include/config.h"
@@ -3066,6 +3070,320 @@ host_os=`echo $ac_cv_host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'`
CANONICAL_HOST=$host
+# Check whether --enable-largefile or --disable-largefile was given.
+if test "${enable_largefile+set}" = set; then
+ enableval="$enable_largefile"
+
+fi;
+if test "$enable_largefile" != no; then
+
+ echo "$as_me:$LINENO: checking for special C compiler options needed for large files" >&5
+echo $ECHO_N "checking for special C compiler options needed for large files... $ECHO_C" >&6
+if test "${ac_cv_sys_largefile_CC+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ ac_cv_sys_largefile_CC=no
+ if test "$GCC" != yes; then
+ ac_save_CC=$CC
+ while :; do
+ # IRIX 6.2 and later do not support large files by default,
+ # so use the C compiler's -n32 option if that helps.
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+#include <sys/types.h>
+ /* Check that off_t can represent 2**63 - 1 correctly.
+ We can't simply define LARGE_OFF_T to be 9223372036854775807,
+ since some C++ compilers masquerading as C compilers
+ incorrectly reject 9223372036854775807. */
+#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
+ int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
+ && LARGE_OFF_T % 2147483647 == 1)
+ ? 1 : -1];
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+ rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ break
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+fi
+rm -f conftest.$ac_objext
+ CC="$CC -n32"
+ rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_sys_largefile_CC=' -n32'; break
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+fi
+rm -f conftest.$ac_objext
+ break
+ done
+ CC=$ac_save_CC
+ rm -f conftest.$ac_ext
+ fi
+fi
+echo "$as_me:$LINENO: result: $ac_cv_sys_largefile_CC" >&5
+echo "${ECHO_T}$ac_cv_sys_largefile_CC" >&6
+ if test "$ac_cv_sys_largefile_CC" != no; then
+ CC=$CC$ac_cv_sys_largefile_CC
+ fi
+
+ echo "$as_me:$LINENO: checking for _FILE_OFFSET_BITS value needed for large files" >&5
+echo $ECHO_N "checking for _FILE_OFFSET_BITS value needed for large files... $ECHO_C" >&6
+if test "${ac_cv_sys_file_offset_bits+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ while :; do
+ ac_cv_sys_file_offset_bits=no
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+#include <sys/types.h>
+ /* Check that off_t can represent 2**63 - 1 correctly.
+ We can't simply define LARGE_OFF_T to be 9223372036854775807,
+ since some C++ compilers masquerading as C compilers
+ incorrectly reject 9223372036854775807. */
+#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
+ int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
+ && LARGE_OFF_T % 2147483647 == 1)
+ ? 1 : -1];
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ break
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+fi
+rm -f conftest.$ac_objext conftest.$ac_ext
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+#define _FILE_OFFSET_BITS 64
+#include <sys/types.h>
+ /* Check that off_t can represent 2**63 - 1 correctly.
+ We can't simply define LARGE_OFF_T to be 9223372036854775807,
+ since some C++ compilers masquerading as C compilers
+ incorrectly reject 9223372036854775807. */
+#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
+ int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
+ && LARGE_OFF_T % 2147483647 == 1)
+ ? 1 : -1];
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_sys_file_offset_bits=64; break
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+fi
+rm -f conftest.$ac_objext conftest.$ac_ext
+ break
+done
+fi
+echo "$as_me:$LINENO: result: $ac_cv_sys_file_offset_bits" >&5
+echo "${ECHO_T}$ac_cv_sys_file_offset_bits" >&6
+if test "$ac_cv_sys_file_offset_bits" != no; then
+
+cat >>confdefs.h <<_ACEOF
+#define _FILE_OFFSET_BITS $ac_cv_sys_file_offset_bits
+_ACEOF
+
+fi
+rm -f conftest*
+ echo "$as_me:$LINENO: checking for _LARGE_FILES value needed for large files" >&5
+echo $ECHO_N "checking for _LARGE_FILES value needed for large files... $ECHO_C" >&6
+if test "${ac_cv_sys_large_files+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ while :; do
+ ac_cv_sys_large_files=no
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+#include <sys/types.h>
+ /* Check that off_t can represent 2**63 - 1 correctly.
+ We can't simply define LARGE_OFF_T to be 9223372036854775807,
+ since some C++ compilers masquerading as C compilers
+ incorrectly reject 9223372036854775807. */
+#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
+ int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
+ && LARGE_OFF_T % 2147483647 == 1)
+ ? 1 : -1];
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ break
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+fi
+rm -f conftest.$ac_objext conftest.$ac_ext
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+#define _LARGE_FILES 1
+#include <sys/types.h>
+ /* Check that off_t can represent 2**63 - 1 correctly.
+ We can't simply define LARGE_OFF_T to be 9223372036854775807,
+ since some C++ compilers masquerading as C compilers
+ incorrectly reject 9223372036854775807. */
+#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
+ int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
+ && LARGE_OFF_T % 2147483647 == 1)
+ ? 1 : -1];
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_sys_large_files=1; break
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+fi
+rm -f conftest.$ac_objext conftest.$ac_ext
+ break
+done
+fi
+echo "$as_me:$LINENO: result: $ac_cv_sys_large_files" >&5
+echo "${ECHO_T}$ac_cv_sys_large_files" >&6
+if test "$ac_cv_sys_large_files" != no; then
+
+cat >>confdefs.h <<_ACEOF
+#define _LARGE_FILES $ac_cv_sys_large_files
+_ACEOF
+
+fi
+rm -f conftest*
+fi
+
+
cat >>confdefs.h <<\_ACEOF
#define _GNU_SOURCE 1
@@ -4918,7 +5236,7 @@ test "x$enable_libtool_lock" != xno && enable_libtool_lock=yes
case $host in
*-*-irix6*)
# Find out which ABI we are using.
- echo '#line 4921 "configure"' > conftest.$ac_ext
+ echo '#line 5239 "configure"' > conftest.$ac_ext
if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
(eval $ac_compile) 2>&5
ac_status=$?
@@ -5454,7 +5772,7 @@ chmod -w .
save_CFLAGS="$CFLAGS"
CFLAGS="$CFLAGS -o out/conftest2.$ac_objext"
compiler_c_o=no
-if { (eval echo configure:5457: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>out/conftest.err; } && test -s out/conftest2.$ac_objext; then
+if { (eval echo configure:5775: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>out/conftest.err; } && test -s out/conftest2.$ac_objext; then
# The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings
if test -s out/conftest.err; then
@@ -7247,7 +7565,7 @@ else
lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
lt_status=$lt_dlunknown
cat > conftest.$ac_ext <<EOF
-#line 7250 "configure"
+#line 7568 "configure"
#include "confdefs.h"
#if HAVE_DLFCN_H
@@ -7345,7 +7663,7 @@ else
lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
lt_status=$lt_dlunknown
cat > conftest.$ac_ext <<EOF
-#line 7348 "configure"
+#line 7666 "configure"
#include "confdefs.h"
#if HAVE_DLFCN_H
@@ -8086,6 +8404,2376 @@ fi
+
+# Check whether --with-openldap or --without-openldap was given.
+if test "${with_openldap+set}" = set; then
+ withval="$with_openldap"
+
+fi;
+
+# Check whether --with-openldap-lib or --without-openldap-lib was given.
+if test "${with_openldap_lib+set}" = set; then
+ withval="$with_openldap_lib"
+ if test "$withval" = "yes" -o "$withval" = "no"; then
+ { { echo "$as_me:$LINENO: error: No argument for --with-openldap-lib" >&5
+echo "$as_me: error: No argument for --with-openldap-lib" >&2;}
+ { (exit 1); exit 1; }; }
+elif test "X$with_openldap" = "X"; then
+ with_openldap=yes
+fi
+fi;
+
+# Check whether --with-openldap-include or --without-openldap-include was given.
+if test "${with_openldap_include+set}" = set; then
+ withval="$with_openldap_include"
+ if test "$withval" = "yes" -o "$withval" = "no"; then
+ { { echo "$as_me:$LINENO: error: No argument for --with-openldap-include" >&5
+echo "$as_me: error: No argument for --with-openldap-include" >&2;}
+ { (exit 1); exit 1; }; }
+elif test "X$with_openldap" = "X"; then
+ with_openldap=yes
+fi
+fi;
+
+# Check whether --with-openldap-config or --without-openldap-config was given.
+if test "${with_openldap_config+set}" = set; then
+ withval="$with_openldap_config"
+
+fi;
+
+
+
+echo "$as_me:$LINENO: checking for openldap" >&5
+echo $ECHO_N "checking for openldap... $ECHO_C" >&6
+
+case "$with_openldap" in
+yes|"") d='' ;;
+no) d= ;;
+*) d="$with_openldap" ;;
+esac
+
+header_dirs=
+lib_dirs=
+for i in $d; do
+ if test "$with_openldap_include" = ""; then
+ if test -d "$i/include/openldap"; then
+ header_dirs="$header_dirs $i/include/openldap"
+ fi
+ if test -d "$i/include"; then
+ header_dirs="$header_dirs $i/include"
+ fi
+ fi
+ if test "$with_openldap_lib" = ""; then
+ if test -d "$i/lib$abilibdirext"; then
+ lib_dirs="$lib_dirs $i/lib$abilibdirext"
+ fi
+ fi
+done
+
+if test "$with_openldap_include"; then
+ header_dirs="$with_openldap_include $header_dirs"
+fi
+if test "$with_openldap_lib"; then
+ lib_dirs="$with_openldap_lib $lib_dirs"
+fi
+
+if test "$with_openldap_config" = ""; then
+ with_openldap_config=''
+fi
+
+openldap_cflags=
+openldap_libs=
+
+case "$with_openldap_config" in
+yes|no|"")
+ ;;
+*)
+ openldap_cflags="`$with_openldap_config --cflags 2>&1`"
+ openldap_libs="`$with_openldap_config --libs 2>&1`"
+ ;;
+esac
+
+found=no
+if test "$with_openldap" != no; then
+ save_CFLAGS="$CFLAGS"
+ save_LIBS="$LIBS"
+ if test "$openldap_cflags" -a "$openldap_libs"; then
+ CFLAGS="$openldap_cflags $save_CFLAGS"
+ LIBS="$openldap_libs $save_LIBS"
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+#include <lber.h>
+#include <ldap.h>
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+
+ INCLUDE_openldap="$openldap_cflags"
+ LIB_openldap="$openldap_libs"
+ echo "$as_me:$LINENO: result: from $with_openldap_config" >&5
+echo "${ECHO_T}from $with_openldap_config" >&6
+ found=yes
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+fi
+rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
+ fi
+ if test "$found" = no; then
+ ires= lres=
+ for i in $header_dirs; do
+ CFLAGS="-I$i $save_CFLAGS"
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+#include <lber.h>
+#include <ldap.h>
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ires=$i;break
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+fi
+rm -f conftest.$ac_objext conftest.$ac_ext
+ done
+ for i in $lib_dirs; do
+ LIBS="-L$i -lldap -llber $save_LIBS"
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+#include <lber.h>
+#include <ldap.h>
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ lres=$i;break
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+fi
+rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
+ done
+ if test "$ires" -a "$lres" -a "$with_openldap" != "no"; then
+ INCLUDE_openldap="-I$ires"
+ LIB_openldap="-L$lres -lldap -llber "
+ found=yes
+ echo "$as_me:$LINENO: result: headers $ires, libraries $lres" >&5
+echo "${ECHO_T}headers $ires, libraries $lres" >&6
+ fi
+ fi
+ CFLAGS="$save_CFLAGS"
+ LIBS="$save_LIBS"
+fi
+
+if test "$found" = yes; then
+
+cat >>confdefs.h <<_ACEOF
+#define OPENLDAP 1
+_ACEOF
+
+ with_openldap=yes
+else
+ with_openldap=no
+ INCLUDE_openldap=
+ LIB_openldap=
+ echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6
+fi
+
+
+
+
+
+
+
+# Check whether --with-krb4 or --without-krb4 was given.
+if test "${with_krb4+set}" = set; then
+ withval="$with_krb4"
+
+fi;
+
+# Check whether --with-krb4-lib or --without-krb4-lib was given.
+if test "${with_krb4_lib+set}" = set; then
+ withval="$with_krb4_lib"
+ if test "$withval" = "yes" -o "$withval" = "no"; then
+ { { echo "$as_me:$LINENO: error: No argument for --with-krb4-lib" >&5
+echo "$as_me: error: No argument for --with-krb4-lib" >&2;}
+ { (exit 1); exit 1; }; }
+elif test "X$with_krb4" = "X"; then
+ with_krb4=yes
+fi
+fi;
+
+# Check whether --with-krb4-include or --without-krb4-include was given.
+if test "${with_krb4_include+set}" = set; then
+ withval="$with_krb4_include"
+ if test "$withval" = "yes" -o "$withval" = "no"; then
+ { { echo "$as_me:$LINENO: error: No argument for --with-krb4-include" >&5
+echo "$as_me: error: No argument for --with-krb4-include" >&2;}
+ { (exit 1); exit 1; }; }
+elif test "X$with_krb4" = "X"; then
+ with_krb4=yes
+fi
+fi;
+
+# Check whether --with-krb4-config or --without-krb4-config was given.
+if test "${with_krb4_config+set}" = set; then
+ withval="$with_krb4_config"
+
+fi;
+
+
+
+echo "$as_me:$LINENO: checking for krb4" >&5
+echo $ECHO_N "checking for krb4... $ECHO_C" >&6
+
+case "$with_krb4" in
+yes|"") d='/usr/athena' ;;
+no) d= ;;
+*) d="$with_krb4" ;;
+esac
+
+header_dirs=
+lib_dirs=
+for i in $d; do
+ if test "$with_krb4_include" = ""; then
+ if test -d "$i/include/krb4"; then
+ header_dirs="$header_dirs $i/include/krb4"
+ fi
+ if test -d "$i/include"; then
+ header_dirs="$header_dirs $i/include"
+ fi
+ fi
+ if test "$with_krb4_lib" = ""; then
+ if test -d "$i/lib$abilibdirext"; then
+ lib_dirs="$lib_dirs $i/lib$abilibdirext"
+ fi
+ fi
+done
+
+if test "$with_krb4_include"; then
+ header_dirs="$with_krb4_include $header_dirs"
+fi
+if test "$with_krb4_lib"; then
+ lib_dirs="$with_krb4_lib $lib_dirs"
+fi
+
+if test "$with_krb4_config" = ""; then
+ with_krb4_config='krb4-config'
+fi
+
+krb4_cflags=
+krb4_libs=
+
+case "$with_krb4_config" in
+yes|no|"")
+ ;;
+*)
+ krb4_cflags="`$with_krb4_config --cflags 2>&1`"
+ krb4_libs="`$with_krb4_config --libs 2>&1`"
+ ;;
+esac
+
+found=no
+if test "$with_krb4" != no; then
+ save_CFLAGS="$CFLAGS"
+ save_LIBS="$LIBS"
+ if test "$krb4_cflags" -a "$krb4_libs"; then
+ CFLAGS="$krb4_cflags $save_CFLAGS"
+ LIBS="$krb4_libs $save_LIBS"
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+#include <krb.h>
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+
+ INCLUDE_krb4="$krb4_cflags"
+ LIB_krb4="$krb4_libs"
+ echo "$as_me:$LINENO: result: from $with_krb4_config" >&5
+echo "${ECHO_T}from $with_krb4_config" >&6
+ found=yes
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+fi
+rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
+ fi
+ if test "$found" = no; then
+ ires= lres=
+ for i in $header_dirs; do
+ CFLAGS="-I$i $save_CFLAGS"
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+#include <krb.h>
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ires=$i;break
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+fi
+rm -f conftest.$ac_objext conftest.$ac_ext
+ done
+ for i in $lib_dirs; do
+ LIBS="-L$i -lkrb -ldes $save_LIBS"
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+#include <krb.h>
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ lres=$i;break
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+fi
+rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
+ done
+ if test "$ires" -a "$lres" -a "$with_krb4" != "no"; then
+ INCLUDE_krb4="-I$ires"
+ LIB_krb4="-L$lres -lkrb -ldes"
+ found=yes
+ echo "$as_me:$LINENO: result: headers $ires, libraries $lres" >&5
+echo "${ECHO_T}headers $ires, libraries $lres" >&6
+ fi
+ fi
+ CFLAGS="$save_CFLAGS"
+ LIBS="$save_LIBS"
+fi
+
+if test "$found" = yes; then
+
+cat >>confdefs.h <<_ACEOF
+#define KRB4 1
+_ACEOF
+
+ with_krb4=yes
+else
+ with_krb4=no
+ INCLUDE_krb4=
+ LIB_krb4=
+ echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6
+fi
+
+
+
+
+
+LIB_kdb=
+if test "$with_krb4" != "no"; then
+ save_CFLAGS="$CFLAGS"
+ CFLAGS="$CFLAGS $INCLUDE_krb4"
+ save_LIBS="$LIBS"
+ LIBS="$LIB_krb4 $LIBS"
+ EXTRA_LIB45=lib45.a
+
+ echo "$as_me:$LINENO: checking for four valued krb_put_int" >&5
+echo $ECHO_N "checking for four valued krb_put_int... $ECHO_C" >&6
+if test "${ac_cv_func_krb_put_int_four+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+#include <krb.h>
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+
+ char tmp[4];
+ krb_put_int(17, tmp, 4, sizeof(tmp));
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_func_krb_put_int_four=yes
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+ac_cv_func_krb_put_int_four=no
+fi
+rm -f conftest.$ac_objext conftest.$ac_ext
+
+fi
+echo "$as_me:$LINENO: result: $ac_cv_func_krb_put_int_four" >&5
+echo "${ECHO_T}$ac_cv_func_krb_put_int_four" >&6
+ if test "$ac_cv_func_krb_put_int_four" = yes; then
+
+cat >>confdefs.h <<\_ACEOF
+#define HAVE_FOUR_VALUED_KRB_PUT_INT 1
+_ACEOF
+
+ fi
+
+
+ echo "$as_me:$LINENO: checking for KRB_VERIFY_SECURE" >&5
+echo $ECHO_N "checking for KRB_VERIFY_SECURE... $ECHO_C" >&6
+if test "${ac_cv_func_krb_verify_secure+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+#include <krb.h>
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+
+ int x = KRB_VERIFY_SECURE
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_func_krb_verify_secure=yes
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+ac_cv_func_krb_verify_secure=no
+fi
+rm -f conftest.$ac_objext conftest.$ac_ext
+
+fi
+echo "$as_me:$LINENO: result: $ac_cv_func_krb_verify_secure" >&5
+echo "${ECHO_T}$ac_cv_func_krb_verify_secure" >&6
+ if test "$ac_cv_func_krb_verify_secure" != yes; then
+
+cat >>confdefs.h <<\_ACEOF
+#define KRB_VERIFY_SECURE 1
+_ACEOF
+
+
+cat >>confdefs.h <<\_ACEOF
+#define KRB_VERIFY_SECURE_FAIL 2
+_ACEOF
+
+ fi
+ echo "$as_me:$LINENO: checking for KRB_VERIFY_NOT_SECURE" >&5
+echo $ECHO_N "checking for KRB_VERIFY_NOT_SECURE... $ECHO_C" >&6
+if test "${ac_cv_func_krb_verify_not_secure+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+#include <krb.h>
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+
+ int x = KRB_VERIFY_NOT_SECURE
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_func_krb_verify_not_secure=yes
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+ac_cv_func_krb_verify_not_secure=no
+fi
+rm -f conftest.$ac_objext conftest.$ac_ext
+
+fi
+echo "$as_me:$LINENO: result: $ac_cv_func_krb_verify_not_secure" >&5
+echo "${ECHO_T}$ac_cv_func_krb_verify_not_secure" >&6
+ if test "$ac_cv_func_krb_verify_not_secure" != yes; then
+
+cat >>confdefs.h <<\_ACEOF
+#define KRB_VERIFY_NOT_SECURE 0
+_ACEOF
+
+ fi
+
+
+
+
+echo "$as_me:$LINENO: checking for krb_enable_debug" >&5
+echo $ECHO_N "checking for krb_enable_debug... $ECHO_C" >&6
+if test "${ac_cv_funclib_krb_enable_debug+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+
+if eval "test \"\$ac_cv_func_krb_enable_debug\" != yes" ; then
+ ac_save_LIBS="$LIBS"
+ for ac_lib in "" ; do
+ case "$ac_lib" in
+ "") ;;
+ yes) ac_lib="" ;;
+ no) continue ;;
+ -l*) ;;
+ *) ac_lib="-l$ac_lib" ;;
+ esac
+ LIBS=" $ac_lib $ac_save_LIBS"
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+krb_enable_debug()
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ eval "if test -n \"$ac_lib\";then ac_cv_funclib_krb_enable_debug=$ac_lib; else ac_cv_funclib_krb_enable_debug=yes; fi";break
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+fi
+rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
+ done
+ eval "ac_cv_funclib_krb_enable_debug=\${ac_cv_funclib_krb_enable_debug-no}"
+ LIBS="$ac_save_LIBS"
+fi
+
+fi
+
+
+eval "ac_res=\$ac_cv_funclib_krb_enable_debug"
+
+if false; then
+
+for ac_func in krb_enable_debug
+do
+as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
+echo "$as_me:$LINENO: checking for $ac_func" >&5
+echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
+if eval "test \"\${$as_ac_var+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+/* System header to define __stub macros and hopefully few prototypes,
+ which can conflict with char $ac_func (); below. */
+#include <assert.h>
+/* Override any gcc2 internal prototype to avoid an error. */
+#ifdef __cplusplus
+extern "C"
+#endif
+/* We use char because int might match the return type of a gcc2
+ builtin and then its argument prototype would still apply. */
+char $ac_func ();
+char (*f) ();
+
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+/* The GNU C library defines this for functions which it implements
+ to always fail with ENOSYS. Some functions are actually named
+ something starting with __ and the normal name is an alias. */
+#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
+choke me
+#else
+f = $ac_func;
+#endif
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ eval "$as_ac_var=yes"
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+eval "$as_ac_var=no"
+fi
+rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
+if test `eval echo '${'$as_ac_var'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+done
+
+fi
+# krb_enable_debug
+eval "ac_tr_func=HAVE_`echo krb_enable_debug | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`"
+eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`"
+eval "LIB_krb_enable_debug=$ac_res"
+
+case "$ac_res" in
+ yes)
+ eval "ac_cv_func_krb_enable_debug=yes"
+ eval "LIB_krb_enable_debug="
+ cat >>confdefs.h <<_ACEOF
+#define $ac_tr_func 1
+_ACEOF
+
+ echo "$as_me:$LINENO: result: yes" >&5
+echo "${ECHO_T}yes" >&6
+ ;;
+ no)
+ eval "ac_cv_func_krb_enable_debug=no"
+ eval "LIB_krb_enable_debug="
+ echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6
+ ;;
+ *)
+ eval "ac_cv_func_krb_enable_debug=yes"
+ eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
+ cat >>confdefs.h <<_ACEOF
+#define $ac_tr_func 1
+_ACEOF
+
+ cat >>confdefs.h <<_ACEOF
+#define $ac_tr_lib 1
+_ACEOF
+
+ echo "$as_me:$LINENO: result: yes, in $ac_res" >&5
+echo "${ECHO_T}yes, in $ac_res" >&6
+ ;;
+esac
+
+
+if test -n "$LIB_krb_enable_debug"; then
+ LIBS="$LIB_krb_enable_debug $LIBS"
+fi
+
+
+
+
+
+echo "$as_me:$LINENO: checking for krb_disable_debug" >&5
+echo $ECHO_N "checking for krb_disable_debug... $ECHO_C" >&6
+if test "${ac_cv_funclib_krb_disable_debug+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+
+if eval "test \"\$ac_cv_func_krb_disable_debug\" != yes" ; then
+ ac_save_LIBS="$LIBS"
+ for ac_lib in "" ; do
+ case "$ac_lib" in
+ "") ;;
+ yes) ac_lib="" ;;
+ no) continue ;;
+ -l*) ;;
+ *) ac_lib="-l$ac_lib" ;;
+ esac
+ LIBS=" $ac_lib $ac_save_LIBS"
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+krb_disable_debug()
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ eval "if test -n \"$ac_lib\";then ac_cv_funclib_krb_disable_debug=$ac_lib; else ac_cv_funclib_krb_disable_debug=yes; fi";break
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+fi
+rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
+ done
+ eval "ac_cv_funclib_krb_disable_debug=\${ac_cv_funclib_krb_disable_debug-no}"
+ LIBS="$ac_save_LIBS"
+fi
+
+fi
+
+
+eval "ac_res=\$ac_cv_funclib_krb_disable_debug"
+
+if false; then
+
+for ac_func in krb_disable_debug
+do
+as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
+echo "$as_me:$LINENO: checking for $ac_func" >&5
+echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
+if eval "test \"\${$as_ac_var+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+/* System header to define __stub macros and hopefully few prototypes,
+ which can conflict with char $ac_func (); below. */
+#include <assert.h>
+/* Override any gcc2 internal prototype to avoid an error. */
+#ifdef __cplusplus
+extern "C"
+#endif
+/* We use char because int might match the return type of a gcc2
+ builtin and then its argument prototype would still apply. */
+char $ac_func ();
+char (*f) ();
+
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+/* The GNU C library defines this for functions which it implements
+ to always fail with ENOSYS. Some functions are actually named
+ something starting with __ and the normal name is an alias. */
+#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
+choke me
+#else
+f = $ac_func;
+#endif
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ eval "$as_ac_var=yes"
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+eval "$as_ac_var=no"
+fi
+rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
+if test `eval echo '${'$as_ac_var'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+done
+
+fi
+# krb_disable_debug
+eval "ac_tr_func=HAVE_`echo krb_disable_debug | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`"
+eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`"
+eval "LIB_krb_disable_debug=$ac_res"
+
+case "$ac_res" in
+ yes)
+ eval "ac_cv_func_krb_disable_debug=yes"
+ eval "LIB_krb_disable_debug="
+ cat >>confdefs.h <<_ACEOF
+#define $ac_tr_func 1
+_ACEOF
+
+ echo "$as_me:$LINENO: result: yes" >&5
+echo "${ECHO_T}yes" >&6
+ ;;
+ no)
+ eval "ac_cv_func_krb_disable_debug=no"
+ eval "LIB_krb_disable_debug="
+ echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6
+ ;;
+ *)
+ eval "ac_cv_func_krb_disable_debug=yes"
+ eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
+ cat >>confdefs.h <<_ACEOF
+#define $ac_tr_func 1
+_ACEOF
+
+ cat >>confdefs.h <<_ACEOF
+#define $ac_tr_lib 1
+_ACEOF
+
+ echo "$as_me:$LINENO: result: yes, in $ac_res" >&5
+echo "${ECHO_T}yes, in $ac_res" >&6
+ ;;
+esac
+
+
+if test -n "$LIB_krb_disable_debug"; then
+ LIBS="$LIB_krb_disable_debug $LIBS"
+fi
+
+
+
+
+
+echo "$as_me:$LINENO: checking for krb_get_our_ip_for_realm" >&5
+echo $ECHO_N "checking for krb_get_our_ip_for_realm... $ECHO_C" >&6
+if test "${ac_cv_funclib_krb_get_our_ip_for_realm+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+
+if eval "test \"\$ac_cv_func_krb_get_our_ip_for_realm\" != yes" ; then
+ ac_save_LIBS="$LIBS"
+ for ac_lib in "" ; do
+ case "$ac_lib" in
+ "") ;;
+ yes) ac_lib="" ;;
+ no) continue ;;
+ -l*) ;;
+ *) ac_lib="-l$ac_lib" ;;
+ esac
+ LIBS=" $ac_lib $ac_save_LIBS"
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+krb_get_our_ip_for_realm()
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ eval "if test -n \"$ac_lib\";then ac_cv_funclib_krb_get_our_ip_for_realm=$ac_lib; else ac_cv_funclib_krb_get_our_ip_for_realm=yes; fi";break
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+fi
+rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
+ done
+ eval "ac_cv_funclib_krb_get_our_ip_for_realm=\${ac_cv_funclib_krb_get_our_ip_for_realm-no}"
+ LIBS="$ac_save_LIBS"
+fi
+
+fi
+
+
+eval "ac_res=\$ac_cv_funclib_krb_get_our_ip_for_realm"
+
+if false; then
+
+for ac_func in krb_get_our_ip_for_realm
+do
+as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
+echo "$as_me:$LINENO: checking for $ac_func" >&5
+echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
+if eval "test \"\${$as_ac_var+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+/* System header to define __stub macros and hopefully few prototypes,
+ which can conflict with char $ac_func (); below. */
+#include <assert.h>
+/* Override any gcc2 internal prototype to avoid an error. */
+#ifdef __cplusplus
+extern "C"
+#endif
+/* We use char because int might match the return type of a gcc2
+ builtin and then its argument prototype would still apply. */
+char $ac_func ();
+char (*f) ();
+
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+/* The GNU C library defines this for functions which it implements
+ to always fail with ENOSYS. Some functions are actually named
+ something starting with __ and the normal name is an alias. */
+#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
+choke me
+#else
+f = $ac_func;
+#endif
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ eval "$as_ac_var=yes"
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+eval "$as_ac_var=no"
+fi
+rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
+if test `eval echo '${'$as_ac_var'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+done
+
+fi
+# krb_get_our_ip_for_realm
+eval "ac_tr_func=HAVE_`echo krb_get_our_ip_for_realm | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`"
+eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`"
+eval "LIB_krb_get_our_ip_for_realm=$ac_res"
+
+case "$ac_res" in
+ yes)
+ eval "ac_cv_func_krb_get_our_ip_for_realm=yes"
+ eval "LIB_krb_get_our_ip_for_realm="
+ cat >>confdefs.h <<_ACEOF
+#define $ac_tr_func 1
+_ACEOF
+
+ echo "$as_me:$LINENO: result: yes" >&5
+echo "${ECHO_T}yes" >&6
+ ;;
+ no)
+ eval "ac_cv_func_krb_get_our_ip_for_realm=no"
+ eval "LIB_krb_get_our_ip_for_realm="
+ echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6
+ ;;
+ *)
+ eval "ac_cv_func_krb_get_our_ip_for_realm=yes"
+ eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
+ cat >>confdefs.h <<_ACEOF
+#define $ac_tr_func 1
+_ACEOF
+
+ cat >>confdefs.h <<_ACEOF
+#define $ac_tr_lib 1
+_ACEOF
+
+ echo "$as_me:$LINENO: result: yes, in $ac_res" >&5
+echo "${ECHO_T}yes, in $ac_res" >&6
+ ;;
+esac
+
+
+if test -n "$LIB_krb_get_our_ip_for_realm"; then
+ LIBS="$LIB_krb_get_our_ip_for_realm $LIBS"
+fi
+
+
+
+
+
+echo "$as_me:$LINENO: checking for krb_kdctimeofday" >&5
+echo $ECHO_N "checking for krb_kdctimeofday... $ECHO_C" >&6
+if test "${ac_cv_funclib_krb_kdctimeofday+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+
+if eval "test \"\$ac_cv_func_krb_kdctimeofday\" != yes" ; then
+ ac_save_LIBS="$LIBS"
+ for ac_lib in "" ; do
+ case "$ac_lib" in
+ "") ;;
+ yes) ac_lib="" ;;
+ no) continue ;;
+ -l*) ;;
+ *) ac_lib="-l$ac_lib" ;;
+ esac
+ LIBS=" $ac_lib $ac_save_LIBS"
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+krb_kdctimeofday()
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ eval "if test -n \"$ac_lib\";then ac_cv_funclib_krb_kdctimeofday=$ac_lib; else ac_cv_funclib_krb_kdctimeofday=yes; fi";break
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+fi
+rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
+ done
+ eval "ac_cv_funclib_krb_kdctimeofday=\${ac_cv_funclib_krb_kdctimeofday-no}"
+ LIBS="$ac_save_LIBS"
+fi
+
+fi
+
+
+eval "ac_res=\$ac_cv_funclib_krb_kdctimeofday"
+
+if false; then
+
+for ac_func in krb_kdctimeofday
+do
+as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
+echo "$as_me:$LINENO: checking for $ac_func" >&5
+echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
+if eval "test \"\${$as_ac_var+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+/* System header to define __stub macros and hopefully few prototypes,
+ which can conflict with char $ac_func (); below. */
+#include <assert.h>
+/* Override any gcc2 internal prototype to avoid an error. */
+#ifdef __cplusplus
+extern "C"
+#endif
+/* We use char because int might match the return type of a gcc2
+ builtin and then its argument prototype would still apply. */
+char $ac_func ();
+char (*f) ();
+
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+/* The GNU C library defines this for functions which it implements
+ to always fail with ENOSYS. Some functions are actually named
+ something starting with __ and the normal name is an alias. */
+#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
+choke me
+#else
+f = $ac_func;
+#endif
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ eval "$as_ac_var=yes"
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+eval "$as_ac_var=no"
+fi
+rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
+if test `eval echo '${'$as_ac_var'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+done
+
+fi
+# krb_kdctimeofday
+eval "ac_tr_func=HAVE_`echo krb_kdctimeofday | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`"
+eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`"
+eval "LIB_krb_kdctimeofday=$ac_res"
+
+case "$ac_res" in
+ yes)
+ eval "ac_cv_func_krb_kdctimeofday=yes"
+ eval "LIB_krb_kdctimeofday="
+ cat >>confdefs.h <<_ACEOF
+#define $ac_tr_func 1
+_ACEOF
+
+ echo "$as_me:$LINENO: result: yes" >&5
+echo "${ECHO_T}yes" >&6
+ ;;
+ no)
+ eval "ac_cv_func_krb_kdctimeofday=no"
+ eval "LIB_krb_kdctimeofday="
+ echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6
+ ;;
+ *)
+ eval "ac_cv_func_krb_kdctimeofday=yes"
+ eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
+ cat >>confdefs.h <<_ACEOF
+#define $ac_tr_func 1
+_ACEOF
+
+ cat >>confdefs.h <<_ACEOF
+#define $ac_tr_lib 1
+_ACEOF
+
+ echo "$as_me:$LINENO: result: yes, in $ac_res" >&5
+echo "${ECHO_T}yes, in $ac_res" >&6
+ ;;
+esac
+
+
+if test -n "$LIB_krb_kdctimeofday"; then
+ LIBS="$LIB_krb_kdctimeofday $LIBS"
+fi
+
+
+
+
+
+
+
+echo "$as_me:$LINENO: checking for krb_get_kdc_time_diff" >&5
+echo $ECHO_N "checking for krb_get_kdc_time_diff... $ECHO_C" >&6
+if test "${ac_cv_funclib_krb_get_kdc_time_diff+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+
+if eval "test \"\$ac_cv_func_krb_get_kdc_time_diff\" != yes" ; then
+ ac_save_LIBS="$LIBS"
+ for ac_lib in "" ; do
+ case "$ac_lib" in
+ "") ;;
+ yes) ac_lib="" ;;
+ no) continue ;;
+ -l*) ;;
+ *) ac_lib="-l$ac_lib" ;;
+ esac
+ LIBS=" $ac_lib $ac_save_LIBS"
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+krb_get_kdc_time_diff()
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ eval "if test -n \"$ac_lib\";then ac_cv_funclib_krb_get_kdc_time_diff=$ac_lib; else ac_cv_funclib_krb_get_kdc_time_diff=yes; fi";break
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+fi
+rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
+ done
+ eval "ac_cv_funclib_krb_get_kdc_time_diff=\${ac_cv_funclib_krb_get_kdc_time_diff-no}"
+ LIBS="$ac_save_LIBS"
+fi
+
+fi
+
+
+eval "ac_res=\$ac_cv_funclib_krb_get_kdc_time_diff"
+
+if false; then
+
+for ac_func in krb_get_kdc_time_diff
+do
+as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
+echo "$as_me:$LINENO: checking for $ac_func" >&5
+echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
+if eval "test \"\${$as_ac_var+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+/* System header to define __stub macros and hopefully few prototypes,
+ which can conflict with char $ac_func (); below. */
+#include <assert.h>
+/* Override any gcc2 internal prototype to avoid an error. */
+#ifdef __cplusplus
+extern "C"
+#endif
+/* We use char because int might match the return type of a gcc2
+ builtin and then its argument prototype would still apply. */
+char $ac_func ();
+char (*f) ();
+
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+/* The GNU C library defines this for functions which it implements
+ to always fail with ENOSYS. Some functions are actually named
+ something starting with __ and the normal name is an alias. */
+#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
+choke me
+#else
+f = $ac_func;
+#endif
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ eval "$as_ac_var=yes"
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+eval "$as_ac_var=no"
+fi
+rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
+if test `eval echo '${'$as_ac_var'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+done
+
+fi
+# krb_get_kdc_time_diff
+eval "ac_tr_func=HAVE_`echo krb_get_kdc_time_diff | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`"
+eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`"
+eval "LIB_krb_get_kdc_time_diff=$ac_res"
+
+case "$ac_res" in
+ yes)
+ eval "ac_cv_func_krb_get_kdc_time_diff=yes"
+ eval "LIB_krb_get_kdc_time_diff="
+ cat >>confdefs.h <<_ACEOF
+#define $ac_tr_func 1
+_ACEOF
+
+ echo "$as_me:$LINENO: result: yes" >&5
+echo "${ECHO_T}yes" >&6
+ ;;
+ no)
+ eval "ac_cv_func_krb_get_kdc_time_diff=no"
+ eval "LIB_krb_get_kdc_time_diff="
+ echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6
+ ;;
+ *)
+ eval "ac_cv_func_krb_get_kdc_time_diff=yes"
+ eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
+ cat >>confdefs.h <<_ACEOF
+#define $ac_tr_func 1
+_ACEOF
+
+ cat >>confdefs.h <<_ACEOF
+#define $ac_tr_lib 1
+_ACEOF
+
+ echo "$as_me:$LINENO: result: yes, in $ac_res" >&5
+echo "${ECHO_T}yes, in $ac_res" >&6
+ ;;
+esac
+
+
+if test -n "$LIB_krb_get_kdc_time_diff"; then
+ LIBS="$LIB_krb_get_kdc_time_diff $LIBS"
+fi
+
+
+
+ echo "$as_me:$LINENO: checking for KRB_SENDAUTH_VERS" >&5
+echo $ECHO_N "checking for KRB_SENDAUTH_VERS... $ECHO_C" >&6
+if test "${ac_cv_func_krb_sendauth_vers+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+#include <krb.h>
+ #include <prot.h>
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+
+ char *x = KRB_SENDAUTH_VERS
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_func_krb_sendauth_vers=yes
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+ac_cv_func_krb_sendauth_vers=no
+fi
+rm -f conftest.$ac_objext conftest.$ac_ext
+
+fi
+echo "$as_me:$LINENO: result: $ac_cv_func_krb_sendauth_vers" >&5
+echo "${ECHO_T}$ac_cv_func_krb_sendauth_vers" >&6
+ if test "$ac_cv_func_krb_sendauth_vers" != yes; then
+
+cat >>confdefs.h <<\_ACEOF
+#define KRB_SENDAUTH_VERS "AUTHV0.1"
+_ACEOF
+
+ fi
+ echo "$as_me:$LINENO: checking for krb_mk_req with const arguments" >&5
+echo $ECHO_N "checking for krb_mk_req with const arguments... $ECHO_C" >&6
+if test "${ac_cv_func_krb_mk_req_const+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+#include <krb.h>
+ int krb_mk_req(KTEXT a, const char *s, const char *i,
+ const char *r, int32_t checksum)
+ { return 17; }
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_func_krb_mk_req_const=yes
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+ac_cv_func_krb_mk_req_const=no
+fi
+rm -f conftest.$ac_objext conftest.$ac_ext
+
+fi
+echo "$as_me:$LINENO: result: $ac_cv_func_krb_mk_req_const" >&5
+echo "${ECHO_T}$ac_cv_func_krb_mk_req_const" >&6
+ if test "$ac_cv_func_krb_mk_req_const" = "yes"; then
+
+cat >>confdefs.h <<\_ACEOF
+#define KRB_MK_REQ_CONST 1
+_ACEOF
+
+ fi
+
+ LIBS="$save_LIBS"
+ CFLAGS="$save_CFLAGS"
+ LIB_kdb="-lkdb -lkrb"
+fi
+
+
+if test "$with_krb4" != "no"; then
+ KRB4_TRUE=
+ KRB4_FALSE='#'
+else
+ KRB4_TRUE='#'
+ KRB4_FALSE=
+fi
+
+
+
+if true; then
+ KRB5_TRUE=
+ KRB5_FALSE='#'
+else
+ KRB5_TRUE='#'
+ KRB5_FALSE=
+fi
+
+
+
+if true; then
+ do_roken_rename_TRUE=
+ do_roken_rename_FALSE='#'
+else
+ do_roken_rename_TRUE='#'
+ do_roken_rename_FALSE=
+fi
+
+
+
+cat >>confdefs.h <<\_ACEOF
+#define KRB5 1
+_ACEOF
+
+
+crypto_lib=unknown
+
+
+# Check whether --with-openssl or --without-openssl was given.
+if test "${with_openssl+set}" = set; then
+ withval="$with_openssl"
+
+fi;
+
+
+# Check whether --with-openssl-lib or --without-openssl-lib was given.
+if test "${with_openssl_lib+set}" = set; then
+ withval="$with_openssl_lib"
+ if test "$withval" = "yes" -o "$withval" = "no"; then
+ { { echo "$as_me:$LINENO: error: No argument for --with-openssl-lib" >&5
+echo "$as_me: error: No argument for --with-openssl-lib" >&2;}
+ { (exit 1); exit 1; }; }
+elif test "X$with_openssl" = "X"; then
+ with_openssl=yes
+fi
+fi;
+
+
+# Check whether --with-openssl-include or --without-openssl-include was given.
+if test "${with_openssl_include+set}" = set; then
+ withval="$with_openssl_include"
+ if test "$withval" = "yes" -o "$withval" = "no"; then
+ { { echo "$as_me:$LINENO: error: No argument for --with-openssl-include" >&5
+echo "$as_me: error: No argument for --with-openssl-include" >&2;}
+ { (exit 1); exit 1; }; }
+elif test "X$with_openssl" = "X"; then
+ with_openssl=yes
+fi
+fi;
+
+case "$with_openssl" in
+yes) ;;
+no) ;;
+"") ;;
+*) if test "$with_openssl_include" = ""; then
+ with_openssl_include="$with_openssl/include"
+ fi
+ if test "$with_openssl_lib" = ""; then
+ with_openssl_lib="$with_openssl/lib$abilibdirext"
+ fi
+ ;;
+esac
+
+
+DIR_des=
+
+echo "$as_me:$LINENO: checking for crypto library" >&5
+echo $ECHO_N "checking for crypto library... $ECHO_C" >&6
+
+openssl=no
+old_hash=no
+
+if test "$crypto_lib" = "unknown" -a "$with_krb4" != "no"; then
+ save_CPPFLAGS="$CPPFLAGS"
+ save_LIBS="$LIBS"
+
+ cdirs= clibs=
+ for i in $LIB_krb4; do
+ case "$i" in
+ -L*) cdirs="$cdirs $i";;
+ -l*) clibs="$clibs $i";;
+ esac
+ done
+
+ ires=
+ for i in $INCLUDE_krb4; do
+ CFLAGS="-DHAVE_OPENSSL $i $save_CFLAGS"
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+
+ #undef KRB5 /* makes md4.h et al unhappy */
+ #ifdef HAVE_OPENSSL
+ #include <openssl/md4.h>
+ #include <openssl/md5.h>
+ #include <openssl/sha.h>
+ #include <openssl/des.h>
+ #include <openssl/rc4.h>
+ #else
+ #include <md4.h>
+ #include <md5.h>
+ #include <sha.h>
+ #include <des.h>
+ #include <rc4.h>
+ #endif
+ #ifdef OLD_HASH_NAMES
+ typedef struct md4 MD4_CTX;
+ #define MD4_Init(C) md4_init((C))
+ #define MD4_Update(C, D, L) md4_update((C), (D), (L))
+ #define MD4_Final(D, C) md4_finito((C), (D))
+ typedef struct md5 MD5_CTX;
+ #define MD5_Init(C) md5_init((C))
+ #define MD5_Update(C, D, L) md5_update((C), (D), (L))
+ #define MD5_Final(D, C) md5_finito((C), (D))
+ typedef struct sha SHA_CTX;
+ #define SHA1_Init(C) sha_init((C))
+ #define SHA1_Update(C, D, L) sha_update((C), (D), (L))
+ #define SHA1_Final(D, C) sha_finito((C), (D))
+ #endif
+
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+
+ void *schedule = 0;
+ MD4_CTX md4;
+ MD5_CTX md5;
+ SHA_CTX sha1;
+
+ MD4_Init(&md4);
+ MD5_Init(&md5);
+ SHA1_Init(&sha1);
+
+ des_cbc_encrypt(0, 0, 0, schedule, 0, 0);
+ RC4(0, 0, 0, 0);
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ openssl=yes ires="$i"; break
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+fi
+rm -f conftest.$ac_objext conftest.$ac_ext
+ CFLAGS="$i $save_CFLAGS"
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+
+ #undef KRB5 /* makes md4.h et al unhappy */
+ #ifdef HAVE_OPENSSL
+ #include <openssl/md4.h>
+ #include <openssl/md5.h>
+ #include <openssl/sha.h>
+ #include <openssl/des.h>
+ #include <openssl/rc4.h>
+ #else
+ #include <md4.h>
+ #include <md5.h>
+ #include <sha.h>
+ #include <des.h>
+ #include <rc4.h>
+ #endif
+ #ifdef OLD_HASH_NAMES
+ typedef struct md4 MD4_CTX;
+ #define MD4_Init(C) md4_init((C))
+ #define MD4_Update(C, D, L) md4_update((C), (D), (L))
+ #define MD4_Final(D, C) md4_finito((C), (D))
+ typedef struct md5 MD5_CTX;
+ #define MD5_Init(C) md5_init((C))
+ #define MD5_Update(C, D, L) md5_update((C), (D), (L))
+ #define MD5_Final(D, C) md5_finito((C), (D))
+ typedef struct sha SHA_CTX;
+ #define SHA1_Init(C) sha_init((C))
+ #define SHA1_Update(C, D, L) sha_update((C), (D), (L))
+ #define SHA1_Final(D, C) sha_finito((C), (D))
+ #endif
+
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+
+ void *schedule = 0;
+ MD4_CTX md4;
+ MD5_CTX md5;
+ SHA_CTX sha1;
+
+ MD4_Init(&md4);
+ MD5_Init(&md5);
+ SHA1_Init(&sha1);
+
+ des_cbc_encrypt(0, 0, 0, schedule, 0, 0);
+ RC4(0, 0, 0, 0);
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ openssl=no ires="$i"; break
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+fi
+rm -f conftest.$ac_objext conftest.$ac_ext
+ CFLAGS="-DOLD_HASH_NAMES $i $save_CFLAGS"
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+
+ #undef KRB5 /* makes md4.h et al unhappy */
+ #ifdef HAVE_OPENSSL
+ #include <openssl/md4.h>
+ #include <openssl/md5.h>
+ #include <openssl/sha.h>
+ #include <openssl/des.h>
+ #include <openssl/rc4.h>
+ #else
+ #include <md4.h>
+ #include <md5.h>
+ #include <sha.h>
+ #include <des.h>
+ #include <rc4.h>
+ #endif
+ #ifdef OLD_HASH_NAMES
+ typedef struct md4 MD4_CTX;
+ #define MD4_Init(C) md4_init((C))
+ #define MD4_Update(C, D, L) md4_update((C), (D), (L))
+ #define MD4_Final(D, C) md4_finito((C), (D))
+ typedef struct md5 MD5_CTX;
+ #define MD5_Init(C) md5_init((C))
+ #define MD5_Update(C, D, L) md5_update((C), (D), (L))
+ #define MD5_Final(D, C) md5_finito((C), (D))
+ typedef struct sha SHA_CTX;
+ #define SHA1_Init(C) sha_init((C))
+ #define SHA1_Update(C, D, L) sha_update((C), (D), (L))
+ #define SHA1_Final(D, C) sha_finito((C), (D))
+ #endif
+
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+
+ void *schedule = 0;
+ MD4_CTX md4;
+ MD5_CTX md5;
+ SHA_CTX sha1;
+
+ MD4_Init(&md4);
+ MD5_Init(&md5);
+ SHA1_Init(&sha1);
+
+ des_cbc_encrypt(0, 0, 0, schedule, 0, 0);
+ RC4(0, 0, 0, 0);
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ openssl=no ires="$i" old_hash=yes; break
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+fi
+rm -f conftest.$ac_objext conftest.$ac_ext
+ done
+ lres=
+ for i in $cdirs; do
+ for j in $clibs; do
+ LIBS="$i $j $save_LIBS"
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+
+ #undef KRB5 /* makes md4.h et al unhappy */
+ #ifdef HAVE_OPENSSL
+ #include <openssl/md4.h>
+ #include <openssl/md5.h>
+ #include <openssl/sha.h>
+ #include <openssl/des.h>
+ #include <openssl/rc4.h>
+ #else
+ #include <md4.h>
+ #include <md5.h>
+ #include <sha.h>
+ #include <des.h>
+ #include <rc4.h>
+ #endif
+ #ifdef OLD_HASH_NAMES
+ typedef struct md4 MD4_CTX;
+ #define MD4_Init(C) md4_init((C))
+ #define MD4_Update(C, D, L) md4_update((C), (D), (L))
+ #define MD4_Final(D, C) md4_finito((C), (D))
+ typedef struct md5 MD5_CTX;
+ #define MD5_Init(C) md5_init((C))
+ #define MD5_Update(C, D, L) md5_update((C), (D), (L))
+ #define MD5_Final(D, C) md5_finito((C), (D))
+ typedef struct sha SHA_CTX;
+ #define SHA1_Init(C) sha_init((C))
+ #define SHA1_Update(C, D, L) sha_update((C), (D), (L))
+ #define SHA1_Final(D, C) sha_finito((C), (D))
+ #endif
+
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+
+ void *schedule = 0;
+ MD4_CTX md4;
+ MD5_CTX md5;
+ SHA_CTX sha1;
+
+ MD4_Init(&md4);
+ MD5_Init(&md5);
+ SHA1_Init(&sha1);
+
+ des_cbc_encrypt(0, 0, 0, schedule, 0, 0);
+ RC4(0, 0, 0, 0);
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ lres="$i $j"; break 2
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+fi
+rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
+ done
+ done
+ CFLAGS="$save_CFLAGS"
+ LIBS="$save_LIBS"
+ if test "$ires" -a "$lres"; then
+ INCLUDE_des="$ires"
+ LIB_des="$lres"
+ crypto_lib=krb4
+ echo "$as_me:$LINENO: result: same as krb4" >&5
+echo "${ECHO_T}same as krb4" >&6
+ LIB_des_a='$(LIB_des)'
+ LIB_des_so='$(LIB_des)'
+ LIB_des_appl='$(LIB_des)'
+ fi
+fi
+
+if test "$crypto_lib" = "unknown" -a "$with_openssl" != "no"; then
+ save_CFLAGS="$CFLAGS"
+ save_LIBS="$LIBS"
+ INCLUDE_des=
+ LIB_des=
+ if test "$with_openssl_include" != ""; then
+ INCLUDE_des="-I${with_openssl}/include"
+ fi
+ if test "$with_openssl_lib" != ""; then
+ LIB_des="-L${with_openssl}/lib"
+ fi
+ CFLAGS="-DHAVE_OPENSSL ${INCLUDE_des} ${CFLAGS}"
+ LIB_des="${LIB_des} -lcrypto"
+ LIB_des_a="$LIB_des"
+ LIB_des_so="$LIB_des"
+ LIB_des_appl="$LIB_des"
+ LIBS="${LIBS} ${LIB_des}"
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+
+ #undef KRB5 /* makes md4.h et al unhappy */
+ #ifdef HAVE_OPENSSL
+ #include <openssl/md4.h>
+ #include <openssl/md5.h>
+ #include <openssl/sha.h>
+ #include <openssl/des.h>
+ #include <openssl/rc4.h>
+ #else
+ #include <md4.h>
+ #include <md5.h>
+ #include <sha.h>
+ #include <des.h>
+ #include <rc4.h>
+ #endif
+ #ifdef OLD_HASH_NAMES
+ typedef struct md4 MD4_CTX;
+ #define MD4_Init(C) md4_init((C))
+ #define MD4_Update(C, D, L) md4_update((C), (D), (L))
+ #define MD4_Final(D, C) md4_finito((C), (D))
+ typedef struct md5 MD5_CTX;
+ #define MD5_Init(C) md5_init((C))
+ #define MD5_Update(C, D, L) md5_update((C), (D), (L))
+ #define MD5_Final(D, C) md5_finito((C), (D))
+ typedef struct sha SHA_CTX;
+ #define SHA1_Init(C) sha_init((C))
+ #define SHA1_Update(C, D, L) sha_update((C), (D), (L))
+ #define SHA1_Final(D, C) sha_finito((C), (D))
+ #endif
+
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+
+ void *schedule = 0;
+ MD4_CTX md4;
+ MD5_CTX md5;
+ SHA_CTX sha1;
+
+ MD4_Init(&md4);
+ MD5_Init(&md5);
+ SHA1_Init(&sha1);
+
+ des_cbc_encrypt(0, 0, 0, schedule, 0, 0);
+ RC4(0, 0, 0, 0);
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+
+ crypto_lib=libcrypto openssl=yes
+ echo "$as_me:$LINENO: result: libcrypto" >&5
+echo "${ECHO_T}libcrypto" >&6
+
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+fi
+rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
+ CFLAGS="$save_CFLAGS"
+ LIBS="$save_LIBS"
+fi
+
+if test "$crypto_lib" = "unknown"; then
+
+ DIR_des='des'
+ LIB_des='$(top_builddir)/lib/des/libdes.la'
+ LIB_des_a='$(top_builddir)/lib/des/.libs/libdes.a'
+ LIB_des_so='$(top_builddir)/lib/des/.libs/libdes.so'
+ LIB_des_appl="-ldes"
+
+ echo "$as_me:$LINENO: result: included libdes" >&5
+echo "${ECHO_T}included libdes" >&6
+
+fi
+
+if test "$with_krb4" != no -a "$crypto_lib" != krb4; then
+ { { echo "$as_me:$LINENO: error: the crypto library used by krb4 lacks features
+required by Kerberos 5; to continue, you need to install a newer
+Kerberos 4 or configure --without-krb4" >&5
+echo "$as_me: error: the crypto library used by krb4 lacks features
+required by Kerberos 5; to continue, you need to install a newer
+Kerberos 4 or configure --without-krb4" >&2;}
+ { (exit 1); exit 1; }; }
+fi
+
+if test "$openssl" = "yes"; then
+
+cat >>confdefs.h <<\_ACEOF
+#define HAVE_OPENSSL 1
+_ACEOF
+
+fi
+if test "$old_hash" = yes; then
+
+cat >>confdefs.h <<\_ACEOF
+#define HAVE_OLD_HASH_NAMES 1
+_ACEOF
+
+fi
+
+
+if test "$openssl" = yes; then
+ HAVE_OPENSSL_TRUE=
+ HAVE_OPENSSL_FALSE='#'
+else
+ HAVE_OPENSSL_TRUE='#'
+ HAVE_OPENSSL_FALSE=
+fi
+
+
+
+
+
+
+
+
+
+# Check whether --enable-dce or --disable-dce was given.
+if test "${enable_dce+set}" = set; then
+ enableval="$enable_dce"
+
+fi;
+if test "$enable_dce" = yes; then
+
+cat >>confdefs.h <<\_ACEOF
+#define DCE 1
+_ACEOF
+
+fi
+
+
+if test "$enable_dce" = yes; then
+ DCE_TRUE=
+ DCE_FALSE='#'
+else
+ DCE_TRUE='#'
+ DCE_FALSE=
+fi
+
+
+## XXX quite horrible:
+if test -f /etc/ibmcxx.cfg; then
+ dpagaix_ldadd=`sed -n '/^xlc_r4/,/^$/p' /etc/ibmcxx.cfg | sed -n -e '/libraries/{;s/^[^=]*=\(.*\)/\1/;s/,/ /gp;}'`
+ dpagaix_cflags=`sed -n '/^xlc_r4/,/^$/p' /etc/ibmcxx.cfg | sed -n -e '/options/{;s/^[^=]*=\(.*\)/\1/;s/-q^,*//;s/,/ /gp;}'`
+ dpagaix_ldflags=
+else
+ dpagaix_cflags="-D_THREAD_SAFE -D_AIX_PTHREADS_D7 -D_AIX32_THREADS=1 -D_AES_SOURCE -D_AIX41 -I/usr/include/dce"
+ dpagaix_ldadd="-L/usr/lib/threads -ldcelibc_r -ldcepthreads -lpthreads_compat lpthreads -lc_r"
+ dpagaix_ldflags="-Wl,-bI:dfspag.exp"
+fi
+
+
+
+
+
# Check whether --enable-berkeley-db or --disable-berkeley-db was given.
if test "${enable_berkeley_db+set}" = set; then
enableval="$enable_berkeley_db"
@@ -9608,7 +12296,13 @@ else
HAVE_NDBM_FALSE=
fi
-DBLIB="$LDFLAGS $DBLIB"
+z=""
+for i in $LDFLAGS; do
+ case "$i" in
+ -L*) z="$z $i";;
+ esac
+done
+DBLIB="$z $DBLIB"
@@ -10438,6 +13132,368 @@ fi
fi
+
+for ac_header in stdlib.h unistd.h
+do
+as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+else
+ # Is the header compilable?
+echo "$as_me:$LINENO: checking $ac_header usability" >&5
+echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+$ac_includes_default
+#include <$ac_header>
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_header_compiler=yes
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+ac_header_compiler=no
+fi
+rm -f conftest.$ac_objext conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
+echo "${ECHO_T}$ac_header_compiler" >&6
+
+# Is the header present?
+echo "$as_me:$LINENO: checking $ac_header presence" >&5
+echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+#include <$ac_header>
+_ACEOF
+if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
+ (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
+ ac_status=$?
+ egrep -v '^ *\+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } >/dev/null; then
+ if test -s conftest.err; then
+ ac_cpp_err=$ac_c_preproc_warn_flag
+ else
+ ac_cpp_err=
+ fi
+else
+ ac_cpp_err=yes
+fi
+if test -z "$ac_cpp_err"; then
+ ac_header_preproc=yes
+else
+ echo "$as_me: failed program was:" >&5
+ cat conftest.$ac_ext >&5
+ ac_header_preproc=no
+fi
+rm -f conftest.err conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
+echo "${ECHO_T}$ac_header_preproc" >&6
+
+# So? What about this header?
+case $ac_header_compiler:$ac_header_preproc in
+ yes:no )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
+echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};;
+ no:yes )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
+echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
+echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};;
+esac
+echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ eval "$as_ac_Header=$ac_header_preproc"
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+
+fi
+if test `eval echo '${'$as_ac_Header'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+
+done
+
+
+for ac_func in getpagesize
+do
+as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
+echo "$as_me:$LINENO: checking for $ac_func" >&5
+echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
+if eval "test \"\${$as_ac_var+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+/* System header to define __stub macros and hopefully few prototypes,
+ which can conflict with char $ac_func (); below. */
+#include <assert.h>
+/* Override any gcc2 internal prototype to avoid an error. */
+#ifdef __cplusplus
+extern "C"
+#endif
+/* We use char because int might match the return type of a gcc2
+ builtin and then its argument prototype would still apply. */
+char $ac_func ();
+char (*f) ();
+
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+/* The GNU C library defines this for functions which it implements
+ to always fail with ENOSYS. Some functions are actually named
+ something starting with __ and the normal name is an alias. */
+#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
+choke me
+#else
+f = $ac_func;
+#endif
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ eval "$as_ac_var=yes"
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+eval "$as_ac_var=no"
+fi
+rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
+if test `eval echo '${'$as_ac_var'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+done
+
+echo "$as_me:$LINENO: checking for working mmap" >&5
+echo $ECHO_N "checking for working mmap... $ECHO_C" >&6
+if test "${ac_cv_func_mmap_fixed_mapped+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if test "$cross_compiling" = yes; then
+ ac_cv_func_mmap_fixed_mapped=no
+else
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+$ac_includes_default
+/* malloc might have been renamed as rpl_malloc. */
+#undef malloc
+
+/* Thanks to Mike Haertel and Jim Avera for this test.
+ Here is a matrix of mmap possibilities:
+ mmap private not fixed
+ mmap private fixed at somewhere currently unmapped
+ mmap private fixed at somewhere already mapped
+ mmap shared not fixed
+ mmap shared fixed at somewhere currently unmapped
+ mmap shared fixed at somewhere already mapped
+ For private mappings, we should verify that changes cannot be read()
+ back from the file, nor mmap's back from the file at a different
+ address. (There have been systems where private was not correctly
+ implemented like the infamous i386 svr4.0, and systems where the
+ VM page cache was not coherent with the file system buffer cache
+ like early versions of FreeBSD and possibly contemporary NetBSD.)
+ For shared mappings, we should conversely verify that changes get
+ propagated back to all the places they're supposed to be.
+
+ Grep wants private fixed already mapped.
+ The main things grep needs to know about mmap are:
+ * does it exist and is it safe to write into the mmap'd area
+ * how to use it (BSD variants) */
+
+#include <fcntl.h>
+#include <sys/mman.h>
+
+#if !STDC_HEADERS && !HAVE_STDLIB_H
+char *malloc ();
+#endif
+
+/* This mess was copied from the GNU getpagesize.h. */
+#if !HAVE_GETPAGESIZE
+/* Assume that all systems that can run configure have sys/param.h. */
+# if !HAVE_SYS_PARAM_H
+# define HAVE_SYS_PARAM_H 1
+# endif
+
+# ifdef _SC_PAGESIZE
+# define getpagesize() sysconf(_SC_PAGESIZE)
+# else /* no _SC_PAGESIZE */
+# if HAVE_SYS_PARAM_H
+# include <sys/param.h>
+# ifdef EXEC_PAGESIZE
+# define getpagesize() EXEC_PAGESIZE
+# else /* no EXEC_PAGESIZE */
+# ifdef NBPG
+# define getpagesize() NBPG * CLSIZE
+# ifndef CLSIZE
+# define CLSIZE 1
+# endif /* no CLSIZE */
+# else /* no NBPG */
+# ifdef NBPC
+# define getpagesize() NBPC
+# else /* no NBPC */
+# ifdef PAGESIZE
+# define getpagesize() PAGESIZE
+# endif /* PAGESIZE */
+# endif /* no NBPC */
+# endif /* no NBPG */
+# endif /* no EXEC_PAGESIZE */
+# else /* no HAVE_SYS_PARAM_H */
+# define getpagesize() 8192 /* punt totally */
+# endif /* no HAVE_SYS_PARAM_H */
+# endif /* no _SC_PAGESIZE */
+
+#endif /* no HAVE_GETPAGESIZE */
+
+int
+main ()
+{
+ char *data, *data2, *data3;
+ int i, pagesize;
+ int fd;
+
+ pagesize = getpagesize ();
+
+ /* First, make a file with some known garbage in it. */
+ data = (char *) malloc (pagesize);
+ if (!data)
+ exit (1);
+ for (i = 0; i < pagesize; ++i)
+ *(data + i) = rand ();
+ umask (0);
+ fd = creat ("conftest.mmap", 0600);
+ if (fd < 0)
+ exit (1);
+ if (write (fd, data, pagesize) != pagesize)
+ exit (1);
+ close (fd);
+
+ /* Next, try to mmap the file at a fixed address which already has
+ something else allocated at it. If we can, also make sure that
+ we see the same garbage. */
+ fd = open ("conftest.mmap", O_RDWR);
+ if (fd < 0)
+ exit (1);
+ data2 = (char *) malloc (2 * pagesize);
+ if (!data2)
+ exit (1);
+ data2 += (pagesize - ((int) data2 & (pagesize - 1))) & (pagesize - 1);
+ if (data2 != mmap (data2, pagesize, PROT_READ | PROT_WRITE,
+ MAP_PRIVATE | MAP_FIXED, fd, 0L))
+ exit (1);
+ for (i = 0; i < pagesize; ++i)
+ if (*(data + i) != *(data2 + i))
+ exit (1);
+
+ /* Finally, make sure that changes to the mapped area do not
+ percolate back to the file as seen by read(). (This is a bug on
+ some variants of i386 svr4.0.) */
+ for (i = 0; i < pagesize; ++i)
+ *(data2 + i) = *(data2 + i) + 1;
+ data3 = (char *) malloc (pagesize);
+ if (!data3)
+ exit (1);
+ if (read (fd, data3, pagesize) != pagesize)
+ exit (1);
+ for (i = 0; i < pagesize; ++i)
+ if (*(data + i) != *(data3 + i))
+ exit (1);
+ close (fd);
+ exit (0);
+}
+_ACEOF
+rm -f conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_func_mmap_fixed_mapped=yes
+else
+ echo "$as_me: program exited with status $ac_status" >&5
+echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+( exit $ac_status )
+ac_cv_func_mmap_fixed_mapped=no
+fi
+rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
+fi
+fi
+echo "$as_me:$LINENO: result: $ac_cv_func_mmap_fixed_mapped" >&5
+echo "${ECHO_T}$ac_cv_func_mmap_fixed_mapped" >&6
+if test $ac_cv_func_mmap_fixed_mapped = yes; then
+
+cat >>confdefs.h <<\_ACEOF
+#define HAVE_MMAP 1
+_ACEOF
+
+fi
+rm -f conftest.mmap
+
+
echo "$as_me:$LINENO: checking if realloc if broken" >&5
echo $ECHO_N "checking if realloc if broken... $ECHO_C" >&6
if test "${ac_cv_func_realloc_broken+set}" = set; then
@@ -10831,6 +13887,7 @@ fi
+
for ac_header in \
arpa/inet.h \
arpa/nameser.h \
@@ -10856,6 +13913,7 @@ for ac_header in \
shadow.h \
sys/bswap.h \
sys/ioctl.h \
+ sys/mman.h \
sys/param.h \
sys/proc.h \
sys/resource.h \
@@ -12287,6 +15345,209 @@ fi
+echo "$as_me:$LINENO: checking for res_nsearch" >&5
+echo $ECHO_N "checking for res_nsearch... $ECHO_C" >&6
+if test "${ac_cv_funclib_res_nsearch+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+
+if eval "test \"\$ac_cv_func_res_nsearch\" != yes" ; then
+ ac_save_LIBS="$LIBS"
+ for ac_lib in "" resolv; do
+ case "$ac_lib" in
+ "") ;;
+ yes) ac_lib="" ;;
+ no) continue ;;
+ -l*) ;;
+ *) ac_lib="-l$ac_lib" ;;
+ esac
+ LIBS=" $ac_lib $ac_save_LIBS"
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+
+#include <stdio.h>
+#ifdef HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+#ifdef HAVE_NETINET_IN_H
+#include <netinet/in.h>
+#endif
+#ifdef HAVE_ARPA_NAMESER_H
+#include <arpa/nameser.h>
+#endif
+#ifdef HAVE_RESOLV_H
+#include <resolv.h>
+#endif
+
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+res_nsearch(0,0,0,0,0)
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ eval "if test -n \"$ac_lib\";then ac_cv_funclib_res_nsearch=$ac_lib; else ac_cv_funclib_res_nsearch=yes; fi";break
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+fi
+rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
+ done
+ eval "ac_cv_funclib_res_nsearch=\${ac_cv_funclib_res_nsearch-no}"
+ LIBS="$ac_save_LIBS"
+fi
+
+fi
+
+
+eval "ac_res=\$ac_cv_funclib_res_nsearch"
+
+if false; then
+
+for ac_func in res_nsearch
+do
+as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
+echo "$as_me:$LINENO: checking for $ac_func" >&5
+echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
+if eval "test \"\${$as_ac_var+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+/* System header to define __stub macros and hopefully few prototypes,
+ which can conflict with char $ac_func (); below. */
+#include <assert.h>
+/* Override any gcc2 internal prototype to avoid an error. */
+#ifdef __cplusplus
+extern "C"
+#endif
+/* We use char because int might match the return type of a gcc2
+ builtin and then its argument prototype would still apply. */
+char $ac_func ();
+char (*f) ();
+
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+/* The GNU C library defines this for functions which it implements
+ to always fail with ENOSYS. Some functions are actually named
+ something starting with __ and the normal name is an alias. */
+#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
+choke me
+#else
+f = $ac_func;
+#endif
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ eval "$as_ac_var=yes"
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+eval "$as_ac_var=no"
+fi
+rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
+if test `eval echo '${'$as_ac_var'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+done
+
+fi
+# res_nsearch
+eval "ac_tr_func=HAVE_`echo res_nsearch | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`"
+eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`"
+eval "LIB_res_nsearch=$ac_res"
+
+case "$ac_res" in
+ yes)
+ eval "ac_cv_func_res_nsearch=yes"
+ eval "LIB_res_nsearch="
+ cat >>confdefs.h <<_ACEOF
+#define $ac_tr_func 1
+_ACEOF
+
+ echo "$as_me:$LINENO: result: yes" >&5
+echo "${ECHO_T}yes" >&6
+ ;;
+ no)
+ eval "ac_cv_func_res_nsearch=no"
+ eval "LIB_res_nsearch="
+ echo "$as_me:$LINENO: result: no" >&5
+echo "${ECHO_T}no" >&6
+ ;;
+ *)
+ eval "ac_cv_func_res_nsearch=yes"
+ eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
+ cat >>confdefs.h <<_ACEOF
+#define $ac_tr_func 1
+_ACEOF
+
+ cat >>confdefs.h <<_ACEOF
+#define $ac_tr_lib 1
+_ACEOF
+
+ echo "$as_me:$LINENO: result: yes, in $ac_res" >&5
+echo "${ECHO_T}yes, in $ac_res" >&6
+ ;;
+esac
+
+
+if test -n "$LIB_res_nsearch"; then
+ LIBS="$LIB_res_nsearch $LIBS"
+fi
+
+
+
+
+
+
echo "$as_me:$LINENO: checking for dn_expand" >&5
echo $ECHO_N "checking for dn_expand... $ECHO_C" >&6
if test "${ac_cv_funclib_dn_expand+set}" = set; then
@@ -13149,6 +16410,8 @@ fi
+
+
echo "$as_me:$LINENO: checking for getsockopt" >&5
echo $ECHO_N "checking for getsockopt... $ECHO_C" >&6
if test "${ac_cv_funclib_getsockopt+set}" = set; then
@@ -24478,1828 +27741,6 @@ LIB_roken="${LIB_roken} \$(LIB_crypt) \$(LIB_dbopen)"
LIB_roken="\$(top_builddir)/lib/vers/libvers.la $LIB_roken"
-
-# Check whether --with-openldap or --without-openldap was given.
-if test "${with_openldap+set}" = set; then
- withval="$with_openldap"
-
-fi;
-
-# Check whether --with-openldap-lib or --without-openldap-lib was given.
-if test "${with_openldap_lib+set}" = set; then
- withval="$with_openldap_lib"
- if test "$withval" = "yes" -o "$withval" = "no"; then
- { { echo "$as_me:$LINENO: error: No argument for --with-openldap-lib" >&5
-echo "$as_me: error: No argument for --with-openldap-lib" >&2;}
- { (exit 1); exit 1; }; }
-elif test "X$with_openldap" = "X"; then
- with_openldap=yes
-fi
-fi;
-
-# Check whether --with-openldap-include or --without-openldap-include was given.
-if test "${with_openldap_include+set}" = set; then
- withval="$with_openldap_include"
- if test "$withval" = "yes" -o "$withval" = "no"; then
- { { echo "$as_me:$LINENO: error: No argument for --with-openldap-include" >&5
-echo "$as_me: error: No argument for --with-openldap-include" >&2;}
- { (exit 1); exit 1; }; }
-elif test "X$with_openldap" = "X"; then
- with_openldap=yes
-fi
-fi;
-
-# Check whether --with-openldap-config or --without-openldap-config was given.
-if test "${with_openldap_config+set}" = set; then
- withval="$with_openldap_config"
-
-fi;
-
-
-
-echo "$as_me:$LINENO: checking for openldap" >&5
-echo $ECHO_N "checking for openldap... $ECHO_C" >&6
-
-case "$with_openldap" in
-yes|"") d='' ;;
-no) d= ;;
-*) d="$with_openldap" ;;
-esac
-
-header_dirs=
-lib_dirs=
-for i in $d; do
- if test "$with_openldap_include" = ""; then
- if test -d "$i/include/openldap"; then
- header_dirs="$header_dirs $i/include/openldap"
- fi
- if test -d "$i/include"; then
- header_dirs="$header_dirs $i/include"
- fi
- fi
- if test "$with_openldap_lib" = ""; then
- if test -d "$i/lib$abilibdirext"; then
- lib_dirs="$lib_dirs $i/lib$abilibdirext"
- fi
- fi
-done
-
-if test "$with_openldap_include"; then
- header_dirs="$with_openldap_include $header_dirs"
-fi
-if test "$with_openldap_lib"; then
- lib_dirs="$with_openldap_lib $lib_dirs"
-fi
-
-if test "$with_openldap_config" = ""; then
- with_openldap_config=''
-fi
-
-openldap_cflags=
-openldap_libs=
-
-case "$with_openldap_config" in
-yes|no|"")
- ;;
-*)
- openldap_cflags="`$with_openldap_config --cflags 2>&1`"
- openldap_libs="`$with_openldap_config --libs 2>&1`"
- ;;
-esac
-
-found=no
-if test "$with_openldap" != no; then
- save_CFLAGS="$CFLAGS"
- save_LIBS="$LIBS"
- if test "$openldap_cflags" -a "$openldap_libs"; then
- CFLAGS="$openldap_cflags $save_CFLAGS"
- LIBS="$openldap_libs $save_LIBS"
- cat >conftest.$ac_ext <<_ACEOF
-#line $LINENO "configure"
-#include "confdefs.h"
-#include <lber.h>
-#include <ldap.h>
-#ifdef F77_DUMMY_MAIN
-# ifdef __cplusplus
- extern "C"
-# endif
- int F77_DUMMY_MAIN() { return 1; }
-#endif
-int
-main ()
-{
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
-
- INCLUDE_openldap="$openldap_cflags"
- LIB_openldap="$openldap_libs"
- echo "$as_me:$LINENO: result: from $with_openldap_config" >&5
-echo "${ECHO_T}from $with_openldap_config" >&6
- found=yes
-else
- echo "$as_me: failed program was:" >&5
-cat conftest.$ac_ext >&5
-fi
-rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
- fi
- if test "$found" = no; then
- ires= lres=
- for i in $header_dirs; do
- CFLAGS="-I$i $save_CFLAGS"
- cat >conftest.$ac_ext <<_ACEOF
-#line $LINENO "configure"
-#include "confdefs.h"
-#include <lber.h>
-#include <ldap.h>
-#ifdef F77_DUMMY_MAIN
-# ifdef __cplusplus
- extern "C"
-# endif
- int F77_DUMMY_MAIN() { return 1; }
-#endif
-int
-main ()
-{
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ires=$i;break
-else
- echo "$as_me: failed program was:" >&5
-cat conftest.$ac_ext >&5
-fi
-rm -f conftest.$ac_objext conftest.$ac_ext
- done
- for i in $lib_dirs; do
- LIBS="-L$i -lldap -llber $save_LIBS"
- cat >conftest.$ac_ext <<_ACEOF
-#line $LINENO "configure"
-#include "confdefs.h"
-#include <lber.h>
-#include <ldap.h>
-#ifdef F77_DUMMY_MAIN
-# ifdef __cplusplus
- extern "C"
-# endif
- int F77_DUMMY_MAIN() { return 1; }
-#endif
-int
-main ()
-{
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- lres=$i;break
-else
- echo "$as_me: failed program was:" >&5
-cat conftest.$ac_ext >&5
-fi
-rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
- done
- if test "$ires" -a "$lres" -a "$with_openldap" != "no"; then
- INCLUDE_openldap="-I$ires"
- LIB_openldap="-L$lres -lldap -llber"
- found=yes
- echo "$as_me:$LINENO: result: headers $ires, libraries $lres" >&5
-echo "${ECHO_T}headers $ires, libraries $lres" >&6
- fi
- fi
- CFLAGS="$save_CFLAGS"
- LIBS="$save_LIBS"
-fi
-
-if test "$found" = yes; then
-
-cat >>confdefs.h <<_ACEOF
-#define OPENLDAP 1
-_ACEOF
-
- with_openldap=yes
-else
- with_openldap=no
- INCLUDE_openldap=
- LIB_openldap=
- echo "$as_me:$LINENO: result: no" >&5
-echo "${ECHO_T}no" >&6
-fi
-
-
-
-
-
-if test "$openldap_libdir"; then
- LIB_openldap="-R $openldap_libdir $LIB_openldap"
-fi
-
-
-
-# Check whether --with-krb4 or --without-krb4 was given.
-if test "${with_krb4+set}" = set; then
- withval="$with_krb4"
-
-fi;
-
-# Check whether --with-krb4-lib or --without-krb4-lib was given.
-if test "${with_krb4_lib+set}" = set; then
- withval="$with_krb4_lib"
- if test "$withval" = "yes" -o "$withval" = "no"; then
- { { echo "$as_me:$LINENO: error: No argument for --with-krb4-lib" >&5
-echo "$as_me: error: No argument for --with-krb4-lib" >&2;}
- { (exit 1); exit 1; }; }
-elif test "X$with_krb4" = "X"; then
- with_krb4=yes
-fi
-fi;
-
-# Check whether --with-krb4-include or --without-krb4-include was given.
-if test "${with_krb4_include+set}" = set; then
- withval="$with_krb4_include"
- if test "$withval" = "yes" -o "$withval" = "no"; then
- { { echo "$as_me:$LINENO: error: No argument for --with-krb4-include" >&5
-echo "$as_me: error: No argument for --with-krb4-include" >&2;}
- { (exit 1); exit 1; }; }
-elif test "X$with_krb4" = "X"; then
- with_krb4=yes
-fi
-fi;
-
-# Check whether --with-krb4-config or --without-krb4-config was given.
-if test "${with_krb4_config+set}" = set; then
- withval="$with_krb4_config"
-
-fi;
-
-
-
-echo "$as_me:$LINENO: checking for krb4" >&5
-echo $ECHO_N "checking for krb4... $ECHO_C" >&6
-
-case "$with_krb4" in
-yes|"") d='/usr/athena' ;;
-no) d= ;;
-*) d="$with_krb4" ;;
-esac
-
-header_dirs=
-lib_dirs=
-for i in $d; do
- if test "$with_krb4_include" = ""; then
- if test -d "$i/include/krb4"; then
- header_dirs="$header_dirs $i/include/krb4"
- fi
- if test -d "$i/include"; then
- header_dirs="$header_dirs $i/include"
- fi
- fi
- if test "$with_krb4_lib" = ""; then
- if test -d "$i/lib$abilibdirext"; then
- lib_dirs="$lib_dirs $i/lib$abilibdirext"
- fi
- fi
-done
-
-if test "$with_krb4_include"; then
- header_dirs="$with_krb4_include $header_dirs"
-fi
-if test "$with_krb4_lib"; then
- lib_dirs="$with_krb4_lib $lib_dirs"
-fi
-
-if test "$with_krb4_config" = ""; then
- with_krb4_config='krb4-config'
-fi
-
-krb4_cflags=
-krb4_libs=
-
-case "$with_krb4_config" in
-yes|no|"")
- ;;
-*)
- krb4_cflags="`$with_krb4_config --cflags 2>&1`"
- krb4_libs="`$with_krb4_config --libs 2>&1`"
- ;;
-esac
-
-found=no
-if test "$with_krb4" != no; then
- save_CFLAGS="$CFLAGS"
- save_LIBS="$LIBS"
- if test "$krb4_cflags" -a "$krb4_libs"; then
- CFLAGS="$krb4_cflags $save_CFLAGS"
- LIBS="$krb4_libs $save_LIBS"
- cat >conftest.$ac_ext <<_ACEOF
-#line $LINENO "configure"
-#include "confdefs.h"
-#include <krb.h>
-#ifdef F77_DUMMY_MAIN
-# ifdef __cplusplus
- extern "C"
-# endif
- int F77_DUMMY_MAIN() { return 1; }
-#endif
-int
-main ()
-{
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
-
- INCLUDE_krb4="$krb4_cflags"
- LIB_krb4="$krb4_libs"
- echo "$as_me:$LINENO: result: from $with_krb4_config" >&5
-echo "${ECHO_T}from $with_krb4_config" >&6
- found=yes
-else
- echo "$as_me: failed program was:" >&5
-cat conftest.$ac_ext >&5
-fi
-rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
- fi
- if test "$found" = no; then
- ires= lres=
- for i in $header_dirs; do
- CFLAGS="-I$i $save_CFLAGS"
- cat >conftest.$ac_ext <<_ACEOF
-#line $LINENO "configure"
-#include "confdefs.h"
-#include <krb.h>
-#ifdef F77_DUMMY_MAIN
-# ifdef __cplusplus
- extern "C"
-# endif
- int F77_DUMMY_MAIN() { return 1; }
-#endif
-int
-main ()
-{
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ires=$i;break
-else
- echo "$as_me: failed program was:" >&5
-cat conftest.$ac_ext >&5
-fi
-rm -f conftest.$ac_objext conftest.$ac_ext
- done
- for i in $lib_dirs; do
- LIBS="-L$i -lkrb -ldes $save_LIBS"
- cat >conftest.$ac_ext <<_ACEOF
-#line $LINENO "configure"
-#include "confdefs.h"
-#include <krb.h>
-#ifdef F77_DUMMY_MAIN
-# ifdef __cplusplus
- extern "C"
-# endif
- int F77_DUMMY_MAIN() { return 1; }
-#endif
-int
-main ()
-{
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- lres=$i;break
-else
- echo "$as_me: failed program was:" >&5
-cat conftest.$ac_ext >&5
-fi
-rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
- done
- if test "$ires" -a "$lres" -a "$with_krb4" != "no"; then
- INCLUDE_krb4="-I$ires"
- LIB_krb4="-L$lres -lkrb"
- found=yes
- echo "$as_me:$LINENO: result: headers $ires, libraries $lres" >&5
-echo "${ECHO_T}headers $ires, libraries $lres" >&6
- fi
- fi
- CFLAGS="$save_CFLAGS"
- LIBS="$save_LIBS"
-fi
-
-if test "$found" = yes; then
-
-cat >>confdefs.h <<_ACEOF
-#define KRB4 1
-_ACEOF
-
- with_krb4=yes
-else
- with_krb4=no
- INCLUDE_krb4=
- LIB_krb4=
- echo "$as_me:$LINENO: result: no" >&5
-echo "${ECHO_T}no" >&6
-fi
-
-
-
-
-
-LIB_kdb=
-if test "$with_krb4" != "no"; then
- save_CFLAGS="$CFLAGS"
- CFLAGS="$CFLAGS $INCLUDE_krb4"
- save_LIBS="$LIBS"
- LIBS="$LIB_krb4 $LIBS"
- EXTRA_LIB45=lib45.a
-
- echo "$as_me:$LINENO: checking for four valued krb_put_int" >&5
-echo $ECHO_N "checking for four valued krb_put_int... $ECHO_C" >&6
-if test "${ac_cv_func_krb_put_int_four+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- cat >conftest.$ac_ext <<_ACEOF
-#line $LINENO "configure"
-#include "confdefs.h"
-#include <krb.h>
-#ifdef F77_DUMMY_MAIN
-# ifdef __cplusplus
- extern "C"
-# endif
- int F77_DUMMY_MAIN() { return 1; }
-#endif
-int
-main ()
-{
-
- char tmp[4];
- krb_put_int(17, tmp, 4, sizeof(tmp));
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_func_krb_put_int_four=yes
-else
- echo "$as_me: failed program was:" >&5
-cat conftest.$ac_ext >&5
-ac_cv_func_krb_put_int_four=no
-fi
-rm -f conftest.$ac_objext conftest.$ac_ext
-
-fi
-echo "$as_me:$LINENO: result: $ac_cv_func_krb_put_int_four" >&5
-echo "${ECHO_T}$ac_cv_func_krb_put_int_four" >&6
- if test "$ac_cv_func_krb_put_int_four" = yes; then
-
-cat >>confdefs.h <<\_ACEOF
-#define HAVE_FOUR_VALUED_KRB_PUT_INT 1
-_ACEOF
-
- fi
-
-
- echo "$as_me:$LINENO: checking for KRB_VERIFY_SECURE" >&5
-echo $ECHO_N "checking for KRB_VERIFY_SECURE... $ECHO_C" >&6
-if test "${ac_cv_func_krb_verify_secure+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- cat >conftest.$ac_ext <<_ACEOF
-#line $LINENO "configure"
-#include "confdefs.h"
-#include <krb.h>
-#ifdef F77_DUMMY_MAIN
-# ifdef __cplusplus
- extern "C"
-# endif
- int F77_DUMMY_MAIN() { return 1; }
-#endif
-int
-main ()
-{
-
- int x = KRB_VERIFY_SECURE
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_func_krb_verify_secure=yes
-else
- echo "$as_me: failed program was:" >&5
-cat conftest.$ac_ext >&5
-ac_cv_func_krb_verify_secure=no
-fi
-rm -f conftest.$ac_objext conftest.$ac_ext
-
-fi
-echo "$as_me:$LINENO: result: $ac_cv_func_krb_verify_secure" >&5
-echo "${ECHO_T}$ac_cv_func_krb_verify_secure" >&6
- if test "$ac_cv_func_krb_verify_secure" != yes; then
-
-cat >>confdefs.h <<\_ACEOF
-#define KRB_VERIFY_SECURE 1
-_ACEOF
-
-
-cat >>confdefs.h <<\_ACEOF
-#define KRB_VERIFY_SECURE_FAIL 2
-_ACEOF
-
- fi
- echo "$as_me:$LINENO: checking for KRB_VERIFY_NOT_SECURE" >&5
-echo $ECHO_N "checking for KRB_VERIFY_NOT_SECURE... $ECHO_C" >&6
-if test "${ac_cv_func_krb_verify_not_secure+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- cat >conftest.$ac_ext <<_ACEOF
-#line $LINENO "configure"
-#include "confdefs.h"
-#include <krb.h>
-#ifdef F77_DUMMY_MAIN
-# ifdef __cplusplus
- extern "C"
-# endif
- int F77_DUMMY_MAIN() { return 1; }
-#endif
-int
-main ()
-{
-
- int x = KRB_VERIFY_NOT_SECURE
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_func_krb_verify_not_secure=yes
-else
- echo "$as_me: failed program was:" >&5
-cat conftest.$ac_ext >&5
-ac_cv_func_krb_verify_not_secure=no
-fi
-rm -f conftest.$ac_objext conftest.$ac_ext
-
-fi
-echo "$as_me:$LINENO: result: $ac_cv_func_krb_verify_not_secure" >&5
-echo "${ECHO_T}$ac_cv_func_krb_verify_not_secure" >&6
- if test "$ac_cv_func_krb_verify_not_secure" != yes; then
-
-cat >>confdefs.h <<\_ACEOF
-#define KRB_VERIFY_NOT_SECURE 0
-_ACEOF
-
- fi
-
-
-
-
-echo "$as_me:$LINENO: checking for krb_enable_debug" >&5
-echo $ECHO_N "checking for krb_enable_debug... $ECHO_C" >&6
-if test "${ac_cv_funclib_krb_enable_debug+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
-
-if eval "test \"\$ac_cv_func_krb_enable_debug\" != yes" ; then
- ac_save_LIBS="$LIBS"
- for ac_lib in "" ; do
- case "$ac_lib" in
- "") ;;
- yes) ac_lib="" ;;
- no) continue ;;
- -l*) ;;
- *) ac_lib="-l$ac_lib" ;;
- esac
- LIBS=" $ac_lib $ac_save_LIBS"
- cat >conftest.$ac_ext <<_ACEOF
-#line $LINENO "configure"
-#include "confdefs.h"
-
-#ifdef F77_DUMMY_MAIN
-# ifdef __cplusplus
- extern "C"
-# endif
- int F77_DUMMY_MAIN() { return 1; }
-#endif
-int
-main ()
-{
-krb_enable_debug()
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- eval "if test -n \"$ac_lib\";then ac_cv_funclib_krb_enable_debug=$ac_lib; else ac_cv_funclib_krb_enable_debug=yes; fi";break
-else
- echo "$as_me: failed program was:" >&5
-cat conftest.$ac_ext >&5
-fi
-rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
- done
- eval "ac_cv_funclib_krb_enable_debug=\${ac_cv_funclib_krb_enable_debug-no}"
- LIBS="$ac_save_LIBS"
-fi
-
-fi
-
-
-eval "ac_res=\$ac_cv_funclib_krb_enable_debug"
-
-if false; then
-
-for ac_func in krb_enable_debug
-do
-as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
-echo "$as_me:$LINENO: checking for $ac_func" >&5
-echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
-if eval "test \"\${$as_ac_var+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- cat >conftest.$ac_ext <<_ACEOF
-#line $LINENO "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
- which can conflict with char $ac_func (); below. */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error. */
-#ifdef __cplusplus
-extern "C"
-#endif
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
-char $ac_func ();
-char (*f) ();
-
-#ifdef F77_DUMMY_MAIN
-# ifdef __cplusplus
- extern "C"
-# endif
- int F77_DUMMY_MAIN() { return 1; }
-#endif
-int
-main ()
-{
-/* The GNU C library defines this for functions which it implements
- to always fail with ENOSYS. Some functions are actually named
- something starting with __ and the normal name is an alias. */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-f = $ac_func;
-#endif
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- eval "$as_ac_var=yes"
-else
- echo "$as_me: failed program was:" >&5
-cat conftest.$ac_ext >&5
-eval "$as_ac_var=no"
-fi
-rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
-if test `eval echo '${'$as_ac_var'}'` = yes; then
- cat >>confdefs.h <<_ACEOF
-#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-done
-
-fi
-# krb_enable_debug
-eval "ac_tr_func=HAVE_`echo krb_enable_debug | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`"
-eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`"
-eval "LIB_krb_enable_debug=$ac_res"
-
-case "$ac_res" in
- yes)
- eval "ac_cv_func_krb_enable_debug=yes"
- eval "LIB_krb_enable_debug="
- cat >>confdefs.h <<_ACEOF
-#define $ac_tr_func 1
-_ACEOF
-
- echo "$as_me:$LINENO: result: yes" >&5
-echo "${ECHO_T}yes" >&6
- ;;
- no)
- eval "ac_cv_func_krb_enable_debug=no"
- eval "LIB_krb_enable_debug="
- echo "$as_me:$LINENO: result: no" >&5
-echo "${ECHO_T}no" >&6
- ;;
- *)
- eval "ac_cv_func_krb_enable_debug=yes"
- eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
- cat >>confdefs.h <<_ACEOF
-#define $ac_tr_func 1
-_ACEOF
-
- cat >>confdefs.h <<_ACEOF
-#define $ac_tr_lib 1
-_ACEOF
-
- echo "$as_me:$LINENO: result: yes, in $ac_res" >&5
-echo "${ECHO_T}yes, in $ac_res" >&6
- ;;
-esac
-
-
-if test -n "$LIB_krb_enable_debug"; then
- LIBS="$LIB_krb_enable_debug $LIBS"
-fi
-
-
-
-
-
-echo "$as_me:$LINENO: checking for krb_disable_debug" >&5
-echo $ECHO_N "checking for krb_disable_debug... $ECHO_C" >&6
-if test "${ac_cv_funclib_krb_disable_debug+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
-
-if eval "test \"\$ac_cv_func_krb_disable_debug\" != yes" ; then
- ac_save_LIBS="$LIBS"
- for ac_lib in "" ; do
- case "$ac_lib" in
- "") ;;
- yes) ac_lib="" ;;
- no) continue ;;
- -l*) ;;
- *) ac_lib="-l$ac_lib" ;;
- esac
- LIBS=" $ac_lib $ac_save_LIBS"
- cat >conftest.$ac_ext <<_ACEOF
-#line $LINENO "configure"
-#include "confdefs.h"
-
-#ifdef F77_DUMMY_MAIN
-# ifdef __cplusplus
- extern "C"
-# endif
- int F77_DUMMY_MAIN() { return 1; }
-#endif
-int
-main ()
-{
-krb_disable_debug()
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- eval "if test -n \"$ac_lib\";then ac_cv_funclib_krb_disable_debug=$ac_lib; else ac_cv_funclib_krb_disable_debug=yes; fi";break
-else
- echo "$as_me: failed program was:" >&5
-cat conftest.$ac_ext >&5
-fi
-rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
- done
- eval "ac_cv_funclib_krb_disable_debug=\${ac_cv_funclib_krb_disable_debug-no}"
- LIBS="$ac_save_LIBS"
-fi
-
-fi
-
-
-eval "ac_res=\$ac_cv_funclib_krb_disable_debug"
-
-if false; then
-
-for ac_func in krb_disable_debug
-do
-as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
-echo "$as_me:$LINENO: checking for $ac_func" >&5
-echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
-if eval "test \"\${$as_ac_var+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- cat >conftest.$ac_ext <<_ACEOF
-#line $LINENO "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
- which can conflict with char $ac_func (); below. */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error. */
-#ifdef __cplusplus
-extern "C"
-#endif
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
-char $ac_func ();
-char (*f) ();
-
-#ifdef F77_DUMMY_MAIN
-# ifdef __cplusplus
- extern "C"
-# endif
- int F77_DUMMY_MAIN() { return 1; }
-#endif
-int
-main ()
-{
-/* The GNU C library defines this for functions which it implements
- to always fail with ENOSYS. Some functions are actually named
- something starting with __ and the normal name is an alias. */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-f = $ac_func;
-#endif
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- eval "$as_ac_var=yes"
-else
- echo "$as_me: failed program was:" >&5
-cat conftest.$ac_ext >&5
-eval "$as_ac_var=no"
-fi
-rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
-if test `eval echo '${'$as_ac_var'}'` = yes; then
- cat >>confdefs.h <<_ACEOF
-#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-done
-
-fi
-# krb_disable_debug
-eval "ac_tr_func=HAVE_`echo krb_disable_debug | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`"
-eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`"
-eval "LIB_krb_disable_debug=$ac_res"
-
-case "$ac_res" in
- yes)
- eval "ac_cv_func_krb_disable_debug=yes"
- eval "LIB_krb_disable_debug="
- cat >>confdefs.h <<_ACEOF
-#define $ac_tr_func 1
-_ACEOF
-
- echo "$as_me:$LINENO: result: yes" >&5
-echo "${ECHO_T}yes" >&6
- ;;
- no)
- eval "ac_cv_func_krb_disable_debug=no"
- eval "LIB_krb_disable_debug="
- echo "$as_me:$LINENO: result: no" >&5
-echo "${ECHO_T}no" >&6
- ;;
- *)
- eval "ac_cv_func_krb_disable_debug=yes"
- eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
- cat >>confdefs.h <<_ACEOF
-#define $ac_tr_func 1
-_ACEOF
-
- cat >>confdefs.h <<_ACEOF
-#define $ac_tr_lib 1
-_ACEOF
-
- echo "$as_me:$LINENO: result: yes, in $ac_res" >&5
-echo "${ECHO_T}yes, in $ac_res" >&6
- ;;
-esac
-
-
-if test -n "$LIB_krb_disable_debug"; then
- LIBS="$LIB_krb_disable_debug $LIBS"
-fi
-
-
-
-
-
-echo "$as_me:$LINENO: checking for krb_get_our_ip_for_realm" >&5
-echo $ECHO_N "checking for krb_get_our_ip_for_realm... $ECHO_C" >&6
-if test "${ac_cv_funclib_krb_get_our_ip_for_realm+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
-
-if eval "test \"\$ac_cv_func_krb_get_our_ip_for_realm\" != yes" ; then
- ac_save_LIBS="$LIBS"
- for ac_lib in "" ; do
- case "$ac_lib" in
- "") ;;
- yes) ac_lib="" ;;
- no) continue ;;
- -l*) ;;
- *) ac_lib="-l$ac_lib" ;;
- esac
- LIBS=" $ac_lib $ac_save_LIBS"
- cat >conftest.$ac_ext <<_ACEOF
-#line $LINENO "configure"
-#include "confdefs.h"
-
-#ifdef F77_DUMMY_MAIN
-# ifdef __cplusplus
- extern "C"
-# endif
- int F77_DUMMY_MAIN() { return 1; }
-#endif
-int
-main ()
-{
-krb_get_our_ip_for_realm()
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- eval "if test -n \"$ac_lib\";then ac_cv_funclib_krb_get_our_ip_for_realm=$ac_lib; else ac_cv_funclib_krb_get_our_ip_for_realm=yes; fi";break
-else
- echo "$as_me: failed program was:" >&5
-cat conftest.$ac_ext >&5
-fi
-rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
- done
- eval "ac_cv_funclib_krb_get_our_ip_for_realm=\${ac_cv_funclib_krb_get_our_ip_for_realm-no}"
- LIBS="$ac_save_LIBS"
-fi
-
-fi
-
-
-eval "ac_res=\$ac_cv_funclib_krb_get_our_ip_for_realm"
-
-if false; then
-
-for ac_func in krb_get_our_ip_for_realm
-do
-as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
-echo "$as_me:$LINENO: checking for $ac_func" >&5
-echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
-if eval "test \"\${$as_ac_var+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- cat >conftest.$ac_ext <<_ACEOF
-#line $LINENO "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
- which can conflict with char $ac_func (); below. */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error. */
-#ifdef __cplusplus
-extern "C"
-#endif
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
-char $ac_func ();
-char (*f) ();
-
-#ifdef F77_DUMMY_MAIN
-# ifdef __cplusplus
- extern "C"
-# endif
- int F77_DUMMY_MAIN() { return 1; }
-#endif
-int
-main ()
-{
-/* The GNU C library defines this for functions which it implements
- to always fail with ENOSYS. Some functions are actually named
- something starting with __ and the normal name is an alias. */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-f = $ac_func;
-#endif
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- eval "$as_ac_var=yes"
-else
- echo "$as_me: failed program was:" >&5
-cat conftest.$ac_ext >&5
-eval "$as_ac_var=no"
-fi
-rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
-if test `eval echo '${'$as_ac_var'}'` = yes; then
- cat >>confdefs.h <<_ACEOF
-#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-done
-
-fi
-# krb_get_our_ip_for_realm
-eval "ac_tr_func=HAVE_`echo krb_get_our_ip_for_realm | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`"
-eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`"
-eval "LIB_krb_get_our_ip_for_realm=$ac_res"
-
-case "$ac_res" in
- yes)
- eval "ac_cv_func_krb_get_our_ip_for_realm=yes"
- eval "LIB_krb_get_our_ip_for_realm="
- cat >>confdefs.h <<_ACEOF
-#define $ac_tr_func 1
-_ACEOF
-
- echo "$as_me:$LINENO: result: yes" >&5
-echo "${ECHO_T}yes" >&6
- ;;
- no)
- eval "ac_cv_func_krb_get_our_ip_for_realm=no"
- eval "LIB_krb_get_our_ip_for_realm="
- echo "$as_me:$LINENO: result: no" >&5
-echo "${ECHO_T}no" >&6
- ;;
- *)
- eval "ac_cv_func_krb_get_our_ip_for_realm=yes"
- eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
- cat >>confdefs.h <<_ACEOF
-#define $ac_tr_func 1
-_ACEOF
-
- cat >>confdefs.h <<_ACEOF
-#define $ac_tr_lib 1
-_ACEOF
-
- echo "$as_me:$LINENO: result: yes, in $ac_res" >&5
-echo "${ECHO_T}yes, in $ac_res" >&6
- ;;
-esac
-
-
-if test -n "$LIB_krb_get_our_ip_for_realm"; then
- LIBS="$LIB_krb_get_our_ip_for_realm $LIBS"
-fi
-
-
-
-
-
-echo "$as_me:$LINENO: checking for krb_kdctimeofday" >&5
-echo $ECHO_N "checking for krb_kdctimeofday... $ECHO_C" >&6
-if test "${ac_cv_funclib_krb_kdctimeofday+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
-
-if eval "test \"\$ac_cv_func_krb_kdctimeofday\" != yes" ; then
- ac_save_LIBS="$LIBS"
- for ac_lib in "" ; do
- case "$ac_lib" in
- "") ;;
- yes) ac_lib="" ;;
- no) continue ;;
- -l*) ;;
- *) ac_lib="-l$ac_lib" ;;
- esac
- LIBS=" $ac_lib $ac_save_LIBS"
- cat >conftest.$ac_ext <<_ACEOF
-#line $LINENO "configure"
-#include "confdefs.h"
-
-#ifdef F77_DUMMY_MAIN
-# ifdef __cplusplus
- extern "C"
-# endif
- int F77_DUMMY_MAIN() { return 1; }
-#endif
-int
-main ()
-{
-krb_kdctimeofday()
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- eval "if test -n \"$ac_lib\";then ac_cv_funclib_krb_kdctimeofday=$ac_lib; else ac_cv_funclib_krb_kdctimeofday=yes; fi";break
-else
- echo "$as_me: failed program was:" >&5
-cat conftest.$ac_ext >&5
-fi
-rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
- done
- eval "ac_cv_funclib_krb_kdctimeofday=\${ac_cv_funclib_krb_kdctimeofday-no}"
- LIBS="$ac_save_LIBS"
-fi
-
-fi
-
-
-eval "ac_res=\$ac_cv_funclib_krb_kdctimeofday"
-
-if false; then
-
-for ac_func in krb_kdctimeofday
-do
-as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
-echo "$as_me:$LINENO: checking for $ac_func" >&5
-echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
-if eval "test \"\${$as_ac_var+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- cat >conftest.$ac_ext <<_ACEOF
-#line $LINENO "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
- which can conflict with char $ac_func (); below. */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error. */
-#ifdef __cplusplus
-extern "C"
-#endif
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
-char $ac_func ();
-char (*f) ();
-
-#ifdef F77_DUMMY_MAIN
-# ifdef __cplusplus
- extern "C"
-# endif
- int F77_DUMMY_MAIN() { return 1; }
-#endif
-int
-main ()
-{
-/* The GNU C library defines this for functions which it implements
- to always fail with ENOSYS. Some functions are actually named
- something starting with __ and the normal name is an alias. */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-f = $ac_func;
-#endif
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- eval "$as_ac_var=yes"
-else
- echo "$as_me: failed program was:" >&5
-cat conftest.$ac_ext >&5
-eval "$as_ac_var=no"
-fi
-rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
-if test `eval echo '${'$as_ac_var'}'` = yes; then
- cat >>confdefs.h <<_ACEOF
-#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-done
-
-fi
-# krb_kdctimeofday
-eval "ac_tr_func=HAVE_`echo krb_kdctimeofday | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`"
-eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`"
-eval "LIB_krb_kdctimeofday=$ac_res"
-
-case "$ac_res" in
- yes)
- eval "ac_cv_func_krb_kdctimeofday=yes"
- eval "LIB_krb_kdctimeofday="
- cat >>confdefs.h <<_ACEOF
-#define $ac_tr_func 1
-_ACEOF
-
- echo "$as_me:$LINENO: result: yes" >&5
-echo "${ECHO_T}yes" >&6
- ;;
- no)
- eval "ac_cv_func_krb_kdctimeofday=no"
- eval "LIB_krb_kdctimeofday="
- echo "$as_me:$LINENO: result: no" >&5
-echo "${ECHO_T}no" >&6
- ;;
- *)
- eval "ac_cv_func_krb_kdctimeofday=yes"
- eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
- cat >>confdefs.h <<_ACEOF
-#define $ac_tr_func 1
-_ACEOF
-
- cat >>confdefs.h <<_ACEOF
-#define $ac_tr_lib 1
-_ACEOF
-
- echo "$as_me:$LINENO: result: yes, in $ac_res" >&5
-echo "${ECHO_T}yes, in $ac_res" >&6
- ;;
-esac
-
-
-if test -n "$LIB_krb_kdctimeofday"; then
- LIBS="$LIB_krb_kdctimeofday $LIBS"
-fi
-
-
-
-
-
-
-
-echo "$as_me:$LINENO: checking for krb_get_kdc_time_diff" >&5
-echo $ECHO_N "checking for krb_get_kdc_time_diff... $ECHO_C" >&6
-if test "${ac_cv_funclib_krb_get_kdc_time_diff+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
-
-if eval "test \"\$ac_cv_func_krb_get_kdc_time_diff\" != yes" ; then
- ac_save_LIBS="$LIBS"
- for ac_lib in "" ; do
- case "$ac_lib" in
- "") ;;
- yes) ac_lib="" ;;
- no) continue ;;
- -l*) ;;
- *) ac_lib="-l$ac_lib" ;;
- esac
- LIBS=" $ac_lib $ac_save_LIBS"
- cat >conftest.$ac_ext <<_ACEOF
-#line $LINENO "configure"
-#include "confdefs.h"
-
-#ifdef F77_DUMMY_MAIN
-# ifdef __cplusplus
- extern "C"
-# endif
- int F77_DUMMY_MAIN() { return 1; }
-#endif
-int
-main ()
-{
-krb_get_kdc_time_diff()
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- eval "if test -n \"$ac_lib\";then ac_cv_funclib_krb_get_kdc_time_diff=$ac_lib; else ac_cv_funclib_krb_get_kdc_time_diff=yes; fi";break
-else
- echo "$as_me: failed program was:" >&5
-cat conftest.$ac_ext >&5
-fi
-rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
- done
- eval "ac_cv_funclib_krb_get_kdc_time_diff=\${ac_cv_funclib_krb_get_kdc_time_diff-no}"
- LIBS="$ac_save_LIBS"
-fi
-
-fi
-
-
-eval "ac_res=\$ac_cv_funclib_krb_get_kdc_time_diff"
-
-if false; then
-
-for ac_func in krb_get_kdc_time_diff
-do
-as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
-echo "$as_me:$LINENO: checking for $ac_func" >&5
-echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
-if eval "test \"\${$as_ac_var+set}\" = set"; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- cat >conftest.$ac_ext <<_ACEOF
-#line $LINENO "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
- which can conflict with char $ac_func (); below. */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error. */
-#ifdef __cplusplus
-extern "C"
-#endif
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
-char $ac_func ();
-char (*f) ();
-
-#ifdef F77_DUMMY_MAIN
-# ifdef __cplusplus
- extern "C"
-# endif
- int F77_DUMMY_MAIN() { return 1; }
-#endif
-int
-main ()
-{
-/* The GNU C library defines this for functions which it implements
- to always fail with ENOSYS. Some functions are actually named
- something starting with __ and the normal name is an alias. */
-#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
-choke me
-#else
-f = $ac_func;
-#endif
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- eval "$as_ac_var=yes"
-else
- echo "$as_me: failed program was:" >&5
-cat conftest.$ac_ext >&5
-eval "$as_ac_var=no"
-fi
-rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
-fi
-echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5
-echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
-if test `eval echo '${'$as_ac_var'}'` = yes; then
- cat >>confdefs.h <<_ACEOF
-#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-done
-
-fi
-# krb_get_kdc_time_diff
-eval "ac_tr_func=HAVE_`echo krb_get_kdc_time_diff | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`"
-eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`"
-eval "LIB_krb_get_kdc_time_diff=$ac_res"
-
-case "$ac_res" in
- yes)
- eval "ac_cv_func_krb_get_kdc_time_diff=yes"
- eval "LIB_krb_get_kdc_time_diff="
- cat >>confdefs.h <<_ACEOF
-#define $ac_tr_func 1
-_ACEOF
-
- echo "$as_me:$LINENO: result: yes" >&5
-echo "${ECHO_T}yes" >&6
- ;;
- no)
- eval "ac_cv_func_krb_get_kdc_time_diff=no"
- eval "LIB_krb_get_kdc_time_diff="
- echo "$as_me:$LINENO: result: no" >&5
-echo "${ECHO_T}no" >&6
- ;;
- *)
- eval "ac_cv_func_krb_get_kdc_time_diff=yes"
- eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes"
- cat >>confdefs.h <<_ACEOF
-#define $ac_tr_func 1
-_ACEOF
-
- cat >>confdefs.h <<_ACEOF
-#define $ac_tr_lib 1
-_ACEOF
-
- echo "$as_me:$LINENO: result: yes, in $ac_res" >&5
-echo "${ECHO_T}yes, in $ac_res" >&6
- ;;
-esac
-
-
-if test -n "$LIB_krb_get_kdc_time_diff"; then
- LIBS="$LIB_krb_get_kdc_time_diff $LIBS"
-fi
-
-
-
- echo "$as_me:$LINENO: checking for KRB_SENDAUTH_VERS" >&5
-echo $ECHO_N "checking for KRB_SENDAUTH_VERS... $ECHO_C" >&6
-if test "${ac_cv_func_krb_sendauth_vers+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- cat >conftest.$ac_ext <<_ACEOF
-#line $LINENO "configure"
-#include "confdefs.h"
-#include <krb.h>
- #include <prot.h>
-#ifdef F77_DUMMY_MAIN
-# ifdef __cplusplus
- extern "C"
-# endif
- int F77_DUMMY_MAIN() { return 1; }
-#endif
-int
-main ()
-{
-
- char *x = KRB_SENDAUTH_VERS
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_func_krb_sendauth_vers=yes
-else
- echo "$as_me: failed program was:" >&5
-cat conftest.$ac_ext >&5
-ac_cv_func_krb_sendauth_vers=no
-fi
-rm -f conftest.$ac_objext conftest.$ac_ext
-
-fi
-echo "$as_me:$LINENO: result: $ac_cv_func_krb_sendauth_vers" >&5
-echo "${ECHO_T}$ac_cv_func_krb_sendauth_vers" >&6
- if test "$ac_cv_func_krb_sendauth_vers" != yes; then
-
-cat >>confdefs.h <<\_ACEOF
-#define KRB_SENDAUTH_VERS "AUTHV0.1"
-_ACEOF
-
- fi
- echo "$as_me:$LINENO: checking for krb_mk_req with const arguments" >&5
-echo $ECHO_N "checking for krb_mk_req with const arguments... $ECHO_C" >&6
-if test "${ac_cv_func_krb_mk_req_const+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- cat >conftest.$ac_ext <<_ACEOF
-#line $LINENO "configure"
-#include "confdefs.h"
-#include <krb.h>
- int krb_mk_req(KTEXT a, const char *s, const char *i,
- const char *r, int32_t checksum)
- { return 17; }
-#ifdef F77_DUMMY_MAIN
-# ifdef __cplusplus
- extern "C"
-# endif
- int F77_DUMMY_MAIN() { return 1; }
-#endif
-int
-main ()
-{
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_func_krb_mk_req_const=yes
-else
- echo "$as_me: failed program was:" >&5
-cat conftest.$ac_ext >&5
-ac_cv_func_krb_mk_req_const=no
-fi
-rm -f conftest.$ac_objext conftest.$ac_ext
-
-fi
-echo "$as_me:$LINENO: result: $ac_cv_func_krb_mk_req_const" >&5
-echo "${ECHO_T}$ac_cv_func_krb_mk_req_const" >&6
- if test "$ac_cv_func_krb_mk_req_const" = "yes"; then
-
-cat >>confdefs.h <<\_ACEOF
-#define KRB_MK_REQ_CONST 1
-_ACEOF
-
- fi
-
- LIBS="$save_LIBS"
- CFLAGS="$save_CFLAGS"
- LIB_kdb="-lkdb -lkrb"
- if test "$krb4_libdir"; then
- LIB_krb4="-R $krb4_libdir $LIB_krb4"
- LIB_kdb="-R $krb4_libdir -L$krb4_libdir $LIB_kdb"
- fi
-fi
-
-
-if test "$with_krb4" != "no"; then
- KRB4_TRUE=
- KRB4_FALSE='#'
-else
- KRB4_TRUE='#'
- KRB4_FALSE=
-fi
-
-
-
-if true; then
- KRB5_TRUE=
- KRB5_FALSE='#'
-else
- KRB5_TRUE='#'
- KRB5_FALSE=
-fi
-
-
-
-if true; then
- do_roken_rename_TRUE=
- do_roken_rename_FALSE='#'
-else
- do_roken_rename_TRUE='#'
- do_roken_rename_FALSE=
-fi
-
-
-
-cat >>confdefs.h <<\_ACEOF
-#define KRB5 1
-_ACEOF
-
-# Check whether --enable-dce or --disable-dce was given.
-if test "${enable_dce+set}" = set; then
- enableval="$enable_dce"
-
-fi;
-if test "$enable_dce" = yes; then
-
-cat >>confdefs.h <<\_ACEOF
-#define DCE 1
-_ACEOF
-
-fi
-
-
-if test "$enable_dce" = yes; then
- DCE_TRUE=
- DCE_FALSE='#'
-else
- DCE_TRUE='#'
- DCE_FALSE=
-fi
-
-
-## XXX quite horrible:
-if test -f /etc/ibmcxx.cfg; then
- dpagaix_ldadd=`sed -n '/^xlc_r4/,/^$/p' /etc/ibmcxx.cfg | sed -n -e '/libraries/{;s/^[^=]*=\(.*\)/\1/;s/,/ /gp;}'`
- dpagaix_cflags=`sed -n '/^xlc_r4/,/^$/p' /etc/ibmcxx.cfg | sed -n -e '/options/{;s/^[^=]*=\(.*\)/\1/;s/-q^,*//;s/,/ /gp;}'`
- dpagaix_ldflags=
-else
- dpagaix_cflags="-D_THREAD_SAFE -D_AIX_PTHREADS_D7 -D_AIX32_THREADS=1 -D_AES_SOURCE -D_AIX41 -I/usr/include/dce"
- dpagaix_ldadd="-L/usr/lib/threads -ldcelibc_r -ldcepthreads -lpthreads_compat lpthreads -lc_r"
- dpagaix_ldflags="-Wl,-bI:dfspag.exp"
-fi
-
-
-
-
-
# Check whether --enable-otp or --disable-otp was given.
if test "${enable_otp+set}" = set; then
enableval="$enable_otp"
@@ -26359,6 +27800,19 @@ fi
+# Check whether --enable-mmap or --disable-mmap was given.
+if test "${enable_mmap+set}" = set; then
+ enableval="$enable_mmap"
+
+fi;
+if test "$enable_mmap" = "no"; then
+
+cat >>confdefs.h <<\_ACEOF
+#define NO_MMAP 1
+_ACEOF
+
+fi
+
# Extract the first word of "nroff", so it can be a program name with args.
set dummy nroff; ac_word=$2
echo "$as_me:$LINENO: checking for $ac_word" >&5
@@ -26736,7 +28190,7 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
done
if test "$ires" -a "$lres" -a "$with_readline" != "no"; then
INCLUDE_readline="-I$ires"
- LIB_readline="-L$lres -lreadline"
+ LIB_readline="-L$lres -lreadline "
found=yes
echo "$as_me:$LINENO: result: headers $ires, libraries $lres" >&5
echo "${ECHO_T}headers $ires, libraries $lres" >&6
@@ -26986,7 +28440,7 @@ rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
done
if test "$ires" -a "$lres" -a "$with_hesiod" != "no"; then
INCLUDE_hesiod="-I$ires"
- LIB_hesiod="-L$lres -lhesiod"
+ LIB_hesiod="-L$lres -lhesiod "
found=yes
echo "$as_me:$LINENO: result: headers $ires, libraries $lres" >&5
echo "${ECHO_T}headers $ires, libraries $lres" >&6
@@ -30268,6 +31722,8 @@ fi
+
+
for ac_header in \
arpa/ftp.h \
arpa/telnet.h \
@@ -30281,6 +31737,7 @@ for ac_header in \
libutil.h \
limits.h \
maillock.h \
+ netgroup.h \
netinet/in6_machtypes.h \
netinfo/ni.h \
pthread.h \
@@ -30296,6 +31753,7 @@ for ac_header in \
sys/file.h \
sys/filio.h \
sys/ioccom.h \
+ sys/mman.h \
sys/pty.h \
sys/ptyio.h \
sys/ptyvar.h \
@@ -31315,6 +32773,369 @@ done
+for ac_header in stdlib.h unistd.h
+do
+as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+else
+ # Is the header compilable?
+echo "$as_me:$LINENO: checking $ac_header usability" >&5
+echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+$ac_includes_default
+#include <$ac_header>
+_ACEOF
+rm -f conftest.$ac_objext
+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
+ (eval $ac_compile) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest.$ac_objext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_header_compiler=yes
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+ac_header_compiler=no
+fi
+rm -f conftest.$ac_objext conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
+echo "${ECHO_T}$ac_header_compiler" >&6
+
+# Is the header present?
+echo "$as_me:$LINENO: checking $ac_header presence" >&5
+echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6
+cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+#include <$ac_header>
+_ACEOF
+if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5
+ (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1
+ ac_status=$?
+ egrep -v '^ *\+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } >/dev/null; then
+ if test -s conftest.err; then
+ ac_cpp_err=$ac_c_preproc_warn_flag
+ else
+ ac_cpp_err=
+ fi
+else
+ ac_cpp_err=yes
+fi
+if test -z "$ac_cpp_err"; then
+ ac_header_preproc=yes
+else
+ echo "$as_me: failed program was:" >&5
+ cat conftest.$ac_ext >&5
+ ac_header_preproc=no
+fi
+rm -f conftest.err conftest.$ac_ext
+echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
+echo "${ECHO_T}$ac_header_preproc" >&6
+
+# So? What about this header?
+case $ac_header_compiler:$ac_header_preproc in
+ yes:no )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
+echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};;
+ no:yes )
+ { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
+echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
+echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
+echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;};;
+esac
+echo "$as_me:$LINENO: checking for $ac_header" >&5
+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6
+if eval "test \"\${$as_ac_Header+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ eval "$as_ac_Header=$ac_header_preproc"
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6
+
+fi
+if test `eval echo '${'$as_ac_Header'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+
+done
+
+
+for ac_func in getpagesize
+do
+as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
+echo "$as_me:$LINENO: checking for $ac_func" >&5
+echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
+if eval "test \"\${$as_ac_var+set}\" = set"; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+/* System header to define __stub macros and hopefully few prototypes,
+ which can conflict with char $ac_func (); below. */
+#include <assert.h>
+/* Override any gcc2 internal prototype to avoid an error. */
+#ifdef __cplusplus
+extern "C"
+#endif
+/* We use char because int might match the return type of a gcc2
+ builtin and then its argument prototype would still apply. */
+char $ac_func ();
+char (*f) ();
+
+#ifdef F77_DUMMY_MAIN
+# ifdef __cplusplus
+ extern "C"
+# endif
+ int F77_DUMMY_MAIN() { return 1; }
+#endif
+int
+main ()
+{
+/* The GNU C library defines this for functions which it implements
+ to always fail with ENOSYS. Some functions are actually named
+ something starting with __ and the normal name is an alias. */
+#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
+choke me
+#else
+f = $ac_func;
+#endif
+
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ eval "$as_ac_var=yes"
+else
+ echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+eval "$as_ac_var=no"
+fi
+rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
+fi
+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5
+echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
+if test `eval echo '${'$as_ac_var'}'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+done
+
+echo "$as_me:$LINENO: checking for working mmap" >&5
+echo $ECHO_N "checking for working mmap... $ECHO_C" >&6
+if test "${ac_cv_func_mmap_fixed_mapped+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ if test "$cross_compiling" = yes; then
+ ac_cv_func_mmap_fixed_mapped=no
+else
+ cat >conftest.$ac_ext <<_ACEOF
+#line $LINENO "configure"
+#include "confdefs.h"
+$ac_includes_default
+/* malloc might have been renamed as rpl_malloc. */
+#undef malloc
+
+/* Thanks to Mike Haertel and Jim Avera for this test.
+ Here is a matrix of mmap possibilities:
+ mmap private not fixed
+ mmap private fixed at somewhere currently unmapped
+ mmap private fixed at somewhere already mapped
+ mmap shared not fixed
+ mmap shared fixed at somewhere currently unmapped
+ mmap shared fixed at somewhere already mapped
+ For private mappings, we should verify that changes cannot be read()
+ back from the file, nor mmap's back from the file at a different
+ address. (There have been systems where private was not correctly
+ implemented like the infamous i386 svr4.0, and systems where the
+ VM page cache was not coherent with the file system buffer cache
+ like early versions of FreeBSD and possibly contemporary NetBSD.)
+ For shared mappings, we should conversely verify that changes get
+ propagated back to all the places they're supposed to be.
+
+ Grep wants private fixed already mapped.
+ The main things grep needs to know about mmap are:
+ * does it exist and is it safe to write into the mmap'd area
+ * how to use it (BSD variants) */
+
+#include <fcntl.h>
+#include <sys/mman.h>
+
+#if !STDC_HEADERS && !HAVE_STDLIB_H
+char *malloc ();
+#endif
+
+/* This mess was copied from the GNU getpagesize.h. */
+#if !HAVE_GETPAGESIZE
+/* Assume that all systems that can run configure have sys/param.h. */
+# if !HAVE_SYS_PARAM_H
+# define HAVE_SYS_PARAM_H 1
+# endif
+
+# ifdef _SC_PAGESIZE
+# define getpagesize() sysconf(_SC_PAGESIZE)
+# else /* no _SC_PAGESIZE */
+# if HAVE_SYS_PARAM_H
+# include <sys/param.h>
+# ifdef EXEC_PAGESIZE
+# define getpagesize() EXEC_PAGESIZE
+# else /* no EXEC_PAGESIZE */
+# ifdef NBPG
+# define getpagesize() NBPG * CLSIZE
+# ifndef CLSIZE
+# define CLSIZE 1
+# endif /* no CLSIZE */
+# else /* no NBPG */
+# ifdef NBPC
+# define getpagesize() NBPC
+# else /* no NBPC */
+# ifdef PAGESIZE
+# define getpagesize() PAGESIZE
+# endif /* PAGESIZE */
+# endif /* no NBPC */
+# endif /* no NBPG */
+# endif /* no EXEC_PAGESIZE */
+# else /* no HAVE_SYS_PARAM_H */
+# define getpagesize() 8192 /* punt totally */
+# endif /* no HAVE_SYS_PARAM_H */
+# endif /* no _SC_PAGESIZE */
+
+#endif /* no HAVE_GETPAGESIZE */
+
+int
+main ()
+{
+ char *data, *data2, *data3;
+ int i, pagesize;
+ int fd;
+
+ pagesize = getpagesize ();
+
+ /* First, make a file with some known garbage in it. */
+ data = (char *) malloc (pagesize);
+ if (!data)
+ exit (1);
+ for (i = 0; i < pagesize; ++i)
+ *(data + i) = rand ();
+ umask (0);
+ fd = creat ("conftest.mmap", 0600);
+ if (fd < 0)
+ exit (1);
+ if (write (fd, data, pagesize) != pagesize)
+ exit (1);
+ close (fd);
+
+ /* Next, try to mmap the file at a fixed address which already has
+ something else allocated at it. If we can, also make sure that
+ we see the same garbage. */
+ fd = open ("conftest.mmap", O_RDWR);
+ if (fd < 0)
+ exit (1);
+ data2 = (char *) malloc (2 * pagesize);
+ if (!data2)
+ exit (1);
+ data2 += (pagesize - ((int) data2 & (pagesize - 1))) & (pagesize - 1);
+ if (data2 != mmap (data2, pagesize, PROT_READ | PROT_WRITE,
+ MAP_PRIVATE | MAP_FIXED, fd, 0L))
+ exit (1);
+ for (i = 0; i < pagesize; ++i)
+ if (*(data + i) != *(data2 + i))
+ exit (1);
+
+ /* Finally, make sure that changes to the mapped area do not
+ percolate back to the file as seen by read(). (This is a bug on
+ some variants of i386 svr4.0.) */
+ for (i = 0; i < pagesize; ++i)
+ *(data2 + i) = *(data2 + i) + 1;
+ data3 = (char *) malloc (pagesize);
+ if (!data3)
+ exit (1);
+ if (read (fd, data3, pagesize) != pagesize)
+ exit (1);
+ for (i = 0; i < pagesize; ++i)
+ if (*(data + i) != *(data3 + i))
+ exit (1);
+ close (fd);
+ exit (0);
+}
+_ACEOF
+rm -f conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_func_mmap_fixed_mapped=yes
+else
+ echo "$as_me: program exited with status $ac_status" >&5
+echo "$as_me: failed program was:" >&5
+cat conftest.$ac_ext >&5
+( exit $ac_status )
+ac_cv_func_mmap_fixed_mapped=no
+fi
+rm -f core core.* *.core conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
+fi
+fi
+echo "$as_me:$LINENO: result: $ac_cv_func_mmap_fixed_mapped" >&5
+echo "${ECHO_T}$ac_cv_func_mmap_fixed_mapped" >&6
+if test $ac_cv_func_mmap_fixed_mapped = yes; then
+
+cat >>confdefs.h <<\_ACEOF
+#define HAVE_MMAP 1
+_ACEOF
+
+fi
+rm -f conftest.mmap
+
+
+
+
for ac_header in capability.h sys/capability.h
@@ -33184,434 +35005,6 @@ fi
-crypto_lib=unknown
-
-
-# Check whether --with-openssl or --without-openssl was given.
-if test "${with_openssl+set}" = set; then
- withval="$with_openssl"
-
-fi;
-
-
-# Check whether --with-openssl-lib or --without-openssl-lib was given.
-if test "${with_openssl_lib+set}" = set; then
- withval="$with_openssl_lib"
- if test "$withval" = "yes" -o "$withval" = "no"; then
- { { echo "$as_me:$LINENO: error: No argument for --with-openssl-lib" >&5
-echo "$as_me: error: No argument for --with-openssl-lib" >&2;}
- { (exit 1); exit 1; }; }
-elif test "X$with_openssl" = "X"; then
- with_openssl=yes
-fi
-fi;
-
-
-# Check whether --with-openssl-include or --without-openssl-include was given.
-if test "${with_openssl_include+set}" = set; then
- withval="$with_openssl_include"
- if test "$withval" = "yes" -o "$withval" = "no"; then
- { { echo "$as_me:$LINENO: error: No argument for --with-openssl-include" >&5
-echo "$as_me: error: No argument for --with-openssl-include" >&2;}
- { (exit 1); exit 1; }; }
-elif test "X$with_openssl" = "X"; then
- with_openssl=yes
-fi
-fi;
-
-case "$with_openssl" in
-yes) ;;
-no) ;;
-"") ;;
-*) if test "$with_openssl_include" = ""; then
- with_openssl_include="$with_openssl/include"
- fi
- if test "$with_openssl_lib" = ""; then
- with_openssl_lib="$with_openssl/lib$abilibdirext"
- fi
- ;;
-esac
-
-
-DIR_des=
-
-echo "$as_me:$LINENO: checking for crypto library" >&5
-echo $ECHO_N "checking for crypto library... $ECHO_C" >&6
-
-openssl=no
-if test "$crypto_lib" = "unknown" -a "$with_openssl" != "no"; then
-
- save_CPPFLAGS="$CPPFLAGS"
- save_LIBS="$LIBS"
- INCLUDE_des=
- LIB_des=
- if test "$with_openssl_include" != ""; then
- INCLUDE_des="-I${with_openssl}/include"
- fi
- if test "$with_openssl_lib" != ""; then
- LIB_des="-L${with_openssl}/lib"
- fi
- CPPFLAGS="${INCLUDE_des} ${CPPFLAGS}"
- LIB_des="${LIB_des} -lcrypto"
- LIB_des_a="$LIB_des"
- LIB_des_so="$LIB_des"
- LIB_des_appl="$LIB_des"
- LIBS="${LIBS} ${LIB_des}"
- cat >conftest.$ac_ext <<_ACEOF
-#line $LINENO "configure"
-#include "confdefs.h"
-
- #include <openssl/md4.h>
- #include <openssl/md5.h>
- #include <openssl/sha.h>
- #include <openssl/des.h>
- #include <openssl/rc4.h>
-
-#ifdef F77_DUMMY_MAIN
-# ifdef __cplusplus
- extern "C"
-# endif
- int F77_DUMMY_MAIN() { return 1; }
-#endif
-int
-main ()
-{
-
- void *schedule = 0;
- MD4_CTX md4;
- MD5_CTX md5;
- SHA_CTX sha1;
-
- MD4_Init(&md4);
- MD5_Init(&md5);
- SHA1_Init(&sha1);
-
- des_cbc_encrypt(0, 0, 0, schedule, 0, 0);
- RC4(0, 0, 0, 0);
-
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
-
- crypto_lib=libcrypto openssl=yes
- echo "$as_me:$LINENO: result: libcrypto" >&5
-echo "${ECHO_T}libcrypto" >&6
-else
- echo "$as_me: failed program was:" >&5
-cat conftest.$ac_ext >&5
-fi
-rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
- CPPFLAGS="$save_CPPFLAGS"
- LIBS="$save_LIBS"
-fi
-
-if test "$crypto_lib" = "unknown" -a "$with_krb4" != "no"; then
- save_CPPFLAGS="$CPPFLAGS"
- save_LIBS="$LIBS"
-
- cdirs= clibs=
- for i in $LIB_krb4; do
- case "$i" in
- -L*) cdirs="$cdirs $i";;
- -l*) clibs="$clibs $i";;
- esac
- done
-
- ires=
- for i in $INCLUDE_krb4; do
- CFLAGS="$i $save_CFLAGS"
- cat >conftest.$ac_ext <<_ACEOF
-#line $LINENO "configure"
-#include "confdefs.h"
-
- #undef KRB5 /* makes md4.h et al unhappy */
- #define KRB4
- #include <openssl/md4.h>
- #include <openssl/md5.h>
- #include <openssl/sha.h>
- #include <openssl/des.h>
- #include <openssl/rc4.h>
-
-#ifdef F77_DUMMY_MAIN
-# ifdef __cplusplus
- extern "C"
-# endif
- int F77_DUMMY_MAIN() { return 1; }
-#endif
-int
-main ()
-{
-
- MD4_CTX md4;
- MD5_CTX md5;
- SHA_CTX sha1;
-
- MD4_Init(&md4);
- MD5_Init(&md5);
- SHA1_Init(&sha1);
-
- des_cbc_encrypt(0, 0, 0, 0, 0, 0);
- RC4(0, 0, 0, 0);
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- openssl=yes ires="$i"; break
-else
- echo "$as_me: failed program was:" >&5
-cat conftest.$ac_ext >&5
-fi
-rm -f conftest.$ac_objext conftest.$ac_ext
- cat >conftest.$ac_ext <<_ACEOF
-#line $LINENO "configure"
-#include "confdefs.h"
-
- #undef KRB5 /* makes md4.h et al unhappy */
- #define KRB4
- #include <md4.h>
- #include <md5.h>
- #include <sha.h>
- #include <des.h>
- #include <rc4.h>
-
-#ifdef F77_DUMMY_MAIN
-# ifdef __cplusplus
- extern "C"
-# endif
- int F77_DUMMY_MAIN() { return 1; }
-#endif
-int
-main ()
-{
-
- MD4_CTX md4;
- MD5_CTX md5;
- SHA_CTX sha1;
-
- MD4_Init(&md4);
- MD5_Init(&md5);
- SHA1_Init(&sha1);
-
- des_cbc_encrypt(0, 0, 0, 0, 0, 0);
- RC4(0, 0, 0, 0);
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext
-if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
- (eval $ac_compile) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -s conftest.$ac_objext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ires="$i"; break
-else
- echo "$as_me: failed program was:" >&5
-cat conftest.$ac_ext >&5
-fi
-rm -f conftest.$ac_objext conftest.$ac_ext
- done
- lres=
- for i in $cdirs; do
- for j in $clibs; do
- LIBS="$i $j $save_LIBS"
- if test "$openssl" = yes; then
- cat >conftest.$ac_ext <<_ACEOF
-#line $LINENO "configure"
-#include "confdefs.h"
-
- #undef KRB5 /* makes md4.h et al unhappy */
- #define KRB4
- #include <openssl/md4.h>
- #include <openssl/md5.h>
- #include <openssl/sha.h>
- #include <openssl/des.h>
- #include <openssl/rc4.h>
-
-#ifdef F77_DUMMY_MAIN
-# ifdef __cplusplus
- extern "C"
-# endif
- int F77_DUMMY_MAIN() { return 1; }
-#endif
-int
-main ()
-{
-
- MD4_CTX md4;
- MD5_CTX md5;
- SHA_CTX sha1;
-
- MD4_Init(&md4);
- MD5_Init(&md5);
- SHA1_Init(&sha1);
-
- des_cbc_encrypt(0, 0, 0, 0, 0, 0);
- RC4(0, 0, 0, 0);
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- lres="$i $j"; break 2
-else
- echo "$as_me: failed program was:" >&5
-cat conftest.$ac_ext >&5
-fi
-rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
- else
- cat >conftest.$ac_ext <<_ACEOF
-#line $LINENO "configure"
-#include "confdefs.h"
-
- #undef KRB5 /* makes md4.h et al unhappy */
- #define KRB4
- #include <md4.h>
- #include <md5.h>
- #include <sha.h>
- #include <des.h>
- #include <rc4.h>
-
-#ifdef F77_DUMMY_MAIN
-# ifdef __cplusplus
- extern "C"
-# endif
- int F77_DUMMY_MAIN() { return 1; }
-#endif
-int
-main ()
-{
-
- MD4_CTX md4;
- MD5_CTX md5;
- SHA_CTX sha1;
-
- MD4_Init(&md4);
- MD5_Init(&md5);
- SHA1_Init(&sha1);
-
- des_cbc_encrypt(0, 0, 0, 0, 0, 0);
- RC4(0, 0, 0, 0);
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext conftest$ac_exeext
-if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
- (eval $ac_link) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } &&
- { ac_try='test -s conftest$ac_exeext'
- { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
- (eval $ac_try) 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- lres="$i $j"; break 2
-else
- echo "$as_me: failed program was:" >&5
-cat conftest.$ac_ext >&5
-fi
-rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext
- fi
- done
- done
- CFLAGS="$save_CFLAGS"
- LIBS="$save_LIBS"
- if test "$ires" -a "$lres"; then
- INCLUDE_des="$ires"
- LIB_des="$lres"
- crypto_lib=krb4
- echo "$as_me:$LINENO: result: same as krb4" >&5
-echo "${ECHO_T}same as krb4" >&6
- LIB_des_a='$(LIB_des)'
- LIB_des_so='$(LIB_des)'
- LIB_des_appl='$(LIB_des)'
- fi
-fi
-
-if test "$crypto_lib" = "unknown"; then
-
- DIR_des='des'
- LIB_des='$(top_builddir)/lib/des/libdes.la'
- LIB_des_a='$(top_builddir)/lib/des/.libs/libdes.a'
- LIB_des_so='$(top_builddir)/lib/des/.libs/libdes.so'
- LIB_des_appl="-ldes"
-
- echo "$as_me:$LINENO: result: included libdes" >&5
-echo "${ECHO_T}included libdes" >&6
-
-fi
-
-if test "$openssl" = "yes"; then
-
-cat >>confdefs.h <<\_ACEOF
-#define HAVE_OPENSSL 1
-_ACEOF
-
-fi
-
-
-if test "$openssl" = yes; then
- HAVE_OPENSSL_TRUE=
- HAVE_OPENSSL_FALSE='#'
-else
- HAVE_OPENSSL_TRUE='#'
- HAVE_OPENSSL_FALSE=
-fi
-
-
-
-
-
-
-
-
-
-
@@ -34232,12 +35625,16 @@ fi
echo "$as_me:$LINENO: checking which authentication modules should be built" >&5
echo $ECHO_N "checking which authentication modules should be built... $ECHO_C" >&6
+z='sia afskauthlib'
LIB_AUTH_SUBDIRS=
-
+for i in $z; do
+case $i in
+sia)
if test "$ac_cv_header_siad_h" = yes; then
LIB_AUTH_SUBDIRS="$LIB_AUTH_SUBDIRS sia"
fi
-
+;;
+pam)
case "${host}" in
*-*-freebsd*) ac_cv_want_pam_krb4=no ;;
*) ac_cv_want_pam_krb4=yes ;;
@@ -34248,13 +35645,21 @@ if test "$ac_cv_want_pam_krb4" = yes -a \
"$enable_shared" = yes; then
LIB_AUTH_SUBDIRS="$LIB_AUTH_SUBDIRS pam"
fi
-
+;;
+afskauthlib)
case "${host}" in
*-*-irix[56]*) LIB_AUTH_SUBDIRS="$LIB_AUTH_SUBDIRS afskauthlib" ;;
esac
-
-echo "$as_me:$LINENO: result: $LIB_AUTH_SUBDIRS" >&5
+;;
+esac
+done
+if test "$LIB_AUTH_SUBDIRS"; then
+ echo "$as_me:$LINENO: result: $LIB_AUTH_SUBDIRS" >&5
echo "${ECHO_T}$LIB_AUTH_SUBDIRS" >&6
+else
+ echo "$as_me:$LINENO: result: none" >&5
+echo "${ECHO_T}none" >&6
+fi
@@ -34425,6 +35830,41 @@ echo "$as_me: error: conditional \"AMDEP\" was never defined.
Usually this means the macro was only invoked conditionally." >&2;}
{ (exit 1); exit 1; }; }
fi
+if test -z "${KRB4_TRUE}" && test -z "${KRB4_FALSE}"; then
+ { { echo "$as_me:$LINENO: error: conditional \"KRB4\" was never defined.
+Usually this means the macro was only invoked conditionally." >&5
+echo "$as_me: error: conditional \"KRB4\" was never defined.
+Usually this means the macro was only invoked conditionally." >&2;}
+ { (exit 1); exit 1; }; }
+fi
+if test -z "${KRB5_TRUE}" && test -z "${KRB5_FALSE}"; then
+ { { echo "$as_me:$LINENO: error: conditional \"KRB5\" was never defined.
+Usually this means the macro was only invoked conditionally." >&5
+echo "$as_me: error: conditional \"KRB5\" was never defined.
+Usually this means the macro was only invoked conditionally." >&2;}
+ { (exit 1); exit 1; }; }
+fi
+if test -z "${do_roken_rename_TRUE}" && test -z "${do_roken_rename_FALSE}"; then
+ { { echo "$as_me:$LINENO: error: conditional \"do_roken_rename\" was never defined.
+Usually this means the macro was only invoked conditionally." >&5
+echo "$as_me: error: conditional \"do_roken_rename\" was never defined.
+Usually this means the macro was only invoked conditionally." >&2;}
+ { (exit 1); exit 1; }; }
+fi
+if test -z "${HAVE_OPENSSL_TRUE}" && test -z "${HAVE_OPENSSL_FALSE}"; then
+ { { echo "$as_me:$LINENO: error: conditional \"HAVE_OPENSSL\" was never defined.
+Usually this means the macro was only invoked conditionally." >&5
+echo "$as_me: error: conditional \"HAVE_OPENSSL\" was never defined.
+Usually this means the macro was only invoked conditionally." >&2;}
+ { (exit 1); exit 1; }; }
+fi
+if test -z "${DCE_TRUE}" && test -z "${DCE_FALSE}"; then
+ { { echo "$as_me:$LINENO: error: conditional \"DCE\" was never defined.
+Usually this means the macro was only invoked conditionally." >&5
+echo "$as_me: error: conditional \"DCE\" was never defined.
+Usually this means the macro was only invoked conditionally." >&2;}
+ { (exit 1); exit 1; }; }
+fi
if test -z "${HAVE_DB1_TRUE}" && test -z "${HAVE_DB1_FALSE}"; then
{ { echo "$as_me:$LINENO: error: conditional \"HAVE_DB1\" was never defined.
Usually this means the macro was only invoked conditionally." >&5
@@ -34481,34 +35921,6 @@ echo "$as_me: error: conditional \"have_glob_h\" was never defined.
Usually this means the macro was only invoked conditionally." >&2;}
{ (exit 1); exit 1; }; }
fi
-if test -z "${KRB4_TRUE}" && test -z "${KRB4_FALSE}"; then
- { { echo "$as_me:$LINENO: error: conditional \"KRB4\" was never defined.
-Usually this means the macro was only invoked conditionally." >&5
-echo "$as_me: error: conditional \"KRB4\" was never defined.
-Usually this means the macro was only invoked conditionally." >&2;}
- { (exit 1); exit 1; }; }
-fi
-if test -z "${KRB5_TRUE}" && test -z "${KRB5_FALSE}"; then
- { { echo "$as_me:$LINENO: error: conditional \"KRB5\" was never defined.
-Usually this means the macro was only invoked conditionally." >&5
-echo "$as_me: error: conditional \"KRB5\" was never defined.
-Usually this means the macro was only invoked conditionally." >&2;}
- { (exit 1); exit 1; }; }
-fi
-if test -z "${do_roken_rename_TRUE}" && test -z "${do_roken_rename_FALSE}"; then
- { { echo "$as_me:$LINENO: error: conditional \"do_roken_rename\" was never defined.
-Usually this means the macro was only invoked conditionally." >&5
-echo "$as_me: error: conditional \"do_roken_rename\" was never defined.
-Usually this means the macro was only invoked conditionally." >&2;}
- { (exit 1); exit 1; }; }
-fi
-if test -z "${DCE_TRUE}" && test -z "${DCE_FALSE}"; then
- { { echo "$as_me:$LINENO: error: conditional \"DCE\" was never defined.
-Usually this means the macro was only invoked conditionally." >&5
-echo "$as_me: error: conditional \"DCE\" was never defined.
-Usually this means the macro was only invoked conditionally." >&2;}
- { (exit 1); exit 1; }; }
-fi
if test -z "${OTP_TRUE}" && test -z "${OTP_FALSE}"; then
{ { echo "$as_me:$LINENO: error: conditional \"OTP\" was never defined.
Usually this means the macro was only invoked conditionally." >&5
@@ -34572,13 +35984,6 @@ echo "$as_me: error: conditional \"NEED_WRITEAUTH\" was never defined.
Usually this means the macro was only invoked conditionally." >&2;}
{ (exit 1); exit 1; }; }
fi
-if test -z "${HAVE_OPENSSL_TRUE}" && test -z "${HAVE_OPENSSL_FALSE}"; then
- { { echo "$as_me:$LINENO: error: conditional \"HAVE_OPENSSL\" was never defined.
-Usually this means the macro was only invoked conditionally." >&5
-echo "$as_me: error: conditional \"HAVE_OPENSSL\" was never defined.
-Usually this means the macro was only invoked conditionally." >&2;}
- { (exit 1); exit 1; }; }
-fi
if test -z "${el_compat_TRUE}" && test -z "${el_compat_FALSE}"; then
{ { echo "$as_me:$LINENO: error: conditional \"el_compat\" was never defined.
Usually this means the macro was only invoked conditionally." >&5
@@ -35180,6 +36585,36 @@ s,@LIBTOOL@,$LIBTOOL,;t t
s,@WFLAGS@,$WFLAGS,;t t
s,@WFLAGS_NOUNUSED@,$WFLAGS_NOUNUSED,;t t
s,@WFLAGS_NOIMPLICITINT@,$WFLAGS_NOIMPLICITINT,;t t
+s,@INCLUDE_openldap@,$INCLUDE_openldap,;t t
+s,@LIB_openldap@,$LIB_openldap,;t t
+s,@INCLUDE_krb4@,$INCLUDE_krb4,;t t
+s,@LIB_krb4@,$LIB_krb4,;t t
+s,@EXTRA_LIB45@,$EXTRA_LIB45,;t t
+s,@LIB_krb_enable_debug@,$LIB_krb_enable_debug,;t t
+s,@LIB_krb_disable_debug@,$LIB_krb_disable_debug,;t t
+s,@LIB_krb_get_our_ip_for_realm@,$LIB_krb_get_our_ip_for_realm,;t t
+s,@LIB_krb_kdctimeofday@,$LIB_krb_kdctimeofday,;t t
+s,@LIB_krb_get_kdc_time_diff@,$LIB_krb_get_kdc_time_diff,;t t
+s,@KRB4_TRUE@,$KRB4_TRUE,;t t
+s,@KRB4_FALSE@,$KRB4_FALSE,;t t
+s,@KRB5_TRUE@,$KRB5_TRUE,;t t
+s,@KRB5_FALSE@,$KRB5_FALSE,;t t
+s,@do_roken_rename_TRUE@,$do_roken_rename_TRUE,;t t
+s,@do_roken_rename_FALSE@,$do_roken_rename_FALSE,;t t
+s,@LIB_kdb@,$LIB_kdb,;t t
+s,@HAVE_OPENSSL_TRUE@,$HAVE_OPENSSL_TRUE,;t t
+s,@HAVE_OPENSSL_FALSE@,$HAVE_OPENSSL_FALSE,;t t
+s,@DIR_des@,$DIR_des,;t t
+s,@INCLUDE_des@,$INCLUDE_des,;t t
+s,@LIB_des@,$LIB_des,;t t
+s,@LIB_des_a@,$LIB_des_a,;t t
+s,@LIB_des_so@,$LIB_des_so,;t t
+s,@LIB_des_appl@,$LIB_des_appl,;t t
+s,@DCE_TRUE@,$DCE_TRUE,;t t
+s,@DCE_FALSE@,$DCE_FALSE,;t t
+s,@dpagaix_cflags@,$dpagaix_cflags,;t t
+s,@dpagaix_ldadd@,$dpagaix_ldadd,;t t
+s,@dpagaix_ldflags@,$dpagaix_ldflags,;t t
s,@LIB_db_create@,$LIB_db_create,;t t
s,@LIB_dbopen@,$LIB_dbopen,;t t
s,@LIB_dbm_firstkey@,$LIB_dbm_firstkey,;t t
@@ -35205,6 +36640,7 @@ s,@LIB_gethostbyname@,$LIB_gethostbyname,;t t
s,@LIB_syslog@,$LIB_syslog,;t t
s,@LIB_gethostbyname2@,$LIB_gethostbyname2,;t t
s,@LIB_res_search@,$LIB_res_search,;t t
+s,@LIB_res_nsearch@,$LIB_res_nsearch,;t t
s,@LIB_dn_expand@,$LIB_dn_expand,;t t
s,@LIBOBJS@,$LIBOBJS,;t t
s,@have_glob_h_TRUE@,$have_glob_h_TRUE,;t t
@@ -35223,28 +36659,6 @@ s,@LIB_crypt@,$LIB_crypt,;t t
s,@DIR_roken@,$DIR_roken,;t t
s,@LIB_roken@,$LIB_roken,;t t
s,@INCLUDES_roken@,$INCLUDES_roken,;t t
-s,@INCLUDE_openldap@,$INCLUDE_openldap,;t t
-s,@LIB_openldap@,$LIB_openldap,;t t
-s,@INCLUDE_krb4@,$INCLUDE_krb4,;t t
-s,@LIB_krb4@,$LIB_krb4,;t t
-s,@EXTRA_LIB45@,$EXTRA_LIB45,;t t
-s,@LIB_krb_enable_debug@,$LIB_krb_enable_debug,;t t
-s,@LIB_krb_disable_debug@,$LIB_krb_disable_debug,;t t
-s,@LIB_krb_get_our_ip_for_realm@,$LIB_krb_get_our_ip_for_realm,;t t
-s,@LIB_krb_kdctimeofday@,$LIB_krb_kdctimeofday,;t t
-s,@LIB_krb_get_kdc_time_diff@,$LIB_krb_get_kdc_time_diff,;t t
-s,@KRB4_TRUE@,$KRB4_TRUE,;t t
-s,@KRB4_FALSE@,$KRB4_FALSE,;t t
-s,@KRB5_TRUE@,$KRB5_TRUE,;t t
-s,@KRB5_FALSE@,$KRB5_FALSE,;t t
-s,@do_roken_rename_TRUE@,$do_roken_rename_TRUE,;t t
-s,@do_roken_rename_FALSE@,$do_roken_rename_FALSE,;t t
-s,@LIB_kdb@,$LIB_kdb,;t t
-s,@DCE_TRUE@,$DCE_TRUE,;t t
-s,@DCE_FALSE@,$DCE_FALSE,;t t
-s,@dpagaix_cflags@,$dpagaix_cflags,;t t
-s,@dpagaix_ldadd@,$dpagaix_ldadd,;t t
-s,@dpagaix_ldflags@,$dpagaix_ldflags,;t t
s,@LIB_otp@,$LIB_otp,;t t
s,@OTP_TRUE@,$OTP_TRUE,;t t
s,@OTP_FALSE@,$OTP_FALSE,;t t
@@ -35288,14 +36702,6 @@ s,@LIB_logout@,$LIB_logout,;t t
s,@LIB_openpty@,$LIB_openpty,;t t
s,@LIB_tgetent@,$LIB_tgetent,;t t
s,@LIB_getpwnam_r@,$LIB_getpwnam_r,;t t
-s,@HAVE_OPENSSL_TRUE@,$HAVE_OPENSSL_TRUE,;t t
-s,@HAVE_OPENSSL_FALSE@,$HAVE_OPENSSL_FALSE,;t t
-s,@DIR_des@,$DIR_des,;t t
-s,@INCLUDE_des@,$INCLUDE_des,;t t
-s,@LIB_des@,$LIB_des,;t t
-s,@LIB_des_a@,$LIB_des_a,;t t
-s,@LIB_des_so@,$LIB_des_so,;t t
-s,@LIB_des_appl@,$LIB_des_appl,;t t
s,@LIB_el_init@,$LIB_el_init,;t t
s,@el_compat_TRUE@,$el_compat_TRUE,;t t
s,@el_compat_FALSE@,$el_compat_FALSE,;t t
diff --git a/crypto/heimdal/configure.in b/crypto/heimdal/configure.in
index d731642..3ef2a59 100644
--- a/crypto/heimdal/configure.in
+++ b/crypto/heimdal/configure.in
@@ -1,8 +1,9 @@
dnl Process this file with autoconf to produce a configure script.
-AC_REVISION($Revision: 1.320 $)
+AC_REVISION($Revision: 1.325 $)
AC_PREREQ(2.53)
#test -z "$CFLAGS" && CFLAGS="-g"
AC_INIT(Heimdal, 0.4f, heimdal-bugs@pdc.kth.se)
+AC_CONFIG_SRCDIR([kuser/kinit.c])
AM_CONFIG_HEADER(include/config.h)
dnl Checks for programs.
@@ -21,6 +22,8 @@ AC_CANONICAL_HOST
CANONICAL_HOST=$host
AC_SUBST(CANONICAL_HOST)
+AC_SYS_LARGEFILE
+
dnl
dnl this is needed to run the configure tests against glibc
dnl
@@ -48,22 +51,11 @@ AC_PROG_LIBTOOL
AC_WFLAGS(-Wall -Wmissing-prototypes -Wpointer-arith -Wbad-function-cast -Wmissing-declarations -Wnested-externs)
-rk_DB
-
-dnl AC_ROKEN(10,[/usr/heimdal /usr/athena],[lib/roken],[$(top_builddir)/lib/roken/libroken.la],[-I$(top_builddir)/lib/roken -I$(top_srcdir)/lib/roken])
-
-rk_ROKEN(lib/roken)
-LIB_roken="\$(top_builddir)/lib/vers/libvers.la $LIB_roken"
-
rk_TEST_PACKAGE(openldap,
[#include <lber.h>
#include <ldap.h>],
[-lldap -llber],,,OPENLDAP)
-if test "$openldap_libdir"; then
- LIB_openldap="-R $openldap_libdir $LIB_openldap"
-fi
-
rk_TEST_PACKAGE(krb4,[#include <krb.h>],-lkrb,-ldes,/usr/athena, KRB4, krb4-config)
LIB_kdb=
@@ -156,10 +148,6 @@ if test "$with_krb4" != "no"; then
LIBS="$save_LIBS"
CFLAGS="$save_CFLAGS"
LIB_kdb="-lkdb -lkrb"
- if test "$krb4_libdir"; then
- LIB_krb4="-R $krb4_libdir $LIB_krb4"
- LIB_kdb="-R $krb4_libdir -L$krb4_libdir $LIB_kdb"
- fi
fi
AM_CONDITIONAL(KRB4, test "$with_krb4" != "no")
AM_CONDITIONAL(KRB5, true)
@@ -168,6 +156,8 @@ AM_CONDITIONAL(do_roken_rename, true)
AC_DEFINE(KRB5, 1, [Enable Kerberos 5 support in applications.])dnl
AC_SUBST(LIB_kdb)dnl
+KRB_CRYPTO
+
AC_ARG_ENABLE(dce,
AC_HELP_STRING([--enable-dce],[if you want support for DCE/DFS PAG's]))
if test "$enable_dce" = yes; then
@@ -189,10 +179,23 @@ AC_SUBST(dpagaix_cflags)
AC_SUBST(dpagaix_ldadd)
AC_SUBST(dpagaix_ldflags)
+rk_DB
+
+dnl AC_ROKEN(10,[/usr/heimdal /usr/athena],[lib/roken],[$(top_builddir)/lib/roken/libroken.la],[-I$(top_builddir)/lib/roken -I$(top_srcdir)/lib/roken])
+
+rk_ROKEN(lib/roken)
+LIB_roken="\$(top_builddir)/lib/vers/libvers.la $LIB_roken"
+
rk_OTP
AC_CHECK_OSFC2
+AC_ARG_ENABLE(mmap,
+ AC_HELP_STRING([--disable-mmap],[disable use of mmap]))
+if test "$enable_mmap" = "no"; then
+ AC_DEFINE(NO_MMAP, 1, [Define if you don't want to use mmap.])
+fi
+
rk_CHECK_MAN
rk_TEST_PACKAGE(readline,
@@ -241,6 +244,7 @@ AC_CHECK_HEADERS([\
libutil.h \
limits.h \
maillock.h \
+ netgroup.h \
netinet/in6_machtypes.h \
netinfo/ni.h \
pthread.h \
@@ -256,6 +260,7 @@ AC_CHECK_HEADERS([\
sys/file.h \
sys/filio.h \
sys/ioccom.h \
+ sys/mman.h \
sys/pty.h \
sys/ptyio.h \
sys/ptyvar.h \
@@ -327,6 +332,8 @@ AC_CHECK_FUNCS([ \
yp_get_default_domain \
])
+AC_FUNC_MMAP
+
KRB_CAPABILITIES
AC_CHECK_GETPWNAM_R_POSIX
@@ -369,8 +376,6 @@ AC_CHECK_TYPES([int8_t, int16_t, int32_t, int64_t,
#endif
])
-KRB_CRYPTO
-
KRB_READLINE
rk_TELNET
@@ -378,7 +383,7 @@ rk_TELNET
dnl Some operating systems already have com_err and compile_et
CHECK_COMPILE_ET
-AC_AUTH_MODULES
+rk_AUTH_MODULES([sia afskauthlib])
rk_DESTDIRS
diff --git a/crypto/heimdal/doc/ack.texi b/crypto/heimdal/doc/ack.texi
index fe0113e..d28b816 100644
--- a/crypto/heimdal/doc/ack.texi
+++ b/crypto/heimdal/doc/ack.texi
@@ -1,4 +1,4 @@
-@c $Id: ack.texi,v 1.14 2001/02/24 05:09:23 assar Exp $
+@c $Id: ack.texi,v 1.15 2002/09/04 01:03:35 assar Exp $
@node Acknowledgments, , Migration, Top
@comment node-name, next, previous, up
@@ -19,6 +19,9 @@ of NetBSD/FreeBSD.
@code{editline} was written by Simmule Turner and Rich Salz.
+The @code{getifaddrs} implementation for Linux was written by Hideaki
+YOSHIFUJI for the Usagi project.
+
Bugfixes, documentation, encouragement, and code has been contributed by:
@table @asis
@item Derrick J Brashear
diff --git a/crypto/heimdal/doc/install.texi b/crypto/heimdal/doc/install.texi
index 61c5282..d12ace9 100644
--- a/crypto/heimdal/doc/install.texi
+++ b/crypto/heimdal/doc/install.texi
@@ -1,4 +1,4 @@
-@c $Id: install.texi,v 1.17 2001/07/02 18:06:02 joda Exp $
+@c $Id: install.texi,v 1.18 2002/09/04 03:18:48 assar Exp $
@node Building and Installing, Setting up a realm, What is Kerberos?, Top
@comment node-name, next, previous, up
@@ -98,4 +98,9 @@ On Irix there are three different ABIs that can be used (@samp{32},
@samp{n32}, or @samp{64}). This option allows you to override the
automatic selection.
+@item @kbd{--disable-mmap}
+Do not use the mmap system call. Normally, configure detects if there
+is a working mmap and it is only used if there is one. Only try this
+option if it fails to work anyhow.
+
@end table
diff --git a/crypto/heimdal/include/Makefile.am b/crypto/heimdal/include/Makefile.am
index fee2ac2..c283cd2 100644
--- a/crypto/heimdal/include/Makefile.am
+++ b/crypto/heimdal/include/Makefile.am
@@ -1,25 +1,30 @@
-# $Id: Makefile.am,v 1.32 2002/05/24 15:36:21 joda Exp $
+# $Id: Makefile.am,v 1.33 2002/09/10 19:59:25 joda Exp $
include $(top_srcdir)/Makefile.am.common
SUBDIRS = kadm5
-noinst_PROGRAMS = bits
+noinst_PROGRAMS = bits make_crypto
CHECK_LOCAL =
INCLUDES += -DHOST=\"$(CANONICAL_HOST)\"
include_HEADERS = krb5-types.h
+noinst_HEADERS = crypto-headers.h
krb5-types.h: bits$(EXEEXT)
./bits$(EXEEXT) krb5-types.h
+crypto-headers.h: make_crypto$(EXEEXT)
+ ./make_crypto$(EXEEXT) crypto-headers.h
+
CLEANFILES = \
asn1.h \
asn1_err.h \
base64.h \
com_err.h \
com_right.h \
+ crypto-headers.h\
der.h \
des.h \
editline.h \
diff --git a/crypto/heimdal/include/Makefile.in b/crypto/heimdal/include/Makefile.in
index 9fe6d81..1eed888 100644
--- a/crypto/heimdal/include/Makefile.in
+++ b/crypto/heimdal/include/Makefile.in
@@ -14,7 +14,7 @@
@SET_MAKE@
-# $Id: Makefile.am,v 1.32 2002/05/24 15:36:21 joda Exp $
+# $Id: Makefile.am,v 1.33 2002/09/10 19:59:25 joda Exp $
# $Id: Makefile.am.common,v 1.5 2002/05/19 18:35:37 joda Exp $
@@ -204,10 +204,11 @@ NROFF_MAN = groff -mandoc -Tascii
SUBDIRS = kadm5
-noinst_PROGRAMS = bits
+noinst_PROGRAMS = bits make_crypto
CHECK_LOCAL =
include_HEADERS = krb5-types.h
+noinst_HEADERS = crypto-headers.h
CLEANFILES = \
asn1.h \
@@ -215,6 +216,7 @@ CLEANFILES = \
base64.h \
com_err.h \
com_right.h \
+ crypto-headers.h\
der.h \
des.h \
editline.h \
@@ -249,7 +251,7 @@ subdir = include
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
CONFIG_HEADER = config.h
CONFIG_CLEAN_FILES =
-noinst_PROGRAMS = bits$(EXEEXT)
+noinst_PROGRAMS = bits$(EXEEXT) make_crypto$(EXEEXT)
PROGRAMS = $(noinst_PROGRAMS)
bits_SOURCES = bits.c
@@ -257,6 +259,11 @@ bits_OBJECTS = bits.$(OBJEXT)
bits_LDADD = $(LDADD)
bits_DEPENDENCIES =
bits_LDFLAGS =
+make_crypto_SOURCES = make_crypto.c
+make_crypto_OBJECTS = make_crypto.$(OBJEXT)
+make_crypto_LDADD = $(LDADD)
+make_crypto_DEPENDENCIES =
+make_crypto_LDFLAGS =
DEFS = @DEFS@
DEFAULT_INCLUDES = -I. -I$(srcdir) -I.
@@ -273,17 +280,18 @@ CCLD = $(CC)
LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(AM_LDFLAGS) $(LDFLAGS) -o $@
CFLAGS = @CFLAGS@
-DIST_SOURCES = bits.c
-HEADERS = $(include_HEADERS)
+DIST_SOURCES = bits.c make_crypto.c
+HEADERS = $(include_HEADERS) $(noinst_HEADERS)
RECURSIVE_TARGETS = info-recursive dvi-recursive install-info-recursive \
uninstall-info-recursive all-recursive install-data-recursive \
install-exec-recursive installdirs-recursive install-recursive \
uninstall-recursive check-recursive installcheck-recursive
-DIST_COMMON = $(include_HEADERS) Makefile.am Makefile.in config.h.in
+DIST_COMMON = $(include_HEADERS) $(noinst_HEADERS) Makefile.am \
+ Makefile.in
DIST_SUBDIRS = $(SUBDIRS)
-SOURCES = bits.c
+SOURCES = bits.c make_crypto.c
all: config.h
$(MAKE) $(AM_MAKEFLAGS) all-recursive
@@ -322,6 +330,9 @@ clean-noinstPROGRAMS:
bits$(EXEEXT): $(bits_OBJECTS) $(bits_DEPENDENCIES)
@rm -f bits$(EXEEXT)
$(LINK) $(bits_LDFLAGS) $(bits_OBJECTS) $(bits_LDADD) $(LIBS)
+make_crypto$(EXEEXT): $(make_crypto_OBJECTS) $(make_crypto_DEPENDENCIES)
+ @rm -f make_crypto$(EXEEXT)
+ $(LINK) $(make_crypto_LDFLAGS) $(make_crypto_OBJECTS) $(make_crypto_LDADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT) core *.core
@@ -731,6 +742,9 @@ install-data-local: install-cat-mans
krb5-types.h: bits$(EXEEXT)
./bits$(EXEEXT) krb5-types.h
+
+crypto-headers.h: make_crypto$(EXEEXT)
+ ./make_crypto$(EXEEXT) crypto-headers.h
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
.NOEXPORT:
diff --git a/crypto/heimdal/include/config.h.in b/crypto/heimdal/include/config.h.in
index 39fafbd..0dde992 100644
--- a/crypto/heimdal/include/config.h.in
+++ b/crypto/heimdal/include/config.h.in
@@ -285,6 +285,9 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg }
/* Define if you have the function `getopt'. */
#undef HAVE_GETOPT
+/* Define to 1 if you have the `getpagesize' function. */
+#undef HAVE_GETPAGESIZE
+
/* Define to 1 if you have the `getprogname' function. */
#undef HAVE_GETPROGNAME
@@ -448,6 +451,9 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg }
/* Define to 1 if you have the `mktime' function. */
#undef HAVE_MKTIME
+/* Define to 1 if you have a working `mmap' system call. */
+#undef HAVE_MMAP
+
/* define if you have a ndbm library */
#undef HAVE_NDBM
@@ -457,6 +463,9 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg }
/* Define to 1 if you have the <netdb.h> header file. */
#undef HAVE_NETDB_H
+/* Define to 1 if you have the <netgroup.h> header file. */
+#undef HAVE_NETGROUP_H
+
/* Define to 1 if you have the <netinet6/in6.h> header file. */
#undef HAVE_NETINET6_IN6_H
@@ -493,6 +502,9 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg }
/* Define if NDBM really is DB (creates files *.db) */
#undef HAVE_NEW_DB
+/* define if you have hash functions like md4_finito() */
+#undef HAVE_OLD_HASH_NAMES
+
/* Define to 1 if you have the `on_exit' function. */
#undef HAVE_ON_EXIT
@@ -559,6 +571,9 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg }
/* Define to 1 if you have the <resolv.h> header file. */
#undef HAVE_RESOLV_H
+/* Define to 1 if you have the `res_nsearch' function. */
+#undef HAVE_RES_NSEARCH
+
/* Define to 1 if you have the `res_search' function. */
#undef HAVE_RES_SEARCH
@@ -844,6 +859,9 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg }
/* Define to 1 if you have the <sys/ioctl.h> header file. */
#undef HAVE_SYS_IOCTL_H
+/* Define to 1 if you have the <sys/mman.h> header file. */
+#undef HAVE_SYS_MMAN_H
+
/* Define to 1 if you have the <sys/param.h> header file. */
#undef HAVE_SYS_PARAM_H
@@ -1210,6 +1228,9 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg }
/* define if the system is missing a prototype for vsnprintf() */
#undef NEED_VSNPRINTF_PROTO
+/* Define if you don't want to use mmap. */
+#undef NO_MMAP
+
/* Define this to enable old environment option in telnet. */
#undef OLD_ENVIRON
@@ -1290,9 +1311,15 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg }
`char[]'. */
#undef YYTEXT_POINTER
+/* Number of bits in a file offset, on hosts where this is settable. */
+#undef _FILE_OFFSET_BITS
+
/* Define to enable extensions on glibc-based systems such as Linux. */
#undef _GNU_SOURCE
+/* Define for large files, on AIX-style hosts. */
+#undef _LARGE_FILES
+
/* Define to empty if `const' does not conform to ANSI C. */
#undef const
@@ -1321,6 +1348,13 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg }
/* Define to `int' if <sys/types.h> doesn't define. */
#undef uid_t
+#if defined(HAVE_FOUR_VALUED_KRB_PUT_INT) || !defined(KRB4)
+#define KRB_PUT_INT(F, T, L, S) krb_put_int((F), (T), (L), (S))
+#else
+#define KRB_PUT_INT(F, T, L, S) krb_put_int((F), (T), (S))
+#endif
+
+
#if defined(ENCRYPTION) && !defined(AUTHENTICATION)
#define AUTHENTICATION 1
@@ -1345,6 +1379,14 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg }
#include "roken_rename.h"
#endif
+#ifndef HAVE_KRB_KDCTIMEOFDAY
+#define krb_kdctimeofday(X) gettimeofday((X), NULL)
+#endif
+
+#ifndef HAVE_KRB_GET_KDC_TIME_DIFF
+#define krb_get_kdc_time_diff() (0)
+#endif
+
#ifdef VOID_RETSIGTYPE
#define SIGRETURN(x) return
#else
@@ -1356,21 +1398,6 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg }
#define isoc_realloc(X, Y) ((X) ? realloc((X), (Y)) : malloc(Y))
#endif
-#if defined(HAVE_FOUR_VALUED_KRB_PUT_INT) || !defined(KRB4)
-#define KRB_PUT_INT(F, T, L, S) krb_put_int((F), (T), (L), (S))
-#else
-#define KRB_PUT_INT(F, T, L, S) krb_put_int((F), (T), (S))
-#endif
-
-
-#ifndef HAVE_KRB_KDCTIMEOFDAY
-#define krb_kdctimeofday(X) gettimeofday((X), NULL)
-#endif
-
-#ifndef HAVE_KRB_GET_KDC_TIME_DIFF
-#define krb_get_kdc_time_diff() (0)
-#endif
-
#if ENDIANESS_IN_SYS_PARAM_H
# include <sys/types.h>
diff --git a/crypto/heimdal/include/make_crypto.c b/crypto/heimdal/include/make_crypto.c
new file mode 100644
index 0000000..d1b633c
--- /dev/null
+++ b/crypto/heimdal/include/make_crypto.c
@@ -0,0 +1,95 @@
+/*
+ * Copyright (c) 2002 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+RCSID("$Id");
+#endif
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <ctype.h>
+
+int
+main(int argc, char **argv)
+{
+ char *p;
+ FILE *f;
+ if(argc != 2) {
+ fprintf(stderr, "Usage: make_crypto file\n");
+ exit(1);
+ }
+ f = fopen(argv[1], "w");
+ if(f == NULL) {
+ perror(argv[1]);
+ exit(1);
+ }
+ for(p = argv[1]; *p; p++)
+ if(!isalnum((int)*p))
+ *p = '_';
+ fprintf(f, "#ifndef __%s__\n", argv[1]);
+ fprintf(f, "#define __%s__\n", argv[1]);
+#ifdef HAVE_OPENSSL
+ fputs("#include <openssl/des.h>\n", f);
+ fputs("#include <openssl/rc4.h>\n", f);
+ fputs("#include <openssl/md4.h>\n", f);
+ fputs("#include <openssl/md5.h>\n", f);
+ fputs("#include <openssl/sha.h>\n", f);
+#else
+ fputs("#include <des.h>\n", f);
+ fputs("#include <md4.h>\n", f);
+ fputs("#include <md5.h>\n", f);
+ fputs("#include <sha.h>\n", f);
+ fputs("#include <rc4.h>\n", f);
+#ifdef HAVE_OLD_HASH_NAMES
+ fputs("\n", f);
+ fputs(" typedef struct md4 MD4_CTX;\n", f);
+ fputs("#define MD4_Init md4_init\n", f);
+ fputs("#define MD4_Update md4_update\n", f);
+ fputs("#define MD4_Final(D, C) md4_finito((C), (D))\n", f);
+ fputs("\n", f);
+ fputs(" typedef struct md5 MD5_CTX;\n", f);
+ fputs("#define MD5_Init md5_init\n", f);
+ fputs("#define MD5_Update md5_update\n", f);
+ fputs("#define MD5_Final(D, C) md5_finito((C), (D))\n", f);
+ fputs("\n", f);
+ fputs(" typedef struct sha SHA_CTX;\n", f);
+ fputs("#define SHA1_Init sha_init\n", f);
+ fputs("#define SHA1_Update sha_update\n", f);
+ fputs("#define SHA1_Final(D, C) sha_finito((C), (D))\n", f);
+#endif
+#endif
+ fprintf(f, "#endif /* __%s__ */\n", argv[1]);
+ fclose(f);
+ exit(0);
+}
diff --git a/crypto/heimdal/kadmin/ChangeLog b/crypto/heimdal/kadmin/ChangeLog
index 4c56cc8..6e625f8 100644
--- a/crypto/heimdal/kadmin/ChangeLog
+++ b/crypto/heimdal/kadmin/ChangeLog
@@ -1,3 +1,21 @@
+2002-09-10 Johan Danielsson <joda@pdc.kth.se>
+
+ * server.c: constify match_appl_version()
+
+ * version4.c: change some lingering krb_err_base
+
+2002-09-09 Jacques Vidrine <nectar@kth.se>
+
+ * server.c (kadmind_dispatch): while decoding arguments for
+ kadm_chpass_with_key, sanity check the number of keys given.
+ Potential problem pointed out by
+ Sebastian Krahmer <krahmer@suse.de>.
+
+2002-09-04 Johan Danielsson <joda@pdc.kth.se>
+
+ * load.c (parse_generation): return if there is no generation
+ (spotted by Daniel Kouril)
+
2002-06-07 Jacques Vidrine <n@nectar.com>
* ank.c: do not attempt to free uninitialized pointer when
diff --git a/crypto/heimdal/kadmin/kadmin_locl.h b/crypto/heimdal/kadmin/kadmin_locl.h
index 0cd5d4e..59c1bd2 100644
--- a/crypto/heimdal/kadmin/kadmin_locl.h
+++ b/crypto/heimdal/kadmin/kadmin_locl.h
@@ -32,7 +32,7 @@
*/
/*
- * $Id: kadmin_locl.h,v 1.40 2001/08/22 20:30:24 assar Exp $
+ * $Id: kadmin_locl.h,v 1.41 2002/09/10 20:04:45 joda Exp $
*/
#ifndef __ADMIN_LOCL_H__
@@ -86,11 +86,6 @@
#endif
#include <err.h>
#include <roken.h>
-#ifdef HAVE_OPENSSL
-#include <openssl/des.h>
-#else
-#include <des.h>
-#endif
#include <krb5.h>
#include <krb5_locl.h>
#include <hdb.h>
diff --git a/crypto/heimdal/kadmin/load.c b/crypto/heimdal/kadmin/load.c
index ebeee6c..3635023 100644
--- a/crypto/heimdal/kadmin/load.c
+++ b/crypto/heimdal/kadmin/load.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -34,7 +34,7 @@
#include "kadmin_locl.h"
#include <kadm5/private.h>
-RCSID("$Id: load.c,v 1.43 2001/08/10 13:52:22 joda Exp $");
+RCSID("$Id: load.c,v 1.44 2002/09/04 20:44:35 joda Exp $");
struct entry {
char *principal;
@@ -288,8 +288,10 @@ parse_generation(char *str, GENERATION **gen)
char *p;
int v;
- if(strcmp(str, "-") == 0 || *str == '\0')
+ if(strcmp(str, "-") == 0 || *str == '\0') {
*gen = NULL;
+ return 0;
+ }
*gen = calloc(1, sizeof(**gen));
p = strsep(&str, ":");
diff --git a/crypto/heimdal/kadmin/server.c b/crypto/heimdal/kadmin/server.c
index 0bda03c..143e95d 100644
--- a/crypto/heimdal/kadmin/server.c
+++ b/crypto/heimdal/kadmin/server.c
@@ -34,7 +34,7 @@
#include "kadmin_locl.h"
#include <krb5-private.h>
-RCSID("$Id: server.c,v 1.34 2002/05/24 15:23:42 joda Exp $");
+RCSID("$Id: server.c,v 1.36 2002/09/10 19:23:28 joda Exp $");
static kadm5_ret_t
kadmind_dispatch(void *kadm_handle, krb5_boolean initial,
@@ -255,6 +255,13 @@ kadmind_dispatch(void *kadm_handle, krb5_boolean initial,
krb5_free_principal(context->context, princ);
goto fail;
}
+ /* n_key_data will be squeezed into an int16_t below. */
+ if (n_key_data < 0 || n_key_data >= 1 << 16 ||
+ n_key_data > UINT_MAX/sizeof(*key_data)) {
+ ret = ERANGE;
+ krb5_free_principal(context->context, princ);
+ goto fail;
+ }
key_data = malloc (n_key_data * sizeof(*key_data));
if (key_data == NULL) {
@@ -440,7 +447,7 @@ v5_loop (krb5_context context,
}
static krb5_boolean
-match_appl_version(void *data, const char *appl_version)
+match_appl_version(const void *data, const char *appl_version)
{
unsigned minor;
if(sscanf(appl_version, "KADM0.%u", &minor) != 1)
diff --git a/crypto/heimdal/kadmin/version4.c b/crypto/heimdal/kadmin/version4.c
index b660ad7..9dec87c 100644
--- a/crypto/heimdal/kadmin/version4.c
+++ b/crypto/heimdal/kadmin/version4.c
@@ -41,7 +41,7 @@
#include <krb_err.h>
#include <kadm_err.h>
-RCSID("$Id: version4.c,v 1.25 2002/05/24 15:23:43 joda Exp $");
+RCSID("$Id: version4.c,v 1.26 2002/09/10 15:20:46 joda Exp $");
#define KADM_NO_OPCODE -1
#define KADM_NO_ENCRYPT -2
@@ -868,7 +868,7 @@ decode_packet(krb5_context context,
client_addr->sin_addr.s_addr, &ad, NULL);
if(ret) {
- make_you_loose_packet(krb_err_base + ret, reply);
+ make_you_loose_packet(ERROR_TABLE_BASE_krb + ret, reply);
krb5_warnx(context, "krb_rd_req: %d", ret);
return;
}
@@ -905,7 +905,7 @@ decode_packet(krb5_context context,
ret = krb_rd_priv(msg + off, rlen, schedule, &ad.session,
client_addr, admin_addr, &msg_dat);
if (ret) {
- make_you_loose_packet (krb_err_base + ret, reply);
+ make_you_loose_packet (ERROR_TABLE_BASE_krb + ret, reply);
krb5_warnx(context, "krb_rd_priv: %d", ret);
goto out;
}
diff --git a/crypto/heimdal/kdc/headers.h b/crypto/heimdal/kdc/headers.h
index d8a23d6..91e4d50 100644
--- a/crypto/heimdal/kdc/headers.h
+++ b/crypto/heimdal/kdc/headers.h
@@ -32,7 +32,7 @@
*/
/*
- * $Id: headers.h,v 1.13 2001/08/22 20:30:25 assar Exp $
+ * $Id: headers.h,v 1.15 2002/09/10 20:04:46 joda Exp $
*/
#ifndef __HEADERS_H__
@@ -41,6 +41,7 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
+#include <limits.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -85,11 +86,6 @@
#include <getarg.h>
#include <base64.h>
#include <parse_units.h>
-#ifdef HAVE_OPENSSL
-#include <openssl/des.h>
-#else
-#include <des.h>
-#endif
#include <krb5.h>
#include <krb5_locl.h>
#include <hdb.h>
diff --git a/crypto/heimdal/kdc/hprop.c b/crypto/heimdal/kdc/hprop.c
index 5def363..3bc066f 100644
--- a/crypto/heimdal/kdc/hprop.c
+++ b/crypto/heimdal/kdc/hprop.c
@@ -33,7 +33,7 @@
#include "hprop.h"
-RCSID("$Id: hprop.c,v 1.69 2002/04/18 10:18:35 joda Exp $");
+RCSID("$Id: hprop.c,v 1.70 2002/09/04 18:19:41 joda Exp $");
static int version_flag;
static int help_flag;
@@ -691,7 +691,7 @@ propagate_database (krb5_context context, int type,
HPROP_VERSION,
NULL,
server,
- AP_OPTS_MUTUAL_REQUIRED,
+ AP_OPTS_MUTUAL_REQUIRED | AP_OPTS_USE_SUBKEY,
NULL, /* in_data */
NULL, /* in_creds */
ccache,
diff --git a/crypto/heimdal/kdc/kaserver.c b/crypto/heimdal/kdc/kaserver.c
index a346411..a281c00 100644
--- a/crypto/heimdal/kdc/kaserver.c
+++ b/crypto/heimdal/kdc/kaserver.c
@@ -33,7 +33,7 @@
#include "kdc_locl.h"
-RCSID("$Id: kaserver.c,v 1.19 2002/04/18 16:07:39 joda Exp $");
+RCSID("$Id: kaserver.c,v 1.20 2002/09/09 14:03:02 nectar Exp $");
#include <rx.h>
@@ -186,6 +186,8 @@ krb5_ret_xdr_data(krb5_storage *sp,
ret = krb5_ret_int32(sp, &size);
if(ret)
return ret;
+ if(size < 0)
+ return ERANGE;
data->length = size;
if (size) {
u_char foo[4];
diff --git a/crypto/heimdal/kdc/kerberos5.c b/crypto/heimdal/kdc/kerberos5.c
index 8b1c3c1..7ba9680 100644
--- a/crypto/heimdal/kdc/kerberos5.c
+++ b/crypto/heimdal/kdc/kerberos5.c
@@ -33,7 +33,7 @@
#include "kdc_locl.h"
-RCSID("$Id: kerberos5.c,v 1.140 2002/07/31 09:42:43 joda Exp $");
+RCSID("$Id: kerberos5.c,v 1.143 2002/09/09 14:03:02 nectar Exp $");
#define MAX_TIME ((time_t)((1U << 31) - 1))
@@ -156,51 +156,69 @@ encode_reply(KDC_REP *rep, EncTicketPart *et, EncKDCRepPart *ek,
krb5_enctype etype,
int skvno, EncryptionKey *skey,
int ckvno, EncryptionKey *ckey,
+ const char **e_text,
krb5_data *reply)
{
- unsigned char buf[8192]; /* XXX The data could be indefinite */
+ unsigned char *buf;
+ size_t buf_size;
size_t len;
krb5_error_code ret;
krb5_crypto crypto;
- ret = encode_EncTicketPart(buf + sizeof(buf) - 1, sizeof(buf), et, &len);
+ ASN1_MALLOC_ENCODE(EncTicketPart, buf, buf_size, et, &len, ret);
if(ret) {
kdc_log(0, "Failed to encode ticket: %s",
krb5_get_err_text(context, ret));
return ret;
}
-
+ if(buf_size != len) {
+ free(buf);
+ kdc_log(0, "Internal error in ASN.1 encoder");
+ *e_text = "KDC internal error";
+ return KRB5KRB_ERR_GENERIC;
+ }
ret = krb5_crypto_init(context, skey, etype, &crypto);
if (ret) {
+ free(buf);
kdc_log(0, "krb5_crypto_init failed: %s",
krb5_get_err_text(context, ret));
return ret;
}
- krb5_encrypt_EncryptedData(context,
- crypto,
- KRB5_KU_TICKET,
- buf + sizeof(buf) - len,
- len,
- skvno,
- &rep->ticket.enc_part);
-
+ ret = krb5_encrypt_EncryptedData(context,
+ crypto,
+ KRB5_KU_TICKET,
+ buf,
+ len,
+ skvno,
+ &rep->ticket.enc_part);
+ free(buf);
krb5_crypto_destroy(context, crypto);
+ if(ret) {
+ kdc_log(0, "Failed to encrypt data: %s",
+ krb5_get_err_text(context, ret));
+ return ret;
+ }
if(rep->msg_type == krb_as_rep && !encode_as_rep_as_tgs_rep)
- ret = encode_EncASRepPart(buf + sizeof(buf) - 1, sizeof(buf),
- ek, &len);
+ ASN1_MALLOC_ENCODE(EncASRepPart, buf, buf_size, ek, &len, ret);
else
- ret = encode_EncTGSRepPart(buf + sizeof(buf) - 1, sizeof(buf),
- ek, &len);
+ ASN1_MALLOC_ENCODE(EncTGSRepPart, buf, buf_size, ek, &len, ret);
if(ret) {
kdc_log(0, "Failed to encode KDC-REP: %s",
krb5_get_err_text(context, ret));
return ret;
}
+ if(buf_size != len) {
+ free(buf);
+ kdc_log(0, "Internal error in ASN.1 encoder");
+ *e_text = "KDC internal error";
+ return KRB5KRB_ERR_GENERIC;
+ }
ret = krb5_crypto_init(context, ckey, 0, &crypto);
if (ret) {
+ free(buf);
kdc_log(0, "krb5_crypto_init failed: %s",
krb5_get_err_text(context, ret));
return ret;
@@ -209,20 +227,22 @@ encode_reply(KDC_REP *rep, EncTicketPart *et, EncKDCRepPart *ek,
krb5_encrypt_EncryptedData(context,
crypto,
KRB5_KU_AS_REP_ENC_PART,
- buf + sizeof(buf) - len,
+ buf,
len,
ckvno,
&rep->enc_part);
- ret = encode_AS_REP(buf + sizeof(buf) - 1, sizeof(buf), rep, &len);
+ free(buf);
+ ASN1_MALLOC_ENCODE(AS_REP, buf, buf_size, rep, &len, ret);
} else {
krb5_encrypt_EncryptedData(context,
crypto,
KRB5_KU_TGS_REP_ENC_PART_SESSION,
- buf + sizeof(buf) - len,
+ buf,
len,
ckvno,
&rep->enc_part);
- ret = encode_TGS_REP(buf + sizeof(buf) - 1, sizeof(buf), rep, &len);
+ free(buf);
+ ASN1_MALLOC_ENCODE(TGS_REP, buf, buf_size, rep, &len, ret);
}
krb5_crypto_destroy(context, crypto);
if(ret) {
@@ -230,7 +250,14 @@ encode_reply(KDC_REP *rep, EncTicketPart *et, EncKDCRepPart *ek,
krb5_get_err_text(context, ret));
return ret;
}
- krb5_data_copy(reply, buf + sizeof(buf) - len, len);
+ if(buf_size != len) {
+ free(buf);
+ kdc_log(0, "Internal error in ASN.1 encoder");
+ *e_text = "KDC internal error";
+ return KRB5KRB_ERR_GENERIC;
+ }
+ reply->data = buf;
+ reply->length = buf_size;
return 0;
}
@@ -297,6 +324,8 @@ get_pa_etype_info(METHOD_DATA *md, hdb_entry *client,
pa.len = client->keys.len;
+ if(pa.len > UINT_MAX/sizeof(*pa.val))
+ return ERANGE;
pa.val = malloc(pa.len * sizeof(*pa.val));
if(pa.val == NULL)
return ENOMEM;
@@ -333,18 +362,10 @@ get_pa_etype_info(METHOD_DATA *md, hdb_entry *client,
pa.len = n;
}
- len = length_ETYPE_INFO(&pa);
- buf = malloc(len);
- if (buf == NULL) {
- free_ETYPE_INFO(&pa);
- return ENOMEM;
- }
- ret = encode_ETYPE_INFO(buf + len - 1, len, &pa, &len);
+ ASN1_MALLOC_ENCODE(ETYPE_INFO, buf, len, &pa, &len, ret);
free_ETYPE_INFO(&pa);
- if(ret) {
- free(buf);
+ if(ret)
return ret;
- }
ret = realloc_method_data(md);
if(ret) {
free(buf);
@@ -657,15 +678,10 @@ as_rep(KDC_REQ *req,
ret = get_pa_etype_info(&method_data, client,
b->etype.val, b->etype.len); /* XXX check ret */
- len = length_METHOD_DATA(&method_data);
- buf = malloc(len);
- encode_METHOD_DATA(buf + len - 1,
- len,
- &method_data,
- &len);
+ ASN1_MALLOC_ENCODE(METHOD_DATA, buf, len, &method_data, &len, ret);
free_METHOD_DATA(&method_data);
- foo_data.length = len;
foo_data.data = buf;
+ foo_data.length = len;
ret = KRB5KDC_ERR_PREAUTH_REQUIRED;
krb5_mk_error(context,
@@ -895,7 +911,7 @@ as_rep(KDC_REQ *req,
set_salt_padata (&rep.padata, ckey->salt);
ret = encode_reply(&rep, &et, &ek, setype, server->kvno, &skey->key,
- client->kvno, &ckey->key, reply);
+ client->kvno, &ckey->key, &e_text, reply);
free_EncTicketPart(&et);
free_EncKDCRepPart(&ek);
free_AS_REP(&rep);
@@ -1065,6 +1081,10 @@ fix_transited_encoding(TransitedEncoding *tr,
return ret;
}
}
+ if (num_realms < 0 || num_realms + 1 > UINT_MAX/sizeof(*realms)) {
+ ret = ERANGE;
+ goto free_realms;
+ }
tmp = realloc(realms, (num_realms + 1) * sizeof(*realms));
if(tmp == NULL){
ret = ENOMEM;
@@ -1101,6 +1121,7 @@ tgs_make_reply(KDC_REQ_BODY *b,
krb5_principal client_principal,
hdb_entry *krbtgt,
krb5_enctype cetype,
+ const char **e_text,
krb5_data *reply)
{
KDC_REP rep;
@@ -1256,7 +1277,7 @@ tgs_make_reply(KDC_REQ_BODY *b,
etype list, even if we don't want a session key with
DES3? */
ret = encode_reply(&rep, &et, &ek, etype, adtkt ? 0 : server->kvno, ekey,
- 0, &tgt->key, reply);
+ 0, &tgt->key, e_text, reply);
out:
free_TGS_REP(&rep);
free_TransitedEncoding(&et.transited);
@@ -1273,11 +1294,13 @@ out:
static krb5_error_code
tgs_check_authenticator(krb5_auth_context ac,
KDC_REQ_BODY *b,
+ const char **e_text,
krb5_keyblock *key)
{
krb5_authenticator auth;
size_t len;
- unsigned char buf[8192];
+ unsigned char *buf;
+ size_t buf_size;
krb5_error_code ret;
krb5_crypto crypto;
@@ -1304,15 +1327,22 @@ tgs_check_authenticator(krb5_auth_context ac,
}
/* XXX should not re-encode this */
- ret = encode_KDC_REQ_BODY(buf + sizeof(buf) - 1, sizeof(buf),
- b, &len);
+ ASN1_MALLOC_ENCODE(KDC_REQ_BODY, buf, buf_size, b, &len, ret);
if(ret){
kdc_log(0, "Failed to encode KDC-REQ-BODY: %s",
krb5_get_err_text(context, ret));
goto out;
}
+ if(buf_size != len) {
+ free(buf);
+ kdc_log(0, "Internal error in ASN.1 encoder");
+ *e_text = "KDC internal error";
+ ret = KRB5KRB_ERR_GENERIC;
+ goto out;
+ }
ret = krb5_crypto_init(context, key, 0, &crypto);
if (ret) {
+ free(buf);
kdc_log(0, "krb5_crypto_init failed: %s",
krb5_get_err_text(context, ret));
goto out;
@@ -1320,9 +1350,10 @@ tgs_check_authenticator(krb5_auth_context ac,
ret = krb5_verify_checksum(context,
crypto,
KRB5_KU_TGS_REQ_AUTH_CKSUM,
- buf + sizeof(buf) - len,
+ buf,
len,
auth->cksum);
+ free(buf);
krb5_crypto_destroy(context, crypto);
if(ret){
kdc_log(0, "Failed to verify checksum: %s",
@@ -1506,7 +1537,7 @@ tgs_rep2(KDC_REQ_BODY *b,
tgt = &ticket->ticket;
- ret = tgs_check_authenticator(ac, b, &tgt->key);
+ ret = tgs_check_authenticator(ac, b, &e_text, &tgt->key);
if (b->enc_authorization_data) {
krb5_keyblock *subkey;
@@ -1723,6 +1754,7 @@ tgs_rep2(KDC_REQ_BODY *b,
cp,
krbtgt,
cetype,
+ &e_text,
reply);
out:
diff --git a/crypto/heimdal/kpasswd/kpasswd_locl.h b/crypto/heimdal/kpasswd/kpasswd_locl.h
index f0b7fbc..c254f6f 100644
--- a/crypto/heimdal/kpasswd/kpasswd_locl.h
+++ b/crypto/heimdal/kpasswd/kpasswd_locl.h
@@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
-/* $Id: kpasswd_locl.h,v 1.12 2001/08/22 20:30:26 assar Exp $ */
+/* $Id: kpasswd_locl.h,v 1.13 2002/09/10 20:03:48 joda Exp $ */
#ifndef __KPASSWD_LOCL_H__
#define __KPASSWD_LOCL_H__
@@ -98,11 +98,7 @@
#include <err.h>
#include <roken.h>
#include <getarg.h>
-#ifdef HAVE_OPENSSL
-#include <openssl/des.h>
-#else
-#include <des.h>
-#endif
#include <krb5.h>
+#include "crypto-headers.h" /* for des_read_pw_string */
#endif /* __KPASSWD_LOCL_H__ */
diff --git a/crypto/heimdal/kuser/kinit.1 b/crypto/heimdal/kuser/kinit.1
index 59c2e63..f020b61 100644
--- a/crypto/heimdal/kuser/kinit.1
+++ b/crypto/heimdal/kuser/kinit.1
@@ -1,4 +1,4 @@
-.\" $Id: kinit.1,v 1.20 2002/08/28 16:09:36 joda Exp $
+.\" $Id: kinit.1,v 1.21 2002/09/13 14:50:27 joda Exp $
.\"
.Dd May 29, 1998
.Dt KINIT 1
@@ -91,7 +91,7 @@ Get ticket that can be forwarded to another host.
Don't ask for a password, but instead get the key from the specified
keytab.
.It Xo
-.Fl l Ar time Ns ,
+.Fl l Ar time ,
.Fl -lifetime= Ns Ar time
.Xc
Specifies the lifetime of the ticket. The argument can either be in
diff --git a/crypto/heimdal/kuser/kinit.c b/crypto/heimdal/kuser/kinit.c
index 7f61605..5ce4642 100644
--- a/crypto/heimdal/kuser/kinit.c
+++ b/crypto/heimdal/kuser/kinit.c
@@ -32,7 +32,7 @@
*/
#include "kuser_locl.h"
-RCSID("$Id: kinit.c,v 1.89 2002/08/21 12:21:31 joda Exp $");
+RCSID("$Id: kinit.c,v 1.90 2002/09/09 22:17:53 joda Exp $");
int forwardable_flag = -1;
int proxiable_flag = -1;
@@ -290,9 +290,11 @@ do_524init(krb5_context context, krb5_ccache ccache,
krb5_cc_get_principal(context, ccache, &client);
memset(&in_creds, 0, sizeof(in_creds));
ret = get_server(context, client, server, &in_creds.server);
+ krb5_free_principal(context, client);
if(ret)
return ret;
ret = krb5_get_credentials(context, 0, ccache, &in_creds, &real_creds);
+ krb5_free_principal(context, in_creds.server);
if(ret)
return ret;
}
diff --git a/crypto/heimdal/lib/asn1/der_get.c b/crypto/heimdal/lib/asn1/der_get.c
index 5edb43a..429fd66 100644
--- a/crypto/heimdal/lib/asn1/der_get.c
+++ b/crypto/heimdal/lib/asn1/der_get.c
@@ -33,7 +33,7 @@
#include "der_locl.h"
-RCSID("$Id: der_get.c,v 1.32 2002/08/22 19:11:07 assar Exp $");
+RCSID("$Id: der_get.c,v 1.33 2002/09/03 16:21:49 nectar Exp $");
#include <version.h>
@@ -252,6 +252,8 @@ decode_integer (const unsigned char *p, size_t len,
p += l;
len -= l;
ret += l;
+ if (reallen > len)
+ return ASN1_OVERRUN;
e = der_get_int (p, reallen, num, &l);
if (e) return e;
p += l;
@@ -279,6 +281,8 @@ decode_unsigned (const unsigned char *p, size_t len,
p += l;
len -= l;
ret += l;
+ if (reallen > len)
+ return ASN1_OVERRUN;
e = der_get_unsigned (p, reallen, num, &l);
if (e) return e;
p += l;
diff --git a/crypto/heimdal/lib/asn1/gen.c b/crypto/heimdal/lib/asn1/gen.c
index 6d03db6..5b85a48 100644
--- a/crypto/heimdal/lib/asn1/gen.c
+++ b/crypto/heimdal/lib/asn1/gen.c
@@ -33,7 +33,7 @@
#include "gen_locl.h"
-RCSID("$Id: gen.c,v 1.48 2002/08/26 13:27:20 assar Exp $");
+RCSID("$Id: gen.c,v 1.49 2002/09/04 15:06:18 joda Exp $");
FILE *headerfile, *codefile, *logfile;
@@ -102,20 +102,29 @@ init_generate (const char *filename, const char *base)
" void *data;\n"
"} octet_string;\n\n");
fprintf (headerfile,
-#if 0
- "typedef struct general_string {\n"
- " size_t length;\n"
- " char *data;\n"
- "} general_string;\n\n"
-#else
"typedef char *general_string;\n\n"
-#endif
);
fprintf (headerfile,
"typedef struct oid {\n"
" size_t length;\n"
" unsigned *components;\n"
"} oid;\n\n");
+ fputs("#define ASN1_MALLOC_ENCODE(T, B, BL, S, L, R) \\\n"
+ " do { \\\n"
+ " (BL) = length_##T((S)); \\\n"
+ " (B) = malloc((BL)); \\\n"
+ " if((B) == NULL) { \\\n"
+ " (R) = ENOMEM; \\\n"
+ " } else { \\\n"
+ " (R) = encode_##T(((unsigned char*)(B)) + (BL) - 1, (BL), \\\n"
+ " (S), (L)); \\\n"
+ " if((R) != 0) { \\\n"
+ " free((B)); \\\n"
+ " (B) = NULL; \\\n"
+ " } \\\n"
+ " } \\\n"
+ " } while (0)\n\n",
+ headerfile);
fprintf (headerfile, "#endif\n\n");
logfile = fopen(STEM "_files", "w");
if (logfile == NULL)
diff --git a/crypto/heimdal/lib/asn1/k5.asn1 b/crypto/heimdal/lib/asn1/k5.asn1
index 381aaf6..53436c8 100644
--- a/crypto/heimdal/lib/asn1/k5.asn1
+++ b/crypto/heimdal/lib/asn1/k5.asn1
@@ -1,4 +1,4 @@
--- $Id: k5.asn1,v 1.26 2002/03/18 19:00:43 joda Exp $
+-- $Id: k5.asn1,v 1.27 2002/09/03 17:32:09 joda Exp $
KERBEROS5 DEFINITIONS ::=
BEGIN
@@ -97,8 +97,7 @@ ENCTYPE ::= INTEGER {
ETYPE_DES_CBC_NONE(-0x1000),
ETYPE_DES3_CBC_NONE(-0x1001),
ETYPE_DES_CFB64_NONE(-0x1002),
- ETYPE_DES_PCBC_NONE(-0x1003),
- ETYPE_DES3_CBC_NONE_IVEC(-0x1004)
+ ETYPE_DES_PCBC_NONE(-0x1003)
}
-- this is sugar to make something ASN1 does not have: unsigned
diff --git a/crypto/heimdal/lib/auth/pam/pam.c b/crypto/heimdal/lib/auth/pam/pam.c
index eeb2d25..68446c3 100644
--- a/crypto/heimdal/lib/auth/pam/pam.c
+++ b/crypto/heimdal/lib/auth/pam/pam.c
@@ -33,7 +33,7 @@
#ifdef HAVE_CONFIG_H
#include<config.h>
-RCSID("$Id: pam.c,v 1.27 2001/02/15 04:30:05 assar Exp $");
+RCSID("$Id: pam.c,v 1.28 2002/09/09 15:57:24 joda Exp $");
#endif
#include <stdio.h>
@@ -128,7 +128,7 @@ pdeb(const char *format, ...)
if (ctrl_off(KRB4_DEBUG))
return;
va_start(args, format);
- openlog("pam_krb4", LOG_CONS|LOG_PID, LOG_AUTH);
+ openlog("pam_krb4", LOG_PID, LOG_AUTH);
vsyslog(LOG_DEBUG, format, args);
va_end(args);
closelog();
diff --git a/crypto/heimdal/lib/gssapi/ChangeLog b/crypto/heimdal/lib/gssapi/ChangeLog
index a369cf8..cd9d9c1 100644
--- a/crypto/heimdal/lib/gssapi/ChangeLog
+++ b/crypto/heimdal/lib/gssapi/ChangeLog
@@ -1,3 +1,13 @@
+2002-09-03 Johan Danielsson <joda@pdc.kth.se>
+
+ * wrap.c (wrap_des3): use ETYPE_DES3_CBC_NONE
+
+ * unwrap.c (unwrap_des3): use ETYPE_DES3_CBC_NONE
+
+2002-09-02 Johan Danielsson <joda@pdc.kth.se>
+
+ * init_sec_context.c: we need to generate a local subkey here
+
2002-08-20 Jacques Vidrine <n@nectar.com>
* acquire_cred.c, inquire_cred.c, release_cred.c: Use default
diff --git a/crypto/heimdal/lib/gssapi/init_sec_context.c b/crypto/heimdal/lib/gssapi/init_sec_context.c
index 1be73e1..2cef3a9 100644
--- a/crypto/heimdal/lib/gssapi/init_sec_context.c
+++ b/crypto/heimdal/lib/gssapi/init_sec_context.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "gssapi_locl.h"
-RCSID("$Id: init_sec_context.c,v 1.29 2001/08/29 02:21:09 assar Exp $");
+RCSID("$Id: init_sec_context.c,v 1.31 2002/09/02 17:16:12 joda Exp $");
/*
* copy the addresses from `input_chan_bindings' (if any) to
@@ -367,6 +367,16 @@ init_auth
}
#endif
+ kret = krb5_auth_con_generatelocalsubkey(gssapi_krb5_context,
+ (*context_handle)->auth_context,
+ &cred->session);
+ if(kret) {
+ gssapi_krb5_set_error_string ();
+ *minor_status = kret;
+ ret = GSS_S_FAILURE;
+ goto failure;
+ }
+
kret = krb5_build_authenticator (gssapi_krb5_context,
(*context_handle)->auth_context,
enctype,
diff --git a/crypto/heimdal/lib/gssapi/unwrap.c b/crypto/heimdal/lib/gssapi/unwrap.c
index e5e9695..5acb2e9 100644
--- a/crypto/heimdal/lib/gssapi/unwrap.c
+++ b/crypto/heimdal/lib/gssapi/unwrap.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "gssapi_locl.h"
-RCSID("$Id: unwrap.c,v 1.20 2002/05/20 15:14:00 nectar Exp $");
+RCSID("$Id: unwrap.c,v 1.21 2002/09/03 17:33:11 joda Exp $");
OM_uint32
gss_krb5_get_remotekey(const gss_ctx_id_t context_handle,
@@ -296,7 +296,7 @@ unwrap_des3
p -= 28;
ret = krb5_crypto_init(gssapi_krb5_context, key,
- ETYPE_DES3_CBC_NONE_IVEC, &crypto);
+ ETYPE_DES3_CBC_NONE, &crypto);
if (ret) {
gssapi_krb5_set_error_string ();
*minor_status = ret;
diff --git a/crypto/heimdal/lib/gssapi/wrap.c b/crypto/heimdal/lib/gssapi/wrap.c
index 4e232c5..1a9d7ea 100644
--- a/crypto/heimdal/lib/gssapi/wrap.c
+++ b/crypto/heimdal/lib/gssapi/wrap.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "gssapi_locl.h"
-RCSID("$Id: wrap.c,v 1.19 2001/06/18 02:53:52 assar Exp $");
+RCSID("$Id: wrap.c,v 1.20 2002/09/03 17:33:36 joda Exp $");
OM_uint32
gss_krb5_get_localkey(const gss_ctx_id_t context_handle,
@@ -330,7 +330,7 @@ wrap_des3
4);
- ret = krb5_crypto_init(gssapi_krb5_context, key, ETYPE_DES3_CBC_NONE_IVEC,
+ ret = krb5_crypto_init(gssapi_krb5_context, key, ETYPE_DES3_CBC_NONE,
&crypto);
if (ret) {
free (output_message_buffer->value);
diff --git a/crypto/heimdal/lib/hdb/common.c b/crypto/heimdal/lib/hdb/common.c
index 73bddf2..9375525 100644
--- a/crypto/heimdal/lib/hdb/common.c
+++ b/crypto/heimdal/lib/hdb/common.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,35 +33,21 @@
#include "hdb_locl.h"
-RCSID("$Id: common.c,v 1.10 2001/07/13 06:30:41 assar Exp $");
+RCSID("$Id: common.c,v 1.11 2002/09/04 16:32:30 joda Exp $");
int
hdb_principal2key(krb5_context context, krb5_principal p, krb5_data *key)
{
Principal new;
size_t len;
- unsigned char *buf;
int ret;
ret = copy_Principal(p, &new);
- if(ret)
- goto out;
+ if(ret)
+ return ret;
new.name.name_type = 0;
- len = length_Principal(&new);
- buf = malloc(len);
- if(buf == NULL){
- krb5_set_error_string(context, "malloc: out of memory");
- ret = ENOMEM;
- goto out;
- }
- ret = encode_Principal(buf + len - 1, len, &new, &len);
- if(ret){
- free(buf);
- goto out;
- }
- key->data = buf;
- key->length = len;
-out:
+
+ ASN1_MALLOC_ENCODE(Principal, key->data, key->length, &new, &len, ret);
free_Principal(&new);
return ret;
}
@@ -75,24 +61,11 @@ hdb_key2principal(krb5_context context, krb5_data *key, krb5_principal p)
int
hdb_entry2value(krb5_context context, hdb_entry *ent, krb5_data *value)
{
- unsigned char *buf;
size_t len;
int ret;
-
- len = length_hdb_entry(ent);
- buf = malloc(len);
- if(buf == NULL) {
- krb5_set_error_string(context, "malloc: out of memory");
- return ENOMEM;
- }
- ret = encode_hdb_entry(buf + len - 1, len, ent, &len);
- if(ret){
- free(buf);
- return ret;
- }
- value->data = buf;
- value->length = len;
- return 0;
+
+ ASN1_MALLOC_ENCODE(hdb_entry, value->data, value->length, ent, &len, ret);
+ return ret;
}
int
diff --git a/crypto/heimdal/lib/hdb/hdb-ldap.c b/crypto/heimdal/lib/hdb/hdb-ldap.c
index a92285c..8e90798 100644
--- a/crypto/heimdal/lib/hdb/hdb-ldap.c
+++ b/crypto/heimdal/lib/hdb/hdb-ldap.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1999 - 2001, PADL Software Pty Ltd.
+ * Copyright (c) 1999-2001, PADL Software Pty Ltd.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -32,7 +32,7 @@
#include "hdb_locl.h"
-RCSID("$Id: hdb-ldap.c,v 1.9 2001/08/31 18:19:49 joda Exp $");
+RCSID("$Id: hdb-ldap.c,v 1.10 2002/09/04 18:42:22 joda Exp $");
#ifdef OPENLDAP
@@ -451,29 +451,10 @@ LDAP_entry2mods(krb5_context context, HDB * db, hdb_entry * ent,
for (i = 0; i < ent->keys.len; i++) {
unsigned char *buf;
size_t len;
- Key new;
- ret = copy_Key(&ent->keys.val[i], &new);
- if (ret != 0) {
- goto out;
- }
-
- len = length_Key(&new);
- buf = malloc(len);
- if (buf == NULL) {
- krb5_set_error_string(context, "malloc: out of memory");
- ret = ENOMEM;
- free_Key(&new);
+ ASN1_MALLOC_ENCODE(Key, buf, len, &ent->keys.val[i], &len, ret);
+ if (ret != 0)
goto out;
- }
-
- ret = encode_Key(buf + len - 1, len, &new, &len);
- if (ret != 0) {
- free(buf);
- free_Key(&new);
- goto out;
- }
- free_Key(&new);
/* addmod_len _owns_ the key, doesn't need to copy it */
ret = LDAP_addmod_len(&mods, LDAP_MOD_ADD, "krb5Key", buf, len);
diff --git a/crypto/heimdal/lib/hdb/hdb_locl.h b/crypto/heimdal/lib/hdb/hdb_locl.h
index 921eabd..95c7060 100644
--- a/crypto/heimdal/lib/hdb/hdb_locl.h
+++ b/crypto/heimdal/lib/hdb/hdb_locl.h
@@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
-/* $Id: hdb_locl.h,v 1.17 2001/08/22 20:30:28 assar Exp $ */
+/* $Id: hdb_locl.h,v 1.18 2002/09/10 20:03:48 joda Exp $ */
#ifndef __HDB_LOCL_H__
#define __HDB_LOCL_H__
@@ -56,11 +56,7 @@
#endif
#include <roken.h>
-#ifdef HAVE_OPENSSL
-#include <openssl/des.h>
-#else
-#include <des.h>
-#endif
+#include "crypto-headers.h"
#include <krb5.h>
#include <hdb.h>
#include <hdb-private.h>
diff --git a/crypto/heimdal/lib/kdfs/ChangeLog b/crypto/heimdal/lib/kdfs/ChangeLog
index 44c5abf..c4bc2a3 100644
--- a/crypto/heimdal/lib/kdfs/ChangeLog
+++ b/crypto/heimdal/lib/kdfs/ChangeLog
@@ -1,3 +1,11 @@
+2002-08-12 Johan Danielsson <joda@pdc.kth.se>
+
+ * k5dfspag.c: don't use ## in string concatenation
+
+2002-03-11 Assar Westerlund <assar@sics.se>
+
+ * Makefile.am (libkdfs_la_LDFLAGS): set versoin to 0:2:0
+
2002-01-23 Assar Westerlund <assar@sics.se>
* k5dfspag.c: use SIG_DFL and not SIG_IGN for SIGCHLD.
diff --git a/crypto/heimdal/lib/kdfs/Makefile.am b/crypto/heimdal/lib/kdfs/Makefile.am
index c51d55e..7e0e6d5 100644
--- a/crypto/heimdal/lib/kdfs/Makefile.am
+++ b/crypto/heimdal/lib/kdfs/Makefile.am
@@ -1,4 +1,4 @@
-# $Id: Makefile.am,v 1.2 2000/12/11 00:46:47 assar Exp $
+# $Id: Makefile.am,v 1.3 2002/03/10 23:53:22 assar Exp $
include $(top_srcdir)/Makefile.am.common
@@ -7,4 +7,4 @@ lib_LTLIBRARIES = libkdfs.la
libkdfs_la_SOURCES = \
k5dfspag.c
-libkdfs_la_LDFLAGS = -version-info 0:1:0
+libkdfs_la_LDFLAGS = -version-info 0:2:0
diff --git a/crypto/heimdal/lib/kdfs/Makefile.in b/crypto/heimdal/lib/kdfs/Makefile.in
index cd096c4..a346347 100644
--- a/crypto/heimdal/lib/kdfs/Makefile.in
+++ b/crypto/heimdal/lib/kdfs/Makefile.in
@@ -1,6 +1,7 @@
-# Makefile.in generated automatically by automake 1.5 from Makefile.am.
+# Makefile.in generated by automake 1.6.3 from Makefile.am.
+# @configure_input@
-# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001
+# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002
# Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -13,14 +14,11 @@
@SET_MAKE@
-# $Id: Makefile.am,v 1.2 2000/12/11 00:46:47 assar Exp $
+# $Id: Makefile.am,v 1.3 2002/03/10 23:53:22 assar Exp $
+# $Id: Makefile.am.common,v 1.5 2002/05/19 18:35:37 joda Exp $
-# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
-
-
-# $Id: Makefile.am.common,v 1.31 2001/09/01 11:12:18 assar Exp $
-
+# $Id: Makefile.am.common,v 1.36 2002/08/19 16:10:25 joda Exp $
SHELL = @SHELL@
srcdir = @srcdir@
@@ -51,9 +49,13 @@ AUTOCONF = @AUTOCONF@
AUTOMAKE = @AUTOMAKE@
AUTOHEADER = @AUTOHEADER@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
INSTALL = @INSTALL@
INSTALL_PROGRAM = @INSTALL_PROGRAM@
INSTALL_DATA = @INSTALL_DATA@
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_HEADER = $(INSTALL_DATA)
transform = @program_transform_name@
@@ -65,6 +67,10 @@ PRE_UNINSTALL = :
POST_UNINSTALL = :
host_alias = @host_alias@
host_triplet = @host@
+
+EXEEXT = @EXEEXT@
+OBJEXT = @OBJEXT@
+PATH_SEPARATOR = @PATH_SEPARATOR@
AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@
AMTAR = @AMTAR@
AS = @AS@
@@ -81,7 +87,7 @@ DIR_com_err = @DIR_com_err@
DIR_des = @DIR_des@
DIR_roken = @DIR_roken@
DLLTOOL = @DLLTOOL@
-EXEEXT = @EXEEXT@
+ECHO = @ECHO@
EXTRA_LIB45 = @EXTRA_LIB45@
GROFF = @GROFF@
INCLUDES_roken = @INCLUDES_roken@
@@ -89,7 +95,9 @@ INCLUDE_ = @INCLUDE_@
INCLUDE_des = @INCLUDE_des@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
LEX = @LEX@
-LIBOBJS = @LIBOBJS@
+
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
LIBTOOL = @LIBTOOL@
LIB_ = @LIB_@
LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@
@@ -111,9 +119,9 @@ NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@
NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@
NROFF = @NROFF@
OBJDUMP = @OBJDUMP@
-OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
RANLIB = @RANLIB@
+STRIP = @STRIP@
VERSION = @VERSION@
VOID_RETSIGTYPE = @VOID_RETSIGTYPE@
WFLAGS = @WFLAGS@
@@ -126,16 +134,19 @@ X_PRE_LIBS = @X_PRE_LIBS@
YACC = @YACC@
am__include = @am__include@
am__quote = @am__quote@
-dpagaix_CFLAGS = @dpagaix_CFLAGS@
-dpagaix_LDADD = @dpagaix_LDADD@
+dpagaix_cflags = @dpagaix_cflags@
+dpagaix_ldadd = @dpagaix_ldadd@
+dpagaix_ldflags = @dpagaix_ldflags@
install_sh = @install_sh@
-AUTOMAKE_OPTIONS = foreign no-dependencies 1.4b
+AUTOMAKE_OPTIONS = foreign no-dependencies 1.6
-SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x
+SUFFIXES = .et .h .x .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8
INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken)
+@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME
+
AM_CFLAGS = $(WFLAGS)
CP = cp
@@ -166,8 +177,6 @@ LIB_socket = @LIB_socket@
LIB_syslog = @LIB_syslog@
LIB_tgetent = @LIB_tgetent@
-LIBS = @LIBS@
-
HESIODLIB = @HESIODLIB@
HESIODINCLUDE = @HESIODINCLUDE@
INCLUDE_hesiod = @INCLUDE_hesiod@
@@ -182,8 +191,6 @@ LIB_openldap = @LIB_openldap@
INCLUDE_readline = @INCLUDE_readline@
LIB_readline = @LIB_readline@
-LEXLIB = @LEXLIB@
-
NROFF_MAN = groff -mandoc -Tascii
@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
@@ -195,15 +202,13 @@ NROFF_MAN = groff -mandoc -Tascii
@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la
-CHECK_LOCAL = $(PROGRAMS)
-
lib_LTLIBRARIES = libkdfs.la
libkdfs_la_SOURCES = \
k5dfspag.c
-libkdfs_la_LDFLAGS = -version-info 0:1:0
+libkdfs_la_LDFLAGS = -version-info 0:2:0
subdir = lib/kdfs
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
CONFIG_HEADER = $(top_builddir)/include/config.h
@@ -218,7 +223,9 @@ DEFS = @DEFS@
DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include
CPPFLAGS = @CPPFLAGS@
LDFLAGS = @LDFLAGS@
+LIBS = @LIBS@
depcomp =
+am__depfiles_maybe =
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) \
@@ -234,42 +241,40 @@ SOURCES = $(libkdfs_la_SOURCES)
all: all-am
.SUFFIXES:
-.SUFFIXES: .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x .c .lo .o .obj
-
-mostlyclean-libtool:
- -rm -f *.lo
-
-clean-libtool:
- -rm -rf .libs _libs
-
-distclean-libtool:
- -rm -f libtool
+.SUFFIXES: .et .h .x .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj
$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(top_srcdir)/configure.in $(ACLOCAL_M4)
cd $(top_srcdir) && \
$(AUTOMAKE) --foreign lib/kdfs/Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
- cd $(top_builddir) && \
- CONFIG_HEADERS= CONFIG_LINKS= \
- CONFIG_FILES=$(subdir)/$@ $(SHELL) ./config.status
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)
+libLTLIBRARIES_INSTALL = $(INSTALL)
install-libLTLIBRARIES: $(lib_LTLIBRARIES)
@$(NORMAL_INSTALL)
$(mkinstalldirs) $(DESTDIR)$(libdir)
@list='$(lib_LTLIBRARIES)'; for p in $$list; do \
if test -f $$p; then \
- echo " $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p"; \
- $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p; \
+ f="`echo $$p | sed -e 's|^.*/||'`"; \
+ echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$f"; \
+ $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$f; \
else :; fi; \
done
uninstall-libLTLIBRARIES:
@$(NORMAL_UNINSTALL)
@list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ p="`echo $$p | sed -e 's|^.*/||'`"; \
echo " $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p"; \
$(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \
done
clean-libLTLIBRARIES:
-test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES)
+ @list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test -z "$dir" && dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
libkdfs.la: $(libkdfs_la_OBJECTS) $(libkdfs_la_DEPENDENCIES)
$(LINK) -rpath $(libdir) $(libkdfs_la_LDFLAGS) $(libkdfs_la_OBJECTS) $(libkdfs_la_LIBADD) $(LIBS)
@@ -280,62 +285,79 @@ distclean-compile:
-rm -f *.tab.c
.c.o:
- $(COMPILE) -c `test -f $< || echo '$(srcdir)/'`$<
+ $(COMPILE) -c `test -f '$<' || echo '$(srcdir)/'`$<
.c.obj:
$(COMPILE) -c `cygpath -w $<`
.c.lo:
- $(LTCOMPILE) -c -o $@ `test -f $< || echo '$(srcdir)/'`$<
+ $(LTCOMPILE) -c -o $@ `test -f '$<' || echo '$(srcdir)/'`$<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+
+distclean-libtool:
+ -rm -f libtool
uninstall-info-am:
+ETAGS = etags
+ETAGSFLAGS =
+
tags: TAGS
ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
- list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
- mkid -fID $$unique $(LISP)
+ mkid -fID $$unique
TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
- list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
- test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
- || etags $(ETAGS_ARGS) $$tags $$unique $(LISP)
+ test -z "$(ETAGS_ARGS)$$tags$$unique" \
+ || $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique
GTAGS:
- here=`CDPATH=: && cd $(top_builddir) && pwd` \
+ here=`$(am__cd) $(top_builddir) && pwd` \
&& cd $(top_srcdir) \
&& gtags -i $(GTAGS_ARGS) $$here
distclean-tags:
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH
-
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
top_distdir = ../..
distdir = $(top_distdir)/$(PACKAGE)-$(VERSION)
distdir: $(DISTFILES)
- @for file in $(DISTFILES); do \
- if test -f $$file; then d=.; else d=$(srcdir); fi; \
+ @list='$(DISTFILES)'; for file in $$list; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \
if test "$$dir" != "$$file" && test "$$dir" != "."; then \
- $(mkinstalldirs) "$(distdir)/$$dir"; \
+ dir="/$$dir"; \
+ $(mkinstalldirs) "$(distdir)$$dir"; \
+ else \
+ dir=''; \
fi; \
if test -d $$d/$$file; then \
- cp -pR $$d/$$file $(distdir) \
- || exit 1; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
else \
test -f $(distdir)/$$file \
|| cp -p $$d/$$file $(distdir)/$$file \
@@ -364,6 +386,7 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ INSTALL_STRIP_FLAG=-s \
`test -z '$(STRIP)' || \
echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
mostlyclean-generic:
@@ -371,7 +394,7 @@ mostlyclean-generic:
clean-generic:
distclean-generic:
- -rm -f Makefile $(CONFIG_CLEAN_FILES) stamp-h stamp-h[0-9]*
+ -rm -f Makefile $(CONFIG_CLEAN_FILES)
maintainer-clean-generic:
@echo "This command is intended for maintainers to use"
@@ -443,7 +466,7 @@ install-suid-programs:
install-exec-hook: install-suid-programs
install-build-headers:: $(include_HEADERS) $(build_HEADERZ)
- @foo='$(include_HEADERS) $(build_HEADERZ)'; \
+ @foo='$(include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \
for f in $$foo; do \
f=`basename $$f`; \
if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \
@@ -456,6 +479,36 @@ install-build-headers:: $(include_HEADERS) $(build_HEADERZ)
done
all-local: install-build-headers
+
+check-local::
+ @if test '$(CHECK_LOCAL)'; then \
+ foo='$(CHECK_LOCAL)'; else \
+ foo='$(PROGRAMS)'; fi; \
+ if test "$$foo"; then \
+ failed=0; all=0; \
+ for i in $$foo; do \
+ all=`expr $$all + 1`; \
+ if ./$$i --version > /dev/null 2>&1; then \
+ echo "PASS: $$i"; \
+ else \
+ echo "FAIL: $$i"; \
+ failed=`expr $$failed + 1`; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="$$failed of $$all tests failed"; \
+ fi; \
+ dashes=`echo "$$banner" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ fi
+
+.x.c:
+ @cmp -s $< $@ 2> /dev/null || cp $< $@
#NROFF_MAN = nroff -man
.1.cat1:
$(NROFF_MAN) $< > $@
@@ -529,34 +582,6 @@ install-data-local: install-cat-mans
$(COMPILE_ET) $<
.et.c:
$(COMPILE_ET) $<
-
-.x.c:
- @cmp -s $< $@ 2> /dev/null || cp $< $@
-
-check-local::
- @foo='$(CHECK_LOCAL)'; \
- if test "$$foo"; then \
- failed=0; all=0; \
- for i in $$foo; do \
- all=`expr $$all + 1`; \
- if ./$$i --version > /dev/null 2>&1; then \
- echo "PASS: $$i"; \
- else \
- echo "FAIL: $$i"; \
- failed=`expr $$failed + 1`; \
- fi; \
- done; \
- if test "$$failed" -eq 0; then \
- banner="All $$all tests passed"; \
- else \
- banner="$$failed of $$all tests failed"; \
- fi; \
- dashes=`echo "$$banner" | sed s/./=/g`; \
- echo "$$dashes"; \
- echo "$$banner"; \
- echo "$$dashes"; \
- test "$$failed" -eq 0; \
- fi
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
.NOEXPORT:
diff --git a/crypto/heimdal/lib/kdfs/k5dfspag.c b/crypto/heimdal/lib/kdfs/k5dfspag.c
index 97f66cd..84161b8 100644
--- a/crypto/heimdal/lib/kdfs/k5dfspag.c
+++ b/crypto/heimdal/lib/kdfs/k5dfspag.c
@@ -25,7 +25,7 @@
#include <config.h>
#endif
-RCSID("$Id: k5dfspag.c,v 1.5 2002/01/23 01:49:34 assar Exp $");
+RCSID("$Id: k5dfspag.c,v 1.6 2002/08/12 15:11:58 joda Exp $");
#include <krb5.h>
@@ -104,7 +104,7 @@ typedef krb5_sigtype sigtype;
#elif defined(_AIX)
#ifndef DPAGAIX
-#define DPAGAIX LIBEXECDIR ## "/dpagaix"
+#define DPAGAIX LIBEXECDIR "/dpagaix"
#endif
int *load();
static int (*dpagaix)(int, int, int, int, int, int) = 0;
@@ -124,7 +124,7 @@ static int (*dpagaix)(int, int, int, int, int, int) = 0;
#endif /* WAIT_USES_INT */
#ifndef K5DCECON
-#define K5DCECON LIBEXECDIR ## "/k5dcecon"
+#define K5DCECON LIBEXECDIR "/k5dcecon"
#endif
/*
diff --git a/crypto/heimdal/lib/krb5/Makefile.am b/crypto/heimdal/lib/krb5/Makefile.am
index e88a28e..ae75808 100644
--- a/crypto/heimdal/lib/krb5/Makefile.am
+++ b/crypto/heimdal/lib/krb5/Makefile.am
@@ -1,4 +1,4 @@
-# $Id: Makefile.am,v 1.145 2002/08/29 04:02:24 assar Exp $
+# $Id: Makefile.am,v 1.147 2002/09/03 14:45:13 joda Exp $
include $(top_srcdir)/Makefile.am.common
@@ -13,7 +13,8 @@ TESTS = \
string-to-key-test \
derived-key-test \
store-test \
- parse-name-test
+ parse-name-test \
+ name-45-test
check_PROGRAMS = $(TESTS)
@@ -133,10 +134,10 @@ libkrb5_la_LDFLAGS = -version-info 18:3:1
$(libkrb5_la_OBJECTS): $(srcdir)/krb5-protos.h $(srcdir)/krb5-private.h
-$(srcdir)/krb5-protos.h: $(ERR_FILES)
+$(srcdir)/krb5-protos.h:
cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -o krb5-protos.h $(libkrb5_la_SOURCES) || rm -f krb5-protos.h
-$(srcdir)/krb5-private.h: $(ERR_FILES)
+$(srcdir)/krb5-private.h:
cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -p krb5-private.h $(libkrb5_la_SOURCES) || rm -f krb5-private.h
#libkrb5_la_LIBADD = ../com_err/error.lo ../com_err/com_err.lo
diff --git a/crypto/heimdal/lib/krb5/Makefile.in b/crypto/heimdal/lib/krb5/Makefile.in
index 7126546..80ce39f 100644
--- a/crypto/heimdal/lib/krb5/Makefile.in
+++ b/crypto/heimdal/lib/krb5/Makefile.in
@@ -14,7 +14,7 @@
@SET_MAKE@
-# $Id: Makefile.am,v 1.145 2002/08/29 04:02:24 assar Exp $
+# $Id: Makefile.am,v 1.147 2002/09/03 14:45:13 joda Exp $
# $Id: Makefile.am.common,v 1.5 2002/05/19 18:35:37 joda Exp $
@@ -211,7 +211,8 @@ TESTS = \
string-to-key-test \
derived-key-test \
store-test \
- parse-name-test
+ parse-name-test \
+ name-45-test
check_PROGRAMS = $(TESTS)
@@ -406,7 +407,7 @@ libkrb5_la_OBJECTS = $(am_libkrb5_la_OBJECTS)
bin_PROGRAMS = verify_krb5_conf$(EXEEXT)
check_PROGRAMS = n-fold-test$(EXEEXT) string-to-key-test$(EXEEXT) \
derived-key-test$(EXEEXT) store-test$(EXEEXT) \
- parse-name-test$(EXEEXT)
+ parse-name-test$(EXEEXT) name-45-test$(EXEEXT)
noinst_PROGRAMS = dump_config$(EXEEXT) test_get_addrs$(EXEEXT) \
krbhst-test$(EXEEXT)
PROGRAMS = $(bin_PROGRAMS) $(noinst_PROGRAMS)
@@ -435,6 +436,12 @@ n_fold_test_LDADD = $(LDADD)
n_fold_test_DEPENDENCIES = libkrb5.la \
$(top_builddir)/lib/asn1/libasn1.la
n_fold_test_LDFLAGS =
+name_45_test_SOURCES = name-45-test.c
+name_45_test_OBJECTS = name-45-test.$(OBJEXT)
+name_45_test_LDADD = $(LDADD)
+name_45_test_DEPENDENCIES = libkrb5.la \
+ $(top_builddir)/lib/asn1/libasn1.la
+name_45_test_LDFLAGS =
parse_name_test_SOURCES = parse-name-test.c
parse_name_test_OBJECTS = parse-name-test.$(OBJEXT)
parse_name_test_LDADD = $(LDADD)
@@ -481,13 +488,14 @@ LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(AM_LDFLAGS) $(LDFLAGS) -o $@
CFLAGS = @CFLAGS@
DIST_SOURCES = $(libkrb5_la_SOURCES) derived-key-test.c dump_config.c \
- krbhst-test.c n-fold-test.c parse-name-test.c store-test.c \
- string-to-key-test.c test_get_addrs.c verify_krb5_conf.c
+ krbhst-test.c n-fold-test.c name-45-test.c parse-name-test.c \
+ store-test.c string-to-key-test.c test_get_addrs.c \
+ verify_krb5_conf.c
MANS = $(man_MANS)
HEADERS = $(include_HEADERS)
DIST_COMMON = $(include_HEADERS) Makefile.am Makefile.in
-SOURCES = $(libkrb5_la_SOURCES) derived-key-test.c dump_config.c krbhst-test.c n-fold-test.c parse-name-test.c store-test.c string-to-key-test.c test_get_addrs.c verify_krb5_conf.c
+SOURCES = $(libkrb5_la_SOURCES) derived-key-test.c dump_config.c krbhst-test.c n-fold-test.c name-45-test.c parse-name-test.c store-test.c string-to-key-test.c test_get_addrs.c verify_krb5_conf.c
all: all-am
@@ -583,6 +591,9 @@ krbhst-test$(EXEEXT): $(krbhst_test_OBJECTS) $(krbhst_test_DEPENDENCIES)
n-fold-test$(EXEEXT): $(n_fold_test_OBJECTS) $(n_fold_test_DEPENDENCIES)
@rm -f n-fold-test$(EXEEXT)
$(LINK) $(n_fold_test_LDFLAGS) $(n_fold_test_OBJECTS) $(n_fold_test_LDADD) $(LIBS)
+name-45-test$(EXEEXT): $(name_45_test_OBJECTS) $(name_45_test_DEPENDENCIES)
+ @rm -f name-45-test$(EXEEXT)
+ $(LINK) $(name_45_test_LDFLAGS) $(name_45_test_OBJECTS) $(name_45_test_LDADD) $(LIBS)
parse-name-test$(EXEEXT): $(parse_name_test_OBJECTS) $(parse_name_test_DEPENDENCIES)
@rm -f parse-name-test$(EXEEXT)
$(LINK) $(parse_name_test_LDFLAGS) $(parse_name_test_OBJECTS) $(parse_name_test_LDADD) $(LIBS)
@@ -1121,10 +1132,10 @@ install-data-local: install-cat-mans
$(libkrb5_la_OBJECTS): $(srcdir)/krb5-protos.h $(srcdir)/krb5-private.h
-$(srcdir)/krb5-protos.h: $(ERR_FILES)
+$(srcdir)/krb5-protos.h:
cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -o krb5-protos.h $(libkrb5_la_SOURCES) || rm -f krb5-protos.h
-$(srcdir)/krb5-private.h: $(ERR_FILES)
+$(srcdir)/krb5-private.h:
cd $(srcdir) && perl ../../cf/make-proto.pl -q -P comment -p krb5-private.h $(libkrb5_la_SOURCES) || rm -f krb5-private.h
$(libkrb5_la_OBJECTS): krb5_err.h heim_err.h k524_err.h
diff --git a/crypto/heimdal/lib/krb5/auth_context.c b/crypto/heimdal/lib/krb5/auth_context.c
index 3b42ce7..2e7a8f4 100644
--- a/crypto/heimdal/lib/krb5/auth_context.c
+++ b/crypto/heimdal/lib/krb5/auth_context.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: auth_context.c,v 1.58 2002/08/15 08:23:07 joda Exp $");
+RCSID("$Id: auth_context.c,v 1.59 2002/09/02 17:11:02 joda Exp $");
krb5_error_code
krb5_auth_con_init(krb5_context context,
@@ -292,6 +292,24 @@ krb5_auth_con_setlocalsubkey(krb5_context context,
}
krb5_error_code
+krb5_auth_con_generatelocalsubkey(krb5_context context,
+ krb5_auth_context auth_context,
+ krb5_keyblock *key)
+{
+ krb5_error_code ret;
+ krb5_keyblock *subkey;
+
+ ret = krb5_generate_subkey (context, key, &subkey);
+ if(ret)
+ return ret;
+ if(auth_context->local_subkey)
+ krb5_free_keyblock(context, auth_context->local_subkey);
+ auth_context->local_subkey = subkey;
+ return 0;
+}
+
+
+krb5_error_code
krb5_auth_con_setremotesubkey(krb5_context context,
krb5_auth_context auth_context,
krb5_keyblock *keyblock)
diff --git a/crypto/heimdal/lib/krb5/build_ap_req.c b/crypto/heimdal/lib/krb5/build_ap_req.c
index e4f7d4e..cab5e6f 100644
--- a/crypto/heimdal/lib/krb5/build_ap_req.c
+++ b/crypto/heimdal/lib/krb5/build_ap_req.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: build_ap_req.c,v 1.17 2001/05/14 06:14:44 assar Exp $");
+RCSID("$Id: build_ap_req.c,v 1.18 2002/09/04 16:26:04 joda Exp $");
krb5_error_code
krb5_build_ap_req (krb5_context context,
@@ -66,15 +66,10 @@ krb5_build_ap_req (krb5_context context,
ap.authenticator.kvno = NULL;
ap.authenticator.cipher = authenticator;
- retdata->length = length_AP_REQ(&ap);
- retdata->data = malloc(retdata->length);
- if(retdata->data == NULL) {
- krb5_set_error_string(context, "malloc: out of memory");
- ret = ENOMEM;
- } else
- encode_AP_REQ((unsigned char *)retdata->data + retdata->length - 1,
- retdata->length, &ap, &len);
+ ASN1_MALLOC_ENCODE(AP_REQ, retdata->data, retdata->length,
+ &ap, &len, ret);
+
free_AP_REQ(&ap);
-
return ret;
+
}
diff --git a/crypto/heimdal/lib/krb5/build_auth.c b/crypto/heimdal/lib/krb5/build_auth.c
index b1650fd..9a2ca3e 100644
--- a/crypto/heimdal/lib/krb5/build_auth.c
+++ b/crypto/heimdal/lib/krb5/build_auth.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: build_auth.c,v 1.35 2001/05/14 06:14:44 assar Exp $");
+RCSID("$Id: build_auth.c,v 1.38 2002/09/04 16:26:04 joda Exp $");
krb5_error_code
krb5_build_authenticator (krb5_context context,
@@ -74,13 +74,6 @@ krb5_build_authenticator (krb5_context context,
if(ret)
goto fail;
- if(auth->subkey == NULL) {
- krb5_generate_subkey (context, &cred->session, &auth->subkey);
- ret = krb5_auth_con_setlocalsubkey(context, auth_context, auth->subkey);
- if(ret)
- goto fail;
- }
-
if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) {
krb5_generate_seq_number (context,
&cred->session,
@@ -99,36 +92,10 @@ krb5_build_authenticator (krb5_context context,
auth_context->authenticator->cusec = auth->cusec;
}
- buf_size = 1024;
- buf = malloc (buf_size);
- if (buf == NULL) {
- krb5_set_error_string(context, "malloc: out of memory");
- ret = ENOMEM;
- goto fail;
- }
+ ASN1_MALLOC_ENCODE(Authenticator, buf, buf_size, auth, &len, ret);
- do {
- ret = krb5_encode_Authenticator (context,
- buf + buf_size - 1,
- buf_size,
- auth, &len);
- if (ret) {
- if (ret == ASN1_OVERFLOW) {
- u_char *tmp;
-
- buf_size *= 2;
- tmp = realloc (buf, buf_size);
- if (tmp == NULL) {
- krb5_set_error_string(context, "malloc: out of memory");
- ret = ENOMEM;
- goto fail;
- }
- buf = tmp;
- } else {
- goto fail;
- }
- }
- } while(ret == ASN1_OVERFLOW);
+ if (ret)
+ goto fail;
ret = krb5_crypto_init(context, &cred->session, enctype, &crypto);
if (ret)
diff --git a/crypto/heimdal/lib/krb5/changepw.c b/crypto/heimdal/lib/krb5/changepw.c
index e930d87..f765a97 100644
--- a/crypto/heimdal/lib/krb5/changepw.c
+++ b/crypto/heimdal/lib/krb5/changepw.c
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: changepw.c,v 1.35 2002/06/06 13:33:13 joda Exp $");
+RCSID("$Id: changepw.c,v 1.37 2002/09/03 16:14:34 nectar Exp $");
static krb5_error_code
send_request (krb5_context context,
@@ -57,7 +57,7 @@ send_request (krb5_context context,
ret = krb5_mk_req_extended (context,
auth_context,
- AP_OPTS_MUTUAL_REQUIRED,
+ AP_OPTS_MUTUAL_REQUIRED | AP_OPTS_USE_SUBKEY,
NULL, /* in_data */
creds,
&ap_req_data);
@@ -144,7 +144,7 @@ process_reply (krb5_context context,
u_char reply[BUFSIZ];
size_t len;
u_int16_t pkt_len, pkt_ver;
- krb5_data ap_rep_data;
+ krb5_data ap_rep_data, priv_data;
int save_errno;
ret = recvfrom (sock, reply, sizeof(reply), 0, NULL, NULL);
@@ -173,10 +173,13 @@ process_reply (krb5_context context,
ap_rep_data.data = reply + 6;
ap_rep_data.length = (reply[4] << 8) | (reply[5]);
+ priv_data.data = (u_char*)ap_rep_data.data + ap_rep_data.length;
+ priv_data.length = len - ap_rep_data.length - 6;
+ if ((u_char *)priv_data.data + priv_data.length >= reply + len)
+ return KRB5_KPASSWD_MALFORMED;
if (ap_rep_data.length) {
krb5_ap_rep_enc_part *ap_rep;
- krb5_data priv_data;
u_char *p;
ret = krb5_rd_rep (context,
@@ -188,9 +191,6 @@ process_reply (krb5_context context,
krb5_free_ap_rep_enc_part (context, ap_rep);
- priv_data.data = (u_char*)ap_rep_data.data + ap_rep_data.length;
- priv_data.length = len - ap_rep_data.length - 6;
-
ret = krb5_rd_priv (context,
auth_context,
&priv_data,
diff --git a/crypto/heimdal/lib/krb5/config_file.c b/crypto/heimdal/lib/krb5/config_file.c
index 77920a8..845b14c 100644
--- a/crypto/heimdal/lib/krb5/config_file.c
+++ b/crypto/heimdal/lib/krb5/config_file.c
@@ -32,7 +32,7 @@
*/
#include "krb5_locl.h"
-RCSID("$Id: config_file.c,v 1.45 2002/08/14 17:35:03 joda Exp $");
+RCSID("$Id: config_file.c,v 1.46 2002/09/10 19:04:55 joda Exp $");
#ifndef HAVE_NETINFO
@@ -341,7 +341,7 @@ vget_next(krb5_context context,
{
const char *p = va_arg(args, const char *);
while(b != NULL) {
- if(strcmp(b->name, name) == NULL) {
+ if(strcmp(b->name, name) == 0) {
if(b->type == type && p == NULL) {
*pointer = b;
return b->u.generic;
diff --git a/crypto/heimdal/lib/krb5/context.c b/crypto/heimdal/lib/krb5/context.c
index d21ea71..75fe347 100644
--- a/crypto/heimdal/lib/krb5/context.c
+++ b/crypto/heimdal/lib/krb5/context.c
@@ -34,7 +34,7 @@
#include "krb5_locl.h"
#include <com_err.h>
-RCSID("$Id: context.c,v 1.80 2002/08/28 15:27:24 joda Exp $");
+RCSID("$Id: context.c,v 1.81 2002/09/02 17:03:12 joda Exp $");
#define INIT_FIELD(C, T, E, D, F) \
(C)->E = krb5_config_get_ ## T ## _default ((C), NULL, (D), \
@@ -173,14 +173,9 @@ init_context_from_config_file(krb5_context context)
INIT_FIELD(context, bool, scan_interfaces, TRUE, "scan_interfaces");
INIT_FIELD(context, int, fcache_vno, 0, "fcache_version");
- INIT_FIELD(context, bool, srv_lookup, TRUE, "dns_lookup_kdc");
- /* srv_lookup backwards compatibility. */
- {
- const char **p;
- p = krb5_config_get_strings(context, NULL, "libdefaults", "srv_lookup", NULL);
- if (p != NULL)
- INIT_FIELD(context, bool, srv_lookup, TRUE, "srv_lookup");
- }
+ /* prefer dns_lookup_kdc over srv_lookup. */
+ INIT_FIELD(context, bool, srv_lookup, TRUE, "srv_lookup");
+ INIT_FIELD(context, bool, srv_lookup, context->srv_lookup, "dns_lookup_kdc");
return 0;
}
diff --git a/crypto/heimdal/lib/krb5/crypto.c b/crypto/heimdal/lib/krb5/crypto.c
index db9e810..65fa793 100644
--- a/crypto/heimdal/lib/krb5/crypto.c
+++ b/crypto/heimdal/lib/krb5/crypto.c
@@ -32,7 +32,7 @@
*/
#include "krb5_locl.h"
-RCSID("$Id: crypto.c,v 1.64 2002/04/29 16:31:54 joda Exp $");
+RCSID("$Id: crypto.c,v 1.66 2002/09/03 19:58:15 joda Exp $");
#undef CRYPTO_DEBUG
#ifdef CRYPTO_DEBUG
@@ -1676,26 +1676,14 @@ DES3_CBC_encrypt(krb5_context context,
size_t len,
krb5_boolean encrypt,
int usage,
- void *ignore_ivec)
-{
- des_cblock ivec;
- des_key_schedule *s = key->schedule->data;
- memset(&ivec, 0, sizeof(ivec));
- des_ede3_cbc_encrypt(data, data, len, s[0], s[1], s[2], &ivec, encrypt);
- return 0;
-}
-
-static krb5_error_code
-DES3_CBC_encrypt_ivec(krb5_context context,
- struct key_data *key,
- void *data,
- size_t len,
- krb5_boolean encrypt,
- int usage,
- void *ivec)
+ void *ivec)
{
+ des_cblock local_ivec;
des_key_schedule *s = key->schedule->data;
-
+ if(ivec == NULL) {
+ ivec = &local_ivec;
+ memset(local_ivec, 0, sizeof(local_ivec));
+ }
des_ede3_cbc_encrypt(data, data, len, s[0], s[1], s[2], ivec, encrypt);
return 0;
}
@@ -2070,17 +2058,6 @@ static struct encryption_type enctype_des3_cbc_none = {
F_PSEUDO,
DES3_CBC_encrypt,
};
-static struct encryption_type enctype_des3_cbc_none_ivec = {
- ETYPE_DES3_CBC_NONE_IVEC,
- "des3-cbc-none-ivec",
- 8,
- 0,
- &keytype_des3_derived,
- &checksum_none,
- NULL,
- F_PSEUDO,
- DES3_CBC_encrypt_ivec,
-};
static struct encryption_type *etypes[] = {
&enctype_null,
@@ -2094,8 +2071,7 @@ static struct encryption_type *etypes[] = {
&enctype_des_cbc_none,
&enctype_des_cfb64_none,
&enctype_des_pcbc_none,
- &enctype_des3_cbc_none,
- &enctype_des3_cbc_none_ivec
+ &enctype_des3_cbc_none
};
static unsigned num_etypes = sizeof(etypes) / sizeof(etypes[0]);
@@ -3057,6 +3033,15 @@ krb5_crypto_destroy(krb5_context context,
}
krb5_error_code
+krb5_crypto_getblocksize(krb5_context context,
+ krb5_crypto crypto,
+ size_t *blocksize)
+{
+ *blocksize = crypto->et->blocksize;
+ return 0;
+}
+
+krb5_error_code
krb5_string_to_key_derived(krb5_context context,
const void *str,
size_t len,
diff --git a/crypto/heimdal/lib/krb5/get_cred.c b/crypto/heimdal/lib/krb5/get_cred.c
index 256234b..7aa61a3 100644
--- a/crypto/heimdal/lib/krb5/get_cred.c
+++ b/crypto/heimdal/lib/krb5/get_cred.c
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: get_cred.c,v 1.88 2002/03/10 23:11:29 assar Exp $");
+RCSID("$Id: get_cred.c,v 1.91 2002/09/04 21:12:46 joda Exp $");
/*
* Take the `body' and encode it into `padata' using the credentials
@@ -54,36 +54,14 @@ make_pa_tgs_req(krb5_context context,
krb5_data in_data;
krb5_error_code ret;
- buf_size = 1024;
- buf = malloc (buf_size);
- if (buf == NULL) {
- krb5_set_error_string(context, "malloc: out of memory");
- return ENOMEM;
- }
-
- do {
- ret = encode_KDC_REQ_BODY(buf + buf_size - 1, buf_size,
- body, &len);
- if (ret){
- if (ret == ASN1_OVERFLOW) {
- u_char *tmp;
-
- buf_size *= 2;
- tmp = realloc (buf, buf_size);
- if (tmp == NULL) {
- krb5_set_error_string(context, "malloc: out of memory");
- ret = ENOMEM;
- goto out;
- }
- buf = tmp;
- } else {
- goto out;
- }
- }
- } while (ret == ASN1_OVERFLOW);
+ ASN1_MALLOC_ENCODE(KDC_REQ_BODY, buf, buf_size, body, &len, ret);
+ if (ret)
+ goto out;
+ if(buf_size != len)
+ krb5_abortx(context, "internal error in ASN.1 encoder");
in_data.length = len;
- in_data.data = buf + buf_size - len;
+ in_data.data = buf;
ret = krb5_mk_req_internal(context, &ac, 0, &in_data, creds,
&padata->padata_value,
KRB5_KU_TGS_REQ_AUTH_CKSUM,
@@ -113,18 +91,9 @@ set_auth_data (krb5_context context,
krb5_crypto crypto;
krb5_error_code ret;
- len = length_AuthorizationData(authdata);
- buf = malloc(len);
- if (buf == NULL) {
- krb5_set_error_string(context, "malloc: out of memory");
- return ENOMEM;
- }
- ret = encode_AuthorizationData(buf + len - 1,
- len, authdata, &len);
- if (ret) {
- free (buf);
+ ASN1_MALLOC_ENCODE(AuthorizationData, buf, len, authdata, &len, ret);
+ if (ret)
return ret;
- }
ALLOC(req_body->enc_authorization_data, 1);
if (req_body->enc_authorization_data == NULL) {
@@ -173,16 +142,19 @@ init_tgs_req (krb5_context context,
TGS_REQ *t,
krb5_key_usage usage)
{
- krb5_error_code ret;
+ krb5_error_code ret = 0;
memset(t, 0, sizeof(*t));
t->pvno = 5;
t->msg_type = krb_tgs_req;
if (in_creds->session.keytype) {
- ret = krb5_keytype_to_enctypes_default (context,
- in_creds->session.keytype,
- &t->req_body.etype.len,
- &t->req_body.etype.val);
+ ALLOC_SEQ(&t->req_body.etype, 1);
+ if(t->req_body.etype.val == NULL) {
+ ret = ENOMEM;
+ krb5_set_error_string(context, "malloc: out of memory");
+ goto fail;
+ }
+ t->req_body.etype.val[0] = in_creds->session.keytype;
} else {
ret = krb5_init_etype(context,
&t->req_body.etype.len,
@@ -431,34 +403,11 @@ get_cred_kdc_usage(krb5_context context,
if (ret)
goto out;
- buf_size = 1024;
- buf = malloc (buf_size);
- if (buf == NULL) {
- krb5_set_error_string(context, "malloc: out of memory");
- ret = ENOMEM;
+ ASN1_MALLOC_ENCODE(TGS_REQ, buf, buf_size, &req, &enc.length, ret);
+ if (ret)
goto out;
- }
-
- do {
- ret = encode_TGS_REQ (buf + buf_size - 1, buf_size,
- &req, &enc.length);
- if (ret) {
- if (ret == ASN1_OVERFLOW) {
- u_char *tmp;
-
- buf_size *= 2;
- tmp = realloc (buf, buf_size);
- if (tmp == NULL) {
- krb5_set_error_string(context, "malloc: out of memory");
- ret = ENOMEM;
- goto out;
- }
- buf = tmp;
- } else {
- goto out;
- }
- }
- } while (ret == ASN1_OVERFLOW);
+ if(enc.length != buf_size)
+ krb5_abortx(context, "internal error in ASN.1 encoder");
/* don't free addresses */
req.req_body.addresses = NULL;
diff --git a/crypto/heimdal/lib/krb5/get_for_creds.c b/crypto/heimdal/lib/krb5/get_for_creds.c
index 53a3f2b..2bec9f7 100644
--- a/crypto/heimdal/lib/krb5/get_for_creds.c
+++ b/crypto/heimdal/lib/krb5/get_for_creds.c
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: get_for_creds.c,v 1.32 2002/03/10 23:12:23 assar Exp $");
+RCSID("$Id: get_for_creds.c,v 1.34 2002/09/04 16:26:04 joda Exp $");
static krb5_error_code
add_addrs(krb5_context context,
@@ -162,12 +162,14 @@ krb5_get_forwarded_creds (krb5_context context,
KrbCredInfo *krb_cred_info;
EncKrbCredPart enc_krb_cred_part;
size_t len;
- u_char buf[1024];
+ unsigned char *buf;
+ size_t buf_size;
int32_t sec, usec;
krb5_kdc_flags kdc_flags;
krb5_crypto crypto;
struct addrinfo *ai;
int save_errno;
+ krb5_keyblock *key;
addrs.len = 0;
addrs.val = NULL;
@@ -319,45 +321,51 @@ krb5_get_forwarded_creds (krb5_context context,
/* encode EncKrbCredPart */
- ret = krb5_encode_EncKrbCredPart (context,
- buf + sizeof(buf) - 1, sizeof(buf),
- &enc_krb_cred_part, &len);
+ ASN1_MALLOC_ENCODE(EncKrbCredPart, buf, buf_size,
+ &enc_krb_cred_part, &len, ret);
free_EncKrbCredPart (&enc_krb_cred_part);
if (ret) {
free_KRB_CRED(&cred);
return ret;
- }
+ }
+ if(buf_size != len)
+ krb5_abortx(context, "internal error in ASN.1 encoder");
+
+ if (auth_context->local_subkey)
+ key = auth_context->local_subkey;
+ else if (auth_context->remote_subkey)
+ key = auth_context->remote_subkey;
+ else
+ key = auth_context->keyblock;
- ret = krb5_crypto_init(context, auth_context->local_subkey, 0, &crypto);
+ ret = krb5_crypto_init(context, key, 0, &crypto);
if (ret) {
+ free(buf);
free_KRB_CRED(&cred);
return ret;
}
ret = krb5_encrypt_EncryptedData (context,
crypto,
KRB5_KU_KRB_CRED,
- buf + sizeof(buf) - len,
+ buf,
len,
0,
&cred.enc_part);
+ free(buf);
krb5_crypto_destroy(context, crypto);
if (ret) {
free_KRB_CRED(&cred);
return ret;
}
- ret = encode_KRB_CRED (buf + sizeof(buf) - 1, sizeof(buf),
- &cred, &len);
+ ASN1_MALLOC_ENCODE(KRB_CRED, buf, buf_size, &cred, &len, ret);
free_KRB_CRED (&cred);
if (ret)
return ret;
+ if(buf_size != len)
+ krb5_abortx(context, "internal error in ASN.1 encoder");
out_data->length = len;
- out_data->data = malloc(len);
- if (out_data->data == NULL) {
- krb5_set_error_string(context, "malloc: out of memory");
- return ENOMEM;
- }
- memcpy (out_data->data, buf + sizeof(buf) - len, len);
+ out_data->data = buf;
return 0;
out4:
free_EncKrbCredPart(&enc_krb_cred_part);
diff --git a/crypto/heimdal/lib/krb5/get_in_tkt.c b/crypto/heimdal/lib/krb5/get_in_tkt.c
index 04587ea..74a0204 100644
--- a/crypto/heimdal/lib/krb5/get_in_tkt.c
+++ b/crypto/heimdal/lib/krb5/get_in_tkt.c
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: get_in_tkt.c,v 1.104 2002/04/18 09:11:39 joda Exp $");
+RCSID("$Id: get_in_tkt.c,v 1.106 2002/09/04 16:26:04 joda Exp $");
krb5_error_code
krb5_init_etype (krb5_context context,
@@ -158,22 +158,12 @@ _krb5_extract_ticket(krb5_context context,
creds->client = tmp_principal;
/* extract ticket */
- {
- unsigned char *buf;
- size_t len;
- len = length_Ticket(&rep->kdc_rep.ticket);
- buf = malloc(len);
- if(buf == NULL) {
- krb5_set_error_string(context, "malloc: out of memory");
- ret = ENOMEM;
- goto out;
- }
- encode_Ticket(buf + len - 1, len, &rep->kdc_rep.ticket, &len);
- creds->ticket.data = buf;
- creds->ticket.length = len;
- creds->second_ticket.length = 0;
- creds->second_ticket.data = NULL;
- }
+ ASN1_MALLOC_ENCODE(Ticket, creds->ticket.data, creds->ticket.length,
+ &rep->kdc_rep.ticket, &creds->ticket.length, ret);
+ if(ret)
+ goto out;
+ creds->second_ticket.length = 0;
+ creds->second_ticket.data = NULL;
/* compare server */
@@ -223,7 +213,8 @@ _krb5_extract_ticket(krb5_context context,
/* set kdc-offset */
krb5_timeofday (context, &sec_now);
- if (context->kdc_sec_offset == 0
+ if (rep->enc_part.flags.initial
+ && context->kdc_sec_offset == 0
&& krb5_config_get_bool (context, NULL,
"libdefaults",
"kdc_timesync",
@@ -314,7 +305,8 @@ make_pa_enc_timestamp(krb5_context context, PA_DATA *pa,
krb5_enctype etype, krb5_keyblock *key)
{
PA_ENC_TS_ENC p;
- u_char buf[1024];
+ unsigned char *buf;
+ size_t buf_size;
size_t len;
EncryptedData encdata;
krb5_error_code ret;
@@ -327,39 +319,37 @@ make_pa_enc_timestamp(krb5_context context, PA_DATA *pa,
usec2 = usec;
p.pausec = &usec2;
- ret = encode_PA_ENC_TS_ENC(buf + sizeof(buf) - 1,
- sizeof(buf),
- &p,
- &len);
+ ASN1_MALLOC_ENCODE(PA_ENC_TS_ENC, buf, buf_size, &p, &len, ret);
if (ret)
return ret;
-
+ if(buf_size != len)
+ krb5_abortx(context, "internal error in ASN.1 encoder");
ret = krb5_crypto_init(context, key, 0, &crypto);
- if (ret)
+ if (ret) {
+ free(buf);
return ret;
+ }
ret = krb5_encrypt_EncryptedData(context,
crypto,
KRB5_KU_PA_ENC_TIMESTAMP,
- buf + sizeof(buf) - len,
+ buf,
len,
0,
&encdata);
+ free(buf);
krb5_crypto_destroy(context, crypto);
if (ret)
return ret;
- ret = encode_EncryptedData(buf + sizeof(buf) - 1,
- sizeof(buf),
- &encdata,
- &len);
+ ASN1_MALLOC_ENCODE(EncryptedData, buf, buf_size, &encdata, &len, ret);
free_EncryptedData(&encdata);
if (ret)
return ret;
+ if(buf_size != len)
+ krb5_abortx(context, "internal error in ASN.1 encoder");
pa->padata_type = KRB5_PADATA_ENC_TIMESTAMP;
- pa->padata_value.length = 0;
- krb5_data_copy(&pa->padata_value,
- buf + sizeof(buf) - len,
- len);
+ pa->padata_value.length = len;
+ pa->padata_value.data = buf;
return 0;
}
@@ -656,7 +646,7 @@ krb5_get_in_cred(krb5_context context,
AS_REQ a;
krb5_kdc_rep rep;
krb5_data req, resp;
- char buf[BUFSIZ];
+ size_t len;
krb5_salt salt;
krb5_keyblock *key;
size_t size;
@@ -692,17 +682,15 @@ krb5_get_in_cred(krb5_context context,
if (ret)
return ret;
- ret = encode_AS_REQ ((unsigned char*)buf + sizeof(buf) - 1,
- sizeof(buf),
- &a,
- &req.length);
+ ASN1_MALLOC_ENCODE(AS_REQ, req.data, req.length, &a, &len, ret);
free_AS_REQ(&a);
if (ret)
return ret;
-
- req.data = buf + sizeof(buf) - req.length;
+ if(len != req.length)
+ krb5_abortx(context, "internal error in ASN.1 encoder");
ret = krb5_sendto_kdc (context, &req, &creds->client->realm, &resp);
+ krb5_data_free(&req);
if (ret)
return ret;
diff --git a/crypto/heimdal/lib/krb5/keytab_keyfile.c b/crypto/heimdal/lib/krb5/keytab_keyfile.c
index 7dd0cd9..e4c4eb6 100644
--- a/crypto/heimdal/lib/krb5/keytab_keyfile.c
+++ b/crypto/heimdal/lib/krb5/keytab_keyfile.c
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: keytab_keyfile.c,v 1.13 2002/04/18 14:04:21 joda Exp $");
+RCSID("$Id: keytab_keyfile.c,v 1.14 2002/09/09 14:22:26 nectar Exp $");
/* afs keyfile operations --------------------------------------- */
@@ -297,7 +297,7 @@ akf_add_entry(krb5_context context,
fd = open (d->filename, O_RDWR | O_BINARY);
if (fd < 0) {
fd = open (d->filename,
- O_RDWR | O_BINARY | O_CREAT, 0600);
+ O_RDWR | O_BINARY | O_CREAT | O_EXCL, 0600);
if (fd < 0) {
ret = errno;
krb5_set_error_string(context, "open(%s): %s", d->filename,
diff --git a/crypto/heimdal/lib/krb5/krb5-protos.h b/crypto/heimdal/lib/krb5/krb5-protos.h
index 30ebf50..91a28f1 100644
--- a/crypto/heimdal/lib/krb5/krb5-protos.h
+++ b/crypto/heimdal/lib/krb5/krb5-protos.h
@@ -194,6 +194,12 @@ krb5_auth_con_genaddrs (
int /*flags*/);
krb5_error_code
+krb5_auth_con_generatelocalsubkey (
+ krb5_context /*context*/,
+ krb5_auth_context /*auth_context*/,
+ krb5_keyblock */*key*/);
+
+krb5_error_code
krb5_auth_con_getaddrs (
krb5_context /*context*/,
krb5_auth_context /*auth_context*/,
@@ -806,6 +812,12 @@ krb5_crypto_destroy (
krb5_crypto /*crypto*/);
krb5_error_code
+krb5_crypto_getblocksize (
+ krb5_context /*context*/,
+ krb5_crypto /*crypto*/,
+ size_t */*blocksize*/);
+
+krb5_error_code
krb5_crypto_init (
krb5_context /*context*/,
const krb5_keyblock */*key*/,
diff --git a/crypto/heimdal/lib/krb5/krb5.h b/crypto/heimdal/lib/krb5/krb5.h
index c50833e..cb035bc 100644
--- a/crypto/heimdal/lib/krb5/krb5.h
+++ b/crypto/heimdal/lib/krb5/krb5.h
@@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
-/* $Id: krb5.h,v 1.203 2002/08/22 10:06:20 joda Exp $ */
+/* $Id: krb5.h,v 1.205 2002/09/03 17:31:47 joda Exp $ */
#ifndef __KRB5_H__
#define __KRB5_H__
@@ -99,7 +99,6 @@ enum {
ENCTYPE_DES3_CBC_NONE = ETYPE_DES3_CBC_NONE,
ENCTYPE_DES_CFB64_NONE = ETYPE_DES_CFB64_NONE,
ENCTYPE_DES_PCBC_NONE = ETYPE_DES_PCBC_NONE,
- ENCTYPE_DES3_CBC_NONE_IVEC = ETYPE_DES3_CBC_NONE_IVEC
};
typedef PADATA_TYPE krb5_preauthtype;
@@ -208,7 +207,8 @@ typedef enum krb5_address_type {
enum {
AP_OPTS_USE_SESSION_KEY = 1,
- AP_OPTS_MUTUAL_REQUIRED = 2
+ AP_OPTS_MUTUAL_REQUIRED = 2,
+ AP_OPTS_USE_SUBKEY = 4 /* library internal */
};
typedef HostAddress krb5_address;
diff --git a/crypto/heimdal/lib/krb5/krb5_appdefault.3 b/crypto/heimdal/lib/krb5/krb5_appdefault.3
index 750bb75..f82ec7a 100644
--- a/crypto/heimdal/lib/krb5/krb5_appdefault.3
+++ b/crypto/heimdal/lib/krb5/krb5_appdefault.3
@@ -1,5 +1,5 @@
.\" Copyright (c) 2000 Kungliga Tekniska Högskolan
-.\" $Id: krb5_appdefault.3,v 1.7 2002/08/28 15:30:46 joda Exp $
+.\" $Id: krb5_appdefault.3,v 1.8 2002/09/13 14:49:31 joda Exp $
.Dd July 25, 2000
.Dt KRB5_APPDEFAULT 3
.Os HEIMDAL
@@ -19,7 +19,7 @@ Kerberos 5 Library (libkrb5, -lkrb5)
.Ft void
.Fn krb5_appdefault_time "krb5_context context" "const char *appname" "krb5_realm realm" "const char *option" "time_t def_val" "time_t *ret_val"
.Sh DESCRIPTION
-These functions get application application defaults from the
+These functions get application defaults from the
.Dv appdefaults
section of the
.Xr krb5.conf 5
diff --git a/crypto/heimdal/lib/krb5/krb5_auth_context.3 b/crypto/heimdal/lib/krb5/krb5_auth_context.3
index afc81e8..2afaec5 100644
--- a/crypto/heimdal/lib/krb5/krb5_auth_context.3
+++ b/crypto/heimdal/lib/krb5/krb5_auth_context.3
@@ -1,5 +1,5 @@
.\" Copyright (c) 2001 Kungliga Tekniska Högskolan
-.\" $Id: krb5_auth_context.3,v 1.4 2002/08/28 14:46:20 joda Exp $
+.\" $Id: krb5_auth_context.3,v 1.5 2002/09/02 12:42:00 joda Exp $
.Dd January 21, 2001
.Dt KRB5_AUTH_CONTEXT 3
.Os HEIMDAL
@@ -34,7 +34,7 @@
.Nm krb5_auth_con_setrcache ,
.Nm krb5_auth_con_initivector ,
.Nm krb5_auth_con_setivector
-.Nd manage authetication on connection level
+.Nd manage authentication on connection level
.Sh LIBRARY
Kerberos 5 Library (libkrb5, -lkrb5)
.Sh SYNOPSIS
diff --git a/crypto/heimdal/lib/krb5/krb5_context.3 b/crypto/heimdal/lib/krb5/krb5_context.3
index 6794f5a..a90ab72 100644
--- a/crypto/heimdal/lib/krb5/krb5_context.3
+++ b/crypto/heimdal/lib/krb5/krb5_context.3
@@ -1,5 +1,5 @@
.\" Copyright (c) 2001 Kungliga Tekniska Högskolan
-.\" $Id: krb5_context.3,v 1.3 2002/08/28 15:30:48 joda Exp $
+.\" $Id: krb5_context.3,v 1.4 2002/09/02 12:42:00 joda Exp $
.Dd January 21, 2001
.Dt KRB5_CONTEXT 3
.Os HEIMDAL
@@ -10,8 +10,8 @@
The
.Nm
structure is designed to hold all per thread state. All global
-variables that are context specific are stored in this struture,
-including default encryption types, credential-cache (ticket file), and
+variables that are context specific are stored in this structure,
+including default encryption types, credentials-cache (ticket file), and
default realms.
.Pp
The internals of the structure should never be accessed directly,
diff --git a/crypto/heimdal/lib/krb5/krb5_init_context.3 b/crypto/heimdal/lib/krb5/krb5_init_context.3
index e59b0d0..8a1141a 100644
--- a/crypto/heimdal/lib/krb5/krb5_init_context.3
+++ b/crypto/heimdal/lib/krb5/krb5_init_context.3
@@ -1,5 +1,5 @@
.\" Copyright (c) 2001 Kungliga Tekniska Högskolan
-.\" $Id: krb5_init_context.3,v 1.5 2002/08/28 15:30:53 joda Exp $
+.\" $Id: krb5_init_context.3,v 1.6 2002/09/02 12:42:00 joda Exp $
.Dd January 21, 2001
.Dt KRB5_CONTEXT 3
.Os HEIMDAL
@@ -20,7 +20,7 @@ The
.Fn krb5_init_context
function initializes the
.Fa context
-structure and reads the configration file
+structure and reads the configuration file
.Pa /etc/krb5.conf .
.Pp
The structure should be freed by calling
diff --git a/crypto/heimdal/lib/krb5/krb5_locl.h b/crypto/heimdal/lib/krb5/krb5_locl.h
index fceeaed..b3d6a92 100644
--- a/crypto/heimdal/lib/krb5/krb5_locl.h
+++ b/crypto/heimdal/lib/krb5/krb5_locl.h
@@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
-/* $Id: krb5_locl.h,v 1.69 2002/08/12 15:09:19 joda Exp $ */
+/* $Id: krb5_locl.h,v 1.71 2002/09/10 20:10:45 joda Exp $ */
#ifndef __KRB5_LOCL_H__
#define __KRB5_LOCL_H__
@@ -45,6 +45,7 @@
#include <string.h>
#include <stdio.h>
#include <stdlib.h>
+#include <limits.h>
#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
@@ -112,19 +113,7 @@ struct sockaddr_dl;
#include <parse_time.h>
#include <base64.h>
-#ifdef HAVE_OPENSSL
-#include <openssl/des.h>
-#include <openssl/md4.h>
-#include <openssl/md5.h>
-#include <openssl/sha.h>
-#include <openssl/rc4.h>
-#else
-#include <des.h>
-#include <md4.h>
-#include <md5.h>
-#include <sha.h>
-#include <rc4.h>
-#endif
+#include "crypto-headers.h"
#include <krb5_asn1.h>
#include <der.h>
diff --git a/crypto/heimdal/lib/krb5/krb5_parse_name.3 b/crypto/heimdal/lib/krb5/krb5_parse_name.3
index 1491117..285c4e2 100644
--- a/crypto/heimdal/lib/krb5/krb5_parse_name.3
+++ b/crypto/heimdal/lib/krb5/krb5_parse_name.3
@@ -1,5 +1,5 @@
.\" Copyright (c) 1997 Kungliga Tekniska Högskolan
-.\" $Id: krb5_parse_name.3,v 1.5 2002/08/28 15:30:55 joda Exp $
+.\" $Id: krb5_parse_name.3,v 1.6 2002/09/02 12:42:00 joda Exp $
.Dd August 8, 1997
.Dt KRB5_PARSE_NAME 3
.Os HEIMDAL
@@ -14,7 +14,7 @@ Kerberos 5 Library (libkrb5, -lkrb5)
.Fn krb5_parse_name "krb5_context context" "const char *name" "krb5_principal *principal"
.Sh DESCRIPTION
.Fn krb5_parse_name
-converts a string representation of a princpal name to
+converts a string representation of a principal name to
.Nm krb5_principal .
The
.Fa principal
diff --git a/crypto/heimdal/lib/krb5/krb5_unparse_name.3 b/crypto/heimdal/lib/krb5/krb5_unparse_name.3
index 0eee63b..e58b911 100644
--- a/crypto/heimdal/lib/krb5/krb5_unparse_name.3
+++ b/crypto/heimdal/lib/krb5/krb5_unparse_name.3
@@ -1,5 +1,5 @@
.\" Copyright (c) 1997 Kungliga Tekniska Högskolan
-.\" $Id: krb5_unparse_name.3,v 1.5 2002/08/28 15:30:57 joda Exp $
+.\" $Id: krb5_unparse_name.3,v 1.6 2002/09/02 12:42:00 joda Exp $
.Dd August 8, 1997
.Dt KRB5_UNPARSE_NAME 3
.Os HEIMDAL
@@ -18,7 +18,8 @@ Kerberos 5 Library (libkrb5, -lkrb5)
.Sh DESCRIPTION
This function takes a
.Fa principal ,
-and will convert in to a printable representation with the same syntax as decribed in
+and will convert in to a printable representation with the same syntax
+as described in
.Xr krb5_parse_name 3 .
.Fa *name
will point to allocated data and should be freed by the caller.
diff --git a/crypto/heimdal/lib/krb5/kuserok.c b/crypto/heimdal/lib/krb5/kuserok.c
index ae8ddec..17770c1 100644
--- a/crypto/heimdal/lib/krb5/kuserok.c
+++ b/crypto/heimdal/lib/krb5/kuserok.c
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: kuserok.c,v 1.5 1999/12/02 17:05:11 joda Exp $");
+RCSID("$Id: kuserok.c,v 1.6 2002/09/16 17:32:11 nectar Exp $");
/*
* Return TRUE iff `principal' is allowed to login as `luser'.
@@ -88,9 +88,7 @@ krb5_kuserok (krb5_context context,
while (fgets (buf, sizeof(buf), f) != NULL) {
krb5_principal tmp;
- if(buf[strlen(buf) - 1] == '\n')
- buf[strlen(buf) - 1] = '\0';
-
+ buf[strcspn(buf, "\n")] = '\0';
ret = krb5_parse_name (context, buf, &tmp);
if (ret) {
fclose (f);
diff --git a/crypto/heimdal/lib/krb5/log.c b/crypto/heimdal/lib/krb5/log.c
index ecdb753..bd7451b 100644
--- a/crypto/heimdal/lib/krb5/log.c
+++ b/crypto/heimdal/lib/krb5/log.c
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: log.c,v 1.30 2002/08/20 09:49:09 joda Exp $");
+RCSID("$Id: log.c,v 1.31 2002/09/05 14:59:14 joda Exp $");
struct facility {
int min;
@@ -382,24 +382,33 @@ krb5_vlog_msg(krb5_context context,
va_list ap)
__attribute__((format (printf, 5, 0)))
{
- char *msg;
- const char *actual;
+
+ char *msg = NULL;
+ const char *actual = NULL;
char buf[64];
- time_t t;
+ time_t t = 0;
int i;
- vasprintf(&msg, fmt, ap);
- if (msg != NULL)
- actual = msg;
- else
- actual = fmt;
- t = time(NULL);
- krb5_format_time(context, t, buf, sizeof(buf), TRUE);
- for(i = 0; i < fac->len; i++)
+ for(i = 0; fac && i < fac->len; i++)
if(fac->val[i].min <= level &&
- (fac->val[i].max < 0 || fac->val[i].max >= level))
+ (fac->val[i].max < 0 || fac->val[i].max >= level)) {
+ if(t == 0) {
+ t = time(NULL);
+ krb5_format_time(context, t, buf, sizeof(buf), TRUE);
+ }
+ if(actual == NULL) {
+ vasprintf(&msg, fmt, ap);
+ if(msg == NULL)
+ actual = fmt;
+ else
+ actual = msg;
+ }
(*fac->val[i].log)(buf, actual, fac->val[i].data);
- *reply = msg;
+ }
+ if(reply == NULL)
+ free(msg);
+ else
+ *reply = msg;
return 0;
}
@@ -411,12 +420,7 @@ krb5_vlog(krb5_context context,
va_list ap)
__attribute__((format (printf, 4, 0)))
{
- char *msg;
- krb5_error_code ret;
-
- ret = krb5_vlog_msg(context, fac, &msg, level, fmt, ap);
- free(msg);
- return ret;
+ return krb5_vlog_msg(context, fac, NULL, level, fmt, ap);
}
krb5_error_code
diff --git a/crypto/heimdal/lib/krb5/mk_error.c b/crypto/heimdal/lib/krb5/mk_error.c
index 249f478..ae9e10a 100644
--- a/crypto/heimdal/lib/krb5/mk_error.c
+++ b/crypto/heimdal/lib/krb5/mk_error.c
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: mk_error.c,v 1.17 2002/03/27 09:29:43 joda Exp $");
+RCSID("$Id: mk_error.c,v 1.18 2002/09/04 16:26:04 joda Exp $");
krb5_error_code
krb5_mk_error(krb5_context context,
@@ -47,8 +47,6 @@ krb5_mk_error(krb5_context context,
krb5_data *reply)
{
KRB_ERROR msg;
- u_char *buf;
- size_t buf_size;
int32_t sec, usec;
size_t len;
krb5_error_code ret = 0;
@@ -84,45 +82,10 @@ krb5_mk_error(krb5_context context,
msg.cname = &client->name;
}
- buf_size = 1024;
- buf = malloc (buf_size);
- if (buf == NULL) {
- krb5_set_error_string (context, "malloc: out of memory");
- return ENOMEM;
- }
-
- do {
- ret = encode_KRB_ERROR(buf + buf_size - 1,
- buf_size,
- &msg,
- &len);
- if (ret) {
- if (ret == ASN1_OVERFLOW) {
- u_char *tmp;
-
- buf_size *= 2;
- tmp = realloc (buf, buf_size);
- if (tmp == NULL) {
- krb5_set_error_string (context, "malloc: out of memory");
- ret = ENOMEM;
- goto out;
- }
- buf = tmp;
- } else {
- goto out;
- }
- }
- } while (ret == ASN1_OVERFLOW);
-
- reply->length = len;
- reply->data = malloc(len);
- if (reply->data == NULL) {
- krb5_set_error_string (context, "malloc: out of memory");
- ret = ENOMEM;
- goto out;
- }
- memcpy (reply->data, buf + buf_size - len, len);
-out:
- free (buf);
- return ret;
+ ASN1_MALLOC_ENCODE(KRB_ERROR, reply->data, reply->length, &msg, &len, ret);
+ if (ret)
+ return ret;
+ if(reply->length != len)
+ krb5_abortx(context, "internal error in ASN.1 encoder");
+ return 0;
}
diff --git a/crypto/heimdal/lib/krb5/mk_priv.c b/crypto/heimdal/lib/krb5/mk_priv.c
index 3f49a41..b89f7e9 100644
--- a/crypto/heimdal/lib/krb5/mk_priv.c
+++ b/crypto/heimdal/lib/krb5/mk_priv.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,12 +33,9 @@
#include <krb5_locl.h>
-RCSID("$Id: mk_priv.c,v 1.30 2001/06/18 02:44:54 assar Exp $");
-
-/*
- *
- */
+RCSID("$Id: mk_priv.c,v 1.31 2002/09/04 16:26:04 joda Exp $");
+
krb5_error_code
krb5_mk_priv(krb5_context context,
krb5_auth_context auth_context,
@@ -83,35 +80,11 @@ krb5_mk_priv(krb5_context context,
part.s_address = auth_context->local_address;
part.r_address = auth_context->remote_address;
- buf_size = 1024;
- buf = malloc (buf_size);
- if (buf == NULL) {
- krb5_set_error_string (context, "malloc: out of memory");
- return ENOMEM;
- }
-
krb5_data_zero (&s.enc_part.cipher);
- do {
- ret = encode_EncKrbPrivPart (buf + buf_size - 1, buf_size,
- &part, &len);
- if (ret) {
- if (ret == ASN1_OVERFLOW) {
- u_char *tmp;
-
- buf_size *= 2;
- tmp = realloc (buf, buf_size);
- if (tmp == NULL) {
- krb5_set_error_string (context, "malloc: out of memory");
- ret = ENOMEM;
- goto fail;
- }
- buf = tmp;
- } else {
- goto fail;
- }
- }
- } while(ret == ASN1_OVERFLOW);
+ ASN1_MALLOC_ENCODE(EncKrbPrivPart, buf, buf_size, &part, &len, ret);
+ if (ret)
+ goto fail;
s.pvno = 5;
s.msg_type = krb_priv;
@@ -134,37 +107,21 @@ krb5_mk_priv(krb5_context context,
free(buf);
return ret;
}
+ free(buf);
+
- do {
- ret = encode_KRB_PRIV (buf + buf_size - 1, buf_size, &s, &len);
-
- if (ret){
- if (ret == ASN1_OVERFLOW) {
- u_char *tmp;
-
- buf_size *= 2;
- tmp = realloc (buf, buf_size);
- if (tmp == NULL) {
- krb5_set_error_string (context, "malloc: out of memory");
- ret = ENOMEM;
- goto fail;
- }
- buf = tmp;
- } else {
- goto fail;
- }
- }
- } while(ret == ASN1_OVERFLOW);
+ ASN1_MALLOC_ENCODE(KRB_PRIV, buf, buf_size, &s, &len, ret);
+
+ if(ret)
+ goto fail;
krb5_data_free (&s.enc_part.cipher);
- outbuf->length = len;
- outbuf->data = malloc (len);
- if (outbuf->data == NULL) {
+ ret = krb5_data_copy(outbuf, buf + buf_size - len, len);
+ if (ret) {
krb5_set_error_string (context, "malloc: out of memory");
free(buf);
return ENOMEM;
}
- memcpy (outbuf->data, buf + buf_size - len, len);
free (buf);
if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE)
auth_context->local_seqnumber =
diff --git a/crypto/heimdal/lib/krb5/mk_rep.c b/crypto/heimdal/lib/krb5/mk_rep.c
index fc6b4f2..b955555 100644
--- a/crypto/heimdal/lib/krb5/mk_rep.c
+++ b/crypto/heimdal/lib/krb5/mk_rep.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: mk_rep.c,v 1.19 2001/05/14 06:14:49 assar Exp $");
+RCSID("$Id: mk_rep.c,v 1.20 2002/09/04 16:26:05 joda Exp $");
krb5_error_code
krb5_mk_rep(krb5_context context,
@@ -72,21 +72,10 @@ krb5_mk_rep(krb5_context context,
ap.enc_part.etype = auth_context->keyblock->keytype;
ap.enc_part.kvno = NULL;
- buf_size = length_EncAPRepPart(&body);
- buf = malloc (buf_size);
- if (buf == NULL) {
- free_EncAPRepPart (&body);
- krb5_set_error_string (context, "malloc: out of memory");
- return ENOMEM;
- }
-
- ret = krb5_encode_EncAPRepPart (context,
- buf + buf_size - 1,
- buf_size,
- &body,
- &len);
-
+ ASN1_MALLOC_ENCODE(EncAPRepPart, buf, buf_size, &body, &len, ret);
free_EncAPRepPart (&body);
+ if(ret)
+ return ret;
ret = krb5_crypto_init(context, auth_context->keyblock,
0 /* ap.enc_part.etype */, &crypto);
if (ret) {
@@ -105,20 +94,7 @@ krb5_mk_rep(krb5_context context,
return ret;
}
- buf_size = length_AP_REP(&ap);
- buf = realloc(buf, buf_size);
- if(buf == NULL) {
- free_AP_REP (&ap);
- krb5_set_error_string (context, "malloc: out of memory");
- return ENOMEM;
- }
- ret = encode_AP_REP (buf + buf_size - 1, buf_size, &ap, &len);
-
+ ASN1_MALLOC_ENCODE(AP_REP, outbuf->data, outbuf->length, &ap, &len, ret);
free_AP_REP (&ap);
-
- if(len != buf_size)
- krb5_abortx(context, "krb5_mk_rep: encoded length != calculated length");
- outbuf->data = buf;
- outbuf->length = len;
- return 0;
+ return ret;
}
diff --git a/crypto/heimdal/lib/krb5/mk_req_ext.c b/crypto/heimdal/lib/krb5/mk_req_ext.c
index 5ab7a1c..aa5e3c4 100644
--- a/crypto/heimdal/lib/krb5/mk_req_ext.c
+++ b/crypto/heimdal/lib/krb5/mk_req_ext.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: mk_req_ext.c,v 1.25 2001/05/09 07:15:00 assar Exp $");
+RCSID("$Id: mk_req_ext.c,v 1.26 2002/09/02 17:13:52 joda Exp $");
krb5_error_code
krb5_mk_req_internal(krb5_context context,
@@ -62,6 +62,12 @@ krb5_mk_req_internal(krb5_context context,
if(ret)
return ret;
+ if(ac->local_subkey == NULL && (ap_req_options & AP_OPTS_USE_SUBKEY)) {
+ ret = krb5_auth_con_generatelocalsubkey(context, ac, &in_creds->session);
+ if(ret)
+ return ret;
+ }
+
#if 0
{
/* This is somewhat bogus since we're possibly overwriting a
diff --git a/crypto/heimdal/lib/krb5/mk_safe.c b/crypto/heimdal/lib/krb5/mk_safe.c
index 114aa8e..a839df4 100644
--- a/crypto/heimdal/lib/krb5/mk_safe.c
+++ b/crypto/heimdal/lib/krb5/mk_safe.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: mk_safe.c,v 1.27 2001/06/18 02:45:15 assar Exp $");
+RCSID("$Id: mk_safe.c,v 1.28 2002/09/04 16:26:05 joda Exp $");
krb5_error_code
krb5_mk_safe(krb5_context context,
@@ -48,7 +48,6 @@ krb5_mk_safe(krb5_context context,
KerberosTime sec2;
int usec2;
u_char *buf = NULL;
- void *tmp;
size_t buf_size;
size_t len;
u_int32_t tmp_seq;
@@ -85,17 +84,11 @@ krb5_mk_safe(krb5_context context,
s.cksum.checksum.data = NULL;
s.cksum.checksum.length = 0;
- buf_size = length_KRB_SAFE(&s);
- buf = malloc(buf_size + 128); /* add some for checksum */
- if(buf == NULL) {
- krb5_set_error_string (context, "malloc: out of memory");
- return ENOMEM;
- }
- ret = encode_KRB_SAFE (buf + buf_size - 1, buf_size, &s, &len);
- if (ret) {
- free (buf);
+ ASN1_MALLOC_ENCODE(KRB_SAFE, buf, buf_size, &s, &len, ret);
+ if (ret)
return ret;
- }
+ if(buf_size != len)
+ krb5_abortx(context, "internal error in ASN.1 encoder");
ret = krb5_crypto_init(context, key, 0, &crypto);
if (ret) {
free (buf);
@@ -105,7 +98,7 @@ krb5_mk_safe(krb5_context context,
crypto,
KRB5_KU_KRB_SAFE_CKSUM,
0,
- buf + buf_size - len,
+ buf,
len,
&s.cksum);
krb5_crypto_destroy(context, crypto);
@@ -114,27 +107,16 @@ krb5_mk_safe(krb5_context context,
return ret;
}
- buf_size = length_KRB_SAFE(&s);
- tmp = realloc(buf, buf_size);
- if(tmp == NULL) {
- free(buf);
- krb5_set_error_string (context, "malloc: out of memory");
- return ENOMEM;
- }
- buf = tmp;
-
- ret = encode_KRB_SAFE (buf + buf_size - 1, buf_size, &s, &len);
+ free(buf);
+ ASN1_MALLOC_ENCODE(KRB_SAFE, buf, buf_size, &s, &len, ret);
free_Checksum (&s.cksum);
+ if(ret)
+ return ret;
+ if(buf_size != len)
+ krb5_abortx(context, "internal error in ASN.1 encoder");
outbuf->length = len;
- outbuf->data = malloc (len);
- if (outbuf->data == NULL) {
- free (buf);
- krb5_set_error_string (context, "malloc: out of memory");
- return ENOMEM;
- }
- memcpy (outbuf->data, buf + buf_size - len, len);
- free (buf);
+ outbuf->data = buf;
if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE)
auth_context->local_seqnumber =
(auth_context->local_seqnumber + 1) & 0xFFFFFFFF;
diff --git a/crypto/heimdal/lib/krb5/name-45-test.c b/crypto/heimdal/lib/krb5/name-45-test.c
new file mode 100644
index 0000000..373586e
--- /dev/null
+++ b/crypto/heimdal/lib/krb5/name-45-test.c
@@ -0,0 +1,277 @@
+/*
+ * Copyright (c) 2002 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of KTH nor the names of its contributors may be
+ * used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
+
+#include "krb5_locl.h"
+
+RCSID("$Id: name-45-test.c,v 1.2 2002/08/31 03:33:07 assar Exp $");
+
+enum { MAX_COMPONENTS = 3 };
+
+static struct testcase {
+ const char *v4_name;
+ const char *v4_inst;
+ const char *v4_realm;
+
+ krb5_realm v5_realm;
+ unsigned ncomponents;
+ char *comp_val[MAX_COMPONENTS];
+
+ const char *config_file;
+ krb5_error_code ret; /* expected error code from 524 */
+
+ krb5_error_code ret2; /* expected error code from 425 */
+} tests[] = {
+ {"", "", "", "", 1, {""}, NULL, 0, 0},
+ {"a", "", "", "", 1, {"a"}, NULL, 0, 0},
+ {"a", "b", "", "", 2, {"a", "b"}, NULL, 0, 0},
+ {"a", "b", "c", "c", 2, {"a", "b"}, NULL, 0, 0},
+
+ {"krbtgt", "FOO.SE", "FOO.SE", "FOO.SE", 2,
+ {"krbtgt", "FOO.SE"}, NULL, 0, 0},
+
+ {"foo", "bar", "BAZ", "BAZ", 2,
+ {"foo", "bar"}, NULL, 0, 0},
+ {"foo", "bar", "BAZ", "BAZ", 2,
+ {"foo", "bar"},
+ "[libdefaults]\n"
+ " v4_name_convert = {\n"
+ " host = {\n"
+ " foo = foo5\n"
+ " }\n"
+ "}\n",
+ HEIM_ERR_V4_PRINC_NO_CONV, 0},
+ {"foo", "bar", "BAZ", "BAZ", 2,
+ {"foo5", "bar.baz"},
+ "[realms]\n"
+ " BAZ = {\n"
+ " v4_name_convert = {\n"
+ " host = {\n"
+ " foo = foo5\n"
+ " }\n"
+ " }\n"
+ " v4_instance_convert = {\n"
+ " bar = bar.baz\n"
+ " }\n"
+ " }\n",
+ 0, 0},
+
+ {"rcmd", "foo", "realm", "realm", 2, {"host", "foo"}, NULL,
+ HEIM_ERR_V4_PRINC_NO_CONV, 0},
+ {"rcmd", "foo", "realm", "realm", 2, {"host", "foo.realm"},
+ "[realms]\n"
+ " realm = {\n"
+ " v4_instance_convert = {\n"
+ " foo = foo.realm\n"
+ " }\n"
+ " }\n",
+ 0, 0},
+
+ {"pop", "mail0", "NADA.KTH.SE", "NADA.KTH.SE", 2,
+ {"pop", "mail0.nada.kth.se"}, NULL, HEIM_ERR_V4_PRINC_NO_CONV, 0},
+ {"pop", "mail0", "NADA.KTH.SE", "NADA.KTH.SE", 2,
+ {"pop", "mail0.nada.kth.se"},
+ "[realms]\n"
+ " NADA.KTH.SE = {\n"
+ " default_domain = nada.kth.se\n"
+ " }\n",
+ 0, 0},
+ {"pop", "mail0", "NADA.KTH.SE", "NADA.KTH.SE", 2,
+ {"pop", "mail0.nada.kth.se"},
+ "[libdefaults]\n"
+ " v4_instance_resolve = true\n",
+ HEIM_ERR_V4_PRINC_NO_CONV, 0},
+
+ {"rcmd", "ratatosk", "NADA.KTH.SE", "NADA.KTH.SE", 2,
+ {"host", "ratatosk.pdc.kth.se"}, NULL, HEIM_ERR_V4_PRINC_NO_CONV, 0},
+ {"rcmd", "ratatosk", "NADA.KTH.SE", "NADA.KTH.SE", 2,
+ {"host", "ratatosk.pdc.kth.se"},
+ "[libdefaults]\n"
+ " v4_instance_resolve = true\n"
+ "[realms]\n"
+ " NADA.KTH.SE = {\n"
+ " v4_name_convert = {\n"
+ " host = {\n"
+ " rcmd = host\n"
+ " }\n"
+ " }\n"
+ " default_domain = pdc.kth.se\n"
+ " }\n",
+ 0, 0},
+
+ {"0123456789012345678901234567890123456789",
+ "0123456789012345678901234567890123456789",
+ "0123456789012345678901234567890123456789",
+ "0123456789012345678901234567890123456789",
+ 2, {"0123456789012345678901234567890123456789",
+ "0123456789012345678901234567890123456789"}, NULL,
+ 0, KRB5_PARSE_MALFORMED},
+
+ {"012345678901234567890123456789012345678",
+ "012345678901234567890123456789012345678",
+ "012345678901234567890123456789012345678",
+ "012345678901234567890123456789012345678",
+ 2, {"012345678901234567890123456789012345678",
+ "012345678901234567890123456789012345678"}, NULL,
+ 0, 0},
+
+ {NULL, NULL, NULL, NULL, 0, {}, NULL, 0}
+};
+
+int
+main(int argc, char **argv)
+{
+ struct testcase *t;
+ krb5_context context;
+ krb5_error_code ret;
+ int val = 0;
+
+ for (t = tests; t->v4_name; ++t) {
+ krb5_principal princ;
+ int i;
+ char name[40], inst[40], realm[40];
+ char printable_princ[256];
+
+ ret = krb5_init_context (&context);
+ if (ret)
+ errx (1, "krb5_init_context failed: %d", ret);
+
+ if (t->config_file != NULL) {
+ char template[] = "/tmp/krb5-conf-XXXXXX";
+ int fd = mkstemp(template);
+ char *files[2];
+
+ if (fd < 0)
+ krb5_err (context, 1, errno, "mkstemp %s", template);
+
+ if (write (fd, t->config_file, strlen(t->config_file))
+ != strlen(t->config_file))
+ krb5_err (context, 1, errno, "write %s", template);
+ close (fd);
+ files[0] = template;
+ files[1] = NULL;
+
+ ret = krb5_set_config_files (context, files);
+ unlink (template);
+ if (ret)
+ krb5_err (context, 1, ret, "krb5_set_config_files");
+ }
+
+ ret = krb5_425_conv_principal (context,
+ t->v4_name,
+ t->v4_inst,
+ t->v4_realm,
+ &princ);
+ if (ret) {
+ if (ret != t->ret) {
+ krb5_warn (context, ret,
+ "krb5_425_conv_principal %s.%s@%s",
+ t->v4_name, t->v4_inst, t->v4_realm);
+ val = 1;
+ }
+ } else {
+ if (t->ret) {
+ krb5_warnx (context,
+ "krb5_425_conv_principal %s.%s@%s "
+ "passed unexpected",
+ t->v4_name, t->v4_inst, t->v4_realm);
+ val = 1;
+ continue;
+ }
+ }
+
+ if (ret)
+ continue;
+
+ if (strcmp (t->v5_realm, princ->realm) != 0) {
+ printf ("wrong realm (\"%s\" should be \"%s\")"
+ " for \"%s.%s@%s\"\n",
+ princ->realm, t->v5_realm,
+ t->v4_name,
+ t->v4_inst,
+ t->v4_realm);
+ val = 1;
+ }
+
+ if (t->ncomponents != princ->name.name_string.len) {
+ printf ("wrong number of components (%u should be %u)"
+ " for \"%s.%s@%s\"\n",
+ princ->name.name_string.len, t->ncomponents,
+ t->v4_name,
+ t->v4_inst,
+ t->v4_realm);
+ val = 1;
+ } else {
+ for (i = 0; i < t->ncomponents; ++i) {
+ if (strcmp(t->comp_val[i],
+ princ->name.name_string.val[i]) != 0) {
+ printf ("bad component %d (\"%s\" should be \"%s\")"
+ " for \"%s.%s@%s\"\n",
+ i,
+ princ->name.name_string.val[i],
+ t->comp_val[i],
+ t->v4_name,
+ t->v4_inst,
+ t->v4_realm);
+ val = 1;
+ }
+ }
+ }
+ ret = krb5_524_conv_principal (context, princ,
+ name, inst, realm);
+ if (krb5_unparse_name_fixed(context, princ,
+ printable_princ, sizeof(printable_princ)))
+ strlcpy(printable_princ, "unknown principal",
+ sizeof(printable_princ));
+ if (ret) {
+ if (ret != t->ret2) {
+ krb5_warn (context, ret,
+ "krb5_524_conv_principal %s", printable_princ);
+ val = 1;
+ }
+ } else {
+ if (t->ret2) {
+ krb5_warnx (context,
+ "krb5_524_conv_principal %s "
+ "passed unexpected", printable_princ);
+ val = 1;
+ continue;
+ }
+ }
+ if (ret) {
+ krb5_free_principal (context, princ);
+ continue;
+ }
+
+ krb5_free_principal (context, princ);
+ }
+ return val;
+}
diff --git a/crypto/heimdal/lib/krb5/prompter_posix.c b/crypto/heimdal/lib/krb5/prompter_posix.c
index 4b9c573..4aea3a4 100644
--- a/crypto/heimdal/lib/krb5/prompter_posix.c
+++ b/crypto/heimdal/lib/krb5/prompter_posix.c
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: prompter_posix.c,v 1.6 2001/05/11 20:26:49 assar Exp $");
+RCSID("$Id: prompter_posix.c,v 1.7 2002/09/16 17:32:11 nectar Exp $");
int
krb5_prompter_posix (krb5_context context,
@@ -65,8 +65,7 @@ krb5_prompter_posix (krb5_context context,
prompts[i].reply->length,
stdin) == NULL)
return 1;
- if(s[strlen(s) - 1] == '\n')
- s[strlen(s) - 1] = '\0';
+ s[strcspn(s, "\n")] = '\0';
}
}
return 0;
diff --git a/crypto/heimdal/lib/krb5/rd_cred.c b/crypto/heimdal/lib/krb5/rd_cred.c
index 401770b..4a7d74c 100644
--- a/crypto/heimdal/lib/krb5/rd_cred.c
+++ b/crypto/heimdal/lib/krb5/rd_cred.c
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: rd_cred.c,v 1.17 2002/08/09 17:07:12 joda Exp $");
+RCSID("$Id: rd_cred.c,v 1.18 2002/09/04 16:26:05 joda Exp $");
krb5_error_code
krb5_rd_cred(krb5_context context,
@@ -214,7 +214,6 @@ krb5_rd_cred(krb5_context context,
for (i = 0; i < enc_krb_cred_part.ticket_info.len; ++i) {
KrbCredInfo *kci = &enc_krb_cred_part.ticket_info.val[i];
krb5_creds *creds;
- u_char buf[1024];
size_t len;
creds = calloc(1, sizeof(*creds));
@@ -224,12 +223,12 @@ krb5_rd_cred(krb5_context context,
goto out;
}
- ret = encode_Ticket (buf + sizeof(buf) - 1, sizeof(buf),
- &cred.tickets.val[i],
- &len);
+ ASN1_MALLOC_ENCODE(Ticket, creds->ticket.data, creds->ticket.length,
+ &cred.tickets.val[i], &len, ret);
if (ret)
goto out;
- krb5_data_copy (&creds->ticket, buf + sizeof(buf) - len, len);
+ if(creds->ticket.length != len)
+ krb5_abortx(context, "internal error in ASN.1 encoder");
copy_EncryptionKey (&kci->key, &creds->session);
if (kci->prealm && kci->pname)
principalname2krb5_principal (&creds->client,
diff --git a/crypto/heimdal/lib/krb5/rd_safe.c b/crypto/heimdal/lib/krb5/rd_safe.c
index 71271c6..bbba237 100644
--- a/crypto/heimdal/lib/krb5/rd_safe.c
+++ b/crypto/heimdal/lib/krb5/rd_safe.c
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: rd_safe.c,v 1.26 2002/02/14 12:47:47 joda Exp $");
+RCSID("$Id: rd_safe.c,v 1.27 2002/09/04 16:26:05 joda Exp $");
static krb5_error_code
verify_checksum(krb5_context context,
@@ -53,19 +53,11 @@ verify_checksum(krb5_context context,
safe->cksum.checksum.data = NULL;
safe->cksum.checksum.length = 0;
- buf_size = length_KRB_SAFE(safe);
- buf = malloc(buf_size);
-
- if (buf == NULL) {
- ret = ENOMEM;
- krb5_set_error_string (context, "malloc: out of memory");
- goto out;
- }
-
- ret = encode_KRB_SAFE (buf + buf_size - 1,
- buf_size,
- safe,
- &len);
+ ASN1_MALLOC_ENCODE(KRB_SAFE, buf, buf_size, safe, &len, ret);
+ if(ret)
+ return ret;
+ if(buf_size != len)
+ krb5_abortx(context, "internal error in ASN.1 encoder");
if (auth_context->remote_subkey)
key = auth_context->remote_subkey;
diff --git a/crypto/heimdal/lib/krb5/sendauth.c b/crypto/heimdal/lib/krb5/sendauth.c
index 8f2c544..c2889ee 100644
--- a/crypto/heimdal/lib/krb5/sendauth.c
+++ b/crypto/heimdal/lib/krb5/sendauth.c
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: sendauth.c,v 1.18 2001/05/14 06:14:51 assar Exp $");
+RCSID("$Id: sendauth.c,v 1.19 2002/09/04 21:34:43 joda Exp $");
/*
* The format seems to be:
@@ -86,6 +86,7 @@ krb5_sendauth(krb5_context context,
krb5_principal this_client = NULL;
krb5_creds *creds;
ssize_t sret;
+ krb5_boolean my_ccache = FALSE;
len = strlen(version) + 1;
net_len = htonl(len);
@@ -125,12 +126,16 @@ krb5_sendauth(krb5_context context,
ret = krb5_cc_default (context, &ccache);
if (ret)
return ret;
+ my_ccache = TRUE;
}
if (client == NULL) {
ret = krb5_cc_get_principal (context, ccache, &this_client);
- if (ret)
+ if (ret) {
+ if(my_ccache)
+ krb5_cc_close(context, ccache);
return ret;
+ }
client = this_client;
}
memset(&this_cred, 0, sizeof(this_cred));
@@ -142,11 +147,16 @@ krb5_sendauth(krb5_context context,
}
if (in_creds->ticket.length == 0) {
ret = krb5_get_credentials (context, 0, ccache, in_creds, &creds);
- if (ret)
+ if (ret) {
+ if(my_ccache)
+ krb5_cc_close(context, ccache);
return ret;
+ }
} else {
creds = in_creds;
}
+ if(my_ccache)
+ krb5_cc_close(context, ccache);
ret = krb5_mk_req_extended (context,
auth_context,
ap_req_options,
diff --git a/crypto/heimdal/lib/krb5/transited.c b/crypto/heimdal/lib/krb5/transited.c
index dbe6c80..b587c63 100644
--- a/crypto/heimdal/lib/krb5/transited.c
+++ b/crypto/heimdal/lib/krb5/transited.c
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: transited.c,v 1.8 2001/05/14 06:14:52 assar Exp $");
+RCSID("$Id: transited.c,v 1.9 2002/09/09 14:03:03 nectar Exp $");
/* this is an attempt at one of the most horrible `compression'
schemes that has ever been invented; it's so amazingly brain-dead
@@ -318,8 +318,9 @@ krb5_domain_x500_decode(krb5_context context,
if(ret)
return ret;
- /* remove empty components */
+ /* remove empty components and count realms */
q = &r;
+ *num_realms = 0;
for(p = r; p; ){
if(p->realm[0] == '\0'){
free(p->realm);
@@ -329,22 +330,20 @@ krb5_domain_x500_decode(krb5_context context,
}else{
q = &p->next;
p = p->next;
+ (*num_realms)++;
}
}
+ if (*num_realms < 0 || *num_realms + 1 > UINT_MAX/sizeof(**realms))
+ return ERANGE;
+
{
char **R;
- *realms = NULL;
- *num_realms = 0;
+ R = malloc((*num_realms + 1) * sizeof(*R));
+ if (R == NULL)
+ return ENOMEM;
+ *realms = R;
while(r){
- R = realloc(*realms, (*num_realms + 1) * sizeof(**realms));
- if(R == NULL) {
- free(*realms);
- krb5_set_error_string (context, "malloc: out of memory");
- return ENOMEM;
- }
- R[*num_realms] = r->realm;
- (*num_realms)++;
- *realms = R;
+ *R++ = r->realm;
p = r->next;
free(r);
r = p;
diff --git a/crypto/heimdal/lib/roken/ChangeLog b/crypto/heimdal/lib/roken/ChangeLog
index 9f209a8..6097a89 100644
--- a/crypto/heimdal/lib/roken/ChangeLog
+++ b/crypto/heimdal/lib/roken/ChangeLog
@@ -1,3 +1,45 @@
+2002-09-10 Johan Danielsson <joda@pdc.kth.se>
+
+ * roken.awk: include config.h before stdio.h (breaks with
+ _FILE_OFFSET_BITS on solaris otherwise)
+
+2002-09-09 Johan Danielsson <joda@pdc.kth.se>
+
+ * resolve.c: fix res_nsearch call, but don't use it for now, AIX5
+ has a broken version that trashes memory
+
+ * roken-common.h: fix typo in previous
+
+ * roken-common.h: change IRIX == 4 to IRIX4
+
+2002-09-04 Assar Westerlund <assar@kth.se>
+
+ * getifaddrs.c: remove some warnings from the linux-portion
+
+ * getnameinfo_verified.c (getnameinfo_verified): handle the case
+ of forward but no backward DNS information, and also describe the
+ desired behaviour. from Love <lha@stacken.kth.se>
+
+2002-09-04 Johan Danielsson <joda@pdc.kth.se>
+
+ * rtbl.c (rtbl_destroy): free whole table
+
+ * resolve.c: use res_nsearch if we have it (from Larry Greenfield)
+
+2002-09-03 Assar Westerlund <assar@kth.se>
+
+ * getifaddrs.c: add Linux AF_NETLINK getifaddrs from Hideaki
+ YOSHIFUJI of the Usagi project
+
+ * parse_reply-test.c: make this build and return 77 if there is no
+ mmap
+
+ * Makefile.am (parse_reply-test): add
+ * parse_reply-test.c: add a test case for parse_reply reading past
+ the given buffer
+ * resolve.c (parse_reply): update the arguments to more reasonable
+ types. allow parse_reply-test to call it
+
2002-08-28 Johan Danielsson <joda@pdc.kth.se>
* resolve.c (dns_srv_order): do alignment tricks with the random()
diff --git a/crypto/heimdal/lib/roken/Makefile.am b/crypto/heimdal/lib/roken/Makefile.am
index 13121ad..a1dc45d 100644
--- a/crypto/heimdal/lib/roken/Makefile.am
+++ b/crypto/heimdal/lib/roken/Makefile.am
@@ -1,4 +1,4 @@
-# $Id: Makefile.am,v 1.120 2002/05/31 02:44:37 assar Exp $
+# $Id: Makefile.am,v 1.122 2002/09/09 19:17:01 joda Exp $
include $(top_srcdir)/Makefile.am.common
@@ -7,7 +7,7 @@ ACLOCAL_AMFLAGS = -I ../../cf
CLEANFILES = roken.h make-roken.c $(XHEADERS)
lib_LTLIBRARIES = libroken.la
-libroken_la_LDFLAGS = -version-info 16:0:7
+libroken_la_LDFLAGS = -version-info 16:0:0
noinst_PROGRAMS = make-roken snprintf-test
@@ -17,6 +17,7 @@ check_PROGRAMS = \
base64-test \
getaddrinfo-test \
parse_bytes-test \
+ parse_reply-test \
snprintf-test \
strpftime-test
@@ -29,6 +30,9 @@ noinst_LTLIBRARIES = libtest.la
libtest_la_SOURCES = strftime.c strptime.c snprintf.c
libtest_la_CFLAGS = -DTEST_SNPRINTF
+parse_reply_test_SOURCES = parse_reply-test.c resolve.c
+parse_reply_test_CFLAGS = -DTEST_RESOLVE
+
strpftime_test_SOURCES = strpftime-test.c
strpftime_test_LDADD = libtest.la $(LDADD)
snprintf_test_SOURCES = snprintf-test.c
diff --git a/crypto/heimdal/lib/roken/Makefile.in b/crypto/heimdal/lib/roken/Makefile.in
index 7969334..730821f 100644
--- a/crypto/heimdal/lib/roken/Makefile.in
+++ b/crypto/heimdal/lib/roken/Makefile.in
@@ -14,7 +14,7 @@
@SET_MAKE@
-# $Id: Makefile.am,v 1.120 2002/05/31 02:44:37 assar Exp $
+# $Id: Makefile.am,v 1.122 2002/09/09 19:17:01 joda Exp $
# $Id: Makefile.am.common,v 1.5 2002/05/19 18:35:37 joda Exp $
@@ -207,7 +207,7 @@ ACLOCAL_AMFLAGS = -I ../../cf
CLEANFILES = roken.h make-roken.c $(XHEADERS)
lib_LTLIBRARIES = libroken.la
-libroken_la_LDFLAGS = -version-info 16:0:7
+libroken_la_LDFLAGS = -version-info 16:0:0
noinst_PROGRAMS = make-roken snprintf-test
@@ -217,6 +217,7 @@ check_PROGRAMS = \
base64-test \
getaddrinfo-test \
parse_bytes-test \
+ parse_reply-test \
snprintf-test \
strpftime-test
@@ -230,6 +231,9 @@ noinst_LTLIBRARIES = libtest.la
libtest_la_SOURCES = strftime.c strptime.c snprintf.c
libtest_la_CFLAGS = -DTEST_SNPRINTF
+parse_reply_test_SOURCES = parse_reply-test.c resolve.c
+parse_reply_test_CFLAGS = -DTEST_RESOLVE
+
strpftime_test_SOURCES = strpftime-test.c
strpftime_test_LDADD = libtest.la $(LDADD)
snprintf_test_SOURCES = snprintf-test.c
@@ -422,8 +426,8 @@ am_libtest_la_OBJECTS = libtest_la-strftime.lo libtest_la-strptime.lo \
libtest_la-snprintf.lo
libtest_la_OBJECTS = $(am_libtest_la_OBJECTS)
check_PROGRAMS = base64-test$(EXEEXT) getaddrinfo-test$(EXEEXT) \
- parse_bytes-test$(EXEEXT) snprintf-test$(EXEEXT) \
- strpftime-test$(EXEEXT)
+ parse_bytes-test$(EXEEXT) parse_reply-test$(EXEEXT) \
+ snprintf-test$(EXEEXT) strpftime-test$(EXEEXT)
noinst_PROGRAMS = make-roken$(EXEEXT) snprintf-test$(EXEEXT)
PROGRAMS = $(noinst_PROGRAMS)
@@ -446,6 +450,13 @@ parse_bytes_test_OBJECTS = parse_bytes-test.$(OBJEXT)
parse_bytes_test_LDADD = $(LDADD)
parse_bytes_test_DEPENDENCIES = libroken.la
parse_bytes_test_LDFLAGS =
+am_parse_reply_test_OBJECTS = \
+ parse_reply_test-parse_reply-test.$(OBJEXT) \
+ parse_reply_test-resolve.$(OBJEXT)
+parse_reply_test_OBJECTS = $(am_parse_reply_test_OBJECTS)
+parse_reply_test_LDADD = $(LDADD)
+parse_reply_test_DEPENDENCIES = libroken.la
+parse_reply_test_LDFLAGS =
am_snprintf_test_OBJECTS = snprintf_test-snprintf-test.$(OBJEXT)
snprintf_test_OBJECTS = $(am_snprintf_test_OBJECTS)
snprintf_test_DEPENDENCIES = libtest.la libroken.la
@@ -472,15 +483,15 @@ LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
CFLAGS = @CFLAGS@
DIST_SOURCES = $(libroken_la_SOURCES) $(EXTRA_libroken_la_SOURCES) \
$(libtest_la_SOURCES) base64-test.c getaddrinfo-test.c \
- parse_bytes-test.c $(snprintf_test_SOURCES) \
- $(strpftime_test_SOURCES)
+ parse_bytes-test.c $(parse_reply_test_SOURCES) \
+ $(snprintf_test_SOURCES) $(strpftime_test_SOURCES)
MANS = $(man_MANS)
HEADERS = $(include_HEADERS) $(nodist_include_HEADERS)
DIST_COMMON = $(include_HEADERS) ChangeLog Makefile.am Makefile.in \
acinclude.m4 freeaddrinfo.c getaddrinfo.c getcap.c \
getnameinfo.c glob.c install-sh missing mkinstalldirs
-SOURCES = $(libroken_la_SOURCES) $(EXTRA_libroken_la_SOURCES) $(libtest_la_SOURCES) base64-test.c getaddrinfo-test.c $(nodist_make_roken_SOURCES) parse_bytes-test.c $(snprintf_test_SOURCES) $(strpftime_test_SOURCES)
+SOURCES = $(libroken_la_SOURCES) $(EXTRA_libroken_la_SOURCES) $(libtest_la_SOURCES) base64-test.c getaddrinfo-test.c $(nodist_make_roken_SOURCES) parse_bytes-test.c $(parse_reply_test_SOURCES) $(snprintf_test_SOURCES) $(strpftime_test_SOURCES)
all: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) all-am
@@ -562,6 +573,11 @@ make-roken$(EXEEXT): $(make_roken_OBJECTS) $(make_roken_DEPENDENCIES)
parse_bytes-test$(EXEEXT): $(parse_bytes_test_OBJECTS) $(parse_bytes_test_DEPENDENCIES)
@rm -f parse_bytes-test$(EXEEXT)
$(LINK) $(parse_bytes_test_LDFLAGS) $(parse_bytes_test_OBJECTS) $(parse_bytes_test_LDADD) $(LIBS)
+parse_reply_test-parse_reply-test.$(OBJEXT): parse_reply-test.c
+parse_reply_test-resolve.$(OBJEXT): resolve.c
+parse_reply-test$(EXEEXT): $(parse_reply_test_OBJECTS) $(parse_reply_test_DEPENDENCIES)
+ @rm -f parse_reply-test$(EXEEXT)
+ $(LINK) $(parse_reply_test_LDFLAGS) $(parse_reply_test_OBJECTS) $(parse_reply_test_LDADD) $(LIBS)
snprintf_test-snprintf-test.$(OBJEXT): snprintf-test.c
snprintf-test$(EXEEXT): $(snprintf_test_OBJECTS) $(snprintf_test_DEPENDENCIES)
@rm -f snprintf-test$(EXEEXT)
@@ -612,6 +628,24 @@ libtest_la-snprintf.obj: snprintf.c
libtest_la-snprintf.lo: snprintf.c
$(LIBTOOL) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libtest_la_CFLAGS) $(CFLAGS) -c -o libtest_la-snprintf.lo `test -f 'snprintf.c' || echo '$(srcdir)/'`snprintf.c
+parse_reply_test-parse_reply-test.o: parse_reply-test.c
+ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(parse_reply_test_CFLAGS) $(CFLAGS) -c -o parse_reply_test-parse_reply-test.o `test -f 'parse_reply-test.c' || echo '$(srcdir)/'`parse_reply-test.c
+
+parse_reply_test-parse_reply-test.obj: parse_reply-test.c
+ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(parse_reply_test_CFLAGS) $(CFLAGS) -c -o parse_reply_test-parse_reply-test.obj `cygpath -w parse_reply-test.c`
+
+parse_reply_test-parse_reply-test.lo: parse_reply-test.c
+ $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(parse_reply_test_CFLAGS) $(CFLAGS) -c -o parse_reply_test-parse_reply-test.lo `test -f 'parse_reply-test.c' || echo '$(srcdir)/'`parse_reply-test.c
+
+parse_reply_test-resolve.o: resolve.c
+ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(parse_reply_test_CFLAGS) $(CFLAGS) -c -o parse_reply_test-resolve.o `test -f 'resolve.c' || echo '$(srcdir)/'`resolve.c
+
+parse_reply_test-resolve.obj: resolve.c
+ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(parse_reply_test_CFLAGS) $(CFLAGS) -c -o parse_reply_test-resolve.obj `cygpath -w resolve.c`
+
+parse_reply_test-resolve.lo: resolve.c
+ $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(parse_reply_test_CFLAGS) $(CFLAGS) -c -o parse_reply_test-resolve.lo `test -f 'resolve.c' || echo '$(srcdir)/'`resolve.c
+
snprintf_test-snprintf-test.o: snprintf-test.c
$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(snprintf_test_CFLAGS) $(CFLAGS) -c -o snprintf_test-snprintf-test.o `test -f 'snprintf-test.c' || echo '$(srcdir)/'`snprintf-test.c
diff --git a/crypto/heimdal/lib/roken/getifaddrs.c b/crypto/heimdal/lib/roken/getifaddrs.c
index d8cf1eb..e8c53f8 100644
--- a/crypto/heimdal/lib/roken/getifaddrs.c
+++ b/crypto/heimdal/lib/roken/getifaddrs.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 2000 - 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID("$Id: getifaddrs.c,v 1.7 2001/11/30 03:27:30 assar Exp $");
+RCSID("$Id: getifaddrs.c,v 1.9 2002/09/05 03:36:23 assar Exp $");
#endif
#include "roken.h"
@@ -56,6 +56,782 @@ struct mbuf;
#include <ifaddrs.h>
+#ifdef AF_NETLINK
+
+/*
+ * The linux - AF_NETLINK version of getifaddrs - from Usagi.
+ * Linux does not return v6 addresses from SIOCGIFCONF.
+ */
+
+/* $USAGI: ifaddrs.c,v 1.18 2002/03/06 01:50:46 yoshfuji Exp $ */
+
+/**************************************************************************
+ * ifaddrs.c
+ * Copyright (C)2000 Hideaki YOSHIFUJI, All Rights Reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the author nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "config.h"
+
+#include <string.h>
+#include <time.h>
+#include <malloc.h>
+#include <errno.h>
+#include <unistd.h>
+
+#include <sys/socket.h>
+#include <asm/types.h>
+#include <linux/netlink.h>
+#include <linux/rtnetlink.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netpacket/packet.h>
+#include <net/ethernet.h> /* the L2 protocols */
+#include <sys/uio.h>
+#include <net/if.h>
+#include <net/if_arp.h>
+#include <ifaddrs.h>
+#include <netinet/in.h>
+
+#define __set_errno(e) (errno = (e))
+#define __close(fd) (close(fd))
+#undef ifa_broadaddr
+#define ifa_broadaddr ifa_dstaddr
+#define IFA_NETMASK
+
+/* ====================================================================== */
+struct nlmsg_list{
+ struct nlmsg_list *nlm_next;
+ struct nlmsghdr *nlh;
+ int size;
+ time_t seq;
+};
+
+struct rtmaddr_ifamap {
+ void *address;
+ void *local;
+#ifdef IFA_NETMASK
+ void *netmask;
+#endif
+ void *broadcast;
+#ifdef HAVE_IFADDRS_IFA_ANYCAST
+ void *anycast;
+#endif
+ int address_len;
+ int local_len;
+#ifdef IFA_NETMASK
+ int netmask_len;
+#endif
+ int broadcast_len;
+#ifdef HAVE_IFADDRS_IFA_ANYCAST
+ int anycast_len;
+#endif
+};
+
+/* ====================================================================== */
+static size_t
+ifa_sa_len(sa_family_t family, int len)
+{
+ size_t size;
+ switch(family){
+ case AF_INET:
+ size = sizeof(struct sockaddr_in);
+ break;
+ case AF_INET6:
+ size = sizeof(struct sockaddr_in6);
+ break;
+ case AF_PACKET:
+ size = (size_t)(((struct sockaddr_ll *)NULL)->sll_addr) + len;
+ if (size < sizeof(struct sockaddr_ll))
+ size = sizeof(struct sockaddr_ll);
+ break;
+ default:
+ size = (size_t)(((struct sockaddr *)NULL)->sa_data) + len;
+ if (size < sizeof(struct sockaddr))
+ size = sizeof(struct sockaddr);
+ }
+ return size;
+}
+
+static void
+ifa_make_sockaddr(sa_family_t family,
+ struct sockaddr *sa,
+ void *p, size_t len,
+ uint32_t scope, uint32_t scopeid)
+{
+ if (sa == NULL) return;
+ switch(family){
+ case AF_INET:
+ memcpy(&((struct sockaddr_in*)sa)->sin_addr, (char *)p, len);
+ break;
+ case AF_INET6:
+ memcpy(&((struct sockaddr_in6*)sa)->sin6_addr, (char *)p, len);
+ if (IN6_IS_ADDR_LINKLOCAL(p) ||
+ IN6_IS_ADDR_MC_LINKLOCAL(p)){
+ ((struct sockaddr_in6*)sa)->sin6_scope_id = scopeid;
+ }
+ break;
+ case AF_PACKET:
+ memcpy(((struct sockaddr_ll*)sa)->sll_addr, (char *)p, len);
+ ((struct sockaddr_ll*)sa)->sll_halen = len;
+ break;
+ default:
+ memcpy(sa->sa_data, p, len); /*XXX*/
+ break;
+ }
+ sa->sa_family = family;
+#ifdef HAVE_SOCKADDR_SA_LEN
+ sa->sa_len = ifa_sa_len(family, len);
+#endif
+}
+
+#ifndef IFA_NETMASK
+static struct sockaddr *
+ifa_make_sockaddr_mask(sa_family_t family,
+ struct sockaddr *sa,
+ uint32_t prefixlen)
+{
+ int i;
+ char *p = NULL, c;
+ uint32_t max_prefixlen = 0;
+
+ if (sa == NULL) return NULL;
+ switch(family){
+ case AF_INET:
+ memset(&((struct sockaddr_in*)sa)->sin_addr, 0, sizeof(((struct sockaddr_in*)sa)->sin_addr));
+ p = (char *)&((struct sockaddr_in*)sa)->sin_addr;
+ max_prefixlen = 32;
+ break;
+ case AF_INET6:
+ memset(&((struct sockaddr_in6*)sa)->sin6_addr, 0, sizeof(((struct sockaddr_in6*)sa)->sin6_addr));
+ p = (char *)&((struct sockaddr_in6*)sa)->sin6_addr;
+#if 0 /* XXX: fill scope-id? */
+ if (IN6_IS_ADDR_LINKLOCAL(p) ||
+ IN6_IS_ADDR_MC_LINKLOCAL(p)){
+ ((struct sockaddr_in6*)sa)->sin6_scope_id = scopeid;
+ }
+#endif
+ max_prefixlen = 128;
+ break;
+ default:
+ return NULL;
+ }
+ sa->sa_family = family;
+#ifdef HAVE_SOCKADDR_SA_LEN
+ sa->sa_len = ifa_sa_len(family, len);
+#endif
+ if (p){
+ if (prefixlen > max_prefixlen)
+ prefixlen = max_prefixlen;
+ for (i=0; i<(prefixlen / 8); i++)
+ *p++ = 0xff;
+ c = 0xff;
+ c <<= (8 - (prefixlen % 8));
+ *p = c;
+ }
+ return sa;
+}
+#endif
+
+/* ====================================================================== */
+static int
+nl_sendreq(int sd, int request, int flags, int *seq)
+{
+ char reqbuf[NLMSG_ALIGN(sizeof(struct nlmsghdr)) +
+ NLMSG_ALIGN(sizeof(struct rtgenmsg))];
+ struct sockaddr_nl nladdr;
+ struct nlmsghdr *req_hdr;
+ struct rtgenmsg *req_msg;
+ time_t t = time(NULL);
+
+ if (seq) *seq = t;
+ memset(&reqbuf, 0, sizeof(reqbuf));
+ req_hdr = (struct nlmsghdr *)reqbuf;
+ req_msg = (struct rtgenmsg *)NLMSG_DATA(req_hdr);
+ req_hdr->nlmsg_len = NLMSG_LENGTH(sizeof(*req_msg));
+ req_hdr->nlmsg_type = request;
+ req_hdr->nlmsg_flags = flags | NLM_F_REQUEST;
+ req_hdr->nlmsg_pid = 0;
+ req_hdr->nlmsg_seq = t;
+ req_msg->rtgen_family = AF_UNSPEC;
+ memset(&nladdr, 0, sizeof(nladdr));
+ nladdr.nl_family = AF_NETLINK;
+ return (sendto(sd, (void *)req_hdr, req_hdr->nlmsg_len, 0,
+ (struct sockaddr *)&nladdr, sizeof(nladdr)));
+}
+
+static int
+nl_recvmsg(int sd, int request, int seq,
+ void *buf, size_t buflen,
+ int *flags)
+{
+ struct msghdr msg;
+ struct iovec iov = { buf, buflen };
+ struct sockaddr_nl nladdr;
+ int read_len;
+
+ for (;;){
+ msg.msg_name = (void *)&nladdr;
+ msg.msg_namelen = sizeof(nladdr);
+ msg.msg_iov = &iov;
+ msg.msg_iovlen = 1;
+ msg.msg_control = NULL;
+ msg.msg_controllen = 0;
+ msg.msg_flags = 0;
+ read_len = recvmsg(sd, &msg, 0);
+ if ((read_len < 0 && errno == EINTR) || (msg.msg_flags & MSG_TRUNC))
+ continue;
+ if (flags) *flags = msg.msg_flags;
+ break;
+ }
+ return read_len;
+}
+
+static int
+nl_getmsg(int sd, int request, int seq,
+ struct nlmsghdr **nlhp,
+ int *done)
+{
+ struct nlmsghdr *nh;
+ size_t bufsize = 65536, lastbufsize = 0;
+ void *buff = NULL;
+ int result = 0, read_size;
+ int msg_flags;
+ pid_t pid = getpid();
+ for (;;){
+ void *newbuff = realloc(buff, bufsize);
+ if (newbuff == NULL || bufsize < lastbufsize) {
+ result = -1;
+ break;
+ }
+ buff = newbuff;
+ result = read_size = nl_recvmsg(sd, request, seq, buff, bufsize, &msg_flags);
+ if (read_size < 0 || (msg_flags & MSG_TRUNC)){
+ lastbufsize = bufsize;
+ bufsize *= 2;
+ continue;
+ }
+ if (read_size == 0) break;
+ nh = (struct nlmsghdr *)buff;
+ for (nh = (struct nlmsghdr *)buff;
+ NLMSG_OK(nh, read_size);
+ nh = (struct nlmsghdr *)NLMSG_NEXT(nh, read_size)){
+ if (nh->nlmsg_pid != pid ||
+ nh->nlmsg_seq != seq)
+ continue;
+ if (nh->nlmsg_type == NLMSG_DONE){
+ (*done)++;
+ break; /* ok */
+ }
+ if (nh->nlmsg_type == NLMSG_ERROR){
+ struct nlmsgerr *nlerr = (struct nlmsgerr *)NLMSG_DATA(nh);
+ result = -1;
+ if (nh->nlmsg_len < NLMSG_LENGTH(sizeof(struct nlmsgerr)))
+ __set_errno(EIO);
+ else
+ __set_errno(-nlerr->error);
+ break;
+ }
+ }
+ break;
+ }
+ if (result < 0)
+ if (buff){
+ int saved_errno = errno;
+ free(buff);
+ __set_errno(saved_errno);
+ }
+ *nlhp = (struct nlmsghdr *)buff;
+ return result;
+}
+
+static int
+nl_getlist(int sd, int seq,
+ int request,
+ struct nlmsg_list **nlm_list,
+ struct nlmsg_list **nlm_end)
+{
+ struct nlmsghdr *nlh = NULL;
+ int status;
+ int done = 0;
+
+ status = nl_sendreq(sd, request, NLM_F_ROOT|NLM_F_MATCH, &seq);
+ if (status < 0)
+ return status;
+ if (seq == 0)
+ seq = (int)time(NULL);
+ while(!done){
+ status = nl_getmsg(sd, request, seq, &nlh, &done);
+ if (status < 0)
+ return status;
+ if (nlh){
+ struct nlmsg_list *nlm_next = (struct nlmsg_list *)malloc(sizeof(struct nlmsg_list));
+ if (nlm_next == NULL){
+ int saved_errno = errno;
+ free(nlh);
+ __set_errno(saved_errno);
+ status = -1;
+ } else {
+ nlm_next->nlm_next = NULL;
+ nlm_next->nlh = (struct nlmsghdr *)nlh;
+ nlm_next->size = status;
+ nlm_next->seq = seq;
+ if (*nlm_list == NULL){
+ *nlm_list = nlm_next;
+ *nlm_end = nlm_next;
+ } else {
+ (*nlm_end)->nlm_next = nlm_next;
+ *nlm_end = nlm_next;
+ }
+ }
+ }
+ }
+ return status >= 0 ? seq : status;
+}
+
+/* ---------------------------------------------------------------------- */
+static void
+free_nlmsglist(struct nlmsg_list *nlm0)
+{
+ struct nlmsg_list *nlm;
+ int saved_errno;
+ if (!nlm0)
+ return;
+ saved_errno = errno;
+ for (nlm=nlm0; nlm; nlm=nlm->nlm_next){
+ if (nlm->nlh)
+ free(nlm->nlh);
+ }
+ free(nlm0);
+ __set_errno(saved_errno);
+}
+
+static void
+free_data(void *data, void *ifdata)
+{
+ int saved_errno = errno;
+ if (data != NULL) free(data);
+ if (ifdata != NULL) free(ifdata);
+ __set_errno(saved_errno);
+}
+
+/* ---------------------------------------------------------------------- */
+static void
+nl_close(int sd)
+{
+ int saved_errno = errno;
+ if (sd >= 0) __close(sd);
+ __set_errno(saved_errno);
+}
+
+/* ---------------------------------------------------------------------- */
+static int
+nl_open(void)
+{
+ struct sockaddr_nl nladdr;
+ int sd;
+
+ sd = socket(PF_NETLINK, SOCK_RAW, NETLINK_ROUTE);
+ if (sd < 0) return -1;
+ memset(&nladdr, 0, sizeof(nladdr));
+ nladdr.nl_family = AF_NETLINK;
+ if (bind(sd, (struct sockaddr*)&nladdr, sizeof(nladdr)) < 0){
+ nl_close(sd);
+ return -1;
+ }
+ return sd;
+}
+
+/* ====================================================================== */
+int getifaddrs(struct ifaddrs **ifap)
+{
+ int sd;
+ struct nlmsg_list *nlmsg_list, *nlmsg_end, *nlm;
+ /* - - - - - - - - - - - - - - - */
+ int icnt;
+ size_t dlen, xlen, nlen;
+ uint32_t max_ifindex = 0;
+
+ pid_t pid = getpid();
+ int seq;
+ int result;
+ int build ; /* 0 or 1 */
+
+/* ---------------------------------- */
+ /* initialize */
+ icnt = dlen = xlen = nlen = 0;
+ nlmsg_list = nlmsg_end = NULL;
+
+ if (ifap)
+ *ifap = NULL;
+
+/* ---------------------------------- */
+ /* open socket and bind */
+ sd = nl_open();
+ if (sd < 0)
+ return -1;
+
+/* ---------------------------------- */
+ /* gather info */
+ if ((seq = nl_getlist(sd, 0, RTM_GETLINK,
+ &nlmsg_list, &nlmsg_end)) < 0){
+ free_nlmsglist(nlmsg_list);
+ nl_close(sd);
+ return -1;
+ }
+ if ((seq = nl_getlist(sd, seq+1, RTM_GETADDR,
+ &nlmsg_list, &nlmsg_end)) < 0){
+ free_nlmsglist(nlmsg_list);
+ nl_close(sd);
+ return -1;
+ }
+
+/* ---------------------------------- */
+ /* Estimate size of result buffer and fill it */
+ for (build=0; build<=1; build++){
+ struct ifaddrs *ifl = NULL, *ifa = NULL;
+ struct nlmsghdr *nlh, *nlh0;
+ char *data = NULL, *xdata = NULL;
+ void *ifdata = NULL;
+ char *ifname = NULL, **iflist = NULL;
+ uint16_t *ifflist = NULL;
+ struct rtmaddr_ifamap ifamap;
+
+ if (build){
+ data = calloc(1,
+ NLMSG_ALIGN(sizeof(struct ifaddrs[icnt]))
+ + dlen + xlen + nlen);
+ ifa = (struct ifaddrs *)data;
+ ifdata = calloc(1,
+ NLMSG_ALIGN(sizeof(char *[max_ifindex+1]))
+ + NLMSG_ALIGN(sizeof(uint16_t [max_ifindex+1])));
+ if (ifap != NULL)
+ *ifap = (ifdata != NULL) ? ifa : NULL;
+ else{
+ free_data(data, ifdata);
+ result = 0;
+ break;
+ }
+ if (data == NULL || ifdata == NULL){
+ free_data(data, ifdata);
+ result = -1;
+ break;
+ }
+ ifl = NULL;
+ data += NLMSG_ALIGN(sizeof(struct ifaddrs)) * icnt;
+ xdata = data + dlen;
+ ifname = xdata + xlen;
+ iflist = ifdata;
+ ifflist = (uint16_t *)(((char *)iflist) + NLMSG_ALIGN(sizeof(char *[max_ifindex+1])));
+ }
+
+ for (nlm=nlmsg_list; nlm; nlm=nlm->nlm_next){
+ int nlmlen = nlm->size;
+ if (!(nlh0 = nlm->nlh))
+ continue;
+ for (nlh = nlh0;
+ NLMSG_OK(nlh, nlmlen);
+ nlh=NLMSG_NEXT(nlh,nlmlen)){
+ struct ifinfomsg *ifim = NULL;
+ struct ifaddrmsg *ifam = NULL;
+ struct rtattr *rta;
+
+ size_t nlm_struct_size = 0;
+ sa_family_t nlm_family = 0;
+ uint32_t nlm_scope = 0, nlm_index = 0;
+ size_t sockaddr_size = 0;
+ uint32_t nlm_prefixlen = 0;
+ size_t rtasize;
+
+ memset(&ifamap, 0, sizeof(ifamap));
+
+ /* check if the message is what we want */
+ if (nlh->nlmsg_pid != pid ||
+ nlh->nlmsg_seq != nlm->seq)
+ continue;
+ if (nlh->nlmsg_type == NLMSG_DONE){
+ break; /* ok */
+ }
+ switch (nlh->nlmsg_type){
+ case RTM_NEWLINK:
+ ifim = (struct ifinfomsg *)NLMSG_DATA(nlh);
+ nlm_struct_size = sizeof(*ifim);
+ nlm_family = ifim->ifi_family;
+ nlm_scope = 0;
+ nlm_index = ifim->ifi_index;
+ nlm_prefixlen = 0;
+ if (build)
+ ifflist[nlm_index] = ifa->ifa_flags = ifim->ifi_flags;
+ break;
+ case RTM_NEWADDR:
+ ifam = (struct ifaddrmsg *)NLMSG_DATA(nlh);
+ nlm_struct_size = sizeof(*ifam);
+ nlm_family = ifam->ifa_family;
+ nlm_scope = ifam->ifa_scope;
+ nlm_index = ifam->ifa_index;
+ nlm_prefixlen = ifam->ifa_prefixlen;
+ if (build)
+ ifa->ifa_flags = ifflist[nlm_index];
+ break;
+ default:
+ continue;
+ }
+
+ if (!build){
+ if (max_ifindex < nlm_index)
+ max_ifindex = nlm_index;
+ } else {
+ if (ifl != NULL)
+ ifl->ifa_next = ifa;
+ }
+
+ rtasize = NLMSG_PAYLOAD(nlh, nlmlen) - NLMSG_ALIGN(nlm_struct_size);
+ for (rta = (struct rtattr *)(((char *)NLMSG_DATA(nlh)) + NLMSG_ALIGN(nlm_struct_size));
+ RTA_OK(rta, rtasize);
+ rta = RTA_NEXT(rta, rtasize)){
+ struct sockaddr **sap = NULL;
+ void *rtadata = RTA_DATA(rta);
+ size_t rtapayload = RTA_PAYLOAD(rta);
+ socklen_t sa_len;
+
+ switch(nlh->nlmsg_type){
+ case RTM_NEWLINK:
+ switch(rta->rta_type){
+ case IFLA_ADDRESS:
+ case IFLA_BROADCAST:
+ if (build){
+ sap = (rta->rta_type == IFLA_ADDRESS) ? &ifa->ifa_addr : &ifa->ifa_broadaddr;
+ *sap = (struct sockaddr *)data;
+ }
+ sa_len = ifa_sa_len(AF_PACKET, rtapayload);
+ if (rta->rta_type == IFLA_ADDRESS)
+ sockaddr_size = NLMSG_ALIGN(sa_len);
+ if (!build){
+ dlen += NLMSG_ALIGN(sa_len);
+ } else {
+ memset(*sap, 0, sa_len);
+ ifa_make_sockaddr(AF_PACKET, *sap, rtadata,rtapayload, 0,0);
+ ((struct sockaddr_ll *)*sap)->sll_ifindex = nlm_index;
+ ((struct sockaddr_ll *)*sap)->sll_hatype = ifim->ifi_type;
+ data += NLMSG_ALIGN(sa_len);
+ }
+ break;
+ case IFLA_IFNAME:/* Name of Interface */
+ if (!build)
+ nlen += NLMSG_ALIGN(rtapayload + 1);
+ else{
+ ifa->ifa_name = ifname;
+ if (iflist[nlm_index] == NULL)
+ iflist[nlm_index] = ifa->ifa_name;
+ strncpy(ifa->ifa_name, rtadata, rtapayload);
+ ifa->ifa_name[rtapayload] = '\0';
+ ifname += NLMSG_ALIGN(rtapayload + 1);
+ }
+ break;
+ case IFLA_STATS:/* Statistics of Interface */
+ if (!build)
+ xlen += NLMSG_ALIGN(rtapayload);
+ else{
+ ifa->ifa_data = xdata;
+ memcpy(ifa->ifa_data, rtadata, rtapayload);
+ xdata += NLMSG_ALIGN(rtapayload);
+ }
+ break;
+ case IFLA_UNSPEC:
+ break;
+ case IFLA_MTU:
+ break;
+ case IFLA_LINK:
+ break;
+ case IFLA_QDISC:
+ break;
+ default:
+ }
+ break;
+ case RTM_NEWADDR:
+ if (nlm_family == AF_PACKET) break;
+ switch(rta->rta_type){
+ case IFA_ADDRESS:
+ ifamap.address = rtadata;
+ ifamap.address_len = rtapayload;
+ break;
+ case IFA_LOCAL:
+ ifamap.local = rtadata;
+ ifamap.local_len = rtapayload;
+ break;
+ case IFA_BROADCAST:
+ ifamap.broadcast = rtadata;
+ ifamap.broadcast_len = rtapayload;
+ break;
+#ifdef HAVE_IFADDRS_IFA_ANYCAST
+ case IFA_ANYCAST:
+ ifamap.anycast = rtadata;
+ ifamap.anycast_len = rtapayload;
+ break;
+#endif
+ case IFA_LABEL:
+ if (!build)
+ nlen += NLMSG_ALIGN(rtapayload + 1);
+ else{
+ ifa->ifa_name = ifname;
+ if (iflist[nlm_index] == NULL)
+ iflist[nlm_index] = ifname;
+ strncpy(ifa->ifa_name, rtadata, rtapayload);
+ ifa->ifa_name[rtapayload] = '\0';
+ ifname += NLMSG_ALIGN(rtapayload + 1);
+ }
+ break;
+ case IFA_UNSPEC:
+ break;
+ case IFA_CACHEINFO:
+ break;
+ default:
+ }
+ }
+ }
+ if (nlh->nlmsg_type == RTM_NEWADDR &&
+ nlm_family != AF_PACKET) {
+ if (!ifamap.local) {
+ ifamap.local = ifamap.address;
+ ifamap.local_len = ifamap.address_len;
+ }
+ if (!ifamap.address) {
+ ifamap.address = ifamap.local;
+ ifamap.address_len = ifamap.local_len;
+ }
+ if (ifamap.address_len != ifamap.local_len ||
+ (ifamap.address != NULL &&
+ memcmp(ifamap.address, ifamap.local, ifamap.address_len))) {
+ /* p2p; address is peer and local is ours */
+ ifamap.broadcast = ifamap.address;
+ ifamap.broadcast_len = ifamap.address_len;
+ ifamap.address = ifamap.local;
+ ifamap.address_len = ifamap.local_len;
+ }
+ if (ifamap.address) {
+#ifndef IFA_NETMASK
+ sockaddr_size = NLMSG_ALIGN(ifa_sa_len(nlm_family,ifamap.address_len));
+#endif
+ if (!build)
+ dlen += NLMSG_ALIGN(ifa_sa_len(nlm_family,ifamap.address_len));
+ else {
+ ifa->ifa_addr = (struct sockaddr *)data;
+ ifa_make_sockaddr(nlm_family, ifa->ifa_addr, ifamap.address, ifamap.address_len,
+ nlm_scope, nlm_index);
+ data += NLMSG_ALIGN(ifa_sa_len(nlm_family, ifamap.address_len));
+ }
+ }
+#ifdef IFA_NETMASK
+ if (ifamap.netmask) {
+ if (!build)
+ dlen += NLMSG_ALIGN(ifa_sa_len(nlm_family,ifamap.netmask_len));
+ else {
+ ifa->ifa_netmask = (struct sockaddr *)data;
+ ifa_make_sockaddr(nlm_family, ifa->ifa_netmask, ifamap.netmask, ifamap.netmask_len,
+ nlm_scope, nlm_index);
+ data += NLMSG_ALIGN(ifa_sa_len(nlm_family, ifamap.netmask_len));
+ }
+ }
+#endif
+ if (ifamap.broadcast) {
+ if (!build)
+ dlen += NLMSG_ALIGN(ifa_sa_len(nlm_family,ifamap.broadcast_len));
+ else {
+ ifa->ifa_broadaddr = (struct sockaddr *)data;
+ ifa_make_sockaddr(nlm_family, ifa->ifa_broadaddr, ifamap.broadcast, ifamap.broadcast_len,
+ nlm_scope, nlm_index);
+ data += NLMSG_ALIGN(ifa_sa_len(nlm_family, ifamap.broadcast_len));
+ }
+ }
+#ifdef HAVE_IFADDRS_IFA_ANYCAST
+ if (ifamap.anycast) {
+ if (!build)
+ dlen += NLMSG_ALIGN(ifa_sa_len(nlm_family,ifamap.anycast_len));
+ else {
+ ifa->ifa_anycast = (struct sockaddr *)data;
+ ifa_make_sockaddr(nlm_family, ifa->ifa_anyaddr, ifamap.anycast, ifamap.anycast_len,
+ nlm_scope, nlm_index);
+ data += NLMSG_ALIGN(ifa_sa_len(nlm_family, ifamap.anycast_len));
+ }
+ }
+#endif
+ }
+ if (!build){
+#ifndef IFA_NETMASK
+ dlen += sockaddr_size;
+#endif
+ icnt++;
+ } else {
+ if (ifa->ifa_name == NULL)
+ ifa->ifa_name = iflist[nlm_index];
+#ifndef IFA_NETMASK
+ if (ifa->ifa_addr &&
+ ifa->ifa_addr->sa_family != AF_UNSPEC &&
+ ifa->ifa_addr->sa_family != AF_PACKET){
+ ifa->ifa_netmask = (struct sockaddr *)data;
+ ifa_make_sockaddr_mask(ifa->ifa_addr->sa_family, ifa->ifa_netmask, nlm_prefixlen);
+ }
+ data += sockaddr_size;
+#endif
+ ifl = ifa++;
+ }
+ }
+ }
+ if (!build){
+ if (icnt == 0 && (dlen + nlen + xlen == 0)){
+ if (ifap != NULL)
+ *ifap = NULL;
+ break; /* cannot found any addresses */
+ }
+ }
+ else
+ free_data(NULL, ifdata);
+ }
+
+/* ---------------------------------- */
+ /* Finalize */
+ free_nlmsglist(nlmsg_list);
+ nl_close(sd);
+ return 0;
+}
+
+/* ---------------------------------------------------------------------- */
+void
+freeifaddrs(struct ifaddrs *ifa)
+{
+ free(ifa);
+}
+
+
+#else /* !AF_NETLINK */
+
+/*
+ * The generic SIOCGIFCONF version.
+ */
+
static int
getifaddrs2(struct ifaddrs **ifap,
int af, int siocgifconf, int siocgifflags,
@@ -355,6 +1131,8 @@ freeifaddrs(struct ifaddrs *ifp)
}
}
+#endif /* !AF_NETLINK */
+
#ifdef TEST
void
diff --git a/crypto/heimdal/lib/roken/getnameinfo_verified.c b/crypto/heimdal/lib/roken/getnameinfo_verified.c
index de3c8bf..0145262 100644
--- a/crypto/heimdal/lib/roken/getnameinfo_verified.c
+++ b/crypto/heimdal/lib/roken/getnameinfo_verified.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1999 - 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,11 +33,19 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID("$Id: getnameinfo_verified.c,v 1.5 2001/02/12 13:55:07 assar Exp $");
+RCSID("$Id: getnameinfo_verified.c,v 1.6 2002/09/05 01:36:27 assar Exp $");
#endif
#include "roken.h"
+/*
+ * Try to obtain a verified name for the address in `sa, salen' (much
+ * similar to getnameinfo).
+ * Verified in this context means that forwards and backwards lookups
+ * in DNS are consistent. If that fails, return an error if the
+ * NI_NAMEREQD flag is set or return the numeric address as a string.
+ */
+
int
getnameinfo_verified(const struct sockaddr *sa, socklen_t salen,
char *host, size_t hostlen,
@@ -60,13 +68,13 @@ getnameinfo_verified(const struct sockaddr *sa, socklen_t salen,
ret = getnameinfo (sa, salen, host, hostlen, serv, servlen,
flags | NI_NUMERICSERV);
if (ret)
- return ret;
+ goto fail;
memset (&hints, 0, sizeof(hints));
hints.ai_socktype = SOCK_STREAM;
ret = getaddrinfo (host, serv, &hints, &ai);
if (ret)
- return ret;
+ goto fail;
for (a = ai; a != NULL; a = a->ai_next) {
if (a->ai_addrlen == salen
&& memcmp (a->ai_addr, sa, salen) == 0) {
@@ -75,6 +83,7 @@ getnameinfo_verified(const struct sockaddr *sa, socklen_t salen,
}
}
freeaddrinfo (ai);
+ fail:
if (flags & NI_NAMEREQD)
return EAI_NONAME;
ret = getnameinfo (sa, salen, host, hostlen, serv, servlen,
diff --git a/crypto/heimdal/lib/roken/parse_reply-test.c b/crypto/heimdal/lib/roken/parse_reply-test.c
new file mode 100644
index 0000000..47e12d1
--- /dev/null
+++ b/crypto/heimdal/lib/roken/parse_reply-test.c
@@ -0,0 +1,129 @@
+/*
+ * Copyright (c) 2002 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+RCSID("$Id: parse_reply-test.c,v 1.2 2002/09/04 03:25:06 assar Exp $");
+#endif
+
+#include <sys/types.h>
+#ifdef HAVE_SYS_MMAN_H
+#include <sys/mman.h>
+#endif
+#include <fcntl.h>
+
+#include "roken.h"
+#include "resolve.h"
+
+struct dns_reply*
+parse_reply(const unsigned char *, size_t);
+
+enum { MAX_BUF = 36};
+
+static struct testcase {
+ unsigned char buf[MAX_BUF];
+ size_t buf_len;
+} tests[] = {
+ {{0x12, 0x67, 0x84, 0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00,
+ 0x03, 'f', 'o', 'o', 0x00,
+ 0x00, 0x10, 0x00, 0x01,
+ 0x03, 'f', 'o', 'o', 0x00,
+ 0x00, 0x10, 0x00, 0x01,
+ 0x00, 0x00, 0x12, 0x67, 0xff, 0xff}, 36}
+};
+
+#ifndef MAP_FAILED
+#define MAP_FAILED (-1)
+#endif
+
+static sig_atomic_t val = 0;
+
+static RETSIGTYPE
+segv_handler(int sig)
+{
+ val = 1;
+}
+
+int
+main(int argc, char **argv)
+{
+#ifndef HAVE_MMAP
+ return 77; /* signal to automake that this test
+ cannot be run */
+#else /* HAVE_MMAP */
+ int ret;
+ int i;
+ struct sigaction sa;
+
+ sigemptyset (&sa.sa_mask);
+ sa.sa_flags = 0;
+ sa.sa_handler = segv_handler;
+ sigaction (SIGSEGV, &sa, NULL);
+
+ for (i = 0; val == 0 && i < sizeof(tests)/sizeof(tests[0]); ++i) {
+ const struct testcase *t = &tests[i];
+ unsigned char *p1, *p2;
+ int flags;
+ int fd;
+ size_t pagesize = getpagesize();
+ unsigned char *buf;
+
+#ifdef MAP_ANON
+ flags = MAP_ANON;
+ fd = -1;
+#else
+ flags = 0;
+ fd = open ("/dev/zero", O_RDONLY);
+ if(fd < 0)
+ err (1, "open /dev/zero");
+#endif
+ flags |= MAP_PRIVATE;
+
+ p1 = (char *)mmap(0, 2 * pagesize, PROT_READ | PROT_WRITE,
+ flags, fd, 0);
+ if (p1 == (unsigned char *)MAP_FAILED)
+ err (1, "mmap");
+ p2 = p1 + pagesize;
+ ret = mprotect (p2, pagesize, 0);
+ if (ret < 0)
+ err (1, "mprotect");
+ buf = p2 - t->buf_len;
+ memcpy (buf, t->buf, t->buf_len);
+ parse_reply (buf, t->buf_len);
+ ret = munmap (p1, 2 * pagesize);
+ if (ret < 0)
+ err (1, "munmap");
+ }
+ return val;
+#endif /* HAVE_MMAP */
+}
diff --git a/crypto/heimdal/lib/roken/resolve.c b/crypto/heimdal/lib/roken/resolve.c
index f17ae4c..ac380d7 100644
--- a/crypto/heimdal/lib/roken/resolve.c
+++ b/crypto/heimdal/lib/roken/resolve.c
@@ -45,9 +45,10 @@
#include <assert.h>
-RCSID("$Id: resolve.c,v 1.33 2002/08/28 20:07:24 joda Exp $");
+RCSID("$Id: resolve.c,v 1.36 2002/09/09 21:39:19 joda Exp $");
-#if defined(HAVE_RES_SEARCH) && defined(HAVE_DN_EXPAND)
+#undef HAVE_RES_NSEARCH
+#if (defined(HAVE_RES_SEARCH) || defined(HAVE_RES_NSEARCH)) && defined(HAVE_DN_EXPAND)
#define DECL(X) {#X, T_##X}
@@ -110,8 +111,11 @@ dns_free_data(struct dns_reply *r)
free (r);
}
-static struct dns_reply*
-parse_reply(unsigned char *data, int len)
+#ifndef TEST_RESOLVE
+static
+#endif
+struct dns_reply*
+parse_reply(const unsigned char *data, size_t len)
{
const unsigned char *p;
char host[128];
@@ -366,26 +370,40 @@ dns_lookup_int(const char *domain, int rr_class, int rr_type)
{
unsigned char reply[1024];
int len;
-#ifdef HAVE__RES
+#ifdef HAVE_RES_NSEARCH
+ struct __res_state stat;
+ memset(&stat, 0, sizeof(stat));
+ if(res_ninit(&stat))
+ return NULL; /* is this the best we can do? */
+#elif defined(HAVE__RES)
u_long old_options = 0;
#endif
if (_resolve_debug) {
-#ifdef HAVE__RES
+#ifdef HAVE_RES_NSEARCH
+ stat.options |= RES_DEBUG;
+#elif defined(HAVE__RES)
old_options = _res.options;
_res.options |= RES_DEBUG;
#endif
fprintf(stderr, "dns_lookup(%s, %d, %s)\n", domain,
rr_class, dns_type_to_string(rr_type));
}
+#ifdef HAVE_RES_NSEARCH
+ len = res_nsearch(&stat, domain, rr_class, rr_type, reply, sizeof(reply));
+#else
len = res_search(domain, rr_class, rr_type, reply, sizeof(reply));
+#endif
if (_resolve_debug) {
-#ifdef HAVE__RES
+#if defined(HAVE__RES) && !defined(HAVE_RES_NSEARCH)
_res.options = old_options;
#endif
fprintf(stderr, "dns_lookup(%s, %d, %s) --> %d\n",
domain, rr_class, dns_type_to_string(rr_type), len);
}
+#ifdef HAVE_RES_NSEARCH
+ res_nclose(&stat);
+#endif
if(len < 0) {
return NULL;
} else {
diff --git a/crypto/heimdal/lib/roken/roken-common.h b/crypto/heimdal/lib/roken/roken-common.h
index 2e604ac..6e29be8 100644
--- a/crypto/heimdal/lib/roken/roken-common.h
+++ b/crypto/heimdal/lib/roken/roken-common.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1995 - 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
-/* $Id: roken-common.h,v 1.49 2002/08/20 11:55:04 joda Exp $ */
+/* $Id: roken-common.h,v 1.51 2002/09/09 13:41:12 joda Exp $ */
#ifndef __ROKEN_COMMON_H__
#define __ROKEN_COMMON_H__
@@ -252,7 +252,7 @@
ROKEN_CPP_START
-#if IRIX != 4 /* fix for compiler bug */
+#ifndef IRIX4 /* fix for compiler bug */
#ifdef RETSIGTYPE
typedef RETSIGTYPE (*SigAction)(int);
SigAction signal(int iSig, SigAction pAction); /* BSD compatible */
diff --git a/crypto/heimdal/lib/roken/roken.awk b/crypto/heimdal/lib/roken/roken.awk
index 057b4fd..b6a181c 100644
--- a/crypto/heimdal/lib/roken/roken.awk
+++ b/crypto/heimdal/lib/roken/roken.awk
@@ -1,10 +1,10 @@
-# $Id: roken.awk,v 1.7 2001/03/26 09:26:35 joda Exp $
+# $Id: roken.awk,v 1.8 2002/09/10 20:05:55 joda Exp $
BEGIN {
- print "#include <stdio.h>"
print "#ifdef HAVE_CONFIG_H"
print "#include <config.h>"
print "#endif"
+ print "#include <stdio.h>"
print ""
print "int main()"
print "{"
diff --git a/crypto/heimdal/lib/roken/rtbl.c b/crypto/heimdal/lib/roken/rtbl.c
index 098b601..5a3bc00 100644
--- a/crypto/heimdal/lib/roken/rtbl.c
+++ b/crypto/heimdal/lib/roken/rtbl.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 2000, 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID ("$Id: rtbl.c,v 1.3 2000/07/20 14:42:31 assar Exp $");
+RCSID ("$Id: rtbl.c,v 1.4 2002/09/04 21:25:09 joda Exp $");
#endif
#include "roken.h"
#include "rtbl.h"
@@ -83,12 +83,14 @@ rtbl_destroy (rtbl_t table)
for (j = 0; j < c->num_rows; j++)
free (c->rows[j].data);
+ free (c->rows);
free (c->header);
free (c->prefix);
free (c);
}
free (table->column_prefix);
free (table->columns);
+ free (table);
}
int
diff --git a/crypto/heimdal/tools/Makefile.am b/crypto/heimdal/tools/Makefile.am
index 4f02904..b7a9d24 100644
--- a/crypto/heimdal/tools/Makefile.am
+++ b/crypto/heimdal/tools/Makefile.am
@@ -1,4 +1,4 @@
-# $Id: Makefile.am,v 1.5 2001/01/29 06:56:33 assar Exp $
+# $Id: Makefile.am,v 1.6 2002/09/09 22:29:26 joda Exp $
include $(top_srcdir)/Makefile.am.common
@@ -19,6 +19,7 @@ krb5-config: krb5-config.in
-e "s,@includedir\@,$(includedir),g" \
-e "s,@LIB_crypt\@,$(LIB_crypt),g" \
-e "s,@LIB_dbopen\@,$(LIB_dbopen),g" \
+ -e "s,@INCLUDE_des\@,$(INCLUDE_des),g" \
-e "s,@LIB_des_appl\@,$(LIB_des_appl),g" \
-e "s,@LIBS\@,$(LIBS),g" \
$(srcdir)/krb5-config.in > $@
diff --git a/crypto/heimdal/tools/Makefile.in b/crypto/heimdal/tools/Makefile.in
index 48303ca..0f7496f 100644
--- a/crypto/heimdal/tools/Makefile.in
+++ b/crypto/heimdal/tools/Makefile.in
@@ -14,7 +14,7 @@
@SET_MAKE@
-# $Id: Makefile.am,v 1.5 2001/01/29 06:56:33 assar Exp $
+# $Id: Makefile.am,v 1.6 2002/09/09 22:29:26 joda Exp $
# $Id: Makefile.am.common,v 1.5 2002/05/19 18:35:37 joda Exp $
@@ -566,6 +566,7 @@ krb5-config: krb5-config.in
-e "s,@includedir\@,$(includedir),g" \
-e "s,@LIB_crypt\@,$(LIB_crypt),g" \
-e "s,@LIB_dbopen\@,$(LIB_dbopen),g" \
+ -e "s,@INCLUDE_des\@,$(INCLUDE_des),g" \
-e "s,@LIB_des_appl\@,$(LIB_des_appl),g" \
-e "s,@LIBS\@,$(LIBS),g" \
$(srcdir)/krb5-config.in > $@
diff --git a/crypto/heimdal/tools/krb5-config.in b/crypto/heimdal/tools/krb5-config.in
index e1235ac..bdaa397 100755
--- a/crypto/heimdal/tools/krb5-config.in
+++ b/crypto/heimdal/tools/krb5-config.in
@@ -1,5 +1,5 @@
#!/bin/sh
-# $Id: krb5-config.in,v 1.8 2001/01/29 06:56:51 assar Exp $
+# $Id: krb5-config.in,v 1.9 2002/09/09 22:29:06 joda Exp $
do_libs=no
do_cflags=no
@@ -21,7 +21,7 @@ for i in $*; do
;;
--version)
echo "@PACKAGE@ @VERSION@"
- echo '$Id: krb5-config.in,v 1.8 2001/01/29 06:56:51 assar Exp $'
+ echo '$Id: krb5-config.in,v 1.9 2002/09/09 22:29:06 joda Exp $'
exit 0
;;
--prefix=*)
@@ -104,7 +104,7 @@ if test "$do_libs" = "yes"; then
echo $lib_flags
fi
if test "$do_cflags" = "yes"; then
- echo "-I${includedir}"
+ echo "-I${includedir} @INCLUDE_des@"
fi
exit 0
OpenPOWER on IntegriCloud