diff options
author | markm <markm@FreeBSD.org> | 1999-09-19 21:56:09 +0000 |
---|---|---|
committer | markm <markm@FreeBSD.org> | 1999-09-19 21:56:09 +0000 |
commit | 7df5ada37cd843e2315a1c078071854d0c566837 (patch) | |
tree | 5c5f0867443a03ea20eeb5278faf23c48632b2bb /crypto/kerberosIV | |
parent | 6b45152ee9c956cc4d4653caa6ee355eb079f588 (diff) | |
download | FreeBSD-src-7df5ada37cd843e2315a1c078071854d0c566837.zip FreeBSD-src-7df5ada37cd843e2315a1c078071854d0c566837.tar.gz |
Merge anf fix for build.
Diffstat (limited to 'crypto/kerberosIV')
35 files changed, 360 insertions, 3041 deletions
diff --git a/crypto/kerberosIV/appl/bsd/bsd_locl.h b/crypto/kerberosIV/appl/bsd/bsd_locl.h index 2731f03..b173300 100644 --- a/crypto/kerberosIV/appl/bsd/bsd_locl.h +++ b/crypto/kerberosIV/appl/bsd/bsd_locl.h @@ -37,9 +37,12 @@ */ /* $Id: bsd_locl.h,v 1.109.2.1 1999/07/22 03:13:49 assar Exp $ */ +/* $FreeBSD$ */ #define LOGALL +#ifndef KERBEROS #define KERBEROS +#endif #define KLOGIN_PARANOID #define LOGIN_ACCESS #define PASSWD_FALLBACK @@ -292,10 +295,12 @@ int krcmd_mutual(char **ahost, u_int16_t rport, char *remuser, int klogin(struct passwd *pw, char *instance, char *localhost, char *password); +#if 0 typedef struct { int cnt; char *buf; } BUF; +#endif char *colon(char *cp); int okname(char *cp0); @@ -332,10 +337,6 @@ int login_access(struct passwd *user, char *from); void fatal(int f, const char *msg, int syserr); extern int LEFT_JUSTIFIED; -int des_enc_read(int fd,char *buf,int len,des_key_schedule sched, - des_cblock *iv); -int des_enc_write(int fd,char *buf,int len,des_key_schedule sched, - des_cblock *iv); /* used in des_read and des_write */ #define DES_RW_MAXWRITE (1024*16) diff --git a/crypto/kerberosIV/appl/bsd/iruserok.c b/crypto/kerberosIV/appl/bsd/iruserok.c deleted file mode 100644 index 8349d85..0000000 --- a/crypto/kerberosIV/appl/bsd/iruserok.c +++ /dev/null @@ -1,279 +0,0 @@ -/* - * Copyright (c) 1983, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "bsd_locl.h" - -RCSID("$Id: iruserok.c,v 1.15 1997/03/23 04:54:00 assar Exp $"); - -#ifndef HAVE_IRUSEROK - -int __check_rhosts_file = 1; -char *__rcmd_errstr = 0; - -/* - * Returns "true" if match, 0 if no match. - */ -static -int -__icheckhost(u_int32_t raddr, const char *lhost) -{ - struct hostent *hp; - u_long laddr; - char **pp; - - /* Try for raw ip address first. */ - if (isdigit(*lhost) && (long)(laddr = inet_addr(lhost)) != -1) - return (raddr == laddr); - - /* Better be a hostname. */ - if ((hp = gethostbyname(lhost)) == NULL) - return (0); - - /* Spin through ip addresses. */ - for (pp = hp->h_addr_list; *pp; ++pp) - if (memcmp(&raddr, *pp, sizeof(u_long)) == 0) - return (1); - - /* No match. */ - return (0); -} - -#ifndef HAVE_INNETGR -static int -innetgr(const char *netgroup, const char *machine, - const char *user, const char *domain) -{ - return 0; -} -#endif - -/* - * Returns 0 if ok, -1 if not ok. - */ -static -int -__ivaliduser(FILE *hostf, u_int32_t raddr, const char *luser, - const char *ruser) -{ - char *user, *p; - int ch; - char buf[MaxHostNameLen + 128]; /* host + login */ - char hname[MaxHostNameLen]; - struct hostent *hp; - /* Presumed guilty until proven innocent. */ - int userok = 0, hostok = 0; -#ifdef HAVE_YP_GET_DEFAULT_DOMAIN - char *ypdomain; - - if (yp_get_default_domain(&ypdomain)) - ypdomain = NULL; -#else -#define ypdomain NULL -#endif - /* We need to get the damn hostname back for netgroup matching. */ - if ((hp = gethostbyaddr((char *)&raddr, - sizeof(u_long), - AF_INET)) == NULL) - return (-1); - strncpy(hname, hp->h_name, sizeof(hname)); - hname[sizeof(hname) - 1] = '\0'; - - while (fgets(buf, sizeof(buf), hostf)) { - p = buf; - /* Skip lines that are too long. */ - if (strchr(p, '\n') == NULL) { - while ((ch = getc(hostf)) != '\n' && ch != EOF); - continue; - } - if (*p == '\n' || *p == '#') { - /* comment... */ - continue; - } - while (*p != '\n' && *p != ' ' && *p != '\t' && *p != '\0') { - *p = isupper(*p) ? tolower(*p) : *p; - p++; - } - if (*p == ' ' || *p == '\t') { - *p++ = '\0'; - while (*p == ' ' || *p == '\t') - p++; - user = p; - while (*p != '\n' && *p != ' ' && - *p != '\t' && *p != '\0') - p++; - } else - user = p; - *p = '\0'; - /* - * Do +/- and +@/-@ checking. This looks really nasty, - * but it matches SunOS's behavior so far as I can tell. - */ - switch(buf[0]) { - case '+': - if (!buf[1]) { /* '+' matches all hosts */ - hostok = 1; - break; - } - if (buf[1] == '@') /* match a host by netgroup */ - hostok = innetgr((char *)&buf[2], - (char *)&hname, NULL, ypdomain); - else /* match a host by addr */ - hostok = __icheckhost(raddr,(char *)&buf[1]); - break; - case '-': /* reject '-' hosts and all their users */ - if (buf[1] == '@') { - if (innetgr((char *)&buf[2], - (char *)&hname, NULL, ypdomain)) - return(-1); - } else { - if (__icheckhost(raddr,(char *)&buf[1])) - return(-1); - } - break; - default: /* if no '+' or '-', do a simple match */ - hostok = __icheckhost(raddr, buf); - break; - } - switch(*user) { - case '+': - if (!*(user+1)) { /* '+' matches all users */ - userok = 1; - break; - } - if (*(user+1) == '@') /* match a user by netgroup */ - userok = innetgr(user+2, NULL, (char *)ruser, - ypdomain); - else /* match a user by direct specification */ - userok = !(strcmp(ruser, user+1)); - break; - case '-': /* if we matched a hostname, */ - if (hostok) { /* check for user field rejections */ - if (!*(user+1)) - return(-1); - if (*(user+1) == '@') { - if (innetgr(user+2, NULL, - (char *)ruser, ypdomain)) - return(-1); - } else { - if (!strcmp(ruser, user+1)) - return(-1); - } - } - break; - default: /* no rejections: try to match the user */ - if (hostok) - userok = !(strcmp(ruser,*user ? user : luser)); - break; - } - if (hostok && userok) - return(0); - } - return (-1); -} - -/* - * New .rhosts strategy: We are passed an ip address. We spin through - * hosts.equiv and .rhosts looking for a match. When the .rhosts only - * has ip addresses, we don't have to trust a nameserver. When it - * contains hostnames, we spin through the list of addresses the nameserver - * gives us and look for a match. - * - * Returns 0 if ok, -1 if not ok. - */ -int -iruserok(u_int32_t raddr, int superuser, const char *ruser, const char *luser) -{ - char *cp; - struct stat sbuf; - struct passwd *pwd; - FILE *hostf; - uid_t uid; - int first; - char pbuf[MaxPathLen]; - - first = 1; - hostf = superuser ? NULL : fopen(_PATH_HEQUIV, "r"); -again: - if (hostf) { - if (__ivaliduser(hostf, raddr, luser, ruser) == 0) { - fclose(hostf); - return (0); - } - fclose(hostf); - } - if (first == 1 && (__check_rhosts_file || superuser)) { - first = 0; - if ((pwd = k_getpwnam((char*)luser)) == NULL) - return (-1); - strcpy(pbuf, pwd->pw_dir); - strcat(pbuf, "/.rhosts"); - - /* - * Change effective uid while opening .rhosts. If root and - * reading an NFS mounted file system, can't read files that - * are protected read/write owner only. - */ - uid = geteuid(); - seteuid(pwd->pw_uid); - hostf = fopen(pbuf, "r"); - seteuid(uid); - - if (hostf == NULL) - return (-1); - /* - * If not a regular file, or is owned by someone other than - * user or root or if writeable by anyone but the owner, quit. - */ - cp = NULL; - if (lstat(pbuf, &sbuf) < 0) - cp = ".rhosts lstat failed"; - else if (!S_ISREG(sbuf.st_mode)) - cp = ".rhosts not regular file"; - else if (fstat(fileno(hostf), &sbuf) < 0) - cp = ".rhosts fstat failed"; - else if (sbuf.st_uid && sbuf.st_uid != pwd->pw_uid) - cp = "bad .rhosts owner"; - else if (sbuf.st_mode & (S_IWGRP|S_IWOTH)) - cp = ".rhosts writeable by other than owner"; - /* If there were any problems, quit. */ - if (cp) { - __rcmd_errstr = cp; - fclose(hostf); - return (-1); - } - goto again; - } - return (-1); -} - -#endif /* !HAVE_IRUSEROK */ diff --git a/crypto/kerberosIV/appl/bsd/pathnames.h b/crypto/kerberosIV/appl/bsd/pathnames.h_ index 671f663..6db8f68 100644 --- a/crypto/kerberosIV/appl/bsd/pathnames.h +++ b/crypto/kerberosIV/appl/bsd/pathnames.h_ @@ -32,6 +32,7 @@ * * from: @(#)pathnames.h 5.2 (Berkeley) 4/9/90 * $Id: pathnames.h,v 1.25 1998/02/03 23:29:30 assar Exp $ + * $FreeBSD$ */ /******* First fix default path, we stick to _PATH_DEFPATH everywhere */ diff --git a/crypto/kerberosIV/appl/ftp/ftpd/ftpd.c b/crypto/kerberosIV/appl/ftp/ftpd/ftpd.c index e0844d5..a8548ac 100644 --- a/crypto/kerberosIV/appl/ftp/ftpd/ftpd.c +++ b/crypto/kerberosIV/appl/ftp/ftpd/ftpd.c @@ -29,126 +29,17 @@ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. + * + * $FreeBSD$ */ -#ifdef HAVE_CONFIG_H -#include <config.h> -RCSID("$Id$"); -#endif - -/* - * FTP server. - */ -#ifdef HAVE_SYS_TYPES_H -#include <sys/types.h> -#endif -#ifdef HAVE_SYS_PARAM_H -#include <sys/param.h> -#endif -#ifdef HAVE_SYS_STAT_H -#include <sys/stat.h> -#endif -#ifdef HAVE_SYS_SOCKET_H -#include <sys/socket.h> -#endif -#if defined(HAVE_SYS_IOCTL_H) && SunOS != 4 -#include <sys/ioctl.h> -#endif -#ifdef TIME_WITH_SYS_TIME -#include <sys/time.h> -#include <time.h> -#elif defined(HAVE_SYS_TIME_H) -#include <sys/time.h> -#else -#include <time.h> -#endif -#ifdef HAVE_SYS_RESOURCE_H -#include <sys/resource.h> -#endif -#ifdef HAVE_SYS_WAIT_H -#include <sys/wait.h> -#endif - -#ifdef HAVE_NETINET_IN_H -#include <netinet/in.h> -#endif -#ifdef HAVE_NETINET_IN_SYSTM_H -#include <netinet/in_systm.h> -#endif -#ifdef HAVE_NETINET_IP_H -#include <netinet/ip.h> -#endif - -#ifdef HAVE_SYS_MMAN_H -#include <sys/mman.h> -#endif - #define FTP_NAMES -#include <arpa/ftp.h> -#ifdef HAVE_ARPA_INET_H -#include <arpa/inet.h> -#endif -#ifdef HAVE_ARPA_TELNET_H -#include <arpa/telnet.h> -#endif - -#include <ctype.h> -#ifdef HAVE_DIRENT_H -#include <dirent.h> -#endif -#include <errno.h> -#ifdef HAVE_FCNTL_H -#include <fcntl.h> -#endif -#include <glob.h> -#include <limits.h> -#ifdef HAVE_PWD_H -#include <pwd.h> -#endif -#include <setjmp.h> -#include <signal.h> -#include <stdio.h> -#include <stdlib.h> -#include <stdarg.h> -#include <string.h> -#ifdef HAVE_SYSLOG_H -#include <syslog.h> -#endif -#include <time.h> -#ifdef HAVE_UNISTD_H -#include <unistd.h> -#endif -#ifdef HAVE_GRP_H -#include <grp.h> +#include "ftpd_locl.h" +#ifdef KRB5 +#include <krb5.h> #endif -#include <err.h> - -#include "pathnames.h" -#include "extern.h" -#include "common.h" - -#include "auth.h" - -#include <krb.h> - -#include <kafs.h> -#include "roken.h" - -#ifdef OTP -#include <otp.h> -#endif - -#ifdef SOCKS -#include <socks.h> -extern int LIBPREFIX(fclose) __P((FILE *)); -#endif - -void yyparse(); - -#ifndef LOG_FTP -#define LOG_FTP LOG_DAEMON -#endif +RCSID("$Id: ftpd.c,v 1.115 1999/06/15 03:51:47 assar Exp $"); static char version[] = "Version 6.00"; @@ -166,7 +57,7 @@ jmp_buf errcatch, urgcatch; int oobflag; int logged_in; struct passwd *pw; -int debug; +int debug = 0; int ftpd_timeout = 900; /* timeout after 15 minutes of inactivity */ int maxtimeout = 7200;/* don't allow idle time to be set beyond 2 hours */ int logging; @@ -250,12 +141,12 @@ static void usage(void); static char * curdir(void) { - static char path[MaxPathLen+1+1]; /* path + '/' + '\0' */ + static char path[MaxPathLen+1]; /* path + '/' + '\0' */ - if (getcwd(path, sizeof(path)-2) == NULL) + if (getcwd(path, sizeof(path)-1) == NULL) return (""); if (path[1] != '\0') /* special case for root dir. */ - strcat(path, "/"); + strcat_truncate(path, "/", sizeof(path)); /* For guest account, skip / since it's chrooted */ return (guest ? path+1 : path); } @@ -317,18 +208,20 @@ main(int argc, char **argv) int not_inetd = 0; int port; struct servent *sp; - char tkfile[1024]; set_progname (argv[0]); +#ifdef KRB4 /* detach from any tickets and tokens */ - - snprintf(tkfile, sizeof(tkfile), - "/tmp/ftp_%u", (unsigned)getpid()); - krb_set_tkt_string(tkfile); - if(k_hasafs()) - k_setpag(); - + { + char tkfile[1024]; + snprintf(tkfile, sizeof(tkfile), + "/tmp/ftp_%u", (unsigned)getpid()); + krb_set_tkt_string(tkfile); + if(k_hasafs()) + k_setpag(); + } +#endif sp = getservbyname("ftp", "tcp"); if(sp) port = sp->s_port; @@ -430,7 +323,6 @@ main(int argc, char **argv) syslog(LOG_WARNING, "setsockopt (IP_TOS): %m"); #endif data_source.sin_port = htons(ntohs(ctrl_addr.sin_port) - 1); - debug = 0; /* set this here so it can be put in wtmp */ snprintf(ttyline, sizeof(ttyline), "ftp%u", (unsigned)getpid()); @@ -444,8 +336,6 @@ main(int argc, char **argv) syslog(LOG_ERR, "signal: %m"); #endif - auth_init(); - /* Try to handle urgent data inline */ #if defined(SO_OOBINLINE) && defined(HAVE_SETSOCKOPT) if (setsockopt(0, SOL_SOCKET, SO_OOBINLINE, (void *)&on, @@ -490,9 +380,22 @@ main(int argc, char **argv) fclose(fd); /* reply(220,) must follow */ } - k_gethostname(hostname, sizeof(hostname)); - reply(220, "%s FTP server (%s+%s) ready.", hostname, - version, krb4_version); + gethostname(hostname, sizeof(hostname)); + reply(220, "%s FTP server (%s" +#ifdef KRB5 + "+%s" +#endif +#ifdef KRB4 + "+%s" +#endif + ") ready.", hostname, version +#ifdef KRB5 + ,heimdal_version +#endif +#ifdef KRB4 + ,krb4_version +#endif + ); setjmp(errcatch); for (;;) yyparse(); @@ -576,7 +479,7 @@ user(char *name) { char *cp, *shell; - if(auth_level == 0 && !auth_complete){ + if(auth_level == 0 && !sec_complete){ reply(530, "No login allowed without authorization."); return; } @@ -611,7 +514,7 @@ user(char *name) remotehost, inet_ntoa(his_addr.sin_addr)); return; } - if((auth_level & AUTH_PLAIN) == 0 && !auth_complete){ + if((auth_level & AUTH_PLAIN) == 0 && !sec_complete){ reply(530, "Only authorized and anonymous login allowed."); return; } @@ -636,32 +539,41 @@ user(char *name) } } if (logging) - strncpy(curname, name, sizeof(curname)-1); - if(auth_ok()) - ct->userok(name); -#ifdef OTP - else { + strcpy_truncate(curname, name, sizeof(curname)); + if(sec_complete) { + if(sec_userok(name) == 0) + do_login(232, name); + else + reply(530, "User %s access denied.", name); + } else { char ss[256]; +#ifdef OTP if (otp_challenge(&otp_ctx, name, ss, sizeof(ss)) == 0) { reply(331, "Password %s for %s required.", ss, name); askpasswd = 1; - } else if ((auth_level & AUTH_OTP) == 0) { + } else +#endif + if ((auth_level & AUTH_OTP) == 0) { reply(331, "Password required for %s.", name); askpasswd = 1; } else { char *s; - if (s = otp_error (&otp_ctx)) +#ifdef OTP + if ((s = otp_error (&otp_ctx)) != NULL) lreply(530, "OTP: %s", s); +#endif reply(530, - "Only authorized, anonymous and OTP " + "Only authorized, anonymous" +#ifdef OTP + " and OTP " +#endif "login allowed."); } } -#endif /* * Delay before reading passwd after first failed * attempt to slow down passwd-guessing programs. @@ -714,11 +626,7 @@ checkuser(char *fname, char *name) static int match(const char *pattern, const char *string) { -#ifdef HAVE_FNMATCH return fnmatch(pattern, string, FNM_NOESCAPE); -#else - return strcmp(pattern, "*") != 0 && strcmp(pattern, string) != 0; -#endif } static int @@ -767,7 +675,7 @@ int do_login(int code, char *passwd) initgroups(pw->pw_name, pw->pw_gid); /* open wtmp before chroot */ - logwtmp(ttyline, pw->pw_name, remotehost); + ftpd_logwtmp(ttyline, pw->pw_name, remotehost); logged_in = 1; dochroot = checkuser(_PATH_FTPCHROOT, pw->pw_name); @@ -850,7 +758,7 @@ end_login(void) seteuid((uid_t)0); if (logged_in) - logwtmp(ttyline, "", ""); + ftpd_logwtmp(ttyline, "", ""); pw = NULL; logged_in = 0; guest = 0; @@ -878,28 +786,33 @@ pass(char *passwd) if (pw == NULL) rval = 1; /* failure below */ #ifdef OTP - else if (otp_verify_user (&otp_ctx, passwd) == 0) + else if (otp_verify_user (&otp_ctx, passwd) == 0) { rval = 0; + } #endif else if((auth_level & AUTH_OTP) == 0) { +#ifdef KRB4 char realm[REALM_SZ]; if((rval = krb_get_lrealm(realm, 1)) == KSUCCESS) - rval = krb_verify_user(pw->pw_name, "", realm, - passwd, 1, NULL); - if (rval == KSUCCESS ){ + rval = krb_verify_user(pw->pw_name, + "", realm, + passwd, + KRB_VERIFY_SECURE, NULL); + if (rval == KSUCCESS ) { + chown (tkt_string(), pw->pw_uid, pw->pw_gid); if(k_hasafs()) - k_afsklog(0, 0); - }else + krb_afslog(0, 0); + } else +#endif rval = unix_verify_user(pw->pw_name, passwd); - } -#ifdef OTP - else { + } else { char *s; - if (s = otp_error(&otp_ctx)) +#ifdef OTP + if ((s = otp_error(&otp_ctx)) != NULL) lreply(530, "OTP: %s", s); - } #endif + } memset (passwd, 0, strlen(passwd)); /* @@ -948,14 +861,15 @@ retrieve(char *cmd, char *name) st.st_size = 0; if(fin == NULL){ struct cmds { - char *ext; - char *cmd; + const char *ext; + const char *cmd; + const char *rev_cmd; } cmds[] = { - {".tar", "/bin/gtar cPf - %s"}, - {".tar.gz", "/bin/gtar zcPf - %s"}, - {".tar.Z", "/bin/gtar ZcPf - %s"}, - {".gz", "/bin/gzip -c %s"}, - {".Z", "/bin/compress -c %s"}, + {".tar", "/bin/gtar cPf - %s", NULL}, + {".tar.gz", "/bin/gtar zcPf - %s", NULL}, + {".tar.Z", "/bin/gtar ZcPf - %s", NULL}, + {".gz", "/bin/gzip -c %s", "/bin/gzip -c -d %s"}, + {".Z", "/bin/compress -c %s", "/bin/uncompress -c -d %s"}, {NULL, NULL} }; struct cmds *p; @@ -971,6 +885,21 @@ retrieve(char *cmd, char *name) break; } *tail = c; + if (p->rev_cmd != NULL) { + char *ext; + + asprintf(&ext, "%s%s", name, p->ext); + if (ext != NULL) { + if (access(ext, R_OK) == 0) { + snprintf (line, sizeof(line), + p->rev_cmd, ext); + free(ext); + break; + } + free(ext); + } + } + } if(p->ext){ fin = ftpd_popen(line, "r", 0, 0); @@ -1186,14 +1115,14 @@ dataconn(char *name, off_t size, char *mode) { char sizebuf[32]; FILE *file; - int retry = 0, tos; + int retry = 0; file_size = size; byte_count = 0; - if (size != (off_t) -1) - snprintf(sizebuf, sizeof(sizebuf), " (%ld bytes)", size); + if (size >= 0) + snprintf(sizebuf, sizeof(sizebuf), " (%ld bytes)", (long)size); else - strcpy(sizebuf, ""); + *sizebuf = '\0'; if (pdata >= 0) { struct sockaddr_in from; int s, fromlen = sizeof(from); @@ -1208,9 +1137,12 @@ dataconn(char *name, off_t size, char *mode) close(pdata); pdata = s; #if defined(IP_TOS) && defined(HAVE_SETSOCKOPT) - tos = IPTOS_THROUGHPUT; - setsockopt(s, IPPROTO_IP, IP_TOS, (void *)&tos, - sizeof(int)); + { + int tos = IPTOS_THROUGHPUT; + + setsockopt(s, IPPROTO_IP, IP_TOS, (void *)&tos, + sizeof(tos)); + } #endif reply(150, "Opening %s mode data connection for '%s'%s.", type == TYPE_A ? "ASCII" : "BINARY", name, sizebuf); @@ -1262,8 +1194,6 @@ send_data(FILE *instr, FILE *outstr) int c, cnt, filefd, netfd; static char *buf; static size_t bufsize; - int i = 0; - char s[1024]; transflag++; if (setjmp(urgcatch)) { @@ -1273,31 +1203,24 @@ send_data(FILE *instr, FILE *outstr) switch (type) { case TYPE_A: - while ((c = getc(instr)) != EOF) { - byte_count++; - if(i > 1022){ - auth_write(fileno(outstr), s, i); - i = 0; - } - if(c == '\n') - s[i++] = '\r'; - s[i++] = c; - } - if(i) - auth_write(fileno(outstr), s, i); - auth_write(fileno(outstr), s, 0); - fflush(outstr); - transflag = 0; - if (ferror(instr)) - goto file_err; - if (ferror(outstr)) - goto data_err; - reply(226, "Transfer complete."); - return; + while ((c = getc(instr)) != EOF) { + byte_count++; + if(c == '\n') + sec_putc('\r', outstr); + sec_putc(c, outstr); + } + sec_fflush(outstr); + transflag = 0; + if (ferror(instr)) + goto file_err; + if (ferror(outstr)) + goto data_err; + reply(226, "Transfer complete."); + return; case TYPE_I: case TYPE_L: -#ifdef HAVE_MMAP +#if defined(HAVE_MMAP) && !defined(NO_MMAP) #ifndef MAP_FAILED #define MAP_FAILED (-1) #endif @@ -1307,13 +1230,13 @@ send_data(FILE *instr, FILE *outstr) int in = fileno(instr); if(fstat(in, &st) == 0 && S_ISREG(st.st_mode)) { chunk = mmap(0, st.st_size, PROT_READ, MAP_SHARED, in, 0); - if(chunk != (void *)MAP_FAILED) { + if((void *)chunk != (void *)MAP_FAILED) { cnt = st.st_size - restart_point; - auth_write(fileno(outstr), + sec_write(fileno(outstr), chunk + restart_point, cnt); munmap(chunk, st.st_size); - auth_write(fileno(outstr), NULL, 0); + sec_fflush(outstr); byte_count = cnt; transflag = 0; } @@ -1334,9 +1257,9 @@ send_data(FILE *instr, FILE *outstr) return; } while ((cnt = read(filefd, buf, bufsize)) > 0 && - auth_write(netfd, buf, cnt) == cnt) + sec_write(netfd, buf, cnt) == cnt) byte_count += cnt; - auth_write(netfd, buf, 0); /* to end an encrypted stream */ + sec_fflush(outstr); /* to end an encrypted stream */ transflag = 0; if (cnt != 0) { if (cnt < 0) @@ -1394,7 +1317,7 @@ receive_data(FILE *instr, FILE *outstr) case TYPE_I: case TYPE_L: - while ((cnt = auth_read(fileno(instr), buf, bufsize)) > 0) { + while ((cnt = sec_read(fileno(instr), buf, bufsize)) > 0) { if (write(fileno(outstr), buf, cnt) != cnt) goto file_err; byte_count += cnt; @@ -1413,7 +1336,7 @@ receive_data(FILE *instr, FILE *outstr) { char *p, *q; int cr_flag = 0; - while ((cnt = auth_read(fileno(instr), + while ((cnt = sec_read(fileno(instr), buf + cr_flag, bufsize - cr_flag)) > 0){ byte_count += cnt; @@ -1422,7 +1345,7 @@ receive_data(FILE *instr, FILE *outstr) for(p = buf, q = buf; p < buf + cnt;) { if(*p == '\n') bare_lfs++; - if(*p == '\r') + if(*p == '\r') { if(p == buf + cnt - 1){ cr_flag = 1; p++; @@ -1432,6 +1355,7 @@ receive_data(FILE *instr, FILE *outstr) p += 2; continue; } + } *q++ = *p++; } fwrite(buf, q - buf, 1, outstr); @@ -1576,21 +1500,21 @@ __attribute__ ((format (printf, 3, 0))) static void int_reply(int n, char *c, const char *fmt, va_list ap) { - char buf[10240]; - char *p; - p=buf; - if(n){ - snprintf(p, sizeof(buf), "%d%s", n, c); - p+=strlen(p); - } - vsnprintf(p, sizeof(buf) - strlen(p), fmt, ap); - p+=strlen(p); - snprintf(p, sizeof(buf) - strlen(p), "\r\n"); - p+=strlen(p); - auth_printf("%s", buf); - fflush(stdout); - if (debug) - syslog(LOG_DEBUG, "<--- %s- ", buf); + char buf[10240]; + char *p; + p=buf; + if(n){ + snprintf(p, sizeof(buf), "%d%s", n, c); + p+=strlen(p); + } + vsnprintf(p, sizeof(buf) - strlen(p), fmt, ap); + p+=strlen(p); + snprintf(p, sizeof(buf) - strlen(p), "\r\n"); + p+=strlen(p); + sec_fprintf(stdout, "%s", buf); + fflush(stdout); + if (debug) + syslog(LOG_DEBUG, "<--- %s- ", buf); } void @@ -1711,7 +1635,7 @@ removedir(char *name) void pwd(void) { - char path[MaxPathLen + 1]; + char path[MaxPathLen]; char *ret; /* SunOS has a broken getcwd that does popen(pwd) (!!!), this @@ -1775,10 +1699,10 @@ dologout(int status) transflag = 0; if (logged_in) { seteuid((uid_t)0); - logwtmp(ttyline, "", ""); - dest_tkt(); - if(k_hasafs()) - k_unlog(); + ftpd_logwtmp(ttyline, "", ""); +#ifdef KRB4 + cond_kdestroy(); +#endif } /* beware of flushing buffers after a SIGPIPE */ #ifdef XXX @@ -1814,7 +1738,7 @@ myoob(int signo) #if 0 cp = tmpline; - if (getline(cp, 7) == NULL) { + if (ftpd_getline(cp, 7) == NULL) { reply(221, "You could at least say goodbye."); dologout(0); } @@ -1995,7 +1919,7 @@ send_file_list(char *whichf) } snprintf(buf, sizeof(buf), "%s%s\n", dirname, type == TYPE_A ? "\r" : ""); - auth_write(fileno(dout), buf, strlen(buf)); + sec_write(fileno(dout), buf, strlen(buf)); byte_count += strlen(dirname) + 1; continue; } else if (!S_ISDIR(st.st_mode)) @@ -2032,7 +1956,7 @@ send_file_list(char *whichf) else snprintf(buf, sizeof(buf), "%s%s\n", nbuf, type == TYPE_A ? "\r" : ""); - auth_write(fileno(dout), buf, strlen(buf)); + sec_write(fileno(dout), buf, strlen(buf)); byte_count += strlen(nbuf) + 1; } } @@ -2047,7 +1971,7 @@ send_file_list(char *whichf) transflag = 0; if (dout != NULL){ - auth_write(fileno(dout), buf, 0); /* XXX flush */ + sec_write(fileno(dout), buf, 0); /* XXX flush */ fclose(dout); } diff --git a/crypto/kerberosIV/appl/kauth/ksrvtgt.in b/crypto/kerberosIV/appl/kauth/ksrvtgt.in index 7571d2d..7a520fd 100644 --- a/crypto/kerberosIV/appl/kauth/ksrvtgt.in +++ b/crypto/kerberosIV/appl/kauth/ksrvtgt.in @@ -1,5 +1,6 @@ #! /bin/sh -# $Id$ +# $Id: ksrvtgt.in,v 1.3 1997/09/13 03:39:03 joda Exp $ +# $FreeBSD$ usage="Usage: `basename $0` name instance [[realm] srvtab]" @@ -11,4 +12,4 @@ fi srvtab="${4-${3-/etc/kerberosIV/srvtab}}" realm="${4+@$3}" -kauth -n "$1.$2$realm" -l 5 -f "$srvtab " +%bindir%/kauth -n "$1.$2$realm" -l 5 -f "$srvtab" diff --git a/crypto/kerberosIV/doc/kth-krb.texi b/crypto/kerberosIV/doc/kth-krb.texi index 248b626..e084de0 100644 --- a/crypto/kerberosIV/doc/kth-krb.texi +++ b/crypto/kerberosIV/doc/kth-krb.texi @@ -1,6 +1,7 @@ \input texinfo @c -*- texinfo -*- @c %**start of header @c $Id: kth-krb.texi,v 1.77.2.1 1999/08/18 21:11:25 joda Exp $ +@c $FreeBSD$ @setfilename kth-krb.info @settitle KTH-KRB @iftex diff --git a/crypto/kerberosIV/doc/otp.texi b/crypto/kerberosIV/doc/otp.texi deleted file mode 100644 index 0a5929f..0000000 --- a/crypto/kerberosIV/doc/otp.texi +++ /dev/null @@ -1,127 +0,0 @@ -@node One-Time Passwords, Resolving frequent problems, How to set up a realm, Top -@chapter One-Time Passwords - -@cindex OTP -@cindex One time passwords -There is also support for using @dfn{one time passwords} (OTP) in this -package. Specifically @code{login}, @code{ftpd}, and @code{popper} have -support for using them. - -@menu -* What are one time passwords?:: -* When to use one time passwords?:: -* Configuring OTPs:: -@end menu - -@node What are one time passwords?, When to use one time passwords?, One-Time Passwords, One-Time Passwords -@comment node-name, next, previous, up -@section What are one time passwords? - -One time passwords are, as the name implies, passwords that can only -be used once. This means that even if someone is eavesdropping on the -network, they will not be able to make use of the passwords they steal. - -The OTPs used in this package support @cite{RFC 1938}. This standard is -also backwards compatible with the well-known S/Key. There are lots of -programs for generating these on everything from HP 48's to Crays. -@cindex S/Key - -@node When to use one time passwords?, Configuring OTPs, What are one time passwords?, One-Time Passwords -@comment node-name, next, previous, up -@section When to use one time passwords? - -Why would you want to use OTPs instead of Kerberos? The advantage of -OTPs is that they don't require a computer to operate. You can print -out a list of passwords and take with you, or you could use your -calculator or hand-held computer to generate them. - -The downside is that they only protect you against passive attacks. -Only the initial connection is authenticated. After that, anyone can -eavesdrop on your session, so you should not send or view any sensitive -data (e.g. passwords) over a OTP-initiated link. You are also -vulnerable to active attacks where intruders try to take over your -TCP-session and/or introduce data in the middle of it. In other words, -they provide initial authentication, but neither integrity nor -confidentiality. - -The OTPs are generated from the tuple (@var{seed}, @var{sequence -number}, @var{pass-phrase}). The seed and the sequence number will be -printed as part of the @dfn{challenge} and you will have to generate the -corresponding password or pick it from a list. - -In conclusion, they are simple and can be used everywhere but don't -protect against all threats that Kerberos does. Use them when you can't -use Kerberos. - -@node Configuring OTPs, , When to use one time passwords?, One-Time Passwords -@comment node-name, next, previous, up -@section Configuring OTPs - -@heading Initializing - -To initialize your OTPs use the @code{otp} program. This program will -write an entry in a local file on this host with your current password -(in this case the 100th) and the corresponding seed (@samp{foobar}). -@pindex otp - -@example -@cartouche -datan:>otp 100 foobar -Pass-phrase: <pass-phrase> -Verifying password Pass-phrase: <pass-phrase> -@end cartouche -@end example - -@heading Generating - -To print out a list of them there is a program called -@code{otpprint}. -@pindex otpprint - -@example -@cartouche -datan:>otpprint 100 foobar -Pass-phrase: <pass-phrase> -91: SLAM BUY SUP DUSK SKY BEST -92: DEEM SIGH ROB RASH JUG MAT -93: DUET FISK HERS AREA TOLL SUP -94: WOW RAIN LEAK SARA MARK WING -95: COG YELL MILK CART ABE BAWL -96: GROW SILK GIST OMEN CAM ANNE -97: JAG QUAD NUT BEAT BHOY MAGI -98: ADAM USED GENE NIP EYE SIS -99: MY SUNG HERO AT DASH RAKE -100: CORN KNIT BOTH TOGO SOUL BOG -@end cartouche -@end example - -@heading Using the OTPs - -When you try to use one and have initialized a series of -one-time passwords for yourself you will get a challenge with the -algorithm being used, the sequence number, and the seed. Enter those in -your generator or find the corresponding password in your list. - -@example -@cartouche -login: assar -assar's [ otp-md5 99 foobar ] Password: <MY SUNG HERO AT DASH RAKE> -@end cartouche -@end example - -The sequence number of the password will start at one less that the -number you gave to @code{otp} and decrease by one every time you use it. -You should try to keep track of which should be the current one so that -you can be assured that nobody has stolen some of your passwords and -used them. When the number has reached zero you need to acquire a new -series of passwords. - -Once you have initialized your series of passwords, you can always use -them at any password prompt where you get the challenge as shown above. - -@heading Configuring servers - -@code{ftpd}, @code{telnetd}, and @code{popper} can be configured to -require one-time passwords when the connection has not been kerberos -authenticated. Check the man pages for these programs for the correct -options. diff --git a/crypto/kerberosIV/include/ktypes.c b/crypto/kerberosIV/include/ktypes.c deleted file mode 100644 index eb6ad48..0000000 --- a/crypto/kerberosIV/include/ktypes.c +++ /dev/null @@ -1,64 +0,0 @@ -#ifdef HAVE_CONFIG_H -#include <config.h> -RCSID("$Id: ktypes.c,v 1.4 1997/05/31 08:52:09 bg Exp $"); -#endif -#ifdef HAVE_SYS_TYPES_H -#include <sys/types.h> -#endif -#ifdef HAVE_SYS_BITYPES_H -#include <sys/bitypes.h> -#endif -#ifdef HAVE_BIND_BITYPES_H -#include <bind/bitypes.h> -#endif -#ifdef HAVE_NETINET_IN6_MACHTYPES_H -#include <netinet/in6_machtypes.h> -#endif - -int -main(void) -{ - printf ("/*\n" - " * This file was automatically generated by\n" - " * $Id: ktypes.c,v 1.4 1997/05/31 08:52:09 bg Exp $.\n" - " * Please do not edit\n" - " */\n\n"); - - printf ("#ifndef __KTYPES_H__\n" - "#define __KTYPES_H__\n\n"); - -#ifdef HAVE_SYS_TYPES_H - printf("#include <sys/types.h>\n"); -#endif -#ifdef HAVE_SYS_BITYPES_H - printf("#include <sys/bitypes.h>\n"); -#endif -#ifdef HAVE_BIND_BITYPES_H - printf("#include <bind/bitypes.h>\n"); -#endif -#ifdef HAVE_NETINET_IN6_MACHTYPES_H - printf("#include <netinet/in6_machtypes.h>\n"); -#endif - -#ifndef HAVE_INT8_T - printf("typedef signed char int8_t;\n"); -#endif -#ifndef HAVE_U_INT8_T - printf("typedef unsigned char u_int8_t;\n"); -#endif -#ifndef HAVE_INT16_T - printf("typedef short int16_t;\n"); -#endif -#ifndef HAVE_U_INT16_T - printf("typedef unsigned short u_int16_t;\n"); -#endif -#ifndef HAVE_INT32_T - printf("typedef int int32_t;\n"); -#endif -#ifndef HAVE_U_INT32_T - printf("typedef unsigned int u_int32_t;\n"); -#endif - - printf("\n#endif /* __KTYPES_H__ */\n"); - return 0; -} diff --git a/crypto/kerberosIV/include/protos.h b/crypto/kerberosIV/include/protos.h deleted file mode 100644 index 0ceb122..0000000 --- a/crypto/kerberosIV/include/protos.h +++ /dev/null @@ -1,276 +0,0 @@ -/* -*- C -*- - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the Kungliga Tekniska - * Högskolan and its contributors. - * - * 4. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * Add here functions that don't have a prototype on your system. - * - * $Id: protos.H,v 1.43 1997/05/28 01:09:36 assar Exp $ - */ - -#ifdef NEED_CRYPT_PROTO -char *crypt(const char*, const char*); -#endif - -#ifdef NEED_STRTOK_R_PROTO -char *strtok_r (char *s1, const char *s2, char **lasts); -#endif - -#ifndef HAVE_OPTARG_DECLARATION -extern char *optarg; -#endif -#ifndef HAVE_OPTERR_DECLARATION -extern int opterr; -#endif -#ifndef HAVE_OPTIND_DECLARATION -extern int optind; -#endif -#ifndef HAVE_OPTOPT_DECLARATION -extern int optopt; -#endif - -#if defined(__GNUC__) && SunOS == 4 - -/* To get type fd_set */ -#include <sys/types.h> -#include <sys/time.h> - -/* To get struct sockaddr, struct in_addr and struct hostent */ -#include <sys/socket.h> -#include <netinet/in.h> -#include <netdb.h> - -/* To get struct stat */ -#include <sys/stat.h> - -/* To get struct utimbuf */ -#include <utime.h> - -int utime(const char *, struct utimbuf *); -int syscall(int, ...); -pid_t getpid(void); -int ftruncate(int, off_t); -int fchmod(int, mode_t); -int fchown(int fd, int owner, int group); -int fsync(int); -int seteuid(uid_t); -int setreuid(int, int); -int flock(int, int); -int gettimeofday(struct timeval *tp, struct timezone *tzp); -int lstat(const char *, struct stat *); -int ioctl(int, int, void *); -int getpriority(int which, int who); -int setpriority(int which, int who, int priority); -int getdtablesize(void); -int initgroups(const char *name, int basegid); -long ulimit(int cmd, long newlimit); -int vhangup(void); - -int sigblock(int); -int sigsetmask(int); -int setitimer(int which, struct itimerval *value, struct itimerval *ovalue); - -int munmap(caddr_t addr, int len); - -int socket(int, int, int); -int setsockopt(int, int, int, void *, int); -int bind(int, void *, int); -int getsockname(int, struct sockaddr *, int *); -int accept(int, struct sockaddr *, int *); -int connect(int, struct sockaddr *, int); -int listen(int, int); -int recv(int s, void *buf, int len, int flags); -int recvfrom(int, char *, int, int, void *, int *); -int sendto(int, const char *, int, int, void *, int); -int select(int, fd_set *, fd_set *, fd_set *, struct timeval *); -int shutdown(int, int); -int getpeername(int, struct sockaddr *, int *); -int getsockopt(int, int, int, void *, int *); -int send(int s, const void *msg, int len, int flags); -struct strbuf; -int getmsg(int fd, struct strbuf *ctlptr, struct strbuf *dataptr, int *flags); - -char *inet_ntoa(struct in_addr in); -unsigned long inet_addr(const char *cp); -int gethostname(char *, int); -struct hostent *gethostbyname(const char *); -int dn_expand(const u_char *msg, - const u_char *eomorig, - const u_char *comp_dn, - char *exp_dn, - int length); -int res_search(const char *dname, - int class, - int type, - u_char *answer, - int anslen); - -int yp_get_default_domain (char **outdomain); -int innetgr(const char *netgroup, const char *machine, - const char *user, const char *domain); - -char *getwd(char *pathname); - -void bzero(char *b, int length); -int strcasecmp(const char *, const char *); -void swab(const char *, char *, int); -int atoi(const char *str); -char *mktemp(char *); -void srandom(int seed); -int random(void); - -int rcmd(char **, unsigned short, char *, char *, char *, int *); -int rresvport(int *); -int openlog(const char *ident, int logopt, int facility); -int syslog(int priority, const char *message, ...); -int ttyslot(void); - -char *getpass(const char *); - -char *getusershell(void); -void setpwent(); -void endpwent(); - -#include <stdio.h> -int fclose(FILE *); - -#endif /* SunOS4 */ - -#if SunOS == 5 - -#include <sys/types.h> -#include <sys/resource.h> - -char *getusershell(void); -char *strtok_r(char *, const char *, char **); -int getpriority (int which, id_t who); -int setpriority (int which, id_t who, int prio); -int getdtablesize (void); -char *getusershell(void); -void setusershell(void); -void endusershell(void); - -#if defined(__GNUC__) - -int syscall(int, ...); -int gethostname(char *, int); - -struct timeval; -int gettimeofday(struct timeval *tp, void *); - -#endif -#endif - -#if defined(__osf__) /* OSF/1 */ - -#if 0 -/* To get type fd_set */ -#include <sys/types.h> -#include <sys/time.h> - -int select(int, fd_set *, fd_set *, fd_set *, struct timeval *); -int fsync(int fildes); -int gethostname(char *address, int address_len); -int setreuid(int ruid, int euid); -int ioctl(int d, unsigned long request, void * arg); -#endif -int flock(int fildes, int operation); -int syscall(int, ...); - -unsigned short htons(unsigned short hostshort); -unsigned int htonl(unsigned int hostint); -unsigned short ntohs(unsigned short netshort); -unsigned int ntohl(unsigned int netint); - -char *mktemp(char *template); -char *getusershell(void); - -int rcmd(char **, unsigned short, char *, char *, char *, int *); -int rresvport (int *port); - -#endif /* OSF/1 */ - -#if defined(__sgi) -#include <sys/types.h> - -char *ptsname(int fd); -struct spwd *getspuid(uid_t); -#endif /* IRIX */ - -#if defined(__GNUC__) && defined(_AIX) /* AIX */ - -struct timeval; -struct timezone; -int gettimeofday (struct timeval *Tp, void *Tzp); - -#endif /* AIX */ - -#if defined(__GNUC__) && defined(__hpux) /* HP-UX */ - -int syscall(int, ...); - -int vhangup(void); - -char *ptsname(int fildes); - -void utmpname(const char *file); - -int innetgr(const char *netgroup, const char *machine, - const char *user, const char *domain); - -int dn_comp(char *exp_dn, char *comp_dn, int length, - char **dnptrs, char **lastdnptr); - -int res_query(char *dname, int class, int type, - unsigned char *answer, int anslen); - -int dn_expand(char *msg, char *eomorig, char *comp_dn, - char *exp_dn, int length); - -int res_search(char *dname, int class, int type, - unsigned char *answer, int anslen); - -#endif /* HP-UX */ - -#if defined(WIN32) /* Visual C++ 4.0 (Windows95/NT) */ - -int open(const char *, int, ...); -int close(int); -int read(int, void *, unsigned int); -int write(int, const void *, unsigned int); - -#endif /* WIN32 */ diff --git a/crypto/kerberosIV/include/sys/cdefs.H b/crypto/kerberosIV/include/sys/cdefs.H deleted file mode 100644 index 196d476..0000000 --- a/crypto/kerberosIV/include/sys/cdefs.H +++ /dev/null @@ -1,149 +0,0 @@ -/* -*- C -*- - * - * ++Copyright++ 1991, 1993 - * - - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - - * Portions Copyright (c) 1993 by Digital Equipment Corporation. - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies, and that - * the name of Digital Equipment Corporation not be used in advertising or - * publicity pertaining to distribution of the document or software without - * specific, written prior permission. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND DIGITAL EQUIPMENT CORP. DISCLAIMS ALL - * WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DIGITAL EQUIPMENT - * CORPORATION BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL - * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR - * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS - * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS - * SOFTWARE. - * - - * --Copyright-- - */ - -/* - * @(#)cdefs.h 8.1 (Berkeley) 6/2/93 - * $Id: cdefs.H,v 1.2 1995/09/10 20:18:56 d91-jda Exp $ - */ - -#ifndef _CDEFS_H_ -#define _CDEFS_H_ - -#if defined(__cplusplus) -#define __BEGIN_DECLS extern "C" { -#define __END_DECLS }; -#else -#define __BEGIN_DECLS -#define __END_DECLS -#endif - -/* - * The __CONCAT macro is used to concatenate parts of symbol names, e.g. - * with "#define OLD(foo) __CONCAT(old,foo)", OLD(foo) produces oldfoo. - * The __CONCAT macro is a bit tricky -- make sure you don't put spaces - * in between its arguments. __CONCAT can also concatenate double-quoted - * strings produced by the __STRING macro, but this only works with ANSI C. - */ -#if defined(__STDC__) || defined(__cplusplus) -#ifndef __P /* it's quite popular to define this */ -#define __P(protos) protos /* full-blown ANSI C */ -#endif -#define __CONCAT(x,y) x ## y -#define __STRING(x) #x - -#define __const const /* define reserved names to standard */ -#define __signed signed -#define __volatile volatile -#if defined(__cplusplus) -#define __inline inline /* convert to C++ keyword */ -#else -#ifndef __GNUC__ -#define __inline /* delete GCC keyword */ -#endif /* !__GNUC__ */ -#endif /* !__cplusplus */ - -#else /* !(__STDC__ || __cplusplus) */ -#ifndef __P -#define __P(protos) () /* traditional C preprocessor */ -#endif -#define __CONCAT(x,y) x/**/y -#define __STRING(x) "x" - -#ifndef __GNUC__ -#define __const /* delete pseudo-ANSI C keywords */ -#define __inline -#define __signed -#define __volatile -/* - * In non-ANSI C environments, new programs will want ANSI-only C keywords - * deleted from the program and old programs will want them left alone. - * When using a compiler other than gcc, programs using the ANSI C keywords - * const, inline etc. as normal identifiers should define -DNO_ANSI_KEYWORDS. - * When using "gcc -traditional", we assume that this is the intent; if - * __GNUC__ is defined but __STDC__ is not, we leave the new keywords alone. - */ -#ifndef NO_ANSI_KEYWORDS -#define const /* delete ANSI C keywords */ -#define inline -#define signed -#define volatile -#endif -#endif /* !__GNUC__ */ -#endif /* !(__STDC__ || __cplusplus) */ - -/* - * GCC1 and some versions of GCC2 declare dead (non-returning) and - * pure (no side effects) functions using "volatile" and "const"; - * unfortunately, these then cause warnings under "-ansi -pedantic". - * GCC2 uses a new, peculiar __attribute__((attrs)) style. All of - * these work for GNU C++ (modulo a slight glitch in the C++ grammar - * in the distribution version of 2.5.5). - */ -#if !defined(__GNUC__) || __GNUC__ < 2 || __GNUC_MINOR__ < 5 -#define __attribute__(x) /* delete __attribute__ if non-gcc or gcc1 */ -#if defined(__GNUC__) && !defined(__STRICT_ANSI__) -#define __dead __volatile -#define __pure __const -#endif -#endif - -/* Delete pseudo-keywords wherever they are not available or needed. */ -#ifndef __dead -#define __dead -#define __pure -#endif - -#endif /* !_CDEFS_H_ */ diff --git a/crypto/kerberosIV/kuser/kinit.c b/crypto/kerberosIV/kuser/kinit.c index cd2f826..96c0e4f 100644 --- a/crypto/kerberosIV/kuser/kinit.c +++ b/crypto/kerberosIV/kuser/kinit.c @@ -15,11 +15,13 @@ * -v[erbose] * -l[ifetime] * -p + * + * $FreeBSD$ */ #include "kuser_locl.h" -RCSID("$Id$"); +RCSID("$Id: kinit.c,v 1.17 1997/12/12 04:48:44 assar Exp $"); #define LIFE DEFAULT_TKT_LIFE /* lifetime of ticket in 5-minute units */ #define CHPASSLIFE 2 @@ -60,7 +62,6 @@ main(int argc, char **argv) *inst = *realm = '\0'; iflag = rflag = vflag = lflag = pflag = 0; lifetime = LIFE; - set_progname(argv[0]); while (--argc) { if ((*++argv)[0] != '-') { @@ -97,8 +98,8 @@ main(int argc, char **argv) iflag = rflag = 1; username = NULL; } - if (k_gethostname(buf, MaxHostNameLen)) - err(1, "k_gethostname failed"); + if (gethostname(buf, MaxHostNameLen)) + err(1, "gethostname failed"); printf("%s (%s)\n", ORGANIZATION, buf); if (username) { printf("Kerberos Initialization for \"%s", aname); @@ -108,41 +109,13 @@ main(int argc, char **argv) printf("@%s", realm); printf("\"\n"); } else { - if (iflag) { - printf("Kerberos Initialization\n"); - printf("Kerberos name: "); - get_input(name, sizeof(name), stdin); - if (!*name) - return 0; - if ((k_errno = kname_parse(aname, inst, realm, name)) - != KSUCCESS ) - errx(1, "%s", krb_get_err_text(k_errno)); - } else { - int uid = getuid(); - char *getenv(); - struct passwd *pwd; - - /* default to current user name unless running as root */ - if (uid == 0 && (username = getenv("USER")) && - strcmp(username, "root") != 0) { - strncpy(aname, username, sizeof(aname)); - strncpy(inst, "root", sizeof(inst)); - } else { - pwd = getpwuid(uid); - - if (pwd == (struct passwd *) NULL) { - fprintf(stderr, "Unknown name for your uid\n"); - printf("Kerberos name: "); - get_input(aname, sizeof(aname), stdin); - } else - strncpy(aname, pwd->pw_name, sizeof(aname)); - } - if (!*aname) - return 0; - if (!k_isname(aname)) { - errx(1, "%s", "bad Kerberos name format"); - } - } + printf("Kerberos Initialization\n"); + printf("Kerberos name: "); + get_input(name, sizeof(name), stdin); + if (!*name) + return 0; + if ((k_errno = kname_parse(aname, inst, realm, name)) != KSUCCESS ) + errx(1, "%s", krb_get_err_text(k_errno)); } /* optional instance */ if (iflag) { @@ -179,7 +152,6 @@ main(int argc, char **argv) lifetime, 0); if (vflag) { printf("Kerberos realm %s:\n", realm); - printf("Ticket file: %s\n", tkt_string()); printf("%s\n", krb_get_err_text(k_errno)); } else if (k_errno) errx(1, "%s", krb_get_err_text(k_errno)); diff --git a/crypto/kerberosIV/lib/kadm/kadm_err.et b/crypto/kerberosIV/lib/kadm/kadm_err.et index 7a247c5..097e87c 100644 --- a/crypto/kerberosIV/lib/kadm/kadm_err.et +++ b/crypto/kerberosIV/lib/kadm/kadm_err.et @@ -7,6 +7,8 @@ # # Kerberos administration server error table # +# $FreeBSD$ +# et kadm # KADM_SUCCESS, as all success codes should be, is zero diff --git a/crypto/kerberosIV/lib/kafs/kafs.h b/crypto/kerberosIV/lib/kafs/kafs.h index 579856a..650d6ff 100644 --- a/crypto/kerberosIV/lib/kafs/kafs.h +++ b/crypto/kerberosIV/lib/kafs/kafs.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -36,13 +36,14 @@ * SUCH DAMAGE. */ -/* $Id$ */ +/* $Id: kafs.h,v 1.31 1999/07/07 12:30:40 assar Exp $ */ +/* $FreeBSD$ */ #ifndef __KAFS_H #define __KAFS_H -#include <sys/types.h> -#include <sys/cdefs.h> +/* XXX must include krb5.h or krb.h */ + /* sys/ioctl.h must be included manually before kafs.h */ /* @@ -54,10 +55,39 @@ #define _VICEIOCTL(id) ((unsigned int ) _IOW('V', id, struct ViceIoctl)) #endif /* _VICEIOCTL */ +#define VIOCSETAL _VICEIOCTL(1) +#define VIOCGETAL _VICEIOCTL(2) #define VIOCSETTOK _VICEIOCTL(3) +#define VIOCGETVOLSTAT _VICEIOCTL(4) +#define VIOCSETVOLSTAT _VICEIOCTL(5) +#define VIOCFLUSH _VICEIOCTL(6) #define VIOCGETTOK _VICEIOCTL(8) #define VIOCUNLOG _VICEIOCTL(9) +#define VIOCCKSERV _VICEIOCTL(10) +#define VIOCCKBACK _VICEIOCTL(11) +#define VIOCCKCONN _VICEIOCTL(12) +#define VIOCWHEREIS _VICEIOCTL(14) +#define VIOCACCESS _VICEIOCTL(20) +#define VIOCUNPAG _VICEIOCTL(21) +#define VIOCGETFID _VICEIOCTL(22) +#define VIOCSETCACHESIZE _VICEIOCTL(24) +#define VIOCFLUSHCB _VICEIOCTL(25) +#define VIOCNEWCELL _VICEIOCTL(26) +#define VIOCGETCELL _VICEIOCTL(27) +#define VIOC_AFS_DELETE_MT_PT _VICEIOCTL(28) +#define VIOC_AFS_STAT_MT_PT _VICEIOCTL(29) #define VIOC_FILE_CELL_NAME _VICEIOCTL(30) +#define VIOC_GET_WS_CELL _VICEIOCTL(31) +#define VIOC_AFS_MARINER_HOST _VICEIOCTL(32) +#define VIOC_GET_PRIMARY_CELL _VICEIOCTL(33) +#define VIOC_VENUSLOG _VICEIOCTL(34) +#define VIOC_GETCELLSTATUS _VICEIOCTL(35) +#define VIOC_SETCELLSTATUS _VICEIOCTL(36) +#define VIOC_FLUSHVOLUME _VICEIOCTL(37) +#define VIOC_AFS_SYSNAME _VICEIOCTL(38) +#define VIOC_EXPORTAFS _VICEIOCTL(39) +#define VIOCGETCACHEPARAMS _VICEIOCTL(40) +#define VIOC_GCPAGS _VICEIOCTL(48) struct ViceIoctl { caddr_t in, out; @@ -73,17 +103,34 @@ struct ClearToken { int32_t EndTimestamp; }; +#ifdef __STDC__ #ifndef __P #define __P(x) x #endif +#else +#ifndef __P +#define __P(x) () +#endif +#endif /* Use k_hasafs() to probe if the machine supports AFS syscalls. The other functions will generate a SIGSYS if AFS is not supported */ int k_hasafs __P((void)); -int k_afsklog __P((const char *cell, const char *realm)); -int k_afsklog_uid __P((const char *cell, const char *realm, uid_t uid)); +int krb_afslog __P((const char *cell, const char *realm)); +int krb_afslog_uid __P((const char *cell, const char *realm, uid_t uid)); +int krb_afslog_home __P((const char *cell, const char *realm, + const char *homedir)); +int krb_afslog_uid_home __P((const char *cell, const char *realm, uid_t uid, + const char *homedir)); + +int krb_realm_of_cell __P((const char *cell, char **realm)); + +/* compat */ +#define k_afsklog krb_afslog +#define k_afsklog_uid krb_afslog_uid + int k_pioctl __P((char *a_path, int o_opcode, struct ViceIoctl *a_paramsP, @@ -92,9 +139,59 @@ int k_unlog __P((void)); int k_setpag __P((void)); int k_afs_cell_of_file __P((const char *path, char *cell, int len)); + + +/* XXX */ +#ifdef KFAILURE +#define KRB_H_INCLUDED +#endif + +#ifdef KRB5_RECVAUTH_IGNORE_VERSION +#define KRB5_H_INCLUDED +#endif + +#ifdef KRB_H_INCLUDED +int kafs_settoken __P((const char*, uid_t, CREDENTIALS*)); +#endif + +#ifdef KRB5_H_INCLUDED +krb5_error_code krb5_afslog_uid __P((krb5_context context, + krb5_ccache id, + const char *cell, + krb5_const_realm realm, + uid_t uid)); +krb5_error_code krb5_afslog __P((krb5_context context, + krb5_ccache id, + const char *cell, + krb5_const_realm realm)); +krb5_error_code krb5_afslog_uid_home __P((krb5_context context, + krb5_ccache id, + const char *cell, + krb5_const_realm realm, + uid_t uid, + const char *homedir)); + +krb5_error_code krb5_afslog_home __P((krb5_context context, + krb5_ccache id, + const char *cell, + krb5_const_realm realm, + const char *homedir)); + +krb5_error_code krb5_realm_of_cell __P((const char *cell, char **realm)); + +#endif + + #define _PATH_VICE "/usr/vice/etc/" #define _PATH_THISCELL _PATH_VICE "ThisCell" #define _PATH_CELLSERVDB _PATH_VICE "CellServDB" #define _PATH_THESECELLS _PATH_VICE "TheseCells" +#define _PATH_ARLA_VICE "/usr/arla/etc/" +#define _PATH_ARLA_THISCELL _PATH_ARLA_VICE "ThisCell" +#define _PATH_ARLA_CELLSERVDB _PATH_ARLA_VICE "CellServDB" +#define _PATH_ARLA_THESECELLS _PATH_ARLA_VICE "TheseCells" + +extern int _kafs_debug; + #endif /* __KAFS_H */ diff --git a/crypto/kerberosIV/lib/kdb/base64.c b/crypto/kerberosIV/lib/kdb/base64.c deleted file mode 100644 index d7e89c4..0000000 --- a/crypto/kerberosIV/lib/kdb/base64.c +++ /dev/null @@ -1,150 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the Kungliga Tekniska - * Högskolan and its contributors. - * - * 4. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include <config.h> -RCSID("$Id: base64.c,v 1.7 1997/04/01 08:18:16 joda Exp $"); -#endif - -#include <stdlib.h> -#include <ctype.h> -#include <string.h> -#include "base64.h" - -static char base64[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; - -static int POS(char c) -{ - if(c == '=') return 64; - if(isupper(c)) - return c - 'A'; - if(islower(c)) - return c - 'a' + 26; - if(isdigit(c)) - return c - '0' + 52; - if(c == '+') - return 62; - if(c == '/') - return 63; - return -1; -} - -char *base64_encode(const void *buf, int size) -{ - char *str = (char*)malloc((size+3)*4/3+1); - char *p=str; - unsigned char *q = (unsigned char*)buf; - int i; - int c; - i=0; - while(i<size){ - c=q[i++]; - c*=256; - if(i<size) - c+=q[i]; - i++; - c*=256; - if(i<size) - c+=q[i]; - i++; - p[0]=base64[(c&0x00fc0000) >> 18]; - p[1]=base64[(c&0x0003f000) >> 12]; - p[2]=base64[(c&0x00000fc0) >> 6]; - p[3]=base64[(c&0x0000003f) >> 0]; - if(i>size) - p[3]='='; - if(i>size+1) - p[2]='='; - p+=4; - } - *p=0; - return str; -} - -/* convert string in s to binary data. s should be a multiple of 4 - * bytes long. data should be at least len(s) * 3 / 4 bytes long. - * returns - */ -int base64_decode(char *s, void *data) -{ - char *p; - unsigned char *q; - int n[4]; - - if(strlen(s) % 4) - return -1; - q=(unsigned char*)data; - for(p=s; *p; p+=4){ - n[0] = POS(p[0]); - n[1] = POS(p[1]); - n[2] = POS(p[2]); - n[3] = POS(p[3]); - if((n[0] | n[1] | n[2] | n[3]) < 0) - return -1; - - if(n[0] == 64 || n[1] == 64) - return -1; - if(n[2] == 64 && n[3] < 64) - return -1; - q[0] = (n[0] << 2) + (n[1] >> 4); - if(n[2] < 64){ - q[1] = ((n[1] & 15) << 4) + (n[2] >> 2); - } - if(n[3] < 64){ - q[2] = ((n[2] & 3) << 6) + n[3]; - } - q+=3; - } - q -= (n[2] == 64) + (n[3] == 64); - return q - (unsigned char*)data; -} - -#ifdef TEST -int main(int argc, char **argv) -{ - char str[128]; - char buf[128]; - char *p; - printf("base64_encode(\"%s\") = \"%s\"\n", argv[1], - p=base64_encode(argv[1], strlen(argv[1]))); - printf("base64_decode(\"%s\") = %d", p, base64_decode(p, buf)); - printf(" (\"%s\")\n", buf); - printf("base64_decode(\"%s\") = %d", argv[1], base64_decode(argv[1], buf)); - printf(" (\"%s\")\n", buf); -} -#endif diff --git a/crypto/kerberosIV/lib/kdb/base64.h b/crypto/kerberosIV/lib/kdb/base64.h deleted file mode 100644 index edfb344..0000000 --- a/crypto/kerberosIV/lib/kdb/base64.h +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the Kungliga Tekniska - * Högskolan and its contributors. - * - * 4. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: base64.h,v 1.5 1997/04/01 08:18:16 joda Exp $ */ - -#ifndef _BASE64_H_ -#define _BASE64_H_ - -char *base64_encode(const void *buf, int size); -int base64_decode(char *s, void *data); - -#endif diff --git a/crypto/kerberosIV/lib/kdb/kdc.h b/crypto/kerberosIV/lib/kdb/kdc.h index 08fa94f..968775d 100644 --- a/crypto/kerberosIV/lib/kdb/kdc.h +++ b/crypto/kerberosIV/lib/kdb/kdc.h @@ -1,5 +1,6 @@ /* - * $Id$ + * $Id: kdc.h,v 1.8 1997/04/01 03:59:05 assar Exp $ + * $FreeBSD$ * * Copyright 1987, 1988 by the Massachusetts Institute of Technology. * diff --git a/crypto/kerberosIV/lib/kdb/krb_db.h b/crypto/kerberosIV/lib/kdb/krb_db.h index 00d6bb0..d0fc260 100644 --- a/crypto/kerberosIV/lib/kdb/krb_db.h +++ b/crypto/kerberosIV/lib/kdb/krb_db.h @@ -1,5 +1,6 @@ /* - * $Id$ + * $Id: krb_db.h,v 1.15 1996/12/17 20:34:32 assar Exp $ + * $FreeBSD$ * * Copyright 1987, 1988 by the Massachusetts Institute of Technology. * diff --git a/crypto/kerberosIV/lib/krb/et_list.c b/crypto/kerberosIV/lib/krb/et_list.c deleted file mode 100644 index 3e72b14..0000000 --- a/crypto/kerberosIV/lib/krb/et_list.c +++ /dev/null @@ -1,71 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the Kungliga Tekniska - * Högskolan and its contributors. - * - * 4. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * This is a hack to resolve the reference to _et_list when making a - * shared library under Psoriasis and possibly other systems. Presumably - * they define __ELF__, some people say Linux does so. - */ - -#include "config.h" - -RCSID("$Id: et_list.c,v 1.1.1.1 1997/09/04 06:04:22 markm Exp $"); - -struct et_list { - struct et_list *next; - const struct error_table *table; -}; - -#if defined(__GNUC__) - -struct et_list * _et_list __attribute__ ((weak)) = 0; - -#else /* !__GNUC__ */ - -#ifdef HAVE_PRAGMA_WEAK - -#pragma weak _et_list = __et_list -struct et_list * __et_list = 0; - -#else /* !HAVE_PRAGMA_WEAK */ - -struct et_list * _et_list = 0; - -#endif /* !HAVE_PRAGMA_WEAK */ - -#endif /* !__GNUC__ */ diff --git a/crypto/kerberosIV/lib/krb/gettimeofday.c b/crypto/kerberosIV/lib/krb/gettimeofday.c deleted file mode 100644 index 734ca59..0000000 --- a/crypto/kerberosIV/lib/krb/gettimeofday.c +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the Kungliga Tekniska - * Högskolan and its contributors. - * - * 4. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" -RCSID("$Id: gettimeofday.c,v 1.5 1997/04/01 08:18:29 joda Exp $"); - -#ifndef HAVE_GETTIMEOFDAY -/* - * Simple gettimeofday that only returns seconds. - */ -int -gettimeofday (struct timeval *tp, void *ignore) -{ - time_t t; - - t = time(NULL); - tp->tv_sec = t; - tp->tv_usec = 0; - return 0; -} -#endif diff --git a/crypto/kerberosIV/lib/krb/k_concat.c b/crypto/kerberosIV/lib/krb/k_concat.c deleted file mode 100644 index e7daa5f..0000000 --- a/crypto/kerberosIV/lib/krb/k_concat.c +++ /dev/null @@ -1,116 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the Kungliga Tekniska - * Högskolan and its contributors. - * - * 4. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: k_concat.c,v 1.5 1997/05/02 08:56:39 joda Exp $"); - -int -k_concat (char *s, size_t len, ...) -{ - int ret; - va_list args; - - va_start(args, len); - ret = k_vconcat (s, len, args); - va_end(args); - return ret; -} - -int -k_vconcat (char *s, size_t len, va_list args) -{ - const char *a; - - while ((a = va_arg(args, const char*))) { - size_t n = strlen (a); - - if (n >= len) - return -1; - strncpy (s, a, n); - s += n; - len -= n; - } - *s = '\0'; - return 0; -} - -size_t -k_vmconcat (char **s, size_t max_len, va_list args) -{ - const char *a; - char *p, *q; - size_t len = 0; - *s = NULL; - p = malloc(1); - if(p == NULL) - return 0; - *p = 0; - len = 1; - while ((a = va_arg(args, const char*))) { - size_t n = strlen (a); - - if(max_len && len + n > max_len){ - free(p); - return 0; - } - q = realloc(p, len + n); - if(q == NULL){ - free(p); - return 0; - } - p = q; - len += n; - strcat(p, a); - } - *s = p; - return len; -} - -size_t -k_mconcat (char **s, size_t max_len, ...) -{ - int ret; - va_list args; - - va_start(args, max_len); - ret = k_vmconcat (s, max_len, args); - va_end(args); - return ret; -} - diff --git a/crypto/kerberosIV/lib/krb/k_flock.c b/crypto/kerberosIV/lib/krb/k_flock.c deleted file mode 100644 index 844c34c..0000000 --- a/crypto/kerberosIV/lib/krb/k_flock.c +++ /dev/null @@ -1,95 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the Kungliga Tekniska - * Högskolan and its contributors. - * - * 4. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: k_flock.c,v 1.8 1997/04/01 08:18:30 joda Exp $"); - -#define K_OP_MASK (K_LOCK_SH | K_LOCK_EX | K_LOCK_UN) - -int -k_flock(int fd, int operation) -{ -#ifdef HAVE_FLOCK - int op = 0; - if (operation & K_LOCK_SH) - op |= LOCK_SH; - if (operation & K_LOCK_EX) - op |= LOCK_EX; - if (operation & K_LOCK_UN) - op |= LOCK_UN; - if (operation & K_LOCK_NB) - op |= LOCK_NB; - - return flock(fd, op); -#elif defined(HAVE_FCNTL) && defined(F_SETLK) - struct flock arg; - int code, cmd; - - arg.l_whence = SEEK_SET; - arg.l_start = 0; - arg.l_len = 0; /* means to EOF */ - - if (operation & K_LOCK_NB) - cmd = F_SETLK; - else - cmd = F_SETLKW; /* Blocking */ - - switch (operation & K_OP_MASK) { - case K_LOCK_UN: - arg.l_type = F_UNLCK; - code = fcntl(fd, F_SETLK, &arg); - break; - case K_LOCK_SH: - arg.l_type = F_RDLCK; - code = fcntl(fd, cmd, &arg); - break; - case K_LOCK_EX: - arg.l_type = F_WRLCK; - code = fcntl(fd, cmd, &arg); - break; - default: - errno = EINVAL; - code = -1; - break; - } - return code; -#else - return -1; -#endif /* !HAVE_FLOCK */ -} diff --git a/crypto/kerberosIV/lib/krb/k_gethostname.c b/crypto/kerberosIV/lib/krb/k_gethostname.c deleted file mode 100644 index 0f4d57f..0000000 --- a/crypto/kerberosIV/lib/krb/k_gethostname.c +++ /dev/null @@ -1,58 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" -RCSID("$Id: k_gethostname.c,v 1.10 1997/03/23 03:53:12 joda Exp $"); - -#ifdef HAVE_SYS_UTSNAME_H -#include <sys/utsname.h> -#endif - -/* - * Return the local host's name in "name", up to "namelen" characters. - * "name" will be null-terminated if "namelen" is big enough. - * The return code is 0 on success, -1 on failure. (The calling - * interface is identical to gethostname(2).) - */ - -int -k_gethostname(char *name, int namelen) -{ -#if defined(HAVE_GETHOSTNAME) - return gethostname(name, namelen); -#elif defined(HAVE_UNAME) - { - struct utsname utsname; - int ret; - - ret = uname (&utsname); - if (ret < 0) - return ret; - strncpy (name, utsname.nodename, namelen); - name[namelen-1] = '\0'; - return 0; - } -#else - strncpy (name, "some.random.host", namelen); - name[namelen-1] = '\0'; - return 0; -#endif -} diff --git a/crypto/kerberosIV/lib/krb/krb.h b/crypto/kerberosIV/lib/krb/krb.h index 90ca0ab..10f8c9b 100644 --- a/crypto/kerberosIV/lib/krb/krb.h +++ b/crypto/kerberosIV/lib/krb/krb.h @@ -1,5 +1,6 @@ /* - * $Id$ + * $Id: krb.h,v 1.97 1999/06/29 21:18:06 bg Exp $ + * $FreeBSD$ * * Copyright 1987, 1988 by the Massachusetts Institute of Technology. * @@ -9,20 +10,39 @@ * Include file for the Kerberos library. */ -/* Only one time, please */ -#ifndef KRB_DEFS -#define KRB_DEFS +#if !defined (__STDC__) && !defined(_MSC_VER) +#define const +#define signed +#endif #include <sys/types.h> -#include <sys/cdefs.h> -#include <stdarg.h> #include <time.h> -__BEGIN_DECLS +#ifndef __KRB_H__ +#define __KRB_H__ + +/* XXX */ +#ifndef __BEGIN_DECLS +#if defined(__cplusplus) +#define __BEGIN_DECLS extern "C" { +#define __END_DECLS }; +#else +#define __BEGIN_DECLS +#define __END_DECLS +#endif +#endif +#if defined (__STDC__) || defined (_MSC_VER) #ifndef __P #define __P(x) x #endif +#else +#ifndef __P +#define __P(x) () +#endif +#endif + +__BEGIN_DECLS /* Need some defs from des.h */ #if !defined(NOPROTO) && !defined(__STDC__) @@ -30,7 +50,7 @@ __BEGIN_DECLS #endif #include <des.h> -/* Don't use these guys, they are only for compatibility with CNS. */ +/* CNS compatibility ahead! */ #ifndef KRB_INT32 #define KRB_INT32 int32_t #endif @@ -43,15 +63,16 @@ extern int krb_ignore_ip_address; /* To turn off IP address comparison */ extern int krb_no_long_lifetimes; /* To disable AFS compatible lifetimes */ extern int krbONE; #define HOST_BYTE_ORDER (* (char *) &krbONE) +/* Debug variables */ +extern int krb_debug; +extern int krb_ap_req_debug; +extern int krb_dns_debug; + /* Text describing error codes */ #define MAX_KRB_ERRORS 256 extern const char *krb_err_txt[MAX_KRB_ERRORS]; -/* Use this function rather than indexing in krb_err_txt */ -const char *krb_get_err_text __P((int code)); - - /* General definitions */ #define KSUCCESS 0 #define KFAILURE 255 @@ -71,7 +92,6 @@ const char *krb_get_err_text __P((int code)); */ /* /etc/kerberosIV is only for backwards compatibility, don't use it! */ -/* FreeBSD wants to maintain backwards compatibility */ #ifndef KRB_CONF #define KRB_CONF "/etc/kerberosIV/krb.conf" #endif @@ -133,7 +153,7 @@ typedef struct ktext KTEXT_ST; /* Definitions for send_to_kdc */ -#define CLIENT_KRB_TIMEOUT 4 /* time between retries */ +#define CLIENT_KRB_TIMEOUT 4 /* default time between retries */ #define CLIENT_KRB_RETRY 5 /* retry this many times */ #define CLIENT_KRB_BUFLEN 512 /* max unfragmented packet */ @@ -199,17 +219,14 @@ typedef struct msg_dat MSG_DAT; struct krb_host { char *realm; char *host; - int proto; + enum krb_host_proto { PROTO_UDP, PROTO_TCP, PROTO_HTTP } proto; int port; int admin; }; -struct krb_host *krb_get_host __P((int, char*, int)); - - /* Location of ticket file for save_cred and get_cred */ #define TKT_FILE tkt_string() -#define TKT_ROOT "/tmp/tkt_" +#define TKT_ROOT "/tmp/tkt" /* Error codes returned from the KDC */ #define KDC_OK 0 /* Request OK */ @@ -298,76 +315,6 @@ struct krb_host *krb_get_host __P((int, char*, int)); /* Error code returned by krb_mk_safe */ #define SAFE_PRIV_ERROR -1 /* syscall error */ -/* - * macros for byte swapping; also scratch space - * u_quad 0-->7, 1-->6, 2-->5, 3-->4, 4-->3, 5-->2, 6-->1, 7-->0 - * u_int32_t 0-->3, 1-->2, 2-->1, 3-->0 - * u_int16_t 0-->1, 1-->0 - */ - -#define swap_u_16(x) {\ - u_int32_t _krb_swap_tmp[4];\ - swab(((char *) x) +0, ((char *) _krb_swap_tmp) +14 ,2); \ - swab(((char *) x) +2, ((char *) _krb_swap_tmp) +12 ,2); \ - swab(((char *) x) +4, ((char *) _krb_swap_tmp) +10 ,2); \ - swab(((char *) x) +6, ((char *) _krb_swap_tmp) +8 ,2); \ - swab(((char *) x) +8, ((char *) _krb_swap_tmp) +6 ,2); \ - swab(((char *) x) +10,((char *) _krb_swap_tmp) +4 ,2); \ - swab(((char *) x) +12,((char *) _krb_swap_tmp) +2 ,2); \ - swab(((char *) x) +14,((char *) _krb_swap_tmp) +0 ,2); \ - memcpy(x, _krb_swap_tmp, 16);\ - } - -#define swap_u_12(x) {\ - u_int32_t _krb_swap_tmp[4];\ - swab(( char *) x, ((char *) _krb_swap_tmp) +10 ,2); \ - swab(((char *) x) +2, ((char *) _krb_swap_tmp) +8 ,2); \ - swab(((char *) x) +4, ((char *) _krb_swap_tmp) +6 ,2); \ - swab(((char *) x) +6, ((char *) _krb_swap_tmp) +4 ,2); \ - swab(((char *) x) +8, ((char *) _krb_swap_tmp) +2 ,2); \ - swab(((char *) x) +10,((char *) _krb_swap_tmp) +0 ,2); \ - memcpy(x, _krb_swap_tmp, 12);\ - } - -#define swap_C_Block(x) {\ - u_int32_t _krb_swap_tmp[4];\ - swab(( char *) x, ((char *) _krb_swap_tmp) +6 ,2); \ - swab(((char *) x) +2,((char *) _krb_swap_tmp) +4 ,2); \ - swab(((char *) x) +4,((char *) _krb_swap_tmp) +2 ,2); \ - swab(((char *) x) +6,((char *) _krb_swap_tmp) ,2); \ - memcpy(x, _krb_swap_tmp, 8);\ - } -#define swap_u_quad(x) {\ - u_int32_t _krb_swap_tmp[4];\ - swab(( char *) &x, ((char *) _krb_swap_tmp) +6 ,2); \ - swab(((char *) &x) +2,((char *) _krb_swap_tmp) +4 ,2); \ - swab(((char *) &x) +4,((char *) _krb_swap_tmp) +2 ,2); \ - swab(((char *) &x) +6,((char *) _krb_swap_tmp) ,2); \ - memcpy(x, _krb_swap_tmp, 8);\ - } - -#define swap_u_long(x) {\ - u_int32_t _krb_swap_tmp[4];\ - swab((char *) &x, ((char *) _krb_swap_tmp) +2 ,2); \ - swab(((char *) &x) +2,((char *) _krb_swap_tmp),2); \ - x = _krb_swap_tmp[0]; \ - } - -#define swap_u_short(x) {\ - u_int16_t _krb_swap_sh_tmp; \ - swab((char *) &x, ( &_krb_swap_sh_tmp) ,2); \ - x = (u_int16_t) _krb_swap_sh_tmp; \ - } -/* Kerberos ticket flag field bit definitions */ -#define K_FLAG_ORDER 0 /* bit 0 --> lsb */ -#define K_FLAG_1 /* reserved */ -#define K_FLAG_2 /* reserved */ -#define K_FLAG_3 /* reserved */ -#define K_FLAG_4 /* reserved */ -#define K_FLAG_5 /* reserved */ -#define K_FLAG_6 /* reserved */ -#define K_FLAG_7 /* reserved, bit 7 --> msb */ - /* Defines for krb_sendauth and krb_recvauth */ #define KOPT_DONT_MK_REQ 0x00000001 /* don't call krb_mk_req */ @@ -378,189 +325,33 @@ struct krb_host *krb_get_host __P((int, char*, int)); * a hostname */ +#define KOPT_IGNORE_PROTOCOL 0x0008 + #define KRB_SENDAUTH_VLEN 8 /* length for version strings */ -/* File locking */ -#define K_LOCK_SH 1 /* Shared lock */ -#define K_LOCK_EX 2 /* Exclusive lock */ -#define K_LOCK_NB 4 /* Don't block when locking */ -#define K_LOCK_UN 8 /* Unlock */ -int k_flock __P((int fd, int operation)); -struct tm *k_localtime __P((u_int32_t *)); -int k_getsockinst __P((int fd, char *inst, size_t)); -int k_getportbyname __P((const char *service, const char *proto, int default_port)); +/* flags for krb_verify_user() */ +#define KRB_VERIFY_NOT_SECURE 0 +#define KRB_VERIFY_SECURE 1 +#define KRB_VERIFY_SECURE_FAIL 2 extern char *krb4_version; -struct in_addr; - -int k_get_all_addrs __P((struct in_addr **l)); - -/* Host address comparison */ -int krb_equiv __P((u_int32_t, u_int32_t)); - -/* Password conversion */ -void mit_string_to_key __P((char *str, char *cell, des_cblock *key)); -void afs_string_to_key __P((char *str, char *cell, des_cblock *key)); - -/* Lifetime conversion */ -u_int32_t krb_life_to_time __P((u_int32_t start, int life)); -int krb_time_to_life __P((u_int32_t start, u_int32_t end)); -char *krb_life_to_atime __P((int life)); -int krb_atime_to_life __P((char *atime)); - -/* Ticket manipulation */ -int tf_get_cred __P((CREDENTIALS *)); -int tf_get_pinst __P((char *)); -int tf_get_pname __P((char *)); -int tf_put_pinst __P((char *)); -int tf_put_pname __P((char *)); -int tf_init __P((char *, int)); -int tf_create __P((char *)); -int tf_save_cred __P((char *, char *, char *, unsigned char *, int , int , KTEXT ticket, u_int32_t)); -void tf_close __P((void)); -int tf_setup __P((CREDENTIALS *cred, char *pname, char *pinst)); - -/* Private communication */ - -struct sockaddr_in; - -int32_t krb_mk_priv __P((void *, void *, u_int32_t, struct des_ks_struct *, des_cblock *, struct sockaddr_in *, struct sockaddr_in *)); -int32_t krb_rd_priv __P((void *, u_int32_t, struct des_ks_struct *, des_cblock *, struct sockaddr_in *, struct sockaddr_in *, MSG_DAT *)); - -/* Misc */ -KTEXT create_auth_reply __P((char *, char *, char *, int32_t, int, u_int32_t, int, KTEXT)); - -char *krb_get_phost __P((const char *)); -char *krb_realmofhost __P((const char *)); -char *tkt_string __P((void)); - -int create_ciph __P((KTEXT, unsigned char *, char *, char *, char *, u_int32_t, int, KTEXT, u_int32_t, des_cblock *)); -int decomp_ticket __P((KTEXT, unsigned char *, char *, char *, char *, u_int32_t *, unsigned char *, int *, u_int32_t *, char *, char *, des_cblock *, struct des_ks_struct *)); -int dest_tkt __P((void)); -int get_ad_tkt __P((char *, char *, char *, int)); -int get_pw_tkt __P((char *, char *, char *, char *)); -int get_request __P((KTEXT, int, char **, char **)); -int in_tkt __P((char *, char *)); -int k_gethostname __P((char *, int )); -int k_isinst __P((char *)); -int k_isname __P((char *)); -int k_isrealm __P((char *)); -int kname_parse __P((char *, char *, char *, char *)); -int krb_parse_name __P((const char*, krb_principal*)); -char *krb_unparse_name __P((krb_principal*)); -char *krb_unparse_name_r __P((krb_principal*, char*)); -char *krb_unparse_name_long __P((char*, char*, char*)); -char *krb_unparse_name_long_r __P((char *name, char *instance, char *realm, char *fullname)); -int krb_create_ticket __P((KTEXT, unsigned char, char *, char *, char *, int32_t, void *, int16_t, int32_t, char *, char *, des_cblock *)); -int krb_get_admhst __P((char *, char *, int)); -int krb_get_cred __P((char *, char *, char *, CREDENTIALS *)); - -typedef int (*key_proc_t) __P((char*, char*, char*, void*, des_cblock*)); - -typedef int (*decrypt_proc_t) __P((char*, char*, char*, void*, - key_proc_t, KTEXT*)); - -int krb_get_in_tkt __P((char*, char*, char*, char*, char*, int, key_proc_t, - decrypt_proc_t, void*)); - -int srvtab_to_key __P((char *, char *, char *, void *, des_cblock *)); -int passwd_to_key __P((char *, char *, char *, void *, des_cblock *)); -int passwd_to_afskey __P((char *, char *, char *, void *, des_cblock *)); - -int krb_get_krbhst __P((char *, char *, int)); -int krb_get_lrealm __P((char *, int)); -char *krb_get_default_realm __P((void)); -int krb_get_pw_in_tkt __P((char *, char *, char *, char *, char *, int, char *)); -int krb_get_svc_in_tkt __P((char *, char *, char *, char *, char *, int, char *)); -int krb_get_tf_fullname __P((char *, char *, char *, char *)); -int krb_get_tf_realm __P((char *, char *)); -int krb_kntoln __P((AUTH_DAT *, char *)); -int krb_mk_req __P((KTEXT , char *, char *, char *, int32_t)); -int krb_net_read __P((int , void *, size_t)); -int krb_net_write __P((int , const void *, size_t)); -int krb_rd_err __P((u_char *, u_int32_t, int32_t *, MSG_DAT *)); -int krb_rd_req __P((KTEXT , char *, char *, int32_t, AUTH_DAT *, char *)); -int krb_recvauth __P((int32_t, int, KTEXT, char *, char *, struct sockaddr_in *, struct sockaddr_in *, AUTH_DAT *, char *, struct des_ks_struct *, char *)); -int krb_sendauth __P((int32_t, int, KTEXT, char *,char *, char *, u_int32_t, MSG_DAT *, CREDENTIALS *, struct des_ks_struct *, struct sockaddr_in *, struct sockaddr_in *, char *)); -int krb_mk_auth __P((int32_t, KTEXT, char *, char *, char *, u_int32_t, char *, KTEXT)); -int krb_check_auth __P((KTEXT, u_int32_t, MSG_DAT *, des_cblock *, struct des_ks_struct *, struct sockaddr_in *, struct sockaddr_in *)); -int krb_set_key __P((void *, int)); -int krb_set_lifetime __P((int)); -int krb_kuserok __P((char *name, char *inst, char *realm, char *luser)); -int kuserok __P((AUTH_DAT *, char *)); -int read_service_key __P((char *, char *, char *, int , char *, char *)); -int save_credentials __P((char *, char *, char *, unsigned char *, int , int , KTEXT , int32_t)); -int send_to_kdc __P((KTEXT , KTEXT , char *)); - -int32_t krb_mk_err __P((u_char *, int32_t, char *)); -int32_t krb_mk_safe __P((void *, void *, u_int32_t, des_cblock *, struct sockaddr_in *, struct sockaddr_in *)); -int32_t krb_rd_safe __P((void *, u_int32_t, des_cblock *, struct sockaddr_in *, struct sockaddr_in *, MSG_DAT *)); - -void ad_print __P((AUTH_DAT *)); -void cr_err_reply __P((KTEXT, char *, char *, char *, u_int32_t, u_int32_t, char *)); -void extract_ticket __P((KTEXT, int, char *, int *, int *, char *, KTEXT)); -void krb_set_tkt_string __P((char *)); - -int krb_get_default_principal __P((char *, char *, char *)); -int krb_realm_parse __P((char *, int)); -int krb_verify_user __P((char*, char*, char*, char*, int, char *)); - -/* logging.c */ - -typedef int (*krb_log_func_t)(FILE *, const char *, va_list); - -typedef krb_log_func_t krb_warnfn_t; - -struct krb_log_facility; - -int krb_vlogger __P((struct krb_log_facility*, const char *, va_list)) -#ifdef __GNUC__ -__attribute__ ((format (printf, 2, 0))) -#endif -; -int krb_logger __P((struct krb_log_facility*, const char *, ...)) -#ifdef __GNUC__ -__attribute__ ((format (printf, 2, 3))) -#endif -; -int krb_openlog __P((struct krb_log_facility*, char*, FILE*, krb_log_func_t)); - -void krb_set_warnfn __P((krb_warnfn_t)); -krb_warnfn_t krb_get_warnfn __P((void)); -void krb_warning __P((const char*, ...)) -#ifdef __GNUC__ -__attribute__ ((format (printf, 1, 2))) -#endif -; +typedef int (*key_proc_t) __P((const char *name, + char *instance, /* INOUT parameter */ + const char *realm, + const void *password, + des_cblock *key)); -void kset_logfile __P((char*)); -void krb_log __P((const char*, ...)) -#ifdef __GNUC__ -__attribute__ ((format (printf, 1, 2))) -#endif -; -char *klog __P((int, const char*, ...)) -#ifdef __GNUC__ -__attribute__ ((format (printf, 2, 3))) -#endif -; - -int getst __P((int, char *, int)); -const char *month_sname __P((int)); -const char *krb_stime __P((time_t *)); -int krb_check_tm __P((struct tm)); - -int krb_get_int __P((void *from, u_int32_t *to, int size, int lsb)); -int krb_put_int __P((u_int32_t from, void *to, int size)); -int krb_get_address __P((void *from, u_int32_t *to)); -int krb_put_address __P((u_int32_t addr, void *to)); -int krb_put_string __P((char *from, void *to)); -int krb_get_string __P((void *from, char *to)); -int krb_get_nir __P((void *from, char *name, char *instance, char *realm)); -int krb_put_nir __P((char *name, char *instance, char *realm, void *to)); +typedef int (*decrypt_proc_t) __P((const char *name, + const char *instance, + const char *realm, + const void *arg, + key_proc_t, + KTEXT *)); + +#include "krb-protos.h" __END_DECLS -#endif /* KRB_DEFS */ +#endif /* __KRB_H__ */ diff --git a/crypto/kerberosIV/lib/krb/lsb_addr_comp.h b/crypto/kerberosIV/lib/krb/lsb_addr_comp.h deleted file mode 100644 index 21adf06..0000000 --- a/crypto/kerberosIV/lib/krb/lsb_addr_comp.h +++ /dev/null @@ -1,26 +0,0 @@ -/* - * $Id: lsb_addr_comp.h,v 1.6 1996/10/05 00:18:02 joda Exp $ - * - * Copyright 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - * Comparison macros to emulate LSBFIRST comparison results of network - * byte-order quantities - */ - -#ifndef LSB_ADDR_COMP_DEFS -#define LSB_ADDR_COMP_DEFS - -/* Compare x and y in VAX byte order, result is -1, 0 or 1. */ - -#define krb_lsb_antinet_ulong_less(x, y) (((x) == (y)) ? 0 : krb_lsb_antinet_ulong_cmp(x, y)) - -#define krb_lsb_antinet_ushort_less(x, y) (((x) == (y)) ? 0 : krb_lsb_antinet_ushort_cmp(x, y)) - -int krb_lsb_antinet_ulong_cmp(u_int32_t x, u_int32_t y); -int krb_lsb_antinet_ushort_cmp(u_int16_t x, u_int16_t y); -u_int32_t lsb_time(time_t t, struct sockaddr_in *src, struct sockaddr_in *dst); - -#endif /* LSB_ADDR_COMP_DEFS */ diff --git a/crypto/kerberosIV/lib/krb/netread.c b/crypto/kerberosIV/lib/krb/netread.c deleted file mode 100644 index cbc1bd1..0000000 --- a/crypto/kerberosIV/lib/krb/netread.c +++ /dev/null @@ -1,55 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: netread.c,v 1.6 1997/03/23 03:53:15 joda Exp $"); - -/* - * krb_net_read() reads from the file descriptor "fd" to the buffer - * "buf", until either 1) "len" bytes have been read or 2) cannot - * read anymore from "fd". It returns the number of bytes read - * or a read() error. (The calling interface is identical to - * read(2).) - * - * XXX must not use non-blocking I/O - */ - -int -krb_net_read (int fd, void *v, size_t len) -{ - int cc, len2 = 0; - char *buf = v; - - do { - cc = read(fd, buf, len); - if (cc < 0) - return(cc); /* errno is already set */ - else if (cc == 0) { - return(len2); - } else { - buf += cc; - len2 += cc; - len -= cc; - } - } while (len > 0); - return(len2); -} diff --git a/crypto/kerberosIV/lib/krb/netwrite.c b/crypto/kerberosIV/lib/krb/netwrite.c deleted file mode 100644 index 0703d91..0000000 --- a/crypto/kerberosIV/lib/krb/netwrite.c +++ /dev/null @@ -1,52 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: netwrite.c,v 1.7 1997/03/23 03:53:15 joda Exp $"); - -/* - * krb_net_write() writes "len" bytes from "buf" to the file - * descriptor "fd". It returns the number of bytes written or - * a write() error. (The calling interface is identical to - * write(2).) - * - * XXX must not use non-blocking I/O - */ - -int -krb_net_write(int fd, const void *v, size_t len) -{ - int cc; - int wrlen = len; - const char *buf = (const char*)v; - - do { - cc = write(fd, buf, wrlen); - if (cc < 0) - return(cc); - else { - buf += cc; - wrlen -= cc; - } - } while (wrlen > 0); - return(len); -} diff --git a/crypto/kerberosIV/lib/krb/resolve.c b/crypto/kerberosIV/lib/krb/resolve.c deleted file mode 100644 index 7777c0e..0000000 --- a/crypto/kerberosIV/lib/krb/resolve.c +++ /dev/null @@ -1,288 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the Kungliga Tekniska - * Högskolan and its contributors. - * - * 4. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" -#include "resolve.h" - -RCSID("$Id: resolve.c,v 1.11 1997/06/01 04:19:20 assar Exp $"); - -#if defined(HAVE_RES_SEARCH) && defined(HAVE_DN_EXPAND) - -#define DECL(X) {#X, T_##X} - -static struct stot{ - char *name; - int type; -}stot[] = { - DECL(A), - DECL(NS), - DECL(CNAME), - DECL(PTR), - DECL(MX), - DECL(TXT), - DECL(AFSDB), - DECL(SRV), - {NULL, 0} -}; - -static int -string_to_type(const char *name) -{ - struct stot *p = stot; - for(p = stot; p->name; p++) - if(strcasecmp(name, p->name) == 0) - return p->type; - return -1; -} - -#if 0 -static char * -type_to_string(int type) -{ - struct stot *p = stot; - for(p = stot; p->name; p++) - if(type == p->type) - return p->name; - return NULL; -} -#endif - -void -dns_free_data(struct dns_reply *r) -{ - struct resource_record *rr; - if(r->q.domain) - free(r->q.domain); - for(rr = r->head; rr;){ - struct resource_record *tmp = rr; - if(rr->domain) - free(rr->domain); - if(rr->u.data) - free(rr->u.data); - rr = rr->next; - free(tmp); - } - free (r); -} - -static struct dns_reply* -parse_reply(unsigned char *data, int len) -{ - unsigned char *p; - char host[128]; - int status; - - struct dns_reply *r; - struct resource_record **rr; - - r = (struct dns_reply*)malloc(sizeof(struct dns_reply)); - memset(r, 0, sizeof(struct dns_reply)); - - p = data; - memcpy(&r->h, p, sizeof(HEADER)); - p += sizeof(HEADER); - status = dn_expand(data, data + len, p, host, sizeof(host)); - if(status < 0){ - dns_free_data(r); - return NULL; - } - r->q.domain = strdup(host); - p += status; - r->q.type = (p[0] << 8 | p[1]); - p += 2; - r->q.class = (p[0] << 8 | p[1]); - p += 2; - rr = &r->head; - while(p < data + len){ - int type, class, ttl, size; - status = dn_expand(data, data + len, p, host, sizeof(host)); - if(status < 0){ - dns_free_data(r); - return NULL; - } - p += status; - type = (p[0] << 8) | p[1]; - p += 2; - class = (p[0] << 8) | p[1]; - p += 2; - ttl = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]; - p += 4; - size = (p[0] << 8) | p[1]; - p += 2; - *rr = (struct resource_record*)calloc(1, - sizeof(struct resource_record)); - (*rr)->domain = strdup(host); - (*rr)->type = type; - (*rr)->class = class; - (*rr)->ttl = ttl; - (*rr)->size = size; - switch(type){ - case T_NS: - case T_CNAME: - case T_PTR: - status = dn_expand(data, data + len, p, host, sizeof(host)); - if(status < 0){ - dns_free_data(r); - return NULL; - } - (*rr)->u.txt = strdup(host); - break; - case T_MX: - case T_AFSDB:{ - status = dn_expand(data, data + len, p + 2, host, sizeof(host)); - if(status < 0){ - dns_free_data(r); - return NULL; - } - (*rr)->u.mx = (struct mx_record*)malloc(sizeof(struct mx_record) + - strlen(host)); - (*rr)->u.mx->preference = (p[0] << 8) | p[1]; - strcpy((*rr)->u.mx->domain, host); - break; - } - case T_SRV:{ - status = dn_expand(data, data + len, p + 6, host, sizeof(host)); - if(status < 0){ - dns_free_data(r); - return NULL; - } - (*rr)->u.srv = - (struct srv_record*)malloc(sizeof(struct srv_record) + - strlen(host)); - (*rr)->u.srv->priority = (p[0] << 8) | p[1]; - (*rr)->u.srv->weight = (p[2] << 8) | p[3]; - (*rr)->u.srv->port = (p[4] << 8) | p[5]; - strcpy((*rr)->u.srv->target, host); - break; - } - case T_TXT:{ - (*rr)->u.txt = (char*)malloc(size + 1); - strncpy((*rr)->u.txt, (char*)p + 1, *p); - (*rr)->u.txt[*p] = 0; - break; - } - - default: - (*rr)->u.data = (unsigned char*)malloc(size); - memcpy((*rr)->u.data, p, size); - } - p += size; - rr = &(*rr)->next; - } - *rr = NULL; - return r; -} - - - -struct dns_reply * -dns_lookup(const char *domain, const char *type_name) -{ - unsigned char reply[1024]; - int len; - int type; - struct dns_reply *r = NULL; - - type = string_to_type(type_name); - len = res_search(domain, C_IN, type, reply, sizeof(reply)); - if(len >= 0) - r = parse_reply(reply, len); - return r; -} - -#else /* defined(HAVE_RES_SEARCH) && defined(HAVE_DN_EXPAND) */ - -struct dns_reply * -dns_lookup(const char *domain, const char *type_name) -{ - return NULL; -} - -void -dns_free_data(struct dns_reply *r) -{ -} - -#endif - -#ifdef TEST - -int -main(int argc, char **argv) -{ - struct dns_reply *r; - struct resource_record *rr; - r = dns_lookup(argv[1], argv[2]); - if(r == NULL){ - printf("No reply.\n"); - return 1; - } - for(rr = r->head; rr;rr=rr->next){ - printf("%s %s %d ", rr->domain, type_to_string(rr->type), rr->ttl); - switch(rr->type){ - case T_NS: - printf("%s\n", (char*)rr->data); - break; - case T_A: - printf("%d.%d.%d.%d\n", - ((unsigned char*)rr->data)[0], - ((unsigned char*)rr->data)[1], - ((unsigned char*)rr->data)[2], - ((unsigned char*)rr->data)[3]); - break; - case T_MX: - case T_AFSDB:{ - struct mx_record *mx = (struct mx_record*)rr->data; - printf("%d %s\n", mx->preference, mx->domain); - break; - } - case T_SRV:{ - struct srv_record *srv = (struct srv_record*)rr->data; - printf("%d %d %d %s\n", srv->priority, srv->weight, - srv->port, srv->target); - break; - } - default: - printf("\n"); - break; - } - } - - return 0; -} -#endif diff --git a/crypto/kerberosIV/lib/krb/resolve.h b/crypto/kerberosIV/lib/krb/resolve.h deleted file mode 100644 index dac9993..0000000 --- a/crypto/kerberosIV/lib/krb/resolve.h +++ /dev/null @@ -1,110 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the Kungliga Tekniska - * Högskolan and its contributors. - * - * 4. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: resolve.h,v 1.5 1997/05/14 17:41:25 joda Exp $ */ - -/* THIS IS NOT (yet) A PUBLIC INTERFACE */ - - -#ifndef __RESOLVE_H__ -#define __RESOLVE_H__ - -/* We use these, but they are not always present in <arpa/nameser.h> */ - -#ifndef T_TXT -#define T_TXT 16 -#endif -#ifndef T_AFSDB -#define T_AFSDB 18 -#endif -#ifndef T_SRV -#define T_SRV 33 -#endif - -struct dns_query{ - char *domain; - unsigned type; - unsigned class; -}; - -struct mx_record{ - unsigned preference; - char domain[1]; -}; - -struct srv_record{ - unsigned priority; - unsigned weight; - unsigned port; - char target[1]; -}; - -struct resource_record{ - char *domain; - unsigned type; - unsigned class; - unsigned ttl; - unsigned size; - union { - void *data; - struct mx_record *mx; - struct mx_record *afsdb; /* mx and afsdb are identical */ - struct srv_record *srv; - struct in_addr *a; - char *txt; - }u; - struct resource_record *next; -}; - - -#ifndef HAVE_ARPA_NAMESER_H /* XXX */ -typedef int HEADER; /* will never be used */ -#endif - -struct dns_reply{ - HEADER h; - struct dns_query q; - struct resource_record *head; -}; - - -struct dns_reply* dns_lookup(const char *, const char *); - -void dns_free_data(struct dns_reply *r); - -#endif /* __RESOLVE_H__ */ diff --git a/crypto/kerberosIV/lib/krb/swab.c b/crypto/kerberosIV/lib/krb/swab.c deleted file mode 100644 index d68ce3d..0000000 --- a/crypto/kerberosIV/lib/krb/swab.c +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the Kungliga Tekniska - * Högskolan and its contributors. - * - * 4. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include <config.h> -RCSID("$Id: swab.c,v 1.4 1997/04/01 08:18:45 joda Exp $"); -#endif - -#ifndef HAVE_SWAB -void -swab (char *from, char *to, int nbytes) -{ - while(nbytes >= 2) { - *(to + 1) = *from; - *to = *(from + 1); - to += 2; - from += 2; - nbytes -= 2; - } -} -#endif diff --git a/crypto/kerberosIV/lib/krb/util.c b/crypto/kerberosIV/lib/krb/util.c deleted file mode 100644 index 7b77bb8..0000000 --- a/crypto/kerberosIV/lib/krb/util.c +++ /dev/null @@ -1,64 +0,0 @@ -/* - * - * Copyright 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - * Miscellaneous debug printing utilities - */ - -#include "krb_locl.h" - -RCSID("$Id: util.c,v 1.6 1996/10/05 00:18:34 joda Exp $"); - -/* - * Print some of the contents of the given authenticator structure - * (AUTH_DAT defined in "krb.h"). Fields printed are: - * - * pname, pinst, prealm, netaddr, flags, cksum, timestamp, session - */ - -void -ad_print(AUTH_DAT *x) -{ - /* - * Print the contents of an auth_dat struct. - */ - struct in_addr address; - address.s_addr = x->address; - printf("\n%s %s %s %s flags %u cksum 0x%X\n\ttkt_tm 0x%X sess_key", - x->pname, x->pinst, x->prealm, - inet_ntoa(address), x->k_flags, - x->checksum, x->time_sec); - printf("[8] ="); -#ifdef NOENCRYPTION - placebo_cblock_print(x->session); -#else - des_cblock_print_file(&x->session,stdout); -#endif - /* skip reply for now */ -} - -/* - * Print in hex the 8 bytes of the given session key. - * - * Printed format is: " 0x { x, x, x, x, x, x, x, x }" - */ - -#ifdef NOENCRYPTION -placebo_cblock_print(x) - des_cblock x; -{ - unsigned char *y = (unsigned char *) x; - int i = 0; - - printf(" 0x { "); - - while (i++ <8) { - printf("%x",*y++); - if (i<8) printf(", "); - } - printf(" }"); -} -#endif diff --git a/crypto/kerberosIV/lib/roken/roken.h b/crypto/kerberosIV/lib/roken/roken.h deleted file mode 100644 index 1204e3e..0000000 --- a/crypto/kerberosIV/lib/roken/roken.h +++ /dev/null @@ -1,338 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the Kungliga Tekniska - * Högskolan and its contributors. - * - * 4. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: roken.h,v 1.63 1997/05/28 05:38:09 assar Exp $ */ - -#ifndef __ROKEN_H__ -#define __ROKEN_H__ - -#include <stdlib.h> -#include <stdarg.h> -#include <string.h> -#include <signal.h> -#ifdef HAVE_SYS_TYPES_H -#include <sys/types.h> -#endif -#ifdef HAVE_UNISTD_H -#include <unistd.h> -#endif -#ifdef HAVE_GRP_H -#include <grp.h> -#endif -#ifdef HAVE_SYS_STAT_H -#include <sys/stat.h> -#endif -#ifdef HAVE_NETINET_IN_H -#include <netinet/in.h> -#endif - -#ifdef HAVE_TERMIOS_H -#include <termios.h> -#endif - -#if defined(HAVE_SYS_IOCTL_H) && SunOS != 4 -#include <sys/ioctl.h> -#endif - -#include "protos.h" - -#if !defined(HAVE_SETSID) && defined(HAVE__SETSID) -#define setsid _setsid -#endif - -#ifndef HAVE_PUTENV -int putenv(const char *string); -#endif - -#ifndef HAVE_SETENV -int setenv(const char *var, const char *val, int rewrite); -#endif - -#ifndef HAVE_UNSETENV -void unsetenv(const char *name); -#endif - -#ifndef HAVE_GETUSERSHELL -char *getusershell(void); -#endif - -#if !defined(__GNUC__) && !defined(__attribute__) -#define __attribute__(x) -#endif - -#ifndef HAVE_SNPRINTF -int snprintf (char *str, size_t sz, const char *format, ...) - __attribute__ ((format (printf, 3, 4))); -#endif - -#ifndef HAVE_VSNPRINTF -int vsnprintf (char *str, size_t sz, const char *format, va_list ap) - __attribute__((format (printf, 3, 0))); -#endif - -#ifndef HAVE_ASPRINTF -int asprintf (char **ret, const char *format, ...) - __attribute__ ((format (printf, 2, 3))); -#endif - -#ifndef HAVE_VASPRINTF -int vasprintf (char **ret, const char *format, va_list ap) - __attribute__((format (printf, 2, 0))); -#endif - -#ifndef HAVE_ASNPRINTF -int asnprintf (char **ret, size_t max_sz, const char *format, ...) - __attribute__ ((format (printf, 3, 4))); -#endif - -#ifndef HAVE_VASNPRINTF -int vasnprintf (char **ret, size_t max_sz, const char *format, va_list ap) - __attribute__((format (printf, 3, 0))); -#endif - -#ifndef HAVE_STRDUP -char * strdup(const char *old); -#endif - -#ifndef HAVE_STRLWR -char * strlwr(char *); -#endif - -#ifndef HAVE_STRNLEN -int strnlen(char*, int); -#endif - -#ifndef HAVE_STRTOK_R -char *strtok_r(char *s1, const char *s2, char **lasts); -#endif - -#ifndef HAVE_STRUPR -char * strupr(char *); -#endif - -#ifndef HAVE_GETDTABLESIZE -int getdtablesize(void); -#endif - -#if IRIX != 4 /* fix for compiler bug */ -#ifdef RETSIGTYPE -typedef RETSIGTYPE (*SigAction)(/* int??? */); -SigAction signal(int iSig, SigAction pAction); /* BSD compatible */ -#endif -#endif - -#ifndef SIG_ERR -#define SIG_ERR ((RETSIGTYPE (*)())-1) -#endif - -#if !defined(HAVE_STRERROR) && !defined(strerror) -char *strerror(int eno); -#endif - -#ifndef HAVE_HSTRERROR -char *hstrerror(int herr); -#endif - -#ifndef HAVE_H_ERRNO_DECLARATION -extern int h_errno; -#endif - -#ifndef HAVE_INET_ATON -/* Minimal implementation of inet_aton. Doesn't handle hex numbers. */ -int inet_aton(const char *cp, struct in_addr *adr); -#endif - -#if !defined(HAVE_GETCWD) -char* getcwd(char *path, size_t size); -#endif - -#ifndef HAVE_GETENT -int getent(char *cp, char *name); -#endif - -#ifdef HAVE_PWD_H -#include <pwd.h> -struct passwd *k_getpwnam (char *user); -struct passwd *k_getpwuid (uid_t uid); -#endif - -#ifndef HAVE_SETEUID -int seteuid(int euid); -#endif - -#ifndef HAVE_SETEGID -int setegid(int egid); -#endif - -#ifndef HAVE_LSTAT -int lstat(const char *path, struct stat *buf); -#endif - -#ifndef HAVE_MKSTEMP -int mkstemp(char *); -#endif - -#ifndef HAVE_INITGROUPS -int initgroups(const char *name, gid_t basegid); -#endif - -#ifndef HAVE_FCHOWN -int fchown(int fd, uid_t owner, gid_t group); -#endif - -#ifndef HAVE_CHOWN -int chown(const char *path, uid_t owner, gid_t group); -#endif - -#ifndef HAVE_RCMD -int rcmd(char **ahost, unsigned short inport, const char *locuser, - const char *remuser, const char *cmd, int *fd2p); -#endif - -#ifdef TIME_WITH_SYS_TIME -#include <sys/time.h> -#include <time.h> -#elif defined(HAVE_SYS_TIME_H) -#include <sys/time.h> -#else -#include <time.h> -#endif - -time_t tm2time (struct tm tm, int local); - -int unix_verify_user(char *user, char *password); - -void inaddr2str(struct in_addr addr, char *s, size_t len); - -void mini_inetd (int port); - -#ifndef HAVE_STRUCT_WINSIZE -struct winsize { - unsigned short ws_row, ws_col; - unsigned short ws_xpixel, ws_ypixel; -}; -#endif - -int get_window_size(int fd, struct winsize *); - -#ifndef INADDR_NONE -#define INADDR_NONE 0xffffffff -#endif - -#ifndef SOMAXCONN -#define SOMAXCONN 5 -#endif - -#ifndef STDIN_FILENO -#define STDIN_FILENO 0 -#endif - -#ifndef STDOUT_FILENO -#define STDOUT_FILENO 1 -#endif - -#ifndef STDERR_FILENO -#define STDERR_FILENO 2 -#endif - -#ifndef max -#define max(a,b) (((a)>(b))?(a):(b)) -#endif - -#ifndef min -#define min(a,b) (((a)<(b))?(a):(b)) -#endif - -#ifndef TRUE -#define TRUE 1 -#endif - -#ifndef FALSE -#define FALSE 0 -#endif - -#ifdef HAVE_SYSLOG_H -#include <syslog.h> -/* Misc definitions for old syslogs */ - -#ifndef LOG_DAEMON -#define openlog(id,option,facility) openlog((id),(option)) -#define LOG_DAEMON 0 -#endif -#ifndef LOG_ODELAY -#define LOG_ODELAY 0 -#endif -#ifndef LOG_NDELAY -#define LOG_NDELAY 0x08 -#endif -#ifndef LOG_CONS -#define LOG_CONS 0 -#endif -#ifndef LOG_AUTH -#define LOG_AUTH 0 -#endif -#ifndef LOG_AUTHPRIV -#define LOG_AUTHPRIV LOG_AUTH -#endif -#endif - -#ifndef HAVE_OPTARG_DECLARATION -extern char *optarg; -#endif -#ifndef HAVE_OPTIND_DECLARATION -extern int optind; -#endif -#ifndef HAVE_OPTERR_DECLARATION -extern int opterr; -#endif - -#ifndef HAVE___PROGNAME_DECLARATION -extern const char *__progname; -#endif - -void set_progname(char *argv0); - -#ifdef HAVE_PATHS_H -#include <paths.h> -#endif - -#ifndef _PATH_DEVNULL -#define _PATH_DEVNULL "/dev/null" -#endif - -#endif /* __ROKEN_H__ */ diff --git a/crypto/kerberosIV/man/kinit.1 b/crypto/kerberosIV/man/kinit.1 index 75f0e70..7d05b30 100644 --- a/crypto/kerberosIV/man/kinit.1 +++ b/crypto/kerberosIV/man/kinit.1 @@ -1,4 +1,5 @@ -.\" $Id$ +.\" $Id: kinit.1,v 1.4 1998/12/18 16:57:29 assar Exp $ +.\" $FreeBSD$ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -110,7 +111,7 @@ server. .B \-v Verbose mode. .I kinit -prints the realm you are in, the name of the ticket file used, and +prints the name of the ticket file used, and a status message indicating the success or failure of your login attempt. .TP @@ -122,7 +123,7 @@ restrictions in Kerberos Version 4, this value must be between 5 and .TP .B \-p .I kinit -will acquires a ticket for chpass.kerberos. +will acquires a ticket for changepw.kerberos. .SH SEE ALSO .PP kerberos(1), kdestroy(1), klist(1), toehold(1) diff --git a/crypto/kerberosIV/man/kprop.8 b/crypto/kerberosIV/man/kprop.8 index 9f9acc2..62761e5 100644 --- a/crypto/kerberosIV/man/kprop.8 +++ b/crypto/kerberosIV/man/kprop.8 @@ -1,4 +1,5 @@ -.\" $Id: kprop.8,v 1.1.1.1 1997/09/04 06:04:32 markm Exp $ +.\" $Id: kprop.8,v 1.2 1996/06/15 17:03:22 assar Exp $ +.\" $FreeBSD$ .\" .Dd June 7, 1996 .Dt KPROP 8 @@ -53,6 +54,6 @@ on the master server. .It Pa /etc/srvtab .El .Sh SEE ALSO -.Xr kadmind 8 , +.Xr kpropd 8 , .Xr kerberos 8 , -.Xr kpropd 8 +.Xr kadmind 8 diff --git a/crypto/kerberosIV/man/kpropd.8 b/crypto/kerberosIV/man/kpropd.8 index 6b30463..be46ca3 100644 --- a/crypto/kerberosIV/man/kpropd.8 +++ b/crypto/kerberosIV/man/kpropd.8 @@ -1,4 +1,5 @@ -.\" $Id: kpropd.8,v 1.1.1.1 1997/09/04 06:04:32 markm Exp $ +.\" $Id: kpropd.8,v 1.2 1997/02/07 22:04:55 assar Exp $ +.\" $FreeBSD$ .\" .Dd June 7, 1996 .Dt KPROPD 8 @@ -49,15 +50,15 @@ default is Realm if other than the default realm. .It Fl s Srvtab if other than -.Pa /etc/srvtab . +.Pa /etc/kerberosIV/srvtab . .El .Sh FILES .Bl -tag -width indent -compact -.It Pa /var/kerberos/principal.{db,dir,pag} +.It Pa /var/db/kerberos/principal.{db,dir,pag} .It Pa /var/log/kpropd.log .It Pa /etc/srvtab .El .Sh SEE ALSO -.Xr kadmind 8 , +.Xr kprop 8 , .Xr kerberos 8 , -.Xr kprop 8 +.Xr kadmind 8 diff --git a/crypto/kerberosIV/man/ksrvutil.8 b/crypto/kerberosIV/man/ksrvutil.8 index aee24d7..23db919 100644 --- a/crypto/kerberosIV/man/ksrvutil.8 +++ b/crypto/kerberosIV/man/ksrvutil.8 @@ -1,4 +1,5 @@ -.\" $Id: ksrvutil.8,v 1.1.1.1 1997/09/04 06:04:32 markm Exp $ +.\" $Id: ksrvutil.8,v 1.3 1996/06/12 21:29:27 bg Exp $ +.\" $FreeBSD$ .\" Copyright 1989 by the Massachusetts Institute of Technology. .\" .\" For copying and distribution information, @@ -97,8 +98,8 @@ with the result should always give a usable keyfile, although the resulting keyfile will have some out of date keys in it. .Sh SEE ALSO -.Xr ksrvtgt 1 , -.Xr kadmin 8 +.Xr kadmin 8 , +.Xr ksrvtgt 1 .Sh AUTHOR Emanuel Jay Berkenbilt, MIT Project Athena |