diff options
| author | stas <stas@FreeBSD.org> | 2012-03-22 08:48:42 +0000 |
|---|---|---|
| committer | stas <stas@FreeBSD.org> | 2012-03-22 08:48:42 +0000 |
| commit | e7e0b349883e80d63c4e856f16351aaa6607766d (patch) | |
| tree | 5518cb944fa25f627a797b58451ccf506b720fcf /kerberos5/lib | |
| parent | e02fd6b8423e63f1fdbfc1f984d7c7291a1bacd1 (diff) | |
| parent | 2db247d3fc10ef5304f61dbd66448efff8cc6684 (diff) | |
| download | FreeBSD-src-e7e0b349883e80d63c4e856f16351aaa6607766d.zip FreeBSD-src-e7e0b349883e80d63c4e856f16351aaa6607766d.tar.gz | |
- Update FreeBSD Heimdal distribution to version 1.5.1. This also brings
several new kerberos related libraries and applications to FreeBSD:
o kgetcred(1) allows one to manually get a ticket for a particular service.
o kf(1) securily forwards ticket to another host through an authenticated
and encrypted stream.
o kcc(1) is an umbrella program around klist(1), kswitch(1), kgetcred(1)
and other user kerberos operations. klist and kswitch are just symlinks
to kcc(1) now.
o kswitch(1) allows you to easily switch between kerberos credentials if
you're running KCM.
o hxtool(1) is a certificate management tool to use with PKINIT.
o string2key(1) maps a password into key.
o kdigest(8) is a userland tool to access the KDC's digest interface.
o kimpersonate(8) creates a "fake" ticket for a service.
We also now install manpages for some lirbaries that were not installed
before, libheimntlm and libhx509.
- The new HEIMDAL version no longer supports Kerberos 4. All users are
recommended to switch to Kerberos 5.
- Weak ciphers are now disabled by default. To enable DES support (used
by telnet(8)), use "allow_weak_crypto" option in krb5.conf.
- libtelnet, pam_ksu and pam_krb5 are now compiled with error on warnings
disabled due to the function they use (krb5_get_err_text(3)) being
deprecated. I plan to work on this next.
- Heimdal's KDC now require sqlite to operate. We use the bundled version
and install it as libheimsqlite. If some other FreeBSD components will
require it in the future we can rename it to libbsdsqlite and use for these
components as well.
- This is not a latest Heimdal version, the new one was released while I was
working on the update. I will update it to 1.5.2 soon, as it fixes some
important bugs and security issues.
Diffstat (limited to 'kerberos5/lib')
26 files changed, 1281 insertions, 634 deletions
diff --git a/kerberos5/lib/Makefile b/kerberos5/lib/Makefile index c629f24..d1d44e0 100644 --- a/kerberos5/lib/Makefile +++ b/kerberos5/lib/Makefile @@ -3,6 +3,6 @@ SUBDIR= libasn1 libgssapi_krb5 libgssapi_ntlm libgssapi_spnego libhdb \ libheimntlm libhx509 libkadm5clnt libkadm5srv libkafs5 libkrb5 \ - libroken libsl libvers + libroken libsl libvers libkdc libwind libheimsqlite libheimbase libheimipcc libheimipcs .include <bsd.subdir.mk> diff --git a/kerberos5/lib/Makefile.inc b/kerberos5/lib/Makefile.inc index dc07383..264328e 100644 --- a/kerberos5/lib/Makefile.inc +++ b/kerberos5/lib/Makefile.inc @@ -1,5 +1,5 @@ # $FreeBSD$ -SHLIB_MAJOR?= 10 +SHLIB_MAJOR?= 11 .include "../Makefile.inc" diff --git a/kerberos5/lib/libasn1/Makefile b/kerberos5/lib/libasn1/Makefile index cf91a4b..46bff18 100644 --- a/kerberos5/lib/libasn1/Makefile +++ b/kerberos5/lib/libasn1/Makefile @@ -2,12 +2,14 @@ LIB= asn1 LDFLAGS= -Wl,--no-undefined -INCS= asn1_err.h heim_asn1.h +INCS= asn1_err.h asn1-common.h heim_asn1.h der.h der-protos.h der-private.h LDADD= -lcom_err -lroken DPADD= ${LIBCOM_ERR} ${LIBROKEN} +VERSION_MAP= ${KRB5DIR}/lib/asn1/version-script.map SRCS= asn1_err.c \ asn1_err.h \ + der.c \ der_copy.c \ der_cmp.c \ der_free.c \ @@ -16,401 +18,21 @@ SRCS= asn1_err.c \ der_length.c \ der_put.c \ extra.c \ + template.c \ timegm.c \ - ${GEN:S/.x$/.c/} + ${GEN:S/.x$/.c/:S/.hx$/.h/} CFLAGS+=-I${KRB5DIR}/lib/asn1 -I${KRB5DIR}/lib/roken -I. -GEN_RFC2459 = \ - asn1_Version.x \ - asn1_id_pkcs_1.x \ - asn1_id_pkcs1_rsaEncryption.x \ - asn1_id_pkcs1_md2WithRSAEncryption.x \ - asn1_id_pkcs1_md5WithRSAEncryption.x \ - asn1_id_pkcs1_sha1WithRSAEncryption.x \ - asn1_id_pkcs1_sha256WithRSAEncryption.x \ - asn1_id_pkcs1_sha384WithRSAEncryption.x \ - asn1_id_pkcs1_sha512WithRSAEncryption.x \ - asn1_id_heim_rsa_pkcs1_x509.x \ - asn1_id_pkcs_2.x \ - asn1_id_pkcs2_md2.x \ - asn1_id_pkcs2_md4.x \ - asn1_id_pkcs2_md5.x \ - asn1_id_rsa_digestAlgorithm.x \ - asn1_id_rsa_digest_md2.x \ - asn1_id_rsa_digest_md4.x \ - asn1_id_rsa_digest_md5.x \ - asn1_id_pkcs_3.x \ - asn1_id_pkcs3_rc2_cbc.x \ - asn1_id_pkcs3_rc4.x \ - asn1_id_pkcs3_des_ede3_cbc.x \ - asn1_id_rsadsi_encalg.x \ - asn1_id_rsadsi_rc2_cbc.x \ - asn1_id_rsadsi_des_ede3_cbc.x \ - asn1_id_secsig_sha_1.x \ - asn1_id_nistAlgorithm.x \ - asn1_id_nist_aes_algs.x \ - asn1_id_aes_128_cbc.x \ - asn1_id_aes_192_cbc.x \ - asn1_id_aes_256_cbc.x \ - asn1_id_nist_sha_algs.x \ - asn1_id_sha256.x \ - asn1_id_sha224.x \ - asn1_id_sha384.x \ - asn1_id_sha512.x \ - asn1_id_dhpublicnumber.x \ - asn1_id_x9_57.x \ - asn1_id_dsa.x \ - asn1_id_dsa_with_sha1.x \ - asn1_id_x520_at.x \ - asn1_id_at_commonName.x \ - asn1_id_at_surname.x \ - asn1_id_at_serialNumber.x \ - asn1_id_at_countryName.x \ - asn1_id_at_localityName.x \ - asn1_id_at_streetAddress.x \ - asn1_id_at_stateOrProvinceName.x \ - asn1_id_at_organizationName.x \ - asn1_id_at_organizationalUnitName.x \ - asn1_id_at_name.x \ - asn1_id_at_givenName.x \ - asn1_id_at_initials.x \ - asn1_id_at_generationQualifier.x \ - asn1_id_at_pseudonym.x \ - asn1_id_Userid.x \ - asn1_id_domainComponent.x \ - asn1_id_x509_ce.x \ - asn1_id_uspkicommon_card_id.x \ - asn1_id_uspkicommon_piv_interim.x \ - asn1_id_netscape.x \ - asn1_id_netscape_cert_comment.x \ - asn1_id_ms_cert_enroll_domaincontroller.x \ - asn1_id_ms_client_authentication.x \ - asn1_AlgorithmIdentifier.x \ - asn1_AttributeType.x \ - asn1_AttributeValue.x \ - asn1_TeletexStringx.x \ - asn1_DirectoryString.x \ - asn1_Attribute.x \ - asn1_AttributeTypeAndValue.x \ - asn1_AuthorityInfoAccessSyntax.x \ - asn1_AccessDescription.x \ - asn1_RelativeDistinguishedName.x \ - asn1_RDNSequence.x \ - asn1_Name.x \ - asn1_CertificateSerialNumber.x \ - asn1_Time.x \ - asn1_Validity.x \ - asn1_UniqueIdentifier.x \ - asn1_SubjectPublicKeyInfo.x \ - asn1_Extension.x \ - asn1_Extensions.x \ - asn1_TBSCertificate.x \ - asn1_Certificate.x \ - asn1_Certificates.x \ - asn1_ValidationParms.x \ - asn1_DomainParameters.x \ - asn1_DHPublicKey.x \ - asn1_OtherName.x \ - asn1_GeneralName.x \ - asn1_GeneralNames.x \ - asn1_id_x509_ce_keyUsage.x \ - asn1_KeyUsage.x \ - asn1_id_x509_ce_authorityKeyIdentifier.x \ - asn1_KeyIdentifier.x \ - asn1_AuthorityKeyIdentifier.x \ - asn1_id_x509_ce_subjectKeyIdentifier.x \ - asn1_SubjectKeyIdentifier.x \ - asn1_id_x509_ce_basicConstraints.x \ - asn1_BasicConstraints.x \ - asn1_id_x509_ce_nameConstraints.x \ - asn1_BaseDistance.x \ - asn1_GeneralSubtree.x \ - asn1_GeneralSubtrees.x \ - asn1_NameConstraints.x \ - asn1_id_x509_ce_privateKeyUsagePeriod.x \ - asn1_id_x509_ce_certificatePolicies.x \ - asn1_id_x509_ce_policyMappings.x \ - asn1_id_x509_ce_subjectAltName.x \ - asn1_id_x509_ce_issuerAltName.x \ - asn1_id_x509_ce_subjectDirectoryAttributes.x \ - asn1_id_x509_ce_policyConstraints.x \ - asn1_id_x509_ce_extKeyUsage.x \ - asn1_ExtKeyUsage.x \ - asn1_id_x509_ce_cRLDistributionPoints.x \ - asn1_id_x509_ce_deltaCRLIndicator.x \ - asn1_id_x509_ce_issuingDistributionPoint.x \ - asn1_id_x509_ce_holdInstructionCode.x \ - asn1_id_x509_ce_invalidityDate.x \ - asn1_id_x509_ce_certificateIssuer.x \ - asn1_id_x509_ce_inhibitAnyPolicy.x \ - asn1_DistributionPointReasonFlags.x \ - asn1_DistributionPointName.x \ - asn1_DistributionPoint.x \ - asn1_CRLDistributionPoints.x \ - asn1_DSASigValue.x \ - asn1_DSAPublicKey.x \ - asn1_DSAParams.x \ - asn1_RSAPublicKey.x \ - asn1_RSAPrivateKey.x \ - asn1_DigestInfo.x \ - asn1_TBSCRLCertList.x \ - asn1_CRLCertificateList.x \ - asn1_id_x509_ce_cRLNumber.x \ - asn1_id_x509_ce_freshestCRL.x \ - asn1_id_x509_ce_cRLReason.x \ - asn1_CRLReason.x \ - asn1_PKIXXmppAddr.x \ - asn1_id_pkix.x \ - asn1_id_pkix_on.x \ - asn1_id_pkix_on_dnsSRV.x \ - asn1_id_pkix_on_xmppAddr.x \ - asn1_id_pkix_kp.x \ - asn1_id_pkix_kp_serverAuth.x \ - asn1_id_pkix_kp_clientAuth.x \ - asn1_id_pkix_kp_emailProtection.x \ - asn1_id_pkix_kp_timeStamping.x \ - asn1_id_pkix_kp_OCSPSigning.x \ - asn1_id_pkix_pe.x \ - asn1_id_pkix_pe_authorityInfoAccess.x \ - asn1_id_pkix_pe_proxyCertInfo.x \ - asn1_id_pkix_ppl.x \ - asn1_id_pkix_ppl_anyLanguage.x \ - asn1_id_pkix_ppl_inheritAll.x \ - asn1_id_pkix_ppl_independent.x \ - asn1_ProxyPolicy.x \ - asn1_ProxyCertInfo.x - -GEN_CMS = \ - asn1_CMSAttributes.x \ - asn1_CMSCBCParameter.x \ - asn1_CMSEncryptedData.x \ - asn1_CMSIdentifier.x \ - asn1_CMSRC2CBCParameter.x \ - asn1_CMSVersion.x \ - asn1_CertificateList.x \ - asn1_CertificateRevocationLists.x \ - asn1_CertificateSet.x \ - asn1_ContentEncryptionAlgorithmIdentifier.x \ - asn1_ContentInfo.x \ - asn1_ContentType.x \ - asn1_DigestAlgorithmIdentifier.x \ - asn1_DigestAlgorithmIdentifiers.x \ - asn1_EncapsulatedContentInfo.x \ - asn1_EncryptedContent.x \ - asn1_EncryptedContentInfo.x \ - asn1_EncryptedKey.x \ - asn1_EnvelopedData.x \ - asn1_IssuerAndSerialNumber.x \ - asn1_KeyEncryptionAlgorithmIdentifier.x \ - asn1_KeyTransRecipientInfo.x \ - asn1_MessageDigest.x \ - asn1_OriginatorInfo.x \ - asn1_RecipientIdentifier.x \ - asn1_RecipientInfo.x \ - asn1_RecipientInfos.x \ - asn1_SignatureAlgorithmIdentifier.x \ - asn1_SignatureValue.x \ - asn1_SignedData.x \ - asn1_SignerIdentifier.x \ - asn1_SignerInfo.x \ - asn1_SignerInfos.x \ - asn1_id_pkcs7.x \ - asn1_id_pkcs7_data.x \ - asn1_id_pkcs7_digestedData.x \ - asn1_id_pkcs7_encryptedData.x \ - asn1_id_pkcs7_envelopedData.x \ - asn1_id_pkcs7_signedAndEnvelopedData.x \ - asn1_id_pkcs7_signedData.x \ - asn1_UnprotectedAttributes.x - -GEN_K5= asn1_AD_AND_OR.x \ - asn1_AD_IF_RELEVANT.x \ - asn1_AD_KDCIssued.x \ - asn1_AD_MANDATORY_FOR_KDC.x \ - asn1_AD_LoginAlias.x \ - asn1_APOptions.x \ - asn1_AP_REP.x \ - asn1_AP_REQ.x \ - asn1_AS_REP.x \ - asn1_AS_REQ.x \ - asn1_AUTHDATA_TYPE.x \ - asn1_Authenticator.x \ - asn1_AuthorizationData.x \ - asn1_AuthorizationDataElement.x \ - asn1_CKSUMTYPE.x \ - asn1_ChangePasswdDataMS.x \ - asn1_Checksum.x \ - asn1_ENCTYPE.x \ - asn1_ETYPE_INFO.x \ - asn1_ETYPE_INFO2.x \ - asn1_ETYPE_INFO2_ENTRY.x \ - asn1_ETYPE_INFO_ENTRY.x \ - asn1_EncAPRepPart.x \ - asn1_EncASRepPart.x \ - asn1_EncKDCRepPart.x \ - asn1_EncKrbCredPart.x \ - asn1_EncKrbPrivPart.x \ - asn1_EncTGSRepPart.x \ - asn1_EncTicketPart.x \ - asn1_EncryptedData.x \ - asn1_EncryptionKey.x \ - asn1_EtypeList.x \ - asn1_HostAddress.x \ - asn1_HostAddresses.x \ - asn1_KDCOptions.x \ - asn1_KDC_REP.x \ - asn1_KDC_REQ.x \ - asn1_KDC_REQ_BODY.x \ - asn1_KRB_CRED.x \ - asn1_KRB_ERROR.x \ - asn1_KRB_PRIV.x \ - asn1_KRB_SAFE.x \ - asn1_KRB_SAFE_BODY.x \ - asn1_KerberosString.x \ - asn1_KerberosTime.x \ - asn1_KrbCredInfo.x \ - asn1_LR_TYPE.x \ - asn1_LastReq.x \ - asn1_MESSAGE_TYPE.x \ - asn1_METHOD_DATA.x \ - asn1_NAME_TYPE.x \ - asn1_PADATA_TYPE.x \ - asn1_PA_DATA.x \ - asn1_PA_ENC_SAM_RESPONSE_ENC.x \ - asn1_PA_ENC_TS_ENC.x \ - asn1_PA_PAC_REQUEST.x \ - asn1_PA_S4U2Self.x \ - asn1_PA_SAM_CHALLENGE_2.x \ - asn1_PA_SAM_CHALLENGE_2_BODY.x \ - asn1_PA_SAM_REDIRECT.x \ - asn1_PA_SAM_RESPONSE_2.x \ - asn1_PA_SAM_TYPE.x \ - asn1_PA_ClientCanonicalized.x \ - asn1_PA_ClientCanonicalizedNames.x \ - asn1_PA_SvrReferralData.x \ - asn1_PROV_SRV_LOCATION.x \ - asn1_Principal.x \ - asn1_PrincipalName.x \ - asn1_Realm.x \ - asn1_SAMFlags.x \ - asn1_TGS_REP.x \ - asn1_TGS_REQ.x \ - asn1_TYPED_DATA.x \ - asn1_Ticket.x \ - asn1_TicketFlags.x \ - asn1_TransitedEncoding.x \ - asn1_TypedData.x \ - asn1_krb5int32.x \ - asn1_krb5uint32.x \ - asn1_KRB5SignedPathData.x \ - asn1_KRB5SignedPathPrincipals.x \ - asn1_KRB5SignedPath.x - -GEN_PKINIT = \ - asn1_id_pkinit.x \ - asn1_id_pkauthdata.x \ - asn1_id_pkdhkeydata.x \ - asn1_id_pkrkeydata.x \ - asn1_id_pkekuoid.x \ - asn1_id_pkkdcekuoid.x \ - asn1_id_pkinit_san.x \ - asn1_id_pkinit_ms_eku.x \ - asn1_id_pkinit_ms_san.x \ - asn1_MS_UPN_SAN.x \ - asn1_DHNonce.x \ - asn1_KDFAlgorithmId.x \ - asn1_TrustedCA.x \ - asn1_ExternalPrincipalIdentifier.x \ - asn1_ExternalPrincipalIdentifiers.x \ - asn1_PA_PK_AS_REQ.x \ - asn1_PKAuthenticator.x \ - asn1_AuthPack.x \ - asn1_TD_TRUSTED_CERTIFIERS.x \ - asn1_TD_INVALID_CERTIFICATES.x \ - asn1_KRB5PrincipalName.x \ - asn1_AD_INITIAL_VERIFIED_CAS.x \ - asn1_DHRepInfo.x \ - asn1_PA_PK_AS_REP.x \ - asn1_KDCDHKeyInfo.x \ - asn1_ReplyKeyPack.x \ - asn1_TD_DH_PARAMETERS.x \ - asn1_PKAuthenticator_Win2k.x \ - asn1_AuthPack_Win2k.x \ - asn1_TrustedCA_Win2k.x \ - asn1_PA_PK_AS_REQ_Win2k.x \ - asn1_PA_PK_AS_REP_Win2k.x \ - asn1_KDCDHKeyInfo_Win2k.x \ - asn1_ReplyKeyPack_Win2k.x \ - asn1_PkinitSuppPubInfo.x - -GEN_PKCS8 = \ - asn1_PKCS8PrivateKeyAlgorithmIdentifier.x \ - asn1_PKCS8PrivateKey.x \ - asn1_PKCS8PrivateKeyInfo.x \ - asn1_PKCS8Attributes.x \ - asn1_PKCS8EncryptedPrivateKeyInfo.x \ - asn1_PKCS8EncryptedData.x - -GEN_PKCS9 = \ - asn1_id_pkcs_9.x \ - asn1_id_pkcs9_contentType.x \ - asn1_id_pkcs9_emailAddress.x \ - asn1_id_pkcs9_messageDigest.x \ - asn1_id_pkcs9_signingTime.x \ - asn1_id_pkcs9_countersignature.x \ - asn1_id_pkcs_9_at_friendlyName.x \ - asn1_id_pkcs_9_at_localKeyId.x \ - asn1_id_pkcs_9_at_certTypes.x \ - asn1_id_pkcs_9_at_certTypes_x509.x \ - asn1_PKCS9_BMPString.x \ - asn1_PKCS9_friendlyName.x - -GEN_PKCS12 = \ - asn1_id_pkcs_12.x \ - asn1_id_pkcs_12PbeIds.x \ - asn1_id_pbeWithSHAAnd128BitRC4.x \ - asn1_id_pbeWithSHAAnd40BitRC4.x \ - asn1_id_pbeWithSHAAnd3_KeyTripleDES_CBC.x \ - asn1_id_pbeWithSHAAnd2_KeyTripleDES_CBC.x \ - asn1_id_pbeWithSHAAnd128BitRC2_CBC.x \ - asn1_id_pbewithSHAAnd40BitRC2_CBC.x \ - asn1_id_pkcs12_bagtypes.x \ - asn1_id_pkcs12_keyBag.x \ - asn1_id_pkcs12_pkcs8ShroudedKeyBag.x \ - asn1_id_pkcs12_certBag.x \ - asn1_id_pkcs12_crlBag.x \ - asn1_id_pkcs12_secretBag.x \ - asn1_id_pkcs12_safeContentsBag.x \ - asn1_PKCS12_MacData.x \ - asn1_PKCS12_PFX.x \ - asn1_PKCS12_AuthenticatedSafe.x \ - asn1_PKCS12_CertBag.x \ - asn1_PKCS12_Attribute.x \ - asn1_PKCS12_Attributes.x \ - asn1_PKCS12_SafeBag.x \ - asn1_PKCS12_SafeContents.x \ - asn1_PKCS12_OctetString.x \ - asn1_PKCS12_PBEParams.x - -GEN_DIGEST= asn1_DigestError.x \ - asn1_DigestInit.x \ - asn1_DigestInitReply.x \ - asn1_DigestREP.x \ - asn1_DigestREQ.x \ - asn1_DigestRepInner.x \ - asn1_DigestReqInner.x \ - asn1_DigestRequest.x \ - asn1_DigestResponse.x \ - asn1_DigestTypes.x \ - asn1_NTLMInit.x \ - asn1_NTLMInitReply.x \ - asn1_NTLMRequest.x \ - asn1_NTLMResponse.x - -GEN_KX509 = \ - asn1_Kx509Response.x \ - asn1_Kx509Request.x +GEN_RFC2459= asn1_rfc2459_asn1.x rfc2459_asn1.hx rfc2459_asn1-priv.hx +GEN_CMS= asn1_cms_asn1.x cms_asn1.hx cms_asn1-priv.hx +GEN_K5= asn1_krb5_asn1.x krb5_asn1.hx krb5_asn1-priv.hx +GEN_PKINIT= asn1_pkinit_asn1.x pkinit_asn1.hx pkinit_asn1-priv.hx +GEN_PKCS8= asn1_pkcs8_asn1.x pkcs8_asn1.hx pkcs8_asn1-priv.hx +GEN_PKCS9= asn1_pkcs9_asn1.x pkcs9_asn1.hx pkcs9_asn1-priv.hx +GEN_PKCS12= asn1_pkcs12_asn1.x pkcs12_asn1.hx pkcs12_asn1-priv.hx +GEN_DIGEST= asn1_digest_asn1.x digest_asn1.hx digest_asn1-priv.hx +GEN_KX509= asn1_kx509_asn1.x kx509_asn1.hx kx509_asn1-priv.hx GEN+= ${GEN_RFC2459} GEN+= ${GEN_CMS} @@ -422,21 +44,27 @@ GEN+= ${GEN_PKCS12} GEN+= ${GEN_DIGEST} GEN+= ${GEN_KX509} -CLEANFILES= ${GEN} ${GEN:S/.x$/.c/} *_asn1_files +CLEANFILES= ${GEN} ${GEN:S/.x$/.c/:S/.hx$/.h/} *_asn1_files -GEN_ASN1=cms_asn1.h rfc2459_asn1.h krb5_asn1.h pkinit_asn1.h -GEN_ASN1+=pkcs8_asn1.h pkcs9_asn1.h pkcs12_asn1.h digest_asn1.h kx509_asn1.h -SRCS+= ${GEN_ASN1} -INCS+= ${GEN_ASN1} -CLEANFILES+=${GEN_ASN1} +INCS+= krb5_asn1.h \ + pkinit_asn1.h \ + cms_asn1.h \ + rfc2459_asn1.h \ + pkcs8_asn1.h \ + pkcs9_asn1.h \ + pkcs12_asn1.h \ + digest_asn1.h \ + kx509_asn1.h -.ORDER: ${GEN} ${GEN_ASN1} +ASN1_COMPILE= asn1_compile -${GEN_CMS} cms_asn1.h: CMS.asn1 ../../tools/asn1_compile/asn1_compile - ../../tools/asn1_compile/asn1_compile ${.ALLSRC:M*.asn1} cms_asn1 +${GEN_CMS}: cms.asn1 cms.opt + ${ASN1_COMPILE} --one-code-file \ + --option-file=${.ALLSRC:M*.opt} ${.ALLSRC:M*.asn1} cms_asn1 -${GEN_RFC2459} rfc2459_asn1.h: rfc2459.asn1 ../../tools/asn1_compile/asn1_compile - ../../tools/asn1_compile/asn1_compile \ +${GEN_RFC2459}: rfc2459.asn1 + ${ASN1_COMPILE} \ + --one-code-file \ --preserve-binary=TBSCertificate \ --preserve-binary=TBSCRLCertList \ --preserve-binary=Name \ @@ -444,41 +72,46 @@ ${GEN_RFC2459} rfc2459_asn1.h: rfc2459.asn1 ../../tools/asn1_compile/asn1_compil --sequence=Extensions \ --sequence=CRLDistributionPoints ${.ALLSRC:M*.asn1} rfc2459_asn1 -${GEN_K5} krb5_asn1.h: k5.asn1 ../../tools/asn1_compile/asn1_compile - ../../tools/asn1_compile/asn1_compile \ - --encode-rfc1510-bit-string \ - --sequence=KRB5SignedPathPrincipals \ - --sequence=AuthorizationData \ - --sequence=METHOD-DATA \ - --sequence=ETYPE-INFO \ - --sequence=ETYPE-INFO2 ${.ALLSRC:M*.asn1} krb5_asn1 +${GEN_K5}: krb5.asn1 krb5.opt + ${ASN1_COMPILE} \ + --one-code-file \ + --option-file=${.ALLSRC:M*.opt} \ + ${.ALLSRC:M*.asn1} krb5_asn1 -${GEN_PKINIT} pkinit_asn1.h: pkinit.asn1 ../../tools/asn1_compile/asn1_compile - ../../tools/asn1_compile/asn1_compile ${.ALLSRC:M*.asn1} pkinit_asn1 +${GEN_PKINIT}: pkinit.asn1 + ${ASN1_COMPILE} --one-code-file \ + ${.ALLSRC:M*.asn1} pkinit_asn1 -${GEN_PKCS8} pkcs8_asn1.h: pkcs8.asn1 ../../tools/asn1_compile/asn1_compile - ../../tools/asn1_compile/asn1_compile ${.ALLSRC:M*.asn1} pkcs8_asn1 +${GEN_PKCS8}: pkcs8.asn1 + ${ASN1_COMPILE} --one-code-file \ + ${.ALLSRC:M*.asn1} pkcs8_asn1 -${GEN_PKCS9} pkcs9_asn1.h: pkcs9.asn1 ../../tools/asn1_compile/asn1_compile - ../../tools/asn1_compile/asn1_compile ${.ALLSRC:M*.asn1} pkcs9_asn1 +${GEN_PKCS9}: pkcs9.asn1 + ${ASN1_COMPILE} --one-code-file \ + ${.ALLSRC:M*.asn1} pkcs9_asn1 -${GEN_PKCS12} pkcs12_asn1.h: pkcs12.asn1 ../../tools/asn1_compile/asn1_compile - ../../tools/asn1_compile/asn1_compile ${.ALLSRC:M*.asn1} pkcs12_asn1 +${GEN_PKCS12}: pkcs12.asn1 + ${ASN1_COMPILE} --one-code-file \ + ${.ALLSRC:M*.asn1} pkcs12_asn1 -${GEN_DIGEST} digest_asn1.h: digest.asn1 ../../tools/asn1_compile/asn1_compile - ../../tools/asn1_compile/asn1_compile ${.ALLSRC:M*.asn1} digest_asn1 +${GEN_DIGEST}: digest.asn1 + ${ASN1_COMPILE} --one-code-file \ + ${.ALLSRC:M*.asn1} digest_asn1 -${GEN_KX509} kx509_asn1.h: kx509.asn1 ../../tools/asn1_compile/asn1_compile - ../../tools/asn1_compile/asn1_compile ${.ALLSRC:M*.asn1} kx509_asn1 +${GEN_KX509}: kx509.asn1 + ${ASN1_COMPILE} --one-code-file \ + ${.ALLSRC:M*.asn1} kx509_asn1 -../../tools/asn1_compile/asn1_compile: - cd ${.CURDIR}/../../tools/asn1_compile && ${MAKE} +.SUFFIXES: .h .c .x .hx -.for I in ${GEN} -${I:R}.c: ${I} - cat ${.ALLSRC} > ${.TARGET} -.endfor +.x.c: + cmp -s ${.IMPSRC} ${.TARGET} 2> /dev/null || cp ${.IMPSRC} ${.TARGET} +.hx.h: + cmp -s ${.IMPSRC} ${.TARGET} 2> /dev/null || cp ${.IMPSRC} ${.TARGET} + .include <bsd.lib.mk> +.SUFFIXES: .h .c .x .hx + .PATH: ${KRB5DIR}/lib/asn1 diff --git a/kerberos5/lib/libgssapi_krb5/Makefile b/kerberos5/lib/libgssapi_krb5/Makefile index 943e875..95a8f20 100644 --- a/kerberos5/lib/libgssapi_krb5/Makefile +++ b/kerberos5/lib/libgssapi_krb5/Makefile @@ -5,6 +5,7 @@ LDFLAGS= -Wl,-Bsymbolic -Wl,--no-undefined LDADD= -lgssapi -lkrb5 -lhx509 -lcrypto -lroken -lasn1 -lcom_err -lcrypt DPADD= ${LIBGSSAPI} ${LIBKRB5} ${LIBHX509} ${LIBCRYPTO} ${LIBROKEN} ${LIBASN1} \ ${LIBCOM_ERR} ${LIBCRYPT} +SHLIB_MAJOR= 10 INCS= ${KRB5DIR}/lib/gssapi/gssapi/gssapi_krb5.h INCSDIR= ${INCLUDEDIR}/gssapi @@ -14,7 +15,9 @@ SRCS= 8003.c \ acquire_cred.c \ add_cred.c \ address_to_krb5addr.c \ + aeap.c \ arcfour.c \ + authorize_localname.c \ canonicalize_name.c \ ccache_name.c \ cfx.c \ @@ -22,6 +25,7 @@ SRCS= 8003.c \ compat.c \ context_time.c \ copy_ccache.c \ + creds.c \ decapsulate.c \ delete_sec_context.c \ display_name.c \ @@ -34,6 +38,8 @@ SRCS= 8003.c \ get_mic.c \ gkrb5_err.c \ gkrb5_err.h \ + gsskrb5-private.h \ + gsskrb5_locl.h \ import_name.c \ import_sec_context.c \ indicate_mechs.c \ @@ -56,11 +62,13 @@ SRCS= 8003.c \ sequence.c \ set_cred_option.c \ set_sec_context_option.c \ + store_cred.c \ + ticket_flags.c \ unwrap.c \ - v1.c \ verify_mic.c \ wrap.c \ - gss_krb5.c + gss_krb5.c \ + gss_oid.c #SRCS+= gss_add_oid_set_member.c \ # gss_create_empty_oid_set.c \ @@ -71,6 +79,7 @@ SRCS= 8003.c \ CFLAGS+=-I${KRB5DIR}/lib/gssapi CFLAGS+=-I${KRB5DIR}/lib/gssapi/krb5 +CFLAGS+=-I${KRB5DIR}/lib/gssapi/gssapi CFLAGS+=-I${KRB5DIR}/lib/krb5 CFLAGS+=-I${KRB5DIR}/lib/asn1 CFLAGS+=-I${KRB5DIR}/lib/roken -I. diff --git a/kerberos5/lib/libgssapi_krb5/gss_krb5.c b/kerberos5/lib/libgssapi_krb5/gss_krb5.c index 308efd7..36c69cb 100644 --- a/kerberos5/lib/libgssapi_krb5/gss_krb5.c +++ b/kerberos5/lib/libgssapi_krb5/gss_krb5.c @@ -33,6 +33,7 @@ #include <krb5.h> #include <roken.h> +#include <der.h> OM_uint32 gss_krb5_copy_ccache(OM_uint32 *minor_status, diff --git a/kerberos5/lib/libgssapi_krb5/gss_oid.c b/kerberos5/lib/libgssapi_krb5/gss_oid.c new file mode 100644 index 0000000..d359afa --- /dev/null +++ b/kerberos5/lib/libgssapi_krb5/gss_oid.c @@ -0,0 +1,227 @@ +/* Generated file */ +/* $FreeBSD$ */ +#include <gssapi/gssapi.h> +#include <roken.h> +#include "config.h" + +/* GSS_KRB5_COPY_CCACHE_X - 1.2.752.43.13.1 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_copy_ccache_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x01") }; + +/* GSS_KRB5_GET_TKT_FLAGS_X - 1.2.752.43.13.2 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_tkt_flags_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x02") }; + +/* GSS_KRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT_X - 1.2.752.43.13.3 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_extract_authz_data_from_sec_context_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x03") }; + +/* GSS_KRB5_COMPAT_DES3_MIC_X - 1.2.752.43.13.4 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_compat_des3_mic_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x04") }; + +/* GSS_KRB5_REGISTER_ACCEPTOR_IDENTITY_X - 1.2.752.43.13.5 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_register_acceptor_identity_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x05") }; + +/* GSS_KRB5_EXPORT_LUCID_CONTEXT_X - 1.2.752.43.13.6 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_export_lucid_context_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x06") }; + +/* GSS_KRB5_EXPORT_LUCID_CONTEXT_V1_X - 1.2.752.43.13.6.1 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_export_lucid_context_v1_x_oid_desc = { 7, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x06\x01") }; + +/* GSS_KRB5_SET_DNS_CANONICALIZE_X - 1.2.752.43.13.7 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_set_dns_canonicalize_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x07") }; + +/* GSS_KRB5_GET_SUBKEY_X - 1.2.752.43.13.8 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_subkey_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x08") }; + +/* GSS_KRB5_GET_INITIATOR_SUBKEY_X - 1.2.752.43.13.9 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_initiator_subkey_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x09") }; + +/* GSS_KRB5_GET_ACCEPTOR_SUBKEY_X - 1.2.752.43.13.10 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_acceptor_subkey_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0a") }; + +/* GSS_KRB5_SEND_TO_KDC_X - 1.2.752.43.13.11 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_send_to_kdc_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0b") }; + +/* GSS_KRB5_GET_AUTHTIME_X - 1.2.752.43.13.12 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_authtime_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0c") }; + +/* GSS_KRB5_GET_SERVICE_KEYBLOCK_X - 1.2.752.43.13.13 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_service_keyblock_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0d") }; + +/* GSS_KRB5_SET_ALLOWABLE_ENCTYPES_X - 1.2.752.43.13.14 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_set_allowable_enctypes_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0e") }; + +/* GSS_KRB5_SET_DEFAULT_REALM_X - 1.2.752.43.13.15 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_set_default_realm_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x0f") }; + +/* GSS_KRB5_CCACHE_NAME_X - 1.2.752.43.13.16 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_ccache_name_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x10") }; + +/* GSS_KRB5_SET_TIME_OFFSET_X - 1.2.752.43.13.17 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_set_time_offset_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x11") }; + +/* GSS_KRB5_GET_TIME_OFFSET_X - 1.2.752.43.13.18 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_get_time_offset_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x12") }; + +/* GSS_KRB5_PLUGIN_REGISTER_X - 1.2.752.43.13.19 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_plugin_register_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x13") }; + +/* GSS_NTLM_GET_SESSION_KEY_X - 1.2.752.43.13.20 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_ntlm_get_session_key_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x14") }; + +/* GSS_C_NT_NTLM - 1.2.752.43.13.21 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_nt_ntlm_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x15") }; + +/* GSS_C_NT_DN - 1.2.752.43.13.22 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_nt_dn_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x16") }; + +/* GSS_KRB5_NT_PRINCIPAL_NAME_REFERRAL - 1.2.752.43.13.23 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_nt_principal_name_referral_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x17") }; + +/* GSS_C_NTLM_AVGUEST - 1.2.752.43.13.24 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ntlm_avguest_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x18") }; + +/* GSS_C_NTLM_V1 - 1.2.752.43.13.25 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ntlm_v1_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x19") }; + +/* GSS_C_NTLM_V2 - 1.2.752.43.13.26 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ntlm_v2_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x1a") }; + +/* GSS_C_NTLM_SESSION_KEY - 1.2.752.43.13.27 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ntlm_session_key_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x1b") }; + +/* GSS_C_NTLM_FORCE_V1 - 1.2.752.43.13.28 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ntlm_force_v1_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x1c") }; + +/* GSS_KRB5_CRED_NO_CI_FLAGS_X - 1.2.752.43.13.29 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_cred_no_ci_flags_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x1d") }; + +/* GSS_KRB5_IMPORT_CRED_X - 1.2.752.43.13.30 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_import_cred_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x1e") }; + +/* GSS_C_MA_SASL_MECH_NAME - 1.2.752.43.13.100 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_sasl_mech_name_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x64") }; + +/* GSS_C_MA_MECH_NAME - 1.2.752.43.13.101 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mech_name_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x65") }; + +/* GSS_C_MA_MECH_DESCRIPTION - 1.2.752.43.13.102 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mech_description_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x66") }; + +/* GSS_C_CRED_PASSWORD - 1.2.752.43.13.200 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_cred_password_oid_desc = { 7, "\x2a\x85\x70\x2b\x0d\x81\x48" }; + +/* GSS_C_CRED_CERTIFICATE - 1.2.752.43.13.201 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_cred_certificate_oid_desc = { 7, "\x2a\x85\x70\x2b\x0d\x81\x49" }; + +/* GSS_SASL_DIGEST_MD5_MECHANISM - 1.2.752.43.14.1 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_sasl_digest_md5_mechanism_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0e\x01") }; + +/* GSS_NETLOGON_MECHANISM - 1.2.752.43.14.2 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_netlogon_mechanism_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0e\x02") }; + +/* GSS_NETLOGON_SET_SESSION_KEY_X - 1.2.752.43.14.3 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_netlogon_set_session_key_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0e\x03") }; + +/* GSS_NETLOGON_SET_SIGN_ALGORITHM_X - 1.2.752.43.14.4 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_netlogon_set_sign_algorithm_x_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0e\x04") }; + +/* GSS_NETLOGON_NT_NETBIOS_DNS_NAME - 1.2.752.43.14.5 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_netlogon_nt_netbios_dns_name_oid_desc = { 6, rk_UNCONST("\x2a\x85\x70\x2b\x0e\x05") }; + +/* GSS_C_INQ_WIN2K_PAC_X - 1.2.752.43.13.3.128 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_inq_win2k_pac_x_oid_desc = { 8, rk_UNCONST("\x2a\x85\x70\x2b\x0d\x03\x81\x00") }; + +/* GSS_C_INQ_SSPI_SESSION_KEY - 1.2.840.113554.1.2.2.5.5 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_inq_sspi_session_key_oid_desc = { 11, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x05\x05") }; + +/* GSS_KRB5_MECHANISM - 1.2.840.113554.1.2.2 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_krb5_mechanism_oid_desc = { 9, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12\x01\x02\x02") }; + +/* GSS_NTLM_MECHANISM - 1.3.6.1.4.1.311.2.2.10 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_ntlm_mechanism_oid_desc = { 10, rk_UNCONST("\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a") }; + +/* GSS_SPNEGO_MECHANISM - 1.3.6.1.5.5.2 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_spnego_mechanism_oid_desc = { 6, rk_UNCONST("\x2b\x06\x01\x05\x05\x02") }; + +/* GSS_C_PEER_HAS_UPDATED_SPNEGO - 1.3.6.1.4.1.9513.19.5 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_peer_has_updated_spnego_oid_desc = { 9, rk_UNCONST("\x2b\x06\x01\x04\x01\xca\x29\x13\x05") }; + +/* GSS_C_MA_MECH_CONCRETE - 1.3.6.1.5.5.13.1 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mech_concrete_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x01") }; + +/* GSS_C_MA_MECH_PSEUDO - 1.3.6.1.5.5.13.2 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mech_pseudo_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x02") }; + +/* GSS_C_MA_MECH_COMPOSITE - 1.3.6.1.5.5.13.3 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mech_composite_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x03") }; + +/* GSS_C_MA_MECH_NEGO - 1.3.6.1.5.5.13.4 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mech_nego_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x04") }; + +/* GSS_C_MA_MECH_GLUE - 1.3.6.1.5.5.13.5 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mech_glue_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x05") }; + +/* GSS_C_MA_NOT_MECH - 1.3.6.1.5.5.13.6 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_not_mech_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x06") }; + +/* GSS_C_MA_DEPRECATED - 1.3.6.1.5.5.13.7 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_deprecated_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x07") }; + +/* GSS_C_MA_NOT_DFLT_MECH - 1.3.6.1.5.5.13.8 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_not_dflt_mech_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x08") }; + +/* GSS_C_MA_ITOK_FRAMED - 1.3.6.1.5.5.13.9 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_itok_framed_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x09") }; + +/* GSS_C_MA_AUTH_INIT - 1.3.6.1.5.5.13.10 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_auth_init_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x0a") }; + +/* GSS_C_MA_AUTH_TARG - 1.3.6.1.5.5.13.11 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_auth_targ_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x0b") }; + +/* GSS_C_MA_AUTH_INIT_INIT - 1.3.6.1.5.5.13.12 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_auth_init_init_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x0c") }; + +/* GSS_C_MA_AUTH_TARG_INIT - 1.3.6.1.5.5.13.13 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_auth_targ_init_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x0d") }; + +/* GSS_C_MA_AUTH_INIT_ANON - 1.3.6.1.5.5.13.14 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_auth_init_anon_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x0e") }; + +/* GSS_C_MA_AUTH_TARG_ANON - 1.3.6.1.5.5.13.15 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_auth_targ_anon_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x0f") }; + +/* GSS_C_MA_DELEG_CRED - 1.3.6.1.5.5.13.16 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_deleg_cred_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x10") }; + +/* GSS_C_MA_INTEG_PROT - 1.3.6.1.5.5.13.17 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_integ_prot_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x11") }; + +/* GSS_C_MA_CONF_PROT - 1.3.6.1.5.5.13.18 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_conf_prot_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x12") }; + +/* GSS_C_MA_MIC - 1.3.6.1.5.5.13.19 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_mic_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x13") }; + +/* GSS_C_MA_WRAP - 1.3.6.1.5.5.13.20 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_wrap_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x14") }; + +/* GSS_C_MA_PROT_READY - 1.3.6.1.5.5.13.21 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_prot_ready_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x15") }; + +/* GSS_C_MA_REPLAY_DET - 1.3.6.1.5.5.13.22 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_replay_det_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x16") }; + +/* GSS_C_MA_OOS_DET - 1.3.6.1.5.5.13.23 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_oos_det_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x17") }; + +/* GSS_C_MA_CBINDINGS - 1.3.6.1.5.5.13.24 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_cbindings_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x18") }; + +/* GSS_C_MA_PFS - 1.3.6.1.5.5.13.25 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_pfs_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x19") }; + +/* GSS_C_MA_COMPRESS - 1.3.6.1.5.5.13.26 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_compress_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x1a") }; + +/* GSS_C_MA_CTX_TRANS - 1.3.6.1.5.5.13.27 */ +gss_OID_desc GSSAPI_LIB_VARIABLE __gss_c_ma_ctx_trans_oid_desc = { 7, rk_UNCONST("\x2b\x06\x01\x05\x05\x0d\x1b") }; diff --git a/kerberos5/lib/libgssapi_ntlm/Makefile b/kerberos5/lib/libgssapi_ntlm/Makefile index 98b47f7..7485cfa 100644 --- a/kerberos5/lib/libgssapi_ntlm/Makefile +++ b/kerberos5/lib/libgssapi_ntlm/Makefile @@ -4,6 +4,7 @@ LIB= gssapi_ntlm LDFLAGS= -Wl,-Bsymbolic -Wl,--no-undefined LDADD= -lcrypto -lgssapi -lkrb5 -lhx509 -lheimntlm -lroken DPADD= ${LIBCRYPTO} ${LIBGSSAPI} ${LIBKRB5} ${LIBHX509} ${LIBHEIMNTLM} ${LIBROKEN} +SHLIB_MAJOR= 10 SRCS= accept_sec_context.c \ acquire_cred.c \ @@ -11,6 +12,7 @@ SRCS= accept_sec_context.c \ canonicalize_name.c \ compare_name.c \ context_time.c \ + creds.c \ crypto.c \ delete_sec_context.c \ display_name.c \ @@ -26,19 +28,24 @@ SRCS= accept_sec_context.c \ indicate_mechs.c \ init_sec_context.c \ inquire_context.c \ - inquire_cred.c \ inquire_cred_by_mech.c \ inquire_mechs_for_name.c \ inquire_names_for_mech.c \ + inquire_sec_context_by_oid.c \ + iter_cred.c \ + kdc.c \ prefix.c \ process_context_token.c \ release_cred.c \ release_name.c \ - digest.c + gss_oid.c CFLAGS+=-I${KRB5DIR}/lib/gssapi +CFLAGS+=-I${KRB5DIR}/lib/gssapi/gssapi +CFLAGS+=-I${KRB5DIR}/lib/gssapi/ntlm +CFLAGS+=-I${KRB5DIR}/lib/krb5 CFLAGS+=-I${KRB5DIR}/lib/ntlm .include <bsd.lib.mk> -.PATH: ${KRB5DIR}/lib/gssapi/ntlm ${.CURDIR}/../../../lib/libgssapi +.PATH: ${KRB5DIR}/lib/gssapi/ntlm ${.CURDIR}/../../../lib/libgssapi ${.CURDIR}/../libgssapi_krb5 diff --git a/kerberos5/lib/libgssapi_ntlm/prefix.c b/kerberos5/lib/libgssapi_ntlm/prefix.c index 68db641..1c497ce 100644 --- a/kerberos5/lib/libgssapi_ntlm/prefix.c +++ b/kerberos5/lib/libgssapi_ntlm/prefix.c @@ -26,6 +26,13 @@ * $FreeBSD$ */ +#include <gssapi/gssapi.h> + +gss_OID_desc __gss_c_nt_user_name_oid_desc = + {10, (void *)("\x2a\x86\x48\x86\xf7\x12" "\x01\x02\x01\x01")}; +gss_OID_desc __gss_c_nt_hostbased_service_oid_desc = + {10, (void *)("\x2a\x86\x48\x86\xf7\x12" "\x01\x02\x01\x04")}; + const char * _gss_name_prefix(void) { diff --git a/kerberos5/lib/libgssapi_spnego/Makefile b/kerberos5/lib/libgssapi_spnego/Makefile index ce44dbe..ddaac08 100644 --- a/kerberos5/lib/libgssapi_spnego/Makefile +++ b/kerberos5/lib/libgssapi_spnego/Makefile @@ -2,8 +2,9 @@ LIB= gssapi_spnego LDFLAGS= -Wl,-Bsymbolic -Wl,--no-undefined -LDADD= -lgssapi -lasn1 -lroken -DPADD= ${LIBGSSAPI} ${LIBASN1} ${LIBROKEN} +LDADD= -lgssapi -lheimbase -lasn1 -lroken +DPADD= ${LIBGSSAPI} ${LIBHEIMBASE} ${LIBASN1} ${LIBROKEN} +SHLIB_MAJOR= 10 SRCS= accept_sec_context.c \ compat.c \ @@ -11,9 +12,12 @@ SRCS= accept_sec_context.c \ cred_stubs.c \ external.c \ init_sec_context.c \ - prefix.c \ + freebsd_compat.c \ + spnego-private.h \ + spnego_locl.h \ spnego_asn1.h \ - ${GEN:S/.x$/.c/} + ${GEN:S/.x$/.c/:S/.hx$/.h/} \ + gss_oid.c GEN= asn1_ContextFlags.x \ asn1_MechType.x \ @@ -23,26 +27,36 @@ GEN= asn1_ContextFlags.x \ asn1_NegHints.x \ asn1_NegTokenInit.x \ asn1_NegTokenInitWin.x \ - asn1_NegTokenResp.x + asn1_NegTokenResp.x \ + spnego_asn1.hx \ + spnego_asn1-priv.hx CFLAGS+=-I${KRB5DIR}/lib/gssapi +CFLAGS+=-I${KRB5DIR}/lib/gssapi/gssapi +CFLAGS+=-I${KRB5DIR}/lib/gssapi/spnego CFLAGS+=-I${KRB5DIR}/lib/asn1 +CFLAGS+=-I${.CURDIR}/../../../lib/libgssapi CFLAGS+=-I${KRB5DIR}/lib/roken -I. -CLEANFILES= ${GEN} ${GEN:S/.x$/.c/} spnego_asn1.h asn1_files +CLEANFILES= ${GEN} ${GEN:S/.x$/.c/:S/.hx$/.h/} \ + spnego_asn1_files spnego_asn1-template.c -.ORDER: ${GEN} spnego_asn1.h -${GEN} spnego_asn1.h: spnego.asn1 ../../tools/asn1_compile/asn1_compile - ../../tools/asn1_compile/asn1_compile --sequence=MechTypeList ${.ALLSRC:M*.asn1} spnego_asn1 +ASN1_COMPILE= asn1_compile -../../tools/asn1_compile/asn1_compile: - cd ${.CURDIR}/../../tools/asn1_compile && ${MAKE} +${GEN}: spnego.asn1 spnego.opt + ${ASN1_COMPILE} --option-file=${.ALLSRC:M*.opt} \ + ${.ALLSRC:M*.asn1} spnego_asn1 -.for I in ${GEN} -${I:R}.c: ${I} - cat ${.ALLSRC} > ${.TARGET} -.endfor +.SUFFIXES: .h .c .x .hx + +.x.c: + cmp -s ${.IMPSRC} ${.TARGET} 2> /dev/null || cp ${.IMPSRC} ${.TARGET} + +.hx.h: + cmp -s ${.IMPSRC} ${.TARGET} 2> /dev/null || cp ${.IMPSRC} ${.TARGET} .include <bsd.lib.mk> -.PATH: ${KRB5DIR}/lib/gssapi/spnego ${.CURDIR}/../../../lib/libgssapi +.SUFFIXES: .h .c .x .hx + +.PATH: ${KRB5DIR}/lib/gssapi/spnego ${.CURDIR}/../../../lib/libgssapi ${.CURDIR}/../libgssapi_krb5 diff --git a/kerberos5/lib/libgssapi_spnego/freebsd_compat.c b/kerberos5/lib/libgssapi_spnego/freebsd_compat.c new file mode 100644 index 0000000..d6a9a6e --- /dev/null +++ b/kerberos5/lib/libgssapi_spnego/freebsd_compat.c @@ -0,0 +1,84 @@ +/*- + * Copyright (c) 2008 Doug Rabson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#include <gssapi/gssapi.h> +#include <mech_switch.h> + +gss_OID_desc __gss_c_nt_hostbased_service_oid_desc = + {10, (void *)("\x2a\x86\x48\x86\xf7\x12" "\x01\x02\x01\x04")}; + +const char * +_gss_name_prefix(void) +{ + return "_gss_spnego"; +} + +void +gss_mg_collect_error(gss_OID mech, OM_uint32 maj, OM_uint32 min) +{ + _gss_mg_collect_error(mech, maj, min); +} + +OM_uint32 _gss_spnego_display_status + (OM_uint32 * minor_status, + OM_uint32 status_value, + int status_type, + const gss_OID mech_type, + OM_uint32 * message_context, + gss_buffer_t status_string + ) +{ + return GSS_S_FAILURE; +} + +OM_uint32 _gss_spnego_add_cred ( + OM_uint32 * minor_status, + const gss_cred_id_t input_cred_handle, + const gss_name_t desired_name, + const gss_OID desired_mech, + gss_cred_usage_t cred_usage, + OM_uint32 initiator_time_req, + OM_uint32 acceptor_time_req, + gss_cred_id_t * output_cred_handle, + gss_OID_set * actual_mechs, + OM_uint32 * initiator_time_rec, + OM_uint32 * acceptor_time_rec + ) +{ + return gss_add_cred(minor_status, + input_cred_handle, + desired_name, + desired_mech, + cred_usage, + initiator_time_req, + acceptor_time_req, + output_cred_handle, + actual_mechs, + initiator_time_rec, + acceptor_time_rec); +} diff --git a/kerberos5/lib/libgssapi_spnego/prefix.c b/kerberos5/lib/libgssapi_spnego/prefix.c deleted file mode 100644 index 575c951..0000000 --- a/kerberos5/lib/libgssapi_spnego/prefix.c +++ /dev/null @@ -1,45 +0,0 @@ -/*- - * Copyright (c) 2008 Doug Rabson - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - -#include <gssapi/gssapi.h> - -static gss_OID_desc gss_c_peer_has_updated_spnego_oid_desc = -{9, (void *)"\x2b\x06\x01\x04\x01\xa9\x4a\x13\x05"}; - -gss_OID GSS_C_PEER_HAS_UPDATED_SPNEGO = &gss_c_peer_has_updated_spnego_oid_desc; - -static gss_OID_desc gss_krb5_mechanism_oid_desc = -{9, (void *) "\x2a\x86\x48\x86\xf7\x12\x01\x02\x02"}; - -gss_OID GSS_KRB5_MECHANISM = &gss_krb5_mechanism_oid_desc; - -const char * -_gss_name_prefix(void) -{ - return "_gss_spnego"; -} diff --git a/kerberos5/lib/libhdb/Makefile b/kerberos5/lib/libhdb/Makefile index 0e70799..1ee7f88 100644 --- a/kerberos5/lib/libhdb/Makefile +++ b/kerberos5/lib/libhdb/Makefile @@ -1,12 +1,37 @@ # $FreeBSD$ LIB= hdb -LDFLAGS= -Wl,--no-undefined ${LDAPLDFLAGS} -LDADD= -lasn1 -lcom_err -lkrb5 -lroken ${LDAPLDADD} -DPADD= ${LIBASN1} ${LIBCOM_ERR} ${LIBKRB5} ${LIBROKEN} ${LDAPDPADD} +LDFLAGS= -Wl,--no-undefined +VERSION_MAP= ${KRB5DIR}/lib/hdb/version-script.map +LDADD= -lasn1 -lcom_err -lkrb5 -lroken -lheimsqlite +DPADD= ${LIBASN1} ${LIBCOM_ERR} ${LIBKRB5} ${LIBROKEN} ${LIBHEIMSQLITE} ${LDAPDPADD} -INCS= hdb-private.h \ - hdb-protos.h \ +MAN= HDB.3 hdb_entry_ex.3 + +MLINKS= HDB.3 hdb__del.3 \ + HDB.3 hdb__get.3 \ + HDB.3 hdb__put.3 \ + HDB.3 hdb_auth_status.3 \ + HDB.3 hdb_check_constrained_delegation.3 \ + HDB.3 hdb_check_pkinit_ms_upn_match.3 \ + HDB.3 hdb_check_s4u2self.3 \ + HDB.3 hdb_close.3 \ + HDB.3 hdb_destroy.3 \ + HDB.3 hdb_fetch_kvno.3 \ + HDB.3 hdb_firstkey.3 \ + HDB.3 hdb_free.3 \ + HDB.3 hdb_get_realms.3 \ + HDB.3 hdb_lock.3 \ + HDB.3 hdb_name.3 \ + HDB.3 hdb_nextkey.3 \ + HDB.3 hdb_open.3 \ + HDB.3 hdb_password.3 \ + HDB.3 hdb_remove.3 \ + HDB.3 hdb_rename.3 \ + HDB.3 hdb_store.3 \ + HDB.3 hdb_unlock.3 + +INCS= hdb-protos.h \ hdb.h \ hdb_asn1.h \ hdb_err.h @@ -18,18 +43,24 @@ SRCS= common.c \ ext.c \ hdb-ldap.c \ hdb.c \ - hdb_asn1.h \ hdb_err.c \ hdb_err.h \ + hdb-sqlite.c \ + hdb-keytab.c \ + hdb-mitdb.c \ + hdb_locl.h \ + hdb-private.h \ keys.c \ keytab.c \ mkey.c \ ndbm.c \ print.c \ - ${GEN:S/.x$/.c/} + ${GEN:S/.x$/.c/:S/.hx$/.h/} CFLAGS+=-I${KRB5DIR}/lib/hdb -I${KRB5DIR}/lib/asn1 \ - -I${KRB5DIR}/lib/roken -I. ${LDAPCFLAGS} + -I${KRB5DIR}/lib/roken -I${KRB5DIR}/lib/sqlite \ + -I${KRB5DIR}/lib/krb5 \ + -I. ${LDAPCFLAGS} CFLAGS+=-DHDB_DB_DIR="\"/var/heimdal\"" GEN= asn1_Salt.x \ @@ -38,6 +69,7 @@ GEN= asn1_Salt.x \ asn1_HDBFlags.x \ asn1_GENERATION.x \ asn1_HDB_Ext_PKINIT_acl.x \ + asn1_HDB_Ext_PKINIT_cert.x \ asn1_HDB_Ext_PKINIT_hash.x \ asn1_HDB_Ext_Constrained_delegation_acl.x \ asn1_HDB_Ext_Lan_Manager_OWF.x \ @@ -46,22 +78,29 @@ GEN= asn1_Salt.x \ asn1_HDB_extension.x \ asn1_HDB_extensions.x \ asn1_hdb_entry.x \ - asn1_hdb_entry_alias.x + asn1_hdb_entry_alias.x \ + asn1_hdb_keyset.x \ + hdb_asn1.hx \ + hdb_asn1-priv.hx -CLEANFILES= ${GEN} ${GEN:S/.x$/.c/} hdb_asn1.h asn1_files +CLEANFILES= ${GEN} ${GEN:S/.x$/.c/:S/.hx$/.h/} hdb_asn1_files \ + hdb_asn1-template.[ch]* -.ORDER: ${GEN} hdb_asn1.h -${GEN} hdb_asn1.h: hdb.asn1 ../../tools/asn1_compile/asn1_compile - ../../tools/asn1_compile/asn1_compile ${.ALLSRC:M*.asn1} hdb_asn1 +ASN1_COMPILE= asn1_compile -../../tools/asn1_compile/asn1_compile: - cd ${.CURDIR}/../../tools/asn1_compile && ${MAKE} +${GEN}: hdb.asn1 + ${ASN1_COMPILE} ${.ALLSRC:M*.asn1} hdb_asn1 -.for I in ${GEN} -${I:R}.c: ${I} - cat ${.ALLSRC} > ${.TARGET} -.endfor +.SUFFIXES: .h .c .x .hx + +.x.c: + cmp -s ${.IMPSRC} ${.TARGET} 2> /dev/null || cp ${.IMPSRC} ${.TARGET} + +.hx.h: + cmp -s ${.IMPSRC} ${.TARGET} 2> /dev/null || cp ${.IMPSRC} ${.TARGET} .include <bsd.lib.mk> -.PATH: ${KRB5DIR}/lib/hdb +.SUFFIXES: .h .c .x .hx + +.PATH: ${KRB5DIR}/lib/hdb ${KRB5DIR}/doc/doxyout/hdb/man/man3/ diff --git a/kerberos5/lib/libheimbase/Makefile b/kerberos5/lib/libheimbase/Makefile new file mode 100644 index 0000000..d3aa0ee --- /dev/null +++ b/kerberos5/lib/libheimbase/Makefile @@ -0,0 +1,26 @@ +#$FreeBSD$ + +LIB= heimbase +LDFLAGS= -Wl,--no-undefined +LDADD= -lpthread +VERSION_MAP= ${KRB5DIR}/base/version-script.map + +INCS= heimbase.h + +SRCS= \ + array.c \ + baselocl.h \ + bool.c \ + dict.c \ + heimbase.c \ + heimbasepriv.h \ + heimqueue.h \ + null.c \ + number.c \ + string.c + +CFLAGS+= -I${KRB5DIR}/include + +.include <bsd.lib.mk> + +.PATH: ${KRB5DIR}/base diff --git a/kerberos5/lib/libheimipcc/Makefile b/kerberos5/lib/libheimipcc/Makefile new file mode 100644 index 0000000..c1ad602 --- /dev/null +++ b/kerberos5/lib/libheimipcc/Makefile @@ -0,0 +1,20 @@ +#$FreeBSD$ + +LIB= heimipcc +INTERNALLIB= +LDADD= -lheimbase -lroken -lpthread +DPADD= ${LIBHEIMBASE} ${LIBROKEN} ${LIBPTHREAD} + +SRCS= hi_locl.h \ + heim_ipc_types.h \ + client.c \ + common.c + +CFLAGS+= -DPIC ${PICFLAG} +CFLAGS+= -I${KRB5DIR}/lib/roken \ + -I${KRB5DIR}/base \ + -I${KRB5DIR}/lib/ipc + +.include <bsd.lib.mk> + +.PATH: ${KRB5DIR}/lib/ipc diff --git a/kerberos5/lib/libheimipcs/Makefile b/kerberos5/lib/libheimipcs/Makefile new file mode 100644 index 0000000..333480d --- /dev/null +++ b/kerberos5/lib/libheimipcs/Makefile @@ -0,0 +1,21 @@ +#$FreeBSD$ + +LIB= heimipcs +INTERNALLIB= +LDADD= -lheimbase -lroken +LDFLAGS= -pthread +DPADD= ${LIBHEIMBASE} ${LIBROKEN} + +SRCS= hi_locl.h \ + heim_ipc_types.h \ + server.c \ + common.c + +CFLAGS+= -DPIC ${PICFLAG} +CFLAGS+= -I${KRB5DIR}/lib/roken \ + -I${KRB5DIR}/base \ + -I${KRB5DIR}/lib/ipc -I. + +.include <bsd.lib.mk> + +.PATH: ${KRB5DIR}/lib/ipc diff --git a/kerberos5/lib/libheimntlm/Makefile b/kerberos5/lib/libheimntlm/Makefile index ba7c922..2f0415d 100644 --- a/kerberos5/lib/libheimntlm/Makefile +++ b/kerberos5/lib/libheimntlm/Makefile @@ -2,13 +2,39 @@ LIB= heimntlm LDFLAGS= -Wl,--no-undefined -LDADD= -lcrypto -lkrb5 -DPADD= ${LIBCRYPTO} ${LIBKRB5} -SRCS= ntlm.c -INCS= heimntlm.h heimntlm-protos.h -CFLAGS+=-I${KRB5DIR}/lib/ntlm +LDADD= -lcrypto -lcom_err -lkrb5 -lroken +DPADD= ${LIBCRYPTO} ${LIBCOM_ERR} ${LIBKRB5} ${LIBROKEN} +SRCS= ntlm.c ntlm_err.c +INCS= heimntlm.h heimntlm-protos.h ntlm_err.h +CFLAGS+=-I${KRB5DIR}/lib/ntlm -I${KRB5DIR}/lib/roken VERSION_MAP= ${KRB5DIR}/lib/ntlm/version-script.map +MAN= ntlm_buf.3 \ + ntlm_core.3 \ + ntlm_type1.3 \ + ntlm_type2.3 \ + ntlm_type3.3 + +MLINKS= ntlm_core.3 heim_ntlm_build_ntlm1_master.3 \ + ntlm_core.3 heim_ntlm_build_ntlm2_master.3 \ + ntlm_core.3 heim_ntlm_calculate_lm2.3 \ + ntlm_core.3 heim_ntlm_calculate_ntlm1.3 \ + ntlm_core.3 heim_ntlm_calculate_ntlm2.3 \ + ntlm_core.3 heim_ntlm_decode_targetinfo.3 \ + ntlm_core.3 heim_ntlm_encode_targetinfo.3 \ + ntlm_core.3 heim_ntlm_encode_type1.3 \ + ntlm_core.3 heim_ntlm_encode_type2.3 \ + ntlm_core.3 heim_ntlm_encode_type3.3 \ + ntlm_core.3 heim_ntlm_free_buf.3 \ + ntlm_core.3 heim_ntlm_free_targetinfo.3 \ + ntlm_core.3 heim_ntlm_free_type1.3 \ + ntlm_core.3 heim_ntlm_free_type2.3 \ + ntlm_core.3 heim_ntlm_free_type3.3 \ + ntlm_core.3 heim_ntlm_keyex_unwrap.3 \ + ntlm_core.3 heim_ntlm_nt_key.3 \ + ntlm_core.3 heim_ntlm_ntlmv2_key.3 \ + ntlm_core.3 heim_ntlm_verify_ntlm2.3 + .include <bsd.lib.mk> -.PATH: ${KRB5DIR}/lib/ntlm +.PATH: ${KRB5DIR}/lib/ntlm ${KRB5DIR}/doc/doxyout/ntlm/man/man3 diff --git a/kerberos5/lib/libheimsqlite/Makefile b/kerberos5/lib/libheimsqlite/Makefile new file mode 100644 index 0000000..b98537a --- /dev/null +++ b/kerberos5/lib/libheimsqlite/Makefile @@ -0,0 +1,11 @@ +# $FreeBSD$ + +LIB= heimsqlite +SRCS= sqlite3.c +DPADD= ${LIBPTHREAD} +LDADD= -lpthread +CFLAGS+=-I${KRB5DIR}/lib/sqlite + +.include <bsd.lib.mk> + +.PATH: ${KRB5DIR}/lib/sqlite diff --git a/kerberos5/lib/libhx509/Makefile b/kerberos5/lib/libhx509/Makefile index 9238a74..57c9c18 100644 --- a/kerberos5/lib/libhx509/Makefile +++ b/kerberos5/lib/libhx509/Makefile @@ -3,8 +3,171 @@ LIB= hx509 LDFLAGS= -Wl,--no-undefined VERSION_MAP= ${KRB5DIR}/lib/hx509/version-script.map -LDADD= -lasn1 -lcom_err -lcrypto -lroken -DPADD= ${LIBASN1} ${LIBCOM_ERR} ${LIBCRYPTO} ${LIBROKEN} +LDADD= -lasn1 -lcom_err -lcrypto -lroken -lwind +DPADD= ${LIBASN1} ${LIBCOM_ERR} ${LIBCRYPTO} ${LIBROKEN} ${LIBWIND} + +MAN= hx509.3 \ + hx509_ca.3 \ + hx509_cert.3 \ + hx509_cms.3 \ + hx509_crypto.3 \ + hx509_env.3 \ + hx509_error.3 \ + hx509_keyset.3 \ + hx509_lock.3 \ + hx509_misc.3 \ + hx509_name.3 \ + hx509_peer.3 \ + hx509_print.3 \ + hx509_query.3 \ + hx509_revoke.3 \ + hx509_verify.3 + +MLINKS= hx509.3 hx509_context_free.3 \ + hx509.3 hx509_context_init.3 \ + hx509_ca.3 hx509_ca_sign.3 \ + hx509_ca.3 hx509_ca_sign_self.3 \ + hx509_ca.3 hx509_ca_tbs_add_crl_dp_uri.3 \ + hx509_ca.3 hx509_ca_tbs_add_eku.3 \ + hx509_ca.3 hx509_ca_tbs_add_san_hostname.3 \ + hx509_ca.3 hx509_ca_tbs_add_san_jid.3 \ + hx509_ca.3 hx509_ca_tbs_add_san_ms_upn.3 \ + hx509_ca.3 hx509_ca_tbs_add_san_otherName.3 \ + hx509_ca.3 hx509_ca_tbs_add_san_pkinit.3 \ + hx509_ca.3 hx509_ca_tbs_add_san_rfc822name.3 \ + hx509_ca.3 hx509_ca_tbs_free.3 \ + hx509_ca.3 hx509_ca_tbs_init.3 \ + hx509_ca.3 hx509_ca_tbs_set_ca.3 \ + hx509_ca.3 hx509_ca_tbs_set_domaincontroller.3 \ + hx509_ca.3 hx509_ca_tbs_set_notAfter.3 \ + hx509_ca.3 hx509_ca_tbs_set_notAfter_lifetime.3 \ + hx509_ca.3 hx509_ca_tbs_set_notBefore.3 \ + hx509_ca.3 hx509_ca_tbs_set_proxy.3 \ + hx509_ca.3 hx509_ca_tbs_set_serialnumber.3 \ + hx509_ca.3 hx509_ca_tbs_set_spki.3 \ + hx509_ca.3 hx509_ca_tbs_set_subject.3 \ + hx509_ca.3 hx509_ca_tbs_set_template.3 \ + hx509_ca.3 hx509_ca_tbs_set_unique.3 \ + hx509_ca.3 hx509_ca_tbs_subject_expand.3 \ + hx509_ca.3 hx509_ca_tbs_template_units.3 \ + hx509_cert.3 hx509_cert_binary.3 \ + hx509_cert.3 hx509_cert_check_eku.3 \ + hx509_cert.3 hx509_cert_cmp.3 \ + hx509_cert.3 hx509_cert_find_subjectAltName_otherName.3 \ + hx509_cert.3 hx509_cert_free.3 \ + hx509_cert.3 hx509_cert_get_SPKI.3 \ + hx509_cert.3 hx509_cert_get_SPKI_AlgorithmIdentifier.3 \ + hx509_cert.3 hx509_cert_get_attribute.3 \ + hx509_cert.3 hx509_cert_get_base_subject.3 \ + hx509_cert.3 hx509_cert_get_friendly_name.3 \ + hx509_cert.3 hx509_cert_get_issuer.3 \ + hx509_cert.3 hx509_cert_get_issuer_unique_id.3 \ + hx509_cert.3 hx509_cert_get_notAfter.3 \ + hx509_cert.3 hx509_cert_get_notBefore.3 \ + hx509_cert.3 hx509_cert_get_serialnumber.3 \ + hx509_cert.3 hx509_cert_get_subject.3 \ + hx509_cert.3 hx509_cert_get_subject_unique_id.3 \ + hx509_cert.3 hx509_cert_init.3 \ + hx509_cert.3 hx509_cert_init_data.3 \ + hx509_cert.3 hx509_cert_ref.3 \ + hx509_cert.3 hx509_cert_set_friendly_name.3 \ + hx509_cert.3 hx509_print_cert.3 \ + hx509_cert.3 hx509_query_alloc.3 \ + hx509_cert.3 hx509_query_free.3 \ + hx509_cert.3 hx509_query_match_cmp_func.3 \ + hx509_cert.3 hx509_query_match_eku.3 \ + hx509_cert.3 hx509_query_match_friendly_name.3 \ + hx509_cert.3 hx509_query_match_issuer_serial.3 \ + hx509_cert.3 hx509_query_match_option.3 \ + hx509_cert.3 hx509_query_statistic_file.3 \ + hx509_cert.3 hx509_query_unparse_stats.3 \ + hx509_cert.3 hx509_verify_ctx_f_allow_default_trustanchors.3 \ + hx509_cert.3 hx509_verify_hostname.3 \ + hx509_cms.3 hx509_cms_create_signed_1.3 \ + hx509_cms.3 hx509_cms_envelope_1.3 \ + hx509_cms.3 hx509_cms_unenvelope.3 \ + hx509_cms.3 hx509_cms_unwrap_ContentInfo.3 \ + hx509_cms.3 hx509_cms_verify_signed.3 \ + hx509_cms.3 hx509_cms_wrap_ContentInfo.3 \ + hx509_crypto.3 hx509_verify_signature.3 \ + hx509_env.3 hx509_env_add.3 \ + hx509_env.3 hx509_env_add_binding.3 \ + hx509_env.3 hx509_env_find.3 \ + hx509_env.3 hx509_env_find_binding.3 \ + hx509_env.3 hx509_env_free.3 \ + hx509_env.3 hx509_env_lfind.3 \ + hx509_error.3 hx509_clear_error_string.3 \ + hx509_error.3 hx509_err.3 \ + hx509_error.3 hx509_free_error_string.3 \ + hx509_error.3 hx509_get_error_string.3 \ + hx509_error.3 hx509_set_error_string.3 \ + hx509_error.3 hx509_set_error_stringv.3 \ + hx509_keyset.3 hx509_certs_add.3 \ + hx509_keyset.3 hx509_certs_append.3 \ + hx509_keyset.3 hx509_certs_end_seq.3 \ + hx509_keyset.3 hx509_certs_filter.3 \ + hx509_keyset.3 hx509_certs_find.3 \ + hx509_keyset.3 hx509_certs_free.3 \ + hx509_keyset.3 hx509_certs_info.3 \ + hx509_keyset.3 hx509_certs_init.3 \ + hx509_keyset.3 hx509_certs_iter_f.3 \ + hx509_keyset.3 hx509_certs_merge.3 \ + hx509_keyset.3 hx509_certs_next_cert.3 \ + hx509_keyset.3 hx509_certs_start_seq.3 \ + hx509_keyset.3 hx509_certs_store.3 \ + hx509_keyset.3 hx509_ci_print_names.3 \ + hx509_keyset.3 hx509_get_one_cert.3 \ + hx509_misc.3 hx509_free_octet_string_list.3 \ + hx509_misc.3 hx509_xfree.3 \ + hx509_name.3 hx509_general_name_unparse.3 \ + hx509_name.3 hx509_name_binary.3 \ + hx509_name.3 hx509_name_cmp.3 \ + hx509_name.3 hx509_name_copy.3 \ + hx509_name.3 hx509_name_expand.3 \ + hx509_name.3 hx509_name_free.3 \ + hx509_name.3 hx509_name_is_null_p.3 \ + hx509_name.3 hx509_name_to_Name.3 \ + hx509_name.3 hx509_name_to_string.3 \ + hx509_name.3 hx509_parse_name.3 \ + hx509_name.3 hx509_unparse_der_name.3 \ + hx509_peer.3 hx509_peer_info_add_cms_alg.3 \ + hx509_peer.3 hx509_peer_info_alloc.3 \ + hx509_peer.3 hx509_peer_info_free.3 \ + hx509_peer.3 hx509_peer_info_set_cert.3 \ + hx509_peer.3 hx509_peer_info_set_cms_algs.3 \ + hx509_print.3 hx509_bitstring_print.3 \ + hx509_print.3 hx509_cert_keyusage_print.3 \ + hx509_print.3 hx509_oid_print.3 \ + hx509_print.3 hx509_oid_sprint.3 \ + hx509_print.3 hx509_print_stdout.3 \ + hx509_print.3 hx509_validate_cert.3 \ + hx509_print.3 hx509_validate_ctx_add_flags.3 \ + hx509_print.3 hx509_validate_ctx_free.3 \ + hx509_print.3 hx509_validate_ctx_init.3 \ + hx509_print.3 hx509_validate_ctx_set_print.3 \ + hx509_revoke.3 hx509_ocsp_request.3 \ + hx509_revoke.3 hx509_revoke_add_crl.3 \ + hx509_revoke.3 hx509_revoke_add_ocsp.3 \ + hx509_revoke.3 hx509_revoke_free.3 \ + hx509_revoke.3 hx509_revoke_init.3 \ + hx509_revoke.3 hx509_revoke_ocsp_print.3 \ + hx509_revoke.3 hx509_revoke_verify.3 \ + hx509_verify.3 hx509_context_set_missing_revoke.3 \ + hx509_verify.3 hx509_crl_add_revoked_certs.3 \ + hx509_verify.3 hx509_crl_alloc.3 \ + hx509_verify.3 hx509_crl_free.3 \ + hx509_verify.3 hx509_crl_lifetime.3 \ + hx509_verify.3 hx509_crl_sign.3 \ + hx509_verify.3 hx509_ocsp_verify.3 \ + hx509_verify.3 hx509_verify_attach_anchors.3 \ + hx509_verify.3 hx509_verify_attach_revoke.3 \ + hx509_verify.3 hx509_verify_destroy_ctx.3 \ + hx509_verify.3 hx509_verify_init_ctx.3 \ + hx509_verify.3 hx509_verify_path.3 \ + hx509_verify.3 hx509_verify_set_max_depth.3 \ + hx509_verify.3 hx509_verify_set_proxy_certificate.3 \ + hx509_verify.3 hx509_verify_set_strict_rfc3280_verification.3 \ + hx509_verify.3 hx509_verify_set_time.3 INCS= hx509-private.h \ hx509-protos.h \ @@ -13,6 +176,7 @@ INCS= hx509-private.h \ SRCS= ca.c \ cert.c \ + char_map.h \ cms.c \ collector.c \ crypto.c \ @@ -24,6 +188,10 @@ SRCS= ca.c \ hx509-protos.h \ hx509.h \ hx_locl.h \ + sel.c \ + sel.h \ + sel-gram.y \ + sel-lex.l \ keyset.c \ ks_dir.c \ ks_file.c \ @@ -44,11 +212,13 @@ SRCS= ca.c \ SRCS+= hx509_err.c \ hx509_err.h -SRCS+= ${GEN:S/.x$/.c/} +SRCS+= ${GEN_OCSP:S/.x$/.c/:S/.hx$/.h/} \ + ${GEN_PKCS10:S/.x$/.c/:S/.hx$/.h/} CFLAGS+=-I${KRB5DIR}/lib/hx509 CFLAGS+=-I${KRB5DIR}/lib/hx509/ref CFLAGS+=-I${KRB5DIR}/lib/asn1 +CFLAGS+=-I${KRB5DIR}/lib/wind CFLAGS+=-I${KRB5DIR}/lib/roken -I. GEN_OCSP= \ @@ -69,38 +239,66 @@ GEN_OCSP= \ asn1_OCSPVersion.x \ asn1_id_pkix_ocsp.x \ asn1_id_pkix_ocsp_basic.x \ - asn1_id_pkix_ocsp_nonce.x + asn1_id_pkix_ocsp_nonce.x \ + ocsp_asn1.hx \ + ocsp_asn1-priv.hx GEN_PKCS10= \ asn1_CertificationRequestInfo.x \ - asn1_CertificationRequest.x + asn1_CertificationRequest.x \ + pkcs10_asn1.hx \ + pkcs10_asn1-priv.hx + +GEN_CRMF= \ + asn1_CRMFRDNSequence.x \ + asn1_CertReqMessages.x \ + asn1_CertReqMsg.x \ + asn1_CertRequest.x \ + asn1_CertTemplate.x \ + asn1_Controls.x \ + asn1_PBMParameter.x \ + asn1_PKMACValue.x \ + asn1_POPOPrivKey.x \ + asn1_POPOSigningKey.x \ + asn1_POPOSigningKeyInput.x \ + asn1_ProofOfPossession.x \ + asn1_SubsequentMessage.x \ + crmf_asn1.hx \ + crmf_asn1-priv.hx GEN+= ${GEN_OCSP} GEN+= ${GEN_PKCS10} +GEN+= ${GEN_CRMF} -CLEANFILES= ${GEN} ${GEN:S/.x$/.c/} asn1_files +CLEANFILES= ${GEN} ${GEN:S/.x$/.c/:S/.hx$/.h/} ocsp_asn1_files \ + pkcs10_asn1_files crmf_asn1_files ocsp_asn1-template.[ch]* \ + pkcs10_asn1-template.[ch]* crmf_asn1-template.[ch]* -GEN_ASN1=ocsp_asn1.h pkcs10_asn1.h -CLEANFILES+=${GEN_ASN1} -SRCS+=${GEN_ASN1} -INCS+=${GEN_ASN1} +INCS+= ocsp_asn1.h pkcs10_asn1.h crmf_asn1.h -.ORDER: ${GEN} ${GEN_ASN1} +ASN1_COMPILE= asn1_compile -${GEN_OCSP} ocsp_asn1.h: ocsp.asn1 ../../tools/asn1_compile/asn1_compile - ../../tools/asn1_compile/asn1_compile --preserve-binary=OCSPTBSRequest --preserve-binary=OCSPResponseData ${.ALLSRC:M*.asn1} ocsp_asn1 +${GEN_OCSP}: ocsp.asn1 ocsp.opt + ${ASN1_COMPILE} --option-file=${.ALLSRC:M*.opt} \ + ${.ALLSRC:M*.asn1} ocsp_asn1 -${GEN_PKCS10} pkcs10_asn1.h: pkcs10.asn1 ../../tools/asn1_compile/asn1_compile - ../../tools/asn1_compile/asn1_compile ${.ALLSRC:M*.asn1} pkcs10_asn1 +${GEN_PKCS10}: pkcs10.asn1 pkcs10.opt + ${ASN1_COMPILE} --option-file=${.ALLSRC:M*.opt} \ + ${.ALLSRC:M*.asn1} pkcs10_asn1 -../../tools/asn1_compile/asn1_compile: - cd ${.CURDIR}/../../tools/asn1_compile && ${MAKE} +${GEN_CRMF}: crmf.asn1 + ${ASN1_COMPILE} ${.ALLSRC:M*.asn1} crmf_asn1 -.for I in ${GEN} -${I:R}.c: ${I} - cat ${.ALLSRC} > ${.TARGET} -.endfor +.SUFFIXES: .h .c .x .hx + +.x.c: + cmp -s ${.IMPSRC} ${.TARGET} 2> /dev/null || cp ${.IMPSRC} ${.TARGET} + +.hx.h: + cmp -s ${.IMPSRC} ${.TARGET} 2> /dev/null || cp ${.IMPSRC} ${.TARGET} .include <bsd.lib.mk> -.PATH: ${KRB5DIR}/lib/hx509 ${KRB5DIR}/lib/asn1 +.SUFFIXES: .h .c .x .hx + +.PATH: ${KRB5DIR}/lib/hx509 ${KRB5DIR}/lib/asn1 ${KRB5DIR}/doc/doxyout/hx509/man/man3 diff --git a/kerberos5/lib/libkadm5clnt/Makefile b/kerberos5/lib/libkadm5clnt/Makefile index dd93847..31030be 100644 --- a/kerberos5/lib/libkadm5clnt/Makefile +++ b/kerberos5/lib/libkadm5clnt/Makefile @@ -8,6 +8,7 @@ DPADD= ${LIBCOM_ERR} ${LIBKRB5} ${LIBROKEN} INCS= admin.h \ kadm5-private.h \ kadm5-protos.h \ + kadm5-pwcheck.h \ kadm5_err.h \ private.h @@ -25,14 +26,17 @@ SRCS= ad.c \ get_c.c \ get_princs_c.c \ init_c.c \ + kadm5_locl.h \ kadm5_err.c \ kadm5_err.h \ marshall.c \ modify_c.c \ + private.h \ privs_c.c \ randkey_c.c \ rename_c.c \ - send_recv.c + send_recv.c \ + admin.h CFLAGS+=-I${KRB5DIR}/lib/kadm5 -I${KRB5DIR}/lib/asn1 -I${KRB5DIR}/lib/roken -I. diff --git a/kerberos5/lib/libkadm5srv/Makefile b/kerberos5/lib/libkadm5srv/Makefile index 43bd6e0..1632280 100644 --- a/kerberos5/lib/libkadm5srv/Makefile +++ b/kerberos5/lib/libkadm5srv/Makefile @@ -5,8 +5,11 @@ LDFLAGS= -Wl,--no-undefined LDADD= -lcom_err -lhdb -lkrb5 -lroken DPADD= ${LIBCOM_ERR} ${LIBHDB} ${LIBKRB5} ${LIBROKEN} VERSION_MAP= ${KRB5DIR}/lib/kadm5/version-script.map +MAN= kadm5_pwcheck.3 SRCS= acl.c \ + admin.h \ + admin.h \ bump_pw_expire.c \ chpass_s.c \ common_glue.c \ @@ -23,11 +26,13 @@ SRCS= acl.c \ init_s.c \ kadm5_err.c \ kadm5_err.h \ + kadm5_locl.h \ keys.c \ log.c \ marshall.c \ modify_s.c \ password_quality.c \ + private.h \ privs_s.c \ randkey_s.c \ rename_s.c \ diff --git a/kerberos5/lib/libkafs5/Makefile b/kerberos5/lib/libkafs5/Makefile index 962a900..ded5095 100644 --- a/kerberos5/lib/libkafs5/Makefile +++ b/kerberos5/lib/libkafs5/Makefile @@ -1,12 +1,20 @@ # $FreeBSD$ LIB= kafs5 -LDFLAGS= -Wl,--no-undefined -LDADD= -lasn1 -lkrb5 -lroken +LDADD= -lasn1 -lroken DPADD= ${LIBASN1} ${LIBKRB5} ${LIBROKEN} INCS= kafs.h MAN= kafs5.3 +# +# Linking with libkrb5 uncovers a bug in binutils. +# See http://repo.or.cz/w/binutils.git/commit/ee05170bf71819c99cb5a36a44735c231ae03c56 . +# +.if ${MACHINE_ARCH} != "mipsn32eb" && ${MACHINE_ARCH} != "mipsel" && ${MACHINE_ARCH} != "mipseb" +LDADD+= -lkrb5 +LDFLAGS= -Wl,--no-undefined +.endif + MLINKS= kafs5.3 k_afs_cell_of_file.3 \ kafs5.3 k_hasafs.3 \ kafs5.3 k_pioctl.3 \ @@ -23,7 +31,16 @@ MLINKS= kafs5.3 k_afs_cell_of_file.3 \ kafs5.3 krb_afslog_uid.3 SRCS= afssys.c afskrb5.c common.c krb5_err.h -CFLAGS+=-I${KRB5DIR}/lib/kafs -I${KRB5DIR}/lib/krb5 -I${KRB5DIR}/lib/roken +SRCS= afssys.c \ + afskrb5.c \ + common.c \ + kafs_locl.h \ + afssysdefs.h \ + roken_rename.h +CFLAGS+= -I${KRB5DIR}/lib/kafs \ + -I${KRB5DIR}/lib/krb5 \ + -I${.OBJDIR}/../libkrb5/ \ + -I${KRB5DIR}/lib/roken CLEANFILES= kafs5.3 diff --git a/kerberos5/lib/libkdc/Makefile b/kerberos5/lib/libkdc/Makefile new file mode 100644 index 0000000..385f160 --- /dev/null +++ b/kerberos5/lib/libkdc/Makefile @@ -0,0 +1,40 @@ +#$FreeBSD$ + +LIB= kdc +LDFLAGS= -Wl,--no-undefined +VERSION_MAP= ${KRB5DIR}/kdc/version-script.map +LDADD= -lroken -lhdb -lhx509 -lkrb5 -lheimntlm -lasn1 -lcrypt -lcrypto +DPADD= ${LIBROKEN} ${LIBHDB} ${LIBHX509} ${LIBKRB5} ${LIBHEIMNTLM} \ + ${LIBASN1} ${LIBCRYPT} ${LIBCRYPTO} + +INCS= kdc.h \ + kdc-protos.h + +KRB5INCS= windc_plugin.h +KRB5INCSDIR= ${INCLUDEDIR}/krb5 +INCSGROUPS= INCS KRB5INCS + +SRCS= kdc-private.h \ + kdc-protos.h \ + default_config.c \ + set_dbinfo.c \ + digest.c \ + kdc_locl.h\ + kerberos5.c \ + krb5tgs.c \ + pkinit.c \ + log.c \ + misc.c \ + kx509.c \ + process.c \ + windc.c \ + rx.h + +CFLAGS+= -I${KRB5DIR}/lib/roken \ + -I${KRB5DIR}/lib/krb5 \ + -I${KRB5DIR}/lib/hdb \ + -I${KRB5DIR}/kdc + +.include <bsd.lib.mk> + +.PATH: ${KRB5DIR}/kdc diff --git a/kerberos5/lib/libkrb5/Makefile b/kerberos5/lib/libkrb5/Makefile index 71175cd..f53e4d0 100644 --- a/kerberos5/lib/libkrb5/Makefile +++ b/kerberos5/lib/libkrb5/Makefile @@ -3,18 +3,24 @@ LIB= krb5 LDFLAGS= -Wl,--no-undefined VERSION_MAP= ${KRB5DIR}/lib/krb5/version-script.map -LDADD= -lasn1 -lcom_err -lcrypt -lcrypto -lhx509 -lroken -DPADD= ${LIBASN1} ${LIBCOM_ERR} ${LIBCRYPT} ${LIBCRYPTO} ${LIBHX509} ${LIBROKEN} +LDADD= -lasn1 -lcom_err -lcrypt -lcrypto -lhx509 -lroken -lwind -lheimbase ${LIBHEIMIPCC} +DPADD= ${LIBASN1} ${LIBCOM_ERR} ${LIBCRYPT} ${LIBCRYPTO} ${LIBHX509} ${LIBROKEN} ${LIBWIND} ${LIBHEIMBASE} ${LIBHEIMIPCC} INCS= heim_err.h \ heim_threads.h \ k524_err.h \ krb5-protos.h \ + krb5-private.h \ krb5-types.h \ krb5.h \ krb5_err.h \ - krb5-v4compat.h \ - krb_err.h + krb5_ccapi.h + +KRB5INCS= locate_plugin.h \ + send_to_kdc_plugin.h \ + ccache_plugin.h +KRB5INCSDIR= ${INCLUDEDIR}/krb5 +INCSGROUPS= INCS KRB5INCS MAN= krb5.3 \ krb524_convert_creds_kdc.3 \ @@ -23,21 +29,23 @@ MAN= krb5.3 \ krb5_address.3 \ krb5_aname_to_localname.3 \ krb5_appdefault.3 \ + krb5_auth.3 \ krb5_auth_context.3 \ krb5_c_make_checksum.3 \ krb5_ccache.3 \ + krb5_ccache_intro.3 \ krb5_check_transited.3 \ - krb5_compare_creds.3 \ - krb5_config.3 \ - krb5_context.3 \ krb5_create_checksum.3 \ + krb5_credential.3 \ krb5_creds.3 \ - krb5_crypto_init.3 \ - krb5_data.3 \ + krb5_crypto.3 \ + krb5_crypto_iov.3 \ + krb5_deprecated.3 \ krb5_digest.3 \ krb5_eai_to_heim_errno.3 \ krb5_encrypt.3 \ - krb5_expand_hostname.3 \ + krb5_error.3 \ + krb5_fileformats.3 \ krb5_find_padata.3 \ krb5_generate_random_block.3 \ krb5_get_all_client_addrs.3 \ @@ -49,16 +57,19 @@ MAN= krb5.3 \ krb5_get_krbhst.3 \ krb5_getportbyname.3 \ krb5_init_context.3 \ + krb5_init_creds_intro.3 \ + krb5_introduction.3 \ krb5_is_thread_safe.3 \ - krb5_keyblock.3 \ krb5_keytab.3 \ + krb5_keytab_intro.3 \ krb5_krbhst_init.3 \ - krb5_kuserok.3 \ krb5_mk_req.3 \ krb5_mk_safe.3 \ krb5_openlog.3 \ + krb5_pac.3 \ krb5_parse_name.3 \ krb5_principal.3 \ + krb5_principal_intro.3 \ krb5_rcache.3 \ krb5_rd_error.3 \ krb5_rd_safe.3 \ @@ -66,24 +77,76 @@ MAN= krb5.3 \ krb5_set_password.3 \ krb5_storage.3 \ krb5_string_to_key.3 \ + krb5_support.3 \ krb5_ticket.3 \ krb5_timeofday.3 \ - krb5_unparse_name.3 \ + krb5_v4compat.3 \ krb5_verify_init_creds.3 \ krb5_verify_user.3 \ - krb5_warn.3 \ verify_krb5_conf.8 MAN+= krb5.conf.5 MAN+= kerberos.8 -MLINKS= krb5_425_conv_principal.3 krb5_425_conv_principal_ext.3 \ +MLINKS= krb5.3 krb5_add_et_list.3 \ + krb5.3 krb5_add_extra_addresses.3 \ + krb5.3 krb5_add_ignore_addresses.3 \ + krb5.3 krb5_compare_creds.3 \ + krb5.3 krb5_copy_context.3 \ + krb5.3 krb5_copy_creds.3 \ + krb5.3 krb5_copy_creds_contents.3 \ + krb5.3 krb5_copy_data.3 \ + krb5.3 krb5_copy_host_realm.3 \ + krb5.3 krb5_copy_ticket.3 \ + krb5.3 krb5_creds_get_ticket_flags.3 \ + krb5.3 krb5_data_alloc.3 \ + krb5.3 krb5_data_cmp.3 \ + krb5.3 krb5_data_copy.3 \ + krb5.3 krb5_data_ct_cmp.3 \ + krb5.3 krb5_data_free.3 \ + krb5.3 krb5_data_realloc.3 \ + krb5.3 krb5_data_zero.3 \ + krb5.3 krb5_free_config_files.3 \ + krb5.3 krb5_free_context.3 \ + krb5.3 krb5_free_cred_contents.3 \ + krb5.3 krb5_free_creds.3 \ + krb5.3 krb5_free_data.3 \ + krb5.3 krb5_free_ticket.3 \ + krb5.3 krb5_get_default_config_files.3 \ + krb5.3 krb5_get_default_in_tkt_etypes.3 \ + krb5.3 krb5_get_dns_canonicalize_hostname.3 \ + krb5.3 krb5_get_extra_addresses.3 \ + krb5.3 krb5_get_fcache_version.3 \ + krb5.3 krb5_get_ignore_addresses.3 \ + krb5.3 krb5_get_kdc_sec_offset.3 \ + krb5.3 krb5_get_max_time_skew.3 \ + krb5.3 krb5_get_use_admin_kdc.3 \ + krb5.3 krb5_init_ets.3 \ + krb5.3 krb5_kerberos_enctypes.3 \ + krb5.3 krb5_krbhst_get_addrinfo.3 \ + krb5.3 krb5_prepend_config_files_default.3 \ + krb5.3 krb5_set_config_files.3 \ + krb5.3 krb5_set_default_in_tkt_etypes.3 \ + krb5.3 krb5_set_dns_canonicalize_hostname.3 \ + krb5.3 krb5_set_extra_addresses.3 \ + krb5.3 krb5_set_fcache_version.3 \ + krb5.3 krb5_set_home_dir_access.3 \ + krb5.3 krb5_set_ignore_addresses.3 \ + krb5.3 krb5_set_kdc_sec_offset.3 \ + krb5.3 krb5_set_max_time_skew.3 \ + krb5.3 krb5_set_real_time.3 \ + krb5.3 krb5_set_use_admin_kdc.3 \ + krb5.3 krb5_ticket_get_authorization_data_type.3 \ + krb5.3 krb5_ticket_get_client.3 \ + krb5.3 krb5_ticket_get_endtime.3 \ + krb5.3 krb5_ticket_get_server.3 \ + krb5_425_conv_principal.3 krb5_425_conv_principal_ext.3 \ krb5_425_conv_principal.3 krb5_524_conv_principal.3 \ krb5_address.3 krb5_addr2sockaddr.3 \ krb5_address.3 krb5_address_compare.3 \ krb5_address.3 krb5_address_order.3 \ + krb5_address.3 krb5_address_prefixlen_boundary.3 \ krb5_address.3 krb5_address_search.3 \ - krb5_address.3 krb5_addresses.3 \ krb5_address.3 krb5_anyaddr.3 \ krb5_address.3 krb5_append_addresses.3 \ krb5_address.3 krb5_copy_address.3 \ @@ -102,6 +165,12 @@ MLINKS= krb5_425_conv_principal.3 krb5_425_conv_principal_ext.3 \ krb5_appdefault.3 krb5_appdefault_boolean.3 \ krb5_appdefault.3 krb5_appdefault_string.3 \ krb5_appdefault.3 krb5_appdefault_time.3 \ + krb5_auth.3 krb5_rd_req_ctx.3 \ + krb5_auth.3 krb5_rd_req_in_ctx_alloc.3 \ + krb5_auth.3 krb5_rd_req_in_set_keytab.3 \ + krb5_auth.3 krb5_rd_req_in_set_pac_check.3 \ + krb5_auth.3 krb5_rd_req_out_ctx_free.3 \ + krb5_auth.3 krb5_rd_req_out_get_server.3 \ krb5_auth_context.3 krb5_auth_con_free.3 \ krb5_auth_context.3 krb5_auth_con_genaddrs.3 \ krb5_auth_context.3 krb5_auth_con_getaddrs.3 \ @@ -131,72 +200,160 @@ MLINKS= krb5_425_conv_principal.3 krb5_425_conv_principal_ext.3 \ krb5_auth_context.3 krb5_auth_setkeytype.3 \ krb5_auth_context.3 krb5_auth_setlocalseqnumber.3 \ krb5_auth_context.3 krb5_auth_setremoteseqnumber.3 \ + krb5_ccache.3 krb5_acc_ops.3 \ + krb5_ccache.3 krb5_cc_cache_end_seq_get.3 \ + krb5_ccache.3 krb5_cc_cache_get_first.3 \ + krb5_ccache.3 krb5_cc_cache_match.3 \ + krb5_ccache.3 krb5_cc_cache_next.3 \ + krb5_ccache.3 krb5_cc_clear_mcred.3 \ krb5_ccache.3 krb5_cc_close.3 \ krb5_ccache.3 krb5_cc_copy_cache.3 \ - krb5_ccache.3 krb5_cc_cursor.3 \ + krb5_ccache.3 krb5_cc_copy_creds.3 \ + krb5_ccache.3 krb5_cc_copy_match_f.3 \ krb5_ccache.3 krb5_cc_default.3 \ krb5_ccache.3 krb5_cc_default_name.3 \ krb5_ccache.3 krb5_cc_destroy.3 \ krb5_ccache.3 krb5_cc_end_seq_get.3 \ krb5_ccache.3 krb5_cc_gen_new.3 \ + krb5_ccache.3 krb5_cc_get_config.3 \ + krb5_ccache.3 krb5_cc_get_flags.3 \ + krb5_ccache.3 krb5_cc_get_friendly_name.3 \ + krb5_ccache.3 krb5_cc_get_full_name.3 \ + krb5_ccache.3 krb5_cc_get_kdc_offset.3 \ + krb5_ccache.3 krb5_cc_get_lifetime.3 \ krb5_ccache.3 krb5_cc_get_name.3 \ krb5_ccache.3 krb5_cc_get_ops.3 \ + krb5_ccache.3 krb5_cc_get_prefix_ops.3 \ krb5_ccache.3 krb5_cc_get_principal.3 \ krb5_ccache.3 krb5_cc_get_type.3 \ krb5_ccache.3 krb5_cc_get_version.3 \ krb5_ccache.3 krb5_cc_initialize.3 \ + krb5_ccache.3 krb5_cc_last_change_time.3 \ + krb5_ccache.3 krb5_cc_move.3 \ + krb5_ccache.3 krb5_cc_new_unique.3 \ krb5_ccache.3 krb5_cc_next_cred.3 \ - krb5_ccache.3 krb5_cc_ops.3 \ krb5_ccache.3 krb5_cc_register.3 \ krb5_ccache.3 krb5_cc_remove_cred.3 \ krb5_ccache.3 krb5_cc_resolve.3 \ krb5_ccache.3 krb5_cc_retrieve_cred.3 \ + krb5_ccache.3 krb5_cc_set_config.3 \ krb5_ccache.3 krb5_cc_set_default_name.3 \ krb5_ccache.3 krb5_cc_set_flags.3 \ + krb5_ccache.3 krb5_cc_set_friendly_name.3 \ + krb5_ccache.3 krb5_cc_set_kdc_offset.3 \ + krb5_ccache.3 krb5_cc_start_seq_get.3 \ krb5_ccache.3 krb5_cc_store_cred.3 \ + krb5_ccache.3 krb5_cc_support_switch.3 \ + krb5_ccache.3 krb5_cc_switch.3 \ + krb5_ccache.3 krb5_cccol_cursor_free.3 \ + krb5_ccache.3 krb5_cccol_cursor_new.3 \ + krb5_ccache.3 krb5_cccol_cursor_next.3 \ + krb5_ccache.3 krb5_cccol_last_change_time.3 \ krb5_ccache.3 krb5_fcc_ops.3 \ + krb5_ccache.3 krb5_get_validated_creds.3 \ + krb5_ccache.3 krb5_is_config_principal.3 \ krb5_ccache.3 krb5_mcc_ops.3 \ - krb5_config.3 krb5_config_get_bool_default.3 \ - krb5_config.3 krb5_config_get_int_default.3 \ - krb5_config.3 krb5_config_get_string_default.3 \ - krb5_config.3 krb5_config_get_time_default.3 \ krb5_create_checksum.3 krb5_checksum_is_collision_proof.3 \ krb5_create_checksum.3 krb5_checksum_is_keyed.3 \ krb5_create_checksum.3 krb5_checksumsize.3 \ krb5_create_checksum.3 krb5_verify_checksum.3 \ - krb5_crypto_init.3 krb5_crypto_destroy.3 \ - krb5_data.3 krb5_copy_data.3 \ - krb5_data.3 krb5_data_alloc.3 \ - krb5_data.3 krb5_data_copy.3 \ - krb5_data.3 krb5_data_free.3 \ - krb5_data.3 krb5_data_realloc.3 \ - krb5_data.3 krb5_data_zero.3 \ - krb5_data.3 krb5_free_data.3 \ - krb5_data.3 krb5_free_data_contents.3 \ + krb5_credential.3 krb5_fwd_tgt_creds.3 \ + krb5_credential.3 krb5_get_init_creds_keyblock.3 \ + krb5_credential.3 krb5_get_init_creds_keytab.3 \ + krb5_credential.3 krb5_get_init_creds_opt_alloc.3 \ + krb5_credential.3 krb5_get_init_creds_opt_free.3 \ + krb5_credential.3 krb5_get_init_creds_password.3 \ + krb5_credential.3 krb5_init_creds_free.3 \ + krb5_credential.3 krb5_init_creds_get.3 \ + krb5_credential.3 krb5_init_creds_get_error.3 \ + krb5_credential.3 krb5_init_creds_init.3 \ + krb5_credential.3 krb5_init_creds_set_keytab.3 \ + krb5_credential.3 krb5_init_creds_set_password.3 \ + krb5_credential.3 krb5_init_creds_set_service.3 \ + krb5_credential.3 krb5_init_creds_step.3 \ + krb5_crypto.3 krb5_allow_weak_crypto.3 \ + krb5_crypto.3 krb5_cksumtype_to_enctype.3 \ + krb5_crypto.3 krb5_copy_keyblock.3 \ + krb5_crypto.3 krb5_copy_keyblock_contents.3 \ + krb5_crypto.3 krb5_create_checksum_iov.3 \ + krb5_crypto.3 krb5_crypto_destroy.3 \ + krb5_crypto.3 krb5_crypto_fx_cf2.3 \ + krb5_crypto.3 krb5_crypto_getblocksize.3 \ + krb5_crypto.3 krb5_crypto_getconfoundersize.3 \ + krb5_crypto.3 krb5_crypto_getenctype.3 \ + krb5_crypto.3 krb5_crypto_getpadsize.3 \ + krb5_crypto.3 krb5_crypto_init.3 \ + krb5_crypto.3 krb5_decrypt_iov_ivec.3 \ + krb5_crypto.3 krb5_encrypt_iov_ivec.3 \ + krb5_crypto.3 krb5_enctype_disable.3 \ + krb5_crypto.3 krb5_enctype_enable.3 \ + krb5_crypto.3 krb5_enctype_valid.3 \ + krb5_crypto.3 krb5_free_keyblock.3 \ + krb5_crypto.3 krb5_free_keyblock_contents.3 \ + krb5_crypto.3 krb5_generate_subkey_extended.3 \ + krb5_crypto.3 krb5_keyblock_get_enctype.3 \ + krb5_crypto.3 krb5_keyblock_init.3 \ + krb5_crypto.3 krb5_keyblock_zero.3 \ + krb5_crypto.3 krb5_random_to_key.3 \ + krb5_crypto.3 krb5_verify_checksum_iov.3 \ + krb5_deprecated.3 krb5_auth_getremoteseqnumber.3 \ + krb5_deprecated.3 krb5_c_enctype_compare.3 \ + krb5_deprecated.3 krb5_change_password.3 \ + krb5_deprecated.3 krb5_clear_error_string.3 \ + krb5_deprecated.3 krb5_config_parse_string_multi.3 \ + krb5_deprecated.3 krb5_enctypes_compatible_keys.3 \ + krb5_deprecated.3 krb5_free_creds_contents.3 \ + krb5_deprecated.3 krb5_free_data_contents.3 \ + krb5_deprecated.3 krb5_free_error_string.3 \ + krb5_deprecated.3 krb5_free_unparsed_name.3 \ + krb5_deprecated.3 krb5_generate_subkey.3 \ + krb5_deprecated.3 krb5_get_cred_from_kdc.3 \ + krb5_deprecated.3 krb5_get_cred_from_kdc_opt.3 \ + krb5_deprecated.3 krb5_get_in_tkt_with_keytab.3 \ + krb5_deprecated.3 krb5_get_in_tkt_with_password.3 \ + krb5_deprecated.3 krb5_get_in_tkt_with_skey.3 \ + krb5_deprecated.3 krb5_get_init_creds_opt_get_error.3 \ + krb5_deprecated.3 krb5_get_init_creds_opt_init.3 \ + krb5_deprecated.3 krb5_keytab_key_proc.3 \ + krb5_deprecated.3 krb5_keytype_to_enctypes.3 \ + krb5_deprecated.3 krb5_keytype_to_enctypes_default.3 \ + krb5_deprecated.3 krb5_keytype_to_string.3 \ + krb5_deprecated.3 krb5_password_key_proc.3 \ + krb5_deprecated.3 krb5_princ_realm.3 \ + krb5_deprecated.3 krb5_princ_set_realm.3 \ + krb5_deprecated.3 krb5_set_error_string.3 \ + krb5_deprecated.3 krb5_string_to_keytype.3 \ + krb5_deprecated.3 krb5_vset_error_string.3 \ + krb5_digest.3 krb5_digest_probe.3 \ krb5_encrypt.3 krb5_decrypt.3 \ krb5_encrypt.3 krb5_decrypt_EncryptedData.3 \ krb5_encrypt.3 krb5_encrypt_EncryptedData.3 \ + krb5_error.3 krb5_clear_error_message.3 \ + krb5_error.3 krb5_h_errno_to_heim_errno.3 \ + krb5_error.3 krb5_set_error_message.3 \ + krb5_error.3 krb5_vwarn.3 \ krb5_get_all_client_addrs.3 krb5_get_all_server_addrs.3 \ krb5_get_krbhst.3 krb5_free_krbhst.3 \ krb5_get_krbhst.3 krb5_get_krb524hst.3 \ krb5_get_krbhst.3 krb5_get_krb_admin_hst.3 \ krb5_get_krbhst.3 krb5_get_krb_changepw_hst.3 \ krb5_init_context.3 krb5_free_context.3 \ - krb5_keytab.3 krb5_keytab_entry.3 \ krb5_keytab.3 krb5_kt_add_entry.3 \ krb5_keytab.3 krb5_kt_close.3 \ krb5_keytab.3 krb5_kt_compare.3 \ krb5_keytab.3 krb5_kt_copy_entry_contents.3 \ - krb5_keytab.3 krb5_kt_cursor.3 \ krb5_keytab.3 krb5_kt_default.3 \ + krb5_keytab.3 krb5_kt_default_modify_name.3 \ krb5_keytab.3 krb5_kt_default_name.3 \ + krb5_keytab.3 krb5_kt_destroy.3 \ krb5_keytab.3 krb5_kt_end_seq_get.3 \ krb5_keytab.3 krb5_kt_free_entry.3 \ krb5_keytab.3 krb5_kt_get_entry.3 \ + krb5_keytab.3 krb5_kt_get_full_name.3 \ krb5_keytab.3 krb5_kt_get_name.3 \ krb5_keytab.3 krb5_kt_get_type.3 \ + krb5_keytab.3 krb5_kt_have_content.3 \ krb5_keytab.3 krb5_kt_next_entry.3 \ - krb5_keytab.3 krb5_kt_ops.3 \ krb5_keytab.3 krb5_kt_read_service_key.3 \ krb5_keytab.3 krb5_kt_register.3 \ krb5_keytab.3 krb5_kt_remove_entry.3 \ @@ -216,13 +373,15 @@ MLINKS= krb5_425_conv_principal.3 krb5_425_conv_principal_ext.3 \ krb5_openlog.3 krb5_log_msg.3 \ krb5_openlog.3 krb5_vlog.3 \ krb5_openlog.3 krb5_vlog_msg.3 \ - krb5_principal.3 krb5_get_default_principal.3 \ + krb5_pac.3 krb5_pac_get_buffer.3 \ + krb5_pac.3 krb5_pac_verify.3 \ krb5_principal.3 krb5_build_principal.3 \ krb5_principal.3 krb5_build_principal_ext.3 \ krb5_principal.3 krb5_build_principal_va.3 \ krb5_principal.3 krb5_build_principal_va_ext.3 \ krb5_principal.3 krb5_copy_principal.3 \ krb5_principal.3 krb5_free_principal.3 \ + krb5_principal.3 krb5_get_default_principal.3 \ krb5_principal.3 krb5_make_principal.3 \ krb5_principal.3 krb5_parse_name.3 \ krb5_principal.3 krb5_parse_name_flags.3 \ @@ -232,39 +391,114 @@ MLINKS= krb5_425_conv_principal.3 krb5_425_conv_principal_ext.3 \ krb5_principal.3 krb5_principal_compare.3 \ krb5_principal.3 krb5_principal_compare_any_realm.3 \ krb5_principal.3 krb5_principal_get_comp_string.3 \ + krb5_principal.3 krb5_principal_get_num_comp.3 \ krb5_principal.3 krb5_principal_get_realm.3 \ krb5_principal.3 krb5_principal_get_type.3 \ + krb5_principal.3 krb5_principal_is_krbtgt.3 \ krb5_principal.3 krb5_principal_match.3 \ + krb5_principal.3 krb5_principal_set_realm.3 \ krb5_principal.3 krb5_principal_set_type.3 \ krb5_principal.3 krb5_realm_compare.3 \ krb5_principal.3 krb5_sname_to_principal.3 \ krb5_principal.3 krb5_sock_to_principal.3 \ krb5_principal.3 krb5_unparse_name.3 \ - krb5_principal.3 krb5_unparse_name_flags.3 \ krb5_principal.3 krb5_unparse_name_fixed.3 \ krb5_principal.3 krb5_unparse_name_fixed_flags.3 \ krb5_principal.3 krb5_unparse_name_fixed_short.3 \ + krb5_principal.3 krb5_unparse_name_flags.3 \ krb5_principal.3 krb5_unparse_name_short.3 \ krb5_set_default_realm.3 krb5_free_host_realm.3 \ krb5_set_default_realm.3 krb5_get_default_realm.3 \ krb5_set_default_realm.3 krb5_get_default_realms.3 \ krb5_set_default_realm.3 krb5_get_host_realm.3 \ + krb5_storage.3 krb5_ret_address.3 \ + krb5_storage.3 krb5_ret_addrs.3 \ + krb5_storage.3 krb5_ret_authdata.3 \ + krb5_storage.3 krb5_ret_creds.3 \ + krb5_storage.3 krb5_ret_creds_tag.3 \ + krb5_storage.3 krb5_ret_data.3 \ + krb5_storage.3 krb5_ret_int16.3 \ + krb5_storage.3 krb5_ret_int32.3 \ + krb5_storage.3 krb5_ret_int8.3 \ + krb5_storage.3 krb5_ret_keyblock.3 \ + krb5_storage.3 krb5_ret_principal.3 \ + krb5_storage.3 krb5_ret_string.3 \ + krb5_storage.3 krb5_ret_stringz.3 \ + krb5_storage.3 krb5_ret_times.3 \ + krb5_storage.3 krb5_ret_uint16.3 \ + krb5_storage.3 krb5_ret_uint32.3 \ + krb5_storage.3 krb5_ret_uint8.3 \ + krb5_storage.3 krb5_storage_clear_flags.3 \ + krb5_storage.3 krb5_storage_emem.3 \ + krb5_storage.3 krb5_storage_free.3 \ + krb5_storage.3 krb5_storage_from_data.3 \ + krb5_storage.3 krb5_storage_from_fd.3 \ + krb5_storage.3 krb5_storage_from_mem.3 \ + krb5_storage.3 krb5_storage_from_readonly_mem.3 \ + krb5_storage.3 krb5_storage_get_byteorder.3 \ + krb5_storage.3 krb5_storage_get_eof_code.3 \ + krb5_storage.3 krb5_storage_is_flags.3 \ + krb5_storage.3 krb5_storage_read.3 \ + krb5_storage.3 krb5_storage_seek.3 \ + krb5_storage.3 krb5_storage_set_byteorder.3 \ + krb5_storage.3 krb5_storage_set_eof_code.3 \ + krb5_storage.3 krb5_storage_set_flags.3 \ + krb5_storage.3 krb5_storage_set_max_alloc.3 \ + krb5_storage.3 krb5_storage_to_data.3 \ + krb5_storage.3 krb5_storage_truncate.3 \ + krb5_storage.3 krb5_storage_write.3 \ + krb5_storage.3 krb5_store_address.3 \ + krb5_storage.3 krb5_store_addrs.3 \ + krb5_storage.3 krb5_store_authdata.3 \ + krb5_storage.3 krb5_store_creds.3 \ + krb5_storage.3 krb5_store_creds_tag.3 \ + krb5_storage.3 krb5_store_data.3 \ + krb5_storage.3 krb5_store_int16.3 \ + krb5_storage.3 krb5_store_int32.3 \ + krb5_storage.3 krb5_store_int8.3 \ + krb5_storage.3 krb5_store_keyblock.3 \ + krb5_storage.3 krb5_store_principal.3 \ + krb5_storage.3 krb5_store_string.3 \ + krb5_storage.3 krb5_store_stringz.3 \ + krb5_storage.3 krb5_store_times.3 \ + krb5_storage.3 krb5_store_uint16.3 \ + krb5_storage.3 krb5_store_uint32.3 \ + krb5_storage.3 krb5_store_uint8.3 \ + krb5_support.3 krb5_acl_match_string.3 \ + krb5_support.3 krb5_config_file_free.3 \ + krb5_support.3 krb5_config_free_strings.3 \ + krb5_support.3 krb5_config_get_bool.3 \ + krb5_support.3 krb5_config_get_bool_default.3 \ + krb5_support.3 krb5_config_get_list.3 \ + krb5_support.3 krb5_config_get_string.3 \ + krb5_support.3 krb5_config_get_string_default.3 \ + krb5_support.3 krb5_config_get_strings.3 \ + krb5_support.3 krb5_config_get_time.3 \ + krb5_support.3 krb5_config_get_time_default.3 \ + krb5_support.3 krb5_config_parse_file_multi.3 \ + krb5_support.3 krb5_config_vget_bool.3 \ + krb5_support.3 krb5_config_vget_bool_default.3 \ + krb5_support.3 krb5_config_vget_list.3 \ + krb5_support.3 krb5_config_vget_string.3 \ + krb5_support.3 krb5_config_vget_string_default.3 \ + krb5_support.3 krb5_config_vget_strings.3 \ + krb5_support.3 krb5_config_vget_time.3 \ + krb5_support.3 krb5_config_vget_time_default.3 \ + krb5_support.3 krb5_expand_hostname.3 \ + krb5_support.3 krb5_expand_hostname_realms.3 \ + krb5_support.3 krb5_free_host_realm.3 \ + krb5_support.3 krb5_kuserok.3 \ + krb5_support.3 krb5_plugin_register.3 \ + krb5_ticket.3 krb5_ticket_get_flags.3 \ krb5_timeofday.3 krb5_us_timeofday.3 \ + krb5_v4compat.3 krb524_convert_creds_kdc_ccache.3 \ krb5_verify_user.3 krb5_verify_opt_init.3 \ krb5_verify_user.3 krb5_verify_opt_set_flags.3 \ krb5_verify_user.3 krb5_verify_opt_set_keytab.3 \ krb5_verify_user.3 krb5_verify_opt_set_secure.3 \ krb5_verify_user.3 krb5_verify_opt_set_service.3 \ krb5_verify_user.3 krb5_verify_user_lrealm.3 \ - krb5_verify_user.3 krb5_verify_user_opt.3 \ - krb5_warn.3 krb5_err.3 \ - krb5_warn.3 krb5_errx.3 \ - krb5_warn.3 krb5_set_warn_dest.3 \ - krb5_warn.3 krb5_verr.3 \ - krb5_warn.3 krb5_verrx.3 \ - krb5_warn.3 krb5_vwarn.3 \ - krb5_warn.3 krb5_vwarnx.3 \ - krb5_warn.3 krb5_warnx.3 + krb5_verify_user.3 krb5_verify_user_opt.3 SRCS= acache.c \ acl.c \ @@ -280,19 +514,32 @@ SRCS= acache.c \ changepw.c \ codec.c \ config_file.c \ - config_file_netinfo.c \ constants.c \ context.c \ convert_creds.c \ copy_host_realm.c \ crc.c \ creds.c \ + crypto-aes.c \ + crypto-algs.c \ + crypto-arcfour.c \ + crypto-des-common.c \ + crypto-des.c \ + crypto-des3.c \ + crypto-evp.c \ + crypto-null.c \ + crypto-pk.c \ + crypto-rand.c \ crypto.c \ + crypto.h \ data.c \ + deprecated.c \ digest.c \ + doxygen.c \ eai_to_heim_errno.c \ error_string.c \ expand_hostname.c \ + expand_path.c \ fcache.c \ free.c \ free_host_realm.c \ @@ -305,42 +552,38 @@ SRCS= acache.c \ get_for_creds.c \ get_host_realm.c \ get_in_tkt.c \ - get_in_tkt_pw.c \ - get_in_tkt_with_keytab.c \ - get_in_tkt_with_skey.c \ get_port.c \ - heim_threads.h \ init_creds.c \ init_creds_pw.c \ kcm.c \ - kcm.h \ keyblock.c \ keytab.c \ keytab_any.c \ keytab_file.c \ keytab_keyfile.c \ - keytab_krb4.c \ keytab_memory.c \ - krb5_locl.h \ krb5-v4compat.h \ + krb5_locl.h \ krbhst.c \ kuserok.c \ log.c \ mcache.c \ misc.c \ + mit_glue.c \ mk_error.c \ mk_priv.c \ mk_rep.c \ mk_req.c \ mk_req_ext.c \ mk_safe.c \ - mit_glue.c \ n-fold.c \ net_read.c \ net_write.c \ pac.c \ padata.c \ + pcache.c \ pkinit.c \ + plugin.c \ principal.c \ prog_setup.c \ prompter_posix.c \ @@ -353,20 +596,24 @@ SRCS= acache.c \ read_message.c \ recvauth.c \ replay.c \ + salt-aes.c \ + salt-arcfour.c \ + salt-des.c \ + salt-des3.c \ + salt.c \ + scache.c \ send_to_kdc.c \ sendauth.c \ set_default_realm.c \ sock_principal.c \ + store-int.c \ store.c \ - store-int.h \ store_emem.c \ store_fd.c \ store_mem.c \ - plugin.c \ ticket.c \ time.c \ transited.c \ - v4_glue.c \ verify_init.c \ verify_user.c \ version.c \ @@ -375,8 +622,6 @@ SRCS= acache.c \ SRCS+= heim_err.c \ heim_err.h \ - hx509_err.c \ - hx509_err.h \ k524_err.c \ k524_err.h \ krb5_err.c \ @@ -384,8 +629,12 @@ SRCS+= heim_err.c \ krb_err.c \ krb_err.h -CFLAGS+=-I${KRB5DIR}/lib/krb5 -I${KRB5DIR}/lib/asn1 -I${KRB5DIR}/lib/roken -I. +CFLAGS+= -I${KRB5DIR}/lib/krb5 \ + -I${KRB5DIR}/lib/asn1 \ + -I${KRB5DIR}/lib/roken \ + -I${KRB5DIR}/lib/ipc \ + -I${KRB5DIR}/base -I. .include <bsd.lib.mk> -.PATH: ${KRB5DIR}/lib/krb5 ${KRB5DIR}/lib/asn1 ${.CURDIR}/../../include +.PATH: ${KRB5DIR}/lib/krb5 ${KRB5DIR}/lib/asn1 ${KRB5DIR}/include ${.CURDIR}/../../include ${KRB5DIR}/doc/doxyout/krb5/man/man3/ diff --git a/kerberos5/lib/libroken/Makefile b/kerberos5/lib/libroken/Makefile index c88e1ce..29e3082 100644 --- a/kerberos5/lib/libroken/Makefile +++ b/kerberos5/lib/libroken/Makefile @@ -3,69 +3,89 @@ LIB= roken LDADD= -lcrypt DPADD= ${LIBCRYPT} -INCS= roken.h roken-common.h +VERSION_MAP= ${KRB5DIR}/lib/roken/version-script.map +INCS= roken.h \ + roken-common.h \ + base64.h \ + getarg.h \ + hex.h \ + parse_bytes.h \ + parse_time.h \ + parse_units.h \ + resolve.h \ + rtbl.h \ + xdbm.h SRCS= base64.c \ - bswap.c \ - concat.c \ copyhostent.c \ - dumpdata.c \ ecalloc.c \ emalloc.c \ + erealloc.c \ + estrdup.c \ + strlwr.c \ + strsep_copy.c \ + strupr.c \ + bswap.c \ + cloexec.c \ + concat.c \ + ct.c \ + doxygen.c \ + dumpdata.c \ environment.c \ eread.c \ - erealloc.c \ esetenv.c \ - estrdup.c \ ewrite.c \ get_default_username.c \ get_window_size.c \ getaddrinfo_hostspec.c \ getarg.c \ getnameinfo_verified.c \ + getprogname.c \ + h_errno.c \ hex.c \ hostent_find_fqdn.c \ issuid.c \ k_getpwnam.c \ k_getpwuid.c \ mini_inetd.c \ - ndbm_wrap.c \ net_read.c \ net_write.c \ parse_bytes.c \ parse_time.c \ parse_units.c \ + qsort.c \ + rand.c \ + realloc.c \ resolve.c \ roken.h \ roken_gethostby.c \ rtbl.c \ + setprogname.c \ + signal.c \ simple_exec.c \ snprintf.c \ socket.c \ strcollect.c \ - strlwr.c \ - strndup.c \ - strnlen.c \ + strerror_r.c \ strpool.c \ - strsep_copy.c \ - strupr.c \ timeval.c \ tm2time.c \ unvis.c \ verify.c \ vis.c \ warnerr.c \ - write_pid.c + write_pid.c \ + xfree.c +CPPFLAGS+= -DBUILD_ROKEN_LIB CFLAGS+=-I${KRB5DIR}/lib/roken -I. CLEANFILES= roken.h -roken.h: ../../tools/make-roken/make-roken - ../../tools/make-roken/make-roken > ${.TARGET} +MAKE_ROKEN= make-roken -../../tools/make-roken/make-roken: - cd ${.CURDIR}/../../tools/make-roken && ${MAKE} +roken.h: + ${MAKE_ROKEN} > ${.TARGET} .include <bsd.lib.mk> diff --git a/kerberos5/lib/libvers/Makefile b/kerberos5/lib/libvers/Makefile index 1b91ac1..36dff0d 100644 --- a/kerberos5/lib/libvers/Makefile +++ b/kerberos5/lib/libvers/Makefile @@ -2,16 +2,15 @@ LIB= vers INTERNALLIB= -SRCS= print_version.c print_version.h -CFLAGS+=-I. +SRCS= print_version.c roken.h +CFLAGS+=-I. -I${KRB5DIR}/lib/roken -CLEANFILES= print_version.h +CLEANFILES= roken.h print_version.h -print_version.h: ../../tools/make-print-version/make-print-version - ../../tools/make-print-version/make-print-version ${.TARGET} +MAKE_ROKEN= make-roken -../../tools/make-print-version/make-print-version: - cd ${.CURDIR}/../../tools/make-print-version && ${MAKE} +roken.h: + ${MAKE_ROKEN} > ${.TARGET} .include <bsd.lib.mk> diff --git a/kerberos5/lib/libwind/Makefile b/kerberos5/lib/libwind/Makefile new file mode 100644 index 0000000..6d0b9c0 --- /dev/null +++ b/kerberos5/lib/libwind/Makefile @@ -0,0 +1,35 @@ +#$FreeBSD$ + +LIB= wind +LDFLAGS= -Wl,--no-undefined +VERSION_MAP= ${KRB5DIR}/lib/wind/version-script.map +LDADD= -lcom_err -lroken +DPADD= ${LIBCOM_ERR} ${LIBROKEN} + +INCS= wind.h \ + wind_err.h + +SRCS= bidi.c \ + bidi_table.c \ + combining.c \ + combining_table.c \ + doxygen.c \ + errorlist.c \ + errorlist_table.c \ + ldap.c \ + map.c \ + map_table.c \ + normalize.c \ + normalize_table.c \ + punycode.c \ + stringprep.c \ + utf8.c + +SRCS+= wind_err.c \ + wind_err.h + +CFLAGS+=-I${KRB5DIR}/lib/roken -I. + +.include <bsd.lib.mk> + +.PATH: ${KRB5DIR}/lib/wind |
