diff options
Diffstat (limited to 'crypto/heimdal/kdc')
-rw-r--r-- | crypto/heimdal/kdc/524.c | 7 | ||||
-rw-r--r-- | crypto/heimdal/kdc/Makefile.am | 16 | ||||
-rw-r--r-- | crypto/heimdal/kdc/Makefile.in | 517 | ||||
-rw-r--r-- | crypto/heimdal/kdc/config.c | 26 | ||||
-rw-r--r-- | crypto/heimdal/kdc/connect.c | 12 | ||||
-rw-r--r-- | crypto/heimdal/kdc/headers.h | 9 | ||||
-rw-r--r-- | crypto/heimdal/kdc/hprop.8 | 29 | ||||
-rw-r--r-- | crypto/heimdal/kdc/hprop.c | 199 | ||||
-rw-r--r-- | crypto/heimdal/kdc/hpropd.8 | 4 | ||||
-rw-r--r-- | crypto/heimdal/kdc/hpropd.c | 11 | ||||
-rw-r--r-- | crypto/heimdal/kdc/kaserver.c | 29 | ||||
-rw-r--r-- | crypto/heimdal/kdc/kdc_locl.h | 12 | ||||
-rw-r--r-- | crypto/heimdal/kdc/kerberos4.c | 48 | ||||
-rw-r--r-- | crypto/heimdal/kdc/kerberos5.c | 10 | ||||
-rw-r--r-- | crypto/heimdal/kdc/kstash.8 | 4 |
15 files changed, 444 insertions, 489 deletions
diff --git a/crypto/heimdal/kdc/524.c b/crypto/heimdal/kdc/524.c index ebe747f..6d7d595 100644 --- a/crypto/heimdal/kdc/524.c +++ b/crypto/heimdal/kdc/524.c @@ -33,7 +33,7 @@ #include "kdc_locl.h" -RCSID("$Id: 524.c,v 1.20 2001/05/14 06:17:47 assar Exp $"); +RCSID("$Id: 524.c,v 1.23 2001/08/17 07:48:49 joda Exp $"); #ifdef KRB4 @@ -258,9 +258,9 @@ do_524(const Ticket *t, krb5_data *reply, kdc_log(0, "Failed to encode v4 ticket (%s)", spn); goto out; } - ret = get_des_key(server, FALSE, &skey); + ret = get_des_key(server, TRUE, FALSE, &skey); if(ret){ - kdc_log(0, "No DES key for server (%s)", spn); + kdc_log(0, "no suitable DES key for server (%s)", spn); goto out; } ret = encrypt_v4_ticket(buf + sizeof(buf) - len, len, @@ -283,6 +283,7 @@ out: free_EncryptedData(&ticket); } ret = krb5_storage_to_data(sp, reply); + reply->length = (*sp->seek)(sp, 0, SEEK_CUR); krb5_storage_free(sp); if(spn) diff --git a/crypto/heimdal/kdc/Makefile.am b/crypto/heimdal/kdc/Makefile.am index 674ec4d..3bb00f8 100644 --- a/crypto/heimdal/kdc/Makefile.am +++ b/crypto/heimdal/kdc/Makefile.am @@ -1,8 +1,8 @@ -# $Id: Makefile.am,v 1.41 2000/11/15 22:51:12 assar Exp $ +# $Id: Makefile.am,v 1.43 2001/08/28 08:31:27 assar Exp $ include $(top_srcdir)/Makefile.am.common -INCLUDES += $(INCLUDE_krb4) -I$(srcdir)/../lib/krb5 +INCLUDES += $(INCLUDE_krb4) $(INCLUDE_des) -I$(srcdir)/../lib/krb5 bin_PROGRAMS = string2key @@ -19,19 +19,21 @@ kstash_SOURCES = kstash.c headers.h string2key_SOURCES = string2key.c headers.h +if KRB4 +krb4_sources = 524.c kerberos4.c kaserver.c rx.h +else +krb4_sources = +endif + kdc_SOURCES = \ - 524.c \ config.c \ connect.c \ - kaserver.c \ kdc_locl.h \ - kerberos4.c \ - kerberos4.h \ kerberos5.c \ log.c \ main.c \ misc.c \ - rx.h + $(krb4_sources) hprop_LDADD = \ diff --git a/crypto/heimdal/kdc/Makefile.in b/crypto/heimdal/kdc/Makefile.in index 90d7e04..8716748 100644 --- a/crypto/heimdal/kdc/Makefile.in +++ b/crypto/heimdal/kdc/Makefile.in @@ -1,6 +1,6 @@ -# Makefile.in generated automatically by automake 1.4b from Makefile.am +# Makefile.in generated automatically by automake 1.5 from Makefile.am. -# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000 +# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001 # Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, @@ -11,6 +11,16 @@ # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. +@SET_MAKE@ + +# $Id: Makefile.am,v 1.43 2001/08/28 08:31:27 assar Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.31 2001/09/01 11:12:18 assar Exp $ + SHELL = @SHELL@ srcdir = @srcdir@ @@ -31,11 +41,9 @@ infodir = @infodir@ mandir = @mandir@ includedir = @includedir@ oldincludedir = /usr/include - pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ - top_builddir = .. ACLOCAL = @ACLOCAL@ @@ -47,21 +55,17 @@ INSTALL = @INSTALL@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_FLAG = +INSTALL_HEADER = $(INSTALL_DATA) transform = @program_transform_name@ - NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : - -@SET_MAKE@ host_alias = @host_alias@ host_triplet = @host@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ -AMDEP = @AMDEP@ AMTAR = @AMTAR@ AS = @AS@ AWK = @AWK@ @@ -69,11 +73,11 @@ CANONICAL_HOST = @CANONICAL_HOST@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +COMPILE_ET = @COMPILE_ET@ CPP = @CPP@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ DBLIB = @DBLIB@ DEPDIR = @DEPDIR@ +DIR_com_err = @DIR_com_err@ DIR_des = @DIR_des@ DIR_roken = @DIR_roken@ DLLTOOL = @DLLTOOL@ @@ -82,20 +86,27 @@ EXTRA_LIB45 = @EXTRA_LIB45@ GROFF = @GROFF@ INCLUDES_roken = @INCLUDES_roken@ INCLUDE_ = @INCLUDE_@ +INCLUDE_des = @INCLUDE_des@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ LEX = @LEX@ LIBOBJS = @LIBOBJS@ LIBTOOL = @LIBTOOL@ LIB_ = @LIB_@ LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_NDBM = @LIB_NDBM@ +LIB_com_err = @LIB_com_err@ +LIB_com_err_a = @LIB_com_err_a@ +LIB_com_err_so = @LIB_com_err_so@ LIB_des = @LIB_des@ +LIB_des_a = @LIB_des_a@ LIB_des_appl = @LIB_des_appl@ +LIB_des_so = @LIB_des_so@ LIB_kdb = @LIB_kdb@ LIB_otp = @LIB_otp@ LIB_roken = @LIB_roken@ LIB_security = @LIB_security@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ -MAKEINFO = @MAKEINFO@ NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ NROFF = @NROFF@ @@ -103,38 +114,32 @@ OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ RANLIB = @RANLIB@ -STRIP = @STRIP@ VERSION = @VERSION@ VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ +X_CFLAGS = @X_CFLAGS@ +X_EXTRA_LIBS = @X_EXTRA_LIBS@ +X_LIBS = @X_LIBS@ +X_PRE_LIBS = @X_PRE_LIBS@ YACC = @YACC@ +am__include = @am__include@ +am__quote = @am__quote@ dpagaix_CFLAGS = @dpagaix_CFLAGS@ dpagaix_LDADD = @dpagaix_LDADD@ install_sh = @install_sh@ -# $Id: Makefile.am,v 1.41 2000/11/15 22:51:12 assar Exp $ - - -# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ - - -# $Id: Makefile.am.common,v 1.26 2001/05/21 13:27:48 joda Exp $ - - -AUTOMAKE_OPTIONS = foreign no-dependencies +AUTOMAKE_OPTIONS = foreign no-dependencies 1.4b SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x -INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken) $(INCLUDE_krb4) -I$(srcdir)/../lib/krb5 +INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken) $(INCLUDE_krb4) $(INCLUDE_des) -I$(srcdir)/../lib/krb5 -AM_CFLAGS = $(WFLAGS) +AM_CFLAGS = $(WFLAGS) CP = cp -COMPILE_ET = $(top_builddir)/lib/com_err/compile_et - buildinclude = $(top_builddir)/include LIB_XauReadAuth = @LIB_XauReadAuth@ @@ -152,8 +157,8 @@ LIB_getsockopt = @LIB_getsockopt@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ LIB_odm_initialize = @LIB_odm_initialize@ +LIB_openpty = @LIB_openpty@ LIB_pidfile = @LIB_pidfile@ -LIB_readline = @LIB_readline@ LIB_res_search = @LIB_res_search@ LIB_setpcred = @LIB_setpcred@ LIB_setsockopt = @LIB_setsockopt@ @@ -175,18 +180,20 @@ INCLUDE_openldap = @INCLUDE_openldap@ LIB_openldap = @LIB_openldap@ INCLUDE_readline = @INCLUDE_readline@ +LIB_readline = @LIB_readline@ LEXLIB = @LEXLIB@ NROFF_MAN = groff -mandoc -Tascii -@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) +@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \ +@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ @KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la -@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la -@DCE_TRUE@LIB_kdfs = @DCE_TRUE@$(top_builddir)/lib/kdfs/libkdfs.la +@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la + +@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la CHECK_LOCAL = $(PROGRAMS) @@ -205,19 +212,18 @@ kstash_SOURCES = kstash.c headers.h string2key_SOURCES = string2key.c headers.h +@KRB4_TRUE@krb4_sources = 524.c kerberos4.c kaserver.c rx.h +@KRB4_FALSE@krb4_sources = + kdc_SOURCES = \ - 524.c \ config.c \ connect.c \ - kaserver.c \ kdc_locl.h \ - kerberos4.c \ - kerberos4.h \ kerberos5.c \ log.c \ main.c \ misc.c \ - rx.h + $(krb4_sources) hprop_LDADD = \ @@ -255,215 +261,204 @@ LDADD = $(top_builddir)/lib/hdb/libhdb.la \ kdc_LDADD = $(LDADD) $(LIB_pidfile) subdir = kdc mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs -CONFIG_HEADER = ../include/config.h -CONFIG_CLEAN_FILES = -bin_PROGRAMS = string2key$(EXEEXT) -libexec_PROGRAMS = hprop$(EXEEXT) hpropd$(EXEEXT) kdc$(EXEEXT) -sbin_PROGRAMS = kstash$(EXEEXT) -PROGRAMS = $(bin_PROGRAMS) $(libexec_PROGRAMS) $(sbin_PROGRAMS) - +CONFIG_HEADER = $(top_builddir)/include/config.h +CONFIG_CLEAN_FILES = +bin_PROGRAMS = string2key$(EXEEXT) +libexec_PROGRAMS = hprop$(EXEEXT) hpropd$(EXEEXT) kdc$(EXEEXT) +sbin_PROGRAMS = kstash$(EXEEXT) +PROGRAMS = $(bin_PROGRAMS) $(libexec_PROGRAMS) $(sbin_PROGRAMS) + +am_hprop_OBJECTS = hprop.$(OBJEXT) mit_dump.$(OBJEXT) v4_dump.$(OBJEXT) +hprop_OBJECTS = $(am_hprop_OBJECTS) +hprop_DEPENDENCIES = $(top_builddir)/lib/hdb/libhdb.la \ + $(top_builddir)/lib/krb5/libkrb5.la \ + $(top_builddir)/lib/asn1/libasn1.la +hprop_LDFLAGS = +am_hpropd_OBJECTS = hpropd.$(OBJEXT) +hpropd_OBJECTS = $(am_hpropd_OBJECTS) +hpropd_DEPENDENCIES = $(top_builddir)/lib/hdb/libhdb.la \ + $(top_builddir)/lib/krb5/libkrb5.la \ + $(top_builddir)/lib/asn1/libasn1.la +hpropd_LDFLAGS = +@KRB4_TRUE@am_kdc_OBJECTS = config.$(OBJEXT) connect.$(OBJEXT) \ +@KRB4_TRUE@ kerberos5.$(OBJEXT) log.$(OBJEXT) main.$(OBJEXT) \ +@KRB4_TRUE@ misc.$(OBJEXT) 524.$(OBJEXT) kerberos4.$(OBJEXT) \ +@KRB4_TRUE@ kaserver.$(OBJEXT) +@KRB4_FALSE@am_kdc_OBJECTS = config.$(OBJEXT) connect.$(OBJEXT) \ +@KRB4_FALSE@ kerberos5.$(OBJEXT) log.$(OBJEXT) main.$(OBJEXT) \ +@KRB4_FALSE@ misc.$(OBJEXT) +kdc_OBJECTS = $(am_kdc_OBJECTS) +kdc_DEPENDENCIES = $(top_builddir)/lib/hdb/libhdb.la \ + $(top_builddir)/lib/krb5/libkrb5.la \ + $(top_builddir)/lib/asn1/libasn1.la +kdc_LDFLAGS = +am_kstash_OBJECTS = kstash.$(OBJEXT) +kstash_OBJECTS = $(am_kstash_OBJECTS) +kstash_LDADD = $(LDADD) +kstash_DEPENDENCIES = $(top_builddir)/lib/hdb/libhdb.la \ + $(top_builddir)/lib/krb5/libkrb5.la \ + $(top_builddir)/lib/asn1/libasn1.la +kstash_LDFLAGS = +am_string2key_OBJECTS = string2key.$(OBJEXT) +string2key_OBJECTS = $(am_string2key_OBJECTS) +string2key_LDADD = $(LDADD) +string2key_DEPENDENCIES = $(top_builddir)/lib/hdb/libhdb.la \ + $(top_builddir)/lib/krb5/libkrb5.la \ + $(top_builddir)/lib/asn1/libasn1.la +string2key_LDFLAGS = -DEFS = @DEFS@ -I. -I$(srcdir) -I../include +DEFS = @DEFS@ +DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include CPPFLAGS = @CPPFLAGS@ LDFLAGS = @LDFLAGS@ -X_CFLAGS = @X_CFLAGS@ -X_LIBS = @X_LIBS@ -X_EXTRA_LIBS = @X_EXTRA_LIBS@ -X_PRE_LIBS = @X_PRE_LIBS@ -am_hprop_OBJECTS = hprop.$(OBJEXT) mit_dump.$(OBJEXT) v4_dump.$(OBJEXT) -hprop_OBJECTS = $(am_hprop_OBJECTS) -hprop_DEPENDENCIES = $(top_builddir)/lib/hdb/libhdb.la \ -$(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la -hprop_LDFLAGS = -am_hpropd_OBJECTS = hpropd.$(OBJEXT) -hpropd_OBJECTS = $(am_hpropd_OBJECTS) -hpropd_DEPENDENCIES = $(top_builddir)/lib/hdb/libhdb.la \ -$(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la -hpropd_LDFLAGS = -am_kdc_OBJECTS = 524.$(OBJEXT) config.$(OBJEXT) connect.$(OBJEXT) \ -kaserver.$(OBJEXT) kerberos4.$(OBJEXT) kerberos5.$(OBJEXT) \ -log.$(OBJEXT) main.$(OBJEXT) misc.$(OBJEXT) -kdc_OBJECTS = $(am_kdc_OBJECTS) -kdc_DEPENDENCIES = $(top_builddir)/lib/hdb/libhdb.la \ -$(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la -kdc_LDFLAGS = -am_kstash_OBJECTS = kstash.$(OBJEXT) -kstash_OBJECTS = $(am_kstash_OBJECTS) -kstash_LDADD = $(LDADD) -kstash_DEPENDENCIES = $(top_builddir)/lib/hdb/libhdb.la \ -$(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la -kstash_LDFLAGS = -am_string2key_OBJECTS = string2key.$(OBJEXT) -string2key_OBJECTS = $(am_string2key_OBJECTS) -string2key_LDADD = $(LDADD) -string2key_DEPENDENCIES = $(top_builddir)/lib/hdb/libhdb.la \ -$(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la -string2key_LDFLAGS = -COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CFLAGS = @CFLAGS@ +depcomp = +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) \ + $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) CCLD = $(CC) -LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ -DIST_SOURCES = $(hprop_SOURCES) $(hpropd_SOURCES) $(kdc_SOURCES) \ -$(kstash_SOURCES) $(string2key_SOURCES) -man8dir = $(mandir)/man8 -MANS = $(man_MANS) -depcomp = -DIST_COMMON = Makefile.am Makefile.in - - -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(AM_LDFLAGS) $(LDFLAGS) -o $@ +CFLAGS = @CFLAGS@ +DIST_SOURCES = $(hprop_SOURCES) $(hpropd_SOURCES) $(kdc_SOURCES) \ + $(kstash_SOURCES) $(string2key_SOURCES) -GZIP_ENV = --best +NROFF = nroff +MANS = $(man_MANS) +DIST_COMMON = Makefile.am Makefile.in SOURCES = $(hprop_SOURCES) $(hpropd_SOURCES) $(kdc_SOURCES) $(kstash_SOURCES) $(string2key_SOURCES) -OBJECTS = $(am_hprop_OBJECTS) $(am_hpropd_OBJECTS) $(am_kdc_OBJECTS) $(am_kstash_OBJECTS) $(am_string2key_OBJECTS) -all: all-redirect +all: all-am + .SUFFIXES: .SUFFIXES: .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x .c .lo .o .obj -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common - cd $(top_srcdir) && $(AUTOMAKE) --foreign kdc/Makefile - -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - cd $(top_builddir) \ - && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status - - -mostlyclean-binPROGRAMS: -clean-binPROGRAMS: - -test -z "$(bin_PROGRAMS)" || rm -f $(bin_PROGRAMS) - -distclean-binPROGRAMS: +mostlyclean-libtool: + -rm -f *.lo -maintainer-clean-binPROGRAMS: +clean-libtool: + -rm -rf .libs _libs +distclean-libtool: + -rm -f libtool +$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(top_srcdir)/configure.in $(ACLOCAL_M4) + cd $(top_srcdir) && \ + $(AUTOMAKE) --foreign kdc/Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + cd $(top_builddir) && \ + CONFIG_HEADERS= CONFIG_LINKS= \ + CONFIG_FILES=$(subdir)/$@ $(SHELL) ./config.status install-binPROGRAMS: $(bin_PROGRAMS) @$(NORMAL_INSTALL) $(mkinstalldirs) $(DESTDIR)$(bindir) @list='$(bin_PROGRAMS)'; for p in $$list; do \ - if test -f $$p; then \ - f="`echo $$p|sed -e 's/$(EXEEXT)$$//' -e '$(transform)' -e 's/$$/$(EXEEXT)/'`"; \ - echo " $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(bindir)/$$f"; \ - $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(bindir)/$$f; \ + p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ + if test -f $$p \ + || test -f $$p1 \ + ; then \ + f=`echo $$p1|sed '$(transform);s/$$/$(EXEEXT)/'`; \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(bindir)/$$f"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(bindir)/$$f; \ else :; fi; \ done uninstall-binPROGRAMS: @$(NORMAL_UNINSTALL) @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f="`echo $$p|sed -e 's/$(EXEEXT)$$//' -e '$(transform)' -e 's/$$/$(EXEEXT)/'`"; \ + f=`echo $$p|sed 's/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ echo " rm -f $(DESTDIR)$(bindir)/$$f"; \ rm -f $(DESTDIR)$(bindir)/$$f; \ done -mostlyclean-libexecPROGRAMS: - -clean-libexecPROGRAMS: - -test -z "$(libexec_PROGRAMS)" || rm -f $(libexec_PROGRAMS) - -distclean-libexecPROGRAMS: - -maintainer-clean-libexecPROGRAMS: - +clean-binPROGRAMS: + -test -z "$(bin_PROGRAMS)" || rm -f $(bin_PROGRAMS) install-libexecPROGRAMS: $(libexec_PROGRAMS) @$(NORMAL_INSTALL) $(mkinstalldirs) $(DESTDIR)$(libexecdir) @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - if test -f $$p; then \ - f="`echo $$p|sed -e 's/$(EXEEXT)$$//' -e '$(transform)' -e 's/$$/$(EXEEXT)/'`"; \ - echo " $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libexecdir)/$$f"; \ - $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libexecdir)/$$f; \ + p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ + if test -f $$p \ + || test -f $$p1 \ + ; then \ + f=`echo $$p1|sed '$(transform);s/$$/$(EXEEXT)/'`; \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(libexecdir)/$$f"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(libexecdir)/$$f; \ else :; fi; \ done uninstall-libexecPROGRAMS: @$(NORMAL_UNINSTALL) @list='$(libexec_PROGRAMS)'; for p in $$list; do \ - f="`echo $$p|sed -e 's/$(EXEEXT)$$//' -e '$(transform)' -e 's/$$/$(EXEEXT)/'`"; \ + f=`echo $$p|sed 's/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ echo " rm -f $(DESTDIR)$(libexecdir)/$$f"; \ rm -f $(DESTDIR)$(libexecdir)/$$f; \ done -mostlyclean-sbinPROGRAMS: - -clean-sbinPROGRAMS: - -test -z "$(sbin_PROGRAMS)" || rm -f $(sbin_PROGRAMS) - -distclean-sbinPROGRAMS: - -maintainer-clean-sbinPROGRAMS: - +clean-libexecPROGRAMS: + -test -z "$(libexec_PROGRAMS)" || rm -f $(libexec_PROGRAMS) install-sbinPROGRAMS: $(sbin_PROGRAMS) @$(NORMAL_INSTALL) $(mkinstalldirs) $(DESTDIR)$(sbindir) @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - if test -f $$p; then \ - f="`echo $$p|sed -e 's/$(EXEEXT)$$//' -e '$(transform)' -e 's/$$/$(EXEEXT)/'`"; \ - echo " $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(sbindir)/$$f"; \ - $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(sbindir)/$$f; \ + p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ + if test -f $$p \ + || test -f $$p1 \ + ; then \ + f=`echo $$p1|sed '$(transform);s/$$/$(EXEEXT)/'`; \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(sbindir)/$$f"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(sbindir)/$$f; \ else :; fi; \ done uninstall-sbinPROGRAMS: @$(NORMAL_UNINSTALL) @list='$(sbin_PROGRAMS)'; for p in $$list; do \ - f="`echo $$p|sed -e 's/$(EXEEXT)$$//' -e '$(transform)' -e 's/$$/$(EXEEXT)/'`"; \ + f=`echo $$p|sed 's/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ echo " rm -f $(DESTDIR)$(sbindir)/$$f"; \ rm -f $(DESTDIR)$(sbindir)/$$f; \ done -mostlyclean-compile: - -rm -f *.o core *.core - -rm -f *.$(OBJEXT) - -clean-compile: - -distclean-compile: - -rm -f *.tab.c - -maintainer-clean-compile: - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs - -distclean-libtool: - -maintainer-clean-libtool: - -hprop$(EXEEXT): $(hprop_OBJECTS) $(hprop_DEPENDENCIES) +clean-sbinPROGRAMS: + -test -z "$(sbin_PROGRAMS)" || rm -f $(sbin_PROGRAMS) +hprop$(EXEEXT): $(hprop_OBJECTS) $(hprop_DEPENDENCIES) @rm -f hprop$(EXEEXT) $(LINK) $(hprop_LDFLAGS) $(hprop_OBJECTS) $(hprop_LDADD) $(LIBS) - -hpropd$(EXEEXT): $(hpropd_OBJECTS) $(hpropd_DEPENDENCIES) +hpropd$(EXEEXT): $(hpropd_OBJECTS) $(hpropd_DEPENDENCIES) @rm -f hpropd$(EXEEXT) $(LINK) $(hpropd_LDFLAGS) $(hpropd_OBJECTS) $(hpropd_LDADD) $(LIBS) - -kdc$(EXEEXT): $(kdc_OBJECTS) $(kdc_DEPENDENCIES) +kdc$(EXEEXT): $(kdc_OBJECTS) $(kdc_DEPENDENCIES) @rm -f kdc$(EXEEXT) $(LINK) $(kdc_LDFLAGS) $(kdc_OBJECTS) $(kdc_LDADD) $(LIBS) - -kstash$(EXEEXT): $(kstash_OBJECTS) $(kstash_DEPENDENCIES) +kstash$(EXEEXT): $(kstash_OBJECTS) $(kstash_DEPENDENCIES) @rm -f kstash$(EXEEXT) $(LINK) $(kstash_LDFLAGS) $(kstash_OBJECTS) $(kstash_LDADD) $(LIBS) - -string2key$(EXEEXT): $(string2key_OBJECTS) $(string2key_DEPENDENCIES) +string2key$(EXEEXT): $(string2key_OBJECTS) $(string2key_DEPENDENCIES) @rm -f string2key$(EXEEXT) $(LINK) $(string2key_LDFLAGS) $(string2key_OBJECTS) $(string2key_LDADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) core *.core + +distclean-compile: + -rm -f *.tab.c + .c.o: - $(COMPILE) -c $< + $(COMPILE) -c `test -f $< || echo '$(srcdir)/'`$< + .c.obj: $(COMPILE) -c `cygpath -w $<` + .c.lo: - $(LTCOMPILE) -c -o $@ $< + $(LTCOMPILE) -c -o $@ `test -f $< || echo '$(srcdir)/'`$< +uninstall-info-am: -install-man8: +man8dir = $(mandir)/man8 +install-man8: $(man8_MANS) $(man_MANS) + @$(NORMAL_INSTALL) $(mkinstalldirs) $(DESTDIR)$(man8dir) - @list='$(man8_MANS)'; \ - l2='$(man_MANS)'; for i in $$l2; do \ + @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ + l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ + for i in $$l2; do \ case "$$i" in \ *.8*) list="$$list $$i" ;; \ esac; \ @@ -478,10 +473,11 @@ install-man8: echo " $(INSTALL_DATA) $$file $(DESTDIR)$(man8dir)/$$inst"; \ $(INSTALL_DATA) $$file $(DESTDIR)$(man8dir)/$$inst; \ done - uninstall-man8: - @list='$(man8_MANS)'; \ - l2='$(man_MANS)'; for i in $$l2; do \ + @$(NORMAL_UNINSTALL) + @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ + l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ + for i in $$l2; do \ case "$$i" in \ *.8*) list="$$list $$i" ;; \ esac; \ @@ -494,12 +490,6 @@ uninstall-man8: echo " rm -f $(DESTDIR)$(man8dir)/$$inst"; \ rm -f $(DESTDIR)$(man8dir)/$$inst; \ done -install-man: $(MANS) - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-man8 -uninstall-man: - @$(NORMAL_UNINSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-man8 tags: TAGS @@ -528,22 +518,23 @@ TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ GTAGS: here=`CDPATH=: && cd $(top_builddir) && pwd` \ && cd $(top_srcdir) \ - && gtags -i $$here - -mostlyclean-tags: - -clean-tags: + && gtags -i $(GTAGS_ARGS) $$here distclean-tags: - -rm -f TAGS ID + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH -maintainer-clean-tags: +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) +top_distdir = .. +distdir = $(top_distdir)/$(PACKAGE)-$(VERSION) distdir: $(DISTFILES) @for file in $(DISTFILES); do \ - d=$(srcdir); \ + if test -f $$file; then d=.; else d=$(srcdir); fi; \ + dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test "$$dir" != "$$file" && test "$$dir" != "."; then \ + $(mkinstalldirs) "$(distdir)/$$dir"; \ + fi; \ if test -d $$d/$$file; then \ cp -pR $$d/$$file $(distdir) \ || exit 1; \ @@ -553,99 +544,100 @@ distdir: $(DISTFILES) || exit 1; \ fi; \ done - $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook -info-am: -info: info-am -dvi-am: -dvi: dvi-am + $(MAKE) $(AM_MAKEFLAGS) \ + top_distdir="${top_distdir}" distdir="$(distdir)" \ + dist-hook check-am: all-am $(MAKE) $(AM_MAKEFLAGS) check-local check: check-am -installcheck-am: -installcheck: installcheck-am -install-exec-am: install-binPROGRAMS install-libexecPROGRAMS \ - install-sbinPROGRAMS - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook -install-exec: install-exec-am +all-am: Makefile $(PROGRAMS) $(MANS) all-local -install-data-am: install-man install-data-local -install-data: install-data-am +installdirs: + $(mkinstalldirs) $(DESTDIR)$(bindir) $(DESTDIR)$(libexecdir) $(DESTDIR)$(sbindir) $(DESTDIR)$(man8dir) -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am install: install-am -uninstall-am: uninstall-binPROGRAMS uninstall-libexecPROGRAMS \ - uninstall-sbinPROGRAMS uninstall-man +install-exec: install-exec-am +install-data: install-data-am uninstall: uninstall-am -all-am: Makefile $(PROGRAMS) $(MANS) all-local -all-redirect: all-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install -installdirs: - $(mkinstalldirs) $(DESTDIR)$(bindir) $(DESTDIR)$(libexecdir) \ - $(DESTDIR)$(sbindir) $(DESTDIR)$(mandir)/man8 +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am +installcheck: installcheck-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + `test -z '$(STRIP)' || \ + echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install mostlyclean-generic: clean-generic: distclean-generic: - -rm -f Makefile $(CONFIG_CLEAN_FILES) - -rm -f config.cache config.log stamp-h stamp-h[0-9]* + -rm -f Makefile $(CONFIG_CLEAN_FILES) stamp-h stamp-h[0-9]* maintainer-clean-generic: - -rm -f Makefile.in -mostlyclean-am: mostlyclean-binPROGRAMS mostlyclean-libexecPROGRAMS \ - mostlyclean-sbinPROGRAMS mostlyclean-compile \ - mostlyclean-libtool mostlyclean-tags \ - mostlyclean-generic + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am -mostlyclean: mostlyclean-am +clean-am: clean-binPROGRAMS clean-generic clean-libexecPROGRAMS \ + clean-libtool clean-sbinPROGRAMS mostlyclean-am -clean-am: clean-binPROGRAMS clean-libexecPROGRAMS clean-sbinPROGRAMS \ - clean-compile clean-libtool clean-tags clean-generic \ - mostlyclean-am +distclean: distclean-am -clean: clean-am +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-libtool distclean-tags -distclean-am: distclean-binPROGRAMS distclean-libexecPROGRAMS \ - distclean-sbinPROGRAMS distclean-compile \ - distclean-libtool distclean-tags distclean-generic \ - clean-am - -rm -f libtool +dvi: dvi-am -distclean: distclean-am +dvi-am: -maintainer-clean-am: maintainer-clean-binPROGRAMS \ - maintainer-clean-libexecPROGRAMS \ - maintainer-clean-sbinPROGRAMS maintainer-clean-compile \ - maintainer-clean-libtool maintainer-clean-tags \ - maintainer-clean-generic distclean-am - @echo "This command is intended for maintainers to use;" - @echo "it deletes files that may require special tools to rebuild." +info: info-am + +info-am: + +install-data-am: install-data-local install-man + +install-exec-am: install-binPROGRAMS install-libexecPROGRAMS \ + install-sbinPROGRAMS + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-exec-hook + +install-info: install-info-am + +install-man: install-man8 + +installcheck-am: maintainer-clean: maintainer-clean-am -.PHONY: mostlyclean-binPROGRAMS distclean-binPROGRAMS clean-binPROGRAMS \ -maintainer-clean-binPROGRAMS uninstall-binPROGRAMS install-binPROGRAMS \ -mostlyclean-libexecPROGRAMS distclean-libexecPROGRAMS \ -clean-libexecPROGRAMS maintainer-clean-libexecPROGRAMS \ -uninstall-libexecPROGRAMS install-libexecPROGRAMS \ -mostlyclean-sbinPROGRAMS distclean-sbinPROGRAMS clean-sbinPROGRAMS \ -maintainer-clean-sbinPROGRAMS uninstall-sbinPROGRAMS \ -install-sbinPROGRAMS mostlyclean-compile distclean-compile \ -clean-compile maintainer-clean-compile mostlyclean-libtool \ -distclean-libtool clean-libtool maintainer-clean-libtool install-man8 \ -uninstall-man8 install-man uninstall-man tags mostlyclean-tags \ -distclean-tags clean-tags maintainer-clean-tags distdir info-am info \ -dvi-am dvi check-local check check-am installcheck-am installcheck \ -install-exec-am install-exec install-data-local install-data-am \ -install-data install-am install uninstall-am uninstall all-local \ -all-redirect all-am all install-strip installdirs mostlyclean-generic \ -distclean-generic clean-generic maintainer-clean-generic clean \ -mostlyclean distclean maintainer-clean +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool + +uninstall-am: uninstall-binPROGRAMS uninstall-info-am \ + uninstall-libexecPROGRAMS uninstall-man uninstall-sbinPROGRAMS + +uninstall-man: uninstall-man8 + +.PHONY: GTAGS all all-am all-local check check-am check-local clean \ + clean-binPROGRAMS clean-generic clean-libexecPROGRAMS \ + clean-libtool clean-sbinPROGRAMS distclean distclean-compile \ + distclean-generic distclean-libtool distclean-tags distdir dvi \ + dvi-am info info-am install install-am install-binPROGRAMS \ + install-data install-data-am install-data-local install-exec \ + install-exec-am install-info install-info-am \ + install-libexecPROGRAMS install-man install-man8 \ + install-sbinPROGRAMS install-strip installcheck installcheck-am \ + installdirs maintainer-clean maintainer-clean-generic \ + mostlyclean mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool tags uninstall uninstall-am \ + uninstall-binPROGRAMS uninstall-info-am \ + uninstall-libexecPROGRAMS uninstall-man uninstall-man8 \ + uninstall-sbinPROGRAMS install-suid-programs: @@ -775,7 +767,6 @@ check-local:: echo "$$dashes"; \ test "$$failed" -eq 0; \ fi - # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/crypto/heimdal/kdc/config.c b/crypto/heimdal/kdc/config.c index 78f75d3..99c49a8 100644 --- a/crypto/heimdal/kdc/config.c +++ b/crypto/heimdal/kdc/config.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan + * Copyright (c) 1997-2002 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -35,7 +35,7 @@ #include <getarg.h> #include <parse_bytes.h> -RCSID("$Id: config.c,v 1.36 2001/05/17 07:13:43 joda Exp $"); +RCSID("$Id: config.c,v 1.39 2002/02/04 10:53:48 joda Exp $"); static char *config_file; /* location of kdc config file */ @@ -67,9 +67,7 @@ krb5_addresses explicit_addresses; char *v4_realm; int enable_v4 = -1; int enable_524 = -1; -#endif -#ifdef KASERVER -krb5_boolean enable_kaserver = -1; +int enable_kaserver = -1; #endif static int help_flag; @@ -106,15 +104,13 @@ static struct getargs args[] = { "v4-realm", 'r', arg_string, &v4_realm, "realm to serve v4-requests for" }, -#endif -#ifdef KASERVER { - "kaserver", 'K', arg_negative_flag, &enable_kaserver, - "turn off kaserver support" + "kaserver", 'K', arg_flag, &enable_kaserver, + "enable kaserver support" }, #endif { "ports", 'P', arg_string, &port_str, - "ports to listen to" + "ports to listen to", "portspec" }, { "addresses", 0, arg_strings, &addresses_str, "addresses to listen on", "list of addresses" }, @@ -185,7 +181,8 @@ get_dbinfo(krb5_config_section *cf) } *dt = di; dt = &di->next; - } else { + } else if(databases == NULL) { + /* if there are none specified, use some default */ di = calloc(1, sizeof(*di)); di->dbname = strdup(default_dbname); di->mkey_file = strdup(default_mkey); @@ -198,8 +195,11 @@ get_dbinfo(krb5_config_section *cf) if(di->mkey_file == NULL) { p = strrchr(di->dbname, '.'); if(p == NULL || strchr(p, '/') != NULL) + /* final pathname component does not contain a . */ asprintf(&di->mkey_file, "%s.mkey", di->dbname); else + /* the filename is something.else, replace .else with + .mkey */ asprintf(&di->mkey_file, "%.*s.mkey", (int)(p - di->dbname), di->dbname); } @@ -329,10 +329,8 @@ configure(int argc, char **argv) if(p) v4_realm = strdup(p); } -#endif -#ifdef KASERVER if (enable_kaserver == -1) - enable_kaserver = krb5_config_get_bool_default(context, cf, TRUE, + enable_kaserver = krb5_config_get_bool_default(context, cf, FALSE, "kdc", "enable-kaserver", NULL); diff --git a/crypto/heimdal/kdc/connect.c b/crypto/heimdal/kdc/connect.c index 7f13310..d747a18 100644 --- a/crypto/heimdal/kdc/connect.c +++ b/crypto/heimdal/kdc/connect.c @@ -33,7 +33,7 @@ #include "kdc_locl.h" -RCSID("$Id: connect.c,v 1.82 2001/05/14 06:18:11 assar Exp $"); +RCSID("$Id: connect.c,v 1.84 2001/08/21 10:10:25 assar Exp $"); /* * a tuple describing on what to listen @@ -140,8 +140,6 @@ add_standard_ports (int family) add_port_service(family, "krb524", 4444, "udp"); add_port_service(family, "krb524", 4444, "tcp"); } -#endif -#ifdef KASERVER if (enable_kaserver) add_port_service(family, "afs3-kaserver", 7004, "udp"); #endif @@ -385,10 +383,7 @@ process_request(unsigned char *buf, ret = do_524(&ticket, reply, from, addr); free_Ticket(&ticket); return ret; - } -#endif -#ifdef KASERVER - else if (enable_kaserver) { + } else if (enable_kaserver) { ret = do_kaserver (buf, len, reply, from, (struct sockaddr_in*)addr); return ret; } @@ -425,7 +420,8 @@ do_request(void *buf, size_t len, int sendlength, ret = process_request(buf, len, &reply, &sendlength, d->addr_string, d->sa); if(reply.length){ - kdc_log(5, "sending %d bytes to %s", reply.length, d->addr_string); + kdc_log(5, "sending %lu bytes to %s", (unsigned long)reply.length, + d->addr_string); if(sendlength){ unsigned char len[4]; len[0] = (reply.length >> 24) & 0xff; diff --git a/crypto/heimdal/kdc/headers.h b/crypto/heimdal/kdc/headers.h index 24442db..d8a23d6 100644 --- a/crypto/heimdal/kdc/headers.h +++ b/crypto/heimdal/kdc/headers.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -32,7 +32,7 @@ */ /* - * $Id: headers.h,v 1.11 2001/02/15 04:20:53 assar Exp $ + * $Id: headers.h,v 1.13 2001/08/22 20:30:25 assar Exp $ */ #ifndef __HEADERS_H__ @@ -77,12 +77,15 @@ #ifdef HAVE_UTIL_H #include <util.h> #endif +#ifdef HAVE_LIBUTIL_H +#include <libutil.h> +#endif #include <err.h> #include <roken.h> #include <getarg.h> #include <base64.h> #include <parse_units.h> -#ifdef HAVE_OPENSSL_DES_H +#ifdef HAVE_OPENSSL #include <openssl/des.h> #else #include <des.h> diff --git a/crypto/heimdal/kdc/hprop.8 b/crypto/heimdal/kdc/hprop.8 index ae8ee85..252b761 100644 --- a/crypto/heimdal/kdc/hprop.8 +++ b/crypto/heimdal/kdc/hprop.8 @@ -1,4 +1,4 @@ -.\" $Id: hprop.8,v 1.10 2001/06/08 21:35:31 joda Exp $ +.\" $Id: hprop.8,v 1.13 2001/07/19 16:33:26 assar Exp $ .\" .Dd June 19, 2000 .Dt HPROP 8 @@ -16,18 +16,16 @@ .Fl -database= Ns Pa file .Xc .Oc -.Op Fl -source= Ns Ar heimdal|mit-dump|krb4-db|krb4-dump -.Op Fl 4 | Fl -v4-db -.Op Fl K | Fl -ka-db +.Op Fl -source= Ns Ar heimdal|mit-dump|krb4-dump|krb4-db|kaserver +.Oo Fl r Ar string \*(Ba Xo +.Fl -v4-realm= Ns Ar string +.Xc +.Oc .Oo Fl c Ar cell \*(Ba Xo .Fl -cell= Ns Ar cell .Xc .Oc .Op Fl S | Fl -kaspecials -.Oo Fl r Ar string \*(Ba Xo -.Fl -v4-realm= Ns Ar string -.Xc -.Oc .Oo Fl k Ar keytab \*(Ba Xo .Fl -keytab= Ns Ar keytab .Xc @@ -42,7 +40,7 @@ .Op Fl v | Fl -verbose .Op Fl -version .Op Fl h | Fl -help -.Ar host Ns Op : Ns Ar port +.Op Ar host Ns Op : Ns Ar port .Ar ... .Sh DESCRIPTION .Nm @@ -70,10 +68,11 @@ Where to find the master key to encrypt or decrypt keys with. .Xc The database to be propagated. .It Xo -.Fl -source= Ns Ar heimdal|mit-dump|krb4-db|krb4-dump +.Fl -source= Ns Ar heimdal|mit-dump|krb4-dump|krb4-db|kaserver .Xc Specifies the type of the source database. Alternatives include: -.Bl -tag -width krb4-dump + +.Bl -tag -width krb4-dump -compact -offset indent .It heimdal a Heimdal database .It mit-dump @@ -83,7 +82,7 @@ a Kerberos 4 database .It krb4-dump a Kerberos 4 dump file .It kaserver -a Transarc kaserver database +an AFS kaserver database .El .It Xo .Fl k Ar keytab Ns , @@ -104,13 +103,13 @@ Local realm override. .Fl -decrypt .Xc The encryption keys in the database can either be in clear, or -encrypted with a master key. This option thansmits the database with +encrypted with a master key. This option transmits the database with unencrypted keys. .It Xo .Fl E Ns , .Fl -encrypt .Xc -This option thansmits the database with encrypted keys. +This option transmits the database with encrypted keys. .It Xo .Fl n Ns , .Fl -stdout @@ -165,7 +164,7 @@ $ hprop --source=krb4-db -E krb5-slave .Pp Convert a Kerberos 4 dump-file for use with a Heimdal KDC: .Bd -literal -offset indent -$ hprop -n --source=krb4-dump -d /var/kerberos/principal.dump -E | hpropd -n +$ hprop -n --source=krb4-dump -d /var/kerberos/principal.dump --master-key=/.k | hpropd -n .Ed .Sh SEE ALSO .Xr hpropd 8 diff --git a/crypto/heimdal/kdc/hprop.c b/crypto/heimdal/kdc/hprop.c index b5d1743..81ef0d2 100644 --- a/crypto/heimdal/kdc/hprop.c +++ b/crypto/heimdal/kdc/hprop.c @@ -33,7 +33,7 @@ #include "hprop.h" -RCSID("$Id: hprop.c,v 1.62 2001/02/20 01:44:50 assar Exp $"); +RCSID("$Id: hprop.c,v 1.68 2001/09/23 05:13:17 assar Exp $"); static int version_flag; static int help_flag; @@ -49,20 +49,10 @@ static hdb_master_key mkey5; static char *source_type; static char *afs_cell; -static char *realm; +static char *v4_realm; -#ifdef KRB4 -static int v4_db; - -static des_cblock mkey4; -static des_key_schedule msched4; - -#ifdef KASERVER_DB static int kaspecials_flag; -static int ka_db; static int ka_use_null_salt; -#endif -#endif static char *local_realm=NULL; @@ -160,13 +150,12 @@ kdb_prop(void *arg, Principal *p) strlcpy(pr.instance, p->instance, sizeof(pr.instance)); copy_to_key(&p->key_low, &p->key_high, pr.key); - kdb_encrypt_key(&pr.key, &pr.key, &mkey4, msched4, DES_DECRYPT); pr.exp_date = p->exp_date; pr.mod_date = p->mod_date; strlcpy(pr.mod_name, p->mod_name, sizeof(pr.mod_name)); strlcpy(pr.mod_instance, p->mod_instance, sizeof(pr.mod_instance)); pr.max_life = p->max_life; - pr.mkvno = -1; /* p->kdc_key_ver; */ + pr.mkvno = p->kdc_key_ver; pr.kvno = p->key_version; ret = v4_prop(arg, &pr); @@ -220,12 +209,12 @@ v4_prop(void *arg, struct v4_principal *p) memset(&ent, 0, sizeof(ent)); - ret = krb5_425_conv_principal(pd->context, p->name, p->instance, realm, + ret = krb5_425_conv_principal(pd->context, p->name, p->instance, v4_realm, &ent.principal); - if(ret){ + if(ret) { krb5_warn(pd->context, ret, "krb5_425_conv_principal %s.%s@%s", - p->name, p->instance, realm); + p->name, p->instance, v4_realm); return 0; } @@ -241,11 +230,7 @@ v4_prop(void *arg, struct v4_principal *p) ent.keys.val = malloc(ent.keys.len * sizeof(*ent.keys.val)); if(p->mkvno != -1) { ent.keys.val[0].mkvno = malloc (sizeof(*ent.keys.val[0].mkvno)); -#if 0 - *(ent.keys.val[0].mkvno) = p->mkvno; /* XXX */ -#else - *(ent.keys.val[0].mkvno) = 0; -#endif + *(ent.keys.val[0].mkvno) = p->mkvno; } else ent.keys.val[0].mkvno = NULL; ent.keys.val[0].salt = calloc(1, sizeof(*ent.keys.val[0].salt)); @@ -278,7 +263,7 @@ v4_prop(void *arg, struct v4_principal *p) *ent.valid_end = p->exp_date; ret = krb5_make_principal(pd->context, &ent.created_by.principal, - realm, + v4_realm, "kadmin", "hprop", NULL); @@ -290,9 +275,9 @@ v4_prop(void *arg, struct v4_principal *p) ent.created_by.time = time(NULL); ALLOC(ent.modified_by); ret = krb5_425_conv_principal(pd->context, p->mod_name, p->mod_instance, - realm, &ent.modified_by->principal); + v4_realm, &ent.modified_by->principal); if(ret){ - krb5_warn(pd->context, ret, "%s.%s@%s", p->name, p->instance, realm); + krb5_warn(pd->context, ret, "%s.%s@%s", p->name, p->instance, v4_realm); ent.modified_by->principal = NULL; ret = 0; goto out; @@ -320,10 +305,10 @@ v4_prop(void *arg, struct v4_principal *p) ret = v5_prop(pd->context, NULL, &ent, pd); if (strcmp (p->name, "krbtgt") == 0 - && strcmp (realm, p->instance) != 0) { + && strcmp (v4_realm, p->instance) != 0) { krb5_free_principal (pd->context, ent.principal); ret = krb5_425_conv_principal (pd->context, p->name, - realm, p->instance, + v4_realm, p->instance, &ent.principal); if (ret == 0) ret = v5_prop (pd->context, NULL, &ent, pd); @@ -334,9 +319,6 @@ v4_prop(void *arg, struct v4_principal *p) return ret; } -#ifdef KRB4 -#ifdef KASERVER_DB - #include "kadb.h" /* read a `ka_entry' from `fd' at offset `pos' */ @@ -344,18 +326,22 @@ static void read_block(krb5_context context, int fd, int32_t pos, void *buf, size_t len) { krb5_error_code ret; +#ifdef HAVE_PREAD + if((ret = pread(fd, buf, len, 64 + pos)) < 0) + krb5_err(context, 1, errno, "pread(%u)", 64 + pos); +#else if(lseek(fd, 64 + pos, SEEK_SET) == (off_t)-1) krb5_err(context, 1, errno, "lseek(%u)", 64 + pos); ret = read(fd, buf, len); if(ret < 0) - krb5_err(context, 1, errno, "read(%u)", len); + krb5_err(context, 1, errno, "read(%lu)", (unsigned long)len); +#endif if(ret != len) - krb5_errx(context, 1, "read(%u) = %u", len, ret); + krb5_errx(context, 1, "read(%lu) = %u", (unsigned long)len, ret); } static int -ka_convert(struct prop_data *pd, int fd, struct ka_entry *ent, - const char *cell) +ka_convert(struct prop_data *pd, int fd, struct ka_entry *ent) { int32_t flags = ntohl(ent->flags); krb5_error_code ret; @@ -365,12 +351,12 @@ ka_convert(struct prop_data *pd, int fd, struct ka_entry *ent, && (flags & KAFNORMAL) == 0) /* remove special entries */ return 0; memset(&hdb, 0, sizeof(hdb)); - ret = krb5_425_conv_principal(pd->context, ent->name, ent->instance, realm, - &hdb.principal); + ret = krb5_425_conv_principal(pd->context, ent->name, ent->instance, + v4_realm, &hdb.principal); if(ret) { krb5_warn(pd->context, ret, "krb5_425_conv_principal (%s.%s@%s)", - ent->name, ent->instance, realm); + ent->name, ent->instance, v4_realm); return 0; } hdb.kvno = ntohl(ent->kvno); @@ -384,8 +370,8 @@ ka_convert(struct prop_data *pd, int fd, struct ka_entry *ent, hdb.keys.val[0].salt->salt.length = 0; } else { hdb.keys.val[0].salt->type = hdb_afs3_salt; - hdb.keys.val[0].salt->salt.data = strdup(cell); - hdb.keys.val[0].salt->salt.length = strlen(cell); + hdb.keys.val[0].salt->salt.data = strdup(afs_cell); + hdb.keys.val[0].salt->salt.length = strlen(afs_cell); } hdb.keys.val[0].key.keytype = ETYPE_DES_CBC_MD5; @@ -412,7 +398,7 @@ ka_convert(struct prop_data *pd, int fd, struct ka_entry *ent, } ret = krb5_make_principal(pd->context, &hdb.created_by.principal, - realm, + v4_realm, "kadmin", "hprop", NULL); @@ -423,7 +409,7 @@ ka_convert(struct prop_data *pd, int fd, struct ka_entry *ent, ALLOC(hdb.modified_by); read_block(pd->context, fd, ntohl(ent->mod_ptr), &mod, sizeof(mod)); - krb5_425_conv_principal(pd->context, mod.name, mod.instance, realm, + krb5_425_conv_principal(pd->context, mod.name, mod.instance, v4_realm, &hdb.modified_by->principal); hdb.modified_by->time = ntohl(ent->mod_time); memset(&mod, 0, sizeof(mod)); @@ -447,7 +433,7 @@ ka_convert(struct prop_data *pd, int fd, struct ka_entry *ent, } static int -ka_dump(struct prop_data *pd, const char *file, const char *cell) +ka_dump(struct prop_data *pd, const char *file) { struct ka_header header; int i; @@ -467,16 +453,13 @@ ka_dump(struct prop_data *pd, const char *file, const char *cell) while(pos){ struct ka_entry ent; read_block(pd->context, fd, pos, &ent, sizeof(ent)); - ka_convert(pd, fd, &ent, cell); + ka_convert(pd, fd, &ent); pos = ntohl(ent.next); } } return 0; } -#endif /* KASERVER_DB */ - -#endif /* KRB4 */ struct getargs args[] = { @@ -488,21 +471,13 @@ struct getargs args[] = { "|krb4-dump" #ifdef KRB4 "|krb4-db" -#ifdef KASERVER_DB - "|kaserver" -#endif #endif + "|kaserver" }, -#ifdef KRB4 - { "v4-db", '4', arg_flag, &v4_db }, -#endif - { "v4-realm", 'r', arg_string, &realm, "v4 realm to use" }, -#ifdef KASERVER_DB - { "ka-db", 'K', arg_flag, &ka_db }, + { "v4-realm", 'r', arg_string, &v4_realm, "v4 realm to use" }, { "cell", 'c', arg_string, &afs_cell, "name of AFS cell" }, { "kaspecials", 'S', arg_flag, &kaspecials_flag, "dump KASPECIAL keys"}, -#endif { "keytab", 'k', arg_string, &ktname, "keytab to use for authentication", "keytab" }, { "v5-realm", 'R', arg_string, &local_realm, "v5 realm to use" }, { "decrypt", 'D', arg_flag, &decrypt_flag, "decrypt keys" }, @@ -518,7 +493,7 @@ static int num_args = sizeof(args) / sizeof(args[0]); static void usage(int ret) { - arg_printusage (args, num_args, NULL, "host ..."); + arg_printusage (args, num_args, NULL, "[host[:port]] ..."); exit (ret); } @@ -557,8 +532,12 @@ get_creds(krb5_context context, krb5_ccache *cache) ret = krb5_cc_initialize(context, *cache, client); if(ret) krb5_err(context, 1, ret, "krb5_cc_initialize"); + krb5_free_principal(context, client); + ret = krb5_cc_store_cred(context, *cache, &creds); if(ret) krb5_err(context, 1, ret, "krb5_cc_store_cred"); + + krb5_free_creds_contents(context, &creds); } enum hprop_source { @@ -579,10 +558,8 @@ struct { { HPROP_KRB4_DUMP, "krb4-dump" }, #ifdef KRB4 { HPROP_KRB4_DB, "krb4-db" }, -#ifdef KASERVER_DB - { HPROP_KASERVER, "kaserver" }, -#endif #endif + { HPROP_KASERVER, "kaserver" }, { HPROP_MIT_DUMP, "mit-dump" } }; @@ -600,7 +577,6 @@ parse_source_type(const char *s) static void iterate (krb5_context context, const char *database, - const char *afs_cell, HDB *db, int type, struct prop_data *pd) @@ -618,14 +594,12 @@ iterate (krb5_context context, krb5_errx(context, 1, "kerb_db_iterate: %s", krb_get_err_text(ret)); break; -#ifdef KASERVER_DB +#endif /* KRB4 */ case HPROP_KASERVER: - ret = ka_dump(pd, database, afs_cell); + ret = ka_dump(pd, database); if(ret) - krb5_errx(context, 1, "ka_dump: %s", krb_get_err_text(ret)); + krb5_err(context, 1, ret, "ka_dump"); break; -#endif -#endif /* KRB4 */ case HPROP_MIT_DUMP: ret = mit_prop_dump(pd, database); if (ret) @@ -642,8 +616,7 @@ iterate (krb5_context context, static int dump_database (krb5_context context, int type, - const char *database, const char *afs_cell, - HDB *db) + const char *database, HDB *db) { krb5_error_code ret; struct prop_data pd; @@ -653,7 +626,7 @@ dump_database (krb5_context context, int type, pd.auth_context = NULL; pd.sock = STDOUT_FILENO; - iterate (context, database, afs_cell, db, type, &pd); + iterate (context, database, db, type, &pd); krb5_data_zero (&data); ret = krb5_write_message (context, &pd.sock, &data); if (ret) @@ -664,7 +637,7 @@ dump_database (krb5_context context, int type, static int propagate_database (krb5_context context, int type, - const char *database, const char *afs_cell, + const char *database, HDB *db, krb5_ccache ccache, int optind, int argc, char **argv) { @@ -707,6 +680,7 @@ propagate_database (krb5_context context, int type, krb5_realm my_realm; krb5_get_default_realm(context,&my_realm); + free (*krb5_princ_realm(context, server)); krb5_princ_set_realm(context,server,&my_realm); } @@ -725,17 +699,19 @@ propagate_database (krb5_context context, int type, NULL, NULL); + krb5_free_principal(context, server); + if(ret) { krb5_warn(context, ret, "krb5_sendauth"); close(fd); continue; } - + pd.context = context; pd.auth_context = auth_context; pd.sock = fd; - iterate (context, database, afs_cell, db, type, &pd); + iterate (context, database, db, type, &pd); krb5_data_zero (&data); ret = krb5_write_priv_message(context, auth_context, &fd, &data); @@ -754,35 +730,13 @@ propagate_database (krb5_context context, int type, return 0; } -#ifdef KRB4 - -static void -v4_get_masterkey (krb5_context context, char *database) -{ - int e; - - e = kerb_db_set_name (database); - if(e) - krb5_errx(context, 1, "kerb_db_set_name: %s", - krb_get_err_text(e)); - e = kdb_get_master_key(0, &mkey4, msched4); - if(e) - krb5_errx(context, 1, "kdb_get_master_key: %s", - krb_get_err_text(e)); - e = kdb_verify_master_key(&mkey4, msched4, NULL); - if (e < 0) - krb5_errx(context, 1, "kdb_verify_master_key failed"); -} - -#endif - int main(int argc, char **argv) { krb5_error_code ret; krb5_context context; - krb5_ccache ccache; - HDB *db; + krb5_ccache ccache = NULL; + HDB *db = NULL; int optind = 0; int type = 0; @@ -807,26 +761,24 @@ main(int argc, char **argv) if(local_realm) krb5_set_default_realm(context, local_realm); + if(v4_realm == NULL) { + ret = krb5_get_default_realm(context, &v4_realm); + if(ret) + krb5_err(context, 1, ret, "krb5_get_default_realm"); + } + + if(afs_cell == NULL) { + afs_cell = strdup(v4_realm); + if(afs_cell == NULL) + krb5_errx(context, 1, "out of memory"); + strlwr(afs_cell); + } + if(encrypt_flag && decrypt_flag) krb5_errx(context, 1, "only one of `--encrypt' and `--decrypt' is meaningful"); -#ifdef KRB4 - if(v4_db) { - if(type != 0) - krb5_errx(context, 1, "more than one database type specified"); - type = HPROP_KRB4_DB; - } -#ifdef KASERVER_DB - if(ka_db) { - if(type != 0) - krb5_errx(context, 1, "more than one database type specified"); - type = HPROP_KASERVER; - } -#endif -#endif - if(source_type != NULL) { if(type != 0) krb5_errx(context, 1, "more than one database type specified"); @@ -851,12 +803,12 @@ main(int argc, char **argv) if (IS_TYPE_V4(type)) { int e; - if (realm == NULL) { + if (v4_realm == NULL) { e = krb_get_lrealm(realm_buf, 1); if(e) krb5_errx(context, 1, "krb_get_lrealm: %s", krb_get_err_text(e)); - realm = realm_buf; + v4_realm = realm_buf; } } #endif @@ -866,9 +818,8 @@ main(int argc, char **argv) case HPROP_KRB4_DB: if (database == NULL) krb5_errx(context, 1, "no database specified"); - v4_get_masterkey (context, database); break; -#ifdef KASERVER_DB +#endif case HPROP_KASERVER: if (database == NULL) database = DEFAULT_DATABASE; @@ -878,14 +829,10 @@ main(int argc, char **argv) NULL); break; -#endif -#endif /* KRB4 */ case HPROP_KRB4_DUMP: if (database == NULL) krb5_errx(context, 1, "no dump file specified"); -#ifdef KRB4 - v4_get_masterkey (context, database); -#endif + break; case HPROP_MIT_DUMP: if (database == NULL) @@ -905,9 +852,17 @@ main(int argc, char **argv) } if (to_stdout) - dump_database (context, type, database, afs_cell, db); + dump_database (context, type, database, db); else - propagate_database (context, type, database, afs_cell, + propagate_database (context, type, database, db, ccache, optind, argc, argv); + + if(ccache != NULL) + krb5_cc_destroy(context, ccache); + + if(db != NULL) + (*db->destroy)(context, db); + + krb5_free_context(context); return 0; } diff --git a/crypto/heimdal/kdc/hpropd.8 b/crypto/heimdal/kdc/hpropd.8 index dd26547..4c4955b 100644 --- a/crypto/heimdal/kdc/hpropd.8 +++ b/crypto/heimdal/kdc/hpropd.8 @@ -1,4 +1,4 @@ -.\" $Id: hpropd.8,v 1.7 2001/06/08 21:35:32 joda Exp $ +.\" $Id: hpropd.8,v 1.8 2002/01/24 15:30:49 assar Exp $ .\" .Dd August 27, 1997 .Dt HPROPD 8 @@ -35,7 +35,7 @@ stdin otherwise. If the database is sent over the network, it is authenticated and encrypted. Only connections from -.Li kadmin/hprop +.Nm kadmin Ns / Ns Nm hprop are accepted. .Pp Options supported: diff --git a/crypto/heimdal/kdc/hpropd.c b/crypto/heimdal/kdc/hpropd.c index da5498b..452c5f1 100644 --- a/crypto/heimdal/kdc/hpropd.c +++ b/crypto/heimdal/kdc/hpropd.c @@ -33,7 +33,7 @@ #include "hprop.h" -RCSID("$Id: hpropd.c,v 1.32 2001/02/20 01:44:50 assar Exp $"); +RCSID("$Id: hpropd.c,v 1.34 2001/09/18 09:54:15 joda Exp $"); #ifdef KRB4 static des_cblock mkey4; @@ -165,6 +165,7 @@ static int version_flag; static int print_dump; static char *database = HDB_DEFAULT_DB; static int from_stdin; +static char *local_realm; #ifdef KRB4 static int v4dump; #endif @@ -177,6 +178,7 @@ struct getargs args[] = { { "inetd", 'i', arg_negative_flag, &inetd_flag, "Not started from inetd" }, { "keytab", 'k', arg_string, &ktname, "keytab to use for authentication", "keytab" }, + { "realm", 'r', arg_string, &local_realm, "realm to use" }, #ifdef KRB4 { "v4dump", '4', arg_flag, &v4dump, "create v4 type DB" }, #endif @@ -231,6 +233,9 @@ main(int argc, char **argv) if (v4dump && database == HDB_DEFAULT_DB) database = "/var/kerberos/524_dump"; #endif /* KRB4 */ + + if(local_realm != NULL) + krb5_set_default_realm(context, local_realm); if(help_flag) usage(0); @@ -307,9 +312,9 @@ main(int argc, char **argv) free(server); krb5_free_ticket (context, ticket); - ret = krb5_auth_getauthenticator(context, ac, &authent); + ret = krb5_auth_con_getauthenticator(context, ac, &authent); if(ret) - krb5_err(context, 1, ret, "krb5_auth_getauthenticator"); + krb5_err(context, 1, ret, "krb5_auth_con_getauthenticator"); ret = krb5_make_principal(context, &c1, NULL, "kadmin", "hprop", NULL); if(ret) diff --git a/crypto/heimdal/kdc/kaserver.c b/crypto/heimdal/kdc/kaserver.c index 5920895..6342529 100644 --- a/crypto/heimdal/kdc/kaserver.c +++ b/crypto/heimdal/kdc/kaserver.c @@ -33,9 +33,8 @@ #include "kdc_locl.h" -RCSID("$Id: kaserver.c,v 1.16 2001/02/05 10:49:43 assar Exp $"); +RCSID("$Id: kaserver.c,v 1.18 2001/08/17 07:49:01 joda Exp $"); -#ifdef KASERVER #include <rx.h> @@ -311,8 +310,8 @@ create_reply_ticket (struct rx_header *hdr, /* encrypt it */ des_set_key (key, schedule); - des_pcbc_encrypt ((des_cblock *)enc_data.data, - (des_cblock *)enc_data.data, + des_pcbc_encrypt (enc_data.data, + enc_data.data, enc_data.length, schedule, key, @@ -433,17 +432,17 @@ do_authenticate (struct rx_header *hdr, } /* find a DES key */ - ret = get_des_key(client_entry, TRUE, &ckey); + ret = get_des_key(client_entry, FALSE, TRUE, &ckey); if(ret){ - kdc_log(0, "%s", krb5_get_err_text(context, ret)); + kdc_log(0, "no suitable DES key for client"); make_error_reply (hdr, KANOKEYS, reply); goto out; } /* find a DES key */ - ret = get_des_key(server_entry, TRUE, &skey); + ret = get_des_key(server_entry, TRUE, TRUE, &skey); if(ret){ - kdc_log(0, "%s", krb5_get_err_text(context, ret)); + kdc_log(0, "no suitable DES key for server"); make_error_reply (hdr, KANOKEYS, reply); goto out; } @@ -451,8 +450,8 @@ do_authenticate (struct rx_header *hdr, /* try to decode the `request' */ memcpy (&key, ckey->key.keyvalue.data, sizeof(key)); des_set_key (&key, schedule); - des_pcbc_encrypt ((des_cblock *)request.data, - (des_cblock *)request.data, + des_pcbc_encrypt (request.data, + request.data, request.length, schedule, &key, @@ -624,17 +623,17 @@ do_getticket (struct rx_header *hdr, } /* find a DES key */ - ret = get_des_key(krbtgt_entry, TRUE, &kkey); + ret = get_des_key(krbtgt_entry, TRUE, TRUE, &kkey); if(ret){ - kdc_log(0, "%s", krb5_get_err_text(context, ret)); + kdc_log(0, "no suitable DES key for krbtgt"); make_error_reply (hdr, KANOKEYS, reply); goto out; } /* find a DES key */ - ret = get_des_key(server_entry, TRUE, &skey); + ret = get_des_key(server_entry, TRUE, TRUE, &skey); if(ret){ - kdc_log(0, "%s", krb5_get_err_text(context, ret)); + kdc_log(0, "no suitable DES key for server"); make_error_reply (hdr, KANOKEYS, reply); goto out; } @@ -819,5 +818,3 @@ out: krb5_storage_free (sp); return ret; } - -#endif /* KASERVER */ diff --git a/crypto/heimdal/kdc/kdc_locl.h b/crypto/heimdal/kdc/kdc_locl.h index 2cc753c..73d5e49 100644 --- a/crypto/heimdal/kdc/kdc_locl.h +++ b/crypto/heimdal/kdc/kdc_locl.h @@ -32,7 +32,7 @@ */ /* - * $Id: kdc_locl.h,v 1.48 2001/01/30 01:44:07 assar Exp $ + * $Id: kdc_locl.h,v 1.52 2001/08/22 20:30:25 assar Exp $ */ #ifndef __KDC_LOCL_H__ @@ -67,8 +67,6 @@ extern krb5_boolean allow_anonymous; extern char *v4_realm; extern int enable_v4; extern int enable_524; -#endif -#ifdef KASERVER extern krb5_boolean enable_kaserver; #endif @@ -106,13 +104,17 @@ krb5_error_code do_version4 (unsigned char*, size_t, krb5_data*, const char*, krb5_error_code encode_v4_ticket (void*, size_t, const EncTicketPart*, const PrincipalName*, size_t*); krb5_error_code encrypt_v4_ticket (void*, size_t, des_cblock*, EncryptedData*); -krb5_error_code get_des_key(hdb_entry*, krb5_boolean, Key**); +krb5_error_code get_des_key(hdb_entry*, krb5_boolean, krb5_boolean, Key**); int maybe_version4 (unsigned char*, int); #endif -#ifdef KASERVER +#ifdef KRB4 krb5_error_code do_kaserver (unsigned char*, size_t, krb5_data*, const char*, struct sockaddr_in*); #endif +#ifdef HAVE_OPENSSL +#define des_new_random_key des_random_key +#endif + #endif /* __KDC_LOCL_H__ */ diff --git a/crypto/heimdal/kdc/kerberos4.c b/crypto/heimdal/kdc/kerberos4.c index 111bd9f..99a7eb6 100644 --- a/crypto/heimdal/kdc/kerberos4.c +++ b/crypto/heimdal/kdc/kerberos4.c @@ -33,7 +33,7 @@ #include "kdc_locl.h" -RCSID("$Id: kerberos4.c,v 1.36 2001/01/30 01:44:08 assar Exp $"); +RCSID("$Id: kerberos4.c,v 1.39 2001/09/20 09:34:42 assar Exp $"); #ifdef KRB4 @@ -78,18 +78,18 @@ valid_princ(krb5_context context, krb5_principal princ) ret = krb5_unparse_name(context, princ, &s); if (ret) - return 0; + return FALSE; ret = db_fetch(princ, &ent); if (ret) { kdc_log(7, "Lookup %s failed: %s", s, krb5_get_err_text (context, ret)); free(s); - return 0; + return FALSE; } kdc_log(7, "Lookup %s succeeded", s); free(s); free_ent(ent); - return 1; + return TRUE; } krb5_error_code @@ -109,9 +109,10 @@ db_fetch4(const char *name, const char *instance, const char *realm, } krb5_error_code -get_des_key(hdb_entry *principal, krb5_boolean prefer_afs_key, Key **ret_key) +get_des_key(hdb_entry *principal, krb5_boolean is_server, + krb5_boolean prefer_afs_key, Key **ret_key) { - Key *v5_key = NULL, *v4_key = NULL, *afs_key = NULL; + Key *v5_key = NULL, *v4_key = NULL, *afs_key = NULL, *server_key = NULL; int i; krb5_enctype etypes[] = { ETYPE_DES_CBC_MD5, ETYPE_DES_CBC_MD4, @@ -119,7 +120,8 @@ get_des_key(hdb_entry *principal, krb5_boolean prefer_afs_key, Key **ret_key) for(i = 0; i < sizeof(etypes)/sizeof(etypes[0]) - && (v5_key == NULL || v4_key == NULL || afs_key == NULL); + && (v5_key == NULL || v4_key == NULL || + afs_key == NULL || server_key == NULL); ++i) { Key *key = NULL; while(hdb_next_enctype2key(context, principal, etypes[i], &key) == 0) { @@ -133,7 +135,8 @@ get_des_key(hdb_entry *principal, krb5_boolean prefer_afs_key, Key **ret_key) } else if(key->salt->type == hdb_afs3_salt) { if(afs_key == NULL) afs_key = key; - } + } else if(server_key == NULL) + server_key = key; } } @@ -144,6 +147,8 @@ get_des_key(hdb_entry *principal, krb5_boolean prefer_afs_key, Key **ret_key) *ret_key = v4_key; else if(v5_key) *ret_key = v5_key; + else if(is_server && server_key) + *ret_key = server_key; else return KERB_ERR_NULL_KEY; } else { @@ -153,6 +158,8 @@ get_des_key(hdb_entry *principal, krb5_boolean prefer_afs_key, Key **ret_key) *ret_key = afs_key; else if(v5_key) *ret_key = v5_key; + else if(is_server && server_key) + *ret_key = server_key; else return KERB_ERR_NULL_KEY; } @@ -267,12 +274,11 @@ do_version4(unsigned char *buf, goto out1; } - ret = get_des_key(client, FALSE, &ckey); + ret = get_des_key(client, FALSE, FALSE, &ckey); if(ret){ - kdc_log(0, "%s", krb5_get_err_text(context, ret)); - /* XXX */ + kdc_log(0, "no suitable DES key for client"); make_err_reply(reply, KDC_NULL_KEY, - "No DES key in database (client)"); + "no suitable DES key for client"); goto out1; } @@ -290,12 +296,12 @@ do_version4(unsigned char *buf, } #endif - ret = get_des_key(server, FALSE, &skey); + ret = get_des_key(server, TRUE, FALSE, &skey); if(ret){ - kdc_log(0, "%s", krb5_get_err_text(context, ret)); + kdc_log(0, "no suitable DES key for server"); /* XXX */ make_err_reply(reply, KDC_NULL_KEY, - "No DES key in database (server)"); + "no suitable DES key for server"); goto out1; } @@ -375,12 +381,12 @@ do_version4(unsigned char *buf, goto out2; } - ret = get_des_key(tgt, FALSE, &tkey); + ret = get_des_key(tgt, TRUE, FALSE, &tkey); if(ret){ - kdc_log(0, "%s", krb5_get_err_text(context, ret)); + kdc_log(0, "no suitable DES key for krbtgt"); /* XXX */ make_err_reply(reply, KDC_NULL_KEY, - "No DES key in database (krbtgt)"); + "no suitable DES key for krbtgt"); goto out2; } @@ -463,12 +469,12 @@ do_version4(unsigned char *buf, goto out2; } - ret = get_des_key(server, FALSE, &skey); + ret = get_des_key(server, TRUE, FALSE, &skey); if(ret){ - kdc_log(0, "%s", krb5_get_err_text(context, ret)); + kdc_log(0, "no suitable DES key for server"); /* XXX */ make_err_reply(reply, KDC_NULL_KEY, - "No DES key in database (server)"); + "no suitable DES key for server"); goto out2; } diff --git a/crypto/heimdal/kdc/kerberos5.c b/crypto/heimdal/kdc/kerberos5.c index e540b12..55e0547 100644 --- a/crypto/heimdal/kdc/kerberos5.c +++ b/crypto/heimdal/kdc/kerberos5.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan + * Copyright (c) 1997-2002 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "kdc_locl.h" -RCSID("$Id: kerberos5.c,v 1.133 2001/05/22 20:16:22 assar Exp $"); +RCSID("$Id: kerberos5.c,v 1.135 2002/01/06 23:07:33 assar Exp $"); #define MAX_TIME ((time_t)((1U << 31) - 1)) @@ -109,7 +109,7 @@ find_keys(hdb_entry *client, krb5_enctype *cetype, Key **skey, krb5_enctype *setype, - int *etypes, + krb5_enctype *etypes, unsigned num_etypes) { krb5_error_code ret; @@ -1237,7 +1237,7 @@ tgs_check_authenticator(krb5_auth_context ac, krb5_error_code ret; krb5_crypto crypto; - krb5_auth_getauthenticator(context, ac, &auth); + krb5_auth_con_getauthenticator(context, ac, &auth); if(auth->cksum == NULL){ kdc_log(0, "No authenticator in request"); ret = KRB5KRB_AP_ERR_INAPP_CKSUM; @@ -1438,7 +1438,7 @@ tgs_rep2(KDC_REQ_BODY *b, { krb5_authenticator auth; - ret = krb5_auth_getauthenticator(context, ac, &auth); + ret = krb5_auth_con_getauthenticator(context, ac, &auth); if (ret == 0) { *csec = malloc(sizeof(**csec)); if (*csec == NULL) { diff --git a/crypto/heimdal/kdc/kstash.8 b/crypto/heimdal/kdc/kstash.8 index afbad1e..e97c53d 100644 --- a/crypto/heimdal/kdc/kstash.8 +++ b/crypto/heimdal/kdc/kstash.8 @@ -1,4 +1,4 @@ -.\" $Id: kstash.8,v 1.5 2001/06/08 21:35:32 joda Exp $ +.\" $Id: kstash.8,v 1.6 2001/06/18 03:26:51 assar Exp $ .\" .Dd September 1, 2000 .Dt KSTASH 8 @@ -41,7 +41,7 @@ the name of the master key file .Fl -convert-file .Xc don't ask for a new master key, just read an old master key file, and -writes it back in the new keyfile format +write it back in the new keyfile format .It Xo .Fl -master-key-fd= Ns Ar fd .Xc |