summaryrefslogtreecommitdiffstats
path: root/crypto/heimdal/kdc
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/heimdal/kdc')
-rw-r--r--crypto/heimdal/kdc/524.c10
-rw-r--r--crypto/heimdal/kdc/Makefile803
-rw-r--r--crypto/heimdal/kdc/Makefile.in231
-rw-r--r--crypto/heimdal/kdc/config.c106
-rw-r--r--crypto/heimdal/kdc/connect.c19
-rw-r--r--crypto/heimdal/kdc/hprop.834
-rw-r--r--crypto/heimdal/kdc/hprop.c8
-rw-r--r--crypto/heimdal/kdc/hprop.cat837
-rw-r--r--crypto/heimdal/kdc/hpropd.812
-rw-r--r--crypto/heimdal/kdc/hpropd.c6
-rw-r--r--crypto/heimdal/kdc/hpropd.cat813
-rw-r--r--crypto/heimdal/kdc/kaserver.c26
-rw-r--r--crypto/heimdal/kdc/kdc.867
-rw-r--r--crypto/heimdal/kdc/kdc.cat876
-rw-r--r--crypto/heimdal/kdc/kdc_locl.h8
-rw-r--r--crypto/heimdal/kdc/kerberos4.c20
-rw-r--r--crypto/heimdal/kdc/kerberos5.c136
-rw-r--r--crypto/heimdal/kdc/kstash.86
-rw-r--r--crypto/heimdal/kdc/kstash.c8
-rw-r--r--crypto/heimdal/kdc/kstash.cat89
-rw-r--r--crypto/heimdal/kdc/log.c10
-rw-r--r--crypto/heimdal/kdc/main.c15
-rw-r--r--crypto/heimdal/kdc/string2key.816
-rw-r--r--crypto/heimdal/kdc/string2key.c6
-rw-r--r--crypto/heimdal/kdc/string2key.cat810
25 files changed, 1322 insertions, 370 deletions
diff --git a/crypto/heimdal/kdc/524.c b/crypto/heimdal/kdc/524.c
index 6d7d595..21bc6a1 100644
--- a/crypto/heimdal/kdc/524.c
+++ b/crypto/heimdal/kdc/524.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "kdc_locl.h"
-RCSID("$Id: 524.c,v 1.23 2001/08/17 07:48:49 joda Exp $");
+RCSID("$Id: 524.c,v 1.25 2002/07/31 09:43:20 joda Exp $");
#ifdef KRB4
@@ -69,7 +69,7 @@ fetch_server (const Ticket *t,
kdc_log(0,
"Request to convert ticket from %s for unknown principal %s: %s",
from, *spn, krb5_get_err_text(context, ret));
- if (ret == ENOENT)
+ if (ret == HDB_ERR_NOENTRY)
ret = KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN;
return ret;
}
@@ -278,12 +278,12 @@ out:
krb5_store_int32(sp, server->kvno); /* is this right? */
krb5_store_data(sp, ticket.cipher);
/* Aargh! This is coded as a KTEXT_ST. */
- sp->seek(sp, MAX_KTXT_LEN - ticket.cipher.length, SEEK_CUR);
+ krb5_storage_seek(sp, MAX_KTXT_LEN - ticket.cipher.length, SEEK_CUR);
krb5_store_int32(sp, 0); /* mbz */
free_EncryptedData(&ticket);
}
ret = krb5_storage_to_data(sp, reply);
- reply->length = (*sp->seek)(sp, 0, SEEK_CUR);
+ reply->length = krb5_storage_seek(sp, 0, SEEK_CUR);
krb5_storage_free(sp);
if(spn)
diff --git a/crypto/heimdal/kdc/Makefile b/crypto/heimdal/kdc/Makefile
new file mode 100644
index 0000000..7bb233f
--- /dev/null
+++ b/crypto/heimdal/kdc/Makefile
@@ -0,0 +1,803 @@
+# Makefile.in generated by automake 1.6.3 from Makefile.am.
+# kdc/Makefile. Generated from Makefile.in by configure.
+
+# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002
+# Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+
+
+# $Id: Makefile.am,v 1.43 2001/08/28 08:31:27 assar Exp $
+
+# $Id: Makefile.am.common,v 1.5 2002/05/19 18:35:37 joda Exp $
+
+# $Id: Makefile.am.common,v 1.36 2002/08/19 16:10:25 joda Exp $
+SHELL = /bin/sh
+
+srcdir = .
+top_srcdir = ..
+
+prefix = /usr/heimdal
+exec_prefix = ${prefix}
+
+bindir = ${exec_prefix}/bin
+sbindir = ${exec_prefix}/sbin
+libexecdir = ${exec_prefix}/libexec
+datadir = ${prefix}/share
+sysconfdir = /etc
+sharedstatedir = ${prefix}/com
+localstatedir = /var/heimdal
+libdir = ${exec_prefix}/lib
+infodir = ${prefix}/info
+mandir = ${prefix}/man
+includedir = ${prefix}/include
+oldincludedir = /usr/include
+pkgdatadir = $(datadir)/heimdal
+pkglibdir = $(libdir)/heimdal
+pkgincludedir = $(includedir)/heimdal
+top_builddir = ..
+
+ACLOCAL = ${SHELL} /usr/home/nectar/devel/heimdal/missing --run aclocal-1.6
+AUTOCONF = ${SHELL} /usr/home/nectar/devel/heimdal/missing --run autoconf
+AUTOMAKE = ${SHELL} /usr/home/nectar/devel/heimdal/missing --run automake-1.6
+AUTOHEADER = ${SHELL} /usr/home/nectar/devel/heimdal/missing --run autoheader
+
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+INSTALL = /usr/bin/install -c
+INSTALL_PROGRAM = ${INSTALL}
+INSTALL_DATA = ${INSTALL} -m 644
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_SCRIPT = ${INSTALL}
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = s,x,x,
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+host_alias =
+host_triplet = i386-unknown-freebsd5.0
+
+EXEEXT =
+OBJEXT = o
+PATH_SEPARATOR = :
+AIX_EXTRA_KAFS =
+AMTAR = ${SHELL} /usr/home/nectar/devel/heimdal/missing --run tar
+AS = @AS@
+AWK = gawk
+CANONICAL_HOST = i386-unknown-freebsd5.0
+CATMAN = /usr/bin/nroff -mdoc $< > $@
+CATMANEXT = $$section
+CC = gcc
+COMPILE_ET = compile_et
+CPP = gcc -E
+DBLIB =
+DEPDIR = .deps
+DIR_com_err =
+DIR_des =
+DIR_roken = roken
+DLLTOOL = @DLLTOOL@
+ECHO = echo
+EXTRA_LIB45 =
+GROFF = /usr/bin/groff
+INCLUDES_roken = -I$(top_builddir)/lib/roken -I$(top_srcdir)/lib/roken
+INCLUDE_ = @INCLUDE_@
+INCLUDE_des =
+INSTALL_STRIP_PROGRAM = ${SHELL} $(install_sh) -c -s
+LEX = flex
+
+LEXLIB = -lfl
+LEX_OUTPUT_ROOT = lex.yy
+LIBTOOL = $(SHELL) $(top_builddir)/libtool
+LIB_ = @LIB_@
+LIB_AUTH_SUBDIRS =
+LIB_NDBM =
+LIB_com_err = -lcom_err
+LIB_com_err_a =
+LIB_com_err_so =
+LIB_des = -lcrypto
+LIB_des_a = -lcrypto
+LIB_des_appl = -lcrypto
+LIB_des_so = -lcrypto
+LIB_kdb =
+LIB_otp = $(top_builddir)/lib/otp/libotp.la
+LIB_roken = $(top_builddir)/lib/vers/libvers.la $(top_builddir)/lib/roken/libroken.la $(LIB_crypt) $(LIB_dbopen)
+LIB_security =
+LN_S = ln -s
+LTLIBOBJS = copyhostent.lo ecalloc.lo emalloc.lo erealloc.lo estrdup.lo strlwr.lo strndup.lo strnlen.lo strsep_copy.lo strupr.lo
+NEED_WRITEAUTH_FALSE =
+NEED_WRITEAUTH_TRUE = #
+NROFF = /usr/bin/nroff
+OBJDUMP = @OBJDUMP@
+PACKAGE = heimdal
+RANLIB = ranlib
+STRIP = strip
+VERSION = 0.4f
+VOID_RETSIGTYPE =
+WFLAGS = -Wall -Wmissing-prototypes -Wpointer-arith -Wbad-function-cast -Wmissing-declarations -Wnested-externs
+WFLAGS_NOIMPLICITINT =
+WFLAGS_NOUNUSED =
+X_CFLAGS = -I/usr/X11R6/include
+X_EXTRA_LIBS =
+X_LIBS = -L/usr/X11R6/lib
+X_PRE_LIBS = -lSM -lICE
+YACC = bison -y
+am__include = include
+am__quote =
+dpagaix_cflags = -D_THREAD_SAFE -D_AIX_PTHREADS_D7 -D_AIX32_THREADS=1 -D_AES_SOURCE -D_AIX41 -I/usr/include/dce
+dpagaix_ldadd = -L/usr/lib/threads -ldcelibc_r -ldcepthreads -lpthreads_compat lpthreads -lc_r
+dpagaix_ldflags = -Wl,-bI:dfspag.exp
+install_sh = /usr/home/nectar/devel/heimdal/install-sh
+
+AUTOMAKE_OPTIONS = foreign no-dependencies 1.6
+
+SUFFIXES = .et .h .x .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8
+
+INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken) $(INCLUDE_krb4) $(INCLUDE_des) -I$(srcdir)/../lib/krb5
+
+ROKEN_RENAME = -DROKEN_RENAME
+
+AM_CFLAGS = $(WFLAGS)
+
+CP = cp
+
+buildinclude = $(top_builddir)/include
+
+LIB_XauReadAuth = -lXau
+LIB_crypt = -lcrypt
+LIB_dbm_firstkey =
+LIB_dbopen =
+LIB_dlopen =
+LIB_dn_expand =
+LIB_el_init = -ledit
+LIB_getattr = @LIB_getattr@
+LIB_gethostbyname =
+LIB_getpwent_r = @LIB_getpwent_r@
+LIB_getpwnam_r =
+LIB_getsockopt =
+LIB_logout = -lutil
+LIB_logwtmp = -lutil
+LIB_odm_initialize = @LIB_odm_initialize@
+LIB_openpty = -lutil
+LIB_pidfile =
+LIB_res_search =
+LIB_setpcred = @LIB_setpcred@
+LIB_setsockopt =
+LIB_socket =
+LIB_syslog =
+LIB_tgetent = -ltermcap
+
+HESIODLIB = @HESIODLIB@
+HESIODINCLUDE = @HESIODINCLUDE@
+INCLUDE_hesiod =
+LIB_hesiod =
+
+INCLUDE_krb4 =
+LIB_krb4 =
+
+INCLUDE_openldap =
+LIB_openldap =
+
+INCLUDE_readline =
+LIB_readline = $(top_builddir)/lib/editline/libel_compat.la $(LIB_el_init) $(LIB_tgetent)
+
+NROFF_MAN = groff -mandoc -Tascii
+
+#LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
+
+LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \
+ $(top_builddir)/lib/asn1/libasn1.la
+
+LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la
+
+#LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la
+
+bin_PROGRAMS = string2key
+
+sbin_PROGRAMS = kstash
+
+libexec_PROGRAMS = hprop hpropd kdc
+
+man_MANS = kdc.8 kstash.8 hprop.8 hpropd.8 string2key.8
+
+hprop_SOURCES = hprop.c mit_dump.c v4_dump.c hprop.h kadb.h
+hpropd_SOURCES = hpropd.c hprop.h
+
+kstash_SOURCES = kstash.c headers.h
+
+string2key_SOURCES = string2key.c headers.h
+
+#krb4_sources = 524.c kerberos4.c kaserver.c rx.h
+krb4_sources =
+
+kdc_SOURCES = \
+ config.c \
+ connect.c \
+ kdc_locl.h \
+ kerberos5.c \
+ log.c \
+ main.c \
+ misc.c \
+ $(krb4_sources)
+
+
+hprop_LDADD = \
+ $(top_builddir)/lib/hdb/libhdb.la \
+ $(LIB_openldap) \
+ $(top_builddir)/lib/krb5/libkrb5.la \
+ $(LIB_kdb) $(LIB_krb4) \
+ $(LIB_des) \
+ $(top_builddir)/lib/asn1/libasn1.la \
+ $(LIB_roken) \
+ $(DBLIB)
+
+
+hpropd_LDADD = \
+ $(top_builddir)/lib/hdb/libhdb.la \
+ $(LIB_openldap) \
+ $(top_builddir)/lib/krb5/libkrb5.la \
+ $(LIB_kdb) $(LIB_krb4) \
+ $(LIB_des) \
+ $(top_builddir)/lib/asn1/libasn1.la \
+ $(LIB_roken) \
+ $(DBLIB)
+
+
+LDADD = $(top_builddir)/lib/hdb/libhdb.la \
+ $(LIB_openldap) \
+ $(top_builddir)/lib/krb5/libkrb5.la \
+ $(LIB_krb4) \
+ $(LIB_des) \
+ $(top_builddir)/lib/asn1/libasn1.la \
+ $(LIB_roken) \
+ $(DBLIB)
+
+
+kdc_LDADD = $(LDADD) $(LIB_pidfile)
+subdir = kdc
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = $(top_builddir)/include/config.h
+CONFIG_CLEAN_FILES =
+bin_PROGRAMS = string2key$(EXEEXT)
+libexec_PROGRAMS = hprop$(EXEEXT) hpropd$(EXEEXT) kdc$(EXEEXT)
+sbin_PROGRAMS = kstash$(EXEEXT)
+PROGRAMS = $(bin_PROGRAMS) $(libexec_PROGRAMS) $(sbin_PROGRAMS)
+
+am_hprop_OBJECTS = hprop.$(OBJEXT) mit_dump.$(OBJEXT) v4_dump.$(OBJEXT)
+hprop_OBJECTS = $(am_hprop_OBJECTS)
+hprop_DEPENDENCIES = $(top_builddir)/lib/hdb/libhdb.la \
+ $(top_builddir)/lib/krb5/libkrb5.la \
+ $(top_builddir)/lib/asn1/libasn1.la
+hprop_LDFLAGS =
+am_hpropd_OBJECTS = hpropd.$(OBJEXT)
+hpropd_OBJECTS = $(am_hpropd_OBJECTS)
+hpropd_DEPENDENCIES = $(top_builddir)/lib/hdb/libhdb.la \
+ $(top_builddir)/lib/krb5/libkrb5.la \
+ $(top_builddir)/lib/asn1/libasn1.la
+hpropd_LDFLAGS =
+#am__objects_1 = 524.$(OBJEXT) kerberos4.$(OBJEXT) \
+# kaserver.$(OBJEXT)
+am__objects_1 =
+am_kdc_OBJECTS = config.$(OBJEXT) connect.$(OBJEXT) kerberos5.$(OBJEXT) \
+ log.$(OBJEXT) main.$(OBJEXT) misc.$(OBJEXT) $(am__objects_1)
+kdc_OBJECTS = $(am_kdc_OBJECTS)
+kdc_DEPENDENCIES = $(top_builddir)/lib/hdb/libhdb.la \
+ $(top_builddir)/lib/krb5/libkrb5.la \
+ $(top_builddir)/lib/asn1/libasn1.la
+kdc_LDFLAGS =
+am_kstash_OBJECTS = kstash.$(OBJEXT)
+kstash_OBJECTS = $(am_kstash_OBJECTS)
+kstash_LDADD = $(LDADD)
+kstash_DEPENDENCIES = $(top_builddir)/lib/hdb/libhdb.la \
+ $(top_builddir)/lib/krb5/libkrb5.la \
+ $(top_builddir)/lib/asn1/libasn1.la
+kstash_LDFLAGS =
+am_string2key_OBJECTS = string2key.$(OBJEXT)
+string2key_OBJECTS = $(am_string2key_OBJECTS)
+string2key_LDADD = $(LDADD)
+string2key_DEPENDENCIES = $(top_builddir)/lib/hdb/libhdb.la \
+ $(top_builddir)/lib/krb5/libkrb5.la \
+ $(top_builddir)/lib/asn1/libasn1.la
+string2key_LDFLAGS =
+
+DEFS = -DHAVE_CONFIG_H
+DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include
+CPPFLAGS =
+LDFLAGS =
+LIBS =
+depcomp =
+am__depfiles_maybe =
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) \
+ $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+ $(AM_LDFLAGS) $(LDFLAGS) -o $@
+CFLAGS = -DINET6 -g -O2
+DIST_SOURCES = $(hprop_SOURCES) $(hpropd_SOURCES) $(kdc_SOURCES) \
+ $(kstash_SOURCES) $(string2key_SOURCES)
+MANS = $(man_MANS)
+DIST_COMMON = Makefile.am Makefile.in
+SOURCES = $(hprop_SOURCES) $(hpropd_SOURCES) $(kdc_SOURCES) $(kstash_SOURCES) $(string2key_SOURCES)
+
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .et .h .x .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj
+$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(top_srcdir)/configure.in $(ACLOCAL_M4)
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --foreign kdc/Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)
+binPROGRAMS_INSTALL = $(INSTALL_PROGRAM)
+install-binPROGRAMS: $(bin_PROGRAMS)
+ @$(NORMAL_INSTALL)
+ $(mkinstalldirs) $(DESTDIR)$(bindir)
+ @list='$(bin_PROGRAMS)'; for p in $$list; do \
+ p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
+ if test -f $$p \
+ || test -f $$p1 \
+ ; then \
+ f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \
+ echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) $$p $(DESTDIR)$(bindir)/$$f"; \
+ $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) $$p $(DESTDIR)$(bindir)/$$f; \
+ else :; fi; \
+ done
+
+uninstall-binPROGRAMS:
+ @$(NORMAL_UNINSTALL)
+ @list='$(bin_PROGRAMS)'; for p in $$list; do \
+ f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \
+ echo " rm -f $(DESTDIR)$(bindir)/$$f"; \
+ rm -f $(DESTDIR)$(bindir)/$$f; \
+ done
+
+clean-binPROGRAMS:
+ @list='$(bin_PROGRAMS)'; for p in $$list; do \
+ f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
+ echo " rm -f $$p $$f"; \
+ rm -f $$p $$f ; \
+ done
+libexecPROGRAMS_INSTALL = $(INSTALL_PROGRAM)
+install-libexecPROGRAMS: $(libexec_PROGRAMS)
+ @$(NORMAL_INSTALL)
+ $(mkinstalldirs) $(DESTDIR)$(libexecdir)
+ @list='$(libexec_PROGRAMS)'; for p in $$list; do \
+ p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
+ if test -f $$p \
+ || test -f $$p1 \
+ ; then \
+ f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \
+ echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) $$p $(DESTDIR)$(libexecdir)/$$f"; \
+ $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) $$p $(DESTDIR)$(libexecdir)/$$f; \
+ else :; fi; \
+ done
+
+uninstall-libexecPROGRAMS:
+ @$(NORMAL_UNINSTALL)
+ @list='$(libexec_PROGRAMS)'; for p in $$list; do \
+ f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \
+ echo " rm -f $(DESTDIR)$(libexecdir)/$$f"; \
+ rm -f $(DESTDIR)$(libexecdir)/$$f; \
+ done
+
+clean-libexecPROGRAMS:
+ @list='$(libexec_PROGRAMS)'; for p in $$list; do \
+ f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
+ echo " rm -f $$p $$f"; \
+ rm -f $$p $$f ; \
+ done
+sbinPROGRAMS_INSTALL = $(INSTALL_PROGRAM)
+install-sbinPROGRAMS: $(sbin_PROGRAMS)
+ @$(NORMAL_INSTALL)
+ $(mkinstalldirs) $(DESTDIR)$(sbindir)
+ @list='$(sbin_PROGRAMS)'; for p in $$list; do \
+ p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
+ if test -f $$p \
+ || test -f $$p1 \
+ ; then \
+ f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \
+ echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) $$p $(DESTDIR)$(sbindir)/$$f"; \
+ $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) $$p $(DESTDIR)$(sbindir)/$$f; \
+ else :; fi; \
+ done
+
+uninstall-sbinPROGRAMS:
+ @$(NORMAL_UNINSTALL)
+ @list='$(sbin_PROGRAMS)'; for p in $$list; do \
+ f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \
+ echo " rm -f $(DESTDIR)$(sbindir)/$$f"; \
+ rm -f $(DESTDIR)$(sbindir)/$$f; \
+ done
+
+clean-sbinPROGRAMS:
+ @list='$(sbin_PROGRAMS)'; for p in $$list; do \
+ f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
+ echo " rm -f $$p $$f"; \
+ rm -f $$p $$f ; \
+ done
+hprop$(EXEEXT): $(hprop_OBJECTS) $(hprop_DEPENDENCIES)
+ @rm -f hprop$(EXEEXT)
+ $(LINK) $(hprop_LDFLAGS) $(hprop_OBJECTS) $(hprop_LDADD) $(LIBS)
+hpropd$(EXEEXT): $(hpropd_OBJECTS) $(hpropd_DEPENDENCIES)
+ @rm -f hpropd$(EXEEXT)
+ $(LINK) $(hpropd_LDFLAGS) $(hpropd_OBJECTS) $(hpropd_LDADD) $(LIBS)
+kdc$(EXEEXT): $(kdc_OBJECTS) $(kdc_DEPENDENCIES)
+ @rm -f kdc$(EXEEXT)
+ $(LINK) $(kdc_LDFLAGS) $(kdc_OBJECTS) $(kdc_LDADD) $(LIBS)
+kstash$(EXEEXT): $(kstash_OBJECTS) $(kstash_DEPENDENCIES)
+ @rm -f kstash$(EXEEXT)
+ $(LINK) $(kstash_LDFLAGS) $(kstash_OBJECTS) $(kstash_LDADD) $(LIBS)
+string2key$(EXEEXT): $(string2key_OBJECTS) $(string2key_DEPENDENCIES)
+ @rm -f string2key$(EXEEXT)
+ $(LINK) $(string2key_LDFLAGS) $(string2key_OBJECTS) $(string2key_LDADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT) core *.core
+
+distclean-compile:
+ -rm -f *.tab.c
+
+.c.o:
+ $(COMPILE) -c `test -f '$<' || echo '$(srcdir)/'`$<
+
+.c.obj:
+ $(COMPILE) -c `cygpath -w $<`
+
+.c.lo:
+ $(LTCOMPILE) -c -o $@ `test -f '$<' || echo '$(srcdir)/'`$<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+
+distclean-libtool:
+ -rm -f libtool
+uninstall-info-am:
+
+man8dir = $(mandir)/man8
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ $(mkinstalldirs) $(DESTDIR)$(man8dir)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) $$file $(DESTDIR)$(man8dir)/$$inst"; \
+ $(INSTALL_DATA) $$file $(DESTDIR)$(man8dir)/$$inst; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f $(DESTDIR)$(man8dir)/$$inst"; \
+ rm -f $(DESTDIR)$(man8dir)/$$inst; \
+ done
+
+ETAGS = etags
+ETAGSFLAGS =
+
+tags: TAGS
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(ETAGS_ARGS)$$tags$$unique" \
+ || $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+
+top_distdir = ..
+distdir = $(top_distdir)/$(PACKAGE)-$(VERSION)
+
+distdir: $(DISTFILES)
+ @list='$(DISTFILES)'; for file in $$list; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test "$$dir" != "$$file" && test "$$dir" != "."; then \
+ dir="/$$dir"; \
+ $(mkinstalldirs) "$(distdir)$$dir"; \
+ else \
+ dir=''; \
+ fi; \
+ if test -d $$d/$$file; then \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+ $(MAKE) $(AM_MAKEFLAGS) \
+ top_distdir="${top_distdir}" distdir="$(distdir)" \
+ dist-hook
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-local
+check: check-am
+all-am: Makefile $(PROGRAMS) $(MANS) all-local
+
+installdirs:
+ $(mkinstalldirs) $(DESTDIR)$(bindir) $(DESTDIR)$(libexecdir) $(DESTDIR)$(sbindir) $(DESTDIR)$(man8dir)
+
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+ -rm -f Makefile $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-binPROGRAMS clean-generic clean-libexecPROGRAMS \
+ clean-libtool clean-sbinPROGRAMS mostlyclean-am
+
+distclean: distclean-am
+
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-libtool distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+info: info-am
+
+info-am:
+
+install-data-am: install-data-local install-man
+
+install-exec-am: install-binPROGRAMS install-libexecPROGRAMS \
+ install-sbinPROGRAMS
+ @$(NORMAL_INSTALL)
+ $(MAKE) $(AM_MAKEFLAGS) install-exec-hook
+
+install-info: install-info-am
+
+install-man: install-man8
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+uninstall-am: uninstall-binPROGRAMS uninstall-info-am \
+ uninstall-libexecPROGRAMS uninstall-man uninstall-sbinPROGRAMS
+
+uninstall-man: uninstall-man8
+
+.PHONY: GTAGS all all-am all-local check check-am check-local clean \
+ clean-binPROGRAMS clean-generic clean-libexecPROGRAMS \
+ clean-libtool clean-sbinPROGRAMS distclean distclean-compile \
+ distclean-generic distclean-libtool distclean-tags distdir dvi \
+ dvi-am info info-am install install-am install-binPROGRAMS \
+ install-data install-data-am install-data-local install-exec \
+ install-exec-am install-info install-info-am \
+ install-libexecPROGRAMS install-man install-man8 \
+ install-sbinPROGRAMS install-strip installcheck installcheck-am \
+ installdirs maintainer-clean maintainer-clean-generic \
+ mostlyclean mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool tags uninstall uninstall-am \
+ uninstall-binPROGRAMS uninstall-info-am \
+ uninstall-libexecPROGRAMS uninstall-man uninstall-man8 \
+ uninstall-sbinPROGRAMS
+
+
+install-suid-programs:
+ @foo='$(bin_SUIDS)'; \
+ for file in $$foo; do \
+ x=$(DESTDIR)$(bindir)/$$file; \
+ if chown 0:0 $$x && chmod u+s $$x; then :; else \
+ echo "*"; \
+ echo "* Failed to install $$x setuid root"; \
+ echo "*"; \
+ fi; done
+
+install-exec-hook: install-suid-programs
+
+install-build-headers:: $(include_HEADERS) $(build_HEADERZ)
+ @foo='$(include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \
+ for f in $$foo; do \
+ f=`basename $$f`; \
+ if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \
+ else file="$$f"; fi; \
+ if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \
+ : ; else \
+ echo " $(CP) $$file $(buildinclude)/$$f"; \
+ $(CP) $$file $(buildinclude)/$$f; \
+ fi ; \
+ done
+
+all-local: install-build-headers
+
+check-local::
+ @if test '$(CHECK_LOCAL)'; then \
+ foo='$(CHECK_LOCAL)'; else \
+ foo='$(PROGRAMS)'; fi; \
+ if test "$$foo"; then \
+ failed=0; all=0; \
+ for i in $$foo; do \
+ all=`expr $$all + 1`; \
+ if ./$$i --version > /dev/null 2>&1; then \
+ echo "PASS: $$i"; \
+ else \
+ echo "FAIL: $$i"; \
+ failed=`expr $$failed + 1`; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="$$failed of $$all tests failed"; \
+ fi; \
+ dashes=`echo "$$banner" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ fi
+
+.x.c:
+ @cmp -s $< $@ 2> /dev/null || cp $< $@
+#NROFF_MAN = nroff -man
+.1.cat1:
+ $(NROFF_MAN) $< > $@
+.3.cat3:
+ $(NROFF_MAN) $< > $@
+.5.cat5:
+ $(NROFF_MAN) $< > $@
+.8.cat8:
+ $(NROFF_MAN) $< > $@
+
+dist-cat1-mans:
+ @foo='$(man1_MANS)'; \
+ bar='$(man_MANS)'; \
+ for i in $$bar; do \
+ case $$i in \
+ *.1) foo="$$foo $$i";; \
+ esac; done ;\
+ for i in $$foo; do \
+ x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \
+ echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
+ $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
+ done
+
+dist-cat3-mans:
+ @foo='$(man3_MANS)'; \
+ bar='$(man_MANS)'; \
+ for i in $$bar; do \
+ case $$i in \
+ *.3) foo="$$foo $$i";; \
+ esac; done ;\
+ for i in $$foo; do \
+ x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \
+ echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
+ $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
+ done
+
+dist-cat5-mans:
+ @foo='$(man5_MANS)'; \
+ bar='$(man_MANS)'; \
+ for i in $$bar; do \
+ case $$i in \
+ *.5) foo="$$foo $$i";; \
+ esac; done ;\
+ for i in $$foo; do \
+ x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \
+ echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
+ $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
+ done
+
+dist-cat8-mans:
+ @foo='$(man8_MANS)'; \
+ bar='$(man_MANS)'; \
+ for i in $$bar; do \
+ case $$i in \
+ *.8) foo="$$foo $$i";; \
+ esac; done ;\
+ for i in $$foo; do \
+ x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \
+ echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
+ $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
+ done
+
+dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans
+
+install-cat-mans:
+ $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS)
+
+install-data-local: install-cat-mans
+
+.et.h:
+ $(COMPILE_ET) $<
+.et.c:
+ $(COMPILE_ET) $<
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/crypto/heimdal/kdc/Makefile.in b/crypto/heimdal/kdc/Makefile.in
index 8716748..e8f13fd 100644
--- a/crypto/heimdal/kdc/Makefile.in
+++ b/crypto/heimdal/kdc/Makefile.in
@@ -1,6 +1,7 @@
-# Makefile.in generated automatically by automake 1.5 from Makefile.am.
+# Makefile.in generated by automake 1.6.3 from Makefile.am.
+# @configure_input@
-# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001
+# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002
# Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -15,12 +16,9 @@
# $Id: Makefile.am,v 1.43 2001/08/28 08:31:27 assar Exp $
+# $Id: Makefile.am.common,v 1.5 2002/05/19 18:35:37 joda Exp $
-# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
-
-
-# $Id: Makefile.am.common,v 1.31 2001/09/01 11:12:18 assar Exp $
-
+# $Id: Makefile.am.common,v 1.36 2002/08/19 16:10:25 joda Exp $
SHELL = @SHELL@
srcdir = @srcdir@
@@ -51,9 +49,13 @@ AUTOCONF = @AUTOCONF@
AUTOMAKE = @AUTOMAKE@
AUTOHEADER = @AUTOHEADER@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
INSTALL = @INSTALL@
INSTALL_PROGRAM = @INSTALL_PROGRAM@
INSTALL_DATA = @INSTALL_DATA@
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_HEADER = $(INSTALL_DATA)
transform = @program_transform_name@
@@ -65,6 +67,10 @@ PRE_UNINSTALL = :
POST_UNINSTALL = :
host_alias = @host_alias@
host_triplet = @host@
+
+EXEEXT = @EXEEXT@
+OBJEXT = @OBJEXT@
+PATH_SEPARATOR = @PATH_SEPARATOR@
AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@
AMTAR = @AMTAR@
AS = @AS@
@@ -81,7 +87,7 @@ DIR_com_err = @DIR_com_err@
DIR_des = @DIR_des@
DIR_roken = @DIR_roken@
DLLTOOL = @DLLTOOL@
-EXEEXT = @EXEEXT@
+ECHO = @ECHO@
EXTRA_LIB45 = @EXTRA_LIB45@
GROFF = @GROFF@
INCLUDES_roken = @INCLUDES_roken@
@@ -89,7 +95,9 @@ INCLUDE_ = @INCLUDE_@
INCLUDE_des = @INCLUDE_des@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
LEX = @LEX@
-LIBOBJS = @LIBOBJS@
+
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
LIBTOOL = @LIBTOOL@
LIB_ = @LIB_@
LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@
@@ -111,9 +119,9 @@ NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@
NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@
NROFF = @NROFF@
OBJDUMP = @OBJDUMP@
-OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
RANLIB = @RANLIB@
+STRIP = @STRIP@
VERSION = @VERSION@
VOID_RETSIGTYPE = @VOID_RETSIGTYPE@
WFLAGS = @WFLAGS@
@@ -126,16 +134,19 @@ X_PRE_LIBS = @X_PRE_LIBS@
YACC = @YACC@
am__include = @am__include@
am__quote = @am__quote@
-dpagaix_CFLAGS = @dpagaix_CFLAGS@
-dpagaix_LDADD = @dpagaix_LDADD@
+dpagaix_cflags = @dpagaix_cflags@
+dpagaix_ldadd = @dpagaix_ldadd@
+dpagaix_ldflags = @dpagaix_ldflags@
install_sh = @install_sh@
-AUTOMAKE_OPTIONS = foreign no-dependencies 1.4b
+AUTOMAKE_OPTIONS = foreign no-dependencies 1.6
-SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x
+SUFFIXES = .et .h .x .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8
INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken) $(INCLUDE_krb4) $(INCLUDE_des) -I$(srcdir)/../lib/krb5
+@do_roken_rename_TRUE@ROKEN_RENAME = -DROKEN_RENAME
+
AM_CFLAGS = $(WFLAGS)
CP = cp
@@ -166,8 +177,6 @@ LIB_socket = @LIB_socket@
LIB_syslog = @LIB_syslog@
LIB_tgetent = @LIB_tgetent@
-LIBS = @LIBS@
-
HESIODLIB = @HESIODLIB@
HESIODINCLUDE = @HESIODINCLUDE@
INCLUDE_hesiod = @INCLUDE_hesiod@
@@ -182,8 +191,6 @@ LIB_openldap = @LIB_openldap@
INCLUDE_readline = @INCLUDE_readline@
LIB_readline = @LIB_readline@
-LEXLIB = @LEXLIB@
-
NROFF_MAN = groff -mandoc -Tascii
@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
@@ -195,8 +202,6 @@ NROFF_MAN = groff -mandoc -Tascii
@DCE_TRUE@LIB_kdfs = $(top_builddir)/lib/kdfs/libkdfs.la
-CHECK_LOCAL = $(PROGRAMS)
-
bin_PROGRAMS = string2key
sbin_PROGRAMS = kstash
@@ -280,13 +285,11 @@ hpropd_DEPENDENCIES = $(top_builddir)/lib/hdb/libhdb.la \
$(top_builddir)/lib/krb5/libkrb5.la \
$(top_builddir)/lib/asn1/libasn1.la
hpropd_LDFLAGS =
-@KRB4_TRUE@am_kdc_OBJECTS = config.$(OBJEXT) connect.$(OBJEXT) \
-@KRB4_TRUE@ kerberos5.$(OBJEXT) log.$(OBJEXT) main.$(OBJEXT) \
-@KRB4_TRUE@ misc.$(OBJEXT) 524.$(OBJEXT) kerberos4.$(OBJEXT) \
+@KRB4_TRUE@am__objects_1 = 524.$(OBJEXT) kerberos4.$(OBJEXT) \
@KRB4_TRUE@ kaserver.$(OBJEXT)
-@KRB4_FALSE@am_kdc_OBJECTS = config.$(OBJEXT) connect.$(OBJEXT) \
-@KRB4_FALSE@ kerberos5.$(OBJEXT) log.$(OBJEXT) main.$(OBJEXT) \
-@KRB4_FALSE@ misc.$(OBJEXT)
+@KRB4_FALSE@am__objects_1 =
+am_kdc_OBJECTS = config.$(OBJEXT) connect.$(OBJEXT) kerberos5.$(OBJEXT) \
+ log.$(OBJEXT) main.$(OBJEXT) misc.$(OBJEXT) $(am__objects_1)
kdc_OBJECTS = $(am_kdc_OBJECTS)
kdc_DEPENDENCIES = $(top_builddir)/lib/hdb/libhdb.la \
$(top_builddir)/lib/krb5/libkrb5.la \
@@ -311,7 +314,9 @@ DEFS = @DEFS@
DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include
CPPFLAGS = @CPPFLAGS@
LDFLAGS = @LDFLAGS@
+LIBS = @LIBS@
depcomp =
+am__depfiles_maybe =
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) \
@@ -322,8 +327,6 @@ LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
CFLAGS = @CFLAGS@
DIST_SOURCES = $(hprop_SOURCES) $(hpropd_SOURCES) $(kdc_SOURCES) \
$(kstash_SOURCES) $(string2key_SOURCES)
-
-NROFF = nroff
MANS = $(man_MANS)
DIST_COMMON = Makefile.am Makefile.in
SOURCES = $(hprop_SOURCES) $(hpropd_SOURCES) $(kdc_SOURCES) $(kstash_SOURCES) $(string2key_SOURCES)
@@ -331,23 +334,13 @@ SOURCES = $(hprop_SOURCES) $(hpropd_SOURCES) $(kdc_SOURCES) $(kstash_SOURCES) $(
all: all-am
.SUFFIXES:
-.SUFFIXES: .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x .c .lo .o .obj
-
-mostlyclean-libtool:
- -rm -f *.lo
-
-clean-libtool:
- -rm -rf .libs _libs
-
-distclean-libtool:
- -rm -f libtool
+.SUFFIXES: .et .h .x .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .c .lo .o .obj
$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common $(top_srcdir)/configure.in $(ACLOCAL_M4)
cd $(top_srcdir) && \
$(AUTOMAKE) --foreign kdc/Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
- cd $(top_builddir) && \
- CONFIG_HEADERS= CONFIG_LINKS= \
- CONFIG_FILES=$(subdir)/$@ $(SHELL) ./config.status
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)
+binPROGRAMS_INSTALL = $(INSTALL_PROGRAM)
install-binPROGRAMS: $(bin_PROGRAMS)
@$(NORMAL_INSTALL)
$(mkinstalldirs) $(DESTDIR)$(bindir)
@@ -356,22 +349,27 @@ install-binPROGRAMS: $(bin_PROGRAMS)
if test -f $$p \
|| test -f $$p1 \
; then \
- f=`echo $$p1|sed '$(transform);s/$$/$(EXEEXT)/'`; \
- echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(bindir)/$$f"; \
- $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(bindir)/$$f; \
+ f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \
+ echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) $$p $(DESTDIR)$(bindir)/$$f"; \
+ $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) $$p $(DESTDIR)$(bindir)/$$f; \
else :; fi; \
done
uninstall-binPROGRAMS:
@$(NORMAL_UNINSTALL)
@list='$(bin_PROGRAMS)'; for p in $$list; do \
- f=`echo $$p|sed 's/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \
+ f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \
echo " rm -f $(DESTDIR)$(bindir)/$$f"; \
rm -f $(DESTDIR)$(bindir)/$$f; \
done
clean-binPROGRAMS:
- -test -z "$(bin_PROGRAMS)" || rm -f $(bin_PROGRAMS)
+ @list='$(bin_PROGRAMS)'; for p in $$list; do \
+ f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
+ echo " rm -f $$p $$f"; \
+ rm -f $$p $$f ; \
+ done
+libexecPROGRAMS_INSTALL = $(INSTALL_PROGRAM)
install-libexecPROGRAMS: $(libexec_PROGRAMS)
@$(NORMAL_INSTALL)
$(mkinstalldirs) $(DESTDIR)$(libexecdir)
@@ -380,22 +378,27 @@ install-libexecPROGRAMS: $(libexec_PROGRAMS)
if test -f $$p \
|| test -f $$p1 \
; then \
- f=`echo $$p1|sed '$(transform);s/$$/$(EXEEXT)/'`; \
- echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(libexecdir)/$$f"; \
- $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(libexecdir)/$$f; \
+ f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \
+ echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) $$p $(DESTDIR)$(libexecdir)/$$f"; \
+ $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(libexecPROGRAMS_INSTALL) $$p $(DESTDIR)$(libexecdir)/$$f; \
else :; fi; \
done
uninstall-libexecPROGRAMS:
@$(NORMAL_UNINSTALL)
@list='$(libexec_PROGRAMS)'; for p in $$list; do \
- f=`echo $$p|sed 's/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \
+ f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \
echo " rm -f $(DESTDIR)$(libexecdir)/$$f"; \
rm -f $(DESTDIR)$(libexecdir)/$$f; \
done
clean-libexecPROGRAMS:
- -test -z "$(libexec_PROGRAMS)" || rm -f $(libexec_PROGRAMS)
+ @list='$(libexec_PROGRAMS)'; for p in $$list; do \
+ f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
+ echo " rm -f $$p $$f"; \
+ rm -f $$p $$f ; \
+ done
+sbinPROGRAMS_INSTALL = $(INSTALL_PROGRAM)
install-sbinPROGRAMS: $(sbin_PROGRAMS)
@$(NORMAL_INSTALL)
$(mkinstalldirs) $(DESTDIR)$(sbindir)
@@ -404,22 +407,26 @@ install-sbinPROGRAMS: $(sbin_PROGRAMS)
if test -f $$p \
|| test -f $$p1 \
; then \
- f=`echo $$p1|sed '$(transform);s/$$/$(EXEEXT)/'`; \
- echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(sbindir)/$$f"; \
- $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(sbindir)/$$f; \
+ f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \
+ echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) $$p $(DESTDIR)$(sbindir)/$$f"; \
+ $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(sbinPROGRAMS_INSTALL) $$p $(DESTDIR)$(sbindir)/$$f; \
else :; fi; \
done
uninstall-sbinPROGRAMS:
@$(NORMAL_UNINSTALL)
@list='$(sbin_PROGRAMS)'; for p in $$list; do \
- f=`echo $$p|sed 's/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \
+ f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \
echo " rm -f $(DESTDIR)$(sbindir)/$$f"; \
rm -f $(DESTDIR)$(sbindir)/$$f; \
done
clean-sbinPROGRAMS:
- -test -z "$(sbin_PROGRAMS)" || rm -f $(sbin_PROGRAMS)
+ @list='$(sbin_PROGRAMS)'; for p in $$list; do \
+ f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
+ echo " rm -f $$p $$f"; \
+ rm -f $$p $$f ; \
+ done
hprop$(EXEEXT): $(hprop_OBJECTS) $(hprop_DEPENDENCIES)
@rm -f hprop$(EXEEXT)
$(LINK) $(hprop_LDFLAGS) $(hprop_OBJECTS) $(hprop_LDADD) $(LIBS)
@@ -443,13 +450,22 @@ distclean-compile:
-rm -f *.tab.c
.c.o:
- $(COMPILE) -c `test -f $< || echo '$(srcdir)/'`$<
+ $(COMPILE) -c `test -f '$<' || echo '$(srcdir)/'`$<
.c.obj:
$(COMPILE) -c `cygpath -w $<`
.c.lo:
- $(LTCOMPILE) -c -o $@ `test -f $< || echo '$(srcdir)/'`$<
+ $(LTCOMPILE) -c -o $@ `test -f '$<' || echo '$(srcdir)/'`$<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+
+distclean-libtool:
+ -rm -f libtool
uninstall-info-am:
man8dir = $(mandir)/man8
@@ -467,6 +483,10 @@ install-man8: $(man8_MANS) $(man_MANS)
if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
else file=$$i; fi; \
ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
inst=`echo $$inst | sed -e 's/^.*\///'`; \
inst=`echo $$inst | sed '$(transform)'`.$$ext; \
@@ -491,53 +511,61 @@ uninstall-man8:
rm -f $(DESTDIR)$(man8dir)/$$inst; \
done
+ETAGS = etags
+ETAGSFLAGS =
+
tags: TAGS
ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
- list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
- mkid -fID $$unique $(LISP)
+ mkid -fID $$unique
TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
$(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
- list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
unique=`for i in $$list; do \
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
done | \
$(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
- test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
- || etags $(ETAGS_ARGS) $$tags $$unique $(LISP)
+ test -z "$(ETAGS_ARGS)$$tags$$unique" \
+ || $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique
GTAGS:
- here=`CDPATH=: && cd $(top_builddir) && pwd` \
+ here=`$(am__cd) $(top_builddir) && pwd` \
&& cd $(top_srcdir) \
&& gtags -i $(GTAGS_ARGS) $$here
distclean-tags:
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH
-
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
top_distdir = ..
distdir = $(top_distdir)/$(PACKAGE)-$(VERSION)
distdir: $(DISTFILES)
- @for file in $(DISTFILES); do \
- if test -f $$file; then d=.; else d=$(srcdir); fi; \
+ @list='$(DISTFILES)'; for file in $$list; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \
if test "$$dir" != "$$file" && test "$$dir" != "."; then \
- $(mkinstalldirs) "$(distdir)/$$dir"; \
+ dir="/$$dir"; \
+ $(mkinstalldirs) "$(distdir)$$dir"; \
+ else \
+ dir=''; \
fi; \
if test -d $$d/$$file; then \
- cp -pR $$d/$$file $(distdir) \
- || exit 1; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
else \
test -f $(distdir)/$$file \
|| cp -p $$d/$$file $(distdir)/$$file \
@@ -566,6 +594,7 @@ install-am: all-am
installcheck: installcheck-am
install-strip:
$(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ INSTALL_STRIP_FLAG=-s \
`test -z '$(STRIP)' || \
echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
mostlyclean-generic:
@@ -573,7 +602,7 @@ mostlyclean-generic:
clean-generic:
distclean-generic:
- -rm -f Makefile $(CONFIG_CLEAN_FILES) stamp-h stamp-h[0-9]*
+ -rm -f Makefile $(CONFIG_CLEAN_FILES)
maintainer-clean-generic:
@echo "This command is intended for maintainers to use"
@@ -653,7 +682,7 @@ install-suid-programs:
install-exec-hook: install-suid-programs
install-build-headers:: $(include_HEADERS) $(build_HEADERZ)
- @foo='$(include_HEADERS) $(build_HEADERZ)'; \
+ @foo='$(include_HEADERS) $(nodist_include_HEADERS) $(build_HEADERZ)'; \
for f in $$foo; do \
f=`basename $$f`; \
if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \
@@ -666,6 +695,36 @@ install-build-headers:: $(include_HEADERS) $(build_HEADERZ)
done
all-local: install-build-headers
+
+check-local::
+ @if test '$(CHECK_LOCAL)'; then \
+ foo='$(CHECK_LOCAL)'; else \
+ foo='$(PROGRAMS)'; fi; \
+ if test "$$foo"; then \
+ failed=0; all=0; \
+ for i in $$foo; do \
+ all=`expr $$all + 1`; \
+ if ./$$i --version > /dev/null 2>&1; then \
+ echo "PASS: $$i"; \
+ else \
+ echo "FAIL: $$i"; \
+ failed=`expr $$failed + 1`; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="$$failed of $$all tests failed"; \
+ fi; \
+ dashes=`echo "$$banner" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ fi
+
+.x.c:
+ @cmp -s $< $@ 2> /dev/null || cp $< $@
#NROFF_MAN = nroff -man
.1.cat1:
$(NROFF_MAN) $< > $@
@@ -739,34 +798,6 @@ install-data-local: install-cat-mans
$(COMPILE_ET) $<
.et.c:
$(COMPILE_ET) $<
-
-.x.c:
- @cmp -s $< $@ 2> /dev/null || cp $< $@
-
-check-local::
- @foo='$(CHECK_LOCAL)'; \
- if test "$$foo"; then \
- failed=0; all=0; \
- for i in $$foo; do \
- all=`expr $$all + 1`; \
- if ./$$i --version > /dev/null 2>&1; then \
- echo "PASS: $$i"; \
- else \
- echo "FAIL: $$i"; \
- failed=`expr $$failed + 1`; \
- fi; \
- done; \
- if test "$$failed" -eq 0; then \
- banner="All $$all tests passed"; \
- else \
- banner="$$failed of $$all tests failed"; \
- fi; \
- dashes=`echo "$$banner" | sed s/./=/g`; \
- echo "$$dashes"; \
- echo "$$banner"; \
- echo "$$dashes"; \
- test "$$failed" -eq 0; \
- fi
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
.NOEXPORT:
diff --git a/crypto/heimdal/kdc/config.c b/crypto/heimdal/kdc/config.c
index 99c49a8..165e309 100644
--- a/crypto/heimdal/kdc/config.c
+++ b/crypto/heimdal/kdc/config.c
@@ -35,9 +35,9 @@
#include <getarg.h>
#include <parse_bytes.h>
-RCSID("$Id: config.c,v 1.39 2002/02/04 10:53:48 joda Exp $");
+RCSID("$Id: config.c,v 1.43 2002/08/29 01:51:07 assar Exp $");
-static char *config_file; /* location of kdc config file */
+static const char *config_file; /* location of kdc config file */
int require_preauth = -1; /* 1 == require preauth for all principals */
@@ -51,7 +51,12 @@ struct dbinfo *databases;
HDB **db;
int num_db;
-char *port_str;
+const char *port_str;
+
+#ifdef HAVE_DAEMON
+int detach_from_console = -1;
+#define DETACH_IS_DEFAULT FALSE
+#endif
int enable_http = -1;
krb5_boolean encode_as_rep_as_tgs_rep; /* bug compatibility */
@@ -112,6 +117,19 @@ static struct getargs args[] = {
{ "ports", 'P', arg_string, &port_str,
"ports to listen to", "portspec"
},
+#ifdef HAVE_DAEMON
+#if DETACH_IS_DEFAULT
+ {
+ "detach", 'D', arg_negative_flag, &detach_from_console,
+ "don't detach from console"
+ },
+#else
+ {
+ "detach", 0 , arg_flag, &detach_from_console,
+ "detach from console"
+ },
+#endif
+#endif
{ "addresses", 0, arg_strings, &addresses_str,
"addresses to listen on", "list of addresses" },
{ "help", 'h', arg_flag, &help_flag },
@@ -128,11 +146,11 @@ usage(int ret)
}
static void
-get_dbinfo(krb5_config_section *cf)
+get_dbinfo(void)
{
- krb5_config_binding *top_binding = NULL;
- krb5_config_binding *db_binding;
- krb5_config_binding *default_binding = NULL;
+ const krb5_config_binding *top_binding = NULL;
+ const krb5_config_binding *db_binding;
+ const krb5_config_binding *default_binding = NULL;
struct dbinfo *di, **dt;
const char *default_dbname = HDB_DEFAULT_DB;
const char *default_mkey = HDB_DB_DIR "/m-key";
@@ -140,8 +158,8 @@ get_dbinfo(krb5_config_section *cf)
databases = NULL;
dt = &databases;
- while((db_binding = (krb5_config_binding *)
- krb5_config_get_next(context, cf, &top_binding,
+ while((db_binding = (const krb5_config_binding *)
+ krb5_config_get_next(context, NULL, &top_binding,
krb5_config_list,
"kdc",
"database",
@@ -225,7 +243,6 @@ add_one_address (const char *str, int first)
void
configure(int argc, char **argv)
{
- krb5_config_section *cf = NULL;
int optind = 0;
int e;
const char *p;
@@ -247,13 +264,28 @@ configure(int argc, char **argv)
if (argc != 0)
usage(1);
- if(config_file == NULL)
- config_file = _PATH_KDC_CONF;
-
- if(krb5_config_parse_file(context, config_file, &cf))
- cf = NULL;
-
- get_dbinfo(cf);
+ {
+ krb5_error_code ret;
+ char **files;
+ char *tmp;
+ if(config_file == NULL)
+ config_file = _PATH_KDC_CONF;
+ asprintf(&tmp, "%s:%s", config_file, krb5_config_file);
+ if(tmp == NULL)
+ krb5_errx(context, 1, "out of memory");
+
+ krb5_config_file = tmp;
+
+ ret = krb5_get_default_config_files(&files);
+ if(ret)
+ krb5_err(context, 1, ret, "reading configuration files");
+ ret = krb5_set_config_files(context, files);
+ krb5_free_config_files(files);
+ if(ret)
+ krb5_err(context, 1, ret, "reading configuration files");
+ }
+
+ get_dbinfo();
if(max_request_str){
max_request = parse_bytes(max_request_str, NULL);
@@ -261,7 +293,7 @@ configure(int argc, char **argv)
if(max_request == 0){
p = krb5_config_get_string (context,
- cf,
+ NULL,
"kdc",
"max-request",
NULL);
@@ -270,11 +302,11 @@ configure(int argc, char **argv)
}
if(require_preauth == -1)
- require_preauth = krb5_config_get_bool(context, cf, "kdc",
+ require_preauth = krb5_config_get_bool(context, NULL, "kdc",
"require-preauth", NULL);
if(port_str == NULL){
- p = krb5_config_get_string(context, cf, "kdc", "ports", NULL);
+ p = krb5_config_get_string(context, NULL, "kdc", "ports", NULL);
if (p != NULL)
port_str = strdup(p);
}
@@ -288,7 +320,7 @@ configure(int argc, char **argv)
add_one_address (addresses_str.strings[i], i == 0);
free_getarg_strings (&addresses_str);
} else {
- char **foo = krb5_config_get_strings (context, cf,
+ char **foo = krb5_config_get_strings (context, NULL,
"kdc", "addresses", NULL);
if (foo != NULL) {
@@ -300,29 +332,29 @@ configure(int argc, char **argv)
#ifdef KRB4
if(enable_v4 == -1)
- enable_v4 = krb5_config_get_bool_default(context, cf, TRUE, "kdc",
+ enable_v4 = krb5_config_get_bool_default(context, NULL, TRUE, "kdc",
"enable-kerberos4", NULL);
if(enable_524 == -1)
- enable_524 = krb5_config_get_bool_default(context, cf, enable_v4,
+ enable_524 = krb5_config_get_bool_default(context, NULL, enable_v4,
"kdc", "enable-524", NULL);
#endif
if(enable_http == -1)
- enable_http = krb5_config_get_bool(context, cf, "kdc",
+ enable_http = krb5_config_get_bool(context, NULL, "kdc",
"enable-http", NULL);
check_ticket_addresses =
- krb5_config_get_bool_default(context, cf, TRUE, "kdc",
+ krb5_config_get_bool_default(context, NULL, TRUE, "kdc",
"check-ticket-addresses", NULL);
allow_null_ticket_addresses =
- krb5_config_get_bool_default(context, cf, TRUE, "kdc",
+ krb5_config_get_bool_default(context, NULL, TRUE, "kdc",
"allow-null-ticket-addresses", NULL);
allow_anonymous =
- krb5_config_get_bool(context, cf, "kdc",
+ krb5_config_get_bool(context, NULL, "kdc",
"allow-anonymous", NULL);
#ifdef KRB4
if(v4_realm == NULL){
- p = krb5_config_get_string (context, cf,
+ p = krb5_config_get_string (context, NULL,
"kdc",
"v4-realm",
NULL);
@@ -330,23 +362,29 @@ configure(int argc, char **argv)
v4_realm = strdup(p);
}
if (enable_kaserver == -1)
- enable_kaserver = krb5_config_get_bool_default(context, cf, FALSE,
+ enable_kaserver = krb5_config_get_bool_default(context, NULL, FALSE,
"kdc",
"enable-kaserver",
NULL);
#endif
- encode_as_rep_as_tgs_rep = krb5_config_get_bool(context, cf, "kdc",
+ encode_as_rep_as_tgs_rep = krb5_config_get_bool(context, NULL, "kdc",
"encode_as_rep_as_tgs_rep",
NULL);
- kdc_warn_pwexpire = krb5_config_get_time (context, cf,
+ kdc_warn_pwexpire = krb5_config_get_time (context, NULL,
"kdc",
"kdc_warn_pwexpire",
NULL);
- kdc_openlog(cf);
- if(cf)
- krb5_config_file_free (context, cf);
+
+#ifdef HAVE_DAEMON
+ if(detach_from_console == -1)
+ detach_from_console = krb5_config_get_bool_default(context, NULL,
+ DETACH_IS_DEFAULT,
+ "kdc",
+ "detach", NULL);
+#endif
+ kdc_openlog();
if(max_request == 0)
max_request = 64 * 1024;
if(require_preauth == -1)
diff --git a/crypto/heimdal/kdc/connect.c b/crypto/heimdal/kdc/connect.c
index d747a18..960cfa6 100644
--- a/crypto/heimdal/kdc/connect.c
+++ b/crypto/heimdal/kdc/connect.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "kdc_locl.h"
-RCSID("$Id: connect.c,v 1.84 2001/08/21 10:10:25 assar Exp $");
+RCSID("$Id: connect.c,v 1.86 2002/08/12 13:29:48 joda Exp $");
/*
* a tuple describing on what to listen
@@ -396,12 +396,13 @@ static void
addr_to_string(struct sockaddr *addr, size_t addr_len, char *str, size_t len)
{
krb5_address a;
- krb5_sockaddr2address(context, addr, &a);
- if(krb5_print_address(&a, str, len, &len) == 0) {
+ if(krb5_sockaddr2address(context, addr, &a) == 0) {
+ if(krb5_print_address(&a, str, len, &len) == 0) {
+ krb5_free_address(context, &a);
+ return;
+ }
krb5_free_address(context, &a);
- return;
}
- krb5_free_address(context, &a);
snprintf(str, len, "<family=%d>", addr->sa_family);
}
@@ -652,12 +653,14 @@ handle_http_tcp (struct descr *d)
const char *msg =
" 404 Not found\r\n"
"Server: Heimdal/" VERSION "\r\n"
+ "Cache-Control: no-cache\r\n"
+ "Pragma: no-cache\r\n"
"Content-type: text/html\r\n"
"Content-transfer-encoding: 8bit\r\n\r\n"
"<TITLE>404 Not found</TITLE>\r\n"
"<H1>404 Not found</H1>\r\n"
"That page doesn't exist, maybe you are looking for "
- "<A HREF=\"http://www.pdc.kth.se/heimdal\">Heimdal</A>?\r\n";
+ "<A HREF=\"http://www.pdc.kth.se/heimdal/\">Heimdal</A>?\r\n";
write(d->s, proto, strlen(proto));
write(d->s, msg, strlen(msg));
kdc_log(0, "HTTP request from %s is non KDC request", d->addr_string);
@@ -669,6 +672,8 @@ handle_http_tcp (struct descr *d)
const char *msg =
" 200 OK\r\n"
"Server: Heimdal/" VERSION "\r\n"
+ "Cache-Control: no-cache\r\n"
+ "Pragma: no-cache\r\n"
"Content-type: application/octet-stream\r\n"
"Content-transfer-encoding: binary\r\n\r\n";
write(d->s, proto, strlen(proto));
diff --git a/crypto/heimdal/kdc/hprop.8 b/crypto/heimdal/kdc/hprop.8
index 252b761..f9b3ba7 100644
--- a/crypto/heimdal/kdc/hprop.8
+++ b/crypto/heimdal/kdc/hprop.8
@@ -1,4 +1,4 @@
-.\" $Id: hprop.8,v 1.13 2001/07/19 16:33:26 assar Exp $
+.\" $Id: hprop.8,v 1.16 2002/08/20 17:18:38 joda Exp $
.\"
.Dd June 19, 2000
.Dt HPROP 8
@@ -58,20 +58,20 @@ specified on the command by opening a TCP connection to port 754
Supported options:
.Bl -tag -width Ds
.It Xo
-.Fl m Ar file Ns ,
+.Fl m Ar file ,
.Fl -master-key= Ns Pa file
.Xc
Where to find the master key to encrypt or decrypt keys with.
.It Xo
-.Fl d Ar file Ns ,
+.Fl d Ar file ,
.Fl -database= Ns Pa file
.Xc
The database to be propagated.
.It Xo
.Fl -source= Ns Ar heimdal|mit-dump|krb4-dump|krb4-db|kaserver
.Xc
-Specifies the type of the source database. Alternatives include:
-
+Specifies the type of the source database. Alternatives include:
+.Pp
.Bl -tag -width krb4-dump -compact -offset indent
.It heimdal
a Heimdal database
@@ -85,7 +85,7 @@ a Kerberos 4 dump file
an AFS kaserver database
.El
.It Xo
-.Fl k Ar keytab Ns ,
+.Fl k Ar keytab ,
.Fl -keytab= Ns Ar keytab
.Xc
The keytab to use for fetching the key to be used for authenticating
@@ -94,24 +94,24 @@ to the propagation daemon(s). The key
is used from this keytab. The default is to fetch the key from the
KDC database.
.It Xo
-.Fl R Ar string Ns ,
+.Fl R Ar string ,
.Fl -v5-realm= Ns Ar string
.Xc
Local realm override.
.It Xo
-.Fl D Ns ,
+.Fl D ,
.Fl -decrypt
.Xc
The encryption keys in the database can either be in clear, or
encrypted with a master key. This option transmits the database with
unencrypted keys.
.It Xo
-.Fl E Ns ,
+.Fl E ,
.Fl -encrypt
.Xc
This option transmits the database with encrypted keys.
.It Xo
-.Fl n Ns ,
+.Fl n ,
.Fl -stdout
.Xc
Dump the database on stdout, in a format that can be fed to hpropd.
@@ -122,31 +122,31 @@ The following options are only valid if
is compiled with support for Kerberos 4 (kaserver).
.Bl -tag -width Ds
.It Xo
-.Fl r Ar string Ns ,
+.Fl r Ar string ,
.Fl -v4-realm= Ns Ar string
.Xc
v4 realm to use
.It Xo
-.Fl c Ar cell Ns ,
+.Fl c Ar cell ,
.Fl -cell= Ns Ar cell
.Xc
The AFS cell name, used if reading a kaserver database.
.It Xo
-.Fl S Ns ,
+.Fl S ,
.Fl -kaspecials
.Xc
Also dump the principals marked as special in the kaserver database.
.It Xo
-.Fl 4 Ns ,
+.Fl 4 ,
.Fl -v4-db
.Xc
-Deprecated, identical to
+Deprecated, identical to
.Sq --source=krb4-db .
.It Xo
-.Fl K Ns ,
+.Fl K ,
.Fl -ka-db
.Xc
-Deprecated, identical to
+Deprecated, identical to
.Sq --source=kaserver .
.El
.Sh EXAMPLES
diff --git a/crypto/heimdal/kdc/hprop.c b/crypto/heimdal/kdc/hprop.c
index 81ef0d2..5def363 100644
--- a/crypto/heimdal/kdc/hprop.c
+++ b/crypto/heimdal/kdc/hprop.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,12 +33,12 @@
#include "hprop.h"
-RCSID("$Id: hprop.c,v 1.68 2001/09/23 05:13:17 assar Exp $");
+RCSID("$Id: hprop.c,v 1.69 2002/04/18 10:18:35 joda Exp $");
static int version_flag;
static int help_flag;
-static char *ktname = HPROP_KEYTAB;
-static char *database;
+static const char *ktname = HPROP_KEYTAB;
+static const char *database;
static char *mkeyfile;
static int to_stdout;
static int verbose_flag;
diff --git a/crypto/heimdal/kdc/hprop.cat8 b/crypto/heimdal/kdc/hprop.cat8
index f6c70b4..8ac798ec 100644
--- a/crypto/heimdal/kdc/hprop.cat8
+++ b/crypto/heimdal/kdc/hprop.cat8
@@ -1,16 +1,15 @@
-
-HPROP(8) UNIX System Manager's Manual HPROP(8)
+HPROP(8) FreeBSD System Manager's Manual HPROP(8)
NNAAMMEE
hhpprroopp - propagate the KDC database
SSYYNNOOPPSSIISS
hhpprroopp [--mm _f_i_l_e | ----mmaasstteerr--kkeeyy==_f_i_l_e] [--dd _f_i_l_e | ----ddaattaabbaassee==_f_i_l_e]
- [----ssoouurrccee==_h_e_i_m_d_a_l_|_m_i_t_-_d_u_m_p_|_k_r_b_4_-_d_b_|_k_r_b_4_-_d_u_m_p] [--44 | ----vv44--ddbb] [--KK |
- ----kkaa--ddbb] [--cc _c_e_l_l | ----cceellll==_c_e_l_l] [--SS | ----kkaassppeecciiaallss] [--rr _s_t_r_i_n_g |
- ----vv44--rreeaallmm==_s_t_r_i_n_g] [--kk _k_e_y_t_a_b | ----kkeeyyttaabb==_k_e_y_t_a_b] [--RR _s_t_r_i_n_g |
- ----vv55--rreeaallmm==_s_t_r_i_n_g] [--DD | ----ddeeccrryypptt] [--EE | ----eennccrryypptt] [--nn | ----ssttddoouutt] [--vv
- | ----vveerrbboossee] [----vveerrssiioonn] [--hh | ----hheellpp] _h_o_s_t[:_p_o_r_t] _._._.
+ [----ssoouurrccee==_h_e_i_m_d_a_l_|_m_i_t_-_d_u_m_p_|_k_r_b_4_-_d_u_m_p_|_k_r_b_4_-_d_b_|_k_a_s_e_r_v_e_r] [--rr _s_t_r_i_n_g |
+ ----vv44--rreeaallmm==_s_t_r_i_n_g] [--cc _c_e_l_l | ----cceellll==_c_e_l_l] [--SS | ----kkaassppeecciiaallss] [--kk
+ _k_e_y_t_a_b | ----kkeeyyttaabb==_k_e_y_t_a_b] [--RR _s_t_r_i_n_g | ----vv55--rreeaallmm==_s_t_r_i_n_g]
+ [--DD | ----ddeeccrryypptt] [--EE | ----eennccrryypptt] [--nn | ----ssttddoouutt] [--vv | ----vveerrbboossee]
+ [----vveerrssiioonn] [--hh | ----hheellpp] [_h_o_s_t[:_p_o_r_t]] _._._.
DDEESSCCRRIIPPTTIIOONN
hhpprroopp takes a principal database in a specified format and converts it
@@ -30,18 +29,14 @@ DDEESSCCRRIIPPTTIIOONN
--dd _f_i_l_e, ----ddaattaabbaassee==_f_i_l_e
The database to be propagated.
- ----ssoouurrccee==_h_e_i_m_d_a_l_|_m_i_t_-_d_u_m_p_|_k_r_b_4_-_d_b_|_k_r_b_4_-_d_u_m_p
+ ----ssoouurrccee==_h_e_i_m_d_a_l_|_m_i_t_-_d_u_m_p_|_k_r_b_4_-_d_u_m_p_|_k_r_b_4_-_d_b_|_k_a_s_e_r_v_e_r
Specifies the type of the source database. Alternatives include:
- heimdal a Heimdal database
-
- mit-dump a MIT Kerberos 5 dump file
-
- krb4-db a Kerberos 4 database
-
- krb4-dump a Kerberos 4 dump file
-
- kaserver a Transarc kaserver database
+ heimdal a Heimdal database
+ mit-dump a MIT Kerberos 5 dump file
+ krb4-db a Kerberos 4 database
+ krb4-dump a Kerberos 4 dump file
+ kaserver an AFS kaserver database
--kk _k_e_y_t_a_b, ----kkeeyyttaabb==_k_e_y_t_a_b
The keytab to use for fetching the key to be used for authenti-
@@ -54,11 +49,11 @@ DDEESSCCRRIIPPTTIIOONN
--DD, ----ddeeccrryypptt
The encryption keys in the database can either be in clear, or
- encrypted with a master key. This option thansmits the database
+ encrypted with a master key. This option transmits the database
with unencrypted keys.
--EE, ----eennccrryypptt
- This option thansmits the database with encrypted keys.
+ This option transmits the database with encrypted keys.
--nn, ----ssttddoouutt
Dump the database on stdout, in a format that can be fed to
@@ -95,9 +90,9 @@ EEXXAAMMPPLLEESS
Convert a Kerberos 4 dump-file for use with a Heimdal KDC:
- $ hprop -n --source=krb4-dump -d /var/kerberos/principal.dump -E | hpropd -n
+ $ hprop -n --source=krb4-dump -d /var/kerberos/principal.dump --master-key=/.k | hpropd -n
SSEEEE AALLSSOO
hpropd(8)
- HEIMDAL June 19, 2000 2
+HEIMDAL June 19, 2000 HEIMDAL
diff --git a/crypto/heimdal/kdc/hpropd.8 b/crypto/heimdal/kdc/hpropd.8
index 4c4955b..2fa63f1 100644
--- a/crypto/heimdal/kdc/hpropd.8
+++ b/crypto/heimdal/kdc/hpropd.8
@@ -1,4 +1,4 @@
-.\" $Id: hpropd.8,v 1.8 2002/01/24 15:30:49 assar Exp $
+.\" $Id: hpropd.8,v 1.9 2002/08/20 16:37:13 joda Exp $
.\"
.Dd August 27, 1997
.Dt HPROPD 8
@@ -41,12 +41,12 @@ are accepted.
Options supported:
.Bl -tag -width Ds
.It Xo
-.Fl d Ar file Ns ,
+.Fl d Ar file ,
.Fl -database= Ns Ar file
.Xc
database
.It Xo
-.Fl n Ns ,
+.Fl n ,
.Fl -stdin
.Xc
read from stdin
@@ -55,17 +55,17 @@ read from stdin
.Xc
print dump to stdout
.It Xo
-.Fl i Ns ,
+.Fl i ,
.Fl -no-inetd
.Xc
Not started from inetd
.It Xo
-.Fl k Ar keytab Ns ,
+.Fl k Ar keytab ,
.Fl -keytab= Ns Ar keytab
.Xc
keytab to use for authentication
.It Xo
-.Fl 4 Ns ,
+.Fl 4 ,
.Fl -v4dump
.Xc
create v4 type DB
diff --git a/crypto/heimdal/kdc/hpropd.c b/crypto/heimdal/kdc/hpropd.c
index 452c5f1..b36ca4d 100644
--- a/crypto/heimdal/kdc/hpropd.c
+++ b/crypto/heimdal/kdc/hpropd.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "hprop.h"
-RCSID("$Id: hpropd.c,v 1.34 2001/09/18 09:54:15 joda Exp $");
+RCSID("$Id: hpropd.c,v 1.35 2002/04/18 10:18:50 joda Exp $");
#ifdef KRB4
static des_cblock mkey4;
@@ -163,7 +163,7 @@ static int inetd_flag = -1;
static int help_flag;
static int version_flag;
static int print_dump;
-static char *database = HDB_DEFAULT_DB;
+static const char *database = HDB_DEFAULT_DB;
static int from_stdin;
static char *local_realm;
#ifdef KRB4
diff --git a/crypto/heimdal/kdc/hpropd.cat8 b/crypto/heimdal/kdc/hpropd.cat8
index 5218e6d..077ab2c 100644
--- a/crypto/heimdal/kdc/hpropd.cat8
+++ b/crypto/heimdal/kdc/hpropd.cat8
@@ -1,21 +1,20 @@
-
-HPROPD(8) UNIX System Manager's Manual HPROPD(8)
+HPROPD(8) FreeBSD System Manager's Manual HPROPD(8)
NNAAMMEE
hhpprrooppdd - receive a propagated database
SSYYNNOOPPSSIISS
- hhpprrooppdd [--dd _f_i_l_e | ----ddaattaabbaassee==_f_i_l_e] [--nn | ----ssttddiinn] [----pprriinntt] [--ii |
- ----nnoo--iinneettdd] [--kk _k_e_y_t_a_b | ----kkeeyyttaabb==_k_e_y_t_a_b] [--44 | ----vv44dduummpp]
+ hhpprrooppdd [--dd _f_i_l_e | ----ddaattaabbaassee==_f_i_l_e] [--nn | ----ssttddiinn] [----pprriinntt]
+ [--ii | ----nnoo--iinneettdd] [--kk _k_e_y_t_a_b | ----kkeeyyttaabb==_k_e_y_t_a_b] [--44 | ----vv44dduummpp]
DDEESSCCRRIIPPTTIIOONN
- hhpprrooppdd receives databases sent by hhpprroopp. and writes it as a local
+ hhpprrooppdd receives databases sent by hhpprroopp. and writes it as a local
database.
By default, hhpprrooppdd expects to be started from iinneettdd if stdin is a socket
and expects to receive the dumped database over stdin otherwise. If the
database is sent over the network, it is authenticated and encrypted.
- Only connections from kadmin/hprop are accepted.
+ Only connections from kkaaddmmiinn/hhpprroopp are accepted.
Options supported:
@@ -40,4 +39,4 @@ DDEESSCCRRIIPPTTIIOONN
SSEEEE AALLSSOO
hprop(8)
- HEIMDAL August 27, 1997 1
+HEIMDAL August 27, 1997 HEIMDAL
diff --git a/crypto/heimdal/kdc/kaserver.c b/crypto/heimdal/kdc/kaserver.c
index 6342529..a346411 100644
--- a/crypto/heimdal/kdc/kaserver.c
+++ b/crypto/heimdal/kdc/kaserver.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "kdc_locl.h"
-RCSID("$Id: kaserver.c,v 1.18 2001/08/17 07:49:01 joda Exp $");
+RCSID("$Id: kaserver.c,v 1.19 2002/04/18 16:07:39 joda Exp $");
#include <rx.h>
@@ -194,11 +194,11 @@ krb5_ret_xdr_data(krb5_storage *sp,
data->data = malloc(size);
if (data->data == NULL)
return ENOMEM;
- ret = sp->fetch(sp, data->data, size);
+ ret = krb5_storage_read(sp, data->data, size);
if(ret != size)
return (ret < 0)? errno : KRB5_CC_END;
if (pad) {
- ret = sp->fetch(sp, foo, pad);
+ ret = krb5_storage_read(sp, foo, pad);
if (ret != pad)
return (ret < 0)? errno : KRB5_CC_END;
}
@@ -218,7 +218,7 @@ krb5_store_xdr_data(krb5_storage *sp,
ret = krb5_store_int32(sp, data.length);
if(ret < 0)
return ret;
- ret = sp->store(sp, data.data, data.length);
+ ret = krb5_storage_write(sp, data.data, data.length);
if(ret != data.length){
if(ret < 0)
return errno;
@@ -226,7 +226,7 @@ krb5_store_xdr_data(krb5_storage *sp,
}
pad = (4 - data.length % 4) % 4;
if (pad) {
- ret = sp->store(sp, zero, pad);
+ ret = krb5_storage_write(sp, zero, pad);
if (ret != pad) {
if (ret < 0)
return errno;
@@ -245,9 +245,9 @@ create_reply_ticket (struct rx_header *hdr,
int life,
int kvno,
int32_t max_seq_len,
- char *sname, char *sinstance,
+ const char *sname, const char *sinstance,
u_int32_t challenge,
- char *label,
+ const char *label,
des_cblock *key,
krb5_data *reply)
{
@@ -276,7 +276,7 @@ create_reply_ticket (struct rx_header *hdr,
fyrtiosjuelva &= 0xffffffff;
krb5_store_int32 (sp, fyrtiosjuelva);
krb5_store_int32 (sp, challenge);
- sp->store (sp, session, 8);
+ krb5_storage_write (sp, session, 8);
memset (&session, 0, sizeof(session));
krb5_store_int32 (sp, kdc_time);
krb5_store_int32 (sp, kdc_time + krb_life_to_time (0, life));
@@ -291,13 +291,13 @@ create_reply_ticket (struct rx_header *hdr,
#endif
krb5_store_stringz (sp, sname);
krb5_store_stringz (sp, sinstance);
- sp->store (sp, ticket.dat, ticket.length);
- sp->store (sp, label, strlen(label));
+ krb5_storage_write (sp, ticket.dat, ticket.length);
+ krb5_storage_write (sp, label, strlen(label));
/* pad to DES block */
memset (zero, 0, sizeof(zero));
- pad = (8 - sp->seek (sp, 0, SEEK_CUR) % 8) % 8;
- sp->store (sp, zero, pad);
+ pad = (8 - krb5_storage_seek (sp, 0, SEEK_CUR) % 8) % 8;
+ krb5_storage_write (sp, zero, pad);
krb5_storage_to_data (sp, &enc_data);
krb5_storage_free (sp);
diff --git a/crypto/heimdal/kdc/kdc.8 b/crypto/heimdal/kdc/kdc.8
index 8437c63..20c180a 100644
--- a/crypto/heimdal/kdc/kdc.8
+++ b/crypto/heimdal/kdc/kdc.8
@@ -1,6 +1,6 @@
-.\" $Id: kdc.8,v 1.13 2001/06/08 21:35:32 joda Exp $
+.\" $Id: kdc.8,v 1.17 2002/08/28 21:09:05 joda Exp $
.\"
-.Dd July 27, 1997
+.Dd August 22, 2002
.Dt KDC 8
.Os HEIMDAL
.Sh NAME
@@ -35,13 +35,17 @@ taken from a config file, or from a default compiled-in value.
.Pp
Options supported:
.Bl -tag -width Ds
-.It Fl c Ar file
-.It Fl -config-file= Ns Ar file
+.It Xo
+.Fl c Ar file ,
+.Fl -config-file= Ns Ar file
+.Xc
Specifies the location of the config file, the default is
.Pa /var/heimdal/kdc.conf .
This is the only value that can't be specified in the config file.
-.It Fl p
-.It Fl -no-require-preauth
+.It Xo
+.Fl p ,
+.Fl -no-require-preauth
+.Xc
Turn off the requirement for pre-autentication in the initial AS-REQ
for all principals. The use of pre-authentication makes it more
difficult to do offline password attacks. You might want to turn it
@@ -57,17 +61,19 @@ flexible way of handling this.
Gives an upper limit on the size of the requests that the kdc is
willing to handle.
.It Xo
-.Fl H Ns ,
+.Fl H ,
.Fl -enable-http
.Xc
Makes the kdc listen on port 80 and handle requests encapsulated in HTTP.
.It Xo
-.Fl K Ns ,
+.Fl K ,
.Fl -no-kaserver
.Xc
Disables kaserver emulation (in case it's compiled in).
-.It Fl r Ar realm
-.It Fl -v4-realm= Ns Ar realm
+.It Xo
+.Fl r Ar realm ,
+.Fl -v4-realm= Ns Ar realm
+.Xc
What realm this server should act as when dealing with version 4
requests. The database can contain any number of realms, but since the
version 4 protocol doesn't contain a realm for the server, it must be
@@ -76,34 +82,32 @@ explicitly specified. The default is whatever is returned by
This option is only availabe if the KDC has been compiled with version
4 support.
.It Xo
-.Fl P Ar string Ns ,
+.Fl P Ar string ,
.Fl -ports= Ns Ar string
.Xc
Specifies the set of ports the KDC should listen on. It is given as a
white-space separated list of services or port numbers.
-.It Xo
-.Fl -addresses= Ns Ar list of addresses
-.Xc
+.It Fl -addresses= Ns Ar list of addresses
The list of addresses to listen for requests on. By default, the kdc
will listen on all the locally configured addresses. If only a subset
is desired, or the automatic detection fails, this option might be used.
.El
.Pp
-All activities , are logged to one or more destinations, see
+All activities , are logged to one or more destinations, see
.Xr krb5.conf 5 ,
and
.Xr krb5_openlog 3 .
The entity used for logging is
.Nm kdc .
.Sh CONFIGURATION FILE
-The configuration file has the same syntax as the
-.Pa krb5.conf
-file (you can actually put the configuration in
+The configuration file has the same syntax as
+.Xr krb5.conf 5 ,
+but will be read before
.Pa /etc/krb5.conf ,
-and then start the KDC with
-.Fl -config-file= Ns Ar /etc/krb5.conf ) .
-All options should be in a section called
-.Dq kdc .
+so it may override settings found there. Options specific to the KDC
+only are found in the
+.Dq [kdc]
+section.
All the command-line options can preferably be added in the
configuration file. The only difference is the pre-authentication flag,
that has to be specified as:
@@ -139,5 +143,22 @@ An example of a config file:
v4-realm = FOO.SE
key-file = /key-file
.Ed
+.Sh BUGS
+If the machine running the KDC has new addresses added to it, the KDC
+will have to be restarted to listen to them. The reason it doesn't
+just listen to wildcarded (like INADDR_ANY) addresses, is that the
+replies has to come from the same address they were sent to, and most
+OS:es doesn't pass this information to the application. If your normal
+mode of operation require that you add and remove addresses, the best
+option is probably to listen to a wildcarded TCP socket, and make sure
+your clients use TCP to connect. For instance, this will listen to
+IPv4 TCP port 88 only:
+.Bd -literal -offset indent
+kdc --addresses=0.0.0.0 --ports="88/tcp"
+.Ed
+.Pp
+There should be a way to specify protocol, port, and address triplets,
+not just addresses and protocol, port tuples.
.Sh SEE ALSO
-.Xr kinit 1
+.Xr kinit 1 ,
+.Xr krb5.conf 5
diff --git a/crypto/heimdal/kdc/kdc.cat8 b/crypto/heimdal/kdc/kdc.cat8
index 234b76d..53b173b 100644
--- a/crypto/heimdal/kdc/kdc.cat8
+++ b/crypto/heimdal/kdc/kdc.cat8
@@ -1,14 +1,13 @@
-
-KDC(8) UNIX System Manager's Manual KDC(8)
+KDC(8) FreeBSD System Manager's Manual KDC(8)
NNAAMMEE
kkddcc - Kerberos 5 server
SSYYNNOOPPSSIISS
kkddcc [--cc _f_i_l_e | ----ccoonnffiigg--ffiillee==_f_i_l_e] [--pp | ----nnoo--rreeqquuiirree--pprreeaauutthh]
- [----mmaaxx--rreeqquueesstt==_s_i_z_e] [--HH | ----eennaabbllee--hhttttpp] [--rr _s_t_r_i_n_g | ----vv44--rreeaallmm==_s_t_r_i_n_g]
- [--KK | ----nnoo--kkaasseerrvveerr] [--rr _r_e_a_l_m] [----vv44--rreeaallmm==_r_e_a_l_m] [--PP _s_t_r_i_n_g |
- ----ppoorrttss==_s_t_r_i_n_g] [----aaddddrreesssseess==_l_i_s_t _o_f _a_d_d_r_e_s_s_e_s]
+ [----mmaaxx--rreeqquueesstt==_s_i_z_e] [--HH | ----eennaabbllee--hhttttpp] [--rr _s_t_r_i_n_g |
+ ----vv44--rreeaallmm==_s_t_r_i_n_g] [--KK | ----nnoo--kkaasseerrvveerr] [--rr _r_e_a_l_m] [----vv44--rreeaallmm==_r_e_a_l_m]
+ [--PP _s_t_r_i_n_g | ----ppoorrttss==_s_t_r_i_n_g] [----aaddddrreesssseess==_l_i_s_t _o_f _a_d_d_r_e_s_s_e_s]
DDEESSCCRRIIPPTTIIOONN
kkddcc serves requests for tickets. When it starts, it first checks the
@@ -17,25 +16,21 @@ DDEESSCCRRIIPPTTIIOONN
Options supported:
- --cc _f_i_l_e
-
- ----ccoonnffiigg--ffiillee==_f_i_l_e
+ --cc _f_i_l_e, ----ccoonnffiigg--ffiillee==_f_i_l_e
Specifies the location of the config file, the default is
- _/_v_a_r_/_h_e_i_m_d_a_l_/_k_d_c_._c_o_n_f. This is the only value that can't be spec-
- ified in the config file.
+ _/_v_a_r_/_h_e_i_m_d_a_l_/_k_d_c_._c_o_n_f. This is the only value that can't be
+ specified in the config file.
- --pp
-
- ----nnoo--rreeqquuiirree--pprreeaauutthh
+ --pp, ----nnoo--rreeqquuiirree--pprreeaauutthh
Turn off the requirement for pre-autentication in the initial AS-
REQ for all principals. The use of pre-authentication makes it
more difficult to do offline password attacks. You might want to
turn it off if you have clients that doesn't do pre-authentica-
- tion. Since the version 4 protocol doesn't support any pre-au-
- thentication, so serving version 4 clients is just about the same
- as not requiring pre-athentication. The default is to require
- pre-authentication. Adding the require-preauth per principal is a
- more flexible way of handling this.
+ tion. Since the version 4 protocol doesn't support any pre-
+ authentication, so serving version 4 clients is just about the
+ same as not requiring pre-athentication. The default is to
+ require pre-authentication. Adding the require-preauth per prin-
+ cipal is a more flexible way of handling this.
----mmaaxx--rreeqquueesstt==_s_i_z_e
Gives an upper limit on the size of the requests that the kdc is
@@ -48,9 +43,7 @@ DDEESSCCRRIIPPTTIIOONN
--KK, ----nnoo--kkaasseerrvveerr
Disables kaserver emulation (in case it's compiled in).
- --rr _r_e_a_l_m
-
- ----vv44--rreeaallmm==_r_e_a_l_m
+ --rr _r_e_a_l_m, ----vv44--rreeaallmm==_r_e_a_l_m
What realm this server should act as when dealing with version 4
requests. The database can contain any number of realms, but
since the version 4 protocol doesn't contain a realm for the
@@ -65,19 +58,19 @@ DDEESSCCRRIIPPTTIIOONN
----aaddddrreesssseess==_l_i_s_t _o_f _a_d_d_r_e_s_s_e_s
The list of addresses to listen for requests on. By default, the
kdc will listen on all the locally configured addresses. If only
- a subset is desired, or the automatic detection fails, this op-
- tion might be used.
+ a subset is desired, or the automatic detection fails, this
+ option might be used.
All activities , are logged to one or more destinations, see
- krb5.conf(5), and krb5_openlog(3). The entity used for logging is kkddcc.
+ krb5.conf(5), and krb5_openlog(3). The entity used for logging is kkddcc.
CCOONNFFIIGGUURRAATTIIOONN FFIILLEE
- The configuration file has the same syntax as the _k_r_b_5_._c_o_n_f file (you can
- actually put the configuration in _/_e_t_c_/_k_r_b_5_._c_o_n_f, and then start the KDC
- with ----ccoonnffiigg--ffiillee==_/_e_t_c_/_k_r_b_5_._c_o_n_f). All options should be in a section
- called ``kdc''. All the command-line options can preferably be added in
- the configuration file. The only difference is the pre-authentication
- flag, that has to be specified as:
+ The configuration file has the same syntax as krb5.conf(5), but will be
+ read before _/_e_t_c_/_k_r_b_5_._c_o_n_f, so it may override settings found there.
+ Options specific to the KDC only are found in the ``[kdc]'' section. All
+ the command-line options can preferably be added in the configuration
+ file. The only difference is the pre-authentication flag, that has to be
+ specified as:
require-preauth = no
@@ -87,8 +80,8 @@ CCOONNFFIIGGUURRAATTIIOONN FFIILLEE
equivalents:
check-ticket-addresses = _b_o_o_l_e_a_n
- Check the addresses in the ticket when processing TGS re-
- quests. The default is FALSE.
+ Check the addresses in the ticket when processing TGS
+ requests. The default is FALSE.
allow-null-ticket-addresses = _b_o_o_l_e_a_n
Permit tickets with no addresses. This option is only rele-
@@ -112,7 +105,22 @@ CCOONNFFIIGGUURRAATTIIOONN FFIILLEE
v4-realm = FOO.SE
key-file = /key-file
+BBUUGGSS
+ If the machine running the KDC has new addresses added to it, the KDC
+ will have to be restarted to listen to them. The reason it doesn't just
+ listen to wildcarded (like INADDR_ANY) addresses, is that the replies has
+ to come from the same address they were sent to, and most OS:es doesn't
+ pass this information to the application. If your normal mode of opera-
+ tion require that you add and remove addresses, the best option is proba-
+ bly to listen to a wildcarded TCP socket, and make sure your clients use
+ TCP to connect. For instance, this will listen to IPv4 TCP port 88 only:
+
+ kdc --addresses=0.0.0.0 --ports="88/tcp"
+
+ There should be a way to specify protocol, port, and address triplets,
+ not just addresses and protocol, port tuples.
+
SSEEEE AALLSSOO
- kinit(1)
+ kinit(1), krb5.conf(5)
- HEIMDAL July 27, 1997 2
+HEIMDAL August 22, 2002 HEIMDAL
diff --git a/crypto/heimdal/kdc/kdc_locl.h b/crypto/heimdal/kdc/kdc_locl.h
index 73d5e49..6ab28d0 100644
--- a/crypto/heimdal/kdc/kdc_locl.h
+++ b/crypto/heimdal/kdc/kdc_locl.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -32,7 +32,7 @@
*/
/*
- * $Id: kdc_locl.h,v 1.52 2001/08/22 20:30:25 assar Exp $
+ * $Id: kdc_locl.h,v 1.54 2002/08/19 12:18:07 joda Exp $
*/
#ifndef __KDC_LOCL_H__
@@ -54,7 +54,7 @@ extern struct dbinfo {
} *databases;
extern HDB **db;
extern int num_db;
-extern char *port_str;
+extern const char *port_str;
extern krb5_addresses explicit_addresses;
extern int enable_http;
@@ -87,7 +87,7 @@ char* kdc_log_msg (int, const char*, ...)
__attribute__ ((format (printf, 2,3)));
char* kdc_log_msg_va (int, const char*, va_list)
__attribute__ ((format (printf, 2,0)));
-void kdc_openlog (krb5_config_section*);
+void kdc_openlog (void);
void loop (void);
void set_master_key (EncryptionKey);
krb5_error_code tgs_rep (KDC_REQ*, krb5_data*, const char*, struct sockaddr *);
diff --git a/crypto/heimdal/kdc/kerberos4.c b/crypto/heimdal/kdc/kerberos4.c
index 99a7eb6..c3a851b 100644
--- a/crypto/heimdal/kdc/kerberos4.c
+++ b/crypto/heimdal/kdc/kerberos4.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "kdc_locl.h"
-RCSID("$Id: kerberos4.c,v 1.39 2001/09/20 09:34:42 assar Exp $");
+RCSID("$Id: kerberos4.c,v 1.41 2002/04/18 16:08:24 joda Exp $");
#ifdef KRB4
@@ -325,12 +325,12 @@ do_version4(unsigned char *buf,
sname, sinst, skey->key.keyvalue.data);
create_ciph(&cipher, session, sname, sinst, v4_realm,
- life, server->kvno, &ticket, kdc_time,
+ life, server->kvno % 256, &ticket, kdc_time,
ckey->key.keyvalue.data);
memset(&session, 0, sizeof(session));
r = create_auth_reply(name, inst, realm, req_time, 0,
client->pw_end ? *client->pw_end : 0,
- client->kvno, &cipher);
+ client->kvno % 256, &cipher);
krb5_data_copy(reply, r->dat, r->length);
memset(&cipher, 0, sizeof(cipher));
memset(&ticket, 0, sizeof(ticket));
@@ -373,9 +373,9 @@ do_version4(unsigned char *buf,
goto out2;
}
- if(tgt->kvno != kvno){
+ if(tgt->kvno % 256 != kvno){
kdc_log(0, "tgs-req with old kvno %d (current %d) for "
- "krbtgt.%s@%s", kvno, tgt->kvno, realm, v4_realm);
+ "krbtgt.%s@%s", kvno, tgt->kvno % 256, realm, v4_realm);
make_err_reply(reply, KDC_AUTH_EXP,
"old krbtgt kvno used");
goto out2;
@@ -393,7 +393,7 @@ do_version4(unsigned char *buf,
RCHECK(krb5_ret_int8(sp, &ticket_len), out2);
RCHECK(krb5_ret_int8(sp, &req_len), out2);
- pos = sp->seek(sp, ticket_len + req_len, SEEK_CUR);
+ pos = krb5_storage_seek(sp, ticket_len + req_len, SEEK_CUR);
memset(&auth, 0, sizeof(auth));
memcpy(&auth.dat, buf, pos);
@@ -499,7 +499,7 @@ do_version4(unsigned char *buf,
sname, sinst, skey->key.keyvalue.data);
create_ciph(&cipher, session, sname, sinst, v4_realm,
- life, server->kvno, &ticket,
+ life, server->kvno % 256, &ticket,
kdc_time, &ad.session);
memset(&session, 0, sizeof(session));
@@ -625,7 +625,7 @@ encode_v4_ticket(void *buf, size_t len, const EncTicketPart *et,
break;
}
}
- sp->store(sp, tmp, sizeof(tmp));
+ krb5_storage_write(sp, tmp, sizeof(tmp));
}
if((et->key.keytype != ETYPE_DES_CBC_MD5 &&
@@ -633,7 +633,7 @@ encode_v4_ticket(void *buf, size_t len, const EncTicketPart *et,
et->key.keytype != ETYPE_DES_CBC_CRC) ||
et->key.keyvalue.length != 8)
return -1;
- sp->store(sp, et->key.keyvalue.data, 8);
+ krb5_storage_write(sp, et->key.keyvalue.data, 8);
{
time_t start = et->starttime ? *et->starttime : et->authtime;
diff --git a/crypto/heimdal/kdc/kerberos5.c b/crypto/heimdal/kdc/kerberos5.c
index 55e0547..8b1c3c1 100644
--- a/crypto/heimdal/kdc/kerberos5.c
+++ b/crypto/heimdal/kdc/kerberos5.c
@@ -33,7 +33,7 @@
#include "kdc_locl.h"
-RCSID("$Id: kerberos5.c,v 1.135 2002/01/06 23:07:33 assar Exp $");
+RCSID("$Id: kerberos5.c,v 1.140 2002/07/31 09:42:43 joda Exp $");
#define MAX_TIME ((time_t)((1U << 31) - 1))
@@ -78,7 +78,7 @@ find_padata(KDC_REQ *req, int *start, int type)
*/
static krb5_error_code
-find_etype(hdb_entry *princ, unsigned *etypes, unsigned len,
+find_etype(hdb_entry *princ, krb5_enctype *etypes, unsigned len,
Key **ret_key, krb5_enctype *ret_etype)
{
int i;
@@ -247,10 +247,50 @@ realloc_method_data(METHOD_DATA *md)
}
static krb5_error_code
-get_pa_etype_info(METHOD_DATA *md, hdb_entry *client)
+make_etype_info_entry(ETYPE_INFO_ENTRY *ent, Key *key)
+{
+ ent->etype = key->key.keytype;
+ if(key->salt){
+ ALLOC(ent->salttype);
+#if 0
+ if(key->salt->type == hdb_pw_salt)
+ *ent->salttype = 0; /* or 1? or NULL? */
+ else if(key->salt->type == hdb_afs3_salt)
+ *ent->salttype = 2;
+ else {
+ kdc_log(0, "unknown salt-type: %d",
+ key->salt->type);
+ return KRB5KRB_ERR_GENERIC;
+ }
+ /* according to `the specs', we can't send a salt if
+ we have AFS3 salted key, but that requires that you
+ *know* what cell you are using (e.g by assuming
+ that the cell is the same as the realm in lower
+ case) */
+#else
+ *ent->salttype = key->salt->type;
+#endif
+ krb5_copy_data(context, &key->salt->salt,
+ &ent->salt);
+ } else {
+ /* we return no salt type at all, as that should indicate
+ * the default salt type and make everybody happy. some
+ * systems (like w2k) dislike being told the salt type
+ * here. */
+
+ ent->salttype = NULL;
+ ent->salt = NULL;
+ }
+ return 0;
+}
+
+static krb5_error_code
+get_pa_etype_info(METHOD_DATA *md, hdb_entry *client,
+ ENCTYPE *etypes, unsigned int etypes_len)
{
krb5_error_code ret = 0;
- int i;
+ int i, j;
+ unsigned int n = 0;
ETYPE_INFO pa;
unsigned char *buf;
size_t len;
@@ -260,41 +300,39 @@ get_pa_etype_info(METHOD_DATA *md, hdb_entry *client)
pa.val = malloc(pa.len * sizeof(*pa.val));
if(pa.val == NULL)
return ENOMEM;
+
+ for(j = 0; j < etypes_len; j++) {
+ for(i = 0; i < client->keys.len; i++) {
+ if(client->keys.val[i].key.keytype == etypes[j])
+ if((ret = make_etype_info_entry(&pa.val[n++],
+ &client->keys.val[i])) != 0) {
+ free_ETYPE_INFO(&pa);
+ return ret;
+ }
+ }
+ }
for(i = 0; i < client->keys.len; i++) {
- pa.val[i].etype = client->keys.val[i].key.keytype;
- if(client->keys.val[i].salt){
- ALLOC(pa.val[i].salttype);
-#if 0
- if(client->keys.val[i].salt->type == hdb_pw_salt)
- *pa.val[i].salttype = 0; /* or 1? or NULL? */
- else if(client->keys.val[i].salt->type == hdb_afs3_salt)
- *pa.val[i].salttype = 2;
- else {
- free_ETYPE_INFO(&pa);
- kdc_log(0, "unknown salt-type: %d",
- client->keys.val[i].salt->type);
- return KRB5KRB_ERR_GENERIC;
- }
- /* according to `the specs', we can't send a salt if
- we have AFS3 salted key, but that requires that you
- *know* what cell you are using (e.g by assuming
- that the cell is the same as the realm in lower
- case) */
-#else
- *pa.val[i].salttype = client->keys.val[i].salt->type;
-#endif
- krb5_copy_data(context, &client->keys.val[i].salt->salt,
- &pa.val[i].salt);
- } else {
- /* we return no salt type at all, as that should indicate
- * the default salt type and make everybody happy. some
- * systems (like w2k) dislike being told the salt type
- * here. */
-
- pa.val[i].salttype = NULL;
- pa.val[i].salt = NULL;
+ for(j = 0; j < etypes_len; j++) {
+ if(client->keys.val[i].key.keytype == etypes[j])
+ goto skip;
}
+ if((ret = make_etype_info_entry(&pa.val[n++],
+ &client->keys.val[i])) != 0) {
+ free_ETYPE_INFO(&pa);
+ return ret;
+ }
+ skip:;
+ }
+
+ if(n != pa.len) {
+ char *name;
+ krb5_unparse_name(context, client->principal, &name);
+ kdc_log(0, "internal error in get_pa_etype_info(%s): %d != %d",
+ name, n, pa.len);
+ free(name);
+ pa.len = n;
}
+
len = length_ETYPE_INFO(&pa);
buf = malloc(len);
if (buf == NULL) {
@@ -536,7 +574,8 @@ as_rep(KDC_REQ *req,
free_EncryptedData(&enc_data);
continue;
}
-
+
+ try_next_key:
ret = krb5_crypto_init(context, &pa_key->key, 0, &crypto);
if (ret) {
kdc_log(0, "krb5_crypto_init failed: %s",
@@ -551,14 +590,18 @@ as_rep(KDC_REQ *req,
&enc_data,
&ts_data);
krb5_crypto_destroy(context, crypto);
- free_EncryptedData(&enc_data);
if(ret){
+ if(hdb_next_enctype2key(context, client,
+ enc_data.etype, &pa_key) == 0)
+ goto try_next_key;
+ free_EncryptedData(&enc_data);
e_text = "Failed to decrypt PA-DATA";
kdc_log (5, "Failed to decrypt PA-DATA -- %s",
client_name);
ret = KRB5KRB_AP_ERR_BAD_INTEGRITY;
continue;
}
+ free_EncryptedData(&enc_data);
ret = decode_PA_ENC_TS_ENC(ts_data.data,
ts_data.length,
&p,
@@ -601,7 +644,7 @@ as_rep(KDC_REQ *req,
size_t len;
krb5_data foo_data;
- use_pa:
+ use_pa:
method_data.len = 0;
method_data.val = NULL;
@@ -611,7 +654,8 @@ as_rep(KDC_REQ *req,
pa->padata_value.length = 0;
pa->padata_value.data = NULL;
- ret = get_pa_etype_info(&method_data, client); /* XXX check ret */
+ ret = get_pa_etype_info(&method_data, client,
+ b->etype.val, b->etype.len); /* XXX check ret */
len = length_METHOD_DATA(&method_data);
buf = malloc(len);
@@ -657,7 +701,7 @@ as_rep(KDC_REQ *req,
kdc_log(5, "Using %s/%s", cet, set);
free(set);
} else
- free(cet);
+ free(cet);
} else
kdc_log(5, "Using e-types %d/%d", cetype, setype);
}
@@ -855,7 +899,7 @@ as_rep(KDC_REQ *req,
free_EncTicketPart(&et);
free_EncKDCRepPart(&ek);
free_AS_REP(&rep);
-out:
+ out:
if(ret){
krb5_mk_error(context,
ret,
@@ -868,7 +912,7 @@ out:
reply);
ret = 0;
}
-out2:
+ out2:
krb5_free_principal(context, client_princ);
free(client_name);
krb5_free_principal(context, server_princ);
@@ -1564,7 +1608,7 @@ tgs_rep2(KDC_REQ_BODY *b,
ret = db_fetch(p, &uu);
krb5_free_principal(context, p);
if(ret){
- if (ret == ENOENT)
+ if (ret == HDB_ERR_NOENTRY)
ret = KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN;
goto out;
}
@@ -1630,7 +1674,7 @@ tgs_rep2(KDC_REQ_BODY *b,
}
kdc_log(0, "Server not found in database: %s: %s", spn,
krb5_get_err_text(context, ret));
- if (ret == ENOENT)
+ if (ret == HDB_ERR_NOENTRY)
ret = KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN;
goto out;
}
@@ -1644,7 +1688,7 @@ tgs_rep2(KDC_REQ_BODY *b,
if(ret){
kdc_log(0, "Client not found in database: %s: %s",
cpn, krb5_get_err_text(context, ret));
- if (ret == ENOENT)
+ if (ret == HDB_ERR_NOENTRY)
ret = KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN;
goto out;
}
diff --git a/crypto/heimdal/kdc/kstash.8 b/crypto/heimdal/kdc/kstash.8
index e97c53d..3bd46c63 100644
--- a/crypto/heimdal/kdc/kstash.8
+++ b/crypto/heimdal/kdc/kstash.8
@@ -1,4 +1,4 @@
-.\" $Id: kstash.8,v 1.6 2001/06/18 03:26:51 assar Exp $
+.\" $Id: kstash.8,v 1.7 2002/08/20 16:37:14 joda Exp $
.\"
.Dd September 1, 2000
.Dt KSTASH 8
@@ -28,12 +28,12 @@ used by the KDC.
Supported options:
.Bl -tag -width Ds
.It Xo
-.Fl e Ar string Ns ,
+.Fl e Ar string ,
.Fl -enctype= Ns Ar string
.Xc
the encryption type to use, defaults to DES3-CBC-SHA1
.It Xo
-.Fl k Ar file Ns ,
+.Fl k Ar file ,
.Fl -key-file= Ns Ar file
.Xc
the name of the master key file
diff --git a/crypto/heimdal/kdc/kstash.c b/crypto/heimdal/kdc/kstash.c
index edb00b2..dc0621a 100644
--- a/crypto/heimdal/kdc/kstash.c
+++ b/crypto/heimdal/kdc/kstash.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,18 +33,18 @@
#include "headers.h"
-RCSID("$Id: kstash.c,v 1.14 2001/01/30 17:08:35 assar Exp $");
+RCSID("$Id: kstash.c,v 1.15 2002/04/18 09:47:25 joda Exp $");
krb5_context context;
-char *keyfile = HDB_DB_DIR "/m-key";
+const char *keyfile = HDB_DB_DIR "/m-key";
int convert_flag;
int help_flag;
int version_flag;
int master_key_fd = -1;
-char *enctype_str = "des3-cbc-sha1";
+const char *enctype_str = "des3-cbc-sha1";
struct getargs args[] = {
{ "enctype", 'e', arg_string, &enctype_str, "encryption type" },
diff --git a/crypto/heimdal/kdc/kstash.cat8 b/crypto/heimdal/kdc/kstash.cat8
index 7dd2c7a..2090932 100644
--- a/crypto/heimdal/kdc/kstash.cat8
+++ b/crypto/heimdal/kdc/kstash.cat8
@@ -1,12 +1,11 @@
-
-KSTASH(8) UNIX System Manager's Manual KSTASH(8)
+KSTASH(8) FreeBSD System Manager's Manual KSTASH(8)
NNAAMMEE
kkssttaasshh - store the KDC master password in a file
SSYYNNOOPPSSIISS
kkssttaasshh [--ee _s_t_r_i_n_g | ----eennccttyyppee==_s_t_r_i_n_g] [--kk _f_i_l_e | ----kkeeyy--ffiillee==_f_i_l_e]
- [----ccoonnvveerrtt--ffiillee] [----mmaasstteerr--kkeeyy--ffdd==_f_d] [--hh | ----hheellpp] [----vveerrssiioonn]
+ [----ccoonnvveerrtt--ffiillee] [----mmaasstteerr--kkeeyy--ffdd==_f_d] [--hh | ----hheellpp] [----vveerrssiioonn]
DDEESSCCRRIIPPTTIIOONN
kkssttaasshh reads the Kerberos master key and stores it in a file that will be
@@ -22,7 +21,7 @@ DDEESSCCRRIIPPTTIIOONN
----ccoonnvveerrtt--ffiillee
don't ask for a new master key, just read an old master key file,
- and writes it back in the new keyfile format
+ and write it back in the new keyfile format
----mmaasstteerr--kkeeyy--ffdd==_f_d
filedescriptor to read passphrase from, if not specified the
@@ -31,4 +30,4 @@ DDEESSCCRRIIPPTTIIOONN
SSEEEE AALLSSOO
kdc(8)
- HEIMDAL September 1, 2000 1
+HEIMDAL September 1, 2000 HEIMDAL
diff --git a/crypto/heimdal/kdc/log.c b/crypto/heimdal/kdc/log.c
index 5a36969..aa430aa 100644
--- a/crypto/heimdal/kdc/log.c
+++ b/crypto/heimdal/kdc/log.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997, 1998, 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -32,18 +32,16 @@
*/
#include "kdc_locl.h"
-RCSID("$Id: log.c,v 1.13 2000/09/10 19:27:29 joda Exp $");
+RCSID("$Id: log.c,v 1.14 2002/08/19 12:17:49 joda Exp $");
static krb5_log_facility *logf;
void
-kdc_openlog(krb5_config_section *cf)
+kdc_openlog(void)
{
char **s = NULL, **p;
krb5_initlog(context, "kdc", &logf);
- if(cf)
- s = krb5_config_get_strings(context, cf, "kdc", "logging", NULL);
-
+ s = krb5_config_get_strings(context, NULL, "kdc", "logging", NULL);
if(s == NULL)
s = krb5_config_get_strings(context, NULL, "logging", "kdc", NULL);
if(s){
diff --git a/crypto/heimdal/kdc/main.c b/crypto/heimdal/kdc/main.c
index 146bd91..32ae20f 100644
--- a/crypto/heimdal/kdc/main.c
+++ b/crypto/heimdal/kdc/main.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -32,12 +32,19 @@
*/
#include "kdc_locl.h"
+#ifdef HAVE_UTIL_H
+#include <util.h>
+#endif
-RCSID("$Id: main.c,v 1.25 2001/02/20 01:44:50 assar Exp $");
+RCSID("$Id: main.c,v 1.27 2002/08/28 21:27:16 joda Exp $");
sig_atomic_t exit_flag = 0;
krb5_context context;
+#ifdef HAVE_DAEMON
+extern int detach_from_console;
+#endif
+
static RETSIGTYPE
sigterm(int sig)
{
@@ -96,6 +103,10 @@ main(int argc, char **argv)
signal(SIGINT, sigterm);
signal(SIGTERM, sigterm);
#endif
+#ifdef HAVE_DAEMON
+ if (detach_from_console)
+ daemon(0, 0);
+#endif
pidfile(NULL);
loop();
krb5_free_context(context);
diff --git a/crypto/heimdal/kdc/string2key.8 b/crypto/heimdal/kdc/string2key.8
index 50d7c29..7b081d4 100644
--- a/crypto/heimdal/kdc/string2key.8
+++ b/crypto/heimdal/kdc/string2key.8
@@ -1,4 +1,4 @@
-.\" $Id: string2key.8,v 1.4 2001/06/08 21:35:32 joda Exp $
+.\" $Id: string2key.8,v 1.5 2002/08/20 16:37:16 joda Exp $
.\"
.Dd March 4, 2000
.Dt STRING2KEY 8
@@ -35,37 +35,37 @@ This is useful when you want to handle the raw key instead of the password.
Supported options:
.Bl -tag -width Ds
.It Xo
-.Fl 5 Ns ,
+.Fl 5 ,
.Fl -version5
.Xc
Output Kerberos v5 string-to-key
.It Xo
-.Fl 4 Ns ,
+.Fl 4 ,
.Fl -version4
.Xc
Output Kerberos v4 string-to-key
.It Xo
-.Fl a Ns ,
+.Fl a ,
.Fl -afs
.Xc
Output AFS string-to-key
.It Xo
-.Fl c Ar cell Ns ,
+.Fl c Ar cell ,
.Fl -cell= Ns Ar cell
.Xc
AFS cell to use
.It Xo
-.Fl w Ar password Ns ,
+.Fl w Ar password ,
.Fl -password= Ns Ar password
.Xc
Password to use
.It Xo
-.Fl p Ar principal Ns ,
+.Fl p Ar principal ,
.Fl -principal= Ns Ar principal
.Xc
Kerberos v5 principal to use
.It Xo
-.Fl k Ar string Ns ,
+.Fl k Ar string ,
.Fl -keytype= Ns Ar string
.Xc
Keytype
diff --git a/crypto/heimdal/kdc/string2key.c b/crypto/heimdal/kdc/string2key.c
index e0cc871..677ada6 100644
--- a/crypto/heimdal/kdc/string2key.c
+++ b/crypto/heimdal/kdc/string2key.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997, 1998, 1999, 2002 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -34,7 +34,7 @@
#include "headers.h"
#include <getarg.h>
-RCSID("$Id: string2key.c,v 1.18 1999/12/02 17:05:00 joda Exp $");
+RCSID("$Id: string2key.c,v 1.19 2002/04/18 10:18:07 joda Exp $");
int version5;
int version4;
@@ -42,7 +42,7 @@ int afs;
char *principal;
char *cell;
char *password;
-char *keytype_str = "des-cbc-md5";
+const char *keytype_str = "des-cbc-md5";
int version;
int help;
diff --git a/crypto/heimdal/kdc/string2key.cat8 b/crypto/heimdal/kdc/string2key.cat8
index d70e150..4ebf66f 100644
--- a/crypto/heimdal/kdc/string2key.cat8
+++ b/crypto/heimdal/kdc/string2key.cat8
@@ -1,13 +1,13 @@
-
-STRING2KEY(8) UNIX System Manager's Manual STRING2KEY(8)
+STRING2KEY(8) FreeBSD System Manager's Manual STRING2KEY(8)
NNAAMMEE
ssttrriinngg22kkeeyy - map a password into a key
SSYYNNOOPPSSIISS
ssttrriinngg22kkeeyy [--55 | ----vveerrssiioonn55] [--44 | ----vveerrssiioonn44] [--aa | ----aaffss] [--cc _c_e_l_l |
- ----cceellll==_c_e_l_l] [--ww _p_a_s_s_w_o_r_d | ----ppaasssswwoorrdd==_p_a_s_s_w_o_r_d] [--pp _p_r_i_n_c_i_p_a_l |
- ----pprriinncciippaall==_p_r_i_n_c_i_p_a_l] [--kk _s_t_r_i_n_g | ----kkeeyyttyyppee==_s_t_r_i_n_g] _p_a_s_s_w_o_r_d
+ ----cceellll==_c_e_l_l] [--ww _p_a_s_s_w_o_r_d | ----ppaasssswwoorrdd==_p_a_s_s_w_o_r_d] [--pp _p_r_i_n_c_i_p_a_l
+ | ----pprriinncciippaall==_p_r_i_n_c_i_p_a_l] [--kk _s_t_r_i_n_g | ----kkeeyyttyyppee==_s_t_r_i_n_g]
+ _p_a_s_s_w_o_r_d
DDEESSCCRRIIPPTTIIOONN
ssttrriinngg22kkeeyy performs the string-to-key function. This is useful when you
@@ -39,4 +39,4 @@ DDEESSCCRRIIPPTTIIOONN
----hheellpp
- HEIMDAL March 4, 2000 1
+HEIMDAL March 4, 2000 HEIMDAL
OpenPOWER on IntegriCloud