8 files changed, 111 insertions, 18 deletions

diff --git a/crypto/heimdal/kpasswd/Makefile.in b/crypto/heimdal/kpasswd/Makefile.in
index ae146d5..372a1d6 100644
--- a/crypto/heimdal/kpasswd/Makefile.in
+++ b/crypto/heimdal/kpasswd/Makefile.in
@@ -1,6 +1,7 @@
-# Makefile.in generated automatically by automake 1.4a from Makefile.am
+# Makefile.in generated automatically by automake 1.4b from Makefile.am
 
-# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
+# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000
+# Free Software Foundation, Inc.
 # This Makefile.in is free software; the Free Software Foundation
 # gives unlimited permission to copy and/or distribute it,
 # with or without modifications, as long as this notice is preserved.
@@ -119,7 +120,7 @@ install_sh = @install_sh@
 # $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
 
 
-# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $
+# $Id: Makefile.am.common,v 1.26 2001/05/21 13:27:48 joda Exp $
 
 
 AUTOMAKE_OPTIONS = foreign no-dependencies
@@ -185,6 +186,8 @@ NROFF_MAN = groff -mandoc -Tascii
 @KRB5_TRUE@	$(top_builddir)/lib/asn1/libasn1.la
 @KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
 
+@DCE_TRUE@LIB_kdfs = @DCE_TRUE@$(top_builddir)/lib/kdfs/libkdfs.la
+
 CHECK_LOCAL = $(PROGRAMS)
 
 man_MANS = kpasswd.1 kpasswdd.8
@@ -271,7 +274,7 @@ OBJECTS = $(am_kpasswd_OBJECTS) kpasswd-generator.$(OBJEXT) $(am_kpasswdd_OBJECT
 
 all: all-redirect
 .SUFFIXES:
-.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .x
+.SUFFIXES: .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x .c .lo .o .obj
 $(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
 	cd $(top_srcdir) && $(AUTOMAKE) --foreign kpasswd/Makefile
 
@@ -484,6 +487,11 @@ TAGS:  $(HEADERS) $(SOURCES)  $(TAGS_DEPENDENCIES) \
 	test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
 	  || etags $(ETAGS_ARGS) $$tags  $$unique $(LISP)
 
+GTAGS:
+	here=`CDPATH=: && cd $(top_builddir) && pwd` \
+	  && cd $(top_srcdir) \
+	  && gtags -i $$here
+
 mostlyclean-tags:
 
 clean-tags:
diff --git a/crypto/heimdal/kpasswd/kpasswd-generator.c b/crypto/heimdal/kpasswd/kpasswd-generator.c
index 6bd836c..41ca65d 100644
--- a/crypto/heimdal/kpasswd/kpasswd-generator.c
+++ b/crypto/heimdal/kpasswd/kpasswd-generator.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan
  * (Royal Institute of Technology, Stockholm, Sweden). 
  * All rights reserved. 
  *
@@ -33,7 +33,7 @@
 
 #include "kpasswd_locl.h"
 
-RCSID("$Id: kpasswd-generator.c,v 1.2 2000/12/31 07:47:38 assar Exp $");
+RCSID("$Id: kpasswd-generator.c,v 1.4 2001/05/12 15:17:10 assar Exp $");
 
 static unsigned
 read_words (const char *filename, char ***ret_w)
@@ -63,6 +63,7 @@ read_words (const char *filename, char ***ret_w)
 static int
 nop_prompter (krb5_context context,
 	      void *data,
+	      const char *name,
 	      const char *banner,
 	      int num_prompts,
 	      krb5_prompt prompts[])
@@ -176,7 +177,7 @@ main(int argc, char **argv)
     int nreq;
     char *end;
 
-    set_progname(argv[0]);
+    setprogname(argv[0]);
     if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optind))
 	usage(1);
     argc -= optind;
diff --git a/crypto/heimdal/kpasswd/kpasswd.1 b/crypto/heimdal/kpasswd/kpasswd.1
index eddb7ef..50e5cd8 100644
--- a/crypto/heimdal/kpasswd/kpasswd.1
+++ b/crypto/heimdal/kpasswd/kpasswd.1
@@ -1,4 +1,4 @@
-.\" $Id: kpasswd.1,v 1.2 2000/06/27 00:51:06 assar Exp $
+.\" $Id: kpasswd.1,v 1.3 2001/05/02 08:59:22 assar Exp $
 .\"
 .Dd Aug 27, 1997
 .Dt KPASSWD 1
diff --git a/crypto/heimdal/kpasswd/kpasswd.cat1 b/crypto/heimdal/kpasswd/kpasswd.cat1
new file mode 100644
index 0000000..874fb22
--- /dev/null
+++ b/crypto/heimdal/kpasswd/kpasswd.cat1
@@ -0,0 +1,20 @@
+
+KPASSWD(1)                   UNIX Reference Manual                  KPASSWD(1)
+
+NNAAMMEE
+     kkppaasssswwdd - Kerberos 5 password changing program
+
+SSYYNNOOPPSSIISS
+     kkppaasssswwdd [_p_r_i_n_c_i_p_a_l]
+
+DDEESSCCRRIIPPTTIIOONN
+     kkppaasssswwdd is the client for changing passwords.
+
+DDIIAAGGNNOOSSTTIICCSS
+     If the password quality check fails or some other error occurs, an expla-
+     nation is printed.
+
+SSEEEE AALLSSOO
+     kpasswdd(8)
+
+ HEIMDAL                         Aug 27, 1997                                1
diff --git a/crypto/heimdal/kpasswd/kpasswd_locl.h b/crypto/heimdal/kpasswd/kpasswd_locl.h
index 61f2284..c2ba5ed1 100644
--- a/crypto/heimdal/kpasswd/kpasswd_locl.h
+++ b/crypto/heimdal/kpasswd/kpasswd_locl.h
@@ -31,7 +31,7 @@
  * SUCH DAMAGE. 
  */
 
-/* $Id: kpasswd_locl.h,v 1.9 2000/08/04 11:22:51 joda Exp $ */
+/* $Id: kpasswd_locl.h,v 1.10 2001/02/15 04:20:54 assar Exp $ */
 
 #ifndef __KPASSWD_LOCL_H__
 #define __KPASSWD_LOCL_H__
@@ -95,7 +95,11 @@
 #include <err.h>
 #include <roken.h>
 #include <getarg.h>
+#ifdef HAVE_OPENSSL_DES_H
+#include <openssl/des.h>
+#else
 #include <des.h>
+#endif
 #include <krb5.h>
 
 #endif /* __KPASSWD_LOCL_H__ */
diff --git a/crypto/heimdal/kpasswd/kpasswdd.8 b/crypto/heimdal/kpasswd/kpasswdd.8
index 21e918b..5cf4b24 100644
--- a/crypto/heimdal/kpasswd/kpasswdd.8
+++ b/crypto/heimdal/kpasswd/kpasswdd.8
@@ -1,4 +1,4 @@
-.\" $Id: kpasswdd.8,v 1.3 2001/01/11 21:36:43 assar Exp $
+.\" $Id: kpasswdd.8,v 1.5 2001/06/08 21:35:32 joda Exp $
 .\"
 .Dd April 19, 1999
 .Dt KPASSWDD 8
@@ -11,14 +11,17 @@
 .Op Fl -check-library= Ns Ar library
 .Op Fl -check-function= Ns Ar function
 .Oo Fl k Ar kspec \*(Ba Xo
-.Fl -keytab= Ns Ar kspec Oc
+.Fl -keytab= Ns Ar kspec
 .Xc
+.Oc
 .Oo Fl r Ar realm \*(Ba Xo
-.Fl -realm= Ns Ar realm Oc
+.Fl -realm= Ns Ar realm
 .Xc
+.Oc
 .Oo Fl p Ar string \*(Ba Xo
-.Fl -port= Ns Ar string Oc
+.Fl -port= Ns Ar string
 .Xc
+.Oc
 .Op Fl -version
 .Op Fl -help
 .Sh DESCRIPTION
diff --git a/crypto/heimdal/kpasswd/kpasswdd.c b/crypto/heimdal/kpasswd/kpasswdd.c
index 4c6f197..4ddb078 100644
--- a/crypto/heimdal/kpasswd/kpasswdd.c
+++ b/crypto/heimdal/kpasswd/kpasswdd.c
@@ -32,7 +32,7 @@
  */
 
 #include "kpasswd_locl.h"
-RCSID("$Id: kpasswdd.c,v 1.49 2001/01/11 21:33:53 assar Exp $");
+RCSID("$Id: kpasswdd.c,v 1.51 2001/05/14 06:18:56 assar Exp $");
 
 #include <kadm5/admin.h>
 
@@ -138,7 +138,8 @@ reply_error (krb5_principal server,
 			 &e_data,
 			 NULL,
 			 server,
-			 0,
+			 NULL,
+			 NULL,
 			 &error_data);
     krb5_data_free (&e_data);
     if (ret) {
@@ -366,7 +367,10 @@ process (krb5_principal server,
 	return;
     }
 
-    ret = krb5_sockaddr2address (sa, &other_addr);
+    krb5_auth_con_setflags (context, auth_context,
+			    KRB5_AUTH_CONTEXT_DO_SEQUENCE);
+
+    ret = krb5_sockaddr2address (context, sa, &other_addr);
     if (ret) {
 	krb5_warn (context, ret, "krb5_sockaddr2address");
 	goto out;
@@ -443,8 +447,7 @@ doit (krb5_keytab keytab, int port)
     for (i = 0; i < n; ++i) {
 	int sa_size;
 
-	krb5_addr2sockaddr (&addrs.val[i], sa, &sa_size, port);
-
+	krb5_addr2sockaddr (context, &addrs.val[i], sa, &sa_size, port);
 	
 	sockets[i] = socket (sa->sa_family, SOCK_DGRAM, 0);
 	if (sockets[i] < 0)
diff --git a/crypto/heimdal/kpasswd/kpasswdd.cat8 b/crypto/heimdal/kpasswd/kpasswdd.cat8
new file mode 100644
index 0000000..b7d2e8d
--- /dev/null
+++ b/crypto/heimdal/kpasswd/kpasswdd.cat8
@@ -0,0 +1,54 @@
+
+KPASSWDD(8)              UNIX System Manager's Manual              KPASSWDD(8)
+
+NNAAMMEE
+     kkppaasssswwdddd - Kerberos 5 password changing server
+
+SSYYNNOOPPSSIISS
+     kkppaasssswwdddd [----cchheecckk--lliibbrraarryy==_l_i_b_r_a_r_y] [----cchheecckk--ffuunnccttiioonn==_f_u_n_c_t_i_o_n] [--kk _k_s_p_e_c
+     | ----kkeeyyttaabb==_k_s_p_e_c] [--rr _r_e_a_l_m | ----rreeaallmm==_r_e_a_l_m] [--pp _s_t_r_i_n_g | ----ppoorrtt==_s_t_r_i_n_g]
+     [----vveerrssiioonn] [----hheellpp]
+
+DDEESSCCRRIIPPTTIIOONN
+     kkppaasssswwdddd serves request for password changes. It listens on UDP port 464
+     (service kpasswd) and processes requests when they arrive. It changes the
+     database directly and should thus only run on the master KDC.
+
+     Supported options:
+
+     ----cchheecckk--lliibbrraarryy==_l_i_b_r_a_r_y
+             If your system has support for dynamic loading of shared li-
+             braries, you can use an external function to check password qual-
+             ity. This option specifies which library to load.
+
+     ----cchheecckk--ffuunnccttiioonn==_f_u_n_c_t_i_o_n
+             This is the function to call in the loaded library. The function
+             should look like this:
+
+             _c_o_n_s_t _c_h_a_r _* ppaasssswwdd__cchheecckk(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___p_r_i_n_c_i_p_a_l
+             _p_r_i_n_c_i_p_a_l, _k_r_b_5___d_a_t_a _*_p_a_s_s_w_o_r_d)
+
+             _c_o_n_t_e_x_t is an initialized context; _p_r_i_n_c_i_p_a_l is the one who tries
+             to change passwords, and _p_a_s_s_w_o_r_d is the new password. Note that
+             the password (in _p_a_s_s_w_o_r_d_-_>_d_a_t_a) is not zero terminated.
+
+     --kk _k_s_p_e_c, ----kkeeyyttaabb==_k_s_p_e_c
+             keytab to get authentication key from
+
+     --rr _r_e_a_l_m, ----rreeaallmm==_r_e_a_l_m
+             default realm
+
+     --pp _s_t_r_i_n_g, ----ppoorrtt==_s_t_r_i_n_g
+             port to listen on (default service kpasswd - 464).
+
+DDIIAAGGNNOOSSTTIICCSS
+     If an error occurs, the error message is returned to the user and/or
+     logged to syslog.
+
+BBUUGGSS
+     The default password quality checks are too basic.
+
+SSEEEE AALLSSOO
+     kdc(8),  kpasswd(1)
+
+ HEIMDAL                        April 19, 1999                               1