diff options
Diffstat (limited to 'crypto/heimdal/lib/hdb')
-rw-r--r-- | crypto/heimdal/lib/hdb/Makefile.am | 57 | ||||
-rw-r--r-- | crypto/heimdal/lib/hdb/Makefile.in | 709 | ||||
-rw-r--r-- | crypto/heimdal/lib/hdb/common.c | 145 | ||||
-rw-r--r-- | crypto/heimdal/lib/hdb/convert_db.c | 219 | ||||
-rw-r--r-- | crypto/heimdal/lib/hdb/db.c | 268 | ||||
-rw-r--r-- | crypto/heimdal/lib/hdb/hdb-private.h | 48 | ||||
-rw-r--r-- | crypto/heimdal/lib/hdb/hdb-protos.h | 158 | ||||
-rw-r--r-- | crypto/heimdal/lib/hdb/hdb.asn1 | 65 | ||||
-rw-r--r-- | crypto/heimdal/lib/hdb/hdb.c | 349 | ||||
-rw-r--r-- | crypto/heimdal/lib/hdb/hdb.h | 86 | ||||
-rw-r--r-- | crypto/heimdal/lib/hdb/hdb_err.et | 26 | ||||
-rw-r--r-- | crypto/heimdal/lib/hdb/hdb_locl.h | 83 | ||||
-rw-r--r-- | crypto/heimdal/lib/hdb/keytab.c | 187 | ||||
-rw-r--r-- | crypto/heimdal/lib/hdb/libasn1.h | 51 | ||||
-rw-r--r-- | crypto/heimdal/lib/hdb/ndbm.c | 316 | ||||
-rw-r--r-- | crypto/heimdal/lib/hdb/print.c | 236 |
16 files changed, 3003 insertions, 0 deletions
diff --git a/crypto/heimdal/lib/hdb/Makefile.am b/crypto/heimdal/lib/hdb/Makefile.am new file mode 100644 index 0000000..6c4341e --- /dev/null +++ b/crypto/heimdal/lib/hdb/Makefile.am @@ -0,0 +1,57 @@ +# $Id: Makefile.am,v 1.33 2000/01/06 21:45:41 assar Exp $ + +include $(top_srcdir)/Makefile.am.common + +INCLUDES += -I../asn1 -I$(srcdir)/../asn1 + +BUILT_SOURCES = asn1_Key.c asn1_Event.c asn1_HDBFlags.c asn1_hdb_entry.c \ + asn1_Salt.c hdb_err.c hdb_err.h + +foo = asn1_Key.x asn1_Event.x asn1_HDBFlags.x asn1_hdb_entry.x asn1_Salt.x + +CLEANFILES = $(BUILT_SOURCES) $(foo) hdb_asn1.h asn1_files + +noinst_PROGRAMS = convert_db +LDADD = libhdb.la \ + ../krb5/libkrb5.la \ + ../asn1/libasn1.la \ + ../des/libdes.la \ + $(LIB_roken) \ + $(DBLIB) + +lib_LTLIBRARIES = libhdb.la +libhdb_la_LDFLAGS = -version-info 4:1:1 + +libhdb_la_SOURCES = \ + keytab.c \ + hdb.c \ + common.c \ + db.c \ + ndbm.c \ + print.c \ + $(BUILT_SOURCES) + +include_HEADERS = hdb.h hdb_err.h hdb_asn1.h hdb-protos.h hdb-private.h + +libhdb_la_LIBADD = + +$(libhdb_la_OBJECTS): $(srcdir)/hdb-protos.h $(srcdir)/hdb-private.h + +$(srcdir)/hdb-protos.h: + cd $(srcdir); perl ../../cf/make-proto.pl -o hdb-protos.h $(libhdb_la_SOURCES) || rm -f hdb-protos.h + +$(srcdir)/hdb-private.h: + cd $(srcdir); perl ../../cf/make-proto.pl -p hdb-private.h $(libhdb_la_SOURCES) || rm -f hdb-private.h + +$(foo) hdb_asn1.h: asn1_files + +asn1_files: ../asn1/asn1_compile$(EXEEXT) $(srcdir)/hdb.asn1 + ../asn1/asn1_compile$(EXEEXT) $(srcdir)/hdb.asn1 hdb_asn1 + +$(libhdb_la_OBJECTS): hdb_asn1.h hdb_err.h + +$(convert_db_OBJECTS): hdb_asn1.h hdb_err.h + +# to help stupid solaris make + +hdb_err.h: hdb_err.et diff --git a/crypto/heimdal/lib/hdb/Makefile.in b/crypto/heimdal/lib/hdb/Makefile.in new file mode 100644 index 0000000..ef92550 --- /dev/null +++ b/crypto/heimdal/lib/hdb/Makefile.in @@ -0,0 +1,709 @@ +# Makefile.in generated automatically by automake 1.4 from Makefile.am + +# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +# $Id: Makefile.am,v 1.33 2000/01/06 21:45:41 assar Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ + + +SHELL = @SHELL@ + +srcdir = @srcdir@ +top_srcdir = @top_srcdir@ +VPATH = @srcdir@ +prefix = @prefix@ +exec_prefix = @exec_prefix@ + +bindir = @bindir@ +sbindir = @sbindir@ +libexecdir = @libexecdir@ +datadir = @datadir@ +sysconfdir = @sysconfdir@ +sharedstatedir = @sharedstatedir@ +localstatedir = @localstatedir@ +libdir = @libdir@ +infodir = @infodir@ +mandir = @mandir@ +includedir = @includedir@ +oldincludedir = /usr/include + +DESTDIR = + +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ + +top_builddir = ../.. + +ACLOCAL = @ACLOCAL@ +AUTOCONF = @AUTOCONF@ +AUTOMAKE = @AUTOMAKE@ +AUTOHEADER = @AUTOHEADER@ + +INSTALL = @INSTALL@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +transform = @program_transform_name@ + +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +host_alias = @host_alias@ +host_triplet = @host@ +AFS_EXTRA_LD = @AFS_EXTRA_LD@ +AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AWK = @AWK@ +CANONICAL_HOST = @CANONICAL_HOST@ +CATMAN = @CATMAN@ +CATMANEXT = @CATMANEXT@ +CC = @CC@ +DBLIB = @DBLIB@ +EXEEXT = @EXEEXT@ +EXTRA_LIB45 = @EXTRA_LIB45@ +GROFF = @GROFF@ +INCLUDE_ = @INCLUDE_@ +LD = @LD@ +LEX = @LEX@ +LIBOBJS = @LIBOBJS@ +LIBTOOL = @LIBTOOL@ +LIB_ = @LIB_@ +LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_kdb = @LIB_kdb@ +LIB_otp = @LIB_otp@ +LIB_roken = @LIB_roken@ +LIB_security = @LIB_security@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ +MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ +MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ +NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ +NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ +NM = @NM@ +NROFF = @NROFF@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +RANLIB = @RANLIB@ +VERSION = @VERSION@ +VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ +WFLAGS = @WFLAGS@ +WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ +WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ +YACC = @YACC@ + +AUTOMAKE_OPTIONS = foreign no-dependencies + +SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x + +INCLUDES = -I$(top_builddir)/include -I../asn1 -I$(srcdir)/../asn1 + +AM_CFLAGS = $(WFLAGS) + +COMPILE_ET = $(top_builddir)/lib/com_err/compile_et + +buildinclude = $(top_builddir)/include + +LIB_XauReadAuth = @LIB_XauReadAuth@ +LIB_crypt = @LIB_crypt@ +LIB_dbm_firstkey = @LIB_dbm_firstkey@ +LIB_dbopen = @LIB_dbopen@ +LIB_dlopen = @LIB_dlopen@ +LIB_dn_expand = @LIB_dn_expand@ +LIB_el_init = @LIB_el_init@ +LIB_getattr = @LIB_getattr@ +LIB_gethostbyname = @LIB_gethostbyname@ +LIB_getpwent_r = @LIB_getpwent_r@ +LIB_getpwnam_r = @LIB_getpwnam_r@ +LIB_getsockopt = @LIB_getsockopt@ +LIB_logout = @LIB_logout@ +LIB_logwtmp = @LIB_logwtmp@ +LIB_odm_initialize = @LIB_odm_initialize@ +LIB_readline = @LIB_readline@ +LIB_res_search = @LIB_res_search@ +LIB_setpcred = @LIB_setpcred@ +LIB_setsockopt = @LIB_setsockopt@ +LIB_socket = @LIB_socket@ +LIB_syslog = @LIB_syslog@ +LIB_tgetent = @LIB_tgetent@ + +HESIODLIB = @HESIODLIB@ +HESIODINCLUDE = @HESIODINCLUDE@ +INCLUDE_hesiod = @INCLUDE_hesiod@ +LIB_hesiod = @LIB_hesiod@ + +INCLUDE_krb4 = @INCLUDE_krb4@ +LIB_krb4 = @LIB_krb4@ + +INCLUDE_readline = @INCLUDE_readline@ + +LEXLIB = @LEXLIB@ + +cat1dir = $(mandir)/cat1 +cat3dir = $(mandir)/cat3 +cat5dir = $(mandir)/cat5 +cat8dir = $(mandir)/cat8 + +MANRX = \(.*\)\.\([0-9]\) +CATSUFFIX = @CATSUFFIX@ + +NROFF_MAN = groff -mandoc -Tascii + +@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) + +@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la + +CHECK_LOCAL = $(PROGRAMS) + +BUILT_SOURCES = asn1_Key.c asn1_Event.c asn1_HDBFlags.c asn1_hdb_entry.c asn1_Salt.c hdb_err.c hdb_err.h + + +foo = asn1_Key.x asn1_Event.x asn1_HDBFlags.x asn1_hdb_entry.x asn1_Salt.x + +CLEANFILES = $(BUILT_SOURCES) $(foo) hdb_asn1.h asn1_files + +noinst_PROGRAMS = convert_db +LDADD = libhdb.la ../krb5/libkrb5.la ../asn1/libasn1.la ../des/libdes.la $(LIB_roken) $(DBLIB) + + +lib_LTLIBRARIES = libhdb.la +libhdb_la_LDFLAGS = -version-info 4:1:1 + +libhdb_la_SOURCES = keytab.c hdb.c common.c db.c ndbm.c print.c $(BUILT_SOURCES) + + +include_HEADERS = hdb.h hdb_err.h hdb_asn1.h hdb-protos.h hdb-private.h + +libhdb_la_LIBADD = +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = ../../include/config.h +CONFIG_CLEAN_FILES = +LTLIBRARIES = $(lib_LTLIBRARIES) + + +DEFS = @DEFS@ -I. -I$(srcdir) -I../../include +CPPFLAGS = @CPPFLAGS@ +LDFLAGS = @LDFLAGS@ +LIBS = @LIBS@ +X_CFLAGS = @X_CFLAGS@ +X_LIBS = @X_LIBS@ +X_EXTRA_LIBS = @X_EXTRA_LIBS@ +X_PRE_LIBS = @X_PRE_LIBS@ +libhdb_la_DEPENDENCIES = +libhdb_la_OBJECTS = keytab.lo hdb.lo common.lo db.lo ndbm.lo print.lo \ +asn1_Key.lo asn1_Event.lo asn1_HDBFlags.lo asn1_hdb_entry.lo \ +asn1_Salt.lo hdb_err.lo +noinst_PROGRAMS = convert_db$(EXEEXT) +PROGRAMS = $(noinst_PROGRAMS) + +convert_db_SOURCES = convert_db.c +convert_db_OBJECTS = convert_db.$(OBJEXT) +convert_db_LDADD = $(LDADD) +convert_db_DEPENDENCIES = libhdb.la ../krb5/libkrb5.la \ +../asn1/libasn1.la ../des/libdes.la +convert_db_LDFLAGS = +CFLAGS = @CFLAGS@ +COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +HEADERS = $(include_HEADERS) + +DIST_COMMON = Makefile.am Makefile.in + + +DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) + +TAR = tar +GZIP_ENV = --best +SOURCES = $(libhdb_la_SOURCES) convert_db.c +OBJECTS = $(libhdb_la_OBJECTS) convert_db.$(OBJEXT) + +all: all-redirect +.SUFFIXES: +.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .s .x +$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common + cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/hdb/Makefile + +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + cd $(top_builddir) \ + && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status + + +mostlyclean-libLTLIBRARIES: + +clean-libLTLIBRARIES: + -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) + +distclean-libLTLIBRARIES: + +maintainer-clean-libLTLIBRARIES: + +install-libLTLIBRARIES: $(lib_LTLIBRARIES) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(libdir) + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + echo "$(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p"; \ + $(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p; \ + else :; fi; \ + done + +uninstall-libLTLIBRARIES: + @$(NORMAL_UNINSTALL) + list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \ + done + +.c.o: + $(COMPILE) -c $< + +# FIXME: We should only use cygpath when building on Windows, +# and only if it is available. +.c.obj: + $(COMPILE) -c `cygpath -w $<` + +.s.o: + $(COMPILE) -c $< + +.S.o: + $(COMPILE) -c $< + +mostlyclean-compile: + -rm -f *.o core *.core + -rm -f *.$(OBJEXT) + +clean-compile: + +distclean-compile: + -rm -f *.tab.c + +maintainer-clean-compile: + +.c.lo: + $(LIBTOOL) --mode=compile $(COMPILE) -c $< + +.s.lo: + $(LIBTOOL) --mode=compile $(COMPILE) -c $< + +.S.lo: + $(LIBTOOL) --mode=compile $(COMPILE) -c $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +distclean-libtool: + +maintainer-clean-libtool: + +libhdb.la: $(libhdb_la_OBJECTS) $(libhdb_la_DEPENDENCIES) + $(LINK) -rpath $(libdir) $(libhdb_la_LDFLAGS) $(libhdb_la_OBJECTS) $(libhdb_la_LIBADD) $(LIBS) + +mostlyclean-noinstPROGRAMS: + +clean-noinstPROGRAMS: + -test -z "$(noinst_PROGRAMS)" || rm -f $(noinst_PROGRAMS) + +distclean-noinstPROGRAMS: + +maintainer-clean-noinstPROGRAMS: + +convert_db$(EXEEXT): $(convert_db_OBJECTS) $(convert_db_DEPENDENCIES) + @rm -f convert_db$(EXEEXT) + $(LINK) $(convert_db_LDFLAGS) $(convert_db_OBJECTS) $(convert_db_LDADD) $(LIBS) + +install-includeHEADERS: $(include_HEADERS) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(includedir) + @list='$(include_HEADERS)'; for p in $$list; do \ + if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \ + echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p"; \ + $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p; \ + done + +uninstall-includeHEADERS: + @$(NORMAL_UNINSTALL) + list='$(include_HEADERS)'; for p in $$list; do \ + rm -f $(DESTDIR)$(includedir)/$$p; \ + done + +tags: TAGS + +ID: $(HEADERS) $(SOURCES) $(LISP) + list='$(SOURCES) $(HEADERS)'; \ + unique=`for i in $$list; do echo $$i; done | \ + awk ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + here=`pwd` && cd $(srcdir) \ + && mkid -f$$here/ID $$unique $(LISP) + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS)'; \ + unique=`for i in $$list; do echo $$i; done | \ + awk ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ + || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS) + +mostlyclean-tags: + +clean-tags: + +distclean-tags: + -rm -f TAGS ID + +maintainer-clean-tags: + +distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) + +subdir = lib/hdb + +distdir: $(DISTFILES) + @for file in $(DISTFILES); do \ + d=$(srcdir); \ + if test -d $$d/$$file; then \ + cp -pr $$/$$file $(distdir)/$$file; \ + else \ + test -f $(distdir)/$$file \ + || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ + || cp -p $$d/$$file $(distdir)/$$file || :; \ + fi; \ + done + $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook +info-am: +info: info-am +dvi-am: +dvi: dvi-am +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) check-local +check: check-am +installcheck-am: +installcheck: installcheck-am +install-exec-am: install-libLTLIBRARIES + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-exec-hook +install-exec: install-exec-am + +install-data-am: install-includeHEADERS install-data-local +install-data: install-data-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am +install: install-am +uninstall-am: uninstall-libLTLIBRARIES uninstall-includeHEADERS +uninstall: uninstall-am +all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(HEADERS) all-local +all-redirect: all-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install +installdirs: + $(mkinstalldirs) $(DESTDIR)$(libdir) $(DESTDIR)$(includedir) + + +mostlyclean-generic: + +clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) + +distclean-generic: + -rm -f Makefile $(CONFIG_CLEAN_FILES) + -rm -f config.cache config.log stamp-h stamp-h[0-9]* + +maintainer-clean-generic: + -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES) +mostlyclean-am: mostlyclean-libLTLIBRARIES mostlyclean-compile \ + mostlyclean-libtool mostlyclean-noinstPROGRAMS \ + mostlyclean-tags mostlyclean-generic + +mostlyclean: mostlyclean-am + +clean-am: clean-libLTLIBRARIES clean-compile clean-libtool \ + clean-noinstPROGRAMS clean-tags clean-generic \ + mostlyclean-am + +clean: clean-am + +distclean-am: distclean-libLTLIBRARIES distclean-compile \ + distclean-libtool distclean-noinstPROGRAMS \ + distclean-tags distclean-generic clean-am + -rm -f libtool + +distclean: distclean-am + +maintainer-clean-am: maintainer-clean-libLTLIBRARIES \ + maintainer-clean-compile maintainer-clean-libtool \ + maintainer-clean-noinstPROGRAMS maintainer-clean-tags \ + maintainer-clean-generic distclean-am + @echo "This command is intended for maintainers to use;" + @echo "it deletes files that may require special tools to rebuild." + +maintainer-clean: maintainer-clean-am + +.PHONY: mostlyclean-libLTLIBRARIES distclean-libLTLIBRARIES \ +clean-libLTLIBRARIES maintainer-clean-libLTLIBRARIES \ +uninstall-libLTLIBRARIES install-libLTLIBRARIES mostlyclean-compile \ +distclean-compile clean-compile maintainer-clean-compile \ +mostlyclean-libtool distclean-libtool clean-libtool \ +maintainer-clean-libtool mostlyclean-noinstPROGRAMS \ +distclean-noinstPROGRAMS clean-noinstPROGRAMS \ +maintainer-clean-noinstPROGRAMS uninstall-includeHEADERS \ +install-includeHEADERS tags mostlyclean-tags distclean-tags clean-tags \ +maintainer-clean-tags distdir info-am info dvi-am dvi check-local check \ +check-am installcheck-am installcheck install-exec-am install-exec \ +install-data-local install-data-am install-data install-am install \ +uninstall-am uninstall all-local all-redirect all-am all installdirs \ +mostlyclean-generic distclean-generic clean-generic \ +maintainer-clean-generic clean mostlyclean distclean maintainer-clean + + +install-suid-programs: + @foo='$(bin_SUIDS)'; \ + for file in $$foo; do \ + x=$(DESTDIR)$(bindir)/$$file; \ + if chown 0:0 $$x && chmod u+s $$x; then :; else \ + chmod 0 $$x; fi; done + +install-exec-hook: install-suid-programs + +install-build-headers:: $(include_HEADERS) $(build_HEADERZ) + @foo='$(include_HEADERS) $(build_HEADERZ)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " cp $$file $(buildinclude)/$$f"; \ + cp $$file $(buildinclude)/$$f; \ + fi ; \ + done + +all-local: install-build-headers +#NROFF_MAN = nroff -man +.1.cat1: + $(NROFF_MAN) $< > $@ +.3.cat3: + $(NROFF_MAN) $< > $@ +.5.cat5: + $(NROFF_MAN) $< > $@ +.8.cat8: + $(NROFF_MAN) $< > $@ + +dist-cat1-mans: + @foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat3-mans: + @foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat5-mans: + @foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat8-mans: + @foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans + +install-cat1-mans: + @ext=1;\ + foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat3-mans: + @ext=3;\ + foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat5-mans: + @ext=5;\ + foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat8-mans: + @ext=8;\ + foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans + +install-data-local: install-cat-mans + +.et.h: + $(COMPILE_ET) $< +.et.c: + $(COMPILE_ET) $< + +.x.c: + @cmp -s $< $@ 2> /dev/null || cp $< $@ + +check-local:: + @foo='$(CHECK_LOCAL)'; \ + if test "$$foo"; then \ + failed=0; all=0; \ + for i in $$foo; do \ + all=`expr $$all + 1`; \ + if ./$$i --version > /dev/null 2>&1; then \ + echo "PASS: $$i"; \ + else \ + echo "FAIL: $$i"; \ + failed=`expr $$failed + 1`; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0; \ + fi + +$(libhdb_la_OBJECTS): $(srcdir)/hdb-protos.h $(srcdir)/hdb-private.h + +$(srcdir)/hdb-protos.h: + cd $(srcdir); perl ../../cf/make-proto.pl -o hdb-protos.h $(libhdb_la_SOURCES) || rm -f hdb-protos.h + +$(srcdir)/hdb-private.h: + cd $(srcdir); perl ../../cf/make-proto.pl -p hdb-private.h $(libhdb_la_SOURCES) || rm -f hdb-private.h + +$(foo) hdb_asn1.h: asn1_files + +asn1_files: ../asn1/asn1_compile$(EXEEXT) $(srcdir)/hdb.asn1 + ../asn1/asn1_compile$(EXEEXT) $(srcdir)/hdb.asn1 hdb_asn1 + +$(libhdb_la_OBJECTS): hdb_asn1.h hdb_err.h + +$(convert_db_OBJECTS): hdb_asn1.h hdb_err.h + +# to help stupid solaris make + +hdb_err.h: hdb_err.et + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/crypto/heimdal/lib/hdb/common.c b/crypto/heimdal/lib/hdb/common.c new file mode 100644 index 0000000..6e95667 --- /dev/null +++ b/crypto/heimdal/lib/hdb/common.c @@ -0,0 +1,145 @@ +/* + * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "hdb_locl.h" + +RCSID("$Id: common.c,v 1.6 1999/12/02 17:05:04 joda Exp $"); + +int +hdb_principal2key(krb5_context context, krb5_principal p, krb5_data *key) +{ + Principal new; + size_t len; + unsigned char *buf; + int ret; + + ret = copy_Principal(p, &new); + if(ret) + goto out; + new.name.name_type = 0; + len = length_Principal(&new); + buf = malloc(len); + if(buf == NULL){ + ret = ENOMEM; + goto out; + } + ret = encode_Principal(buf + len - 1, len, &new, &len); + if(ret){ + free(buf); + goto out; + } + key->data = buf; + key->length = len; +out: + free_Principal(&new); + return ret; +} + +int +hdb_key2principal(krb5_context context, krb5_data *key, krb5_principal p) +{ + return decode_Principal(key->data, key->length, p, NULL); +} + +int +hdb_entry2value(krb5_context context, hdb_entry *ent, krb5_data *value) +{ + unsigned char *buf; + size_t len; + int ret; + + len = length_hdb_entry(ent); + buf = malloc(len); + if(buf == NULL) + return ENOMEM; + ret = encode_hdb_entry(buf + len - 1, len, ent, &len); + if(ret){ + free(buf); + return ret; + } + value->data = buf; + value->length = len; + return 0; +} + +int +hdb_value2entry(krb5_context context, krb5_data *value, hdb_entry *ent) +{ + return decode_hdb_entry(value->data, value->length, ent, NULL); +} + +krb5_error_code +_hdb_fetch(krb5_context context, HDB *db, unsigned flags, hdb_entry *entry) +{ + krb5_data key, value; + int code; + + hdb_principal2key(context, entry->principal, &key); + code = db->_get(context, db, key, &value); + krb5_data_free(&key); + if(code) + return code; + hdb_value2entry(context, &value, entry); + if (db->master_key_set && (flags & HDB_F_DECRYPT)) + hdb_unseal_keys (db, entry); + krb5_data_free(&value); + return 0; +} + +krb5_error_code +_hdb_store(krb5_context context, HDB *db, unsigned flags, hdb_entry *entry) +{ + krb5_data key, value; + int code; + + hdb_principal2key(context, entry->principal, &key); + hdb_seal_keys(db, entry); + hdb_entry2value(context, entry, &value); + code = db->_put(context, db, flags & HDB_F_REPLACE, key, value); + krb5_data_free(&value); + krb5_data_free(&key); + return code; +} + +krb5_error_code +_hdb_remove(krb5_context context, HDB *db, hdb_entry *entry) +{ + krb5_data key; + int code; + + hdb_principal2key(context, entry->principal, &key); + code = db->_del(context, db, key); + krb5_data_free(&key); + return code; +} + diff --git a/crypto/heimdal/lib/hdb/convert_db.c b/crypto/heimdal/lib/hdb/convert_db.c new file mode 100644 index 0000000..b257809 --- /dev/null +++ b/crypto/heimdal/lib/hdb/convert_db.c @@ -0,0 +1,219 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of KTH nor the names of its contributors may be + * used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +/* Converts a database from version 0.0* to 0.1. This is done by + * making three copies of each DES key (DES-CBC-CRC, DES-CBC-MD4, and + * DES-CBC-MD5). + * + * Use with care. + */ + +#include "hdb_locl.h" +#include "getarg.h" + +RCSID("$Id: convert_db.c,v 1.8 1999/05/09 22:47:47 assar Exp $"); + +static krb5_error_code +update_keytypes(krb5_context context, HDB *db, hdb_entry *entry, void *data) +{ + int i; + int n = 0; + Key *k; + int save_len; + Key *save_val; + HDB *new = data; + krb5_error_code ret; + + for(i = 0; i < entry->keys.len; i++) + if(entry->keys.val[i].key.keytype == KEYTYPE_DES) + n += 2; + else if(entry->keys.val[i].key.keytype == KEYTYPE_DES3) + n += 1; + k = malloc(sizeof(*k) * (entry->keys.len + n)); + n = 0; + for(i = 0; i < entry->keys.len; i++) { + copy_Key(&entry->keys.val[i], &k[n]); + if(entry->keys.val[i].key.keytype == KEYTYPE_DES) { + copy_Key(&entry->keys.val[i], &k[n+1]); + k[n+1].key.keytype = ETYPE_DES_CBC_MD4; + copy_Key(&entry->keys.val[i], &k[n+2]); + k[n+2].key.keytype = ETYPE_DES_CBC_MD5; + n += 2; + } + else if(entry->keys.val[i].key.keytype == KEYTYPE_DES3) { + copy_Key(&entry->keys.val[i], &k[n+1]); + k[n+1].key.keytype = ETYPE_DES3_CBC_MD5; + n += 1; + } + n++; + } + save_len = entry->keys.len; + save_val = entry->keys.val; + entry->keys.len = n; + entry->keys.val = k; + ret = new->store(context, new, HDB_F_REPLACE, entry); + entry->keys.len = save_len; + entry->keys.val = save_val; + for(i = 0; i < n; i++) + free_Key(&k[i]); + free(k); + return 0; +} + +static krb5_error_code +update_version2(krb5_context context, HDB *db, hdb_entry *entry, void *data) +{ + HDB *new = data; + if(!db->master_key_set) { + int i; + for(i = 0; i < entry->keys.len; i++) { + free(entry->keys.val[i].mkvno); + entry->keys.val[i].mkvno = NULL; + } + } + new->store(context, new, HDB_F_REPLACE, entry); + return 0; +} + +char *old_database = HDB_DEFAULT_DB; +char *new_database = HDB_DEFAULT_DB ".new"; +char *mkeyfile; +int update_version; +int help_flag; +int version_flag; + +struct getargs args[] = { + { "old-database", 0, arg_string, &old_database, + "name of database to convert", "file" }, + { "new-database", 0, arg_string, &new_database, + "name of converted database", "file" }, + { "master-key", 0, arg_string, &mkeyfile, + "v5 master key file", "file" }, + { "update-version", 0, arg_flag, &update_version, + "update the database to the current version" }, + { "help", 'h', arg_flag, &help_flag }, + { "version", 0, arg_flag, &version_flag } +}; + +static int num_args = sizeof(args) / sizeof(args[0]); + +int +main(int argc, char **argv) +{ + krb5_error_code ret; + krb5_context context; + HDB *db, *new; + EncryptionKey key; + int optind = 0; + int master_key_set = 0; + + set_progname(argv[0]); + + if(getarg(args, num_args, argc, argv, &optind)) + krb5_std_usage(1, args, num_args); + + if(help_flag) + krb5_std_usage(0, args, num_args); + + if(version_flag){ + print_version(NULL); + exit(0); + } + + ret = krb5_init_context(&context); + if(ret != 0) + krb5_err(NULL, 1, ret, "krb5_init_context"); + + ret = hdb_create(context, &db, old_database); + if(ret != 0) + krb5_err(context, 1, ret, "hdb_create"); + + ret = hdb_read_master_key(context, mkeyfile, &key); + if(ret == 0) { + if(key.keytype == KEYTYPE_DES) + key.keytype = ETYPE_DES_CBC_MD5; + + ret = hdb_set_master_key(context, db, key); + if (ret) + krb5_err(context, 1, ret, "hdb_set_master_key"); + master_key_set = 1; + } + ret = hdb_create(context, &new, new_database); + if(ret != 0) + krb5_err(context, 1, ret, "hdb_create"); + if (master_key_set) { + ret = hdb_set_master_key(context, new, key); + if (ret) + krb5_err(context, 1, ret, "hdb_set_master_key"); + } + ret = db->open(context, db, O_RDONLY, 0); + if(ret == HDB_ERR_BADVERSION) { + krb5_data tag; + krb5_data version; + int foo; + unsigned ver; + tag.data = HDB_DB_FORMAT_ENTRY; + tag.length = strlen(tag.data); + ret = (*db->_get)(context, db, tag, &version); + if(ret) + krb5_errx(context, 1, "database is wrong version, " + "but couldn't find version key (%s)", + HDB_DB_FORMAT_ENTRY); + foo = sscanf(version.data, "%u", &ver); + krb5_data_free (&version); + if(foo != 1) + krb5_errx(context, 1, "database version is not a number"); + if(ver == 1 && HDB_DB_FORMAT == 2) { + krb5_warnx(context, "will upgrade database from version %d to %d", + ver, HDB_DB_FORMAT); + krb5_warnx(context, "rerun to do other conversions"); + update_version = 1; + } else + krb5_errx(context, 1, + "don't know how to upgrade from version %d to %d", + ver, HDB_DB_FORMAT); + } else if(ret) + krb5_err(context, 1, ret, "%s", old_database); + ret = new->open(context, new, O_CREAT|O_EXCL|O_RDWR, 0600); + if(ret) + krb5_err(context, 1, ret, "%s", new_database); + if(update_version) + ret = hdb_foreach(context, db, 0, update_version2, new); + else + ret = hdb_foreach(context, db, 0, update_keytypes, new); + if(ret != 0) + krb5_err(context, 1, ret, "hdb_foreach"); + db->close(context, db); + new->close(context, new); + krb5_warnx(context, "wrote converted database to `%s'", new_database); + return 0; +} diff --git a/crypto/heimdal/lib/hdb/db.c b/crypto/heimdal/lib/hdb/db.c new file mode 100644 index 0000000..4699437 --- /dev/null +++ b/crypto/heimdal/lib/hdb/db.c @@ -0,0 +1,268 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "hdb_locl.h" + +RCSID("$Id: db.c,v 1.25 1999/12/02 17:05:04 joda Exp $"); + +#ifdef HAVE_DB_H + +static krb5_error_code +DB_close(krb5_context context, HDB *db) +{ + DB *d = (DB*)db->db; + d->close(d); + return 0; +} + +static krb5_error_code +DB_destroy(krb5_context context, HDB *db) +{ + krb5_error_code ret; + + ret = hdb_clear_master_key (context, db); + free(db->name); + free(db); + return ret; +} + +static krb5_error_code +DB_lock(krb5_context context, HDB *db, int operation) +{ + DB *d = (DB*)db->db; + int fd = (*d->fd)(d); + if(fd < 0) + return HDB_ERR_CANT_LOCK_DB; + return hdb_lock(fd, operation); +} + +static krb5_error_code +DB_unlock(krb5_context context, HDB *db) +{ + DB *d = (DB*)db->db; + int fd = (*d->fd)(d); + if(fd < 0) + return HDB_ERR_CANT_LOCK_DB; + return hdb_unlock(fd); +} + + +static krb5_error_code +DB_seq(krb5_context context, HDB *db, + unsigned flags, hdb_entry *entry, int flag) +{ + DB *d = (DB*)db->db; + DBT key, value; + krb5_data key_data, data; + int code; + + code = db->lock(context, db, HDB_RLOCK); + if(code == -1) + return HDB_ERR_DB_INUSE; + code = d->seq(d, &key, &value, flag); + db->unlock(context, db); /* XXX check value */ + if(code == -1) + return errno; + if(code == 1) + return HDB_ERR_NOENTRY; + + key_data.data = key.data; + key_data.length = key.size; + data.data = value.data; + data.length = value.size; + if (hdb_value2entry(context, &data, entry)) + return DB_seq(context, db, flags, entry, R_NEXT); + if (db->master_key_set && (flags & HDB_F_DECRYPT)) + hdb_unseal_keys (db, entry); + if (entry->principal == NULL) { + entry->principal = malloc(sizeof(*entry->principal)); + hdb_key2principal(context, &key_data, entry->principal); + } + return 0; +} + + +static krb5_error_code +DB_firstkey(krb5_context context, HDB *db, unsigned flags, hdb_entry *entry) +{ + return DB_seq(context, db, flags, entry, R_FIRST); +} + + +static krb5_error_code +DB_nextkey(krb5_context context, HDB *db, unsigned flags, hdb_entry *entry) +{ + return DB_seq(context, db, flags, entry, R_NEXT); +} + +static krb5_error_code +DB_rename(krb5_context context, HDB *db, const char *new_name) +{ + int ret; + char *old, *new; + + asprintf(&old, "%s.db", db->name); + asprintf(&new, "%s.db", new_name); + ret = rename(old, new); + free(old); + free(new); + if(ret) + return errno; + + free(db->name); + db->name = strdup(new_name); + return 0; +} + +static krb5_error_code +DB__get(krb5_context context, HDB *db, krb5_data key, krb5_data *reply) +{ + DB *d = (DB*)db->db; + DBT k, v; + int code; + + k.data = key.data; + k.size = key.length; + code = db->lock(context, db, HDB_RLOCK); + if(code) + return code; + code = d->get(d, &k, &v, 0); + db->unlock(context, db); + if(code < 0) + return errno; + if(code == 1) + return HDB_ERR_NOENTRY; + + krb5_data_copy(reply, v.data, v.size); + return 0; +} + +static krb5_error_code +DB__put(krb5_context context, HDB *db, int replace, + krb5_data key, krb5_data value) +{ + DB *d = (DB*)db->db; + DBT k, v; + int code; + + k.data = key.data; + k.size = key.length; + v.data = value.data; + v.size = value.length; + code = db->lock(context, db, HDB_WLOCK); + if(code) + return code; + code = d->put(d, &k, &v, replace ? 0 : R_NOOVERWRITE); + db->unlock(context, db); + if(code < 0) + return errno; + if(code == 1) + return HDB_ERR_EXISTS; + return 0; +} + +static krb5_error_code +DB__del(krb5_context context, HDB *db, krb5_data key) +{ + DB *d = (DB*)db->db; + DBT k; + krb5_error_code code; + k.data = key.data; + k.size = key.length; + code = db->lock(context, db, HDB_WLOCK); + if(code) + return code; + code = d->del(d, &k, 0); + db->unlock(context, db); + if(code == 1) + return HDB_ERR_NOENTRY; + if(code < 0) + return errno; + return 0; +} + +static krb5_error_code +DB_open(krb5_context context, HDB *db, int flags, mode_t mode) +{ + char *fn; + krb5_error_code ret; + + asprintf(&fn, "%s.db", db->name); + if (fn == NULL) + return ENOMEM; + db->db = dbopen(fn, flags, mode, DB_BTREE, NULL); + free(fn); + /* try to open without .db extension */ + if(db->db == NULL && errno == ENOENT) + db->db = dbopen(db->name, flags, mode, DB_BTREE, NULL); + if(db->db == NULL) + return errno; + if((flags & O_ACCMODE) == O_RDONLY) + ret = hdb_check_db_format(context, db); + else + ret = hdb_init_db(context, db); + if(ret == HDB_ERR_NOENTRY) + return 0; + return ret; +} + +krb5_error_code +hdb_db_create(krb5_context context, HDB **db, + const char *filename) +{ + *db = malloc(sizeof(**db)); + if (*db == NULL) + return ENOMEM; + + (*db)->db = NULL; + (*db)->name = strdup(filename); + (*db)->master_key_set = 0; + (*db)->openp = 0; + (*db)->open = DB_open; + (*db)->close = DB_close; + (*db)->fetch = _hdb_fetch; + (*db)->store = _hdb_store; + (*db)->remove = _hdb_remove; + (*db)->firstkey = DB_firstkey; + (*db)->nextkey= DB_nextkey; + (*db)->lock = DB_lock; + (*db)->unlock = DB_unlock; + (*db)->rename = DB_rename; + (*db)->_get = DB__get; + (*db)->_put = DB__put; + (*db)->_del = DB__del; + (*db)->destroy = DB_destroy; + return 0; +} + +#endif diff --git a/crypto/heimdal/lib/hdb/hdb-private.h b/crypto/heimdal/lib/hdb/hdb-private.h new file mode 100644 index 0000000..ce868bd --- /dev/null +++ b/crypto/heimdal/lib/hdb/hdb-private.h @@ -0,0 +1,48 @@ +/* This is a generated file */ +#ifndef __hdb_private_h__ +#define __hdb_private_h__ + +#ifdef __STDC__ +#include <stdarg.h> +#ifndef __P +#define __P(x) x +#endif +#else +#ifndef __P +#define __P(x) () +#endif +#endif + +krb5_error_code +_hdb_fetch __P(( + krb5_context context, + HDB *db, + unsigned flags, + hdb_entry *entry)); + +krb5_error_code +_hdb_remove __P(( + krb5_context context, + HDB *db, + hdb_entry *entry)); + +void +_hdb_seal_keys_int __P(( + hdb_entry *ent, + int key_version, + krb5_data schedule)); + +krb5_error_code +_hdb_store __P(( + krb5_context context, + HDB *db, + unsigned flags, + hdb_entry *entry)); + +void +_hdb_unseal_keys_int __P(( + hdb_entry *ent, + int key_version, + krb5_data schedule)); + +#endif /* __hdb_private_h__ */ diff --git a/crypto/heimdal/lib/hdb/hdb-protos.h b/crypto/heimdal/lib/hdb/hdb-protos.h new file mode 100644 index 0000000..e0f15b1 --- /dev/null +++ b/crypto/heimdal/lib/hdb/hdb-protos.h @@ -0,0 +1,158 @@ +/* This is a generated file */ +#ifndef __hdb_protos_h__ +#define __hdb_protos_h__ + +#ifdef __STDC__ +#include <stdarg.h> +#ifndef __P +#define __P(x) x +#endif +#else +#ifndef __P +#define __P(x) () +#endif +#endif + +krb5_error_code +hdb_check_db_format __P(( + krb5_context context, + HDB *db)); + +krb5_error_code +hdb_clear_master_key __P(( + krb5_context context, + HDB *db)); + +krb5_error_code +hdb_create __P(( + krb5_context context, + HDB **db, + const char *filename)); + +krb5_error_code +hdb_db_create __P(( + krb5_context context, + HDB **db, + const char *filename)); + +krb5_error_code +hdb_enctype2key __P(( + krb5_context context, + hdb_entry *e, + krb5_enctype enctype, + Key **key)); + +krb5_error_code +hdb_entry2string __P(( + krb5_context context, + hdb_entry *ent, + char **str)); + +int +hdb_entry2value __P(( + krb5_context context, + hdb_entry *ent, + krb5_data *value)); + +krb5_error_code +hdb_foreach __P(( + krb5_context context, + HDB *db, + unsigned flags, + hdb_foreach_func_t func, + void *data)); + +void +hdb_free_entry __P(( + krb5_context context, + hdb_entry *ent)); + +void +hdb_free_key __P((Key *key)); + +krb5_error_code +hdb_init_db __P(( + krb5_context context, + HDB *db)); + +int +hdb_key2principal __P(( + krb5_context context, + krb5_data *key, + krb5_principal p)); + +krb5_error_code +hdb_lock __P(( + int fd, + int operation)); + +krb5_error_code +hdb_ndbm_create __P(( + krb5_context context, + HDB **db, + const char *filename)); + +krb5_error_code +hdb_next_enctype2key __P(( + krb5_context context, + hdb_entry *e, + krb5_enctype enctype, + Key **key)); + +int +hdb_principal2key __P(( + krb5_context context, + krb5_principal p, + krb5_data *key)); + +krb5_error_code +hdb_print_entry __P(( + krb5_context context, + HDB *db, + hdb_entry *entry, + void *data)); + +krb5_error_code +hdb_process_master_key __P(( + krb5_context context, + EncryptionKey key, + krb5_data *schedule)); + +krb5_error_code +hdb_read_master_key __P(( + krb5_context context, + const char *filename, + EncryptionKey *key)); + +void +hdb_seal_keys __P(( + HDB *db, + hdb_entry *ent)); + +krb5_error_code +hdb_set_master_key __P(( + krb5_context context, + HDB *db, + EncryptionKey key)); + +krb5_error_code +hdb_set_master_keyfile __P(( + krb5_context context, + HDB *db, + const char *keyfile)); + +krb5_error_code +hdb_unlock __P((int fd)); + +void +hdb_unseal_keys __P(( + HDB *db, + hdb_entry *ent)); + +int +hdb_value2entry __P(( + krb5_context context, + krb5_data *value, + hdb_entry *ent)); + +#endif /* __hdb_protos_h__ */ diff --git a/crypto/heimdal/lib/hdb/hdb.asn1 b/crypto/heimdal/lib/hdb/hdb.asn1 new file mode 100644 index 0000000..99537d6 --- /dev/null +++ b/crypto/heimdal/lib/hdb/hdb.asn1 @@ -0,0 +1,65 @@ +-- $Id: hdb.asn1,v 1.7 1999/05/03 16:48:52 joda Exp $ +HDB DEFINITIONS ::= +BEGIN + +EncryptionKey EXTERNAL +KerberosTime EXTERNAL +Principal EXTERNAL + +HDB_DB_FORMAT INTEGER ::= 2 -- format of database, + -- update when making changes + +-- these should have the same value as the pa-* counterparts +hdb-pw-salt INTEGER ::= 3 +hdb-afs3-salt INTEGER ::= 10 + +Salt ::= SEQUENCE { + type[0] INTEGER, + salt[1] OCTET STRING +} + +Key ::= SEQUENCE { + mkvno[0] INTEGER OPTIONAL, -- master key version number + key[1] EncryptionKey, + salt[2] Salt OPTIONAL +} + +Event ::= SEQUENCE { + time[0] KerberosTime, + principal[1] Principal OPTIONAL +} + +HDBFlags ::= BIT STRING { + initial(0), -- require as-req + forwardable(1), -- may issue forwardable + proxiable(2), -- may issue proxiable + renewable(3), -- may issue renewable + postdate(4), -- may issue postdatable + server(5), -- may be server + client(6), -- may be client + invalid(7), -- entry is invalid + require-preauth(8), -- must use preauth + change-pw(9), -- change password service + require-hwauth(10), -- must use hwauth + ok-as-delegate(11), -- as in TicketFlags + user-to-user(12), -- may use user-to-user auth + immutable(13) -- may not be deleted +} + +hdb_entry ::= SEQUENCE { + principal[0] Principal OPTIONAL, -- this is optional only + -- for compatibility with libkrb5 + kvno[1] INTEGER, + keys[2] SEQUENCE OF Key, + created-by[3] Event, + modified-by[4] Event OPTIONAL, + valid-start[5] KerberosTime OPTIONAL, + valid-end[6] KerberosTime OPTIONAL, + pw-end[7] KerberosTime OPTIONAL, + max-life[8] INTEGER OPTIONAL, + max-renew[9] INTEGER OPTIONAL, + flags[10] HDBFlags, + etypes[11] SEQUENCE OF INTEGER OPTIONAL +} + +END diff --git a/crypto/heimdal/lib/hdb/hdb.c b/crypto/heimdal/lib/hdb/hdb.c new file mode 100644 index 0000000..edf6677 --- /dev/null +++ b/crypto/heimdal/lib/hdb/hdb.c @@ -0,0 +1,349 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "hdb_locl.h" + +RCSID("$Id: hdb.c,v 1.35 1999/12/02 17:05:05 joda Exp $"); + +krb5_error_code +hdb_next_enctype2key(krb5_context context, + hdb_entry *e, + krb5_enctype enctype, + Key **key) +{ + Key *k; + + for (k = *key ? *key : e->keys.val; + k < e->keys.val + e->keys.len; + k++) + if(k->key.keytype == enctype){ + *key = k; + return 0; + } + return KRB5_PROG_ETYPE_NOSUPP; /* XXX */ +} + +krb5_error_code +hdb_enctype2key(krb5_context context, + hdb_entry *e, + krb5_enctype enctype, + Key **key) +{ + *key = NULL; + return hdb_next_enctype2key(context, e, enctype, key); +} + +/* this is a bit ugly, but will get better when the crypto framework + gets fixed */ + +krb5_error_code +hdb_process_master_key(krb5_context context, EncryptionKey key, + krb5_data *schedule) +{ + krb5_error_code ret; + + if(key.keytype != ETYPE_DES_CBC_MD5) + return KRB5_PROG_KEYTYPE_NOSUPP; + + ret = krb5_data_alloc (schedule, sizeof(des_key_schedule)); + if (ret) + return ret; + + des_set_key((des_cblock*)key.keyvalue.data, schedule->data); + return 0; +} + +krb5_error_code +hdb_read_master_key(krb5_context context, const char *filename, + EncryptionKey *key) +{ + FILE *f; + unsigned char buf[256]; + size_t len; + krb5_error_code ret; + if(filename == NULL) + filename = HDB_DB_DIR "/m-key"; + f = fopen(filename, "r"); + if(f == NULL) + return errno; + len = fread(buf, 1, sizeof(buf), f); + if(ferror(f)) + ret = errno; + else + ret = decode_EncryptionKey(buf, len, key, &len); + fclose(f); + memset(buf, 0, sizeof(buf)); + return ret; +} + +void +_hdb_unseal_keys_int(hdb_entry *ent, int key_version, krb5_data schedule) +{ + int i; + for(i = 0; i < ent->keys.len; i++){ + des_cblock iv; + int num = 0; + if(ent->keys.val[i].mkvno == NULL) + continue; + if(*ent->keys.val[i].mkvno != key_version) + ; + memset(&iv, 0, sizeof(iv)); + + des_cfb64_encrypt(ent->keys.val[i].key.keyvalue.data, + ent->keys.val[i].key.keyvalue.data, + ent->keys.val[i].key.keyvalue.length, + schedule.data, &iv, &num, 0); + free(ent->keys.val[i].mkvno); + ent->keys.val[i].mkvno = NULL; + } +} + +void +hdb_unseal_keys(HDB *db, hdb_entry *ent) +{ + if (db->master_key_set == 0) + return; + _hdb_unseal_keys_int(ent, db->master_key_version, db->master_key); +} + +void +_hdb_seal_keys_int(hdb_entry *ent, int key_version, krb5_data schedule) +{ + int i; + for(i = 0; i < ent->keys.len; i++){ + des_cblock iv; + int num = 0; + + if(ent->keys.val[i].mkvno != NULL) + continue; + memset(&iv, 0, sizeof(iv)); + des_cfb64_encrypt(ent->keys.val[i].key.keyvalue.data, + ent->keys.val[i].key.keyvalue.data, + ent->keys.val[i].key.keyvalue.length, + schedule.data, &iv, &num, 1); + ent->keys.val[i].mkvno = malloc(sizeof(*ent->keys.val[i].mkvno)); + *ent->keys.val[i].mkvno = key_version; + } +} + +void +hdb_seal_keys(HDB *db, hdb_entry *ent) +{ + if (db->master_key_set == 0) + return; + + _hdb_seal_keys_int(ent, db->master_key_version, db->master_key); +} + +void +hdb_free_key(Key *key) +{ + memset(key->key.keyvalue.data, + 0, + key->key.keyvalue.length); + free_Key(key); + free(key); +} + + +krb5_error_code +hdb_lock(int fd, int operation) +{ + int i, code; + for(i = 0; i < 3; i++){ + code = flock(fd, (operation == HDB_RLOCK ? LOCK_SH : LOCK_EX) | LOCK_NB); + if(code == 0 || errno != EWOULDBLOCK) + break; + sleep(1); + } + if(code == 0) + return 0; + if(errno == EWOULDBLOCK) + return HDB_ERR_DB_INUSE; + return HDB_ERR_CANT_LOCK_DB; +} + +krb5_error_code +hdb_unlock(int fd) +{ + int code; + code = flock(fd, LOCK_UN); + if(code) + return 4711 /* XXX */; + return 0; +} + +void +hdb_free_entry(krb5_context context, hdb_entry *ent) +{ + int i; + + for(i = 0; i < ent->keys.len; ++i) { + Key *k = &ent->keys.val[i]; + + memset (k->key.keyvalue.data, 0, k->key.keyvalue.length); + } + free_hdb_entry(ent); +} + +krb5_error_code +hdb_foreach(krb5_context context, + HDB *db, + unsigned flags, + hdb_foreach_func_t func, + void *data) +{ + krb5_error_code ret; + hdb_entry entry; + ret = db->firstkey(context, db, flags, &entry); + while(ret == 0){ + ret = (*func)(context, db, &entry, data); + hdb_free_entry(context, &entry); + if(ret == 0) + ret = db->nextkey(context, db, flags, &entry); + } + if(ret == HDB_ERR_NOENTRY) + ret = 0; + return ret; +} + +krb5_error_code +hdb_check_db_format(krb5_context context, HDB *db) +{ + krb5_data tag; + krb5_data version; + krb5_error_code ret; + unsigned ver; + int foo; + + tag.data = HDB_DB_FORMAT_ENTRY; + tag.length = strlen(tag.data); + ret = (*db->_get)(context, db, tag, &version); + if(ret) + return ret; + foo = sscanf(version.data, "%u", &ver); + krb5_data_free (&version); + if (foo != 1) + return HDB_ERR_BADVERSION; + if(ver != HDB_DB_FORMAT) + return HDB_ERR_BADVERSION; + return 0; +} + +krb5_error_code +hdb_init_db(krb5_context context, HDB *db) +{ + krb5_error_code ret; + krb5_data tag; + krb5_data version; + char ver[32]; + + ret = hdb_check_db_format(context, db); + if(ret != HDB_ERR_NOENTRY) + return ret; + + tag.data = HDB_DB_FORMAT_ENTRY; + tag.length = strlen(tag.data); + snprintf(ver, sizeof(ver), "%u", HDB_DB_FORMAT); + version.data = ver; + version.length = strlen(version.data) + 1; /* zero terminated */ + ret = (*db->_put)(context, db, 0, tag, version); + return ret; +} + +krb5_error_code +hdb_create(krb5_context context, HDB **db, const char *filename) +{ + krb5_error_code ret = 0; + if(filename == NULL) + filename = HDB_DEFAULT_DB; + initialize_hdb_error_table_r(&context->et_list); +#ifdef HAVE_DB_H + ret = hdb_db_create(context, db, filename); +#elif HAVE_NDBM_H + ret = hdb_ndbm_create(context, db, filename); +#else + krb5_errx(context, 1, "No database support! (hdb_create)"); +#endif + return ret; +} + +krb5_error_code +hdb_set_master_key (krb5_context context, + HDB *db, + EncryptionKey key) +{ + krb5_error_code ret; + + ret = hdb_process_master_key(context, key, &db->master_key); + if (ret) + return ret; +#if 0 /* XXX - why? */ + des_set_random_generator_seed(key.keyvalue.data); +#endif + db->master_key_set = 1; + db->master_key_version = 0; /* XXX */ + return 0; +} + +krb5_error_code +hdb_set_master_keyfile (krb5_context context, + HDB *db, + const char *keyfile) +{ + EncryptionKey key; + krb5_error_code ret; + + ret = hdb_read_master_key(context, keyfile, &key); + if (ret) { + if (ret != ENOENT) + return ret; + return 0; + } + ret = hdb_set_master_key(context, db, key); + memset(key.keyvalue.data, 0, key.keyvalue.length); + free_EncryptionKey(&key); + return ret; +} + +krb5_error_code +hdb_clear_master_key (krb5_context context, + HDB *db) +{ + if (db->master_key_set) { + memset(db->master_key.data, 0, db->master_key.length); + krb5_data_free(&db->master_key); + db->master_key_set = 0; + } + return 0; +} diff --git a/crypto/heimdal/lib/hdb/hdb.h b/crypto/heimdal/lib/hdb/hdb.h new file mode 100644 index 0000000..f4cb001 --- /dev/null +++ b/crypto/heimdal/lib/hdb/hdb.h @@ -0,0 +1,86 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: hdb.h,v 1.26 1999/12/02 17:05:05 joda Exp $ */ + +#ifndef __HDB_H__ +#define __HDB_H__ + +#include <hdb_err.h> + +#include <hdb_asn1.h> + +enum hdb_lockop{ HDB_RLOCK, HDB_WLOCK }; + +/* flags for various functions */ +#define HDB_F_DECRYPT 1 /* decrypt keys */ +#define HDB_F_REPLACE 2 /* replace entry */ + +typedef struct HDB{ + void *db; + char *name; + int master_key_set; + krb5_data master_key; + int master_key_version; + int openp; + + krb5_error_code (*open)(krb5_context, struct HDB*, int, mode_t); + krb5_error_code (*close)(krb5_context, struct HDB*); + krb5_error_code (*fetch)(krb5_context, struct HDB*, unsigned, hdb_entry*); + krb5_error_code (*store)(krb5_context, struct HDB*, unsigned, hdb_entry*); + krb5_error_code (*remove)(krb5_context, struct HDB*, hdb_entry*); + krb5_error_code (*firstkey)(krb5_context, struct HDB*, + unsigned, hdb_entry*); + krb5_error_code (*nextkey)(krb5_context, struct HDB*, + unsigned, hdb_entry*); + krb5_error_code (*lock)(krb5_context, struct HDB*, int operation); + krb5_error_code (*unlock)(krb5_context, struct HDB*); + krb5_error_code (*rename)(krb5_context, struct HDB*, const char*); + krb5_error_code (*_get)(krb5_context, struct HDB*, krb5_data, krb5_data*); + krb5_error_code (*_put)(krb5_context, struct HDB*, int, + krb5_data, krb5_data); + krb5_error_code (*_del)(krb5_context, struct HDB*, krb5_data); + krb5_error_code (*destroy)(krb5_context, struct HDB*); +}HDB; + +#define HDB_DB_DIR "/var/heimdal" +#define HDB_DEFAULT_DB HDB_DB_DIR "/heimdal" +#define HDB_DB_FORMAT_ENTRY "hdb/db-format" + +typedef krb5_error_code (*hdb_foreach_func_t)(krb5_context, HDB*, + hdb_entry*, void*); +extern krb5_kt_ops hdb_kt_ops; + +#include <hdb-protos.h> + +#endif /* __HDB_H__ */ diff --git a/crypto/heimdal/lib/hdb/hdb_err.et b/crypto/heimdal/lib/hdb/hdb_err.et new file mode 100644 index 0000000..a08a2d4 --- /dev/null +++ b/crypto/heimdal/lib/hdb/hdb_err.et @@ -0,0 +1,26 @@ +# +# Error messages for the hdb library +# +# This might look like a com_err file, but is not +# +id "$Id: hdb_err.et,v 1.4 1998/02/16 16:29:15 joda Exp $" + +error_table hdb + +prefix HDB_ERR + +index 1 +#error_code INUSE, "Entry already exists in database" +error_code UK_SERROR, "Database store error" +error_code UK_RERROR, "Database read error" +error_code NOENTRY, "No such entry in the database" +error_code DB_INUSE, "Database is locked or in use--try again later" +error_code DB_CHANGED, "Database was modified during read" +error_code RECURSIVELOCK, "Attempt to lock database twice" +error_code NOTLOCKED, "Attempt to unlock database when not locked" +error_code BADLOCKMODE, "Invalid kdb lock mode" +error_code CANT_LOCK_DB, "Insufficient access to lock database" +error_code EXISTS, "Entry already exists in database" +error_code BADVERSION, "Wrong database version" + +end diff --git a/crypto/heimdal/lib/hdb/hdb_locl.h b/crypto/heimdal/lib/hdb/hdb_locl.h new file mode 100644 index 0000000..76ba479 --- /dev/null +++ b/crypto/heimdal/lib/hdb/hdb_locl.h @@ -0,0 +1,83 @@ +/* + * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: hdb_locl.h,v 1.12 1999/12/02 17:05:05 joda Exp $ */ + +#ifndef __HDB_LOCL_H__ +#define __HDB_LOCL_H__ + +#include <config.h> + +#include <stdio.h> +#include <string.h> +#include <stdlib.h> +#include <errno.h> +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif +#ifdef HAVE_FCNTL_H +#include <fcntl.h> +#endif +#ifdef HAVE_SYS_FILE_H +#include <sys/file.h> +#endif +#include <roken.h> + +#include <krb5.h> +#include <hdb.h> +#include <hdb-private.h> + +#if defined(HAVE_DB_185_H) +#include <db_185.h> +#elif defined(HAVE_DB_H) +#include <db.h> +#endif + +#ifdef HAVE_NDBM_H +#include <ndbm.h> +#endif + +int hdb_principal2key(krb5_context, krb5_principal, krb5_data*); +int hdb_key2principal(krb5_context, krb5_data*, krb5_principal); + +krb5_error_code hdb_lock(int, int); +krb5_error_code hdb_unlock(int); + +krb5_error_code _hdb_fetch(krb5_context, HDB*, unsigned, hdb_entry*); +krb5_error_code _hdb_store(krb5_context, HDB*, unsigned, hdb_entry*); +krb5_error_code _hdb_remove(krb5_context, HDB*, hdb_entry*); + +#endif /* __HDB_LOCL_H__ */ diff --git a/crypto/heimdal/lib/hdb/keytab.c b/crypto/heimdal/lib/hdb/keytab.c new file mode 100644 index 0000000..d9be75d --- /dev/null +++ b/crypto/heimdal/lib/hdb/keytab.c @@ -0,0 +1,187 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "hdb_locl.h" + +/* keytab backend for HDB databases */ + +RCSID("$Id: keytab.c,v 1.2 1999/08/26 13:24:05 joda Exp $"); + +struct hdb_data { + char *dbname; + char *mkey; + HDB *db; +}; + +static krb5_error_code +hdb_resolve(krb5_context context, const char *name, krb5_keytab id) +{ + krb5_error_code ret; + struct hdb_data *d; + const char *db, *mkey; + d = malloc(sizeof(*d)); + if(d == NULL) + return ENOMEM; + db = name; + mkey = strchr(name, ':'); + if(mkey == NULL || mkey[1] == '\0') { + if(*name == '\0') + d->dbname = NULL; + else { + d->dbname = strdup(name); + if(d->dbname == NULL) { + free(d); + return ENOMEM; + } + } + d->mkey = NULL; + } else { + if((mkey - db) == 0) { + d->dbname = NULL; + } else { + d->dbname = malloc(mkey - db); + if(d->dbname == NULL) { + free(d); + return ENOMEM; + } + strncpy(d->dbname, db, mkey - db); + d->dbname[mkey - db] = '\0'; + } + d->mkey = strdup(mkey + 1); + if(d->mkey == NULL) { + free(d->dbname); + free(d); + return ENOMEM; + } + } + ret = hdb_create(context, &d->db, d->dbname); + if(ret) { + free(d->dbname); + free(d->mkey); + free(d); + return ret; + } + ret = hdb_set_master_keyfile (context, d->db, d->mkey); + if(ret) { + (*d->db->destroy)(context, d->db); + free(d->dbname); + free(d->mkey); + free(d); + return ret; + } + id->data = d; + return 0; +} + +static krb5_error_code +hdb_close(krb5_context context, krb5_keytab id) +{ + struct hdb_data *d = id->data; + (*d->db->destroy)(context, d->db); + free(d); + return 0; +} + +static krb5_error_code +hdb_get_name(krb5_context context, + krb5_keytab id, + char *name, + size_t namesize) +{ + struct hdb_data *d = id->data; + snprintf(name, namesize, "%s%s%s", + d->dbname ? d->dbname : "", + (d->dbname || d->mkey) ? ":" : "", + d->mkey ? d->mkey : ""); + return 0; +} + +static krb5_error_code +hdb_get_entry(krb5_context context, + krb5_keytab id, + krb5_const_principal principal, + krb5_kvno kvno, + krb5_enctype enctype, + krb5_keytab_entry *entry) +{ + hdb_entry ent; + krb5_error_code ret; + struct hdb_data *d = id->data; + int i; + + ret = (*d->db->open)(context, d->db, O_RDONLY, 0); + if (ret) + return ret; + ent.principal = (krb5_principal)principal; + ret = (*d->db->fetch)(context, d->db, HDB_F_DECRYPT, &ent); + (*d->db->close)(context, d->db); + if(ret == HDB_ERR_NOENTRY) + return KRB5_KT_NOTFOUND; + else if(ret) + return ret; + if(kvno && ent.kvno != kvno) { + hdb_free_entry(context, &ent); + return KRB5_KT_NOTFOUND; + } + if(enctype == 0) + if(ent.keys.len > 0) + enctype = ent.keys.val[0].key.keytype; + ret = KRB5_KT_NOTFOUND; + for(i = 0; i < ent.keys.len; i++) { + if(ent.keys.val[i].key.keytype == enctype) { + krb5_copy_principal(context, principal, &entry->principal); + entry->vno = ent.kvno; + krb5_copy_keyblock_contents(context, + &ent.keys.val[i].key, + &entry->keyblock); + ret = 0; + break; + } + } + hdb_free_entry(context, &ent); + return ret; +} + +krb5_kt_ops hdb_kt_ops = { + "HDB", + hdb_resolve, + hdb_get_name, + hdb_close, + hdb_get_entry, + NULL, /* start_seq_get */ + NULL, /* next_entry */ + NULL, /* end_seq_get */ + NULL, /* add */ + NULL /* remove */ +}; + diff --git a/crypto/heimdal/lib/hdb/libasn1.h b/crypto/heimdal/lib/hdb/libasn1.h new file mode 100644 index 0000000..03d951a --- /dev/null +++ b/crypto/heimdal/lib/hdb/libasn1.h @@ -0,0 +1,51 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: libasn1.h,v 1.4 1999/12/02 17:05:05 joda Exp $ */ + +#ifndef __LIBASN1_H__ +#define __LIBASN1_H__ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + +#include <stdlib.h> +#include <errno.h> +#include <asn1.h> +#include <der.h> +#include "hdb_asn1.h" +#include <asn1_err.h> +#include <parse_units.h> + +#endif /* __LIBASN1_H__ */ diff --git a/crypto/heimdal/lib/hdb/ndbm.c b/crypto/heimdal/lib/hdb/ndbm.c new file mode 100644 index 0000000..79ca978 --- /dev/null +++ b/crypto/heimdal/lib/hdb/ndbm.c @@ -0,0 +1,316 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "hdb_locl.h" + +RCSID("$Id: ndbm.c,v 1.26 1999/12/02 17:05:05 joda Exp $"); + +#ifdef HAVE_NDBM_H + +struct ndbm_db { + DBM *db; + int lock_fd; +}; + +static krb5_error_code +NDBM_destroy(krb5_context context, HDB *db) +{ + krb5_error_code ret; + + ret = hdb_clear_master_key (context, db); + free(db->name); + free(db); + return 0; +} + +static krb5_error_code +NDBM_lock(krb5_context context, HDB *db, int operation) +{ + struct ndbm_db *d = db->db; + return hdb_lock(d->lock_fd, operation); +} + +static krb5_error_code +NDBM_unlock(krb5_context context, HDB *db) +{ + struct ndbm_db *d = db->db; + return hdb_unlock(d->lock_fd); +} + +static krb5_error_code +NDBM_seq(krb5_context context, HDB *db, + unsigned flags, hdb_entry *entry, int first) + +{ + struct ndbm_db *d = (struct ndbm_db *)db->db; + datum key, value; + krb5_data key_data, data; + krb5_error_code ret; + + if(first) + key = dbm_firstkey(d->db); + else + key = dbm_nextkey(d->db); + if(key.dptr == NULL) + return HDB_ERR_NOENTRY; + key_data.data = key.dptr; + key_data.length = key.dsize; + ret = db->lock(context, db, HDB_RLOCK); + if(ret) return ret; + value = dbm_fetch(d->db, key); + db->unlock(context, db); + data.data = value.dptr; + data.length = value.dsize; + if(hdb_value2entry(context, &data, entry)) + return NDBM_seq(context, db, flags, entry, 0); + if (db->master_key_set && (flags & HDB_F_DECRYPT)) + hdb_unseal_keys (db, entry); + if (entry->principal == NULL) { + entry->principal = malloc (sizeof(*entry->principal)); + hdb_key2principal (context, &key_data, entry->principal); + } + return 0; +} + + +static krb5_error_code +NDBM_firstkey(krb5_context context, HDB *db, unsigned flags, hdb_entry *entry) +{ + return NDBM_seq(context, db, flags, entry, 1); +} + + +static krb5_error_code +NDBM_nextkey(krb5_context context, HDB *db, unsigned flags, hdb_entry *entry) +{ + return NDBM_seq(context, db, flags, entry, 0); +} + +static krb5_error_code +NDBM_rename(krb5_context context, HDB *db, const char *new_name) +{ + /* XXX this function will break */ + struct ndbm_db *d = db->db; + + int ret; + char *old_dir, *old_pag, *new_dir, *new_pag; + char *new_lock; + int lock_fd; + + /* lock old and new databases */ + ret = db->lock(context, db, HDB_WLOCK); + if(ret) return ret; + asprintf(&new_lock, "%s.lock", new_name); + lock_fd = open(new_lock, O_RDWR | O_CREAT, 0600); + free(new_lock); + if(lock_fd < 0) { + ret = errno; + db->unlock(context, db); + return ret; + } + ret = hdb_lock(lock_fd, HDB_WLOCK); + if(ret) { + db->unlock(context, db); + close(lock_fd); + return ret; + } + + asprintf(&old_dir, "%s.dir", db->name); + asprintf(&old_pag, "%s.pag", db->name); + asprintf(&new_dir, "%s.dir", new_name); + asprintf(&new_pag, "%s.pag", new_name); + + ret = rename(old_dir, new_dir) || rename(old_pag, new_pag); + free(old_dir); + free(old_pag); + free(new_dir); + free(new_pag); + hdb_unlock(lock_fd); + db->unlock(context, db); + + if(ret) { + close(lock_fd); + return errno; + } + + close(d->lock_fd); + d->lock_fd = lock_fd; + + free(db->name); + db->name = strdup(new_name); + return 0; +} + +static krb5_error_code +NDBM__get(krb5_context context, HDB *db, krb5_data key, krb5_data *reply) +{ + struct ndbm_db *d = (struct ndbm_db *)db->db; + datum k, v; + int code; + + k.dptr = key.data; + k.dsize = key.length; + code = db->lock(context, db, HDB_RLOCK); + if(code) + return code; + v = dbm_fetch(d->db, k); + db->unlock(context, db); + if(v.dptr == NULL) + return HDB_ERR_NOENTRY; + + krb5_data_copy(reply, v.dptr, v.dsize); + return 0; +} + +static krb5_error_code +NDBM__put(krb5_context context, HDB *db, int replace, + krb5_data key, krb5_data value) +{ + struct ndbm_db *d = (struct ndbm_db *)db->db; + datum k, v; + int code; + + k.dptr = key.data; + k.dsize = key.length; + v.dptr = value.data; + v.dsize = value.length; + + code = db->lock(context, db, HDB_WLOCK); + if(code) + return code; + code = dbm_store(d->db, k, v, replace ? DBM_REPLACE : DBM_INSERT); + db->unlock(context, db); + if(code == 1) + return HDB_ERR_EXISTS; + if (code < 0) + return code; + return 0; +} + +static krb5_error_code +NDBM__del(krb5_context context, HDB *db, krb5_data key) +{ + struct ndbm_db *d = (struct ndbm_db *)db->db; + datum k; + int code; + krb5_error_code ret; + + k.dptr = key.data; + k.dsize = key.length; + ret = db->lock(context, db, HDB_WLOCK); + if(ret) return ret; + code = dbm_delete(d->db, k); + db->unlock(context, db); + if(code < 0) + return errno; + return 0; +} + +static krb5_error_code +NDBM_open(krb5_context context, HDB *db, int flags, mode_t mode) +{ + krb5_error_code ret; + struct ndbm_db *d = malloc(sizeof(*d)); + char *lock_file; + + if(d == NULL) + return ENOMEM; + asprintf(&lock_file, "%s.lock", (char*)db->name); + if(lock_file == NULL) { + free(d); + return ENOMEM; + } + d->db = dbm_open((char*)db->name, flags, mode); + if(d->db == NULL){ + free(d); + free(lock_file); + return errno; + } + d->lock_fd = open(lock_file, O_RDWR | O_CREAT, 0600); + free(lock_file); + if(d->lock_fd < 0){ + dbm_close(d->db); + free(d); + return errno; + } + db->db = d; + if((flags & O_ACCMODE) == O_RDONLY) + ret = hdb_check_db_format(context, db); + else + ret = hdb_init_db(context, db); + if(ret == HDB_ERR_NOENTRY) + return 0; + return ret; +} + +static krb5_error_code +NDBM_close(krb5_context context, HDB *db) +{ + struct ndbm_db *d = db->db; + dbm_close(d->db); + close(d->lock_fd); + free(d); + return 0; +} + +krb5_error_code +hdb_ndbm_create(krb5_context context, HDB **db, + const char *filename) +{ + *db = malloc(sizeof(**db)); + if (*db == NULL) + return ENOMEM; + + (*db)->db = NULL; + (*db)->name = strdup(filename); + (*db)->master_key_set = 0; + (*db)->openp = 0; + (*db)->open = NDBM_open; + (*db)->close = NDBM_close; + (*db)->fetch = _hdb_fetch; + (*db)->store = _hdb_store; + (*db)->remove = _hdb_remove; + (*db)->firstkey = NDBM_firstkey; + (*db)->nextkey= NDBM_nextkey; + (*db)->lock = NDBM_lock; + (*db)->unlock = NDBM_unlock; + (*db)->rename = NDBM_rename; + (*db)->_get = NDBM__get; + (*db)->_put = NDBM__put; + (*db)->_del = NDBM__del; + (*db)->destroy = NDBM_destroy; + return 0; +} + + +#endif diff --git a/crypto/heimdal/lib/hdb/print.c b/crypto/heimdal/lib/hdb/print.c new file mode 100644 index 0000000..5db3166 --- /dev/null +++ b/crypto/heimdal/lib/hdb/print.c @@ -0,0 +1,236 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of KTH nor the names of its contributors may be + * used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +#include "hdb_locl.h" +#include <ctype.h> + +RCSID("$Id: print.c,v 1.4 1999/12/26 13:50:22 assar Exp $"); + +/* + This is the present contents of a dump line. This might change at + any time. Fields are separated by white space. + + principal + keyblock + kvno + keys... + mkvno + enctype + keyvalue + salt (- means use normal salt) + creation date and principal + modification date and principal + principal valid from date (not used) + principal valid end date (not used) + principal key expires (not used) + max ticket life + max renewable life + flags + */ + +static void +append_hex(char *str, krb5_data *data) +{ + int i, s = 1; + char *p; + + p = data->data; + for(i = 0; i < data->length; i++) + if(!isalnum((unsigned char)p[i]) && p[i] != '.'){ + s = 0; + break; + } + if(s){ + p = calloc(1, data->length + 2 + 1); + p[0] = '\"'; + p[data->length + 1] = '\"'; + memcpy(p + 1, data->data, data->length); + }else{ + p = calloc(1, data->length * 2 + 1); + for(i = 0; i < data->length; i++) + sprintf(p + 2 * i, "%02x", ((u_char*)data->data)[i]); + } + strcat(str, p); + free(p); +} + +static char * +time2str(time_t t) +{ + static char buf[128]; + strftime(buf, sizeof(buf), "%Y%m%d%H%M%S", gmtime(&t)); + return buf; +} + +static krb5_error_code +event2string(krb5_context context, Event *ev, char **str) +{ + char *p; + char *pr; + krb5_error_code ret; + if(ev == NULL){ + *str = strdup("-"); + return (*str == NULL) ? ENOMEM : 0; + } + if (ev->principal == NULL) { + pr = strdup("UNKNOWN"); + if (pr == NULL) + return ENOMEM; + } else { + ret = krb5_unparse_name(context, ev->principal, &pr); + if(ret) + return ret; + } + ret = asprintf(&p, "%s:%s", time2str(ev->time), pr); + free(pr); + if(ret < 0) + return ENOMEM; + *str = p; + return 0; +} + +krb5_error_code +hdb_entry2string(krb5_context context, hdb_entry *ent, char **str) +{ + char *p; + char buf[1024] = ""; + int i; + krb5_error_code ret; + + /* --- principal */ + ret = krb5_unparse_name(context, ent->principal, &p); + if(ret) + return ret; + strlcat(buf, p, sizeof(buf)); + strlcat(buf, " ", sizeof(buf)); + free(p); + /* --- kvno */ + asprintf(&p, "%d", ent->kvno); + strlcat(buf, p, sizeof(buf)); + free(p); + /* --- keys */ + for(i = 0; i < ent->keys.len; i++){ + /* --- mkvno, keytype */ + if(ent->keys.val[i].mkvno) + asprintf(&p, ":%d:%d:", + *ent->keys.val[i].mkvno, + ent->keys.val[i].key.keytype); + else + asprintf(&p, "::%d:", + ent->keys.val[i].key.keytype); + strlcat(buf, p, sizeof(buf)); + free(p); + /* --- keydata */ + append_hex(buf, &ent->keys.val[i].key.keyvalue); + strlcat(buf, ":", sizeof(buf)); + /* --- salt */ + if(ent->keys.val[i].salt){ + asprintf(&p, "%u/", ent->keys.val[i].salt->type); + strlcat(buf, p, sizeof(buf)); + free(p); + append_hex(buf, &ent->keys.val[i].salt->salt); + }else + strlcat(buf, "-", sizeof(buf)); + } + strlcat(buf, " ", sizeof(buf)); + /* --- created by */ + event2string(context, &ent->created_by, &p); + strlcat(buf, p, sizeof(buf)); + strlcat(buf, " ", sizeof(buf)); + free(p); + /* --- modified by */ + event2string(context, ent->modified_by, &p); + strlcat(buf, p, sizeof(buf)); + strlcat(buf, " ", sizeof(buf)); + free(p); + + /* --- valid start */ + if(ent->valid_start) + strlcat(buf, time2str(*ent->valid_start), sizeof(buf)); + else + strlcat(buf, "-", sizeof(buf)); + strlcat(buf, " ", sizeof(buf)); + + /* --- valid end */ + if(ent->valid_end) + strlcat(buf, time2str(*ent->valid_end), sizeof(buf)); + else + strlcat(buf, "-", sizeof(buf)); + strlcat(buf, " ", sizeof(buf)); + + /* --- password ends */ + if(ent->pw_end) + strlcat(buf, time2str(*ent->pw_end), sizeof(buf)); + else + strlcat(buf, "-", sizeof(buf)); + strlcat(buf, " ", sizeof(buf)); + + /* --- max life */ + if(ent->max_life){ + asprintf(&p, "%d", *ent->max_life); + strlcat(buf, p, sizeof(buf)); + free(p); + }else + strlcat(buf, "-", sizeof(buf)); + strlcat(buf, " ", sizeof(buf)); + + /* --- max renewable life */ + if(ent->max_renew){ + asprintf(&p, "%d", *ent->max_renew); + strlcat(buf, p, sizeof(buf)); + free(p); + }else + strlcat(buf, "-", sizeof(buf)); + + strlcat(buf, " ", sizeof(buf)); + + /* --- flags */ + asprintf(&p, "%d", HDBFlags2int(ent->flags)); + strlcat(buf, p, sizeof(buf)); + free(p); + + *str = strdup(buf); + + return 0; +} + +/* print a hdb_entry to (FILE*)data; suitable for hdb_foreach */ + +krb5_error_code +hdb_print_entry(krb5_context context, HDB *db, hdb_entry *entry, void *data) +{ + char *p; + hdb_entry2string(context, entry, &p); + fprintf((FILE*)data, "%s\n", p); + free(p); + return 0; +} |