diff options
Diffstat (limited to 'crypto/heimdal/lib')
436 files changed, 77468 insertions, 0 deletions
diff --git a/crypto/heimdal/lib/45/45_locl.h b/crypto/heimdal/lib/45/45_locl.h new file mode 100644 index 0000000..8104179 --- /dev/null +++ b/crypto/heimdal/lib/45/45_locl.h @@ -0,0 +1,52 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifndef __45_LOCL_H__ +#define __45_LOCL_H__ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + +#include <string.h> +#include <stdlib.h> + +#ifdef HAVE_SYS_TIME_H +#include <sys/time.h> +#endif + +#include <krb5.h> +#include <krb.h> +#include <prot.h> + +#endif /* __45_LOCL_H__ */ diff --git a/crypto/heimdal/lib/45/Makefile.am b/crypto/heimdal/lib/45/Makefile.am new file mode 100644 index 0000000..50d47fd --- /dev/null +++ b/crypto/heimdal/lib/45/Makefile.am @@ -0,0 +1,11 @@ +# $Id: Makefile.am,v 1.5 1999/03/20 13:58:17 joda Exp $ + +include $(top_srcdir)/Makefile.am.common + +INCLUDES += $(INCLUDE_krb4) + +lib_LIBRARIES = @EXTRA_LIB45@ + +EXTRA_LIBRARIES = lib45.a + +lib45_a_SOURCES = get_ad_tkt.c mk_req.c 45_locl.h diff --git a/crypto/heimdal/lib/45/Makefile.in b/crypto/heimdal/lib/45/Makefile.in new file mode 100644 index 0000000..9b0c7fc --- /dev/null +++ b/crypto/heimdal/lib/45/Makefile.in @@ -0,0 +1,636 @@ +# Makefile.in generated automatically by automake 1.4 from Makefile.am + +# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +# $Id: Makefile.am,v 1.5 1999/03/20 13:58:17 joda Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ + + +SHELL = @SHELL@ + +srcdir = @srcdir@ +top_srcdir = @top_srcdir@ +VPATH = @srcdir@ +prefix = @prefix@ +exec_prefix = @exec_prefix@ + +bindir = @bindir@ +sbindir = @sbindir@ +libexecdir = @libexecdir@ +datadir = @datadir@ +sysconfdir = @sysconfdir@ +sharedstatedir = @sharedstatedir@ +localstatedir = @localstatedir@ +libdir = @libdir@ +infodir = @infodir@ +mandir = @mandir@ +includedir = @includedir@ +oldincludedir = /usr/include + +DESTDIR = + +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ + +top_builddir = ../.. + +ACLOCAL = @ACLOCAL@ +AUTOCONF = @AUTOCONF@ +AUTOMAKE = @AUTOMAKE@ +AUTOHEADER = @AUTOHEADER@ + +INSTALL = @INSTALL@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +transform = @program_transform_name@ + +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +host_alias = @host_alias@ +host_triplet = @host@ +AFS_EXTRA_LD = @AFS_EXTRA_LD@ +AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AWK = @AWK@ +CANONICAL_HOST = @CANONICAL_HOST@ +CATMAN = @CATMAN@ +CATMANEXT = @CATMANEXT@ +CC = @CC@ +DBLIB = @DBLIB@ +EXEEXT = @EXEEXT@ +EXTRA_LIB45 = @EXTRA_LIB45@ +GROFF = @GROFF@ +INCLUDE_ = @INCLUDE_@ +LD = @LD@ +LEX = @LEX@ +LIBOBJS = @LIBOBJS@ +LIBTOOL = @LIBTOOL@ +LIB_ = @LIB_@ +LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_kdb = @LIB_kdb@ +LIB_otp = @LIB_otp@ +LIB_roken = @LIB_roken@ +LIB_security = @LIB_security@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ +MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ +MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ +NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ +NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ +NM = @NM@ +NROFF = @NROFF@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +RANLIB = @RANLIB@ +VERSION = @VERSION@ +VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ +WFLAGS = @WFLAGS@ +WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ +WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ +YACC = @YACC@ + +AUTOMAKE_OPTIONS = foreign no-dependencies + +SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x + +INCLUDES = -I$(top_builddir)/include $(INCLUDE_krb4) + +AM_CFLAGS = $(WFLAGS) + +COMPILE_ET = $(top_builddir)/lib/com_err/compile_et + +buildinclude = $(top_builddir)/include + +LIB_XauReadAuth = @LIB_XauReadAuth@ +LIB_crypt = @LIB_crypt@ +LIB_dbm_firstkey = @LIB_dbm_firstkey@ +LIB_dbopen = @LIB_dbopen@ +LIB_dlopen = @LIB_dlopen@ +LIB_dn_expand = @LIB_dn_expand@ +LIB_el_init = @LIB_el_init@ +LIB_getattr = @LIB_getattr@ +LIB_gethostbyname = @LIB_gethostbyname@ +LIB_getpwent_r = @LIB_getpwent_r@ +LIB_getpwnam_r = @LIB_getpwnam_r@ +LIB_getsockopt = @LIB_getsockopt@ +LIB_logout = @LIB_logout@ +LIB_logwtmp = @LIB_logwtmp@ +LIB_odm_initialize = @LIB_odm_initialize@ +LIB_readline = @LIB_readline@ +LIB_res_search = @LIB_res_search@ +LIB_setpcred = @LIB_setpcred@ +LIB_setsockopt = @LIB_setsockopt@ +LIB_socket = @LIB_socket@ +LIB_syslog = @LIB_syslog@ +LIB_tgetent = @LIB_tgetent@ + +HESIODLIB = @HESIODLIB@ +HESIODINCLUDE = @HESIODINCLUDE@ +INCLUDE_hesiod = @INCLUDE_hesiod@ +LIB_hesiod = @LIB_hesiod@ + +INCLUDE_krb4 = @INCLUDE_krb4@ +LIB_krb4 = @LIB_krb4@ + +INCLUDE_readline = @INCLUDE_readline@ + +LEXLIB = @LEXLIB@ + +cat1dir = $(mandir)/cat1 +cat3dir = $(mandir)/cat3 +cat5dir = $(mandir)/cat5 +cat8dir = $(mandir)/cat8 + +MANRX = \(.*\)\.\([0-9]\) +CATSUFFIX = @CATSUFFIX@ + +NROFF_MAN = groff -mandoc -Tascii + +@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) + +@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la + +CHECK_LOCAL = $(PROGRAMS) + +lib_LIBRARIES = @EXTRA_LIB45@ + +EXTRA_LIBRARIES = lib45.a + +lib45_a_SOURCES = get_ad_tkt.c mk_req.c 45_locl.h +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = ../../include/config.h +CONFIG_CLEAN_FILES = +LIBRARIES = $(lib_LIBRARIES) + + +DEFS = @DEFS@ -I. -I$(srcdir) -I../../include +CPPFLAGS = @CPPFLAGS@ +LDFLAGS = @LDFLAGS@ +LIBS = @LIBS@ +X_CFLAGS = @X_CFLAGS@ +X_LIBS = @X_LIBS@ +X_EXTRA_LIBS = @X_EXTRA_LIBS@ +X_PRE_LIBS = @X_PRE_LIBS@ +lib45_a_LIBADD = +lib45_a_OBJECTS = get_ad_tkt.$(OBJEXT) mk_req.$(OBJEXT) +AR = ar +CFLAGS = @CFLAGS@ +COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +DIST_COMMON = Makefile.am Makefile.in + + +DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) + +TAR = tar +GZIP_ENV = --best +SOURCES = $(lib45_a_SOURCES) +OBJECTS = $(lib45_a_OBJECTS) + +all: all-redirect +.SUFFIXES: +.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .s .x +$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common + cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/45/Makefile + +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + cd $(top_builddir) \ + && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status + + +mostlyclean-libLIBRARIES: + +clean-libLIBRARIES: + -test -z "$(lib_LIBRARIES)" || rm -f $(lib_LIBRARIES) + +distclean-libLIBRARIES: + +maintainer-clean-libLIBRARIES: + +install-libLIBRARIES: $(lib_LIBRARIES) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(libdir) + @list='$(lib_LIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + echo " $(INSTALL_DATA) $$p $(DESTDIR)$(libdir)/$$p"; \ + $(INSTALL_DATA) $$p $(DESTDIR)$(libdir)/$$p; \ + else :; fi; \ + done + @$(POST_INSTALL) + @list='$(lib_LIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + echo " $(RANLIB) $(DESTDIR)$(libdir)/$$p"; \ + $(RANLIB) $(DESTDIR)$(libdir)/$$p; \ + else :; fi; \ + done + +uninstall-libLIBRARIES: + @$(NORMAL_UNINSTALL) + list='$(lib_LIBRARIES)'; for p in $$list; do \ + rm -f $(DESTDIR)$(libdir)/$$p; \ + done + +.c.o: + $(COMPILE) -c $< + +# FIXME: We should only use cygpath when building on Windows, +# and only if it is available. +.c.obj: + $(COMPILE) -c `cygpath -w $<` + +.s.o: + $(COMPILE) -c $< + +.S.o: + $(COMPILE) -c $< + +mostlyclean-compile: + -rm -f *.o core *.core + -rm -f *.$(OBJEXT) + +clean-compile: + +distclean-compile: + -rm -f *.tab.c + +maintainer-clean-compile: + +.c.lo: + $(LIBTOOL) --mode=compile $(COMPILE) -c $< + +.s.lo: + $(LIBTOOL) --mode=compile $(COMPILE) -c $< + +.S.lo: + $(LIBTOOL) --mode=compile $(COMPILE) -c $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +distclean-libtool: + +maintainer-clean-libtool: + +lib45.a: $(lib45_a_OBJECTS) $(lib45_a_DEPENDENCIES) + -rm -f lib45.a + $(AR) cru lib45.a $(lib45_a_OBJECTS) $(lib45_a_LIBADD) + $(RANLIB) lib45.a + +tags: TAGS + +ID: $(HEADERS) $(SOURCES) $(LISP) + list='$(SOURCES) $(HEADERS)'; \ + unique=`for i in $$list; do echo $$i; done | \ + awk ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + here=`pwd` && cd $(srcdir) \ + && mkid -f$$here/ID $$unique $(LISP) + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS)'; \ + unique=`for i in $$list; do echo $$i; done | \ + awk ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ + || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS) + +mostlyclean-tags: + +clean-tags: + +distclean-tags: + -rm -f TAGS ID + +maintainer-clean-tags: + +distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) + +subdir = lib/45 + +distdir: $(DISTFILES) + @for file in $(DISTFILES); do \ + d=$(srcdir); \ + if test -d $$d/$$file; then \ + cp -pr $$/$$file $(distdir)/$$file; \ + else \ + test -f $(distdir)/$$file \ + || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ + || cp -p $$d/$$file $(distdir)/$$file || :; \ + fi; \ + done + $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook +info-am: +info: info-am +dvi-am: +dvi: dvi-am +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) check-local +check: check-am +installcheck-am: +installcheck: installcheck-am +install-exec-am: install-libLIBRARIES + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-exec-hook +install-exec: install-exec-am + +install-data-am: install-data-local +install-data: install-data-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am +install: install-am +uninstall-am: uninstall-libLIBRARIES +uninstall: uninstall-am +all-am: Makefile $(LIBRARIES) all-local +all-redirect: all-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install +installdirs: + $(mkinstalldirs) $(DESTDIR)$(libdir) + + +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -rm -f Makefile $(CONFIG_CLEAN_FILES) + -rm -f config.cache config.log stamp-h stamp-h[0-9]* + +maintainer-clean-generic: +mostlyclean-am: mostlyclean-libLIBRARIES mostlyclean-compile \ + mostlyclean-libtool mostlyclean-tags \ + mostlyclean-generic + +mostlyclean: mostlyclean-am + +clean-am: clean-libLIBRARIES clean-compile clean-libtool clean-tags \ + clean-generic mostlyclean-am + +clean: clean-am + +distclean-am: distclean-libLIBRARIES distclean-compile \ + distclean-libtool distclean-tags distclean-generic \ + clean-am + -rm -f libtool + +distclean: distclean-am + +maintainer-clean-am: maintainer-clean-libLIBRARIES \ + maintainer-clean-compile maintainer-clean-libtool \ + maintainer-clean-tags maintainer-clean-generic \ + distclean-am + @echo "This command is intended for maintainers to use;" + @echo "it deletes files that may require special tools to rebuild." + +maintainer-clean: maintainer-clean-am + +.PHONY: mostlyclean-libLIBRARIES distclean-libLIBRARIES \ +clean-libLIBRARIES maintainer-clean-libLIBRARIES uninstall-libLIBRARIES \ +install-libLIBRARIES mostlyclean-compile distclean-compile \ +clean-compile maintainer-clean-compile mostlyclean-libtool \ +distclean-libtool clean-libtool maintainer-clean-libtool tags \ +mostlyclean-tags distclean-tags clean-tags maintainer-clean-tags \ +distdir info-am info dvi-am dvi check-local check check-am \ +installcheck-am installcheck install-exec-am install-exec \ +install-data-local install-data-am install-data install-am install \ +uninstall-am uninstall all-local all-redirect all-am all installdirs \ +mostlyclean-generic distclean-generic clean-generic \ +maintainer-clean-generic clean mostlyclean distclean maintainer-clean + + +install-suid-programs: + @foo='$(bin_SUIDS)'; \ + for file in $$foo; do \ + x=$(DESTDIR)$(bindir)/$$file; \ + if chown 0:0 $$x && chmod u+s $$x; then :; else \ + chmod 0 $$x; fi; done + +install-exec-hook: install-suid-programs + +install-build-headers:: $(include_HEADERS) $(build_HEADERZ) + @foo='$(include_HEADERS) $(build_HEADERZ)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " cp $$file $(buildinclude)/$$f"; \ + cp $$file $(buildinclude)/$$f; \ + fi ; \ + done + +all-local: install-build-headers +#NROFF_MAN = nroff -man +.1.cat1: + $(NROFF_MAN) $< > $@ +.3.cat3: + $(NROFF_MAN) $< > $@ +.5.cat5: + $(NROFF_MAN) $< > $@ +.8.cat8: + $(NROFF_MAN) $< > $@ + +dist-cat1-mans: + @foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat3-mans: + @foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat5-mans: + @foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat8-mans: + @foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans + +install-cat1-mans: + @ext=1;\ + foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat3-mans: + @ext=3;\ + foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat5-mans: + @ext=5;\ + foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat8-mans: + @ext=8;\ + foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans + +install-data-local: install-cat-mans + +.et.h: + $(COMPILE_ET) $< +.et.c: + $(COMPILE_ET) $< + +.x.c: + @cmp -s $< $@ 2> /dev/null || cp $< $@ + +check-local:: + @foo='$(CHECK_LOCAL)'; \ + if test "$$foo"; then \ + failed=0; all=0; \ + for i in $$foo; do \ + all=`expr $$all + 1`; \ + if ./$$i --version > /dev/null 2>&1; then \ + echo "PASS: $$i"; \ + else \ + echo "FAIL: $$i"; \ + failed=`expr $$failed + 1`; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0; \ + fi + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/crypto/heimdal/lib/45/get_ad_tkt.c b/crypto/heimdal/lib/45/get_ad_tkt.c new file mode 100644 index 0000000..3619606 --- /dev/null +++ b/crypto/heimdal/lib/45/get_ad_tkt.c @@ -0,0 +1,116 @@ +/* + * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "45_locl.h" + +RCSID("$Id: get_ad_tkt.c,v 1.3 1999/12/02 17:05:01 joda Exp $"); + +/* get an additional version 4 ticket via the 524 protocol */ + +#ifndef NEVERDATE +#define NEVERDATE ((unsigned long)0x7fffffffL) +#endif + +int +get_ad_tkt(char *service, char *sinstance, char *realm, int lifetime) +{ + krb5_error_code ret; + int code; + krb5_context context; + krb5_ccache id; + krb5_creds in_creds, *out_creds; + CREDENTIALS cred; + time_t now; + char pname[ANAME_SZ], pinst[INST_SZ], prealm[REALM_SZ]; + + ret = krb5_init_context(&context); + if(ret) + return KFAILURE; + ret = krb5_cc_default(context, &id); + if(ret){ + krb5_free_context(context); + return KFAILURE; + } + memset(&in_creds, 0, sizeof(in_creds)); + now = time(NULL); + in_creds.times.endtime = krb_life_to_time(time(NULL), lifetime); + if(in_creds.times.endtime == NEVERDATE) + in_creds.times.endtime = 0; + ret = krb5_cc_get_principal(context, id, &in_creds.client); + if(ret){ + krb5_cc_close(context, id); + krb5_free_context(context); + return KFAILURE; + } + ret = krb5_524_conv_principal(context, in_creds.client, + pname, pinst, prealm); + if(ret){ + krb5_free_principal(context, in_creds.client); + krb5_cc_close(context, id); + krb5_free_context(context); + return KFAILURE; + } + ret = krb5_425_conv_principal(context, service, sinstance, realm, + &in_creds.server); + if(ret){ + krb5_free_principal(context, in_creds.client); + krb5_cc_close(context, id); + krb5_free_context(context); + return KFAILURE; + } + ret = krb5_get_credentials(context, + 0, + id, + &in_creds, + &out_creds); + krb5_free_principal(context, in_creds.client); + krb5_free_principal(context, in_creds.server); + if(ret){ + krb5_cc_close(context, id); + krb5_free_context(context); + return KFAILURE; + } + ret = krb524_convert_creds_kdc(context, id, out_creds, &cred); + krb5_cc_close(context, id); + krb5_free_context(context); + krb5_free_creds(context, out_creds); + if(ret) + return KFAILURE; + code = save_credentials(cred.service, cred.instance, cred.realm, + cred.session, cred.lifetime, cred.kvno, + &cred.ticket_st, now); + if(code == NO_TKT_FIL) + code = tf_setup(&cred, pname, pinst); + memset(&cred.session, 0, sizeof(cred.session)); + return code; +} diff --git a/crypto/heimdal/lib/45/mk_req.c b/crypto/heimdal/lib/45/mk_req.c new file mode 100644 index 0000000..7074ebf --- /dev/null +++ b/crypto/heimdal/lib/45/mk_req.c @@ -0,0 +1,130 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* implementation of krb_mk_req that uses 524 protocol */ + +#include "45_locl.h" + +RCSID("$Id: mk_req.c,v 1.2 1999/12/02 17:05:01 joda Exp $"); + +static int lifetime = 255; + +static void +build_request(KTEXT req, char *name, char *inst, char *realm, + u_int32_t checksum) +{ + struct timeval tv; + krb5_storage *sp; + krb5_data data; + sp = krb5_storage_emem(); + krb5_store_stringz(sp, name); + krb5_store_stringz(sp, inst); + krb5_store_stringz(sp, realm); + krb5_store_int32(sp, checksum); + gettimeofday(&tv, NULL); + krb5_store_int8(sp, tv.tv_usec / 5000); + krb5_store_int32(sp, tv.tv_sec); + krb5_storage_to_data(sp, &data); + krb5_storage_free(sp); + memcpy(req->dat, data.data, data.length); + req->length = (data.length + 7) & ~7; + krb5_data_free(&data); +} + +int +krb_mk_req(KTEXT authent, char *service, char *instance, char *realm, + int32_t checksum) +{ + CREDENTIALS cr; + KTEXT_ST req; + krb5_storage *sp; + int code; + char *myrealm; + krb5_data a; + + code = krb_get_cred(service, instance, realm, &cr); + if(code || time(NULL) > krb_life_to_time(cr.issue_date, cr.lifetime)){ + code = get_ad_tkt(service, instance, realm, lifetime); + if(code == KSUCCESS) + code = krb_get_cred(service, instance, realm, &cr); + } + + if(code) + return code; + + /* XXX get user realm */ + myrealm = realm; + + sp = krb5_storage_emem(); + + krb5_store_int8(sp, KRB_PROT_VERSION); + krb5_store_int8(sp, AUTH_MSG_APPL_REQUEST); + + krb5_store_int8(sp, cr.kvno); + krb5_store_stringz(sp, realm); + krb5_store_int8(sp, cr.ticket_st.length); + + build_request(&req, cr.pname, cr.pinst, myrealm, checksum); + encrypt_ktext(&req, &cr.session, DES_ENCRYPT); + + krb5_store_int8(sp, req.length); + + sp->store(sp, cr.ticket_st.dat, cr.ticket_st.length); + sp->store(sp, req.dat, req.length); + krb5_storage_to_data(sp, &a); + krb5_storage_free(sp); + memcpy(authent->dat, a.data, a.length); + authent->length = a.length; + krb5_data_free(&a); + + memset(&cr, 0, sizeof(cr)); + memset(&req, 0, sizeof(req)); + + return KSUCCESS; +} + +/* + * krb_set_lifetime sets the default lifetime for additional tickets + * obtained via krb_mk_req(). + * + * It returns the previous value of the default lifetime. + */ + +int +krb_set_lifetime(int newval) +{ + int olife = lifetime; + + lifetime = newval; + return(olife); +} diff --git a/crypto/heimdal/lib/Makefile.am b/crypto/heimdal/lib/Makefile.am new file mode 100644 index 0000000..c600c22 --- /dev/null +++ b/crypto/heimdal/lib/Makefile.am @@ -0,0 +1,13 @@ +# $Id: Makefile.am,v 1.16 1999/04/01 15:03:37 joda Exp $ + +include $(top_srcdir)/Makefile.am.common + +if KRB4 +dir_45 = 45 +endif +if OTP +dir_otp = otp +endif + +SUBDIRS = roken editline com_err sl asn1 des krb5 \ + kafs hdb kadm5 gssapi auth $(dir_45) $(dir_otp) diff --git a/crypto/heimdal/lib/Makefile.in b/crypto/heimdal/lib/Makefile.in new file mode 100644 index 0000000..4c8aa71 --- /dev/null +++ b/crypto/heimdal/lib/Makefile.in @@ -0,0 +1,604 @@ +# Makefile.in generated automatically by automake 1.4 from Makefile.am + +# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +# $Id: Makefile.am,v 1.16 1999/04/01 15:03:37 joda Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ + + +SHELL = @SHELL@ + +srcdir = @srcdir@ +top_srcdir = @top_srcdir@ +VPATH = @srcdir@ +prefix = @prefix@ +exec_prefix = @exec_prefix@ + +bindir = @bindir@ +sbindir = @sbindir@ +libexecdir = @libexecdir@ +datadir = @datadir@ +sysconfdir = @sysconfdir@ +sharedstatedir = @sharedstatedir@ +localstatedir = @localstatedir@ +libdir = @libdir@ +infodir = @infodir@ +mandir = @mandir@ +includedir = @includedir@ +oldincludedir = /usr/include + +DESTDIR = + +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ + +top_builddir = .. + +ACLOCAL = @ACLOCAL@ +AUTOCONF = @AUTOCONF@ +AUTOMAKE = @AUTOMAKE@ +AUTOHEADER = @AUTOHEADER@ + +INSTALL = @INSTALL@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +transform = @program_transform_name@ + +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +host_alias = @host_alias@ +host_triplet = @host@ +AFS_EXTRA_LD = @AFS_EXTRA_LD@ +AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AWK = @AWK@ +CANONICAL_HOST = @CANONICAL_HOST@ +CATMAN = @CATMAN@ +CATMANEXT = @CATMANEXT@ +CC = @CC@ +DBLIB = @DBLIB@ +EXEEXT = @EXEEXT@ +EXTRA_LIB45 = @EXTRA_LIB45@ +GROFF = @GROFF@ +INCLUDE_ = @INCLUDE_@ +LD = @LD@ +LEX = @LEX@ +LIBOBJS = @LIBOBJS@ +LIBTOOL = @LIBTOOL@ +LIB_ = @LIB_@ +LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_kdb = @LIB_kdb@ +LIB_otp = @LIB_otp@ +LIB_roken = @LIB_roken@ +LIB_security = @LIB_security@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ +MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ +MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ +NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ +NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ +NM = @NM@ +NROFF = @NROFF@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +RANLIB = @RANLIB@ +VERSION = @VERSION@ +VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ +WFLAGS = @WFLAGS@ +WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ +WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ +YACC = @YACC@ + +AUTOMAKE_OPTIONS = foreign no-dependencies + +SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x + +INCLUDES = -I$(top_builddir)/include + +AM_CFLAGS = $(WFLAGS) + +COMPILE_ET = $(top_builddir)/lib/com_err/compile_et + +buildinclude = $(top_builddir)/include + +LIB_XauReadAuth = @LIB_XauReadAuth@ +LIB_crypt = @LIB_crypt@ +LIB_dbm_firstkey = @LIB_dbm_firstkey@ +LIB_dbopen = @LIB_dbopen@ +LIB_dlopen = @LIB_dlopen@ +LIB_dn_expand = @LIB_dn_expand@ +LIB_el_init = @LIB_el_init@ +LIB_getattr = @LIB_getattr@ +LIB_gethostbyname = @LIB_gethostbyname@ +LIB_getpwent_r = @LIB_getpwent_r@ +LIB_getpwnam_r = @LIB_getpwnam_r@ +LIB_getsockopt = @LIB_getsockopt@ +LIB_logout = @LIB_logout@ +LIB_logwtmp = @LIB_logwtmp@ +LIB_odm_initialize = @LIB_odm_initialize@ +LIB_readline = @LIB_readline@ +LIB_res_search = @LIB_res_search@ +LIB_setpcred = @LIB_setpcred@ +LIB_setsockopt = @LIB_setsockopt@ +LIB_socket = @LIB_socket@ +LIB_syslog = @LIB_syslog@ +LIB_tgetent = @LIB_tgetent@ + +HESIODLIB = @HESIODLIB@ +HESIODINCLUDE = @HESIODINCLUDE@ +INCLUDE_hesiod = @INCLUDE_hesiod@ +LIB_hesiod = @LIB_hesiod@ + +INCLUDE_krb4 = @INCLUDE_krb4@ +LIB_krb4 = @LIB_krb4@ + +INCLUDE_readline = @INCLUDE_readline@ + +LEXLIB = @LEXLIB@ + +cat1dir = $(mandir)/cat1 +cat3dir = $(mandir)/cat3 +cat5dir = $(mandir)/cat5 +cat8dir = $(mandir)/cat8 + +MANRX = \(.*\)\.\([0-9]\) +CATSUFFIX = @CATSUFFIX@ + +NROFF_MAN = groff -mandoc -Tascii + +@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) + +@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la + +CHECK_LOCAL = $(PROGRAMS) + +@KRB4_TRUE@dir_45 = 45 +@OTP_TRUE@dir_otp = otp + +SUBDIRS = roken editline com_err sl asn1 des krb5 kafs hdb kadm5 gssapi auth $(dir_45) $(dir_otp) + +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = ../include/config.h +CONFIG_CLEAN_FILES = +CFLAGS = @CFLAGS@ +COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +DIST_COMMON = Makefile.am Makefile.in + + +DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) + +TAR = tar +GZIP_ENV = --best +DIST_SUBDIRS = roken editline com_err sl asn1 des krb5 kafs hdb kadm5 \ +gssapi auth 45 otp +all: all-redirect +.SUFFIXES: +.SUFFIXES: .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .et .h .x +$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common + cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/Makefile + +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + cd $(top_builddir) \ + && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status + + +# This directory's subdirectories are mostly independent; you can cd +# into them and run `make' without going through this Makefile. +# To change the values of `make' variables: instead of editing Makefiles, +# (1) if the variable is set in `config.status', edit `config.status' +# (which will cause the Makefiles to be regenerated when you run `make'); +# (2) otherwise, pass the desired values on the `make' command line. + +@SET_MAKE@ + +all-recursive install-data-recursive install-exec-recursive \ +installdirs-recursive install-recursive uninstall-recursive \ +check-recursive installcheck-recursive info-recursive dvi-recursive: + @set fnord $(MAKEFLAGS); amf=$$2; \ + dot_seen=no; \ + target=`echo $@ | sed s/-recursive//`; \ + list='$(SUBDIRS)'; for subdir in $$list; do \ + echo "Making $$target in $$subdir"; \ + if test "$$subdir" = "."; then \ + dot_seen=yes; \ + local_target="$$target-am"; \ + else \ + local_target="$$target"; \ + fi; \ + (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ + || case "$$amf" in *=*) exit 1;; *k*) fail=yes;; *) exit 1;; esac; \ + done; \ + if test "$$dot_seen" = "no"; then \ + $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ + fi; test -z "$$fail" + +mostlyclean-recursive clean-recursive distclean-recursive \ +maintainer-clean-recursive: + @set fnord $(MAKEFLAGS); amf=$$2; \ + dot_seen=no; \ + rev=''; list='$(SUBDIRS)'; for subdir in $$list; do \ + rev="$$subdir $$rev"; \ + test "$$subdir" = "." && dot_seen=yes; \ + done; \ + test "$$dot_seen" = "no" && rev=". $$rev"; \ + target=`echo $@ | sed s/-recursive//`; \ + for subdir in $$rev; do \ + echo "Making $$target in $$subdir"; \ + if test "$$subdir" = "."; then \ + local_target="$$target-am"; \ + else \ + local_target="$$target"; \ + fi; \ + (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ + || case "$$amf" in *=*) exit 1;; *k*) fail=yes;; *) exit 1;; esac; \ + done && test -z "$$fail" +tags-recursive: + list='$(SUBDIRS)'; for subdir in $$list; do \ + test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ + done + +tags: TAGS + +ID: $(HEADERS) $(SOURCES) $(LISP) + list='$(SOURCES) $(HEADERS)'; \ + unique=`for i in $$list; do echo $$i; done | \ + awk ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + here=`pwd` && cd $(srcdir) \ + && mkid -f$$here/ID $$unique $(LISP) + +TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" = .; then :; else \ + test -f $$subdir/TAGS && tags="$$tags -i $$here/$$subdir/TAGS"; \ + fi; \ + done; \ + list='$(SOURCES) $(HEADERS)'; \ + unique=`for i in $$list; do echo $$i; done | \ + awk ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ + || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS) + +mostlyclean-tags: + +clean-tags: + +distclean-tags: + -rm -f TAGS ID + +maintainer-clean-tags: + +distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) + +subdir = lib + +distdir: $(DISTFILES) + @for file in $(DISTFILES); do \ + d=$(srcdir); \ + if test -d $$d/$$file; then \ + cp -pr $$/$$file $(distdir)/$$file; \ + else \ + test -f $(distdir)/$$file \ + || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ + || cp -p $$d/$$file $(distdir)/$$file || :; \ + fi; \ + done + for subdir in $(DIST_SUBDIRS); do \ + if test "$$subdir" = .; then :; else \ + test -d $(distdir)/$$subdir \ + || mkdir $(distdir)/$$subdir \ + || exit 1; \ + chmod 777 $(distdir)/$$subdir; \ + (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir=../$(top_distdir) distdir=../$(distdir)/$$subdir distdir) \ + || exit 1; \ + fi; \ + done + $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook +info-am: +info: info-recursive +dvi-am: +dvi: dvi-recursive +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) check-local +check: check-recursive +installcheck-am: +installcheck: installcheck-recursive +install-exec-am: + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-exec-hook +install-exec: install-exec-recursive + +install-data-am: install-data-local +install-data: install-data-recursive + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am +install: install-recursive +uninstall-am: +uninstall: uninstall-recursive +all-am: Makefile all-local +all-redirect: all-recursive +install-strip: + $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install +installdirs: installdirs-recursive +installdirs-am: + + +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -rm -f Makefile $(CONFIG_CLEAN_FILES) + -rm -f config.cache config.log stamp-h stamp-h[0-9]* + +maintainer-clean-generic: +mostlyclean-am: mostlyclean-tags mostlyclean-generic + +mostlyclean: mostlyclean-recursive + +clean-am: clean-tags clean-generic mostlyclean-am + +clean: clean-recursive + +distclean-am: distclean-tags distclean-generic clean-am + -rm -f libtool + +distclean: distclean-recursive + +maintainer-clean-am: maintainer-clean-tags maintainer-clean-generic \ + distclean-am + @echo "This command is intended for maintainers to use;" + @echo "it deletes files that may require special tools to rebuild." + +maintainer-clean: maintainer-clean-recursive + +.PHONY: install-data-recursive uninstall-data-recursive \ +install-exec-recursive uninstall-exec-recursive installdirs-recursive \ +uninstalldirs-recursive all-recursive check-recursive \ +installcheck-recursive info-recursive dvi-recursive \ +mostlyclean-recursive distclean-recursive clean-recursive \ +maintainer-clean-recursive tags tags-recursive mostlyclean-tags \ +distclean-tags clean-tags maintainer-clean-tags distdir info-am info \ +dvi-am dvi check-local check check-am installcheck-am installcheck \ +install-exec-am install-exec install-data-local install-data-am \ +install-data install-am install uninstall-am uninstall all-local \ +all-redirect all-am all installdirs-am installdirs mostlyclean-generic \ +distclean-generic clean-generic maintainer-clean-generic clean \ +mostlyclean distclean maintainer-clean + + +install-suid-programs: + @foo='$(bin_SUIDS)'; \ + for file in $$foo; do \ + x=$(DESTDIR)$(bindir)/$$file; \ + if chown 0:0 $$x && chmod u+s $$x; then :; else \ + chmod 0 $$x; fi; done + +install-exec-hook: install-suid-programs + +install-build-headers:: $(include_HEADERS) $(build_HEADERZ) + @foo='$(include_HEADERS) $(build_HEADERZ)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " cp $$file $(buildinclude)/$$f"; \ + cp $$file $(buildinclude)/$$f; \ + fi ; \ + done + +all-local: install-build-headers +#NROFF_MAN = nroff -man +.1.cat1: + $(NROFF_MAN) $< > $@ +.3.cat3: + $(NROFF_MAN) $< > $@ +.5.cat5: + $(NROFF_MAN) $< > $@ +.8.cat8: + $(NROFF_MAN) $< > $@ + +dist-cat1-mans: + @foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat3-mans: + @foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat5-mans: + @foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat8-mans: + @foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans + +install-cat1-mans: + @ext=1;\ + foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat3-mans: + @ext=3;\ + foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat5-mans: + @ext=5;\ + foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat8-mans: + @ext=8;\ + foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans + +install-data-local: install-cat-mans + +.et.h: + $(COMPILE_ET) $< +.et.c: + $(COMPILE_ET) $< + +.x.c: + @cmp -s $< $@ 2> /dev/null || cp $< $@ + +check-local:: + @foo='$(CHECK_LOCAL)'; \ + if test "$$foo"; then \ + failed=0; all=0; \ + for i in $$foo; do \ + all=`expr $$all + 1`; \ + if ./$$i --version > /dev/null 2>&1; then \ + echo "PASS: $$i"; \ + else \ + echo "FAIL: $$i"; \ + failed=`expr $$failed + 1`; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0; \ + fi + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/crypto/heimdal/lib/asn1/Makefile.am b/crypto/heimdal/lib/asn1/Makefile.am new file mode 100644 index 0000000..97fb2bb --- /dev/null +++ b/crypto/heimdal/lib/asn1/Makefile.am @@ -0,0 +1,107 @@ +# $Id: Makefile.am,v 1.54 1999/12/21 17:03:42 assar Exp $ + +include $(top_srcdir)/Makefile.am.common + +YFLAGS = -d + +lib_LTLIBRARIES = libasn1.la +libasn1_la_LDFLAGS = -version-info 1:4:0 + +BUILT_SOURCES = \ + $(gen_files:.x=.c) \ + asn1_err.h \ + asn1_err.c + +gen_files = \ + asn1_APOptions.x \ + asn1_AP_REP.x \ + asn1_AP_REQ.x \ + asn1_AS_REP.x \ + asn1_AS_REQ.x \ + asn1_Authenticator.x \ + asn1_AuthorizationData.x \ + asn1_Checksum.x \ + asn1_EncAPRepPart.x \ + asn1_EncASRepPart.x \ + asn1_EncKDCRepPart.x \ + asn1_EncKrbCredPart.x \ + asn1_EncKrbPrivPart.x \ + asn1_EncTGSRepPart.x \ + asn1_EncTicketPart.x \ + asn1_EncryptedData.x \ + asn1_EncryptionKey.x \ + asn1_ETYPE_INFO.x \ + asn1_ETYPE_INFO_ENTRY.x \ + asn1_HostAddress.x \ + asn1_HostAddresses.x \ + asn1_KDCOptions.x \ + asn1_KDC_REP.x \ + asn1_KDC_REQ.x \ + asn1_KDC_REQ_BODY.x \ + asn1_KRB_CRED.x \ + asn1_KRB_ERROR.x \ + asn1_KRB_PRIV.x \ + asn1_KRB_SAFE.x \ + asn1_KRB_SAFE_BODY.x \ + asn1_KerberosTime.x \ + asn1_KrbCredInfo.x \ + asn1_LastReq.x \ + asn1_METHOD_DATA.x \ + asn1_PA_DATA.x \ + asn1_PA_ENC_TS_ENC.x \ + asn1_Principal.x \ + asn1_PrincipalName.x \ + asn1_Realm.x \ + asn1_TGS_REP.x \ + asn1_TGS_REQ.x \ + asn1_Ticket.x \ + asn1_TicketFlags.x \ + asn1_TransitedEncoding.x + + +noinst_PROGRAMS = asn1_compile asn1_print +check_PROGRAMS = check-der +TESTS = check-der + +asn1_compile_SOURCES = parse.y lex.l main.c hash.c symbol.c gen.c \ + gen_encode.c gen_decode.c gen_free.c gen_length.c gen_copy.c \ + gen_glue.c + +libasn1_la_SOURCES = \ + der_get.c \ + der_put.c \ + der_free.c \ + der_length.c \ + der_copy.c \ + timegm.c \ + $(BUILT_SOURCES) + +asn1_compile_LDADD = \ + $(LIB_roken) $(LEXLIB) + +check_der_LDADD = \ + libasn1.la \ + ../com_err/libcom_err.la \ + $(LIB_roken) + +asn1_print_LDADD = $(check_der_LDADD) + +TESTS = check-der + +CLEANFILES = lex.c parse.c parse.h asn1.h $(BUILT_SOURCES) \ + $(gen_files) asn1_files + +include_HEADERS = asn1.h asn1_err.h der.h + +$(asn1_compile_OBJECTS): parse.h + +$(gen_files) asn1.h: asn1_files + +asn1_files: asn1_compile$(EXEEXT) $(srcdir)/k5.asn1 + ./asn1_compile$(EXEEXT) $(srcdir)/k5.asn1 + +$(libasn1_la_OBJECTS): asn1.h asn1_err.h + +$(asn1_print_OBJECTS): asn1.h + +EXTRA_DIST = asn1_err.et diff --git a/crypto/heimdal/lib/asn1/Makefile.in b/crypto/heimdal/lib/asn1/Makefile.in new file mode 100644 index 0000000..25acf1a --- /dev/null +++ b/crypto/heimdal/lib/asn1/Makefile.in @@ -0,0 +1,794 @@ +# Makefile.in generated automatically by automake 1.4 from Makefile.am + +# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +# $Id: Makefile.am,v 1.54 1999/12/21 17:03:42 assar Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ + + +SHELL = @SHELL@ + +srcdir = @srcdir@ +top_srcdir = @top_srcdir@ +VPATH = @srcdir@ +prefix = @prefix@ +exec_prefix = @exec_prefix@ + +bindir = @bindir@ +sbindir = @sbindir@ +libexecdir = @libexecdir@ +datadir = @datadir@ +sysconfdir = @sysconfdir@ +sharedstatedir = @sharedstatedir@ +localstatedir = @localstatedir@ +libdir = @libdir@ +infodir = @infodir@ +mandir = @mandir@ +includedir = @includedir@ +oldincludedir = /usr/include + +DESTDIR = + +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ + +top_builddir = ../.. + +ACLOCAL = @ACLOCAL@ +AUTOCONF = @AUTOCONF@ +AUTOMAKE = @AUTOMAKE@ +AUTOHEADER = @AUTOHEADER@ + +INSTALL = @INSTALL@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +transform = @program_transform_name@ + +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +host_alias = @host_alias@ +host_triplet = @host@ +AFS_EXTRA_LD = @AFS_EXTRA_LD@ +AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AWK = @AWK@ +CANONICAL_HOST = @CANONICAL_HOST@ +CATMAN = @CATMAN@ +CATMANEXT = @CATMANEXT@ +CC = @CC@ +DBLIB = @DBLIB@ +EXEEXT = @EXEEXT@ +EXTRA_LIB45 = @EXTRA_LIB45@ +GROFF = @GROFF@ +INCLUDE_ = @INCLUDE_@ +LD = @LD@ +LEX = @LEX@ +LIBOBJS = @LIBOBJS@ +LIBTOOL = @LIBTOOL@ +LIB_ = @LIB_@ +LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_kdb = @LIB_kdb@ +LIB_otp = @LIB_otp@ +LIB_roken = @LIB_roken@ +LIB_security = @LIB_security@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ +MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ +MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ +NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ +NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ +NM = @NM@ +NROFF = @NROFF@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +RANLIB = @RANLIB@ +VERSION = @VERSION@ +VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ +WFLAGS = @WFLAGS@ +WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ +WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ +YACC = @YACC@ + +AUTOMAKE_OPTIONS = foreign no-dependencies + +SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x + +INCLUDES = -I$(top_builddir)/include + +AM_CFLAGS = $(WFLAGS) + +COMPILE_ET = $(top_builddir)/lib/com_err/compile_et + +buildinclude = $(top_builddir)/include + +LIB_XauReadAuth = @LIB_XauReadAuth@ +LIB_crypt = @LIB_crypt@ +LIB_dbm_firstkey = @LIB_dbm_firstkey@ +LIB_dbopen = @LIB_dbopen@ +LIB_dlopen = @LIB_dlopen@ +LIB_dn_expand = @LIB_dn_expand@ +LIB_el_init = @LIB_el_init@ +LIB_getattr = @LIB_getattr@ +LIB_gethostbyname = @LIB_gethostbyname@ +LIB_getpwent_r = @LIB_getpwent_r@ +LIB_getpwnam_r = @LIB_getpwnam_r@ +LIB_getsockopt = @LIB_getsockopt@ +LIB_logout = @LIB_logout@ +LIB_logwtmp = @LIB_logwtmp@ +LIB_odm_initialize = @LIB_odm_initialize@ +LIB_readline = @LIB_readline@ +LIB_res_search = @LIB_res_search@ +LIB_setpcred = @LIB_setpcred@ +LIB_setsockopt = @LIB_setsockopt@ +LIB_socket = @LIB_socket@ +LIB_syslog = @LIB_syslog@ +LIB_tgetent = @LIB_tgetent@ + +HESIODLIB = @HESIODLIB@ +HESIODINCLUDE = @HESIODINCLUDE@ +INCLUDE_hesiod = @INCLUDE_hesiod@ +LIB_hesiod = @LIB_hesiod@ + +INCLUDE_krb4 = @INCLUDE_krb4@ +LIB_krb4 = @LIB_krb4@ + +INCLUDE_readline = @INCLUDE_readline@ + +LEXLIB = @LEXLIB@ + +cat1dir = $(mandir)/cat1 +cat3dir = $(mandir)/cat3 +cat5dir = $(mandir)/cat5 +cat8dir = $(mandir)/cat8 + +MANRX = \(.*\)\.\([0-9]\) +CATSUFFIX = @CATSUFFIX@ + +NROFF_MAN = groff -mandoc -Tascii + +@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) + +@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la + +CHECK_LOCAL = $(PROGRAMS) + +YFLAGS = -d + +lib_LTLIBRARIES = libasn1.la +libasn1_la_LDFLAGS = -version-info 1:4:0 + +BUILT_SOURCES = $(gen_files:.x=.c) asn1_err.h asn1_err.c + + +gen_files = asn1_APOptions.x asn1_AP_REP.x asn1_AP_REQ.x asn1_AS_REP.x asn1_AS_REQ.x asn1_Authenticator.x asn1_AuthorizationData.x asn1_Checksum.x asn1_EncAPRepPart.x asn1_EncASRepPart.x asn1_EncKDCRepPart.x asn1_EncKrbCredPart.x asn1_EncKrbPrivPart.x asn1_EncTGSRepPart.x asn1_EncTicketPart.x asn1_EncryptedData.x asn1_EncryptionKey.x asn1_ETYPE_INFO.x asn1_ETYPE_INFO_ENTRY.x asn1_HostAddress.x asn1_HostAddresses.x asn1_KDCOptions.x asn1_KDC_REP.x asn1_KDC_REQ.x asn1_KDC_REQ_BODY.x asn1_KRB_CRED.x asn1_KRB_ERROR.x asn1_KRB_PRIV.x asn1_KRB_SAFE.x asn1_KRB_SAFE_BODY.x asn1_KerberosTime.x asn1_KrbCredInfo.x asn1_LastReq.x asn1_METHOD_DATA.x asn1_PA_DATA.x asn1_PA_ENC_TS_ENC.x asn1_Principal.x asn1_PrincipalName.x asn1_Realm.x asn1_TGS_REP.x asn1_TGS_REQ.x asn1_Ticket.x asn1_TicketFlags.x asn1_TransitedEncoding.x + + +noinst_PROGRAMS = asn1_compile asn1_print +check_PROGRAMS = check-der + +TESTS = check-der + +asn1_compile_SOURCES = parse.y lex.l main.c hash.c symbol.c gen.c gen_encode.c gen_decode.c gen_free.c gen_length.c gen_copy.c gen_glue.c + + +libasn1_la_SOURCES = der_get.c der_put.c der_free.c der_length.c der_copy.c timegm.c $(BUILT_SOURCES) + + +asn1_compile_LDADD = $(LIB_roken) $(LEXLIB) + + +check_der_LDADD = libasn1.la ../com_err/libcom_err.la $(LIB_roken) + + +asn1_print_LDADD = $(check_der_LDADD) + +CLEANFILES = lex.c parse.c parse.h asn1.h $(BUILT_SOURCES) $(gen_files) asn1_files + + +include_HEADERS = asn1.h asn1_err.h der.h + +EXTRA_DIST = asn1_err.et +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = ../../include/config.h +CONFIG_CLEAN_FILES = +LTLIBRARIES = $(lib_LTLIBRARIES) + + +DEFS = @DEFS@ -I. -I$(srcdir) -I../../include +CPPFLAGS = @CPPFLAGS@ +LDFLAGS = @LDFLAGS@ +LIBS = @LIBS@ +X_CFLAGS = @X_CFLAGS@ +X_LIBS = @X_LIBS@ +X_EXTRA_LIBS = @X_EXTRA_LIBS@ +X_PRE_LIBS = @X_PRE_LIBS@ +libasn1_la_LIBADD = +libasn1_la_OBJECTS = der_get.lo der_put.lo der_free.lo der_length.lo \ +der_copy.lo timegm.lo asn1_APOptions.lo asn1_AP_REP.lo asn1_AP_REQ.lo \ +asn1_AS_REP.lo asn1_AS_REQ.lo asn1_Authenticator.lo \ +asn1_AuthorizationData.lo asn1_Checksum.lo asn1_EncAPRepPart.lo \ +asn1_EncASRepPart.lo asn1_EncKDCRepPart.lo asn1_EncKrbCredPart.lo \ +asn1_EncKrbPrivPart.lo asn1_EncTGSRepPart.lo asn1_EncTicketPart.lo \ +asn1_EncryptedData.lo asn1_EncryptionKey.lo asn1_ETYPE_INFO.lo \ +asn1_ETYPE_INFO_ENTRY.lo asn1_HostAddress.lo asn1_HostAddresses.lo \ +asn1_KDCOptions.lo asn1_KDC_REP.lo asn1_KDC_REQ.lo asn1_KDC_REQ_BODY.lo \ +asn1_KRB_CRED.lo asn1_KRB_ERROR.lo asn1_KRB_PRIV.lo asn1_KRB_SAFE.lo \ +asn1_KRB_SAFE_BODY.lo asn1_KerberosTime.lo asn1_KrbCredInfo.lo \ +asn1_LastReq.lo asn1_METHOD_DATA.lo asn1_PA_DATA.lo \ +asn1_PA_ENC_TS_ENC.lo asn1_Principal.lo asn1_PrincipalName.lo \ +asn1_Realm.lo asn1_TGS_REP.lo asn1_TGS_REQ.lo asn1_Ticket.lo \ +asn1_TicketFlags.lo asn1_TransitedEncoding.lo asn1_err.lo +check_PROGRAMS = check-der$(EXEEXT) +noinst_PROGRAMS = asn1_compile$(EXEEXT) asn1_print$(EXEEXT) +PROGRAMS = $(noinst_PROGRAMS) + +check_der_SOURCES = check-der.c +check_der_OBJECTS = check-der.$(OBJEXT) +check_der_DEPENDENCIES = libasn1.la ../com_err/libcom_err.la +check_der_LDFLAGS = +asn1_compile_OBJECTS = parse.$(OBJEXT) lex.$(OBJEXT) main.$(OBJEXT) \ +hash.$(OBJEXT) symbol.$(OBJEXT) gen.$(OBJEXT) gen_encode.$(OBJEXT) \ +gen_decode.$(OBJEXT) gen_free.$(OBJEXT) gen_length.$(OBJEXT) \ +gen_copy.$(OBJEXT) gen_glue.$(OBJEXT) +asn1_compile_DEPENDENCIES = +asn1_compile_LDFLAGS = +asn1_print_SOURCES = asn1_print.c +asn1_print_OBJECTS = asn1_print.$(OBJEXT) +asn1_print_DEPENDENCIES = libasn1.la ../com_err/libcom_err.la +asn1_print_LDFLAGS = +LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +CFLAGS = @CFLAGS@ +COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +HEADERS = $(include_HEADERS) + +DIST_COMMON = Makefile.am Makefile.in lex.c parse.c + + +DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) + +TAR = tar +GZIP_ENV = --best +SOURCES = $(libasn1_la_SOURCES) check-der.c $(asn1_compile_SOURCES) asn1_print.c +OBJECTS = $(libasn1_la_OBJECTS) check-der.$(OBJEXT) $(asn1_compile_OBJECTS) asn1_print.$(OBJEXT) + +all: all-redirect +.SUFFIXES: +.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .l .lo .o .obj .s .x .y +$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common + cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/asn1/Makefile + +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + cd $(top_builddir) \ + && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status + + +mostlyclean-libLTLIBRARIES: + +clean-libLTLIBRARIES: + -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) + +distclean-libLTLIBRARIES: + +maintainer-clean-libLTLIBRARIES: + +install-libLTLIBRARIES: $(lib_LTLIBRARIES) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(libdir) + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + echo "$(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p"; \ + $(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p; \ + else :; fi; \ + done + +uninstall-libLTLIBRARIES: + @$(NORMAL_UNINSTALL) + list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \ + done + +.c.o: + $(COMPILE) -c $< + +# FIXME: We should only use cygpath when building on Windows, +# and only if it is available. +.c.obj: + $(COMPILE) -c `cygpath -w $<` + +.s.o: + $(COMPILE) -c $< + +.S.o: + $(COMPILE) -c $< + +mostlyclean-compile: + -rm -f *.o core *.core + -rm -f *.$(OBJEXT) + +clean-compile: + +distclean-compile: + -rm -f *.tab.c + +maintainer-clean-compile: + +.c.lo: + $(LIBTOOL) --mode=compile $(COMPILE) -c $< + +.s.lo: + $(LIBTOOL) --mode=compile $(COMPILE) -c $< + +.S.lo: + $(LIBTOOL) --mode=compile $(COMPILE) -c $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +distclean-libtool: + +maintainer-clean-libtool: + +libasn1.la: $(libasn1_la_OBJECTS) $(libasn1_la_DEPENDENCIES) + $(LINK) -rpath $(libdir) $(libasn1_la_LDFLAGS) $(libasn1_la_OBJECTS) $(libasn1_la_LIBADD) $(LIBS) + +mostlyclean-checkPROGRAMS: + +clean-checkPROGRAMS: + -test -z "$(check_PROGRAMS)" || rm -f $(check_PROGRAMS) + +distclean-checkPROGRAMS: + +maintainer-clean-checkPROGRAMS: + +mostlyclean-noinstPROGRAMS: + +clean-noinstPROGRAMS: + -test -z "$(noinst_PROGRAMS)" || rm -f $(noinst_PROGRAMS) + +distclean-noinstPROGRAMS: + +maintainer-clean-noinstPROGRAMS: + +check-der$(EXEEXT): $(check_der_OBJECTS) $(check_der_DEPENDENCIES) + @rm -f check-der$(EXEEXT) + $(LINK) $(check_der_LDFLAGS) $(check_der_OBJECTS) $(check_der_LDADD) $(LIBS) + +asn1_compile$(EXEEXT): $(asn1_compile_OBJECTS) $(asn1_compile_DEPENDENCIES) + @rm -f asn1_compile$(EXEEXT) + $(LINK) $(asn1_compile_LDFLAGS) $(asn1_compile_OBJECTS) $(asn1_compile_LDADD) $(LIBS) + +asn1_print$(EXEEXT): $(asn1_print_OBJECTS) $(asn1_print_DEPENDENCIES) + @rm -f asn1_print$(EXEEXT) + $(LINK) $(asn1_print_LDFLAGS) $(asn1_print_OBJECTS) $(asn1_print_LDADD) $(LIBS) +.l.c: + $(LEX) $(AM_LFLAGS) $(LFLAGS) $< && mv $(LEX_OUTPUT_ROOT).c $@ +.y.c: + $(YACC) $(AM_YFLAGS) $(YFLAGS) $< && mv y.tab.c $*.c + if test -f y.tab.h; then \ + if cmp -s y.tab.h $*.h; then rm -f y.tab.h; else mv y.tab.h $*.h; fi; \ + else :; fi +parse.h: parse.c + + +install-includeHEADERS: $(include_HEADERS) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(includedir) + @list='$(include_HEADERS)'; for p in $$list; do \ + if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \ + echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p"; \ + $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p; \ + done + +uninstall-includeHEADERS: + @$(NORMAL_UNINSTALL) + list='$(include_HEADERS)'; for p in $$list; do \ + rm -f $(DESTDIR)$(includedir)/$$p; \ + done + +tags: TAGS + +ID: $(HEADERS) $(SOURCES) $(LISP) + list='$(SOURCES) $(HEADERS)'; \ + unique=`for i in $$list; do echo $$i; done | \ + awk ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + here=`pwd` && cd $(srcdir) \ + && mkid -f$$here/ID $$unique $(LISP) + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS)'; \ + unique=`for i in $$list; do echo $$i; done | \ + awk ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ + || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS) + +mostlyclean-tags: + +clean-tags: + +distclean-tags: + -rm -f TAGS ID + +maintainer-clean-tags: + +distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) + +subdir = lib/asn1 + +distdir: $(DISTFILES) + @for file in $(DISTFILES); do \ + d=$(srcdir); \ + if test -d $$d/$$file; then \ + cp -pr $$/$$file $(distdir)/$$file; \ + else \ + test -f $(distdir)/$$file \ + || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ + || cp -p $$d/$$file $(distdir)/$$file || :; \ + fi; \ + done + $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook +check-TESTS: $(TESTS) + @failed=0; all=0; \ + srcdir=$(srcdir); export srcdir; \ + for tst in $(TESTS); do \ + if test -f $$tst; then dir=.; \ + else dir="$(srcdir)"; fi; \ + if $(TESTS_ENVIRONMENT) $$dir/$$tst; then \ + all=`expr $$all + 1`; \ + echo "PASS: $$tst"; \ + elif test $$? -ne 77; then \ + all=`expr $$all + 1`; \ + failed=`expr $$failed + 1`; \ + echo "FAIL: $$tst"; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0 +info-am: +info: info-am +dvi-am: +dvi: dvi-am +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS) + $(MAKE) $(AM_MAKEFLAGS) check-TESTS check-local +check: check-am +installcheck-am: +installcheck: installcheck-am +install-exec-am: install-libLTLIBRARIES + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-exec-hook +install-exec: install-exec-am + +install-data-am: install-includeHEADERS install-data-local +install-data: install-data-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am +install: install-am +uninstall-am: uninstall-libLTLIBRARIES uninstall-includeHEADERS +uninstall: uninstall-am +all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(HEADERS) all-local +all-redirect: all-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install +installdirs: + $(mkinstalldirs) $(DESTDIR)$(libdir) $(DESTDIR)$(includedir) + + +mostlyclean-generic: + +clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) + +distclean-generic: + -rm -f Makefile $(CONFIG_CLEAN_FILES) + -rm -f config.cache config.log stamp-h stamp-h[0-9]* + +maintainer-clean-generic: + -test -z "lexlparsehparsec$(BUILT_SOURCES)" || rm -f lexl parseh parsec $(BUILT_SOURCES) +mostlyclean-am: mostlyclean-libLTLIBRARIES mostlyclean-compile \ + mostlyclean-libtool mostlyclean-checkPROGRAMS \ + mostlyclean-noinstPROGRAMS mostlyclean-tags \ + mostlyclean-generic + +mostlyclean: mostlyclean-am + +clean-am: clean-libLTLIBRARIES clean-compile clean-libtool \ + clean-checkPROGRAMS clean-noinstPROGRAMS clean-tags \ + clean-generic mostlyclean-am + +clean: clean-am + +distclean-am: distclean-libLTLIBRARIES distclean-compile \ + distclean-libtool distclean-checkPROGRAMS \ + distclean-noinstPROGRAMS distclean-tags \ + distclean-generic clean-am + -rm -f libtool + +distclean: distclean-am + +maintainer-clean-am: maintainer-clean-libLTLIBRARIES \ + maintainer-clean-compile maintainer-clean-libtool \ + maintainer-clean-checkPROGRAMS \ + maintainer-clean-noinstPROGRAMS maintainer-clean-tags \ + maintainer-clean-generic distclean-am + @echo "This command is intended for maintainers to use;" + @echo "it deletes files that may require special tools to rebuild." + +maintainer-clean: maintainer-clean-am + +.PHONY: mostlyclean-libLTLIBRARIES distclean-libLTLIBRARIES \ +clean-libLTLIBRARIES maintainer-clean-libLTLIBRARIES \ +uninstall-libLTLIBRARIES install-libLTLIBRARIES mostlyclean-compile \ +distclean-compile clean-compile maintainer-clean-compile \ +mostlyclean-libtool distclean-libtool clean-libtool \ +maintainer-clean-libtool mostlyclean-checkPROGRAMS \ +distclean-checkPROGRAMS clean-checkPROGRAMS \ +maintainer-clean-checkPROGRAMS mostlyclean-noinstPROGRAMS \ +distclean-noinstPROGRAMS clean-noinstPROGRAMS \ +maintainer-clean-noinstPROGRAMS uninstall-includeHEADERS \ +install-includeHEADERS tags mostlyclean-tags distclean-tags clean-tags \ +maintainer-clean-tags distdir check-TESTS info-am info dvi-am dvi \ +check-local check check-am installcheck-am installcheck install-exec-am \ +install-exec install-data-local install-data-am install-data install-am \ +install uninstall-am uninstall all-local all-redirect all-am all \ +installdirs mostlyclean-generic distclean-generic clean-generic \ +maintainer-clean-generic clean mostlyclean distclean maintainer-clean + + +install-suid-programs: + @foo='$(bin_SUIDS)'; \ + for file in $$foo; do \ + x=$(DESTDIR)$(bindir)/$$file; \ + if chown 0:0 $$x && chmod u+s $$x; then :; else \ + chmod 0 $$x; fi; done + +install-exec-hook: install-suid-programs + +install-build-headers:: $(include_HEADERS) $(build_HEADERZ) + @foo='$(include_HEADERS) $(build_HEADERZ)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " cp $$file $(buildinclude)/$$f"; \ + cp $$file $(buildinclude)/$$f; \ + fi ; \ + done + +all-local: install-build-headers +#NROFF_MAN = nroff -man +.1.cat1: + $(NROFF_MAN) $< > $@ +.3.cat3: + $(NROFF_MAN) $< > $@ +.5.cat5: + $(NROFF_MAN) $< > $@ +.8.cat8: + $(NROFF_MAN) $< > $@ + +dist-cat1-mans: + @foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat3-mans: + @foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat5-mans: + @foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat8-mans: + @foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans + +install-cat1-mans: + @ext=1;\ + foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat3-mans: + @ext=3;\ + foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat5-mans: + @ext=5;\ + foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat8-mans: + @ext=8;\ + foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans + +install-data-local: install-cat-mans + +.et.h: + $(COMPILE_ET) $< +.et.c: + $(COMPILE_ET) $< + +.x.c: + @cmp -s $< $@ 2> /dev/null || cp $< $@ + +check-local:: + @foo='$(CHECK_LOCAL)'; \ + if test "$$foo"; then \ + failed=0; all=0; \ + for i in $$foo; do \ + all=`expr $$all + 1`; \ + if ./$$i --version > /dev/null 2>&1; then \ + echo "PASS: $$i"; \ + else \ + echo "FAIL: $$i"; \ + failed=`expr $$failed + 1`; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0; \ + fi + +$(asn1_compile_OBJECTS): parse.h + +$(gen_files) asn1.h: asn1_files + +asn1_files: asn1_compile$(EXEEXT) $(srcdir)/k5.asn1 + ./asn1_compile$(EXEEXT) $(srcdir)/k5.asn1 + +$(libasn1_la_OBJECTS): asn1.h asn1_err.h + +$(asn1_print_OBJECTS): asn1.h + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/crypto/heimdal/lib/asn1/asn1_err.et b/crypto/heimdal/lib/asn1/asn1_err.et new file mode 100644 index 0000000..8f1f272 --- /dev/null +++ b/crypto/heimdal/lib/asn1/asn1_err.et @@ -0,0 +1,20 @@ +# +# Error messages for the asn.1 library +# +# This might look like a com_err file, but is not +# +id "$Id: asn1_err.et,v 1.5 1998/02/16 16:17:17 joda Exp $" + +error_table asn1 +prefix ASN1 +error_code BAD_TIMEFORMAT, "ASN.1 failed call to system time library" +error_code MISSING_FIELD, "ASN.1 structure is missing a required field" +error_code MISPLACED_FIELD, "ASN.1 unexpected field number" +error_code TYPE_MISMATCH, "ASN.1 type numbers are inconsistent" +error_code OVERFLOW, "ASN.1 value too large" +error_code OVERRUN, "ASN.1 encoding ended unexpectedly" +error_code BAD_ID, "ASN.1 identifier doesn't match expected value" +error_code BAD_LENGTH, "ASN.1 length doesn't match expected value" +error_code BAD_FORMAT, "ASN.1 badly-formatted encoding" +error_code PARSE_ERROR, "ASN.1 parse error" +end diff --git a/crypto/heimdal/lib/asn1/asn1_print.c b/crypto/heimdal/lib/asn1/asn1_print.c new file mode 100644 index 0000000..92e6419 --- /dev/null +++ b/crypto/heimdal/lib/asn1/asn1_print.c @@ -0,0 +1,239 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "der_locl.h" +#include <sys/types.h> +#include <sys/stat.h> +#include <getarg.h> +#include <err.h> + +RCSID("$Id: asn1_print.c,v 1.5 1999/12/02 17:05:01 joda Exp $"); + +static struct et_list *et_list; + +const char *class_names[] = { + "UNIV", /* 0 */ + "APPL", /* 1 */ + "CONTEXT", /* 2 */ + "PRIVATE" /* 3 */ +}; + +const char *type_names[] = { + "PRIM", /* 0 */ + "CONS" /* 1 */ +}; + +const char *tag_names[] = { + NULL, /* 0 */ + NULL, /* 1 */ + "Integer", /* 2 */ + "BitString", /* 3 */ + "OctetString", /* 4 */ + "Null", /* 5 */ + "ObjectID", /* 6 */ + NULL, /* 7 */ + NULL, /* 8 */ + NULL, /* 9 */ + NULL, /* 10 */ + NULL, /* 11 */ + NULL, /* 12 */ + NULL, /* 13 */ + NULL, /* 14 */ + NULL, /* 15 */ + "Sequence", /* 16 */ + "Set", /* 17 */ + NULL, /* 18 */ + "PrintableString", /* 19 */ + NULL, /* 20 */ + NULL, /* 21 */ + "IA5String", /* 22 */ + "UTCTime", /* 23 */ + "GeneralizedTime", /* 24 */ + NULL, /* 25 */ + "VisibleString", /* 26 */ + "GeneralString" /* 27 */ +}; + +static int +loop (unsigned char *buf, size_t len, int indent) +{ + while (len > 0) { + int ret; + Der_class class; + Der_type type; + int tag; + size_t sz; + size_t length; + int i; + + ret = der_get_tag (buf, len, &class, &type, &tag, &sz); + if (ret) + errx (1, "der_get_tag: %s", com_right (et_list, ret)); + buf += sz; + len -= sz; + for (i = 0; i < indent; ++i) + printf (" "); + printf ("%s %s ", class_names[class], type_names[type]); + if (tag_names[tag]) + printf ("%s = ", tag_names[tag]); + else + printf ("tag %d = ", tag); + ret = der_get_length (buf, len, &length, &sz); + if (ret) + errx (1, "der_get_tag: %s", com_right (et_list, ret)); + buf += sz; + len -= sz; + + if (class == CONTEXT) { + printf ("[%d]\n", tag); + loop (buf, length, indent); + } else if (class == UNIV) { + switch (tag) { + case UT_Sequence : + printf ("{\n"); + loop (buf, length, indent + 2); + for (i = 0; i < indent; ++i) + printf (" "); + printf ("}\n"); + break; + case UT_Integer : { + int val; + + ret = der_get_int (buf, length, &val, NULL); + if (ret) + errx (1, "der_get_int: %s", com_right (et_list, ret)); + printf ("integer %d\n", val); + break; + } + case UT_OctetString : { + octet_string str; + int i; + unsigned char *uc; + + ret = der_get_octet_string (buf, length, &str, NULL); + if (ret) + errx (1, "der_get_octet_string: %s", + com_right (et_list, ret)); + printf ("(length %d), ", length); + uc = (unsigned char *)str.data; + for (i = 0; i < 16; ++i) + printf ("%02x", uc[i]); + printf ("\n"); + free (str.data); + break; + } + case UT_GeneralizedTime : + case UT_GeneralString : { + general_string str; + + ret = der_get_general_string (buf, length, &str, NULL); + if (ret) + errx (1, "der_get_general_string: %s", + com_right (et_list, ret)); + printf ("\"%s\"\n", str); + free (str); + break; + } + default : + printf ("%d bytes\n", length); + break; + } + } + buf += length; + len -= length; + } + return 0; +} + +static int +doit (const char *filename) +{ + int fd = open (filename, O_RDONLY); + struct stat sb; + unsigned char *buf; + size_t len; + int ret; + + if(fd < 0) + err (1, "opening %s for read", filename); + if (fstat (fd, &sb) < 0) + err (1, "stat %s", filename); + len = sb.st_size; + buf = malloc (len); + if (buf == NULL) + err (1, "malloc %u", len); + if (read (fd, buf, len) != len) + errx (1, "read failed"); + close (fd); + ret = loop (buf, len, 0); + free (buf); + return ret; +} + + +static int version_flag; +static int help_flag; +struct getargs args[] = { + { "version", 0, arg_flag, &version_flag }, + { "help", 0, arg_flag, &help_flag } +}; +int num_args = sizeof(args) / sizeof(args[0]); + +static void +usage(int code) +{ + arg_printusage(args, num_args, NULL, "dump-file"); + exit(code); +} + +int +main(int argc, char **argv) +{ + int optind = 0; + + set_progname (argv[0]); + initialize_asn1_error_table_r (&et_list); + if(getarg(args, num_args, argc, argv, &optind)) + usage(1); + if(help_flag) + usage(0); + if(version_flag) { + print_version(NULL); + exit(0); + } + argv += optind; + argc -= optind; + if (argc != 1) + usage (1); + return doit (argv[0]); +} diff --git a/crypto/heimdal/lib/asn1/check-der.c b/crypto/heimdal/lib/asn1/check-der.c new file mode 100644 index 0000000..a2f1217 --- /dev/null +++ b/crypto/heimdal/lib/asn1/check-der.c @@ -0,0 +1,289 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include <stdio.h> +#include <string.h> +#include <err.h> +#include <roken.h> + +#include <libasn1.h> + +RCSID("$Id: check-der.c,v 1.7 1999/12/02 17:05:01 joda Exp $"); + +static void +print_bytes (unsigned const char *buf, size_t len) +{ + int i; + + for (i = 0; i < len; ++i) + printf ("%02x ", buf[i]); +} + +struct test_case { + void *val; + int byte_len; + const unsigned char *bytes; + char *name; +}; + +static int +generic_test (const struct test_case *tests, + unsigned ntests, + size_t data_size, + int (*encode)(unsigned char *, size_t, void *, size_t *), + int (*length)(void *), + int (*decode)(unsigned char *, size_t, void *, size_t *), + int (*cmp)(void *a, void *b)) +{ + unsigned char buf[4711]; + int i; + int failures = 0; + void *val = malloc (data_size); + + if (data_size != 0 && val == NULL) + err (1, "malloc"); + + for (i = 0; i < ntests; ++i) { + int ret; + size_t sz, consumed_sz, length_sz; + unsigned char *beg; + + ret = (*encode) (buf + sizeof(buf) - 1, sizeof(buf), + tests[i].val, &sz); + beg = buf + sizeof(buf) - sz; + if (ret != 0) { + printf ("encoding of %s failed\n", tests[i].name); + ++failures; + } + if (sz != tests[i].byte_len) { + printf ("encoding of %s has wrong len (%lu != %lu)\n", + tests[i].name, + (unsigned long)sz, (unsigned long)tests[i].byte_len); + ++failures; + } + + length_sz = (*length) (tests[i].val); + if (sz != length_sz) { + printf ("length for %s is bad (%lu != %lu)\n", + tests[i].name, (unsigned long)length_sz, (unsigned long)sz); + ++failures; + } + + if (memcmp (beg, tests[i].bytes, tests[i].byte_len) != 0) { + printf ("encoding of %s has bad bytes:\n" + "correct: ", tests[i].name); + print_bytes (tests[i].bytes, tests[i].byte_len); + printf ("\nactual: "); + print_bytes (beg, sz); + printf ("\n"); + ++failures; + } + ret = (*decode) (beg, sz, val, &consumed_sz); + if (ret != 0) { + printf ("decoding of %s failed\n", tests[i].name); + ++failures; + } + if (sz != consumed_sz) { + printf ("different length decoding %s (%ld != %ld)\n", + tests[i].name, + (unsigned long)sz, (unsigned long)consumed_sz); + ++failures; + } + if ((*cmp)(val, tests[i].val) != 0) { + printf ("%s: comparison failed\n", tests[i].name); + ++failures; + } + } + free (val); + return failures; +} + +static int +cmp_integer (void *a, void *b) +{ + int *ia = (int *)a; + int *ib = (int *)b; + + return *ib - *ia; +} + +static int +test_integer (void) +{ + struct test_case tests[] = { + {NULL, 3, "\x02\x01\x00"}, + {NULL, 3, "\x02\x01\x7f"}, + {NULL, 4, "\x02\x02\x00\x80"}, + {NULL, 4, "\x02\x02\x01\x00"}, + {NULL, 3, "\x02\x01\x80"}, + {NULL, 4, "\x02\x02\xff\x7f"}, + {NULL, 3, "\x02\x01\xff"}, + {NULL, 4, "\x02\x02\xff\x01"}, + {NULL, 4, "\x02\x02\x00\xff"}, + {NULL, 6, "\x02\x04\x80\x00\x00\x00"}, + {NULL, 6, "\x02\x04\x7f\xff\xff\xff"} + }; + + int values[] = {0, 127, 128, 256, -128, -129, -1, -255, 255, + 0x80000000, 0x7fffffff}; + int i; + int ntests = sizeof(tests) / sizeof(*tests); + + for (i = 0; i < ntests; ++i) { + tests[i].val = &values[i]; + asprintf (&tests[i].name, "integer %d", values[i]); + } + + return generic_test (tests, ntests, sizeof(int), + (int (*)(unsigned char *, size_t, + void *, size_t *))encode_integer, + (int (*)(void *))length_integer, + (int (*)(unsigned char *, size_t, + void *, size_t *))decode_integer, + cmp_integer); +} + +static int +cmp_octet_string (void *a, void *b) +{ + octet_string *oa = (octet_string *)a; + octet_string *ob = (octet_string *)b; + + if (oa->length != ob->length) + return ob->length - oa->length; + + return (memcmp (oa->data, ob->data, oa->length)); +} + +static int +test_octet_string (void) +{ + octet_string s1 = {8, "\x01\x23\x45\x67\x89\xab\xcd\xef"}; + + struct test_case tests[] = { + {NULL, 10, "\x04\x08\x01\x23\x45\x67\x89\xab\xcd\xef"} + }; + int ntests = sizeof(tests) / sizeof(*tests); + + tests[0].val = &s1; + asprintf (&tests[0].name, "a octet string"); + + return generic_test (tests, ntests, sizeof(octet_string), + (int (*)(unsigned char *, size_t, + void *, size_t *))encode_octet_string, + (int (*)(void *))length_octet_string, + (int (*)(unsigned char *, size_t, + void *, size_t *))decode_octet_string, + cmp_octet_string); +} + +static int +cmp_general_string (void *a, void *b) +{ + unsigned char **sa = (unsigned char **)a; + unsigned char **sb = (unsigned char **)b; + + return strcmp (*sa, *sb); +} + +static int +test_general_string (void) +{ + unsigned char *s1 = "Test User 1"; + + struct test_case tests[] = { + {NULL, 13, "\x1b\x0b\x54\x65\x73\x74\x20\x55\x73\x65\x72\x20\x31"} + }; + int ntests = sizeof(tests) / sizeof(*tests); + + tests[0].val = &s1; + asprintf (&tests[0].name, "the string \"%s\"", s1); + + return generic_test (tests, ntests, sizeof(unsigned char *), + (int (*)(unsigned char *, size_t, + void *, size_t *))encode_general_string, + (int (*)(void *))length_general_string, + (int (*)(unsigned char *, size_t, + void *, size_t *))decode_general_string, + cmp_general_string); +} + +static int +cmp_generalized_time (void *a, void *b) +{ + time_t *ta = (time_t *)a; + time_t *tb = (time_t *)b; + + return *tb - *ta; +} + +static int +test_generalized_time (void) +{ + struct test_case tests[] = { + {NULL, 17, "\x18\x0f""19700101000000Z"}, + {NULL, 17, "\x18\x0f""19851106210627Z"} + }; + time_t values[] = {0, 500159187}; + int i; + int ntests = sizeof(tests) / sizeof(*tests); + + for (i = 0; i < ntests; ++i) { + tests[i].val = &values[i]; + asprintf (&tests[i].name, "time %d", (int)values[i]); + } + + return generic_test (tests, ntests, sizeof(time_t), + (int (*)(unsigned char *, size_t, + void *, size_t *))encode_generalized_time, + (int (*)(void *))length_generalized_time, + (int (*)(unsigned char *, size_t, + void *, size_t *))decode_generalized_time, + cmp_generalized_time); +} + +int +main(int argc, char **argv) +{ + int ret = 0; + + ret += test_integer (); + ret += test_octet_string (); + ret += test_general_string (); + ret += test_generalized_time (); + + return ret; +} diff --git a/crypto/heimdal/lib/asn1/der.h b/crypto/heimdal/lib/asn1/der.h new file mode 100644 index 0000000..37158af --- /dev/null +++ b/crypto/heimdal/lib/asn1/der.h @@ -0,0 +1,132 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: der.h,v 1.18 1999/12/02 17:05:01 joda Exp $ */ + +#ifndef __DER_H__ +#define __DER_H__ + +#include <time.h> + +typedef enum {UNIV = 0, APPL = 1, CONTEXT = 2 , PRIVATE = 3} Der_class; + +typedef enum {PRIM = 0, CONS = 1} Der_type; + +/* Universal tags */ + +enum { + UT_Integer = 2, + UT_BitString = 3, + UT_OctetString = 4, + UT_Null = 5, + UT_ObjID = 6, + UT_Sequence = 16, + UT_Set = 17, + UT_PrintableString = 19, + UT_IA5String = 22, + UT_UTCTime = 23, + UT_GeneralizedTime = 24, + UT_VisibleString = 26, + UT_GeneralString = 27 +}; + +#define ASN1_INDEFINITE 0xdce0deed + +#ifndef HAVE_TIMEGM +time_t timegm (struct tm *); +#endif + +void time2generalizedtime (time_t t, octet_string *s); + +int der_get_int (const unsigned char *p, size_t len, int *ret, size_t *size); +int der_get_length (const unsigned char *p, size_t len, + size_t *val, size_t *size); +int der_get_general_string (const unsigned char *p, size_t len, + general_string *str, size_t *size); +int der_get_octet_string (const unsigned char *p, size_t len, + octet_string *data, size_t *size); +int der_get_tag (const unsigned char *p, size_t len, + Der_class *class, Der_type *type, + int *tag, size_t *size); + +int der_match_tag (const unsigned char *p, size_t len, + Der_class class, Der_type type, + int tag, size_t *size); +int der_match_tag_and_length (const unsigned char *p, size_t len, + Der_class class, Der_type type, int tag, + size_t *length_ret, size_t *size); + +int decode_integer (const unsigned char*, size_t, int*, size_t*); +int decode_general_string (const unsigned char*, size_t, + general_string*, size_t*); +int decode_octet_string (const unsigned char*, size_t, octet_string*, size_t*); +int decode_generalized_time (const unsigned char*, size_t, time_t*, size_t*); + +int der_put_int (unsigned char *p, size_t len, int val, size_t*); +int der_put_length (unsigned char *p, size_t len, size_t val, size_t*); +int der_put_general_string (unsigned char *p, size_t len, + const general_string *str, size_t*); +int der_put_octet_string (unsigned char *p, size_t len, + const octet_string *data, size_t*); +int der_put_tag (unsigned char *p, size_t len, Der_class class, Der_type type, + int tag, size_t*); +int der_put_length_and_tag (unsigned char*, size_t, size_t, + Der_class, Der_type, int, size_t*); + +int encode_integer (unsigned char *p, size_t len, + const int *data, size_t*); +int encode_general_string (unsigned char *p, size_t len, + const general_string *data, size_t*); +int encode_octet_string (unsigned char *p, size_t len, + const octet_string *k, size_t*); +int encode_generalized_time (unsigned char *p, size_t len, + const time_t *t, size_t*); + +void free_integer (int *num); +void free_general_string (general_string *str); +void free_octet_string (octet_string *k); +void free_generalized_time (time_t *t); + +size_t length_len (size_t len); +size_t length_integer (const int *data); +size_t length_general_string (const general_string *data); +size_t length_octet_string (const octet_string *k); +size_t length_generalized_time (const time_t *t); + +int copy_general_string (const general_string *from, general_string *to); +int copy_octet_string (const octet_string *from, octet_string *to); + +int fix_dce(size_t reallen, size_t *len); + +#endif /* __DER_H__ */ + diff --git a/crypto/heimdal/lib/asn1/der_copy.c b/crypto/heimdal/lib/asn1/der_copy.c new file mode 100644 index 0000000..83c2446 --- /dev/null +++ b/crypto/heimdal/lib/asn1/der_copy.c @@ -0,0 +1,57 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "der_locl.h" + +RCSID("$Id: der_copy.c,v 1.8 1999/12/02 17:05:01 joda Exp $"); + +int +copy_general_string (const general_string *from, general_string *to) +{ + *to = malloc(strlen(*from) + 1); + if(*to == NULL) + return ENOMEM; + strcpy(*to, *from); + return 0; +} + +int +copy_octet_string (const octet_string *from, octet_string *to) +{ + to->length = from->length; + to->data = malloc(to->length); + if(to->length != 0 && to->data == NULL) + return ENOMEM; + memcpy(to->data, from->data, to->length); + return 0; +} diff --git a/crypto/heimdal/lib/asn1/der_free.c b/crypto/heimdal/lib/asn1/der_free.c new file mode 100644 index 0000000..7191e4e --- /dev/null +++ b/crypto/heimdal/lib/asn1/der_free.c @@ -0,0 +1,48 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "der_locl.h" + +RCSID("$Id: der_free.c,v 1.7 1999/12/02 17:05:01 joda Exp $"); + +void +free_general_string (general_string *str) +{ + free(*str); +} + +void +free_octet_string (octet_string *k) +{ + free(k->data); +} diff --git a/crypto/heimdal/lib/asn1/der_get.c b/crypto/heimdal/lib/asn1/der_get.c new file mode 100644 index 0000000..9f0616b --- /dev/null +++ b/crypto/heimdal/lib/asn1/der_get.c @@ -0,0 +1,356 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "der_locl.h" + +RCSID("$Id: der_get.c,v 1.27 1999/12/02 17:05:01 joda Exp $"); + +#include <version.h> + +/* + * All decoding functions take a pointer `p' to first position in + * which to read, from the left, `len' which means the maximum number + * of characters we are able to read, `ret' were the value will be + * returned and `size' where the number of used bytes is stored. + * Either 0 or an error code is returned. + */ + +static int +der_get_unsigned (const unsigned char *p, size_t len, + unsigned *ret, size_t *size) +{ + unsigned val = 0; + size_t oldlen = len; + + while (len--) + val = val * 256 + *p++; + *ret = val; + if(size) *size = oldlen; + return 0; +} + +int +der_get_int (const unsigned char *p, size_t len, + int *ret, size_t *size) +{ + int val = 0; + size_t oldlen = len; + + if (len--) + val = (signed char)*p++; + while (len--) + val = val * 256 + *p++; + *ret = val; + if(size) *size = oldlen; + return 0; +} + +int +der_get_length (const unsigned char *p, size_t len, + size_t *val, size_t *size) +{ + size_t v; + + if (len <= 0) + return ASN1_OVERRUN; + --len; + v = *p++; + if (v < 128) { + *val = v; + if(size) *size = 1; + } else { + int e; + size_t l; + unsigned tmp; + + if(v == 0x80){ + *val = ASN1_INDEFINITE; + if(size) *size = 1; + return 0; + } + v &= 0x7F; + if (len < v) + return ASN1_OVERRUN; + e = der_get_unsigned (p, v, &tmp, &l); + if(e) return e; + *val = tmp; + if(size) *size = l + 1; + } + return 0; +} + +int +der_get_general_string (const unsigned char *p, size_t len, + general_string *str, size_t *size) +{ + char *s; + + s = malloc (len + 1); + if (s == NULL) + return ENOMEM; + memcpy (s, p, len); + s[len] = '\0'; + *str = s; + if(size) *size = len; + return 0; +} + +int +der_get_octet_string (const unsigned char *p, size_t len, + octet_string *data, size_t *size) +{ + data->length = len; + data->data = malloc(len); + if (data->data == NULL && data->length != 0) + return ENOMEM; + memcpy (data->data, p, len); + if(size) *size = len; + return 0; +} + +int +der_get_tag (const unsigned char *p, size_t len, + Der_class *class, Der_type *type, + int *tag, size_t *size) +{ + if (len < 1) + return ASN1_OVERRUN; + *class = (Der_class)(((*p) >> 6) & 0x03); + *type = (Der_type)(((*p) >> 5) & 0x01); + *tag = (*p) & 0x1F; + if(size) *size = 1; + return 0; +} + +int +der_match_tag (const unsigned char *p, size_t len, + Der_class class, Der_type type, + int tag, size_t *size) +{ + size_t l; + Der_class thisclass; + Der_type thistype; + int thistag; + int e; + + e = der_get_tag (p, len, &thisclass, &thistype, &thistag, &l); + if (e) return e; + if (class != thisclass || type != thistype) + return ASN1_BAD_ID; + if(tag > thistag) + return ASN1_MISPLACED_FIELD; + if(tag < thistag) + return ASN1_MISSING_FIELD; + if(size) *size = l; + return 0; +} + +int +der_match_tag_and_length (const unsigned char *p, size_t len, + Der_class class, Der_type type, int tag, + size_t *length_ret, size_t *size) +{ + size_t l, ret = 0; + int e; + + e = der_match_tag (p, len, class, type, tag, &l); + if (e) return e; + p += l; + len -= l; + ret += l; + e = der_get_length (p, len, length_ret, &l); + if (e) return e; + p += l; + len -= l; + ret += l; + if(size) *size = ret; + return 0; +} + +int +decode_integer (const unsigned char *p, size_t len, + int *num, size_t *size) +{ + size_t ret = 0; + size_t l, reallen; + int e; + + e = der_match_tag (p, len, UNIV, PRIM, UT_Integer, &l); + if (e) return e; + p += l; + len -= l; + ret += l; + e = der_get_length (p, len, &reallen, &l); + if (e) return e; + p += l; + len -= l; + ret += l; + e = der_get_int (p, reallen, num, &l); + if (e) return e; + p += l; + len -= l; + ret += l; + if(size) *size = ret; + return 0; +} + +int +decode_general_string (const unsigned char *p, size_t len, + general_string *str, size_t *size) +{ + size_t ret = 0; + size_t l; + int e; + size_t slen; + + e = der_match_tag (p, len, UNIV, PRIM, UT_GeneralString, &l); + if (e) return e; + p += l; + len -= l; + ret += l; + + e = der_get_length (p, len, &slen, &l); + if (e) return e; + p += l; + len -= l; + ret += l; + if (len < slen) + return ASN1_OVERRUN; + + e = der_get_general_string (p, slen, str, &l); + if (e) return e; + p += l; + len -= l; + ret += l; + if(size) *size = ret; + return 0; +} + +int +decode_octet_string (const unsigned char *p, size_t len, + octet_string *k, size_t *size) +{ + size_t ret = 0; + size_t l; + int e; + size_t slen; + + e = der_match_tag (p, len, UNIV, PRIM, UT_OctetString, &l); + if (e) return e; + p += l; + len -= l; + ret += l; + + e = der_get_length (p, len, &slen, &l); + if (e) return e; + p += l; + len -= l; + ret += l; + if (len < slen) + return ASN1_OVERRUN; + + e = der_get_octet_string (p, slen, k, &l); + if (e) return e; + p += l; + len -= l; + ret += l; + if(size) *size = ret; + return 0; +} + +static void +generalizedtime2time (const char *s, time_t *t) +{ + struct tm tm; + + memset(&tm, 0, sizeof(tm)); + sscanf (s, "%04d%02d%02d%02d%02d%02dZ", + &tm.tm_year, &tm.tm_mon, &tm.tm_mday, &tm.tm_hour, + &tm.tm_min, &tm.tm_sec); + tm.tm_year -= 1900; + tm.tm_mon -= 1; + *t = timegm (&tm); +} + +int +decode_generalized_time (const unsigned char *p, size_t len, + time_t *t, size_t *size) +{ + octet_string k; + char *times; + size_t ret = 0; + size_t l; + int e; + size_t slen; + + e = der_match_tag (p, len, UNIV, PRIM, UT_GeneralizedTime, &l); + if (e) return e; + p += l; + len -= l; + ret += l; + + e = der_get_length (p, len, &slen, &l); + if (e) return e; + p += l; + len -= l; + ret += l; + if (len < slen) + return ASN1_OVERRUN; + e = der_get_octet_string (p, slen, &k, &l); + if (e) return e; + p += l; + len -= l; + ret += l; + times = realloc(k.data, k.length + 1); + if (times == NULL){ + free(k.data); + return ENOMEM; + } + times[k.length] = 0; + generalizedtime2time (times, t); + free (times); + if(size) *size = ret; + return 0; +} + + +int +fix_dce(size_t reallen, size_t *len) +{ + if(reallen == ASN1_INDEFINITE) + return 1; + if(*len < reallen) + return -1; + *len = reallen; + return 0; +} diff --git a/crypto/heimdal/lib/asn1/der_length.c b/crypto/heimdal/lib/asn1/der_length.c new file mode 100644 index 0000000..5db95ba --- /dev/null +++ b/crypto/heimdal/lib/asn1/der_length.c @@ -0,0 +1,111 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "der_locl.h" + +RCSID("$Id: der_length.c,v 1.10 1999/12/02 17:05:01 joda Exp $"); + +static size_t +length_unsigned (unsigned val) +{ + size_t ret = 0; + + do { + ++ret; + val /= 256; + } while (val); + return ret; +} + +static size_t +length_int (int val) +{ + size_t ret = 0; + + if (val == 0) + return 1; + while (val > 255 || val < -255) { + ++ret; + val /= 256; + } + if (val != 0) { + ++ret; + if ((signed char)val != val) + ++ret; + val /= 256; + } + return ret; +} + +size_t +length_len (size_t len) +{ + if (len < 128) + return 1; + else + return length_unsigned (len) + 1; +} + +size_t +length_integer (const int *data) +{ + size_t len = length_int (*data); + + return 1 + length_len(len) + len; +} + +size_t +length_general_string (const general_string *data) +{ + char *str = *data; + size_t len = strlen(str); + return 1 + length_len(len) + len; +} + +size_t +length_octet_string (const octet_string *k) +{ + return 1 + length_len(k->length) + k->length; +} + +size_t +length_generalized_time (const time_t *t) +{ + octet_string k; + size_t ret; + + time2generalizedtime (*t, &k); + ret = 1 + length_len(k.length) + k.length; + free (k.data); + return ret; +} diff --git a/crypto/heimdal/lib/asn1/der_locl.h b/crypto/heimdal/lib/asn1/der_locl.h new file mode 100644 index 0000000..6eeb42d --- /dev/null +++ b/crypto/heimdal/lib/asn1/der_locl.h @@ -0,0 +1,54 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: der_locl.h,v 1.3 1999/12/02 17:05:02 joda Exp $ */ + +#ifndef __DER_LOCL_H__ +#define __DER_LOCL_H__ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include <assert.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <limits.h> +#include <ctype.h> +#include <time.h> +#include <errno.h> +#include <roken.h> + +#include <libasn1.h> + +#endif /* __DER_LOCL_H__ */ diff --git a/crypto/heimdal/lib/asn1/der_put.c b/crypto/heimdal/lib/asn1/der_put.c new file mode 100644 index 0000000..ce21654 --- /dev/null +++ b/crypto/heimdal/lib/asn1/der_put.c @@ -0,0 +1,310 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "der_locl.h" + +RCSID("$Id: der_put.c,v 1.22 1999/12/02 17:05:02 joda Exp $"); + +/* + * All encoding functions take a pointer `p' to first position in + * which to write, from the right, `len' which means the maximum + * number of characters we are able to write and return an int + * indicating how many actually got written, or <0 in case of errors. + */ + +static int +der_put_unsigned (unsigned char *p, size_t len, unsigned val, size_t *size) +{ + unsigned char *base = p; + + if (val) { + while (len > 0 && val) { + *p-- = val % 256; + val /= 256; + --len; + } + if (val != 0) + return ASN1_OVERFLOW; + else { + *size = base - p; + return 0; + } + } else if (len < 1) + return ASN1_OVERFLOW; + else { + *p = 0; + *size = 1; + return 0; + } +} + +int +der_put_int (unsigned char *p, size_t len, int val, size_t *size) +{ + unsigned char *base = p; + + if(val >= 0) { + do { + if(len < 1) + return ASN1_OVERFLOW; + *p-- = val % 256; + len--; + val /= 256; + } while(val); + if(p[1] >= 128) { + if(len < 1) + return ASN1_OVERFLOW; + *p-- = 0; + len--; + } + } else { + val = ~val; + do { + if(len < 1) + return ASN1_OVERFLOW; + *p-- = ~(val % 256); + len--; + val /= 256; + } while(val); + if(p[1] < 128) { + if(len < 1) + return ASN1_OVERFLOW; + *p-- = 0xff; + len--; + } + } + *size = base - p; + return 0; +} + + +int +der_put_length (unsigned char *p, size_t len, size_t val, size_t *size) +{ + if (val < 128) { + if (len < 1) + return ASN1_OVERFLOW; + else { + *p = val; + *size = 1; + return 0; + } + } else { + size_t l; + int e; + + e = der_put_unsigned (p, len - 1, val, &l); + if (e) + return e; + p -= l; + *p = 0x80 | l; + *size = l + 1; + return 0; + } +} + +int +der_put_general_string (unsigned char *p, size_t len, + const general_string *str, size_t *size) +{ + size_t slen = strlen(*str); + + if (len < slen) + return ASN1_OVERFLOW; + p -= slen; + len -= slen; + memcpy (p+1, *str, slen); + *size = slen; + return 0; +} + +int +der_put_octet_string (unsigned char *p, size_t len, + const octet_string *data, size_t *size) +{ + if (len < data->length) + return ASN1_OVERFLOW; + p -= data->length; + len -= data->length; + memcpy (p+1, data->data, data->length); + *size = data->length; + return 0; +} + +int +der_put_tag (unsigned char *p, size_t len, Der_class class, Der_type type, + int tag, size_t *size) +{ + if (len < 1) + return ASN1_OVERFLOW; + *p = (class << 6) | (type << 5) | tag; /* XXX */ + *size = 1; + return 0; +} + +int +der_put_length_and_tag (unsigned char *p, size_t len, size_t len_val, + Der_class class, Der_type type, int tag, size_t *size) +{ + size_t ret = 0; + size_t l; + int e; + + e = der_put_length (p, len, len_val, &l); + if(e) + return e; + p -= l; + len -= l; + ret += l; + e = der_put_tag (p, len, class, type, tag, &l); + if(e) + return e; + p -= l; + len -= l; + ret += l; + *size = ret; + return 0; +} + +int +encode_integer (unsigned char *p, size_t len, const int *data, size_t *size) +{ + int num = *data; + size_t ret = 0; + size_t l; + int e; + + e = der_put_int (p, len, num, &l); + if(e) + return e; + p -= l; + len -= l; + ret += l; + e = der_put_length_and_tag (p, len, l, UNIV, PRIM, UT_Integer, &l); + if (e) + return e; + p -= l; + len -= l; + ret += l; + *size = ret; + return 0; +} + +int +encode_general_string (unsigned char *p, size_t len, + const general_string *data, size_t *size) +{ + size_t ret = 0; + size_t l; + int e; + + e = der_put_general_string (p, len, data, &l); + if (e) + return e; + p -= l; + len -= l; + ret += l; + e = der_put_length_and_tag (p, len, l, UNIV, PRIM, UT_GeneralString, &l); + if (e) + return e; + p -= l; + len -= l; + ret += l; + *size = ret; + return 0; +} + +int +encode_octet_string (unsigned char *p, size_t len, + const octet_string *k, size_t *size) +{ + size_t ret = 0; + size_t l; + int e; + + e = der_put_octet_string (p, len, k, &l); + if (e) + return e; + p -= l; + len -= l; + ret += l; + e = der_put_length_and_tag (p, len, l, UNIV, PRIM, UT_OctetString, &l); + if (e) + return e; + p -= l; + len -= l; + ret += l; + *size = ret; + return 0; +} + +void +time2generalizedtime (time_t t, octet_string *s) +{ + struct tm *tm; + + s->data = malloc(16); + s->length = 15; + tm = gmtime (&t); + sprintf (s->data, "%04d%02d%02d%02d%02d%02dZ", tm->tm_year + 1900, + tm->tm_mon + 1, tm->tm_mday, tm->tm_hour, tm->tm_min, + tm->tm_sec); +} + +int +encode_generalized_time (unsigned char *p, size_t len, + const time_t *t, size_t *size) +{ + size_t ret = 0; + size_t l; + octet_string k; + int e; + + time2generalizedtime (*t, &k); + e = der_put_octet_string (p, len, &k, &l); + free (k.data); + if (e) + return e; + p -= l; + len -= l; + ret += l; + e = der_put_length_and_tag (p, len, k.length, UNIV, PRIM, + UT_GeneralizedTime, &l); + if (e) + return e; + p -= l; + len -= l; + ret += l; + *size = ret; + return 0; +} diff --git a/crypto/heimdal/lib/asn1/gen.c b/crypto/heimdal/lib/asn1/gen.c new file mode 100644 index 0000000..bca4516 --- /dev/null +++ b/crypto/heimdal/lib/asn1/gen.c @@ -0,0 +1,351 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gen_locl.h" + +RCSID("$Id: gen.c,v 1.41 1999/12/02 17:05:02 joda Exp $"); + +FILE *headerfile, *codefile, *logfile; + +#define STEM "asn1" + +static char *orig_filename; +static char header[1024]; +static char headerbase[1024] = STEM; + +void +init_generate (char *filename, char *base) +{ + orig_filename = filename; + if(base) + strcpy(headerbase, base); + sprintf(header, "%s.h", headerbase); + headerfile = fopen (header, "w"); + if (headerfile == NULL) + err (1, "open %s", header); + fprintf (headerfile, + "/* Generated from %s */\n" + "/* Do not edit */\n\n", + filename); + fprintf (headerfile, + "#ifndef __%s_h__\n" + "#define __%s_h__\n\n", headerbase, headerbase); + fprintf (headerfile, + "#include <stddef.h>\n" + "#include <time.h>\n\n"); +#ifndef HAVE_TIMEGM + fprintf (headerfile, "time_t timegm (struct tm*);\n\n"); +#endif + fprintf (headerfile, + "#ifndef __asn1_common_definitions__\n" + "#define __asn1_common_definitions__\n\n"); + fprintf (headerfile, + "typedef struct octet_string {\n" + " size_t length;\n" + " void *data;\n" + "} octet_string;\n\n"); + fprintf (headerfile, +#if 0 + "typedef struct general_string {\n" + " size_t length;\n" + " char *data;\n" + "} general_string;\n\n" +#else + "typedef char *general_string;\n\n" +#endif + ); + fprintf (headerfile, "#endif\n\n"); + logfile = fopen(STEM "_files", "w"); + if (logfile == NULL) + err (1, "open " STEM "_files"); +} + +void +close_generate () +{ + fprintf (headerfile, "#endif /* __%s_h__ */\n", headerbase); + + fclose (headerfile); + fprintf (logfile, "\n"); + fclose (logfile); +} + +void +generate_constant (const Symbol *s) +{ + fprintf (headerfile, "enum { %s = %d };\n\n", + s->gen_name, s->constant); +} + +static void +space(int level) +{ + while(level-- > 0) + fprintf(headerfile, " "); +} + +static void +define_asn1 (int level, Type *t) +{ + switch (t->type) { + case TType: + space(level); + fprintf (headerfile, "%s", t->symbol->name); + break; + case TInteger: + space(level); + fprintf (headerfile, "INTEGER"); + break; + case TOctetString: + space(level); + fprintf (headerfile, "OCTET STRING"); + break; + case TBitString: { + Member *m; + Type i; + int tag = -1; + + i.type = TInteger; + space(level); + fprintf (headerfile, "BIT STRING {\n"); + for (m = t->members; m && m->val != tag; m = m->next) { + if (tag == -1) + tag = m->val; + space(level + 1); + fprintf (headerfile, "%s(%d)%s\n", m->name, m->val, + m->next->val == tag?"":","); + + } + space(level); + fprintf (headerfile, "}"); + break; + } + case TSequence: { + Member *m; + int tag; + int max_width = 0; + + space(level); + fprintf (headerfile, "SEQUENCE {\n"); + for (m = t->members, tag = -1; m && m->val != tag; m = m->next) { + if (tag == -1) + tag = m->val; + if(strlen(m->name) + (m->val > 9) > max_width) + max_width = strlen(m->name) + (m->val > 9); + } + max_width += 3 + 2; + if(max_width < 16) max_width = 16; + for (m = t->members, tag = -1 ; m && m->val != tag; m = m->next) { + int width; + if (tag == -1) + tag = m->val; + space(level + 1); + fprintf(headerfile, "%s[%d]", m->name, m->val); + width = max_width - strlen(m->name) - 3 - (m->val > 9) - 2; + fprintf(headerfile, "%*s", width, ""); + define_asn1(level + 1, m->type); + if(m->optional) + fprintf(headerfile, " OPTIONAL"); + if(m->next->val != tag) + fprintf (headerfile, ","); + fprintf (headerfile, "\n"); + } + space(level); + fprintf (headerfile, "}"); + break; + } + case TSequenceOf: { + space(level); + fprintf (headerfile, "SEQUENCE OF "); + define_asn1 (0, t->subtype); + break; + } + case TGeneralizedTime: + space(level); + fprintf (headerfile, "GeneralizedTime"); + break; + case TGeneralString: + space(level); + fprintf (headerfile, "GeneralString"); + break; + case TApplication: + fprintf (headerfile, "[APPLICATION %d] ", t->application); + define_asn1 (level, t->subtype); + break; + default: + abort (); + } +} + +static void +define_type (int level, char *name, Type *t, int typedefp) +{ + switch (t->type) { + case TType: + space(level); + fprintf (headerfile, "%s %s;\n", t->symbol->gen_name, name); + break; + case TInteger: + space(level); + fprintf (headerfile, "int %s;\n", name); + break; + case TUInteger: + space(level); + fprintf (headerfile, "unsigned int %s;\n", name); + break; + case TOctetString: + space(level); + fprintf (headerfile, "octet_string %s;\n", name); + break; + case TBitString: { + Member *m; + Type i; + int tag = -1; + + i.type = TUInteger; + space(level); + fprintf (headerfile, "struct %s {\n", typedefp ? name : ""); + for (m = t->members; m && m->val != tag; m = m->next) { + char *n; + + asprintf (&n, "%s:1", m->gen_name); + define_type (level + 1, n, &i, FALSE); + free (n); + if (tag == -1) + tag = m->val; + } + space(level); + fprintf (headerfile, "} %s;\n\n", name); + break; + } + case TSequence: { + Member *m; + int tag = -1; + + space(level); + fprintf (headerfile, "struct %s {\n", typedefp ? name : ""); + for (m = t->members; m && m->val != tag; m = m->next) { + if (m->optional) { + char *n; + + asprintf (&n, "*%s", m->gen_name); + define_type (level + 1, n, m->type, FALSE); + free (n); + } else + define_type (level + 1, m->gen_name, m->type, FALSE); + if (tag == -1) + tag = m->val; + } + space(level); + fprintf (headerfile, "} %s;\n", name); + break; + } + case TSequenceOf: { + Type i; + + i.type = TUInteger; + i.application = 0; + + space(level); + fprintf (headerfile, "struct %s {\n", typedefp ? name : ""); + define_type (level + 1, "len", &i, FALSE); + define_type (level + 1, "*val", t->subtype, FALSE); + space(level); + fprintf (headerfile, "} %s;\n", name); + break; + } + case TGeneralizedTime: + space(level); + fprintf (headerfile, "time_t %s;\n", name); + break; + case TGeneralString: + space(level); + fprintf (headerfile, "general_string %s;\n", name); + break; + case TApplication: + define_type (level, name, t->subtype, FALSE); + break; + default: + abort (); + } +} + +static void +generate_type_header (const Symbol *s) +{ + fprintf (headerfile, "/*\n"); + fprintf (headerfile, "%s ::= ", s->name); + define_asn1 (0, s->type); + fprintf (headerfile, "\n*/\n\n"); + + fprintf (headerfile, "typedef "); + define_type (0, s->gen_name, s->type, TRUE); + + fprintf (headerfile, "\n"); +} + + +void +generate_type (const Symbol *s) +{ + char *filename; + + asprintf (&filename, "%s_%s.x", STEM, s->gen_name); + codefile = fopen (filename, "w"); + if (codefile == NULL) + err (1, "fopen %s", filename); + fprintf(logfile, "%s ", filename); + free(filename); + fprintf (codefile, + "/* Generated from %s */\n" + "/* Do not edit */\n\n" + "#include \"libasn1.h\"\n\n" +#if 0 + "#include <stdio.h>\n" + "#include <stdlib.h>\n" + "#include <time.h>\n" + "#include <" STEM ".h>\n\n" + "#include <asn1_err.h>\n" + "#include <der.h>\n" +#endif + ,orig_filename); + generate_type_header (s); + generate_type_encode (s); + generate_type_decode (s); + generate_type_free (s); + generate_type_length (s); + generate_type_copy (s); + generate_glue (s); + fprintf(headerfile, "\n\n"); + fclose(codefile); +} diff --git a/crypto/heimdal/lib/asn1/gen.h b/crypto/heimdal/lib/asn1/gen.h new file mode 100644 index 0000000..369b6e3 --- /dev/null +++ b/crypto/heimdal/lib/asn1/gen.h @@ -0,0 +1,38 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: gen.h,v 1.4 1999/12/02 17:05:02 joda Exp $ */ + +#include <stdio.h> +#include "symbol.h" + diff --git a/crypto/heimdal/lib/asn1/gen_copy.c b/crypto/heimdal/lib/asn1/gen_copy.c new file mode 100644 index 0000000..f9aa489 --- /dev/null +++ b/crypto/heimdal/lib/asn1/gen_copy.c @@ -0,0 +1,146 @@ +/* + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gen_locl.h" + +RCSID("$Id: gen_copy.c,v 1.10 1999/12/02 17:05:02 joda Exp $"); + +static void +copy_primitive (const char *typename, const char *from, const char *to) +{ + fprintf (codefile, "if(copy_%s(%s, %s)) return ENOMEM;\n", + typename, from, to); +} + +static void +copy_type (const char *from, const char *to, const Type *t) +{ + switch (t->type) { + case TType: +#if 0 + copy_type (from, to, t->symbol->type); +#endif + fprintf (codefile, "if(copy_%s(%s, %s)) return ENOMEM;\n", + t->symbol->gen_name, from, to); + break; + case TInteger: + fprintf(codefile, "*(%s) = *(%s);\n", to, from); + break; + case TOctetString: + copy_primitive ("octet_string", from, to); + break; + case TBitString: { + fprintf(codefile, "*(%s) = *(%s);\n", to, from); + break; + } + case TSequence: { + Member *m; + int tag = -1; + + if (t->members == NULL) + break; + + for (m = t->members; m && tag != m->val; m = m->next) { + char *f; + char *t; + + asprintf (&f, "%s(%s)->%s", + m->optional ? "" : "&", from, m->gen_name); + asprintf (&t, "%s(%s)->%s", + m->optional ? "" : "&", to, m->gen_name); + if(m->optional){ + fprintf(codefile, "if(%s) {\n", f); + fprintf(codefile, "%s = malloc(sizeof(*%s));\n", t, t); + fprintf(codefile, "if(%s == NULL) return ENOMEM;\n", t); + } + copy_type (f, t, m->type); + if(m->optional){ + fprintf(codefile, "}else\n"); + fprintf(codefile, "%s = NULL;\n", t); + } + if (tag == -1) + tag = m->val; + free (f); + free (t); + } + break; + } + case TSequenceOf: { + char *f; + char *T; + + fprintf (codefile, "if(((%s)->val = " + "malloc((%s)->len * sizeof(*(%s)->val))) == NULL && (%s)->len != 0)\n", + to, from, to, from); + fprintf (codefile, "return ENOMEM;\n"); + fprintf(codefile, + "for((%s)->len = 0; (%s)->len < (%s)->len; (%s)->len++){\n", + to, to, from, to); + asprintf(&f, "&(%s)->val[(%s)->len]", from, to); + asprintf(&T, "&(%s)->val[(%s)->len]", to, to); + copy_type(f, T, t->subtype); + fprintf(codefile, "}\n"); + free(f); + free(T); + break; + } + case TGeneralizedTime: + fprintf(codefile, "*(%s) = *(%s);\n", to, from); + break; + case TGeneralString: + copy_primitive ("general_string", from, to); + break; + case TApplication: + copy_type (from, to, t->subtype); + break; + default : + abort (); + } +} + +void +generate_type_copy (const Symbol *s) +{ + fprintf (headerfile, + "int copy_%s (const %s *, %s *);\n", + s->gen_name, s->gen_name, s->gen_name); + + fprintf (codefile, "int\n" + "copy_%s(const %s *from, %s *to)\n" + "{\n", + s->gen_name, s->gen_name, s->gen_name); + + copy_type ("from", "to", s->type); + fprintf (codefile, "return 0;\n}\n\n"); +} + diff --git a/crypto/heimdal/lib/asn1/gen_decode.c b/crypto/heimdal/lib/asn1/gen_decode.c new file mode 100644 index 0000000..078ac44 --- /dev/null +++ b/crypto/heimdal/lib/asn1/gen_decode.c @@ -0,0 +1,375 @@ +/* + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gen_locl.h" + +RCSID("$Id: gen_decode.c,v 1.11 1999/12/02 17:05:02 joda Exp $"); + +static void +decode_primitive (const char *typename, const char *name) +{ + fprintf (codefile, + "e = decode_%s(p, len, %s, &l);\n" + "FORW;\n", + typename, + name); +} + +static void +decode_type (const char *name, const Type *t) +{ + switch (t->type) { + case TType: +#if 0 + decode_type (name, t->symbol->type); +#endif + fprintf (codefile, + "e = decode_%s(p, len, %s, &l);\n" + "FORW;\n", + t->symbol->gen_name, name); + break; + case TInteger: + decode_primitive ("integer", name); + break; + case TOctetString: + decode_primitive ("octet_string", name); + break; + case TBitString: { + Member *m; + int tag = -1; + int pos; + + fprintf (codefile, + "e = der_match_tag_and_length (p, len, UNIV, PRIM, UT_BitString," + "&reallen, &l);\n" + "FORW;\n" + "if(len < reallen)\n" + "return ASN1_OVERRUN;\n" + "p++;\n" + "len--;\n" + "reallen--;\n" + "ret++;\n"); + pos = 0; + for (m = t->members; m && tag != m->val; m = m->next) { + while (m->val / 8 > pos / 8) { + fprintf (codefile, + "p++; len--; reallen--; ret++;\n"); + pos += 8; + } + fprintf (codefile, + "%s->%s = (*p >> %d) & 1;\n", + name, m->gen_name, 7 - m->val % 8); + if (tag == -1) + tag = m->val; + } + fprintf (codefile, + "p += reallen; len -= reallen; ret += reallen;\n"); + break; + } + case TSequence: { + Member *m; + int tag = -1; + + if (t->members == NULL) + break; + + fprintf (codefile, + "e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence," + "&reallen, &l);\n" + "FORW;\n" + "{\n" + "int dce_fix;\n" + "if((dce_fix = fix_dce(reallen, &len)) < 0)\n" + "return ASN1_BAD_FORMAT;\n"); + + for (m = t->members; m && tag != m->val; m = m->next) { + char *s; + + asprintf (&s, "%s(%s)->%s", m->optional ? "" : "&", name, m->gen_name); + if (0 && m->type->type == TType){ + if(m->optional) + fprintf (codefile, + "%s = malloc(sizeof(*%s));\n", s, s); + fprintf (codefile, + "e = decode_seq_%s(p, len, %d, %d, %s, &l);\n", + m->type->symbol->gen_name, + m->val, + m->optional, + s); + if(m->optional) + fprintf (codefile, + "if (e == ASN1_MISSING_FIELD) {\n" + "free(%s);\n" + "%s = NULL;\n" + "e = l = 0;\n" + "}\n", + s, s); + + fprintf (codefile, "FORW;\n"); + + }else{ + fprintf (codefile, "{\n" + "size_t newlen, oldlen;\n\n" + "e = der_match_tag (p, len, CONTEXT, CONS, %d, &l);\n", + m->val); + fprintf (codefile, + "if (e)\n"); + if(m->optional) + /* XXX should look at e */ + fprintf (codefile, + "%s = NULL;\n", s); + else + fprintf (codefile, + "return e;\n"); + fprintf (codefile, + "else {\n"); + fprintf (codefile, + "p += l;\n" + "len -= l;\n" + "ret += l;\n" + "e = der_get_length (p, len, &newlen, &l);\n" + "FORW;\n" + "{\n" + + "int dce_fix;\n" + "oldlen = len;\n" + "if((dce_fix = fix_dce(newlen, &len)) < 0)" + "return ASN1_BAD_FORMAT;\n"); + if (m->optional) + fprintf (codefile, + "%s = malloc(sizeof(*%s));\n", + s, s); + decode_type (s, m->type); + fprintf (codefile, + "if(dce_fix){\n" + "e = der_match_tag_and_length (p, len, " + "(Der_class)0, (Der_type)0, 0, &reallen, &l);\n" + "FORW;\n" + "}else \n" + "len = oldlen - newlen;\n" + "}\n" + "}\n"); + fprintf (codefile, + "}\n"); + } + if (tag == -1) + tag = m->val; + free (s); + } + fprintf(codefile, + "if(dce_fix){\n" + "e = der_match_tag_and_length (p, len, " + "(Der_class)0, (Der_type)0, 0, &reallen, &l);\n" + "FORW;\n" + "}\n" + "}\n"); + + break; + } + case TSequenceOf: { + char *n; + + fprintf (codefile, + "e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence," + "&reallen, &l);\n" + "FORW;\n" + "if(len < reallen)\n" + "return ASN1_OVERRUN;\n" + "len = reallen;\n"); + + fprintf (codefile, + "{\n" + "size_t origlen = len;\n" + "int oldret = ret;\n" + "ret = 0;\n" + "(%s)->len = 0;\n" + "(%s)->val = NULL;\n" + "while(ret < origlen) {\n" + "(%s)->len++;\n" + "(%s)->val = realloc((%s)->val, sizeof(*((%s)->val)) * (%s)->len);\n", + name, name, name, name, name, name, name); + asprintf (&n, "&(%s)->val[(%s)->len-1]", name, name); + decode_type (n, t->subtype); + fprintf (codefile, + "len = origlen - ret;\n" + "}\n" + "ret += oldret;\n" + "}\n"); + free (n); + break; + } + case TGeneralizedTime: + decode_primitive ("generalized_time", name); + break; + case TGeneralString: + decode_primitive ("general_string", name); + break; + case TApplication: + fprintf (codefile, + "e = der_match_tag_and_length (p, len, APPL, CONS, %d, " + "&reallen, &l);\n" + "FORW;\n" + "{\n" + "int dce_fix;\n" + "if((dce_fix = fix_dce(reallen, &len)) < 0)\n" + "return ASN1_BAD_FORMAT;\n", + t->application); + decode_type (name, t->subtype); + fprintf(codefile, + "if(dce_fix){\n" + "e = der_match_tag_and_length (p, len, " + "(Der_class)0, (Der_type)0, 0, &reallen, &l);\n" + "FORW;\n" + "}\n" + "}\n"); + + break; + default : + abort (); + } +} + +void +generate_type_decode (const Symbol *s) +{ + fprintf (headerfile, + "int " + "decode_%s(const unsigned char *, size_t, %s *, size_t *);\n", + s->gen_name, s->gen_name); + + fprintf (codefile, "#define FORW " + "if(e) return e; " + "p += l; " + "len -= l; " + "ret += l\n\n"); + + + fprintf (codefile, "int\n" + "decode_%s(const unsigned char *p," + " size_t len, %s *data, size_t *size)\n" + "{\n", + s->gen_name, s->gen_name); + + switch (s->type->type) { + case TInteger: + fprintf (codefile, "return decode_integer (p, len, data, size);\n"); + break; + case TOctetString: + fprintf (codefile, "return decode_octet_string (p, len, data, size);\n"); + break; + case TGeneralizedTime: + fprintf (codefile, "return decode_generalized_time (p, len, data, size);\n"); + break; + case TGeneralString: + fprintf (codefile, "return decode_general_string (p, len, data, size);\n"); + break; + case TBitString: + case TSequence: + case TSequenceOf: + case TApplication: + case TType: + fprintf (codefile, + "size_t ret = 0, reallen;\n" + "size_t l;\n" + "int i, e;\n\n"); + fprintf(codefile, "i = 0;\n"); /* hack to avoid `unused variable' */ + + decode_type ("data", s->type); + fprintf (codefile, + "if(size) *size = ret;\n" + "return 0;\n"); + break; + default: + abort (); + } + fprintf (codefile, "}\n\n"); +} + +void +generate_seq_type_decode (const Symbol *s) +{ + fprintf (headerfile, + "int decode_seq_%s(const unsigned char *, size_t, int, int, " + "%s *, size_t *);\n", + s->gen_name, s->gen_name); + + fprintf (codefile, "int\n" + "decode_seq_%s(const unsigned char *p, size_t len, int tag, " + "int optional, %s *data, size_t *size)\n" + "{\n", + s->gen_name, s->gen_name); + + fprintf (codefile, + "size_t newlen, oldlen;\n" + "size_t l, ret = 0;\n" + "int e;\n" + "int dce_fix;\n"); + + fprintf (codefile, + "e = der_match_tag(p, len, CONTEXT, CONS, tag, &l);\n" + "if (e)\n" + "return e;\n"); + fprintf (codefile, + "p += l;\n" + "len -= l;\n" + "ret += l;\n" + "e = der_get_length(p, len, &newlen, &l);\n" + "if (e)\n" + "return e;\n" + "p += l;\n" + "len -= l;\n" + "ret += l;\n" + "oldlen = len;\n" + "if ((dce_fix = fix_dce(newlen, &len)) < 0)\n" + "return ASN1_BAD_FORMAT;\n" + "e = decode_%s(p, len, data, &l);\n" + "if (e)\n" + "return e;\n" + "p += l;\n" + "len -= l;\n" + "ret += l;\n" + "if (dce_fix) {\n" + "size_t reallen;\n\n" + "e = der_match_tag_and_length(p, len, " + "(Der_class)0, (Der_type)0, 0, &reallen, &l);\n" + "if (e)\n" + "return e;\n" + "ret += l;\n" + "}\n", + s->gen_name); + fprintf (codefile, + "if(size) *size = ret;\n" + "return 0;\n"); + + fprintf (codefile, "}\n\n"); +} diff --git a/crypto/heimdal/lib/asn1/gen_encode.c b/crypto/heimdal/lib/asn1/gen_encode.c new file mode 100644 index 0000000..9e9b293 --- /dev/null +++ b/crypto/heimdal/lib/asn1/gen_encode.c @@ -0,0 +1,250 @@ +/* + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gen_locl.h" + +RCSID("$Id: gen_encode.c,v 1.9 1999/12/02 17:05:02 joda Exp $"); + +static void +encode_primitive (const char *typename, const char *name) +{ + fprintf (codefile, + "e = encode_%s(p, len, %s, &l);\n" + "BACK;\n", + typename, + name); +} + +static void +encode_type (const char *name, const Type *t) +{ + switch (t->type) { + case TType: +#if 0 + encode_type (name, t->symbol->type); +#endif + fprintf (codefile, + "e = encode_%s(p, len, %s, &l);\n" + "BACK;\n", + t->symbol->gen_name, name); + break; + case TInteger: + encode_primitive ("integer", name); + break; + case TOctetString: + encode_primitive ("octet_string", name); + break; + case TBitString: { + Member *m; + int pos; + int rest; + int tag = -1; + + if (t->members == NULL) + break; + + fprintf (codefile, "{\n" + "unsigned char c = 0;\n"); + pos = t->members->prev->val; + /* fix for buggy MIT (and OSF?) code */ + if (pos > 31) + abort (); + /* + * It seems that if we do not always set pos to 31 here, the MIT + * code will do the wrong thing. + * + * I hate ASN.1 (and DER), but I hate it even more when everybody + * has to screw it up differently. + */ + pos = 31; + rest = 7 - (pos % 8); + + for (m = t->members->prev; m && tag != m->val; m = m->prev) { + while (m->val / 8 < pos / 8) { + fprintf (codefile, + "*p-- = c; len--; ret++;\n" + "c = 0;\n"); + pos -= 8; + } + fprintf (codefile, + "if(%s->%s) c |= 1<<%d;\n", name, m->gen_name, + 7 - m->val % 8); + + if (tag == -1) + tag = m->val; + } + + fprintf (codefile, + "*p-- = c;\n" + "*p-- = %d;\n" + "len -= 2;\n" + "ret += 2;\n" + "}\n\n" + "e = der_put_length_and_tag (p, len, ret, UNIV, PRIM," + "UT_BitString, &l);\n" + "BACK;\n", + rest); + break; + } + case TSequence: { + Member *m; + int tag = -1; + + if (t->members == NULL) + break; + + for (m = t->members->prev; m && tag != m->val; m = m->prev) { + char *s; + + asprintf (&s, "%s(%s)->%s", m->optional ? "" : "&", name, m->gen_name); + if (m->optional) + fprintf (codefile, + "if(%s)\n", + s); +#if 1 + fprintf (codefile, "{\n" + "int oldret = ret;\n" + "ret = 0;\n"); +#endif + encode_type (s, m->type); + fprintf (codefile, + "e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, " + "%d, &l);\n" + "BACK;\n", + m->val); +#if 1 + fprintf (codefile, + "ret += oldret;\n" + "}\n"); +#endif + if (tag == -1) + tag = m->val; + free (s); + } + fprintf (codefile, + "e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);\n" + "BACK;\n"); + break; + } + case TSequenceOf: { + char *n; + + fprintf (codefile, + "for(i = (%s)->len - 1; i >= 0; --i) {\n" +#if 1 + "int oldret = ret;\n" + "ret = 0;\n", +#else + , +#endif + name); + asprintf (&n, "&(%s)->val[i]", name); + encode_type (n, t->subtype); + fprintf (codefile, +#if 1 + "ret += oldret;\n" +#endif + "}\n" + "e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);\n" + "BACK;\n"); + free (n); + break; + } + case TGeneralizedTime: + encode_primitive ("generalized_time", name); + break; + case TGeneralString: + encode_primitive ("general_string", name); + break; + case TApplication: + encode_type (name, t->subtype); + fprintf (codefile, + "e = der_put_length_and_tag (p, len, ret, APPL, CONS, %d, &l);\n" + "BACK;\n", + t->application); + break; + default: + abort (); + } +} + +void +generate_type_encode (const Symbol *s) +{ + fprintf (headerfile, + "int " + "encode_%s(unsigned char *, size_t, const %s *, size_t *);\n", + s->gen_name, s->gen_name); + + fprintf (codefile, "#define BACK if (e) return e; p -= l; len -= l; ret += l\n\n"); + + + fprintf (codefile, "int\n" + "encode_%s(unsigned char *p, size_t len," + " const %s *data, size_t *size)\n" + "{\n", + s->gen_name, s->gen_name); + + switch (s->type->type) { + case TInteger: + fprintf (codefile, "return encode_integer (p, len, data, size);\n"); + break; + case TOctetString: + fprintf (codefile, "return encode_octet_string (p, len, data, size);\n"); + break; + case TGeneralizedTime: + fprintf (codefile, "return encode_generalized_time (p, len, data, size);\n"); + break; + case TGeneralString: + fprintf (codefile, "return encode_general_string (p, len, data, size);\n"); + break; + case TBitString: + case TSequence: + case TSequenceOf: + case TApplication: + case TType: + fprintf (codefile, + "size_t ret = 0;\n" + "size_t l;\n" + "int i, e;\n\n"); + fprintf(codefile, "i = 0;\n"); /* hack to avoid `unused variable' */ + + encode_type ("data", s->type); + fprintf (codefile, "*size = ret;\n" + "return 0;\n"); + break; + default: + abort (); + } + fprintf (codefile, "}\n\n"); +} diff --git a/crypto/heimdal/lib/asn1/gen_free.c b/crypto/heimdal/lib/asn1/gen_free.c new file mode 100644 index 0000000..0f6078b --- /dev/null +++ b/crypto/heimdal/lib/asn1/gen_free.c @@ -0,0 +1,130 @@ +/* + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gen_locl.h" + +RCSID("$Id: gen_free.c,v 1.7 1999/12/02 17:05:02 joda Exp $"); + +static void +free_primitive (const char *typename, const char *name) +{ + fprintf (codefile, "free_%s(%s);\n", typename, name); +} + +static void +free_type (const char *name, const Type *t) +{ + switch (t->type) { + case TType: +#if 0 + free_type (name, t->symbol->type); +#endif + fprintf (codefile, "free_%s(%s);\n", t->symbol->gen_name, name); + break; + case TInteger: + break; + case TOctetString: + free_primitive ("octet_string", name); + break; + case TBitString: { + break; + } + case TSequence: { + Member *m; + int tag = -1; + + if (t->members == NULL) + break; + + for (m = t->members; m && tag != m->val; m = m->next) { + char *s; + + asprintf (&s, "%s(%s)->%s", + m->optional ? "" : "&", name, m->gen_name); + if(m->optional) + fprintf(codefile, "if(%s) {\n", s); + free_type (s, m->type); + if(m->optional) + fprintf(codefile, + "free(%s);\n" + "}\n",s); + if (tag == -1) + tag = m->val; + free (s); + } + break; + } + case TSequenceOf: { + char *n; + + fprintf (codefile, "while((%s)->len){\n", name); + asprintf (&n, "&(%s)->val[(%s)->len-1]", name, name); + free_type(n, t->subtype); + fprintf(codefile, + "(%s)->len--;\n" + "}\n", + name); + fprintf(codefile, + "free((%s)->val);\n", name); + free(n); + break; + } + case TGeneralizedTime: + break; + case TGeneralString: + free_primitive ("general_string", name); + break; + case TApplication: + free_type (name, t->subtype); + break; + default : + abort (); + } +} + +void +generate_type_free (const Symbol *s) +{ + fprintf (headerfile, + "void free_%s (%s *);\n", + s->gen_name, s->gen_name); + + fprintf (codefile, "void\n" + "free_%s(%s *data)\n" + "{\n", + s->gen_name, s->gen_name); + + free_type ("data", s->type); + fprintf (codefile, "}\n\n"); +} + diff --git a/crypto/heimdal/lib/asn1/gen_glue.c b/crypto/heimdal/lib/asn1/gen_glue.c new file mode 100644 index 0000000..2f6280a --- /dev/null +++ b/crypto/heimdal/lib/asn1/gen_glue.c @@ -0,0 +1,139 @@ +/* + * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gen_locl.h" + +RCSID("$Id: gen_glue.c,v 1.7 1999/12/02 17:05:02 joda Exp $"); + +static void +generate_2int (const Symbol *s) +{ + Type *t = s->type; + Member *m; + int tag = -1; + + fprintf (headerfile, + "unsigned %s2int(%s);\n", + s->gen_name, s->gen_name); + + fprintf (codefile, + "unsigned %s2int(%s f)\n" + "{\n" + "unsigned r = 0;\n", + s->gen_name, s->gen_name); + + for (m = t->members; m && m->val != tag; m = m->next) { + fprintf (codefile, "if(f.%s) r |= (1U << %d);\n", + m->gen_name, m->val); + + if (tag == -1) + tag = m->val; + } + fprintf (codefile, "return r;\n" + "}\n\n"); +} + +static void +generate_int2 (const Symbol *s) +{ + Type *t = s->type; + Member *m; + int tag = -1; + + fprintf (headerfile, + "%s int2%s(unsigned);\n", + s->gen_name, s->gen_name); + + fprintf (codefile, + "%s int2%s(unsigned n)\n" + "{\n" + "\t%s flags;\n\n", + s->gen_name, s->gen_name, s->gen_name); + + for (m = t->members; m && m->val != tag; m = m->next) { + fprintf (codefile, "\tflags.%s = (n >> %d) & 1;\n", + m->gen_name, m->val); + + if (tag == -1) + tag = m->val; + } + fprintf (codefile, "\treturn flags;\n" + "}\n\n"); +} + +/* + * This depends on the bit string being declared in increasing order + */ + +static void +generate_units (const Symbol *s) +{ + Type *t = s->type; + Member *m; + int tag = -1; + + fprintf (headerfile, + "extern struct units %s_units[];", + s->gen_name); + + fprintf (codefile, + "struct units %s_units[] = {\n", + s->gen_name); + + if(t->members) + for (m = t->members->prev; m && m->val != tag; m = m->prev) { + fprintf (codefile, + "\t{\"%s\",\t1U << %d},\n", m->gen_name, m->val); + + if (tag == -1) + tag = m->val; + } + + fprintf (codefile, + "\t{NULL,\t0}\n" + "};\n\n"); +} + +void +generate_glue (const Symbol *s) +{ + switch(s->type->type) { + case TBitString : + generate_2int (s); + generate_int2 (s); + generate_units (s); + break; + default : + break; + } +} diff --git a/crypto/heimdal/lib/asn1/gen_length.c b/crypto/heimdal/lib/asn1/gen_length.c new file mode 100644 index 0000000..1c3566d --- /dev/null +++ b/crypto/heimdal/lib/asn1/gen_length.c @@ -0,0 +1,153 @@ +/* + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gen_locl.h" + +RCSID("$Id: gen_length.c,v 1.7 1999/12/02 17:05:02 joda Exp $"); + +static void +length_primitive (const char *typename, + const char *name, + const char *variable) +{ + fprintf (codefile, "%s += length_%s(%s);\n", variable, typename, name); +} + +static void +length_type (const char *name, const Type *t, const char *variable) +{ + switch (t->type) { + case TType: +#if 0 + length_type (name, t->symbol->type); +#endif + fprintf (codefile, "%s += length_%s(%s);\n", + variable, t->symbol->gen_name, name); + break; + case TInteger: + length_primitive ("integer", name, variable); + break; + case TOctetString: + length_primitive ("octet_string", name, variable); + break; + case TBitString: { + /* + * XXX - Hope this is correct + * look at TBitString case in `encode_type' + */ + fprintf (codefile, "%s += 7;\n", variable); + break; + } + case TSequence: { + Member *m; + int tag = -1; + + if (t->members == NULL) + break; + + for (m = t->members; m && tag != m->val; m = m->next) { + char *s; + + asprintf (&s, "%s(%s)->%s", + m->optional ? "" : "&", name, m->gen_name); + if (m->optional) + fprintf (codefile, "if(%s)", s); + fprintf (codefile, "{\n" + "int oldret = %s;\n" + "%s = 0;\n", variable, variable); + length_type (s, m->type, "ret"); + fprintf (codefile, "%s += 1 + length_len(%s) + oldret;\n", + variable, variable); + fprintf (codefile, "}\n"); + if (tag == -1) + tag = m->val; + free (s); + } + fprintf (codefile, + "%s += 1 + length_len(%s);\n", variable, variable); + break; + } + case TSequenceOf: { + char *n; + + fprintf (codefile, + "{\n" + "int oldret = %s;\n" + "int i;\n" + "%s = 0;\n", + variable, variable); + + fprintf (codefile, "for(i = (%s)->len - 1; i >= 0; --i){\n", name); + asprintf (&n, "&(%s)->val[i]", name); + length_type(n, t->subtype, variable); + fprintf (codefile, "}\n"); + + fprintf (codefile, + "%s += 1 + length_len(%s) + oldret;\n" + "}\n", variable, variable); + free(n); + break; + } + case TGeneralizedTime: + length_primitive ("generalized_time", name, variable); + break; + case TGeneralString: + length_primitive ("general_string", name, variable); + break; + case TApplication: + length_type (name, t->subtype, variable); + fprintf (codefile, "ret += 1 + length_len (ret);\n"); + break; + default : + abort (); + } +} + +void +generate_type_length (const Symbol *s) +{ + fprintf (headerfile, + "size_t length_%s(const %s *);\n", + s->gen_name, s->gen_name); + + fprintf (codefile, + "size_t\n" + "length_%s(const %s *data)\n" + "{\n" + "size_t ret = 0;\n", + s->gen_name, s->gen_name); + + length_type ("data", s->type, "ret"); + fprintf (codefile, "return ret;\n}\n\n"); +} + diff --git a/crypto/heimdal/lib/asn1/gen_locl.h b/crypto/heimdal/lib/asn1/gen_locl.h new file mode 100644 index 0000000..7ee37ae --- /dev/null +++ b/crypto/heimdal/lib/asn1/gen_locl.h @@ -0,0 +1,72 @@ +/* + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: gen_locl.h,v 1.6 1999/12/02 17:05:02 joda Exp $ */ + +#ifndef __GEN_LOCL_H__ +#define __GEN_LOCL_H__ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include <assert.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <limits.h> +#include <ctype.h> +#include <time.h> +#include <errno.h> +#include <err.h> +#include <roken.h> +#include "hash.h" +#include "symbol.h" + +void generate_type (const Symbol *); +void generate_constant (const Symbol *); +void generate_type_encode (const Symbol *s); +void generate_type_decode (const Symbol *s); +void generate_seq_type_decode (const Symbol *s); +void generate_type_free (const Symbol *s); +void generate_type_length (const Symbol *s); +void generate_type_copy (const Symbol *s); +void generate_type_maybe (const Symbol *s); +void generate_glue (const Symbol *s); + +void init_generate (char *filename, char *basename); +void close_generate(void); +int yyparse(void); + +extern FILE *headerfile, *codefile, *logfile; + +#endif /* __GEN_LOCL_H__ */ diff --git a/crypto/heimdal/lib/asn1/hash.c b/crypto/heimdal/lib/asn1/hash.c new file mode 100644 index 0000000..a8d3eb3 --- /dev/null +++ b/crypto/heimdal/lib/asn1/hash.c @@ -0,0 +1,207 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* + * Hash table functions + */ + +#include "gen_locl.h" + +RCSID("$Id: hash.c,v 1.8 1999/12/02 17:05:02 joda Exp $"); + +static Hashentry *_search(Hashtab * htab, /* The hash table */ + void *ptr); /* And key */ + +Hashtab * +hashtabnew(int sz, + int (*cmp) (void *, void *), + unsigned (*hash) (void *)) +{ + Hashtab *htab; + int i; + + assert(sz > 0); + + htab = (Hashtab *) malloc(sizeof(Hashtab) + (sz - 1) * sizeof(Hashentry *)); + for (i = 0; i < sz; ++i) + htab->tab[i] = NULL; + + if (htab == NULL) { + return NULL; + } else { + htab->cmp = cmp; + htab->hash = hash; + htab->sz = sz; + return htab; + } +} + +/* Intern search function */ + +static Hashentry * +_search(Hashtab * htab, void *ptr) +{ + Hashentry *hptr; + + assert(htab && ptr); + + for (hptr = htab->tab[(*htab->hash) (ptr) % htab->sz]; + hptr; + hptr = hptr->next) + if ((*htab->cmp) (ptr, hptr->ptr) == 0) + break; + return hptr; +} + +/* Search for element in hash table */ + +void * +hashtabsearch(Hashtab * htab, void *ptr) +{ + Hashentry *tmp; + + tmp = _search(htab, ptr); + return tmp ? tmp->ptr : tmp; +} + +/* add element to hash table */ +/* if already there, set new value */ +/* !NULL if succesful */ + +void * +hashtabadd(Hashtab * htab, void *ptr) +{ + Hashentry *h = _search(htab, ptr); + Hashentry **tabptr; + + assert(htab && ptr); + + if (h) + free((void *) h->ptr); + else { + h = (Hashentry *) malloc(sizeof(Hashentry)); + if (h == NULL) { + return NULL; + } + tabptr = &htab->tab[(*htab->hash) (ptr) % htab->sz]; + h->next = *tabptr; + *tabptr = h; + h->prev = tabptr; + if (h->next) + h->next->prev = &h->next; + } + h->ptr = ptr; + return h; +} + +/* delete element with key key. Iff freep, free Hashentry->ptr */ + +int +_hashtabdel(Hashtab * htab, void *ptr, int freep) +{ + Hashentry *h; + + assert(htab && ptr); + + h = _search(htab, ptr); + if (h) { + if (freep) + free(h->ptr); + if ((*(h->prev) = h->next)) + h->next->prev = h->prev; + free(h); + return 0; + } else + return -1; +} + +/* Do something for each element */ + +void +hashtabforeach(Hashtab * htab, int (*func) (void *ptr, void *arg), + void *arg) +{ + Hashentry **h, *g; + + assert(htab); + + for (h = htab->tab; h < &htab->tab[htab->sz]; ++h) + for (g = *h; g; g = g->next) + if ((*func) (g->ptr, arg)) + return; +} + +/* standard hash-functions for strings */ + +unsigned +hashadd(const char *s) +{ /* Standard hash function */ + unsigned i; + + assert(s); + + for (i = 0; *s; ++s) + i += *s; + return i; +} + +unsigned +hashcaseadd(const char *s) +{ /* Standard hash function */ + unsigned i; + + assert(s); + + for (i = 0; *s; ++s) + i += toupper(*s); + return i; +} + +#define TWELVE (sizeof(unsigned)) +#define SEVENTYFIVE (6*sizeof(unsigned)) +#define HIGH_BITS (~((unsigned)(~0) >> TWELVE)) + +unsigned +hashjpw(const char *ss) +{ /* another hash function */ + unsigned h = 0; + unsigned g; + const unsigned char *s = (const unsigned char *)ss; + + for (; *s; ++s) { + h = (h << TWELVE) + *s; + if ((g = h & HIGH_BITS)) + h = (h ^ (g >> SEVENTYFIVE)) & ~HIGH_BITS; + } + return h; +} diff --git a/crypto/heimdal/lib/asn1/hash.h b/crypto/heimdal/lib/asn1/hash.h new file mode 100644 index 0000000..b54e102 --- /dev/null +++ b/crypto/heimdal/lib/asn1/hash.h @@ -0,0 +1,87 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* + * hash.h. Header file for hash table functions + */ + +/* $Id: hash.h,v 1.3 1999/12/02 17:05:02 joda Exp $ */ + +struct hashentry { /* Entry in bucket */ + struct hashentry **prev; + struct hashentry *next; + void *ptr; +}; + +typedef struct hashentry Hashentry; + +struct hashtab { /* Hash table */ + int (*cmp)(void *, void *); /* Compare function */ + unsigned (*hash)(void *); /* hash function */ + int sz; /* Size */ + Hashentry *tab[1]; /* The table */ +}; + +typedef struct hashtab Hashtab; + +/* prototypes */ + +Hashtab *hashtabnew(int sz, + int (*cmp)(void *, void *), + unsigned (*hash)(void *)); /* Make new hash table */ + +void *hashtabsearch(Hashtab *htab, /* The hash table */ + void *ptr); /* The key */ + + +void *hashtabadd(Hashtab *htab, /* The hash table */ + void *ptr); /* The element */ + +int _hashtabdel(Hashtab *htab, /* The table */ + void *ptr, /* Key */ + int freep); /* Free data part? */ + +void hashtabforeach(Hashtab *htab, + int (*func)(void *ptr, void *arg), + void *arg); + +unsigned hashadd(const char *s); /* Standard hash function */ +unsigned hashcaseadd(const char *s); /* Standard hash function */ +unsigned hashjpw(const char *s); /* another hash function */ + +/* macros */ + + /* Don't free space */ +#define hashtabdel(htab,key) _hashtabdel(htab,key,FALSE) + +#define hashtabfree(htab,key) _hashtabdel(htab,key,TRUE) /* Do! */ diff --git a/crypto/heimdal/lib/asn1/k5.asn1 b/crypto/heimdal/lib/asn1/k5.asn1 new file mode 100644 index 0000000..a7f4199 --- /dev/null +++ b/crypto/heimdal/lib/asn1/k5.asn1 @@ -0,0 +1,385 @@ +KERBEROS5 DEFINITIONS ::= +BEGIN + +nt-unknown INTEGER ::= 0 -- Name type not known +nt-principal INTEGER ::= 1 -- Just the name of the principal as in +nt-srv-inst INTEGER ::= 2 -- Service and other unique instance (krbtgt) +nt-srv-hst INTEGER ::= 3 -- Service with host name as instance +nt-srv-xhst INTEGER ::= 4 -- Service with host as remaining components +nt-uid INTEGER ::= 5 -- Unique ID + +Realm ::= GeneralString +PrincipalName ::= SEQUENCE { + name-type[0] INTEGER, + name-string[1] SEQUENCE OF GeneralString +} + +-- this is not part of RFC1510 +Principal ::= SEQUENCE { + name[0] PrincipalName, + realm[1] Realm +} + +HostAddress ::= SEQUENCE { + addr-type[0] INTEGER, + address[1] OCTET STRING +} + +-- This is from RFC1510. +-- +-- HostAddresses ::= SEQUENCE OF SEQUENCE { +-- addr-type[0] INTEGER, +-- address[1] OCTET STRING +-- } + +-- This seems much better. +HostAddresses ::= SEQUENCE OF HostAddress + + +KerberosTime ::= GeneralizedTime -- Specifying UTC time zone (Z) + +AuthorizationData ::= SEQUENCE OF SEQUENCE { + ad-type[0] INTEGER, + ad-data[1] OCTET STRING +} + +APOptions ::= BIT STRING { + reserved(0), + use-session-key(1), + mutual-required(2) +} + +TicketFlags ::= BIT STRING { + reserved(0), + forwardable(1), + forwarded(2), + proxiable(3), + proxy(4), + may-postdate(5), + postdated(6), + invalid(7), + renewable(8), + initial(9), + pre-authent(10), + hw-authent(11), + transited-policy-checked(12), + ok-as-delegate(13), + anonymous(14) +} + +KDCOptions ::= BIT STRING { + reserved(0), + forwardable(1), + forwarded(2), + proxiable(3), + proxy(4), + allow-postdate(5), + postdated(6), + unused7(7), + renewable(8), + unused9(9), + unused10(10), + unused11(11), + request-anonymous(14), + disable-transited-check(26), + renewable-ok(27), + enc-tkt-in-skey(28), + renew(30), + validate(31) +} + + +LastReq ::= SEQUENCE OF SEQUENCE { + lr-type[0] INTEGER, + lr-value[1] KerberosTime +} + +EncryptedData ::= SEQUENCE { + etype[0] INTEGER, -- EncryptionType + kvno[1] INTEGER OPTIONAL, + cipher[2] OCTET STRING -- ciphertext +} + +EncryptionKey ::= SEQUENCE { + keytype[0] INTEGER, + keyvalue[1] OCTET STRING +} + +-- encoded Transited field +TransitedEncoding ::= SEQUENCE { + tr-type[0] INTEGER, -- must be registered + contents[1] OCTET STRING +} + +Ticket ::= [APPLICATION 1] SEQUENCE { + tkt-vno[0] INTEGER, + realm[1] Realm, + sname[2] PrincipalName, + enc-part[3] EncryptedData +} +-- Encrypted part of ticket +EncTicketPart ::= [APPLICATION 3] SEQUENCE { + flags[0] TicketFlags, + key[1] EncryptionKey, + crealm[2] Realm, + cname[3] PrincipalName, + transited[4] TransitedEncoding, + authtime[5] KerberosTime, + starttime[6] KerberosTime OPTIONAL, + endtime[7] KerberosTime, + renew-till[8] KerberosTime OPTIONAL, + caddr[9] HostAddresses OPTIONAL, + authorization-data[10] AuthorizationData OPTIONAL +} + +Checksum ::= SEQUENCE { + cksumtype[0] INTEGER, + checksum[1] OCTET STRING +} + +Authenticator ::= [APPLICATION 2] SEQUENCE { + authenticator-vno[0] INTEGER, + crealm[1] Realm, + cname[2] PrincipalName, + cksum[3] Checksum OPTIONAL, + cusec[4] INTEGER, + ctime[5] KerberosTime, + subkey[6] EncryptionKey OPTIONAL, + seq-number[7] INTEGER OPTIONAL, + authorization-data[8] AuthorizationData OPTIONAL + } + +PA-DATA ::= SEQUENCE { + -- might be encoded AP-REQ + padata-type[1] INTEGER, + padata-value[2] OCTET STRING +} + +ETYPE-INFO-ENTRY ::= SEQUENCE { + etype[0] INTEGER, + salt[1] OCTET STRING OPTIONAL, + salttype[2] INTEGER OPTIONAL +} + +ETYPE-INFO ::= SEQUENCE OF ETYPE-INFO-ENTRY + +METHOD-DATA ::= SEQUENCE OF PA-DATA + +KDC-REQ-BODY ::= SEQUENCE { + kdc-options[0] KDCOptions, + cname[1] PrincipalName OPTIONAL, -- Used only in AS-REQ + realm[2] Realm, -- Server's realm + -- Also client's in AS-REQ + sname[3] PrincipalName OPTIONAL, + from[4] KerberosTime OPTIONAL, + till[5] KerberosTime OPTIONAL, + rtime[6] KerberosTime OPTIONAL, + nonce[7] INTEGER, + etype[8] SEQUENCE OF INTEGER, -- EncryptionType, + -- in preference order + addresses[9] HostAddresses OPTIONAL, + enc-authorization-data[10] EncryptedData OPTIONAL, + -- Encrypted AuthorizationData encoding + additional-tickets[11] SEQUENCE OF Ticket OPTIONAL +} + +KDC-REQ ::= SEQUENCE { + pvno[1] INTEGER, + msg-type[2] INTEGER, + padata[3] METHOD-DATA OPTIONAL, + req-body[4] KDC-REQ-BODY +} + +AS-REQ ::= [APPLICATION 10] KDC-REQ +TGS-REQ ::= [APPLICATION 12] KDC-REQ + +-- padata-type ::= PA-ENC-TIMESTAMP +-- padata-value ::= EncryptedData - PA-ENC-TS-ENC + +PA-ENC-TS-ENC ::= SEQUENCE { + patimestamp[0] KerberosTime, -- client's time + pausec[1] INTEGER OPTIONAL +} + +KDC-REP ::= SEQUENCE { + pvno[0] INTEGER, + msg-type[1] INTEGER, + padata[2] METHOD-DATA OPTIONAL, + crealm[3] Realm, + cname[4] PrincipalName, + ticket[5] Ticket, + enc-part[6] EncryptedData +} + +AS-REP ::= [APPLICATION 11] KDC-REP +TGS-REP ::= [APPLICATION 13] KDC-REP + +EncKDCRepPart ::= SEQUENCE { + key[0] EncryptionKey, + last-req[1] LastReq, + nonce[2] INTEGER, + key-expiration[3] KerberosTime OPTIONAL, + flags[4] TicketFlags, + authtime[5] KerberosTime, + starttime[6] KerberosTime OPTIONAL, + endtime[7] KerberosTime, + renew-till[8] KerberosTime OPTIONAL, + srealm[9] Realm, + sname[10] PrincipalName, + caddr[11] HostAddresses OPTIONAL +} + +EncASRepPart ::= [APPLICATION 25] EncKDCRepPart +EncTGSRepPart ::= [APPLICATION 26] EncKDCRepPart + +AP-REQ ::= [APPLICATION 14] SEQUENCE { + pvno[0] INTEGER, + msg-type[1] INTEGER, + ap-options[2] APOptions, + ticket[3] Ticket, + authenticator[4] EncryptedData +} + +AP-REP ::= [APPLICATION 15] SEQUENCE { + pvno[0] INTEGER, + msg-type[1] INTEGER, + enc-part[2] EncryptedData +} + +EncAPRepPart ::= [APPLICATION 27] SEQUENCE { + ctime[0] KerberosTime, + cusec[1] INTEGER, + subkey[2] EncryptionKey OPTIONAL, + seq-number[3] INTEGER OPTIONAL +} + +KRB-SAFE-BODY ::= SEQUENCE { + user-data[0] OCTET STRING, + timestamp[1] KerberosTime OPTIONAL, + usec[2] INTEGER OPTIONAL, + seq-number[3] INTEGER OPTIONAL, + s-address[4] HostAddress OPTIONAL, + r-address[5] HostAddress OPTIONAL +} + +KRB-SAFE ::= [APPLICATION 20] SEQUENCE { + pvno[0] INTEGER, + msg-type[1] INTEGER, + safe-body[2] KRB-SAFE-BODY, + cksum[3] Checksum +} + +KRB-PRIV ::= [APPLICATION 21] SEQUENCE { + pvno[0] INTEGER, + msg-type[1] INTEGER, + enc-part[3] EncryptedData +} +EncKrbPrivPart ::= [APPLICATION 28] SEQUENCE { + user-data[0] OCTET STRING, + timestamp[1] KerberosTime OPTIONAL, + usec[2] INTEGER OPTIONAL, + seq-number[3] INTEGER OPTIONAL, + s-address[4] HostAddress OPTIONAL, -- sender's addr + r-address[5] HostAddress OPTIONAL -- recip's addr +} + +KRB-CRED ::= [APPLICATION 22] SEQUENCE { + pvno[0] INTEGER, + msg-type[1] INTEGER, -- KRB_CRED + tickets[2] SEQUENCE OF Ticket, + enc-part[3] EncryptedData +} + +KrbCredInfo ::= SEQUENCE { + key[0] EncryptionKey, + prealm[1] Realm OPTIONAL, + pname[2] PrincipalName OPTIONAL, + flags[3] TicketFlags OPTIONAL, + authtime[4] KerberosTime OPTIONAL, + starttime[5] KerberosTime OPTIONAL, + endtime[6] KerberosTime OPTIONAL, + renew-till[7] KerberosTime OPTIONAL, + srealm[8] Realm OPTIONAL, + sname[9] PrincipalName OPTIONAL, + caddr[10] HostAddresses OPTIONAL +} + +EncKrbCredPart ::= [APPLICATION 29] SEQUENCE { + ticket-info[0] SEQUENCE OF KrbCredInfo, + nonce[1] INTEGER OPTIONAL, + timestamp[2] KerberosTime OPTIONAL, + usec[3] INTEGER OPTIONAL, + s-address[4] HostAddress OPTIONAL, + r-address[5] HostAddress OPTIONAL +} + +KRB-ERROR ::= [APPLICATION 30] SEQUENCE { + pvno[0] INTEGER, + msg-type[1] INTEGER, + ctime[2] KerberosTime OPTIONAL, + cusec[3] INTEGER OPTIONAL, + stime[4] KerberosTime, + susec[5] INTEGER, + error-code[6] INTEGER, + crealm[7] Realm OPTIONAL, + cname[8] PrincipalName OPTIONAL, + realm[9] Realm, -- Correct realm + sname[10] PrincipalName, -- Correct name + e-text[11] GeneralString OPTIONAL, + e-data[12] OCTET STRING OPTIONAL +} + +pvno INTEGER ::= 5 -- current Kerberos protocol version number + +-- message types + +krb-as-req INTEGER ::= 10 -- Request for initial authentication +krb-as-rep INTEGER ::= 11 -- Response to KRB_AS_REQ request +krb-tgs-req INTEGER ::= 12 -- Request for authentication based on TGT +krb-tgs-rep INTEGER ::= 13 -- Response to KRB_TGS_REQ request +krb-ap-req INTEGER ::= 14 -- application request to server +krb-ap-rep INTEGER ::= 15 -- Response to KRB_AP_REQ_MUTUAL +krb-safe INTEGER ::= 20 -- Safe (checksummed) application message +krb-priv INTEGER ::= 21 -- Private (encrypted) application message +krb-cred INTEGER ::= 22 -- Private (encrypted) message to forward credentials +krb-error INTEGER ::= 30 -- Error response + +-- pa-data types + +pa-tgs-req INTEGER ::= 1 +pa-enc-timestamp INTEGER ::= 2 +pa-pw-salt INTEGER ::= 3 +pa-enc-unix-time INTEGER ::= 5 +pa-sandia-secureid INTEGER ::= 6 +pa-sesame INTEGER ::= 7 +pa-osf-dce INTEGER ::= 8 +pa-cybersafe-secureid INTEGER ::= 9 +pa-afs3-salt INTEGER ::= 10 +pa-etype-info INTEGER ::= 11 +sam-challenge INTEGER ::= 12 -- (sam/otp) +sam-response INTEGER ::= 13 -- (sam/otp) +pa-pk-as-req INTEGER ::= 14 -- (pkinit) +pa-pk-as-rep INTEGER ::= 15 -- (pkinit) +pa-pk-as-sign INTEGER ::= 16 -- (pkinit) +pa-pk-key-req INTEGER ::= 17 -- (pkinit) +pa-pk-key-rep INTEGER ::= 18 -- (pkinit) +-- checksumtypes + +CRC32 INTEGER ::= 1 +rsa-md4 INTEGER ::= 2 +rsa-md4-des INTEGER ::= 3 +des-mac INTEGER ::= 4 +des-mac-k INTEGER ::= 5 +rsa-md4-des-k INTEGER ::= 6 +rsa-md5 INTEGER ::= 7 +rsa-md5-des INTEGER ::= 8 +rsa-md5-des3 INTEGER ::= 9 +hmac-sha1-des3 INTEGER ::= 12 + +-- transited encodings + +DOMAIN-X500-COMPRESS INTEGER ::= 1 + +END + +-- etags -r '/\([A-Za-z][-A-Za-z0-9]*\).*::=/\1/' k5.asn1 diff --git a/crypto/heimdal/lib/asn1/lex.h b/crypto/heimdal/lib/asn1/lex.h new file mode 100644 index 0000000..66d708c --- /dev/null +++ b/crypto/heimdal/lib/asn1/lex.h @@ -0,0 +1,36 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: lex.h,v 1.3 1999/12/02 17:05:02 joda Exp $ */ + +void error_message (char *, ...); diff --git a/crypto/heimdal/lib/asn1/lex.l b/crypto/heimdal/lib/asn1/lex.l new file mode 100644 index 0000000..b3fbf71 --- /dev/null +++ b/crypto/heimdal/lib/asn1/lex.l @@ -0,0 +1,102 @@ +%{ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: lex.l,v 1.10 1999/12/02 17:05:02 joda Exp $ */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include <stdio.h> +#include <stdarg.h> +#include <stdlib.h> +#include <string.h> +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif +#include "symbol.h" +#include "parse.h" + +void error_message(char *, ...); + +static unsigned lineno = 1; + +/* ","|"{"|"}"|"("|")"|"["|"]"|"|" { return *yytext; } */ +%} + + +%% +INTEGER { return INTEGER; } +SEQUENCE { return SEQUENCE; } +OF { return OF; } +OCTET { return OCTET; } +STRING { return STRING; } +GeneralizedTime { return GeneralizedTime; } +GeneralString { return GeneralString; } +BIT { return BIT; } +APPLICATION { return APPLICATION; } +OPTIONAL { return OPTIONAL; } +BEGIN { return TBEGIN; } +END { return END; } +DEFINITIONS { return DEFINITIONS; } +EXTERNAL { return EXTERNAL; } +[,{}()|] { return *yytext; } +"[" { return *yytext; } +"]" { return *yytext; } +::= { return EEQUAL; } +--[^\n]*\n { ; } +-?[0-9]+ { yylval.constant = atoi(yytext); return CONSTANT; } +[A-Za-z][-A-Za-z0-9_]* { yylval.name = strdup (yytext); return IDENTIFIER; } +[ \t] ; +\n { lineno++; } +. { error_message("Ignoring char(%c)\n", *yytext); } +%% + +#ifndef yywrap /* XXX */ +int +yywrap () +{ + return 1; +} +#endif + +void +error_message (char *format, ...) +{ + va_list args; + + va_start (args, format); + fprintf (stderr, ":%d: ", lineno); + vfprintf (stderr, format, args); + va_end (args); +} diff --git a/crypto/heimdal/lib/asn1/libasn1.h b/crypto/heimdal/lib/asn1/libasn1.h new file mode 100644 index 0000000..90eda60 --- /dev/null +++ b/crypto/heimdal/lib/asn1/libasn1.h @@ -0,0 +1,50 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: libasn1.h,v 1.7 1999/12/02 17:05:02 joda Exp $ */ + +#ifndef __LIBASN1_H__ +#define __LIBASN1_H__ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + +#include <stdlib.h> +#include <errno.h> +#include "asn1.h" +#include "der.h" +#include "asn1_err.h" +#include <parse_units.h> + +#endif /* __LIBASN1_H__ */ diff --git a/crypto/heimdal/lib/asn1/main.c b/crypto/heimdal/lib/asn1/main.c new file mode 100644 index 0000000..538af5a --- /dev/null +++ b/crypto/heimdal/lib/asn1/main.c @@ -0,0 +1,90 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gen_locl.h" +#include <getarg.h> + +RCSID("$Id: main.c,v 1.10 1999/12/02 17:05:02 joda Exp $"); + +extern FILE *yyin; + +int version_flag; +int help_flag; +struct getargs args[] = { + { "version", 0, arg_flag, &version_flag }, + { "help", 0, arg_flag, &help_flag } +}; +int num_args = sizeof(args) / sizeof(args[0]); + +static void +usage(int code) +{ + arg_printusage(args, num_args, NULL, "[asn1-file [name]]"); + exit(code); +} + +int +main(int argc, char **argv) +{ + int ret; + char *file; + char *name = NULL; + int optind = 0; + + set_progname(argv[0]); + if(getarg(args, num_args, argc, argv, &optind)) + usage(1); + if(help_flag) + usage(0); + if(version_flag) { + print_version(NULL); + exit(0); + } + if (argc == optind) { + file = "stdin"; + name = "stdin"; + yyin = stdin; + } else { + file = argv[optind]; + yyin = fopen (file, "r"); + if (yyin == NULL) + err (1, "open %s", file); + name = argv[optind + 1]; + } + + init_generate (file, name); + initsym (); + ret = yyparse (); + close_generate (); + return ret; +} diff --git a/crypto/heimdal/lib/asn1/parse.y b/crypto/heimdal/lib/asn1/parse.y new file mode 100644 index 0000000..f9e82b5 --- /dev/null +++ b/crypto/heimdal/lib/asn1/parse.y @@ -0,0 +1,231 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: parse.y,v 1.12 1999/12/02 17:05:02 joda Exp $ */ + +%{ +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include "symbol.h" +#include "lex.h" +#include "gen_locl.h" + +RCSID("$Id: parse.y,v 1.12 1999/12/02 17:05:02 joda Exp $"); + +static Type *new_type (Typetype t); +void yyerror (char *); +int yylex(void); + +static void append (Member *l, Member *r); + +%} + +%union { + int constant; + char *name; + Type *type; + Member *member; +} + +%token INTEGER SEQUENCE OF OCTET STRING GeneralizedTime GeneralString +%token BIT APPLICATION OPTIONAL EEQUAL TBEGIN END DEFINITIONS EXTERNAL +%token <name> IDENTIFIER +%token <constant> CONSTANT + +%type <constant> constant optional2 +%type <type> type +%type <member> memberdecls memberdecl bitdecls bitdecl + +%start envelope + +%% + +envelope : IDENTIFIER DEFINITIONS EEQUAL TBEGIN specification END {} + ; + +specification : + | specification declaration + ; + +declaration : extern_decl + | type_decl + | constant_decl + ; + +extern_decl : IDENTIFIER EXTERNAL + { + Symbol *s = addsym($1); + s->stype = Stype; + } + ; + +type_decl : IDENTIFIER EEQUAL type + { + Symbol *s = addsym ($1); + s->stype = Stype; + s->type = $3; + generate_type (s); + } + ; + +constant_decl : IDENTIFIER type EEQUAL constant + { + Symbol *s = addsym ($1); + s->stype = SConstant; + s->constant = $4; + generate_constant (s); + } + ; + +type : INTEGER { $$ = new_type(TInteger); } + | OCTET STRING { $$ = new_type(TOctetString); } + | GeneralString { $$ = new_type(TGeneralString); } + | GeneralizedTime { $$ = new_type(TGeneralizedTime); } + | SEQUENCE OF type + { + $$ = new_type(TSequenceOf); + $$->subtype = $3; + } + | SEQUENCE '{' memberdecls '}' + { + $$ = new_type(TSequence); + $$->members = $3; + } + | BIT STRING '{' bitdecls '}' + { + $$ = new_type(TBitString); + $$->members = $4; + } + | IDENTIFIER + { + Symbol *s = addsym($1); + $$ = new_type(TType); + if(s->stype != Stype) + error_message ("%s is not a type\n", $1); + else + $$->symbol = s; + } + | '[' APPLICATION constant ']' type + { + $$ = new_type(TApplication); + $$->subtype = $5; + $$->application = $3; + } + ; + +memberdecls : { $$ = NULL; } + | memberdecl { $$ = $1; } + | memberdecls ',' memberdecl { $$ = $1; append($$, $3); } + ; + +memberdecl : IDENTIFIER '[' constant ']' type optional2 + { + $$ = malloc(sizeof(*$$)); + $$->name = $1; + $$->gen_name = strdup($1); + output_name ($$->gen_name); + $$->val = $3; + $$->optional = $6; + $$->type = $5; + $$->next = $$->prev = $$; + } + ; + +optional2 : { $$ = 0; } + | OPTIONAL { $$ = 1; } + ; + +bitdecls : { $$ = NULL; } + | bitdecl { $$ = $1; } + | bitdecls ',' bitdecl { $$ = $1; append($$, $3); } + ; + +bitdecl : IDENTIFIER '(' constant ')' + { + $$ = malloc(sizeof(*$$)); + $$->name = $1; + $$->gen_name = strdup($1); + output_name ($$->gen_name); + $$->val = $3; + $$->optional = 0; + $$->type = NULL; + $$->prev = $$->next = $$; + } + ; + +constant : CONSTANT { $$ = $1; } + | IDENTIFIER { + Symbol *s = addsym($1); + if(s->stype != SConstant) + error_message ("%s is not a constant\n", + s->name); + else + $$ = s->constant; + } + ; +%% + +void +yyerror (char *s) +{ + error_message ("%s\n", s); +} + +static Type * +new_type (Typetype tt) +{ + Type *t = malloc(sizeof(*t)); + if (t == NULL) { + error_message ("out of memory in malloc(%u)", sizeof(*t)); + exit (1); + } + t->type = tt; + t->application = 0; + t->members = NULL; + t->subtype = NULL; + t->symbol = NULL; + return t; +} + +static void +append (Member *l, Member *r) +{ + l->prev->next = r; + r->prev = l->prev; + l->prev = r; + r->next = l; +} diff --git a/crypto/heimdal/lib/asn1/symbol.c b/crypto/heimdal/lib/asn1/symbol.c new file mode 100644 index 0000000..5e6e741 --- /dev/null +++ b/crypto/heimdal/lib/asn1/symbol.c @@ -0,0 +1,90 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gen_locl.h" + +RCSID("$Id: symbol.c,v 1.8 1999/12/02 17:05:02 joda Exp $"); + +static Hashtab *htab; + +static int +cmp (void *a, void *b) +{ + Symbol *s1 = (Symbol *)a; + Symbol *s2 = (Symbol *)b; + + return strcmp (s1->name, s2->name); +} + +static unsigned +hash (void *a) +{ + Symbol *s = (Symbol *)a; + + return hashjpw (s->name); +} + +void +initsym () +{ + htab = hashtabnew (101, cmp, hash); +} + + +void +output_name (char *s) +{ + char *p; + + for (p = s; *p; ++p) + if (*p == '-') + *p = '_'; +} + +Symbol* +addsym (char *name) +{ + Symbol key, *s; + + key.name = name; + s = (Symbol *)hashtabsearch (htab, (void *)&key); + if (s == NULL) { + s = (Symbol *)malloc (sizeof (*s)); + s->name = name; + s->gen_name = strdup(name); + output_name (s->gen_name); + s->stype = SUndefined; + hashtabadd (htab, s); + } + return s; +} diff --git a/crypto/heimdal/lib/asn1/symbol.h b/crypto/heimdal/lib/asn1/symbol.h new file mode 100644 index 0000000..bc4707f --- /dev/null +++ b/crypto/heimdal/lib/asn1/symbol.h @@ -0,0 +1,83 @@ +/* + * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: symbol.h,v 1.5 1999/12/02 17:05:02 joda Exp $ */ + +#ifndef _SYMBOL_H +#define _SYMBOL_H + +enum typetype { TInteger, TOctetString, TBitString, TSequence, TSequenceOf, + TGeneralizedTime, TGeneralString, TApplication, TType, + TUInteger }; + +typedef enum typetype Typetype; + +struct type; + +struct member { + char *name; + char *gen_name; + int val; + int optional; + struct type *type; + struct member *next, *prev; +}; + +typedef struct member Member; + +struct symbol; + +struct type { + Typetype type; + int application; + Member *members; + struct type *subtype; + struct symbol *symbol; +}; + +typedef struct type Type; + +struct symbol { + char *name; + char *gen_name; + enum { SUndefined, SConstant, Stype } stype; + int constant; + Type *type; +}; + +typedef struct symbol Symbol; + +void initsym (void); +Symbol *addsym (char *); +void output_name (char *); +#endif diff --git a/crypto/heimdal/lib/asn1/timegm.c b/crypto/heimdal/lib/asn1/timegm.c new file mode 100644 index 0000000..bdc997f --- /dev/null +++ b/crypto/heimdal/lib/asn1/timegm.c @@ -0,0 +1,71 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "der_locl.h" + +RCSID("$Id: timegm.c,v 1.7 1999/12/02 17:05:02 joda Exp $"); + +#ifndef HAVE_TIMEGM + +static int +is_leap(unsigned y) +{ + y += 1900; + return (y % 4) == 0 && ((y % 100) != 0 || (y % 400) == 0); +} + +time_t +timegm (struct tm *tm) +{ + static const unsigned ndays[2][12] ={ + {31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31}, + {31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31}}; + time_t res = 0; + unsigned i; + + for (i = 70; i < tm->tm_year; ++i) + res += is_leap(i) ? 366 : 365; + + for (i = 0; i < tm->tm_mon; ++i) + res += ndays[is_leap(tm->tm_year)][i]; + res += tm->tm_mday - 1; + res *= 24; + res += tm->tm_hour; + res *= 60; + res += tm->tm_min; + res *= 60; + res += tm->tm_sec; + return res; +} + +#endif /* HAVE_TIMEGM */ diff --git a/crypto/heimdal/lib/auth/ChangeLog b/crypto/heimdal/lib/auth/ChangeLog new file mode 100644 index 0000000..9b1ebaf --- /dev/null +++ b/crypto/heimdal/lib/auth/ChangeLog @@ -0,0 +1,74 @@ +1999-12-30 Assar Westerlund <assar@sics.se> + + * sia/Makefile.am: try to link with shared libraries if we don't + find any static ones + +1999-12-20 Johan Danielsson <joda@pdc.kth.se> + + * sia/sia.c: don't use string concatenation with TKT_ROOT + +1999-11-15 Assar Westerlund <assar@sics.se> + + * */lib/Makefile.in: set LIBNAME. From Enrico Scholz + <Enrico.Scholz@informatik.tu-chemnitz.de> + +1999-10-17 Assar Westerlund <assar@sics.se> + + * afskauthlib/verify.c (verify_krb5): need realm for v5 -> v4 + +1999-10-03 Assar Westerlund <assar@sics.se> + + * afskauthlib/verify.c (verify_krb5): update to new + krb524_convert_creds_kdc + +1999-09-28 Assar Westerlund <assar@sics.se> + + * sia/sia.c (doauth): use krb5_get_local_realms and + krb5_verify_user_lrealm + + * afskauthlib/verify.c (verify_krb5): remove krb5_kuserok. use + krb5_verify_user_lrealm + +1999-08-11 Johan Danielsson <joda@pdc.kth.se> + + * afskauthlib/verify.c: make this compile w/o krb4 + +1999-08-04 Assar Westerlund <assar@sics.se> + + * afskauthlib/verify.c: incorporate patches from Miroslav Ruda + <ruda@ics.muni.cz> + +Thu Apr 8 14:35:34 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * sia/sia.c: remove definition of KRB_VERIFY_USER (moved to + config.h) + + * sia/Makefile.am: make it build w/o krb4 + + * afskauthlib/verify.c: add krb5 support + + * afskauthlib/Makefile.am: build afskauthlib.so + +Wed Apr 7 14:06:22 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * sia/sia.c: make it compile w/o krb4 + + * sia/Makefile.am: make it compile w/o krb4 + +Thu Apr 1 18:09:23 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * sia/sia_locl.h: POSIX_GETPWNAM_R is defined in config.h + +Sun Mar 21 14:08:30 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * sia/Makefile.in: add posix_getpw.c + + * sia/Makefile.am: makefile for sia + + * sia/posix_getpw.c: move from sia.c + + * sia/sia_locl.h: merge with krb5 version + + * sia/sia.c: merge with krb5 version + + * sia/sia5.c: remove unused variables diff --git a/crypto/heimdal/lib/auth/Makefile.am b/crypto/heimdal/lib/auth/Makefile.am new file mode 100644 index 0000000..0310dc3 --- /dev/null +++ b/crypto/heimdal/lib/auth/Makefile.am @@ -0,0 +1,6 @@ +# $Id: Makefile.am,v 1.2 1999/03/21 17:11:08 joda Exp $ + +include $(top_srcdir)/Makefile.am.common + +SUBDIRS = @LIB_AUTH_SUBDIRS@ +DIST_SUBDIRS = afskauthlib pam sia diff --git a/crypto/heimdal/lib/auth/Makefile.in b/crypto/heimdal/lib/auth/Makefile.in new file mode 100644 index 0000000..aab069e --- /dev/null +++ b/crypto/heimdal/lib/auth/Makefile.in @@ -0,0 +1,599 @@ +# Makefile.in generated automatically by automake 1.4 from Makefile.am + +# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +# $Id: Makefile.am,v 1.2 1999/03/21 17:11:08 joda Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ + + +SHELL = @SHELL@ + +srcdir = @srcdir@ +top_srcdir = @top_srcdir@ +VPATH = @srcdir@ +prefix = @prefix@ +exec_prefix = @exec_prefix@ + +bindir = @bindir@ +sbindir = @sbindir@ +libexecdir = @libexecdir@ +datadir = @datadir@ +sysconfdir = @sysconfdir@ +sharedstatedir = @sharedstatedir@ +localstatedir = @localstatedir@ +libdir = @libdir@ +infodir = @infodir@ +mandir = @mandir@ +includedir = @includedir@ +oldincludedir = /usr/include + +DESTDIR = + +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ + +top_builddir = ../.. + +ACLOCAL = @ACLOCAL@ +AUTOCONF = @AUTOCONF@ +AUTOMAKE = @AUTOMAKE@ +AUTOHEADER = @AUTOHEADER@ + +INSTALL = @INSTALL@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +transform = @program_transform_name@ + +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +host_alias = @host_alias@ +host_triplet = @host@ +AFS_EXTRA_LD = @AFS_EXTRA_LD@ +AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AWK = @AWK@ +CANONICAL_HOST = @CANONICAL_HOST@ +CATMAN = @CATMAN@ +CATMANEXT = @CATMANEXT@ +CC = @CC@ +DBLIB = @DBLIB@ +EXEEXT = @EXEEXT@ +EXTRA_LIB45 = @EXTRA_LIB45@ +GROFF = @GROFF@ +INCLUDE_ = @INCLUDE_@ +LD = @LD@ +LEX = @LEX@ +LIBOBJS = @LIBOBJS@ +LIBTOOL = @LIBTOOL@ +LIB_ = @LIB_@ +LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_kdb = @LIB_kdb@ +LIB_otp = @LIB_otp@ +LIB_roken = @LIB_roken@ +LIB_security = @LIB_security@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ +MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ +MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ +NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ +NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ +NM = @NM@ +NROFF = @NROFF@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +RANLIB = @RANLIB@ +VERSION = @VERSION@ +VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ +WFLAGS = @WFLAGS@ +WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ +WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ +YACC = @YACC@ + +AUTOMAKE_OPTIONS = foreign no-dependencies + +SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x + +INCLUDES = -I$(top_builddir)/include + +AM_CFLAGS = $(WFLAGS) + +COMPILE_ET = $(top_builddir)/lib/com_err/compile_et + +buildinclude = $(top_builddir)/include + +LIB_XauReadAuth = @LIB_XauReadAuth@ +LIB_crypt = @LIB_crypt@ +LIB_dbm_firstkey = @LIB_dbm_firstkey@ +LIB_dbopen = @LIB_dbopen@ +LIB_dlopen = @LIB_dlopen@ +LIB_dn_expand = @LIB_dn_expand@ +LIB_el_init = @LIB_el_init@ +LIB_getattr = @LIB_getattr@ +LIB_gethostbyname = @LIB_gethostbyname@ +LIB_getpwent_r = @LIB_getpwent_r@ +LIB_getpwnam_r = @LIB_getpwnam_r@ +LIB_getsockopt = @LIB_getsockopt@ +LIB_logout = @LIB_logout@ +LIB_logwtmp = @LIB_logwtmp@ +LIB_odm_initialize = @LIB_odm_initialize@ +LIB_readline = @LIB_readline@ +LIB_res_search = @LIB_res_search@ +LIB_setpcred = @LIB_setpcred@ +LIB_setsockopt = @LIB_setsockopt@ +LIB_socket = @LIB_socket@ +LIB_syslog = @LIB_syslog@ +LIB_tgetent = @LIB_tgetent@ + +HESIODLIB = @HESIODLIB@ +HESIODINCLUDE = @HESIODINCLUDE@ +INCLUDE_hesiod = @INCLUDE_hesiod@ +LIB_hesiod = @LIB_hesiod@ + +INCLUDE_krb4 = @INCLUDE_krb4@ +LIB_krb4 = @LIB_krb4@ + +INCLUDE_readline = @INCLUDE_readline@ + +LEXLIB = @LEXLIB@ + +cat1dir = $(mandir)/cat1 +cat3dir = $(mandir)/cat3 +cat5dir = $(mandir)/cat5 +cat8dir = $(mandir)/cat8 + +MANRX = \(.*\)\.\([0-9]\) +CATSUFFIX = @CATSUFFIX@ + +NROFF_MAN = groff -mandoc -Tascii + +@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) + +@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la + +CHECK_LOCAL = $(PROGRAMS) + +SUBDIRS = @LIB_AUTH_SUBDIRS@ +DIST_SUBDIRS = afskauthlib pam sia +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = ../../include/config.h +CONFIG_CLEAN_FILES = +CFLAGS = @CFLAGS@ +COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +DIST_COMMON = ChangeLog Makefile.am Makefile.in + + +DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) + +TAR = tar +GZIP_ENV = --best +all: all-redirect +.SUFFIXES: +.SUFFIXES: .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .et .h .x +$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common + cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/auth/Makefile + +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + cd $(top_builddir) \ + && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status + + +# This directory's subdirectories are mostly independent; you can cd +# into them and run `make' without going through this Makefile. +# To change the values of `make' variables: instead of editing Makefiles, +# (1) if the variable is set in `config.status', edit `config.status' +# (which will cause the Makefiles to be regenerated when you run `make'); +# (2) otherwise, pass the desired values on the `make' command line. + +@SET_MAKE@ + +all-recursive install-data-recursive install-exec-recursive \ +installdirs-recursive install-recursive uninstall-recursive \ +check-recursive installcheck-recursive info-recursive dvi-recursive: + @set fnord $(MAKEFLAGS); amf=$$2; \ + dot_seen=no; \ + target=`echo $@ | sed s/-recursive//`; \ + list='$(SUBDIRS)'; for subdir in $$list; do \ + echo "Making $$target in $$subdir"; \ + if test "$$subdir" = "."; then \ + dot_seen=yes; \ + local_target="$$target-am"; \ + else \ + local_target="$$target"; \ + fi; \ + (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ + || case "$$amf" in *=*) exit 1;; *k*) fail=yes;; *) exit 1;; esac; \ + done; \ + if test "$$dot_seen" = "no"; then \ + $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ + fi; test -z "$$fail" + +mostlyclean-recursive clean-recursive distclean-recursive \ +maintainer-clean-recursive: + @set fnord $(MAKEFLAGS); amf=$$2; \ + dot_seen=no; \ + rev=''; list='$(SUBDIRS)'; for subdir in $$list; do \ + rev="$$subdir $$rev"; \ + test "$$subdir" = "." && dot_seen=yes; \ + done; \ + test "$$dot_seen" = "no" && rev=". $$rev"; \ + target=`echo $@ | sed s/-recursive//`; \ + for subdir in $$rev; do \ + echo "Making $$target in $$subdir"; \ + if test "$$subdir" = "."; then \ + local_target="$$target-am"; \ + else \ + local_target="$$target"; \ + fi; \ + (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ + || case "$$amf" in *=*) exit 1;; *k*) fail=yes;; *) exit 1;; esac; \ + done && test -z "$$fail" +tags-recursive: + list='$(SUBDIRS)'; for subdir in $$list; do \ + test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ + done + +tags: TAGS + +ID: $(HEADERS) $(SOURCES) $(LISP) + list='$(SOURCES) $(HEADERS)'; \ + unique=`for i in $$list; do echo $$i; done | \ + awk ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + here=`pwd` && cd $(srcdir) \ + && mkid -f$$here/ID $$unique $(LISP) + +TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" = .; then :; else \ + test -f $$subdir/TAGS && tags="$$tags -i $$here/$$subdir/TAGS"; \ + fi; \ + done; \ + list='$(SOURCES) $(HEADERS)'; \ + unique=`for i in $$list; do echo $$i; done | \ + awk ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ + || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS) + +mostlyclean-tags: + +clean-tags: + +distclean-tags: + -rm -f TAGS ID + +maintainer-clean-tags: + +distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) + +subdir = lib/auth + +distdir: $(DISTFILES) + @for file in $(DISTFILES); do \ + d=$(srcdir); \ + if test -d $$d/$$file; then \ + cp -pr $$/$$file $(distdir)/$$file; \ + else \ + test -f $(distdir)/$$file \ + || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ + || cp -p $$d/$$file $(distdir)/$$file || :; \ + fi; \ + done + for subdir in $(DIST_SUBDIRS); do \ + if test "$$subdir" = .; then :; else \ + test -d $(distdir)/$$subdir \ + || mkdir $(distdir)/$$subdir \ + || exit 1; \ + chmod 777 $(distdir)/$$subdir; \ + (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir=../$(top_distdir) distdir=../$(distdir)/$$subdir distdir) \ + || exit 1; \ + fi; \ + done + $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook +info-am: +info: info-recursive +dvi-am: +dvi: dvi-recursive +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) check-local +check: check-recursive +installcheck-am: +installcheck: installcheck-recursive +install-exec-am: + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-exec-hook +install-exec: install-exec-recursive + +install-data-am: install-data-local +install-data: install-data-recursive + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am +install: install-recursive +uninstall-am: +uninstall: uninstall-recursive +all-am: Makefile all-local +all-redirect: all-recursive +install-strip: + $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install +installdirs: installdirs-recursive +installdirs-am: + + +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -rm -f Makefile $(CONFIG_CLEAN_FILES) + -rm -f config.cache config.log stamp-h stamp-h[0-9]* + +maintainer-clean-generic: +mostlyclean-am: mostlyclean-tags mostlyclean-generic + +mostlyclean: mostlyclean-recursive + +clean-am: clean-tags clean-generic mostlyclean-am + +clean: clean-recursive + +distclean-am: distclean-tags distclean-generic clean-am + -rm -f libtool + +distclean: distclean-recursive + +maintainer-clean-am: maintainer-clean-tags maintainer-clean-generic \ + distclean-am + @echo "This command is intended for maintainers to use;" + @echo "it deletes files that may require special tools to rebuild." + +maintainer-clean: maintainer-clean-recursive + +.PHONY: install-data-recursive uninstall-data-recursive \ +install-exec-recursive uninstall-exec-recursive installdirs-recursive \ +uninstalldirs-recursive all-recursive check-recursive \ +installcheck-recursive info-recursive dvi-recursive \ +mostlyclean-recursive distclean-recursive clean-recursive \ +maintainer-clean-recursive tags tags-recursive mostlyclean-tags \ +distclean-tags clean-tags maintainer-clean-tags distdir info-am info \ +dvi-am dvi check-local check check-am installcheck-am installcheck \ +install-exec-am install-exec install-data-local install-data-am \ +install-data install-am install uninstall-am uninstall all-local \ +all-redirect all-am all installdirs-am installdirs mostlyclean-generic \ +distclean-generic clean-generic maintainer-clean-generic clean \ +mostlyclean distclean maintainer-clean + + +install-suid-programs: + @foo='$(bin_SUIDS)'; \ + for file in $$foo; do \ + x=$(DESTDIR)$(bindir)/$$file; \ + if chown 0:0 $$x && chmod u+s $$x; then :; else \ + chmod 0 $$x; fi; done + +install-exec-hook: install-suid-programs + +install-build-headers:: $(include_HEADERS) $(build_HEADERZ) + @foo='$(include_HEADERS) $(build_HEADERZ)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " cp $$file $(buildinclude)/$$f"; \ + cp $$file $(buildinclude)/$$f; \ + fi ; \ + done + +all-local: install-build-headers +#NROFF_MAN = nroff -man +.1.cat1: + $(NROFF_MAN) $< > $@ +.3.cat3: + $(NROFF_MAN) $< > $@ +.5.cat5: + $(NROFF_MAN) $< > $@ +.8.cat8: + $(NROFF_MAN) $< > $@ + +dist-cat1-mans: + @foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat3-mans: + @foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat5-mans: + @foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat8-mans: + @foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans + +install-cat1-mans: + @ext=1;\ + foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat3-mans: + @ext=3;\ + foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat5-mans: + @ext=5;\ + foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat8-mans: + @ext=8;\ + foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans + +install-data-local: install-cat-mans + +.et.h: + $(COMPILE_ET) $< +.et.c: + $(COMPILE_ET) $< + +.x.c: + @cmp -s $< $@ 2> /dev/null || cp $< $@ + +check-local:: + @foo='$(CHECK_LOCAL)'; \ + if test "$$foo"; then \ + failed=0; all=0; \ + for i in $$foo; do \ + all=`expr $$all + 1`; \ + if ./$$i --version > /dev/null 2>&1; then \ + echo "PASS: $$i"; \ + else \ + echo "FAIL: $$i"; \ + failed=`expr $$failed + 1`; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0; \ + fi + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/crypto/heimdal/lib/auth/afskauthlib/Makefile.am b/crypto/heimdal/lib/auth/afskauthlib/Makefile.am new file mode 100644 index 0000000..7dd6d52 --- /dev/null +++ b/crypto/heimdal/lib/auth/afskauthlib/Makefile.am @@ -0,0 +1,38 @@ +# $Id: Makefile.am,v 1.3 1999/04/08 12:35:33 joda Exp $ + +include $(top_srcdir)/Makefile.am.common + +INCLUDES += $(INCLUDE_krb4) + +DEFS = @DEFS@ + +foodir = $(libdir) +foo_DATA = afskauthlib.so + +SUFFIXES += .c .o + +SRCS = verify.c +OBJS = verify.o + +CLEANFILES = $(foo_DATA) $(OBJS) so_locations + +afskauthlib.so: $(OBJS) + $(LD) -shared -o $@ $(LDFLAGS) $(OBJS) $(L) + +.c.o: + $(COMPILE) -c $< + +if KRB4 +KAFS = $(top_builddir)/lib/kafs/.libs/libkafs.a +endif + +L = \ + $(KAFS) \ + $(top_builddir)/lib/krb5/.libs/libkrb5.a \ + $(top_builddir)/lib/asn1/.libs/libasn1.a \ + $(LIB_krb4) \ + $(top_builddir)/lib/des/.libs/libdes.a \ + $(top_builddir)/lib/roken/.libs/libroken.a \ + -lc + +$(OBJS): $(top_builddir)/include/config.h diff --git a/crypto/heimdal/lib/auth/afskauthlib/Makefile.in b/crypto/heimdal/lib/auth/afskauthlib/Makefile.in new file mode 100644 index 0000000..d3a4041 --- /dev/null +++ b/crypto/heimdal/lib/auth/afskauthlib/Makefile.in @@ -0,0 +1,538 @@ +# Makefile.in generated automatically by automake 1.4 from Makefile.am + +# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +# $Id: Makefile.am,v 1.3 1999/04/08 12:35:33 joda Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ + + +SHELL = @SHELL@ + +srcdir = @srcdir@ +top_srcdir = @top_srcdir@ +VPATH = @srcdir@ +prefix = @prefix@ +exec_prefix = @exec_prefix@ + +bindir = @bindir@ +sbindir = @sbindir@ +libexecdir = @libexecdir@ +datadir = @datadir@ +sysconfdir = @sysconfdir@ +sharedstatedir = @sharedstatedir@ +localstatedir = @localstatedir@ +libdir = @libdir@ +infodir = @infodir@ +mandir = @mandir@ +includedir = @includedir@ +oldincludedir = /usr/include + +DESTDIR = + +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ + +top_builddir = ../../.. + +ACLOCAL = @ACLOCAL@ +AUTOCONF = @AUTOCONF@ +AUTOMAKE = @AUTOMAKE@ +AUTOHEADER = @AUTOHEADER@ + +INSTALL = @INSTALL@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +transform = @program_transform_name@ + +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +host_alias = @host_alias@ +host_triplet = @host@ +AFS_EXTRA_LD = @AFS_EXTRA_LD@ +AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AWK = @AWK@ +CANONICAL_HOST = @CANONICAL_HOST@ +CATMAN = @CATMAN@ +CATMANEXT = @CATMANEXT@ +CC = @CC@ +DBLIB = @DBLIB@ +EXEEXT = @EXEEXT@ +EXTRA_LIB45 = @EXTRA_LIB45@ +GROFF = @GROFF@ +INCLUDE_ = @INCLUDE_@ +LD = @LD@ +LEX = @LEX@ +LIBOBJS = @LIBOBJS@ +LIBTOOL = @LIBTOOL@ +LIB_ = @LIB_@ +LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_kdb = @LIB_kdb@ +LIB_otp = @LIB_otp@ +LIB_roken = @LIB_roken@ +LIB_security = @LIB_security@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ +MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ +MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ +NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ +NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ +NM = @NM@ +NROFF = @NROFF@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +RANLIB = @RANLIB@ +VERSION = @VERSION@ +VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ +WFLAGS = @WFLAGS@ +WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ +WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ +YACC = @YACC@ + +AUTOMAKE_OPTIONS = foreign no-dependencies + +SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x .c .o + +INCLUDES = -I$(top_builddir)/include $(INCLUDE_krb4) + +AM_CFLAGS = $(WFLAGS) + +COMPILE_ET = $(top_builddir)/lib/com_err/compile_et + +buildinclude = $(top_builddir)/include + +LIB_XauReadAuth = @LIB_XauReadAuth@ +LIB_crypt = @LIB_crypt@ +LIB_dbm_firstkey = @LIB_dbm_firstkey@ +LIB_dbopen = @LIB_dbopen@ +LIB_dlopen = @LIB_dlopen@ +LIB_dn_expand = @LIB_dn_expand@ +LIB_el_init = @LIB_el_init@ +LIB_getattr = @LIB_getattr@ +LIB_gethostbyname = @LIB_gethostbyname@ +LIB_getpwent_r = @LIB_getpwent_r@ +LIB_getpwnam_r = @LIB_getpwnam_r@ +LIB_getsockopt = @LIB_getsockopt@ +LIB_logout = @LIB_logout@ +LIB_logwtmp = @LIB_logwtmp@ +LIB_odm_initialize = @LIB_odm_initialize@ +LIB_readline = @LIB_readline@ +LIB_res_search = @LIB_res_search@ +LIB_setpcred = @LIB_setpcred@ +LIB_setsockopt = @LIB_setsockopt@ +LIB_socket = @LIB_socket@ +LIB_syslog = @LIB_syslog@ +LIB_tgetent = @LIB_tgetent@ + +HESIODLIB = @HESIODLIB@ +HESIODINCLUDE = @HESIODINCLUDE@ +INCLUDE_hesiod = @INCLUDE_hesiod@ +LIB_hesiod = @LIB_hesiod@ + +INCLUDE_krb4 = @INCLUDE_krb4@ +LIB_krb4 = @LIB_krb4@ + +INCLUDE_readline = @INCLUDE_readline@ + +LEXLIB = @LEXLIB@ + +cat1dir = $(mandir)/cat1 +cat3dir = $(mandir)/cat3 +cat5dir = $(mandir)/cat5 +cat8dir = $(mandir)/cat8 + +MANRX = \(.*\)\.\([0-9]\) +CATSUFFIX = @CATSUFFIX@ + +NROFF_MAN = groff -mandoc -Tascii + +@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) + +@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la + +CHECK_LOCAL = $(PROGRAMS) + +DEFS = @DEFS@ + +foodir = $(libdir) +foo_DATA = afskauthlib.so + +SRCS = verify.c +OBJS = verify.o + +CLEANFILES = $(foo_DATA) $(OBJS) so_locations + +@KRB4_TRUE@KAFS = $(top_builddir)/lib/kafs/.libs/libkafs.a + +L = $(KAFS) $(top_builddir)/lib/krb5/.libs/libkrb5.a $(top_builddir)/lib/asn1/.libs/libasn1.a $(LIB_krb4) $(top_builddir)/lib/des/.libs/libdes.a $(top_builddir)/lib/roken/.libs/libroken.a -lc + +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = ../../../include/config.h +CONFIG_CLEAN_FILES = +CFLAGS = @CFLAGS@ +COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +DATA = $(foo_DATA) + +DIST_COMMON = Makefile.am Makefile.in + + +DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) + +TAR = tar +GZIP_ENV = --best +all: all-redirect +.SUFFIXES: +.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .o .x +$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common + cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/auth/afskauthlib/Makefile + +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + cd $(top_builddir) \ + && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status + + +install-fooDATA: $(foo_DATA) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(foodir) + @list='$(foo_DATA)'; for p in $$list; do \ + if test -f $(srcdir)/$$p; then \ + echo " $(INSTALL_DATA) $(srcdir)/$$p $(DESTDIR)$(foodir)/$$p"; \ + $(INSTALL_DATA) $(srcdir)/$$p $(DESTDIR)$(foodir)/$$p; \ + else if test -f $$p; then \ + echo " $(INSTALL_DATA) $$p $(DESTDIR)$(foodir)/$$p"; \ + $(INSTALL_DATA) $$p $(DESTDIR)$(foodir)/$$p; \ + fi; fi; \ + done + +uninstall-fooDATA: + @$(NORMAL_UNINSTALL) + list='$(foo_DATA)'; for p in $$list; do \ + rm -f $(DESTDIR)$(foodir)/$$p; \ + done +tags: TAGS +TAGS: + + +distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) + +subdir = lib/auth/afskauthlib + +distdir: $(DISTFILES) + @for file in $(DISTFILES); do \ + d=$(srcdir); \ + if test -d $$d/$$file; then \ + cp -pr $$/$$file $(distdir)/$$file; \ + else \ + test -f $(distdir)/$$file \ + || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ + || cp -p $$d/$$file $(distdir)/$$file || :; \ + fi; \ + done + $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook +info-am: +info: info-am +dvi-am: +dvi: dvi-am +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) check-local +check: check-am +installcheck-am: +installcheck: installcheck-am +install-exec-am: + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-exec-hook +install-exec: install-exec-am + +install-data-am: install-fooDATA install-data-local +install-data: install-data-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am +install: install-am +uninstall-am: uninstall-fooDATA +uninstall: uninstall-am +all-am: Makefile $(DATA) all-local +all-redirect: all-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install +installdirs: + $(mkinstalldirs) $(DESTDIR)$(foodir) + + +mostlyclean-generic: + +clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) + +distclean-generic: + -rm -f Makefile $(CONFIG_CLEAN_FILES) + -rm -f config.cache config.log stamp-h stamp-h[0-9]* + +maintainer-clean-generic: +mostlyclean-am: mostlyclean-generic + +mostlyclean: mostlyclean-am + +clean-am: clean-generic mostlyclean-am + +clean: clean-am + +distclean-am: distclean-generic clean-am + -rm -f libtool + +distclean: distclean-am + +maintainer-clean-am: maintainer-clean-generic distclean-am + @echo "This command is intended for maintainers to use;" + @echo "it deletes files that may require special tools to rebuild." + +maintainer-clean: maintainer-clean-am + +.PHONY: uninstall-fooDATA install-fooDATA tags distdir info-am info \ +dvi-am dvi check-local check check-am installcheck-am installcheck \ +install-exec-am install-exec install-data-local install-data-am \ +install-data install-am install uninstall-am uninstall all-local \ +all-redirect all-am all installdirs mostlyclean-generic \ +distclean-generic clean-generic maintainer-clean-generic clean \ +mostlyclean distclean maintainer-clean + + +install-suid-programs: + @foo='$(bin_SUIDS)'; \ + for file in $$foo; do \ + x=$(DESTDIR)$(bindir)/$$file; \ + if chown 0:0 $$x && chmod u+s $$x; then :; else \ + chmod 0 $$x; fi; done + +install-exec-hook: install-suid-programs + +install-build-headers:: $(include_HEADERS) $(build_HEADERZ) + @foo='$(include_HEADERS) $(build_HEADERZ)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " cp $$file $(buildinclude)/$$f"; \ + cp $$file $(buildinclude)/$$f; \ + fi ; \ + done + +all-local: install-build-headers +#NROFF_MAN = nroff -man +.1.cat1: + $(NROFF_MAN) $< > $@ +.3.cat3: + $(NROFF_MAN) $< > $@ +.5.cat5: + $(NROFF_MAN) $< > $@ +.8.cat8: + $(NROFF_MAN) $< > $@ + +dist-cat1-mans: + @foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat3-mans: + @foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat5-mans: + @foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat8-mans: + @foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans + +install-cat1-mans: + @ext=1;\ + foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat3-mans: + @ext=3;\ + foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat5-mans: + @ext=5;\ + foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat8-mans: + @ext=8;\ + foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans + +install-data-local: install-cat-mans + +.et.h: + $(COMPILE_ET) $< +.et.c: + $(COMPILE_ET) $< + +.x.c: + @cmp -s $< $@ 2> /dev/null || cp $< $@ + +check-local:: + @foo='$(CHECK_LOCAL)'; \ + if test "$$foo"; then \ + failed=0; all=0; \ + for i in $$foo; do \ + all=`expr $$all + 1`; \ + if ./$$i --version > /dev/null 2>&1; then \ + echo "PASS: $$i"; \ + else \ + echo "FAIL: $$i"; \ + failed=`expr $$failed + 1`; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0; \ + fi + +afskauthlib.so: $(OBJS) + $(LD) -shared -o $@ $(LDFLAGS) $(OBJS) $(L) + +.c.o: + $(COMPILE) -c $< + +$(OBJS): $(top_builddir)/include/config.h + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/crypto/heimdal/lib/auth/afskauthlib/verify.c b/crypto/heimdal/lib/auth/afskauthlib/verify.c new file mode 100644 index 0000000..1c23119 --- /dev/null +++ b/crypto/heimdal/lib/auth/afskauthlib/verify.c @@ -0,0 +1,288 @@ +/* + * Copyright (c) 1995-1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: verify.c,v 1.20 1999/12/02 16:58:37 joda Exp $"); +#endif +#include <unistd.h> +#include <sys/types.h> +#include <pwd.h> +#ifdef KRB5 +#include <krb5.h> +#endif +#ifdef KRB4 +#include <krb.h> +#include <kafs.h> +#endif +#include <roken.h> + +#ifdef KRB5 +static char krb5ccname[128]; +#endif +#ifdef KRB4 +static char krbtkfile[128]; +#endif + +/* + In some cases is afs_gettktstring called twice (once before + afs_verify and once after afs_verify). + In some cases (rlogin with access allowed via .rhosts) + afs_verify is not called! + So we can't rely on correct value in krbtkfile in some + cases! +*/ + +static int correct_tkfilename=0; +static int pag_set=0; + +#ifdef KRB4 +static void +set_krbtkfile(uid_t uid) +{ + snprintf (krbtkfile, sizeof(krbtkfile), "%s%d", TKT_ROOT, (unsigned)uid); + krb_set_tkt_string (krbtkfile); + correct_tkfilename = 1; +} +#endif + +/* XXX this has to be the default cache name, since the KRB5CCNAME + * environment variable isn't exported by login/xdm + */ + +#ifdef KRB5 +static void +set_krb5ccname(uid_t uid) +{ + snprintf (krb5ccname, sizeof(krb5ccname), "FILE:/tmp/krb5cc_%d", uid); +#ifdef KRB4 + snprintf (krbtkfile, sizeof(krbtkfile), "%s%d", TKT_ROOT, (unsigned)uid); +#endif + correct_tkfilename = 1; +} +#endif + +static void +set_spec_krbtkfile(void) +{ + int fd; +#ifdef KRB4 + snprintf (krbtkfile, sizeof(krbtkfile), "%s_XXXXXX", TKT_ROOT); + fd = mkstemp(krbtkfile); + close(fd); + unlink(krbtkfile); + krb_set_tkt_string (krbtkfile); +#endif +#ifdef KRB5 + snprintf(krb5ccname, sizeof(krb5ccname),"FILE:/tmp/krb5cc_XXXXXX"); + fd=mkstemp(krb5ccname+5); + close(fd); + unlink(krb5ccname+5); +#endif +} + +#ifdef KRB5 +static int +verify_krb5(struct passwd *pwd, + char *password, + int32_t *exp, + int quiet) +{ + krb5_context context; + krb5_error_code ret; + krb5_ccache ccache; + krb5_principal principal; + + krb5_init_context(&context); + + ret = krb5_parse_name (context, pwd->pw_name, &principal); + if (ret) { + syslog(LOG_AUTH|LOG_DEBUG, "krb5_parse_name: %s", + krb5_get_err_text(context, ret)); + goto out; + } + + set_krb5ccname(pwd->pw_uid); + ret = krb5_cc_resolve(context, krb5ccname, &ccache); + if(ret) { + syslog(LOG_AUTH|LOG_DEBUG, "krb5_cc_resolve: %s", + krb5_get_err_text(context, ret)); + goto out; + } + + ret = krb5_verify_user_lrealm(context, + principal, + ccache, + password, + TRUE, + NULL); + if(ret) { + syslog(LOG_AUTH|LOG_DEBUG, "krb5_verify_user: %s", + krb5_get_err_text(context, ret)); + goto out; + } + + if(chown(krb5_cc_get_name(context, ccache), pwd->pw_uid, pwd->pw_gid)) { + syslog(LOG_AUTH|LOG_DEBUG, "chown: %s", + krb5_get_err_text(context, errno)); + goto out; + } + +#ifdef KRB4 + if (krb5_config_get_bool(context, NULL, + "libdefaults", + "krb4_get_tickets", + NULL)) { + CREDENTIALS c; + krb5_creds mcred, cred; + krb5_realm realm; + + krb5_get_default_realm(context, &realm); + krb5_make_principal(context, &mcred.server, realm, + "krbtgt", + realm, + NULL); + free (realm); + ret = krb5_cc_retrieve_cred(context, ccache, 0, &mcred, &cred); + if(ret == 0) { + ret = krb524_convert_creds_kdc(context, ccache, &cred, &c); + if(ret) + krb5_warn(context, ret, "converting creds"); + else { + set_krbtkfile(pwd->pw_uid); + tf_setup(&c, c.pname, c.pinst); + } + memset(&c, 0, sizeof(c)); + krb5_free_creds_contents(context, &cred); + } else + syslog(LOG_AUTH|LOG_DEBUG, "krb5_cc_retrieve_cred: %s", + krb5_get_err_text(context, ret)); + + krb5_free_principal(context, mcred.server); + } + if (!pag_set && k_hasafs()) { + k_setpag(); + pag_set = 1; + krb5_afslog_uid_home(context, ccache, NULL, NULL, + pwd->pw_uid, pwd->pw_dir); + } +#endif +out: + if(ret && !quiet) + printf ("%s\n", krb5_get_err_text (context, ret)); + return ret; +} +#endif + +#ifdef KRB4 +static int +verify_krb4(struct passwd *pwd, + char *password, + int32_t *exp, + int quiet) +{ + int ret = 1; + char lrealm[REALM_SZ]; + + if (krb_get_lrealm (lrealm, 1) != KFAILURE) { + set_krbtkfile(pwd->pw_uid); + ret = krb_verify_user (pwd->pw_name, "", lrealm, password, + KRB_VERIFY_SECURE, NULL); + if (ret == KSUCCESS) { + if (!pag_set && k_hasafs()) { + k_setpag (); + pag_set = 1; + krb_afslog_uid_home (0, 0, pwd->pw_uid, pwd->pw_dir); + } + } else if (!quiet) + printf ("%s\n", krb_get_err_text (ret)); + } + return ret; +} +#endif + +int +afs_verify(char *name, + char *password, + int32_t *exp, + int quiet) +{ + int ret = 1; + struct passwd *pwd = k_getpwnam (name); + + if(pwd == NULL) + return 1; + if (ret) + ret = unix_verify_user (name, password); +#ifdef KRB5 + if (ret) + ret = verify_krb5(pwd, password, exp, quiet); +#endif +#ifdef KRB4 + if(ret) + ret = verify_krb4(pwd, password, exp, quiet); +#endif + return ret; +} + +char * +afs_gettktstring (void) +{ + char *ptr; + struct passwd *pwd; + + if (!correct_tkfilename) { + ptr = getenv("LOGNAME"); + if (ptr != NULL && ((pwd = getpwnam(ptr)) != NULL)) { + set_krb5ccname(pwd->pw_uid); +#ifdef KRB4 + set_krbtkfile(pwd->pw_uid); + if (!pag_set && k_hasafs()) { + k_setpag(); + pag_set=1; + } +#endif + } else { + set_spec_krbtkfile(); + } + } +#ifdef KRB5 + setenv("KRB5CCNAME",krb5ccname,1); +#endif +#ifdef KRB4 + setenv("KRBTKFILE",krbtkfile,1); + return krbtkfile; +#else + return ""; +#endif +} diff --git a/crypto/heimdal/lib/auth/pam/Makefile.am b/crypto/heimdal/lib/auth/pam/Makefile.am new file mode 100644 index 0000000..abde2d9 --- /dev/null +++ b/crypto/heimdal/lib/auth/pam/Makefile.am @@ -0,0 +1,3 @@ +# $Id: Makefile.am,v 1.2 1999/04/01 14:57:04 joda Exp $ + +include $(top_srcdir)/Makefile.am.common diff --git a/crypto/heimdal/lib/auth/pam/Makefile.in b/crypto/heimdal/lib/auth/pam/Makefile.in new file mode 100644 index 0000000..37f8d22 --- /dev/null +++ b/crypto/heimdal/lib/auth/pam/Makefile.in @@ -0,0 +1,491 @@ +# Makefile.in generated automatically by automake 1.4 from Makefile.am + +# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +# $Id: Makefile.am,v 1.2 1999/04/01 14:57:04 joda Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ + + +SHELL = @SHELL@ + +srcdir = @srcdir@ +top_srcdir = @top_srcdir@ +VPATH = @srcdir@ +prefix = @prefix@ +exec_prefix = @exec_prefix@ + +bindir = @bindir@ +sbindir = @sbindir@ +libexecdir = @libexecdir@ +datadir = @datadir@ +sysconfdir = @sysconfdir@ +sharedstatedir = @sharedstatedir@ +localstatedir = @localstatedir@ +libdir = @libdir@ +infodir = @infodir@ +mandir = @mandir@ +includedir = @includedir@ +oldincludedir = /usr/include + +DESTDIR = + +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ + +top_builddir = ../../.. + +ACLOCAL = @ACLOCAL@ +AUTOCONF = @AUTOCONF@ +AUTOMAKE = @AUTOMAKE@ +AUTOHEADER = @AUTOHEADER@ + +INSTALL = @INSTALL@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +transform = @program_transform_name@ + +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +host_alias = @host_alias@ +host_triplet = @host@ +AFS_EXTRA_LD = @AFS_EXTRA_LD@ +AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AWK = @AWK@ +CANONICAL_HOST = @CANONICAL_HOST@ +CATMAN = @CATMAN@ +CATMANEXT = @CATMANEXT@ +CC = @CC@ +DBLIB = @DBLIB@ +EXEEXT = @EXEEXT@ +EXTRA_LIB45 = @EXTRA_LIB45@ +GROFF = @GROFF@ +INCLUDE_ = @INCLUDE_@ +LD = @LD@ +LEX = @LEX@ +LIBOBJS = @LIBOBJS@ +LIBTOOL = @LIBTOOL@ +LIB_ = @LIB_@ +LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_kdb = @LIB_kdb@ +LIB_otp = @LIB_otp@ +LIB_roken = @LIB_roken@ +LIB_security = @LIB_security@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ +MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ +MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ +NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ +NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ +NM = @NM@ +NROFF = @NROFF@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +RANLIB = @RANLIB@ +VERSION = @VERSION@ +VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ +WFLAGS = @WFLAGS@ +WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ +WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ +YACC = @YACC@ + +AUTOMAKE_OPTIONS = foreign no-dependencies + +SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x + +INCLUDES = -I$(top_builddir)/include + +AM_CFLAGS = $(WFLAGS) + +COMPILE_ET = $(top_builddir)/lib/com_err/compile_et + +buildinclude = $(top_builddir)/include + +LIB_XauReadAuth = @LIB_XauReadAuth@ +LIB_crypt = @LIB_crypt@ +LIB_dbm_firstkey = @LIB_dbm_firstkey@ +LIB_dbopen = @LIB_dbopen@ +LIB_dlopen = @LIB_dlopen@ +LIB_dn_expand = @LIB_dn_expand@ +LIB_el_init = @LIB_el_init@ +LIB_getattr = @LIB_getattr@ +LIB_gethostbyname = @LIB_gethostbyname@ +LIB_getpwent_r = @LIB_getpwent_r@ +LIB_getpwnam_r = @LIB_getpwnam_r@ +LIB_getsockopt = @LIB_getsockopt@ +LIB_logout = @LIB_logout@ +LIB_logwtmp = @LIB_logwtmp@ +LIB_odm_initialize = @LIB_odm_initialize@ +LIB_readline = @LIB_readline@ +LIB_res_search = @LIB_res_search@ +LIB_setpcred = @LIB_setpcred@ +LIB_setsockopt = @LIB_setsockopt@ +LIB_socket = @LIB_socket@ +LIB_syslog = @LIB_syslog@ +LIB_tgetent = @LIB_tgetent@ + +HESIODLIB = @HESIODLIB@ +HESIODINCLUDE = @HESIODINCLUDE@ +INCLUDE_hesiod = @INCLUDE_hesiod@ +LIB_hesiod = @LIB_hesiod@ + +INCLUDE_krb4 = @INCLUDE_krb4@ +LIB_krb4 = @LIB_krb4@ + +INCLUDE_readline = @INCLUDE_readline@ + +LEXLIB = @LEXLIB@ + +cat1dir = $(mandir)/cat1 +cat3dir = $(mandir)/cat3 +cat5dir = $(mandir)/cat5 +cat8dir = $(mandir)/cat8 + +MANRX = \(.*\)\.\([0-9]\) +CATSUFFIX = @CATSUFFIX@ + +NROFF_MAN = groff -mandoc -Tascii + +@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) + +@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la + +CHECK_LOCAL = $(PROGRAMS) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = ../../../include/config.h +CONFIG_CLEAN_FILES = +CFLAGS = @CFLAGS@ +COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +DIST_COMMON = Makefile.am Makefile.in + + +DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) + +TAR = tar +GZIP_ENV = --best +all: all-redirect +.SUFFIXES: +.SUFFIXES: .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .et .h .x +$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common + cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/auth/pam/Makefile + +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + cd $(top_builddir) \ + && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status + +tags: TAGS +TAGS: + + +distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) + +subdir = lib/auth/pam + +distdir: $(DISTFILES) + @for file in $(DISTFILES); do \ + d=$(srcdir); \ + if test -d $$d/$$file; then \ + cp -pr $$/$$file $(distdir)/$$file; \ + else \ + test -f $(distdir)/$$file \ + || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ + || cp -p $$d/$$file $(distdir)/$$file || :; \ + fi; \ + done + $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook +info-am: +info: info-am +dvi-am: +dvi: dvi-am +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) check-local +check: check-am +installcheck-am: +installcheck: installcheck-am +install-exec-am: + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-exec-hook +install-exec: install-exec-am + +install-data-am: install-data-local +install-data: install-data-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am +install: install-am +uninstall-am: +uninstall: uninstall-am +all-am: Makefile all-local +all-redirect: all-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install +installdirs: + + +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -rm -f Makefile $(CONFIG_CLEAN_FILES) + -rm -f config.cache config.log stamp-h stamp-h[0-9]* + +maintainer-clean-generic: +mostlyclean-am: mostlyclean-generic + +mostlyclean: mostlyclean-am + +clean-am: clean-generic mostlyclean-am + +clean: clean-am + +distclean-am: distclean-generic clean-am + -rm -f libtool + +distclean: distclean-am + +maintainer-clean-am: maintainer-clean-generic distclean-am + @echo "This command is intended for maintainers to use;" + @echo "it deletes files that may require special tools to rebuild." + +maintainer-clean: maintainer-clean-am + +.PHONY: tags distdir info-am info dvi-am dvi check-local check check-am \ +installcheck-am installcheck install-exec-am install-exec \ +install-data-local install-data-am install-data install-am install \ +uninstall-am uninstall all-local all-redirect all-am all installdirs \ +mostlyclean-generic distclean-generic clean-generic \ +maintainer-clean-generic clean mostlyclean distclean maintainer-clean + + +install-suid-programs: + @foo='$(bin_SUIDS)'; \ + for file in $$foo; do \ + x=$(DESTDIR)$(bindir)/$$file; \ + if chown 0:0 $$x && chmod u+s $$x; then :; else \ + chmod 0 $$x; fi; done + +install-exec-hook: install-suid-programs + +install-build-headers:: $(include_HEADERS) $(build_HEADERZ) + @foo='$(include_HEADERS) $(build_HEADERZ)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " cp $$file $(buildinclude)/$$f"; \ + cp $$file $(buildinclude)/$$f; \ + fi ; \ + done + +all-local: install-build-headers +#NROFF_MAN = nroff -man +.1.cat1: + $(NROFF_MAN) $< > $@ +.3.cat3: + $(NROFF_MAN) $< > $@ +.5.cat5: + $(NROFF_MAN) $< > $@ +.8.cat8: + $(NROFF_MAN) $< > $@ + +dist-cat1-mans: + @foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat3-mans: + @foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat5-mans: + @foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat8-mans: + @foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans + +install-cat1-mans: + @ext=1;\ + foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat3-mans: + @ext=3;\ + foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat5-mans: + @ext=5;\ + foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat8-mans: + @ext=8;\ + foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans + +install-data-local: install-cat-mans + +.et.h: + $(COMPILE_ET) $< +.et.c: + $(COMPILE_ET) $< + +.x.c: + @cmp -s $< $@ 2> /dev/null || cp $< $@ + +check-local:: + @foo='$(CHECK_LOCAL)'; \ + if test "$$foo"; then \ + failed=0; all=0; \ + for i in $$foo; do \ + all=`expr $$all + 1`; \ + if ./$$i --version > /dev/null 2>&1; then \ + echo "PASS: $$i"; \ + else \ + echo "FAIL: $$i"; \ + failed=`expr $$failed + 1`; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0; \ + fi + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/crypto/heimdal/lib/auth/pam/pam.c b/crypto/heimdal/lib/auth/pam/pam.c new file mode 100644 index 0000000..d919bf8 --- /dev/null +++ b/crypto/heimdal/lib/auth/pam/pam.c @@ -0,0 +1,243 @@ +/* + * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* This code is extremely ugly, and would probably be better off + beeing completely rewritten */ + + +#ifdef HAVE_CONFIG_H +#include<config.h> +RCSID("$Id: pam.c,v 1.22 1999/12/02 16:58:37 joda Exp $"); +#endif + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <pwd.h> +#include <unistd.h> +#include <sys/types.h> + +#define PAM_SM_AUTH +#define PAM_SM_SESSION +#include <security/pam_appl.h> +#include <security/pam_modules.h> + +#include <netinet/in.h> +#include <krb.h> +#include <kafs.h> + +static int +cleanup(pam_handle_t *pamh, void *data, int error_code) +{ + if(error_code != PAM_SUCCESS) + dest_tkt(); + free(data); + return PAM_SUCCESS; +} + +static int +doit(pam_handle_t *pamh, char *name, char *inst, char *pwd, char *tkt) +{ + char realm[REALM_SZ]; + int ret; + + pam_set_data(pamh, "KRBTKFILE", strdup(tkt), cleanup); + krb_set_tkt_string(tkt); + + krb_get_lrealm(realm, 1); + ret = krb_verify_user(name, inst, realm, pwd, KRB_VERIFY_SECURE, NULL); + memset(pwd, 0, strlen(pwd)); + switch(ret){ + case KSUCCESS: + return PAM_SUCCESS; + case KDC_PR_UNKNOWN: + return PAM_USER_UNKNOWN; + case SKDC_CANT: + case SKDC_RETRY: + case RD_AP_TIME: + return PAM_AUTHINFO_UNAVAIL; + default: + return PAM_AUTH_ERR; + } +} + +static int +auth_login(pam_handle_t *pamh, int flags, char *user, struct pam_conv *conv) +{ + int ret; + struct pam_message msg, *pmsg; + struct pam_response *resp; + char prompt[128]; + + pmsg = &msg; + msg.msg_style = PAM_PROMPT_ECHO_OFF; + snprintf(prompt, sizeof(prompt), "%s's Password: ", user); + msg.msg = prompt; + + ret = conv->conv(1, (const struct pam_message**)&pmsg, + &resp, conv->appdata_ptr); + if(ret != PAM_SUCCESS) + return ret; + + { + char tkt[1024]; + struct passwd *pw = getpwnam(user); + + if(pw){ + snprintf(tkt, sizeof(tkt), + "%s%u", TKT_ROOT, (unsigned)pw->pw_uid); + ret = doit(pamh, user, "", resp->resp, tkt); + if(ret == PAM_SUCCESS) + chown(tkt, pw->pw_uid, pw->pw_gid); + }else + ret = PAM_USER_UNKNOWN; + memset(resp->resp, 0, strlen(resp->resp)); + free(resp->resp); + free(resp); + } + return ret; +} + +static int +auth_su(pam_handle_t *pamh, int flags, char *user, struct pam_conv *conv) +{ + int ret; + struct passwd *pw; + struct pam_message msg, *pmsg; + struct pam_response *resp; + char prompt[128]; + krb_principal pr; + + pr.realm[0] = 0; + ret = pam_get_user(pamh, &user, "login: "); + if(ret != PAM_SUCCESS) + return ret; + + pw = getpwuid(getuid()); + if(strcmp(user, "root") == 0){ + strlcpy(pr.name, pw->pw_name, sizeof(pr.name)); + strlcpy(pr.instance, "root", sizeof(pr.instance)); + }else{ + strlcpy(pr.name, user, sizeof(pr.name)); + pr.instance[0] = 0; + } + pmsg = &msg; + msg.msg_style = PAM_PROMPT_ECHO_OFF; + snprintf(prompt, sizeof(prompt), "%s's Password: ", krb_unparse_name(&pr)); + msg.msg = prompt; + + ret = conv->conv(1, (const struct pam_message**)&pmsg, + &resp, conv->appdata_ptr); + if(ret != PAM_SUCCESS) + return ret; + + { + char tkt[1024]; + + snprintf(tkt, sizeof(tkt),"%s_%s_to_%s", + TKT_ROOT, pw->pw_name, user); + ret = doit(pamh, pr.name, pr.instance, resp->resp, tkt); + if(ret == PAM_SUCCESS) + chown(tkt, pw->pw_uid, pw->pw_gid); + memset(resp->resp, 0, strlen(resp->resp)); + free(resp->resp); + free(resp); + } + return ret; +} + +int +pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) +{ + char *user; + int ret; + struct pam_conv *conv; + ret = pam_get_user(pamh, &user, "login: "); + if(ret != PAM_SUCCESS) + return ret; + + ret = pam_get_item(pamh, PAM_CONV, (void*)&conv); + if(ret != PAM_SUCCESS) + return ret; + + + if(getuid() != geteuid()) + return auth_su(pamh, flags, user, conv); + else + return auth_login(pamh, flags, user, conv); +} + +int +pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv) +{ + return PAM_SUCCESS; +} + + +int +pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv) +{ + char *tkt, *var; + void *user; + const char *homedir = NULL; + + if(pam_get_item (pamh, PAM_USER, &user) == PAM_SUCCESS) { + struct passwd *pwd; + + pwd = getpwnam ((char *)user); + if (pwd != NULL) + homedir = pwd->pw_dir; + } + + pam_get_data(pamh, "KRBTKFILE", (const void**)&tkt); + var = malloc(strlen("KRBTKFILE=") + strlen(tkt) + 1); + strcpy(var, "KRBTKFILE="); + strcat(var, tkt); + putenv(var); + pam_putenv(pamh, var); + if(k_hasafs()){ + k_setpag(); + krb_afslog_home(0, 0, homedir); + } + return PAM_SUCCESS; +} + + +int +pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char **argv) +{ + dest_tkt(); + if(k_hasafs()) + k_unlog(); + return PAM_SUCCESS; +} diff --git a/crypto/heimdal/lib/auth/pam/pam.conf.add b/crypto/heimdal/lib/auth/pam/pam.conf.add new file mode 100644 index 0000000..42497d2 --- /dev/null +++ b/crypto/heimdal/lib/auth/pam/pam.conf.add @@ -0,0 +1,76 @@ +To enable PAM in dtlogin and /bin/login under SunOS 5.6 apply this patch: + +--- /etc/pam.conf.DIST Mon Jul 20 15:37:46 1998 ++++ /etc/pam.conf Tue Nov 30 18:47:22 1999 +@@ -4,12 +4,14 @@ + # + # Authentication management + # ++login auth sufficient /usr/athena/lib/pam_krb4.so + login auth required /usr/lib/security/pam_unix.so.1 + login auth required /usr/lib/security/pam_dial_auth.so.1 + # + rlogin auth sufficient /usr/lib/security/pam_rhosts_auth.so.1 + rlogin auth required /usr/lib/security/pam_unix.so.1 + # ++dtlogin auth sufficient /usr/athena/lib/pam_krb4.so + dtlogin auth required /usr/lib/security/pam_unix.so.1 + # + rsh auth required /usr/lib/security/pam_rhosts_auth.so.1 +@@ -24,6 +26,8 @@ + # + # Session management + # ++dtlogin session required /usr/athena/lib/pam_krb4.so ++login session required /usr/athena/lib/pam_krb4.so + other session required /usr/lib/security/pam_unix.so.1 + # + # Password management +--------------------------------------------------------------------------- +To enable PAM in /bin/login and xdm under Red Hat 6.1 apply these patches: + +--- /etc/pam.d/login~ Thu Jul 8 00:14:02 1999 ++++ /etc/pam.d/login Mon Aug 30 14:33:12 1999 +@@ -1,9 +1,12 @@ + #%PAM-1.0 ++# Updated to work with kerberos ++auth sufficient /lib/security/pam_krb4.so + auth required /lib/security/pam_securetty.so + auth required /lib/security/pam_pwdb.so shadow nullok + auth required /lib/security/pam_nologin.so + account required /lib/security/pam_pwdb.so + password required /lib/security/pam_cracklib.so + password required /lib/security/pam_pwdb.so nullok use_authtok shadow ++session required /lib/security/pam_krb4.so + session required /lib/security/pam_pwdb.so + session optional /lib/security/pam_console.so +--- /etc/pam.d/xdm~ Mon Jun 14 17:39:05 1999 ++++ /etc/pam.d/xdm Mon Aug 30 14:54:51 1999 +@@ -1,8 +1,10 @@ + #%PAM-1.0 ++auth sufficient /lib/security/pam_krb4.so + auth required /lib/security/pam_pwdb.so shadow nullok + auth required /lib/security/pam_nologin.so + account required /lib/security/pam_pwdb.so + password required /lib/security/pam_cracklib.so + password required /lib/security/pam_pwdb.so shadow nullok use_authtok ++session required /lib/security/pam_krb4.so + session required /lib/security/pam_pwdb.so + session optional /lib/security/pam_console.so +-------------------------------------------------------------------------- + +This stuff may work under some other system. + +# To get this to work, you will have to add entries to /etc/pam.conf +# +# To make login kerberos-aware, you might change pam.conf to look +# like: + +# login authorization +login auth sufficient /lib/security/pam_krb4.so +login auth required /lib/security/pam_securetty.so +login auth required /lib/security/pam_unix_auth.so +login account required /lib/security/pam_unix_acct.so +login password required /lib/security/pam_unix_passwd.so +login session required /lib/security/pam_krb4.so +login session required /lib/security/pam_unix_session.so diff --git a/crypto/heimdal/lib/auth/sia/Makefile.am b/crypto/heimdal/lib/auth/sia/Makefile.am new file mode 100644 index 0000000..efba5c0 --- /dev/null +++ b/crypto/heimdal/lib/auth/sia/Makefile.am @@ -0,0 +1,66 @@ +# $Id: Makefile.am,v 1.5 1999/12/30 03:47:03 assar Exp $ + +include $(top_srcdir)/Makefile.am.common + +INCLUDES += $(INCLUDE_krb4) + +WFLAGS += $(WFLAGS_NOIMPLICITINT) + +DEFS = @DEFS@ + +## this is horribly ugly, but automake/libtool doesn't allow us to +## unconditionally build shared libraries, and it does not allow us to +## link with non-installed libraries + +if KRB4 +KAFS=$(top_builddir)/lib/kafs/.libs/libkafs.a +KAFS_S=$(top_builddir)/lib/kafs/.libs/libkafs.so +endif + +L = \ + $(KAFS) \ + $(top_builddir)/lib/krb5/.libs/libkrb5.a \ + $(top_builddir)/lib/asn1/.libs/libasn1.a \ + $(LIB_krb4) \ + $(top_builddir)/lib/des/.libs/libdes.a \ + $(top_builddir)/lib/com_err/.libs/libcom_err.a \ + $(top_builddir)/lib/roken/.libs/libroken.a \ + $(LIB_getpwnam_r) \ + -lc + +L_shared = \ + $(KAFS_S) \ + $(top_builddir)/lib/krb5/.libs/libkrb5.so \ + $(top_builddir)/lib/asn1/.libs/libasn1.so \ + $(LIB_krb4) \ + $(top_builddir)/lib/des/.libs/libdes.so \ + $(top_builddir)/lib/com_err/.libs/libcom_err.so \ + $(top_builddir)/lib/roken/.libs/libroken.so \ + $(LIB_getpwnam_r) \ + -lc + +EXTRA_DIST = sia.c krb5_matrix.conf krb5+c2_matrix.conf security.patch + +foodir = $(libdir) +foo_DATA = libsia_krb5.so + +LDFLAGS = -rpath $(libdir) -hidden -exported_symbol siad_\* + +OBJS = sia.o posix_getpw.o + +libsia_krb5.so: $(OBJS) + if test -f $(top_builddir)/lib/krb5/.libs/libkrb5.a; then \ + ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L); \ + elif test -f $(top_builddir)/lib/krb5/.libs/libkrb5.so; then \ + ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared); \ + else \ + echo "missing libraries"; exit 1; \ + fi + ostrip -x -z $@ + +CLEANFILES = libsia_krb5.so $(OBJS) so_locations + +SUFFIXES += .c .o + +.c.o: + $(COMPILE) -c $< diff --git a/crypto/heimdal/lib/auth/sia/Makefile.in b/crypto/heimdal/lib/auth/sia/Makefile.in new file mode 100644 index 0000000..fb36b4e --- /dev/null +++ b/crypto/heimdal/lib/auth/sia/Makefile.in @@ -0,0 +1,551 @@ +# Makefile.in generated automatically by automake 1.4 from Makefile.am + +# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +# $Id: Makefile.am,v 1.5 1999/12/30 03:47:03 assar Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ + + +SHELL = @SHELL@ + +srcdir = @srcdir@ +top_srcdir = @top_srcdir@ +VPATH = @srcdir@ +prefix = @prefix@ +exec_prefix = @exec_prefix@ + +bindir = @bindir@ +sbindir = @sbindir@ +libexecdir = @libexecdir@ +datadir = @datadir@ +sysconfdir = @sysconfdir@ +sharedstatedir = @sharedstatedir@ +localstatedir = @localstatedir@ +libdir = @libdir@ +infodir = @infodir@ +mandir = @mandir@ +includedir = @includedir@ +oldincludedir = /usr/include + +DESTDIR = + +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ + +top_builddir = ../../.. + +ACLOCAL = @ACLOCAL@ +AUTOCONF = @AUTOCONF@ +AUTOMAKE = @AUTOMAKE@ +AUTOHEADER = @AUTOHEADER@ + +INSTALL = @INSTALL@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +transform = @program_transform_name@ + +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +host_alias = @host_alias@ +host_triplet = @host@ +AFS_EXTRA_LD = @AFS_EXTRA_LD@ +AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AWK = @AWK@ +CANONICAL_HOST = @CANONICAL_HOST@ +CATMAN = @CATMAN@ +CATMANEXT = @CATMANEXT@ +CC = @CC@ +DBLIB = @DBLIB@ +EXEEXT = @EXEEXT@ +EXTRA_LIB45 = @EXTRA_LIB45@ +GROFF = @GROFF@ +INCLUDE_ = @INCLUDE_@ +LD = @LD@ +LEX = @LEX@ +LIBOBJS = @LIBOBJS@ +LIBTOOL = @LIBTOOL@ +LIB_ = @LIB_@ +LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_kdb = @LIB_kdb@ +LIB_otp = @LIB_otp@ +LIB_roken = @LIB_roken@ +LIB_security = @LIB_security@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ +MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ +MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ +NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ +NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ +NM = @NM@ +NROFF = @NROFF@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +RANLIB = @RANLIB@ +VERSION = @VERSION@ +VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ +WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ +WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ +YACC = @YACC@ + +AUTOMAKE_OPTIONS = foreign no-dependencies + +SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x .c .o + +INCLUDES = -I$(top_builddir)/include $(INCLUDE_krb4) + +AM_CFLAGS = $(WFLAGS) + +COMPILE_ET = $(top_builddir)/lib/com_err/compile_et + +buildinclude = $(top_builddir)/include + +LIB_XauReadAuth = @LIB_XauReadAuth@ +LIB_crypt = @LIB_crypt@ +LIB_dbm_firstkey = @LIB_dbm_firstkey@ +LIB_dbopen = @LIB_dbopen@ +LIB_dlopen = @LIB_dlopen@ +LIB_dn_expand = @LIB_dn_expand@ +LIB_el_init = @LIB_el_init@ +LIB_getattr = @LIB_getattr@ +LIB_gethostbyname = @LIB_gethostbyname@ +LIB_getpwent_r = @LIB_getpwent_r@ +LIB_getpwnam_r = @LIB_getpwnam_r@ +LIB_getsockopt = @LIB_getsockopt@ +LIB_logout = @LIB_logout@ +LIB_logwtmp = @LIB_logwtmp@ +LIB_odm_initialize = @LIB_odm_initialize@ +LIB_readline = @LIB_readline@ +LIB_res_search = @LIB_res_search@ +LIB_setpcred = @LIB_setpcred@ +LIB_setsockopt = @LIB_setsockopt@ +LIB_socket = @LIB_socket@ +LIB_syslog = @LIB_syslog@ +LIB_tgetent = @LIB_tgetent@ + +HESIODLIB = @HESIODLIB@ +HESIODINCLUDE = @HESIODINCLUDE@ +INCLUDE_hesiod = @INCLUDE_hesiod@ +LIB_hesiod = @LIB_hesiod@ + +INCLUDE_krb4 = @INCLUDE_krb4@ +LIB_krb4 = @LIB_krb4@ + +INCLUDE_readline = @INCLUDE_readline@ + +LEXLIB = @LEXLIB@ + +cat1dir = $(mandir)/cat1 +cat3dir = $(mandir)/cat3 +cat5dir = $(mandir)/cat5 +cat8dir = $(mandir)/cat8 + +MANRX = \(.*\)\.\([0-9]\) +CATSUFFIX = @CATSUFFIX@ + +NROFF_MAN = groff -mandoc -Tascii + +@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) + +@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la + +CHECK_LOCAL = $(PROGRAMS) + +WFLAGS = @WFLAGS@ $(WFLAGS_NOIMPLICITINT) + +DEFS = @DEFS@ + +@KRB4_TRUE@KAFS = $(top_builddir)/lib/kafs/.libs/libkafs.a +@KRB4_TRUE@KAFS_S = $(top_builddir)/lib/kafs/.libs/libkafs.so + +L = $(KAFS) $(top_builddir)/lib/krb5/.libs/libkrb5.a $(top_builddir)/lib/asn1/.libs/libasn1.a $(LIB_krb4) $(top_builddir)/lib/des/.libs/libdes.a $(top_builddir)/lib/com_err/.libs/libcom_err.a $(top_builddir)/lib/roken/.libs/libroken.a $(LIB_getpwnam_r) -lc + + +L_shared = $(KAFS_S) $(top_builddir)/lib/krb5/.libs/libkrb5.so $(top_builddir)/lib/asn1/.libs/libasn1.so $(LIB_krb4) $(top_builddir)/lib/des/.libs/libdes.so $(top_builddir)/lib/com_err/.libs/libcom_err.so $(top_builddir)/lib/roken/.libs/libroken.so $(LIB_getpwnam_r) -lc + + +EXTRA_DIST = sia.c krb5_matrix.conf krb5+c2_matrix.conf security.patch + +foodir = $(libdir) +foo_DATA = libsia_krb5.so + +LDFLAGS = -rpath $(libdir) -hidden -exported_symbol siad_\* + +OBJS = sia.o posix_getpw.o + +CLEANFILES = libsia_krb5.so $(OBJS) so_locations +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = ../../../include/config.h +CONFIG_CLEAN_FILES = +CFLAGS = @CFLAGS@ +COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +DATA = $(foo_DATA) + +DIST_COMMON = Makefile.am Makefile.in + + +DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) + +TAR = tar +GZIP_ENV = --best +all: all-redirect +.SUFFIXES: +.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .o .x +$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common + cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/auth/sia/Makefile + +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + cd $(top_builddir) \ + && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status + + +install-fooDATA: $(foo_DATA) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(foodir) + @list='$(foo_DATA)'; for p in $$list; do \ + if test -f $(srcdir)/$$p; then \ + echo " $(INSTALL_DATA) $(srcdir)/$$p $(DESTDIR)$(foodir)/$$p"; \ + $(INSTALL_DATA) $(srcdir)/$$p $(DESTDIR)$(foodir)/$$p; \ + else if test -f $$p; then \ + echo " $(INSTALL_DATA) $$p $(DESTDIR)$(foodir)/$$p"; \ + $(INSTALL_DATA) $$p $(DESTDIR)$(foodir)/$$p; \ + fi; fi; \ + done + +uninstall-fooDATA: + @$(NORMAL_UNINSTALL) + list='$(foo_DATA)'; for p in $$list; do \ + rm -f $(DESTDIR)$(foodir)/$$p; \ + done +tags: TAGS +TAGS: + + +distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) + +subdir = lib/auth/sia + +distdir: $(DISTFILES) + @for file in $(DISTFILES); do \ + d=$(srcdir); \ + if test -d $$d/$$file; then \ + cp -pr $$/$$file $(distdir)/$$file; \ + else \ + test -f $(distdir)/$$file \ + || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ + || cp -p $$d/$$file $(distdir)/$$file || :; \ + fi; \ + done + $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook +info-am: +info: info-am +dvi-am: +dvi: dvi-am +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) check-local +check: check-am +installcheck-am: +installcheck: installcheck-am +install-exec-am: + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-exec-hook +install-exec: install-exec-am + +install-data-am: install-fooDATA install-data-local +install-data: install-data-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am +install: install-am +uninstall-am: uninstall-fooDATA +uninstall: uninstall-am +all-am: Makefile $(DATA) all-local +all-redirect: all-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install +installdirs: + $(mkinstalldirs) $(DESTDIR)$(foodir) + + +mostlyclean-generic: + +clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) + +distclean-generic: + -rm -f Makefile $(CONFIG_CLEAN_FILES) + -rm -f config.cache config.log stamp-h stamp-h[0-9]* + +maintainer-clean-generic: +mostlyclean-am: mostlyclean-generic + +mostlyclean: mostlyclean-am + +clean-am: clean-generic mostlyclean-am + +clean: clean-am + +distclean-am: distclean-generic clean-am + -rm -f libtool + +distclean: distclean-am + +maintainer-clean-am: maintainer-clean-generic distclean-am + @echo "This command is intended for maintainers to use;" + @echo "it deletes files that may require special tools to rebuild." + +maintainer-clean: maintainer-clean-am + +.PHONY: uninstall-fooDATA install-fooDATA tags distdir info-am info \ +dvi-am dvi check-local check check-am installcheck-am installcheck \ +install-exec-am install-exec install-data-local install-data-am \ +install-data install-am install uninstall-am uninstall all-local \ +all-redirect all-am all installdirs mostlyclean-generic \ +distclean-generic clean-generic maintainer-clean-generic clean \ +mostlyclean distclean maintainer-clean + + +install-suid-programs: + @foo='$(bin_SUIDS)'; \ + for file in $$foo; do \ + x=$(DESTDIR)$(bindir)/$$file; \ + if chown 0:0 $$x && chmod u+s $$x; then :; else \ + chmod 0 $$x; fi; done + +install-exec-hook: install-suid-programs + +install-build-headers:: $(include_HEADERS) $(build_HEADERZ) + @foo='$(include_HEADERS) $(build_HEADERZ)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " cp $$file $(buildinclude)/$$f"; \ + cp $$file $(buildinclude)/$$f; \ + fi ; \ + done + +all-local: install-build-headers +#NROFF_MAN = nroff -man +.1.cat1: + $(NROFF_MAN) $< > $@ +.3.cat3: + $(NROFF_MAN) $< > $@ +.5.cat5: + $(NROFF_MAN) $< > $@ +.8.cat8: + $(NROFF_MAN) $< > $@ + +dist-cat1-mans: + @foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat3-mans: + @foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat5-mans: + @foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat8-mans: + @foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans + +install-cat1-mans: + @ext=1;\ + foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat3-mans: + @ext=3;\ + foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat5-mans: + @ext=5;\ + foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat8-mans: + @ext=8;\ + foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans + +install-data-local: install-cat-mans + +.et.h: + $(COMPILE_ET) $< +.et.c: + $(COMPILE_ET) $< + +.x.c: + @cmp -s $< $@ 2> /dev/null || cp $< $@ + +check-local:: + @foo='$(CHECK_LOCAL)'; \ + if test "$$foo"; then \ + failed=0; all=0; \ + for i in $$foo; do \ + all=`expr $$all + 1`; \ + if ./$$i --version > /dev/null 2>&1; then \ + echo "PASS: $$i"; \ + else \ + echo "FAIL: $$i"; \ + failed=`expr $$failed + 1`; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0; \ + fi + +libsia_krb5.so: $(OBJS) + if test -f $(top_builddir)/lib/krb5/.libs/libkrb5.a; then \ + ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L); \ + elif test -f $(top_builddir)/lib/krb5/.libs/libkrb5.so; then \ + ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared); \ + else \ + echo "missing libraries"; exit 1; \ + fi + ostrip -x -z $@ + +.c.o: + $(COMPILE) -c $< + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/crypto/heimdal/lib/auth/sia/krb4+c2_matrix.conf b/crypto/heimdal/lib/auth/sia/krb4+c2_matrix.conf new file mode 100644 index 0000000..4b90e02 --- /dev/null +++ b/crypto/heimdal/lib/auth/sia/krb4+c2_matrix.conf @@ -0,0 +1,58 @@ +# Copyright (c) 1998 Kungliga Tekniska Högskolan +# (Royal Institute of Technology, Stockholm, Sweden). +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# 3. Neither the name of the Institute nor the names of its contributors +# may be used to endorse or promote products derived from this software +# without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. + +# $Id: krb4+c2_matrix.conf,v 1.4 1999/12/02 16:58:37 joda Exp $ + +# sia matrix configuration file (Kerberos 4 + C2) + +siad_init=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) +siad_chk_invoker=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_ses_init=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_ses_authent=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_ses_estab=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_ses_launch=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_ses_suauthent=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_ses_reauthent=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_chg_finger=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_chg_password=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_chg_shell=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_getpwent=(BSD,libc.so) +siad_getpwuid=(BSD,libc.so) +siad_getpwnam=(BSD,libc.so) +siad_setpwent=(BSD,libc.so) +siad_endpwent=(BSD,libc.so) +siad_getgrent=(BSD,libc.so) +siad_getgrgid=(BSD,libc.so) +siad_getgrnam=(BSD,libc.so) +siad_setgrent=(BSD,libc.so) +siad_endgrent=(BSD,libc.so) +siad_ses_release=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_chk_user=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) diff --git a/crypto/heimdal/lib/auth/sia/krb4_matrix.conf b/crypto/heimdal/lib/auth/sia/krb4_matrix.conf new file mode 100644 index 0000000..4f55a81 --- /dev/null +++ b/crypto/heimdal/lib/auth/sia/krb4_matrix.conf @@ -0,0 +1,59 @@ +# Copyright (c) 1998 Kungliga Tekniska Högskolan +# (Royal Institute of Technology, Stockholm, Sweden). +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# 3. Neither the name of the Institute nor the names of its contributors +# may be used to endorse or promote products derived from this software +# without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. + +# $Id: krb4_matrix.conf,v 1.6 1999/12/02 16:58:37 joda Exp $ + +# sia matrix configuration file (Kerberos 4 + BSD) + +siad_init=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) +siad_chk_invoker=(BSD,libc.so) +siad_ses_init=(KRB4,/usr/athena/lib/libsia_krb4.so) +siad_ses_authent=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) +siad_ses_estab=(BSD,libc.so) +siad_ses_launch=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) +siad_ses_suauthent=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) +siad_ses_reauthent=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) +siad_chg_finger=(BSD,libc.so) +siad_chg_password=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) +siad_chg_shell=(BSD,libc.so) +siad_getpwent=(BSD,libc.so) +siad_getpwuid=(BSD,libc.so) +siad_getpwnam=(BSD,libc.so) +siad_setpwent=(BSD,libc.so) +siad_endpwent=(BSD,libc.so) +siad_getgrent=(BSD,libc.so) +siad_getgrgid=(BSD,libc.so) +siad_getgrnam=(BSD,libc.so) +siad_setgrent=(BSD,libc.so) +siad_endgrent=(BSD,libc.so) +siad_ses_release=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) +siad_chk_user=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) + diff --git a/crypto/heimdal/lib/auth/sia/krb5+c2_matrix.conf b/crypto/heimdal/lib/auth/sia/krb5+c2_matrix.conf new file mode 100644 index 0000000..c2952e2 --- /dev/null +++ b/crypto/heimdal/lib/auth/sia/krb5+c2_matrix.conf @@ -0,0 +1,27 @@ +# $Id: krb5+c2_matrix.conf,v 1.2 1998/11/26 20:58:18 assar Exp $ + +# sia matrix configuration file (Kerberos 5 + C2) + +siad_init=(KRB5,/usr/athena/lib/libsia_krb5.so)(BSD,libc.so) +siad_chk_invoker=(OSFC2,/usr/shlib/libsecurity.so) +siad_ses_init=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_ses_authent=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_ses_estab=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_ses_launch=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_ses_suauthent=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_ses_reauthent=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_chg_finger=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_chg_password=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_chg_shell=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_getpwent=(BSD,libc.so) +siad_getpwuid=(BSD,libc.so) +siad_getpwnam=(BSD,libc.so) +siad_setpwent=(BSD,libc.so) +siad_endpwent=(BSD,libc.so) +siad_getgrent=(BSD,libc.so) +siad_getgrgid=(BSD,libc.so) +siad_getgrnam=(BSD,libc.so) +siad_setgrent=(BSD,libc.so) +siad_endgrent=(BSD,libc.so) +siad_ses_release=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_chk_user=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) diff --git a/crypto/heimdal/lib/auth/sia/krb5_matrix.conf b/crypto/heimdal/lib/auth/sia/krb5_matrix.conf new file mode 100644 index 0000000..e49366a --- /dev/null +++ b/crypto/heimdal/lib/auth/sia/krb5_matrix.conf @@ -0,0 +1,27 @@ +# $Id: krb5_matrix.conf,v 1.1 1997/05/15 18:34:18 joda Exp $ + +# sia matrix configuration file (Kerberos 5 + BSD) + +siad_init=(KRB5,/usr/athena/lib/libsia_krb5.so)(BSD,libc.so) +siad_chk_invoker=(BSD,libc.so) +siad_ses_init=(KRB5,/usr/athena/lib/libsia_krb5.so) +siad_ses_authent=(KRB5,/usr/athena/lib/libsia_krb5.so)(BSD,libc.so) +siad_ses_estab=(BSD,libc.so) +siad_ses_launch=(KRB5,/usr/athena/lib/libsia_krb5.so)(BSD,libc.so) +siad_ses_suauthent=(KRB5,/usr/athena/lib/libsia_krb5.so)(BSD,libc.so) +siad_ses_reauthent=(BSD,libc.so) +siad_chg_finger=(BSD,libc.so) +siad_chg_password=(BSD,libc.so) +siad_chg_shell=(BSD,libc.so) +siad_getpwent=(BSD,libc.so) +siad_getpwuid=(BSD,libc.so) +siad_getpwnam=(BSD,libc.so) +siad_setpwent=(BSD,libc.so) +siad_endpwent=(BSD,libc.so) +siad_getgrent=(BSD,libc.so) +siad_getgrgid=(BSD,libc.so) +siad_getgrnam=(BSD,libc.so) +siad_setgrent=(BSD,libc.so) +siad_endgrent=(BSD,libc.so) +siad_ses_release=(KRB5,/usr/athena/lib/libsia_krb5.so)(BSD,libc.so) +siad_chk_user=(BSD,libc.so) diff --git a/crypto/heimdal/lib/auth/sia/posix_getpw.c b/crypto/heimdal/lib/auth/sia/posix_getpw.c new file mode 100644 index 0000000..c5961dc --- /dev/null +++ b/crypto/heimdal/lib/auth/sia/posix_getpw.c @@ -0,0 +1,78 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of KTH nor the names of its contributors may be + * used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +#include "sia_locl.h" + +RCSID("$Id: posix_getpw.c,v 1.1 1999/03/21 17:07:02 joda Exp $"); + +#ifndef POSIX_GETPWNAM_R +/* + * These functions translate from the old Digital UNIX 3.x interface + * to POSIX.1c. + */ + +int +posix_getpwnam_r(const char *name, struct passwd *pwd, + char *buffer, int len, struct passwd **result) +{ + int ret = getpwnam_r(name, pwd, buffer, len); + if(ret == 0) + *result = pwd; + else{ + *result = NULL; + ret = _Geterrno(); + if(ret == 0){ + ret = ERANGE; + _Seterrno(ret); + } + } + return ret; +} + +int +posix_getpwuid_r(uid_t uid, struct passwd *pwd, + char *buffer, int len, struct passwd **result) +{ + int ret = getpwuid_r(uid, pwd, buffer, len); + if(ret == 0) + *result = pwd; + else{ + *result = NULL; + ret = _Geterrno(); + if(ret == 0){ + ret = ERANGE; + _Seterrno(ret); + } + } + return ret; +} +#endif /* POSIX_GETPWNAM_R */ diff --git a/crypto/heimdal/lib/auth/sia/security.patch b/crypto/heimdal/lib/auth/sia/security.patch new file mode 100644 index 0000000..c407876 --- /dev/null +++ b/crypto/heimdal/lib/auth/sia/security.patch @@ -0,0 +1,11 @@ +--- /sbin/init.d/security~ Tue Aug 20 22:44:09 1996 ++++ /sbin/init.d/security Fri Nov 1 14:52:56 1996 +@@ -49,7 +49,7 @@ + SECURITY=BASE + fi + ;; +- BASE) ++ BASE|KRB4) + ;; + *) + echo "security configuration set to default (BASE)." diff --git a/crypto/heimdal/lib/auth/sia/sia.c b/crypto/heimdal/lib/auth/sia/sia.c new file mode 100644 index 0000000..01e2ac0 --- /dev/null +++ b/crypto/heimdal/lib/auth/sia/sia.c @@ -0,0 +1,672 @@ +/* + * Copyright (c) 1995-1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "sia_locl.h" + +RCSID("$Id: sia.c,v 1.33 1999/12/20 09:46:44 joda Exp $"); + +int +siad_init(void) +{ + return SIADSUCCESS; +} + +int +siad_chk_invoker(void) +{ + SIA_DEBUG(("DEBUG", "siad_chk_invoker")); + return SIADFAIL; +} + +int +siad_ses_init(SIAENTITY *entity, int pkgind) +{ + struct state *s = malloc(sizeof(*s)); + SIA_DEBUG(("DEBUG", "siad_ses_init")); + if(s == NULL) + return SIADFAIL; + memset(s, 0, sizeof(*s)); +#ifdef SIA_KRB5 + krb5_init_context(&s->context); +#endif + entity->mech[pkgind] = (int*)s; + return SIADSUCCESS; +} + +static int +setup_name(SIAENTITY *e, prompt_t *p) +{ + SIA_DEBUG(("DEBUG", "setup_name")); + e->name = malloc(SIANAMEMIN + 1); + if(e->name == NULL){ + SIA_DEBUG(("DEBUG", "failed to malloc %u bytes", SIANAMEMIN+1)); + return SIADFAIL; + } + p->prompt = (unsigned char*)"login: "; + p->result = (unsigned char*)e->name; + p->min_result_length = 1; + p->max_result_length = SIANAMEMIN; + p->control_flags = 0; + return SIADSUCCESS; +} + +static int +setup_password(SIAENTITY *e, prompt_t *p) +{ + SIA_DEBUG(("DEBUG", "setup_password")); + e->password = malloc(SIAMXPASSWORD + 1); + if(e->password == NULL){ + SIA_DEBUG(("DEBUG", "failed to malloc %u bytes", SIAMXPASSWORD+1)); + return SIADFAIL; + } + p->prompt = (unsigned char*)"Password: "; + p->result = (unsigned char*)e->password; + p->min_result_length = 0; + p->max_result_length = SIAMXPASSWORD; + p->control_flags = SIARESINVIS; + return SIADSUCCESS; +} + + +static int +doauth(SIAENTITY *entity, int pkgind, char *name) +{ + struct passwd pw, *pwd; + char pwbuf[1024]; + struct state *s = (struct state*)entity->mech[pkgind]; +#ifdef SIA_KRB5 + krb5_realm *realms, *r; + krb5_principal principal; + krb5_ccache ccache; + krb5_error_code ret; +#endif +#ifdef SIA_KRB4 + char realm[REALM_SZ]; + char *toname, *toinst; + int ret; + struct passwd fpw, *fpwd; + char fpwbuf[1024]; + int secure; +#endif + + if(getpwnam_r(name, &pw, pwbuf, sizeof(pwbuf), &pwd) != 0){ + SIA_DEBUG(("DEBUG", "failed to getpwnam(%s)", name)); + return SIADFAIL; + } + +#ifdef SIA_KRB5 + ret = krb5_get_default_realms(s->context, &realms); + + for (r = realms; *r != NULL; ++r) { + krb5_make_principal (s->context, &principal, *r, entity->name, NULL); + + if(krb5_kuserok(s->context, principal, entity->name)) + break; + } + krb5_free_host_realm (s->context, realms); + if (*r == NULL) + return SIADFAIL; + + sprintf(s->ticket, "FILE:/tmp/krb5_cc%d_%d", pwd->pw_uid, getpid()); + ret = krb5_cc_resolve(s->context, s->ticket, &ccache); + if(ret) + return SIADFAIL; +#endif + +#ifdef SIA_KRB4 + snprintf(s->ticket, sizeof(s->ticket), + "%s%u_%u", TKT_ROOT, (unsigned)pwd->pw_uid, (unsigned)getpid()); + krb_get_lrealm(realm, 1); + toname = name; + toinst = ""; + if(entity->authtype == SIA_A_SUAUTH){ + uid_t ouid; +#ifdef HAVE_SIAENTITY_OUID + ouid = entity->ouid; +#else + ouid = getuid(); +#endif + if(getpwuid_r(ouid, &fpw, fpwbuf, sizeof(fpwbuf), &fpwd) != 0){ + SIA_DEBUG(("DEBUG", "failed to getpwuid(%u)", ouid)); + return SIADFAIL; + } + snprintf(s->ticket, sizeof(s->ticket), "%s_%s_to_%s_%d", + TKT_ROOT, fpwd->pw_name, pwd->pw_name, getpid()); + if(strcmp(pwd->pw_name, "root") == 0){ + toname = fpwd->pw_name; + toinst = pwd->pw_name; + } + } + if(entity->authtype == SIA_A_REAUTH) + snprintf(s->ticket, sizeof(s->ticket), "%s", tkt_string()); + + krb_set_tkt_string(s->ticket); + + setuid(0); /* XXX fix for fix in tf_util.c */ + if(krb_kuserok(toname, toinst, realm, name)){ + SIA_DEBUG(("DEBUG", "%s.%s@%s is not allowed to login as %s", + toname, toinst, realm, name)); + return SIADFAIL; + } +#endif +#ifdef SIA_KRB5 + ret = krb5_verify_user_lrealm(s->context, principal, ccache, + entity->password, 1, NULL); + if(ret){ + /* if this is most likely a local user (such as + root), just silently return failure when the + principal doesn't exist */ + if(ret != KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN && + ret != KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN) + SIALOG("WARNING", "krb5_verify_user(%s): %s", + entity->name, error_message(ret)); + return SIADFAIL; + } +#endif +#ifdef SIA_KRB4 + if (getuid () == 0) + secure = KRB_VERIFY_SECURE; + else + secure = KRB_VERIFY_NOT_SECURE; + + ret = krb_verify_user(toname, toinst, realm, + entity->password, secure, NULL); + if(ret){ + SIA_DEBUG(("DEBUG", "krb_verify_user: %s", krb_get_err_text(ret))); + if(ret != KDC_PR_UNKNOWN) + /* since this is most likely a local user (such as + root), just silently return failure when the + principal doesn't exist */ + SIALOG("WARNING", "krb_verify_user(%s.%s): %s", + toname, toinst, krb_get_err_text(ret)); + return SIADFAIL; + } +#endif + if(sia_make_entity_pwd(pwd, entity) == SIAFAIL) + return SIADFAIL; + s->valid = 1; + return SIADSUCCESS; +} + + +static int +common_auth(sia_collect_func_t *collect, + SIAENTITY *entity, + int siastat, + int pkgind) +{ + prompt_t prompts[2], *pr; + char *name; + + SIA_DEBUG(("DEBUG", "common_auth")); + if((siastat == SIADSUCCESS) && (geteuid() == 0)) + return SIADSUCCESS; + if(entity == NULL) { + SIA_DEBUG(("DEBUG", "entity == NULL")); + return SIADFAIL | SIADSTOP; + } + name = entity->name; + if(entity->acctname) + name = entity->acctname; + + if((collect != NULL) && entity->colinput) { + int num; + pr = prompts; + if(name == NULL){ + if(setup_name(entity, pr) != SIADSUCCESS) + return SIADFAIL; + pr++; + } + if(entity->password == NULL){ + if(setup_password(entity, pr) != SIADSUCCESS) + return SIADFAIL; + pr++; + } + num = pr - prompts; + if(num == 1){ + if((*collect)(240, SIAONELINER, (unsigned char*)"", num, + prompts) != SIACOLSUCCESS){ + SIA_DEBUG(("DEBUG", "collect failed")); + return SIADFAIL | SIADSTOP; + } + } else if(num > 0){ + if((*collect)(0, SIAFORM, (unsigned char*)"", num, + prompts) != SIACOLSUCCESS){ + SIA_DEBUG(("DEBUG", "collect failed")); + return SIADFAIL | SIADSTOP; + } + } + } + if(name == NULL) + name = entity->name; + if(name == NULL || name[0] == '\0'){ + SIA_DEBUG(("DEBUG", "name is null")); + return SIADFAIL; + } + + if(entity->password == NULL || strlen(entity->password) > SIAMXPASSWORD){ + SIA_DEBUG(("DEBUG", "entity->password is null")); + return SIADFAIL; + } + + return doauth(entity, pkgind, name); +} + + +int +siad_ses_authent(sia_collect_func_t *collect, + SIAENTITY *entity, + int siastat, + int pkgind) +{ + SIA_DEBUG(("DEBUG", "siad_ses_authent")); + return common_auth(collect, entity, siastat, pkgind); +} + +int +siad_ses_estab(sia_collect_func_t *collect, + SIAENTITY *entity, int pkgind) +{ + SIA_DEBUG(("DEBUG", "siad_ses_estab")); + return SIADFAIL; +} + +int +siad_ses_launch(sia_collect_func_t *collect, + SIAENTITY *entity, + int pkgind) +{ + static char env[MaxPathLen]; + struct state *s = (struct state*)entity->mech[pkgind]; + SIA_DEBUG(("DEBUG", "siad_ses_launch")); + if(s->valid){ +#ifdef SIA_KRB5 + chown(s->ticket + sizeof("FILE:") - 1, + entity->pwd->pw_uid, + entity->pwd->pw_gid); + snprintf(env, sizeof(env), "KRB5CCNAME=%s", s->ticket); +#endif +#ifdef SIA_KRB4 + chown(s->ticket, entity->pwd->pw_uid, entity->pwd->pw_gid); + snprintf(env, sizeof(env), "KRBTKFILE=%s", s->ticket); +#endif + putenv(env); + } +#ifdef KRB4 + if (k_hasafs()) { + char cell[64]; + k_setpag(); + if(k_afs_cell_of_file(entity->pwd->pw_dir, cell, sizeof(cell)) == 0) + krb_afslog(cell, 0); + krb_afslog_home(0, 0, entity->pwd->pw_dir); + } +#endif + return SIADSUCCESS; +} + +int +siad_ses_release(SIAENTITY *entity, int pkgind) +{ + SIA_DEBUG(("DEBUG", "siad_ses_release")); + if(entity->mech[pkgind]){ +#ifdef SIA_KRB5 + struct state *s = (struct state*)entity->mech[pkgind]; + krb5_free_context(s->context); +#endif + free(entity->mech[pkgind]); + } + return SIADSUCCESS; +} + +int +siad_ses_suauthent(sia_collect_func_t *collect, + SIAENTITY *entity, + int siastat, + int pkgind) +{ + SIA_DEBUG(("DEBUG", "siad_ses_suauth")); + if(geteuid() != 0) + return SIADFAIL; + if(entity->name == NULL) + return SIADFAIL; + if(entity->name[0] == '\0') { + free(entity->name); + entity->name = strdup("root"); + if (entity->name == NULL) + return SIADFAIL; + } + return common_auth(collect, entity, siastat, pkgind); +} + +int +siad_ses_reauthent (sia_collect_func_t *collect, + SIAENTITY *entity, + int siastat, + int pkgind) +{ + int ret; + SIA_DEBUG(("DEBUG", "siad_ses_reauthent")); + if(entity == NULL || entity->name == NULL) + return SIADFAIL; + ret = common_auth(collect, entity, siastat, pkgind); + if((ret & SIADSUCCESS)){ + /* launch isn't (always?) called when doing reauth, so we must + duplicate some code here... */ + struct state *s = (struct state*)entity->mech[pkgind]; + chown(s->ticket, entity->pwd->pw_uid, entity->pwd->pw_gid); +#ifdef KRB4 + if(k_hasafs()) { + char cell[64]; + if(k_afs_cell_of_file(entity->pwd->pw_dir, + cell, sizeof(cell)) == 0) + krb_afslog(cell, 0); + krb_afslog_home(0, 0, entity->pwd->pw_dir); + } +#endif + } + return ret; +} + +int +siad_chg_finger (sia_collect_func_t *collect, + const char *username, + int argc, + char *argv[]) +{ + SIA_DEBUG(("DEBUG", "siad_chg_finger")); + return SIADFAIL; +} + +#ifdef SIA_KRB5 +int +siad_chg_password (sia_collect_func_t *collect, + const char *username, + int argc, + char *argv[]) +{ + return SIADFAIL; +} +#endif + +#ifdef SIA_KRB4 +static void +sia_message(sia_collect_func_t *collect, int rendition, + const char *title, const char *message) +{ + prompt_t prompt; + prompt.prompt = (unsigned char*)message; + (*collect)(0, rendition, (unsigned char*)title, 1, &prompt); +} + +static int +init_change(sia_collect_func_t *collect, krb_principal *princ) +{ + prompt_t prompt; + char old_pw[MAX_KPW_LEN+1]; + char *msg; + char tktstring[128]; + int ret; + + SIA_DEBUG(("DEBUG", "init_change")); + prompt.prompt = (unsigned char*)"Old password: "; + prompt.result = (unsigned char*)old_pw; + prompt.min_result_length = 0; + prompt.max_result_length = sizeof(old_pw) - 1; + prompt.control_flags = SIARESINVIS; + asprintf(&msg, "Changing password for %s", krb_unparse_name(princ)); + if(msg == NULL){ + SIA_DEBUG(("DEBUG", "out of memory")); + return SIADFAIL; + } + ret = (*collect)(60, SIAONELINER, (unsigned char*)msg, 1, &prompt); + free(msg); + SIA_DEBUG(("DEBUG", "ret = %d", ret)); + if(ret != SIACOLSUCCESS) + return SIADFAIL; + snprintf(tktstring, sizeof(tktstring), + "%s_cpw_%u", TKT_ROOT, (unsigned)getpid()); + krb_set_tkt_string(tktstring); + + ret = krb_get_pw_in_tkt(princ->name, princ->instance, princ->realm, + PWSERV_NAME, KADM_SINST, 1, old_pw); + if (ret != KSUCCESS) { + SIA_DEBUG(("DEBUG", "krb_get_pw_in_tkt: %s", krb_get_err_text(ret))); + if (ret == INTK_BADPW) + sia_message(collect, SIAWARNING, "", "Incorrect old password."); + else + sia_message(collect, SIAWARNING, "", "Kerberos error."); + memset(old_pw, 0, sizeof(old_pw)); + return SIADFAIL; + } + if(chown(tktstring, getuid(), -1) < 0){ + dest_tkt(); + return SIADFAIL; + } + memset(old_pw, 0, sizeof(old_pw)); + return SIADSUCCESS; +} + +int +siad_chg_password (sia_collect_func_t *collect, + const char *username, + int argc, + char *argv[]) +{ + prompt_t prompts[2]; + krb_principal princ; + int ret; + char new_pw1[MAX_KPW_LEN+1]; + char new_pw2[MAX_KPW_LEN+1]; + static struct et_list *et_list; + + set_progname(argv[0]); + + SIA_DEBUG(("DEBUG", "siad_chg_password")); + if(collect == NULL) + return SIADFAIL; + + if(username == NULL) + username = getlogin(); + + ret = krb_parse_name(username, &princ); + if(ret) + return SIADFAIL; + if(princ.realm[0] == '\0') + krb_get_lrealm(princ.realm, 1); + + if(et_list == NULL) { + initialize_kadm_error_table_r(&et_list); + initialize_krb_error_table_r(&et_list); + } + + ret = init_change(collect, &princ); + if(ret != SIADSUCCESS) + return ret; + +again: + prompts[0].prompt = (unsigned char*)"New password: "; + prompts[0].result = (unsigned char*)new_pw1; + prompts[0].min_result_length = MIN_KPW_LEN; + prompts[0].max_result_length = sizeof(new_pw1) - 1; + prompts[0].control_flags = SIARESINVIS; + prompts[1].prompt = (unsigned char*)"Verify new password: "; + prompts[1].result = (unsigned char*)new_pw2; + prompts[1].min_result_length = MIN_KPW_LEN; + prompts[1].max_result_length = sizeof(new_pw2) - 1; + prompts[1].control_flags = SIARESINVIS; + if((*collect)(120, SIAFORM, (unsigned char*)"", 2, prompts) != + SIACOLSUCCESS) { + dest_tkt(); + return SIADFAIL; + } + if(strcmp(new_pw1, new_pw2) != 0){ + sia_message(collect, SIAWARNING, "", "Password mismatch."); + goto again; + } + ret = kadm_check_pw(new_pw1); + if(ret) { + sia_message(collect, SIAWARNING, "", com_right(et_list, ret)); + goto again; + } + + memset(new_pw2, 0, sizeof(new_pw2)); + ret = kadm_init_link (PWSERV_NAME, KRB_MASTER, princ.realm); + if (ret != KADM_SUCCESS) + sia_message(collect, SIAWARNING, "Error initing kadmin connection", + com_right(et_list, ret)); + else { + des_cblock newkey; + char *pw_msg; /* message from server */ + + des_string_to_key(new_pw1, &newkey); + ret = kadm_change_pw_plain((unsigned char*)&newkey, new_pw1, &pw_msg); + memset(newkey, 0, sizeof(newkey)); + + if (ret == KADM_INSECURE_PW) + sia_message(collect, SIAWARNING, "Insecure password", pw_msg); + else if (ret != KADM_SUCCESS) + sia_message(collect, SIAWARNING, "Error changing password", + com_right(et_list, ret)); + } + memset(new_pw1, 0, sizeof(new_pw1)); + + if (ret != KADM_SUCCESS) + sia_message(collect, SIAWARNING, "", "Password NOT changed."); + else + sia_message(collect, SIAINFO, "", "Password changed."); + + dest_tkt(); + if(ret) + return SIADFAIL; + return SIADSUCCESS; +} +#endif + +int +siad_chg_shell (sia_collect_func_t *collect, + const char *username, + int argc, + char *argv[]) +{ + return SIADFAIL; +} + +int +siad_getpwent(struct passwd *result, + char *buf, + int bufsize, + struct sia_context *context) +{ + return SIADFAIL; +} + +int +siad_getpwuid (uid_t uid, + struct passwd *result, + char *buf, + int bufsize, + struct sia_context *context) +{ + return SIADFAIL; +} + +int +siad_getpwnam (const char *name, + struct passwd *result, + char *buf, + int bufsize, + struct sia_context *context) +{ + return SIADFAIL; +} + +int +siad_setpwent (struct sia_context *context) +{ + return SIADFAIL; +} + +int +siad_endpwent (struct sia_context *context) +{ + return SIADFAIL; +} + +int +siad_getgrent(struct group *result, + char *buf, + int bufsize, + struct sia_context *context) +{ + return SIADFAIL; +} + +int +siad_getgrgid (gid_t gid, + struct group *result, + char *buf, + int bufsize, + struct sia_context *context) +{ + return SIADFAIL; +} + +int +siad_getgrnam (const char *name, + struct group *result, + char *buf, + int bufsize, + struct sia_context *context) +{ + return SIADFAIL; +} + +int +siad_setgrent (struct sia_context *context) +{ + return SIADFAIL; +} + +int +siad_endgrent (struct sia_context *context) +{ + return SIADFAIL; +} + +int +siad_chk_user (const char *logname, int checkflag) +{ + if(checkflag != CHGPASSWD) + return SIADFAIL; + return SIADSUCCESS; +} diff --git a/crypto/heimdal/lib/auth/sia/sia_locl.h b/crypto/heimdal/lib/auth/sia/sia_locl.h new file mode 100644 index 0000000..0f3f74d --- /dev/null +++ b/crypto/heimdal/lib/auth/sia/sia_locl.h @@ -0,0 +1,94 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of KTH nor the names of its contributors may be + * used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +/* $Id: sia_locl.h,v 1.2 1999/04/01 16:09:22 joda Exp $ */ + +#ifndef __sia_locl_h__ +#define __sia_locl_h__ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include <ctype.h> +#include <stdio.h> +#include <string.h> +#include <siad.h> +#include <pwd.h> +#include <sys/types.h> +#include <sys/socket.h> +#include <netinet/in.h> + +#ifdef KRB5 +#define SIA_KRB5 +#elif defined(KRB4) +#define SIA_KRB4 +#endif + +#ifdef SIA_KRB5 +#include <krb5.h> +#include <com_err.h> +#endif +#ifdef SIA_KRB4 +#include <krb.h> +#include <krb_err.h> +#include <kadm.h> +#include <kadm_err.h> +#endif +#ifdef KRB4 +#include <kafs.h> +#endif + +#include <roken.h> + +#ifndef POSIX_GETPWNAM_R + +#define getpwnam_r posix_getpwnam_r +#define getpwuid_r posix_getpwuid_r + +#endif /* POSIX_GETPWNAM_R */ + +#ifndef DEBUG +#define SIA_DEBUG(X) +#else +#define SIA_DEBUG(X) SIALOG X +#endif + +struct state{ +#ifdef SIA_KRB5 + krb5_context context; + krb5_auth_context auth_context; +#endif + char ticket[MaxPathLen]; + int valid; +}; + +#endif /* __sia_locl_h__ */ diff --git a/crypto/heimdal/lib/des/rc4.h b/crypto/heimdal/lib/des/rc4.h new file mode 100644 index 0000000..15441f6 --- /dev/null +++ b/crypto/heimdal/lib/des/rc4.h @@ -0,0 +1,76 @@ +/* crypto/rc4/rc4.h */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +/* $Id: rc4.h,v 1.2 1999/10/21 12:58:31 joda Exp $ */ + +#ifndef HEADER_RC4_H +#define HEADER_RC4_H + +typedef unsigned int RC4_INT; + +typedef struct rc4_key_st { + RC4_INT x,y; + RC4_INT data[256]; +} RC4_KEY; + + +void RC4_set_key(RC4_KEY *key, int len, unsigned char *data); +void RC4(RC4_KEY *key, unsigned long len, unsigned char *indata, + unsigned char *outdata); + +#endif diff --git a/crypto/heimdal/lib/des/rc4_enc.c b/crypto/heimdal/lib/des/rc4_enc.c new file mode 100644 index 0000000..6b1686f --- /dev/null +++ b/crypto/heimdal/lib/des/rc4_enc.c @@ -0,0 +1,133 @@ +/* crypto/rc4/rc4_enc.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" +#include "rc4.h" + +RCSID("$Id: rc4_enc.c,v 1.2 1999/10/21 12:58:43 joda Exp $"); + +/* RC4 as implemented from a posting from + * Newsgroups: sci.crypt + * From: sterndark@netcom.com (David Sterndark) + * Subject: RC4 Algorithm revealed. + * Message-ID: <sternCvKL4B.Hyy@netcom.com> + * Date: Wed, 14 Sep 1994 06:35:31 GMT + */ + +void RC4(RC4_KEY *key, unsigned long len, unsigned char *indata, + unsigned char *outdata) + { + register RC4_INT *d; + register RC4_INT x,y,tx,ty; + int i; + + x=key->x; + y=key->y; + d=key->data; + +#define LOOP(in,out) \ + x=((x+1)&0xff); \ + tx=d[x]; \ + y=(tx+y)&0xff; \ + d[x]=ty=d[y]; \ + d[y]=tx; \ + (out) = d[(tx+ty)&0xff]^ (in); + +#ifndef RC4_INDEX +#define RC4_LOOP(a,b,i) LOOP(*((a)++),*((b)++)) +#else +#define RC4_LOOP(a,b,i) LOOP(a[i],b[i]) +#endif + + i=(int)(len>>3L); + if (i) + { + for (;;) + { + RC4_LOOP(indata,outdata,0); + RC4_LOOP(indata,outdata,1); + RC4_LOOP(indata,outdata,2); + RC4_LOOP(indata,outdata,3); + RC4_LOOP(indata,outdata,4); + RC4_LOOP(indata,outdata,5); + RC4_LOOP(indata,outdata,6); + RC4_LOOP(indata,outdata,7); +#ifdef RC4_INDEX + indata+=8; + outdata+=8; +#endif + if (--i == 0) break; + } + } + i=(int)len&0x07; + if (i) + { + for (;;) + { + RC4_LOOP(indata,outdata,0); if (--i == 0) break; + RC4_LOOP(indata,outdata,1); if (--i == 0) break; + RC4_LOOP(indata,outdata,2); if (--i == 0) break; + RC4_LOOP(indata,outdata,3); if (--i == 0) break; + RC4_LOOP(indata,outdata,4); if (--i == 0) break; + RC4_LOOP(indata,outdata,5); if (--i == 0) break; + RC4_LOOP(indata,outdata,6); if (--i == 0) break; + } + } + key->x=x; + key->y=y; + } diff --git a/crypto/heimdal/lib/des/rc4_skey.c b/crypto/heimdal/lib/des/rc4_skey.c new file mode 100644 index 0000000..f5bce46 --- /dev/null +++ b/crypto/heimdal/lib/des/rc4_skey.c @@ -0,0 +1,101 @@ +/* crypto/rc4/rc4_skey.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "des_locl.h" +#include "rc4.h" + +RCSID("$Id: rc4_skey.c,v 1.2 1999/10/21 12:58:52 joda Exp $"); + +/* RC4 as implemented from a posting from + * Newsgroups: sci.crypt + * From: sterndark@netcom.com (David Sterndark) + * Subject: RC4 Algorithm revealed. + * Message-ID: <sternCvKL4B.Hyy@netcom.com> + * Date: Wed, 14 Sep 1994 06:35:31 GMT + */ + +void RC4_set_key(RC4_KEY *key, int len, register unsigned char *data) + { + register RC4_INT tmp; + register int id1,id2; + register RC4_INT *d; + unsigned int i; + + d= &(key->data[0]); + for (i=0; i<256; i++) + d[i]=i; + key->x = 0; + key->y = 0; + id1=id2=0; + +#define SK_LOOP(n) { \ + tmp=d[(n)]; \ + id2 = (data[id1] + tmp + id2) & 0xff; \ + if (++id1 == len) id1=0; \ + d[(n)]=d[id2]; \ + d[id2]=tmp; } + + for (i=0; i < 256; i+=4) + { + SK_LOOP(i+0); + SK_LOOP(i+1); + SK_LOOP(i+2); + SK_LOOP(i+3); + } + } + diff --git a/crypto/heimdal/lib/des/rc4test.c b/crypto/heimdal/lib/des/rc4test.c new file mode 100644 index 0000000..5abf8cf --- /dev/null +++ b/crypto/heimdal/lib/des/rc4test.c @@ -0,0 +1,201 @@ +/* crypto/rc4/rc4test.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#ifdef NO_RC4 +int main(int argc, char *argv[]) +{ + printf("No RC4 support\n"); + return(0); +} +#else +#include <openssl/rc4.h> + +unsigned char keys[7][30]={ + {8,0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef}, + {8,0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef}, + {8,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00}, + {4,0xef,0x01,0x23,0x45}, + {8,0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef}, + {4,0xef,0x01,0x23,0x45}, + }; + +unsigned char data_len[7]={8,8,8,20,28,10}; +unsigned char data[7][30]={ + {0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,0xff}, + {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff}, + {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff}, + {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0xff}, + {0x12,0x34,0x56,0x78,0x9A,0xBC,0xDE,0xF0, + 0x12,0x34,0x56,0x78,0x9A,0xBC,0xDE,0xF0, + 0x12,0x34,0x56,0x78,0x9A,0xBC,0xDE,0xF0, + 0x12,0x34,0x56,0x78,0xff}, + {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff}, + {0}, + }; + +unsigned char output[7][30]={ + {0x75,0xb7,0x87,0x80,0x99,0xe0,0xc5,0x96,0x00}, + {0x74,0x94,0xc2,0xe7,0x10,0x4b,0x08,0x79,0x00}, + {0xde,0x18,0x89,0x41,0xa3,0x37,0x5d,0x3a,0x00}, + {0xd6,0xa1,0x41,0xa7,0xec,0x3c,0x38,0xdf, + 0xbd,0x61,0x5a,0x11,0x62,0xe1,0xc7,0xba, + 0x36,0xb6,0x78,0x58,0x00}, + {0x66,0xa0,0x94,0x9f,0x8a,0xf7,0xd6,0x89, + 0x1f,0x7f,0x83,0x2b,0xa8,0x33,0xc0,0x0c, + 0x89,0x2e,0xbe,0x30,0x14,0x3c,0xe2,0x87, + 0x40,0x01,0x1e,0xcf,0x00}, + {0xd6,0xa1,0x41,0xa7,0xec,0x3c,0x38,0xdf,0xbd,0x61,0x00}, + {0}, + }; + +int main(int argc, char *argv[]) + { + int i,err=0; + int j; + unsigned char *p; + RC4_KEY key; + unsigned char buf[512],obuf[512]; + + for (i=0; i<512; i++) buf[i]=0x01; + + for (i=0; i<6; i++) + { + RC4_set_key(&key,keys[i][0],&(keys[i][1])); + memset(obuf,0x00,sizeof(obuf)); + RC4(&key,data_len[i],&(data[i][0]),obuf); + if (memcmp(obuf,output[i],data_len[i]+1) != 0) + { + printf("error calculating RC4\n"); + printf("output:"); + for (j=0; j<data_len[i]+1; j++) + printf(" %02x",obuf[j]); + printf("\n"); + printf("expect:"); + p= &(output[i][0]); + for (j=0; j<data_len[i]+1; j++) + printf(" %02x",*(p++)); + printf("\n"); + err++; + } + else + printf("test %d ok\n",i); + } + printf("test end processing "); + for (i=0; i<data_len[3]; i++) + { + RC4_set_key(&key,keys[3][0],&(keys[3][1])); + memset(obuf,0x00,sizeof(obuf)); + RC4(&key,i,&(data[3][0]),obuf); + if ((memcmp(obuf,output[3],i) != 0) || (obuf[i] != 0)) + { + printf("error in RC4 length processing\n"); + printf("output:"); + for (j=0; j<i+1; j++) + printf(" %02x",obuf[j]); + printf("\n"); + printf("expect:"); + p= &(output[3][0]); + for (j=0; j<i; j++) + printf(" %02x",*(p++)); + printf(" 00\n"); + err++; + } + else + { + printf("."); + fflush(stdout); + } + } + printf("done\n"); + printf("test multi-call "); + for (i=0; i<data_len[3]; i++) + { + RC4_set_key(&key,keys[3][0],&(keys[3][1])); + memset(obuf,0x00,sizeof(obuf)); + RC4(&key,i,&(data[3][0]),obuf); + RC4(&key,data_len[3]-i,&(data[3][i]),&(obuf[i])); + if (memcmp(obuf,output[3],data_len[3]+1) != 0) + { + printf("error in RC4 multi-call processing\n"); + printf("output:"); + for (j=0; j<data_len[3]+1; j++) + printf(" %02x",obuf[j]); + printf("\n"); + printf("expect:"); + p= &(output[3][0]); + for (j=0; j<data_len[3]+1; j++) + printf(" %02x",*(p++)); + err++; + } + else + { + printf("."); + fflush(stdout); + } + } + printf("done\n"); + exit(err); + return(0); + } +#endif diff --git a/crypto/heimdal/lib/gssapi/8003.c b/crypto/heimdal/lib/gssapi/8003.c new file mode 100644 index 0000000..61fe215 --- /dev/null +++ b/crypto/heimdal/lib/gssapi/8003.c @@ -0,0 +1,152 @@ +/* + * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +RCSID("$Id: 8003.c,v 1.5 1999/12/02 17:05:03 joda Exp $"); + +static krb5_error_code +encode_om_uint32(OM_uint32 n, u_char *p) +{ + p[0] = (n >> 0) & 0xFF; + p[1] = (n >> 8) & 0xFF; + p[2] = (n >> 16) & 0xFF; + p[3] = (n >> 24) & 0xFF; + return 0; +} + +static krb5_error_code +decode_om_uint32(u_char *p, OM_uint32 *n) +{ + *n = (p[0] << 0) | (p[1] << 8) | (p[2] << 16) | (p[3] << 24); + return 0; +} + +static krb5_error_code +hash_input_chan_bindings (const gss_channel_bindings_t b, + u_char *p) +{ + u_char num[4]; + struct md5 md5; + + md5_init(&md5); + encode_om_uint32 (b->initiator_addrtype, num); + md5_update (&md5, num, sizeof(num)); + encode_om_uint32 (b->initiator_address.length, num); + md5_update (&md5, num, sizeof(num)); + if (b->initiator_address.length) + md5_update (&md5, + b->initiator_address.value, + b->initiator_address.length); + encode_om_uint32 (b->acceptor_addrtype, num); + md5_update (&md5, num, sizeof(num)); + encode_om_uint32 (b->acceptor_address.length, num); + md5_update (&md5, num, sizeof(num)); + if (b->acceptor_address.length) + md5_update (&md5, + b->acceptor_address.value, + b->acceptor_address.length); + encode_om_uint32 (b->application_data.length, num); + md5_update (&md5, num, sizeof(num)); + if (b->application_data.length) + md5_update (&md5, + b->application_data.value, + b->application_data.length); + md5_finito (&md5, p); + return 0; +} + +krb5_error_code +gssapi_krb5_create_8003_checksum ( + const gss_channel_bindings_t input_chan_bindings, + OM_uint32 flags, + Checksum *result) +{ + u_char *p; + + result->cksumtype = 0x8003; + result->checksum.length = 24; + result->checksum.data = malloc (result->checksum.length); + if (result->checksum.data == NULL) + return ENOMEM; + + p = result->checksum.data; + encode_om_uint32 (16, p); + p += 4; + if (input_chan_bindings == GSS_C_NO_CHANNEL_BINDINGS) { + memset (p, 0, 16); + } else { + hash_input_chan_bindings (input_chan_bindings, p); + } + p += 16; + encode_om_uint32 (flags, p); + p += 4; + if (p - (u_char *)result->checksum.data != result->checksum.length) + abort (); + return 0; +} + +krb5_error_code +gssapi_krb5_verify_8003_checksum( + const gss_channel_bindings_t input_chan_bindings, + Checksum *cksum, + OM_uint32 *flags) +{ + unsigned char hash[16]; + unsigned char *p; + OM_uint32 length; + + /* XXX should handle checksums > 24 bytes */ + if(cksum->cksumtype != 0x8003 || cksum->checksum.length != 24) + return GSS_S_BAD_BINDINGS; + + p = cksum->checksum.data; + decode_om_uint32(p, &length); + if(length != sizeof(hash)) + return GSS_S_FAILURE; + + p += 4; + + if (input_chan_bindings != GSS_C_NO_CHANNEL_BINDINGS) { + if(hash_input_chan_bindings(input_chan_bindings, hash) != 0) + return GSS_S_FAILURE; + if(memcmp(hash, p, sizeof(hash)) != 0) + return GSS_S_FAILURE; + } + + p += sizeof(hash); + + decode_om_uint32(p, flags); + + return 0; +} diff --git a/crypto/heimdal/lib/gssapi/ChangeLog b/crypto/heimdal/lib/gssapi/ChangeLog new file mode 100644 index 0000000..2524003 --- /dev/null +++ b/crypto/heimdal/lib/gssapi/ChangeLog @@ -0,0 +1,60 @@ +2000-01-06 Assar Westerlund <assar@sics.se> + + * Makefile.am: set version to 0:4:0 + +1999-12-26 Assar Westerlund <assar@sics.se> + + * accept_sec_context.c (gss_accept_sec_context): always set + `output_token' + * init_sec_context.c (init_auth): always initialize `output_token' + * delete_sec_context.c (gss_delete_sec_context): always set + `output_token' + +1999-12-06 Assar Westerlund <assar@sics.se> + + * Makefile.am: bump version to 0:3:0 + +1999-10-20 Assar Westerlund <assar@sics.se> + + * Makefile.am: set version to 0:2:0 + +1999-09-21 Assar Westerlund <assar@sics.se> + + * init_sec_context.c (gss_init_sec_context): initialize `ticket' + + * gssapi.h (gss_ctx_id_t_desc): add ticket in here. ick. + + * delete_sec_context.c (gss_delete_sec_context): free ticket + + * accept_sec_context.c (gss_accept_sec_context): stove away + `krb5_ticket' in context so that ugly programs such as + gss_nt_server can get at it. uck. + +1999-09-20 Johan Danielsson <joda@pdc.kth.se> + + * accept_sec_context.c: set minor_status + +1999-08-04 Assar Westerlund <assar@sics.se> + + * display_status.c (calling_error, routine_error): right shift the + code to make it possible to index into the arrays + +1999-07-28 Assar Westerlund <assar@sics.se> + + * gssapi.h (GSS_C_AF_INET6): add + + * import_name.c (import_hostbased_name): set minor_status + +1999-07-26 Assar Westerlund <assar@sics.se> + + * Makefile.am: set version to 0:1:0 + +Wed Apr 7 14:05:15 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * display_status.c: set minor_status + + * init_sec_context.c: set minor_status + + * lib/gssapi/init.c: remove donep (check gssapi_krb5_context + directly) + diff --git a/crypto/heimdal/lib/gssapi/Makefile.am b/crypto/heimdal/lib/gssapi/Makefile.am new file mode 100644 index 0000000..ff4ef63 --- /dev/null +++ b/crypto/heimdal/lib/gssapi/Makefile.am @@ -0,0 +1,46 @@ +# $Id: Makefile.am,v 1.17 2000/01/06 21:47:40 assar Exp $ + +include $(top_srcdir)/Makefile.am.common + +INCLUDES += -I$(srcdir)/../krb5 + +lib_LTLIBRARIES = libgssapi.la +libgssapi_la_LDFLAGS = -version-info 0:4:0 + +include_HEADERS = gssapi.h + +libgssapi_la_SOURCES = \ + 8003.c \ + accept_sec_context.c \ + acquire_cred.c \ + add_oid_set_member.c \ + canonicalize_name.c \ + compare_name.c \ + context_time.c \ + create_emtpy_oid_set.c \ + decapsulate.c \ + delete_sec_context.c \ + display_name.c \ + display_status.c \ + duplicate_name.c \ + encapsulate.c \ + export_name.c \ + external.c \ + get_mic.c \ + gssapi.h \ + gssapi_locl.h \ + import_name.c \ + indicate_mechs.c \ + init.c \ + init_sec_context.c \ + inquire_context.c \ + inquire_cred.c \ + release_buffer.c \ + release_cred.c \ + release_name.c \ + release_oid_set.c \ + test_oid_set_member.c \ + unwrap.c \ + v1.c \ + verify_mic.c \ + wrap.c diff --git a/crypto/heimdal/lib/gssapi/Makefile.in b/crypto/heimdal/lib/gssapi/Makefile.in new file mode 100644 index 0000000..4e658c1 --- /dev/null +++ b/crypto/heimdal/lib/gssapi/Makefile.in @@ -0,0 +1,654 @@ +# Makefile.in generated automatically by automake 1.4 from Makefile.am + +# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +# $Id: Makefile.am,v 1.17 2000/01/06 21:47:40 assar Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ + + +SHELL = @SHELL@ + +srcdir = @srcdir@ +top_srcdir = @top_srcdir@ +VPATH = @srcdir@ +prefix = @prefix@ +exec_prefix = @exec_prefix@ + +bindir = @bindir@ +sbindir = @sbindir@ +libexecdir = @libexecdir@ +datadir = @datadir@ +sysconfdir = @sysconfdir@ +sharedstatedir = @sharedstatedir@ +localstatedir = @localstatedir@ +libdir = @libdir@ +infodir = @infodir@ +mandir = @mandir@ +includedir = @includedir@ +oldincludedir = /usr/include + +DESTDIR = + +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ + +top_builddir = ../.. + +ACLOCAL = @ACLOCAL@ +AUTOCONF = @AUTOCONF@ +AUTOMAKE = @AUTOMAKE@ +AUTOHEADER = @AUTOHEADER@ + +INSTALL = @INSTALL@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +transform = @program_transform_name@ + +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +host_alias = @host_alias@ +host_triplet = @host@ +AFS_EXTRA_LD = @AFS_EXTRA_LD@ +AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AWK = @AWK@ +CANONICAL_HOST = @CANONICAL_HOST@ +CATMAN = @CATMAN@ +CATMANEXT = @CATMANEXT@ +CC = @CC@ +DBLIB = @DBLIB@ +EXEEXT = @EXEEXT@ +EXTRA_LIB45 = @EXTRA_LIB45@ +GROFF = @GROFF@ +INCLUDE_ = @INCLUDE_@ +LD = @LD@ +LEX = @LEX@ +LIBOBJS = @LIBOBJS@ +LIBTOOL = @LIBTOOL@ +LIB_ = @LIB_@ +LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_kdb = @LIB_kdb@ +LIB_otp = @LIB_otp@ +LIB_roken = @LIB_roken@ +LIB_security = @LIB_security@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ +MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ +MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ +NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ +NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ +NM = @NM@ +NROFF = @NROFF@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +RANLIB = @RANLIB@ +VERSION = @VERSION@ +VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ +WFLAGS = @WFLAGS@ +WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ +WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ +YACC = @YACC@ + +AUTOMAKE_OPTIONS = foreign no-dependencies + +SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x + +INCLUDES = -I$(top_builddir)/include -I$(srcdir)/../krb5 + +AM_CFLAGS = $(WFLAGS) + +COMPILE_ET = $(top_builddir)/lib/com_err/compile_et + +buildinclude = $(top_builddir)/include + +LIB_XauReadAuth = @LIB_XauReadAuth@ +LIB_crypt = @LIB_crypt@ +LIB_dbm_firstkey = @LIB_dbm_firstkey@ +LIB_dbopen = @LIB_dbopen@ +LIB_dlopen = @LIB_dlopen@ +LIB_dn_expand = @LIB_dn_expand@ +LIB_el_init = @LIB_el_init@ +LIB_getattr = @LIB_getattr@ +LIB_gethostbyname = @LIB_gethostbyname@ +LIB_getpwent_r = @LIB_getpwent_r@ +LIB_getpwnam_r = @LIB_getpwnam_r@ +LIB_getsockopt = @LIB_getsockopt@ +LIB_logout = @LIB_logout@ +LIB_logwtmp = @LIB_logwtmp@ +LIB_odm_initialize = @LIB_odm_initialize@ +LIB_readline = @LIB_readline@ +LIB_res_search = @LIB_res_search@ +LIB_setpcred = @LIB_setpcred@ +LIB_setsockopt = @LIB_setsockopt@ +LIB_socket = @LIB_socket@ +LIB_syslog = @LIB_syslog@ +LIB_tgetent = @LIB_tgetent@ + +HESIODLIB = @HESIODLIB@ +HESIODINCLUDE = @HESIODINCLUDE@ +INCLUDE_hesiod = @INCLUDE_hesiod@ +LIB_hesiod = @LIB_hesiod@ + +INCLUDE_krb4 = @INCLUDE_krb4@ +LIB_krb4 = @LIB_krb4@ + +INCLUDE_readline = @INCLUDE_readline@ + +LEXLIB = @LEXLIB@ + +cat1dir = $(mandir)/cat1 +cat3dir = $(mandir)/cat3 +cat5dir = $(mandir)/cat5 +cat8dir = $(mandir)/cat8 + +MANRX = \(.*\)\.\([0-9]\) +CATSUFFIX = @CATSUFFIX@ + +NROFF_MAN = groff -mandoc -Tascii + +@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) + +@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la + +CHECK_LOCAL = $(PROGRAMS) + +lib_LTLIBRARIES = libgssapi.la +libgssapi_la_LDFLAGS = -version-info 0:4:0 + +include_HEADERS = gssapi.h + +libgssapi_la_SOURCES = 8003.c accept_sec_context.c acquire_cred.c add_oid_set_member.c canonicalize_name.c compare_name.c context_time.c create_emtpy_oid_set.c decapsulate.c delete_sec_context.c display_name.c display_status.c duplicate_name.c encapsulate.c export_name.c external.c get_mic.c gssapi.h gssapi_locl.h import_name.c indicate_mechs.c init.c init_sec_context.c inquire_context.c inquire_cred.c release_buffer.c release_cred.c release_name.c release_oid_set.c test_oid_set_member.c unwrap.c v1.c verify_mic.c wrap.c + +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = ../../include/config.h +CONFIG_CLEAN_FILES = +LTLIBRARIES = $(lib_LTLIBRARIES) + + +DEFS = @DEFS@ -I. -I$(srcdir) -I../../include +CPPFLAGS = @CPPFLAGS@ +LDFLAGS = @LDFLAGS@ +LIBS = @LIBS@ +X_CFLAGS = @X_CFLAGS@ +X_LIBS = @X_LIBS@ +X_EXTRA_LIBS = @X_EXTRA_LIBS@ +X_PRE_LIBS = @X_PRE_LIBS@ +libgssapi_la_LIBADD = +libgssapi_la_OBJECTS = 8003.lo accept_sec_context.lo acquire_cred.lo \ +add_oid_set_member.lo canonicalize_name.lo compare_name.lo \ +context_time.lo create_emtpy_oid_set.lo decapsulate.lo \ +delete_sec_context.lo display_name.lo display_status.lo \ +duplicate_name.lo encapsulate.lo export_name.lo external.lo get_mic.lo \ +import_name.lo indicate_mechs.lo init.lo init_sec_context.lo \ +inquire_context.lo inquire_cred.lo release_buffer.lo release_cred.lo \ +release_name.lo release_oid_set.lo test_oid_set_member.lo unwrap.lo \ +v1.lo verify_mic.lo wrap.lo +CFLAGS = @CFLAGS@ +COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +HEADERS = $(include_HEADERS) + +DIST_COMMON = ChangeLog Makefile.am Makefile.in + + +DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) + +TAR = tar +GZIP_ENV = --best +SOURCES = $(libgssapi_la_SOURCES) +OBJECTS = $(libgssapi_la_OBJECTS) + +all: all-redirect +.SUFFIXES: +.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .s .x +$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common + cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/gssapi/Makefile + +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + cd $(top_builddir) \ + && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status + + +mostlyclean-libLTLIBRARIES: + +clean-libLTLIBRARIES: + -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) + +distclean-libLTLIBRARIES: + +maintainer-clean-libLTLIBRARIES: + +install-libLTLIBRARIES: $(lib_LTLIBRARIES) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(libdir) + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + echo "$(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p"; \ + $(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p; \ + else :; fi; \ + done + +uninstall-libLTLIBRARIES: + @$(NORMAL_UNINSTALL) + list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \ + done + +.c.o: + $(COMPILE) -c $< + +# FIXME: We should only use cygpath when building on Windows, +# and only if it is available. +.c.obj: + $(COMPILE) -c `cygpath -w $<` + +.s.o: + $(COMPILE) -c $< + +.S.o: + $(COMPILE) -c $< + +mostlyclean-compile: + -rm -f *.o core *.core + -rm -f *.$(OBJEXT) + +clean-compile: + +distclean-compile: + -rm -f *.tab.c + +maintainer-clean-compile: + +.c.lo: + $(LIBTOOL) --mode=compile $(COMPILE) -c $< + +.s.lo: + $(LIBTOOL) --mode=compile $(COMPILE) -c $< + +.S.lo: + $(LIBTOOL) --mode=compile $(COMPILE) -c $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +distclean-libtool: + +maintainer-clean-libtool: + +libgssapi.la: $(libgssapi_la_OBJECTS) $(libgssapi_la_DEPENDENCIES) + $(LINK) -rpath $(libdir) $(libgssapi_la_LDFLAGS) $(libgssapi_la_OBJECTS) $(libgssapi_la_LIBADD) $(LIBS) + +install-includeHEADERS: $(include_HEADERS) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(includedir) + @list='$(include_HEADERS)'; for p in $$list; do \ + if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \ + echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p"; \ + $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p; \ + done + +uninstall-includeHEADERS: + @$(NORMAL_UNINSTALL) + list='$(include_HEADERS)'; for p in $$list; do \ + rm -f $(DESTDIR)$(includedir)/$$p; \ + done + +tags: TAGS + +ID: $(HEADERS) $(SOURCES) $(LISP) + list='$(SOURCES) $(HEADERS)'; \ + unique=`for i in $$list; do echo $$i; done | \ + awk ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + here=`pwd` && cd $(srcdir) \ + && mkid -f$$here/ID $$unique $(LISP) + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS)'; \ + unique=`for i in $$list; do echo $$i; done | \ + awk ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ + || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS) + +mostlyclean-tags: + +clean-tags: + +distclean-tags: + -rm -f TAGS ID + +maintainer-clean-tags: + +distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) + +subdir = lib/gssapi + +distdir: $(DISTFILES) + @for file in $(DISTFILES); do \ + d=$(srcdir); \ + if test -d $$d/$$file; then \ + cp -pr $$/$$file $(distdir)/$$file; \ + else \ + test -f $(distdir)/$$file \ + || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ + || cp -p $$d/$$file $(distdir)/$$file || :; \ + fi; \ + done + $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook +info-am: +info: info-am +dvi-am: +dvi: dvi-am +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) check-local +check: check-am +installcheck-am: +installcheck: installcheck-am +install-exec-am: install-libLTLIBRARIES + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-exec-hook +install-exec: install-exec-am + +install-data-am: install-includeHEADERS install-data-local +install-data: install-data-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am +install: install-am +uninstall-am: uninstall-libLTLIBRARIES uninstall-includeHEADERS +uninstall: uninstall-am +all-am: Makefile $(LTLIBRARIES) $(HEADERS) all-local +all-redirect: all-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install +installdirs: + $(mkinstalldirs) $(DESTDIR)$(libdir) $(DESTDIR)$(includedir) + + +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -rm -f Makefile $(CONFIG_CLEAN_FILES) + -rm -f config.cache config.log stamp-h stamp-h[0-9]* + +maintainer-clean-generic: +mostlyclean-am: mostlyclean-libLTLIBRARIES mostlyclean-compile \ + mostlyclean-libtool mostlyclean-tags \ + mostlyclean-generic + +mostlyclean: mostlyclean-am + +clean-am: clean-libLTLIBRARIES clean-compile clean-libtool clean-tags \ + clean-generic mostlyclean-am + +clean: clean-am + +distclean-am: distclean-libLTLIBRARIES distclean-compile \ + distclean-libtool distclean-tags distclean-generic \ + clean-am + -rm -f libtool + +distclean: distclean-am + +maintainer-clean-am: maintainer-clean-libLTLIBRARIES \ + maintainer-clean-compile maintainer-clean-libtool \ + maintainer-clean-tags maintainer-clean-generic \ + distclean-am + @echo "This command is intended for maintainers to use;" + @echo "it deletes files that may require special tools to rebuild." + +maintainer-clean: maintainer-clean-am + +.PHONY: mostlyclean-libLTLIBRARIES distclean-libLTLIBRARIES \ +clean-libLTLIBRARIES maintainer-clean-libLTLIBRARIES \ +uninstall-libLTLIBRARIES install-libLTLIBRARIES mostlyclean-compile \ +distclean-compile clean-compile maintainer-clean-compile \ +mostlyclean-libtool distclean-libtool clean-libtool \ +maintainer-clean-libtool uninstall-includeHEADERS \ +install-includeHEADERS tags mostlyclean-tags distclean-tags clean-tags \ +maintainer-clean-tags distdir info-am info dvi-am dvi check-local check \ +check-am installcheck-am installcheck install-exec-am install-exec \ +install-data-local install-data-am install-data install-am install \ +uninstall-am uninstall all-local all-redirect all-am all installdirs \ +mostlyclean-generic distclean-generic clean-generic \ +maintainer-clean-generic clean mostlyclean distclean maintainer-clean + + +install-suid-programs: + @foo='$(bin_SUIDS)'; \ + for file in $$foo; do \ + x=$(DESTDIR)$(bindir)/$$file; \ + if chown 0:0 $$x && chmod u+s $$x; then :; else \ + chmod 0 $$x; fi; done + +install-exec-hook: install-suid-programs + +install-build-headers:: $(include_HEADERS) $(build_HEADERZ) + @foo='$(include_HEADERS) $(build_HEADERZ)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " cp $$file $(buildinclude)/$$f"; \ + cp $$file $(buildinclude)/$$f; \ + fi ; \ + done + +all-local: install-build-headers +#NROFF_MAN = nroff -man +.1.cat1: + $(NROFF_MAN) $< > $@ +.3.cat3: + $(NROFF_MAN) $< > $@ +.5.cat5: + $(NROFF_MAN) $< > $@ +.8.cat8: + $(NROFF_MAN) $< > $@ + +dist-cat1-mans: + @foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat3-mans: + @foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat5-mans: + @foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat8-mans: + @foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans + +install-cat1-mans: + @ext=1;\ + foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat3-mans: + @ext=3;\ + foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat5-mans: + @ext=5;\ + foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat8-mans: + @ext=8;\ + foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans + +install-data-local: install-cat-mans + +.et.h: + $(COMPILE_ET) $< +.et.c: + $(COMPILE_ET) $< + +.x.c: + @cmp -s $< $@ 2> /dev/null || cp $< $@ + +check-local:: + @foo='$(CHECK_LOCAL)'; \ + if test "$$foo"; then \ + failed=0; all=0; \ + for i in $$foo; do \ + all=`expr $$all + 1`; \ + if ./$$i --version > /dev/null 2>&1; then \ + echo "PASS: $$i"; \ + else \ + echo "FAIL: $$i"; \ + failed=`expr $$failed + 1`; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0; \ + fi + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/crypto/heimdal/lib/gssapi/accept_sec_context.c b/crypto/heimdal/lib/gssapi/accept_sec_context.c new file mode 100644 index 0000000..4d9a2b0 --- /dev/null +++ b/crypto/heimdal/lib/gssapi/accept_sec_context.c @@ -0,0 +1,242 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +RCSID("$Id: accept_sec_context.c,v 1.15 1999/12/26 18:32:08 assar Exp $"); + +static krb5_keytab gss_keytab; + +OM_uint32 +gsskrb5_register_acceptor_identity (char *identity) +{ + char *p; + if(gss_keytab != NULL) { + krb5_kt_close(gssapi_krb5_context, gss_keytab); + gss_keytab = NULL; + } + asprintf(&p, "FILE:%s", identity); + if(p == NULL) + return GSS_S_FAILURE; + krb5_kt_resolve(gssapi_krb5_context, p, &gss_keytab); + free(p); + return GSS_S_COMPLETE; +} + +OM_uint32 gss_accept_sec_context + (OM_uint32 * minor_status, + gss_ctx_id_t * context_handle, + const gss_cred_id_t acceptor_cred_handle, + const gss_buffer_t input_token_buffer, + const gss_channel_bindings_t input_chan_bindings, + gss_name_t * src_name, + gss_OID * mech_type, + gss_buffer_t output_token, + OM_uint32 * ret_flags, + OM_uint32 * time_rec, + gss_cred_id_t * delegated_cred_handle + ) +{ + krb5_error_code kret; + OM_uint32 ret; + krb5_data indata; + krb5_flags ap_options; + OM_uint32 flags; + krb5_ticket *ticket = NULL; + krb5_keytab keytab = NULL; + + gssapi_krb5_init (); + + output_token->length = 0; + output_token->value = NULL; + + if (*context_handle == GSS_C_NO_CONTEXT) { + *context_handle = malloc(sizeof(**context_handle)); + if (*context_handle == GSS_C_NO_CONTEXT) { + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + } + + (*context_handle)->auth_context = NULL; + (*context_handle)->source = NULL; + (*context_handle)->target = NULL; + (*context_handle)->flags = 0; + (*context_handle)->more_flags = 0; + (*context_handle)->ticket = NULL; + + kret = krb5_auth_con_init (gssapi_krb5_context, + &(*context_handle)->auth_context); + if (kret) { + ret = GSS_S_FAILURE; + goto failure; + } + + { + int32_t tmp; + + krb5_auth_con_getflags(gssapi_krb5_context, + (*context_handle)->auth_context, + &tmp); + tmp |= KRB5_AUTH_CONTEXT_DO_SEQUENCE; + krb5_auth_con_setflags(gssapi_krb5_context, + (*context_handle)->auth_context, + tmp); + } + + ret = gssapi_krb5_decapsulate (input_token_buffer, + &indata, + "\x01\x00"); + if (ret) { + kret = 0; + goto failure; + } + + if (acceptor_cred_handle == GSS_C_NO_CREDENTIAL) { + if (gss_keytab != NULL) { + keytab = gss_keytab; + } + } else if (acceptor_cred_handle->keytab != NULL) { + keytab = acceptor_cred_handle->keytab; + } + + kret = krb5_rd_req (gssapi_krb5_context, + &(*context_handle)->auth_context, + &indata, + (acceptor_cred_handle == GSS_C_NO_CREDENTIAL) ? NULL + : acceptor_cred_handle->principal, + keytab, + &ap_options, + &ticket); + if (kret) { + ret = GSS_S_FAILURE; + goto failure; + } + + kret = krb5_copy_principal (gssapi_krb5_context, + ticket->client, + &(*context_handle)->source); + if (kret) { + ret = GSS_S_FAILURE; + goto failure; + } + + if (src_name) { + kret = krb5_copy_principal (gssapi_krb5_context, + ticket->client, + src_name); + if (kret) { + ret = GSS_S_FAILURE; + goto failure; + } + } + + { + krb5_authenticator authenticator; + + kret = krb5_auth_getauthenticator(gssapi_krb5_context, + (*context_handle)->auth_context, + &authenticator); + if(kret) { + ret = GSS_S_FAILURE; + goto failure; + } + + kret = gssapi_krb5_verify_8003_checksum(input_chan_bindings, + authenticator->cksum, + &flags); + krb5_free_authenticator(gssapi_krb5_context, &authenticator); + if (kret) { + ret = GSS_S_FAILURE; + goto failure; + } + } + + if (ret_flags) + *ret_flags = flags; + (*context_handle)->flags = flags; + (*context_handle)->more_flags |= OPEN; + + if (mech_type) + *mech_type = GSS_KRB5_MECHANISM; + + if (time_rec) + *time_rec = GSS_C_INDEFINITE; + + if(flags & GSS_C_MUTUAL_FLAG) { + krb5_data outbuf; + + kret = krb5_mk_rep (gssapi_krb5_context, + &(*context_handle)->auth_context, + &outbuf); + if (kret) { + krb5_data_free (&outbuf); + ret = GSS_S_FAILURE; + goto failure; + } + ret = gssapi_krb5_encapsulate (&outbuf, + output_token, + "\x02\x00"); + if (ret) { + kret = 0; + goto failure; + } + } else { + output_token->length = 0; + } + + (*context_handle)->ticket = ticket; + ticket = NULL; + +#if 0 + krb5_free_ticket (context, ticket); +#endif + + return GSS_S_COMPLETE; + +failure: + if (ticket != NULL) + krb5_free_ticket (gssapi_krb5_context, ticket); + krb5_auth_con_free (gssapi_krb5_context, + (*context_handle)->auth_context); + if((*context_handle)->source) + krb5_free_principal (gssapi_krb5_context, + (*context_handle)->source); + if((*context_handle)->target) + krb5_free_principal (gssapi_krb5_context, + (*context_handle)->target); + free (*context_handle); + *context_handle = GSS_C_NO_CONTEXT; + *minor_status = kret; + return GSS_S_FAILURE; +} diff --git a/crypto/heimdal/lib/gssapi/acquire_cred.c b/crypto/heimdal/lib/gssapi/acquire_cred.c new file mode 100644 index 0000000..821bbc3 --- /dev/null +++ b/crypto/heimdal/lib/gssapi/acquire_cred.c @@ -0,0 +1,87 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +RCSID("$Id: acquire_cred.c,v 1.3 1999/12/02 17:05:03 joda Exp $"); + +OM_uint32 gss_acquire_cred + (OM_uint32 * minor_status, + const gss_name_t desired_name, + OM_uint32 time_req, + const gss_OID_set desired_mechs, + gss_cred_usage_t cred_usage, + gss_cred_id_t * output_cred_handle, + gss_OID_set * actual_mechs, + OM_uint32 * time_rec + ) +{ + gss_cred_id_t handle; + OM_uint32 ret; + + handle = (gss_cred_id_t)malloc(sizeof(*handle)); + if (handle == GSS_C_NO_CREDENTIAL) { + return GSS_S_FAILURE; + } + + ret = gss_duplicate_name(minor_status, desired_name, &handle->principal); + if (ret) { + return ret; + } + + /* XXX */ + handle->lifetime = time_req; + + handle->keytab = NULL; + handle->usage = cred_usage; + + ret = gss_create_empty_oid_set(minor_status, &handle->mechanisms); + if (ret) { + return ret; + } + ret = gss_add_oid_set_member(minor_status, GSS_KRB5_MECHANISM, + &handle->mechanisms); + if (ret) { + return ret; + } + + ret = gss_inquire_cred(minor_status, handle, NULL, time_rec, NULL, + actual_mechs); + if (ret) { + return ret; + } + + *output_cred_handle = handle; + + return GSS_S_COMPLETE; +} diff --git a/crypto/heimdal/lib/gssapi/add_oid_set_member.c b/crypto/heimdal/lib/gssapi/add_oid_set_member.c new file mode 100644 index 0000000..996c5cf --- /dev/null +++ b/crypto/heimdal/lib/gssapi/add_oid_set_member.c @@ -0,0 +1,54 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +RCSID("$Id: add_oid_set_member.c,v 1.3 1999/12/02 17:05:03 joda Exp $"); + +OM_uint32 gss_add_oid_set_member ( + OM_uint32 * minor_status, + const gss_OID member_oid, + gss_OID_set * oid_set + ) +{ + size_t n = (*oid_set)->count; + + (*oid_set)->elements = realloc ((*oid_set)->elements, + n * sizeof(gss_OID_desc)); + if ((*oid_set)->elements == NULL) { + return GSS_S_FAILURE; + } + (*oid_set)->count = n; + (*oid_set)->elements[n-1] = *member_oid; + return GSS_S_COMPLETE; +} diff --git a/crypto/heimdal/lib/gssapi/canonicalize_name.c b/crypto/heimdal/lib/gssapi/canonicalize_name.c new file mode 100644 index 0000000..afa39f3 --- /dev/null +++ b/crypto/heimdal/lib/gssapi/canonicalize_name.c @@ -0,0 +1,46 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +RCSID("$Id: canonicalize_name.c,v 1.2 1999/12/02 17:05:03 joda Exp $"); + +OM_uint32 gss_canonicalize_name ( + OM_uint32 * minor_status, + const gss_name_t input_name, + const gss_OID mech_type, + gss_name_t * output_name + ) +{ + return gss_duplicate_name (minor_status, input_name, output_name); +} diff --git a/crypto/heimdal/lib/gssapi/compare_name.c b/crypto/heimdal/lib/gssapi/compare_name.c new file mode 100644 index 0000000..5926b15 --- /dev/null +++ b/crypto/heimdal/lib/gssapi/compare_name.c @@ -0,0 +1,49 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +RCSID("$Id: compare_name.c,v 1.2 1999/12/02 17:05:03 joda Exp $"); + +OM_uint32 gss_compare_name + (OM_uint32 * minor_status, + const gss_name_t name1, + const gss_name_t name2, + int * name_equal + ) +{ + gssapi_krb5_init (); + *name_equal = krb5_principal_compare (gssapi_krb5_context, + name1, name2); + return GSS_S_COMPLETE; +} diff --git a/crypto/heimdal/lib/gssapi/context_time.c b/crypto/heimdal/lib/gssapi/context_time.c new file mode 100644 index 0000000..2a04ce8 --- /dev/null +++ b/crypto/heimdal/lib/gssapi/context_time.c @@ -0,0 +1,64 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +RCSID("$Id: context_time.c,v 1.2 1999/12/02 17:05:03 joda Exp $"); + +OM_uint32 gss_context_time + (OM_uint32 * minor_status, + const gss_ctx_id_t context_handle, + OM_uint32 * time_rec + ) +{ + OM_uint32 lifetime; + OM_uint32 ret; + krb5_error_code kret; + int32_t timeret; + + gssapi_krb5_init(); + + ret = gss_inquire_context(minor_status, context_handle, + NULL, NULL, &lifetime, NULL, NULL, NULL, NULL); + if (ret) { + return ret; + } + + kret = krb5_timeofday(gssapi_krb5_context, &timeret); + if (kret) { + return GSS_S_FAILURE; + } + + *time_rec = lifetime - timeret; + return GSS_S_COMPLETE; +} diff --git a/crypto/heimdal/lib/gssapi/create_emtpy_oid_set.c b/crypto/heimdal/lib/gssapi/create_emtpy_oid_set.c new file mode 100644 index 0000000..acec30e --- /dev/null +++ b/crypto/heimdal/lib/gssapi/create_emtpy_oid_set.c @@ -0,0 +1,50 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +RCSID("$Id: create_emtpy_oid_set.c,v 1.3 1999/12/02 17:05:03 joda Exp $"); + +OM_uint32 gss_create_empty_oid_set ( + OM_uint32 * minor_status, + gss_OID_set * oid_set + ) +{ + *oid_set = malloc(sizeof(**oid_set)); + if (*oid_set == NULL) { + return GSS_S_FAILURE; + } + (*oid_set)->count = 0; + (*oid_set)->elements = NULL; + return GSS_S_COMPLETE; +} diff --git a/crypto/heimdal/lib/gssapi/decapsulate.c b/crypto/heimdal/lib/gssapi/decapsulate.c new file mode 100644 index 0000000..e3603c7 --- /dev/null +++ b/crypto/heimdal/lib/gssapi/decapsulate.c @@ -0,0 +1,100 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +RCSID("$Id: decapsulate.c,v 1.5 1999/12/02 17:05:03 joda Exp $"); + +OM_uint32 +gssapi_krb5_verify_header(u_char **str, + size_t total_len, + char *type) +{ + size_t len, len_len, mech_len, foo; + int e; + u_char *p = *str; + + if (*p++ != 0x60) + return GSS_S_DEFECTIVE_TOKEN; + e = der_get_length (p, total_len - 1, &len, &len_len); + if (e || 1 + len_len + len != total_len) + abort (); + p += len_len; + if (*p++ != 0x06) + return GSS_S_DEFECTIVE_TOKEN; + e = der_get_length (p, total_len - 1 - len_len - 1, + &mech_len, &foo); + if (e) + abort (); + p += foo; + if (mech_len != GSS_KRB5_MECHANISM->length) + return GSS_S_BAD_MECH; + if (memcmp(p, + GSS_KRB5_MECHANISM->elements, + GSS_KRB5_MECHANISM->length) != 0) + return GSS_S_BAD_MECH; + p += mech_len; + if (memcmp (p, type, 2) != 0) + return GSS_S_DEFECTIVE_TOKEN; + p += 2; + *str = p; + return GSS_S_COMPLETE; +} + +/* + * Remove the GSS-API wrapping from `in_token' giving `out_data. + * Does not copy data, so just free `in_token'. + */ + +OM_uint32 +gssapi_krb5_decapsulate( + gss_buffer_t input_token_buffer, + krb5_data *out_data, + char *type +) +{ + u_char *p; + OM_uint32 ret; + + p = input_token_buffer->value; + ret = gssapi_krb5_verify_header(&p, + input_token_buffer->length, + type); + if (ret) + return ret; + + out_data->length = input_token_buffer->length - + (p - (u_char *)input_token_buffer->value); + out_data->data = p; + return GSS_S_COMPLETE; +} diff --git a/crypto/heimdal/lib/gssapi/delete_sec_context.c b/crypto/heimdal/lib/gssapi/delete_sec_context.c new file mode 100644 index 0000000..514206c --- /dev/null +++ b/crypto/heimdal/lib/gssapi/delete_sec_context.c @@ -0,0 +1,64 @@ +/* + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +RCSID("$Id: delete_sec_context.c,v 1.5 1999/12/26 18:31:06 assar Exp $"); + +OM_uint32 gss_delete_sec_context + (OM_uint32 * minor_status, + gss_ctx_id_t * context_handle, + gss_buffer_t output_token + ) +{ + gssapi_krb5_init (); + + output_token->length = 0; + output_token->value = NULL; + + krb5_auth_con_free (gssapi_krb5_context, + (*context_handle)->auth_context); + if((*context_handle)->source) + krb5_free_principal (gssapi_krb5_context, + (*context_handle)->source); + if((*context_handle)->target) + krb5_free_principal (gssapi_krb5_context, + (*context_handle)->target); + if ((*context_handle)->ticket) + krb5_free_ticket (gssapi_krb5_context, + (*context_handle)->ticket); + free (*context_handle); + if (output_token) + output_token->length = 0; + return GSS_S_COMPLETE; +} diff --git a/crypto/heimdal/lib/gssapi/display_name.c b/crypto/heimdal/lib/gssapi/display_name.c new file mode 100644 index 0000000..4efed14 --- /dev/null +++ b/crypto/heimdal/lib/gssapi/display_name.c @@ -0,0 +1,68 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +RCSID("$Id: display_name.c,v 1.5 1999/12/02 17:05:03 joda Exp $"); + +OM_uint32 gss_display_name + (OM_uint32 * minor_status, + const gss_name_t input_name, + gss_buffer_t output_name_buffer, + gss_OID * output_name_type + ) +{ + krb5_error_code kret; + char *buf; + size_t len; + + gssapi_krb5_init (); + kret = krb5_unparse_name (gssapi_krb5_context, + input_name, + &buf); + if (kret) + return GSS_S_FAILURE; + len = strlen (buf); + output_name_buffer->length = len; + output_name_buffer->value = malloc(len + 1); + if (output_name_buffer->value == NULL) { + free (buf); + return GSS_S_FAILURE; + } + memcpy (output_name_buffer->value, buf, len); + ((char *)output_name_buffer->value)[len] = '\0'; + free (buf); + if (output_name_type) + *output_name_type = GSS_KRB5_NT_PRINCIPAL_NAME; + return GSS_S_COMPLETE; +} diff --git a/crypto/heimdal/lib/gssapi/display_status.c b/crypto/heimdal/lib/gssapi/display_status.c new file mode 100644 index 0000000..f08c47e --- /dev/null +++ b/crypto/heimdal/lib/gssapi/display_status.c @@ -0,0 +1,135 @@ +/* + * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +RCSID("$Id: display_status.c,v 1.5 1999/12/02 17:05:03 joda Exp $"); + +static char * +calling_error(OM_uint32 v) +{ + static char *msgs[] = { + NULL, /* 0 */ + "A required input parameter could not be read.", /* */ + "A required output parameter could not be written.", /* */ + "A parameter was malformed" + }; + + v >>= GSS_C_CALLING_ERROR_OFFSET; + + if (v == 0) + return ""; + else if (v >= sizeof(msgs)/sizeof(*msgs)) + return "unknown calling error"; + else + return msgs[v]; +} + +static char * +routine_error(OM_uint32 v) +{ + static char *msgs[] = { + NULL, /* 0 */ + "An unsupported mechanism was requested", + "An invalid name was supplied", + "A supplied name was of an unsupported type", + "Incorrect channel bindings were supplied", + "An invalid status code was supplied", + "A token had an invalid MIC", + "No credentials were supplied, " + "or the credentials were unavailable or inaccessible.", + "No context has been established", + "A token was invalid", + "A credential was invalid", + "The referenced credentials have expired", + "The context has expired", + "Miscellaneous failure (see text)", + "The quality-of-protection requested could not be provide", + "The operation is forbidden by local security policy", + "The operation or option is not available", + "The requested credential element already exists", + "The provided name was not a mechanism name.", + }; + + v >>= GSS_C_ROUTINE_ERROR_OFFSET; + + if (v == 0) + return ""; + else if (v >= sizeof(msgs)/sizeof(*msgs)) + return "unknown routine error"; + else + return msgs[v]; +} + +OM_uint32 gss_display_status + (OM_uint32 *minor_status, + OM_uint32 status_value, + int status_type, + const gss_OID mech_type, + OM_uint32 *message_context, + gss_buffer_t status_string) +{ + char *buf; + + gssapi_krb5_init (); + + *minor_status = 0; + + if (mech_type != GSS_C_NO_OID && + mech_type != GSS_KRB5_MECHANISM) + return GSS_S_BAD_MECH; + + if (status_type == GSS_C_GSS_CODE) { + asprintf (&buf, "%s %s", + calling_error(GSS_CALLING_ERROR(status_value)), + routine_error(GSS_ROUTINE_ERROR(status_value))); + if (buf == NULL) { + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + } else if (status_type == GSS_C_MECH_CODE) { + buf = strdup(krb5_get_err_text (gssapi_krb5_context, status_value)); + if (buf == NULL) { + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + } else + return GSS_S_BAD_STATUS; + + *message_context = 0; + + status_string->length = strlen(buf); + status_string->value = buf; + + return GSS_S_COMPLETE; +} diff --git a/crypto/heimdal/lib/gssapi/duplicate_name.c b/crypto/heimdal/lib/gssapi/duplicate_name.c new file mode 100644 index 0000000..a3118d3 --- /dev/null +++ b/crypto/heimdal/lib/gssapi/duplicate_name.c @@ -0,0 +1,55 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +RCSID("$Id: duplicate_name.c,v 1.3 1999/12/02 17:05:03 joda Exp $"); + +OM_uint32 gss_duplicate_name ( + OM_uint32 * minor_status, + const gss_name_t src_name, + gss_name_t * dest_name + ) +{ + krb5_error_code kret; + + gssapi_krb5_init (); + + kret = krb5_copy_principal (gssapi_krb5_context, + src_name, + dest_name); + if (kret) + return GSS_S_FAILURE; + else + return GSS_S_COMPLETE; +} diff --git a/crypto/heimdal/lib/gssapi/encapsulate.c b/crypto/heimdal/lib/gssapi/encapsulate.c new file mode 100644 index 0000000..1b8636bc --- /dev/null +++ b/crypto/heimdal/lib/gssapi/encapsulate.c @@ -0,0 +1,100 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +RCSID("$Id: encapsulate.c,v 1.4 1999/12/02 17:05:03 joda Exp $"); + +void +gssapi_krb5_encap_length (size_t data_len, + size_t *len, + size_t *total_len) +{ + size_t len_len; + + *len = 1 + 1 + GSS_KRB5_MECHANISM->length + 2 + data_len; + + len_len = length_len(*len); + + *total_len = 1 + len_len + *len; +} + +u_char * +gssapi_krb5_make_header (u_char *p, + size_t len, + u_char *type) +{ + int e; + size_t len_len, foo; + + *p++ = 0x60; + len_len = length_len(len); + e = der_put_length (p + len_len - 1, len_len, len, &foo); + if(e || foo != len_len) + abort (); + p += len_len; + *p++ = 0x06; + *p++ = GSS_KRB5_MECHANISM->length; + memcpy (p, GSS_KRB5_MECHANISM->elements, GSS_KRB5_MECHANISM->length); + p += GSS_KRB5_MECHANISM->length; + memcpy (p, type, 2); + p += 2; + return p; +} + +/* + * Give it a krb5_data and it will encapsulate with extra GSS-API wrappings. + */ + +OM_uint32 +gssapi_krb5_encapsulate( + krb5_data *in_data, + gss_buffer_t output_token, + u_char *type +) +{ + size_t len, outer_len; + u_char *p; + + gssapi_krb5_encap_length (in_data->length, &len, &outer_len); + + output_token->length = outer_len; + output_token->value = malloc (outer_len); + if (output_token->value == NULL) + return GSS_S_FAILURE; + + p = gssapi_krb5_make_header (output_token->value, len, type); + memcpy (p, in_data->data, in_data->length); + krb5_data_free (in_data); + return GSS_S_COMPLETE; +} diff --git a/crypto/heimdal/lib/gssapi/export_name.c b/crypto/heimdal/lib/gssapi/export_name.c new file mode 100644 index 0000000..efbd9c4 --- /dev/null +++ b/crypto/heimdal/lib/gssapi/export_name.c @@ -0,0 +1,48 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +RCSID("$Id: export_name.c,v 1.4 1999/12/02 17:05:03 joda Exp $"); + +OM_uint32 gss_export_name + (OM_uint32 * minor_status, + const gss_name_t input_name, + gss_buffer_t exported_name + ) +{ + return gss_display_name(minor_status, + input_name, + exported_name, + NULL); +} diff --git a/crypto/heimdal/lib/gssapi/external.c b/crypto/heimdal/lib/gssapi/external.c new file mode 100644 index 0000000..19e8306 --- /dev/null +++ b/crypto/heimdal/lib/gssapi/external.c @@ -0,0 +1,212 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +RCSID("$Id: external.c,v 1.4 1999/12/02 17:05:03 joda Exp $"); + +/* + * The implementation must reserve static storage for a + * gss_OID_desc object containing the value + * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" + * "\x01\x02\x01\x01"}, + * corresponding to an object-identifier value of + * {iso(1) member-body(2) United States(840) mit(113554) + * infosys(1) gssapi(2) generic(1) user_name(1)}. The constant + * GSS_C_NT_USER_NAME should be initialized to point + * to that gss_OID_desc. + */ + +static gss_OID_desc gss_c_nt_user_name_oid_desc = +{10, (void *)"\x2a\x86\x48\x86\xf7\x12" + "\x01\x02\x01\x01"}; + +gss_OID GSS_C_NT_USER_NAME = &gss_c_nt_user_name_oid_desc; + +/* + * The implementation must reserve static storage for a + * gss_OID_desc object containing the value + * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" + * "\x01\x02\x01\x02"}, + * corresponding to an object-identifier value of + * {iso(1) member-body(2) United States(840) mit(113554) + * infosys(1) gssapi(2) generic(1) machine_uid_name(2)}. + * The constant GSS_C_NT_MACHINE_UID_NAME should be + * initialized to point to that gss_OID_desc. + */ + +static gss_OID_desc gss_c_nt_machine_uid_name_oid_desc = +{10, (void *)"\x2a\x86\x48\x86\xf7\x12" + "\x01\x02\x01\x02"}; + +gss_OID GSS_C_NT_MACHINE_UID_NAME = &gss_c_nt_machine_uid_name_oid_desc; + +/* + * The implementation must reserve static storage for a + * gss_OID_desc object containing the value + * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" + * "\x01\x02\x01\x03"}, + * corresponding to an object-identifier value of + * {iso(1) member-body(2) United States(840) mit(113554) + * infosys(1) gssapi(2) generic(1) string_uid_name(3)}. + * The constant GSS_C_NT_STRING_UID_NAME should be + * initialized to point to that gss_OID_desc. + */ + +static gss_OID_desc gss_c_nt_string_uid_name_oid_desc = +{10, (void *)"\x2a\x86\x48\x86\xf7\x12" + "\x01\x02\x01\x03"}; + +gss_OID GSS_C_NT_STRING_UID_NAME = &gss_c_nt_string_uid_name_oid_desc; + +/* + * The implementation must reserve static storage for a + * gss_OID_desc object containing the value + * {6, (void *)"\x2b\x06\x01\x05\x06\x02"}, + * corresponding to an object-identifier value of + * {1(iso), 3(org), 6(dod), 1(internet), 5(security), + * 6(nametypes), 2(gss-host-based-services)}. The constant + * GSS_C_NT_HOSTBASED_SERVICE should be initialized to point + * to that gss_OID_desc. + */ + +static gss_OID_desc gss_c_nt_hostbased_service_oid_desc = +{6, (void *)"\x2b\x06\x01\x05\x06\x02"}; + +gss_OID GSS_C_NT_HOSTBASED_SERVICE = &gss_c_nt_hostbased_service_oid_desc; + +/* + * The implementation must reserve static storage for a + * gss_OID_desc object containing the value + * {6, (void *)"\x2b\x06\01\x05\x06\x03"}, + * corresponding to an object identifier value of + * {1(iso), 3(org), 6(dod), 1(internet), 5(security), + * 6(nametypes), 3(gss-anonymous-name)}. The constant + * and GSS_C_NT_ANONYMOUS should be initialized to point + * to that gss_OID_desc. + */ + +static gss_OID_desc gss_c_nt_anonymous_oid_desc = +{6, (void *)"\x2b\x06\01\x05\x06\x03"}; + +gss_OID GSS_C_NT_ANONYMOUS = &gss_c_nt_anonymous_oid_desc; + +/* + * The implementation must reserve static storage for a + * gss_OID_desc object containing the value + * {6, (void *)"\x2b\x06\x01\x05\x06\x04"}, + * corresponding to an object-identifier value of + * {1(iso), 3(org), 6(dod), 1(internet), 5(security), + * 6(nametypes), 4(gss-api-exported-name)}. The constant + * GSS_C_NT_EXPORT_NAME should be initialized to point + * to that gss_OID_desc. + */ + +static gss_OID_desc gss_c_nt_export_name_oid_desc = +{6, (void *)"\x2b\x06\x01\x05\x06\x04"}; + +gss_OID GSS_C_NT_EXPORT_NAME = &gss_c_nt_export_name_oid_desc; + +/* + * This name form shall be represented by the Object Identifier {iso(1) + * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) + * krb5(2) krb5_name(1)}. The recommended symbolic name for this type + * is "GSS_KRB5_NT_PRINCIPAL_NAME". + */ + +static gss_OID_desc gss_krb5_nt_principal_name_oid_desc = +{10, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x02\x01"}; + +gss_OID GSS_KRB5_NT_PRINCIPAL_NAME = &gss_krb5_nt_principal_name_oid_desc; + +/* + * This name form shall be represented by the Object Identifier {iso(1) + * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) + * generic(1) user_name(1)}. The recommended symbolic name for this + * type is "GSS_KRB5_NT_USER_NAME". + */ + +gss_OID GSS_KRB5_NT_USER_NAME = &gss_c_nt_user_name_oid_desc; + +/* + * This name form shall be represented by the Object Identifier {iso(1) + * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) + * generic(1) machine_uid_name(2)}. The recommended symbolic name for + * this type is "GSS_KRB5_NT_MACHINE_UID_NAME". + */ + +gss_OID GSS_KRB5_NT_MACHINE_UID_NAME = &gss_c_nt_machine_uid_name_oid_desc; + +/* + * This name form shall be represented by the Object Identifier {iso(1) + * member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) + * generic(1) string_uid_name(3)}. The recommended symbolic name for + * this type is "GSS_KRB5_NT_STRING_UID_NAME". + */ + +gss_OID GSS_KRB5_NT_STRING_UID_NAME = &gss_c_nt_string_uid_name_oid_desc; + +/* + * To support ongoing experimentation, testing, and evolution of the + * specification, the Kerberos V5 GSS-API mechanism as defined in this + * and any successor memos will be identified with the following Object + * Identifier, as defined in RFC-1510, until the specification is + * advanced to the level of Proposed Standard RFC: + * + * {iso(1), org(3), dod(5), internet(1), security(5), kerberosv5(2)} + * + * Upon advancement to the level of Proposed Standard RFC, the Kerberos + * V5 GSS-API mechanism will be identified by an Object Identifier + * having the value: + * + * {iso(1) member-body(2) United States(840) mit(113554) infosys(1) + * gssapi(2) krb5(2)} + */ + +#if 0 /* This is the old OID */ + +static gss_OID_desc gss_krb5_mechanism_oid_desc = +{5, (void *)"\x2b\x05\x01\x05\x02"}; + +#endif + +static gss_OID_desc gss_krb5_mechanism_oid_desc = +{9, (void *)"\x2a\x86\x48\x86\xf7\x12\x01\x02\x02"}; + +gss_OID GSS_KRB5_MECHANISM = &gss_krb5_mechanism_oid_desc; + +/* + * Context for krb5 calls. + */ + +krb5_context gssapi_krb5_context; diff --git a/crypto/heimdal/lib/gssapi/get_mic.c b/crypto/heimdal/lib/gssapi/get_mic.c new file mode 100644 index 0000000..2b779c7 --- /dev/null +++ b/crypto/heimdal/lib/gssapi/get_mic.c @@ -0,0 +1,115 @@ +/* + * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +RCSID("$Id: get_mic.c,v 1.9 1999/12/02 17:05:03 joda Exp $"); + +OM_uint32 gss_get_mic + (OM_uint32 * minor_status, + const gss_ctx_id_t context_handle, + gss_qop_t qop_req, + const gss_buffer_t message_buffer, + gss_buffer_t message_token + ) +{ + u_char *p; + struct md5 md5; + u_char hash[16]; + des_key_schedule schedule; + des_cblock key; + des_cblock zero; + int32_t seq_number; + size_t len, total_len; + + gssapi_krb5_encap_length (22, &len, &total_len); + + message_token->length = total_len; + message_token->value = malloc (total_len); + if (message_token->value == NULL) + return GSS_S_FAILURE; + + p = gssapi_krb5_make_header(message_token->value, + len, + "\x01\x01"); + + memcpy (p, "\x00\x00", 2); + p += 2; + memcpy (p, "\xff\xff\xff\xff", 4); + p += 4; + + /* Fill in later */ + memset (p, 0, 16); + p += 16; + + /* checksum */ + md5_init (&md5); + md5_update (&md5, p - 24, 8); + md5_update (&md5, message_buffer->value, + message_buffer->length); + md5_finito (&md5, hash); + + memset (&zero, 0, sizeof(zero)); + gss_krb5_getsomekey(context_handle, &key); + des_set_key (&key, schedule); + des_cbc_cksum ((des_cblock *)hash, + (des_cblock *)hash, sizeof(hash), schedule, &zero); + memcpy (p - 8, hash, 8); + + /* sequence number */ + krb5_auth_getlocalseqnumber (gssapi_krb5_context, + context_handle->auth_context, + &seq_number); + + p -= 16; + p[0] = (seq_number >> 0) & 0xFF; + p[1] = (seq_number >> 8) & 0xFF; + p[2] = (seq_number >> 16) & 0xFF; + p[3] = (seq_number >> 24) & 0xFF; + memset (p + 4, + (context_handle->more_flags & LOCAL) ? 0 : 0xFF, + 4); + + des_set_key (&key, schedule); + des_cbc_encrypt ((des_cblock *)p, (des_cblock *)p, 8, + schedule, (des_cblock *)(p + 8), DES_ENCRYPT); + + krb5_auth_setlocalseqnumber (gssapi_krb5_context, + context_handle->auth_context, + ++seq_number); + + memset (key, 0, sizeof(key)); + memset (schedule, 0, sizeof(schedule)); + + return GSS_S_COMPLETE; +} diff --git a/crypto/heimdal/lib/gssapi/gssapi.h b/crypto/heimdal/lib/gssapi/gssapi.h new file mode 100644 index 0000000..4c1b606 --- /dev/null +++ b/crypto/heimdal/lib/gssapi/gssapi.h @@ -0,0 +1,742 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: gssapi.h,v 1.14 1999/12/02 17:05:03 joda Exp $ */ + +#ifndef GSSAPI_H_ +#define GSSAPI_H_ + +/* + * First, include stddef.h to get size_t defined. + */ +#include <stddef.h> + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + +#include <sys/types.h> + +#include <krb5-types.h> + +/* + * Now define the three implementation-dependent types. + */ + +typedef u_int32_t OM_uint32; + +/* + * This is to avoid having to include <krb5.h> + */ + +struct krb5_auth_context_data; + +struct Principal; + +/* typedef void *gss_name_t; */ + +typedef struct Principal *gss_name_t; + +typedef struct gss_ctx_id_t_desc_struct { + struct krb5_auth_context_data *auth_context; + gss_name_t source, target; + OM_uint32 flags; + enum { LOCAL = 1, OPEN = 2} more_flags; + struct krb5_ticket *ticket; +} gss_ctx_id_t_desc; + +typedef gss_ctx_id_t_desc *gss_ctx_id_t; + +typedef struct gss_OID_desc_struct { + OM_uint32 length; + void *elements; +} gss_OID_desc, *gss_OID; + +typedef struct gss_OID_set_desc_struct { + size_t count; + gss_OID elements; +} gss_OID_set_desc, *gss_OID_set; + +struct krb5_keytab_data; + +typedef int gss_cred_usage_t; + +typedef struct gss_cred_id_t_desc_struct { + gss_name_t principal; + struct krb5_keytab_data *keytab; + OM_uint32 lifetime; + gss_cred_usage_t usage; + gss_OID_set mechanisms; +} gss_cred_id_t_desc; + +typedef gss_cred_id_t_desc *gss_cred_id_t; + +typedef struct gss_buffer_desc_struct { + size_t length; + void *value; +} gss_buffer_desc, *gss_buffer_t; + +typedef struct gss_channel_bindings_struct { + OM_uint32 initiator_addrtype; + gss_buffer_desc initiator_address; + OM_uint32 acceptor_addrtype; + gss_buffer_desc acceptor_address; + gss_buffer_desc application_data; +} *gss_channel_bindings_t; + +/* + * For now, define a QOP-type as an OM_uint32 + */ +typedef OM_uint32 gss_qop_t; + +/* + * Flag bits for context-level services. + */ +#define GSS_C_DELEG_FLAG 1 +#define GSS_C_MUTUAL_FLAG 2 +#define GSS_C_REPLAY_FLAG 4 +#define GSS_C_SEQUENCE_FLAG 8 +#define GSS_C_CONF_FLAG 16 +#define GSS_C_INTEG_FLAG 32 +#define GSS_C_ANON_FLAG 64 +#define GSS_C_PROT_READY_FLAG 128 +#define GSS_C_TRANS_FLAG 256 + +/* + * Credential usage options + */ +#define GSS_C_BOTH 0 +#define GSS_C_INITIATE 1 +#define GSS_C_ACCEPT 2 + +/* + * Status code types for gss_display_status + */ +#define GSS_C_GSS_CODE 1 +#define GSS_C_MECH_CODE 2 + +/* + * The constant definitions for channel-bindings address families + */ +#define GSS_C_AF_UNSPEC 0 +#define GSS_C_AF_LOCAL 1 +#define GSS_C_AF_INET 2 +#define GSS_C_AF_IMPLINK 3 +#define GSS_C_AF_PUP 4 +#define GSS_C_AF_CHAOS 5 +#define GSS_C_AF_NS 6 +#define GSS_C_AF_NBS 7 +#define GSS_C_AF_ECMA 8 +#define GSS_C_AF_DATAKIT 9 +#define GSS_C_AF_CCITT 10 +#define GSS_C_AF_SNA 11 +#define GSS_C_AF_DECnet 12 +#define GSS_C_AF_DLI 13 +#define GSS_C_AF_LAT 14 +#define GSS_C_AF_HYLINK 15 +#define GSS_C_AF_APPLETALK 16 +#define GSS_C_AF_BSC 17 +#define GSS_C_AF_DSS 18 +#define GSS_C_AF_OSI 19 +#define GSS_C_AF_X25 21 +#define GSS_C_AF_INET6 24 + +#define GSS_C_AF_NULLADDR 255 + +/* + * Various Null values + */ +#define GSS_C_NO_NAME ((gss_name_t) 0) +#define GSS_C_NO_BUFFER ((gss_buffer_t) 0) +#define GSS_C_NO_OID ((gss_OID) 0) +#define GSS_C_NO_OID_SET ((gss_OID_set) 0) +#define GSS_C_NO_CONTEXT ((gss_ctx_id_t) 0) +#define GSS_C_NO_CREDENTIAL ((gss_cred_id_t) 0) +#define GSS_C_NO_CHANNEL_BINDINGS ((gss_channel_bindings_t) 0) +#define GSS_C_EMPTY_BUFFER {0, NULL} + +/* + * Some alternate names for a couple of the above + * values. These are defined for V1 compatibility. + */ +#define GSS_C_NULL_OID GSS_C_NO_OID +#define GSS_C_NULL_OID_SET GSS_C_NO_OID_SET + +/* + * Define the default Quality of Protection for per-message + * services. Note that an implementation that offers multiple + * levels of QOP may define GSS_C_QOP_DEFAULT to be either zero + * (as done here) to mean "default protection", or to a specific + * explicit QOP value. However, a value of 0 should always be + * interpreted by a GSSAPI implementation as a request for the + * default protection level. + */ +#define GSS_C_QOP_DEFAULT 0 + +/* + * Expiration time of 2^32-1 seconds means infinite lifetime for a + * credential or security context + */ +#define GSS_C_INDEFINITE 0xfffffffful + +/* + * The implementation must reserve static storage for a + * gss_OID_desc object containing the value + * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" + * "\x01\x02\x01\x01"}, + * corresponding to an object-identifier value of + * {iso(1) member-body(2) United States(840) mit(113554) + * infosys(1) gssapi(2) generic(1) user_name(1)}. The constant + * GSS_C_NT_USER_NAME should be initialized to point + * to that gss_OID_desc. + */ +extern gss_OID GSS_C_NT_USER_NAME; + +/* + * The implementation must reserve static storage for a + * gss_OID_desc object containing the value + * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" + * "\x01\x02\x01\x02"}, + * corresponding to an object-identifier value of + * {iso(1) member-body(2) United States(840) mit(113554) + * infosys(1) gssapi(2) generic(1) machine_uid_name(2)}. + * The constant GSS_C_NT_MACHINE_UID_NAME should be + * initialized to point to that gss_OID_desc. + */ +extern gss_OID GSS_C_NT_MACHINE_UID_NAME; + +/* + * The implementation must reserve static storage for a + * gss_OID_desc object containing the value + * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" + * "\x01\x02\x01\x03"}, + * corresponding to an object-identifier value of + * {iso(1) member-body(2) United States(840) mit(113554) + * infosys(1) gssapi(2) generic(1) string_uid_name(3)}. + * The constant GSS_C_NT_STRING_UID_NAME should be + * initialized to point to that gss_OID_desc. + */ +extern gss_OID GSS_C_NT_STRING_UID_NAME; + +/* + * The implementation must reserve static storage for a + * gss_OID_desc object containing the value + * {6, (void *)"\x2b\x06\x01\x05\x06\x02"}, + * corresponding to an object-identifier value of + * {1(iso), 3(org), 6(dod), 1(internet), 5(security), + * 6(nametypes), 2(gss-host-based-services)}. The constant + * GSS_C_NT_HOSTBASED_SERVICE should be initialized to point + * to that gss_OID_desc. + */ +extern gss_OID GSS_C_NT_HOSTBASED_SERVICE; + +/* + * The implementation must reserve static storage for a + * gss_OID_desc object containing the value + * {6, (void *)"\x2b\x06\01\x05\x06\x03"}, + * corresponding to an object identifier value of + * {1(iso), 3(org), 6(dod), 1(internet), 5(security), + * 6(nametypes), 3(gss-anonymous-name)}. The constant + * and GSS_C_NT_ANONYMOUS should be initialized to point + * to that gss_OID_desc. + */ +extern gss_OID GSS_C_NT_ANONYMOUS; + +/* + * The implementation must reserve static storage for a + * gss_OID_desc object containing the value + * {6, (void *)"\x2b\x06\x01\x05\x06\x04"}, + * corresponding to an object-identifier value of + * {1(iso), 3(org), 6(dod), 1(internet), 5(security), + * 6(nametypes), 4(gss-api-exported-name)}. The constant + * GSS_C_NT_EXPORT_NAME should be initialized to point + * to that gss_OID_desc. + */ +extern gss_OID GSS_C_NT_EXPORT_NAME; + +/* + * This if for kerberos5 names. + */ + +extern gss_OID GSS_KRB5_NT_PRINCIPAL_NAME; +extern gss_OID GSS_KRB5_NT_USER_NAME; +extern gss_OID GSS_KRB5_NT_MACHINE_UID_NAME; +extern gss_OID GSS_KRB5_NT_STRING_UID_NAME; + +extern gss_OID GSS_KRB5_MECHANISM; + +/* Major status codes */ + +#define GSS_S_COMPLETE 0 + +/* + * Some "helper" definitions to make the status code macros obvious. + */ +#define GSS_C_CALLING_ERROR_OFFSET 24 +#define GSS_C_ROUTINE_ERROR_OFFSET 16 +#define GSS_C_SUPPLEMENTARY_OFFSET 0 +#define GSS_C_CALLING_ERROR_MASK 0377ul +#define GSS_C_ROUTINE_ERROR_MASK 0377ul +#define GSS_C_SUPPLEMENTARY_MASK 0177777ul + +/* + * The macros that test status codes for error conditions. + * Note that the GSS_ERROR() macro has changed slightly from + * the V1 GSSAPI so that it now evaluates its argument + * only once. + */ +#define GSS_CALLING_ERROR(x) \ + (x & (GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET)) +#define GSS_ROUTINE_ERROR(x) \ + (x & (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET)) +#define GSS_SUPPLEMENTARY_INFO(x) \ + (x & (GSS_C_SUPPLEMENTARY_MASK << GSS_C_SUPPLEMENTARY_OFFSET)) +#define GSS_ERROR(x) \ + (x & ((GSS_C_CALLING_ERROR_MASK << GSS_C_CALLING_ERROR_OFFSET) | \ + (GSS_C_ROUTINE_ERROR_MASK << GSS_C_ROUTINE_ERROR_OFFSET))) + +/* + * Now the actual status code definitions + */ + +/* + * Calling errors: + */ +#define GSS_S_CALL_INACCESSIBLE_READ \ + (1ul << GSS_C_CALLING_ERROR_OFFSET) +#define GSS_S_CALL_INACCESSIBLE_WRITE \ + (2ul << GSS_C_CALLING_ERROR_OFFSET) +#define GSS_S_CALL_BAD_STRUCTURE \ + (3ul << GSS_C_CALLING_ERROR_OFFSET) + +/* + * Routine errors: + */ +#define GSS_S_BAD_MECH (1ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_BAD_NAME (2ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_BAD_NAMETYPE (3ul << GSS_C_ROUTINE_ERROR_OFFSET) + +#define GSS_S_BAD_BINDINGS (4ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_BAD_STATUS (5ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_BAD_SIG (6ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_BAD_MIC GSS_S_BAD_SIG +#define GSS_S_NO_CRED (7ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_NO_CONTEXT (8ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_DEFECTIVE_TOKEN (9ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_DEFECTIVE_CREDENTIAL (10ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_CREDENTIALS_EXPIRED (11ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_CONTEXT_EXPIRED (12ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_FAILURE (13ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_BAD_QOP (14ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_UNAUTHORIZED (15ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_UNAVAILABLE (16ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_DUPLICATE_ELEMENT (17ul << GSS_C_ROUTINE_ERROR_OFFSET) +#define GSS_S_NAME_NOT_MN (18ul << GSS_C_ROUTINE_ERROR_OFFSET) + +/* + * Supplementary info bits: + */ +#define GSS_S_CONTINUE_NEEDED (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 0)) +#define GSS_S_DUPLICATE_TOKEN (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 1)) +#define GSS_S_OLD_TOKEN (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 2)) +#define GSS_S_UNSEQ_TOKEN (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 3)) +#define GSS_S_GAP_TOKEN (1ul << (GSS_C_SUPPLEMENTARY_OFFSET + 4)) + +/* + * From RFC1964: + * + * 4.1.1. Non-Kerberos-specific codes + */ + +#define GSS_KRB5_S_G_BAD_SERVICE_NAME 1 + /* "No @ in SERVICE-NAME name string" */ +#define GSS_KRB5_S_G_BAD_STRING_UID 2 + /* "STRING-UID-NAME contains nondigits" */ +#define GSS_KRB5_S_G_NOUSER 3 + /* "UID does not resolve to username" */ +#define GSS_KRB5_S_G_VALIDATE_FAILED 4 + /* "Validation error" */ +#define GSS_KRB5_S_G_BUFFER_ALLOC 5 + /* "Couldn't allocate gss_buffer_t data" */ +#define GSS_KRB5_S_G_BAD_MSG_CTX 6 + /* "Message context invalid" */ +#define GSS_KRB5_S_G_WRONG_SIZE 7 + /* "Buffer is the wrong size" */ +#define GSS_KRB5_S_G_BAD_USAGE 8 + /* "Credential usage type is unknown" */ +#define GSS_KRB5_S_G_UNKNOWN_QOP 9 + /* "Unknown quality of protection specified" */ + + /* + * 4.1.2. Kerberos-specific-codes + */ + +#define GSS_KRB5_S_KG_CCACHE_NOMATCH 10 + /* "Principal in credential cache does not match desired name" */ +#define GSS_KRB5_S_KG_KEYTAB_NOMATCH 11 + /* "No principal in keytab matches desired name" */ +#define GSS_KRB5_S_KG_TGT_MISSING 12 + /* "Credential cache has no TGT" */ +#define GSS_KRB5_S_KG_NO_SUBKEY 13 + /* "Authenticator has no subkey" */ +#define GSS_KRB5_S_KG_CONTEXT_ESTABLISHED 14 + /* "Context is already fully established" */ +#define GSS_KRB5_S_KG_BAD_SIGN_TYPE 15 + /* "Unknown signature type in token" */ +#define GSS_KRB5_S_KG_BAD_LENGTH 16 + /* "Invalid field length in token" */ +#define GSS_KRB5_S_KG_CTX_INCOMPLETE 17 + /* "Attempt to use incomplete security context" */ + +/* + * Finally, function prototypes for the GSS-API routines. + */ + +OM_uint32 gss_acquire_cred + (OM_uint32 * minor_status, + const gss_name_t desired_name, + OM_uint32 time_req, + const gss_OID_set desired_mechs, + gss_cred_usage_t cred_usage, + gss_cred_id_t * output_cred_handle, + gss_OID_set * actual_mechs, + OM_uint32 * time_rec + ); + +OM_uint32 gss_release_cred + (OM_uint32 * minor_status, + gss_cred_id_t * cred_handle + ); + +OM_uint32 gss_init_sec_context + (OM_uint32 * minor_status, + const gss_cred_id_t initiator_cred_handle, + gss_ctx_id_t * context_handle, + const gss_name_t target_name, + const gss_OID mech_type, + OM_uint32 req_flags, + OM_uint32 time_req, + const gss_channel_bindings_t input_chan_bindings, + const gss_buffer_t input_token, + gss_OID * actual_mech_type, + gss_buffer_t output_token, + OM_uint32 * ret_flags, + OM_uint32 * time_rec + ); + +OM_uint32 gss_accept_sec_context + (OM_uint32 * minor_status, + gss_ctx_id_t * context_handle, + const gss_cred_id_t acceptor_cred_handle, + const gss_buffer_t input_token_buffer, + const gss_channel_bindings_t input_chan_bindings, + gss_name_t * src_name, + gss_OID * mech_type, + gss_buffer_t output_token, + OM_uint32 * ret_flags, + OM_uint32 * time_rec, + gss_cred_id_t * delegated_cred_handle + ); + +OM_uint32 gss_process_context_token + (OM_uint32 * minor_status, + const gss_ctx_id_t context_handle, + const gss_buffer_t token_buffer + ); + +OM_uint32 gss_delete_sec_context + (OM_uint32 * minor_status, + gss_ctx_id_t * context_handle, + gss_buffer_t output_token + ); + +OM_uint32 gss_context_time + (OM_uint32 * minor_status, + const gss_ctx_id_t context_handle, + OM_uint32 * time_rec + ); + +OM_uint32 gss_get_mic + (OM_uint32 * minor_status, + const gss_ctx_id_t context_handle, + gss_qop_t qop_req, + const gss_buffer_t message_buffer, + gss_buffer_t message_token + ); + +OM_uint32 gss_verify_mic + (OM_uint32 * minor_status, + const gss_ctx_id_t context_handle, + const gss_buffer_t message_buffer, + const gss_buffer_t token_buffer, + gss_qop_t * qop_state + ); + +OM_uint32 gss_wrap + (OM_uint32 * minor_status, + const gss_ctx_id_t context_handle, + int conf_req_flag, + gss_qop_t qop_req, + const gss_buffer_t input_message_buffer, + int * conf_state, + gss_buffer_t output_message_buffer + ); + +OM_uint32 gss_unwrap + (OM_uint32 * minor_status, + const gss_ctx_id_t context_handle, + const gss_buffer_t input_message_buffer, + gss_buffer_t output_message_buffer, + int * conf_state, + gss_qop_t * qop_state + ); + +OM_uint32 gss_display_status + (OM_uint32 * minor_status, + OM_uint32 status_value, + int status_type, + const gss_OID mech_type, + OM_uint32 * message_context, + gss_buffer_t status_string + ); + +OM_uint32 gss_indicate_mechs + (OM_uint32 * minor_status, + gss_OID_set * mech_set + ); + +OM_uint32 gss_compare_name + (OM_uint32 * minor_status, + const gss_name_t name1, + const gss_name_t name2, + int * name_equal + ); + +OM_uint32 gss_display_name + (OM_uint32 * minor_status, + const gss_name_t input_name, + gss_buffer_t output_name_buffer, + gss_OID * output_name_type + ); + +OM_uint32 gss_import_name + (OM_uint32 * minor_status, + const gss_buffer_t input_name_buffer, + const gss_OID input_name_type, + gss_name_t * output_name + ); + +OM_uint32 gss_export_name + (OM_uint32 * minor_status, + const gss_name_t input_name, + gss_buffer_t exported_name + ); + +OM_uint32 gss_release_name + (OM_uint32 * minor_status, + gss_name_t * input_name + ); + +OM_uint32 gss_release_buffer + (OM_uint32 * minor_status, + gss_buffer_t buffer + ); + +OM_uint32 gss_release_oid_set + (OM_uint32 * minor_status, + gss_OID_set * set + ); + +OM_uint32 gss_inquire_cred + (OM_uint32 * minor_status, + const gss_cred_id_t cred_handle, + gss_name_t * name, + OM_uint32 * lifetime, + gss_cred_usage_t * cred_usage, + gss_OID_set * mechanisms + ); + +OM_uint32 gss_inquire_context ( + OM_uint32 * minor_status, + const gss_ctx_id_t context_handle, + gss_name_t * src_name, + gss_name_t * targ_name, + OM_uint32 * lifetime_rec, + gss_OID * mech_type, + OM_uint32 * ctx_flags, + int * locally_initiated, + int * open + ); + +OM_uint32 gss_wrap_size_limit ( + OM_uint32 * minor_status, + const gss_ctx_id_t context_handle, + int conf_req_flag, + gss_qop_t qop_req, + OM_uint32 req_output_size, + OM_uint32 * max_input_size + ); + +OM_uint32 gss_add_cred ( + OM_uint32 * minor_status, + const gss_cred_id_t input_cred_handle, + const gss_name_t desired_name, + const gss_OID desired_mech, + gss_cred_usage_t cred_usage, + OM_uint32 initiator_time_req, + OM_uint32 acceptor_time_req, + gss_cred_id_t * output_cred_handle, + gss_OID_set * actual_mechs, + OM_uint32 * initiator_time_rec, + OM_uint32 * acceptor_time_rec + ); + +OM_uint32 gss_inquire_cred_by_mech ( + OM_uint32 * minor_status, + const gss_cred_id_t cred_handle, + const gss_OID mech_type, + gss_name_t * name, + OM_uint32 * initiator_lifetime, + OM_uint32 * acceptor_lifetime, + gss_cred_usage_t * cred_usage + ); + +OM_uint32 gss_export_sec_context ( + OM_uint32 * minor_status, + gss_ctx_id_t * context_handle, + gss_buffer_t interprocess_token + ); + +OM_uint32 gss_import_sec_context ( + OM_uint32 * minor_status, + const gss_buffer_t interprocess_token, + gss_ctx_id_t * context_handle + ); + +OM_uint32 gss_create_empty_oid_set ( + OM_uint32 * minor_status, + gss_OID_set * oid_set + ); + +OM_uint32 gss_add_oid_set_member ( + OM_uint32 * minor_status, + const gss_OID member_oid, + gss_OID_set * oid_set + ); + +OM_uint32 gss_test_oid_set_member ( + OM_uint32 * minor_status, + const gss_OID member, + const gss_OID_set set, + int * present + ); + +OM_uint32 gss_inquire_names_for_mech ( + OM_uint32 * minor_status, + const gss_OID mechanism, + gss_OID_set * name_types + ); + +OM_uint32 gss_inquire_mechs_for_name ( + OM_uint32 * minor_status, + const gss_name_t input_name, + gss_OID_set * mech_types + ); + +OM_uint32 gss_canonicalize_name ( + OM_uint32 * minor_status, + const gss_name_t input_name, + const gss_OID mech_type, + gss_name_t * output_name + ); + +OM_uint32 gss_duplicate_name ( + OM_uint32 * minor_status, + const gss_name_t src_name, + gss_name_t * dest_name + ); + +/* + * The following routines are obsolete variants of gss_get_mic, + * gss_verify_mic, gss_wrap and gss_unwrap. They should be + * provided by GSSAPI V2 implementations for backwards + * compatibility with V1 applications. Distinct entrypoints + * (as opposed to #defines) should be provided, both to allow + * GSSAPI V1 applications to link against GSSAPI V2 implementations, + * and to retain the slight parameter type differences between the + * obsolete versions of these routines and their current forms. + */ + +OM_uint32 gss_sign + (OM_uint32 * minor_status, + gss_ctx_id_t context_handle, + int qop_req, + gss_buffer_t message_buffer, + gss_buffer_t message_token + ); + +OM_uint32 gss_verify + (OM_uint32 * minor_status, + gss_ctx_id_t context_handle, + gss_buffer_t message_buffer, + gss_buffer_t token_buffer, + int * qop_state + ); + +OM_uint32 gss_seal + (OM_uint32 * minor_status, + gss_ctx_id_t context_handle, + int conf_req_flag, + int qop_req, + gss_buffer_t input_message_buffer, + int * conf_state, + gss_buffer_t output_message_buffer + ); + +OM_uint32 gss_unseal + (OM_uint32 * minor_status, + gss_ctx_id_t context_handle, + gss_buffer_t input_message_buffer, + gss_buffer_t output_message_buffer, + int * conf_state, + int * qop_state + ); + +/* + * kerberos mechanism specific functions + */ + +OM_uint32 gsskrb5_register_acceptor_identity + (char *identity); + +#endif /* GSSAPI_H_ */ diff --git a/crypto/heimdal/lib/gssapi/gssapi_locl.h b/crypto/heimdal/lib/gssapi/gssapi_locl.h new file mode 100644 index 0000000..f488a20 --- /dev/null +++ b/crypto/heimdal/lib/gssapi/gssapi_locl.h @@ -0,0 +1,89 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: gssapi_locl.h,v 1.11 1999/12/02 17:05:03 joda Exp $ */ + +#ifndef GSSAPI_LOCL_H +#define GSSAPI_LOCL_H + +#include <krb5_locl.h> +#include <gssapi.h> + +extern krb5_context gssapi_krb5_context; + +void gssapi_krb5_init (void); + +krb5_error_code +gssapi_krb5_create_8003_checksum ( + const gss_channel_bindings_t input_chan_bindings, + OM_uint32 flags, + Checksum *result); + +krb5_error_code +gssapi_krb5_verify_8003_checksum ( + const gss_channel_bindings_t input_chan_bindings, + Checksum *cksum, + OM_uint32 *flags); + +OM_uint32 +gssapi_krb5_encapsulate( + krb5_data *in_data, + gss_buffer_t output_token, + u_char *type); + +OM_uint32 +gssapi_krb5_decapsulate( + gss_buffer_t input_token_buffer, + krb5_data *out_data, + char *type); + +void +gssapi_krb5_encap_length (size_t data_len, + size_t *len, + size_t *total_len); + +u_char * +gssapi_krb5_make_header (u_char *p, + size_t len, + u_char *type); + +OM_uint32 +gssapi_krb5_verify_header(u_char **str, + size_t total_len, + char *type); + +OM_uint32 +gss_krb5_getsomekey(const gss_ctx_id_t context_handle, + des_cblock *key); + +#endif diff --git a/crypto/heimdal/lib/gssapi/import_name.c b/crypto/heimdal/lib/gssapi/import_name.c new file mode 100644 index 0000000..6cb94c4 --- /dev/null +++ b/crypto/heimdal/lib/gssapi/import_name.c @@ -0,0 +1,137 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +RCSID("$Id: import_name.c,v 1.8 1999/12/02 17:05:03 joda Exp $"); + +static OM_uint32 +import_krb5_name (OM_uint32 *minor_status, + const gss_buffer_t input_name_buffer, + gss_name_t *output_name) +{ + krb5_error_code kerr; + char *tmp; + + tmp = malloc (input_name_buffer->length + 1); + if (tmp == NULL) + return GSS_S_FAILURE; + memcpy (tmp, + input_name_buffer->value, + input_name_buffer->length); + tmp[input_name_buffer->length] = '\0'; + + kerr = krb5_parse_name (gssapi_krb5_context, + tmp, + output_name); + free (tmp); + if (kerr == 0) + return GSS_S_COMPLETE; + else if (kerr == KRB5_PARSE_ILLCHAR || kerr == KRB5_PARSE_MALFORMED) + return GSS_S_BAD_NAME; + else + return GSS_S_FAILURE; +} + +static OM_uint32 +import_hostbased_name (OM_uint32 *minor_status, + const gss_buffer_t input_name_buffer, + gss_name_t *output_name) +{ + krb5_error_code kerr; + char *tmp; + char *p; + char *host; + char local_hostname[MAXHOSTNAMELEN]; + + tmp = malloc (input_name_buffer->length + 1); + if (tmp == NULL) { + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + memcpy (tmp, + input_name_buffer->value, + input_name_buffer->length); + tmp[input_name_buffer->length] = '\0'; + + p = strchr (tmp, '@'); + if (p != NULL) { + *p = '\0'; + host = p + 1; + } else { + if (gethostname(local_hostname, sizeof(local_hostname)) < 0) { + *minor_status = errno; + free (tmp); + return GSS_S_FAILURE; + } + host = local_hostname; + } + + kerr = krb5_sname_to_principal (gssapi_krb5_context, + host, + tmp, + KRB5_NT_SRV_HST, + output_name); + free (tmp); + *minor_status = kerr; + if (kerr == 0) + return GSS_S_COMPLETE; + else if (kerr == KRB5_PARSE_ILLCHAR || kerr == KRB5_PARSE_MALFORMED) + return GSS_S_BAD_NAME; + else + return GSS_S_FAILURE; +} + +OM_uint32 gss_import_name + (OM_uint32 * minor_status, + const gss_buffer_t input_name_buffer, + const gss_OID input_name_type, + gss_name_t * output_name + ) +{ + gssapi_krb5_init (); + + if (input_name_type == GSS_C_NT_HOSTBASED_SERVICE) + return import_hostbased_name (minor_status, + input_name_buffer, + output_name); + else if (input_name_type == GSS_C_NO_OID + || input_name_type == GSS_C_NT_USER_NAME + || input_name_type == GSS_KRB5_NT_PRINCIPAL_NAME) + /* default printable syntax */ + return import_krb5_name (minor_status, + input_name_buffer, + output_name); + else + return GSS_S_BAD_NAMETYPE; +} diff --git a/crypto/heimdal/lib/gssapi/indicate_mechs.c b/crypto/heimdal/lib/gssapi/indicate_mechs.c new file mode 100644 index 0000000..26e018e --- /dev/null +++ b/crypto/heimdal/lib/gssapi/indicate_mechs.c @@ -0,0 +1,55 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +RCSID("$Id: indicate_mechs.c,v 1.3 1999/12/02 17:05:04 joda Exp $"); + +OM_uint32 gss_indicate_mechs + (OM_uint32 * minor_status, + gss_OID_set * mech_set + ) +{ + *mech_set = malloc(sizeof(**mech_set)); + if (*mech_set == NULL) { + return GSS_S_FAILURE; + } + (*mech_set)->count = 1; + (*mech_set)->elements = malloc((*mech_set)->count * sizeof(gss_OID_desc)); + if ((*mech_set)->elements == NULL) { + free (*mech_set); + return GSS_S_FAILURE; + } + (*mech_set)->elements[0] = *GSS_KRB5_MECHANISM; + return GSS_S_COMPLETE; +} diff --git a/crypto/heimdal/lib/gssapi/init.c b/crypto/heimdal/lib/gssapi/init.c new file mode 100644 index 0000000..2c01490 --- /dev/null +++ b/crypto/heimdal/lib/gssapi/init.c @@ -0,0 +1,43 @@ +/* + * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +RCSID("$Id: init.c,v 1.4 1999/12/02 17:05:04 joda Exp $"); + +void +gssapi_krb5_init (void) +{ + if(gssapi_krb5_context == NULL) + krb5_init_context (&gssapi_krb5_context); +} diff --git a/crypto/heimdal/lib/gssapi/init_sec_context.c b/crypto/heimdal/lib/gssapi/init_sec_context.c new file mode 100644 index 0000000..2f9bbc9 --- /dev/null +++ b/crypto/heimdal/lib/gssapi/init_sec_context.c @@ -0,0 +1,360 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +RCSID("$Id: init_sec_context.c,v 1.18 1999/12/26 18:31:36 assar Exp $"); + +static OM_uint32 +init_auth + (OM_uint32 * minor_status, + const gss_cred_id_t initiator_cred_handle, + gss_ctx_id_t * context_handle, + const gss_name_t target_name, + const gss_OID mech_type, + OM_uint32 req_flags, + OM_uint32 time_req, + const gss_channel_bindings_t input_chan_bindings, + const gss_buffer_t input_token, + gss_OID * actual_mech_type, + gss_buffer_t output_token, + OM_uint32 * ret_flags, + OM_uint32 * time_rec + ) +{ + OM_uint32 ret = GSS_S_FAILURE; + krb5_error_code kret; + krb5_flags ap_options; + krb5_creds this_cred, *cred; + krb5_data outbuf; + krb5_ccache ccache; + u_int32_t flags; + Authenticator *auth; + krb5_data authenticator; + Checksum cksum; + krb5_enctype enctype; + + output_token->length = 0; + output_token->value = NULL; + + outbuf.length = 0; + outbuf.data = NULL; + + *minor_status = 0; + + *context_handle = malloc(sizeof(**context_handle)); + if (*context_handle == NULL) { + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + + (*context_handle)->auth_context = NULL; + (*context_handle)->source = NULL; + (*context_handle)->target = NULL; + (*context_handle)->flags = 0; + (*context_handle)->more_flags = 0; + (*context_handle)->ticket = NULL; + + kret = krb5_auth_con_init (gssapi_krb5_context, + &(*context_handle)->auth_context); + if (kret) { + *minor_status = kret; + ret = GSS_S_FAILURE; + goto failure; + } + + { + int32_t tmp; + + krb5_auth_con_getflags(gssapi_krb5_context, + (*context_handle)->auth_context, + &tmp); + tmp |= KRB5_AUTH_CONTEXT_DO_SEQUENCE; + krb5_auth_con_setflags(gssapi_krb5_context, + (*context_handle)->auth_context, + tmp); + } + + if (actual_mech_type) + *actual_mech_type = GSS_KRB5_MECHANISM; + + flags = 0; + ap_options = 0; + if (req_flags & GSS_C_DELEG_FLAG) + ; /* XXX */ + if (req_flags & GSS_C_MUTUAL_FLAG) { + flags |= GSS_C_MUTUAL_FLAG; + ap_options |= AP_OPTS_MUTUAL_REQUIRED; + } + if (req_flags & GSS_C_REPLAY_FLAG) + ; /* XXX */ + if (req_flags & GSS_C_SEQUENCE_FLAG) + ; /* XXX */ + if (req_flags & GSS_C_ANON_FLAG) + ; /* XXX */ + flags |= GSS_C_CONF_FLAG; + flags |= GSS_C_INTEG_FLAG; + flags |= GSS_C_SEQUENCE_FLAG; + flags |= GSS_C_TRANS_FLAG; + + if (ret_flags) + *ret_flags = flags; + (*context_handle)->flags = flags; + (*context_handle)->more_flags = LOCAL; + + kret = krb5_cc_default (gssapi_krb5_context, &ccache); + if (kret) { + *minor_status = kret; + ret = GSS_S_FAILURE; + goto failure; + } + + kret = krb5_cc_get_principal (gssapi_krb5_context, + ccache, + &(*context_handle)->source); + if (kret) { + *minor_status = kret; + ret = GSS_S_FAILURE; + goto failure; + } + + kret = krb5_copy_principal (gssapi_krb5_context, + target_name, + &(*context_handle)->target); + if (kret) { + *minor_status = kret; + ret = GSS_S_FAILURE; + goto failure; + } + + memset(&this_cred, 0, sizeof(this_cred)); + this_cred.client = (*context_handle)->source; + this_cred.server = (*context_handle)->target; + this_cred.times.endtime = 0; + this_cred.session.keytype = ETYPE_DES_CBC_CRC; + + kret = krb5_get_credentials (gssapi_krb5_context, + KRB5_TC_MATCH_KEYTYPE, + ccache, + &this_cred, + &cred); + + if (kret) { + *minor_status = kret; + ret = GSS_S_FAILURE; + goto failure; + } + + krb5_auth_con_setkey(gssapi_krb5_context, + (*context_handle)->auth_context, + &cred->session); + + kret = gssapi_krb5_create_8003_checksum (input_chan_bindings, + flags, + &cksum); + if (kret) { + *minor_status = kret; + ret = GSS_S_FAILURE; + goto failure; + } + +#if 1 + enctype = (*context_handle)->auth_context->keyblock->keytype; +#else + if ((*context_handle)->auth_context->enctype) + enctype = (*context_handle)->auth_context->enctype; + else { + kret = krb5_keytype_to_enctype(gssapi_krb5_context, + (*context_handle)->auth_context->keyblock->keytype, + &enctype); + if (kret) + return kret; + } +#endif + + + + kret = krb5_build_authenticator (gssapi_krb5_context, + (*context_handle)->auth_context, + enctype, + cred, + &cksum, + &auth, + &authenticator); + + if (kret) { + *minor_status = kret; + ret = GSS_S_FAILURE; + goto failure; + } + + kret = krb5_build_ap_req (gssapi_krb5_context, + enctype, + cred, + ap_options, + authenticator, + &outbuf); + + if (kret) { + *minor_status = kret; + ret = GSS_S_FAILURE; + goto failure; + } + + ret = gssapi_krb5_encapsulate (&outbuf, + output_token, + "\x01\x00"); + if (ret) { + *minor_status = kret; + goto failure; + } + + if (flags & GSS_C_MUTUAL_FLAG) { + return GSS_S_CONTINUE_NEEDED; + } else { + (*context_handle)->more_flags |= OPEN; + return GSS_S_COMPLETE; + } + +failure: + krb5_auth_con_free (gssapi_krb5_context, + (*context_handle)->auth_context); + if((*context_handle)->source) + krb5_free_principal (gssapi_krb5_context, + (*context_handle)->source); + if((*context_handle)->target) + krb5_free_principal (gssapi_krb5_context, + (*context_handle)->target); + free (*context_handle); + krb5_data_free (&outbuf); + *context_handle = GSS_C_NO_CONTEXT; + return ret; +} + +static OM_uint32 +repl_mutual + (OM_uint32 * minor_status, + const gss_cred_id_t initiator_cred_handle, + gss_ctx_id_t * context_handle, + const gss_name_t target_name, + const gss_OID mech_type, + OM_uint32 req_flags, + OM_uint32 time_req, + const gss_channel_bindings_t input_chan_bindings, + const gss_buffer_t input_token, + gss_OID * actual_mech_type, + gss_buffer_t output_token, + OM_uint32 * ret_flags, + OM_uint32 * time_rec + ) +{ + OM_uint32 ret; + krb5_error_code kret; + krb5_data indata; + krb5_ap_rep_enc_part *repl; + + ret = gssapi_krb5_decapsulate (input_token, + &indata, + "\x02\x00"); + if (ret) { + /* XXX - Handle AP_ERROR */ + return GSS_S_FAILURE; + } + + kret = krb5_rd_rep (gssapi_krb5_context, + (*context_handle)->auth_context, + &indata, + &repl); + if (kret) + return GSS_S_FAILURE; + krb5_free_ap_rep_enc_part (gssapi_krb5_context, + repl); + + output_token->length = 0; + + (*context_handle)->more_flags |= OPEN; + + return GSS_S_COMPLETE; +} + +/* + * gss_init_sec_context + */ + +OM_uint32 gss_init_sec_context + (OM_uint32 * minor_status, + const gss_cred_id_t initiator_cred_handle, + gss_ctx_id_t * context_handle, + const gss_name_t target_name, + const gss_OID mech_type, + OM_uint32 req_flags, + OM_uint32 time_req, + const gss_channel_bindings_t input_chan_bindings, + const gss_buffer_t input_token, + gss_OID * actual_mech_type, + gss_buffer_t output_token, + OM_uint32 * ret_flags, + OM_uint32 * time_rec + ) +{ + gssapi_krb5_init (); + + if (input_token == GSS_C_NO_BUFFER || input_token->length == 0) + return init_auth (minor_status, + initiator_cred_handle, + context_handle, + target_name, + mech_type, + req_flags, + time_req, + input_chan_bindings, + input_token, + actual_mech_type, + output_token, + ret_flags, + time_rec); + else + return repl_mutual(minor_status, + initiator_cred_handle, + context_handle, + target_name, + mech_type, + req_flags, + time_req, + input_chan_bindings, + input_token, + actual_mech_type, + output_token, + ret_flags, + time_rec); +} diff --git a/crypto/heimdal/lib/gssapi/inquire_context.c b/crypto/heimdal/lib/gssapi/inquire_context.c new file mode 100644 index 0000000..6463253 --- /dev/null +++ b/crypto/heimdal/lib/gssapi/inquire_context.c @@ -0,0 +1,84 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +RCSID("$Id: inquire_context.c,v 1.3 1999/12/02 17:05:04 joda Exp $"); + +OM_uint32 gss_inquire_context ( + OM_uint32 * minor_status, + const gss_ctx_id_t context_handle, + gss_name_t * src_name, + gss_name_t * targ_name, + OM_uint32 * lifetime_rec, + gss_OID * mech_type, + OM_uint32 * ctx_flags, + int * locally_initiated, + int * open + ) +{ + OM_uint32 ret; + + if (src_name) { + ret = gss_duplicate_name (minor_status, + context_handle->source, + src_name); + if (ret) + return ret; + } + + if (targ_name) { + ret = gss_duplicate_name (minor_status, + context_handle->target, + targ_name); + if (ret) + return ret; + } + + if (lifetime_rec) + *lifetime_rec = GSS_C_INDEFINITE; + + if (mech_type) + *mech_type = GSS_KRB5_MECHANISM; + + if (ctx_flags) + *ctx_flags = context_handle->flags; + + if (locally_initiated) + *locally_initiated = context_handle->more_flags & LOCAL; + + if (open) + *open = context_handle->more_flags & OPEN; + + return GSS_S_COMPLETE; +} diff --git a/crypto/heimdal/lib/gssapi/inquire_cred.c b/crypto/heimdal/lib/gssapi/inquire_cred.c new file mode 100644 index 0000000..9e181f3 --- /dev/null +++ b/crypto/heimdal/lib/gssapi/inquire_cred.c @@ -0,0 +1,78 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +RCSID("$Id: inquire_cred.c,v 1.2 1999/12/02 17:05:04 joda Exp $"); + +OM_uint32 gss_inquire_cred + (OM_uint32 * minor_status, + const gss_cred_id_t cred_handle, + gss_name_t * name, + OM_uint32 * lifetime, + gss_cred_usage_t * cred_usage, + gss_OID_set * mechanisms + ) +{ + OM_uint32 ret; + + if (cred_handle == GSS_C_NO_CREDENTIAL) { + return GSS_S_FAILURE; + } + + if (name != NULL) { + ret = gss_duplicate_name(minor_status, cred_handle->principal, name); + if (ret) { + return ret; + } + } + if (lifetime != NULL) { + *lifetime = cred_handle->lifetime; + } + if (cred_usage != NULL) { + *cred_usage = cred_handle->usage; + } + if (mechanisms != NULL) { + ret = gss_create_empty_oid_set(minor_status, mechanisms); + if (ret) { + return ret; + } + ret = gss_add_oid_set_member(minor_status, + &cred_handle->mechanisms->elements[0], + mechanisms); + if (ret) { + return ret; + } + } + return GSS_S_COMPLETE; +} diff --git a/crypto/heimdal/lib/gssapi/release_buffer.c b/crypto/heimdal/lib/gssapi/release_buffer.c new file mode 100644 index 0000000..85f971f --- /dev/null +++ b/crypto/heimdal/lib/gssapi/release_buffer.c @@ -0,0 +1,46 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +RCSID("$Id: release_buffer.c,v 1.3 1999/12/02 17:05:04 joda Exp $"); + +OM_uint32 gss_release_buffer + (OM_uint32 * minor_status, + gss_buffer_t buffer + ) +{ + free (buffer->value); + buffer->length = 0; + return GSS_S_COMPLETE; +} diff --git a/crypto/heimdal/lib/gssapi/release_cred.c b/crypto/heimdal/lib/gssapi/release_cred.c new file mode 100644 index 0000000..0ee876e --- /dev/null +++ b/crypto/heimdal/lib/gssapi/release_cred.c @@ -0,0 +1,57 @@ +/* + * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +RCSID("$Id: release_cred.c,v 1.4 1999/12/02 17:05:04 joda Exp $"); + +OM_uint32 gss_release_cred + (OM_uint32 * minor_status, + gss_cred_id_t * cred_handle + ) +{ + if (*cred_handle == GSS_C_NO_CREDENTIAL) { + return GSS_S_COMPLETE; + } + + gssapi_krb5_init (); + + krb5_free_principal(gssapi_krb5_context, (*cred_handle)->principal); + if ((*cred_handle)->keytab != NULL) + krb5_kt_close(gssapi_krb5_context, (*cred_handle)->keytab); + gss_release_oid_set(NULL, &(*cred_handle)->mechanisms); + free(*cred_handle); + *cred_handle = GSS_C_NO_CREDENTIAL; + return GSS_S_COMPLETE; +} + diff --git a/crypto/heimdal/lib/gssapi/release_name.c b/crypto/heimdal/lib/gssapi/release_name.c new file mode 100644 index 0000000..7c0fcd3 --- /dev/null +++ b/crypto/heimdal/lib/gssapi/release_name.c @@ -0,0 +1,47 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +RCSID("$Id: release_name.c,v 1.4 1999/12/02 17:05:04 joda Exp $"); + +OM_uint32 gss_release_name + (OM_uint32 * minor_status, + gss_name_t * input_name + ) +{ + gssapi_krb5_init (); + krb5_free_principal(gssapi_krb5_context, + *input_name); + return GSS_S_COMPLETE; +} diff --git a/crypto/heimdal/lib/gssapi/release_oid_set.c b/crypto/heimdal/lib/gssapi/release_oid_set.c new file mode 100644 index 0000000..fe7171e --- /dev/null +++ b/crypto/heimdal/lib/gssapi/release_oid_set.c @@ -0,0 +1,46 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +RCSID("$Id: release_oid_set.c,v 1.3 1999/12/02 17:05:04 joda Exp $"); + +OM_uint32 gss_release_oid_set + (OM_uint32 * minor_status, + gss_OID_set * set + ) +{ + free ((*set)->elements); + free (*set); + return GSS_S_COMPLETE; +} diff --git a/crypto/heimdal/lib/gssapi/test_oid_set_member.c b/crypto/heimdal/lib/gssapi/test_oid_set_member.c new file mode 100644 index 0000000..47e9fa7 --- /dev/null +++ b/crypto/heimdal/lib/gssapi/test_oid_set_member.c @@ -0,0 +1,57 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +RCSID("$Id: test_oid_set_member.c,v 1.4 1999/12/02 17:05:04 joda Exp $"); + +OM_uint32 gss_test_oid_set_member ( + OM_uint32 * minor_status, + const gss_OID member, + const gss_OID_set set, + int * present + ) +{ + size_t i; + + *present = 0; + for (i = 0; i < set->count; ++i) + if (member->length == set->elements[i].length + && memcmp (member->elements, + set->elements[i].elements, + member->length) == 0) { + *present = 1; + break; + } + return GSS_S_COMPLETE; +} diff --git a/crypto/heimdal/lib/gssapi/unwrap.c b/crypto/heimdal/lib/gssapi/unwrap.c new file mode 100644 index 0000000..45b1df1 --- /dev/null +++ b/crypto/heimdal/lib/gssapi/unwrap.c @@ -0,0 +1,190 @@ +/* + * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +RCSID("$Id: unwrap.c,v 1.10 1999/12/02 17:05:04 joda Exp $"); + +OM_uint32 +gss_krb5_getsomekey(const gss_ctx_id_t context_handle, + des_cblock *key) +{ + /* XXX this is ugly, and probably incorrect... */ + krb5_keyblock *skey; + krb5_auth_con_getlocalsubkey(gssapi_krb5_context, + context_handle->auth_context, + &skey); + if(skey == NULL) + krb5_auth_con_getremotesubkey(gssapi_krb5_context, + context_handle->auth_context, + &skey); + if(skey == NULL) + krb5_auth_con_getkey(gssapi_krb5_context, + context_handle->auth_context, + &skey); + if(skey == NULL) + return GSS_S_FAILURE; + memcpy(key, skey->keyvalue.data, sizeof(*key)); + krb5_free_keyblock(gssapi_krb5_context, skey); + return 0; +} + +OM_uint32 gss_unwrap + (OM_uint32 * minor_status, + const gss_ctx_id_t context_handle, + const gss_buffer_t input_message_buffer, + gss_buffer_t output_message_buffer, + int * conf_state, + gss_qop_t * qop_state + ) +{ + u_char *p, *pad; + size_t len; + struct md5 md5; + u_char hash[16], seq_data[8]; + des_key_schedule schedule; + des_cblock key; + des_cblock zero; + int i; + int32_t seq_number; + size_t padlength; + OM_uint32 ret; + int cstate; + + p = input_message_buffer->value; + ret = gssapi_krb5_verify_header (&p, + input_message_buffer->length, + "\x02\x01"); + if (ret) + return ret; + + if (memcmp (p, "\x00\x00", 2) != 0) + return GSS_S_BAD_SIG; + p += 2; + if (memcmp (p, "\x00\x00", 2) == 0) { + cstate = 1; + } else if (memcmp (p, "\xFF\xFF", 2) == 0) { + cstate = 0; + } else + return GSS_S_BAD_MIC; + p += 2; + if(conf_state != NULL) + *conf_state = cstate; + if (memcmp (p, "\xff\xff", 2) != 0) + return GSS_S_DEFECTIVE_TOKEN; + p += 2; + p += 16; + + len = p - (u_char *)input_message_buffer->value; + + if(cstate) { + /* decrypt data */ + gss_krb5_getsomekey(context_handle, &key); + for (i = 0; i < sizeof(key); ++i) + key[i] ^= 0xf0; + des_set_key (&key, schedule); + memset (&zero, 0, sizeof(zero)); + des_cbc_encrypt ((des_cblock *)p, + (des_cblock *)p, + input_message_buffer->length - len, + schedule, + &zero, + DES_DECRYPT); + + memset (key, 0, sizeof(key)); + memset (schedule, 0, sizeof(schedule)); + } + /* check pad */ + + pad = (u_char *)input_message_buffer->value + input_message_buffer->length - 1; + padlength = *pad; + + for (i = padlength; i > 0 && *pad == padlength; i--, pad--) + ; + if (i != 0) + return GSS_S_BAD_MIC; + + md5_init (&md5); + md5_update (&md5, p - 24, 8); + md5_update (&md5, p, input_message_buffer->length - len); + md5_finito (&md5, hash); + + memset (&zero, 0, sizeof(zero)); + gss_krb5_getsomekey(context_handle, &key); + des_set_key (&key, schedule); + des_cbc_cksum ((des_cblock *)hash, + (des_cblock *)hash, sizeof(hash), schedule, &zero); + if (memcmp (p - 8, hash, 8) != 0) + return GSS_S_BAD_MIC; + + /* verify sequence number */ + + krb5_auth_getremoteseqnumber (gssapi_krb5_context, + context_handle->auth_context, + &seq_number); + seq_data[0] = (seq_number >> 0) & 0xFF; + seq_data[1] = (seq_number >> 8) & 0xFF; + seq_data[2] = (seq_number >> 16) & 0xFF; + seq_data[3] = (seq_number >> 24) & 0xFF; + memset (seq_data + 4, + (context_handle->more_flags & LOCAL) ? 0xFF : 0, + 4); + + p -= 16; + des_set_key (&key, schedule); + des_cbc_encrypt ((des_cblock *)p, (des_cblock *)p, 8, + schedule, (des_cblock *)hash, DES_DECRYPT); + + memset (key, 0, sizeof(key)); + memset (schedule, 0, sizeof(schedule)); + + if (memcmp (p, seq_data, 8) != 0) { + return GSS_S_BAD_MIC; + } + + krb5_auth_setremoteseqnumber (gssapi_krb5_context, + context_handle->auth_context, + ++seq_number); + + /* copy out data */ + + output_message_buffer->length = input_message_buffer->length + - len - 8 - padlength; + output_message_buffer->value = malloc(output_message_buffer->length); + if(output_message_buffer->length != 0 && output_message_buffer->value == NULL) + return GSS_S_FAILURE; + memcpy (output_message_buffer->value, + p + 24, + output_message_buffer->length); + return GSS_S_COMPLETE; +} diff --git a/crypto/heimdal/lib/gssapi/v1.c b/crypto/heimdal/lib/gssapi/v1.c new file mode 100644 index 0000000..34091ea --- /dev/null +++ b/crypto/heimdal/lib/gssapi/v1.c @@ -0,0 +1,104 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +RCSID("$Id: v1.c,v 1.2 1999/12/02 17:05:04 joda Exp $"); + +/* These functions are for V1 compatibility */ + +OM_uint32 gss_sign + (OM_uint32 * minor_status, + gss_ctx_id_t context_handle, + int qop_req, + gss_buffer_t message_buffer, + gss_buffer_t message_token + ) +{ + return gss_get_mic(minor_status, + context_handle, + (gss_qop_t)qop_req, + message_buffer, + message_token); +} + +OM_uint32 gss_verify + (OM_uint32 * minor_status, + gss_ctx_id_t context_handle, + gss_buffer_t message_buffer, + gss_buffer_t token_buffer, + int * qop_state + ) +{ + return gss_verify_mic(minor_status, + context_handle, + message_buffer, + token_buffer, + (gss_qop_t *)qop_state); +} + +OM_uint32 gss_seal + (OM_uint32 * minor_status, + gss_ctx_id_t context_handle, + int conf_req_flag, + int qop_req, + gss_buffer_t input_message_buffer, + int * conf_state, + gss_buffer_t output_message_buffer + ) +{ + return gss_wrap(minor_status, + context_handle, + conf_req_flag, + (gss_qop_t)qop_req, + input_message_buffer, + conf_state, + output_message_buffer); +} + +OM_uint32 gss_unseal + (OM_uint32 * minor_status, + gss_ctx_id_t context_handle, + gss_buffer_t input_message_buffer, + gss_buffer_t output_message_buffer, + int * conf_state, + int * qop_state + ) +{ + return gss_unwrap(minor_status, + context_handle, + input_message_buffer, + output_message_buffer, + conf_state, + (gss_qop_t *)qop_state); +} diff --git a/crypto/heimdal/lib/gssapi/verify_mic.c b/crypto/heimdal/lib/gssapi/verify_mic.c new file mode 100644 index 0000000..d4342a6 --- /dev/null +++ b/crypto/heimdal/lib/gssapi/verify_mic.c @@ -0,0 +1,124 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +RCSID("$Id: verify_mic.c,v 1.8 1999/12/02 17:05:04 joda Exp $"); + +OM_uint32 gss_verify_mic + (OM_uint32 * minor_status, + const gss_ctx_id_t context_handle, + const gss_buffer_t message_buffer, + const gss_buffer_t token_buffer, + gss_qop_t * qop_state + ) +{ + u_char *p; + struct md5 md5; + u_char hash[16], seq_data[8]; + des_key_schedule schedule; + des_cblock key; + des_cblock zero; + int32_t seq_number; + OM_uint32 ret; + + p = token_buffer->value; + ret = gssapi_krb5_verify_header (&p, + token_buffer->length, + "\x01\x01"); + if (ret) + return ret; + + if (memcmp(p, "\x00\x00", 2) != 0) + return GSS_S_BAD_SIG; + p += 2; + if (memcmp (p, "\xff\xff\xff\xff", 4) != 0) + return GSS_S_BAD_MIC; + p += 4; + p += 16; + + /* verify checksum */ + md5_init (&md5); + md5_update (&md5, p - 24, 8); + md5_update (&md5, message_buffer->value, + message_buffer->length); + md5_finito (&md5, hash); + + memset (&zero, 0, sizeof(zero)); +#if 0 + memcpy (&key, context_handle->auth_context->key.keyvalue.data, + sizeof(key)); +#endif + memcpy (&key, context_handle->auth_context->remote_subkey->keyvalue.data, + sizeof(key)); + + des_set_key (&key, schedule); + des_cbc_cksum ((des_cblock *)hash, + (des_cblock *)hash, sizeof(hash), schedule, &zero); + if (memcmp (p - 8, hash, 8) != 0) { + memset (key, 0, sizeof(key)); + memset (schedule, 0, sizeof(schedule)); + return GSS_S_BAD_MIC; + } + + /* verify sequence number */ + + krb5_auth_getremoteseqnumber (gssapi_krb5_context, + context_handle->auth_context, + &seq_number); + seq_data[0] = (seq_number >> 0) & 0xFF; + seq_data[1] = (seq_number >> 8) & 0xFF; + seq_data[2] = (seq_number >> 16) & 0xFF; + seq_data[3] = (seq_number >> 24) & 0xFF; + memset (seq_data + 4, + (context_handle->more_flags & LOCAL) ? 0xFF : 0, + 4); + + p -= 16; + des_set_key (&key, schedule); + des_cbc_encrypt ((des_cblock *)p, (des_cblock *)p, 8, + schedule, (des_cblock *)hash, DES_DECRYPT); + + memset (key, 0, sizeof(key)); + memset (schedule, 0, sizeof(schedule)); + + if (memcmp (p, seq_data, 8) != 0) { + return GSS_S_BAD_MIC; + } + + krb5_auth_setremoteseqnumber (gssapi_krb5_context, + context_handle->auth_context, + ++seq_number); + + return GSS_S_COMPLETE; +} diff --git a/crypto/heimdal/lib/gssapi/wrap.c b/crypto/heimdal/lib/gssapi/wrap.c new file mode 100644 index 0000000..98ee689 --- /dev/null +++ b/crypto/heimdal/lib/gssapi/wrap.c @@ -0,0 +1,169 @@ +/* + * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +RCSID("$Id: wrap.c,v 1.10 1999/12/02 17:05:04 joda Exp $"); + +OM_uint32 gss_wrap_size_limit ( + OM_uint32 * minor_status, + const gss_ctx_id_t context_handle, + int conf_req_flag, + gss_qop_t qop_req, + OM_uint32 req_output_size, + OM_uint32 * max_input_size + ) +{ + size_t len, total_len, padlength; + padlength = 8 - (req_output_size % 8); + len = req_output_size + 8 + padlength + 22; + gssapi_krb5_encap_length(len, &len, &total_len); + *max_input_size = (OM_uint32)total_len; + return GSS_S_COMPLETE; +} + +OM_uint32 gss_wrap + (OM_uint32 * minor_status, + const gss_ctx_id_t context_handle, + int conf_req_flag, + gss_qop_t qop_req, + const gss_buffer_t input_message_buffer, + int * conf_state, + gss_buffer_t output_message_buffer + ) +{ + u_char *p; + struct md5 md5; + u_char hash[16]; + des_key_schedule schedule; + des_cblock key; + des_cblock zero; + int i; + int32_t seq_number; + size_t len, total_len, padlength; + + padlength = 8 - (input_message_buffer->length % 8); + len = input_message_buffer->length + 8 + padlength + 22; + gssapi_krb5_encap_length (len, &len, &total_len); + + output_message_buffer->length = total_len; + output_message_buffer->value = malloc (total_len); + if (output_message_buffer->value == NULL) + return GSS_S_FAILURE; + + p = gssapi_krb5_make_header(output_message_buffer->value, + len, + "\x02\x01"); + + + /* SGN_ALG */ + memcpy (p, "\x00\x00", 2); + p += 2; + /* SEAL_ALG */ + if(conf_req_flag) + memcpy (p, "\x00\x00", 2); + else + memcpy (p, "\xff\xff", 2); + p += 2; + /* Filler */ + memcpy (p, "\xff\xff", 2); + p += 2; + + /* fill in later */ + memset (p, 0, 16); + p += 16; + + /* confounder + data + pad */ + des_new_random_key((des_cblock*)p); + memcpy (p + 8, input_message_buffer->value, + input_message_buffer->length); + memset (p + 8 + input_message_buffer->length, padlength, padlength); + + /* checksum */ + md5_init (&md5); + md5_update (&md5, p - 24, 8); + md5_update (&md5, p, input_message_buffer->length + padlength + 8); + md5_finito (&md5, hash); + + memset (&zero, 0, sizeof(zero)); + gss_krb5_getsomekey(context_handle, &key); + des_set_key (&key, schedule); + des_cbc_cksum ((des_cblock *)hash, + (des_cblock *)hash, sizeof(hash), schedule, &zero); + memcpy (p - 8, hash, 8); + + /* sequence number */ + krb5_auth_getlocalseqnumber (gssapi_krb5_context, + context_handle->auth_context, + &seq_number); + + p -= 16; + p[0] = (seq_number >> 0) & 0xFF; + p[1] = (seq_number >> 8) & 0xFF; + p[2] = (seq_number >> 16) & 0xFF; + p[3] = (seq_number >> 24) & 0xFF; + memset (p + 4, + (context_handle->more_flags & LOCAL) ? 0 : 0xFF, + 4); + + des_set_key (&key, schedule); + des_cbc_encrypt ((des_cblock *)p, (des_cblock *)p, 8, + schedule, (des_cblock *)(p + 8), DES_ENCRYPT); + + krb5_auth_setlocalseqnumber (gssapi_krb5_context, + context_handle->auth_context, + ++seq_number); + + /* encrypt the data */ + p += 16; + + if(conf_req_flag) { + gss_krb5_getsomekey(context_handle, &key); + for (i = 0; i < sizeof(key); ++i) + key[i] ^= 0xf0; + des_set_key (&key, schedule); + memset (&zero, 0, sizeof(zero)); + des_cbc_encrypt ((des_cblock *)p, + (des_cblock *)p, + 8 + input_message_buffer->length + padlength, + schedule, + &zero, + DES_ENCRYPT); + + memset (key, 0, sizeof(key)); + memset (schedule, 0, sizeof(schedule)); + } + if(conf_state != NULL) + *conf_state = conf_req_flag; + return GSS_S_COMPLETE; +} diff --git a/crypto/heimdal/lib/hdb/Makefile.am b/crypto/heimdal/lib/hdb/Makefile.am new file mode 100644 index 0000000..6c4341e --- /dev/null +++ b/crypto/heimdal/lib/hdb/Makefile.am @@ -0,0 +1,57 @@ +# $Id: Makefile.am,v 1.33 2000/01/06 21:45:41 assar Exp $ + +include $(top_srcdir)/Makefile.am.common + +INCLUDES += -I../asn1 -I$(srcdir)/../asn1 + +BUILT_SOURCES = asn1_Key.c asn1_Event.c asn1_HDBFlags.c asn1_hdb_entry.c \ + asn1_Salt.c hdb_err.c hdb_err.h + +foo = asn1_Key.x asn1_Event.x asn1_HDBFlags.x asn1_hdb_entry.x asn1_Salt.x + +CLEANFILES = $(BUILT_SOURCES) $(foo) hdb_asn1.h asn1_files + +noinst_PROGRAMS = convert_db +LDADD = libhdb.la \ + ../krb5/libkrb5.la \ + ../asn1/libasn1.la \ + ../des/libdes.la \ + $(LIB_roken) \ + $(DBLIB) + +lib_LTLIBRARIES = libhdb.la +libhdb_la_LDFLAGS = -version-info 4:1:1 + +libhdb_la_SOURCES = \ + keytab.c \ + hdb.c \ + common.c \ + db.c \ + ndbm.c \ + print.c \ + $(BUILT_SOURCES) + +include_HEADERS = hdb.h hdb_err.h hdb_asn1.h hdb-protos.h hdb-private.h + +libhdb_la_LIBADD = + +$(libhdb_la_OBJECTS): $(srcdir)/hdb-protos.h $(srcdir)/hdb-private.h + +$(srcdir)/hdb-protos.h: + cd $(srcdir); perl ../../cf/make-proto.pl -o hdb-protos.h $(libhdb_la_SOURCES) || rm -f hdb-protos.h + +$(srcdir)/hdb-private.h: + cd $(srcdir); perl ../../cf/make-proto.pl -p hdb-private.h $(libhdb_la_SOURCES) || rm -f hdb-private.h + +$(foo) hdb_asn1.h: asn1_files + +asn1_files: ../asn1/asn1_compile$(EXEEXT) $(srcdir)/hdb.asn1 + ../asn1/asn1_compile$(EXEEXT) $(srcdir)/hdb.asn1 hdb_asn1 + +$(libhdb_la_OBJECTS): hdb_asn1.h hdb_err.h + +$(convert_db_OBJECTS): hdb_asn1.h hdb_err.h + +# to help stupid solaris make + +hdb_err.h: hdb_err.et diff --git a/crypto/heimdal/lib/hdb/Makefile.in b/crypto/heimdal/lib/hdb/Makefile.in new file mode 100644 index 0000000..ef92550 --- /dev/null +++ b/crypto/heimdal/lib/hdb/Makefile.in @@ -0,0 +1,709 @@ +# Makefile.in generated automatically by automake 1.4 from Makefile.am + +# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +# $Id: Makefile.am,v 1.33 2000/01/06 21:45:41 assar Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ + + +SHELL = @SHELL@ + +srcdir = @srcdir@ +top_srcdir = @top_srcdir@ +VPATH = @srcdir@ +prefix = @prefix@ +exec_prefix = @exec_prefix@ + +bindir = @bindir@ +sbindir = @sbindir@ +libexecdir = @libexecdir@ +datadir = @datadir@ +sysconfdir = @sysconfdir@ +sharedstatedir = @sharedstatedir@ +localstatedir = @localstatedir@ +libdir = @libdir@ +infodir = @infodir@ +mandir = @mandir@ +includedir = @includedir@ +oldincludedir = /usr/include + +DESTDIR = + +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ + +top_builddir = ../.. + +ACLOCAL = @ACLOCAL@ +AUTOCONF = @AUTOCONF@ +AUTOMAKE = @AUTOMAKE@ +AUTOHEADER = @AUTOHEADER@ + +INSTALL = @INSTALL@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +transform = @program_transform_name@ + +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +host_alias = @host_alias@ +host_triplet = @host@ +AFS_EXTRA_LD = @AFS_EXTRA_LD@ +AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AWK = @AWK@ +CANONICAL_HOST = @CANONICAL_HOST@ +CATMAN = @CATMAN@ +CATMANEXT = @CATMANEXT@ +CC = @CC@ +DBLIB = @DBLIB@ +EXEEXT = @EXEEXT@ +EXTRA_LIB45 = @EXTRA_LIB45@ +GROFF = @GROFF@ +INCLUDE_ = @INCLUDE_@ +LD = @LD@ +LEX = @LEX@ +LIBOBJS = @LIBOBJS@ +LIBTOOL = @LIBTOOL@ +LIB_ = @LIB_@ +LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_kdb = @LIB_kdb@ +LIB_otp = @LIB_otp@ +LIB_roken = @LIB_roken@ +LIB_security = @LIB_security@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ +MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ +MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ +NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ +NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ +NM = @NM@ +NROFF = @NROFF@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +RANLIB = @RANLIB@ +VERSION = @VERSION@ +VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ +WFLAGS = @WFLAGS@ +WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ +WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ +YACC = @YACC@ + +AUTOMAKE_OPTIONS = foreign no-dependencies + +SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x + +INCLUDES = -I$(top_builddir)/include -I../asn1 -I$(srcdir)/../asn1 + +AM_CFLAGS = $(WFLAGS) + +COMPILE_ET = $(top_builddir)/lib/com_err/compile_et + +buildinclude = $(top_builddir)/include + +LIB_XauReadAuth = @LIB_XauReadAuth@ +LIB_crypt = @LIB_crypt@ +LIB_dbm_firstkey = @LIB_dbm_firstkey@ +LIB_dbopen = @LIB_dbopen@ +LIB_dlopen = @LIB_dlopen@ +LIB_dn_expand = @LIB_dn_expand@ +LIB_el_init = @LIB_el_init@ +LIB_getattr = @LIB_getattr@ +LIB_gethostbyname = @LIB_gethostbyname@ +LIB_getpwent_r = @LIB_getpwent_r@ +LIB_getpwnam_r = @LIB_getpwnam_r@ +LIB_getsockopt = @LIB_getsockopt@ +LIB_logout = @LIB_logout@ +LIB_logwtmp = @LIB_logwtmp@ +LIB_odm_initialize = @LIB_odm_initialize@ +LIB_readline = @LIB_readline@ +LIB_res_search = @LIB_res_search@ +LIB_setpcred = @LIB_setpcred@ +LIB_setsockopt = @LIB_setsockopt@ +LIB_socket = @LIB_socket@ +LIB_syslog = @LIB_syslog@ +LIB_tgetent = @LIB_tgetent@ + +HESIODLIB = @HESIODLIB@ +HESIODINCLUDE = @HESIODINCLUDE@ +INCLUDE_hesiod = @INCLUDE_hesiod@ +LIB_hesiod = @LIB_hesiod@ + +INCLUDE_krb4 = @INCLUDE_krb4@ +LIB_krb4 = @LIB_krb4@ + +INCLUDE_readline = @INCLUDE_readline@ + +LEXLIB = @LEXLIB@ + +cat1dir = $(mandir)/cat1 +cat3dir = $(mandir)/cat3 +cat5dir = $(mandir)/cat5 +cat8dir = $(mandir)/cat8 + +MANRX = \(.*\)\.\([0-9]\) +CATSUFFIX = @CATSUFFIX@ + +NROFF_MAN = groff -mandoc -Tascii + +@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) + +@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la + +CHECK_LOCAL = $(PROGRAMS) + +BUILT_SOURCES = asn1_Key.c asn1_Event.c asn1_HDBFlags.c asn1_hdb_entry.c asn1_Salt.c hdb_err.c hdb_err.h + + +foo = asn1_Key.x asn1_Event.x asn1_HDBFlags.x asn1_hdb_entry.x asn1_Salt.x + +CLEANFILES = $(BUILT_SOURCES) $(foo) hdb_asn1.h asn1_files + +noinst_PROGRAMS = convert_db +LDADD = libhdb.la ../krb5/libkrb5.la ../asn1/libasn1.la ../des/libdes.la $(LIB_roken) $(DBLIB) + + +lib_LTLIBRARIES = libhdb.la +libhdb_la_LDFLAGS = -version-info 4:1:1 + +libhdb_la_SOURCES = keytab.c hdb.c common.c db.c ndbm.c print.c $(BUILT_SOURCES) + + +include_HEADERS = hdb.h hdb_err.h hdb_asn1.h hdb-protos.h hdb-private.h + +libhdb_la_LIBADD = +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = ../../include/config.h +CONFIG_CLEAN_FILES = +LTLIBRARIES = $(lib_LTLIBRARIES) + + +DEFS = @DEFS@ -I. -I$(srcdir) -I../../include +CPPFLAGS = @CPPFLAGS@ +LDFLAGS = @LDFLAGS@ +LIBS = @LIBS@ +X_CFLAGS = @X_CFLAGS@ +X_LIBS = @X_LIBS@ +X_EXTRA_LIBS = @X_EXTRA_LIBS@ +X_PRE_LIBS = @X_PRE_LIBS@ +libhdb_la_DEPENDENCIES = +libhdb_la_OBJECTS = keytab.lo hdb.lo common.lo db.lo ndbm.lo print.lo \ +asn1_Key.lo asn1_Event.lo asn1_HDBFlags.lo asn1_hdb_entry.lo \ +asn1_Salt.lo hdb_err.lo +noinst_PROGRAMS = convert_db$(EXEEXT) +PROGRAMS = $(noinst_PROGRAMS) + +convert_db_SOURCES = convert_db.c +convert_db_OBJECTS = convert_db.$(OBJEXT) +convert_db_LDADD = $(LDADD) +convert_db_DEPENDENCIES = libhdb.la ../krb5/libkrb5.la \ +../asn1/libasn1.la ../des/libdes.la +convert_db_LDFLAGS = +CFLAGS = @CFLAGS@ +COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +HEADERS = $(include_HEADERS) + +DIST_COMMON = Makefile.am Makefile.in + + +DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) + +TAR = tar +GZIP_ENV = --best +SOURCES = $(libhdb_la_SOURCES) convert_db.c +OBJECTS = $(libhdb_la_OBJECTS) convert_db.$(OBJEXT) + +all: all-redirect +.SUFFIXES: +.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .s .x +$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common + cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/hdb/Makefile + +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + cd $(top_builddir) \ + && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status + + +mostlyclean-libLTLIBRARIES: + +clean-libLTLIBRARIES: + -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) + +distclean-libLTLIBRARIES: + +maintainer-clean-libLTLIBRARIES: + +install-libLTLIBRARIES: $(lib_LTLIBRARIES) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(libdir) + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + echo "$(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p"; \ + $(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p; \ + else :; fi; \ + done + +uninstall-libLTLIBRARIES: + @$(NORMAL_UNINSTALL) + list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \ + done + +.c.o: + $(COMPILE) -c $< + +# FIXME: We should only use cygpath when building on Windows, +# and only if it is available. +.c.obj: + $(COMPILE) -c `cygpath -w $<` + +.s.o: + $(COMPILE) -c $< + +.S.o: + $(COMPILE) -c $< + +mostlyclean-compile: + -rm -f *.o core *.core + -rm -f *.$(OBJEXT) + +clean-compile: + +distclean-compile: + -rm -f *.tab.c + +maintainer-clean-compile: + +.c.lo: + $(LIBTOOL) --mode=compile $(COMPILE) -c $< + +.s.lo: + $(LIBTOOL) --mode=compile $(COMPILE) -c $< + +.S.lo: + $(LIBTOOL) --mode=compile $(COMPILE) -c $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +distclean-libtool: + +maintainer-clean-libtool: + +libhdb.la: $(libhdb_la_OBJECTS) $(libhdb_la_DEPENDENCIES) + $(LINK) -rpath $(libdir) $(libhdb_la_LDFLAGS) $(libhdb_la_OBJECTS) $(libhdb_la_LIBADD) $(LIBS) + +mostlyclean-noinstPROGRAMS: + +clean-noinstPROGRAMS: + -test -z "$(noinst_PROGRAMS)" || rm -f $(noinst_PROGRAMS) + +distclean-noinstPROGRAMS: + +maintainer-clean-noinstPROGRAMS: + +convert_db$(EXEEXT): $(convert_db_OBJECTS) $(convert_db_DEPENDENCIES) + @rm -f convert_db$(EXEEXT) + $(LINK) $(convert_db_LDFLAGS) $(convert_db_OBJECTS) $(convert_db_LDADD) $(LIBS) + +install-includeHEADERS: $(include_HEADERS) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(includedir) + @list='$(include_HEADERS)'; for p in $$list; do \ + if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \ + echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p"; \ + $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p; \ + done + +uninstall-includeHEADERS: + @$(NORMAL_UNINSTALL) + list='$(include_HEADERS)'; for p in $$list; do \ + rm -f $(DESTDIR)$(includedir)/$$p; \ + done + +tags: TAGS + +ID: $(HEADERS) $(SOURCES) $(LISP) + list='$(SOURCES) $(HEADERS)'; \ + unique=`for i in $$list; do echo $$i; done | \ + awk ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + here=`pwd` && cd $(srcdir) \ + && mkid -f$$here/ID $$unique $(LISP) + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS)'; \ + unique=`for i in $$list; do echo $$i; done | \ + awk ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ + || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS) + +mostlyclean-tags: + +clean-tags: + +distclean-tags: + -rm -f TAGS ID + +maintainer-clean-tags: + +distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) + +subdir = lib/hdb + +distdir: $(DISTFILES) + @for file in $(DISTFILES); do \ + d=$(srcdir); \ + if test -d $$d/$$file; then \ + cp -pr $$/$$file $(distdir)/$$file; \ + else \ + test -f $(distdir)/$$file \ + || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ + || cp -p $$d/$$file $(distdir)/$$file || :; \ + fi; \ + done + $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook +info-am: +info: info-am +dvi-am: +dvi: dvi-am +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) check-local +check: check-am +installcheck-am: +installcheck: installcheck-am +install-exec-am: install-libLTLIBRARIES + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-exec-hook +install-exec: install-exec-am + +install-data-am: install-includeHEADERS install-data-local +install-data: install-data-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am +install: install-am +uninstall-am: uninstall-libLTLIBRARIES uninstall-includeHEADERS +uninstall: uninstall-am +all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(HEADERS) all-local +all-redirect: all-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install +installdirs: + $(mkinstalldirs) $(DESTDIR)$(libdir) $(DESTDIR)$(includedir) + + +mostlyclean-generic: + +clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) + +distclean-generic: + -rm -f Makefile $(CONFIG_CLEAN_FILES) + -rm -f config.cache config.log stamp-h stamp-h[0-9]* + +maintainer-clean-generic: + -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES) +mostlyclean-am: mostlyclean-libLTLIBRARIES mostlyclean-compile \ + mostlyclean-libtool mostlyclean-noinstPROGRAMS \ + mostlyclean-tags mostlyclean-generic + +mostlyclean: mostlyclean-am + +clean-am: clean-libLTLIBRARIES clean-compile clean-libtool \ + clean-noinstPROGRAMS clean-tags clean-generic \ + mostlyclean-am + +clean: clean-am + +distclean-am: distclean-libLTLIBRARIES distclean-compile \ + distclean-libtool distclean-noinstPROGRAMS \ + distclean-tags distclean-generic clean-am + -rm -f libtool + +distclean: distclean-am + +maintainer-clean-am: maintainer-clean-libLTLIBRARIES \ + maintainer-clean-compile maintainer-clean-libtool \ + maintainer-clean-noinstPROGRAMS maintainer-clean-tags \ + maintainer-clean-generic distclean-am + @echo "This command is intended for maintainers to use;" + @echo "it deletes files that may require special tools to rebuild." + +maintainer-clean: maintainer-clean-am + +.PHONY: mostlyclean-libLTLIBRARIES distclean-libLTLIBRARIES \ +clean-libLTLIBRARIES maintainer-clean-libLTLIBRARIES \ +uninstall-libLTLIBRARIES install-libLTLIBRARIES mostlyclean-compile \ +distclean-compile clean-compile maintainer-clean-compile \ +mostlyclean-libtool distclean-libtool clean-libtool \ +maintainer-clean-libtool mostlyclean-noinstPROGRAMS \ +distclean-noinstPROGRAMS clean-noinstPROGRAMS \ +maintainer-clean-noinstPROGRAMS uninstall-includeHEADERS \ +install-includeHEADERS tags mostlyclean-tags distclean-tags clean-tags \ +maintainer-clean-tags distdir info-am info dvi-am dvi check-local check \ +check-am installcheck-am installcheck install-exec-am install-exec \ +install-data-local install-data-am install-data install-am install \ +uninstall-am uninstall all-local all-redirect all-am all installdirs \ +mostlyclean-generic distclean-generic clean-generic \ +maintainer-clean-generic clean mostlyclean distclean maintainer-clean + + +install-suid-programs: + @foo='$(bin_SUIDS)'; \ + for file in $$foo; do \ + x=$(DESTDIR)$(bindir)/$$file; \ + if chown 0:0 $$x && chmod u+s $$x; then :; else \ + chmod 0 $$x; fi; done + +install-exec-hook: install-suid-programs + +install-build-headers:: $(include_HEADERS) $(build_HEADERZ) + @foo='$(include_HEADERS) $(build_HEADERZ)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " cp $$file $(buildinclude)/$$f"; \ + cp $$file $(buildinclude)/$$f; \ + fi ; \ + done + +all-local: install-build-headers +#NROFF_MAN = nroff -man +.1.cat1: + $(NROFF_MAN) $< > $@ +.3.cat3: + $(NROFF_MAN) $< > $@ +.5.cat5: + $(NROFF_MAN) $< > $@ +.8.cat8: + $(NROFF_MAN) $< > $@ + +dist-cat1-mans: + @foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat3-mans: + @foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat5-mans: + @foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat8-mans: + @foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans + +install-cat1-mans: + @ext=1;\ + foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat3-mans: + @ext=3;\ + foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat5-mans: + @ext=5;\ + foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat8-mans: + @ext=8;\ + foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans + +install-data-local: install-cat-mans + +.et.h: + $(COMPILE_ET) $< +.et.c: + $(COMPILE_ET) $< + +.x.c: + @cmp -s $< $@ 2> /dev/null || cp $< $@ + +check-local:: + @foo='$(CHECK_LOCAL)'; \ + if test "$$foo"; then \ + failed=0; all=0; \ + for i in $$foo; do \ + all=`expr $$all + 1`; \ + if ./$$i --version > /dev/null 2>&1; then \ + echo "PASS: $$i"; \ + else \ + echo "FAIL: $$i"; \ + failed=`expr $$failed + 1`; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0; \ + fi + +$(libhdb_la_OBJECTS): $(srcdir)/hdb-protos.h $(srcdir)/hdb-private.h + +$(srcdir)/hdb-protos.h: + cd $(srcdir); perl ../../cf/make-proto.pl -o hdb-protos.h $(libhdb_la_SOURCES) || rm -f hdb-protos.h + +$(srcdir)/hdb-private.h: + cd $(srcdir); perl ../../cf/make-proto.pl -p hdb-private.h $(libhdb_la_SOURCES) || rm -f hdb-private.h + +$(foo) hdb_asn1.h: asn1_files + +asn1_files: ../asn1/asn1_compile$(EXEEXT) $(srcdir)/hdb.asn1 + ../asn1/asn1_compile$(EXEEXT) $(srcdir)/hdb.asn1 hdb_asn1 + +$(libhdb_la_OBJECTS): hdb_asn1.h hdb_err.h + +$(convert_db_OBJECTS): hdb_asn1.h hdb_err.h + +# to help stupid solaris make + +hdb_err.h: hdb_err.et + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/crypto/heimdal/lib/hdb/common.c b/crypto/heimdal/lib/hdb/common.c new file mode 100644 index 0000000..6e95667 --- /dev/null +++ b/crypto/heimdal/lib/hdb/common.c @@ -0,0 +1,145 @@ +/* + * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "hdb_locl.h" + +RCSID("$Id: common.c,v 1.6 1999/12/02 17:05:04 joda Exp $"); + +int +hdb_principal2key(krb5_context context, krb5_principal p, krb5_data *key) +{ + Principal new; + size_t len; + unsigned char *buf; + int ret; + + ret = copy_Principal(p, &new); + if(ret) + goto out; + new.name.name_type = 0; + len = length_Principal(&new); + buf = malloc(len); + if(buf == NULL){ + ret = ENOMEM; + goto out; + } + ret = encode_Principal(buf + len - 1, len, &new, &len); + if(ret){ + free(buf); + goto out; + } + key->data = buf; + key->length = len; +out: + free_Principal(&new); + return ret; +} + +int +hdb_key2principal(krb5_context context, krb5_data *key, krb5_principal p) +{ + return decode_Principal(key->data, key->length, p, NULL); +} + +int +hdb_entry2value(krb5_context context, hdb_entry *ent, krb5_data *value) +{ + unsigned char *buf; + size_t len; + int ret; + + len = length_hdb_entry(ent); + buf = malloc(len); + if(buf == NULL) + return ENOMEM; + ret = encode_hdb_entry(buf + len - 1, len, ent, &len); + if(ret){ + free(buf); + return ret; + } + value->data = buf; + value->length = len; + return 0; +} + +int +hdb_value2entry(krb5_context context, krb5_data *value, hdb_entry *ent) +{ + return decode_hdb_entry(value->data, value->length, ent, NULL); +} + +krb5_error_code +_hdb_fetch(krb5_context context, HDB *db, unsigned flags, hdb_entry *entry) +{ + krb5_data key, value; + int code; + + hdb_principal2key(context, entry->principal, &key); + code = db->_get(context, db, key, &value); + krb5_data_free(&key); + if(code) + return code; + hdb_value2entry(context, &value, entry); + if (db->master_key_set && (flags & HDB_F_DECRYPT)) + hdb_unseal_keys (db, entry); + krb5_data_free(&value); + return 0; +} + +krb5_error_code +_hdb_store(krb5_context context, HDB *db, unsigned flags, hdb_entry *entry) +{ + krb5_data key, value; + int code; + + hdb_principal2key(context, entry->principal, &key); + hdb_seal_keys(db, entry); + hdb_entry2value(context, entry, &value); + code = db->_put(context, db, flags & HDB_F_REPLACE, key, value); + krb5_data_free(&value); + krb5_data_free(&key); + return code; +} + +krb5_error_code +_hdb_remove(krb5_context context, HDB *db, hdb_entry *entry) +{ + krb5_data key; + int code; + + hdb_principal2key(context, entry->principal, &key); + code = db->_del(context, db, key); + krb5_data_free(&key); + return code; +} + diff --git a/crypto/heimdal/lib/hdb/convert_db.c b/crypto/heimdal/lib/hdb/convert_db.c new file mode 100644 index 0000000..b257809 --- /dev/null +++ b/crypto/heimdal/lib/hdb/convert_db.c @@ -0,0 +1,219 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of KTH nor the names of its contributors may be + * used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +/* Converts a database from version 0.0* to 0.1. This is done by + * making three copies of each DES key (DES-CBC-CRC, DES-CBC-MD4, and + * DES-CBC-MD5). + * + * Use with care. + */ + +#include "hdb_locl.h" +#include "getarg.h" + +RCSID("$Id: convert_db.c,v 1.8 1999/05/09 22:47:47 assar Exp $"); + +static krb5_error_code +update_keytypes(krb5_context context, HDB *db, hdb_entry *entry, void *data) +{ + int i; + int n = 0; + Key *k; + int save_len; + Key *save_val; + HDB *new = data; + krb5_error_code ret; + + for(i = 0; i < entry->keys.len; i++) + if(entry->keys.val[i].key.keytype == KEYTYPE_DES) + n += 2; + else if(entry->keys.val[i].key.keytype == KEYTYPE_DES3) + n += 1; + k = malloc(sizeof(*k) * (entry->keys.len + n)); + n = 0; + for(i = 0; i < entry->keys.len; i++) { + copy_Key(&entry->keys.val[i], &k[n]); + if(entry->keys.val[i].key.keytype == KEYTYPE_DES) { + copy_Key(&entry->keys.val[i], &k[n+1]); + k[n+1].key.keytype = ETYPE_DES_CBC_MD4; + copy_Key(&entry->keys.val[i], &k[n+2]); + k[n+2].key.keytype = ETYPE_DES_CBC_MD5; + n += 2; + } + else if(entry->keys.val[i].key.keytype == KEYTYPE_DES3) { + copy_Key(&entry->keys.val[i], &k[n+1]); + k[n+1].key.keytype = ETYPE_DES3_CBC_MD5; + n += 1; + } + n++; + } + save_len = entry->keys.len; + save_val = entry->keys.val; + entry->keys.len = n; + entry->keys.val = k; + ret = new->store(context, new, HDB_F_REPLACE, entry); + entry->keys.len = save_len; + entry->keys.val = save_val; + for(i = 0; i < n; i++) + free_Key(&k[i]); + free(k); + return 0; +} + +static krb5_error_code +update_version2(krb5_context context, HDB *db, hdb_entry *entry, void *data) +{ + HDB *new = data; + if(!db->master_key_set) { + int i; + for(i = 0; i < entry->keys.len; i++) { + free(entry->keys.val[i].mkvno); + entry->keys.val[i].mkvno = NULL; + } + } + new->store(context, new, HDB_F_REPLACE, entry); + return 0; +} + +char *old_database = HDB_DEFAULT_DB; +char *new_database = HDB_DEFAULT_DB ".new"; +char *mkeyfile; +int update_version; +int help_flag; +int version_flag; + +struct getargs args[] = { + { "old-database", 0, arg_string, &old_database, + "name of database to convert", "file" }, + { "new-database", 0, arg_string, &new_database, + "name of converted database", "file" }, + { "master-key", 0, arg_string, &mkeyfile, + "v5 master key file", "file" }, + { "update-version", 0, arg_flag, &update_version, + "update the database to the current version" }, + { "help", 'h', arg_flag, &help_flag }, + { "version", 0, arg_flag, &version_flag } +}; + +static int num_args = sizeof(args) / sizeof(args[0]); + +int +main(int argc, char **argv) +{ + krb5_error_code ret; + krb5_context context; + HDB *db, *new; + EncryptionKey key; + int optind = 0; + int master_key_set = 0; + + set_progname(argv[0]); + + if(getarg(args, num_args, argc, argv, &optind)) + krb5_std_usage(1, args, num_args); + + if(help_flag) + krb5_std_usage(0, args, num_args); + + if(version_flag){ + print_version(NULL); + exit(0); + } + + ret = krb5_init_context(&context); + if(ret != 0) + krb5_err(NULL, 1, ret, "krb5_init_context"); + + ret = hdb_create(context, &db, old_database); + if(ret != 0) + krb5_err(context, 1, ret, "hdb_create"); + + ret = hdb_read_master_key(context, mkeyfile, &key); + if(ret == 0) { + if(key.keytype == KEYTYPE_DES) + key.keytype = ETYPE_DES_CBC_MD5; + + ret = hdb_set_master_key(context, db, key); + if (ret) + krb5_err(context, 1, ret, "hdb_set_master_key"); + master_key_set = 1; + } + ret = hdb_create(context, &new, new_database); + if(ret != 0) + krb5_err(context, 1, ret, "hdb_create"); + if (master_key_set) { + ret = hdb_set_master_key(context, new, key); + if (ret) + krb5_err(context, 1, ret, "hdb_set_master_key"); + } + ret = db->open(context, db, O_RDONLY, 0); + if(ret == HDB_ERR_BADVERSION) { + krb5_data tag; + krb5_data version; + int foo; + unsigned ver; + tag.data = HDB_DB_FORMAT_ENTRY; + tag.length = strlen(tag.data); + ret = (*db->_get)(context, db, tag, &version); + if(ret) + krb5_errx(context, 1, "database is wrong version, " + "but couldn't find version key (%s)", + HDB_DB_FORMAT_ENTRY); + foo = sscanf(version.data, "%u", &ver); + krb5_data_free (&version); + if(foo != 1) + krb5_errx(context, 1, "database version is not a number"); + if(ver == 1 && HDB_DB_FORMAT == 2) { + krb5_warnx(context, "will upgrade database from version %d to %d", + ver, HDB_DB_FORMAT); + krb5_warnx(context, "rerun to do other conversions"); + update_version = 1; + } else + krb5_errx(context, 1, + "don't know how to upgrade from version %d to %d", + ver, HDB_DB_FORMAT); + } else if(ret) + krb5_err(context, 1, ret, "%s", old_database); + ret = new->open(context, new, O_CREAT|O_EXCL|O_RDWR, 0600); + if(ret) + krb5_err(context, 1, ret, "%s", new_database); + if(update_version) + ret = hdb_foreach(context, db, 0, update_version2, new); + else + ret = hdb_foreach(context, db, 0, update_keytypes, new); + if(ret != 0) + krb5_err(context, 1, ret, "hdb_foreach"); + db->close(context, db); + new->close(context, new); + krb5_warnx(context, "wrote converted database to `%s'", new_database); + return 0; +} diff --git a/crypto/heimdal/lib/hdb/db.c b/crypto/heimdal/lib/hdb/db.c new file mode 100644 index 0000000..4699437 --- /dev/null +++ b/crypto/heimdal/lib/hdb/db.c @@ -0,0 +1,268 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "hdb_locl.h" + +RCSID("$Id: db.c,v 1.25 1999/12/02 17:05:04 joda Exp $"); + +#ifdef HAVE_DB_H + +static krb5_error_code +DB_close(krb5_context context, HDB *db) +{ + DB *d = (DB*)db->db; + d->close(d); + return 0; +} + +static krb5_error_code +DB_destroy(krb5_context context, HDB *db) +{ + krb5_error_code ret; + + ret = hdb_clear_master_key (context, db); + free(db->name); + free(db); + return ret; +} + +static krb5_error_code +DB_lock(krb5_context context, HDB *db, int operation) +{ + DB *d = (DB*)db->db; + int fd = (*d->fd)(d); + if(fd < 0) + return HDB_ERR_CANT_LOCK_DB; + return hdb_lock(fd, operation); +} + +static krb5_error_code +DB_unlock(krb5_context context, HDB *db) +{ + DB *d = (DB*)db->db; + int fd = (*d->fd)(d); + if(fd < 0) + return HDB_ERR_CANT_LOCK_DB; + return hdb_unlock(fd); +} + + +static krb5_error_code +DB_seq(krb5_context context, HDB *db, + unsigned flags, hdb_entry *entry, int flag) +{ + DB *d = (DB*)db->db; + DBT key, value; + krb5_data key_data, data; + int code; + + code = db->lock(context, db, HDB_RLOCK); + if(code == -1) + return HDB_ERR_DB_INUSE; + code = d->seq(d, &key, &value, flag); + db->unlock(context, db); /* XXX check value */ + if(code == -1) + return errno; + if(code == 1) + return HDB_ERR_NOENTRY; + + key_data.data = key.data; + key_data.length = key.size; + data.data = value.data; + data.length = value.size; + if (hdb_value2entry(context, &data, entry)) + return DB_seq(context, db, flags, entry, R_NEXT); + if (db->master_key_set && (flags & HDB_F_DECRYPT)) + hdb_unseal_keys (db, entry); + if (entry->principal == NULL) { + entry->principal = malloc(sizeof(*entry->principal)); + hdb_key2principal(context, &key_data, entry->principal); + } + return 0; +} + + +static krb5_error_code +DB_firstkey(krb5_context context, HDB *db, unsigned flags, hdb_entry *entry) +{ + return DB_seq(context, db, flags, entry, R_FIRST); +} + + +static krb5_error_code +DB_nextkey(krb5_context context, HDB *db, unsigned flags, hdb_entry *entry) +{ + return DB_seq(context, db, flags, entry, R_NEXT); +} + +static krb5_error_code +DB_rename(krb5_context context, HDB *db, const char *new_name) +{ + int ret; + char *old, *new; + + asprintf(&old, "%s.db", db->name); + asprintf(&new, "%s.db", new_name); + ret = rename(old, new); + free(old); + free(new); + if(ret) + return errno; + + free(db->name); + db->name = strdup(new_name); + return 0; +} + +static krb5_error_code +DB__get(krb5_context context, HDB *db, krb5_data key, krb5_data *reply) +{ + DB *d = (DB*)db->db; + DBT k, v; + int code; + + k.data = key.data; + k.size = key.length; + code = db->lock(context, db, HDB_RLOCK); + if(code) + return code; + code = d->get(d, &k, &v, 0); + db->unlock(context, db); + if(code < 0) + return errno; + if(code == 1) + return HDB_ERR_NOENTRY; + + krb5_data_copy(reply, v.data, v.size); + return 0; +} + +static krb5_error_code +DB__put(krb5_context context, HDB *db, int replace, + krb5_data key, krb5_data value) +{ + DB *d = (DB*)db->db; + DBT k, v; + int code; + + k.data = key.data; + k.size = key.length; + v.data = value.data; + v.size = value.length; + code = db->lock(context, db, HDB_WLOCK); + if(code) + return code; + code = d->put(d, &k, &v, replace ? 0 : R_NOOVERWRITE); + db->unlock(context, db); + if(code < 0) + return errno; + if(code == 1) + return HDB_ERR_EXISTS; + return 0; +} + +static krb5_error_code +DB__del(krb5_context context, HDB *db, krb5_data key) +{ + DB *d = (DB*)db->db; + DBT k; + krb5_error_code code; + k.data = key.data; + k.size = key.length; + code = db->lock(context, db, HDB_WLOCK); + if(code) + return code; + code = d->del(d, &k, 0); + db->unlock(context, db); + if(code == 1) + return HDB_ERR_NOENTRY; + if(code < 0) + return errno; + return 0; +} + +static krb5_error_code +DB_open(krb5_context context, HDB *db, int flags, mode_t mode) +{ + char *fn; + krb5_error_code ret; + + asprintf(&fn, "%s.db", db->name); + if (fn == NULL) + return ENOMEM; + db->db = dbopen(fn, flags, mode, DB_BTREE, NULL); + free(fn); + /* try to open without .db extension */ + if(db->db == NULL && errno == ENOENT) + db->db = dbopen(db->name, flags, mode, DB_BTREE, NULL); + if(db->db == NULL) + return errno; + if((flags & O_ACCMODE) == O_RDONLY) + ret = hdb_check_db_format(context, db); + else + ret = hdb_init_db(context, db); + if(ret == HDB_ERR_NOENTRY) + return 0; + return ret; +} + +krb5_error_code +hdb_db_create(krb5_context context, HDB **db, + const char *filename) +{ + *db = malloc(sizeof(**db)); + if (*db == NULL) + return ENOMEM; + + (*db)->db = NULL; + (*db)->name = strdup(filename); + (*db)->master_key_set = 0; + (*db)->openp = 0; + (*db)->open = DB_open; + (*db)->close = DB_close; + (*db)->fetch = _hdb_fetch; + (*db)->store = _hdb_store; + (*db)->remove = _hdb_remove; + (*db)->firstkey = DB_firstkey; + (*db)->nextkey= DB_nextkey; + (*db)->lock = DB_lock; + (*db)->unlock = DB_unlock; + (*db)->rename = DB_rename; + (*db)->_get = DB__get; + (*db)->_put = DB__put; + (*db)->_del = DB__del; + (*db)->destroy = DB_destroy; + return 0; +} + +#endif diff --git a/crypto/heimdal/lib/hdb/hdb-private.h b/crypto/heimdal/lib/hdb/hdb-private.h new file mode 100644 index 0000000..ce868bd --- /dev/null +++ b/crypto/heimdal/lib/hdb/hdb-private.h @@ -0,0 +1,48 @@ +/* This is a generated file */ +#ifndef __hdb_private_h__ +#define __hdb_private_h__ + +#ifdef __STDC__ +#include <stdarg.h> +#ifndef __P +#define __P(x) x +#endif +#else +#ifndef __P +#define __P(x) () +#endif +#endif + +krb5_error_code +_hdb_fetch __P(( + krb5_context context, + HDB *db, + unsigned flags, + hdb_entry *entry)); + +krb5_error_code +_hdb_remove __P(( + krb5_context context, + HDB *db, + hdb_entry *entry)); + +void +_hdb_seal_keys_int __P(( + hdb_entry *ent, + int key_version, + krb5_data schedule)); + +krb5_error_code +_hdb_store __P(( + krb5_context context, + HDB *db, + unsigned flags, + hdb_entry *entry)); + +void +_hdb_unseal_keys_int __P(( + hdb_entry *ent, + int key_version, + krb5_data schedule)); + +#endif /* __hdb_private_h__ */ diff --git a/crypto/heimdal/lib/hdb/hdb-protos.h b/crypto/heimdal/lib/hdb/hdb-protos.h new file mode 100644 index 0000000..e0f15b1 --- /dev/null +++ b/crypto/heimdal/lib/hdb/hdb-protos.h @@ -0,0 +1,158 @@ +/* This is a generated file */ +#ifndef __hdb_protos_h__ +#define __hdb_protos_h__ + +#ifdef __STDC__ +#include <stdarg.h> +#ifndef __P +#define __P(x) x +#endif +#else +#ifndef __P +#define __P(x) () +#endif +#endif + +krb5_error_code +hdb_check_db_format __P(( + krb5_context context, + HDB *db)); + +krb5_error_code +hdb_clear_master_key __P(( + krb5_context context, + HDB *db)); + +krb5_error_code +hdb_create __P(( + krb5_context context, + HDB **db, + const char *filename)); + +krb5_error_code +hdb_db_create __P(( + krb5_context context, + HDB **db, + const char *filename)); + +krb5_error_code +hdb_enctype2key __P(( + krb5_context context, + hdb_entry *e, + krb5_enctype enctype, + Key **key)); + +krb5_error_code +hdb_entry2string __P(( + krb5_context context, + hdb_entry *ent, + char **str)); + +int +hdb_entry2value __P(( + krb5_context context, + hdb_entry *ent, + krb5_data *value)); + +krb5_error_code +hdb_foreach __P(( + krb5_context context, + HDB *db, + unsigned flags, + hdb_foreach_func_t func, + void *data)); + +void +hdb_free_entry __P(( + krb5_context context, + hdb_entry *ent)); + +void +hdb_free_key __P((Key *key)); + +krb5_error_code +hdb_init_db __P(( + krb5_context context, + HDB *db)); + +int +hdb_key2principal __P(( + krb5_context context, + krb5_data *key, + krb5_principal p)); + +krb5_error_code +hdb_lock __P(( + int fd, + int operation)); + +krb5_error_code +hdb_ndbm_create __P(( + krb5_context context, + HDB **db, + const char *filename)); + +krb5_error_code +hdb_next_enctype2key __P(( + krb5_context context, + hdb_entry *e, + krb5_enctype enctype, + Key **key)); + +int +hdb_principal2key __P(( + krb5_context context, + krb5_principal p, + krb5_data *key)); + +krb5_error_code +hdb_print_entry __P(( + krb5_context context, + HDB *db, + hdb_entry *entry, + void *data)); + +krb5_error_code +hdb_process_master_key __P(( + krb5_context context, + EncryptionKey key, + krb5_data *schedule)); + +krb5_error_code +hdb_read_master_key __P(( + krb5_context context, + const char *filename, + EncryptionKey *key)); + +void +hdb_seal_keys __P(( + HDB *db, + hdb_entry *ent)); + +krb5_error_code +hdb_set_master_key __P(( + krb5_context context, + HDB *db, + EncryptionKey key)); + +krb5_error_code +hdb_set_master_keyfile __P(( + krb5_context context, + HDB *db, + const char *keyfile)); + +krb5_error_code +hdb_unlock __P((int fd)); + +void +hdb_unseal_keys __P(( + HDB *db, + hdb_entry *ent)); + +int +hdb_value2entry __P(( + krb5_context context, + krb5_data *value, + hdb_entry *ent)); + +#endif /* __hdb_protos_h__ */ diff --git a/crypto/heimdal/lib/hdb/hdb.asn1 b/crypto/heimdal/lib/hdb/hdb.asn1 new file mode 100644 index 0000000..99537d6 --- /dev/null +++ b/crypto/heimdal/lib/hdb/hdb.asn1 @@ -0,0 +1,65 @@ +-- $Id: hdb.asn1,v 1.7 1999/05/03 16:48:52 joda Exp $ +HDB DEFINITIONS ::= +BEGIN + +EncryptionKey EXTERNAL +KerberosTime EXTERNAL +Principal EXTERNAL + +HDB_DB_FORMAT INTEGER ::= 2 -- format of database, + -- update when making changes + +-- these should have the same value as the pa-* counterparts +hdb-pw-salt INTEGER ::= 3 +hdb-afs3-salt INTEGER ::= 10 + +Salt ::= SEQUENCE { + type[0] INTEGER, + salt[1] OCTET STRING +} + +Key ::= SEQUENCE { + mkvno[0] INTEGER OPTIONAL, -- master key version number + key[1] EncryptionKey, + salt[2] Salt OPTIONAL +} + +Event ::= SEQUENCE { + time[0] KerberosTime, + principal[1] Principal OPTIONAL +} + +HDBFlags ::= BIT STRING { + initial(0), -- require as-req + forwardable(1), -- may issue forwardable + proxiable(2), -- may issue proxiable + renewable(3), -- may issue renewable + postdate(4), -- may issue postdatable + server(5), -- may be server + client(6), -- may be client + invalid(7), -- entry is invalid + require-preauth(8), -- must use preauth + change-pw(9), -- change password service + require-hwauth(10), -- must use hwauth + ok-as-delegate(11), -- as in TicketFlags + user-to-user(12), -- may use user-to-user auth + immutable(13) -- may not be deleted +} + +hdb_entry ::= SEQUENCE { + principal[0] Principal OPTIONAL, -- this is optional only + -- for compatibility with libkrb5 + kvno[1] INTEGER, + keys[2] SEQUENCE OF Key, + created-by[3] Event, + modified-by[4] Event OPTIONAL, + valid-start[5] KerberosTime OPTIONAL, + valid-end[6] KerberosTime OPTIONAL, + pw-end[7] KerberosTime OPTIONAL, + max-life[8] INTEGER OPTIONAL, + max-renew[9] INTEGER OPTIONAL, + flags[10] HDBFlags, + etypes[11] SEQUENCE OF INTEGER OPTIONAL +} + +END diff --git a/crypto/heimdal/lib/hdb/hdb.c b/crypto/heimdal/lib/hdb/hdb.c new file mode 100644 index 0000000..edf6677 --- /dev/null +++ b/crypto/heimdal/lib/hdb/hdb.c @@ -0,0 +1,349 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "hdb_locl.h" + +RCSID("$Id: hdb.c,v 1.35 1999/12/02 17:05:05 joda Exp $"); + +krb5_error_code +hdb_next_enctype2key(krb5_context context, + hdb_entry *e, + krb5_enctype enctype, + Key **key) +{ + Key *k; + + for (k = *key ? *key : e->keys.val; + k < e->keys.val + e->keys.len; + k++) + if(k->key.keytype == enctype){ + *key = k; + return 0; + } + return KRB5_PROG_ETYPE_NOSUPP; /* XXX */ +} + +krb5_error_code +hdb_enctype2key(krb5_context context, + hdb_entry *e, + krb5_enctype enctype, + Key **key) +{ + *key = NULL; + return hdb_next_enctype2key(context, e, enctype, key); +} + +/* this is a bit ugly, but will get better when the crypto framework + gets fixed */ + +krb5_error_code +hdb_process_master_key(krb5_context context, EncryptionKey key, + krb5_data *schedule) +{ + krb5_error_code ret; + + if(key.keytype != ETYPE_DES_CBC_MD5) + return KRB5_PROG_KEYTYPE_NOSUPP; + + ret = krb5_data_alloc (schedule, sizeof(des_key_schedule)); + if (ret) + return ret; + + des_set_key((des_cblock*)key.keyvalue.data, schedule->data); + return 0; +} + +krb5_error_code +hdb_read_master_key(krb5_context context, const char *filename, + EncryptionKey *key) +{ + FILE *f; + unsigned char buf[256]; + size_t len; + krb5_error_code ret; + if(filename == NULL) + filename = HDB_DB_DIR "/m-key"; + f = fopen(filename, "r"); + if(f == NULL) + return errno; + len = fread(buf, 1, sizeof(buf), f); + if(ferror(f)) + ret = errno; + else + ret = decode_EncryptionKey(buf, len, key, &len); + fclose(f); + memset(buf, 0, sizeof(buf)); + return ret; +} + +void +_hdb_unseal_keys_int(hdb_entry *ent, int key_version, krb5_data schedule) +{ + int i; + for(i = 0; i < ent->keys.len; i++){ + des_cblock iv; + int num = 0; + if(ent->keys.val[i].mkvno == NULL) + continue; + if(*ent->keys.val[i].mkvno != key_version) + ; + memset(&iv, 0, sizeof(iv)); + + des_cfb64_encrypt(ent->keys.val[i].key.keyvalue.data, + ent->keys.val[i].key.keyvalue.data, + ent->keys.val[i].key.keyvalue.length, + schedule.data, &iv, &num, 0); + free(ent->keys.val[i].mkvno); + ent->keys.val[i].mkvno = NULL; + } +} + +void +hdb_unseal_keys(HDB *db, hdb_entry *ent) +{ + if (db->master_key_set == 0) + return; + _hdb_unseal_keys_int(ent, db->master_key_version, db->master_key); +} + +void +_hdb_seal_keys_int(hdb_entry *ent, int key_version, krb5_data schedule) +{ + int i; + for(i = 0; i < ent->keys.len; i++){ + des_cblock iv; + int num = 0; + + if(ent->keys.val[i].mkvno != NULL) + continue; + memset(&iv, 0, sizeof(iv)); + des_cfb64_encrypt(ent->keys.val[i].key.keyvalue.data, + ent->keys.val[i].key.keyvalue.data, + ent->keys.val[i].key.keyvalue.length, + schedule.data, &iv, &num, 1); + ent->keys.val[i].mkvno = malloc(sizeof(*ent->keys.val[i].mkvno)); + *ent->keys.val[i].mkvno = key_version; + } +} + +void +hdb_seal_keys(HDB *db, hdb_entry *ent) +{ + if (db->master_key_set == 0) + return; + + _hdb_seal_keys_int(ent, db->master_key_version, db->master_key); +} + +void +hdb_free_key(Key *key) +{ + memset(key->key.keyvalue.data, + 0, + key->key.keyvalue.length); + free_Key(key); + free(key); +} + + +krb5_error_code +hdb_lock(int fd, int operation) +{ + int i, code; + for(i = 0; i < 3; i++){ + code = flock(fd, (operation == HDB_RLOCK ? LOCK_SH : LOCK_EX) | LOCK_NB); + if(code == 0 || errno != EWOULDBLOCK) + break; + sleep(1); + } + if(code == 0) + return 0; + if(errno == EWOULDBLOCK) + return HDB_ERR_DB_INUSE; + return HDB_ERR_CANT_LOCK_DB; +} + +krb5_error_code +hdb_unlock(int fd) +{ + int code; + code = flock(fd, LOCK_UN); + if(code) + return 4711 /* XXX */; + return 0; +} + +void +hdb_free_entry(krb5_context context, hdb_entry *ent) +{ + int i; + + for(i = 0; i < ent->keys.len; ++i) { + Key *k = &ent->keys.val[i]; + + memset (k->key.keyvalue.data, 0, k->key.keyvalue.length); + } + free_hdb_entry(ent); +} + +krb5_error_code +hdb_foreach(krb5_context context, + HDB *db, + unsigned flags, + hdb_foreach_func_t func, + void *data) +{ + krb5_error_code ret; + hdb_entry entry; + ret = db->firstkey(context, db, flags, &entry); + while(ret == 0){ + ret = (*func)(context, db, &entry, data); + hdb_free_entry(context, &entry); + if(ret == 0) + ret = db->nextkey(context, db, flags, &entry); + } + if(ret == HDB_ERR_NOENTRY) + ret = 0; + return ret; +} + +krb5_error_code +hdb_check_db_format(krb5_context context, HDB *db) +{ + krb5_data tag; + krb5_data version; + krb5_error_code ret; + unsigned ver; + int foo; + + tag.data = HDB_DB_FORMAT_ENTRY; + tag.length = strlen(tag.data); + ret = (*db->_get)(context, db, tag, &version); + if(ret) + return ret; + foo = sscanf(version.data, "%u", &ver); + krb5_data_free (&version); + if (foo != 1) + return HDB_ERR_BADVERSION; + if(ver != HDB_DB_FORMAT) + return HDB_ERR_BADVERSION; + return 0; +} + +krb5_error_code +hdb_init_db(krb5_context context, HDB *db) +{ + krb5_error_code ret; + krb5_data tag; + krb5_data version; + char ver[32]; + + ret = hdb_check_db_format(context, db); + if(ret != HDB_ERR_NOENTRY) + return ret; + + tag.data = HDB_DB_FORMAT_ENTRY; + tag.length = strlen(tag.data); + snprintf(ver, sizeof(ver), "%u", HDB_DB_FORMAT); + version.data = ver; + version.length = strlen(version.data) + 1; /* zero terminated */ + ret = (*db->_put)(context, db, 0, tag, version); + return ret; +} + +krb5_error_code +hdb_create(krb5_context context, HDB **db, const char *filename) +{ + krb5_error_code ret = 0; + if(filename == NULL) + filename = HDB_DEFAULT_DB; + initialize_hdb_error_table_r(&context->et_list); +#ifdef HAVE_DB_H + ret = hdb_db_create(context, db, filename); +#elif HAVE_NDBM_H + ret = hdb_ndbm_create(context, db, filename); +#else + krb5_errx(context, 1, "No database support! (hdb_create)"); +#endif + return ret; +} + +krb5_error_code +hdb_set_master_key (krb5_context context, + HDB *db, + EncryptionKey key) +{ + krb5_error_code ret; + + ret = hdb_process_master_key(context, key, &db->master_key); + if (ret) + return ret; +#if 0 /* XXX - why? */ + des_set_random_generator_seed(key.keyvalue.data); +#endif + db->master_key_set = 1; + db->master_key_version = 0; /* XXX */ + return 0; +} + +krb5_error_code +hdb_set_master_keyfile (krb5_context context, + HDB *db, + const char *keyfile) +{ + EncryptionKey key; + krb5_error_code ret; + + ret = hdb_read_master_key(context, keyfile, &key); + if (ret) { + if (ret != ENOENT) + return ret; + return 0; + } + ret = hdb_set_master_key(context, db, key); + memset(key.keyvalue.data, 0, key.keyvalue.length); + free_EncryptionKey(&key); + return ret; +} + +krb5_error_code +hdb_clear_master_key (krb5_context context, + HDB *db) +{ + if (db->master_key_set) { + memset(db->master_key.data, 0, db->master_key.length); + krb5_data_free(&db->master_key); + db->master_key_set = 0; + } + return 0; +} diff --git a/crypto/heimdal/lib/hdb/hdb.h b/crypto/heimdal/lib/hdb/hdb.h new file mode 100644 index 0000000..f4cb001 --- /dev/null +++ b/crypto/heimdal/lib/hdb/hdb.h @@ -0,0 +1,86 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: hdb.h,v 1.26 1999/12/02 17:05:05 joda Exp $ */ + +#ifndef __HDB_H__ +#define __HDB_H__ + +#include <hdb_err.h> + +#include <hdb_asn1.h> + +enum hdb_lockop{ HDB_RLOCK, HDB_WLOCK }; + +/* flags for various functions */ +#define HDB_F_DECRYPT 1 /* decrypt keys */ +#define HDB_F_REPLACE 2 /* replace entry */ + +typedef struct HDB{ + void *db; + char *name; + int master_key_set; + krb5_data master_key; + int master_key_version; + int openp; + + krb5_error_code (*open)(krb5_context, struct HDB*, int, mode_t); + krb5_error_code (*close)(krb5_context, struct HDB*); + krb5_error_code (*fetch)(krb5_context, struct HDB*, unsigned, hdb_entry*); + krb5_error_code (*store)(krb5_context, struct HDB*, unsigned, hdb_entry*); + krb5_error_code (*remove)(krb5_context, struct HDB*, hdb_entry*); + krb5_error_code (*firstkey)(krb5_context, struct HDB*, + unsigned, hdb_entry*); + krb5_error_code (*nextkey)(krb5_context, struct HDB*, + unsigned, hdb_entry*); + krb5_error_code (*lock)(krb5_context, struct HDB*, int operation); + krb5_error_code (*unlock)(krb5_context, struct HDB*); + krb5_error_code (*rename)(krb5_context, struct HDB*, const char*); + krb5_error_code (*_get)(krb5_context, struct HDB*, krb5_data, krb5_data*); + krb5_error_code (*_put)(krb5_context, struct HDB*, int, + krb5_data, krb5_data); + krb5_error_code (*_del)(krb5_context, struct HDB*, krb5_data); + krb5_error_code (*destroy)(krb5_context, struct HDB*); +}HDB; + +#define HDB_DB_DIR "/var/heimdal" +#define HDB_DEFAULT_DB HDB_DB_DIR "/heimdal" +#define HDB_DB_FORMAT_ENTRY "hdb/db-format" + +typedef krb5_error_code (*hdb_foreach_func_t)(krb5_context, HDB*, + hdb_entry*, void*); +extern krb5_kt_ops hdb_kt_ops; + +#include <hdb-protos.h> + +#endif /* __HDB_H__ */ diff --git a/crypto/heimdal/lib/hdb/hdb_err.et b/crypto/heimdal/lib/hdb/hdb_err.et new file mode 100644 index 0000000..a08a2d4 --- /dev/null +++ b/crypto/heimdal/lib/hdb/hdb_err.et @@ -0,0 +1,26 @@ +# +# Error messages for the hdb library +# +# This might look like a com_err file, but is not +# +id "$Id: hdb_err.et,v 1.4 1998/02/16 16:29:15 joda Exp $" + +error_table hdb + +prefix HDB_ERR + +index 1 +#error_code INUSE, "Entry already exists in database" +error_code UK_SERROR, "Database store error" +error_code UK_RERROR, "Database read error" +error_code NOENTRY, "No such entry in the database" +error_code DB_INUSE, "Database is locked or in use--try again later" +error_code DB_CHANGED, "Database was modified during read" +error_code RECURSIVELOCK, "Attempt to lock database twice" +error_code NOTLOCKED, "Attempt to unlock database when not locked" +error_code BADLOCKMODE, "Invalid kdb lock mode" +error_code CANT_LOCK_DB, "Insufficient access to lock database" +error_code EXISTS, "Entry already exists in database" +error_code BADVERSION, "Wrong database version" + +end diff --git a/crypto/heimdal/lib/hdb/hdb_locl.h b/crypto/heimdal/lib/hdb/hdb_locl.h new file mode 100644 index 0000000..76ba479 --- /dev/null +++ b/crypto/heimdal/lib/hdb/hdb_locl.h @@ -0,0 +1,83 @@ +/* + * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: hdb_locl.h,v 1.12 1999/12/02 17:05:05 joda Exp $ */ + +#ifndef __HDB_LOCL_H__ +#define __HDB_LOCL_H__ + +#include <config.h> + +#include <stdio.h> +#include <string.h> +#include <stdlib.h> +#include <errno.h> +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif +#ifdef HAVE_FCNTL_H +#include <fcntl.h> +#endif +#ifdef HAVE_SYS_FILE_H +#include <sys/file.h> +#endif +#include <roken.h> + +#include <krb5.h> +#include <hdb.h> +#include <hdb-private.h> + +#if defined(HAVE_DB_185_H) +#include <db_185.h> +#elif defined(HAVE_DB_H) +#include <db.h> +#endif + +#ifdef HAVE_NDBM_H +#include <ndbm.h> +#endif + +int hdb_principal2key(krb5_context, krb5_principal, krb5_data*); +int hdb_key2principal(krb5_context, krb5_data*, krb5_principal); + +krb5_error_code hdb_lock(int, int); +krb5_error_code hdb_unlock(int); + +krb5_error_code _hdb_fetch(krb5_context, HDB*, unsigned, hdb_entry*); +krb5_error_code _hdb_store(krb5_context, HDB*, unsigned, hdb_entry*); +krb5_error_code _hdb_remove(krb5_context, HDB*, hdb_entry*); + +#endif /* __HDB_LOCL_H__ */ diff --git a/crypto/heimdal/lib/hdb/keytab.c b/crypto/heimdal/lib/hdb/keytab.c new file mode 100644 index 0000000..d9be75d --- /dev/null +++ b/crypto/heimdal/lib/hdb/keytab.c @@ -0,0 +1,187 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "hdb_locl.h" + +/* keytab backend for HDB databases */ + +RCSID("$Id: keytab.c,v 1.2 1999/08/26 13:24:05 joda Exp $"); + +struct hdb_data { + char *dbname; + char *mkey; + HDB *db; +}; + +static krb5_error_code +hdb_resolve(krb5_context context, const char *name, krb5_keytab id) +{ + krb5_error_code ret; + struct hdb_data *d; + const char *db, *mkey; + d = malloc(sizeof(*d)); + if(d == NULL) + return ENOMEM; + db = name; + mkey = strchr(name, ':'); + if(mkey == NULL || mkey[1] == '\0') { + if(*name == '\0') + d->dbname = NULL; + else { + d->dbname = strdup(name); + if(d->dbname == NULL) { + free(d); + return ENOMEM; + } + } + d->mkey = NULL; + } else { + if((mkey - db) == 0) { + d->dbname = NULL; + } else { + d->dbname = malloc(mkey - db); + if(d->dbname == NULL) { + free(d); + return ENOMEM; + } + strncpy(d->dbname, db, mkey - db); + d->dbname[mkey - db] = '\0'; + } + d->mkey = strdup(mkey + 1); + if(d->mkey == NULL) { + free(d->dbname); + free(d); + return ENOMEM; + } + } + ret = hdb_create(context, &d->db, d->dbname); + if(ret) { + free(d->dbname); + free(d->mkey); + free(d); + return ret; + } + ret = hdb_set_master_keyfile (context, d->db, d->mkey); + if(ret) { + (*d->db->destroy)(context, d->db); + free(d->dbname); + free(d->mkey); + free(d); + return ret; + } + id->data = d; + return 0; +} + +static krb5_error_code +hdb_close(krb5_context context, krb5_keytab id) +{ + struct hdb_data *d = id->data; + (*d->db->destroy)(context, d->db); + free(d); + return 0; +} + +static krb5_error_code +hdb_get_name(krb5_context context, + krb5_keytab id, + char *name, + size_t namesize) +{ + struct hdb_data *d = id->data; + snprintf(name, namesize, "%s%s%s", + d->dbname ? d->dbname : "", + (d->dbname || d->mkey) ? ":" : "", + d->mkey ? d->mkey : ""); + return 0; +} + +static krb5_error_code +hdb_get_entry(krb5_context context, + krb5_keytab id, + krb5_const_principal principal, + krb5_kvno kvno, + krb5_enctype enctype, + krb5_keytab_entry *entry) +{ + hdb_entry ent; + krb5_error_code ret; + struct hdb_data *d = id->data; + int i; + + ret = (*d->db->open)(context, d->db, O_RDONLY, 0); + if (ret) + return ret; + ent.principal = (krb5_principal)principal; + ret = (*d->db->fetch)(context, d->db, HDB_F_DECRYPT, &ent); + (*d->db->close)(context, d->db); + if(ret == HDB_ERR_NOENTRY) + return KRB5_KT_NOTFOUND; + else if(ret) + return ret; + if(kvno && ent.kvno != kvno) { + hdb_free_entry(context, &ent); + return KRB5_KT_NOTFOUND; + } + if(enctype == 0) + if(ent.keys.len > 0) + enctype = ent.keys.val[0].key.keytype; + ret = KRB5_KT_NOTFOUND; + for(i = 0; i < ent.keys.len; i++) { + if(ent.keys.val[i].key.keytype == enctype) { + krb5_copy_principal(context, principal, &entry->principal); + entry->vno = ent.kvno; + krb5_copy_keyblock_contents(context, + &ent.keys.val[i].key, + &entry->keyblock); + ret = 0; + break; + } + } + hdb_free_entry(context, &ent); + return ret; +} + +krb5_kt_ops hdb_kt_ops = { + "HDB", + hdb_resolve, + hdb_get_name, + hdb_close, + hdb_get_entry, + NULL, /* start_seq_get */ + NULL, /* next_entry */ + NULL, /* end_seq_get */ + NULL, /* add */ + NULL /* remove */ +}; + diff --git a/crypto/heimdal/lib/hdb/libasn1.h b/crypto/heimdal/lib/hdb/libasn1.h new file mode 100644 index 0000000..03d951a --- /dev/null +++ b/crypto/heimdal/lib/hdb/libasn1.h @@ -0,0 +1,51 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: libasn1.h,v 1.4 1999/12/02 17:05:05 joda Exp $ */ + +#ifndef __LIBASN1_H__ +#define __LIBASN1_H__ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + +#include <stdlib.h> +#include <errno.h> +#include <asn1.h> +#include <der.h> +#include "hdb_asn1.h" +#include <asn1_err.h> +#include <parse_units.h> + +#endif /* __LIBASN1_H__ */ diff --git a/crypto/heimdal/lib/hdb/ndbm.c b/crypto/heimdal/lib/hdb/ndbm.c new file mode 100644 index 0000000..79ca978 --- /dev/null +++ b/crypto/heimdal/lib/hdb/ndbm.c @@ -0,0 +1,316 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "hdb_locl.h" + +RCSID("$Id: ndbm.c,v 1.26 1999/12/02 17:05:05 joda Exp $"); + +#ifdef HAVE_NDBM_H + +struct ndbm_db { + DBM *db; + int lock_fd; +}; + +static krb5_error_code +NDBM_destroy(krb5_context context, HDB *db) +{ + krb5_error_code ret; + + ret = hdb_clear_master_key (context, db); + free(db->name); + free(db); + return 0; +} + +static krb5_error_code +NDBM_lock(krb5_context context, HDB *db, int operation) +{ + struct ndbm_db *d = db->db; + return hdb_lock(d->lock_fd, operation); +} + +static krb5_error_code +NDBM_unlock(krb5_context context, HDB *db) +{ + struct ndbm_db *d = db->db; + return hdb_unlock(d->lock_fd); +} + +static krb5_error_code +NDBM_seq(krb5_context context, HDB *db, + unsigned flags, hdb_entry *entry, int first) + +{ + struct ndbm_db *d = (struct ndbm_db *)db->db; + datum key, value; + krb5_data key_data, data; + krb5_error_code ret; + + if(first) + key = dbm_firstkey(d->db); + else + key = dbm_nextkey(d->db); + if(key.dptr == NULL) + return HDB_ERR_NOENTRY; + key_data.data = key.dptr; + key_data.length = key.dsize; + ret = db->lock(context, db, HDB_RLOCK); + if(ret) return ret; + value = dbm_fetch(d->db, key); + db->unlock(context, db); + data.data = value.dptr; + data.length = value.dsize; + if(hdb_value2entry(context, &data, entry)) + return NDBM_seq(context, db, flags, entry, 0); + if (db->master_key_set && (flags & HDB_F_DECRYPT)) + hdb_unseal_keys (db, entry); + if (entry->principal == NULL) { + entry->principal = malloc (sizeof(*entry->principal)); + hdb_key2principal (context, &key_data, entry->principal); + } + return 0; +} + + +static krb5_error_code +NDBM_firstkey(krb5_context context, HDB *db, unsigned flags, hdb_entry *entry) +{ + return NDBM_seq(context, db, flags, entry, 1); +} + + +static krb5_error_code +NDBM_nextkey(krb5_context context, HDB *db, unsigned flags, hdb_entry *entry) +{ + return NDBM_seq(context, db, flags, entry, 0); +} + +static krb5_error_code +NDBM_rename(krb5_context context, HDB *db, const char *new_name) +{ + /* XXX this function will break */ + struct ndbm_db *d = db->db; + + int ret; + char *old_dir, *old_pag, *new_dir, *new_pag; + char *new_lock; + int lock_fd; + + /* lock old and new databases */ + ret = db->lock(context, db, HDB_WLOCK); + if(ret) return ret; + asprintf(&new_lock, "%s.lock", new_name); + lock_fd = open(new_lock, O_RDWR | O_CREAT, 0600); + free(new_lock); + if(lock_fd < 0) { + ret = errno; + db->unlock(context, db); + return ret; + } + ret = hdb_lock(lock_fd, HDB_WLOCK); + if(ret) { + db->unlock(context, db); + close(lock_fd); + return ret; + } + + asprintf(&old_dir, "%s.dir", db->name); + asprintf(&old_pag, "%s.pag", db->name); + asprintf(&new_dir, "%s.dir", new_name); + asprintf(&new_pag, "%s.pag", new_name); + + ret = rename(old_dir, new_dir) || rename(old_pag, new_pag); + free(old_dir); + free(old_pag); + free(new_dir); + free(new_pag); + hdb_unlock(lock_fd); + db->unlock(context, db); + + if(ret) { + close(lock_fd); + return errno; + } + + close(d->lock_fd); + d->lock_fd = lock_fd; + + free(db->name); + db->name = strdup(new_name); + return 0; +} + +static krb5_error_code +NDBM__get(krb5_context context, HDB *db, krb5_data key, krb5_data *reply) +{ + struct ndbm_db *d = (struct ndbm_db *)db->db; + datum k, v; + int code; + + k.dptr = key.data; + k.dsize = key.length; + code = db->lock(context, db, HDB_RLOCK); + if(code) + return code; + v = dbm_fetch(d->db, k); + db->unlock(context, db); + if(v.dptr == NULL) + return HDB_ERR_NOENTRY; + + krb5_data_copy(reply, v.dptr, v.dsize); + return 0; +} + +static krb5_error_code +NDBM__put(krb5_context context, HDB *db, int replace, + krb5_data key, krb5_data value) +{ + struct ndbm_db *d = (struct ndbm_db *)db->db; + datum k, v; + int code; + + k.dptr = key.data; + k.dsize = key.length; + v.dptr = value.data; + v.dsize = value.length; + + code = db->lock(context, db, HDB_WLOCK); + if(code) + return code; + code = dbm_store(d->db, k, v, replace ? DBM_REPLACE : DBM_INSERT); + db->unlock(context, db); + if(code == 1) + return HDB_ERR_EXISTS; + if (code < 0) + return code; + return 0; +} + +static krb5_error_code +NDBM__del(krb5_context context, HDB *db, krb5_data key) +{ + struct ndbm_db *d = (struct ndbm_db *)db->db; + datum k; + int code; + krb5_error_code ret; + + k.dptr = key.data; + k.dsize = key.length; + ret = db->lock(context, db, HDB_WLOCK); + if(ret) return ret; + code = dbm_delete(d->db, k); + db->unlock(context, db); + if(code < 0) + return errno; + return 0; +} + +static krb5_error_code +NDBM_open(krb5_context context, HDB *db, int flags, mode_t mode) +{ + krb5_error_code ret; + struct ndbm_db *d = malloc(sizeof(*d)); + char *lock_file; + + if(d == NULL) + return ENOMEM; + asprintf(&lock_file, "%s.lock", (char*)db->name); + if(lock_file == NULL) { + free(d); + return ENOMEM; + } + d->db = dbm_open((char*)db->name, flags, mode); + if(d->db == NULL){ + free(d); + free(lock_file); + return errno; + } + d->lock_fd = open(lock_file, O_RDWR | O_CREAT, 0600); + free(lock_file); + if(d->lock_fd < 0){ + dbm_close(d->db); + free(d); + return errno; + } + db->db = d; + if((flags & O_ACCMODE) == O_RDONLY) + ret = hdb_check_db_format(context, db); + else + ret = hdb_init_db(context, db); + if(ret == HDB_ERR_NOENTRY) + return 0; + return ret; +} + +static krb5_error_code +NDBM_close(krb5_context context, HDB *db) +{ + struct ndbm_db *d = db->db; + dbm_close(d->db); + close(d->lock_fd); + free(d); + return 0; +} + +krb5_error_code +hdb_ndbm_create(krb5_context context, HDB **db, + const char *filename) +{ + *db = malloc(sizeof(**db)); + if (*db == NULL) + return ENOMEM; + + (*db)->db = NULL; + (*db)->name = strdup(filename); + (*db)->master_key_set = 0; + (*db)->openp = 0; + (*db)->open = NDBM_open; + (*db)->close = NDBM_close; + (*db)->fetch = _hdb_fetch; + (*db)->store = _hdb_store; + (*db)->remove = _hdb_remove; + (*db)->firstkey = NDBM_firstkey; + (*db)->nextkey= NDBM_nextkey; + (*db)->lock = NDBM_lock; + (*db)->unlock = NDBM_unlock; + (*db)->rename = NDBM_rename; + (*db)->_get = NDBM__get; + (*db)->_put = NDBM__put; + (*db)->_del = NDBM__del; + (*db)->destroy = NDBM_destroy; + return 0; +} + + +#endif diff --git a/crypto/heimdal/lib/hdb/print.c b/crypto/heimdal/lib/hdb/print.c new file mode 100644 index 0000000..5db3166 --- /dev/null +++ b/crypto/heimdal/lib/hdb/print.c @@ -0,0 +1,236 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of KTH nor the names of its contributors may be + * used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +#include "hdb_locl.h" +#include <ctype.h> + +RCSID("$Id: print.c,v 1.4 1999/12/26 13:50:22 assar Exp $"); + +/* + This is the present contents of a dump line. This might change at + any time. Fields are separated by white space. + + principal + keyblock + kvno + keys... + mkvno + enctype + keyvalue + salt (- means use normal salt) + creation date and principal + modification date and principal + principal valid from date (not used) + principal valid end date (not used) + principal key expires (not used) + max ticket life + max renewable life + flags + */ + +static void +append_hex(char *str, krb5_data *data) +{ + int i, s = 1; + char *p; + + p = data->data; + for(i = 0; i < data->length; i++) + if(!isalnum((unsigned char)p[i]) && p[i] != '.'){ + s = 0; + break; + } + if(s){ + p = calloc(1, data->length + 2 + 1); + p[0] = '\"'; + p[data->length + 1] = '\"'; + memcpy(p + 1, data->data, data->length); + }else{ + p = calloc(1, data->length * 2 + 1); + for(i = 0; i < data->length; i++) + sprintf(p + 2 * i, "%02x", ((u_char*)data->data)[i]); + } + strcat(str, p); + free(p); +} + +static char * +time2str(time_t t) +{ + static char buf[128]; + strftime(buf, sizeof(buf), "%Y%m%d%H%M%S", gmtime(&t)); + return buf; +} + +static krb5_error_code +event2string(krb5_context context, Event *ev, char **str) +{ + char *p; + char *pr; + krb5_error_code ret; + if(ev == NULL){ + *str = strdup("-"); + return (*str == NULL) ? ENOMEM : 0; + } + if (ev->principal == NULL) { + pr = strdup("UNKNOWN"); + if (pr == NULL) + return ENOMEM; + } else { + ret = krb5_unparse_name(context, ev->principal, &pr); + if(ret) + return ret; + } + ret = asprintf(&p, "%s:%s", time2str(ev->time), pr); + free(pr); + if(ret < 0) + return ENOMEM; + *str = p; + return 0; +} + +krb5_error_code +hdb_entry2string(krb5_context context, hdb_entry *ent, char **str) +{ + char *p; + char buf[1024] = ""; + int i; + krb5_error_code ret; + + /* --- principal */ + ret = krb5_unparse_name(context, ent->principal, &p); + if(ret) + return ret; + strlcat(buf, p, sizeof(buf)); + strlcat(buf, " ", sizeof(buf)); + free(p); + /* --- kvno */ + asprintf(&p, "%d", ent->kvno); + strlcat(buf, p, sizeof(buf)); + free(p); + /* --- keys */ + for(i = 0; i < ent->keys.len; i++){ + /* --- mkvno, keytype */ + if(ent->keys.val[i].mkvno) + asprintf(&p, ":%d:%d:", + *ent->keys.val[i].mkvno, + ent->keys.val[i].key.keytype); + else + asprintf(&p, "::%d:", + ent->keys.val[i].key.keytype); + strlcat(buf, p, sizeof(buf)); + free(p); + /* --- keydata */ + append_hex(buf, &ent->keys.val[i].key.keyvalue); + strlcat(buf, ":", sizeof(buf)); + /* --- salt */ + if(ent->keys.val[i].salt){ + asprintf(&p, "%u/", ent->keys.val[i].salt->type); + strlcat(buf, p, sizeof(buf)); + free(p); + append_hex(buf, &ent->keys.val[i].salt->salt); + }else + strlcat(buf, "-", sizeof(buf)); + } + strlcat(buf, " ", sizeof(buf)); + /* --- created by */ + event2string(context, &ent->created_by, &p); + strlcat(buf, p, sizeof(buf)); + strlcat(buf, " ", sizeof(buf)); + free(p); + /* --- modified by */ + event2string(context, ent->modified_by, &p); + strlcat(buf, p, sizeof(buf)); + strlcat(buf, " ", sizeof(buf)); + free(p); + + /* --- valid start */ + if(ent->valid_start) + strlcat(buf, time2str(*ent->valid_start), sizeof(buf)); + else + strlcat(buf, "-", sizeof(buf)); + strlcat(buf, " ", sizeof(buf)); + + /* --- valid end */ + if(ent->valid_end) + strlcat(buf, time2str(*ent->valid_end), sizeof(buf)); + else + strlcat(buf, "-", sizeof(buf)); + strlcat(buf, " ", sizeof(buf)); + + /* --- password ends */ + if(ent->pw_end) + strlcat(buf, time2str(*ent->pw_end), sizeof(buf)); + else + strlcat(buf, "-", sizeof(buf)); + strlcat(buf, " ", sizeof(buf)); + + /* --- max life */ + if(ent->max_life){ + asprintf(&p, "%d", *ent->max_life); + strlcat(buf, p, sizeof(buf)); + free(p); + }else + strlcat(buf, "-", sizeof(buf)); + strlcat(buf, " ", sizeof(buf)); + + /* --- max renewable life */ + if(ent->max_renew){ + asprintf(&p, "%d", *ent->max_renew); + strlcat(buf, p, sizeof(buf)); + free(p); + }else + strlcat(buf, "-", sizeof(buf)); + + strlcat(buf, " ", sizeof(buf)); + + /* --- flags */ + asprintf(&p, "%d", HDBFlags2int(ent->flags)); + strlcat(buf, p, sizeof(buf)); + free(p); + + *str = strdup(buf); + + return 0; +} + +/* print a hdb_entry to (FILE*)data; suitable for hdb_foreach */ + +krb5_error_code +hdb_print_entry(krb5_context context, HDB *db, hdb_entry *entry, void *data) +{ + char *p; + hdb_entry2string(context, entry, &p); + fprintf((FILE*)data, "%s\n", p); + free(p); + return 0; +} diff --git a/crypto/heimdal/lib/kadm5/ChangeLog b/crypto/heimdal/lib/kadm5/ChangeLog new file mode 100644 index 0000000..8c04ecb --- /dev/null +++ b/crypto/heimdal/lib/kadm5/ChangeLog @@ -0,0 +1,306 @@ +2000-01-06 Assar Westerlund <assar@sics.se> + + * Makefile.am (libkadm5srv.la): bump version to 5:1:0 + + * context_s.c (_kadm5_s_init_context): handle params == NULL + +1999-12-26 Assar Westerlund <assar@sics.se> + + * get_s.c (kadm5_s_get_principal): handle modified_by->principal + == NULL + +1999-12-20 Assar Westerlund <assar@sics.se> + + * Makefile.am (libkadm5clnt_la_LDFLAGS): bump version to 4:1:0 + + * init_c.c (_kadm5_c_init_context): handle getting back port + number from admin host + (kadm5_c_init_with_context): remove `proto/' part before doing + getaddrinfo() + +1999-12-06 Assar Westerlund <assar@sics.se> + + * Makefile.am: bump version to 5:0:0 and 4:0:0 + + * init_c.c (kadm5_c_init_with_context): don't use unitialized + stuff + +1999-12-04 Assar Westerlund <assar@sics.se> + + * replay_log.c: adapt to changed kadm5_log_foreach + + * log.c (kadm5_log_foreach): change to take a + `kadm5_server_context' + + * init_c.c: use krb5_warn{,x} + + * dump_log.c: adapt to changed kadm5_log_foreach + + * init_c.c: re-write to use getaddrinfo + * Makefile.am (install-build-headers): add dependency + +1999-12-03 Johan Danielsson <joda@pdc.kth.se> + + * log.c (kadm5_log_foreach): pass context + + * dump_log.c: print more interesting things + +1999-12-02 Johan Danielsson <joda@pdc.kth.se> + + * ipropd_master.c (process_msg): check for short reads + +1999-11-25 Assar Westerlund <assar@sics.se> + + * modify_s.c (kadm5_s_modify_principal): support key_data + (kadm5_s_modify_principal_with_key): remove + + * admin.h (kadm5_s_modify_principal_with_key): remove + +1999-11-20 Assar Westerlund <assar@sics.se> + + * context_s.c (find_db_spec): ugly cast work-around. + +1999-11-14 Assar Westerlund <assar@sics.se> + + * context_s.c (_kadm5_s_init_context): call krb5_add_et_list so + that we aren't dependent on the layout of krb5_context_data + * init_c.c (_kadm5_c_init_context): call krb5_add_et_list so that + we aren't dependent on the layout of krb5_context_data + +1999-11-13 Assar Westerlund <assar@sics.se> + + * password_quality.c (kadm5_setup_passwd_quality_check): use + correct types for function pointers + +1999-11-09 Johan Danielsson <joda@pdc.kth.se> + + * randkey_s.c: always bail out if the fetch fails + + * admin.h (kadm5_config_params): remove fields we're not using + + * ipropd_slave.c: allow passing a realm + + * ipropd_master.c: allow passing a realm + + * dump_log.c: allow passing a realm + + * acl.c: correctly get acl file + + * private.h (kadm5_server_context): add config_params struct and + remove acl_file; bump protocol version number + + * marshall.c: marshalling of config parameters + + * init_c.c (kadm5_c_init_with_context): try to cope with old + servers + + * init_s.c (kadm5_s_init_with_context): actually use some passed + values + + * context_s.c (_kadm5_s_init_context): get dbname, acl_file, and + stash_file from the config parameters, try to figure out these if + they're not provided + +1999-11-05 Assar Westerlund <assar@sics.se> + + * Makefile.am (install-build-headers): use `cp' instead of + INSTALL_DATA + +1999-11-04 Assar Westerlund <assar@sics.se> + + * Makefile.am: bump version to 4:0:0 and 3:0:0 (they access fields + directly in libkrb5's context - bad functions) + + * set_keys.c (_kadm5_set_keys_randomly): set enctypes correctly in + the copied keys + +1999-10-20 Assar Westerlund <assar@sics.se> + + * Makefile.am: set version of kadm5srv to 3:0:2 (new password + quality functions). + set version of kdam5clnt to 2:1:1 (no interface changes) + + * Makefile.am (LDADD): add $(LIB_dlopen) + +1999-10-17 Assar Westerlund <assar@sics.se> + + * randkey_s.c (kadm5_s_randkey_principal): use + _kadm5_set_keys_randomly + + * set_keys.c (free_keys): free more memory + (_kadm5_set_keys): a little bit more generic + (_kadm5_set_keys_randomly): new function for setting random keys. + +1999-10-14 Assar Westerlund <assar@sics.se> + + * set_keys.c (_kadm5_set_keys): ignore old keys when setting new + ones and always add 3 DES keys and one 3DES key + +1999-10-03 Assar Westerlund <assar@sics.se> + + * init_c.c (_kadm5_c_init_context): use `krb5_get_krb_admin_hst'. + check return value from strdup + +1999-09-26 Assar Westerlund <assar@sics.se> + + * acl.c (_kadm5_privs_to_string): forgot one strcpy_truncate -> + strlcpy + +1999-09-24 Johan Danielsson <joda@pdc.kth.se> + + * dump_log.c: remove unused `optind' + + * replay_log.c: remove unused `optind' + +1999-09-13 Assar Westerlund <assar@sics.se> + + * chpass_c.c (kadm5_c_chpass_principal): new _kadm5_client_recv + + * send_recv.c (_kadm5_client_recv): return result in a `krb5_data' + so that we avoid copying it and don't need to dimension in + advance. change all callers. + +1999-09-10 Assar Westerlund <assar@sics.se> + + * password_quality.c: new file + + * admin.h + (kadm5_setup_passwd_quality_check,kadm5_check_password_quality): + add prototypes + + * Makefile.am (S_SOURCES): add password_quality.c + +1999-07-26 Assar Westerlund <assar@sics.se> + + * Makefile.am: update versions to 2:0:1 + +1999-07-24 Assar Westerlund <assar@sics.se> + + * ent_setup.c (_kadm5_setup_entry): make princ_expire_time == 0 + and pw_expiration == 0 mean never + +1999-07-22 Assar Westerlund <assar@sics.se> + + * log.c (kadm5_log_flush): extra cast + +1999-07-07 Assar Westerlund <assar@sics.se> + + * marshall.c (store_principal_ent): encoding princ_expire_time and + pw_expiration in correct order + +1999-06-28 Assar Westerlund <assar@sics.se> + + * randkey_s.c (kadm5_s_randkey_principal): nuke old mkvno, + otherwise hdb will think that the new random keys are already + encrypted which will cause lots of confusion later. + +1999-06-23 Assar Westerlund <assar@sics.se> + + * ent_setup.c (_kadm5_setup_entry): handle 0 == unlimited + correctly. From Michal Vocu <michal@karlin.mff.cuni.cz> + +1999-06-15 Assar Westerlund <assar@sics.se> + + * init_c.c (get_cred_cache): use get_default_username + +1999-05-23 Assar Westerlund <assar@sics.se> + + * create_s.c (create_principal): if there's no default entry the + mask should be zero. + +1999-05-21 Assar Westerlund <assar@sics.se> + + * init_c.c (get_cred_cache): use $USERNAME + +1999-05-17 Johan Danielsson <joda@pdc.kth.se> + + * init_c.c (get_cred_cache): figure out principal + +1999-05-05 Johan Danielsson <joda@pdc.kth.se> + + * send_recv.c: cleanup _kadm5_client_{send,recv} + +1999-05-04 Assar Westerlund <assar@sics.se> + + * set_keys.c (_kadm5_set_keys2): don't check the recently created + memory for NULL pointers + + * private.h (_kadm5_setup_entry): change prototype + + * modify_s.c: call new _kadm5_setup_entry + + * ent_setup.c (_kadm5_setup_entry): change so that it takes three + masks, one for what bits to set and one for each of principal and + def containing the bits that are set there. + + * create_s.c: call new _kadm5_setup_entry + + * create_s.c (get_default): check return value + (create_principal): send wider mask to _kadm5_setup_entry + +1999-05-04 Johan Danielsson <joda@pdc.kth.se> + + * send_recv.c (_kadm5_client_recv): handle arbitrarily sized + packets, check for errors + + * get_c.c: check for failure from _kadm5_client_{send,recv} + +1999-05-04 Assar Westerlund <assar@sics.se> + + * init_c.c (get_new_cache): don't abort when interrupted from + password prompt + + * destroy_c.c (kadm5_c_destroy): check if we should destroy the + auth context + +1999-05-03 Johan Danielsson <joda@pdc.kth.se> + + * chpass_s.c: fix arguments to _kadm5_set_keys2 + + * private.h: proto + + * set_keys.c: clear mkvno + + * rename_s.c: add flags to fetch and store; seal keys before + logging + + * randkey_s.c: add flags to fetch and store; seal keys before + logging + + * modify_s.c: add flags to fetch and store; seal keys before + logging + + * log.c: add flags to fetch and store; seal keys before logging + + * get_s.c: add flags to fetch and store; seal keys before logging + + * get_princs_s.c: add flags to fetch and store; seal keys before + logging + + * delete_s.c: add flags to fetch and store; seal keys before + logging + + * create_s.c: add flags to fetch and store; seal keys before + logging + + * chpass_s.c: add flags to fetch and store; seal keys before + logging + + * Makefile.am: remove server.c + + * admin.h: add prototypes + + * ent_setup.c (_kadm5_setup_entry): set key_data + + * set_keys.c: add _kadm5_set_keys2 to sey keys from key_data + + * modify_s.c: add kadm5_s_modify_principal_with_key + + * create_s.c: add kadm5_s_create_principal_with_key + + * chpass_s.c: add kadm5_s_chpass_principal_with_key + + * kadm5_locl.h: move stuff to private.h + + * private.h: move stuff from kadm5_locl.h +
\ No newline at end of file diff --git a/crypto/heimdal/lib/kadm5/Makefile.am b/crypto/heimdal/lib/kadm5/Makefile.am new file mode 100644 index 0000000..4e043f7 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/Makefile.am @@ -0,0 +1,110 @@ +# $Id: Makefile.am,v 1.32 2000/01/06 21:53:30 assar Exp $ + +include $(top_srcdir)/Makefile.am.common + +lib_LTLIBRARIES = libkadm5srv.la libkadm5clnt.la +libkadm5srv_la_LDFLAGS = -version-info 5:1:0 +libkadm5clnt_la_LDFLAGS = -version-info 4:1:0 +sbin_PROGRAMS = dump_log replay_log + +libexec_PROGRAMS = ipropd-master ipropd-slave + +kadm5includedir = $(includedir)/kadm5 +buildkadm5include = $(buildinclude)/kadm5 + +kadm5include_HEADERS = kadm5_err.h admin.h private.h + +install-build-headers:: $(kadm5include_HEADERS) + @foo='$(kadm5include_HEADERS)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildkadm5include)/$$f 2> /dev/null ; then \ + : ; else \ + echo "cp $$file $(buildkadm5include)/$$f";\ + cp $$file $(buildkadm5include)/$$f; \ + fi ; \ + done + +C_SOURCES = \ + admin.h \ + chpass_c.c \ + common_glue.c \ + create_c.c \ + delete_c.c \ + destroy_c.c \ + flush_c.c \ + free.c \ + get_c.c \ + get_princs_c.c \ + init_c.c \ + kadm5_err.c \ + kadm5_locl.h \ + marshall.c \ + modify_c.c \ + private.h \ + privs_c.c \ + randkey_c.c \ + rename_c.c \ + send_recv.c + +S_SOURCES = \ + acl.c \ + admin.h \ + chpass_s.c \ + common_glue.c \ + context_s.c \ + create_s.c \ + delete_s.c \ + destroy_s.c \ + ent_setup.c \ + error.c \ + flush_s.c \ + free.c \ + get_princs_s.c \ + get_s.c \ + init_s.c \ + kadm5_err.c \ + kadm5_locl.h \ + log.c \ + marshall.c \ + modify_s.c \ + private.h \ + privs_s.c \ + randkey_s.c \ + rename_s.c \ + set_keys.c \ + set_modifier.c \ + password_quality.c + +libkadm5srv_la_SOURCES = $(S_SOURCES) server_glue.c +libkadm5clnt_la_SOURCES = $(C_SOURCES) client_glue.c + +dump_log_SOURCES = dump_log.c kadm5_locl.h + +replay_log_SOURCES = replay_log.c kadm5_locl.h + +ipropd_master_SOURCES = ipropd_master.c iprop.h kadm5_locl.h + +ipropd_slave_SOURCES = ipropd_slave.c iprop.h kadm5_locl.h + +LDADD = \ + libkadm5srv.la \ + $(top_builddir)/lib/hdb/libhdb.la \ + $(top_builddir)/lib/krb5/libkrb5.la \ + $(top_builddir)/lib/asn1/libasn1.la \ + $(top_builddir)/lib/des/libdes.la \ + $(LIB_roken) \ + $(DBLIB) \ + $(LIB_dlopen) + +CLEANFILES = kadm5_err.c kadm5_err.h + +$(libkadm5srv_la_OBJECTS): kadm5_err.h + +client_glue.lo server_glue.lo: $(srcdir)/common_glue.c + +# to help stupid solaris make + +kadm5_err.h: kadm5_err.et diff --git a/crypto/heimdal/lib/kadm5/Makefile.in b/crypto/heimdal/lib/kadm5/Makefile.in new file mode 100644 index 0000000..0872ca9 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/Makefile.in @@ -0,0 +1,812 @@ +# Makefile.in generated automatically by automake 1.4 from Makefile.am + +# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +# $Id: Makefile.am,v 1.32 2000/01/06 21:53:30 assar Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ + + +SHELL = @SHELL@ + +srcdir = @srcdir@ +top_srcdir = @top_srcdir@ +VPATH = @srcdir@ +prefix = @prefix@ +exec_prefix = @exec_prefix@ + +bindir = @bindir@ +sbindir = @sbindir@ +libexecdir = @libexecdir@ +datadir = @datadir@ +sysconfdir = @sysconfdir@ +sharedstatedir = @sharedstatedir@ +localstatedir = @localstatedir@ +libdir = @libdir@ +infodir = @infodir@ +mandir = @mandir@ +includedir = @includedir@ +oldincludedir = /usr/include + +DESTDIR = + +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ + +top_builddir = ../.. + +ACLOCAL = @ACLOCAL@ +AUTOCONF = @AUTOCONF@ +AUTOMAKE = @AUTOMAKE@ +AUTOHEADER = @AUTOHEADER@ + +INSTALL = @INSTALL@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +transform = @program_transform_name@ + +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +host_alias = @host_alias@ +host_triplet = @host@ +AFS_EXTRA_LD = @AFS_EXTRA_LD@ +AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AWK = @AWK@ +CANONICAL_HOST = @CANONICAL_HOST@ +CATMAN = @CATMAN@ +CATMANEXT = @CATMANEXT@ +CC = @CC@ +DBLIB = @DBLIB@ +EXEEXT = @EXEEXT@ +EXTRA_LIB45 = @EXTRA_LIB45@ +GROFF = @GROFF@ +INCLUDE_ = @INCLUDE_@ +LD = @LD@ +LEX = @LEX@ +LIBOBJS = @LIBOBJS@ +LIBTOOL = @LIBTOOL@ +LIB_ = @LIB_@ +LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_kdb = @LIB_kdb@ +LIB_otp = @LIB_otp@ +LIB_roken = @LIB_roken@ +LIB_security = @LIB_security@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ +MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ +MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ +NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ +NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ +NM = @NM@ +NROFF = @NROFF@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +RANLIB = @RANLIB@ +VERSION = @VERSION@ +VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ +WFLAGS = @WFLAGS@ +WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ +WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ +YACC = @YACC@ + +AUTOMAKE_OPTIONS = foreign no-dependencies + +SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x + +INCLUDES = -I$(top_builddir)/include + +AM_CFLAGS = $(WFLAGS) + +COMPILE_ET = $(top_builddir)/lib/com_err/compile_et + +buildinclude = $(top_builddir)/include + +LIB_XauReadAuth = @LIB_XauReadAuth@ +LIB_crypt = @LIB_crypt@ +LIB_dbm_firstkey = @LIB_dbm_firstkey@ +LIB_dbopen = @LIB_dbopen@ +LIB_dlopen = @LIB_dlopen@ +LIB_dn_expand = @LIB_dn_expand@ +LIB_el_init = @LIB_el_init@ +LIB_getattr = @LIB_getattr@ +LIB_gethostbyname = @LIB_gethostbyname@ +LIB_getpwent_r = @LIB_getpwent_r@ +LIB_getpwnam_r = @LIB_getpwnam_r@ +LIB_getsockopt = @LIB_getsockopt@ +LIB_logout = @LIB_logout@ +LIB_logwtmp = @LIB_logwtmp@ +LIB_odm_initialize = @LIB_odm_initialize@ +LIB_readline = @LIB_readline@ +LIB_res_search = @LIB_res_search@ +LIB_setpcred = @LIB_setpcred@ +LIB_setsockopt = @LIB_setsockopt@ +LIB_socket = @LIB_socket@ +LIB_syslog = @LIB_syslog@ +LIB_tgetent = @LIB_tgetent@ + +HESIODLIB = @HESIODLIB@ +HESIODINCLUDE = @HESIODINCLUDE@ +INCLUDE_hesiod = @INCLUDE_hesiod@ +LIB_hesiod = @LIB_hesiod@ + +INCLUDE_krb4 = @INCLUDE_krb4@ +LIB_krb4 = @LIB_krb4@ + +INCLUDE_readline = @INCLUDE_readline@ + +LEXLIB = @LEXLIB@ + +cat1dir = $(mandir)/cat1 +cat3dir = $(mandir)/cat3 +cat5dir = $(mandir)/cat5 +cat8dir = $(mandir)/cat8 + +MANRX = \(.*\)\.\([0-9]\) +CATSUFFIX = @CATSUFFIX@ + +NROFF_MAN = groff -mandoc -Tascii + +@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) + +@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la + +CHECK_LOCAL = $(PROGRAMS) + +lib_LTLIBRARIES = libkadm5srv.la libkadm5clnt.la +libkadm5srv_la_LDFLAGS = -version-info 5:1:0 +libkadm5clnt_la_LDFLAGS = -version-info 4:1:0 +sbin_PROGRAMS = dump_log replay_log + +libexec_PROGRAMS = ipropd-master ipropd-slave + +kadm5includedir = $(includedir)/kadm5 +buildkadm5include = $(buildinclude)/kadm5 + +kadm5include_HEADERS = kadm5_err.h admin.h private.h + +C_SOURCES = admin.h chpass_c.c common_glue.c create_c.c delete_c.c destroy_c.c flush_c.c free.c get_c.c get_princs_c.c init_c.c kadm5_err.c kadm5_locl.h marshall.c modify_c.c private.h privs_c.c randkey_c.c rename_c.c send_recv.c + + +S_SOURCES = acl.c admin.h chpass_s.c common_glue.c context_s.c create_s.c delete_s.c destroy_s.c ent_setup.c error.c flush_s.c free.c get_princs_s.c get_s.c init_s.c kadm5_err.c kadm5_locl.h log.c marshall.c modify_s.c private.h privs_s.c randkey_s.c rename_s.c set_keys.c set_modifier.c password_quality.c + + +libkadm5srv_la_SOURCES = $(S_SOURCES) server_glue.c +libkadm5clnt_la_SOURCES = $(C_SOURCES) client_glue.c + +dump_log_SOURCES = dump_log.c kadm5_locl.h + +replay_log_SOURCES = replay_log.c kadm5_locl.h + +ipropd_master_SOURCES = ipropd_master.c iprop.h kadm5_locl.h + +ipropd_slave_SOURCES = ipropd_slave.c iprop.h kadm5_locl.h + +LDADD = libkadm5srv.la $(top_builddir)/lib/hdb/libhdb.la $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la $(top_builddir)/lib/des/libdes.la $(LIB_roken) $(DBLIB) $(LIB_dlopen) + + +CLEANFILES = kadm5_err.c kadm5_err.h +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = ../../include/config.h +CONFIG_CLEAN_FILES = +LTLIBRARIES = $(lib_LTLIBRARIES) + + +DEFS = @DEFS@ -I. -I$(srcdir) -I../../include +CPPFLAGS = @CPPFLAGS@ +LDFLAGS = @LDFLAGS@ +LIBS = @LIBS@ +X_CFLAGS = @X_CFLAGS@ +X_LIBS = @X_LIBS@ +X_EXTRA_LIBS = @X_EXTRA_LIBS@ +X_PRE_LIBS = @X_PRE_LIBS@ +libkadm5srv_la_LIBADD = +libkadm5srv_la_OBJECTS = acl.lo chpass_s.lo common_glue.lo context_s.lo \ +create_s.lo delete_s.lo destroy_s.lo ent_setup.lo error.lo flush_s.lo \ +free.lo get_princs_s.lo get_s.lo init_s.lo kadm5_err.lo log.lo \ +marshall.lo modify_s.lo privs_s.lo randkey_s.lo rename_s.lo set_keys.lo \ +set_modifier.lo password_quality.lo server_glue.lo +libkadm5clnt_la_LIBADD = +libkadm5clnt_la_OBJECTS = chpass_c.lo common_glue.lo create_c.lo \ +delete_c.lo destroy_c.lo flush_c.lo free.lo get_c.lo get_princs_c.lo \ +init_c.lo kadm5_err.lo marshall.lo modify_c.lo privs_c.lo randkey_c.lo \ +rename_c.lo send_recv.lo client_glue.lo +libexec_PROGRAMS = ipropd-master$(EXEEXT) ipropd-slave$(EXEEXT) +sbin_PROGRAMS = dump_log$(EXEEXT) replay_log$(EXEEXT) +PROGRAMS = $(libexec_PROGRAMS) $(sbin_PROGRAMS) + +ipropd_master_OBJECTS = ipropd_master.$(OBJEXT) +ipropd_master_LDADD = $(LDADD) +ipropd_master_DEPENDENCIES = libkadm5srv.la \ +$(top_builddir)/lib/hdb/libhdb.la $(top_builddir)/lib/krb5/libkrb5.la \ +$(top_builddir)/lib/asn1/libasn1.la $(top_builddir)/lib/des/libdes.la +ipropd_master_LDFLAGS = +ipropd_slave_OBJECTS = ipropd_slave.$(OBJEXT) +ipropd_slave_LDADD = $(LDADD) +ipropd_slave_DEPENDENCIES = libkadm5srv.la \ +$(top_builddir)/lib/hdb/libhdb.la $(top_builddir)/lib/krb5/libkrb5.la \ +$(top_builddir)/lib/asn1/libasn1.la $(top_builddir)/lib/des/libdes.la +ipropd_slave_LDFLAGS = +dump_log_OBJECTS = dump_log.$(OBJEXT) +dump_log_LDADD = $(LDADD) +dump_log_DEPENDENCIES = libkadm5srv.la \ +$(top_builddir)/lib/hdb/libhdb.la $(top_builddir)/lib/krb5/libkrb5.la \ +$(top_builddir)/lib/asn1/libasn1.la $(top_builddir)/lib/des/libdes.la +dump_log_LDFLAGS = +replay_log_OBJECTS = replay_log.$(OBJEXT) +replay_log_LDADD = $(LDADD) +replay_log_DEPENDENCIES = libkadm5srv.la \ +$(top_builddir)/lib/hdb/libhdb.la $(top_builddir)/lib/krb5/libkrb5.la \ +$(top_builddir)/lib/asn1/libasn1.la $(top_builddir)/lib/des/libdes.la +replay_log_LDFLAGS = +CFLAGS = @CFLAGS@ +COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +HEADERS = $(kadm5include_HEADERS) + +DIST_COMMON = ChangeLog Makefile.am Makefile.in + + +DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) + +TAR = tar +GZIP_ENV = --best +SOURCES = $(libkadm5srv_la_SOURCES) $(libkadm5clnt_la_SOURCES) $(ipropd_master_SOURCES) $(ipropd_slave_SOURCES) $(dump_log_SOURCES) $(replay_log_SOURCES) +OBJECTS = $(libkadm5srv_la_OBJECTS) $(libkadm5clnt_la_OBJECTS) $(ipropd_master_OBJECTS) $(ipropd_slave_OBJECTS) $(dump_log_OBJECTS) $(replay_log_OBJECTS) + +all: all-redirect +.SUFFIXES: +.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .s .x +$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common + cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/kadm5/Makefile + +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + cd $(top_builddir) \ + && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status + + +mostlyclean-libLTLIBRARIES: + +clean-libLTLIBRARIES: + -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) + +distclean-libLTLIBRARIES: + +maintainer-clean-libLTLIBRARIES: + +install-libLTLIBRARIES: $(lib_LTLIBRARIES) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(libdir) + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + echo "$(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p"; \ + $(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p; \ + else :; fi; \ + done + +uninstall-libLTLIBRARIES: + @$(NORMAL_UNINSTALL) + list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \ + done + +.c.o: + $(COMPILE) -c $< + +# FIXME: We should only use cygpath when building on Windows, +# and only if it is available. +.c.obj: + $(COMPILE) -c `cygpath -w $<` + +.s.o: + $(COMPILE) -c $< + +.S.o: + $(COMPILE) -c $< + +mostlyclean-compile: + -rm -f *.o core *.core + -rm -f *.$(OBJEXT) + +clean-compile: + +distclean-compile: + -rm -f *.tab.c + +maintainer-clean-compile: + +.c.lo: + $(LIBTOOL) --mode=compile $(COMPILE) -c $< + +.s.lo: + $(LIBTOOL) --mode=compile $(COMPILE) -c $< + +.S.lo: + $(LIBTOOL) --mode=compile $(COMPILE) -c $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +distclean-libtool: + +maintainer-clean-libtool: + +libkadm5srv.la: $(libkadm5srv_la_OBJECTS) $(libkadm5srv_la_DEPENDENCIES) + $(LINK) -rpath $(libdir) $(libkadm5srv_la_LDFLAGS) $(libkadm5srv_la_OBJECTS) $(libkadm5srv_la_LIBADD) $(LIBS) + +libkadm5clnt.la: $(libkadm5clnt_la_OBJECTS) $(libkadm5clnt_la_DEPENDENCIES) + $(LINK) -rpath $(libdir) $(libkadm5clnt_la_LDFLAGS) $(libkadm5clnt_la_OBJECTS) $(libkadm5clnt_la_LIBADD) $(LIBS) + +mostlyclean-libexecPROGRAMS: + +clean-libexecPROGRAMS: + -test -z "$(libexec_PROGRAMS)" || rm -f $(libexec_PROGRAMS) + +distclean-libexecPROGRAMS: + +maintainer-clean-libexecPROGRAMS: + +install-libexecPROGRAMS: $(libexec_PROGRAMS) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(libexecdir) + @list='$(libexec_PROGRAMS)'; for p in $$list; do \ + if test -f $$p; then \ + echo " $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(libexecdir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`"; \ + $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(libexecdir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \ + else :; fi; \ + done + +uninstall-libexecPROGRAMS: + @$(NORMAL_UNINSTALL) + list='$(libexec_PROGRAMS)'; for p in $$list; do \ + rm -f $(DESTDIR)$(libexecdir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \ + done + +mostlyclean-sbinPROGRAMS: + +clean-sbinPROGRAMS: + -test -z "$(sbin_PROGRAMS)" || rm -f $(sbin_PROGRAMS) + +distclean-sbinPROGRAMS: + +maintainer-clean-sbinPROGRAMS: + +install-sbinPROGRAMS: $(sbin_PROGRAMS) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(sbindir) + @list='$(sbin_PROGRAMS)'; for p in $$list; do \ + if test -f $$p; then \ + echo " $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(sbindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`"; \ + $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(sbindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \ + else :; fi; \ + done + +uninstall-sbinPROGRAMS: + @$(NORMAL_UNINSTALL) + list='$(sbin_PROGRAMS)'; for p in $$list; do \ + rm -f $(DESTDIR)$(sbindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \ + done + +ipropd-master$(EXEEXT): $(ipropd_master_OBJECTS) $(ipropd_master_DEPENDENCIES) + @rm -f ipropd-master$(EXEEXT) + $(LINK) $(ipropd_master_LDFLAGS) $(ipropd_master_OBJECTS) $(ipropd_master_LDADD) $(LIBS) + +ipropd-slave$(EXEEXT): $(ipropd_slave_OBJECTS) $(ipropd_slave_DEPENDENCIES) + @rm -f ipropd-slave$(EXEEXT) + $(LINK) $(ipropd_slave_LDFLAGS) $(ipropd_slave_OBJECTS) $(ipropd_slave_LDADD) $(LIBS) + +dump_log$(EXEEXT): $(dump_log_OBJECTS) $(dump_log_DEPENDENCIES) + @rm -f dump_log$(EXEEXT) + $(LINK) $(dump_log_LDFLAGS) $(dump_log_OBJECTS) $(dump_log_LDADD) $(LIBS) + +replay_log$(EXEEXT): $(replay_log_OBJECTS) $(replay_log_DEPENDENCIES) + @rm -f replay_log$(EXEEXT) + $(LINK) $(replay_log_LDFLAGS) $(replay_log_OBJECTS) $(replay_log_LDADD) $(LIBS) + +install-kadm5includeHEADERS: $(kadm5include_HEADERS) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(kadm5includedir) + @list='$(kadm5include_HEADERS)'; for p in $$list; do \ + if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \ + echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(kadm5includedir)/$$p"; \ + $(INSTALL_DATA) $$d$$p $(DESTDIR)$(kadm5includedir)/$$p; \ + done + +uninstall-kadm5includeHEADERS: + @$(NORMAL_UNINSTALL) + list='$(kadm5include_HEADERS)'; for p in $$list; do \ + rm -f $(DESTDIR)$(kadm5includedir)/$$p; \ + done + +tags: TAGS + +ID: $(HEADERS) $(SOURCES) $(LISP) + list='$(SOURCES) $(HEADERS)'; \ + unique=`for i in $$list; do echo $$i; done | \ + awk ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + here=`pwd` && cd $(srcdir) \ + && mkid -f$$here/ID $$unique $(LISP) + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS)'; \ + unique=`for i in $$list; do echo $$i; done | \ + awk ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ + || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS) + +mostlyclean-tags: + +clean-tags: + +distclean-tags: + -rm -f TAGS ID + +maintainer-clean-tags: + +distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) + +subdir = lib/kadm5 + +distdir: $(DISTFILES) + @for file in $(DISTFILES); do \ + d=$(srcdir); \ + if test -d $$d/$$file; then \ + cp -pr $$/$$file $(distdir)/$$file; \ + else \ + test -f $(distdir)/$$file \ + || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ + || cp -p $$d/$$file $(distdir)/$$file || :; \ + fi; \ + done + $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook +info-am: +info: info-am +dvi-am: +dvi: dvi-am +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) check-local +check: check-am +installcheck-am: +installcheck: installcheck-am +install-exec-am: install-libLTLIBRARIES install-libexecPROGRAMS \ + install-sbinPROGRAMS + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-exec-hook +install-exec: install-exec-am + +install-data-am: install-kadm5includeHEADERS install-data-local +install-data: install-data-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am +install: install-am +uninstall-am: uninstall-libLTLIBRARIES uninstall-libexecPROGRAMS \ + uninstall-sbinPROGRAMS uninstall-kadm5includeHEADERS +uninstall: uninstall-am +all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(HEADERS) all-local +all-redirect: all-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install +installdirs: + $(mkinstalldirs) $(DESTDIR)$(libdir) $(DESTDIR)$(libexecdir) \ + $(DESTDIR)$(sbindir) $(DESTDIR)$(kadm5includedir) + + +mostlyclean-generic: + +clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) + +distclean-generic: + -rm -f Makefile $(CONFIG_CLEAN_FILES) + -rm -f config.cache config.log stamp-h stamp-h[0-9]* + +maintainer-clean-generic: +mostlyclean-am: mostlyclean-libLTLIBRARIES mostlyclean-compile \ + mostlyclean-libtool mostlyclean-libexecPROGRAMS \ + mostlyclean-sbinPROGRAMS mostlyclean-tags \ + mostlyclean-generic + +mostlyclean: mostlyclean-am + +clean-am: clean-libLTLIBRARIES clean-compile clean-libtool \ + clean-libexecPROGRAMS clean-sbinPROGRAMS clean-tags \ + clean-generic mostlyclean-am + +clean: clean-am + +distclean-am: distclean-libLTLIBRARIES distclean-compile \ + distclean-libtool distclean-libexecPROGRAMS \ + distclean-sbinPROGRAMS distclean-tags distclean-generic \ + clean-am + -rm -f libtool + +distclean: distclean-am + +maintainer-clean-am: maintainer-clean-libLTLIBRARIES \ + maintainer-clean-compile maintainer-clean-libtool \ + maintainer-clean-libexecPROGRAMS \ + maintainer-clean-sbinPROGRAMS maintainer-clean-tags \ + maintainer-clean-generic distclean-am + @echo "This command is intended for maintainers to use;" + @echo "it deletes files that may require special tools to rebuild." + +maintainer-clean: maintainer-clean-am + +.PHONY: mostlyclean-libLTLIBRARIES distclean-libLTLIBRARIES \ +clean-libLTLIBRARIES maintainer-clean-libLTLIBRARIES \ +uninstall-libLTLIBRARIES install-libLTLIBRARIES mostlyclean-compile \ +distclean-compile clean-compile maintainer-clean-compile \ +mostlyclean-libtool distclean-libtool clean-libtool \ +maintainer-clean-libtool mostlyclean-libexecPROGRAMS \ +distclean-libexecPROGRAMS clean-libexecPROGRAMS \ +maintainer-clean-libexecPROGRAMS uninstall-libexecPROGRAMS \ +install-libexecPROGRAMS mostlyclean-sbinPROGRAMS distclean-sbinPROGRAMS \ +clean-sbinPROGRAMS maintainer-clean-sbinPROGRAMS uninstall-sbinPROGRAMS \ +install-sbinPROGRAMS uninstall-kadm5includeHEADERS \ +install-kadm5includeHEADERS tags mostlyclean-tags distclean-tags \ +clean-tags maintainer-clean-tags distdir info-am info dvi-am dvi \ +check-local check check-am installcheck-am installcheck install-exec-am \ +install-exec install-data-local install-data-am install-data install-am \ +install uninstall-am uninstall all-local all-redirect all-am all \ +installdirs mostlyclean-generic distclean-generic clean-generic \ +maintainer-clean-generic clean mostlyclean distclean maintainer-clean + + +install-suid-programs: + @foo='$(bin_SUIDS)'; \ + for file in $$foo; do \ + x=$(DESTDIR)$(bindir)/$$file; \ + if chown 0:0 $$x && chmod u+s $$x; then :; else \ + chmod 0 $$x; fi; done + +install-exec-hook: install-suid-programs + +install-build-headers:: $(include_HEADERS) $(build_HEADERZ) + @foo='$(include_HEADERS) $(build_HEADERZ)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " cp $$file $(buildinclude)/$$f"; \ + cp $$file $(buildinclude)/$$f; \ + fi ; \ + done + +all-local: install-build-headers +#NROFF_MAN = nroff -man +.1.cat1: + $(NROFF_MAN) $< > $@ +.3.cat3: + $(NROFF_MAN) $< > $@ +.5.cat5: + $(NROFF_MAN) $< > $@ +.8.cat8: + $(NROFF_MAN) $< > $@ + +dist-cat1-mans: + @foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat3-mans: + @foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat5-mans: + @foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat8-mans: + @foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans + +install-cat1-mans: + @ext=1;\ + foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat3-mans: + @ext=3;\ + foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat5-mans: + @ext=5;\ + foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat8-mans: + @ext=8;\ + foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans + +install-data-local: install-cat-mans + +.et.h: + $(COMPILE_ET) $< +.et.c: + $(COMPILE_ET) $< + +.x.c: + @cmp -s $< $@ 2> /dev/null || cp $< $@ + +check-local:: + @foo='$(CHECK_LOCAL)'; \ + if test "$$foo"; then \ + failed=0; all=0; \ + for i in $$foo; do \ + all=`expr $$all + 1`; \ + if ./$$i --version > /dev/null 2>&1; then \ + echo "PASS: $$i"; \ + else \ + echo "FAIL: $$i"; \ + failed=`expr $$failed + 1`; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0; \ + fi + +install-build-headers:: $(kadm5include_HEADERS) + @foo='$(kadm5include_HEADERS)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildkadm5include)/$$f 2> /dev/null ; then \ + : ; else \ + echo "cp $$file $(buildkadm5include)/$$f";\ + cp $$file $(buildkadm5include)/$$f; \ + fi ; \ + done + +$(libkadm5srv_la_OBJECTS): kadm5_err.h + +client_glue.lo server_glue.lo: $(srcdir)/common_glue.c + +# to help stupid solaris make + +kadm5_err.h: kadm5_err.et + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/crypto/heimdal/lib/kadm5/acl.c b/crypto/heimdal/lib/kadm5/acl.c new file mode 100644 index 0000000..3f42c60 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/acl.c @@ -0,0 +1,138 @@ +/* + * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: acl.c,v 1.10 1999/12/02 17:05:05 joda Exp $"); + +static struct units acl_units[] = { + { "all", KADM5_PRIV_ALL }, + { "change-password",KADM5_PRIV_CPW }, + { "cpw", KADM5_PRIV_CPW }, + { "list", KADM5_PRIV_LIST }, + { "delete", KADM5_PRIV_DELETE }, + { "modify", KADM5_PRIV_MODIFY }, + { "add", KADM5_PRIV_ADD }, + { "get", KADM5_PRIV_GET }, + { NULL } +}; + +kadm5_ret_t +_kadm5_string_to_privs(const char *s, u_int32_t* privs) +{ + int flags; + flags = parse_flags(s, acl_units, 0); + if(flags < 0) + return KADM5_FAILURE; + *privs = flags; + return 0; +} + +kadm5_ret_t +_kadm5_privs_to_string(u_int32_t privs, char *string, size_t len) +{ + if(privs == 0) + strlcpy(string, "none", len); + else + unparse_flags(privs, acl_units + 1, string, len); + return 0; +} + +kadm5_ret_t +_kadm5_acl_init(kadm5_server_context *context) +{ + FILE *f; + char buf[128]; + krb5_principal princ; + int flags; + krb5_error_code ret; + + krb5_parse_name(context->context, KADM5_ADMIN_SERVICE, &princ); + ret = krb5_principal_compare(context->context, context->caller, princ); + krb5_free_principal(context->context, princ); + if(ret != 0){ + context->acl_flags = KADM5_PRIV_ALL; + return 0; + } + + flags = -1; + f = fopen(context->config.acl_file, "r"); + if(f){ + while(fgets(buf, sizeof(buf), f)){ + char *foo = NULL, *p; + p = strtok_r(buf, " \t\n", &foo); + if(p == NULL) + continue; + ret = krb5_parse_name(context->context, p, &princ); + if(ret) + continue; + if(!krb5_principal_compare(context->context, + context->caller, princ)){ + krb5_free_principal(context->context, princ); + continue; + } + krb5_free_principal(context->context, princ); + p = strtok_r(NULL, "\n", &foo); + if(p == NULL) + continue; + ret = _kadm5_string_to_privs(p, &flags); + break; + } + fclose(f); + } + if(flags == -1) + flags = 0; + context->acl_flags = flags; + return 0; +} + +kadm5_ret_t +_kadm5_acl_check_permission(kadm5_server_context *context, unsigned op) +{ + unsigned res = ~context->acl_flags & op; + if(res & KADM5_PRIV_GET) + return KADM5_AUTH_GET; + if(res & KADM5_PRIV_ADD) + return KADM5_AUTH_ADD; + if(res & KADM5_PRIV_MODIFY) + return KADM5_AUTH_MODIFY; + if(res & KADM5_PRIV_DELETE) + return KADM5_AUTH_DELETE; + if(res & KADM5_PRIV_CPW) + return KADM5_AUTH_CHANGEPW; + if(res & KADM5_PRIV_LIST) + return KADM5_AUTH_LIST; + if(res) + return KADM5_AUTH_INSUFFICIENT; + return 0; +} diff --git a/crypto/heimdal/lib/kadm5/admin.h b/crypto/heimdal/lib/kadm5/admin.h new file mode 100644 index 0000000..6cb08a3 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/admin.h @@ -0,0 +1,698 @@ +/* + * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ +/* $Id: admin.h,v 1.15 1999/12/02 17:05:05 joda Exp $ */ + +#ifndef __KADM5_ADMIN_H__ +#define __KADM5_ADMIN_H__ + +#define KADM5_API_VERSION_1 1 +#define KADM5_API_VERSION_2 2 + +#ifndef USE_KADM5_API_VERSION +#define USE_KADM5_API_VERSION KADM5_API_VERSION_2 +#endif + +#if USE_KADM5_API_VERSION != KADM5_API_VERSION_2 +#error No support for API versions other than 2 +#endif + +#define KADM5_STRUCT_VERSION 0 + +#include <krb5.h> + +#define KRB5_KDB_DISALLOW_POSTDATED 0x00000001 +#define KRB5_KDB_DISALLOW_FORWARDABLE 0x00000002 +#define KRB5_KDB_DISALLOW_TGT_BASED 0x00000004 +#define KRB5_KDB_DISALLOW_RENEWABLE 0x00000008 +#define KRB5_KDB_DISALLOW_PROXIABLE 0x00000010 +#define KRB5_KDB_DISALLOW_DUP_SKEY 0x00000020 +#define KRB5_KDB_DISALLOW_ALL_TIX 0x00000040 +#define KRB5_KDB_REQUIRES_PRE_AUTH 0x00000080 +#define KRB5_KDB_REQUIRES_HW_AUTH 0x00000100 +#define KRB5_KDB_REQUIRES_PWCHANGE 0x00000200 +#define KRB5_KDB_DISALLOW_SVR 0x00001000 +#define KRB5_KDB_PWCHANGE_SERVICE 0x00002000 +#define KRB5_KDB_SUPPORT_DESMD5 0x00004000 +#define KRB5_KDB_NEW_PRINC 0x00008000 + +#define KADM5_PRINCIPAL 0x000001 +#define KADM5_PRINC_EXPIRE_TIME 0x000002 +#define KADM5_PW_EXPIRATION 0x000004 +#define KADM5_LAST_PWD_CHANGE 0x000008 +#define KADM5_ATTRIBUTES 0x000010 +#define KADM5_MAX_LIFE 0x000020 +#define KADM5_MOD_TIME 0x000040 +#define KADM5_MOD_NAME 0x000080 +#define KADM5_KVNO 0x000100 +#define KADM5_MKVNO 0x000200 +#define KADM5_AUX_ATTRIBUTES 0x000400 +#define KADM5_POLICY 0x000800 +#define KADM5_POLICY_CLR 0x001000 +#define KADM5_MAX_RLIFE 0x002000 +#define KADM5_LAST_SUCCESS 0x004000 +#define KADM5_LAST_FAILED 0x008000 +#define KADM5_FAIL_AUTH_COUNT 0x010000 +#define KADM5_KEY_DATA 0x020000 +#define KADM5_TL_DATA 0x040000 + +#define KADM5_PRINCIPAL_NORMAL_MASK (~(KADM5_KEY_DATA | KADM5_TL_DATA)) + +#define KADM5_PW_MAX_LIFE 0x004000 +#define KADM5_PW_MIN_LIFE 0x008000 +#define KADM5_PW_MIN_LENGTH 0x010000 +#define KADM5_PW_MIN_CLASSES 0x020000 +#define KADM5_PW_HISTORY_NUM 0x040000 +#define KADM5_REF_COUNT 0x080000 + +#define KADM5_POLICY_NORMAL_MASK (~0) + +#define KADM5_ADMIN_SERVICE "kadmin/admin" +#define KADM5_HIST_PRINCIPAL "kadmin/history" +#define KADM5_CHANGEPW_SERVICE "kadmin/changepw" + +typedef struct _krb5_key_data { + int16_t key_data_ver; /* Version */ + int16_t key_data_kvno; /* Key Version */ + int16_t key_data_type[2]; /* Array of types */ + int16_t key_data_length[2]; /* Array of lengths */ + void** key_data_contents[2];/* Array of pointers */ +} krb5_key_data; + +typedef struct _krb5_tl_data { + struct _krb5_tl_data* tl_data_next; + int16_t tl_data_type; + int16_t tl_data_length; + void **tl_data_contents; +} krb5_tl_data; + +typedef struct _kadm5_principal_ent_t { + krb5_principal principal; + + krb5_timestamp princ_expire_time; + krb5_timestamp last_pwd_change; + krb5_timestamp pw_expiration; + krb5_deltat max_life; + krb5_principal mod_name; + krb5_timestamp mod_date; + krb5_flags attributes; + krb5_kvno kvno; + krb5_kvno mkvno; + + char * policy; + u_int32_t aux_attributes; + + krb5_deltat max_renewable_life; + krb5_timestamp last_success; + krb5_timestamp last_failed; + krb5_kvno fail_auth_count; + int16_t n_key_data; + int16_t n_tl_data; + krb5_tl_data *tl_data; + krb5_key_data *key_data; +} kadm5_principal_ent_rec, *kadm5_principal_ent_t; + +typedef struct _kadm5_policy_ent_t { + char *policy; + + u_int32_t pw_min_life; + u_int32_t pw_max_life; + u_int32_t pw_min_length; + u_int32_t pw_min_classes; + u_int32_t pw_history_num; + u_int32_t policy_refcnt; +} kadm5_policy_ent_rec, *kadm5_policy_ent_t; + +#define KADM5_CONFIG_REALM (1 << 0) +#define KADM5_CONFIG_PROFILE (1 << 1) +#define KADM5_CONFIG_KADMIND_PORT (1 << 2) +#define KADM5_CONFIG_ADMIN_SERVER (1 << 3) +#define KADM5_CONFIG_DBNAME (1 << 4) +#define KADM5_CONFIG_ADBNAME (1 << 5) +#define KADM5_CONFIG_ADB_LOCKFILE (1 << 6) +#define KADM5_CONFIG_ACL_FILE (1 << 7) +#define KADM5_CONFIG_DICT_FILE (1 << 8) +#define KADM5_CONFIG_ADMIN_KEYTAB (1 << 9) +#define KADM5_CONFIG_MKEY_FROM_KEYBOARD (1 << 10) +#define KADM5_CONFIG_STASH_FILE (1 << 11) +#define KADM5_CONFIG_MKEY_NAME (1 << 12) +#define KADM5_CONFIG_ENCTYPE (1 << 13) +#define KADM5_CONFIG_MAX_LIFE (1 << 14) +#define KADM5_CONFIG_MAX_RLIFE (1 << 15) +#define KADM5_CONFIG_EXPIRATION (1 << 16) +#define KADM5_CONFIG_FLAGS (1 << 17) +#define KADM5_CONFIG_ENCTYPES (1 << 18) + +#define KADM5_PRIV_GET (1 << 0) +#define KADM5_PRIV_ADD (1 << 1) +#define KADM5_PRIV_MODIFY (1 << 2) +#define KADM5_PRIV_DELETE (1 << 3) +#define KADM5_PRIV_LIST (1 << 4) +#define KADM5_PRIV_CPW (1 << 5) +#define KADM5_PRIV_ALL (KADM5_PRIV_GET | KADM5_PRIV_ADD | KADM5_PRIV_MODIFY | KADM5_PRIV_DELETE | KADM5_PRIV_LIST | KADM5_PRIV_CPW) + +typedef struct { + int XXX; +}krb5_key_salt_tuple; + +typedef struct _kadm5_config_params { + u_int32_t mask; + + /* Client and server fields */ + char *realm; + int kadmind_port; + + /* client fields */ + char *admin_server; + + /* server fields */ + char *dbname; + char *acl_file; + + /* server library (database) fields */ + char *stash_file; +} kadm5_config_params; + +typedef krb5_error_code kadm5_ret_t; + +kadm5_ret_t +kadm5_c_chpass_principal __P(( + void *server_handle, + krb5_principal princ, + char *password)); + +kadm5_ret_t +kadm5_c_create_principal __P(( + void *server_handle, + kadm5_principal_ent_t princ, + u_int32_t mask, + char *password)); + +kadm5_ret_t +kadm5_c_delete_principal __P(( + void *server_handle, + krb5_principal princ)); + +kadm5_ret_t +kadm5_c_destroy __P((void *server_handle)); + +kadm5_ret_t +kadm5_c_flush __P((void *server_handle)); + +kadm5_ret_t +kadm5_c_get_principal __P(( + void *server_handle, + krb5_principal princ, + kadm5_principal_ent_t out, + u_int32_t mask)); + +kadm5_ret_t +kadm5_c_get_principals __P(( + void *server_handle, + const char *exp, + char ***princs, + int *count)); + +kadm5_ret_t +kadm5_c_get_privs __P(( + void *server_handle, + u_int32_t *privs)); + +kadm5_ret_t +kadm5_c_init_with_creds __P(( + const char *client_name, + krb5_ccache ccache, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_c_init_with_creds_ctx __P(( + krb5_context context, + const char *client_name, + krb5_ccache ccache, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_c_init_with_password __P(( + const char *client_name, + const char *password, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_c_init_with_password_ctx __P(( + krb5_context context, + const char *client_name, + const char *password, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_c_init_with_skey __P(( + const char *client_name, + const char *keytab, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_c_init_with_skey_ctx __P(( + krb5_context context, + const char *client_name, + const char *keytab, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_c_modify_principal __P(( + void *server_handle, + kadm5_principal_ent_t princ, + u_int32_t mask)); + +kadm5_ret_t +kadm5_c_randkey_principal __P(( + void *server_handle, + krb5_principal princ, + krb5_keyblock **new_keys, + int *n_keys)); + +kadm5_ret_t +kadm5_c_rename_principal __P(( + void *server_handle, + krb5_principal source, + krb5_principal target)); + +kadm5_ret_t +kadm5_chpass_principal __P(( + void *server_handle, + krb5_principal princ, + char *password)); + +kadm5_ret_t +kadm5_create_principal __P(( + void *server_handle, + kadm5_principal_ent_t princ, + u_int32_t mask, + char *password)); + +kadm5_ret_t +kadm5_delete_principal __P(( + void *server_handle, + krb5_principal princ)); + +kadm5_ret_t +kadm5_destroy __P((void *server_handle)); + +kadm5_ret_t +kadm5_flush __P((void *server_handle)); + +void +kadm5_free_key_data __P(( + void *server_handle, + int16_t *n_key_data, + krb5_key_data *key_data)); + +void +kadm5_free_name_list __P(( + void *server_handle, + char **names, + int *count)); + +void +kadm5_free_principal_ent __P(( + void *server_handle, + kadm5_principal_ent_t princ)); + +kadm5_ret_t +kadm5_get_principal __P(( + void *server_handle, + krb5_principal princ, + kadm5_principal_ent_t out, + u_int32_t mask)); + +kadm5_ret_t +kadm5_get_principals __P(( + void *server_handle, + const char *exp, + char ***princs, + int *count)); + +kadm5_ret_t +kadm5_get_privs __P(( + void *server_handle, + u_int32_t *privs)); + +kadm5_ret_t +kadm5_init_with_creds __P(( + const char *client_name, + krb5_ccache ccache, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_init_with_creds_ctx __P(( + krb5_context context, + const char *client_name, + krb5_ccache ccache, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_init_with_password __P(( + const char *client_name, + const char *password, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_init_with_password_ctx __P(( + krb5_context context, + const char *client_name, + const char *password, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_init_with_skey __P(( + const char *client_name, + const char *keytab, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_init_with_skey_ctx __P(( + krb5_context context, + const char *client_name, + const char *keytab, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_modify_principal __P(( + void *server_handle, + kadm5_principal_ent_t princ, + u_int32_t mask)); + +kadm5_ret_t +kadm5_randkey_principal __P(( + void *server_handle, + krb5_principal princ, + krb5_keyblock **new_keys, + int *n_keys)); + +kadm5_ret_t +kadm5_rename_principal __P(( + void *server_handle, + krb5_principal source, + krb5_principal target)); + +kadm5_ret_t +kadm5_ret_key_data __P(( + krb5_storage *sp, + krb5_key_data *key)); + +kadm5_ret_t +kadm5_ret_principal_ent __P(( + krb5_storage *sp, + kadm5_principal_ent_t princ)); + +kadm5_ret_t +kadm5_ret_principal_ent_mask __P(( + krb5_storage *sp, + kadm5_principal_ent_t princ, + u_int32_t *mask)); + +kadm5_ret_t +kadm5_ret_tl_data __P(( + krb5_storage *sp, + krb5_tl_data *tl)); + +kadm5_ret_t +kadm5_s_chpass_principal __P(( + void *server_handle, + krb5_principal princ, + char *password)); + +kadm5_ret_t +kadm5_s_chpass_principal_with_key __P(( + void *server_handle, + krb5_principal princ, + int n_key_data, + krb5_key_data *key_data)); + +kadm5_ret_t +kadm5_s_create_principal __P(( + void *server_handle, + kadm5_principal_ent_t princ, + u_int32_t mask, + char *password)); + +kadm5_ret_t +kadm5_s_create_principal_with_key __P(( + void *server_handle, + kadm5_principal_ent_t princ, + u_int32_t mask)); + +kadm5_ret_t +kadm5_s_delete_principal __P(( + void *server_handle, + krb5_principal princ)); + +kadm5_ret_t +kadm5_s_destroy __P((void *server_handle)); + +kadm5_ret_t +kadm5_s_flush __P((void *server_handle)); + +kadm5_ret_t +kadm5_s_get_principal __P(( + void *server_handle, + krb5_principal princ, + kadm5_principal_ent_t out, + u_int32_t mask)); + +kadm5_ret_t +kadm5_s_get_principals __P(( + void *server_handle, + const char *exp, + char ***princs, + int *count)); + +kadm5_ret_t +kadm5_s_get_privs __P(( + void *server_handle, + u_int32_t *privs)); + +kadm5_ret_t +kadm5_s_init_with_creds __P(( + const char *client_name, + krb5_ccache ccache, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_s_init_with_creds_ctx __P(( + krb5_context context, + const char *client_name, + krb5_ccache ccache, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_s_init_with_password __P(( + const char *client_name, + const char *password, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_s_init_with_password_ctx __P(( + krb5_context context, + const char *client_name, + const char *password, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_s_init_with_skey __P(( + const char *client_name, + const char *keytab, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_s_init_with_skey_ctx __P(( + krb5_context context, + const char *client_name, + const char *keytab, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_s_modify_principal __P(( + void *server_handle, + kadm5_principal_ent_t princ, + u_int32_t mask)); + +kadm5_ret_t +kadm5_s_randkey_principal __P(( + void *server_handle, + krb5_principal princ, + krb5_keyblock **new_keys, + int *n_keys)); + +kadm5_ret_t +kadm5_s_rename_principal __P(( + void *server_handle, + krb5_principal source, + krb5_principal target)); + +kadm5_ret_t +kadm5_store_key_data __P(( + krb5_storage *sp, + krb5_key_data *key)); + +kadm5_ret_t +kadm5_store_principal_ent __P(( + krb5_storage *sp, + kadm5_principal_ent_t princ)); + +kadm5_ret_t +kadm5_store_principal_ent_mask __P(( + krb5_storage *sp, + kadm5_principal_ent_t princ, + u_int32_t mask)); + +kadm5_ret_t +kadm5_store_tl_data __P(( + krb5_storage *sp, + krb5_tl_data *tl)); + +void +kadm5_setup_passwd_quality_check(krb5_context context, + const char *check_library, + const char *check_function); + +const char * +kadm5_check_password_quality (krb5_context context, + krb5_principal principal, + krb5_data *pwd_data); + +#if 0 +/* unimplemented functions */ +kadm5_ret_t +kadm5_decrypt_key(void *server_handle, + kadm5_principal_ent_t entry, int32_t + ktype, int32_t stype, int32_t + kvno, krb5_keyblock *keyblock, + krb5_keysalt *keysalt, int *kvnop); + +kadm5_ret_t +kadm5_create_policy(void *server_handle, + kadm5_policy_ent_t policy, u_int32_t mask); + +kadm5_ret_t +kadm5_delete_policy(void *server_handle, char *policy); + + +kadm5_ret_t +kadm5_modify_policy(void *server_handle, + kadm5_policy_ent_t policy, + u_int32_t mask); + +kadm5_ret_t +kadm5_get_policy(void *server_handle, char *policy, kadm5_policy_ent_t ent); + +kadm5_ret_t +kadm5_get_policies(void *server_handle, char *exp, + char ***pols, int *count); + +void +kadm5_free_policy_ent(kadm5_policy_ent_t policy); + +#endif + +#endif /* __KADM5_ADMIN_H__ */ diff --git a/crypto/heimdal/lib/kadm5/chpass_c.c b/crypto/heimdal/lib/kadm5/chpass_c.c new file mode 100644 index 0000000..aaec48f --- /dev/null +++ b/crypto/heimdal/lib/kadm5/chpass_c.c @@ -0,0 +1,70 @@ +/* + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: chpass_c.c,v 1.3 1999/12/02 17:05:05 joda Exp $"); + +kadm5_ret_t +kadm5_c_chpass_principal(void *server_handle, + krb5_principal princ, + char *password) +{ + kadm5_client_context *context = server_handle; + kadm5_ret_t ret; + krb5_storage *sp; + unsigned char buf[1024]; + int32_t tmp; + krb5_data reply; + + sp = krb5_storage_from_mem(buf, sizeof(buf)); + if (sp == NULL) + return ENOMEM; + krb5_store_int32(sp, kadm_chpass); + krb5_store_principal(sp, princ); + krb5_store_string(sp, password); + ret = _kadm5_client_send(context, sp); + krb5_storage_free(sp); + ret = _kadm5_client_recv(context, &reply); + if(ret) + return ret; + sp = krb5_storage_from_data (&reply); + if (sp == NULL) { + krb5_data_free (&reply); + return ENOMEM; + } + krb5_ret_int32(sp, &tmp); + krb5_storage_free(sp); + krb5_data_free (&reply); + return tmp; +} diff --git a/crypto/heimdal/lib/kadm5/chpass_s.c b/crypto/heimdal/lib/kadm5/chpass_s.c new file mode 100644 index 0000000..e915124 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/chpass_s.c @@ -0,0 +1,114 @@ +/* + * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: chpass_s.c,v 1.8 1999/12/02 17:05:05 joda Exp $"); + +kadm5_ret_t +kadm5_s_chpass_principal(void *server_handle, + krb5_principal princ, + char *password) +{ + kadm5_server_context *context = server_handle; + hdb_entry ent; + kadm5_ret_t ret; + ent.principal = princ; + ret = context->db->open(context->context, context->db, O_RDWR, 0); + if(ret) + return ret; + ret = context->db->fetch(context->context, context->db, + 0, &ent); + if(ret == HDB_ERR_NOENTRY) + goto out; + ret = _kadm5_set_keys(context, &ent, password); + if(ret) + goto out2; + ret = _kadm5_set_modifier(context, &ent); + if(ret) + goto out2; + + hdb_seal_keys(context->db, &ent); + + kadm5_log_modify (context, + &ent, + KADM5_PRINCIPAL | KADM5_MOD_NAME | KADM5_MOD_TIME | + KADM5_KEY_DATA | KADM5_KVNO); + + ret = context->db->store(context->context, context->db, + HDB_F_REPLACE, &ent); +out2: + hdb_free_entry(context->context, &ent); +out: + context->db->close(context->context, context->db); + return _kadm5_error_code(ret); +} + +kadm5_ret_t +kadm5_s_chpass_principal_with_key(void *server_handle, + krb5_principal princ, + int n_key_data, + krb5_key_data *key_data) +{ + kadm5_server_context *context = server_handle; + hdb_entry ent; + kadm5_ret_t ret; + ent.principal = princ; + ret = context->db->open(context->context, context->db, O_RDWR, 0); + if(ret) + return ret; + ret = context->db->fetch(context->context, context->db, 0, &ent); + if(ret == HDB_ERR_NOENTRY) + goto out; + ret = _kadm5_set_keys2(&ent, n_key_data, key_data); + if(ret) + goto out2; + ret = _kadm5_set_modifier(context, &ent); + if(ret) + goto out2; + + hdb_seal_keys(context->db, &ent); + + kadm5_log_modify (context, + &ent, + KADM5_PRINCIPAL | KADM5_MOD_NAME | KADM5_MOD_TIME | + KADM5_KEY_DATA | KADM5_KVNO); + + ret = context->db->store(context->context, context->db, + HDB_F_REPLACE, &ent); +out2: + hdb_free_entry(context->context, &ent); +out: + context->db->close(context->context, context->db); + return _kadm5_error_code(ret); +} diff --git a/crypto/heimdal/lib/kadm5/client_glue.c b/crypto/heimdal/lib/kadm5/client_glue.c new file mode 100644 index 0000000..395577d --- /dev/null +++ b/crypto/heimdal/lib/kadm5/client_glue.c @@ -0,0 +1,150 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: client_glue.c,v 1.5 1999/12/02 17:05:05 joda Exp $"); + +kadm5_ret_t +kadm5_init_with_password(const char *client_name, + const char *password, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle) +{ + return kadm5_c_init_with_password(client_name, + password, + service_name, + realm_params, + struct_version, + api_version, + server_handle); +} + +kadm5_ret_t +kadm5_init_with_password_ctx(krb5_context context, + const char *client_name, + const char *password, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle) +{ + return kadm5_c_init_with_password_ctx(context, + client_name, + password, + service_name, + realm_params, + struct_version, + api_version, + server_handle); +} + +kadm5_ret_t +kadm5_init_with_skey(const char *client_name, + const char *keytab, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle) +{ + return kadm5_c_init_with_skey(client_name, + keytab, + service_name, + realm_params, + struct_version, + api_version, + server_handle); +} + +kadm5_ret_t +kadm5_init_with_skey_ctx(krb5_context context, + const char *client_name, + const char *keytab, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle) +{ + return kadm5_c_init_with_skey_ctx(context, + client_name, + keytab, + service_name, + realm_params, + struct_version, + api_version, + server_handle); +} + +kadm5_ret_t +kadm5_init_with_creds(const char *client_name, + krb5_ccache ccache, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle) +{ + return kadm5_c_init_with_creds(client_name, + ccache, + service_name, + realm_params, + struct_version, + api_version, + server_handle); +} + +kadm5_ret_t +kadm5_init_with_creds_ctx(krb5_context context, + const char *client_name, + krb5_ccache ccache, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle) +{ + return kadm5_c_init_with_creds_ctx(context, + client_name, + ccache, + service_name, + realm_params, + struct_version, + api_version, + server_handle); +} diff --git a/crypto/heimdal/lib/kadm5/common_glue.c b/crypto/heimdal/lib/kadm5/common_glue.c new file mode 100644 index 0000000..38c551c --- /dev/null +++ b/crypto/heimdal/lib/kadm5/common_glue.c @@ -0,0 +1,124 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: common_glue.c,v 1.4 1999/12/02 17:05:05 joda Exp $"); + +#define __CALL(F, P) (*((kadm5_common_context*)server_handle)->funcs.F)P; + +kadm5_ret_t +kadm5_chpass_principal(void *server_handle, + krb5_principal princ, + char *password) +{ + return __CALL(chpass_principal, (server_handle, princ, password)); +} + +kadm5_ret_t +kadm5_create_principal(void *server_handle, + kadm5_principal_ent_t princ, + u_int32_t mask, + char *password) +{ + return __CALL(create_principal, (server_handle, princ, mask, password)); +} + +kadm5_ret_t +kadm5_delete_principal(void *server_handle, + krb5_principal princ) +{ + return __CALL(delete_principal, (server_handle, princ)); +} + +kadm5_ret_t +kadm5_destroy (void *server_handle) +{ + return __CALL(destroy, (server_handle)); +} + +kadm5_ret_t +kadm5_flush (void *server_handle) +{ + return __CALL(flush, (server_handle)); +} + +kadm5_ret_t +kadm5_get_principal(void *server_handle, + krb5_principal princ, + kadm5_principal_ent_t out, + u_int32_t mask) +{ + return __CALL(get_principal, (server_handle, princ, out, mask)); +} + +kadm5_ret_t +kadm5_modify_principal(void *server_handle, + kadm5_principal_ent_t princ, + u_int32_t mask) +{ + return __CALL(modify_principal, (server_handle, princ, mask)); +} + +kadm5_ret_t +kadm5_randkey_principal(void *server_handle, + krb5_principal princ, + krb5_keyblock **new_keys, + int *n_keys) +{ + return __CALL(randkey_principal, (server_handle, princ, new_keys, n_keys)); +} + +kadm5_ret_t +kadm5_rename_principal(void *server_handle, + krb5_principal source, + krb5_principal target) +{ + return __CALL(rename_principal, (server_handle, source, target)); +} + +kadm5_ret_t +kadm5_get_principals(void *server_handle, + const char *exp, + char ***princs, + int *count) +{ + return __CALL(get_principals, (server_handle, exp, princs, count)); +} + +kadm5_ret_t +kadm5_get_privs(void *server_handle, + u_int32_t *privs) +{ + return __CALL(get_privs, (server_handle, privs)); +} diff --git a/crypto/heimdal/lib/kadm5/context_s.c b/crypto/heimdal/lib/kadm5/context_s.c new file mode 100644 index 0000000..fc52576 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/context_s.c @@ -0,0 +1,221 @@ +/* + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: context_s.c,v 1.13 2000/01/06 21:40:08 assar Exp $"); + +static void +set_funcs(kadm5_server_context *c) +{ +#define SET(C, F) (C)->funcs.F = kadm5_s_ ## F + SET(c, chpass_principal); + SET(c, chpass_principal); + SET(c, create_principal); + SET(c, delete_principal); + SET(c, destroy); + SET(c, flush); + SET(c, get_principal); + SET(c, get_principals); + SET(c, get_privs); + SET(c, modify_principal); + SET(c, randkey_principal); + SET(c, rename_principal); +} + +struct database_spec { + char *dbpath; + char *logfile; + char *mkeyfile; + char *aclfile; +}; + +static void +set_field(krb5_context context, krb5_config_binding *binding, + const char *dbname, const char *name, const char *ext, + char **variable) +{ + const char *p; + p = krb5_config_get_string(context, binding, name, NULL); + if(p) + *variable = strdup(p); + else { + p = strrchr(dbname, '.'); + if(p == NULL) + asprintf(variable, "%s.%s", dbname, ext); + else + asprintf(variable, "%.*s.%s", (int)(p - dbname), dbname, ext); + } +} + +static void +set_socket_name(const char *dbname, struct sockaddr_un *un) +{ + const char *p; + memset(un, 0, sizeof(*un)); + un->sun_family = AF_UNIX; + p = strrchr(dbname, '.'); + if(p == NULL) + snprintf(un->sun_path, sizeof(un->sun_path), "%s.signal", + dbname); + else + snprintf(un->sun_path, sizeof(un->sun_path), "%.*s.signal", + (int)(p - dbname), dbname); +} + +static void +set_config(kadm5_server_context *ctx, + krb5_config_binding *binding) +{ + const char *p; + if(ctx->config.dbname == NULL) { + p = krb5_config_get_string(ctx->context, binding, "dbname", NULL); + if(p) + ctx->config.dbname = strdup(p); + else + ctx->config.dbname = strdup(HDB_DEFAULT_DB); + } + if(ctx->log_context.log_file == NULL) + set_field(ctx->context, binding, ctx->config.dbname, + "log_file", "log", &ctx->log_context.log_file); + set_socket_name(ctx->config.dbname, &ctx->log_context.socket_name); + if(ctx->config.acl_file == NULL) + set_field(ctx->context, binding, ctx->config.dbname, + "acl_file", "acl", &ctx->config.acl_file); + /* XXX calling a file a `stash file' isn't very clever */ + if(ctx->config.stash_file == NULL) + set_field(ctx->context, binding, ctx->config.dbname, + "mkey_file", "mkey", &ctx->config.stash_file); +} + +static kadm5_ret_t +find_db_spec(kadm5_server_context *ctx) +{ + krb5_config_binding *top_binding = NULL; + krb5_config_binding *db_binding; + krb5_config_binding *default_binding = NULL; + krb5_context context = ctx->context; + + while((db_binding = (krb5_config_binding *) + krb5_config_get_next(context, + NULL, &top_binding, + krb5_config_list, + "kdc", + "database", + NULL))) { + const char *p; + p = krb5_config_get_string(context, db_binding, "realm", NULL); + if(p == NULL) { + if(default_binding) { + krb5_warnx(context, "WARNING: more than one realm-less " + "database specification"); + krb5_warnx(context, "WARNING: using the first encountered"); + } else + default_binding = db_binding; + continue; + } + if(strcmp(ctx->config.realm, p) != 0) + continue; + + set_config(ctx, db_binding); + return 0; + } + if(default_binding) + set_config(ctx, default_binding); + else { + ctx->config.dbname = strdup(HDB_DEFAULT_DB); + ctx->config.acl_file = HDB_DB_DIR "/kadmind.acl"; + ctx->config.stash_file = HDB_DB_DIR "/m-key"; + ctx->log_context.log_file = HDB_DB_DIR "/log"; + memset(&ctx->log_context.socket_name, 0, + sizeof(ctx->log_context.socket_name)); + ctx->log_context.socket_name.sun_family = AF_UNIX; + strlcpy(ctx->log_context.socket_name.sun_path, + KADM5_LOG_SIGNAL, + sizeof(ctx->log_context.socket_name.sun_path)); + } + return 0; +} + +kadm5_ret_t +_kadm5_s_init_context(kadm5_server_context **ctx, + kadm5_config_params *params, + krb5_context context) +{ + *ctx = malloc(sizeof(**ctx)); + if(*ctx == NULL) + return ENOMEM; + memset(*ctx, 0, sizeof(**ctx)); + set_funcs(*ctx); + (*ctx)->context = context; + krb5_add_et_list (context, initialize_kadm5_error_table_r); +#define is_set(M) (params && params->mask & KADM5_CONFIG_ ## M) + if(is_set(REALM)) + (*ctx)->config.realm = strdup(params->realm); + else + krb5_get_default_realm(context, &(*ctx)->config.realm); + if(is_set(DBNAME)) + (*ctx)->config.dbname = strdup(params->dbname); + if(is_set(ACL_FILE)) + (*ctx)->config.acl_file = strdup(params->acl_file); + if(is_set(STASH_FILE)) + (*ctx)->config.stash_file = strdup(params->stash_file); + + find_db_spec(*ctx); + + /* PROFILE can't be specified for now */ + /* KADMIND_PORT is supposed to be used on the server also, + but this doesn't make sense */ + /* ADMIN_SERVER is client only */ + /* ADNAME is not used at all (as far as I can tell) */ + /* ADB_LOCKFILE ditto */ + /* DICT_FILE */ + /* ADMIN_KEYTAB */ + /* MKEY_FROM_KEYBOARD is not supported */ + /* MKEY_NAME neither */ + /* ENCTYPE */ + /* MAX_LIFE */ + /* MAX_RLIFE */ + /* EXPIRATION */ + /* FLAGS */ + /* ENCTYPES */ + + return 0; +} + +HDB * +_kadm5_s_get_db(void *server_handle) +{ + kadm5_server_context *context = server_handle; + return context->db; +} diff --git a/crypto/heimdal/lib/kadm5/create_c.c b/crypto/heimdal/lib/kadm5/create_c.c new file mode 100644 index 0000000..45eb3e2 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/create_c.c @@ -0,0 +1,73 @@ +/* + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: create_c.c,v 1.3 1999/12/02 17:05:05 joda Exp $"); + +kadm5_ret_t +kadm5_c_create_principal(void *server_handle, + kadm5_principal_ent_t princ, + u_int32_t mask, + char *password) +{ + kadm5_client_context *context = server_handle; + kadm5_ret_t ret; + krb5_storage *sp; + unsigned char buf[1024]; + int32_t tmp; + krb5_data reply; + + sp = krb5_storage_from_mem(buf, sizeof(buf)); + if (sp == NULL) + return ENOMEM; + krb5_store_int32(sp, kadm_create); + kadm5_store_principal_ent(sp, princ); + krb5_store_int32(sp, mask); + krb5_store_string(sp, password); + ret = _kadm5_client_send(context, sp); + krb5_storage_free(sp); + ret = _kadm5_client_recv(context, &reply); + if(ret) + return ret; + sp = krb5_storage_from_data (&reply); + if (sp == NULL) { + krb5_data_free (&reply); + return ENOMEM; + } + krb5_ret_int32(sp, &tmp); + krb5_storage_free(sp); + krb5_data_free (&reply); + return tmp; +} + diff --git a/crypto/heimdal/lib/kadm5/create_s.c b/crypto/heimdal/lib/kadm5/create_s.c new file mode 100644 index 0000000..6e352f6 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/create_s.c @@ -0,0 +1,191 @@ +/* + * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: create_s.c,v 1.16 1999/12/02 17:05:05 joda Exp $"); + +static kadm5_ret_t +get_default(kadm5_server_context *context, krb5_principal princ, + kadm5_principal_ent_t def) +{ + kadm5_ret_t ret; + krb5_principal def_principal; + krb5_realm *realm = krb5_princ_realm(context->context, princ); + + ret = krb5_make_principal(context->context, &def_principal, + *realm, "default", NULL); + if (ret) + return ret; + ret = kadm5_s_get_principal(context, def_principal, def, + KADM5_PRINCIPAL_NORMAL_MASK); + krb5_free_principal (context->context, def_principal); + return ret; +} + +static kadm5_ret_t +create_principal(kadm5_server_context *context, + kadm5_principal_ent_t princ, + u_int32_t mask, + hdb_entry *ent, + u_int32_t required_mask, + u_int32_t forbidden_mask) +{ + kadm5_ret_t ret; + kadm5_principal_ent_rec defrec, *defent; + u_int32_t def_mask; + + if((mask & required_mask) != required_mask) + return KADM5_BAD_MASK; + if((mask & forbidden_mask)) + return KADM5_BAD_MASK; + if((mask & KADM5_POLICY) && strcmp(princ->policy, "default")) + /* XXX no real policies for now */ + return KADM5_UNK_POLICY; + memset(ent, 0, sizeof(*ent)); + ret = krb5_copy_principal(context->context, princ->principal, + &ent->principal); + if(ret) + return ret; + + defent = &defrec; + ret = get_default(context, princ->principal, defent); + if(ret) { + defent = NULL; + def_mask = 0; + } else { + def_mask = KADM5_ATTRIBUTES | KADM5_MAX_LIFE | KADM5_MAX_RLIFE; + } + + ret = _kadm5_setup_entry(ent, mask | def_mask, + princ, mask, + defent, def_mask); + if(defent) + kadm5_free_principal_ent(context, defent); + + ent->created_by.time = time(NULL); + ret = krb5_copy_principal(context->context, context->caller, + &ent->created_by.principal); + + return ret; +} + +kadm5_ret_t +kadm5_s_create_principal_with_key(void *server_handle, + kadm5_principal_ent_t princ, + u_int32_t mask) +{ + kadm5_ret_t ret; + hdb_entry ent; + kadm5_server_context *context = server_handle; + + ret = create_principal(context, princ, mask, &ent, + KADM5_PRINCIPAL | KADM5_KEY_DATA, + KADM5_LAST_PWD_CHANGE | KADM5_MOD_TIME + | KADM5_MOD_NAME | KADM5_MKVNO + | KADM5_AUX_ATTRIBUTES + | KADM5_POLICY_CLR | KADM5_LAST_SUCCESS + | KADM5_LAST_FAILED | KADM5_FAIL_AUTH_COUNT); + if(ret) + goto out; + + ret = _kadm5_set_keys2(&ent, princ->n_key_data, princ->key_data); + if(ret) + goto out; + + hdb_seal_keys(context->db, &ent); + + kadm5_log_create (context, &ent); + + ret = context->db->open(context->context, context->db, O_RDWR, 0); + if(ret) + goto out; + ret = context->db->store(context->context, context->db, 0, &ent); + context->db->close(context->context, context->db); +out: + hdb_free_entry(context->context, &ent); + return _kadm5_error_code(ret); +} + + +kadm5_ret_t +kadm5_s_create_principal(void *server_handle, + kadm5_principal_ent_t princ, + u_int32_t mask, + char *password) +{ + kadm5_ret_t ret; + hdb_entry ent; + kadm5_server_context *context = server_handle; + + ret = create_principal(context, princ, mask, &ent, + KADM5_PRINCIPAL, + KADM5_LAST_PWD_CHANGE | KADM5_MOD_TIME + | KADM5_MOD_NAME | KADM5_MKVNO + | KADM5_AUX_ATTRIBUTES | KADM5_KEY_DATA + | KADM5_POLICY_CLR | KADM5_LAST_SUCCESS + | KADM5_LAST_FAILED | KADM5_FAIL_AUTH_COUNT); + if(ret) + goto out; + + /* XXX this should be fixed */ + ent.keys.len = 4; + ent.keys.val = calloc(ent.keys.len, sizeof(*ent.keys.val)); + ent.keys.val[0].key.keytype = ETYPE_DES_CBC_CRC; + /* flag as version 4 compatible salt; ignored by _kadm5_set_keys + if we don't want to be compatible */ + ent.keys.val[0].salt = calloc(1, sizeof(*ent.keys.val[0].salt)); + ent.keys.val[0].salt->type = hdb_pw_salt; + ent.keys.val[1].key.keytype = ETYPE_DES_CBC_MD4; + ent.keys.val[1].salt = calloc(1, sizeof(*ent.keys.val[1].salt)); + ent.keys.val[1].salt->type = hdb_pw_salt; + ent.keys.val[2].key.keytype = ETYPE_DES_CBC_MD5; + ent.keys.val[2].salt = calloc(1, sizeof(*ent.keys.val[2].salt)); + ent.keys.val[2].salt->type = hdb_pw_salt; + ent.keys.val[3].key.keytype = ETYPE_DES3_CBC_SHA1; + ret = _kadm5_set_keys(context, &ent, password); + + hdb_seal_keys(context->db, &ent); + + kadm5_log_create (context, &ent); + + ret = context->db->open(context->context, context->db, O_RDWR, 0); + if(ret) + goto out; + ret = context->db->store(context->context, context->db, 0, &ent); + context->db->close(context->context, context->db); +out: + hdb_free_entry(context->context, &ent); + return _kadm5_error_code(ret); +} + diff --git a/crypto/heimdal/lib/kadm5/delete_c.c b/crypto/heimdal/lib/kadm5/delete_c.c new file mode 100644 index 0000000..71a3cf0 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/delete_c.c @@ -0,0 +1,69 @@ +/* + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: delete_c.c,v 1.3 1999/12/02 17:05:05 joda Exp $"); + +kadm5_ret_t +kadm5_c_delete_principal(void *server_handle, krb5_principal princ) +{ + kadm5_client_context *context = server_handle; + kadm5_ret_t ret; + krb5_storage *sp; + unsigned char buf[1024]; + int32_t tmp; + krb5_data reply; + + sp = krb5_storage_from_mem(buf, sizeof(buf)); + if (sp == NULL) + return ENOMEM; + krb5_store_int32(sp, kadm_delete); + krb5_store_principal(sp, princ); + ret = _kadm5_client_send(context, sp); + krb5_storage_free(sp); + if (ret) + return ret; + ret = _kadm5_client_recv(context, &reply); + if (ret) + return ret; + sp = krb5_storage_from_data (&reply); + if(sp == NULL) { + krb5_data_free (&reply); + return ENOMEM; + } + krb5_ret_int32(sp, &tmp); + krb5_storage_free(sp); + krb5_data_free (&reply); + return tmp; +} diff --git a/crypto/heimdal/lib/kadm5/delete_s.c b/crypto/heimdal/lib/kadm5/delete_s.c new file mode 100644 index 0000000..ef326587b --- /dev/null +++ b/crypto/heimdal/lib/kadm5/delete_s.c @@ -0,0 +1,70 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: delete_s.c,v 1.7 1999/12/02 17:05:05 joda Exp $"); + +kadm5_ret_t +kadm5_s_delete_principal(void *server_handle, krb5_principal princ) +{ + kadm5_server_context *context = server_handle; + kadm5_ret_t ret; + hdb_entry ent; + + ent.principal = princ; + ret = context->db->open(context->context, context->db, O_RDWR, 0); + if(ret) { + krb5_warn(context->context, ret, "opening database"); + return ret; + } + ret = context->db->fetch(context->context, context->db, + HDB_F_DECRYPT, &ent); + if(ret == HDB_ERR_NOENTRY) + goto out2; + if(ent.flags.immutable) { + ret = KADM5_PROTECT_PRINCIPAL; + goto out; + } + + hdb_seal_keys(context->db, &ent); + + kadm5_log_delete (context, princ); + + ret = context->db->remove(context->context, context->db, &ent); +out: + hdb_free_entry(context->context, &ent); +out2: + context->db->close(context->context, context->db); + return _kadm5_error_code(ret); +} diff --git a/crypto/heimdal/lib/kadm5/destroy_c.c b/crypto/heimdal/lib/kadm5/destroy_c.c new file mode 100644 index 0000000..b42c84c --- /dev/null +++ b/crypto/heimdal/lib/kadm5/destroy_c.c @@ -0,0 +1,51 @@ +/* + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: destroy_c.c,v 1.3 1999/12/02 17:05:05 joda Exp $"); + +kadm5_ret_t +kadm5_c_destroy(void *server_handle) +{ + kadm5_client_context *context = server_handle; + + free(context->realm); + free(context->admin_server); + close(context->sock); + if (context->ac != NULL) + krb5_auth_con_free(context->context, context->ac); + if(context->my_context) + krb5_free_context(context->context); + return 0; +} diff --git a/crypto/heimdal/lib/kadm5/destroy_s.c b/crypto/heimdal/lib/kadm5/destroy_s.c new file mode 100644 index 0000000..22158d0 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/destroy_s.c @@ -0,0 +1,50 @@ +/* + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: destroy_s.c,v 1.5 1999/12/02 17:05:05 joda Exp $"); + +kadm5_ret_t +kadm5_s_destroy(void *server_handle) +{ + kadm5_ret_t ret; + kadm5_server_context *context = server_handle; + krb5_context kcontext = context->context; + + ret = context->db->destroy(kcontext, context->db); + if(context->my_context) + krb5_free_context(kcontext); + return ret; +} + diff --git a/crypto/heimdal/lib/kadm5/dump_log.c b/crypto/heimdal/lib/kadm5/dump_log.c new file mode 100644 index 0000000..68a3f53 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/dump_log.c @@ -0,0 +1,262 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "iprop.h" +#include "parse_time.h" + +RCSID("$Id: dump_log.c,v 1.9 1999/12/04 19:49:43 assar Exp $"); + +static char *op_names[] = { + "get", + "delete", + "create", + "rename", + "chpass", + "modify", + "randkey", + "get_privs", + "get_princs" +}; + +static void +print_entry(kadm5_server_context *server_context, + u_int32_t ver, + time_t timestamp, + enum kadm_ops op, + u_int32_t len, + krb5_storage *sp) +{ + char t[256]; + u_int32_t mask; + hdb_entry ent; + krb5_principal source; + char *name1, *name2; + krb5_data data; + krb5_context context = server_context->context; + + off_t end = sp->seek(sp, 0, SEEK_CUR) + len; + + krb5_error_code ret; + + strftime(t, sizeof(t), "%Y-%m-%d %H:%M:%S", localtime(×tamp)); + + if(op < kadm_get || op > kadm_get_princs) { + printf("unknown op: %d\n", op); + sp->seek(sp, end, SEEK_SET); + return; + } + + printf ("%s: ver = %u, timestamp = %s, len = %u\n", + op_names[op], ver, t, len); + switch(op) { + case kadm_delete: + krb5_ret_principal(sp, &source); + krb5_unparse_name(context, source, &name1); + printf(" %s\n", name1); + free(name1); + krb5_free_principal(context, source); + break; + case kadm_rename: + krb5_data_alloc(&data, len); + krb5_ret_principal(sp, &source); + sp->fetch(sp, data.data, data.length); + hdb_value2entry(context, &data, &ent); + krb5_unparse_name(context, source, &name1); + krb5_unparse_name(context, ent.principal, &name2); + printf(" %s -> %s\n", name1, name2); + free(name1); + free(name2); + krb5_free_principal(context, source); + hdb_free_entry(context, &ent); + break; + case kadm_create: + krb5_data_alloc(&data, len); + sp->fetch(sp, data.data, data.length); + ret = hdb_value2entry(context, &data, &ent); + if(ret) + abort(); + mask = ~0; + goto foo; + case kadm_modify: + krb5_data_alloc(&data, len); + krb5_ret_int32(sp, &mask); + sp->fetch(sp, data.data, data.length); + ret = hdb_value2entry(context, &data, &ent); + if(ret) + abort(); + foo: + if(ent.principal /* mask & KADM5_PRINCIPAL */) { + krb5_unparse_name(context, ent.principal, &name1); + printf(" principal = %s\n", name1); + free(name1); + } + if(mask & KADM5_PRINC_EXPIRE_TIME) { + if(ent.valid_end == NULL) { + strcpy(t, "never"); + } else { + strftime(t, sizeof(t), "%Y-%m-%d %H:%M:%S", + localtime(ent.valid_end)); + } + printf(" expires = %s\n", t); + } + if(mask & KADM5_PW_EXPIRATION) { + if(ent.valid_end == NULL) { + strcpy(t, "never"); + } else { + strftime(t, sizeof(t), "%Y-%m-%d %H:%M:%S", + localtime(ent.valid_end)); + } + printf(" password exp = %s\n", t); + } + if(mask & KADM5_LAST_PWD_CHANGE) { + } + if(mask & KADM5_ATTRIBUTES) { + unparse_flags(HDBFlags2int(ent.flags), + HDBFlags_units, t, sizeof(t)); + printf(" attributes = %s\n", t); + } + if(mask & KADM5_MAX_LIFE) { + if(ent.max_life == NULL) + strcpy(t, "for ever"); + else + unparse_time(*ent.max_life, t, sizeof(t)); + printf(" max life = %s\n", t); + } + if(mask & KADM5_MAX_RLIFE) { + if(ent.max_renew == NULL) + strcpy(t, "for ever"); + else + unparse_time(*ent.max_renew, t, sizeof(t)); + printf(" max rlife = %s\n", t); + } + if(mask & KADM5_MOD_TIME) { + printf(" mod time\n"); + } + if(mask & KADM5_MOD_NAME) { + printf(" mod name\n"); + } + if(mask & KADM5_KVNO) { + printf(" kvno = %d\n", ent.kvno); + } + if(mask & KADM5_MKVNO) { + printf(" mkvno\n"); + } + if(mask & KADM5_AUX_ATTRIBUTES) { + printf(" aux attributes\n"); + } + if(mask & KADM5_POLICY) { + printf(" policy\n"); + } + if(mask & KADM5_POLICY_CLR) { + printf(" mod time\n"); + } + if(mask & KADM5_LAST_SUCCESS) { + printf(" last success\n"); + } + if(mask & KADM5_LAST_FAILED) { + printf(" last failed\n"); + } + if(mask & KADM5_FAIL_AUTH_COUNT) { + printf(" fail auth count\n"); + } + if(mask & KADM5_KEY_DATA) { + printf(" key data\n"); + } + if(mask & KADM5_TL_DATA) { + printf(" tl data\n"); + } + hdb_free_entry(context, &ent); + break; + default: + abort(); + } + sp->seek(sp, end, SEEK_SET); +} + +char *realm; +int version_flag; +int help_flag; +struct getargs args[] = { + { "realm", 'r', arg_string, &realm }, + { "version", 0, arg_flag, &version_flag }, + { "help", 0, arg_flag, &help_flag } +}; +int num_args = sizeof(args) / sizeof(args[0]); + +int +main(int argc, char **argv) +{ + krb5_context context; + krb5_error_code ret; + void *kadm_handle; + kadm5_server_context *server_context; + kadm5_config_params conf; + + krb5_program_setup(&context, argc, argv, args, num_args, NULL); + + if(help_flag) + krb5_std_usage(0, args, num_args); + if(version_flag) { + print_version(NULL); + exit(0); + } + + memset(&conf, 0, sizeof(conf)); + if(realm) { + conf.mask |= KADM5_CONFIG_REALM; + conf.realm = realm; + } + ret = kadm5_init_with_password_ctx (context, + KADM5_ADMIN_SERVICE, + NULL, + KADM5_ADMIN_SERVICE, + &conf, 0, 0, + &kadm_handle); + if (ret) + krb5_err (context, 1, ret, "kadm5_init_with_password_ctx"); + + server_context = (kadm5_server_context *)kadm_handle; + + ret = kadm5_log_init (server_context); + if (ret) + krb5_err (context, 1, ret, "kadm5_log_init"); + + ret = kadm5_log_foreach (server_context, print_entry); + if(ret) + krb5_warn(context, ret, "kadm5_log_foreach"); + + ret = kadm5_log_end (server_context); + if (ret) + krb5_warn(context, ret, "kadm5_log_end"); + return 0; +} diff --git a/crypto/heimdal/lib/kadm5/ent_setup.c b/crypto/heimdal/lib/kadm5/ent_setup.c new file mode 100644 index 0000000..46653c7 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/ent_setup.c @@ -0,0 +1,141 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: ent_setup.c,v 1.11 1999/12/02 17:05:06 joda Exp $"); + +#define set_value(X, V) do { if((X) == NULL) (X) = malloc(sizeof(*(X))); *(X) = V; } while(0) +#define set_null(X) do { if((X) != NULL) free((X)); (X) = NULL; } while (0) + +static void +attr_to_flags(unsigned attr, HDBFlags *flags) +{ + flags->postdate = !(attr & KRB5_KDB_DISALLOW_POSTDATED); + flags->forwardable = !(attr & KRB5_KDB_DISALLOW_FORWARDABLE); + flags->initial = !!(attr & KRB5_KDB_DISALLOW_TGT_BASED); + flags->renewable = !(attr & KRB5_KDB_DISALLOW_RENEWABLE); + flags->proxiable = !(attr & KRB5_KDB_DISALLOW_PROXIABLE); + /* DUP_SKEY */ + flags->invalid = !!(attr & KRB5_KDB_DISALLOW_ALL_TIX); + flags->require_preauth = !!(attr & KRB5_KDB_REQUIRES_PRE_AUTH); + /* HW_AUTH */ + flags->server = !(attr & KRB5_KDB_DISALLOW_SVR); + flags->change_pw = !!(attr & KRB5_KDB_PWCHANGE_SERVICE); + flags->client = 1; /* XXX */ +} + +/* + * Create the hdb entry `ent' based on data from `princ' with + * `princ_mask' specifying what fields to be gotten from there and + * `mask' specifying what fields we want filled in. + */ + +kadm5_ret_t +_kadm5_setup_entry(hdb_entry *ent, + u_int32_t mask, + kadm5_principal_ent_t princ, + u_int32_t princ_mask, + kadm5_principal_ent_t def, + u_int32_t def_mask) +{ + if(mask & KADM5_PRINC_EXPIRE_TIME + && princ_mask & KADM5_PRINC_EXPIRE_TIME) { + if (princ->princ_expire_time) + set_value(ent->valid_end, princ->princ_expire_time); + else + set_null(ent->valid_end); + } + if(mask & KADM5_PW_EXPIRATION + && princ_mask & KADM5_PW_EXPIRATION) { + if (princ->pw_expiration) + set_value(ent->pw_end, princ->pw_expiration); + else + set_null(ent->pw_end); + } + if(mask & KADM5_ATTRIBUTES) { + if (princ_mask & KADM5_ATTRIBUTES) { + attr_to_flags(princ->attributes, &ent->flags); + } else if(def_mask & KADM5_ATTRIBUTES) { + attr_to_flags(def->attributes, &ent->flags); + ent->flags.invalid = 0; + } else { + ent->flags.client = 1; + ent->flags.server = 1; + ent->flags.forwardable = 1; + ent->flags.proxiable = 1; + ent->flags.renewable = 1; + ent->flags.postdate = 1; + } + } + if(mask & KADM5_MAX_LIFE) { + if(princ_mask & KADM5_MAX_LIFE) { + if(princ->max_life) + set_value(ent->max_life, princ->max_life); + else + set_null(ent->max_life); + } else if(def_mask & KADM5_MAX_LIFE) { + if(def->max_life) + set_value(ent->max_life, def->max_life); + else + set_null(ent->max_life); + } + } + if(mask & KADM5_KVNO + && princ_mask & KADM5_KVNO) + ent->kvno = princ->kvno; + if(mask & KADM5_MAX_RLIFE) { + if(princ_mask & KADM5_MAX_RLIFE) { + if(princ->max_renewable_life) + set_value(ent->max_renew, princ->max_renewable_life); + else + set_null(ent->max_renew); + } else if(def_mask & KADM5_MAX_RLIFE) { + if(def->max_renewable_life) + set_value(ent->max_renew, def->max_renewable_life); + else + set_null(ent->max_renew); + } + } + if(mask & KADM5_KEY_DATA + && princ_mask & KADM5_KEY_DATA) { + _kadm5_set_keys2(ent, princ->n_key_data, princ->key_data); + } + if(mask & KADM5_TL_DATA) { + /* XXX */ + } + if(mask & KADM5_FAIL_AUTH_COUNT) { + /* XXX */ + } + return 0; +} diff --git a/crypto/heimdal/lib/kadm5/error.c b/crypto/heimdal/lib/kadm5/error.c new file mode 100644 index 0000000..11b1ded --- /dev/null +++ b/crypto/heimdal/lib/kadm5/error.c @@ -0,0 +1,48 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: error.c,v 1.3 1999/12/02 17:05:06 joda Exp $"); + +kadm5_ret_t +_kadm5_error_code(kadm5_ret_t code) +{ + switch(code){ + case HDB_ERR_EXISTS: + return KADM5_DUP; + case HDB_ERR_NOENTRY: + return KADM5_UNK_PRINC; + } + return code; +} diff --git a/crypto/heimdal/lib/kadm5/flush.c b/crypto/heimdal/lib/kadm5/flush.c new file mode 100644 index 0000000..4808259 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/flush.c @@ -0,0 +1,48 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: flush.c,v 1.2 1999/12/02 17:05:06 joda Exp $"); + +kadm5_ret_t +kadm5_s_flush(void *server_handle) +{ + return 0; +} + +kadm5_ret_t +kadm5_c_flush(void *server_handle) +{ + return 0; +} diff --git a/crypto/heimdal/lib/kadm5/flush_c.c b/crypto/heimdal/lib/kadm5/flush_c.c new file mode 100644 index 0000000..01cdcf7 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/flush_c.c @@ -0,0 +1,41 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of KTH nor the names of its contributors may be + * used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +#include "kadm5_locl.h" + +RCSID("$Id: flush_c.c,v 1.1 1999/03/23 18:23:36 joda Exp $"); + +kadm5_ret_t +kadm5_c_flush(void *server_handle) +{ + return 0; +} diff --git a/crypto/heimdal/lib/kadm5/flush_s.c b/crypto/heimdal/lib/kadm5/flush_s.c new file mode 100644 index 0000000..dffbe2f --- /dev/null +++ b/crypto/heimdal/lib/kadm5/flush_s.c @@ -0,0 +1,41 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of KTH nor the names of its contributors may be + * used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +#include "kadm5_locl.h" + +RCSID("$Id: flush_s.c,v 1.1 1999/03/23 18:23:37 joda Exp $"); + +kadm5_ret_t +kadm5_s_flush(void *server_handle) +{ + return 0; +} diff --git a/crypto/heimdal/lib/kadm5/free.c b/crypto/heimdal/lib/kadm5/free.c new file mode 100644 index 0000000..fcc1e70 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/free.c @@ -0,0 +1,91 @@ +/* + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: free.c,v 1.4 1999/12/02 17:05:06 joda Exp $"); + +void +kadm5_free_key_data(void *server_handle, + int16_t *n_key_data, + krb5_key_data *key_data) +{ + int i; + for(i = 0; i < *n_key_data; i++){ + if(key_data[i].key_data_contents[0]){ + memset(key_data[i].key_data_contents[0], + 0, + key_data[i].key_data_length[0]); + free(key_data[i].key_data_contents[0]); + } + if(key_data[i].key_data_contents[1]) + free(key_data[i].key_data_contents[1]); + } + *n_key_data = 0; +} + + +void +kadm5_free_principal_ent(void *server_handle, + kadm5_principal_ent_t princ) +{ + kadm5_server_context *context = server_handle; + if(princ->principal) + krb5_free_principal(context->context, princ->principal); + if(princ->mod_name) + krb5_free_principal(context->context, princ->mod_name); + kadm5_free_key_data(server_handle, &princ->n_key_data, princ->key_data); + while(princ->n_tl_data && princ->tl_data) { + krb5_tl_data *tp; + tp = princ->tl_data; + princ->tl_data = tp->tl_data_next; + princ->n_tl_data--; + memset(tp->tl_data_contents, 0, tp->tl_data_length); + free(tp->tl_data_contents); + free(tp); + } + if (princ->key_data != NULL) + free (princ->key_data); +} + +void +kadm5_free_name_list(void *server_handle, + char **names, + int *count) +{ + int i; + for(i = 0; i < *count; i++) + free(names[i]); + free(names); + *count = 0; +} diff --git a/crypto/heimdal/lib/kadm5/get_c.c b/crypto/heimdal/lib/kadm5/get_c.c new file mode 100644 index 0000000..9ca672a --- /dev/null +++ b/crypto/heimdal/lib/kadm5/get_c.c @@ -0,0 +1,76 @@ +/* + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: get_c.c,v 1.5 1999/12/02 17:05:06 joda Exp $"); + +kadm5_ret_t +kadm5_c_get_principal(void *server_handle, + krb5_principal princ, + kadm5_principal_ent_t out, + u_int32_t mask) +{ + kadm5_client_context *context = server_handle; + kadm5_ret_t ret; + krb5_storage *sp; + unsigned char buf[1024]; + int32_t tmp; + krb5_data reply; + + sp = krb5_storage_from_mem(buf, sizeof(buf)); + if (sp == NULL) + return ENOMEM; + krb5_store_int32(sp, kadm_get); + krb5_store_principal(sp, princ); + krb5_store_int32(sp, mask); + ret = _kadm5_client_send(context, sp); + krb5_storage_free(sp); + if(ret) + return ret; + ret = _kadm5_client_recv(context, &reply); + if (ret) + return ret; + sp = krb5_storage_from_data (&reply); + if (sp == NULL) { + krb5_data_free (&reply); + return ENOMEM; + } + krb5_ret_int32(sp, &tmp); + ret = tmp; + if(ret == 0) + kadm5_ret_principal_ent(sp, out); + krb5_storage_free(sp); + krb5_data_free (&reply); + return ret; +} diff --git a/crypto/heimdal/lib/kadm5/get_princs_c.c b/crypto/heimdal/lib/kadm5/get_princs_c.c new file mode 100644 index 0000000..0956052 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/get_princs_c.c @@ -0,0 +1,86 @@ +/* + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: get_princs_c.c,v 1.3 1999/12/02 17:05:06 joda Exp $"); + +kadm5_ret_t +kadm5_c_get_principals(void *server_handle, + const char *exp, + char ***princs, + int *count) +{ + kadm5_client_context *context = server_handle; + kadm5_ret_t ret; + krb5_storage *sp; + unsigned char buf[1024]; + int32_t tmp; + krb5_data reply; + + sp = krb5_storage_from_mem(buf, sizeof(buf)); + if (sp == NULL) + return ENOMEM; + krb5_store_int32(sp, kadm_get_princs); + krb5_store_int32(sp, exp != NULL); + if(exp) + krb5_store_string(sp, exp); + ret = _kadm5_client_send(context, sp); + krb5_storage_free(sp); + ret = _kadm5_client_recv(context, &reply); + if(ret) + return ret; + sp = krb5_storage_from_data (&reply); + if (sp == NULL) { + krb5_data_free (&reply); + return ENOMEM; + } + krb5_ret_int32(sp, &tmp); + ret = tmp; + if(ret == 0) { + int i; + krb5_ret_int32(sp, &tmp); + *princs = calloc(tmp + 1, sizeof(**princs)); + if (*princs == NULL) { + ret = ENOMEM; + goto out; + } + for(i = 0; i < tmp; i++) + krb5_ret_string(sp, &(*princs)[i]); + *count = tmp; + } +out: + krb5_storage_free(sp); + krb5_data_free (&reply); + return ret; +} diff --git a/crypto/heimdal/lib/kadm5/get_princs_s.c b/crypto/heimdal/lib/kadm5/get_princs_s.c new file mode 100644 index 0000000..2702bae --- /dev/null +++ b/crypto/heimdal/lib/kadm5/get_princs_s.c @@ -0,0 +1,113 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: get_princs_s.c,v 1.5 1999/12/02 17:05:06 joda Exp $"); + +struct foreach_data { + const char *exp; + char *exp2; + char **princs; + int count; +}; + +static krb5_error_code +add_princ(struct foreach_data *d, char *princ) +{ + char **tmp; + tmp = realloc(d->princs, (d->count + 1) * sizeof(*tmp)); + if(tmp == NULL) + return ENOMEM; + d->princs = tmp; + d->princs[d->count++] = princ; + return 0; +} + +static krb5_error_code +foreach(krb5_context context, HDB *db, hdb_entry *ent, void *data) +{ + struct foreach_data *d = data; + char *princ; + krb5_error_code ret; + ret = krb5_unparse_name(context, ent->principal, &princ); + if(ret) + return ret; + if(d->exp){ + if(fnmatch(d->exp, princ, 0) == 0 || fnmatch(d->exp2, princ, 0) == 0) + ret = add_princ(d, princ); + else + free(princ); + }else{ + ret = add_princ(d, princ); + } + if(ret) + free(princ); + return ret; +} + +kadm5_ret_t +kadm5_s_get_principals(void *server_handle, + const char *exp, + char ***princs, + int *count) +{ + struct foreach_data d; + kadm5_server_context *context = server_handle; + kadm5_ret_t ret; + ret = context->db->open(context->context, context->db, O_RDWR, 0); + if(ret) { + krb5_warn(context->context, ret, "opening database"); + return ret; + } + d.exp = exp; + { + krb5_realm r; + krb5_get_default_realm(context->context, &r); + asprintf(&d.exp2, "%s@%s", exp, r); + free(r); + } + d.princs = NULL; + d.count = 0; + ret = hdb_foreach(context->context, context->db, 0, foreach, &d); + context->db->close(context->context, context->db); + if(ret == 0) + ret = add_princ(&d, NULL); + if(ret == 0){ + *princs = d.princs; + *count = d.count - 1; + }else + kadm5_free_name_list(context, d.princs, &d.count); + free(d.exp2); + return _kadm5_error_code(ret); +} diff --git a/crypto/heimdal/lib/kadm5/get_s.c b/crypto/heimdal/lib/kadm5/get_s.c new file mode 100644 index 0000000..12613b6 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/get_s.c @@ -0,0 +1,181 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: get_s.c,v 1.11 1999/12/26 19:38:23 assar Exp $"); + +kadm5_ret_t +kadm5_s_get_principal(void *server_handle, + krb5_principal princ, + kadm5_principal_ent_t out, + u_int32_t mask) +{ + kadm5_server_context *context = server_handle; + kadm5_ret_t ret; + hdb_entry ent; + + ent.principal = princ; + ret = context->db->open(context->context, context->db, O_RDONLY, 0); + if(ret) + return ret; + ret = context->db->fetch(context->context, context->db, + HDB_F_DECRYPT, &ent); + context->db->close(context->context, context->db); + if(ret) + return _kadm5_error_code(ret); + + memset(out, 0, sizeof(*out)); + if(mask & KADM5_PRINCIPAL) + ret = krb5_copy_principal(context->context, ent.principal, + &out->principal); + if(ret) + goto out; + if(mask & KADM5_PRINC_EXPIRE_TIME && ent.valid_end) + out->princ_expire_time = *ent.valid_end; + if(mask & KADM5_PW_EXPIRATION && ent.pw_end) + out->pw_expiration = *ent.pw_end; + if(mask & KADM5_LAST_PWD_CHANGE) + /* XXX implement */; + if(mask & KADM5_ATTRIBUTES){ + out->attributes |= ent.flags.postdate ? 0 : KRB5_KDB_DISALLOW_POSTDATED; + out->attributes |= ent.flags.forwardable ? 0 : KRB5_KDB_DISALLOW_FORWARDABLE; + out->attributes |= ent.flags.initial ? KRB5_KDB_DISALLOW_TGT_BASED : 0; + out->attributes |= ent.flags.renewable ? 0 : KRB5_KDB_DISALLOW_RENEWABLE; + out->attributes |= ent.flags.proxiable ? 0 : KRB5_KDB_DISALLOW_PROXIABLE; + out->attributes |= ent.flags.invalid ? KRB5_KDB_DISALLOW_ALL_TIX : 0; + out->attributes |= ent.flags.require_preauth ? KRB5_KDB_REQUIRES_PRE_AUTH : 0; + out->attributes |= ent.flags.server ? 0 : KRB5_KDB_DISALLOW_SVR; + out->attributes |= ent.flags.change_pw ? KRB5_KDB_PWCHANGE_SERVICE : 0; + } + if(mask & KADM5_MAX_LIFE && ent.max_life) + out->max_life = *ent.max_life; + if(mask & KADM5_MOD_TIME) { + if(ent.modified_by) + out->mod_date = ent.modified_by->time; + else + out->mod_date = ent.created_by.time; + } + if(mask & KADM5_MOD_NAME) { + if(ent.modified_by) { + if (ent.modified_by->principal != NULL) + ret = krb5_copy_principal(context->context, + ent.modified_by->principal, + &out->mod_name); + } else + ret = krb5_copy_principal(context->context, + ent.created_by.principal, + &out->mod_name); + } + if(ret) + goto out; + + if(mask & KADM5_KVNO) + out->kvno = ent.kvno; + if(mask & KADM5_MKVNO) { + int n; + out->mkvno = 0; /* XXX */ + for(n = 0; n < ent.keys.len; n++) + if(ent.keys.val[n].mkvno) { + out->mkvno = *ent.keys.val[n].mkvno; /* XXX this isn't right */ + break; + } + } + if(mask & KADM5_AUX_ATTRIBUTES) + /* XXX implement */; + if(mask & KADM5_POLICY) + out->policy = NULL; + if(mask & KADM5_MAX_RLIFE && ent.max_renew) + out->max_renewable_life = *ent.max_renew; + if(mask & KADM5_LAST_SUCCESS) + /* XXX implement */; + if(mask & KADM5_LAST_FAILED) + /* XXX implement */; + if(mask & KADM5_FAIL_AUTH_COUNT) + /* XXX implement */; + if(mask & KADM5_KEY_DATA){ + int i; + Key *key; + krb5_key_data *kd; + krb5_salt salt; + krb5_data *sp; + krb5_get_pw_salt(context->context, ent.principal, &salt); + out->key_data = malloc(ent.keys.len * sizeof(*out->key_data)); + for(i = 0; i < ent.keys.len; i++){ + key = &ent.keys.val[i]; + kd = &out->key_data[i]; + kd->key_data_ver = 2; + kd->key_data_kvno = ent.kvno; + kd->key_data_type[0] = key->key.keytype; + if(key->salt) + kd->key_data_type[1] = key->salt->type; + else + kd->key_data_type[1] = pa_pw_salt; + /* setup key */ + kd->key_data_length[0] = key->key.keyvalue.length; + kd->key_data_contents[0] = malloc(kd->key_data_length[0]); + if(kd->key_data_contents[0] == NULL){ + ret = ENOMEM; + break; + } + memcpy(kd->key_data_contents[0], key->key.keyvalue.data, + kd->key_data_length[0]); + /* setup salt */ + if(key->salt) + sp = &key->salt->salt; + else + sp = &salt.saltvalue; + kd->key_data_length[1] = sp->length; + kd->key_data_contents[1] = malloc(kd->key_data_length[1]); + if(kd->key_data_length[1] != 0 + && kd->key_data_contents[1] == NULL) { + memset(kd->key_data_contents[0], 0, kd->key_data_length[0]); + ret = ENOMEM; + break; + } + memcpy(kd->key_data_contents[1], sp->data, kd->key_data_length[1]); + out->n_key_data = i + 1; + } + krb5_free_salt(context->context, salt); + } + if(ret){ + kadm5_free_principal_ent(context, out); + goto out; + } + if(mask & KADM5_TL_DATA) + /* XXX implement */; +out: + hdb_free_entry(context->context, &ent); + + return _kadm5_error_code(ret); +} diff --git a/crypto/heimdal/lib/kadm5/init_c.c b/crypto/heimdal/lib/kadm5/init_c.c new file mode 100644 index 0000000..f6429df --- /dev/null +++ b/crypto/heimdal/lib/kadm5/init_c.c @@ -0,0 +1,602 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" +#include <sys/types.h> +#include <sys/socket.h> +#include <netinet/in.h> +#include <netdb.h> + +RCSID("$Id: init_c.c,v 1.34 1999/12/20 14:05:49 assar Exp $"); + +static void +set_funcs(kadm5_client_context *c) +{ +#define SET(C, F) (C)->funcs.F = kadm5 ## _c_ ## F + SET(c, chpass_principal); + SET(c, chpass_principal); + SET(c, create_principal); + SET(c, delete_principal); + SET(c, destroy); + SET(c, flush); + SET(c, get_principal); + SET(c, get_principals); + SET(c, get_privs); + SET(c, modify_principal); + SET(c, randkey_principal); + SET(c, rename_principal); +} + +kadm5_ret_t +_kadm5_c_init_context(kadm5_client_context **ctx, + kadm5_config_params *params, + krb5_context context) +{ + krb5_error_code ret; + char *colon; + + *ctx = malloc(sizeof(**ctx)); + if(*ctx == NULL) + return ENOMEM; + memset(*ctx, 0, sizeof(**ctx)); + krb5_add_et_list (context, initialize_kadm5_error_table_r); + set_funcs(*ctx); + (*ctx)->context = context; + if(params->mask & KADM5_CONFIG_REALM) + (*ctx)->realm = strdup(params->realm); + else + krb5_get_default_realm((*ctx)->context, &(*ctx)->realm); + if(params->mask & KADM5_CONFIG_ADMIN_SERVER) + (*ctx)->admin_server = strdup(params->admin_server); + else { + char **hostlist; + + ret = krb5_get_krb_admin_hst (context, &(*ctx)->realm, &hostlist); + if (ret) + return ret; + (*ctx)->admin_server = strdup(*hostlist); + krb5_free_krbhst (context, hostlist); + } + + if ((*ctx)->admin_server == NULL) + return ENOMEM; + colon = strchr ((*ctx)->admin_server, ':'); + if (colon != NULL) + *colon++ = '\0'; + + (*ctx)->kadmind_port = 0; + + if(params->mask & KADM5_CONFIG_KADMIND_PORT) + (*ctx)->kadmind_port = params->kadmind_port; + else if (colon != NULL) { + char *end; + + (*ctx)->kadmind_port = htons(strtol (colon, &end, 0)); + } + if ((*ctx)->kadmind_port == 0) + (*ctx)->kadmind_port = krb5_getportbyname (context, "kerberos-adm", + "tcp", 749); + return 0; +} + +static krb5_error_code +get_kadm_ticket(krb5_context context, + krb5_ccache id, + krb5_principal client, + const char *server_name) +{ + krb5_error_code ret; + krb5_creds in, *out; + + memset(&in, 0, sizeof(in)); + in.client = client; + ret = krb5_parse_name(context, server_name, &in.server); + if(ret) + return ret; + ret = krb5_get_credentials(context, 0, id, &in, &out); + if(ret == 0) + krb5_free_creds(context, out); + krb5_free_principal(context, in.server); + return ret; +} + +static krb5_error_code +get_new_cache(krb5_context context, + krb5_principal client, + const char *password, + krb5_prompter_fct prompter, + const char *keytab, + const char *server_name, + krb5_ccache *ret_cache) +{ + krb5_error_code ret; + krb5_creds cred; + krb5_get_init_creds_opt opt; + krb5_ccache id; + + krb5_get_init_creds_opt_init (&opt); + if(password == NULL && prompter == NULL) { + krb5_keytab kt; + if(keytab == NULL) + ret = krb5_kt_default(context, &kt); + else + ret = krb5_kt_resolve(context, keytab, &kt); + if(ret) + return ret; + ret = krb5_get_init_creds_keytab (context, + &cred, + client, + kt, + 0, + server_name, + &opt); + krb5_kt_close(context, kt); + } else { + ret = krb5_get_init_creds_password (context, + &cred, + client, + password, + prompter, + NULL, + 0, + server_name, + &opt); + } + switch(ret){ + case 0: + break; + case KRB5_LIBOS_PWDINTR: /* don't print anything if it was just C-c:ed */ + case KRB5KRB_AP_ERR_BAD_INTEGRITY: + case KRB5KRB_AP_ERR_MODIFIED: + return KADM5_BAD_PASSWORD; + default: + return ret; + } + ret = krb5_cc_gen_new(context, &krb5_mcc_ops, &id); + if(ret) + return ret; + ret = krb5_cc_initialize (context, id, cred.client); + if (ret) + return ret; + ret = krb5_cc_store_cred (context, id, &cred); + if (ret) + return ret; + krb5_free_creds_contents (context, &cred); + *ret_cache = id; + return 0; +} + +static krb5_error_code +get_cred_cache(krb5_context context, + const char *client_name, + const char *server_name, + const char *password, + krb5_prompter_fct prompter, + const char *keytab, + krb5_ccache ccache, + krb5_ccache *ret_cache) +{ + krb5_error_code ret; + krb5_ccache id = NULL; + krb5_principal default_client = NULL, client = NULL; + + /* treat empty password as NULL */ + if(password && *password == '\0') + password = NULL; + if(server_name == NULL) + server_name = KADM5_ADMIN_SERVICE; + + if(client_name != NULL) { + ret = krb5_parse_name(context, client_name, &client); + if(ret) + return ret; + } + + if(password != NULL || prompter != NULL) { + /* get principal from default cache, ok if this doesn't work */ + ret = krb5_cc_default(context, &id); + if(ret == 0) { + ret = krb5_cc_get_principal(context, id, &default_client); + if(ret) { + krb5_cc_close(context, id); + id = NULL; + } + } + + if(client == NULL) + client = default_client; + if(client == NULL) { + const char *user; + + user = get_default_username (); + + if(user == NULL) + return KADM5_FAILURE; + ret = krb5_make_principal(context, &client, + NULL, user, "admin", NULL); + if(ret) + return ret; + } + if(client != default_client) { + krb5_free_principal(context, default_client); + default_client = NULL; + if (id != NULL) { + krb5_cc_close(context, id); + id = NULL; + } + } + } else if(ccache != NULL) + id = ccache; + + + if(id && (default_client == NULL || + krb5_principal_compare(context, client, default_client))) { + ret = get_kadm_ticket(context, id, client, server_name); + if(ret == 0) { + *ret_cache = id; + krb5_free_principal(context, default_client); + if (default_client != client) + krb5_free_principal(context, client); + return 0; + } + if(ccache != NULL) + /* couldn't get ticket from cache */ + return -1; + } + /* get creds via AS request */ + if(id) + krb5_cc_close(context, id); + if (client != default_client) + krb5_free_principal(context, default_client); + + ret = get_new_cache(context, client, password, prompter, keytab, + server_name, ret_cache); + krb5_free_principal(context, client); + return ret; +} + +static kadm5_ret_t +kadm5_c_init_with_context(krb5_context context, + const char *client_name, + const char *password, + krb5_prompter_fct prompter, + const char *keytab, + krb5_ccache ccache, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle) +{ + kadm5_ret_t ret; + kadm5_client_context *ctx; + krb5_principal server; + krb5_ccache cc; + int s; + struct addrinfo *ai, *a; + struct addrinfo hints; + int error; + char portstr[NI_MAXSERV]; + char *hostname, *slash; + + memset (&hints, 0, sizeof(hints)); + hints.ai_socktype = SOCK_STREAM; + hints.ai_protocol = IPPROTO_TCP; + + ret = _kadm5_c_init_context(&ctx, realm_params, context); + if(ret) + return ret; + + snprintf (portstr, sizeof(portstr), "%u", ntohs(ctx->kadmind_port)); + + hostname = ctx->admin_server; + slash = strchr (hostname, '/'); + if (slash != NULL) + hostname = slash + 1; + + error = getaddrinfo (hostname, portstr, &hints, &ai); + if (error) + return KADM5_BAD_SERVER_NAME; + + for (a = ai; a != NULL; a = a->ai_next) { + s = socket (a->ai_family, a->ai_socktype, a->ai_protocol); + if (s < 0) + continue; + if (connect (s, a->ai_addr, a->ai_addrlen) < 0) { + krb5_warn (context, errno, "connect(%s)", hostname); + close (s); + continue; + } + break; + } + if (a == NULL) { + freeaddrinfo (ai); + krb5_warnx (context, "failed to contact %s", hostname); + return KADM5_FAILURE; + } + ret = get_cred_cache(context, client_name, service_name, + password, prompter, keytab, ccache, &cc); + + if(ret) { + freeaddrinfo (ai); + close(s); + return ret; + } + ret = krb5_parse_name(context, KADM5_ADMIN_SERVICE, &server); + if(ret) { + freeaddrinfo (ai); + if(ccache == NULL) + krb5_cc_close(context, cc); + close(s); + return ret; + } + ctx->ac = NULL; + + ret = krb5_sendauth(context, &ctx->ac, &s, + KADMIN_APPL_VERSION, NULL, + server, AP_OPTS_MUTUAL_REQUIRED, + NULL, NULL, cc, NULL, NULL, NULL); + if(ret == 0) { + krb5_data params, enc_data; + ret = _kadm5_marshal_params(context, realm_params, ¶ms); + + ret = krb5_mk_priv(context, + ctx->ac, + ¶ms, + &enc_data, + NULL); + + ret = krb5_write_message(context, &s, &enc_data); + + krb5_data_free(¶ms); + krb5_data_free(&enc_data); + } else if(ret == KRB5_SENDAUTH_BADAPPLVERS) { + close(s); + + s = socket (a->ai_family, a->ai_socktype, a->ai_protocol); + if (s < 0) { + freeaddrinfo (ai); + return errno; + } + if (connect (s, a->ai_addr, a->ai_addrlen) < 0) { + close (s); + freeaddrinfo (ai); + return errno; + } + freeaddrinfo (ai); + + ret = krb5_sendauth(context, &ctx->ac, &s, + KADMIN_OLD_APPL_VERSION, NULL, + server, AP_OPTS_MUTUAL_REQUIRED, + NULL, NULL, cc, NULL, NULL, NULL); + } + freeaddrinfo (ai); + if(ret) { + close(s); + return ret; + } + + krb5_free_principal(context, server); + if(ccache == NULL) + krb5_cc_close(context, cc); + if(ret) { + close(s); + return ret; + } + ctx->sock = s; + *server_handle = ctx; + return 0; +} + +static kadm5_ret_t +init_context(const char *client_name, + const char *password, + krb5_prompter_fct prompter, + const char *keytab, + krb5_ccache ccache, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle) +{ + krb5_context context; + kadm5_ret_t ret; + kadm5_server_context *ctx; + + krb5_init_context(&context); + ret = kadm5_c_init_with_context(context, + client_name, + password, + prompter, + keytab, + ccache, + service_name, + realm_params, + struct_version, + api_version, + server_handle); + if(ret){ + krb5_free_context(context); + return ret; + } + ctx = *server_handle; + ctx->my_context = 1; + return 0; +} + +kadm5_ret_t +kadm5_c_init_with_password_ctx(krb5_context context, + const char *client_name, + const char *password, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle) +{ + return kadm5_c_init_with_context(context, + client_name, + password, + krb5_prompter_posix, + NULL, + NULL, + service_name, + realm_params, + struct_version, + api_version, + server_handle); +} + +kadm5_ret_t +kadm5_c_init_with_password(const char *client_name, + const char *password, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle) +{ + return init_context(client_name, + password, + krb5_prompter_posix, + NULL, + NULL, + service_name, + realm_params, + struct_version, + api_version, + server_handle); +} + +kadm5_ret_t +kadm5_c_init_with_skey_ctx(krb5_context context, + const char *client_name, + const char *keytab, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle) +{ + return kadm5_c_init_with_context(context, + client_name, + NULL, + NULL, + keytab, + NULL, + service_name, + realm_params, + struct_version, + api_version, + server_handle); +} + + +kadm5_ret_t +kadm5_c_init_with_skey(const char *client_name, + const char *keytab, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle) +{ + return init_context(client_name, + NULL, + NULL, + keytab, + NULL, + service_name, + realm_params, + struct_version, + api_version, + server_handle); +} + +kadm5_ret_t +kadm5_c_init_with_creds_ctx(krb5_context context, + const char *client_name, + krb5_ccache ccache, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle) +{ + return kadm5_c_init_with_context(context, + client_name, + NULL, + NULL, + NULL, + ccache, + service_name, + realm_params, + struct_version, + api_version, + server_handle); +} + +kadm5_ret_t +kadm5_c_init_with_creds(const char *client_name, + krb5_ccache ccache, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle) +{ + return init_context(client_name, + NULL, + NULL, + NULL, + ccache, + service_name, + realm_params, + struct_version, + api_version, + server_handle); +} + +#if 0 +kadm5_ret_t +kadm5_init(char *client_name, char *pass, + char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle) +{ +} +#endif + diff --git a/crypto/heimdal/lib/kadm5/init_s.c b/crypto/heimdal/lib/kadm5/init_s.c new file mode 100644 index 0000000..6c1f3d1 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/init_s.c @@ -0,0 +1,232 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: init_s.c,v 1.9 1999/12/02 17:05:06 joda Exp $"); + + +static kadm5_ret_t +kadm5_s_init_with_context(krb5_context context, + const char *client_name, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle) +{ + kadm5_ret_t ret; + kadm5_server_context *ctx; + ret = _kadm5_s_init_context(&ctx, realm_params, context); + if(ret) + return ret; + + assert(ctx->config.dbname != NULL); + assert(ctx->config.stash_file != NULL); + assert(ctx->config.acl_file != NULL); + assert(ctx->log_context.log_file != NULL); + assert(ctx->log_context.socket_name.sun_path[0] != '\0'); + + ret = hdb_create(ctx->context, &ctx->db, ctx->config.dbname); + if(ret) + return ret; + ret = hdb_set_master_keyfile (ctx->context, + ctx->db, ctx->config.stash_file); + if(ret) + return ret; + + ctx->log_context.log_fd = -1; + + ctx->log_context.socket_fd = socket (AF_UNIX, SOCK_DGRAM, 0); + + ret = krb5_parse_name(ctx->context, client_name, &ctx->caller); + if(ret) + return ret; + + ret = _kadm5_acl_init(ctx); + if(ret) + return ret; + + *server_handle = ctx; + return 0; +} + +kadm5_ret_t +kadm5_s_init_with_password_ctx(krb5_context context, + const char *client_name, + const char *password, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle) +{ + return kadm5_s_init_with_context(context, + client_name, + service_name, + realm_params, + struct_version, + api_version, + server_handle); +} + +kadm5_ret_t +kadm5_s_init_with_password(const char *client_name, + const char *password, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle) +{ + krb5_context context; + kadm5_ret_t ret; + kadm5_server_context *ctx; + + krb5_init_context(&context); + ret = kadm5_s_init_with_password_ctx(context, + client_name, + password, + service_name, + realm_params, + struct_version, + api_version, + server_handle); + if(ret){ + krb5_free_context(context); + return ret; + } + ctx = *server_handle; + ctx->my_context = 1; + return 0; +} + +kadm5_ret_t +kadm5_s_init_with_skey_ctx(krb5_context context, + const char *client_name, + const char *keytab, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle) +{ + return kadm5_s_init_with_context(context, + client_name, + service_name, + realm_params, + struct_version, + api_version, + server_handle); +} + +kadm5_ret_t +kadm5_s_init_with_skey(const char *client_name, + const char *keytab, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle) +{ + krb5_context context; + kadm5_ret_t ret; + kadm5_server_context *ctx; + + krb5_init_context(&context); + ret = kadm5_s_init_with_skey_ctx(context, + client_name, + keytab, + service_name, + realm_params, + struct_version, + api_version, + server_handle); + if(ret){ + krb5_free_context(context); + return ret; + } + ctx = *server_handle; + ctx->my_context = 1; + return 0; +} + +kadm5_ret_t +kadm5_s_init_with_creds_ctx(krb5_context context, + const char *client_name, + krb5_ccache ccache, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle) +{ + return kadm5_s_init_with_context(context, + client_name, + service_name, + realm_params, + struct_version, + api_version, + server_handle); +} + +kadm5_ret_t +kadm5_s_init_with_creds(const char *client_name, + krb5_ccache ccache, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle) +{ + krb5_context context; + kadm5_ret_t ret; + kadm5_server_context *ctx; + + krb5_init_context(&context); + ret = kadm5_s_init_with_creds_ctx(context, + client_name, + ccache, + service_name, + realm_params, + struct_version, + api_version, + server_handle); + if(ret){ + krb5_free_context(context); + return ret; + } + ctx = *server_handle; + ctx->my_context = 1; + return 0; +} diff --git a/crypto/heimdal/lib/kadm5/iprop.h b/crypto/heimdal/lib/kadm5/iprop.h new file mode 100644 index 0000000..499f515 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/iprop.h @@ -0,0 +1,53 @@ +/* + * Copyright (c) 1998-1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: iprop.h,v 1.4 1999/12/02 17:05:06 joda Exp $ */ + +#ifndef __IPROP_H__ +#define __IPROP_H__ + +#include "kadm5_locl.h" +#include <getarg.h> +#ifdef HAVE_SYS_SELECT_H +#include <sys/select.h> +#endif + +#define IPROP_VERSION "iprop-0.0" + +#define KADM5_SLAVE_ACL HDB_DB_DIR "/slaves" + +#define IPROP_NAME "iprop" + +enum iprop_cmd { I_HAVE = 1, FOR_YOU = 2 }; + +#endif /* __IPROP_H__ */ diff --git a/crypto/heimdal/lib/kadm5/ipropd_master.c b/crypto/heimdal/lib/kadm5/ipropd_master.c new file mode 100644 index 0000000..b2e71a7 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/ipropd_master.c @@ -0,0 +1,422 @@ +/* + * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "iprop.h" + +RCSID("$Id: ipropd_master.c,v 1.12 1999/12/02 17:05:06 joda Exp $"); + +static int +make_signal_socket (krb5_context context) +{ + struct sockaddr_un addr; + int fd; + + fd = socket (AF_UNIX, SOCK_DGRAM, 0); + if (fd < 0) + krb5_err (context, 1, errno, "socket AF_UNIX"); + memset (&addr, 0, sizeof(addr)); + addr.sun_family = AF_UNIX; + strncpy (addr.sun_path, KADM5_LOG_SIGNAL, sizeof(addr.sun_path)); + addr.sun_path[sizeof(addr.sun_path) - 1] = '\0'; + unlink (addr.sun_path); + if (bind (fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) + krb5_err (context, 1, errno, "bind %s", addr.sun_path); + return fd; +} + +static int +make_listen_socket (krb5_context context) +{ + int fd; + int one = 1; + struct sockaddr_in addr; + + fd = socket (AF_INET, SOCK_STREAM, 0); + if (fd < 0) + krb5_err (context, 1, errno, "socket AF_INET"); + setsockopt (fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one)); + memset (&addr, 0, sizeof(addr)); + addr.sin_family = AF_INET; + addr.sin_port = htons(4711); + if(bind(fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) + krb5_err (context, 1, errno, "bind"); + if (listen(fd, SOMAXCONN) < 0) + krb5_err (context, 1, errno, "listen"); + return fd; +} + +struct slave { + int fd; + struct sockaddr_in addr; + char *name; + krb5_auth_context ac; + u_int32_t version; + struct slave *next; +}; + +typedef struct slave slave; + +static int +check_acl (krb5_context context, const char *name) +{ + FILE *fp; + char buf[256]; + int ret = 1; + + fp = fopen (KADM5_SLAVE_ACL, "r"); + if (fp == NULL) + return 1; + while (fgets(buf, sizeof(buf), fp) != NULL) { + if (buf[strlen(buf) - 1 ] == '\n') + buf[strlen(buf) - 1 ] = '\0'; + if (strcmp (buf, name) == 0) { + ret = 0; + break; + } + } + fclose (fp); + return ret; +} + +static void +add_slave (krb5_context context, slave **root, int fd) +{ + krb5_principal server; + krb5_error_code ret; + slave *s; + int addr_len; + krb5_ticket *ticket = NULL; + char hostname[128]; + + s = malloc(sizeof(*s)); + if (s == NULL) { + krb5_warnx (context, "add_slave: no memory"); + return; + } + s->name = NULL; + s->ac = NULL; + + addr_len = sizeof(s->addr); + s->fd = accept (fd, (struct sockaddr *)&s->addr, &addr_len); + if (s->fd < 0) { + krb5_warn (context, errno, "accept"); + goto error; + } + gethostname(hostname, sizeof(hostname)); + ret = krb5_sname_to_principal (context, hostname, IPROP_NAME, + KRB5_NT_SRV_HST, &server); + if (ret) { + krb5_warn (context, ret, "krb5_sname_to_principal"); + goto error; + } + + ret = krb5_recvauth (context, &s->ac, &s->fd, + IPROP_VERSION, server, 0, NULL, &ticket); + krb5_free_principal (context, server); + if (ret) { + krb5_warn (context, ret, "krb5_recvauth"); + goto error; + } + ret = krb5_unparse_name (context, ticket->client, &s->name); + if (ret) { + krb5_warn (context, ret, "krb5_unparse_name"); + goto error; + } + if (check_acl (context, s->name)) { + krb5_warnx (context, "%s not in acl", s->name); + goto error; + } + krb5_free_ticket (context, ticket); + printf ("connection from %s\n", s->name); + + s->version = 0; + s->next = *root; + *root = s; + return; +error: + if (s->name) + free (s->name); + if (s->ac) + krb5_auth_con_free(context, s->ac); + if (ticket) + krb5_free_ticket (context, ticket); + close (s->fd); + free(s); +} + +static void +remove_slave (krb5_context context, slave *s, slave **root) +{ + slave **p; + + close (s->fd); + free (s->name); + krb5_auth_con_free (context, s->ac); + + for (p = root; *p; p = &(*p)->next) + if (*p == s) { + *p = s->next; + break; + } + free (s); +} + +static int +send_complete (krb5_context context, slave *s) +{ + abort (); +} + +static int +send_diffs (krb5_context context, slave *s, int log_fd, + u_int32_t current_version) +{ + krb5_storage *sp, *data_sp; + u_int32_t ver; + time_t timestamp; + enum kadm_ops op; + u_int32_t len; + off_t right, left; + krb5_data data; + krb5_data priv_data; + int ret = 0; + + if (s->version == current_version) + return 0; + + sp = kadm5_log_goto_end (log_fd); + right = sp->seek(sp, 0, SEEK_CUR); + printf ("%ld, looking for %d\n", (long)right, s->version); + for (;;) { + if (kadm5_log_previous (sp, &ver, ×tamp, &op, &len)) + abort (); + printf ("version = %d\n", ver); + left = sp->seek(sp, -16, SEEK_CUR); + if (ver == s->version) + return 0; + if (ver == s->version + 1) + break; + if (left == 0) + return send_complete (context, s); + } + krb5_data_alloc (&data, right - left + 4); + sp->fetch (sp, (char *)data.data + 4, data.length - 4); + krb5_storage_free(sp); + + _krb5_put_int(data.data, FOR_YOU, 4); + + ret = krb5_mk_priv (context, s->ac, &data, &priv_data, NULL); + krb5_data_free(&data); + if (ret) { + krb5_warn (context, ret, "krb_mk_priv"); + return 0; + } + + ret = krb5_write_message (context, &s->fd, &priv_data); + krb5_data_free (&priv_data); + if (ret) { + krb5_warn (context, ret, "krb5_write_message"); + return 1; + } + return 0; +} + +static int +process_msg (krb5_context context, slave *s, int log_fd, + u_int32_t current_version) +{ + int ret = 0; + krb5_data in, out; + krb5_storage *sp; + int32_t tmp; + + ret = krb5_read_message (context, &s->fd, &in); + if (ret) + return 1; + + if(in.length == 0) { + krb5_warnx(context, "process_msg: short message"); + return 1; + } + + ret = krb5_rd_priv (context, s->ac, &in, &out, NULL); + krb5_data_free (&in); + if (ret) { + krb5_warn (context, ret, "krb5_rd_priv"); + return 1; + } + + sp = krb5_storage_from_mem (out.data, out.length); + krb5_ret_int32 (sp, &tmp); + switch (tmp) { + case I_HAVE : + krb5_ret_int32 (sp, &tmp); + s->version = tmp; + ret = send_diffs (context, s, log_fd, current_version); + break; + case FOR_YOU : + default : + krb5_warnx (context, "Ignoring command %d", tmp); + break; + } + + krb5_data_free (&out); + return ret; +} + +char *realm; +int version_flag; +int help_flag; +struct getargs args[] = { + { "realm", 'r', arg_string, &realm }, + { "version", 0, arg_flag, &version_flag }, + { "help", 0, arg_flag, &help_flag } +}; +int num_args = sizeof(args) / sizeof(args[0]); + +int +main(int argc, char **argv) +{ + krb5_error_code ret; + krb5_context context; + void *kadm_handle; + kadm5_server_context *server_context; + kadm5_config_params conf; + int signal_fd, listen_fd; + int log_fd; + slave *slaves = NULL; + u_int32_t current_version, old_version = 0; + + int optind; + + optind = krb5_program_setup(&context, argc, argv, args, num_args, NULL); + + if(help_flag) + krb5_std_usage(0, args, num_args); + if(version_flag) { + print_version(NULL); + exit(0); + } + + memset(&conf, 0, sizeof(conf)); + if(realm) { + conf.mask |= KADM5_CONFIG_REALM; + conf.realm = realm; + } + ret = kadm5_init_with_password_ctx (context, + KADM5_ADMIN_SERVICE, + NULL, + KADM5_ADMIN_SERVICE, + &conf, 0, 0, + &kadm_handle); + if (ret) + krb5_err (context, 1, ret, "kadm5_init_with_password_ctx"); + + server_context = (kadm5_server_context *)kadm_handle; + + log_fd = open (server_context->log_context.log_file, O_RDONLY, 0); + if (log_fd < 0) + krb5_err (context, 1, errno, "open %s", + server_context->log_context.log_file); + + signal_fd = make_signal_socket (context); + listen_fd = make_listen_socket (context); + + for (;;) { + slave *p; + fd_set readset; + int max_fd = 0; + struct timeval to = {30, 0}; + u_int32_t vers; + + FD_ZERO(&readset); + FD_SET(signal_fd, &readset); + max_fd = max(max_fd, signal_fd); + FD_SET(listen_fd, &readset); + max_fd = max(max_fd, listen_fd); + + for (p = slaves; p != NULL; p = p->next) { + FD_SET(p->fd, &readset); + max_fd = max(max_fd, p->fd); + } + + ret = select (max_fd + 1, + &readset, NULL, NULL, &to); + if (ret < 0) { + if (errno == EINTR) + continue; + else + krb5_err (context, 1, errno, "select"); + } + + if (ret == 0) { + old_version = current_version; + kadm5_log_get_version (log_fd, ¤t_version); + + if (current_version > old_version) + for (p = slaves; p != NULL; p = p->next) + send_diffs (context, p, log_fd, current_version); + } + + if (ret && FD_ISSET(signal_fd, &readset)) { + struct sockaddr_un peer_addr; + int peer_len = sizeof(peer_addr); + + if(recvfrom(signal_fd, &vers, sizeof(vers), 0, + (struct sockaddr *)&peer_addr, &peer_len) < 0) { + krb5_warn (context, errno, "recvfrom"); + continue; + } + printf ("signal: %u\n", vers); + --ret; + old_version = current_version; + kadm5_log_get_version (log_fd, ¤t_version); + for (p = slaves; p != NULL; p = p->next) + send_diffs (context, p, log_fd, current_version); + } + + for(p = slaves; p != NULL && ret--; p = p->next) + if (FD_ISSET(p->fd, &readset)) { + if(process_msg (context, p, log_fd, current_version)) + remove_slave (context, p, &slaves); + } + + if (ret && FD_ISSET(listen_fd, &readset)) { + add_slave (context, &slaves, listen_fd); + --ret; + } + + } + + return 0; +} diff --git a/crypto/heimdal/lib/kadm5/ipropd_slave.c b/crypto/heimdal/lib/kadm5/ipropd_slave.c new file mode 100644 index 0000000..76884eb --- /dev/null +++ b/crypto/heimdal/lib/kadm5/ipropd_slave.c @@ -0,0 +1,313 @@ +/* + * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "iprop.h" + +RCSID("$Id: ipropd_slave.c,v 1.10 1999/12/02 17:05:06 joda Exp $"); + +static int +connect_to_master (krb5_context context, const char *master) +{ + int fd; + struct sockaddr_in addr; + struct hostent *he; + + fd = socket (AF_INET, SOCK_STREAM, 0); + if (fd < 0) + krb5_err (context, 1, errno, "socket AF_INET"); + memset (&addr, 0, sizeof(addr)); + addr.sin_family = AF_INET; + addr.sin_port = htons(4711); + he = roken_gethostbyname (master); + if (he == NULL) + krb5_errx (context, 1, "gethostbyname: %s", hstrerror(h_errno)); + memcpy (&addr.sin_addr, he->h_addr, sizeof(addr.sin_addr)); + if(connect(fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) + krb5_err (context, 1, errno, "connect"); + return fd; +} + +static void +get_creds(krb5_context context, krb5_ccache *cache, const char *host) +{ + krb5_keytab keytab; + krb5_principal client; + krb5_error_code ret; + krb5_get_init_creds_opt init_opts; +#if 0 + krb5_preauthtype preauth = KRB5_PADATA_ENC_TIMESTAMP; +#endif + krb5_creds creds; + char my_hostname[128]; + char *server; + + ret = krb5_kt_default(context, &keytab); + if(ret) krb5_err(context, 1, ret, "krb5_kt_default"); + + gethostname (my_hostname, sizeof(my_hostname)); + ret = krb5_sname_to_principal (context, my_hostname, IPROP_NAME, + KRB5_NT_SRV_HST, &client); + if (ret) krb5_err(context, 1, ret, "krb5_sname_to_principal"); + + krb5_get_init_creds_opt_init(&init_opts); +#if 0 + krb5_get_init_creds_opt_set_preauth_list(&init_opts, &preauth, 1); +#endif + + asprintf (&server, "%s/%s", IPROP_NAME, host); + if (server == NULL) + krb5_errx (context, 1, "malloc: no memory"); + + ret = krb5_get_init_creds_keytab(context, &creds, client, keytab, + 0, server, &init_opts); + free (server); + if(ret) krb5_err(context, 1, ret, "krb5_get_init_creds"); + + ret = krb5_kt_close(context, keytab); + if(ret) krb5_err(context, 1, ret, "krb5_kt_close"); + + ret = krb5_cc_gen_new(context, &krb5_mcc_ops, cache); + if(ret) krb5_err(context, 1, ret, "krb5_cc_gen_new"); + + ret = krb5_cc_initialize(context, *cache, client); + if(ret) krb5_err(context, 1, ret, "krb5_cc_initialize"); + + ret = krb5_cc_store_cred(context, *cache, &creds); + if(ret) krb5_err(context, 1, ret, "krb5_cc_store_cred"); +} + +static void +ihave (krb5_context context, krb5_auth_context auth_context, + int fd, u_int32_t version) +{ + int ret; + u_char buf[8]; + krb5_storage *sp; + krb5_data data, priv_data; + + sp = krb5_storage_from_mem (buf, 8); + krb5_store_int32 (sp, I_HAVE); + krb5_store_int32 (sp, version); + krb5_storage_free (sp); + data.length = 8; + data.data = buf; + + ret = krb5_mk_priv (context, auth_context, &data, &priv_data, NULL); + if (ret) + krb5_err (context, 1, ret, "krb_mk_priv"); + + ret = krb5_write_message (context, &fd, &priv_data); + if (ret) + krb5_err (context, 1, ret, "krb5_write_message"); + + krb5_data_free (&priv_data); +} + +static void +receive (krb5_context context, + krb5_storage *sp, + kadm5_server_context *server_context) +{ + int ret; + off_t left, right; + void *buf; + int32_t vers; + + ret = server_context->db->open(context, + server_context->db, + O_RDWR | O_CREAT, 0); + if (ret) + krb5_err (context, 1, ret, "db->open"); + + do { + int32_t len, timestamp, tmp; + enum kadm_ops op; + + if(krb5_ret_int32 (sp, &vers) != 0) + return; + krb5_ret_int32 (sp, ×tamp); + krb5_ret_int32 (sp, &tmp); + op = tmp; + krb5_ret_int32 (sp, &len); + if (vers <= server_context->log_context.version) + sp->seek(sp, len, SEEK_CUR); + } while(vers <= server_context->log_context.version); + + left = sp->seek (sp, -16, SEEK_CUR); + right = sp->seek (sp, 0, SEEK_END); + buf = malloc (right - left); + if (buf == NULL) { + krb5_warnx (context, "malloc: no memory"); + return; + } + sp->seek (sp, left, SEEK_SET); + sp->fetch (sp, buf, right - left); + write (server_context->log_context.log_fd, buf, right-left); + fsync (server_context->log_context.log_fd); + free (buf); + + sp->seek (sp, left, SEEK_SET); + + for(;;) { + int32_t len, timestamp, tmp; + enum kadm_ops op; + + if(krb5_ret_int32 (sp, &vers) != 0) + break; + krb5_ret_int32 (sp, ×tamp); + krb5_ret_int32 (sp, &tmp); + op = tmp; + krb5_ret_int32 (sp, &len); + + ret = kadm5_log_replay (server_context, + op, vers, len, sp); + if (ret) + krb5_warn (context, ret, "kadm5_log_replay"); + else + server_context->log_context.version = vers; + sp->seek (sp, 8, SEEK_CUR); + } + + ret = server_context->db->close (context, server_context->db); + if (ret) + krb5_err (context, 1, ret, "db->close"); +} + +char *realm; +int version_flag; +int help_flag; +struct getargs args[] = { + { "realm", 'r', arg_string, &realm }, + { "version", 0, arg_flag, &version_flag }, + { "help", 0, arg_flag, &help_flag } +}; +int num_args = sizeof(args) / sizeof(args[0]); + +int +main(int argc, char **argv) +{ + krb5_error_code ret; + krb5_context context; + krb5_auth_context auth_context; + void *kadm_handle; + kadm5_server_context *server_context; + kadm5_config_params conf; + int master_fd; + krb5_ccache ccache; + krb5_principal server; + + int optind; + + optind = krb5_program_setup(&context, argc, argv, args, num_args, NULL); + + if(help_flag) + krb5_std_usage(0, args, num_args); + if(version_flag) { + print_version(NULL); + exit(0); + } + + memset(&conf, 0, sizeof(conf)); + if(realm) { + conf.mask |= KADM5_CONFIG_REALM; + conf.realm = realm; + } + ret = kadm5_init_with_password_ctx (context, + KADM5_ADMIN_SERVICE, + NULL, + KADM5_ADMIN_SERVICE, + &conf, 0, 0, + &kadm_handle); + if (ret) + krb5_err (context, 1, ret, "kadm5_init_with_password_ctx"); + + server_context = (kadm5_server_context *)kadm_handle; + + ret = kadm5_log_init (server_context); + if (ret) + krb5_err (context, 1, ret, "kadm5_log_init"); + + get_creds(context, &ccache, argv[1]); + + master_fd = connect_to_master (context, argv[1]); + + ret = krb5_sname_to_principal (context, argv[1], IPROP_NAME, + KRB5_NT_SRV_HST, &server); + if (ret) + krb5_err (context, 1, ret, "krb5_sname_to_principal"); + + auth_context = NULL; + ret = krb5_sendauth (context, &auth_context, &master_fd, + IPROP_VERSION, NULL, server, + AP_OPTS_MUTUAL_REQUIRED, NULL, NULL, + ccache, NULL, NULL, NULL); + if (ret) + krb5_err (context, 1, ret, "krb5_sendauth"); + + ihave (context, auth_context, master_fd, + server_context->log_context.version); + + for (;;) { + int ret; + krb5_data data, out; + krb5_storage *sp; + int32_t tmp; + + ret = krb5_read_message (context, &master_fd, &data); + if (ret) + krb5_err (context, 1, ret, "krb5_read_message"); + + ret = krb5_rd_priv (context, auth_context, &data, &out, NULL); + krb5_data_free (&data); + if (ret) + krb5_err (context, 1, ret, "krb5_rd_priv"); + + sp = krb5_storage_from_mem (out.data, out.length); + krb5_ret_int32 (sp, &tmp); + switch (tmp) { + case FOR_YOU : + receive (context, sp, server_context); + ihave (context, auth_context, master_fd, + server_context->log_context.version); + break; + case I_HAVE : + default : + krb5_warnx (context, "Ignoring command %d", tmp); + break; + } + krb5_storage_free (sp); + krb5_data_free (&out); + } + + return 0; +} diff --git a/crypto/heimdal/lib/kadm5/kadm5_err.et b/crypto/heimdal/lib/kadm5/kadm5_err.et new file mode 100644 index 0000000..506a554 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/kadm5_err.et @@ -0,0 +1,59 @@ +# +# Error messages for the kadm5 library +# +# This might look like a com_err file, but is not +# +id "$Id: kadm5_err.et,v 1.4 1998/02/16 16:37:17 joda Exp $" + +error_table ovk kadm5 + +prefix KADM5 +error_code FAILURE, "Operation failed for unspecified reason" +error_code AUTH_GET, "Operation requires `get' privilege" +error_code AUTH_ADD, "Operation requires `add' privilege" +error_code AUTH_MODIFY, "Operation requires `modify' privilege" +error_code AUTH_DELETE, "Operation requires `delete' privilege" +error_code AUTH_INSUFFICIENT, "Insufficient authorization for operation" +error_code BAD_DB, "Database inconsistency detected" +error_code DUP, "Principal or policy already exists" +error_code RPC_ERROR, "Communication failure with server" +error_code NO_SRV, "No administration server found for realm" +error_code BAD_HIST_KEY, "Password history principal key version mismatch" +error_code NOT_INIT, "Connection to server not initialized" +error_code UNK_PRINC, "Principal does not exist" +error_code UNK_POLICY, "Policy does not exist" +error_code BAD_MASK, "Invalid field mask for operation" +error_code BAD_CLASS, "Invalid number of character classes" +error_code BAD_LENGTH, "Invalid password length" +error_code BAD_POLICY, "Invalid policy name" +error_code BAD_PRINCIPAL, "Invalid principal name." +error_code BAD_AUX_ATTR, "Invalid auxillary attributes" +error_code BAD_HISTORY, "Invalid password history count" +error_code BAD_MIN_PASS_LIFE, "Password minimum life is greater then password maximum life" +error_code PASS_Q_TOOSHORT, "Password is too short" +error_code PASS_Q_CLASS, "Password does not contain enough character classes" +error_code PASS_Q_DICT, "Password is in the password dictionary" +error_code PASS_REUSE, "Can't resuse password" +error_code PASS_TOOSOON, "Current password's minimum life has not expired" +error_code POLICY_REF, "Policy is in use" +error_code INIT, "Connection to server already initialized" +error_code BAD_PASSWORD, "Incorrect password" +error_code PROTECT_PRINCIPAL, "Can't change protected principal" +error_code BAD_SERVER_HANDLE, "Programmer error! Bad Admin server handle" +error_code BAD_STRUCT_VERSION, "Programmer error! Bad API structure version" +error_code OLD_STRUCT_VERSION, "API structure version specified by application is no longer supported" +error_code NEW_STRUCT_VERSION, "API structure version specified by application is unknown to libraries" +error_code BAD_API_VERSION, "Programmer error! Bad API version" +error_code OLD_LIB_API_VERSION, "API version specified by application is no longer supported by libraries" +error_code OLD_SERVER_API_VERSION,"API version specified by application is no longer supported by server" +error_code NEW_LIB_API_VERSION, "API version specified by application is unknown to libraries" +error_code NEW_SERVER_API_VERSION,"API version specified by application is unknown to server" +error_code SECURE_PRINC_MISSING,"Database error! Required principal missing" +error_code NO_RENAME_SALT, "The salt type of the specified principal does not support renaming" +error_code BAD_CLIENT_PARAMS, "Invalid configuration parameter for remote KADM5 client" +error_code BAD_SERVER_PARAMS, "Invalid configuration parameter for local KADM5 client." +error_code AUTH_LIST, "Operation requires `list' privilege" +error_code AUTH_CHANGEPW, "Operation requires `change-password' privilege" +error_code BAD_TL_TYPE, "Programmer error! Invalid tagged data list element type" +error_code MISSING_CONF_PARAMS, "Required parameters in kdc.conf missing" +error_code BAD_SERVER_NAME, "Bad krb5 admin server hostname" diff --git a/crypto/heimdal/lib/kadm5/kadm5_locl.h b/crypto/heimdal/lib/kadm5/kadm5_locl.h new file mode 100644 index 0000000..9344a2c --- /dev/null +++ b/crypto/heimdal/lib/kadm5/kadm5_locl.h @@ -0,0 +1,83 @@ +/* + * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: kadm5_locl.h,v 1.21 1999/12/02 17:05:06 joda Exp $ */ + +#ifndef __KADM5_LOCL_H__ +#define __KADM5_LOCL_H__ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <errno.h> +#include <assert.h> +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif +#ifdef HAVE_FCNTL_H +#include <fcntl.h> +#endif +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_SYS_TIME_H +#include <sys/time.h> +#endif +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif +#ifdef HAVE_SYS_FILE_H +#include <sys/file.h> +#endif +#ifdef HAVE_SYS_SOCKET_H +#include <sys/socket.h> +#endif +#ifdef HAVE_SYS_UN_H +#include <sys/un.h> +#endif +#ifdef HAVE_NETDB_H +#include <netdb.h> +#endif +#include <fnmatch.h> +#include "admin.h" +#include "kadm5_err.h" +#include <hdb.h> +#include <roken.h> +#include <parse_units.h> +#include "private.h" + +#endif /* __KADM5_LOCL_H__ */ diff --git a/crypto/heimdal/lib/kadm5/log.c b/crypto/heimdal/lib/kadm5/log.c new file mode 100644 index 0000000..e9dc38c --- /dev/null +++ b/crypto/heimdal/lib/kadm5/log.c @@ -0,0 +1,666 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: log.c,v 1.13 1999/12/04 19:50:35 assar Exp $"); + +/* + * A log record consists of: + * + * version number 4 bytes + * time in seconds 4 bytes + * operation (enum kadm_ops) 4 bytes + * length of record 4 bytes + * data... n bytes + * length of record 4 bytes + * version number 4 bytes + * + */ + +kadm5_ret_t +kadm5_log_get_version (int fd, + u_int32_t *ver) +{ + int ret; + krb5_storage *sp; + int32_t old_version; + + ret = lseek (fd, 0, SEEK_END); + if(ret < 0) + return errno; + if(ret == 0) { + *ver = 0; + return 0; + } + sp = krb5_storage_from_fd (fd); + sp->seek(sp, -4, SEEK_CUR); + krb5_ret_int32 (sp, &old_version); + *ver = old_version; + krb5_storage_free(sp); + lseek (fd, 0, SEEK_END); + return 0; +} + +kadm5_ret_t +kadm5_log_init (kadm5_server_context *context) +{ + int fd; + kadm5_ret_t ret; + kadm5_log_context *log_context = &context->log_context; + + if (log_context->log_fd != -1) + return 0; + fd = open (log_context->log_file, O_RDWR | O_CREAT, 0600); + if (fd < 0) + return errno; + if (flock (fd, LOCK_EX) < 0) { + close (fd); + return errno; + } + + ret = kadm5_log_get_version (fd, &log_context->version); + if (ret) + return ret; + + log_context->log_fd = fd; + return 0; +} + +kadm5_ret_t +kadm5_log_end (kadm5_server_context *context) +{ + kadm5_log_context *log_context = &context->log_context; + int fd = log_context->log_fd; + + flock (fd, LOCK_UN); + close(fd); + log_context->log_fd = -1; + return 0; +} + +static kadm5_ret_t +kadm5_log_preamble (kadm5_server_context *context, + krb5_storage *sp, + enum kadm_ops op) +{ + kadm5_log_context *log_context = &context->log_context; + kadm5_ret_t kadm_ret; + + kadm_ret = kadm5_log_init (context); + if (kadm_ret) + return kadm_ret; + + krb5_store_int32 (sp, ++log_context->version); + krb5_store_int32 (sp, time(NULL)); + krb5_store_int32 (sp, op); + return 0; +} + +static kadm5_ret_t +kadm5_log_postamble (kadm5_log_context *context, + krb5_storage *sp) +{ + krb5_store_int32 (sp, context->version); + return 0; +} + +/* + * flush the log record in `sp'. + */ + +static kadm5_ret_t +kadm5_log_flush (kadm5_log_context *log_context, + krb5_storage *sp) +{ + krb5_data data; + size_t len; + int ret; + + krb5_storage_to_data(sp, &data); + len = data.length; + ret = write (log_context->log_fd, data.data, len); + if (ret != len) { + krb5_data_free(&data); + return errno; + } + if (fsync (log_context->log_fd) < 0) { + krb5_data_free(&data); + return errno; + } + /* + * Try to send a signal to any running `ipropd-master' + */ + sendto (log_context->socket_fd, + (void *)&log_context->version, + sizeof(log_context->version), + 0, + (struct sockaddr *)&log_context->socket_name, + sizeof(log_context->socket_name)); + + krb5_data_free(&data); + return 0; +} + +/* + * Add a `create' operation to the log. + */ + +kadm5_ret_t +kadm5_log_create (kadm5_server_context *context, + hdb_entry *ent) +{ + krb5_storage *sp; + kadm5_ret_t ret; + krb5_data value; + kadm5_log_context *log_context = &context->log_context; + + sp = krb5_storage_emem(); + ret = hdb_entry2value (context->context, ent, &value); + if (ret) { + krb5_storage_free(sp); + return ret; + } + ret = kadm5_log_preamble (context, sp, kadm_create); + if (ret) { + krb5_data_free (&value); + krb5_storage_free(sp); + return ret; + } + krb5_store_int32 (sp, value.length); + sp->store(sp, value.data, value.length); + krb5_store_int32 (sp, value.length); + krb5_data_free (&value); + ret = kadm5_log_postamble (log_context, sp); + if (ret) { + krb5_storage_free (sp); + return ret; + } + ret = kadm5_log_flush (log_context, sp); + krb5_storage_free (sp); + if (ret) + return ret; + ret = kadm5_log_end (context); + return ret; +} + +/* + * Read the data of a create log record from `sp' and change the + * database. + */ + +kadm5_ret_t +kadm5_log_replay_create (kadm5_server_context *context, + u_int32_t ver, + u_int32_t len, + krb5_storage *sp) +{ + krb5_error_code ret; + krb5_data data; + hdb_entry ent; + + krb5_data_alloc (&data, len); + sp->fetch (sp, data.data, len); + ret = hdb_value2entry (context->context, &data, &ent); + krb5_data_free(&data); + if (ret) + return ret; + ret = context->db->store(context->context, context->db, 0, &ent); + hdb_free_entry (context->context, &ent); + return ret; +} + +/* + * Add a `delete' operation to the log. + */ + +kadm5_ret_t +kadm5_log_delete (kadm5_server_context *context, + krb5_principal princ) +{ + krb5_storage *sp; + kadm5_ret_t ret; + off_t off; + off_t len; + kadm5_log_context *log_context = &context->log_context; + + sp = krb5_storage_emem(); + ret = kadm5_log_preamble (context, sp, kadm_delete); + if (ret) { + krb5_storage_free(sp); + return ret; + } + krb5_store_int32 (sp, 0); + off = sp->seek (sp, 0, SEEK_CUR); + krb5_store_principal (sp, princ); + len = sp->seek (sp, 0, SEEK_CUR) - off; + sp->seek(sp, -(len + 4), SEEK_CUR); + krb5_store_int32 (sp, len); + sp->seek(sp, len, SEEK_CUR); + krb5_store_int32 (sp, len); + if (ret) { + krb5_storage_free (sp); + return ret; + } + ret = kadm5_log_postamble (log_context, sp); + if (ret) { + krb5_storage_free (sp); + return ret; + } + ret = kadm5_log_flush (log_context, sp); + krb5_storage_free (sp); + if (ret) + return ret; + ret = kadm5_log_end (context); + return ret; +} + +/* + * Read a `delete' log operation from `sp' and apply it. + */ + +kadm5_ret_t +kadm5_log_replay_delete (kadm5_server_context *context, + u_int32_t ver, + u_int32_t len, + krb5_storage *sp) +{ + krb5_error_code ret; + hdb_entry ent; + + krb5_ret_principal (sp, &ent.principal); + + ret = context->db->remove(context->context, context->db, &ent); + krb5_free_principal (context->context, ent.principal); + return ret; +} + +/* + * Add a `rename' operation to the log. + */ + +kadm5_ret_t +kadm5_log_rename (kadm5_server_context *context, + krb5_principal source, + hdb_entry *ent) +{ + krb5_storage *sp; + kadm5_ret_t ret; + off_t off; + off_t len; + krb5_data value; + kadm5_log_context *log_context = &context->log_context; + + sp = krb5_storage_emem(); + ret = hdb_entry2value (context->context, ent, &value); + if (ret) { + krb5_storage_free(sp); + return ret; + } + ret = kadm5_log_preamble (context, sp, kadm_rename); + if (ret) { + krb5_storage_free(sp); + krb5_data_free (&value); + return ret; + } + krb5_store_int32 (sp, 0); + off = sp->seek (sp, 0, SEEK_CUR); + krb5_store_principal (sp, source); + sp->store(sp, value.data, value.length); + krb5_data_free (&value); + len = sp->seek (sp, 0, SEEK_CUR) - off; + + sp->seek(sp, -(len + 4), SEEK_CUR); + krb5_store_int32 (sp, len); + sp->seek(sp, len, SEEK_CUR); + krb5_store_int32 (sp, len); + if (ret) { + krb5_storage_free (sp); + return ret; + } + ret = kadm5_log_postamble (log_context, sp); + if (ret) { + krb5_storage_free (sp); + return ret; + } + ret = kadm5_log_flush (log_context, sp); + krb5_storage_free (sp); + if (ret) + return ret; + ret = kadm5_log_end (context); + return ret; +} + +/* + * Read a `rename' log operation from `sp' and apply it. + */ + +kadm5_ret_t +kadm5_log_replay_rename (kadm5_server_context *context, + u_int32_t ver, + u_int32_t len, + krb5_storage *sp) +{ + krb5_error_code ret; + krb5_principal source; + hdb_entry source_ent, target_ent; + krb5_data value; + off_t off; + size_t princ_len, data_len; + + off = sp->seek(sp, 0, SEEK_CUR); + krb5_ret_principal (sp, &source); + princ_len = sp->seek(sp, 0, SEEK_CUR) - off; + data_len = len - princ_len; + krb5_data_alloc (&value, data_len); + sp->fetch (sp, value.data, data_len); + ret = hdb_value2entry (context->context, &value, &target_ent); + krb5_data_free(&value); + if (ret) { + krb5_free_principal (context->context, source); + return ret; + } + ret = context->db->store (context->context, context->db, 0, &target_ent); + hdb_free_entry (context->context, &target_ent); + if (ret) { + krb5_free_principal (context->context, source); + return ret; + } + source_ent.principal = source; + ret = context->db->remove (context->context, context->db, &source_ent); + krb5_free_principal (context->context, source); + return ret; +} + + +/* + * Add a `modify' operation to the log. + */ + +kadm5_ret_t +kadm5_log_modify (kadm5_server_context *context, + hdb_entry *ent, + u_int32_t mask) +{ + krb5_storage *sp; + kadm5_ret_t ret; + krb5_data value; + u_int32_t len; + kadm5_log_context *log_context = &context->log_context; + + sp = krb5_storage_emem(); + ret = hdb_entry2value (context->context, ent, &value); + if (ret) { + krb5_storage_free(sp); + return ret; + } + ret = kadm5_log_preamble (context, sp, kadm_modify); + if (ret) { + krb5_data_free (&value); + krb5_storage_free(sp); + return ret; + } + len = value.length + 4; + krb5_store_int32 (sp, len); + krb5_store_int32 (sp, mask); + sp->store(sp, value.data, value.length); + krb5_data_free (&value); + krb5_store_int32 (sp, len); + if (ret) { + krb5_storage_free (sp); + return ret; + } + ret = kadm5_log_postamble (log_context, sp); + if (ret) { + krb5_storage_free (sp); + return ret; + } + ret = kadm5_log_flush (log_context, sp); + krb5_storage_free (sp); + if (ret) + return ret; + ret = kadm5_log_end (context); + return ret; +} + +/* + * Read a `modify' log operation from `sp' and apply it. + */ + +kadm5_ret_t +kadm5_log_replay_modify (kadm5_server_context *context, + u_int32_t ver, + u_int32_t len, + krb5_storage *sp) +{ + krb5_error_code ret; + int32_t mask; + krb5_data value; + hdb_entry ent, log_ent; + + krb5_ret_int32 (sp, &mask); + len -= 4; + krb5_data_alloc (&value, len); + sp->fetch (sp, value.data, len); + ret = hdb_value2entry (context->context, &value, &log_ent); + krb5_data_free(&value); + if (ret) + return ret; + ent.principal = log_ent.principal; + log_ent.principal = NULL; + ret = context->db->fetch(context->context, context->db, + HDB_F_DECRYPT, &ent); + if (ret) + return ret; + if (mask & KADM5_PRINC_EXPIRE_TIME) { + if (ent.valid_end == NULL) + ent.valid_end = malloc(sizeof(*ent.valid_end)); + *ent.valid_end = *log_ent.valid_end; + } + if (mask & KADM5_PW_EXPIRATION) { + if (ent.pw_end == NULL) + ent.pw_end = malloc(sizeof(*ent.pw_end)); + *ent.pw_end = *log_ent.pw_end; + } + if (mask & KADM5_LAST_PWD_CHANGE) { + abort (); /* XXX */ + } + if (mask & KADM5_ATTRIBUTES) { + ent.flags = log_ent.flags; + } + if (mask & KADM5_MAX_LIFE) { + if (ent.max_life == NULL) + ent.max_life = malloc (sizeof(*ent.max_life)); + *ent.max_life = *log_ent.max_life; + } + if ((mask & KADM5_MOD_TIME) && (mask & KADM5_MOD_NAME)) { + if (ent.modified_by == NULL) { + ent.modified_by = malloc(sizeof(*ent.modified_by)); + } else + free_Event(ent.modified_by); + copy_Event(log_ent.modified_by, ent.modified_by); + } + if (mask & KADM5_KVNO) { + ent.kvno = log_ent.kvno; + } + if (mask & KADM5_MKVNO) { + abort (); /* XXX */ + } + if (mask & KADM5_AUX_ATTRIBUTES) { + abort (); /* XXX */ + } + if (mask & KADM5_POLICY) { + abort (); /* XXX */ + } + if (mask & KADM5_POLICY_CLR) { + abort (); /* XXX */ + } + if (mask & KADM5_MAX_RLIFE) { + if (ent.max_renew == NULL) + ent.max_renew = malloc (sizeof(*ent.max_renew)); + *ent.max_renew = *log_ent.max_renew; + } + if (mask & KADM5_LAST_SUCCESS) { + abort (); /* XXX */ + } + if (mask & KADM5_LAST_FAILED) { + abort (); /* XXX */ + } + if (mask & KADM5_FAIL_AUTH_COUNT) { + abort (); /* XXX */ + } + if (mask & KADM5_KEY_DATA) { + size_t len; + int i; + + for (i = 0; i < ent.keys.len; ++i) + free_Key(&ent.keys.val[i]); + free (ent.keys.val); + + len = log_ent.keys.len; + + ent.keys.len = len; + ent.keys.val = malloc(len * sizeof(*ent.keys.val)); + for (i = 0; i < ent.keys.len; ++i) + copy_Key(&log_ent.keys.val[i], + &ent.keys.val[i]); + } + ret = context->db->store(context->context, context->db, + HDB_F_REPLACE, &ent); + hdb_free_entry (context->context, &ent); + hdb_free_entry (context->context, &log_ent); + return ret; +} + +/* + * Call `func' for each log record in the log in `context' + */ + +kadm5_ret_t +kadm5_log_foreach (kadm5_server_context *context, + void (*func)(kadm5_server_context *server_context, + u_int32_t ver, + time_t timestamp, + enum kadm_ops op, + u_int32_t len, + krb5_storage *sp)) +{ + int fd = context->log_context.log_fd; + krb5_storage *sp; + + lseek (fd, 0, SEEK_SET); + sp = krb5_storage_from_fd (fd); + for (;;) { + int32_t ver, timestamp, op, len; + + if(krb5_ret_int32 (sp, &ver) != 0) + break; + krb5_ret_int32 (sp, ×tamp); + krb5_ret_int32 (sp, &op); + krb5_ret_int32 (sp, &len); + (*func)(context, ver, timestamp, op, len, sp); + sp->seek(sp, 8, SEEK_CUR); + } + return 0; +} + +/* + * Go to end of log. + */ + +krb5_storage * +kadm5_log_goto_end (int fd) +{ + krb5_storage *sp; + + sp = krb5_storage_from_fd (fd); + sp->seek(sp, 0, SEEK_END); + return sp; +} + +/* + * Return previous log entry. + */ + +kadm5_ret_t +kadm5_log_previous (krb5_storage *sp, + u_int32_t *ver, + time_t *timestamp, + enum kadm_ops *op, + u_int32_t *len) +{ + off_t off; + int32_t tmp; + + sp->seek(sp, -8, SEEK_CUR); + krb5_ret_int32 (sp, &tmp); + *len = tmp; + krb5_ret_int32 (sp, &tmp); + *ver = tmp; + off = 24 + *len; + sp->seek(sp, -off, SEEK_CUR); + krb5_ret_int32 (sp, &tmp); + assert(tmp == *ver); + krb5_ret_int32 (sp, &tmp); + *timestamp = tmp; + krb5_ret_int32 (sp, &tmp); + *op = tmp; + krb5_ret_int32 (sp, &tmp); + assert(tmp == *len); + return 0; +} + +/* + * Replay a record from the log + */ + +kadm5_ret_t +kadm5_log_replay (kadm5_server_context *context, + enum kadm_ops op, + u_int32_t ver, + u_int32_t len, + krb5_storage *sp) +{ + switch (op) { + case kadm_create : + return kadm5_log_replay_create (context, ver, len, sp); + case kadm_delete : + return kadm5_log_replay_delete (context, ver, len, sp); + case kadm_rename : + return kadm5_log_replay_rename (context, ver, len, sp); + case kadm_modify : + return kadm5_log_replay_modify (context, ver, len, sp); + default : + return KADM5_FAILURE; + } +} diff --git a/crypto/heimdal/lib/kadm5/marshall.c b/crypto/heimdal/lib/kadm5/marshall.c new file mode 100644 index 0000000..9828837 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/marshall.c @@ -0,0 +1,330 @@ +/* + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: marshall.c,v 1.6 1999/12/02 17:05:06 joda Exp $"); + +kadm5_ret_t +kadm5_store_key_data(krb5_storage *sp, + krb5_key_data *key) +{ + krb5_data c; + krb5_store_int32(sp, key->key_data_ver); + krb5_store_int32(sp, key->key_data_kvno); + krb5_store_int32(sp, key->key_data_type[0]); + c.length = key->key_data_length[0]; + c.data = key->key_data_contents[0]; + krb5_store_data(sp, c); + krb5_store_int32(sp, key->key_data_type[1]); + c.length = key->key_data_length[1]; + c.data = key->key_data_contents[1]; + krb5_store_data(sp, c); + return 0; +} + +kadm5_ret_t +kadm5_ret_key_data(krb5_storage *sp, + krb5_key_data *key) +{ + krb5_data c; + int32_t tmp; + krb5_ret_int32(sp, &tmp); + key->key_data_ver = tmp; + krb5_ret_int32(sp, &tmp); + key->key_data_kvno = tmp; + krb5_ret_int32(sp, &tmp); + key->key_data_type[0] = tmp; + krb5_ret_data(sp, &c); + key->key_data_length[0] = c.length; + key->key_data_contents[0] = c.data; + krb5_ret_int32(sp, &tmp); + key->key_data_type[1] = tmp; + krb5_ret_data(sp, &c); + key->key_data_length[1] = c.length; + key->key_data_contents[1] = c.data; + return 0; +} + +kadm5_ret_t +kadm5_store_tl_data(krb5_storage *sp, + krb5_tl_data *tl) +{ + krb5_data c; + krb5_store_int32(sp, tl->tl_data_type); + c.length = tl->tl_data_length; + c.data = tl->tl_data_contents; + krb5_store_data(sp, c); + return 0; +} + +kadm5_ret_t +kadm5_ret_tl_data(krb5_storage *sp, + krb5_tl_data *tl) +{ + krb5_data c; + int32_t tmp; + krb5_ret_int32(sp, &tmp); + tl->tl_data_type = tmp; + krb5_ret_data(sp, &c); + tl->tl_data_length = c.length; + tl->tl_data_contents = c.data; + return 0; +} + +static kadm5_ret_t +store_principal_ent(krb5_storage *sp, + kadm5_principal_ent_t princ, + u_int32_t mask) +{ + int i; + + if (mask & KADM5_PRINCIPAL) + krb5_store_principal(sp, princ->principal); + if (mask & KADM5_PRINC_EXPIRE_TIME) + krb5_store_int32(sp, princ->princ_expire_time); + if (mask & KADM5_PW_EXPIRATION) + krb5_store_int32(sp, princ->pw_expiration); + if (mask & KADM5_LAST_PWD_CHANGE) + krb5_store_int32(sp, princ->last_pwd_change); + if (mask & KADM5_MAX_LIFE) + krb5_store_int32(sp, princ->max_life); + if (mask & KADM5_MOD_NAME) { + krb5_store_int32(sp, princ->mod_name != NULL); + if(princ->mod_name) + krb5_store_principal(sp, princ->mod_name); + } + if (mask & KADM5_MOD_TIME) + krb5_store_int32(sp, princ->mod_date); + if (mask & KADM5_ATTRIBUTES) + krb5_store_int32(sp, princ->attributes); + if (mask & KADM5_KVNO) + krb5_store_int32(sp, princ->kvno); + if (mask & KADM5_MKVNO) + krb5_store_int32(sp, princ->mkvno); + if (mask & KADM5_POLICY) { + krb5_store_int32(sp, princ->policy != NULL); + if(princ->policy) + krb5_store_string(sp, princ->policy); + } + if (mask & KADM5_AUX_ATTRIBUTES) + krb5_store_int32(sp, princ->aux_attributes); + if (mask & KADM5_MAX_RLIFE) + krb5_store_int32(sp, princ->max_renewable_life); + if (mask & KADM5_LAST_SUCCESS) + krb5_store_int32(sp, princ->last_success); + if (mask & KADM5_LAST_FAILED) + krb5_store_int32(sp, princ->last_failed); + if (mask & KADM5_FAIL_AUTH_COUNT) + krb5_store_int32(sp, princ->fail_auth_count); + if (mask & KADM5_KEY_DATA) { + krb5_store_int32(sp, princ->n_key_data); + for(i = 0; i < princ->n_key_data; i++) + kadm5_store_key_data(sp, &princ->key_data[i]); + } + if (mask & KADM5_TL_DATA) { + krb5_tl_data *tp; + + krb5_store_int32(sp, princ->n_tl_data); + for(tp = princ->tl_data; tp; tp = tp->tl_data_next) + kadm5_store_tl_data(sp, tp); + } + return 0; +} + + +kadm5_ret_t +kadm5_store_principal_ent(krb5_storage *sp, + kadm5_principal_ent_t princ) +{ + return store_principal_ent (sp, princ, ~0); +} + +kadm5_ret_t +kadm5_store_principal_ent_mask(krb5_storage *sp, + kadm5_principal_ent_t princ, + u_int32_t mask) +{ + krb5_store_int32(sp, mask); + return store_principal_ent (sp, princ, mask); +} + +static kadm5_ret_t +ret_principal_ent(krb5_storage *sp, + kadm5_principal_ent_t princ, + u_int32_t mask) +{ + int i; + int32_t tmp; + + if (mask & KADM5_PRINCIPAL) + krb5_ret_principal(sp, &princ->principal); + + if (mask & KADM5_PRINC_EXPIRE_TIME) { + krb5_ret_int32(sp, &tmp); + princ->princ_expire_time = tmp; + } + if (mask & KADM5_PW_EXPIRATION) { + krb5_ret_int32(sp, &tmp); + princ->pw_expiration = tmp; + } + if (mask & KADM5_LAST_PWD_CHANGE) { + krb5_ret_int32(sp, &tmp); + princ->last_pwd_change = tmp; + } + if (mask & KADM5_MAX_LIFE) { + krb5_ret_int32(sp, &tmp); + princ->max_life = tmp; + } + if (mask & KADM5_MOD_NAME) { + krb5_ret_int32(sp, &tmp); + if(tmp) + krb5_ret_principal(sp, &princ->mod_name); + else + princ->mod_name = NULL; + } + if (mask & KADM5_MOD_TIME) { + krb5_ret_int32(sp, &tmp); + princ->mod_date = tmp; + } + if (mask & KADM5_ATTRIBUTES) { + krb5_ret_int32(sp, &tmp); + princ->attributes = tmp; + } + if (mask & KADM5_KVNO) { + krb5_ret_int32(sp, &tmp); + princ->kvno = tmp; + } + if (mask & KADM5_MKVNO) { + krb5_ret_int32(sp, &tmp); + princ->mkvno = tmp; + } + if (mask & KADM5_POLICY) { + krb5_ret_int32(sp, &tmp); + if(tmp) + krb5_ret_string(sp, &princ->policy); + else + princ->policy = NULL; + } + if (mask & KADM5_AUX_ATTRIBUTES) { + krb5_ret_int32(sp, &tmp); + princ->aux_attributes = tmp; + } + if (mask & KADM5_MAX_RLIFE) { + krb5_ret_int32(sp, &tmp); + princ->max_renewable_life = tmp; + } + if (mask & KADM5_LAST_SUCCESS) { + krb5_ret_int32(sp, &tmp); + princ->last_success = tmp; + } + if (mask & KADM5_LAST_FAILED) { + krb5_ret_int32(sp, &tmp); + princ->last_failed = tmp; + } + if (mask & KADM5_FAIL_AUTH_COUNT) { + krb5_ret_int32(sp, &tmp); + princ->fail_auth_count = tmp; + } + if (mask & KADM5_KEY_DATA) { + krb5_ret_int32(sp, &tmp); + princ->n_key_data = tmp; + princ->key_data = malloc(princ->n_key_data * sizeof(*princ->key_data)); + for(i = 0; i < princ->n_key_data; i++) + kadm5_ret_key_data(sp, &princ->key_data[i]); + } + if (mask & KADM5_TL_DATA) { + krb5_ret_int32(sp, &tmp); + princ->n_tl_data = tmp; + princ->tl_data = NULL; + for(i = 0; i < princ->n_tl_data; i++){ + krb5_tl_data *tp = malloc(sizeof(*tp)); + kadm5_ret_tl_data(sp, tp); + tp->tl_data_next = princ->tl_data; + princ->tl_data = tp; + } + } + return 0; +} + +kadm5_ret_t +kadm5_ret_principal_ent(krb5_storage *sp, + kadm5_principal_ent_t princ) +{ + return ret_principal_ent (sp, princ, ~0); +} + +kadm5_ret_t +kadm5_ret_principal_ent_mask(krb5_storage *sp, + kadm5_principal_ent_t princ, + u_int32_t *mask) +{ + int32_t tmp; + + krb5_ret_int32 (sp, &tmp); + *mask = tmp; + return ret_principal_ent (sp, princ, *mask); +} + +kadm5_ret_t +_kadm5_marshal_params(krb5_context context, + kadm5_config_params *params, + krb5_data *out) +{ + krb5_storage *sp = krb5_storage_emem(); + + krb5_store_int32(sp, params->mask & (KADM5_CONFIG_REALM)); + + if(params->mask & KADM5_CONFIG_REALM) + krb5_store_string(sp, params->realm); + krb5_storage_to_data(sp, out); + krb5_storage_free(sp); + + return 0; +} + +kadm5_ret_t +_kadm5_unmarshal_params(krb5_context context, + krb5_data *in, + kadm5_config_params *params) +{ + krb5_storage *sp = krb5_storage_from_data(in); + + krb5_ret_int32(sp, ¶ms->mask); + + if(params->mask & KADM5_CONFIG_REALM) + krb5_ret_string(sp, ¶ms->realm); + krb5_storage_free(sp); + + return 0; +} diff --git a/crypto/heimdal/lib/kadm5/modify_c.c b/crypto/heimdal/lib/kadm5/modify_c.c new file mode 100644 index 0000000..2a64ccc --- /dev/null +++ b/crypto/heimdal/lib/kadm5/modify_c.c @@ -0,0 +1,73 @@ +/* + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: modify_c.c,v 1.3 1999/12/02 17:05:06 joda Exp $"); + +kadm5_ret_t +kadm5_c_modify_principal(void *server_handle, + kadm5_principal_ent_t princ, + u_int32_t mask) +{ + kadm5_client_context *context = server_handle; + kadm5_ret_t ret; + krb5_storage *sp; + unsigned char buf[1024]; + int32_t tmp; + krb5_data reply; + + sp = krb5_storage_from_mem(buf, sizeof(buf)); + if (sp == NULL) + return ENOMEM; + krb5_store_int32(sp, kadm_modify); + kadm5_store_principal_ent(sp, princ); + krb5_store_int32(sp, mask); + ret = _kadm5_client_send(context, sp); + krb5_storage_free(sp); + if(ret) + return ret; + ret = _kadm5_client_recv(context, &reply); + if(ret) + return ret; + sp = krb5_storage_from_data (&reply); + if (sp == NULL) { + krb5_data_free (&reply); + return ENOMEM; + } + krb5_ret_int32(sp, &tmp); + krb5_storage_free(sp); + krb5_data_free (&reply); + return tmp; +} + diff --git a/crypto/heimdal/lib/kadm5/modify_s.c b/crypto/heimdal/lib/kadm5/modify_s.c new file mode 100644 index 0000000..4157202 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/modify_s.c @@ -0,0 +1,92 @@ +/* + * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: modify_s.c,v 1.9 1999/12/02 17:05:06 joda Exp $"); + +static kadm5_ret_t +modify_principal(void *server_handle, + kadm5_principal_ent_t princ, + u_int32_t mask, + u_int32_t forbidden_mask) +{ + kadm5_server_context *context = server_handle; + hdb_entry ent; + kadm5_ret_t ret; + if((mask & forbidden_mask)) + return KADM5_BAD_MASK; + if((mask & KADM5_POLICY) && strcmp(princ->policy, "default")) + return KADM5_UNK_POLICY; + + ent.principal = princ->principal; + ret = context->db->open(context->context, context->db, O_RDWR, 0); + if(ret) + return ret; + ret = context->db->fetch(context->context, context->db, 0, &ent); + if(ret) + goto out; + ret = _kadm5_setup_entry(&ent, mask, princ, mask, NULL, 0); + if(ret) + goto out2; + ret = _kadm5_set_modifier(context, &ent); + if(ret) + goto out2; + + hdb_seal_keys(context->db, &ent); + + kadm5_log_modify (context, + &ent, + mask | KADM5_MOD_NAME | KADM5_MOD_TIME); + + ret = context->db->store(context->context, context->db, + HDB_F_REPLACE, &ent); +out2: + hdb_free_entry(context->context, &ent); +out: + context->db->close(context->context, context->db); + return _kadm5_error_code(ret); +} + + +kadm5_ret_t +kadm5_s_modify_principal(void *server_handle, + kadm5_principal_ent_t princ, + u_int32_t mask) +{ + return modify_principal(server_handle, princ, mask, + KADM5_LAST_PWD_CHANGE | KADM5_MOD_TIME + | KADM5_MOD_NAME | KADM5_MKVNO + | KADM5_AUX_ATTRIBUTES | KADM5_LAST_SUCCESS + | KADM5_LAST_FAILED); +} diff --git a/crypto/heimdal/lib/kadm5/password_quality.c b/crypto/heimdal/lib/kadm5/password_quality.c new file mode 100644 index 0000000..86d35f3 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/password_quality.c @@ -0,0 +1,147 @@ +/* + * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: password_quality.c,v 1.3 1999/12/02 17:05:06 joda Exp $"); + +#ifdef HAVE_DLFCN_H +#include <dlfcn.h> +#endif + +static const char * +simple_passwd_quality (krb5_context context, + krb5_principal principal, + krb5_data *pwd) +{ + if (pwd->length < 6) + return "Password too short"; + else + return NULL; +} + +typedef const char* (*passwd_quality_check_func)(krb5_context, + krb5_principal, + krb5_data*); + +static passwd_quality_check_func passwd_quality_check = simple_passwd_quality; + +#ifdef HAVE_DLOPEN +extern const char *check_library; +extern const char *check_function; + +#define PASSWD_VERSION 0 + +#endif + +/* + * setup the password quality hook + */ + +void +kadm5_setup_passwd_quality_check(krb5_context context, + const char *check_library, + const char *check_function) +{ +#ifdef HAVE_DLOPEN + void *handle; + void *sym; + int *version; + int flags; + const char *tmp; + +#ifdef RTLD_NOW + flags = RTLD_NOW; +#else + flags = 0; +#endif + + if(check_library == NULL) { + tmp = krb5_config_get_string(context, NULL, + "password_quality", + "check_library", + NULL); + if(tmp != NULL) + check_library = tmp; + } + if(check_function == NULL) { + tmp = krb5_config_get_string(context, NULL, + "password_quality", + "check_function", + NULL); + if(tmp != NULL) + check_function = tmp; + } + if(check_library != NULL && check_function == NULL) + check_function = "passwd_check"; + + if(check_library == NULL) + return; + handle = dlopen(check_library, flags); + if(handle == NULL) { + krb5_warnx(context, "failed to open `%s'", check_library); + return; + } + version = dlsym(handle, "version"); + if(version == NULL) { + krb5_warnx(context, + "didn't find `version' symbol in `%s'", check_library); + dlclose(handle); + return; + } + if(*version != PASSWD_VERSION) { + krb5_warnx(context, + "version of loaded library is %d (expected %d)", + *version, PASSWD_VERSION); + dlclose(handle); + return; + } + sym = dlsym(handle, check_function); + if(sym == NULL) { + krb5_warnx(context, + "didn't find `%s' symbol in `%s'", + check_function, check_library); + dlclose(handle); + return; + } + passwd_quality_check = (passwd_quality_check_func) sym; +#endif /* HAVE_DLOPEN */ +} + +const char * +kadm5_check_password_quality (krb5_context context, + krb5_principal principal, + krb5_data *pwd_data) +{ + return (*passwd_quality_check) (context, principal, pwd_data); +} diff --git a/crypto/heimdal/lib/kadm5/private.h b/crypto/heimdal/lib/kadm5/private.h new file mode 100644 index 0000000..e56a0f5 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/private.h @@ -0,0 +1,281 @@ +/* + * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: private.h,v 1.10 1999/12/04 23:09:34 assar Exp $ */ + +#ifndef __kadm5_private_h__ +#define __kadm5_private_h__ + +struct kadm_func { + kadm5_ret_t (*chpass_principal) (void *, krb5_principal, char*); + kadm5_ret_t (*create_principal) (void*, kadm5_principal_ent_t, + u_int32_t, char*); + kadm5_ret_t (*delete_principal) (void*, krb5_principal); + kadm5_ret_t (*destroy) (void*); + kadm5_ret_t (*flush) (void*); + kadm5_ret_t (*get_principal) (void*, krb5_principal, + kadm5_principal_ent_t, u_int32_t); + kadm5_ret_t (*get_principals) (void*, const char*, char***, int*); + kadm5_ret_t (*get_privs) (void*, u_int32_t*); + kadm5_ret_t (*modify_principal) (void*, kadm5_principal_ent_t, u_int32_t); + kadm5_ret_t (*randkey_principal) (void*, krb5_principal, + krb5_keyblock**, int*); + kadm5_ret_t (*rename_principal) (void*, krb5_principal, krb5_principal); +}; + +/* XXX should be integrated */ +typedef struct kadm5_common_context { + krb5_context context; + krb5_boolean my_context; + struct kadm_func funcs; + void *data; +}kadm5_common_context; + +typedef struct kadm5_log_peer { + int fd; + char *name; + krb5_auth_context ac; + struct kadm5_log_peer *next; +} kadm5_log_peer; + +typedef struct kadm5_log_context { + char *log_file; + int log_fd; + u_int32_t version; + struct sockaddr_un socket_name; + int socket_fd; +} kadm5_log_context; + +typedef struct kadm5_server_context { + krb5_context context; + krb5_boolean my_context; + struct kadm_func funcs; + /* */ + kadm5_config_params config; + HDB *db; + krb5_principal caller; + unsigned acl_flags; + kadm5_log_context log_context; +}kadm5_server_context; + +typedef struct kadm5_client_context { + krb5_context context; + krb5_boolean my_context; + struct kadm_func funcs; + /* */ + krb5_auth_context ac; + char *realm; + char *admin_server; + int kadmind_port; + int sock; +}kadm5_client_context; + +enum kadm_ops { + kadm_get, + kadm_delete, + kadm_create, + kadm_rename, + kadm_chpass, + kadm_modify, + kadm_randkey, + kadm_get_privs, + kadm_get_princs +}; + +#define KADMIN_APPL_VERSION "KADM0.1" +#define KADMIN_OLD_APPL_VERSION "KADM0.0" + +#define KADM5_LOG_SIGNAL HDB_DB_DIR "/signal" + +kadm5_ret_t _kadm5_privs_to_string (u_int32_t, char*, size_t); + +kadm5_ret_t _kadm5_string_to_privs (const char*, u_int32_t*); + +HDB *_kadm5_s_get_db (void *); + +kadm5_ret_t +_kadm5_acl_check_permission __P(( + kadm5_server_context *context, + unsigned op)); + +kadm5_ret_t +_kadm5_acl_init __P((kadm5_server_context *context)); + +kadm5_ret_t +_kadm5_c_init_context __P(( + kadm5_client_context **ctx, + kadm5_config_params *params, + krb5_context context)); + +kadm5_ret_t +_kadm5_client_recv __P(( + kadm5_client_context *context, + krb5_data *reply)); + +kadm5_ret_t +_kadm5_client_send __P(( + kadm5_client_context *context, + krb5_storage *sp)); + +kadm5_ret_t +_kadm5_error_code __P((kadm5_ret_t code)); + +kadm5_ret_t +_kadm5_s_init_context __P(( + kadm5_server_context **ctx, + kadm5_config_params *params, + krb5_context context)); + +kadm5_ret_t +_kadm5_set_keys __P(( + kadm5_server_context *context, + hdb_entry *ent, + const char *password)); + +kadm5_ret_t +_kadm5_set_keys2 __P(( + hdb_entry *ent, + int16_t n_key_data, + krb5_key_data *key_data)); + +kadm5_ret_t +_kadm5_set_keys_randomly __P((kadm5_server_context *context, + hdb_entry *ent, + krb5_keyblock **new_keys, + int *n_keys)); + +kadm5_ret_t +_kadm5_set_modifier __P(( + kadm5_server_context *context, + hdb_entry *ent)); + +kadm5_ret_t +_kadm5_setup_entry __P(( + hdb_entry *ent, + u_int32_t mask, + kadm5_principal_ent_t princ, + u_int32_t princ_mask, + kadm5_principal_ent_t def, + u_int32_t def_mask)); + +kadm5_ret_t +kadm5_log_get_version (int fd, + u_int32_t *ver); + +kadm5_ret_t +kadm5_log_init (kadm5_server_context *context); + +kadm5_ret_t +kadm5_log_create (kadm5_server_context *context, + hdb_entry *ent); + +kadm5_ret_t +kadm5_log_delete (kadm5_server_context *context, + krb5_principal princ); + +kadm5_ret_t +kadm5_log_rename (kadm5_server_context *context, + krb5_principal source, + hdb_entry *ent); + +kadm5_ret_t +kadm5_log_modify (kadm5_server_context *context, + hdb_entry *ent, + u_int32_t mask); + +kadm5_ret_t +kadm5_log_end (kadm5_server_context *context); + +kadm5_ret_t +kadm5_log_foreach (kadm5_server_context *context, + void (*func)(kadm5_server_context *server_context, + u_int32_t ver, + time_t timestamp, + enum kadm_ops op, + u_int32_t len, + krb5_storage *sp)); + +kadm5_ret_t +kadm5_log_replay_create (kadm5_server_context *context, + u_int32_t ver, + u_int32_t len, + krb5_storage *sp); + +kadm5_ret_t +kadm5_log_replay_delete (kadm5_server_context *context, + u_int32_t ver, + u_int32_t len, + krb5_storage *sp); + +kadm5_ret_t +kadm5_log_replay_rename (kadm5_server_context *context, + u_int32_t ver, + u_int32_t len, + krb5_storage *sp); + +kadm5_ret_t +kadm5_log_replay_modify (kadm5_server_context *context, + u_int32_t ver, + u_int32_t len, + krb5_storage *sp); + +kadm5_ret_t +kadm5_log_replay (kadm5_server_context *context, + enum kadm_ops op, + u_int32_t ver, + u_int32_t len, + krb5_storage *sp); + +krb5_storage * +kadm5_log_goto_end (int fd); + +kadm5_ret_t +kadm5_log_previous (krb5_storage *sp, + u_int32_t *ver, + time_t *timestamp, + enum kadm_ops *op, + u_int32_t *len); + +kadm5_ret_t +_kadm5_marshal_params __P((krb5_context context, + kadm5_config_params *params, + krb5_data *out)); + +kadm5_ret_t +_kadm5_unmarshal_params __P((krb5_context context, + krb5_data *in, + kadm5_config_params *params)); + + + +#endif /* __kadm5_private_h__ */ diff --git a/crypto/heimdal/lib/kadm5/privs_c.c b/crypto/heimdal/lib/kadm5/privs_c.c new file mode 100644 index 0000000..25d4976 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/privs_c.c @@ -0,0 +1,73 @@ +/* + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: privs_c.c,v 1.3 1999/12/02 17:05:07 joda Exp $"); + +kadm5_ret_t +kadm5_c_get_privs(void *server_handle, u_int32_t *privs) +{ + kadm5_client_context *context = server_handle; + kadm5_ret_t ret; + krb5_storage *sp; + unsigned char buf[1024]; + int32_t tmp; + krb5_data reply; + + sp = krb5_storage_from_mem(buf, sizeof(buf)); + if (sp == NULL) + return ENOMEM; + krb5_store_int32(sp, kadm_get_privs); + ret = _kadm5_client_send(context, sp); + krb5_storage_free(sp); + if(ret) + return ret; + ret = _kadm5_client_recv(context, &reply); + if (ret) + return ret; + sp = krb5_storage_from_data(&reply); + if (sp == NULL) { + krb5_data_free (&reply); + return ENOMEM; + } + krb5_ret_int32(sp, &tmp); + ret = tmp; + if(ret == 0){ + krb5_ret_int32(sp, &tmp); + *privs = tmp; + } + krb5_storage_free(sp); + krb5_data_free (&reply); + return ret; +} diff --git a/crypto/heimdal/lib/kadm5/privs_s.c b/crypto/heimdal/lib/kadm5/privs_s.c new file mode 100644 index 0000000..85cd5d5 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/privs_s.c @@ -0,0 +1,44 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: privs_s.c,v 1.2 1999/12/02 17:05:07 joda Exp $"); + +kadm5_ret_t +kadm5_s_get_privs(void *server_handle, u_int32_t *privs) +{ + kadm5_server_context *context = server_handle; + *privs = context->acl_flags; + return 0; +} diff --git a/crypto/heimdal/lib/kadm5/randkey_c.c b/crypto/heimdal/lib/kadm5/randkey_c.c new file mode 100644 index 0000000..7531b6e --- /dev/null +++ b/crypto/heimdal/lib/kadm5/randkey_c.c @@ -0,0 +1,89 @@ +/* + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: randkey_c.c,v 1.3 1999/12/02 17:05:07 joda Exp $"); + +kadm5_ret_t +kadm5_c_randkey_principal(void *server_handle, + krb5_principal princ, + krb5_keyblock **new_keys, + int *n_keys) +{ + kadm5_client_context *context = server_handle; + kadm5_ret_t ret; + krb5_storage *sp; + unsigned char buf[1024]; + int32_t tmp; + krb5_data reply; + + sp = krb5_storage_from_mem(buf, sizeof(buf)); + if (sp == NULL) + return ENOMEM; + krb5_store_int32(sp, kadm_randkey); + krb5_store_principal(sp, princ); + ret = _kadm5_client_send(context, sp); + krb5_storage_free(sp); + if (ret) + return ret; + ret = _kadm5_client_recv(context, &reply); + if(ret) + return ret; + sp = krb5_storage_from_data(&reply); + if (sp == NULL) { + krb5_data_free (&reply); + return ENOMEM; + } + krb5_ret_int32(sp, &tmp); + ret = tmp; + if(ret == 0){ + krb5_keyblock *k; + int i; + + krb5_ret_int32(sp, &tmp); + k = malloc(tmp * sizeof(*k)); + if (k == NULL) { + ret = ENOMEM; + goto out; + } + for(i = 0; i < tmp; i++) + krb5_ret_keyblock(sp, &k[i]); + *n_keys = tmp; + *new_keys = k; + } +out: + krb5_storage_free(sp); + krb5_data_free (&reply); + return ret; +} diff --git a/crypto/heimdal/lib/kadm5/randkey_s.c b/crypto/heimdal/lib/kadm5/randkey_s.c new file mode 100644 index 0000000..25c8571 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/randkey_s.c @@ -0,0 +1,96 @@ +/* + * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: randkey_s.c,v 1.10 1999/12/02 17:05:07 joda Exp $"); + +/* + * Set the keys of `princ' to random values, returning the random keys + * in `new_keys', `n_keys'. + */ + +kadm5_ret_t +kadm5_s_randkey_principal(void *server_handle, + krb5_principal princ, + krb5_keyblock **new_keys, + int *n_keys) +{ + kadm5_server_context *context = server_handle; + hdb_entry ent; + kadm5_ret_t ret; + + ent.principal = princ; + ret = context->db->open(context->context, context->db, O_RDWR, 0); + if(ret) + return ret; + ret = context->db->fetch(context->context, context->db, 0, &ent); + if(ret) + goto out; + + ret = _kadm5_set_keys_randomly (context, + &ent, + new_keys, + n_keys); + if (ret) + goto out2; + + ret = _kadm5_set_modifier(context, &ent); + if(ret) + goto out3; + + hdb_seal_keys(context->db, &ent); + + kadm5_log_modify (context, + &ent, + KADM5_PRINCIPAL | KADM5_MOD_NAME | KADM5_MOD_TIME | + KADM5_KEY_DATA | KADM5_KVNO); + + ret = context->db->store(context->context, context->db, + HDB_F_REPLACE, &ent); +out3: + if (ret) { + int i; + + for (i = 0; i < *n_keys; ++i) + krb5_free_keyblock_contents (context->context, &(*new_keys)[i]); + free (*new_keys); + *new_keys = NULL; + *n_keys = 0; + } +out2: + hdb_free_entry(context->context, &ent); +out: + context->db->close(context->context, context->db); + return _kadm5_error_code(ret); +} diff --git a/crypto/heimdal/lib/kadm5/rename_c.c b/crypto/heimdal/lib/kadm5/rename_c.c new file mode 100644 index 0000000..d33e611 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/rename_c.c @@ -0,0 +1,73 @@ +/* + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: rename_c.c,v 1.3 1999/12/02 17:05:07 joda Exp $"); + +kadm5_ret_t +kadm5_c_rename_principal(void *server_handle, + krb5_principal source, + krb5_principal target) +{ + kadm5_client_context *context = server_handle; + kadm5_ret_t ret; + krb5_storage *sp; + unsigned char buf[1024]; + int32_t tmp; + krb5_data reply; + + sp = krb5_storage_from_mem(buf, sizeof(buf)); + if (sp == NULL) + return ENOMEM; + krb5_store_int32(sp, kadm_rename); + krb5_store_principal(sp, source); + krb5_store_principal(sp, target); + ret = _kadm5_client_send(context, sp); + krb5_storage_free(sp); + if (ret) + return ret; + ret = _kadm5_client_recv(context, &reply); + if(ret) + return ret; + sp = krb5_storage_from_data (&reply); + if (sp == NULL) { + krb5_data_free (&reply); + return ENOMEM; + } + krb5_ret_int32(sp, &tmp); + ret = tmp; + krb5_storage_free(sp); + krb5_data_free (&reply); + return ret; +} diff --git a/crypto/heimdal/lib/kadm5/rename_s.c b/crypto/heimdal/lib/kadm5/rename_s.c new file mode 100644 index 0000000..e7f9038 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/rename_s.c @@ -0,0 +1,104 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: rename_s.c,v 1.9 1999/12/02 17:05:07 joda Exp $"); + +kadm5_ret_t +kadm5_s_rename_principal(void *server_handle, + krb5_principal source, + krb5_principal target) +{ + kadm5_server_context *context = server_handle; + kadm5_ret_t ret; + hdb_entry ent, ent2; + ent.principal = source; + if(krb5_principal_compare(context->context, source, target)) + return KADM5_DUP; /* XXX is this right? */ + if(!krb5_realm_compare(context->context, source, target)) + return KADM5_FAILURE; /* XXX better code */ + ret = context->db->open(context->context, context->db, O_RDWR, 0); + if(ret) + return ret; + ret = context->db->fetch(context->context, context->db, 0, &ent); + if(ret){ + context->db->close(context->context, context->db); + goto out; + } + ret = _kadm5_set_modifier(context, &ent); + if(ret) + goto out2; + { + /* fix salt */ + int i; + Salt salt; + krb5_salt salt2; + krb5_get_pw_salt(context->context, source, &salt2); + salt.type = hdb_pw_salt; + salt.salt = salt2.saltvalue; + for(i = 0; i < ent.keys.len; i++){ + if(ent.keys.val[i].salt == NULL){ + ent.keys.val[i].salt = malloc(sizeof(*ent.keys.val[i].salt)); + ret = copy_Salt(&salt, ent.keys.val[i].salt); + if(ret) + break; + } + } + krb5_free_salt(context->context, salt2); + } + if(ret) + goto out2; + ent2.principal = ent.principal; + ent.principal = target; + + hdb_seal_keys(context->db, &ent); + + kadm5_log_rename (context, + source, + &ent); + + ret = context->db->store(context->context, context->db, 0, &ent); + if(ret){ + ent.principal = ent2.principal; + goto out2; + } + ret = context->db->remove(context->context, context->db, &ent2); + ent.principal = ent2.principal; +out2: + context->db->close(context->context, context->db); + hdb_free_entry(context->context, &ent); +out: + return _kadm5_error_code(ret); +} + diff --git a/crypto/heimdal/lib/kadm5/replay_log.c b/crypto/heimdal/lib/kadm5/replay_log.c new file mode 100644 index 0000000..c0e05ee --- /dev/null +++ b/crypto/heimdal/lib/kadm5/replay_log.c @@ -0,0 +1,118 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "iprop.h" + +RCSID("$Id: replay_log.c,v 1.7 1999/12/04 19:51:11 assar Exp $"); + +static void +apply_entry(kadm5_server_context *server_context, + u_int32_t ver, + time_t timestamp, + enum kadm_ops op, + u_int32_t len, + krb5_storage *sp) +{ + krb5_error_code ret; + + printf ("ver %u... ", ver); + fflush (stdout); + + ret = kadm5_log_replay (server_context, + op, ver, len, sp); + if (ret) + krb5_warn (server_context->context, ret, "kadm5_log_replay"); + + + printf ("done\n"); +} + +int version_flag; +int help_flag; +struct getargs args[] = { + { "version", 0, arg_flag, &version_flag }, + { "help", 0, arg_flag, &help_flag } +}; +int num_args = sizeof(args) / sizeof(args[0]); + +int +main(int argc, char **argv) +{ + krb5_context context; + krb5_error_code ret; + void *kadm_handle; + kadm5_config_params conf; + kadm5_server_context *server_context; + + krb5_program_setup(&context, argc, argv, args, num_args, NULL); + + if(help_flag) + krb5_std_usage(0, args, num_args); + if(version_flag) { + print_version(NULL); + exit(0); + } + + memset(&conf, 0, sizeof(conf)); + ret = kadm5_init_with_password_ctx (context, + KADM5_ADMIN_SERVICE, + NULL, + KADM5_ADMIN_SERVICE, + &conf, 0, 0, + &kadm_handle); + if (ret) + krb5_err (context, 1, ret, "kadm5_init_with_password_ctx"); + + server_context = (kadm5_server_context *)kadm_handle; + + ret = server_context->db->open(context, + server_context->db, + O_RDWR | O_CREAT, 0); + if (ret) + krb5_err (context, 1, ret, "db->open"); + + ret = kadm5_log_init (server_context); + if (ret) + krb5_err (context, 1, ret, "kadm5_log_init"); + + ret = kadm5_log_foreach (server_context, apply_entry); + if(ret) + krb5_warn(context, ret, "kadm5_log_foreach"); + ret = kadm5_log_end (server_context); + if (ret) + krb5_warn(context, ret, "kadm5_log_end"); + ret = server_context->db->close (context, server_context->db); + if (ret) + krb5_err (context, 1, ret, "db->close"); + return 0; +} diff --git a/crypto/heimdal/lib/kadm5/sample_passwd_check.c b/crypto/heimdal/lib/kadm5/sample_passwd_check.c new file mode 100644 index 0000000..4ff5122 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/sample_passwd_check.c @@ -0,0 +1,85 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of KTH nor the names of its contributors may be + * used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +/* $Id: sample_passwd_check.c,v 1.1 1999/09/10 10:11:03 assar Exp $ */ + +#include <string.h> +#include <stdlib.h> +#include <krb5.h> + +/* specify the api-version this library conforms to */ + +int version = 0; + +/* just check the length of the password, this is what the default + check does, but this lets you specify the minimum length in + krb5.conf */ +const char* +check_length(krb5_context context, + krb5_principal prinipal, + krb5_data *password) +{ + int min_length = krb5_config_get_int_default(context, NULL, 6, + "password_quality", + "min_length", + NULL); + if(password->length < min_length) + return "Password too short"; + return NULL; +} + +#ifdef DICTPATH + +/* use cracklib to check password quality; this requires a patch for + cracklib that can be found at + ftp://ftp.pdc.kth.se/pub/krb/src/cracklib.patch */ + +const char* +check_cracklib(krb5_context context, + krb5_principal principal, + krb5_data *password) +{ + char *s = malloc(password->length + 1); + char *msg; + char *strings[2]; + if(s == NULL) + return NULL; /* XXX */ + strings[0] = principal->name.name_string.val[0]; /* XXX */ + strings[1] = NULL; + memcpy(s, password->data, password->length); + s[password->length] = '\0'; + msg = FascistCheck(s, DICTPATH, strings); + memset(s, 0, password->length); + free(s); + return msg; +} +#endif diff --git a/crypto/heimdal/lib/kadm5/send_recv.c b/crypto/heimdal/lib/kadm5/send_recv.c new file mode 100644 index 0000000..51f6972 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/send_recv.c @@ -0,0 +1,89 @@ +/* + * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: send_recv.c,v 1.7 1999/12/02 17:05:07 joda Exp $"); + +kadm5_ret_t +_kadm5_client_send(kadm5_client_context *context, krb5_storage *sp) +{ + krb5_data msg, out; + krb5_error_code ret; + size_t len; + krb5_storage *sock; + + len = sp->seek(sp, 0, SEEK_CUR); + ret = krb5_data_alloc(&msg, len); + sp->seek(sp, 0, SEEK_SET); + sp->fetch(sp, msg.data, msg.length); + + ret = krb5_mk_priv(context->context, context->ac, &msg, &out, NULL); + krb5_data_free(&msg); + if(ret) + return ret; + + sock = krb5_storage_from_fd(context->sock); + if(sock == NULL) { + krb5_data_free(&out); + return ENOMEM; + } + + ret = krb5_store_data(sock, out); + krb5_storage_free(sock); + krb5_data_free(&out); + return ret; +} + +kadm5_ret_t +_kadm5_client_recv(kadm5_client_context *context, krb5_data *reply) +{ + krb5_error_code ret; + krb5_data data; + krb5_storage *sock; + + sock = krb5_storage_from_fd(context->sock); + if(sock == NULL) + return ENOMEM; + ret = krb5_ret_data(sock, &data); + krb5_storage_free(sock); + if(ret == KRB5_CC_END) + return KADM5_RPC_ERROR; + else if(ret) + return ret; + + ret = krb5_rd_priv(context->context, context->ac, &data, reply, NULL); + krb5_data_free(&data); + return ret; +} + diff --git a/crypto/heimdal/lib/kadm5/server_glue.c b/crypto/heimdal/lib/kadm5/server_glue.c new file mode 100644 index 0000000..21b6077 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/server_glue.c @@ -0,0 +1,150 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: server_glue.c,v 1.6 1999/12/02 17:05:07 joda Exp $"); + +kadm5_ret_t +kadm5_init_with_password(const char *client_name, + const char *password, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle) +{ + return kadm5_s_init_with_password(client_name, + password, + service_name, + realm_params, + struct_version, + api_version, + server_handle); +} + +kadm5_ret_t +kadm5_init_with_password_ctx(krb5_context context, + const char *client_name, + const char *password, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle) +{ + return kadm5_s_init_with_password_ctx(context, + client_name, + password, + service_name, + realm_params, + struct_version, + api_version, + server_handle); +} + +kadm5_ret_t +kadm5_init_with_skey(const char *client_name, + const char *keytab, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle) +{ + return kadm5_s_init_with_skey(client_name, + keytab, + service_name, + realm_params, + struct_version, + api_version, + server_handle); +} + +kadm5_ret_t +kadm5_init_with_skey_ctx(krb5_context context, + const char *client_name, + const char *keytab, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle) +{ + return kadm5_s_init_with_skey_ctx(context, + client_name, + keytab, + service_name, + realm_params, + struct_version, + api_version, + server_handle); +} + +kadm5_ret_t +kadm5_init_with_creds(const char *client_name, + krb5_ccache ccache, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle) +{ + return kadm5_s_init_with_creds(client_name, + ccache, + service_name, + realm_params, + struct_version, + api_version, + server_handle); +} + +kadm5_ret_t +kadm5_init_with_creds_ctx(krb5_context context, + const char *client_name, + krb5_ccache ccache, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle) +{ + return kadm5_s_init_with_creds_ctx(context, + client_name, + ccache, + service_name, + realm_params, + struct_version, + api_version, + server_handle); +} diff --git a/crypto/heimdal/lib/kadm5/set_keys.c b/crypto/heimdal/lib/kadm5/set_keys.c new file mode 100644 index 0000000..e4d5d1a --- /dev/null +++ b/crypto/heimdal/lib/kadm5/set_keys.c @@ -0,0 +1,292 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: set_keys.c,v 1.18 1999/12/04 23:11:01 assar Exp $"); + +/* + * free all the memory used by (len, keys) + */ + +static void +free_keys (kadm5_server_context *context, + int len, Key *keys) +{ + int i; + + for (i = 0; i < len; ++i) { + free (keys[i].mkvno); + keys[i].mkvno = NULL; + if (keys[i].salt != NULL) { + free_Salt(keys[i].salt); + free(keys[i].salt); + keys[i].salt = NULL; + } + krb5_free_keyblock_contents(context->context, &keys[i].key); + } + free (keys); +} + +/* + * null-ify `len', `keys' + */ + +static void +init_keys (Key *keys, int len) +{ + int i; + + for (i = 0; i < len; ++i) { + keys[i].mkvno = NULL; + keys[i].salt = NULL; + keys[i].key.keyvalue.length = 0; + keys[i].key.keyvalue.data = NULL; + } +} + +/* + * the known and used DES enctypes + */ + +static krb5_enctype des_types[] = { ETYPE_DES_CBC_CRC, + ETYPE_DES_CBC_MD4, + ETYPE_DES_CBC_MD5 }; + +static unsigned n_des_types = 3; + +/* + * Set the keys of `ent' to the string-to-key of `password' + */ + +kadm5_ret_t +_kadm5_set_keys(kadm5_server_context *context, + hdb_entry *ent, + const char *password) +{ + kadm5_ret_t ret = 0; + int i; + unsigned len; + Key *keys; + krb5_salt salt; + krb5_boolean v4_salt = FALSE; + + len = n_des_types + 1; + keys = malloc (len * sizeof(*keys)); + if (keys == NULL) + return ENOMEM; + + init_keys (keys, len); + + salt.salttype = KRB5_PW_SALT; + salt.saltvalue.length = 0; + salt.saltvalue.data = NULL; + + if (krb5_config_get_bool (context->context, + NULL, "kadmin", "use_v4_salt", NULL)) { + v4_salt = TRUE; + } else { + ret = krb5_get_pw_salt (context->context, ent->principal, &salt); + if (ret) + goto out; + } + + for (i = 0; i < n_des_types; ++i) { + ret = krb5_string_to_key_salt (context->context, + des_types[i], + password, + salt, + &keys[i].key); + if (ret) + goto out; + if (v4_salt) { + keys[i].salt = malloc (sizeof(*keys[i].salt)); + if (keys[i].salt == NULL) { + ret = ENOMEM; + goto out; + } + keys[i].salt->type = salt.salttype; + ret = copy_octet_string (&salt.saltvalue, &keys[i].salt->salt); + if (ret) + goto out; + } + } + + ret = krb5_string_to_key (context->context, + ETYPE_DES3_CBC_SHA1, + password, + ent->principal, + &keys[n_des_types].key); + if (ret) + goto out; + + free_keys (context, ent->keys.len, ent->keys.val); + ent->keys.len = len; + ent->keys.val = keys; + ent->kvno++; + return ret; +out: + krb5_data_free (&salt.saltvalue); + free_keys (context, len, keys); + return ret; +} + +/* + * Set the keys of `ent' to (`n_key_data', `key_data') + */ + +kadm5_ret_t +_kadm5_set_keys2(hdb_entry *ent, + int16_t n_key_data, + krb5_key_data *key_data) +{ + krb5_error_code ret; + int i; + + ent->keys.len = n_key_data; + ent->keys.val = malloc(ent->keys.len * sizeof(*ent->keys.val)); + if(ent->keys.val == NULL) + return ENOMEM; + for(i = 0; i < n_key_data; i++) { + ent->keys.val[i].mkvno = NULL; + ent->keys.val[i].key.keytype = key_data[i].key_data_type[0]; + ret = krb5_data_copy(&ent->keys.val[i].key.keyvalue, + key_data[i].key_data_contents[0], + key_data[i].key_data_length[0]); + if(ret) + return ret; + if(key_data[i].key_data_ver == 2) { + Salt *salt; + salt = malloc(sizeof(*salt)); + if(salt == NULL) + return ENOMEM; + ent->keys.val[i].salt = salt; + salt->type = key_data[i].key_data_type[1]; + krb5_data_copy(&salt->salt, + key_data[i].key_data_contents[1], + key_data[i].key_data_length[1]); + } else + ent->keys.val[i].salt = NULL; + } + ent->kvno++; + return 0; +} + +/* + * Set the keys of `ent' to random keys and return them in `n_keys' + * and `new_keys'. + */ + +kadm5_ret_t +_kadm5_set_keys_randomly (kadm5_server_context *context, + hdb_entry *ent, + krb5_keyblock **new_keys, + int *n_keys) +{ + kadm5_ret_t ret = 0; + int i; + unsigned len; + krb5_keyblock *keys; + Key *hkeys; + + len = n_des_types + 1; + keys = malloc (len * sizeof(*keys)); + if (keys == NULL) + return ENOMEM; + + for (i = 0; i < len; ++i) { + keys[i].keyvalue.length = 0; + keys[i].keyvalue.data = NULL; + } + + hkeys = malloc (len * sizeof(*hkeys)); + if (hkeys == NULL) { + free (keys); + return ENOMEM; + } + + init_keys (hkeys, len); + + ret = krb5_generate_random_keyblock (context->context, + des_types[0], + &keys[0]); + if (ret) + goto out; + + ret = krb5_copy_keyblock_contents (context->context, + &keys[0], + &hkeys[0].key); + if (ret) + goto out; + + for (i = 1; i < n_des_types; ++i) { + ret = krb5_copy_keyblock_contents (context->context, + &keys[0], + &keys[i]); + if (ret) + goto out; + keys[i].keytype = des_types[i]; + ret = krb5_copy_keyblock_contents (context->context, + &keys[0], + &hkeys[i].key); + if (ret) + goto out; + hkeys[i].key.keytype = des_types[i]; + } + + ret = krb5_generate_random_keyblock (context->context, + ETYPE_DES3_CBC_SHA1, + &keys[n_des_types]); + if (ret) + goto out; + + ret = krb5_copy_keyblock_contents (context->context, + &keys[n_des_types], + &hkeys[n_des_types].key); + if (ret) + goto out; + + free_keys (context, ent->keys.len, ent->keys.val); + ent->keys.len = len; + ent->keys.val = hkeys; + ent->kvno++; + *new_keys = keys; + *n_keys = len; + return ret; +out: + for (i = 0; i < len; ++i) + krb5_free_keyblock_contents (context->context, &keys[i]); + free (keys); + free_keys (context, len, hkeys); + return ret; +} diff --git a/crypto/heimdal/lib/kadm5/set_modifier.c b/crypto/heimdal/lib/kadm5/set_modifier.c new file mode 100644 index 0000000..2b09745 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/set_modifier.c @@ -0,0 +1,54 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: set_modifier.c,v 1.2 1999/12/02 17:05:07 joda Exp $"); + +kadm5_ret_t +_kadm5_set_modifier(kadm5_server_context *context, + hdb_entry *ent) +{ + kadm5_ret_t ret; + if(ent->modified_by == NULL){ + ent->modified_by = malloc(sizeof(*ent->modified_by)); + if(ent->modified_by == NULL) + return ENOMEM; + } else + free_Event(ent->modified_by); + ent->modified_by->time = time(NULL); + ret = krb5_copy_principal(context->context, context->caller, + &ent->modified_by->principal); + return ret; +} + diff --git a/crypto/heimdal/lib/kafs/ChangeLog b/crypto/heimdal/lib/kafs/ChangeLog new file mode 100644 index 0000000..09ea01e --- /dev/null +++ b/crypto/heimdal/lib/kafs/ChangeLog @@ -0,0 +1,169 @@ +1999-12-06 Assar Westerlund <assar@sics.se> + + * Makefile.am: set version to 1:2:1 + +1999-11-22 Assar Westerlund <assar@sics.se> + + * afskrb5.c (afslog_uid_int): handle d->realm == NULL + +1999-11-17 Assar Westerlund <assar@sics.se> + + * afskrb5.c (afslog_uid_int): don't look at the local realm at + all. just use the realm from the ticket file. + +1999-10-20 Assar Westerlund <assar@sics.se> + + * Makefile.am: set version to 1:1:1 + + * afskrb5.c (get_cred): always request a DES key + +Mon Oct 18 17:40:21 1999 Bjoern Groenvall <bg@mummel.sics.se> + + * common.c (find_cells): Trim trailing whitespace from + cellname. Lines starting with # are regarded as comments. + +Fri Oct 8 18:17:22 1999 Bjoern Groenvall <bg@mummel.sics.se> + + * afskrb.c, common.c : Change code to make a clear distinction + between hinted realm and ticket realm. + + * kafs_locl.h: Added argument realm_hint. + + * common.c (_kafs_get_cred): Change code to acquire the ``best'' + possible ticket. Use cross-cell authentication only as method of + last resort. + + * afskrb.c (afslog_uid_int): Add realm_hint argument and extract + realm from ticket file. + + * afskrb5.c (afslog_uid_int): Added argument realm_hint. + +1999-10-03 Assar Westerlund <assar@sics.se> + + * afskrb5.c (get_cred): update to new krb524_convert_creds_kdc + +1999-08-12 Johan Danielsson <joda@pdc.kth.se> + + * Makefile.am: ignore the comlicated aix construct if !krb4 + +1999-07-26 Assar Westerlund <assar@sics.se> + + * Makefile.am: set version to 1:0:1 + +1999-07-22 Assar Westerlund <assar@sics.se> + + * afssysdefs.h: define AFS_SYSCALL to 73 for Solaris 2.7 + +1999-07-07 Assar Westerlund <assar@sics.se> + + * afskrb5.c (krb5_realm_of_cell): new function + + * afskrb.c (krb_realm_of_cell): new function + (afslog_uid_int): call krb_get_lrealm correctly + +1999-06-15 Assar Westerlund <assar@sics.se> + + * common.c (realm_of_cell): rename to _kafs_realm_of_cell and + un-staticize + +Fri Mar 19 14:52:29 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * Makefile.am: add version-info + +Thu Mar 18 11:24:02 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * Makefile.am: include Makefile.am.common + +Sat Feb 27 19:46:21 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * Makefile.am: remove EXTRA_DATA (as of autoconf 2.13/automake + 1.4) + +Thu Feb 11 22:57:37 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * Makefile.am: set AIX_SRC also if !AIX + +Tue Dec 1 14:45:15 1998 Johan Danielsson <joda@hella.pdc.kth.se> + + * Makefile.am: fix AIX linkage + +Sun Nov 22 10:40:44 1998 Assar Westerlund <assar@sics.se> + + * Makefile.in (WFLAGS): set + +Sat Nov 21 16:55:19 1998 Johan Danielsson <joda@hella.pdc.kth.se> + + * afskrb5.c: add homedir support + +Sun Sep 6 20:16:27 1998 Assar Westerlund <assar@sics.se> + + * add new functionality for specifying the homedir to krb_afslog + et al + +Thu Jul 16 01:27:19 1998 Assar Westerlund <assar@sics.se> + + * afssys.c: reorganize order of definitions. + (try_one, try_two): conditionalize + +Thu Jul 9 18:31:52 1998 Johan Danielsson <joda@emma.pdc.kth.se> + + * common.c (realm_of_cell): make the dns fallback work + +Wed Jul 8 01:39:44 1998 Assar Westerlund <assar@sics.se> + + * afssys.c (map_syscall_name_to_number): new function for finding + the number of a syscall given the name on solaris + (k_hasafs): try using map_syscall_name_to_number + +Tue Jun 30 17:19:00 1998 Assar Westerlund <assar@sics.se> + + * afssys.c: rewrite and add support for environment variable + AFS_SYSCALL + + * Makefile.in (distclean): don't remove roken_rename.h + +Fri May 29 19:03:20 1998 Assar Westerlund <assar@sics.se> + + * Makefile.in (roken_rename.h): remove dependency + +Mon May 25 05:25:54 1998 Assar Westerlund <assar@sics.se> + + * Makefile.in (clean): try to remove shared library debris + +Sun Apr 19 09:58:40 1998 Assar Westerlund <assar@sics.se> + + * Makefile.in: add symlink magic for linux + +Sat Apr 4 15:08:48 1998 Assar Westerlund <assar@sics.se> + + * kafs.h: add arla paths + + * common.c (_kafs_afslog_all_local_cells): Try _PATH_ARLA_* + (_realm_of_cell): Try _PATH_ARLA_CELLSERVDB + +Thu Feb 19 14:50:22 1998 Johan Danielsson <joda@emma.pdc.kth.se> + + * common.c: Don't store expired tokens (this broke when using + pag-less rsh-sessions, and `non-standard' ticket files). + +Thu Feb 12 11:20:15 1998 Johan Danielsson <joda@emma.pdc.kth.se> + + * Makefile.in: Install/uninstall one library at a time. + +Thu Feb 12 05:38:58 1998 Assar Westerlund <assar@sics.se> + + * Makefile.in (install): one library at a time. + +Mon Feb 9 23:40:32 1998 Assar Westerlund <assar@sics.se> + + * common.c (find_cells): ignore empty lines + +Tue Jan 6 04:25:58 1998 Assar Westerlund <assar@sics.se> + + * afssysdefs.h (AFS_SYSCALL): add FreeBSD + +Fri Jan 2 17:08:24 1998 Assar Westerlund <assar@sics.se> + + * kafs.h: new VICEIOCTL's. From <rb@stacken.kth.se> + + * afssysdefs.h: Add OpenBSD diff --git a/crypto/heimdal/lib/kafs/Makefile.am b/crypto/heimdal/lib/kafs/Makefile.am new file mode 100644 index 0000000..2460e55 --- /dev/null +++ b/crypto/heimdal/lib/kafs/Makefile.am @@ -0,0 +1,71 @@ +# $Id: Makefile.am,v 1.19 2000/01/06 15:14:27 assar Exp $ + +include $(top_srcdir)/Makefile.am.common + +INCLUDES += $(INCLUDE_krb4) $(AFS_EXTRA_DEFS) + +if KRB4 +AFSLIBS = libkafs.la + +if AIX +AFSL_EXP = $(srcdir)/afsl.exp + +if AIX4 +AFS_EXTRA_LD = -bnoentry +else +AFS_EXTRA_LD = -e _nostart +endif + +if AIX_DYNAMIC_AFS +if HAVE_DLOPEN +AIX_SRC = +else +AIX_SRC = dlfcn.c +endif +AFS_EXTRA_LIBS = afslib.so +AFS_EXTRA_DEFS = +else +AIX_SRC = afslib.c +AFS_EXTRA_LIBS = +AFS_EXTRA_DEFS = -DSTATIC_AFS +endif + +else +AFSL_EXP = +AIX_SRC = +endif # AIX + +else +AFSLIBS = +endif # KRB4 + + +lib_LTLIBRARIES = $(AFSLIBS) +libkafs_la_LDFLAGS = -version-info 1:2:1 +foodir = $(libdir) +foo_DATA = $(AFS_EXTRA_LIBS) +# EXTRA_DATA = afslib.so + +CLEANFILES= $(AFS_EXTRA_LIBS) + +include_HEADERS = kafs.h + +if KRB5 +afskrb5_c = afskrb5.c +endif + +libkafs_la_SOURCES = afssys.c afskrb.c $(afskrb5_c) common.c $(AIX_SRC) kafs_locl.h afssysdefs.h +#afslib_so_SOURCES = afslib.c + +EXTRA_libkafs_la_SOURCES = afskrb5.c dlfcn.c afslib.c dlfcn.h + +EXTRA_DIST = README.dlfcn afsl.exp afslib.exp + +man_MANS = kafs.3 + +# AIX: this almost works with gcc, but somehow it fails to use the +# correct ld, use ld instead +afslib.so: afslib.o + ld -o $@ -bM:SRE -bI:$(srcdir)/afsl.exp -bE:$(srcdir)/afslib.exp $(AFS_EXTRA_LD) afslib.o -lc + +$(OBJECTS): ../../include/config.h diff --git a/crypto/heimdal/lib/kafs/Makefile.in b/crypto/heimdal/lib/kafs/Makefile.in new file mode 100644 index 0000000..32b69cb --- /dev/null +++ b/crypto/heimdal/lib/kafs/Makefile.in @@ -0,0 +1,898 @@ +# Makefile.in generated automatically by automake 1.4 from Makefile.am + +# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +# $Id: Makefile.am,v 1.19 2000/01/06 15:14:27 assar Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ + + +SHELL = @SHELL@ + +srcdir = @srcdir@ +top_srcdir = @top_srcdir@ +VPATH = @srcdir@ +prefix = @prefix@ +exec_prefix = @exec_prefix@ + +bindir = @bindir@ +sbindir = @sbindir@ +libexecdir = @libexecdir@ +datadir = @datadir@ +sysconfdir = @sysconfdir@ +sharedstatedir = @sharedstatedir@ +localstatedir = @localstatedir@ +libdir = @libdir@ +infodir = @infodir@ +mandir = @mandir@ +includedir = @includedir@ +oldincludedir = /usr/include + +DESTDIR = + +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ + +top_builddir = ../.. + +ACLOCAL = @ACLOCAL@ +AUTOCONF = @AUTOCONF@ +AUTOMAKE = @AUTOMAKE@ +AUTOHEADER = @AUTOHEADER@ + +INSTALL = @INSTALL@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +transform = @program_transform_name@ + +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +host_alias = @host_alias@ +host_triplet = @host@ +AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AWK = @AWK@ +CANONICAL_HOST = @CANONICAL_HOST@ +CATMAN = @CATMAN@ +CATMANEXT = @CATMANEXT@ +CC = @CC@ +DBLIB = @DBLIB@ +EXEEXT = @EXEEXT@ +EXTRA_LIB45 = @EXTRA_LIB45@ +GROFF = @GROFF@ +INCLUDE_ = @INCLUDE_@ +LD = @LD@ +LEX = @LEX@ +LIBOBJS = @LIBOBJS@ +LIBTOOL = @LIBTOOL@ +LIB_ = @LIB_@ +LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_kdb = @LIB_kdb@ +LIB_otp = @LIB_otp@ +LIB_roken = @LIB_roken@ +LIB_security = @LIB_security@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ +MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ +MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ +NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ +NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ +NM = @NM@ +NROFF = @NROFF@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +RANLIB = @RANLIB@ +VERSION = @VERSION@ +VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ +WFLAGS = @WFLAGS@ +WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ +WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ +YACC = @YACC@ + +AUTOMAKE_OPTIONS = foreign no-dependencies + +SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x + +INCLUDES = -I$(top_builddir)/include $(INCLUDE_krb4) $(AFS_EXTRA_DEFS) + +AM_CFLAGS = $(WFLAGS) + +COMPILE_ET = $(top_builddir)/lib/com_err/compile_et + +buildinclude = $(top_builddir)/include + +LIB_XauReadAuth = @LIB_XauReadAuth@ +LIB_crypt = @LIB_crypt@ +LIB_dbm_firstkey = @LIB_dbm_firstkey@ +LIB_dbopen = @LIB_dbopen@ +LIB_dlopen = @LIB_dlopen@ +LIB_dn_expand = @LIB_dn_expand@ +LIB_el_init = @LIB_el_init@ +LIB_getattr = @LIB_getattr@ +LIB_gethostbyname = @LIB_gethostbyname@ +LIB_getpwent_r = @LIB_getpwent_r@ +LIB_getpwnam_r = @LIB_getpwnam_r@ +LIB_getsockopt = @LIB_getsockopt@ +LIB_logout = @LIB_logout@ +LIB_logwtmp = @LIB_logwtmp@ +LIB_odm_initialize = @LIB_odm_initialize@ +LIB_readline = @LIB_readline@ +LIB_res_search = @LIB_res_search@ +LIB_setpcred = @LIB_setpcred@ +LIB_setsockopt = @LIB_setsockopt@ +LIB_socket = @LIB_socket@ +LIB_syslog = @LIB_syslog@ +LIB_tgetent = @LIB_tgetent@ + +HESIODLIB = @HESIODLIB@ +HESIODINCLUDE = @HESIODINCLUDE@ +INCLUDE_hesiod = @INCLUDE_hesiod@ +LIB_hesiod = @LIB_hesiod@ + +INCLUDE_krb4 = @INCLUDE_krb4@ +LIB_krb4 = @LIB_krb4@ + +INCLUDE_readline = @INCLUDE_readline@ + +LEXLIB = @LEXLIB@ + +cat1dir = $(mandir)/cat1 +cat3dir = $(mandir)/cat3 +cat5dir = $(mandir)/cat5 +cat8dir = $(mandir)/cat8 + +MANRX = \(.*\)\.\([0-9]\) +CATSUFFIX = @CATSUFFIX@ + +NROFF_MAN = groff -mandoc -Tascii + +@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) + +@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la + +CHECK_LOCAL = $(PROGRAMS) + +@KRB4_TRUE@AFSLIBS = libkafs.la +@KRB4_FALSE@AFSLIBS = + +@KRB4_TRUE@@AIX_TRUE@AFSL_EXP = $(srcdir)/afsl.exp +@KRB4_TRUE@@AIX_FALSE@AFSL_EXP = +@KRB4_TRUE@@AIX_TRUE@@AIX4_TRUE@AFS_EXTRA_LD = -bnoentry +@KRB4_TRUE@@AIX_TRUE@@AIX4_FALSE@AFS_EXTRA_LD = -e _nostart +@KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_TRUE@@HAVE_DLOPEN_TRUE@AIX_SRC = +@KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_TRUE@@HAVE_DLOPEN_FALSE@AIX_SRC = dlfcn.c +@KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_FALSE@AIX_SRC = afslib.c +@KRB4_TRUE@@AIX_FALSE@AIX_SRC = +@KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_TRUE@AFS_EXTRA_LIBS = afslib.so +@KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_FALSE@AFS_EXTRA_LIBS = +@KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_TRUE@AFS_EXTRA_DEFS = +@KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_FALSE@AFS_EXTRA_DEFS = -DSTATIC_AFS + +lib_LTLIBRARIES = $(AFSLIBS) +libkafs_la_LDFLAGS = -version-info 1:2:1 +foodir = $(libdir) +foo_DATA = $(AFS_EXTRA_LIBS) +# EXTRA_DATA = afslib.so + +CLEANFILES = $(AFS_EXTRA_LIBS) + +include_HEADERS = kafs.h + +@KRB5_TRUE@afskrb5_c = afskrb5.c + +libkafs_la_SOURCES = afssys.c afskrb.c $(afskrb5_c) common.c $(AIX_SRC) kafs_locl.h afssysdefs.h +#afslib_so_SOURCES = afslib.c + +EXTRA_libkafs_la_SOURCES = afskrb5.c dlfcn.c afslib.c dlfcn.h + +EXTRA_DIST = README.dlfcn afsl.exp afslib.exp + +man_MANS = kafs.3 +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = ../../include/config.h +CONFIG_CLEAN_FILES = +LTLIBRARIES = $(lib_LTLIBRARIES) + + +DEFS = @DEFS@ -I. -I$(srcdir) -I../../include +CPPFLAGS = @CPPFLAGS@ +LDFLAGS = @LDFLAGS@ +LIBS = @LIBS@ +X_CFLAGS = @X_CFLAGS@ +X_LIBS = @X_LIBS@ +X_EXTRA_LIBS = @X_EXTRA_LIBS@ +X_PRE_LIBS = @X_PRE_LIBS@ +libkafs_la_LIBADD = +@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb5.lo \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@common.lo +@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \ +@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \ +@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \ +@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb5.lo \ +@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@common.lo +@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \ +@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \ +@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \ +@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@common.lo +@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \ +@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \ +@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \ +@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb5.lo \ +@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@common.lo +@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \ +@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \ +@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \ +@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@common.lo +@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \ +@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \ +@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \ +@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb5.lo \ +@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@common.lo +@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \ +@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \ +@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \ +@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@common.lo +@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \ +@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \ +@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \ +@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb5.lo \ +@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@common.lo +@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \ +@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \ +@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \ +@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@common.lo +@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \ +@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \ +@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \ +@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb5.lo \ +@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@common.lo +@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \ +@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \ +@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \ +@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@common.lo +@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \ +@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \ +@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \ +@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@common.lo +@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \ +@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \ +@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \ +@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb5.lo \ +@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@common.lo +@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \ +@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \ +@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \ +@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@common.lo +@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \ +@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \ +@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \ +@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb5.lo \ +@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@common.lo +@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \ +@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \ +@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \ +@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb5.lo \ +@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@common.lo +@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \ +@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \ +@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \ +@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@common.lo +@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \ +@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \ +@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \ +@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@common.lo +@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \ +@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \ +@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \ +@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb5.lo \ +@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@common.lo +@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@common.lo \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afslib.lo +@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb5.lo \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@common.lo \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@dlfcn.lo +@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@common.lo +@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \ +@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \ +@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \ +@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb5.lo \ +@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@common.lo +@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb5.lo \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@common.lo \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afslib.lo +@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \ +@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \ +@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \ +@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@common.lo +@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@common.lo \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@dlfcn.lo +@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \ +@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \ +@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \ +@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb5.lo \ +@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@common.lo +@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \ +@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \ +@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \ +@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@common.lo +@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \ +@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \ +@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \ +@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb5.lo \ +@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@common.lo +@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@common.lo \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afslib.lo +@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb5.lo \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@common.lo \ +@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afslib.lo +@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \ +@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \ +@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \ +@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@common.lo +CFLAGS = @CFLAGS@ +COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +man3dir = $(mandir)/man3 +MANS = $(man_MANS) +DATA = $(foo_DATA) + +HEADERS = $(include_HEADERS) + +DIST_COMMON = ChangeLog Makefile.am Makefile.in + + +DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) + +TAR = tar +GZIP_ENV = --best +SOURCES = $(libkafs_la_SOURCES) $(EXTRA_libkafs_la_SOURCES) +OBJECTS = $(libkafs_la_OBJECTS) + +all: all-redirect +.SUFFIXES: +.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .s .x +$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common + cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/kafs/Makefile + +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + cd $(top_builddir) \ + && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status + + +mostlyclean-libLTLIBRARIES: + +clean-libLTLIBRARIES: + -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) + +distclean-libLTLIBRARIES: + +maintainer-clean-libLTLIBRARIES: + +install-libLTLIBRARIES: $(lib_LTLIBRARIES) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(libdir) + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + echo "$(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p"; \ + $(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p; \ + else :; fi; \ + done + +uninstall-libLTLIBRARIES: + @$(NORMAL_UNINSTALL) + list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \ + done + +.c.o: + $(COMPILE) -c $< + +# FIXME: We should only use cygpath when building on Windows, +# and only if it is available. +.c.obj: + $(COMPILE) -c `cygpath -w $<` + +.s.o: + $(COMPILE) -c $< + +.S.o: + $(COMPILE) -c $< + +mostlyclean-compile: + -rm -f *.o core *.core + -rm -f *.$(OBJEXT) + +clean-compile: + +distclean-compile: + -rm -f *.tab.c + +maintainer-clean-compile: + +.c.lo: + $(LIBTOOL) --mode=compile $(COMPILE) -c $< + +.s.lo: + $(LIBTOOL) --mode=compile $(COMPILE) -c $< + +.S.lo: + $(LIBTOOL) --mode=compile $(COMPILE) -c $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +distclean-libtool: + +maintainer-clean-libtool: + +libkafs.la: $(libkafs_la_OBJECTS) $(libkafs_la_DEPENDENCIES) + $(LINK) -rpath $(libdir) $(libkafs_la_LDFLAGS) $(libkafs_la_OBJECTS) $(libkafs_la_LIBADD) $(LIBS) + +install-man3: + $(mkinstalldirs) $(DESTDIR)$(man3dir) + @list='$(man3_MANS)'; \ + l2='$(man_MANS)'; for i in $$l2; do \ + case "$$i" in \ + *.3*) list="$$list $$i" ;; \ + esac; \ + done; \ + for i in $$list; do \ + if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ + else file=$$i; fi; \ + ext=`echo $$i | sed -e 's/^.*\\.//'`; \ + inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ + inst=`echo $$inst | sed '$(transform)'`.$$ext; \ + echo " $(INSTALL_DATA) $$file $(DESTDIR)$(man3dir)/$$inst"; \ + $(INSTALL_DATA) $$file $(DESTDIR)$(man3dir)/$$inst; \ + done + +uninstall-man3: + @list='$(man3_MANS)'; \ + l2='$(man_MANS)'; for i in $$l2; do \ + case "$$i" in \ + *.3*) list="$$list $$i" ;; \ + esac; \ + done; \ + for i in $$list; do \ + ext=`echo $$i | sed -e 's/^.*\\.//'`; \ + inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ + inst=`echo $$inst | sed '$(transform)'`.$$ext; \ + echo " rm -f $(DESTDIR)$(man3dir)/$$inst"; \ + rm -f $(DESTDIR)$(man3dir)/$$inst; \ + done +install-man: $(MANS) + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-man3 +uninstall-man: + @$(NORMAL_UNINSTALL) + $(MAKE) $(AM_MAKEFLAGS) uninstall-man3 + +install-fooDATA: $(foo_DATA) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(foodir) + @list='$(foo_DATA)'; for p in $$list; do \ + if test -f $(srcdir)/$$p; then \ + echo " $(INSTALL_DATA) $(srcdir)/$$p $(DESTDIR)$(foodir)/$$p"; \ + $(INSTALL_DATA) $(srcdir)/$$p $(DESTDIR)$(foodir)/$$p; \ + else if test -f $$p; then \ + echo " $(INSTALL_DATA) $$p $(DESTDIR)$(foodir)/$$p"; \ + $(INSTALL_DATA) $$p $(DESTDIR)$(foodir)/$$p; \ + fi; fi; \ + done + +uninstall-fooDATA: + @$(NORMAL_UNINSTALL) + list='$(foo_DATA)'; for p in $$list; do \ + rm -f $(DESTDIR)$(foodir)/$$p; \ + done + +install-includeHEADERS: $(include_HEADERS) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(includedir) + @list='$(include_HEADERS)'; for p in $$list; do \ + if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \ + echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p"; \ + $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p; \ + done + +uninstall-includeHEADERS: + @$(NORMAL_UNINSTALL) + list='$(include_HEADERS)'; for p in $$list; do \ + rm -f $(DESTDIR)$(includedir)/$$p; \ + done + +tags: TAGS + +ID: $(HEADERS) $(SOURCES) $(LISP) + list='$(SOURCES) $(HEADERS)'; \ + unique=`for i in $$list; do echo $$i; done | \ + awk ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + here=`pwd` && cd $(srcdir) \ + && mkid -f$$here/ID $$unique $(LISP) + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS)'; \ + unique=`for i in $$list; do echo $$i; done | \ + awk ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ + || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS) + +mostlyclean-tags: + +clean-tags: + +distclean-tags: + -rm -f TAGS ID + +maintainer-clean-tags: + +distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) + +subdir = lib/kafs + +distdir: $(DISTFILES) + @for file in $(DISTFILES); do \ + d=$(srcdir); \ + if test -d $$d/$$file; then \ + cp -pr $$/$$file $(distdir)/$$file; \ + else \ + test -f $(distdir)/$$file \ + || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ + || cp -p $$d/$$file $(distdir)/$$file || :; \ + fi; \ + done + $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook +info-am: +info: info-am +dvi-am: +dvi: dvi-am +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) check-local +check: check-am +installcheck-am: +installcheck: installcheck-am +install-exec-am: install-libLTLIBRARIES + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-exec-hook +install-exec: install-exec-am + +install-data-am: install-man install-fooDATA install-includeHEADERS \ + install-data-local +install-data: install-data-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am +install: install-am +uninstall-am: uninstall-libLTLIBRARIES uninstall-man uninstall-fooDATA \ + uninstall-includeHEADERS +uninstall: uninstall-am +all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA) $(HEADERS) all-local +all-redirect: all-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install +installdirs: + $(mkinstalldirs) $(DESTDIR)$(libdir) $(DESTDIR)$(mandir)/man3 \ + $(DESTDIR)$(foodir) $(DESTDIR)$(includedir) + + +mostlyclean-generic: + +clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) + +distclean-generic: + -rm -f Makefile $(CONFIG_CLEAN_FILES) + -rm -f config.cache config.log stamp-h stamp-h[0-9]* + +maintainer-clean-generic: +mostlyclean-am: mostlyclean-libLTLIBRARIES mostlyclean-compile \ + mostlyclean-libtool mostlyclean-tags \ + mostlyclean-generic + +mostlyclean: mostlyclean-am + +clean-am: clean-libLTLIBRARIES clean-compile clean-libtool clean-tags \ + clean-generic mostlyclean-am + +clean: clean-am + +distclean-am: distclean-libLTLIBRARIES distclean-compile \ + distclean-libtool distclean-tags distclean-generic \ + clean-am + -rm -f libtool + +distclean: distclean-am + +maintainer-clean-am: maintainer-clean-libLTLIBRARIES \ + maintainer-clean-compile maintainer-clean-libtool \ + maintainer-clean-tags maintainer-clean-generic \ + distclean-am + @echo "This command is intended for maintainers to use;" + @echo "it deletes files that may require special tools to rebuild." + +maintainer-clean: maintainer-clean-am + +.PHONY: mostlyclean-libLTLIBRARIES distclean-libLTLIBRARIES \ +clean-libLTLIBRARIES maintainer-clean-libLTLIBRARIES \ +uninstall-libLTLIBRARIES install-libLTLIBRARIES mostlyclean-compile \ +distclean-compile clean-compile maintainer-clean-compile \ +mostlyclean-libtool distclean-libtool clean-libtool \ +maintainer-clean-libtool install-man3 uninstall-man3 install-man \ +uninstall-man uninstall-fooDATA install-fooDATA \ +uninstall-includeHEADERS install-includeHEADERS tags mostlyclean-tags \ +distclean-tags clean-tags maintainer-clean-tags distdir info-am info \ +dvi-am dvi check-local check check-am installcheck-am installcheck \ +install-exec-am install-exec install-data-local install-data-am \ +install-data install-am install uninstall-am uninstall all-local \ +all-redirect all-am all installdirs mostlyclean-generic \ +distclean-generic clean-generic maintainer-clean-generic clean \ +mostlyclean distclean maintainer-clean + + +install-suid-programs: + @foo='$(bin_SUIDS)'; \ + for file in $$foo; do \ + x=$(DESTDIR)$(bindir)/$$file; \ + if chown 0:0 $$x && chmod u+s $$x; then :; else \ + chmod 0 $$x; fi; done + +install-exec-hook: install-suid-programs + +install-build-headers:: $(include_HEADERS) $(build_HEADERZ) + @foo='$(include_HEADERS) $(build_HEADERZ)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " cp $$file $(buildinclude)/$$f"; \ + cp $$file $(buildinclude)/$$f; \ + fi ; \ + done + +all-local: install-build-headers +#NROFF_MAN = nroff -man +.1.cat1: + $(NROFF_MAN) $< > $@ +.3.cat3: + $(NROFF_MAN) $< > $@ +.5.cat5: + $(NROFF_MAN) $< > $@ +.8.cat8: + $(NROFF_MAN) $< > $@ + +dist-cat1-mans: + @foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat3-mans: + @foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat5-mans: + @foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat8-mans: + @foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans + +install-cat1-mans: + @ext=1;\ + foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat3-mans: + @ext=3;\ + foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat5-mans: + @ext=5;\ + foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat8-mans: + @ext=8;\ + foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans + +install-data-local: install-cat-mans + +.et.h: + $(COMPILE_ET) $< +.et.c: + $(COMPILE_ET) $< + +.x.c: + @cmp -s $< $@ 2> /dev/null || cp $< $@ + +check-local:: + @foo='$(CHECK_LOCAL)'; \ + if test "$$foo"; then \ + failed=0; all=0; \ + for i in $$foo; do \ + all=`expr $$all + 1`; \ + if ./$$i --version > /dev/null 2>&1; then \ + echo "PASS: $$i"; \ + else \ + echo "FAIL: $$i"; \ + failed=`expr $$failed + 1`; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0; \ + fi + +# AIX: this almost works with gcc, but somehow it fails to use the +# correct ld, use ld instead +afslib.so: afslib.o + ld -o $@ -bM:SRE -bI:$(srcdir)/afsl.exp -bE:$(srcdir)/afslib.exp $(AFS_EXTRA_LD) afslib.o -lc + +$(OBJECTS): ../../include/config.h + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/crypto/heimdal/lib/kafs/README.dlfcn b/crypto/heimdal/lib/kafs/README.dlfcn new file mode 100644 index 0000000..cee1b75 --- /dev/null +++ b/crypto/heimdal/lib/kafs/README.dlfcn @@ -0,0 +1,246 @@ +Copyright (c) 1992,1993,1995,1996, Jens-Uwe Mager, Helios Software GmbH +Not derived from licensed software. + +Permission is granted to freely use, copy, modify, and redistribute +this software, provided that the author is not construed to be liable +for any results of using the software, alterations are clearly marked +as such, and this notice is not modified. + +libdl.a +------- + +This is an emulation library to emulate the SunOS/System V.4 functions +to access the runtime linker. The functions are emulated by using the +AIX load() function and by reading the .loader section of the loaded +module to find the exports. The to be loaded module should be linked as +follows (if using AIX 3): + + cc -o module.so -bM:SRE -bE:module.exp -e _nostart $(OBJS) + +For AIX 4: + + cc -o module.so -bM:SRE -bE:module.exp -bnoentry $(OBJS) + +If you want to reference symbols from the main part of the program in a +loaded module, you will have to link against the export file of the +main part: + + cc -o main -bE:main.exp $(MAIN_OBJS) + cc -o module.so -bM:SRE -bI:main.exp -bE:module.exp -bnoentry $(OBJS) + +Note that you explicitely have to specify what functions are supposed +to be accessible from your loaded modules, this is different from +SunOS/System V.4 where any global is automatically exported. If you +want to export all globals, the following script might be of help: + +#!/bin/sh +/usr/ucb/nm -g $* | awk '$2 == "B" || $2 == "D" { print $3 }' + +The module export file contains the symbols to be exported. Because +this library uses the loader section, the final module.so file can be +stripped. C++ users should build their shared objects using the script +makeC++SharedLib (part of the IBM C++ compiler), this will make sure +that constructors and destructors for static and global objects will be +called upon loading and unloading the module. GNU C++ users should use +the -shared option to g++ to link the shared object: + + g++ -o module.so -shared $(OBJS) + +If the shared object does have permissions for anybody, the shared +object will be loaded into the shared library segment and it will stay +there even if the main application terminates. If you rebuild your +shared object after a bugfix and you want to make sure that you really +get the newest version you will have to use the "slibclean" command +before starting the application again to garbage collect the shared +library segment. If the performance utilities (bosperf) are installed +you can use the following command to see what shared objects are +loaded: + +/usr/lpp/bosperf/genkld | sort | uniq + +For easier debugging you can avoid loading the shared object into the +shared library segment alltogether by removing permissions for others +from the module.so file: + +chmod o-rwx module.so + +This will ensure you get a fresh copy of the shared object for every +dlopen() call which is loaded into the application's data segment. + +Usage +----- + +void *dlopen(const char *path, int mode); + +This routine loads the module pointed to by path and reads its export +table. If the path does not contain a '/' character, dlopen will search +for the module using the LIBPATH environment variable. It returns an +opaque handle to the module or NULL on error. The mode parameter can be +either RTLD_LAZY (for lazy function binding) or RTLD_NOW for immediate +function binding. The AIX implementation currently does treat RTLD_NOW +the same as RTLD_LAZY. The flag RTLD_GLOBAL might be or'ed into the +mode parameter to allow loaded modules to bind to global variables or +functions in other loaded modules loaded by dlopen(). If RTLD_GLOBAL is +not specified, only globals from the main part of the executable or +shared libraries are used to look for undefined symbols in loaded +modules. + + +void *dlsym(void *handle, const char *symbol); + +This routine searches for the symbol in the module referred to by +handle and returns its address. If the symbol could not be found, the +function returns NULL. The return value must be casted to a proper +function pointer before it can be used. SunOS/System V.4 allows handle +to be a NULL pointer to refer to the module the call is made from, this +is not implemented. + +int dlclose(void *handle); + +This routine unloads the module referred to by the handle and disposes +of any local storage. this function returns -1 on failure. Any function +pointers obtained through dlsym() should be considered invalid after +closing a module. + +As AIX caches shared objects in the shared library segment, function +pointers obtained through dlsym() might still work even though the +module has been unloaded. This can introduce subtle bugs that will +segment fault later if AIX garbage collects or immediatly on +SunOS/System V.4 as the text segment is unmapped. + +char *dlerror(void); + +This routine can be used to retrieve a text message describing the most +recent error that occured on on of the above routines. This function +returns NULL if there is no error information. + +Initialization and termination handlers +--------------------------------------- + +The emulation provides for an initialization and a termination +handler. The dlfcn.h file contains a structure declaration named +dl_info with following members: + + void (*init)(void); + void (*fini)(void); + +The init function is called upon first referencing the library. The +fini function is called at dlclose() time or when the process exits. +The module should declare a variable named dl_info that contains this +structure which must be exported. These functions correspond to the +documented _init() and _fini() functions of SunOS 4.x, but these are +appearently not implemented in SunOS. When using SunOS 5.0, these +correspond to #pragma init and #pragma fini respectively. At the same +time any static or global C++ object's constructors or destructors will +be called. + +BUGS +---- + +Please note that there is currently a problem with implicitely loaded +shared C++ libaries: if you refer to a shared C++ library from a loaded +module that is not yet used by the main program, the dlopen() emulator +does not notice this and does not call the static constructors for the +implicitely loaded library. This can be easily demonstrated by +referencing the C++ standard streams from a loaded module if the main +program is a plain C program. + +Jens-Uwe Mager + +HELIOS Software GmbH +Lavesstr. 80 +30159 Hannover +Germany + +Phone: +49 511 36482-0 +FAX: +49 511 36482-69 +AppleLink: helios.de/jum +Internet: jum@helios.de + +Revison History +--------------- + +SCCS/s.dlfcn.h: + +D 1.4 95/04/25 09:36:52 jum 4 3 00018/00004/00028 +MRs: +COMMENTS: +added RTLD_GLOBAL, include and C++ guards + +D 1.3 92/12/27 20:58:32 jum 3 2 00001/00001/00031 +MRs: +COMMENTS: +we always have prototypes on RS/6000 + +D 1.2 92/08/16 17:45:11 jum 2 1 00009/00000/00023 +MRs: +COMMENTS: +added dl_info structure to implement initialize and terminate functions + +D 1.1 92/08/02 18:08:45 jum 1 0 00023/00000/00000 +MRs: +COMMENTS: +Erstellungsdatum und -uhrzeit 92/08/02 18:08:45 von jum + +SCCS/s.dlfcn.c: + +D 1.11 96/04/10 20:12:51 jum 13 12 00037/00000/00533 +MRs: +COMMENTS: +Integrated the changes from John W. Eaton <jwe@bevo.che.wisc.edu> to initialize +g++ generated shared objects. + +D 1.10 96/02/15 17:42:44 jum 12 10 00012/00007/00521 +MRs: +COMMENTS: +the C++ constructor and destructor chains are now called properly for either +xlC 2 or xlC 3 (CSet++). + +D 1.9 95/09/22 11:09:38 markus 10 9 00001/00008/00527 +MRs: +COMMENTS: +Fix version number + +D 1.8 95/09/22 10:14:34 markus 9 8 00008/00001/00527 +MRs: +COMMENTS: +Added version number for dl lib + +D 1.7 95/08/14 19:08:38 jum 8 6 00026/00004/00502 +MRs: +COMMENTS: +Integrated the fixes from Kirk Benell (kirk@rsinc.com) to allow loading of +shared objects generated under AIX 4. Fixed bug that symbols with exactly +8 characters would use garbage characters from the following symbol value. + +D 1.6 95/04/25 09:38:03 jum 6 5 00046/00006/00460 +MRs: +COMMENTS: +added handling of C++ static constructors and destructors, added RTLD_GLOBAL to bind against other loaded modules + +D 1.5 93/02/14 20:14:17 jum 5 4 00002/00000/00464 +MRs: +COMMENTS: +added path to dlopen error message to make clear where there error occured. + +D 1.4 93/01/03 19:13:56 jum 4 3 00061/00005/00403 +MRs: +COMMENTS: +to allow calling symbols in the main module call load with L_NOAUTODEFER and +do a loadbind later with the main module. + +D 1.3 92/12/27 20:59:55 jum 3 2 00066/00008/00342 +MRs: +COMMENTS: +added search by L_GETINFO if module got loaded by LIBPATH + +D 1.2 92/08/16 17:45:43 jum 2 1 00074/00006/00276 +MRs: +COMMENTS: +implemented initialize and terminate functions, added reference counting to avoid multiple loads of the same library + +D 1.1 92/08/02 18:08:45 jum 1 0 00282/00000/00000 +MRs: +COMMENTS: +Erstellungsdatum und -uhrzeit 92/08/02 18:08:45 von jum + diff --git a/crypto/heimdal/lib/kafs/afskrb.c b/crypto/heimdal/lib/kafs/afskrb.c new file mode 100644 index 0000000..805750d --- /dev/null +++ b/crypto/heimdal/lib/kafs/afskrb.c @@ -0,0 +1,139 @@ +/* + * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kafs_locl.h" + +RCSID("$Id: afskrb.c,v 1.13 1999/12/02 16:58:39 joda Exp $"); + +struct krb_kafs_data { + const char *realm; +}; + +static int +get_cred(kafs_data *data, const char *name, const char *inst, + const char *realm, CREDENTIALS *c) +{ + KTEXT_ST tkt; + int ret = krb_get_cred((char*)name, (char*)inst, (char*)realm, c); + + if (ret) { + ret = krb_mk_req(&tkt, (char*)name, (char*)inst, (char*)realm, 0); + if (ret == KSUCCESS) + ret = krb_get_cred((char*)name, (char*)inst, (char*)realm, c); + } + return ret; +} + +static int +afslog_uid_int(kafs_data *data, + const char *cell, + const char *realm_hint, + uid_t uid, + const char *homedir) +{ + int ret; + CREDENTIALS c; + char realm[REALM_SZ]; + + if (cell == 0 || cell[0] == 0) + return _kafs_afslog_all_local_cells (data, uid, homedir); + + /* Extract realm from ticket file. */ + { + char name[ANAME_SZ], inst[INST_SZ]; + + ret = krb_get_default_principal(name, inst, realm); + if (ret != KSUCCESS) + return ret; + } + + ret = _kafs_get_cred(data, cell, realm_hint, realm, &c); + + if (ret == 0) + ret = kafs_settoken(cell, uid, &c); + return ret; +} + +static char * +get_realm(kafs_data *data, const char *host) +{ + char *r = krb_realmofhost(host); + if(r != NULL) + return strdup(r); + else + return NULL; +} + +int +krb_afslog_uid_home(const char *cell, const char *realm_hint, uid_t uid, + const char *homedir) +{ + kafs_data kd; + + kd.afslog_uid = afslog_uid_int; + kd.get_cred = get_cred; + kd.get_realm = get_realm; + kd.data = 0; + return afslog_uid_int(&kd, cell, realm_hint, uid, homedir); +} + +int +krb_afslog_uid(const char *cell, const char *realm_hint, uid_t uid) +{ + return krb_afslog_uid_home(cell, realm_hint, uid, NULL); +} + +int +krb_afslog(const char *cell, const char *realm_hint) +{ + return krb_afslog_uid(cell, realm_hint, getuid()); +} + +int +krb_afslog_home(const char *cell, const char *realm_hint, const char *homedir) +{ + return krb_afslog_uid_home(cell, realm_hint, getuid(), homedir); +} + +/* + * + */ + +int +krb_realm_of_cell(const char *cell, char **realm) +{ + kafs_data kd; + + kd.get_realm = get_realm; + return _kafs_realm_of_cell(&kd, cell, realm); +} diff --git a/crypto/heimdal/lib/kafs/afskrb5.c b/crypto/heimdal/lib/kafs/afskrb5.c new file mode 100644 index 0000000..4c35ea7 --- /dev/null +++ b/crypto/heimdal/lib/kafs/afskrb5.c @@ -0,0 +1,179 @@ +/* + * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kafs_locl.h" + +RCSID("$Id: afskrb5.c,v 1.13 1999/12/02 16:58:39 joda Exp $"); + +struct krb5_kafs_data { + krb5_context context; + krb5_ccache id; + krb5_const_realm realm; +}; + +static int +get_cred(kafs_data *data, const char *name, const char *inst, + const char *realm, CREDENTIALS *c) +{ + krb5_error_code ret; + krb5_creds in_creds, *out_creds; + struct krb5_kafs_data *d = data->data; + + memset(&in_creds, 0, sizeof(in_creds)); + ret = krb5_425_conv_principal(d->context, name, inst, realm, + &in_creds.server); + if(ret) + return ret; + ret = krb5_cc_get_principal(d->context, d->id, &in_creds.client); + if(ret){ + krb5_free_principal(d->context, in_creds.server); + return ret; + } + in_creds.session.keytype = KEYTYPE_DES; + ret = krb5_get_credentials(d->context, 0, d->id, &in_creds, &out_creds); + krb5_free_principal(d->context, in_creds.server); + krb5_free_principal(d->context, in_creds.client); + if(ret) + return ret; + ret = krb524_convert_creds_kdc(d->context, d->id, out_creds, c); + krb5_free_creds(d->context, out_creds); + return ret; +} + +static krb5_error_code +afslog_uid_int(kafs_data *data, const char *cell, const char *rh, uid_t uid, + const char *homedir) +{ + krb5_error_code ret; + CREDENTIALS c; + krb5_principal princ; + krb5_realm *trealm; /* ticket realm */ + struct krb5_kafs_data *d = data->data; + + if (cell == 0 || cell[0] == 0) + return _kafs_afslog_all_local_cells (data, uid, homedir); + + ret = krb5_cc_get_principal (d->context, d->id, &princ); + if (ret) + return ret; + + trealm = krb5_princ_realm (d->context, princ); + + if (d->realm != NULL && strcmp (d->realm, *trealm) == 0) { + trealm = NULL; + krb5_free_principal (d->context, princ); + } + + ret = _kafs_get_cred(data, cell, d->realm, *trealm, &c); + if(trealm) + krb5_free_principal (d->context, princ); + + if(ret == 0) + ret = kafs_settoken(cell, uid, &c); + return ret; +} + +static char * +get_realm(kafs_data *data, const char *host) +{ + struct krb5_kafs_data *d = data->data; + krb5_realm *realms; + char *r; + if(krb5_get_host_realm(d->context, host, &realms)) + return NULL; + r = strdup(realms[0]); + krb5_free_host_realm(d->context, realms); + return r; +} + +krb5_error_code +krb5_afslog_uid_home(krb5_context context, + krb5_ccache id, + const char *cell, + krb5_const_realm realm, + uid_t uid, + const char *homedir) +{ + kafs_data kd; + struct krb5_kafs_data d; + kd.afslog_uid = afslog_uid_int; + kd.get_cred = get_cred; + kd.get_realm = get_realm; + kd.data = &d; + d.context = context; + d.id = id; + d.realm = realm; + return afslog_uid_int(&kd, cell, 0, uid, homedir); +} + +krb5_error_code +krb5_afslog_uid(krb5_context context, + krb5_ccache id, + const char *cell, + krb5_const_realm realm, + uid_t uid) +{ + return krb5_afslog_uid_home (context, id, cell, realm, uid, NULL); +} + +krb5_error_code +krb5_afslog(krb5_context context, + krb5_ccache id, + const char *cell, + krb5_const_realm realm) +{ + return krb5_afslog_uid (context, id, cell, realm, getuid()); +} + +krb5_error_code +krb5_afslog_home(krb5_context context, + krb5_ccache id, + const char *cell, + krb5_const_realm realm, + const char *homedir) +{ + return krb5_afslog_uid_home (context, id, cell, realm, getuid(), homedir); +} + +/* + * + */ + +krb5_error_code +krb5_realm_of_cell(const char *cell, char **realm) +{ + kafs_data kd; + + kd.get_realm = get_realm; + return _kafs_realm_of_cell(&kd, cell, realm); +} diff --git a/crypto/heimdal/lib/kafs/afsl.exp b/crypto/heimdal/lib/kafs/afsl.exp new file mode 100644 index 0000000..4d2b00e --- /dev/null +++ b/crypto/heimdal/lib/kafs/afsl.exp @@ -0,0 +1,6 @@ +#!/unix + +* This mumbo jumbo creates entry points to syscalls in _AIX + +lpioctl syscall +lsetpag syscall diff --git a/crypto/heimdal/lib/kafs/afslib.c b/crypto/heimdal/lib/kafs/afslib.c new file mode 100644 index 0000000..ae3b5a5 --- /dev/null +++ b/crypto/heimdal/lib/kafs/afslib.c @@ -0,0 +1,55 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* + * This file is only used with AIX + */ + +#include "kafs_locl.h" + +RCSID("$Id: afslib.c,v 1.6 1999/12/02 16:58:40 joda Exp $"); + +int +aix_pioctl(char *a_path, + int o_opcode, + struct ViceIoctl *a_paramsP, + int a_followSymlinks) +{ + return lpioctl(a_path, o_opcode, a_paramsP, a_followSymlinks); +} + +int +aix_setpag(void) +{ + return lsetpag(); +} diff --git a/crypto/heimdal/lib/kafs/afslib.exp b/crypto/heimdal/lib/kafs/afslib.exp new file mode 100644 index 0000000..f288717 --- /dev/null +++ b/crypto/heimdal/lib/kafs/afslib.exp @@ -0,0 +1,3 @@ +#! +aix_pioctl +aix_setpag diff --git a/crypto/heimdal/lib/kafs/afssys.c b/crypto/heimdal/lib/kafs/afssys.c new file mode 100644 index 0000000..d49a65a --- /dev/null +++ b/crypto/heimdal/lib/kafs/afssys.c @@ -0,0 +1,395 @@ +/* + * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kafs_locl.h" + +RCSID("$Id: afssys.c,v 1.65 1999/12/02 16:58:40 joda Exp $"); + +int _kafs_debug; /* this should be done in a better way */ + +#define NO_ENTRY_POINT 0 +#define SINGLE_ENTRY_POINT 1 +#define MULTIPLE_ENTRY_POINT 2 +#define SINGLE_ENTRY_POINT2 3 +#define SINGLE_ENTRY_POINT3 4 +#define AIX_ENTRY_POINTS 5 +#define UNKNOWN_ENTRY_POINT 6 +static int afs_entry_point = UNKNOWN_ENTRY_POINT; +static int afs_syscalls[2]; + +/* Magic to get AIX syscalls to work */ +#ifdef _AIX + +static int (*Pioctl)(char*, int, struct ViceIoctl*, int); +static int (*Setpag)(void); + +#include "dlfcn.h" + +/* + * + */ + +static int +try_aix(void) +{ +#ifdef STATIC_AFS_SYSCALLS + Pioctl = aix_pioctl; + Setpag = aix_setpag; +#else + void *ptr; + char path[MaxPathLen], *p; + /* + * If we are root or running setuid don't trust AFSLIBPATH! + */ + if (getuid() != 0 && !issuid() && (p = getenv("AFSLIBPATH")) != NULL) + strlcpy(path, p, sizeof(path)); + else + snprintf(path, sizeof(path), "%s/afslib.so", LIBDIR); + + ptr = dlopen(path, RTLD_NOW); + if(ptr == NULL) { + if(_kafs_debug) { + if(errno == ENOEXEC && (p = dlerror()) != NULL) + fprintf(stderr, "dlopen(%s): %s\n", path, p); + else if (errno != ENOENT) + fprintf(stderr, "dlopen(%s): %s\n", path, strerror(errno)); + } + return 1; + } + Setpag = (int (*)(void))dlsym(ptr, "aix_setpag"); + Pioctl = (int (*)(char*, int, + struct ViceIoctl*, int))dlsym(ptr, "aix_pioctl"); +#endif + afs_entry_point = AIX_ENTRY_POINTS; + return 0; +} +#endif /* _AIX */ + +/* + * This probably only works under Solaris and could get confused if + * there's a /etc/name_to_sysnum file. + */ + +#define _PATH_ETC_NAME_TO_SYSNUM "/etc/name_to_sysnum" + +static int +map_syscall_name_to_number (const char *str, int *res) +{ + FILE *f; + char buf[256]; + size_t str_len = strlen (str); + + f = fopen (_PATH_ETC_NAME_TO_SYSNUM, "r"); + if (f == NULL) + return -1; + while (fgets (buf, sizeof(buf), f) != NULL) { + if (strncmp (str, buf, str_len) == 0) { + char *begptr = buf + str_len; + char *endptr; + long val = strtol (begptr, &endptr, 0); + + if (val != 0 && endptr != begptr) { + fclose (f); + *res = val; + return 0; + } + } + } + fclose (f); + return -1; +} + +int +k_pioctl(char *a_path, + int o_opcode, + struct ViceIoctl *a_paramsP, + int a_followSymlinks) +{ +#ifndef NO_AFS + switch(afs_entry_point){ +#if defined(AFS_SYSCALL) || defined(AFS_SYSCALL2) || defined(AFS_SYSCALL3) + case SINGLE_ENTRY_POINT: + case SINGLE_ENTRY_POINT2: + case SINGLE_ENTRY_POINT3: + return syscall(afs_syscalls[0], AFSCALL_PIOCTL, + a_path, o_opcode, a_paramsP, a_followSymlinks); +#endif +#if defined(AFS_PIOCTL) + case MULTIPLE_ENTRY_POINT: + return syscall(afs_syscalls[0], + a_path, o_opcode, a_paramsP, a_followSymlinks); +#endif +#ifdef _AIX + case AIX_ENTRY_POINTS: + return Pioctl(a_path, o_opcode, a_paramsP, a_followSymlinks); +#endif + } + + errno = ENOSYS; +#ifdef SIGSYS + kill(getpid(), SIGSYS); /* You loose! */ +#endif +#endif /* NO_AFS */ + return -1; +} + +int +k_afs_cell_of_file(const char *path, char *cell, int len) +{ + struct ViceIoctl parms; + parms.in = NULL; + parms.in_size = 0; + parms.out = cell; + parms.out_size = len; + return k_pioctl((char*)path, VIOC_FILE_CELL_NAME, &parms, 1); +} + +int +k_unlog(void) +{ + struct ViceIoctl parms; + memset(&parms, 0, sizeof(parms)); + return k_pioctl(0, VIOCUNLOG, &parms, 0); +} + +int +k_setpag(void) +{ +#ifndef NO_AFS + switch(afs_entry_point){ +#if defined(AFS_SYSCALL) || defined(AFS_SYSCALL2) || defined(AFS_SYSCALL3) + case SINGLE_ENTRY_POINT: + case SINGLE_ENTRY_POINT2: + case SINGLE_ENTRY_POINT3: + return syscall(afs_syscalls[0], AFSCALL_SETPAG); +#endif +#if defined(AFS_PIOCTL) + case MULTIPLE_ENTRY_POINT: + return syscall(afs_syscalls[1]); +#endif +#ifdef _AIX + case AIX_ENTRY_POINTS: + return Setpag(); +#endif + } + + errno = ENOSYS; +#ifdef SIGSYS + kill(getpid(), SIGSYS); /* You loose! */ +#endif +#endif /* NO_AFS */ + return -1; +} + +static jmp_buf catch_SIGSYS; + +#ifdef SIGSYS + +static RETSIGTYPE +SIGSYS_handler(int sig) +{ + errno = 0; + signal(SIGSYS, SIGSYS_handler); /* Need to reinstall handler on SYSV */ + longjmp(catch_SIGSYS, 1); +} + +#endif + +/* + * Try to see if `syscall' is a pioctl. Return 0 iff succesful. + */ + +#if defined(AFS_SYSCALL) || defined(AFS_SYSCALL2) || defined(AFS_SYSCALL3) +static int +try_one (int syscall_num) +{ + struct ViceIoctl parms; + memset(&parms, 0, sizeof(parms)); + + if (setjmp(catch_SIGSYS) == 0) { + syscall(syscall_num, AFSCALL_PIOCTL, + 0, VIOCSETTOK, &parms, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0); + if (errno == EINVAL) { + afs_entry_point = SINGLE_ENTRY_POINT; + afs_syscalls[0] = syscall_num; + return 0; + } + } + return 1; +} +#endif + +/* + * Try to see if `syscall_pioctl' is a pioctl syscall. Return 0 iff + * succesful. + * + */ + +#ifdef AFS_PIOCTL +static int +try_two (int syscall_pioctl, int syscall_setpag) +{ + struct ViceIoctl parms; + memset(&parms, 0, sizeof(parms)); + + if (setjmp(catch_SIGSYS) == 0) { + syscall(syscall_pioctl, + 0, VIOCSETTOK, &parms, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0); + if (errno == EINVAL) { + afs_entry_point = MULTIPLE_ENTRY_POINT; + afs_syscalls[0] = syscall_pioctl; + afs_syscalls[1] = syscall_setpag; + return 0; + } + } + return 1; +} +#endif + +int +k_hasafs(void) +{ +#if !defined(NO_AFS) && defined(SIGSYS) + RETSIGTYPE (*saved_func)(); +#endif + int saved_errno; + char *env = getenv ("AFS_SYSCALL"); + + /* + * Already checked presence of AFS syscalls? + */ + if (afs_entry_point != UNKNOWN_ENTRY_POINT) + return afs_entry_point != NO_ENTRY_POINT; + + /* + * Probe kernel for AFS specific syscalls, + * they (currently) come in two flavors. + * If the syscall is absent we recive a SIGSYS. + */ + afs_entry_point = NO_ENTRY_POINT; + + saved_errno = errno; +#ifndef NO_AFS +#ifdef SIGSYS + saved_func = signal(SIGSYS, SIGSYS_handler); +#endif + +#if defined(AFS_SYSCALL) || defined(AFS_SYSCALL2) || defined(AFS_SYSCALL3) + { + int tmp; + + if (env != NULL) { + if (sscanf (env, "%d", &tmp) == 1) { + if (try_one (tmp) == 0) + goto done; + } else { + char *end = NULL; + char *p; + char *s = strdup (env); + + if (s != NULL) { + for (p = strtok_r (s, ",", &end); + p != NULL; + p = strtok_r (NULL, ",", &end)) { + if (map_syscall_name_to_number (p, &tmp) == 0) + if (try_one (tmp) == 0) { + free (s); + goto done; + } + } + free (s); + } + } + } + } +#endif /* AFS_SYSCALL || AFS_SYSCALL2 || AFS_SYSCALL3 */ + +#ifdef AFS_SYSCALL + if (try_one (AFS_SYSCALL) == 0) + goto done; +#endif /* AFS_SYSCALL */ + +#ifdef AFS_PIOCTL + { + int tmp[2]; + + if (env != NULL && sscanf (env, "%d%d", &tmp[0], &tmp[1]) == 2) + if (try_two (tmp[0], tmp[1]) == 2) + goto done; + } +#endif /* AFS_PIOCTL */ + +#ifdef AFS_PIOCTL + if (try_two (AFS_PIOCTL, AFS_SETPAG) == 0) + goto done; +#endif /* AFS_PIOCTL */ + +#ifdef AFS_SYSCALL2 + if (try_one (AFS_SYSCALL2) == 0) + goto done; +#endif /* AFS_SYSCALL2 */ + +#ifdef AFS_SYSCALL3 + if (try_one (AFS_SYSCALL3) == 0) + goto done; +#endif /* AFS_SYSCALL3 */ + +#ifdef _AIX +#if 0 + if (env != NULL) { + char *pos = NULL; + char *pioctl_name; + char *setpag_name; + + pioctl_name = strtok_r (env, ", \t", &pos); + if (pioctl_name != NULL) { + setpag_name = strtok_r (NULL, ", \t", &pos); + if (setpag_name != NULL) + if (try_aix (pioctl_name, setpag_name) == 0) + goto done; + } + } +#endif + + if(try_aix() == 0) + goto done; +#endif + +done: +#ifdef SIGSYS + signal(SIGSYS, saved_func); +#endif +#endif /* NO_AFS */ + errno = saved_errno; + return afs_entry_point != NO_ENTRY_POINT; +} diff --git a/crypto/heimdal/lib/kafs/afssysdefs.h b/crypto/heimdal/lib/kafs/afssysdefs.h new file mode 100644 index 0000000..574b33f --- /dev/null +++ b/crypto/heimdal/lib/kafs/afssysdefs.h @@ -0,0 +1,87 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: afssysdefs.h,v 1.21 1999/12/02 16:58:40 joda Exp $ */ + +/* + * This section is for machines using single entry point AFS syscalls! + * and/or + * This section is for machines using multiple entry point AFS syscalls! + * + * SunOS 4 is an example of single entry point and sgi of multiple + * entry point syscalls. + */ + +#if SunOS == 40 +#define AFS_SYSCALL 31 +#endif + +#if SunOS >= 50 && SunOS < 57 +#define AFS_SYSCALL 105 +#endif + +#if SunOS == 57 +#define AFS_SYSCALL 73 +#endif + +#if defined(__hpux) +#define AFS_SYSCALL 50 +#define AFS_SYSCALL2 49 +#define AFS_SYSCALL3 48 +#endif + +#if defined(_AIX) +/* _AIX is too weird */ +#endif + +#if defined(__sgi) +#define AFS_PIOCTL (64+1000) +#define AFS_SETPAG (65+1000) +#endif + +#if defined(__osf__) +#define AFS_SYSCALL 232 +#define AFS_SYSCALL2 258 +#endif + +#if defined(__ultrix) +#define AFS_SYSCALL 31 +#endif + +#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) +#define AFS_SYSCALL 210 +#endif + +#ifdef SYS_afs_syscall +#define AFS_SYSCALL3 SYS_afs_syscall +#endif diff --git a/crypto/heimdal/lib/kafs/common.c b/crypto/heimdal/lib/kafs/common.c new file mode 100644 index 0000000..207b9b6 --- /dev/null +++ b/crypto/heimdal/lib/kafs/common.c @@ -0,0 +1,396 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kafs_locl.h" + +RCSID("$Id: common.c,v 1.19 1999/12/02 16:58:40 joda Exp $"); + +#define AUTH_SUPERUSER "afs" + +/* + * Here only ASCII characters are relevant. + */ + +#define IsAsciiLower(c) ('a' <= (c) && (c) <= 'z') + +#define ToAsciiUpper(c) ((c) - 'a' + 'A') + +static void +foldup(char *a, const char *b) +{ + for (; *b; a++, b++) + if (IsAsciiLower(*b)) + *a = ToAsciiUpper(*b); + else + *a = *b; + *a = '\0'; +} + +int +kafs_settoken(const char *cell, uid_t uid, CREDENTIALS *c) +{ + struct ViceIoctl parms; + struct ClearToken ct; + int32_t sizeof_x; + char buf[2048], *t; + int ret; + + /* + * Build a struct ClearToken + */ + ct.AuthHandle = c->kvno; + memcpy (ct.HandShakeKey, c->session, sizeof(c->session)); + ct.ViceId = uid; + ct.BeginTimestamp = c->issue_date; + ct.EndTimestamp = krb_life_to_time(c->issue_date, c->lifetime); + if(ct.EndTimestamp < time(NULL)) + return 0; /* don't store tokens that has expired (and possibly + overwriting valid tokens)*/ + +#define ODD(x) ((x) & 1) + /* According to Transarc conventions ViceId is valid iff + * (EndTimestamp - BeginTimestamp) is odd. By decrementing EndTime + * the transformations: + * + * (issue_date, life) -> (StartTime, EndTime) -> (issue_date, life) + * preserves the original values. + */ + if (uid != 0) /* valid ViceId */ + { + if (!ODD(ct.EndTimestamp - ct.BeginTimestamp)) + ct.EndTimestamp--; + } + else /* not valid ViceId */ + { + if (ODD(ct.EndTimestamp - ct.BeginTimestamp)) + ct.EndTimestamp--; + } + + t = buf; + /* + * length of secret token followed by secret token + */ + sizeof_x = c->ticket_st.length; + memcpy(t, &sizeof_x, sizeof(sizeof_x)); + t += sizeof(sizeof_x); + memcpy(t, c->ticket_st.dat, sizeof_x); + t += sizeof_x; + /* + * length of clear token followed by clear token + */ + sizeof_x = sizeof(ct); + memcpy(t, &sizeof_x, sizeof(sizeof_x)); + t += sizeof(sizeof_x); + memcpy(t, &ct, sizeof_x); + t += sizeof_x; + + /* + * do *not* mark as primary cell + */ + sizeof_x = 0; + memcpy(t, &sizeof_x, sizeof(sizeof_x)); + t += sizeof(sizeof_x); + /* + * follow with cell name + */ + sizeof_x = strlen(cell) + 1; + memcpy(t, cell, sizeof_x); + t += sizeof_x; + + /* + * Build argument block + */ + parms.in = buf; + parms.in_size = t - buf; + parms.out = 0; + parms.out_size = 0; + ret = k_pioctl(0, VIOCSETTOK, &parms, 0); + return ret; +} + +/* Try to get a db-server for an AFS cell from a AFSDB record */ + +static int +dns_find_cell(const char *cell, char *dbserver, size_t len) +{ + struct dns_reply *r; + int ok = -1; + r = dns_lookup(cell, "afsdb"); + if(r){ + struct resource_record *rr = r->head; + while(rr){ + if(rr->type == T_AFSDB && rr->u.afsdb->preference == 1){ + strlcpy(dbserver, + rr->u.afsdb->domain, + len); + ok = 0; + break; + } + rr = rr->next; + } + dns_free_data(r); + } + return ok; +} + + +/* + * Try to find the cells we should try to klog to in "file". + */ +static void +find_cells(char *file, char ***cells, int *index) +{ + FILE *f; + char cell[64]; + int i; + int ind = *index; + + f = fopen(file, "r"); + if (f == NULL) + return; + while (fgets(cell, sizeof(cell), f)) { + char *t; + t = cell + strlen(cell); + for (; t >= cell; t--) + if (*t == '\n' || *t == '\t' || *t == ' ') + *t = 0; + if (cell[0] == '\0' || cell[0] == '#') + continue; + for(i = 0; i < ind; i++) + if(strcmp((*cells)[i], cell) == 0) + break; + if(i == ind){ + char **tmp; + + tmp = realloc(*cells, (ind + 1) * sizeof(**cells)); + if (tmp == NULL) + break; + *cells = tmp; + (*cells)[ind] = strdup(cell); + if ((*cells)[ind] == NULL) + break; + ++ind; + } + } + fclose(f); + *index = ind; +} + +/* + * Get tokens for all cells[] + */ +static int +afslog_cells(kafs_data *data, char **cells, int max, uid_t uid, + const char *homedir) +{ + int ret = 0; + int i; + for (i = 0; i < max; i++) { + int er = (*data->afslog_uid)(data, cells[i], 0, uid, homedir); + if (er) + ret = er; + } + return ret; +} + +int +_kafs_afslog_all_local_cells(kafs_data *data, uid_t uid, const char *homedir) +{ + int ret; + char **cells = NULL; + int index = 0; + + if (homedir == NULL) + homedir = getenv("HOME"); + if (homedir != NULL) { + char home[MaxPathLen]; + snprintf(home, sizeof(home), "%s/.TheseCells", homedir); + find_cells(home, &cells, &index); + } + find_cells(_PATH_THESECELLS, &cells, &index); + find_cells(_PATH_THISCELL, &cells, &index); + find_cells(_PATH_ARLA_THESECELLS, &cells, &index); + find_cells(_PATH_ARLA_THISCELL, &cells, &index); + + ret = afslog_cells(data, cells, index, uid, homedir); + while(index > 0) + free(cells[--index]); + free(cells); + return ret; +} + + +/* Find the realm associated with cell. Do this by opening + /usr/vice/etc/CellServDB and getting the realm-of-host for the + first VL-server for the cell. + + This does not work when the VL-server is living in one realm, but + the cell it is serving is living in another realm. + + Return 0 on success, -1 otherwise. + */ + +int +_kafs_realm_of_cell(kafs_data *data, const char *cell, char **realm) +{ + FILE *F; + char buf[1024]; + char *p; + int ret = -1; + + if ((F = fopen(_PATH_CELLSERVDB, "r")) + || (F = fopen(_PATH_ARLA_CELLSERVDB, "r"))) { + while (fgets(buf, sizeof(buf), F)) { + if (buf[0] != '>') + continue; /* Not a cell name line, try next line */ + if (strncmp(buf + 1, cell, strlen(cell)) == 0) { + /* + * We found the cell name we're looking for. + * Read next line on the form ip-address '#' hostname + */ + if (fgets(buf, sizeof(buf), F) == NULL) + break; /* Read failed, give up */ + p = strchr(buf, '#'); + if (p == NULL) + break; /* No '#', give up */ + p++; + if (buf[strlen(buf) - 1] == '\n') + buf[strlen(buf) - 1] = '\0'; + *realm = (*data->get_realm)(data, p); + if (*realm && **realm != '\0') + ret = 0; + break; /* Won't try any more */ + } + } + fclose(F); + } + if (*realm == NULL && dns_find_cell(cell, buf, sizeof(buf)) == 0) { + *realm = strdup(krb_realmofhost(buf)); + if(*realm != NULL) + ret = 0; + } + return ret; +} + +int +_kafs_get_cred(kafs_data *data, + const char *cell, + const char *realm_hint, + const char *realm, + CREDENTIALS *c) +{ + int ret = -1; + char *vl_realm; + char CELL[64]; + + /* We're about to find the the realm that holds the key for afs in + * the specified cell. The problem is that null-instance + * afs-principals are common and that hitting the wrong realm might + * yield the wrong afs key. The following assumptions were made. + * + * Any realm passed to us is preferred. + * + * If there is a realm with the same name as the cell, it is most + * likely the correct realm to talk to. + * + * In most (maybe even all) cases the database servers of the cell + * will live in the realm we are looking for. + * + * Try the local realm, but if the previous cases fail, this is + * really a long shot. + * + */ + + /* comments on the ordering of these tests */ + + /* If the user passes a realm, she probably knows something we don't + * know and we should try afs@realm_hint (otherwise we're talking with a + * blondino and she might as well have it.) + */ + + if (realm_hint) { + ret = (*data->get_cred)(data, AUTH_SUPERUSER, cell, realm_hint, c); + if (ret == 0) return 0; + ret = (*data->get_cred)(data, AUTH_SUPERUSER, "", realm_hint, c); + if (ret == 0) return 0; + } + + foldup(CELL, cell); + + /* + * If cell == realm we don't need no cross-cell authentication. + * Try afs@REALM. + */ + if (strcmp(CELL, realm) == 0) { + ret = (*data->get_cred)(data, AUTH_SUPERUSER, "", realm, c); + if (ret == 0) return 0; + /* Try afs.cell@REALM below. */ + } + + /* + * If the AFS servers have a file /usr/afs/etc/krb.conf containing + * REALM we still don't have to resort to cross-cell authentication. + * Try afs.cell@REALM. + */ + ret = (*data->get_cred)(data, AUTH_SUPERUSER, cell, realm, c); + if (ret == 0) return 0; + + /* + * We failed to get ``first class tickets'' for afs, + * fall back to cross-cell authentication. + * Try afs@CELL. + * Try afs.cell@CELL. + */ + ret = (*data->get_cred)(data, AUTH_SUPERUSER, "", CELL, c); + if (ret == 0) return 0; + ret = (*data->get_cred)(data, AUTH_SUPERUSER, cell, CELL, c); + if (ret == 0) return 0; + + /* + * Perhaps the cell doesn't correspond to any realm? + * Use realm of first volume location DB server. + * Try afs.cell@VL_REALM. + * Try afs@VL_REALM??? + */ + if (_kafs_realm_of_cell(data, cell, &vl_realm) == 0 + && strcmp(vl_realm, realm) != 0 + && strcmp(vl_realm, CELL) != 0) { + ret = (*data->get_cred)(data, AUTH_SUPERUSER, cell, vl_realm, c); + if (ret) + ret = (*data->get_cred)(data, AUTH_SUPERUSER, "", vl_realm, c); + free(vl_realm); + if (ret == 0) return 0; + } + + return ret; +} diff --git a/crypto/heimdal/lib/kafs/dlfcn.c b/crypto/heimdal/lib/kafs/dlfcn.c new file mode 100644 index 0000000..e664fe3 --- /dev/null +++ b/crypto/heimdal/lib/kafs/dlfcn.c @@ -0,0 +1,581 @@ +/* + * @(#)dlfcn.c 1.11 revision of 96/04/10 20:12:51 + * This is an unpublished work copyright (c) 1992 HELIOS Software GmbH + * 30159 Hannover, Germany + */ + +/* + * Changes marked with `--jwe' were made on April 7 1996 by John W. Eaton + * <jwe@bevo.che.wisc.edu> to support g++ and/or use with Octave. + */ + +/* + * This makes my life easier with Octave. --jwe + */ +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + +#include <stdio.h> +#include <errno.h> +#include <string.h> +#include <stdlib.h> +#include <sys/types.h> +#include <sys/ldr.h> +#include <a.out.h> +#include <ldfcn.h> +#include "dlfcn.h" + +/* + * We simulate dlopen() et al. through a call to load. Because AIX has + * no call to find an exported symbol we read the loader section of the + * loaded module and build a list of exported symbols and their virtual + * address. + */ + +typedef struct { + char *name; /* the symbols's name */ + void *addr; /* its relocated virtual address */ +} Export, *ExportPtr; + +/* + * xlC uses the following structure to list its constructors and + * destructors. This is gleaned from the output of munch. + */ +typedef struct { + void (*init)(void); /* call static constructors */ + void (*term)(void); /* call static destructors */ +} Cdtor, *CdtorPtr; + +typedef void (*GccCDtorPtr)(void); + +/* + * The void * handle returned from dlopen is actually a ModulePtr. + */ +typedef struct Module { + struct Module *next; + char *name; /* module name for refcounting */ + int refCnt; /* the number of references */ + void *entry; /* entry point from load */ + struct dl_info *info; /* optional init/terminate functions */ + CdtorPtr cdtors; /* optional C++ constructors */ + GccCDtorPtr gcc_ctor; /* g++ constructors --jwe */ + GccCDtorPtr gcc_dtor; /* g++ destructors --jwe */ + int nExports; /* the number of exports found */ + ExportPtr exports; /* the array of exports */ +} Module, *ModulePtr; + +/* + * We keep a list of all loaded modules to be able to call the fini + * handlers and destructors at atexit() time. + */ +static ModulePtr modList; + +/* + * The last error from one of the dl* routines is kept in static + * variables here. Each error is returned only once to the caller. + */ +static char errbuf[BUFSIZ]; +static int errvalid; + +/* + * The `fixed' gcc header files on AIX 3.2.5 provide a prototype for + * strdup(). --jwe + */ +#ifndef HAVE_STRDUP +extern char *strdup(const char *); +#endif +static void caterr(char *); +static int readExports(ModulePtr); +static void terminate(void); +static void *findMain(void); + +void *dlopen(const char *path, int mode) +{ + ModulePtr mp; + static void *mainModule; + + /* + * Upon the first call register a terminate handler that will + * close all libraries. Also get a reference to the main module + * for use with loadbind. + */ + if (!mainModule) { + if ((mainModule = findMain()) == NULL) + return NULL; + atexit(terminate); + } + /* + * Scan the list of modules if we have the module already loaded. + */ + for (mp = modList; mp; mp = mp->next) + if (strcmp(mp->name, path) == 0) { + mp->refCnt++; + return mp; + } + if ((mp = (ModulePtr)calloc(1, sizeof(*mp))) == NULL) { + errvalid++; + snprintf (errbuf, "calloc: %s", strerror(errno)); + return NULL; + } + if ((mp->name = strdup(path)) == NULL) { + errvalid++; + snprintf (errbuf, "strdup: %s", strerror(errno)); + free(mp); + return NULL; + } + /* + * load should be declared load(const char *...). Thus we + * cast the path to a normal char *. Ugly. + */ + if ((mp->entry = (void *)load((char *)path, L_NOAUTODEFER, NULL)) == NULL) { + free(mp->name); + free(mp); + errvalid++; + snprintf (errbuf, sizeof(errbuf), + "dlopen: %s: ", path); + /* + * If AIX says the file is not executable, the error + * can be further described by querying the loader about + * the last error. + */ + if (errno == ENOEXEC) { + char *tmp[BUFSIZ/sizeof(char *)]; + if (loadquery(L_GETMESSAGES, tmp, sizeof(tmp)) == -1) + strlcpy(errbuf, + strerror(errno), + sizeof(errbuf)); + else { + char **p; + for (p = tmp; *p; p++) + caterr(*p); + } + } else + strlcat(errbuf, + strerror(errno), + sizeof(errbuf)); + return NULL; + } + mp->refCnt = 1; + mp->next = modList; + modList = mp; + if (loadbind(0, mainModule, mp->entry) == -1) { + dlclose(mp); + errvalid++; + snprintf (errbuf, sizeof(errbuf), + "loadbind: %s", strerror(errno)); + return NULL; + } + /* + * If the user wants global binding, loadbind against all other + * loaded modules. + */ + if (mode & RTLD_GLOBAL) { + ModulePtr mp1; + for (mp1 = mp->next; mp1; mp1 = mp1->next) + if (loadbind(0, mp1->entry, mp->entry) == -1) { + dlclose(mp); + errvalid++; + snprintf (errbuf, sizeof(errbuf), + "loadbind: %s", + strerror(errno)); + return NULL; + } + } + if (readExports(mp) == -1) { + dlclose(mp); + return NULL; + } + /* + * If there is a dl_info structure, call the init function. + */ + if (mp->info = (struct dl_info *)dlsym(mp, "dl_info")) { + if (mp->info->init) + (*mp->info->init)(); + } else + errvalid = 0; + /* + * If the shared object was compiled using xlC we will need + * to call static constructors (and later on dlclose destructors). + */ + if (mp->cdtors = (CdtorPtr)dlsym(mp, "__cdtors")) { + CdtorPtr cp = mp->cdtors; + while (cp->init || cp->term) { + if (cp->init && cp->init != (void (*)(void))0xffffffff) + (*cp->init)(); + cp++; + } + /* + * If the shared object was compiled using g++, we will need + * to call global constructors using the _GLOBAL__DI function, + * and later, global destructors using the _GLOBAL_DD + * funciton. --jwe + */ + } else if (mp->gcc_ctor = (GccCDtorPtr)dlsym(mp, "_GLOBAL__DI")) { + (*mp->gcc_ctor)(); + mp->gcc_dtor = (GccCDtorPtr)dlsym(mp, "_GLOBAL__DD"); + } else + errvalid = 0; + return mp; +} + +/* + * Attempt to decipher an AIX loader error message and append it + * to our static error message buffer. + */ +static void caterr(char *s) +{ + char *p = s; + + while (*p >= '0' && *p <= '9') + p++; + switch(atoi(s)) { + case L_ERROR_TOOMANY: + strlcat(errbuf, "to many errors", sizeof(errbuf)); + break; + case L_ERROR_NOLIB: + strlcat(errbuf, "can't load library", sizeof(errbuf)); + strlcat(errbuf, p, sizeof(errbuf)); + break; + case L_ERROR_UNDEF: + strlcat(errbuf, "can't find symbol", sizeof(errbuf)); + strlcat(errbuf, p, sizeof(errbuf)); + break; + case L_ERROR_RLDBAD: + strlcat(errbuf, "bad RLD", sizeof(errbuf)); + strlcat(errbuf, p, sizeof(errbuf)); + break; + case L_ERROR_FORMAT: + strlcat(errbuf, "bad exec format in", sizeof(errbuf)); + strlcat(errbuf, p, sizeof(errbuf)); + break; + case L_ERROR_ERRNO: + strlcat(errbuf, strerror(atoi(++p)), sizeof(errbuf)); + break; + default: + strlcat(errbuf, s, sizeof(errbuf)); + break; + } +} + +void *dlsym(void *handle, const char *symbol) +{ + ModulePtr mp = (ModulePtr)handle; + ExportPtr ep; + int i; + + /* + * Could speed up the search, but I assume that one assigns + * the result to function pointers anyways. + */ + for (ep = mp->exports, i = mp->nExports; i; i--, ep++) + if (strcmp(ep->name, symbol) == 0) + return ep->addr; + errvalid++; + snprintf (errbuf, sizeof(errbuf), + "dlsym: undefined symbol %s", symbol); + return NULL; +} + +char *dlerror(void) +{ + if (errvalid) { + errvalid = 0; + return errbuf; + } + return NULL; +} + +int dlclose(void *handle) +{ + ModulePtr mp = (ModulePtr)handle; + int result; + ModulePtr mp1; + + if (--mp->refCnt > 0) + return 0; + if (mp->info && mp->info->fini) + (*mp->info->fini)(); + if (mp->cdtors) { + CdtorPtr cp = mp->cdtors; + while (cp->init || cp->term) { + if (cp->term && cp->init != (void (*)(void))0xffffffff) + (*cp->term)(); + cp++; + } + /* + * If the function to handle global destructors for g++ + * exists, call it. --jwe + */ + } else if (mp->gcc_dtor) { + (*mp->gcc_dtor)(); + } + result = unload(mp->entry); + if (result == -1) { + errvalid++; + snprintf (errbuf, sizeof(errbuf), + "%s", strerror(errno)); + } + if (mp->exports) { + ExportPtr ep; + int i; + for (ep = mp->exports, i = mp->nExports; i; i--, ep++) + if (ep->name) + free(ep->name); + free(mp->exports); + } + if (mp == modList) + modList = mp->next; + else { + for (mp1 = modList; mp1; mp1 = mp1->next) + if (mp1->next == mp) { + mp1->next = mp->next; + break; + } + } + free(mp->name); + free(mp); + return result; +} + +static void terminate(void) +{ + while (modList) + dlclose(modList); +} + +/* + * Build the export table from the XCOFF .loader section. + */ +static int readExports(ModulePtr mp) +{ + LDFILE *ldp = NULL; + SCNHDR sh, shdata; + LDHDR *lhp; + char *ldbuf; + LDSYM *ls; + int i; + ExportPtr ep; + + if ((ldp = ldopen(mp->name, ldp)) == NULL) { + struct ld_info *lp; + char *buf; + int size = 4*1024; + if (errno != ENOENT) { + errvalid++; + snprintf(errbuf, sizeof(errbuf), + "readExports: %s", + strerror(errno)); + return -1; + } + /* + * The module might be loaded due to the LIBPATH + * environment variable. Search for the loaded + * module using L_GETINFO. + */ + if ((buf = malloc(size)) == NULL) { + errvalid++; + snprintf(errbuf, sizeof(errbuf), + "readExports: %s", + strerror(errno)); + return -1; + } + while ((i = loadquery(L_GETINFO, buf, size)) == -1 && errno == ENOMEM) { + free(buf); + size += 4*1024; + if ((buf = malloc(size)) == NULL) { + errvalid++; + snprintf(errbuf, sizeof(errbuf), + "readExports: %s", + strerror(errno)); + return -1; + } + } + if (i == -1) { + errvalid++; + snprintf(errbuf, sizeof(errbuf), + "readExports: %s", + strerror(errno)); + free(buf); + return -1; + } + /* + * Traverse the list of loaded modules. The entry point + * returned by load() does actually point to the data + * segment origin. + */ + lp = (struct ld_info *)buf; + while (lp) { + if (lp->ldinfo_dataorg == mp->entry) { + ldp = ldopen(lp->ldinfo_filename, ldp); + break; + } + if (lp->ldinfo_next == 0) + lp = NULL; + else + lp = (struct ld_info *)((char *)lp + lp->ldinfo_next); + } + free(buf); + if (!ldp) { + errvalid++; + snprintf (errbuf, sizeof(errbuf), + "readExports: %s", strerror(errno)); + return -1; + } + } + if (TYPE(ldp) != U802TOCMAGIC) { + errvalid++; + snprintf(errbuf, sizeof(errbuf), "readExports: bad magic"); + while(ldclose(ldp) == FAILURE) + ; + return -1; + } + /* + * Get the padding for the data section. This is needed for + * AIX 4.1 compilers. This is used when building the final + * function pointer to the exported symbol. + */ + if (ldnshread(ldp, _DATA, &shdata) != SUCCESS) { + errvalid++; + snprintf(errbuf, sizeof(errbuf), + "readExports: cannot read data section header"); + while(ldclose(ldp) == FAILURE) + ; + return -1; + } + if (ldnshread(ldp, _LOADER, &sh) != SUCCESS) { + errvalid++; + snprintf(errbuf, sizeof(errbuf), + "readExports: cannot read loader section header"); + while(ldclose(ldp) == FAILURE) + ; + return -1; + } + /* + * We read the complete loader section in one chunk, this makes + * finding long symbol names residing in the string table easier. + */ + if ((ldbuf = (char *)malloc(sh.s_size)) == NULL) { + errvalid++; + snprintf (errbuf, sizeof(errbuf), + "readExports: %s", strerror(errno)); + while(ldclose(ldp) == FAILURE) + ; + return -1; + } + if (FSEEK(ldp, sh.s_scnptr, BEGINNING) != OKFSEEK) { + errvalid++; + snprintf(errbuf, sizeof(errbuf), + "readExports: cannot seek to loader section"); + free(ldbuf); + while(ldclose(ldp) == FAILURE) + ; + return -1; + } + if (FREAD(ldbuf, sh.s_size, 1, ldp) != 1) { + errvalid++; + snprintf(errbuf, sizeof(errbuf), + "readExports: cannot read loader section"); + free(ldbuf); + while(ldclose(ldp) == FAILURE) + ; + return -1; + } + lhp = (LDHDR *)ldbuf; + ls = (LDSYM *)(ldbuf+LDHDRSZ); + /* + * Count the number of exports to include in our export table. + */ + for (i = lhp->l_nsyms; i; i--, ls++) { + if (!LDR_EXPORT(*ls)) + continue; + mp->nExports++; + } + if ((mp->exports = (ExportPtr)calloc(mp->nExports, sizeof(*mp->exports))) == NULL) { + errvalid++; + snprintf (errbuf, sizeof(errbuf), + "readExports: %s", strerror(errno)); + free(ldbuf); + while(ldclose(ldp) == FAILURE) + ; + return -1; + } + /* + * Fill in the export table. All entries are relative to + * the entry point we got from load. + */ + ep = mp->exports; + ls = (LDSYM *)(ldbuf+LDHDRSZ); + for (i = lhp->l_nsyms; i; i--, ls++) { + char *symname; + char tmpsym[SYMNMLEN+1]; + if (!LDR_EXPORT(*ls)) + continue; + if (ls->l_zeroes == 0) + symname = ls->l_offset+lhp->l_stoff+ldbuf; + else { + /* + * The l_name member is not zero terminated, we + * must copy the first SYMNMLEN chars and make + * sure we have a zero byte at the end. + */ + strlcpy (tmpsym, ls->l_name, + SYMNMLEN + 1); + symname = tmpsym; + } + ep->name = strdup(symname); + ep->addr = (void *)((unsigned long)mp->entry + + ls->l_value - shdata.s_vaddr); + ep++; + } + free(ldbuf); + while(ldclose(ldp) == FAILURE) + ; + return 0; +} + +/* + * Find the main modules entry point. This is used as export pointer + * for loadbind() to be able to resolve references to the main part. + */ +static void * findMain(void) +{ + struct ld_info *lp; + char *buf; + int size = 4*1024; + int i; + void *ret; + + if ((buf = malloc(size)) == NULL) { + errvalid++; + snprintf (errbuf, sizeof(errbuf), + "findMail: %s", strerror(errno)); + return NULL; + } + while ((i = loadquery(L_GETINFO, buf, size)) == -1 && errno == ENOMEM) { + free(buf); + size += 4*1024; + if ((buf = malloc(size)) == NULL) { + errvalid++; + snprintf (errbuf, sizeof(errbuf), + "findMail: %s", strerror(errno)); + return NULL; + } + } + if (i == -1) { + errvalid++; + snprintf (errbuf, sizeof(errbuf), + "findMail: %s", strerror(errno)); + free(buf); + return NULL; + } + /* + * The first entry is the main module. The entry point + * returned by load() does actually point to the data + * segment origin. + */ + lp = (struct ld_info *)buf; + ret = lp->ldinfo_dataorg; + free(buf); + return ret; +} diff --git a/crypto/heimdal/lib/kafs/dlfcn.h b/crypto/heimdal/lib/kafs/dlfcn.h new file mode 100644 index 0000000..5671e9c --- /dev/null +++ b/crypto/heimdal/lib/kafs/dlfcn.h @@ -0,0 +1,46 @@ +/* + * @(#)dlfcn.h 1.4 revision of 95/04/25 09:36:52 + * This is an unpublished work copyright (c) 1992 HELIOS Software GmbH + * 30159 Hannover, Germany + */ + +#ifndef __dlfcn_h__ +#define __dlfcn_h__ + +#ifdef __cplusplus +extern "C" { +#endif + +/* + * Mode flags for the dlopen routine. + */ +#define RTLD_LAZY 1 /* lazy function call binding */ +#define RTLD_NOW 2 /* immediate function call binding */ +#define RTLD_GLOBAL 0x100 /* allow symbols to be global */ + +/* + * To be able to intialize, a library may provide a dl_info structure + * that contains functions to be called to initialize and terminate. + */ +struct dl_info { + void (*init)(void); + void (*fini)(void); +}; + +#if __STDC__ || defined(_IBMR2) +void *dlopen(const char *path, int mode); +void *dlsym(void *handle, const char *symbol); +char *dlerror(void); +int dlclose(void *handle); +#else +void *dlopen(); +void *dlsym(); +char *dlerror(); +int dlclose(); +#endif + +#ifdef __cplusplus +} +#endif + +#endif /* __dlfcn_h__ */ diff --git a/crypto/heimdal/lib/kafs/kafs.3 b/crypto/heimdal/lib/kafs/kafs.3 new file mode 100644 index 0000000..4a7b5ef --- /dev/null +++ b/crypto/heimdal/lib/kafs/kafs.3 @@ -0,0 +1,158 @@ +.\" $Id: kafs.3,v 1.3 1998/06/30 15:41:52 assar Exp $ +.\" +.Dd May 7, 1997 +.Os KTH-KRB +.Dt KAFS 3 +.Sh NAME +.Nm k_hasafs , +.Nm k_pioctl , +.Nm k_unlog , +.Nm k_setpag , +.Nm k_afs_cell_of_file , +.Nm krb_afslog , +.Nm krb_afslog_uid +\" .Nm krb5_afslog , +\" .Nm krb5_afslog_uid +.Nd AFS library +.Sh SYNOPSIS +.Fd #include <kafs.h> +.Ft int +.Fn k_afs_cell_of_file "const char *path" "char *cell" "int len" +.Ft int +.Fn k_hasafs +.Ft int +.Fn k_pioctl "char *a_path" "int o_opcode" "struct ViceIoctl *a_paramsP" "int a_followSymlinks" +.Ft int +.Fn k_setpag +.Ft int +.Fn k_unlog +.Ft int +.Fn krb_afslog "char *cell" "char *realm" +.Ft int +.Fn krb_afslog_uid "char *cell" "char *realm" "uid_t uid" +\" .Ft krb5_error_code +\" .Fn krb5_afslog_uid "krb5_context context" "krb5_ccache id" "const char *cell" "krb5_const_realm realm" "uid_t uid" +\" .Ft krb5_error_code +\" .Fn krb5_afslog "krb5_context context" "krb5_ccache id" "const char *cell" "krb5_const_realm realm" +.Sh DESCRIPTION +.Fn k_hasafs +initializes some library internal structures, and tests for the +presense of AFS in the kernel, none of the other functions should be +called before +.Fn k_hasafs +is called, or if it fails. + +.Fn krb_afslog , +and +.Fn krb_afslog_uid +obtains new tokens (and possibly tickets) for the specified +.Fa cell +and +.Fa realm . +If +.Fa cell +is +.Dv NULL , +the local cell is used. If +.Fa realm +is +.Dv NULL , +the function tries to guess what realm to use. Unless you have some good knowledge of what cell or realm to use, you should pass +.Dv NULL . +.Fn krb_afslog +will use the real user-id for the +.Dv ViceId +field in the token, +.Fn krb_afslog_uid +will use +.Fa uid . + +\" .Fn krb5_afslog , +\" and +\" .Fn krb5_afslog_uid +\" are the Kerberos 5 equivalents of +\" .Fn krb_afslog , +\" and +\" .Fn krb_afslog_uid . +\" The extra arguments are the ubiquitous context, and the cache id where +\" to store any obtained tickets. Since AFS servers normally can't handle +\" Kerberos 5 tickets directly, these functions will first obtain version +\" 5 tickets for the requested cells, and then convert them to version 4 +\" tickets, that can be stashed in the kernel. To convert tickets the +\" .Fn krb524_convert_creds_kdc +\" function will be used. + +.Fn k_afs_cell_of_file +will in +.Fa cell +return the cell of a specified file, no more than +.Fa len +characters is put in +.Fa cell . + +.Fn k_pioctl +does a +.Fn pioctl +syscall with the specified arguments. This function is equivalent to +.Fn lpioctl . + +.Fn k_setpag +initializes a new PAG. + +.Fn k_unlog +removes destroys all tokens in the current PAG. + +.Sh ENVIRONMENT +The following environment variable affect the mode of operation of +.Nm kafs : +.Bl -tag +.It Ev AFS_SYSCALL +Normally, +.Nm kafs +will try to figure out the correct system call(s) that are used by AFS +by itself. If it does not manage to do that, or does it incorrectly, +you can set this variable to the system call number or list of system +call numbers that should be used. +.El +.Sh RETURN VALUES +.Fn k_hasafs +returns 1 if AFS is present in the kernel, 0 otherwise. +.Fn krb_afslog +and +.Fn krb_afslog_uid +returns 0 on success, or a kerberos error number on failure. +.Fn k_afs_cell_of_file , +.Fn k_pioctl , +.Fn k_setpag , +and +.Fn k_unlog +all return the value of the underlaying system call, 0 on success. +.Sh EXAMPLES +The following code from +.Nm login +will obtain a new PAG and tokens for the local cell and the cell of +the users home directory. +.Bd -literal +if (k_hasafs()) { + char cell[64]; + k_setpag(); + if(k_afs_cell_of_file(pwd->pw_dir, cell, sizeof(cell)) == 0) + krb_afslog(cell, NULL); + krb_afslog(NULL, NULL); +} +.Ed +.Sh ERRORS +If any of these functions (appart from +.Fn k_hasafs ) +is called without AFS beeing present in the kernel, the process will +usually (depending on the operating system) receive a SIGSYS signal. +.Sh SEE ALSO +.Rs +.%A Transarc Corporation +.%J AFS-3 Programmer's Reference +.%T File Server/Cache Manager Interface +.%D 1991 +.Re +.Sh BUGS +.Ev AFS_SYSCALL +has no effect under AIX. diff --git a/crypto/heimdal/lib/kafs/kafs.h b/crypto/heimdal/lib/kafs/kafs.h new file mode 100644 index 0000000..0fb969e --- /dev/null +++ b/crypto/heimdal/lib/kafs/kafs.h @@ -0,0 +1,191 @@ +/* + * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: kafs.h,v 1.32 1999/12/02 16:58:40 joda Exp $ */ + +#ifndef __KAFS_H +#define __KAFS_H + +/* XXX must include krb5.h or krb.h */ + +/* sys/ioctl.h must be included manually before kafs.h */ + +/* + */ +#define AFSCALL_PIOCTL 20 +#define AFSCALL_SETPAG 21 + +#ifndef _VICEIOCTL +#define _VICEIOCTL(id) ((unsigned int ) _IOW('V', id, struct ViceIoctl)) +#endif /* _VICEIOCTL */ + +#define VIOCSETAL _VICEIOCTL(1) +#define VIOCGETAL _VICEIOCTL(2) +#define VIOCSETTOK _VICEIOCTL(3) +#define VIOCGETVOLSTAT _VICEIOCTL(4) +#define VIOCSETVOLSTAT _VICEIOCTL(5) +#define VIOCFLUSH _VICEIOCTL(6) +#define VIOCGETTOK _VICEIOCTL(8) +#define VIOCUNLOG _VICEIOCTL(9) +#define VIOCCKSERV _VICEIOCTL(10) +#define VIOCCKBACK _VICEIOCTL(11) +#define VIOCCKCONN _VICEIOCTL(12) +#define VIOCWHEREIS _VICEIOCTL(14) +#define VIOCACCESS _VICEIOCTL(20) +#define VIOCUNPAG _VICEIOCTL(21) +#define VIOCGETFID _VICEIOCTL(22) +#define VIOCSETCACHESIZE _VICEIOCTL(24) +#define VIOCFLUSHCB _VICEIOCTL(25) +#define VIOCNEWCELL _VICEIOCTL(26) +#define VIOCGETCELL _VICEIOCTL(27) +#define VIOC_AFS_DELETE_MT_PT _VICEIOCTL(28) +#define VIOC_AFS_STAT_MT_PT _VICEIOCTL(29) +#define VIOC_FILE_CELL_NAME _VICEIOCTL(30) +#define VIOC_GET_WS_CELL _VICEIOCTL(31) +#define VIOC_AFS_MARINER_HOST _VICEIOCTL(32) +#define VIOC_GET_PRIMARY_CELL _VICEIOCTL(33) +#define VIOC_VENUSLOG _VICEIOCTL(34) +#define VIOC_GETCELLSTATUS _VICEIOCTL(35) +#define VIOC_SETCELLSTATUS _VICEIOCTL(36) +#define VIOC_FLUSHVOLUME _VICEIOCTL(37) +#define VIOC_AFS_SYSNAME _VICEIOCTL(38) +#define VIOC_EXPORTAFS _VICEIOCTL(39) +#define VIOCGETCACHEPARAMS _VICEIOCTL(40) +#define VIOC_GCPAGS _VICEIOCTL(48) + +struct ViceIoctl { + caddr_t in, out; + short in_size; + short out_size; +}; + +struct ClearToken { + int32_t AuthHandle; + char HandShakeKey[8]; + int32_t ViceId; + int32_t BeginTimestamp; + int32_t EndTimestamp; +}; + +#ifdef __STDC__ +#ifndef __P +#define __P(x) x +#endif +#else +#ifndef __P +#define __P(x) () +#endif +#endif + +/* Use k_hasafs() to probe if the machine supports AFS syscalls. + The other functions will generate a SIGSYS if AFS is not supported */ + +int k_hasafs __P((void)); + +int krb_afslog __P((const char *cell, const char *realm)); +int krb_afslog_uid __P((const char *cell, const char *realm, uid_t uid)); +int krb_afslog_home __P((const char *cell, const char *realm, + const char *homedir)); +int krb_afslog_uid_home __P((const char *cell, const char *realm, uid_t uid, + const char *homedir)); + +int krb_realm_of_cell __P((const char *cell, char **realm)); + +/* compat */ +#define k_afsklog krb_afslog +#define k_afsklog_uid krb_afslog_uid + +int k_pioctl __P((char *a_path, + int o_opcode, + struct ViceIoctl *a_paramsP, + int a_followSymlinks)); +int k_unlog __P((void)); +int k_setpag __P((void)); +int k_afs_cell_of_file __P((const char *path, char *cell, int len)); + + + +/* XXX */ +#ifdef KFAILURE +#define KRB_H_INCLUDED +#endif + +#ifdef KRB5_RECVAUTH_IGNORE_VERSION +#define KRB5_H_INCLUDED +#endif + +#ifdef KRB_H_INCLUDED +int kafs_settoken __P((const char*, uid_t, CREDENTIALS*)); +#endif + +#ifdef KRB5_H_INCLUDED +krb5_error_code krb5_afslog_uid __P((krb5_context context, + krb5_ccache id, + const char *cell, + krb5_const_realm realm, + uid_t uid)); +krb5_error_code krb5_afslog __P((krb5_context context, + krb5_ccache id, + const char *cell, + krb5_const_realm realm)); +krb5_error_code krb5_afslog_uid_home __P((krb5_context context, + krb5_ccache id, + const char *cell, + krb5_const_realm realm, + uid_t uid, + const char *homedir)); + +krb5_error_code krb5_afslog_home __P((krb5_context context, + krb5_ccache id, + const char *cell, + krb5_const_realm realm, + const char *homedir)); + +krb5_error_code krb5_realm_of_cell __P((const char *cell, char **realm)); + +#endif + + +#define _PATH_VICE "/usr/vice/etc/" +#define _PATH_THISCELL _PATH_VICE "ThisCell" +#define _PATH_CELLSERVDB _PATH_VICE "CellServDB" +#define _PATH_THESECELLS _PATH_VICE "TheseCells" + +#define _PATH_ARLA_VICE "/usr/arla/etc/" +#define _PATH_ARLA_THISCELL _PATH_ARLA_VICE "ThisCell" +#define _PATH_ARLA_CELLSERVDB _PATH_ARLA_VICE "CellServDB" +#define _PATH_ARLA_THESECELLS _PATH_ARLA_VICE "TheseCells" + +extern int _kafs_debug; + +#endif /* __KAFS_H */ diff --git a/crypto/heimdal/lib/kafs/kafs_locl.h b/crypto/heimdal/lib/kafs/kafs_locl.h new file mode 100644 index 0000000..ac1c2f6 --- /dev/null +++ b/crypto/heimdal/lib/kafs/kafs_locl.h @@ -0,0 +1,135 @@ +/* + * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: kafs_locl.h,v 1.15 1999/12/02 16:58:40 joda Exp $ */ + +#ifndef __KAFS_LOCL_H__ +#define __KAFS_LOCL_H__ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <signal.h> +#include <setjmp.h> +#include <errno.h> + +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif +#if defined(HAVE_SYS_IOCTL_H) && SunOS != 40 +#include <sys/ioctl.h> +#endif +#ifdef HAVE_SYS_FILIO_H +#include <sys/filio.h> +#endif + +#ifdef HAVE_SYS_SYSCALL_H +#include <sys/syscall.h> +#endif +#ifdef HAVE_SYS_SOCKET_H +#include <sys/socket.h> +#endif +#ifdef HAVE_NETINET_IN_H +#include <netinet/in.h> +#endif +#ifdef HAVE_NETINET_IN6_H +#include <netinet/in6.h> +#endif +#ifdef HAVE_NETINET6_IN6_H +#include <netinet6/in6.h> +#endif + +#ifdef HAVE_NETDB_H +#include <netdb.h> +#endif + +#ifdef HAVE_ARPA_NAMESER_H +#include <arpa/nameser.h> +#endif +#ifdef HAVE_RESOLV_H +#include <resolv.h> +#endif +#include <roken.h> + +#ifdef KRB5 +#include <krb5.h> +#endif +#ifdef KRB4 +#include <krb.h> +#endif +#include <kafs.h> + +#include <resolve.h> + +#include "afssysdefs.h" + +struct kafs_data; +typedef int (*afslog_uid_func_t)(struct kafs_data *, + const char *cell, + const char *realm_hint, + uid_t, + const char *homedir); + +typedef int (*get_cred_func_t)(struct kafs_data*, const char*, const char*, + const char*, CREDENTIALS*); + +typedef char* (*get_realm_func_t)(struct kafs_data*, const char*); + +typedef struct kafs_data { + afslog_uid_func_t afslog_uid; + get_cred_func_t get_cred; + get_realm_func_t get_realm; + void *data; +} kafs_data; + +int _kafs_afslog_all_local_cells(kafs_data*, uid_t, const char*); + +int _kafs_get_cred(kafs_data*, const char*, const char*, const char *, + CREDENTIALS*); + +int +_kafs_realm_of_cell(kafs_data *data, const char *cell, char **realm); + +#ifdef _AIX +int aix_pioctl(char*, int, struct ViceIoctl*, int); +int aix_setpag(void); +#endif + +#endif /* __KAFS_LOCL_H__ */ diff --git a/crypto/heimdal/lib/krb5/Makefile.am b/crypto/heimdal/lib/krb5/Makefile.am new file mode 100644 index 0000000..17551cb --- /dev/null +++ b/crypto/heimdal/lib/krb5/Makefile.am @@ -0,0 +1,148 @@ +# $Id: Makefile.am,v 1.95 2000/01/08 17:03:51 assar Exp $ + +include $(top_srcdir)/Makefile.am.common + +INCLUDES += $(INCLUDE_krb4) + +bin_PROGRAMS = verify_krb5_conf + +noinst_PROGRAMS = dump_config + +check_PROGRAMS = n-fold-test string-to-key-test +TESTS = n-fold-test string-to-key-test + +if KRB4 +KRB4LIB = $(LIB_krb4) +keytab_krb4_c = keytab_krb4.c +endif + +LDADD = libkrb5.la \ + $(KRB4LIB) \ + $(top_builddir)/lib/des/libdes.la \ + $(top_builddir)/lib/asn1/libasn1.la \ + $(LIB_roken) + +lib_LTLIBRARIES = libkrb5.la + +ERR_FILES = krb5_err.c heim_err.c + +libkrb5_la_SOURCES = \ + add_et_list.c \ + addr_families.c \ + address.c \ + aname_to_localname.c \ + asn1_glue.c \ + auth_context.c \ + build_ap_req.c \ + build_auth.c \ + cache.c \ + changepw.c \ + codec.c \ + config_file.c \ + config_file_netinfo.c \ + convert_creds.c \ + constants.c \ + context.c \ + copy_host_realm.c \ + crc.c \ + creds.c \ + crypto.c \ + data.c \ + expand_hostname.c \ + fcache.c \ + free.c \ + free_host_realm.c \ + generate_seq_number.c \ + generate_subkey.c \ + get_addrs.c \ + get_cred.c \ + get_default_principal.c \ + get_default_realm.c \ + get_for_creds.c \ + get_host_realm.c \ + get_in_tkt.c \ + get_in_tkt_pw.c \ + get_in_tkt_with_keytab.c \ + get_in_tkt_with_skey.c \ + get_port.c \ + init_creds.c \ + init_creds_pw.c \ + keyblock.c \ + keytab.c \ + keytab_file.c \ + keytab_memory.c \ + $(keytab_krb4_c) \ + keytab_keyfile.c \ + krbhst.c \ + kuserok.c \ + log.c \ + mcache.c \ + misc.c \ + mk_error.c \ + mk_priv.c \ + mk_rep.c \ + mk_req.c \ + mk_req_ext.c \ + mk_safe.c \ + net_read.c \ + net_write.c \ + n-fold.c \ + padata.c \ + principal.c \ + prog_setup.c \ + prompter_posix.c \ + rd_cred.c \ + rd_error.c \ + rd_priv.c \ + rd_rep.c \ + rd_req.c \ + rd_safe.c \ + read_message.c \ + recvauth.c \ + send_to_kdc.c \ + sendauth.c \ + set_default_realm.c \ + sock_principal.c \ + store.c \ + store_emem.c \ + store_fd.c \ + store_mem.c \ + ticket.c \ + time.c \ + transited.c \ + verify_init.c \ + verify_user.c \ + version.c \ + warn.c \ + write_message.c \ + $(ERR_FILES) + +EXTRA_libkrb5_la_SOURCES = keytab_krb4.c + +libkrb5_la_LDFLAGS = -version-info 7:1:0 + +$(libkrb5_la_OBJECTS): $(srcdir)/krb5-protos.h $(srcdir)/krb5-private.h + +$(srcdir)/krb5-protos.h: + cd $(srcdir); perl ../../cf/make-proto.pl -o krb5-protos.h $(libkrb5_la_SOURCES) || rm -f krb5-protos.h + +$(srcdir)/krb5-private.h: + cd $(srcdir); perl ../../cf/make-proto.pl -p krb5-private.h $(libkrb5_la_SOURCES) || rm -f krb5-private.h + +libkrb5_la_LIBADD = ../com_err/error.lo ../com_err/com_err.lo + +man_MANS = krb5.conf.5 krb5_warn.3 krb5_openlog.3 \ + krb5_425_conv_principal.3 krb5_build_principal.3 krb5_free_principal.3 \ + krb5_parse_name.3 krb5_sname_to_principal.3 krb5_unparse_name.3 + +include_HEADERS = krb5.h krb5-protos.h krb5-private.h krb5_err.h heim_err.h + +CLEANFILES = krb5_err.c krb5_err.h heim_err.c heim_err.h + +$(libkrb5_la_OBJECTS): krb5_err.h heim_err.h + +# to help stupid solaris make + +krb5_err.h: krb5_err.et + +heim_err.h: heim_err.et diff --git a/crypto/heimdal/lib/krb5/Makefile.in b/crypto/heimdal/lib/krb5/Makefile.in new file mode 100644 index 0000000..6f3652e --- /dev/null +++ b/crypto/heimdal/lib/krb5/Makefile.in @@ -0,0 +1,956 @@ +# Makefile.in generated automatically by automake 1.4 from Makefile.am + +# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +# $Id: Makefile.am,v 1.95 2000/01/08 17:03:51 assar Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ + + +SHELL = @SHELL@ + +srcdir = @srcdir@ +top_srcdir = @top_srcdir@ +VPATH = @srcdir@ +prefix = @prefix@ +exec_prefix = @exec_prefix@ + +bindir = @bindir@ +sbindir = @sbindir@ +libexecdir = @libexecdir@ +datadir = @datadir@ +sysconfdir = @sysconfdir@ +sharedstatedir = @sharedstatedir@ +localstatedir = @localstatedir@ +libdir = @libdir@ +infodir = @infodir@ +mandir = @mandir@ +includedir = @includedir@ +oldincludedir = /usr/include + +DESTDIR = + +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ + +top_builddir = ../.. + +ACLOCAL = @ACLOCAL@ +AUTOCONF = @AUTOCONF@ +AUTOMAKE = @AUTOMAKE@ +AUTOHEADER = @AUTOHEADER@ + +INSTALL = @INSTALL@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +transform = @program_transform_name@ + +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +host_alias = @host_alias@ +host_triplet = @host@ +AFS_EXTRA_LD = @AFS_EXTRA_LD@ +AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AWK = @AWK@ +CANONICAL_HOST = @CANONICAL_HOST@ +CATMAN = @CATMAN@ +CATMANEXT = @CATMANEXT@ +CC = @CC@ +DBLIB = @DBLIB@ +EXEEXT = @EXEEXT@ +EXTRA_LIB45 = @EXTRA_LIB45@ +GROFF = @GROFF@ +INCLUDE_ = @INCLUDE_@ +LD = @LD@ +LEX = @LEX@ +LIBOBJS = @LIBOBJS@ +LIBTOOL = @LIBTOOL@ +LIB_ = @LIB_@ +LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_kdb = @LIB_kdb@ +LIB_otp = @LIB_otp@ +LIB_roken = @LIB_roken@ +LIB_security = @LIB_security@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ +MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ +MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ +NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ +NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ +NM = @NM@ +NROFF = @NROFF@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +RANLIB = @RANLIB@ +VERSION = @VERSION@ +VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ +WFLAGS = @WFLAGS@ +WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ +WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ +YACC = @YACC@ + +AUTOMAKE_OPTIONS = foreign no-dependencies + +SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x + +INCLUDES = -I$(top_builddir)/include $(INCLUDE_krb4) + +AM_CFLAGS = $(WFLAGS) + +COMPILE_ET = $(top_builddir)/lib/com_err/compile_et + +buildinclude = $(top_builddir)/include + +LIB_XauReadAuth = @LIB_XauReadAuth@ +LIB_crypt = @LIB_crypt@ +LIB_dbm_firstkey = @LIB_dbm_firstkey@ +LIB_dbopen = @LIB_dbopen@ +LIB_dlopen = @LIB_dlopen@ +LIB_dn_expand = @LIB_dn_expand@ +LIB_el_init = @LIB_el_init@ +LIB_getattr = @LIB_getattr@ +LIB_gethostbyname = @LIB_gethostbyname@ +LIB_getpwent_r = @LIB_getpwent_r@ +LIB_getpwnam_r = @LIB_getpwnam_r@ +LIB_getsockopt = @LIB_getsockopt@ +LIB_logout = @LIB_logout@ +LIB_logwtmp = @LIB_logwtmp@ +LIB_odm_initialize = @LIB_odm_initialize@ +LIB_readline = @LIB_readline@ +LIB_res_search = @LIB_res_search@ +LIB_setpcred = @LIB_setpcred@ +LIB_setsockopt = @LIB_setsockopt@ +LIB_socket = @LIB_socket@ +LIB_syslog = @LIB_syslog@ +LIB_tgetent = @LIB_tgetent@ + +HESIODLIB = @HESIODLIB@ +HESIODINCLUDE = @HESIODINCLUDE@ +INCLUDE_hesiod = @INCLUDE_hesiod@ +LIB_hesiod = @LIB_hesiod@ + +INCLUDE_krb4 = @INCLUDE_krb4@ +LIB_krb4 = @LIB_krb4@ + +INCLUDE_readline = @INCLUDE_readline@ + +LEXLIB = @LEXLIB@ + +cat1dir = $(mandir)/cat1 +cat3dir = $(mandir)/cat3 +cat5dir = $(mandir)/cat5 +cat8dir = $(mandir)/cat8 + +MANRX = \(.*\)\.\([0-9]\) +CATSUFFIX = @CATSUFFIX@ + +NROFF_MAN = groff -mandoc -Tascii + +@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) + +@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la + +CHECK_LOCAL = $(PROGRAMS) + +bin_PROGRAMS = verify_krb5_conf + +noinst_PROGRAMS = dump_config + +check_PROGRAMS = n-fold-test string-to-key-test +TESTS = n-fold-test string-to-key-test + +@KRB4_TRUE@KRB4LIB = $(LIB_krb4) +@KRB4_TRUE@keytab_krb4_c = keytab_krb4.c + +LDADD = libkrb5.la $(KRB4LIB) $(top_builddir)/lib/des/libdes.la $(top_builddir)/lib/asn1/libasn1.la $(LIB_roken) + + +lib_LTLIBRARIES = libkrb5.la + +ERR_FILES = krb5_err.c heim_err.c + +libkrb5_la_SOURCES = add_et_list.c addr_families.c address.c aname_to_localname.c asn1_glue.c auth_context.c build_ap_req.c build_auth.c cache.c changepw.c codec.c config_file.c config_file_netinfo.c convert_creds.c constants.c context.c copy_host_realm.c crc.c creds.c crypto.c data.c expand_hostname.c fcache.c free.c free_host_realm.c generate_seq_number.c generate_subkey.c get_addrs.c get_cred.c get_default_principal.c get_default_realm.c get_for_creds.c get_host_realm.c get_in_tkt.c get_in_tkt_pw.c get_in_tkt_with_keytab.c get_in_tkt_with_skey.c get_port.c init_creds.c init_creds_pw.c keyblock.c keytab.c keytab_file.c keytab_memory.c $(keytab_krb4_c) keytab_keyfile.c krbhst.c kuserok.c log.c mcache.c misc.c mk_error.c mk_priv.c mk_rep.c mk_req.c mk_req_ext.c mk_safe.c net_read.c net_write.c n-fold.c padata.c principal.c prog_setup.c prompter_posix.c rd_cred.c rd_error.c rd_priv.c rd_rep.c rd_req.c rd_safe.c read_message.c recvauth.c send_to_kdc.c sendauth.c set_default_realm.c sock_principal.c store.c store_emem.c store_fd.c store_mem.c ticket.c time.c transited.c verify_init.c verify_user.c version.c warn.c write_message.c $(ERR_FILES) + + +EXTRA_libkrb5_la_SOURCES = keytab_krb4.c + +libkrb5_la_LDFLAGS = -version-info 7:1:0 + +libkrb5_la_LIBADD = ../com_err/error.lo ../com_err/com_err.lo + +man_MANS = krb5.conf.5 krb5_warn.3 krb5_openlog.3 krb5_425_conv_principal.3 krb5_build_principal.3 krb5_free_principal.3 krb5_parse_name.3 krb5_sname_to_principal.3 krb5_unparse_name.3 + + +include_HEADERS = krb5.h krb5-protos.h krb5-private.h krb5_err.h heim_err.h + +CLEANFILES = krb5_err.c krb5_err.h heim_err.c heim_err.h +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = ../../include/config.h +CONFIG_CLEAN_FILES = +LTLIBRARIES = $(lib_LTLIBRARIES) + + +DEFS = @DEFS@ -I. -I$(srcdir) -I../../include +CPPFLAGS = @CPPFLAGS@ +LDFLAGS = @LDFLAGS@ +LIBS = @LIBS@ +X_CFLAGS = @X_CFLAGS@ +X_LIBS = @X_LIBS@ +X_EXTRA_LIBS = @X_EXTRA_LIBS@ +X_PRE_LIBS = @X_PRE_LIBS@ +libkrb5_la_DEPENDENCIES = ../com_err/error.lo ../com_err/com_err.lo +@KRB4_TRUE@libkrb5_la_OBJECTS = add_et_list.lo addr_families.lo \ +@KRB4_TRUE@address.lo aname_to_localname.lo asn1_glue.lo \ +@KRB4_TRUE@auth_context.lo build_ap_req.lo build_auth.lo cache.lo \ +@KRB4_TRUE@changepw.lo codec.lo config_file.lo config_file_netinfo.lo \ +@KRB4_TRUE@convert_creds.lo constants.lo context.lo copy_host_realm.lo \ +@KRB4_TRUE@crc.lo creds.lo crypto.lo data.lo expand_hostname.lo \ +@KRB4_TRUE@fcache.lo free.lo free_host_realm.lo generate_seq_number.lo \ +@KRB4_TRUE@generate_subkey.lo get_addrs.lo get_cred.lo \ +@KRB4_TRUE@get_default_principal.lo get_default_realm.lo \ +@KRB4_TRUE@get_for_creds.lo get_host_realm.lo get_in_tkt.lo \ +@KRB4_TRUE@get_in_tkt_pw.lo get_in_tkt_with_keytab.lo \ +@KRB4_TRUE@get_in_tkt_with_skey.lo get_port.lo init_creds.lo \ +@KRB4_TRUE@init_creds_pw.lo keyblock.lo keytab.lo keytab_file.lo \ +@KRB4_TRUE@keytab_memory.lo keytab_krb4.lo keytab_keyfile.lo krbhst.lo \ +@KRB4_TRUE@kuserok.lo log.lo mcache.lo misc.lo mk_error.lo mk_priv.lo \ +@KRB4_TRUE@mk_rep.lo mk_req.lo mk_req_ext.lo mk_safe.lo net_read.lo \ +@KRB4_TRUE@net_write.lo n-fold.lo padata.lo principal.lo prog_setup.lo \ +@KRB4_TRUE@prompter_posix.lo rd_cred.lo rd_error.lo rd_priv.lo \ +@KRB4_TRUE@rd_rep.lo rd_req.lo rd_safe.lo read_message.lo recvauth.lo \ +@KRB4_TRUE@send_to_kdc.lo sendauth.lo set_default_realm.lo \ +@KRB4_TRUE@sock_principal.lo store.lo store_emem.lo store_fd.lo \ +@KRB4_TRUE@store_mem.lo ticket.lo time.lo transited.lo verify_init.lo \ +@KRB4_TRUE@verify_user.lo version.lo warn.lo write_message.lo \ +@KRB4_TRUE@krb5_err.lo heim_err.lo +@KRB4_FALSE@libkrb5_la_OBJECTS = add_et_list.lo addr_families.lo \ +@KRB4_FALSE@address.lo aname_to_localname.lo asn1_glue.lo \ +@KRB4_FALSE@auth_context.lo build_ap_req.lo build_auth.lo cache.lo \ +@KRB4_FALSE@changepw.lo codec.lo config_file.lo config_file_netinfo.lo \ +@KRB4_FALSE@convert_creds.lo constants.lo context.lo copy_host_realm.lo \ +@KRB4_FALSE@crc.lo creds.lo crypto.lo data.lo expand_hostname.lo \ +@KRB4_FALSE@fcache.lo free.lo free_host_realm.lo generate_seq_number.lo \ +@KRB4_FALSE@generate_subkey.lo get_addrs.lo get_cred.lo \ +@KRB4_FALSE@get_default_principal.lo get_default_realm.lo \ +@KRB4_FALSE@get_for_creds.lo get_host_realm.lo get_in_tkt.lo \ +@KRB4_FALSE@get_in_tkt_pw.lo get_in_tkt_with_keytab.lo \ +@KRB4_FALSE@get_in_tkt_with_skey.lo get_port.lo init_creds.lo \ +@KRB4_FALSE@init_creds_pw.lo keyblock.lo keytab.lo keytab_file.lo \ +@KRB4_FALSE@keytab_memory.lo keytab_keyfile.lo krbhst.lo kuserok.lo \ +@KRB4_FALSE@log.lo mcache.lo misc.lo mk_error.lo mk_priv.lo mk_rep.lo \ +@KRB4_FALSE@mk_req.lo mk_req_ext.lo mk_safe.lo net_read.lo net_write.lo \ +@KRB4_FALSE@n-fold.lo padata.lo principal.lo prog_setup.lo \ +@KRB4_FALSE@prompter_posix.lo rd_cred.lo rd_error.lo rd_priv.lo \ +@KRB4_FALSE@rd_rep.lo rd_req.lo rd_safe.lo read_message.lo recvauth.lo \ +@KRB4_FALSE@send_to_kdc.lo sendauth.lo set_default_realm.lo \ +@KRB4_FALSE@sock_principal.lo store.lo store_emem.lo store_fd.lo \ +@KRB4_FALSE@store_mem.lo ticket.lo time.lo transited.lo verify_init.lo \ +@KRB4_FALSE@verify_user.lo version.lo warn.lo write_message.lo \ +@KRB4_FALSE@krb5_err.lo heim_err.lo +bin_PROGRAMS = verify_krb5_conf$(EXEEXT) +check_PROGRAMS = n-fold-test$(EXEEXT) string-to-key-test$(EXEEXT) +noinst_PROGRAMS = dump_config$(EXEEXT) +PROGRAMS = $(bin_PROGRAMS) $(noinst_PROGRAMS) + +verify_krb5_conf_SOURCES = verify_krb5_conf.c +verify_krb5_conf_OBJECTS = verify_krb5_conf.$(OBJEXT) +verify_krb5_conf_LDADD = $(LDADD) +@KRB4_TRUE@verify_krb5_conf_DEPENDENCIES = libkrb5.la \ +@KRB4_TRUE@$(top_builddir)/lib/des/libdes.la \ +@KRB4_TRUE@$(top_builddir)/lib/asn1/libasn1.la +@KRB4_FALSE@verify_krb5_conf_DEPENDENCIES = libkrb5.la \ +@KRB4_FALSE@$(top_builddir)/lib/des/libdes.la \ +@KRB4_FALSE@$(top_builddir)/lib/asn1/libasn1.la +verify_krb5_conf_LDFLAGS = +n_fold_test_SOURCES = n-fold-test.c +n_fold_test_OBJECTS = n-fold-test.$(OBJEXT) +n_fold_test_LDADD = $(LDADD) +@KRB4_TRUE@n_fold_test_DEPENDENCIES = libkrb5.la \ +@KRB4_TRUE@$(top_builddir)/lib/des/libdes.la \ +@KRB4_TRUE@$(top_builddir)/lib/asn1/libasn1.la +@KRB4_FALSE@n_fold_test_DEPENDENCIES = libkrb5.la \ +@KRB4_FALSE@$(top_builddir)/lib/des/libdes.la \ +@KRB4_FALSE@$(top_builddir)/lib/asn1/libasn1.la +n_fold_test_LDFLAGS = +string_to_key_test_SOURCES = string-to-key-test.c +string_to_key_test_OBJECTS = string-to-key-test.$(OBJEXT) +string_to_key_test_LDADD = $(LDADD) +@KRB4_TRUE@string_to_key_test_DEPENDENCIES = libkrb5.la \ +@KRB4_TRUE@$(top_builddir)/lib/des/libdes.la \ +@KRB4_TRUE@$(top_builddir)/lib/asn1/libasn1.la +@KRB4_FALSE@string_to_key_test_DEPENDENCIES = libkrb5.la \ +@KRB4_FALSE@$(top_builddir)/lib/des/libdes.la \ +@KRB4_FALSE@$(top_builddir)/lib/asn1/libasn1.la +string_to_key_test_LDFLAGS = +dump_config_SOURCES = dump_config.c +dump_config_OBJECTS = dump_config.$(OBJEXT) +dump_config_LDADD = $(LDADD) +@KRB4_TRUE@dump_config_DEPENDENCIES = libkrb5.la \ +@KRB4_TRUE@$(top_builddir)/lib/des/libdes.la \ +@KRB4_TRUE@$(top_builddir)/lib/asn1/libasn1.la +@KRB4_FALSE@dump_config_DEPENDENCIES = libkrb5.la \ +@KRB4_FALSE@$(top_builddir)/lib/des/libdes.la \ +@KRB4_FALSE@$(top_builddir)/lib/asn1/libasn1.la +dump_config_LDFLAGS = +CFLAGS = @CFLAGS@ +COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +man3dir = $(mandir)/man3 +man5dir = $(mandir)/man5 +MANS = $(man_MANS) +HEADERS = $(include_HEADERS) + +DIST_COMMON = Makefile.am Makefile.in + + +DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) + +TAR = tar +GZIP_ENV = --best +SOURCES = $(libkrb5_la_SOURCES) $(EXTRA_libkrb5_la_SOURCES) verify_krb5_conf.c n-fold-test.c string-to-key-test.c dump_config.c +OBJECTS = $(libkrb5_la_OBJECTS) verify_krb5_conf.$(OBJEXT) n-fold-test.$(OBJEXT) string-to-key-test.$(OBJEXT) dump_config.$(OBJEXT) + +all: all-redirect +.SUFFIXES: +.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .s .x +$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common + cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/krb5/Makefile + +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + cd $(top_builddir) \ + && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status + + +mostlyclean-libLTLIBRARIES: + +clean-libLTLIBRARIES: + -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) + +distclean-libLTLIBRARIES: + +maintainer-clean-libLTLIBRARIES: + +install-libLTLIBRARIES: $(lib_LTLIBRARIES) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(libdir) + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + echo "$(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p"; \ + $(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p; \ + else :; fi; \ + done + +uninstall-libLTLIBRARIES: + @$(NORMAL_UNINSTALL) + list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \ + done + +.c.o: + $(COMPILE) -c $< + +# FIXME: We should only use cygpath when building on Windows, +# and only if it is available. +.c.obj: + $(COMPILE) -c `cygpath -w $<` + +.s.o: + $(COMPILE) -c $< + +.S.o: + $(COMPILE) -c $< + +mostlyclean-compile: + -rm -f *.o core *.core + -rm -f *.$(OBJEXT) + +clean-compile: + +distclean-compile: + -rm -f *.tab.c + +maintainer-clean-compile: + +.c.lo: + $(LIBTOOL) --mode=compile $(COMPILE) -c $< + +.s.lo: + $(LIBTOOL) --mode=compile $(COMPILE) -c $< + +.S.lo: + $(LIBTOOL) --mode=compile $(COMPILE) -c $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +distclean-libtool: + +maintainer-clean-libtool: + +libkrb5.la: $(libkrb5_la_OBJECTS) $(libkrb5_la_DEPENDENCIES) + $(LINK) -rpath $(libdir) $(libkrb5_la_LDFLAGS) $(libkrb5_la_OBJECTS) $(libkrb5_la_LIBADD) $(LIBS) + +mostlyclean-binPROGRAMS: + +clean-binPROGRAMS: + -test -z "$(bin_PROGRAMS)" || rm -f $(bin_PROGRAMS) + +distclean-binPROGRAMS: + +maintainer-clean-binPROGRAMS: + +install-binPROGRAMS: $(bin_PROGRAMS) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(bindir) + @list='$(bin_PROGRAMS)'; for p in $$list; do \ + if test -f $$p; then \ + echo " $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(bindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`"; \ + $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(bindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \ + else :; fi; \ + done + +uninstall-binPROGRAMS: + @$(NORMAL_UNINSTALL) + list='$(bin_PROGRAMS)'; for p in $$list; do \ + rm -f $(DESTDIR)$(bindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \ + done + +mostlyclean-checkPROGRAMS: + +clean-checkPROGRAMS: + -test -z "$(check_PROGRAMS)" || rm -f $(check_PROGRAMS) + +distclean-checkPROGRAMS: + +maintainer-clean-checkPROGRAMS: + +mostlyclean-noinstPROGRAMS: + +clean-noinstPROGRAMS: + -test -z "$(noinst_PROGRAMS)" || rm -f $(noinst_PROGRAMS) + +distclean-noinstPROGRAMS: + +maintainer-clean-noinstPROGRAMS: + +verify_krb5_conf$(EXEEXT): $(verify_krb5_conf_OBJECTS) $(verify_krb5_conf_DEPENDENCIES) + @rm -f verify_krb5_conf$(EXEEXT) + $(LINK) $(verify_krb5_conf_LDFLAGS) $(verify_krb5_conf_OBJECTS) $(verify_krb5_conf_LDADD) $(LIBS) + +n-fold-test$(EXEEXT): $(n_fold_test_OBJECTS) $(n_fold_test_DEPENDENCIES) + @rm -f n-fold-test$(EXEEXT) + $(LINK) $(n_fold_test_LDFLAGS) $(n_fold_test_OBJECTS) $(n_fold_test_LDADD) $(LIBS) + +string-to-key-test$(EXEEXT): $(string_to_key_test_OBJECTS) $(string_to_key_test_DEPENDENCIES) + @rm -f string-to-key-test$(EXEEXT) + $(LINK) $(string_to_key_test_LDFLAGS) $(string_to_key_test_OBJECTS) $(string_to_key_test_LDADD) $(LIBS) + +dump_config$(EXEEXT): $(dump_config_OBJECTS) $(dump_config_DEPENDENCIES) + @rm -f dump_config$(EXEEXT) + $(LINK) $(dump_config_LDFLAGS) $(dump_config_OBJECTS) $(dump_config_LDADD) $(LIBS) + +install-man3: + $(mkinstalldirs) $(DESTDIR)$(man3dir) + @list='$(man3_MANS)'; \ + l2='$(man_MANS)'; for i in $$l2; do \ + case "$$i" in \ + *.3*) list="$$list $$i" ;; \ + esac; \ + done; \ + for i in $$list; do \ + if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ + else file=$$i; fi; \ + ext=`echo $$i | sed -e 's/^.*\\.//'`; \ + inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ + inst=`echo $$inst | sed '$(transform)'`.$$ext; \ + echo " $(INSTALL_DATA) $$file $(DESTDIR)$(man3dir)/$$inst"; \ + $(INSTALL_DATA) $$file $(DESTDIR)$(man3dir)/$$inst; \ + done + +uninstall-man3: + @list='$(man3_MANS)'; \ + l2='$(man_MANS)'; for i in $$l2; do \ + case "$$i" in \ + *.3*) list="$$list $$i" ;; \ + esac; \ + done; \ + for i in $$list; do \ + ext=`echo $$i | sed -e 's/^.*\\.//'`; \ + inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ + inst=`echo $$inst | sed '$(transform)'`.$$ext; \ + echo " rm -f $(DESTDIR)$(man3dir)/$$inst"; \ + rm -f $(DESTDIR)$(man3dir)/$$inst; \ + done + +install-man5: + $(mkinstalldirs) $(DESTDIR)$(man5dir) + @list='$(man5_MANS)'; \ + l2='$(man_MANS)'; for i in $$l2; do \ + case "$$i" in \ + *.5*) list="$$list $$i" ;; \ + esac; \ + done; \ + for i in $$list; do \ + if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ + else file=$$i; fi; \ + ext=`echo $$i | sed -e 's/^.*\\.//'`; \ + inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ + inst=`echo $$inst | sed '$(transform)'`.$$ext; \ + echo " $(INSTALL_DATA) $$file $(DESTDIR)$(man5dir)/$$inst"; \ + $(INSTALL_DATA) $$file $(DESTDIR)$(man5dir)/$$inst; \ + done + +uninstall-man5: + @list='$(man5_MANS)'; \ + l2='$(man_MANS)'; for i in $$l2; do \ + case "$$i" in \ + *.5*) list="$$list $$i" ;; \ + esac; \ + done; \ + for i in $$list; do \ + ext=`echo $$i | sed -e 's/^.*\\.//'`; \ + inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ + inst=`echo $$inst | sed '$(transform)'`.$$ext; \ + echo " rm -f $(DESTDIR)$(man5dir)/$$inst"; \ + rm -f $(DESTDIR)$(man5dir)/$$inst; \ + done +install-man: $(MANS) + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-man3 install-man5 +uninstall-man: + @$(NORMAL_UNINSTALL) + $(MAKE) $(AM_MAKEFLAGS) uninstall-man3 uninstall-man5 + +install-includeHEADERS: $(include_HEADERS) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(includedir) + @list='$(include_HEADERS)'; for p in $$list; do \ + if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \ + echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p"; \ + $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p; \ + done + +uninstall-includeHEADERS: + @$(NORMAL_UNINSTALL) + list='$(include_HEADERS)'; for p in $$list; do \ + rm -f $(DESTDIR)$(includedir)/$$p; \ + done + +tags: TAGS + +ID: $(HEADERS) $(SOURCES) $(LISP) + list='$(SOURCES) $(HEADERS)'; \ + unique=`for i in $$list; do echo $$i; done | \ + awk ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + here=`pwd` && cd $(srcdir) \ + && mkid -f$$here/ID $$unique $(LISP) + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS)'; \ + unique=`for i in $$list; do echo $$i; done | \ + awk ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ + || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS) + +mostlyclean-tags: + +clean-tags: + +distclean-tags: + -rm -f TAGS ID + +maintainer-clean-tags: + +distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) + +subdir = lib/krb5 + +distdir: $(DISTFILES) + @for file in $(DISTFILES); do \ + d=$(srcdir); \ + if test -d $$d/$$file; then \ + cp -pr $$/$$file $(distdir)/$$file; \ + else \ + test -f $(distdir)/$$file \ + || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ + || cp -p $$d/$$file $(distdir)/$$file || :; \ + fi; \ + done + $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook +check-TESTS: $(TESTS) + @failed=0; all=0; \ + srcdir=$(srcdir); export srcdir; \ + for tst in $(TESTS); do \ + if test -f $$tst; then dir=.; \ + else dir="$(srcdir)"; fi; \ + if $(TESTS_ENVIRONMENT) $$dir/$$tst; then \ + all=`expr $$all + 1`; \ + echo "PASS: $$tst"; \ + elif test $$? -ne 77; then \ + all=`expr $$all + 1`; \ + failed=`expr $$failed + 1`; \ + echo "FAIL: $$tst"; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0 +info-am: +info: info-am +dvi-am: +dvi: dvi-am +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS) + $(MAKE) $(AM_MAKEFLAGS) check-TESTS check-local +check: check-am +installcheck-am: +installcheck: installcheck-am +install-exec-am: install-libLTLIBRARIES install-binPROGRAMS + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-exec-hook +install-exec: install-exec-am + +install-data-am: install-man install-includeHEADERS install-data-local +install-data: install-data-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am +install: install-am +uninstall-am: uninstall-libLTLIBRARIES uninstall-binPROGRAMS \ + uninstall-man uninstall-includeHEADERS +uninstall: uninstall-am +all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(MANS) $(HEADERS) all-local +all-redirect: all-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install +installdirs: + $(mkinstalldirs) $(DESTDIR)$(libdir) $(DESTDIR)$(bindir) \ + $(DESTDIR)$(mandir)/man3 $(DESTDIR)$(mandir)/man5 \ + $(DESTDIR)$(includedir) + + +mostlyclean-generic: + +clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) + +distclean-generic: + -rm -f Makefile $(CONFIG_CLEAN_FILES) + -rm -f config.cache config.log stamp-h stamp-h[0-9]* + +maintainer-clean-generic: +mostlyclean-am: mostlyclean-libLTLIBRARIES mostlyclean-compile \ + mostlyclean-libtool mostlyclean-binPROGRAMS \ + mostlyclean-checkPROGRAMS mostlyclean-noinstPROGRAMS \ + mostlyclean-tags mostlyclean-generic + +mostlyclean: mostlyclean-am + +clean-am: clean-libLTLIBRARIES clean-compile clean-libtool \ + clean-binPROGRAMS clean-checkPROGRAMS \ + clean-noinstPROGRAMS clean-tags clean-generic \ + mostlyclean-am + +clean: clean-am + +distclean-am: distclean-libLTLIBRARIES distclean-compile \ + distclean-libtool distclean-binPROGRAMS \ + distclean-checkPROGRAMS distclean-noinstPROGRAMS \ + distclean-tags distclean-generic clean-am + -rm -f libtool + +distclean: distclean-am + +maintainer-clean-am: maintainer-clean-libLTLIBRARIES \ + maintainer-clean-compile maintainer-clean-libtool \ + maintainer-clean-binPROGRAMS \ + maintainer-clean-checkPROGRAMS \ + maintainer-clean-noinstPROGRAMS maintainer-clean-tags \ + maintainer-clean-generic distclean-am + @echo "This command is intended for maintainers to use;" + @echo "it deletes files that may require special tools to rebuild." + +maintainer-clean: maintainer-clean-am + +.PHONY: mostlyclean-libLTLIBRARIES distclean-libLTLIBRARIES \ +clean-libLTLIBRARIES maintainer-clean-libLTLIBRARIES \ +uninstall-libLTLIBRARIES install-libLTLIBRARIES mostlyclean-compile \ +distclean-compile clean-compile maintainer-clean-compile \ +mostlyclean-libtool distclean-libtool clean-libtool \ +maintainer-clean-libtool mostlyclean-binPROGRAMS distclean-binPROGRAMS \ +clean-binPROGRAMS maintainer-clean-binPROGRAMS uninstall-binPROGRAMS \ +install-binPROGRAMS mostlyclean-checkPROGRAMS distclean-checkPROGRAMS \ +clean-checkPROGRAMS maintainer-clean-checkPROGRAMS \ +mostlyclean-noinstPROGRAMS distclean-noinstPROGRAMS \ +clean-noinstPROGRAMS maintainer-clean-noinstPROGRAMS install-man3 \ +uninstall-man3 install-man5 uninstall-man5 install-man uninstall-man \ +uninstall-includeHEADERS install-includeHEADERS tags mostlyclean-tags \ +distclean-tags clean-tags maintainer-clean-tags distdir check-TESTS \ +info-am info dvi-am dvi check-local check check-am installcheck-am \ +installcheck install-exec-am install-exec install-data-local \ +install-data-am install-data install-am install uninstall-am uninstall \ +all-local all-redirect all-am all installdirs mostlyclean-generic \ +distclean-generic clean-generic maintainer-clean-generic clean \ +mostlyclean distclean maintainer-clean + + +install-suid-programs: + @foo='$(bin_SUIDS)'; \ + for file in $$foo; do \ + x=$(DESTDIR)$(bindir)/$$file; \ + if chown 0:0 $$x && chmod u+s $$x; then :; else \ + chmod 0 $$x; fi; done + +install-exec-hook: install-suid-programs + +install-build-headers:: $(include_HEADERS) $(build_HEADERZ) + @foo='$(include_HEADERS) $(build_HEADERZ)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " cp $$file $(buildinclude)/$$f"; \ + cp $$file $(buildinclude)/$$f; \ + fi ; \ + done + +all-local: install-build-headers +#NROFF_MAN = nroff -man +.1.cat1: + $(NROFF_MAN) $< > $@ +.3.cat3: + $(NROFF_MAN) $< > $@ +.5.cat5: + $(NROFF_MAN) $< > $@ +.8.cat8: + $(NROFF_MAN) $< > $@ + +dist-cat1-mans: + @foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat3-mans: + @foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat5-mans: + @foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat8-mans: + @foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans + +install-cat1-mans: + @ext=1;\ + foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat3-mans: + @ext=3;\ + foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat5-mans: + @ext=5;\ + foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat8-mans: + @ext=8;\ + foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans + +install-data-local: install-cat-mans + +.et.h: + $(COMPILE_ET) $< +.et.c: + $(COMPILE_ET) $< + +.x.c: + @cmp -s $< $@ 2> /dev/null || cp $< $@ + +check-local:: + @foo='$(CHECK_LOCAL)'; \ + if test "$$foo"; then \ + failed=0; all=0; \ + for i in $$foo; do \ + all=`expr $$all + 1`; \ + if ./$$i --version > /dev/null 2>&1; then \ + echo "PASS: $$i"; \ + else \ + echo "FAIL: $$i"; \ + failed=`expr $$failed + 1`; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0; \ + fi + +$(libkrb5_la_OBJECTS): $(srcdir)/krb5-protos.h $(srcdir)/krb5-private.h + +$(srcdir)/krb5-protos.h: + cd $(srcdir); perl ../../cf/make-proto.pl -o krb5-protos.h $(libkrb5_la_SOURCES) || rm -f krb5-protos.h + +$(srcdir)/krb5-private.h: + cd $(srcdir); perl ../../cf/make-proto.pl -p krb5-private.h $(libkrb5_la_SOURCES) || rm -f krb5-private.h + +$(libkrb5_la_OBJECTS): krb5_err.h heim_err.h + +# to help stupid solaris make + +krb5_err.h: krb5_err.et + +heim_err.h: heim_err.et + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/crypto/heimdal/lib/krb5/add_et_list.c b/crypto/heimdal/lib/krb5/add_et_list.c new file mode 100644 index 0000000..cfc42f4 --- /dev/null +++ b/crypto/heimdal/lib/krb5/add_et_list.c @@ -0,0 +1,50 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: add_et_list.c,v 1.2 1999/12/02 17:05:07 joda Exp $"); + +/* + * Add a specified list of error messages to the et list in context. + * Call func (probably a comerr-generated function) with a pointer to + * the current et_list. + */ + +krb5_error_code +krb5_add_et_list (krb5_context context, + void (*func)(struct et_list **)) +{ + (*func)(&context->et_list); + return 0; +} diff --git a/crypto/heimdal/lib/krb5/addr_families.c b/crypto/heimdal/lib/krb5/addr_families.c new file mode 100644 index 0000000..e8214ba --- /dev/null +++ b/crypto/heimdal/lib/krb5/addr_families.c @@ -0,0 +1,544 @@ +/* + * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: addr_families.c,v 1.22 1999/12/04 17:53:33 assar Exp $"); + +struct addr_operations { + int af; + krb5_address_type atype; + size_t max_sockaddr_size; + krb5_error_code (*sockaddr2addr)(const struct sockaddr *, krb5_address *); + krb5_error_code (*sockaddr2port)(const struct sockaddr *, int16_t *); + void (*addr2sockaddr)(const krb5_address *, struct sockaddr *, + int *sa_size, int port); + void (*h_addr2sockaddr)(const char *, struct sockaddr *, int *, int); + krb5_error_code (*h_addr2addr)(const char *, krb5_address *); + krb5_boolean (*uninteresting)(const struct sockaddr *); + void (*anyaddr)(struct sockaddr *, int *, int); + int (*print_addr)(const krb5_address *, char *, size_t); + int (*parse_addr)(const char*, krb5_address *); +}; + +/* + * AF_INET - aka IPv4 implementation + */ + +static krb5_error_code +ipv4_sockaddr2addr (const struct sockaddr *sa, krb5_address *a) +{ + const struct sockaddr_in *sin = (const struct sockaddr_in *)sa; + unsigned char buf[4]; + + a->addr_type = KRB5_ADDRESS_INET; + memcpy (buf, &sin->sin_addr, 4); + return krb5_data_copy(&a->address, buf, 4); +} + +static krb5_error_code +ipv4_sockaddr2port (const struct sockaddr *sa, int16_t *port) +{ + const struct sockaddr_in *sin = (const struct sockaddr_in *)sa; + + *port = sin->sin_port; + return 0; +} + +static void +ipv4_addr2sockaddr (const krb5_address *a, + struct sockaddr *sa, + int *sa_size, + int port) +{ + struct sockaddr_in *sin = (struct sockaddr_in *)sa; + + memset (sin, 0, sizeof(*sin)); + sin->sin_family = AF_INET; + memcpy (&sin->sin_addr, a->address.data, 4); + sin->sin_port = port; + *sa_size = sizeof(*sin); +} + +static void +ipv4_h_addr2sockaddr(const char *addr, + struct sockaddr *sa, int *sa_size, int port) +{ + struct sockaddr_in *sin = (struct sockaddr_in *)sa; + + memset (sin, 0, sizeof(*sin)); + *sa_size = sizeof(*sin); + sin->sin_family = AF_INET; + sin->sin_port = port; + sin->sin_addr = *((const struct in_addr *)addr); +} + +static krb5_error_code +ipv4_h_addr2addr (const char *addr, + krb5_address *a) +{ + unsigned char buf[4]; + + a->addr_type = KRB5_ADDRESS_INET; + memcpy(buf, addr, 4); + return krb5_data_copy(&a->address, buf, 4); +} + +/* + * Are there any addresses that should be considered `uninteresting'? + */ + +static krb5_boolean +ipv4_uninteresting (const struct sockaddr *sa) +{ + const struct sockaddr_in *sin = (const struct sockaddr_in *)sa; + + if (sin->sin_addr.s_addr == INADDR_ANY) + return TRUE; + + return FALSE; +} + +static void +ipv4_anyaddr (struct sockaddr *sa, int *sa_size, int port) +{ + struct sockaddr_in *sin = (struct sockaddr_in *)sa; + + memset (sin, 0, sizeof(*sin)); + *sa_size = sizeof(*sin); + sin->sin_family = AF_INET; + sin->sin_port = port; + sin->sin_addr.s_addr = INADDR_ANY; +} + +static int +ipv4_print_addr (const krb5_address *addr, char *str, size_t len) +{ + struct in_addr ia; + + memcpy (&ia, addr->address.data, 4); + + return snprintf (str, len, "IPv4:%s", inet_ntoa(ia)); +} + +static int +ipv4_parse_addr (const char *address, krb5_address *addr) +{ + const char *p; + struct in_addr a; + + p = strchr(address, ':'); + if(p) { + p++; + if(strncasecmp(address, "ip:", p - address) != 0 && + strncasecmp(address, "ip4:", p - address) != 0 && + strncasecmp(address, "ipv4:", p - address) != 0 && + strncasecmp(address, "inet:", p - address) != 0) + return -1; + } else + p = address; +#ifdef HAVE_INET_ATON + if(inet_aton(p, &a) == 0) + return -1; +#elif defined(HAVE_INET_ADDR) + a.s_addr = inet_addr(p); + if(a.s_addr == INADDR_NONE) + return -1; +#else + return -1; +#endif + addr->addr_type = KRB5_ADDRESS_INET; + if(krb5_data_alloc(&addr->address, 4) != 0) + return -1; + _krb5_put_int(addr->address.data, ntohl(a.s_addr), addr->address.length); + return 0; +} + +/* + * AF_INET6 - aka IPv6 implementation + */ + +#ifdef HAVE_IPV6 + +static krb5_error_code +ipv6_sockaddr2addr (const struct sockaddr *sa, krb5_address *a) +{ + const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)sa; + + if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) { + unsigned char buf[4]; + + a->addr_type = KRB5_ADDRESS_INET; +#ifndef IN6_ADDR_V6_TO_V4 +#ifdef IN6_EXTRACT_V4ADDR +#define IN6_ADDR_V6_TO_V4(x) (&IN6_EXTRACT_V4ADDR(x)) +#else +#define IN6_ADDR_V6_TO_V4(x) ((const struct in_addr *)&(x)->s6_addr[12]) +#endif +#endif + memcpy (buf, IN6_ADDR_V6_TO_V4(&sin6->sin6_addr), 4); + return krb5_data_copy(&a->address, buf, 4); + } else { + a->addr_type = KRB5_ADDRESS_INET6; + return krb5_data_copy(&a->address, + &sin6->sin6_addr, + sizeof(sin6->sin6_addr)); + } +} + +static krb5_error_code +ipv6_sockaddr2port (const struct sockaddr *sa, int16_t *port) +{ + const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)sa; + + *port = sin6->sin6_port; + return 0; +} + +static void +ipv6_addr2sockaddr (const krb5_address *a, + struct sockaddr *sa, + int *sa_size, + int port) +{ + struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)sa; + + memset (sin6, 0, sizeof(*sin6)); + sin6->sin6_family = AF_INET6; + memcpy (&sin6->sin6_addr, a->address.data, sizeof(sin6->sin6_addr)); + sin6->sin6_port = port; + *sa_size = sizeof(*sin6); +} + +static void +ipv6_h_addr2sockaddr(const char *addr, + struct sockaddr *sa, + int *sa_size, + int port) +{ + struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)sa; + + memset (sin6, 0, sizeof(*sin6)); + *sa_size = sizeof(*sin6); + sin6->sin6_family = AF_INET6; + sin6->sin6_port = port; + sin6->sin6_addr = *((const struct in6_addr *)addr); +} + +static krb5_error_code +ipv6_h_addr2addr (const char *addr, + krb5_address *a) +{ + a->addr_type = KRB5_ADDRESS_INET6; + return krb5_data_copy(&a->address, addr, sizeof(struct in6_addr)); +} + +/* + * + */ + +static krb5_boolean +ipv6_uninteresting (const struct sockaddr *sa) +{ + const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)sa; + const struct in6_addr *in6 = (const struct in6_addr *)&sin6->sin6_addr; + + return + IN6_IS_ADDR_LINKLOCAL(in6) + || IN6_IS_ADDR_V4COMPAT(in6); +} + +static void +ipv6_anyaddr (struct sockaddr *sa, int *sa_size, int port) +{ + struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)sa; + + memset (sin6, 0, sizeof(*sin6)); + *sa_size = sizeof(*sin6); + sin6->sin6_family = AF_INET6; + sin6->sin6_port = port; + sin6->sin6_addr = in6addr_any; +} + +static int +ipv6_print_addr (const krb5_address *addr, char *str, size_t len) +{ + char buf[128], buf2[3]; +#ifdef HAVE_INET_NTOP + if(inet_ntop(AF_INET6, addr->address.data, buf, sizeof(buf)) == NULL) +#endif + { + /* XXX this is pretty ugly, but better than abort() */ + int i; + unsigned char *p = addr->address.data; + buf[0] = '\0'; + for(i = 0; i < addr->address.length; i++) { + snprintf(buf2, sizeof(buf2), "%02x", p[i]); + if(i > 0 && (i & 1) == 0) + strlcat(buf, ":", sizeof(buf)); + strlcat(buf, buf2, sizeof(buf)); + } + } + return snprintf(str, len, "IPv6:%s", buf); +} + +static int +ipv6_parse_addr (const char *address, krb5_address *addr) +{ + int ret; + struct in6_addr in6; + + ret = inet_pton(AF_INET6, address, &in6.s6_addr); + if(ret == 1) { + addr->addr_type = KRB5_ADDRESS_INET6; + ret = krb5_data_alloc(&addr->address, sizeof(in6.s6_addr)); + if (ret) + return -1; + memcpy(addr->address.data, in6.s6_addr, sizeof(in6.s6_addr)); + return 0; + } + return -1; +} + +#endif /* IPv6 */ + +/* + * table + */ + +static struct addr_operations at[] = { + {AF_INET, KRB5_ADDRESS_INET, sizeof(struct sockaddr_in), + ipv4_sockaddr2addr, + ipv4_sockaddr2port, + ipv4_addr2sockaddr, + ipv4_h_addr2sockaddr, + ipv4_h_addr2addr, + ipv4_uninteresting, ipv4_anyaddr, ipv4_print_addr, ipv4_parse_addr}, +#ifdef HAVE_IPV6 + {AF_INET6, KRB5_ADDRESS_INET6, sizeof(struct sockaddr_in6), + ipv6_sockaddr2addr, + ipv6_sockaddr2port, + ipv6_addr2sockaddr, + ipv6_h_addr2sockaddr, + ipv6_h_addr2addr, + ipv6_uninteresting, ipv6_anyaddr, ipv6_print_addr, ipv6_parse_addr} +#endif +}; + +static int num_addrs = sizeof(at) / sizeof(at[0]); + +static size_t max_sockaddr_size = 0; + +/* + * generic functions + */ + +static struct addr_operations * +find_af(int af) +{ + struct addr_operations *a; + + for (a = at; a < at + num_addrs; ++a) + if (af == a->af) + return a; + return NULL; +} + +static struct addr_operations * +find_atype(int atype) +{ + struct addr_operations *a; + + for (a = at; a < at + num_addrs; ++a) + if (atype == a->atype) + return a; + return NULL; +} + +krb5_error_code +krb5_sockaddr2address (const struct sockaddr *sa, krb5_address *addr) +{ + struct addr_operations *a = find_af(sa->sa_family); + if (a == NULL) + return KRB5_PROG_ATYPE_NOSUPP; + return (*a->sockaddr2addr)(sa, addr); +} + +krb5_error_code +krb5_sockaddr2port (const struct sockaddr *sa, int16_t *port) +{ + struct addr_operations *a = find_af(sa->sa_family); + if (a == NULL) + return KRB5_PROG_ATYPE_NOSUPP; + return (*a->sockaddr2port)(sa, port); +} + +krb5_error_code +krb5_addr2sockaddr (const krb5_address *addr, + struct sockaddr *sa, + int *sa_size, + int port) +{ + struct addr_operations *a = find_atype(addr->addr_type); + + if (a == NULL) + return KRB5_PROG_ATYPE_NOSUPP; + (*a->addr2sockaddr)(addr, sa, sa_size, port); + return 0; +} + +size_t +krb5_max_sockaddr_size (void) +{ + if (max_sockaddr_size == 0) { + struct addr_operations *a; + + for(a = at; a < at + num_addrs; ++a) + max_sockaddr_size = max(max_sockaddr_size, a->max_sockaddr_size); + } + return max_sockaddr_size; +} + +krb5_boolean +krb5_sockaddr_uninteresting(const struct sockaddr *sa) +{ + struct addr_operations *a = find_af(sa->sa_family); + if (a == NULL) + return TRUE; + return (*a->uninteresting)(sa); +} + +krb5_error_code +krb5_h_addr2sockaddr (int af, + const char *addr, struct sockaddr *sa, int *sa_size, + int port) +{ + struct addr_operations *a = find_af(af); + if (a == NULL) + return KRB5_PROG_ATYPE_NOSUPP; + (*a->h_addr2sockaddr)(addr, sa, sa_size, port); + return 0; +} + +krb5_error_code +krb5_h_addr2addr (int af, + const char *haddr, krb5_address *addr) +{ + struct addr_operations *a = find_af(af); + if (a == NULL) + return KRB5_PROG_ATYPE_NOSUPP; + return (*a->h_addr2addr)(haddr, addr); +} + +krb5_error_code +krb5_anyaddr (int af, + struct sockaddr *sa, + int *sa_size, + int port) +{ + struct addr_operations *a = find_af (af); + + if (a == NULL) + return KRB5_PROG_ATYPE_NOSUPP; + + (*a->anyaddr)(sa, sa_size, port); + return 0; +} + +krb5_error_code +krb5_print_address (const krb5_address *addr, + char *str, size_t len, size_t *ret_len) +{ + struct addr_operations *a = find_atype(addr->addr_type); + + if (a == NULL) { + char *s; + size_t l; + int i; + s = str; + l = snprintf(s, len, "TYPE_%d:", addr->addr_type); + s += l; + len -= len; + for(i = 0; i < addr->address.length; i++) { + l = snprintf(s, len, "%02x", ((char*)addr->address.data)[i]); + len -= l; + s += l; + } + *ret_len = s - str; + return 0; + } + *ret_len = (*a->print_addr)(addr, str, len); + return 0; +} + +krb5_error_code +krb5_parse_address(krb5_context context, + const char *string, + krb5_addresses *addresses) +{ + int i, n; + struct addrinfo *ai, *a; + int error; + + for(i = 0; i < num_addrs; i++) { + if(at[i].parse_addr) { + krb5_address a; + if((*at[i].parse_addr)(string, &a) == 0) { + ALLOC_SEQ(addresses, 1); + addresses->val[0] = a; + return 0; + } + } + } + + error = getaddrinfo (string, NULL, NULL, &ai); + if (error) + return -1; + + n = 0; + for (a = ai; a != NULL; a = a->ai_next) + ++n; + + ALLOC_SEQ(addresses, n); + + for (a = ai, i = 0; a != NULL; a = a->ai_next, ++i) { + struct addr_operations *aop = find_af (ai->ai_family); + + addresses->val[i].addr_type = aop->atype; + krb5_data_copy (&addresses->val[i].address, + ai->ai_addr, + ai->ai_addrlen); + } + freeaddrinfo (ai); + return 0; +} diff --git a/crypto/heimdal/lib/krb5/address.c b/crypto/heimdal/lib/krb5/address.c new file mode 100644 index 0000000..8b0704f --- /dev/null +++ b/crypto/heimdal/lib/krb5/address.c @@ -0,0 +1,197 @@ +/* + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: address.c,v 1.14 1999/12/02 17:05:07 joda Exp $"); + +#if 0 +/* This is the supposedly MIT-api version */ + +krb5_boolean +krb5_address_search(krb5_context context, + const krb5_address *addr, + krb5_address *const *addrlist) +{ + krb5_address *a; + + while((a = *addrlist++)) + if (krb5_address_compare (context, addr, a)) + return TRUE; + return FALSE; +} +#endif + +krb5_boolean +krb5_address_search(krb5_context context, + const krb5_address *addr, + const krb5_addresses *addrlist) +{ + int i; + + for (i = 0; i < addrlist->len; ++i) + if (krb5_address_compare (context, addr, &addrlist->val[i])) + return TRUE; + return FALSE; +} + +int +krb5_address_order(krb5_context context, + const krb5_address *addr1, + const krb5_address *addr2) +{ + return (addr1->addr_type - addr2->addr_type) + || memcmp (addr1->address.data, + addr2->address.data, + addr1->address.length); +} + +krb5_boolean +krb5_address_compare(krb5_context context, + const krb5_address *addr1, + const krb5_address *addr2) +{ + return krb5_address_order (context, addr1, addr2) == 0; +} + +krb5_error_code +krb5_copy_address(krb5_context context, + const krb5_address *inaddr, + krb5_address *outaddr) +{ + copy_HostAddress(inaddr, outaddr); + return 0; +} + +krb5_error_code +krb5_copy_addresses(krb5_context context, + const krb5_addresses *inaddr, + krb5_addresses *outaddr) +{ + copy_HostAddresses(inaddr, outaddr); + return 0; +} + +krb5_error_code +krb5_free_address(krb5_context context, + krb5_address *address) +{ + krb5_data_free (&address->address); + return 0; +} + +krb5_error_code +krb5_free_addresses(krb5_context context, + krb5_addresses *addresses) +{ + free_HostAddresses(addresses); + return 0; +} + +krb5_error_code +krb5_append_addresses(krb5_context context, + krb5_addresses *dest, + const krb5_addresses *source) +{ + krb5_address *tmp; + krb5_error_code ret; + int i; + if(source->len > 0) { + tmp = realloc(dest->val, (dest->len + source->len) * sizeof(*tmp)); + if(tmp == NULL) + return ENOMEM; + dest->val = tmp; + for(i = 0; i < source->len; i++) { + /* skip duplicates */ + if(krb5_address_search(context, &source->val[i], dest)) + continue; + ret = krb5_copy_address(context, + &source->val[i], + &dest->val[dest->len]); + if(ret) + return ret; + dest->len++; + } + } + return 0; +} + +/* + * Create an address of type KRB5_ADDRESS_ADDRPORT from (addr, port) + */ + +krb5_error_code +krb5_make_addrport (krb5_address **res, const krb5_address *addr, int16_t port) +{ + krb5_error_code ret; + size_t len = addr->address.length + 2 + 4 * 4; + u_char *p; + + *res = malloc (sizeof(**res)); + if (*res == NULL) + return ENOMEM; + (*res)->addr_type = KRB5_ADDRESS_ADDRPORT; + ret = krb5_data_alloc (&(*res)->address, len); + if (ret) { + free (*res); + return ret; + } + p = (*res)->address.data; + *p++ = 0; + *p++ = 0; + *p++ = (addr->addr_type ) & 0xFF; + *p++ = (addr->addr_type >> 8) & 0xFF; + + *p++ = (addr->address.length ) & 0xFF; + *p++ = (addr->address.length >> 8) & 0xFF; + *p++ = (addr->address.length >> 16) & 0xFF; + *p++ = (addr->address.length >> 24) & 0xFF; + + memcpy (p, addr->address.data, addr->address.length); + p += addr->address.length; + + *p++ = 0; + *p++ = 0; + *p++ = (KRB5_ADDRESS_IPPORT ) & 0xFF; + *p++ = (KRB5_ADDRESS_IPPORT >> 8) & 0xFF; + + *p++ = (2 ) & 0xFF; + *p++ = (2 >> 8) & 0xFF; + *p++ = (2 >> 16) & 0xFF; + *p++ = (2 >> 24) & 0xFF; + + memcpy (p, &port, 2); + p += 2; + + return 0; +} diff --git a/crypto/heimdal/lib/krb5/aname_to_localname.c b/crypto/heimdal/lib/krb5/aname_to_localname.c new file mode 100644 index 0000000..c125580 --- /dev/null +++ b/crypto/heimdal/lib/krb5/aname_to_localname.c @@ -0,0 +1,76 @@ +/* + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <krb5_locl.h> + +RCSID("$Id: aname_to_localname.c,v 1.3 1999/12/02 17:05:07 joda Exp $"); + +krb5_error_code +krb5_aname_to_localname (krb5_context context, + krb5_const_principal aname, + size_t lnsize, + char *lname) +{ + krb5_error_code ret; + krb5_realm *lrealms, *r; + int foo = 1; + size_t len; + char *res; + + ret = krb5_get_default_realms (context, &lrealms); + if (ret) + return ret; + + for (r = lrealms; *r != NULL; ++r) { + foo = strcmp (*r, aname->realm); + if (foo == 0) + break; + } + krb5_free_host_realm (context, lrealms); + if (foo != 0) + return KRB5_NO_LOCALNAME; + + if (aname->name.name_string.len == 1) + res = aname->name.name_string.val[0]; + else if (aname->name.name_string.len == 2 + && strcmp (aname->name.name_string.val[1], "root") == 0) + res = "root"; + else + return KRB5_NO_LOCALNAME; + + len = strlen (res); + if (len >= lnsize) + return ERANGE; + strcpy (lname, res); + return 0; +} diff --git a/crypto/heimdal/lib/krb5/asn1_glue.c b/crypto/heimdal/lib/krb5/asn1_glue.c new file mode 100644 index 0000000..ac83ff7 --- /dev/null +++ b/crypto/heimdal/lib/krb5/asn1_glue.c @@ -0,0 +1,59 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* + * + */ + +#include "krb5_locl.h" + +RCSID("$Id: asn1_glue.c,v 1.7 1999/12/02 17:05:07 joda Exp $"); + +krb5_error_code +krb5_principal2principalname (PrincipalName *p, + const krb5_principal from) +{ + return copy_PrincipalName(&from->name, p); +} + +krb5_error_code +principalname2krb5_principal (krb5_principal *principal, + const PrincipalName from, + const Realm realm) +{ + krb5_principal p = malloc(sizeof(*p)); + copy_PrincipalName(&from, &p->name); + p->realm = strdup(realm); + *principal = p; + return 0; +} diff --git a/crypto/heimdal/lib/krb5/auth_context.c b/crypto/heimdal/lib/krb5/auth_context.c new file mode 100644 index 0000000..94b1376 --- /dev/null +++ b/crypto/heimdal/lib/krb5/auth_context.c @@ -0,0 +1,426 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: auth_context.c,v 1.50 1999/12/02 17:05:07 joda Exp $"); + +krb5_error_code +krb5_auth_con_init(krb5_context context, + krb5_auth_context *auth_context) +{ + krb5_auth_context p; + + ALLOC(p, 1); + if(!p) + return ENOMEM; + memset(p, 0, sizeof(*p)); + ALLOC(p->authenticator, 1); + if (!p->authenticator) { + free(p); + return ENOMEM; + } + memset (p->authenticator, 0, sizeof(*p->authenticator)); + p->flags = KRB5_AUTH_CONTEXT_DO_TIME; + + p->local_address = NULL; + p->remote_address = NULL; + p->local_port = 0; + p->remote_port = 0; + p->keytype = KEYTYPE_NULL; + p->cksumtype = CKSUMTYPE_NONE; + *auth_context = p; + return 0; +} + +krb5_error_code +krb5_auth_con_free(krb5_context context, + krb5_auth_context auth_context) +{ + krb5_free_authenticator(context, &auth_context->authenticator); + if(auth_context->local_address){ + free_HostAddress(auth_context->local_address); + free(auth_context->local_address); + } + if(auth_context->remote_address){ + free_HostAddress(auth_context->remote_address); + free(auth_context->remote_address); + } + if(auth_context->keyblock) + krb5_free_keyblock(context, auth_context->keyblock); + krb5_free_keyblock(context, auth_context->remote_subkey); + krb5_free_keyblock(context, auth_context->local_subkey); + free (auth_context); + return 0; +} + +krb5_error_code +krb5_auth_con_setflags(krb5_context context, + krb5_auth_context auth_context, + int32_t flags) +{ + auth_context->flags = flags; + return 0; +} + + +krb5_error_code +krb5_auth_con_getflags(krb5_context context, + krb5_auth_context auth_context, + int32_t *flags) +{ + *flags = auth_context->flags; + return 0; +} + + +krb5_error_code +krb5_auth_con_setaddrs(krb5_context context, + krb5_auth_context auth_context, + krb5_address *local_addr, + krb5_address *remote_addr) +{ + if (local_addr) { + if (auth_context->local_address) + krb5_free_address (context, auth_context->local_address); + else + auth_context->local_address = malloc(sizeof(krb5_address)); + krb5_copy_address(context, local_addr, auth_context->local_address); + } + if (remote_addr) { + if (auth_context->remote_address) + krb5_free_address (context, auth_context->remote_address); + else + auth_context->remote_address = malloc(sizeof(krb5_address)); + krb5_copy_address(context, remote_addr, auth_context->remote_address); + } + return 0; +} + +krb5_error_code +krb5_auth_con_setaddrs_from_fd (krb5_context context, + krb5_auth_context auth_context, + void *p_fd) +{ + int fd = *((int *)p_fd); + krb5_error_code ret; + krb5_address local_k_address, remote_k_address; + krb5_address *lptr = NULL, *rptr = NULL; + struct sockaddr_storage ss_local, ss_remote; + struct sockaddr *local = (struct sockaddr *)&ss_local; + struct sockaddr *remote = (struct sockaddr *)&ss_remote; + int len; + + if (auth_context->local_address == NULL) { + len = sizeof(ss_local); + if(getsockname(fd, local, &len) < 0) { + ret = errno; + goto out; + } + krb5_sockaddr2address (local, &local_k_address); + krb5_sockaddr2port (local, &auth_context->local_port); + lptr = &local_k_address; + } + if (auth_context->remote_address == NULL) { + len = sizeof(ss_remote); + if(getpeername(fd, remote, &len) < 0) { + ret = errno; + goto out; + } + krb5_sockaddr2address (remote, &remote_k_address); + krb5_sockaddr2port (remote, &auth_context->remote_port); + rptr = &remote_k_address; + } + ret = krb5_auth_con_setaddrs (context, + auth_context, + lptr, + rptr); +out: + if (lptr) + krb5_free_address (context, lptr); + if (rptr) + krb5_free_address (context, rptr); + return ret; +} + +krb5_error_code +krb5_auth_con_getaddrs(krb5_context context, + krb5_auth_context auth_context, + krb5_address **local_addr, + krb5_address **remote_addr) +{ + if(*local_addr) + krb5_free_address (context, *local_addr); + *local_addr = malloc (sizeof(**local_addr)); + if (*local_addr == NULL) + return ENOMEM; + krb5_copy_address(context, + auth_context->local_address, + *local_addr); + + if(*remote_addr) + krb5_free_address (context, *remote_addr); + *remote_addr = malloc (sizeof(**remote_addr)); + if (*remote_addr == NULL) + return ENOMEM; + krb5_copy_address(context, + auth_context->remote_address, + *remote_addr); + return 0; +} + +static krb5_error_code +copy_key(krb5_context context, + krb5_keyblock *in, + krb5_keyblock **out) +{ + if(in) + return krb5_copy_keyblock(context, in, out); + *out = NULL; /* is this right? */ + return 0; +} + +krb5_error_code +krb5_auth_con_getkey(krb5_context context, + krb5_auth_context auth_context, + krb5_keyblock **keyblock) +{ + return copy_key(context, auth_context->keyblock, keyblock); +} + +krb5_error_code +krb5_auth_con_getlocalsubkey(krb5_context context, + krb5_auth_context auth_context, + krb5_keyblock **keyblock) +{ + return copy_key(context, auth_context->local_subkey, keyblock); +} + +krb5_error_code +krb5_auth_con_getremotesubkey(krb5_context context, + krb5_auth_context auth_context, + krb5_keyblock **keyblock) +{ + return copy_key(context, auth_context->remote_subkey, keyblock); +} + +krb5_error_code +krb5_auth_con_setkey(krb5_context context, + krb5_auth_context auth_context, + krb5_keyblock *keyblock) +{ + if(auth_context->keyblock) + krb5_free_keyblock(context, auth_context->keyblock); + return copy_key(context, keyblock, &auth_context->keyblock); +} + +krb5_error_code +krb5_auth_con_setlocalsubkey(krb5_context context, + krb5_auth_context auth_context, + krb5_keyblock *keyblock) +{ + if(auth_context->local_subkey) + krb5_free_keyblock(context, auth_context->local_subkey); + return copy_key(context, keyblock, &auth_context->local_subkey); +} + +krb5_error_code +krb5_auth_con_setremotesubkey(krb5_context context, + krb5_auth_context auth_context, + krb5_keyblock *keyblock) +{ + if(auth_context->remote_subkey) + krb5_free_keyblock(context, auth_context->remote_subkey); + return copy_key(context, keyblock, &auth_context->remote_subkey); +} + +krb5_error_code +krb5_auth_setcksumtype(krb5_context context, + krb5_auth_context auth_context, + krb5_cksumtype cksumtype) +{ + auth_context->cksumtype = cksumtype; + return 0; +} + +krb5_error_code +krb5_auth_getcksumtype(krb5_context context, + krb5_auth_context auth_context, + krb5_cksumtype *cksumtype) +{ + *cksumtype = auth_context->cksumtype; + return 0; +} + +krb5_error_code +krb5_auth_setkeytype (krb5_context context, + krb5_auth_context auth_context, + krb5_keytype keytype) +{ + auth_context->keytype = keytype; + return 0; +} + +krb5_error_code +krb5_auth_getkeytype (krb5_context context, + krb5_auth_context auth_context, + krb5_keytype *keytype) +{ + *keytype = auth_context->keytype; + return 0; +} + +#if 0 +krb5_error_code +krb5_auth_setenctype(krb5_context context, + krb5_auth_context auth_context, + krb5_enctype etype) +{ + if(auth_context->keyblock) + krb5_free_keyblock(context, auth_context->keyblock); + ALLOC(auth_context->keyblock, 1); + if(auth_context->keyblock == NULL) + return ENOMEM; + auth_context->keyblock->keytype = etype; + return 0; +} + +krb5_error_code +krb5_auth_getenctype(krb5_context context, + krb5_auth_context auth_context, + krb5_enctype *etype) +{ + krb5_abortx(context, "unimplemented krb5_auth_getenctype called"); +} +#endif + +krb5_error_code +krb5_auth_getlocalseqnumber(krb5_context context, + krb5_auth_context auth_context, + int32_t *seqnumber) +{ + *seqnumber = auth_context->local_seqnumber; + return 0; +} + +krb5_error_code +krb5_auth_setlocalseqnumber (krb5_context context, + krb5_auth_context auth_context, + int32_t seqnumber) +{ + auth_context->local_seqnumber = seqnumber; + return 0; +} + +krb5_error_code +krb5_auth_getremoteseqnumber(krb5_context context, + krb5_auth_context auth_context, + int32_t *seqnumber) +{ + *seqnumber = auth_context->remote_seqnumber; + return 0; +} + +krb5_error_code +krb5_auth_setremoteseqnumber (krb5_context context, + krb5_auth_context auth_context, + int32_t seqnumber) +{ + auth_context->remote_seqnumber = seqnumber; + return 0; +} + + +krb5_error_code +krb5_auth_getauthenticator(krb5_context context, + krb5_auth_context auth_context, + krb5_authenticator *authenticator) +{ + *authenticator = malloc(sizeof(**authenticator)); + if (*authenticator == NULL) + return ENOMEM; + + copy_Authenticator(auth_context->authenticator, + *authenticator); + return 0; +} + + +void +krb5_free_authenticator(krb5_context context, + krb5_authenticator *authenticator) +{ + free_Authenticator (*authenticator); + free (*authenticator); + *authenticator = NULL; +} + + +krb5_error_code +krb5_auth_con_setuserkey(krb5_context context, + krb5_auth_context auth_context, + krb5_keyblock *keyblock) +{ + if(auth_context->keyblock) + krb5_free_keyblock(context, auth_context->keyblock); + return krb5_copy_keyblock(context, keyblock, &auth_context->keyblock); +} + +#if 0 /* not implemented */ + +krb5_error_code +krb5_auth_con_initivector(krb5_context context, + krb5_auth_context auth_context) +{ + krb5_abortx(context, "unimplemented krb5_auth_con_initivector called"); +} + + +krb5_error_code +krb5_auth_con_setivector(krb5_context context, + krb5_auth_context auth_context, + krb5_pointer ivector) +{ + krb5_abortx(context, "unimplemented krb5_auth_con_setivector called"); +} + + +krb5_error_code +krb5_auth_con_setrcache(krb5_context context, + krb5_auth_context auth_context, + krb5_rcache rcache) +{ + krb5_abortx(context, "unimplemented krb5_auth_con_setrcache called"); +} + +#endif /* not implemented */ diff --git a/crypto/heimdal/lib/krb5/build_ap_req.c b/crypto/heimdal/lib/krb5/build_ap_req.c new file mode 100644 index 0000000..c8a89ca --- /dev/null +++ b/crypto/heimdal/lib/krb5/build_ap_req.c @@ -0,0 +1,79 @@ +/* + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <krb5_locl.h> + +RCSID("$Id: build_ap_req.c,v 1.16 1999/12/02 17:05:07 joda Exp $"); + +krb5_error_code +krb5_build_ap_req (krb5_context context, + krb5_enctype enctype, + krb5_creds *cred, + krb5_flags ap_options, + krb5_data authenticator, + krb5_data *retdata) +{ + krb5_error_code ret = 0; + AP_REQ ap; + Ticket t; + size_t len; + + ap.pvno = 5; + ap.msg_type = krb_ap_req; + memset(&ap.ap_options, 0, sizeof(ap.ap_options)); + ap.ap_options.use_session_key = (ap_options & AP_OPTS_USE_SESSION_KEY) > 0; + ap.ap_options.mutual_required = (ap_options & AP_OPTS_MUTUAL_REQUIRED) > 0; + + ap.ticket.tkt_vno = 5; + copy_Realm(&cred->server->realm, &ap.ticket.realm); + copy_PrincipalName(&cred->server->name, &ap.ticket.sname); + + decode_Ticket(cred->ticket.data, cred->ticket.length, &t, &len); + copy_EncryptedData(&t.enc_part, &ap.ticket.enc_part); + free_Ticket(&t); + + ap.authenticator.etype = enctype; + ap.authenticator.kvno = NULL; + ap.authenticator.cipher = authenticator; + + retdata->length = length_AP_REQ(&ap); + retdata->data = malloc(retdata->length); + if(retdata->data == NULL) + ret = ENOMEM; + else + encode_AP_REQ((unsigned char *)retdata->data + retdata->length - 1, + retdata->length, &ap, &len); + free_AP_REQ(&ap); + + return ret; +} diff --git a/crypto/heimdal/lib/krb5/build_auth.c b/crypto/heimdal/lib/krb5/build_auth.c new file mode 100644 index 0000000..a38393b --- /dev/null +++ b/crypto/heimdal/lib/krb5/build_auth.c @@ -0,0 +1,156 @@ +/* + * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <krb5_locl.h> + +RCSID("$Id: build_auth.c,v 1.32 1999/12/02 17:05:08 joda Exp $"); + +krb5_error_code +krb5_build_authenticator (krb5_context context, + krb5_auth_context auth_context, + krb5_enctype enctype, + krb5_creds *cred, + Checksum *cksum, + Authenticator **auth_result, + krb5_data *result) +{ + Authenticator *auth; + u_char *buf = NULL; + size_t buf_size; + size_t len; + krb5_error_code ret; + krb5_crypto crypto; + + auth = malloc(sizeof(*auth)); + if (auth == NULL) + return ENOMEM; + + memset (auth, 0, sizeof(*auth)); + auth->authenticator_vno = 5; + copy_Realm(&cred->client->realm, &auth->crealm); + copy_PrincipalName(&cred->client->name, &auth->cname); + + { + int32_t sec, usec; + + krb5_us_timeofday (context, &sec, &usec); + auth->ctime = sec; + auth->cusec = usec; + } + ret = krb5_auth_con_getlocalsubkey(context, auth_context, &auth->subkey); + if(ret) + goto fail; + + if(auth->subkey == NULL) { + krb5_generate_subkey (context, &cred->session, &auth->subkey); + ret = krb5_auth_con_setlocalsubkey(context, auth_context, auth->subkey); + if(ret) + goto fail; + } + + if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) { + krb5_generate_seq_number (context, + &cred->session, + &auth_context->local_seqnumber); + ALLOC(auth->seq_number, 1); + *auth->seq_number = auth_context->local_seqnumber; + } else + auth->seq_number = NULL; + auth->authorization_data = NULL; + auth->cksum = cksum; + + /* XXX - Copy more to auth_context? */ + + if (auth_context) { + auth_context->authenticator->ctime = auth->ctime; + auth_context->authenticator->cusec = auth->cusec; + } + + buf_size = 1024; + buf = malloc (buf_size); + if (buf == NULL) { + ret = ENOMEM; + goto fail; + } + + do { + ret = krb5_encode_Authenticator (context, + buf + buf_size - 1, + buf_size, + auth, &len); + if (ret) { + if (ret == ASN1_OVERFLOW) { + u_char *tmp; + + buf_size *= 2; + tmp = realloc (buf, buf_size); + if (tmp == NULL) { + ret = ENOMEM; + goto fail; + } + buf = tmp; + } else { + goto fail; + } + } + } while(ret == ASN1_OVERFLOW); + + ret = krb5_crypto_init(context, &cred->session, enctype, &crypto); + ret = krb5_encrypt (context, + crypto, + KRB5_KU_AP_REQ_AUTH, + buf + buf_size - len, + len, + result); + krb5_crypto_destroy(context, crypto); + + if (ret) + goto fail; + + free (buf); + + if (auth_result) + *auth_result = auth; + else { + /* Don't free the `cksum', it's allocated by the caller */ + auth->cksum = NULL; + free_Authenticator (auth); + free (auth); + } + return ret; +fail: + free_Authenticator (auth); + free (auth); + free (buf); + return ret; +} diff --git a/crypto/heimdal/lib/krb5/cache.c b/crypto/heimdal/lib/krb5/cache.c new file mode 100644 index 0000000..e78d4de --- /dev/null +++ b/crypto/heimdal/lib/krb5/cache.c @@ -0,0 +1,422 @@ +/* + * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: cache.c,v 1.44 1999/12/02 17:05:08 joda Exp $"); + +/* + * Add a new ccache type with operations `ops', overwriting any + * existing one if `override'. + * Return an error code or 0. + */ + +krb5_error_code +krb5_cc_register(krb5_context context, + const krb5_cc_ops *ops, + krb5_boolean override) +{ + int i; + + for(i = 0; i < context->num_cc_ops && context->cc_ops[i].prefix; i++) { + if(strcmp(context->cc_ops[i].prefix, ops->prefix) == 0) { + if(override) + free(context->cc_ops[i].prefix); + else + return KRB5_CC_TYPE_EXISTS; + } + } + if(i == context->num_cc_ops) { + krb5_cc_ops *o = realloc(context->cc_ops, + (context->num_cc_ops + 1) * + sizeof(*context->cc_ops)); + if(o == NULL) + return KRB5_CC_NOMEM; + context->num_cc_ops++; + context->cc_ops = o; + memset(context->cc_ops + i, 0, + (context->num_cc_ops - i) * sizeof(*context->cc_ops)); + } + memcpy(&context->cc_ops[i], ops, sizeof(context->cc_ops[i])); + context->cc_ops[i].prefix = strdup(ops->prefix); + if(context->cc_ops[i].prefix == NULL) + return KRB5_CC_NOMEM; + + return 0; +} + +/* + * Allocate memory for a new ccache in `id' with operations `ops' + * and name `residual'. + * Return 0 or an error code. + */ + +static krb5_error_code +allocate_ccache (krb5_context context, + const krb5_cc_ops *ops, + const char *residual, + krb5_ccache *id) +{ + krb5_error_code ret; + krb5_ccache p; + + p = malloc(sizeof(*p)); + if(p == NULL) + return KRB5_CC_NOMEM; + p->ops = ops; + *id = p; + ret = p->ops->resolve(context, id, residual); + if(ret) + free(p); + return ret; +} + +/* + * Find and allocate a ccache in `id' from the specification in `residual'. + * If the ccache name doesn't contain any colon, interpret it as a file name. + * Return 0 or an error code. + */ + +krb5_error_code +krb5_cc_resolve(krb5_context context, + const char *name, + krb5_ccache *id) +{ + int i; + + for(i = 0; i < context->num_cc_ops && context->cc_ops[i].prefix; i++) { + size_t prefix_len = strlen(context->cc_ops[i].prefix); + + if(strncmp(context->cc_ops[i].prefix, name, prefix_len) == 0 + && name[prefix_len] == ':') { + return allocate_ccache (context, &context->cc_ops[i], + name + prefix_len + 1, + id); + } + } + if (strchr (name, ':') == NULL) + return allocate_ccache (context, &krb5_fcc_ops, name, id); + else + return KRB5_CC_UNKNOWN_TYPE; +} + +/* + * Generate a new ccache of type `ops' in `id'. + * Return 0 or an error code. + */ + +krb5_error_code +krb5_cc_gen_new(krb5_context context, + const krb5_cc_ops *ops, + krb5_ccache *id) +{ + krb5_ccache p; + + p = malloc (sizeof(*p)); + if (p == NULL) + return KRB5_CC_NOMEM; + p->ops = ops; + *id = p; + return p->ops->gen_new(context, id); +} + +/* + * Return the name of the ccache `id' + */ + +const char* +krb5_cc_get_name(krb5_context context, + krb5_ccache id) +{ + return id->ops->get_name(context, id); +} + +/* + * Return the type of the ccache `id'. + */ + +const char* +krb5_cc_get_type(krb5_context context, + krb5_ccache id) +{ + return id->ops->prefix; +} + +/* + * Return a pointer to a static string containing the default ccache name. + */ + +const char* +krb5_cc_default_name(krb5_context context) +{ + static char name[1024]; + char *p; + + p = getenv("KRB5CCNAME"); + if(p) + strlcpy (name, p, sizeof(name)); + else + snprintf(name, + sizeof(name), + "FILE:/tmp/krb5cc_%u", + (unsigned)getuid()); + return name; +} + +/* + * Open the default ccache in `id'. + * Return 0 or an error code. + */ + +krb5_error_code +krb5_cc_default(krb5_context context, + krb5_ccache *id) +{ + return krb5_cc_resolve(context, + krb5_cc_default_name(context), + id); +} + +/* + * Create a new ccache in `id' for `primary_principal'. + * Return 0 or an error code. + */ + +krb5_error_code +krb5_cc_initialize(krb5_context context, + krb5_ccache id, + krb5_principal primary_principal) +{ + return id->ops->init(context, id, primary_principal); +} + + +/* + * Remove the ccache `id'. + * Return 0 or an error code. + */ + +krb5_error_code +krb5_cc_destroy(krb5_context context, + krb5_ccache id) +{ + krb5_error_code ret; + + ret = id->ops->destroy(context, id); + krb5_cc_close (context, id); + return ret; +} + +/* + * Stop using the ccache `id' and free the related resources. + * Return 0 or an error code. + */ + +krb5_error_code +krb5_cc_close(krb5_context context, + krb5_ccache id) +{ + krb5_error_code ret; + ret = id->ops->close(context, id); + free(id); + return ret; +} + +/* + * Store `creds' in the ccache `id'. + * Return 0 or an error code. + */ + +krb5_error_code +krb5_cc_store_cred(krb5_context context, + krb5_ccache id, + krb5_creds *creds) +{ + return id->ops->store(context, id, creds); +} + +/* + * Retrieve the credential identified by `mcreds' (and `whichfields') + * from `id' in `creds'. + * Return 0 or an error code. + */ + +krb5_error_code +krb5_cc_retrieve_cred(krb5_context context, + krb5_ccache id, + krb5_flags whichfields, + const krb5_creds *mcreds, + krb5_creds *creds) +{ + krb5_error_code ret; + krb5_cc_cursor cursor; + krb5_cc_start_seq_get(context, id, &cursor); + while((ret = krb5_cc_next_cred(context, id, creds, &cursor)) == 0){ + if(krb5_compare_creds(context, whichfields, mcreds, creds)){ + ret = 0; + break; + } + krb5_free_creds_contents (context, creds); + } + krb5_cc_end_seq_get(context, id, &cursor); + return ret; +} + +/* + * Return the principal of `id' in `principal'. + * Return 0 or an error code. + */ + +krb5_error_code +krb5_cc_get_principal(krb5_context context, + krb5_ccache id, + krb5_principal *principal) +{ + return id->ops->get_princ(context, id, principal); +} + +/* + * Start iterating over `id', `cursor' is initialized to the + * beginning. + * Return 0 or an error code. + */ + +krb5_error_code +krb5_cc_start_seq_get (krb5_context context, + const krb5_ccache id, + krb5_cc_cursor *cursor) +{ + return id->ops->get_first(context, id, cursor); +} + +/* + * Retrieve the next cred pointed to by (`id', `cursor') in `creds' + * and advance `cursor'. + * Return 0 or an error code. + */ + +krb5_error_code +krb5_cc_next_cred (krb5_context context, + const krb5_ccache id, + krb5_creds *creds, + krb5_cc_cursor *cursor) +{ + return id->ops->get_next(context, id, cursor, creds); +} + +/* + * Destroy the cursor `cursor'. + */ + +krb5_error_code +krb5_cc_end_seq_get (krb5_context context, + const krb5_ccache id, + krb5_cc_cursor *cursor) +{ + return id->ops->end_get(context, id, cursor); +} + +/* + * Remove the credential identified by `cred', `which' from `id'. + */ + +krb5_error_code +krb5_cc_remove_cred(krb5_context context, + krb5_ccache id, + krb5_flags which, + krb5_creds *cred) +{ + return id->ops->remove_cred(context, id, which, cred); +} + +/* + * Set the flags of `id' to `flags'. + */ + +krb5_error_code +krb5_cc_set_flags(krb5_context context, + krb5_ccache id, + krb5_flags flags) +{ + return id->ops->set_flags(context, id, flags); +} + +/* + * Copy the contents of `from' to `to'. + */ + +krb5_error_code +krb5_cc_copy_cache(krb5_context context, + const krb5_ccache from, + krb5_ccache to) +{ + krb5_error_code ret; + krb5_cc_cursor cursor; + krb5_creds cred; + krb5_principal princ; + + ret = krb5_cc_get_principal(context, from, &princ); + if(ret) + return ret; + ret = krb5_cc_initialize(context, to, princ); + if(ret){ + krb5_free_principal(context, princ); + return ret; + } + ret = krb5_cc_start_seq_get(context, from, &cursor); + if(ret){ + krb5_free_principal(context, princ); + return ret; + } + while(ret == 0 && krb5_cc_next_cred(context, from, &cred, &cursor) == 0){ + ret = krb5_cc_store_cred(context, to, &cred); + krb5_free_creds_contents (context, &cred); + } + krb5_cc_end_seq_get(context, from, &cursor); + krb5_free_principal(context, princ); + return ret; +} + +/* + * Return the version of `id'. + */ + +krb5_error_code +krb5_cc_get_version(krb5_context context, + const krb5_ccache id) +{ + if(id->ops->get_version) + return id->ops->get_version(context, id); + else + return 0; +} diff --git a/crypto/heimdal/lib/krb5/changepw.c b/crypto/heimdal/lib/krb5/changepw.c new file mode 100644 index 0000000..fd94440 --- /dev/null +++ b/crypto/heimdal/lib/krb5/changepw.c @@ -0,0 +1,346 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <krb5_locl.h> + +RCSID("$Id: changepw.c,v 1.19 1999/12/11 23:14:51 assar Exp $"); + +static krb5_error_code +get_kdc_address (krb5_context context, + krb5_realm realm, + struct addrinfo **ai) +{ + struct addrinfo hints; + krb5_error_code ret; + char **hostlist; + int port = 0; + char portstr[NI_MAXSERV]; + int error; + char *host; + char *dot; + + ret = krb5_get_krb_changepw_hst (context, + &realm, + &hostlist); + if (ret) + return ret; + + host = *hostlist; + + dot = strchr (host, ':'); + if (dot != NULL) { + char *end; + + *dot++ = '\0'; + port = strtol (dot, &end, 0); + } + if (port == 0) + port = krb5_getportbyname (context, "kpasswd", "udp", KPASSWD_PORT); + snprintf (portstr, sizeof(portstr), "%u", ntohs(port)); + + memset (&hints, 0, sizeof(hints)); + hints.ai_socktype = SOCK_DGRAM; + hints.ai_protocol = IPPROTO_UDP; + + error = getaddrinfo (host, portstr, &hints, ai); + krb5_free_krbhst (context, hostlist); + return error; +} + +static krb5_error_code +send_request (krb5_context context, + krb5_auth_context *auth_context, + krb5_creds *creds, + int sock, + struct sockaddr *sa, + int sa_size, + char *passwd) +{ + krb5_error_code ret; + krb5_data ap_req_data; + krb5_data krb_priv_data; + krb5_data passwd_data; + size_t len; + u_char header[6]; + u_char *p; + struct iovec iov[3]; + struct msghdr msghdr; + + krb5_data_zero (&ap_req_data); + + ret = krb5_mk_req_extended (context, + auth_context, + AP_OPTS_MUTUAL_REQUIRED, + NULL, /* in_data */ + creds, + &ap_req_data); + if (ret) + return ret; + + passwd_data.data = passwd; + passwd_data.length = strlen(passwd); + + krb5_data_zero (&krb_priv_data); + + ret = krb5_mk_priv (context, + *auth_context, + &passwd_data, + &krb_priv_data, + NULL); + if (ret) + goto out2; + + len = 6 + ap_req_data.length + krb_priv_data.length; + p = header; + *p++ = (len >> 8) & 0xFF; + *p++ = (len >> 0) & 0xFF; + *p++ = 0; + *p++ = 1; + *p++ = (ap_req_data.length >> 8) & 0xFF; + *p++ = (ap_req_data.length >> 0) & 0xFF; + + memset(&msghdr, 0, sizeof(msghdr)); + msghdr.msg_name = (void *)sa; + msghdr.msg_namelen = sa_size; + msghdr.msg_iov = iov; + msghdr.msg_iovlen = sizeof(iov)/sizeof(*iov); +#if 0 + msghdr.msg_control = NULL; + msghdr.msg_controllen = 0; +#endif + + iov[0].iov_base = (void*)header; + iov[0].iov_len = 6; + iov[1].iov_base = ap_req_data.data; + iov[1].iov_len = ap_req_data.length; + iov[2].iov_base = krb_priv_data.data; + iov[2].iov_len = krb_priv_data.length; + + if (sendmsg (sock, &msghdr, 0) < 0) + ret = errno; + + krb5_data_free (&krb_priv_data); +out2: + krb5_data_free (&ap_req_data); + return ret; +} + +static void +str2data (krb5_data *d, + char *fmt, + ...) +{ + va_list args; + + va_start(args, fmt); + d->length = vasprintf ((char **)&d->data, fmt, args); + va_end(args); +} + +static krb5_error_code +process_reply (krb5_context context, + krb5_auth_context auth_context, + int sock, + int *result_code, + krb5_data *result_code_string, + krb5_data *result_string) +{ + krb5_error_code ret; + u_char reply[BUFSIZ]; + size_t len; + u_int16_t pkt_len, pkt_ver; + krb5_data ap_rep_data; + + ret = recvfrom (sock, reply, sizeof(reply), 0, NULL, NULL); + if (ret < 0) + return errno; + + len = ret; + pkt_len = (reply[0] << 8) | (reply[1]); + pkt_ver = (reply[2] << 8) | (reply[3]); + + if (pkt_len != len) { + str2data (result_string, "client: wrong len in reply"); + *result_code = KRB5_KPASSWD_MALFORMED; + return 0; + } + if (pkt_ver != 0x0001) { + str2data (result_string, + "client: wrong version number (%d)", pkt_ver); + *result_code = KRB5_KPASSWD_MALFORMED; + return 0; + } + + ap_rep_data.data = reply + 6; + ap_rep_data.length = (reply[4] << 8) | (reply[5]); + + if (ap_rep_data.length) { + krb5_ap_rep_enc_part *ap_rep; + krb5_data priv_data; + u_char *p; + + ret = krb5_rd_rep (context, + auth_context, + &ap_rep_data, + &ap_rep); + if (ret) + return ret; + + krb5_free_ap_rep_enc_part (context, ap_rep); + + priv_data.data = (u_char*)ap_rep_data.data + ap_rep_data.length; + priv_data.length = len - ap_rep_data.length - 6; + + ret = krb5_rd_priv (context, + auth_context, + &priv_data, + result_code_string, + NULL); + if (ret) { + krb5_data_free (result_code_string); + return ret; + } + + if (result_code_string->length < 2) { + *result_code = KRB5_KPASSWD_MALFORMED; + str2data (result_string, + "client: bad length in result"); + return 0; + } + p = result_code_string->data; + + *result_code = (p[0] << 8) | p[1]; + krb5_data_copy (result_string, + (unsigned char*)result_code_string->data + 2, + result_code_string->length - 2); + return 0; + } else { + KRB_ERROR error; + size_t size; + u_char *p; + + ret = decode_KRB_ERROR(reply + 6, len - 6, &error, &size); + if (ret) { + return ret; + } + if (error.e_data->length < 2) { + krb5_warnx (context, "too short e_data to print anything usable"); + return 1; + } + + p = error.e_data->data; + *result_code = (p[0] << 8) | p[1]; + krb5_data_copy (result_string, + p + 2, + error.e_data->length - 2); + return 0; + } +} + +krb5_error_code +krb5_change_password (krb5_context context, + krb5_creds *creds, + char *newpw, + int *result_code, + krb5_data *result_code_string, + krb5_data *result_string) +{ + krb5_error_code ret; + krb5_auth_context auth_context = NULL; + int sock; + int i; + struct addrinfo *ai, *a; + + ret = krb5_auth_con_init (context, &auth_context); + if (ret) + return ret; + + ret = get_kdc_address (context, creds->client->realm, &ai); + if (ret) + goto out; + + krb5_auth_con_setflags (context, auth_context, + KRB5_AUTH_CONTEXT_DO_SEQUENCE); + + for (a = ai; a != NULL; a = a->ai_next) { + sock = socket (a->ai_family, a->ai_socktype, a->ai_protocol); + if (sock < 0) + continue; + + for (i = 0; i < 5; ++i) { + fd_set fdset; + struct timeval tv; + + ret = send_request (context, + &auth_context, + creds, + sock, + a->ai_addr, + a->ai_addrlen, + newpw); + if (ret) + goto out; + + FD_ZERO(&fdset); + FD_SET(sock, &fdset); + tv.tv_usec = 0; + tv.tv_sec = 1 << i; + + ret = select (sock + 1, &fdset, NULL, NULL, &tv); + if (ret < 0 && errno != EINTR) + goto out; + if (ret == 1) + break; + } + if (i == 5) { + ret = KRB5_KDC_UNREACH; + close (sock); + continue; + } + + ret = process_reply (context, + auth_context, + sock, + result_code, + result_code_string, + result_string); + close (sock); + if (ret == 0) + break; + } + freeaddrinfo (ai); + +out: + krb5_auth_con_free (context, auth_context); + return ret; +} diff --git a/crypto/heimdal/lib/krb5/codec.c b/crypto/heimdal/lib/krb5/codec.c new file mode 100644 index 0000000..1d94613 --- /dev/null +++ b/crypto/heimdal/lib/krb5/codec.c @@ -0,0 +1,251 @@ +/* + * Copyright (c) 1998 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: codec.c,v 1.6 1999/12/02 17:05:08 joda Exp $"); + +/* these functions does what the normal asn.1-functions does, but + converts the keytype to/from the on-the-wire enctypes */ + +#if 1 +#define DECODE(T, K) return decode_ ## T(data, length, t, len) +#define ENCODE(T, K) return encode_ ## T(data, length, t, len) +#else +#define DECODE(T, K) \ +{ \ + krb5_error_code ret; \ + ret = decode_ ## T((void*)data, length, t, len); \ + if(ret) \ + return ret; \ + if(K) \ + ret = krb5_decode_keyblock(context, (K), 1); \ + return ret; \ +} + +#define ENCODE(T, K) \ +{ \ + krb5_error_code ret = 0; \ + if(K) \ + ret = krb5_decode_keyblock(context, (K), 0); \ + if(ret) \ + return ret; \ + return encode_ ## T(data, length, t, len); \ +} +#endif + +krb5_error_code +krb5_decode_EncTicketPart (krb5_context context, + const void *data, + size_t length, + EncTicketPart *t, + size_t *len) +{ + DECODE(EncTicketPart, &t->key); +} + +krb5_error_code +krb5_encode_EncTicketPart (krb5_context context, + void *data, + size_t length, + EncTicketPart *t, + size_t *len) +{ + ENCODE(EncTicketPart, &t->key); +} + +krb5_error_code +krb5_decode_EncASRepPart (krb5_context context, + const void *data, + size_t length, + EncASRepPart *t, + size_t *len) +{ + DECODE(EncASRepPart, &t->key); +} + +krb5_error_code +krb5_encode_EncASRepPart (krb5_context context, + void *data, + size_t length, + EncASRepPart *t, + size_t *len) +{ + ENCODE(EncASRepPart, &t->key); +} + +krb5_error_code +krb5_decode_EncTGSRepPart (krb5_context context, + const void *data, + size_t length, + EncTGSRepPart *t, + size_t *len) +{ + DECODE(EncTGSRepPart, &t->key); +} + +krb5_error_code +krb5_encode_EncTGSRepPart (krb5_context context, + void *data, + size_t length, + EncTGSRepPart *t, + size_t *len) +{ + ENCODE(EncTGSRepPart, &t->key); +} + +krb5_error_code +krb5_decode_EncAPRepPart (krb5_context context, + const void *data, + size_t length, + EncAPRepPart *t, + size_t *len) +{ + DECODE(EncAPRepPart, t->subkey); +} + +krb5_error_code +krb5_encode_EncAPRepPart (krb5_context context, + void *data, + size_t length, + EncAPRepPart *t, + size_t *len) +{ + ENCODE(EncAPRepPart, t->subkey); +} + +krb5_error_code +krb5_decode_Authenticator (krb5_context context, + const void *data, + size_t length, + Authenticator *t, + size_t *len) +{ + DECODE(Authenticator, t->subkey); +} + +krb5_error_code +krb5_encode_Authenticator (krb5_context context, + void *data, + size_t length, + Authenticator *t, + size_t *len) +{ + ENCODE(Authenticator, t->subkey); +} + +krb5_error_code +krb5_decode_EncKrbCredPart (krb5_context context, + const void *data, + size_t length, + EncKrbCredPart *t, + size_t *len) +{ +#if 1 + return decode_EncKrbCredPart(data, length, t, len); +#else + krb5_error_code ret; + int i; + ret = decode_EncKrbCredPart((void*)data, length, t, len); + if(ret) + return ret; + for(i = 0; i < t->ticket_info.len; i++) + if((ret = krb5_decode_keyblock(context, &t->ticket_info.val[i].key, 1))) + break; + return ret; +#endif +} + +krb5_error_code +krb5_encode_EncKrbCredPart (krb5_context context, + void *data, + size_t length, + EncKrbCredPart *t, + size_t *len) +{ +#if 0 + krb5_error_code ret = 0; + int i; + + for(i = 0; i < t->ticket_info.len; i++) + if((ret = krb5_decode_keyblock(context, &t->ticket_info.val[i].key, 0))) + break; + if(ret) return ret; +#endif + return encode_EncKrbCredPart (data, length, t, len); +} + +krb5_error_code +krb5_decode_ETYPE_INFO (krb5_context context, + const void *data, + size_t length, + ETYPE_INFO *t, + size_t *len) +{ +#if 1 + return decode_ETYPE_INFO(data, length, t, len); +#else + krb5_error_code ret; + int i; + + ret = decode_ETYPE_INFO((void*)data, length, t, len); + if(ret) + return ret; + for(i = 0; i < t->len; i++) { + if((ret = krb5_decode_keytype(context, &t->val[i].etype, 1))) + break; + } + return ret; +#endif +} + +krb5_error_code +krb5_encode_ETYPE_INFO (krb5_context context, + void *data, + size_t length, + ETYPE_INFO *t, + size_t *len) +{ +#if 0 + krb5_error_code ret = 0; + + int i; + /* XXX this will break, since we need one key-info for each enctype */ + /* XXX or do we? */ + for(i = 0; i < t->len; i++) + if((ret = krb5_decode_keytype(context, &t->val[i].etype, 0))) + break; + if(ret) return ret; +#endif + return encode_ETYPE_INFO (data, length, t, len); +} diff --git a/crypto/heimdal/lib/krb5/config_file.c b/crypto/heimdal/lib/krb5/config_file.c new file mode 100644 index 0000000..3d1ff1e --- /dev/null +++ b/crypto/heimdal/lib/krb5/config_file.c @@ -0,0 +1,750 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" +RCSID("$Id: config_file.c,v 1.38 1999/12/02 17:05:08 joda Exp $"); + +#ifndef HAVE_NETINFO + +static int parse_section(char *p, krb5_config_section **s, + krb5_config_section **res, + char **error_message); +static int parse_binding(FILE *f, unsigned *lineno, char *p, + krb5_config_binding **b, + krb5_config_binding **parent, + char **error_message); +static int parse_list(FILE *f, unsigned *lineno, krb5_config_binding **parent, + char **error_message); + +/* + * Parse a section: + * + * [section] + * foo = bar + * b = { + * a + * } + * ... + * + * starting at the line in `p', storing the resulting structure in + * `s' and hooking it into `parent'. + * Store the error message in `error_message'. + */ + +static int +parse_section(char *p, krb5_config_section **s, krb5_config_section **parent, + char **error_message) +{ + char *p1; + krb5_config_section *tmp; + + p1 = strchr (p + 1, ']'); + if (p1 == NULL) { + *error_message = "missing ]"; + return -1; + } + *p1 = '\0'; + tmp = malloc(sizeof(*tmp)); + if (tmp == NULL) { + *error_message = "out of memory"; + return -1; + } + tmp->name = strdup(p+1); + if (tmp->name == NULL) { + *error_message = "out of memory"; + return -1; + } + tmp->type = krb5_config_list; + tmp->u.list = NULL; + tmp->next = NULL; + if (*s) + (*s)->next = tmp; + else + *parent = tmp; + *s = tmp; + return 0; +} + +/* + * Parse a brace-enclosed list from `f', hooking in the structure at + * `parent'. + * Store the error message in `error_message'. + */ + +static int +parse_list(FILE *f, unsigned *lineno, krb5_config_binding **parent, + char **error_message) +{ + char buf[BUFSIZ]; + int ret; + krb5_config_binding *b = NULL; + unsigned beg_lineno = *lineno; + + while(fgets(buf, sizeof(buf), f) != NULL) { + char *p; + + ++*lineno; + if (buf[strlen(buf) - 1] == '\n') + buf[strlen(buf) - 1] = '\0'; + p = buf; + while(isspace((unsigned char)*p)) + ++p; + if (*p == '#' || *p == ';' || *p == '\0') + continue; + while(isspace((unsigned char)*p)) + ++p; + if (*p == '}') + return 0; + if (*p == '\0') + continue; + ret = parse_binding (f, lineno, p, &b, parent, error_message); + if (ret) + return ret; + } + *lineno = beg_lineno; + *error_message = "unclosed {"; + return -1; +} + +/* + * + */ + +static int +parse_binding(FILE *f, unsigned *lineno, char *p, + krb5_config_binding **b, krb5_config_binding **parent, + char **error_message) +{ + krb5_config_binding *tmp; + char *p1, *p2; + int ret = 0; + + p1 = p; + while (*p && *p != '=' && !isspace((unsigned char)*p)) + ++p; + if (*p == '\0') { + *error_message = "no ="; + return -1; + } + p2 = p; + while (isspace((unsigned char)*p)) + ++p; + if (*p != '=') { + *error_message = "no ="; + return -1; + } + ++p; + while(isspace((unsigned char)*p)) + ++p; + tmp = malloc(sizeof(*tmp)); + if (tmp == NULL) { + *error_message = "out of memory"; + return -1; + } + *p2 = '\0'; + tmp->name = strdup(p1); + tmp->next = NULL; + if (*p == '{') { + tmp->type = krb5_config_list; + tmp->u.list = NULL; + ret = parse_list (f, lineno, &tmp->u.list, error_message); + } else { + p1 = p; + p = p1 + strlen(p1); + while(p > p1 && isspace((unsigned char)*(p-1))) + --p; + *p = '\0'; + tmp->type = krb5_config_string; + tmp->u.string = strdup(p1); + } + if (*b) + (*b)->next = tmp; + else + *parent = tmp; + *b = tmp; + return ret; +} + +/* + * Parse the config file `fname', generating the structures into `res' + * returning error messages in `error_message' + */ + +krb5_error_code +krb5_config_parse_file_debug (const char *fname, + krb5_config_section **res, + unsigned *lineno, + char **error_message) +{ + FILE *f; + krb5_config_section *s; + krb5_config_binding *b; + char buf[BUFSIZ]; + int ret; + + s = NULL; + b = NULL; + *lineno = 0; + f = fopen (fname, "r"); + if (f == NULL) { + *error_message = "cannot open file"; + return -1; + } + *res = NULL; + while (fgets(buf, sizeof(buf), f) != NULL) { + char *p; + + ++*lineno; + if(buf[strlen(buf) - 1] == '\n') + buf[strlen(buf) - 1] = '\0'; + p = buf; + while(isspace((unsigned char)*p)) + ++p; + if (*p == '#' || *p == ';') + continue; + if (*p == '[') { + ret = parse_section(p, &s, res, error_message); + if (ret) + return ret; + b = NULL; + } else if (*p == '}') { + *error_message = "unmatched }"; + return -1; + } else if(*p != '\0') { + ret = parse_binding(f, lineno, p, &b, &s->u.list, error_message); + if (ret) + return ret; + } + } + fclose (f); + return 0; +} + +krb5_error_code +krb5_config_parse_file (const char *fname, krb5_config_section **res) +{ + char *foo; + unsigned lineno; + + return krb5_config_parse_file_debug (fname, res, &lineno, &foo); +} + +#endif /* !HAVE_NETINFO */ + +static void +free_binding (krb5_context context, krb5_config_binding *b) +{ + krb5_config_binding *next_b; + + while (b) { + free (b->name); + if (b->type == krb5_config_string) + free (b->u.string); + else if (b->type == krb5_config_list) + free_binding (context, b->u.list); + else + krb5_abortx(context, "unknown binding type (%d) in free_binding", + b->type); + next_b = b->next; + free (b); + b = next_b; + } +} + +krb5_error_code +krb5_config_file_free (krb5_context context, krb5_config_section *s) +{ + free_binding (context, s); + return 0; +} + +const void * +krb5_config_get_next (krb5_context context, + krb5_config_section *c, + krb5_config_binding **pointer, + int type, + ...) +{ + const char *ret; + va_list args; + + va_start(args, type); + ret = krb5_config_vget_next (context, c, pointer, type, args); + va_end(args); + return ret; +} + +const void * +krb5_config_vget_next (krb5_context context, + krb5_config_section *c, + krb5_config_binding **pointer, + int type, + va_list args) +{ + krb5_config_binding *b; + const char *p; + + if(c == NULL) + c = context->cf; + + if (c == NULL) + return NULL; + + if (*pointer == NULL) { + b = (c != NULL) ? c : context->cf; + p = va_arg(args, const char *); + if (p == NULL) + return NULL; + } else { + b = *pointer; + p = b->name; + b = b->next; + } + + while (b) { + if (strcmp (b->name, p) == 0) { + if (*pointer == NULL) + p = va_arg(args, const char *); + else + p = NULL; + if (type == b->type && p == NULL) { + *pointer = b; + return b->u.generic; + } else if(b->type == krb5_config_list && p != NULL) { + b = b->u.list; + } else { + return NULL; + } + } else { + b = b->next; + } + } + return NULL; +} + +const void * +krb5_config_get (krb5_context context, + krb5_config_section *c, + int type, + ...) +{ + const void *ret; + va_list args; + + va_start(args, type); + ret = krb5_config_vget (context, c, type, args); + va_end(args); + return ret; +} + +const void * +krb5_config_vget (krb5_context context, + krb5_config_section *c, + int type, + va_list args) +{ + krb5_config_binding *foo = NULL; + + return krb5_config_vget_next (context, c, &foo, type, args); +} + +const krb5_config_binding * +krb5_config_get_list (krb5_context context, + krb5_config_section *c, + ...) +{ + const krb5_config_binding *ret; + va_list args; + + va_start(args, c); + ret = krb5_config_vget_list (context, c, args); + va_end(args); + return ret; +} + +const krb5_config_binding * +krb5_config_vget_list (krb5_context context, + krb5_config_section *c, + va_list args) +{ + return krb5_config_vget (context, c, krb5_config_list, args); +} + +const char * +krb5_config_get_string (krb5_context context, + krb5_config_section *c, + ...) +{ + const char *ret; + va_list args; + + va_start(args, c); + ret = krb5_config_vget_string (context, c, args); + va_end(args); + return ret; +} + +const char * +krb5_config_vget_string (krb5_context context, + krb5_config_section *c, + va_list args) +{ + return krb5_config_vget (context, c, krb5_config_string, args); +} + +char ** +krb5_config_vget_strings(krb5_context context, + krb5_config_section *c, + va_list args) +{ + char **strings = NULL; + int nstr = 0; + krb5_config_binding *b = NULL; + const char *p; + + while((p = krb5_config_vget_next(context, c, &b, + krb5_config_string, args))) { + char *tmp = strdup(p); + char *pos = NULL; + char *s; + if(tmp == NULL) + goto cleanup; + s = strtok_r(tmp, " \t", &pos); + while(s){ + char **tmp = realloc(strings, (nstr + 1) * sizeof(*strings)); + if(tmp == NULL) + goto cleanup; + strings = tmp; + strings[nstr] = strdup(s); + nstr++; + if(strings[nstr-1] == NULL) + goto cleanup; + s = strtok_r(NULL, " \t", &pos); + } + free(tmp); + } + if(nstr){ + char **tmp = realloc(strings, (nstr + 1) * sizeof(*strings)); + if(strings == NULL) + goto cleanup; + strings = tmp; + strings[nstr] = NULL; + } + return strings; +cleanup: + while(nstr--) + free(strings[nstr]); + free(strings); + return NULL; + +} + +char** +krb5_config_get_strings(krb5_context context, + krb5_config_section *c, + ...) +{ + va_list ap; + char **ret; + va_start(ap, c); + ret = krb5_config_vget_strings(context, c, ap); + va_end(ap); + return ret; +} + +void +krb5_config_free_strings(char **strings) +{ + char **s = strings; + while(s && *s){ + free(*s); + s++; + } + free(strings); +} + +krb5_boolean +krb5_config_vget_bool_default (krb5_context context, + krb5_config_section *c, + krb5_boolean def_value, + va_list args) +{ + const char *str; + str = krb5_config_vget_string (context, c, args); + if(str == NULL) + return def_value; + if(strcasecmp(str, "yes") == 0 || + strcasecmp(str, "true") == 0 || + atoi(str)) return TRUE; + return FALSE; +} + +krb5_boolean +krb5_config_vget_bool (krb5_context context, + krb5_config_section *c, + va_list args) +{ + return krb5_config_vget_bool_default (context, c, FALSE, args); +} + +krb5_boolean +krb5_config_get_bool_default (krb5_context context, + krb5_config_section *c, + krb5_boolean def_value, + ...) +{ + va_list ap; + krb5_boolean ret; + va_start(ap, def_value); + ret = krb5_config_vget_bool_default(context, c, def_value, ap); + va_end(ap); + return ret; +} + +krb5_boolean +krb5_config_get_bool (krb5_context context, + krb5_config_section *c, + ...) +{ + va_list ap; + krb5_boolean ret; + va_start(ap, c); + ret = krb5_config_vget_bool (context, c, ap); + va_end(ap); + return ret; +} + +int +krb5_config_vget_time_default (krb5_context context, + krb5_config_section *c, + int def_value, + va_list args) +{ + const char *str; + str = krb5_config_vget_string (context, c, args); + if(str == NULL) + return def_value; + return parse_time (str, NULL); +} + +int +krb5_config_vget_time (krb5_context context, + krb5_config_section *c, + va_list args) +{ + return krb5_config_vget_time_default (context, c, -1, args); +} + +int +krb5_config_get_time_default (krb5_context context, + krb5_config_section *c, + int def_value, + ...) +{ + va_list ap; + int ret; + va_start(ap, def_value); + ret = krb5_config_vget_time_default(context, c, def_value, ap); + va_end(ap); + return ret; +} + +int +krb5_config_get_time (krb5_context context, + krb5_config_section *c, + ...) +{ + va_list ap; + int ret; + va_start(ap, c); + ret = krb5_config_vget_time (context, c, ap); + va_end(ap); + return ret; +} + + +int +krb5_config_vget_int_default (krb5_context context, + krb5_config_section *c, + int def_value, + va_list args) +{ + const char *str; + str = krb5_config_vget_string (context, c, args); + if(str == NULL) + return def_value; + else { + char *endptr; + long l; + l = strtol(str, &endptr, 0); + if (endptr == str) + return def_value; + else + return l; + } +} + +int +krb5_config_vget_int (krb5_context context, + krb5_config_section *c, + va_list args) +{ + return krb5_config_vget_int_default (context, c, -1, args); +} + +int +krb5_config_get_int_default (krb5_context context, + krb5_config_section *c, + int def_value, + ...) +{ + va_list ap; + int ret; + va_start(ap, def_value); + ret = krb5_config_vget_int_default(context, c, def_value, ap); + va_end(ap); + return ret; +} + +int +krb5_config_get_int (krb5_context context, + krb5_config_section *c, + ...) +{ + va_list ap; + int ret; + va_start(ap, c); + ret = krb5_config_vget_int (context, c, ap); + va_end(ap); + return ret; +} + +#ifdef TEST + +static int print_list (krb5_context context, FILE *f, + krb5_config_binding *l, unsigned level); +static int print_binding (krb5_context context, FILE *f, + krb5_config_binding *b, unsigned level); +static int print_section (krb5_context context, FILE *f, + krb5_config_section *s, unsigned level); +static int print_config (krb5_context context, FILE *f, + krb5_config_section *c); + +static void +tab (FILE *f, unsigned count) +{ + while(count--) + fprintf (f, "\t"); +} + +static int +print_list (krb5_context context, + FILE *f, + krb5_config_binding *l, + unsigned level) +{ + while(l) { + print_binding (context, f, l, level); + l = l->next; + } + return 0; +} + +static int +print_binding (krb5_context context, + FILE *f, + krb5_config_binding *b, + unsigned level) +{ + tab (f, level); + fprintf (f, "%s = ", b->name); + if (b->type == krb5_config_string) + fprintf (f, "%s\n", b->u.string); + else if (b->type == krb5_config_list) { + fprintf (f, "{\n"); + print_list (f, b->u.list, level + 1); + tab (f, level); + fprintf (f, "}\n"); + } else + krb5_abortx(context, "unknown binding type (%d) in print_binding", + b->type); + return 0; +} + +static int +print_section (FILE *f, krb5_config_section *s, unsigned level) +{ + fprintf (f, "[%s]\n", s->name); + print_list (f, s->u.list, level + 1); + return 0; +} + +static int +print_config (FILE *f, krb5_config_section *c) +{ + while (c) { + print_section (f, c, 0); + c = c->next; + } + return 0; +} + + +int +main(void) +{ + krb5_config_section *c; + + printf ("%d\n", krb5_config_parse_file ("/etc/krb5.conf", &c)); + print_config (stdout, c); + printf ("[libdefaults]ticket_lifetime = %s\n", + krb5_config_get_string (context, c, + "libdefaults", + "ticket_lifetime", + NULL)); + printf ("[realms]foo = %s\n", + krb5_config_get_string (context, c, + "realms", + "foo", + NULL)); + printf ("[realms]ATHENA.MIT.EDU/v4_instance_convert/lithium = %s\n", + krb5_config_get_string (context, c, + "realms", + "ATHENA.MIT.EDU", + "v4_instance_convert", + "lithium", + NULL)); + return 0; +} + +#endif /* TEST */ diff --git a/crypto/heimdal/lib/krb5/config_file_netinfo.c b/crypto/heimdal/lib/krb5/config_file_netinfo.c new file mode 100644 index 0000000..aeb939a --- /dev/null +++ b/crypto/heimdal/lib/krb5/config_file_netinfo.c @@ -0,0 +1,178 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" +RCSID("$Id: config_file_netinfo.c,v 1.2 1999/12/02 17:05:08 joda Exp $"); + +/* + * Netinfo implementation from Luke Howard <lukeh@xedoc.com.au> + */ + +#ifdef HAVE_NETINFO +#include <netinfo/ni.h> +static ni_status +ni_proplist2binding(ni_proplist *pl, krb5_config_section **ret) +{ + int i, j; + krb5_config_section **next = NULL; + + for (i = 0; i < pl->ni_proplist_len; i++) { + if (!strcmp(pl->nipl_val[i].nip_name, "name")) + continue; + + for (j = 0; j < pl->nipl_val[i].nip_val.ni_namelist_len; j++) { + krb5_config_binding *b; + + b = malloc(sizeof(*b)); + if (b == NULL) + return NI_FAILED; + + b->next = NULL; + b->type = krb5_config_string; + b->name = ni_name_dup(pl->nipl_val[i].nip_name); + b->u.string = ni_name_dup(pl->nipl_val[i].nip_val.ninl_val[j]); + + if (next == NULL) { + *ret = b; + } else { + *next = b; + } + next = &b->next; + } + } + return NI_OK; +} + +static ni_status +ni_idlist2binding(void *ni, ni_idlist *idlist, krb5_config_section **ret) +{ + int i; + ni_status nis; + krb5_config_section **next; + + for (i = 0; i < idlist->ni_idlist_len; i++) { + ni_proplist pl; + ni_id nid; + ni_idlist children; + krb5_config_binding *b; + ni_index index; + + nid.nii_instance = 0; + nid.nii_object = idlist->ni_idlist_val[i]; + + nis = ni_read(ni, &nid, &pl); + + if (nis != NI_OK) { + return nis; + } + index = ni_proplist_match(pl, "name", NULL); + b = malloc(sizeof(*b)); + if (b == NULL) return NI_FAILED; + + if (i == 0) { + *ret = b; + } else { + *next = b; + } + + b->type = krb5_config_list; + b->name = ni_name_dup(pl.nipl_val[index].nip_val.ninl_val[0]); + b->next = NULL; + b->u.list = NULL; + + /* get the child directories */ + nis = ni_children(ni, &nid, &children); + if (nis == NI_OK) { + nis = ni_idlist2binding(ni, &children, &b->u.list); + if (nis != NI_OK) { + return nis; + } + } + + nis = ni_proplist2binding(&pl, b->u.list == NULL ? &b->u.list : &b->u.list->next); + ni_proplist_free(&pl); + if (nis != NI_OK) { + return nis; + } + next = &b->next; + } + ni_idlist_free(idlist); + return NI_OK; +} + +krb5_error_code +krb5_config_parse_file (const char *fname, krb5_config_section **res) +{ + void *ni = NULL, *lastni = NULL; + int i; + ni_status nis; + ni_id nid; + ni_idlist children; + + krb5_config_section *s; + int ret; + + s = NULL; + + for (i = 0; i < 256; i++) { + if (i == 0) { + nis = ni_open(NULL, ".", &ni); + } else { + if (lastni != NULL) ni_free(lastni); + lastni = ni; + nis = ni_open(lastni, "..", &ni); + } + if (nis != NI_OK) + break; + nis = ni_pathsearch(ni, &nid, "/locations/kerberos"); + if (nis == NI_OK) { + nis = ni_children(ni, &nid, &children); + if (nis != NI_OK) + break; + nis = ni_idlist2binding(ni, &children, &s); + break; + } + } + + if (ni != NULL) ni_free(ni); + if (ni != lastni && lastni != NULL) ni_free(lastni); + + ret = (nis == NI_OK) ? 0 : -1; + if (ret == 0) { + *res = s; + } else { + *res = NULL; + } + return ret; +} +#endif /* HAVE_NETINFO */ diff --git a/crypto/heimdal/lib/krb5/constants.c b/crypto/heimdal/lib/krb5/constants.c new file mode 100644 index 0000000..8314c26 --- /dev/null +++ b/crypto/heimdal/lib/krb5/constants.c @@ -0,0 +1,39 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: constants.c,v 1.4 1999/12/02 17:05:08 joda Exp $"); + +const char krb5_config_file[] = "/etc/krb5.conf"; +const char krb5_defkeyname[] = "/etc/v5srvtab"; diff --git a/crypto/heimdal/lib/krb5/context.c b/crypto/heimdal/lib/krb5/context.c new file mode 100644 index 0000000..cf25f7b --- /dev/null +++ b/crypto/heimdal/lib/krb5/context.c @@ -0,0 +1,357 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: context.c,v 1.51 1999/12/02 17:05:08 joda Exp $"); + +#define INIT_FIELD(C, T, E, D, F) \ + (C)->E = krb5_config_get_ ## T ## _default ((C), NULL, (D), \ + "libdefaults", F, NULL) + +#ifdef KRB4 +extern krb5_kt_ops krb4_fkt_ops; +#endif + +/* + * Set the list of etypes `ret_etypes' from the configuration variable + * `name' + */ + +static krb5_error_code +set_etypes (krb5_context context, + const char *name, + krb5_enctype **ret_enctypes) +{ + char **etypes_str; + krb5_enctype *etypes; + + etypes_str = krb5_config_get_strings(context, NULL, "libdefaults", + name, NULL); + if(etypes_str){ + int i, j, k; + for(i = 0; etypes_str[i]; i++); + etypes = malloc((i+1) * sizeof(*etypes)); + if (etypes == NULL) { + krb5_config_free_strings (etypes_str); + return ENOMEM; + } + for(j = 0, k = 0; j < i; j++) { + if(krb5_string_to_enctype(context, etypes_str[j], &etypes[k]) == 0) + k++; + } + etypes[k] = ETYPE_NULL; + krb5_config_free_strings(etypes_str); + *ret_enctypes = etypes; + } + return 0; +} + +/* + * read variables from the configuration file and set in `context' + */ + +static krb5_error_code +init_context_from_config_file(krb5_context context) +{ + const char * tmp; + INIT_FIELD(context, time, max_skew, 5 * 60, "clockskew"); + INIT_FIELD(context, time, kdc_timeout, 3, "kdc_timeout"); + INIT_FIELD(context, int, max_retries, 3, "max_retries"); + + context->http_proxy = krb5_config_get_string(context, NULL, "libdefaults", + "http_proxy", NULL); + + set_etypes (context, "default_etypes", &context->etypes); + set_etypes (context, "default_etypes_des", &context->etypes_des); + + /* default keytab name */ + context->default_keytab = krb5_config_get_string(context, NULL, + "libdefaults", + "default_keytab_name", + NULL); + if(context->default_keytab == NULL) + context->default_keytab = KEYTAB_DEFAULT; + + context->time_fmt = krb5_config_get_string(context, NULL, "libdefaults", + "time_format", NULL); + if(context->time_fmt == NULL) + context->time_fmt = "%d-%b-%Y %H:%M:%S"; + context->log_utc = krb5_config_get_bool(context, NULL, "libdefaults", + "log_utc", NULL); + + /* init dns-proxy slime */ + tmp = krb5_config_get_string(context, NULL, "libdefaults", + "dns_proxy", NULL); + if(tmp) + roken_gethostby_setup(context->http_proxy, tmp); + context->default_realms = NULL; + + { + krb5_addresses addresses; + char **adr, **a; + adr = krb5_config_get_strings(context, NULL, + "libdefaults", + "extra_addresses", + NULL); + memset(&addresses, 0, sizeof(addresses)); + for(a = adr; a && *a; a++) { + krb5_parse_address(context, *a, &addresses); + krb5_add_extra_addresses(context, &addresses); + krb5_free_addresses(context, &addresses); + } + krb5_config_free_strings(adr); + } + + INIT_FIELD(context, bool, scan_interfaces, TRUE, "scan_interfaces"); + INIT_FIELD(context, bool, srv_lookup, TRUE, "srv_lookup"); + INIT_FIELD(context, bool, srv_try_txt, FALSE, "srv_try_txt"); + INIT_FIELD(context, bool, srv_try_rfc2052, TRUE, "srv_try_rfc2052"); + INIT_FIELD(context, int, fcache_vno, 0, "fcache_version"); + + context->cc_ops = NULL; + context->num_cc_ops = 0; + krb5_cc_register(context, &krb5_fcc_ops, TRUE); + krb5_cc_register(context, &krb5_mcc_ops, TRUE); + + context->num_kt_types = 0; + context->kt_types = NULL; + krb5_kt_register (context, &krb5_fkt_ops); + krb5_kt_register (context, &krb5_mkt_ops); +#ifdef KRB4 + krb5_kt_register (context, &krb4_fkt_ops); +#endif + krb5_kt_register (context, &krb5_akf_ops); + return 0; +} + +krb5_error_code +krb5_init_context(krb5_context *context) +{ + krb5_context p; + const char *config_file = NULL; + krb5_config_section *tmp_cf; + krb5_error_code ret; + + ALLOC(p, 1); + if(!p) + return ENOMEM; + memset(p, 0, sizeof(krb5_context_data)); + + /* init error tables */ + krb5_init_ets(p); + + if(!issuid()) + config_file = getenv("KRB5_CONFIG"); + if (config_file == NULL) + config_file = krb5_config_file; + + ret = krb5_config_parse_file (config_file, &tmp_cf); + + if (ret == 0) + p->cf = tmp_cf; +#if 0 + else + krb5_warnx (p, "Unable to parse config file %s. Ignoring.", + config_file); /* XXX */ +#endif + + ret = init_context_from_config_file(p); + if(ret) + return ret; + + *context = p; + return 0; +} + +void +krb5_free_context(krb5_context context) +{ + int i; + + free(context->etypes); + free(context->etypes_des); + krb5_free_host_realm (context, context->default_realms); + krb5_config_file_free (context, context->cf); + free_error_table (context->et_list); + for(i = 0; i < context->num_cc_ops; ++i) + free(context->cc_ops[i].prefix); + free(context->cc_ops); + free(context->kt_types); + free(context); +} + +static krb5_error_code +default_etypes(krb5_enctype **etype) +{ + krb5_enctype p[] = { + ETYPE_DES3_CBC_SHA1, + ETYPE_DES3_CBC_MD5, + ETYPE_DES_CBC_MD5, + ETYPE_DES_CBC_MD4, + ETYPE_DES_CBC_CRC, + ETYPE_NULL + }; + *etype = malloc(sizeof(p)); + if(*etype == NULL) + return ENOMEM; + memcpy(*etype, p, sizeof(p)); + return 0; +} + +krb5_error_code +krb5_set_default_in_tkt_etypes(krb5_context context, + const krb5_enctype *etypes) +{ + int i; + krb5_enctype *p = NULL; + + if(etypes) { + i = 0; + while(etypes[i]) + if(!krb5_enctype_valid(context, etypes[i++])) + return KRB5_PROG_ETYPE_NOSUPP; + ++i; + ALLOC(p, i); + if(!p) + return ENOMEM; + memmove(p, etypes, i * sizeof(krb5_enctype)); + } + if(context->etypes) + free(context->etypes); + context->etypes = p; + return 0; +} + + +krb5_error_code +krb5_get_default_in_tkt_etypes(krb5_context context, + krb5_enctype **etypes) +{ + krb5_enctype *p; + int i; + + if(context->etypes) { + for(i = 0; context->etypes[i]; i++); + ++i; + ALLOC(p, i); + if(!p) + return ENOMEM; + memmove(p, context->etypes, i * sizeof(krb5_enctype)); + } else + if(default_etypes(&p)) + return ENOMEM; + *etypes = p; + return 0; +} + +const char * +krb5_get_err_text(krb5_context context, krb5_error_code code) +{ + const char *p = com_right(context->et_list, code); + if(p == NULL) + p = strerror(code); + return p; +} + +void +krb5_init_ets(krb5_context context) +{ + if(context->et_list == NULL){ + initialize_krb5_error_table_r(&context->et_list); + initialize_asn1_error_table_r(&context->et_list); + initialize_heim_error_table_r(&context->et_list); + } +} + +void +krb5_set_use_admin_kdc (krb5_context context, krb5_boolean flag) +{ + context->use_admin_kdc = flag; +} + +krb5_boolean +krb5_get_use_admin_kdc (krb5_context context) +{ + return context->use_admin_kdc; +} + +krb5_error_code +krb5_add_extra_addresses(krb5_context context, krb5_addresses *addresses) +{ + + if(context->extra_addresses) + return krb5_append_addresses(context, + context->extra_addresses, addresses); + else + return krb5_set_extra_addresses(context, addresses); +} + +krb5_error_code +krb5_set_extra_addresses(krb5_context context, krb5_addresses *addresses) +{ + if(context->extra_addresses) { + krb5_free_addresses(context, context->extra_addresses); + free(context->extra_addresses); + } + if(context->extra_addresses == NULL) { + context->extra_addresses = malloc(sizeof(*context->extra_addresses)); + if(context->extra_addresses == NULL) + return ENOMEM; + } + return copy_HostAddresses(addresses, context->extra_addresses); +} + +krb5_error_code +krb5_get_extra_addresses(krb5_context context, krb5_addresses *addresses) +{ + if(context->extra_addresses == NULL) { + memset(addresses, 0, sizeof(*addresses)); + return 0; + } + return copy_HostAddresses(context->extra_addresses, addresses); +} + +krb5_error_code +krb5_set_fcache_version(krb5_context context, int version) +{ + context->fcache_vno = version; + return 0; +} + +krb5_error_code +krb5_get_fcache_version(krb5_context context, int *version) +{ + *version = context->fcache_vno; + return 0; +} diff --git a/crypto/heimdal/lib/krb5/convert_creds.c b/crypto/heimdal/lib/krb5/convert_creds.c new file mode 100644 index 0000000..24dea0b --- /dev/null +++ b/crypto/heimdal/lib/krb5/convert_creds.c @@ -0,0 +1,215 @@ +/* + * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" +RCSID("$Id: convert_creds.c,v 1.13 1999/12/02 17:05:08 joda Exp $"); + +static krb5_error_code +check_ticket_flags(TicketFlags f) +{ + return 0; /* maybe add some more tests here? */ +} + +/* include this here, to avoid dependencies on libkrb */ + +#define MAX_KTXT_LEN 1250 + +#define ANAME_SZ 40 +#define REALM_SZ 40 +#define SNAME_SZ 40 +#define INST_SZ 40 + +struct ktext { + unsigned int length; /* Length of the text */ + unsigned char dat[MAX_KTXT_LEN]; /* The data itself */ + u_int32_t mbz; /* zero to catch runaway strings */ +}; + +struct credentials { + char service[ANAME_SZ]; /* Service name */ + char instance[INST_SZ]; /* Instance */ + char realm[REALM_SZ]; /* Auth domain */ + des_cblock session; /* Session key */ + int lifetime; /* Lifetime */ + int kvno; /* Key version number */ + struct ktext ticket_st; /* The ticket itself */ + int32_t issue_date; /* The issue time */ + char pname[ANAME_SZ]; /* Principal's name */ + char pinst[INST_SZ]; /* Principal's instance */ +}; + + +#define TKTLIFENUMFIXED 64 +#define TKTLIFEMINFIXED 0x80 +#define TKTLIFEMAXFIXED 0xBF +#define TKTLIFENOEXPIRE 0xFF +#define MAXTKTLIFETIME (30*24*3600) /* 30 days */ +#ifndef NEVERDATE +#define NEVERDATE ((time_t)0x7fffffffL) +#endif + +static const int _tkt_lifetimes[TKTLIFENUMFIXED] = { + 38400, 41055, 43894, 46929, 50174, 53643, 57352, 61318, + 65558, 70091, 74937, 80119, 85658, 91581, 97914, 104684, + 111922, 119661, 127935, 136781, 146239, 156350, 167161, 178720, + 191077, 204289, 218415, 233517, 249664, 266926, 285383, 305116, + 326213, 348769, 372885, 398668, 426234, 455705, 487215, 520904, + 556921, 595430, 636601, 680618, 727680, 777995, 831789, 889303, + 950794, 1016537, 1086825, 1161973, 1242318, 1328218, 1420057, 1518247, + 1623226, 1735464, 1855462, 1983758, 2120925, 2267576, 2424367, 2592000 +}; + +static int +_krb_time_to_life(time_t start, time_t end) +{ + int i; + time_t life = end - start; + + if (life > MAXTKTLIFETIME || life <= 0) + return 0; +#if 0 + if (krb_no_long_lifetimes) + return (life + 5*60 - 1)/(5*60); +#endif + + if (end >= NEVERDATE) + return TKTLIFENOEXPIRE; + if (life < _tkt_lifetimes[0]) + return (life + 5*60 - 1)/(5*60); + for (i=0; i<TKTLIFENUMFIXED; i++) + if (life <= _tkt_lifetimes[i]) + return i + TKTLIFEMINFIXED; + return 0; + +} + +/* Convert the v5 credentials in `in_cred' to v4-dito in `v4creds'. + * This is done by sending them to the 524 function in the KDC. If + * `in_cred' doesn't contain a DES session key, then a new one is + * gotten from the KDC and stored in the cred cache `ccache'. + */ + +krb5_error_code +krb524_convert_creds_kdc(krb5_context context, + krb5_ccache ccache, + krb5_creds *in_cred, + struct credentials *v4creds) +{ + krb5_error_code ret; + krb5_data reply; + krb5_storage *sp; + int32_t tmp; + krb5_data ticket; + char realm[REALM_SZ]; + krb5_creds *v5_creds = in_cred; + krb5_keytype keytype; + + ret = krb5_enctype_to_keytype (context, v5_creds->session.keytype, + &keytype); + if (ret) + return ret; + + if (keytype != KEYTYPE_DES) { + krb5_creds template; + + memset (&template, 0, sizeof(template)); + template.session.keytype = KEYTYPE_DES; + ret = krb5_copy_principal (context, in_cred->client, &template.client); + if (ret) { + krb5_free_creds_contents (context, &template); + return ret; + } + ret = krb5_copy_principal (context, in_cred->server, &template.server); + if (ret) { + krb5_free_creds_contents (context, &template); + return ret; + } + + ret = krb5_get_credentials (context, 0, ccache, + &template, &v5_creds); + krb5_free_creds_contents (context, &template); + if (ret) + return ret; + } + + ret = check_ticket_flags(v5_creds->flags.b); + if(ret) + goto out2; + + ret = krb5_sendto_kdc (context, + &v5_creds->ticket, + krb5_princ_realm(context, v5_creds->server), + &reply); + if (ret) + goto out2; + sp = krb5_storage_from_mem(reply.data, reply.length); + if(sp == NULL) { + ret = ENOMEM; + goto out2; + } + krb5_ret_int32(sp, &tmp); + ret = tmp; + if(ret == 0) { + memset(v4creds, 0, sizeof(*v4creds)); + ret = krb5_ret_int32(sp, &tmp); + if(ret) goto out; + v4creds->kvno = tmp; + ret = krb5_ret_data(sp, &ticket); + if(ret) goto out; + v4creds->ticket_st.length = ticket.length; + memcpy(v4creds->ticket_st.dat, ticket.data, ticket.length); + krb5_data_free(&ticket); + ret = krb5_524_conv_principal(context, + v5_creds->server, + v4creds->service, + v4creds->instance, + v4creds->realm); + if(ret) goto out; + v4creds->issue_date = v5_creds->times.authtime; + v4creds->lifetime = _krb_time_to_life(v4creds->issue_date, + v5_creds->times.endtime); + ret = krb5_524_conv_principal(context, v5_creds->client, + v4creds->pname, + v4creds->pinst, + realm); + if(ret) goto out; + memcpy(v4creds->session, v5_creds->session.keyvalue.data, 8); + } +out: + krb5_storage_free(sp); + krb5_data_free(&reply); +out2: + if (v5_creds != in_cred) + krb5_free_creds (context, v5_creds); + return ret; +} diff --git a/crypto/heimdal/lib/krb5/copy_host_realm.c b/crypto/heimdal/lib/krb5/copy_host_realm.c new file mode 100644 index 0000000..4a8f3ec --- /dev/null +++ b/crypto/heimdal/lib/krb5/copy_host_realm.c @@ -0,0 +1,66 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: copy_host_realm.c,v 1.3 1999/12/02 17:05:08 joda Exp $"); + +/* + * Copy the list of realms from `from' to `to'. + */ + +krb5_error_code +krb5_copy_host_realm(krb5_context context, + const krb5_realm *from, + krb5_realm **to) +{ + int n, i; + const krb5_realm *p; + + for (n = 0, p = from; *p != NULL; ++p) + ++n; + ++n; + *to = malloc (n * sizeof(**to)); + if (*to == NULL) + return ENOMEM; + for (i = 0; i < n; ++i) + (*to)[i] = NULL; + for (i = 0, p = from; *p != NULL; ++p, ++i) { + (*to)[i] = strdup(*p); + if ((*to)[i] == NULL) { + krb5_free_host_realm (context, *to); + return ENOMEM; + } + } + return 0; +} diff --git a/crypto/heimdal/lib/krb5/crc.c b/crypto/heimdal/lib/krb5/crc.c new file mode 100644 index 0000000..2f9ef95 --- /dev/null +++ b/crypto/heimdal/lib/krb5/crc.c @@ -0,0 +1,71 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: crc.c,v 1.8 1999/12/02 17:05:08 joda Exp $"); + +static u_long table[256]; + +#define CRC_GEN 0xEDB88320L + +void +_krb5_crc_init_table(void) +{ + static int flag = 0; + unsigned long crc, poly; + int i, j; + + if(flag) return; + poly = CRC_GEN; + for (i = 0; i < 256; i++) { + crc = i; + for (j = 8; j > 0; j--) { + if (crc & 1) { + crc = (crc >> 1) ^ poly; + } else { + crc >>= 1; + } + } + table[i] = crc; + } + flag = 1; +} + +u_int32_t +_krb5_crc_update (char *p, size_t len, u_int32_t res) +{ + while (len--) + res = table[(res ^ *p++) & 0xFF] ^ (res >> 8); + return res & 0xFFFFFFFF; +} diff --git a/crypto/heimdal/lib/krb5/creds.c b/crypto/heimdal/lib/krb5/creds.c new file mode 100644 index 0000000..7051168 --- /dev/null +++ b/crypto/heimdal/lib/krb5/creds.c @@ -0,0 +1,149 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: creds.c,v 1.14 1999/12/02 17:05:08 joda Exp $"); + +krb5_error_code +krb5_free_cred_contents (krb5_context context, krb5_creds *c) +{ + return krb5_free_creds_contents (context, c); +} + +krb5_error_code +krb5_free_creds_contents (krb5_context context, krb5_creds *c) +{ + krb5_free_principal (context, c->client); + c->client = NULL; + krb5_free_principal (context, c->server); + c->server = NULL; + krb5_free_keyblock_contents (context, &c->session); + krb5_data_free (&c->ticket); + krb5_data_free (&c->second_ticket); + free_AuthorizationData (&c->authdata); + krb5_free_addresses (context, &c->addresses); + return 0; +} + +krb5_error_code +krb5_copy_creds_contents (krb5_context context, + const krb5_creds *incred, + krb5_creds *c) +{ + krb5_error_code ret; + + memset(c, 0, sizeof(*c)); + ret = krb5_copy_principal (context, incred->client, &c->client); + if (ret) + goto fail; + ret = krb5_copy_principal (context, incred->server, &c->server); + if (ret) + goto fail; + ret = krb5_copy_keyblock_contents (context, &incred->session, &c->session); + if (ret) + goto fail; + c->times = incred->times; + ret = krb5_data_copy (&c->ticket, + incred->ticket.data, + incred->ticket.length); + if (ret) + goto fail; + ret = krb5_data_copy (&c->second_ticket, + incred->second_ticket.data, + incred->second_ticket.length); + if (ret) + goto fail; + ret = copy_AuthorizationData(&incred->authdata, &c->authdata); + if (ret) + goto fail; + ret = krb5_copy_addresses (context, + &incred->addresses, + &c->addresses); + if (ret) + goto fail; + c->flags = incred->flags; + return 0; + +fail: + krb5_free_creds_contents (context, c); + return ret; +} + +krb5_error_code +krb5_copy_creds (krb5_context context, + const krb5_creds *incred, + krb5_creds **outcred) +{ + krb5_creds *c; + + c = malloc (sizeof (*c)); + if (c == NULL) + return ENOMEM; + memset (c, 0, sizeof(*c)); + *outcred = c; + return krb5_copy_creds_contents (context, incred, c); +} + +krb5_error_code +krb5_free_creds (krb5_context context, krb5_creds *c) +{ + krb5_free_creds_contents (context, c); + free (c); + return 0; +} + +/* + * Return TRUE if `mcreds' and `creds' are equal (`whichfields' + * determines what equal means). + */ + +krb5_boolean +krb5_compare_creds(krb5_context context, krb5_flags whichfields, + const krb5_creds *mcreds, const krb5_creds *creds) +{ + krb5_boolean match; + + if(whichfields & KRB5_TC_DONT_MATCH_REALM) + match = krb5_principal_compare_any_realm(context, + mcreds->server, + creds->server); + else + match = krb5_principal_compare(context, mcreds->server, creds->server); + if(match && (whichfields & KRB5_TC_MATCH_KEYTYPE) && + !krb5_enctypes_compatible_keys (context, + mcreds->session.keytype, + creds->session.keytype)) + match = FALSE; + return match; +} diff --git a/crypto/heimdal/lib/krb5/crypto.c b/crypto/heimdal/lib/krb5/crypto.c new file mode 100644 index 0000000..b6db6ce --- /dev/null +++ b/crypto/heimdal/lib/krb5/crypto.c @@ -0,0 +1,2314 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" +RCSID("$Id: crypto.c,v 1.28 2000/01/06 20:21:13 assar Exp $"); + +#undef CRYPTO_DEBUG +#ifdef CRYPTO_DEBUG +static void krb5_crypto_debug(krb5_context, int, size_t, krb5_keyblock*); +#endif + + +struct key_data { + krb5_keyblock *key; + krb5_data *schedule; +}; + +struct key_usage { + unsigned usage; + struct key_data key; +}; + +struct krb5_crypto_data { + struct encryption_type *et; + struct key_data key; + int num_key_usage; + struct key_usage *key_usage; +}; + +#define CRYPTO_ETYPE(C) ((C)->et->type) + +/* bits for `flags' below */ +#define F_KEYED 1 /* checksum is keyed */ +#define F_CPROOF 2 /* checksum is collision proof */ +#define F_DERIVED 4 /* uses derived keys */ +#define F_VARIANT 8 /* uses `variant' keys (6.4.3) */ +#define F_PSEUDO 16 /* not a real protocol type */ + +struct salt_type { + krb5_salttype type; + const char *name; + krb5_error_code (*string_to_key)(krb5_context, krb5_enctype, krb5_data, + krb5_salt, krb5_keyblock*); +}; + +struct key_type { + krb5_keytype type; /* XXX */ + const char *name; + size_t bits; + size_t size; + size_t schedule_size; +#if 0 + krb5_enctype best_etype; +#endif + void (*random_key)(krb5_context, krb5_keyblock*); + void (*schedule)(krb5_context, struct key_data *); + struct salt_type *string_to_key; +}; + +struct checksum_type { + krb5_cksumtype type; + const char *name; + size_t blocksize; + size_t checksumsize; + unsigned flags; + void (*checksum)(krb5_context, struct key_data*, void*, size_t, Checksum*); + krb5_error_code (*verify)(krb5_context, struct key_data*, + void*, size_t, Checksum*); +}; + +struct encryption_type { + krb5_enctype type; + const char *name; + size_t blocksize; + size_t confoundersize; + struct key_type *keytype; + struct checksum_type *cksumtype; + struct checksum_type *keyed_checksum; + unsigned flags; + void (*encrypt)(struct key_data *, void *, size_t, int); +}; + +#define ENCRYPTION_USAGE(U) (((U) << 8) | 0xAA) +#define INTEGRITY_USAGE(U) (((U) << 8) | 0x55) +#define CHECKSUM_USAGE(U) (((U) << 8) | 0x99) + +static struct checksum_type *_find_checksum(krb5_cksumtype type); +static struct encryption_type *_find_enctype(krb5_enctype type); +static struct key_type *_find_keytype(krb5_keytype type); +static krb5_error_code _get_derived_key(krb5_context, krb5_crypto, + unsigned, struct key_data**); +static struct key_data *_new_derived_key(krb5_crypto crypto, unsigned usage); + +/************************************************************ + * * + ************************************************************/ + +static void +DES_random_key(krb5_context context, + krb5_keyblock *key) +{ + des_cblock *k = key->keyvalue.data; + do { + krb5_generate_random_block(k, sizeof(des_cblock)); + des_set_odd_parity(k); + } while(des_is_weak_key(k)); +} + +static void +DES_schedule(krb5_context context, + struct key_data *key) +{ + des_set_key(key->key->keyvalue.data, key->schedule->data); +} + +static krb5_error_code +DES_string_to_key(krb5_context context, + krb5_enctype enctype, + krb5_data password, + krb5_salt salt, + krb5_keyblock *key) +{ + char *s; + size_t len; + des_cblock tmp; + + len = password.length + salt.saltvalue.length + 1; + s = malloc(len); + if(s == NULL) + return ENOMEM; + memcpy(s, password.data, password.length); + memcpy(s + password.length, salt.saltvalue.data, salt.saltvalue.length); + s[len - 1] = '\0'; + des_string_to_key(s, &tmp); + key->keytype = enctype; + krb5_data_copy(&key->keyvalue, tmp, sizeof(tmp)); + memset(&tmp, 0, sizeof(tmp)); + memset(s, 0, len); + free(s); + return 0; +} + +/* This defines the Andrew string_to_key function. It accepts a password + * string as input and converts its via a one-way encryption algorithm to a DES + * encryption key. It is compatible with the original Andrew authentication + * service password database. + */ + +/* + * Short passwords, i.e 8 characters or less. + */ +static void +DES_AFS3_CMU_string_to_key (krb5_data pw, + krb5_data cell, + des_cblock *key) +{ + char password[8+1]; /* crypt is limited to 8 chars anyway */ + int i; + + for(i = 0; i < 8; i++) { + char c = ((i < pw.length) ? ((char*)pw.data)[i] : 0) ^ + ((i < cell.length) ? ((char*)cell.data)[i] : 0); + password[i] = c ? c : 'X'; + } + password[8] = '\0'; + + memcpy(key, crypt(password, "#~") + 2, sizeof(des_cblock)); + + /* parity is inserted into the LSB so left shift each byte up one + bit. This allows ascii characters with a zero MSB to retain as + much significance as possible. */ + for (i = 0; i < sizeof(des_cblock); i++) + ((unsigned char*)key)[i] <<= 1; + des_set_odd_parity (key); +} + +/* + * Long passwords, i.e 9 characters or more. + */ +static void +DES_AFS3_Transarc_string_to_key (krb5_data pw, + krb5_data cell, + des_cblock *key) +{ + des_key_schedule schedule; + des_cblock temp_key; + des_cblock ivec; + char password[512]; + size_t passlen; + + memcpy(password, pw.data, min(pw.length, sizeof(password))); + if(pw.length < sizeof(password)) + memcpy(password + pw.length, + cell.data, min(cell.length, + sizeof(password) - pw.length)); + passlen = min(sizeof(password), pw.length + cell.length); + memcpy(&ivec, "kerberos", 8); + memcpy(&temp_key, "kerberos", 8); + des_set_odd_parity (&temp_key); + des_set_key (&temp_key, schedule); + des_cbc_cksum ((des_cblock *)password, &ivec, passlen, schedule, &ivec); + + memcpy(&temp_key, &ivec, 8); + des_set_odd_parity (&temp_key); + des_set_key (&temp_key, schedule); + des_cbc_cksum ((des_cblock *)password, key, passlen, schedule, &ivec); + memset(&schedule, 0, sizeof(schedule)); + memset(&temp_key, 0, sizeof(temp_key)); + memset(&ivec, 0, sizeof(ivec)); + memset(password, 0, sizeof(password)); + + des_set_odd_parity (key); +} + +static krb5_error_code +DES_AFS3_string_to_key(krb5_context context, + krb5_enctype enctype, + krb5_data password, + krb5_salt salt, + krb5_keyblock *key) +{ + des_cblock tmp; + if(password.length > 8) + DES_AFS3_Transarc_string_to_key(password, salt.saltvalue, &tmp); + else + DES_AFS3_CMU_string_to_key(password, salt.saltvalue, &tmp); + key->keytype = enctype; + krb5_data_copy(&key->keyvalue, tmp, sizeof(tmp)); + memset(&key, 0, sizeof(key)); + return 0; +} + +static void +DES3_random_key(krb5_context context, + krb5_keyblock *key) +{ + des_cblock *k = key->keyvalue.data; + do { + krb5_generate_random_block(k, 3 * sizeof(des_cblock)); + des_set_odd_parity(&k[0]); + des_set_odd_parity(&k[1]); + des_set_odd_parity(&k[2]); + } while(des_is_weak_key(&k[0]) || + des_is_weak_key(&k[1]) || + des_is_weak_key(&k[2])); +} + +static void +DES3_schedule(krb5_context context, + struct key_data *key) +{ + des_cblock *k = key->key->keyvalue.data; + des_key_schedule *s = key->schedule->data; + des_set_key(&k[0], s[0]); + des_set_key(&k[1], s[1]); + des_set_key(&k[2], s[2]); +} + +/* + * A = A xor B. A & B are 8 bytes. + */ + +static void +xor (des_cblock *key, const unsigned char *b) +{ + unsigned char *a = (unsigned char*)key; + a[0] ^= b[0]; + a[1] ^= b[1]; + a[2] ^= b[2]; + a[3] ^= b[3]; + a[4] ^= b[4]; + a[5] ^= b[5]; + a[6] ^= b[6]; + a[7] ^= b[7]; +} + +static krb5_error_code +DES3_string_to_key(krb5_context context, + krb5_enctype enctype, + krb5_data password, + krb5_salt salt, + krb5_keyblock *key) +{ + char *str; + size_t len; + unsigned char tmp[24]; + des_cblock keys[3]; + + len = password.length + salt.saltvalue.length; + str = malloc(len); + if(len != 0 && str == NULL) + return ENOMEM; + memcpy(str, password.data, password.length); + memcpy(str + password.length, salt.saltvalue.data, salt.saltvalue.length); + { + des_cblock ivec; + des_key_schedule s[3]; + int i; + + _krb5_n_fold(str, len, tmp, 24); + + for(i = 0; i < 3; i++){ + memcpy(keys + i, tmp + i * 8, sizeof(keys[i])); + des_set_odd_parity(keys + i); + if(des_is_weak_key(keys + i)) + xor(keys + i, (unsigned char*)"\0\0\0\0\0\0\0\xf0"); + des_set_key(keys + i, s[i]); + } + memset(&ivec, 0, sizeof(ivec)); + des_ede3_cbc_encrypt((void*)tmp, (void*)tmp, sizeof(tmp), + s[0], s[1], s[2], &ivec, DES_ENCRYPT); + memset(s, 0, sizeof(s)); + memset(&ivec, 0, sizeof(ivec)); + for(i = 0; i < 3; i++){ + memcpy(keys + i, tmp + i * 8, sizeof(keys[i])); + des_set_odd_parity(keys + i); + if(des_is_weak_key(keys + i)) + xor(keys + i, (unsigned char*)"\0\0\0\0\0\0\0\xf0"); + } + memset(tmp, 0, sizeof(tmp)); + } + key->keytype = enctype; + krb5_data_copy(&key->keyvalue, keys, sizeof(keys)); + memset(keys, 0, sizeof(keys)); + memset(str, 0, len); + free(str); + return 0; +} + +static krb5_error_code +DES3_string_to_key_derived(krb5_context context, + krb5_enctype enctype, + krb5_data password, + krb5_salt salt, + krb5_keyblock *key) +{ + krb5_error_code ret; + size_t len = password.length + salt.saltvalue.length; + char *s; + + s = malloc(len); + if(len != 0 && s == NULL) + return ENOMEM; + memcpy(s, password.data, password.length); + memcpy(s + password.length, salt.saltvalue.data, salt.saltvalue.length); + ret = krb5_string_to_key_derived(context, + s, + len, + enctype, + key); + memset(s, 0, len); + free(s); + return ret; +} + +/* + * ARCFOUR + */ + +static void +ARCFOUR_random_key(krb5_context context, krb5_keyblock *key) +{ + krb5_generate_random_block (key->keyvalue.data, + key->keyvalue.length); +} + +static void +ARCFOUR_schedule(krb5_context context, struct key_data *kd) +{ + RC4_set_key (kd->schedule->data, + kd->key->keyvalue.length, kd->key->keyvalue.data); +} + +static krb5_error_code +ARCFOUR_string_to_key(krb5_context context, + krb5_enctype enctype, + krb5_data password, + krb5_salt salt, + krb5_keyblock *key) +{ + char *s, *p; + size_t len; + int i; + struct md4 m; + + len = 2 * (password.length + salt.saltvalue.length); + s = malloc (len); + if (len != 0 && s == NULL) + return ENOMEM; + for (p = s, i = 0; i < password.length; ++i) { + *p++ = ((char *)password.data)[i]; + *p++ = 0; + } + for (i = 0; i < salt.saltvalue.length; ++i) { + *p++ = ((char *)salt.saltvalue.data)[i]; + *p++ = 0; + } + md4_init(&m); + md4_update(&m, s, len); + key->keytype = enctype; + krb5_data_alloc (&key->keyvalue, 16); + md4_finito(&m, key->keyvalue.data); + memset (s, 0, len); + free (s); + return 0; +} + +extern struct salt_type des_salt[], + des3_salt[], des3_salt_derived[], arcfour_salt[]; + +struct key_type keytype_null = { + KEYTYPE_NULL, + "null", + 0, + 0, + 0, + NULL, + NULL, + NULL +}; + +struct key_type keytype_des = { + KEYTYPE_DES, + "des", + 56, + sizeof(des_cblock), + sizeof(des_key_schedule), + DES_random_key, + DES_schedule, + des_salt +}; + +struct key_type keytype_des3 = { + KEYTYPE_DES3, + "des3", + 168, + 3 * sizeof(des_cblock), + 3 * sizeof(des_key_schedule), + DES3_random_key, + DES3_schedule, + des3_salt +}; + +struct key_type keytype_des3_derived = { + KEYTYPE_DES3, + "des3", + 168, + 3 * sizeof(des_cblock), + 3 * sizeof(des_key_schedule), + DES3_random_key, + DES3_schedule, + des3_salt_derived +}; + +struct key_type keytype_arcfour = { + KEYTYPE_ARCFOUR, + "arcfour", + 128, + 16, + sizeof(RC4_KEY), + ARCFOUR_random_key, + ARCFOUR_schedule, + arcfour_salt +}; + +struct key_type *keytypes[] = { + &keytype_null, + &keytype_des, + &keytype_des3_derived, + &keytype_des3, + &keytype_arcfour +}; + +static int num_keytypes = sizeof(keytypes) / sizeof(keytypes[0]); + +static struct key_type * +_find_keytype(krb5_keytype type) +{ + int i; + for(i = 0; i < num_keytypes; i++) + if(keytypes[i]->type == type) + return keytypes[i]; + return NULL; +} + + +struct salt_type des_salt[] = { + { + KRB5_PW_SALT, + "pw-salt", + DES_string_to_key + }, + { + KRB5_AFS3_SALT, + "afs3-salt", + DES_AFS3_string_to_key + }, + { 0 } +}; + +struct salt_type des3_salt[] = { + { + KRB5_PW_SALT, + "pw-salt", + DES3_string_to_key + }, + { 0 } +}; + +struct salt_type des3_salt_derived[] = { + { + KRB5_PW_SALT, + "pw-salt", + DES3_string_to_key_derived + }, + { 0 } +}; + +struct salt_type arcfour_salt[] = { + { + KRB5_PW_SALT, + "pw-salt", + ARCFOUR_string_to_key + }, + { 0 } +}; + +krb5_error_code +krb5_salttype_to_string (krb5_context context, + krb5_enctype etype, + krb5_salttype stype, + char **string) +{ + struct encryption_type *e; + struct salt_type *st; + + e = _find_enctype (etype); + if (e == NULL) + return KRB5_PROG_ETYPE_NOSUPP; + for (st = e->keytype->string_to_key; st && st->type; st++) { + if (st->type == stype) { + *string = strdup (st->name); + if (*string == NULL) + return ENOMEM; + return 0; + } + } + return HEIM_ERR_SALTTYPE_NOSUPP; +} + +krb5_error_code +krb5_string_to_salttype (krb5_context context, + krb5_enctype etype, + const char *string, + krb5_salttype *salttype) +{ + struct encryption_type *e; + struct salt_type *st; + + e = _find_enctype (etype); + if (e == NULL) + return KRB5_PROG_ETYPE_NOSUPP; + for (st = e->keytype->string_to_key; st && st->type; st++) { + if (strcasecmp (st->name, string) == 0) { + *salttype = st->type; + return 0; + } + } + return HEIM_ERR_SALTTYPE_NOSUPP; +} + +krb5_error_code +krb5_get_pw_salt(krb5_context context, + krb5_const_principal principal, + krb5_salt *salt) +{ + size_t len; + int i; + krb5_error_code ret; + char *p; + + salt->salttype = KRB5_PW_SALT; + len = strlen(principal->realm); + for (i = 0; i < principal->name.name_string.len; ++i) + len += strlen(principal->name.name_string.val[i]); + ret = krb5_data_alloc (&salt->saltvalue, len); + if (ret) + return ret; + p = salt->saltvalue.data; + memcpy (p, principal->realm, strlen(principal->realm)); + p += strlen(principal->realm); + for (i = 0; i < principal->name.name_string.len; ++i) { + memcpy (p, + principal->name.name_string.val[i], + strlen(principal->name.name_string.val[i])); + p += strlen(principal->name.name_string.val[i]); + } + return 0; +} + +krb5_error_code +krb5_free_salt(krb5_context context, + krb5_salt salt) +{ + krb5_data_free(&salt.saltvalue); + return 0; +} + +krb5_error_code +krb5_string_to_key_data (krb5_context context, + krb5_enctype enctype, + krb5_data password, + krb5_principal principal, + krb5_keyblock *key) +{ + krb5_error_code ret; + krb5_salt salt; + + ret = krb5_get_pw_salt(context, principal, &salt); + if(ret) + return ret; + ret = krb5_string_to_key_data_salt(context, enctype, password, salt, key); + krb5_free_salt(context, salt); + return ret; +} + +krb5_error_code +krb5_string_to_key (krb5_context context, + krb5_enctype enctype, + const char *password, + krb5_principal principal, + krb5_keyblock *key) +{ + krb5_data pw; + pw.data = (void*)password; + pw.length = strlen(password); + return krb5_string_to_key_data(context, enctype, pw, principal, key); +} + +krb5_error_code +krb5_string_to_key_data_salt (krb5_context context, + krb5_enctype enctype, + krb5_data password, + krb5_salt salt, + krb5_keyblock *key) +{ + struct encryption_type *et =_find_enctype(enctype); + struct salt_type *st; + if(et == NULL) + return KRB5_PROG_ETYPE_NOSUPP; + for(st = et->keytype->string_to_key; st && st->type; st++) + if(st->type == salt.salttype) + return (*st->string_to_key)(context, enctype, password, salt, key); + return HEIM_ERR_SALTTYPE_NOSUPP; +} + +krb5_error_code +krb5_string_to_key_salt (krb5_context context, + krb5_enctype enctype, + const char *password, + krb5_salt salt, + krb5_keyblock *key) +{ + krb5_data pw; + pw.data = (void*)password; + pw.length = strlen(password); + return krb5_string_to_key_data_salt(context, enctype, pw, salt, key); +} + +krb5_error_code +krb5_keytype_to_string(krb5_context context, + krb5_keytype keytype, + char **string) +{ + struct key_type *kt = _find_keytype(keytype); + if(kt == NULL) + return KRB5_PROG_KEYTYPE_NOSUPP; + *string = strdup(kt->name); + if(*string == NULL) + return ENOMEM; + return 0; +} + +krb5_error_code +krb5_string_to_keytype(krb5_context context, + const char *string, + krb5_keytype *keytype) +{ + int i; + for(i = 0; i < num_keytypes; i++) + if(strcasecmp(keytypes[i]->name, string) == 0){ + *keytype = keytypes[i]->type; + return 0; + } + return KRB5_PROG_KEYTYPE_NOSUPP; +} + +krb5_error_code +krb5_generate_random_keyblock(krb5_context context, + krb5_enctype type, + krb5_keyblock *key) +{ + krb5_error_code ret; + struct encryption_type *et = _find_enctype(type); + if(et == NULL) + return KRB5_PROG_ETYPE_NOSUPP; + ret = krb5_data_alloc(&key->keyvalue, et->keytype->size); + if(ret) + return ret; + key->keytype = type; + if(et->keytype->random_key) + (*et->keytype->random_key)(context, key); + else + krb5_generate_random_block(key->keyvalue.data, + key->keyvalue.length); + return 0; +} + +static krb5_error_code +_key_schedule(krb5_context context, + struct key_data *key) +{ + krb5_error_code ret; + struct encryption_type *et = _find_enctype(key->key->keytype); + struct key_type *kt = et->keytype; + + if(kt->schedule == NULL) + return 0; + ALLOC(key->schedule, 1); + if(key->schedule == NULL) + return ENOMEM; + ret = krb5_data_alloc(key->schedule, kt->schedule_size); + if(ret) { + free(key->schedule); + key->schedule = NULL; + return ret; + } + (*kt->schedule)(context, key); + return 0; +} + +/************************************************************ + * * + ************************************************************/ + +static void +NONE_checksum(krb5_context context, + struct key_data *key, + void *data, + size_t len, + Checksum *C) +{ +} + +static void +CRC32_checksum(krb5_context context, + struct key_data *key, + void *data, + size_t len, + Checksum *C) +{ + u_int32_t crc; + unsigned char *r = C->checksum.data; + _krb5_crc_init_table (); + crc = _krb5_crc_update (data, len, 0); + r[0] = crc & 0xff; + r[1] = (crc >> 8) & 0xff; + r[2] = (crc >> 16) & 0xff; + r[3] = (crc >> 24) & 0xff; +} + +static void +RSA_MD4_checksum(krb5_context context, + struct key_data *key, + void *data, + size_t len, + Checksum *C) +{ + struct md4 m; + md4_init(&m); + md4_update(&m, data, len); + md4_finito(&m, C->checksum.data); +} + +static void +RSA_MD4_DES_checksum(krb5_context context, + struct key_data *key, + void *data, + size_t len, + Checksum *cksum) +{ + struct md4 md4; + des_cblock ivec; + unsigned char *p = cksum->checksum.data; + + krb5_generate_random_block(p, 8); + md4_init(&md4); + md4_update(&md4, p, 8); + md4_update(&md4, data, len); + md4_finito(&md4, p + 8); + memset (&ivec, 0, sizeof(ivec)); + des_cbc_encrypt((des_cblock*)p, + (des_cblock*)p, + 24, + key->schedule->data, + &ivec, + DES_ENCRYPT); +} + +static krb5_error_code +RSA_MD4_DES_verify(krb5_context context, + struct key_data *key, + void *data, + size_t len, + Checksum *C) +{ + struct md4 md4; + unsigned char tmp[24]; + unsigned char res[16]; + des_cblock ivec; + krb5_error_code ret = 0; + + memset(&ivec, 0, sizeof(ivec)); + des_cbc_encrypt(C->checksum.data, + (void*)tmp, + C->checksum.length, + key->schedule->data, + &ivec, + DES_DECRYPT); + md4_init(&md4); + md4_update(&md4, tmp, 8); /* confounder */ + md4_update(&md4, data, len); + md4_finito(&md4, res); + if(memcmp(res, tmp + 8, sizeof(res)) != 0) + ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; + memset(tmp, 0, sizeof(tmp)); + memset(res, 0, sizeof(res)); + return ret; +} + +static void +RSA_MD5_checksum(krb5_context context, + struct key_data *key, + void *data, + size_t len, + Checksum *C) +{ + struct md5 m; + md5_init(&m); + md5_update(&m, data, len); + md5_finito(&m, C->checksum.data); +} + +static void +RSA_MD5_DES_checksum(krb5_context context, + struct key_data *key, + void *data, + size_t len, + Checksum *C) +{ + struct md5 md5; + des_cblock ivec; + unsigned char *p = C->checksum.data; + + krb5_generate_random_block(p, 8); + md5_init(&md5); + md5_update(&md5, p, 8); + md5_update(&md5, data, len); + md5_finito(&md5, p + 8); + memset (&ivec, 0, sizeof(ivec)); + des_cbc_encrypt((des_cblock*)p, + (des_cblock*)p, + 24, + key->schedule->data, + &ivec, + DES_ENCRYPT); +} + +static krb5_error_code +RSA_MD5_DES_verify(krb5_context context, + struct key_data *key, + void *data, + size_t len, + Checksum *C) +{ + struct md5 md5; + unsigned char tmp[24]; + unsigned char res[16]; + des_cblock ivec; + des_key_schedule *sched = key->schedule->data; + krb5_error_code ret = 0; + + memset(&ivec, 0, sizeof(ivec)); + des_cbc_encrypt(C->checksum.data, + (void*)tmp, + C->checksum.length, + sched[0], + &ivec, + DES_DECRYPT); + md5_init(&md5); + md5_update(&md5, tmp, 8); /* confounder */ + md5_update(&md5, data, len); + md5_finito(&md5, res); + if(memcmp(res, tmp + 8, sizeof(res)) != 0) + ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; + memset(tmp, 0, sizeof(tmp)); + memset(res, 0, sizeof(res)); + return ret; +} + +static void +RSA_MD5_DES3_checksum(krb5_context context, + struct key_data *key, + void *data, + size_t len, + Checksum *C) +{ + struct md5 md5; + des_cblock ivec; + unsigned char *p = C->checksum.data; + des_key_schedule *sched = key->schedule->data; + + krb5_generate_random_block(p, 8); + md5_init(&md5); + md5_update(&md5, p, 8); + md5_update(&md5, data, len); + md5_finito(&md5, p + 8); + memset (&ivec, 0, sizeof(ivec)); + des_ede3_cbc_encrypt((des_cblock*)p, + (des_cblock*)p, + 24, + sched[0], sched[1], sched[2], + &ivec, + DES_ENCRYPT); +} + +static krb5_error_code +RSA_MD5_DES3_verify(krb5_context context, + struct key_data *key, + void *data, + size_t len, + Checksum *C) +{ + struct md5 md5; + unsigned char tmp[24]; + unsigned char res[16]; + des_cblock ivec; + des_key_schedule *sched = key->schedule->data; + krb5_error_code ret = 0; + + memset(&ivec, 0, sizeof(ivec)); + des_ede3_cbc_encrypt(C->checksum.data, + (void*)tmp, + C->checksum.length, + sched[0], sched[1], sched[2], + &ivec, + DES_DECRYPT); + md5_init(&md5); + md5_update(&md5, tmp, 8); /* confounder */ + md5_update(&md5, data, len); + md5_finito(&md5, res); + if(memcmp(res, tmp + 8, sizeof(res)) != 0) + ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; + memset(tmp, 0, sizeof(tmp)); + memset(res, 0, sizeof(res)); + return ret; +} + +static void +SHA1_checksum(krb5_context context, + struct key_data *key, + void *data, + size_t len, + Checksum *C) +{ + struct sha m; + sha_init(&m); + sha_update(&m, data, len); + sha_finito(&m, C->checksum.data); +} + +/* HMAC according to RFC2104 */ +static void +hmac(krb5_context context, + struct checksum_type *cm, + void *data, + size_t len, + struct key_data *keyblock, + Checksum *result) +{ + unsigned char *ipad, *opad; + unsigned char *key; + size_t key_len; + int i; + + if(keyblock->key->keyvalue.length > cm->blocksize){ + (*cm->checksum)(context, + keyblock, + keyblock->key->keyvalue.data, + keyblock->key->keyvalue.length, + result); + key = result->checksum.data; + key_len = result->checksum.length; + } else { + key = keyblock->key->keyvalue.data; + key_len = keyblock->key->keyvalue.length; + } + ipad = malloc(cm->blocksize + len); + opad = malloc(cm->blocksize + cm->checksumsize); + memset(ipad, 0x36, cm->blocksize); + memset(opad, 0x5c, cm->blocksize); + for(i = 0; i < key_len; i++){ + ipad[i] ^= key[i]; + opad[i] ^= key[i]; + } + memcpy(ipad + cm->blocksize, data, len); + (*cm->checksum)(context, keyblock, ipad, cm->blocksize + len, result); + memcpy(opad + cm->blocksize, result->checksum.data, + result->checksum.length); + (*cm->checksum)(context, keyblock, opad, + cm->blocksize + cm->checksumsize, result); + memset(ipad, 0, cm->blocksize + len); + free(ipad); + memset(opad, 0, cm->blocksize + cm->checksumsize); + free(opad); +} + +static void +HMAC_SHA1_DES3_checksum(krb5_context context, + struct key_data *key, + void *data, + size_t len, + Checksum *result) +{ + struct checksum_type *c = _find_checksum(CKSUMTYPE_SHA1); + + hmac(context, c, data, len, key, result); +} + +struct checksum_type checksum_none = { + CKSUMTYPE_NONE, + "none", + 1, + 0, + 0, + NONE_checksum, + NULL +}; +struct checksum_type checksum_crc32 = { + CKSUMTYPE_CRC32, + "crc32", + 1, + 4, + 0, + CRC32_checksum, + NULL +}; +struct checksum_type checksum_rsa_md4 = { + CKSUMTYPE_RSA_MD4, + "rsa-md4", + 64, + 16, + F_CPROOF, + RSA_MD4_checksum, + NULL +}; +struct checksum_type checksum_rsa_md4_des = { + CKSUMTYPE_RSA_MD4_DES, + "rsa-md4-des", + 64, + 24, + F_KEYED | F_CPROOF | F_VARIANT, + RSA_MD4_DES_checksum, + RSA_MD4_DES_verify +}; +#if 0 +struct checksum_type checksum_des_mac = { + CKSUMTYPE_DES_MAC, + "des-mac", + 0, + 0, + 0, + DES_MAC_checksum, +}; +struct checksum_type checksum_des_mac_k = { + CKSUMTYPE_DES_MAC_K, + "des-mac-k", + 0, + 0, + 0, + DES_MAC_K_checksum, +}; +struct checksum_type checksum_rsa_md4_des_k = { + CKSUMTYPE_RSA_MD4_DES_K, + "rsa-md4-des-k", + 0, + 0, + 0, + RSA_MD4_DES_K_checksum, + RSA_MD4_DES_K_verify, +}; +#endif +struct checksum_type checksum_rsa_md5 = { + CKSUMTYPE_RSA_MD5, + "rsa-md5", + 64, + 16, + F_CPROOF, + RSA_MD5_checksum, + NULL +}; +struct checksum_type checksum_rsa_md5_des = { + CKSUMTYPE_RSA_MD5_DES, + "rsa-md5-des", + 64, + 24, + F_KEYED | F_CPROOF | F_VARIANT, + RSA_MD5_DES_checksum, + RSA_MD5_DES_verify, +}; +struct checksum_type checksum_rsa_md5_des3 = { + CKSUMTYPE_RSA_MD5_DES3, + "rsa-md5-des3", + 64, + 24, + F_KEYED | F_CPROOF | F_VARIANT, + RSA_MD5_DES3_checksum, + RSA_MD5_DES3_verify, +}; +struct checksum_type checksum_sha1 = { + CKSUMTYPE_SHA1, + "sha1", + 64, + 20, + F_CPROOF, + SHA1_checksum, + NULL +}; +struct checksum_type checksum_hmac_sha1_des3 = { + CKSUMTYPE_HMAC_SHA1_DES3, + "hmac-sha1-des3", + 64, + 20, + F_KEYED | F_CPROOF | F_DERIVED, + HMAC_SHA1_DES3_checksum, + NULL +}; + +struct checksum_type *checksum_types[] = { + &checksum_none, + &checksum_crc32, + &checksum_rsa_md4, + &checksum_rsa_md4_des, +#if 0 + &checksum_des_mac, + &checksum_des_mac_k, + &checksum_rsa_md4_des_k, +#endif + &checksum_rsa_md5, + &checksum_rsa_md5_des, + &checksum_rsa_md5_des3, + &checksum_sha1, + &checksum_hmac_sha1_des3 +}; + +static int num_checksums = sizeof(checksum_types) / sizeof(checksum_types[0]); + +static struct checksum_type * +_find_checksum(krb5_cksumtype type) +{ + int i; + for(i = 0; i < num_checksums; i++) + if(checksum_types[i]->type == type) + return checksum_types[i]; + return NULL; +} + +static krb5_error_code +get_checksum_key(krb5_context context, + krb5_crypto crypto, + unsigned usage, /* not krb5_key_usage */ + struct checksum_type *ct, + struct key_data **key) +{ + krb5_error_code ret = 0; + + if(ct->flags & F_DERIVED) + ret = _get_derived_key(context, crypto, usage, key); + else if(ct->flags & F_VARIANT) { + int i; + + *key = _new_derived_key(crypto, 0xff/* KRB5_KU_RFC1510_VARIANT */); + if(*key == NULL) + return ENOMEM; + ret = krb5_copy_keyblock(context, crypto->key.key, &(*key)->key); + if(ret) + return ret; + for(i = 0; i < (*key)->key->keyvalue.length; i++) + ((unsigned char*)(*key)->key->keyvalue.data)[i] ^= 0xF0; + } else { + *key = &crypto->key; + } + if(ret == 0) + ret = _key_schedule(context, *key); + return ret; +} + +static krb5_error_code +do_checksum (krb5_context context, + struct checksum_type *ct, + krb5_crypto crypto, + unsigned usage, + void *data, + size_t len, + Checksum *result) +{ + krb5_error_code ret; + struct key_data *dkey; + int keyed_checksum; + + keyed_checksum = (ct->flags & F_KEYED) != 0; + if(keyed_checksum && crypto == NULL) + return KRB5_PROG_SUMTYPE_NOSUPP; /* XXX */ + if(keyed_checksum) + ret = get_checksum_key(context, crypto, usage, ct, &dkey); + else + dkey = NULL; + result->cksumtype = ct->type; + krb5_data_alloc(&result->checksum, ct->checksumsize); + (*ct->checksum)(context, dkey, data, len, result); + return 0; +} + +static krb5_error_code +create_checksum(krb5_context context, + krb5_crypto crypto, + unsigned usage, /* not krb5_key_usage */ + krb5_cksumtype type, /* if crypto == NULL */ + void *data, + size_t len, + Checksum *result) +{ + struct checksum_type *ct; + + if(crypto) { + ct = crypto->et->keyed_checksum; + if(ct == NULL) + ct = crypto->et->cksumtype; + } else + ct = _find_checksum(type); + if(ct == NULL) + return KRB5_PROG_SUMTYPE_NOSUPP; + return do_checksum (context, ct, crypto, usage, data, len, result); +} + +krb5_error_code +krb5_create_checksum(krb5_context context, + krb5_crypto crypto, + unsigned usage_or_type, + void *data, + size_t len, + Checksum *result) +{ + return create_checksum(context, crypto, + CHECKSUM_USAGE(usage_or_type), + usage_or_type, data, len, result); +} + +static krb5_error_code +verify_checksum(krb5_context context, + krb5_crypto crypto, + unsigned usage, /* not krb5_key_usage */ + void *data, + size_t len, + Checksum *cksum) +{ + krb5_error_code ret; + struct key_data *dkey; + int keyed_checksum; + Checksum c; + struct checksum_type *ct; + + ct = _find_checksum(cksum->cksumtype); + if(ct == NULL) + return KRB5_PROG_SUMTYPE_NOSUPP; + if(ct->checksumsize != cksum->checksum.length) + return KRB5KRB_AP_ERR_BAD_INTEGRITY; /* XXX */ + keyed_checksum = (ct->flags & F_KEYED) != 0; + if(keyed_checksum && crypto == NULL) + return KRB5_PROG_SUMTYPE_NOSUPP; /* XXX */ + if(keyed_checksum) + ret = get_checksum_key(context, crypto, usage, ct, &dkey); + else + dkey = NULL; + if(ct->verify) + return (*ct->verify)(context, dkey, data, len, cksum); + + ret = krb5_data_alloc (&c.checksum, ct->checksumsize); + if (ret) + return ret; + + (*ct->checksum)(context, dkey, data, len, &c); + + if(c.checksum.length != cksum->checksum.length || + memcmp(c.checksum.data, cksum->checksum.data, c.checksum.length)) + ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; + else + ret = 0; + krb5_data_free (&c.checksum); + return ret; +} + +krb5_error_code +krb5_verify_checksum(krb5_context context, + krb5_crypto crypto, + krb5_key_usage usage, + void *data, + size_t len, + Checksum *cksum) +{ + return verify_checksum(context, crypto, + CHECKSUM_USAGE(usage), data, len, cksum); +} + +krb5_error_code +krb5_checksumsize(krb5_context context, + krb5_cksumtype type, + size_t *size) +{ + struct checksum_type *ct = _find_checksum(type); + if(ct == NULL) + return KRB5_PROG_SUMTYPE_NOSUPP; + *size = ct->checksumsize; + return 0; +} + +krb5_boolean +krb5_checksum_is_keyed(krb5_context context, + krb5_cksumtype type) +{ + struct checksum_type *ct = _find_checksum(type); + if(ct == NULL) + return KRB5_PROG_SUMTYPE_NOSUPP; + return ct->flags & F_KEYED; +} + +krb5_boolean +krb5_checksum_is_collision_proof(krb5_context context, + krb5_cksumtype type) +{ + struct checksum_type *ct = _find_checksum(type); + if(ct == NULL) + return KRB5_PROG_SUMTYPE_NOSUPP; + return ct->flags & F_CPROOF; +} + +/************************************************************ + * * + ************************************************************/ + +static void +NULL_encrypt(struct key_data *key, + void *data, + size_t len, + krb5_boolean encrypt) +{ +} + +static void +DES_CBC_encrypt_null_ivec(struct key_data *key, + void *data, + size_t len, + krb5_boolean encrypt) +{ + des_cblock ivec; + des_key_schedule *s = key->schedule->data; + memset(&ivec, 0, sizeof(ivec)); + des_cbc_encrypt(data, data, len, *s, &ivec, encrypt); +} + +static void +DES_CBC_encrypt_key_ivec(struct key_data *key, + void *data, + size_t len, + krb5_boolean encrypt) +{ + des_cblock ivec; + des_key_schedule *s = key->schedule->data; + memcpy(&ivec, key->key->keyvalue.data, sizeof(ivec)); + des_cbc_encrypt(data, data, len, *s, &ivec, encrypt); +} + +static void +DES3_CBC_encrypt(struct key_data *key, + void *data, + size_t len, + krb5_boolean encrypt) +{ + des_cblock ivec; + des_key_schedule *s = key->schedule->data; + memset(&ivec, 0, sizeof(ivec)); + des_ede3_cbc_encrypt(data, data, len, s[0], s[1], s[2], &ivec, encrypt); +} + +static void +ARCFOUR_encrypt(struct key_data *key, + void *data, + size_t len, + krb5_boolean encrypt) +{ + +} + +/* + * these should currently be in reverse preference order. + */ + +static struct encryption_type etypes[] = { + { + ETYPE_NULL, + "null", + 1, + 0, + &keytype_null, + &checksum_none, + NULL, + 0, + NULL_encrypt, + }, + { + ETYPE_DES_CBC_CRC, + "des-cbc-crc", + 8, + 8, + &keytype_des, + &checksum_crc32, + NULL, + 0, + DES_CBC_encrypt_key_ivec, + }, + { + ETYPE_DES_CBC_MD4, + "des-cbc-md4", + 8, + 8, + &keytype_des, + &checksum_rsa_md4, + &checksum_rsa_md4_des, + 0, + DES_CBC_encrypt_null_ivec, + }, + { + ETYPE_DES_CBC_MD5, + "des-cbc-md5", + 8, + 8, + &keytype_des, + &checksum_rsa_md5, + &checksum_rsa_md5_des, + 0, + DES_CBC_encrypt_null_ivec, + }, + { + ETYPE_DES3_CBC_MD5, + "des3-cbc-md5", + 8, + 8, + &keytype_des3, + &checksum_rsa_md5, + &checksum_rsa_md5_des3, + 0, + DES3_CBC_encrypt, + }, + { + ETYPE_DES3_CBC_SHA1, + "des3-cbc-sha1", + 8, + 8, + &keytype_des3_derived, + &checksum_sha1, + &checksum_hmac_sha1_des3, + F_DERIVED, + DES3_CBC_encrypt, + }, + { + ETYPE_OLD_DES3_CBC_SHA1, + "old-des3-cbc-sha1", + 8, + 8, + &keytype_des3, + &checksum_sha1, + &checksum_hmac_sha1_des3, + 0, + DES3_CBC_encrypt, + }, + { + ETYPE_DES_CBC_NONE, + "des-cbc-none", + 8, + 0, + &keytype_des, + &checksum_none, + NULL, + F_PSEUDO, + DES_CBC_encrypt_null_ivec, + }, + { + ETYPE_DES3_CBC_NONE, + "des3-cbc-none", + 8, + 0, + &keytype_des3_derived, + &checksum_none, + NULL, + F_PSEUDO, + DES_CBC_encrypt_null_ivec, + }, +}; + +static unsigned num_etypes = sizeof(etypes) / sizeof(etypes[0]); + + +static struct encryption_type * +_find_enctype(krb5_enctype type) +{ + int i; + for(i = 0; i < num_etypes; i++) + if(etypes[i].type == type) + return &etypes[i]; + return NULL; +} + + +krb5_error_code +krb5_enctype_to_string(krb5_context context, + krb5_enctype etype, + char **string) +{ + struct encryption_type *e; + e = _find_enctype(etype); + if(e == NULL) + return KRB5_PROG_ETYPE_NOSUPP; + *string = strdup(e->name); + if(*string == NULL) + return ENOMEM; + return 0; +} + +krb5_error_code +krb5_string_to_enctype(krb5_context context, + const char *string, + krb5_enctype *etype) +{ + int i; + for(i = 0; i < num_etypes; i++) + if(strcasecmp(etypes[i].name, string) == 0){ + *etype = etypes[i].type; + return 0; + } + return KRB5_PROG_ETYPE_NOSUPP; +} + +krb5_error_code +krb5_enctype_to_keytype(krb5_context context, + krb5_enctype etype, + krb5_keytype *keytype) +{ + struct encryption_type *e = _find_enctype(etype); + if(e == NULL) + return KRB5_PROG_ETYPE_NOSUPP; + *keytype = e->keytype->type; /* XXX */ + return 0; +} + +#if 0 +krb5_error_code +krb5_keytype_to_enctype(krb5_context context, + krb5_keytype keytype, + krb5_enctype *etype) +{ + struct key_type *kt = _find_keytype(keytype); + krb5_warnx(context, "krb5_keytype_to_enctype(%u)", keytype); + if(kt == NULL) + return KRB5_PROG_KEYTYPE_NOSUPP; + *etype = kt->best_etype; + return 0; +} +#endif + +krb5_error_code +krb5_keytype_to_enctypes (krb5_context context, + krb5_keytype keytype, + unsigned *len, + int **val) +{ + int i; + unsigned n = 0; + int *ret; + + for (i = num_etypes - 1; i >= 0; --i) { + if (etypes[i].keytype->type == keytype + && !(etypes[i].flags & F_PSEUDO)) + ++n; + } + ret = malloc(n * sizeof(int)); + if (ret == NULL && n != 0) + return ENOMEM; + n = 0; + for (i = num_etypes - 1; i >= 0; --i) { + if (etypes[i].keytype->type == keytype + && !(etypes[i].flags & F_PSEUDO)) + ret[n++] = etypes[i].type; + } + *len = n; + *val = ret; + return 0; +} + +/* + * First take the configured list of etypes for `keytype' if available, + * else, do `krb5_keytype_to_enctypes'. + */ + +krb5_error_code +krb5_keytype_to_enctypes_default (krb5_context context, + krb5_keytype keytype, + unsigned *len, + int **val) +{ + int i, n; + int *ret; + + if (keytype != KEYTYPE_DES || context->etypes_des == NULL) + return krb5_keytype_to_enctypes (context, keytype, len, val); + + for (n = 0; context->etypes_des[n]; ++n) + ; + ret = malloc (n * sizeof(*ret)); + if (ret == NULL && n != 0) + return ENOMEM; + for (i = 0; i < n; ++i) + ret[i] = context->etypes_des[i]; + *len = n; + *val = ret; + return 0; +} + +krb5_error_code +krb5_enctype_valid(krb5_context context, + krb5_enctype etype) +{ + return _find_enctype(etype) != NULL; +} + +/* if two enctypes have compatible keys */ +krb5_boolean +krb5_enctypes_compatible_keys(krb5_context context, + krb5_enctype etype1, + krb5_enctype etype2) +{ + struct encryption_type *e1 = _find_enctype(etype1); + struct encryption_type *e2 = _find_enctype(etype2); + return e1 != NULL && e2 != NULL && e1->keytype == e2->keytype; +} + +static krb5_boolean +derived_crypto(krb5_context context, + krb5_crypto crypto) +{ + return (crypto->et->flags & F_DERIVED) != 0; +} + + +#define CHECKSUMSIZE(C) ((C)->checksumsize) +#define CHECKSUMTYPE(C) ((C)->type) + +static krb5_error_code +encrypt_internal_derived(krb5_context context, + krb5_crypto crypto, + unsigned usage, + void *data, + size_t len, + krb5_data *result) +{ + size_t sz, block_sz, checksum_sz; + Checksum cksum; + unsigned char *p, *q; + krb5_error_code ret; + struct key_data *dkey; + struct encryption_type *et = crypto->et; + + checksum_sz = CHECKSUMSIZE(et->keyed_checksum); + + sz = et->confoundersize + /* 4 - length */ len; + block_sz = (sz + et->blocksize - 1) &~ (et->blocksize - 1); /* pad */ + p = calloc(1, block_sz + checksum_sz); + if(p == NULL) + return ENOMEM; + + q = p; + krb5_generate_random_block(q, et->confoundersize); /* XXX */ + q += et->confoundersize; + memcpy(q, data, len); + + ret = create_checksum(context, + crypto, + INTEGRITY_USAGE(usage), + 0, + p, + block_sz, + &cksum); + if(ret == 0 && cksum.checksum.length != checksum_sz) + ret = KRB5_CRYPTO_INTERNAL; + if(ret) { + memset(p, 0, block_sz + checksum_sz); + free(p); + return ret; + } + memcpy(p + block_sz, cksum.checksum.data, cksum.checksum.length); + ret = _get_derived_key(context, crypto, ENCRYPTION_USAGE(usage), &dkey); + if(ret) { + memset(p, 0, block_sz + checksum_sz); + free(p); + return ret; + } + ret = _key_schedule(context, dkey); + if(ret) { + memset(p, 0, block_sz); + free(p); + return ret; + } +#ifdef CRYPTO_DEBUG + krb5_crypto_debug(context, 1, block_sz, dkey->key); +#endif + (*et->encrypt)(dkey, p, block_sz, 1); + result->data = p; + result->length = block_sz + checksum_sz; + return 0; +} + +static krb5_error_code +encrypt_internal(krb5_context context, + krb5_crypto crypto, + void *data, + size_t len, + krb5_data *result) +{ + size_t sz, block_sz, checksum_sz; + Checksum cksum; + unsigned char *p, *q; + krb5_error_code ret; + struct encryption_type *et = crypto->et; + + checksum_sz = CHECKSUMSIZE(et->cksumtype); + + sz = et->confoundersize + checksum_sz + len; + block_sz = (sz + et->blocksize - 1) &~ (et->blocksize - 1); /* pad */ + p = calloc(1, block_sz); + if(p == NULL) + return ENOMEM; + + q = p; + krb5_generate_random_block(q, et->confoundersize); /* XXX */ + q += et->confoundersize; + memset(q, 0, checksum_sz); + q += checksum_sz; + memcpy(q, data, len); + + ret = create_checksum(context, + NULL, + 0, + CHECKSUMTYPE(et->cksumtype), + p, + block_sz, + &cksum); + if(ret == 0 && cksum.checksum.length != checksum_sz) { + free_Checksum (&cksum); + ret = KRB5_CRYPTO_INTERNAL; + } + if(ret) { + memset(p, 0, block_sz); + free(p); + free_Checksum(&cksum); + return ret; + } + memcpy(p + et->confoundersize, cksum.checksum.data, cksum.checksum.length); + free_Checksum(&cksum); + ret = _key_schedule(context, &crypto->key); + if(ret) { + memset(p, 0, block_sz); + free(p); + return ret; + } +#ifdef CRYPTO_DEBUG + krb5_crypto_debug(context, 1, block_sz, crypto->key.key); +#endif + (*et->encrypt)(&crypto->key, p, block_sz, 1); + result->data = p; + result->length = block_sz; + return 0; +} + +static krb5_error_code +decrypt_internal_derived(krb5_context context, + krb5_crypto crypto, + unsigned usage, + void *data, + size_t len, + krb5_data *result) +{ + size_t checksum_sz; + Checksum cksum; + unsigned char *p; + krb5_error_code ret; + struct key_data *dkey; + struct encryption_type *et = crypto->et; + unsigned long l; + + p = malloc(len); + if(len != 0 && p == NULL) + return ENOMEM; + memcpy(p, data, len); + + checksum_sz = CHECKSUMSIZE(et->keyed_checksum); + len -= checksum_sz; + + ret = _get_derived_key(context, crypto, ENCRYPTION_USAGE(usage), &dkey); + if(ret) { + free(p); + return ret; + } + ret = _key_schedule(context, dkey); + if(ret) { + free(p); + return ret; + } +#ifdef CRYPTO_DEBUG + krb5_crypto_debug(context, 0, len, dkey->key); +#endif + (*et->encrypt)(dkey, p, len, 0); + + cksum.checksum.data = p + len; + cksum.checksum.length = checksum_sz; + cksum.cksumtype = CHECKSUMTYPE(et->keyed_checksum); + + ret = verify_checksum(context, + crypto, + INTEGRITY_USAGE(usage), + p, + len, + &cksum); + if(ret) { + free(p); + return ret; + } + l = len - et->confoundersize; + memmove(p, p + et->confoundersize, l); + result->data = realloc(p, l); + if(p == NULL) { + free(p); + return ENOMEM; + } + result->length = l; + return 0; +} + +static krb5_error_code +decrypt_internal(krb5_context context, + krb5_crypto crypto, + void *data, + size_t len, + krb5_data *result) +{ + krb5_error_code ret; + unsigned char *p; + Checksum cksum; + size_t checksum_sz, l; + struct encryption_type *et = crypto->et; + + checksum_sz = CHECKSUMSIZE(et->cksumtype); + p = malloc(len); + if(len != 0 && p == NULL) + return ENOMEM; + memcpy(p, data, len); + + ret = _key_schedule(context, &crypto->key); + if(ret) { + free(p); + return ret; + } +#ifdef CRYPTO_DEBUG + krb5_crypto_debug(context, 0, len, crypto->key.key); +#endif + (*et->encrypt)(&crypto->key, p, len, 0); + ret = krb5_data_copy(&cksum.checksum, p + et->confoundersize, checksum_sz); + if(ret) { + free(p); + return ret; + } + memset(p + et->confoundersize, 0, checksum_sz); + cksum.cksumtype = CHECKSUMTYPE(et->cksumtype); + ret = verify_checksum(context, NULL, 0, p, len, &cksum); + free_Checksum(&cksum); + if(ret) { + free(p); + return ret; + } + l = len - et->confoundersize - checksum_sz; + memmove(p, p + et->confoundersize + checksum_sz, l); + result->data = realloc(p, l); + if(result->data == NULL) { + free(p); + return ENOMEM; + } + result->length = l; + return 0; +} + +krb5_error_code +krb5_encrypt(krb5_context context, + krb5_crypto crypto, + unsigned usage, + void *data, + size_t len, + krb5_data *result) +{ + if(derived_crypto(context, crypto)) + return encrypt_internal_derived(context, crypto, usage, + data, len, result); + else + return encrypt_internal(context, crypto, data, len, result); +} + +krb5_error_code +krb5_encrypt_EncryptedData(krb5_context context, + krb5_crypto crypto, + unsigned usage, + void *data, + size_t len, + int kvno, + EncryptedData *result) +{ + result->etype = CRYPTO_ETYPE(crypto); + if(kvno){ + ALLOC(result->kvno, 1); + *result->kvno = kvno; + }else + result->kvno = NULL; + return krb5_encrypt(context, crypto, usage, data, len, &result->cipher); +} + +krb5_error_code +krb5_decrypt(krb5_context context, + krb5_crypto crypto, + unsigned usage, + void *data, + size_t len, + krb5_data *result) +{ + if(derived_crypto(context, crypto)) + return decrypt_internal_derived(context, crypto, usage, + data, len, result); + else + return decrypt_internal(context, crypto, data, len, result); +} + +krb5_error_code +krb5_decrypt_EncryptedData(krb5_context context, + krb5_crypto crypto, + unsigned usage, + EncryptedData *e, + krb5_data *result) +{ + return krb5_decrypt(context, crypto, usage, + e->cipher.data, e->cipher.length, result); +} + +/************************************************************ + * * + ************************************************************/ + +void +krb5_generate_random_block(void *buf, size_t len) +{ + des_cblock key, out; + static des_cblock counter; + static des_key_schedule schedule; + int i; + static int initialized = 0; + + if(!initialized) { + des_new_random_key(&key); + des_set_key(&key, schedule); + memset(&key, 0, sizeof(key)); + des_new_random_key(&counter); + } + while(len > 0) { + des_ecb_encrypt(&counter, &out, schedule, DES_ENCRYPT); + for(i = 7; i >=0; i--) + if(counter[i]++) + break; + memcpy(buf, out, min(len, sizeof(out))); + len -= min(len, sizeof(out)); + buf = (char*)buf + sizeof(out); + } +} + +static void +DES3_postproc(krb5_context context, + unsigned char *k, size_t len, struct key_data *key) +{ + unsigned char x[24]; + int i, j; + + memset(x, 0, sizeof(x)); + for (i = 0; i < 3; ++i) { + unsigned char foo; + + for (j = 0; j < 7; ++j) { + unsigned char b = k[7 * i + j]; + + x[8 * i + j] = b; + } + foo = 0; + for (j = 6; j >= 0; --j) { + foo |= k[7 * i + j] & 1; + foo <<= 1; + } + x[8 * i + 7] = foo; + } + k = key->key->keyvalue.data; + memcpy(k, x, 24); + memset(x, 0, sizeof(x)); + if (key->schedule) { + krb5_free_data(context, key->schedule); + key->schedule = NULL; + } + des_set_odd_parity((des_cblock*)k); + des_set_odd_parity((des_cblock*)(k + 8)); + des_set_odd_parity((des_cblock*)(k + 16)); +} + +static krb5_error_code +derive_key(krb5_context context, + struct encryption_type *et, + struct key_data *key, + void *constant, + size_t len) +{ + unsigned char *k; + unsigned int nblocks = 0, i; + krb5_error_code ret = 0; + + struct key_type *kt = et->keytype; + ret = _key_schedule(context, key); + if(ret) + return ret; + if(et->blocksize * 8 < kt->bits || + len != et->blocksize) { + nblocks = (kt->bits + et->blocksize * 8 - 1) / (et->blocksize * 8); + k = malloc(nblocks * et->blocksize); + if(k == NULL) + return ENOMEM; + _krb5_n_fold(constant, len, k, et->blocksize); + for(i = 0; i < nblocks; i++) { + if(i > 0) + memcpy(k + i * et->blocksize, + k + (i - 1) * et->blocksize, + et->blocksize); + (*et->encrypt)(key, k + i * et->blocksize, et->blocksize, 1); + } + } else { + void *c = malloc(len); + size_t res_len = (kt->bits + 7) / 8; + + if(len != 0 && c == NULL) + return ENOMEM; + memcpy(c, constant, len); + (*et->encrypt)(key, c, len, 1); + k = malloc(res_len); + if(res_len != 0 && k == NULL) + return ENOMEM; + _krb5_n_fold(c, len, k, res_len); + free(c); + } + + /* XXX keytype dependent post-processing */ + switch(kt->type) { + case KEYTYPE_DES3: + DES3_postproc(context, k, nblocks * et->blocksize, key); + break; + default: + krb5_warnx(context, "derive_key() called with unknown keytype (%u)", + kt->type); + ret = KRB5_CRYPTO_INTERNAL; + break; + } + memset(k, 0, nblocks * et->blocksize); + free(k); + return ret; +} + +static struct key_data * +_new_derived_key(krb5_crypto crypto, unsigned usage) +{ + struct key_usage *d = crypto->key_usage; + d = realloc(d, (crypto->num_key_usage + 1) * sizeof(*d)); + if(d == NULL) + return NULL; + crypto->key_usage = d; + d += crypto->num_key_usage++; + memset(d, 0, sizeof(*d)); + d->usage = usage; + return &d->key; +} + +static krb5_error_code +_get_derived_key(krb5_context context, + krb5_crypto crypto, + unsigned usage, + struct key_data **key) +{ + int i; + struct key_data *d; + unsigned char constant[5]; + + for(i = 0; i < crypto->num_key_usage; i++) + if(crypto->key_usage[i].usage == usage) { + *key = &crypto->key_usage[i].key; + return 0; + } + d = _new_derived_key(crypto, usage); + if(d == NULL) + return ENOMEM; + krb5_copy_keyblock(context, crypto->key.key, &d->key); + _krb5_put_int(constant, usage, 5); + derive_key(context, crypto->et, d, constant, sizeof(constant)); + *key = d; + return 0; +} + + +krb5_error_code +krb5_crypto_init(krb5_context context, + krb5_keyblock *key, + krb5_enctype etype, + krb5_crypto *crypto) +{ + krb5_error_code ret; + ALLOC(*crypto, 1); + if(*crypto == NULL) + return ENOMEM; + if(etype == ETYPE_NULL) + etype = key->keytype; + (*crypto)->et = _find_enctype(etype); + if((*crypto)->et == NULL) { + free(*crypto); + return KRB5_PROG_ETYPE_NOSUPP; + } + ret = krb5_copy_keyblock(context, key, &(*crypto)->key.key); + if(ret) { + free(*crypto); + return ret; + } + (*crypto)->key.schedule = NULL; + (*crypto)->num_key_usage = 0; + (*crypto)->key_usage = NULL; + return 0; +} + +static void +free_key_data(krb5_context context, struct key_data *key) +{ + krb5_free_keyblock(context, key->key); + if(key->schedule) { + memset(key->schedule->data, 0, key->schedule->length); + krb5_free_data(context, key->schedule); + } +} + +static void +free_key_usage(krb5_context context, struct key_usage *ku) +{ + free_key_data(context, &ku->key); +} + +krb5_error_code +krb5_crypto_destroy(krb5_context context, + krb5_crypto crypto) +{ + int i; + + for(i = 0; i < crypto->num_key_usage; i++) + free_key_usage(context, &crypto->key_usage[i]); + free(crypto->key_usage); + free_key_data(context, &crypto->key); + free (crypto); + return 0; +} + +krb5_error_code +krb5_string_to_key_derived(krb5_context context, + const void *str, + size_t len, + krb5_enctype etype, + krb5_keyblock *key) +{ + struct encryption_type *et = _find_enctype(etype); + krb5_error_code ret; + struct key_data kd; + u_char *tmp; + + if(et == NULL) + return KRB5_PROG_ETYPE_NOSUPP; + ALLOC(kd.key, 1); + kd.key->keytype = etype; + tmp = malloc (et->keytype->bits / 8); + _krb5_n_fold(str, len, tmp, et->keytype->bits / 8); + krb5_data_alloc(&kd.key->keyvalue, et->keytype->size); + kd.schedule = NULL; + DES3_postproc (context, tmp, et->keytype->bits / 8, &kd); /* XXX */ + ret = derive_key(context, + et, + &kd, + "kerberos", /* XXX well known constant */ + strlen("kerberos")); + ret = krb5_copy_keyblock_contents(context, kd.key, key); + free_key_data(context, &kd); + return ret; +} + +/* + * Return the size of an encrypted packet of length `data_len' + */ + +size_t +krb5_get_wrapped_length (krb5_context context, + krb5_crypto crypto, + size_t data_len) +{ + struct encryption_type *et = crypto->et; + size_t blocksize = et->blocksize; + size_t res; + + res = (data_len + blocksize - 1) / blocksize * blocksize; + res = res + et->confoundersize + et->cksumtype->checksumsize; + return res; +} + +#ifdef CRYPTO_DEBUG + +static krb5_error_code +krb5_get_keyid(krb5_context context, + krb5_keyblock *key, + u_int32_t *keyid) +{ + struct md5 md5; + unsigned char tmp[16]; + md5_init(&md5); + md5_update(&md5, key->keyvalue.data, key->keyvalue.length); + md5_finito(&md5, tmp); + *keyid = (tmp[12] << 24) | (tmp[13] << 16) | (tmp[14] << 8) | tmp[15]; + return 0; +} + +static void +krb5_crypto_debug(krb5_context context, + int encrypt, + size_t len, + krb5_keyblock *key) +{ + u_int32_t keyid; + char *kt; + krb5_get_keyid(context, key, &keyid); + krb5_enctype_to_string(context, key->keytype, &kt); + krb5_warnx(context, "%s %lu bytes with key-id %#x (%s)", + encrypt ? "encrypting" : "decrypting", + (unsigned long)len, + keyid, + kt); + free(kt); +} + +#endif /* CRYPTO_DEBUG */ diff --git a/crypto/heimdal/lib/krb5/data.c b/crypto/heimdal/lib/krb5/data.c new file mode 100644 index 0000000..21191e2 --- /dev/null +++ b/crypto/heimdal/lib/krb5/data.c @@ -0,0 +1,109 @@ +/* + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: data.c,v 1.15 1999/12/02 17:05:09 joda Exp $"); + +void +krb5_data_zero(krb5_data *p) +{ + p->length = 0; + p->data = NULL; +} + +void +krb5_data_free(krb5_data *p) +{ + if(p->data != NULL) + free(p->data); + p->length = 0; +} + +void +krb5_free_data(krb5_context context, + krb5_data *p) +{ + krb5_data_free(p); + free(p); +} + +krb5_error_code +krb5_data_alloc(krb5_data *p, int len) +{ + p->data = malloc(len); + if(len && p->data == NULL) + return ENOMEM; + p->length = len; + return 0; +} + +krb5_error_code +krb5_data_realloc(krb5_data *p, int len) +{ + void *tmp; + tmp = realloc(p->data, len); + if(len && !tmp) + return ENOMEM; + p->data = tmp; + p->length = len; + return 0; +} + +krb5_error_code +krb5_data_copy(krb5_data *p, const void *data, size_t len) +{ + if (len) { + if(krb5_data_alloc(p, len)) + return ENOMEM; + memmove(p->data, data, len); + } else + p->data = NULL; + p->length = len; + return 0; +} + +krb5_error_code +krb5_copy_data(krb5_context context, + const krb5_data *indata, + krb5_data **outdata) +{ + krb5_error_code ret; + ALLOC(*outdata, 1); + if(*outdata == NULL) + return ENOMEM; + ret = copy_octet_string(indata, *outdata); + if(ret) + free(*outdata); + return ret; +} diff --git a/crypto/heimdal/lib/krb5/dump_config.c b/crypto/heimdal/lib/krb5/dump_config.c new file mode 100644 index 0000000..074595e --- /dev/null +++ b/crypto/heimdal/lib/krb5/dump_config.c @@ -0,0 +1,71 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of KTH nor the names of its contributors may be + * used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +#include "krb5_locl.h" + +RCSID("$Id: dump_config.c,v 1.2 1999/10/28 23:22:41 assar Exp $"); + +/* print contents of krb5.conf */ + +static void +print_tree(struct krb5_config_binding *b, int level) +{ + if (b == NULL) + return; + + printf("%*s%s%s%s", level * 4, "", + (level == 0) ? "[" : "", b->name, (level == 0) ? "]" : ""); + if(b->type == krb5_config_list) { + if(level > 0) + printf(" = {"); + printf("\n"); + print_tree(b->u.list, level + 1); + if(level > 0) + printf("%*s}\n", level * 4, ""); + } else if(b->type == krb5_config_string) { + printf(" = %s\n", b->u.string); + } + if(b->next) + print_tree(b->next, level); +} + +int +main(int argc, char **argv) +{ + krb5_context context; + krb5_error_code ret = krb5_init_context(&context); + if(ret == 0) { + print_tree(context->cf, 0); + return 0; + } + return 1; +} diff --git a/crypto/heimdal/lib/krb5/expand_hostname.c b/crypto/heimdal/lib/krb5/expand_hostname.c new file mode 100644 index 0000000..698b300 --- /dev/null +++ b/crypto/heimdal/lib/krb5/expand_hostname.c @@ -0,0 +1,80 @@ +/* + * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: expand_hostname.c,v 1.5 2000/01/08 08:07:18 assar Exp $"); + +static krb5_error_code +copy_hostname(krb5_context context, + const char *orig_hostname, + char **new_hostname) +{ + *new_hostname = strdup (orig_hostname); + if (*new_hostname == NULL) + return ENOMEM; + return 0; +} + +/* + * Try to make `orig_hostname' into a more canonical one in the newly + * allocated space returned in `new_hostname'. + */ + +krb5_error_code +krb5_expand_hostname (krb5_context context, + const char *orig_hostname, + char **new_hostname) +{ + struct addrinfo *ai, *a, hints; + int error; + + memset (&hints, 0, sizeof(hints)); + hints.ai_flags = AI_CANONNAME; + + error = getaddrinfo (orig_hostname, NULL, &hints, &ai); + if (error) + return copy_hostname (context, orig_hostname, new_hostname); + for (a = ai; a != NULL; a = a->ai_next) { + if (a->ai_canonname != NULL) { + *new_hostname = strdup (a->ai_canonname); + freeaddrinfo (ai); + if (*new_hostname == NULL) + return ENOMEM; + else + return 0; + } + } + freeaddrinfo (ai); + return copy_hostname (context, orig_hostname, new_hostname); +} diff --git a/crypto/heimdal/lib/krb5/fcache.c b/crypto/heimdal/lib/krb5/fcache.c new file mode 100644 index 0000000..df88e6f --- /dev/null +++ b/crypto/heimdal/lib/krb5/fcache.c @@ -0,0 +1,431 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: fcache.c,v 1.22 1999/12/02 17:05:09 joda Exp $"); + +typedef struct krb5_fcache{ + char *filename; + int version; +}krb5_fcache; + +struct fcc_cursor { + int fd; + krb5_storage *sp; +}; + +#define KRB5_FCC_FVNO_1 1 +#define KRB5_FCC_FVNO_2 2 +#define KRB5_FCC_FVNO_3 3 +#define KRB5_FCC_FVNO_4 4 + +#define FCC_TAG_DELTATIME 1 + +#define FCACHE(X) ((krb5_fcache*)(X)->data.data) + +#define FILENAME(X) (FCACHE(X)->filename) + +#define FCC_CURSOR(C) ((struct fcc_cursor*)(C)) + +static char* +fcc_get_name(krb5_context context, + krb5_ccache id) +{ + return FILENAME(id); +} + +static krb5_error_code +fcc_resolve(krb5_context context, krb5_ccache *id, const char *res) +{ + krb5_fcache *f; + f = malloc(sizeof(*f)); + if(f == NULL) + return KRB5_CC_NOMEM; + f->filename = strdup(res); + if(f->filename == NULL){ + free(f); + return KRB5_CC_NOMEM; + } + f->version = 0; + (*id)->data.data = f; + (*id)->data.length = sizeof(*f); + return 0; +} + +static krb5_error_code +erase_file(const char *filename) +{ + int fd; + off_t pos; + char buf[128]; + + fd = open(filename, O_RDWR | O_BINARY); + if(fd < 0){ + if(errno == ENOENT) + return 0; + else + return errno; + } + pos = lseek(fd, 0, SEEK_END); + lseek(fd, 0, SEEK_SET); + memset(buf, 0, sizeof(buf)); + while(pos > 0) + pos -= write(fd, buf, sizeof(buf)); + close(fd); + unlink(filename); + return 0; +} + +static krb5_error_code +fcc_gen_new(krb5_context context, krb5_ccache *id) +{ + krb5_fcache *f; + int fd; + char *file; + f = malloc(sizeof(*f)); + if(f == NULL) + return KRB5_CC_NOMEM; + asprintf(&file, "/tmp/krb5cc_XXXXXX"); /* XXX */ + if(file == NULL) { + free(f); + return KRB5_CC_NOMEM; + } + fd = mkstemp(file); + if(fd < 0) { + free(f); + free(file); + return errno; + } + close(fd); + f->filename = file; + f->version = 0; + (*id)->data.data = f; + (*id)->data.length = sizeof(*f); + return 0; +} + +static void +storage_set_flags(krb5_context context, krb5_storage *sp, int vno) +{ + int flags = 0; + switch(vno) { + case KRB5_FCC_FVNO_1: + flags |= KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS; + flags |= KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE; + flags |= KRB5_STORAGE_HOST_BYTEORDER; + break; + case KRB5_FCC_FVNO_2: + flags |= KRB5_STORAGE_HOST_BYTEORDER; + break; + case KRB5_FCC_FVNO_3: + flags |= KRB5_STORAGE_KEYBLOCK_KEYTYPE_TWICE; + break; + case KRB5_FCC_FVNO_4: + break; + default: + krb5_abortx(context, + "storage_set_flags called with bad vno (%x)", vno); + } + krb5_storage_set_flags(sp, flags); +} + +static krb5_error_code +fcc_initialize(krb5_context context, + krb5_ccache id, + krb5_principal primary_principal) +{ + krb5_fcache *f = FCACHE(id); + int ret; + int fd; + char *filename = f->filename; + + if((ret = erase_file(filename))) + return ret; + + fd = open(filename, O_RDWR | O_CREAT | O_EXCL | O_BINARY, 0600); + if(fd == -1) + return errno; + { + krb5_storage *sp; + sp = krb5_storage_from_fd(fd); + if(context->fcache_vno != 0) + f->version = context->fcache_vno; + else + f->version = KRB5_FCC_FVNO_4; + krb5_store_int8(sp, 5); + krb5_store_int8(sp, f->version); + storage_set_flags(context, sp, f->version); + if(f->version == KRB5_FCC_FVNO_4) { + /* V4 stuff */ + if (context->kdc_sec_offset) { + krb5_store_int16 (sp, 12); /* length */ + krb5_store_int16 (sp, FCC_TAG_DELTATIME); /* Tag */ + krb5_store_int16 (sp, 8); /* length of data */ + krb5_store_int32 (sp, context->kdc_sec_offset); + krb5_store_int32 (sp, context->kdc_usec_offset); + } else { + krb5_store_int16 (sp, 0); + } + } + krb5_store_principal(sp, primary_principal); + krb5_storage_free(sp); + } + close(fd); + + return 0; +} + +static krb5_error_code +fcc_close(krb5_context context, + krb5_ccache id) +{ + free (FILENAME(id)); + krb5_data_free(&id->data); + return 0; +} + +static krb5_error_code +fcc_destroy(krb5_context context, + krb5_ccache id) +{ + char *f; + f = FILENAME(id); + + erase_file(f); + + return 0; +} + +static krb5_error_code +fcc_store_cred(krb5_context context, + krb5_ccache id, + krb5_creds *creds) +{ + int fd; + char *f; + + f = FILENAME(id); + + fd = open(f, O_WRONLY | O_APPEND | O_BINARY); + if(fd < 0) + return errno; + { + krb5_storage *sp; + sp = krb5_storage_from_fd(fd); + storage_set_flags(context, sp, FCACHE(id)->version); + krb5_store_creds(sp, creds); + krb5_storage_free(sp); + } + close(fd); + return 0; /* XXX */ +} + +static krb5_error_code +fcc_read_cred (krb5_context context, + krb5_fcache *fc, + krb5_storage *sp, + krb5_creds *creds) +{ + krb5_error_code ret; + + storage_set_flags(context, sp, fc->version); + + ret = krb5_ret_creds(sp, creds); + return ret; +} + +static krb5_error_code +init_fcc (krb5_context context, + krb5_fcache *fcache, + krb5_storage **ret_sp, + int *ret_fd) +{ + int fd; + int8_t pvno, tag; + krb5_storage *sp; + + fd = open(fcache->filename, O_RDONLY | O_BINARY); + if(fd < 0) + return errno; + sp = krb5_storage_from_fd(fd); + krb5_ret_int8(sp, &pvno); + if(pvno != 5) { + krb5_storage_free(sp); + close(fd); + return KRB5_CCACHE_BADVNO; + } + krb5_ret_int8(sp, &tag); /* should not be host byte order */ + fcache->version = tag; + storage_set_flags(context, sp, fcache->version); + switch (tag) { + case KRB5_FCC_FVNO_4: { + int16_t length; + + krb5_ret_int16 (sp, &length); + while(length > 0) { + int16_t tag, data_len; + int i; + int8_t dummy; + + krb5_ret_int16 (sp, &tag); + krb5_ret_int16 (sp, &data_len); + switch (tag) { + case FCC_TAG_DELTATIME : + krb5_ret_int32 (sp, &context->kdc_sec_offset); + krb5_ret_int32 (sp, &context->kdc_usec_offset); + break; + default : + for (i = 0; i < data_len; ++i) + krb5_ret_int8 (sp, &dummy); + break; + } + length -= 4 + data_len; + } + break; + } + case KRB5_FCC_FVNO_3: + case KRB5_FCC_FVNO_2: + case KRB5_FCC_FVNO_1: + break; + default : + krb5_storage_free (sp); + close (fd); + return KRB5_CCACHE_BADVNO; + } + *ret_sp = sp; + *ret_fd = fd; + return 0; +} + +static krb5_error_code +fcc_get_principal(krb5_context context, + krb5_ccache id, + krb5_principal *principal) +{ + krb5_error_code ret; + krb5_fcache *f = FCACHE(id); + int fd; + krb5_storage *sp; + + ret = init_fcc (context, f, &sp, &fd); + if (ret) + return ret; + krb5_ret_principal(sp, principal); + krb5_storage_free(sp); + close(fd); + return 0; +} + +static krb5_error_code +fcc_get_first (krb5_context context, + krb5_ccache id, + krb5_cc_cursor *cursor) +{ + krb5_error_code ret; + krb5_principal principal; + krb5_fcache *f = FCACHE(id); + + *cursor = malloc(sizeof(struct fcc_cursor)); + + ret = init_fcc (context, f, &FCC_CURSOR(*cursor)->sp, + &FCC_CURSOR(*cursor)->fd); + if (ret) + return ret; + krb5_ret_principal (FCC_CURSOR(*cursor)->sp, &principal); + krb5_free_principal (context, principal); + return 0; +} + +static krb5_error_code +fcc_get_next (krb5_context context, + krb5_ccache id, + krb5_cc_cursor *cursor, + krb5_creds *creds) +{ + return fcc_read_cred (context, FCACHE(id), FCC_CURSOR(*cursor)->sp, creds); +} + +static krb5_error_code +fcc_end_get (krb5_context context, + krb5_ccache id, + krb5_cc_cursor *cursor) +{ + krb5_storage_free(FCC_CURSOR(*cursor)->sp); + close (FCC_CURSOR(*cursor)->fd); + free(*cursor); + return 0; +} + +static krb5_error_code +fcc_remove_cred(krb5_context context, + krb5_ccache id, + krb5_flags which, + krb5_creds *cred) +{ + return 0; /* XXX */ +} + +static krb5_error_code +fcc_set_flags(krb5_context context, + krb5_ccache id, + krb5_flags flags) +{ + return 0; /* XXX */ +} + +static krb5_error_code +fcc_get_version(krb5_context context, + krb5_ccache id) +{ + return FCACHE(id)->version; +} + +const krb5_cc_ops krb5_fcc_ops = { + "FILE", + fcc_get_name, + fcc_resolve, + fcc_gen_new, + fcc_initialize, + fcc_destroy, + fcc_close, + fcc_store_cred, + NULL, /* fcc_retrieve */ + fcc_get_principal, + fcc_get_first, + fcc_get_next, + fcc_end_get, + fcc_remove_cred, + fcc_set_flags, + fcc_get_version +}; diff --git a/crypto/heimdal/lib/krb5/free.c b/crypto/heimdal/lib/krb5/free.c new file mode 100644 index 0000000..251ec32 --- /dev/null +++ b/crypto/heimdal/lib/krb5/free.c @@ -0,0 +1,52 @@ +/* + * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: free.c,v 1.5 1999/12/02 17:05:09 joda Exp $"); + +krb5_error_code +krb5_free_kdc_rep(krb5_context context, krb5_kdc_rep *rep) +{ + free_KDC_REP(&rep->kdc_rep); + free_EncTGSRepPart(&rep->enc_part); + free_KRB_ERROR(&rep->error); + return 0; +} + +krb5_error_code +krb5_xfree (void *ptr) +{ + free (ptr); + return 0; +} diff --git a/crypto/heimdal/lib/krb5/free_host_realm.c b/crypto/heimdal/lib/krb5/free_host_realm.c new file mode 100644 index 0000000..a69f29b --- /dev/null +++ b/crypto/heimdal/lib/krb5/free_host_realm.c @@ -0,0 +1,54 @@ +/* + * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: free_host_realm.c,v 1.4 1999/12/02 17:05:09 joda Exp $"); + +/* + * Free all memory allocated by `realmlist' + */ + +krb5_error_code +krb5_free_host_realm(krb5_context context, + krb5_realm *realmlist) +{ + krb5_realm *p; + + if(realmlist == NULL) + return 0; + for (p = realmlist; *p; ++p) + free (*p); + free (realmlist); + return 0; +} diff --git a/crypto/heimdal/lib/krb5/generate_seq_number.c b/crypto/heimdal/lib/krb5/generate_seq_number.c new file mode 100644 index 0000000..a000ea1 --- /dev/null +++ b/crypto/heimdal/lib/krb5/generate_seq_number.c @@ -0,0 +1,62 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <krb5_locl.h> + +RCSID("$Id: generate_seq_number.c,v 1.6 1999/12/02 17:05:09 joda Exp $"); + +krb5_error_code +krb5_generate_seq_number(krb5_context context, + const krb5_keyblock *key, + int32_t *seqno) +{ + krb5_error_code ret; + krb5_keyblock *subkey; + u_int32_t q; + u_char *p; + int i; + + ret = krb5_generate_subkey (context, key, &subkey); + if (ret) + return ret; + + q = 0; + for (p = (u_char *)subkey->keyvalue.data, i = 0; + i < subkey->keyvalue.length; + ++i, ++p) + q = (q << 8) | *p; + q &= 0xffffffff; + *seqno = q; + krb5_free_keyblock_contents (context, subkey); + return 0; +} diff --git a/crypto/heimdal/lib/krb5/generate_subkey.c b/crypto/heimdal/lib/krb5/generate_subkey.c new file mode 100644 index 0000000..a5b2e9e --- /dev/null +++ b/crypto/heimdal/lib/krb5/generate_subkey.c @@ -0,0 +1,52 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <krb5_locl.h> + +RCSID("$Id: generate_subkey.c,v 1.7 1999/12/02 17:05:09 joda Exp $"); + +krb5_error_code +krb5_generate_subkey(krb5_context context, + const krb5_keyblock *key, + krb5_keyblock **subkey) +{ + krb5_error_code ret; + + ALLOC(*subkey, 1); + if (*subkey == NULL) + return ENOMEM; + ret = krb5_generate_random_keyblock(context, key->keytype, *subkey); + if(ret) + free(*subkey); + return ret; +} diff --git a/crypto/heimdal/lib/krb5/get_addrs.c b/crypto/heimdal/lib/krb5/get_addrs.c new file mode 100644 index 0000000..65a1b3c --- /dev/null +++ b/crypto/heimdal/lib/krb5/get_addrs.c @@ -0,0 +1,310 @@ +/* + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: get_addrs.c,v 1.35 1999/12/02 17:05:09 joda Exp $"); + +#ifdef __osf__ +/* hate */ +struct rtentry; +struct mbuf; +#endif +#ifdef HAVE_NET_IF_H +#include <net/if.h> +#endif + +#ifdef HAVE_SYS_SOCKIO_H +#include <sys/sockio.h> +#endif /* HAVE_SYS_SOCKIO_H */ + +#ifdef HAVE_NETINET_IN6_VAR_H +#include <netinet/in6_var.h> +#endif /* HAVE_NETINET_IN6_VAR_H */ + +static krb5_error_code +gethostname_fallback (krb5_addresses *res) +{ + krb5_error_code err; + char hostname[MAXHOSTNAMELEN]; + struct hostent *hostent; + + if (gethostname (hostname, sizeof(hostname))) + return errno; + hostent = roken_gethostbyname (hostname); + if (hostent == NULL) + return errno; + res->len = 1; + res->val = malloc (sizeof(*res->val)); + if (res->val == NULL) + return ENOMEM; + res->val[0].addr_type = hostent->h_addrtype; + res->val[0].address.data = NULL; + res->val[0].address.length = 0; + err = krb5_data_copy (&res->val[0].address, + hostent->h_addr, + hostent->h_length); + if (err) { + free (res->val); + return err; + } + return 0; +} + +enum { + LOOP = 1, /* do include loopback interfaces */ + LOOP_IF_NONE = 2, /* include loopback if no other if's */ + EXTRA_ADDRESSES = 4, /* include extra addresses */ + SCAN_INTERFACES = 8 /* scan interfaces for addresses */ +}; + +/* + * Try to figure out the addresses of all configured interfaces with a + * lot of magic ioctls. + */ + +static krb5_error_code +find_all_addresses (krb5_context context, + krb5_addresses *res, int flags, + int af, int siocgifconf, int siocgifflags, + size_t ifreq_sz) +{ + krb5_error_code ret; + int fd; + size_t buf_size; + char *buf; + struct ifconf ifconf; + int num, j = 0; + char *p; + size_t sz; + struct sockaddr sa_zero; + struct ifreq *ifr; + krb5_address lo_addr; + int got_lo = FALSE; + + buf = NULL; + res->val = NULL; + + memset (&sa_zero, 0, sizeof(sa_zero)); + fd = socket(af, SOCK_DGRAM, 0); + if (fd < 0) + return -1; + + buf_size = 8192; + for (;;) { + buf = malloc(buf_size); + if (buf == NULL) { + ret = ENOMEM; + goto error_out; + } + ifconf.ifc_len = buf_size; + ifconf.ifc_buf = buf; + if (ioctl (fd, siocgifconf, &ifconf) < 0) { + ret = errno; + goto error_out; + } + /* + * Can the difference between a full and a overfull buf + * be determined? + */ + + if (ifconf.ifc_len < buf_size) + break; + free (buf); + buf_size *= 2; + } + + num = ifconf.ifc_len / ifreq_sz; + res->len = num; + res->val = calloc(num, sizeof(*res->val)); + if (res->val == NULL) { + ret = ENOMEM; + goto error_out; + } + + j = 0; + for (p = ifconf.ifc_buf; + p < ifconf.ifc_buf + ifconf.ifc_len; + p += sz) { + struct ifreq ifreq; + struct sockaddr *sa; + + ifr = (struct ifreq *)p; + sa = &ifr->ifr_addr; + + sz = ifreq_sz; +#ifdef HAVE_STRUCT_SOCKADDR_SA_LEN + sz = max(sz, sizeof(ifr->ifr_name) + sa->sa_len); +#endif +#ifdef SA_LEN + sz = max(sz, SA_LEN(sa)); +#endif + memcpy (ifreq.ifr_name, ifr->ifr_name, sizeof(ifr->ifr_name)); + + if (ioctl(fd, siocgifflags, &ifreq) < 0) { + ret = errno; + goto error_out; + } + + if (!(ifreq.ifr_flags & IFF_UP)) + continue; + if (memcmp (sa, &sa_zero, sizeof(sa_zero)) == 0) + continue; + if (krb5_sockaddr_uninteresting (sa)) + continue; + + if (ifreq.ifr_flags & IFF_LOOPBACK) { + if (flags & LOOP_IF_NONE) { + ret = krb5_sockaddr2address (sa, &lo_addr); + if (ret) + goto error_out; + got_lo = TRUE; + continue; + } else if((flags & LOOP) == 0) + continue; + } + + ret = krb5_sockaddr2address (sa, &res->val[j]); + if (ret) + goto error_out; + ++j; + } + if ((flags & LOOP_IF_NONE) && got_lo) { + if (j == 0) + res->val[j++] = lo_addr; + else + krb5_free_address (context, &lo_addr); + } + + if (j != num) { + void *tmp; + + res->len = j; + tmp = realloc (res->val, j * sizeof(*res->val)); + if (j != 0 && tmp == NULL) { + ret = ENOMEM; + goto error_out; + } + res->val = tmp; + } + ret = 0; + goto cleanup; + +error_out: + if (got_lo) + krb5_free_address (context, &lo_addr); + while(j--) { + krb5_free_address (context, &res->val[j]); + } + free (res->val); +cleanup: + close (fd); + free (buf); + return ret; +} + +static krb5_error_code +get_addrs_int (krb5_context context, krb5_addresses *res, int flags) +{ + krb5_error_code ret = -1; + + if (flags & SCAN_INTERFACES) { +#if defined(AF_INET6) && defined(SIOCGIF6CONF) && defined(SIOCGIF6FLAGS) + if (ret) + ret = find_all_addresses (context, res, flags, + AF_INET6, SIOCGIF6CONF, SIOCGIF6FLAGS, + sizeof(struct in6_ifreq)); +#endif +#if defined(HAVE_IPV6) && defined(SIOCGIFCONF) + if (ret) + ret = find_all_addresses (context, res, flags, + AF_INET6, SIOCGIFCONF, SIOCGIFFLAGS, + sizeof(struct ifreq)); +#endif +#if defined(AF_INET) && defined(SIOCGIFCONF) && defined(SIOCGIFFLAGS) + if (ret) + ret = find_all_addresses (context, res, flags, + AF_INET, SIOCGIFCONF, SIOCGIFFLAGS, + sizeof(struct ifreq)); + if(ret || res->len == 0) + ret = gethostname_fallback (res); +#endif + } else + ret = 0; + + if(ret == 0 && (flags & EXTRA_ADDRESSES)) { + /* append user specified addresses */ + krb5_addresses a; + ret = krb5_get_extra_addresses(context, &a); + if(ret) { + krb5_free_addresses(context, res); + return ret; + } + ret = krb5_append_addresses(context, res, &a); + if(ret) { + krb5_free_addresses(context, res); + return ret; + } + krb5_free_addresses(context, &a); + } + return ret; +} + +/* + * Try to get all addresses, but return the one corresponding to + * `hostname' if we fail. + * + * Only include loopback address if there are no other. + */ + +krb5_error_code +krb5_get_all_client_addrs (krb5_context context, krb5_addresses *res) +{ + int flags = LOOP_IF_NONE | EXTRA_ADDRESSES; + + if (context->scan_interfaces) + flags |= SCAN_INTERFACES; + + return get_addrs_int (context, res, flags); +} + +/* + * Try to get all local addresses that a server should listen to. + * If that fails, we return the address corresponding to `hostname'. + */ + +krb5_error_code +krb5_get_all_server_addrs (krb5_context context, krb5_addresses *res) +{ + return get_addrs_int (context, res, LOOP | SCAN_INTERFACES); +} diff --git a/crypto/heimdal/lib/krb5/get_cred.c b/crypto/heimdal/lib/krb5/get_cred.c new file mode 100644 index 0000000..61951c1 --- /dev/null +++ b/crypto/heimdal/lib/krb5/get_cred.c @@ -0,0 +1,776 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <krb5_locl.h> + +RCSID("$Id: get_cred.c,v 1.75 1999/12/02 17:05:09 joda Exp $"); + +/* + * Take the `body' and encode it into `padata' using the credentials + * in `creds'. + */ + +static krb5_error_code +make_pa_tgs_req(krb5_context context, + krb5_auth_context ac, + KDC_REQ_BODY *body, + PA_DATA *padata, + krb5_creds *creds) +{ + u_char *buf; + size_t buf_size; + size_t len; + krb5_data in_data; + krb5_error_code ret; + + buf_size = 1024; + buf = malloc (buf_size); + if (buf == NULL) + return ENOMEM; + + do { + ret = encode_KDC_REQ_BODY(buf + buf_size - 1, buf_size, + body, &len); + if (ret){ + if (ret == ASN1_OVERFLOW) { + u_char *tmp; + + buf_size *= 2; + tmp = realloc (buf, buf_size); + if (tmp == NULL) { + ret = ENOMEM; + goto out; + } + buf = tmp; + } else { + goto out; + } + } + } while (ret == ASN1_OVERFLOW); + + in_data.length = len; + in_data.data = buf + buf_size - len; + ret = krb5_mk_req_internal(context, &ac, 0, &in_data, creds, + &padata->padata_value, + KRB5_KU_TGS_REQ_AUTH_CKSUM); +out: + free (buf); + if(ret) + return ret; + padata->padata_type = pa_tgs_req; + return 0; +} + +/* + * Set the `enc-authorization-data' in `req_body' based on `authdata' + */ + +static krb5_error_code +set_auth_data (krb5_context context, + KDC_REQ_BODY *req_body, + krb5_authdata *authdata, + krb5_keyblock *key) +{ + if(authdata->len) { + size_t len; + unsigned char *buf; + krb5_crypto crypto; + krb5_error_code ret; + + len = length_AuthorizationData(authdata); + buf = malloc(len); + if (buf == NULL) + return ENOMEM; + ret = encode_AuthorizationData(buf + len - 1, + len, authdata, &len); + if (ret) { + free (buf); + return ret; + } + + ALLOC(req_body->enc_authorization_data, 1); + if (req_body->enc_authorization_data == NULL) { + free (buf); + return ret; + } + ret = krb5_crypto_init(context, key, 0, &crypto); + if (ret) { + free (buf); + free (req_body->enc_authorization_data); + return ret; + } + krb5_encrypt_EncryptedData(context, + crypto, + KRB5_KU_TGS_REQ_AUTH_DAT_SUBKEY, + /* KRB5_KU_TGS_REQ_AUTH_DAT_SESSION? */ + buf, + len, + 0, + req_body->enc_authorization_data); + free (buf); + krb5_crypto_destroy(context, crypto); + } else { + req_body->enc_authorization_data = NULL; + } + return 0; +} + +/* + * Create a tgs-req in `t' with `addresses', `flags', `second_ticket' + * (if not-NULL), `in_creds', `krbtgt', and returning the generated + * subkey in `subkey'. + */ + +static krb5_error_code +init_tgs_req (krb5_context context, + krb5_ccache ccache, + krb5_addresses *addresses, + krb5_kdc_flags flags, + Ticket *second_ticket, + krb5_creds *in_creds, + krb5_creds *krbtgt, + unsigned nonce, + krb5_keyblock **subkey, + TGS_REQ *t) +{ + krb5_error_code ret; + + memset(t, 0, sizeof(*t)); + t->pvno = 5; + t->msg_type = krb_tgs_req; + if (in_creds->session.keytype) { + ret = krb5_keytype_to_enctypes_default (context, + in_creds->session.keytype, + &t->req_body.etype.len, + &t->req_body.etype.val); + } else { + ret = krb5_init_etype(context, + &t->req_body.etype.len, + &t->req_body.etype.val, + NULL); + } + if (ret) + goto fail; + t->req_body.addresses = addresses; + t->req_body.kdc_options = flags.b; + ret = copy_Realm(&in_creds->server->realm, &t->req_body.realm); + if (ret) + goto fail; + ALLOC(t->req_body.sname, 1); + if (t->req_body.sname == NULL) { + ret = ENOMEM; + goto fail; + } + ret = copy_PrincipalName(&in_creds->server->name, t->req_body.sname); + if (ret) + goto fail; + + /* req_body.till should be NULL if there is no endtime specified, + but old MIT code (like DCE secd) doesn't like that */ + ALLOC(t->req_body.till, 1); + if(t->req_body.till == NULL){ + ret = ENOMEM; + goto fail; + } + *t->req_body.till = in_creds->times.endtime; + + t->req_body.nonce = nonce; + if(second_ticket){ + ALLOC(t->req_body.additional_tickets, 1); + if (t->req_body.additional_tickets == NULL) { + ret = ENOMEM; + goto fail; + } + ALLOC_SEQ(t->req_body.additional_tickets, 1); + if (t->req_body.additional_tickets->val == NULL) { + ret = ENOMEM; + goto fail; + } + ret = copy_Ticket(second_ticket, t->req_body.additional_tickets->val); + if (ret) + goto fail; + } + ALLOC(t->padata, 1); + if (t->padata == NULL) { + ret = ENOMEM; + goto fail; + } + ALLOC_SEQ(t->padata, 1); + if (t->padata->val == NULL) { + ret = ENOMEM; + goto fail; + } + + { + krb5_auth_context ac; + krb5_keyblock *key; + + ret = krb5_auth_con_init(context, &ac); + if(ret) + goto fail; + ret = krb5_generate_subkey (context, &krbtgt->session, &key); + if (ret) { + krb5_auth_con_free (context, ac); + goto fail; + } + ret = krb5_auth_con_setlocalsubkey(context, ac, key); + if (ret) { + krb5_free_keyblock (context, key); + krb5_auth_con_free (context, ac); + goto fail; + } + + ret = set_auth_data (context, &t->req_body, &in_creds->authdata, key); + if (ret) { + krb5_free_keyblock (context, key); + krb5_auth_con_free (context, ac); + goto fail; + } + + ret = make_pa_tgs_req(context, + ac, + &t->req_body, + t->padata->val, + krbtgt); + if(ret) { + krb5_free_keyblock (context, key); + krb5_auth_con_free(context, ac); + goto fail; + } + *subkey = key; + + krb5_auth_con_free(context, ac); + } +fail: + if (ret) + free_TGS_REQ (t); + return ret; +} + +static krb5_error_code +get_krbtgt(krb5_context context, + krb5_ccache id, + krb5_realm realm, + krb5_creds **cred) +{ + krb5_error_code ret; + krb5_creds tmp_cred; + + memset(&tmp_cred, 0, sizeof(tmp_cred)); + + ret = krb5_make_principal(context, + &tmp_cred.server, + realm, + KRB5_TGS_NAME, + realm, + NULL); + if(ret) + return ret; + ret = krb5_get_credentials(context, + KRB5_GC_CACHED, + id, + &tmp_cred, + cred); + krb5_free_principal(context, tmp_cred.server); + if(ret) + return ret; + return 0; +} + +/* DCE compatible decrypt proc */ +static krb5_error_code +decrypt_tkt_with_subkey (krb5_context context, + krb5_keyblock *key, + krb5_key_usage usage, + krb5_const_pointer subkey, + krb5_kdc_rep *dec_rep) +{ + krb5_error_code ret; + krb5_data data; + size_t size; + krb5_crypto crypto; + + krb5_crypto_init(context, key, 0, &crypto); + ret = krb5_decrypt_EncryptedData (context, + crypto, + usage, + &dec_rep->kdc_rep.enc_part, + &data); + krb5_crypto_destroy(context, crypto); + if(ret && subkey){ + /* DCE compat -- try to decrypt with subkey */ + krb5_crypto_init(context, (krb5_keyblock*)subkey, 0, &crypto); + ret = krb5_decrypt_EncryptedData (context, + crypto, + KRB5_KU_TGS_REP_ENC_PART_SUB_KEY, + &dec_rep->kdc_rep.enc_part, + &data); + krb5_crypto_destroy(context, crypto); + } + if (ret) + return ret; + + ret = krb5_decode_EncASRepPart(context, + data.data, + data.length, + &dec_rep->enc_part, + &size); + if (ret) + ret = krb5_decode_EncTGSRepPart(context, + data.data, + data.length, + &dec_rep->enc_part, + &size); + krb5_data_free (&data); + return ret; +} + +static krb5_error_code +get_cred_kdc(krb5_context context, + krb5_ccache id, + krb5_kdc_flags flags, + krb5_addresses *addresses, + krb5_creds *in_creds, + krb5_creds *krbtgt, + krb5_creds *out_creds) +{ + TGS_REQ req; + krb5_data enc; + krb5_data resp; + krb5_kdc_rep rep; + KRB_ERROR error; + krb5_error_code ret; + unsigned nonce; + krb5_keyblock *subkey = NULL; + u_char *buf = NULL; + size_t buf_size; + size_t len; + Ticket second_ticket; + + krb5_generate_random_block(&nonce, sizeof(nonce)); + nonce &= 0xffffffff; + + if(flags.b.enc_tkt_in_skey){ + ret = decode_Ticket(in_creds->second_ticket.data, + in_creds->second_ticket.length, + &second_ticket, &len); + if(ret) + return ret; + } + + ret = init_tgs_req (context, + id, + addresses, + flags, + flags.b.enc_tkt_in_skey ? &second_ticket : NULL, + in_creds, + krbtgt, + nonce, + &subkey, + &req); + if(flags.b.enc_tkt_in_skey) + free_Ticket(&second_ticket); + if (ret) + goto out; + + buf_size = 1024; + buf = malloc (buf_size); + if (buf == NULL) { + ret = ENOMEM; + goto out; + } + + do { + ret = encode_TGS_REQ (buf + buf_size - 1, buf_size, + &req, &enc.length); + if (ret) { + if (ret == ASN1_OVERFLOW) { + u_char *tmp; + + buf_size *= 2; + tmp = realloc (buf, buf_size); + if (tmp == NULL) { + ret = ENOMEM; + goto out; + } + buf = tmp; + } else { + goto out; + } + } + } while (ret == ASN1_OVERFLOW); + + /* don't free addresses */ + req.req_body.addresses = NULL; + free_TGS_REQ(&req); + + enc.data = buf + buf_size - enc.length; + if (ret) + goto out; + + /* + * Send and receive + */ + + ret = krb5_sendto_kdc (context, &enc, + &krbtgt->server->name.name_string.val[1], &resp); + if(ret) + goto out; + + memset(&rep, 0, sizeof(rep)); + if(decode_TGS_REP(resp.data, resp.length, &rep.kdc_rep, &len) == 0){ + ret = krb5_copy_principal(context, + in_creds->client, + &out_creds->client); + if(ret) + goto out; + ret = krb5_copy_principal(context, + in_creds->server, + &out_creds->server); + if(ret) + goto out; + /* this should go someplace else */ + out_creds->times.endtime = in_creds->times.endtime; + + ret = _krb5_extract_ticket(context, + &rep, + out_creds, + &krbtgt->session, + NULL, + KRB5_KU_TGS_REP_ENC_PART_SESSION, + &krbtgt->addresses, + nonce, + TRUE, + decrypt_tkt_with_subkey, + subkey); + krb5_free_kdc_rep(context, &rep); + if (ret) + goto out; + }else if(krb5_rd_error(context, &resp, &error) == 0){ + ret = error.error_code; + free_KRB_ERROR(&error); + }else if(resp.data && ((char*)resp.data)[0] == 4) + ret = KRB5KRB_AP_ERR_V4_REPLY; + else + ret = KRB5KRB_AP_ERR_MSG_TYPE; + krb5_data_free(&resp); +out: + if(subkey){ + krb5_free_keyblock_contents(context, subkey); + free(subkey); + } + if (buf) + free (buf); + return ret; + +} + +/* same as above, just get local addresses first */ + +static krb5_error_code +get_cred_kdc_la(krb5_context context, krb5_ccache id, krb5_kdc_flags flags, + krb5_creds *in_creds, krb5_creds *krbtgt, + krb5_creds *out_creds) +{ + krb5_error_code ret; + krb5_addresses addresses; + + krb5_get_all_client_addrs(context, &addresses); + ret = get_cred_kdc(context, id, flags, &addresses, + in_creds, krbtgt, out_creds); + krb5_free_addresses(context, &addresses); + return ret; +} + +krb5_error_code +krb5_get_kdc_cred(krb5_context context, + krb5_ccache id, + krb5_kdc_flags flags, + krb5_addresses *addresses, + Ticket *second_ticket, + krb5_creds *in_creds, + krb5_creds **out_creds + ) +{ + krb5_error_code ret; + krb5_creds *krbtgt; + *out_creds = calloc(1, sizeof(**out_creds)); + if(*out_creds == NULL) + return ENOMEM; + ret = get_krbtgt (context, + id, + in_creds->server->realm, + &krbtgt); + if(ret) { + free(*out_creds); + return ret; + } + ret = get_cred_kdc(context, id, flags, addresses, + in_creds, krbtgt, *out_creds); + krb5_free_creds (context, krbtgt); + if(ret) + free(*out_creds); + return ret; +} + + +static krb5_error_code +find_cred(krb5_context context, + krb5_ccache id, + krb5_principal server, + krb5_creds **tgts, + krb5_creds *out_creds) +{ + krb5_error_code ret; + krb5_creds mcreds; + mcreds.server = server; + ret = krb5_cc_retrieve_cred(context, id, KRB5_TC_DONT_MATCH_REALM, + &mcreds, out_creds); + if(ret == 0) + return 0; + while(tgts && *tgts){ + if(krb5_compare_creds(context, KRB5_TC_DONT_MATCH_REALM, + &mcreds, *tgts)){ + ret = krb5_copy_creds_contents(context, *tgts, out_creds); + return ret; + } + tgts++; + } + return KRB5_CC_NOTFOUND; +} + +static krb5_error_code +add_cred(krb5_context context, krb5_creds ***tgts, krb5_creds *tkt) +{ + int i; + krb5_error_code ret; + krb5_creds **tmp = *tgts; + for(i = 0; tmp && tmp[i]; i++); /* XXX */ + tmp = realloc(tmp, (i+2)*sizeof(*tmp)); + if(tmp == NULL) + return ENOMEM; + *tgts = tmp; + ret = krb5_copy_creds(context, tkt, &tmp[i]); + tmp[i+1] = NULL; + return ret; +} + +/* +get_cred(server) + creds = cc_get_cred(server) + if(creds) return creds + tgt = cc_get_cred(krbtgt/server_realm@any_realm) + if(tgt) + return get_cred_tgt(server, tgt) + if(client_realm == server_realm) + return NULL + tgt = get_cred(krbtgt/server_realm@client_realm) + while(tgt_inst != server_realm) + tgt = get_cred(krbtgt/server_realm@tgt_inst) + return get_cred_tgt(server, tgt) + */ + +static krb5_error_code +get_cred_from_kdc_flags(krb5_context context, + krb5_kdc_flags flags, + krb5_ccache ccache, + krb5_creds *in_creds, + krb5_creds **out_creds, + krb5_creds ***ret_tgts) +{ + krb5_error_code ret; + krb5_creds *tgt, tmp_creds; + krb5_realm client_realm, server_realm; + + *out_creds = NULL; + + client_realm = *krb5_princ_realm(context, in_creds->client); + server_realm = *krb5_princ_realm(context, in_creds->server); + memset(&tmp_creds, 0, sizeof(tmp_creds)); + ret = krb5_copy_principal(context, in_creds->client, &tmp_creds.client); + if(ret) + return ret; + ret = krb5_make_principal(context, + &tmp_creds.server, + client_realm, + KRB5_TGS_NAME, + server_realm, + NULL); + if(ret){ + krb5_free_principal(context, tmp_creds.client); + return ret; + } + { + krb5_creds tgts; + /* XXX try krb5_cc_retrieve_cred first? */ + ret = find_cred(context, ccache, tmp_creds.server, + *ret_tgts, &tgts); + if(ret == 0){ + *out_creds = calloc(1, sizeof(**out_creds)); + if(*out_creds == NULL) + ret = ENOMEM; + else { + ret = get_cred_kdc_la(context, ccache, flags, + in_creds, &tgts, *out_creds); + if (ret) + free (*out_creds); + } + krb5_free_creds_contents(context, &tgts); + krb5_free_principal(context, tmp_creds.server); + krb5_free_principal(context, tmp_creds.client); + return ret; + } + } + if(krb5_realm_compare(context, in_creds->client, in_creds->server)) + return KRB5_CC_NOTFOUND; + /* XXX this can loop forever */ + while(1){ + general_string tgt_inst; + krb5_kdc_flags f; + f.i = 0; + ret = get_cred_from_kdc_flags(context, flags, ccache, &tmp_creds, + &tgt, ret_tgts); + if(ret) { + krb5_free_principal(context, tmp_creds.server); + krb5_free_principal(context, tmp_creds.client); + return ret; + } + ret = add_cred(context, ret_tgts, tgt); + if(ret) { + krb5_free_principal(context, tmp_creds.server); + krb5_free_principal(context, tmp_creds.client); + return ret; + } + tgt_inst = tgt->server->name.name_string.val[1]; + if(strcmp(tgt_inst, server_realm) == 0) + break; + krb5_free_principal(context, tmp_creds.server); + ret = krb5_make_principal(context, &tmp_creds.server, + tgt_inst, KRB5_TGS_NAME, server_realm, NULL); + if(ret) { + krb5_free_principal(context, tmp_creds.server); + krb5_free_principal(context, tmp_creds.client); + return ret; + } + ret = krb5_free_creds(context, tgt); + if(ret) { + krb5_free_principal(context, tmp_creds.server); + krb5_free_principal(context, tmp_creds.client); + return ret; + } + } + + krb5_free_principal(context, tmp_creds.server); + krb5_free_principal(context, tmp_creds.client); + *out_creds = calloc(1, sizeof(**out_creds)); + if(*out_creds == NULL) + ret = ENOMEM; + else { + ret = get_cred_kdc_la(context, ccache, flags, + in_creds, tgt, *out_creds); + if (ret) + free (*out_creds); + } + krb5_free_creds(context, tgt); + return ret; +} + +krb5_error_code +krb5_get_cred_from_kdc(krb5_context context, + krb5_ccache ccache, + krb5_creds *in_creds, + krb5_creds **out_creds, + krb5_creds ***ret_tgts) +{ + krb5_kdc_flags f; + f.i = 0; + return get_cred_from_kdc_flags(context, f, ccache, + in_creds, out_creds, ret_tgts); +} + + +krb5_error_code +krb5_get_credentials_with_flags(krb5_context context, + krb5_flags options, + krb5_kdc_flags flags, + krb5_ccache ccache, + krb5_creds *in_creds, + krb5_creds **out_creds) +{ + krb5_error_code ret; + krb5_creds **tgts; + int i; + + *out_creds = calloc(1, sizeof(**out_creds)); + if (*out_creds == NULL) + return ENOMEM; + + ret = krb5_cc_retrieve_cred(context, + ccache, + in_creds->session.keytype ? + KRB5_TC_MATCH_KEYTYPE : 0, + in_creds, *out_creds); + if(ret == 0) + return 0; + free(*out_creds); + if(ret != KRB5_CC_END) + return ret; + if(options & KRB5_GC_CACHED) + return KRB5_CC_NOTFOUND; + if(options & KRB5_GC_USER_USER) + flags.b.enc_tkt_in_skey = 1; + tgts = NULL; + ret = get_cred_from_kdc_flags(context, flags, ccache, + in_creds, out_creds, &tgts); + for(i = 0; tgts && tgts[i]; i++){ + krb5_cc_store_cred(context, ccache, tgts[i]); + krb5_free_creds(context, tgts[i]); + } + free(tgts); + if(ret == 0 && flags.b.enc_tkt_in_skey == 0) + krb5_cc_store_cred(context, ccache, *out_creds); + return ret; +} + +krb5_error_code +krb5_get_credentials(krb5_context context, + krb5_flags options, + krb5_ccache ccache, + krb5_creds *in_creds, + krb5_creds **out_creds) +{ + krb5_kdc_flags flags; + flags.i = 0; + return krb5_get_credentials_with_flags(context, options, flags, + ccache, in_creds, out_creds); +} diff --git a/crypto/heimdal/lib/krb5/get_default_principal.c b/crypto/heimdal/lib/krb5/get_default_principal.c new file mode 100644 index 0000000..84d7a5e --- /dev/null +++ b/crypto/heimdal/lib/krb5/get_default_principal.c @@ -0,0 +1,67 @@ +/* + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: get_default_principal.c,v 1.5 1999/12/02 17:05:09 joda Exp $"); + +/* + * Try to find out what's a reasonable default principal. + */ + +krb5_error_code +krb5_get_default_principal (krb5_context context, + krb5_principal *princ) +{ + krb5_error_code ret; + krb5_ccache id; + const char *user; + + ret = krb5_cc_default (context, &id); + if (ret == 0) { + ret = krb5_cc_get_principal (context, id, princ); + krb5_cc_close (context, id); + if (ret == 0) + return 0; + } + + user = get_default_username (); + if (user == NULL) + return ENOTTY; + if (getuid () == 0) { + ret = krb5_make_principal(context, princ, NULL, user, "root", NULL); + } else { + ret = krb5_make_principal(context, princ, NULL, user, NULL); + } + return ret; +} diff --git a/crypto/heimdal/lib/krb5/get_default_realm.c b/crypto/heimdal/lib/krb5/get_default_realm.c new file mode 100644 index 0000000..3f9b901 --- /dev/null +++ b/crypto/heimdal/lib/krb5/get_default_realm.c @@ -0,0 +1,80 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: get_default_realm.c,v 1.8 1999/12/02 17:05:09 joda Exp $"); + +/* + * Return a NULL-terminated list of default realms in `realms'. + * Free this memory with krb5_free_host_realm. + */ + +krb5_error_code +krb5_get_default_realms (krb5_context context, + krb5_realm **realms) +{ + if (context->default_realms == NULL) { + krb5_error_code ret = krb5_set_default_realm (context, NULL); + if (ret) + return KRB5_CONFIG_NODEFREALM; + } + + return krb5_copy_host_realm (context, + context->default_realms, + realms); +} + +/* + * Return the first default realm. For compatability. + */ + +krb5_error_code +krb5_get_default_realm(krb5_context context, + krb5_realm *realm) +{ + char *res; + + if (context->default_realms == NULL + || context->default_realms[0] == NULL) { + krb5_error_code ret = krb5_set_default_realm (context, NULL); + if (ret) + return KRB5_CONFIG_NODEFREALM; + } + + res = strdup (context->default_realms[0]); + if (res == NULL) + return ENOMEM; + *realm = res; + return 0; +} diff --git a/crypto/heimdal/lib/krb5/get_for_creds.c b/crypto/heimdal/lib/krb5/get_for_creds.c new file mode 100644 index 0000000..977515f --- /dev/null +++ b/crypto/heimdal/lib/krb5/get_for_creds.c @@ -0,0 +1,287 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <krb5_locl.h> + +RCSID("$Id: get_for_creds.c,v 1.21 1999/12/20 00:57:37 assar Exp $"); + +static krb5_error_code +add_addrs(krb5_context context, + krb5_addresses *addr, + struct addrinfo *ai) +{ + krb5_error_code ret; + unsigned n, i; + void *tmp; + struct addrinfo *a; + + n = 0; + for (a = ai; a != NULL; a = a->ai_next) + ++n; + + i = addr->len; + addr->len += n; + tmp = realloc(addr->val, addr->len * sizeof(*addr->val)); + if (tmp == NULL) { + ret = ENOMEM; + goto fail; + } + addr->val = tmp; + for (a = ai; a != NULL; a = a->ai_next) { + ret = krb5_sockaddr2address (a->ai_addr, &addr->val[i++]); + if (ret) + goto fail; + } + return 0; +fail: + krb5_free_addresses (context, addr); + return ret; +} + +/* + * + */ + +krb5_error_code +krb5_fwd_tgt_creds (krb5_context context, + krb5_auth_context auth_context, + const char *hostname, + krb5_principal client, + krb5_principal server, + krb5_ccache ccache, + int forwardable, + krb5_data *out_data) +{ + krb5_flags flags = 0; + krb5_creds creds; + krb5_error_code ret; + + flags |= KDC_OPT_FORWARDED; + + if (forwardable) + flags |= KDC_OPT_FORWARDABLE; + + + memset (&creds, 0, sizeof(creds)); + creds.client = client; + creds.server = server; + + ret = krb5_get_forwarded_creds (context, + auth_context, + ccache, + flags, + hostname, + &creds, + out_data); + return ret; +} + +/* + * + */ + +krb5_error_code +krb5_get_forwarded_creds (krb5_context context, + krb5_auth_context auth_context, + krb5_ccache ccache, + krb5_flags flags, + const char *hostname, + krb5_creds *in_creds, + krb5_data *out_data) +{ + krb5_error_code ret; + krb5_creds *out_creds; + krb5_addresses addrs; + KRB_CRED cred; + KrbCredInfo *krb_cred_info; + EncKrbCredPart enc_krb_cred_part; + size_t len; + u_char buf[1024]; + int32_t sec, usec; + krb5_kdc_flags kdc_flags; + krb5_crypto crypto; + struct addrinfo *ai; + + addrs.len = 0; + addrs.val = NULL; + + ret = getaddrinfo (hostname, NULL, NULL, &ai); + if (ret) + return ret; + + ret = add_addrs (context, &addrs, ai); + freeaddrinfo (ai); + if (ret) + return ret; + + kdc_flags.i = flags; + + ret = krb5_get_kdc_cred (context, + ccache, + kdc_flags, + &addrs, + NULL, + in_creds, + &out_creds); + krb5_free_addresses (context, &addrs); + if (ret) { + return ret; + } + + memset (&cred, 0, sizeof(cred)); + cred.pvno = 5; + cred.msg_type = krb_cred; + ALLOC_SEQ(&cred.tickets, 1); + if (cred.tickets.val == NULL) { + ret = ENOMEM; + goto out2; + } + ret = decode_Ticket(out_creds->ticket.data, + out_creds->ticket.length, + cred.tickets.val, &len); + if (ret) + goto out3; + + memset (&enc_krb_cred_part, 0, sizeof(enc_krb_cred_part)); + ALLOC_SEQ(&enc_krb_cred_part.ticket_info, 1); + if (enc_krb_cred_part.ticket_info.val == NULL) { + ret = ENOMEM; + goto out4; + } + + krb5_us_timeofday (context, &sec, &usec); + + ALLOC(enc_krb_cred_part.timestamp, 1); + if (enc_krb_cred_part.timestamp == NULL) { + ret = ENOMEM; + goto out4; + } + *enc_krb_cred_part.timestamp = sec; + ALLOC(enc_krb_cred_part.usec, 1); + if (enc_krb_cred_part.usec == NULL) { + ret = ENOMEM; + goto out4; + } + *enc_krb_cred_part.usec = usec; + + ret = krb5_make_addrport (&enc_krb_cred_part.s_address, + auth_context->local_address, + auth_context->local_port); + if (ret) + goto out4; + + ALLOC(enc_krb_cred_part.r_address, 1); + if (enc_krb_cred_part.r_address == NULL) { + ret = ENOMEM; + goto out4; + } + + ret = krb5_copy_address (context, auth_context->remote_address, + enc_krb_cred_part.r_address); + if (ret) + goto out4; + + /* fill ticket_info.val[0] */ + + enc_krb_cred_part.ticket_info.len = 1; + + krb_cred_info = enc_krb_cred_part.ticket_info.val; + + copy_EncryptionKey (&out_creds->session, &krb_cred_info->key); + ALLOC(krb_cred_info->prealm, 1); + copy_Realm (&out_creds->client->realm, krb_cred_info->prealm); + ALLOC(krb_cred_info->pname, 1); + copy_PrincipalName(&out_creds->client->name, krb_cred_info->pname); + ALLOC(krb_cred_info->flags, 1); + *krb_cred_info->flags = out_creds->flags.b; + ALLOC(krb_cred_info->authtime, 1); + *krb_cred_info->authtime = out_creds->times.authtime; + ALLOC(krb_cred_info->starttime, 1); + *krb_cred_info->starttime = out_creds->times.starttime; + ALLOC(krb_cred_info->endtime, 1); + *krb_cred_info->endtime = out_creds->times.endtime; + ALLOC(krb_cred_info->renew_till, 1); + *krb_cred_info->renew_till = out_creds->times.renew_till; + ALLOC(krb_cred_info->srealm, 1); + copy_Realm (&out_creds->server->realm, krb_cred_info->srealm); + ALLOC(krb_cred_info->sname, 1); + copy_PrincipalName (&out_creds->server->name, krb_cred_info->sname); + ALLOC(krb_cred_info->caddr, 1); + copy_HostAddresses (&out_creds->addresses, krb_cred_info->caddr); + + krb5_free_creds (context, out_creds); + + /* encode EncKrbCredPart */ + + ret = krb5_encode_EncKrbCredPart (context, + buf + sizeof(buf) - 1, sizeof(buf), + &enc_krb_cred_part, &len); + free_EncKrbCredPart (&enc_krb_cred_part); + if (ret) { + free_KRB_CRED(&cred); + return ret; + } + + krb5_crypto_init(context, auth_context->local_subkey, 0, &crypto); + ret = krb5_encrypt_EncryptedData (context, + crypto, + KRB5_KU_KRB_CRED, + buf + sizeof(buf) - len, + len, + 0, + &cred.enc_part); + krb5_crypto_destroy(context, crypto); + if (ret) { + free_KRB_CRED(&cred); + return ret; + } + + ret = encode_KRB_CRED (buf + sizeof(buf) - 1, sizeof(buf), + &cred, &len); + free_KRB_CRED (&cred); + if (ret) + return ret; + out_data->length = len; + out_data->data = malloc(len); + if (out_data->data == NULL) + return ENOMEM; + memcpy (out_data->data, buf + sizeof(buf) - len, len); + return 0; +out4: + free_EncKrbCredPart(&enc_krb_cred_part); +out3: + free_KRB_CRED(&cred); +out2: + krb5_free_creds (context, out_creds); + return ret; +} diff --git a/crypto/heimdal/lib/krb5/get_host_realm.c b/crypto/heimdal/lib/krb5/get_host_realm.c new file mode 100644 index 0000000..e8522cb --- /dev/null +++ b/crypto/heimdal/lib/krb5/get_host_realm.c @@ -0,0 +1,194 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" +#include <resolve.h> + +RCSID("$Id: get_host_realm.c,v 1.25 1999/12/11 23:14:07 assar Exp $"); + +/* To automagically find the correct realm of a host (without + * [domain_realm] in krb5.conf) add a text record for your domain with + * the name of your realm, like this: + * + * krb5-realm IN TXT FOO.SE + * + * The search is recursive, so you can add entries for specific + * hosts. To find the realm of host a.b.c, it first tries + * krb5-realm.a.b.c, then krb5-realm.b.c and so on. + * + * Also supported is _kerberos (following draft-ietf-cat-krb-dns-locate-01.txt) + * + */ + +static int +copy_txt_to_realms (struct resource_record *head, + krb5_realm **realms) +{ + struct resource_record *rr; + int n, i; + + for(n = 0, rr = head; rr; rr = rr->next) + if (rr->type == T_TXT) + ++n; + + if (n == 0) + return -1; + + *realms = malloc ((n + 1) * sizeof(krb5_realm)); + if (*realms == NULL) + return -1; + + for (i = 0; i < n + 1; ++i) + (*realms)[i] = NULL; + + for (i = 0, rr = head; rr; rr = rr->next) { + if (rr->type == T_TXT) { + char *tmp; + + tmp = strdup(rr->u.txt); + if (tmp == NULL) { + for (i = 0; i < n; ++i) + free ((*realms)[i]); + free (*realms); + return -1; + } + (*realms)[i] = tmp; + ++i; + } + } + return 0; +} + +static int +dns_find_realm(krb5_context context, + const char *domain, + const char *dom_string, + krb5_realm **realms) +{ + char dom[MAXHOSTNAMELEN]; + struct dns_reply *r; + int ret; + + if(*domain == '.') + domain++; + snprintf(dom, sizeof(dom), "%s.%s.", dom_string, domain); + r = dns_lookup(dom, "TXT"); + if(r == NULL) + return -1; + + ret = copy_txt_to_realms (r->head, realms); + dns_free_data(r); + return ret; +} + +/* + * Try to figure out what realms host in `domain' belong to from the + * configuration file. + */ + +static int +config_find_realm(krb5_context context, + const char *domain, + krb5_realm **realms) +{ + char **tmp = krb5_config_get_strings (context, NULL, + "domain_realm", + domain, + NULL); + + if (tmp == NULL) + return -1; + *realms = tmp; + return 0; +} + +/* + * This function assumes that `host' is a FQDN (and doesn't handle the + * special case of host == NULL either). + * Try to find mapping in the config file or DNS and it that fails, + * fall back to guessing + */ + +krb5_error_code +krb5_get_host_realm_int (krb5_context context, + const char *host, + krb5_realm **realms) +{ + const char *p; + + for (p = host; p != NULL; p = strchr (p + 1, '.')) { + if(config_find_realm(context, p, realms) == 0) + return 0; + else if(dns_find_realm(context, p, "krb5-realm", realms) == 0) + return 0; + else if(dns_find_realm(context, p, "_kerberos", realms) == 0) + return 0; + } + p = strchr(host, '.'); + if(p != NULL) { + p++; + *realms = malloc(2 * sizeof(krb5_realm)); + if (*realms == NULL) + return ENOMEM; + + (*realms)[0] = strdup(p); + if((*realms)[0] == NULL) { + free(*realms); + return ENOMEM; + } + strupr((*realms)[0]); + (*realms)[1] = NULL; + return 0; + } + return KRB5_ERR_HOST_REALM_UNKNOWN; +} + +/* + * Return the realm(s) of `host' as a NULL-terminated list in `realms'. + */ + +krb5_error_code +krb5_get_host_realm(krb5_context context, + const char *host, + krb5_realm **realms) +{ + char hostname[MAXHOSTNAMELEN]; + + if (host == NULL) { + if (gethostname (hostname, sizeof(hostname))) + return errno; + host = hostname; + } + + return krb5_get_host_realm_int (context, host, realms); +} diff --git a/crypto/heimdal/lib/krb5/get_in_tkt.c b/crypto/heimdal/lib/krb5/get_in_tkt.c new file mode 100644 index 0000000..f65af47 --- /dev/null +++ b/crypto/heimdal/lib/krb5/get_in_tkt.c @@ -0,0 +1,794 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: get_in_tkt.c,v 1.93 2000/01/06 20:36:28 assar Exp $"); + +krb5_error_code +krb5_init_etype (krb5_context context, + unsigned *len, + int **val, + const krb5_enctype *etypes) +{ + int i; + krb5_error_code ret; + krb5_enctype *tmp; + + ret = 0; + if (etypes) + tmp = (krb5_enctype*)etypes; + else { + ret = krb5_get_default_in_tkt_etypes(context, + &tmp); + if (ret) + return ret; + } + + for (i = 0; tmp[i]; ++i) + ; + *len = i; + *val = malloc(i * sizeof(int)); + if (i != 0 && *val == NULL) { + ret = ENOMEM; + goto cleanup; + } + memmove (*val, + tmp, + i * sizeof(*tmp)); +cleanup: + if (etypes == NULL) + free (tmp); + return ret; +} + + +static krb5_error_code +decrypt_tkt (krb5_context context, + krb5_keyblock *key, + krb5_key_usage usage, + krb5_const_pointer decrypt_arg, + krb5_kdc_rep *dec_rep) +{ + krb5_error_code ret; + krb5_data data; + size_t size; + krb5_crypto crypto; + + krb5_crypto_init(context, key, 0, &crypto); + + ret = krb5_decrypt_EncryptedData (context, + crypto, + usage, + &dec_rep->kdc_rep.enc_part, + &data); + krb5_crypto_destroy(context, crypto); + + if (ret) + return ret; + + ret = krb5_decode_EncASRepPart(context, + data.data, + data.length, + &dec_rep->enc_part, + &size); + if (ret) + ret = krb5_decode_EncTGSRepPart(context, + data.data, + data.length, + &dec_rep->enc_part, + &size); + krb5_data_free (&data); + if (ret) + return ret; + return 0; +} + +int +_krb5_extract_ticket(krb5_context context, + krb5_kdc_rep *rep, + krb5_creds *creds, + krb5_keyblock *key, + krb5_const_pointer keyseed, + krb5_key_usage key_usage, + krb5_addresses *addrs, + unsigned nonce, + krb5_boolean allow_server_mismatch, + krb5_decrypt_proc decrypt_proc, + krb5_const_pointer decryptarg) +{ + krb5_error_code ret; + krb5_principal tmp_principal; + int tmp; + time_t tmp_time; + int32_t sec_now; + + /* compare client */ + + ret = principalname2krb5_principal (&tmp_principal, + rep->kdc_rep.cname, + rep->kdc_rep.crealm); + if (ret) + goto out; + tmp = krb5_principal_compare (context, tmp_principal, creds->client); + krb5_free_principal (context, tmp_principal); + if (!tmp) { + ret = KRB5KRB_AP_ERR_MODIFIED; + goto out; + } + + /* extract ticket */ + { + unsigned char *buf; + size_t len; + len = length_Ticket(&rep->kdc_rep.ticket); + buf = malloc(len); + if(buf == NULL) { + ret = ENOMEM; + goto out; + } + encode_Ticket(buf + len - 1, len, &rep->kdc_rep.ticket, &len); + creds->ticket.data = buf; + creds->ticket.length = len; + creds->second_ticket.length = 0; + creds->second_ticket.data = NULL; + } + + /* compare server */ + + ret = principalname2krb5_principal (&tmp_principal, + rep->kdc_rep.ticket.sname, + rep->kdc_rep.ticket.realm); + if (ret) + goto out; + if(allow_server_mismatch){ + krb5_free_principal(context, creds->server); + creds->server = tmp_principal; + tmp_principal = NULL; + }else{ + tmp = krb5_principal_compare (context, tmp_principal, creds->server); + krb5_free_principal (context, tmp_principal); + if (!tmp) { + ret = KRB5KRB_AP_ERR_MODIFIED; + goto out; + } + } + + /* decrypt */ + + if (decrypt_proc == NULL) + decrypt_proc = decrypt_tkt; + + ret = (*decrypt_proc)(context, key, key_usage, decryptarg, rep); + if (ret) + goto out; + +#if 0 + /* XXX should this decode be here, or in the decrypt_proc? */ + ret = krb5_decode_keyblock(context, &rep->enc_part.key, 1); + if(ret) + goto out; +#endif + + /* compare nonces */ + + if (nonce != rep->enc_part.nonce) { + ret = KRB5KRB_AP_ERR_MODIFIED; + goto out; + } + + /* set kdc-offset */ + + krb5_timeofday (context, &sec_now); + if (context->kdc_sec_offset == 0 + && krb5_config_get_bool (context, NULL, + "libdefaults", + "kdc_timesync", + NULL)) { + context->kdc_sec_offset = rep->enc_part.authtime - sec_now; + krb5_timeofday (context, &sec_now); + } + + /* check all times */ + + if (rep->enc_part.starttime) { + tmp_time = *rep->enc_part.starttime; + } else + tmp_time = rep->enc_part.authtime; + + if (creds->times.starttime == 0 + && abs(tmp_time - sec_now) > context->max_skew) { + ret = KRB5KRB_AP_ERR_SKEW; + goto out; + } + + if (creds->times.starttime != 0 + && tmp_time != creds->times.starttime) { + ret = KRB5KRB_AP_ERR_MODIFIED; + goto out; + } + + creds->times.starttime = tmp_time; + + if (rep->enc_part.renew_till) { + tmp_time = *rep->enc_part.renew_till; + } else + tmp_time = 0; + + if (creds->times.renew_till != 0 + && tmp_time > creds->times.renew_till) { + ret = KRB5KRB_AP_ERR_MODIFIED; + goto out; + } + + creds->times.renew_till = tmp_time; + + creds->times.authtime = rep->enc_part.authtime; + + if (creds->times.endtime != 0 + && rep->enc_part.endtime > creds->times.endtime) { + ret = KRB5KRB_AP_ERR_MODIFIED; + goto out; + } + + creds->times.endtime = rep->enc_part.endtime; + + if(rep->enc_part.caddr) + krb5_copy_addresses (context, rep->enc_part.caddr, &creds->addresses); + else if(addrs) + krb5_copy_addresses (context, addrs, &creds->addresses); + else { + creds->addresses.len = 0; + creds->addresses.val = NULL; + } + creds->flags.b = rep->enc_part.flags; + + creds->authdata.len = 0; + creds->authdata.val = NULL; + creds->session.keyvalue.length = 0; + creds->session.keyvalue.data = NULL; + creds->session.keytype = rep->enc_part.key.keytype; + ret = krb5_data_copy (&creds->session.keyvalue, + rep->enc_part.key.keyvalue.data, + rep->enc_part.key.keyvalue.length); + +out: + memset (rep->enc_part.key.keyvalue.data, 0, + rep->enc_part.key.keyvalue.length); + return ret; +} + + +static krb5_error_code +make_pa_enc_timestamp(krb5_context context, PA_DATA *pa, + krb5_enctype etype, krb5_keyblock *key) +{ + PA_ENC_TS_ENC p; + u_char buf[1024]; + size_t len; + EncryptedData encdata; + krb5_error_code ret; + int32_t sec, usec; + int usec2; + krb5_crypto crypto; + + krb5_us_timeofday (context, &sec, &usec); + p.patimestamp = sec; + usec2 = usec; + p.pausec = &usec2; + + ret = encode_PA_ENC_TS_ENC(buf + sizeof(buf) - 1, + sizeof(buf), + &p, + &len); + if (ret) + return ret; + + krb5_crypto_init(context, key, 0, &crypto); + ret = krb5_encrypt_EncryptedData(context, + crypto, + KRB5_KU_PA_ENC_TIMESTAMP, + buf + sizeof(buf) - len, + len, + 0, + &encdata); + krb5_crypto_destroy(context, crypto); + if (ret) + return ret; + + ret = encode_EncryptedData(buf + sizeof(buf) - 1, + sizeof(buf), + &encdata, + &len); + free_EncryptedData(&encdata); + if (ret) + return ret; + pa->padata_type = pa_enc_timestamp; + pa->padata_value.length = 0; + krb5_data_copy(&pa->padata_value, + buf + sizeof(buf) - len, + len); + return 0; +} + +static krb5_error_code +add_padata(krb5_context context, + METHOD_DATA *md, + krb5_principal client, + krb5_key_proc key_proc, + krb5_const_pointer keyseed, + int *enctypes, + unsigned netypes, + krb5_salt *salt) +{ + krb5_error_code ret; + PA_DATA *pa2; + krb5_salt salt2; + int *ep; + int i; + + if(salt == NULL) { + /* default to standard salt */ + ret = krb5_get_pw_salt (context, client, &salt2); + salt = &salt2; + } + if (!enctypes) { + enctypes = (int *)context->etypes; /* XXX */ + netypes = 0; + for (ep = enctypes; *ep != ETYPE_NULL; ep++) + netypes++; + } + pa2 = realloc (md->val, (md->len + netypes) * sizeof(*md->val)); + if (pa2 == NULL) + return ENOMEM; + md->val = pa2; + + for (i = 0; i < netypes; ++i) { + krb5_keyblock *key; + + ret = (*key_proc)(context, enctypes[i], *salt, keyseed, &key); + if (ret) + continue; + ret = make_pa_enc_timestamp (context, &md->val[md->len], + enctypes[i], key); + krb5_free_keyblock (context, key); + if (ret) + return ret; + ++md->len; + } + if(salt == &salt2) + krb5_free_salt(context, salt2); + return 0; +} + +static krb5_error_code +init_as_req (krb5_context context, + krb5_kdc_flags opts, + krb5_creds *creds, + const krb5_addresses *addrs, + const krb5_enctype *etypes, + const krb5_preauthtype *ptypes, + const krb5_preauthdata *preauth, + krb5_key_proc key_proc, + krb5_const_pointer keyseed, + unsigned nonce, + AS_REQ *a) +{ + krb5_error_code ret; + krb5_salt salt; + + memset(a, 0, sizeof(*a)); + + a->pvno = 5; + a->msg_type = krb_as_req; + a->req_body.kdc_options = opts.b; + a->req_body.cname = malloc(sizeof(*a->req_body.cname)); + if (a->req_body.cname == NULL) { + ret = ENOMEM; + goto fail; + } + a->req_body.sname = malloc(sizeof(*a->req_body.sname)); + if (a->req_body.sname == NULL) { + ret = ENOMEM; + goto fail; + } + ret = krb5_principal2principalname (a->req_body.cname, creds->client); + if (ret) + goto fail; + ret = krb5_principal2principalname (a->req_body.sname, creds->server); + if (ret) + goto fail; + ret = copy_Realm(&creds->client->realm, &a->req_body.realm); + if (ret) + goto fail; + + if(creds->times.starttime) { + a->req_body.from = malloc(sizeof(*a->req_body.from)); + if (a->req_body.from == NULL) { + ret = ENOMEM; + goto fail; + } + *a->req_body.from = creds->times.starttime; + } + if(creds->times.endtime){ + ALLOC(a->req_body.till, 1); + *a->req_body.till = creds->times.endtime; + } + if(creds->times.renew_till){ + a->req_body.rtime = malloc(sizeof(*a->req_body.rtime)); + if (a->req_body.rtime == NULL) { + ret = ENOMEM; + goto fail; + } + *a->req_body.rtime = creds->times.renew_till; + } + a->req_body.nonce = nonce; + ret = krb5_init_etype (context, + &a->req_body.etype.len, + &a->req_body.etype.val, + etypes); + if (ret) + goto fail; + + /* + * This means no addresses + */ + + if (addrs && addrs->len == 0) { + a->req_body.addresses = NULL; + } else { + a->req_body.addresses = malloc(sizeof(*a->req_body.addresses)); + if (a->req_body.addresses == NULL) { + ret = ENOMEM; + goto fail; + } + + if (addrs) + ret = krb5_copy_addresses(context, addrs, a->req_body.addresses); + else + ret = krb5_get_all_client_addrs (context, a->req_body.addresses); + if (ret) + return ret; + } + + a->req_body.enc_authorization_data = NULL; + a->req_body.additional_tickets = NULL; + + if(preauth != NULL) { + int i; + ALLOC(a->padata, 1); + if(a->padata == NULL) { + ret = ENOMEM; + goto fail; + } + for(i = 0; i < preauth->len; i++) { + if(preauth->val[i].type == KRB5_PADATA_ENC_TIMESTAMP){ + int j; + PA_DATA *tmp = realloc(a->padata->val, + (a->padata->len + + preauth->val[i].info.len) * + sizeof(*a->padata->val)); + if(tmp == NULL) { + ret = ENOMEM; + goto fail; + } + a->padata->val = tmp; + for(j = 0; j < preauth->val[i].info.len; j++) { + krb5_salt *sp = &salt; + if(preauth->val[i].info.val[j].salttype) + salt.salttype = *preauth->val[i].info.val[j].salttype; + else + salt.salttype = KRB5_PW_SALT; + if(preauth->val[i].info.val[j].salt) + salt.saltvalue = *preauth->val[i].info.val[j].salt; + else + if(salt.salttype == KRB5_PW_SALT) + sp = NULL; + else + krb5_data_zero(&salt.saltvalue); + add_padata(context, a->padata, creds->client, + key_proc, keyseed, + &preauth->val[i].info.val[j].etype, 1, + sp); + } + } + } + } else + /* not sure this is the way to use `ptypes' */ + if (ptypes == NULL || *ptypes == KRB5_PADATA_NONE) + a->padata = NULL; + else if (*ptypes == KRB5_PADATA_ENC_TIMESTAMP) { + ALLOC(a->padata, 1); + if (a->padata == NULL) { + ret = ENOMEM; + goto fail; + } + a->padata->len = 0; + a->padata->val = NULL; + + /* make a v5 salted pa-data */ + add_padata(context, a->padata, creds->client, + key_proc, keyseed, a->req_body.etype.val, + a->req_body.etype.len, NULL); + + /* make a v4 salted pa-data */ + salt.salttype = KRB5_PW_SALT; + krb5_data_zero(&salt.saltvalue); + add_padata(context, a->padata, creds->client, + key_proc, keyseed, a->req_body.etype.val, + a->req_body.etype.len, &salt); + } else { + ret = KRB5_PREAUTH_BAD_TYPE; + goto fail; + } + return 0; +fail: + free_AS_REQ(a); + return ret; +} + +static int +set_ptypes(krb5_context context, + KRB_ERROR *error, + krb5_preauthtype **ptypes, + krb5_preauthdata **preauth) +{ + static krb5_preauthdata preauth2; + static krb5_preauthtype ptypes2[] = { KRB5_PADATA_ENC_TIMESTAMP, KRB5_PADATA_NONE }; + + if(error->e_data) { + METHOD_DATA md; + int i; + decode_METHOD_DATA(error->e_data->data, + error->e_data->length, + &md, + NULL); + for(i = 0; i < md.len; i++){ + switch(md.val[i].padata_type){ + case pa_enc_timestamp: + *ptypes = ptypes2; + break; + case pa_etype_info: + *preauth = &preauth2; + ALLOC_SEQ(*preauth, 1); + (*preauth)->val[0].type = KRB5_PADATA_ENC_TIMESTAMP; + krb5_decode_ETYPE_INFO(context, + md.val[i].padata_value.data, + md.val[i].padata_value.length, + &(*preauth)->val[0].info, + NULL); + break; + } + } + free_METHOD_DATA(&md); + } else { + *ptypes = ptypes2; + } + return(1); +} + +krb5_error_code +krb5_get_in_cred(krb5_context context, + krb5_flags options, + const krb5_addresses *addrs, + const krb5_enctype *etypes, + const krb5_preauthtype *ptypes, + const krb5_preauthdata *preauth, + krb5_key_proc key_proc, + krb5_const_pointer keyseed, + krb5_decrypt_proc decrypt_proc, + krb5_const_pointer decryptarg, + krb5_creds *creds, + krb5_kdc_rep *ret_as_reply) +{ + krb5_error_code ret; + AS_REQ a; + krb5_kdc_rep rep; + krb5_data req, resp; + char buf[BUFSIZ]; + krb5_salt salt; + krb5_keyblock *key; + size_t size; + krb5_kdc_flags opts; + PA_DATA *pa; + krb5_enctype etype; + krb5_preauthdata *my_preauth = NULL; + unsigned nonce; + int done; + + opts.i = options; + + krb5_generate_random_block (&nonce, sizeof(nonce)); + nonce &= 0xffffffff; + + do { + done = 1; + ret = init_as_req (context, + opts, + creds, + addrs, + etypes, + ptypes, + preauth, + key_proc, + keyseed, + nonce, + &a); + if (my_preauth) { + free_ETYPE_INFO(&my_preauth->val[0].info); + free (my_preauth->val); + } + if (ret) + return ret; + + ret = encode_AS_REQ ((unsigned char*)buf + sizeof(buf) - 1, + sizeof(buf), + &a, + &req.length); + free_AS_REQ(&a); + if (ret) + return ret; + + req.data = buf + sizeof(buf) - req.length; + + ret = krb5_sendto_kdc (context, &req, &creds->client->realm, &resp); + if (ret) + return ret; + + memset (&rep, 0, sizeof(rep)); + ret = decode_AS_REP(resp.data, resp.length, &rep.kdc_rep, &size); + if(ret) { + /* let's try to parse it as a KRB-ERROR */ + KRB_ERROR error; + int ret2; + + ret2 = krb5_rd_error(context, &resp, &error); + if(ret2 && resp.data && ((char*)resp.data)[0] == 4) + ret = KRB5KRB_AP_ERR_V4_REPLY; + krb5_data_free(&resp); + if (ret2 == 0) { + ret = error.error_code; + /* if no preauth was set and KDC requires it, give it + one more try */ + if (!ptypes && !preauth + && ret == KRB5KDC_ERR_PREAUTH_REQUIRED +#if 0 + || ret == KRB5KDC_ERR_BADOPTION +#endif + && set_ptypes(context, &error, &ptypes, &my_preauth)) { + done = 0; + preauth = my_preauth; + free_KRB_ERROR(&error); + continue; + } + if(ret_as_reply) + ret_as_reply->error = error; + else + free_KRB_ERROR (&error); + return ret; + } + return ret; + } + krb5_data_free(&resp); + } while(!done); + + pa = NULL; + etype = rep.kdc_rep.enc_part.etype; + if(rep.kdc_rep.padata){ + int index = 0; + pa = krb5_find_padata(rep.kdc_rep.padata->val, rep.kdc_rep.padata->len, + pa_pw_salt, &index); + if(pa == NULL) { + index = 0; + pa = krb5_find_padata(rep.kdc_rep.padata->val, + rep.kdc_rep.padata->len, + pa_afs3_salt, &index); + } + } + if(pa) { + salt.salttype = pa->padata_type; + salt.saltvalue = pa->padata_value; + + ret = (*key_proc)(context, etype, salt, keyseed, &key); + } else { + /* make a v5 salted pa-data */ + ret = krb5_get_pw_salt (context, creds->client, &salt); + + if (ret) + goto out; + ret = (*key_proc)(context, etype, salt, keyseed, &key); + krb5_free_salt(context, salt); + } + if (ret) + goto out; + + ret = _krb5_extract_ticket(context, + &rep, + creds, + key, + keyseed, + KRB5_KU_AS_REP_ENC_PART, + NULL, + nonce, + FALSE, + decrypt_proc, + decryptarg); + memset (key->keyvalue.data, 0, key->keyvalue.length); + krb5_free_keyblock_contents (context, key); + free (key); + +out: + if (ret == 0 && ret_as_reply) + *ret_as_reply = rep; + else + krb5_free_kdc_rep (context, &rep); + return ret; +} + +krb5_error_code +krb5_get_in_tkt(krb5_context context, + krb5_flags options, + const krb5_addresses *addrs, + const krb5_enctype *etypes, + const krb5_preauthtype *ptypes, + krb5_key_proc key_proc, + krb5_const_pointer keyseed, + krb5_decrypt_proc decrypt_proc, + krb5_const_pointer decryptarg, + krb5_creds *creds, + krb5_ccache ccache, + krb5_kdc_rep *ret_as_reply) +{ + krb5_error_code ret; + krb5_kdc_flags opts; + opts.i = 0; + opts.b = int2KDCOptions(options); + + ret = krb5_get_in_cred (context, + opts.i, + addrs, + etypes, + ptypes, + NULL, + key_proc, + keyseed, + decrypt_proc, + decryptarg, + creds, + ret_as_reply); + if(ret) + return ret; + ret = krb5_cc_store_cred (context, ccache, creds); + krb5_free_creds_contents (context, creds); + return ret; +} diff --git a/crypto/heimdal/lib/krb5/get_in_tkt_pw.c b/crypto/heimdal/lib/krb5/get_in_tkt_pw.c new file mode 100644 index 0000000..4fb8800 --- /dev/null +++ b/crypto/heimdal/lib/krb5/get_in_tkt_pw.c @@ -0,0 +1,87 @@ +/* + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: get_in_tkt_pw.c,v 1.15 1999/12/02 17:05:10 joda Exp $"); + +krb5_error_code +krb5_password_key_proc (krb5_context context, + krb5_enctype type, + krb5_salt salt, + krb5_const_pointer keyseed, + krb5_keyblock **key) +{ + krb5_error_code ret; + const char *password = (const char *)keyseed; + char buf[BUFSIZ]; + + *key = malloc (sizeof (**key)); + if (*key == NULL) + return ENOMEM; + if (password == NULL) { + if(des_read_pw_string (buf, sizeof(buf), "Password: ", 0)) { + free (*key); + return KRB5_LIBOS_PWDINTR; + } + password = buf; + } + ret = krb5_string_to_key_salt (context, type, password, salt, *key); + memset (buf, 0, sizeof(buf)); + return ret; +} + +krb5_error_code +krb5_get_in_tkt_with_password (krb5_context context, + krb5_flags options, + krb5_addresses *addrs, + const krb5_enctype *etypes, + const krb5_preauthtype *pre_auth_types, + const char *password, + krb5_ccache ccache, + krb5_creds *creds, + krb5_kdc_rep *ret_as_reply) +{ + return krb5_get_in_tkt (context, + options, + addrs, + etypes, + pre_auth_types, + krb5_password_key_proc, + password, + NULL, + NULL, + creds, + ccache, + ret_as_reply); +} diff --git a/crypto/heimdal/lib/krb5/get_in_tkt_with_keytab.c b/crypto/heimdal/lib/krb5/get_in_tkt_with_keytab.c new file mode 100644 index 0000000..d78ef35 --- /dev/null +++ b/crypto/heimdal/lib/krb5/get_in_tkt_with_keytab.c @@ -0,0 +1,103 @@ +/* + * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: get_in_tkt_with_keytab.c,v 1.5 1999/12/02 17:05:10 joda Exp $"); + +krb5_error_code +krb5_keytab_key_proc (krb5_context context, + krb5_enctype enctype, + krb5_salt salt, + krb5_const_pointer keyseed, + krb5_keyblock **key) +{ + krb5_keytab_key_proc_args *args = (krb5_keytab_key_proc_args *)keyseed; + krb5_keytab keytab = args->keytab; + krb5_principal principal = args->principal; + krb5_error_code ret; + krb5_keytab real_keytab; + krb5_keytab_entry entry; + + if(keytab == NULL) + krb5_kt_default(context, &real_keytab); + else + real_keytab = keytab; + + ret = krb5_kt_get_entry (context, real_keytab, principal, + 0, enctype, &entry); + + if (keytab == NULL) + krb5_kt_close (context, real_keytab); + + if (ret) + return ret; + + ret = krb5_copy_keyblock (context, &entry.keyblock, key); + krb5_kt_free_entry(context, &entry); + return ret; +} + +krb5_error_code +krb5_get_in_tkt_with_keytab (krb5_context context, + krb5_flags options, + krb5_addresses *addrs, + const krb5_enctype *etypes, + const krb5_preauthtype *pre_auth_types, + krb5_keytab keytab, + krb5_ccache ccache, + krb5_creds *creds, + krb5_kdc_rep *ret_as_reply) +{ + krb5_keytab_key_proc_args *a; + + a = malloc(sizeof(*a)); + if (a == NULL) + return ENOMEM; + + a->principal = creds->client; + a->keytab = keytab; + + return krb5_get_in_tkt (context, + options, + addrs, + etypes, + pre_auth_types, + krb5_keytab_key_proc, + a, + NULL, + NULL, + creds, + ccache, + ret_as_reply); +} diff --git a/crypto/heimdal/lib/krb5/get_in_tkt_with_skey.c b/crypto/heimdal/lib/krb5/get_in_tkt_with_skey.c new file mode 100644 index 0000000..773d361 --- /dev/null +++ b/crypto/heimdal/lib/krb5/get_in_tkt_with_skey.c @@ -0,0 +1,82 @@ +/* + * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: get_in_tkt_with_skey.c,v 1.3 1999/12/02 17:05:10 joda Exp $"); + +static krb5_error_code +krb5_skey_key_proc (krb5_context context, + krb5_enctype type, + krb5_salt salt, + krb5_const_pointer keyseed, + krb5_keyblock **key) +{ + return krb5_copy_keyblock (context, keyseed, key); +} + +krb5_error_code +krb5_get_in_tkt_with_skey (krb5_context context, + krb5_flags options, + krb5_addresses *addrs, + const krb5_enctype *etypes, + const krb5_preauthtype *pre_auth_types, + const krb5_keyblock *key, + krb5_ccache ccache, + krb5_creds *creds, + krb5_kdc_rep *ret_as_reply) +{ + if(key == NULL) + return krb5_get_in_tkt_with_keytab (context, + options, + addrs, + etypes, + pre_auth_types, + NULL, + ccache, + creds, + ret_as_reply); + else + return krb5_get_in_tkt (context, + options, + addrs, + etypes, + pre_auth_types, + krb5_skey_key_proc, + key, + NULL, + NULL, + creds, + ccache, + ret_as_reply); +} diff --git a/crypto/heimdal/lib/krb5/get_port.c b/crypto/heimdal/lib/krb5/get_port.c new file mode 100644 index 0000000..17bb45f --- /dev/null +++ b/crypto/heimdal/lib/krb5/get_port.c @@ -0,0 +1,52 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <krb5_locl.h> + +RCSID("$Id: get_port.c,v 1.7 1999/12/02 17:05:10 joda Exp $"); + +int +krb5_getportbyname (krb5_context context, + const char *service, + const char *proto, + int default_port) +{ + struct servent *sp; + + if ((sp = roken_getservbyname (service, proto)) == NULL) { + krb5_warnx(context, "%s/%s unknown service, using default port %d", + service, proto, default_port); + return htons(default_port); + } else + return sp->s_port; +} diff --git a/crypto/heimdal/lib/krb5/heim_err.et b/crypto/heimdal/lib/krb5/heim_err.et new file mode 100644 index 0000000..5ec3543 --- /dev/null +++ b/crypto/heimdal/lib/krb5/heim_err.et @@ -0,0 +1,18 @@ +# +# Error messages for the krb5 library +# +# This might look like a com_err file, but is not +# +id "$Id: heim_err.et,v 1.7 1999/08/25 20:49:17 joda Exp $" + +error_table heim + +prefix HEIM_ERR + +error_code LOG_PARSE, "Error parsing log destination" +error_code V4_PRINC_NO_CONV, "Failed to convert v4 principal" +error_code SALTTYPE_NOSUPP, "Salt type is not supported by enctype" +error_code NOHOST, "Host not found" +error_code OPNOTSUPP, "Operation not supported" + +end diff --git a/crypto/heimdal/lib/krb5/init_creds.c b/crypto/heimdal/lib/krb5/init_creds.c new file mode 100644 index 0000000..404fa5a --- /dev/null +++ b/crypto/heimdal/lib/krb5/init_creds.c @@ -0,0 +1,111 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: init_creds.c,v 1.2 1999/12/02 17:05:10 joda Exp $"); + +void +krb5_get_init_creds_opt_init(krb5_get_init_creds_opt *opt) +{ + memset (opt, 0, sizeof(*opt)); + opt->flags = 0; +} + +void +krb5_get_init_creds_opt_set_tkt_life(krb5_get_init_creds_opt *opt, + krb5_deltat tkt_life) +{ + opt->flags |= KRB5_GET_INIT_CREDS_OPT_TKT_LIFE; + opt->tkt_life = tkt_life; +} + +void +krb5_get_init_creds_opt_set_renew_life(krb5_get_init_creds_opt *opt, + krb5_deltat renew_life) +{ + opt->flags |= KRB5_GET_INIT_CREDS_OPT_RENEW_LIFE; + opt->renew_life = renew_life; +} + +void +krb5_get_init_creds_opt_set_forwardable(krb5_get_init_creds_opt *opt, + int forwardable) +{ + opt->flags |= KRB5_GET_INIT_CREDS_OPT_FORWARDABLE; + opt->forwardable = forwardable; +} + +void +krb5_get_init_creds_opt_set_proxiable(krb5_get_init_creds_opt *opt, + int proxiable) +{ + opt->flags |= KRB5_GET_INIT_CREDS_OPT_PROXIABLE; + opt->proxiable = proxiable; +} + +void +krb5_get_init_creds_opt_set_etype_list(krb5_get_init_creds_opt *opt, + krb5_enctype *etype_list, + int etype_list_length) +{ + opt->flags |= KRB5_GET_INIT_CREDS_OPT_ETYPE_LIST; + opt->etype_list = etype_list; + opt->etype_list_length = etype_list_length; +} + +void +krb5_get_init_creds_opt_set_address_list(krb5_get_init_creds_opt *opt, + krb5_addresses *addresses) +{ + opt->flags |= KRB5_GET_INIT_CREDS_OPT_ADDRESS_LIST; + opt->address_list = addresses; +} + +void +krb5_get_init_creds_opt_set_preauth_list(krb5_get_init_creds_opt *opt, + krb5_preauthtype *preauth_list, + int preauth_list_length) +{ + opt->flags |= KRB5_GET_INIT_CREDS_OPT_PREAUTH_LIST; + opt->preauth_list_length = preauth_list_length; + opt->preauth_list = preauth_list; +} + +void +krb5_get_init_creds_opt_set_salt(krb5_get_init_creds_opt *opt, + krb5_data *salt) +{ + opt->flags |= KRB5_GET_INIT_CREDS_OPT_SALT; + opt->salt = salt; +} diff --git a/crypto/heimdal/lib/krb5/init_creds_pw.c b/crypto/heimdal/lib/krb5/init_creds_pw.c new file mode 100644 index 0000000..84b295f --- /dev/null +++ b/crypto/heimdal/lib/krb5/init_creds_pw.c @@ -0,0 +1,547 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: init_creds_pw.c,v 1.36 1999/12/02 17:05:10 joda Exp $"); + +static int +get_config_time (krb5_context context, + char *realm, + char *name, + int def) +{ + int ret; + + ret = krb5_config_get_time (context, NULL, + "realms", + realm, + name, + NULL); + if (ret >= 0) + return ret; + ret = krb5_config_get_time (context, NULL, + "libdefaults", + name, + NULL); + if (ret >= 0) + return ret; + return def; +} + +static krb5_boolean +get_config_bool (krb5_context context, + char *realm, + char *name) +{ + return krb5_config_get_bool (context, + NULL, + "realms", + realm, + name, + NULL) + || krb5_config_get_bool (context, + NULL, + "libdefaults", + name, + NULL); +} + +static krb5_error_code +init_cred (krb5_context context, + krb5_creds *cred, + krb5_principal client, + krb5_deltat start_time, + const char *in_tkt_service, + krb5_get_init_creds_opt *options) +{ + krb5_error_code ret; + krb5_realm *client_realm; + int tmp; + int32_t now; + + krb5_timeofday (context, &now); + + memset (cred, 0, sizeof(*cred)); + + if (client) + krb5_copy_principal(context, client, &cred->client); + else { + ret = krb5_get_default_principal (context, + &cred->client); + if (ret) + goto out; + } + + client_realm = krb5_princ_realm (context, cred->client); + + if (start_time) + cred->times.starttime = now + start_time; + + if (options->flags & KRB5_GET_INIT_CREDS_OPT_TKT_LIFE) + tmp = options->tkt_life; + else + tmp = get_config_time (context, + *client_realm, + "ticket_lifetime", + 10 * 60 * 60); + cred->times.endtime = now + tmp; + + tmp = 0; + if (options->flags & KRB5_GET_INIT_CREDS_OPT_RENEW_LIFE) + tmp = options->renew_life; + else + tmp = get_config_time (context, + *client_realm, + "renew_lifetime", + 0); + if (tmp) + cred->times.renew_till = now + tmp; + + if (in_tkt_service) { + krb5_realm server_realm; + + ret = krb5_parse_name (context, in_tkt_service, &cred->server); + if (ret) + goto out; + server_realm = strdup (*client_realm); + free (cred->server->realm); + krb5_princ_set_realm (context, cred->server, &server_realm); + } else { + ret = krb5_make_principal(context, &cred->server, + *client_realm, KRB5_TGS_NAME, *client_realm, + NULL); + if (ret) + goto out; + } + return 0; + +out: + krb5_free_creds_contents (context, cred); + return ret; +} + +/* + * Parse the last_req data and show it to the user if it's interesting + */ + +static void +print_expire (krb5_context context, + krb5_realm *realm, + krb5_kdc_rep *rep, + krb5_prompter_fct prompter, + krb5_data *data) +{ + int i; + LastReq *lr = &rep->enc_part.last_req; + int32_t sec; + time_t t; + + krb5_timeofday (context, &sec); + + t = sec + get_config_time (context, + *realm, + "warn_pwexpire", + 7 * 24 * 60 * 60); + + for (i = 0; i < lr->len; ++i) { + if (lr->val[i].lr_type == 6 + && lr->val[i].lr_value <= t) { + char *p; + + asprintf (&p, "Your password will expire at %s", + ctime(&lr->val[i].lr_value)); + (*prompter) (context, data, p, 0, NULL); + free (p); + return; + } + } + + if (rep->enc_part.key_expiration + && *rep->enc_part.key_expiration <= t) { + char *p; + + asprintf (&p, "Your password/account will expire at %s", + ctime(rep->enc_part.key_expiration)); + (*prompter) (context, data, p, 0, NULL); + free (p); + } +} + +static krb5_error_code +get_init_creds_common(krb5_context context, + krb5_creds *creds, + krb5_principal client, + krb5_deltat start_time, + const char *in_tkt_service, + krb5_get_init_creds_opt *options, + krb5_addresses **addrs, + krb5_enctype **etypes, + krb5_creds *cred, + krb5_preauthtype **pre_auth_types, + krb5_kdc_flags *flags) +{ + krb5_error_code ret; + krb5_realm *client_realm; + + ret = init_cred (context, cred, client, start_time, + in_tkt_service, options); + if (ret) + return ret; + + client_realm = krb5_princ_realm (context, cred->client); + + flags->i = 0; + + if (options->flags & KRB5_GET_INIT_CREDS_OPT_FORWARDABLE) + flags->b.forwardable = options->forwardable; + else + flags->b.forwardable = get_config_bool (context, + *client_realm, + "forwardable"); + + if (options->flags & KRB5_GET_INIT_CREDS_OPT_PROXIABLE) + flags->b.proxiable = options->proxiable; + else + flags->b.proxiable = get_config_bool (context, + *client_realm, + "proxiable"); + + if (start_time) + flags->b.postdated = 1; + if (cred->times.renew_till) + flags->b.renewable = 1; + if (options->flags & KRB5_GET_INIT_CREDS_OPT_ADDRESS_LIST) + *addrs = options->address_list; + if (options->flags & KRB5_GET_INIT_CREDS_OPT_ETYPE_LIST) { + *etypes = malloc((options->etype_list_length + 1) + * sizeof(krb5_enctype)); + if (*etypes == NULL) + return ENOMEM; + memcpy (*etypes, options->etype_list, + options->etype_list_length * sizeof(krb5_enctype)); + (*etypes)[options->etype_list_length] = ETYPE_NULL; + } + if (options->flags & KRB5_GET_INIT_CREDS_OPT_PREAUTH_LIST) { + *pre_auth_types = malloc((options->preauth_list_length + 1) + * sizeof(krb5_preauthtype)); + if (*pre_auth_types == NULL) + return ENOMEM; + memcpy (*pre_auth_types, options->preauth_list, + options->preauth_list_length * sizeof(krb5_preauthtype)); + (*pre_auth_types)[options->preauth_list_length] = KRB5_PADATA_NONE; + } + if (options->flags & KRB5_GET_INIT_CREDS_OPT_SALT) + ; /* XXX */ + return 0; +} + +static krb5_error_code +change_password (krb5_context context, + krb5_principal client, + const char *password, + char *newpw, + size_t newpw_sz, + krb5_prompter_fct prompter, + void *data, + krb5_get_init_creds_opt *old_options) +{ + krb5_prompt prompt; + krb5_error_code ret; + krb5_creds cpw_cred; + char buf1[BUFSIZ], buf2[BUFSIZ]; + krb5_data password_data; + int result_code; + krb5_data result_code_string; + krb5_data result_string; + char *p; + krb5_get_init_creds_opt options; + + memset (&cpw_cred, 0, sizeof(cpw_cred)); + + krb5_get_init_creds_opt_init (&options); + krb5_get_init_creds_opt_set_tkt_life (&options, 60); + krb5_get_init_creds_opt_set_preauth_list (&options, + old_options->preauth_list, + old_options->preauth_list_length); + + krb5_data_zero (&result_code_string); + krb5_data_zero (&result_string); + + ret = krb5_get_init_creds_password (context, + &cpw_cred, + client, + password, + prompter, + data, + 0, + "kadmin/changepw", + &options); + if (ret) + goto out; + + for(;;) { + password_data.data = buf1; + password_data.length = sizeof(buf1); + + prompt.hidden = 1; + prompt.prompt = "New password: "; + prompt.reply = &password_data; + + ret = (*prompter) (context, data, "Changing password", 1, &prompt); + if (ret) + goto out; + + password_data.data = buf2; + password_data.length = sizeof(buf2); + + prompt.hidden = 1; + prompt.prompt = "Repeat new password: "; + prompt.reply = &password_data; + + ret = (*prompter) (context, data, "Changing password", 1, &prompt); + if (ret) + goto out; + + if (strcmp (buf1, buf2) == 0) + break; + } + + ret = krb5_change_password (context, + &cpw_cred, + buf1, + &result_code, + &result_code_string, + &result_string); + if (ret) + goto out; + asprintf (&p, "%s: %.*s\n", + result_code ? "Error" : "Success", + (int)result_string.length, + (char*)result_string.data); + + ret = (*prompter) (context, data, p, 0, NULL); + free (p); + if (result_code == 0) { + strncpy (newpw, buf1, newpw_sz); + ret = 0; + } else + ret = ENOTTY; + +out: + memset (buf1, 0, sizeof(buf1)); + memset (buf2, 0, sizeof(buf2)); + krb5_data_free (&result_string); + krb5_data_free (&result_code_string); + krb5_free_creds_contents (context, &cpw_cred); + return ret; +} + +krb5_error_code +krb5_get_init_creds_password(krb5_context context, + krb5_creds *creds, + krb5_principal client, + const char *password, + krb5_prompter_fct prompter, + void *data, + krb5_deltat start_time, + const char *in_tkt_service, + krb5_get_init_creds_opt *options) +{ + krb5_error_code ret; + krb5_kdc_flags flags; + krb5_addresses *addrs = NULL; + krb5_enctype *etypes = NULL; + krb5_preauthtype *pre_auth_types = NULL; + krb5_creds this_cred; + krb5_kdc_rep kdc_reply; + char buf[BUFSIZ]; + krb5_data password_data; + int done; + + ret = get_init_creds_common(context, creds, client, start_time, + in_tkt_service, options, + &addrs, &etypes, &this_cred, &pre_auth_types, + &flags); + if(ret) + goto out; + + if (password == NULL) { + krb5_prompt prompt; + char *p; + + krb5_unparse_name (context, this_cred.client, &p); + asprintf (&prompt.prompt, "%s's Password: ", p); + free (p); + password_data.data = buf; + password_data.length = sizeof(buf); + prompt.hidden = 1; + prompt.reply = &password_data; + + ret = (*prompter) (context, data, NULL, 1, &prompt); + free (prompt.prompt); + if (ret) { + memset (buf, 0, sizeof(buf)); + ret = KRB5_LIBOS_PWDINTR; + goto out; + } + password = password_data.data; + } + + done = 0; + while(!done) { + memset(&kdc_reply, 0, sizeof(kdc_reply)); + ret = krb5_get_in_cred (context, + flags.i, + addrs, + etypes, + pre_auth_types, + NULL, + krb5_password_key_proc, + password, + NULL, + NULL, + &this_cred, + &kdc_reply); + switch (ret) { + case 0 : + done = 1; + break; + case KRB5KDC_ERR_KEY_EXPIRED : + ret = change_password (context, + client, + password, + buf, + sizeof(buf), + prompter, + data, + options); + if (ret) + goto out; + password = buf; + break; + default: + goto out; + } + } + + if (prompter) + print_expire (context, + krb5_princ_realm (context, this_cred.client), + &kdc_reply, + prompter, + data); +out: + memset (buf, 0, sizeof(buf)); + if (ret == 0) + krb5_free_kdc_rep (context, &kdc_reply); + + free (pre_auth_types); + free (etypes); + if (ret == 0 && creds) + *creds = this_cred; + else + krb5_free_creds_contents (context, &this_cred); + return ret; +} + +krb5_error_code +krb5_keyblock_key_proc (krb5_context context, + krb5_keytype type, + krb5_data *salt, + krb5_const_pointer keyseed, + krb5_keyblock **key) +{ + return krb5_copy_keyblock (context, keyseed, key); +} + +krb5_error_code +krb5_get_init_creds_keytab(krb5_context context, + krb5_creds *creds, + krb5_principal client, + krb5_keytab keytab, + krb5_deltat start_time, + const char *in_tkt_service, + krb5_get_init_creds_opt *options) +{ + krb5_error_code ret; + krb5_kdc_flags flags; + krb5_addresses *addrs = NULL; + krb5_enctype *etypes = NULL; + krb5_preauthtype *pre_auth_types = NULL; + krb5_creds this_cred; + krb5_keytab_key_proc_args *a; + + ret = get_init_creds_common(context, creds, client, start_time, + in_tkt_service, options, + &addrs, &etypes, &this_cred, &pre_auth_types, + &flags); + if(ret) + goto out; + + a = malloc (sizeof(*a)); + if (a == NULL) { + ret = ENOMEM; + goto out; + } + a->principal = this_cred.client; + a->keytab = keytab; + + ret = krb5_get_in_cred (context, + flags.i, + addrs, + etypes, + pre_auth_types, + NULL, + krb5_keytab_key_proc, + a, + NULL, + NULL, + &this_cred, + NULL); + if (ret) + goto out; + free (pre_auth_types); + free (etypes); + if (creds) + *creds = this_cred; + else + krb5_free_creds_contents (context, &this_cred); + return 0; + +out: + free (pre_auth_types); + free (etypes); + krb5_free_creds_contents (context, &this_cred); + return ret; +} diff --git a/crypto/heimdal/lib/krb5/keyblock.c b/crypto/heimdal/lib/krb5/keyblock.c new file mode 100644 index 0000000..89732a0 --- /dev/null +++ b/crypto/heimdal/lib/krb5/keyblock.c @@ -0,0 +1,77 @@ +/* + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +void +krb5_free_keyblock_contents(krb5_context context, + krb5_keyblock *keyblock) +{ + if(keyblock) { + if (keyblock->keyvalue.data != NULL) + memset(keyblock->keyvalue.data, 0, keyblock->keyvalue.length); + krb5_data_free (&keyblock->keyvalue); + } +} + +void +krb5_free_keyblock(krb5_context context, + krb5_keyblock *keyblock) +{ + if(keyblock){ + krb5_free_keyblock_contents(context, keyblock); + free(keyblock); + } +} + +krb5_error_code +krb5_copy_keyblock_contents (krb5_context context, + const krb5_keyblock *inblock, + krb5_keyblock *to) +{ + return copy_EncryptionKey(inblock, to); +} + +krb5_error_code +krb5_copy_keyblock (krb5_context context, + const krb5_keyblock *inblock, + krb5_keyblock **to) +{ + krb5_keyblock *k; + + k = malloc (sizeof(*k)); + if (k == NULL) + return ENOMEM; + *to = k; + return krb5_copy_keyblock_contents (context, inblock, k); +} diff --git a/crypto/heimdal/lib/krb5/keytab.c b/crypto/heimdal/lib/krb5/keytab.c new file mode 100644 index 0000000..af853a4 --- /dev/null +++ b/crypto/heimdal/lib/krb5/keytab.c @@ -0,0 +1,407 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: keytab.c,v 1.45 2000/01/02 00:31:20 assar Exp $"); + +/* + * Register a new keytab in `ops' + * Return 0 or an error. + */ + +krb5_error_code +krb5_kt_register(krb5_context context, + const krb5_kt_ops *ops) +{ + struct krb5_keytab_data *tmp; + + tmp = realloc(context->kt_types, + (context->num_kt_types + 1) * sizeof(*context->kt_types)); + if(tmp == NULL) + return ENOMEM; + memcpy(&tmp[context->num_kt_types], ops, + sizeof(tmp[context->num_kt_types])); + context->kt_types = tmp; + context->num_kt_types++; + return 0; +} + +/* + * Resolve the keytab name (of the form `type:residual') in `name' + * into a keytab in `id'. + * Return 0 or an error + */ + +krb5_error_code +krb5_kt_resolve(krb5_context context, + const char *name, + krb5_keytab *id) +{ + krb5_keytab k; + int i; + const char *type, *residual; + size_t type_len; + krb5_error_code ret; + + residual = strchr(name, ':'); + if(residual == NULL) { + type = "FILE"; + type_len = strlen(type); + residual = name; + } else { + type = name; + type_len = residual - name; + residual++; + } + + for(i = 0; i < context->num_kt_types; i++) { + if(strncmp(type, context->kt_types[i].prefix, type_len) == 0) + break; + } + if(i == context->num_kt_types) + return KRB5_KT_UNKNOWN_TYPE; + + k = malloc (sizeof(*k)); + if (k == NULL) + return ENOMEM; + memcpy(k, &context->kt_types[i], sizeof(*k)); + k->data = NULL; + ret = (*k->resolve)(context, residual, k); + if(ret) { + free(k); + k = NULL; + } + *id = k; + return ret; +} + +/* + * copy the name of the default keytab into `name'. + * Return 0 or KRB5_CONFIG_NOTENUFSPACE if `namesize' is too short. + */ + +krb5_error_code +krb5_kt_default_name(krb5_context context, char *name, size_t namesize) +{ + strncpy(name, context->default_keytab, namesize); + if(strlen(context->default_keytab) >= namesize) + return KRB5_CONFIG_NOTENUFSPACE; + return 0; +} + +/* + * Set `id' to the default keytab. + * Return 0 or an error. + */ + +krb5_error_code +krb5_kt_default(krb5_context context, krb5_keytab *id) +{ + return krb5_kt_resolve (context, context->default_keytab, id); +} + +/* + * Read the key identified by `(principal, vno, enctype)' from the + * keytab in `keyprocarg' (the default if == NULL) into `*key'. + * Return 0 or an error. + */ + +krb5_error_code +krb5_kt_read_service_key(krb5_context context, + krb5_pointer keyprocarg, + krb5_principal principal, + krb5_kvno vno, + krb5_enctype enctype, + krb5_keyblock **key) +{ + krb5_keytab keytab; + krb5_keytab_entry entry; + krb5_error_code ret; + + if (keyprocarg) + ret = krb5_kt_resolve (context, keyprocarg, &keytab); + else + ret = krb5_kt_default (context, &keytab); + + if (ret) + return ret; + + ret = krb5_kt_get_entry (context, keytab, principal, vno, enctype, &entry); + krb5_kt_close (context, keytab); + if (ret) + return ret; + ret = krb5_copy_keyblock (context, &entry.keyblock, key); + krb5_kt_free_entry(context, &entry); + return ret; +} + +/* + * Retrieve the name of the keytab `keytab' into `name', `namesize' + * Return 0 or an error. + */ + +krb5_error_code +krb5_kt_get_name(krb5_context context, + krb5_keytab keytab, + char *name, + size_t namesize) +{ + return (*keytab->get_name)(context, keytab, name, namesize); +} + +/* + * Finish using the keytab in `id'. All resources will be released. + * Return 0 or an error. + */ + +krb5_error_code +krb5_kt_close(krb5_context context, + krb5_keytab id) +{ + krb5_error_code ret; + + ret = (*id->close)(context, id); + if(ret == 0) + free(id); + return ret; +} + +/* + * Compare `entry' against `principal, vno, enctype'. + * Any of `principal, vno, enctype' might be 0 which acts as a wildcard. + * Return TRUE if they compare the same, FALSE otherwise. + */ + +krb5_boolean +krb5_kt_compare(krb5_context context, + krb5_keytab_entry *entry, + krb5_const_principal principal, + krb5_kvno vno, + krb5_enctype enctype) +{ + if(principal != NULL && + !krb5_principal_compare(context, entry->principal, principal)) + return FALSE; + if(vno && vno != entry->vno) + return FALSE; + if(enctype && enctype != entry->keyblock.keytype) + return FALSE; + return TRUE; +} + +/* + * Retrieve the keytab entry for `principal, kvno, enctype' into `entry' + * from the keytab `id'. + * Return 0 or an error. + */ + +krb5_error_code +krb5_kt_get_entry(krb5_context context, + krb5_keytab id, + krb5_const_principal principal, + krb5_kvno kvno, + krb5_enctype enctype, + krb5_keytab_entry *entry) +{ + krb5_keytab_entry tmp; + krb5_error_code ret; + krb5_kt_cursor cursor; + + if(id->get) + return (*id->get)(context, id, principal, kvno, enctype, entry); + + ret = krb5_kt_start_seq_get (context, id, &cursor); + if (ret) + return KRB5_KT_NOTFOUND; /* XXX i.e. file not found */ + + entry->vno = 0; + while (krb5_kt_next_entry(context, id, &tmp, &cursor) == 0) { + if (krb5_kt_compare(context, &tmp, principal, 0, enctype)) { + if (kvno == tmp.vno) { + krb5_kt_copy_entry_contents (context, &tmp, entry); + krb5_kt_free_entry (context, &tmp); + krb5_kt_end_seq_get(context, id, &cursor); + return 0; + } else if (kvno == 0 && tmp.vno > entry->vno) { + if (entry->vno) + krb5_kt_free_entry (context, entry); + krb5_kt_copy_entry_contents (context, &tmp, entry); + } + } + krb5_kt_free_entry(context, &tmp); + } + krb5_kt_end_seq_get (context, id, &cursor); + if (entry->vno) + return 0; + else + return KRB5_KT_NOTFOUND; +} + +/* + * Copy the contents of `in' into `out'. + * Return 0 or an error. + */ + +krb5_error_code +krb5_kt_copy_entry_contents(krb5_context context, + const krb5_keytab_entry *in, + krb5_keytab_entry *out) +{ + krb5_error_code ret; + + memset(out, 0, sizeof(*out)); + out->vno = in->vno; + + ret = krb5_copy_principal (context, in->principal, &out->principal); + if (ret) + goto fail; + ret = krb5_copy_keyblock_contents (context, + &in->keyblock, + &out->keyblock); + if (ret) + goto fail; + out->timestamp = in->timestamp; + return 0; +fail: + krb5_kt_free_entry (context, out); + return ret; +} + +/* + * Free the contents of `entry'. + */ + +krb5_error_code +krb5_kt_free_entry(krb5_context context, + krb5_keytab_entry *entry) +{ + krb5_free_principal (context, entry->principal); + krb5_free_keyblock_contents (context, &entry->keyblock); + return 0; +} + +#if 0 +static int +xxxlock(int fd, int write) +{ + if(flock(fd, (write ? LOCK_EX : LOCK_SH) | LOCK_NB) < 0) { + sleep(1); + if(flock(fd, (write ? LOCK_EX : LOCK_SH) | LOCK_NB) < 0) + return -1; + } + return 0; +} + +static void +xxxunlock(int fd) +{ + flock(fd, LOCK_UN); +} +#endif + +/* + * Set `cursor' to point at the beginning of `id'. + * Return 0 or an error. + */ + +krb5_error_code +krb5_kt_start_seq_get(krb5_context context, + krb5_keytab id, + krb5_kt_cursor *cursor) +{ + if(id->start_seq_get == NULL) + return HEIM_ERR_OPNOTSUPP; + return (*id->start_seq_get)(context, id, cursor); +} + +/* + * Get the next entry from `id' pointed to by `cursor' and advance the + * `cursor'. + * Return 0 or an error. + */ + +krb5_error_code +krb5_kt_next_entry(krb5_context context, + krb5_keytab id, + krb5_keytab_entry *entry, + krb5_kt_cursor *cursor) +{ + if(id->next_entry == NULL) + return HEIM_ERR_OPNOTSUPP; + return (*id->next_entry)(context, id, entry, cursor); +} + +/* + * Release all resources associated with `cursor'. + */ + +krb5_error_code +krb5_kt_end_seq_get(krb5_context context, + krb5_keytab id, + krb5_kt_cursor *cursor) +{ + if(id->end_seq_get == NULL) + return HEIM_ERR_OPNOTSUPP; + return (*id->end_seq_get)(context, id, cursor); +} + +/* + * Add the entry in `entry' to the keytab `id'. + * Return 0 or an error. + */ + +krb5_error_code +krb5_kt_add_entry(krb5_context context, + krb5_keytab id, + krb5_keytab_entry *entry) +{ + if(id->add == NULL) + return KRB5_KT_NOWRITE; + return (*id->add)(context, id,entry); +} + +/* + * Remove the entry `entry' from the keytab `id'. + * Return 0 or an error. + */ + +krb5_error_code +krb5_kt_remove_entry(krb5_context context, + krb5_keytab id, + krb5_keytab_entry *entry) +{ + if(id->remove == NULL) + return KRB5_KT_NOWRITE; + return (*id->remove)(context, id, entry); +} diff --git a/crypto/heimdal/lib/krb5/keytab_file.c b/crypto/heimdal/lib/krb5/keytab_file.c new file mode 100644 index 0000000..c6c35e5 --- /dev/null +++ b/crypto/heimdal/lib/krb5/keytab_file.c @@ -0,0 +1,540 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: keytab_file.c,v 1.6 2000/01/02 00:20:22 assar Exp $"); + +#define KRB5_KT_VNO_1 1 +#define KRB5_KT_VNO_2 2 +#define KRB5_KT_VNO KRB5_KT_VNO_2 + +/* file operations -------------------------------------------- */ + +struct fkt_data { + char *filename; +}; + +static krb5_error_code +krb5_kt_ret_data(krb5_storage *sp, + krb5_data *data) +{ + int ret; + int16_t size; + ret = krb5_ret_int16(sp, &size); + if(ret) + return ret; + data->length = size; + data->data = malloc(size); + if (data->data == NULL) + return ENOMEM; + ret = sp->fetch(sp, data->data, size); + if(ret != size) + return (ret < 0)? errno : KRB5_KT_END; + return 0; +} + +static krb5_error_code +krb5_kt_ret_string(krb5_storage *sp, + general_string *data) +{ + int ret; + int16_t size; + ret = krb5_ret_int16(sp, &size); + if(ret) + return ret; + *data = malloc(size + 1); + if (*data == NULL) + return ENOMEM; + ret = sp->fetch(sp, *data, size); + (*data)[size] = '\0'; + if(ret != size) + return (ret < 0)? errno : KRB5_KT_END; + return 0; +} + +static krb5_error_code +krb5_kt_store_data(krb5_storage *sp, + krb5_data data) +{ + int ret; + ret = krb5_store_int16(sp, data.length); + if(ret < 0) + return ret; + ret = sp->store(sp, data.data, data.length); + if(ret != data.length){ + if(ret < 0) + return errno; + return KRB5_KT_END; + } + return 0; +} + +static krb5_error_code +krb5_kt_store_string(krb5_storage *sp, + general_string data) +{ + int ret; + size_t len = strlen(data); + ret = krb5_store_int16(sp, len); + if(ret < 0) + return ret; + ret = sp->store(sp, data, len); + if(ret != len){ + if(ret < 0) + return errno; + return KRB5_KT_END; + } + return 0; +} + +static krb5_error_code +krb5_kt_ret_keyblock(krb5_storage *sp, krb5_keyblock *p) +{ + int ret; + int16_t tmp; + + ret = krb5_ret_int16(sp, &tmp); /* keytype + etype */ + if(ret) return ret; + p->keytype = tmp; + ret = krb5_kt_ret_data(sp, &p->keyvalue); + return ret; +} + +static krb5_error_code +krb5_kt_store_keyblock(krb5_storage *sp, + krb5_keyblock *p) +{ + int ret; + + ret = krb5_store_int16(sp, p->keytype); /* keytype + etype */ + if(ret) return ret; + ret = krb5_kt_store_data(sp, p->keyvalue); + return ret; +} + + +static krb5_error_code +krb5_kt_ret_principal(krb5_storage *sp, + krb5_principal *princ) +{ + int i; + int ret; + krb5_principal p; + int16_t tmp; + + ALLOC(p, 1); + if(p == NULL) + return ENOMEM; + + ret = krb5_ret_int16(sp, &tmp); + if(ret) + return ret; + if (sp->flags & KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS) + tmp--; + p->name.name_string.len = tmp; + ret = krb5_kt_ret_string(sp, &p->realm); + if(ret) return ret; + p->name.name_string.val = calloc(p->name.name_string.len, + sizeof(*p->name.name_string.val)); + if(p->name.name_string.val == NULL) + return ENOMEM; + for(i = 0; i < p->name.name_string.len; i++){ + ret = krb5_kt_ret_string(sp, p->name.name_string.val + i); + if(ret) return ret; + } + if (krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE)) + p->name.name_type = KRB5_NT_UNKNOWN; + else { + int32_t tmp32; + ret = krb5_ret_int32(sp, &tmp32); + p->name.name_type = tmp32; + if (ret) + return ret; + } + *princ = p; + return 0; +} + +static krb5_error_code +krb5_kt_store_principal(krb5_storage *sp, + krb5_principal p) +{ + int i; + int ret; + + if(krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS)) + ret = krb5_store_int16(sp, p->name.name_string.len + 1); + else + ret = krb5_store_int16(sp, p->name.name_string.len); + if(ret) return ret; + ret = krb5_kt_store_string(sp, p->realm); + if(ret) return ret; + for(i = 0; i < p->name.name_string.len; i++){ + ret = krb5_kt_store_string(sp, p->name.name_string.val[i]); + if(ret) return ret; + } + if(!krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE)) { + ret = krb5_store_int32(sp, p->name.name_type); + if(ret) + return ret; + } + + return 0; +} + +static krb5_error_code +fkt_resolve(krb5_context context, const char *name, krb5_keytab id) +{ + struct fkt_data *d; + d = malloc(sizeof(*d)); + if(d == NULL) + return ENOMEM; + d->filename = strdup(name); + if(d->filename == NULL) { + free(d); + return ENOMEM; + } + id->data = d; + return 0; +} + +static krb5_error_code +fkt_close(krb5_context context, krb5_keytab id) +{ + struct fkt_data *d = id->data; + free(d->filename); + free(d); + return 0; +} + +static krb5_error_code +fkt_get_name(krb5_context context, + krb5_keytab id, + char *name, + size_t namesize) +{ + /* This function is XXX */ + struct fkt_data *d = id->data; + strlcpy(name, d->filename, namesize); + return 0; +} + +static void +storage_set_flags(krb5_context context, krb5_storage *sp, int vno) +{ + int flags = 0; + switch(vno) { + case KRB5_KT_VNO_1: + flags |= KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS; + flags |= KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE; + flags |= KRB5_STORAGE_HOST_BYTEORDER; + break; + case KRB5_KT_VNO_2: + break; + default: + krb5_abortx(context, + "storage_set_flags called with bad vno (%x)", vno); + } + krb5_storage_set_flags(sp, flags); +} + +static krb5_error_code +fkt_start_seq_get_int(krb5_context context, + krb5_keytab id, + int flags, + krb5_kt_cursor *c) +{ + int8_t pvno, tag; + krb5_error_code ret; + struct fkt_data *d = id->data; + + c->fd = open (d->filename, flags); + if (c->fd < 0) + return errno; + c->sp = krb5_storage_from_fd(c->fd); + ret = krb5_ret_int8(c->sp, &pvno); + if(ret) { + krb5_storage_free(c->sp); + close(c->fd); + return ret; + } + if(pvno != 5) { + krb5_storage_free(c->sp); + close(c->fd); + return KRB5_KEYTAB_BADVNO; + } + ret = krb5_ret_int8(c->sp, &tag); + if (ret) { + krb5_storage_free(c->sp); + close(c->fd); + return ret; + } + id->version = tag; + storage_set_flags(context, c->sp, id->version); + return 0; +} + +static krb5_error_code +fkt_start_seq_get(krb5_context context, + krb5_keytab id, + krb5_kt_cursor *c) +{ + return fkt_start_seq_get_int(context, id, O_RDONLY | O_BINARY, c); +} + +static krb5_error_code +fkt_next_entry_int(krb5_context context, + krb5_keytab id, + krb5_keytab_entry *entry, + krb5_kt_cursor *cursor, + off_t *start, + off_t *end) +{ + int32_t len; + int ret; + int8_t tmp8; + int32_t tmp32; + off_t pos; + + pos = cursor->sp->seek(cursor->sp, 0, SEEK_CUR); +loop: + ret = krb5_ret_int32(cursor->sp, &len); + if (ret) + return ret; + if(len < 0) { + pos = cursor->sp->seek(cursor->sp, -len, SEEK_CUR); + goto loop; + } + ret = krb5_kt_ret_principal (cursor->sp, &entry->principal); + if (ret) + goto out; + ret = krb5_ret_int32(cursor->sp, &tmp32); + entry->timestamp = tmp32; + if (ret) + goto out; + ret = krb5_ret_int8(cursor->sp, &tmp8); + if (ret) + goto out; + entry->vno = tmp8; + ret = krb5_kt_ret_keyblock (cursor->sp, &entry->keyblock); + if (ret) + goto out; + if(start) *start = pos; + if(end) *end = *start + 4 + len; + out: + cursor->sp->seek(cursor->sp, pos + 4 + len, SEEK_SET); + return ret; +} + +static krb5_error_code +fkt_next_entry(krb5_context context, + krb5_keytab id, + krb5_keytab_entry *entry, + krb5_kt_cursor *cursor) +{ + return fkt_next_entry_int(context, id, entry, cursor, NULL, NULL); +} + +static krb5_error_code +fkt_end_seq_get(krb5_context context, + krb5_keytab id, + krb5_kt_cursor *cursor) +{ + krb5_storage_free(cursor->sp); + close(cursor->fd); + return 0; +} + +static krb5_error_code +fkt_add_entry(krb5_context context, + krb5_keytab id, + krb5_keytab_entry *entry) +{ + int ret; + int fd; + krb5_storage *sp; + struct fkt_data *d = id->data; + krb5_data keytab; + int32_t len; + + fd = open (d->filename, O_RDWR | O_BINARY); + if (fd < 0) { + fd = open (d->filename, O_RDWR | O_CREAT | O_BINARY, 0600); + if (fd < 0) + return errno; + sp = krb5_storage_from_fd(fd); + ret = krb5_store_int8(sp, 5); + if(ret) { + krb5_storage_free(sp); + close(fd); + return ret; + } + if(id->version == 0) + id->version = KRB5_KT_VNO; + ret = krb5_store_int8 (sp, id->version); + if (ret) { + krb5_storage_free(sp); + close(fd); + return ret; + } + storage_set_flags(context, sp, id->version); + } else { + int8_t pvno, tag; + sp = krb5_storage_from_fd(fd); + ret = krb5_ret_int8(sp, &pvno); + if(ret) { + krb5_storage_free(sp); + close(fd); + return ret; + } + if(pvno != 5) { + krb5_storage_free(sp); + close(fd); + return KRB5_KEYTAB_BADVNO; + } + ret = krb5_ret_int8 (sp, &tag); + if (ret) { + krb5_storage_free(sp); + close(fd); + return ret; + } + id->version = tag; + storage_set_flags(context, sp, id->version); + } + + { + krb5_storage *emem; + emem = krb5_storage_emem(); + if(emem == NULL) { + ret = ENOMEM; + goto out; + } + ret = krb5_kt_store_principal(emem, entry->principal); + if(ret) { + krb5_storage_free(emem); + goto out; + } + ret = krb5_store_int32 (emem, entry->timestamp); + if(ret) { + krb5_storage_free(emem); + goto out; + } + ret = krb5_store_int8 (emem, entry->vno); + if(ret) { + krb5_storage_free(emem); + goto out; + } + ret = krb5_kt_store_keyblock (emem, &entry->keyblock); + if(ret) { + krb5_storage_free(emem); + goto out; + } + ret = krb5_storage_to_data(emem, &keytab); + krb5_storage_free(emem); + if(ret) + goto out; + } + + while(1) { + ret = krb5_ret_int32(sp, &len); + if(ret == KRB5_CC_END) { + len = keytab.length; + break; + } + if(len < 0) { + len = -len; + if(len >= keytab.length) { + sp->seek(sp, -4, SEEK_CUR); + break; + } + } + sp->seek(sp, len, SEEK_CUR); + } + ret = krb5_store_int32(sp, len); + if(sp->store(sp, keytab.data, keytab.length) < 0) + ret = errno; + memset(keytab.data, 0, keytab.length); + krb5_data_free(&keytab); + out: + krb5_storage_free(sp); + close(fd); + return ret; +} + +static krb5_error_code +fkt_remove_entry(krb5_context context, + krb5_keytab id, + krb5_keytab_entry *entry) +{ + krb5_keytab_entry e; + krb5_kt_cursor cursor; + off_t pos_start, pos_end; + int found = 0; + + fkt_start_seq_get_int(context, id, O_RDWR | O_BINARY, &cursor); + while(fkt_next_entry_int(context, id, &e, &cursor, + &pos_start, &pos_end) == 0) { + if(krb5_kt_compare(context, &e, entry->principal, + entry->vno, entry->keyblock.keytype)) { + int32_t len; + unsigned char buf[128]; + found = 1; + cursor.sp->seek(cursor.sp, pos_start, SEEK_SET); + len = pos_end - pos_start - 4; + krb5_store_int32(cursor.sp, -len); + memset(buf, 0, sizeof(buf)); + while(len > 0) { + cursor.sp->store(cursor.sp, buf, min(len, sizeof(buf))); + len -= min(len, sizeof(buf)); + } + } + } + krb5_kt_end_seq_get(context, id, &cursor); + if (!found) + return KRB5_KT_NOTFOUND; + return 0; +} + +const krb5_kt_ops krb5_fkt_ops = { + "FILE", + fkt_resolve, + fkt_get_name, + fkt_close, + NULL, /* get */ + fkt_start_seq_get, + fkt_next_entry, + fkt_end_seq_get, + fkt_add_entry, + fkt_remove_entry +}; diff --git a/crypto/heimdal/lib/krb5/keytab_keyfile.c b/crypto/heimdal/lib/krb5/keytab_keyfile.c new file mode 100644 index 0000000..fa14e62 --- /dev/null +++ b/crypto/heimdal/lib/krb5/keytab_keyfile.c @@ -0,0 +1,316 @@ +/* + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: keytab_keyfile.c,v 1.7 2000/01/02 04:00:22 assar Exp $"); + +/* afs keyfile operations --------------------------------------- */ + +/* + * Minimum tools to handle the AFS KeyFile. + * + * Format of the KeyFile is: + * <int32_t numkeys> {[<int32_t kvno> <char[8] deskey>] * numkeys} + * + * It just adds to the end of the keyfile, deleting isn't implemented. + * Use your favorite text/hex editor to delete keys. + * + */ + +#define AFS_SERVERTHISCELL "/usr/afs/etc/ThisCell" +#define AFS_SERVERMAGICKRBCONF "/usr/afs/etc/krb.conf" + +struct akf_data { + int num_entries; + char *filename; + char *cell; + char *realm; +}; + +/* + * set `d->cell' and `d->realm' + */ + +static int +get_cell_and_realm (struct akf_data *d) +{ + FILE *f; + char buf[BUFSIZ], *cp; + + f = fopen (AFS_SERVERTHISCELL, "r"); + if (f == NULL) + return errno; + if (fgets (buf, sizeof(buf), f) == NULL) { + fclose (f); + return EINVAL; + } + if (buf[strlen(buf) - 1] == '\n') + buf[strlen(buf) - 1] = '\0'; + fclose(f); + + d->cell = strdup (buf); + if (d->cell == NULL) + return errno; + + f = fopen (AFS_SERVERMAGICKRBCONF, "r"); + if (f != NULL) { + if (fgets (buf, sizeof(buf), f) == NULL) { + fclose (f); + return EINVAL; + } + if (buf[strlen(buf)-1] == '\n') + buf[strlen(buf)-1] = '\0'; + fclose(f); + } + /* uppercase */ + for (cp = buf; *cp != '\0'; cp++) + *cp = toupper(*cp); + + d->realm = strdup (buf); + if (d->realm == NULL) { + free (d->cell); + return errno; + } + return 0; +} + +/* + * init and get filename + */ + +static krb5_error_code +akf_resolve(krb5_context context, const char *name, krb5_keytab id) +{ + int ret; + struct akf_data *d = malloc(sizeof (struct akf_data)); + + if (d == NULL) + return errno; + + d->num_entries = 0; + ret = get_cell_and_realm (d); + if (ret) { + free (d); + return ret; + } + d->filename = strdup (name); + if (d->filename == NULL) { + free (d->cell); + free (d->realm); + free (d); + return ENOMEM; + } + id->data = d; + + return 0; +} + +/* + * cleanup + */ + +static krb5_error_code +akf_close(krb5_context context, krb5_keytab id) +{ + struct akf_data *d = id->data; + + free (d->filename); + free (d->cell); + free (d); + return 0; +} + +/* + * Return filename + */ + +static krb5_error_code +akf_get_name(krb5_context context, + krb5_keytab id, + char *name, + size_t name_sz) +{ + struct akf_data *d = id->data; + + strlcpy (name, d->filename, name_sz); + return 0; +} + +/* + * Init + */ + +static krb5_error_code +akf_start_seq_get(krb5_context context, + krb5_keytab id, + krb5_kt_cursor *c) +{ + int32_t ret; + struct akf_data *d = id->data; + + c->fd = open (d->filename, O_RDONLY|O_BINARY, 0600); + if (c->fd < 0) + return errno; + + c->sp = krb5_storage_from_fd(c->fd); + ret = krb5_ret_int32(c->sp, &d->num_entries); + if(ret) { + krb5_storage_free(c->sp); + close(c->fd); + return ret; + } + + return 0; +} + +static krb5_error_code +akf_next_entry(krb5_context context, + krb5_keytab id, + krb5_keytab_entry *entry, + krb5_kt_cursor *cursor) +{ + struct akf_data *d = id->data; + int32_t kvno; + off_t pos; + int ret; + + pos = cursor->sp->seek(cursor->sp, 0, SEEK_CUR); + + if ((pos - 4) / (4 + 8) >= d->num_entries) + return KRB5_KT_END; + + ret = krb5_make_principal (context, &entry->principal, + d->realm, "afs", d->cell, NULL); + if (ret) + goto out; + + ret = krb5_ret_int32(cursor->sp, &kvno); + if (ret) { + krb5_free_principal (context, entry->principal); + goto out; + } + + entry->vno = (int8_t) kvno; + + entry->keyblock.keytype = ETYPE_DES_CBC_MD5; + entry->keyblock.keyvalue.length = 8; + entry->keyblock.keyvalue.data = malloc (8); + if (entry->keyblock.keyvalue.data == NULL) { + krb5_free_principal (context, entry->principal); + ret = ENOMEM; + goto out; + } + + ret = cursor->sp->fetch(cursor->sp, entry->keyblock.keyvalue.data, 8); + if(ret != 8) + ret = (ret < 0) ? errno : KRB5_KT_END; + + entry->timestamp = time(NULL); + + out: + cursor->sp->seek(cursor->sp, pos + 4 + 8, SEEK_SET); + return ret; +} + +static krb5_error_code +akf_end_seq_get(krb5_context context, + krb5_keytab id, + krb5_kt_cursor *cursor) +{ + krb5_storage_free(cursor->sp); + close(cursor->fd); + return 0; +} + +static krb5_error_code +akf_add_entry(krb5_context context, + krb5_keytab id, + krb5_keytab_entry *entry) +{ + struct akf_data *d = id->data; + int fd, created = 0; + int32_t kvno; + + fd = open (d->filename, O_RDWR | O_BINARY); + if (fd < 0) { + fd = open (d->filename, + O_RDWR | O_BINARY | O_CREAT, 0600); + if (fd < 0) + return errno; + created = 1; + } + + if (entry->keyblock.keyvalue.length == 8 + && entry->keyblock.keytype == ETYPE_DES_CBC_MD5) { + + int32_t len = 0; + + if (!created) { + if (lseek (fd, 0, SEEK_SET)) + return errno; + + if (read (fd, &len, sizeof(len)) != sizeof(len)) + return errno; + } + len += 1; + + if (lseek (fd, 0, SEEK_SET)) + return errno; + + if (write (fd, &len, sizeof(len)) != sizeof(len)) + return errno; + + if (lseek (fd, 4 + (len-1) * (8+4), SEEK_SET)) + return errno; + + kvno = entry->vno; + write(fd, &kvno, sizeof(kvno)); + write(fd, entry->keyblock.keyvalue.data, 8); + } + close (fd); + return 0; +} + +const krb5_kt_ops krb5_akf_ops = { + "AFSKEYFILE", + akf_resolve, + akf_get_name, + akf_close, + NULL, /* get */ + akf_start_seq_get, + akf_next_entry, + akf_end_seq_get, + akf_add_entry, + NULL /* remove */ +}; diff --git a/crypto/heimdal/lib/krb5/keytab_krb4.c b/crypto/heimdal/lib/krb5/keytab_krb4.c new file mode 100644 index 0000000..b1f425c --- /dev/null +++ b/crypto/heimdal/lib/krb5/keytab_krb4.c @@ -0,0 +1,272 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" +#include <krb.h> + +RCSID("$Id: keytab_krb4.c,v 1.5 2000/01/06 08:04:58 assar Exp $"); + +struct krb4_kt_data { + char *filename; +}; + +static krb5_error_code +krb4_kt_resolve(krb5_context context, const char *name, krb5_keytab id) +{ + struct krb4_kt_data *d; + + d = malloc (sizeof(*d)); + if (d == NULL) + return ENOMEM; + d->filename = strdup (name); + if (d->filename == NULL) { + free(d); + return ENOMEM; + } + id->data = d; + return 0; +} + +static krb5_error_code +krb4_kt_get_name (krb5_context context, + krb5_keytab id, + char *name, + size_t name_sz) +{ + struct krb4_kt_data *d = id->data; + + strlcpy (name, d->filename, name_sz); + return 0; +} + +static krb5_error_code +krb4_kt_close (krb5_context context, + krb5_keytab id) +{ + struct krb4_kt_data *d = id->data; + + free (d->filename); + free (d); + return 0; +} + +struct krb4_cursor_extra_data { + krb5_keytab_entry entry; + int num; +}; + +static krb5_error_code +krb4_kt_start_seq_get_int (krb5_context context, + krb5_keytab id, + int flags, + krb5_kt_cursor *c) +{ + struct krb4_kt_data *d = id->data; + struct krb4_cursor_extra_data *ed; + + ed = malloc (sizeof(*ed)); + if (ed == NULL) + return ENOMEM; + ed->entry.principal = NULL; + ed->num = -1; + c->data = ed; + c->fd = open (d->filename, flags); + if (c->fd < 0) { + free (ed); + return errno; + } + c->sp = krb5_storage_from_fd(c->fd); + return 0; +} + +static krb5_error_code +krb4_kt_start_seq_get (krb5_context context, + krb5_keytab id, + krb5_kt_cursor *c) +{ + return krb4_kt_start_seq_get_int (context, id, O_BINARY | O_RDONLY, c); +} + +static krb5_error_code +read_v4_entry (krb5_context context, + struct krb4_kt_data *d, + krb5_kt_cursor *c, + struct krb4_cursor_extra_data *ed) +{ + krb5_error_code ret; + char *service, *instance, *realm; + int8_t kvno; + des_cblock key; + + ret = krb5_ret_stringz(c->sp, &service); + if (ret) + return ret; + ret = krb5_ret_stringz(c->sp, &instance); + if (ret) { + free (service); + return ret; + } + ret = krb5_ret_stringz(c->sp, &realm); + if (ret) { + free (service); + free (instance); + return ret; + } + ret = krb5_425_conv_principal (context, service, instance, realm, + &ed->entry.principal); + free (service); + free (instance); + free (realm); + if (ret) + return ret; + ret = krb5_ret_int8(c->sp, &kvno); + if (ret) { + krb5_free_principal (context, ed->entry.principal); + return ret; + } + ret = c->sp->fetch(c->sp, key, 8); + if (ret < 0) { + krb5_free_principal(context, ed->entry.principal); + return ret; + } + if (ret < 8) { + krb5_free_principal(context, ed->entry.principal); + return EINVAL; + } + ed->entry.vno = kvno; + ret = krb5_data_copy (&ed->entry.keyblock.keyvalue, + key, 8); + if (ret) + return ret; + ed->entry.timestamp = time(NULL); + ed->num = 0; + return 0; +} + +static krb5_error_code +krb4_kt_next_entry (krb5_context context, + krb5_keytab id, + krb5_keytab_entry *entry, + krb5_kt_cursor *c) +{ + krb5_error_code ret; + struct krb4_kt_data *d = id->data; + struct krb4_cursor_extra_data *ed = c->data; + const krb5_enctype keytypes[] = {ETYPE_DES_CBC_MD5, + ETYPE_DES_CBC_MD4, + ETYPE_DES_CBC_CRC}; + + if (ed->num == -1) { + ret = read_v4_entry (context, d, c, ed); + if (ret) + return ret; + } + ret = krb5_kt_copy_entry_contents (context, + &ed->entry, + entry); + if (ret) + return ret; + entry->keyblock.keytype = keytypes[ed->num]; + if (++ed->num == 3) { + krb5_kt_free_entry (context, &ed->entry); + ed->num = -1; + } + return 0; +} + +static krb5_error_code +krb4_kt_end_seq_get (krb5_context context, + krb5_keytab id, + krb5_kt_cursor *c) +{ + struct krb4_cursor_extra_data *ed = c->data; + + krb5_storage_free (c->sp); + if (ed->num != -1) + krb5_kt_free_entry (context, &ed->entry); + free (c->data); + close (c->fd); + return 0; +} + +static krb5_error_code +krb4_kt_add_entry (krb5_context context, + krb5_keytab id, + krb5_keytab_entry *entry) +{ + struct krb4_kt_data *d = id->data; + krb5_error_code ret; + int fd; + char service[ANAME_SZ]; + char instance[INST_SZ]; + char realm[REALM_SZ]; + int8_t kvno; + + fd = open (d->filename, O_WRONLY | O_APPEND | O_BINARY); + if (fd < 0) { + fd = open (d->filename, + O_WRONLY | O_APPEND | O_BINARY | O_CREAT, 0600); + if (fd < 0) + return errno; + } + ret = krb5_524_conv_principal (context, entry->principal, + service, instance, realm); + if (ret) { + close (fd); + return ret; + } + if (entry->keyblock.keyvalue.length == 8 + && entry->keyblock.keytype == ETYPE_DES_CBC_MD5) { + write(fd, service, strlen(service)+1); + write(fd, instance, strlen(instance)+1); + write(fd, realm, strlen(realm)+1); + kvno = entry->vno; + write(fd, &kvno, sizeof(kvno)); + write(fd, entry->keyblock.keyvalue.data, 8); + } + close (fd); + return 0; +} + +krb5_kt_ops krb4_fkt_ops = { + "krb4", + krb4_kt_resolve, + krb4_kt_get_name, + krb4_kt_close, + NULL, /* get */ + krb4_kt_start_seq_get, + krb4_kt_next_entry, + krb4_kt_end_seq_get, + krb4_kt_add_entry, /* add_entry */ + NULL /* remove_entry */ +}; diff --git a/crypto/heimdal/lib/krb5/keytab_memory.c b/crypto/heimdal/lib/krb5/keytab_memory.c new file mode 100644 index 0000000..924b4cd --- /dev/null +++ b/crypto/heimdal/lib/krb5/keytab_memory.c @@ -0,0 +1,161 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: keytab_memory.c,v 1.3 1999/12/02 17:05:10 joda Exp $"); + +/* memory operations -------------------------------------------- */ + +struct mkt_data { + krb5_keytab_entry *entries; + int num_entries; +}; + +static krb5_error_code +mkt_resolve(krb5_context context, const char *name, krb5_keytab id) +{ + struct mkt_data *d; + d = malloc(sizeof(*d)); + if(d == NULL) + return ENOMEM; + d->entries = NULL; + d->num_entries = 0; + id->data = d; + return 0; +} + +static krb5_error_code +mkt_close(krb5_context context, krb5_keytab id) +{ + struct mkt_data *d = id->data; + int i; + for(i = 0; i < d->num_entries; i++) + krb5_kt_free_entry(context, &d->entries[i]); + free(d->entries); + free(d); + return 0; +} + +static krb5_error_code +mkt_get_name(krb5_context context, + krb5_keytab id, + char *name, + size_t namesize) +{ + strncpy(name, "", namesize); + return 0; +} + +static krb5_error_code +mkt_start_seq_get(krb5_context context, + krb5_keytab id, + krb5_kt_cursor *c) +{ + /* XXX */ + c->fd = 0; + return 0; +} + +static krb5_error_code +mkt_next_entry(krb5_context context, + krb5_keytab id, + krb5_keytab_entry *entry, + krb5_kt_cursor *c) +{ + struct mkt_data *d = id->data; + if(c->fd >= d->num_entries) + return KRB5_KT_END; + return krb5_kt_copy_entry_contents(context, &d->entries[c->fd++], entry); +} + +static krb5_error_code +mkt_end_seq_get(krb5_context context, + krb5_keytab id, + krb5_kt_cursor *cursor) +{ + return 0; +} + +static krb5_error_code +mkt_add_entry(krb5_context context, + krb5_keytab id, + krb5_keytab_entry *entry) +{ + struct mkt_data *d = id->data; + krb5_keytab_entry *tmp; + tmp = realloc(d->entries, (d->num_entries + 1) * sizeof(*d->entries)); + if(tmp == NULL) + return ENOMEM; + d->entries = tmp; + return krb5_kt_copy_entry_contents(context, entry, + &d->entries[d->num_entries++]); +} + +static krb5_error_code +mkt_remove_entry(krb5_context context, + krb5_keytab id, + krb5_keytab_entry *entry) +{ + struct mkt_data *d = id->data; + krb5_keytab_entry *e, *end; + + /* do this backwards to minimize copying */ + for(end = d->entries + d->num_entries, e = end - 1; e >= d->entries; e--) { + if(krb5_kt_compare(context, e, entry->principal, + entry->vno, entry->keyblock.keytype)) { + krb5_kt_free_entry(context, e); + memmove(e, e + 1, (end - e - 1) * sizeof(*e)); + memset(end - 1, 0, sizeof(*end)); + d->num_entries--; + end--; + } + } + e = realloc(d->entries, d->num_entries * sizeof(*d->entries)); + if(e != NULL) + d->entries = e; + return 0; +} + +const krb5_kt_ops krb5_mkt_ops = { + "MEMORY", + mkt_resolve, + mkt_get_name, + mkt_close, + NULL, /* get */ + mkt_start_seq_get, + mkt_next_entry, + mkt_end_seq_get, + mkt_add_entry, + mkt_remove_entry +}; diff --git a/crypto/heimdal/lib/krb5/krb5-private.h b/crypto/heimdal/lib/krb5/krb5-private.h new file mode 100644 index 0000000..b24328a --- /dev/null +++ b/crypto/heimdal/lib/krb5/krb5-private.h @@ -0,0 +1,58 @@ +/* This is a generated file */ +#ifndef __krb5_private_h__ +#define __krb5_private_h__ + +#ifdef __STDC__ +#include <stdarg.h> +#ifndef __P +#define __P(x) x +#endif +#else +#ifndef __P +#define __P(x) () +#endif +#endif + +void +_krb5_crc_init_table __P((void)); + +u_int32_t +_krb5_crc_update __P(( + char *p, + size_t len, + u_int32_t res)); + +int +_krb5_extract_ticket __P(( + krb5_context context, + krb5_kdc_rep *rep, + krb5_creds *creds, + krb5_keyblock *key, + krb5_const_pointer keyseed, + krb5_key_usage key_usage, + krb5_addresses *addrs, + unsigned nonce, + krb5_boolean allow_server_mismatch, + krb5_decrypt_proc decrypt_proc, + krb5_const_pointer decryptarg)); + +ssize_t +_krb5_get_int __P(( + void *buffer, + unsigned long *value, + size_t size)); + +void +_krb5_n_fold __P(( + const void *str, + size_t len, + void *key, + size_t size)); + +ssize_t +_krb5_put_int __P(( + void *buffer, + unsigned long value, + size_t size)); + +#endif /* __krb5_private_h__ */ diff --git a/crypto/heimdal/lib/krb5/krb5-protos.h b/crypto/heimdal/lib/krb5/krb5-protos.h new file mode 100644 index 0000000..8813c7a --- /dev/null +++ b/crypto/heimdal/lib/krb5/krb5-protos.h @@ -0,0 +1,2352 @@ +/* This is a generated file */ +#ifndef __krb5_protos_h__ +#define __krb5_protos_h__ + +#ifdef __STDC__ +#include <stdarg.h> +#ifndef __P +#define __P(x) x +#endif +#else +#ifndef __P +#define __P(x) () +#endif +#endif + +#if !defined(__GNUC__) && !defined(__attribute__) +#define __attribute__(x) +#endif + +krb5_error_code +krb524_convert_creds_kdc __P(( + krb5_context context, + krb5_ccache ccache, + krb5_creds *in_cred, + struct credentials *v4creds)); + +krb5_error_code +krb5_425_conv_principal __P(( + krb5_context context, + const char *name, + const char *instance, + const char *realm, + krb5_principal *princ)); + +krb5_error_code +krb5_425_conv_principal_ext __P(( + krb5_context context, + const char *name, + const char *instance, + const char *realm, + krb5_boolean (*func)(krb5_context, krb5_principal), + krb5_boolean resolve, + krb5_principal *princ)); + +krb5_error_code +krb5_524_conv_principal __P(( + krb5_context context, + const krb5_principal principal, + char *name, + char *instance, + char *realm)); + +krb5_error_code +krb5_abort __P(( + krb5_context context, + krb5_error_code code, + const char *fmt, + ...)) + __attribute__ ((noreturn, format (printf, 3, 4))); + +krb5_error_code +krb5_abortx __P(( + krb5_context context, + const char *fmt, + ...)) + __attribute__ ((noreturn, format (printf, 2, 3))); + +krb5_error_code +krb5_add_et_list __P(( + krb5_context context, + void (*func)(struct et_list **))); + +krb5_error_code +krb5_add_extra_addresses __P(( + krb5_context context, + krb5_addresses *addresses)); + +krb5_error_code +krb5_addlog_dest __P(( + krb5_context context, + krb5_log_facility *f, + const char *p)); + +krb5_error_code +krb5_addlog_func __P(( + krb5_context context, + krb5_log_facility *fac, + int min, + int max, + krb5_log_log_func_t log, + krb5_log_close_func_t close, + void *data)); + +krb5_error_code +krb5_addr2sockaddr __P(( + const krb5_address *addr, + struct sockaddr *sa, + int *sa_size, + int port)); + +krb5_boolean +krb5_address_compare __P(( + krb5_context context, + const krb5_address *addr1, + const krb5_address *addr2)); + +int +krb5_address_order __P(( + krb5_context context, + const krb5_address *addr1, + const krb5_address *addr2)); + +krb5_boolean +krb5_address_search __P(( + krb5_context context, + const krb5_address *addr, + const krb5_addresses *addrlist)); + +krb5_error_code +krb5_aname_to_localname __P(( + krb5_context context, + krb5_const_principal aname, + size_t lnsize, + char *lname)); + +krb5_error_code +krb5_anyaddr __P(( + int af, + struct sockaddr *sa, + int *sa_size, + int port)); + +krb5_error_code +krb5_append_addresses __P(( + krb5_context context, + krb5_addresses *dest, + const krb5_addresses *source)); + +krb5_error_code +krb5_auth_con_free __P(( + krb5_context context, + krb5_auth_context auth_context)); + +krb5_error_code +krb5_auth_con_getaddrs __P(( + krb5_context context, + krb5_auth_context auth_context, + krb5_address **local_addr, + krb5_address **remote_addr)); + +krb5_error_code +krb5_auth_con_getflags __P(( + krb5_context context, + krb5_auth_context auth_context, + int32_t *flags)); + +krb5_error_code +krb5_auth_con_getkey __P(( + krb5_context context, + krb5_auth_context auth_context, + krb5_keyblock **keyblock)); + +krb5_error_code +krb5_auth_con_getlocalsubkey __P(( + krb5_context context, + krb5_auth_context auth_context, + krb5_keyblock **keyblock)); + +krb5_error_code +krb5_auth_con_getremotesubkey __P(( + krb5_context context, + krb5_auth_context auth_context, + krb5_keyblock **keyblock)); + +krb5_error_code +krb5_auth_con_init __P(( + krb5_context context, + krb5_auth_context *auth_context)); + +krb5_error_code +krb5_auth_con_setaddrs __P(( + krb5_context context, + krb5_auth_context auth_context, + krb5_address *local_addr, + krb5_address *remote_addr)); + +krb5_error_code +krb5_auth_con_setaddrs_from_fd __P(( + krb5_context context, + krb5_auth_context auth_context, + void *p_fd)); + +krb5_error_code +krb5_auth_con_setflags __P(( + krb5_context context, + krb5_auth_context auth_context, + int32_t flags)); + +krb5_error_code +krb5_auth_con_setkey __P(( + krb5_context context, + krb5_auth_context auth_context, + krb5_keyblock *keyblock)); + +krb5_error_code +krb5_auth_con_setlocalsubkey __P(( + krb5_context context, + krb5_auth_context auth_context, + krb5_keyblock *keyblock)); + +krb5_error_code +krb5_auth_con_setremotesubkey __P(( + krb5_context context, + krb5_auth_context auth_context, + krb5_keyblock *keyblock)); + +krb5_error_code +krb5_auth_con_setuserkey __P(( + krb5_context context, + krb5_auth_context auth_context, + krb5_keyblock *keyblock)); + +krb5_error_code +krb5_auth_getauthenticator __P(( + krb5_context context, + krb5_auth_context auth_context, + krb5_authenticator *authenticator)); + +krb5_error_code +krb5_auth_getcksumtype __P(( + krb5_context context, + krb5_auth_context auth_context, + krb5_cksumtype *cksumtype)); + +krb5_error_code +krb5_auth_getkeytype __P(( + krb5_context context, + krb5_auth_context auth_context, + krb5_keytype *keytype)); + +krb5_error_code +krb5_auth_getlocalseqnumber __P(( + krb5_context context, + krb5_auth_context auth_context, + int32_t *seqnumber)); + +krb5_error_code +krb5_auth_getremoteseqnumber __P(( + krb5_context context, + krb5_auth_context auth_context, + int32_t *seqnumber)); + +krb5_error_code +krb5_auth_setcksumtype __P(( + krb5_context context, + krb5_auth_context auth_context, + krb5_cksumtype cksumtype)); + +krb5_error_code +krb5_auth_setkeytype __P(( + krb5_context context, + krb5_auth_context auth_context, + krb5_keytype keytype)); + +krb5_error_code +krb5_auth_setlocalseqnumber __P(( + krb5_context context, + krb5_auth_context auth_context, + int32_t seqnumber)); + +krb5_error_code +krb5_auth_setremoteseqnumber __P(( + krb5_context context, + krb5_auth_context auth_context, + int32_t seqnumber)); + +krb5_error_code +krb5_build_ap_req __P(( + krb5_context context, + krb5_enctype enctype, + krb5_creds *cred, + krb5_flags ap_options, + krb5_data authenticator, + krb5_data *retdata)); + +krb5_error_code +krb5_build_authenticator __P(( + krb5_context context, + krb5_auth_context auth_context, + krb5_enctype enctype, + krb5_creds *cred, + Checksum *cksum, + Authenticator **auth_result, + krb5_data *result)); + +krb5_error_code +krb5_build_principal __P(( + krb5_context context, + krb5_principal *principal, + int rlen, + krb5_const_realm realm, + ...)); + +krb5_error_code +krb5_build_principal_ext __P(( + krb5_context context, + krb5_principal *principal, + int rlen, + krb5_const_realm realm, + ...)); + +krb5_error_code +krb5_build_principal_va __P(( + krb5_context context, + krb5_principal *principal, + int rlen, + krb5_const_realm realm, + va_list ap)); + +krb5_error_code +krb5_build_principal_va_ext __P(( + krb5_context context, + krb5_principal *principal, + int rlen, + krb5_const_realm realm, + va_list ap)); + +krb5_error_code +krb5_cc_close __P(( + krb5_context context, + krb5_ccache id)); + +krb5_error_code +krb5_cc_copy_cache __P(( + krb5_context context, + const krb5_ccache from, + krb5_ccache to)); + +krb5_error_code +krb5_cc_default __P(( + krb5_context context, + krb5_ccache *id)); + +const char* +krb5_cc_default_name __P((krb5_context context)); + +krb5_error_code +krb5_cc_destroy __P(( + krb5_context context, + krb5_ccache id)); + +krb5_error_code +krb5_cc_end_seq_get __P(( + krb5_context context, + const krb5_ccache id, + krb5_cc_cursor *cursor)); + +krb5_error_code +krb5_cc_gen_new __P(( + krb5_context context, + const krb5_cc_ops *ops, + krb5_ccache *id)); + +const char* +krb5_cc_get_name __P(( + krb5_context context, + krb5_ccache id)); + +krb5_error_code +krb5_cc_get_principal __P(( + krb5_context context, + krb5_ccache id, + krb5_principal *principal)); + +const char* +krb5_cc_get_type __P(( + krb5_context context, + krb5_ccache id)); + +krb5_error_code +krb5_cc_get_version __P(( + krb5_context context, + const krb5_ccache id)); + +krb5_error_code +krb5_cc_initialize __P(( + krb5_context context, + krb5_ccache id, + krb5_principal primary_principal)); + +krb5_error_code +krb5_cc_next_cred __P(( + krb5_context context, + const krb5_ccache id, + krb5_creds *creds, + krb5_cc_cursor *cursor)); + +krb5_error_code +krb5_cc_register __P(( + krb5_context context, + const krb5_cc_ops *ops, + krb5_boolean override)); + +krb5_error_code +krb5_cc_remove_cred __P(( + krb5_context context, + krb5_ccache id, + krb5_flags which, + krb5_creds *cred)); + +krb5_error_code +krb5_cc_resolve __P(( + krb5_context context, + const char *name, + krb5_ccache *id)); + +krb5_error_code +krb5_cc_retrieve_cred __P(( + krb5_context context, + krb5_ccache id, + krb5_flags whichfields, + const krb5_creds *mcreds, + krb5_creds *creds)); + +krb5_error_code +krb5_cc_set_flags __P(( + krb5_context context, + krb5_ccache id, + krb5_flags flags)); + +krb5_error_code +krb5_cc_start_seq_get __P(( + krb5_context context, + const krb5_ccache id, + krb5_cc_cursor *cursor)); + +krb5_error_code +krb5_cc_store_cred __P(( + krb5_context context, + krb5_ccache id, + krb5_creds *creds)); + +krb5_error_code +krb5_change_password __P(( + krb5_context context, + krb5_creds *creds, + char *newpw, + int *result_code, + krb5_data *result_code_string, + krb5_data *result_string)); + +krb5_boolean +krb5_checksum_is_collision_proof __P(( + krb5_context context, + krb5_cksumtype type)); + +krb5_boolean +krb5_checksum_is_keyed __P(( + krb5_context context, + krb5_cksumtype type)); + +krb5_error_code +krb5_checksumsize __P(( + krb5_context context, + krb5_cksumtype type, + size_t *size)); + +krb5_error_code +krb5_closelog __P(( + krb5_context context, + krb5_log_facility *fac)); + +krb5_boolean +krb5_compare_creds __P(( + krb5_context context, + krb5_flags whichfields, + const krb5_creds *mcreds, + const krb5_creds *creds)); + +krb5_error_code +krb5_config_file_free __P(( + krb5_context context, + krb5_config_section *s)); + +void +krb5_config_free_strings __P((char **strings)); + +const void * +krb5_config_get __P(( + krb5_context context, + krb5_config_section *c, + int type, + ...)); + +krb5_boolean +krb5_config_get_bool __P(( + krb5_context context, + krb5_config_section *c, + ...)); + +krb5_boolean +krb5_config_get_bool_default __P(( + krb5_context context, + krb5_config_section *c, + krb5_boolean def_value, + ...)); + +int +krb5_config_get_int __P(( + krb5_context context, + krb5_config_section *c, + ...)); + +int +krb5_config_get_int_default __P(( + krb5_context context, + krb5_config_section *c, + int def_value, + ...)); + +const krb5_config_binding * +krb5_config_get_list __P(( + krb5_context context, + krb5_config_section *c, + ...)); + +const void * +krb5_config_get_next __P(( + krb5_context context, + krb5_config_section *c, + krb5_config_binding **pointer, + int type, + ...)); + +const char * +krb5_config_get_string __P(( + krb5_context context, + krb5_config_section *c, + ...)); + +char** +krb5_config_get_strings __P(( + krb5_context context, + krb5_config_section *c, + ...)); + +int +krb5_config_get_time __P(( + krb5_context context, + krb5_config_section *c, + ...)); + +int +krb5_config_get_time_default __P(( + krb5_context context, + krb5_config_section *c, + int def_value, + ...)); + +krb5_error_code +krb5_config_parse_file __P(( + const char *fname, + krb5_config_section **res)); + +krb5_error_code +krb5_config_parse_file_debug __P(( + const char *fname, + krb5_config_section **res, + unsigned *lineno, + char **error_message)); + +const void * +krb5_config_vget __P(( + krb5_context context, + krb5_config_section *c, + int type, + va_list args)); + +krb5_boolean +krb5_config_vget_bool __P(( + krb5_context context, + krb5_config_section *c, + va_list args)); + +krb5_boolean +krb5_config_vget_bool_default __P(( + krb5_context context, + krb5_config_section *c, + krb5_boolean def_value, + va_list args)); + +int +krb5_config_vget_int __P(( + krb5_context context, + krb5_config_section *c, + va_list args)); + +int +krb5_config_vget_int_default __P(( + krb5_context context, + krb5_config_section *c, + int def_value, + va_list args)); + +const krb5_config_binding * +krb5_config_vget_list __P(( + krb5_context context, + krb5_config_section *c, + va_list args)); + +const void * +krb5_config_vget_next __P(( + krb5_context context, + krb5_config_section *c, + krb5_config_binding **pointer, + int type, + va_list args)); + +const char * +krb5_config_vget_string __P(( + krb5_context context, + krb5_config_section *c, + va_list args)); + +char ** +krb5_config_vget_strings __P(( + krb5_context context, + krb5_config_section *c, + va_list args)); + +int +krb5_config_vget_time __P(( + krb5_context context, + krb5_config_section *c, + va_list args)); + +int +krb5_config_vget_time_default __P(( + krb5_context context, + krb5_config_section *c, + int def_value, + va_list args)); + +krb5_error_code +krb5_copy_address __P(( + krb5_context context, + const krb5_address *inaddr, + krb5_address *outaddr)); + +krb5_error_code +krb5_copy_addresses __P(( + krb5_context context, + const krb5_addresses *inaddr, + krb5_addresses *outaddr)); + +krb5_error_code +krb5_copy_creds __P(( + krb5_context context, + const krb5_creds *incred, + krb5_creds **outcred)); + +krb5_error_code +krb5_copy_creds_contents __P(( + krb5_context context, + const krb5_creds *incred, + krb5_creds *c)); + +krb5_error_code +krb5_copy_data __P(( + krb5_context context, + const krb5_data *indata, + krb5_data **outdata)); + +krb5_error_code +krb5_copy_host_realm __P(( + krb5_context context, + const krb5_realm *from, + krb5_realm **to)); + +krb5_error_code +krb5_copy_keyblock __P(( + krb5_context context, + const krb5_keyblock *inblock, + krb5_keyblock **to)); + +krb5_error_code +krb5_copy_keyblock_contents __P(( + krb5_context context, + const krb5_keyblock *inblock, + krb5_keyblock *to)); + +krb5_error_code +krb5_copy_principal __P(( + krb5_context context, + krb5_const_principal inprinc, + krb5_principal *outprinc)); + +krb5_error_code +krb5_copy_ticket __P(( + krb5_context context, + const krb5_ticket *from, + krb5_ticket **to)); + +krb5_error_code +krb5_create_checksum __P(( + krb5_context context, + krb5_crypto crypto, + unsigned usage_or_type, + void *data, + size_t len, + Checksum *result)); + +krb5_error_code +krb5_crypto_destroy __P(( + krb5_context context, + krb5_crypto crypto)); + +krb5_error_code +krb5_crypto_init __P(( + krb5_context context, + krb5_keyblock *key, + krb5_enctype etype, + krb5_crypto *crypto)); + +krb5_error_code +krb5_data_alloc __P(( + krb5_data *p, + int len)); + +krb5_error_code +krb5_data_copy __P(( + krb5_data *p, + const void *data, + size_t len)); + +void +krb5_data_free __P((krb5_data *p)); + +krb5_error_code +krb5_data_realloc __P(( + krb5_data *p, + int len)); + +void +krb5_data_zero __P((krb5_data *p)); + +krb5_error_code +krb5_decode_Authenticator __P(( + krb5_context context, + const void *data, + size_t length, + Authenticator *t, + size_t *len)); + +krb5_error_code +krb5_decode_ETYPE_INFO __P(( + krb5_context context, + const void *data, + size_t length, + ETYPE_INFO *t, + size_t *len)); + +krb5_error_code +krb5_decode_EncAPRepPart __P(( + krb5_context context, + const void *data, + size_t length, + EncAPRepPart *t, + size_t *len)); + +krb5_error_code +krb5_decode_EncASRepPart __P(( + krb5_context context, + const void *data, + size_t length, + EncASRepPart *t, + size_t *len)); + +krb5_error_code +krb5_decode_EncKrbCredPart __P(( + krb5_context context, + const void *data, + size_t length, + EncKrbCredPart *t, + size_t *len)); + +krb5_error_code +krb5_decode_EncTGSRepPart __P(( + krb5_context context, + const void *data, + size_t length, + EncTGSRepPart *t, + size_t *len)); + +krb5_error_code +krb5_decode_EncTicketPart __P(( + krb5_context context, + const void *data, + size_t length, + EncTicketPart *t, + size_t *len)); + +krb5_error_code +krb5_decode_ap_req __P(( + krb5_context context, + const krb5_data *inbuf, + krb5_ap_req *ap_req)); + +krb5_error_code +krb5_decrypt __P(( + krb5_context context, + krb5_crypto crypto, + unsigned usage, + void *data, + size_t len, + krb5_data *result)); + +krb5_error_code +krb5_decrypt_EncryptedData __P(( + krb5_context context, + krb5_crypto crypto, + unsigned usage, + EncryptedData *e, + krb5_data *result)); + +krb5_error_code +krb5_decrypt_ticket __P(( + krb5_context context, + Ticket *ticket, + krb5_keyblock *key, + EncTicketPart *out, + krb5_flags flags)); + +krb5_error_code +krb5_domain_x500_decode __P(( + krb5_data tr, + char ***realms, + int *num_realms, + const char *client_realm, + const char *server_realm)); + +krb5_error_code +krb5_domain_x500_encode __P(( + char **realms, + int num_realms, + krb5_data *encoding)); + +krb5_error_code +krb5_encode_Authenticator __P(( + krb5_context context, + void *data, + size_t length, + Authenticator *t, + size_t *len)); + +krb5_error_code +krb5_encode_ETYPE_INFO __P(( + krb5_context context, + void *data, + size_t length, + ETYPE_INFO *t, + size_t *len)); + +krb5_error_code +krb5_encode_EncAPRepPart __P(( + krb5_context context, + void *data, + size_t length, + EncAPRepPart *t, + size_t *len)); + +krb5_error_code +krb5_encode_EncASRepPart __P(( + krb5_context context, + void *data, + size_t length, + EncASRepPart *t, + size_t *len)); + +krb5_error_code +krb5_encode_EncKrbCredPart __P(( + krb5_context context, + void *data, + size_t length, + EncKrbCredPart *t, + size_t *len)); + +krb5_error_code +krb5_encode_EncTGSRepPart __P(( + krb5_context context, + void *data, + size_t length, + EncTGSRepPart *t, + size_t *len)); + +krb5_error_code +krb5_encode_EncTicketPart __P(( + krb5_context context, + void *data, + size_t length, + EncTicketPart *t, + size_t *len)); + +krb5_error_code +krb5_encrypt __P(( + krb5_context context, + krb5_crypto crypto, + unsigned usage, + void *data, + size_t len, + krb5_data *result)); + +krb5_error_code +krb5_encrypt_EncryptedData __P(( + krb5_context context, + krb5_crypto crypto, + unsigned usage, + void *data, + size_t len, + int kvno, + EncryptedData *result)); + +krb5_error_code +krb5_enctype_to_keytype __P(( + krb5_context context, + krb5_enctype etype, + krb5_keytype *keytype)); + +krb5_error_code +krb5_enctype_to_string __P(( + krb5_context context, + krb5_enctype etype, + char **string)); + +krb5_error_code +krb5_enctype_valid __P(( + krb5_context context, + krb5_enctype etype)); + +krb5_boolean +krb5_enctypes_compatible_keys __P(( + krb5_context context, + krb5_enctype etype1, + krb5_enctype etype2)); + +krb5_error_code +krb5_err __P(( + krb5_context context, + int eval, + krb5_error_code code, + const char *fmt, + ...)) + __attribute__ ((noreturn, format (printf, 4, 5))); + +krb5_error_code +krb5_errx __P(( + krb5_context context, + int eval, + const char *fmt, + ...)) + __attribute__ ((noreturn, format (printf, 3, 4))); + +krb5_error_code +krb5_expand_hostname __P(( + krb5_context context, + const char *orig_hostname, + char **new_hostname)); + +PA_DATA * +krb5_find_padata __P(( + PA_DATA *val, + unsigned len, + int type, + int *index)); + +krb5_error_code +krb5_free_address __P(( + krb5_context context, + krb5_address *address)); + +krb5_error_code +krb5_free_addresses __P(( + krb5_context context, + krb5_addresses *addresses)); + +void +krb5_free_ap_rep_enc_part __P(( + krb5_context context, + krb5_ap_rep_enc_part *val)); + +void +krb5_free_authenticator __P(( + krb5_context context, + krb5_authenticator *authenticator)); + +void +krb5_free_context __P((krb5_context context)); + +krb5_error_code +krb5_free_cred_contents __P(( + krb5_context context, + krb5_creds *c)); + +krb5_error_code +krb5_free_creds __P(( + krb5_context context, + krb5_creds *c)); + +krb5_error_code +krb5_free_creds_contents __P(( + krb5_context context, + krb5_creds *c)); + +void +krb5_free_data __P(( + krb5_context context, + krb5_data *p)); + +void +krb5_free_error __P(( + krb5_context context, + krb5_error *error)); + +void +krb5_free_error_contents __P(( + krb5_context context, + krb5_error *error)); + +krb5_error_code +krb5_free_host_realm __P(( + krb5_context context, + krb5_realm *realmlist)); + +krb5_error_code +krb5_free_kdc_rep __P(( + krb5_context context, + krb5_kdc_rep *rep)); + +void +krb5_free_keyblock __P(( + krb5_context context, + krb5_keyblock *keyblock)); + +void +krb5_free_keyblock_contents __P(( + krb5_context context, + krb5_keyblock *keyblock)); + +krb5_error_code +krb5_free_krbhst __P(( + krb5_context context, + char **hostlist)); + +void +krb5_free_principal __P(( + krb5_context context, + krb5_principal p)); + +krb5_error_code +krb5_free_salt __P(( + krb5_context context, + krb5_salt salt)); + +krb5_error_code +krb5_free_ticket __P(( + krb5_context context, + krb5_ticket *ticket)); + +krb5_error_code +krb5_fwd_tgt_creds __P(( + krb5_context context, + krb5_auth_context auth_context, + const char *hostname, + krb5_principal client, + krb5_principal server, + krb5_ccache ccache, + int forwardable, + krb5_data *out_data)); + +void +krb5_generate_random_block __P(( + void *buf, + size_t len)); + +krb5_error_code +krb5_generate_random_keyblock __P(( + krb5_context context, + krb5_enctype type, + krb5_keyblock *key)); + +krb5_error_code +krb5_generate_seq_number __P(( + krb5_context context, + const krb5_keyblock *key, + int32_t *seqno)); + +krb5_error_code +krb5_generate_subkey __P(( + krb5_context context, + const krb5_keyblock *key, + krb5_keyblock **subkey)); + +krb5_error_code +krb5_get_all_client_addrs __P(( + krb5_context context, + krb5_addresses *res)); + +krb5_error_code +krb5_get_all_server_addrs __P(( + krb5_context context, + krb5_addresses *res)); + +krb5_error_code +krb5_get_cred_from_kdc __P(( + krb5_context context, + krb5_ccache ccache, + krb5_creds *in_creds, + krb5_creds **out_creds, + krb5_creds ***ret_tgts)); + +krb5_error_code +krb5_get_credentials __P(( + krb5_context context, + krb5_flags options, + krb5_ccache ccache, + krb5_creds *in_creds, + krb5_creds **out_creds)); + +krb5_error_code +krb5_get_credentials_with_flags __P(( + krb5_context context, + krb5_flags options, + krb5_kdc_flags flags, + krb5_ccache ccache, + krb5_creds *in_creds, + krb5_creds **out_creds)); + +krb5_error_code +krb5_get_default_in_tkt_etypes __P(( + krb5_context context, + krb5_enctype **etypes)); + +krb5_error_code +krb5_get_default_principal __P(( + krb5_context context, + krb5_principal *princ)); + +krb5_error_code +krb5_get_default_realm __P(( + krb5_context context, + krb5_realm *realm)); + +krb5_error_code +krb5_get_default_realms __P(( + krb5_context context, + krb5_realm **realms)); + +const char * +krb5_get_err_text __P(( + krb5_context context, + krb5_error_code code)); + +krb5_error_code +krb5_get_extra_addresses __P(( + krb5_context context, + krb5_addresses *addresses)); + +krb5_error_code +krb5_get_fcache_version __P(( + krb5_context context, + int *version)); + +krb5_error_code +krb5_get_forwarded_creds __P(( + krb5_context context, + krb5_auth_context auth_context, + krb5_ccache ccache, + krb5_flags flags, + const char *hostname, + krb5_creds *in_creds, + krb5_data *out_data)); + +krb5_error_code +krb5_get_host_realm __P(( + krb5_context context, + const char *host, + krb5_realm **realms)); + +krb5_error_code +krb5_get_host_realm_int __P(( + krb5_context context, + const char *host, + krb5_realm **realms)); + +krb5_error_code +krb5_get_in_cred __P(( + krb5_context context, + krb5_flags options, + const krb5_addresses *addrs, + const krb5_enctype *etypes, + const krb5_preauthtype *ptypes, + const krb5_preauthdata *preauth, + krb5_key_proc key_proc, + krb5_const_pointer keyseed, + krb5_decrypt_proc decrypt_proc, + krb5_const_pointer decryptarg, + krb5_creds *creds, + krb5_kdc_rep *ret_as_reply)); + +krb5_error_code +krb5_get_in_tkt __P(( + krb5_context context, + krb5_flags options, + const krb5_addresses *addrs, + const krb5_enctype *etypes, + const krb5_preauthtype *ptypes, + krb5_key_proc key_proc, + krb5_const_pointer keyseed, + krb5_decrypt_proc decrypt_proc, + krb5_const_pointer decryptarg, + krb5_creds *creds, + krb5_ccache ccache, + krb5_kdc_rep *ret_as_reply)); + +krb5_error_code +krb5_get_in_tkt_with_keytab __P(( + krb5_context context, + krb5_flags options, + krb5_addresses *addrs, + const krb5_enctype *etypes, + const krb5_preauthtype *pre_auth_types, + krb5_keytab keytab, + krb5_ccache ccache, + krb5_creds *creds, + krb5_kdc_rep *ret_as_reply)); + +krb5_error_code +krb5_get_in_tkt_with_password __P(( + krb5_context context, + krb5_flags options, + krb5_addresses *addrs, + const krb5_enctype *etypes, + const krb5_preauthtype *pre_auth_types, + const char *password, + krb5_ccache ccache, + krb5_creds *creds, + krb5_kdc_rep *ret_as_reply)); + +krb5_error_code +krb5_get_in_tkt_with_skey __P(( + krb5_context context, + krb5_flags options, + krb5_addresses *addrs, + const krb5_enctype *etypes, + const krb5_preauthtype *pre_auth_types, + const krb5_keyblock *key, + krb5_ccache ccache, + krb5_creds *creds, + krb5_kdc_rep *ret_as_reply)); + +krb5_error_code +krb5_get_init_creds_keytab __P(( + krb5_context context, + krb5_creds *creds, + krb5_principal client, + krb5_keytab keytab, + krb5_deltat start_time, + const char *in_tkt_service, + krb5_get_init_creds_opt *options)); + +void +krb5_get_init_creds_opt_init __P((krb5_get_init_creds_opt *opt)); + +void +krb5_get_init_creds_opt_set_address_list __P(( + krb5_get_init_creds_opt *opt, + krb5_addresses *addresses)); + +void +krb5_get_init_creds_opt_set_etype_list __P(( + krb5_get_init_creds_opt *opt, + krb5_enctype *etype_list, + int etype_list_length)); + +void +krb5_get_init_creds_opt_set_forwardable __P(( + krb5_get_init_creds_opt *opt, + int forwardable)); + +void +krb5_get_init_creds_opt_set_preauth_list __P(( + krb5_get_init_creds_opt *opt, + krb5_preauthtype *preauth_list, + int preauth_list_length)); + +void +krb5_get_init_creds_opt_set_proxiable __P(( + krb5_get_init_creds_opt *opt, + int proxiable)); + +void +krb5_get_init_creds_opt_set_renew_life __P(( + krb5_get_init_creds_opt *opt, + krb5_deltat renew_life)); + +void +krb5_get_init_creds_opt_set_salt __P(( + krb5_get_init_creds_opt *opt, + krb5_data *salt)); + +void +krb5_get_init_creds_opt_set_tkt_life __P(( + krb5_get_init_creds_opt *opt, + krb5_deltat tkt_life)); + +krb5_error_code +krb5_get_init_creds_password __P(( + krb5_context context, + krb5_creds *creds, + krb5_principal client, + const char *password, + krb5_prompter_fct prompter, + void *data, + krb5_deltat start_time, + const char *in_tkt_service, + krb5_get_init_creds_opt *options)); + +krb5_error_code +krb5_get_kdc_cred __P(( + krb5_context context, + krb5_ccache id, + krb5_kdc_flags flags, + krb5_addresses *addresses, + Ticket *second_ticket, + krb5_creds *in_creds, + krb5_creds **out_creds )); + +krb5_error_code +krb5_get_krb_admin_hst __P(( + krb5_context context, + const krb5_realm *realm, + char ***hostlist)); + +krb5_error_code +krb5_get_krb_changepw_hst __P(( + krb5_context context, + const krb5_realm *realm, + char ***hostlist)); + +krb5_error_code +krb5_get_krbhst __P(( + krb5_context context, + const krb5_realm *realm, + char ***hostlist)); + +krb5_error_code +krb5_get_pw_salt __P(( + krb5_context context, + krb5_const_principal principal, + krb5_salt *salt)); + +krb5_boolean +krb5_get_use_admin_kdc __P((krb5_context context)); + +size_t +krb5_get_wrapped_length __P(( + krb5_context context, + krb5_crypto crypto, + size_t data_len)); + +int +krb5_getportbyname __P(( + krb5_context context, + const char *service, + const char *proto, + int default_port)); + +krb5_error_code +krb5_h_addr2addr __P(( + int af, + const char *haddr, + krb5_address *addr)); + +krb5_error_code +krb5_h_addr2sockaddr __P(( + int af, + const char *addr, + struct sockaddr *sa, + int *sa_size, + int port)); + +krb5_error_code +krb5_init_context __P((krb5_context *context)); + +void +krb5_init_ets __P((krb5_context context)); + +krb5_error_code +krb5_init_etype __P(( + krb5_context context, + unsigned *len, + int **val, + const krb5_enctype *etypes)); + +krb5_error_code +krb5_initlog __P(( + krb5_context context, + const char *program, + krb5_log_facility **fac)); + +krb5_error_code +krb5_keyblock_key_proc __P(( + krb5_context context, + krb5_keytype type, + krb5_data *salt, + krb5_const_pointer keyseed, + krb5_keyblock **key)); + +krb5_error_code +krb5_keytab_key_proc __P(( + krb5_context context, + krb5_enctype enctype, + krb5_salt salt, + krb5_const_pointer keyseed, + krb5_keyblock **key)); + +krb5_error_code +krb5_keytype_to_enctypes __P(( + krb5_context context, + krb5_keytype keytype, + unsigned *len, + int **val)); + +krb5_error_code +krb5_keytype_to_enctypes_default __P(( + krb5_context context, + krb5_keytype keytype, + unsigned *len, + int **val)); + +krb5_error_code +krb5_keytype_to_string __P(( + krb5_context context, + krb5_keytype keytype, + char **string)); + +krb5_error_code +krb5_kt_add_entry __P(( + krb5_context context, + krb5_keytab id, + krb5_keytab_entry *entry)); + +krb5_error_code +krb5_kt_close __P(( + krb5_context context, + krb5_keytab id)); + +krb5_boolean +krb5_kt_compare __P(( + krb5_context context, + krb5_keytab_entry *entry, + krb5_const_principal principal, + krb5_kvno vno, + krb5_enctype enctype)); + +krb5_error_code +krb5_kt_copy_entry_contents __P(( + krb5_context context, + const krb5_keytab_entry *in, + krb5_keytab_entry *out)); + +krb5_error_code +krb5_kt_default __P(( + krb5_context context, + krb5_keytab *id)); + +krb5_error_code +krb5_kt_default_name __P(( + krb5_context context, + char *name, + size_t namesize)); + +krb5_error_code +krb5_kt_end_seq_get __P(( + krb5_context context, + krb5_keytab id, + krb5_kt_cursor *cursor)); + +krb5_error_code +krb5_kt_free_entry __P(( + krb5_context context, + krb5_keytab_entry *entry)); + +krb5_error_code +krb5_kt_get_entry __P(( + krb5_context context, + krb5_keytab id, + krb5_const_principal principal, + krb5_kvno kvno, + krb5_enctype enctype, + krb5_keytab_entry *entry)); + +krb5_error_code +krb5_kt_get_name __P(( + krb5_context context, + krb5_keytab keytab, + char *name, + size_t namesize)); + +krb5_error_code +krb5_kt_next_entry __P(( + krb5_context context, + krb5_keytab id, + krb5_keytab_entry *entry, + krb5_kt_cursor *cursor)); + +krb5_error_code +krb5_kt_read_service_key __P(( + krb5_context context, + krb5_pointer keyprocarg, + krb5_principal principal, + krb5_kvno vno, + krb5_enctype enctype, + krb5_keyblock **key)); + +krb5_error_code +krb5_kt_register __P(( + krb5_context context, + const krb5_kt_ops *ops)); + +krb5_error_code +krb5_kt_remove_entry __P(( + krb5_context context, + krb5_keytab id, + krb5_keytab_entry *entry)); + +krb5_error_code +krb5_kt_resolve __P(( + krb5_context context, + const char *name, + krb5_keytab *id)); + +krb5_error_code +krb5_kt_start_seq_get __P(( + krb5_context context, + krb5_keytab id, + krb5_kt_cursor *cursor)); + +krb5_boolean +krb5_kuserok __P(( + krb5_context context, + krb5_principal principal, + const char *luser)); + +krb5_error_code +krb5_log __P(( + krb5_context context, + krb5_log_facility *fac, + int level, + const char *fmt, + ...)) + __attribute__((format (printf, 4, 5))); + +krb5_error_code +krb5_log_msg __P(( + krb5_context context, + krb5_log_facility *fac, + int level, + char **reply, + const char *fmt, + ...)) + __attribute__((format (printf, 5, 6))); + +krb5_error_code +krb5_make_addrport __P(( + krb5_address **res, + const krb5_address *addr, + int16_t port)); + +krb5_error_code +krb5_make_principal __P(( + krb5_context context, + krb5_principal *principal, + krb5_const_realm realm, + ...)); + +size_t +krb5_max_sockaddr_size __P((void)); + +krb5_error_code +krb5_mk_error __P(( + krb5_context context, + krb5_error_code error_code, + const char *e_text, + const krb5_data *e_data, + const krb5_principal client, + const krb5_principal server, + time_t ctime, + krb5_data *reply)); + +krb5_error_code +krb5_mk_priv __P(( + krb5_context context, + krb5_auth_context auth_context, + const krb5_data *userdata, + krb5_data *outbuf, + void *outdata)); + +krb5_error_code +krb5_mk_rep __P(( + krb5_context context, + krb5_auth_context *auth_context, + krb5_data *outbuf)); + +krb5_error_code +krb5_mk_req __P(( + krb5_context context, + krb5_auth_context *auth_context, + const krb5_flags ap_req_options, + char *service, + char *hostname, + krb5_data *in_data, + krb5_ccache ccache, + krb5_data *outbuf)); + +krb5_error_code +krb5_mk_req_extended __P(( + krb5_context context, + krb5_auth_context *auth_context, + const krb5_flags ap_req_options, + krb5_data *in_data, + krb5_creds *in_creds, + krb5_data *outbuf)); + +krb5_error_code +krb5_mk_req_internal __P(( + krb5_context context, + krb5_auth_context *auth_context, + const krb5_flags ap_req_options, + krb5_data *in_data, + krb5_creds *in_creds, + krb5_data *outbuf, + krb5_key_usage usage)); + +krb5_error_code +krb5_mk_safe __P(( + krb5_context context, + krb5_auth_context auth_context, + const krb5_data *userdata, + krb5_data *outbuf, + void *outdata)); + +ssize_t +krb5_net_read __P(( + krb5_context context, + void *p_fd, + void *buf, + size_t len)); + +ssize_t +krb5_net_write __P(( + krb5_context context, + void *p_fd, + const void *buf, + size_t len)); + +krb5_error_code +krb5_openlog __P(( + krb5_context context, + const char *program, + krb5_log_facility **fac)); + +krb5_error_code +krb5_parse_address __P(( + krb5_context context, + const char *string, + krb5_addresses *addresses)); + +krb5_error_code +krb5_parse_name __P(( + krb5_context context, + const char *name, + krb5_principal *principal)); + +krb5_error_code +krb5_password_key_proc __P(( + krb5_context context, + krb5_enctype type, + krb5_salt salt, + krb5_const_pointer keyseed, + krb5_keyblock **key)); + +krb5_realm* +krb5_princ_realm __P(( + krb5_context context, + krb5_principal principal)); + +void +krb5_princ_set_realm __P(( + krb5_context context, + krb5_principal principal, + krb5_realm *realm)); + +krb5_error_code +krb5_principal2principalname __P(( + PrincipalName *p, + const krb5_principal from)); + +krb5_boolean +krb5_principal_compare __P(( + krb5_context context, + krb5_const_principal princ1, + krb5_const_principal princ2)); + +krb5_boolean +krb5_principal_compare_any_realm __P(( + krb5_context context, + krb5_const_principal princ1, + krb5_const_principal princ2)); + +krb5_error_code +krb5_print_address __P(( + const krb5_address *addr, + char *str, + size_t len, + size_t *ret_len)); + +int +krb5_program_setup __P(( + krb5_context *context, + int argc, + char **argv, + struct getargs *args, + int num_args, + void (*usage)(int, struct getargs*, int))); + +int +krb5_prompter_posix __P(( + krb5_context context, + void *data, + const char *banner, + int num_prompts, + krb5_prompt prompts[])); + +krb5_error_code +krb5_rd_cred __P(( + krb5_context context, + krb5_auth_context auth_context, + krb5_ccache ccache, + krb5_data *in_data)); + +krb5_error_code +krb5_rd_error __P(( + krb5_context context, + krb5_data *msg, + KRB_ERROR *result)); + +krb5_error_code +krb5_rd_priv __P(( + krb5_context context, + krb5_auth_context auth_context, + const krb5_data *inbuf, + krb5_data *outbuf, + void *outdata)); + +krb5_error_code +krb5_rd_rep __P(( + krb5_context context, + krb5_auth_context auth_context, + const krb5_data *inbuf, + krb5_ap_rep_enc_part **repl)); + +krb5_error_code +krb5_rd_req __P(( + krb5_context context, + krb5_auth_context *auth_context, + const krb5_data *inbuf, + krb5_const_principal server, + krb5_keytab keytab, + krb5_flags *ap_req_options, + krb5_ticket **ticket)); + +krb5_error_code +krb5_rd_req_with_keyblock __P(( + krb5_context context, + krb5_auth_context *auth_context, + const krb5_data *inbuf, + krb5_const_principal server, + krb5_keyblock *keyblock, + krb5_flags *ap_req_options, + krb5_ticket **ticket)); + +krb5_error_code +krb5_rd_safe __P(( + krb5_context context, + krb5_auth_context auth_context, + const krb5_data *inbuf, + krb5_data *outbuf, + void *outdata)); + +krb5_error_code +krb5_read_message __P(( + krb5_context context, + krb5_pointer p_fd, + krb5_data *data)); + +krb5_boolean +krb5_realm_compare __P(( + krb5_context context, + krb5_const_principal princ1, + krb5_const_principal princ2)); + +krb5_error_code +krb5_recvauth __P(( + krb5_context context, + krb5_auth_context *auth_context, + krb5_pointer p_fd, + char *appl_version, + krb5_principal server, + int32_t flags, + krb5_keytab keytab, + krb5_ticket **ticket)); + +krb5_error_code +krb5_recvauth_match_version __P(( + krb5_context context, + krb5_auth_context *auth_context, + krb5_pointer p_fd, + krb5_boolean (*match_appl_version)(void *, const char*), + void *match_data, + krb5_principal server, + int32_t flags, + krb5_keytab keytab, + krb5_ticket **ticket)); + +krb5_error_code +krb5_ret_address __P(( + krb5_storage *sp, + krb5_address *adr)); + +krb5_error_code +krb5_ret_addrs __P(( + krb5_storage *sp, + krb5_addresses *adr)); + +krb5_error_code +krb5_ret_authdata __P(( + krb5_storage *sp, + krb5_authdata *auth)); + +krb5_error_code +krb5_ret_creds __P(( + krb5_storage *sp, + krb5_creds *creds)); + +krb5_error_code +krb5_ret_data __P(( + krb5_storage *sp, + krb5_data *data)); + +krb5_error_code +krb5_ret_int16 __P(( + krb5_storage *sp, + int16_t *value)); + +krb5_error_code +krb5_ret_int32 __P(( + krb5_storage *sp, + int32_t *value)); + +krb5_error_code +krb5_ret_int8 __P(( + krb5_storage *sp, + int8_t *value)); + +krb5_error_code +krb5_ret_keyblock __P(( + krb5_storage *sp, + krb5_keyblock *p)); + +krb5_error_code +krb5_ret_principal __P(( + krb5_storage *sp, + krb5_principal *princ)); + +krb5_error_code +krb5_ret_string __P(( + krb5_storage *sp, + char **string)); + +krb5_error_code +krb5_ret_stringz __P(( + krb5_storage *sp, + char **string)); + +krb5_error_code +krb5_ret_times __P(( + krb5_storage *sp, + krb5_times *times)); + +krb5_error_code +krb5_salttype_to_string __P(( + krb5_context context, + krb5_enctype etype, + krb5_salttype stype, + char **string)); + +krb5_error_code +krb5_sendauth __P(( + krb5_context context, + krb5_auth_context *auth_context, + krb5_pointer p_fd, + const char *appl_version, + krb5_principal client, + krb5_principal server, + krb5_flags ap_req_options, + krb5_data *in_data, + krb5_creds *in_creds, + krb5_ccache ccache, + krb5_error **ret_error, + krb5_ap_rep_enc_part **rep_result, + krb5_creds **out_creds)); + +krb5_error_code +krb5_sendto_kdc __P(( + krb5_context context, + const krb5_data *send, + const krb5_realm *realm, + krb5_data *receive)); + +krb5_error_code +krb5_set_default_in_tkt_etypes __P(( + krb5_context context, + const krb5_enctype *etypes)); + +krb5_error_code +krb5_set_default_realm __P(( + krb5_context context, + char *realm)); + +krb5_error_code +krb5_set_extra_addresses __P(( + krb5_context context, + krb5_addresses *addresses)); + +krb5_error_code +krb5_set_fcache_version __P(( + krb5_context context, + int version)); + +void +krb5_set_use_admin_kdc __P(( + krb5_context context, + krb5_boolean flag)); + +krb5_error_code +krb5_set_warn_dest __P(( + krb5_context context, + krb5_log_facility *fac)); + +krb5_error_code +krb5_sname_to_principal __P(( + krb5_context context, + const char *hostname, + const char *sname, + int32_t type, + krb5_principal *ret_princ)); + +krb5_error_code +krb5_sock_to_principal __P(( + krb5_context context, + int sock, + const char *sname, + int32_t type, + krb5_principal *ret_princ)); + +krb5_error_code +krb5_sockaddr2address __P(( + const struct sockaddr *sa, + krb5_address *addr)); + +krb5_error_code +krb5_sockaddr2port __P(( + const struct sockaddr *sa, + int16_t *port)); + +krb5_boolean +krb5_sockaddr_uninteresting __P((const struct sockaddr *sa)); + +void +krb5_std_usage __P(( + int code, + struct getargs *args, + int num_args)); + +void +krb5_storage_clear_flags __P(( + krb5_storage *sp, + krb5_flags flags)); + +krb5_storage * +krb5_storage_emem __P((void)); + +krb5_error_code +krb5_storage_free __P((krb5_storage *sp)); + +krb5_storage * +krb5_storage_from_data __P((krb5_data *data)); + +krb5_storage * +krb5_storage_from_fd __P((int fd)); + +krb5_storage * +krb5_storage_from_mem __P(( + void *buf, + size_t len)); + +krb5_boolean +krb5_storage_is_flags __P(( + krb5_storage *sp, + krb5_flags flags)); + +void +krb5_storage_set_flags __P(( + krb5_storage *sp, + krb5_flags flags)); + +krb5_error_code +krb5_storage_to_data __P(( + krb5_storage *sp, + krb5_data *data)); + +krb5_error_code +krb5_store_address __P(( + krb5_storage *sp, + krb5_address p)); + +krb5_error_code +krb5_store_addrs __P(( + krb5_storage *sp, + krb5_addresses p)); + +krb5_error_code +krb5_store_authdata __P(( + krb5_storage *sp, + krb5_authdata auth)); + +krb5_error_code +krb5_store_creds __P(( + krb5_storage *sp, + krb5_creds *creds)); + +krb5_error_code +krb5_store_data __P(( + krb5_storage *sp, + krb5_data data)); + +krb5_error_code +krb5_store_int16 __P(( + krb5_storage *sp, + int16_t value)); + +krb5_error_code +krb5_store_int32 __P(( + krb5_storage *sp, + int32_t value)); + +krb5_error_code +krb5_store_int8 __P(( + krb5_storage *sp, + int8_t value)); + +krb5_error_code +krb5_store_keyblock __P(( + krb5_storage *sp, + krb5_keyblock p)); + +krb5_error_code +krb5_store_principal __P(( + krb5_storage *sp, + krb5_principal p)); + +krb5_error_code +krb5_store_string __P(( + krb5_storage *sp, + const char *s)); + +krb5_error_code +krb5_store_stringz __P(( + krb5_storage *sp, + char *s)); + +krb5_error_code +krb5_store_times __P(( + krb5_storage *sp, + krb5_times times)); + +krb5_error_code +krb5_string_to_enctype __P(( + krb5_context context, + const char *string, + krb5_enctype *etype)); + +krb5_error_code +krb5_string_to_key __P(( + krb5_context context, + krb5_enctype enctype, + const char *password, + krb5_principal principal, + krb5_keyblock *key)); + +krb5_error_code +krb5_string_to_key_data __P(( + krb5_context context, + krb5_enctype enctype, + krb5_data password, + krb5_principal principal, + krb5_keyblock *key)); + +krb5_error_code +krb5_string_to_key_data_salt __P(( + krb5_context context, + krb5_enctype enctype, + krb5_data password, + krb5_salt salt, + krb5_keyblock *key)); + +krb5_error_code +krb5_string_to_key_derived __P(( + krb5_context context, + const void *str, + size_t len, + krb5_enctype etype, + krb5_keyblock *key)); + +krb5_error_code +krb5_string_to_key_salt __P(( + krb5_context context, + krb5_enctype enctype, + const char *password, + krb5_salt salt, + krb5_keyblock *key)); + +krb5_error_code +krb5_string_to_keytype __P(( + krb5_context context, + const char *string, + krb5_keytype *keytype)); + +krb5_error_code +krb5_string_to_salttype __P(( + krb5_context context, + krb5_enctype etype, + const char *string, + krb5_salttype *salttype)); + +krb5_error_code +krb5_timeofday __P(( + krb5_context context, + int32_t *timeret)); + +krb5_error_code +krb5_unparse_name __P(( + krb5_context context, + krb5_const_principal principal, + char **name)); + +krb5_error_code +krb5_unparse_name_fixed __P(( + krb5_context context, + krb5_const_principal principal, + char *name, + size_t len)); + +krb5_error_code +krb5_unparse_name_fixed_short __P(( + krb5_context context, + krb5_const_principal principal, + char *name, + size_t len)); + +krb5_error_code +krb5_unparse_name_short __P(( + krb5_context context, + krb5_const_principal principal, + char **name)); + +krb5_error_code +krb5_us_timeofday __P(( + krb5_context context, + int32_t *sec, + int32_t *usec)); + +krb5_error_code +krb5_vabort __P(( + krb5_context context, + krb5_error_code code, + const char *fmt, + va_list ap)) + __attribute__ ((noreturn, format (printf, 3, 0))); + +krb5_error_code +krb5_vabortx __P(( + krb5_context context, + const char *fmt, + va_list ap)) + __attribute__ ((noreturn, format (printf, 2, 0))); + +krb5_error_code +krb5_verify_ap_req __P(( + krb5_context context, + krb5_auth_context *auth_context, + krb5_ap_req *ap_req, + krb5_const_principal server, + krb5_keyblock *keyblock, + krb5_flags flags, + krb5_flags *ap_req_options, + krb5_ticket **ticket)); + +krb5_error_code +krb5_verify_authenticator_checksum __P(( + krb5_context context, + krb5_auth_context ac, + void *data, + size_t len)); + +krb5_error_code +krb5_verify_checksum __P(( + krb5_context context, + krb5_crypto crypto, + krb5_key_usage usage, + void *data, + size_t len, + Checksum *cksum)); + +krb5_error_code +krb5_verify_init_creds __P(( + krb5_context context, + krb5_creds *creds, + krb5_principal ap_req_server, + krb5_keytab ap_req_keytab, + krb5_ccache *ccache, + krb5_verify_init_creds_opt *options)); + +void +krb5_verify_init_creds_opt_init __P((krb5_verify_init_creds_opt *options)); + +void +krb5_verify_init_creds_opt_set_ap_req_nofail __P(( + krb5_verify_init_creds_opt *options, + int ap_req_nofail)); + +krb5_error_code +krb5_verify_user __P(( + krb5_context context, + krb5_principal principal, + krb5_ccache ccache, + const char *password, + krb5_boolean secure, + const char *service)); + +krb5_error_code +krb5_verify_user_lrealm __P(( + krb5_context context, + krb5_principal principal, + krb5_ccache ccache, + const char *password, + krb5_boolean secure, + const char *service)); + +krb5_error_code +krb5_verr __P(( + krb5_context context, + int eval, + krb5_error_code code, + const char *fmt, + va_list ap)) + __attribute__ ((noreturn, format (printf, 4, 0))); + +krb5_error_code +krb5_verrx __P(( + krb5_context context, + int eval, + const char *fmt, + va_list ap)) + __attribute__ ((noreturn, format (printf, 3, 0))); + +krb5_error_code +krb5_vlog __P(( + krb5_context context, + krb5_log_facility *fac, + int level, + const char *fmt, + va_list ap)) + __attribute__((format (printf, 4, 0))); + +krb5_error_code +krb5_vlog_msg __P(( + krb5_context context, + krb5_log_facility *fac, + char **reply, + int level, + const char *fmt, + va_list ap)) + __attribute__((format (printf, 5, 0))); + +krb5_error_code +krb5_vwarn __P(( + krb5_context context, + krb5_error_code code, + const char *fmt, + va_list ap)) + __attribute__ ((format (printf, 3, 0))); + +krb5_error_code +krb5_vwarnx __P(( + krb5_context context, + const char *fmt, + va_list ap)) + __attribute__ ((format (printf, 2, 0))); + +krb5_error_code +krb5_warn __P(( + krb5_context context, + krb5_error_code code, + const char *fmt, + ...)) + __attribute__ ((format (printf, 3, 4))); + +krb5_error_code +krb5_warnx __P(( + krb5_context context, + const char *fmt, + ...)) + __attribute__ ((format (printf, 2, 3))); + +krb5_error_code +krb5_write_message __P(( + krb5_context context, + krb5_pointer p_fd, + krb5_data *data)); + +krb5_error_code +krb5_xfree __P((void *ptr)); + +krb5_error_code +principalname2krb5_principal __P(( + krb5_principal *principal, + const PrincipalName from, + const Realm realm)); + +#endif /* __krb5_protos_h__ */ diff --git a/crypto/heimdal/lib/krb5/krb5.conf.5 b/crypto/heimdal/lib/krb5/krb5.conf.5 new file mode 100644 index 0000000..2a0adb6 --- /dev/null +++ b/crypto/heimdal/lib/krb5/krb5.conf.5 @@ -0,0 +1,167 @@ +.\" $Id: krb5.conf.5,v 1.7 1999/11/04 01:57:28 assar Exp $ +.\" +.Dd April 11, 1999 +.Dt KRB5.CONF 5 +.Os HEIMDAL +.Sh NAME +.Nm /etc/krb5.conf +.Nd +Configuration file for Kerberos 5 +.Sh DESCRIPTION +The +.Nm +file specifies several configuration parameters for the Kerberos 5 +library, as well as for some programs. +.Pp +The file consists of one or more sections, containing a number of +bindings. The value of each binding can be either a string or a list +of other bindings. The grammar looks like: +.Bd -literal -offset indent +file: + /* empty */ + sections + +sections: + section sections + section + +section: + '[' section_name ']' bindings + +section_name: + STRING + +bindings: + binding bindings + binding + +binding: + name '=' STRING + name '=' '{' bindings '}' + +name: + STRING + +.Ed +.Li STRINGs +consists of one or more non-white space characters. +Currently recognised sections and bindings are: + +.Bl -tag -width "xxx" -offset indent +.It Li [libdefaults] +.Bl -tag -width "xxx" -offset indent +.It Li default_realm = Va REALM +Default realm to use, this is also known as your +.Dq local realm . +The default is the result of +.Fn krb5_get_host_realm "local hostname" . +.It Li clockskew = Va time +Maximum time differential (in seconds) allowed when comparing +times. Default is 300 seconds (five minutes). +.It Li kdc_timeout = Va time +Maximum time to wait for a reply from the kdc, default is 3 seconds. +.It v4_name_convert +.It v4_instance_resolve +These are decribed in the +.Xr krb5_425_conv_principal 3 +manual page. +.It Li capath = Va realm-routing-table +.It Li default_etypes = Va etypes... +A list of default etypes to use. +.It Li default_etypes_des = Va etypes... +A list of default etypes to use when requesting a DES credential. +.It Li default_keytab_name = Va keytab +The keytab to use if none other is specified, default is +.Dq FILE:/etc/krb5.keytab . +.It Li kdc_timesync = Va boolean +Try to keep track of the time differential between the local machine +and the KDC, and then compensate for that when issuing requests. +.It Li max_retries = Va number +The max number of times to try to contact each KDC. +.It Li ticket_lifetime = Va time +Default ticket lifetime. +.It Li renew_lifetime = Va time +Default renewable ticket lifetime. +.It Li verify_ap_req_nofail = Va boolean +Enable to make a failure to verify obtained credentials +non-fatal. This can be useful if there is no keytab on a host. +.It Li warn_pwexpire = Va time +How soon to warn for expiring password. Default is seven days. +.It Li http_proxy = Va proxy-spec +A HTTP-proxy to use when talking to the KDC via HTTP. +.It Li dns_proxy = Va proxy-spec +Enable using DNS via HTTP. +.It Li extra_addresses = Va address... +A list of addresses to get tickets for along with all local addresses. +.It Li time_format = Va string +How to print time strings in logs, this string is passed to +.Xr strftime 3 . +.It Li log_utc = Va boolean +Write log-entries using UTC instead of your local time zone. +.El +.It Li [domain_realm] +This is a list of mappings from DNS domain to Kerberos realm. Each +binding in this section looks like: +.Pp +.Dl domain = realm +.Pp +The domain can be either a full name of a host or a trailing +component, in the latter case the domain-string should start with a +perid. +.It Li [realms] +.Bl -tag -width "xxx" -offset indent +.It Va REALM Li = { +.Bl -tag -width "xxx" -offset indent +.It Li kdc = Va host[:port] +Specifies a kdc for this realm. If the optional port is absent, the +default value for the +.Dq kerberos/udp +service will be used. +.It Li v4_instance_convert +.It Li v4_name_convert +.It Li default_domain +See +.Xr krb5_425_conv_principal 3 . +.El +.It Li } +.El +.It Li [logging] +.Bl -tag -width "xxx" -offset indent +.It Va entity Li = Va destination +Specifies that +.Va entity +should use the specified +.Li destination +for logging. See the +.Xr krb5_openlog 3 +manual page for a list of defined destinations. +.El +.El +.Sh EXAMPLE +.Bd -literal -offset indent +[lib_defaults] + default_domain = FOO.SE +[domain_realm] + .foo.se = FOO.SE + .bar.se = FOO.SE +[realms] + FOO.SE = { + kdc = kerberos.foo.se + v4_name_convert = { + rcmd = host + } + v4_instance_convert = { + xyz = xyz.bar.se + } + default_domain = foo.se + } +[logging] + kdc = FILE:/var/heimdal/kdc.log + kdc = SYSLOG:INFO + default = SYSLOG:INFO:USER +.Ed +.Sh SEE ALSO +.Xr krb5_openlog 3 , +.Xr krb5_425_conv_principal 3 , +.Xr strftime 3 , +.Xr Source tm diff --git a/crypto/heimdal/lib/krb5/krb5.h b/crypto/heimdal/lib/krb5/krb5.h new file mode 100644 index 0000000..11cabc6 --- /dev/null +++ b/crypto/heimdal/lib/krb5/krb5.h @@ -0,0 +1,600 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: krb5.h,v 1.162 2000/01/02 00:19:24 assar Exp $ */ + +#ifndef __KRB5_H__ +#define __KRB5_H__ + +#include <time.h> +#include <krb5-types.h> + +#include <des.h> +#include <asn1_err.h> +#include <krb5_err.h> +#include <heim_err.h> + +#include <asn1.h> + +/* simple constants */ + +#ifndef TRUE +#define TRUE 1 +#define FALSE 0 +#endif + +typedef int krb5_boolean; + +typedef int32_t krb5_error_code; + +typedef int krb5_kvno; + +typedef u_int32_t krb5_flags; + +typedef void *krb5_pointer; +typedef const void *krb5_const_pointer; + +typedef octet_string krb5_data; + +struct krb5_crypto_data; +typedef struct krb5_crypto_data *krb5_crypto; + +typedef enum krb5_cksumtype { + CKSUMTYPE_NONE = 0, + CKSUMTYPE_CRC32 = 1, + CKSUMTYPE_RSA_MD4 = 2, + CKSUMTYPE_RSA_MD4_DES = 3, + CKSUMTYPE_DES_MAC = 4, + CKSUMTYPE_DES_MAC_K = 5, + CKSUMTYPE_RSA_MD4_DES_K = 6, + CKSUMTYPE_RSA_MD5 = 7, + CKSUMTYPE_RSA_MD5_DES = 8, + CKSUMTYPE_RSA_MD5_DES3 = 9, +/* CKSUMTYPE_SHA1 = 10,*/ + CKSUMTYPE_HMAC_SHA1_DES3 = 12, + CKSUMTYPE_SHA1 = 1000, /* correct value? */ + CKSUMTYPE_HMAC_MD5 = -138 /* unofficial microsoft number */ +} krb5_cksumtype; + + +typedef enum krb5_enctype { + ETYPE_NULL = 0, + ETYPE_DES_CBC_CRC = 1, + ETYPE_DES_CBC_MD4 = 2, + ETYPE_DES_CBC_MD5 = 3, + ETYPE_DES3_CBC_MD5 = 5, + ETYPE_OLD_DES3_CBC_SHA1 = 7, + ETYPE_SIGN_DSA_GENERATE = 8, + ETYPE_ENCRYPT_RSA_PRIV = 9, + ETYPE_ENCRYPT_RSA_PUB = 10, + ETYPE_DES3_CBC_SHA1 = 16, /* with key derivation */ + ETYPE_ARCFOUR_HMAC_MD5 = 23, + ETYPE_ARCFOUR_HMAC_MD5_56 = 24, + ETYPE_ENCTYPE_PK_CROSS = 48, + ETYPE_DES_CBC_NONE = 0x1000, + ETYPE_DES3_CBC_NONE = 0x1001 +} krb5_enctype; + +typedef enum krb5_preauthtype { + KRB5_PADATA_NONE = 0, + KRB5_PADATA_AP_REQ, + KRB5_PADATA_TGS_REQ = 1, + KRB5_PADATA_ENC_TIMESTAMP = 2, + KRB5_PADATA_ENC_SECURID +} krb5_preauthtype; + +typedef enum krb5_key_usage { + KRB5_KU_PA_ENC_TIMESTAMP = 1, + /* AS-REQ PA-ENC-TIMESTAMP padata timestamp, encrypted with the + client key (section 5.4.1) */ + KRB5_KU_TICKET = 2, + /* AS-REP Ticket and TGS-REP Ticket (includes tgs session key or + application session key), encrypted with the service key + (section 5.4.2) */ + KRB5_KU_AS_REP_ENC_PART = 3, + /* AS-REP encrypted part (includes tgs session key or application + session key), encrypted with the client key (section 5.4.2) */ + KRB5_KU_TGS_REQ_AUTH_DAT_SESSION = 4, + /* TGS-REQ KDC-REQ-BODY AuthorizationData, encrypted with the tgs + session key (section 5.4.1) */ + KRB5_KU_TGS_REQ_AUTH_DAT_SUBKEY = 5, + /* TGS-REQ KDC-REQ-BODY AuthorizationData, encrypted with the tgs + authenticator subkey (section 5.4.1) */ + KRB5_KU_TGS_REQ_AUTH_CKSUM = 6, + /* TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator cksum, keyed + with the tgs session key (sections 5.3.2, 5.4.1) */ + KRB5_KU_TGS_REQ_AUTH = 7, + /* TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator (includes tgs + authenticator subkey), encrypted with the tgs session key + (section 5.3.2) */ + KRB5_KU_TGS_REP_ENC_PART_SESSION = 8, + /* TGS-REP encrypted part (includes application session key), + encrypted with the tgs session key (section 5.4.2) */ + KRB5_KU_TGS_REP_ENC_PART_SUB_KEY = 9, + /* TGS-REP encrypted part (includes application session key), + encrypted with the tgs authenticator subkey (section 5.4.2) */ + KRB5_KU_AP_REQ_AUTH_CKSUM = 10, + /* AP-REQ Authenticator cksum, keyed with the application session + key (section 5.3.2) */ + KRB5_KU_AP_REQ_AUTH = 11, + /* AP-REQ Authenticator (includes application authenticator + subkey), encrypted with the application session key (section + 5.3.2) */ + KRB5_KU_AP_REQ_ENC_PART = 12, + /* AP-REP encrypted part (includes application session subkey), + encrypted with the application session key (section 5.5.2) */ + KRB5_KU_KRB_PRIV = 13, + /* KRB-PRIV encrypted part, encrypted with a key chosen by the + application (section 5.7.1) */ + KRB5_KU_KRB_CRED = 14, + /* KRB-CRED encrypted part, encrypted with a key chosen by the + application (section 5.8.1) */ + KRB5_KU_KRB_SAFE_CKSUM = 15, + /* KRB-SAFE cksum, keyed with a key chosen by the application + (section 5.6.1) */ + KRB5_KU_OTHER_ENCRYPTED = 16, + /* Data which is defined in some specification outside of + Kerberos to be encrypted using an RFC1510 encryption type. */ + KRB5_KU_OTHER_CKSUM = 17 + /* Data which is defined in some specification outside of + Kerberos to be checksummed using an RFC1510 checksum type. */ +} krb5_key_usage; + +typedef enum krb5_salttype { + KRB5_PW_SALT = pa_pw_salt, + KRB5_AFS3_SALT = pa_afs3_salt +}krb5_salttype; + +typedef struct krb5_salt { + krb5_salttype salttype; + krb5_data saltvalue; +} krb5_salt; + +typedef ETYPE_INFO krb5_preauthinfo; + +typedef struct { + krb5_preauthtype type; + krb5_preauthinfo info; /* list of preauthinfo for this type */ +} krb5_preauthdata_entry; + +typedef struct krb5_preauthdata { + unsigned len; + krb5_preauthdata_entry *val; +}krb5_preauthdata; + +typedef enum krb5_address_type { + KRB5_ADDRESS_INET = 2, + KRB5_ADDRESS_INET6 = 24, + KRB5_ADDRESS_ADDRPORT = 256, + KRB5_ADDRESS_IPPORT = 257 +} krb5_address_type; + +enum { + AP_OPTS_USE_SESSION_KEY = 1, + AP_OPTS_MUTUAL_REQUIRED = 2 +}; + +typedef HostAddress krb5_address; + +typedef HostAddresses krb5_addresses; + +typedef enum krb5_keytype { + KEYTYPE_NULL = 0, + KEYTYPE_DES = 1, + KEYTYPE_DES3 = 7, + KEYTYPE_ARCFOUR = 23 +} krb5_keytype; + +typedef EncryptionKey krb5_keyblock; + +typedef AP_REQ krb5_ap_req; + +struct krb5_cc_ops; + +#define KRB5_DEFAULT_CCROOT "FILE:/tmp/krb5cc_" + +typedef void *krb5_cc_cursor; + +typedef struct krb5_ccache_data { + const struct krb5_cc_ops *ops; + krb5_data data; +}krb5_ccache_data; + +typedef struct krb5_ccache_data *krb5_ccache; + +typedef struct krb5_context_data *krb5_context; + +typedef Realm krb5_realm; +typedef const char *krb5_const_realm; /* stupid language */ +typedef Principal krb5_principal_data; +typedef struct Principal *krb5_principal; +typedef const struct Principal *krb5_const_principal; + +typedef time_t krb5_deltat; +typedef time_t krb5_timestamp; + +typedef struct krb5_times { + krb5_timestamp authtime; + krb5_timestamp starttime; + krb5_timestamp endtime; + krb5_timestamp renew_till; +} krb5_times; + +typedef union { + TicketFlags b; + krb5_flags i; +} krb5_ticket_flags; + +/* options for krb5_get_in_tkt() */ +#define KDC_OPT_FORWARDABLE (1 << 1) +#define KDC_OPT_FORWARDED (1 << 2) +#define KDC_OPT_PROXIABLE (1 << 3) +#define KDC_OPT_PROXY (1 << 4) +#define KDC_OPT_ALLOW_POSTDATE (1 << 5) +#define KDC_OPT_POSTDATED (1 << 6) +#define KDC_OPT_RENEWABLE (1 << 8) +#define KDC_OPT_REQUEST_ANONYMOUS (1 << 14) +#define KDC_OPT_DISABLE_TRANSITED_CHECK (1 << 26) +#define KDC_OPT_RENEWABLE_OK (1 << 27) +#define KDC_OPT_ENC_TKT_IN_SKEY (1 << 28) +#define KDC_OPT_RENEW (1 << 30) +#define KDC_OPT_VALIDATE (1 << 31) + +typedef union { + KDCOptions b; + krb5_flags i; +} krb5_kdc_flags; + +/* flags for krb5_verify_ap_req */ + +#define KRB5_VERIFY_AP_REQ_IGNORE_INVALID (1 << 0) + +#define KRB5_GC_CACHED 1 +#define KRB5_GC_USER_USER 2 + +/* constants for compare_creds (and cc_retrieve_cred) */ +#define KRB5_TC_DONT_MATCH_REALM (1U << 31) +#define KRB5_TC_MATCH_KEYTYPE (1U << 30) + +typedef AuthorizationData krb5_authdata; + +typedef KRB_ERROR krb5_error; + +typedef struct krb5_creds { + krb5_principal client; + krb5_principal server; + krb5_keyblock session; + krb5_times times; + krb5_data ticket; + krb5_data second_ticket; + krb5_authdata authdata; + krb5_addresses addresses; + krb5_ticket_flags flags; +} krb5_creds; + +typedef struct krb5_cc_ops { + char *prefix; + char* (*get_name)(krb5_context, krb5_ccache); + krb5_error_code (*resolve)(krb5_context, krb5_ccache *, const char *); + krb5_error_code (*gen_new)(krb5_context, krb5_ccache *); + krb5_error_code (*init)(krb5_context, krb5_ccache, krb5_principal); + krb5_error_code (*destroy)(krb5_context, krb5_ccache); + krb5_error_code (*close)(krb5_context, krb5_ccache); + krb5_error_code (*store)(krb5_context, krb5_ccache, krb5_creds*); + krb5_error_code (*retrieve)(krb5_context, krb5_ccache, + krb5_flags, krb5_creds*, krb5_creds); + krb5_error_code (*get_princ)(krb5_context, krb5_ccache, krb5_principal*); + krb5_error_code (*get_first)(krb5_context, krb5_ccache, krb5_cc_cursor *); + krb5_error_code (*get_next)(krb5_context, krb5_ccache, + krb5_cc_cursor*, krb5_creds*); + krb5_error_code (*end_get)(krb5_context, krb5_ccache, krb5_cc_cursor*); + krb5_error_code (*remove_cred)(krb5_context, krb5_ccache, + krb5_flags, krb5_creds*); + krb5_error_code (*set_flags)(krb5_context, krb5_ccache, krb5_flags); + int (*get_version)(krb5_context, krb5_ccache); +} krb5_cc_ops; + +struct krb5_log_facility; + +struct krb5_config_binding { + enum { krb5_config_string, krb5_config_list } type; + char *name; + struct krb5_config_binding *next; + union { + char *string; + struct krb5_config_binding *list; + void *generic; + } u; +}; + +typedef struct krb5_config_binding krb5_config_binding; + +typedef krb5_config_binding krb5_config_section; + +typedef struct krb5_context_data { + krb5_enctype *etypes; + krb5_enctype *etypes_des; + char **default_realms; + time_t max_skew; + time_t kdc_timeout; + unsigned max_retries; + int32_t kdc_sec_offset; + int32_t kdc_usec_offset; + krb5_config_section *cf; + struct et_list *et_list; + struct krb5_log_facility *warn_dest; + krb5_cc_ops *cc_ops; + int num_cc_ops; + const char *http_proxy; + const char *time_fmt; + krb5_boolean log_utc; + const char *default_keytab; + krb5_boolean use_admin_kdc; + krb5_addresses *extra_addresses; + krb5_boolean scan_interfaces; /* `ifconfig -a' */ + krb5_boolean srv_lookup; /* do SRV lookups */ + krb5_boolean srv_try_txt; /* try TXT records also */ + krb5_boolean srv_try_rfc2052; /* try RFC2052 compatible records */ + int32_t fcache_vno; /* create cache files w/ this + version */ + int num_kt_types; /* # of registered keytab types */ + struct krb5_keytab_data *kt_types; /* registered keytab types */ +} krb5_context_data; + +enum { + KRB5_NT_UNKNOWN = 0, + KRB5_NT_PRINCIPAL = 1, + KRB5_NT_SRV_INST = 2, + KRB5_NT_SRV_HST = 3, + KRB5_NT_SRV_XHST = 4, + KRB5_NT_UID = 5 +}; + + +typedef struct krb5_ticket { + EncTicketPart ticket; + krb5_principal client; + krb5_principal server; +} krb5_ticket; + +typedef Authenticator krb5_authenticator_data; + +typedef krb5_authenticator_data *krb5_authenticator; + +struct krb5_rcache_data; +typedef struct krb5_rcache_data *krb5_rcache; +typedef Authenticator krb5_donot_reply; + +#define KRB5_STORAGE_HOST_BYTEORDER 0x01 +#define KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS 0x02 +#define KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE 0x04 +#define KRB5_STORAGE_KEYBLOCK_KEYTYPE_TWICE 0x08 + +typedef struct krb5_storage { + void *data; + ssize_t (*fetch)(struct krb5_storage*, void*, size_t); + ssize_t (*store)(struct krb5_storage*, void*, size_t); + off_t (*seek)(struct krb5_storage*, off_t, int); + void (*free)(struct krb5_storage*); + krb5_flags flags; +} krb5_storage; + +typedef struct krb5_keytab_entry { + krb5_principal principal; + krb5_kvno vno; + krb5_keyblock keyblock; + u_int32_t timestamp; +} krb5_keytab_entry; + +typedef struct krb5_kt_cursor { + int fd; + krb5_storage *sp; + void *data; +} krb5_kt_cursor; + +struct krb5_keytab_data; + +typedef struct krb5_keytab_data *krb5_keytab; + +struct krb5_keytab_data { + char *prefix; + krb5_error_code (*resolve)(krb5_context, const char*, krb5_keytab); + krb5_error_code (*get_name)(krb5_context, krb5_keytab, char*, size_t); + krb5_error_code (*close)(krb5_context, krb5_keytab); + krb5_error_code (*get)(krb5_context, krb5_keytab, krb5_const_principal, + krb5_kvno, krb5_enctype, krb5_keytab_entry*); + krb5_error_code (*start_seq_get)(krb5_context, krb5_keytab, krb5_kt_cursor*); + krb5_error_code (*next_entry)(krb5_context, krb5_keytab, + krb5_keytab_entry*, krb5_kt_cursor*); + krb5_error_code (*end_seq_get)(krb5_context, krb5_keytab, krb5_kt_cursor*); + krb5_error_code (*add)(krb5_context, krb5_keytab, krb5_keytab_entry*); + krb5_error_code (*remove)(krb5_context, krb5_keytab, krb5_keytab_entry*); + void *data; + int32_t version; +}; + +typedef struct krb5_keytab_data krb5_kt_ops; + +struct krb5_keytab_key_proc_args { + krb5_keytab keytab; + krb5_principal principal; +}; + +typedef struct krb5_keytab_key_proc_args krb5_keytab_key_proc_args; + +enum { + KRB5_AUTH_CONTEXT_DO_TIME = 1, + KRB5_AUTH_CONTEXT_RET_TIME = 2, + KRB5_AUTH_CONTEXT_DO_SEQUENCE = 4, + KRB5_AUTH_CONTEXT_RET_SEQUENCE = 8 +}; + +typedef struct krb5_auth_context_data { + unsigned int flags; + + krb5_address *local_address; + krb5_address *remote_address; + int16_t local_port; + int16_t remote_port; + krb5_keyblock *keyblock; + krb5_keyblock *local_subkey; + krb5_keyblock *remote_subkey; + + int32_t local_seqnumber; + int32_t remote_seqnumber; + + krb5_authenticator authenticator; + + krb5_pointer i_vector; + + krb5_rcache rcache; + + krb5_keytype keytype; /* ¿requested key type ? */ + krb5_cksumtype cksumtype; /* ¡requested checksum type! */ + +}krb5_auth_context_data, *krb5_auth_context; + +typedef struct { + KDC_REP kdc_rep; + EncKDCRepPart enc_part; + KRB_ERROR error; +} krb5_kdc_rep; + +extern char *heimdal_version, *heimdal_long_version; + +typedef void (*krb5_log_log_func_t)(const char*, const char*, void*); +typedef void (*krb5_log_close_func_t)(void*); + +typedef struct krb5_log_facility { + const char *program; + int len; + struct facility *val; +} krb5_log_facility; + +typedef EncAPRepPart krb5_ap_rep_enc_part; + +#define KRB5_RECVAUTH_IGNORE_VERSION 1 + +#define KRB5_SENDAUTH_VERSION "KRB5_SENDAUTH_V1.0" + +#define KRB5_TGS_NAME_SIZE (6) +#define KRB5_TGS_NAME ("krbtgt") + +/* variables */ + +extern const char krb5_config_file[]; +extern const char krb5_defkeyname[]; + +typedef struct _krb5_prompt { + char *prompt; + int hidden; + krb5_data *reply; +} krb5_prompt; + +typedef int (*krb5_prompter_fct)(krb5_context context, + void *data, + const char *banner, + int num_prompts, + krb5_prompt prompts[]); + +typedef krb5_error_code (*krb5_key_proc)(krb5_context context, + krb5_enctype type, + krb5_salt salt, + krb5_const_pointer keyseed, + krb5_keyblock **key); +typedef krb5_error_code (*krb5_decrypt_proc)(krb5_context context, + krb5_keyblock *key, + krb5_key_usage usage, + krb5_const_pointer decrypt_arg, + krb5_kdc_rep *dec_rep); + + +typedef struct _krb5_get_init_creds_opt { + krb5_flags flags; + krb5_deltat tkt_life; + krb5_deltat renew_life; + int forwardable; + int proxiable; + krb5_enctype *etype_list; + int etype_list_length; + krb5_addresses *address_list; +#if 0 /* this is the MIT-way */ + krb5_address **address_list; +#endif + /* XXX the next three should not be used, as they may be + removed later */ + krb5_preauthtype *preauth_list; + int preauth_list_length; + krb5_data *salt; +} krb5_get_init_creds_opt; + +#define KRB5_GET_INIT_CREDS_OPT_TKT_LIFE 0x0001 +#define KRB5_GET_INIT_CREDS_OPT_RENEW_LIFE 0x0002 +#define KRB5_GET_INIT_CREDS_OPT_FORWARDABLE 0x0004 +#define KRB5_GET_INIT_CREDS_OPT_PROXIABLE 0x0008 +#define KRB5_GET_INIT_CREDS_OPT_ETYPE_LIST 0x0010 +#define KRB5_GET_INIT_CREDS_OPT_ADDRESS_LIST 0x0020 +#define KRB5_GET_INIT_CREDS_OPT_PREAUTH_LIST 0x0040 +#define KRB5_GET_INIT_CREDS_OPT_SALT 0x0080 + +typedef struct _krb5_verify_init_creds_opt { + krb5_flags flags; + int ap_req_nofail; +} krb5_verify_init_creds_opt; + +#define KRB5_VERIFY_INIT_CREDS_OPT_AP_REQ_NOFAIL 0x0001 + +extern const krb5_cc_ops krb5_fcc_ops; +extern const krb5_cc_ops krb5_mcc_ops; + +extern const krb5_kt_ops krb5_fkt_ops; +extern const krb5_kt_ops krb5_mkt_ops; +extern const krb5_kt_ops krb5_akf_ops; + +#define KRB5_KPASSWD_SUCCESS 0 +#define KRB5_KPASSWD_MALFORMED 0 +#define KRB5_KPASSWD_HARDERROR 0 +#define KRB5_KPASSWD_AUTHERROR 0 +#define KRB5_KPASSWD_SOFTERROR 0 + +#define KPASSWD_PORT 464 + +struct credentials; /* this is to keep the compiler happy */ +struct getargs; + +struct sockaddr; + +#include <krb5-protos.h> + +#endif /* __KRB5_H__ */ + diff --git a/crypto/heimdal/lib/krb5/krb5_425_conv_principal.3 b/crypto/heimdal/lib/krb5/krb5_425_conv_principal.3 new file mode 100644 index 0000000..231c3ff --- /dev/null +++ b/crypto/heimdal/lib/krb5/krb5_425_conv_principal.3 @@ -0,0 +1,198 @@ +.\" Copyright (c) 1997 Kungliga Tekniska Högskolan +.\" $Id: krb5_425_conv_principal.3,v 1.3 1999/04/11 01:47:22 joda Exp $ +.Dd April 11, 1999 +.Dt KRB5_425_CONV_PRINCIPAL 3 +.Os HEIMDAL +.Sh NAME +.Nm krb5_425_conv_principal , +.Nm krb5_425_conv_principal_ext , +.Nm krb5_524_conv_principal +.Nd Converts to and from version 4 principals + +.Sh SYNOPSIS +.Fd #include <krb5.h> + +.Ft krb5_error_code +.Fn krb5_425_conv_principal "krb5_context context" "const char *name" "const char *instance" "const char *realm" "krb5_principal *principal" + +.Ft krb5_error_code +.Fn krb5_425_conv_principal_ext "krb5_context context" "const char *name" "const char *instance" "const char *realm" "krb5_boolean (*func)(krb5_context, krb5_principal)" "krb5_boolean resolve" "krb5_principal *principal" + +.Ft krb5_error_code +.Fn krb5_524_conv_principal "krb5_context context" "const krb5_principal principal" "char *name" "char *instance" "char *realm" + +.Sh DESCRIPTION + +Converting between version 4 and version 5 principals can at best be +described as a mess. +.Pp +A version 4 principal consists of a name, an instance, and a realm. A +version 5 principal consists of one or more components, and a +realm. In some cases also the first component/name will differ between +version 4 and version 5. Furthermore the second component of a host +principal will be the fully qualified domain name of the host in +question, while the instance of a version 4 principal will only +contain the first component. Because of these problems the conversion +between principals will have to be site customized. +.Pp +.Fn krb5_425_conv_principal_ext +will try to convert a version 4 principal, given by +.Fa name , +.Fa instance , +and +.Fa realm , +to a version 5 principal. This can result in several possible +principals, and if +.Fa func +is non-NULL, it will be called for each candidate principal. +.Fa func +should return true if the principal was +.Dq good . +To accomplish this, +.Fn krb5_425_conv_principal_ext +will look up the name in +.Pa krb5.conf . +It first looks in the +.Li v4_name_convert/host +subsection, which should contain a list of version 4 names whose +instance should be treated as a hostname. This list can be specified +for each realm (in the +.Li realms +section), or in the +.Li libdefaults +section. If the name is found the resulting name of the principal +will be the value of this binding. The instance is then first looked +up in +.Li v4_instance_convert +for the specified realm. If found the resulting value will be used as +instance (this can be used for special cases), no further attempts +will be made to find a conversion if this fails (with +.Fa func ) . +If the +.Fa resolve +parameter is true, the instance will be looked up with +.Fn gethostbyname . +This can be a time consuming, error prone, and unsafe operation. Next +a list of hostnames will be created from the instance and the +.Li v4_domains +variable, which should contain a list of possible domains for the +specific realm. +.Pp +On the other hand, if the name is not found in a +.Li host +section, it is looked up in a +.Li v4_name_convert/plain +binding. If found here the name will be converted, but the instance +will be untouched. +.Pp +This list of default host-type conversions is compiled-in: +.Bd -literal -offset indent +v4_name_convert = { + host = { + ftp = ftp + hprop = hprop + pop = pop + rcmd = host + } +} +.Ed +.Pp +It will only be used if there isn't an entry for these names in the +config file, so you can override these defaults. +.Pp +.Fn krb5_425_conv_principal +will call +.Fn krb5_425_conv_principal_ext +with +.Dv NULL +as +.Fa func , +and the value of +.Li v4_instance_resolve +(from the +.Li libdefaults +section) as +.Fa resolve . +.Pp +.Fn krb5_524_conv_principal +basically does the opposite of +.Fn krb5_425_conv_principal , +it just doesn't have to look up any names, but will instead truncate +instances found to belong to a host principal. The +.Fa name , +.Fa instance , +and +.Fa realm +should be at least 40 characters long. + +.Sh EXAMPLES + +Since this is confusing an example is in place. +.Pp +Assume that we have the +.Dq foo.com , +and +.Dq bar.com +domains that have shared a single version 4 realm, FOO.COM. The version 4 +.Pa krb.realms +file looked like: +.Bd -literal -offset indent +foo.com FOO.COM +\&.foo.com FOO.COM +\&.bar.com FOO.COM +.Ed +.Pp +A +.Pa krb5.conf +file that covers this case might look like: +.Bd -literal -offset indent +[libdefaults] + v4_instance_resolve = yes +[realms] + FOO.COM = { + kdc = kerberos.foo.com + v4_instance_convert = { + foo = foo.com + } + v4_domains = foo.com + } +.Ed +.Pp +With this setup and the following host table: +.Bd -literal -offset indent +foo.com +a-host.foo.com +b-host.bar.com +.Ed +the following conversions will be made: +.Bd -literal -offset indent +rcmd.a-host \(-> host/a-host.foo.com +ftp.b-host \(-> ftp/b-host.bar.com +pop.foo \(-> pop/foo.com +ftp.other \(-> ftp/other.foo.com +other.a-host \(-> other/a-host +.Ed +.Pp +The first three are what you expect. If you remove the +.Dq v4_domains , +the fourth entry will result in an error (since the host +.Dq other +can't be found). Even if +.Dq a-host +is a valid host name, the last entry will not be converted, since the +.Dq other +name is not known to represent a host-type principal. +If you turn off +.Dq v4_instance_resolve +the second example will result in +.Dq ftp/b-host.foo.com +(because of the default domain). And all of this is of course only +valid if you have working name resolving. + +.Sh SEE ALSO +.Xr krb5_build_principal 3 , +.Xr krb5_free_principal 3 , +.Xr krb5_parse_name 3 , +.Xr krb5_sname_to_principal 3 , +.Xr krb5_unparse_name 3 , +.Xr krb5.conf 5 diff --git a/crypto/heimdal/lib/krb5/krb5_build_principal.3 b/crypto/heimdal/lib/krb5/krb5_build_principal.3 new file mode 100644 index 0000000..16ccf72 --- /dev/null +++ b/crypto/heimdal/lib/krb5/krb5_build_principal.3 @@ -0,0 +1,78 @@ +.\" Copyright (c) 1997 Kungliga Tekniska Högskolan +.\" $Id: krb5_build_principal.3,v 1.1 1997/08/14 00:03:16 joda Exp $ +.Dd August 8, 1997 +.Dt KRB5_BUILD_PRINCIPAL 3 +.Os HEIMDAL +.Sh NAME +.Nm krb5_build_principal , +.Nm krb5_build_principal_ext , +.Nm krb5_build_principal_va , +.Nm krb5_build_principal_va_ext , +.Nm krb5_make_principal +.Nd Principal creation functions + +.Sh SYNOPSIS +.Fd #include <krb5.h> + +.Ft krb5_error_code +.Fn krb5_build_principal "krb5_context context" "krb5_principal *principal" "int realm_len" "krb5_const_realm realm" "..." + +.Ft krb5_error_code +.Fn krb5_build_principal_ext "krb5_context context" "krb5_principal *principal" "int realm_len" "krb5_const_realm realm" "..." + +.Ft krb5_error_code +.Fn krb5_build_principal_va "krb5_context context" "krb5_principal *principal" "int realm_len" "krb5_const_realm realm" "va_list ap" + +.Ft krb5_error_code +.Fn krb5_build_principal_va_ext "krb5_context context" "krb5_principal *principal" "int realm_len" "krb5_const_realm realm" "va_list ap" + +.Ft krb5_error_code +.Fn krb5_make_principal "krb5_context context" "krb5_principal *principal" "krb5_const_realm realm" "..." + + +.Sh DESCRIPTION + +These functions create a Kerberos 5 principal from a realm and a list +of components. +All of these functions return an allocated principal in the +.Fa principal +parameter, this should be freed with +.Fn krb5_free_principal +after use. +.Pp +The +.Dq build +functions take a +.Fa realm +and the length of the realm. The +.Fn krb5_build_principal +and +.Fn krb5_build_principal_va +also takes a list of components (zero-terminated strings), terminated +with +.Dv NULL . +The +.Fn krb5_build_principal_ext +and +.Fn krb5_build_principal_va_ext +takes a list of length-value pairs, the list is terminated with a zero +length. +.Pp +The +.Fn krb5_make_principal +is a wrapper around +.Fn krb5_build_principal . +If the realm is +.Dv NULL , +the default realm will be used. + +.Sh BUGS +You can not have a NUL in a component. Until someone can give a good +example of where it would be a good idea to have NUL's in a component, +this will not be fixed. +.Sh SEE ALSO +.Xr krb5_425_conv_principal 3 , +.Xr krb5_free_principal 3 , +.Xr krb5_parse_name 3 , +.Xr krb5_sname_to_principal 3 , +.Xr krb5_unparse_name 3 diff --git a/crypto/heimdal/lib/krb5/krb5_create_checksum.3 b/crypto/heimdal/lib/krb5/krb5_create_checksum.3 new file mode 100644 index 0000000..e2362a9 --- /dev/null +++ b/crypto/heimdal/lib/krb5/krb5_create_checksum.3 @@ -0,0 +1,68 @@ +.\" Copyright (c) 1999 Kungliga Tekniska Högskolan +.\" $Id: krb5_create_checksum.3,v 1.1 1999/04/18 13:47:11 joda Exp $ +.Dd April 7, 1999 +.Dt NAME 3 +.Os HEIMDAL +.Sh NAME +.Nm krb5_checksum_is_collision_proof , +.Nm krb5_checksum_is_keyed , +.Nm krb5_checksumsize , +.Nm krb5_create_checksum , +.Nm krb5_verify_checksum +.Nd creates and verifies checksums +.Sh SYNOPSIS +.Fd #include <krb5.h> + +.Ft krb5_error_code +.Fn krb5_create_checksum "krb5_context context" "krb5_crypto crypto" "unsigned usage_or_type" "void *data" "size_t len" "Checksum *result" + +.Ft krb5_error_code +.Fn krb5_verify_checksum "krb5_context context" "krb5_crypto crypto" "krb5_key_usage usage" "void *data" "size_t len" "Checksum *cksum" + +.Ft krb5_boolean +.Fn krb5_checksum_is_collision_proof "krb5_context context" "krb5_cksumtype type" + +.Ft krb5_boolean +.Fn krb5_checksum_is_keyed "krb5_context context" "krb5_cksumtype type" + +.Sh DESCRIPTION +These functions are used to create and verify checksums. +.Fn krb5_create_checksum +creates a checksum of the specified data, and puts it in +.Fa result . +If +.Fa crypto +is +.Dv NULL , +.Fa usage_or_type +specifies the checksum type to use; it must not be keyed. Otherwise +.Fa crypto +is an encryption context created by +.Fn krb5_crypto_init , +and +.Fa usage_or_type +specifies a key-usage. +.Pp +.Fn krb5_verify_checksum +verifies the +.Fa checksum , +against the provided data. +.Pp +.Fn krb5_checksum_is_collision_proof +returns true is the specified checksum is collision proof (that it's +very unlikely that two strings has the same hash value, and that it's +hard to find two strings that has the same hash). Examples of +collision proof checksums are MD5, and SHA1, while CRC32 is not. +.Pp +.Fn krb5_checksum_is_keyed +returns true if the specified checksum type is keyed (that the hash +value is a function of both the data, and a separate key). Examples of +keyed hash algorithms are HMAC-SHA1-DES3, and RSA-MD5-DES. The +.Dq plain +hash functions MD5, and SHA1 are not keyed. + +.\" .Sh EXAMPLE +.\" .Sh BUGS +.Sh SEE ALSO +.Xr krb5_crypto_init 3 , +.Xr krb5_encrypt 3 diff --git a/crypto/heimdal/lib/krb5/krb5_crypto_init.3 b/crypto/heimdal/lib/krb5/krb5_crypto_init.3 new file mode 100644 index 0000000..29db8c1 --- /dev/null +++ b/crypto/heimdal/lib/krb5/krb5_crypto_init.3 @@ -0,0 +1,41 @@ +.\" Copyright (c) 1999 Kungliga Tekniska Högskolan +.\" $Id: krb5_crypto_init.3,v 1.1 1999/04/18 13:47:21 joda Exp $ +.Dd April 7, 1999 +.Dt NAME 3 +.Os HEIMDAL +.Sh NAME +.Nm krb5_crypto_init , +.Nm krb5_crypto_destroy +.Nd initialize encryption context +.Sh SYNOPSIS +.Fd #include <krb5.h> + +.Ft krb5_error_code +.Fn krb5_crypto_init "krb5_context context" "krb5_keyblock *key" "krb5_enctype enctype" "krb5_crypto *crypto" + +.Ft krb5_error_code +.Fn krb5_crypto_destroy "krb5_context context" "krb5_crypto crypto" + +.Sh DESCRIPTION +These functions are used to initialize an encryption context that can +be used to encrypt or checksum data. +.Pp +The +.Fn krb5_crypt_init +initializes the encrytion context +.Fa crypto . +The +.Fa key +parameter is the key to use for encryption, and checksums. The +encryption type to use is taken from the key, but can be overridden +with the +.Fa enctype parameter . +.Pp +.Fn krb5_crypto_destroy +frees a previously allocated encrypion context. + +.\" .Sh EXAMPLE +.\" .Sh BUGS +.Sh SEE ALSO +.Xr krb5_create_checksum 3 , +.Xr krb5_encrypt 3 diff --git a/crypto/heimdal/lib/krb5/krb5_encrypt.3 b/crypto/heimdal/lib/krb5/krb5_encrypt.3 new file mode 100644 index 0000000..d8cc89e --- /dev/null +++ b/crypto/heimdal/lib/krb5/krb5_encrypt.3 @@ -0,0 +1,60 @@ +.\" Copyright (c) 1999 Kungliga Tekniska Högskolan +.\" $Id: krb5_encrypt.3,v 1.1 1999/04/18 13:47:30 joda Exp $ +.Dd April 7, 1999 +.Dt KRB5_ENCRYPT 3 +.Os HEIMDAL +.Sh NAME +.Nm krb5_decrypt , +.Nm krb5_decrypt_EncryptedData , +.Nm krb5_encrypt , +.Nm krb5_encrypt_EncryptedData +.Nd encrypt and decrypt data +.Sh SYNOPSIS +.Fd #include <krb5.h> + +.Ft krb5_error_code +.Fn krb5_encrypt "krb5_context context" "krb5_crypto crypto" "unsigned usage" "void *data" "size_t len" "krb5_data *result" + +.Ft krb5_error_code +.Fn krb5_encrypt_EncryptedData "krb5_context context" "krb5_crypto crypto" "unsigned usage" "void *data" "size_t len" "int kvno" "EncryptedData *result" + +.Ft krb5_error_code +.Fn krb5_decrypt "krb5_context context" "krb5_crypto crypto" "unsigned usage" "void *data" "size_t len" "krb5_data *result" + +.Ft krb5_error_code +.Fn krb5_decrypt_EncryptedData "krb5_context context" "krb5_crypto crypto" "unsigned usage" "EncryptedData *e" "krb5_data *result" + +.Sh DESCRIPTION +These functions are used to encrypt and decrypt data. +.Pp +.Fn krb5_encrypt +puts the encrypted version of +.Fa data +(of size +.Fa len ) +in +.Fa result . +If the encryption type supports using derived keys, +.Fa usage +should be the appropriate key-usage. +.Fn krb5_encrypt_EncryptedData +does the same as +.Fn krb5_encrypt , +but it puts the encrypted data in a +.Fa EncryptedData +structure instead. If +.Fa kvno +is not zero, it will be put in the +.Fa kvno field in the +.Fa EncryptedData . +.Pp +.Fn krb5_decrypt , +and +.Fn krb5_decrypt_EncryptedData +works similarly. + +.\" .Sh EXAMPLE +.\" .Sh BUGS +.Sh SEE ALSO +.Xr krb5_crypto_init 3 , +.Xr krb5_create_checksum 3 diff --git a/crypto/heimdal/lib/krb5/krb5_err.et b/crypto/heimdal/lib/krb5/krb5_err.et new file mode 100644 index 0000000..e8779df --- /dev/null +++ b/crypto/heimdal/lib/krb5/krb5_err.et @@ -0,0 +1,215 @@ +# +# Error messages for the krb5 library +# +# This might look like a com_err file, but is not +# +id "$Id: krb5_err.et,v 1.7 1999/02/11 21:03:40 joda Exp $" + +error_table krb5 + +prefix KRB5KDC_ERR +error_code NONE, "No error" +error_code NAME_EXP, "Client's entry in database has expired" +error_code SERVICE_EXP, "Server's entry in database has expired" +error_code BAD_PVNO, "Requested protocol version not supported" +error_code C_OLD_MAST_KVNO, "Client's key is encrypted in an old master key" +error_code S_OLD_MAST_KVNO, "Server's key is encrypted in an old master key" +error_code C_PRINCIPAL_UNKNOWN, "Client not found in Kerberos database" +error_code S_PRINCIPAL_UNKNOWN, "Server not found in Kerberos database" +error_code PRINCIPAL_NOT_UNIQUE,"Principal has multiple entries in Kerberos database" +error_code NULL_KEY, "Client or server has a null key" +error_code CANNOT_POSTDATE, "Ticket is ineligible for postdating" +error_code NEVER_VALID, "Requested effective lifetime is negative or too short" +error_code POLICY, "KDC policy rejects request" +error_code BADOPTION, "KDC can't fulfill requested option" +error_code ETYPE_NOSUPP, "KDC has no support for encryption type" +error_code SUMTYPE_NOSUPP, "KDC has no support for checksum type" +error_code PADATA_TYPE_NOSUPP, "KDC has no support for padata type" +error_code TRTYPE_NOSUPP, "KDC has no support for transited type" +error_code CLIENT_REVOKED, "Clients credentials have been revoked" +error_code SERVICE_REVOKED, "Credentials for server have been revoked" +error_code TGT_REVOKED, "TGT has been revoked" +error_code CLIENT_NOTYET, "Client not yet valid - try again later" +error_code SERVICE_NOTYET, "Server not yet valid - try again later" +error_code KEY_EXPIRED, "Password has expired" +error_code PREAUTH_FAILED, "Preauthentication failed" +error_code PREAUTH_REQUIRED, "Additional pre-authentication required" +error_code SERVER_NOMATCH, "Requested server and ticket don't match" + +# 27-30 are reserved +index 31 +prefix KRB5KRB_AP +error_code ERR_BAD_INTEGRITY, "Decrypt integrity check failed" +error_code ERR_TKT_EXPIRED, "Ticket expired" +error_code ERR_TKT_NYV, "Ticket not yet valid" +error_code ERR_REPEAT, "Request is a replay" +error_code ERR_NOT_US, "The ticket isn't for us" +error_code ERR_BADMATCH, "Ticket/authenticator don't match" +error_code ERR_SKEW, "Clock skew too great" +error_code ERR_BADADDR, "Incorrect net address" +error_code ERR_BADVERSION, "Protocol version mismatch" +error_code ERR_MSG_TYPE, "Invalid message type" +error_code ERR_MODIFIED, "Message stream modified" +error_code ERR_BADORDER, "Message out of order" +error_code ERR_ILL_CR_TKT, "Illegal cross-realm ticket" +error_code ERR_BADKEYVER, "Key version is not available" +error_code ERR_NOKEY, "Service key not available" +error_code ERR_MUT_FAIL, "Mutual authentication failed" +error_code ERR_BADDIRECTION, "Incorrect message direction" +error_code ERR_METHOD, "Alternative authentication method required" +error_code ERR_BADSEQ, "Incorrect sequence number in message" +error_code ERR_INAPP_CKSUM, "Inappropriate type of checksum in message" +error_code PATH_NOT_ACCEPTED, "Policy rejects transited path" + +prefix KRB5KRB_ERR +error_code RESPONSE_TOO_BIG, "Response too big for UDP, retry with TCP" +# 53-59 are reserved +index 60 +error_code GENERIC, "Generic error (see e-text)" +error_code FIELD_TOOLONG, "Field is too long for this implementation" + +# 62-127 are reserved +index 128 +prefix +error_code KRB5_ERR_RCSID, "$Id: krb5_err.et,v 1.7 1999/02/11 21:03:40 joda Exp $" + +error_code KRB5_LIBOS_BADLOCKFLAG, "Invalid flag for file lock mode" +error_code KRB5_LIBOS_CANTREADPWD, "Cannot read password" +error_code KRB5_LIBOS_BADPWDMATCH, "Password mismatch" +error_code KRB5_LIBOS_PWDINTR, "Password read interrupted" + +error_code KRB5_PARSE_ILLCHAR, "Illegal character in component name" +error_code KRB5_PARSE_MALFORMED, "Malformed representation of principal" + +error_code KRB5_CONFIG_CANTOPEN, "Can't open/find configuration file" +error_code KRB5_CONFIG_BADFORMAT, "Improper format of configuration file" +error_code KRB5_CONFIG_NOTENUFSPACE, "Insufficient space to return complete information" + +error_code KRB5_BADMSGTYPE, "Invalid message type specified for encoding" + +error_code KRB5_CC_BADNAME, "Credential cache name malformed" +error_code KRB5_CC_UNKNOWN_TYPE, "Unknown credential cache type" +error_code KRB5_CC_NOTFOUND, "Matching credential not found" +error_code KRB5_CC_END, "End of credential cache reached" + +error_code KRB5_NO_TKT_SUPPLIED, "Request did not supply a ticket" + +error_code KRB5KRB_AP_WRONG_PRINC, "Wrong principal in request" +error_code KRB5KRB_AP_ERR_TKT_INVALID, "Ticket has invalid flag set" + +error_code KRB5_PRINC_NOMATCH, "Requested principal and ticket don't match" +error_code KRB5_KDCREP_MODIFIED, "KDC reply did not match expectations" +error_code KRB5_KDCREP_SKEW, "Clock skew too great in KDC reply" +error_code KRB5_IN_TKT_REALM_MISMATCH, "Client/server realm mismatch in initial ticket request" + +error_code KRB5_PROG_ETYPE_NOSUPP, "Program lacks support for encryption type" +error_code KRB5_PROG_KEYTYPE_NOSUPP, "Program lacks support for key type" +error_code KRB5_WRONG_ETYPE, "Requested encryption type not used in message" +error_code KRB5_PROG_SUMTYPE_NOSUPP, "Program lacks support for checksum type" + +error_code KRB5_REALM_UNKNOWN, "Cannot find KDC for requested realm" +error_code KRB5_SERVICE_UNKNOWN, "Kerberos service unknown" +error_code KRB5_KDC_UNREACH, "Cannot contact any KDC for requested realm" +error_code KRB5_NO_LOCALNAME, "No local name found for principal name" + +error_code KRB5_MUTUAL_FAILED, "Mutual authentication failed" + +# some of these should be combined/supplanted by system codes + +error_code KRB5_RC_TYPE_EXISTS, "Replay cache type is already registered" +error_code KRB5_RC_MALLOC, "No more memory to allocate (in replay cache code)" +error_code KRB5_RC_TYPE_NOTFOUND, "Replay cache type is unknown" +error_code KRB5_RC_UNKNOWN, "Generic unknown RC error" +error_code KRB5_RC_REPLAY, "Message is a replay" +error_code KRB5_RC_IO, "Replay I/O operation failed XXX" +error_code KRB5_RC_NOIO, "Replay cache type does not support non-volatile storage" +error_code KRB5_RC_PARSE, "Replay cache name parse/format error" + +error_code KRB5_RC_IO_EOF, "End-of-file on replay cache I/O" +error_code KRB5_RC_IO_MALLOC, "No more memory to allocate (in replay cache I/O code)" +error_code KRB5_RC_IO_PERM, "Permission denied in replay cache code" +error_code KRB5_RC_IO_IO, "I/O error in replay cache i/o code" +error_code KRB5_RC_IO_UNKNOWN, "Generic unknown RC/IO error" +error_code KRB5_RC_IO_SPACE, "Insufficient system space to store replay information" + +error_code KRB5_TRANS_CANTOPEN, "Can't open/find realm translation file" +error_code KRB5_TRANS_BADFORMAT, "Improper format of realm translation file" + +error_code KRB5_LNAME_CANTOPEN, "Can't open/find lname translation database" +error_code KRB5_LNAME_NOTRANS, "No translation available for requested principal" +error_code KRB5_LNAME_BADFORMAT, "Improper format of translation database entry" + +error_code KRB5_CRYPTO_INTERNAL, "Cryptosystem internal error" + +error_code KRB5_KT_BADNAME, "Key table name malformed" +error_code KRB5_KT_UNKNOWN_TYPE, "Unknown Key table type" +error_code KRB5_KT_NOTFOUND, "Key table entry not found" +error_code KRB5_KT_END, "End of key table reached" +error_code KRB5_KT_NOWRITE, "Cannot write to specified key table" +error_code KRB5_KT_IOERR, "Error writing to key table" + +error_code KRB5_NO_TKT_IN_RLM, "Cannot find ticket for requested realm" +error_code KRB5DES_BAD_KEYPAR, "DES key has bad parity" +error_code KRB5DES_WEAK_KEY, "DES key is a weak key" + +error_code KRB5_BAD_ENCTYPE, "Bad encryption type" +error_code KRB5_BAD_KEYSIZE, "Key size is incompatible with encryption type" +error_code KRB5_BAD_MSIZE, "Message size is incompatible with encryption type" + +error_code KRB5_CC_TYPE_EXISTS, "Credentials cache type is already registered." +error_code KRB5_KT_TYPE_EXISTS, "Key table type is already registered." + +error_code KRB5_CC_IO, "Credentials cache I/O operation failed XXX" +error_code KRB5_FCC_PERM, "Credentials cache file permissions incorrect" +error_code KRB5_FCC_NOFILE, "No credentials cache file found" +error_code KRB5_FCC_INTERNAL, "Internal file credentials cache error" +error_code KRB5_CC_WRITE, "Error writing to credentials cache file" +error_code KRB5_CC_NOMEM, "No more memory to allocate (in credentials cache code)" +error_code KRB5_CC_FORMAT, "Bad format in credentials cache" + +# errors for dual tgt library calls +error_code KRB5_INVALID_FLAGS, "Invalid KDC option combination (library internal error)" +error_code KRB5_NO_2ND_TKT, "Request missing second ticket" + +error_code KRB5_NOCREDS_SUPPLIED, "No credentials supplied to library routine" + +# errors for sendauth (and recvauth) + +error_code KRB5_SENDAUTH_BADAUTHVERS, "Bad sendauth version was sent" +error_code KRB5_SENDAUTH_BADAPPLVERS, "Bad application version was sent (via sendauth)" +error_code KRB5_SENDAUTH_BADRESPONSE, "Bad response (during sendauth exchange)" +error_code KRB5_SENDAUTH_REJECTED, "Server rejected authentication (during sendauth exchange)" + +# errors for preauthentication + +error_code KRB5_PREAUTH_BAD_TYPE, "Unsupported preauthentication type" +error_code KRB5_PREAUTH_NO_KEY, "Required preauthentication key not supplied" +error_code KRB5_PREAUTH_FAILED, "Generic preauthentication failure" + +# version number errors + +error_code KRB5_RCACHE_BADVNO, "Unsupported replay cache format version number" +error_code KRB5_CCACHE_BADVNO, "Unsupported credentials cache format version number" +error_code KRB5_KEYTAB_BADVNO, "Unsupported key table format version number" + +# +# + +error_code KRB5_PROG_ATYPE_NOSUPP, "Program lacks support for address type" +error_code KRB5_RC_REQUIRED, "Message replay detection requires rcache parameter" +error_code KRB5_ERR_BAD_HOSTNAME, "Hostname cannot be canonicalized" +error_code KRB5_ERR_HOST_REALM_UNKNOWN, "Cannot determine realm for host" +error_code KRB5_SNAME_UNSUPP_NAMETYPE, "Conversion to service principal undefined for name type" + +error_code KRB5KRB_AP_ERR_V4_REPLY, "Initial Ticket response appears to be Version 4" +error_code KRB5_REALM_CANT_RESOLVE, "Cannot resolve KDC for requested realm" +error_code KRB5_TKT_NOT_FORWARDABLE, "Requesting ticket can't get forwardable tickets" +error_code KRB5_FWD_BAD_PRINCIPAL, "Bad principal name while trying to forward credentials" + +error_code KRB5_GET_IN_TKT_LOOP, "Looping detected inside krb5_get_in_tkt" +error_code KRB5_CONFIG_NODEFREALM, "Configuration file does not specify default realm" + +error_code KRB5_SAM_UNSUPPORTED, "Bad SAM flags in obtain_sam_padata" +error_code KRB5_KT_NAME_TOOLONG, "Keytab name too long" + +end diff --git a/crypto/heimdal/lib/krb5/krb5_free_principal.3 b/crypto/heimdal/lib/krb5/krb5_free_principal.3 new file mode 100644 index 0000000..ba5888a --- /dev/null +++ b/crypto/heimdal/lib/krb5/krb5_free_principal.3 @@ -0,0 +1,30 @@ +.\" Copyright (c) 1997 Kungliga Tekniska Högskolan +.\" $Id: krb5_free_principal.3,v 1.1 1997/08/14 00:03:17 joda Exp $ +.Dd August 8, 1997 +.Dt KRB5_FREE_PRINCIPAL 3 +.Os HEIMDAL +.Sh NAME +.Nm krb5_free_principal +.Nd Principal free function + +.Sh SYNOPSIS +.Fd #include <krb5.h> + +.Ft void +.Fn krb5_free_principal "krb5_context context" "krb5_principal principal" + +.Sh DESCRIPTION + +The +.Fn krb5_free_principal +will free a principal that has been created with +.Fn krb5_build_principal , +.Fn krb5_parse_name , +or with some other function. + +.Sh SEE ALSO +.Xr krb5_425_conv_principal 3 , +.Xr krb5_build_principal 3 , +.Xr krb5_parse_name 3 , +.Xr krb5_sname_to_principal 3 , +.Xr krb5_unparse_name 3 diff --git a/crypto/heimdal/lib/krb5/krb5_locl.h b/crypto/heimdal/lib/krb5/krb5_locl.h new file mode 100644 index 0000000..b7093b1 --- /dev/null +++ b/crypto/heimdal/lib/krb5/krb5_locl.h @@ -0,0 +1,136 @@ +/* + * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: krb5_locl.h,v 1.63 1999/12/02 17:05:11 joda Exp $ */ + +#ifndef __KRB5_LOCL_H__ +#define __KRB5_LOCL_H__ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + +#include <errno.h> +#include <ctype.h> +#include <string.h> +#include <stdio.h> +#include <stdlib.h> + +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif +#ifdef HAVE_FCNTL_H +#include <fcntl.h> +#endif + +#if defined(HAVE_SYS_IOCTL_H) && SunOS != 40 +#include <sys/ioctl.h> +#endif +#ifdef HAVE_PWD_H +#include <pwd.h> +#endif + +#ifdef HAVE_SYS_PARAM_H +#include <sys/param.h> +#endif +#include <time.h> +#ifdef HAVE_SYS_TIME_H +#include <sys/time.h> +#endif +#ifdef HAVE_SYS_SELECT_H +#include <sys/select.h> +#endif +#ifdef HAVE_SYS_SOCKET_H +#include <sys/socket.h> +#endif +#ifdef HAVE_NETINET_IN_H +#include <netinet/in.h> +#endif +#ifdef HAVE_NETINET_IN6_H +#include <netinet/in6.h> +#endif +#ifdef HAVE_NETINET6_IN6_H +#include <netinet6/in6.h> +#endif +#ifdef HAVE_NETDB_H +#include <netdb.h> +#endif +#ifdef _AIX +struct ether_addr; +struct mbuf; +struct sockaddr_dl; +#endif +#ifdef HAVE_ARPA_INET_H +#include <arpa/inet.h> +#endif +#ifdef HAVE_ARPA_NAMESER_H +#include <arpa/nameser.h> +#endif +#ifdef HAVE_SYS_UIO_H +#include <sys/uio.h> +#endif +#ifdef HAVE_SYS_FILIO_H +#include <sys/filio.h> +#endif +#include <roken.h> +#include <parse_time.h> +#include <base64.h> + +#include <des.h> +#include <md4.h> +#include <md5.h> +#include <sha.h> +#include <rc4.h> + +#include <asn1.h> +#include <der.h> + +#include <krb5.h> +#include <krb5_err.h> +#include <asn1_err.h> +#include <krb5-private.h> + +#define ALLOC(X, N) (X) = calloc((N), sizeof(*(X))) +#define ALLOC_SEQ(X, N) do { (X)->len = (N); ALLOC((X)->val, (N)); } while(0) + +/* should this be public? */ +#define KEYTAB_DEFAULT "FILE:/etc/krb5.keytab" + +#ifndef O_BINARY +#define O_BINARY 0 +#endif + +#endif /* __KRB5_LOCL_H__ */ diff --git a/crypto/heimdal/lib/krb5/krb5_openlog.3 b/crypto/heimdal/lib/krb5/krb5_openlog.3 new file mode 100644 index 0000000..87040ba --- /dev/null +++ b/crypto/heimdal/lib/krb5/krb5_openlog.3 @@ -0,0 +1,225 @@ +.\" Copyright (c) 1997 Kungliga Tekniska Högskolan +.\" $Id: krb5_openlog.3,v 1.4 1999/04/07 14:06:32 joda Exp $ +.Dd August 6, 1997 +.Dt KRB5_OPENLOG 3 +.Os HEIMDAL +.Sh NAME +.Nm krb5_initlog , +.Nm krb5_openlog , +.Nm krb5_closelog , +.Nm krb5_addlog_dest , +.Nm krb5_addlog_func , +.Nm krb5_log , +.Nm krb5_vlog , +.Nm krb5_log_msg , +.Nm krb5_vlog_msg +.Nd Heimdal logging functions +.Sh SYNOPSIS +.Fd #include <krb5.h> + +.\" ouch! +.ds xx \\*(fP\fR(\fP\\*(lI*\\*(fP +.ds xy \fR)\|\fP +.Fn "\\*(lItypedef void \\*(xxkrb5_log_log_func_t\\*(xy" "const char *time" "const char *message" "void *data" +.Fn "\\*(lItypedef void \\*(xxkrb5_log_close_func_t\\*(xy" "void *data" + +.Ft krb5_error_code +.Fn krb5_addlog_dest "krb5_context context" "krb5_log_facility *facility" "const char *destination" + +.Ft krb5_error_code +.Fn krb5_addlog_func "krb5_context context" "krb5_log_facility *facility" "int min" "int max" "krb5_log_log_func_t log" "krb5_log_close_func_t close" "void *data" + +.Ft krb5_error_code +.Fn krb5_closelog "krb5_context context" "krb5_log_facility *facility" + +.Ft krb5_error_code +.Fn krb5_initlog "krb5_context context" "const char *program" "krb5_log_facility **facility" + +.Ft krb5_error_code +.Fn krb5_log "krb5_context context" "krb5_log_facility *facility" "int level" "const char *format" "..." + +.Ft krb5_error_code +.Fn krb5_log_msg "krb5_context context" "krb5_log_facility *facility" "char **reply" "int level" "const char *format" "..." + +.Ft krb5_error_code +.Fn krb5_openlog "krb5_context context" "const char *program" "krb5_log_facility **facility" + +.Ft krb5_error_code +.Fn krb5_vlog "krb5_context context" "krb5_log_facility *facility" "int level" "const char *format" "va_list arglist" + +.Ft krb5_error_code +.Fn krb5_vlog_msg "krb5_context context" "krb5_log_facility *facility" "char **reply" "int level" "const char *format" "va_list arglist" + +.Sh DESCRIPTION +These functions logs messages to one or more destinations. +.Pp +The +.Fn krb5_openlog +function creates a logging +.Fa facility , +that is used to log messages. A facility consists of one or more +destinations (which can be files or syslog or some other device). The +.Fa program +parameter should be the generic name of the program that is doing the +logging. This name is used to lookup which destinations to use. This +information is contained in the +.Li logging +section of the +.Pa krb5.conf +configuration file. If no entry is found for +.Fa program , +the entry for +.Li default +is used, or if that is missing too, +.Li SYSLOG +will be used as destination. +.Pp +To close a logging facility, use the +.Fn krb5_closelog +function. +.Pp +To log a message to a facility use one of the functions +.Fn krb5_log , +.Fn krb5_log_msg , +.Fn krb5_vlog , +or +.Fn krb5_vlog_msg . +The functions ending in +.Li _msg +return in +.Fa reply +a pointer to the message that just got logged. This string is allocated, +and should be freed with +.Fn free . +The +.Fa format +is a standard +.Fn printf +style format string (but see the BUGS section). +.Pp + +If you want better control of where things gets logged, you can instead of using +.Fn krb5_openlog +call +.Fn krb5_initlog , +which just initializes a facility, but doesn't define any actual logging +destinations. You can then add destinations with the +.Fn krb5_addlog_dest +and +.Fn krb5_addlog_func +functions. The first of these takes a string specifying a logging +destination, and adds this to the facility. If you want to do some +non-standard logging you can use the +.Fn krb5_addlog_func +function, which takes a function to use when logging. +The +.Fa log +function is called for each message with +.Fa time +being a string specifying the current time, and +.Fa message +the message to log. +.Fa close +is called when the facility is closed. You can pass application specific data in the +.Fa data +parameter. The +.Fa min +and +.Fa max +parameter are the same as in a destination (defined below). To specify a +max of infinity, pass -1. +.Pp +.Fn krb5_openlog +calls +.Fn krb5_initlog +and then calls +.Fn krb5_addlog_dest +for each destination found. + +.Ss Destinations + +The defined destinations (as specified in +.Pa krb5.conf ) +follows: +.Bl -tag -width "xxx" -offset indent +.It Li STDERR +This logs to the program's stderr. +.It Li FILE: Ns Pa /file +.It Li FILE= Ns Pa /file +Log to the specified file. The form using a colon appends to the file, the +form with an equal truncates the file. The truncating form keeps the file +open, while the appending form closes it after each log message (which +makes it possible to rotate logs). The truncating form is mainly for +compatibility with the MIT libkrb5. +.It Li DEVICE= Ns Pa /device +This logs to the specified device, at present this is the same as +.Li FILE:/device . +.It Li CONSOLE +Log to the console, this is the same as +.Li DEVICE=/dev/console . +.It Li SYSLOG Ns Op :priority Ns Op :facility +Send messages to the syslog system, using priority, and facility. To +get the name for one of these, you take the name of the macro passed +to +.Xr syslog 3 , +and remove the leading +.Li LOG_ +.No ( Li LOG_NOTICE +becomes +.Li NOTICE ) . +The default values (as well as the values used for unrecognised +values), are +.Li ERR , +and +.Li AUTH , +respectively. See +.Xr syslog 3 +for a list of priorities and facilities. +.El +.Pp +Each destination may optionally be prepended with a range of logging +levels, specified as +.Li min-max/ . +If the +.Fa level +parameter to +.Fn krb5_log +is within this range (inclusive) the message gets logged to this +destination, otherwise not. Either of the min and max valued may be +omitted, in this case min is assumed to be zero, and max is assumed to be +infinity. If you don't include a dash, both min and max gets set to the +specified value. If no range is specified, all messages gets logged. +.Sh EXAMPLE +.Bd -literal -offset indent +[logging] + kdc = 0/FILE:/var/log/kdc.log + kdc = 1-/SYSLOG:INFO:USER + default = STDERR +.Ed +.Pp +This will log all messages from the +.Nm kdc +program with level 0 to +.Pa /var/log/kdc.log , +other messages will be logged to syslog with priority +.Li LOG_INFO , +and facility +.Li LOG_USER . +All other programs will log all messages to their stderr. +.Sh BUGS +These functions use +.Fn asprintf +to format the message. If your operating system does not have a working +.Fn asprintf , +a replacement will be used. At present this replacement does not handle +some correct conversion specifications (like floating point numbers). Until +this is fixed, the use of these conversions should be avoided. +.Pp +If logging is done to the syslog facility, these functions might not be +thread-safe, depending on the implementation of +.Fn openlog , +and +.Fn syslog . +.Sh SEE ALSO +.Xr syslog 3 , +.Xr krb5.conf 5 diff --git a/crypto/heimdal/lib/krb5/krb5_parse_name.3 b/crypto/heimdal/lib/krb5/krb5_parse_name.3 new file mode 100644 index 0000000..db9236c --- /dev/null +++ b/crypto/heimdal/lib/krb5/krb5_parse_name.3 @@ -0,0 +1,39 @@ +.\" Copyright (c) 1997 Kungliga Tekniska Högskolan +.\" $Id: krb5_parse_name.3,v 1.1 1997/08/14 00:03:17 joda Exp $ +.Dd August 8, 1997 +.Dt KRB5_PARSE_NAME 3 +.Os HEIMDAL +.Sh NAME +.Nm krb5_parse_name +.Nd String to principal conversion + +.Sh SYNOPSIS +.Fd #include <krb5.h> + +.Ft krb5_error_code +.Fn krb5_parse_name "krb5_context context" "const char *name" "krb5_principal *principal" + +.Sh DESCRIPTION + +.Fn krb5_parse_name +converts a string representation of a princpal name to +.Nm krb5_principal . +The +.Fa principal +will point to allocated data that should be freed with +.Fn krb5_free_principal . +.Pp +The string should consist of one or more name components separated with slashes +.Pq Dq / , +optionally followed with an +.Dq @ +and a realm name. A slash or @ may be contained in a name component by +quoting it with a back-slash +.Pq Dq \ . +A realm should not contain slashes or colons. +.Sh SEE ALSO +.Xr krb5_425_conv_principal 3 , +.Xr krb5_build_principal 3 , +.Xr krb5_free_principal 3 , +.Xr krb5_sname_to_principal 3 , +.Xr krb5_unparse_name 3 diff --git a/crypto/heimdal/lib/krb5/krb5_sname_to_principal.3 b/crypto/heimdal/lib/krb5/krb5_sname_to_principal.3 new file mode 100644 index 0000000..aea4150 --- /dev/null +++ b/crypto/heimdal/lib/krb5/krb5_sname_to_principal.3 @@ -0,0 +1,58 @@ +.\" Copyright (c) 1997 Kungliga Tekniska Högskolan +.\" $Id: krb5_sname_to_principal.3,v 1.1 1997/08/14 00:03:18 joda Exp $ +.Dd August 8, 1997 +.Dt KRB5_PRINCIPAL 3 +.Os HEIMDAL +.Sh NAME +.Nm krb5_sname_to_principal , +.Nm krb5_sock_to_principal +.Nd Create a service principal + +.Sh SYNOPSIS +.Fd #include <krb5.h> + +.Ft krb5_error_code +.Fn krb5_sname_to_principal "krb5_context context" "const char *hostname" "const char *sname" "int32_t type" "krb5_principal *principal" + +.Ft krb5_error_code +.Fn krb5_sock_to_principal "krb5_context context" "int socket" "const char *sname" "int32_t type" "krb5_principal *principal" + +.Sh DESCRIPTION + +These functions create a +.Dq service +principal that can, for instance, be used to lookup a key in a keytab. For both these function the +.Fa sname +parameter will be used for the first component of the created principal. If +.Fa sname +is +.Dv NULL , +.Dq host +will be used instead. +.Fn krb5_sname_to_principal +will use the passed +.Fa hostname +for the second component. If type +.Dv KRB5_NT_SRV_HST +this name will be looked up with +.Fn gethostbyname . +If +.Fa hostname is +.Dv NULL , +the local hostname will be used. +.Pp +.Fn krb5_sock_to_principal +will use the +.Dq sockname +of the passed +.Fa socket , +which should be a bound +.Dv AF_INET +socket. + +.Sh SEE ALSO +.Xr krb5_425_conv_principal 3 , +.Xr krb5_build_principal 3 , +.Xr krb5_free_principal 3 , +.Xr krb5_parse_name 3 , +.Xr krb5_unparse_name 3 diff --git a/crypto/heimdal/lib/krb5/krb5_unparse_name.3 b/crypto/heimdal/lib/krb5/krb5_unparse_name.3 new file mode 100644 index 0000000..13277d6 --- /dev/null +++ b/crypto/heimdal/lib/krb5/krb5_unparse_name.3 @@ -0,0 +1,34 @@ +.\" Copyright (c) 1997 Kungliga Tekniska Högskolan +.\" $Id: krb5_unparse_name.3,v 1.1 1997/08/14 00:03:19 joda Exp $ +.Dd August 8, 1997 +.Dt KRB5_UNPARSE_NAME 3 +.Os HEIMDAL +.Sh NAME +.Nm krb5_unparse_name +.\" .Nm krb5_unparse_name_ext +.Nd Principal to string conversion + +.Sh SYNOPSIS +.Fd #include <krb5.h> + +.Ft krb5_error_code +.Fn krb5_unparse_name "krb5_context context" "krb5_principal principal" "char **name" + +.\" .Ft krb5_error_code +.\" .Fn krb5_unparse_name_ext "krb5_context context" "krb5_const_principal principal" "char **name" "size_t *size" + +.Sh DESCRIPTION + +This function takes a +.Fa principal , +and will convert in to a printable representation with the same syntax as decribed in +.Xr krb5_parse_name 3 . +.Fa *name +will point to allocated data and should be freed by the caller. + +.Sh SEE ALSO +.Xr krb5_425_conv_principal 3 , +.Xr krb5_build_principal 3 , +.Xr krb5_free_principal 3 , +.Xr krb5_parse_name 3 , +.Xr krb5_sname_to_principal 3 diff --git a/crypto/heimdal/lib/krb5/krb5_warn.3 b/crypto/heimdal/lib/krb5/krb5_warn.3 new file mode 100644 index 0000000..521da0e --- /dev/null +++ b/crypto/heimdal/lib/krb5/krb5_warn.3 @@ -0,0 +1,73 @@ +.\" Copyright (c) 1997 Kungliga Tekniska Högskolan +.\" $Id: krb5_warn.3,v 1.2 1997/08/08 03:45:55 joda Exp $ +.Dd August 8, 1997 +.Dt KRB5_WARN 3 +.Os HEIMDAL +.Sh NAME +.Nm krb5_warn , +.Nm krb5_warnx , +.Nm krb5_vwarn , +.Nm krb5_vwarnx , +.Nm krb5_err , +.Nm krb5_errx , +.Nm krb5_verr , +.Nm krb5_verrx , +.Nm krb5_set_warn_dest +.Nd Heimdal warning and error functions +.Sh SYNOPSIS +.Fd #include <krb5.h> + +.Ft krb5_error_code +.Fn krb5_err "krb5_context context" "int eval" "krb5_error_code code" "const char *format" "..." + +.Ft krb5_error_code +.Fn krb5_errx "krb5_context context" "int eval" "const char *format" "..." + +.Ft krb5_error_code +.Fn krb5_verr "krb5_context context" "int eval" "krb5_error_code code" "const char *format" "va_list ap" + +.Ft krb5_error_code +.Fn krb5_verrx "krb5_context context" "int eval" "const char *format" "va_list ap" + +.Ft krb5_error_code +.Fn krb5_vwarn "krb5_context context" "krb5_error_code code" "const char *format" "va_list ap" + +.Ft krb5_error_code +.Fn krb5_vwarnx "krb5_context context" "const char *format" "va_list ap" + +.Ft krb5_error_code +.Fn krb5_warn "krb5_context context" "krb5_error_code code" "const char *format" "..." + +.Ft krb5_error_code +.Fn krb5_warnx "krb5_context context" "const char *format" "..." + +.Ft krb5_error_code +.Fn krb5_set_warn_dest "krb5_context context" "krb5_log_facility *facility" + +.Sh DESCRIPTION + +These functions prints a warning message to some destination. +.Fa format +is a printf style format specifying the message to print. The forms not ending in an +.Dq x +prints the error string associated with +.Fa code +along with the message. +The +.Dq err +functions exits with exit status +.Fa eval +after printing the message. +.Pp +The +.Fn krb5_set_warn_func +function sets the destination for warning messages to the specified +.Fa facility . +Messages logged with the +.Dq warn +functions have a log level of 1, while the +.Dq err +functions logs with level 0. + +.Sh SEE ALSO +.Xr krb5_openlog 3 diff --git a/crypto/heimdal/lib/krb5/krbhst.c b/crypto/heimdal/lib/krb5/krbhst.c new file mode 100644 index 0000000..8d5c4e4 --- /dev/null +++ b/crypto/heimdal/lib/krb5/krbhst.c @@ -0,0 +1,196 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" +#include <resolve.h> + +RCSID("$Id: krbhst.c,v 1.23 1999/12/11 23:14:25 assar Exp $"); + +/* + * assuming that `*res' contains `*count' strings, add a copy of `string'. + */ + +static int +add_string(char ***res, int *count, const char *string) +{ + char **tmp = realloc(*res, (*count + 1) * sizeof(**res)); + + if(tmp == NULL) + return ENOMEM; + *res = tmp; + if(string) { + tmp[*count] = strdup(string); + if(tmp[*count] == NULL) + return ENOMEM; + } else + tmp[*count] = NULL; + (*count)++; + return 0; +} + +static krb5_error_code +srv_find_realm(krb5_context context, char ***res, int *count, + const char *realm, const char *proto, const char *service) +{ + char domain[1024]; + char alt_domain[1024]; + krb5_error_code ret; + struct dns_reply *r; + struct resource_record *rr; + + snprintf(domain, sizeof(domain), "_%s._%s.%s.", service, proto, realm); + + r = dns_lookup(domain, "srv"); + if(r == NULL && context->srv_try_rfc2052) { + snprintf(alt_domain, sizeof(alt_domain), "%s.%s.%s.", + service, proto, realm); + r = dns_lookup(alt_domain, "srv"); + } + if(r == NULL && context->srv_try_txt) + r = dns_lookup(domain, "txt"); + if(r == NULL && context->srv_try_rfc2052 && context->srv_try_txt) + r = dns_lookup(alt_domain, "txt"); + if(r == NULL) + return 0; + + for(rr = r->head; rr; rr = rr->next){ + if(rr->type == T_SRV){ + char buf[1024]; + char **tmp; + + tmp = realloc(*res, (*count + 1) * sizeof(**res)); + if (tmp == NULL) + return ENOMEM; + *res = tmp; + snprintf (buf, sizeof(buf), + "%s/%s:%u", + proto, + rr->u.srv->target, + rr->u.srv->port); + ret = add_string(res, count, buf); + if(ret) + return ret; + }else if(rr->type == T_TXT) { + ret = add_string(res, count, rr->u.txt); + if(ret) + return ret; + } + } + dns_free_data(r); + return 0; +} + +/* + * lookup the servers for realm `realm', looking for the config string + * `conf_string' in krb5.conf or for `serv_string' in SRV records. + * return a malloc-ed list of servers in hostlist. + */ + +static krb5_error_code +get_krbhst (krb5_context context, + const krb5_realm *realm, + const char *conf_string, + const char *serv_string, + char ***hostlist) +{ + char **res, **r; + int count; + krb5_error_code ret; + + res = krb5_config_get_strings(context, NULL, + "realms", *realm, conf_string, NULL); + for(r = res, count = 0; r && *r; r++, count++); + + if(context->srv_lookup) { + char *s[] = { "udp", "tcp", "http" }, **q; + for(q = s; q < s + sizeof(s) / sizeof(s[0]); q++) { + ret = srv_find_realm(context, &res, &count, *realm, *q, + serv_string); + if(ret) { + krb5_config_free_strings(res); + return ret; + } + } + } + + if(count == 0) { + char buf[1024]; + snprintf(buf, sizeof(buf), "kerberos.%s", *realm); + ret = add_string(&res, &count, buf); + if(ret) { + krb5_config_free_strings(res); + return ret; + } + } + add_string(&res, &count, NULL); + *hostlist = res; + return 0; +} + +krb5_error_code +krb5_get_krb_admin_hst (krb5_context context, + const krb5_realm *realm, + char ***hostlist) +{ + return get_krbhst (context, realm, "admin_server", "kerberos-adm", + hostlist); +} + +krb5_error_code +krb5_get_krb_changepw_hst (krb5_context context, + const krb5_realm *realm, + char ***hostlist) +{ + return get_krbhst (context, realm, "admin_server", "kpasswd", + hostlist); +} + +krb5_error_code +krb5_get_krbhst (krb5_context context, + const krb5_realm *realm, + char ***hostlist) +{ + return get_krbhst (context, realm, "kdc", "kerberos", hostlist); +} + +krb5_error_code +krb5_free_krbhst (krb5_context context, + char **hostlist) +{ + char **p; + + for (p = hostlist; *p; ++p) + free (*p); + free (hostlist); + return 0; +} diff --git a/crypto/heimdal/lib/krb5/kuserok.c b/crypto/heimdal/lib/krb5/kuserok.c new file mode 100644 index 0000000..ae8ddec --- /dev/null +++ b/crypto/heimdal/lib/krb5/kuserok.c @@ -0,0 +1,108 @@ +/* + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: kuserok.c,v 1.5 1999/12/02 17:05:11 joda Exp $"); + +/* + * Return TRUE iff `principal' is allowed to login as `luser'. + */ + +krb5_boolean +krb5_kuserok (krb5_context context, + krb5_principal principal, + const char *luser) +{ + char buf[BUFSIZ]; + struct passwd *pwd; + FILE *f; + krb5_realm *realms, *r; + krb5_error_code ret; + krb5_boolean b; + + ret = krb5_get_default_realms (context, &realms); + if (ret) + return FALSE; + + for (r = realms; *r != NULL; ++r) { + krb5_principal local_principal; + + ret = krb5_build_principal (context, + &local_principal, + strlen(*r), + *r, + luser, + NULL); + if (ret) { + krb5_free_host_realm (context, realms); + return FALSE; + } + + b = krb5_principal_compare (context, principal, local_principal); + krb5_free_principal (context, local_principal); + if (b) { + krb5_free_host_realm (context, realms); + return TRUE; + } + } + krb5_free_host_realm (context, realms); + + pwd = getpwnam (luser); /* XXX - Should use k_getpwnam? */ + if (pwd == NULL) + return FALSE; + snprintf (buf, sizeof(buf), "%s/.k5login", pwd->pw_dir); + f = fopen (buf, "r"); + if (f == NULL) + return FALSE; + while (fgets (buf, sizeof(buf), f) != NULL) { + krb5_principal tmp; + + if(buf[strlen(buf) - 1] == '\n') + buf[strlen(buf) - 1] = '\0'; + + ret = krb5_parse_name (context, buf, &tmp); + if (ret) { + fclose (f); + return FALSE; + } + b = krb5_principal_compare (context, principal, tmp); + krb5_free_principal (context, tmp); + if (b) { + fclose (f); + return TRUE; + } + } + fclose (f); + return FALSE; +} diff --git a/crypto/heimdal/lib/krb5/log.c b/crypto/heimdal/lib/krb5/log.c new file mode 100644 index 0000000..e1511e2 --- /dev/null +++ b/crypto/heimdal/lib/krb5/log.c @@ -0,0 +1,426 @@ +/* + * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: log.c,v 1.21 1999/12/02 17:05:11 joda Exp $"); + +struct facility { + int min; + int max; + krb5_log_log_func_t log; + krb5_log_close_func_t close; + void *data; +}; + +static struct facility* +log_realloc(krb5_log_facility *f) +{ + struct facility *fp; + f->len++; + fp = realloc(f->val, f->len * sizeof(*f->val)); + if(fp == NULL) + return NULL; + f->val = fp; + fp += f->len - 1; + return fp; +} + +struct s2i{ + char *s; + int val; +}; + +#define L(X) { #X, LOG_ ## X } + +struct s2i syslogvals[] = { + L(EMERG), + L(ALERT), + L(CRIT), + L(ERR), + L(WARNING), + L(NOTICE), + L(INFO), + L(DEBUG), + + L(AUTH), +#ifdef LOG_AUTHPRIV + L(AUTHPRIV), +#endif +#ifdef LOG_CRON + L(CRON), +#endif + L(DAEMON), +#ifdef LOG_FTP + L(FTP), +#endif + L(KERN), + L(LPR), + L(MAIL), +#ifdef LOG_NEWS + L(NEWS), +#endif + L(SYSLOG), + L(USER), +#ifdef LOG_UUCP + L(UUCP), +#endif + L(LOCAL0), + L(LOCAL1), + L(LOCAL2), + L(LOCAL3), + L(LOCAL4), + L(LOCAL5), + L(LOCAL6), + L(LOCAL7), + { NULL, -1 } +}; + +static int +find_value(const char *s, struct s2i *table) +{ + while(table->s && strcasecmp(table->s, s)) + table++; + return table->val; +} + +krb5_error_code +krb5_initlog(krb5_context context, + const char *program, + krb5_log_facility **fac) +{ + krb5_log_facility *f = calloc(1, sizeof(*f)); + if(f == NULL) + return ENOMEM; + f->program = strdup(program); + if(f->program == NULL){ + free(f); + return ENOMEM; + } + *fac = f; + return 0; +} + +krb5_error_code +krb5_addlog_func(krb5_context context, + krb5_log_facility *fac, + int min, + int max, + krb5_log_log_func_t log, + krb5_log_close_func_t close, + void *data) +{ + struct facility *fp = log_realloc(fac); + if(fp == NULL) + return ENOMEM; + fp->min = min; + fp->max = max; + fp->log = log; + fp->close = close; + fp->data = data; + return 0; +} + + +struct syslog_data{ + int priority; +}; + +static void +log_syslog(const char *time, + const char *msg, + void *data) + +{ + struct syslog_data *s = data; + syslog(s->priority, "%s", msg); +} + +static void +close_syslog(void *data) +{ + free(data); + closelog(); +} + +static krb5_error_code +open_syslog(krb5_context context, + krb5_log_facility *facility, int min, int max, + const char *sev, const char *fac) +{ + struct syslog_data *sd = malloc(sizeof(*sd)); + int i; + + if(sd == NULL) + return ENOMEM; + i = find_value(sev, syslogvals); + if(i == -1) + i = LOG_ERR; + sd->priority = i; + i = find_value(fac, syslogvals); + if(i == -1) + i = LOG_AUTH; + sd->priority |= i; + roken_openlog(facility->program, LOG_PID | LOG_NDELAY, i); + return krb5_addlog_func(context, facility, min, max, + log_syslog, close_syslog, sd); +} + +struct file_data{ + char *filename; + char *mode; + FILE *fd; + int keep_open; +}; + +static void +log_file(const char *time, + const char *msg, + void *data) +{ + struct file_data *f = data; + if(f->keep_open == 0) + f->fd = fopen(f->filename, f->mode); + if(f->fd == NULL) + return; + fprintf(f->fd, "%s %s\n", time, msg); + if(f->keep_open == 0) + fclose(f->fd); +} + +static void +close_file(void *data) +{ + struct file_data *f = data; + if(f->keep_open && f->filename) + fclose(f->fd); + free(data); +} + +static krb5_error_code +open_file(krb5_context context, krb5_log_facility *fac, int min, int max, + char *filename, char *mode, FILE *f, int keep_open) +{ + struct file_data *fd = malloc(sizeof(*fd)); + if(fd == NULL) + return ENOMEM; + fd->filename = filename; + fd->mode = mode; + fd->fd = f; + fd->keep_open = keep_open; + + return krb5_addlog_func(context, fac, min, max, log_file, close_file, fd); +} + + + +krb5_error_code +krb5_addlog_dest(krb5_context context, krb5_log_facility *f, const char *p) +{ + krb5_error_code ret = 0; + int min = 0, max = -1, n; + char c; + n = sscanf(p, "%d%c%d/", &min, &c, &max); + if(n == 2){ + if(c == '/') { + if(min < 0){ + max = -min; + min = 0; + }else{ + max = min; + } + } + } + if(n){ + p = strchr(p, '/'); + if(p == NULL) return HEIM_ERR_LOG_PARSE; + p++; + } + if(strcmp(p, "STDERR") == 0){ + ret = open_file(context, f, min, max, NULL, NULL, stderr, 1); + }else if(strcmp(p, "CONSOLE") == 0){ + ret = open_file(context, f, min, max, "/dev/console", "w", NULL, 0); + }else if(strncmp(p, "FILE:", 4) == 0 && (p[4] == ':' || p[4] == '=')){ + char *fn; + FILE *file = NULL; + int keep_open = 0; + fn = strdup(p + 5); + if(fn == NULL) + return ENOMEM; + if(p[4] == '='){ + int i = open(fn, O_WRONLY | O_CREAT | + O_TRUNC | O_APPEND, 0666); + if(i < 0) + return errno; + file = fdopen(i, "a"); + if(file == NULL){ + close(i); + return errno; + } + keep_open = 1; + } + ret = open_file(context, f, min, max, fn, "a", file, keep_open); + }else if(strncmp(p, "DEVICE=", 6) == 0){ + ret = open_file(context, f, min, max, strdup(p + 7), "w", NULL, 0); + }else if(strncmp(p, "SYSLOG", 6) == 0){ + char *severity; + char *facility; + severity = strchr(p, ':'); + if(severity == NULL) + severity = "ERR"; + facility = strchr(severity, ':'); + if(facility == NULL) + facility = "AUTH"; + ret = open_syslog(context, f, min, max, severity, facility); + }else{ + ret = HEIM_ERR_LOG_PARSE; /* XXX */ + } + return ret; +} + + +krb5_error_code +krb5_openlog(krb5_context context, + const char *program, + krb5_log_facility **fac) +{ + krb5_error_code ret; + char **p, **q; + + ret = krb5_initlog(context, program, fac); + if(ret) + return ret; + + p = krb5_config_get_strings(context, NULL, "logging", program, NULL); + if(p == NULL) + p = krb5_config_get_strings(context, NULL, "logging", "default", NULL); + if(p){ + for(q = p; *q; q++) + ret = krb5_addlog_dest(context, *fac, *q); + krb5_config_free_strings(p); + }else + ret = krb5_addlog_dest(context, *fac, "SYSLOG"); + return 0; +} + +krb5_error_code +krb5_closelog(krb5_context context, + krb5_log_facility *fac) +{ + int i; + for(i = 0; i < fac->len; i++) + (*fac->val[i].close)(&fac->val[i].data); + return 0; +} + +#undef __attribute__ +#define __attribute__(X) + +krb5_error_code +krb5_vlog_msg(krb5_context context, + krb5_log_facility *fac, + char **reply, + int level, + const char *fmt, + va_list ap) + __attribute__((format (printf, 5, 0))) +{ + char *msg; + char buf[64]; + time_t t; + int i; + + vasprintf(&msg, fmt, ap); + t = time(NULL); + strftime(buf, sizeof(buf), context->time_fmt, + context->log_utc ? gmtime(&t) : localtime(&t)); + for(i = 0; i < fac->len; i++) + if(fac->val[i].min <= level && + (fac->val[i].max < 0 || fac->val[i].max >= level)) + (*fac->val[i].log)(buf, msg, fac->val[i].data); + *reply = msg; + return 0; +} + +krb5_error_code +krb5_vlog(krb5_context context, + krb5_log_facility *fac, + int level, + const char *fmt, + va_list ap) + __attribute__((format (printf, 4, 0))) +{ + char *msg; + krb5_error_code ret; + + ret = krb5_vlog_msg(context, fac, &msg, level, fmt, ap); + free(msg); + return ret; +} + +krb5_error_code +krb5_log_msg(krb5_context context, + krb5_log_facility *fac, + int level, + char **reply, + const char *fmt, + ...) + __attribute__((format (printf, 5, 6))) +{ + va_list ap; + krb5_error_code ret; + + va_start(ap, fmt); + ret = krb5_vlog_msg(context, fac, reply, level, fmt, ap); + va_end(ap); + return ret; +} + + +krb5_error_code +krb5_log(krb5_context context, + krb5_log_facility *fac, + int level, + const char *fmt, + ...) + __attribute__((format (printf, 4, 5))) +{ + va_list ap; + krb5_error_code ret; + + va_start(ap, fmt); + ret = krb5_vlog(context, fac, level, fmt, ap); + va_end(ap); + return ret; +} + diff --git a/crypto/heimdal/lib/krb5/mcache.c b/crypto/heimdal/lib/krb5/mcache.c new file mode 100644 index 0000000..d45deea --- /dev/null +++ b/crypto/heimdal/lib/krb5/mcache.c @@ -0,0 +1,227 @@ +/* + * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: mcache.c,v 1.10 1999/12/02 17:05:11 joda Exp $"); + +typedef struct krb5_mcache { + krb5_principal primary_principal; + struct link { + krb5_creds cred; + struct link *next; + } *creds; +} krb5_mcache; + +#define MCC_CURSOR(C) ((struct link*)(C)) + +static char* +mcc_get_name(krb5_context context, + krb5_ccache id) +{ + return ""; /* XXX */ +} + +static krb5_error_code +mcc_resolve(krb5_context context, krb5_ccache *id, const char *res) +{ + krb5_abortx(context, "unimplemented mcc_resolve called"); +} + +static krb5_error_code +mcc_gen_new(krb5_context context, krb5_ccache *id) +{ + krb5_mcache *m; + + m = malloc (sizeof(*m)); + if (m == NULL) + return KRB5_CC_NOMEM; + m->primary_principal = NULL; + m->creds = NULL; + (*id)->data.data = m; + (*id)->data.length = sizeof(*m); + return 0; +} + +static krb5_error_code +mcc_initialize(krb5_context context, + krb5_ccache id, + krb5_principal primary_principal) +{ + krb5_error_code ret; + krb5_mcache *m; + + m = (krb5_mcache *)id->data.data; + + ret = krb5_copy_principal (context, + primary_principal, + &m->primary_principal); + if (ret) + return ret; + return 0; +} + +static krb5_error_code +mcc_close(krb5_context context, + krb5_ccache id) +{ + krb5_mcache *m = (krb5_mcache *)id->data.data; + struct link *l; + + krb5_free_principal (context, m->primary_principal); + l = m->creds; + while (l != NULL) { + struct link *old; + + krb5_free_creds_contents (context, &l->cred); + old = l; + l = l->next; + free (old); + } + krb5_data_free(&id->data); + return 0; +} + +static krb5_error_code +mcc_destroy(krb5_context context, + krb5_ccache id) +{ + return 0; +} + +static krb5_error_code +mcc_store_cred(krb5_context context, + krb5_ccache id, + krb5_creds *creds) +{ + krb5_error_code ret; + krb5_mcache *m = (krb5_mcache *)id->data.data; + struct link *l; + + l = malloc (sizeof(*l)); + if (l == NULL) + return KRB5_CC_NOMEM; + l->next = m->creds; + m->creds = l; + memset (&l->cred, 0, sizeof(l->cred)); + ret = krb5_copy_creds_contents (context, creds, &l->cred); + if (ret) { + m->creds = l->next; + free (l); + return ret; + } + return 0; +} + +static krb5_error_code +mcc_get_principal(krb5_context context, + krb5_ccache id, + krb5_principal *principal) +{ + krb5_mcache *m = (krb5_mcache *)id->data.data; + + return krb5_copy_principal (context, + m->primary_principal, + principal); +} + +static krb5_error_code +mcc_get_first (krb5_context context, + krb5_ccache id, + krb5_cc_cursor *cursor) +{ + krb5_mcache *m = (krb5_mcache *)id->data.data; + *cursor = m->creds; + return 0; +} + +static krb5_error_code +mcc_get_next (krb5_context context, + krb5_ccache id, + krb5_cc_cursor *cursor, + krb5_creds *creds) +{ + struct link *l; + + l = *cursor; + if (l != NULL) { + *cursor = l->next; + return krb5_copy_creds_contents (context, + &l->cred, + creds); + } else + return KRB5_CC_END; +} + +static krb5_error_code +mcc_end_get (krb5_context context, + krb5_ccache id, + krb5_cc_cursor *cursor) +{ + return 0; +} + +static krb5_error_code +mcc_remove_cred(krb5_context context, + krb5_ccache id, + krb5_flags which, + krb5_creds *cred) +{ + return 0; /* XXX */ +} + +static krb5_error_code +mcc_set_flags(krb5_context context, + krb5_ccache id, + krb5_flags flags) +{ + return 0; /* XXX */ +} + +const krb5_cc_ops krb5_mcc_ops = { + "MEMORY", + mcc_get_name, + mcc_resolve, + mcc_gen_new, + mcc_initialize, + mcc_destroy, + mcc_close, + mcc_store_cred, + NULL, /* mcc_retrieve */ + mcc_get_principal, + mcc_get_first, + mcc_get_next, + mcc_end_get, + mcc_remove_cred, + mcc_set_flags +}; diff --git a/crypto/heimdal/lib/krb5/misc.c b/crypto/heimdal/lib/krb5/misc.c new file mode 100644 index 0000000..baf63f6 --- /dev/null +++ b/crypto/heimdal/lib/krb5/misc.c @@ -0,0 +1,36 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: misc.c,v 1.5 1999/12/02 17:05:11 joda Exp $"); diff --git a/crypto/heimdal/lib/krb5/mk_error.c b/crypto/heimdal/lib/krb5/mk_error.c new file mode 100644 index 0000000..2b173db --- /dev/null +++ b/crypto/heimdal/lib/krb5/mk_error.c @@ -0,0 +1,124 @@ +/* + * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: mk_error.c,v 1.14 1999/12/02 17:05:11 joda Exp $"); + +krb5_error_code +krb5_mk_error(krb5_context context, + krb5_error_code error_code, + const char *e_text, + const krb5_data *e_data, + const krb5_principal client, + const krb5_principal server, + time_t ctime, + krb5_data *reply) +{ + KRB_ERROR msg; + u_char *buf; + size_t buf_size; + int32_t sec, usec; + size_t len; + krb5_error_code ret = 0; + + krb5_us_timeofday (context, &sec, &usec); + + memset(&msg, 0, sizeof(msg)); + msg.pvno = 5; + msg.msg_type = krb_error; + msg.stime = sec; + msg.susec = usec; + if(ctime) { + msg.ctime = &ctime; + } + /* Make sure we only send `protocol' error codes */ + if(error_code < KRB5KDC_ERR_NONE || error_code >= KRB5_ERR_RCSID) { + if(e_text == NULL) + e_text = krb5_get_err_text(context, error_code); + error_code = KRB5KRB_ERR_GENERIC; + } + msg.error_code = error_code - KRB5KDC_ERR_NONE; + if (e_text) + msg.e_text = (general_string*)&e_text; + if (e_data) + msg.e_data = (octet_string*)e_data; + if(server){ + msg.realm = server->realm; + msg.sname = server->name; + }else{ + msg.realm = "<unspecified realm>"; + } + if(client){ + msg.crealm = &client->realm; + msg.cname = &client->name; + } + + buf_size = 1024; + buf = malloc (buf_size); + if (buf == NULL) + return ENOMEM; + + do { + ret = encode_KRB_ERROR(buf + buf_size - 1, + buf_size, + &msg, + &len); + if (ret) { + if (ret == ASN1_OVERFLOW) { + u_char *tmp; + + buf_size *= 2; + tmp = realloc (buf, buf_size); + if (tmp == NULL) { + ret = ENOMEM; + goto out; + } + buf = tmp; + } else { + goto out; + } + } + } while (ret == ASN1_OVERFLOW); + + reply->length = len; + reply->data = malloc(len); + if (reply->data == NULL) { + ret = ENOMEM; + goto out; + } + memcpy (reply->data, buf + buf_size - len, len); +out: + free (buf); + return ret; +} diff --git a/crypto/heimdal/lib/krb5/mk_priv.c b/crypto/heimdal/lib/krb5/mk_priv.c new file mode 100644 index 0000000..1ee2bed --- /dev/null +++ b/crypto/heimdal/lib/krb5/mk_priv.c @@ -0,0 +1,168 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <krb5_locl.h> + +RCSID("$Id: mk_priv.c,v 1.25 1999/12/02 17:05:11 joda Exp $"); + +/* + * + */ + +krb5_error_code +krb5_mk_priv(krb5_context context, + krb5_auth_context auth_context, + const krb5_data *userdata, + krb5_data *outbuf, + /*krb5_replay_data*/ void *outdata) +{ + krb5_error_code ret; + KRB_PRIV s; + EncKrbPrivPart part; + u_char *buf; + size_t buf_size; + size_t len; + int tmp_seq; + krb5_keyblock *key; + int32_t sec, usec; + KerberosTime sec2; + int usec2; + krb5_crypto crypto; + + /* XXX - Is this right? */ + + if (auth_context->local_subkey) + key = auth_context->local_subkey; + else if (auth_context->remote_subkey) + key = auth_context->remote_subkey; + else + key = auth_context->keyblock; + + krb5_us_timeofday (context, &sec, &usec); + + part.user_data = *userdata; + sec2 = sec; + part.timestamp = &sec2; + usec2 = usec; + part.usec = &usec2; + if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) { + tmp_seq = ++auth_context->local_seqnumber; + part.seq_number = &tmp_seq; + } else { + part.seq_number = NULL; + } + + part.s_address = auth_context->local_address; + part.r_address = auth_context->remote_address; + + buf_size = 1024; + buf = malloc (buf_size); + if (buf == NULL) + return ENOMEM; + + krb5_data_zero (&s.enc_part.cipher); + + do { + ret = encode_EncKrbPrivPart (buf + buf_size - 1, buf_size, + &part, &len); + if (ret) { + if (ret == ASN1_OVERFLOW) { + u_char *tmp; + + buf_size *= 2; + tmp = realloc (buf, buf_size); + if (tmp == NULL) { + ret = ENOMEM; + goto fail; + } + buf = tmp; + } else { + goto fail; + } + } + } while(ret == ASN1_OVERFLOW); + + s.pvno = 5; + s.msg_type = krb_priv; + s.enc_part.etype = key->keytype; + s.enc_part.kvno = NULL; + + krb5_crypto_init(context, key, 0, &crypto); + ret = krb5_encrypt (context, + crypto, + KRB5_KU_KRB_PRIV, + buf + buf_size - len, + len, + &s.enc_part.cipher); + krb5_crypto_destroy(context, crypto); + if (ret) { + free(buf); + return ret; + } + + do { + ret = encode_KRB_PRIV (buf + buf_size - 1, buf_size, &s, &len); + + if (ret){ + if (ret == ASN1_OVERFLOW) { + u_char *tmp; + + buf_size *= 2; + tmp = realloc (buf, buf_size); + if (tmp == NULL) { + ret = ENOMEM; + goto fail; + } + buf = tmp; + } else { + goto fail; + } + } + } while(ret == ASN1_OVERFLOW); + krb5_data_free (&s.enc_part.cipher); + + outbuf->length = len; + outbuf->data = malloc (len); + if (outbuf->data == NULL) { + free(buf); + return ENOMEM; + } + memcpy (outbuf->data, buf + buf_size - len, len); + free (buf); + return 0; + +fail: + free (buf); + krb5_data_free (&s.enc_part.cipher); + return ret; +} diff --git a/crypto/heimdal/lib/krb5/mk_rep.c b/crypto/heimdal/lib/krb5/mk_rep.c new file mode 100644 index 0000000..060be03 --- /dev/null +++ b/crypto/heimdal/lib/krb5/mk_rep.c @@ -0,0 +1,116 @@ +/* + * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <krb5_locl.h> + +RCSID("$Id: mk_rep.c,v 1.16 1999/12/02 17:05:11 joda Exp $"); + +krb5_error_code +krb5_mk_rep(krb5_context context, + krb5_auth_context *auth_context, + krb5_data *outbuf) +{ + krb5_error_code ret; + AP_REP ap; + EncAPRepPart body; + u_char *buf = NULL; + size_t buf_size; + size_t len; + krb5_crypto crypto; + + ap.pvno = 5; + ap.msg_type = krb_ap_rep; + + memset (&body, 0, sizeof(body)); + + body.ctime = (*auth_context)->authenticator->ctime; + body.cusec = (*auth_context)->authenticator->cusec; + body.subkey = NULL; + if ((*auth_context)->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) { + krb5_generate_seq_number (context, + (*auth_context)->keyblock, + &(*auth_context)->local_seqnumber); + body.seq_number = malloc (sizeof(*body.seq_number)); + if (body.seq_number == NULL) + return ENOMEM; + *(body.seq_number) = (*auth_context)->local_seqnumber; + } else + body.seq_number = NULL; + + ap.enc_part.etype = (*auth_context)->keyblock->keytype; + ap.enc_part.kvno = NULL; + + buf_size = length_EncAPRepPart(&body); + buf = malloc (buf_size); + if (buf == NULL) { + free_EncAPRepPart (&body); + return ENOMEM; + } + + ret = krb5_encode_EncAPRepPart (context, + buf + buf_size - 1, + buf_size, + &body, + &len); + + free_EncAPRepPart (&body); + krb5_crypto_init(context, (*auth_context)->keyblock, + 0 /* ap.enc_part.etype */, &crypto); + ret = krb5_encrypt (context, + crypto, + KRB5_KU_AP_REQ_ENC_PART, + buf + buf_size - len, + len, + &ap.enc_part.cipher); + krb5_crypto_destroy(context, crypto); + if (ret) { + free(buf); + return ret; + } + + buf_size = length_AP_REP(&ap); + buf = realloc(buf, buf_size); + if(buf == NULL) { + free_AP_REP (&ap); + return ENOMEM; + } + ret = encode_AP_REP (buf + buf_size - 1, buf_size, &ap, &len); + + free_AP_REP (&ap); + + if(len != buf_size) + krb5_abortx(context, "krb5_mk_rep: encoded length != calculated length"); + outbuf->data = buf; + outbuf->length = len; + return 0; +} diff --git a/crypto/heimdal/lib/krb5/mk_req.c b/crypto/heimdal/lib/krb5/mk_req.c new file mode 100644 index 0000000..e92d326 --- /dev/null +++ b/crypto/heimdal/lib/krb5/mk_req.c @@ -0,0 +1,102 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <krb5_locl.h> + +RCSID("$Id: mk_req.c,v 1.18 1999/12/02 17:05:11 joda Exp $"); + +krb5_error_code +krb5_mk_req(krb5_context context, + krb5_auth_context *auth_context, + const krb5_flags ap_req_options, + char *service, + char *hostname, + krb5_data *in_data, + krb5_ccache ccache, + krb5_data *outbuf) +{ + krb5_error_code r; + krb5_creds this_cred, *cred; + char **realms; + krb5_data realm_data; + char *real_hostname; + + memset(&this_cred, 0, sizeof(this_cred)); + + r = krb5_cc_get_principal(context, ccache, &this_cred.client); + + if(r) + return r; + + r = krb5_expand_hostname (context, hostname, &real_hostname); + if (r) { + krb5_free_principal (context, this_cred.client); + return r; + } + + r = krb5_get_host_realm(context, real_hostname, &realms); + if (r) { + krb5_free_principal (context, this_cred.client); + return r; + } + realm_data.length = strlen(*realms); + realm_data.data = *realms; + + r = krb5_build_principal (context, &this_cred.server, + strlen(*realms), + *realms, + service, + real_hostname, + NULL); + free (real_hostname); + krb5_free_host_realm (context, realms); + + if (r) { + krb5_free_principal (context, this_cred.client); + return r; + } + this_cred.times.endtime = 0; + if (auth_context && *auth_context && (*auth_context)->keytype) + this_cred.session.keytype = (*auth_context)->keytype; + + r = krb5_get_credentials (context, 0, ccache, &this_cred, &cred); + if (r) + return r; + + return krb5_mk_req_extended (context, + auth_context, + ap_req_options, + in_data, + cred, + outbuf); +} diff --git a/crypto/heimdal/lib/krb5/mk_req_ext.c b/crypto/heimdal/lib/krb5/mk_req_ext.c new file mode 100644 index 0000000..2b7b886 --- /dev/null +++ b/crypto/heimdal/lib/krb5/mk_req_ext.c @@ -0,0 +1,151 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <krb5_locl.h> + +RCSID("$Id: mk_req_ext.c,v 1.21 1999/12/02 17:05:11 joda Exp $"); + +krb5_error_code +krb5_mk_req_internal(krb5_context context, + krb5_auth_context *auth_context, + const krb5_flags ap_req_options, + krb5_data *in_data, + krb5_creds *in_creds, + krb5_data *outbuf, + krb5_key_usage usage) +{ + krb5_error_code ret; + krb5_data authenticator; + Checksum c; + Checksum *c_opt; + krb5_auth_context ac; + + if(auth_context) { + if(*auth_context == NULL) + ret = krb5_auth_con_init(context, auth_context); + else + ret = 0; + ac = *auth_context; + } else + ret = krb5_auth_con_init(context, &ac); + if(ret) + return ret; + +#if 0 + { + /* This is somewhat bogus since we're possibly overwriting a + value specified by the user, but it's the easiest way to make + the code use a compatible enctype */ + Ticket ticket; + krb5_keytype ticket_keytype; + + ret = decode_Ticket(in_creds->ticket.data, + in_creds->ticket.length, + &ticket, + NULL); + krb5_enctype_to_keytype (context, + ticket.enc_part.etype, + &ticket_keytype); + + if (ticket_keytype == in_creds->session.keytype) + krb5_auth_setenctype(context, + ac, + ticket.enc_part.etype); + free_Ticket(&ticket); + } +#endif + + krb5_free_keyblock(context, ac->keyblock); + krb5_copy_keyblock(context, &in_creds->session, &ac->keyblock); + + if (in_data) { + if(ac->keyblock->keytype == ETYPE_DES_CBC_CRC) { + /* this is to make DCE secd (and older MIT kdcs?) happy */ + ret = krb5_create_checksum(context, + NULL, + CKSUMTYPE_RSA_MD4, + in_data->data, + in_data->length, + &c); + } else { + krb5_crypto crypto; + krb5_crypto_init(context, ac->keyblock, 0, &crypto); + ret = krb5_create_checksum(context, + crypto, + usage, + in_data->data, + in_data->length, + &c); + + krb5_crypto_destroy(context, crypto); + } + c_opt = &c; + } else { + c_opt = NULL; + } + + ret = krb5_build_authenticator (context, + ac, + ac->keyblock->keytype, + in_creds, + c_opt, + NULL, + &authenticator); + if (c_opt) + free_Checksum (c_opt); + if (ret) + return ret; + + ret = krb5_build_ap_req (context, ac->keyblock->keytype, + in_creds, ap_req_options, authenticator, outbuf); + if(auth_context == NULL) + krb5_auth_con_free(context, ac); + return ret; +} + +krb5_error_code +krb5_mk_req_extended(krb5_context context, + krb5_auth_context *auth_context, + const krb5_flags ap_req_options, + krb5_data *in_data, + krb5_creds *in_creds, + krb5_data *outbuf) +{ + return krb5_mk_req_internal (context, + auth_context, + ap_req_options, + in_data, + in_creds, + outbuf, + KRB5_KU_AP_REQ_AUTH_CKSUM); +} diff --git a/crypto/heimdal/lib/krb5/mk_safe.c b/crypto/heimdal/lib/krb5/mk_safe.c new file mode 100644 index 0000000..4d848a6 --- /dev/null +++ b/crypto/heimdal/lib/krb5/mk_safe.c @@ -0,0 +1,115 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <krb5_locl.h> + +RCSID("$Id: mk_safe.c,v 1.20 1999/12/02 17:05:11 joda Exp $"); + +krb5_error_code +krb5_mk_safe(krb5_context context, + krb5_auth_context auth_context, + const krb5_data *userdata, + krb5_data *outbuf, + /*krb5_replay_data*/ void *outdata) +{ + krb5_error_code ret; + KRB_SAFE s; + int32_t sec, usec; + KerberosTime sec2; + int usec2; + u_char *buf = NULL; + size_t buf_size; + size_t len; + int tmp_seq; + krb5_crypto crypto; + + s.pvno = 5; + s.msg_type = krb_safe; + + s.safe_body.user_data = *userdata; + krb5_us_timeofday (context, &sec, &usec); + + sec2 = sec; + s.safe_body.timestamp = &sec2; + usec2 = usec2; + s.safe_body.usec = &usec2; + if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) { + tmp_seq = ++auth_context->local_seqnumber; + s.safe_body.seq_number = &tmp_seq; + } else + s.safe_body.seq_number = NULL; + + s.safe_body.s_address = auth_context->local_address; + s.safe_body.r_address = auth_context->remote_address; + + s.cksum.cksumtype = 0; + s.cksum.checksum.data = NULL; + s.cksum.checksum.length = 0; + + + buf_size = length_KRB_SAFE(&s); + buf = malloc(buf_size + 128); /* add some for checksum */ + if(buf == NULL) + return ENOMEM; + ret = encode_KRB_SAFE (buf + buf_size - 1, buf_size, &s, &len); + ret = krb5_crypto_init(context, auth_context->keyblock, 0, &crypto); + ret = krb5_create_checksum(context, + crypto, + KRB5_KU_KRB_SAFE_CKSUM, + buf + buf_size - len, + len, + &s.cksum); + krb5_crypto_destroy(context, crypto); + if (ret) { + free (buf); + return ret; + } + + buf_size = length_KRB_SAFE(&s); + buf = realloc(buf, buf_size); + if(buf == NULL) + return ENOMEM; + + ret = encode_KRB_SAFE (buf + buf_size - 1, buf_size, &s, &len); + free_Checksum (&s.cksum); + + outbuf->length = len; + outbuf->data = malloc (len); + if (outbuf->data == NULL) { + free (buf); + return ENOMEM; + } + memcpy (outbuf->data, buf + buf_size - len, len); + free (buf); + return 0; +} diff --git a/crypto/heimdal/lib/krb5/n-fold-test.c b/crypto/heimdal/lib/krb5/n-fold-test.c new file mode 100644 index 0000000..814dc6f --- /dev/null +++ b/crypto/heimdal/lib/krb5/n-fold-test.c @@ -0,0 +1,104 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of KTH nor the names of its contributors may be + * used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +#include "krb5_locl.h" + +RCSID("$Id: n-fold-test.c,v 1.3 1999/07/22 11:45:33 assar Exp $"); + +enum { MAXSIZE = 24 }; + +static struct testcase { + const char *str; + unsigned n; + unsigned char res[MAXSIZE]; +} tests[] = { + {"012345", 8, + {0xbe, 0x07, 0x26, 0x31, 0x27, 0x6b, 0x19, 0x55} + }, + {"basch", 24, + {0x1a, 0xab, 0x6b, 0x42, 0x96, 0x4b, 0x98, 0xb2, 0x1f, 0x8c, 0xde, + 0x2d, 0x24, 0x48, 0xba, 0x34, 0x55, 0xd7, 0x86, 0x2c, 0x97, 0x31, + 0x64, 0x3f} + }, + {"eichin", 24, + {0x65, 0x69, 0x63, 0x68, 0x69, 0x6e, 0x4b, 0x73, 0x2b, 0x4b, + 0x1b, 0x43, 0xda, 0x1a, 0x5b, 0x99, 0x5a, 0x58, 0xd2, 0xc6, 0xd0, + 0xd2, 0xdc, 0xca} + }, + {"sommerfeld", 24, + {0x2f, 0x7a, 0x98, 0x55, 0x7c, 0x6e, 0xe4, 0xab, 0xad, 0xf4, + 0xe7, 0x11, 0x92, 0xdd, 0x44, 0x2b, 0xd4, 0xff, 0x53, 0x25, 0xa5, + 0xde, 0xf7, 0x5c} + }, + {"MASSACHVSETTS INSTITVTE OF TECHNOLOGY", 24, + {0xdb, 0x3b, 0x0d, 0x8f, 0x0b, 0x06, 0x1e, 0x60, 0x32, 0x82, + 0xb3, 0x08, 0xa5, 0x08, 0x41, 0x22, 0x9a, 0xd7, 0x98, 0xfa, 0xb9, + 0x54, 0x0c, 0x1b} + }, + {"assar@NADA.KTH.SE", 24, + {0x5c, 0x06, 0xc3, 0x4d, 0x2c, 0x89, 0x05, 0xbe, 0x7a, 0x51, + 0x83, 0x6c, 0xd6, 0xf8, 0x1c, 0x4b, 0x7a, 0x93, 0x49, 0x16, 0x5a, + 0xb3, 0xfa, 0xa9} + }, + {"testKRBTEST.MIT.EDUtestkey", 24, + {0x50, 0x2c, 0xf8, 0x29, 0x78, 0xe5, 0xfb, 0x1a, 0x29, 0x06, + 0xbd, 0x22, 0x28, 0x91, 0x56, 0xc0, 0x06, 0xa0, 0xdc, 0xf5, 0xb6, + 0xc2, 0xda, 0x6c} + }, + {NULL, 0} +}; + +int +main(int argc, char **argv) +{ + unsigned char data[MAXSIZE]; + struct testcase *t; + int ret = 0; + + for (t = tests; t->str; ++t) { + int i; + + _krb5_n_fold (t->str, strlen(t->str), data, t->n); + if (memcmp (data, t->res, t->n) != 0) { + printf ("n-fold(\"%s\", %d) failed\n", t->str, t->n); + printf ("should be: "); + for (i = 0; i < t->n; ++i) + printf ("%02x", t->res[i]); + printf ("\nresult was: "); + for (i = 0; i < t->n; ++i) + printf ("%02x", data[i]); + printf ("\n"); + ret = 1; + } + } + return ret; +} diff --git a/crypto/heimdal/lib/krb5/n-fold.c b/crypto/heimdal/lib/krb5/n-fold.c new file mode 100644 index 0000000..d0db5e8 --- /dev/null +++ b/crypto/heimdal/lib/krb5/n-fold.c @@ -0,0 +1,126 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of KTH nor the names of its contributors may be + * used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +#include "krb5_locl.h" + +RCSID("$Id: n-fold.c,v 1.6 1999/08/27 09:03:41 joda Exp $"); + +static void +rr13(unsigned char *buf, size_t len) +{ + unsigned char *tmp; + int bytes = (len + 7) / 8; + int i; + if(len == 0) + return; + { + const int bits = 13 % len; + const int lbit = len % 8; + + tmp = malloc(bytes); + memcpy(tmp, buf, bytes); + if(lbit) { + /* pad final byte with inital bits */ + tmp[bytes - 1] &= 0xff << (8 - lbit); + for(i = lbit; i < 8; i += len) + tmp[bytes - 1] |= buf[0] >> i; + } + for(i = 0; i < bytes; i++) { + int bb; + int b1, s1, b2, s2; + /* calculate first bit position of this byte */ + bb = 8 * i - bits; + while(bb < 0) + bb += len; + /* byte offset and shift count */ + b1 = bb / 8; + s1 = bb % 8; + + if(bb + 8 > bytes * 8) + /* watch for wraparound */ + s2 = (len + 8 - s1) % 8; + else + s2 = 8 - s1; + b2 = (b1 + 1) % bytes; + buf[i] = (tmp[b1] << s1) | (tmp[b2] >> s2); + } + free(tmp); + } +} + +/* Add `b' to `a', both beeing one's complement numbers. */ +static void +add1(unsigned char *a, unsigned char *b, size_t len) +{ + int i; + int carry = 0; + for(i = len - 1; i >= 0; i--){ + int x = a[i] + b[i] + carry; + carry = x > 0xff; + a[i] = x & 0xff; + } + for(i = len - 1; carry && i >= 0; i--){ + int x = a[i] + carry; + carry = x > 0xff; + a[i] = x & 0xff; + } +} + +void +_krb5_n_fold(const void *str, size_t len, void *key, size_t size) +{ + /* if len < size we need at most N * len bytes, ie < 2 * size; + if len > size we need at most 2 * len */ + size_t maxlen = 2 * max(size, len); + size_t l = 0; + unsigned char *tmp = malloc(maxlen); + unsigned char *buf = malloc(len); + + memcpy(buf, str, len); + memset(key, 0, size); + do { + memcpy(tmp + l, buf, len); + l += len; + rr13(buf, len * 8); + while(l >= size) { + add1(key, tmp, size); + l -= size; + if(l == 0) + break; + memmove(tmp, tmp + size, l); + } + } while(l != 0); + memset(buf, 0, len); + free(buf); + memset(tmp, 0, maxlen); + free(tmp); +} diff --git a/crypto/heimdal/lib/krb5/net_read.c b/crypto/heimdal/lib/krb5/net_read.c new file mode 100644 index 0000000..8cb1dc4 --- /dev/null +++ b/crypto/heimdal/lib/krb5/net_read.c @@ -0,0 +1,47 @@ +/* + * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: net_read.c,v 1.5 1999/12/02 17:05:11 joda Exp $"); + +ssize_t +krb5_net_read (krb5_context context, + void *p_fd, + void *buf, + size_t len) +{ + int fd = *((int *)p_fd); + + return net_read (fd, buf, len); +} diff --git a/crypto/heimdal/lib/krb5/net_write.c b/crypto/heimdal/lib/krb5/net_write.c new file mode 100644 index 0000000..5cc719b --- /dev/null +++ b/crypto/heimdal/lib/krb5/net_write.c @@ -0,0 +1,47 @@ +/* + * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: net_write.c,v 1.6 1999/12/02 17:05:11 joda Exp $"); + +ssize_t +krb5_net_write (krb5_context context, + void *p_fd, + const void *buf, + size_t len) +{ + int fd = *((int *)p_fd); + + return net_write (fd, buf, len); +} diff --git a/crypto/heimdal/lib/krb5/padata.c b/crypto/heimdal/lib/krb5/padata.c new file mode 100644 index 0000000..bcf7952 --- /dev/null +++ b/crypto/heimdal/lib/krb5/padata.c @@ -0,0 +1,45 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: padata.c,v 1.2 1999/12/02 17:05:11 joda Exp $"); + +PA_DATA * +krb5_find_padata(PA_DATA *val, unsigned len, int type, int *index) +{ + for(; *index < len; (*index)++) + if(val[*index].padata_type == type) + return val + *index; + return NULL; +} diff --git a/crypto/heimdal/lib/krb5/principal.c b/crypto/heimdal/lib/krb5/principal.c new file mode 100644 index 0000000..3fd022d --- /dev/null +++ b/crypto/heimdal/lib/krb5/principal.c @@ -0,0 +1,898 @@ +/* + * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" +#ifdef HAVE_RES_SEARCH +#define USE_RESOLVER +#endif +#ifdef HAVE_ARPA_NAMESER_H +#include <arpa/nameser.h> +#endif +#include "resolve.h" + +RCSID("$Id: principal.c,v 1.57 2000/01/08 08:08:03 assar Exp $"); + +#define princ_num_comp(P) ((P)->name.name_string.len) +#define princ_type(P) ((P)->name.name_type) +#define princ_comp(P) ((P)->name.name_string.val) +#define princ_ncomp(P, N) ((P)->name.name_string.val[(N)]) +#define princ_realm(P) ((P)->realm) + +void +krb5_free_principal(krb5_context context, + krb5_principal p) +{ + if(p){ + free_Principal(p); + free(p); + } +} + +krb5_error_code +krb5_parse_name(krb5_context context, + const char *name, + krb5_principal *principal) +{ + krb5_error_code ret; + general_string *comp; + general_string realm; + int ncomp; + + char *p; + char *q; + char *s; + char *start; + + int n; + char c; + int got_realm = 0; + + /* count number of component */ + ncomp = 1; + for(p = (char*)name; *p; p++){ + if(*p=='\\'){ + if(!p[1]) + return KRB5_PARSE_MALFORMED; + p++; + } else if(*p == '/') + ncomp++; + } + comp = calloc(ncomp, sizeof(*comp)); + if (comp == NULL) + return ENOMEM; + + n = 0; + start = q = p = s = strdup(name); + if (start == NULL) { + free (comp); + return ENOMEM; + } + while(*p){ + c = *p++; + if(c == '\\'){ + c = *p++; + if(c == 'n') + c = '\n'; + else if(c == 't') + c = '\t'; + else if(c == 'b') + c = '\b'; + else if(c == '0') + c = '\0'; + }else if(c == '/' || c == '@'){ + if(got_realm){ + ret = KRB5_PARSE_MALFORMED; + goto exit; + }else{ + comp[n] = malloc(q - start + 1); + if (comp[n] == NULL) { + ret = ENOMEM; + goto exit; + } + strncpy(comp[n], start, q - start); + comp[n][q - start] = 0; + n++; + } + if(c == '@') + got_realm = 1; + start = q; + continue; + } + if(got_realm && (c == ':' || c == '/' || c == '\0')) { + ret = KRB5_PARSE_MALFORMED; + goto exit; + } + *q++ = c; + } + if(got_realm){ + realm = malloc(q - start + 1); + if (realm == NULL) { + ret = ENOMEM; + goto exit; + } + strncpy(realm, start, q - start); + realm[q - start] = 0; + }else{ + ret = krb5_get_default_realm (context, &realm); + if (ret) + goto exit; + + comp[n] = malloc(q - start + 1); + if (comp[n] == NULL) { + ret = ENOMEM; + goto exit; + } + strncpy(comp[n], start, q - start); + comp[n][q - start] = 0; + n++; + } + *principal = malloc(sizeof(**principal)); + if (*principal == NULL) { + ret = ENOMEM; + goto exit; + } + (*principal)->name.name_type = KRB5_NT_PRINCIPAL; + (*principal)->name.name_string.val = comp; + princ_num_comp(*principal) = n; + (*principal)->realm = realm; + free(s); + return 0; +exit: + while(n>0){ + free(comp[--n]); + } + free(comp); + free(s); + return ret; +} + +static const char quotable_chars[] = "\n\t\b\\/@"; +static const char replace_chars[] = "ntb\\/@"; + +#define add_char(BASE, INDEX, LEN, C) do { if((INDEX) < (LEN)) (BASE)[(INDEX)++] = (C); }while(0); + +static size_t +quote_string(const char *s, char *out, size_t index, size_t len) +{ + const char *p, *q; + for(p = s; *p && index < len; p++){ + if((q = strchr(quotable_chars, *p))){ + add_char(out, index, len, '\\'); + add_char(out, index, len, replace_chars[q - quotable_chars]); + }else + add_char(out, index, len, *p); + } + if(index < len) + out[index] = '\0'; + return index; +} + + +static krb5_error_code +unparse_name_fixed(krb5_context context, + krb5_const_principal principal, + char *name, + size_t len, + krb5_boolean short_form) +{ + size_t index = 0; + int i; + for(i = 0; i < princ_num_comp(principal); i++){ + if(i) + add_char(name, index, len, '/'); + index = quote_string(princ_ncomp(principal, i), name, index, len); + if(index == len) + return ERANGE; + } + /* add realm if different from default realm */ + if(short_form) { + krb5_realm r; + krb5_error_code ret; + ret = krb5_get_default_realm(context, &r); + if(ret) + return ret; + if(strcmp(princ_realm(principal), r) != 0) + short_form = 0; + free(r); + } + if(!short_form) { + add_char(name, index, len, '@'); + index = quote_string(princ_realm(principal), name, index, len); + if(index == len) + return ERANGE; + } + return 0; +} + +krb5_error_code +krb5_unparse_name_fixed(krb5_context context, + krb5_const_principal principal, + char *name, + size_t len) +{ + return unparse_name_fixed(context, principal, name, len, FALSE); +} + +krb5_error_code +krb5_unparse_name_fixed_short(krb5_context context, + krb5_const_principal principal, + char *name, + size_t len) +{ + return unparse_name_fixed(context, principal, name, len, TRUE); +} + +static krb5_error_code +unparse_name(krb5_context context, + krb5_const_principal principal, + char **name, + krb5_boolean short_flag) +{ + size_t len = 0, plen; + int i; + krb5_error_code ret; + /* count length */ + plen = strlen(princ_realm(principal)); + if(strcspn(princ_realm(principal), quotable_chars) == plen) + len += plen; + else + len += 2*plen; + len++; + for(i = 0; i < princ_num_comp(principal); i++){ + plen = strlen(princ_ncomp(principal, i)); + if(strcspn(princ_ncomp(principal, i), quotable_chars) == plen) + len += plen; + else + len += 2*plen; + len++; + } + *name = malloc(len); + if(len != 0 && *name == NULL) + return ENOMEM; + ret = unparse_name_fixed(context, principal, *name, len, short_flag); + if(ret) + free(*name); + return ret; +} + +krb5_error_code +krb5_unparse_name(krb5_context context, + krb5_const_principal principal, + char **name) +{ + return unparse_name(context, principal, name, FALSE); +} + +krb5_error_code +krb5_unparse_name_short(krb5_context context, + krb5_const_principal principal, + char **name) +{ + return unparse_name(context, principal, name, TRUE); +} + +#if 0 /* not implemented */ + +krb5_error_code +krb5_unparse_name_ext(krb5_context context, + krb5_const_principal principal, + char **name, + size_t *size) +{ + krb5_abortx(context, "unimplemented krb5_unparse_name_ext called"); +} + +#endif + +krb5_realm* +krb5_princ_realm(krb5_context context, + krb5_principal principal) +{ + return &princ_realm(principal); +} + + +void +krb5_princ_set_realm(krb5_context context, + krb5_principal principal, + krb5_realm *realm) +{ + princ_realm(principal) = *realm; +} + + +krb5_error_code +krb5_build_principal(krb5_context context, + krb5_principal *principal, + int rlen, + krb5_const_realm realm, + ...) +{ + krb5_error_code ret; + va_list ap; + va_start(ap, realm); + ret = krb5_build_principal_va(context, principal, rlen, realm, ap); + va_end(ap); + return ret; +} + +static krb5_error_code +append_component(krb5_context context, krb5_principal p, + general_string comp, + size_t comp_len) +{ + general_string *tmp; + size_t len = princ_num_comp(p); + tmp = realloc(princ_comp(p), (len + 1) * sizeof(*tmp)); + if(tmp == NULL) + return ENOMEM; + princ_comp(p) = tmp; + princ_ncomp(p, len) = malloc(comp_len + 1); + memcpy (princ_ncomp(p, len), comp, comp_len); + princ_ncomp(p, len)[comp_len] = '\0'; + princ_num_comp(p)++; + return 0; +} + +static void +va_ext_princ(krb5_context context, krb5_principal p, va_list ap) +{ + while(1){ + char *s; + int len; + len = va_arg(ap, int); + if(len == 0) + break; + s = va_arg(ap, char*); + append_component(context, p, s, len); + } +} + +static void +va_princ(krb5_context context, krb5_principal p, va_list ap) +{ + while(1){ + char *s; + s = va_arg(ap, char*); + if(s == NULL) + break; + append_component(context, p, s, strlen(s)); + } +} + + +static krb5_error_code +build_principal(krb5_context context, + krb5_principal *principal, + int rlen, + krb5_const_realm realm, + void (*func)(krb5_context, krb5_principal, va_list), + va_list ap) +{ + krb5_principal p; + + p = calloc(1, sizeof(*p)); + if (p == NULL) + return ENOMEM; + princ_type(p) = KRB5_NT_PRINCIPAL; + + princ_realm(p) = strdup(realm); + if(p->realm == NULL){ + free(p); + return ENOMEM; + } + + (*func)(context, p, ap); + *principal = p; + return 0; +} + +krb5_error_code +krb5_make_principal(krb5_context context, + krb5_principal *principal, + krb5_const_realm realm, + ...) +{ + krb5_error_code ret; + krb5_realm r = NULL; + va_list ap; + if(realm == NULL) { + ret = krb5_get_default_realm(context, &r); + if(ret) + return ret; + realm = r; + } + va_start(ap, realm); + ret = krb5_build_principal_va(context, principal, strlen(realm), realm, ap); + va_end(ap); + if(r) + free(r); + return ret; +} + +krb5_error_code +krb5_build_principal_va(krb5_context context, + krb5_principal *principal, + int rlen, + krb5_const_realm realm, + va_list ap) +{ + return build_principal(context, principal, rlen, realm, va_princ, ap); +} + +krb5_error_code +krb5_build_principal_va_ext(krb5_context context, + krb5_principal *principal, + int rlen, + krb5_const_realm realm, + va_list ap) +{ + return build_principal(context, principal, rlen, realm, va_ext_princ, ap); +} + + +krb5_error_code +krb5_build_principal_ext(krb5_context context, + krb5_principal *principal, + int rlen, + krb5_const_realm realm, + ...) +{ + krb5_error_code ret; + va_list ap; + va_start(ap, realm); + ret = krb5_build_principal_va_ext(context, principal, rlen, realm, ap); + va_end(ap); + return ret; +} + + +krb5_error_code +krb5_copy_principal(krb5_context context, + krb5_const_principal inprinc, + krb5_principal *outprinc) +{ + krb5_principal p = malloc(sizeof(*p)); + if (p == NULL) + return ENOMEM; + if(copy_Principal(inprinc, p)) + return ENOMEM; + *outprinc = p; + return 0; +} + + +krb5_boolean +krb5_principal_compare_any_realm(krb5_context context, + krb5_const_principal princ1, + krb5_const_principal princ2) +{ + int i; + if(princ_num_comp(princ1) != princ_num_comp(princ2)) + return FALSE; + for(i = 0; i < princ_num_comp(princ1); i++){ + if(strcmp(princ_ncomp(princ1, i), princ_ncomp(princ2, i)) != 0) + return FALSE; + } + return TRUE; +} + +krb5_boolean +krb5_principal_compare(krb5_context context, + krb5_const_principal princ1, + krb5_const_principal princ2) +{ + if(!krb5_realm_compare(context, princ1, princ2)) + return FALSE; + return krb5_principal_compare_any_realm(context, princ1, princ2); +} + + +krb5_boolean +krb5_realm_compare(krb5_context context, + krb5_const_principal princ1, + krb5_const_principal princ2) +{ + return strcmp(princ_realm(princ1), princ_realm(princ2)) == 0; +} + +struct v4_name_convert { + const char *from; + const char *to; +} default_v4_name_convert[] = { + { "ftp", "ftp" }, + { "hprop", "hprop" }, + { "pop", "pop" }, + { "rcmd", "host" }, + { NULL, NULL } +}; + +static const char* +get_name_conversion(krb5_context context, const char *realm, const char *name) +{ + struct v4_name_convert *q; + const char *p; + p = krb5_config_get_string(context, NULL, "realms", realm, + "v4_name_convert", "host", name, NULL); + if(p == NULL) + p = krb5_config_get_string(context, NULL, "libdefaults", + "v4_name_convert", "host", name, NULL); + if(p) + return p; + + /* XXX should be possible to override default list */ + p = krb5_config_get_string(context, NULL, + "realms", + realm, + "v4_name_convert", + "plain", + name, + NULL); + if(p) + return NULL; + p = krb5_config_get_string(context, NULL, + "libdefaults", + "v4_name_convert", + "plain", + name, + NULL); + if(p) + return NULL; + for(q = default_v4_name_convert; q->from; q++) + if(strcmp(q->from, name) == 0) + return q->to; + return NULL; +} + +krb5_error_code +krb5_425_conv_principal_ext(krb5_context context, + const char *name, + const char *instance, + const char *realm, + krb5_boolean (*func)(krb5_context, krb5_principal), + krb5_boolean resolve, + krb5_principal *princ) +{ + const char *p; + krb5_error_code ret; + krb5_principal pr; + char host[128]; + + /* do the following: if the name is found in the + `v4_name_convert:host' part, is is assumed to be a `host' type + principal, and the instance is looked up in the + `v4_instance_convert' part. if not found there the name is + (optionally) looked up as a hostname, and if that doesn't yield + anything, the `default_domain' is appended to the instance + */ + + if(instance == NULL) + goto no_host; + if(instance[0] == 0){ + instance = NULL; + goto no_host; + } + p = get_name_conversion(context, realm, name); + if(p == NULL) + goto no_host; + name = p; + p = krb5_config_get_string(context, NULL, "realms", realm, + "v4_instance_convert", instance, NULL); + if(p){ + instance = p; + ret = krb5_make_principal(context, &pr, realm, name, instance, NULL); + if(func == NULL || (*func)(context, pr)){ + *princ = pr; + return 0; + } + krb5_free_principal(context, pr); + *princ = NULL; + return HEIM_ERR_V4_PRINC_NO_CONV; + } + if(resolve){ + const char *inst = NULL; +#ifdef USE_RESOLVER + struct dns_reply *r; + r = dns_lookup(instance, "a"); + if(r && r->head && r->head->type == T_A) + inst = r->head->domain; +#else + struct hostent *hp = roken_gethostbyname(instance); + if(hp) + inst = hp->h_name; +#endif + if(inst) { + ret = krb5_make_principal(context, &pr, realm, name, inst, NULL); + if(ret == 0) { + if(func == NULL || (*func)(context, pr)){ + *princ = pr; +#ifdef USE_RESOLVER + dns_free_data(r); +#endif + return 0; + } + krb5_free_principal(context, pr); + } + } +#ifdef USE_RESOLVER + if(r) + dns_free_data(r); +#endif + } + { + char **domains, **d; + domains = krb5_config_get_strings(context, NULL, "realms", realm, + "v4_domains", NULL); + for(d = domains; d && *d; d++){ + snprintf(host, sizeof(host), "%s.%s", instance, *d); + ret = krb5_make_principal(context, &pr, realm, name, host, NULL); + if(func == NULL || (*func)(context, pr)){ + *princ = pr; + krb5_config_free_strings(domains); + return 0; + } + krb5_free_principal(context, pr); + } + krb5_config_free_strings(domains); + } + + + p = krb5_config_get_string(context, NULL, "realms", realm, + "default_domain", NULL); + if(p == NULL){ + /* should this be an error or should it silently + succeed? */ + return HEIM_ERR_V4_PRINC_NO_CONV; + } + + if (*p == '.') + ++p; + snprintf(host, sizeof(host), "%s.%s", instance, p); + ret = krb5_make_principal(context, &pr, realm, name, host, NULL); + if(func == NULL || (*func)(context, pr)){ + *princ = pr; + return 0; + } + krb5_free_principal(context, pr); + return HEIM_ERR_V4_PRINC_NO_CONV; +no_host: + p = krb5_config_get_string(context, NULL, + "realms", + realm, + "v4_name_convert", + "plain", + name, + NULL); + if(p == NULL) + p = krb5_config_get_string(context, NULL, + "libdefaults", + "v4_name_convert", + "plain", + name, + NULL); + if(p) + name = p; + + ret = krb5_make_principal(context, &pr, realm, name, instance, NULL); + if(func == NULL || (*func)(context, pr)){ + *princ = pr; + return 0; + } + krb5_free_principal(context, pr); + return HEIM_ERR_V4_PRINC_NO_CONV; +} + +krb5_error_code +krb5_425_conv_principal(krb5_context context, + const char *name, + const char *instance, + const char *realm, + krb5_principal *princ) +{ + krb5_boolean resolve = krb5_config_get_bool(context, + NULL, + "libdefaults", + "v4_instance_resolve", + NULL); + + return krb5_425_conv_principal_ext(context, name, instance, realm, + NULL, resolve, princ); +} + + +static int +check_list(const krb5_config_binding *l, const char *name, const char **out) +{ + while(l){ + if (l->type != krb5_config_string) + continue; + if(strcmp(name, l->u.string) == 0) { + *out = l->name; + return 1; + } + l = l->next; + } + return 0; +} + +static int +name_convert(krb5_context context, const char *name, const char *realm, + const char **out) +{ + const krb5_config_binding *l; + l = krb5_config_get_list (context, + NULL, + "realms", + realm, + "v4_name_convert", + "host", + NULL); + if(l && check_list(l, name, out)) + return KRB5_NT_SRV_HST; + l = krb5_config_get_list (context, + NULL, + "libdefaults", + "v4_name_convert", + "host", + NULL); + if(l && check_list(l, name, out)) + return KRB5_NT_SRV_HST; + l = krb5_config_get_list (context, + NULL, + "realms", + realm, + "v4_name_convert", + "plain", + NULL); + if(l && check_list(l, name, out)) + return KRB5_NT_UNKNOWN; + l = krb5_config_get_list (context, + NULL, + "libdefaults", + "v4_name_convert", + "host", + NULL); + if(l && check_list(l, name, out)) + return KRB5_NT_UNKNOWN; + + /* didn't find it in config file, try built-in list */ + { + struct v4_name_convert *q; + for(q = default_v4_name_convert; q->from; q++) { + if(strcmp(name, q->to) == 0) { + *out = q->from; + return KRB5_NT_SRV_HST; + } + } + } + return -1; +} + +krb5_error_code +krb5_524_conv_principal(krb5_context context, + const krb5_principal principal, + char *name, + char *instance, + char *realm) +{ + const char *n, *i, *r; + char tmpinst[40]; + int type = princ_type(principal); + + r = principal->realm; + + switch(principal->name.name_string.len){ + case 1: + n = principal->name.name_string.val[0]; + i = ""; + break; + case 2: + n = principal->name.name_string.val[0]; + i = principal->name.name_string.val[1]; + break; + default: + return KRB5_PARSE_MALFORMED; + } + + { + const char *tmp; + int t = name_convert(context, n, r, &tmp); + if(t >= 0) { + type = t; + n = tmp; + } + } + + if(type == KRB5_NT_SRV_HST){ + char *p; + strncpy(tmpinst, i, sizeof(tmpinst)); + tmpinst[sizeof(tmpinst) - 1] = 0; + p = strchr(tmpinst, '.'); + if(p) *p = 0; + i = tmpinst; + } + + if(strlen(r) >= 40) + return KRB5_PARSE_MALFORMED; + if(strlen(n) >= 40) + return KRB5_PARSE_MALFORMED; + if(strlen(i) >= 40) + return KRB5_PARSE_MALFORMED; + strcpy(realm, r); + strcpy(name, n); + strcpy(instance, i); + return 0; +} + +/* + * Create a principal in `ret_princ' for the service `sname' running + * on host `hostname'. + */ + +krb5_error_code +krb5_sname_to_principal (krb5_context context, + const char *hostname, + const char *sname, + int32_t type, + krb5_principal *ret_princ) +{ + krb5_error_code ret; + char localhost[128]; + char **realms, *host = NULL; + + if(type != KRB5_NT_SRV_HST && type != KRB5_NT_UNKNOWN) + return KRB5_SNAME_UNSUPP_NAMETYPE; + if(hostname == NULL) { + gethostname(localhost, sizeof(localhost)); + hostname = localhost; + } + if(sname == NULL) + sname = "host"; + if(type == KRB5_NT_SRV_HST) { + ret = krb5_expand_hostname (context, hostname, &host); + if (ret) + return ret; + strlwr(host); + hostname = host; + } + ret = krb5_get_host_realm(context, hostname, &realms); + if(ret) + return ret; + + ret = krb5_make_principal(context, ret_princ, realms[0], sname, + hostname, NULL); + if(host) + free(host); + krb5_free_host_realm(context, realms); + return ret; +} diff --git a/crypto/heimdal/lib/krb5/prog_setup.c b/crypto/heimdal/lib/krb5/prog_setup.c new file mode 100644 index 0000000..4693d08 --- /dev/null +++ b/crypto/heimdal/lib/krb5/prog_setup.c @@ -0,0 +1,62 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" +#include <getarg.h> + +RCSID("$Id: prog_setup.c,v 1.6 1999/12/02 17:05:11 joda Exp $"); + +void +krb5_std_usage(int code, struct getargs *args, int num_args) +{ + arg_printusage(args, num_args, NULL, ""); + exit(code); +} + +int +krb5_program_setup(krb5_context *context, int argc, char **argv, + struct getargs *args, int num_args, + void (*usage)(int, struct getargs*, int)) +{ + int optind = 0; + + if(usage == NULL) + usage = krb5_std_usage; + + set_progname(argv[0]); + krb5_init_context(context); + + if(getarg(args, num_args, argc, argv, &optind)) + (*usage)(1, args, num_args); + return optind; +} diff --git a/crypto/heimdal/lib/krb5/prompter_posix.c b/crypto/heimdal/lib/krb5/prompter_posix.c new file mode 100644 index 0000000..a849254 --- /dev/null +++ b/crypto/heimdal/lib/krb5/prompter_posix.c @@ -0,0 +1,70 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: prompter_posix.c,v 1.5 1999/12/02 17:05:11 joda Exp $"); + +int +krb5_prompter_posix (krb5_context context, + void *data, + const char *banner, + int num_prompts, + krb5_prompt prompts[]) +{ + int i; + + if (banner) + fprintf (stderr, "%s\n", banner); + for (i = 0; i < num_prompts; ++i) { + if (prompts[i].hidden) { + if(des_read_pw_string(prompts[i].reply->data, + prompts[i].reply->length, + prompts[i].prompt, + 0)) + return 1; + } else { + char *s = prompts[i].reply->data; + + fputs (prompts[i].prompt, stdout); + fflush (stdout); + if(fgets(prompts[i].reply->data, + prompts[i].reply->length, + stdin) == NULL) + return 1; + if(s[strlen(s) - 1] == '\n') + s[strlen(s) - 1] = '\0'; + } + } + return 0; +} diff --git a/crypto/heimdal/lib/krb5/rd_cred.c b/crypto/heimdal/lib/krb5/rd_cred.c new file mode 100644 index 0000000..c330791 --- /dev/null +++ b/crypto/heimdal/lib/krb5/rd_cred.c @@ -0,0 +1,185 @@ +/* + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <krb5_locl.h> + +RCSID("$Id: rd_cred.c,v 1.8 1999/12/02 17:05:12 joda Exp $"); + +krb5_error_code +krb5_rd_cred (krb5_context context, + krb5_auth_context auth_context, + krb5_ccache ccache, + krb5_data *in_data) +{ + krb5_error_code ret; + size_t len; + KRB_CRED cred; + EncKrbCredPart enc_krb_cred_part; + krb5_data enc_krb_cred_part_data; + krb5_crypto crypto; + int i; + + ret = decode_KRB_CRED (in_data->data, in_data->length, + &cred, &len); + if (ret) + return ret; + + if (cred.pvno != 5) { + ret = KRB5KRB_AP_ERR_BADVERSION; + goto out; + } + + if (cred.msg_type != krb_cred) { + ret = KRB5KRB_AP_ERR_MSG_TYPE; + goto out; + } + + krb5_crypto_init(context, auth_context->remote_subkey, 0, &crypto); + ret = krb5_decrypt_EncryptedData(context, + crypto, + KRB5_KU_KRB_CRED, + &cred.enc_part, + &enc_krb_cred_part_data); + krb5_crypto_destroy(context, crypto); + if (ret) + goto out; + + + ret = krb5_decode_EncKrbCredPart (context, + enc_krb_cred_part_data.data, + enc_krb_cred_part_data.length, + &enc_krb_cred_part, + &len); + if (ret) + goto out; + + /* check sender address */ + + if (enc_krb_cred_part.s_address + && auth_context->remote_address) { + krb5_address *a; + int cmp; + + ret = krb5_make_addrport (&a, + auth_context->remote_address, + auth_context->remote_port); + if (ret) + goto out; + + + cmp = krb5_address_compare (context, + a, + enc_krb_cred_part.s_address); + + krb5_free_address (context, a); + free (a); + + if (cmp == 0) { + ret = KRB5KRB_AP_ERR_BADADDR; + goto out; + } + } + + /* check receiver address */ + + if (enc_krb_cred_part.r_address + && !krb5_address_compare (context, + auth_context->local_address, + enc_krb_cred_part.r_address)) { + ret = KRB5KRB_AP_ERR_BADADDR; + goto out; + } + + /* check timestamp */ + if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_TIME) { + int32_t sec; + + krb5_timeofday (context, &sec); + + if (enc_krb_cred_part.timestamp == NULL || + enc_krb_cred_part.usec == NULL || + abs(*enc_krb_cred_part.timestamp - sec) + > context->max_skew) { + ret = KRB5KRB_AP_ERR_SKEW; + goto out; + } + } + + /* XXX - check replay cache */ + + /* Store the creds in the ccache */ + + for (i = 0; i < enc_krb_cred_part.ticket_info.len; ++i) { + KrbCredInfo *kci = &enc_krb_cred_part.ticket_info.val[i]; + krb5_creds creds; + u_char buf[1024]; + size_t len; + + memset (&creds, 0, sizeof(creds)); + + ret = encode_Ticket (buf + sizeof(buf) - 1, sizeof(buf), + &cred.tickets.val[i], + &len); + if (ret) + goto out; + krb5_data_copy (&creds.ticket, buf + sizeof(buf) - len, len); + copy_EncryptionKey (&kci->key, &creds.session); + if (kci->prealm && kci->pname) + principalname2krb5_principal (&creds.client, + *kci->pname, + *kci->prealm); + if (kci->flags) + creds.flags.b = *kci->flags; + if (kci->authtime) + creds.times.authtime = *kci->authtime; + if (kci->starttime) + creds.times.starttime = *kci->starttime; + if (kci->endtime) + creds.times.endtime = *kci->endtime; + if (kci->renew_till) + creds.times.renew_till = *kci->renew_till; + if (kci->srealm && kci->sname) + principalname2krb5_principal (&creds.server, + *kci->sname, + *kci->srealm); + if (kci->caddr) + krb5_copy_addresses (context, + kci->caddr, + &creds.addresses); + krb5_cc_store_cred (context, ccache, &creds); + } + +out: + free_KRB_CRED (&cred); + return ret; +} diff --git a/crypto/heimdal/lib/krb5/rd_error.c b/crypto/heimdal/lib/krb5/rd_error.c new file mode 100644 index 0000000..df9b45e --- /dev/null +++ b/crypto/heimdal/lib/krb5/rd_error.c @@ -0,0 +1,66 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: rd_error.c,v 1.4 1999/12/02 17:05:12 joda Exp $"); + +krb5_error_code +krb5_rd_error(krb5_context context, + krb5_data *msg, + KRB_ERROR *result) +{ + + size_t len; + krb5_error_code ret; + ret = decode_KRB_ERROR(msg->data, msg->length, result, &len); + if(ret) + return ret; + result->error_code += KRB5KDC_ERR_NONE; + return 0; +} + +void +krb5_free_error_contents (krb5_context context, + krb5_error *error) +{ + free_KRB_ERROR(error); +} + +void +krb5_free_error (krb5_context context, + krb5_error *error) +{ + krb5_free_error_contents (context, error); + free (error); +} diff --git a/crypto/heimdal/lib/krb5/rd_priv.c b/crypto/heimdal/lib/krb5/rd_priv.c new file mode 100644 index 0000000..0bc8564 --- /dev/null +++ b/crypto/heimdal/lib/krb5/rd_priv.c @@ -0,0 +1,150 @@ +/* + * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <krb5_locl.h> + +RCSID("$Id: rd_priv.c,v 1.22 1999/12/02 17:05:12 joda Exp $"); + +krb5_error_code +krb5_rd_priv(krb5_context context, + krb5_auth_context auth_context, + const krb5_data *inbuf, + krb5_data *outbuf, + /*krb5_replay_data*/ void *outdata) +{ + krb5_error_code ret; + KRB_PRIV priv; + EncKrbPrivPart part; + size_t len; + krb5_data plain; + krb5_keyblock *key; + krb5_crypto crypto; + + memset(&priv, 0, sizeof(priv)); + ret = decode_KRB_PRIV (inbuf->data, inbuf->length, &priv, &len); + if (ret) + goto failure; + if (priv.pvno != 5) { + ret = KRB5KRB_AP_ERR_BADVERSION; + goto failure; + } + if (priv.msg_type != krb_priv) { + ret = KRB5KRB_AP_ERR_MSG_TYPE; + goto failure; + } + + /* XXX - Is this right? */ + + if (auth_context->local_subkey) + key = auth_context->local_subkey; + else if (auth_context->remote_subkey) + key = auth_context->remote_subkey; + else + key = auth_context->keyblock; + + krb5_crypto_init(context, key, 0, &crypto); + ret = krb5_decrypt_EncryptedData(context, + crypto, + KRB5_KU_KRB_PRIV, + &priv.enc_part, + &plain); + krb5_crypto_destroy(context, crypto); + if (ret) + goto failure; + + ret = decode_EncKrbPrivPart (plain.data, plain.length, &part, &len); + krb5_data_free (&plain); + if (ret) + goto failure; + + /* check sender address */ + + if (part.s_address + && auth_context->remote_address + && !krb5_address_compare (context, + auth_context->remote_address, + part.s_address)) { + ret = KRB5KRB_AP_ERR_BADADDR; + goto failure_part; + } + + /* check receiver address */ + + if (part.r_address + && auth_context->local_address + && !krb5_address_compare (context, + auth_context->local_address, + part.r_address)) { + ret = KRB5KRB_AP_ERR_BADADDR; + goto failure_part; + } + + /* check timestamp */ + if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_TIME) { + int32_t sec; + + krb5_timeofday (context, &sec); + if (part.timestamp == NULL || + part.usec == NULL || + abs(*part.timestamp - sec) > context->max_skew) { + ret = KRB5KRB_AP_ERR_SKEW; + goto failure_part; + } + } + + /* XXX - check replay cache */ + + /* check sequence number */ + if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) { + if (part.seq_number == NULL || + *part.seq_number != ++auth_context->remote_seqnumber) { + ret = KRB5KRB_AP_ERR_BADORDER; + goto failure_part; + } + } + + ret = krb5_data_copy (outbuf, part.user_data.data, part.user_data.length); + if (ret) + goto failure_part; + + free_EncKrbPrivPart (&part); + free_KRB_PRIV (&priv); + return 0; + +failure_part: + free_EncKrbPrivPart (&part); + +failure: + free_KRB_PRIV (&priv); + return ret; +} diff --git a/crypto/heimdal/lib/krb5/rd_rep.c b/crypto/heimdal/lib/krb5/rd_rep.c new file mode 100644 index 0000000..e2c401c --- /dev/null +++ b/crypto/heimdal/lib/krb5/rd_rep.c @@ -0,0 +1,108 @@ +/* + * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <krb5_locl.h> + +RCSID("$Id: rd_rep.c,v 1.19 1999/12/02 17:05:12 joda Exp $"); + +krb5_error_code +krb5_rd_rep(krb5_context context, + krb5_auth_context auth_context, + const krb5_data *inbuf, + krb5_ap_rep_enc_part **repl) +{ + krb5_error_code ret; + AP_REP ap_rep; + size_t len; + krb5_data data; + krb5_crypto crypto; + + krb5_data_zero (&data); + ret = 0; + + ret = decode_AP_REP(inbuf->data, inbuf->length, &ap_rep, &len); + if (ret) + return ret; + if (ap_rep.pvno != 5) { + ret = KRB5KRB_AP_ERR_BADVERSION; + goto out; + } + if (ap_rep.msg_type != krb_ap_rep) { + ret = KRB5KRB_AP_ERR_MSG_TYPE; + goto out; + } + + krb5_crypto_init(context, auth_context->keyblock, 0, &crypto); + ret = krb5_decrypt_EncryptedData (context, + crypto, + KRB5_KU_AP_REQ_ENC_PART, + &ap_rep.enc_part, + &data); + krb5_crypto_destroy(context, crypto); + if (ret) + goto out; + + *repl = malloc(sizeof(**repl)); + if (*repl == NULL) { + ret = ENOMEM; + goto out; + } + ret = krb5_decode_EncAPRepPart(context, + data.data, + data.length, + *repl, + &len); + if (ret) + return ret; + + if ((*repl)->ctime != auth_context->authenticator->ctime || + (*repl)->cusec != auth_context->authenticator->cusec) { + ret = KRB5KRB_AP_ERR_MUT_FAIL; + goto out; + } + if ((*repl)->seq_number) + auth_context->remote_seqnumber = *((*repl)->seq_number); + +out: + krb5_data_free (&data); + free_AP_REP (&ap_rep); + return ret; +} + +void +krb5_free_ap_rep_enc_part (krb5_context context, + krb5_ap_rep_enc_part *val) +{ + free_EncAPRepPart (val); + free (val); +} diff --git a/crypto/heimdal/lib/krb5/rd_req.c b/crypto/heimdal/lib/krb5/rd_req.c new file mode 100644 index 0000000..9f8df1d --- /dev/null +++ b/crypto/heimdal/lib/krb5/rd_req.c @@ -0,0 +1,441 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <krb5_locl.h> + +RCSID("$Id: rd_req.c,v 1.38 1999/12/02 17:05:12 joda Exp $"); + +static krb5_error_code +decrypt_tkt_enc_part (krb5_context context, + krb5_keyblock *key, + EncryptedData *enc_part, + EncTicketPart *decr_part) +{ + krb5_error_code ret; + krb5_data plain; + size_t len; + krb5_crypto crypto; + + krb5_crypto_init(context, key, 0, &crypto); + ret = krb5_decrypt_EncryptedData (context, + crypto, + KRB5_KU_TICKET, + enc_part, + &plain); + krb5_crypto_destroy(context, crypto); + if (ret) + return ret; + + ret = krb5_decode_EncTicketPart(context, plain.data, plain.length, + decr_part, &len); + krb5_data_free (&plain); + return ret; +} + +static krb5_error_code +decrypt_authenticator (krb5_context context, + EncryptionKey *key, + EncryptedData *enc_part, + Authenticator *authenticator) +{ + krb5_error_code ret; + krb5_data plain; + size_t len; + krb5_crypto crypto; + + krb5_crypto_init(context, key, 0, &crypto); + ret = krb5_decrypt_EncryptedData (context, + crypto, + KRB5_KU_AP_REQ_AUTH, + enc_part, + &plain); + krb5_crypto_destroy(context, crypto); + if (ret) + return ret; + + ret = krb5_decode_Authenticator(context, plain.data, plain.length, + authenticator, &len); + krb5_data_free (&plain); + return ret; +} + +krb5_error_code +krb5_decode_ap_req(krb5_context context, + const krb5_data *inbuf, + krb5_ap_req *ap_req) +{ + krb5_error_code ret; + size_t len; + ret = decode_AP_REQ(inbuf->data, inbuf->length, ap_req, &len); + if (ret) + return ret; + if (ap_req->pvno != 5){ + free_AP_REQ(ap_req); + return KRB5KRB_AP_ERR_BADVERSION; + } + if (ap_req->msg_type != krb_ap_req){ + free_AP_REQ(ap_req); + return KRB5KRB_AP_ERR_MSG_TYPE; + } + if (ap_req->ticket.tkt_vno != 5){ + free_AP_REQ(ap_req); + return KRB5KRB_AP_ERR_BADVERSION; + } + return 0; +} + +krb5_error_code +krb5_decrypt_ticket(krb5_context context, + Ticket *ticket, + krb5_keyblock *key, + EncTicketPart *out, + krb5_flags flags) +{ + EncTicketPart t; + krb5_error_code ret; + ret = decrypt_tkt_enc_part (context, key, &ticket->enc_part, &t); + if (ret) + return ret; + + { + int32_t now; + time_t start = t.authtime; + + krb5_timeofday (context, &now); + if(t.starttime) + start = *t.starttime; + if(start - now > context->max_skew + || (t.flags.invalid + && !(flags & KRB5_VERIFY_AP_REQ_IGNORE_INVALID))) + return KRB5KRB_AP_ERR_TKT_NYV; + if(now - t.endtime > context->max_skew) + return KRB5KRB_AP_ERR_TKT_EXPIRED; + } + + if(out) + *out = t; + else + free_EncTicketPart(&t); + return 0; +} + +krb5_error_code +krb5_verify_authenticator_checksum(krb5_context context, + krb5_auth_context ac, + void *data, + size_t len) +{ + krb5_error_code ret; + krb5_keyblock *key; + krb5_authenticator authenticator; + krb5_crypto crypto; + + ret = krb5_auth_getauthenticator (context, + ac, + &authenticator); + if(ret) + return ret; + if(authenticator->cksum == NULL) + return -17; + ret = krb5_auth_con_getkey(context, ac, &key); + if(ret) { + krb5_free_authenticator(context, &authenticator); + return ret; + } + ret = krb5_crypto_init(context, key, 0, &crypto); + if(ret) + goto out; + ret = krb5_verify_checksum (context, + crypto, + KRB5_KU_AP_REQ_AUTH_CKSUM, + data, + len, + authenticator->cksum); + krb5_crypto_destroy(context, crypto); +out: + krb5_free_authenticator(context, &authenticator); + krb5_free_keyblock(context, key); + return ret; +} + +krb5_error_code +krb5_verify_ap_req(krb5_context context, + krb5_auth_context *auth_context, + krb5_ap_req *ap_req, + krb5_const_principal server, + krb5_keyblock *keyblock, + krb5_flags flags, + krb5_flags *ap_req_options, + krb5_ticket **ticket) +{ + krb5_ticket t; + krb5_auth_context ac; + krb5_error_code ret; + + if(auth_context){ + if(*auth_context == NULL){ + krb5_auth_con_init(context, &ac); + *auth_context = ac; + }else + ac = *auth_context; + }else + krb5_auth_con_init(context, &ac); + + if (ap_req->ap_options.use_session_key && ac->keyblock){ + ret = krb5_decrypt_ticket(context, &ap_req->ticket, + ac->keyblock, + &t.ticket, + flags); + krb5_free_keyblock(context, ac->keyblock); + ac->keyblock = NULL; + }else + ret = krb5_decrypt_ticket(context, &ap_req->ticket, + keyblock, + &t.ticket, + flags); + + if(ret) + return ret; + + principalname2krb5_principal(&t.server, ap_req->ticket.sname, + ap_req->ticket.realm); + principalname2krb5_principal(&t.client, t.ticket.cname, + t.ticket.crealm); + + /* save key */ + + krb5_copy_keyblock(context, &t.ticket.key, &ac->keyblock); + + ret = decrypt_authenticator (context, + &t.ticket.key, + &ap_req->authenticator, + ac->authenticator); + if (ret){ + /* XXX free data */ + return ret; + } + + { + krb5_principal p1, p2; + krb5_boolean res; + + principalname2krb5_principal(&p1, + ac->authenticator->cname, + ac->authenticator->crealm); + principalname2krb5_principal(&p2, + t.ticket.cname, + t.ticket.crealm); + res = krb5_principal_compare (context, p1, p2); + krb5_free_principal (context, p1); + krb5_free_principal (context, p2); + if (!res) + return KRB5KRB_AP_ERR_BADMATCH; + } + + /* check addresses */ + + if (t.ticket.caddr + && ac->remote_address + && !krb5_address_search (context, + ac->remote_address, + t.ticket.caddr)) + return KRB5KRB_AP_ERR_BADADDR; + + if (ac->authenticator->seq_number) + ac->remote_seqnumber = *ac->authenticator->seq_number; + + /* XXX - Xor sequence numbers */ + + /* XXX - subkeys? */ + /* And where should it be stored? */ + + if (ac->authenticator->subkey) { + krb5_copy_keyblock(context, + ac->authenticator->subkey, + &ac->remote_subkey); + } + + if (ap_req_options) { + *ap_req_options = 0; + if (ap_req->ap_options.use_session_key) + *ap_req_options |= AP_OPTS_USE_SESSION_KEY; + if (ap_req->ap_options.mutual_required) + *ap_req_options |= AP_OPTS_MUTUAL_REQUIRED; + } + + if(ticket){ + *ticket = malloc(sizeof(**ticket)); + **ticket = t; + } else + krb5_free_ticket (context, &t); + return 0; +} + + +krb5_error_code +krb5_rd_req_with_keyblock(krb5_context context, + krb5_auth_context *auth_context, + const krb5_data *inbuf, + krb5_const_principal server, + krb5_keyblock *keyblock, + krb5_flags *ap_req_options, + krb5_ticket **ticket) +{ + krb5_error_code ret; + krb5_ap_req ap_req; + + if (*auth_context == NULL) { + ret = krb5_auth_con_init(context, auth_context); + if (ret) + return ret; + } + + ret = krb5_decode_ap_req(context, inbuf, &ap_req); + if(ret) + return ret; + + ret = krb5_verify_ap_req(context, + auth_context, + &ap_req, + server, + keyblock, + 0, + ap_req_options, + ticket); + + free_AP_REQ(&ap_req); + return ret; +} + +static krb5_error_code +get_key_from_keytab(krb5_context context, + krb5_auth_context *auth_context, + krb5_ap_req *ap_req, + krb5_const_principal server, + krb5_keytab keytab, + krb5_keyblock **out) +{ + krb5_keytab_entry entry; + krb5_error_code ret; + int kvno; + krb5_keytab real_keytab; + + if(keytab == NULL) + krb5_kt_default(context, &real_keytab); + else + real_keytab = keytab; + + if (ap_req->ticket.enc_part.kvno) + kvno = *ap_req->ticket.enc_part.kvno; + else + kvno = 0; + + ret = krb5_kt_get_entry (context, + real_keytab, + server, + kvno, + ap_req->ticket.enc_part.etype, + &entry); + if(ret) + goto out; + ret = krb5_copy_keyblock(context, &entry.keyblock, out); + krb5_kt_free_entry (context, &entry); +out: + if(keytab == NULL) + krb5_kt_close(context, real_keytab); + + return ret; +} + +krb5_error_code +krb5_rd_req(krb5_context context, + krb5_auth_context *auth_context, + const krb5_data *inbuf, + krb5_const_principal server, + krb5_keytab keytab, + krb5_flags *ap_req_options, + krb5_ticket **ticket) +{ + krb5_error_code ret; + krb5_ap_req ap_req; + krb5_keyblock *keyblock = NULL; + krb5_principal service = NULL; + + if (*auth_context == NULL) { + ret = krb5_auth_con_init(context, auth_context); + if (ret) + return ret; + } + + ret = krb5_decode_ap_req(context, inbuf, &ap_req); + if(ret) + return ret; + + if(server == NULL){ + principalname2krb5_principal(&service, + ap_req.ticket.sname, + ap_req.ticket.realm); + server = service; + } + + if(ap_req.ap_options.use_session_key == 0 || + (*auth_context)->keyblock == NULL){ + ret = get_key_from_keytab(context, + auth_context, + &ap_req, + server, + keytab, + &keyblock); + if(ret) + goto out; + } + + + ret = krb5_verify_ap_req(context, + auth_context, + &ap_req, + server, + keyblock, + 0, + ap_req_options, + ticket); + + if(keyblock != NULL) + krb5_free_keyblock(context, keyblock); + +out: + free_AP_REQ(&ap_req); + if(service) + krb5_free_principal(context, service); + return ret; +} diff --git a/crypto/heimdal/lib/krb5/rd_safe.c b/crypto/heimdal/lib/krb5/rd_safe.c new file mode 100644 index 0000000..aebf215 --- /dev/null +++ b/crypto/heimdal/lib/krb5/rd_safe.c @@ -0,0 +1,172 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <krb5_locl.h> + +RCSID("$Id: rd_safe.c,v 1.18 1999/12/02 17:05:12 joda Exp $"); + +static krb5_error_code +verify_checksum(krb5_context context, + krb5_auth_context auth_context, + KRB_SAFE *safe) +{ + krb5_error_code ret; + u_char *buf; + size_t buf_size; + size_t len; + Checksum c; + krb5_crypto crypto; + + c = safe->cksum; + safe->cksum.cksumtype = 0; + safe->cksum.checksum.data = NULL; + safe->cksum.checksum.length = 0; + + + buf_size = length_KRB_SAFE(safe); + buf = malloc(buf_size); + + if (buf == NULL) { + ret = ENOMEM; + goto out; + } + + ret = encode_KRB_SAFE (buf + buf_size - 1, + buf_size, + safe, + &len); + krb5_crypto_init(context, auth_context->keyblock, 0, &crypto); + ret = krb5_verify_checksum (context, + crypto, + KRB5_KU_KRB_SAFE_CKSUM, + buf + buf_size - len, + len, + &c); + krb5_crypto_destroy(context, crypto); +out: + safe->cksum = c; + free (buf); + return ret; +} + +krb5_error_code +krb5_rd_safe(krb5_context context, + krb5_auth_context auth_context, + const krb5_data *inbuf, + krb5_data *outbuf, + /*krb5_replay_data*/ void *outdata) +{ + krb5_error_code ret; + KRB_SAFE safe; + size_t len; + + ret = decode_KRB_SAFE (inbuf->data, inbuf->length, &safe, &len); + if (ret) + return ret; + if (safe.pvno != 5) { + ret = KRB5KRB_AP_ERR_BADVERSION; + goto failure; + } + if (safe.msg_type != krb_safe) { + ret = KRB5KRB_AP_ERR_MSG_TYPE; + goto failure; + } + if (!krb5_checksum_is_keyed(context, safe.cksum.cksumtype) + || !krb5_checksum_is_collision_proof(context, safe.cksum.cksumtype)) { + ret = KRB5KRB_AP_ERR_INAPP_CKSUM; + goto failure; + } + + /* check sender address */ + + if (safe.safe_body.s_address + && auth_context->remote_address + && !krb5_address_compare (context, + auth_context->remote_address, + safe.safe_body.s_address)) { + ret = KRB5KRB_AP_ERR_BADADDR; + goto failure; + } + + /* check receiver address */ + + if (safe.safe_body.r_address + && auth_context->local_address + && !krb5_address_compare (context, + auth_context->local_address, + safe.safe_body.r_address)) { + ret = KRB5KRB_AP_ERR_BADADDR; + goto failure; + } + + /* check timestamp */ + if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_TIME) { + int32_t sec; + + krb5_timeofday (context, &sec); + + if (safe.safe_body.timestamp == NULL || + safe.safe_body.usec == NULL || + abs(*safe.safe_body.timestamp - sec) > context->max_skew) { + ret = KRB5KRB_AP_ERR_SKEW; + goto failure; + } + } + /* XXX - check replay cache */ + + /* check sequence number */ + if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) { + if (safe.safe_body.seq_number == NULL || + *safe.safe_body.seq_number != ++auth_context->remote_seqnumber) { + ret = KRB5KRB_AP_ERR_BADORDER; + goto failure; + } + } + + ret = verify_checksum (context, auth_context, &safe); + if (ret) + goto failure; + + outbuf->length = safe.safe_body.user_data.length; + outbuf->data = malloc(outbuf->length); + if (outbuf->data == NULL) { + ret = ENOMEM; + goto failure; + } + memcpy (outbuf->data, safe.safe_body.user_data.data, outbuf->length); + free_KRB_SAFE (&safe); + return 0; +failure: + free_KRB_SAFE (&safe); + return ret; +} diff --git a/crypto/heimdal/lib/krb5/read_message.c b/crypto/heimdal/lib/krb5/read_message.c new file mode 100644 index 0000000..f2cae03 --- /dev/null +++ b/crypto/heimdal/lib/krb5/read_message.c @@ -0,0 +1,63 @@ +/* + * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: read_message.c,v 1.5 1999/12/02 17:05:12 joda Exp $"); + +krb5_error_code +krb5_read_message (krb5_context context, + krb5_pointer p_fd, + krb5_data *data) +{ + krb5_error_code ret; + u_int32_t len; + u_int8_t buf[4]; + + ret = krb5_net_read (context, p_fd, buf, 4); + if(ret == -1) + return errno; + if(ret < 4) { + data->length = 0; + return 0; + } + len = (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3]; + ret = krb5_data_alloc (data, len); + if (ret) + return ret; + if (krb5_net_read (context, p_fd, data->data, len) != len) { + krb5_data_free (data); + return errno; + } + return 0; +} diff --git a/crypto/heimdal/lib/krb5/recvauth.c b/crypto/heimdal/lib/krb5/recvauth.c new file mode 100644 index 0000000..49fe7b6 --- /dev/null +++ b/crypto/heimdal/lib/krb5/recvauth.c @@ -0,0 +1,190 @@ +/* + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: recvauth.c,v 1.12 1999/12/02 17:05:12 joda Exp $"); + +/* + * See `sendauth.c' for the format. + */ + +static krb5_boolean +match_exact(void *data, const char *appl_version) +{ + return strcmp(data, appl_version) == 0; +} + +krb5_error_code +krb5_recvauth(krb5_context context, + krb5_auth_context *auth_context, + krb5_pointer p_fd, + char *appl_version, + krb5_principal server, + int32_t flags, + krb5_keytab keytab, + krb5_ticket **ticket) +{ + return krb5_recvauth_match_version(context, auth_context, p_fd, + match_exact, appl_version, + server, flags, + keytab, ticket); +} + +krb5_error_code +krb5_recvauth_match_version(krb5_context context, + krb5_auth_context *auth_context, + krb5_pointer p_fd, + krb5_boolean (*match_appl_version)(void *, + const char*), + void *match_data, + krb5_principal server, + int32_t flags, + krb5_keytab keytab, + krb5_ticket **ticket) +{ + krb5_error_code ret; + const char *version = KRB5_SENDAUTH_VERSION; + char her_version[sizeof(KRB5_SENDAUTH_VERSION)]; + char *her_appl_version; + u_int32_t len; + u_char repl; + krb5_data data; + krb5_flags ap_options; + ssize_t n; + + /* + * If there are no addresses in auth_context, get them from `fd'. + */ + + if (*auth_context == NULL) { + ret = krb5_auth_con_init (context, auth_context); + if (ret) + return ret; + } + + ret = krb5_auth_con_setaddrs_from_fd (context, + *auth_context, + p_fd); + if (ret) + return ret; + + if(!(flags & KRB5_RECVAUTH_IGNORE_VERSION)) { + n = krb5_net_read (context, p_fd, &len, 4); + if (n < 0) + return errno; + if (n == 0) + return KRB5_SENDAUTH_BADAUTHVERS; + len = ntohl(len); + if (len != sizeof(her_version) + || krb5_net_read (context, p_fd, her_version, len) != len + || strncmp (version, her_version, len)) { + repl = 1; + krb5_net_write (context, p_fd, &repl, 1); + return KRB5_SENDAUTH_BADAUTHVERS; + } + } + + n = krb5_net_read (context, p_fd, &len, 4); + if (n < 0) + return errno; + if (n == 0) + return KRB5_SENDAUTH_BADAPPLVERS; + len = ntohl(len); + her_appl_version = malloc (len); + if (her_appl_version == NULL) { + repl = 2; + krb5_net_write (context, p_fd, &repl, 1); + return ENOMEM; + } + if (krb5_net_read (context, p_fd, her_appl_version, len) != len + || !(*match_appl_version)(match_data, her_appl_version)) { + repl = 2; + krb5_net_write (context, p_fd, &repl, 1); + free (her_appl_version); + return KRB5_SENDAUTH_BADAPPLVERS; + } + free (her_appl_version); + + repl = 0; + if (krb5_net_write (context, p_fd, &repl, 1) != 1) + return errno; + + krb5_data_zero (&data); + ret = krb5_read_message (context, p_fd, &data); + if (ret) + return ret; + + ret = krb5_rd_req (context, + auth_context, + &data, + server, + keytab, + &ap_options, + ticket); + krb5_data_free (&data); + if (ret) { + krb5_data error_data; + krb5_error_code ret2; + + ret2 = krb5_mk_error (context, + ret, + NULL, + NULL, + NULL, + server, + 0, + &error_data); + if (ret2 == 0) { + krb5_write_message (context, p_fd, &error_data); + krb5_data_free (&error_data); + } + return ret; + } + + len = 0; + if (krb5_net_write (context, p_fd, &len, 4) != 4) + return errno; + + if (ap_options & AP_OPTS_MUTUAL_REQUIRED) { + ret = krb5_mk_rep (context, auth_context, &data); + if (ret) + return ret; + + ret = krb5_write_message (context, p_fd, &data); + if (ret) + return ret; + krb5_data_free (&data); + } + return 0; +} diff --git a/crypto/heimdal/lib/krb5/replay.c b/crypto/heimdal/lib/krb5/replay.c new file mode 100644 index 0000000..5adc3db --- /dev/null +++ b/crypto/heimdal/lib/krb5/replay.c @@ -0,0 +1,224 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +struct krb5_rcache_data { + char *name; +}; + +krb5_error_code +krb5_rc_resolve(krb5_context context, + krb5_rcache id, + const char *name) +{ + id->name = strdup(name); + if(id->name == NULL) + return KRB5_RC_MALLOC; + return 0; +} + +krb5_error_code +krb5_rc_resolve_type(krb5_context context, + krb5_rcache *id, + const char *type) +{ + if(strcmp(type, "FILE")) + return KRB5_RC_TYPE_NOTFOUND; + *id = calloc(1, sizeof(**id)); + if(*id == NULL) + return KRB5_RC_MALLOC; + return 0; +} + +krb5_error_code +krb5_rc_resolve_full(krb5_context context, + krb5_rcache *id, + const char *string_name) +{ + krb5_error_code ret; + if(strncmp(string_name, "FILE:", 5)) + return KRB5_RC_TYPE_NOTFOUND; + ret = krb5_rc_resolve_type(context, id, "FILE"); + if(ret) + return ret; + ret = krb5_rc_resolve(context, *id, string_name + 5); + return ret; +} + +const char * +krb5_rc_default_name(krb5_context context) +{ + return "FILE:/var/run/default_rcache"; +} + +krb5_error_code +krb5_rc_default(krb5_context context, + krb5_rcache *id) +{ + return krb5_rc_resolve_full(context, id, krb5_rc_default_name(context)); +} + +struct rc_entry{ + time_t stamp; + unsigned char data[16]; +}; + +krb5_error_code +krb5_rc_initialize(krb5_context context, + krb5_rcache id, + krb5_deltat auth_lifespan) +{ + FILE *f = fopen(id->name, "w"); + struct rc_entry tmp; + if(f == NULL) + return errno; + tmp.stamp = auth_lifespan; + fwrite(&tmp, 1, sizeof(tmp), f); + fclose(f); + return 0; +} + +krb5_error_code +krb5_rc_recover(krb5_context context, + krb5_rcache id) +{ + return 0; +} + +krb5_error_code +krb5_rc_destroy(krb5_context context, + krb5_rcache id) +{ + if(remove(id->name) < 0) + return errno; + return krb5_rc_close(context, id); +} + +krb5_error_code +krb5_rc_close(krb5_context context, + krb5_rcache id) +{ + free(id->name); + free(id); + return 0; +} + +static void +checksum_authenticator(Authenticator *auth, void *data) +{ + struct md5 md5; + int i; + md5_init(&md5); + md5_update(&md5, auth->crealm, strlen(auth->crealm)); + for(i = 0; i < auth->cname.name_string.len; i++) + md5_update(&md5, auth->cname.name_string.val[i], + strlen(auth->cname.name_string.val[i])); + md5_update(&md5, &auth->ctime, sizeof(auth->ctime)); + md5_update(&md5, &auth->cusec, sizeof(auth->cusec)); + md5_finito(&md5, data); +} + +krb5_error_code +krb5_rc_store(krb5_context context, + krb5_rcache id, + krb5_donot_reply *rep) +{ + struct rc_entry ent, tmp; + time_t t; + FILE *f; + ent.stamp = time(NULL); + checksum_authenticator(rep, ent.data); + f = fopen(id->name, "r"); + if(f == NULL) + return errno; + fread(&tmp, sizeof(ent), 1, f); + t = ent.stamp - tmp.stamp; + while(fread(&tmp, sizeof(ent), 1, f)){ + if(tmp.stamp < t) + continue; + if(memcmp(tmp.data, ent.data, sizeof(ent.data)) == 0){ + fclose(f); + return KRB5_RC_REPLAY; + } + } + if(ferror(f)){ + fclose(f); + return errno; + } + fclose(f); + f = fopen(id->name, "a"); + if(f == NULL) + return KRB5_RC_IO_UNKNOWN; + fwrite(&ent, 1, sizeof(ent), f); + fclose(f); + return 0; +} + +krb5_error_code +krb5_rc_expunge(krb5_context context, + krb5_rcache id) +{ + return 0; +} + +krb5_error_code +krb5_rc_get_lifespan(krb5_context context, + krb5_rcache id, + krb5_deltat *auth_lifespan) +{ + FILE *f = fopen(id->name, "r"); + int r; + struct rc_entry ent; + r = fread(&ent, sizeof(ent), 1, f); + fclose(f); + if(r){ + *auth_lifespan = ent.stamp; + return 0; + } + return KRB5_RC_IO_UNKNOWN; +} +const char* +krb5_rc_get_name(krb5_context context, + krb5_rcache id) +{ + return id->name; +} + +const char* +krb5_rc_get_type(krb5_context context, + krb5_rcache id) +{ + return "FILE"; +} + diff --git a/crypto/heimdal/lib/krb5/send_to_kdc.c b/crypto/heimdal/lib/krb5/send_to_kdc.c new file mode 100644 index 0000000..2872322 --- /dev/null +++ b/crypto/heimdal/lib/krb5/send_to_kdc.c @@ -0,0 +1,395 @@ +/* + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: send_to_kdc.c,v 1.36 2000/01/06 07:59:11 assar Exp $"); + +/* + * send the data in `req' on the socket `fd' (which is datagram iff udp) + * waiting `tmout' for a reply and returning the reply in `rep'. + * iff limit read up to this many bytes + * returns 0 and data in `rep' if succesful, otherwise -1 + */ + +static int +recv_loop (int fd, + time_t tmout, + int udp, + size_t limit, + krb5_data *rep) +{ + fd_set fdset; + struct timeval timeout; + int ret; + int nbytes; + + krb5_data_zero(rep); + do { + FD_ZERO(&fdset); + FD_SET(fd, &fdset); + timeout.tv_sec = tmout; + timeout.tv_usec = 0; + ret = select (fd + 1, &fdset, NULL, NULL, &timeout); + if (ret < 0) { + if (errno == EINTR) + continue; + return -1; + } else if (ret == 0) { + return 0; + } else { + void *tmp; + + if (ioctl (fd, FIONREAD, &nbytes) < 0) { + krb5_data_free (rep); + return -1; + } + if(nbytes == 0) + return 0; + + if (limit) + nbytes = min(nbytes, limit - rep->length); + + tmp = realloc (rep->data, rep->length + nbytes); + if (tmp == NULL) { + krb5_data_free (rep); + return -1; + } + rep->data = tmp; + ret = recv (fd, (char*)tmp + rep->length, nbytes, 0); + if (ret < 0) { + krb5_data_free (rep); + return -1; + } + rep->length += ret; + } + } while(!udp && (limit == 0 || rep->length < limit)); + return 0; +} + +/* + * Send kerberos requests and receive a reply on a udp or any other kind + * of a datagram socket. See `recv_loop'. + */ + +static int +send_and_recv_udp(int fd, + time_t tmout, + const krb5_data *req, + krb5_data *rep) +{ + if (send (fd, req->data, req->length, 0) < 0) + return -1; + + return recv_loop(fd, tmout, 1, 0, rep); +} + +/* + * `send_and_recv' for a TCP (or any other stream) socket. + * Since there are no record limits on a stream socket the protocol here + * is to prepend the request with 4 bytes of its length and the reply + * is similarly encoded. + */ + +static int +send_and_recv_tcp(int fd, + time_t tmout, + const krb5_data *req, + krb5_data *rep) +{ + unsigned char len[4]; + unsigned long rep_len; + krb5_data len_data; + + _krb5_put_int(len, req->length, 4); + if(net_write(fd, len, sizeof(len)) < 0) + return -1; + if(net_write(fd, req->data, req->length) < 0) + return -1; + if (recv_loop (fd, tmout, 0, 4, &len_data) < 0) + return -1; + if (len_data.length != 4) { + krb5_data_free (&len_data); + return -1; + } + _krb5_get_int(len_data.data, &rep_len, 4); + krb5_data_free (&len_data); + if (recv_loop (fd, tmout, 0, rep_len, rep) < 0) + return -1; + if(rep->length != rep_len) { + krb5_data_free (rep); + return -1; + } + return 0; +} + +/* + * `send_and_recv' tailored for the HTTP protocol. + */ + +static int +send_and_recv_http(int fd, + time_t tmout, + const char *prefix, + const krb5_data *req, + krb5_data *rep) +{ + char *request; + char *str; + int ret; + int len = base64_encode(req->data, req->length, &str); + + if(len < 0) + return -1; + asprintf(&request, "GET %s%s HTTP/1.0\r\n\r\n", prefix, str); + free(str); + if (request == NULL) + return -1; + ret = net_write (fd, request, strlen(request)); + free (request); + if (ret < 0) + return ret; + ret = recv_loop(fd, tmout, 0, 0, rep); + if(ret) + return ret; + { + unsigned long rep_len; + char *s, *p; + + s = realloc(rep->data, rep->length + 1); + if (s == NULL) { + krb5_data_free (rep); + return -1; + } + s[rep->length] = 0; + p = strstr(s, "\r\n\r\n"); + if(p == NULL) { + free(s); + return -1; + } + p += 4; + rep->data = s; + rep->length -= p - s; + if(rep->length < 4) { /* remove length */ + free(s); + return -1; + } + rep->length -= 4; + _krb5_get_int(p, &rep_len, 4); + if (rep_len != rep->length) { + free(s); + return -1; + } + memmove(rep->data, p + 4, rep->length); + } + return 0; +} + +static int +init_port(const char *s, int fallback) +{ + if (s) { + int tmp; + + sscanf (s, "%d", &tmp); + return htons(tmp); + } else + return fallback; +} + +/* + * Return 0 if succesful, otherwise 1 + */ + +static int +send_via_proxy (krb5_context context, + const char *hostname, + const krb5_data *send, + krb5_data *receive) +{ + char *proxy = strdup(context->http_proxy); + char *prefix; + char *colon; + struct addrinfo hints; + struct addrinfo *ai, *a; + int ret; + int s; + char portstr[NI_MAXSERV]; + + colon = strchr(proxy, ':'); + if(colon != NULL) + *colon++ = '\0'; + memset (&hints, 0, sizeof(hints)); + hints.ai_family = PF_UNSPEC; + hints.ai_socktype = SOCK_STREAM; + snprintf (portstr, sizeof(portstr), "%d", + ntohs(init_port (colon, htons(80)))); + ret = getaddrinfo (proxy, portstr, NULL, &ai); + free (proxy); + if (ret) + return ret; + + for (a = ai; a != NULL; a = a->ai_next) { + s = socket (a->ai_family, a->ai_socktype, a->ai_protocol); + if (s < 0) + continue; + if (connect (s, a->ai_addr, a->ai_addrlen) < 0) { + close (s); + continue; + } + break; + } + if (a == NULL) { + freeaddrinfo (ai); + return 1; + } + freeaddrinfo (ai); + + asprintf(&prefix, "http://%s/", hostname); + if(prefix == NULL) { + close(s); + return 1; + } + ret = send_and_recv_http(s, context->kdc_timeout, + prefix, send, receive); + close (s); + free(prefix); + if(ret == 0 && receive->length != 0) + return 0; + return 1; +} + +/* + * Send the data `send' to one KDC in `realm' and get back the reply + * in `receive'. + */ + +krb5_error_code +krb5_sendto_kdc (krb5_context context, + const krb5_data *send, + const krb5_realm *realm, + krb5_data *receive) +{ + krb5_error_code ret; + char **hostlist, **hp, *p; + int fd; + int port; + int i; + + port = krb5_getportbyname (context, "kerberos", "udp", 88); + + if (context->use_admin_kdc) + ret = krb5_get_krb_admin_hst (context, realm, &hostlist); + else + ret = krb5_get_krbhst (context, realm, &hostlist); + if (ret) + return ret; + + for (i = 0; i < context->max_retries; ++i) + for (hp = hostlist; (p = *hp); ++hp) { + char *colon; + int http_flag = 0; + int tcp_flag = 0; + struct addrinfo *ai, *a; + struct addrinfo hints; + char portstr[NI_MAXSERV]; + + if(strncmp(p, "http://", 7) == 0){ + p += 7; + http_flag = 1; + port = htons(80); + } else if(strncmp(p, "http/", 5) == 0) { + p += 5; + http_flag = 1; + port = htons(80); + }else if(strncmp(p, "tcp/", 4) == 0){ + p += 4; + tcp_flag = 1; + } else if(strncmp(p, "udp/", 4) == 0) { + p += 4; + } + if(http_flag && context->http_proxy) { + if (send_via_proxy (context, p, send, receive)) + continue; + else + goto out; + } + colon = strchr (p, ':'); + if (colon) + *colon++ = '\0'; + + memset (&hints, 0, sizeof(hints)); + hints.ai_family = PF_UNSPEC; + if (tcp_flag || http_flag) + hints.ai_socktype = SOCK_STREAM; + else + hints.ai_socktype = SOCK_DGRAM; + snprintf (portstr, sizeof(portstr), "%d", + ntohs(init_port (colon, port))); + ret = getaddrinfo (p, portstr, &hints, &ai); + if (ret) + continue; + for (a = ai; a != NULL; a = a->ai_next) { + fd = socket (a->ai_family, a->ai_socktype, a->ai_protocol); + if (fd < 0) + continue; + if (connect (fd, a->ai_addr, a->ai_addrlen) < 0) { + close (fd); + continue; + } + break; + } + if (a == NULL) { + freeaddrinfo (ai); + continue; + } + freeaddrinfo (ai); + + if(http_flag) + ret = send_and_recv_http(fd, context->kdc_timeout, + "", send, receive); + else if(tcp_flag) + ret = send_and_recv_tcp (fd, context->kdc_timeout, + send, receive); + else + ret = send_and_recv_udp (fd, context->kdc_timeout, + send, receive); + close (fd); + if(ret == 0 && receive->length != 0) + goto out; + } + ret = KRB5_KDC_UNREACH; +out: + krb5_free_krbhst (context, hostlist); + return ret; +} diff --git a/crypto/heimdal/lib/krb5/sendauth.c b/crypto/heimdal/lib/krb5/sendauth.c new file mode 100644 index 0000000..b9e8dd0 --- /dev/null +++ b/crypto/heimdal/lib/krb5/sendauth.c @@ -0,0 +1,208 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: sendauth.c,v 1.17 1999/12/02 17:05:12 joda Exp $"); + +/* + * The format seems to be: + * client -> server + * + * 4 bytes - length + * KRB5_SENDAUTH_V1.0 (including zero) + * 4 bytes - length + * protocol string (with terminating zero) + * + * server -> client + * 1 byte - (0 = OK, else some kind of error) + * + * client -> server + * 4 bytes - length + * AP-REQ + * + * server -> client + * 4 bytes - length (0 = OK, else length of error) + * (error) + * + * if(mutual) { + * server -> client + * 4 bytes - length + * AP-REP + * } + */ + +krb5_error_code +krb5_sendauth(krb5_context context, + krb5_auth_context *auth_context, + krb5_pointer p_fd, + const char *appl_version, + krb5_principal client, + krb5_principal server, + krb5_flags ap_req_options, + krb5_data *in_data, + krb5_creds *in_creds, + krb5_ccache ccache, + krb5_error **ret_error, + krb5_ap_rep_enc_part **rep_result, + krb5_creds **out_creds) +{ + krb5_error_code ret; + u_int32_t len, net_len; + const char *version = KRB5_SENDAUTH_VERSION; + u_char repl; + krb5_data ap_req, error_data; + krb5_creds this_cred; + krb5_principal this_client = NULL; + krb5_creds *creds; + ssize_t sret; + + len = strlen(version) + 1; + net_len = htonl(len); + if (krb5_net_write (context, p_fd, &net_len, 4) != 4 + || krb5_net_write (context, p_fd, version, len) != len) + return errno; + + len = strlen(appl_version) + 1; + net_len = htonl(len); + if (krb5_net_write (context, p_fd, &net_len, 4) != 4 + || krb5_net_write (context, p_fd, appl_version, len) != len) + return errno; + + sret = krb5_net_read (context, p_fd, &repl, sizeof(repl)); + if (sret < 0) + return errno; + else if (sret != sizeof(repl)) + return KRB5_SENDAUTH_BADRESPONSE; + + if (repl != 0) + return KRB5_SENDAUTH_REJECTED; + + if (in_creds == NULL) { + if (ccache == NULL) { + ret = krb5_cc_default (context, &ccache); + if (ret) + return ret; + } + + if (client == NULL) { + ret = krb5_cc_get_principal (context, ccache, &this_client); + if (ret) + return ret; + client = this_client; + } + memset(&this_cred, 0, sizeof(this_cred)); + this_cred.client = client; + this_cred.server = server; + this_cred.times.endtime = 0; + this_cred.ticket.length = 0; + in_creds = &this_cred; + } + if (in_creds->ticket.length == 0) { + ret = krb5_get_credentials (context, 0, ccache, in_creds, &creds); + if (ret) + return ret; + } else { + creds = in_creds; + } + ret = krb5_mk_req_extended (context, + auth_context, + ap_req_options, + in_data, + creds, + &ap_req); + + if (out_creds) + *out_creds = creds; + else + krb5_free_creds(context, creds); + if(this_client) + krb5_free_principal(context, this_client); + + if (ret) + return ret; + + ret = krb5_write_message (context, + p_fd, + &ap_req); + if (ret) + return ret; + + krb5_data_free (&ap_req); + + ret = krb5_read_message (context, p_fd, &error_data); + if (ret) + return ret; + + if (error_data.length != 0) { + KRB_ERROR error; + + ret = krb5_rd_error (context, &error_data, &error); + krb5_data_free (&error_data); + if (ret == 0) { + if (ret_error != NULL) { + *ret_error = malloc (sizeof(krb5_error)); + if (*ret_error == NULL) { + free_KRB_ERROR(&error); + } else { + **ret_error = error; + } + } else { + free_KRB_ERROR(&error); + } + return error.error_code; + } else + return ret; + } + + if (ap_req_options & AP_OPTS_MUTUAL_REQUIRED) { + krb5_data ap_rep; + krb5_ap_rep_enc_part *ignore; + + krb5_data_zero (&ap_rep); + ret = krb5_read_message (context, + p_fd, + &ap_rep); + if (ret) + return ret; + + ret = krb5_rd_rep (context, *auth_context, &ap_rep, + rep_result ? rep_result : &ignore); + if (ret) + return ret; + if (rep_result == NULL) + krb5_free_ap_rep_enc_part (context, ignore); + krb5_data_free (&ap_rep); + } + return 0; +} diff --git a/crypto/heimdal/lib/krb5/set_default_realm.c b/crypto/heimdal/lib/krb5/set_default_realm.c new file mode 100644 index 0000000..b917a92 --- /dev/null +++ b/crypto/heimdal/lib/krb5/set_default_realm.c @@ -0,0 +1,87 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: set_default_realm.c,v 1.11 1999/12/02 17:05:12 joda Exp $"); + +/* + * Convert the simple string `s' into a NULL-terminated and freshly allocated + * list in `list'. Return an error code. + */ + +static krb5_error_code +string_to_list (const char *s, krb5_realm **list) +{ + + *list = malloc (2 * sizeof(**list)); + if (*list == NULL) + return ENOMEM; + (*list)[0] = strdup (s); + if ((*list)[0] == NULL) { + free (*list); + return ENOMEM; + } + (*list)[1] = NULL; + return 0; +} + +/* + * Set the knowledge of the default realm(s) in `context'. + * If realm != NULL, that's the new default realm. + * Otherwise, the realm(s) are figured out from configuration or DNS. + */ + +krb5_error_code +krb5_set_default_realm(krb5_context context, + char *realm) +{ + krb5_error_code ret = 0; + krb5_realm *realms = NULL; + + if (realm == NULL) { + realms = krb5_config_get_strings (context, NULL, + "libdefaults", + "default_realm", + NULL); + if (realms == NULL) + ret = krb5_get_host_realm(context, NULL, &realms); + } else { + ret = string_to_list (realm, &realms); + } + if (ret) + return ret; + krb5_free_host_realm (context, context->default_realms); + context->default_realms = realms; + return 0; +} diff --git a/crypto/heimdal/lib/krb5/sock_principal.c b/crypto/heimdal/lib/krb5/sock_principal.c new file mode 100644 index 0000000..bfd4eb4 --- /dev/null +++ b/crypto/heimdal/lib/krb5/sock_principal.c @@ -0,0 +1,74 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: sock_principal.c,v 1.9 1999/12/02 17:05:12 joda Exp $"); + +krb5_error_code +krb5_sock_to_principal (krb5_context context, + int sock, + const char *sname, + int32_t type, + krb5_principal *ret_princ) +{ + krb5_error_code ret; + krb5_address address; + struct sockaddr_storage __ss; + struct sockaddr *sa = (struct sockaddr *)&__ss; + int len = sizeof(__ss); + struct hostent *hostent; + int family; + char hname[256]; + + if (getsockname (sock, sa, &len) < 0) + return errno; + family = sa->sa_family; + + ret = krb5_sockaddr2address (sa, &address); + if (ret) + return ret; + + hostent = roken_gethostbyaddr (address.address.data, + address.address.length, + family); + + if (hostent == NULL) + return h_errno; + strlcpy(hname, hostent->h_name, sizeof(hname)); + return krb5_sname_to_principal (context, + hname, + sname, + type, + ret_princ); +} diff --git a/crypto/heimdal/lib/krb5/store.c b/crypto/heimdal/lib/krb5/store.c new file mode 100644 index 0000000..17b1547 --- /dev/null +++ b/crypto/heimdal/lib/krb5/store.c @@ -0,0 +1,609 @@ +/* + * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: store.c,v 1.32 1999/12/02 17:05:12 joda Exp $"); + +void +krb5_storage_set_flags(krb5_storage *sp, krb5_flags flags) +{ + sp->flags |= flags; +} + +void +krb5_storage_clear_flags(krb5_storage *sp, krb5_flags flags) +{ + sp->flags &= ~flags; +} + +krb5_boolean +krb5_storage_is_flags(krb5_storage *sp, krb5_flags flags) +{ + return (sp->flags & flags) == flags; +} + +ssize_t +_krb5_put_int(void *buffer, unsigned long value, size_t size) +{ + unsigned char *p = buffer; + int i; + for (i = size - 1; i >= 0; i--) { + p[i] = value & 0xff; + value >>= 8; + } + return size; +} + +ssize_t +_krb5_get_int(void *buffer, unsigned long *value, size_t size) +{ + unsigned char *p = buffer; + unsigned long v = 0; + int i; + for (i = 0; i < size; i++) + v = (v << 8) + p[i]; + *value = v; + return size; +} + +krb5_error_code +krb5_storage_free(krb5_storage *sp) +{ + if(sp->free) + (*sp->free)(sp); + free(sp->data); + free(sp); + return 0; +} + +krb5_error_code +krb5_storage_to_data(krb5_storage *sp, krb5_data *data) +{ + off_t pos; + size_t size; + krb5_error_code ret; + + pos = sp->seek(sp, 0, SEEK_CUR); + size = (size_t)sp->seek(sp, 0, SEEK_END); + ret = krb5_data_alloc (data, size); + if (ret) { + sp->seek(sp, pos, SEEK_SET); + return ret; + } + if (size) { + sp->seek(sp, 0, SEEK_SET); + sp->fetch(sp, data->data, data->length); + sp->seek(sp, pos, SEEK_SET); + } + return 0; +} + +static krb5_error_code +krb5_store_int(krb5_storage *sp, + int32_t value, + size_t len) +{ + int ret; + unsigned char v[4]; + + _krb5_put_int(v, value, len); + ret = sp->store(sp, v, len); + if (ret != len) + return (ret<0)?errno:KRB5_CC_END; + return 0; +} + +krb5_error_code +krb5_store_int32(krb5_storage *sp, + int32_t value) +{ + if(krb5_storage_is_flags(sp, KRB5_STORAGE_HOST_BYTEORDER)) + value = htonl(value); + return krb5_store_int(sp, value, 4); +} + +static krb5_error_code +krb5_ret_int(krb5_storage *sp, + int32_t *value, + size_t len) +{ + int ret; + unsigned char v[4]; + unsigned long w; + ret = sp->fetch(sp, v, len); + if(ret != len) + return (ret<0)?errno:KRB5_CC_END; + _krb5_get_int(v, &w, len); + *value = w; + return 0; +} + +krb5_error_code +krb5_ret_int32(krb5_storage *sp, + int32_t *value) +{ + krb5_error_code ret = krb5_ret_int(sp, value, 4); + if(ret) + return ret; + if(krb5_storage_is_flags(sp, KRB5_STORAGE_HOST_BYTEORDER)) + *value = ntohl(*value); + return 0; +} + +krb5_error_code +krb5_store_int16(krb5_storage *sp, + int16_t value) +{ + if(krb5_storage_is_flags(sp, KRB5_STORAGE_HOST_BYTEORDER)) + value = htons(value); + return krb5_store_int(sp, value, 2); +} + +krb5_error_code +krb5_ret_int16(krb5_storage *sp, + int16_t *value) +{ + int32_t v; + int ret; + ret = krb5_ret_int(sp, &v, 2); + if(ret) + return ret; + *value = v; + if(krb5_storage_is_flags(sp, KRB5_STORAGE_HOST_BYTEORDER)) + *value = ntohs(*value); + return 0; +} + +krb5_error_code +krb5_store_int8(krb5_storage *sp, + int8_t value) +{ + int ret; + + ret = sp->store(sp, &value, sizeof(value)); + if (ret != sizeof(value)) + return (ret<0)?errno:KRB5_CC_END; + return 0; +} + +krb5_error_code +krb5_ret_int8(krb5_storage *sp, + int8_t *value) +{ + int ret; + + ret = sp->fetch(sp, value, sizeof(*value)); + if (ret != sizeof(*value)) + return (ret<0)?errno:KRB5_CC_END; + return 0; +} + +krb5_error_code +krb5_store_data(krb5_storage *sp, + krb5_data data) +{ + int ret; + ret = krb5_store_int32(sp, data.length); + if(ret < 0) + return ret; + ret = sp->store(sp, data.data, data.length); + if(ret != data.length){ + if(ret < 0) + return errno; + return KRB5_CC_END; + } + return 0; +} + +krb5_error_code +krb5_ret_data(krb5_storage *sp, + krb5_data *data) +{ + int ret; + int32_t size; + + ret = krb5_ret_int32(sp, &size); + if(ret) + return ret; + ret = krb5_data_alloc (data, size); + if (ret) + return ret; + if (size) { + ret = sp->fetch(sp, data->data, size); + if(ret != size) + return (ret < 0)? errno : KRB5_CC_END; + } + return 0; +} + +krb5_error_code +krb5_store_string(krb5_storage *sp, const char *s) +{ + krb5_data data; + data.length = strlen(s); + data.data = (void*)s; + return krb5_store_data(sp, data); +} + +krb5_error_code +krb5_ret_string(krb5_storage *sp, + char **string) +{ + int ret; + krb5_data data; + ret = krb5_ret_data(sp, &data); + if(ret) + return ret; + *string = realloc(data.data, data.length + 1); + if(*string == NULL){ + free(data.data); + return ENOMEM; + } + (*string)[data.length] = 0; + return 0; +} + +krb5_error_code +krb5_store_stringz(krb5_storage *sp, + char *s) +{ + size_t len = strlen(s) + 1; + ssize_t ret; + + ret = sp->store(sp, s, len); + if(ret != len) { + if(ret < 0) + return ret; + else + return KRB5_CC_END; + } + return 0; +} + +krb5_error_code +krb5_ret_stringz(krb5_storage *sp, + char **string) +{ + char c; + char *s = NULL; + size_t len = 0; + ssize_t ret; + + while((ret = sp->fetch(sp, &c, 1)) == 1){ + char *tmp; + + len++; + tmp = realloc (s, len); + if (tmp == NULL) { + free (s); + return ENOMEM; + } + s = tmp; + s[len - 1] = c; + if(c == 0) + break; + } + if(ret != 1){ + free(s); + if(ret == 0) + return KRB5_CC_END; + return ret; + } + *string = s; + return 0; +} + + +krb5_error_code +krb5_store_principal(krb5_storage *sp, + krb5_principal p) +{ + int i; + int ret; + + if(!krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE)) { + ret = krb5_store_int32(sp, p->name.name_type); + if(ret) return ret; + } + if(krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS)) + ret = krb5_store_int32(sp, p->name.name_string.len + 1); + else + ret = krb5_store_int32(sp, p->name.name_string.len); + + if(ret) return ret; + ret = krb5_store_string(sp, p->realm); + if(ret) return ret; + for(i = 0; i < p->name.name_string.len; i++){ + ret = krb5_store_string(sp, p->name.name_string.val[i]); + if(ret) return ret; + } + return 0; +} + +krb5_error_code +krb5_ret_principal(krb5_storage *sp, + krb5_principal *princ) +{ + int i; + int ret; + krb5_principal p; + int32_t type; + int32_t ncomp; + + p = calloc(1, sizeof(*p)); + if(p == NULL) + return ENOMEM; + + if(krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_NO_NAME_TYPE)) + type = KRB5_NT_UNKNOWN; + else if((ret = krb5_ret_int32(sp, &type))){ + free(p); + return ret; + } + if((ret = krb5_ret_int32(sp, &ncomp))){ + free(p); + return ret; + } + if(krb5_storage_is_flags(sp, KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS)) + ncomp--; + p->name.name_type = type; + p->name.name_string.len = ncomp; + ret = krb5_ret_string(sp, &p->realm); + if(ret) return ret; + p->name.name_string.val = calloc(ncomp, sizeof(*p->name.name_string.val)); + if(p->name.name_string.val == NULL){ + free(p->realm); + return ENOMEM; + } + for(i = 0; i < ncomp; i++){ + ret = krb5_ret_string(sp, &p->name.name_string.val[i]); + if(ret) return ret; /* XXX */ + } + *princ = p; + return 0; +} + +krb5_error_code +krb5_store_keyblock(krb5_storage *sp, krb5_keyblock p) +{ + int ret; + ret = krb5_store_int16(sp, p.keytype); + if(ret) return ret; + + if(krb5_storage_is_flags(sp, KRB5_STORAGE_KEYBLOCK_KEYTYPE_TWICE)){ + /* this should really be enctype, but it is the same as + keytype nowadays */ + ret = krb5_store_int16(sp, p.keytype); + if(ret) return ret; + } + + ret = krb5_store_data(sp, p.keyvalue); + return ret; +} + +krb5_error_code +krb5_ret_keyblock(krb5_storage *sp, krb5_keyblock *p) +{ + int ret; + int16_t tmp; + + ret = krb5_ret_int16(sp, &tmp); + if(ret) return ret; + p->keytype = tmp; + + if(krb5_storage_is_flags(sp, KRB5_STORAGE_KEYBLOCK_KEYTYPE_TWICE)){ + ret = krb5_ret_int16(sp, &tmp); + if(ret) return ret; + } + + ret = krb5_ret_data(sp, &p->keyvalue); + return ret; +} + +krb5_error_code +krb5_store_times(krb5_storage *sp, krb5_times times) +{ + int ret; + ret = krb5_store_int32(sp, times.authtime); + if(ret) return ret; + ret = krb5_store_int32(sp, times.starttime); + if(ret) return ret; + ret = krb5_store_int32(sp, times.endtime); + if(ret) return ret; + ret = krb5_store_int32(sp, times.renew_till); + return ret; +} + +krb5_error_code +krb5_ret_times(krb5_storage *sp, krb5_times *times) +{ + int ret; + int32_t tmp; + ret = krb5_ret_int32(sp, &tmp); + times->authtime = tmp; + if(ret) return ret; + ret = krb5_ret_int32(sp, &tmp); + times->starttime = tmp; + if(ret) return ret; + ret = krb5_ret_int32(sp, &tmp); + times->endtime = tmp; + if(ret) return ret; + ret = krb5_ret_int32(sp, &tmp); + times->renew_till = tmp; + return ret; +} + +krb5_error_code +krb5_store_address(krb5_storage *sp, krb5_address p) +{ + int ret; + ret = krb5_store_int16(sp, p.addr_type); + if(ret) return ret; + ret = krb5_store_data(sp, p.address); + return ret; +} + +krb5_error_code +krb5_ret_address(krb5_storage *sp, krb5_address *adr) +{ + int16_t t; + int ret; + ret = krb5_ret_int16(sp, &t); + if(ret) return ret; + adr->addr_type = t; + ret = krb5_ret_data(sp, &adr->address); + return ret; +} + +krb5_error_code +krb5_store_addrs(krb5_storage *sp, krb5_addresses p) +{ + int i; + int ret; + ret = krb5_store_int32(sp, p.len); + if(ret) return ret; + for(i = 0; i<p.len; i++){ + ret = krb5_store_address(sp, p.val[i]); + if(ret) break; + } + return ret; +} + +krb5_error_code +krb5_ret_addrs(krb5_storage *sp, krb5_addresses *adr) +{ + int i; + int ret; + int32_t tmp; + + ret = krb5_ret_int32(sp, &tmp); + if(ret) return ret; + adr->len = tmp; + ALLOC(adr->val, adr->len); + for(i = 0; i < adr->len; i++){ + ret = krb5_ret_address(sp, &adr->val[i]); + if(ret) break; + } + return ret; +} + +krb5_error_code +krb5_store_authdata(krb5_storage *sp, krb5_authdata auth) +{ + krb5_error_code ret; + int i; + ret = krb5_store_int32(sp, auth.len); + if(ret) return ret; + for(i = 0; i < auth.len; i++){ + ret = krb5_store_int16(sp, auth.val[i].ad_type); + if(ret) break; + ret = krb5_store_data(sp, auth.val[i].ad_data); + if(ret) break; + } + return 0; +} + +krb5_error_code +krb5_ret_authdata(krb5_storage *sp, krb5_authdata *auth) +{ + krb5_error_code ret; + int32_t tmp; + int16_t tmp2; + int i; + ret = krb5_ret_int32(sp, &tmp); + if(ret) return ret; + ALLOC_SEQ(auth, tmp); + for(i = 0; i < tmp; i++){ + ret = krb5_ret_int16(sp, &tmp2); + if(ret) break; + auth->val[i].ad_type = tmp2; + ret = krb5_ret_data(sp, &auth->val[i].ad_data); + if(ret) break; + } + return ret; +} + +krb5_error_code +krb5_store_creds(krb5_storage *sp, krb5_creds *creds) +{ + krb5_store_principal(sp, creds->client); + krb5_store_principal(sp, creds->server); + krb5_store_keyblock(sp, creds->session); + krb5_store_times(sp, creds->times); + krb5_store_int8(sp, 0); /* this is probably the + enc-tkt-in-skey bit from KDCOptions */ + krb5_store_int32(sp, creds->flags.i); + krb5_store_addrs(sp, creds->addresses); + krb5_store_authdata(sp, creds->authdata); + krb5_store_data(sp, creds->ticket); + krb5_store_data(sp, creds->second_ticket); + return 0; +} + +krb5_error_code +krb5_ret_creds(krb5_storage *sp, krb5_creds *creds) +{ + krb5_error_code ret; + int8_t dummy8; + int32_t dummy32; + + memset(creds, 0, sizeof(*creds)); + ret = krb5_ret_principal (sp, &creds->client); + if(ret) goto cleanup; + ret = krb5_ret_principal (sp, &creds->server); + if(ret) goto cleanup; + ret = krb5_ret_keyblock (sp, &creds->session); + if(ret) goto cleanup; + ret = krb5_ret_times (sp, &creds->times); + if(ret) goto cleanup; + ret = krb5_ret_int8 (sp, &dummy8); + if(ret) goto cleanup; + ret = krb5_ret_int32 (sp, &dummy32); + if(ret) goto cleanup; + creds->flags.i = dummy32; + ret = krb5_ret_addrs (sp, &creds->addresses); + if(ret) goto cleanup; + ret = krb5_ret_authdata (sp, &creds->authdata); + if(ret) goto cleanup; + ret = krb5_ret_data (sp, &creds->ticket); + if(ret) goto cleanup; + ret = krb5_ret_data (sp, &creds->second_ticket); +cleanup: + if(ret) +#if 0 + krb5_free_creds_contents(context, creds) /* XXX */ +#endif + ; + return ret; +} diff --git a/crypto/heimdal/lib/krb5/store_emem.c b/crypto/heimdal/lib/krb5/store_emem.c new file mode 100644 index 0000000..d2497ef --- /dev/null +++ b/crypto/heimdal/lib/krb5/store_emem.c @@ -0,0 +1,126 @@ +/* + * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: store_emem.c,v 1.9 1999/12/02 17:05:12 joda Exp $"); + +typedef struct emem_storage{ + unsigned char *base; + size_t size; + size_t len; + unsigned char *ptr; +}emem_storage; + +static ssize_t +emem_fetch(krb5_storage *sp, void *data, size_t size) +{ + emem_storage *s = (emem_storage*)sp->data; + if(s->base + s->len - s->ptr < size) + size = s->base + s->len - s->ptr; + memmove(data, s->ptr, size); + sp->seek(sp, size, SEEK_CUR); + return size; +} + +static ssize_t +emem_store(krb5_storage *sp, void *data, size_t size) +{ + emem_storage *s = (emem_storage*)sp->data; + if(size > s->base + s->size - s->ptr){ + void *base; + size_t sz, off; + sz = 2 * (size + (s->ptr - s->base)); /* XXX */ + off = s->ptr - s->base; + base = realloc(s->base, sz); + if(base == NULL) + return 0; + s->size = sz; + s->base = base; + s->ptr = (unsigned char*)base + off; + } + memmove(s->ptr, data, size); + sp->seek(sp, size, SEEK_CUR); + return size; +} + +static off_t +emem_seek(krb5_storage *sp, off_t offset, int whence) +{ + emem_storage *s = (emem_storage*)sp->data; + switch(whence){ + case SEEK_SET: + if(offset > s->size) + offset = s->size; + if(offset < 0) + offset = 0; + s->ptr = s->base + offset; + if(offset > s->len) + s->len = offset; + break; + case SEEK_CUR: + sp->seek(sp,s->ptr - s->base + offset, SEEK_SET); + break; + case SEEK_END: + sp->seek(sp, s->len + offset, SEEK_SET); + break; + default: + errno = EINVAL; + return -1; + } + return s->ptr - s->base; +} + +static void +emem_free(krb5_storage *sp) +{ + free(((emem_storage*)sp->data)->base); +} + +krb5_storage * +krb5_storage_emem(void) +{ + krb5_storage *sp = malloc(sizeof(krb5_storage)); + emem_storage *s = malloc(sizeof(*s)); + sp->data = s; + sp->flags = 0; + s->size = 1024; + s->base = malloc(s->size); + s->len = 0; + s->ptr = s->base; + sp->fetch = emem_fetch; + sp->store = emem_store; + sp->seek = emem_seek; + sp->free = emem_free; + return sp; +} diff --git a/crypto/heimdal/lib/krb5/store_fd.c b/crypto/heimdal/lib/krb5/store_fd.c new file mode 100644 index 0000000..e4c507c --- /dev/null +++ b/crypto/heimdal/lib/krb5/store_fd.c @@ -0,0 +1,74 @@ +/* + * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: store_fd.c,v 1.6 1999/12/02 17:05:13 joda Exp $"); + +typedef struct fd_storage{ + int fd; +}fd_storage; + +#define FD(S) (((fd_storage*)(S)->data)->fd) + +static ssize_t +fd_fetch(krb5_storage *sp, void *data, size_t size) +{ + return read(FD(sp), data, size); +} + +static ssize_t +fd_store(krb5_storage *sp, void *data, size_t size) +{ + return write(FD(sp), data, size); +} + +static off_t +fd_seek(krb5_storage *sp, off_t offset, int whence) +{ + return lseek(FD(sp), offset, whence); +} + +krb5_storage * +krb5_storage_from_fd(int fd) +{ + krb5_storage *sp = malloc(sizeof(krb5_storage)); + sp->data = malloc(sizeof(fd_storage)); + sp->flags = 0; + FD(sp) = fd; + sp->fetch = fd_fetch; + sp->store = fd_store; + sp->seek = fd_seek; + sp->free = NULL; + return sp; +} diff --git a/crypto/heimdal/lib/krb5/store_mem.c b/crypto/heimdal/lib/krb5/store_mem.c new file mode 100644 index 0000000..a8019e6 --- /dev/null +++ b/crypto/heimdal/lib/krb5/store_mem.c @@ -0,0 +1,117 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: store_mem.c,v 1.9 1999/12/02 17:05:13 joda Exp $"); + +typedef struct mem_storage{ + unsigned char *base; + size_t size; + unsigned char *ptr; +}mem_storage; + +static ssize_t +mem_fetch(krb5_storage *sp, void *data, size_t size) +{ + mem_storage *s = (mem_storage*)sp->data; + if(size > s->base + s->size - s->ptr) + size = s->base + s->size - s->ptr; + memmove(data, s->ptr, size); + sp->seek(sp, size, SEEK_CUR); + return size; +} + +static ssize_t +mem_store(krb5_storage *sp, void *data, size_t size) +{ + mem_storage *s = (mem_storage*)sp->data; + if(size > s->base + s->size - s->ptr) + size = s->base + s->size - s->ptr; + memmove(s->ptr, data, size); + sp->seek(sp, size, SEEK_CUR); + return size; +} + +static off_t +mem_seek(krb5_storage *sp, off_t offset, int whence) +{ + mem_storage *s = (mem_storage*)sp->data; + switch(whence){ + case SEEK_SET: + if(offset > s->size) + offset = s->size; + if(offset < 0) + offset = 0; + s->ptr = s->base + offset; + break; + case SEEK_CUR: + return sp->seek(sp, s->ptr - s->base + offset, SEEK_SET); + case SEEK_END: + return sp->seek(sp, s->size + offset, SEEK_SET); + default: + errno = EINVAL; + return -1; + } + return s->ptr - s->base; +} + +krb5_storage * +krb5_storage_from_mem(void *buf, size_t len) +{ + krb5_storage *sp = malloc(sizeof(krb5_storage)); + mem_storage *s; + if(sp == NULL) + return NULL; + s = malloc(sizeof(*s)); + if(s == NULL) { + free(sp); + return NULL; + } + sp->data = s; + sp->flags = 0; + s->base = buf; + s->size = len; + s->ptr = buf; + sp->fetch = mem_fetch; + sp->store = mem_store; + sp->seek = mem_seek; + sp->free = NULL; + return sp; +} + +krb5_storage * +krb5_storage_from_data(krb5_data *data) +{ + return krb5_storage_from_mem(data->data, data->length); +} diff --git a/crypto/heimdal/lib/krb5/string-to-key-test.c b/crypto/heimdal/lib/krb5/string-to-key-test.c new file mode 100644 index 0000000..0e884d0 --- /dev/null +++ b/crypto/heimdal/lib/krb5/string-to-key-test.c @@ -0,0 +1,106 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of KTH nor the names of its contributors may be + * used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +#include "krb5_locl.h" + +RCSID("$Id: string-to-key-test.c,v 1.2 1999/10/28 23:10:38 assar Exp $"); + +enum { MAXSIZE = 24 }; + +static struct testcase { + const char *principal_name; + const char *password; + krb5_enctype enctype; + unsigned char res[MAXSIZE]; +} tests[] = { + {"@", "", ETYPE_DES_CBC_MD5, + {0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01}}, + {"nisse@FOO.SE", "hej", ETYPE_DES_CBC_MD5, + {0xfe, 0x67, 0xbf, 0x9e, 0x57, 0x6b, 0xfe, 0x52}}, + {"assar/liten@FOO.SE", "hemligt", ETYPE_DES_CBC_MD5, + {0x5b, 0x9b, 0xcb, 0xf2, 0x97, 0x43, 0xc8, 0x40}}, + {"@", "", ETYPE_DES3_CBC_SHA1, + {0xce, 0xa2, 0x2f, 0x9b, 0x52, 0x2c, 0xb0, 0x15, 0x6e, 0x6b, 0x64, + 0x73, 0x62, 0x64, 0x73, 0x4f, 0x6e, 0x73, 0xce, 0xa2, 0x2f, 0x9b, + 0x52, 0x57}}, + {"nisse@FOO.SE", "hej", ETYPE_DES3_CBC_SHA1, + {0x0e, 0xbc, 0x23, 0x9d, 0x68, 0x46, 0xf2, 0xd5, 0x51, 0x98, 0x5b, + 0x57, 0xc1, 0x57, 0x01, 0x79, 0x04, 0xc4, 0xe9, 0xfe, 0xc1, 0x0e, + 0x13, 0xd0}}, + {"assar/liten@FOO.SE", "hemligt", ETYPE_DES3_CBC_SHA1, + {0x7f, 0x40, 0x67, 0xb9, 0xbc, 0xc4, 0x40, 0xfb, 0x43, 0x73, 0xd9, + 0xd3, 0xcd, 0x7c, 0xc7, 0x67, 0xe6, 0x79, 0x94, 0xd0, 0xa8, 0x34, + 0xdf, 0x62}}, + {NULL} +}; + +int +main(int argc, char **argv) +{ + struct testcase *t; + krb5_context context; + krb5_error_code ret; + int val = 0; + + krb5_init_context (&context); + + for (t = tests; t->principal_name; ++t) { + krb5_keyblock key; + krb5_principal principal; + int i; + + ret = krb5_parse_name (context, t->principal_name, &principal); + if (ret) + krb5_err (context, 1, ret, "krb5_parse_name %s", + t->principal_name); + ret = krb5_string_to_key (context, t->enctype, t->password, + principal, &key); + if (ret) + krb5_err (context, 1, ret, "krb5_string_to_key"); + krb5_free_principal (context, principal); + if (memcmp (key.keyvalue.data, t->res, key.keyvalue.length) != 0) { + const unsigned char *p = key.keyvalue.data; + + printf ("string_to_key(%s, %s) failed\n", + t->principal_name, t->password); + printf ("should be: "); + for (i = 0; i < key.keyvalue.length; ++i) + printf ("%02x", t->res[i]); + printf ("\nresult was: "); + for (i = 0; i < key.keyvalue.length; ++i) + printf ("%02x", p[i]); + printf ("\n"); + val = 1; + } + } + return val; +} diff --git a/crypto/heimdal/lib/krb5/ticket.c b/crypto/heimdal/lib/krb5/ticket.c new file mode 100644 index 0000000..ecb5821 --- /dev/null +++ b/crypto/heimdal/lib/krb5/ticket.c @@ -0,0 +1,74 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: ticket.c,v 1.4 1999/12/02 17:05:13 joda Exp $"); + +krb5_error_code +krb5_free_ticket(krb5_context context, + krb5_ticket *ticket) +{ + free_EncTicketPart(&ticket->ticket); + krb5_free_principal(context, ticket->client); + krb5_free_principal(context, ticket->server); + return 0; +} + +krb5_error_code +krb5_copy_ticket(krb5_context context, + const krb5_ticket *from, + krb5_ticket **to) +{ + krb5_error_code ret; + krb5_ticket *tmp = malloc(sizeof(*tmp)); + if(tmp == NULL) + return ENOMEM; + if((ret = copy_EncTicketPart(&from->ticket, &tmp->ticket))){ + free(tmp); + return ret; + } + ret = krb5_copy_principal(context, from->client, &tmp->client); + if(ret){ + free_EncTicketPart(&tmp->ticket); + return ret; + } + ret = krb5_copy_principal(context, from->server, &(*to)->server); + if(ret){ + krb5_free_principal(context, tmp->client); + free_EncTicketPart(&tmp->ticket); + return ret; + } + *to = tmp; + return 0; +} diff --git a/crypto/heimdal/lib/krb5/time.c b/crypto/heimdal/lib/krb5/time.c new file mode 100644 index 0000000..47a5f0b --- /dev/null +++ b/crypto/heimdal/lib/krb5/time.c @@ -0,0 +1,58 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: time.c,v 1.2 1999/12/02 17:05:13 joda Exp $"); + +krb5_error_code +krb5_timeofday (krb5_context context, + int32_t *timeret) +{ + *timeret = time(NULL) + context->kdc_sec_offset; + return 0; +} + +krb5_error_code +krb5_us_timeofday (krb5_context context, + int32_t *sec, + int32_t *usec) +{ + struct timeval tv; + + gettimeofday (&tv, NULL); + + *sec = tv.tv_sec + context->kdc_sec_offset; + *usec = tv.tv_usec; /* XXX */ + return 0; +} diff --git a/crypto/heimdal/lib/krb5/transited.c b/crypto/heimdal/lib/krb5/transited.c new file mode 100644 index 0000000..ed5a5b5 --- /dev/null +++ b/crypto/heimdal/lib/krb5/transited.c @@ -0,0 +1,382 @@ +/* + * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: transited.c,v 1.5 1999/12/02 17:05:13 joda Exp $"); + +/* this is an attempt at one of the most horrible `compression' + schemes that has ever been invented; it's so amazingly brain-dead + that words can not describe it, and all this just to save a few + silly bytes */ + +struct tr_realm { + char *realm; + unsigned leading_space:1; + unsigned leading_slash:1; + unsigned trailing_dot:1; + struct tr_realm *next; +}; + +static void +free_realms(struct tr_realm *r) +{ + struct tr_realm *p; + while(r){ + p = r; + r = r->next; + free(p->realm); + free(p); + } +} + +static int +make_path(struct tr_realm *r, const char *from, const char *to) +{ + const char *p; + struct tr_realm *path = r->next; + struct tr_realm *tmp; + + if(strlen(from) < strlen(to)){ + const char *tmp; + tmp = from; + from = to; + to = tmp; + } + + if(strcmp(from + strlen(from) - strlen(to), to) == 0){ + p = from; + while(1){ + p = strchr(p, '.'); + if(p == NULL) + return KRB5KDC_ERR_POLICY; + p++; + if(strcmp(p, to) == 0) + break; + tmp = calloc(1, sizeof(*tmp)); + tmp->next = path; + path = tmp; + path->realm = strdup(p); + if(path->realm == NULL){ + r->next = path; /* XXX */ + return ENOMEM;; + } + } + }else if(strncmp(from, to, strlen(to)) == 0){ + p = from + strlen(from); + while(1){ + while(p >= from && *p != '/') p--; + if(p == from) + return KRB5KDC_ERR_POLICY; + if(strncmp(to, from, p - from) == 0) + break; + tmp = calloc(1, sizeof(*tmp)); + tmp->next = path; + path = tmp; + path->realm = malloc(p - from + 1); + if(path->realm == NULL){ + r->next = path; /* XXX */ + return ENOMEM; + } + strncpy(path->realm, from, p - from); + path->realm[p - from] = '\0'; + p--; + } + }else + return KRB5KDC_ERR_POLICY; + r->next = path; + + return 0; +} + +static int +make_paths(struct tr_realm *realms, const char *client_realm, + const char *server_realm) +{ + struct tr_realm *r; + int ret; + const char *prev_realm = client_realm; + const char *next_realm = NULL; + for(r = realms; r; r = r->next){ + /* it *might* be that you can have more than one empty + component in a row, at least that's how I interpret the + "," exception in 1510 */ + if(r->realm[0] == '\0'){ + while(r->next && r->next->realm[0] == '\0') + r = r->next; + if(r->next) + next_realm = r->next->realm; + else + next_realm = server_realm; + ret = make_path(r, prev_realm, next_realm); + if(ret){ + free_realms(realms); + return ret; + } + } + prev_realm = r->realm; + } + return 0; +} + +static int +expand_realms(struct tr_realm *realms, const char *client_realm) +{ + struct tr_realm *r; + const char *prev_realm = NULL; + for(r = realms; r; r = r->next){ + if(r->trailing_dot){ + char *tmp; + if(prev_realm == NULL) + prev_realm = client_realm; + tmp = realloc(r->realm, strlen(r->realm) + strlen(prev_realm) + 1); + if(tmp == NULL){ + free_realms(realms); + return ENOMEM; + } + r->realm = tmp; + strcat(r->realm, prev_realm); + }else if(r->leading_slash && !r->leading_space && prev_realm){ + /* yet another exception: if you use x500-names, the + leading realm doesn't have to be "quoted" with a space */ + char *tmp; + tmp = malloc(strlen(r->realm) + strlen(prev_realm) + 1); + if(tmp == NULL){ + free_realms(realms); + return ENOMEM; + } + strcpy(tmp, prev_realm); + strcat(tmp, r->realm); + free(r->realm); + r->realm = tmp; + } + prev_realm = r->realm; + } + return 0; +} + +static struct tr_realm * +make_realm(char *realm) +{ + struct tr_realm *r; + char *p, *q; + int quote = 0; + r = calloc(1, sizeof(*r)); + if(r == NULL){ + free(realm); + return NULL; + } + r->realm = realm; + for(p = q = r->realm; *p; p++){ + if(p == r->realm && *p == ' '){ + r->leading_space = 1; + continue; + } + if(q == r->realm && *p == '/') + r->leading_slash = 1; + if(quote){ + *q++ = *p; + quote = 0; + continue; + } + if(*p == '\\'){ + quote = 1; + continue; + } + if(p[0] == '.' && p[1] == '\0') + r->trailing_dot = 1; + *q++ = *p; + } + *q = '\0'; + return r; +} + +static struct tr_realm* +append_realm(struct tr_realm *head, struct tr_realm *r) +{ + struct tr_realm *p; + if(head == NULL){ + r->next = NULL; + return r; + } + p = head; + while(p->next) p = p->next; + p->next = r; + return head; +} + +static int +decode_realms(const char *tr, int length, struct tr_realm **realms) +{ + struct tr_realm *r = NULL; + + char *tmp; + int quote = 0; + const char *start = tr; + int i; + + for(i = 0; i < length; i++){ + if(quote){ + quote = 0; + continue; + } + if(tr[i] == '\\'){ + quote = 1; + continue; + } + if(tr[i] == ','){ + tmp = malloc(tr + i - start + 1); + strncpy(tmp, start, tr + i - start); + tmp[tr + i - start] = '\0'; + r = make_realm(tmp); + if(r == NULL){ + free_realms(*realms); + return ENOMEM; + } + *realms = append_realm(*realms, r); + start = tr + i + 1; + } + } + tmp = malloc(tr + i - start + 1); + strncpy(tmp, start, tr + i - start); + tmp[tr + i - start] = '\0'; + r = make_realm(tmp); + if(r == NULL){ + free_realms(*realms); + return ENOMEM; + } + *realms = append_realm(*realms, r); + + return 0; +} + + +krb5_error_code +krb5_domain_x500_decode(krb5_data tr, char ***realms, int *num_realms, + const char *client_realm, const char *server_realm) +{ + struct tr_realm *r = NULL; + struct tr_realm *p, **q; + int ret; + + /* split string in components */ + ret = decode_realms(tr.data, tr.length, &r); + if(ret) + return ret; + + /* apply prefix rule */ + ret = expand_realms(r, client_realm); + if(ret) + return ret; + + ret = make_paths(r, client_realm, server_realm); + if(ret) + return ret; + + /* remove empty components */ + q = &r; + for(p = r; p; ){ + if(p->realm[0] == '\0'){ + free(p->realm); + *q = p->next; + free(p); + p = *q; + }else{ + q = &p->next; + p = p->next; + } + } + { + char **R; + *realms = NULL; + *num_realms = 0; + while(r){ + R = realloc(*realms, (*num_realms + 1) * sizeof(**realms)); + if(R == NULL) { + free(*realms); + return ENOMEM; + } + R[*num_realms] = r->realm; + (*num_realms)++; + *realms = R; + p = r->next; + free(r); + r = p; + } + } + return 0; +} + +krb5_error_code +krb5_domain_x500_encode(char **realms, int num_realms, krb5_data *encoding) +{ + char *s = NULL; + int len = 0; + int i; + for(i = 0; i < num_realms; i++){ + len += strlen(realms[i]); + if(realms[i][0] == '/') + len++; + } + len += num_realms - 1; + s = malloc(len + 1); + *s = '\0'; + for(i = 0; i < num_realms; i++){ + if(i && i < num_realms - 1) + strcat(s, ","); + if(realms[i][0] == '/') + strcat(s, " "); + strcat(s, realms[i]); + } + encoding->data = s; + encoding->length = strlen(s); + return 0; +} + +#if 0 +int +main(int argc, char **argv) +{ + krb5_data x; + char **r; + int num, i; + x.data = argv[1]; + x.length = strlen(x.data); + if(domain_expand(x, &r, &num, argv[2], argv[3])) + exit(1); + for(i = 0; i < num; i++) + printf("%s\n", r[i]); + return 0; +} +#endif + diff --git a/crypto/heimdal/lib/krb5/verify_init.c b/crypto/heimdal/lib/krb5/verify_init.c new file mode 100644 index 0000000..0f080ee --- /dev/null +++ b/crypto/heimdal/lib/krb5/verify_init.c @@ -0,0 +1,196 @@ +/* + * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: verify_init.c,v 1.11 1999/12/02 17:05:13 joda Exp $"); + +void +krb5_verify_init_creds_opt_init(krb5_verify_init_creds_opt *options) +{ + memset (options, 0, sizeof(*options)); +} + +void +krb5_verify_init_creds_opt_set_ap_req_nofail(krb5_verify_init_creds_opt *options, + int ap_req_nofail) +{ + options->flags |= KRB5_VERIFY_INIT_CREDS_OPT_AP_REQ_NOFAIL; + options->ap_req_nofail = ap_req_nofail; +} + +/* + * + */ + +static krb5_boolean +fail_verify_is_ok (krb5_context context, + krb5_verify_init_creds_opt *options) +{ + if ((options->flags & KRB5_VERIFY_INIT_CREDS_OPT_AP_REQ_NOFAIL + && options->ap_req_nofail == 1) + || krb5_config_get_bool (context, + NULL, + "libdefaults", + "verify_ap_req_nofail", + NULL)) + return FALSE; + else + return TRUE; +} + +krb5_error_code +krb5_verify_init_creds(krb5_context context, + krb5_creds *creds, + krb5_principal ap_req_server, + krb5_keytab ap_req_keytab, + krb5_ccache *ccache, + krb5_verify_init_creds_opt *options) +{ + krb5_error_code ret; + krb5_data req; + krb5_ccache local_ccache; + krb5_keytab_entry entry; + krb5_creds *new_creds = NULL; + krb5_auth_context auth_context = NULL; + krb5_principal server = NULL; + krb5_keytab keytab = NULL; + + krb5_data_zero (&req); + memset (&entry, 0, sizeof(entry)); + + if (ap_req_server == NULL) { + char local_hostname[MAXHOSTNAMELEN]; + + if (gethostname (local_hostname, sizeof(local_hostname)) < 0) + return errno; + + ret = krb5_sname_to_principal (context, + local_hostname, + "host", + KRB5_NT_SRV_HST, + &server); + if (ret) + goto cleanup; + } else + server = ap_req_server; + + if (ap_req_keytab == NULL) { + ret = krb5_kt_default (context, &keytab); + if (ret) + goto cleanup; + } else + keytab = ap_req_keytab; + + if (ccache && *ccache) + local_ccache = *ccache; + else { + ret = krb5_cc_gen_new (context, &krb5_mcc_ops, &local_ccache); + if (ret) + goto cleanup; + ret = krb5_cc_initialize (context, + local_ccache, + creds->client); + if (ret) + goto cleanup; + ret = krb5_cc_store_cred (context, + local_ccache, + creds); + if (ret) + goto cleanup; + } + + if (!krb5_principal_compare (context, server, creds->server)) { + krb5_creds match_cred; + + memset (&match_cred, 0, sizeof(match_cred)); + + match_cred.client = creds->client; + match_cred.server = server; + + ret = krb5_get_credentials (context, + 0, + local_ccache, + &match_cred, + &new_creds); + if (ret) { + if (fail_verify_is_ok (context, options)) + ret = 0; + goto cleanup; + } + } else + new_creds = creds; + + ret = krb5_mk_req_extended (context, + &auth_context, + 0, + NULL, + new_creds, + &req); + + krb5_auth_con_free (context, auth_context); + auth_context = NULL; + + if (ret) + goto cleanup; + + ret = krb5_rd_req (context, + &auth_context, + &req, + server, + keytab, + 0, + NULL); + + if (ret == KRB5_KT_NOTFOUND && fail_verify_is_ok (context, options)) + ret = 0; +cleanup: + if (auth_context) + krb5_auth_con_free (context, auth_context); + krb5_data_free (&req); + krb5_kt_free_entry (context, &entry); + if (new_creds) + krb5_free_creds (context, new_creds); + if (ap_req_server == NULL && server) + krb5_free_principal (context, server); + if (ap_req_keytab == NULL && keytab) + krb5_kt_close (context, keytab); + if (ccache == NULL + || (ret != 0 && *ccache == NULL)) + krb5_cc_destroy (context, local_ccache); + + if (ret == 0 && ccache != NULL && *ccache == NULL) + *ccache = local_ccache; + + return ret; +} diff --git a/crypto/heimdal/lib/krb5/verify_krb5_conf.c b/crypto/heimdal/lib/krb5/verify_krb5_conf.c new file mode 100644 index 0000000..2b9ce28 --- /dev/null +++ b/crypto/heimdal/lib/krb5/verify_krb5_conf.c @@ -0,0 +1,102 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" +#include <getarg.h> +RCSID("$Id: verify_krb5_conf.c,v 1.3 1999/12/02 17:05:13 joda Exp $"); + +/* verify krb5.conf */ + +static int version_flag = 0; +static int help_flag = 0; + +static struct getargs args[] = { + {"version", 0, arg_flag, &version_flag, + "print version", NULL }, + {"help", 0, arg_flag, &help_flag, + NULL, NULL } +}; + +static void +usage (int ret) +{ + arg_printusage (args, + sizeof(args)/sizeof(*args), + NULL, + "[config-file]"); + exit (ret); +} + +int +main(int argc, char **argv) +{ + const char *config_file = NULL; + krb5_error_code ret; + krb5_config_section *tmp_cf; + unsigned lineno; + char *error_message; + int optind = 0; + + set_progname (argv[0]); + + if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optind)) + usage(1); + + if (help_flag) + usage (0); + + if(version_flag){ + print_version(NULL); + exit(0); + } + + argc -= optind; + argv += optind; + + if (argc == 0) { + config_file = getenv("KRB5_CONFIG"); + if (config_file == NULL) + config_file = krb5_config_file; + } else if (argc == 1) { + config_file = argv[0]; + } else { + usage (1); + } + + ret = krb5_config_parse_file_debug (config_file, &tmp_cf, &lineno, + &error_message); + if (ret == 0) + return 0; + fprintf (stderr, "%s:%u: %s\n", config_file, lineno, error_message); + return 1; +} diff --git a/crypto/heimdal/lib/krb5/verify_user.c b/crypto/heimdal/lib/krb5/verify_user.c new file mode 100644 index 0000000..10c22cb --- /dev/null +++ b/crypto/heimdal/lib/krb5/verify_user.c @@ -0,0 +1,170 @@ +/* + * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: verify_user.c,v 1.11 1999/12/02 17:05:13 joda Exp $"); + +static krb5_error_code +verify_common (krb5_context context, + krb5_principal principal, + krb5_ccache ccache, + krb5_boolean secure, + const char *service, + krb5_creds cred) +{ + krb5_error_code ret; + krb5_principal server; + krb5_verify_init_creds_opt vopt; + krb5_ccache id; + + ret = krb5_sname_to_principal (context, NULL, service, KRB5_NT_SRV_HST, + &server); + if(ret) return ret; + + krb5_verify_init_creds_opt_init(&vopt); + krb5_verify_init_creds_opt_set_ap_req_nofail(&vopt, secure); + + ret = krb5_verify_init_creds(context, + &cred, + server, + NULL, + NULL, + &vopt); + krb5_free_principal(context, server); + if(ret) return ret; + if(ccache == NULL) + ret = krb5_cc_default (context, &id); + else + id = ccache; + if(ret == 0){ + ret = krb5_cc_initialize(context, id, principal); + if(ret == 0){ + ret = krb5_cc_store_cred(context, id, &cred); + } + if(ccache == NULL) + krb5_cc_close(context, id); + } + krb5_free_creds_contents(context, &cred); + return ret; +} + +/* + * Verify user `principal' with `password'. + * + * If `secure', also verify against local service key for `service'. + * + * As a side effect, fresh tickets are obtained and stored in `ccache'. + */ + +krb5_error_code +krb5_verify_user(krb5_context context, + krb5_principal principal, + krb5_ccache ccache, + const char *password, + krb5_boolean secure, + const char *service) +{ + + krb5_error_code ret; + krb5_get_init_creds_opt opt; + krb5_creds cred; + + krb5_get_init_creds_opt_init (&opt); + + ret = krb5_get_init_creds_password (context, + &cred, + principal, + (char*)password, + krb5_prompter_posix, + NULL, + 0, + NULL, + &opt); + + if(ret) + return ret; + return verify_common (context, principal, ccache, secure, service, cred); +} + +/* + * A variant of `krb5_verify_user'. The realm of `principal' is + * ignored and all the local realms are tried. + */ + +krb5_error_code +krb5_verify_user_lrealm(krb5_context context, + krb5_principal principal, + krb5_ccache ccache, + const char *password, + krb5_boolean secure, + const char *service) +{ + krb5_error_code ret; + krb5_get_init_creds_opt opt; + krb5_realm *realms, *r; + krb5_creds cred; + + krb5_get_init_creds_opt_init (&opt); + + ret = krb5_get_default_realms (context, &realms); + if (ret) + return ret; + ret = KRB5_CONFIG_NODEFREALM; + + for (r = realms; *r != NULL && ret != 0; ++r) { + char *tmp = strdup (*r); + + if (tmp == NULL) { + krb5_free_host_realm (context, realms); + return ENOMEM; + } + free (*krb5_princ_realm (context, principal)); + krb5_princ_set_realm (context, principal, &tmp); + + ret = krb5_get_init_creds_password (context, + &cred, + principal, + (char*)password, + krb5_prompter_posix, + NULL, + 0, + NULL, + &opt); + } + krb5_free_host_realm (context, realms); + if(ret) + return ret; + + return verify_common (context, principal, ccache, secure, service, cred); +} diff --git a/crypto/heimdal/lib/krb5/version.c b/crypto/heimdal/lib/krb5/version.c new file mode 100644 index 0000000..5f0fd66 --- /dev/null +++ b/crypto/heimdal/lib/krb5/version.c @@ -0,0 +1,43 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: version.c,v 1.3 1999/12/02 17:05:13 joda Exp $"); + +/* this is just to get a version stamp in the library file */ + +#define heimdal_version __heimdal_version +#define heimdal_long_version __heimdal_long_version +#include "version.h" + diff --git a/crypto/heimdal/lib/krb5/warn.c b/crypto/heimdal/lib/krb5/warn.c new file mode 100644 index 0000000..b202f7d --- /dev/null +++ b/crypto/heimdal/lib/krb5/warn.c @@ -0,0 +1,193 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" +#include <err.h> + +RCSID("$Id: warn.c,v 1.10 1999/12/02 17:05:13 joda Exp $"); + +static krb5_error_code +_warnerr(krb5_context context, int do_errtext, + krb5_error_code code, int level, const char *fmt, va_list ap) +{ + char xfmt[7] = ""; + const char *args[2], **arg; + char *msg = NULL; + + arg = args; + if(fmt){ + strcat(xfmt, "%s"); + if(do_errtext) + strcat(xfmt, ": "); + vasprintf(&msg, fmt, ap); + if(msg == NULL) + return ENOMEM; + *arg++ = msg; + } + if(context && do_errtext){ + const char *err_msg; + + strcat(xfmt, "%s"); + + err_msg = krb5_get_err_text(context, code); + if (err_msg) + *arg++ = err_msg; + else + *arg++ = "<unknown error>"; + } + + if(context && context->warn_dest) + krb5_log(context, context->warn_dest, level, xfmt, args[0], args[1]); + else + warnx(xfmt, args[0], args[1]); + free(msg); + return 0; +} + +#define FUNC(ETEXT, CODE, LEVEL) \ + krb5_error_code ret; \ + va_list ap; \ + va_start(ap, fmt); \ + ret = _warnerr(context, ETEXT, CODE, LEVEL, fmt, ap); \ + va_end(ap); + +#undef __attribute__ +#define __attribute__(X) + +krb5_error_code +krb5_vwarn(krb5_context context, krb5_error_code code, + const char *fmt, va_list ap) + __attribute__ ((format (printf, 3, 0))) +{ + return _warnerr(context, 1, code, 1, fmt, ap); +} + + +krb5_error_code +krb5_warn(krb5_context context, krb5_error_code code, const char *fmt, ...) + __attribute__ ((format (printf, 3, 4))) +{ + FUNC(1, code, 1); + return ret; +} + +krb5_error_code +krb5_vwarnx(krb5_context context, const char *fmt, va_list ap) + __attribute__ ((format (printf, 2, 0))) +{ + return _warnerr(context, 0, 0, 1, fmt, ap); +} + +krb5_error_code +krb5_warnx(krb5_context context, const char *fmt, ...) + __attribute__ ((format (printf, 2, 3))) +{ + FUNC(0, 0, 1); + return ret; +} + +krb5_error_code +krb5_verr(krb5_context context, int eval, krb5_error_code code, + const char *fmt, va_list ap) + __attribute__ ((noreturn, format (printf, 4, 0))) +{ + _warnerr(context, 1, code, 0, fmt, ap); + exit(eval); +} + + +krb5_error_code +krb5_err(krb5_context context, int eval, krb5_error_code code, + const char *fmt, ...) + __attribute__ ((noreturn, format (printf, 4, 5))) +{ + FUNC(1, code, 0); + exit(eval); +} + +krb5_error_code +krb5_verrx(krb5_context context, int eval, const char *fmt, va_list ap) + __attribute__ ((noreturn, format (printf, 3, 0))) +{ + _warnerr(context, 0, 0, 0, fmt, ap); + exit(eval); +} + +krb5_error_code +krb5_errx(krb5_context context, int eval, const char *fmt, ...) + __attribute__ ((noreturn, format (printf, 3, 4))) +{ + FUNC(0, 0, 0); + exit(eval); +} + +krb5_error_code +krb5_vabort(krb5_context context, krb5_error_code code, + const char *fmt, va_list ap) + __attribute__ ((noreturn, format (printf, 3, 0))) +{ + _warnerr(context, 1, code, 0, fmt, ap); + abort(); +} + + +krb5_error_code +krb5_abort(krb5_context context, krb5_error_code code, const char *fmt, ...) + __attribute__ ((noreturn, format (printf, 3, 4))) +{ + FUNC(1, code, 0); + abort(); +} + +krb5_error_code +krb5_vabortx(krb5_context context, const char *fmt, va_list ap) + __attribute__ ((noreturn, format (printf, 2, 0))) +{ + _warnerr(context, 0, 0, 0, fmt, ap); + abort(); +} + +krb5_error_code +krb5_abortx(krb5_context context, const char *fmt, ...) + __attribute__ ((noreturn, format (printf, 2, 3))) +{ + FUNC(0, 0, 0); + abort(); +} + +krb5_error_code +krb5_set_warn_dest(krb5_context context, krb5_log_facility *fac) +{ + context->warn_dest = fac; + return 0; +} diff --git a/crypto/heimdal/lib/krb5/write_message.c b/crypto/heimdal/lib/krb5/write_message.c new file mode 100644 index 0000000..b7f2c28 --- /dev/null +++ b/crypto/heimdal/lib/krb5/write_message.c @@ -0,0 +1,55 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: write_message.c,v 1.4 1999/12/02 17:05:13 joda Exp $"); + +krb5_error_code +krb5_write_message (krb5_context context, + krb5_pointer p_fd, + krb5_data *data) +{ + u_int32_t len; + u_int8_t buf[4]; + + len = data->length; + buf[0] = (len >> 24) & 0xFF; + buf[1] = (len >> 16) & 0xFF; + buf[2] = (len >> 8) & 0xFF; + buf[3] = (len >> 0) & 0xFF; + if (krb5_net_write (context, p_fd, buf, 4) != 4 + || krb5_net_write (context, p_fd, data->data, len) != len) + return errno; + return 0; +} diff --git a/crypto/heimdal/lib/roken/ChangeLog b/crypto/heimdal/lib/roken/ChangeLog new file mode 100644 index 0000000..c7d8168 --- /dev/null +++ b/crypto/heimdal/lib/roken/ChangeLog @@ -0,0 +1,715 @@ +2000-01-06 Assar Westerlund <assar@sics.se> + + * Makefile.am: bump version to 5:0:0 + +1999-12-30 Assar Westerlund <assar@sics.se> + + * Makefile.am (strpftime_test_SOURCES): correct source file name + + * roken.h.in (sockaddr_storage): change padding so that we have + one char[] of pad and then an unsigned long[] (for alignment and + padding). this works much better in practice. + +1999-12-22 Assar Westerlund <assar@sics.se> + + * roken.h.in (sockaddr_storage): drop leading underscore on + `public' fields. this was the consensus on the ipng mailing list + +1999-12-21 Assar Westerlund <assar@sics.se> + + * Makefile.am (strpftime-test): define sources to avoid having + '.o' + * Makefile.am (print_version.h): use $(EXEEXT) + * Makefile.am (roken.h): add $(EXEEXT) to make this work on cygwin + et al + +1999-12-20 Assar Westerlund <assar@sics.se> + + * Makefile.am (libroken_la_LDFLAGS): bump version to 4:3:0 + + * getaddrinfo.c (get_nodes): use getipnodebyname instead of + gethostbyname(2) + +1999-12-16 Assar Westerlund <assar@sics.se> + + * Makefile.am (libroken_la_LDFLAGS): bump version to 4:2:0 + + * roken.h.in (struct sockaddr_storage): redefine with the example + code from rfc2553 + + * getaddrinfo.c (get_null): set loopback with correct endianess + for v4. dunno about v6. + +1999-12-13 Assar Westerlund <assar@sics.se> + + * roken.h.in: add prototypes for str[pf]time + + * signal.c: macosx = rhapsody ~= nextstep also can't handle + various definitions of the same symbol. + +1999-12-12 Assar Westerlund <assar@sics.se> + + * Makefile.am: bump version to 4:1:0 + +1999-12-06 Assar Westerlund <assar@sics.se> + + * Makefile.am: bump version to 4:0:0 + +1999-12-05 Assar Westerlund <assar@sics.se> + + * Makefile.in: replace inaddr2str with getnameinfo_verified + + * roken-common.h (INADDR_LOOPBACK): add fallback definition + + * roken-common.h: move getnameinfo_verified to roken.h.in + * roken.h.in (inaddr2str): remove + * Makefile.am (libroken_la_SOURCES); removed inaddr2str + * roken-common.h (getnameinfo_verified): add prototype + * getnameinfo_verified.c: new file + +1999-12-04 Assar Westerlund <assar@sics.se> + + * roken-common.h: add constants for getaddrinfo, getnameinfo + * roken.h.in (socklen_t): make independent of sockaddr_storage + (AI_*, NI_*, EAI_*): move to roken-common.h + +1999-12-03 Assar Westerlund <assar@sics.se> + + * mini_inetd.c (mini_inted): rewrite to use `getaddrinfo' + * getaddrinfo.c (const_v*): no sizeof(sizeof()) + * getaddrinfo.c (add_hostent): search for the canonical name among + all aliases + (getaddrinfo): handle AI_NUMERICHOST correctly + * Makefile.am (EXTRA_libroken_la_SOURCES): add freeaddinfo, + getaddrinfo, getnameinfo, gai_strerror + (getaddrinfo_test): add + * Makefile.in (SOURCES): add freeaddinfo, getaddrinfo, + getnameinfo, gai_strerror + (getaddrinfo_test): add + * roken.h.in: arpa/inet.h: include + (socklen_t): add + (struct addrinfo): add + (EAI_*): add + (NI_*): add + (AI_*): add + (getaddrinfo, getnameinfo, freeaddrinfo, gai_strerror): add + * getnameinfo.c: new file + * getaddrinfo-test.c: new file + * gai_strerror.c: new file + * getaddrinfo.c: new file + * freeaddrinfo.c: new file + +1999-11-25 Assar Westerlund <assar@sics.se> + + * getopt.c (getopt): return -1 instead of EOF. From + <art@stacken.kth.se> + +1999-11-13 Assar Westerlund <assar@sics.se> + + * strftime.c (strftime): handle `%z' and `%Z' in a tm_gmtoff-less + world + + * getcap.c: make sure to use db only if we have both the library + and the header file + +1999-11-12 Assar Westerlund <assar@sics.se> + + * getarg.h: add arg_counter + * getarg.c: add a new type of argument: `arg_counter' re-organize + the code somewhat + + * Makefile.am: add strptime and strpftime-test + + * snprintf.c (xyzprintf): try to do the right thing with an % at + the end of the format string + + * strptime.c (strptime): implement '%U', '%V', '%W' + * strftime.c (strftime): implement '%U', '%V', '%W', '%z' + + * strftime.c (strftime): correct %E and %O handling. do something + reasonable with "...%" + + * strftime.c: replace the BSD implementation by one of our own + coding + + * strptime.c : new file + * strpftime-test.c: new file + +1999-11-07 Assar Westerlund <assar@sics.se> + + * parse_bytes-test.c: new file + + * Makefile.am: add parse_bytes-test + + * parse_units.c (parse_something): try to handle the case of no + value specified a little bit better + +1999-11-04 Assar Westerlund <assar@sics.se> + + * Makefile.am: bump version to 3:2:0 + +1999-10-30 Assar Westerlund <assar@sics.se> + + * snprintf.c (PARSE_INT_FORMAT): add redundant casts to work + around a gcc-bug that manifests itself on Linux-PPC. From Tom + Rini <trini@kernel.crashing.org> + +1999-10-28 Assar Westerlund <assar@sics.se> + + * Makefile.am: bump version to 3:1:0 + + * roken.h.in: use `unsigned char' instead of `u_int8_t' to avoid + having to have that definition. this is the easy way out instead + of getting the definition here where it's needed. flame me. + +Fri Oct 22 15:39:31 1999 Bjoern Groenvall <bg@sics.se> + + * k_getpwuid.c (k_getpwuid): getspuid() does not exist (even + though it should), use getspnam(). + +1999-10-20 Assar Westerlund <assar@sics.se> + + * Makefile.am: set version to 3:0:0 + +1999-10-18 Johan Danielsson <joda@pdc.kth.se> + + * getarg.3: document arg_collect + + * getarg.c: change the way arg_collect works; it's still quite + horrible though + + * getarg.h: change type of the collect function + +1999-10-17 Assar Westerlund <assar@sics.se> + + * xdbm.h: undo last commit + + * xdbm.h: reorder db includes + +1999-10-10 Assar Westerlund <assar@sics.se> + + * socket.c: const-ize and comment + + * net_write.c: const-ize + + * base64.c: const-ize + +1999-10-06 Assar Westerlund <assar@sics.se> + + * getarg.c (getarg): also set optind when returning error + +1999-09-26 Assar Westerlund <assar@sics.se> + + * Makefile.am: add parse_bytes.[ch] + +1999-09-24 Johan Danielsson <joda@pdc.kth.se> + + * getarg.3: getarg manpage + + * getarg.{c,h}: add a callback type to do more complicated processing + + * getarg.{c,h}: add floating point support + +1999-09-16 Assar Westerlund <assar@sics.se> + + * strlcat.c (strlcat): call strlcpy + + * strlcpy.c: update name and prototype + + * strlcat.c: update name and prototype + + * roken.h.in: rename strc{py,at}_truncate to strlc{py,at} + + * Makefile.am: rename strc{py,at}_truncate -> strlc{py,at} + + * Makefile.in: rename strc{py,at}_truncate -> strlc{py,at} + + * strcpy_truncate.c (strcpy_truncate): change return value to be + the length of `src' + +1999-08-16 Assar Westerlund <assar@sics.se> + + * getcap.c: try to make this work on systems with DB + +1999-08-16 Johan Danielsson <joda@pdc.kth.se> + + * getcap.c: protect from db-less systems + +1999-08-09 Johan Danielsson <joda@pdc.kth.se> + + * simple_exec.c: add simple_exec{ve,le} + + * getcap.c: getcap from NetBSD + +1999-08-06 Assar Westerlund <assar@sics.se> + + * roken.h.in (sockaddr_storage): cater for those that have + v6-support also + +1999-08-05 Assar Westerlund <assar@sics.se> + + * inet_ntop.c (inet_ntop_v4): remember to call ntohl + +1999-08-04 Assar Westerlund <assar@sics.se> + + * roken-common.h: add shutdown constants + + * mini_inetd.c (listen_v4, listen_v6): handle the case of the + protocol not being supported + +1999-08-01 Assar Westerlund <assar@sics.se> + + * mini_inetd.c (socket_set_reuseaddr): remove duplicate + +1999-07-29 Assar Westerlund <assar@sics.se> + + * mini_inetd.c (mini_inetd): fix my stupid bugs + +1999-07-28 Assar Westerlund <assar@sics.se> + + * roken-common.h: add socket* functions + + * Makefile.am (libroken_la_SOURCES): add socket.c + + * socket.c: new file, originally from appl/ftp/common + + * Makefile.am: set version to 2:0:2 + + * roken.h.in (inet_pton): add prototype + + * Makefile.am (EXTRA_libroken_la_SOURCES): add inet_pton + + * inet_pton.c: new file + + * getipnodebyname.c (getipnodebyname): try gethostbyname2 if we + have it + +1999-07-27 Assar Westerlund <assar@sics.se> + + * mini_inetd.c: support IPv6 + +1999-07-26 Assar Westerlund <assar@sics.se> + + * Makefile.am: set version to 1:0:1 + + * roken.h.in (inet_ntop): add prototype + + * roken-common.h: (INET{,6}_ADDRSTRLEN): add + + * inet_ntop.c: new file + + * Makefile.am (EXTRA_libroken_la_SOURCES): add inet_ntop.c + + * Makefile.am: move some files from libroken_la_SOURCES to + EXTRA_libroken_la_SOURCES + + * snprintf.c: some signed vs unsigned casts + +1999-07-24 Assar Westerlund <assar@sics.se> + + * roken.h.in (struct sockaddr_storage): define it needed + +1999-07-19 Assar Westerlund <assar@sics.se> + + * Makefile.am (libroken_la_SOURCES): add copyhostent.c, + freehostent.c, getipnodebyname.c, getipnodebyaddr.c + + * roken.h.in: <netdb.h>: include + (copyhostent, freehostent, getipnodebyname, getipnodebyaddr): add + prototypes + + * roken-common.h: new constants for getipnodeby* + + * Makefile.in (SOURCES): add freehostent, copyhostent, + getipnodebyname, getipnodebyaddr + + * freehostent.c: new file + + * copyhostent.c: new file + + * getipnodebyaddr.c: new file + + * getipnodebyname.c: new file + +1999-07-13 Assar Westerlund <assar@sics.se> + + * roken.h.in (k_getpwnam): update prototype + + * k_getpwnam.c (k_getpwnam): const-ize + + * get_default_username.c (get_default_username): a better way of + guessing when the user has su:ed + +1999-07-08 Johan Danielsson <joda@pdc.kth.se> + + * roken.awk: use puts, as suggested by Jeffrey Hutzelman + <jhutz+@cmu.edu> + +1999-07-06 Assar Westerlund <assar@sics.se> + + * readv.c (readv): typo + +1999-07-03 Assar Westerlund <assar@sics.se> + + * writev.c (writev): error check malloc properly + + * sendmsg.c (sendmsg): error check malloc properly + + * resolve.c (parse_reply): error check malloc properly + + * recvmsg.c (recvmsg): error check malloc properly + + * readv.c (readv): error check malloc properly + +1999-06-23 Assar Westerlund <assar@sics.se> + + * parse_units.c (acc_units): move the special case of 0 -> 1 to + parse_something to avoid having it happen at the end of the string + +1999-06-15 Assar Westerlund <assar@sics.se> + + * Makefile.in: add get_default_username + + * get_default_username.c: new file + + * roken.h.in (get_default_username): add prototype + + * Makefile.am: add get_default_username + +1999-05-08 Assar Westerlund <assar@sics.se> + + * xdbm.h: also try <db.h> with DB_DBM_HSEARCH == 1 + + * strnlen.c (strnlen): update prototype + + * Makefile.am: strndup.c: add + + * Makefile.in: strndup.c: add + + * roken.h.in (strndup): add + (strnlen): update prototype + + * strndup.c: new file + +Fri Apr 16 17:59:30 1999 Assar Westerlund <assar@sics.se> + + * roken.h.in: include strsep prototype if needed + +Thu Apr 15 14:04:03 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * Makefile.am: make make-print-version.o depend on version.h + +Wed Apr 7 14:11:00 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * Makefile.am: make it compile w/o krb4 + +Sat Mar 27 17:33:03 1999 Johan Danielsson <joda@blubb.pdc.kth.se> + + * snprintf.c (vasnprintf): correct check if realloc returns NULL + +Sat Mar 27 12:37:55 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * Makefile.am: link print_version with -ldes to avoid unresolved + references if -lkrb is shared + +Sat Mar 20 03:42:30 1999 Assar Westerlund <assar@sics.se> + + * roken-common.h (eread, ewrite): add + + * simple_exec.c: add <roken.h> + +Fri Mar 19 21:29:58 1999 Assar Westerlund <assar@sics.se> + + * Makefile.in: add eread, ewrite + + * eread.c, ewrite.c: new files + + * Makefile.am (libroken_la_SOURCES): add eread and ewrite + +Fri Mar 19 14:52:57 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * Makefile.am: add version-info + +Thu Mar 18 12:53:32 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * Makefile.am: remove include_dir hack + + * Makefile.am: parse_units.h + + * Makefile.am: include Makefile.am.common + +Sat Mar 13 23:31:35 1999 Assar Westerlund <assar@sics.se> + + * Makefile.in (SOURCES): add glob.c + +Thu Mar 11 15:02:21 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * iruserok.c: move innetgr() to separate file + + * innetgr.c: move innetgr() to separate file + + * hstrerror.c (hstrerror): add const to return type + + * erealloc.c: fix types in format string + + * emalloc.c: fix types in format string + +Wed Mar 10 16:36:55 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * resolve.c: ugly fix for crays + +Mon Mar 8 11:52:20 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * roken.h.in: protos for {un,}setenv + +1999-02-16 Assar Westerlund <assar@sics.se> + + * Makefile.in (SOURCES): add fnmatch + + * roken-common.h (abs): add + +Sat Feb 13 17:12:53 1999 Assar Westerlund <assar@sics.se> + + * emalloc.c, erealloc.c, estrup.c: new files + + * roken.h.in (mkstemp, gethostname): also includes prototypes if + they are needed. + +1998-12-23 Assar Westerlund <assar@sics.se> + + * roken.h.in: mkstemp: add prototype + +1998-12-20 Assar Westerlund <assar@sics.se> + + * snprintf.c, iruserok.c, parse-units.c: unsigned char-correctness + + * roken.h.in (inet_aton): also chedk NEED_INET_ATON_PROTO + + * roken-common.h: __attribute__: check for autoconf'd + HAVE___ATTRIBUTE__ instead of GNUC + +Sun Dec 6 19:53:21 1998 Assar Westerlund <assar@sics.se> + + * parse_units.c (parse_something): func is called with val == 0 if + no unit was given + (acc_flags, acc_units): update to new standard + +Fri Nov 27 03:09:42 1998 Assar Westerlund <assar@sics.se> + + * resolve.c (stot): constify + (type_to_string): always declare + (dns_lookup_int): correct debug output + +Thu Nov 26 23:43:55 1998 Assar Westerlund <assar@sics.se> + + * resolve.c (dns_lookup_int): send rr_class to res_search + +Thu Nov 26 17:09:47 1998 Johan Danielsson <joda@hella.pdc.kth.se> + + * resolve.c: some cleanup + + * resolve.h: add T_NAPTR + +Sun Nov 22 10:23:07 1998 Assar Westerlund <assar@sics.se> + + * Makefile.in (WFLAGS): set + + * k_getpwnam.c (k_getpwnam): check for `struct spwd' + + * k_getpwuid.c (k_getpwuid): check for `struct spwd' + +Tue Sep 8 05:18:31 1998 Assar Westerlund <assar@sics.se> + + * recvmsg.c (recvmsg): patch from bpreece@unity.ncsu.edu + +Fri Sep 4 16:29:27 1998 Johan Danielsson <joda@emma.pdc.kth.se> + + * vsyslog.c: asprintf -> vasprintf + +Tue Aug 18 22:25:52 1998 Assar Westerlund <assar@sics.se> + + * getarg.h (arg_printusage): new signature + + * getarg.c (arg_printusage): new parameter `progname'. NULL means + __progname. + +Sun Aug 9 14:53:44 1998 Johan Danielsson <joda@emma.pdc.kth.se> + + * Makefile.am: net_{read,write}.c + +Fri Jul 24 21:56:02 1998 Assar Westerlund <assar@sics.se> + + * simple_exec.c (simple_execvp): loop around waitpid when errno == + EINTR + +Thu Jul 23 20:24:35 1998 Johan Danielsson <joda@emma.pdc.kth.se> + + * Makefile.am: net_{read,write}.c + +Wed Jul 22 21:38:35 1998 Assar Westerlund <assar@sics.se> + + * simple_exec.c (simple_execlp): initialize `argv' + +Mon Jul 13 23:01:22 1998 Assar Westerlund <assar@sics.se> + + * inaddr2str.c (inaddr2str): don't advance hostent->h_addr_list, + use a copy instead + +Fri Jul 10 01:20:08 1998 Assar Westerlund <assar@sics.se> + + * roken.h.in (net_write, net_read): add prototypes + + * Makefile.in: net_{read,write}.c: add + + * net_{read,write}.c: new files + +Tue Jun 30 17:29:09 1998 Assar Westerlund <assar@sics.se> + + * roken.h.in (issuid): add + + * get_window_size.c: fix misspelling of TIOCGWINSZ and bad use of + fields + +Sun May 31 03:24:34 1998 Johan Danielsson <joda@emma.pdc.kth.se> + + * getarg.c (mandoc_template): Put short and long options in + SYNOPSIS within the same [ ] pair. + +Sat May 30 00:13:01 1998 Johan Danielsson <joda@emma.pdc.kth.se> + + * getarg.c (arg_printusage): try to keep options shorter than + column width + + * get_window_size.c (get_window_size): check COLUMNS and LINES + +Fri May 29 00:05:04 1998 Johan Danielsson <joda@emma.pdc.kth.se> + + * getarg.c (mandoc_template): Put short and long options in + DESCRIPTION on the same line. + + * getarg.c (arg_match_long): make sure you only get an exact match + if the strings are the same length + +Thu May 14 02:23:40 1998 Assar Westerlund <assar@sics.se> + + * roken.awk: stupid cray awk wants \# + +Fri May 1 01:29:36 1998 Assar Westerlund <assar@sics.se> + + * print_version.c (print_version): according to ISO/ANSI C the + elements of `arg' are not constant and therefore not settable at + compile-time. Set the at run-time instead. + +Sun Apr 19 10:00:06 1998 Assar Westerlund <assar@sics.se> + + * roken.h.in: include paths.h + +Sun Apr 5 12:30:49 1998 Assar Westerlund <assar@sics.se> + + * Makefile.in (SOURCES): add roken_gethostby.c to make solaris + make happy + +Thu Mar 19 20:41:25 1998 Johan Danielsson <joda@emma.pdc.kth.se> + + * simple_exec.c: Simple fork+exec system() replacement. + +Fri Mar 6 00:21:53 1998 Johan Danielsson <joda@emma.pdc.kth.se> + + * roken_gethostby.c: Make `roken_gethostby_setup' take url-like + specification instead of split up versions. Makes it easier for + calling applications. + + * roken_gethostby.c: Another miracle of the 20th century: + gethostby* over HTTP. + +Sat Feb 21 15:18:36 1998 assar westerlund <assar@sics.se> + + * parse_time.c (unparse_time_approx): new function that calls + `unparse_units_approx' + + * parse_units.c (unparse_units_approx): new function that will + only print the first unit. + + * Makefile.in: include parse_{time,units} + +Thu Feb 12 03:30:08 1998 Assar Westerlund <assar@sics.se> + + * parse_time.c (print_time_table): don't return a void value. + +Tue Feb 3 11:06:24 1998 Johan Danielsson <joda@emma.pdc.kth.se> + + * getarg.c (mandoc_template): Change date format to full month + name, and day of month without leading zero. + +Thu Jan 22 21:23:23 1998 Johan Danielsson <joda@emma.pdc.kth.se> + + * getarg.c: Fix long form of negative flags. + +Mon Dec 29 23:31:10 1997 Johan Danielsson <joda@emma.pdc.kth.se> + + * roken.h.in: Include <err.h>, to get linux __progname. + +Sun Dec 21 09:45:18 1997 Assar Westerlund <assar@sics.se> + + * parse_time.c (print_time_table): new function + + * parse_units.c (print_flags_table, print_units_table): new + functions. + +Thu Dec 4 02:51:46 1997 Assar Westerlund <assar@sics.se> + + * iruserok.c: moved here. + + * snprintf.c (sn_append_char): don't write any terminating zero. + (as_reserve): don't loop. better heuristic for how much space to + realloc. + (vasnprintf): simplify initializing to one. + +Sun Nov 30 14:56:59 1997 Johan Danielsson <joda@emma.pdc.kth.se> + + * getarg.c: Add mandoc help back-end to getarg. + +Wed Nov 12 01:09:17 1997 Johan Danielsson <joda@emma.pdc.kth.se> + + * verr.c, verrx.c: Fix warnings by moving exit from. + +Tue Nov 11 21:12:09 1997 Johan Danielsson <joda@emma.pdc.kth.se> + + * parse_units.c: Change the list of separating characters (between + units) to comma, space, and tab, removing digits. Having digits in + this list makes a flag like `T42 generate a parse error. This + change makes `17m3s' an invalid time-spec (you need a space). + +Tue Nov 11 02:38:44 1997 Assar Westerlund <assar@sics.se> + + * roken.h: add <sys/socket.h> + +Sun Nov 9 04:48:46 1997 Johan Danielsson <joda@emma.pdc.kth.se> + + * fnmatch.c: Add fnmatch from NetBSD + +Sun Nov 9 02:00:08 1997 Assar Westerlund <assar@sics.se> + + * parse_units.c (parse_something): ignore white-space and ',' + +Mon Nov 3 22:38:32 1997 Assar Westerlund <assar@sics.se> + + * roken.h: fclose prototype + + * roken.h: add prototype for vsyslog + + * Makefile.in: add some more source files to make soriasis make + happy + +Sat Nov 1 00:19:21 1997 Assar Westerlund <assar@sics.se> + + * roken.h: include <sys/uio.h> and <errno.h>. + prototypes for readv and writev + + * readv.c, writev.c: new files + +Wed Oct 29 02:21:38 1997 Assar Westerlund <assar@sics.se> + + * roken.h: Add ugly macros for openlog, gethostbyname, + gethostbyaddr, and getservbyname for the benefit of Crays. Add + default definition of MAXPATHLEN diff --git a/crypto/heimdal/lib/roken/Makefile.am b/crypto/heimdal/lib/roken/Makefile.am new file mode 100644 index 0000000..6499872 --- /dev/null +++ b/crypto/heimdal/lib/roken/Makefile.am @@ -0,0 +1,177 @@ +# $Id: Makefile.am,v 1.65 2000/01/06 22:24:36 assar Exp $ + +include $(top_srcdir)/Makefile.am.common + +CLEANFILES = roken.h make-roken.c print_version.h + +lib_LTLIBRARIES = libroken.la +libroken_la_LDFLAGS = -version-info 5:0:0 + +noinst_PROGRAMS = make-roken make-print-version + +check_PROGRAMS = parse_bytes-test strpftime-test getaddrinfo-test +TESTS = $(check_PROGRAMS) + +getaddrinfo_test_LDADD = libroken.la +parse_bytes_test_LDADD = libroken.la +strpftime_test_SOURCES = strpftime-test.c strftime.c strptime.c snprintf.c + +if KRB4 +if KRB5 +## need to link with des here; otherwise, if krb4 is shared the link +## will fail with unresolved references +make_print_version_LDADD += $(LIB_krb4) -ldes +endif +endif + +libroken_la_SOURCES = \ + base64.c \ + concat.c \ + emalloc.c \ + eread.c \ + erealloc.c \ + estrdup.c \ + ewrite.c \ + get_default_username.c \ + get_window_size.c \ + getarg.c \ + getnameinfo_verified.c \ + issuid.c \ + k_getpwnam.c \ + k_getpwuid.c \ + mini_inetd.c \ + net_read.c \ + net_write.c \ + parse_bytes.c \ + parse_time.c \ + parse_units.c \ + print_version.c \ + resolve.c \ + roken_gethostby.c \ + signal.c \ + simple_exec.c \ + snprintf.c \ + socket.c \ + tm2time.c \ + verify.c \ + warnerr.c \ + xdbm.h + +EXTRA_libroken_la_SOURCES = \ + chown.c \ + copyhostent.c \ + daemon.c \ + err.c \ + err.h \ + errx.c \ + fchown.c \ + flock.c \ + fnmatch.c \ + fnmatch.h \ + freeaddrinfo.c \ + freehostent.c \ + gai_strerror.c \ + getaddrinfo.c \ + getdtablesize.c \ + getegid.c \ + geteuid.c \ + getgid.c \ + gethostname.c \ + getipnodebyaddr.c \ + getipnodebyname.c \ + getnameinfo.c \ + getopt.c \ + gettimeofday.c \ + getuid.c \ + getusershell.c \ + glob.h \ + hstrerror.c \ + inet_aton.c \ + inet_ntop.c \ + inet_pton.c \ + initgroups.c \ + innetgr.c \ + iruserok.c \ + lstat.c \ + memmove.c \ + mkstemp.c \ + putenv.c \ + rcmd.c \ + readv.c \ + recvmsg.c \ + sendmsg.c \ + setegid.c \ + setenv.c \ + seteuid.c \ + strcasecmp.c \ + strdup.c \ + strerror.c \ + strftime.c \ + strlcat.c \ + strlcpy.c \ + strlwr.c \ + strncasecmp.c \ + strndup.c \ + strnlen.c \ + strptime.c \ + strsep.c \ + strtok_r.c \ + strupr.c \ + swab.c \ + unsetenv.c \ + verr.c \ + verrx.c \ + vsyslog.c \ + vwarn.c \ + vwarnx.c \ + warn.c \ + warnx.c \ + writev.c + +EXTRA_DIST = resource.h roken.awk roken.def roken.dsp roken.h.in \ + roken.mak roken.rc + + + +libroken_la_LIBADD = @LTLIBOBJS@ + +$(LTLIBOBJS) $(libroken_la_OBJECTS): roken.h + +include_HEADERS = $(err_h) base64.h getarg.h \ + parse_bytes.h parse_time.h parse_units.h \ + resolve.h roken.h roken-common.h + +build_HEADERZ = $(err_h) $(fnmatch_h) $(glob_h) xdbm.h + +if have_err_h +err_h = +else +err_h = err.h +endif + +if have_fnmatch_h +fnmatch_h = +else +fnmatch_h = fnmatch.h +endif + +if have_glob_h +glob_h = +else +glob_h = glob.h +endif + +roken.h: make-roken$(EXEEXT) + @./make-roken$(EXEEXT) > tmp.h ;\ + if [ -f roken.h ] && cmp -s tmp.h roken.h ; then rm -f tmp.h ; \ + else rm -f roken.h; mv tmp.h roken.h; fi + +make-roken.c: roken.h.in roken.awk + $(AWK) -f $(srcdir)/roken.awk $(srcdir)/roken.h.in > make-roken.c + +print_version.lo: print_version.h + +print_version.h: make-print-version$(EXEEXT) + ./make-print-version$(EXEEXT) print_version.h + +make-print-version.o: $(top_builddir)/include/version.h diff --git a/crypto/heimdal/lib/roken/Makefile.in b/crypto/heimdal/lib/roken/Makefile.in new file mode 100644 index 0000000..02d18cd --- /dev/null +++ b/crypto/heimdal/lib/roken/Makefile.in @@ -0,0 +1,800 @@ +# Makefile.in generated automatically by automake 1.4 from Makefile.am + +# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +# $Id: Makefile.am,v 1.65 2000/01/06 22:24:36 assar Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ + + +SHELL = @SHELL@ + +srcdir = @srcdir@ +top_srcdir = @top_srcdir@ +VPATH = @srcdir@ +prefix = @prefix@ +exec_prefix = @exec_prefix@ + +bindir = @bindir@ +sbindir = @sbindir@ +libexecdir = @libexecdir@ +datadir = @datadir@ +sysconfdir = @sysconfdir@ +sharedstatedir = @sharedstatedir@ +localstatedir = @localstatedir@ +libdir = @libdir@ +infodir = @infodir@ +mandir = @mandir@ +includedir = @includedir@ +oldincludedir = /usr/include + +DESTDIR = + +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ + +top_builddir = ../.. + +ACLOCAL = @ACLOCAL@ +AUTOCONF = @AUTOCONF@ +AUTOMAKE = @AUTOMAKE@ +AUTOHEADER = @AUTOHEADER@ + +INSTALL = @INSTALL@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +transform = @program_transform_name@ + +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +host_alias = @host_alias@ +host_triplet = @host@ +AFS_EXTRA_LD = @AFS_EXTRA_LD@ +AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AWK = @AWK@ +CANONICAL_HOST = @CANONICAL_HOST@ +CATMAN = @CATMAN@ +CATMANEXT = @CATMANEXT@ +CC = @CC@ +DBLIB = @DBLIB@ +EXEEXT = @EXEEXT@ +EXTRA_LIB45 = @EXTRA_LIB45@ +GROFF = @GROFF@ +INCLUDE_ = @INCLUDE_@ +LD = @LD@ +LEX = @LEX@ +LIBOBJS = @LIBOBJS@ +LIBTOOL = @LIBTOOL@ +LIB_ = @LIB_@ +LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_kdb = @LIB_kdb@ +LIB_otp = @LIB_otp@ +LIB_roken = @LIB_roken@ +LIB_security = @LIB_security@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ +MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ +MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ +NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ +NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ +NM = @NM@ +NROFF = @NROFF@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +RANLIB = @RANLIB@ +VERSION = @VERSION@ +VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ +WFLAGS = @WFLAGS@ +WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ +WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ +YACC = @YACC@ + +AUTOMAKE_OPTIONS = foreign no-dependencies + +SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x + +INCLUDES = -I$(top_builddir)/include + +AM_CFLAGS = $(WFLAGS) + +COMPILE_ET = $(top_builddir)/lib/com_err/compile_et + +buildinclude = $(top_builddir)/include + +LIB_XauReadAuth = @LIB_XauReadAuth@ +LIB_crypt = @LIB_crypt@ +LIB_dbm_firstkey = @LIB_dbm_firstkey@ +LIB_dbopen = @LIB_dbopen@ +LIB_dlopen = @LIB_dlopen@ +LIB_dn_expand = @LIB_dn_expand@ +LIB_el_init = @LIB_el_init@ +LIB_getattr = @LIB_getattr@ +LIB_gethostbyname = @LIB_gethostbyname@ +LIB_getpwent_r = @LIB_getpwent_r@ +LIB_getpwnam_r = @LIB_getpwnam_r@ +LIB_getsockopt = @LIB_getsockopt@ +LIB_logout = @LIB_logout@ +LIB_logwtmp = @LIB_logwtmp@ +LIB_odm_initialize = @LIB_odm_initialize@ +LIB_readline = @LIB_readline@ +LIB_res_search = @LIB_res_search@ +LIB_setpcred = @LIB_setpcred@ +LIB_setsockopt = @LIB_setsockopt@ +LIB_socket = @LIB_socket@ +LIB_syslog = @LIB_syslog@ +LIB_tgetent = @LIB_tgetent@ + +HESIODLIB = @HESIODLIB@ +HESIODINCLUDE = @HESIODINCLUDE@ +INCLUDE_hesiod = @INCLUDE_hesiod@ +LIB_hesiod = @LIB_hesiod@ + +INCLUDE_krb4 = @INCLUDE_krb4@ +LIB_krb4 = @LIB_krb4@ + +INCLUDE_readline = @INCLUDE_readline@ + +LEXLIB = @LEXLIB@ + +cat1dir = $(mandir)/cat1 +cat3dir = $(mandir)/cat3 +cat5dir = $(mandir)/cat5 +cat8dir = $(mandir)/cat8 + +MANRX = \(.*\)\.\([0-9]\) +CATSUFFIX = @CATSUFFIX@ + +NROFF_MAN = groff -mandoc -Tascii + +@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) + +@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la + +CHECK_LOCAL = $(PROGRAMS) + +CLEANFILES = roken.h make-roken.c print_version.h + +lib_LTLIBRARIES = libroken.la +libroken_la_LDFLAGS = -version-info 5:0:0 + +noinst_PROGRAMS = make-roken make-print-version + +check_PROGRAMS = parse_bytes-test strpftime-test getaddrinfo-test +TESTS = $(check_PROGRAMS) + +getaddrinfo_test_LDADD = libroken.la +parse_bytes_test_LDADD = libroken.la +strpftime_test_SOURCES = strpftime-test.c strftime.c strptime.c snprintf.c + +@KRB4_TRUE@@KRB5_TRUE@make_print_version_LDADD = $(LIB_krb4) -ldes + +libroken_la_SOURCES = base64.c concat.c emalloc.c eread.c erealloc.c estrdup.c ewrite.c get_default_username.c get_window_size.c getarg.c getnameinfo_verified.c issuid.c k_getpwnam.c k_getpwuid.c mini_inetd.c net_read.c net_write.c parse_bytes.c parse_time.c parse_units.c print_version.c resolve.c roken_gethostby.c signal.c simple_exec.c snprintf.c socket.c tm2time.c verify.c warnerr.c xdbm.h + + +EXTRA_libroken_la_SOURCES = chown.c copyhostent.c daemon.c err.c err.h errx.c fchown.c flock.c fnmatch.c fnmatch.h freeaddrinfo.c freehostent.c gai_strerror.c getaddrinfo.c getdtablesize.c getegid.c geteuid.c getgid.c gethostname.c getipnodebyaddr.c getipnodebyname.c getnameinfo.c getopt.c gettimeofday.c getuid.c getusershell.c glob.h hstrerror.c inet_aton.c inet_ntop.c inet_pton.c initgroups.c innetgr.c iruserok.c lstat.c memmove.c mkstemp.c putenv.c rcmd.c readv.c recvmsg.c sendmsg.c setegid.c setenv.c seteuid.c strcasecmp.c strdup.c strerror.c strftime.c strlcat.c strlcpy.c strlwr.c strncasecmp.c strndup.c strnlen.c strptime.c strsep.c strtok_r.c strupr.c swab.c unsetenv.c verr.c verrx.c vsyslog.c vwarn.c vwarnx.c warn.c warnx.c writev.c + + +EXTRA_DIST = resource.h roken.awk roken.def roken.dsp roken.h.in roken.mak roken.rc + + +libroken_la_LIBADD = @LTLIBOBJS@ + +include_HEADERS = $(err_h) base64.h getarg.h parse_bytes.h parse_time.h parse_units.h resolve.h roken.h roken-common.h + + +build_HEADERZ = $(err_h) $(fnmatch_h) $(glob_h) xdbm.h +@have_err_h_TRUE@err_h = +@have_err_h_FALSE@err_h = err.h +@have_fnmatch_h_TRUE@fnmatch_h = +@have_fnmatch_h_FALSE@fnmatch_h = fnmatch.h +@have_glob_h_TRUE@glob_h = +@have_glob_h_FALSE@glob_h = glob.h +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = ../../include/config.h +CONFIG_CLEAN_FILES = +LTLIBRARIES = $(lib_LTLIBRARIES) + + +DEFS = @DEFS@ -I. -I$(srcdir) -I../../include +CPPFLAGS = @CPPFLAGS@ +LDFLAGS = @LDFLAGS@ +LIBS = @LIBS@ +X_CFLAGS = @X_CFLAGS@ +X_LIBS = @X_LIBS@ +X_EXTRA_LIBS = @X_EXTRA_LIBS@ +X_PRE_LIBS = @X_PRE_LIBS@ +libroken_la_DEPENDENCIES = @LTLIBOBJS@ +libroken_la_OBJECTS = base64.lo concat.lo emalloc.lo eread.lo \ +erealloc.lo estrdup.lo ewrite.lo get_default_username.lo \ +get_window_size.lo getarg.lo getnameinfo_verified.lo issuid.lo \ +k_getpwnam.lo k_getpwuid.lo mini_inetd.lo net_read.lo net_write.lo \ +parse_bytes.lo parse_time.lo parse_units.lo print_version.lo resolve.lo \ +roken_gethostby.lo signal.lo simple_exec.lo snprintf.lo socket.lo \ +tm2time.lo verify.lo warnerr.lo +check_PROGRAMS = parse_bytes-test$(EXEEXT) strpftime-test$(EXEEXT) \ +getaddrinfo-test$(EXEEXT) +noinst_PROGRAMS = make-roken$(EXEEXT) make-print-version$(EXEEXT) +PROGRAMS = $(noinst_PROGRAMS) + +parse_bytes_test_SOURCES = parse_bytes-test.c +parse_bytes_test_OBJECTS = parse_bytes-test.$(OBJEXT) +parse_bytes_test_DEPENDENCIES = libroken.la +parse_bytes_test_LDFLAGS = +strpftime_test_OBJECTS = strpftime-test.$(OBJEXT) strftime.$(OBJEXT) \ +strptime.$(OBJEXT) snprintf.$(OBJEXT) +strpftime_test_LDADD = $(LDADD) +strpftime_test_DEPENDENCIES = +strpftime_test_LDFLAGS = +getaddrinfo_test_SOURCES = getaddrinfo-test.c +getaddrinfo_test_OBJECTS = getaddrinfo-test.$(OBJEXT) +getaddrinfo_test_DEPENDENCIES = libroken.la +getaddrinfo_test_LDFLAGS = +make_roken_SOURCES = make-roken.c +make_roken_OBJECTS = make-roken.$(OBJEXT) +make_roken_LDADD = $(LDADD) +make_roken_DEPENDENCIES = +make_roken_LDFLAGS = +make_print_version_SOURCES = make-print-version.c +make_print_version_OBJECTS = make-print-version.$(OBJEXT) +@KRB4_TRUE@@KRB5_TRUE@make_print_version_DEPENDENCIES = +make_print_version_LDFLAGS = +CFLAGS = @CFLAGS@ +COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +HEADERS = $(include_HEADERS) + +DIST_COMMON = ChangeLog Makefile.am Makefile.in getcap.c glob.c \ +make-print-version.c + + +DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) + +TAR = tar +GZIP_ENV = --best +SOURCES = $(libroken_la_SOURCES) $(EXTRA_libroken_la_SOURCES) parse_bytes-test.c $(strpftime_test_SOURCES) getaddrinfo-test.c make-roken.c make-print-version.c +OBJECTS = $(libroken_la_OBJECTS) parse_bytes-test.$(OBJEXT) $(strpftime_test_OBJECTS) getaddrinfo-test.$(OBJEXT) make-roken.$(OBJEXT) make-print-version.$(OBJEXT) + +all: all-redirect +.SUFFIXES: +.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .s .x +$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common + cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/roken/Makefile + +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + cd $(top_builddir) \ + && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status + + +mostlyclean-libLTLIBRARIES: + +clean-libLTLIBRARIES: + -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) + +distclean-libLTLIBRARIES: + +maintainer-clean-libLTLIBRARIES: + +install-libLTLIBRARIES: $(lib_LTLIBRARIES) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(libdir) + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + echo "$(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p"; \ + $(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p; \ + else :; fi; \ + done + +uninstall-libLTLIBRARIES: + @$(NORMAL_UNINSTALL) + list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \ + done + +.c.o: + $(COMPILE) -c $< + +# FIXME: We should only use cygpath when building on Windows, +# and only if it is available. +.c.obj: + $(COMPILE) -c `cygpath -w $<` + +.s.o: + $(COMPILE) -c $< + +.S.o: + $(COMPILE) -c $< + +mostlyclean-compile: + -rm -f *.o core *.core + -rm -f *.$(OBJEXT) + +clean-compile: + +distclean-compile: + -rm -f *.tab.c + +maintainer-clean-compile: + +.c.lo: + $(LIBTOOL) --mode=compile $(COMPILE) -c $< + +.s.lo: + $(LIBTOOL) --mode=compile $(COMPILE) -c $< + +.S.lo: + $(LIBTOOL) --mode=compile $(COMPILE) -c $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +distclean-libtool: + +maintainer-clean-libtool: + +libroken.la: $(libroken_la_OBJECTS) $(libroken_la_DEPENDENCIES) + $(LINK) -rpath $(libdir) $(libroken_la_LDFLAGS) $(libroken_la_OBJECTS) $(libroken_la_LIBADD) $(LIBS) + +mostlyclean-checkPROGRAMS: + +clean-checkPROGRAMS: + -test -z "$(check_PROGRAMS)" || rm -f $(check_PROGRAMS) + +distclean-checkPROGRAMS: + +maintainer-clean-checkPROGRAMS: + +mostlyclean-noinstPROGRAMS: + +clean-noinstPROGRAMS: + -test -z "$(noinst_PROGRAMS)" || rm -f $(noinst_PROGRAMS) + +distclean-noinstPROGRAMS: + +maintainer-clean-noinstPROGRAMS: + +parse_bytes-test$(EXEEXT): $(parse_bytes_test_OBJECTS) $(parse_bytes_test_DEPENDENCIES) + @rm -f parse_bytes-test$(EXEEXT) + $(LINK) $(parse_bytes_test_LDFLAGS) $(parse_bytes_test_OBJECTS) $(parse_bytes_test_LDADD) $(LIBS) + +strpftime-test$(EXEEXT): $(strpftime_test_OBJECTS) $(strpftime_test_DEPENDENCIES) + @rm -f strpftime-test$(EXEEXT) + $(LINK) $(strpftime_test_LDFLAGS) $(strpftime_test_OBJECTS) $(strpftime_test_LDADD) $(LIBS) + +getaddrinfo-test$(EXEEXT): $(getaddrinfo_test_OBJECTS) $(getaddrinfo_test_DEPENDENCIES) + @rm -f getaddrinfo-test$(EXEEXT) + $(LINK) $(getaddrinfo_test_LDFLAGS) $(getaddrinfo_test_OBJECTS) $(getaddrinfo_test_LDADD) $(LIBS) + +make-roken$(EXEEXT): $(make_roken_OBJECTS) $(make_roken_DEPENDENCIES) + @rm -f make-roken$(EXEEXT) + $(LINK) $(make_roken_LDFLAGS) $(make_roken_OBJECTS) $(make_roken_LDADD) $(LIBS) + +make-print-version$(EXEEXT): $(make_print_version_OBJECTS) $(make_print_version_DEPENDENCIES) + @rm -f make-print-version$(EXEEXT) + $(LINK) $(make_print_version_LDFLAGS) $(make_print_version_OBJECTS) $(make_print_version_LDADD) $(LIBS) + +install-includeHEADERS: $(include_HEADERS) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(includedir) + @list='$(include_HEADERS)'; for p in $$list; do \ + if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \ + echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p"; \ + $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p; \ + done + +uninstall-includeHEADERS: + @$(NORMAL_UNINSTALL) + list='$(include_HEADERS)'; for p in $$list; do \ + rm -f $(DESTDIR)$(includedir)/$$p; \ + done + +tags: TAGS + +ID: $(HEADERS) $(SOURCES) $(LISP) + list='$(SOURCES) $(HEADERS)'; \ + unique=`for i in $$list; do echo $$i; done | \ + awk ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + here=`pwd` && cd $(srcdir) \ + && mkid -f$$here/ID $$unique $(LISP) + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS)'; \ + unique=`for i in $$list; do echo $$i; done | \ + awk ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ + || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS) + +mostlyclean-tags: + +clean-tags: + +distclean-tags: + -rm -f TAGS ID + +maintainer-clean-tags: + +distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) + +subdir = lib/roken + +distdir: $(DISTFILES) + @for file in $(DISTFILES); do \ + d=$(srcdir); \ + if test -d $$d/$$file; then \ + cp -pr $$/$$file $(distdir)/$$file; \ + else \ + test -f $(distdir)/$$file \ + || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ + || cp -p $$d/$$file $(distdir)/$$file || :; \ + fi; \ + done + $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook +check-TESTS: $(TESTS) + @failed=0; all=0; \ + srcdir=$(srcdir); export srcdir; \ + for tst in $(TESTS); do \ + if test -f $$tst; then dir=.; \ + else dir="$(srcdir)"; fi; \ + if $(TESTS_ENVIRONMENT) $$dir/$$tst; then \ + all=`expr $$all + 1`; \ + echo "PASS: $$tst"; \ + elif test $$? -ne 77; then \ + all=`expr $$all + 1`; \ + failed=`expr $$failed + 1`; \ + echo "FAIL: $$tst"; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0 +info-am: +info: info-am +dvi-am: +dvi: dvi-am +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS) + $(MAKE) $(AM_MAKEFLAGS) check-TESTS check-local +check: check-am +installcheck-am: +installcheck: installcheck-am +install-exec-am: install-libLTLIBRARIES + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-exec-hook +install-exec: install-exec-am + +install-data-am: install-includeHEADERS install-data-local +install-data: install-data-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am +install: install-am +uninstall-am: uninstall-libLTLIBRARIES uninstall-includeHEADERS +uninstall: uninstall-am +all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(HEADERS) all-local +all-redirect: all-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install +installdirs: + $(mkinstalldirs) $(DESTDIR)$(libdir) $(DESTDIR)$(includedir) + + +mostlyclean-generic: + +clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) + +distclean-generic: + -rm -f Makefile $(CONFIG_CLEAN_FILES) + -rm -f config.cache config.log stamp-h stamp-h[0-9]* + +maintainer-clean-generic: +mostlyclean-am: mostlyclean-libLTLIBRARIES mostlyclean-compile \ + mostlyclean-libtool mostlyclean-checkPROGRAMS \ + mostlyclean-noinstPROGRAMS mostlyclean-tags \ + mostlyclean-generic + +mostlyclean: mostlyclean-am + +clean-am: clean-libLTLIBRARIES clean-compile clean-libtool \ + clean-checkPROGRAMS clean-noinstPROGRAMS clean-tags \ + clean-generic mostlyclean-am + +clean: clean-am + +distclean-am: distclean-libLTLIBRARIES distclean-compile \ + distclean-libtool distclean-checkPROGRAMS \ + distclean-noinstPROGRAMS distclean-tags \ + distclean-generic clean-am + -rm -f libtool + +distclean: distclean-am + +maintainer-clean-am: maintainer-clean-libLTLIBRARIES \ + maintainer-clean-compile maintainer-clean-libtool \ + maintainer-clean-checkPROGRAMS \ + maintainer-clean-noinstPROGRAMS maintainer-clean-tags \ + maintainer-clean-generic distclean-am + @echo "This command is intended for maintainers to use;" + @echo "it deletes files that may require special tools to rebuild." + +maintainer-clean: maintainer-clean-am + +.PHONY: mostlyclean-libLTLIBRARIES distclean-libLTLIBRARIES \ +clean-libLTLIBRARIES maintainer-clean-libLTLIBRARIES \ +uninstall-libLTLIBRARIES install-libLTLIBRARIES mostlyclean-compile \ +distclean-compile clean-compile maintainer-clean-compile \ +mostlyclean-libtool distclean-libtool clean-libtool \ +maintainer-clean-libtool mostlyclean-checkPROGRAMS \ +distclean-checkPROGRAMS clean-checkPROGRAMS \ +maintainer-clean-checkPROGRAMS mostlyclean-noinstPROGRAMS \ +distclean-noinstPROGRAMS clean-noinstPROGRAMS \ +maintainer-clean-noinstPROGRAMS uninstall-includeHEADERS \ +install-includeHEADERS tags mostlyclean-tags distclean-tags clean-tags \ +maintainer-clean-tags distdir check-TESTS info-am info dvi-am dvi \ +check-local check check-am installcheck-am installcheck install-exec-am \ +install-exec install-data-local install-data-am install-data install-am \ +install uninstall-am uninstall all-local all-redirect all-am all \ +installdirs mostlyclean-generic distclean-generic clean-generic \ +maintainer-clean-generic clean mostlyclean distclean maintainer-clean + + +install-suid-programs: + @foo='$(bin_SUIDS)'; \ + for file in $$foo; do \ + x=$(DESTDIR)$(bindir)/$$file; \ + if chown 0:0 $$x && chmod u+s $$x; then :; else \ + chmod 0 $$x; fi; done + +install-exec-hook: install-suid-programs + +install-build-headers:: $(include_HEADERS) $(build_HEADERZ) + @foo='$(include_HEADERS) $(build_HEADERZ)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " cp $$file $(buildinclude)/$$f"; \ + cp $$file $(buildinclude)/$$f; \ + fi ; \ + done + +all-local: install-build-headers +#NROFF_MAN = nroff -man +.1.cat1: + $(NROFF_MAN) $< > $@ +.3.cat3: + $(NROFF_MAN) $< > $@ +.5.cat5: + $(NROFF_MAN) $< > $@ +.8.cat8: + $(NROFF_MAN) $< > $@ + +dist-cat1-mans: + @foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat3-mans: + @foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat5-mans: + @foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat8-mans: + @foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans + +install-cat1-mans: + @ext=1;\ + foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat3-mans: + @ext=3;\ + foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat5-mans: + @ext=5;\ + foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat8-mans: + @ext=8;\ + foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans + +install-data-local: install-cat-mans + +.et.h: + $(COMPILE_ET) $< +.et.c: + $(COMPILE_ET) $< + +.x.c: + @cmp -s $< $@ 2> /dev/null || cp $< $@ + +check-local:: + @foo='$(CHECK_LOCAL)'; \ + if test "$$foo"; then \ + failed=0; all=0; \ + for i in $$foo; do \ + all=`expr $$all + 1`; \ + if ./$$i --version > /dev/null 2>&1; then \ + echo "PASS: $$i"; \ + else \ + echo "FAIL: $$i"; \ + failed=`expr $$failed + 1`; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0; \ + fi + +$(LTLIBOBJS) $(libroken_la_OBJECTS): roken.h + +roken.h: make-roken$(EXEEXT) + @./make-roken$(EXEEXT) > tmp.h ;\ + if [ -f roken.h ] && cmp -s tmp.h roken.h ; then rm -f tmp.h ; \ + else rm -f roken.h; mv tmp.h roken.h; fi + +make-roken.c: roken.h.in roken.awk + $(AWK) -f $(srcdir)/roken.awk $(srcdir)/roken.h.in > make-roken.c + +print_version.lo: print_version.h + +print_version.h: make-print-version$(EXEEXT) + ./make-print-version$(EXEEXT) print_version.h + +make-print-version.o: $(top_builddir)/include/version.h + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/crypto/heimdal/lib/roken/base64.c b/crypto/heimdal/lib/roken/base64.c new file mode 100644 index 0000000..daed869 --- /dev/null +++ b/crypto/heimdal/lib/roken/base64.c @@ -0,0 +1,146 @@ +/* + * Copyright (c) 1995 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: base64.c,v 1.4 1999/12/02 16:58:45 joda Exp $"); +#endif +#include <stdlib.h> +#include <string.h> +#include "base64.h" + +static char base64[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; + +static int pos(char c) +{ + char *p; + for(p = base64; *p; p++) + if(*p == c) + return p - base64; + return -1; +} + +int base64_encode(const void *data, int size, char **str) +{ + char *s, *p; + int i; + int c; + const unsigned char *q; + + p = s = (char*)malloc(size*4/3+4); + if (p == NULL) + return -1; + q = (const unsigned char*)data; + i=0; + for(i = 0; i < size;){ + c=q[i++]; + c*=256; + if(i < size) + c+=q[i]; + i++; + c*=256; + if(i < size) + c+=q[i]; + i++; + p[0]=base64[(c&0x00fc0000) >> 18]; + p[1]=base64[(c&0x0003f000) >> 12]; + p[2]=base64[(c&0x00000fc0) >> 6]; + p[3]=base64[(c&0x0000003f) >> 0]; + if(i > size) + p[3]='='; + if(i > size+1) + p[2]='='; + p+=4; + } + *p=0; + *str = s; + return strlen(s); +} + +int base64_decode(const char *str, void *data) +{ + const char *p; + unsigned char *q; + int c; + int x; + int done = 0; + q=(unsigned char*)data; + for(p=str; *p && !done; p+=4){ + x = pos(p[0]); + if(x >= 0) + c = x; + else{ + done = 3; + break; + } + c*=64; + + x = pos(p[1]); + if(x >= 0) + c += x; + else + return -1; + c*=64; + + if(p[2] == '=') + done++; + else{ + x = pos(p[2]); + if(x >= 0) + c += x; + else + return -1; + } + c*=64; + + if(p[3] == '=') + done++; + else{ + if(done) + return -1; + x = pos(p[3]); + if(x >= 0) + c += x; + else + return -1; + } + if(done < 3) + *q++=(c&0x00ff0000)>>16; + + if(done < 2) + *q++=(c&0x0000ff00)>>8; + if(done < 1) + *q++=(c&0x000000ff)>>0; + } + return q - (unsigned char*)data; +} diff --git a/crypto/heimdal/lib/roken/base64.h b/crypto/heimdal/lib/roken/base64.h new file mode 100644 index 0000000..5ad1e3b --- /dev/null +++ b/crypto/heimdal/lib/roken/base64.h @@ -0,0 +1,42 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: base64.h,v 1.2 1999/12/02 16:58:45 joda Exp $ */ + +#ifndef _BASE64_H_ +#define _BASE64_H_ + +int base64_encode(const void *data, int size, char **str); +int base64_decode(const char *str, void *data); + +#endif diff --git a/crypto/heimdal/lib/roken/chown.c b/crypto/heimdal/lib/roken/chown.c new file mode 100644 index 0000000..f3d34e3 --- /dev/null +++ b/crypto/heimdal/lib/roken/chown.c @@ -0,0 +1,45 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: chown.c,v 1.3 1999/12/02 16:58:45 joda Exp $"); +#endif + +#include "roken.h" + +int +chown(const char *path, uid_t owner, gid_t group) +{ + return 0; +} diff --git a/crypto/heimdal/lib/roken/concat.c b/crypto/heimdal/lib/roken/concat.c new file mode 100644 index 0000000..ca295c0 --- /dev/null +++ b/crypto/heimdal/lib/roken/concat.c @@ -0,0 +1,112 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: concat.c,v 1.4 1999/12/02 16:58:45 joda Exp $"); +#endif +#include "roken.h" + +int +roken_concat (char *s, size_t len, ...) +{ + int ret; + va_list args; + + va_start(args, len); + ret = roken_vconcat (s, len, args); + va_end(args); + return ret; +} + +int +roken_vconcat (char *s, size_t len, va_list args) +{ + const char *a; + + while ((a = va_arg(args, const char*))) { + size_t n = strlen (a); + + if (n >= len) + return -1; + memcpy (s, a, n); + s += n; + len -= n; + } + *s = '\0'; + return 0; +} + +size_t +roken_vmconcat (char **s, size_t max_len, va_list args) +{ + const char *a; + char *p, *q; + size_t len = 0; + *s = NULL; + p = malloc(1); + if(p == NULL) + return 0; + len = 1; + while ((a = va_arg(args, const char*))) { + size_t n = strlen (a); + + if(max_len && len + n > max_len){ + free(p); + return 0; + } + q = realloc(p, len + n); + if(q == NULL){ + free(p); + return 0; + } + p = q; + memcpy (p + len - 1, a, n); + len += n; + } + p[len - 1] = '\0'; + *s = p; + return len; +} + +size_t +roken_mconcat (char **s, size_t max_len, ...) +{ + int ret; + va_list args; + + va_start(args, max_len); + ret = roken_vmconcat (s, max_len, args); + va_end(args); + return ret; +} diff --git a/crypto/heimdal/lib/roken/copyhostent.c b/crypto/heimdal/lib/roken/copyhostent.c new file mode 100644 index 0000000..a3be6db --- /dev/null +++ b/crypto/heimdal/lib/roken/copyhostent.c @@ -0,0 +1,102 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: copyhostent.c,v 1.2 1999/12/02 16:58:45 joda Exp $"); +#endif + +#include "roken.h" + +/* + * return a malloced copy of `h' + */ + +struct hostent * +copyhostent (const struct hostent *h) +{ + struct hostent *res; + char **p; + int i, n; + + res = malloc (sizeof (*res)); + if (res == NULL) + return NULL; + res->h_name = NULL; + res->h_aliases = NULL; + res->h_addrtype = h->h_addrtype; + res->h_length = h->h_length; + res->h_addr_list = NULL; + res->h_name = strdup (h->h_name); + if (res->h_name == NULL) { + freehostent (res); + return NULL; + } + for (n = 0, p = h->h_aliases; *p != NULL; ++p) + ++n; + res->h_aliases = malloc ((n + 1) * sizeof(*res->h_aliases)); + if (res->h_aliases == NULL) { + freehostent (res); + return NULL; + } + for (i = 0; i < n + 1; ++i) + res->h_aliases[i] = NULL; + for (i = 0; i < n; ++i) { + res->h_aliases[i] = strdup (h->h_aliases[i]); + if (res->h_aliases[i] == NULL) { + freehostent (res); + return NULL; + } + } + + for (n = 0, p = h->h_addr_list; *p != NULL; ++p) + ++n; + res->h_addr_list = malloc ((n + 1) * sizeof(*res->h_addr_list)); + if (res->h_addr_list == NULL) { + freehostent (res); + return NULL; + } + for (i = 0; i < n + 1; ++i) { + res->h_addr_list[i] = NULL; + } + for (i = 0; i < n; ++i) { + res->h_addr_list[i] = malloc (h->h_length); + if (res->h_addr_list[i] == NULL) { + freehostent (res); + return NULL; + } + memcpy (res->h_addr_list[i], h->h_addr_list[i], h->h_length); + } + return res; +} + diff --git a/crypto/heimdal/lib/roken/daemon.c b/crypto/heimdal/lib/roken/daemon.c new file mode 100644 index 0000000..758856c --- /dev/null +++ b/crypto/heimdal/lib/roken/daemon.c @@ -0,0 +1,88 @@ +/*- + * Copyright (c) 1990, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#if defined(LIBC_SCCS) && !defined(lint) +static char sccsid[] = "@(#)daemon.c 8.1 (Berkeley) 6/4/93"; +#endif /* LIBC_SCCS and not lint */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + +RCSID("$Id: daemon.c,v 1.3 1997/10/04 21:55:48 joda Exp $"); + +#ifndef HAVE_DAEMON + +#ifdef HAVE_FCNTL_H +#include <fcntl.h> +#endif +#ifdef HAVE_PATHS_H +#include <paths.h> +#endif +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif + +#include "roken.h" + +int +daemon(int nochdir, int noclose) +{ + int fd; + + switch (fork()) { + case -1: + return (-1); + case 0: + break; + default: + _exit(0); + } + + if (setsid() == -1) + return (-1); + + if (!nochdir) + chdir("/"); + + if (!noclose && (fd = open(_PATH_DEVNULL, O_RDWR, 0)) != -1) { + dup2(fd, STDIN_FILENO); + dup2(fd, STDOUT_FILENO); + dup2(fd, STDERR_FILENO); + if (fd > 2) + close (fd); + } + return (0); +} + +#endif /* HAVE_DAEMON */ diff --git a/crypto/heimdal/lib/roken/emalloc.c b/crypto/heimdal/lib/roken/emalloc.c new file mode 100644 index 0000000..bbea1e0 --- /dev/null +++ b/crypto/heimdal/lib/roken/emalloc.c @@ -0,0 +1,56 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: emalloc.c,v 1.4 1999/12/02 16:58:45 joda Exp $"); +#endif + +#include <stdlib.h> +#include <err.h> + +#include <roken.h> + +/* + * Like malloc but never fails. + */ + +void * +emalloc (size_t sz) +{ + void *tmp = malloc (sz); + + if (tmp == NULL && sz != 0) + err (1, "malloc %lu", (unsigned long)sz); + return tmp; +} diff --git a/crypto/heimdal/lib/roken/eread.c b/crypto/heimdal/lib/roken/eread.c new file mode 100644 index 0000000..9a1b24b --- /dev/null +++ b/crypto/heimdal/lib/roken/eread.c @@ -0,0 +1,57 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: eread.c,v 1.2 1999/12/02 16:58:45 joda Exp $"); +#endif + +#include <unistd.h> +#include <err.h> + +#include <roken.h> + +/* + * Like read but never fails (and never returns partial data). + */ + +ssize_t +eread (int fd, void *buf, size_t nbytes) +{ + ssize_t ret; + + ret = net_read (fd, buf, nbytes); + if (ret < 0) + err (1, "read"); + return ret; +} diff --git a/crypto/heimdal/lib/roken/erealloc.c b/crypto/heimdal/lib/roken/erealloc.c new file mode 100644 index 0000000..8afa8f3 --- /dev/null +++ b/crypto/heimdal/lib/roken/erealloc.c @@ -0,0 +1,56 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: erealloc.c,v 1.4 1999/12/02 16:58:45 joda Exp $"); +#endif + +#include <stdlib.h> +#include <err.h> + +#include <roken.h> + +/* + * Like realloc but never fails. + */ + +void * +erealloc (void *ptr, size_t sz) +{ + void *tmp = realloc (ptr, sz); + + if (tmp == NULL && sz != 0) + err (1, "realloc %lu", (unsigned long)sz); + return tmp; +} diff --git a/crypto/heimdal/lib/roken/err.c b/crypto/heimdal/lib/roken/err.c new file mode 100644 index 0000000..29b1f7b --- /dev/null +++ b/crypto/heimdal/lib/roken/err.c @@ -0,0 +1,48 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: err.c,v 1.6 1999/12/02 16:58:45 joda Exp $"); +#endif + +#include "err.h" + +void +err(int eval, const char *fmt, ...) +{ + va_list ap; + va_start(ap, fmt); + verr(eval, fmt, ap); + va_end(ap); +} diff --git a/crypto/heimdal/lib/roken/err.h b/crypto/heimdal/lib/roken/err.h new file mode 100644 index 0000000..b0b649f --- /dev/null +++ b/crypto/heimdal/lib/roken/err.h @@ -0,0 +1,71 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: err.h,v 1.15 1999/12/02 16:58:45 joda Exp $ */ + +#ifndef __ERR_H__ +#define __ERR_H__ + +#include <errno.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <stdarg.h> + +extern const char *__progname; + +#if !defined(__GNUC__) && !defined(__attribute__) +#define __attribute__(x) +#endif + +void warnerr(int doerrno, const char *fmt, va_list ap) + __attribute__ ((format (printf, 2, 0))); + +void verr(int eval, const char *fmt, va_list ap) + __attribute__ ((noreturn, format (printf, 2, 0))); +void err(int eval, const char *fmt, ...) + __attribute__ ((noreturn, format (printf, 2, 3))); +void verrx(int eval, const char *fmt, va_list ap) + __attribute__ ((noreturn, format (printf, 2, 0))); +void errx(int eval, const char *fmt, ...) + __attribute__ ((noreturn, format (printf, 2, 3))); +void vwarn(const char *fmt, va_list ap) + __attribute__ ((format (printf, 1, 0))); +void warn(const char *fmt, ...) + __attribute__ ((format (printf, 1, 2))); +void vwarnx(const char *fmt, va_list ap) + __attribute__ ((format (printf, 1, 0))); +void warnx(const char *fmt, ...) + __attribute__ ((format (printf, 1, 2))); + +#endif /* __ERR_H__ */ diff --git a/crypto/heimdal/lib/roken/errx.c b/crypto/heimdal/lib/roken/errx.c new file mode 100644 index 0000000..2f8ec18 --- /dev/null +++ b/crypto/heimdal/lib/roken/errx.c @@ -0,0 +1,48 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: errx.c,v 1.6 1999/12/02 16:58:45 joda Exp $"); +#endif + +#include "err.h" + +void +errx(int eval, const char *fmt, ...) +{ + va_list ap; + va_start(ap, fmt); + verrx(eval, fmt, ap); + va_end(ap); +} diff --git a/crypto/heimdal/lib/roken/estrdup.c b/crypto/heimdal/lib/roken/estrdup.c new file mode 100644 index 0000000..8c0d9a7 --- /dev/null +++ b/crypto/heimdal/lib/roken/estrdup.c @@ -0,0 +1,56 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: estrdup.c,v 1.2 1999/12/02 16:58:45 joda Exp $"); +#endif + +#include <stdlib.h> +#include <err.h> + +#include <roken.h> + +/* + * Like strdup but never fails. + */ + +char * +estrdup (const char *str) +{ + char *tmp = strdup (str); + + if (tmp == NULL) + err (1, "strdup"); + return tmp; +} diff --git a/crypto/heimdal/lib/roken/ewrite.c b/crypto/heimdal/lib/roken/ewrite.c new file mode 100644 index 0000000..b2c43de --- /dev/null +++ b/crypto/heimdal/lib/roken/ewrite.c @@ -0,0 +1,57 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: ewrite.c,v 1.2 1999/12/02 16:58:45 joda Exp $"); +#endif + +#include <unistd.h> +#include <err.h> + +#include <roken.h> + +/* + * Like write but never fails (and never returns partial data). + */ + +ssize_t +ewrite (int fd, const void *buf, size_t nbytes) +{ + ssize_t ret; + + ret = net_write (fd, buf, nbytes); + if (ret < 0) + err (1, "write"); + return ret; +} diff --git a/crypto/heimdal/lib/roken/fchown.c b/crypto/heimdal/lib/roken/fchown.c new file mode 100644 index 0000000..61e8546 --- /dev/null +++ b/crypto/heimdal/lib/roken/fchown.c @@ -0,0 +1,45 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: fchown.c,v 1.3 1999/12/02 16:58:46 joda Exp $"); +#endif + +#include "roken.h" + +int +fchown(int fd, uid_t owner, gid_t group) +{ + return 0; +} diff --git a/crypto/heimdal/lib/roken/flock.c b/crypto/heimdal/lib/roken/flock.c new file mode 100644 index 0000000..13da4f4 --- /dev/null +++ b/crypto/heimdal/lib/roken/flock.c @@ -0,0 +1,87 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + +#ifndef HAVE_FLOCK +RCSID("$Id: flock.c,v 1.4 1999/12/02 16:58:46 joda Exp $"); + +#include "roken.h" + + +#define OP_MASK (LOCK_SH | LOCK_EX | LOCK_UN) + +int +flock(int fd, int operation) +{ +#if defined(HAVE_FCNTL) && defined(F_SETLK) + struct flock arg; + int code, cmd; + + arg.l_whence = SEEK_SET; + arg.l_start = 0; + arg.l_len = 0; /* means to EOF */ + + if (operation & LOCK_NB) + cmd = F_SETLK; + else + cmd = F_SETLKW; /* Blocking */ + + switch (operation & OP_MASK) { + case LOCK_UN: + arg.l_type = F_UNLCK; + code = fcntl(fd, F_SETLK, &arg); + break; + case LOCK_SH: + arg.l_type = F_RDLCK; + code = fcntl(fd, cmd, &arg); + break; + case LOCK_EX: + arg.l_type = F_WRLCK; + code = fcntl(fd, cmd, &arg); + break; + default: + errno = EINVAL; + code = -1; + break; + } + return code; +#else + return -1; +#endif +} + +#endif + diff --git a/crypto/heimdal/lib/roken/fnmatch.c b/crypto/heimdal/lib/roken/fnmatch.c new file mode 100644 index 0000000..dc01d6e --- /dev/null +++ b/crypto/heimdal/lib/roken/fnmatch.c @@ -0,0 +1,173 @@ +/* $NetBSD: fnmatch.c,v 1.11 1995/02/27 03:43:06 cgd Exp $ */ + +/* + * Copyright (c) 1989, 1993, 1994 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Guido van Rossum. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#if defined(LIBC_SCCS) && !defined(lint) +#if 0 +static char sccsid[] = "@(#)fnmatch.c 8.2 (Berkeley) 4/16/94"; +#else +static char rcsid[] = "$NetBSD: fnmatch.c,v 1.11 1995/02/27 03:43:06 cgd Exp $"; +#endif +#endif /* LIBC_SCCS and not lint */ + +/* + * Function fnmatch() as specified in POSIX 1003.2-1992, section B.6. + * Compares a filename or pathname to a pattern. + */ + +#include <fnmatch.h> +#include <string.h> + +#define EOS '\0' + +static const char *rangematch (const char *, int, int); + +int +fnmatch(const char *pattern, const char *string, int flags) +{ + const char *stringstart; + char c, test; + + for (stringstart = string;;) + switch (c = *pattern++) { + case EOS: + return (*string == EOS ? 0 : FNM_NOMATCH); + case '?': + if (*string == EOS) + return (FNM_NOMATCH); + if (*string == '/' && (flags & FNM_PATHNAME)) + return (FNM_NOMATCH); + if (*string == '.' && (flags & FNM_PERIOD) && + (string == stringstart || + ((flags & FNM_PATHNAME) && *(string - 1) == '/'))) + return (FNM_NOMATCH); + ++string; + break; + case '*': + c = *pattern; + /* Collapse multiple stars. */ + while (c == '*') + c = *++pattern; + + if (*string == '.' && (flags & FNM_PERIOD) && + (string == stringstart || + ((flags & FNM_PATHNAME) && *(string - 1) == '/'))) + return (FNM_NOMATCH); + + /* Optimize for pattern with * at end or before /. */ + if (c == EOS) + if (flags & FNM_PATHNAME) + return (strchr(string, '/') == NULL ? + 0 : FNM_NOMATCH); + else + return (0); + else if (c == '/' && flags & FNM_PATHNAME) { + if ((string = strchr(string, '/')) == NULL) + return (FNM_NOMATCH); + break; + } + + /* General case, use recursion. */ + while ((test = *string) != EOS) { + if (!fnmatch(pattern, string, flags & ~FNM_PERIOD)) + return (0); + if (test == '/' && flags & FNM_PATHNAME) + break; + ++string; + } + return (FNM_NOMATCH); + case '[': + if (*string == EOS) + return (FNM_NOMATCH); + if (*string == '/' && flags & FNM_PATHNAME) + return (FNM_NOMATCH); + if ((pattern = + rangematch(pattern, *string, flags)) == NULL) + return (FNM_NOMATCH); + ++string; + break; + case '\\': + if (!(flags & FNM_NOESCAPE)) { + if ((c = *pattern++) == EOS) { + c = '\\'; + --pattern; + } + } + /* FALLTHROUGH */ + default: + if (c != *string++) + return (FNM_NOMATCH); + break; + } + /* NOTREACHED */ +} + +static const char * +rangematch(const char *pattern, int test, int flags) +{ + int negate, ok; + char c, c2; + + /* + * A bracket expression starting with an unquoted circumflex + * character produces unspecified results (IEEE 1003.2-1992, + * 3.13.2). This implementation treats it like '!', for + * consistency with the regular expression syntax. + * J.T. Conklin (conklin@ngai.kaleida.com) + */ + if (negate = (*pattern == '!' || *pattern == '^')) + ++pattern; + + for (ok = 0; (c = *pattern++) != ']';) { + if (c == '\\' && !(flags & FNM_NOESCAPE)) + c = *pattern++; + if (c == EOS) + return (NULL); + if (*pattern == '-' + && (c2 = *(pattern+1)) != EOS && c2 != ']') { + pattern += 2; + if (c2 == '\\' && !(flags & FNM_NOESCAPE)) + c2 = *pattern++; + if (c2 == EOS) + return (NULL); + if (c <= test && test <= c2) + ok = 1; + } else if (c == test) + ok = 1; + } + return (ok == negate ? NULL : pattern); +} diff --git a/crypto/heimdal/lib/roken/fnmatch.h b/crypto/heimdal/lib/roken/fnmatch.h new file mode 100644 index 0000000..95c91d6 --- /dev/null +++ b/crypto/heimdal/lib/roken/fnmatch.h @@ -0,0 +1,49 @@ +/* $NetBSD: fnmatch.h,v 1.5 1994/10/26 00:55:53 cgd Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)fnmatch.h 8.1 (Berkeley) 6/2/93 + */ + +#ifndef _FNMATCH_H_ +#define _FNMATCH_H_ + +#define FNM_NOMATCH 1 /* Match failed. */ + +#define FNM_NOESCAPE 0x01 /* Disable backslash escaping. */ +#define FNM_PATHNAME 0x02 /* Slash must be matched by slash. */ +#define FNM_PERIOD 0x04 /* Period must be matched by period. */ + +int fnmatch (const char *, const char *, int); + +#endif /* !_FNMATCH_H_ */ diff --git a/crypto/heimdal/lib/roken/freeaddrinfo.c b/crypto/heimdal/lib/roken/freeaddrinfo.c new file mode 100644 index 0000000..f963d15 --- /dev/null +++ b/crypto/heimdal/lib/roken/freeaddrinfo.c @@ -0,0 +1,52 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: freeaddrinfo.c,v 1.2 1999/12/03 04:10:06 assar Exp $"); +#endif + +#include "roken.h" + +/* + * free the list of `struct addrinfo' starting at `ai' + */ + +void +freeaddrinfo(struct addrinfo *ai) +{ + for (; ai != NULL; ai = ai->ai_next) { + free (ai->ai_canonname); + free (ai->ai_addr); + } +} diff --git a/crypto/heimdal/lib/roken/freehostent.c b/crypto/heimdal/lib/roken/freehostent.c new file mode 100644 index 0000000..0cd92cd --- /dev/null +++ b/crypto/heimdal/lib/roken/freehostent.c @@ -0,0 +1,62 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: freehostent.c,v 1.2 1999/12/02 16:58:46 joda Exp $"); +#endif + +#include "roken.h" + +/* + * free a malloced hostent + */ + +void +freehostent (struct hostent *h) +{ + char **p; + + free (h->h_name); + if (h->h_aliases != NULL) { + for (p = h->h_aliases; *p != NULL; ++p) + free (*p); + free (h->h_aliases); + } + if (h->h_addr_list != NULL) { + for (p = h->h_addr_list; *p != NULL; ++p) + free (*p); + free (h->h_addr_list); + } + free (h); +} diff --git a/crypto/heimdal/lib/roken/gai_strerror.c b/crypto/heimdal/lib/roken/gai_strerror.c new file mode 100644 index 0000000..07f7c39 --- /dev/null +++ b/crypto/heimdal/lib/roken/gai_strerror.c @@ -0,0 +1,73 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: gai_strerror.c,v 1.2 1999/12/03 04:10:06 assar Exp $"); +#endif + +#include "roken.h" + +static struct gai_error { + int code; + char *str; +} errors[] = { +{EAI_NOERROR, "no error"}, +{EAI_ADDRFAMILY, "address family for nodename not supported"}, +{EAI_AGAIN, "temporary failure in name resolution"}, +{EAI_BADFLAGS, "invalid value for ai_flags"}, +{EAI_FAIL, "non-recoverable failure in name resolution"}, +{EAI_FAMILY, "ai_family not supported"}, +{EAI_MEMORY, "memory allocation failure"}, +{EAI_NODATA, "no address associated with nodename"}, +{EAI_NONAME, "nodename nor servname provided, or not known"}, +{EAI_SERVICE, "servname not supported for ai_socktype"}, +{EAI_SOCKTYPE, "ai_socktype not supported"}, +{EAI_SYSTEM, "system error returned in errno"}, +{0, NULL}, +}; + +/* + * + */ + +char * +gai_strerror(int ecode) +{ + struct gai_error *g; + + for (g = errors; g->str != NULL; ++g) + if (g->code == ecode) + return g->str; + return "unknown error code in gai_strerror"; +} diff --git a/crypto/heimdal/lib/roken/get_default_username.c b/crypto/heimdal/lib/roken/get_default_username.c new file mode 100644 index 0000000..10b0863 --- /dev/null +++ b/crypto/heimdal/lib/roken/get_default_username.c @@ -0,0 +1,80 @@ +/* + * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: get_default_username.c,v 1.3 1999/12/02 16:58:46 joda Exp $"); +#endif /* HAVE_CONFIG_H */ + +#include "roken.h" + +/* + * Try to return what should be considered the default username or + * NULL if we can't guess at all. + */ + +const char * +get_default_username (void) +{ + const char *user; + + user = getenv ("USER"); + if (user == NULL) + user = getenv ("LOGNAME"); + if (user == NULL) + user = getenv ("USERNAME"); + +#if defined(HAVE_GETLOGIN) && !defined(POSIX_GETLOGIN) + if (user == NULL) { + user = (const char *)getlogin (); + if (user != NULL) + return user; + } +#endif +#ifdef HAVE_PWD_H + { + uid_t uid = getuid (); + struct passwd *pwd; + + if (user != NULL) { + pwd = k_getpwnam (user); + if (pwd != NULL && pwd->pw_uid == uid) + return user; + } + pwd = k_getpwuid (uid); + if (pwd != NULL) + return pwd->pw_name; + } +#endif + return user; +} diff --git a/crypto/heimdal/lib/roken/get_window_size.c b/crypto/heimdal/lib/roken/get_window_size.c new file mode 100644 index 0000000..4eff8d2 --- /dev/null +++ b/crypto/heimdal/lib/roken/get_window_size.c @@ -0,0 +1,102 @@ +/* + * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: get_window_size.c,v 1.9 1999/12/02 16:58:46 joda Exp $"); +#endif + +#include <stdlib.h> +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif + +#if 0 /* Where were those needed? /confused */ +#ifdef HAVE_SYS_PROC_H +#include <sys/proc.h> +#endif + +#ifdef HAVE_SYS_TTY_H +#include <sys/tty.h> +#endif +#endif + +#ifdef HAVE_TERMIOS_H +#include <termios.h> +#endif + +#include <roken.h> + +int +get_window_size(int fd, struct winsize *wp) +{ + int ret = -1; + + memset(wp, 0, sizeof(*wp)); + +#if defined(TIOCGWINSZ) + ret = ioctl(fd, TIOCGWINSZ, wp); +#elif defined(TIOCGSIZE) + { + struct ttysize ts; + + ret = ioctl(fd, TIOCGSIZE, &ts); + if(ret == 0) { + wp->ws_row = ts.ts_lines; + wp->ws_col = ts.ts_cols; + } + } +#elif defined(HAVE__SCRSIZE) + { + int dst[2]; + + _scrsize(dst); + wp->ws_row = dst[1]; + wp->ws_col = dst[0]; + ret = 0; + } +#endif + if (ret != 0) { + char *s; + if((s = getenv("COLUMNS"))) + wp->ws_col = atoi(s); + if((s = getenv("LINES"))) + wp->ws_row = atoi(s); + if(wp->ws_col > 0 && wp->ws_row > 0) + ret = 0; + } + return ret; +} diff --git a/crypto/heimdal/lib/roken/getaddrinfo-test.c b/crypto/heimdal/lib/roken/getaddrinfo-test.c new file mode 100644 index 0000000..ede9c95 --- /dev/null +++ b/crypto/heimdal/lib/roken/getaddrinfo-test.c @@ -0,0 +1,144 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: getaddrinfo-test.c,v 1.2 1999/12/03 04:10:07 assar Exp $"); +#endif + +#include "roken.h" +#include "getarg.h" + +static int flags; +static int family; +static int socktype; + +static int version_flag; +static int help_flag; + +static struct getargs args[] = { + {"flags", 0, arg_integer, &flags, "flags", NULL}, + {"family", 0, arg_integer, &family, "family", NULL}, + {"socktype",0, arg_integer, &socktype, "socktype", NULL}, + {"version", 0, arg_flag, &version_flag, "print version",NULL}, + {"help", 0, arg_flag, &help_flag, NULL, NULL} +}; + +static void +usage(int ret) +{ + arg_printusage (args, + sizeof(args) / sizeof(args[0]), + NULL, + "[nodename servname...]"); + exit (ret); +} + +static void +doit (const char *nodename, const char *servname) +{ + struct addrinfo hints; + struct addrinfo *res, *r; + int ret; + + printf ("(%s,%s)... ", nodename ? nodename : "null", servname); + + memset (&hints, 0, sizeof(hints)); + hints.ai_flags = flags; + hints.ai_family = family; + hints.ai_socktype = socktype; + + ret = getaddrinfo (nodename, servname, &hints, &res); + if (ret) { + printf ("error: %s\n", gai_strerror(ret)); + return; + } + printf ("\n"); + + for (r = res; r != NULL; r = r->ai_next) { + char addrstr[256]; + + if (inet_ntop (r->ai_family, + socket_get_address (r->ai_addr), + addrstr, sizeof(addrstr)) == NULL) { + printf ("\tbad address?\n"); + continue; + } + printf ("\t(family = %d, socktype = %d, protocol = %d, " + "address = \"%s\", port = %d", + r->ai_family, r->ai_socktype, r->ai_protocol, + addrstr, + ntohs(socket_get_port (r->ai_addr))); + if (r->ai_canonname) + printf (", canonname = \"%s\"", r->ai_canonname); + printf ("\n"); + } + freeaddrinfo (res); +} + +int +main(int argc, char **argv) +{ + int optind = 0; + int i; + + set_progname (argv[0]); + + if (getarg (args, sizeof(args) / sizeof(args[0]), argc, argv, + &optind)) + usage (1); + + if (help_flag) + usage (0); + + if (version_flag) { + print_version (NULL); + return 0; + } + + argc -= optind; + argv += optind; + + if (argc % 2 != 0) + usage (1); + + for (i = 0; i < argc; i += 2) { + const char *nodename = argv[i]; + + if (strcmp (nodename, "null") == 0) + nodename = NULL; + + doit (nodename, argv[i+1]); + } + return 0; +} diff --git a/crypto/heimdal/lib/roken/getaddrinfo.c b/crypto/heimdal/lib/roken/getaddrinfo.c new file mode 100644 index 0000000..db18742 --- /dev/null +++ b/crypto/heimdal/lib/roken/getaddrinfo.c @@ -0,0 +1,400 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: getaddrinfo.c,v 1.6 1999/12/20 00:56:44 assar Exp $"); +#endif + +#include "roken.h" + +/* + * uses hints->ai_socktype and hints->ai_protocol + */ + +static int +get_port_protocol_socktype (const char *servname, + const struct addrinfo *hints, + int *port, + int *protocol, + int *socktype) +{ + struct servent *se; + const char *proto_str = NULL; + + *socktype = 0; + + if (hints != NULL && hints->ai_protocol != 0) { + struct protoent *protoent = getprotobynumber (hints->ai_protocol); + + if (protoent == NULL) + return EAI_SOCKTYPE; /* XXX */ + + proto_str = protoent->p_name; + *protocol = protoent->p_proto; + } + + if (hints != NULL) + *socktype = hints->ai_socktype; + + if (*socktype == SOCK_STREAM) { + se = getservbyname (servname, proto_str ? proto_str : "tcp"); + if (proto_str == NULL) + *protocol = IPPROTO_TCP; + } else if (*socktype == SOCK_DGRAM) { + se = getservbyname (servname, proto_str ? proto_str : "udp"); + if (proto_str == NULL) + *protocol = IPPROTO_UDP; + } else if (*socktype == 0) { + if (proto_str != NULL) { + se = getservbyname (servname, proto_str); + } else { + se = getservbyname (servname, "tcp"); + *protocol = IPPROTO_TCP; + *socktype = SOCK_STREAM; + if (se == NULL) { + se = getservbyname (servname, "udp"); + *protocol = IPPROTO_UDP; + *socktype = SOCK_DGRAM; + } + } + } else + return EAI_SOCKTYPE; + + if (se == NULL) { + char *endstr; + + *port = htons(strtol (servname, &endstr, 10)); + if (servname == endstr) + return EAI_NONAME; + } else { + *port = se->s_port; + } + return 0; +} + +static int +add_one (int port, int protocol, int socktype, + struct addrinfo ***ptr, + int (*func)(struct addrinfo *, void *data, int port), + void *data, + char *canonname) +{ + struct addrinfo *a; + int ret; + + a = malloc (sizeof (*a)); + if (a == NULL) + return EAI_MEMORY; + memset (a, 0, sizeof(*a)); + a->ai_flags = 0; + a->ai_next = NULL; + a->ai_protocol = protocol; + a->ai_socktype = socktype; + a->ai_canonname = canonname; + ret = (*func)(a, data, port); + if (ret) { + free (a); + return ret; + } + **ptr = a; + *ptr = &a->ai_next; + return 0; +} + +static int +const_v4 (struct addrinfo *a, void *data, int port) +{ + struct sockaddr_in *sin; + struct in_addr *addr = (struct in_addr *)data; + + a->ai_family = PF_INET; + a->ai_addrlen = sizeof(*sin); + a->ai_addr = malloc (sizeof(*sin)); + if (a->ai_addr == NULL) + return EAI_MEMORY; + sin = (struct sockaddr_in *)a->ai_addr; + memset (sin, 0, sizeof(*sin)); + sin->sin_family = AF_INET; + sin->sin_port = port; + sin->sin_addr = *addr; + return 0; +} + +#ifdef HAVE_IPV6 +static int +const_v6 (struct addrinfo *a, void *data, int port) +{ + struct sockaddr_in6 *sin6; + struct in6_addr *addr = (struct in6_addr *)data; + + a->ai_family = PF_INET6; + a->ai_addrlen = sizeof(*sin6); + a->ai_addr = malloc (sizeof(*sin6)); + if (a->ai_addr == NULL) + return EAI_MEMORY; + sin6 = (struct sockaddr_in6 *)a->ai_addr; + memset (sin6, 0, sizeof(*sin6)); + sin6->sin6_family = AF_INET6; + sin6->sin6_port = port; + sin6->sin6_addr = *addr; + return 0; +} +#endif + +static int +get_null (const struct addrinfo *hints, + int port, int protocol, int socktype, + struct addrinfo **res) +{ + struct in_addr v4_addr; +#ifdef HAVE_IPV6 + struct in6_addr v6_addr; +#endif + struct addrinfo *first = NULL; + struct addrinfo **current = &first; + int family = PF_UNSPEC; + int ret; + + if (hints != NULL) + family = hints->ai_family; + + if (hints && hints->ai_flags & AI_PASSIVE) { + v4_addr.s_addr = INADDR_ANY; +#ifdef HAVE_IPV6 + v6_addr = in6addr_any; +#endif + } else { + v4_addr.s_addr = htonl(INADDR_LOOPBACK); +#ifdef HAVE_IPV6 + v6_addr = in6addr_loopback; +#endif + } + +#ifdef HAVE_IPV6 + if (family == PF_INET6 || family == PF_UNSPEC) { + ret = add_one (port, protocol, socktype, + ¤t, const_v6, &v6_addr, NULL); + } +#endif + if (family == PF_INET || family == PF_UNSPEC) { + ret = add_one (port, protocol, socktype, + ¤t, const_v4, &v4_addr, NULL); + } + *res = first; + return 0; +} + +static int +add_hostent (int port, int protocol, int socktype, + struct addrinfo ***current, + int (*func)(struct addrinfo *, void *data, int port), + struct hostent *he, int *flags) +{ + char **h; + int ret; + char *canonname = NULL; + + if (*flags & AI_CANONNAME) { + canonname = he->h_name; + + if (strchr (he->h_name, '.') == NULL) + for (h = he->h_aliases; *h; ++h) { + if (strchr (*h, '.') != NULL) { + canonname = *h; + break; + } + } + canonname = strdup (canonname); + if (canonname == NULL) + return EAI_MEMORY; + } + + for (h = he->h_addr_list; *h != NULL; ++h) { + ret = add_one (port, protocol, socktype, + current, func, *h, canonname); + if (ret) + return ret; + if (*flags & AI_CANONNAME) { + *flags &= ~AI_CANONNAME; + canonname = NULL; + } + } + return 0; +} + +static int +get_number (const char *nodename, + const struct addrinfo *hints, + int port, int protocol, int socktype, + struct addrinfo **res) +{ + struct addrinfo *first = NULL; + struct addrinfo **current = &first; + int family = PF_UNSPEC; + int ret; + + if (hints != NULL) { + family = hints->ai_family; + } + +#ifdef HAVE_IPV6 + if (family == PF_INET6 || family == PF_UNSPEC) { + struct in6_addr v6_addr; + + if (inet_pton (PF_INET6, nodename, &v6_addr) == 1) { + ret = add_one (port, protocol, socktype, + ¤t, const_v6, &v6_addr, NULL); + *res = first; + return ret; + } + } +#endif + if (family == PF_INET || family == PF_UNSPEC) { + struct in_addr v4_addr; + + if (inet_pton (PF_INET, nodename, &v4_addr) == 1) { + ret = add_one (port, protocol, socktype, + ¤t, const_v4, &v4_addr, NULL); + *res = first; + return ret; + } + } + return EAI_NONAME; +} + +static int +get_nodes (const char *nodename, + const struct addrinfo *hints, + int port, int protocol, int socktype, + struct addrinfo **res) +{ + struct addrinfo *first = NULL; + struct addrinfo **current = &first; + int family = PF_UNSPEC; + int flags = 0; + int ret = EAI_NONAME; + int error; + + if (hints != NULL) { + family = hints->ai_family; + flags = hints->ai_flags; + } + +#ifdef HAVE_IPV6 + if (family == PF_INET6 || family == PF_UNSPEC) { + struct hostent *he; + + he = getipnodebyname (nodename, PF_INET6, 0, &error); + + if (he != NULL) { + ret = add_hostent (port, protocol, socktype, + ¤t, const_v6, he, &flags); + freehostent (he); + } + } +#endif + if (family == PF_INET || family == PF_UNSPEC) { + struct hostent *he; + + he = getipnodebyname (nodename, PF_INET, 0, &error); + + if (he != NULL) { + ret = add_hostent (port, protocol, socktype, + ¤t, const_v4, he, &flags); + freehostent (he); + } + } + *res = first; + return ret; +} + +/* + * hints: + * + * struct addrinfo { + * int ai_flags; + * int ai_family; + * int ai_socktype; + * int ai_protocol; + * ... + * }; + */ + +int +getaddrinfo(const char *nodename, + const char *servname, + const struct addrinfo *hints, + struct addrinfo **res) +{ + int ret; + int port = 0; + int protocol = 0; + int socktype = 0; + + *res = NULL; + + if (servname == NULL && nodename == NULL) + return EAI_NONAME; + + if (hints != NULL + && hints->ai_family != PF_UNSPEC + && hints->ai_family != PF_INET +#ifdef HAVE_IPV6 + && hints->ai_family != PF_INET6 +#endif + ) + return EAI_FAMILY; + + if (servname != NULL) { + ret = get_port_protocol_socktype (servname, hints, + &port, &protocol, &socktype); + if (ret) + return ret; + } + if (nodename != NULL) { + ret = get_number (nodename, hints, port, protocol, socktype, res); + if (ret) { + if(hints && hints->ai_flags & AI_NUMERICHOST) + ret = EAI_NONAME; + else + ret = get_nodes (nodename, hints, port, protocol, socktype, + res); + } + } else { + ret = get_null (hints, port, protocol, socktype, res); + } + if (ret) + freeaddrinfo (*res); + return ret; +} diff --git a/crypto/heimdal/lib/roken/getarg.3 b/crypto/heimdal/lib/roken/getarg.3 new file mode 100644 index 0000000..78a8802 --- /dev/null +++ b/crypto/heimdal/lib/roken/getarg.3 @@ -0,0 +1,317 @@ +.\" Copyright (c) 1999 Kungliga Tekniska Högskolan +.\" $Id: getarg.3,v 1.2 1999/10/18 17:14:31 joda Exp $ +.Dd September 24, 1999 +.Dt GETARG 3 +.Os ROKEN +.Sh NAME +.Nm getarg , +.Nm arg_printusage +.Nd collect command line options +.Sh SYNOPSIS +.Fd #include <getarg.h> + +.Ft int +.Fn getarg "struct getargs *args" "size_t num_args" "int argc" "char **argv" "int *optind" + +.Ft void +.Fn arg_printusage "struct getargs *args" "size_t num_args" "const char *progname" "const char *extra_string" + +.Sh DESCRIPTION +.Fn getarg +collects any command line options given to a program in an easily used way. +.Fn arg_printusage +pretty-prints the available options, with a short help text. +.Pp +.Fa args +is the option specification to use, and it's an array of +.Fa struct getargs +elements. +.Fa num_args +is the size of +.Fa args +(in elements). +.Fa argc +and +.Fa argv +are the argument count and argument vector to extract option from. +.Fa optind +is a pointer to an integer where the index to the last processed +argument is stored, it must be initialised to the first index (minus +one) to process (normally 0) before the first call. +.Pp +.Fa arg_printusage +take the same +.Fa args +and +.Fa num_args +as getarg; +.Fa progname is the name of the program (to be used in the help text), and +.Fa extra_string +is a string to print after the actual options to indicate more +arguments. The usefulness of this function is realised only be people +who has used programs that has help strings that doesn't match what +the code does. +.Pp +The +.Fa getargs +struct has the following elements. + +.Bd -literal +struct getargs{ + const char *long_name; + char short_name; + enum { arg_integer, + arg_string, + arg_flag, + arg_negative_flag, + arg_strings, + arg_double, + arg_collect + } type; + void *value; + const char *help; + const char *arg_help; +}; +.Ed +.Pp +.Fa long_name +is the long name of the option, it can be +.Dv NULL , +if you don't want a long name. +.Fa short_name +is the characted to use as short option, it can be zero. If the option +has a value the +.Fa value +field gets filled in with that value interpreted as specified by the +.Fa type +field. +.Fa help +is a longer help string for the option as a whole, if it's +.Dv NULL +the help text for the option is omitted (but it's still displayed in +the synopsis). +.Fa arg_help +is a description of the argument, if +.Dv NULL +a default value will be used, depending on the type of the option: +.Pp +.Bl -hang -width arg_negative_flag +.It arg_integer +the argument is a signed integer, and +.Fa value +should point to an +.Fa int . +.It Fa arg_string +the argument is a string, and +.Fa value +should point to a +.Fa char* . +.It Fa arg_flag +the argument is a flag, and +.Fa value +should point to a +.Fa int . +It gets filled in with either zero or one, depending on how the option +is given, the normal case beeing one. Note that if the option isn't +given, the value isn't altered, so it should be initialised to some +useful default. +.It Fa arg_negative_flag +this is the same as +.Fa arg_flag +but it reverses the meaning of the flag (a given short option clears +the flag), and the synopsis of a long option is negated. +.It Fa arg_strings +the argument can be given multiple times, and the values are collected +in an array; +.Fa value +should be a pointer to a +.Fa struct getarg_strings +structure, which holds a length and a string pointer. +.It Fa arg_double +argument is a double precision floating point value, and +.Fa value +should point to a +.Fa double . +.It Fa arg_collect +allows more fine-grained control of the option parsing process. +.Fa value +should be a pointer to a +.Fa getarg_collect_info +structure: +.Bd -literal +typedef int (*getarg_collect_func)(int short_opt, + int argc, + char **argv, + int *optind, + int *optarg, + void *data); + +typedef struct getarg_collect_info { + getarg_collect_func func; + void *data; +} getarg_collect_info; +.Ed +.Pp +With the +.Fa func +member set to a function to call, and +.Fa data +to some application specific data. The parameters to the collect function are: +.Bl -inset +.It Fa short_flag +non-zero if this call is via a short option flag, zero otherwise +.It Fa argc , argv +the whole argument list +.It Fa optind +pointer to the index in argv where the flag is +.It Fa optarg +pointer to the index in argv[*optind] where the flag name starts +.It Fa data +application specific data +.El +.Pp +You can modify +.Fa *optind , +and +.Fa *optarg , +but to do this correct you (more or less) have to know about the inner +workings of getarg. + +You can skip parts of arguments by increasing +.Fa *optarg +(you could +implement the +.Fl z Ns Ar 3 +set of flags from +.Nm gzip +with this), or whole argument strings by increasing +.Fa *optind +(let's say you want a flag +.Fl c Ar x y z +to specify a coordinate); if you also have to set +.Fa *optarg +to a sane value. +.Pp +The collect function should return one of +.Dv ARG_ERR_NO_MATCH , ARG_ERR_BAD_ARG , ARG_ERR_NO_ARG +on error, zero otherwise. +.Pp +For your convenience there is a function, +.Fn getarg_optarg , +that returns the traditional argument string, and you pass it all +arguments, sans data, that where given to the collection function. +.Pp +Don't use this more this unless you absolutely have to. +.El +.Pp +Option parsing is similar to what +.Xr getopt +uses. Short options without arguments can be compressed +.Pf ( Fl xyz +is the same as +.Fl x y z ) , +and short +options with arguments take these as either the rest of the +argv-string or as the next option +.Pf ( Fl o Ns Ar foo , +or +.Fl o Ar foo ) . +.Pp +Long option names are prefixed with -- (double dash), and the value +with a = (equal), +.Fl -foo= Ns Ar bar . +Long option flags can either be specified as they are +.Pf ( Fl -help ) , +or with an (boolean parsable) option +.Pf ( Fl -help= Ns Ar yes , +.Fl -help= Ns Ar true , +or similar), or they can also be negated +.Pf ( Fl -no-help +is the same as +.Fl -help= Ns no ) , +and if you're really confused you can do it multiple times +.Pf ( Fl -no-no-help= Ns Ar false , +or even +.Fl -no-no-help= Ns Ar maybe ) . + +.Pp +.Sh EXAMPLE +.Bd -literal +#include <stdio.h> +#include <string.h> +#include <getarg.h> + +char *source = "Ouagadougou"; +char *destination; +int weight; +int include_catalog = 1; +int help_flag; + +struct getargs args[] = { + { "source", 's', arg_string, &source, + "source of shippment", "city" }, + { "destination", 'd', arg_string, &destination, + "destination of shippment", "city" }, + { "weight", 'w', arg_integer, &weight, + "weight of shippment", "tons" }, + { "catalog", 'c', arg_negative_flag, &include_catalog, + "include product catalog" }, + { "help", 'h', arg_flag, &help_flag } +}; + +int num_args = sizeof(args) / sizeof(args[0]); /* number of elements in args */ + +const char *progname = "ship++"; + +int +main(int argc, char **argv) +{ + int optind = 0; + if (getarg(args, num_args, argc, argv, &optind)) { + arg_printusage(args, num_args, progname, "stuff..."); + exit (1); + } + if (help_flag) { + arg_printusage(args, num_args, progname, "stuff..."); + exit (0); + } + if (destination == NULL) { + fprintf(stderr, "%s: must specify destination\n", progname); + exit(1); + } + if (strcmp(source, destination) == 0) { + fprintf(stderr, "%s: destination must be different from source\n"); + exit(1); + } + /* include more stuff here ... */ + exit(2); +} +.Ed +.Pp +The output help output from this program looks like this: +.Bd -literal +$ ship++ --help +Usage: ship++ [--source=city] [-s city] [--destination=city] [-d city] + [--weight=tons] [-w tons] [--no-catalog] [-c] [--help] [-h] stuff... +-s city, --source=city source of shippment +-d city, --destination=city destination of shippment +-w tons, --weight=tons weight of shippment +-c, --no-catalog include product catalog +.Ed + +.Sh BUGS +It should be more flexible, so it would be possible to use other more +complicated option syntaxes, such as what +.Xr ps 1 , +and +.Xr tar 1 , +uses, or the AFS model where you can skip the flag names as long as +the options come in the correct order. +.Pp +Options with multiple arguments should be handled better. +.Pp +Should be integreated with SL. +.Pp +It's very confusing that the struct you pass in is called getargS. +.Sh SEE ALSO +.Xr getopt 3 diff --git a/crypto/heimdal/lib/roken/getarg.c b/crypto/heimdal/lib/roken/getarg.c new file mode 100644 index 0000000..505e418 --- /dev/null +++ b/crypto/heimdal/lib/roken/getarg.c @@ -0,0 +1,547 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: getarg.c,v 1.32 1999/12/02 16:58:46 joda Exp $"); +#endif + +#include <stdio.h> +#include <roken.h> +#include "getarg.h" + +#define ISFLAG(X) ((X).type == arg_flag || (X).type == arg_negative_flag) + +static size_t +print_arg (char *string, size_t len, int mdoc, int longp, struct getargs *arg) +{ + const char *s; + + *string = '\0'; + + if (ISFLAG(*arg) || (!longp && arg->type == arg_counter)) + return 0; + + if(mdoc){ + if(longp) + strlcat(string, "= Ns", len); + strlcat(string, " Ar ", len); + }else + if (longp) + strlcat (string, "=", len); + else + strlcat (string, " ", len); + + if (arg->arg_help) + s = arg->arg_help; + else if (arg->type == arg_integer || arg->type == arg_counter) + s = "integer"; + else if (arg->type == arg_string) + s = "string"; + else if (arg->type == arg_double) + s = "float"; + else + s = "<undefined>"; + + strlcat(string, s, len); + return 1 + strlen(s); +} + +static void +mandoc_template(struct getargs *args, + size_t num_args, + const char *progname, + const char *extra_string) +{ + int i; + char timestr[64], cmd[64]; + char buf[128]; + const char *p; + time_t t; + + printf(".\\\" Things to fix:\n"); + printf(".\\\" * correct section, and operating system\n"); + printf(".\\\" * remove Op from mandatory flags\n"); + printf(".\\\" * use better macros for arguments (like .Pa for files)\n"); + printf(".\\\"\n"); + t = time(NULL); + strftime(timestr, sizeof(timestr), "%B %e, %Y", localtime(&t)); + printf(".Dd %s\n", timestr); + p = strrchr(progname, '/'); + if(p) p++; else p = progname; + strlcpy(cmd, p, sizeof(cmd)); + strupr(cmd); + + printf(".Dt %s SECTION\n", cmd); + printf(".Os OPERATING_SYSTEM\n"); + printf(".Sh NAME\n"); + printf(".Nm %s\n", p); + printf(".Nd\n"); + printf("in search of a description\n"); + printf(".Sh SYNOPSIS\n"); + printf(".Nm\n"); + for(i = 0; i < num_args; i++){ + /* we seem to hit a limit on number of arguments if doing + short and long flags with arguments -- split on two lines */ + if(ISFLAG(args[i]) || + args[i].short_name == 0 || args[i].long_name == NULL) { + printf(".Op "); + + if(args[i].short_name) { + print_arg(buf, sizeof(buf), 1, 0, args + i); + printf("Fl %c%s", args[i].short_name, buf); + if(args[i].long_name) + printf(" | "); + } + if(args[i].long_name) { + print_arg(buf, sizeof(buf), 1, 1, args + i); + printf("Fl -%s%s", args[i].long_name, buf); + } + printf("\n"); + } else { + print_arg(buf, sizeof(buf), 1, 0, args + i); + printf(".Oo Fl %c%s \\*(Ba Xo\n", args[i].short_name, buf); + print_arg(buf, sizeof(buf), 1, 1, args + i); + printf(".Fl -%s%s Oc\n.Xc\n", args[i].long_name, buf); + } + /* + if(args[i].type == arg_strings) + fprintf (stderr, "..."); + */ + } + if (extra_string && *extra_string) + printf (".Ar %s\n", extra_string); + printf(".Sh DESCRIPTION\n"); + printf("Supported options:\n"); + printf(".Bl -tag -width Ds\n"); + for(i = 0; i < num_args; i++){ + printf(".It Xo\n"); + if(args[i].short_name){ + printf(".Fl %c", args[i].short_name); + print_arg(buf, sizeof(buf), 1, 0, args + i); + printf("%s", buf); + if(args[i].long_name) + printf(" Ns ,"); + printf("\n"); + } + if(args[i].long_name){ + printf(".Fl -%s", args[i].long_name); + print_arg(buf, sizeof(buf), 1, 1, args + i); + printf("%s\n", buf); + } + printf(".Xc\n"); + if(args[i].help) + printf("%s\n", args[i].help); + /* + if(args[i].type == arg_strings) + fprintf (stderr, "..."); + */ + } + printf(".El\n"); + printf(".\\\".Sh ENVIRONMENT\n"); + printf(".\\\".Sh FILES\n"); + printf(".\\\".Sh EXAMPLES\n"); + printf(".\\\".Sh DIAGNOSTICS\n"); + printf(".\\\".Sh SEE ALSO\n"); + printf(".\\\".Sh STANDARDS\n"); + printf(".\\\".Sh HISTORY\n"); + printf(".\\\".Sh AUTHORS\n"); + printf(".\\\".Sh BUGS\n"); +} + +static int +check_column(FILE *f, int col, int len, int columns) +{ + if(col + len > columns) { + fprintf(f, "\n"); + col = fprintf(f, " "); + } + return col; +} + +void +arg_printusage (struct getargs *args, + size_t num_args, + const char *progname, + const char *extra_string) +{ + int i; + size_t max_len = 0; + char buf[128]; + int col = 0, columns; + struct winsize ws; + + if (progname == NULL) + progname = __progname; + + if(getenv("GETARGMANDOC")){ + mandoc_template(args, num_args, progname, extra_string); + return; + } + if(get_window_size(2, &ws) == 0) + columns = ws.ws_col; + else + columns = 80; + col = 0; + col += fprintf (stderr, "Usage: %s", progname); + for (i = 0; i < num_args; ++i) { + size_t len = 0; + + if (args[i].long_name) { + buf[0] = '\0'; + strlcat(buf, "[--", sizeof(buf)); + len += 2; + if(args[i].type == arg_negative_flag) { + strlcat(buf, "no-", sizeof(buf)); + len += 3; + } + strlcat(buf, args[i].long_name, sizeof(buf)); + len += strlen(args[i].long_name); + len += print_arg(buf + strlen(buf), sizeof(buf) - strlen(buf), + 0, 1, &args[i]); + strlcat(buf, "]", sizeof(buf)); + if(args[i].type == arg_strings) + strlcat(buf, "...", sizeof(buf)); + col = check_column(stderr, col, strlen(buf) + 1, columns); + col += fprintf(stderr, " %s", buf); + } + if (args[i].short_name) { + snprintf(buf, sizeof(buf), "[-%c", args[i].short_name); + len += 2; + len += print_arg(buf + strlen(buf), sizeof(buf) - strlen(buf), + 0, 0, &args[i]); + strlcat(buf, "]", sizeof(buf)); + if(args[i].type == arg_strings) + strlcat(buf, "...", sizeof(buf)); + col = check_column(stderr, col, strlen(buf) + 1, columns); + col += fprintf(stderr, " %s", buf); + } + if (args[i].long_name && args[i].short_name) + len += 2; /* ", " */ + max_len = max(max_len, len); + } + if (extra_string) { + col = check_column(stderr, col, strlen(extra_string) + 1, columns); + fprintf (stderr, " %s\n", extra_string); + } else + fprintf (stderr, "\n"); + for (i = 0; i < num_args; ++i) { + if (args[i].help) { + size_t count = 0; + + if (args[i].short_name) { + count += fprintf (stderr, "-%c", args[i].short_name); + print_arg (buf, sizeof(buf), 0, 0, &args[i]); + count += fprintf(stderr, "%s", buf); + } + if (args[i].short_name && args[i].long_name) + count += fprintf (stderr, ", "); + if (args[i].long_name) { + count += fprintf (stderr, "--"); + if (args[i].type == arg_negative_flag) + count += fprintf (stderr, "no-"); + count += fprintf (stderr, "%s", args[i].long_name); + print_arg (buf, sizeof(buf), 0, 1, &args[i]); + count += fprintf(stderr, "%s", buf); + } + while(count++ <= max_len) + putc (' ', stderr); + fprintf (stderr, "%s\n", args[i].help); + } + } +} + +static void +add_string(getarg_strings *s, char *value) +{ + s->strings = realloc(s->strings, (s->num_strings + 1) * sizeof(*s->strings)); + s->strings[s->num_strings] = value; + s->num_strings++; +} + +static int +arg_match_long(struct getargs *args, size_t num_args, + char *argv, int argc, char **rargv, int *optind) +{ + int i; + char *optarg = NULL; + int negate = 0; + int partial_match = 0; + struct getargs *partial = NULL; + struct getargs *current = NULL; + int argv_len; + char *p; + + argv_len = strlen(argv); + p = strchr (argv, '='); + if (p != NULL) + argv_len = p - argv; + + for (i = 0; i < num_args; ++i) { + if(args[i].long_name) { + int len = strlen(args[i].long_name); + char *p = argv; + int p_len = argv_len; + negate = 0; + + for (;;) { + if (strncmp (args[i].long_name, p, p_len) == 0) { + if(p_len == len) + current = &args[i]; + else { + ++partial_match; + partial = &args[i]; + } + optarg = p + p_len; + } else if (ISFLAG(args[i]) && strncmp (p, "no-", 3) == 0) { + negate = !negate; + p += 3; + p_len -= 3; + continue; + } + break; + } + if (current) + break; + } + } + if (current == NULL) { + if (partial_match == 1) + current = partial; + else + return ARG_ERR_NO_MATCH; + } + + if(*optarg == '\0' + && !ISFLAG(*current) + && current->type != arg_collect + && current->type != arg_counter) + return ARG_ERR_NO_MATCH; + switch(current->type){ + case arg_integer: + { + int tmp; + if(sscanf(optarg + 1, "%d", &tmp) != 1) + return ARG_ERR_BAD_ARG; + *(int*)current->value = tmp; + return 0; + } + case arg_string: + { + *(char**)current->value = optarg + 1; + return 0; + } + case arg_strings: + { + add_string((getarg_strings*)current->value, optarg + 1); + return 0; + } + case arg_flag: + case arg_negative_flag: + { + int *flag = current->value; + if(*optarg == '\0' || + strcmp(optarg + 1, "yes") == 0 || + strcmp(optarg + 1, "true") == 0){ + *flag = !negate; + return 0; + } else if (*optarg && strcmp(optarg + 1, "maybe") == 0) { + *flag = rand() & 1; + } else { + *flag = negate; + return 0; + } + return ARG_ERR_BAD_ARG; + } + case arg_counter : + { + int val; + + if (*optarg == '\0') + val = 1; + else { + char *endstr; + + val = strtol (optarg, &endstr, 0); + if (endstr == optarg) + return ARG_ERR_BAD_ARG; + } + *(int *)current->value += val; + return 0; + } + case arg_double: + { + double tmp; + if(sscanf(optarg + 1, "%lf", &tmp) != 1) + return ARG_ERR_BAD_ARG; + *(double*)current->value = tmp; + return 0; + } + case arg_collect:{ + struct getarg_collect_info *c = current->value; + int o = argv - rargv[*optind]; + return (*c->func)(FALSE, argc, rargv, optind, &o, c->data); + } + + default: + abort (); + } +} + +static int +arg_match_short (struct getargs *args, size_t num_args, + char *argv, int argc, char **rargv, int *optind) +{ + int j, k; + + for(j = 1; j > 0 && j < strlen(rargv[*optind]); j++) { + for(k = 0; k < num_args; k++) { + char *optarg; + + if(args[k].short_name == 0) + continue; + if(argv[j] == args[k].short_name) { + if(args[k].type == arg_flag) { + *(int*)args[k].value = 1; + break; + } + if(args[k].type == arg_negative_flag) { + *(int*)args[k].value = 0; + break; + } + if(args[k].type == arg_counter) { + ++*(int *)args[k].value; + break; + } + if(args[k].type == arg_collect) { + struct getarg_collect_info *c = args[k].value; + + if((*c->func)(TRUE, argc, rargv, optind, &j, c->data)) + return ARG_ERR_BAD_ARG; + break; + } + + if(argv[j + 1]) + optarg = &argv[j + 1]; + else { + ++*optind; + optarg = rargv[*optind]; + } + if(optarg == NULL) + return ARG_ERR_NO_ARG; + if(args[k].type == arg_integer) { + int tmp; + if(sscanf(optarg, "%d", &tmp) != 1) + return ARG_ERR_BAD_ARG; + *(int*)args[k].value = tmp; + return 0; + } else if(args[k].type == arg_string) { + *(char**)args[k].value = optarg; + return 0; + } else if(args[k].type == arg_strings) { + add_string((getarg_strings*)args[k].value, optarg); + return 0; + } else if(args[k].type == arg_double) { + double tmp; + if(sscanf(optarg, "%lf", &tmp) != 1) + return ARG_ERR_BAD_ARG; + *(double*)args[k].value = tmp; + return 0; + } + return ARG_ERR_BAD_ARG; + } + } + if (k == num_args) + return ARG_ERR_NO_MATCH; + } + return 0; +} + +int +getarg(struct getargs *args, size_t num_args, + int argc, char **argv, int *optind) +{ + int i; + int ret = 0; + + srand (time(NULL)); + (*optind)++; + for(i = *optind; i < argc; i++) { + if(argv[i][0] != '-') + break; + if(argv[i][1] == '-'){ + if(argv[i][2] == 0){ + i++; + break; + } + ret = arg_match_long (args, num_args, argv[i] + 2, + argc, argv, &i); + } else { + ret = arg_match_short (args, num_args, argv[i], + argc, argv, &i); + } + if(ret) + break; + } + *optind = i; + return ret; +} + +#if TEST +int foo_flag = 2; +int flag1 = 0; +int flag2 = 0; +int bar_int; +char *baz_string; + +struct getargs args[] = { + { NULL, '1', arg_flag, &flag1, "one", NULL }, + { NULL, '2', arg_flag, &flag2, "two", NULL }, + { "foo", 'f', arg_negative_flag, &foo_flag, "foo", NULL }, + { "bar", 'b', arg_integer, &bar_int, "bar", "seconds"}, + { "baz", 'x', arg_string, &baz_string, "baz", "name" }, +}; + +int main(int argc, char **argv) +{ + int optind = 0; + while(getarg(args, 5, argc, argv, &optind)) + printf("Bad arg: %s\n", argv[optind]); + printf("flag1 = %d\n", flag1); + printf("flag2 = %d\n", flag2); + printf("foo_flag = %d\n", foo_flag); + printf("bar_int = %d\n", bar_int); + printf("baz_flag = %s\n", baz_string); + arg_printusage (args, 5, argv[0], "nothing here"); +} +#endif diff --git a/crypto/heimdal/lib/roken/getarg.h b/crypto/heimdal/lib/roken/getarg.h new file mode 100644 index 0000000..7fd374b --- /dev/null +++ b/crypto/heimdal/lib/roken/getarg.h @@ -0,0 +1,89 @@ +/* + * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: getarg.h,v 1.10 1999/12/02 16:58:46 joda Exp $ */ + +#ifndef __GETARG_H__ +#define __GETARG_H__ + +#include <stddef.h> + +struct getargs{ + const char *long_name; + char short_name; + enum { arg_integer, + arg_string, + arg_flag, + arg_negative_flag, + arg_strings, + arg_double, + arg_collect, + arg_counter + } type; + void *value; + const char *help; + const char *arg_help; +}; + +enum { + ARG_ERR_NO_MATCH = 1, + ARG_ERR_BAD_ARG, + ARG_ERR_NO_ARG +}; + +typedef struct getarg_strings { + int num_strings; + char **strings; +} getarg_strings; + +typedef int (*getarg_collect_func)(int short_opt, + int argc, + char **argv, + int *optind, + int *optarg, + void *data); + +typedef struct getarg_collect_info { + getarg_collect_func func; + void *data; +} getarg_collect_info; + +int getarg(struct getargs *args, size_t num_args, + int argc, char **argv, int *optind); + +void arg_printusage (struct getargs *args, + size_t num_args, + const char *progname, + const char *extra_string); + +#endif /* __GETARG_H__ */ diff --git a/crypto/heimdal/lib/roken/getcap.c b/crypto/heimdal/lib/roken/getcap.c new file mode 100644 index 0000000..997fabf --- /dev/null +++ b/crypto/heimdal/lib/roken/getcap.c @@ -0,0 +1,1118 @@ +/* $NetBSD: getcap.c,v 1.29 1999/03/29 09:27:29 abs Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Casey Leedom of Lawrence Livermore National Laboratory. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include "roken.h" +RCSID("$Id: getcap.c,v 1.7 1999/11/17 21:11:58 assar Exp $"); + +#include <sys/types.h> +#include <ctype.h> +#if defined(HAVE_DB_185_H) +#include <db_185.h> +#elif defined(HAVE_DB_H) +#include <db.h> +#endif +#include <errno.h> +#include <fcntl.h> +#include <limits.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> + +#define BFRAG 1024 +#if 0 +#define BSIZE 1024 +#endif +#define ESC ('[' & 037) /* ASCII ESC */ +#define MAX_RECURSION 32 /* maximum getent recursion */ +#define SFRAG 100 /* cgetstr mallocs in SFRAG chunks */ + +#define RECOK (char)0 +#define TCERR (char)1 +#define SHADOW (char)2 + +static size_t topreclen; /* toprec length */ +static char *toprec; /* Additional record specified by cgetset() */ +static int gottoprec; /* Flag indicating retrieval of toprecord */ + +#if defined(HAVE_DBOPEN) && defined(HAVE_DB_H) +#define USE_DB +#endif + +#ifdef USE_DB +static int cdbget (DB *, char **, const char *); +#endif +static int getent (char **, size_t *, char **, int, const char *, int, char *); +static int nfcmp (char *, char *); + + +int cgetset(const char *ent); +char *cgetcap(char *buf, const char *cap, int type); +int cgetent(char **buf, char **db_array, const char *name); +int cgetmatch(const char *buf, const char *name); +int cgetclose(void); +#if 0 +int cgetfirst(char **buf, char **db_array); +int cgetnext(char **bp, char **db_array); +#endif +int cgetstr(char *buf, const char *cap, char **str); +int cgetustr(char *buf, const char *cap, char **str); +int cgetnum(char *buf, const char *cap, long *num); +/* + * Cgetset() allows the addition of a user specified buffer to be added + * to the database array, in effect "pushing" the buffer on top of the + * virtual database. 0 is returned on success, -1 on failure. + */ +int +cgetset(const char *ent) +{ + const char *source, *check; + char *dest; + + if (ent == NULL) { + if (toprec) + free(toprec); + toprec = NULL; + topreclen = 0; + return (0); + } + topreclen = strlen(ent); + if ((toprec = malloc (topreclen + 1)) == NULL) { + errno = ENOMEM; + return (-1); + } + gottoprec = 0; + + source=ent; + dest=toprec; + while (*source) { /* Strip whitespace */ + *dest++ = *source++; /* Do not check first field */ + while (*source == ':') { + check=source+1; + while (*check && (isspace((unsigned char)*check) || + (*check=='\\' && isspace((unsigned char)check[1])))) + ++check; + if( *check == ':' ) + source=check; + else + break; + + } + } + *dest=0; + + return (0); +} + +/* + * Cgetcap searches the capability record buf for the capability cap with + * type `type'. A pointer to the value of cap is returned on success, NULL + * if the requested capability couldn't be found. + * + * Specifying a type of ':' means that nothing should follow cap (:cap:). + * In this case a pointer to the terminating ':' or NUL will be returned if + * cap is found. + * + * If (cap, '@') or (cap, terminator, '@') is found before (cap, terminator) + * return NULL. + */ +char * +cgetcap(char *buf, const char *cap, int type) +{ + char *bp; + const char *cp; + + bp = buf; + for (;;) { + /* + * Skip past the current capability field - it's either the + * name field if this is the first time through the loop, or + * the remainder of a field whose name failed to match cap. + */ + for (;;) + if (*bp == '\0') + return (NULL); + else + if (*bp++ == ':') + break; + + /* + * Try to match (cap, type) in buf. + */ + for (cp = cap; *cp == *bp && *bp != '\0'; cp++, bp++) + continue; + if (*cp != '\0') + continue; + if (*bp == '@') + return (NULL); + if (type == ':') { + if (*bp != '\0' && *bp != ':') + continue; + return(bp); + } + if (*bp != type) + continue; + bp++; + return (*bp == '@' ? NULL : bp); + } + /* NOTREACHED */ +} + +/* + * Cgetent extracts the capability record name from the NULL terminated file + * array db_array and returns a pointer to a malloc'd copy of it in buf. + * Buf must be retained through all subsequent calls to cgetcap, cgetnum, + * cgetflag, and cgetstr, but may then be free'd. 0 is returned on success, + * -1 if the requested record couldn't be found, -2 if a system error was + * encountered (couldn't open/read a file, etc.), and -3 if a potential + * reference loop is detected. + */ +int +cgetent(char **buf, char **db_array, const char *name) +{ + size_t dummy; + + return (getent(buf, &dummy, db_array, -1, name, 0, NULL)); +} + +/* + * Getent implements the functions of cgetent. If fd is non-negative, + * *db_array has already been opened and fd is the open file descriptor. We + * do this to save time and avoid using up file descriptors for tc= + * recursions. + * + * Getent returns the same success/failure codes as cgetent. On success, a + * pointer to a malloc'ed capability record with all tc= capabilities fully + * expanded and its length (not including trailing ASCII NUL) are left in + * *cap and *len. + * + * Basic algorithm: + * + Allocate memory incrementally as needed in chunks of size BFRAG + * for capability buffer. + * + Recurse for each tc=name and interpolate result. Stop when all + * names interpolated, a name can't be found, or depth exceeds + * MAX_RECURSION. + */ +static int +getent(char **cap, size_t *len, char **db_array, int fd, + const char *name, int depth, char *nfield) +{ + char *r_end, *rp = NULL, **db_p; /* pacify gcc */ + int myfd = 0, eof, foundit; + char *record; + int tc_not_resolved; + + /* + * Return with ``loop detected'' error if we've recursed more than + * MAX_RECURSION times. + */ + if (depth > MAX_RECURSION) + return (-3); + + /* + * Check if we have a top record from cgetset(). + */ + if (depth == 0 && toprec != NULL && cgetmatch(toprec, name) == 0) { + if ((record = malloc (topreclen + BFRAG)) == NULL) { + errno = ENOMEM; + return (-2); + } + (void)strcpy(record, toprec); /* XXX: strcpy is safe */ + db_p = db_array; + rp = record + topreclen + 1; + r_end = rp + BFRAG; + goto tc_exp; + } + /* + * Allocate first chunk of memory. + */ + if ((record = malloc(BFRAG)) == NULL) { + errno = ENOMEM; + return (-2); + } + r_end = record + BFRAG; + foundit = 0; + /* + * Loop through database array until finding the record. + */ + + for (db_p = db_array; *db_p != NULL; db_p++) { + eof = 0; + + /* + * Open database if not already open. + */ + + if (fd >= 0) { + (void)lseek(fd, (off_t)0, SEEK_SET); + } else { +#ifdef USE_DB + char pbuf[_POSIX_PATH_MAX]; + char *cbuf; + size_t clen; + int retval; + DB *capdbp; + + (void)snprintf(pbuf, sizeof(pbuf), "%s.db", *db_p); + if ((capdbp = dbopen(pbuf, O_RDONLY, 0, DB_HASH, 0)) + != NULL) { + free(record); + retval = cdbget(capdbp, &record, name); + if (retval < 0) { + /* no record available */ + (void)capdbp->close(capdbp); + return (retval); + } + /* save the data; close frees it */ + clen = strlen(record); + cbuf = malloc(clen + 1); + memmove(cbuf, record, clen + 1); + if (capdbp->close(capdbp) < 0) { + free(cbuf); + return (-2); + } + *len = clen; + *cap = cbuf; + return (retval); + } else +#endif + { + fd = open(*db_p, O_RDONLY, 0); + if (fd < 0) { + /* No error on unfound file. */ + continue; + } + myfd = 1; + } + } + /* + * Find the requested capability record ... + */ + { + char buf[BUFSIZ]; + char *b_end, *bp, *cp; + int c, slash; + + /* + * Loop invariants: + * There is always room for one more character in record. + * R_end always points just past end of record. + * Rp always points just past last character in record. + * B_end always points just past last character in buf. + * Bp always points at next character in buf. + * Cp remembers where the last colon was. + */ + b_end = buf; + bp = buf; + cp = 0; + slash = 0; + for (;;) { + + /* + * Read in a line implementing (\, newline) + * line continuation. + */ + rp = record; + for (;;) { + if (bp >= b_end) { + int n; + + n = read(fd, buf, sizeof(buf)); + if (n <= 0) { + if (myfd) + (void)close(fd); + if (n < 0) { + free(record); + return (-2); + } else { + fd = -1; + eof = 1; + break; + } + } + b_end = buf+n; + bp = buf; + } + + c = *bp++; + if (c == '\n') { + if (slash) { + slash = 0; + rp--; + continue; + } else + break; + } + if (slash) { + slash = 0; + cp = 0; + } + if (c == ':') { + /* + * If the field was `empty' (i.e. + * contained only white space), back up + * to the colon (eliminating the + * field). + */ + if (cp) + rp = cp; + else + cp = rp; + } else if (c == '\\') { + slash = 1; + } else if (c != ' ' && c != '\t') { + /* + * Forget where the colon was, as this + * is not an empty field. + */ + cp = 0; + } + *rp++ = c; + + /* + * Enforce loop invariant: if no room + * left in record buffer, try to get + * some more. + */ + if (rp >= r_end) { + u_int pos; + size_t newsize; + + pos = rp - record; + newsize = r_end - record + BFRAG; + record = realloc(record, newsize); + if (record == NULL) { + errno = ENOMEM; + if (myfd) + (void)close(fd); + return (-2); + } + r_end = record + newsize; + rp = record + pos; + } + } + /* Eliminate any white space after the last colon. */ + if (cp) + rp = cp + 1; + /* Loop invariant lets us do this. */ + *rp++ = '\0'; + + /* + * If encountered eof check next file. + */ + if (eof) + break; + + /* + * Toss blank lines and comments. + */ + if (*record == '\0' || *record == '#') + continue; + + /* + * See if this is the record we want ... + */ + if (cgetmatch(record, name) == 0) { + if (nfield == NULL || !nfcmp(nfield, record)) { + foundit = 1; + break; /* found it! */ + } + } + } + } + if (foundit) + break; + } + + if (!foundit) + return (-1); + + /* + * Got the capability record, but now we have to expand all tc=name + * references in it ... + */ + tc_exp: { + char *newicap, *s; + size_t ilen, newilen; + int diff, iret, tclen; + char *icap, *scan, *tc, *tcstart, *tcend; + + /* + * Loop invariants: + * There is room for one more character in record. + * R_end points just past end of record. + * Rp points just past last character in record. + * Scan points at remainder of record that needs to be + * scanned for tc=name constructs. + */ + scan = record; + tc_not_resolved = 0; + for (;;) { + if ((tc = cgetcap(scan, "tc", '=')) == NULL) + break; + + /* + * Find end of tc=name and stomp on the trailing `:' + * (if present) so we can use it to call ourselves. + */ + s = tc; + for (;;) + if (*s == '\0') + break; + else + if (*s++ == ':') { + *(s - 1) = '\0'; + break; + } + tcstart = tc - 3; + tclen = s - tcstart; + tcend = s; + + iret = getent(&icap, &ilen, db_p, fd, tc, depth+1, + NULL); + newicap = icap; /* Put into a register. */ + newilen = ilen; + if (iret != 0) { + /* an error */ + if (iret < -1) { + if (myfd) + (void)close(fd); + free(record); + return (iret); + } + if (iret == 1) + tc_not_resolved = 1; + /* couldn't resolve tc */ + if (iret == -1) { + *(s - 1) = ':'; + scan = s - 1; + tc_not_resolved = 1; + continue; + + } + } + /* not interested in name field of tc'ed record */ + s = newicap; + for (;;) + if (*s == '\0') + break; + else + if (*s++ == ':') + break; + newilen -= s - newicap; + newicap = s; + + /* make sure interpolated record is `:'-terminated */ + s += newilen; + if (*(s-1) != ':') { + *s = ':'; /* overwrite NUL with : */ + newilen++; + } + + /* + * Make sure there's enough room to insert the + * new record. + */ + diff = newilen - tclen; + if (diff >= r_end - rp) { + u_int pos, tcpos, tcposend; + size_t newsize; + + pos = rp - record; + newsize = r_end - record + diff + BFRAG; + tcpos = tcstart - record; + tcposend = tcend - record; + record = realloc(record, newsize); + if (record == NULL) { + errno = ENOMEM; + if (myfd) + (void)close(fd); + free(icap); + return (-2); + } + r_end = record + newsize; + rp = record + pos; + tcstart = record + tcpos; + tcend = record + tcposend; + } + + /* + * Insert tc'ed record into our record. + */ + s = tcstart + newilen; + memmove(s, tcend, (size_t)(rp - tcend)); + memmove(tcstart, newicap, newilen); + rp += diff; + free(icap); + + /* + * Start scan on `:' so next cgetcap works properly + * (cgetcap always skips first field). + */ + scan = s-1; + } + + } + /* + * Close file (if we opened it), give back any extra memory, and + * return capability, length and success. + */ + if (myfd) + (void)close(fd); + *len = rp - record - 1; /* don't count NUL */ + if (r_end > rp) + if ((record = + realloc(record, (size_t)(rp - record))) == NULL) { + errno = ENOMEM; + return (-2); + } + + *cap = record; + if (tc_not_resolved) + return (1); + return (0); +} + +#ifdef USE_DB +static int +cdbget(DB *capdbp, char **bp, const char *name) +{ + DBT key; + DBT data; + + /* LINTED key is not modified */ + key.data = (char *)name; + key.size = strlen(name); + + for (;;) { + /* Get the reference. */ + switch(capdbp->get(capdbp, &key, &data, 0)) { + case -1: + return (-2); + case 1: + return (-1); + } + + /* If not an index to another record, leave. */ + if (((char *)data.data)[0] != SHADOW) + break; + + key.data = (char *)data.data + 1; + key.size = data.size - 1; + } + + *bp = (char *)data.data + 1; + return (((char *)(data.data))[0] == TCERR ? 1 : 0); +} +#endif /* USE_DB */ + +/* + * Cgetmatch will return 0 if name is one of the names of the capability + * record buf, -1 if not. + */ +int +cgetmatch(const char *buf, const char *name) +{ + const char *np, *bp; + + /* + * Start search at beginning of record. + */ + bp = buf; + for (;;) { + /* + * Try to match a record name. + */ + np = name; + for (;;) + if (*np == '\0') { + if (*bp == '|' || *bp == ':' || *bp == '\0') + return (0); + else + break; + } else + if (*bp++ != *np++) + break; + + /* + * Match failed, skip to next name in record. + */ + bp--; /* a '|' or ':' may have stopped the match */ + for (;;) + if (*bp == '\0' || *bp == ':') + return (-1); /* match failed totally */ + else + if (*bp++ == '|') + break; /* found next name */ + } +} + +#if 0 +int +cgetfirst(char **buf, char **db_array) +{ + (void)cgetclose(); + return (cgetnext(buf, db_array)); +} +#endif + +static FILE *pfp; +static int slash; +static char **dbp; + +int +cgetclose(void) +{ + if (pfp != NULL) { + (void)fclose(pfp); + pfp = NULL; + } + dbp = NULL; + gottoprec = 0; + slash = 0; + return(0); +} + +#if 0 +/* + * Cgetnext() gets either the first or next entry in the logical database + * specified by db_array. It returns 0 upon completion of the database, 1 + * upon returning an entry with more remaining, and -1 if an error occurs. + */ +int +cgetnext(char **bp, char **db_array) +{ + size_t len; + int status, done; + char *cp, *line, *rp, *np, buf[BSIZE], nbuf[BSIZE]; + size_t dummy; + + if (dbp == NULL) + dbp = db_array; + + if (pfp == NULL && (pfp = fopen(*dbp, "r")) == NULL) { + (void)cgetclose(); + return (-1); + } + for(;;) { + if (toprec && !gottoprec) { + gottoprec = 1; + line = toprec; + } else { + line = fgetln(pfp, &len); + if (line == NULL && pfp) { + if (ferror(pfp)) { + (void)cgetclose(); + return (-1); + } else { + (void)fclose(pfp); + pfp = NULL; + if (*++dbp == NULL) { + (void)cgetclose(); + return (0); + } else if ((pfp = + fopen(*dbp, "r")) == NULL) { + (void)cgetclose(); + return (-1); + } else + continue; + } + } else + line[len - 1] = '\0'; + if (len == 1) { + slash = 0; + continue; + } + if (isspace((unsigned char)*line) || + *line == ':' || *line == '#' || slash) { + if (line[len - 2] == '\\') + slash = 1; + else + slash = 0; + continue; + } + if (line[len - 2] == '\\') + slash = 1; + else + slash = 0; + } + + + /* + * Line points to a name line. + */ + done = 0; + np = nbuf; + for (;;) { + for (cp = line; *cp != '\0'; cp++) { + if (*cp == ':') { + *np++ = ':'; + done = 1; + break; + } + if (*cp == '\\') + break; + *np++ = *cp; + } + if (done) { + *np = '\0'; + break; + } else { /* name field extends beyond the line */ + line = fgetln(pfp, &len); + if (line == NULL && pfp) { + if (ferror(pfp)) { + (void)cgetclose(); + return (-1); + } + (void)fclose(pfp); + pfp = NULL; + *np = '\0'; + break; + } else + line[len - 1] = '\0'; + } + } + rp = buf; + for(cp = nbuf; *cp != '\0'; cp++) + if (*cp == '|' || *cp == ':') + break; + else + *rp++ = *cp; + + *rp = '\0'; + /* + * XXX + * Last argument of getent here should be nbuf if we want true + * sequential access in the case of duplicates. + * With NULL, getent will return the first entry found + * rather than the duplicate entry record. This is a + * matter of semantics that should be resolved. + */ + status = getent(bp, &dummy, db_array, -1, buf, 0, NULL); + if (status == -2 || status == -3) + (void)cgetclose(); + + return (status + 1); + } + /* NOTREACHED */ +} +#endif + +/* + * Cgetstr retrieves the value of the string capability cap from the + * capability record pointed to by buf. A pointer to a decoded, NUL + * terminated, malloc'd copy of the string is returned in the char * + * pointed to by str. The length of the string not including the trailing + * NUL is returned on success, -1 if the requested string capability + * couldn't be found, -2 if a system error was encountered (storage + * allocation failure). + */ +int +cgetstr(char *buf, const char *cap, char **str) +{ + u_int m_room; + const char *bp; + char *mp; + int len; + char *mem; + + /* + * Find string capability cap + */ + bp = cgetcap(buf, cap, '='); + if (bp == NULL) + return (-1); + + /* + * Conversion / storage allocation loop ... Allocate memory in + * chunks SFRAG in size. + */ + if ((mem = malloc(SFRAG)) == NULL) { + errno = ENOMEM; + return (-2); /* couldn't even allocate the first fragment */ + } + m_room = SFRAG; + mp = mem; + + while (*bp != ':' && *bp != '\0') { + /* + * Loop invariants: + * There is always room for one more character in mem. + * Mp always points just past last character in mem. + * Bp always points at next character in buf. + */ + if (*bp == '^') { + bp++; + if (*bp == ':' || *bp == '\0') + break; /* drop unfinished escape */ + *mp++ = *bp++ & 037; + } else if (*bp == '\\') { + bp++; + if (*bp == ':' || *bp == '\0') + break; /* drop unfinished escape */ + if ('0' <= *bp && *bp <= '7') { + int n, i; + + n = 0; + i = 3; /* maximum of three octal digits */ + do { + n = n * 8 + (*bp++ - '0'); + } while (--i && '0' <= *bp && *bp <= '7'); + *mp++ = n; + } + else switch (*bp++) { + case 'b': case 'B': + *mp++ = '\b'; + break; + case 't': case 'T': + *mp++ = '\t'; + break; + case 'n': case 'N': + *mp++ = '\n'; + break; + case 'f': case 'F': + *mp++ = '\f'; + break; + case 'r': case 'R': + *mp++ = '\r'; + break; + case 'e': case 'E': + *mp++ = ESC; + break; + case 'c': case 'C': + *mp++ = ':'; + break; + default: + /* + * Catches '\', '^', and + * everything else. + */ + *mp++ = *(bp-1); + break; + } + } else + *mp++ = *bp++; + m_room--; + + /* + * Enforce loop invariant: if no room left in current + * buffer, try to get some more. + */ + if (m_room == 0) { + size_t size = mp - mem; + + if ((mem = realloc(mem, size + SFRAG)) == NULL) + return (-2); + m_room = SFRAG; + mp = mem + size; + } + } + *mp++ = '\0'; /* loop invariant let's us do this */ + m_room--; + len = mp - mem - 1; + + /* + * Give back any extra memory and return value and success. + */ + if (m_room != 0) + if ((mem = realloc(mem, (size_t)(mp - mem))) == NULL) + return (-2); + *str = mem; + return (len); +} + +/* + * Cgetustr retrieves the value of the string capability cap from the + * capability record pointed to by buf. The difference between cgetustr() + * and cgetstr() is that cgetustr does not decode escapes but rather treats + * all characters literally. A pointer to a NUL terminated malloc'd + * copy of the string is returned in the char pointed to by str. The + * length of the string not including the trailing NUL is returned on success, + * -1 if the requested string capability couldn't be found, -2 if a system + * error was encountered (storage allocation failure). + */ +int +cgetustr(char *buf, const char *cap, char **str) +{ + u_int m_room; + const char *bp; + char *mp; + int len; + char *mem; + + /* + * Find string capability cap + */ + if ((bp = cgetcap(buf, cap, '=')) == NULL) + return (-1); + + /* + * Conversion / storage allocation loop ... Allocate memory in + * chunks SFRAG in size. + */ + if ((mem = malloc(SFRAG)) == NULL) { + errno = ENOMEM; + return (-2); /* couldn't even allocate the first fragment */ + } + m_room = SFRAG; + mp = mem; + + while (*bp != ':' && *bp != '\0') { + /* + * Loop invariants: + * There is always room for one more character in mem. + * Mp always points just past last character in mem. + * Bp always points at next character in buf. + */ + *mp++ = *bp++; + m_room--; + + /* + * Enforce loop invariant: if no room left in current + * buffer, try to get some more. + */ + if (m_room == 0) { + size_t size = mp - mem; + + if ((mem = realloc(mem, size + SFRAG)) == NULL) + return (-2); + m_room = SFRAG; + mp = mem + size; + } + } + *mp++ = '\0'; /* loop invariant let's us do this */ + m_room--; + len = mp - mem - 1; + + /* + * Give back any extra memory and return value and success. + */ + if (m_room != 0) + if ((mem = realloc(mem, (size_t)(mp - mem))) == NULL) + return (-2); + *str = mem; + return (len); +} + +/* + * Cgetnum retrieves the value of the numeric capability cap from the + * capability record pointed to by buf. The numeric value is returned in + * the long pointed to by num. 0 is returned on success, -1 if the requested + * numeric capability couldn't be found. + */ +int +cgetnum(char *buf, const char *cap, long *num) +{ + long n; + int base, digit; + const char *bp; + + /* + * Find numeric capability cap + */ + bp = cgetcap(buf, cap, '#'); + if (bp == NULL) + return (-1); + + /* + * Look at value and determine numeric base: + * 0x... or 0X... hexadecimal, + * else 0... octal, + * else decimal. + */ + if (*bp == '0') { + bp++; + if (*bp == 'x' || *bp == 'X') { + bp++; + base = 16; + } else + base = 8; + } else + base = 10; + + /* + * Conversion loop ... + */ + n = 0; + for (;;) { + if ('0' <= *bp && *bp <= '9') + digit = *bp - '0'; + else if ('a' <= *bp && *bp <= 'f') + digit = 10 + *bp - 'a'; + else if ('A' <= *bp && *bp <= 'F') + digit = 10 + *bp - 'A'; + else + break; + + if (digit >= base) + break; + + n = n * base + digit; + bp++; + } + + /* + * Return value and success. + */ + *num = n; + return (0); +} + + +/* + * Compare name field of record. + */ +static int +nfcmp(char *nf, char *rec) +{ + char *cp, tmp; + int ret; + + for (cp = rec; *cp != ':'; cp++) + ; + + tmp = *(cp + 1); + *(cp + 1) = '\0'; + ret = strcmp(nf, rec); + *(cp + 1) = tmp; + + return (ret); +} diff --git a/crypto/heimdal/lib/roken/getcwd.c b/crypto/heimdal/lib/roken/getcwd.c new file mode 100644 index 0000000..c1f2610 --- /dev/null +++ b/crypto/heimdal/lib/roken/getcwd.c @@ -0,0 +1,57 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: getcwd.c,v 1.12 1999/12/02 16:58:46 joda Exp $"); +#endif + +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif +#ifdef HAVE_SYS_PARAM_H +#include <sys/param.h> +#endif + +#include "roken.h" + +char* +getcwd(char *path, size_t size) +{ + char xxx[MaxPathLen]; + char *ret; + ret = getwd(xxx); + if(ret) + strlcpy(path, xxx, size); + return ret; +} diff --git a/crypto/heimdal/lib/roken/getdtablesize.c b/crypto/heimdal/lib/roken/getdtablesize.c new file mode 100644 index 0000000..9f9c74b --- /dev/null +++ b/crypto/heimdal/lib/roken/getdtablesize.c @@ -0,0 +1,101 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: getdtablesize.c,v 1.10 1999/12/02 16:58:46 joda Exp $"); +#endif + +#include "roken.h" + +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef TIME_WITH_SYS_TIME +#include <sys/time.h> +#include <time.h> +#elif defined(HAVE_SYS_TIME_H) +#include <sys/time.h> +#else +#include <time.h> +#endif +#ifdef HAVE_SYS_PARAM_H +#include <sys/param.h> +#endif +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif + +#ifdef HAVE_SYS_RESOURCE_H +#include <sys/resource.h> +#endif + +#ifdef HAVE_SYS_SYSCTL_H +#include <sys/sysctl.h> +#endif + +int getdtablesize(void) +{ + int files = -1; +#if defined(HAVE_SYSCONF) && defined(_SC_OPEN_MAX) + files = sysconf(_SC_OPEN_MAX); +#else /* !defined(HAVE_SYSCONF) */ +#if defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE) + struct rlimit res; + if (getrlimit(RLIMIT_NOFILE, &res) == 0) + files = res.rlim_cur; +#else /* !definded(HAVE_GETRLIMIT) */ +#if defined(HAVE_SYSCTL) && defined(CTL_KERN) && defined(KERN_MAXFILES) + int mib[2]; + size_t len; + + mib[0] = CTL_KERN; + mib[1] = KERN_MAXFILES; + len = sizeof(files); + sysctl(&mib, 2, &files, sizeof(nfil), NULL, 0); +#endif /* defined(HAVE_SYSCTL) */ +#endif /* !definded(HAVE_GETRLIMIT) */ +#endif /* !defined(HAVE_SYSCONF) */ + +#ifdef OPEN_MAX + if (files < 0) + files = OPEN_MAX; +#endif + +#ifdef NOFILE + if (files < 0) + files = NOFILE; +#endif + + return files; +} diff --git a/crypto/heimdal/lib/roken/getegid.c b/crypto/heimdal/lib/roken/getegid.c new file mode 100644 index 0000000..b6eab85 --- /dev/null +++ b/crypto/heimdal/lib/roken/getegid.c @@ -0,0 +1,48 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include "roken.h" + +#ifndef HAVE_GETEGID + +RCSID("$Id: getegid.c,v 1.2 1999/12/02 16:58:46 joda Exp $"); + +int getegid(void) +{ + return getgid(); +} + +#endif diff --git a/crypto/heimdal/lib/roken/geteuid.c b/crypto/heimdal/lib/roken/geteuid.c new file mode 100644 index 0000000..4bdf531 --- /dev/null +++ b/crypto/heimdal/lib/roken/geteuid.c @@ -0,0 +1,48 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include "roken.h" + +#ifndef HAVE_GETEUID + +RCSID("$Id: geteuid.c,v 1.2 1999/12/02 16:58:46 joda Exp $"); + +int geteuid(void) +{ + return getuid(); +} + +#endif diff --git a/crypto/heimdal/lib/roken/getgid.c b/crypto/heimdal/lib/roken/getgid.c new file mode 100644 index 0000000..f2ca01a --- /dev/null +++ b/crypto/heimdal/lib/roken/getgid.c @@ -0,0 +1,48 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include "roken.h" + +#ifndef HAVE_GETGID + +RCSID("$Id: getgid.c,v 1.2 1999/12/02 16:58:46 joda Exp $"); + +int getgid(void) +{ + return 17; +} + +#endif diff --git a/crypto/heimdal/lib/roken/gethostname.c b/crypto/heimdal/lib/roken/gethostname.c new file mode 100644 index 0000000..753ba9f --- /dev/null +++ b/crypto/heimdal/lib/roken/gethostname.c @@ -0,0 +1,72 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include "roken.h" + +#ifndef HAVE_GETHOSTNAME + +#ifdef HAVE_SYS_UTSNAME_H +#include <sys/utsname.h> +#endif + +/* + * Return the local host's name in "name", up to "namelen" characters. + * "name" will be null-terminated if "namelen" is big enough. + * The return code is 0 on success, -1 on failure. (The calling + * interface is identical to gethostname(2).) + */ + +int +gethostname(char *name, int namelen) +{ +#if defined(HAVE_UNAME) + { + struct utsname utsname; + int ret; + + ret = uname (&utsname); + if (ret < 0) + return ret; + strlcpy (name, utsname.nodename, namelen); + return 0; + } +#else + strlcpy (name, "some.random.host", namelen); + return 0; +#endif +} + +#endif /* GETHOSTNAME */ diff --git a/crypto/heimdal/lib/roken/getipnodebyaddr.c b/crypto/heimdal/lib/roken/getipnodebyaddr.c new file mode 100644 index 0000000..f22aad7 --- /dev/null +++ b/crypto/heimdal/lib/roken/getipnodebyaddr.c @@ -0,0 +1,74 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: getipnodebyaddr.c,v 1.2 1999/12/02 16:58:46 joda Exp $"); +#endif + +#include "roken.h" + +/* + * lookup `src, len' (address family `af') in DNS and return a pointer + * to a malloced struct hostent or NULL. + */ + +struct hostent * +getipnodebyaddr (const void *src, size_t len, int af, int *error_num) +{ + struct hostent *tmp; + + tmp = gethostbyaddr (src, len, af); + if (tmp == NULL) { + switch (h_errno) { + case HOST_NOT_FOUND : + case TRY_AGAIN : + case NO_RECOVERY : + *error_num = h_errno; + break; + case NO_DATA : + *error_num = NO_ADDRESS; + break; + default : + *error_num = NO_RECOVERY; + break; + } + return NULL; + } + tmp = copyhostent (tmp); + if (tmp == NULL) { + *error_num = TRY_AGAIN; + return NULL; + } + return tmp; +} diff --git a/crypto/heimdal/lib/roken/getipnodebyname.c b/crypto/heimdal/lib/roken/getipnodebyname.c new file mode 100644 index 0000000..576feef --- /dev/null +++ b/crypto/heimdal/lib/roken/getipnodebyname.c @@ -0,0 +1,86 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: getipnodebyname.c,v 1.3 1999/12/02 16:58:46 joda Exp $"); +#endif + +#include "roken.h" + +#ifndef HAVE_H_ERRNO +static int h_errno = NO_RECOVERY; +#endif + +/* + * lookup `name' (address family `af') in DNS and return a pointer + * to a malloced struct hostent or NULL. + */ + +struct hostent * +getipnodebyname (const char *name, int af, int flags, int *error_num) +{ + struct hostent *tmp; + +#ifdef HAVE_GETHOSTBYNAME2 + tmp = gethostbyname2 (name, af); +#else + if (af != AF_INET) { + *error_num = NO_ADDRESS; + return NULL; + } + tmp = gethostbyname (name); +#endif + if (tmp == NULL) { + switch (h_errno) { + case HOST_NOT_FOUND : + case TRY_AGAIN : + case NO_RECOVERY : + *error_num = h_errno; + break; + case NO_DATA : + *error_num = NO_ADDRESS; + break; + default : + *error_num = NO_RECOVERY; + break; + } + return NULL; + } + tmp = copyhostent (tmp); + if (tmp == NULL) { + *error_num = TRY_AGAIN; + return NULL; + } + return tmp; +} diff --git a/crypto/heimdal/lib/roken/getnameinfo.c b/crypto/heimdal/lib/roken/getnameinfo.c new file mode 100644 index 0000000..7e2d232 --- /dev/null +++ b/crypto/heimdal/lib/roken/getnameinfo.c @@ -0,0 +1,127 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: getnameinfo.c,v 1.2 1999/12/03 04:10:07 assar Exp $"); +#endif + +#include "roken.h" + +static int +doit (int af, + const void *addr, + size_t addrlen, + int port, + char *host, size_t hostlen, + char *serv, size_t servlen, + int flags) +{ + if (host != NULL) { + if (flags & NI_NUMERICHOST) { + if (inet_ntop (af, addr, host, hostlen) == NULL) + return EAI_SYSTEM; + } else { + struct hostent *he = gethostbyaddr (addr, + addrlen, + af); + if (he != NULL) { + strlcpy (host, he->h_name, hostlen); + if (flags & NI_NOFQDN) { + char *dot = strchr (host, '.'); + if (dot != NULL) + *dot = '\0'; + } + } else if (flags & NI_NAMEREQD) { + return EAI_NONAME; + } else if (inet_ntop (AF_INET, addr, host, hostlen) == NULL) + return EAI_SYSTEM; + } + } + + if (serv != NULL) { + if (flags & NI_NUMERICSERV) { + snprintf (serv, servlen, "%u", ntohs(port)); + } else { + const char *proto = "tcp"; + struct servent *se; + + if (flags & NI_DGRAM) + proto = "udp"; + + se = getservbyport (port, proto); + if (se == NULL) { + snprintf (serv, servlen, "%u", ntohs(port)); + } else { + strlcpy (serv, se->s_name, servlen); + } + } + } + return 0; +} + +/* + * + */ + +int +getnameinfo(const struct sockaddr *sa, socklen_t salen, + char *host, size_t hostlen, + char *serv, size_t servlen, + int flags) +{ + switch (sa->sa_family) { +#ifdef HAVE_IPV6 + case AF_INET6 : { + const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)sa; + + return doit (AF_INET6, &sin6->sin6_addr, sizeof(sin6->sin6_addr), + sin6->sin6_port, + host, hostlen, + serv, servlen, + flags); + } +#endif + case AF_INET : { + const struct sockaddr_in *sin = (const struct sockaddr_in *)sa; + + return doit (AF_INET, &sin->sin_addr, sizeof(sin->sin_addr), + sin->sin_port, + host, hostlen, + serv, servlen, + flags); + } + default : + return EAI_FAMILY; + } +} diff --git a/crypto/heimdal/lib/roken/getnameinfo_verified.c b/crypto/heimdal/lib/roken/getnameinfo_verified.c new file mode 100644 index 0000000..2a23d24 --- /dev/null +++ b/crypto/heimdal/lib/roken/getnameinfo_verified.c @@ -0,0 +1,69 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: getnameinfo_verified.c,v 1.2 1999/12/05 10:52:09 assar Exp $"); +#endif + +#include "roken.h" + +int +getnameinfo_verified(const struct sockaddr *sa, socklen_t salen, + char *host, size_t hostlen, + char *serv, size_t servlen, + int flags) +{ + int ret; + struct addrinfo *ai, *a; + + if (host == NULL) + return EAI_NONAME; + + ret = getnameinfo (sa, salen, host, hostlen, serv, servlen, flags); + if (ret) + return ret; + ret = getaddrinfo (host, serv, NULL, &ai); + if (ret) + return ret; + for (a = ai; a != NULL; a = a->ai_next) { + if (a->ai_addrlen == salen + && memcmp (a->ai_addr, sa, salen) == 0) + return 0; + } + if (flags & NI_NAMEREQD) + return EAI_NONAME; + ret = getnameinfo (sa, salen, host, hostlen, serv, servlen, + flags | NI_NUMERICSERV | NI_NUMERICHOST); + return ret; +} diff --git a/crypto/heimdal/lib/roken/getopt.c b/crypto/heimdal/lib/roken/getopt.c new file mode 100644 index 0000000..45fc350 --- /dev/null +++ b/crypto/heimdal/lib/roken/getopt.c @@ -0,0 +1,128 @@ +/* + * Copyright (c) 1987, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#if defined(LIBC_SCCS) && !defined(lint) +static char sccsid[] = "@(#)getopt.c 8.1 (Berkeley) 6/4/93"; +#endif /* LIBC_SCCS and not lint */ + +#ifndef __STDC__ +#define const +#endif +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +/* + * get option letter from argument vector + */ +int opterr = 1, /* if error message should be printed */ + optind = 1, /* index into parent argv vector */ + optopt, /* character checked for validity */ + optreset; /* reset getopt */ +char *optarg; /* argument associated with option */ + +#define BADCH (int)'?' +#define BADARG (int)':' +#define EMSG "" + +int +getopt(nargc, nargv, ostr) + int nargc; + char * const *nargv; + const char *ostr; +{ + static char *place = EMSG; /* option letter processing */ + char *oli; /* option letter list index */ + char *p; + + if (optreset || !*place) { /* update scanning pointer */ + optreset = 0; + if (optind >= nargc || *(place = nargv[optind]) != '-') { + place = EMSG; + return(-1); + } + if (place[1] && *++place == '-') { /* found "--" */ + ++optind; + place = EMSG; + return(-1); + } + } /* option letter okay? */ + if ((optopt = (int)*place++) == (int)':' || + !(oli = strchr(ostr, optopt))) { + /* + * if the user didn't specify '-' as an option, + * assume it means -1 (EOF). + */ + if (optopt == (int)'-') + return(-1); + if (!*place) + ++optind; + if (opterr && *ostr != ':') { + if (!(p = strrchr(*nargv, '/'))) + p = *nargv; + else + ++p; + fprintf(stderr, "%s: illegal option -- %c\n", + p, optopt); + } + return(BADCH); + } + if (*++oli != ':') { /* don't need argument */ + optarg = NULL; + if (!*place) + ++optind; + } + else { /* need an argument */ + if (*place) /* no white space */ + optarg = place; + else if (nargc <= ++optind) { /* no arg */ + place = EMSG; + if (!(p = strrchr(*nargv, '/'))) + p = *nargv; + else + ++p; + if (*ostr == ':') + return(BADARG); + if (opterr) + fprintf(stderr, + "%s: option requires an argument -- %c\n", + p, optopt); + return(BADCH); + } + else /* white space */ + optarg = nargv[optind]; + place = EMSG; + ++optind; + } + return(optopt); /* dump back option letter */ +} diff --git a/crypto/heimdal/lib/roken/gettimeofday.c b/crypto/heimdal/lib/roken/gettimeofday.c new file mode 100644 index 0000000..ec8b62f --- /dev/null +++ b/crypto/heimdal/lib/roken/gettimeofday.c @@ -0,0 +1,55 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include "roken.h" +#ifndef HAVE_GETTIMEOFDAY + +RCSID("$Id: gettimeofday.c,v 1.8 1999/12/02 16:58:46 joda Exp $"); + +/* + * Simple gettimeofday that only returns seconds. + */ +int +gettimeofday (struct timeval *tp, void *ignore) +{ + time_t t; + + t = time(NULL); + tp->tv_sec = t; + tp->tv_usec = 0; + return 0; +} +#endif diff --git a/crypto/heimdal/lib/roken/getuid.c b/crypto/heimdal/lib/roken/getuid.c new file mode 100644 index 0000000..6ebce0a --- /dev/null +++ b/crypto/heimdal/lib/roken/getuid.c @@ -0,0 +1,48 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include "roken.h" + +#ifndef HAVE_GETUID + +RCSID("$Id: getuid.c,v 1.3 1999/12/02 16:58:46 joda Exp $"); + +int getuid(void) +{ + return 17; +} + +#endif diff --git a/crypto/heimdal/lib/roken/getusershell.c b/crypto/heimdal/lib/roken/getusershell.c new file mode 100644 index 0000000..87a48ec --- /dev/null +++ b/crypto/heimdal/lib/roken/getusershell.c @@ -0,0 +1,160 @@ +/* + * Copyright (c) 1985, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + +RCSID("$Id: getusershell.c,v 1.8 1997/04/20 06:18:03 assar Exp $"); + +#ifndef HAVE_GETUSERSHELL + +#include <stdio.h> +#include <stdlib.h> +#ifdef HAVE_PATHS_H +#include <paths.h> +#endif +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_SYS_STAT_H +#include <sys/stat.h> +#endif +#ifdef HAVE_SYS_PARAM_H +#include <sys/param.h> +#endif + +#ifndef _PATH_SHELLS +#define _PATH_SHELLS "/etc/shells" +#endif + +#ifndef _PATH_BSHELL +#define _PATH_BSHELL "/bin/sh" +#endif + +#ifndef _PATH_CSHELL +#define _PATH_CSHELL "/bin/csh" +#endif + +/* + * Local shells should NOT be added here. They should be added in + * /etc/shells. + */ + +static char *okshells[] = { _PATH_BSHELL, _PATH_CSHELL, NULL }; +static char **curshell, **shells, *strings; +static char **initshells (void); + +/* + * Get a list of shells from _PATH_SHELLS, if it exists. + */ +char * +getusershell() +{ + char *ret; + + if (curshell == NULL) + curshell = initshells(); + ret = *curshell; + if (ret != NULL) + curshell++; + return (ret); +} + +void +endusershell() +{ + + if (shells != NULL) + free(shells); + shells = NULL; + if (strings != NULL) + free(strings); + strings = NULL; + curshell = NULL; +} + +void +setusershell() +{ + + curshell = initshells(); +} + +static char ** +initshells() +{ + char **sp, *cp; + FILE *fp; + struct stat statb; + + if (shells != NULL) + free(shells); + shells = NULL; + if (strings != NULL) + free(strings); + strings = NULL; + if ((fp = fopen(_PATH_SHELLS, "r")) == NULL) + return (okshells); + if (fstat(fileno(fp), &statb) == -1) { + fclose(fp); + return (okshells); + } + if ((strings = malloc((u_int)statb.st_size)) == NULL) { + fclose(fp); + return (okshells); + } + shells = calloc((unsigned)statb.st_size / 3, sizeof (char *)); + if (shells == NULL) { + fclose(fp); + free(strings); + strings = NULL; + return (okshells); + } + sp = shells; + cp = strings; + while (fgets(cp, MaxPathLen + 1, fp) != NULL) { + while (*cp != '#' && *cp != '/' && *cp != '\0') + cp++; + if (*cp == '#' || *cp == '\0') + continue; + *sp++ = cp; + while (!isspace(*cp) && *cp != '#' && *cp != '\0') + cp++; + *cp++ = '\0'; + } + *sp = NULL; + fclose(fp); + return (shells); +} +#endif /* HAVE_GETUSERSHELL */ diff --git a/crypto/heimdal/lib/roken/glob.c b/crypto/heimdal/lib/roken/glob.c new file mode 100644 index 0000000..66e8ec6 --- /dev/null +++ b/crypto/heimdal/lib/roken/glob.c @@ -0,0 +1,835 @@ +/* + * Copyright (c) 1989, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Guido van Rossum. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* + * glob(3) -- a superset of the one defined in POSIX 1003.2. + * + * The [!...] convention to negate a range is supported (SysV, Posix, ksh). + * + * Optional extra services, controlled by flags not defined by POSIX: + * + * GLOB_QUOTE: + * Escaping convention: \ inhibits any special meaning the following + * character might have (except \ at end of string is retained). + * GLOB_MAGCHAR: + * Set in gl_flags if pattern contained a globbing character. + * GLOB_NOMAGIC: + * Same as GLOB_NOCHECK, but it will only append pattern if it did + * not contain any magic characters. [Used in csh style globbing] + * GLOB_ALTDIRFUNC: + * Use alternately specified directory access functions. + * GLOB_TILDE: + * expand ~user/foo to the /home/dir/of/user/foo + * GLOB_BRACE: + * expand {1,2}{a,b} to 1a 1b 2a 2b + * gl_matchc: + * Number of matches in the current invocation of glob. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + +#ifdef HAVE_SYS_PARAM_H +#include <sys/param.h> +#endif +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_SYS_STAT_H +#include <sys/stat.h> +#endif + +#include <ctype.h> +#ifdef HAVE_DIRENT_H +#include <dirent.h> +#endif +#include <errno.h> +#ifdef HAVE_PWD_H +#include <pwd.h> +#endif +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif + +#include "glob.h" +#include "roken.h" + +#define CHAR_DOLLAR '$' +#define CHAR_DOT '.' +#define CHAR_EOS '\0' +#define CHAR_LBRACKET '[' +#define CHAR_NOT '!' +#define CHAR_QUESTION '?' +#define CHAR_QUOTE '\\' +#define CHAR_RANGE '-' +#define CHAR_RBRACKET ']' +#define CHAR_SEP '/' +#define CHAR_STAR '*' +#define CHAR_TILDE '~' +#define CHAR_UNDERSCORE '_' +#define CHAR_LBRACE '{' +#define CHAR_RBRACE '}' +#define CHAR_SLASH '/' +#define CHAR_COMMA ',' + +#ifndef DEBUG + +#define M_QUOTE 0x8000 +#define M_PROTECT 0x4000 +#define M_MASK 0xffff +#define M_ASCII 0x00ff + +typedef u_short Char; + +#else + +#define M_QUOTE 0x80 +#define M_PROTECT 0x40 +#define M_MASK 0xff +#define M_ASCII 0x7f + +typedef char Char; + +#endif + + +#define CHAR(c) ((Char)((c)&M_ASCII)) +#define META(c) ((Char)((c)|M_QUOTE)) +#define M_ALL META('*') +#define M_END META(']') +#define M_NOT META('!') +#define M_ONE META('?') +#define M_RNG META('-') +#define M_SET META('[') +#define ismeta(c) (((c)&M_QUOTE) != 0) + + +static int compare (const void *, const void *); +static void g_Ctoc (const Char *, char *); +static int g_lstat (Char *, struct stat *, glob_t *); +static DIR *g_opendir (Char *, glob_t *); +static Char *g_strchr (Char *, int); +#ifdef notdef +static Char *g_strcat (Char *, const Char *); +#endif +static int g_stat (Char *, struct stat *, glob_t *); +static int glob0 (const Char *, glob_t *); +static int glob1 (Char *, glob_t *); +static int glob2 (Char *, Char *, Char *, glob_t *); +static int glob3 (Char *, Char *, Char *, Char *, glob_t *); +static int globextend (const Char *, glob_t *); +static const Char * globtilde (const Char *, Char *, glob_t *); +static int globexp1 (const Char *, glob_t *); +static int globexp2 (const Char *, const Char *, glob_t *, int *); +static int match (Char *, Char *, Char *); +#ifdef DEBUG +static void qprintf (const char *, Char *); +#endif + +int +glob(const char *pattern, + int flags, + int (*errfunc)(const char *, int), + glob_t *pglob) +{ + const u_char *patnext; + int c; + Char *bufnext, *bufend, patbuf[MaxPathLen+1]; + + patnext = (u_char *) pattern; + if (!(flags & GLOB_APPEND)) { + pglob->gl_pathc = 0; + pglob->gl_pathv = NULL; + if (!(flags & GLOB_DOOFFS)) + pglob->gl_offs = 0; + } + pglob->gl_flags = flags & ~GLOB_MAGCHAR; + pglob->gl_errfunc = errfunc; + pglob->gl_matchc = 0; + + bufnext = patbuf; + bufend = bufnext + MaxPathLen; + if (flags & GLOB_QUOTE) { + /* Protect the quoted characters. */ + while (bufnext < bufend && (c = *patnext++) != CHAR_EOS) + if (c == CHAR_QUOTE) { + if ((c = *patnext++) == CHAR_EOS) { + c = CHAR_QUOTE; + --patnext; + } + *bufnext++ = c | M_PROTECT; + } + else + *bufnext++ = c; + } + else + while (bufnext < bufend && (c = *patnext++) != CHAR_EOS) + *bufnext++ = c; + *bufnext = CHAR_EOS; + + if (flags & GLOB_BRACE) + return globexp1(patbuf, pglob); + else + return glob0(patbuf, pglob); +} + +/* + * Expand recursively a glob {} pattern. When there is no more expansion + * invoke the standard globbing routine to glob the rest of the magic + * characters + */ +static int globexp1(const Char *pattern, glob_t *pglob) +{ + const Char* ptr = pattern; + int rv; + + /* Protect a single {}, for find(1), like csh */ + if (pattern[0] == CHAR_LBRACE && pattern[1] == CHAR_RBRACE && pattern[2] == CHAR_EOS) + return glob0(pattern, pglob); + + while ((ptr = (const Char *) g_strchr((Char *) ptr, CHAR_LBRACE)) != NULL) + if (!globexp2(ptr, pattern, pglob, &rv)) + return rv; + + return glob0(pattern, pglob); +} + + +/* + * Recursive brace globbing helper. Tries to expand a single brace. + * If it succeeds then it invokes globexp1 with the new pattern. + * If it fails then it tries to glob the rest of the pattern and returns. + */ +static int globexp2(const Char *ptr, const Char *pattern, + glob_t *pglob, int *rv) +{ + int i; + Char *lm, *ls; + const Char *pe, *pm, *pl; + Char patbuf[MaxPathLen + 1]; + + /* copy part up to the brace */ + for (lm = patbuf, pm = pattern; pm != ptr; *lm++ = *pm++) + continue; + ls = lm; + + /* Find the balanced brace */ + for (i = 0, pe = ++ptr; *pe; pe++) + if (*pe == CHAR_LBRACKET) { + /* Ignore everything between [] */ + for (pm = pe++; *pe != CHAR_RBRACKET && *pe != CHAR_EOS; pe++) + continue; + if (*pe == CHAR_EOS) { + /* + * We could not find a matching CHAR_RBRACKET. + * Ignore and just look for CHAR_RBRACE + */ + pe = pm; + } + } + else if (*pe == CHAR_LBRACE) + i++; + else if (*pe == CHAR_RBRACE) { + if (i == 0) + break; + i--; + } + + /* Non matching braces; just glob the pattern */ + if (i != 0 || *pe == CHAR_EOS) { + *rv = glob0(patbuf, pglob); + return 0; + } + + for (i = 0, pl = pm = ptr; pm <= pe; pm++) + switch (*pm) { + case CHAR_LBRACKET: + /* Ignore everything between [] */ + for (pl = pm++; *pm != CHAR_RBRACKET && *pm != CHAR_EOS; pm++) + continue; + if (*pm == CHAR_EOS) { + /* + * We could not find a matching CHAR_RBRACKET. + * Ignore and just look for CHAR_RBRACE + */ + pm = pl; + } + break; + + case CHAR_LBRACE: + i++; + break; + + case CHAR_RBRACE: + if (i) { + i--; + break; + } + /* FALLTHROUGH */ + case CHAR_COMMA: + if (i && *pm == CHAR_COMMA) + break; + else { + /* Append the current string */ + for (lm = ls; (pl < pm); *lm++ = *pl++) + continue; + /* + * Append the rest of the pattern after the + * closing brace + */ + for (pl = pe + 1; (*lm++ = *pl++) != CHAR_EOS;) + continue; + + /* Expand the current pattern */ +#ifdef DEBUG + qprintf("globexp2:", patbuf); +#endif + *rv = globexp1(patbuf, pglob); + + /* move after the comma, to the next string */ + pl = pm + 1; + } + break; + + default: + break; + } + *rv = 0; + return 0; +} + + + +/* + * expand tilde from the passwd file. + */ +static const Char * +globtilde(const Char *pattern, Char *patbuf, glob_t *pglob) +{ + struct passwd *pwd; + char *h; + const Char *p; + Char *b; + + if (*pattern != CHAR_TILDE || !(pglob->gl_flags & GLOB_TILDE)) + return pattern; + + /* Copy up to the end of the string or / */ + for (p = pattern + 1, h = (char *) patbuf; *p && *p != CHAR_SLASH; + *h++ = *p++) + continue; + + *h = CHAR_EOS; + + if (((char *) patbuf)[0] == CHAR_EOS) { + /* + * handle a plain ~ or ~/ by expanding $HOME + * first and then trying the password file + */ + if ((h = getenv("HOME")) == NULL) { + if ((pwd = k_getpwuid(getuid())) == NULL) + return pattern; + else + h = pwd->pw_dir; + } + } + else { + /* + * Expand a ~user + */ + if ((pwd = k_getpwnam((char*) patbuf)) == NULL) + return pattern; + else + h = pwd->pw_dir; + } + + /* Copy the home directory */ + for (b = patbuf; *h; *b++ = *h++) + continue; + + /* Append the rest of the pattern */ + while ((*b++ = *p++) != CHAR_EOS) + continue; + + return patbuf; +} + + +/* + * The main glob() routine: compiles the pattern (optionally processing + * quotes), calls glob1() to do the real pattern matching, and finally + * sorts the list (unless unsorted operation is requested). Returns 0 + * if things went well, nonzero if errors occurred. It is not an error + * to find no matches. + */ +static int +glob0(const Char *pattern, glob_t *pglob) +{ + const Char *qpatnext; + int c, err, oldpathc; + Char *bufnext, patbuf[MaxPathLen+1]; + + qpatnext = globtilde(pattern, patbuf, pglob); + oldpathc = pglob->gl_pathc; + bufnext = patbuf; + + /* We don't need to check for buffer overflow any more. */ + while ((c = *qpatnext++) != CHAR_EOS) { + switch (c) { + case CHAR_LBRACKET: + c = *qpatnext; + if (c == CHAR_NOT) + ++qpatnext; + if (*qpatnext == CHAR_EOS || + g_strchr((Char *) qpatnext+1, CHAR_RBRACKET) == NULL) { + *bufnext++ = CHAR_LBRACKET; + if (c == CHAR_NOT) + --qpatnext; + break; + } + *bufnext++ = M_SET; + if (c == CHAR_NOT) + *bufnext++ = M_NOT; + c = *qpatnext++; + do { + *bufnext++ = CHAR(c); + if (*qpatnext == CHAR_RANGE && + (c = qpatnext[1]) != CHAR_RBRACKET) { + *bufnext++ = M_RNG; + *bufnext++ = CHAR(c); + qpatnext += 2; + } + } while ((c = *qpatnext++) != CHAR_RBRACKET); + pglob->gl_flags |= GLOB_MAGCHAR; + *bufnext++ = M_END; + break; + case CHAR_QUESTION: + pglob->gl_flags |= GLOB_MAGCHAR; + *bufnext++ = M_ONE; + break; + case CHAR_STAR: + pglob->gl_flags |= GLOB_MAGCHAR; + /* collapse adjacent stars to one, + * to avoid exponential behavior + */ + if (bufnext == patbuf || bufnext[-1] != M_ALL) + *bufnext++ = M_ALL; + break; + default: + *bufnext++ = CHAR(c); + break; + } + } + *bufnext = CHAR_EOS; +#ifdef DEBUG + qprintf("glob0:", patbuf); +#endif + + if ((err = glob1(patbuf, pglob)) != 0) + return(err); + + /* + * If there was no match we are going to append the pattern + * if GLOB_NOCHECK was specified or if GLOB_NOMAGIC was specified + * and the pattern did not contain any magic characters + * GLOB_NOMAGIC is there just for compatibility with csh. + */ + if (pglob->gl_pathc == oldpathc && + ((pglob->gl_flags & GLOB_NOCHECK) || + ((pglob->gl_flags & GLOB_NOMAGIC) && + !(pglob->gl_flags & GLOB_MAGCHAR)))) + return(globextend(pattern, pglob)); + else if (!(pglob->gl_flags & GLOB_NOSORT)) + qsort(pglob->gl_pathv + pglob->gl_offs + oldpathc, + pglob->gl_pathc - oldpathc, sizeof(char *), compare); + return(0); +} + +static int +compare(const void *p, const void *q) +{ + return(strcmp(*(char **)p, *(char **)q)); +} + +static int +glob1(Char *pattern, glob_t *pglob) +{ + Char pathbuf[MaxPathLen+1]; + + /* A null pathname is invalid -- POSIX 1003.1 sect. 2.4. */ + if (*pattern == CHAR_EOS) + return(0); + return(glob2(pathbuf, pathbuf, pattern, pglob)); +} + +/* + * The functions glob2 and glob3 are mutually recursive; there is one level + * of recursion for each segment in the pattern that contains one or more + * meta characters. + */ + +#ifndef S_ISLNK +#if defined(S_IFLNK) && defined(S_IFMT) +#define S_ISLNK(mode) (((mode) & S_IFMT) == S_IFLNK) +#else +#define S_ISLNK(mode) 0 +#endif +#endif + +static int +glob2(Char *pathbuf, Char *pathend, Char *pattern, glob_t *pglob) +{ + struct stat sb; + Char *p, *q; + int anymeta; + + /* + * Loop over pattern segments until end of pattern or until + * segment with meta character found. + */ + for (anymeta = 0;;) { + if (*pattern == CHAR_EOS) { /* End of pattern? */ + *pathend = CHAR_EOS; + if (g_lstat(pathbuf, &sb, pglob)) + return(0); + + if (((pglob->gl_flags & GLOB_MARK) && + pathend[-1] != CHAR_SEP) && (S_ISDIR(sb.st_mode) + || (S_ISLNK(sb.st_mode) && + (g_stat(pathbuf, &sb, pglob) == 0) && + S_ISDIR(sb.st_mode)))) { + *pathend++ = CHAR_SEP; + *pathend = CHAR_EOS; + } + ++pglob->gl_matchc; + return(globextend(pathbuf, pglob)); + } + + /* Find end of next segment, copy tentatively to pathend. */ + q = pathend; + p = pattern; + while (*p != CHAR_EOS && *p != CHAR_SEP) { + if (ismeta(*p)) + anymeta = 1; + *q++ = *p++; + } + + if (!anymeta) { /* No expansion, do next segment. */ + pathend = q; + pattern = p; + while (*pattern == CHAR_SEP) + *pathend++ = *pattern++; + } else /* Need expansion, recurse. */ + return(glob3(pathbuf, pathend, pattern, p, pglob)); + } + /* CHAR_NOTREACHED */ +} + +static int +glob3(Char *pathbuf, Char *pathend, Char *pattern, Char *restpattern, + glob_t *pglob) +{ + struct dirent *dp; + DIR *dirp; + int err; + char buf[MaxPathLen]; + + /* + * The readdirfunc declaration can't be prototyped, because it is + * assigned, below, to two functions which are prototyped in glob.h + * and dirent.h as taking pointers to differently typed opaque + * structures. + */ + struct dirent *(*readdirfunc)(void *); + + *pathend = CHAR_EOS; + errno = 0; + + if ((dirp = g_opendir(pathbuf, pglob)) == NULL) { + /* TODO: don't call for ENOENT or ENOTDIR? */ + if (pglob->gl_errfunc) { + g_Ctoc(pathbuf, buf); + if (pglob->gl_errfunc(buf, errno) || + pglob->gl_flags & GLOB_ERR) + return (GLOB_ABEND); + } + return(0); + } + + err = 0; + + /* Search directory for matching names. */ + if (pglob->gl_flags & GLOB_ALTDIRFUNC) + readdirfunc = pglob->gl_readdir; + else + readdirfunc = (struct dirent *(*)(void *))readdir; + while ((dp = (*readdirfunc)(dirp))) { + u_char *sc; + Char *dc; + + /* Initial CHAR_DOT must be matched literally. */ + if (dp->d_name[0] == CHAR_DOT && *pattern != CHAR_DOT) + continue; + for (sc = (u_char *) dp->d_name, dc = pathend; + (*dc++ = *sc++) != CHAR_EOS;) + continue; + if (!match(pathend, pattern, restpattern)) { + *pathend = CHAR_EOS; + continue; + } + err = glob2(pathbuf, --dc, restpattern, pglob); + if (err) + break; + } + + if (pglob->gl_flags & GLOB_ALTDIRFUNC) + (*pglob->gl_closedir)(dirp); + else + closedir(dirp); + return(err); +} + + +/* + * Extend the gl_pathv member of a glob_t structure to accomodate a new item, + * add the new item, and update gl_pathc. + * + * This assumes the BSD realloc, which only copies the block when its size + * crosses a power-of-two boundary; for v7 realloc, this would cause quadratic + * behavior. + * + * Return 0 if new item added, error code if memory couldn't be allocated. + * + * Invariant of the glob_t structure: + * Either gl_pathc is zero and gl_pathv is NULL; or gl_pathc > 0 and + * gl_pathv points to (gl_offs + gl_pathc + 1) items. + */ +static int +globextend(const Char *path, glob_t *pglob) +{ + char **pathv; + int i; + u_int newsize; + char *copy; + const Char *p; + + newsize = sizeof(*pathv) * (2 + pglob->gl_pathc + pglob->gl_offs); + pathv = pglob->gl_pathv ? + realloc(pglob->gl_pathv, newsize) : + malloc(newsize); + if (pathv == NULL) + return(GLOB_NOSPACE); + + if (pglob->gl_pathv == NULL && pglob->gl_offs > 0) { + /* first time around -- clear initial gl_offs items */ + pathv += pglob->gl_offs; + for (i = pglob->gl_offs; --i >= 0; ) + *--pathv = NULL; + } + pglob->gl_pathv = pathv; + + for (p = path; *p++;) + continue; + if ((copy = malloc(p - path)) != NULL) { + g_Ctoc(path, copy); + pathv[pglob->gl_offs + pglob->gl_pathc++] = copy; + } + pathv[pglob->gl_offs + pglob->gl_pathc] = NULL; + return(copy == NULL ? GLOB_NOSPACE : 0); +} + + +/* + * pattern matching function for filenames. Each occurrence of the * + * pattern causes a recursion level. + */ +static int +match(Char *name, Char *pat, Char *patend) +{ + int ok, negate_range; + Char c, k; + + while (pat < patend) { + c = *pat++; + switch (c & M_MASK) { + case M_ALL: + if (pat == patend) + return(1); + do + if (match(name, pat, patend)) + return(1); + while (*name++ != CHAR_EOS); + return(0); + case M_ONE: + if (*name++ == CHAR_EOS) + return(0); + break; + case M_SET: + ok = 0; + if ((k = *name++) == CHAR_EOS) + return(0); + if ((negate_range = ((*pat & M_MASK) == M_NOT)) != CHAR_EOS) + ++pat; + while (((c = *pat++) & M_MASK) != M_END) + if ((*pat & M_MASK) == M_RNG) { + if (c <= k && k <= pat[1]) + ok = 1; + pat += 2; + } else if (c == k) + ok = 1; + if (ok == negate_range) + return(0); + break; + default: + if (*name++ != c) + return(0); + break; + } + } + return(*name == CHAR_EOS); +} + +/* Free allocated data belonging to a glob_t structure. */ +void +globfree(glob_t *pglob) +{ + int i; + char **pp; + + if (pglob->gl_pathv != NULL) { + pp = pglob->gl_pathv + pglob->gl_offs; + for (i = pglob->gl_pathc; i--; ++pp) + if (*pp) + free(*pp); + free(pglob->gl_pathv); + } +} + +static DIR * +g_opendir(Char *str, glob_t *pglob) +{ + char buf[MaxPathLen]; + + if (!*str) + strlcpy(buf, ".", sizeof(buf)); + else + g_Ctoc(str, buf); + + if (pglob->gl_flags & GLOB_ALTDIRFUNC) + return((*pglob->gl_opendir)(buf)); + + return(opendir(buf)); +} + +static int +g_lstat(Char *fn, struct stat *sb, glob_t *pglob) +{ + char buf[MaxPathLen]; + + g_Ctoc(fn, buf); + if (pglob->gl_flags & GLOB_ALTDIRFUNC) + return((*pglob->gl_lstat)(buf, sb)); + return(lstat(buf, sb)); +} + +static int +g_stat(Char *fn, struct stat *sb, glob_t *pglob) +{ + char buf[MaxPathLen]; + + g_Ctoc(fn, buf); + if (pglob->gl_flags & GLOB_ALTDIRFUNC) + return((*pglob->gl_stat)(buf, sb)); + return(stat(buf, sb)); +} + +static Char * +g_strchr(Char *str, int ch) +{ + do { + if (*str == ch) + return (str); + } while (*str++); + return (NULL); +} + +#ifdef notdef +static Char * +g_strcat(Char *dst, const Char *src) +{ + Char *sdst = dst; + + while (*dst++) + continue; + --dst; + while((*dst++ = *src++) != CHAR_EOS) + continue; + + return (sdst); +} +#endif + +static void +g_Ctoc(const Char *str, char *buf) +{ + char *dc; + + for (dc = buf; (*dc++ = *str++) != CHAR_EOS;) + continue; +} + +#ifdef DEBUG +static void +qprintf(const Char *str, Char *s) +{ + Char *p; + + printf("%s:\n", str); + for (p = s; *p; p++) + printf("%c", CHAR(*p)); + printf("\n"); + for (p = s; *p; p++) + printf("%c", *p & M_PROTECT ? '"' : ' '); + printf("\n"); + for (p = s; *p; p++) + printf("%c", ismeta(*p) ? '_' : ' '); + printf("\n"); +} +#endif diff --git a/crypto/heimdal/lib/roken/glob.h b/crypto/heimdal/lib/roken/glob.h new file mode 100644 index 0000000..bece48a --- /dev/null +++ b/crypto/heimdal/lib/roken/glob.h @@ -0,0 +1,84 @@ +/* + * Copyright (c) 1989, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Guido van Rossum. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)glob.h 8.1 (Berkeley) 6/2/93 + */ + +#ifndef _GLOB_H_ +#define _GLOB_H_ + +struct stat; +typedef struct { + int gl_pathc; /* Count of total paths so far. */ + int gl_matchc; /* Count of paths matching pattern. */ + int gl_offs; /* Reserved at beginning of gl_pathv. */ + int gl_flags; /* Copy of flags parameter to glob. */ + char **gl_pathv; /* List of paths matching pattern. */ + /* Copy of errfunc parameter to glob. */ + int (*gl_errfunc) (const char *, int); + + /* + * Alternate filesystem access methods for glob; replacement + * versions of closedir(3), readdir(3), opendir(3), stat(2) + * and lstat(2). + */ + void (*gl_closedir) (void *); + struct dirent *(*gl_readdir) (void *); + void *(*gl_opendir) (const char *); + int (*gl_lstat) (const char *, struct stat *); + int (*gl_stat) (const char *, struct stat *); +} glob_t; + +#define GLOB_APPEND 0x0001 /* Append to output from previous call. */ +#define GLOB_DOOFFS 0x0002 /* Use gl_offs. */ +#define GLOB_ERR 0x0004 /* Return on error. */ +#define GLOB_MARK 0x0008 /* Append / to matching directories. */ +#define GLOB_NOCHECK 0x0010 /* Return pattern itself if nothing matches. */ +#define GLOB_NOSORT 0x0020 /* Don't sort. */ + +#define GLOB_ALTDIRFUNC 0x0040 /* Use alternately specified directory funcs. */ +#define GLOB_BRACE 0x0080 /* Expand braces ala csh. */ +#define GLOB_MAGCHAR 0x0100 /* Pattern had globbing characters. */ +#define GLOB_NOMAGIC 0x0200 /* GLOB_NOCHECK without magic chars (csh). */ +#define GLOB_QUOTE 0x0400 /* Quote special chars with \. */ +#define GLOB_TILDE 0x0800 /* Expand tilde names from the passwd file. */ + +#define GLOB_NOSPACE (-1) /* Malloc call failed. */ +#define GLOB_ABEND (-2) /* Unignored error. */ + +int glob (const char *, int, int (*)(const char *, int), glob_t *); +void globfree (glob_t *); + +#endif /* !_GLOB_H_ */ diff --git a/crypto/heimdal/lib/roken/hstrerror.c b/crypto/heimdal/lib/roken/hstrerror.c new file mode 100644 index 0000000..11b6a03 --- /dev/null +++ b/crypto/heimdal/lib/roken/hstrerror.c @@ -0,0 +1,85 @@ +/* + * Copyright (c) 1995 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: hstrerror.c,v 1.23 1999/12/05 13:18:55 assar Exp $"); +#endif + +#ifndef HAVE_HSTRERROR + +#if (defined(SunOS) && (SunOS >= 50)) +#define hstrerror broken_proto +#endif +#include "roken.h" +#if (defined(SunOS) && (SunOS >= 50)) +#undef hstrerror +#endif + +#ifndef HAVE_H_ERRNO +int h_errno = -17; /* Some magic number */ +#endif + +#if !(defined(HAVE_H_ERRLIST) && defined(HAVE_H_NERR)) +static const char *const h_errlist[] = { + "Resolver Error 0 (no error)", + "Unknown host", /* 1 HOST_NOT_FOUND */ + "Host name lookup failure", /* 2 TRY_AGAIN */ + "Unknown server error", /* 3 NO_RECOVERY */ + "No address associated with name", /* 4 NO_ADDRESS */ +}; + +static +const +int h_nerr = { sizeof h_errlist / sizeof h_errlist[0] }; +#else + +#ifndef HAVE_H_ERRLIST_DECLARATION +extern const char *h_errlist[]; +extern int h_nerr; +#endif + +#endif + +const char * +hstrerror(int herr) +{ + if (0 <= herr && herr < h_nerr) + return h_errlist[herr]; + else if(herr == -17) + return "unknown error"; + else + return "Error number out of range (hstrerror)"; +} + +#endif diff --git a/crypto/heimdal/lib/roken/inet_aton.c b/crypto/heimdal/lib/roken/inet_aton.c new file mode 100644 index 0000000..cdc6bdd --- /dev/null +++ b/crypto/heimdal/lib/roken/inet_aton.c @@ -0,0 +1,49 @@ +/* + * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: inet_aton.c,v 1.13 1999/12/05 13:26:20 assar Exp $"); +#endif + +#include "roken.h" + +/* Minimal implementation of inet_aton. + * Cannot distinguish between failure and a local broadcast address. */ + +int +inet_aton(const char *cp, struct in_addr *addr) +{ + addr->s_addr = inet_addr(cp); + return (addr->s_addr == INADDR_NONE) ? 0 : 1; +} diff --git a/crypto/heimdal/lib/roken/inet_ntop.c b/crypto/heimdal/lib/roken/inet_ntop.c new file mode 100644 index 0000000..f79a35e --- /dev/null +++ b/crypto/heimdal/lib/roken/inet_ntop.c @@ -0,0 +1,153 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: inet_ntop.c,v 1.3 1999/12/02 16:58:47 joda Exp $"); +#endif + +#include <errno.h> +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_SYS_SOCKET_H +#include <sys/socket.h> +#endif +#ifdef HAVE_NETINET_IN_H +#include <netinet/in.h> +#endif +#ifdef HAVE_NETINET_IN6_H +#include <netinet/in6.h> +#endif +#ifdef HAVE_NETINET6_IN6_H +#include <netinet6/in6.h> +#endif + +#include <roken.h> + +/* + * + */ + +static const char * +inet_ntop_v4 (const void *src, char *dst, size_t size) +{ + const char digits[] = "0123456789"; + int i; + struct in_addr *addr = (struct in_addr *)src; + u_long a = ntohl(addr->s_addr); + const char *orig_dst = dst; + + if (size < INET_ADDRSTRLEN) { + errno = ENOSPC; + return NULL; + } + for (i = 0; i < 4; ++i) { + int n = (a >> (24 - i * 8)) & 0xFF; + int non_zerop = 0; + + if (non_zerop || n / 100 > 0) { + *dst++ = digits[n / 100]; + n %= 100; + non_zerop = 1; + } + if (non_zerop || n / 10 > 0) { + *dst++ = digits[n / 10]; + n %= 10; + non_zerop = 1; + } + *dst++ = digits[n]; + if (i != 3) + *dst++ = '.'; + } + *dst++ = '\0'; + return orig_dst; +} + +#ifdef HAVE_IPV6 +static const char * +inet_ntop_v6 (const void *src, char *dst, size_t size) +{ + const char xdigits[] = "0123456789abcdef"; + int i; + const struct in6_addr *addr = (struct in6_addr *)src; + const u_char *ptr = addr->s6_addr; + const char *orig_dst = dst; + + if (size < INET6_ADDRSTRLEN) { + errno = ENOSPC; + return NULL; + } + for (i = 0; i < 8; ++i) { + int non_zerop = 1; + + if (non_zerop || (ptr[0] >> 4)) { + *dst++ = xdigits[ptr[0] >> 4]; + non_zerop = 1; + } + if (non_zerop || (ptr[0] & 0x0F)) { + *dst++ = xdigits[ptr[0] & 0x0F]; + non_zerop = 1; + } + if (non_zerop || (ptr[1] >> 4)) { + *dst++ = xdigits[ptr[1] >> 4]; + non_zerop = 1; + } + if (non_zerop || (ptr[1] & 0x0F)) { + *dst++ = xdigits[ptr[1] & 0x0F]; + non_zerop = 1; + } + if (i != 7) + *dst++ = ':'; + ptr += 2; + } + *dst++ = '\0'; + return orig_dst; +} +#endif /* HAVE_IPV6 */ + +const char * +inet_ntop(int af, const void *src, char *dst, size_t size) +{ + switch (af) { + case AF_INET : + return inet_ntop_v4 (src, dst, size); +#ifdef HAVE_IPV6 + case AF_INET6 : + return inet_ntop_v6 (src, dst, size); +#endif + default : + errno = EAFNOSUPPORT; + return NULL; + } +} diff --git a/crypto/heimdal/lib/roken/inet_pton.c b/crypto/heimdal/lib/roken/inet_pton.c new file mode 100644 index 0000000..9b195c2 --- /dev/null +++ b/crypto/heimdal/lib/roken/inet_pton.c @@ -0,0 +1,66 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: inet_pton.c,v 1.2 1999/12/02 16:58:47 joda Exp $"); +#endif + +#include <errno.h> +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_SYS_SOCKET_H +#include <sys/socket.h> +#endif +#ifdef HAVE_NETINET_IN_H +#include <netinet/in.h> +#endif +#ifdef HAVE_NETINET_IN6_H +#include <netinet/in6.h> +#endif +#ifdef HAVE_NETINET6_IN6_H +#include <netinet6/in6.h> +#endif + +#include <roken.h> + +int +inet_pton(int af, const char *src, void *dst) +{ + if (af != AF_INET) { + errno = EAFNOSUPPORT; + return -1; + } + return inet_aton (src, dst); +} diff --git a/crypto/heimdal/lib/roken/initgroups.c b/crypto/heimdal/lib/roken/initgroups.c new file mode 100644 index 0000000..dcf1d08 --- /dev/null +++ b/crypto/heimdal/lib/roken/initgroups.c @@ -0,0 +1,45 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: initgroups.c,v 1.3 1999/12/02 16:58:47 joda Exp $"); +#endif + +#include "roken.h" + +int +initgroups(const char *name, gid_t basegid) +{ + return 0; +} diff --git a/crypto/heimdal/lib/roken/innetgr.c b/crypto/heimdal/lib/roken/innetgr.c new file mode 100644 index 0000000..4bc57f9 --- /dev/null +++ b/crypto/heimdal/lib/roken/innetgr.c @@ -0,0 +1,49 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of KTH nor the names of its contributors may be + * used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include "roken.h" + +#ifndef HAVE_INNETGR + +RCSID("$Id: innetgr.c,v 1.1 1999/03/11 14:04:01 joda Exp $"); + +int +innetgr(const char *netgroup, const char *machine, + const char *user, const char *domain) +{ + return 0; +} +#endif + diff --git a/crypto/heimdal/lib/roken/iruserok.c b/crypto/heimdal/lib/roken/iruserok.c new file mode 100644 index 0000000..3b3880b --- /dev/null +++ b/crypto/heimdal/lib/roken/iruserok.c @@ -0,0 +1,287 @@ +/* + * Copyright (c) 1983, 1993, 1994 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: iruserok.c,v 1.23 1999/12/05 13:27:05 assar Exp $"); +#endif + +#include <stdio.h> +#include <ctype.h> +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_NETINET_IN_H +#include <netinet/in.h> +#endif +#ifdef HAVE_NETINET_IN6_H +#include <netinet/in6.h> +#endif +#ifdef HAVE_NETINET6_IN6_H +#include <netinet6/in6.h> +#endif +#ifdef HAVE_RPCSVC_YPCLNT_H +#include <rpcsvc/ypclnt.h> +#endif + +#include "roken.h" + +int __check_rhosts_file = 1; +char *__rcmd_errstr = 0; + +/* + * Returns "true" if match, 0 if no match. + */ +static +int +__icheckhost(unsigned raddr, const char *lhost) +{ + struct hostent *hp; + u_long laddr; + char **pp; + + /* Try for raw ip address first. */ + if (isdigit((unsigned char)*lhost) + && (long)(laddr = inet_addr(lhost)) != -1) + return (raddr == laddr); + + /* Better be a hostname. */ + if ((hp = gethostbyname(lhost)) == NULL) + return (0); + + /* Spin through ip addresses. */ + for (pp = hp->h_addr_list; *pp; ++pp) + if (memcmp(&raddr, *pp, sizeof(u_long)) == 0) + return (1); + + /* No match. */ + return (0); +} + +/* + * Returns 0 if ok, -1 if not ok. + */ +static +int +__ivaliduser(FILE *hostf, unsigned raddr, const char *luser, + const char *ruser) +{ + char *user, *p; + int ch; + char buf[MaxHostNameLen + 128]; /* host + login */ + char hname[MaxHostNameLen]; + struct hostent *hp; + /* Presumed guilty until proven innocent. */ + int userok = 0, hostok = 0; +#ifdef HAVE_YP_GET_DEFAULT_DOMAIN + char *ypdomain; + + if (yp_get_default_domain(&ypdomain)) + ypdomain = NULL; +#else +#define ypdomain NULL +#endif + /* We need to get the damn hostname back for netgroup matching. */ + if ((hp = gethostbyaddr((char *)&raddr, + sizeof(u_long), + AF_INET)) == NULL) + return (-1); + strlcpy(hname, hp->h_name, sizeof(hname)); + + while (fgets(buf, sizeof(buf), hostf)) { + p = buf; + /* Skip lines that are too long. */ + if (strchr(p, '\n') == NULL) { + while ((ch = getc(hostf)) != '\n' && ch != EOF); + continue; + } + if (*p == '\n' || *p == '#') { + /* comment... */ + continue; + } + while (*p != '\n' && *p != ' ' && *p != '\t' && *p != '\0') { + if (isupper((unsigned char)*p)) + *p = tolower((unsigned char)*p); + p++; + } + if (*p == ' ' || *p == '\t') { + *p++ = '\0'; + while (*p == ' ' || *p == '\t') + p++; + user = p; + while (*p != '\n' && *p != ' ' && + *p != '\t' && *p != '\0') + p++; + } else + user = p; + *p = '\0'; + /* + * Do +/- and +@/-@ checking. This looks really nasty, + * but it matches SunOS's behavior so far as I can tell. + */ + switch(buf[0]) { + case '+': + if (!buf[1]) { /* '+' matches all hosts */ + hostok = 1; + break; + } + if (buf[1] == '@') /* match a host by netgroup */ + hostok = innetgr((char *)&buf[2], + (char *)&hname, NULL, ypdomain); + else /* match a host by addr */ + hostok = __icheckhost(raddr,(char *)&buf[1]); + break; + case '-': /* reject '-' hosts and all their users */ + if (buf[1] == '@') { + if (innetgr((char *)&buf[2], + (char *)&hname, NULL, ypdomain)) + return(-1); + } else { + if (__icheckhost(raddr,(char *)&buf[1])) + return(-1); + } + break; + default: /* if no '+' or '-', do a simple match */ + hostok = __icheckhost(raddr, buf); + break; + } + switch(*user) { + case '+': + if (!*(user+1)) { /* '+' matches all users */ + userok = 1; + break; + } + if (*(user+1) == '@') /* match a user by netgroup */ + userok = innetgr(user+2, NULL, (char *)ruser, + ypdomain); + else /* match a user by direct specification */ + userok = !(strcmp(ruser, user+1)); + break; + case '-': /* if we matched a hostname, */ + if (hostok) { /* check for user field rejections */ + if (!*(user+1)) + return(-1); + if (*(user+1) == '@') { + if (innetgr(user+2, NULL, + (char *)ruser, ypdomain)) + return(-1); + } else { + if (!strcmp(ruser, user+1)) + return(-1); + } + } + break; + default: /* no rejections: try to match the user */ + if (hostok) + userok = !(strcmp(ruser,*user ? user : luser)); + break; + } + if (hostok && userok) + return(0); + } + return (-1); +} + +/* + * New .rhosts strategy: We are passed an ip address. We spin through + * hosts.equiv and .rhosts looking for a match. When the .rhosts only + * has ip addresses, we don't have to trust a nameserver. When it + * contains hostnames, we spin through the list of addresses the nameserver + * gives us and look for a match. + * + * Returns 0 if ok, -1 if not ok. + */ +int +iruserok(unsigned raddr, int superuser, const char *ruser, const char *luser) +{ + char *cp; + struct stat sbuf; + struct passwd *pwd; + FILE *hostf; + uid_t uid; + int first; + char pbuf[MaxPathLen]; + + first = 1; + hostf = superuser ? NULL : fopen(_PATH_HEQUIV, "r"); +again: + if (hostf) { + if (__ivaliduser(hostf, raddr, luser, ruser) == 0) { + fclose(hostf); + return (0); + } + fclose(hostf); + } + if (first == 1 && (__check_rhosts_file || superuser)) { + first = 0; + if ((pwd = k_getpwnam((char*)luser)) == NULL) + return (-1); + snprintf (pbuf, sizeof(pbuf), "%s/.rhosts", pwd->pw_dir); + + /* + * Change effective uid while opening .rhosts. If root and + * reading an NFS mounted file system, can't read files that + * are protected read/write owner only. + */ + uid = geteuid(); + seteuid(pwd->pw_uid); + hostf = fopen(pbuf, "r"); + seteuid(uid); + + if (hostf == NULL) + return (-1); + /* + * If not a regular file, or is owned by someone other than + * user or root or if writeable by anyone but the owner, quit. + */ + cp = NULL; + if (lstat(pbuf, &sbuf) < 0) + cp = ".rhosts lstat failed"; + else if (!S_ISREG(sbuf.st_mode)) + cp = ".rhosts not regular file"; + else if (fstat(fileno(hostf), &sbuf) < 0) + cp = ".rhosts fstat failed"; + else if (sbuf.st_uid && sbuf.st_uid != pwd->pw_uid) + cp = "bad .rhosts owner"; + else if (sbuf.st_mode & (S_IWGRP|S_IWOTH)) + cp = ".rhosts writeable by other than owner"; + /* If there were any problems, quit. */ + if (cp) { + __rcmd_errstr = cp; + fclose(hostf); + return (-1); + } + goto again; + } + return (-1); +} diff --git a/crypto/heimdal/lib/roken/issuid.c b/crypto/heimdal/lib/roken/issuid.c new file mode 100644 index 0000000..af2aae5 --- /dev/null +++ b/crypto/heimdal/lib/roken/issuid.c @@ -0,0 +1,53 @@ +/* + * Copyright (c) 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: issuid.c,v 1.3 1999/12/02 16:58:47 joda Exp $"); +#endif + +#include "roken.h" + +int +issuid(void) +{ +#if defined(HAVE_GETUID) && defined(HAVE_GETEUID) + if(getuid() != geteuid()) + return 1; +#endif +#if defined(HAVE_GETGID) && defined(HAVE_GETEGID) + if(getgid() != getegid()) + return 2; +#endif + return 0; +} diff --git a/crypto/heimdal/lib/roken/k_getpwnam.c b/crypto/heimdal/lib/roken/k_getpwnam.c new file mode 100644 index 0000000..40681cd --- /dev/null +++ b/crypto/heimdal/lib/roken/k_getpwnam.c @@ -0,0 +1,64 @@ +/* + * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: k_getpwnam.c,v 1.9 1999/12/02 16:58:47 joda Exp $"); +#endif /* HAVE_CONFIG_H */ + +#include "roken.h" +#ifdef HAVE_SHADOW_H +#include <shadow.h> +#endif + +struct passwd * +k_getpwnam (const char *user) +{ + struct passwd *p; + + p = getpwnam (user); +#if defined(HAVE_GETSPNAM) && defined(HAVE_STRUCT_SPWD) + if(p) + { + struct spwd *spwd; + + spwd = getspnam (user); + if (spwd) + p->pw_passwd = spwd->sp_pwdp; + endspent (); + } +#else + endpwent (); +#endif + return p; +} diff --git a/crypto/heimdal/lib/roken/k_getpwuid.c b/crypto/heimdal/lib/roken/k_getpwuid.c new file mode 100644 index 0000000..1e2ca54 --- /dev/null +++ b/crypto/heimdal/lib/roken/k_getpwuid.c @@ -0,0 +1,64 @@ +/* + * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: k_getpwuid.c,v 1.9 1999/12/02 16:58:47 joda Exp $"); +#endif /* HAVE_CONFIG_H */ + +#include "roken.h" +#ifdef HAVE_SHADOW_H +#include <shadow.h> +#endif + +struct passwd * +k_getpwuid (uid_t uid) +{ + struct passwd *p; + + p = getpwuid (uid); +#if defined(HAVE_GETSPNAM) && defined(HAVE_STRUCT_SPWD) + if (p) + { + struct spwd *spwd; + + spwd = getspnam (p->pw_name); + if (spwd) + p->pw_passwd = spwd->sp_pwdp; + endspent (); + } +#else + endpwent (); +#endif + return p; +} diff --git a/crypto/heimdal/lib/roken/lstat.c b/crypto/heimdal/lib/roken/lstat.c new file mode 100644 index 0000000..2f03e19 --- /dev/null +++ b/crypto/heimdal/lib/roken/lstat.c @@ -0,0 +1,45 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: lstat.c,v 1.4 1999/12/02 16:58:51 joda Exp $"); +#endif + +#include "roken.h" + +int +lstat(const char *path, struct stat *buf) +{ + return stat(path, buf); +} diff --git a/crypto/heimdal/lib/roken/make-print-version.c b/crypto/heimdal/lib/roken/make-print-version.c new file mode 100644 index 0000000..d08e023 --- /dev/null +++ b/crypto/heimdal/lib/roken/make-print-version.c @@ -0,0 +1,68 @@ +/* + * Copyright (c) 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: make-print-version.c,v 1.2 1999/12/02 16:58:51 joda Exp $"); +#endif + +#include <stdio.h> + +#ifdef KRB5 +extern char *heimdal_version; +#endif +#ifdef KRB4 +extern char *krb4_version; +#endif +#include <version.h> + +int +main(int argc, char **argv) +{ + FILE *f; + if(argc != 2) + return 1; + f = fopen(argv[1], "w"); + if(f == NULL) + return 1; + fprintf(f, "#define VERSIONLIST { "); +#ifdef KRB5 + fprintf(f, "\"%s\", ", heimdal_version); +#endif +#ifdef KRB4 + fprintf(f, "\"%s\", ", krb4_version); +#endif + fprintf(f, "}\n"); + fclose(f); + return 0; +} diff --git a/crypto/heimdal/lib/roken/memmove.c b/crypto/heimdal/lib/roken/memmove.c new file mode 100644 index 0000000..b77d56a --- /dev/null +++ b/crypto/heimdal/lib/roken/memmove.c @@ -0,0 +1,64 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: memmove.c,v 1.7 1999/12/02 16:58:51 joda Exp $"); +#endif + +/* + * memmove for systems that doesn't have it + */ + +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif + +void* memmove(void *s1, const void *s2, size_t n) +{ + char *s=(char*)s2, *d=(char*)s1; + + if(d > s){ + s+=n-1; + d+=n-1; + while(n){ + *d--=*s--; + n--; + } + }else if(d < s) + while(n){ + *d++=*s++; + n--; + } + return s1; +} diff --git a/crypto/heimdal/lib/roken/mini_inetd.c b/crypto/heimdal/lib/roken/mini_inetd.c new file mode 100644 index 0000000..e92dac3 --- /dev/null +++ b/crypto/heimdal/lib/roken/mini_inetd.c @@ -0,0 +1,147 @@ +/* + * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: mini_inetd.c,v 1.21 1999/12/12 00:03:56 assar Exp $"); +#endif + +#include <stdio.h> + +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_SYS_TIME_H +#include <sys/time.h> +#endif +#ifdef HAVE_SYS_SOCKET_H +#include <sys/socket.h> +#endif +#ifdef HAVE_NETINET_IN_H +#include <netinet/in.h> +#endif +#ifdef HAVE_NETINET_IN6_H +#include <netinet/in6.h> +#endif +#ifdef HAVE_NETINET6_IN6_H +#include <netinet6/in6.h> +#endif + +#include <err.h> +#include <roken.h> + +/* + * accept a connection on `s' and pretend it's served by inetd. + */ + +static void +accept_it (int s) +{ + int s2; + + s2 = accept(s, NULL, 0); + if(s2 < 0) + err (1, "accept"); + close(s); + dup2(s2, STDIN_FILENO); + dup2(s2, STDOUT_FILENO); + /* dup2(s2, STDERR_FILENO); */ + close(s2); +} + +/* + * Listen on `port' emulating inetd. + */ + +void +mini_inetd (int port) +{ + int error, ret; + struct addrinfo *ai, *a, hints; + char portstr[NI_MAXSERV]; + int n, i; + int *fds; + fd_set orig_read_set, read_set; + int max_fd = -1; + + memset (&hints, 0, sizeof(hints)); + hints.ai_flags = AI_PASSIVE; + hints.ai_socktype = SOCK_STREAM; + + snprintf (portstr, sizeof(portstr), "%d", ntohs(port)); + + error = getaddrinfo (NULL, portstr, &hints, &ai); + if (error) + errx (1, "getaddrinfo: %s", gai_strerror (error)); + + for (n = 0, a = ai; a != NULL; a = a->ai_next) + ++n; + + fds = malloc (n * sizeof(*fds)); + if (fds == NULL) + errx (1, "mini_inetd: out of memory"); + + FD_ZERO(&orig_read_set); + + for (i = 0, a = ai; a != NULL; a = a->ai_next, ++i) { + fds[i] = socket (a->ai_family, a->ai_socktype, a->ai_protocol); + if (fds[i] < 0) + err (1, "socket"); + socket_set_reuseaddr (fds[i], 1); + if (bind (fds[i], a->ai_addr, a->ai_addrlen) < 0) + err (1, "bind"); + if (listen (fds[i], SOMAXCONN) < 0) + err (1, "listen"); + FD_SET(fds[i], &orig_read_set); + max_fd = max(max_fd, fds[i]); + } + freeaddrinfo (ai); + + do { + read_set = orig_read_set; + + ret = select (max_fd + 1, &read_set, NULL, NULL, NULL); + if (ret < 0 && errno != EINTR) + err (1, "select"); + } while (ret <= 0); + + for (i = 0; i < n; ++i) + if (FD_ISSET (fds[i], &read_set)) { + accept_it (fds[i]); + return; + } + abort (); +} diff --git a/crypto/heimdal/lib/roken/mkstemp.c b/crypto/heimdal/lib/roken/mkstemp.c new file mode 100644 index 0000000..350f4cb --- /dev/null +++ b/crypto/heimdal/lib/roken/mkstemp.c @@ -0,0 +1,84 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + +#include <string.h> +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif +#ifdef HAVE_FCNTL_H +#include <fcntl.h> +#endif +#include <errno.h> + +RCSID("$Id: mkstemp.c,v 1.3 1999/12/02 16:58:51 joda Exp $"); + +#ifndef HAVE_MKSTEMP + +int +mkstemp(char *template) +{ + int start, i; + pid_t val; + val = getpid(); + start = strlen(template) - 1; + while(template[start] == 'X') { + template[start] = '0' + val % 10; + val /= 10; + start--; + } + + do{ + int fd; + fd = open(template, O_RDWR | O_CREAT | O_EXCL, 0600); + if(fd >= 0 || errno != EEXIST) + return fd; + i = start + 1; + do{ + if(template[i] == 0) + return -1; + template[i]++; + if(template[i] == '9' + 1) + template[i] = 'a'; + if(template[i] <= 'z') + break; + template[i] = 'a'; + i++; + }while(1); + }while(1); +} + +#endif diff --git a/crypto/heimdal/lib/roken/net_read.c b/crypto/heimdal/lib/roken/net_read.c new file mode 100644 index 0000000..6d45bfa --- /dev/null +++ b/crypto/heimdal/lib/roken/net_read.c @@ -0,0 +1,74 @@ +/* + * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: net_read.c,v 1.3 1999/12/02 16:58:51 joda Exp $"); +#endif + +#include <sys/types.h> +#include <unistd.h> +#include <errno.h> + +#include <roken.h> + +/* + * Like read but never return partial data. + */ + +ssize_t +net_read (int fd, void *buf, size_t nbytes) +{ + char *cbuf = (char *)buf; + ssize_t count; + size_t rem = nbytes; + + while (rem > 0) { +#ifdef WIN32 + count = recv (fd, cbuf, rem, 0); +#else + count = read (fd, cbuf, rem); +#endif + if (count < 0) { + if (errno == EINTR) + continue; + else + return count; + } else if (count == 0) { + return count; + } + cbuf += count; + rem -= count; + } + return nbytes; +} diff --git a/crypto/heimdal/lib/roken/net_write.c b/crypto/heimdal/lib/roken/net_write.c new file mode 100644 index 0000000..2f63dbe --- /dev/null +++ b/crypto/heimdal/lib/roken/net_write.c @@ -0,0 +1,72 @@ +/* + * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: net_write.c,v 1.4 1999/12/02 16:58:51 joda Exp $"); +#endif + +#include <sys/types.h> +#include <unistd.h> +#include <errno.h> + +#include <roken.h> + +/* + * Like write but never return partial data. + */ + +ssize_t +net_write (int fd, const void *buf, size_t nbytes) +{ + const char *cbuf = (const char *)buf; + ssize_t count; + size_t rem = nbytes; + + while (rem > 0) { +#ifdef WIN32 + count = send (fd, cbuf, rem, 0); +#else + count = write (fd, cbuf, rem); +#endif + if (count < 0) { + if (errno == EINTR) + continue; + else + return count; + } + cbuf += count; + rem -= count; + } + return nbytes; +} diff --git a/crypto/heimdal/lib/roken/parse_bytes-test.c b/crypto/heimdal/lib/roken/parse_bytes-test.c new file mode 100644 index 0000000..499d942 --- /dev/null +++ b/crypto/heimdal/lib/roken/parse_bytes-test.c @@ -0,0 +1,92 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: parse_bytes-test.c,v 1.2 1999/12/02 16:58:51 joda Exp $"); +#endif + +#include "roken.h" +#include "parse_bytes.h" + +static struct testcase { + int canonicalp; + int val; + const char *def_unit; + const char *str; +} tests[] = { + {0, 0, NULL, "0 bytes"}, + {1, 0, NULL, "0"}, + {0, 1, NULL, "1"}, + {1, 1, NULL, "1 byte"}, + {0, 0, "kilobyte", "0"}, + {0, 1024, "kilobyte", "1"}, + {1, 1024, "kilobyte", "1 kilobyte"}, + {1, 1024 * 1024, NULL, "1 megabyte"}, + {0, 1025, NULL, "1 kilobyte 1"}, + {1, 1025, NULL, "1 kilobyte 1 byte"}, +}; + +int +main(int argc, char **argv) +{ + int i; + int ret = 0; + + for (i = 0; i < sizeof(tests)/sizeof(tests[0]); ++i) { + char buf[256]; + int val = parse_bytes (tests[i].str, tests[i].def_unit); + size_t len; + + if (val != tests[i].val) { + printf ("parse_bytes (%s, %s) = %d != %d\n", + tests[i].str, + tests[i].def_unit ? tests[i].def_unit : "none", + val, tests[i].val); + ++ret; + } + if (tests[i].canonicalp) { + len = unparse_bytes (tests[i].val, buf, sizeof(buf)); + if (strcmp (tests[i].str, buf) != 0) { + printf ("unparse_bytes (%d) = \"%s\" != \"%s\"\n", + tests[i].val, buf, tests[i].str); + ++ret; + } + } + } + if (ret) { + printf ("%d errors\n", ret); + return 1; + } else + return 0; +} diff --git a/crypto/heimdal/lib/roken/parse_bytes.c b/crypto/heimdal/lib/roken/parse_bytes.c new file mode 100644 index 0000000..f3c514f --- /dev/null +++ b/crypto/heimdal/lib/roken/parse_bytes.c @@ -0,0 +1,78 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: parse_bytes.c,v 1.2 1999/12/02 16:58:51 joda Exp $"); +#endif + +#include <parse_units.h> +#include "parse_bytes.h" + +static units bytes_units[] = { + { "gigabyte", 1024 * 1024 * 1024 }, + { "gbyte", 1024 * 1024 * 1024 }, + { "GB", 1024 * 1024 * 1024 }, + { "megabyte", 1024 * 1024 }, + { "mbyte", 1024 * 1024 }, + { "MB", 1024 * 1024 }, + { "kilobyte", 1024 }, + { "KB", 1024 }, + { "byte", 1 }, + { NULL, 0 } +}; + +static units bytes_short_units[] = { + { "GB", 1024 * 1024 * 1024 }, + { "MB", 1024 * 1024 }, + { "KB", 1024 }, + { NULL, 0 } +}; + +int +parse_bytes (const char *s, const char *def_unit) +{ + return parse_units (s, bytes_units, def_unit); +} + +size_t +unparse_bytes (int t, char *s, size_t len) +{ + return unparse_units (t, bytes_units, s, len); +} + +size_t +unparse_bytes_short (int t, char *s, size_t len) +{ + return unparse_units_approx (t, bytes_short_units, s, len); +} diff --git a/crypto/heimdal/lib/roken/parse_bytes.h b/crypto/heimdal/lib/roken/parse_bytes.h new file mode 100644 index 0000000..8116c1c --- /dev/null +++ b/crypto/heimdal/lib/roken/parse_bytes.h @@ -0,0 +1,48 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: parse_bytes.h,v 1.2 1999/12/02 16:58:51 joda Exp $ */ + +#ifndef __PARSE_BYTES_H__ +#define __PARSE_BYTES_H__ + +int +parse_bytes (const char *s, const char *def_unit); + +size_t +unparse_bytes (int t, char *s, size_t len); + +size_t +unparse_bytes_short (int t, char *s, size_t len); + +#endif /* __PARSE_BYTES_H__ */ diff --git a/crypto/heimdal/lib/roken/parse_time.c b/crypto/heimdal/lib/roken/parse_time.c new file mode 100644 index 0000000..a09ded7 --- /dev/null +++ b/crypto/heimdal/lib/roken/parse_time.c @@ -0,0 +1,78 @@ +/* + * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: parse_time.c,v 1.5 1999/12/02 16:58:51 joda Exp $"); +#endif + +#include <parse_units.h> +#include "parse_time.h" + +static units time_units[] = { + {"year", 365 * 24 * 60 * 60}, + {"month", 30 * 24 * 60 * 60}, + {"week", 7 * 24 * 60 * 60}, + {"day", 24 * 60 * 60}, + {"hour", 60 * 60}, + {"h", 60 * 60}, + {"minute", 60}, + {"m", 60}, + {"second", 1}, + {"s", 1}, + {NULL, 0}, +}; + +int +parse_time (const char *s, const char *def_unit) +{ + return parse_units (s, time_units, def_unit); +} + +size_t +unparse_time (int t, char *s, size_t len) +{ + return unparse_units (t, time_units, s, len); +} + +size_t +unparse_time_approx (int t, char *s, size_t len) +{ + return unparse_units_approx (t, time_units, s, len); +} + +void +print_time_table (FILE *f) +{ + print_units_table (time_units, f); +} diff --git a/crypto/heimdal/lib/roken/parse_time.h b/crypto/heimdal/lib/roken/parse_time.h new file mode 100644 index 0000000..55de505 --- /dev/null +++ b/crypto/heimdal/lib/roken/parse_time.h @@ -0,0 +1,51 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: parse_time.h,v 1.4 1999/12/02 16:58:51 joda Exp $ */ + +#ifndef __PARSE_TIME_H__ +#define __PARSE_TIME_H__ + +int +parse_time (const char *s, const char *def_unit); + +size_t +unparse_time (int t, char *s, size_t len); + +size_t +unparse_time_approx (int t, char *s, size_t len); + +void +print_time_table (FILE *f); + +#endif /* __PARSE_TIME_H__ */ diff --git a/crypto/heimdal/lib/roken/parse_units.c b/crypto/heimdal/lib/roken/parse_units.c new file mode 100644 index 0000000..34c5030 --- /dev/null +++ b/crypto/heimdal/lib/roken/parse_units.c @@ -0,0 +1,324 @@ +/* + * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: parse_units.c,v 1.12 1999/12/02 16:58:51 joda Exp $"); +#endif + +#include <stdio.h> +#include <ctype.h> +#include <string.h> +#include <roken.h> +#include "parse_units.h" + +/* + * Parse string in `s' according to `units' and return value. + * def_unit defines the default unit. + */ + +static int +parse_something (const char *s, const struct units *units, + const char *def_unit, + int (*func)(int res, int val, unsigned mult), + int init, + int accept_no_val_p) +{ + const char *p; + int res = init; + unsigned def_mult = 1; + + if (def_unit != NULL) { + const struct units *u; + + for (u = units; u->name; ++u) { + if (strcasecmp (u->name, def_unit) == 0) { + def_mult = u->mult; + break; + } + } + if (u->name == NULL) + return -1; + } + + p = s; + while (*p) { + double val; + char *next; + const struct units *u, *partial_unit; + size_t u_len; + unsigned partial; + int no_val_p = 0; + + while(isspace((unsigned char)*p) || *p == ',') + ++p; + + val = strtod (p, &next); /* strtol(p, &next, 0); */ + if (val == 0 && p == next) { + if(!accept_no_val_p) + return -1; + no_val_p = 1; + } + p = next; + while (isspace((unsigned char)*p)) + ++p; + if (*p == '\0') { + res = (*func)(res, val, def_mult); + if (res < 0) + return res; + break; + } else if (*p == '+') { + ++p; + val = 1; + } else if (*p == '-') { + ++p; + val = -1; + } + if (no_val_p && val == 0) + val = 1; + u_len = strcspn (p, ", \t"); + partial = 0; + partial_unit = NULL; + if (u_len > 1 && p[u_len - 1] == 's') + --u_len; + for (u = units; u->name; ++u) { + if (strncasecmp (p, u->name, u_len) == 0) { + if (u_len == strlen (u->name)) { + p += u_len; + res = (*func)(res, val, u->mult); + if (res < 0) + return res; + break; + } else { + ++partial; + partial_unit = u; + } + } + } + if (u->name == NULL) { + if (partial == 1) { + p += u_len; + res = (*func)(res, val, partial_unit->mult); + if (res < 0) + return res; + } else { + return -1; + } + } + if (*p == 's') + ++p; + } + return res; +} + +/* + * The string consists of a sequence of `n unit' + */ + +static int +acc_units(int res, int val, unsigned mult) +{ + return res + val * mult; +} + +int +parse_units (const char *s, const struct units *units, + const char *def_unit) +{ + return parse_something (s, units, def_unit, acc_units, 0, 0); +} + +/* + * The string consists of a sequence of `[+-]flag'. `orig' consists + * the original set of flags, those are then modified and returned as + * the function value. + */ + +static int +acc_flags(int res, int val, unsigned mult) +{ + if(val == 1) + return res | mult; + else if(val == -1) + return res & ~mult; + else if (val == 0) + return mult; + else + return -1; +} + +int +parse_flags (const char *s, const struct units *units, + int orig) +{ + return parse_something (s, units, NULL, acc_flags, orig, 1); +} + +/* + * Return a string representation according to `units' of `num' in `s' + * with maximum length `len'. The actual length is the function value. + */ + +static size_t +unparse_something (int num, const struct units *units, char *s, size_t len, + int (*print) (char *s, size_t len, int div, + const char *name, int rem), + int (*update) (int in, unsigned mult), + const char *zero_string) +{ + const struct units *u; + size_t ret = 0, tmp; + + if (num == 0) + return snprintf (s, len, "%s", zero_string); + + for (u = units; num > 0 && u->name; ++u) { + int div; + + div = num / u->mult; + if (div) { + num = (*update) (num, u->mult); + tmp = (*print) (s, len, div, u->name, num); + + len -= tmp; + s += tmp; + ret += tmp; + } + } + return ret; +} + +static int +print_unit (char *s, size_t len, int div, const char *name, int rem) +{ + return snprintf (s, len, "%u %s%s%s", + div, name, + div == 1 ? "" : "s", + rem > 0 ? " " : ""); +} + +static int +update_unit (int in, unsigned mult) +{ + return in % mult; +} + +static int +update_unit_approx (int in, unsigned mult) +{ + if (in / mult > 0) + return 0; + else + return update_unit (in, mult); +} + +size_t +unparse_units (int num, const struct units *units, char *s, size_t len) +{ + return unparse_something (num, units, s, len, + print_unit, + update_unit, + "0"); +} + +size_t +unparse_units_approx (int num, const struct units *units, char *s, size_t len) +{ + return unparse_something (num, units, s, len, + print_unit, + update_unit_approx, + "0"); +} + +void +print_units_table (const struct units *units, FILE *f) +{ + const struct units *u, *u2; + unsigned max_sz = 0; + + for (u = units; u->name; ++u) { + max_sz = max(max_sz, strlen(u->name)); + } + + for (u = units; u->name;) { + char buf[1024]; + const struct units *next; + + for (next = u + 1; next->name && next->mult == u->mult; ++next) + ; + + if (next->name) { + for (u2 = next; + u2->name && u->mult % u2->mult != 0; + ++u2) + ; + if (u2->name == NULL) + --u2; + unparse_units (u->mult, u2, buf, sizeof(buf)); + fprintf (f, "1 %*s = %s\n", max_sz, u->name, buf); + } else { + fprintf (f, "1 %s\n", u->name); + } + u = next; + } +} + +static int +print_flag (char *s, size_t len, int div, const char *name, int rem) +{ + return snprintf (s, len, "%s%s", name, rem > 0 ? ", " : ""); +} + +static int +update_flag (int in, unsigned mult) +{ + return in - mult; +} + +size_t +unparse_flags (int num, const struct units *units, char *s, size_t len) +{ + return unparse_something (num, units, s, len, + print_flag, + update_flag, + ""); +} + +void +print_flags_table (const struct units *units, FILE *f) +{ + const struct units *u; + + for(u = units; u->name; ++u) + fprintf(f, "%s%s", u->name, (u+1)->name ? ", " : "\n"); +} diff --git a/crypto/heimdal/lib/roken/parse_units.h b/crypto/heimdal/lib/roken/parse_units.h new file mode 100644 index 0000000..f159d30 --- /dev/null +++ b/crypto/heimdal/lib/roken/parse_units.h @@ -0,0 +1,73 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: parse_units.h,v 1.6 1999/12/02 16:58:51 joda Exp $ */ + +#ifndef __PARSE_UNITS_H__ +#define __PARSE_UNITS_H__ + +#include <stdio.h> +#include <stddef.h> + +struct units { + const char *name; + unsigned mult; +}; + +typedef struct units units; + +int +parse_units (const char *s, const struct units *units, + const char *def_unit); + +void +print_units_table (const struct units *units, FILE *f); + +int +parse_flags (const char *s, const struct units *units, + int orig); + +size_t +unparse_units (int num, const struct units *units, char *s, size_t len); + +size_t +unparse_units_approx (int num, const struct units *units, char *s, + size_t len); + +size_t +unparse_flags (int num, const struct units *units, char *s, size_t len); + +void +print_flags_table (const struct units *units, FILE *f); + +#endif /* __PARSE_UNITS_H__ */ diff --git a/crypto/heimdal/lib/roken/print_version.c b/crypto/heimdal/lib/roken/print_version.c new file mode 100644 index 0000000..809bbb3 --- /dev/null +++ b/crypto/heimdal/lib/roken/print_version.c @@ -0,0 +1,78 @@ +/* + * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: print_version.c,v 1.5 1999/12/02 16:58:51 joda Exp $"); +#endif +#include "roken.h" + +#include "print_version.h" + +void +print_version(const char *progname) +{ + const char *arg[] = VERSIONLIST; + const int num_args = sizeof(arg) / sizeof(arg[0]); + char *msg; + size_t len = 0; + int i; + + if(progname == NULL) + progname = __progname; + + if(num_args == 0) + msg = "no version information"; + else { + for(i = 0; i < num_args; i++) { + if(i > 0) + len += 2; + len += strlen(arg[i]); + } + msg = malloc(len + 1); + if(msg == NULL) { + fprintf(stderr, "%s: out of memory\n", progname); + return; + } + msg[0] = '\0'; + for(i = 0; i < num_args; i++) { + if(i > 0) + strcat(msg, ", "); + strcat(msg, arg[i]); + } + } + fprintf(stderr, "%s (%s)\n", progname, msg); + fprintf(stderr, "Copyright (c) 1999 Kungliga Tekniska Högskolan\n"); + if(num_args != 0) + free(msg); +} diff --git a/crypto/heimdal/lib/roken/putenv.c b/crypto/heimdal/lib/roken/putenv.c new file mode 100644 index 0000000..80951d1 --- /dev/null +++ b/crypto/heimdal/lib/roken/putenv.c @@ -0,0 +1,76 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: putenv.c,v 1.6 1999/12/02 16:58:51 joda Exp $"); +#endif + +#include <stdlib.h> + +extern char **environ; + +/* + * putenv -- + * String points to a string of the form name=value. + * + * Makes the value of the environment variable name equal to + * value by altering an existing variable or creating a new one. + */ +int putenv(const char *string) +{ + int i; + int len; + + len = string - strchr(string, '=') + 1; + + if(environ == NULL){ + environ = malloc(sizeof(char*)); + if(environ == NULL) + return 1; + environ[0] = NULL; + } + + for(i = 0; environ[i]; i++) + if(strncmp(string, environ[i], len)){ + environ[len] = string; + return 0; + } + environ = realloc(environ, sizeof(char*) * (i + 1)); + if(environ == NULL) + return 1; + environ[i] = string; + environ[i+1] = NULL; + return 0; +} + diff --git a/crypto/heimdal/lib/roken/rcmd.c b/crypto/heimdal/lib/roken/rcmd.c new file mode 100644 index 0000000..4117948 --- /dev/null +++ b/crypto/heimdal/lib/roken/rcmd.c @@ -0,0 +1,52 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: rcmd.c,v 1.3 1999/12/02 16:58:51 joda Exp $"); +#endif + +#include "roken.h" +#include <stdio.h> + +int +rcmd(char **ahost, + unsigned short inport, + const char *locuser, + const char *remuser, + const char *cmd, + int *fd2p) +{ + fprintf(stderr, "Only kerberized services are implemented\n"); + return -1; +} diff --git a/crypto/heimdal/lib/roken/readv.c b/crypto/heimdal/lib/roken/readv.c new file mode 100644 index 0000000..de2f9ea --- /dev/null +++ b/crypto/heimdal/lib/roken/readv.c @@ -0,0 +1,67 @@ +/* + * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: readv.c,v 1.5 1999/12/02 16:58:52 joda Exp $"); +#endif + +#include "roken.h" + +ssize_t +readv(int d, const struct iovec *iov, int iovcnt) +{ + ssize_t ret, nb; + size_t tot = 0; + int i; + char *buf, *p; + + for(i = 0; i < iovcnt; ++i) + tot += iov[i].iov_len; + buf = malloc(tot); + if (tot != 0 && buf == NULL) { + errno = ENOMEM; + return -1; + } + nb = ret = read (d, buf, tot); + p = buf; + while (nb > 0) { + ssize_t cnt = min(nb, iov->iov_len); + + memcpy (iov->iov_base, p, cnt); + p += cnt; + nb -= cnt; + } + free(buf); + return ret; +} diff --git a/crypto/heimdal/lib/roken/recvmsg.c b/crypto/heimdal/lib/roken/recvmsg.c new file mode 100644 index 0000000..e94ad68 --- /dev/null +++ b/crypto/heimdal/lib/roken/recvmsg.c @@ -0,0 +1,69 @@ +/* + * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: recvmsg.c,v 1.5 1999/12/02 16:58:52 joda Exp $"); +#endif + +#include "roken.h" + +ssize_t +recvmsg(int s, struct msghdr *msg, int flags) +{ + ssize_t ret, nb; + size_t tot = 0; + int i; + char *buf, *p; + struct iovec *iov = msg->msg_iov; + + for(i = 0; i < msg->msg_iovlen; ++i) + tot += iov[i].iov_len; + buf = malloc(tot); + if (tot != 0 && buf == NULL) { + errno = ENOMEM; + return -1; + } + nb = ret = recvfrom (s, buf, tot, flags, msg->msg_name, &msg->msg_namelen); + p = buf; + while (nb > 0) { + ssize_t cnt = min(nb, iov->iov_len); + + memcpy (iov->iov_base, p, cnt); + p += cnt; + nb -= cnt; + ++iov; + } + free(buf); + return ret; +} diff --git a/crypto/heimdal/lib/roken/resolve.c b/crypto/heimdal/lib/roken/resolve.c new file mode 100644 index 0000000..8840740 --- /dev/null +++ b/crypto/heimdal/lib/roken/resolve.c @@ -0,0 +1,353 @@ +/* + * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include "roken.h" +#ifdef HAVE_ARPA_NAMESER_H +#include <arpa/nameser.h> +#endif +#ifdef HAVE_RESOLV_H +#include <resolv.h> +#endif +#include "resolve.h" + +RCSID("$Id: resolve.c,v 1.22 1999/12/02 16:58:52 joda Exp $"); + +#if defined(HAVE_RES_SEARCH) && defined(HAVE_DN_EXPAND) + +#define DECL(X) {#X, T_##X} + +static struct stot{ + const char *name; + int type; +}stot[] = { + DECL(A), + DECL(NS), + DECL(CNAME), + DECL(PTR), + DECL(MX), + DECL(TXT), + DECL(AFSDB), + DECL(SRV), + {NULL, 0} +}; + +int _resolve_debug; + +static int +string_to_type(const char *name) +{ + struct stot *p = stot; + for(p = stot; p->name; p++) + if(strcasecmp(name, p->name) == 0) + return p->type; + return -1; +} + +static const char * +type_to_string(int type) +{ + struct stot *p = stot; + for(p = stot; p->name; p++) + if(type == p->type) + return p->name; + return NULL; +} + +void +dns_free_data(struct dns_reply *r) +{ + struct resource_record *rr; + if(r->q.domain) + free(r->q.domain); + for(rr = r->head; rr;){ + struct resource_record *tmp = rr; + if(rr->domain) + free(rr->domain); + if(rr->u.data) + free(rr->u.data); + rr = rr->next; + free(tmp); + } + free (r); +} + +static struct dns_reply* +parse_reply(unsigned char *data, int len) +{ + unsigned char *p; + char host[128]; + int status; + + struct dns_reply *r; + struct resource_record **rr; + + r = calloc(1, sizeof(*r)); + if (r == NULL) + return NULL; + + p = data; +#if 0 + /* doesn't work on Crays */ + memcpy(&r->h, p, sizeof(HEADER)); + p += sizeof(HEADER); +#else + memcpy(&r->h, p, 12); /* XXX this will probably be mostly garbage */ + p += 12; +#endif + status = dn_expand(data, data + len, p, host, sizeof(host)); + if(status < 0){ + dns_free_data(r); + return NULL; + } + r->q.domain = strdup(host); + if(r->q.domain == NULL) { + dns_free_data(r); + return NULL; + } + p += status; + r->q.type = (p[0] << 8 | p[1]); + p += 2; + r->q.class = (p[0] << 8 | p[1]); + p += 2; + rr = &r->head; + while(p < data + len){ + int type, class, ttl, size; + status = dn_expand(data, data + len, p, host, sizeof(host)); + if(status < 0){ + dns_free_data(r); + return NULL; + } + p += status; + type = (p[0] << 8) | p[1]; + p += 2; + class = (p[0] << 8) | p[1]; + p += 2; + ttl = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]; + p += 4; + size = (p[0] << 8) | p[1]; + p += 2; + *rr = (struct resource_record*)calloc(1, + sizeof(struct resource_record)); + if(*rr == NULL) { + dns_free_data(r); + return NULL; + } + (*rr)->domain = strdup(host); + if((*rr)->domain == NULL) { + dns_free_data(r); + return NULL; + } + (*rr)->type = type; + (*rr)->class = class; + (*rr)->ttl = ttl; + (*rr)->size = size; + switch(type){ + case T_NS: + case T_CNAME: + case T_PTR: + status = dn_expand(data, data + len, p, host, sizeof(host)); + if(status < 0){ + dns_free_data(r); + return NULL; + } + (*rr)->u.txt = strdup(host); + if((*rr)->u.txt == NULL) { + dns_free_data(r); + return NULL; + } + break; + case T_MX: + case T_AFSDB:{ + status = dn_expand(data, data + len, p + 2, host, sizeof(host)); + if(status < 0){ + dns_free_data(r); + return NULL; + } + (*rr)->u.mx = (struct mx_record*)malloc(sizeof(struct mx_record) + + strlen(host)); + if((*rr)->u.mx == NULL) { + dns_free_data(r); + return NULL; + } + (*rr)->u.mx->preference = (p[0] << 8) | p[1]; + strcpy((*rr)->u.mx->domain, host); + break; + } + case T_SRV:{ + status = dn_expand(data, data + len, p + 6, host, sizeof(host)); + if(status < 0){ + dns_free_data(r); + return NULL; + } + (*rr)->u.srv = + (struct srv_record*)malloc(sizeof(struct srv_record) + + strlen(host)); + if((*rr)->u.srv == NULL) { + dns_free_data(r); + return NULL; + } + (*rr)->u.srv->priority = (p[0] << 8) | p[1]; + (*rr)->u.srv->weight = (p[2] << 8) | p[3]; + (*rr)->u.srv->port = (p[4] << 8) | p[5]; + strcpy((*rr)->u.srv->target, host); + break; + } + case T_TXT:{ + (*rr)->u.txt = (char*)malloc(size + 1); + if((*rr)->u.txt == NULL) { + dns_free_data(r); + return NULL; + } + strncpy((*rr)->u.txt, (char*)p + 1, *p); + (*rr)->u.txt[*p] = 0; + break; + } + + default: + (*rr)->u.data = (unsigned char*)malloc(size); + if(size != 0 && (*rr)->u.data == NULL) { + dns_free_data(r); + return NULL; + } + memcpy((*rr)->u.data, p, size); + } + p += size; + rr = &(*rr)->next; + } + *rr = NULL; + return r; +} + +static struct dns_reply * +dns_lookup_int(const char *domain, int rr_class, int rr_type) +{ + unsigned char reply[1024]; + int len; + struct dns_reply *r = NULL; + u_long old_options = 0; + + if (_resolve_debug) { + old_options = _res.options; + _res.options |= RES_DEBUG; + fprintf(stderr, "dns_lookup(%s, %d, %s)\n", domain, + rr_class, type_to_string(rr_type)); + } + len = res_search(domain, rr_class, rr_type, reply, sizeof(reply)); + if (_resolve_debug) { + _res.options = old_options; + fprintf(stderr, "dns_lookup(%s, %d, %s) --> %d\n", + domain, rr_class, type_to_string(rr_type), len); + } + if (len >= 0) + r = parse_reply(reply, len); + return r; +} + +struct dns_reply * +dns_lookup(const char *domain, const char *type_name) +{ + int type; + + type = string_to_type(type_name); + if(type == -1) { + if(_resolve_debug) + fprintf(stderr, "dns_lookup: unknown resource type: `%s'\n", + type_name); + return NULL; + } + return dns_lookup_int(domain, C_IN, type); +} + +#else /* NOT defined(HAVE_RES_SEARCH) && defined(HAVE_DN_EXPAND) */ + +struct dns_reply * +dns_lookup(const char *domain, const char *type_name) +{ + return NULL; +} + +void +dns_free_data(struct dns_reply *r) +{ +} + +#endif + +#ifdef TEST +int +main(int argc, char **argv) +{ + struct dns_reply *r; + struct resource_record *rr; + r = dns_lookup(argv[1], argv[2]); + if(r == NULL){ + printf("No reply.\n"); + return 1; + } + for(rr = r->head; rr;rr=rr->next){ + printf("%s %s %d ", rr->domain, type_to_string(rr->type), rr->ttl); + switch(rr->type){ + case T_NS: + printf("%s\n", (char*)rr->u.data); + break; + case T_A: + printf("%d.%d.%d.%d\n", + ((unsigned char*)rr->u.data)[0], + ((unsigned char*)rr->u.data)[1], + ((unsigned char*)rr->u.data)[2], + ((unsigned char*)rr->u.data)[3]); + break; + case T_MX: + case T_AFSDB:{ + struct mx_record *mx = (struct mx_record*)rr->u.data; + printf("%d %s\n", mx->preference, mx->domain); + break; + } + case T_SRV:{ + struct srv_record *srv = (struct srv_record*)rr->u.data; + printf("%d %d %d %s\n", srv->priority, srv->weight, + srv->port, srv->target); + break; + } + default: + printf("\n"); + break; + } + } + + return 0; +} +#endif diff --git a/crypto/heimdal/lib/roken/resolve.h b/crypto/heimdal/lib/roken/resolve.h new file mode 100644 index 0000000..c90f6b5 --- /dev/null +++ b/crypto/heimdal/lib/roken/resolve.h @@ -0,0 +1,103 @@ +/* + * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: resolve.h,v 1.8 1999/12/02 16:58:52 joda Exp $ */ + +#ifndef __RESOLVE_H__ +#define __RESOLVE_H__ + +/* We use these, but they are not always present in <arpa/nameser.h> */ + +#ifndef T_TXT +#define T_TXT 16 +#endif +#ifndef T_AFSDB +#define T_AFSDB 18 +#endif +#ifndef T_SRV +#define T_SRV 33 +#endif +#ifndef T_NAPTR +#define T_NAPTR 35 +#endif + +struct dns_query{ + char *domain; + unsigned type; + unsigned class; +}; + +struct mx_record{ + unsigned preference; + char domain[1]; +}; + +struct srv_record{ + unsigned priority; + unsigned weight; + unsigned port; + char target[1]; +}; + +struct resource_record{ + char *domain; + unsigned type; + unsigned class; + unsigned ttl; + unsigned size; + union { + void *data; + struct mx_record *mx; + struct mx_record *afsdb; /* mx and afsdb are identical */ + struct srv_record *srv; + struct in_addr *a; + char *txt; + }u; + struct resource_record *next; +}; + +#ifndef T_A /* XXX if <arpa/nameser.h> isn't included */ +typedef int HEADER; /* will never be used */ +#endif + +struct dns_reply{ + HEADER h; + struct dns_query q; + struct resource_record *head; +}; + + +struct dns_reply* dns_lookup(const char *, const char *); +void dns_free_data(struct dns_reply *); + +#endif /* __RESOLVE_H__ */ diff --git a/crypto/heimdal/lib/roken/resource.h b/crypto/heimdal/lib/roken/resource.h new file mode 100644 index 0000000..01cd01d --- /dev/null +++ b/crypto/heimdal/lib/roken/resource.h @@ -0,0 +1,15 @@ +//{{NO_DEPENDENCIES}}
+// Microsoft Developer Studio generated include file.
+// Used by roken.rc
+//
+
+// Next default values for new objects
+//
+#ifdef APSTUDIO_INVOKED
+#ifndef APSTUDIO_READONLY_SYMBOLS
+#define _APS_NEXT_RESOURCE_VALUE 101
+#define _APS_NEXT_COMMAND_VALUE 40001
+#define _APS_NEXT_CONTROL_VALUE 1000
+#define _APS_NEXT_SYMED_VALUE 101
+#endif
+#endif
diff --git a/crypto/heimdal/lib/roken/roken-common.h b/crypto/heimdal/lib/roken/roken-common.h new file mode 100644 index 0000000..164547a --- /dev/null +++ b/crypto/heimdal/lib/roken/roken-common.h @@ -0,0 +1,283 @@ +/* + * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: roken-common.h,v 1.24 1999/12/05 13:25:40 assar Exp $ */ + +#ifndef __ROKEN_COMMON_H__ +#define __ROKEN_COMMON_H__ + +#ifndef INADDR_NONE +#define INADDR_NONE 0xffffffff +#endif + +#ifndef INADDR_LOOPBACK +#define INADDR_LOOPBACK 0x7f000001 +#endif + +#ifndef SOMAXCONN +#define SOMAXCONN 5 +#endif + +#ifndef STDIN_FILENO +#define STDIN_FILENO 0 +#endif + +#ifndef STDOUT_FILENO +#define STDOUT_FILENO 1 +#endif + +#ifndef STDERR_FILENO +#define STDERR_FILENO 2 +#endif + +#ifndef max +#define max(a,b) (((a)>(b))?(a):(b)) +#endif + +#ifndef min +#define min(a,b) (((a)<(b))?(a):(b)) +#endif + +#ifndef TRUE +#define TRUE 1 +#endif + +#ifndef FALSE +#define FALSE 0 +#endif + +#ifndef LOG_DAEMON +#define openlog(id,option,facility) openlog((id),(option)) +#define LOG_DAEMON 0 +#endif +#ifndef LOG_ODELAY +#define LOG_ODELAY 0 +#endif +#ifndef LOG_NDELAY +#define LOG_NDELAY 0x08 +#endif +#ifndef LOG_CONS +#define LOG_CONS 0 +#endif +#ifndef LOG_AUTH +#define LOG_AUTH 0 +#endif +#ifndef LOG_AUTHPRIV +#define LOG_AUTHPRIV LOG_AUTH +#endif + +#ifndef F_OK +#define F_OK 0 +#endif + +#ifndef O_ACCMODE +#define O_ACCMODE 003 +#endif + +#ifndef _PATH_DEVNULL +#define _PATH_DEVNULL "/dev/null" +#endif + +#ifndef _PATH_HEQUIV +#define _PATH_HEQUIV "/etc/hosts.equiv" +#endif + +#ifndef MAXPATHLEN +#define MAXPATHLEN (1024+4) +#endif + +#ifndef SIG_ERR +#define SIG_ERR ((RETSIGTYPE (*)())-1) +#endif + +/* + * error code for getipnodeby{name,addr} + */ + +#ifndef HOST_NOT_FOUND +#define HOST_NOT_FOUND 1 +#endif + +#ifndef TRY_AGAIN +#define TRY_AGAIN 2 +#endif + +#ifndef NO_RECOVERY +#define NO_RECOVERY 3 +#endif + +#ifndef NO_DATA +#define NO_DATA 4 +#endif + +#ifndef NO_ADDRESS +#define NO_ADDRESS NO_DATA +#endif + +/* + * error code for getaddrinfo + */ + +#ifndef EAI_NOERROR +#define EAI_NOERROR 0 /* no error */ +#endif + +#ifndef EAI_ADDRFAMILY + +#define EAI_ADDRFAMILY 1 /* address family for nodename not supported */ +#define EAI_AGAIN 2 /* temporary failure in name resolution */ +#define EAI_BADFLAGS 3 /* invalid value for ai_flags */ +#define EAI_FAIL 4 /* non-recoverable failure in name resolution */ +#define EAI_FAMILY 5 /* ai_family not supported */ +#define EAI_MEMORY 6 /* memory allocation failure */ +#define EAI_NODATA 7 /* no address associated with nodename */ +#define EAI_NONAME 8 /* nodename nor servname provided, or not known */ +#define EAI_SERVICE 9 /* servname not supported for ai_socktype */ +#define EAI_SOCKTYPE 10 /* ai_socktype not supported */ +#define EAI_SYSTEM 11 /* system error returned in errno */ + +#endif /* EAI_ADDRFAMILY */ + +/* flags for getaddrinfo() */ + +#ifndef AI_PASSIVE + +#define AI_PASSIVE 0x01 +#define AI_CANONNAME 0x02 +#define AI_NUMERICHOST 0x04 + +#endif /* AI_PASSIVE */ + +/* flags for getnameinfo() */ + +#ifndef NI_DGRAM +#define NI_DGRAM 0x01 +#define NI_NAMEREQD 0x02 +#define NI_NOFQDN 0x04 +#define NI_NUMERICHOST 0x08 +#define NI_NUMERICSERV 0x10 +#endif + +/* + * constants for getnameinfo + */ + +#ifndef NI_MAXHOST +#define NI_MAXHOST 1025 +#define NI_MAXSERV 32 +#endif + +/* + * constants for inet_ntop + */ + +#ifndef INET_ADDRSTRLEN +#define INET_ADDRSTRLEN 16 +#endif + +#ifndef INET6_ADDRSTRLEN +#define INET6_ADDRSTRLEN 46 +#endif + +/* + * for shutdown(2) + */ + +#ifndef SHUT_RD +#define SHUT_RD 0 +#endif + +#ifndef SHUT_WR +#define SHUT_WR 1 +#endif + +#ifndef SHUT_RDWR +#define SHUT_RDWR 2 +#endif + +#ifndef HAVE___ATTRIBUTE__ +#define __attribute__(x) +#endif + +#if IRIX != 4 /* fix for compiler bug */ +#ifdef RETSIGTYPE +typedef RETSIGTYPE (*SigAction)(/* int??? */); +SigAction signal(int iSig, SigAction pAction); /* BSD compatible */ +#endif +#endif + +int ROKEN_LIB_FUNCTION simple_execve(const char*, char*const[], char*const[]); +int ROKEN_LIB_FUNCTION simple_execvp(const char*, char *const[]); +int ROKEN_LIB_FUNCTION simple_execlp(const char*, ...); +int ROKEN_LIB_FUNCTION simple_execle(const char*, ...); + +void ROKEN_LIB_FUNCTION print_version(const char *); + +void *ROKEN_LIB_FUNCTION emalloc (size_t); +void *ROKEN_LIB_FUNCTION erealloc (void *, size_t); +char *ROKEN_LIB_FUNCTION estrdup (const char *); + +ssize_t ROKEN_LIB_FUNCTION eread (int fd, void *buf, size_t nbytes); +ssize_t ROKEN_LIB_FUNCTION ewrite (int fd, const void *buf, size_t nbytes); + +void +socket_set_address_and_port (struct sockaddr *sa, const void *ptr, int port); + +size_t +socket_addr_size (const struct sockaddr *sa); + +void +socket_set_any (struct sockaddr *sa, int af); + +size_t +socket_sockaddr_size (const struct sockaddr *sa); + +void * +socket_get_address (struct sockaddr *sa); + +int +socket_get_port (const struct sockaddr *sa); + +void +socket_set_port (struct sockaddr *sa, int port); + +void +socket_set_debug (int sock); + +void +socket_set_tos (int sock, int tos); + +void +socket_set_reuseaddr (int sock, int val); + +#endif /* __ROKEN_COMMON_H__ */ diff --git a/crypto/heimdal/lib/roken/roken.awk b/crypto/heimdal/lib/roken/roken.awk new file mode 100644 index 0000000..626fae5 --- /dev/null +++ b/crypto/heimdal/lib/roken/roken.awk @@ -0,0 +1,35 @@ +BEGIN { + print "#include <stdio.h>" + print "#ifdef HAVE_CONFIG_H" + print "#include <config.h>" + print "#endif" + print "" + print "int main()" + print "{" + print "puts(\"/* This is an OS dependent, generated file */\");" + print "puts(\"\\n\");" + print "puts(\"#ifndef __ROKEN_H__\");" + print "puts(\"#define __ROKEN_H__\");" + print "puts(\"\");" +} +END { + print "puts(\"#endif /* __ROKEN_H__ */\");" + print "exit(0);" + print "}" +} + +$1 == "\#ifdef" || $1 == "\#ifndef" || $1 == "\#if" || $1 == "\#else" || $1 == "\#elif" || $1 == "\#endif" || $1 == "#ifdef" || $1 == "#ifndef" || $1 == "#if" || $1 == "#else" || $1 == "#elif" || $1 == "#endif" { + print $0; + next +} + +{ + s = "" + for(i = 1; i <= length; i++){ + x = substr($0, i, 1) + if(x == "\"" || x == "\\") + s = s "\\"; + s = s x; + } + print "puts(\"" s "\");" +} diff --git a/crypto/heimdal/lib/roken/roken.def b/crypto/heimdal/lib/roken/roken.def new file mode 100644 index 0000000..f9b0369 --- /dev/null +++ b/crypto/heimdal/lib/roken/roken.def @@ -0,0 +1,17 @@ +LIBRARY roken BASE=0x68f0000 +EXPORTS + gettimeofday + strcasecmp + strtok_r + snprintf + asprintf + vsnprintf + base64_decode + base64_encode + roken_concat + roken_vconcat + roken_vmconcat + roken_mconcat + getuid + dns_free_data + dns_lookup diff --git a/crypto/heimdal/lib/roken/roken.dsp b/crypto/heimdal/lib/roken/roken.dsp new file mode 100644 index 0000000..d84854e --- /dev/null +++ b/crypto/heimdal/lib/roken/roken.dsp @@ -0,0 +1,156 @@ +# Microsoft Developer Studio Project File - Name="roken" - Package Owner=<4> +# Microsoft Developer Studio Generated Build File, Format Version 5.00 +# ** DO NOT EDIT ** + +# TARGTYPE "Win32 (x86) Dynamic-Link Library" 0x0102 + +CFG=roken - Win32 Release +!MESSAGE This is not a valid makefile. To build this project using NMAKE, +!MESSAGE use the Export Makefile command and run +!MESSAGE +!MESSAGE NMAKE /f "roken.mak". +!MESSAGE +!MESSAGE You can specify a configuration when running NMAKE +!MESSAGE by defining the macro CFG on the command line. For example: +!MESSAGE +!MESSAGE NMAKE /f "roken.mak" CFG="roken - Win32 Release" +!MESSAGE +!MESSAGE Possible choices for configuration are: +!MESSAGE +!MESSAGE "roken - Win32 Release" (based on "Win32 (x86) Dynamic-Link Library") +!MESSAGE "roken - Win32 Debug" (based on "Win32 (x86) Dynamic-Link Library") +!MESSAGE + +# Begin Project +# PROP Scc_ProjName "" +# PROP Scc_LocalPath "" +CPP=cl.exe +MTL=midl.exe +RSC=rc.exe + +!IF "$(CFG)" == "roken - Win32 Release" + +# PROP BASE Use_MFC 0 +# PROP BASE Use_Debug_Libraries 0 +# PROP BASE Output_Dir ".\Release" +# PROP BASE Intermediate_Dir ".\Release" +# PROP BASE Target_Dir "" +# PROP Use_MFC 0 +# PROP Use_Debug_Libraries 0 +# PROP Output_Dir ".\Release" +# PROP Intermediate_Dir ".\Release" +# PROP Ignore_Export_Lib 0 +# PROP Target_Dir "" +# ADD BASE CPP /nologo /MT /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /YX /c +# ADD CPP /nologo /MT /GX /O2 /I "..\krb" /I "..\des" /I "..\..\include" /I "..\..\include\win32" /I "." /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D "HAVE_CONFIG_H" /YX /FD /c +# ADD BASE MTL /nologo /D "NDEBUG" /win32 +# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /win32 +# ADD BASE RSC /l 0x409 /d "NDEBUG" +# ADD RSC /l 0x409 /d "NDEBUG" +BSC32=bscmake.exe +# ADD BASE BSC32 /nologo +# ADD BSC32 /nologo +LINK32=link.exe +# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /dll /machine:I386 +# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib /nologo /base:"0x68e7780" /subsystem:windows /dll /machine:I386 + +!ELSEIF "$(CFG)" == "roken - Win32 Debug" + +# PROP BASE Use_MFC 0 +# PROP BASE Use_Debug_Libraries 1 +# PROP BASE Output_Dir ".\Debug" +# PROP BASE Intermediate_Dir ".\Debug" +# PROP BASE Target_Dir "" +# PROP Use_MFC 0 +# PROP Use_Debug_Libraries 1 +# PROP Output_Dir ".\Debug" +# PROP Intermediate_Dir ".\Debug" +# PROP Ignore_Export_Lib 0 +# PROP Target_Dir "" +# ADD BASE CPP /nologo /MTd /W3 /Gm /GX /Zi /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /YX /c +# ADD CPP /nologo /MDd /Gm /GX /Zi /Od /I "..\krb" /I "..\des" /I "..\..\include" /I "..\..\include\win32" /I "." /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /D "HAVE_CONFIG_H" /YX /FD /c +# ADD BASE MTL /nologo /D "_DEBUG" /win32 +# ADD MTL /nologo /D "_DEBUG" /mktyplib203 /win32 +# ADD BASE RSC /l 0x409 /d "_DEBUG" +# ADD RSC /l 0x409 /d "_DEBUG" +BSC32=bscmake.exe +# ADD BASE BSC32 /nologo +# ADD BSC32 /nologo +LINK32=link.exe +# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /dll /debug /machine:I386 +# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib /nologo /subsystem:windows /dll /debug /machine:I386 /def:".\roken.def" +# SUBTRACT LINK32 /pdb:none + +!ENDIF + +# Begin Target + +# Name "roken - Win32 Release" +# Name "roken - Win32 Debug" +# Begin Group "Source Files" + +# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;hpj;bat;for;f90" +# Begin Source File + +SOURCE=.\base64.c +# End Source File +# Begin Source File + +SOURCE=.\concat.c +# End Source File +# Begin Source File + +SOURCE=.\gettimeofday.c +# End Source File +# Begin Source File + +SOURCE=.\getuid.c +# End Source File +# Begin Source File + +SOURCE=.\resolve.c +# End Source File +# Begin Source File + +SOURCE=.\roken.def + +!IF "$(CFG)" == "roken - Win32 Release" + +!ELSEIF "$(CFG)" == "roken - Win32 Debug" + +# PROP Exclude_From_Build 1 + +!ENDIF + +# End Source File +# Begin Source File + +SOURCE=.\snprintf.c +# End Source File +# Begin Source File + +SOURCE=.\strcasecmp.c +# End Source File +# Begin Source File + +SOURCE=.\strtok_r.c +# End Source File +# End Group +# Begin Group "Header Files" + +# PROP Default_Filter "h;hpp;hxx;hm;inl;fi;fd" +# Begin Source File + +SOURCE=.\resolve.h +# End Source File +# End Group +# Begin Group "Resource Files" + +# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;cnt;rtf;gif;jpg;jpeg;jpe" +# Begin Source File + +SOURCE=.\roken.rc +# End Source File +# End Group +# End Target +# End Project diff --git a/crypto/heimdal/lib/roken/roken.h.in b/crypto/heimdal/lib/roken/roken.h.in new file mode 100644 index 0000000..03cfce4 --- /dev/null +++ b/crypto/heimdal/lib/roken/roken.h.in @@ -0,0 +1,573 @@ +/* -*- C -*- */ +/* + * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: roken.h.in,v 1.133 1999/12/30 02:22:54 assar Exp $ */ + +#include <stdio.h> +#include <stdlib.h> +#include <stdarg.h> +#include <string.h> +#include <signal.h> +#ifdef HAVE_SYS_PARAM_H +#include <sys/param.h> +#endif +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif +#ifdef HAVE_SYS_SOCKET_H +#include <sys/socket.h> +#endif +#ifdef HAVE_SYS_UIO_H +#include <sys/uio.h> +#endif +#ifdef HAVE_GRP_H +#include <grp.h> +#endif +#ifdef HAVE_SYS_STAT_H +#include <sys/stat.h> +#endif +#ifdef HAVE_NETINET_IN_H +#include <netinet/in.h> +#endif +#ifdef HAVE_NETINET_IN6_H +#include <netinet/in6.h> +#endif +#ifdef HAVE_NETINET6_IN6_H +#include <netinet6/in6.h> +#endif +#ifdef HAVE_ARPA_INET_H +#include <arpa/inet.h> +#endif +#ifdef HAVE_NETDB_H +#include <netdb.h> +#endif +#ifdef HAVE_SYSLOG_H +#include <syslog.h> +#endif +#ifdef HAVE_WINSOCK_H +#include <winsock.h> +#endif +#ifdef HAVE_FCNTL_H +#include <fcntl.h> +#endif +#ifdef HAVE_ERRNO_H +#include <errno.h> +#endif +#ifdef HAVE_ERR_H +#include <err.h> +#endif +#ifdef HAVE_TERMIOS_H +#include <termios.h> +#endif +#if defined(HAVE_SYS_IOCTL_H) && SunOS != 40 +#include <sys/ioctl.h> +#endif +#ifdef TIME_WITH_SYS_TIME +#include <sys/time.h> +#include <time.h> +#elif defined(HAVE_SYS_TIME_H) +#include <sys/time.h> +#else +#include <time.h> +#endif + +#ifdef HAVE_PATHS_H +#include <paths.h> +#endif + +#ifdef __cplusplus +extern "C" { +#endif + +#ifndef ROKEN_LIB_FUNCTION +#if defined(__BORLANDC__) +#define ROKEN_LIB_FUNCTION /* not-ready-definition-yet */ +#elif defined(_MSC_VER) +#define ROKEN_LIB_FUNCTION /* not-ready-definition-yet2 */ +#else +#define ROKEN_LIB_FUNCTION +#endif +#endif + +#include <roken-common.h> + +#if !defined(HAVE_SETSID) && defined(HAVE__SETSID) +#define setsid _setsid +#endif + +#ifndef HAVE_PUTENV +int putenv(const char *string); +#endif + +#if !defined(HAVE_SETENV) || defined(NEED_SETENV_PROTO) +int setenv(const char *var, const char *val, int rewrite); +#endif + +#if !defined(HAVE_UNSETENV) || defined(NEED_UNSETENV_PROTO) +void unsetenv(const char *name); +#endif + +#if !defined(HAVE_GETUSERSHELL) || defined(NEED_GETUSERSHELL_PROTO) +char *getusershell(void); +void endusershell(void); +#endif + +#if !defined(HAVE_SNPRINTF) || defined(NEED_SNPRINTF_PROTO) +int snprintf (char *str, size_t sz, const char *format, ...) + __attribute__ ((format (printf, 3, 4))); +#endif + +#if !defined(HAVE_VSNPRINTF) || defined(NEED_VSNPRINTF_PROTO) +int vsnprintf (char *str, size_t sz, const char *format, va_list ap) + __attribute__((format (printf, 3, 0))); +#endif + +#if !defined(HAVE_ASPRINTF) || defined(NEED_ASPRINTF_PROTO) +int asprintf (char **ret, const char *format, ...) + __attribute__ ((format (printf, 2, 3))); +#endif + +#if !defined(HAVE_VASPRINTF) || defined(NEED_VASPRINTF_PROTO) +int vasprintf (char **ret, const char *format, va_list ap) + __attribute__((format (printf, 2, 0))); +#endif + +#if !defined(HAVE_ASNPRINTF) || defined(NEED_ASNPRINTF_PROTO) +int asnprintf (char **ret, size_t max_sz, const char *format, ...) + __attribute__ ((format (printf, 3, 4))); +#endif + +#if !defined(HAVE_VASNPRINTF) || defined(NEED_VASNPRINTF_PROTO) +int vasnprintf (char **ret, size_t max_sz, const char *format, va_list ap) + __attribute__((format (printf, 3, 0))); +#endif + +#ifndef HAVE_STRDUP +char * strdup(const char *old); +#endif + +#ifndef HAVE_STRNDUP +char * strndup(const char *old, size_t sz); +#endif + +#ifndef HAVE_STRLWR +char * strlwr(char *); +#endif + +#ifndef HAVE_STRNLEN +size_t strnlen(const char*, size_t); +#endif + +#if !defined(HAVE_STRSEP) || defined(NEED_STRSEP_PROTO) +char *strsep(char**, const char*); +#endif + +#ifndef HAVE_STRCASECMP +int strcasecmp(const char *s1, const char *s2); +#endif + +#ifdef NEED_FCLOSE_PROTO +int fclose(FILE *); +#endif + +#ifdef NEED_STRTOK_R_PROTO +char *strtok_r(char *s1, const char *s2, char **lasts); +#endif + +#ifndef HAVE_STRUPR +char * strupr(char *); +#endif + +#ifndef HAVE_STRLCPY +size_t strlcpy (char *dst, const char *src, size_t dst_sz); +#endif + +#ifndef HAVE_STRLCAT +size_t strlcat (char *dst, const char *src, size_t dst_sz); +#endif + +#ifndef HAVE_GETDTABLESIZE +int getdtablesize(void); +#endif + +#if !defined(HAVE_STRERROR) && !defined(strerror) +char *strerror(int eno); +#endif + +#if !defined(HAVE_HSTRERROR) || defined(NEED_HSTRERROR_PROTO) +/* This causes a fatal error under Psoriasis */ +#if !(defined(SunOS) && (SunOS >= 50)) +const char *hstrerror(int herr); +#endif +#endif + +#ifndef HAVE_H_ERRNO_DECLARATION +extern int h_errno; +#endif + +#if !defined(HAVE_INET_ATON) || defined(NEED_INET_ATON_PROTO) +int inet_aton(const char *cp, struct in_addr *adr); +#endif + +#ifndef HAVE_INET_NTOP +const char * +inet_ntop(int af, const void *src, char *dst, size_t size); +#endif + +#ifndef HAVE_INET_PTON +int +inet_pton(int af, const char *src, void *dst); +#endif + +#if !defined(HAVE_GETCWD) +char* getcwd(char *path, size_t size); +#endif + +#ifdef HAVE_PWD_H +#include <pwd.h> +struct passwd *k_getpwnam (const char *user); +struct passwd *k_getpwuid (uid_t uid); +#endif + +const char *get_default_username (void); + +#ifndef HAVE_SETEUID +int seteuid(uid_t euid); +#endif + +#ifndef HAVE_SETEGID +int setegid(gid_t egid); +#endif + +#ifndef HAVE_LSTAT +int lstat(const char *path, struct stat *buf); +#endif + +#if !defined(HAVE_MKSTEMP) || defined(NEED_MKSTEMP_PROTO) +int mkstemp(char *); +#endif + +#ifndef HAVE_CGETENT +int cgetent(char **buf, char **db_array, const char *name); +int cgetstr(char *buf, const char *cap, char **str); +#endif + +#ifndef HAVE_INITGROUPS +int initgroups(const char *name, gid_t basegid); +#endif + +#ifndef HAVE_FCHOWN +int fchown(int fd, uid_t owner, gid_t group); +#endif + +#ifndef HAVE_DAEMON +int daemon(int nochdir, int noclose); +#endif + +#ifndef HAVE_INNETGR +int innetgr(const char *netgroup, const char *machine, + const char *user, const char *domain); +#endif + +#ifndef HAVE_CHOWN +int chown(const char *path, uid_t owner, gid_t group); +#endif + +#ifndef HAVE_RCMD +int rcmd(char **ahost, unsigned short inport, const char *locuser, + const char *remuser, const char *cmd, int *fd2p); +#endif + +#if !defined(HAVE_INNETGR) || defined(NEED_INNETGR_PROTO) +int innetgr(const char*, const char*, const char*, const char*); +#endif + +#ifndef HAVE_IRUSEROK +int iruserok(unsigned raddr, int superuser, const char *ruser, + const char *luser); +#endif + +#if !defined(HAVE_GETHOSTNAME) || defined(NEED_GETHOSTNAME_PROTO) +int gethostname(char *name, int namelen); +#endif + +#ifndef HAVE_WRITEV +ssize_t +writev(int d, const struct iovec *iov, int iovcnt); +#endif + +#ifndef HAVE_READV +ssize_t +readv(int d, const struct iovec *iov, int iovcnt); +#endif + +#ifndef HAVE_MKSTEMP +int +mkstemp(char *template); +#endif + +#ifndef HAVE_FLOCK +#ifndef LOCK_SH +#define LOCK_SH 1 /* Shared lock */ +#endif +#ifndef LOCK_EX +#define LOCK_EX 2 /* Exclusive lock */ +#endif +#ifndef LOCK_NB +#define LOCK_NB 4 /* Don't block when locking */ +#endif +#ifndef LOCK_UN +#define LOCK_UN 8 /* Unlock */ +#endif + +int flock(int fd, int operation); +#endif /* HAVE_FLOCK */ + +time_t tm2time (struct tm tm, int local); + +int unix_verify_user(char *user, char *password); + +void mini_inetd (int port); + +int roken_concat (char *s, size_t len, ...); + +size_t roken_mconcat (char **s, size_t max_len, ...); + +int roken_vconcat (char *s, size_t len, va_list args); + +size_t roken_vmconcat (char **s, size_t max_len, va_list args); + +ssize_t net_write (int fd, const void *buf, size_t nbytes); + +ssize_t net_read (int fd, void *buf, size_t nbytes); + +int issuid(void); + +#ifndef HAVE_STRUCT_WINSIZE +struct winsize { + unsigned short ws_row, ws_col; + unsigned short ws_xpixel, ws_ypixel; +}; +#endif + +int get_window_size(int fd, struct winsize *); + +#ifndef HAVE_VSYSLOG +void vsyslog(int pri, const char *fmt, va_list ap); +#endif + +#ifndef HAVE_OPTARG_DECLARATION +extern char *optarg; +#endif +#ifndef HAVE_OPTIND_DECLARATION +extern int optind; +#endif +#ifndef HAVE_OPTERR_DECLARATION +extern int opterr; +#endif + +#ifndef HAVE___PROGNAME_DECLARATION +extern const char *__progname; +#endif + +#ifndef HAVE_ENVIRON_DECLARATION +extern char **environ; +#endif + +#ifndef HAVE_GETIPNODEBYNAME +struct hostent * +getipnodebyname (const char *name, int af, int flags, int *error_num); +#endif + +#ifndef HAVE_GETIPNODEBYADDR +struct hostent * +getipnodebyaddr (const void *src, size_t len, int af, int *error_num); +#endif + +#ifndef HAVE_FREEHOSTENT +void +freehostent (struct hostent *h); +#endif + +#ifndef HAVE_COPYHOSTENT +struct hostent * +copyhostent (const struct hostent *h); +#endif + +#ifndef HAVE_SOCKLEN_T +typedef int socklen_t; +#endif + +#ifndef HAVE_STRUCT_SOCKADDR_STORAGE + +#ifndef HAVE_SA_FAMILY_T +typedef unsigned short sa_family_t; +#endif + +#ifdef HAVE_IPV6 +#define _SS_MAXSIZE sizeof(struct sockaddr_in6) +#else +#define _SS_MAXSIZE sizeof(struct sockaddr_in) +#endif + +#define _SS_ALIGNSIZE sizeof(unsigned long) + +#if HAVE_STRUCT_SOCKADDR_SA_LEN + +typedef unsigned char roken_sa_family_t; + +#define _SS_PAD1SIZE (_SS_ALIGNSIZE - sizeof (roken_sa_family_t) - sizeof(unsigned char)) +#define _SS_PAD2SIZE (_SS_MAXSIZE - (sizeof (roken_sa_family_t) + sizeof(unsigned char) + _SS_PAD1SIZE + _SS_ALIGNSIZE)) + +struct sockaddr_storage { + unsigned char ss_len; + roken_sa_family_t ss_family; + char __ss_pad1[_SS_PAD1SIZE]; + unsigned long __ss_align[_SS_PAD2SIZE / sizeof(unsigned long) + 1]; +}; + +#else /* !HAVE_STRUCT_SOCKADDR_SA_LEN */ + +typedef unsigned short roken_sa_family_t; + +#define _SS_PAD1SIZE (_SS_ALIGNSIZE - sizeof (roken_sa_family_t)) +#define _SS_PAD2SIZE (_SS_MAXSIZE - (sizeof (roken_sa_family_t) + _SS_PAD1SIZE + _SS_ALIGNSIZE)) + +struct sockaddr_storage { + roken_sa_family_t ss_family; + char __ss_pad1[_SS_PAD1SIZE]; + unsigned long __ss_align[_SS_PAD2SIZE / sizeof(unsigned long) + 1]; +}; + +#endif /* HAVE_STRUCT_SOCKADDR_SA_LEN */ + +#endif /* HAVE_STRUCT_SOCKADDR_STORAGE */ + +#ifndef HAVE_STRUCT_ADDRINFO +struct addrinfo { + int ai_flags; + int ai_family; + int ai_socktype; + int ai_protocol; + size_t ai_addrlen; + char *ai_canonname; + struct sockaddr *ai_addr; + struct addrinfo *ai_next; +}; +#endif + +#ifndef HAVE_GETADDRINFO +int +getaddrinfo(const char *nodename, + const char *servname, + const struct addrinfo *hints, + struct addrinfo **res); +#endif + +#ifndef HAVE_GETNAMEINFO +int getnameinfo(const struct sockaddr *sa, socklen_t salen, + char *host, size_t hostlen, + char *serv, size_t servlen, + int flags); +#endif + +#ifndef HAVE_FREEADDRINFO +void +freeaddrinfo(struct addrinfo *ai); +#endif + +#ifndef HAVE_GAI_STRERROR +char * +gai_strerror(int ecode); +#endif + +int +getnameinfo_verified(const struct sockaddr *sa, socklen_t salen, + char *host, size_t hostlen, + char *serv, size_t servlen, + int flags); + +#ifndef HAVE_STRFTIME +size_t +strftime (char *buf, size_t maxsize, const char *format, + const struct tm *tm); +#endif + +#ifndef HAVE_STRPTIME +char * +strptime (const char *buf, const char *format, struct tm *timeptr); +#endif + +/* + * kludges and such + */ + +#if 1 +int roken_gethostby_setup(const char*, const char*); +struct hostent* roken_gethostbyname(const char*); +struct hostent* roken_gethostbyaddr(const void*, size_t, int); +#else +#ifdef GETHOSTBYNAME_PROTO_COMPATIBLE +#define roken_gethostbyname(x) gethostbyname(x) +#else +#define roken_gethostbyname(x) gethostbyname((char *)x) +#endif + +#ifdef GETHOSTBYADDR_PROTO_COMPATIBLE +#define roken_gethostbyaddr(a, l, t) gethostbyaddr(a, l, t) +#else +#define roken_gethostbyaddr(a, l, t) gethostbyaddr((char *)a, l, t) +#endif +#endif + +#ifdef GETSERVBYNAME_PROTO_COMPATIBLE +#define roken_getservbyname(x,y) getservbyname(x,y) +#else +#define roken_getservbyname(x,y) getservbyname((char *)x, (char *)y) +#endif + +#ifdef OPENLOG_PROTO_COMPATIBLE +#define roken_openlog(a,b,c) openlog(a,b,c) +#else +#define roken_openlog(a,b,c) openlog((char *)a,b,c) +#endif + +void set_progname(char *argv0); + +#ifdef __cplusplus +} +#endif diff --git a/crypto/heimdal/lib/roken/roken.mak b/crypto/heimdal/lib/roken/roken.mak new file mode 100644 index 0000000..da9a834 --- /dev/null +++ b/crypto/heimdal/lib/roken/roken.mak @@ -0,0 +1,316 @@ +# Microsoft Developer Studio Generated NMAKE File, Based on roken.dsp +!IF "$(CFG)" == "" +CFG=roken - Win32 Release +!MESSAGE No configuration specified. Defaulting to roken - Win32 Release. +!ENDIF + +!IF "$(CFG)" != "roken - Win32 Release" && "$(CFG)" != "roken - Win32 Debug" +!MESSAGE Invalid configuration "$(CFG)" specified. +!MESSAGE You can specify a configuration when running NMAKE +!MESSAGE by defining the macro CFG on the command line. For example: +!MESSAGE +!MESSAGE NMAKE /f "roken.mak" CFG="roken - Win32 Release" +!MESSAGE +!MESSAGE Possible choices for configuration are: +!MESSAGE +!MESSAGE "roken - Win32 Release" (based on "Win32 (x86) Dynamic-Link Library") +!MESSAGE "roken - Win32 Debug" (based on "Win32 (x86) Dynamic-Link Library") +!MESSAGE +!ERROR An invalid configuration is specified. +!ENDIF + +!IF "$(OS)" == "Windows_NT" +NULL= +!ELSE +NULL=nul +!ENDIF + +CPP=cl.exe +MTL=midl.exe +RSC=rc.exe + +!IF "$(CFG)" == "roken - Win32 Release" + +OUTDIR=.\Release +INTDIR=.\Release +# Begin Custom Macros +OutDir=.\.\Release +# End Custom Macros + +!IF "$(RECURSE)" == "0" + +ALL : "$(OUTDIR)\roken.dll" + +!ELSE + +ALL : "$(OUTDIR)\roken.dll" + +!ENDIF + +CLEAN : + -@erase "$(INTDIR)\base64.obj" + -@erase "$(INTDIR)\concat.obj" + -@erase "$(INTDIR)\gettimeofday.obj" + -@erase "$(INTDIR)\getuid.obj" + -@erase "$(INTDIR)\resolve.obj" + -@erase "$(INTDIR)\roken.res" + -@erase "$(INTDIR)\snprintf.obj" + -@erase "$(INTDIR)\strcasecmp.obj" + -@erase "$(INTDIR)\strtok_r.obj" + -@erase "$(INTDIR)\vc50.idb" + -@erase "$(OUTDIR)\roken.dll" + -@erase "$(OUTDIR)\roken.exp" + -@erase "$(OUTDIR)\roken.lib" + +"$(OUTDIR)" : + if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)" + +CPP_PROJ=/nologo /MT /GX /O2 /I "..\krb" /I "..\des" /I "..\..\include" /I\ + "..\..\include\win32" /I "." /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D\ + "HAVE_CONFIG_H" /Fp"$(INTDIR)\roken.pch" /YX /Fo"$(INTDIR)\\" /Fd"$(INTDIR)\\"\ + /FD /c +CPP_OBJS=.\Release/ +CPP_SBRS=. +MTL_PROJ=/nologo /D "NDEBUG" /mktyplib203 /win32 +RSC_PROJ=/l 0x409 /fo"$(INTDIR)\roken.res" /d "NDEBUG" +BSC32=bscmake.exe +BSC32_FLAGS=/nologo /o"$(OUTDIR)\roken.bsc" +BSC32_SBRS= \ + +LINK32=link.exe +LINK32_FLAGS=kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib\ + advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib /nologo\ + /base:"0x68e7780" /subsystem:windows /dll /incremental:no\ + /pdb:"$(OUTDIR)\roken.pdb" /machine:I386 /def:".\roken.def"\ + /out:"$(OUTDIR)\roken.dll" /implib:"$(OUTDIR)\roken.lib" +DEF_FILE= \ + ".\roken.def" +LINK32_OBJS= \ + "$(INTDIR)\base64.obj" \ + "$(INTDIR)\concat.obj" \ + "$(INTDIR)\gettimeofday.obj" \ + "$(INTDIR)\getuid.obj" \ + "$(INTDIR)\resolve.obj" \ + "$(INTDIR)\roken.res" \ + "$(INTDIR)\snprintf.obj" \ + "$(INTDIR)\strcasecmp.obj" \ + "$(INTDIR)\strtok_r.obj" + +"$(OUTDIR)\roken.dll" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS) + $(LINK32) @<< + $(LINK32_FLAGS) $(LINK32_OBJS) +<< + +!ELSEIF "$(CFG)" == "roken - Win32 Debug" + +OUTDIR=.\Debug +INTDIR=.\Debug +# Begin Custom Macros +OutDir=.\.\Debug +# End Custom Macros + +!IF "$(RECURSE)" == "0" + +ALL : "$(OUTDIR)\roken.dll" + +!ELSE + +ALL : "$(OUTDIR)\roken.dll" + +!ENDIF + +CLEAN : + -@erase "$(INTDIR)\base64.obj" + -@erase "$(INTDIR)\concat.obj" + -@erase "$(INTDIR)\gettimeofday.obj" + -@erase "$(INTDIR)\getuid.obj" + -@erase "$(INTDIR)\resolve.obj" + -@erase "$(INTDIR)\roken.res" + -@erase "$(INTDIR)\snprintf.obj" + -@erase "$(INTDIR)\strcasecmp.obj" + -@erase "$(INTDIR)\strtok_r.obj" + -@erase "$(INTDIR)\vc50.idb" + -@erase "$(INTDIR)\vc50.pdb" + -@erase "$(OUTDIR)\roken.dll" + -@erase "$(OUTDIR)\roken.exp" + -@erase "$(OUTDIR)\roken.ilk" + -@erase "$(OUTDIR)\roken.lib" + -@erase "$(OUTDIR)\roken.pdb" + +"$(OUTDIR)" : + if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)" + +CPP_PROJ=/nologo /MDd /Gm /GX /Zi /Od /I "..\krb" /I "..\des" /I\ + "..\..\include" /I "..\..\include\win32" /I "." /D "_DEBUG" /D "WIN32" /D\ + "_WINDOWS" /D "HAVE_CONFIG_H" /Fp"$(INTDIR)\roken.pch" /YX /Fo"$(INTDIR)\\"\ + /Fd"$(INTDIR)\\" /FD /c +CPP_OBJS=.\Debug/ +CPP_SBRS=. +MTL_PROJ=/nologo /D "_DEBUG" /mktyplib203 /win32 +RSC_PROJ=/l 0x409 /fo"$(INTDIR)\roken.res" /d "_DEBUG" +BSC32=bscmake.exe +BSC32_FLAGS=/nologo /o"$(OUTDIR)\roken.bsc" +BSC32_SBRS= \ + +LINK32=link.exe +LINK32_FLAGS=kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib\ + advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib /nologo\ + /subsystem:windows /dll /incremental:yes /pdb:"$(OUTDIR)\roken.pdb" /debug\ + /machine:I386 /def:".\roken.def" /out:"$(OUTDIR)\roken.dll"\ + /implib:"$(OUTDIR)\roken.lib" +LINK32_OBJS= \ + "$(INTDIR)\base64.obj" \ + "$(INTDIR)\concat.obj" \ + "$(INTDIR)\gettimeofday.obj" \ + "$(INTDIR)\getuid.obj" \ + "$(INTDIR)\resolve.obj" \ + "$(INTDIR)\roken.res" \ + "$(INTDIR)\snprintf.obj" \ + "$(INTDIR)\strcasecmp.obj" \ + "$(INTDIR)\strtok_r.obj" + +"$(OUTDIR)\roken.dll" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS) + $(LINK32) @<< + $(LINK32_FLAGS) $(LINK32_OBJS) +<< + +!ENDIF + +.c{$(CPP_OBJS)}.obj:: + $(CPP) @<< + $(CPP_PROJ) $< +<< + +.cpp{$(CPP_OBJS)}.obj:: + $(CPP) @<< + $(CPP_PROJ) $< +<< + +.cxx{$(CPP_OBJS)}.obj:: + $(CPP) @<< + $(CPP_PROJ) $< +<< + +.c{$(CPP_SBRS)}.sbr:: + $(CPP) @<< + $(CPP_PROJ) $< +<< + +.cpp{$(CPP_SBRS)}.sbr:: + $(CPP) @<< + $(CPP_PROJ) $< +<< + +.cxx{$(CPP_SBRS)}.sbr:: + $(CPP) @<< + $(CPP_PROJ) $< +<< + + +!IF "$(CFG)" == "roken - Win32 Release" || "$(CFG)" == "roken - Win32 Debug" +SOURCE=.\base64.c +DEP_CPP_BASE6=\ + "..\..\include\win32\config.h"\ + ".\base64.h"\ + + +"$(INTDIR)\base64.obj" : $(SOURCE) $(DEP_CPP_BASE6) "$(INTDIR)" + + +SOURCE=.\concat.c +DEP_CPP_CONCA=\ + "..\..\include\win32\config.h"\ + "..\..\include\win32\roken.h"\ + ".\err.h"\ + ".\roken-common.h"\ + {$(INCLUDE)}"sys\stat.h"\ + {$(INCLUDE)}"sys\types.h"\ + + +"$(INTDIR)\concat.obj" : $(SOURCE) $(DEP_CPP_CONCA) "$(INTDIR)" + + +SOURCE=.\gettimeofday.c +DEP_CPP_GETTI=\ + "..\..\include\win32\config.h"\ + "..\..\include\win32\roken.h"\ + ".\err.h"\ + ".\roken-common.h"\ + {$(INCLUDE)}"sys\stat.h"\ + {$(INCLUDE)}"sys\types.h"\ + + +"$(INTDIR)\gettimeofday.obj" : $(SOURCE) $(DEP_CPP_GETTI) "$(INTDIR)" + + +SOURCE=.\getuid.c +DEP_CPP_GETUI=\ + "..\..\include\win32\config.h"\ + "..\..\include\win32\roken.h"\ + ".\err.h"\ + ".\roken-common.h"\ + {$(INCLUDE)}"sys\stat.h"\ + {$(INCLUDE)}"sys\types.h"\ + + +"$(INTDIR)\getuid.obj" : $(SOURCE) $(DEP_CPP_GETUI) "$(INTDIR)" + + +SOURCE=.\resolve.c +DEP_CPP_RESOL=\ + "..\..\include\win32\config.h"\ + "..\..\include\win32\roken.h"\ + ".\err.h"\ + ".\resolve.h"\ + ".\roken-common.h"\ + {$(INCLUDE)}"sys\stat.h"\ + {$(INCLUDE)}"sys\types.h"\ + + +"$(INTDIR)\resolve.obj" : $(SOURCE) $(DEP_CPP_RESOL) "$(INTDIR)" + + +SOURCE=.\snprintf.c +DEP_CPP_SNPRI=\ + "..\..\include\win32\config.h"\ + "..\..\include\win32\roken.h"\ + ".\err.h"\ + ".\roken-common.h"\ + {$(INCLUDE)}"sys\stat.h"\ + {$(INCLUDE)}"sys\types.h"\ + + +"$(INTDIR)\snprintf.obj" : $(SOURCE) $(DEP_CPP_SNPRI) "$(INTDIR)" + + +SOURCE=.\strcasecmp.c +DEP_CPP_STRCA=\ + "..\..\include\win32\config.h"\ + {$(INCLUDE)}"sys\types.h"\ + + +"$(INTDIR)\strcasecmp.obj" : $(SOURCE) $(DEP_CPP_STRCA) "$(INTDIR)" + + +SOURCE=.\strtok_r.c +DEP_CPP_STRTO=\ + "..\..\include\win32\config.h"\ + "..\..\include\win32\roken.h"\ + ".\err.h"\ + ".\roken-common.h"\ + {$(INCLUDE)}"sys\stat.h"\ + {$(INCLUDE)}"sys\types.h"\ + + +"$(INTDIR)\strtok_r.obj" : $(SOURCE) $(DEP_CPP_STRTO) "$(INTDIR)" + + +SOURCE=.\roken.rc + +"$(INTDIR)\roken.res" : $(SOURCE) "$(INTDIR)" + $(RSC) $(RSC_PROJ) $(SOURCE) + + + +!ENDIF + diff --git a/crypto/heimdal/lib/roken/roken.rc b/crypto/heimdal/lib/roken/roken.rc new file mode 100644 index 0000000..e7e2f3e --- /dev/null +++ b/crypto/heimdal/lib/roken/roken.rc @@ -0,0 +1,105 @@ +//Microsoft Developer Studio generated resource script. +// +#include "resource.h" + +#define APSTUDIO_READONLY_SYMBOLS +///////////////////////////////////////////////////////////////////////////// +// +// Generated from the TEXTINCLUDE 2 resource. +// +#include "afxres.h" + +///////////////////////////////////////////////////////////////////////////// +#undef APSTUDIO_READONLY_SYMBOLS + +///////////////////////////////////////////////////////////////////////////// +// Swedish resources + +#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_SVE) +#ifdef _WIN32 +LANGUAGE LANG_SWEDISH, SUBLANG_DEFAULT +#pragma code_page(1252) +#endif //_WIN32 + +#ifdef APSTUDIO_INVOKED +///////////////////////////////////////////////////////////////////////////// +// +// TEXTINCLUDE +// + +1 TEXTINCLUDE DISCARDABLE +BEGIN + "resource.h\0" +END + +2 TEXTINCLUDE DISCARDABLE +BEGIN + "#include ""afxres.h""\r\n" + "\0" +END + +3 TEXTINCLUDE DISCARDABLE +BEGIN + "\r\n" + "\0" +END + +#endif // APSTUDIO_INVOKED + + +#ifndef _MAC +///////////////////////////////////////////////////////////////////////////// +// +// Version +// + +VS_VERSION_INFO VERSIONINFO + FILEVERSION 1,0,0,1 + PRODUCTVERSION 1,0,0,1 + FILEFLAGSMASK 0x3fL +#ifdef _DEBUG + FILEFLAGS 0x1L +#else + FILEFLAGS 0x0L +#endif + FILEOS 0x40004L + FILETYPE 0x2L + FILESUBTYPE 0x0L +BEGIN + BLOCK "StringFileInfo" + BEGIN + BLOCK "040904b0" + BEGIN + VALUE "CompanyName", "Royal Institute of Technology (KTH)\0" + VALUE "FileDescription", "roken\0" + VALUE "FileVersion", "4, 0, 9, 9\0" + VALUE "InternalName", "roken\0" + VALUE "LegalCopyright", "Copyright © 1996 - 1998 Royal Institute of Technology (KTH)\0" + VALUE "OriginalFilename", "roken.dll\0" + VALUE "ProductName", "KTH Kerberos\0" + VALUE "ProductVersion", "4,0,9,9\0" + END + END + BLOCK "VarFileInfo" + BEGIN + VALUE "Translation", 0x409, 1200 + END +END + +#endif // !_MAC + +#endif // Swedish resources +///////////////////////////////////////////////////////////////////////////// + + + +#ifndef APSTUDIO_INVOKED +///////////////////////////////////////////////////////////////////////////// +// +// Generated from the TEXTINCLUDE 3 resource. +// + + +///////////////////////////////////////////////////////////////////////////// +#endif // not APSTUDIO_INVOKED + diff --git a/crypto/heimdal/lib/roken/roken_gethostby.c b/crypto/heimdal/lib/roken/roken_gethostby.c new file mode 100644 index 0000000..6df6c57 --- /dev/null +++ b/crypto/heimdal/lib/roken/roken_gethostby.c @@ -0,0 +1,274 @@ +/* + * Copyright (c) 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: roken_gethostby.c,v 1.5 1999/12/05 13:16:44 assar Exp $"); +#endif + +#include <roken.h> + +#undef roken_gethostbyname +#undef roken_gethostbyaddr + +static struct sockaddr_in dns_addr; +static char *dns_req; + +static int +make_address(const char *address, struct in_addr *ip) +{ + if(inet_aton(address, ip) == 0){ + /* try to resolve as hostname, it might work if the address we + are trying to lookup is local, for instance a web proxy */ + struct hostent *he = gethostbyname(address); + if(he) { + unsigned char *p = (unsigned char*)he->h_addr; + ip->s_addr = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]; + } else { + return -1; + } + } + return 0; +} + +static int +setup_int(const char *proxy_host, short proxy_port, + const char *dns_host, short dns_port, + const char *dns_path) +{ + memset(&dns_addr, 0, sizeof(dns_addr)); + if(dns_req) + free(dns_req); + if(proxy_host) { + if(make_address(proxy_host, &dns_addr.sin_addr) != 0) + return -1; + dns_addr.sin_port = htons(proxy_port); + asprintf(&dns_req, "http://%s:%d%s", dns_host, dns_port, dns_path); + } else { + if(make_address(dns_host, &dns_addr.sin_addr) != 0) + return -1; + dns_addr.sin_port = htons(dns_port); + asprintf(&dns_req, "%s", dns_path); + } + dns_addr.sin_family = AF_INET; + return 0; +} + +static void +split_spec(const char *spec, char **host, int *port, char **path, int def_port) +{ + char *p; + *host = strdup(spec); + p = strchr(*host, ':'); + if(p) { + *p++ = '\0'; + if(sscanf(p, "%d", port) != 1) + *port = def_port; + } else + *port = def_port; + p = strchr(p ? p : *host, '/'); + if(p) { + if(path) + *path = strdup(p); + *p = '\0'; + }else + if(path) + *path = NULL; +} + + +int +roken_gethostby_setup(const char *proxy_spec, const char *dns_spec) +{ + char *proxy_host = NULL; + int proxy_port; + char *dns_host, *dns_path; + int dns_port; + + int ret = -1; + + split_spec(dns_spec, &dns_host, &dns_port, &dns_path, 80); + if(dns_path == NULL) + goto out; + if(proxy_spec) + split_spec(proxy_spec, &proxy_host, &proxy_port, NULL, 80); + ret = setup_int(proxy_host, proxy_port, dns_host, dns_port, dns_path); +out: + free(proxy_host); + free(dns_host); + free(dns_path); + return ret; +} + + +/* Try to lookup a name or an ip-address using http as transport + mechanism. See the end of this file for an example program. */ +static struct hostent* +roken_gethostby(const char *hostname) +{ + int s; + struct sockaddr_in sin; + char *request; + char buf[1024]; + int offset = 0; + int n; + char *p, *foo; + + if(dns_addr.sin_family == 0) + return NULL; /* no configured host */ + sin = dns_addr; + asprintf(&request, "GET %s?%s HTTP/1.0\r\n\r\n", dns_req, hostname); + if(request == NULL) + return NULL; + s = socket(AF_INET, SOCK_STREAM, 0); + if(s < 0) { + free(request); + return NULL; + } + if(connect(s, (struct sockaddr*)&sin, sizeof(sin)) < 0) { + close(s); + free(request); + return NULL; + } + if(write(s, request, strlen(request)) != strlen(request)) { + close(s); + free(request); + return NULL; + } + free(request); + while(1) { + n = read(s, buf + offset, sizeof(buf) - offset); + if(n <= 0) + break; + offset += n; + } + buf[offset] = '\0'; + close(s); + p = strstr(buf, "\r\n\r\n"); /* find end of header */ + if(p) p += 4; + else return NULL; + foo = NULL; + p = strtok_r(p, " \t\r\n", &foo); + if(p == NULL) + return NULL; + { + /* make a hostent to return */ +#define MAX_ADDRS 16 + static struct hostent he; + static char addrs[4 * MAX_ADDRS]; + static char *addr_list[MAX_ADDRS]; + int num_addrs = 0; + + he.h_name = p; + he.h_aliases = NULL; + he.h_addrtype = AF_INET; + he.h_length = 4; + + while((p = strtok_r(NULL, " \t\r\n", &foo)) && num_addrs < MAX_ADDRS) { + struct in_addr ip; + inet_aton(p, &ip); + ip.s_addr = ntohl(ip.s_addr); + addr_list[num_addrs] = &addrs[num_addrs * 4]; + addrs[num_addrs * 4 + 0] = (ip.s_addr >> 24) & 0xff; + addrs[num_addrs * 4 + 1] = (ip.s_addr >> 16) & 0xff; + addrs[num_addrs * 4 + 2] = (ip.s_addr >> 8) & 0xff; + addrs[num_addrs * 4 + 3] = (ip.s_addr >> 0) & 0xff; + addr_list[++num_addrs] = NULL; + } + he.h_addr_list = addr_list; + return &he; + } +} + +struct hostent* +roken_gethostbyname(const char *hostname) +{ + struct hostent *he; + he = gethostbyname(hostname); + if(he) + return he; + return roken_gethostby(hostname); +} + +struct hostent* +roken_gethostbyaddr(const void *addr, size_t len, int type) +{ + struct in_addr a; + const char *p; + struct hostent *he; + he = gethostbyaddr(addr, len, type); + if(he) + return he; + if(type != AF_INET || len != 4) + return NULL; + p = addr; + a.s_addr = htonl((p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]); + return roken_gethostby(inet_ntoa(a)); +} + +#if 0 + +/* this program can be used as a cgi `script' to lookup names and + ip-addresses */ + +#include <stdio.h> +#include <stdlib.h> +#include <netdb.h> +#include <sys/param.h> + +int +main(int argc, char **argv) +{ + char *query = getenv("QUERY_STRING"); + char host[MAXHOSTNAMELEN]; + int i; + struct hostent *he; + + printf("Content-type: text/plain\n\n"); + if(query == NULL) + exit(0); + he = gethostbyname(query); + strncpy(host, he->h_name, sizeof(host)); + host[sizeof(host) - 1] = '\0'; + he = gethostbyaddr(he->h_addr, he->h_length, AF_INET); + printf("%s\n", he->h_name); + for(i = 0; he->h_addr_list[i]; i++) { + struct in_addr ip; + unsigned char *p = (unsigned char*)he->h_addr_list[i]; + ip.s_addr = htonl((p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]); + printf("%s\n", inet_ntoa(ip)); + } + exit(0); +} + +#endif diff --git a/crypto/heimdal/lib/roken/sendmsg.c b/crypto/heimdal/lib/roken/sendmsg.c new file mode 100644 index 0000000..7075bf2 --- /dev/null +++ b/crypto/heimdal/lib/roken/sendmsg.c @@ -0,0 +1,65 @@ +/* + * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: sendmsg.c,v 1.4 1999/12/02 16:58:52 joda Exp $"); +#endif + +#include "roken.h" + +ssize_t +sendmsg(int s, const struct msghdr *msg, int flags) +{ + ssize_t ret; + size_t tot = 0; + int i; + char *buf, *p; + struct iovec *iov = msg->msg_iov; + + for(i = 0; i < msg->msg_iovlen; ++i) + tot += iov[i].iov_len; + buf = malloc(tot); + if (tot != 0 && buf == NULL) { + errno = ENOMEM; + return -1; + } + p = buf; + for (i = 0; i < msg->msg_iovlen; ++i) { + memcpy (p, iov[i].iov_base, iov[i].iov_len); + p += iov[i].iov_len; + } + ret = sendto (s, buf, tot, flags, msg->msg_name, msg->msg_namelen); + free (buf); + return ret; +} diff --git a/crypto/heimdal/lib/roken/setegid.c b/crypto/heimdal/lib/roken/setegid.c new file mode 100644 index 0000000..2f46fe4 --- /dev/null +++ b/crypto/heimdal/lib/roken/setegid.c @@ -0,0 +1,57 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: setegid.c,v 1.9 1999/12/02 16:58:52 joda Exp $"); +#endif + +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif + +#include "roken.h" + +int +setegid(gid_t egid) +{ +#ifdef HAVE_SETREGID + return setregid(-1, egid); +#endif + +#ifdef HAVE_SETRESGID + return setresgid(-1, egid, -1); +#endif + + return -1; +} diff --git a/crypto/heimdal/lib/roken/setenv.c b/crypto/heimdal/lib/roken/setenv.c new file mode 100644 index 0000000..15b5811 --- /dev/null +++ b/crypto/heimdal/lib/roken/setenv.c @@ -0,0 +1,66 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: setenv.c,v 1.9 1999/12/02 16:58:52 joda Exp $"); +#endif + +#include "roken.h" + +#include <stdlib.h> +#include <string.h> + +/* + * This is the easy way out, use putenv to implement setenv. We might + * leak some memory but that is ok since we are usally about to exec + * anyway. + */ + +int +setenv(const char *var, const char *val, int rewrite) +{ + char *t; + + if (!rewrite && getenv(var) != 0) + return 0; + + asprintf (&t, "%s=%s", var, val); + if (t == NULL) + return -1; + + if (putenv(t) == 0) + return 0; + else + return -1; +} diff --git a/crypto/heimdal/lib/roken/seteuid.c b/crypto/heimdal/lib/roken/seteuid.c new file mode 100644 index 0000000..ee68ba7 --- /dev/null +++ b/crypto/heimdal/lib/roken/seteuid.c @@ -0,0 +1,57 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: seteuid.c,v 1.10 1999/12/02 16:58:52 joda Exp $"); +#endif + +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif + +#include "roken.h" + +int +seteuid(uid_t euid) +{ +#ifdef HAVE_SETREUID + return setreuid(-1, euid); +#endif + +#ifdef HAVE_SETRESUID + return setresuid(-1, euid, -1); +#endif + + return -1; +} diff --git a/crypto/heimdal/lib/roken/signal.c b/crypto/heimdal/lib/roken/signal.c new file mode 100644 index 0000000..85f36ee --- /dev/null +++ b/crypto/heimdal/lib/roken/signal.c @@ -0,0 +1,81 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: signal.c,v 1.10 1999/12/14 01:37:58 assar Exp $"); +#endif + +#include <signal.h> + +/* + * We would like to always use this signal but there is a link error + * on NEXTSTEP + */ +#if !defined(NeXT) && !defined(__APPLE__) +/* + * Bugs: + * + * Do we need any extra hacks for SIGCLD and/or SIGCHLD? + */ + +typedef RETSIGTYPE (*SigAction)(/* int??? */); + +SigAction +signal(int iSig, SigAction pAction) +{ + struct sigaction saNew, saOld; + + saNew.sa_handler = pAction; + sigemptyset(&saNew.sa_mask); + saNew.sa_flags = 0; + + if (iSig == SIGALRM) + { +#ifdef SA_INTERRUPT + saNew.sa_flags |= SA_INTERRUPT; +#endif + } + else + { +#ifdef SA_RESTART + saNew.sa_flags |= SA_RESTART; +#endif + } + + if (sigaction(iSig, &saNew, &saOld) < 0) + return(SIG_ERR); + + return(saOld.sa_handler); +} +#endif diff --git a/crypto/heimdal/lib/roken/simple_exec.c b/crypto/heimdal/lib/roken/simple_exec.c new file mode 100644 index 0000000..426f494 --- /dev/null +++ b/crypto/heimdal/lib/roken/simple_exec.c @@ -0,0 +1,171 @@ +/* + * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: simple_exec.c,v 1.6 1999/12/02 16:58:52 joda Exp $"); +#endif + +#include <stdarg.h> +#include <stdlib.h> +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_SYS_WAIT_H +#include <sys/wait.h> +#endif +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif +#include <errno.h> + +#include <roken.h> + +#define EX_NOEXEC 126 +#define EX_NOTFOUND 127 + +/* return values: + -1 on `unspecified' system errors + -2 on fork failures + -3 on waitpid errors + 0- is return value from subprocess + 126 if the program couldn't be executed + 127 if the program couldn't be found + 128- is 128 + signal that killed subprocess + */ + +static int +check_status(pid_t pid) +{ + while(1) { + int status; + + while(waitpid(pid, &status, 0) < 0) + if (errno != EINTR) + return -3; + if(WIFSTOPPED(status)) + continue; + if(WIFEXITED(status)) + return WEXITSTATUS(status); + if(WIFSIGNALED(status)) + return WTERMSIG(status) + 128; + } +} + +int +simple_execvp(const char *file, char *const args[]) +{ + pid_t pid = fork(); + switch(pid){ + case -1: + return -2; + case 0: + execvp(file, args); + exit((errno == ENOENT) ? EX_NOTFOUND : EX_NOEXEC); + default: + return check_status(pid); + } +} + +/* gee, I'd like a execvpe */ +int +simple_execve(const char *file, char *const args[], char *const envp[]) +{ + pid_t pid = fork(); + switch(pid){ + case -1: + return -2; + case 0: + execve(file, args, envp); + exit((errno == ENOENT) ? EX_NOTFOUND : EX_NOEXEC); + default: + return check_status(pid); + } +} + +static char ** +collect_args(va_list *ap) +{ + char **argv = NULL; + int argc = 0, i = 0; + do { + if(i == argc) { + /* realloc argv */ + char **tmp = realloc(argv, (argc + 5) * sizeof(*argv)); + if(tmp == NULL) { + errno = ENOMEM; + return NULL; + } + argv = tmp; + argc += 5; + } + argv[i++] = va_arg(*ap, char*); + } while(argv[i - 1] != NULL); + return argv; +} + +int +simple_execlp(const char *file, ...) +{ + va_list ap; + char **argv; + int ret; + + va_start(ap, file); + argv = collect_args(&ap); + va_end(ap); + if(argv == NULL) + return -1; + ret = simple_execvp(file, argv); + free(argv); + return ret; +} + +int +simple_execle(const char *file, ... /* ,char *const envp[] */) +{ + va_list ap; + char **argv; + char *const* envp; + int ret; + + va_start(ap, file); + argv = collect_args(&ap); + envp = va_arg(ap, char **); + va_end(ap); + if(argv == NULL) + return -1; + ret = simple_execve(file, argv, envp); + free(argv); + return ret; +} diff --git a/crypto/heimdal/lib/roken/snprintf.c b/crypto/heimdal/lib/roken/snprintf.c new file mode 100644 index 0000000..0333e87 --- /dev/null +++ b/crypto/heimdal/lib/roken/snprintf.c @@ -0,0 +1,619 @@ +/* + * Copyright (c) 1995-1997, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: snprintf.c,v 1.24 1999/12/02 16:58:52 joda Exp $"); +#endif +#include <stdio.h> +#include <stdarg.h> +#include <stdlib.h> +#include <string.h> +#include <ctype.h> +#include <roken.h> + +enum format_flags { + minus_flag = 1, + plus_flag = 2, + space_flag = 4, + alternate_flag = 8, + zero_flag = 16 +}; + +/* + * Common state + */ + +struct state { + unsigned char *str; + unsigned char *s; + unsigned char *theend; + size_t sz; + size_t max_sz; + int (*append_char)(struct state *, unsigned char); + int (*reserve)(struct state *, size_t); + /* XXX - methods */ +}; + +#ifndef HAVE_VSNPRINTF +static int +sn_reserve (struct state *state, size_t n) +{ + return state->s + n > state->theend; +} + +static int +sn_append_char (struct state *state, unsigned char c) +{ + if (sn_reserve (state, 1)) { + return 1; + } else { + *state->s++ = c; + return 0; + } +} +#endif + +static int +as_reserve (struct state *state, size_t n) +{ + if (state->s + n > state->theend) { + int off = state->s - state->str; + unsigned char *tmp; + + if (state->max_sz && state->sz >= state->max_sz) + return 1; + + state->sz = max(state->sz * 2, state->sz + n); + if (state->max_sz) + state->sz = min(state->sz, state->max_sz); + tmp = realloc (state->str, state->sz); + if (tmp == NULL) + return 1; + state->str = tmp; + state->s = state->str + off; + state->theend = state->str + state->sz - 1; + } + return 0; +} + +static int +as_append_char (struct state *state, unsigned char c) +{ + if(as_reserve (state, 1)) + return 1; + else { + *state->s++ = c; + return 0; + } +} + +static int +append_number(struct state *state, + unsigned long num, unsigned base, char *rep, + int width, int prec, int flags, int minusp) +{ + int len = 0; + int i; + + /* given precision, ignore zero flag */ + if(prec != -1) + flags &= ~zero_flag; + else + prec = 1; + /* zero value with zero precision -> "" */ + if(prec == 0 && num == 0) + return 0; + do{ + if((*state->append_char)(state, rep[num % base])) + return 1; + len++; + num /= base; + }while(num); + prec -= len; + /* pad with prec zeros */ + while(prec-- > 0){ + if((*state->append_char)(state, '0')) + return 1; + len++; + } + /* add length of alternate prefix (added later) to len */ + if(flags & alternate_flag && (base == 16 || base == 8)) + len += base / 8; + /* pad with zeros */ + if(flags & zero_flag){ + width -= len; + if(minusp || (flags & space_flag) || (flags & plus_flag)) + width--; + while(width-- > 0){ + if((*state->append_char)(state, '0')) + return 1; + len++; + } + } + /* add alternate prefix */ + if(flags & alternate_flag && (base == 16 || base == 8)){ + if(base == 16) + if((*state->append_char)(state, rep[10] + 23)) /* XXX */ + return 1; + if((*state->append_char)(state, '0')) + return 1; + } + /* add sign */ + if(minusp){ + if((*state->append_char)(state, '-')) + return 1; + len++; + } else if(flags & plus_flag) { + if((*state->append_char)(state, '+')) + return 1; + len++; + } else if(flags & space_flag) { + if((*state->append_char)(state, ' ')) + return 1; + len++; + } + if(flags & minus_flag) + /* swap before padding with spaces */ + for(i = 0; i < len / 2; i++){ + char c = state->s[-i-1]; + state->s[-i-1] = state->s[-len+i]; + state->s[-len+i] = c; + } + width -= len; + while(width-- > 0){ + if((*state->append_char)(state, ' ')) + return 1; + len++; + } + if(!(flags & minus_flag)) + /* swap after padding with spaces */ + for(i = 0; i < len / 2; i++){ + char c = state->s[-i-1]; + state->s[-i-1] = state->s[-len+i]; + state->s[-len+i] = c; + } + + return 0; +} + +static int +append_string (struct state *state, + unsigned char *arg, + int width, + int prec, + int flags) +{ + if(prec != -1) + width -= prec; + else + width -= strlen((char *)arg); + if(!(flags & minus_flag)) + while(width-- > 0) + if((*state->append_char) (state, ' ')) + return 1; + if (prec != -1) { + while (*arg && prec--) + if ((*state->append_char) (state, *arg++)) + return 1; + } else { + while (*arg) + if ((*state->append_char) (state, *arg++)) + return 1; + } + if(flags & minus_flag) + while(width-- > 0) + if((*state->append_char) (state, ' ')) + return 1; + return 0; +} + +static int +append_char(struct state *state, + unsigned char arg, + int width, + int flags) +{ + while(!(flags & minus_flag) && --width > 0) + if((*state->append_char) (state, ' ')) + return 1; + + if((*state->append_char) (state, arg)) + return 1; + while((flags & minus_flag) && --width > 0) + if((*state->append_char) (state, ' ')) + return 1; + + return 0; +} + +/* + * This can't be made into a function... + */ + +#define PARSE_INT_FORMAT(res, arg, unsig) \ +if (long_flag) \ + res = (unsig long)va_arg(arg, unsig long); \ +else if (short_flag) \ + res = (unsig short)va_arg(arg, unsig short); \ +else \ + res = (unsig int)va_arg(arg, unsig int) + +/* + * zyxprintf - return 0 or -1 + */ + +static int +xyzprintf (struct state *state, const char *char_format, va_list ap) +{ + const unsigned char *format = (const unsigned char *)char_format; + unsigned char c; + + while((c = *format++)) { + if (c == '%') { + int flags = 0; + int width = 0; + int prec = -1; + int long_flag = 0; + int short_flag = 0; + + /* flags */ + while((c = *format++)){ + if(c == '-') + flags |= minus_flag; + else if(c == '+') + flags |= plus_flag; + else if(c == ' ') + flags |= space_flag; + else if(c == '#') + flags |= alternate_flag; + else if(c == '0') + flags |= zero_flag; + else + break; + } + + if((flags & space_flag) && (flags & plus_flag)) + flags ^= space_flag; + + if((flags & minus_flag) && (flags & zero_flag)) + flags ^= zero_flag; + + /* width */ + if (isdigit(c)) + do { + width = width * 10 + c - '0'; + c = *format++; + } while(isdigit(c)); + else if(c == '*') { + width = va_arg(ap, int); + c = *format++; + } + + /* precision */ + if (c == '.') { + prec = 0; + c = *format++; + if (isdigit(c)) + do { + prec = prec * 10 + c - '0'; + c = *format++; + } while(isdigit(c)); + else if (c == '*') { + prec = va_arg(ap, int); + c = *format++; + } + } + + /* size */ + + if (c == 'h') { + short_flag = 1; + c = *format++; + } else if (c == 'l') { + long_flag = 1; + c = *format++; + } + + switch (c) { + case 'c' : + if(append_char(state, va_arg(ap, int), width, flags)) + return -1; + break; + case 's' : + if (append_string(state, + va_arg(ap, unsigned char*), + width, + prec, + flags)) + return -1; + break; + case 'd' : + case 'i' : { + long arg; + unsigned long num; + int minusp = 0; + + PARSE_INT_FORMAT(arg, ap, signed); + + if (arg < 0) { + minusp = 1; + num = -arg; + } else + num = arg; + + if (append_number (state, num, 10, "0123456789", + width, prec, flags, minusp)) + return -1; + break; + } + case 'u' : { + unsigned long arg; + + PARSE_INT_FORMAT(arg, ap, unsigned); + + if (append_number (state, arg, 10, "0123456789", + width, prec, flags, 0)) + return -1; + break; + } + case 'o' : { + unsigned long arg; + + PARSE_INT_FORMAT(arg, ap, unsigned); + + if (append_number (state, arg, 010, "01234567", + width, prec, flags, 0)) + return -1; + break; + } + case 'x' : { + unsigned long arg; + + PARSE_INT_FORMAT(arg, ap, unsigned); + + if (append_number (state, arg, 0x10, "0123456789abcdef", + width, prec, flags, 0)) + return -1; + break; + } + case 'X' :{ + unsigned long arg; + + PARSE_INT_FORMAT(arg, ap, unsigned); + + if (append_number (state, arg, 0x10, "0123456789ABCDEF", + width, prec, flags, 0)) + return -1; + break; + } + case 'p' : { + unsigned long arg = (unsigned long)va_arg(ap, void*); + + if (append_number (state, arg, 0x10, "0123456789ABCDEF", + width, prec, flags, 0)) + return -1; + break; + } + case 'n' : { + int *arg = va_arg(ap, int*); + *arg = state->s - state->str; + break; + } + case '\0' : + --format; + /* FALLTHROUGH */ + case '%' : + if ((*state->append_char)(state, c)) + return -1; + break; + default : + if ( (*state->append_char)(state, '%') + || (*state->append_char)(state, c)) + return -1; + break; + } + } else + if ((*state->append_char) (state, c)) + return -1; + } + return 0; +} + +#ifndef HAVE_SNPRINTF +int +snprintf (char *str, size_t sz, const char *format, ...) +{ + va_list args; + int ret; + + va_start(args, format); + ret = vsnprintf (str, sz, format, args); + +#ifdef PARANOIA + { + int ret2; + char *tmp; + + tmp = malloc (sz); + if (tmp == NULL) + abort (); + + ret2 = vsprintf (tmp, format, args); + if (ret != ret2 || strcmp(str, tmp)) + abort (); + free (tmp); + } +#endif + + va_end(args); + return ret; +} +#endif + +#ifndef HAVE_ASPRINTF +int +asprintf (char **ret, const char *format, ...) +{ + va_list args; + int val; + + va_start(args, format); + val = vasprintf (ret, format, args); + +#ifdef PARANOIA + { + int ret2; + char *tmp; + tmp = malloc (val + 1); + if (tmp == NULL) + abort (); + + ret2 = vsprintf (tmp, format, args); + if (val != ret2 || strcmp(*ret, tmp)) + abort (); + free (tmp); + } +#endif + + va_end(args); + return val; +} +#endif + +#ifndef HAVE_ASNPRINTF +int +asnprintf (char **ret, size_t max_sz, const char *format, ...) +{ + va_list args; + int val; + + va_start(args, format); + val = vasnprintf (ret, max_sz, format, args); + +#ifdef PARANOIA + { + int ret2; + char *tmp; + tmp = malloc (val + 1); + if (tmp == NULL) + abort (); + + ret2 = vsprintf (tmp, format, args); + if (val != ret2 || strcmp(*ret, tmp)) + abort (); + free (tmp); + } +#endif + + va_end(args); + return val; +} +#endif + +#ifndef HAVE_VASPRINTF +int +vasprintf (char **ret, const char *format, va_list args) +{ + return vasnprintf (ret, 0, format, args); +} +#endif + + +#ifndef HAVE_VASNPRINTF +int +vasnprintf (char **ret, size_t max_sz, const char *format, va_list args) +{ + int st; + size_t len; + struct state state; + + state.max_sz = max_sz; + state.sz = 1; + state.str = malloc(state.sz); + if (state.str == NULL) { + *ret = NULL; + return -1; + } + state.s = state.str; + state.theend = state.s + state.sz - 1; + state.append_char = as_append_char; + state.reserve = as_reserve; + + st = xyzprintf (&state, format, args); + if (st) { + free (state.str); + *ret = NULL; + return -1; + } else { + char *tmp; + + *state.s = '\0'; + len = state.s - state.str; + tmp = realloc (state.str, len+1); + if (tmp == NULL) { + free (state.str); + *ret = NULL; + return -1; + } + *ret = tmp; + return len; + } +} +#endif + +#ifndef HAVE_VSNPRINTF +int +vsnprintf (char *str, size_t sz, const char *format, va_list args) +{ + struct state state; + int ret; + unsigned char *ustr = (unsigned char *)str; + + state.max_sz = 0; + state.sz = sz; + state.str = ustr; + state.s = ustr; + state.theend = ustr + sz - 1; + state.append_char = sn_append_char; + state.reserve = sn_reserve; + + ret = xyzprintf (&state, format, args); + *state.s = '\0'; + if (ret) + return sz; + else + return state.s - state.str; +} +#endif + diff --git a/crypto/heimdal/lib/roken/socket.c b/crypto/heimdal/lib/roken/socket.c new file mode 100644 index 0000000..6e9c3df --- /dev/null +++ b/crypto/heimdal/lib/roken/socket.c @@ -0,0 +1,282 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: socket.c,v 1.3 1999/12/02 16:58:52 joda Exp $"); +#endif + +#include <string.h> +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_SYS_SOCKET_H +#include <sys/socket.h> +#endif +#ifdef HAVE_NETINET_IN_H +#include <netinet/in.h> +#endif +#ifdef HAVE_NETINET_IN_SYSTM_H +#include <netinet/in_systm.h> +#endif +#ifdef HAVE_NETINET_IP_H +#include <netinet/ip.h> +#endif + +#include <roken.h> + +#include <err.h> + +/* + * Set `sa' to the unitialized address of address family `af' + */ + +void +socket_set_any (struct sockaddr *sa, int af) +{ + switch (af) { + case AF_INET : { + struct sockaddr_in *sin = (struct sockaddr_in *)sa; + + memset (sin, 0, sizeof(*sin)); + sin->sin_family = AF_INET; + sin->sin_port = 0; + sin->sin_addr.s_addr = INADDR_ANY; + break; + } +#ifdef HAVE_IPV6 + case AF_INET6 : { + struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)sa; + + memset (sin6, 0, sizeof(*sin6)); + sin6->sin6_family = AF_INET6; + sin6->sin6_port = 0; + sin6->sin6_addr = in6addr_any; + break; + } +#endif + default : + errx (1, "unknown address family %d", sa->sa_family); + break; + } +} + +/* + * set `sa' to (`ptr', `port') + */ + +void +socket_set_address_and_port (struct sockaddr *sa, const void *ptr, int port) +{ + switch (sa->sa_family) { + case AF_INET : { + struct sockaddr_in *sin = (struct sockaddr_in *)sa; + + memset (sin, 0, sizeof(*sin)); + sin->sin_family = AF_INET; + sin->sin_port = port; + memcpy (&sin->sin_addr, ptr, sizeof(struct in_addr)); + break; + } +#ifdef HAVE_IPV6 + case AF_INET6 : { + struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)sa; + + memset (sin6, 0, sizeof(*sin6)); + sin6->sin6_family = AF_INET6; + sin6->sin6_port = port; + memcpy (&sin6->sin6_addr, ptr, sizeof(struct in6_addr)); + break; + } +#endif + default : + errx (1, "unknown address family %d", sa->sa_family); + break; + } +} + +/* + * Return the size of an address of the type in `sa' + */ + +size_t +socket_addr_size (const struct sockaddr *sa) +{ + switch (sa->sa_family) { + case AF_INET : + return sizeof(struct in_addr); +#ifdef HAVE_IPV6 + case AF_INET6 : + return sizeof(struct in6_addr); +#endif + default : + errx (1, "unknown address family %d", sa->sa_family); + break; + } +} + +/* + * Return the size of a `struct sockaddr' in `sa'. + */ + +size_t +socket_sockaddr_size (const struct sockaddr *sa) +{ + switch (sa->sa_family) { + case AF_INET : + return sizeof(struct sockaddr_in); +#ifdef HAVE_IPV6 + case AF_INET6 : + return sizeof(struct sockaddr_in6); +#endif + default : + errx (1, "unknown address family %d", sa->sa_family); + break; + } +} + +/* + * Return the binary address of `sa'. + */ + +void * +socket_get_address (struct sockaddr *sa) +{ + switch (sa->sa_family) { + case AF_INET : { + struct sockaddr_in *sin = (struct sockaddr_in *)sa; + return &sin->sin_addr; + } +#ifdef HAVE_IPV6 + case AF_INET6 : { + struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)sa; + return &sin6->sin6_addr; + } +#endif + default : + errx (1, "unknown address family %d", sa->sa_family); + break; + } +} + +/* + * Return the port number from `sa'. + */ + +int +socket_get_port (const struct sockaddr *sa) +{ + switch (sa->sa_family) { + case AF_INET : { + const struct sockaddr_in *sin = (const struct sockaddr_in *)sa; + return sin->sin_port; + } +#ifdef HAVE_IPV6 + case AF_INET6 : { + const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)sa; + return sin6->sin6_port; + } +#endif + default : + errx (1, "unknown address family %d", sa->sa_family); + break; + } +} + +/* + * Set the port in `sa' to `port'. + */ + +void +socket_set_port (struct sockaddr *sa, int port) +{ + switch (sa->sa_family) { + case AF_INET : { + struct sockaddr_in *sin = (struct sockaddr_in *)sa; + sin->sin_port = port; + break; + } +#ifdef HAVE_IPV6 + case AF_INET6 : { + struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)sa; + sin6->sin6_port = port; + break; + } +#endif + default : + errx (1, "unknown address family %d", sa->sa_family); + break; + } +} + +/* + * Enable debug on `sock'. + */ + +void +socket_set_debug (int sock) +{ + int on = 1; + +#if defined(SO_DEBUG) && defined(HAVE_SETSOCKOPT) + if (setsockopt (sock, SOL_SOCKET, SO_DEBUG, (void *) &on, sizeof (on)) < 0) + warn ("setsockopt SO_DEBUG (ignored)"); +#endif +} + +/* + * Set the type-of-service of `sock' to `tos'. + */ + +void +socket_set_tos (int sock, int tos) +{ +#if defined(IP_TOS) && defined(HAVE_SETSOCKOPT) + if (setsockopt (sock, IPPROTO_IP, IP_TOS, (void *) &tos, sizeof (int)) < 0) + warn ("setsockopt TOS (ignored)"); +#endif +} + +/* + * set the reuse of addresses on `sock' to `val'. + */ + +void +socket_set_reuseaddr (int sock, int val) +{ +#if defined(SO_REUSEADDR) && defined(HAVE_SETSOCKOPT) + if(setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *)&val, + sizeof(val)) < 0) + err (1, "setsockopt SO_REUSEADDR"); +#endif +} diff --git a/crypto/heimdal/lib/roken/strcasecmp.c b/crypto/heimdal/lib/roken/strcasecmp.c new file mode 100644 index 0000000..b5e20e7 --- /dev/null +++ b/crypto/heimdal/lib/roken/strcasecmp.c @@ -0,0 +1,58 @@ +/* + * Copyright (c) 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: strcasecmp.c,v 1.9 1999/12/02 16:58:52 joda Exp $"); +#endif + +#include <string.h> +#include <ctype.h> +#include <stddef.h> +#include "roken.h" + +#ifndef HAVE_STRCASECMP + +int +strcasecmp(const char *s1, const char *s2) +{ + while(toupper(*s1) == toupper(*s2)) { + if(*s1 == '\0') + return 0; + s1++; + s2++; + } + return toupper(*s1) - toupper(*s2); +} + +#endif diff --git a/crypto/heimdal/lib/roken/strdup.c b/crypto/heimdal/lib/roken/strdup.c new file mode 100644 index 0000000..87fb43e --- /dev/null +++ b/crypto/heimdal/lib/roken/strdup.c @@ -0,0 +1,50 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: strdup.c,v 1.10 1999/12/02 16:58:53 joda Exp $"); +#endif +#include <stdlib.h> +#include <string.h> + +#ifndef HAVE_STRDUP +char * +strdup(const char *old) +{ + char *t = malloc(strlen(old)+1); + if (t != 0) + strcpy(t, old); + return t; +} +#endif diff --git a/crypto/heimdal/lib/roken/strerror.c b/crypto/heimdal/lib/roken/strerror.c new file mode 100644 index 0000000..21936d7 --- /dev/null +++ b/crypto/heimdal/lib/roken/strerror.c @@ -0,0 +1,57 @@ +/* + * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: strerror.c,v 1.10 1999/12/02 16:58:53 joda Exp $"); +#endif + +#include <stdio.h> +#include <string.h> +#include <errno.h> + +extern int sys_nerr; +extern char *sys_errlist[]; + +char* +strerror(int eno) +{ + static char emsg[1024]; + + if(eno < 0 || eno >= sys_nerr) + snprintf(emsg, sizeof(emsg), "Error %d occurred.", eno); + else + snprintf(emsg, sizeof(emsg), "%s", sys_errlist[eno]); + + return emsg; +} diff --git a/crypto/heimdal/lib/roken/strftime.c b/crypto/heimdal/lib/roken/strftime.c new file mode 100644 index 0000000..b90614b --- /dev/null +++ b/crypto/heimdal/lib/roken/strftime.c @@ -0,0 +1,396 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of KTH nor the names of its contributors may be + * used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include "roken.h" + +RCSID("$Id: strftime.c,v 1.10 1999/11/13 04:18:33 assar Exp $"); + +static const char *abb_weekdays[] = { + "Sun", + "Mon", + "Tue", + "Wed", + "Thu", + "Fri", + "Sat", +}; + +static const char *full_weekdays[] = { + "Sunday", + "Monday", + "Tuesday", + "Wednesday", + "Thursday", + "Friday", + "Saturday", +}; + +static const char *abb_month[] = { + "Jan", + "Feb", + "Mar", + "Apr", + "May", + "Jun", + "Jul", + "Aug", + "Sep", + "Oct", + "Nov", + "Dec" +}; + +static const char *full_month[] = { + "January", + "February", + "Mars", + "April", + "May", + "June", + "July", + "August", + "September", + "October", + "November", + "December" +}; + +static const char *ampm[] = { + "AM", + "PM" +}; + +/* + * Convert hour in [0, 24] to [12 1 - 11 12 1 - 11 12] + */ + +static int +hour_24to12 (int hour) +{ + int ret = hour % 12; + + if (ret == 0) + ret = 12; + return ret; +} + +/* + * Return AM or PM for `hour' + */ + +static const char * +hour_to_ampm (int hour) +{ + return ampm[hour / 12]; +} + +/* + * Return the week number of `tm' (Sunday being the first day of the week) + * as [0, 53] + */ + +static int +week_number_sun (const struct tm *tm) +{ + return (tm->tm_yday + 7 - (tm->tm_yday % 7 - tm->tm_wday + 7) % 7) / 7; +} + +/* + * Return the week number of `tm' (Monday being the first day of the week) + * as [0, 53] + */ + +static int +week_number_mon (const struct tm *tm) +{ + int wday = (tm->tm_wday + 6) % 7; + + return (tm->tm_yday + 7 - (tm->tm_yday % 7 - wday + 7) % 7) / 7; +} + +/* + * Return the week number of `tm' (Monday being the first day of the + * week) as [01, 53]. Week number one is the one that has four or more + * days in that year. + */ + +static int +week_number_mon4 (const struct tm *tm) +{ + int wday = (tm->tm_wday + 6) % 7; + int w1day = (wday - tm->tm_yday % 7 + 7) % 7; + int ret; + + ret = (tm->tm_yday + w1day) / 7; + if (w1day >= 4) + --ret; + if (ret == -1) + ret = 53; + else + ++ret; + return ret; +} + +/* + * + */ + +size_t +strftime (char *buf, size_t maxsize, const char *format, + const struct tm *tm) +{ + size_t n = 0; + size_t ret; + + while (*format != '\0' && n < maxsize) { + if (*format == '%') { + ++format; + if(*format == 'E' || *format == 'O') + ++format; + switch (*format) { + case 'a' : + ret = snprintf (buf, maxsize - n, + "%s", abb_weekdays[tm->tm_wday]); + break; + case 'A' : + ret = snprintf (buf, maxsize - n, + "%s", full_weekdays[tm->tm_wday]); + break; + case 'h' : + case 'b' : + ret = snprintf (buf, maxsize - n, + "%s", abb_month[tm->tm_mon]); + break; + case 'B' : + ret = snprintf (buf, maxsize - n, + "%s", full_month[tm->tm_mon]); + break; + case 'c' : + ret = snprintf (buf, maxsize - n, + "%d:%02d:%02d %02d:%02d:%02d", + tm->tm_year, + tm->tm_mon + 1, + tm->tm_mday, + tm->tm_hour, + tm->tm_min, + tm->tm_sec); + break; + case 'C' : + ret = snprintf (buf, maxsize - n, + "%02d", (tm->tm_year + 1900) / 100); + break; + case 'd' : + ret = snprintf (buf, maxsize - n, + "%02d", tm->tm_mday); + break; + case 'D' : + ret = snprintf (buf, maxsize - n, + "%02d/%02d/%02d", + tm->tm_mon + 1, + tm->tm_mday, + (tm->tm_year + 1900) % 100); + break; + case 'e' : + ret = snprintf (buf, maxsize - n, + "%2d", tm->tm_mday); + break; + case 'F': + ret = snprintf (buf, maxsize - n, + "%04d-%02d-%02d", tm->tm_year + 1900, + tm->tm_mon + 1, tm->tm_mday); + break; + case 'g': + /* last two digits of week-based year */ + abort(); + case 'G': + /* week-based year */ + abort(); + case 'H' : + ret = snprintf (buf, maxsize - n, + "%02d", tm->tm_hour); + break; + case 'I' : + ret = snprintf (buf, maxsize - n, + "%02d", + hour_24to12 (tm->tm_hour)); + break; + case 'j' : + ret = snprintf (buf, maxsize - n, + "%03d", tm->tm_yday + 1); + break; + case 'k' : + ret = snprintf (buf, maxsize - n, + "%2d", tm->tm_hour); + break; + case 'l' : + ret = snprintf (buf, maxsize - n, + "%2d", + hour_24to12 (tm->tm_hour)); + break; + case 'm' : + ret = snprintf (buf, maxsize - n, + "%02d", tm->tm_mon + 1); + break; + case 'M' : + ret = snprintf (buf, maxsize - n, + "%02d", tm->tm_min); + break; + case 'n' : + ret = snprintf (buf, maxsize - n, "\n"); + break; + case 'p' : + ret = snprintf (buf, maxsize - n, "%s", + hour_to_ampm (tm->tm_hour)); + break; + case 'r' : + ret = snprintf (buf, maxsize - n, + "%02d:%02d:%02d %s", + hour_24to12 (tm->tm_hour), + tm->tm_min, + tm->tm_sec, + hour_to_ampm (tm->tm_hour)); + break; + case 'R' : + ret = snprintf (buf, maxsize - n, + "%02d:%02d", + tm->tm_hour, + tm->tm_min); + + case 's' : + ret = snprintf (buf, maxsize - n, + "%d", (int)mktime((struct tm *)tm)); + break; + case 'S' : + ret = snprintf (buf, maxsize - n, + "%02d", tm->tm_sec); + break; + case 't' : + ret = snprintf (buf, maxsize - n, "\t"); + break; + case 'T' : + case 'X' : + ret = snprintf (buf, maxsize - n, + "%02d:%02d:%02d", + tm->tm_hour, + tm->tm_min, + tm->tm_sec); + break; + case 'u' : + ret = snprintf (buf, maxsize - n, + "%d", (tm->tm_wday == 0) ? 7 : tm->tm_wday); + break; + case 'U' : + ret = snprintf (buf, maxsize - n, + "%02d", week_number_sun (tm)); + break; + case 'V' : + ret = snprintf (buf, maxsize - n, + "%02d", week_number_mon4 (tm)); + break; + case 'w' : + ret = snprintf (buf, maxsize - n, + "%d", tm->tm_wday); + break; + case 'W' : + ret = snprintf (buf, maxsize - n, + "%02d", week_number_mon (tm)); + break; + case 'x' : + ret = snprintf (buf, maxsize - n, + "%d:%02d:%02d", + tm->tm_year, + tm->tm_mon + 1, + tm->tm_mday); + break; + case 'y' : + ret = snprintf (buf, maxsize - n, + "%02d", (tm->tm_year + 1900) % 100); + break; + case 'Y' : + ret = snprintf (buf, maxsize - n, + "%d", tm->tm_year + 1900); + break; + case 'z': + ret = snprintf (buf, maxsize - n, + "%ld", +#if defined(HAVE_STRUCT_TM_TM_GMTOFF) + (long)tm->tm_gmtoff +#elif defined(HAVE_TIMEZONE) + tm->tm_isdst ? + (long)altzone : + (long)timezone +#else +#error Where in timezone chaos are you? +#endif + ); + break; + case 'Z' : + ret = snprintf (buf, maxsize - n, + "%s", + +#if defined(HAVE_STRUCT_TM_TM_ZONE) + tm->tm_zone +#elif defined(HAVE_TIMEZONE) + tzname[tm->tm_isdst] +#else +#error what? +#endif + ); + break; + case '\0' : + --format; + /* FALLTHROUGH */ + case '%' : + ret = snprintf (buf, maxsize - n, + "%%"); + break; + default : + ret = snprintf (buf, maxsize - n, + "%%%c", *format); + break; + } + if (ret >= maxsize - n) + return 0; + n += ret; + buf += ret; + ++format; + } else { + *buf++ = *format++; + ++n; + } + } + *buf++ = '\0'; + return n; +} diff --git a/crypto/heimdal/lib/roken/strlcat.c b/crypto/heimdal/lib/roken/strlcat.c new file mode 100644 index 0000000..d3c8baa --- /dev/null +++ b/crypto/heimdal/lib/roken/strlcat.c @@ -0,0 +1,50 @@ +/* + * Copyright (c) 1995 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include "roken.h" + +RCSID("$Id: strlcat.c,v 1.5 1999/12/02 16:58:53 joda Exp $"); + +#ifndef HAVE_STRLCAT + +size_t +strlcat (char *dst, const char *src, size_t dst_sz) +{ + size_t len = strlen(dst); + + return len + strlcpy (dst + len, src, dst_sz - len); +} +#endif diff --git a/crypto/heimdal/lib/roken/strlcpy.c b/crypto/heimdal/lib/roken/strlcpy.c new file mode 100644 index 0000000..33cd9cb --- /dev/null +++ b/crypto/heimdal/lib/roken/strlcpy.c @@ -0,0 +1,60 @@ +/* + * Copyright (c) 1995 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include "roken.h" + +RCSID("$Id: strlcpy.c,v 1.5 1999/12/02 16:58:53 joda Exp $"); + +#ifndef HAVE_STRLCPY + +size_t +strlcpy (char *dst, const char *src, size_t dst_sz) +{ + size_t n; + char *p; + + for (p = dst, n = 0; + n + 1 < dst_sz && *src != '\0'; + ++p, ++src, ++n) + *p = *src; + *p = '\0'; + if (*src == '\0') + return n; + else + return n + strlen (src); +} + +#endif diff --git a/crypto/heimdal/lib/roken/strlwr.c b/crypto/heimdal/lib/roken/strlwr.c new file mode 100644 index 0000000..cb36789 --- /dev/null +++ b/crypto/heimdal/lib/roken/strlwr.c @@ -0,0 +1,53 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: strlwr.c,v 1.4 1999/12/02 16:58:53 joda Exp $"); +#endif +#include <string.h> +#include <ctype.h> + +#include <roken.h> + +#ifndef HAVE_STRLWR +char * +strlwr(char *str) +{ + char *s; + + for(s = str; *s; s++) + *s = tolower(*s); + return str; +} +#endif diff --git a/crypto/heimdal/lib/roken/strncasecmp.c b/crypto/heimdal/lib/roken/strncasecmp.c new file mode 100644 index 0000000..7c6474f --- /dev/null +++ b/crypto/heimdal/lib/roken/strncasecmp.c @@ -0,0 +1,60 @@ +/* + * Copyright (c) 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: strncasecmp.c,v 1.2 1999/12/02 16:58:53 joda Exp $"); +#endif + +#include <string.h> +#include <ctype.h> +#include <stddef.h> + +#ifndef HAVE_STRNCASECMP + +int +strncasecmp(const char *s1, const char *s2, size_t n) +{ + while(n > 0 && toupper(*s1) == toupper(*s2)) { + if(*s1 == '\0') + return 0; + s1++; + s2++; + n--; + } + if(n == 0) + return 0; + return toupper(*s1) - toupper(*s2); +} + +#endif diff --git a/crypto/heimdal/lib/roken/strndup.c b/crypto/heimdal/lib/roken/strndup.c new file mode 100644 index 0000000..31e7e9f --- /dev/null +++ b/crypto/heimdal/lib/roken/strndup.c @@ -0,0 +1,56 @@ +/* + * Copyright (c) 1995 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: strndup.c,v 1.2 1999/12/02 16:58:53 joda Exp $"); +#endif +#include <stdlib.h> +#include <string.h> + +#include <roken.h> + +#ifndef HAVE_STRNDUP +char * +strndup(const char *old, size_t sz) +{ + size_t len = strnlen (old, sz); + char *t = malloc(len + 1); + + if (t != NULL) { + memcpy (t, old, len); + t[len] = '\0'; + } + return t; +} +#endif /* HAVE_STRNDUP */ diff --git a/crypto/heimdal/lib/roken/strnlen.c b/crypto/heimdal/lib/roken/strnlen.c new file mode 100644 index 0000000..fffb3b7 --- /dev/null +++ b/crypto/heimdal/lib/roken/strnlen.c @@ -0,0 +1,49 @@ +/* + * Copyright (c) 1995 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: strnlen.c,v 1.7 1999/12/02 16:58:53 joda Exp $"); +#endif + +#include "roken.h" + +size_t +strnlen(const char *s, size_t len) +{ + size_t i; + + for(i = 0; i < len && s[i]; i++) + ; + return i; +} diff --git a/crypto/heimdal/lib/roken/strpftime-test.c b/crypto/heimdal/lib/roken/strpftime-test.c new file mode 100644 index 0000000..7eb8fb8 --- /dev/null +++ b/crypto/heimdal/lib/roken/strpftime-test.c @@ -0,0 +1,287 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of KTH nor the names of its contributors may be + * used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include "roken.h" + +RCSID("$Id: strpftime-test.c,v 1.2 1999/11/12 15:29:55 assar Exp $"); + +enum { MAXSIZE = 26 }; + +static struct testcase { + time_t t; + struct { + const char *format; + const char *result; + } vals[MAXSIZE]; +} tests[] = { + {0, + { + {"%A", "Thursday"}, + {"%a", "Thu"}, + {"%B", "January"}, + {"%b", "Jan"}, + {"%C", "19"}, + {"%d", "01"}, + {"%e", " 1"}, + {"%H", "00"}, + {"%I", "12"}, + {"%j", "001"}, + {"%k", " 0"}, + {"%l", "12"}, + {"%M", "00"}, + {"%m", "01"}, + {"%n", "\n"}, + {"%p", "AM"}, + {"%S", "00"}, + {"%t", "\t"}, + {"%w", "4"}, + {"%Y", "1970"}, + {"%y", "70"}, + {"%U", "00"}, + {"%W", "00"}, + {"%V", "01"}, + {"%%", "%"}, + {NULL, NULL}} + }, + {90000, + { + {"%A", "Friday"}, + {"%a", "Fri"}, + {"%B", "January"}, + {"%b", "Jan"}, + {"%C", "19"}, + {"%d", "02"}, + {"%e", " 2"}, + {"%H", "01"}, + {"%I", "01"}, + {"%j", "002"}, + {"%k", " 1"}, + {"%l", " 1"}, + {"%M", "00"}, + {"%m", "01"}, + {"%n", "\n"}, + {"%p", "AM"}, + {"%S", "00"}, + {"%t", "\t"}, + {"%w", "5"}, + {"%Y", "1970"}, + {"%y", "70"}, + {"%U", "00"}, + {"%W", "00"}, + {"%V", "01"}, + {"%%", "%"}, + {NULL, NULL} + } + }, + {216306, + { + {"%A", "Saturday"}, + {"%a", "Sat"}, + {"%B", "January"}, + {"%b", "Jan"}, + {"%C", "19"}, + {"%d", "03"}, + {"%e", " 3"}, + {"%H", "12"}, + {"%I", "12"}, + {"%j", "003"}, + {"%k", "12"}, + {"%l", "12"}, + {"%M", "05"}, + {"%m", "01"}, + {"%n", "\n"}, + {"%p", "PM"}, + {"%S", "06"}, + {"%t", "\t"}, + {"%w", "6"}, + {"%Y", "1970"}, + {"%y", "70"}, + {"%U", "00"}, + {"%W", "00"}, + {"%V", "01"}, + {"%%", "%"}, + {NULL, NULL} + } + }, + {259200, + { + {"%A", "Sunday"}, + {"%a", "Sun"}, + {"%B", "January"}, + {"%b", "Jan"}, + {"%C", "19"}, + {"%d", "04"}, + {"%e", " 4"}, + {"%H", "00"}, + {"%I", "12"}, + {"%j", "004"}, + {"%k", " 0"}, + {"%l", "12"}, + {"%M", "00"}, + {"%m", "01"}, + {"%n", "\n"}, + {"%p", "AM"}, + {"%S", "00"}, + {"%t", "\t"}, + {"%w", "0"}, + {"%Y", "1970"}, + {"%y", "70"}, + {"%U", "01"}, + {"%W", "00"}, + {"%V", "01"}, + {"%%", "%"}, + {NULL, NULL} + } + }, + {915148800, + { + {"%A", "Friday"}, + {"%a", "Fri"}, + {"%B", "January"}, + {"%b", "Jan"}, + {"%C", "19"}, + {"%d", "01"}, + {"%e", " 1"}, + {"%H", "00"}, + {"%I", "12"}, + {"%j", "001"}, + {"%k", " 0"}, + {"%l", "12"}, + {"%M", "00"}, + {"%m", "01"}, + {"%n", "\n"}, + {"%p", "AM"}, + {"%S", "00"}, + {"%t", "\t"}, + {"%w", "5"}, + {"%Y", "1999"}, + {"%y", "99"}, + {"%U", "00"}, + {"%W", "00"}, + {"%V", "53"}, + {"%%", "%"}, + {NULL, NULL}} + }, + {942161105, + { + + {"%A", "Tuesday"}, + {"%a", "Tue"}, + {"%B", "November"}, + {"%b", "Nov"}, + {"%C", "19"}, + {"%d", "09"}, + {"%e", " 9"}, + {"%H", "15"}, + {"%I", "03"}, + {"%j", "313"}, + {"%k", "15"}, + {"%l", " 3"}, + {"%M", "25"}, + {"%m", "11"}, + {"%n", "\n"}, + {"%p", "PM"}, + {"%S", "05"}, + {"%t", "\t"}, + {"%w", "2"}, + {"%Y", "1999"}, + {"%y", "99"}, + {"%U", "45"}, + {"%W", "45"}, + {"%V", "45"}, + {"%%", "%"}, + {NULL, NULL} + } + } +}; + +int +main(int argc, char **argv) +{ + int i, j; + int ret = 0; + + for (i = 0; i < sizeof(tests)/sizeof(tests[0]); ++i) { + struct tm *tm; + + tm = gmtime (&tests[i].t); + + for (j = 0; tests[i].vals[j].format != NULL; ++j) { + char buf[128]; + size_t len; + struct tm tm2; + char *ptr; + + len = strftime (buf, sizeof(buf), tests[i].vals[j].format, tm); + if (len != strlen (buf)) { + printf ("length of strftime(\"%s\") = %d (\"%s\")\n", + tests[i].vals[j].format, len, + buf); + ++ret; + continue; + } + if (strcmp (buf, tests[i].vals[j].result) != 0) { + printf ("result of strftime(\"%s\") = \"%s\" != \"%s\"\n", + tests[i].vals[j].format, buf, + tests[i].vals[j].result); + ++ret; + continue; + } + memset (&tm2, 0, sizeof(tm2)); + ptr = strptime (tests[i].vals[j].result, + tests[i].vals[j].format, + &tm2); + if (ptr == NULL || *ptr != '\0') { + printf ("bad return value from strptime(" + "\"%s\", \"%s\")\n", + tests[i].vals[j].result, + tests[i].vals[j].format); + ++ret; + } + strftime (buf, sizeof(buf), tests[i].vals[j].format, &tm2); + if (strcmp (buf, tests[i].vals[j].result) != 0) { + printf ("reverse of \"%s\" failed: \"%s\" vs \"%s\"\n", + tests[i].vals[j].format, + buf, tests[i].vals[j].result); + ++ret; + } + } + } + if (ret) { + printf ("%d errors\n", ret); + return 1; + } else + return 0; +} diff --git a/crypto/heimdal/lib/roken/strptime.c b/crypto/heimdal/lib/roken/strptime.c new file mode 100644 index 0000000..36f0822 --- /dev/null +++ b/crypto/heimdal/lib/roken/strptime.c @@ -0,0 +1,444 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of KTH nor the names of its contributors may be + * used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include <ctype.h> +#include "roken.h" + +RCSID("$Id: strptime.c,v 1.2 1999/11/12 15:29:55 assar Exp $"); + +static const char *abb_weekdays[] = { + "Sun", + "Mon", + "Tue", + "Wed", + "Thu", + "Fri", + "Sat", + NULL +}; + +static const char *full_weekdays[] = { + "Sunday", + "Monday", + "Tuesday", + "Wednesday", + "Thursday", + "Friday", + "Saturday", + NULL +}; + +static const char *abb_month[] = { + "Jan", + "Feb", + "Mar", + "Apr", + "May", + "Jun", + "Jul", + "Aug", + "Sep", + "Oct", + "Nov", + "Dec", + NULL +}; + +static const char *full_month[] = { + "January", + "February", + "Mars", + "April", + "May", + "June", + "July", + "August", + "September", + "October", + "November", + "December", + NULL, +}; + +static const char *ampm[] = { + "am", + "pm", + NULL +}; + +/* + * Try to match `*buf' to one of the strings in `strs'. Return the + * index of the matching string (or -1 if none). Also advance buf. + */ + +static int +match_string (const char **buf, const char **strs) +{ + int i = 0; + + for (i = 0; strs[i] != NULL; ++i) { + int len = strlen (strs[i]); + + if (strncasecmp (*buf, strs[i], len) == 0) { + *buf += len; + return i; + } + } + return -1; +} + +/* + * tm_year is relative this year */ + +const int tm_year_base = 1900; + +/* + * Return TRUE iff `year' was a leap year. + */ + +static int +is_leap_year (int year) +{ + return (year % 4) == 0 && ((year % 100) != 0 || (year % 400) == 0); +} + +/* + * Return the weekday [0,6] (0 = Sunday) of the first day of `year' + */ + +static int +first_day (int year) +{ + int ret = 4; + + for (; year > 1970; --year) + ret = (ret + 365 + is_leap_year (year) ? 1 : 0) % 7; + return ret; +} + +/* + * Set `timeptr' given `wnum' (week number [0, 53]) + */ + +static void +set_week_number_sun (struct tm *timeptr, int wnum) +{ + int fday = first_day (timeptr->tm_year + tm_year_base); + + timeptr->tm_yday = wnum * 7 + timeptr->tm_wday - fday; + if (timeptr->tm_yday < 0) { + timeptr->tm_wday = fday; + timeptr->tm_yday = 0; + } +} + +/* + * Set `timeptr' given `wnum' (week number [0, 53]) + */ + +static void +set_week_number_mon (struct tm *timeptr, int wnum) +{ + int fday = (first_day (timeptr->tm_year + tm_year_base) + 6) % 7; + + timeptr->tm_yday = wnum * 7 + (timeptr->tm_wday + 6) % 7 - fday; + if (timeptr->tm_yday < 0) { + timeptr->tm_wday = (fday + 1) % 7; + timeptr->tm_yday = 0; + } +} + +/* + * Set `timeptr' given `wnum' (week number [0, 53]) + */ + +static void +set_week_number_mon4 (struct tm *timeptr, int wnum) +{ + int fday = (first_day (timeptr->tm_year + tm_year_base) + 6) % 7; + int offset = 0; + + if (fday < 4) + offset += 7; + + timeptr->tm_yday = offset + (wnum - 1) * 7 + timeptr->tm_wday - fday; + if (timeptr->tm_yday < 0) { + timeptr->tm_wday = fday; + timeptr->tm_yday = 0; + } +} + +/* + * + */ + +char * +strptime (const char *buf, const char *format, struct tm *timeptr) +{ + char c; + + for (; (c = *format) != '\0'; ++format) { + char *s; + int ret; + + if (isspace (c)) { + while (isspace (*buf)) + ++buf; + } else if (c == '%' && format[1] != '\0') { + c = *++format; + if (c == 'E' || c == 'O') + c = *++format; + switch (c) { + case 'A' : + ret = match_string (&buf, full_weekdays); + if (ret < 0) + return NULL; + timeptr->tm_wday = ret; + break; + case 'a' : + ret = match_string (&buf, abb_weekdays); + if (ret < 0) + return NULL; + timeptr->tm_wday = ret; + break; + case 'B' : + ret = match_string (&buf, full_month); + if (ret < 0) + return NULL; + timeptr->tm_mon = ret; + break; + case 'b' : + case 'h' : + ret = match_string (&buf, abb_month); + if (ret < 0) + return NULL; + timeptr->tm_mon = ret; + break; + case 'C' : + ret = strtol (buf, &s, 10); + if (s == buf) + return NULL; + timeptr->tm_year = (ret * 100) - tm_year_base; + buf = s; + break; + case 'c' : + abort (); + case 'D' : /* %m/%d/%y */ + s = strptime (buf, "%m/%d/%y", timeptr); + if (s == NULL) + return NULL; + buf = s; + break; + case 'd' : + case 'e' : + ret = strtol (buf, &s, 10); + if (s == buf) + return NULL; + timeptr->tm_mday = ret; + buf = s; + break; + case 'H' : + case 'k' : + ret = strtol (buf, &s, 10); + if (s == buf) + return NULL; + timeptr->tm_hour = ret; + buf = s; + break; + case 'I' : + case 'l' : + ret = strtol (buf, &s, 10); + if (s == buf) + return NULL; + if (ret == 12) + timeptr->tm_hour = 0; + else + timeptr->tm_hour = ret; + buf = s; + break; + case 'j' : + ret = strtol (buf, &s, 10); + if (s == buf) + return NULL; + timeptr->tm_yday = ret - 1; + buf = s; + break; + case 'm' : + ret = strtol (buf, &s, 10); + if (s == buf) + return NULL; + timeptr->tm_mon = ret - 1; + buf = s; + break; + case 'M' : + ret = strtol (buf, &s, 10); + if (s == buf) + return NULL; + timeptr->tm_min = ret; + buf = s; + break; + case 'n' : + if (*buf == '\n') + ++buf; + else + return NULL; + break; + case 'p' : + ret = match_string (&buf, ampm); + if (ret < 0) + return NULL; + if (timeptr->tm_hour == 0) { + if (ret == 1) + timeptr->tm_hour = 12; + } else + timeptr->tm_hour += 12; + break; + case 'r' : /* %I:%M:%S %p */ + s = strptime (buf, "%I:%M:%S %p", timeptr); + if (s == NULL) + return NULL; + buf = s; + break; + case 'R' : /* %H:%M */ + s = strptime (buf, "%H:%M", timeptr); + if (s == NULL) + return NULL; + buf = s; + break; + case 'S' : + ret = strtol (buf, &s, 10); + if (s == buf) + return NULL; + timeptr->tm_sec = ret; + buf = s; + break; + case 't' : + if (*buf == '\t') + ++buf; + else + return NULL; + break; + case 'T' : /* %H:%M:%S */ + case 'X' : + s = strptime (buf, "%H:%M:%S", timeptr); + if (s == NULL) + return NULL; + buf = s; + break; + case 'u' : + ret = strtol (buf, &s, 10); + if (s == buf) + return NULL; + timeptr->tm_wday = ret - 1; + buf = s; + break; + case 'w' : + ret = strtol (buf, &s, 10); + if (s == buf) + return NULL; + timeptr->tm_wday = ret; + buf = s; + break; + case 'U' : + ret = strtol (buf, &s, 10); + if (s == buf) + return NULL; + set_week_number_sun (timeptr, ret); + buf = s; + break; + case 'V' : + ret = strtol (buf, &s, 10); + if (s == buf) + return NULL; + set_week_number_mon4 (timeptr, ret); + buf = s; + break; + case 'W' : + ret = strtol (buf, &s, 10); + if (s == buf) + return NULL; + set_week_number_mon (timeptr, ret); + buf = s; + break; + case 'x' : + s = strptime (buf, "%Y:%m:%d", timeptr); + if (s == NULL) + return NULL; + buf = s; + break; + case 'y' : + ret = strtol (buf, &s, 10); + if (s == buf) + return NULL; + if (ret < 70) + timeptr->tm_year = 100 + ret; + else + timeptr->tm_year = ret; + buf = s; + break; + case 'Y' : + ret = strtol (buf, &s, 10); + if (s == buf) + return NULL; + timeptr->tm_year = ret - tm_year_base; + buf = s; + break; + case 'Z' : + abort (); + case '\0' : + --format; + /* FALLTHROUGH */ + case '%' : + if (*buf == '%') + ++buf; + else + return NULL; + break; + default : + if (*buf == '%' || *++buf == c) + ++buf; + else + return NULL; + break; + } + } else { + if (*buf == c) + ++buf; + else + return NULL; + } + } + return (char *)buf; +} diff --git a/crypto/heimdal/lib/roken/strsep.c b/crypto/heimdal/lib/roken/strsep.c new file mode 100644 index 0000000..efc714a --- /dev/null +++ b/crypto/heimdal/lib/roken/strsep.c @@ -0,0 +1,61 @@ +/* + * Copyright (c) 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: strsep.c,v 1.3 1999/12/02 16:58:53 joda Exp $"); +#endif + +#include <string.h> + +#include "roken.h" + +#ifndef HAVE_STRSEP + +char * +strsep(char **str, const char *delim) +{ + char *save = *str; + if(*str == NULL) + return NULL; + *str = *str + strcspn(*str, delim); + if(**str == 0) + *str = NULL; + else{ + **str = 0; + (*str)++; + } + return save; +} + +#endif diff --git a/crypto/heimdal/lib/roken/strtok_r.c b/crypto/heimdal/lib/roken/strtok_r.c new file mode 100644 index 0000000..45b036a --- /dev/null +++ b/crypto/heimdal/lib/roken/strtok_r.c @@ -0,0 +1,65 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: strtok_r.c,v 1.5 1999/12/02 16:58:53 joda Exp $"); +#endif + +#include <string.h> + +#include "roken.h" + +#ifndef HAVE_STRTOK_R + +char * +strtok_r(char *s1, const char *s2, char **lasts) +{ + char *ret; + + if (s1 == NULL) + s1 = *lasts; + while(*s1 && strchr(s2, *s1)) + ++s1; + if(*s1 == '\0') + return NULL; + ret = s1; + while(*s1 && !strchr(s2, *s1)) + ++s1; + if(*s1) + *s1++ = '\0'; + *lasts = s1; + return ret; +} + +#endif /* HAVE_STRTOK_R */ diff --git a/crypto/heimdal/lib/roken/strupr.c b/crypto/heimdal/lib/roken/strupr.c new file mode 100644 index 0000000..96dd042 --- /dev/null +++ b/crypto/heimdal/lib/roken/strupr.c @@ -0,0 +1,53 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: strupr.c,v 1.4 1999/12/02 16:58:53 joda Exp $"); +#endif +#include <string.h> +#include <ctype.h> + +#include <roken.h> + +#ifndef HAVE_STRUPR +char * +strupr(char *str) +{ + char *s; + + for(s = str; *s; s++) + *s = toupper(*s); + return str; +} +#endif diff --git a/crypto/heimdal/lib/roken/swab.c b/crypto/heimdal/lib/roken/swab.c new file mode 100644 index 0000000..c623bd0 --- /dev/null +++ b/crypto/heimdal/lib/roken/swab.c @@ -0,0 +1,54 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include "roken.h" + +#ifndef HAVE_SWAB + +RCSID("$Id: swab.c,v 1.7 1999/12/02 16:58:53 joda Exp $"); + +void +swab (char *from, char *to, int nbytes) +{ + while(nbytes >= 2) { + *(to + 1) = *from; + *to = *(from + 1); + to += 2; + from += 2; + nbytes -= 2; + } +} +#endif diff --git a/crypto/heimdal/lib/roken/tm2time.c b/crypto/heimdal/lib/roken/tm2time.c new file mode 100644 index 0000000..b912e32 --- /dev/null +++ b/crypto/heimdal/lib/roken/tm2time.c @@ -0,0 +1,61 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: tm2time.c,v 1.7 1999/12/02 16:58:53 joda Exp $"); +#endif + +#ifdef TIME_WITH_SYS_TIME +#include <sys/time.h> +#include <time.h> +#elif defined(HAVE_SYS_TIME_H) +#include <sys/time.h> +#else +#include <time.h> +#endif +#include "roken.h" + +time_t +tm2time (struct tm tm, int local) +{ + time_t t; + + tm.tm_isdst = -1; + + t = mktime (&tm); + + if (!local) + t += t - mktime (gmtime (&t)); + return t; +} diff --git a/crypto/heimdal/lib/roken/unsetenv.c b/crypto/heimdal/lib/roken/unsetenv.c new file mode 100644 index 0000000..6d95a51 --- /dev/null +++ b/crypto/heimdal/lib/roken/unsetenv.c @@ -0,0 +1,70 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: unsetenv.c,v 1.7 1999/12/02 16:58:53 joda Exp $"); +#endif + +#include <stdlib.h> +#include <string.h> + +#include "roken.h" + +extern char **environ; + +/* + * unsetenv -- + */ +void +unsetenv(const char *name) +{ + int len; + const char *np; + char **p; + + if (name == 0 || environ == 0) + return; + + for (np = name; *np && *np != '='; np++) + /* nop */; + len = np - name; + + for (p = environ; *p != 0; p++) + if (strncmp(*p, name, len) == 0 && (*p)[len] == '=') + break; + + for (; *p != 0; p++) + *p = *(p + 1); +} + diff --git a/crypto/heimdal/lib/roken/verify.c b/crypto/heimdal/lib/roken/verify.c new file mode 100644 index 0000000..842fa9a --- /dev/null +++ b/crypto/heimdal/lib/roken/verify.c @@ -0,0 +1,62 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: verify.c,v 1.13 1999/12/02 16:58:53 joda Exp $"); +#endif + +#include <stdio.h> +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif +#ifdef HAVE_CRYPT_H +#include <crypt.h> +#endif +#include "roken.h" + +int +unix_verify_user(char *user, char *password) +{ + struct passwd *pw; + + pw = k_getpwnam(user); + if(pw == NULL) + return -1; + if(strlen(pw->pw_passwd) == 0 && strlen(password) == 0) + return 0; + if(strcmp(crypt(password, pw->pw_passwd), pw->pw_passwd) == 0) + return 0; + return -1; +} + diff --git a/crypto/heimdal/lib/roken/verr.c b/crypto/heimdal/lib/roken/verr.c new file mode 100644 index 0000000..511e640 --- /dev/null +++ b/crypto/heimdal/lib/roken/verr.c @@ -0,0 +1,46 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: verr.c,v 1.8 1999/12/02 16:58:53 joda Exp $"); +#endif + +#include "err.h" + +void +verr(int eval, const char *fmt, va_list ap) +{ + warnerr(1, fmt, ap); + exit(eval); +} diff --git a/crypto/heimdal/lib/roken/verrx.c b/crypto/heimdal/lib/roken/verrx.c new file mode 100644 index 0000000..f4578d3 --- /dev/null +++ b/crypto/heimdal/lib/roken/verrx.c @@ -0,0 +1,46 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: verrx.c,v 1.8 1999/12/02 16:58:53 joda Exp $"); +#endif + +#include "err.h" + +void +verrx(int eval, const char *fmt, va_list ap) +{ + warnerr(0, fmt, ap); + exit(eval); +} diff --git a/crypto/heimdal/lib/roken/vsyslog.c b/crypto/heimdal/lib/roken/vsyslog.c new file mode 100644 index 0000000..22e6a35 --- /dev/null +++ b/crypto/heimdal/lib/roken/vsyslog.c @@ -0,0 +1,57 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: vsyslog.c,v 1.3 1999/12/02 16:58:54 joda Exp $"); +#endif + +#ifndef HAVE_VSYSLOG + +#include <stdio.h> +#include <syslog.h> +#include <stdarg.h> + +#include "roken.h" + +void +vsyslog(int pri, const char *fmt, va_list ap) +{ + char *p; + + vasprintf (&p, fmt, ap); + syslog (pri, "%s", p); + free (p); +} + +#endif diff --git a/crypto/heimdal/lib/roken/vwarn.c b/crypto/heimdal/lib/roken/vwarn.c new file mode 100644 index 0000000..15f9a38 --- /dev/null +++ b/crypto/heimdal/lib/roken/vwarn.c @@ -0,0 +1,45 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: vwarn.c,v 1.8 1999/12/02 16:58:54 joda Exp $"); +#endif + +#include "err.h" + +void +vwarn(const char *fmt, va_list ap) +{ + warnerr(1, fmt, ap); +} diff --git a/crypto/heimdal/lib/roken/vwarnx.c b/crypto/heimdal/lib/roken/vwarnx.c new file mode 100644 index 0000000..48f1ffd --- /dev/null +++ b/crypto/heimdal/lib/roken/vwarnx.c @@ -0,0 +1,46 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: vwarnx.c,v 1.8 1999/12/02 16:58:54 joda Exp $"); +#endif + +#include "err.h" + +void +vwarnx(const char *fmt, va_list ap) +{ + warnerr(0, fmt, ap); +} + diff --git a/crypto/heimdal/lib/roken/warn.c b/crypto/heimdal/lib/roken/warn.c new file mode 100644 index 0000000..d8ee335 --- /dev/null +++ b/crypto/heimdal/lib/roken/warn.c @@ -0,0 +1,48 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: warn.c,v 1.6 1999/12/02 16:58:54 joda Exp $"); +#endif + +#include "err.h" + +void +warn(const char *fmt, ...) +{ + va_list ap; + va_start(ap, fmt); + vwarn(fmt, ap); + va_end(ap); +} diff --git a/crypto/heimdal/lib/roken/warnerr.c b/crypto/heimdal/lib/roken/warnerr.c new file mode 100644 index 0000000..4df375d --- /dev/null +++ b/crypto/heimdal/lib/roken/warnerr.c @@ -0,0 +1,79 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: warnerr.c,v 1.8 1999/12/02 16:58:54 joda Exp $"); +#endif + +#include "roken.h" +#include "err.h" + +#ifndef HAVE___PROGNAME +const char *__progname; +#endif + +void +set_progname(char *argv0) +{ +#ifndef HAVE___PROGNAME + char *p; + if(argv0 == NULL) + return; + p = strrchr(argv0, '/'); + if(p == NULL) + p = argv0; + else + p++; + __progname = p; +#endif +} + +void +warnerr(int doerrno, const char *fmt, va_list ap) +{ + int sverrno = errno; + if(__progname != NULL){ + fprintf(stderr, "%s", __progname); + if(fmt != NULL || doerrno) + fprintf(stderr, ": "); + } + if (fmt != NULL){ + vfprintf(stderr, fmt, ap); + if(doerrno) + fprintf(stderr, ": "); + } + if(doerrno) + fprintf(stderr, "%s", strerror(sverrno)); + fprintf(stderr, "\n"); +} diff --git a/crypto/heimdal/lib/roken/warnx.c b/crypto/heimdal/lib/roken/warnx.c new file mode 100644 index 0000000..c991176 --- /dev/null +++ b/crypto/heimdal/lib/roken/warnx.c @@ -0,0 +1,48 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: warnx.c,v 1.6 1999/12/02 16:58:54 joda Exp $"); +#endif + +#include "err.h" + +void +warnx(const char *fmt, ...) +{ + va_list ap; + va_start(ap, fmt); + vwarnx(fmt, ap); + va_end(ap); +} diff --git a/crypto/heimdal/lib/roken/writev.c b/crypto/heimdal/lib/roken/writev.c new file mode 100644 index 0000000..e3859bf --- /dev/null +++ b/crypto/heimdal/lib/roken/writev.c @@ -0,0 +1,64 @@ +/* + * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: writev.c,v 1.3 1999/12/02 16:58:54 joda Exp $"); +#endif + +#include "roken.h" + +ssize_t +writev(int d, const struct iovec *iov, int iovcnt) +{ + ssize_t ret; + size_t tot = 0; + int i; + char *buf, *p; + + for(i = 0; i < iovcnt; ++i) + tot += iov[i].iov_len; + buf = malloc(tot); + if (tot != 0 && buf == NULL) { + errno = ENOMEM; + return -1; + } + p = buf; + for (i = 0; i < iovcnt; ++i) { + memcpy (p, iov[i].iov_base, iov[i].iov_len); + p += iov[i].iov_len; + } + ret = write (d, buf, tot); + free (buf); + return ret; +} diff --git a/crypto/heimdal/lib/roken/xdbm.h b/crypto/heimdal/lib/roken/xdbm.h new file mode 100644 index 0000000..83885b3 --- /dev/null +++ b/crypto/heimdal/lib/roken/xdbm.h @@ -0,0 +1,73 @@ +/* + * Copyright (c) 1995 - 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: xdbm.h,v 1.6 1999/12/02 16:58:54 joda Exp $ */ + +/* Generic *dbm include file */ + +#ifndef __XDBM_H__ +#define __XDBM_H__ + +#ifdef HAVE_NDBM_H +#include <ndbm.h> +#elif defined(HAVE_DBM_H) +#include <dbm.h> +#elif defined(HAVE_RPCSVC_DBM_H) +#include <rpcsvc/dbm.h> +#elif defined(HAVE_DB_H) +#define DB_DBM_HSEARCH 1 +#include <db.h> +#endif + +/* Macros to convert ndbm names to dbm names. + * Note that dbm_nextkey() cannot be simply converted using a macro, since + * it is invoked giving the database, and nextkey() needs the previous key. + * + * Instead, all routines call "dbm_next" instead. + */ + +#ifndef NDBM +typedef char DBM; + +#define dbm_open(file, flags, mode) ((dbminit(file) == 0)?"":((char *)0)) +#define dbm_fetch(db, key) fetch(key) +#define dbm_store(db, key, content, flag) store(key, content) +#define dbm_delete(db, key) delete(key) +#define dbm_firstkey(db) firstkey() +#define dbm_next(db,key) nextkey(key) +#define dbm_close(db) dbmclose() +#else +#define dbm_next(db,key) dbm_nextkey(db) +#endif + +#endif /* __XDBM_H__ */ diff --git a/crypto/heimdal/lib/sl/ChangeLog b/crypto/heimdal/lib/sl/ChangeLog new file mode 100644 index 0000000..eca7217 --- /dev/null +++ b/crypto/heimdal/lib/sl/ChangeLog @@ -0,0 +1,120 @@ +2000-01-06 Assar Westerlund <assar@sics.se> + + * Makefile.am: bump both versions to 0:1:0 + +1999-12-16 Assar Westerlund <assar@sics.se> + + * parse.y (name2number): not used here. remove. + +Thu Apr 1 17:03:59 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * make_cmds.c: use getarg + +Tue Mar 23 14:36:21 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * Makefile.am: don't rename + +Sun Mar 21 14:13:29 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * Makefile.am: don't roken-rename + +Sat Mar 20 03:43:30 1999 Assar Westerlund <assar@sics.se> + + * parse.y: replace return with YYACCEPT + +Fri Mar 19 14:53:20 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * Makefile.am: add libss; add version-info + +Thu Mar 18 15:07:06 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * Makefile.am: clean lex.c parse.c parse.h + + * Makefile.am: install ss.h + + * Makefile.am: include Makefile.am.common + +Thu Mar 11 15:01:01 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * parse.y: prototype for error_message + +Tue Feb 9 23:45:37 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * Makefile.in: add snprintf.o to make_cmds + +Sun Nov 22 10:46:23 1998 Assar Westerlund <assar@sics.se> + + * sl.c (sl_command_loop): remove unused variable + + * ss.c (ss_error): remove unused variable + + * make_cmds.c: include err.h + (main): remove unused variable + + * Makefile.in (WFLAGS): set + +Sun Sep 27 01:28:21 1998 Assar Westerlund <assar@sics.se> + + * make_cmds.c: clean-up and simplification + +Mon May 25 02:54:13 1998 Assar Westerlund <assar@sics.se> + + * Makefile.in (clean): try to remove shared library debris + + * Makefile.in: make symlink magic work + +Sun Apr 19 10:00:26 1998 Assar Westerlund <assar@sics.se> + + * Makefile.in: add symlink magic for linux + +Sun Apr 5 09:21:43 1998 Assar Westerlund <assar@sics.se> + + * parse.y: define alloca to malloc in case we're using bison but + don't have alloca + +Sat Mar 28 11:39:00 1998 Assar Westerlund <assar@sics.se> + + * sl.c (sl_loop): s/2/1 + +Sat Mar 21 00:46:51 1998 Johan Danielsson <joda@emma.pdc.kth.se> + + * sl.c (sl_loop): check that there is at least one argument before + calling sl_command + +Sun Mar 1 05:14:37 1998 Johan Danielsson <joda@emma.pdc.kth.se> + + * sl.c (sl_loop): Fix general broken-ness. + + * sl.c: Cleanup printing of help strings. + +Thu Feb 26 02:22:02 1998 Assar Westerlund <assar@sics.se> + + * Makefile.am: @LEXLIB@ + +Sat Feb 21 15:18:21 1998 assar westerlund <assar@sics.se> + + * Makefile.in: set YACC and LEX + +Mon Feb 16 16:08:25 1998 Johan Danielsson <joda@emma.pdc.kth.se> + + * Makefile.am: Some fixes for ss/mk_cmds. + +Sun Feb 15 05:12:11 1998 Johan Danielsson <joda@emma.pdc.kth.se> + + * Makefile.in: Install libsl under the `libss' name too. Install + mk_cmds, and ss.h. + + * make_cmds.c: A mk_cmds clone that creates SL structures. + + * ss.c: SS compatibility functions. + + * sl.c: Move command line split to function `sl_make_argv'. + +Tue Feb 3 16:45:44 1998 Johan Danielsson <joda@emma.pdc.kth.se> + + * sl.c: Add sl_command_loop, that is the loop body of sl_loop. + +Mon Oct 20 01:13:21 1997 Assar Westerlund <assar@sics.se> + + * sl.c (sl_help): actually use the `help' field of `SL_cmd' + diff --git a/crypto/heimdal/lib/sl/Makefile.am b/crypto/heimdal/lib/sl/Makefile.am new file mode 100644 index 0000000..e572e21 --- /dev/null +++ b/crypto/heimdal/lib/sl/Makefile.am @@ -0,0 +1,44 @@ +# $Id: Makefile.am,v 1.15 2000/01/06 21:52:20 assar Exp $ + +include $(top_srcdir)/Makefile.am.common + +YFLAGS = -d + +include_HEADERS = sl.h + +lib_LTLIBRARIES = libsl.la libss.la +libsl_la_LDFLAGS = -version-info 0:1:0 +libss_la_LDFLAGS = -version-info 0:1:0 + +RENAME_SRC = roken_rename.h strtok_r.c snprintf.c + +libsl_la_SOURCES = sl_locl.h sl.c +libss_la_SOURCES = $(libsl_la_SOURCES) ss.c ss.h + +EXTRA_libsl_la_SOURCES = strtok_r.c snprintf.c roken_rename.h + +# install these? + +noinst_PROGRAMS = mk_cmds + +mk_cmds_SOURCES = make_cmds.c make_cmds.h parse.y lex.l + +RENAME_mk_cmds_SRC = roken_rename.h snprintf.c + +EXTRA_mk_cmds_SOURCES = snprintf.c roken_rename.h + +ssincludedir = $(includedir)/ss +ssinclude_HEADERS = ss.h + +CLEANFILES = lex.c parse.c parse.h snprintf.c strtok_r.c + +$(mk_cmds_OBJECTS): parse.h + +LDADD = \ + $(LIB_roken) \ + $(LEXLIB) + +strtok_r.c: + $(LN_S) $(srcdir)/../roken/strtok_r.c . +snprintf.c: + $(LN_S) $(srcdir)/../roken/snprintf.c . diff --git a/crypto/heimdal/lib/sl/Makefile.in b/crypto/heimdal/lib/sl/Makefile.in new file mode 100644 index 0000000..634cd74 --- /dev/null +++ b/crypto/heimdal/lib/sl/Makefile.in @@ -0,0 +1,737 @@ +# Makefile.in generated automatically by automake 1.4 from Makefile.am + +# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +# $Id: Makefile.am,v 1.15 2000/01/06 21:52:20 assar Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ + + +SHELL = @SHELL@ + +srcdir = @srcdir@ +top_srcdir = @top_srcdir@ +VPATH = @srcdir@ +prefix = @prefix@ +exec_prefix = @exec_prefix@ + +bindir = @bindir@ +sbindir = @sbindir@ +libexecdir = @libexecdir@ +datadir = @datadir@ +sysconfdir = @sysconfdir@ +sharedstatedir = @sharedstatedir@ +localstatedir = @localstatedir@ +libdir = @libdir@ +infodir = @infodir@ +mandir = @mandir@ +includedir = @includedir@ +oldincludedir = /usr/include + +DESTDIR = + +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ + +top_builddir = ../.. + +ACLOCAL = @ACLOCAL@ +AUTOCONF = @AUTOCONF@ +AUTOMAKE = @AUTOMAKE@ +AUTOHEADER = @AUTOHEADER@ + +INSTALL = @INSTALL@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +transform = @program_transform_name@ + +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +host_alias = @host_alias@ +host_triplet = @host@ +AFS_EXTRA_LD = @AFS_EXTRA_LD@ +AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AWK = @AWK@ +CANONICAL_HOST = @CANONICAL_HOST@ +CATMAN = @CATMAN@ +CATMANEXT = @CATMANEXT@ +CC = @CC@ +DBLIB = @DBLIB@ +EXEEXT = @EXEEXT@ +EXTRA_LIB45 = @EXTRA_LIB45@ +GROFF = @GROFF@ +INCLUDE_ = @INCLUDE_@ +LD = @LD@ +LEX = @LEX@ +LIBOBJS = @LIBOBJS@ +LIBTOOL = @LIBTOOL@ +LIB_ = @LIB_@ +LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_kdb = @LIB_kdb@ +LIB_otp = @LIB_otp@ +LIB_roken = @LIB_roken@ +LIB_security = @LIB_security@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ +MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ +MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ +NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ +NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ +NM = @NM@ +NROFF = @NROFF@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +RANLIB = @RANLIB@ +VERSION = @VERSION@ +VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ +WFLAGS = @WFLAGS@ +WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ +WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ +YACC = @YACC@ + +AUTOMAKE_OPTIONS = foreign no-dependencies + +SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x + +INCLUDES = -I$(top_builddir)/include + +AM_CFLAGS = $(WFLAGS) + +COMPILE_ET = $(top_builddir)/lib/com_err/compile_et + +buildinclude = $(top_builddir)/include + +LIB_XauReadAuth = @LIB_XauReadAuth@ +LIB_crypt = @LIB_crypt@ +LIB_dbm_firstkey = @LIB_dbm_firstkey@ +LIB_dbopen = @LIB_dbopen@ +LIB_dlopen = @LIB_dlopen@ +LIB_dn_expand = @LIB_dn_expand@ +LIB_el_init = @LIB_el_init@ +LIB_getattr = @LIB_getattr@ +LIB_gethostbyname = @LIB_gethostbyname@ +LIB_getpwent_r = @LIB_getpwent_r@ +LIB_getpwnam_r = @LIB_getpwnam_r@ +LIB_getsockopt = @LIB_getsockopt@ +LIB_logout = @LIB_logout@ +LIB_logwtmp = @LIB_logwtmp@ +LIB_odm_initialize = @LIB_odm_initialize@ +LIB_readline = @LIB_readline@ +LIB_res_search = @LIB_res_search@ +LIB_setpcred = @LIB_setpcred@ +LIB_setsockopt = @LIB_setsockopt@ +LIB_socket = @LIB_socket@ +LIB_syslog = @LIB_syslog@ +LIB_tgetent = @LIB_tgetent@ + +HESIODLIB = @HESIODLIB@ +HESIODINCLUDE = @HESIODINCLUDE@ +INCLUDE_hesiod = @INCLUDE_hesiod@ +LIB_hesiod = @LIB_hesiod@ + +INCLUDE_krb4 = @INCLUDE_krb4@ +LIB_krb4 = @LIB_krb4@ + +INCLUDE_readline = @INCLUDE_readline@ + +LEXLIB = @LEXLIB@ + +cat1dir = $(mandir)/cat1 +cat3dir = $(mandir)/cat3 +cat5dir = $(mandir)/cat5 +cat8dir = $(mandir)/cat8 + +MANRX = \(.*\)\.\([0-9]\) +CATSUFFIX = @CATSUFFIX@ + +NROFF_MAN = groff -mandoc -Tascii + +@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) + +@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la + +CHECK_LOCAL = $(PROGRAMS) + +YFLAGS = -d + +include_HEADERS = sl.h + +lib_LTLIBRARIES = libsl.la libss.la +libsl_la_LDFLAGS = -version-info 0:1:0 +libss_la_LDFLAGS = -version-info 0:1:0 + +RENAME_SRC = roken_rename.h strtok_r.c snprintf.c + +libsl_la_SOURCES = sl_locl.h sl.c +libss_la_SOURCES = $(libsl_la_SOURCES) ss.c ss.h + +EXTRA_libsl_la_SOURCES = strtok_r.c snprintf.c roken_rename.h + +# install these? + +noinst_PROGRAMS = mk_cmds + +mk_cmds_SOURCES = make_cmds.c make_cmds.h parse.y lex.l + +RENAME_mk_cmds_SRC = roken_rename.h snprintf.c + +EXTRA_mk_cmds_SOURCES = snprintf.c roken_rename.h + +ssincludedir = $(includedir)/ss +ssinclude_HEADERS = ss.h + +CLEANFILES = lex.c parse.c parse.h snprintf.c strtok_r.c + +LDADD = $(LIB_roken) $(LEXLIB) + +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = ../../include/config.h +CONFIG_CLEAN_FILES = +LTLIBRARIES = $(lib_LTLIBRARIES) + + +DEFS = @DEFS@ -I. -I$(srcdir) -I../../include +CPPFLAGS = @CPPFLAGS@ +LDFLAGS = @LDFLAGS@ +LIBS = @LIBS@ +X_CFLAGS = @X_CFLAGS@ +X_LIBS = @X_LIBS@ +X_EXTRA_LIBS = @X_EXTRA_LIBS@ +X_PRE_LIBS = @X_PRE_LIBS@ +libsl_la_LIBADD = +libsl_la_OBJECTS = sl.lo +libss_la_LIBADD = +libss_la_OBJECTS = sl.lo ss.lo +noinst_PROGRAMS = mk_cmds$(EXEEXT) +PROGRAMS = $(noinst_PROGRAMS) + +mk_cmds_OBJECTS = make_cmds.$(OBJEXT) parse.$(OBJEXT) lex.$(OBJEXT) +mk_cmds_LDADD = $(LDADD) +mk_cmds_DEPENDENCIES = +mk_cmds_LDFLAGS = +LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +CFLAGS = @CFLAGS@ +COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +HEADERS = $(include_HEADERS) $(ssinclude_HEADERS) + +DIST_COMMON = ChangeLog Makefile.am Makefile.in lex.c parse.c + + +DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) + +TAR = tar +GZIP_ENV = --best +SOURCES = $(libsl_la_SOURCES) $(EXTRA_libsl_la_SOURCES) $(libss_la_SOURCES) $(mk_cmds_SOURCES) $(EXTRA_mk_cmds_SOURCES) +OBJECTS = $(libsl_la_OBJECTS) $(libss_la_OBJECTS) $(mk_cmds_OBJECTS) + +all: all-redirect +.SUFFIXES: +.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .l .lo .o .obj .s .x .y +$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common + cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/sl/Makefile + +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + cd $(top_builddir) \ + && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status + + +mostlyclean-libLTLIBRARIES: + +clean-libLTLIBRARIES: + -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) + +distclean-libLTLIBRARIES: + +maintainer-clean-libLTLIBRARIES: + +install-libLTLIBRARIES: $(lib_LTLIBRARIES) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(libdir) + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + echo "$(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p"; \ + $(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p; \ + else :; fi; \ + done + +uninstall-libLTLIBRARIES: + @$(NORMAL_UNINSTALL) + list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \ + done + +.c.o: + $(COMPILE) -c $< + +# FIXME: We should only use cygpath when building on Windows, +# and only if it is available. +.c.obj: + $(COMPILE) -c `cygpath -w $<` + +.s.o: + $(COMPILE) -c $< + +.S.o: + $(COMPILE) -c $< + +mostlyclean-compile: + -rm -f *.o core *.core + -rm -f *.$(OBJEXT) + +clean-compile: + +distclean-compile: + -rm -f *.tab.c + +maintainer-clean-compile: + +.c.lo: + $(LIBTOOL) --mode=compile $(COMPILE) -c $< + +.s.lo: + $(LIBTOOL) --mode=compile $(COMPILE) -c $< + +.S.lo: + $(LIBTOOL) --mode=compile $(COMPILE) -c $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +distclean-libtool: + +maintainer-clean-libtool: + +libsl.la: $(libsl_la_OBJECTS) $(libsl_la_DEPENDENCIES) + $(LINK) -rpath $(libdir) $(libsl_la_LDFLAGS) $(libsl_la_OBJECTS) $(libsl_la_LIBADD) $(LIBS) + +libss.la: $(libss_la_OBJECTS) $(libss_la_DEPENDENCIES) + $(LINK) -rpath $(libdir) $(libss_la_LDFLAGS) $(libss_la_OBJECTS) $(libss_la_LIBADD) $(LIBS) + +mostlyclean-noinstPROGRAMS: + +clean-noinstPROGRAMS: + -test -z "$(noinst_PROGRAMS)" || rm -f $(noinst_PROGRAMS) + +distclean-noinstPROGRAMS: + +maintainer-clean-noinstPROGRAMS: + +mk_cmds$(EXEEXT): $(mk_cmds_OBJECTS) $(mk_cmds_DEPENDENCIES) + @rm -f mk_cmds$(EXEEXT) + $(LINK) $(mk_cmds_LDFLAGS) $(mk_cmds_OBJECTS) $(mk_cmds_LDADD) $(LIBS) +.l.c: + $(LEX) $(AM_LFLAGS) $(LFLAGS) $< && mv $(LEX_OUTPUT_ROOT).c $@ +.y.c: + $(YACC) $(AM_YFLAGS) $(YFLAGS) $< && mv y.tab.c $*.c + if test -f y.tab.h; then \ + if cmp -s y.tab.h $*.h; then rm -f y.tab.h; else mv y.tab.h $*.h; fi; \ + else :; fi +parse.h: parse.c + + +install-includeHEADERS: $(include_HEADERS) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(includedir) + @list='$(include_HEADERS)'; for p in $$list; do \ + if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \ + echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p"; \ + $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p; \ + done + +uninstall-includeHEADERS: + @$(NORMAL_UNINSTALL) + list='$(include_HEADERS)'; for p in $$list; do \ + rm -f $(DESTDIR)$(includedir)/$$p; \ + done + +install-ssincludeHEADERS: $(ssinclude_HEADERS) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(ssincludedir) + @list='$(ssinclude_HEADERS)'; for p in $$list; do \ + if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \ + echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(ssincludedir)/$$p"; \ + $(INSTALL_DATA) $$d$$p $(DESTDIR)$(ssincludedir)/$$p; \ + done + +uninstall-ssincludeHEADERS: + @$(NORMAL_UNINSTALL) + list='$(ssinclude_HEADERS)'; for p in $$list; do \ + rm -f $(DESTDIR)$(ssincludedir)/$$p; \ + done + +tags: TAGS + +ID: $(HEADERS) $(SOURCES) $(LISP) + list='$(SOURCES) $(HEADERS)'; \ + unique=`for i in $$list; do echo $$i; done | \ + awk ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + here=`pwd` && cd $(srcdir) \ + && mkid -f$$here/ID $$unique $(LISP) + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS)'; \ + unique=`for i in $$list; do echo $$i; done | \ + awk ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ + || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS) + +mostlyclean-tags: + +clean-tags: + +distclean-tags: + -rm -f TAGS ID + +maintainer-clean-tags: + +distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) + +subdir = lib/sl + +distdir: $(DISTFILES) + @for file in $(DISTFILES); do \ + d=$(srcdir); \ + if test -d $$d/$$file; then \ + cp -pr $$/$$file $(distdir)/$$file; \ + else \ + test -f $(distdir)/$$file \ + || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ + || cp -p $$d/$$file $(distdir)/$$file || :; \ + fi; \ + done + $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook +info-am: +info: info-am +dvi-am: +dvi: dvi-am +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) check-local +check: check-am +installcheck-am: +installcheck: installcheck-am +install-exec-am: install-libLTLIBRARIES + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-exec-hook +install-exec: install-exec-am + +install-data-am: install-includeHEADERS install-ssincludeHEADERS \ + install-data-local +install-data: install-data-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am +install: install-am +uninstall-am: uninstall-libLTLIBRARIES uninstall-includeHEADERS \ + uninstall-ssincludeHEADERS +uninstall: uninstall-am +all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(HEADERS) all-local +all-redirect: all-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install +installdirs: + $(mkinstalldirs) $(DESTDIR)$(libdir) $(DESTDIR)$(includedir) \ + $(DESTDIR)$(ssincludedir) + + +mostlyclean-generic: + +clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) + +distclean-generic: + -rm -f Makefile $(CONFIG_CLEAN_FILES) + -rm -f config.cache config.log stamp-h stamp-h[0-9]* + +maintainer-clean-generic: + -test -z "lexlparsehparsec" || rm -f lexl parseh parsec +mostlyclean-am: mostlyclean-libLTLIBRARIES mostlyclean-compile \ + mostlyclean-libtool mostlyclean-noinstPROGRAMS \ + mostlyclean-tags mostlyclean-generic + +mostlyclean: mostlyclean-am + +clean-am: clean-libLTLIBRARIES clean-compile clean-libtool \ + clean-noinstPROGRAMS clean-tags clean-generic \ + mostlyclean-am + +clean: clean-am + +distclean-am: distclean-libLTLIBRARIES distclean-compile \ + distclean-libtool distclean-noinstPROGRAMS \ + distclean-tags distclean-generic clean-am + -rm -f libtool + +distclean: distclean-am + +maintainer-clean-am: maintainer-clean-libLTLIBRARIES \ + maintainer-clean-compile maintainer-clean-libtool \ + maintainer-clean-noinstPROGRAMS maintainer-clean-tags \ + maintainer-clean-generic distclean-am + @echo "This command is intended for maintainers to use;" + @echo "it deletes files that may require special tools to rebuild." + +maintainer-clean: maintainer-clean-am + +.PHONY: mostlyclean-libLTLIBRARIES distclean-libLTLIBRARIES \ +clean-libLTLIBRARIES maintainer-clean-libLTLIBRARIES \ +uninstall-libLTLIBRARIES install-libLTLIBRARIES mostlyclean-compile \ +distclean-compile clean-compile maintainer-clean-compile \ +mostlyclean-libtool distclean-libtool clean-libtool \ +maintainer-clean-libtool mostlyclean-noinstPROGRAMS \ +distclean-noinstPROGRAMS clean-noinstPROGRAMS \ +maintainer-clean-noinstPROGRAMS uninstall-includeHEADERS \ +install-includeHEADERS uninstall-ssincludeHEADERS \ +install-ssincludeHEADERS tags mostlyclean-tags distclean-tags \ +clean-tags maintainer-clean-tags distdir info-am info dvi-am dvi \ +check-local check check-am installcheck-am installcheck install-exec-am \ +install-exec install-data-local install-data-am install-data install-am \ +install uninstall-am uninstall all-local all-redirect all-am all \ +installdirs mostlyclean-generic distclean-generic clean-generic \ +maintainer-clean-generic clean mostlyclean distclean maintainer-clean + + +install-suid-programs: + @foo='$(bin_SUIDS)'; \ + for file in $$foo; do \ + x=$(DESTDIR)$(bindir)/$$file; \ + if chown 0:0 $$x && chmod u+s $$x; then :; else \ + chmod 0 $$x; fi; done + +install-exec-hook: install-suid-programs + +install-build-headers:: $(include_HEADERS) $(build_HEADERZ) + @foo='$(include_HEADERS) $(build_HEADERZ)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " cp $$file $(buildinclude)/$$f"; \ + cp $$file $(buildinclude)/$$f; \ + fi ; \ + done + +all-local: install-build-headers +#NROFF_MAN = nroff -man +.1.cat1: + $(NROFF_MAN) $< > $@ +.3.cat3: + $(NROFF_MAN) $< > $@ +.5.cat5: + $(NROFF_MAN) $< > $@ +.8.cat8: + $(NROFF_MAN) $< > $@ + +dist-cat1-mans: + @foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat3-mans: + @foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat5-mans: + @foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat8-mans: + @foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans + +install-cat1-mans: + @ext=1;\ + foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat3-mans: + @ext=3;\ + foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat5-mans: + @ext=5;\ + foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat8-mans: + @ext=8;\ + foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans + +install-data-local: install-cat-mans + +.et.h: + $(COMPILE_ET) $< +.et.c: + $(COMPILE_ET) $< + +.x.c: + @cmp -s $< $@ 2> /dev/null || cp $< $@ + +check-local:: + @foo='$(CHECK_LOCAL)'; \ + if test "$$foo"; then \ + failed=0; all=0; \ + for i in $$foo; do \ + all=`expr $$all + 1`; \ + if ./$$i --version > /dev/null 2>&1; then \ + echo "PASS: $$i"; \ + else \ + echo "FAIL: $$i"; \ + failed=`expr $$failed + 1`; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0; \ + fi + +$(mk_cmds_OBJECTS): parse.h + +strtok_r.c: + $(LN_S) $(srcdir)/../roken/strtok_r.c . +snprintf.c: + $(LN_S) $(srcdir)/../roken/snprintf.c . + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/crypto/heimdal/lib/sl/lex.l b/crypto/heimdal/lib/sl/lex.l new file mode 100644 index 0000000..b7c1c44 --- /dev/null +++ b/crypto/heimdal/lib/sl/lex.l @@ -0,0 +1,114 @@ +%{ +/* + * Copyright (c) 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "make_cmds.h" +#include "parse.h" + +RCSID("$Id: lex.l,v 1.3 1999/12/02 16:58:55 joda Exp $"); + +static unsigned lineno = 1; +void error_message(char *, ...); +int getstring(void); + +%} + + +%% +command_table { return TABLE; } +request { return REQUEST; } +unknown { return UNKNOWN; } +unimplemented { return UNIMPLEMENTED; } +end { return END; } +#[^\n]* ; +[ \t] ; +\n { lineno++; } +\" { return getstring(); } +[a-zA-Z0-9_]+ { yylval.string = strdup(yytext); return STRING; } +. { return *yytext; } +%% + +#ifndef yywrap /* XXX */ +int +yywrap () +{ + return 1; +} +#endif + +int +getstring(void) +{ + char x[128]; + int i = 0; + int c; + int backslash = 0; + while((c = input()) != EOF){ + if(backslash) { + if(c == 'n') + c = '\n'; + else if(c == 't') + c = '\t'; + x[i++] = c; + backslash = 0; + continue; + } + if(c == '\n'){ + error_message("unterminated string"); + lineno++; + break; + } + if(c == '\\'){ + backslash++; + continue; + } + if(c == '\"') + break; + x[i++] = c; + } + x[i] = '\0'; + yylval.string = strdup(x); + return STRING; +} + +void +error_message (char *format, ...) +{ + va_list args; + + va_start (args, format); + fprintf (stderr, "%s:%d: ", filename, lineno); + vfprintf (stderr, format, args); + va_end (args); + numerror++; +} diff --git a/crypto/heimdal/lib/sl/make_cmds.c b/crypto/heimdal/lib/sl/make_cmds.c new file mode 100644 index 0000000..492e9e6 --- /dev/null +++ b/crypto/heimdal/lib/sl/make_cmds.c @@ -0,0 +1,240 @@ +/* + * Copyright (c) 1998-1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "make_cmds.h" +#include <getarg.h> + +RCSID("$Id: make_cmds.c,v 1.6 1999/12/02 16:58:55 joda Exp $"); + +#include <roken.h> +#include <err.h> +#include "parse.h" + +int numerror; +extern FILE *yyin; +FILE *c_file; + +extern void yyparse(void); + +#ifdef YYDEBUG +extern int yydebug = 1; +#endif + +char *filename; +char *table_name; + +static struct command_list *commands; + +void +add_command(char *function, + char *help, + struct string_list *aliases, + unsigned flags) +{ + struct command_list *cl = malloc(sizeof(*cl)); + + if (cl == NULL) + err (1, "malloc"); + cl->function = function; + cl->help = help; + cl->aliases = aliases; + cl->flags = flags; + cl->next = NULL; + if(commands) { + *commands->tail = cl; + commands->tail = &cl->next; + return; + } + cl->tail = &cl->next; + commands = cl; +} + +static char * +quote(const char *str) +{ + char buf[1024]; /* XXX */ + const char *p; + char *q; + q = buf; + + *q++ = '\"'; + for(p = str; *p != '\0'; p++) { + if(*p == '\n') { + *q++ = '\\'; + *q++ = 'n'; + continue; + } + if(*p == '\t') { + *q++ = '\\'; + *q++ = 't'; + continue; + } + if(*p == '\"' || *p == '\\') + *q++ = '\\'; + *q++ = *p; + } + *q++ = '\"'; + *q++ = '\0'; + return strdup(buf); +} + +static void +generate_commands(void) +{ + char *base; + char *cfn; + char *p; + + p = strrchr(table_name, '/'); + if(p == NULL) + p = table_name; + else + p++; + + base = strdup (p); + if (base == NULL) + err (1, "strdup"); + + p = strrchr(base, '.'); + if(p) + *p = '\0'; + + asprintf(&cfn, "%s.c", base); + if (cfn == NULL) + err (1, "asprintf"); + + c_file = fopen(cfn, "w"); + if (c_file == NULL) + err (1, "cannot fopen %s", cfn); + + fprintf(c_file, "/* Generated from %s */\n", filename); + fprintf(c_file, "\n"); + fprintf(c_file, "#include <stddef.h>\n"); + fprintf(c_file, "#include <sl.h>\n"); + fprintf(c_file, "\n"); + + { + struct command_list *cl, *xl; + char *p, *q; + + for(cl = commands; cl; cl = cl->next) { + for(xl = commands; xl != cl; xl = xl->next) + if(strcmp(cl->function, xl->function) == 0) + break; + if(xl != cl) + continue; + /* XXX hack for ss_quit */ + if(strcmp(cl->function, "ss_quit") == 0) { + fprintf(c_file, "int %s (int, char**);\n", cl->function); + fprintf(c_file, "#define _ss_quit_wrap ss_quit\n\n"); + continue; + } + fprintf(c_file, "void %s (int, char**);\n", cl->function); + fprintf(c_file, "static int _%s_wrap (int argc, char **argv)\n", + cl->function); + fprintf(c_file, "{\n"); + fprintf(c_file, " %s (argc, argv);\n", cl->function); + fprintf(c_file, " return 0;\n"); + fprintf(c_file, "}\n\n"); + } + + fprintf(c_file, "SL_cmd %s[] = {\n", table_name); + for(cl = commands; cl; cl = cl->next) { + struct string_list *sl; + sl = cl->aliases; + p = quote(sl->string); + q = quote(cl->help); + fprintf(c_file, " { %s, _%s_wrap, %s },\n", p, cl->function, q); + free(p); + free(q); + + for(sl = sl->next; sl; sl = sl->next) { + p = quote(sl->string); + fprintf(c_file, " { %s },\n", p); + free(p); + } + } + fprintf(c_file, " { NULL },\n"); + fprintf(c_file, "};\n"); + fprintf(c_file, "\n"); + } + fclose(c_file); + free(base); + free(cfn); +} + +int version_flag; +int help_flag; +struct getargs args[] = { + { "version", 0, arg_flag, &version_flag }, + { "help", 0, arg_flag, &help_flag } +}; +int num_args = sizeof(args) / sizeof(args[0]); + +static void +usage(int code) +{ + arg_printusage(args, num_args, NULL, "command-table"); + exit(code); +} + +int +main(int argc, char **argv) +{ + int optind = 0; + + set_progname(argv[0]); + if(getarg(args, num_args, argc, argv, &optind)) + usage(1); + if(help_flag) + usage(0); + if(version_flag) { + print_version(NULL); + exit(0); + } + + if(argc == optind) + usage(1); + filename = argv[optind]; + yyin = fopen(filename, "r"); + if(yyin == NULL) + err(1, "%s", filename); + + yyparse(); + + generate_commands(); + + if(numerror) + return 1; + return 0; +} diff --git a/crypto/heimdal/lib/sl/make_cmds.h b/crypto/heimdal/lib/sl/make_cmds.h new file mode 100644 index 0000000..24dbd60 --- /dev/null +++ b/crypto/heimdal/lib/sl/make_cmds.h @@ -0,0 +1,69 @@ +/* + * Copyright (c) 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: make_cmds.h,v 1.2 1999/12/02 16:58:55 joda Exp $ */ + +#ifndef __MAKE_CMDS_H__ +#define __MAKE_CMDS_H__ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + +#include <stdio.h> +#include <string.h> +#include <stdlib.h> +#include <stdarg.h> + +extern char *filename; +extern char *table_name; +extern int numerror; + +struct command_list { + char *function; + char *help; + struct string_list *aliases; + unsigned flags; + struct command_list *next; + struct command_list **tail; +}; + +struct string_list { + char *string; + struct string_list *next; + struct string_list **tail; +}; + +void add_command(char*, char*, struct string_list*, unsigned); + +#endif /* __MAKE_CMDS_H__ */ diff --git a/crypto/heimdal/lib/sl/parse.y b/crypto/heimdal/lib/sl/parse.y new file mode 100644 index 0000000..18ef5ca --- /dev/null +++ b/crypto/heimdal/lib/sl/parse.y @@ -0,0 +1,168 @@ +%{ +/* + * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "make_cmds.h" +RCSID("$Id: parse.y,v 1.6 1999/12/16 10:34:11 assar Exp $"); + +void yyerror (char *s); +void error_message(char *, ...); + +struct string_list* append_string(struct string_list*, char*); +void free_string_list(struct string_list *list); +unsigned string_to_flag(const char *); + +/* This is for bison */ + +#if !defined(alloca) && !defined(HAVE_ALLOCA) +#define alloca(x) malloc(x) +#endif + +%} + +%union { + char *string; + unsigned number; + struct string_list *list; +} + +%token TABLE REQUEST UNKNOWN UNIMPLEMENTED END +%token <string> STRING +%type <number> flag flags +%type <list> aliases + +%% + +file : /* */ + | statements + ; + +statements : statement + | statements statement + ; + +statement : TABLE STRING ';' + { + table_name = $2; + } + | REQUEST STRING ',' STRING ',' aliases ',' '(' flags ')' ';' + { + add_command($2, $4, $6, $9); + } + | REQUEST STRING ',' STRING ',' aliases ';' + { + add_command($2, $4, $6, 0); + } + | UNIMPLEMENTED STRING ',' STRING ',' aliases ';' + { + free($2); + free($4); + free_string_list($6); + } + | UNKNOWN aliases ';' + { + free_string_list($2); + } + | END ';' + { + YYACCEPT; + } + ; + +aliases : STRING + { + $$ = append_string(NULL, $1); + } + | aliases ',' STRING + { + $$ = append_string($1, $3); + } + ; + +flags : flag + { + $$ = $1; + } + | flags ',' flag + { + $$ = $1 | $3; + } + ; +flag : STRING + { + $$ = string_to_flag($1); + free($1); + } + ; + + + +%% + +void +yyerror (char *s) +{ + error_message ("%s\n", s); +} + +struct string_list* +append_string(struct string_list *list, char *str) +{ + struct string_list *sl = malloc(sizeof(*sl)); + sl->string = str; + sl->next = NULL; + if(list) { + *list->tail = sl; + list->tail = &sl->next; + return list; + } + sl->tail = &sl->next; + return sl; +} + +void +free_string_list(struct string_list *list) +{ + while(list) { + struct string_list *sl = list->next; + free(list->string); + free(list); + list = sl; + } +} + +unsigned +string_to_flag(const char *string) +{ + return 0; +} diff --git a/crypto/heimdal/lib/sl/roken_rename.h b/crypto/heimdal/lib/sl/roken_rename.h new file mode 100644 index 0000000..c668802 --- /dev/null +++ b/crypto/heimdal/lib/sl/roken_rename.h @@ -0,0 +1,61 @@ +/* + * Copyright (c) 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: roken_rename.h,v 1.3 1999/12/02 16:58:55 joda Exp $ */ + +#ifndef __roken_rename_h__ +#define __roken_rename_h__ + +#ifndef HAVE_STRTOK_R +#define strtok_r _sl_strtok_r +#endif +#ifndef HAVE_SNPRINTF +#define snprintf _sl_snprintf +#endif +#ifndef HAVE_ASPRINTF +#define asprintf _sl_asprintf +#endif +#ifndef HAVE_ASNPRINTF +#define asnprintf _sl_asnprintf +#endif +#ifndef HAVE_VASPRINTF +#define vasprintf _sl_vasprintf +#endif +#ifndef HAVE_VASNPRINTF +#define vasnprintf _sl_vasnprintf +#endif +#ifndef HAVE_VSNPRINTF +#define vsnprintf _sl_vsnprintf +#endif + +#endif /* __roken_rename_h__ */ diff --git a/crypto/heimdal/lib/sl/sl.c b/crypto/heimdal/lib/sl/sl.c new file mode 100644 index 0000000..688ca8b --- /dev/null +++ b/crypto/heimdal/lib/sl/sl.c @@ -0,0 +1,223 @@ +/* + * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: sl.c,v 1.25 1999/12/02 16:58:55 joda Exp $"); +#endif + +#include "sl_locl.h" + +static SL_cmd * +sl_match (SL_cmd *cmds, char *cmd, int exactp) +{ + SL_cmd *c, *current = NULL, *partial_cmd = NULL; + int partial_match = 0; + + for (c = cmds; c->name; ++c) { + if (c->func) + current = c; + if (strcmp (cmd, c->name) == 0) + return current; + else if (strncmp (cmd, c->name, strlen(cmd)) == 0 && + partial_cmd != current) { + ++partial_match; + partial_cmd = current; + } + } + if (partial_match == 1 && !exactp) + return partial_cmd; + else + return NULL; +} + +void +sl_help (SL_cmd *cmds, int argc, char **argv) +{ + SL_cmd *c, *prev_c; + + if (argc == 1) { + prev_c = NULL; + for (c = cmds; c->name; ++c) { + if (c->func) { + if(prev_c) + printf ("\n\t%s%s", prev_c->usage ? prev_c->usage : "", + prev_c->usage ? "\n" : ""); + prev_c = c; + printf ("%s", c->name); + } else + printf (", %s", c->name); + } + if(prev_c) + printf ("\n\t%s%s", prev_c->usage ? prev_c->usage : "", + prev_c->usage ? "\n" : ""); + } else { + c = sl_match (cmds, argv[1], 0); + if (c == NULL) + printf ("No such command: %s. " + "Try \"help\" for a list of all commands\n", + argv[1]); + else { + printf ("%s\t%s\n", c->name, c->usage); + if(c->help && *c->help) + printf ("%s\n", c->help); + if((++c)->name && c->func == NULL) { + printf ("Synonyms:"); + while (c->name && c->func == NULL) + printf ("\t%s", (c++)->name); + printf ("\n"); + } + } + } +} + +#ifdef HAVE_READLINE + +char *readline(char *prompt); +void add_history(char *p); + +#else + +static char * +readline(char *prompt) +{ + char buf[BUFSIZ]; + printf ("%s", prompt); + fflush (stdout); + if(fgets(buf, sizeof(buf), stdin) == NULL) + return NULL; + if (buf[strlen(buf) - 1] == '\n') + buf[strlen(buf) - 1] = '\0'; + return strdup(buf); +} + +static void +add_history(char *p) +{ +} + +#endif + +int +sl_command(SL_cmd *cmds, int argc, char **argv) +{ + SL_cmd *c; + c = sl_match (cmds, argv[0], 0); + if (c == NULL) + return -1; + return (*c->func)(argc, argv); +} + +struct sl_data { + int max_count; + char **ptr; +}; + +int +sl_make_argv(char *line, int *ret_argc, char ***ret_argv) +{ + char *foo = NULL; + char *p; + int argc, nargv; + char **argv; + + nargv = 10; + argv = malloc(nargv * sizeof(*argv)); + if(argv == NULL) + return ENOMEM; + argc = 0; + + for(p = strtok_r (line, " \t", &foo); + p; + p = strtok_r (NULL, " \t", &foo)) { + if(argc == nargv - 1) { + char **tmp; + nargv *= 2; + tmp = realloc (argv, nargv * sizeof(*argv)); + if (tmp == NULL) { + free(argv); + return ENOMEM; + } + argv = tmp; + } + argv[argc++] = p; + } + argv[argc] = NULL; + *ret_argc = argc; + *ret_argv = argv; + return 0; +} + +/* return values: 0 on success, -1 on fatal error, or return value of command */ +int +sl_command_loop(SL_cmd *cmds, char *prompt, void **data) +{ + int ret = 0; + char *buf; + int argc; + char **argv; + + ret = 0; + buf = readline(prompt); + if(buf == NULL) + return 1; + + if(*buf) + add_history(buf); + ret = sl_make_argv(buf, &argc, &argv); + if(ret) { + fprintf(stderr, "sl_loop: out of memory\n"); + free(buf); + return -1; + } + if (argc >= 1) { + ret = sl_command(cmds, argc, argv); + if(ret == -1) { + printf ("Unrecognized command: %s\n", argv[0]); + ret = 0; + } + } + free(buf); + free(argv); + return ret; +} + +int +sl_loop(SL_cmd *cmds, char *prompt) +{ + void *data = NULL; + int ret; + while((ret = sl_command_loop(cmds, prompt, &data)) == 0) + ; + return ret; +} diff --git a/crypto/heimdal/lib/sl/sl.h b/crypto/heimdal/lib/sl/sl.h new file mode 100644 index 0000000..1a6d3fa --- /dev/null +++ b/crypto/heimdal/lib/sl/sl.h @@ -0,0 +1,57 @@ +/* + * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: sl.h,v 1.7 1999/12/02 16:58:55 joda Exp $ */ + +#ifndef _SL_H +#define _SL_H + +typedef int (*cmd_func)(int, char **); + +struct sl_cmd { + char *name; + cmd_func func; + char *usage; + char *help; +}; + +typedef struct sl_cmd SL_cmd; + +void sl_help (SL_cmd *, int argc, char **argv); +int sl_loop (SL_cmd *, char *prompt); +int sl_command_loop (SL_cmd *cmds, char *prompt, void **data); +int sl_command (SL_cmd *cmds, int argc, char **argv); +int sl_make_argv(char*, int*, char***); + + +#endif /* _SL_H */ diff --git a/crypto/heimdal/lib/sl/sl_locl.h b/crypto/heimdal/lib/sl/sl_locl.h new file mode 100644 index 0000000..4bd9660 --- /dev/null +++ b/crypto/heimdal/lib/sl/sl_locl.h @@ -0,0 +1,46 @@ +/* + * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: sl_locl.h,v 1.6 1999/12/02 16:58:55 joda Exp $ */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <stdarg.h> + +#include <roken.h> + +#include <sl.h> diff --git a/crypto/heimdal/lib/sl/ss.c b/crypto/heimdal/lib/sl/ss.c new file mode 100644 index 0000000..f3c0546 --- /dev/null +++ b/crypto/heimdal/lib/sl/ss.c @@ -0,0 +1,133 @@ +/* + * Copyright (c) 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "sl_locl.h" +#include <com_err.h> +#include "ss.h" + +RCSID("$Id: ss.c,v 1.4 1999/12/02 16:58:55 joda Exp $"); + +struct ss_subst { + char *name; + char *version; + char *info; + ss_request_table *table; +}; + +static struct ss_subst subsystems[2]; +static int num_subsystems; + +int +ss_create_invocation(const char *subsystem, + const char *version, + const char *info, + ss_request_table *table, + int *code) +{ + struct ss_subst *ss; + if(num_subsystems >= sizeof(subsystems) / sizeof(subsystems[0])) { + *code = 17; + return 0; + } + ss = &subsystems[num_subsystems]; + ss->name = subsystem ? strdup(subsystem) : NULL; + ss->version = version ? strdup(version) : NULL; + ss->info = info ? strdup(info) : NULL; + ss->table = table; + *code = 0; + return num_subsystems++; +} + +void +ss_error (int index, long code, const char *fmt, ...) +{ + va_list ap; + va_start(ap, fmt); + com_err_va (subsystems[index].name, code, fmt, ap); + va_end(ap); +} + +void +ss_perror (int index, long code, const char *msg) +{ + ss_error(index, code, "%s", msg); +} + +int +ss_execute_command(int index, char **argv) +{ + int argc = 0; + while(argv[argc++]); + sl_command(subsystems[index].table, argc, argv); + return 0; +} + +int +ss_execute_line (int index, const char *line) +{ + char *buf = strdup(line); + int argc; + char **argv; + + sl_make_argv(buf, &argc, &argv); + sl_command(subsystems[index].table, argc, argv); + free(buf); + return 0; +} + +int +ss_listen (int index) +{ + char *prompt = malloc(strlen(subsystems[index].name) + 3); + if(prompt == NULL) { + abort(); + } + strcpy(prompt, subsystems[index].name); + strcat(prompt, ": "); + sl_loop(subsystems[index].table, prompt); + free(prompt); + return 0; +} + +int +ss_list_requests(int argc, char **argv /* , int index, void *info */) +{ + sl_help(subsystems[0 /* index */].table, argc, argv); + return 0; +} + +int +ss_quit(int argc, char **argv) +{ + return 1; +} diff --git a/crypto/heimdal/lib/sl/ss.h b/crypto/heimdal/lib/sl/ss.h new file mode 100644 index 0000000..0d9d297 --- /dev/null +++ b/crypto/heimdal/lib/sl/ss.h @@ -0,0 +1,55 @@ +/* + * Copyright (c) 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ +/* $Id: ss.h,v 1.2 1999/12/02 16:58:55 joda Exp $ */ + +/* SS compatibility for SL */ + +#ifndef __ss_h__ +#define __ss_h__ + +#include <sl.h> + +typedef SL_cmd ss_request_table; + +int ss_create_invocation (const char *, const char *, const char*, + ss_request_table*, int*); + +void ss_error (int, long, const char*, ...); +int ss_execute_command (int, char**); +int ss_execute_line (int, const char*); +int ss_list_requests (int argc, char**); +int ss_listen (int); +void ss_perror (int, long, const char*); +int ss_quit (int argc, char**); + +#endif /* __ss_h__ */ |
