diff options
Diffstat (limited to 'crypto/kerberosIV/lib/kadm')
| -rw-r--r-- | crypto/kerberosIV/lib/kadm/Makefile.in | 126 | ||||
| -rw-r--r-- | crypto/kerberosIV/lib/kadm/check_password.c | 55 | ||||
| -rw-r--r-- | crypto/kerberosIV/lib/kadm/kadm.h | 156 | ||||
| -rw-r--r-- | crypto/kerberosIV/lib/kadm/kadm_cli_wrap.c | 632 | ||||
| -rw-r--r-- | crypto/kerberosIV/lib/kadm/kadm_err.et | 67 | ||||
| -rw-r--r-- | crypto/kerberosIV/lib/kadm/kadm_locl.h | 91 | ||||
| -rw-r--r-- | crypto/kerberosIV/lib/kadm/kadm_stream.c | 353 | ||||
| -rw-r--r-- | crypto/kerberosIV/lib/kadm/kadm_supp.c | 188 |
8 files changed, 0 insertions, 1668 deletions
diff --git a/crypto/kerberosIV/lib/kadm/Makefile.in b/crypto/kerberosIV/lib/kadm/Makefile.in deleted file mode 100644 index 7f610c0..0000000 --- a/crypto/kerberosIV/lib/kadm/Makefile.in +++ /dev/null @@ -1,126 +0,0 @@ -# -# $Id: Makefile.in,v 1.47.4.1 2000/06/23 03:20:01 assar Exp $ -# - -SHELL = /bin/sh - -srcdir = @srcdir@ -VPATH = @srcdir@ - -CC = @CC@ -LINK = @LINK@ -AR = ar -RANLIB = @RANLIB@ -CP = cp -LN_S = @LN_S@ -DEFS = @DEFS@ -DROKEN_RENAME -CFLAGS = @CFLAGS@ $(WFLAGS) -WFLAGS = @WFLAGS@ - -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -MKINSTALLDIRS = @top_srcdir@/mkinstalldirs - -COMPILE_ET = ../com_err/compile_et - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -libdir = @libdir@ - -top_builddir = ../.. - -includedir = @includedir@ - -incdir = $(includedir) -inc_DATA = kadm_err.h -idir = $(top_builddir)/include - -PICFLAGS = @PICFLAGS@ - -@lib_deps_yes@LIB_DEPS = -L../krb -lkrb \ -@lib_deps_yes@ -L../des -ldes \ -@lib_deps_yes@ -lc -@lib_deps_no@LIB_DEPS = - -build_symlink_command = @build_symlink_command@ -install_symlink_command = @install_symlink_command@ - -LIBNAME = $(LIBPREFIX)kadm -LIBEXT = @LIBEXT@ -LIBPREFIX = @LIBPREFIX@ -EXECSUFFIX = @EXECSUFFIX@ -SHLIBEXT = @SHLIBEXT@ -LDSHARED = @LDSHARED@ -LIB = $(LIBNAME).$(LIBEXT) - -SOURCES = kadm_cli_wrap.c kadm_err.c kadm_stream.c kadm_supp.c check_password.c - -OBJECTS = kadm_cli_wrap.o kadm_err.o kadm_stream.o kadm_supp.o check_password.o - -all: $(LIB) all-local - -Wall: - make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" - -.c.o: - $(CC) -c $(DEFS) -I. -I../../include -I$(srcdir) $(CFLAGS) $(CPPFLAGS) $(PICFLAGS) $< - -install: all - $(MKINSTALLDIRS) $(DESTDIR)$(libdir) - $(INSTALL_DATA) $(LIB) $(DESTDIR)$(libdir)/$(LIB) - @install_symlink_command@ - $(MKINSTALLDIRS) $(DESTDIR)$(includedir) - @for i in $(inc_DATA); do \ - echo " $(INSTALL_DATA) $$i $(DESTDIR)$(incdir)/$$i";\ - $(INSTALL_DATA) $$i $(DESTDIR)$(incdir)/$$i; done - -uninstall: - rm -f $(DESTDIR)$(libdir)/$(LIB) - @for i in $(inc_DATA); do \ - echo " rm -f $(DESTDIR)$(incdir)/$$i";\ - rm -f $(DESTDIR)$(incdir)/$$i; done - -TAGS: $(SOURCES) - etags $(SOURCES) - -check: - -clean: - rm -f $(LIB) *.o *.a *.so *.so.* so_locations kadm_err.c kadm_err.h - -mostlyclean: clean - -distclean: clean - rm -f Makefile *.tab.c *~ roken_rename.h - -realclean: distclean - rm -f TAGS - -$(LIBNAME).a: $(OBJECTS) - rm -f $@ - $(AR) cr $@ $(OBJECTS) - -$(RANLIB) $@ - -$(LIBNAME).$(SHLIBEXT): $(OBJECTS) - rm -f $@ - $(LDSHARED) -o $@ $(OBJECTS) $(LIB_DEPS) - @build_symlink_command@ - -kadm_err.c kadm_err.h: $(srcdir)/kadm_err.et - $(COMPILE_ET) $(srcdir)/kadm_err.et - -$(OBJECTS): ../../include/config.h roken_rename.h -$(OBJECTS): kadm_err.h kadm_locl.h - -roken_rename.h: - $(LN_S) $(srcdir)/../krb/roken_rename.h . - -all-local: $(inc_DATA) - @for i in $(inc_DATA); do \ - if cmp -s $$i $(idir)/$$i 2> /dev/null ; then :; else\ - echo " $(CP) $$i $(idir)/$$i"; \ - $(CP) $$i $(idir)/$$i; \ - fi ; \ - done - -.PHONY: all Wall install uninstall check clean mostlyclean distclean realclean all-local diff --git a/crypto/kerberosIV/lib/kadm/check_password.c b/crypto/kerberosIV/lib/kadm/check_password.c deleted file mode 100644 index ba6ba48..0000000 --- a/crypto/kerberosIV/lib/kadm/check_password.c +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm_locl.h" -RCSID("$Id: check_password.c,v 1.3 1999/12/02 16:58:39 joda Exp $"); - -/* This is a client side password check. Should perhaps be merged with - kadmind version that lives in pw_check.c */ - -int -kadm_check_pw (const char *password) -{ - const char *t; - if (strlen(password) == 0) - return KADM_PASS_Q_NULL; - if (strlen(password) < MIN_KPW_LEN) - return KADM_PASS_Q_TOOSHORT; - - /* Don't allow all lower case passwords regardless of length */ - for (t = password; *t && islower((unsigned char)*t); t++) - ; - if (*t == '\0') - return KADM_PASS_Q_CLASS; - return 0; -} diff --git a/crypto/kerberosIV/lib/kadm/kadm.h b/crypto/kerberosIV/lib/kadm/kadm.h deleted file mode 100644 index fd3d75b..0000000 --- a/crypto/kerberosIV/lib/kadm/kadm.h +++ /dev/null @@ -1,156 +0,0 @@ -/* - * $Id: kadm.h,v 1.17 1998/10/23 14:25:55 joda Exp $ - * - * Copyright 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - * Definitions for Kerberos administration server & client - */ - -#ifndef KADM_DEFS -#define KADM_DEFS - -/* - * kadm.h - * Header file for the fourth attempt at an admin server - * Doug Church, December 28, 1989, MIT Project Athena - */ - -#include <krb_db.h> - -/* The global structures for the client and server */ -typedef struct { - struct sockaddr_in admin_addr; - struct sockaddr_in my_addr; - int my_addr_len; - int admin_fd; /* file descriptor for link to admin server */ - char sname[ANAME_SZ]; /* the service name */ - char sinst[INST_SZ]; /* the services instance */ - char krbrlm[REALM_SZ]; -} Kadm_Client; - -typedef struct { /* status of the server, i.e the parameters */ - int inter; /* Space for command line flags */ - char *sysfile; /* filename of server */ -} admin_params; /* Well... it's the admin's parameters */ - -/* Largest password length to be supported */ -#define MAX_KPW_LEN 128 -/* Minimum allowed password length */ -#define MIN_KPW_LEN 6 - -/* Largest packet the admin server will ever allow itself to return */ -#define KADM_RET_MAX 2048 - -/* That's right, versions are 8 byte strings */ -#define KADM_VERSTR "KADM0.0A" -#define KADM_ULOSE "KYOULOSE" /* sent back when server can't - decrypt client's msg */ -#define KADM_VERSIZE strlen(KADM_VERSTR) - -/* the lookups for the server instances */ -#define PWSERV_NAME "changepw" -#define KADM_SNAME "kerberos_master" -#define KADM_PORT 751 -#define KADM_SINST "kerberos" - -/* Attributes fields constants and macros */ -#define ALLOC 2 -#define RESERVED 3 -#define DEALLOC 4 -#define DEACTIVATED 5 -#define ACTIVE 6 - -/* Kadm_vals structure for passing db fields into the server routines */ -#define FLDSZ 4 - -/* XXX enable new extended kadm fields */ -#define EXTENDED_KADM 1 - -typedef struct { - u_int8_t fields[FLDSZ]; /* The active fields in this struct */ - char name[ANAME_SZ]; - char instance[INST_SZ]; - u_int32_t key_low; - u_int32_t key_high; - u_int32_t exp_date; - u_int16_t attributes; - u_int8_t max_life; -#ifdef EXTENDED_KADM - u_int32_t mod_date; - char mod_name[ANAME_SZ]; - char mod_instance[INST_SZ]; - u_int8_t key_version; -#endif -} Kadm_vals; /* The basic values structure in Kadm */ - -/* Need to define fields types here */ -#define KADM_NAME 31 -#define KADM_INST 30 -#define KADM_EXPDATE 29 -#define KADM_ATTR 28 -#define KADM_MAXLIFE 27 -#define KADM_DESKEY 26 - -#ifdef EXTENDED_KADM -#define KADM_MODDATE 25 -#define KADM_MODNAME 24 -#define KADM_MODINST 23 -#define KADM_KVNO 22 -#endif - -/* To set a field entry f in a fields structure d */ -#define SET_FIELD(f,d) (d[3-(f/8)]|=(1<<(f%8))) - -/* To set a field entry f in a fields structure d */ -#define CLEAR_FIELD(f,d) (d[3-(f/8)]&=(~(1<<(f%8)))) - -/* Is field f in fields structure d */ -#define IS_FIELD(f,d) (d[3-(f/8)]&(1<<(f%8))) - -/* Various return codes */ -#define KADM_SUCCESS 0 - -#define WILDCARD_STR "*" - -enum acl_types { -ADDACL, -GETACL, -MODACL, -STABACL, /* not used */ -DELACL -}; - -/* Various opcodes for the admin server's functions */ -#define CHANGE_PW 2 -#define ADD_ENT 3 -#define MOD_ENT 4 -#define GET_ENT 5 -#define CHECK_PW 6 /* not used */ -#define CHG_STAB 7 /* not used */ -#define DEL_ENT 8 - -void prin_vals __P((Kadm_vals *)); -int stv_long __P((u_char *, u_int32_t *, int, int)); -int vts_long __P((u_int32_t, u_char **, int)); -int vts_string __P((char *, u_char **, int)); -int stv_string __P((u_char *, char *, int, int, int)); - -int stream_to_vals __P((u_char *, Kadm_vals *, int)); -int vals_to_stream __P((Kadm_vals *, u_char **)); - -int kadm_init_link __P((char *, char *, char *)); -int kadm_change_pw __P((unsigned char *)); -int kadm_change_pw_plain __P((unsigned char *, char *, char**)); -int kadm_change_pw2 __P((unsigned char *, char *, char**)); -int kadm_mod __P((Kadm_vals *, Kadm_vals *)); -int kadm_get __P((Kadm_vals *, u_char *)); -int kadm_add __P((Kadm_vals *)); -int kadm_del __P((Kadm_vals *)); -void kadm_vals_to_prin __P((u_char *, Principal *, Kadm_vals *)); -void kadm_prin_to_vals __P((u_char *, Kadm_vals *, Principal *)); -int kadm_check_pw __P((const char*)); - -#endif /* KADM_DEFS */ diff --git a/crypto/kerberosIV/lib/kadm/kadm_cli_wrap.c b/crypto/kerberosIV/lib/kadm/kadm_cli_wrap.c deleted file mode 100644 index 7208487..0000000 --- a/crypto/kerberosIV/lib/kadm/kadm_cli_wrap.c +++ /dev/null @@ -1,632 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -/* - * Kerberos administration server client-side routines - */ - -/* - * kadm_cli_wrap.c the client side wrapping of the calls to the admin server - */ - -#include "kadm_locl.h" - -/* RCSID("$Id: kadm_cli_wrap.c,v 1.27 1999/09/16 20:41:46 assar Exp $");*/ -RCSID("$FreeBSD$"); - -static Kadm_Client client_parm; - -/* Macros for use in returning data... used in kadm_cli_send */ -#define RET_N_FREE(r) {clear_secrets(); free(act_st); free(priv_pak); return r;} - -/* Keys for use in the transactions */ -static des_cblock sess_key; /* to be filled in by kadm_cli_keyd */ -static des_key_schedule sess_sched; - -static void -clear_secrets(void) -{ - memset(sess_key, 0, sizeof(sess_key)); - memset(sess_sched, 0, sizeof(sess_sched)); -} - -static RETSIGTYPE (*opipe)(); - -static void -kadm_cli_disconn(void) -{ - close(client_parm.admin_fd); - signal(SIGPIPE, opipe); -} - -/* - * kadm_init_link - * receives : name, inst, realm - * - * initializes client parm, the Kadm_Client structure which holds the - * data about the connection between the server and client, the services - * used, the locations and other fun things - */ - -int -kadm_init_link(char *n, char *i, char *r) -{ - struct hostent *hop; /* host we will talk to */ - char adm_hostname[MaxHostNameLen]; - - init_kadm_err_tbl(); - init_krb_err_tbl(); - strlcpy(client_parm.sname, n, ANAME_SZ); - strlcpy(client_parm.sinst, i, INST_SZ); - strlcpy(client_parm.krbrlm, r, REALM_SZ); - client_parm.admin_fd = -1; - - /* set up the admin_addr - fetch name of admin host */ - if (krb_get_admhst(adm_hostname, client_parm.krbrlm, 1) != KSUCCESS) - return KADM_NO_HOST; - if ((hop = gethostbyname(adm_hostname)) == NULL) - return KADM_UNK_HOST; - memset(&client_parm.admin_addr, 0, sizeof(client_parm.admin_addr)); - client_parm.admin_addr.sin_port = - k_getportbyname(KADM_SNAME, "tcp", htons(KADM_PORT)); - client_parm.admin_addr.sin_family = hop->h_addrtype; - memcpy(&client_parm.admin_addr.sin_addr, hop->h_addr, - sizeof(client_parm.admin_addr.sin_addr)); - - return KADM_SUCCESS; -} - -static int -kadm_cli_conn(void) -{ /* this connects and sets my_addr */ - client_parm.admin_fd = - socket(client_parm.admin_addr.sin_family, SOCK_STREAM, 0); - - if (client_parm.admin_fd < 0) - return KADM_NO_SOCK; /* couldn't create the socket */ - if (connect(client_parm.admin_fd, - (struct sockaddr *) & client_parm.admin_addr, - sizeof(client_parm.admin_addr))) { - close(client_parm.admin_fd); - client_parm.admin_fd = -1; - return KADM_NO_CONN; /* couldn't get the connect */ - } - opipe = signal(SIGPIPE, SIG_IGN); - client_parm.my_addr_len = sizeof(client_parm.my_addr); - if (getsockname(client_parm.admin_fd, - (struct sockaddr *) & client_parm.my_addr, - &client_parm.my_addr_len) < 0) { - close(client_parm.admin_fd); - client_parm.admin_fd = -1; - signal(SIGPIPE, opipe); - return KADM_NO_HERE; /* couldn't find out who we are */ - } -#if defined(SO_KEEPALIVE) && defined(HAVE_SETSOCKOPT) - { - int on = 1; - - if (setsockopt(client_parm.admin_fd, SOL_SOCKET, SO_KEEPALIVE, - (void *)&on, - sizeof(on)) < 0) { - close(client_parm.admin_fd); - client_parm.admin_fd = -1; - signal(SIGPIPE, opipe); - return KADM_NO_CONN; /* XXX */ - } - } -#endif - return KADM_SUCCESS; -} - -/* takes in the sess_key and key_schedule and sets them appropriately */ -static int -kadm_cli_keyd(des_cblock (*s_k), /* session key */ - des_key_schedule s_s) /* session key schedule */ -{ - CREDENTIALS cred; /* to get key data */ - int stat; - - /* want .sname and .sinst here.... */ - if ((stat = krb_get_cred(client_parm.sname, client_parm.sinst, - client_parm.krbrlm, &cred))) - return stat + krb_err_base; - memcpy(s_k, cred.session, sizeof(des_cblock)); - memset(cred.session, 0, sizeof(des_cblock)); -#ifdef NOENCRYPTION - memset(s_s, 0, sizeof(des_key_schedule)); -#else - if ((stat = des_key_sched(s_k,s_s))) - return stat+krb_err_base; -#endif - return KADM_SUCCESS; -} /* This code "works" */ - -static int -kadm_cli_out(u_char *dat, int dat_len, u_char **ret_dat, int *ret_siz) -{ - u_int16_t dlen; - int retval; - char tmp[4]; - - *ret_dat = NULL; - *ret_siz = 0; - dlen = (u_int16_t) dat_len; - - if (dat_len != (int)dlen) - return (KADM_NO_ROOM); - - tmp[0] = (dlen >> 8) & 0xff; - tmp[1] = dlen & 0xff; - if (krb_net_write(client_parm.admin_fd, tmp, 2) != 2) - return (errno); /* XXX */ - - if (krb_net_write(client_parm.admin_fd, dat, dat_len) < 0) - return (errno); /* XXX */ - - - if ((retval = krb_net_read(client_parm.admin_fd, tmp, 2)) != 2){ - if (retval < 0) - return(errno); /* XXX */ - else - return(EPIPE); /* short read ! */ - } - dlen = (tmp[0] << 8) | tmp[1]; - - *ret_dat = malloc(dlen); - if (*ret_dat == NULL) - return(KADM_NOMEM); - - if ((retval = krb_net_read(client_parm.admin_fd, *ret_dat, - dlen) != dlen)) { - free(*ret_dat); - *ret_dat = NULL; - if (retval < 0) - return(errno); /* XXX */ - else - return(EPIPE); /* short read ! */ - } - *ret_siz = (int) dlen; - return KADM_SUCCESS; -} - -/* - * kadm_cli_send - * recieves : opcode, packet, packet length, serv_name, serv_inst - * returns : return code from the packet build, the server, or - * something else - * - * It assembles a packet as follows: - * 8 bytes : VERSION STRING - * 4 bytes : LENGTH OF MESSAGE DATA and OPCODE - * : KTEXT - * : OPCODE \ - * : DATA > Encrypted (with make priv) - * : ...... / - * - * If it builds the packet and it is small enough, then it attempts to open the - * connection to the admin server. If the connection is succesfully open - * then it sends the data and waits for a reply. - */ -static int -kadm_cli_send(u_char *st_dat, /* the actual data */ - int st_siz, /* length of said data */ - u_char **ret_dat, /* to give return info */ - int *ret_siz) /* length of returned info */ -{ - int act_len, retdat; /* current offset into packet, return - * data */ - KTEXT_ST authent; /* the authenticator we will build */ - u_char *act_st; /* the pointer to the complete packet */ - u_char *priv_pak; /* private version of the packet */ - int priv_len; /* length of private packet */ - u_int32_t cksum; /* checksum of the packet */ - MSG_DAT mdat; - u_char *return_dat; - int tmp; - void *tmp_ptr; - - *ret_dat = NULL; - *ret_siz = 0; - - act_st = malloc(KADM_VERSIZE); /* verstr stored first */ - if (act_st == NULL) { - clear_secrets (); - return KADM_NOMEM; - } - memcpy(act_st, KADM_VERSTR, KADM_VERSIZE); - act_len = KADM_VERSIZE; - - if ((retdat = kadm_cli_keyd(&sess_key, sess_sched)) != KADM_SUCCESS) { - free(act_st); - clear_secrets(); - return retdat; /* couldnt get key working */ - } - priv_pak = malloc(st_siz + 200); - /* 200 bytes for extra info case */ - if (priv_pak == NULL) { - free(act_st); - clear_secrets (); - return KADM_NOMEM; - } - priv_len = krb_mk_priv(st_dat, priv_pak, st_siz, - sess_sched, &sess_key, &client_parm.my_addr, - &client_parm.admin_addr); - - if (priv_len < 0) - RET_N_FREE(KADM_NO_ENCRYPT); /* whoops... we got a lose - * here */ - /* here is the length of priv data. receiver calcs - size of authenticator by subtracting vno size, priv size, and - sizeof(u_int32_t) (for the size indication) from total size */ - - tmp = vts_long(priv_len, &act_st, act_len); - if (tmp < 0) - RET_N_FREE(KADM_NOMEM); - act_len += tmp; -#ifdef NOENCRYPTION - cksum = 0; -#else - cksum = des_quad_cksum((des_cblock *)priv_pak, - (des_cblock *)0, priv_len, 0, - &sess_key); -#endif - - retdat = krb_mk_req(&authent, client_parm.sname, client_parm.sinst, - client_parm.krbrlm, cksum); - - if (retdat) { - /* authenticator? */ - RET_N_FREE(retdat + krb_err_base); - } - - tmp_ptr = realloc(act_st, - act_len + authent.length + priv_len); - if (tmp_ptr == NULL) { - clear_secrets(); - free (priv_pak); - free (act_st); - return KADM_NOMEM; - } - act_st = tmp_ptr; - memcpy(act_st + act_len, authent.dat, authent.length); - memcpy(act_st + act_len + authent.length, priv_pak, priv_len); - free(priv_pak); - retdat = kadm_cli_out(act_st, - act_len + authent.length + priv_len, - ret_dat, ret_siz); - free(act_st); - if (retdat != KADM_SUCCESS) { - clear_secrets(); - return retdat; - } -#define RET_N_FREE2(r) {free(*ret_dat); *ret_dat = NULL; clear_secrets(); return(r);} - - /* first see if it's a YOULOUSE */ - if ((*ret_siz >= KADM_VERSIZE) && - !strncmp(KADM_ULOSE, (char *)*ret_dat, KADM_VERSIZE)) { - unsigned char *p; - /* it's a youlose packet */ - if (*ret_siz < KADM_VERSIZE + 4) - RET_N_FREE2(KADM_BAD_VER); - p = (*ret_dat)+KADM_VERSIZE; - retdat = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]; - RET_N_FREE2(retdat); - } - /* need to decode the ret_dat */ - retdat = krb_rd_priv(*ret_dat, (u_int32_t)*ret_siz, sess_sched, - &sess_key, &client_parm.admin_addr, - &client_parm.my_addr, &mdat); - if (retdat) - RET_N_FREE2(retdat+krb_err_base); - if (mdat.app_length < KADM_VERSIZE + 4) - /* too short! */ - RET_N_FREE2(KADM_BAD_VER); - if (strncmp((char *)mdat.app_data, KADM_VERSTR, KADM_VERSIZE)) - /* bad version */ - RET_N_FREE2(KADM_BAD_VER); - { - unsigned char *p = mdat.app_data+KADM_VERSIZE; - retdat = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]; - } - { - int s = mdat.app_length - KADM_VERSIZE - 4; - - if(s <= 0) - s=1; - return_dat = malloc(s); - if (return_dat == NULL) - RET_N_FREE2(KADM_NOMEM); - } - memcpy(return_dat, - (char *) mdat.app_data + KADM_VERSIZE + 4, - mdat.app_length - KADM_VERSIZE - 4); - free(*ret_dat); - clear_secrets(); - *ret_dat = return_dat; - *ret_siz = mdat.app_length - KADM_VERSIZE - 4; - return retdat; -} - - - -/* - * kadm_change_pw_plain - * - * see kadm_change_pw - * - */ -int kadm_change_pw_plain(unsigned char *newkey, char *password, char **pw_msg) -{ - int stsize, retc; /* stream size and return code */ - u_char *send_st; /* send stream */ - u_char *ret_st; - int ret_sz; - int status; - static char msg[128]; - - /* possible problem with vts_long on a non-multiple of four boundary */ - - stsize = 0; /* start of our output packet */ - send_st = malloc(9); - if (send_st == NULL) - return KADM_NOMEM; - send_st[stsize++] = (u_char) CHANGE_PW; - memcpy(send_st + stsize + 4, newkey, 4); /* yes, this is backwards */ - memcpy(send_st + stsize, newkey + 4, 4); - stsize += 8; - - /* change key to stream */ - - if(password && *password) { - int tmp = vts_string(password, &send_st, stsize); - - if (tmp < 0) { - free(send_st); - return KADM_NOMEM; - } - stsize += tmp; - } - - if ((retc = kadm_cli_conn()) != KADM_SUCCESS) { - free(send_st); - return(retc); - } - retc = kadm_cli_send(send_st, stsize, &ret_st, &ret_sz); - free(send_st); - - if(retc != KADM_SUCCESS){ - status = stv_string(ret_st, msg, 0, sizeof(msg), ret_sz); - if(status<0) - msg[0]=0; - *pw_msg=msg; - } - free(ret_st); - - kadm_cli_disconn(); - return(retc); -} - -/* - * This function is here for compatibility with CNS - */ - -int kadm_change_pw2(unsigned char *newkey, char *password, char **pw_msg) -{ - return kadm_change_pw_plain (newkey, password, pw_msg); -} - - -/* - * kadm_change_pw - * recieves : key - * - * Replaces the password (i.e. des key) of the caller with that specified in - * key. Returns no actual data from the master server, since this is called - * by a user - */ - -int kadm_change_pw(unsigned char *newkey) -{ - char *pw_msg; - return kadm_change_pw_plain(newkey, "", &pw_msg); -} - -/* - * kadm_add - * receives : vals - * returns : vals - * - * Adds and entry containing values to the database returns the values of the - * entry, so if you leave certain fields blank you will be able to determine - * the default values they are set to - */ -int -kadm_add(Kadm_vals *vals) -{ - u_char *st, *st2; /* st will hold the stream of values */ - int st_len; /* st2 the final stream with opcode */ - int retc; /* return code from call */ - u_char *ret_st; - int ret_sz; - - st_len = vals_to_stream(vals, &st); - st2 = malloc(1 + st_len); - if (st2 == NULL) { - free(st); - return KADM_NOMEM; - } - *st2 = (u_char) ADD_ENT; /* here's the opcode */ - memcpy((char *) st2 + 1, st, st_len); /* append st on */ - free(st); - - if ((retc = kadm_cli_conn()) != KADM_SUCCESS) { - free(st2); - return(retc); - } - retc = kadm_cli_send(st2, st_len + 1, &ret_st, &ret_sz); - free(st2); - if (retc == KADM_SUCCESS) { - /* ret_st has vals */ - if (stream_to_vals(ret_st, vals, ret_sz) < 0) - retc = KADM_LENGTH_ERROR; - } - free(ret_st); - kadm_cli_disconn(); - return(retc); -} - -/* - * kadm_mod - * receives : KTEXT, {values, values} - * returns : CKSUM, RETCODE, {values} - * acl : su, sms (as register or dealloc) - * - * Modifies all entries corresponding to the first values so they match the - * second values. returns the values for the changed entries in vals2 - */ -int -kadm_mod(Kadm_vals *vals1, Kadm_vals *vals2) -{ - u_char *st, *st2; /* st will hold the stream of values */ - int st_len, nlen; /* st2 the final stream with opcode */ - u_char *ret_st; - int ret_sz; - void *tmp_ptr; - - /* nlen is the length of second vals */ - int retc; /* return code from call */ - - st_len = vals_to_stream(vals1, &st); - st2 = malloc(1 + st_len); - if (st2 == NULL) { - free(st); - return KADM_NOMEM; - } - *st2 = (u_char) MOD_ENT; /* here's the opcode */ - memcpy((char *)st2 + 1, st, st_len++); /* append st on */ - free(st); - nlen = vals_to_stream(vals2, &st); - tmp_ptr = realloc(st2, st_len + nlen); - if (tmp_ptr == NULL) { - free(st); - free(st2); - return KADM_NOMEM; - } - st2 = tmp_ptr; - memcpy((char *) st2 + st_len, st, nlen); /* append st on */ - free(st); - - if ((retc = kadm_cli_conn()) != KADM_SUCCESS) { - free(st2); - return(retc); - } - - retc = kadm_cli_send(st2, st_len + nlen, &ret_st, &ret_sz); - free(st2); - if (retc == KADM_SUCCESS) { - /* ret_st has vals */ - if (stream_to_vals(ret_st, vals2, ret_sz) < 0) - retc = KADM_LENGTH_ERROR; - } - free(ret_st); - kadm_cli_disconn(); - return(retc); -} - - -int -kadm_del(Kadm_vals *vals) -{ - unsigned char *st, *st2; /* st will hold the stream of values */ - int st_len; /* st2 the final stream with opcode */ - int retc; /* return code from call */ - u_char *ret_st; - int ret_sz; - - st_len = vals_to_stream(vals, &st); - st2 = malloc(st_len + 1); - if (st2 == NULL) { - free(st); - return KADM_NOMEM; - } - *st2 = DEL_ENT; /* here's the opcode */ - memcpy(st2 + 1, st, st_len); /* append st on */ - free (st); - - if ((retc = kadm_cli_conn()) != KADM_SUCCESS) { - free(st2); - return(retc); - } - retc = kadm_cli_send(st2, st_len + 1, &ret_st, &ret_sz); - free(st2); - free(ret_st); - kadm_cli_disconn(); - return(retc); -} - - -/* - * kadm_get - * receives : KTEXT, {values, flags} - * returns : CKSUM, RETCODE, {count, values, values, values} - * acl : su - * - * gets the fields requested by flags from all entries matching values returns - * this data for each matching recipient, after a count of how many such - * matches there were - */ -int -kadm_get(Kadm_vals *vals, u_char *fl) -{ - int loop; /* for copying the fields data */ - u_char *st, *st2; /* st will hold the stream of values */ - int st_len; /* st2 the final stream with opcode */ - int retc; /* return code from call */ - u_char *ret_st; - int ret_sz; - - st_len = vals_to_stream(vals, &st); - st2 = malloc(1 + st_len + FLDSZ); - if (st2 == NULL) { - free(st); - return KADM_NOMEM; - } - *st2 = (u_char) GET_ENT; /* here's the opcode */ - memcpy((char *)st2 + 1, st, st_len); /* append st on */ - free(st); - for (loop = FLDSZ - 1; loop >= 0; loop--) - *(st2 + st_len + FLDSZ - loop) = fl[loop]; /* append the flags */ - - if ((retc = kadm_cli_conn()) != KADM_SUCCESS) { - free(st2); - return(retc); - } - retc = kadm_cli_send(st2, st_len + 1 + FLDSZ, &ret_st, &ret_sz); - free(st2); - if (retc == KADM_SUCCESS) { - /* ret_st has vals */ - if (stream_to_vals(ret_st, vals, ret_sz) < 0) - retc = KADM_LENGTH_ERROR; - } - free(ret_st); - kadm_cli_disconn(); - return(retc); -} diff --git a/crypto/kerberosIV/lib/kadm/kadm_err.et b/crypto/kerberosIV/lib/kadm/kadm_err.et deleted file mode 100644 index 097e87c..0000000 --- a/crypto/kerberosIV/lib/kadm/kadm_err.et +++ /dev/null @@ -1,67 +0,0 @@ -# $Id: kadm_err.et,v 1.5 1998/01/16 23:11:27 joda Exp $ -# -# Copyright 1988 by the Massachusetts Institute of Technology. -# -# For copying and distribution information, please see the file -# <mit-copyright.h>. -# -# Kerberos administration server error table -# -# $FreeBSD$ -# - et kadm - -# KADM_SUCCESS, as all success codes should be, is zero - -ec KADM_RCSID, "$Id: kadm_err.et,v 1.5 1998/01/16 23:11:27 joda Exp $" -# /* Building and unbuilding the packet errors */ -ec KADM_NO_REALM, "Cannot fetch local realm" -ec KADM_NO_CRED, "Unable to fetch credentials" -ec KADM_BAD_KEY, "Bad key supplied" -ec KADM_NO_ENCRYPT, "Can't encrypt data" -ec KADM_NO_AUTH, "Cannot encode/decode authentication info" -ec KADM_WRONG_REALM, "Principal attemping change is in wrong realm" -ec KADM_NO_ROOM, "Packet is too large" -ec KADM_BAD_VER, "Version number is incorrect" -ec KADM_BAD_CHK, "Checksum does not match" -ec KADM_NO_READ, "Unsealing private data failed" -ec KADM_NO_OPCODE, "Unsupported operation" -ec KADM_NO_HOST, "Could not find administrating host" -ec KADM_UNK_HOST, "Administrating host name is unknown" -ec KADM_NO_SERV, "Could not find service name in services database" -ec KADM_NO_SOCK, "Could not create socket" -ec KADM_NO_CONN, "Could not connect to server" -ec KADM_NO_HERE, "Could not fetch local socket address" -ec KADM_NO_MAST, "Could not fetch master key" -ec KADM_NO_VERI, "Could not verify master key" - -# /* From the server side routines */ -ec KADM_INUSE, "Entry already exists in database" -ec KADM_UK_SERROR, "Database store error" -ec KADM_UK_RERROR, "Database read error" -ec KADM_UNAUTH, "Insufficient access to perform requested operation" -# KADM_DATA isn't really an error, but... -ec KADM_DATA, "Data is available for return to client" -ec KADM_NOENTRY, "No such entry in the database" - -ec KADM_NOMEM, "Memory exhausted" -ec KADM_NO_HOSTNAME, "Could not fetch system hostname" -ec KADM_NO_BIND, "Could not bind port" -ec KADM_LENGTH_ERROR, "Length mismatch problem" -ec KADM_ILL_WILDCARD, "Illegal use of wildcard" - -ec KADM_DB_INUSE, "Database is locked or in use--try again later" - -ec KADM_INSECURE_PW, "Insecure password rejected" -ec KADM_PW_MISMATCH, "Cleartext password and DES key did not match" - -ec KADM_NOT_SERV_PRINC, "Invalid principal for change srvtab request" -ec KADM_IMMUTABLE, "Attempt do delete immutable principal" -# password quality basically stolen from OV libkadm5 -index 64 -prefix KADM_PASS_Q -ec NULL, "Null passwords are not allowed" -ec TOOSHORT, "Password is too short" -ec CLASS, "Too few character classes in password" -ec DICT, "Password is in the password dictionary" -end diff --git a/crypto/kerberosIV/lib/kadm/kadm_locl.h b/crypto/kerberosIV/lib/kadm/kadm_locl.h deleted file mode 100644 index 53f6d9a..0000000 --- a/crypto/kerberosIV/lib/kadm/kadm_locl.h +++ /dev/null @@ -1,91 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: kadm_locl.h,v 1.12 1999/12/02 16:58:39 joda Exp $ */ -/* $FreeBSD$ */ - -#include "config.h" -#include "protos.h" - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <ctype.h> -#ifdef HAVE_UNISTD_H -#include <unistd.h> -#endif -#include <signal.h> -#include <time.h> -#include <errno.h> - -#ifdef HAVE_SYS_TYPES_H -#include <sys/types.h> -#endif -#ifdef HAVE_SYS_SOCKET_H -#include <sys/socket.h> -#endif -#ifdef HAVE_NETINET_IN_H -#include <netinet/in.h> -#endif -#ifdef HAVE_NETDB_H -#include <netdb.h> -#endif - -#ifdef SOCKS -#include <socks.h> -/* This doesn't belong here. */ -struct tm *localtime(const time_t *); -struct hostent *gethostbyname(const char *); -#endif - -#include <roken.h> - -#define OPENSSL_DES_LIBDES_COMPATIBILITY -#include <openssl/des.h> -#include <krb.h> -#include <krb_err.h> -#include <krb_db.h> -#include <kadm.h> -#include <kadm_err.h> - -int vts_long __P((u_int32_t, u_char **, int)); -int vals_to_stream __P((Kadm_vals *, u_char **)); -int stream_to_vals __P((u_char *, Kadm_vals *, int)); - -int kadm_init_link __P((char n[], char i[], char r[])); -int kadm_change_pw __P((des_cblock)); -int kadm_add __P((Kadm_vals *)); -int kadm_mod __P((Kadm_vals *, Kadm_vals *)); -int kadm_get __P((Kadm_vals *, u_char fl[4])); - - diff --git a/crypto/kerberosIV/lib/kadm/kadm_stream.c b/crypto/kerberosIV/lib/kadm/kadm_stream.c deleted file mode 100644 index d890164..0000000 --- a/crypto/kerberosIV/lib/kadm/kadm_stream.c +++ /dev/null @@ -1,353 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -/* - * Stream conversion functions for Kerberos administration server - */ - -/* - kadm_stream.c - this holds the stream support routines for the kerberos administration server - - vals_to_stream: converts a vals struct to a stream for transmission - internals build_field_header, vts_[string, char, long, short] - stream_to_vals: converts a stream to a vals struct - internals check_field_header, stv_[string, char, long, short] - error: prints out a kadm error message, returns - fatal: prints out a kadm fatal error message, exits -*/ - -#include "kadm_locl.h" - -RCSID("$Id: kadm_stream.c,v 1.13 1998/10/22 15:38:01 joda Exp $"); - -static int -build_field_header(u_char *cont, /* container for fields data */ - u_char **st) /* stream */ -{ - *st = malloc (4); - if (*st == NULL) - return -1; - memcpy(*st, cont, 4); - return 4; /* return pointer to current stream location */ -} - -static int -check_field_header(u_char *st, /* stream */ - u_char *cont, /* container for fields data */ - int maxlen) -{ - if (4 > maxlen) - return(-1); - memcpy(cont, st, 4); - return 4; /* return pointer to current stream location */ -} - -int -vts_string(char *dat, /* a string to put on the stream */ - u_char **st, /* base pointer to the stream */ - int loc) /* offset into the stream for current data */ -{ - void *tmp; - - tmp = realloc(*st, loc + strlen(dat) + 1); - if(tmp == NULL) - return -1; - memcpy((char *)tmp + loc, dat, strlen(dat)+1); - *st = tmp; - return strlen(dat)+1; -} - - -static int -vts_short(u_int16_t dat, /* the attributes field */ - u_char **st, /* a base pointer to the stream */ - int loc) /* offset into the stream for current data */ -{ - unsigned char *p; - - p = realloc(*st, loc + 2); - if(p == NULL) - return -1; - p[loc] = (dat >> 8) & 0xff; - p[loc+1] = dat & 0xff; - *st = p; - return 2; -} - -static int -vts_char(u_char dat, /* the attributes field */ - u_char **st, /* a base pointer to the stream */ - int loc) /* offset into the stream for current data */ -{ - unsigned char *p; - - p = realloc(*st, loc + 1); - - if(p == NULL) - return -1; - p[loc] = dat; - *st = p; - return 1; -} - -int -vts_long(u_int32_t dat, /* the attributes field */ - u_char **st, /* a base pointer to the stream */ - int loc) /* offset into the stream for current data */ -{ - unsigned char *p; - - p = realloc(*st, loc + 4); - if(p == NULL) - return -1; - p[loc] = (dat >> 24) & 0xff; - p[loc+1] = (dat >> 16) & 0xff; - p[loc+2] = (dat >> 8) & 0xff; - p[loc+3] = dat & 0xff; - *st = p; - return 4; -} - -int -stv_string(u_char *st, /* base pointer to the stream */ - char *dat, /* a string to read from the stream */ - int loc, /* offset into the stream for current data */ - int stlen, /* max length of string to copy in */ - int maxlen) /* max length of input stream */ -{ - int maxcount; /* max count of chars to copy */ - int len; - - maxcount = min(maxlen - loc, stlen); - - if(maxcount <= 0) - return -1; - - len = strnlen ((char *)st + loc, maxlen - loc); - - if (len >= stlen) - return -1; - - memcpy(dat, st + loc, len); - dat[len] = '\0'; - return len + 1; -} - -static int -stv_short(u_char *st, /* a base pointer to the stream */ - u_int16_t *dat, /* the attributes field */ - int loc, /* offset into the stream for current data */ - int maxlen) -{ - if (maxlen - loc < 2) - return -1; - - *dat = (st[loc] << 8) | st[loc + 1]; - return 2; -} - -int -stv_long(u_char *st, /* a base pointer to the stream */ - u_int32_t *dat, /* the attributes field */ - int loc, /* offset into the stream for current data */ - int maxlen) /* maximum length of st */ -{ - if (maxlen - loc < 4) - return -1; - - *dat = (st[loc] << 24) | (st[loc+1] << 16) | (st[loc+2] << 8) | st[loc+3]; - return 4; -} - -static int -stv_char(u_char *st, /* a base pointer to the stream */ - u_char *dat, /* the attributes field */ - int loc, /* offset into the stream for current data */ - int maxlen) -{ - if (maxlen - loc < 1) - return -1; - - *dat = st[loc]; - return 1; -} - -/* -vals_to_stream - recieves : kadm_vals *, u_char * - returns : a realloced and filled in u_char * - -this function creates a byte-stream representation of the kadm_vals structure -*/ -int -vals_to_stream(Kadm_vals *dt_in, u_char **dt_out) -{ - int vsloop, stsize; /* loop counter, stream size */ - - stsize = build_field_header(dt_in->fields, dt_out); - if (stsize < 0) - return stsize; - for (vsloop=31; vsloop>=0; vsloop--) - if (IS_FIELD(vsloop,dt_in->fields)) { - int tmp = 0; - - switch (vsloop) { - case KADM_NAME: - tmp = vts_string(dt_in->name, dt_out, stsize); - break; - case KADM_INST: - tmp = vts_string(dt_in->instance, dt_out, stsize); - break; - case KADM_EXPDATE: - tmp = vts_long(dt_in->exp_date, dt_out, stsize); - break; - case KADM_ATTR: - tmp = vts_short(dt_in->attributes, dt_out, stsize); - break; - case KADM_MAXLIFE: - tmp = vts_char(dt_in->max_life, dt_out, stsize); - break; - case KADM_DESKEY: - tmp = vts_long(dt_in->key_high, dt_out, stsize); - if(tmp > 0) - tmp += vts_long(dt_in->key_low, dt_out, stsize + tmp); - break; -#ifdef EXTENDED_KADM - case KADM_MODDATE: - tmp = vts_long(dt_in->mod_date, dt_out, stsize); - break; - case KADM_MODNAME: - tmp = vts_string(dt_in->mod_name, dt_out, stsize); - break; - case KADM_MODINST: - tmp = vts_string(dt_in->mod_instance, dt_out, stsize); - break; - case KADM_KVNO: - tmp = vts_char(dt_in->key_version, dt_out, stsize); - break; -#endif - default: - break; - } - if (tmp < 0) { - free(*dt_out); - return tmp; - } - stsize += tmp; - } - return(stsize); -} - -/* -stream_to_vals - recieves : u_char *, kadm_vals * - returns : a kadm_vals filled in according to u_char * - -this decodes a byte stream represntation of a vals struct into kadm_vals -*/ -int -stream_to_vals(u_char *dt_in, - Kadm_vals *dt_out, - int maxlen) /* max length to use */ -{ - int vsloop, stsize; /* loop counter, stream size */ - int status; - - memset(dt_out, 0, sizeof(*dt_out)); - - stsize = check_field_header(dt_in, dt_out->fields, maxlen); - if (stsize < 0) - return(-1); - for (vsloop=31; vsloop>=0; vsloop--) - if (IS_FIELD(vsloop,dt_out->fields)) - switch (vsloop) { - case KADM_NAME: - if ((status = stv_string(dt_in, dt_out->name, stsize, - sizeof(dt_out->name), maxlen)) < 0) - return(-1); - stsize += status; - break; - case KADM_INST: - if ((status = stv_string(dt_in, dt_out->instance, stsize, - sizeof(dt_out->instance), maxlen)) < 0) - return(-1); - stsize += status; - break; - case KADM_EXPDATE: - if ((status = stv_long(dt_in, &dt_out->exp_date, stsize, - maxlen)) < 0) - return(-1); - stsize += status; - break; - case KADM_ATTR: - if ((status = stv_short(dt_in, &dt_out->attributes, stsize, - maxlen)) < 0) - return(-1); - stsize += status; - break; - case KADM_MAXLIFE: - if ((status = stv_char(dt_in, &dt_out->max_life, stsize, - maxlen)) < 0) - return(-1); - stsize += status; - break; - case KADM_DESKEY: - if ((status = stv_long(dt_in, &dt_out->key_high, stsize, - maxlen)) < 0) - return(-1); - stsize += status; - if ((status = stv_long(dt_in, &dt_out->key_low, stsize, - maxlen)) < 0) - return(-1); - stsize += status; - break; -#ifdef EXTENDED_KADM - case KADM_MODDATE: - if ((status = stv_long(dt_in, &dt_out->mod_date, stsize, - maxlen)) < 0) - return(-1); - stsize += status; - break; - case KADM_MODNAME: - if ((status = stv_string(dt_in, dt_out->mod_name, stsize, - sizeof(dt_out->mod_name), maxlen)) < 0) - return(-1); - stsize += status; - break; - case KADM_MODINST: - if ((status = stv_string(dt_in, dt_out->mod_instance, stsize, - sizeof(dt_out->mod_instance), maxlen)) < 0) - return(-1); - stsize += status; - break; - case KADM_KVNO: - if ((status = stv_char(dt_in, &dt_out->key_version, stsize, - maxlen)) < 0) - return(-1); - stsize += status; - break; -#endif - default: - break; - } - return stsize; -} diff --git a/crypto/kerberosIV/lib/kadm/kadm_supp.c b/crypto/kerberosIV/lib/kadm/kadm_supp.c deleted file mode 100644 index 2a19cae..0000000 --- a/crypto/kerberosIV/lib/kadm/kadm_supp.c +++ /dev/null @@ -1,188 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -/* - * Support functions for Kerberos administration server & clients - */ - -/* - kadm_supp.c - this holds the support routines for the kerberos administration server - - error: prints out a kadm error message, returns - fatal: prints out a kadm fatal error message, exits - prin_vals: prints out data associated with a Principal in the vals - structure -*/ - -#include "kadm_locl.h" - -RCSID("$Id: kadm_supp.c,v 1.14 1999/09/16 20:41:46 assar Exp $"); - -static void -time2str(char *buf, size_t len, time_t t) -{ - strftime(buf, len, "%Y-%m-%d %H:%M:%S", localtime(&t)); -} - -/* -prin_vals: - recieves : a vals structure -*/ -void -prin_vals(Kadm_vals *vals) -{ - char date[32]; - if(IS_FIELD(KADM_NAME, vals->fields) && IS_FIELD(KADM_INST, vals->fields)) - printf("%20s: %s\n", "Principal", - krb_unparse_name_long(vals->name, vals->instance, NULL)); - else { - printf("Dump of funny entry:\n"); - if(IS_FIELD(KADM_NAME, vals->fields)) - printf("%20s: %s\n", "Name", vals->name); - if(IS_FIELD(KADM_INST, vals->fields)) - printf("%20s: %s\n", "Instance", vals->instance); - } - if(IS_FIELD(KADM_MAXLIFE, vals->fields)) - printf("%20s: %d (%s)\n", "Max ticket life", - vals->max_life, - krb_life_to_atime(vals->max_life)); - if(IS_FIELD(KADM_EXPDATE, vals->fields)) { - time2str(date, sizeof(date), vals->exp_date); - printf("%20s: %s\n", "Expiration date", date); - } - if(IS_FIELD(KADM_ATTR, vals->fields)) - printf("%20s: %d\n", "Attributes", - vals->attributes); - if(IS_FIELD(KADM_DESKEY, vals->fields)) - printf("%20s: %#lx %#lx\n", "Key", - (unsigned long)vals->key_low, - (unsigned long)vals->key_high); - -#ifdef EXTENDED_KADM - if (IS_FIELD(KADM_MODDATE,vals->fields)) { - time2str(date, sizeof(date), vals->mod_date); - printf("%20s: %s\n", "Modification date", date); - } - if (IS_FIELD(KADM_MODNAME,vals->fields) && - IS_FIELD(KADM_MODINST,vals->fields)) - printf("%20s: %s\n", "Modifier", - krb_unparse_name_long(vals->mod_name, vals->mod_instance, NULL)); - if (IS_FIELD(KADM_KVNO,vals->fields)) - printf("%20s: %d\n", "Key version", vals->key_version); -#endif - -#if 0 - printf("Info in Database for %s.%s:\n", vals->name, vals->instance); - printf(" Max Life: %d (%s) Exp Date: %s\n", - vals->max_life, - krb_life_to_atime(vals->max_life), - asctime(k_localtime(&vals->exp_date))); - printf(" Attribs: %.2x key: %#lx %#lx\n", - vals->attributes, - (unsigned long)vals->key_low, - (unsigned long)vals->key_high); -#endif -} - -/* kadm_prin_to_vals takes a fields arguments, a Kadm_vals and a Principal, - it copies the fields in Principal specified by fields into Kadm_vals, - i.e from old to new */ - -void -kadm_prin_to_vals(u_char *fields, Kadm_vals *new, Principal *old) -{ - memset(new, 0, sizeof(*new)); - if (IS_FIELD(KADM_NAME,fields)) { - strlcpy(new->name, old->name, ANAME_SZ); - SET_FIELD(KADM_NAME, new->fields); - } - if (IS_FIELD(KADM_INST,fields)) { - strlcpy(new->instance, old->instance, INST_SZ); - SET_FIELD(KADM_INST, new->fields); - } - if (IS_FIELD(KADM_EXPDATE,fields)) { - new->exp_date = old->exp_date; - SET_FIELD(KADM_EXPDATE, new->fields); - } - if (IS_FIELD(KADM_ATTR,fields)) { - new->attributes = old->attributes; - SET_FIELD(KADM_ATTR, new->fields); - } - if (IS_FIELD(KADM_MAXLIFE,fields)) { - new->max_life = old->max_life; - SET_FIELD(KADM_MAXLIFE, new->fields); - } - if (IS_FIELD(KADM_DESKEY,fields)) { - new->key_low = old->key_low; - new->key_high = old->key_high; - SET_FIELD(KADM_DESKEY, new->fields); - } -#ifdef EXTENDED_KADM - if (IS_FIELD(KADM_MODDATE,fields)) { - new->mod_date = old->mod_date; - SET_FIELD(KADM_MODDATE, new->fields); - } - if (IS_FIELD(KADM_MODNAME,fields)) { - strlcpy(new->mod_name, old->mod_name, ANAME_SZ); - SET_FIELD(KADM_MODNAME, new->fields); - } - if (IS_FIELD(KADM_MODINST,fields)) { - strlcpy(new->mod_instance, old->mod_instance, ANAME_SZ); - SET_FIELD(KADM_MODINST, new->fields); - } - if (IS_FIELD(KADM_KVNO,fields)) { - new->key_version = old->key_version; - SET_FIELD(KADM_KVNO, new->fields); - } -#endif -} - -void -kadm_vals_to_prin(u_char *fields, Principal *new, Kadm_vals *old) -{ - - memset(new, 0, sizeof(*new)); - if (IS_FIELD(KADM_NAME,fields)) - strlcpy(new->name, old->name, ANAME_SZ); - if (IS_FIELD(KADM_INST,fields)) - strlcpy(new->instance, old->instance, INST_SZ); - if (IS_FIELD(KADM_EXPDATE,fields)) - new->exp_date = old->exp_date; - if (IS_FIELD(KADM_ATTR,fields)) - new->attributes = old->attributes; - if (IS_FIELD(KADM_MAXLIFE,fields)) - new->max_life = old->max_life; - if (IS_FIELD(KADM_DESKEY,fields)) { - new->key_low = old->key_low; - new->key_high = old->key_high; - } -#ifdef EXTENDED_KADM - if (IS_FIELD(KADM_MODDATE,fields)) - new->mod_date = old->mod_date; - if (IS_FIELD(KADM_MODNAME,fields)) - strlcpy(new->mod_name, old->mod_name, ANAME_SZ); - if (IS_FIELD(KADM_MODINST,fields)) - strlcpy(new->mod_instance, old->mod_instance, ANAME_SZ); - if (IS_FIELD(KADM_KVNO,fields)) - new->key_version = old->key_version; -#endif -} |
