diff options
Diffstat (limited to 'crypto/kerberosIV/lib/krb')
88 files changed, 0 insertions, 15080 deletions
diff --git a/crypto/kerberosIV/lib/krb/Makefile.in b/crypto/kerberosIV/lib/krb/Makefile.in deleted file mode 100644 index 2196db2..0000000 --- a/crypto/kerberosIV/lib/krb/Makefile.in +++ /dev/null @@ -1,373 +0,0 @@ -# -# $Id: Makefile.in,v 1.113.2.2 2000/12/07 16:44:12 assar Exp $ -# -SHELL = /bin/sh - -srcdir = @srcdir@ -VPATH = @srcdir@ - -CC = @CC@ -LINK = @LINK@ -AR = ar -RANLIB = @RANLIB@ -CP = cp -LN_S = @LN_S@ -DEFS = @DEFS@ -DROKEN_RENAME -CFLAGS = @CFLAGS@ $(WFLAGS) -WFLAGS = @WFLAGS@ -LD_FLAGS = @LD_FLAGS@ -EXECSUFFIX=@EXECSUFFIX@ - -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -MKINSTALLDIRS = @top_srcdir@/mkinstalldirs -top_builddir = ../.. - -COMPILE_ET = ../com_err/compile_et - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -libdir = @libdir@ - -includedir = @includedir@ - -incdir = $(includedir) -inc_DATA = krb_err.h -idir = $(top_builddir)/include - -PICFLAGS = @PICFLAGS@ - -# Under SunOS-5.x it is necessary to link with -ldes to be binary compatible. - -LIBDES=`test -r /usr/lib/libkrb.so.1 && echo "@LD_FLAGS@ -L../des -ldes"; true` - -LIB_DEPS = @lib_deps_yes@ `echo @LIB_res_search@ @LIB_dn_expand@ | sort | uniq` $(LIBDES) -lc -build_symlink_command = @build_symlink_command@ -install_symlink_command = @install_symlink_command@ - -PROGS = sizetest$(EXECSUFFIX) -LIBNAME = $(LIBPREFIX)krb -LIBEXT = @LIBEXT@ -SHLIBEXT = @SHLIBEXT@ -LIBPREFIX = @LIBPREFIX@ -LDSHARED = @LDSHARED@ -LIB = $(LIBNAME).$(LIBEXT) - -SOURCES = \ - check_time.c \ - cr_err_reply.c \ - create_auth_reply.c \ - create_ciph.c \ - create_death_packet.c \ - create_ticket.c \ - debug_decl.c \ - decomp_ticket.c \ - defaults.c \ - dest_tkt.c \ - encrypt_ktext.c \ - extra.c \ - get_ad_tkt.c \ - getfile.c \ - get_cred.c \ - get_default_principal.c \ - get_host.c \ - get_in_tkt.c \ - get_krbrlm.c \ - get_svc_in_tkt.c \ - get_tf_fullname.c \ - get_tf_realm.c \ - getaddrs.c \ - getrealm.c \ - getst.c \ - k_getport.c \ - k_getsockinst.c \ - k_localtime.c \ - kdc_reply.c \ - kntoln.c \ - krb_check_auth.c \ - krb_equiv.c \ - krb_err.c \ - krb_err_txt.c \ - krb_get_in_tkt.c \ - kuserok.c \ - lifetime.c \ - logging.c \ - lsb_addr_comp.c \ - mk_auth.c \ - mk_err.c \ - mk_priv.c \ - mk_req.c \ - mk_safe.c \ - month_sname.c \ - name2name.c \ - krb_net_read.c \ - krb_net_write.c \ - one.c \ - parse_name.c \ - rd_err.c \ - rd_priv.c \ - rd_req.c \ - rd_safe.c \ - read_service_key.c \ - realm_parse.c \ - recvauth.c \ - rw.c \ - save_credentials.c \ - send_to_kdc.c \ - sendauth.c \ - solaris_compat.c \ - stime.c \ - str2key.c \ - tf_util.c \ - time.c \ - tkt_string.c \ - unparse_name.c \ - verify_user.c \ - krb_ip_realm.c - -# these files reside in ../roken or ../com_err/ -EXTRA_SOURCE = \ - base64.c \ - concat.c \ - flock.c \ - gethostname.c \ - gettimeofday.c \ - getuid.c \ - resolve.c \ - snprintf.c \ - strcasecmp.c \ - strlcat.c \ - strlcpy.c \ - strdup.c \ - strncasecmp.c \ - strnlen.c \ - strtok_r.c \ - swab.c - -SHLIB_EXTRA_SOURCE = \ - com_err.c \ - error.c - -OBJECTS = \ - check_time.o \ - cr_err_reply.o \ - create_auth_reply.o \ - create_ciph.o \ - create_death_packet.o \ - create_ticket.o \ - debug_decl.o \ - decomp_ticket.o \ - defaults.o \ - dest_tkt.o \ - encrypt_ktext.o \ - extra.o \ - get_ad_tkt.o \ - getfile.o \ - get_cred.o \ - get_default_principal.o \ - get_host.o \ - get_in_tkt.o \ - get_krbrlm.o \ - get_svc_in_tkt.o \ - get_tf_fullname.o \ - get_tf_realm.o \ - getaddrs.o \ - getrealm.o \ - getst.o \ - k_getport.o \ - k_getsockinst.o \ - k_localtime.o \ - kdc_reply.o \ - kntoln.o \ - krb_check_auth.o \ - krb_equiv.o \ - krb_err.o \ - krb_err_txt.o \ - krb_get_in_tkt.o \ - kuserok.o \ - lifetime.o \ - logging.o \ - lsb_addr_comp.o \ - mk_auth.o \ - mk_err.o \ - mk_priv.o \ - mk_req.o \ - mk_safe.o \ - month_sname.o \ - name2name.o \ - krb_net_read.o \ - krb_net_write.o \ - one.o \ - parse_name.o \ - rd_err.o \ - rd_priv.o \ - rd_req.o \ - rd_safe.o \ - read_service_key.o \ - realm_parse.o \ - recvauth.o \ - rw.o \ - save_credentials.o \ - send_to_kdc.o \ - sendauth.o \ - solaris_compat.o \ - stime.o \ - str2key.o \ - tf_util.o \ - time.o \ - tkt_string.o \ - unparse_name.o \ - verify_user.o \ - krb_ip_realm.o \ - $(LIBADD) - -LIBADD = \ - base64.o \ - concat.o \ - flock.o \ - gethostname.o \ - gettimeofday.o \ - getuid.o \ - net_read.o \ - net_write.o \ - resolve.o \ - snprintf.o \ - strcasecmp.o \ - strlcat.o \ - strlcpy.o \ - strdup.o \ - strncasecmp.o \ - strnlen.o \ - strtok_r.o \ - swab.o - -SHLIB_LIBADD = \ - com_err.o \ - error.o - -all: $(LIB) $(PROGS) all-local - -Wall: - make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" - -.c.o: - $(CC) -c $(DEFS) -I. -I../../include -I$(srcdir) $(CFLAGS) $(CPPFLAGS) $(PICFLAGS) $< - -install: all - $(MKINSTALLDIRS) $(DESTDIR)$(libdir) - $(INSTALL_DATA) $(LIB) $(DESTDIR)$(libdir)/$(LIB) - @install_symlink_command@ - $(MKINSTALLDIRS) $(DESTDIR)$(includedir) - @for i in $(inc_DATA); do \ - echo " $(INSTALL_DATA) $$i $(DESTDIR)$(incdir)/$$i";\ - $(INSTALL_DATA) $$i $(DESTDIR)$(incdir)/$$i; done - -uninstall: - rm -f $(DESTDIR)$(libdir)/$(LIB) - @for i in $(inc_DATA); do \ - echo " rm -f $(DESTDIR)$(incdir)/$$i";\ - rm -f $(DESTDIR)$(incdir)/$$i; done - -TAGS: $(SOURCES) - etags $(SOURCES) - -sizetest.o: sizetest.c - $(CC) -c $(CPPFLAGS) $(DEFS) -I../../include -I$(srcdir) $(CFLAGS) $< - -sizetest$(EXECSUFFIX): sizetest.o - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ sizetest.o - -check: sizetest$(EXECSUFFIX) - ./sizetest$(EXECSUFFIX) - -clean: - rm -f $(LIB) *.o *.a *.so *.so.* so_locations \ - krb_err.c krb_err.h $(PROGS) $(EXTRA_SOURCE) $(SHLIB_EXTRA_SOURCE) - -mostlyclean: clean - -distclean: clean - rm -f Makefile *.tab.c *~ - -realclean: distclean - rm -f TAGS - -$(LIBNAME)_pic.a: $(OBJECTS) $(SHLIB_LIBADD) - rm -f $@ - $(AR) cr $@ $(OBJECTS) $(SHLIB_LIBADD) - -$(RANLIB) $@ - -$(LIBNAME).a: $(OBJECTS) - rm -f $@ - $(AR) cr $@ $(OBJECTS) - -$(RANLIB) $@ - -$(LIBNAME).$(SHLIBEXT): $(OBJECTS) $(SHLIB_LIBADD) $(LIBNAME)_pic.a - rm -f $@ - $(LDSHARED) -o $@ $(OBJECTS) $(SHLIB_LIBADD) $(LIB_DEPS) - @build_symlink_command@ - -krb_err.c krb_err.h: krb_err.et - $(COMPILE_ET) $(srcdir)/krb_err.et - -# this doesn't work with parallel makes -#$(EXTRA_SOURCE): -# for i in $(EXTRA_SOURCE); do \ -# test -f $$i || $(LN_S) $(srcdir)/../roken/$$i .; \ -# done - -base64.c: - $(LN_S) $(srcdir)/../roken/base64.c . -concat.c: - $(LN_S) $(srcdir)/../roken/concat.c . -flock.c: - $(LN_S) $(srcdir)/../roken/flock.c . -gethostname.c: - $(LN_S) $(srcdir)/../roken/gethostname.c . -gettimeofday.c: - $(LN_S) $(srcdir)/../roken/gettimeofday.c . -getuid.c: - $(LN_S) $(srcdir)/../roken/getuid.c . -snprintf.c: - $(LN_S) $(srcdir)/../roken/snprintf.c . -strcasecmp.c: - $(LN_S) $(srcdir)/../roken/strcasecmp.c . -strlcat.c: - $(LN_S) $(srcdir)/../roken/strlcat.c . -strlcpy.c: - $(LN_S) $(srcdir)/../roken/strlcpy.c . -strncasecmp.c: - $(LN_S) $(srcdir)/../roken/strncasecmp.c . -strnlen.c: - $(LN_S) $(srcdir)/../roken/strnlen.c . -strdup.c: - $(LN_S) $(srcdir)/../roken/strdup.c . -strtok_r.c: - $(LN_S) $(srcdir)/../roken/strtok_r.c . -swab.c: - $(LN_S) $(srcdir)/../roken/swab.c . -resolve.c: - $(LN_S) $(srcdir)/../roken/resolve.c . -net_read.c: - $(LN_S) $(srcdir)/../roken/net_read.c . -net_write.c: - $(LN_S) $(srcdir)/../roken/net_write.c . -com_err.c: - $(LN_S) $(srcdir)/../com_err/com_err.c . -error.c: - $(LN_S) $(srcdir)/../com_err/error.c . - - -$(OBJECTS): ../../include/config.h -$(OBJECTS): krb_locl.h krb.h -rw.o: ../../include/version.h - -all-local: $(inc_DATA) - @for i in $(inc_DATA); do \ - if cmp -s $$i $(idir)/$$i 2> /dev/null ; then :; else\ - echo " $(CP) $$i $(idir)/$$i"; \ - $(CP) $$i $(idir)/$$i; \ - fi ; \ - done - -.PHONY: all Wall install uninstall check clean mostlyclean distclean realclean all-local diff --git a/crypto/kerberosIV/lib/krb/check_time.c b/crypto/kerberosIV/lib/krb/check_time.c deleted file mode 100644 index be028fa..0000000 --- a/crypto/kerberosIV/lib/krb/check_time.c +++ /dev/null @@ -1,51 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: check_time.c,v 1.5 1999/12/02 16:58:40 joda Exp $"); - -int -krb_check_tm (struct tm tm) -{ - return tm.tm_mon < 0 - || tm.tm_mon > 11 - || tm.tm_hour < 0 - || tm.tm_hour > 23 - || tm.tm_min < 0 - || tm.tm_min > 59 - || tm.tm_sec < 0 - || tm.tm_sec > 59 - || tm.tm_year < 1901 - || tm.tm_year > 2038; -} diff --git a/crypto/kerberosIV/lib/krb/cr_err_reply.c b/crypto/kerberosIV/lib/krb/cr_err_reply.c deleted file mode 100644 index 3308529..0000000 --- a/crypto/kerberosIV/lib/krb/cr_err_reply.c +++ /dev/null @@ -1,122 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: cr_err_reply.c,v 1.11 1999/12/02 16:58:41 joda Exp $"); - -/* - * This routine is used by the Kerberos authentication server to - * create an error reply packet to send back to its client. - * - * It takes a pointer to the packet to be built, the name, instance, - * and realm of the principal, the client's timestamp, an error code - * and an error string as arguments. Its return value is undefined. - * - * The packet is built in the following format: - * - * type variable data - * or constant - * ---- ----------- ---- - * - * unsigned char req_ack_vno protocol version number - * - * unsigned char AUTH_MSG_ERR_REPLY protocol message type - * - * [least significant HOST_BYTE_ORDER sender's (server's) byte - * bit of above field] order - * - * string pname principal's name - * - * string pinst principal's instance - * - * string prealm principal's realm - * - * unsigned long time_ws client's timestamp - * - * unsigned long e error code - * - * string e_string error text - */ - -int -cr_err_reply(KTEXT pkt, char *pname, char *pinst, char *prealm, - u_int32_t time_ws, u_int32_t e, char *e_string) -{ - unsigned char *p = pkt->dat; - int tmp; - size_t rem = sizeof(pkt->dat); - - tmp = krb_put_int(KRB_PROT_VERSION, p, rem, 1); - if (tmp < 0) - return -1; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(AUTH_MSG_ERR_REPLY, p, rem, 1); - if (tmp < 0) - return -1; - p += tmp; - rem -= tmp; - - if (pname == NULL) pname = ""; - if (pinst == NULL) pinst = ""; - if (prealm == NULL) prealm = ""; - - tmp = krb_put_nir(pname, pinst, prealm, p, rem); - if (tmp < 0) - return -1; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(time_ws, p, rem, 4); - if (tmp < 0) - return -1; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(e, p, rem, 4); - if (tmp < 0) - return -1; - p += tmp; - rem -= tmp; - - tmp = krb_put_string(e_string, p, rem); - if (tmp < 0) - return -1; - p += tmp; - rem -= tmp; - - pkt->length = p - pkt->dat; - return 0; -} diff --git a/crypto/kerberosIV/lib/krb/create_auth_reply.c b/crypto/kerberosIV/lib/krb/create_auth_reply.c deleted file mode 100644 index 7f6cf46..0000000 --- a/crypto/kerberosIV/lib/krb/create_auth_reply.c +++ /dev/null @@ -1,159 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: create_auth_reply.c,v 1.15 1999/12/02 16:58:41 joda Exp $"); - -/* - * This routine is called by the Kerberos authentication server - * to create a reply to an authentication request. The routine - * takes the user's name, instance, and realm, the client's - * timestamp, the number of tickets, the user's key version - * number and the ciphertext containing the tickets themselves. - * It constructs a packet and returns a pointer to it. - * - * Notes: The packet returned by this routine is static. Thus, if you - * intend to keep the result beyond the next call to this routine, you - * must copy it elsewhere. - * - * The packet is built in the following format: - * - * variable - * type or constant data - * ---- ----------- ---- - * - * unsigned char KRB_PROT_VERSION protocol version number - * - * unsigned char AUTH_MSG_KDC_REPLY protocol message type - * - * [least significant HOST_BYTE_ORDER sender's (server's) byte - * bit of above field] order - * - * string pname principal's name - * - * string pinst principal's instance - * - * string prealm principal's realm - * - * unsigned long time_ws client's timestamp - * - * unsigned char n number of tickets - * - * unsigned long x_date expiration date - * - * unsigned char kvno master key version - * - * short w_1 cipher length - * - * --- cipher->dat cipher data - */ - -KTEXT -create_auth_reply(char *pname, /* Principal's name */ - char *pinst, /* Principal's instance */ - char *prealm, /* Principal's authentication domain */ - int32_t time_ws, /* Workstation time */ - int n, /* Number of tickets */ - u_int32_t x_date, /* Principal's expiration date */ - int kvno, /* Principal's key version number */ - KTEXT cipher) /* Cipher text with tickets and session keys */ -{ - static KTEXT_ST pkt_st; - KTEXT pkt = &pkt_st; - - unsigned char *p = pkt->dat; - int tmp; - size_t rem = sizeof(pkt->dat); - - if(n != 0) - return NULL; - - tmp = krb_put_int(KRB_PROT_VERSION, p, rem, 1); - if (tmp < 0) - return NULL; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(AUTH_MSG_KDC_REPLY, p, rem, 1); - if (tmp < 0) - return NULL; - p += tmp; - rem -= tmp; - - tmp = krb_put_nir(pname, pinst, prealm, p, rem); - if (tmp < 0) - return NULL; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(time_ws, p, rem, 4); - if (tmp < 0) - return NULL; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(n, p, rem, 1); - if (tmp < 0) - return NULL; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(x_date, p, rem, 4); - if (tmp < 0) - return NULL; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(kvno, p, rem, 1); - if (tmp < 0) - return NULL; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(cipher->length, p, rem, 2); - if (tmp < 0) - return NULL; - p += tmp; - rem -= tmp; - - if (rem < cipher->length) - return NULL; - memcpy(p, cipher->dat, cipher->length); - p += cipher->length; - rem -= cipher->length; - - pkt->length = p - pkt->dat; - - return pkt; -} diff --git a/crypto/kerberosIV/lib/krb/create_ciph.c b/crypto/kerberosIV/lib/krb/create_ciph.c deleted file mode 100644 index f73e8d7..0000000 --- a/crypto/kerberosIV/lib/krb/create_ciph.c +++ /dev/null @@ -1,142 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: create_ciph.c,v 1.13 1999/12/02 16:58:41 joda Exp $"); - -/* - * This routine is used by the authentication server to create - * a packet for its client, containing a ticket for the requested - * service (given in "tkt"), and some information about the ticket, - * - * Returns KSUCCESS no matter what. - * - * The length of the cipher is stored in c->length; the format of - * c->dat is as follows: - * - * variable - * type or constant data - * ---- ----------- ---- - * - * - * 8 bytes session session key for client, service - * - * string service service name - * - * string instance service instance - * - * string realm KDC realm - * - * unsigned char life ticket lifetime - * - * unsigned char kvno service key version number - * - * unsigned char tkt->length length of following ticket - * - * data tkt->dat ticket for service - * - * 4 bytes kdc_time KDC's timestamp - * - * <=7 bytes null null pad to 8 byte multiple - * - */ - -int -create_ciph(KTEXT c, /* Text block to hold ciphertext */ - unsigned char *session, /* Session key to send to user */ - char *service, /* Service name on ticket */ - char *instance, /* Instance name on ticket */ - char *realm, /* Realm of this KDC */ - u_int32_t life, /* Lifetime of the ticket */ - int kvno, /* Key version number for service */ - KTEXT tkt, /* The ticket for the service */ - u_int32_t kdc_time, /* KDC time */ - des_cblock *key) /* Key to encrypt ciphertext with */ - -{ - unsigned char *p = c->dat; - size_t rem = sizeof(c->dat); - int tmp; - - memset(c, 0, sizeof(KTEXT_ST)); - - if (rem < 8) - return KFAILURE; - memcpy(p, session, 8); - p += 8; - rem -= 8; - - tmp = krb_put_nir(service, instance, realm, p, rem); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - - tmp = krb_put_int(life, p, rem, 1); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(kvno, p, rem, 1); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(tkt->length, p, rem, 1); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - if (rem < tkt->length) - return KFAILURE; - memcpy(p, tkt->dat, tkt->length); - p += tkt->length; - rem -= tkt->length; - - tmp = krb_put_int(kdc_time, p, rem, 4); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - /* multiple of eight bytes */ - c->length = (p - c->dat + 7) & ~7; - - encrypt_ktext(c, key, DES_ENCRYPT); - return KSUCCESS; -} diff --git a/crypto/kerberosIV/lib/krb/create_death_packet.c b/crypto/kerberosIV/lib/krb/create_death_packet.c deleted file mode 100644 index 15e0267..0000000 --- a/crypto/kerberosIV/lib/krb/create_death_packet.c +++ /dev/null @@ -1,98 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: create_death_packet.c,v 1.10 1999/12/02 16:58:41 joda Exp $"); - -/* - * This routine creates a packet to type AUTH_MSG_DIE which is sent to - * the Kerberos server to make it shut down. It is used only in the - * development environment. - * - * It takes a string "a_name" which is sent in the packet. A pointer - * to the packet is returned. - * - * The format of the killer packet is: - * - * type variable data - * or constant - * ---- ----------- ---- - * - * unsigned char KRB_PROT_VERSION protocol version number - * - * unsigned char AUTH_MSG_DIE message type - * - * [least significant HOST_BYTE_ORDER byte order of sender - * bit of above field] - * - * string a_name presumably, name of - * principal sending killer - * packet - */ - -#ifdef DEBUG -KTEXT -krb_create_death_packet(char *a_name) -{ - static KTEXT_ST pkt_st; - KTEXT pkt = &pkt_st; - - unsigned char *p = pkt->dat; - int tmp; - int rem = sizeof(pkt->dat); - - pkt->length = 0; - - tmp = krb_put_int(KRB_PROT_VERSION, p, rem, 1); - if (tmp < 0) - return NULL; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(AUTH_MSG_DIE, p, rem, 1); - if (tmp < 0) - return NULL; - p += tmp; - rem -= tmp; - - tmp = krb_put_string(a_name, p, rem); - if (tmp < 0) - return NULL; - p += tmp; - rem -= tmp; - - pkt->length = p - pkt->dat; - return pkt; -} -#endif /* DEBUG */ diff --git a/crypto/kerberosIV/lib/krb/create_ticket.c b/crypto/kerberosIV/lib/krb/create_ticket.c deleted file mode 100644 index 32cb0a0..0000000 --- a/crypto/kerberosIV/lib/krb/create_ticket.c +++ /dev/null @@ -1,160 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: create_ticket.c,v 1.14 1999/12/02 16:58:41 joda Exp $"); - -/* - * Create ticket takes as arguments information that should be in a - * ticket, and the KTEXT object in which the ticket should be - * constructed. It then constructs a ticket and returns, leaving the - * newly created ticket in tkt. - * The length of the ticket is a multiple of - * eight bytes and is in tkt->length. - * - * If the ticket is too long, the ticket will contain nulls. - * - * The corresponding routine to extract information from a ticket it - * decomp_ticket. When changes are made to this routine, the - * corresponding changes should also be made to that file. - * - * The packet is built in the following format: - * - * variable - * type or constant data - * ---- ----------- ---- - * - * tkt->length length of ticket (multiple of 8 bytes) - * - * tkt->dat: - * - * unsigned char flags namely, HOST_BYTE_ORDER - * - * string pname client's name - * - * string pinstance client's instance - * - * string prealm client's realm - * - * 4 bytes paddress client's address - * - * 8 bytes session session key - * - * 1 byte life ticket lifetime - * - * 4 bytes time_sec KDC timestamp - * - * string sname service's name - * - * string sinstance service's instance - * - * <=7 bytes null null pad to 8 byte multiple - * - */ - -int -krb_create_ticket(KTEXT tkt, /* Gets filled in by the ticket */ - unsigned char flags, /* Various Kerberos flags */ - char *pname, /* Principal's name */ - char *pinstance, /* Principal's instance */ - char *prealm, /* Principal's authentication domain */ - int32_t paddress, /* Net address of requesting entity */ - void *session, /* Session key inserted in ticket */ - int16_t life, /* Lifetime of the ticket */ - int32_t time_sec, /* Issue time and date */ - char *sname, /* Service Name */ - char *sinstance, /* Instance Name */ - des_cblock *key) /* Service's secret key */ -{ - unsigned char *p = tkt->dat; - int tmp; - size_t rem = sizeof(tkt->dat); - - memset(tkt, 0, sizeof(KTEXT_ST)); - - tmp = krb_put_int(flags, p, rem, 1); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - tmp = krb_put_nir(pname, pinstance, prealm, p, rem); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - tmp = krb_put_address(paddress, p, rem); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - if (rem < 8) - return KFAILURE; - memcpy(p, session, 8); - p += 8; - rem -= 8; - - tmp = krb_put_int(life, p, rem, 1); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(time_sec, p, rem, 4); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - tmp = krb_put_nir(sname, sinstance, NULL, p, rem); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - /* multiple of eight bytes */ - tkt->length = (p - tkt->dat + 7) & ~7; - - /* Check length of ticket */ - if (tkt->length > (sizeof(KTEXT_ST) - 7)) { - memset(tkt->dat, 0, tkt->length); - tkt->length = 0; - return KFAILURE /* XXX */; - } - - encrypt_ktext(tkt, key, DES_ENCRYPT); - return KSUCCESS; -} diff --git a/crypto/kerberosIV/lib/krb/debug_decl.c b/crypto/kerberosIV/lib/krb/debug_decl.c deleted file mode 100644 index 5cbab77..0000000 --- a/crypto/kerberosIV/lib/krb/debug_decl.c +++ /dev/null @@ -1,44 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: debug_decl.c,v 1.10 1999/06/16 15:10:38 joda Exp $"); - -/* Declare global debugging variables. */ - -int krb_ap_req_debug = 0; -int krb_debug = 0; -int krb_dns_debug = 0; - -int -krb_enable_debug(void) -{ - krb_ap_req_debug = krb_debug = krb_dns_debug = 1; - return 0; -} - -int -krb_disable_debug(void) -{ - krb_ap_req_debug = krb_debug = krb_dns_debug = 0; - return 0; -} diff --git a/crypto/kerberosIV/lib/krb/decomp_ticket.c b/crypto/kerberosIV/lib/krb/decomp_ticket.c deleted file mode 100644 index 12bdf44..0000000 --- a/crypto/kerberosIV/lib/krb/decomp_ticket.c +++ /dev/null @@ -1,117 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: decomp_ticket.c,v 1.20 1999/12/02 16:58:41 joda Exp $"); - -/* - * This routine takes a ticket and pointers to the variables that - * should be filled in based on the information in the ticket. It - * fills in values for its arguments. - * - * The routine returns KFAILURE if any of the "pname", "pinstance", - * or "prealm" fields is too big, otherwise it returns KSUCCESS. - * - * The corresponding routine to generate tickets is create_ticket. - * When changes are made to this routine, the corresponding changes - * should also be made to that file. - * - * See create_ticket.c for the format of the ticket packet. - */ - -int -decomp_ticket(KTEXT tkt, /* The ticket to be decoded */ - unsigned char *flags, /* Kerberos ticket flags */ - char *pname, /* Authentication name */ - char *pinstance, /* Principal's instance */ - char *prealm, /* Principal's authentication domain */ - u_int32_t *paddress,/* Net address of entity requesting ticket */ - unsigned char *session, /* Session key inserted in ticket */ - int *life, /* Lifetime of the ticket */ - u_int32_t *time_sec, /* Issue time and date */ - char *sname, /* Service name */ - char *sinstance, /* Service instance */ - des_cblock *key, /* Service's secret key (to decrypt the ticket) */ - des_key_schedule schedule) /* The precomputed key schedule */ - -{ - unsigned char *p = tkt->dat; - - int little_endian; - - des_pcbc_encrypt((des_cblock *)tkt->dat, (des_cblock *)tkt->dat, - tkt->length, schedule, key, DES_DECRYPT); - - tkt->mbz = 0; - - *flags = *p++; - - little_endian = *flags & 1; - - if(strlen((char*)p) > ANAME_SZ) - return KFAILURE; - p += krb_get_string(p, pname, ANAME_SZ); - - if(strlen((char*)p) > INST_SZ) - return KFAILURE; - p += krb_get_string(p, pinstance, INST_SZ); - - if(strlen((char*)p) > REALM_SZ) - return KFAILURE; - p += krb_get_string(p, prealm, REALM_SZ); - - if (*prealm == '\0') - krb_get_lrealm (prealm, 1); - - if(tkt->length - (p - tkt->dat) < 8 + 1 + 4) - return KFAILURE; - p += krb_get_address(p, paddress); - - memcpy(session, p, 8); - p += 8; - - *life = *p++; - - p += krb_get_int(p, time_sec, 4, little_endian); - - if(strlen((char*)p) > SNAME_SZ) - return KFAILURE; - p += krb_get_string(p, sname, SNAME_SZ); - - if(strlen((char*)p) > INST_SZ) - return KFAILURE; - p += krb_get_string(p, sinstance, INST_SZ); - - return KSUCCESS; -} diff --git a/crypto/kerberosIV/lib/krb/defaults.c b/crypto/kerberosIV/lib/krb/defaults.c deleted file mode 100644 index e4fe027..0000000 --- a/crypto/kerberosIV/lib/krb/defaults.c +++ /dev/null @@ -1,58 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: defaults.c,v 1.3 1999/12/02 16:58:41 joda Exp $"); - -const -char * -krb_get_default_tkt_root(void) -{ - const char *t = krb_get_config_string("krb_default_tkt_root"); - if (t) - return t; - else - return "/tmp/tkt"; -} - -const -char * -krb_get_default_keyfile(void) -{ - const char *t = krb_get_config_string("krb_default_keyfile"); - if (t) - return t; - else - return "/etc/srvtab"; -} diff --git a/crypto/kerberosIV/lib/krb/dest_tkt.c b/crypto/kerberosIV/lib/krb/dest_tkt.c deleted file mode 100644 index 4330df2..0000000 --- a/crypto/kerberosIV/lib/krb/dest_tkt.c +++ /dev/null @@ -1,108 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: dest_tkt.c,v 1.11.14.2 2000/10/18 20:26:42 assar Exp $"); - -#ifndef O_BINARY -#define O_BINARY 0 -#endif - -/* - * dest_tkt() is used to destroy the ticket store upon logout. - * If the ticket file does not exist, dest_tkt() returns RET_TKFIL. - * Otherwise the function returns RET_OK on success, KFAILURE on - * failure. - * - * The ticket file (TKT_FILE) is defined in "krb.h". - */ - -int -dest_tkt(void) -{ - const char *filename = TKT_FILE; - int i, fd; - struct stat sb1, sb2; - char buf[BUFSIZ]; - int error = 0; - - if (lstat (filename, &sb1) < 0) { - error = errno; - goto out; - } - - fd = open (filename, O_RDWR | O_BINARY); - if (fd < 0) { - error = errno; - goto out; - } - - if (unlink (filename) < 0) { - error = errno; - close(fd); - goto out; - } - - if (fstat (fd, &sb2) < 0) { - error = errno; - close(fd); - goto out; - } - - if (sb1.st_dev != sb2.st_dev || sb1.st_ino != sb2.st_ino) { - close (fd); - error = EPERM; - goto out; - } - - if (sb2.st_nlink != 0) { - close (fd); - error = EPERM; - goto out; - } - - for (i = 0; i < sb2.st_size; i += sizeof(buf)) { - int ret; - - ret = write(fd, buf, sizeof(buf)); - if (ret != sizeof(buf)) { - if (ret < 0) - error = errno; - else - error = EINVAL; - fsync(fd); - close(fd); - goto out; - } - } - - fsync(fd); - close(fd); - -out: - if (error == ENOENT) - return RET_TKFIL; - else if (error != 0) - return KFAILURE; - else - return(KSUCCESS); -} diff --git a/crypto/kerberosIV/lib/krb/dllmain.c b/crypto/kerberosIV/lib/krb/dllmain.c deleted file mode 100644 index 4e22e9a..0000000 --- a/crypto/kerberosIV/lib/krb/dllmain.c +++ /dev/null @@ -1,139 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* dllmain.c - main function to krb4.dll - * Author: J Karlsson <d93-jka@nada.kth.se> - * Date: June 1996 - */ - -#include "krb_locl.h" -#include "ticket_memory.h" -#include <Windows.h> - -RCSID("$Id: dllmain.c,v 1.9 1999/12/02 16:58:41 joda Exp $"); - -void -msg(char *text, int error) -{ - char *buf; - - asprintf (&buf, "%s\nAn error of type: %d", text, error); - - MessageBox(GetActiveWindow(), - buf ? buf : "Out of memory!", - "kerberos message", - MB_OK|MB_APPLMODAL); - free (buf); -} - -void -PostUpdateMessage(void) -{ - HWND hWnd; - static UINT km_message; - - if(km_message == 0) - km_message = RegisterWindowMessage("krb4-update-cache"); - - hWnd = FindWindow("KrbManagerWndClass", NULL); - if (hWnd == NULL) - hWnd = HWND_BROADCAST; - PostMessage(hWnd, km_message, 0, 0); -} - - -BOOL WINAPI -DllMain (HANDLE hInst, - ULONG reason, - LPVOID lpReserved) -{ - WORD wVersionRequested; - WSADATA wsaData; - PROCESS_INFORMATION p; - int err; - - switch(reason){ - case DLL_PROCESS_ATTACH: - wVersionRequested = MAKEWORD(1, 1); - err = WSAStartup(wVersionRequested, &wsaData); - if (err != 0) - { - /* Tell the user that we couldn't find a useable */ - /* winsock.dll. */ - msg("Cannot find winsock.dll", err); - return FALSE; - } - if(newTktMem(0) != KSUCCESS) - { - /* Tell the user that we couldn't alloc shared memory. */ - msg("Cannot allocate shared ticket memory", GetLastError()); - return FALSE; - } - if(GetLastError() != ERROR_ALREADY_EXISTS) - { - STARTUPINFO s = { - sizeof(s), - NULL, - NULL, - NULL, - 0,0, - 0,0, - 0,0, - 0, - STARTF_USESHOWWINDOW, - SW_SHOWMINNOACTIVE, - 0, NULL, - NULL, NULL, NULL - }; - - if(!CreateProcess(0,"krbmanager", - 0,0,FALSE,0,0, - 0,&s, &p)) { -#if 0 - msg("Unable to create Kerberos manager process.\n" - "Make sure krbmanager.exe is in your PATH.", - GetLastError()); - return FALSE; -#endif - } - } - break; - case DLL_PROCESS_DETACH: - /* should this really be done here? */ - freeTktMem(0); - WSACleanup(); - break; - } - - return TRUE; -} diff --git a/crypto/kerberosIV/lib/krb/encrypt_ktext.c b/crypto/kerberosIV/lib/krb/encrypt_ktext.c deleted file mode 100644 index dc5c60d..0000000 --- a/crypto/kerberosIV/lib/krb/encrypt_ktext.c +++ /dev/null @@ -1,46 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: encrypt_ktext.c,v 1.5 1999/12/02 16:58:41 joda Exp $"); - -void -encrypt_ktext(KTEXT cip, des_cblock *key, int encrypt) -{ - des_key_schedule schedule; - des_set_key(key, schedule); - des_pcbc_encrypt((des_cblock*)cip->dat, (des_cblock*)cip->dat, - cip->length, schedule, key, encrypt); - memset(schedule, 0, sizeof(des_key_schedule)); -} diff --git a/crypto/kerberosIV/lib/krb/extra.c b/crypto/kerberosIV/lib/krb/extra.c deleted file mode 100644 index 17193a4..0000000 --- a/crypto/kerberosIV/lib/krb/extra.c +++ /dev/null @@ -1,177 +0,0 @@ -/* - * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: extra.c,v 1.7.2.1 2000/12/07 16:06:09 assar Exp $"); - -struct value { - char *variable; - char *value; - struct value *next; -}; - -static struct value *_extra_values; - -static int _krb_extra_read = 0; - -static int -define_variable(const char *variable, const char *value) -{ - struct value *e; - e = malloc(sizeof(*e)); - if(e == NULL) - return ENOMEM; - e->variable = strdup(variable); - if(e->variable == NULL) { - free(e); - return ENOMEM; - } - e->value = strdup(value); - if(e->value == NULL) { - free(e->variable); - free(e); - return ENOMEM; - } - e->next = _extra_values; - _extra_values = e; - return 0; -} - -#ifndef WIN32 - -static int -read_extra_file(void) -{ - int i = 0; - char file[128]; - char line[1024]; - if(_krb_extra_read) - return 0; - _krb_extra_read = 1; - while(krb_get_krbextra(i++, file, sizeof(file)) == 0) { - FILE *f = fopen(file, "r"); - if(f == NULL) - continue; - while(fgets(line, sizeof(line), f)) { - char *var, *tmp, *val; - - /* skip initial whitespace */ - var = line + strspn(line, " \t"); - /* skip non-whitespace */ - tmp = var + strcspn(var, " \t="); - /* skip whitespace */ - val = tmp + strspn(tmp, " \t="); - *tmp = '\0'; - tmp = val + strcspn(val, " \t\n"); - *tmp = '\0'; - if(*var == '\0' || *var == '#' || *val == '\0') - continue; - if(krb_debug) - krb_warning("%s: setting `%s' to `%s'\n", file, var, val); - define_variable(var, val); - } - fclose(f); - return 0; - } - return ENOENT; -} - -#else /* WIN32 */ - -static int -read_extra_file(void) -{ - char name[1024], data[1024]; - DWORD name_sz, data_sz; - DWORD type; - int num = 0; - HKEY reg_key; - - if(_krb_extra_read) - return 0; - _krb_extra_read = 1; - - if(RegCreateKey(HKEY_CURRENT_USER, "krb4", ®_key) != 0) - return -1; - - - while(1) { - name_sz = sizeof(name); - data_sz = sizeof(data); - if(RegEnumValue(reg_key, - num++, - name, - &name_sz, - NULL, - &type, - data, - &data_sz) != 0) - break; - if(type == REG_SZ) - define_variable(name, data); - } - RegCloseKey(reg_key); - return 0; -} - -#endif - -static const char* -find_variable(const char *variable) -{ - struct value *e; - for(e = _extra_values; e; e = e->next) { - if(strcasecmp(variable, e->variable) == 0) - return e->value; - } - return NULL; -} - -const char * -krb_get_config_string(const char *variable) -{ - read_extra_file(); - return find_variable(variable); -} - -int -krb_get_config_bool(const char *variable) -{ - const char *value = krb_get_config_string(variable); - if(value == NULL) - return 0; - return strcasecmp(value, "yes") == 0 || - strcasecmp(value, "true") == 0 || - atoi(value); -} diff --git a/crypto/kerberosIV/lib/krb/get_ad_tkt.c b/crypto/kerberosIV/lib/krb/get_ad_tkt.c deleted file mode 100644 index 56d7d56..0000000 --- a/crypto/kerberosIV/lib/krb/get_ad_tkt.c +++ /dev/null @@ -1,203 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: get_ad_tkt.c,v 1.22 1999/12/02 16:58:41 joda Exp $"); - -/* - * get_ad_tkt obtains a new service ticket from Kerberos, using - * the ticket-granting ticket which must be in the ticket file. - * It is typically called by krb_mk_req() when the client side - * of an application is creating authentication information to be - * sent to the server side. - * - * get_ad_tkt takes four arguments: three pointers to strings which - * contain the name, instance, and realm of the service for which the - * ticket is to be obtained; and an integer indicating the desired - * lifetime of the ticket. - * - * It returns an error status if the ticket couldn't be obtained, - * or AD_OK if all went well. The ticket is stored in the ticket - * cache. - * - * The request sent to the Kerberos ticket-granting service looks - * like this: - * - * pkt->dat - * - * TEXT original contents of authenticator+ticket - * pkt->dat built in krb_mk_req call - * - * 4 bytes time_ws always 0 (?) - * char lifetime lifetime argument passed - * string service service name argument - * string sinstance service instance arg. - * - * See "prot.h" for the reply packet layout and definitions of the - * extraction macros like pkt_version(), pkt_msg_type(), etc. - */ - -int -get_ad_tkt(char *service, char *sinstance, char *realm, int lifetime) -{ - static KTEXT_ST pkt_st; - KTEXT pkt = & pkt_st; /* Packet to KDC */ - static KTEXT_ST rpkt_st; - KTEXT rpkt = &rpkt_st; /* Returned packet */ - - CREDENTIALS cr; - char lrealm[REALM_SZ]; - u_int32_t time_ws = 0; - int kerror; - unsigned char *p; - size_t rem; - int tmp; - - /* - * First check if we have a "real" TGT for the corresponding - * realm, if we don't, use ordinary inter-realm authentication. - */ - - kerror = krb_get_cred(KRB_TICKET_GRANTING_TICKET, realm, realm, &cr); - if (kerror == KSUCCESS) { - strlcpy(lrealm, realm, REALM_SZ); - } else - kerror = krb_get_tf_realm(TKT_FILE, lrealm); - - if (kerror != KSUCCESS) - return(kerror); - - /* - * Look for the session key (and other stuff we don't need) - * in the ticket file for krbtgt.realm@lrealm where "realm" - * is the service's realm (passed in "realm" argument) and - * lrealm is the realm of our initial ticket. If we don't - * have this, we will try to get it. - */ - - if ((kerror = krb_get_cred(KRB_TICKET_GRANTING_TICKET, - realm, lrealm, &cr)) != KSUCCESS) { - /* - * If realm == lrealm, we have no hope, so let's not even try. - */ - if ((strncmp(realm, lrealm, REALM_SZ)) == 0) - return(AD_NOTGT); - else{ - if ((kerror = - get_ad_tkt(KRB_TICKET_GRANTING_TICKET, - realm, lrealm, lifetime)) != KSUCCESS) { - if (kerror == KDC_PR_UNKNOWN) - return(AD_INTR_RLM_NOTGT); - else - return(kerror); - } - if ((kerror = krb_get_cred(KRB_TICKET_GRANTING_TICKET, - realm, lrealm, &cr)) != KSUCCESS) - return(kerror); - } - } - - /* - * Make up a request packet to the "krbtgt.realm@lrealm". - * Start by calling krb_mk_req() which puts ticket+authenticator - * into "pkt". Then tack other stuff on the end. - */ - - kerror = krb_mk_req(pkt, - KRB_TICKET_GRANTING_TICKET, - realm,lrealm,0L); - - if (kerror) - return(AD_NOTGT); - - p = pkt->dat + pkt->length; - rem = sizeof(pkt->dat) - pkt->length; - - tmp = krb_put_int(time_ws, p, rem, 4); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(lifetime, p, rem, 1); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - tmp = krb_put_nir(service, sinstance, NULL, p, rem); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - pkt->length = p - pkt->dat; - rpkt->length = 0; - - /* Send the request to the local ticket-granting server */ - if ((kerror = send_to_kdc(pkt, rpkt, realm))) return(kerror); - - /* check packet version of the returned packet */ - - { - KTEXT_ST cip; - CREDENTIALS cred; - struct timeval tv; - - kerror = kdc_reply_cipher(rpkt, &cip); - if(kerror != KSUCCESS) - return kerror; - - encrypt_ktext(&cip, &cr.session, DES_DECRYPT); - - kerror = kdc_reply_cred(&cip, &cred); - if(kerror != KSUCCESS) - return kerror; - - if (strcmp(cred.service, service) || strcmp(cred.instance, sinstance) || - strcmp(cred.realm, realm)) /* not what we asked for */ - return INTK_ERR; /* we need a better code here XXX */ - - krb_kdctimeofday(&tv); - if (abs((int)(tv.tv_sec - cred.issue_date)) > CLOCK_SKEW) { - return RD_AP_TIME; /* XXX should probably be better code */ - } - - - kerror = save_credentials(cred.service, cred.instance, cred.realm, - cred.session, cred.lifetime, cred.kvno, - &cred.ticket_st, tv.tv_sec); - return kerror; - } -} diff --git a/crypto/kerberosIV/lib/krb/get_cred.c b/crypto/kerberosIV/lib/krb/get_cred.c deleted file mode 100644 index 085184b..0000000 --- a/crypto/kerberosIV/lib/krb/get_cred.c +++ /dev/null @@ -1,70 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: get_cred.c,v 1.7 1997/12/15 17:12:55 assar Exp $"); - -/* - * krb_get_cred takes a service name, instance, and realm, and a - * structure of type CREDENTIALS to be filled in with ticket - * information. It then searches the ticket file for the appropriate - * ticket and fills in the structure with the corresponding - * information from the file. If successful, it returns KSUCCESS. - * On failure it returns a Kerberos error code. - */ - -int -krb_get_cred(char *service, /* Service name */ - char *instance, /* Instance */ - char *realm, /* Auth domain */ - CREDENTIALS *c) /* Credentials struct */ -{ - int tf_status; /* return value of tf function calls */ - CREDENTIALS cr; - - if (c == NULL) - c = &cr; - - /* Open ticket file and lock it for shared reading */ - if ((tf_status = tf_init(TKT_FILE, R_TKT_FIL)) != KSUCCESS) - return(tf_status); - - /* Copy principal's name and instance into the CREDENTIALS struc c */ - - if ( (tf_status = tf_get_pname(c->pname)) != KSUCCESS || - (tf_status = tf_get_pinst(c->pinst)) != KSUCCESS ) - return (tf_status); - - /* Search for requested service credentials and copy into c */ - - while ((tf_status = tf_get_cred(c)) == KSUCCESS) { - if ((strcmp(c->service,service) == 0) && - (strcmp(c->instance,instance) == 0) && - (strcmp(c->realm,realm) == 0)) - break; - } - tf_close(); - - if (tf_status == EOF) - return (GC_NOTKT); - return(tf_status); -} diff --git a/crypto/kerberosIV/lib/krb/get_default_principal.c b/crypto/kerberosIV/lib/krb/get_default_principal.c deleted file mode 100644 index 860f237..0000000 --- a/crypto/kerberosIV/lib/krb/get_default_principal.c +++ /dev/null @@ -1,86 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: get_default_principal.c,v 1.14.2.1 2000/06/23 03:29:10 assar Exp $"); - -int -krb_get_default_principal(char *name, char *instance, char *realm) -{ - char *file; - int ret; - char *p; - - file = tkt_string (); - - ret = krb_get_tf_fullname(file, name, instance, realm); - if(ret == KSUCCESS) - return 0; - - p = getenv("KRB4PRINCIPAL"); - if(p && kname_parse(name, instance, realm, p) == KSUCCESS) - return 1; - -#ifdef HAVE_PWD_H - { - struct passwd *pw; - pw = getpwuid(getuid()); - if(pw == NULL){ - return -1; - } - - strlcpy (name, pw->pw_name, ANAME_SZ); - strlcpy (instance, "", INST_SZ); - krb_get_lrealm(realm, 1); - - if(strcmp(name, "root") == 0) { - p = NULL; -#if defined(HAVE_GETLOGIN) && !defined(POSIX_GETLOGIN) - p = getlogin(); -#endif - if(p == NULL) - p = getenv("USER"); - if(p == NULL) - p = getenv("LOGNAME"); - if(p){ - strlcpy (name, p, ANAME_SZ); - strlcpy (instance, "root", INST_SZ); - } - } - return 1; - } -#else - return -1; -#endif -} diff --git a/crypto/kerberosIV/lib/krb/get_host.c b/crypto/kerberosIV/lib/krb/get_host.c deleted file mode 100644 index 0eb2224..0000000 --- a/crypto/kerberosIV/lib/krb/get_host.c +++ /dev/null @@ -1,387 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: get_host.c,v 1.48 1999/12/02 16:58:41 joda Exp $"); - -static struct host_list { - struct krb_host *this; - struct host_list *next; -} *hosts; - -static int krb_port = 0; - -static void -free_hosts(struct host_list *h) -{ - struct host_list *t; - while(h){ - if(h->this->realm) - free(h->this->realm); - if(h->this->host) - free(h->this->host); - t = h; - h = h->next; - free(t); - } -} - -static int -parse_address(char *address, enum krb_host_proto *proto, - char **host, int *port) -{ - char *p, *q; - int default_port = krb_port; - *proto = PROTO_UDP; - if(strncmp(address, "http://", 7) == 0){ - p = address + 7; - *proto = PROTO_HTTP; - default_port = 80; - }else{ - p = strchr(address, '/'); - if(p){ - char prot[32]; - strlcpy (prot, address, - min(p - address + 1, sizeof(prot))); - if(strcasecmp(prot, "udp") == 0) - *proto = PROTO_UDP; - else if(strcasecmp(prot, "tcp") == 0) - *proto = PROTO_TCP; - else if(strcasecmp(prot, "http") == 0) { - *proto = PROTO_HTTP; - default_port = 80; - } else - krb_warning("Unknown protocol `%s', Using default `udp'.\n", - prot); - p++; - }else - p = address; - } - q = strchr(p, ':'); - if(q) { - *host = malloc(q - p + 1); - if (*host == NULL) - return -1; - strlcpy (*host, p, q - p + 1); - q++; - { - struct servent *sp = getservbyname(q, NULL); - if(sp) - *port = ntohs(sp->s_port); - else - if(sscanf(q, "%d", port) != 1){ - krb_warning("Bad port specification `%s', using port %d.", - q, krb_port); - *port = krb_port; - } - } - } else { - *port = default_port; - q = strchr(p, '/'); - if (q) { - *host = malloc(q - p + 1); - if (*host == NULL) - return -1; - strlcpy (*host, p, q - p + 1); - } else { - *host = strdup(p); - if(*host == NULL) - return -1; - } - } - return 0; -} - -static int -add_host(const char *realm, char *address, int admin, int validate) -{ - struct krb_host *host; - struct host_list *p, **last = &hosts; - - host = (struct krb_host*)malloc(sizeof(struct krb_host)); - if (host == NULL) - return 1; - if(parse_address(address, &host->proto, &host->host, &host->port) < 0) { - free(host); - return 1; - } - if (validate) { - if (krb_dns_debug) - krb_warning("Getting host entry for %s...", host->host); - if (gethostbyname(host->host) == NULL) { - if (krb_dns_debug) - krb_warning("Didn't get it.\n"); - free(host->host); - free(host); - return 1; - } - else if (krb_dns_debug) - krb_warning("Got it.\n"); - } - host->admin = admin; - for(p = hosts; p; p = p->next){ - if(strcmp(realm, p->this->realm) == 0 && - strcmp(host->host, p->this->host) == 0 && - host->proto == p->this->proto && - host->port == p->this->port){ - free(host->host); - free(host); - return 1; - } - last = &p->next; - } - host->realm = strdup(realm); - if (host->realm == NULL) { - free(host->host); - free(host); - return 1; - } - p = (struct host_list*)malloc(sizeof(struct host_list)); - if (p == NULL) { - free(host->realm); - free(host->host); - free(host); - return 1; - } - p->this = host; - p->next = NULL; - *last = p; - return 0; -} - -static int -read_file(const char *filename, const char *r) -{ - char line[1024]; - int nhosts = 0; - FILE *f = fopen(filename, "r"); - - if(f == NULL) - return -1; - while(fgets(line, sizeof(line), f) != NULL) { - char *realm, *address, *admin; - char *save; - - realm = strtok_r (line, " \t\n\r", &save); - if (realm == NULL) - continue; - if (strcmp(realm, r)) - continue; - address = strtok_r (NULL, " \t\n\r", &save); - if (address == NULL) - continue; - admin = strtok_r (NULL, " \t\n\r", &save); - if (add_host(realm, - address, - admin != NULL && strcasecmp(admin, "admin") == 0, - 0) == 0) - ++nhosts; - } - fclose(f); - return nhosts; -} - -#if 0 -static int -read_cellservdb (const char *filename, const char *realm) -{ - char line[1024]; - FILE *f = fopen (filename, "r"); - int nhosts = 0; - - if (f == NULL) - return -1; - while (fgets (line, sizeof(line), f) != NULL) { - if (line[0] == '>' - && strncasecmp (line + 1, realm, strlen(realm)) == 0) { - while (fgets (line, sizeof(line), f) != NULL && *line != '>') { - char *hash; - - if (line [strlen(line) - 1] == '\n') - line [strlen(line) - 1] = '\0'; - - hash = strchr (line, '#'); - - if (hash != NULL - && add_host (realm, hash + 1, 0, 0) == 0) - ++nhosts; - } - break; - } - } - fclose (f); - return nhosts; -} -#endif - -static int -init_hosts(char *realm) -{ - int i, j, ret = 0; - char file[MaxPathLen]; - - /* - * proto should really be NULL, but there are libraries out there - * that don't like that so we use "udp" instead. - */ - - krb_port = ntohs(k_getportbyname (KRB_SERVICE, "udp", htons(KRB_PORT))); - for(i = 0; krb_get_krbconf(i, file, sizeof(file)) == 0; i++) { - j = read_file(file, realm); - if (j > 0) ret += j; - } - return ret; -} - -static void -srv_find_realm(char *realm, char *proto, char *service) -{ - char *domain; - struct dns_reply *r; - struct resource_record *rr; - - roken_mconcat(&domain, 1024, service, ".", proto, ".", realm, ".", NULL); - - if(domain == NULL) - return; - - r = dns_lookup(domain, "srv"); - if(r == NULL) - r = dns_lookup(domain, "txt"); - if(r == NULL){ - free(domain); - return; - } - for(rr = r->head; rr; rr = rr->next){ - if(rr->type == T_SRV){ - char buf[1024]; - - if (snprintf (buf, - sizeof(buf), - "%s/%s:%u", - proto, - rr->u.srv->target, - rr->u.srv->port) < sizeof(buf)) - add_host(realm, buf, 0, 0); - }else if(rr->type == T_TXT) - add_host(realm, rr->u.txt, 0, 0); - } - dns_free_data(r); - free(domain); -} - -struct krb_host* -krb_get_host(int nth, const char *realm, int admin) -{ - struct host_list *p; - static char orealm[REALM_SZ]; - - if(orealm[0] == 0 || strcmp(realm, orealm)){ - /* quick optimization */ - if(realm && realm[0]){ - strlcpy (orealm, realm, sizeof(orealm)); - }else{ - int ret = krb_get_lrealm(orealm, 1); - if(ret != KSUCCESS) - return NULL; - } - - if(hosts){ - free_hosts(hosts); - hosts = NULL; - } - - if (init_hosts(orealm) < nth) { - srv_find_realm(orealm, "udp", KRB_SERVICE); - srv_find_realm(orealm, "tcp", KRB_SERVICE); - srv_find_realm(orealm, "http", KRB_SERVICE); - - { - char *host; - int i = 0; - - asprintf(&host, "kerberos.%s.", orealm); - if (host == NULL) { - free_hosts(hosts); - hosts = NULL; - return NULL; - } - add_host(orealm, host, 1, 1); - do { - i++; - free(host); - asprintf(&host, "kerberos-%d.%s.", i, orealm); - } while(host != NULL - && i < 100000 - && add_host(orealm, host, 0, 1) == 0); - free(host); - } - } -#if 0 - read_cellservdb ("/usr/vice/etc/CellServDB", orealm); - read_cellservdb ("/usr/arla/etc/CellServDB", orealm); -#endif - } - - for(p = hosts; p; p = p->next){ - if(strcmp(orealm, p->this->realm) == 0 && - (!admin || p->this->admin)) { - if(nth == 1) - return p->this; - else - nth--; - } - } - return NULL; -} - -int -krb_get_krbhst(char *host, char *realm, int nth) -{ - struct krb_host *p = krb_get_host(nth, realm, 0); - if(p == NULL) - return KFAILURE; - strlcpy (host, p->host, MaxHostNameLen); - return KSUCCESS; -} - -int -krb_get_admhst(char *host, char *realm, int nth) -{ - struct krb_host *p = krb_get_host(nth, realm, 1); - if(p == NULL) - return KFAILURE; - strlcpy (host, p->host, MaxHostNameLen); - return KSUCCESS; -} diff --git a/crypto/kerberosIV/lib/krb/get_in_tkt.c b/crypto/kerberosIV/lib/krb/get_in_tkt.c deleted file mode 100644 index 9b40508..0000000 --- a/crypto/kerberosIV/lib/krb/get_in_tkt.c +++ /dev/null @@ -1,188 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: get_in_tkt.c,v 1.24 1999/11/25 05:22:43 assar Exp $"); - -/* - * This file contains three routines: passwd_to_key() and - * passwd_to_afskey() converts a password into a DES key, using the - * normal strinttokey and the AFS one, respectively, and - * krb_get_pw_in_tkt() gets an initial ticket for a user. - */ - -/* - * passwd_to_key() and passwd_to_afskey: given a password, return a DES key. - */ - -int -passwd_to_key(const char *user, - const char *instance, - const char *realm, - const void *passwd, - des_cblock *key) -{ -#ifndef NOENCRYPTION - des_string_to_key((char *)passwd, key); -#endif - return 0; -} - -int -passwd_to_5key(const char *user, - const char *instance, - const char *realm, - const void *passwd, - des_cblock *key) -{ - char *p; - size_t len; - len = roken_mconcat (&p, 512, passwd, realm, user, instance, NULL); - if(len == 0) - return -1; - des_string_to_key(p, key); - memset(p, 0, len); - free(p); - return 0; -} - - -int -passwd_to_afskey(const char *user, - const char *instance, - const char *realm, - const void *passwd, - des_cblock *key) -{ -#ifndef NOENCRYPTION - afs_string_to_key(passwd, realm, key); -#endif - return (0); -} - -/* - * krb_get_pw_in_tkt() takes the name of the server for which the initial - * ticket is to be obtained, the name of the principal the ticket is - * for, the desired lifetime of the ticket, and the user's password. - * It passes its arguments on to krb_get_in_tkt(), which contacts - * Kerberos to get the ticket, decrypts it using the password provided, - * and stores it away for future use. - * - * krb_get_pw_in_tkt() passes two additional arguments to krb_get_in_tkt(): - * the name of a routine (passwd_to_key()) to be used to get the - * password in case the "password" argument is null and NULL for the - * decryption procedure indicating that krb_get_in_tkt should use the - * default method of decrypting the response from the KDC. - * - * The result of the call to krb_get_in_tkt() is returned. - */ - -typedef int (*const_key_proc_t) __P((const char *name, - const char *instance, /* IN parameter */ - const char *realm, - const void *password, - des_cblock *key)); - -int -krb_get_pw_in_tkt2(const char *user, - const char *instance, - const char *realm, - const char *service, - const char *sinstance, - int life, - const char *password, - des_cblock *key) -{ - char pword[100]; /* storage for the password */ - int code; - - /* Only request password once! */ - if (!password) { - if (des_read_pw_string(pword, sizeof(pword)-1, "Password: ", 0)){ - memset(pword, 0, sizeof(pword)); - return INTK_BADPW; - } - password = pword; - } - - { - KTEXT_ST as_rep; - CREDENTIALS cred; - int ret = 0; - const_key_proc_t key_procs[] = { passwd_to_key, - passwd_to_afskey, - passwd_to_5key, - NULL }; - const_key_proc_t *kp; - - code = krb_mk_as_req(user, instance, realm, - service, sinstance, life, &as_rep); - if(code) - return code; - for(kp = key_procs; *kp; kp++){ - KTEXT_ST tmp; - memcpy(&tmp, &as_rep, sizeof(as_rep)); - code = krb_decode_as_rep(user, - (char *)instance, /* const_key_proc_t */ - realm, - service, - sinstance, - (key_proc_t)*kp, /* const_key_proc_t */ - NULL, - password, - &tmp, - &cred); - if(code == 0){ - if(key) - (**kp)(user, instance, realm, password, key); - break; - } - if(code != INTK_BADPW) - ret = code; /* this is probably a better code than - what code gets after this loop */ - } - if(code) - return ret ? ret : code; - - code = tf_setup(&cred, user, instance); - if (code == KSUCCESS) { - if (krb_get_config_bool("nat_in_use")) - krb_add_our_ip_for_realm(user, instance, realm, password); - } - } - if (password == pword) - memset(pword, 0, sizeof(pword)); - return(code); -} - -int -krb_get_pw_in_tkt(const char *user, - const char *instance, - const char *realm, - const char *service, - const char *sinstance, - int life, - const char *password) -{ - return krb_get_pw_in_tkt2(user, instance, realm, - service, sinstance, life, password, NULL); -} diff --git a/crypto/kerberosIV/lib/krb/get_krbrlm.c b/crypto/kerberosIV/lib/krb/get_krbrlm.c deleted file mode 100644 index a6b0ba9..0000000 --- a/crypto/kerberosIV/lib/krb/get_krbrlm.c +++ /dev/null @@ -1,137 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: get_krbrlm.c,v 1.25 1999/12/02 16:58:41 joda Exp $"); - -/* - * krb_get_lrealm takes a pointer to a string, and a number, n. It fills - * in the string, r, with the name of the nth realm specified on the - * first line of the kerberos config file (KRB_CONF, defined in "krb.h"). - * It returns 0 (KSUCCESS) on success, and KFAILURE on failure. If the - * config file does not exist, and if n=1, a successful return will occur - * with r = KRB_REALM (also defined in "krb.h"). - * - * For the format of the KRB_CONF file, see comments describing the routine - * krb_get_krbhst(). - */ - -static int -krb_get_lrealm_f(char *r, int n, const char *fname) -{ - char buf[1024]; - char *p; - int nchar; - FILE *f; - int ret = KFAILURE; - - if (n < 0) - return KFAILURE; - if(n == 0) - n = 1; - - f = fopen(fname, "r"); - if (f == 0) - return KFAILURE; - - for (; n > 0; n--) - if (fgets(buf, sizeof(buf), f) == 0) - goto done; - - /* We now have the n:th line, remove initial white space. */ - p = buf + strspn(buf, " \t"); - - /* Collect realmname. */ - nchar = strcspn(p, " \t\n"); - if (nchar == 0 || nchar > REALM_SZ) - goto done; /* No realmname */ - strncpy(r, p, nchar); - r[nchar] = 0; - - /* Does more junk follow? */ - p += nchar; - nchar = strspn(p, " \t\n"); - if (p[nchar] == 0) - ret = KSUCCESS; /* This was a realm name only line. */ - - done: - fclose(f); - return ret; -} - -static const char *no_default_realm = "NO.DEFAULT.REALM"; - -int -krb_get_lrealm(char *r, int n) -{ - int i; - char file[MaxPathLen]; - - for (i = 0; krb_get_krbconf(i, file, sizeof(file)) == 0; i++) - if (krb_get_lrealm_f(r, n, file) == KSUCCESS) - return KSUCCESS; - - /* When nothing else works try default realm */ - if (n == 1) { - char *t = krb_get_default_realm(); - - if (strcmp(t, no_default_realm) == 0) - return KFAILURE; /* Can't figure out default realm */ - - strcpy(r, t); - return KSUCCESS; - } - else - return(KFAILURE); -} - -/* Returns local realm if that can be figured out else NO.DEFAULT.REALM */ -char * -krb_get_default_realm(void) -{ - static char local_realm[REALM_SZ]; /* Local kerberos realm */ - - if (local_realm[0] == 0) { - char *t, hostname[MaxHostNameLen]; - - strlcpy(local_realm, no_default_realm, - sizeof(local_realm)); /* Provide default */ - - gethostname(hostname, sizeof(hostname)); - t = krb_realmofhost(hostname); - if (t && strcmp(t, no_default_realm) != 0) - strlcpy(local_realm, t, sizeof(local_realm)); - } - return local_realm; -} diff --git a/crypto/kerberosIV/lib/krb/get_svc_in_tkt.c b/crypto/kerberosIV/lib/krb/get_svc_in_tkt.c deleted file mode 100644 index daf7ae1..0000000 --- a/crypto/kerberosIV/lib/krb/get_svc_in_tkt.c +++ /dev/null @@ -1,79 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: get_svc_in_tkt.c,v 1.9 1999/06/29 21:18:04 bg Exp $"); - -/* - * This file contains two routines: srvtab_to_key(), which gets - * a server's key from a srvtab file, and krb_get_svc_in_tkt() which - * gets an initial ticket for a server. - */ - -/* - * srvtab_to_key(): given a "srvtab" file (where the keys for the - * service on a host are stored), return the private key of the - * given service (user.instance@realm). - * - * srvtab_to_key() passes its arguments on to read_service_key(), - * plus one additional argument, the key version number. - * (Currently, the key version number is always 0; this value - * is treated as a wildcard by read_service_key().) - * - * If the "srvtab" argument is null, KEYFILE (defined in "krb.h") - * is passed in its place. - * - * It returns the return value of the read_service_key() call. - * The service key is placed in "key". - */ - -int -srvtab_to_key(const char *user, - char *instance, - const char *realm, - const void *srvtab, - des_cblock *key) -{ - if (!srvtab) - srvtab = KEYFILE; - - return(read_service_key(user, instance, realm, 0, (char *)srvtab, - (char *)key)); -} - -/* - * krb_get_svc_in_tkt() passes its arguments on to krb_get_in_tkt(), - * plus two additional arguments: a pointer to the srvtab_to_key() - * function to be used to get the key from the key file and a NULL - * for the decryption procedure indicating that krb_get_in_tkt should - * use the default method of decrypting the response from the KDC. - * - * It returns the return value of the krb_get_in_tkt() call. - */ - -int -krb_get_svc_in_tkt(char *user, char *instance, char *realm, char *service, - char *sinstance, int life, char *srvtab) -{ - return(krb_get_in_tkt(user, instance, realm, service, sinstance, - life, srvtab_to_key, NULL, srvtab)); -} diff --git a/crypto/kerberosIV/lib/krb/get_tf_fullname.c b/crypto/kerberosIV/lib/krb/get_tf_fullname.c deleted file mode 100644 index 75688b0..0000000 --- a/crypto/kerberosIV/lib/krb/get_tf_fullname.c +++ /dev/null @@ -1,70 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: get_tf_fullname.c,v 1.8 1999/09/16 20:41:51 assar Exp $"); - -/* - * This file contains a routine to extract the fullname of a user - * from the ticket file. - */ - -/* - * krb_get_tf_fullname() takes four arguments: the name of the - * ticket file, and variables for name, instance, and realm to be - * returned in. Since the realm of a ticket file is not really fully - * supported, the realm used will be that of the the first ticket in - * the file as this is the one that was obtained with a password by - * krb_get_in_tkt(). - */ - -int -krb_get_tf_fullname(char *ticket_file, char *name, char *instance, char *realm) -{ - int tf_status; - CREDENTIALS c; - - if ((tf_status = tf_init(ticket_file, R_TKT_FIL)) != KSUCCESS) - return(tf_status); - - if (((tf_status = tf_get_pname(c.pname)) != KSUCCESS) || - ((tf_status = tf_get_pinst(c.pinst)) != KSUCCESS)) - return (tf_status); - - if (name) - strlcpy (name, c.pname, ANAME_SZ); - if (instance) - strlcpy (instance, c.pinst, INST_SZ); - if ((tf_status = tf_get_cred(&c)) == KSUCCESS) { - if (realm) - strlcpy (realm, c.realm, REALM_SZ); - } - else { - if (tf_status == EOF) - return(KFAILURE); - else - return(tf_status); - } - tf_close(); - - return(tf_status); -} diff --git a/crypto/kerberosIV/lib/krb/get_tf_realm.c b/crypto/kerberosIV/lib/krb/get_tf_realm.c deleted file mode 100644 index 1a3c7d1..0000000 --- a/crypto/kerberosIV/lib/krb/get_tf_realm.c +++ /dev/null @@ -1,41 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: get_tf_realm.c,v 1.5 1997/03/23 03:53:10 joda Exp $"); - -/* - * This file contains a routine to extract the realm of a kerberos - * ticket file. - */ - -/* - * krb_get_tf_realm() takes two arguments: the name of a ticket - * and a variable to store the name of the realm in. - * - */ - -int -krb_get_tf_realm(char *ticket_file, char *realm) -{ - return(krb_get_tf_fullname(ticket_file, 0, 0, realm)); -} diff --git a/crypto/kerberosIV/lib/krb/getaddrs.c b/crypto/kerberosIV/lib/krb/getaddrs.c deleted file mode 100644 index c4ee6ad..0000000 --- a/crypto/kerberosIV/lib/krb/getaddrs.c +++ /dev/null @@ -1,156 +0,0 @@ -/* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - -#include "krb_locl.h" - -RCSID("$Id: getaddrs.c,v 1.28.2.1 2000/06/23 03:29:53 assar Exp $"); - -#if defined(HAVE_SYS_IOCTL_H) && SunOS != 40 -#include <sys/ioctl.h> -#endif -#ifdef HAVE_NET_IF_H -#ifdef __osf__ -struct rtentry; -struct mbuf; -#endif -#ifdef _AIX -#undef __P /* XXX hack for AIX 4.3 */ -#endif -#include <net/if.h> -#endif - -#ifdef HAVE_SYS_SOCKIO_H -#include <sys/sockio.h> -#endif /* HAVE_SYS_SOCKIO_H */ - -/* - * Return number and list of all local adresses. - */ - -int -k_get_all_addrs (struct in_addr **l) -{ -#if !defined(SIOCGIFCONF) || !defined(SIOCGIFFLAGS) || !defined(SIOCGIFADDR) - char name[MaxHostNameLen]; - struct hostent *he; - - if (gethostname(name, sizeof(name)) < 0) - return -1; - he = gethostbyname (name); - if (he == NULL) - return -1; - *l = malloc(sizeof(**l)); - if (*l == NULL) - return -1; - memcpy (*l, he->h_addr_list[0], sizeof(*l)); - return 1; -#else - int fd; - char *inbuf = NULL; - size_t in_len = 8192; - struct ifreq ifreq; - struct ifconf ifconf; - int num, j; - char *p; - size_t sz; - - *l = NULL; - fd = socket(AF_INET, SOCK_DGRAM, 0); - if (fd < 0) - return -1; - - for(;;) { - void *tmp; - - tmp = realloc (inbuf, in_len); - if (tmp == NULL) - goto fail; - inbuf = tmp; - - ifconf.ifc_len = in_len; - ifconf.ifc_buf = inbuf; - - /* - * Solaris returns EINVAL when the buffer is too small. - */ - - if(ioctl(fd, SIOCGIFCONF, &ifconf) < 0 && errno != EINVAL) - goto fail; - if(ifconf.ifc_len + sizeof(ifreq) < in_len) - break; - in_len *= 2; - } - num = ifconf.ifc_len / sizeof(struct ifreq); - *l = malloc(num * sizeof(struct in_addr)); - if(*l == NULL) - goto fail; - - j = 0; - ifreq.ifr_name[0] = '\0'; - for (p = ifconf.ifc_buf; p < ifconf.ifc_buf + ifconf.ifc_len; p += sz) { - struct ifreq *ifr = (struct ifreq *)p; - sz = sizeof(*ifr); -#ifdef HAVE_STRUCT_SOCKADDR_SA_LEN - sz = max(sz, sizeof(ifr->ifr_name) + ifr->ifr_addr.sa_len); -#endif - - if(strncmp(ifreq.ifr_name, ifr->ifr_name, sizeof(ifr->ifr_name))) { - if(ioctl(fd, SIOCGIFFLAGS, ifr) < 0) - continue; - if (ifr->ifr_flags & IFF_UP) { - if(ioctl(fd, SIOCGIFADDR, ifr) < 0) - continue; - (*l)[j++] = ((struct sockaddr_in *)&ifr->ifr_addr)->sin_addr; - } - memcpy(&ifreq, ifr, sizeof(ifreq)); - } - } - if (j != num) { - void *tmp; - tmp = realloc (*l, j * sizeof(struct in_addr)); - if(tmp == NULL) - goto fail; - *l = tmp; - } - close (fd); - free(inbuf); - return j; -fail: - close(fd); - free(inbuf); - free(*l); - return -1; -#endif /* SIOCGIFCONF */ -} diff --git a/crypto/kerberosIV/lib/krb/getfile.c b/crypto/kerberosIV/lib/krb/getfile.c deleted file mode 100644 index 7684aee..0000000 --- a/crypto/kerberosIV/lib/krb/getfile.c +++ /dev/null @@ -1,91 +0,0 @@ -/* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: getfile.c,v 1.5.2.1 2000/12/07 17:04:48 assar Exp $"); - -static int -is_suid(void) -{ - int ret = 0; -#ifdef HAVE_GETUID - ret |= getuid() != geteuid(); -#endif -#ifdef HAVE_GETGID - ret |= getgid() != getegid(); -#endif - return ret; -} - -static int -get_file(const char **files, int num, const char *file, char *buf, size_t len) -{ - const char *p, **q; - int i = 0; - if(getuid() != 0 && !is_suid() && (p = getenv("KRBCONFDIR"))){ - if(num == i){ - snprintf(buf, len, "%s/%s", p, file); - return 0; - } - i++; - } - for(q = files; *q; q++, i++){ - if(num == i){ - snprintf(buf, len, "%s", *q); - return 0; - } - } - return -1; -} - -int -krb_get_krbconf(int num, char *buf, size_t len) -{ - const char *files[] = KRB_CNF_FILES; - return get_file(files, num, "krb.conf", buf, len); -} - -int -krb_get_krbrealms(int num, char *buf, size_t len) -{ - const char *files[] = KRB_RLM_FILES; - return get_file(files, num, "krb.realms", buf, len); -} - -int -krb_get_krbextra(int num, char *buf, size_t len) -{ - const char *files[] = { "/etc/krb.extra", NULL }; - return get_file(files, num, "krb.extra", buf, len); -} diff --git a/crypto/kerberosIV/lib/krb/getrealm.c b/crypto/kerberosIV/lib/krb/getrealm.c deleted file mode 100644 index 2dcb4cf..0000000 --- a/crypto/kerberosIV/lib/krb/getrealm.c +++ /dev/null @@ -1,185 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: getrealm.c,v 1.36 1999/09/16 20:41:51 assar Exp $"); - -#ifndef MATCH_SUBDOMAINS -#define MATCH_SUBDOMAINS 0 -#endif - -/* - * krb_realmofhost. - * Given a fully-qualified domain-style primary host name, - * return the name of the Kerberos realm for the host. - * If the hostname contains no discernable domain, or an error occurs, - * return the local realm name, as supplied by get_krbrlm(). - * If the hostname contains a domain, but no translation is found, - * the hostname's domain is converted to upper-case and returned. - * - * The format of each line of the translation file is: - * domain_name kerberos_realm - * -or- - * host_name kerberos_realm - * - * domain_name should be of the form .XXX.YYY (e.g. .LCS.MIT.EDU) - * host names should be in the usual form (e.g. FOO.BAR.BAZ) - */ - -/* To automagically find the correct realm of a host (without - * krb.realms) add a text record for your domain with the name of your - * realm, like this: - * - * krb4-realm IN TXT FOO.SE - * - * The search is recursive, so you can also add entries for specific - * hosts. To find the realm of host a.b.c, it first tries - * krb4-realm.a.b.c, then krb4-realm.b.c and so on. - */ - -static int -dns_find_realm(char *hostname, char *realm) -{ - char domain[MaxHostNameLen + sizeof("krb4-realm..")]; - char *p; - int level = 0; - struct dns_reply *r; - - p = hostname; - - while(1){ - snprintf(domain, sizeof(domain), "krb4-realm.%s.", p); - p = strchr(p, '.'); - if(p == NULL) - break; - p++; - r = dns_lookup(domain, "TXT"); - if(r){ - struct resource_record *rr = r->head; - while(rr){ - if(rr->type == T_TXT){ - strlcpy(realm, rr->u.txt, REALM_SZ); - dns_free_data(r); - return level; - } - rr = rr->next; - } - dns_free_data(r); - } - level++; - } - return -1; -} - - -static FILE * -open_krb_realms(void) -{ - int i; - char file[MaxPathLen]; - FILE *res; - - for(i = 0; krb_get_krbrealms(i, file, sizeof(file)) == 0; i++) - if ((res = fopen(file, "r")) != NULL) - return res; - return NULL; -} - -static int -file_find_realm(const char *phost, const char *domain, - char *ret_realm, size_t ret_realm_sz) -{ - FILE *trans_file; - char buf[1024]; - int ret = -1; - - if ((trans_file = open_krb_realms()) == NULL) - return -1; - - while (fgets(buf, sizeof(buf), trans_file) != NULL) { - char *save = NULL; - char *tok; - char *tmp_host; - char *tmp_realm; - - tok = strtok_r(buf, " \t\r\n", &save); - if(tok == NULL) - continue; - tmp_host = tok; - tok = strtok_r(NULL, " \t\r\n", &save); - if(tok == NULL) - continue; - tmp_realm = tok; - if (strcasecmp(tmp_host, phost) == 0) { - /* exact match of hostname, so return the realm */ - strlcpy(ret_realm, tmp_realm, ret_realm_sz); - ret = 0; - break; - } - if ((tmp_host[0] == '.') && domain) { - const char *cp = domain; - do { - if(strcasecmp(tmp_host, cp) == 0){ - /* domain match, save for later */ - strlcpy(ret_realm, tmp_realm, ret_realm_sz); - ret = 0; - break; - } - cp = strchr(cp + 1, '.'); - } while(MATCH_SUBDOMAINS && cp); - } - if (ret == 0) - break; - } - fclose(trans_file); - return ret; -} - -char * -krb_realmofhost(const char *host) -{ - static char ret_realm[REALM_SZ]; - char *domain; - char phost[MaxHostNameLen]; - - krb_name_to_name(host, phost, sizeof(phost)); - - domain = strchr(phost, '.'); - - if(file_find_realm(phost, domain, ret_realm, sizeof ret_realm) == 0) - return ret_realm; - - if(dns_find_realm(phost, ret_realm) >= 0) - return ret_realm; - - if (domain) { - char *cp; - - strlcpy(ret_realm, &domain[1], REALM_SZ); - /* Upper-case realm */ - for (cp = ret_realm; *cp; cp++) - *cp = toupper(*cp); - } else { - strncpy(ret_realm, krb_get_default_realm(), REALM_SZ); /* Wild guess */ - } - return ret_realm; -} diff --git a/crypto/kerberosIV/lib/krb/getst.c b/crypto/kerberosIV/lib/krb/getst.c deleted file mode 100644 index de99962..0000000 --- a/crypto/kerberosIV/lib/krb/getst.c +++ /dev/null @@ -1,45 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: getst.c,v 1.6 1997/03/23 03:53:11 joda Exp $"); - -/* - * getst() takes a file descriptor, a string and a count. It reads - * from the file until either it has read "count" characters, or until - * it reads a null byte. When finished, what has been read exists in - * the given string "s". If "count" characters were actually read, the - * last is changed to a null, so the returned string is always null- - * terminated. getst() returns the number of characters read, including - * the null terminator. - */ - -int -getst(int fd, char *s, int n) -{ - int count = n; - while (read(fd, s, 1) > 0 && --count) - if (*s++ == '\0') - return (n - count); - *s = '\0'; - return (n - count); -} diff --git a/crypto/kerberosIV/lib/krb/k_getport.c b/crypto/kerberosIV/lib/krb/k_getport.c deleted file mode 100644 index 063a0b2..0000000 --- a/crypto/kerberosIV/lib/krb/k_getport.c +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: k_getport.c,v 1.11 1999/12/02 16:58:42 joda Exp $"); - -int -k_getportbyname (const char *service, const char *proto, int default_port) -{ -#ifdef HAVE_GETSERVBYNAME - struct servent *sp; - - sp = getservbyname(service, proto); - if(sp != NULL) - return sp->s_port; - - krb_warning ("%s/%s unknown service, using default port %d\n", - service, proto ? proto : "*", ntohs(default_port)); -#endif - return default_port; -} diff --git a/crypto/kerberosIV/lib/krb/k_getsockinst.c b/crypto/kerberosIV/lib/krb/k_getsockinst.c deleted file mode 100644 index 2b0453c..0000000 --- a/crypto/kerberosIV/lib/krb/k_getsockinst.c +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: k_getsockinst.c,v 1.13 1999/12/02 16:58:42 joda Exp $"); - -/* - * Return in inst the name of the local interface bound to socket - * fd. On Failure return the 'wildcard' instance "*". - */ - -int -k_getsockinst(int fd, char *inst, size_t inst_size) -{ - struct sockaddr_in addr; - int len = sizeof(addr); - struct hostent *hnam; - - if (getsockname(fd, (struct sockaddr *)&addr, &len) < 0) - goto fail; - - hnam = gethostbyaddr((char *)&addr.sin_addr, - sizeof(addr.sin_addr), - addr.sin_family); - if (hnam == 0) - goto fail; - - strlcpy (inst, hnam->h_name, inst_size); - k_ricercar(inst); /* Canonicalize name */ - return 0; /* Success */ - - fail: - inst[0] = '*'; - inst[1] = 0; - return -1; -} diff --git a/crypto/kerberosIV/lib/krb/k_localtime.c b/crypto/kerberosIV/lib/krb/k_localtime.c deleted file mode 100644 index e8cbdd6..0000000 --- a/crypto/kerberosIV/lib/krb/k_localtime.c +++ /dev/null @@ -1,43 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: k_localtime.c,v 1.8 1999/12/02 16:58:42 joda Exp $"); - -struct tm *k_localtime(u_int32_t *tp) -{ - time_t t; - t = *tp; - return localtime(&t); -} diff --git a/crypto/kerberosIV/lib/krb/kdc_reply.c b/crypto/kerberosIV/lib/krb/kdc_reply.c deleted file mode 100644 index 888ab16..0000000 --- a/crypto/kerberosIV/lib/krb/kdc_reply.c +++ /dev/null @@ -1,135 +0,0 @@ -/* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: kdc_reply.c,v 1.12.2.2 2000/12/04 14:34:28 assar Exp $"); - -static int little_endian; /* XXX ugly */ - -int -kdc_reply_cred(KTEXT cip, CREDENTIALS *cred) -{ - unsigned char *p = cip->dat; - - memcpy(cred->session, p, 8); - p += 8; - - if(p + strlen((char*)p) > cip->dat + cip->length) - return INTK_BADPW; - p += krb_get_string(p, cred->service, sizeof(cred->service)); - - if(p + strlen((char*)p) > cip->dat + cip->length) - return INTK_BADPW; - p += krb_get_string(p, cred->instance, sizeof(cred->instance)); - - if(p + strlen((char*)p) > cip->dat + cip->length) - return INTK_BADPW; - p += krb_get_string(p, cred->realm, sizeof(cred->realm)); - - if(p + 3 > cip->dat + cip->length) - return INTK_BADPW; - cred->lifetime = *p++; - cred->kvno = *p++; - cred->ticket_st.length = *p++; - - if(p + cred->ticket_st.length + 4 > cip->dat + cip->length) - return INTK_BADPW; - memcpy(cred->ticket_st.dat, p, cred->ticket_st.length); - p += cred->ticket_st.length; - - p += krb_get_int(p, (u_int32_t *)&cred->issue_date, 4, little_endian); - - return KSUCCESS; -} - -int -kdc_reply_cipher(KTEXT reply, KTEXT cip) -{ - unsigned char *p; - unsigned char pvno; - unsigned char type; - - char aname[ANAME_SZ]; - char inst[INST_SZ]; - char realm[REALM_SZ]; - - u_int32_t kdc_time; - u_int32_t exp_date; - u_int32_t clen; - - p = reply->dat; - - pvno = *p++; - - if (pvno != KRB_PROT_VERSION ) - return INTK_PROT; - - type = *p++; - little_endian = type & 1; - - type &= ~1; - - if(type == AUTH_MSG_ERR_REPLY){ - u_int32_t code; - /* skip these fields */ - p += strlen((char*)p) + 1; /* name */ - p += strlen((char*)p) + 1; /* instance */ - p += strlen((char*)p) + 1; /* realm */ - p += 4; /* time */ - p += krb_get_int(p, &code, 4, little_endian); - if(code == 0) - code = KFAILURE; /* things will go bad otherwise */ - return code; - } - if(type != AUTH_MSG_KDC_REPLY) - return INTK_PROT; - - p += krb_get_nir(p, - aname, sizeof(aname), - inst, sizeof(inst), - realm, sizeof(realm)); - p += krb_get_int(p, &kdc_time, 4, little_endian); - p++; /* number of tickets */ - p += krb_get_int(p, &exp_date, 4, little_endian); - p++; /* master key version number */ - p += krb_get_int(p, &clen, 2, little_endian); - if (reply->length - (p - reply->dat) < clen) - return INTK_PROT; - - cip->length = clen; - memcpy(cip->dat, p, clen); - p += clen; - - return KSUCCESS; -} diff --git a/crypto/kerberosIV/lib/krb/klog.h b/crypto/kerberosIV/lib/krb/klog.h deleted file mode 100644 index cee92d9..0000000 --- a/crypto/kerberosIV/lib/krb/klog.h +++ /dev/null @@ -1,47 +0,0 @@ -/* - * $Id: klog.h,v 1.5 1997/05/11 11:05:28 assar Exp $ - * - * Copyright 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - * This file defines the types of log messages logged by klog. Each - * type of message may be selectively turned on or off. - */ - -#ifndef KLOG_DEFS -#define KLOG_DEFS - -#ifndef KRBLOG -#define KRBLOG "/var/log/kerberos.log" /* master server */ -#endif -#ifndef KRBSLAVELOG -#define KRBSLAVELOG "/var/log/kerberos_slave.log" /* slave server */ -#endif -#define NLOGTYPE 100 /* Maximum number of log msg types */ - -#define L_NET_ERR 1 /* Error in network code */ -#define L_NET_INFO 2 /* Info on network activity */ -#define L_KRB_PERR 3 /* Kerberos protocol errors */ -#define L_KRB_PINFO 4 /* Kerberos protocol info */ -#define L_INI_REQ 5 /* Request for initial ticket */ -#define L_NTGT_INTK 6 /* Initial request not for TGT */ -#define L_DEATH_REQ 7 /* Request for server death */ -#define L_TKT_REQ 8 /* All ticket requests using a tgt */ -#define L_ERR_SEXP 9 /* Service expired */ -#define L_ERR_MKV 10 /* Master key version incorrect */ -#define L_ERR_NKY 11 /* User's key is null */ -#define L_ERR_NUN 12 /* Principal not unique */ -#define L_ERR_UNK 13 /* Principal Unknown */ -#define L_ALL_REQ 14 /* All requests */ -#define L_APPL_REQ 15 /* Application requests (using tgt) */ -#define L_KRB_PWARN 16 /* Protocol warning messages */ - -char * klog __P((int type, const char *format, ...)) -#ifdef __GNUC__ -__attribute__ ((format (printf, 2, 3))) -#endif -; - -#endif /* KLOG_DEFS */ diff --git a/crypto/kerberosIV/lib/krb/kntoln.c b/crypto/kerberosIV/lib/krb/kntoln.c deleted file mode 100644 index 86e5205..0000000 --- a/crypto/kerberosIV/lib/krb/kntoln.c +++ /dev/null @@ -1,177 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -/* - * krb_kntoln converts an auth name into a local name by looking up - * the auth name in the /etc/aname file. The format of the aname - * file is: - * - * +-----+-----+-----+-----+------+----------+-------+-------+ - * | anl | inl | rll | lnl | name | instance | realm | lname | - * +-----+-----+-----+-----+------+----------+-------+-------+ - * | 1by | 1by | 1by | 1by | name | instance | realm | lname | - * +-----+-----+-----+-----+------+----------+-------+-------+ - * - * If the /etc/aname file can not be opened it will set the - * local name to the auth name. Thus, in this case it performs as - * the identity function. - * - * The name instance and realm are passed to krb_kntoln through - * the AUTH_DAT structure (ad). - * - * Now here's what it *really* does: - * - * Given a Kerberos name in an AUTH_DAT structure, check that the - * instance is null, and that the realm is the same as the local - * realm, and return the principal's name in "lname". Return - * KSUCCESS if all goes well, otherwise KFAILURE. - */ - -#include "krb_locl.h" - -RCSID("$Id: kntoln.c,v 1.10 1998/06/09 19:25:21 joda Exp $"); - -int -krb_kntoln(AUTH_DAT *ad, char *lname) -{ - static char lrealm[REALM_SZ] = ""; - - if (!(*lrealm) && (krb_get_lrealm(lrealm,1) == KFAILURE)) - return(KFAILURE); - - if (strcmp(ad->pinst, "")) - return(KFAILURE); - if (strcmp(ad->prealm, lrealm)) - return(KFAILURE); - strcpy(lname, ad->pname); - return(KSUCCESS); -} - -#if 0 -/* Posted to usenet by "Derrick J. Brashear" <shadow+@andrew.cmu.edu> */ - -#include <krb.h> -#include <ndbm.h> -#include <stdio.h> -#include <sys/file.h> -#include <strings.h> -#include <sys/syslog.h> -#include <sys/errno.h> - -extern int errno; -/* - * antoln converts an authentication name into a local name by looking up - * the authentication name in the /etc/aname dbm database. - * - * If the /etc/aname file can not be opened it will set the - * local name to the principal name. Thus, in this case it performs as - * the identity function. - * - * The name instance and realm are passed to antoln through - * the AUTH_DAT structure (ad). - */ - -static char lrealm[REALM_SZ] = ""; - -int -an_to_ln(AUTH_DAT *ad, char *lname) -{ - static DBM *aname = NULL; - char keyname[ANAME_SZ+INST_SZ+REALM_SZ+2]; - - if(!(*lrealm) && (krb_get_lrealm(lrealm,1) == KFAILURE)) - return(KFAILURE); - - if((strcmp(ad->pinst,"") && strcmp(ad->pinst,"root")) || - strcmp(ad->prealm,lrealm)) { - datum val; - datum key; - /* - * Non-local name (or) non-null and non-root instance. - * Look up in dbm file. - */ - if (!aname) { - if ((aname = dbm_open("/etc/aname", O_RDONLY, 0)) - == NULL) return (KFAILURE); - } - /* Construct dbm lookup key. */ - an_to_a(ad, keyname); - key.dptr = keyname; - key.dsize = strlen(keyname)+1; - flock(dbm_dirfno(aname), LOCK_SH); - val = dbm_fetch(aname, key); - flock(dbm_dirfno(aname), LOCK_UN); - if (!val.dptr) { - dbm_close(aname); - return(KFAILURE); - } - /* Got it! */ - strcpy(lname,val.dptr); - return(KSUCCESS); - } else strcpy(lname,ad->pname); - return(KSUCCESS); -} - -void -an_to_a(AUTH_DAT *ad, char *str) -{ - strcpy(str, ad->pname); - if(*ad->pinst) { - strcat(str, "."); - strcat(str, ad->pinst); - } - strcat(str, "@"); - strcat(str, ad->prealm); -} - -/* - * Parse a string of the form "user[.instance][@realm]" - * into a struct AUTH_DAT. - */ - -int -a_to_an(char *str, AUTH_DAT *ad) -{ - char *buf = (char *)malloc(strlen(str)+1); - char *rlm, *inst, *princ; - - if(!(*lrealm) && (krb_get_lrealm(lrealm,1) == KFAILURE)) { - free(buf); - return(KFAILURE); - } - /* destructive string hacking is more fun.. */ - strcpy(buf, str); - - if (rlm = index(buf, '@')) { - *rlm++ = '\0'; - } - if (inst = index(buf, '.')) { - *inst++ = '\0'; - } - strcpy(ad->pname, buf); - if(inst) strcpy(ad->pinst, inst); - else *ad->pinst = '\0'; - if (rlm) strcpy(ad->prealm, rlm); - else strcpy(ad->prealm, lrealm); - free(buf); - return(KSUCCESS); -} -#endif diff --git a/crypto/kerberosIV/lib/krb/krb-archaeology.h b/crypto/kerberosIV/lib/krb/krb-archaeology.h deleted file mode 100644 index 0757996..0000000 --- a/crypto/kerberosIV/lib/krb/krb-archaeology.h +++ /dev/null @@ -1,131 +0,0 @@ -/* - * $Id: krb-archaeology.h,v 1.2 1997/12/05 02:04:44 joda Exp $ - * - * Most of the cruft in this file is probably: - * - * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute - * of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - */ - -#ifndef __KRB_ARCHAEOLOGY_H__ -#define __KRB_ARCHAEOLOGY_H__ - -/* Compare x and y in VAX byte order, result is -1, 0 or 1. */ - -#define krb_lsb_antinet_ulong_less(x, y) (((x) == (y)) ? 0 : krb_lsb_antinet_ulong_cmp(x, y)) - -#define krb_lsb_antinet_ushort_less(x, y) (((x) == (y)) ? 0 : krb_lsb_antinet_ushort_cmp(x, y)) - -int krb_lsb_antinet_ulong_cmp(u_int32_t x, u_int32_t y); -int krb_lsb_antinet_ushort_cmp(u_int16_t x, u_int16_t y); -u_int32_t lsb_time(time_t t, struct sockaddr_in *src, struct sockaddr_in *dst); - -/* Macro's to obtain various fields from a packet */ - -#define pkt_version(packet) (unsigned int) *(packet->dat) -#define pkt_msg_type(packet) (unsigned int) *(packet->dat+1) -#define pkt_a_name(packet) (packet->dat+2) -#define pkt_a_inst(packet) \ - (packet->dat+3+strlen((char *)pkt_a_name(packet))) -#define pkt_a_realm(packet) \ - (pkt_a_inst(packet)+1+strlen((char *)pkt_a_inst(packet))) - -/* Macro to obtain realm from application request */ -#define apreq_realm(auth) (auth->dat + 3) - -#define pkt_time_ws(packet) (char *) \ - (packet->dat+5+strlen((char *)pkt_a_name(packet)) + \ - strlen((char *)pkt_a_inst(packet)) + \ - strlen((char *)pkt_a_realm(packet))) - -#define pkt_no_req(packet) (unsigned short) \ - *(packet->dat+9+strlen((char *)pkt_a_name(packet)) + \ - strlen((char *)pkt_a_inst(packet)) + \ - strlen((char *)pkt_a_realm(packet))) -#define pkt_x_date(packet) (char *) \ - (packet->dat+10+strlen((char *)pkt_a_name(packet)) + \ - strlen((char *)pkt_a_inst(packet)) + \ - strlen((char *)pkt_a_realm(packet))) -#define pkt_err_code(packet) ( (char *) \ - (packet->dat+9+strlen((char *)pkt_a_name(packet)) + \ - strlen((char *)pkt_a_inst(packet)) + \ - strlen((char *)pkt_a_realm(packet)))) -#define pkt_err_text(packet) \ - (packet->dat+13+strlen((char *)pkt_a_name(packet)) + \ - strlen((char *)pkt_a_inst(packet)) + \ - strlen((char *)pkt_a_realm(packet))) - -/* - * macros for byte swapping; also scratch space - * u_quad 0-->7, 1-->6, 2-->5, 3-->4, 4-->3, 5-->2, 6-->1, 7-->0 - * u_int32_t 0-->3, 1-->2, 2-->1, 3-->0 - * u_int16_t 0-->1, 1-->0 - */ - -#define swap_u_16(x) {\ - u_int32_t _krb_swap_tmp[4];\ - swab(((char *) x) +0, ((char *) _krb_swap_tmp) +14 ,2); \ - swab(((char *) x) +2, ((char *) _krb_swap_tmp) +12 ,2); \ - swab(((char *) x) +4, ((char *) _krb_swap_tmp) +10 ,2); \ - swab(((char *) x) +6, ((char *) _krb_swap_tmp) +8 ,2); \ - swab(((char *) x) +8, ((char *) _krb_swap_tmp) +6 ,2); \ - swab(((char *) x) +10,((char *) _krb_swap_tmp) +4 ,2); \ - swab(((char *) x) +12,((char *) _krb_swap_tmp) +2 ,2); \ - swab(((char *) x) +14,((char *) _krb_swap_tmp) +0 ,2); \ - memcpy(x, _krb_swap_tmp, 16);\ - } - -#define swap_u_12(x) {\ - u_int32_t _krb_swap_tmp[4];\ - swab(( char *) x, ((char *) _krb_swap_tmp) +10 ,2); \ - swab(((char *) x) +2, ((char *) _krb_swap_tmp) +8 ,2); \ - swab(((char *) x) +4, ((char *) _krb_swap_tmp) +6 ,2); \ - swab(((char *) x) +6, ((char *) _krb_swap_tmp) +4 ,2); \ - swab(((char *) x) +8, ((char *) _krb_swap_tmp) +2 ,2); \ - swab(((char *) x) +10,((char *) _krb_swap_tmp) +0 ,2); \ - memcpy(x, _krb_swap_tmp, 12);\ - } - -#define swap_C_Block(x) {\ - u_int32_t _krb_swap_tmp[4];\ - swab(( char *) x, ((char *) _krb_swap_tmp) +6 ,2); \ - swab(((char *) x) +2,((char *) _krb_swap_tmp) +4 ,2); \ - swab(((char *) x) +4,((char *) _krb_swap_tmp) +2 ,2); \ - swab(((char *) x) +6,((char *) _krb_swap_tmp) ,2); \ - memcpy(x, _krb_swap_tmp, 8);\ - } -#define swap_u_quad(x) {\ - u_int32_t _krb_swap_tmp[4];\ - swab(( char *) &x, ((char *) _krb_swap_tmp) +6 ,2); \ - swab(((char *) &x) +2,((char *) _krb_swap_tmp) +4 ,2); \ - swab(((char *) &x) +4,((char *) _krb_swap_tmp) +2 ,2); \ - swab(((char *) &x) +6,((char *) _krb_swap_tmp) ,2); \ - memcpy(x, _krb_swap_tmp, 8);\ - } - -#define swap_u_long(x) {\ - u_int32_t _krb_swap_tmp[4];\ - swab((char *) &x, ((char *) _krb_swap_tmp) +2 ,2); \ - swab(((char *) &x) +2,((char *) _krb_swap_tmp),2); \ - x = _krb_swap_tmp[0]; \ - } - -#define swap_u_short(x) {\ - u_int16_t _krb_swap_sh_tmp; \ - swab((char *) &x, ( &_krb_swap_sh_tmp) ,2); \ - x = (u_int16_t) _krb_swap_sh_tmp; \ - } -/* Kerberos ticket flag field bit definitions */ -#define K_FLAG_ORDER 0 /* bit 0 --> lsb */ -#define K_FLAG_1 /* reserved */ -#define K_FLAG_2 /* reserved */ -#define K_FLAG_3 /* reserved */ -#define K_FLAG_4 /* reserved */ -#define K_FLAG_5 /* reserved */ -#define K_FLAG_6 /* reserved */ -#define K_FLAG_7 /* reserved, bit 7 --> msb */ - -#endif /* __KRB_ARCHAEOLOGY_H__ */ diff --git a/crypto/kerberosIV/lib/krb/krb-protos.h b/crypto/kerberosIV/lib/krb/krb-protos.h deleted file mode 100644 index 69bd1ca..0000000 --- a/crypto/kerberosIV/lib/krb/krb-protos.h +++ /dev/null @@ -1,790 +0,0 @@ -/* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: krb-protos.h,v 1.24.2.1 2000/06/23 03:32:04 assar Exp $ */ -/* $FreeBSD$ */ - -#ifndef __krb_protos_h__ -#define __krb_protos_h__ - -#if defined (__STDC__) || defined (_MSC_VER) -#include <stdarg.h> -#ifndef __P -#define __P(x) x -#endif -#else -#ifndef __P -#define __P(x) () -#endif -#endif - -#ifdef __STDC__ -struct in_addr; -struct sockaddr_in; -struct timeval; -#endif - -#ifndef KRB_LIB_FUNCTION -#if defined(__BORLANDC__) -#define KRB_LIB_FUNCTION /* not-ready-definition-yet */ -#elif defined(_MSC_VER) -#define KRB_LIB_FUNCTION /* not-ready-definition-yet2 */ -#else -#define KRB_LIB_FUNCTION -#endif -#endif - -void KRB_LIB_FUNCTION -afs_string_to_key __P(( - const char *str, - const char *cell, - des_cblock *key)); - -int KRB_LIB_FUNCTION -create_ciph __P(( - KTEXT c, - unsigned char *session, - char *service, - char *instance, - char *realm, - u_int32_t life, - int kvno, - KTEXT tkt, - u_int32_t kdc_time, - des_cblock *key)); - -int KRB_LIB_FUNCTION -cr_err_reply __P(( - KTEXT pkt, - char *pname, - char *pinst, - char *prealm, - u_int32_t time_ws, - u_int32_t e, - char *e_string)); - -int KRB_LIB_FUNCTION -decomp_ticket __P(( - KTEXT tkt, - unsigned char *flags, - char *pname, - char *pinstance, - char *prealm, - u_int32_t *paddress, - unsigned char *session, - int *life, - u_int32_t *time_sec, - char *sname, - char *sinstance, - des_cblock *key, - des_key_schedule schedule)); - -int KRB_LIB_FUNCTION -dest_tkt __P((void)); - -int KRB_LIB_FUNCTION -get_ad_tkt __P(( - char *service, - char *sinstance, - char *realm, - int lifetime)); - -int KRB_LIB_FUNCTION -getst __P(( - int fd, - char *s, - int n)); - -int KRB_LIB_FUNCTION -in_tkt __P(( - char *pname, - char *pinst)); - -int KRB_LIB_FUNCTION -k_get_all_addrs __P((struct in_addr **l)); - -int KRB_LIB_FUNCTION -k_gethostname __P(( - char *name, - int namelen)); - -int KRB_LIB_FUNCTION -k_getportbyname __P(( - const char *service, - const char *proto, - int default_port)); - -int KRB_LIB_FUNCTION -k_getsockinst __P(( - int fd, - char *inst, - size_t inst_size)); - -int KRB_LIB_FUNCTION -k_isinst __P((char *s)); - -int KRB_LIB_FUNCTION -k_isname __P((char *s)); - -int KRB_LIB_FUNCTION -k_isrealm __P((char *s)); - -struct tm * KRB_LIB_FUNCTION -k_localtime __P((u_int32_t *tp)); - -int KRB_LIB_FUNCTION -kname_parse __P(( - char *np, - char *ip, - char *rp, - char *fullname)); - -int KRB_LIB_FUNCTION -krb_atime_to_life __P((char *atime)); - -int KRB_LIB_FUNCTION -krb_check_auth __P(( - KTEXT packet, - u_int32_t checksum, - MSG_DAT *msg_data, - des_cblock *session, - des_key_schedule schedule, - struct sockaddr_in *laddr, - struct sockaddr_in *faddr)); - -int KRB_LIB_FUNCTION -krb_check_tm __P((struct tm tm)); - -KTEXT KRB_LIB_FUNCTION -krb_create_death_packet __P((char *a_name)); - -int KRB_LIB_FUNCTION -krb_create_ticket __P(( - KTEXT tkt, - unsigned char flags, - char *pname, - char *pinstance, - char *prealm, - int32_t paddress, - void *session, - int16_t life, - int32_t time_sec, - char *sname, - char *sinstance, - des_cblock *key)); - -int KRB_LIB_FUNCTION -krb_decode_as_rep __P(( - const char *user, - char *instance, /* INOUT parameter */ - const char *realm, - const char *service, - const char *sinstance, - key_proc_t key_proc, - decrypt_proc_t decrypt_proc, - const void *arg, - KTEXT as_rep, - CREDENTIALS *cred)); - -int KRB_LIB_FUNCTION -krb_disable_debug __P((void)); - -int KRB_LIB_FUNCTION -krb_enable_debug __P((void)); - -int KRB_LIB_FUNCTION -krb_equiv __P(( - u_int32_t a, - u_int32_t b)); - -int KRB_LIB_FUNCTION -krb_get_address __P(( - void *from, - u_int32_t *to)); - -int KRB_LIB_FUNCTION -krb_get_admhst __P(( - char *host, - char *realm, - int nth)); - -int KRB_LIB_FUNCTION -krb_get_config_bool __P((const char *variable)); - -const char * KRB_LIB_FUNCTION -krb_get_config_string __P((const char *variable)); - -int KRB_LIB_FUNCTION -krb_get_cred __P(( - char *service, - char *instance, - char *realm, - CREDENTIALS *c)); - -int KRB_LIB_FUNCTION -krb_get_default_principal __P(( - char *name, - char *instance, - char *realm)); - -char * KRB_LIB_FUNCTION -krb_get_default_realm __P((void)); - -const char * KRB_LIB_FUNCTION -krb_get_default_tkt_root __P((void)); - -const char * KRB_LIB_FUNCTION -krb_get_default_keyfile __P((void)); - -const char * KRB_LIB_FUNCTION -krb_get_err_text __P((int code)); - -struct krb_host* KRB_LIB_FUNCTION -krb_get_host __P(( - int nth, - const char *realm, - int admin)); - -int KRB_LIB_FUNCTION -krb_get_in_tkt __P(( - char *user, - char *instance, - char *realm, - char *service, - char *sinstance, - int life, - key_proc_t key_proc, - decrypt_proc_t decrypt_proc, - void *arg)); - -int KRB_LIB_FUNCTION -krb_get_int __P(( - void *f, - u_int32_t *to, - int size, - int lsb)); - -int KRB_LIB_FUNCTION -krb_get_kdc_time_diff __P((void)); - -int KRB_LIB_FUNCTION -krb_get_krbconf __P(( - int num, - char *buf, - size_t len)); - -int KRB_LIB_FUNCTION -krb_get_krbextra __P(( - int num, - char *buf, - size_t len)); - -int KRB_LIB_FUNCTION -krb_get_krbhst __P(( - char *host, - char *realm, - int nth)); - -int KRB_LIB_FUNCTION -krb_get_krbrealms __P(( - int num, - char *buf, - size_t len)); - -int KRB_LIB_FUNCTION -krb_get_lrealm __P(( - char *r, - int n)); - -int KRB_LIB_FUNCTION -krb_get_nir __P(( - void *from, - char *name, size_t name_len, - char *instance, size_t instance_len, - char *realm, size_t realm_len)); - -char * KRB_LIB_FUNCTION -krb_get_phost __P((const char *alias)); - -int KRB_LIB_FUNCTION -krb_get_pw_in_tkt __P(( - const char *user, - const char *instance, - const char *realm, - const char *service, - const char *sinstance, - int life, - const char *password)); - -int KRB_LIB_FUNCTION -krb_get_pw_in_tkt2 __P(( - const char *user, - const char *instance, - const char *realm, - const char *service, - const char *sinstance, - int life, - const char *password, - des_cblock *key)); - -int KRB_LIB_FUNCTION -krb_get_string __P(( - void *from, - char *to, - size_t to_size)); - -int KRB_LIB_FUNCTION -krb_get_svc_in_tkt __P(( - char *user, - char *instance, - char *realm, - char *service, - char *sinstance, - int life, - char *srvtab)); - -int KRB_LIB_FUNCTION -krb_get_tf_fullname __P(( - char *ticket_file, - char *name, - char *instance, - char *realm)); - -int KRB_LIB_FUNCTION -krb_get_tf_realm __P(( - char *ticket_file, - char *realm)); - -void KRB_LIB_FUNCTION -krb_kdctimeofday __P((struct timeval *tv)); - -int KRB_LIB_FUNCTION -krb_kntoln __P(( - AUTH_DAT *ad, - char *lname)); - -int KRB_LIB_FUNCTION -krb_kuserok __P(( - char *name, - char *instance, - char *realm, - char *luser)); - -char * KRB_LIB_FUNCTION -krb_life_to_atime __P((int life)); - -u_int32_t KRB_LIB_FUNCTION -krb_life_to_time __P(( - u_int32_t start, - int life_)); - -int KRB_LIB_FUNCTION -krb_lsb_antinet_ulong_cmp __P(( - u_int32_t x, - u_int32_t y)); - -int KRB_LIB_FUNCTION -krb_lsb_antinet_ushort_cmp __P(( - u_int16_t x, - u_int16_t y)); - -int KRB_LIB_FUNCTION -krb_mk_as_req __P(( - const char *user, - const char *instance, - const char *realm, - const char *service, - const char *sinstance, - int life, - KTEXT cip)); - -int KRB_LIB_FUNCTION -krb_mk_auth __P(( - int32_t options, - KTEXT ticket, - char *service, - char *instance, - char *realm, - u_int32_t checksum, - char *version, - KTEXT buf)); - -int32_t KRB_LIB_FUNCTION -krb_mk_err __P(( - u_char *p, - int32_t e, - char *e_string)); - -int32_t KRB_LIB_FUNCTION -krb_mk_priv __P(( - void *in, - void *out, - u_int32_t length, - des_key_schedule schedule, - des_cblock *key, - struct sockaddr_in *sender, - struct sockaddr_in *receiver)); - -int KRB_LIB_FUNCTION -krb_mk_req __P(( - KTEXT authent, - char *service, - char *instance, - char *realm, - int32_t checksum)); - -int32_t KRB_LIB_FUNCTION -krb_mk_safe __P(( - void *in, - void *out, - u_int32_t length, - des_cblock *key, - struct sockaddr_in *sender, - struct sockaddr_in *receiver)); - -int KRB_LIB_FUNCTION -krb_net_read __P(( - int fd, - void *v, - size_t len)); - -int KRB_LIB_FUNCTION -krb_net_write __P(( - int fd, - const void *v, - size_t len)); - -int KRB_LIB_FUNCTION -krb_parse_name __P(( - const char *fullname, - krb_principal *principal)); - -int KRB_LIB_FUNCTION -krb_put_address __P(( - u_int32_t addr, - void *to, - size_t rem)); - -int KRB_LIB_FUNCTION -krb_put_int __P(( - u_int32_t from, - void *to, - size_t rem, - int size)); - -int KRB_LIB_FUNCTION -krb_put_nir __P(( - const char *name, - const char *instance, - const char *realm, - void *to, - size_t rem)); - -int KRB_LIB_FUNCTION -krb_put_string __P(( - const char *from, - void *to, - size_t rem)); - -int KRB_LIB_FUNCTION -krb_rd_err __P(( - u_char *in, - u_int32_t in_length, - int32_t *code, - MSG_DAT *m_data)); - -int32_t KRB_LIB_FUNCTION -krb_rd_priv __P(( - void *in, - u_int32_t in_length, - des_key_schedule schedule, - des_cblock *key, - struct sockaddr_in *sender, - struct sockaddr_in *receiver, - MSG_DAT *m_data)); - -int KRB_LIB_FUNCTION -krb_rd_req __P(( - KTEXT authent, - char *service, - char *instance, - int32_t from_addr, - AUTH_DAT *ad, - char *fn)); - -int32_t KRB_LIB_FUNCTION -krb_rd_safe __P(( - void *in, - u_int32_t in_length, - des_cblock *key, - struct sockaddr_in *sender, - struct sockaddr_in *receiver, - MSG_DAT *m_data)); - -int KRB_LIB_FUNCTION -krb_realm_parse __P(( - char *realm, - int length)); - -char * KRB_LIB_FUNCTION -krb_realmofhost __P((const char *host)); - -int KRB_LIB_FUNCTION -krb_recvauth __P(( - int32_t options, - int fd, - KTEXT ticket, - char *service, - char *instance, - struct sockaddr_in *faddr, - struct sockaddr_in *laddr, - AUTH_DAT *kdata, - char *filename, - des_key_schedule schedule, - char *version)); - -int KRB_LIB_FUNCTION -krb_sendauth __P(( - int32_t options, - int fd, - KTEXT ticket, - char *service, - char *instance, - char *realm, - u_int32_t checksum, - MSG_DAT *msg_data, - CREDENTIALS *cred, - des_key_schedule schedule, - struct sockaddr_in *laddr, - struct sockaddr_in *faddr, - char *version)); - -void KRB_LIB_FUNCTION -krb_set_kdc_time_diff __P((int diff)); - -int KRB_LIB_FUNCTION -krb_set_key __P(( - void *key, - int cvt)); - -int KRB_LIB_FUNCTION -krb_set_lifetime __P((int newval)); - -void KRB_LIB_FUNCTION -krb_set_tkt_string __P((const char *val)); - -const char * KRB_LIB_FUNCTION -krb_stime __P((time_t *t)); - -int KRB_LIB_FUNCTION -krb_time_to_life __P(( - u_int32_t start, - u_int32_t end)); - -char * KRB_LIB_FUNCTION -krb_unparse_name __P((krb_principal *pr)); - -char * KRB_LIB_FUNCTION -krb_unparse_name_long __P(( - char *name, - char *instance, - char *realm)); - -char * KRB_LIB_FUNCTION -krb_unparse_name_long_r __P(( - char *name, - char *instance, - char *realm, - char *fullname)); - -char * KRB_LIB_FUNCTION -krb_unparse_name_r __P(( - krb_principal *pr, - char *fullname)); - -int KRB_LIB_FUNCTION -krb_use_admin_server __P((int flag)); - -int KRB_LIB_FUNCTION -krb_verify_user __P(( - char *name, - char *instance, - char *realm, - char *password, - int secure, - char *linstance)); - -int KRB_LIB_FUNCTION -krb_verify_user_srvtab __P(( - char *name, - char *instance, - char *realm, - char *password, - int secure, - char *linstance, - char *srvtab)); - -int KRB_LIB_FUNCTION -kuserok __P(( - AUTH_DAT *auth, - char *luser)); - -u_int32_t KRB_LIB_FUNCTION -lsb_time __P(( - time_t t, - struct sockaddr_in *src, - struct sockaddr_in *dst)); - -const char * KRB_LIB_FUNCTION -month_sname __P((int n)); - -int KRB_LIB_FUNCTION -passwd_to_5key __P(( - const char *user, - const char *instance, - const char *realm, - const void *passwd, - des_cblock *key)); - -int KRB_LIB_FUNCTION -passwd_to_afskey __P(( - const char *user, - const char *instance, - const char *realm, - const void *passwd, - des_cblock *key)); - -int KRB_LIB_FUNCTION -passwd_to_key __P(( - const char *user, - const char *instance, - const char *realm, - const void *passwd, - des_cblock *key)); - -int KRB_LIB_FUNCTION -read_service_key __P(( - const char *service, - char *instance, - const char *realm, - int kvno, - const char *file, - void *key)); - -int KRB_LIB_FUNCTION -save_credentials __P(( - char *service, - char *instance, - char *realm, - unsigned char *session, - int lifetime, - int kvno, - KTEXT ticket, - int32_t issue_date)); - -int KRB_LIB_FUNCTION -send_to_kdc __P(( - KTEXT pkt, - KTEXT rpkt, - const char *realm)); - -int KRB_LIB_FUNCTION -srvtab_to_key __P(( - const char *user, - char *instance, /* INOUT parameter */ - const char *realm, - const void *srvtab, - des_cblock *key)); - -void KRB_LIB_FUNCTION -tf_close __P((void)); - -int KRB_LIB_FUNCTION -tf_create __P((char *tf_name)); - -int KRB_LIB_FUNCTION -tf_get_cred __P((CREDENTIALS *c)); - -int KRB_LIB_FUNCTION -tf_get_cred_addr __P((char *realm, size_t realm_sz, struct in_addr *addr)); - -int KRB_LIB_FUNCTION -tf_get_pinst __P((char *inst)); - -int KRB_LIB_FUNCTION -tf_get_pname __P((char *p)); - -int KRB_LIB_FUNCTION -tf_init __P(( - char *tf_name, - int rw)); - -int KRB_LIB_FUNCTION -tf_put_pinst __P((const char *inst)); - -int KRB_LIB_FUNCTION -tf_put_pname __P((const char *p)); - -int KRB_LIB_FUNCTION -tf_save_cred __P(( - char *service, - char *instance, - char *realm, - unsigned char *session, - int lifetime, - int kvno, - KTEXT ticket, - u_int32_t issue_date)); - -int KRB_LIB_FUNCTION -tf_setup __P(( - CREDENTIALS *cred, - const char *pname, - const char *pinst)); - -int KRB_LIB_FUNCTION -tf_get_addr __P(( - const char *realm, - struct in_addr *addr)); - -int KRB_LIB_FUNCTION -tf_store_addr __P((const char *realm, struct in_addr *addr)); - -char * KRB_LIB_FUNCTION -tkt_string __P((void)); - -int KRB_LIB_FUNCTION -krb_add_our_ip_for_realm __P((const char *user, const char *instance, - const char *realm, const char *password)); - -#endif /* __krb_protos_h__ */ diff --git a/crypto/kerberosIV/lib/krb/krb.def b/crypto/kerberosIV/lib/krb/krb.def deleted file mode 100644 index 1158e60..0000000 --- a/crypto/kerberosIV/lib/krb/krb.def +++ /dev/null @@ -1,96 +0,0 @@ -LIBRARY krb BASE=0x07000000 -EXPORTS - krb_get_err_text - - newTktMem - getTktMem - firstCred - nextCredIndex - currCredIndex - nextFreeIndex - - k_localtime - k_getsockinst - k_getportbyname - k_get_all_addrs - - krb_set_kdc_time_diff - krb_get_kdc_time_diff - - krb_get_config_bool - krb_get_config_string - - krb_equiv - - afs_string_to_key - - krb_life_to_time - krb_time_to_life - krb_life_to_atime - krb_atime_to_life - - tf_get_cred - tf_get_pinst - tf_get_pname - tf_put_pinst - tf_put_pname - tf_init - tf_create - tf_save_cred - tf_close - - krb_mk_priv - krb_rd_priv - - create_auth_reply - krb_get_phost - krb_realmofhost - tkt_string - create_ciph - decomp_ticket - dest_tkt - get_ad_tkt - in_tkt - k_gethostname - k_isinst - k_isname - k_isrealm - kname_parse - krb_parse_name - krb_unparse_name - krb_unparse_name_long - krb_create_ticket - krb_get_admhst - krb_get_cred - krb_get_in_tkt - krb_get_krbhst - krb_get_lrealm - krb_get_default_realm - krb_get_pw_in_tkt - krb_get_svc_in_tkt - krb_get_tf_fullname - krb_get_tf_realm - krb_kntoln - krb_mk_req - krb_net_read - krb_net_write - krb_rd_err - krb_rd_req - krb_recvauth - krb_sendauth - krb_set_key - krb_set_lifetime - read_service_key - save_credentials - send_to_kdc - krb_mk_err - krb_mk_safe - krb_rd_safe - ad_print - cr_err_reply - krb_set_tkt_string - krb_get_default_principal - krb_realm_parse - krb_verify_user - kset_logfile - getst diff --git a/crypto/kerberosIV/lib/krb/krb.dsp b/crypto/kerberosIV/lib/krb/krb.dsp deleted file mode 100644 index efec3b2..0000000 --- a/crypto/kerberosIV/lib/krb/krb.dsp +++ /dev/null @@ -1,398 +0,0 @@ -# Microsoft Developer Studio Project File - Name="krb" - Package Owner=<4> -# Microsoft Developer Studio Generated Build File, Format Version 5.00 -# ** DO NOT EDIT ** - -# TARGTYPE "Win32 (x86) Dynamic-Link Library" 0x0102 - -CFG=krb - Win32 Release -!MESSAGE This is not a valid makefile. To build this project using NMAKE, -!MESSAGE use the Export Makefile command and run -!MESSAGE -!MESSAGE NMAKE /f "krb.mak". -!MESSAGE -!MESSAGE You can specify a configuration when running NMAKE -!MESSAGE by defining the macro CFG on the command line. For example: -!MESSAGE -!MESSAGE NMAKE /f "krb.mak" CFG="krb - Win32 Release" -!MESSAGE -!MESSAGE Possible choices for configuration are: -!MESSAGE -!MESSAGE "krb - Win32 Release" (based on "Win32 (x86) Dynamic-Link Library") -!MESSAGE "krb - Win32 Debug" (based on "Win32 (x86) Dynamic-Link Library") -!MESSAGE - -# Begin Project -# PROP Scc_ProjName "" -# PROP Scc_LocalPath "" -CPP=cl.exe -MTL=midl.exe -RSC=rc.exe - -!IF "$(CFG)" == "krb - Win32 Release" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 0 -# PROP BASE Output_Dir ".\Release" -# PROP BASE Intermediate_Dir ".\Release" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 0 -# PROP Output_Dir ".\Release" -# PROP Intermediate_Dir ".\Release" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /MT /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /YX /c -# ADD CPP /nologo /MT /W3 /GX /O2 /I "." /I "..\..\include" /I "..\..\include\win32" /I "..\des" /I "..\roken" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D "HAVE_CONFIG_H" /YX /FD /c -# ADD BASE MTL /nologo /D "NDEBUG" /win32 -# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /win32 -# ADD BASE RSC /l 0x409 /d "NDEBUG" -# ADD RSC /l 0x409 /d "NDEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /dll /machine:I386 -# ADD LINK32 ..\roken\Release\roken.lib ..\des\Release\des.lib wsock32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib /nologo /subsystem:windows /dll /machine:I386 - -!ELSEIF "$(CFG)" == "krb - Win32 Debug" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 1 -# PROP BASE Output_Dir ".\Debug" -# PROP BASE Intermediate_Dir ".\Debug" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 1 -# PROP Output_Dir ".\Debug" -# PROP Intermediate_Dir ".\Debug" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /MTd /W3 /Gm /GX /Zi /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /YX /c -# ADD CPP /nologo /MDd /W3 /Gm /GX /Zi /Od /I "." /I "..\..\include" /I "..\..\include\win32" /I "..\des" /I "..\roken" /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /D "HAVE_CONFIG_H" /YX /FD /c -# ADD BASE MTL /nologo /D "_DEBUG" /win32 -# ADD MTL /nologo /D "_DEBUG" /mktyplib203 /win32 -# ADD BASE RSC /l 0x409 /d "_DEBUG" -# ADD RSC /l 0x409 /d "_DEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /dll /debug /machine:I386 -# ADD LINK32 ..\roken\Debug\roken.lib ..\des\Debug\des.lib wsock32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib /nologo /subsystem:windows /dll /debug /machine:I386 - -!ENDIF - -# Begin Target - -# Name "krb - Win32 Release" -# Name "krb - Win32 Debug" -# Begin Group "Source Files" - -# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;hpj;bat;for;f90" -# Begin Source File - -SOURCE=.\cr_err_reply.c -# End Source File -# Begin Source File - -SOURCE=.\create_auth_reply.c -# End Source File -# Begin Source File - -SOURCE=.\create_ciph.c -# End Source File -# Begin Source File - -SOURCE=.\create_ticket.c -# End Source File -# Begin Source File - -SOURCE=.\debug_decl.c -# End Source File -# Begin Source File - -SOURCE=.\decomp_ticket.c -# End Source File -# Begin Source File - -SOURCE=.\dllmain.c -# End Source File -# Begin Source File - -SOURCE=.\encrypt_ktext.c -# End Source File -# Begin Source File - -SOURCE=.\extra.c -# End Source File -# Begin Source File - -SOURCE=.\get_ad_tkt.c -# End Source File -# Begin Source File - -SOURCE=.\get_cred.c -# End Source File -# Begin Source File - -SOURCE=.\get_default_principal.c -# End Source File -# Begin Source File - -SOURCE=.\get_host.c -# End Source File -# Begin Source File - -SOURCE=.\get_in_tkt.c -# End Source File -# Begin Source File - -SOURCE=.\get_krbrlm.c -# End Source File -# Begin Source File - -SOURCE=.\get_svc_in_tkt.c -# End Source File -# Begin Source File - -SOURCE=.\get_tf_fullname.c -# End Source File -# Begin Source File - -SOURCE=.\get_tf_realm.c -# End Source File -# Begin Source File - -SOURCE=.\getaddrs.c -# End Source File -# Begin Source File - -SOURCE=.\getfile.c -# End Source File -# Begin Source File - -SOURCE=.\getrealm.c -# End Source File -# Begin Source File - -SOURCE=.\getst.c -# End Source File -# Begin Source File - -SOURCE=.\k_gethostname.c -# End Source File -# Begin Source File - -SOURCE=.\k_getport.c -# End Source File -# Begin Source File - -SOURCE=.\k_getsockinst.c -# End Source File -# Begin Source File - -SOURCE=.\k_localtime.c -# End Source File -# Begin Source File - -SOURCE=.\kdc_reply.c -# End Source File -# Begin Source File - -SOURCE=.\kntoln.c -# End Source File -# Begin Source File - -SOURCE=.\krb.def -# End Source File -# Begin Source File - -SOURCE=.\krb_check_auth.c -# End Source File -# Begin Source File - -SOURCE=.\krb_equiv.c -# End Source File -# Begin Source File - -SOURCE=.\krb_err_txt.c -# End Source File -# Begin Source File - -SOURCE=.\krb_get_in_tkt.c -# End Source File -# Begin Source File - -SOURCE=.\lifetime.c -# End Source File -# Begin Source File - -SOURCE=.\logging.c -# End Source File -# Begin Source File - -SOURCE=.\lsb_addr_comp.c -# End Source File -# Begin Source File - -SOURCE=.\mk_auth.c -# End Source File -# Begin Source File - -SOURCE=.\mk_err.c -# End Source File -# Begin Source File - -SOURCE=.\mk_priv.c -# End Source File -# Begin Source File - -SOURCE=.\mk_req.c -# End Source File -# Begin Source File - -SOURCE=.\mk_safe.c -# End Source File -# Begin Source File - -SOURCE=.\month_sname.c -# End Source File -# Begin Source File - -SOURCE=.\name2name.c -# End Source File -# Begin Source File - -SOURCE=.\netread.c -# End Source File -# Begin Source File - -SOURCE=.\netwrite.c -# End Source File -# Begin Source File - -SOURCE=.\one.c -# End Source File -# Begin Source File - -SOURCE=.\parse_name.c -# End Source File -# Begin Source File - -SOURCE=.\rd_err.c -# End Source File -# Begin Source File - -SOURCE=.\rd_priv.c -# End Source File -# Begin Source File - -SOURCE=.\rd_req.c -# End Source File -# Begin Source File - -SOURCE=.\rd_safe.c -# End Source File -# Begin Source File - -SOURCE=.\read_service_key.c -# End Source File -# Begin Source File - -SOURCE=.\realm_parse.c -# End Source File -# Begin Source File - -SOURCE=.\recvauth.c -# End Source File -# Begin Source File - -SOURCE=.\rw.c -# End Source File -# Begin Source File - -SOURCE=.\save_credentials.c -# End Source File -# Begin Source File - -SOURCE=.\send_to_kdc.c -# End Source File -# Begin Source File - -SOURCE=.\sendauth.c -# End Source File -# Begin Source File - -SOURCE=.\stime.c -# End Source File -# Begin Source File - -SOURCE=.\str2key.c -# End Source File -# Begin Source File - -SOURCE=.\ticket_memory.c -# End Source File -# Begin Source File - -SOURCE=.\time.c -# End Source File -# Begin Source File - -SOURCE=.\tkt_string.c -# End Source File -# Begin Source File - -SOURCE=.\unparse_name.c -# End Source File -# Begin Source File - -SOURCE=.\util.c -# End Source File -# Begin Source File - -SOURCE=.\verify_user.c -# End Source File -# End Group -# Begin Group "Header Files" - -# PROP Default_Filter "h;hpp;hxx;hm;inl;fi;fd" -# Begin Source File - -SOURCE=.\klog.h -# End Source File -# Begin Source File - -SOURCE=".\krb-protos.h" -# End Source File -# Begin Source File - -SOURCE=.\krb.h -# End Source File -# Begin Source File - -SOURCE=.\krb_locl.h -# End Source File -# Begin Source File - -SOURCE=.\krb_log.h -# End Source File -# Begin Source File - -SOURCE=.\prot.h -# End Source File -# Begin Source File - -SOURCE=.\ticket_memory.h -# End Source File -# End Group -# Begin Group "Resource Files" - -# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;cnt;rtf;gif;jpg;jpeg;jpe" -# Begin Source File - -SOURCE=.\krb.rc -# End Source File -# End Group -# End Target -# End Project diff --git a/crypto/kerberosIV/lib/krb/krb.h b/crypto/kerberosIV/lib/krb/krb.h deleted file mode 100644 index 1a850ca..0000000 --- a/crypto/kerberosIV/lib/krb/krb.h +++ /dev/null @@ -1,360 +0,0 @@ -/* - * $Id: krb.h,v 1.99 1999/11/16 14:02:47 bg Exp $ - * $FreeBSD$ - * - * Copyright 1987, 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - * Include file for the Kerberos library. - */ - -#if !defined (__STDC__) && !defined(_MSC_VER) -#define const -#define signed -#endif - -#include <sys/types.h> -#include <time.h> - -#ifndef __KRB_H__ -#define __KRB_H__ - -/* XXX */ -#ifndef __BEGIN_DECLS -#if defined(__cplusplus) -#define __BEGIN_DECLS extern "C" { -#define __END_DECLS }; -#else -#define __BEGIN_DECLS -#define __END_DECLS -#endif -#endif - -#if defined (__STDC__) || defined (_MSC_VER) -#ifndef __P -#define __P(x) x -#endif -#else -#ifndef __P -#define __P(x) () -#endif -#endif - -__BEGIN_DECLS - -/* Need some defs from des.h */ -#if !defined(NOPROTO) && !defined(__STDC__) -#define NOPROTO -#endif -#define OPENSSL_DES_LIBDES_COMPATIBILITY -#include <openssl/des.h> - -/* CNS compatibility ahead! */ -#ifndef KRB_INT32 -#define KRB_INT32 int32_t -#endif -#ifndef KRB_UINT32 -#define KRB_UINT32 u_int32_t -#endif - -/* Global library variables. */ -extern int krb_ignore_ip_address; /* To turn off IP address comparison */ -extern int krb_no_long_lifetimes; /* To disable AFS compatible lifetimes */ -extern int krbONE; -#define HOST_BYTE_ORDER (* (char *) &krbONE) -/* Debug variables */ -extern int krb_debug; -extern int krb_ap_req_debug; -extern int krb_dns_debug; - - -/* Text describing error codes */ -#define MAX_KRB_ERRORS 256 -extern const char *krb_err_txt[MAX_KRB_ERRORS]; - -/* General definitions */ -#define KSUCCESS 0 -#define KFAILURE 255 - -/* - * Kerberos specific definitions - * - * KRBLOG is the log file for the kerberos master server. KRB_CONF is - * the configuration file where different host machines running master - * and slave servers can be found. KRB_MASTER is the name of the - * machine with the master database. The admin_server runs on this - * machine, and all changes to the db (as opposed to read-only - * requests, which can go to slaves) must go to it. KRB_HOST is the - * default machine * when looking for a kerberos slave server. Other - * possibilities are * in the KRB_CONF file. KRB_REALM is the name of - * the realm. - */ - -/* /etc/kerberosIV is only for backwards compatibility, don't use it! */ -#ifndef KRB_CONF -#define KRB_CONF "/etc/kerberosIV/krb.conf" -#endif -#ifndef KRB_RLM_TRANS -#define KRB_RLM_TRANS "/etc/kerberosIV/krb.realms" -#endif -#ifndef KRB_CNF_FILES -#define KRB_CNF_FILES { KRB_CONF, "/etc/krb.conf", 0} -#endif -#ifndef KRB_RLM_FILES -#define KRB_RLM_FILES { KRB_RLM_TRANS, "/etc/krb.realms", 0} -#endif -#ifndef KRB_EQUIV -#define KRB_EQUIV "/etc/kerberosIV/krb.equiv" -#endif -#define KRB_MASTER "kerberos" -#ifndef KRB_REALM -#define KRB_REALM (krb_get_default_realm()) -#endif - -/* The maximum sizes for aname, realm, sname, and instance +1 */ -#define ANAME_SZ 40 -#define REALM_SZ 40 -#define SNAME_SZ 40 -#define INST_SZ 40 -/* Leave space for quoting */ -#define MAX_K_NAME_SZ (2*ANAME_SZ + 2*INST_SZ + 2*REALM_SZ - 3) -#define KKEY_SZ 100 -#define VERSION_SZ 1 -#define MSG_TYPE_SZ 1 -#define DATE_SZ 26 /* RTI date output */ - -#define MAX_HSTNM 100 /* for compatibility */ - -typedef struct krb_principal{ - char name[ANAME_SZ]; - char instance[INST_SZ]; - char realm[REALM_SZ]; -}krb_principal; - -#ifndef DEFAULT_TKT_LIFE /* allow compile-time override */ -/* default lifetime for krb_mk_req & co., 10 hrs */ -#define DEFAULT_TKT_LIFE 120 -#endif - -#define KRB_TICKET_GRANTING_TICKET "krbtgt" - -/* Definition of text structure used to pass text around */ -#define MAX_KTXT_LEN 1250 - -struct ktext { - unsigned int length; /* Length of the text */ - unsigned char dat[MAX_KTXT_LEN]; /* The data itself */ - u_int32_t mbz; /* zero to catch runaway strings */ -}; - -typedef struct ktext *KTEXT; -typedef struct ktext KTEXT_ST; - - -/* Definitions for send_to_kdc */ -#define CLIENT_KRB_TIMEOUT 4 /* default time between retries */ -#define CLIENT_KRB_RETRY 5 /* retry this many times */ -#define CLIENT_KRB_BUFLEN 512 /* max unfragmented packet */ - -/* Definitions for ticket file utilities */ -#define R_TKT_FIL 0 -#define W_TKT_FIL 1 - -/* Parameters for rd_ap_req */ -/* Maximum alloable clock skew in seconds */ -#define CLOCK_SKEW 5*60 -/* Filename for readservkey */ -#ifndef KEYFILE -#define KEYFILE (krb_get_default_keyfile()) -#endif - -/* Structure definition for rd_ap_req */ - -struct auth_dat { - unsigned char k_flags; /* Flags from ticket */ - char pname[ANAME_SZ]; /* Principal's name */ - char pinst[INST_SZ]; /* His Instance */ - char prealm[REALM_SZ]; /* His Realm */ - u_int32_t checksum; /* Data checksum (opt) */ - des_cblock session; /* Session Key */ - int life; /* Life of ticket */ - u_int32_t time_sec; /* Time ticket issued */ - u_int32_t address; /* Address in ticket */ - KTEXT_ST reply; /* Auth reply (opt) */ -}; - -typedef struct auth_dat AUTH_DAT; - -/* Structure definition for credentials returned by get_cred */ - -struct credentials { - char service[ANAME_SZ]; /* Service name */ - char instance[INST_SZ]; /* Instance */ - char realm[REALM_SZ]; /* Auth domain */ - des_cblock session; /* Session key */ - int lifetime; /* Lifetime */ - int kvno; /* Key version number */ - KTEXT_ST ticket_st; /* The ticket itself */ - int32_t issue_date; /* The issue time */ - char pname[ANAME_SZ]; /* Principal's name */ - char pinst[INST_SZ]; /* Principal's instance */ -}; - -typedef struct credentials CREDENTIALS; - -/* Structure definition for rd_private_msg and rd_safe_msg */ - -struct msg_dat { - unsigned char *app_data; /* pointer to appl data */ - u_int32_t app_length; /* length of appl data */ - u_int32_t hash; /* hash to lookup replay */ - int swap; /* swap bytes? */ - int32_t time_sec; /* msg timestamp seconds */ - unsigned char time_5ms; /* msg timestamp 5ms units */ -}; - -typedef struct msg_dat MSG_DAT; - -struct krb_host { - char *realm; - char *host; - enum krb_host_proto { PROTO_UDP, PROTO_TCP, PROTO_HTTP } proto; - int port; - int admin; -}; - -/* Location of ticket file for save_cred and get_cred */ -#define TKT_FILE tkt_string() -#ifndef TKT_ROOT -#define TKT_ROOT (krb_get_default_tkt_root()) -#endif - -/* Error codes returned from the KDC */ -#define KDC_OK 0 /* Request OK */ -#define KDC_NAME_EXP 1 /* Principal expired */ -#define KDC_SERVICE_EXP 2 /* Service expired */ -#define KDC_AUTH_EXP 3 /* Auth expired */ -#define KDC_PKT_VER 4 /* Protocol version unknown */ -#define KDC_P_MKEY_VER 5 /* Wrong master key version */ -#define KDC_S_MKEY_VER 6 /* Wrong master key version */ -#define KDC_BYTE_ORDER 7 /* Byte order unknown */ -#define KDC_PR_UNKNOWN 8 /* Principal unknown */ -#define KDC_PR_N_UNIQUE 9 /* Principal not unique */ -#define KDC_NULL_KEY 10 /* Principal has null key */ -#define KDC_GEN_ERR 20 /* Generic error from KDC */ - - -/* Values returned by get_credentials */ -#define GC_OK 0 /* Retrieve OK */ -#define RET_OK 0 /* Retrieve OK */ -#define GC_TKFIL 21 /* Can't read ticket file */ -#define RET_TKFIL 21 /* Can't read ticket file */ -#define GC_NOTKT 22 /* Can't find ticket or TGT */ -#define RET_NOTKT 22 /* Can't find ticket or TGT */ - - -/* Values returned by mk_ap_req */ -#define MK_AP_OK 0 /* Success */ -#define MK_AP_TGTEXP 26 /* TGT Expired */ - -/* Values returned by rd_ap_req */ -#define RD_AP_OK 0 /* Request authentic */ -#define RD_AP_UNDEC 31 /* Can't decode authenticator */ -#define RD_AP_EXP 32 /* Ticket expired */ -#define RD_AP_NYV 33 /* Ticket not yet valid */ -#define RD_AP_REPEAT 34 /* Repeated request */ -#define RD_AP_NOT_US 35 /* The ticket isn't for us */ -#define RD_AP_INCON 36 /* Request is inconsistent */ -#define RD_AP_TIME 37 /* delta_t too big */ -#define RD_AP_BADD 38 /* Incorrect net address */ -#define RD_AP_VERSION 39 /* protocol version mismatch */ -#define RD_AP_MSG_TYPE 40 /* invalid msg type */ -#define RD_AP_MODIFIED 41 /* message stream modified */ -#define RD_AP_ORDER 42 /* message out of order */ -#define RD_AP_UNAUTHOR 43 /* unauthorized request */ - -/* Values returned by get_pw_tkt */ -#define GT_PW_OK 0 /* Got password changing tkt */ -#define GT_PW_NULL 51 /* Current PW is null */ -#define GT_PW_BADPW 52 /* Incorrect current password */ -#define GT_PW_PROT 53 /* Protocol Error */ -#define GT_PW_KDCERR 54 /* Error returned by KDC */ -#define GT_PW_NULLTKT 55 /* Null tkt returned by KDC */ - - -/* Values returned by send_to_kdc */ -#define SKDC_OK 0 /* Response received */ -#define SKDC_RETRY 56 /* Retry count exceeded */ -#define SKDC_CANT 57 /* Can't send request */ - -/* - * Values returned by get_intkt - * (can also return SKDC_* and KDC errors) - */ - -#define INTK_OK 0 /* Ticket obtained */ -#define INTK_W_NOTALL 61 /* Not ALL tickets returned */ -#define INTK_BADPW 62 /* Incorrect password */ -#define INTK_PROT 63 /* Protocol Error */ -#define INTK_ERR 70 /* Other error */ - -/* Values returned by get_adtkt */ -#define AD_OK 0 /* Ticket Obtained */ -#define AD_NOTGT 71 /* Don't have tgt */ -#define AD_INTR_RLM_NOTGT 72 /* Can't get inter-realm tgt */ - -/* Error codes returned by ticket file utilities */ -#define NO_TKT_FIL 76 /* No ticket file found */ -#define TKT_FIL_ACC 77 /* Couldn't access tkt file */ -#define TKT_FIL_LCK 78 /* Couldn't lock ticket file */ -#define TKT_FIL_FMT 79 /* Bad ticket file format */ -#define TKT_FIL_INI 80 /* tf_init not called first */ - -/* Error code returned by kparse_name */ -#define KNAME_FMT 81 /* Bad Kerberos name format */ - -/* Error code returned by krb_mk_safe */ -#define SAFE_PRIV_ERROR -1 /* syscall error */ - -/* Defines for krb_sendauth and krb_recvauth */ - -#define KOPT_DONT_MK_REQ 0x00000001 /* don't call krb_mk_req */ -#define KOPT_DO_MUTUAL 0x00000002 /* do mutual auth */ - -#define KOPT_DONT_CANON 0x00000004 /* - * don't canonicalize inst as - * a hostname - */ - -#define KOPT_IGNORE_PROTOCOL 0x0008 - -#define KRB_SENDAUTH_VLEN 8 /* length for version strings */ - - -/* flags for krb_verify_user() */ -#define KRB_VERIFY_NOT_SECURE 0 -#define KRB_VERIFY_SECURE 1 -#define KRB_VERIFY_SECURE_FAIL 2 - -extern char *krb4_version; - -typedef int (*key_proc_t) __P((const char *name, - char *instance, /* INOUT parameter */ - const char *realm, - const void *password, - des_cblock *key)); - -typedef int (*decrypt_proc_t) __P((const char *name, - const char *instance, - const char *realm, - const void *arg, - key_proc_t, - KTEXT *)); - -#include "krb-protos.h" - -__END_DECLS - -#endif /* __KRB_H__ */ diff --git a/crypto/kerberosIV/lib/krb/krb.mak b/crypto/kerberosIV/lib/krb/krb.mak deleted file mode 100644 index e9d5690..0000000 --- a/crypto/kerberosIV/lib/krb/krb.mak +++ /dev/null @@ -1,1902 +0,0 @@ -# Microsoft Developer Studio Generated NMAKE File, Based on krb.dsp -!IF "$(CFG)" == "" -CFG=krb - Win32 Release -!MESSAGE No configuration specified. Defaulting to krb - Win32 Release. -!ENDIF - -!IF "$(CFG)" != "krb - Win32 Release" && "$(CFG)" != "krb - Win32 Debug" -!MESSAGE Invalid configuration "$(CFG)" specified. -!MESSAGE You can specify a configuration when running NMAKE -!MESSAGE by defining the macro CFG on the command line. For example: -!MESSAGE -!MESSAGE NMAKE /f "krb.mak" CFG="krb - Win32 Release" -!MESSAGE -!MESSAGE Possible choices for configuration are: -!MESSAGE -!MESSAGE "krb - Win32 Release" (based on "Win32 (x86) Dynamic-Link Library") -!MESSAGE "krb - Win32 Debug" (based on "Win32 (x86) Dynamic-Link Library") -!MESSAGE -!ERROR An invalid configuration is specified. -!ENDIF - -!IF "$(OS)" == "Windows_NT" -NULL= -!ELSE -NULL=nul -!ENDIF - -!IF "$(CFG)" == "krb - Win32 Release" - -OUTDIR=.\Release -INTDIR=.\Release -# Begin Custom Macros -OutDir=.\.\Release -# End Custom Macros - -!IF "$(RECURSE)" == "0" - -ALL : "$(OUTDIR)\krb.dll" - -!ELSE - -ALL : "des - Win32 Release" "$(OUTDIR)\krb.dll" - -!ENDIF - -!IF "$(RECURSE)" == "1" -CLEAN :"des - Win32 ReleaseCLEAN" -!ELSE -CLEAN : -!ENDIF - -@erase "$(INTDIR)\cr_err_reply.obj" - -@erase "$(INTDIR)\create_auth_reply.obj" - -@erase "$(INTDIR)\create_ciph.obj" - -@erase "$(INTDIR)\create_ticket.obj" - -@erase "$(INTDIR)\debug_decl.obj" - -@erase "$(INTDIR)\decomp_ticket.obj" - -@erase "$(INTDIR)\dllmain.obj" - -@erase "$(INTDIR)\encrypt_ktext.obj" - -@erase "$(INTDIR)\get_ad_tkt.obj" - -@erase "$(INTDIR)\get_cred.obj" - -@erase "$(INTDIR)\get_default_principal.obj" - -@erase "$(INTDIR)\get_host.obj" - -@erase "$(INTDIR)\get_in_tkt.obj" - -@erase "$(INTDIR)\get_krbrlm.obj" - -@erase "$(INTDIR)\get_svc_in_tkt.obj" - -@erase "$(INTDIR)\get_tf_fullname.obj" - -@erase "$(INTDIR)\get_tf_realm.obj" - -@erase "$(INTDIR)\getaddrs.obj" - -@erase "$(INTDIR)\getfile.obj" - -@erase "$(INTDIR)\getrealm.obj" - -@erase "$(INTDIR)\getst.obj" - -@erase "$(INTDIR)\k_flock.obj" - -@erase "$(INTDIR)\k_gethostname.obj" - -@erase "$(INTDIR)\k_getport.obj" - -@erase "$(INTDIR)\k_getsockinst.obj" - -@erase "$(INTDIR)\k_localtime.obj" - -@erase "$(INTDIR)\kdc_reply.obj" - -@erase "$(INTDIR)\kntoln.obj" - -@erase "$(INTDIR)\krb.res" - -@erase "$(INTDIR)\krb_check_auth.obj" - -@erase "$(INTDIR)\krb_equiv.obj" - -@erase "$(INTDIR)\krb_err_txt.obj" - -@erase "$(INTDIR)\krb_get_in_tkt.obj" - -@erase "$(INTDIR)\lifetime.obj" - -@erase "$(INTDIR)\logging.obj" - -@erase "$(INTDIR)\lsb_addr_comp.obj" - -@erase "$(INTDIR)\mk_auth.obj" - -@erase "$(INTDIR)\mk_err.obj" - -@erase "$(INTDIR)\mk_priv.obj" - -@erase "$(INTDIR)\mk_req.obj" - -@erase "$(INTDIR)\mk_safe.obj" - -@erase "$(INTDIR)\month_sname.obj" - -@erase "$(INTDIR)\name2name.obj" - -@erase "$(INTDIR)\netread.obj" - -@erase "$(INTDIR)\netwrite.obj" - -@erase "$(INTDIR)\one.obj" - -@erase "$(INTDIR)\parse_name.obj" - -@erase "$(INTDIR)\rd_err.obj" - -@erase "$(INTDIR)\rd_priv.obj" - -@erase "$(INTDIR)\rd_req.obj" - -@erase "$(INTDIR)\rd_safe.obj" - -@erase "$(INTDIR)\read_service_key.obj" - -@erase "$(INTDIR)\realm_parse.obj" - -@erase "$(INTDIR)\recvauth.obj" - -@erase "$(INTDIR)\rw.obj" - -@erase "$(INTDIR)\save_credentials.obj" - -@erase "$(INTDIR)\send_to_kdc.obj" - -@erase "$(INTDIR)\sendauth.obj" - -@erase "$(INTDIR)\stime.obj" - -@erase "$(INTDIR)\str2key.obj" - -@erase "$(INTDIR)\ticket_memory.obj" - -@erase "$(INTDIR)\time.obj" - -@erase "$(INTDIR)\tkt_string.obj" - -@erase "$(INTDIR)\unparse_name.obj" - -@erase "$(INTDIR)\util.obj" - -@erase "$(INTDIR)\vc50.idb" - -@erase "$(INTDIR)\verify_user.obj" - -@erase "$(OUTDIR)\krb.dll" - -@erase "$(OUTDIR)\krb.exp" - -@erase "$(OUTDIR)\krb.lib" - -"$(OUTDIR)" : - if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)" - -CPP=cl.exe -CPP_PROJ=/nologo /MT /W3 /GX /O2 /I "." /I "..\..\include" /I\ - "..\..\include\win32" /I "..\des" /I "..\roken" /D "NDEBUG" /D "WIN32" /D\ - "_WINDOWS" /D "HAVE_CONFIG_H" /Fp"$(INTDIR)\krb.pch" /YX /Fo"$(INTDIR)\\"\ - /Fd"$(INTDIR)\\" /FD /c -CPP_OBJS=.\Release/ -CPP_SBRS=. - -.c{$(CPP_OBJS)}.obj:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.cpp{$(CPP_OBJS)}.obj:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.cxx{$(CPP_OBJS)}.obj:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.c{$(CPP_SBRS)}.sbr:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.cpp{$(CPP_SBRS)}.sbr:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.cxx{$(CPP_SBRS)}.sbr:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -MTL=midl.exe -MTL_PROJ=/nologo /D "NDEBUG" /mktyplib203 /win32 -RSC=rc.exe -RSC_PROJ=/l 0x409 /fo"$(INTDIR)\krb.res" /d "NDEBUG" -BSC32=bscmake.exe -BSC32_FLAGS=/nologo /o"$(OUTDIR)\krb.bsc" -BSC32_SBRS= \ - -LINK32=link.exe -LINK32_FLAGS=..\roken\Release\roken.lib ..\des\Release\des.lib wsock32.lib\ - kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib\ - shell32.lib ole32.lib oleaut32.lib uuid.lib /nologo /subsystem:windows /dll\ - /incremental:no /pdb:"$(OUTDIR)\krb.pdb" /machine:I386 /def:".\krb.def"\ - /out:"$(OUTDIR)\krb.dll" /implib:"$(OUTDIR)\krb.lib" -DEF_FILE= \ - ".\krb.def" -LINK32_OBJS= \ - "$(INTDIR)\cr_err_reply.obj" \ - "$(INTDIR)\create_auth_reply.obj" \ - "$(INTDIR)\create_ciph.obj" \ - "$(INTDIR)\create_ticket.obj" \ - "$(INTDIR)\debug_decl.obj" \ - "$(INTDIR)\decomp_ticket.obj" \ - "$(INTDIR)\dllmain.obj" \ - "$(INTDIR)\encrypt_ktext.obj" \ - "$(INTDIR)\get_ad_tkt.obj" \ - "$(INTDIR)\get_cred.obj" \ - "$(INTDIR)\get_default_principal.obj" \ - "$(INTDIR)\get_host.obj" \ - "$(INTDIR)\get_in_tkt.obj" \ - "$(INTDIR)\get_krbrlm.obj" \ - "$(INTDIR)\get_svc_in_tkt.obj" \ - "$(INTDIR)\get_tf_fullname.obj" \ - "$(INTDIR)\get_tf_realm.obj" \ - "$(INTDIR)\getaddrs.obj" \ - "$(INTDIR)\getfile.obj" \ - "$(INTDIR)\getrealm.obj" \ - "$(INTDIR)\getst.obj" \ - "$(INTDIR)\k_flock.obj" \ - "$(INTDIR)\k_gethostname.obj" \ - "$(INTDIR)\k_getport.obj" \ - "$(INTDIR)\k_getsockinst.obj" \ - "$(INTDIR)\k_localtime.obj" \ - "$(INTDIR)\kdc_reply.obj" \ - "$(INTDIR)\kntoln.obj" \ - "$(INTDIR)\krb.res" \ - "$(INTDIR)\krb_check_auth.obj" \ - "$(INTDIR)\krb_equiv.obj" \ - "$(INTDIR)\krb_err_txt.obj" \ - "$(INTDIR)\krb_get_in_tkt.obj" \ - "$(INTDIR)\lifetime.obj" \ - "$(INTDIR)\logging.obj" \ - "$(INTDIR)\lsb_addr_comp.obj" \ - "$(INTDIR)\mk_auth.obj" \ - "$(INTDIR)\mk_err.obj" \ - "$(INTDIR)\mk_priv.obj" \ - "$(INTDIR)\mk_req.obj" \ - "$(INTDIR)\mk_safe.obj" \ - "$(INTDIR)\month_sname.obj" \ - "$(INTDIR)\name2name.obj" \ - "$(INTDIR)\netread.obj" \ - "$(INTDIR)\netwrite.obj" \ - "$(INTDIR)\one.obj" \ - "$(INTDIR)\parse_name.obj" \ - "$(INTDIR)\rd_err.obj" \ - "$(INTDIR)\rd_priv.obj" \ - "$(INTDIR)\rd_req.obj" \ - "$(INTDIR)\rd_safe.obj" \ - "$(INTDIR)\read_service_key.obj" \ - "$(INTDIR)\realm_parse.obj" \ - "$(INTDIR)\recvauth.obj" \ - "$(INTDIR)\rw.obj" \ - "$(INTDIR)\save_credentials.obj" \ - "$(INTDIR)\send_to_kdc.obj" \ - "$(INTDIR)\sendauth.obj" \ - "$(INTDIR)\stime.obj" \ - "$(INTDIR)\str2key.obj" \ - "$(INTDIR)\ticket_memory.obj" \ - "$(INTDIR)\time.obj" \ - "$(INTDIR)\tkt_string.obj" \ - "$(INTDIR)\unparse_name.obj" \ - "$(INTDIR)\util.obj" \ - "$(INTDIR)\verify_user.obj" \ - "..\des\Release\des.lib" - -"$(OUTDIR)\krb.dll" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS) - $(LINK32) @<< - $(LINK32_FLAGS) $(LINK32_OBJS) -<< - -!ELSEIF "$(CFG)" == "krb - Win32 Debug" - -OUTDIR=.\Debug -INTDIR=.\Debug -# Begin Custom Macros -OutDir=.\.\Debug -# End Custom Macros - -!IF "$(RECURSE)" == "0" - -ALL : "$(OUTDIR)\krb.dll" - -!ELSE - -ALL : "des - Win32 Debug" "$(OUTDIR)\krb.dll" - -!ENDIF - -!IF "$(RECURSE)" == "1" -CLEAN :"des - Win32 DebugCLEAN" -!ELSE -CLEAN : -!ENDIF - -@erase "$(INTDIR)\cr_err_reply.obj" - -@erase "$(INTDIR)\create_auth_reply.obj" - -@erase "$(INTDIR)\create_ciph.obj" - -@erase "$(INTDIR)\create_ticket.obj" - -@erase "$(INTDIR)\debug_decl.obj" - -@erase "$(INTDIR)\decomp_ticket.obj" - -@erase "$(INTDIR)\dllmain.obj" - -@erase "$(INTDIR)\encrypt_ktext.obj" - -@erase "$(INTDIR)\get_ad_tkt.obj" - -@erase "$(INTDIR)\get_cred.obj" - -@erase "$(INTDIR)\get_default_principal.obj" - -@erase "$(INTDIR)\get_host.obj" - -@erase "$(INTDIR)\get_in_tkt.obj" - -@erase "$(INTDIR)\get_krbrlm.obj" - -@erase "$(INTDIR)\get_svc_in_tkt.obj" - -@erase "$(INTDIR)\get_tf_fullname.obj" - -@erase "$(INTDIR)\get_tf_realm.obj" - -@erase "$(INTDIR)\getaddrs.obj" - -@erase "$(INTDIR)\getfile.obj" - -@erase "$(INTDIR)\getrealm.obj" - -@erase "$(INTDIR)\getst.obj" - -@erase "$(INTDIR)\k_flock.obj" - -@erase "$(INTDIR)\k_gethostname.obj" - -@erase "$(INTDIR)\k_getport.obj" - -@erase "$(INTDIR)\k_getsockinst.obj" - -@erase "$(INTDIR)\k_localtime.obj" - -@erase "$(INTDIR)\kdc_reply.obj" - -@erase "$(INTDIR)\kntoln.obj" - -@erase "$(INTDIR)\krb.res" - -@erase "$(INTDIR)\krb_check_auth.obj" - -@erase "$(INTDIR)\krb_equiv.obj" - -@erase "$(INTDIR)\krb_err_txt.obj" - -@erase "$(INTDIR)\krb_get_in_tkt.obj" - -@erase "$(INTDIR)\lifetime.obj" - -@erase "$(INTDIR)\logging.obj" - -@erase "$(INTDIR)\lsb_addr_comp.obj" - -@erase "$(INTDIR)\mk_auth.obj" - -@erase "$(INTDIR)\mk_err.obj" - -@erase "$(INTDIR)\mk_priv.obj" - -@erase "$(INTDIR)\mk_req.obj" - -@erase "$(INTDIR)\mk_safe.obj" - -@erase "$(INTDIR)\month_sname.obj" - -@erase "$(INTDIR)\name2name.obj" - -@erase "$(INTDIR)\netread.obj" - -@erase "$(INTDIR)\netwrite.obj" - -@erase "$(INTDIR)\one.obj" - -@erase "$(INTDIR)\parse_name.obj" - -@erase "$(INTDIR)\rd_err.obj" - -@erase "$(INTDIR)\rd_priv.obj" - -@erase "$(INTDIR)\rd_req.obj" - -@erase "$(INTDIR)\rd_safe.obj" - -@erase "$(INTDIR)\read_service_key.obj" - -@erase "$(INTDIR)\realm_parse.obj" - -@erase "$(INTDIR)\recvauth.obj" - -@erase "$(INTDIR)\rw.obj" - -@erase "$(INTDIR)\save_credentials.obj" - -@erase "$(INTDIR)\send_to_kdc.obj" - -@erase "$(INTDIR)\sendauth.obj" - -@erase "$(INTDIR)\stime.obj" - -@erase "$(INTDIR)\str2key.obj" - -@erase "$(INTDIR)\ticket_memory.obj" - -@erase "$(INTDIR)\time.obj" - -@erase "$(INTDIR)\tkt_string.obj" - -@erase "$(INTDIR)\unparse_name.obj" - -@erase "$(INTDIR)\util.obj" - -@erase "$(INTDIR)\vc50.idb" - -@erase "$(INTDIR)\vc50.pdb" - -@erase "$(INTDIR)\verify_user.obj" - -@erase "$(OUTDIR)\krb.dll" - -@erase "$(OUTDIR)\krb.exp" - -@erase "$(OUTDIR)\krb.ilk" - -@erase "$(OUTDIR)\krb.lib" - -@erase "$(OUTDIR)\krb.pdb" - -"$(OUTDIR)" : - if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)" - -CPP=cl.exe -CPP_PROJ=/nologo /MDd /W3 /Gm /GX /Zi /Od /I "." /I "..\..\include" /I\ - "..\..\include\win32" /I "..\des" /I "..\roken" /D "_DEBUG" /D "WIN32" /D\ - "_WINDOWS" /D "HAVE_CONFIG_H" /Fp"$(INTDIR)\krb.pch" /YX /Fo"$(INTDIR)\\"\ - /Fd"$(INTDIR)\\" /FD /c -CPP_OBJS=.\Debug/ -CPP_SBRS=. - -.c{$(CPP_OBJS)}.obj:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.cpp{$(CPP_OBJS)}.obj:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.cxx{$(CPP_OBJS)}.obj:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.c{$(CPP_SBRS)}.sbr:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.cpp{$(CPP_SBRS)}.sbr:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.cxx{$(CPP_SBRS)}.sbr:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -MTL=midl.exe -MTL_PROJ=/nologo /D "_DEBUG" /mktyplib203 /win32 -RSC=rc.exe -RSC_PROJ=/l 0x409 /fo"$(INTDIR)\krb.res" /d "_DEBUG" -BSC32=bscmake.exe -BSC32_FLAGS=/nologo /o"$(OUTDIR)\krb.bsc" -BSC32_SBRS= \ - -LINK32=link.exe -LINK32_FLAGS=..\roken\Debug\roken.lib ..\des\Debug\des.lib wsock32.lib\ - kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib\ - shell32.lib ole32.lib oleaut32.lib uuid.lib /nologo /subsystem:windows /dll\ - /incremental:yes /pdb:"$(OUTDIR)\krb.pdb" /debug /machine:I386 /def:".\krb.def"\ - /out:"$(OUTDIR)\krb.dll" /implib:"$(OUTDIR)\krb.lib" -DEF_FILE= \ - ".\krb.def" -LINK32_OBJS= \ - "$(INTDIR)\cr_err_reply.obj" \ - "$(INTDIR)\create_auth_reply.obj" \ - "$(INTDIR)\create_ciph.obj" \ - "$(INTDIR)\create_ticket.obj" \ - "$(INTDIR)\debug_decl.obj" \ - "$(INTDIR)\decomp_ticket.obj" \ - "$(INTDIR)\dllmain.obj" \ - "$(INTDIR)\encrypt_ktext.obj" \ - "$(INTDIR)\get_ad_tkt.obj" \ - "$(INTDIR)\get_cred.obj" \ - "$(INTDIR)\get_default_principal.obj" \ - "$(INTDIR)\get_host.obj" \ - "$(INTDIR)\get_in_tkt.obj" \ - "$(INTDIR)\get_krbrlm.obj" \ - "$(INTDIR)\get_svc_in_tkt.obj" \ - "$(INTDIR)\get_tf_fullname.obj" \ - "$(INTDIR)\get_tf_realm.obj" \ - "$(INTDIR)\getaddrs.obj" \ - "$(INTDIR)\getfile.obj" \ - "$(INTDIR)\getrealm.obj" \ - "$(INTDIR)\getst.obj" \ - "$(INTDIR)\k_flock.obj" \ - "$(INTDIR)\k_gethostname.obj" \ - "$(INTDIR)\k_getport.obj" \ - "$(INTDIR)\k_getsockinst.obj" \ - "$(INTDIR)\k_localtime.obj" \ - "$(INTDIR)\kdc_reply.obj" \ - "$(INTDIR)\kntoln.obj" \ - "$(INTDIR)\krb.res" \ - "$(INTDIR)\krb_check_auth.obj" \ - "$(INTDIR)\krb_equiv.obj" \ - "$(INTDIR)\krb_err_txt.obj" \ - "$(INTDIR)\krb_get_in_tkt.obj" \ - "$(INTDIR)\lifetime.obj" \ - "$(INTDIR)\logging.obj" \ - "$(INTDIR)\lsb_addr_comp.obj" \ - "$(INTDIR)\mk_auth.obj" \ - "$(INTDIR)\mk_err.obj" \ - "$(INTDIR)\mk_priv.obj" \ - "$(INTDIR)\mk_req.obj" \ - "$(INTDIR)\mk_safe.obj" \ - "$(INTDIR)\month_sname.obj" \ - "$(INTDIR)\name2name.obj" \ - "$(INTDIR)\netread.obj" \ - "$(INTDIR)\netwrite.obj" \ - "$(INTDIR)\one.obj" \ - "$(INTDIR)\parse_name.obj" \ - "$(INTDIR)\rd_err.obj" \ - "$(INTDIR)\rd_priv.obj" \ - "$(INTDIR)\rd_req.obj" \ - "$(INTDIR)\rd_safe.obj" \ - "$(INTDIR)\read_service_key.obj" \ - "$(INTDIR)\realm_parse.obj" \ - "$(INTDIR)\recvauth.obj" \ - "$(INTDIR)\rw.obj" \ - "$(INTDIR)\save_credentials.obj" \ - "$(INTDIR)\send_to_kdc.obj" \ - "$(INTDIR)\sendauth.obj" \ - "$(INTDIR)\stime.obj" \ - "$(INTDIR)\str2key.obj" \ - "$(INTDIR)\ticket_memory.obj" \ - "$(INTDIR)\time.obj" \ - "$(INTDIR)\tkt_string.obj" \ - "$(INTDIR)\unparse_name.obj" \ - "$(INTDIR)\util.obj" \ - "$(INTDIR)\verify_user.obj" \ - "..\des\Debug\des.lib" - -"$(OUTDIR)\krb.dll" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS) - $(LINK32) @<< - $(LINK32_FLAGS) $(LINK32_OBJS) -<< - -!ENDIF - - -!IF "$(CFG)" == "krb - Win32 Release" || "$(CFG)" == "krb - Win32 Debug" -SOURCE=.\cr_err_reply.c -DEP_CPP_CR_ER=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\cr_err_reply.obj" : $(SOURCE) $(DEP_CPP_CR_ER) "$(INTDIR)" - - -SOURCE=.\create_auth_reply.c -DEP_CPP_CREAT=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\create_auth_reply.obj" : $(SOURCE) $(DEP_CPP_CREAT) "$(INTDIR)" - - -SOURCE=.\create_ciph.c -DEP_CPP_CREATE=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\create_ciph.obj" : $(SOURCE) $(DEP_CPP_CREATE) "$(INTDIR)" - - -SOURCE=.\create_ticket.c -DEP_CPP_CREATE_=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\create_ticket.obj" : $(SOURCE) $(DEP_CPP_CREATE_) "$(INTDIR)" - - -SOURCE=.\debug_decl.c -DEP_CPP_DEBUG=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\debug_decl.obj" : $(SOURCE) $(DEP_CPP_DEBUG) "$(INTDIR)" - - -SOURCE=.\decomp_ticket.c -DEP_CPP_DECOM=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\decomp_ticket.obj" : $(SOURCE) $(DEP_CPP_DECOM) "$(INTDIR)" - - -SOURCE=.\dllmain.c -DEP_CPP_DLLMA=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - ".\ticket_memory.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\dllmain.obj" : $(SOURCE) $(DEP_CPP_DLLMA) "$(INTDIR)" - - -SOURCE=.\encrypt_ktext.c -DEP_CPP_ENCRY=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\encrypt_ktext.obj" : $(SOURCE) $(DEP_CPP_ENCRY) "$(INTDIR)" - - -SOURCE=.\get_ad_tkt.c -DEP_CPP_GET_A=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\get_ad_tkt.obj" : $(SOURCE) $(DEP_CPP_GET_A) "$(INTDIR)" - - -SOURCE=.\get_cred.c -DEP_CPP_GET_C=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\get_cred.obj" : $(SOURCE) $(DEP_CPP_GET_C) "$(INTDIR)" - - -SOURCE=.\get_default_principal.c -DEP_CPP_GET_D=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\get_default_principal.obj" : $(SOURCE) $(DEP_CPP_GET_D) "$(INTDIR)" - - -SOURCE=.\get_host.c -DEP_CPP_GET_H=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\get_host.obj" : $(SOURCE) $(DEP_CPP_GET_H) "$(INTDIR)" - - -SOURCE=.\get_in_tkt.c -DEP_CPP_GET_I=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\get_in_tkt.obj" : $(SOURCE) $(DEP_CPP_GET_I) "$(INTDIR)" - - -SOURCE=.\get_krbrlm.c -DEP_CPP_GET_K=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\get_krbrlm.obj" : $(SOURCE) $(DEP_CPP_GET_K) "$(INTDIR)" - - -SOURCE=.\get_svc_in_tkt.c -DEP_CPP_GET_S=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\get_svc_in_tkt.obj" : $(SOURCE) $(DEP_CPP_GET_S) "$(INTDIR)" - - -SOURCE=.\get_tf_fullname.c -DEP_CPP_GET_T=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\get_tf_fullname.obj" : $(SOURCE) $(DEP_CPP_GET_T) "$(INTDIR)" - - -SOURCE=.\get_tf_realm.c -DEP_CPP_GET_TF=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\get_tf_realm.obj" : $(SOURCE) $(DEP_CPP_GET_TF) "$(INTDIR)" - - -SOURCE=.\getaddrs.c -DEP_CPP_GETAD=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\getaddrs.obj" : $(SOURCE) $(DEP_CPP_GETAD) "$(INTDIR)" - - -SOURCE=.\getfile.c -DEP_CPP_GETFI=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\getfile.obj" : $(SOURCE) $(DEP_CPP_GETFI) "$(INTDIR)" - - -SOURCE=.\getrealm.c -DEP_CPP_GETRE=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - ".\resolve.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\getrealm.obj" : $(SOURCE) $(DEP_CPP_GETRE) "$(INTDIR)" - - -SOURCE=.\getst.c -DEP_CPP_GETST=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\getst.obj" : $(SOURCE) $(DEP_CPP_GETST) "$(INTDIR)" - - -SOURCE=.\k_flock.c -DEP_CPP_K_FLO=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\k_flock.obj" : $(SOURCE) $(DEP_CPP_K_FLO) "$(INTDIR)" - - -SOURCE=.\k_gethostname.c -DEP_CPP_K_GET=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\k_gethostname.obj" : $(SOURCE) $(DEP_CPP_K_GET) "$(INTDIR)" - - -SOURCE=.\k_getport.c -DEP_CPP_K_GETP=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\k_getport.obj" : $(SOURCE) $(DEP_CPP_K_GETP) "$(INTDIR)" - - -SOURCE=.\k_getsockinst.c -DEP_CPP_K_GETS=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\k_getsockinst.obj" : $(SOURCE) $(DEP_CPP_K_GETS) "$(INTDIR)" - - -SOURCE=.\k_localtime.c -DEP_CPP_K_LOC=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\k_localtime.obj" : $(SOURCE) $(DEP_CPP_K_LOC) "$(INTDIR)" - - -SOURCE=.\kdc_reply.c -DEP_CPP_KDC_R=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\kdc_reply.obj" : $(SOURCE) $(DEP_CPP_KDC_R) "$(INTDIR)" - - -SOURCE=.\kntoln.c -DEP_CPP_KNTOL=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\kntoln.obj" : $(SOURCE) $(DEP_CPP_KNTOL) "$(INTDIR)" - - -SOURCE=.\krb_check_auth.c -DEP_CPP_KRB_C=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\krb_check_auth.obj" : $(SOURCE) $(DEP_CPP_KRB_C) "$(INTDIR)" - - -SOURCE=.\krb_equiv.c -DEP_CPP_KRB_E=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\krb_equiv.obj" : $(SOURCE) $(DEP_CPP_KRB_E) "$(INTDIR)" - - -SOURCE=.\krb_err_txt.c -DEP_CPP_KRB_ER=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\krb_err_txt.obj" : $(SOURCE) $(DEP_CPP_KRB_ER) "$(INTDIR)" - - -SOURCE=.\krb_get_in_tkt.c -DEP_CPP_KRB_G=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\krb_get_in_tkt.obj" : $(SOURCE) $(DEP_CPP_KRB_G) "$(INTDIR)" - - -SOURCE=.\lifetime.c -DEP_CPP_LIFET=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\lifetime.obj" : $(SOURCE) $(DEP_CPP_LIFET) "$(INTDIR)" - - -SOURCE=.\logging.c -DEP_CPP_LOGGI=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\klog.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\logging.obj" : $(SOURCE) $(DEP_CPP_LOGGI) "$(INTDIR)" - - -SOURCE=.\lsb_addr_comp.c -DEP_CPP_LSB_A=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-archaeology.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\lsb_addr_comp.obj" : $(SOURCE) $(DEP_CPP_LSB_A) "$(INTDIR)" - - -SOURCE=.\mk_auth.c -DEP_CPP_MK_AU=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\mk_auth.obj" : $(SOURCE) $(DEP_CPP_MK_AU) "$(INTDIR)" - - -SOURCE=.\mk_err.c -DEP_CPP_MK_ER=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\mk_err.obj" : $(SOURCE) $(DEP_CPP_MK_ER) "$(INTDIR)" - - -SOURCE=.\mk_priv.c -DEP_CPP_MK_PR=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-archaeology.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\mk_priv.obj" : $(SOURCE) $(DEP_CPP_MK_PR) "$(INTDIR)" - - -SOURCE=.\mk_req.c -DEP_CPP_MK_RE=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\mk_req.obj" : $(SOURCE) $(DEP_CPP_MK_RE) "$(INTDIR)" - - -SOURCE=.\mk_safe.c -DEP_CPP_MK_SA=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-archaeology.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\mk_safe.obj" : $(SOURCE) $(DEP_CPP_MK_SA) "$(INTDIR)" - - -SOURCE=.\month_sname.c -DEP_CPP_MONTH=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\month_sname.obj" : $(SOURCE) $(DEP_CPP_MONTH) "$(INTDIR)" - - -SOURCE=.\name2name.c -DEP_CPP_NAME2=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\name2name.obj" : $(SOURCE) $(DEP_CPP_NAME2) "$(INTDIR)" - - -SOURCE=.\netread.c -DEP_CPP_NETRE=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\netread.obj" : $(SOURCE) $(DEP_CPP_NETRE) "$(INTDIR)" - - -SOURCE=.\netwrite.c -DEP_CPP_NETWR=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\netwrite.obj" : $(SOURCE) $(DEP_CPP_NETWR) "$(INTDIR)" - - -SOURCE=.\one.c - -"$(INTDIR)\one.obj" : $(SOURCE) "$(INTDIR)" - - -SOURCE=.\parse_name.c -DEP_CPP_PARSE=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\parse_name.obj" : $(SOURCE) $(DEP_CPP_PARSE) "$(INTDIR)" - - -SOURCE=.\rd_err.c -DEP_CPP_RD_ER=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\rd_err.obj" : $(SOURCE) $(DEP_CPP_RD_ER) "$(INTDIR)" - - -SOURCE=.\rd_priv.c -DEP_CPP_RD_PR=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-archaeology.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\rd_priv.obj" : $(SOURCE) $(DEP_CPP_RD_PR) "$(INTDIR)" - - -SOURCE=.\rd_req.c -DEP_CPP_RD_RE=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\rd_req.obj" : $(SOURCE) $(DEP_CPP_RD_RE) "$(INTDIR)" - - -SOURCE=.\rd_safe.c -DEP_CPP_RD_SA=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-archaeology.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\rd_safe.obj" : $(SOURCE) $(DEP_CPP_RD_SA) "$(INTDIR)" - - -SOURCE=.\read_service_key.c -DEP_CPP_READ_=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\read_service_key.obj" : $(SOURCE) $(DEP_CPP_READ_) "$(INTDIR)" - - -SOURCE=.\realm_parse.c -DEP_CPP_REALM=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\realm_parse.obj" : $(SOURCE) $(DEP_CPP_REALM) "$(INTDIR)" - - -SOURCE=.\recvauth.c -DEP_CPP_RECVA=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\recvauth.obj" : $(SOURCE) $(DEP_CPP_RECVA) "$(INTDIR)" - - -SOURCE=.\resolve.c -DEP_CPP_RESOL=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\resolve.obj" : $(SOURCE) $(DEP_CPP_RESOL) "$(INTDIR)" - - -SOURCE=.\rw.c -DEP_CPP_RW_C6a=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\..\include\win32\version.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\rw.obj" : $(SOURCE) $(DEP_CPP_RW_C6a) "$(INTDIR)" - - -SOURCE=.\save_credentials.c -DEP_CPP_SAVE_=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\save_credentials.obj" : $(SOURCE) $(DEP_CPP_SAVE_) "$(INTDIR)" - - -SOURCE=.\send_to_kdc.c -DEP_CPP_SEND_=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\base64.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\send_to_kdc.obj" : $(SOURCE) $(DEP_CPP_SEND_) "$(INTDIR)" - - -SOURCE=.\sendauth.c -DEP_CPP_SENDA=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\sendauth.obj" : $(SOURCE) $(DEP_CPP_SENDA) "$(INTDIR)" - - -SOURCE=.\stime.c -DEP_CPP_STIME=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\stime.obj" : $(SOURCE) $(DEP_CPP_STIME) "$(INTDIR)" - - -SOURCE=.\str2key.c -DEP_CPP_STR2K=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\str2key.obj" : $(SOURCE) $(DEP_CPP_STR2K) "$(INTDIR)" - - -SOURCE=.\ticket_memory.c -DEP_CPP_TICKE=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - ".\ticket_memory.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\ticket_memory.obj" : $(SOURCE) $(DEP_CPP_TICKE) "$(INTDIR)" - - -SOURCE=.\time.c -DEP_CPP_TIME_=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\time.obj" : $(SOURCE) $(DEP_CPP_TIME_) "$(INTDIR)" - - -SOURCE=.\tkt_string.c -DEP_CPP_TKT_S=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\tkt_string.obj" : $(SOURCE) $(DEP_CPP_TKT_S) "$(INTDIR)" - - -SOURCE=.\unparse_name.c -DEP_CPP_UNPAR=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\unparse_name.obj" : $(SOURCE) $(DEP_CPP_UNPAR) "$(INTDIR)" - - -SOURCE=.\util.c -DEP_CPP_UTIL_=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\util.obj" : $(SOURCE) $(DEP_CPP_UTIL_) "$(INTDIR)" - - -SOURCE=.\verify_user.c -DEP_CPP_VERIF=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\verify_user.obj" : $(SOURCE) $(DEP_CPP_VERIF) "$(INTDIR)" - - -SOURCE=.\krb.rc - -"$(INTDIR)\krb.res" : $(SOURCE) "$(INTDIR)" - $(RSC) $(RSC_PROJ) $(SOURCE) - - -!IF "$(CFG)" == "krb - Win32 Release" - -"des - Win32 Release" : - cd "\tmp\wirus-krb\krb4-pre-0.9.9\lib\des" - $(MAKE) /$(MAKEFLAGS) /F ".\des.mak" CFG="des - Win32 Release" - cd "..\krb" - -"des - Win32 ReleaseCLEAN" : - cd "\tmp\wirus-krb\krb4-pre-0.9.9\lib\des" - $(MAKE) /$(MAKEFLAGS) CLEAN /F ".\des.mak" CFG="des - Win32 Release"\ - RECURSE=1 - cd "..\krb" - -!ELSEIF "$(CFG)" == "krb - Win32 Debug" - -"des - Win32 Debug" : - cd "\tmp\wirus-krb\krb4-pre-0.9.9\lib\des" - $(MAKE) /$(MAKEFLAGS) /F ".\des.mak" CFG="des - Win32 Debug" - cd "..\krb" - -"des - Win32 DebugCLEAN" : - cd "\tmp\wirus-krb\krb4-pre-0.9.9\lib\des" - $(MAKE) /$(MAKEFLAGS) CLEAN /F ".\des.mak" CFG="des - Win32 Debug" RECURSE=1\ - - cd "..\krb" - -!ENDIF - - -!ENDIF - diff --git a/crypto/kerberosIV/lib/krb/krb.rc b/crypto/kerberosIV/lib/krb/krb.rc deleted file mode 100644 index 413e706..0000000 --- a/crypto/kerberosIV/lib/krb/krb.rc +++ /dev/null @@ -1,105 +0,0 @@ -//Microsoft Developer Studio generated resource script. -// -#include "resource.h" - -#define APSTUDIO_READONLY_SYMBOLS -///////////////////////////////////////////////////////////////////////////// -// -// Generated from the TEXTINCLUDE 2 resource. -// -#include "afxres.h" - -///////////////////////////////////////////////////////////////////////////// -#undef APSTUDIO_READONLY_SYMBOLS - -///////////////////////////////////////////////////////////////////////////// -// Swedish resources - -#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_SVE) -#ifdef _WIN32 -LANGUAGE LANG_SWEDISH, SUBLANG_DEFAULT -#pragma code_page(1252) -#endif //_WIN32 - -#ifdef APSTUDIO_INVOKED -///////////////////////////////////////////////////////////////////////////// -// -// TEXTINCLUDE -// - -1 TEXTINCLUDE DISCARDABLE -BEGIN - "resource.h\0" -END - -2 TEXTINCLUDE DISCARDABLE -BEGIN - "#include ""afxres.h""\r\n" - "\0" -END - -3 TEXTINCLUDE DISCARDABLE -BEGIN - "\r\n" - "\0" -END - -#endif // APSTUDIO_INVOKED - - -#ifndef _MAC -///////////////////////////////////////////////////////////////////////////// -// -// Version -// - -VS_VERSION_INFO VERSIONINFO - FILEVERSION 1,0,0,1 - PRODUCTVERSION 1,0,0,1 - FILEFLAGSMASK 0x3fL -#ifdef _DEBUG - FILEFLAGS 0x1L -#else - FILEFLAGS 0x0L -#endif - FILEOS 0x40004L - FILETYPE 0x2L - FILESUBTYPE 0x0L -BEGIN - BLOCK "StringFileInfo" - BEGIN - BLOCK "040904b0" - BEGIN - VALUE "CompanyName", "Royal Institute of Technology (KTH)\0" - VALUE "FileDescription", "krb\0" - VALUE "FileVersion", "4, 0, 9, 9\0" - VALUE "InternalName", "krb\0" - VALUE "LegalCopyright", "Copyright © 1996 - 1998 Royal Institute of Technology (KTH)\0" - VALUE "OriginalFilename", "krb.dll\0" - VALUE "ProductName", "KTH Kerberos\0" - VALUE "ProductVersion", "4,0,9,9\0" - END - END - BLOCK "VarFileInfo" - BEGIN - VALUE "Translation", 0x409, 1200 - END -END - -#endif // !_MAC - -#endif // Swedish resources -///////////////////////////////////////////////////////////////////////////// - - - -#ifndef APSTUDIO_INVOKED -///////////////////////////////////////////////////////////////////////////// -// -// Generated from the TEXTINCLUDE 3 resource. -// - - -///////////////////////////////////////////////////////////////////////////// -#endif // not APSTUDIO_INVOKED - diff --git a/crypto/kerberosIV/lib/krb/krb_check_auth.c b/crypto/kerberosIV/lib/krb/krb_check_auth.c deleted file mode 100644 index 00e68ca..0000000 --- a/crypto/kerberosIV/lib/krb/krb_check_auth.c +++ /dev/null @@ -1,72 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -/* $FreeBSD$ */ - -#include "krb_locl.h" - -RCSID("$Id: krb_check_auth.c,v 1.5 1999/12/02 16:58:42 joda Exp $"); - -/* - * - * Receive an mutual-authenticator for a server in `packet', with - * `checksum', `session', and `schedule' having the appropriate values - * and return the data in `msg_data'. - * - * Return KSUCCESS if the received checksum is correct. - * - */ - -int -krb_check_auth(KTEXT packet, - u_int32_t checksum, - MSG_DAT *msg_data, - des_cblock *session, - des_key_schedule schedule, - struct sockaddr_in *laddr, - struct sockaddr_in *faddr) -{ - int ret; - u_int32_t checksum2; - - ret = krb_rd_priv (packet->dat, packet->length, schedule, session, faddr, - laddr, msg_data); - if (ret != RD_AP_OK) - return ret; - if (msg_data->app_length != 4) - return KFAILURE; - krb_get_int (msg_data->app_data, &checksum2, 4, 0); - if (checksum2 == checksum + 1) - return KSUCCESS; - else - return KFAILURE; -} diff --git a/crypto/kerberosIV/lib/krb/krb_equiv.c b/crypto/kerberosIV/lib/krb/krb_equiv.c deleted file mode 100644 index 271d422..0000000 --- a/crypto/kerberosIV/lib/krb/krb_equiv.c +++ /dev/null @@ -1,140 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * int krb_equiv(u_int32_t ipaddr_a, u_int32_t ipaddr_b); - * - * Given two IP adresses return true if they match - * or are considered to belong to the same host. - * - * For example if /etc/krb.equiv looks like - * - * 130.237.223.3 192.16.126.3 # alv alv1 - * 130.237.223.4 192.16.126.4 # byse byse1 - * 130.237.228.152 192.16.126.9 # topsy topsy1 - * - * krb_equiv(alv, alv1) would return true but - * krb_equiv(alv, byse1) would not. - * - * A comment starts with an '#' and ends with '\n'. - * - */ -#include "krb_locl.h" - -RCSID("$Id: krb_equiv.c,v 1.15 1999/12/02 16:58:42 joda Exp $"); - -int krb_ignore_ip_address = 0; - -int -krb_equiv(u_int32_t a, u_int32_t b) -{ - FILE *fil; - char line[256]; - int hit_a, hit_b; - int iscomment; - - if (a == b) /* trivial match, also the common case */ - return 1; - - if (krb_ignore_ip_address) - return 1; /* if we have decided not to compare */ - - a = ntohl(a); - b = ntohl(b); - - fil = fopen(KRB_EQUIV, "r"); - if (fil == NULL) /* open failed */ - return 0; - - hit_a = hit_b = 0; - iscomment = 0; - while (fgets(line, sizeof(line)-1, fil) != NULL) /* for each line */ - { - char *t = line; - int len = strlen(t); - - /* for each item on this line */ - while (*t != 0) /* more addresses on this line? */ - if (*t == '\n') { - iscomment = hit_a = hit_b = 0; - break; - } else if (iscomment) - t = line + len - 1; - else if (*t == '#') { /* rest is comment */ - iscomment = 1; - ++t; - } else if (*t == '\\' ) /* continuation */ - break; - else if (isspace((unsigned char)*t)) /* skip space */ - t++; - else if (isdigit((unsigned char)*t)) /* an address? */ - { - u_int32_t tmp; - u_int32_t tmpa, tmpb, tmpc, tmpd; - - sscanf(t, "%d.%d.%d.%d", &tmpa, &tmpb, &tmpc, &tmpd); - tmp = (tmpa << 24) | (tmpb << 16) | (tmpc << 8) | tmpd; - - /* done with this address */ - while (*t == '.' || isdigit((unsigned char)*t)) - t++; - - if (tmp != -1) { /* an address (and not broadcast) */ - u_int32_t mask = (u_int32_t)~0; - - if (*t == '/') { - ++t; - mask <<= 32 - atoi(t); - - while(isdigit((unsigned char)*t)) - ++t; - } - - if ((tmp & mask) == (a & mask)) - hit_a = 1; - if ((tmp & mask) == (b & mask)) - hit_b = 1; - if (hit_a && hit_b) { - fclose(fil); - return 1; - } - } - } - else - ++t; /* garbage on this line, skip it */ - - } - - fclose(fil); - return 0; -} diff --git a/crypto/kerberosIV/lib/krb/krb_err.et b/crypto/kerberosIV/lib/krb/krb_err.et deleted file mode 100644 index 9dce192..0000000 --- a/crypto/kerberosIV/lib/krb/krb_err.et +++ /dev/null @@ -1,65 +0,0 @@ -# Copyright 1987,1988 Massachusetts Institute of Technology -# -# For copying and distribution information, see the file -# "mit-copyright.h". -# -# This might look like a com_err file, but is not -# -id "$Id: krb_err.et,v 1.7 1998/03/29 14:19:52 bg Exp $" - -error_table krb - -prefix KRBET -ec KSUCCESS, "Kerberos successful" -ec KDC_NAME_EXP, "Kerberos principal expired" -ec KDC_SERVICE_EXP, "Kerberos service expired" -ec KDC_AUTH_EXP, "Kerberos auth expired" -ec KDC_PKT_VER, "Incorrect kerberos master key version" -ec KDC_P_MKEY_VER, "Incorrect kerberos master key version" -ec KDC_S_MKEY_VER, "Incorrect kerberos master key version" -ec KDC_BYTE_ORDER, "Kerberos error: byte order unknown" -ec KDC_PR_UNKNOWN, "Kerberos principal unknown" -ec KDC_PR_N_UNIQUE, "Kerberos principal not unique" -ec KDC_NULL_KEY, "Kerberos principal has null key" -index 20 -ec KDC_GEN_ERR, "Generic error from Kerberos KDC" -ec GC_TKFIL, "Can't read Kerberos ticket file" -ec GC_NOTKT, "Can't find Kerberos ticket or TGT" -index 26 -ec MK_AP_TGTEXP, "Kerberos TGT Expired" -index 31 -ec RD_AP_UNDEC, "Kerberos error: Can't decode authenticator" -ec RD_AP_EXP, "Kerberos ticket expired" -ec RD_AP_NYV, "Kerberos ticket not yet valid" -ec RD_AP_REPEAT, "Kerberos error: Repeated request" -ec RD_AP_NOT_US, "The kerberos ticket isn't for us" -ec RD_AP_INCON, "Kerberos request inconsistent" -ec RD_AP_TIME, "Kerberos error: delta_t too big" -ec RD_AP_BADD, "Kerberos error: incorrect net address" -ec RD_AP_VERSION, "Kerberos protocol version mismatch" -ec RD_AP_MSG_TYPE, "Kerberos error: invalid msg type" -ec RD_AP_MODIFIED, "Kerberos error: message stream modified" -ec RD_AP_ORDER, "Kerberos error: message out of order" -ec RD_AP_UNAUTHOR, "Kerberos error: unauthorized request" -index 51 -ec GT_PW_NULL, "Kerberos error: current PW is null" -ec GT_PW_BADPW, "Kerberos error: Incorrect current password" -ec GT_PW_PROT, "Kerberos protocol error" -ec GT_PW_KDCERR, "Error returned by Kerberos KDC" -ec GT_PW_NULLTKT, "Null Kerberos ticket returned by KDC" -ec SKDC_RETRY, "Kerberos error: Retry count exceeded" -ec SKDC_CANT, "Kerberos error: Can't send request" -index 61 -ec INTK_W_NOTALL, "Kerberos error: not all tickets returned" -ec INTK_BADPW, "Kerberos error: incorrect password" -ec INTK_PROT, "Kerberos error: Protocol Error" -index 70 -ec INTK_ERR, "Other error" -ec AD_NOTGT, "Don't have Kerberos ticket-granting ticket" -index 76 -ec NO_TKT_FIL, "No ticket file found" -ec TKT_FIL_ACC, "Couldn't access ticket file" -ec TKT_FIL_LCK, "Couldn't lock ticket file" -ec TKT_FIL_FMT, "Bad ticket file format" -ec TKT_FIL_INI, "tf_init not called first" -ec KNAME_FMT, "Bad Kerberos name format" diff --git a/crypto/kerberosIV/lib/krb/krb_err_txt.c b/crypto/kerberosIV/lib/krb/krb_err_txt.c deleted file mode 100644 index cb6cd13..0000000 --- a/crypto/kerberosIV/lib/krb/krb_err_txt.c +++ /dev/null @@ -1,299 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: krb_err_txt.c,v 1.13 1998/01/31 08:11:52 joda Exp $"); - -/* - * This file contains an array of error text strings. - * The associated error codes (which are defined in "krb.h") - * follow the string in the comments at the end of each line. - */ - -const char *krb_err_txt[256] = { - "OK", /* 000 */ - "Principal expired (kerberos)", /* 001 */ - "Service expired (kerberos)", /* 002 */ - "Authentication expired (kerberos)", /* 003 */ - "Unknown protocol version number (kerberos)", /* 004 */ - "Principal: Incorrect master key version (kerberos)", /* 005 */ - "Service: Incorrect master key version (kerberos)", /* 006 */ - "Bad byte order (kerberos)", /* 007 */ - "Principal unknown (kerberos)", /* 008 */ - "Principal not unique (kerberos)", /* 009 */ - "Principal has null key (kerberos)", /* 010 */ - "Timeout in request (kerberos)", /* 011 */ - "Reserved error message 12 (kerberos)", /* 012 */ - "Reserved error message 13 (kerberos)", /* 013 */ - "Reserved error message 14 (kerberos)", /* 014 */ - "Reserved error message 15 (kerberos)", /* 015 */ - "Reserved error message 16 (kerberos)", /* 016 */ - "Reserved error message 17 (kerberos)", /* 017 */ - "Reserved error message 18 (kerberos)", /* 018 */ - "Reserved error message 19 (kerberos)", /* 019 */ - "Permission Denied (kerberos)", /* 020 */ - "Can't read ticket file (krb_get_cred)", /* 021 */ - "Can't find ticket (krb_get_cred)", /* 022 */ - "Reserved error message 23 (krb_get_cred)", /* 023 */ - "Reserved error message 24 (krb_get_cred)", /* 024 */ - "Reserved error message 25 (krb_get_cred)", /* 025 */ - "Ticket granting ticket expired (krb_mk_req)", /* 026 */ - "Reserved error message 27 (krb_mk_req)", /* 027 */ - "Reserved error message 28 (krb_mk_req)", /* 028 */ - "Reserved error message 29 (krb_mk_req)", /* 029 */ - "Reserved error message 30 (krb_mk_req)", /* 030 */ - "Can't decode authenticator (krb_rd_req)", /* 031 */ - "Ticket expired (krb_rd_req)", /* 032 */ - "Ticket issue date too far in the future (krb_rd_req)",/* 033 */ - "Repeat request (krb_rd_req)", /* 034 */ - "Ticket for wrong server (krb_rd_req)", /* 035 */ - "Request inconsistent (krb_rd_req)", /* 036 */ - "Time is out of bounds (krb_rd_req)", /* 037 */ - "Incorrect network address (krb_rd_req)", /* 038 */ - "Protocol version mismatch (krb_rd_req)", /* 039 */ - "Invalid message type (krb_rd_req)", /* 040 */ - "Message integrity error (krb_rd_req)", /* 041 */ - "Message duplicate or out of order (krb_rd_req)", /* 042 */ - "Unauthorized request (krb_rd_req)", /* 043 */ - "Reserved error message 44 (krb_rd_req)", /* 044 */ - "Reserved error message 45 (krb_rd_req)", /* 045 */ - "Reserved error message 46 (krb_rd_req)", /* 046 */ - "Reserved error message 47 (krb_rd_req)", /* 047 */ - "Reserved error message 48 (krb_rd_req)", /* 048 */ - "Reserved error message 49 (krb_rd_req)", /* 049 */ - "Reserved error message 50 (krb_rd_req)", /* 050 */ - "Current password is NULL (get_pw_tkt)", /* 051 */ - "Current password incorrect (get_pw_tkt)", /* 052 */ - "Protocol error (gt_pw_tkt)", /* 053 */ - "Error returned by KDC (gt_pw_tkt)", /* 054 */ - "Null ticket returned by KDC (gt_pw_tkt)", /* 055 */ - "Retry count exceeded (send_to_kdc)", /* 056 */ - "Can't send request (send_to_kdc)", /* 057 */ - "Reserved error message 58 (send_to_kdc)", /* 058 */ - "Reserved error message 59 (send_to_kdc)", /* 059 */ - "Reserved error message 60 (send_to_kdc)", /* 060 */ - "Warning: Not ALL tickets returned", /* 061 */ - "Password incorrect", /* 062 */ - "Protocol error (get_in_tkt)", /* 063 */ - "Reserved error message 64 (get_in_tkt)", /* 064 */ - "Reserved error message 65 (get_in_tkt)", /* 065 */ - "Reserved error message 66 (get_in_tkt)", /* 066 */ - "Reserved error message 67 (get_in_tkt)", /* 067 */ - "Reserved error message 68 (get_in_tkt)", /* 068 */ - "Reserved error message 69 (get_in_tkt)", /* 069 */ - "Generic error (get_in_tkt)(can't write ticket file)", /* 070 */ - "Don't have ticket granting ticket (get_ad_tkt)", /* 071 */ - "Can't get inter-realm ticket granting ticket (get_ad_tkt)", /* 072 */ - "Reserved error message 73 (get_ad_tkt)", /* 073 */ - "Reserved error message 74 (get_ad_tkt)", /* 074 */ - "Reserved error message 75 (get_ad_tkt)", /* 075 */ - "No ticket file (tf_util)", /* 076 */ - "Can't access ticket file (tf_util)", /* 077 */ - "Can't lock ticket file; try later (tf_util)", /* 078 */ - "Bad ticket file format (tf_util)", /* 079 */ - "Read ticket file before tf_init (tf_util)", /* 080 */ - "Bad Kerberos name format (kname_parse)", /* 081 */ - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "Generic kerberos error (kfailure)", /* 255 */ -}; - -static const char err_failure[] = "Unknown error code passed (krb_get_err_text)"; - -const char * -krb_get_err_text(int code) -{ - if(code < 0 || code >= MAX_KRB_ERRORS) - return err_failure; - return krb_err_txt[code]; -} diff --git a/crypto/kerberosIV/lib/krb/krb_get_in_tkt.c b/crypto/kerberosIV/lib/krb/krb_get_in_tkt.c deleted file mode 100644 index 46de59f..0000000 --- a/crypto/kerberosIV/lib/krb/krb_get_in_tkt.c +++ /dev/null @@ -1,235 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: krb_get_in_tkt.c,v 1.30 1999/12/02 16:58:42 joda Exp $"); - -/* - * decrypt_tkt(): Given user, instance, realm, passwd, key_proc - * and the cipher text sent from the KDC, decrypt the cipher text - * using the key returned by key_proc. - */ - -static int -decrypt_tkt(const char *user, - char *instance, - const char *realm, - const void *arg, - key_proc_t key_proc, - KTEXT *cip) -{ - des_cblock key; /* Key for decrypting cipher */ - int ret; - - ret = key_proc(user, instance, realm, arg, &key); - if (ret != 0) - return ret; - - encrypt_ktext(*cip, &key, DES_DECRYPT); - - memset(&key, 0, sizeof(key)); - return 0; -} - -/* - * krb_get_in_tkt() gets a ticket for a given principal to use a given - * service and stores the returned ticket and session key for future - * use. - * - * The "user", "instance", and "realm" arguments give the identity of - * the client who will use the ticket. The "service" and "sinstance" - * arguments give the identity of the server that the client wishes - * to use. (The realm of the server is the same as the Kerberos server - * to whom the request is sent.) The "life" argument indicates the - * desired lifetime of the ticket; the "key_proc" argument is a pointer - * to the routine used for getting the client's private key to decrypt - * the reply from Kerberos. The "decrypt_proc" argument is a pointer - * to the routine used to decrypt the reply from Kerberos; and "arg" - * is an argument to be passed on to the "key_proc" routine. - * - * If all goes well, krb_get_in_tkt() returns INTK_OK, otherwise it - * returns an error code: If an AUTH_MSG_ERR_REPLY packet is returned - * by Kerberos, then the error code it contains is returned. Other - * error codes returned by this routine include INTK_PROT to indicate - * wrong protocol version, INTK_BADPW to indicate bad password (if - * decrypted ticket didn't make sense), INTK_ERR if the ticket was for - * the wrong server or the ticket store couldn't be initialized. - * - * The format of the message sent to Kerberos is as follows: - * - * Size Variable Field - * ---- -------- ----- - * - * 1 byte KRB_PROT_VERSION protocol version number - * 1 byte AUTH_MSG_KDC_REQUEST | message type - * HOST_BYTE_ORDER local byte order in lsb - * string user client's name - * string instance client's instance - * string realm client's realm - * 4 bytes tlocal.tv_sec timestamp in seconds - * 1 byte life desired lifetime - * string service service's name - * string sinstance service's instance - */ - -int -krb_mk_as_req(const char *user, - const char *instance, - const char *realm, - const char *service, - const char *sinstance, - int life, - KTEXT cip) -{ - KTEXT_ST pkt_st; - KTEXT pkt = &pkt_st; /* Packet to KDC */ - KTEXT_ST rpkt_st; - KTEXT rpkt = &rpkt_st; /* Reply from KDC */ - - int kerror; - struct timeval tv; - - /* BUILD REQUEST PACKET */ - - unsigned char *p = pkt->dat; - int tmp; - size_t rem = sizeof(pkt->dat); - - tmp = krb_put_int(KRB_PROT_VERSION, p, rem, 1); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(AUTH_MSG_KDC_REQUEST, p, rem, 1); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - tmp = krb_put_nir(user, instance, realm, p, rem); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - gettimeofday(&tv, NULL); - tmp = krb_put_int(tv.tv_sec, p, rem, 4); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(life, p, rem, 1); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - tmp = krb_put_nir(service, sinstance, NULL, p, rem); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - pkt->length = p - pkt->dat; - - rpkt->length = 0; - - /* SEND THE REQUEST AND RECEIVE THE RETURN PACKET */ - - kerror = send_to_kdc(pkt, rpkt, realm); - if(kerror) return kerror; - kerror = kdc_reply_cipher(rpkt, cip); - return kerror; -} - -int -krb_decode_as_rep(const char *user, - char *instance, - const char *realm, - const char *service, - const char *sinstance, - key_proc_t key_proc, - decrypt_proc_t decrypt_proc, - const void *arg, - KTEXT as_rep, - CREDENTIALS *cred) -{ - int kerror; - time_t now; - - if (decrypt_proc == NULL) - decrypt_tkt(user, instance, realm, arg, key_proc, &as_rep); - else - (*decrypt_proc)(user, instance, realm, arg, key_proc, &as_rep); - - kerror = kdc_reply_cred(as_rep, cred); - if(kerror != KSUCCESS) - return kerror; - - if (strcmp(cred->service, service) || - strcmp(cred->instance, sinstance) || - strcmp(cred->realm, realm)) /* not what we asked for */ - return INTK_ERR; /* we need a better code here XXX */ - - now = time(NULL); - if(krb_get_config_bool("kdc_timesync")) - krb_set_kdc_time_diff(cred->issue_date - now); - else if (abs((int)(now - cred->issue_date)) > CLOCK_SKEW) - return RD_AP_TIME; /* XXX should probably be better code */ - - return 0; -} - -int -krb_get_in_tkt(char *user, char *instance, char *realm, - char *service, char *sinstance, int life, - key_proc_t key_proc, decrypt_proc_t decrypt_proc, void *arg) -{ - KTEXT_ST as_rep; - CREDENTIALS cred; - int ret; - - ret = krb_mk_as_req(user, instance, realm, - service, sinstance, life, &as_rep); - if(ret) - return ret; - ret = krb_decode_as_rep(user, instance, realm, service, sinstance, - key_proc, decrypt_proc, arg, &as_rep, &cred); - if(ret) - return ret; - - return tf_setup(&cred, user, instance); -} diff --git a/crypto/kerberosIV/lib/krb/krb_ip_realm.c b/crypto/kerberosIV/lib/krb/krb_ip_realm.c deleted file mode 100644 index a9581f1..0000000 --- a/crypto/kerberosIV/lib/krb/krb_ip_realm.c +++ /dev/null @@ -1,104 +0,0 @@ -/* - * Copyright (c) 1999 Thomas Nyström and Stacken Computer Club - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: krb_ip_realm.c,v 1.2.2.1 1999/12/06 23:01:12 assar Exp $"); - -/* - * Obtain a ticket for ourselves (`user.instance') in REALM and decrypt - * it using `password' to verify the address that the KDC got our - * request from. - * Store in the ticket cache. - */ - -int -krb_add_our_ip_for_realm(const char *user, const char *instance, - const char *realm, const char *password) -{ - des_cblock newkey; - des_key_schedule schedule; - char scrapbuf[1024]; - struct in_addr myAddr; - KTEXT_ST ticket; - CREDENTIALS c; - int err; - u_int32_t addr; - - if ((err = krb_mk_req(&ticket, (char *)user, (char *)instance, - (char *)realm, 0)) != KSUCCESS) - return err; - - if ((err = krb_get_cred((char *)user, (char *)instance, (char *)realm, - &c)) != KSUCCESS) - return err; - - des_string_to_key((char *)password, &newkey); - des_set_key(&newkey, schedule); - err = decomp_ticket(&c.ticket_st, - (unsigned char *)scrapbuf, /* Flags */ - scrapbuf, /* Authentication name */ - scrapbuf, /* Principal's instance */ - scrapbuf, /* Principal's authentication domain */ - /* The Address Of Me That Servers Sees */ - (u_int32_t *)&addr, - (unsigned char *)scrapbuf, /* Session key in ticket */ - (int *)scrapbuf, /* Lifetime of ticket */ - (u_int32_t *)scrapbuf, /* Issue time and date */ - scrapbuf, /* Service name */ - scrapbuf, /* Service instance */ - &newkey, /* Secret key */ - schedule /* Precomp. key schedule */ - ); - - if (err != KSUCCESS) { - memset(newkey, 0, sizeof(newkey)); - memset(schedule, 0, sizeof(schedule)); - return err; - } - - myAddr.s_addr = addr; - - err = tf_store_addr(realm, &myAddr); - - memset(newkey, 0, sizeof(newkey)); - memset(schedule, 0, sizeof(schedule)); - - return err; -} - -int -krb_get_our_ip_for_realm(const char *realm, struct in_addr *ip_addr) -{ - return tf_get_addr(realm, ip_addr); -} diff --git a/crypto/kerberosIV/lib/krb/krb_locl.h b/crypto/kerberosIV/lib/krb/krb_locl.h deleted file mode 100644 index 02e7fa2..0000000 --- a/crypto/kerberosIV/lib/krb/krb_locl.h +++ /dev/null @@ -1,175 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: krb_locl.h,v 1.50 1999/12/02 16:58:42 joda Exp $ */ - -#ifndef __krb_locl_h -#define __krb_locl_h - -#ifdef HAVE_CONFIG_H -#include <config.h> -#endif - -#include "protos.h" - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <ctype.h> -#include <assert.h> -#include <stdarg.h> - -#include <errno.h> - -#ifdef HAVE_PWD_H -#include <pwd.h> -#endif -#ifdef HAVE_UNISTD_H -#include <unistd.h> -#endif -#ifdef HAVE_SYS_TYPES_H -#include <sys/types.h> -#endif - -#ifdef HAVE_IO_H -#include <io.h> -#endif - -#ifdef TIME_WITH_SYS_TIME -#include <sys/time.h> -#include <time.h> -#elif defined(HAVE_SYS_TIME_H) -#include <sys/time.h> -#else -#include <time.h> -#endif - -#ifdef HAVE_SYS_STAT_H -#include <sys/stat.h> -#endif -#ifdef HAVE_FCNTL_H -#include <fcntl.h> -#endif -#ifdef HAVE_SYS_FILE_H -#include <sys/file.h> -#endif -#ifdef HAVE_SYS_SELECT_H -#include <sys/select.h> -#endif - -#ifdef HAVE_SYS_SOCKET_H -#include <sys/socket.h> -#endif -#ifdef HAVE_NETINET_IN_H -#include <netinet/in.h> -#endif - -#ifdef HAVE_WINSOCK_H -#include <winsock.h> -#endif - -#ifdef HAVE_ARPA_INET_H -#include <arpa/inet.h> -#endif -#ifdef HAVE_NETDB_H -#include <netdb.h> -#endif - -#ifdef HAVE_ARPA_NAMESER_H -#include <arpa/nameser.h> -#endif -#ifdef HAVE_RESOLV_H -#include <resolv.h> -#endif - -#ifdef SOCKS -#include <socks.h> - -/* This doesn't belong here. */ -struct tm *localtime(const time_t *); -struct hostent *gethostbyname(const char *); - -#endif - -#include <roken.h> - -#include <krb.h> -#include <prot.h> - -#include "resolve.h" -#include "krb_log.h" - -/* --- */ - -/* Utils */ -int -krb_name_to_name __P(( - const char *host, - char *phost, - size_t phost_size)); - -void -encrypt_ktext __P(( - KTEXT cip, - des_cblock *key, - int encrypt)); - -int -kdc_reply_cipher __P(( - KTEXT reply, - KTEXT cip)); - -int -kdc_reply_cred __P(( - KTEXT cip, - CREDENTIALS *cred)); - -void -k_ricercar __P((char *name)); - - -/* used in rd_safe.c and mk_safe.c */ - -void -fixup_quad_cksum __P(( - void *start, - size_t len, - des_cblock *key, - void *new_checksum, - void *old_checksum, - int little)); - -void -krb_kdctimeofday __P((struct timeval *tv)); - -#endif /* __krb_locl_h */ diff --git a/crypto/kerberosIV/lib/krb/krb_log.h b/crypto/kerberosIV/lib/krb/krb_log.h deleted file mode 100644 index 5155bc7..0000000 --- a/crypto/kerberosIV/lib/krb/krb_log.h +++ /dev/null @@ -1,74 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: krb_log.h,v 1.3 1999/12/02 16:58:42 joda Exp $ */ - -#include <krb.h> - -#ifndef __KRB_LOG_H__ -#define __KRB_LOG_H__ - -#if !defined(__GNUC__) && !defined(__attribute__) -#define __attribute__(X) -#endif - -__BEGIN_DECLS - -/* logging.c */ - -typedef int (*krb_log_func_t) __P((FILE *, const char *, va_list)); - -typedef krb_log_func_t krb_warnfn_t; - -struct krb_log_facility; - -int krb_vlogger __P((struct krb_log_facility*, const char *, va_list)) - __attribute__ ((format (printf, 2, 0))); -int krb_logger __P((struct krb_log_facility*, const char *, ...)) - __attribute__ ((format (printf, 2, 3))); -int krb_openlog __P((struct krb_log_facility*, char*, FILE*, krb_log_func_t)); - -void krb_set_warnfn __P((krb_warnfn_t)); -krb_warnfn_t krb_get_warnfn __P((void)); -void krb_warning __P((const char*, ...)) - __attribute__ ((format (printf, 1, 2))); - -void kset_logfile __P((char*)); -void krb_log __P((const char*, ...)) - __attribute__ ((format (printf, 1, 2))); -char *klog __P((int, const char*, ...)) - __attribute__ ((format (printf, 2, 3))); - -__END_DECLS - -#endif /* __KRB_LOG_H__ */ diff --git a/crypto/kerberosIV/lib/krb/krb_net_read.c b/crypto/kerberosIV/lib/krb/krb_net_read.c deleted file mode 100644 index 3830cf9..0000000 --- a/crypto/kerberosIV/lib/krb/krb_net_read.c +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: krb_net_read.c,v 1.3 1999/12/02 16:58:42 joda Exp $"); - -int -krb_net_read (int fd, void *buf, size_t nbytes) -{ - return net_read (fd, buf, nbytes); -} diff --git a/crypto/kerberosIV/lib/krb/krb_net_write.c b/crypto/kerberosIV/lib/krb/krb_net_write.c deleted file mode 100644 index 0473685..0000000 --- a/crypto/kerberosIV/lib/krb/krb_net_write.c +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: krb_net_write.c,v 1.3 1999/12/02 16:58:42 joda Exp $"); - -int -krb_net_write (int fd, const void *buf, size_t nbytes) -{ - return net_write (fd, buf, nbytes); -} diff --git a/crypto/kerberosIV/lib/krb/kuserok.c b/crypto/kerberosIV/lib/krb/kuserok.c deleted file mode 100644 index 4913eaf..0000000 --- a/crypto/kerberosIV/lib/krb/kuserok.c +++ /dev/null @@ -1,169 +0,0 @@ -/* - * Copyright (c) 1995 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: kuserok.c,v 1.25 1999/12/02 16:58:42 joda Exp $"); - -#define OK 0 -#define NOTOK 1 -#define MAX_USERNAME 10 - -/* - * Return OK if `r' is one of the local realms, else NOTOK - */ - -static int -is_local_realm (const char *r) -{ - char lrealm[REALM_SZ]; - int n; - - for (n = 1; krb_get_lrealm(lrealm, n) == KSUCCESS; ++n) { - if (strcmp (r, lrealm) == 0) - return OK; - } - return NOTOK; -} - -/* - * Given a Kerberos principal and a local username, determine whether - * user is authorized to login according to the authorization file - * ("~luser/.klogin" by default). Returns OK if authorized, NOTOK if - * not authorized. - * - * IMPORTANT CHANGE: To eliminate the need of making a distinction - * between the 3 cases: - * - * 1. We can't verify that a .klogin file doesn't exist (no home dir). - * 2. It's there but we aren't allowed to read it. - * 3. We can read it and ~luser@LOCALREALM is (not) included. - * - * We instead make the assumption that luser@LOCALREALM is *always* - * included. Thus it is impossible to have an empty .klogin file and - * also to exclude luser@LOCALREALM from it. Root is treated differently - * since it's home should always be available. - * - * OLD STRATEGY: - * If there is no account for "luser" on the local machine, returns - * NOTOK. If there is no authorization file, and the given Kerberos - * name "kdata" translates to the same name as "luser" (using - * krb_kntoln()), returns OK. Otherwise, if the authorization file - * can't be accessed, returns NOTOK. Otherwise, the file is read for - * a matching principal name, instance, and realm. If one is found, - * returns OK, if none is found, returns NOTOK. - * - * The file entries are in the format: - * - * name.instance@realm - * - * one entry per line. - * - */ - -int -krb_kuserok(char *name, char *instance, char *realm, char *luser) -{ - struct passwd *pwd; - FILE *f; - char line[1024]; - char file[MaxPathLen]; - struct stat st; - - pwd = getpwnam(luser); - if(pwd == NULL) - return NOTOK; - if (pwd->pw_uid != 0 - && strcmp (name, luser) == 0 - && strcmp (instance, "") == 0 - && is_local_realm (realm) == OK) - return OK; - - snprintf(file, sizeof(file), "%s/.klogin", pwd->pw_dir); - - f = fopen(file, "r"); - if(f == NULL) - return NOTOK; - - /* this is not a working test in filesystems like AFS and DFS */ - if(fstat(fileno(f), &st) < 0){ - fclose(f); - return NOTOK; - } - - if(st.st_uid != pwd->pw_uid){ - fclose(f); - return NOTOK; - } - - while(fgets(line, sizeof(line), f)){ - char fname[ANAME_SZ], finst[INST_SZ], frealm[REALM_SZ]; - if(line[strlen(line) - 1] != '\n') - /* read till end of line */ - while(1){ - int c = fgetc(f); - if(c == '\n' || c == EOF) - break; - } - else - line[strlen(line) - 1] = 0; - - if(kname_parse(fname, finst, frealm, line)) - continue; - if(strcmp(name, fname)) - continue; - if(strcmp(instance, finst)) - continue; -#if 0 /* don't support principals without realm any longer */ - if(frealm[0] == 0) { - if (is_local_realm (realm) != OK) - continue; - } else -#endif - if (strcmp (realm, frealm)) - continue; - - fclose(f); - return OK; - } - fclose(f); - return NOTOK; -} - -/* compatibility interface */ - -int -kuserok(AUTH_DAT *auth, char *luser) -{ - return krb_kuserok(auth->pname, auth->pinst, auth->prealm, luser); -} diff --git a/crypto/kerberosIV/lib/krb/lifetime.c b/crypto/kerberosIV/lib/krb/lifetime.c deleted file mode 100644 index 1866996..0000000 --- a/crypto/kerberosIV/lib/krb/lifetime.c +++ /dev/null @@ -1,213 +0,0 @@ -/* - * Ticket lifetime. This defines the table used to lookup lifetime - * for the fixed part of rande of the one byte lifetime field. Values - * less than 0x80 are intrpreted as the number of 5 minute intervals. - * Values from 0x80 to 0xBF should be looked up in this table. The - * value of 0x80 is the same using both methods: 10 and two-thirds - * hours . The lifetime of 0xBF is 30 days. The intervening values - * of have a fixed ratio of roughly 1.06914. The value 0xFF is - * defined to mean a ticket has no expiration time. This should be - * used advisedly since individual servers may impose defacto - * upperbounds on ticket lifetimes. - */ - -#include "krb_locl.h" - -RCSID("$Id: lifetime.c,v 1.9 1997/05/02 14:29:18 assar Exp $"); - -/* If you want to disable this feature */ -int krb_no_long_lifetimes = 0; - -#define TKTLIFENUMFIXED 64 -#define TKTLIFEMINFIXED 0x80 -#define TKTLIFEMAXFIXED 0xBF -#define TKTLIFENOEXPIRE 0xFF -#define MAXTKTLIFETIME (30*24*3600) /* 30 days */ -#ifndef NEVERDATE -#define NEVERDATE ((unsigned long)0x7fffffffL) -#endif - -static const int tkt_lifetimes[TKTLIFENUMFIXED] = { - 38400, /* 10.67 hours, 0.44 days */ - 41055, /* 11.40 hours, 0.48 days */ - 43894, /* 12.19 hours, 0.51 days */ - 46929, /* 13.04 hours, 0.54 days */ - 50174, /* 13.94 hours, 0.58 days */ - 53643, /* 14.90 hours, 0.62 days */ - 57352, /* 15.93 hours, 0.66 days */ - 61318, /* 17.03 hours, 0.71 days */ - 65558, /* 18.21 hours, 0.76 days */ - 70091, /* 19.47 hours, 0.81 days */ - 74937, /* 20.82 hours, 0.87 days */ - 80119, /* 22.26 hours, 0.93 days */ - 85658, /* 23.79 hours, 0.99 days */ - 91581, /* 25.44 hours, 1.06 days */ - 97914, /* 27.20 hours, 1.13 days */ - 104684, /* 29.08 hours, 1.21 days */ - 111922, /* 31.09 hours, 1.30 days */ - 119661, /* 33.24 hours, 1.38 days */ - 127935, /* 35.54 hours, 1.48 days */ - 136781, /* 37.99 hours, 1.58 days */ - 146239, /* 40.62 hours, 1.69 days */ - 156350, /* 43.43 hours, 1.81 days */ - 167161, /* 46.43 hours, 1.93 days */ - 178720, /* 49.64 hours, 2.07 days */ - 191077, /* 53.08 hours, 2.21 days */ - 204289, /* 56.75 hours, 2.36 days */ - 218415, /* 60.67 hours, 2.53 days */ - 233517, /* 64.87 hours, 2.70 days */ - 249664, /* 69.35 hours, 2.89 days */ - 266926, /* 74.15 hours, 3.09 days */ - 285383, /* 79.27 hours, 3.30 days */ - 305116, /* 84.75 hours, 3.53 days */ - 326213, /* 90.61 hours, 3.78 days */ - 348769, /* 96.88 hours, 4.04 days */ - 372885, /* 103.58 hours, 4.32 days */ - 398668, /* 110.74 hours, 4.61 days */ - 426234, /* 118.40 hours, 4.93 days */ - 455705, /* 126.58 hours, 5.27 days */ - 487215, /* 135.34 hours, 5.64 days */ - 520904, /* 144.70 hours, 6.03 days */ - 556921, /* 154.70 hours, 6.45 days */ - 595430, /* 165.40 hours, 6.89 days */ - 636601, /* 176.83 hours, 7.37 days */ - 680618, /* 189.06 hours, 7.88 days */ - 727680, /* 202.13 hours, 8.42 days */ - 777995, /* 216.11 hours, 9.00 days */ - 831789, /* 231.05 hours, 9.63 days */ - 889303, /* 247.03 hours, 10.29 days */ - 950794, /* 264.11 hours, 11.00 days */ - 1016537, /* 282.37 hours, 11.77 days */ - 1086825, /* 301.90 hours, 12.58 days */ - 1161973, /* 322.77 hours, 13.45 days */ - 1242318, /* 345.09 hours, 14.38 days */ - 1328218, /* 368.95 hours, 15.37 days */ - 1420057, /* 394.46 hours, 16.44 days */ - 1518247, /* 421.74 hours, 17.57 days */ - 1623226, /* 450.90 hours, 18.79 days */ - 1735464, /* 482.07 hours, 20.09 days */ - 1855462, /* 515.41 hours, 21.48 days */ - 1983758, /* 551.04 hours, 22.96 days */ - 2120925, /* 589.15 hours, 24.55 days */ - 2267576, /* 629.88 hours, 26.25 days */ - 2424367, /* 673.44 hours, 28.06 days */ - 2592000}; /* 720.00 hours, 30.00 days */ - -/* - * krb_life_to_time - takes a start time and a Kerberos standard - * lifetime char and returns the corresponding end time. There are - * four simple cases to be handled. The first is a life of 0xff, - * meaning no expiration, and results in an end time of 0xffffffff. - * The second is when life is less than the values covered by the - * table. In this case, the end time is the start time plus the - * number of 5 minute intervals specified by life. The third case - * returns start plus the MAXTKTLIFETIME if life is greater than - * TKTLIFEMAXFIXED. The last case, uses the life value (minus - * TKTLIFEMINFIXED) as an index into the table to extract the lifetime - * in seconds, which is added to start to produce the end time. - */ -u_int32_t -krb_life_to_time(u_int32_t start, int life_) -{ - unsigned char life = (unsigned char) life_; - - if (krb_no_long_lifetimes) return start + life*5*60; - - if (life == TKTLIFENOEXPIRE) return NEVERDATE; - if (life < TKTLIFEMINFIXED) return start + life*5*60; - if (life > TKTLIFEMAXFIXED) return start + MAXTKTLIFETIME; - return start + tkt_lifetimes[life - TKTLIFEMINFIXED]; -} - -/* - * krb_time_to_life - takes start and end times for the ticket and - * returns a Kerberos standard lifetime char, possibily using the - * tkt_lifetimes table for lifetimes above 127*5 minutes. First, the - * special case of (end == NEVERDATE) is handled to mean no - * expiration. Then negative lifetimes and those greater than the - * maximum ticket lifetime are rejected. Then lifetimes less than the - * first table entry are handled by rounding the requested lifetime - * *up* to the next 5 minute interval. The final step is to search - * the table for the smallest entry *greater than or equal* to the - * requested entry. - */ -int krb_time_to_life(u_int32_t start, u_int32_t end) -{ - int i; - long lifetime = end - start; - - if (krb_no_long_lifetimes) return (lifetime + 5*60 - 1)/(5*60); - - if (end >= NEVERDATE) return TKTLIFENOEXPIRE; - if (lifetime > MAXTKTLIFETIME || lifetime <= 0) return 0; - if (lifetime < tkt_lifetimes[0]) return (lifetime + 5*60 - 1)/(5*60); - for (i=0; i<TKTLIFENUMFIXED; i++) { - if (lifetime <= tkt_lifetimes[i]) { - return i+TKTLIFEMINFIXED; - } - } - return 0; -} - -char * -krb_life_to_atime(int life) -{ - static char atime[11+1+2+1+2+1+2+1]; - unsigned long when; - int secs, mins, hours; - - if (life == TKTLIFENOEXPIRE && !krb_no_long_lifetimes) - return("Forever"); - when = krb_life_to_time(0, life); - secs = when%60; - when /= 60; - mins = when%60; - when /= 60; - hours = when%24; - when /= 24; - snprintf(atime, sizeof(atime), "%d+%02d:%02d:%02d", (int)when, hours, mins, secs); - return(atime); -} - -int -krb_atime_to_life(char *atime) -{ - unsigned long when = 0; - char *cp; - int colon = 0, plus = 0; - int n = 0; - - if (strcasecmp(atime, "forever") == 0) - return(TKTLIFENOEXPIRE); - - for (cp=atime; *cp; cp++) { - switch(*cp) { - case '0': case '1': case '2': case '3': case '4': - case '5': case '6': case '7': case '8': case '9': - n = n*10 + *cp-'0'; - break; - case '+': - plus++; - when += n; - when *= 24; - n = 0; - break; - case ':': - colon++; - when += n; - when *= 60; - n = 0; - break; - default: - break; - } - } - when += n; - if (plus == 0 && colon == 0) - return((unsigned char)when); - while (colon < 2) { - when *= 60; - colon++; - } - return(krb_time_to_life(0,when)); -} diff --git a/crypto/kerberosIV/lib/krb/logging.c b/crypto/kerberosIV/lib/krb/logging.c deleted file mode 100644 index 1044fac..0000000 --- a/crypto/kerberosIV/lib/krb/logging.c +++ /dev/null @@ -1,238 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" -#include <klog.h> - -RCSID("$Id: logging.c,v 1.18.2.1 2000/10/13 15:57:34 assar Exp $"); - -struct krb_log_facility { - char filename[MaxPathLen]; - FILE *file; - krb_log_func_t func; -}; - -int -krb_vlogger(struct krb_log_facility *f, const char *format, va_list args) -{ - FILE *file = NULL; - int ret; - - if (f->file != NULL) - file = f->file; - else if (f->filename && f->filename[0]) - file = fopen(f->filename, "a"); - - if (file == NULL) - return KFAILURE; - - ret = f->func(file, format, args); - - if (file != f->file) - fclose(file); - return ret; -} - -int -krb_logger(struct krb_log_facility *f, const char *format, ...) -{ - va_list args; - int ret; - va_start(args, format); - ret = krb_vlogger(f, format, args); - va_end(args); - return ret; -} - -/* - * If FILE * is given log to it, otherwise, log to filename. When - * given a file name the file is opened and closed for each log - * record. - */ -int -krb_openlog(struct krb_log_facility *f, - char *filename, - FILE *file, - krb_log_func_t func) -{ - strlcpy(f->filename, filename, MaxPathLen); - f->file = file; - f->func = func; - return KSUCCESS; -} - -/* ------------------------------------------------------------ - Compatibility functions from warning.c - ------------------------------------------------------------ */ - -static int -log_tty(FILE *f, const char *format, va_list args) -{ - if (f != NULL && isatty(fileno(f))) - vfprintf(f, format, args); - return KSUCCESS; -} - -/* stderr */ -static struct krb_log_facility std_log = { "/dev/tty", NULL, log_tty }; - -static void -init_std_log (void) -{ - static int done = 0; - - if (!done) { - std_log.file = stderr; - done = 1; - } -} - -/* - * - */ -void -krb_set_warnfn (krb_warnfn_t newfunc) -{ - init_std_log (); - std_log.func = newfunc; -} - -/* - * - */ -krb_warnfn_t -krb_get_warnfn (void) -{ - init_std_log (); - return std_log.func; -} - -/* - * Log warnings to stderr if it's a tty. - */ -void -krb_warning (const char *format, ...) -{ - va_list args; - - init_std_log (); - va_start(args, format); - krb_vlogger(&std_log, format, args); - va_end(args); -} - -/* ------------------------------------------------------------ - Compatibility functions from klog.c and log.c - ------------------------------------------------------------ */ - -/* - * Used by kerberos and kadmind daemons and in libkrb (rd_req.c). - * - * By default they log to the kerberos server log-file (KRBLOG) to be - * backwards compatible. - */ - -static int -log_with_timestamp_and_nl(FILE *file, const char *format, va_list args) -{ - time_t now; - if(file == NULL) - return KFAILURE; - time(&now); - fputs(krb_stime(&now), file); - fputs(": ", file); - vfprintf(file, format, args); - fputs("\n", file); - fflush(file); - return KSUCCESS; -} - -static struct krb_log_facility -file_log = { KRBLOG, NULL, log_with_timestamp_and_nl }; - -/* - * kset_logfile() changes the name of the file to which - * messages are logged. If kset_logfile() is not called, - * the logfile defaults to KRBLOG, defined in "krb.h". - */ - -void -kset_logfile(char *filename) -{ - krb_openlog(&file_log, filename, NULL, log_with_timestamp_and_nl); -} - -/* - * krb_log() and klog() is used to add entries to the logfile. - * - * The log entry consists of a timestamp and the given arguments - * printed according to the given "format" string. - * - * The log file is opened and closed for each log entry. - * - * If the given log type "type" is unknown, or if the log file - * cannot be opened, no entry is made to the log file. - * - * CHANGE: the type is always ignored - * - * The return value of klog() is always a pointer to the formatted log - * text string "logtxt". - */ - -/* Used in kerberos.c only. */ -char * -klog(int type, const char *format, ...) -{ - static char logtxt[1024]; - - va_list ap; - - va_start(ap, format); - vsnprintf(logtxt, sizeof(logtxt), format, ap); - va_end(ap); - - krb_logger(&file_log, "%s", logtxt); - - return logtxt; -} - -/* Used in kadmind and rd_req.c */ -void -krb_log(const char *format, ...) -{ - va_list args; - - va_start(args, format); - krb_vlogger(&file_log, format, args); - va_end(args); -} diff --git a/crypto/kerberosIV/lib/krb/lsb_addr_comp.c b/crypto/kerberosIV/lib/krb/lsb_addr_comp.c deleted file mode 100644 index e74614d..0000000 --- a/crypto/kerberosIV/lib/krb/lsb_addr_comp.c +++ /dev/null @@ -1,134 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: lsb_addr_comp.c,v 1.16 1999/12/02 16:58:42 joda Exp $"); - -#include "krb-archaeology.h" - -int -krb_lsb_antinet_ulong_cmp(u_int32_t x, u_int32_t y) -{ - int i; - u_int32_t a = 0, b = 0; - u_int8_t *p = (u_int8_t*) &x; - u_int8_t *q = (u_int8_t*) &y; - - for(i = sizeof(u_int32_t) - 1; i >= 0; i--){ - a = (a << 8) | p[i]; - b = (b << 8) | q[i]; - } - if(a > b) - return 1; - if(a < b) - return -1; - return 0; -} - -int -krb_lsb_antinet_ushort_cmp(u_int16_t x, u_int16_t y) -{ - int i; - u_int16_t a = 0, b = 0; - u_int8_t *p = (u_int8_t*) &x; - u_int8_t *q = (u_int8_t*) &y; - - for(i = sizeof(u_int16_t) - 1; i >= 0; i--){ - a = (a << 8) | p[i]; - b = (b << 8) | q[i]; - } - if(a > b) - return 1; - if(a < b) - return -1; - return 0; -} - -u_int32_t -lsb_time(time_t t, struct sockaddr_in *src, struct sockaddr_in *dst) -{ - int dir = 1; - const char *fw; - - /* - * direction bit is the sign bit of the timestamp. Ok until - * 2038?? - */ - if(krb_debug) { - krb_warning("lsb_time: src = %s:%u\n", - inet_ntoa(src->sin_addr), ntohs(src->sin_port)); - krb_warning("lsb_time: dst = %s:%u\n", - inet_ntoa(dst->sin_addr), ntohs(dst->sin_port)); - } - - /* For compatibility with broken old code, compares are done in VAX - byte order (LSBFIRST) */ - if (krb_lsb_antinet_ulong_less(src->sin_addr.s_addr, /* src < recv */ - dst->sin_addr.s_addr) < 0) - dir = -1; - else if (krb_lsb_antinet_ulong_less(src->sin_addr.s_addr, - dst->sin_addr.s_addr)==0) - if (krb_lsb_antinet_ushort_less(src->sin_port, dst->sin_port) < 0) - dir = -1; - /* - * all that for one tiny bit! Heaven help those that talk to - * themselves. - */ - if(krb_get_config_bool("reverse_lsb_test")) { - if(krb_debug) - krb_warning("lsb_time: reversing direction: %d -> %d\n", dir, -dir); - dir = -dir; - }else if((fw = krb_get_config_string("firewall_address"))) { - struct in_addr fw_addr; - fw_addr.s_addr = inet_addr(fw); - if(fw_addr.s_addr != INADDR_NONE) { - int s_lt_d, d_lt_f; - krb_warning("lsb_time: fw = %s\n", inet_ntoa(fw_addr)); - /* negate if src < dst < fw || fw < dst < src */ - s_lt_d = (krb_lsb_antinet_ulong_less(src->sin_addr.s_addr, - dst->sin_addr.s_addr) == -1); - d_lt_f = (krb_lsb_antinet_ulong_less(fw_addr.s_addr, - dst->sin_addr.s_addr) == 1); - if((s_lt_d ^ d_lt_f) == 0) { - if(krb_debug) - krb_warning("lsb_time: reversing direction: %d -> %d\n", - dir, -dir); - dir = -dir; - } - } - } - t = t * dir; - t = t & 0xffffffff; - return t; -} diff --git a/crypto/kerberosIV/lib/krb/mk_auth.c b/crypto/kerberosIV/lib/krb/mk_auth.c deleted file mode 100644 index 65354a9..0000000 --- a/crypto/kerberosIV/lib/krb/mk_auth.c +++ /dev/null @@ -1,113 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: mk_auth.c,v 1.8 1999/12/02 16:58:43 joda Exp $"); - -/* - * Generate an authenticator for service.instance@realm. - * instance is canonicalized by `krb_get_phost' - * realm is set to the local realm if realm == NULL - * The ticket acquired by `krb_mk_req' is returned in `ticket' and the - * authenticator in `buf'. - * Options control the behaviour (see krb_sendauth). - */ - -int -krb_mk_auth(int32_t options, - KTEXT ticket, - char *service, - char *instance, - char *realm, - u_int32_t checksum, - char *version, - KTEXT buf) -{ - char realinst[INST_SZ]; - char realrealm[REALM_SZ]; - int ret; - char *tmp; - - if (options & KOPT_DONT_CANON) - tmp = instance; - else - tmp = krb_get_phost (instance); - - strlcpy(realinst, tmp, sizeof(realinst)); - - if (realm == NULL) { - ret = krb_get_lrealm (realrealm, 1); - if (ret != KSUCCESS) - return ret; - realm = realrealm; - } - - if(!(options & KOPT_DONT_MK_REQ)) { - ret = krb_mk_req (ticket, service, realinst, realm, checksum); - if (ret != KSUCCESS) - return ret; - } - - { - int tmp; - size_t rem = sizeof(buf->dat); - unsigned char *p = buf->dat; - - p = buf->dat; - - if (rem < 2 * KRB_SENDAUTH_VLEN) - return KFAILURE; - memcpy (p, KRB_SENDAUTH_VERS, KRB_SENDAUTH_VLEN); - p += KRB_SENDAUTH_VLEN; - rem -= KRB_SENDAUTH_VLEN; - - memcpy (p, version, KRB_SENDAUTH_VLEN); - p += KRB_SENDAUTH_VLEN; - rem -= KRB_SENDAUTH_VLEN; - - tmp = krb_put_int(ticket->length, p, rem, 4); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - if (rem < ticket->length) - return KFAILURE; - memcpy(p, ticket->dat, ticket->length); - p += ticket->length; - rem -= ticket->length; - buf->length = p - buf->dat; - } - return KSUCCESS; -} diff --git a/crypto/kerberosIV/lib/krb/mk_err.c b/crypto/kerberosIV/lib/krb/mk_err.c deleted file mode 100644 index 11fc059..0000000 --- a/crypto/kerberosIV/lib/krb/mk_err.c +++ /dev/null @@ -1,57 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: mk_err.c,v 1.7 1998/06/09 19:25:22 joda Exp $"); - -/* - * This routine creates a general purpose error reply message. It - * doesn't use KTEXT because application protocol may have long - * messages, and may want this part of buffer contiguous to other - * stuff. - * - * The error reply is built in "p", using the error code "e" and - * error text "e_string" given. The length of the error reply is - * returned. - * - * The error reply is in the following format: - * - * unsigned char KRB_PROT_VERSION protocol version no. - * unsigned char AUTH_MSG_APPL_ERR message type - * (least significant - * bit of above) HOST_BYTE_ORDER local byte order - * 4 bytes e given error code - * string e_string given error text - */ - -int32_t -krb_mk_err(u_char *p, int32_t e, char *e_string) -{ - unsigned char *start = p; - - p += krb_put_int(KRB_PROT_VERSION, p, 1, 1); - p += krb_put_int(AUTH_MSG_APPL_ERR, p, 1, 1); - - p += krb_put_int(e, p, 4, 4); - p += krb_put_string(e_string, p, strlen(e_string) + 1); - return p - start; -} diff --git a/crypto/kerberosIV/lib/krb/mk_priv.c b/crypto/kerberosIV/lib/krb/mk_priv.c deleted file mode 100644 index 97a91c5..0000000 --- a/crypto/kerberosIV/lib/krb/mk_priv.c +++ /dev/null @@ -1,121 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -/* $FreeBSD$ */ - -#include "krb_locl.h" - -RCSID("$Id: mk_priv.c,v 1.22 1999/12/02 16:58:43 joda Exp $"); - -/* application include files */ -#include "krb-archaeology.h" - -/* - * krb_mk_priv() constructs an AUTH_MSG_PRIVATE message. It takes - * some user data "in" of "length" bytes and creates a packet in "out" - * consisting of the user data, a timestamp, and the sender's network - * address. - * The packet is encrypted by pcbc_encrypt(), using the given - * "key" and "schedule". - * The length of the resulting packet "out" is - * returned. - * - * It is similar to krb_mk_safe() except for the additional key - * schedule argument "schedule" and the fact that the data is encrypted - * rather than appended with a checksum. The protocol version is - * KRB_PROT_VERSION, defined in "krb.h". - * - * The "out" packet consists of: - * - * Size Variable Field - * ---- -------- ----- - * - * 1 byte KRB_PROT_VERSION protocol version number - * 1 byte AUTH_MSG_PRIVATE | message type plus local - * HOST_BYTE_ORDER byte order in low bit - * - * 4 bytes c_length length of data - * we encrypt from here with pcbc_encrypt - * - * 4 bytes length length of user data - * length in user data - * 1 byte msg_time_5ms timestamp milliseconds - * 4 bytes sender->sin.addr.s_addr sender's IP address - * - * 4 bytes msg_time_sec or timestamp seconds with - * -msg_time_sec direction in sign bit - * - * 0<=n<=7 bytes pad to 8 byte multiple zeroes - */ - -int32_t -krb_mk_priv(void *in, void *out, u_int32_t length, - des_key_schedule schedule, des_cblock *key, - struct sockaddr_in *sender, struct sockaddr_in *receiver) -{ - unsigned char *p = (unsigned char*)out; - unsigned char *cipher; - - struct timeval tv; - u_int32_t src_addr; - u_int32_t len; - - p += krb_put_int(KRB_PROT_VERSION, p, 1, 1); - p += krb_put_int(AUTH_MSG_PRIVATE, p, 1, 1); - - len = 4 + length + 1 + 4 + 4; - len = (len + 7) & ~7; - p += krb_put_int(len, p, 4, 4); - - cipher = p; - - p += krb_put_int(length, p, 4, 4); - - memcpy(p, in, length); - p += length; - - krb_kdctimeofday(&tv); - - *p++ =tv.tv_usec / 5000; - - src_addr = sender->sin_addr.s_addr; - p += krb_put_address(src_addr, p, 4); - - p += krb_put_int(lsb_time(tv.tv_sec, sender, receiver), p, 4, 4); - - memset(p, 0, 7); - - des_pcbc_encrypt((des_cblock *)cipher, (des_cblock *)cipher, - len, schedule, key, DES_ENCRYPT); - - return (cipher - (unsigned char*)out) + len; -} diff --git a/crypto/kerberosIV/lib/krb/mk_req.c b/crypto/kerberosIV/lib/krb/mk_req.c deleted file mode 100644 index 5e72e22..0000000 --- a/crypto/kerberosIV/lib/krb/mk_req.c +++ /dev/null @@ -1,258 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: mk_req.c,v 1.22 1999/12/02 16:58:43 joda Exp $"); - -static int lifetime = 255; /* But no longer than TGT says. */ - - -static int -build_request(KTEXT req, char *name, char *inst, char *realm, - u_int32_t checksum) -{ - struct timeval tv; - unsigned char *p = req->dat; - int tmp; - size_t rem = sizeof(req->dat); - - tmp = krb_put_nir(name, inst, realm, p, rem); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(checksum, p, rem, 4); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - /* Fill in the times on the request id */ - krb_kdctimeofday(&tv); - - if (rem < 1) - return KFAILURE; - - *p++ = tv.tv_usec / 5000; /* 5ms */ - --rem; - - tmp = krb_put_int(tv.tv_sec, p, rem, 4); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - /* Fill to a multiple of 8 bytes for DES */ - req->length = ((p - req->dat + 7)/8) * 8; - return 0; -} - - -/* - * krb_mk_req takes a text structure in which an authenticator is to - * be built, the name of a service, an instance, a realm, - * and a checksum. It then retrieves a ticket for - * the desired service and creates an authenticator in the text - * structure passed as the first argument. krb_mk_req returns - * KSUCCESS on success and a Kerberos error code on failure. - * - * The peer procedure on the other end is krb_rd_req. When making - * any changes to this routine it is important to make corresponding - * changes to krb_rd_req. - * - * The authenticator consists of the following: - * - * authent->dat - * - * unsigned char KRB_PROT_VERSION protocol version no. - * unsigned char AUTH_MSG_APPL_REQUEST message type - * (least significant - * bit of above) HOST_BYTE_ORDER local byte ordering - * unsigned char kvno from ticket server's key version - * string realm server's realm - * unsigned char tl ticket length - * unsigned char idl request id length - * text ticket->dat ticket for server - * text req_id->dat request id - * - * The ticket information is retrieved from the ticket cache or - * fetched from Kerberos. The request id (called the "authenticator" - * in the papers on Kerberos) contains the following: - * - * req_id->dat - * - * string cr.pname {name, instance, and - * string cr.pinst realm of principal - * string myrealm making this request} - * 4 bytes checksum checksum argument given - * unsigned char tv_local.tf_usec time (milliseconds) - * 4 bytes tv_local.tv_sec time (seconds) - * - * req_id->length = 3 strings + 3 terminating nulls + 5 bytes for time, - * all rounded up to multiple of 8. - */ - -int -krb_mk_req(KTEXT authent, char *service, char *instance, char *realm, - int32_t checksum) -{ - KTEXT_ST req_st; - KTEXT req_id = &req_st; - - CREDENTIALS cr; /* Credentials used by retr */ - KTEXT ticket = &(cr.ticket_st); /* Pointer to tkt_st */ - int retval; /* Returned by krb_get_cred */ - - char myrealm[REALM_SZ]; - - unsigned char *p = authent->dat; - int rem = sizeof(authent->dat); - int tmp; - - tmp = krb_put_int(KRB_PROT_VERSION, p, rem, 1); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(AUTH_MSG_APPL_REQUEST, p, rem, 1); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - /* Get the ticket and move it into the authenticator */ - if (krb_ap_req_debug) - krb_warning("Realm: %s\n", realm); - - retval = krb_get_cred(service,instance,realm,&cr); - - if (retval == RET_NOTKT) { - retval = get_ad_tkt(service, instance, realm, lifetime); - if (retval == KSUCCESS) - retval = krb_get_cred(service, instance, realm, &cr); - } - - if (retval != KSUCCESS) - return retval; - - - /* - * With multi realm ticket files either find a matching TGT or - * else use the first TGT for inter-realm authentication. - * - * In myrealm hold the realm of the principal "owning" the - * corresponding ticket-granting-ticket. - */ - - retval = krb_get_cred(KRB_TICKET_GRANTING_TICKET, realm, realm, 0); - if (retval == KSUCCESS) { - strlcpy(myrealm, realm, REALM_SZ); - } else - retval = krb_get_tf_realm(TKT_FILE, myrealm); - - if (retval != KSUCCESS) - return retval; - - if (krb_ap_req_debug) - krb_warning("serv=%s.%s@%s princ=%s.%s@%s\n", service, instance, realm, - cr.pname, cr.pinst, myrealm); - - tmp = krb_put_int(cr.kvno, p, rem, 1); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - tmp = krb_put_string(realm, p, rem); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(ticket->length, p, rem, 1); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - retval = build_request(req_id, cr.pname, cr.pinst, myrealm, checksum); - if (retval != KSUCCESS) - return retval; - - encrypt_ktext(req_id, &cr.session, DES_ENCRYPT); - - tmp = krb_put_int(req_id->length, p, rem, 1); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - if (rem < ticket->length + req_id->length) - return KFAILURE; - - memcpy(p, ticket->dat, ticket->length); - p += ticket->length; - rem -= ticket->length; - memcpy(p, req_id->dat, req_id->length); - p += req_id->length; - rem -= req_id->length; - - authent->length = p - authent->dat; - - memset(&cr, 0, sizeof(cr)); - memset(&req_st, 0, sizeof(req_st)); - - if (krb_ap_req_debug) - krb_warning("Authent->length = %d\n", authent->length); - - return KSUCCESS; -} - -/* - * krb_set_lifetime sets the default lifetime for additional tickets - * obtained via krb_mk_req(). - * - * It returns the previous value of the default lifetime. - */ - -int -krb_set_lifetime(int newval) -{ - int olife = lifetime; - - lifetime = newval; - return(olife); -} diff --git a/crypto/kerberosIV/lib/krb/mk_safe.c b/crypto/kerberosIV/lib/krb/mk_safe.c deleted file mode 100644 index c0bbc9a..0000000 --- a/crypto/kerberosIV/lib/krb/mk_safe.c +++ /dev/null @@ -1,135 +0,0 @@ -/* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: mk_safe.c,v 1.25.2.1 2000/10/10 13:19:25 assar Exp $"); - -/* application include files */ -#include "krb-archaeology.h" - -#ifndef DES_QUAD_GUESS -/* Temporary fixes for krb_{rd,mk}_safe */ -#define DES_QUAD_GUESS 0 -#define DES_QUAD_NEW 1 -#define DES_QUAD_OLD 2 - -#define DES_QUAD_DEFAULT DES_QUAD_GUESS - -#endif /* DES_QUAD_GUESS */ - -/* from rd_safe.c */ -extern int dqc_type; -void fixup_quad_cksum(void*, size_t, des_cblock*, void*, void*, int); - -/* - * krb_mk_safe() constructs an AUTH_MSG_SAFE message. It takes some - * user data "in" of "length" bytes and creates a packet in "out" - * consisting of the user data, a timestamp, and the sender's network - * address, followed by a checksum computed on the above, using the - * given "key". The length of the resulting packet is returned. - * - * The "out" packet consists of: - * - * Size Variable Field - * ---- -------- ----- - * - * 1 byte KRB_PROT_VERSION protocol version number - * 1 byte AUTH_MSG_SAFE | message type plus local - * HOST_BYTE_ORDER byte order in low bit - * - * ===================== begin checksum ================================ - * - * 4 bytes length length of user data - * length in user data - * 1 byte msg_time_5ms timestamp milliseconds - * 4 bytes sender->sin.addr.s_addr sender's IP address - * - * 4 bytes msg_time_sec or timestamp seconds with - * -msg_time_sec direction in sign bit - * - * ======================= end checksum ================================ - * - * 16 bytes big_cksum quadratic checksum of - * above using "key" - */ - -int32_t -krb_mk_safe(void *in, void *out, u_int32_t length, des_cblock *key, - struct sockaddr_in *sender, struct sockaddr_in *receiver) -{ - unsigned char * p = (unsigned char*)out; - struct timeval tv; - unsigned char *start; - u_int32_t src_addr; - - p += krb_put_int(KRB_PROT_VERSION, p, 1, 1); - p += krb_put_int(AUTH_MSG_SAFE, p, 1, 1); - - start = p; - - p += krb_put_int(length, p, 4, 4); - - memcpy(p, in, length); - p += length; - - krb_kdctimeofday(&tv); - - *p++ = tv.tv_usec/5000; /* 5ms */ - - src_addr = sender->sin_addr.s_addr; - p += krb_put_address(src_addr, p, 4); - - p += krb_put_int(lsb_time(tv.tv_sec, sender, receiver), p, 4, 4); - - { - /* We are faking big endian mode, so we need to fix the - * checksum (that is byte order dependent). We always send a - * checksum of the new type, unless we know that we are - * talking to an old client (this requires a call to - * krb_rd_safe first). - */ - unsigned char new_checksum[16]; - unsigned char old_checksum[16]; - fixup_quad_cksum(start, p - start, key, new_checksum, old_checksum, 0); - - if((dqc_type == DES_QUAD_GUESS && DES_QUAD_DEFAULT == DES_QUAD_OLD) || - dqc_type == DES_QUAD_OLD) - memcpy(p, old_checksum, 16); - else - memcpy(p, new_checksum, 16); - } - p += 16; - - return p - (unsigned char*)out; -} diff --git a/crypto/kerberosIV/lib/krb/month_sname.c b/crypto/kerberosIV/lib/krb/month_sname.c deleted file mode 100644 index aaceee5..0000000 --- a/crypto/kerberosIV/lib/krb/month_sname.c +++ /dev/null @@ -1,39 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: month_sname.c,v 1.5 1997/03/23 03:53:14 joda Exp $"); - -/* - * Given an integer 1-12, month_sname() returns a string - * containing the first three letters of the corresponding - * month. Returns 0 if the argument is out of range. - */ - -const char *month_sname(int n) -{ - static const char *name[] = { - "Jan","Feb","Mar","Apr","May","Jun", - "Jul","Aug","Sep","Oct","Nov","Dec" - }; - return((n < 1 || n > 12) ? 0 : name [n-1]); -} diff --git a/crypto/kerberosIV/lib/krb/name2name.c b/crypto/kerberosIV/lib/krb/name2name.c deleted file mode 100644 index 49e457d..0000000 --- a/crypto/kerberosIV/lib/krb/name2name.c +++ /dev/null @@ -1,108 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: name2name.c,v 1.22 1999/12/02 16:58:43 joda Exp $"); - -/* convert host to a more fully qualified domain name, returns 0 if - * phost is the same as host, 1 otherwise. phost should be - * phost_size bytes long. - */ - -int -krb_name_to_name(const char *host, char *phost, size_t phost_size) -{ - struct hostent *hp; - struct in_addr adr; - const char *tmp; - - adr.s_addr = inet_addr(host); - if (adr.s_addr != INADDR_NONE) - hp = gethostbyaddr((char *)&adr, sizeof(adr), AF_INET); - else - hp = gethostbyname(host); - if (hp == NULL) - tmp = host; - else { - tmp = hp->h_name; - /* - * Broken SunOS 5.4 sometimes keeps the official name as the - * 1:st alias. - */ - if (strchr(tmp, '.') == NULL - && hp->h_aliases != NULL - && hp->h_aliases[0] != NULL - && strchr (hp->h_aliases[0], '.') != NULL) - tmp = hp->h_aliases[0]; - } - strlcpy (phost, tmp, phost_size); - - if (strcmp(phost, host) == 0) - return 0; - else - return 1; -} - -/* lowercase and truncate */ - -void -k_ricercar(char *name) -{ - unsigned char *p = (unsigned char *)name; - - while(*p && *p != '.'){ - if(isupper(*p)) - *p = tolower(*p); - p++; - } - if(*p == '.') - *p = 0; -} - -/* - * This routine takes an alias for a host name and returns the first - * field, in lower case, of its domain name. - * - * Example: "fOo.BAR.com" -> "foo" - */ - -char * -krb_get_phost(const char *alias) -{ - static char phost[MaxHostNameLen]; - - krb_name_to_name(alias, phost, sizeof(phost)); - k_ricercar(phost); - return phost; -} diff --git a/crypto/kerberosIV/lib/krb/one.c b/crypto/kerberosIV/lib/krb/one.c deleted file mode 100644 index d43b284..0000000 --- a/crypto/kerberosIV/lib/krb/one.c +++ /dev/null @@ -1,27 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - - WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - distribute this software and its documentation for any purpose and - without fee is hereby granted, provided that the above copyright - notice appear in all copies and that both that copyright notice and - this permission notice appear in supporting documentation, and that - the name of M.I.T. not be used in advertising or publicity pertaining - to distribution of the software without specific, written prior - permission. M.I.T. makes no representations about the suitability of - this software for any purpose. It is provided "as is" without express - or implied warranty. - - */ - -/* - * definition of variable set to 1. - * used in krb_conf.h to determine host byte order. - */ - -int krbONE = 1; diff --git a/crypto/kerberosIV/lib/krb/parse_name.c b/crypto/kerberosIV/lib/krb/parse_name.c deleted file mode 100644 index fcb3394..0000000 --- a/crypto/kerberosIV/lib/krb/parse_name.c +++ /dev/null @@ -1,194 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: parse_name.c,v 1.7 1999/12/02 16:58:43 joda Exp $"); - -int -krb_parse_name(const char *fullname, krb_principal *principal) -{ - const char *p; - char *ns, *np; - enum {n, i, r} pos = n; - int quote = 0; - ns = np = principal->name; - - principal->name[0] = 0; - principal->instance[0] = 0; - principal->realm[0] = 0; - - for(p = fullname; *p; p++){ - if(np - ns == ANAME_SZ - 1) /* XXX they have the same size */ - return KNAME_FMT; - if(quote){ - *np++ = *p; - quote = 0; - continue; - } - if(*p == '\\') - quote = 1; - else if(*p == '.' && pos == n){ - *np = 0; - ns = np = principal->instance; - pos = i; - }else if(*p == '@' && (pos == n || pos == i)){ - *np = 0; - ns = np = principal->realm; - pos = r; - }else - *np++ = *p; - } - *np = 0; - if(quote || principal->name[0] == 0) - return KNAME_FMT; - return KSUCCESS; -} - -int -kname_parse(char *np, char *ip, char *rp, char *fullname) -{ - krb_principal p; - int ret; - if((ret = krb_parse_name(fullname, &p)) == 0){ - strlcpy (np, p.name, ANAME_SZ); - strlcpy (ip, p.instance, INST_SZ); - if(p.realm[0]) - strlcpy (rp, p.realm, REALM_SZ); - } - return ret; -} -/* - * k_isname() returns 1 if the given name is a syntactically legitimate - * Kerberos name; returns 0 if it's not. - */ - -int -k_isname(char *s) -{ - char c; - int backslash = 0; - - if (!*s) - return 0; - if (strlen(s) > ANAME_SZ - 1) - return 0; - while ((c = *s++)) { - if (backslash) { - backslash = 0; - continue; - } - switch(c) { - case '\\': - backslash = 1; - break; - case '.': - return 0; - /* break; */ - case '@': - return 0; - /* break; */ - } - } - return 1; -} - - -/* - * k_isinst() returns 1 if the given name is a syntactically legitimate - * Kerberos instance; returns 0 if it's not. - */ - -int -k_isinst(char *s) -{ - char c; - int backslash = 0; - - if (strlen(s) > INST_SZ - 1) - return 0; - while ((c = *s++)) { - if (backslash) { - backslash = 0; - continue; - } - switch(c) { - case '\\': - backslash = 1; - break; - case '.': -#if INSTANCE_DOTS_OK - break; -#else /* INSTANCE_DOTS_OK */ - return 0; -#endif /* INSTANCE_DOTS_OK */ - /* break; */ - case '@': - return 0; - /* break; */ - } - } - return 1; -} - -/* - * k_isrealm() returns 1 if the given name is a syntactically legitimate - * Kerberos realm; returns 0 if it's not. - */ - -int -k_isrealm(char *s) -{ - char c; - int backslash = 0; - - if (!*s) - return 0; - if (strlen(s) > REALM_SZ - 1) - return 0; - while ((c = *s++)) { - if (backslash) { - backslash = 0; - continue; - } - switch(c) { - case '\\': - backslash = 1; - break; - case '@': - return 0; - /* break; */ - } - } - return 1; -} diff --git a/crypto/kerberosIV/lib/krb/prot.h b/crypto/kerberosIV/lib/krb/prot.h deleted file mode 100644 index e207881..0000000 --- a/crypto/kerberosIV/lib/krb/prot.h +++ /dev/null @@ -1,72 +0,0 @@ -/* - * $Id: prot.h,v 1.9 1999/11/30 18:57:46 bg Exp $ - * - * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute - * of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - * - * Include file with authentication protocol information. - */ - -#ifndef PROT_DEFS -#define PROT_DEFS - -#include <krb.h> - -#define KRB_SERVICE "kerberos-iv" -#define KRB_PORT 750 /* PC's don't have - * /etc/services */ -#define KRB_PROT_VERSION 4 -#define MAX_PKT_LEN 1000 -#define MAX_TXT_LEN 1000 - -/* Routines to create and read packets may be found in prot.c */ - -KTEXT create_auth_reply(char *pname, char *pinst, char *prealm, - int32_t time_ws, int n, u_int32_t x_date, - int kvno, KTEXT cipher); -#ifdef DEBUG -KTEXT krb_create_death_packet(char *a_name); -#endif - -/* Message types , always leave lsb for byte order */ - -#define AUTH_MSG_KDC_REQUEST (1<<1) -#define AUTH_MSG_KDC_REPLY (2<<1) -#define AUTH_MSG_APPL_REQUEST (3<<1) -#define AUTH_MSG_APPL_REQUEST_MUTUAL (4<<1) -#define AUTH_MSG_ERR_REPLY (5<<1) -#define AUTH_MSG_PRIVATE (6<<1) -#define AUTH_MSG_SAFE (7<<1) -#define AUTH_MSG_APPL_ERR (8<<1) -#define AUTH_MSG_KDC_FORWARD (9<<1) -#define AUTH_MSG_KDC_RENEW (10<<1) -#define AUTH_MSG_DIE (63<<1) - -/* values for kerb error codes */ - -#define KERB_ERR_OK 0 -#define KERB_ERR_NAME_EXP 1 -#define KERB_ERR_SERVICE_EXP 2 -#define KERB_ERR_AUTH_EXP 3 -#define KERB_ERR_PKT_VER 4 -#define KERB_ERR_NAME_MAST_KEY_VER 5 -#define KERB_ERR_SERV_MAST_KEY_VER 6 -#define KERB_ERR_BYTE_ORDER 7 -#define KERB_ERR_PRINCIPAL_UNKNOWN 8 -#define KERB_ERR_PRINCIPAL_NOT_UNIQUE 9 -#define KERB_ERR_NULL_KEY 10 -#define KERB_ERR_TIMEOUT 11 - -/* sendauth - recvauth */ - -/* - * If the protocol changes, you will need to change the version string - * be sure to support old versions of krb_sendauth! - */ - -#define KRB_SENDAUTH_VERS "AUTHV0.1" /* MUST be KRB_SENDAUTH_VLEN chars */ - -#endif /* PROT_DEFS */ diff --git a/crypto/kerberosIV/lib/krb/rd_err.c b/crypto/kerberosIV/lib/krb/rd_err.c deleted file mode 100644 index 76544f1..0000000 --- a/crypto/kerberosIV/lib/krb/rd_err.c +++ /dev/null @@ -1,77 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: rd_err.c,v 1.9 1999/12/02 16:58:43 joda Exp $"); - -/* - * Given an AUTH_MSG_APPL_ERR message, "in" and its length "in_length", - * return the error code from the message in "code" and the text in - * "m_data" as follows: - * - * m_data->app_data points to the error text - * m_data->app_length points to the length of the error text - * - * If all goes well, return RD_AP_OK. If the version number - * is wrong, return RD_AP_VERSION, and if it's not an AUTH_MSG_APPL_ERR - * type message, return RD_AP_MSG_TYPE. - * - * The AUTH_MSG_APPL_ERR message format can be found in mk_err.c - */ - -int -krb_rd_err(u_char *in, u_int32_t in_length, int32_t *code, MSG_DAT *m_data) -{ - unsigned char *p = (unsigned char*)in; - - unsigned char pvno, type; - int little_endian; - - pvno = *p++; - if(pvno != KRB_PROT_VERSION) - return RD_AP_VERSION; - - type = *p++; - little_endian = type & 1; - type &= ~1; - - if(type != AUTH_MSG_APPL_ERR) - return RD_AP_MSG_TYPE; - - p += krb_get_int(p, (u_int32_t *)&code, 4, little_endian); - - m_data->app_data = p; - m_data->app_length = in_length; /* XXX is this correct? */ - return KSUCCESS; -} diff --git a/crypto/kerberosIV/lib/krb/rd_priv.c b/crypto/kerberosIV/lib/krb/rd_priv.c deleted file mode 100644 index 5ae161a..0000000 --- a/crypto/kerberosIV/lib/krb/rd_priv.c +++ /dev/null @@ -1,125 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -/* $FreeBSD$ */ - -#include "krb_locl.h" - -RCSID("$Id: rd_priv.c,v 1.27 1999/12/02 16:58:43 joda Exp $"); - -/* application include files */ -#include "krb-archaeology.h" - -/* - * krb_rd_priv() decrypts and checks the integrity of an - * AUTH_MSG_PRIVATE message. Given the message received, "in", - * the length of that message, "in_length", the key "schedule" - * and "key", and the network addresses of the - * "sender" and "receiver" of the message, krb_rd_safe() returns - * RD_AP_OK if the message is okay, otherwise some error code. - * - * The message data retrieved from "in" are returned in the structure - * "m_data". The pointer to the application data - * (m_data->app_data) refers back to the appropriate place in "in". - * - * See the file "mk_priv.c" for the format of the AUTH_MSG_PRIVATE - * message. The structure containing the extracted message - * information, MSG_DAT, is defined in "krb.h". - */ - -int32_t -krb_rd_priv(void *in, u_int32_t in_length, - des_key_schedule schedule, des_cblock *key, - struct sockaddr_in *sender, struct sockaddr_in *receiver, - MSG_DAT *m_data) -{ - unsigned char *p = (unsigned char*)in; - int little_endian; - u_int32_t clen; - struct timeval tv; - u_int32_t src_addr; - int delta_t; - - unsigned char pvno, type; - - pvno = *p++; - if(pvno != KRB_PROT_VERSION) - return RD_AP_VERSION; - - type = *p++; - little_endian = type & 1; - type &= ~1; - - p += krb_get_int(p, &clen, 4, little_endian); - - if(clen + 2 > in_length) - return RD_AP_MODIFIED; - - des_pcbc_encrypt((des_cblock*)p, (des_cblock*)p, clen, - schedule, key, DES_DECRYPT); - - p += krb_get_int(p, &m_data->app_length, 4, little_endian); - if(m_data->app_length + 17 > in_length) - return RD_AP_MODIFIED; - - m_data->app_data = p; - p += m_data->app_length; - - m_data->time_5ms = *p++; - - p += krb_get_address(p, &src_addr); - - if (!krb_equiv(src_addr, sender->sin_addr.s_addr)) - return RD_AP_BADD; - - p += krb_get_int(p, (u_int32_t *)&m_data->time_sec, 4, little_endian); - - m_data->time_sec = lsb_time(m_data->time_sec, sender, receiver); - - gettimeofday(&tv, NULL); - - /* check the time integrity of the msg */ - delta_t = abs((int)((long) tv.tv_sec - m_data->time_sec)); - if (delta_t > CLOCK_SKEW) - return RD_AP_TIME; - if (krb_debug) - krb_warning("delta_t = %d\n", (int) delta_t); - - /* - * caller must check timestamps for proper order and - * replays, since server might have multiple clients - * each with its own timestamps and we don't assume - * tightly synchronized clocks. - */ - - return KSUCCESS; -} diff --git a/crypto/kerberosIV/lib/krb/rd_req.c b/crypto/kerberosIV/lib/krb/rd_req.c deleted file mode 100644 index 4dca78e..0000000 --- a/crypto/kerberosIV/lib/krb/rd_req.c +++ /dev/null @@ -1,324 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: rd_req.c,v 1.27.2.2 2000/06/23 04:00:20 assar Exp $"); - -static struct timeval t_local = { 0, 0 }; - -/* - * Keep the following information around for subsequent calls - * to this routine by the same server using the same key. - */ - -static des_key_schedule serv_key; /* Key sched to decrypt ticket */ -static des_cblock ky; /* Initialization vector */ -static int st_kvno; /* version number for this key */ -static char st_rlm[REALM_SZ]; /* server's realm */ -static char st_nam[ANAME_SZ]; /* service name */ -static char st_inst[INST_SZ]; /* server's instance */ - -/* - * This file contains two functions. krb_set_key() takes a DES - * key or password string and returns a DES key (either the original - * key, or the password converted into a DES key) and a key schedule - * for it. - * - * krb_rd_req() reads an authentication request and returns information - * about the identity of the requestor, or an indication that the - * identity information was not authentic. - */ - -/* - * krb_set_key() takes as its first argument either a DES key or a - * password string. The "cvt" argument indicates how the first - * argument "key" is to be interpreted: if "cvt" is null, "key" is - * taken to be a DES key; if "cvt" is non-null, "key" is taken to - * be a password string, and is converted into a DES key using - * string_to_key(). In either case, the resulting key is returned - * in the external static variable "ky". A key schedule is - * generated for "ky" and returned in the external static variable - * "serv_key". - * - * This routine returns the return value of des_key_sched. - * - * krb_set_key() needs to be in the same .o file as krb_rd_req() so that - * the key set by krb_set_key() is available in private storage for - * krb_rd_req(). - */ - -int -krb_set_key(void *key, int cvt) -{ -#ifdef NOENCRYPTION - memset(ky, 0, sizeof(ky)); - return KSUCCESS; -#else /* Encrypt */ - if (cvt) - des_string_to_key((char*)key, &ky); - else - memcpy((char*)ky, key, 8); - return(des_key_sched(&ky, serv_key)); -#endif /* NOENCRYPTION */ -} - - -/* - * krb_rd_req() takes an AUTH_MSG_APPL_REQUEST or - * AUTH_MSG_APPL_REQUEST_MUTUAL message created by krb_mk_req(), - * checks its integrity and returns a judgement as to the requestor's - * identity. - * - * The "authent" argument is a pointer to the received message. - * The "service" and "instance" arguments name the receiving server, - * and are used to get the service's ticket to decrypt the ticket - * in the message, and to compare against the server name inside the - * ticket. "from_addr" is the network address of the host from which - * the message was received; this is checked against the network - * address in the ticket. If "from_addr" is zero, the check is not - * performed. "ad" is an AUTH_DAT structure which is - * filled in with information about the sender's identity according - * to the authenticator and ticket sent in the message. Finally, - * "fn" contains the name of the file containing the server's key. - * (If "fn" is NULL, the server's key is assumed to have been set - * by krb_set_key(). If "fn" is the null string ("") the default - * file KEYFILE, defined in "krb.h", is used.) - * - * krb_rd_req() returns RD_AP_OK if the authentication information - * was genuine, or one of the following error codes (defined in - * "krb.h"): - * - * RD_AP_VERSION - wrong protocol version number - * RD_AP_MSG_TYPE - wrong message type - * RD_AP_UNDEC - couldn't decipher the message - * RD_AP_INCON - inconsistencies found - * RD_AP_BADD - wrong network address - * RD_AP_TIME - client time (in authenticator) - * too far off server time - * RD_AP_NYV - Kerberos time (in ticket) too - * far off server time - * RD_AP_EXP - ticket expired - * - * For the message format, see krb_mk_req(). - * - * Mutual authentication is not implemented. - */ - -int -krb_rd_req(KTEXT authent, /* The received message */ - char *service, /* Service name */ - char *instance, /* Service instance */ - int32_t from_addr, /* Net address of originating host */ - AUTH_DAT *ad, /* Structure to be filled in */ - char *a_fn) /* Filename to get keys from */ -{ - static KTEXT_ST ticket; /* Temp storage for ticket */ - static KTEXT tkt = &ticket; - static KTEXT_ST req_id_st; /* Temp storage for authenticator */ - KTEXT req_id = &req_id_st; - - char realm[REALM_SZ]; /* Realm of issuing kerberos */ - - unsigned char skey[KKEY_SZ]; /* Session key from ticket */ - char sname[SNAME_SZ]; /* Service name from ticket */ - char iname[INST_SZ]; /* Instance name from ticket */ - char r_aname[ANAME_SZ]; /* Client name from authenticator */ - char r_inst[INST_SZ]; /* Client instance from authenticator */ - char r_realm[REALM_SZ]; /* Client realm from authenticator */ - u_int32_t r_time_sec; /* Coarse time from authenticator */ - unsigned long delta_t; /* Time in authenticator - local time */ - long tkt_age; /* Age of ticket */ - static unsigned char s_kvno;/* Version number of the server's key - * Kerberos used to encrypt ticket */ - - struct timeval tv; - int status; - - int pvno; - int type; - int little_endian; - - const char *fn = a_fn; - - unsigned char *p; - - if (authent->length <= 0) - return(RD_AP_MODIFIED); - - p = authent->dat; - - /* get msg version, type and byte order, and server key version */ - - pvno = *p++; - - if(pvno != KRB_PROT_VERSION) - return RD_AP_VERSION; - - type = *p++; - - little_endian = type & 1; - type &= ~1; - - if(type != AUTH_MSG_APPL_REQUEST && type != AUTH_MSG_APPL_REQUEST_MUTUAL) - return RD_AP_MSG_TYPE; - - s_kvno = *p++; - - p += krb_get_string(p, realm, sizeof(realm)); - - /* - * If "fn" is NULL, key info should already be set; don't - * bother with ticket file. Otherwise, check to see if we - * already have key info for the given server and key version - * (saved in the static st_* variables). If not, go get it - * from the ticket file. If "fn" is the null string, use the - * default ticket file. - */ - if (fn && (strcmp(st_nam,service) || strcmp(st_inst,instance) || - strcmp(st_rlm,realm) || (st_kvno != s_kvno))) { - if (*fn == 0) fn = (char *)KEYFILE; - st_kvno = s_kvno; - if (read_service_key(service, instance, realm, s_kvno, - fn, (char *)skey)) - return(RD_AP_UNDEC); - if ((status = krb_set_key((char*)skey, 0))) - return(status); - strlcpy (st_rlm, realm, REALM_SZ); - strlcpy (st_nam, service, SNAME_SZ); - strlcpy (st_inst, instance, INST_SZ); - } - - tkt->length = *p++; - - req_id->length = *p++; - - if(tkt->length + (p - authent->dat) > authent->length) - return RD_AP_MODIFIED; - - memcpy(tkt->dat, p, tkt->length); - p += tkt->length; - - if (krb_ap_req_debug) - krb_log("ticket->length: %d",tkt->length); - - /* Decrypt and take apart ticket */ - if (decomp_ticket(tkt, &ad->k_flags, ad->pname, ad->pinst, ad->prealm, - &ad->address, ad->session, &ad->life, - &ad->time_sec, sname, iname, &ky, serv_key)) - return RD_AP_UNDEC; - - if (krb_ap_req_debug) { - krb_log("Ticket Contents."); - krb_log(" Aname: %s.%s",ad->pname, ad->prealm); - krb_log(" Service: %s", krb_unparse_name_long(sname, iname, NULL)); - } - - /* Extract the authenticator */ - - if(req_id->length + (p - authent->dat) > authent->length) - return RD_AP_MODIFIED; - - memcpy(req_id->dat, p, req_id->length); - p = req_id->dat; - -#ifndef NOENCRYPTION - /* And decrypt it with the session key from the ticket */ - if (krb_ap_req_debug) krb_log("About to decrypt authenticator"); - - encrypt_ktext(req_id, &ad->session, DES_DECRYPT); - - if (krb_ap_req_debug) krb_log("Done."); -#endif /* NOENCRYPTION */ - - /* cast req_id->length to int? */ -#define check_ptr() if ((ptr - (char *) req_id->dat) > req_id->length) return(RD_AP_MODIFIED); - - p += krb_get_nir(p, - r_aname, sizeof(r_aname), - r_inst, sizeof(r_inst), - r_realm, sizeof(r_realm)); - - p += krb_get_int(p, &ad->checksum, 4, little_endian); - - p++; /* time_5ms is not used */ - - p += krb_get_int(p, &r_time_sec, 4, little_endian); - - /* Check for authenticity of the request */ - if (krb_ap_req_debug) - krb_log("Principal: %s.%s@%s / %s.%s@%s",ad->pname,ad->pinst, ad->prealm, - r_aname, r_inst, r_realm); - if (strcmp(ad->pname, r_aname) != 0 || - strcmp(ad->pinst, r_inst) != 0 || - strcmp(ad->prealm, r_realm) != 0) - return RD_AP_INCON; - - if (krb_ap_req_debug) - krb_log("Address: %x %x", ad->address, from_addr); - - if (from_addr && (!krb_equiv(ad->address, from_addr))) - return RD_AP_BADD; - - gettimeofday(&tv, NULL); - delta_t = abs((int)(tv.tv_sec - r_time_sec)); - if (delta_t > CLOCK_SKEW) { - if (krb_ap_req_debug) - krb_log("Time out of range: %lu - %lu = %lu", - (unsigned long)t_local.tv_sec, - (unsigned long)r_time_sec, - (unsigned long)delta_t); - return RD_AP_TIME; - } - - /* Now check for expiration of ticket */ - - tkt_age = tv.tv_sec - ad->time_sec; - if (krb_ap_req_debug) - krb_log("Time: %ld Issue Date: %lu Diff: %ld Life %x", - (long)tv.tv_sec, - (unsigned long)ad->time_sec, - tkt_age, - ad->life); - - if ((tkt_age < 0) && (-tkt_age > CLOCK_SKEW)) - return RD_AP_NYV; - - if (tv.tv_sec > krb_life_to_time(ad->time_sec, ad->life)) - return RD_AP_EXP; - - /* All seems OK */ - ad->reply.length = 0; - - return(RD_AP_OK); -} diff --git a/crypto/kerberosIV/lib/krb/rd_safe.c b/crypto/kerberosIV/lib/krb/rd_safe.c deleted file mode 100644 index 1d536ab..0000000 --- a/crypto/kerberosIV/lib/krb/rd_safe.c +++ /dev/null @@ -1,183 +0,0 @@ -/* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: rd_safe.c,v 1.26.2.1 2000/10/10 13:20:36 assar Exp $"); - -/* application include files */ -#include "krb-archaeology.h" - -#ifndef DES_QUAD_GUESS -/* Temporary fixes for krb_{rd,mk}_safe */ -#define DES_QUAD_GUESS 0 -#define DES_QUAD_NEW 1 -#define DES_QUAD_OLD 2 - -#define DES_QUAD_DEFAULT DES_QUAD_GUESS - -#endif /* DES_QUAD_GUESS */ - -/* Generate two checksums in the given byteorder of the data, one - * new-form and one old-form. It has to be done this way to be - * compatible with the old version of des_quad_cksum. - */ - -/* des_quad_chsum-type; 0 == unknown, 1 == new PL10++, 2 == old */ -int dqc_type = DES_QUAD_DEFAULT; - -void -fixup_quad_cksum(void *start, size_t len, des_cblock *key, - void *new_checksum, void *old_checksum, int little) -{ - des_quad_cksum((des_cblock*)start, (des_cblock*)new_checksum, len, 2, key); - if(HOST_BYTE_ORDER){ - if(little){ - memcpy(old_checksum, new_checksum, 16); - }else{ - u_int32_t *tmp = (u_int32_t*)new_checksum; - memcpy(old_checksum, new_checksum, 16); - swap_u_16(old_checksum); - swap_u_long(tmp[0]); - swap_u_long(tmp[1]); - swap_u_long(tmp[2]); - swap_u_long(tmp[3]); - } - }else{ - if(little){ - u_int32_t *tmp = (u_int32_t*)new_checksum; - swap_u_long(tmp[0]); - swap_u_long(tmp[1]); - swap_u_long(tmp[2]); - swap_u_long(tmp[3]); - memcpy(old_checksum, new_checksum, 16); - }else{ - u_int32_t tmp[4]; - tmp[0] = ((u_int32_t*)new_checksum)[3]; - tmp[1] = ((u_int32_t*)new_checksum)[2]; - tmp[2] = ((u_int32_t*)new_checksum)[1]; - tmp[3] = ((u_int32_t*)new_checksum)[0]; - memcpy(old_checksum, tmp, 16); - } - } -} - -/* - * krb_rd_safe() checks the integrity of an AUTH_MSG_SAFE message. - * Given the message received, "in", the length of that message, - * "in_length", the "key" to compute the checksum with, and the - * network addresses of the "sender" and "receiver" of the message, - * krb_rd_safe() returns RD_AP_OK if message is okay, otherwise - * some error code. - * - * The message data retrieved from "in" is returned in the structure - * "m_data". The pointer to the application data (m_data->app_data) - * refers back to the appropriate place in "in". - * - * See the file "mk_safe.c" for the format of the AUTH_MSG_SAFE - * message. The structure containing the extracted message - * information, MSG_DAT, is defined in "krb.h". - */ - -int32_t -krb_rd_safe(void *in, u_int32_t in_length, des_cblock *key, - struct sockaddr_in *sender, struct sockaddr_in *receiver, - MSG_DAT *m_data) -{ - unsigned char *p = (unsigned char*)in, *start; - - unsigned char pvno, type; - int little_endian; - struct timeval tv; - u_int32_t src_addr; - int delta_t; - - - pvno = *p++; - if(pvno != KRB_PROT_VERSION) - return RD_AP_VERSION; - - type = *p++; - little_endian = type & 1; - type &= ~1; - if(type != AUTH_MSG_SAFE) - return RD_AP_MSG_TYPE; - - start = p; - - p += krb_get_int(p, &m_data->app_length, 4, little_endian); - - if(m_data->app_length + 31 > in_length) - return RD_AP_MODIFIED; - - m_data->app_data = p; - - p += m_data->app_length; - - m_data->time_5ms = *p++; - - p += krb_get_address(p, &src_addr); - - if (!krb_equiv(src_addr, sender->sin_addr.s_addr)) - return RD_AP_BADD; - - p += krb_get_int(p, (u_int32_t *)&m_data->time_sec, 4, little_endian); - m_data->time_sec = lsb_time(m_data->time_sec, sender, receiver); - - gettimeofday(&tv, NULL); - - delta_t = abs((int)((long) tv.tv_sec - m_data->time_sec)); - if (delta_t > CLOCK_SKEW) return RD_AP_TIME; - - /* - * caller must check timestamps for proper order and replays, since - * server might have multiple clients each with its own timestamps - * and we don't assume tightly synchronized clocks. - */ - - { - unsigned char new_checksum[16]; - unsigned char old_checksum[16]; - fixup_quad_cksum(start, p - start, key, - new_checksum, old_checksum, little_endian); - if((dqc_type == DES_QUAD_GUESS || dqc_type == DES_QUAD_NEW) && - memcmp(new_checksum, p, 16) == 0) - dqc_type = DES_QUAD_NEW; - else if((dqc_type == DES_QUAD_GUESS || dqc_type == DES_QUAD_OLD) && - memcmp(old_checksum, p, 16) == 0) - dqc_type = DES_QUAD_OLD; - else - return RD_AP_MODIFIED; - } - return KSUCCESS; -} diff --git a/crypto/kerberosIV/lib/krb/read_service_key.c b/crypto/kerberosIV/lib/krb/read_service_key.c deleted file mode 100644 index 55fb98d..0000000 --- a/crypto/kerberosIV/lib/krb/read_service_key.c +++ /dev/null @@ -1,117 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: read_service_key.c,v 1.12 1999/09/16 20:41:54 assar Exp $"); - -/* - * The private keys for servers on a given host are stored in a - * "srvtab" file (typically "/etc/srvtab"). This routine extracts - * a given server's key from the file. - * - * read_service_key() takes the server's name ("service"), "instance", - * and "realm" and a key version number "kvno", and looks in the given - * "file" for the corresponding entry, and if found, returns the entry's - * key field in "key". - * - * If "instance" contains the string "*", then it will match - * any instance, and the chosen instance will be copied to that - * string. For this reason it is important that the there is enough - * space beyond the "*" to receive the entry. - * - * If "kvno" is 0, it is treated as a wild card and the first - * matching entry regardless of the "vno" field is returned. - * - * This routine returns KSUCCESS on success, otherwise KFAILURE. - * - * The format of each "srvtab" entry is as follows: - * - * Size Variable Field in file - * ---- -------- ------------- - * string serv server name - * string inst server instance - * string realm server realm - * 1 byte vno server key version # - * 8 bytes key server's key - * ... ... ... - */ - - -int -read_service_key(const char *service, /* Service Name */ - char *instance, /* Instance name or "*" */ - const char *realm, /* Realm */ - int kvno, /* Key version number */ - const char *file, /* Filename */ - void *key) /* Pointer to key to be filled in */ -{ - char serv[SNAME_SZ]; - char inst[INST_SZ]; - char rlm[REALM_SZ]; - unsigned char vno; /* Key version number */ - int wcard; - - int stab; - - if ((stab = open(file, O_RDONLY, 0)) < 0) - return(KFAILURE); - - wcard = (instance[0] == '*') && (instance[1] == '\0'); - - while (getst(stab,serv,SNAME_SZ) > 0) { /* Read sname */ - getst(stab,inst,INST_SZ); /* Instance */ - getst(stab,rlm,REALM_SZ); /* Realm */ - /* Vers number */ - if (read(stab, &vno, 1) != 1) { - close(stab); - return(KFAILURE); - } - /* Key */ - if (read(stab,key,8) != 8) { - close(stab); - return(KFAILURE); - } - /* Is this the right service */ - if (strcmp(serv,service)) - continue; - /* How about instance */ - if (!wcard && strcmp(inst,instance)) - continue; - if (wcard) { - strlcpy (instance, inst, INST_SZ); - } - /* Is this the right realm */ - if (strcmp(rlm,realm)) - continue; - - /* How about the key version number */ - if (kvno && kvno != (int) vno) - continue; - - close(stab); - return(KSUCCESS); - } - - /* Can't find the requested service */ - close(stab); - return(KFAILURE); -} diff --git a/crypto/kerberosIV/lib/krb/realm_parse.c b/crypto/kerberosIV/lib/krb/realm_parse.c deleted file mode 100644 index a4f0e7f..0000000 --- a/crypto/kerberosIV/lib/krb/realm_parse.c +++ /dev/null @@ -1,71 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: realm_parse.c,v 1.17 1999/12/02 16:58:43 joda Exp $"); - -static int -realm_parse(char *realm, int length, const char *file) -{ - FILE *F; - char tr[128]; - char *p; - - if ((F = fopen(file,"r")) == NULL) - return -1; - - while(fgets(tr, sizeof(tr), F)){ - char *unused = NULL; - p = strtok_r(tr, " \t\n\r", &unused); - if(p && strcasecmp(p, realm) == 0){ - fclose(F); - strlcpy (realm, p, length); - return 0; - } - } - fclose(F); - return -1; -} - -int -krb_realm_parse(char *realm, int length) -{ - int i; - char file[MaxPathLen]; - - for(i = 0; krb_get_krbconf(i, file, sizeof(file)) == 0; i++) - if (realm_parse(realm, length, file) == 0) - return 0; - return -1; -} diff --git a/crypto/kerberosIV/lib/krb/recvauth.c b/crypto/kerberosIV/lib/krb/recvauth.c deleted file mode 100644 index 1bd805d..0000000 --- a/crypto/kerberosIV/lib/krb/recvauth.c +++ /dev/null @@ -1,193 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ -/* $FreeBSD$ */ - -#include "krb_locl.h" - -RCSID("$Id: recvauth.c,v 1.19 1998/06/09 19:25:25 joda Exp $"); - -/* - * krb_recvauth() reads (and optionally responds to) a message sent - * using krb_sendauth(). The "options" argument is a bit-field of - * selected options (see "sendauth.c" for options description). - * The only option relevant to krb_recvauth() is KOPT_DO_MUTUAL - * (mutual authentication requested). The "fd" argument supplies - * a file descriptor to read from (and write to, if mutual authenti- - * cation is requested). - * - * Part of the received message will be a Kerberos ticket sent by the - * client; this is read into the "ticket" argument. The "service" and - * "instance" arguments supply the server's Kerberos name. If the - * "instance" argument is the string "*", it is treated as a wild card - * and filled in during the krb_rd_req() call (see read_service_key()). - * - * The "faddr" and "laddr" give the sending (client) and receiving - * (local server) network addresses. ("laddr" may be left NULL unless - * mutual authentication is requested, in which case it must be set.) - * - * The authentication information extracted from the message is returned - * in "kdata". The "filename" argument indicates the file where the - * server's key can be found. (It is passed on to krb_rd_req().) If - * left null, the default "/etc/srvtab" will be used. - * - * If mutual authentication is requested, the session key schedule must - * be computed in order to reply; this schedule is returned in the - * "schedule" argument. A string containing the application version - * number from the received message is returned in "version", which - * should be large enough to hold a KRB_SENDAUTH_VLEN-character string. - * - * See krb_sendauth() for the format of the received client message. - * - * krb_recvauth() first reads the protocol version string from the - * given file descriptor. If it doesn't match the current protocol - * version (KRB_SENDAUTH_VERS), the old-style format is assumed. In - * that case, the string of characters up to the first space is read - * and interpreted as the ticket length, then the ticket is read. - * - * If the first string did match KRB_SENDAUTH_VERS, krb_recvauth() - * next reads the application protocol version string. Then the - * ticket length and ticket itself are read. - * - * The ticket is decrypted and checked by the call to krb_rd_req(). - * If no mutual authentication is required, the result of the - * krb_rd_req() call is retured by this routine. If mutual authenti- - * cation is required, a message in the following format is returned - * on "fd": - * - * Size Variable Field - * ---- -------- ----- - * - * 4 bytes tkt_len length of ticket or -1 - * if error occurred - * - * priv_len tmp_buf "private" message created - * by krb_mk_priv() which - * contains the incremented - * checksum sent by the client - * encrypted in the session - * key. (This field is not - * present in case of error.) - * - * If all goes well, KSUCCESS is returned; otherwise KFAILURE or some - * other error code is returned. - */ - -static int -send_error_reply(int fd) -{ - unsigned char tmp[4] = { 255, 255, 255, 255 }; - if(krb_net_write(fd, tmp, sizeof(tmp)) != sizeof(tmp)) - return -1; - return 0; -} - -int -krb_recvauth(int32_t options, /* bit-pattern of options */ - int fd, /* file descr. to read from */ - KTEXT ticket, /* storage for client's ticket */ - char *service, /* service expected */ - char *instance, /* inst expected (may be filled in) */ - struct sockaddr_in *faddr, /* address of foreign host on fd */ - struct sockaddr_in *laddr, /* local address */ - AUTH_DAT *kdata, /* kerberos data (returned) */ - char *filename, /* name of file with service keys */ - des_key_schedule schedule, /* key schedule (return) */ - char *version) /* version string (filled in) */ -{ - int cc; - char krb_vers[KRB_SENDAUTH_VLEN + 1]; /* + 1 for the null terminator */ - int rem; - int32_t priv_len; - u_char tmp_buf[MAX_KTXT_LEN+max(KRB_SENDAUTH_VLEN+1,21)]; - - if (!(options & KOPT_IGNORE_PROTOCOL)) { - /* read the protocol version number */ - if (krb_net_read(fd, krb_vers, KRB_SENDAUTH_VLEN) != KRB_SENDAUTH_VLEN) - return(errno); - krb_vers[KRB_SENDAUTH_VLEN] = '\0'; - } - - /* read the application version string */ - if (krb_net_read(fd, version, KRB_SENDAUTH_VLEN) != KRB_SENDAUTH_VLEN) - return(errno); - version[KRB_SENDAUTH_VLEN] = '\0'; - - /* get the length of the ticket */ - { - char tmp[4]; - if (krb_net_read(fd, tmp, 4) != 4) - return -1; - krb_get_int(tmp, &ticket->length, 4, 0); - } - - /* sanity check */ - if (ticket->length <= 0 || ticket->length > MAX_KTXT_LEN) { - if (options & KOPT_DO_MUTUAL) { - if(send_error_reply(fd)) - return -1; - return KFAILURE; - } else - return KFAILURE; /* XXX there may still be junk on the fd? */ - } - - /* read the ticket */ - if (krb_net_read(fd, ticket->dat, ticket->length) != ticket->length) - return -1; - /* - * now have the ticket. decrypt it to get the authenticated - * data. - */ - rem = krb_rd_req(ticket, service, instance, faddr->sin_addr.s_addr, - kdata, filename); - - /* if we are doing mutual auth, compose a response */ - if (options & KOPT_DO_MUTUAL) { - if (rem != KSUCCESS){ - /* the krb_rd_req failed */ - if(send_error_reply(fd)) - return -1; - return rem; - } - - /* add one to the (formerly) sealed checksum, and re-seal it - for return to the client */ - { - unsigned char cs[4]; - krb_put_int(kdata->checksum + 1, cs, sizeof(cs), 4); -#ifndef NOENCRYPTION - des_key_sched(&kdata->session,schedule); -#endif - priv_len = krb_mk_priv(cs, - tmp_buf+4, - 4, - schedule, - &kdata->session, - laddr, - faddr); - } - /* mk_priv will never fail */ - priv_len += krb_put_int(priv_len, tmp_buf, 4, 4); - - if((cc = krb_net_write(fd, tmp_buf, priv_len)) != priv_len) - return -1; - } - return rem; -} diff --git a/crypto/kerberosIV/lib/krb/resource.h b/crypto/kerberosIV/lib/krb/resource.h deleted file mode 100644 index d50551f..0000000 --- a/crypto/kerberosIV/lib/krb/resource.h +++ /dev/null @@ -1,15 +0,0 @@ -//{{NO_DEPENDENCIES}}
-// Microsoft Developer Studio generated include file.
-// Used by krb.rc
-//
-
-// Next default values for new objects
-//
-#ifdef APSTUDIO_INVOKED
-#ifndef APSTUDIO_READONLY_SYMBOLS
-#define _APS_NEXT_RESOURCE_VALUE 101
-#define _APS_NEXT_COMMAND_VALUE 40001
-#define _APS_NEXT_CONTROL_VALUE 1000
-#define _APS_NEXT_SYMED_VALUE 101
-#endif
-#endif
diff --git a/crypto/kerberosIV/lib/krb/roken_rename.h b/crypto/kerberosIV/lib/krb/roken_rename.h deleted file mode 100644 index 7bd86e2..0000000 --- a/crypto/kerberosIV/lib/krb/roken_rename.h +++ /dev/null @@ -1,107 +0,0 @@ -/* - * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: roken_rename.h,v 1.8.2.1 2000/06/23 03:35:31 assar Exp $ */ - -#ifndef __roken_rename_h__ -#define __roken_rename_h__ - -/* - * Libroken routines that are added libkrb - */ - -#define base64_decode _krb_base64_decode -#define base64_encode _krb_base64_encode - -#define net_write roken_net_write -#define net_read roken_net_read - -#ifndef HAVE_FLOCK -#define flock _krb_flock -#endif -#ifndef HAVE_GETHOSTNAME -#define gethostname _krb_gethostname -#endif -#ifndef HAVE_GETTIMEOFDAY -#define gettimeofday _krb_gettimeofday -#endif -#ifndef HAVE_GETUID -#define getuid _krb_getuid -#endif -#ifndef HAVE_SNPRINTF -#define snprintf _krb_snprintf -#endif -#ifndef HAVE_ASPRINTF -#define asprintf _krb_asprintf -#endif -#ifndef HAVE_ASNPRINTF -#define asnprintf _krb_asnprintf -#endif -#ifndef HAVE_VASPRINTF -#define vasprintf _krb_vasprintf -#endif -#ifndef HAVE_VASNPRINTF -#define vasnprintf _krb_vasnprintf -#endif -#ifndef HAVE_VSNPRINTF -#define vsnprintf _krb_vsnprintf -#endif -#ifndef HAVE_STRCASECMP -#define strcasecmp _krb_strcasecmp -#endif -#ifndef HAVE_STRNCASECMP -#define strncasecmp _krb_strncasecmp -#endif -#ifndef HAVE_STRDUP -#define strdup _krb_strdup -#endif -#ifndef HAVE_STRLCAT -#define strlcat _krb_strlcat -#endif -#ifndef HAVE_STRLCPY -#define strlcpy _krb_strlcpy -#endif -#ifndef HAVE_STRNLEN -#define strnlen _krb_strnlen -#endif -#ifndef HAVE_SWAB -#define swab _krb_swab -#endif -#ifndef HAVE_STRTOK_R -#define strtok_r _krb_strtok_r -#endif - -#define dns_free_data _krb_dns_free_data -#define dns_lookup _krb_dns_lookup - -#endif /* __roken_rename_h__ */ diff --git a/crypto/kerberosIV/lib/krb/rw.c b/crypto/kerberosIV/lib/krb/rw.c deleted file mode 100644 index 5064a6f..0000000 --- a/crypto/kerberosIV/lib/krb/rw.c +++ /dev/null @@ -1,156 +0,0 @@ -/* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* Almost all programs use these routines (implicitly) so it's a good - * place to put the version string. */ - -#include "version.h" - -#include "krb_locl.h" - -RCSID("$Id: rw.c,v 1.12.2.1 2000/06/23 03:37:33 assar Exp $"); - -int -krb_get_int(void *f, u_int32_t *to, int size, int lsb) -{ - int i; - unsigned char *from = (unsigned char *)f; - - *to = 0; - if(lsb){ - for(i = size-1; i >= 0; i--) - *to = (*to << 8) | from[i]; - }else{ - for(i = 0; i < size; i++) - *to = (*to << 8) | from[i]; - } - return size; -} - -int -krb_put_int(u_int32_t from, void *to, size_t rem, int size) -{ - int i; - unsigned char *p = (unsigned char *)to; - - if (rem < size) - return -1; - - for(i = size - 1; i >= 0; i--){ - p[i] = from & 0xff; - from >>= 8; - } - return size; -} - - -/* addresses are always sent in network byte order */ - -int -krb_get_address(void *from, u_int32_t *to) -{ - unsigned char *p = (unsigned char*)from; - *to = htonl((p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]); - return 4; -} - -int -krb_put_address(u_int32_t addr, void *to, size_t rem) -{ - return krb_put_int(ntohl(addr), to, rem, 4); -} - -int -krb_put_string(const char *from, void *to, size_t rem) -{ - size_t len = strlen(from) + 1; - - if (rem < len) - return -1; - memcpy(to, from, len); - return len; -} - -int -krb_get_string(void *from, char *to, size_t to_size) -{ - strlcpy (to, (char *)from, to_size); - return strlen((char *)from) + 1; -} - -int -krb_get_nir(void *from, - char *name, size_t name_len, - char *instance, size_t instance_len, - char *realm, size_t realm_len) -{ - char *p = (char *)from; - - p += krb_get_string(p, name, name_len); - p += krb_get_string(p, instance, instance_len); - if(realm) - p += krb_get_string(p, realm, realm_len); - return p - (char *)from; -} - -int -krb_put_nir(const char *name, - const char *instance, - const char *realm, - void *to, - size_t rem) -{ - char *p = (char *)to; - int tmp; - - tmp = krb_put_string(name, p, rem); - if (tmp < 0) - return tmp; - p += tmp; - rem -= tmp; - - tmp = krb_put_string(instance, p, rem); - if (tmp < 0) - return tmp; - p += tmp; - rem -= tmp; - - if (realm) { - tmp = krb_put_string(realm, p, rem); - if (tmp < 0) - return tmp; - p += tmp; - rem -= tmp; - } - return p - (char *)to; -} diff --git a/crypto/kerberosIV/lib/krb/save_credentials.c b/crypto/kerberosIV/lib/krb/save_credentials.c deleted file mode 100644 index cfd6c07..0000000 --- a/crypto/kerberosIV/lib/krb/save_credentials.c +++ /dev/null @@ -1,59 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: save_credentials.c,v 1.5 1997/03/23 03:53:17 joda Exp $"); - -/* - * This routine takes a ticket and associated info and calls - * tf_save_cred() to store them in the ticket cache. The peer - * routine for extracting a ticket and associated info from the - * ticket cache is krb_get_cred(). When changes are made to - * this routine, the corresponding changes should be made - * in krb_get_cred() as well. - * - * Returns KSUCCESS if all goes well, otherwise an error returned - * by the tf_init() or tf_save_cred() routines. - */ - -int -save_credentials(char *service, /* Service name */ - char *instance, /* Instance */ - char *realm, /* Auth domain */ - unsigned char *session, /* Session key */ - int lifetime, /* Lifetime */ - int kvno, /* Key version number */ - KTEXT ticket, /* The ticket itself */ - int32_t issue_date) /* The issue time */ -{ - int tf_status; /* return values of the tf_util calls */ - - /* Open and lock the ticket file for writing */ - if ((tf_status = tf_init(TKT_FILE, W_TKT_FIL)) != KSUCCESS) - return(tf_status); - - /* Save credentials by appending to the ticket file */ - tf_status = tf_save_cred(service, instance, realm, session, - lifetime, kvno, ticket, issue_date); - tf_close(); - return (tf_status); -} diff --git a/crypto/kerberosIV/lib/krb/send_to_kdc.c b/crypto/kerberosIV/lib/krb/send_to_kdc.c deleted file mode 100644 index 4fc2c95..0000000 --- a/crypto/kerberosIV/lib/krb/send_to_kdc.c +++ /dev/null @@ -1,533 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" -#include <base64.h> - -RCSID("$Id: send_to_kdc.c,v 1.71.2.1 2000/10/10 12:47:21 assar Exp $"); - -struct host { - struct sockaddr_in addr; - const char *hostname; - enum krb_host_proto proto; -}; - -static int send_recv(KTEXT pkt, KTEXT rpkt, struct host *host); - -/* - * send_to_kdc() sends a message to the Kerberos authentication - * server(s) in the given realm and returns the reply message. - * The "pkt" argument points to the message to be sent to Kerberos; - * the "rpkt" argument will be filled in with Kerberos' reply. - * The "realm" argument indicates the realm of the Kerberos server(s) - * to transact with. If the realm is null, the local realm is used. - * - * If more than one Kerberos server is known for a given realm, - * different servers will be queried until one of them replies. - * Several attempts (retries) are made for each server before - * giving up entirely. - * - * If an answer was received from a Kerberos host, KSUCCESS is - * returned. The following errors can be returned: - * - * SKDC_CANT - can't get local realm - * - can't find "kerberos" in /etc/services database - * - can't open socket - * - can't bind socket - * - all ports in use - * - couldn't find any Kerberos host - * - * SKDC_RETRY - couldn't get an answer from any Kerberos server, - * after several retries - */ - -/* always use the admin server */ -static int krb_use_admin_server_flag = 0; - -static int client_timeout = -1; - -int -krb_use_admin_server(int flag) -{ - int old = krb_use_admin_server_flag; - krb_use_admin_server_flag = flag; - return old; -} - -#define PROXY_VAR "krb4_proxy" - -static int -expand (struct host **ptr, size_t sz) -{ - void *tmp; - - tmp = realloc (*ptr, sz) ; - if (tmp == NULL) - return SKDC_CANT; - *ptr = tmp; - return 0; -} - -int -send_to_kdc(KTEXT pkt, KTEXT rpkt, const char *realm) -{ - int i; - int no_host; /* was a kerberos host found? */ - int retry; - int n_hosts; - int retval; - struct hostent *host; - char lrealm[REALM_SZ]; - struct krb_host *k_host; - struct host *hosts = malloc(sizeof(*hosts)); - const char *proxy = krb_get_config_string (PROXY_VAR); - - if (hosts == NULL) - return SKDC_CANT; - - if (client_timeout == -1) { - const char *to; - - client_timeout = CLIENT_KRB_TIMEOUT; - to = krb_get_config_string ("kdc_timeout"); - if (to != NULL) { - int tmp; - char *end; - - tmp = strtol (to, &end, 0); - if (end != to) - client_timeout = tmp; - } - } - - /* - * If "realm" is non-null, use that, otherwise get the - * local realm. - */ - if (realm == NULL) { - if (krb_get_lrealm(lrealm,1)) { - if (krb_debug) - krb_warning("send_to_kdc: can't get local realm\n"); - return(SKDC_CANT); - } - realm = lrealm; - } - if (krb_debug) - krb_warning("lrealm is %s\n", realm); - - no_host = 1; - /* get an initial allocation */ - n_hosts = 0; - for (i = 1; - (k_host = krb_get_host(i, realm, krb_use_admin_server_flag)); - ++i) { - char *p; - char **addr_list; - int j; - int n_addrs; - struct host *tmp; - - if (k_host->proto == PROTO_HTTP && proxy != NULL) { - n_addrs = 1; - no_host = 0; - - retval = expand (&hosts, (n_hosts + n_addrs) * sizeof(*hosts)); - if (retval) - goto rtn; - - memset (&hosts[n_hosts].addr, 0, sizeof(struct sockaddr_in)); - hosts[n_hosts].addr.sin_port = htons(k_host->port); - hosts[n_hosts].proto = k_host->proto; - hosts[n_hosts].hostname = k_host->host; - } else { - if (krb_debug) - krb_warning("Getting host entry for %s...", k_host->host); - host = gethostbyname(k_host->host); - if (krb_debug) { - krb_warning("%s.\n", - host ? "Got it" : "Didn't get it"); - } - if (host == NULL) - continue; - no_host = 0; /* found at least one */ - - n_addrs = 0; - for (addr_list = host->h_addr_list; - *addr_list != NULL; - ++addr_list) - ++n_addrs; - - retval = expand (&hosts, (n_hosts + n_addrs) * sizeof(*hosts)); - if (retval) - goto rtn; - - for (addr_list = host->h_addr_list, j = 0; - (p = *addr_list) != NULL; - ++addr_list, ++j) { - memset (&hosts[n_hosts + j].addr, 0, - sizeof(struct sockaddr_in)); - hosts[n_hosts + j].addr.sin_family = host->h_addrtype; - hosts[n_hosts + j].addr.sin_port = htons(k_host->port); - hosts[n_hosts + j].proto = k_host->proto; - hosts[n_hosts + j].hostname = k_host->host; - memcpy(&hosts[n_hosts + j].addr.sin_addr, p, - sizeof(struct in_addr)); - } - } - - for (j = 0; j < n_addrs; ++j) { - if (send_recv(pkt, rpkt, &hosts[n_hosts + j])) { - retval = KSUCCESS; - goto rtn; - } - if (krb_debug) { - krb_warning("Timeout, error, or wrong descriptor\n"); - } - } - n_hosts += j; - } - if (no_host) { - if (krb_debug) - krb_warning("send_to_kdc: can't find any Kerberos host.\n"); - retval = SKDC_CANT; - goto rtn; - } - /* retry each host in sequence */ - for (retry = 0; retry < CLIENT_KRB_RETRY; ++retry) { - for (i = 0; i < n_hosts; ++i) { - if (send_recv(pkt, rpkt, &hosts[i])) { - retval = KSUCCESS; - goto rtn; - } - } - } - retval = SKDC_RETRY; -rtn: - free(hosts); - return(retval); -} - -static int -udp_socket(void) -{ - return socket(AF_INET, SOCK_DGRAM, 0); -} - -static int -udp_connect(int s, struct host *host) -{ - if(krb_debug) { - krb_warning("connecting to %s (%s) udp, port %d\n", - host->hostname, - inet_ntoa(host->addr.sin_addr), - ntohs(host->addr.sin_port)); - } - return connect(s, (struct sockaddr*)&host->addr, sizeof(host->addr)); -} - -static int -udp_send(int s, struct host *host, KTEXT pkt) -{ - if(krb_debug) { - krb_warning("sending %d bytes to %s (%s), udp port %d\n", - pkt->length, - host->hostname, - inet_ntoa(host->addr.sin_addr), - ntohs(host->addr.sin_port)); - } - return send(s, pkt->dat, pkt->length, 0); -} - -static int -tcp_socket(void) -{ - return socket(AF_INET, SOCK_STREAM, 0); -} - -static int -tcp_connect(int s, struct host *host) -{ - if(krb_debug) { - krb_warning("connecting to %s (%s), tcp port %d\n", - host->hostname, - inet_ntoa(host->addr.sin_addr), - ntohs(host->addr.sin_port)); - } - return connect(s, (struct sockaddr*)&host->addr, sizeof(host->addr)); -} - -static int -tcp_send(int s, struct host *host, KTEXT pkt) -{ - unsigned char len[4]; - - if(krb_debug) { - krb_warning("sending %d bytes to %s (%s), tcp port %d\n", - pkt->length, - host->hostname, - inet_ntoa(host->addr.sin_addr), - ntohs(host->addr.sin_port)); - } - krb_put_int(pkt->length, len, sizeof(len), 4); - if(send(s, len, sizeof(len), 0) != sizeof(len)) - return -1; - return send(s, pkt->dat, pkt->length, 0); -} - -static int -udptcp_recv(void *buf, size_t len, KTEXT rpkt) -{ - int pktlen = min(len, MAX_KTXT_LEN); - - if(krb_debug) - krb_warning("recieved %lu bytes on udp/tcp socket\n", - (unsigned long)len); - memcpy(rpkt->dat, buf, pktlen); - rpkt->length = pktlen; - return 0; -} - -static int -url_parse(const char *url, char *host, size_t len, short *port) -{ - const char *p; - size_t n; - - if(strncmp(url, "http://", 7)) - return -1; - url += 7; - p = strchr(url, ':'); - if(p) { - char *end; - - *port = htons(strtol(p + 1, &end, 0)); - if (end == p + 1) - return -1; - n = p - url; - } else { - *port = k_getportbyname ("http", "tcp", htons(80)); - p = strchr(url, '/'); - if (p) - n = p - url; - else - n = strlen(url); - } - if (n >= len) - return -1; - memcpy(host, url, n); - host[n] = '\0'; - return 0; -} - -static int -http_connect(int s, struct host *host) -{ - const char *proxy = krb_get_config_string(PROXY_VAR); - char proxy_host[MaxHostNameLen]; - short port; - struct hostent *hp; - struct sockaddr_in sin; - - if(proxy == NULL) { - if(krb_debug) - krb_warning("Not using proxy.\n"); - return tcp_connect(s, host); - } - if(url_parse(proxy, proxy_host, sizeof(proxy_host), &port) < 0) - return -1; - hp = gethostbyname(proxy_host); - if(hp == NULL) - return -1; - memset(&sin, 0, sizeof(sin)); - sin.sin_family = AF_INET; - memcpy(&sin.sin_addr, hp->h_addr, sizeof(sin.sin_addr)); - sin.sin_port = port; - if(krb_debug) { - krb_warning("connecting to proxy on %s (%s) port %d\n", - proxy_host, inet_ntoa(sin.sin_addr), ntohs(port)); - } - return connect(s, (struct sockaddr*)&sin, sizeof(sin)); -} - -static int -http_send(int s, struct host *host, KTEXT pkt) -{ - const char *proxy = krb_get_config_string (PROXY_VAR); - char *str; - char *msg; - - if(base64_encode(pkt->dat, pkt->length, &str) < 0) - return -1; - if(proxy != NULL) { - if(krb_debug) { - krb_warning("sending %d bytes to %s, tcp port %d (via proxy)\n", - pkt->length, - host->hostname, - ntohs(host->addr.sin_port)); - } - asprintf(&msg, "GET http://%s:%d/%s HTTP/1.0\r\n\r\n", - host->hostname, - ntohs(host->addr.sin_port), - str); - } else { - if(krb_debug) { - krb_warning("sending %d bytes to %s (%s), http port %d\n", - pkt->length, - host->hostname, - inet_ntoa(host->addr.sin_addr), - ntohs(host->addr.sin_port)); - } - asprintf(&msg, "GET %s HTTP/1.0\r\n\r\n", str); - } - free(str); - - if (msg == NULL) - return -1; - - if(send(s, msg, strlen(msg), 0) != strlen(msg)){ - free(msg); - return -1; - } - free(msg); - return 0; -} - -static int -http_recv(void *buf, size_t len, KTEXT rpkt) -{ - char *p; - char *tmp = malloc(len + 1); - - if (tmp == NULL) - return -1; - memcpy(tmp, buf, len); - tmp[len] = 0; - p = strstr(tmp, "\r\n\r\n"); - if(p == NULL){ - free(tmp); - return -1; - } - p += 4; - if(krb_debug) - krb_warning("recieved %lu bytes on http socket\n", - (unsigned long)((tmp + len) - p)); - if((tmp + len) - p > MAX_KTXT_LEN) { - free(tmp); - return -1; - } - if (strncasecmp (tmp, "HTTP/1.0 2", 10) != 0 - && strncasecmp (tmp, "HTTP/1.1 2", 10) != 0) { - free (tmp); - return -1; - } - memcpy(rpkt->dat, p, (tmp + len) - p); - rpkt->length = (tmp + len) - p; - free(tmp); - return 0; -} - -static struct proto_descr { - int proto; - int stream_flag; - int (*socket)(void); - int (*connect)(int, struct host *host); - int (*send)(int, struct host *host, KTEXT); - int (*recv)(void*, size_t, KTEXT); -} protos[] = { - { PROTO_UDP, 0, udp_socket, udp_connect, udp_send, udptcp_recv }, - { PROTO_TCP, 1, tcp_socket, tcp_connect, tcp_send, udptcp_recv }, - { PROTO_HTTP, 1, tcp_socket, http_connect, http_send, http_recv } -}; - -static int -send_recv(KTEXT pkt, KTEXT rpkt, struct host *host) -{ - int i; - int s; - unsigned char buf[MAX_KTXT_LEN]; - int offset = 0; - - for(i = 0; i < sizeof(protos) / sizeof(protos[0]); i++){ - if(protos[i].proto == host->proto) - break; - } - if(i == sizeof(protos) / sizeof(protos[0])) - return FALSE; - if((s = (*protos[i].socket)()) < 0) - return FALSE; - if((*protos[i].connect)(s, host) < 0) { - close(s); - return FALSE; - } - if((*protos[i].send)(s, host, pkt) < 0) { - close(s); - return FALSE; - } - do{ - fd_set readfds; - struct timeval timeout; - int len; - timeout.tv_sec = client_timeout; - timeout.tv_usec = 0; - FD_ZERO(&readfds); - if (s >= FD_SETSIZE) { - if (krb_debug) - krb_warning("fd too large\n"); - close (s); - return FALSE; - } - FD_SET(s, &readfds); - - /* select - either recv is ready, or timeout */ - /* see if timeout or error or wrong descriptor */ - if(select(s + 1, &readfds, 0, 0, &timeout) < 1 - || !FD_ISSET(s, &readfds)) { - if (krb_debug) - krb_warning("select failed: errno = %d\n", errno); - close(s); - return FALSE; - } - len = recv(s, buf + offset, sizeof(buf) - offset, 0); - if (len < 0) { - close(s); - return FALSE; - } - if(len == 0) - break; - offset += len; - } while(protos[i].stream_flag); - close(s); - if((*protos[i].recv)(buf, offset, rpkt) < 0) - return FALSE; - return TRUE; -} - -/* The configuration line "hosts: dns files" in /etc/nsswitch.conf is - * rumored to avoid triggering this bug. */ -#if defined(linux) && defined(HAVE__DNS_GETHOSTBYNAME) && 0 -/* Linux libc 5.3 is broken probably somewhere in nsw_hosts.o, - * for now keep this kludge. */ -static -struct hostent *gethostbyname(const char *name) -{ - return (void *)_dns_gethostbyname(name); -} -#endif diff --git a/crypto/kerberosIV/lib/krb/sendauth.c b/crypto/kerberosIV/lib/krb/sendauth.c deleted file mode 100644 index df73e46..0000000 --- a/crypto/kerberosIV/lib/krb/sendauth.c +++ /dev/null @@ -1,166 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ -/* $FreeBSD$ */ - -#include "krb_locl.h" - -RCSID("$Id: sendauth.c,v 1.18 1999/09/16 20:41:55 assar Exp $"); - -/* - * krb_sendauth() transmits a ticket over a file descriptor for a - * desired service, instance, and realm, doing mutual authentication - * with the server if desired. - */ - -/* - * The first argument to krb_sendauth() contains a bitfield of - * options (the options are defined in "krb.h"): - * - * KOPT_DONT_CANON Don't canonicalize instance as a hostname. - * (If this option is not chosen, krb_get_phost() - * is called to canonicalize it.) - * - * KOPT_DONT_MK_REQ Don't request server ticket from Kerberos. - * A ticket must be supplied in the "ticket" - * argument. - * (If this option is not chosen, and there - * is no ticket for the given server in the - * ticket cache, one will be fetched using - * krb_mk_req() and returned in "ticket".) - * - * KOPT_DO_MUTUAL Do mutual authentication, requiring that the - * receiving server return the checksum+1 encrypted - * in the session key. The mutual authentication - * is done using krb_mk_priv() on the other side - * (see "recvauth.c") and krb_rd_priv() on this - * side. - * - * The "fd" argument is a file descriptor to write to the remote - * server on. The "ticket" argument is used to store the new ticket - * from the krb_mk_req() call. If the KOPT_DONT_MK_REQ options is - * chosen, the ticket must be supplied in the "ticket" argument. - * The "service", "inst", and "realm" arguments identify the ticket. - * If "realm" is null, the local realm is used. - * - * The following arguments are only needed if the KOPT_DO_MUTUAL option - * is chosen: - * - * The "checksum" argument is a number that the server will add 1 to - * to authenticate itself back to the client; the "msg_data" argument - * holds the returned mutual-authentication message from the server - * (i.e., the checksum+1); the "cred" structure is used to hold the - * session key of the server, extracted from the ticket file, for use - * in decrypting the mutual authentication message from the server; - * and "schedule" holds the key schedule for that decryption. The - * the local and server addresses are given in "laddr" and "faddr". - * - * The application protocol version number (of up to KRB_SENDAUTH_VLEN - * characters) is passed in "version". - * - * If all goes well, KSUCCESS is returned, otherwise some error code. - * - * The format of the message sent to the server is: - * - * Size Variable Field - * ---- -------- ----- - * - * KRB_SENDAUTH_VLEN KRB_SENDAUTH_VER sendauth protocol - * bytes version number - * - * KRB_SENDAUTH_VLEN version application protocol - * bytes version number - * - * 4 bytes ticket->length length of ticket - * - * ticket->length ticket->dat ticket itself - */ - -int -krb_sendauth(int32_t options, /* bit-pattern of options */ - int fd, /* file descriptor to write onto */ - KTEXT ticket, /* where to put ticket (return); or - * supplied in case of KOPT_DONT_MK_REQ */ - char *service, /* service name, instance, realm */ - char *instance, - char *realm, - u_int32_t checksum, /* checksum to include in request */ - MSG_DAT *msg_data, /* mutual auth MSG_DAT (return) */ - CREDENTIALS *cred, /* credentials (return) */ - des_key_schedule schedule, /* key schedule (return) */ - struct sockaddr_in *laddr, /* local address */ - struct sockaddr_in *faddr, /* address of foreign host on fd */ - char *version) /* version string */ -{ - int ret; - KTEXT_ST buf; - char realrealm[REALM_SZ]; - - if (realm == NULL) { - ret = krb_get_lrealm (realrealm, 1); - if (ret != KSUCCESS) - return ret; - realm = realrealm; - } - ret = krb_mk_auth (options, ticket, service, instance, realm, checksum, - version, &buf); - if (ret != KSUCCESS) - return ret; - ret = krb_net_write(fd, buf.dat, buf.length); - if(ret < 0) - return -1; - - if (options & KOPT_DO_MUTUAL) { - char tmp[4]; - u_int32_t len; - char inst[INST_SZ]; - char *i; - - ret = krb_net_read (fd, tmp, 4); - if (ret < 0) - return -1; - - krb_get_int (tmp, &len, 4, 0); - if (len == 0xFFFFFFFF || len > sizeof(buf.dat)) - return KFAILURE; - buf.length = len; - ret = krb_net_read (fd, buf.dat, len); - if (ret < 0) - return -1; - - if (options & KOPT_DONT_CANON) - i = instance; - else - i = krb_get_phost(instance); - strlcpy (inst, i, sizeof(inst)); - - ret = krb_get_cred (service, inst, realm, cred); - if (ret != KSUCCESS) - return ret; - - des_key_sched(&cred->session, schedule); - - ret = krb_check_auth (&buf, checksum, msg_data, &cred->session, - schedule, laddr, faddr); - if (ret != KSUCCESS) - return ret; - } - return KSUCCESS; -} diff --git a/crypto/kerberosIV/lib/krb/sizetest.c b/crypto/kerberosIV/lib/krb/sizetest.c deleted file mode 100644 index e683416..0000000 --- a/crypto/kerberosIV/lib/krb/sizetest.c +++ /dev/null @@ -1,40 +0,0 @@ -#include "krb_locl.h" - -RCSID("$Id: sizetest.c,v 1.6 1998/01/01 22:29:04 assar Exp $"); - -static void -fatal(const char *msg) -{ - fputs(msg, stderr); - exit(1); -} - -int -main(void) -{ - if (sizeof(u_int8_t) < 1) - fatal("sizeof(u_int8_t) is smaller than 1 byte\n"); - if (sizeof(u_int16_t) < 2) - fatal("sizeof(u_int16_t) is smaller than 2 bytes\n"); - if (sizeof(u_int32_t) < 4) - fatal("sizeof(u_int32_t) is smaller than 4 bytes\n"); - - if (sizeof(u_int8_t) > 1) - fputs("warning: sizeof(u_int8_t) is larger than 1 byte, " - "some stuff may not work properly!\n", stderr); - - { - u_int8_t u = 1; - int i; - for (i = 0; u != 0 && i < 100; i++) - u <<= 1; - - if (i < 8) - fatal("u_int8_t is smaller than 8 bits\n"); - else if (i > 8) - fputs("warning: u_int8_t is larger than 8 bits, " - "some stuff may not work properly!\n", stderr); - } - - exit(0); -} diff --git a/crypto/kerberosIV/lib/krb/solaris_compat.c b/crypto/kerberosIV/lib/krb/solaris_compat.c deleted file mode 100644 index b844313..0000000 --- a/crypto/kerberosIV/lib/krb/solaris_compat.c +++ /dev/null @@ -1,90 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -/* $FreeBSD$ */ - -#include "krb_locl.h" - -RCSID("$Id: solaris_compat.c,v 1.4 1999/12/02 16:58:44 joda Exp $"); - -#if (SunOS + 0) >= 50 -/* - * Compatibility with solaris' libkrb. - */ - -int32_t -_C0095C2A(void *in, void *out, u_int32_t length, - des_key_schedule schedule, des_cblock *key, - struct sockaddr_in *sender, struct sockaddr_in *receiver) -{ - return krb_mk_priv (in, out, length, schedule, key, sender, receiver); -} - -int32_t -_C0095C2B(void *in, u_int32_t in_length, - des_key_schedule schedule, des_cblock *key, - struct sockaddr_in *sender, struct sockaddr_in *receiver, - MSG_DAT *m_data) -{ - return krb_rd_priv (in, in_length, schedule, key, - sender, receiver, m_data); -} - -void -_C0095B2B(des_cblock *input,des_cblock *output, - des_key_schedule ks,int enc) -{ - des_ecb_encrypt(input, output, ks, enc); -} - -void -_C0095B2A(des_cblock (*input), - des_cblock (*output), - long length, - des_key_schedule schedule, - des_cblock (*ivec), - int encrypt) -{ - des_cbc_encrypt(input, output, length, schedule, ivec, encrypt); -} - -void -_C0095B2C(des_cblock (*input), - des_cblock (*output), - long length, - des_key_schedule schedule, - des_cblock (*ivec), - int encrypt) -{ - des_pcbc_encrypt(input, output, length, schedule, ivec, encrypt); -} -#endif /* (SunOS-0) >= 50 */ diff --git a/crypto/kerberosIV/lib/krb/stime.c b/crypto/kerberosIV/lib/krb/stime.c deleted file mode 100644 index ec57d8f..0000000 --- a/crypto/kerberosIV/lib/krb/stime.c +++ /dev/null @@ -1,35 +0,0 @@ -/* - * $Id: stime.c,v 1.6 1997/05/02 14:29:20 assar Exp $ - * - * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute - * of Technology. - * - * For copying and distribution information, please see the file - * <mit-copyright.h>. - */ - -#include "krb_locl.h" - -RCSID("$Id: stime.c,v 1.6 1997/05/02 14:29:20 assar Exp $"); - -/* - * Given a pointer to a long containing the number of seconds - * since the beginning of time (midnight 1 Jan 1970 GMT), return - * a string containing the local time in the form: - * - * "25-Jan-1988 10:17:56" - */ - -const char * -krb_stime(time_t *t) -{ - static char st[40]; - struct tm *tm; - - tm = localtime(t); - snprintf(st, sizeof(st), - "%2d-%s-%04d %02d:%02d:%02d",tm->tm_mday, - month_sname(tm->tm_mon + 1),tm->tm_year + 1900, - tm->tm_hour, tm->tm_min, tm->tm_sec); - return st; -} diff --git a/crypto/kerberosIV/lib/krb/str2key.c b/crypto/kerberosIV/lib/krb/str2key.c deleted file mode 100644 index 4ef4c57..0000000 --- a/crypto/kerberosIV/lib/krb/str2key.c +++ /dev/null @@ -1,105 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: str2key.c,v 1.17 1999/12/02 16:58:44 joda Exp $"); - -#define lowcase(c) (('A' <= (c) && (c) <= 'Z') ? ((c) - 'A' + 'a') : (c)) - -/* - * The string to key function used by Transarc AFS. - */ -void -afs_string_to_key(const char *pass, const char *cell, des_cblock *key) -{ - if (strlen(pass) <= 8) /* Short passwords. */ - { - char buf[8 + 1], *s; - int i; - - /* - * XOR cell and password and pad (or fill) with 'X' to length 8, - * then use crypt(3) to create DES key. - */ - for (i = 0; i < 8; i++) - { - buf[i] = *pass ^ lowcase(*cell); - if (buf[i] == 0) - buf[i] = 'X'; - if (*pass != 0) - pass++; - if (*cell != 0) - cell++; - } - buf[8] = 0; - - s = crypt(buf, "p1"); /* Result from crypt is 7bit chars. */ - s = s + 2; /* Skip 2 chars of salt. */ - for (i = 0; i < 8; i++) - ((char *) key)[i] = s[i] << 1; /* High bit is always zero */ - des_fixup_key_parity(key); /* Low bit is parity */ - } - else /* Long passwords */ - { - int plen, clen; - char *buf, *t; - des_key_schedule sched; - des_cblock ivec; - - /* - * Concatenate password with cell name, - * then checksum twice to create DES key. - */ - plen = strlen(pass); - clen = strlen(cell); - buf = malloc(plen + clen + 1); - memcpy(buf, pass, plen); - for (t = buf + plen; *cell != 0; t++, cell++) - *t = lowcase(*cell); - - memcpy(&ivec, "kerberos", 8); - memcpy(key, "kdsbdsns", 8); - des_key_sched(key, sched); - /* Beware, ivec is passed twice */ - des_cbc_cksum((des_cblock *)buf, &ivec, plen + clen, sched, &ivec); - - memcpy(key, &ivec, 8); - des_fixup_key_parity(key); - des_key_sched(key, sched); - /* Beware, ivec is passed twice */ - des_cbc_cksum((des_cblock *)buf, key, plen + clen, sched, &ivec); - free(buf); - des_fixup_key_parity(key); - } -} diff --git a/crypto/kerberosIV/lib/krb/tf_util.c b/crypto/kerberosIV/lib/krb/tf_util.c deleted file mode 100644 index 0d5361f..0000000 --- a/crypto/kerberosIV/lib/krb/tf_util.c +++ /dev/null @@ -1,791 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: tf_util.c,v 1.39.2.2 2000/06/23 04:03:58 assar Exp $"); - - -#define TOO_BIG -1 -#define TF_LCK_RETRY ((unsigned)2) /* seconds to sleep before - * retry if ticket file is - * locked */ -#define TF_LCK_RETRY_COUNT (50) /* number of retries */ - -#ifndef O_BINARY -#define O_BINARY 0 -#endif - -#define MAGIC_TICKET_NAME "magic" -#define MAGIC_TICKET_TIME_DIFF_INST "time-diff" -#define MAGIC_TICKET_ADDR_INST "our-address" - -/* - * fd must be initialized to something that won't ever occur as a real - * file descriptor. Since open(2) returns only non-negative numbers as - * valid file descriptors, and tf_init always stuffs the return value - * from open in here even if it is an error flag, we must - * a. Initialize fd to a negative number, to indicate that it is - * not initially valid. - * b. When checking for a valid fd, assume that negative values - * are invalid (ie. when deciding whether tf_init has been - * called.) - * c. In tf_close, be sure it gets reinitialized to a negative - * number. - */ -static int fd = -1; -static int curpos; /* Position in tfbfr */ -static int lastpos; /* End of tfbfr */ -static char tfbfr[BUFSIZ]; /* Buffer for ticket data */ - -static int tf_gets(char *s, int n); -static int tf_read(void *s, int n); - -/* - * This file contains routines for manipulating the ticket cache file. - * - * The ticket file is in the following format: - * - * principal's name (null-terminated string) - * principal's instance (null-terminated string) - * CREDENTIAL_1 - * CREDENTIAL_2 - * ... - * CREDENTIAL_n - * EOF - * - * Where "CREDENTIAL_x" consists of the following fixed-length - * fields from the CREDENTIALS structure (see "krb.h"): - * - * char service[ANAME_SZ] - * char instance[INST_SZ] - * char realm[REALM_SZ] - * C_Block session - * int lifetime - * int kvno - * KTEXT_ST ticket_st - * u_int32_t issue_date - * - * Short description of routines: - * - * tf_init() opens the ticket file and locks it. - * - * tf_get_pname() returns the principal's name. - * - * tf_put_pname() writes the principal's name to the ticket file. - * - * tf_get_pinst() returns the principal's instance (may be null). - * - * tf_put_pinst() writes the instance. - * - * tf_get_cred() returns the next CREDENTIALS record. - * - * tf_save_cred() appends a new CREDENTIAL record to the ticket file. - * - * tf_close() closes the ticket file and releases the lock. - * - * tf_gets() returns the next null-terminated string. It's an internal - * routine used by tf_get_pname(), tf_get_pinst(), and tf_get_cred(). - * - * tf_read() reads a given number of bytes. It's an internal routine - * used by tf_get_cred(). - */ - -/* - * tf_init() should be called before the other ticket file routines. - * It takes the name of the ticket file to use, "tf_name", and a - * read/write flag "rw" as arguments. - * - * It tries to open the ticket file, checks the mode, and if everything - * is okay, locks the file. If it's opened for reading, the lock is - * shared. If it's opened for writing, the lock is exclusive. - * - * Returns KSUCCESS if all went well, otherwise one of the following: - * - * NO_TKT_FIL - file wasn't there - * TKT_FIL_ACC - file was in wrong mode, etc. - * TKT_FIL_LCK - couldn't lock the file, even after a retry - */ - -#ifdef _NO_LOCKING -#undef flock -#define flock(F, M) 0 -#endif - -int -tf_init(char *tf_name, int rw) -{ - /* Unix implementation */ - int wflag; - struct stat stat_buf; - int i_retry; - - switch (rw) { - case R_TKT_FIL: - wflag = 0; - break; - case W_TKT_FIL: - wflag = 1; - break; - default: - if (krb_debug) - krb_warning("tf_init: illegal parameter\n"); - return TKT_FIL_ACC; - } - if (lstat(tf_name, &stat_buf) < 0) - switch (errno) { - case ENOENT: - return NO_TKT_FIL; - default: - return TKT_FIL_ACC; - } - if (!S_ISREG(stat_buf.st_mode)) - return TKT_FIL_ACC; - - /* The code tries to guess when the calling program is running - * set-uid and prevent unauthorized access. - * - * All library functions now assume that the right set of userids - * are set upon entry, therefore it's not strictly necessary to - * perform these test for programs adhering to these assumptions. - * - * This doesn't work on cygwin because getuid() returns a different - * uid than the owner of files that are created. - */ -#ifndef __CYGWIN__ - { - uid_t me = getuid(); - if (stat_buf.st_uid != me && me != 0) - return TKT_FIL_ACC; - } -#endif - - /* - * If "wflag" is set, open the ticket file in append-writeonly mode - * and lock the ticket file in exclusive mode. If unable to lock - * the file, sleep and try again. If we fail again, return with the - * proper error message. - */ - - curpos = sizeof(tfbfr); - - - if (wflag) { - fd = open(tf_name, O_RDWR | O_BINARY, 0600); - if (fd < 0) { - return TKT_FIL_ACC; - } - for (i_retry = 0; i_retry < TF_LCK_RETRY_COUNT; i_retry++) { - if (flock(fd, LOCK_EX | LOCK_NB) < 0) { - if (krb_debug) - krb_warning("tf_init: retry %d of write lock of `%s'.\n", - i_retry, tf_name); - sleep (TF_LCK_RETRY); - } else { - return KSUCCESS; /* all done */ - } - } - close (fd); - fd = -1; - return TKT_FIL_LCK; - } - /* - * Otherwise "wflag" is not set and the ticket file should be opened - * for read-only operations and locked for shared access. - */ - - fd = open(tf_name, O_RDONLY | O_BINARY, 0600); - if (fd < 0) { - return TKT_FIL_ACC; - } - - for (i_retry = 0; i_retry < TF_LCK_RETRY_COUNT; i_retry++) { - if (flock(fd, LOCK_SH | LOCK_NB) < 0) { - if (krb_debug) - krb_warning("tf_init: retry %d of read lock of `%s'.\n", - i_retry, tf_name); - sleep (TF_LCK_RETRY); - } else { - return KSUCCESS; /* all done */ - } - } - /* failure */ - close(fd); - fd = -1; - return TKT_FIL_LCK; -} - -/* - * tf_create() should be called when creating a new ticket file. - * The only argument is the name of the ticket file. - * After calling this, it should be possible to use other tf_* functions. - * - * New algoritm for creating ticket file: - * 1. try to erase contents of existing file. - * 2. try to remove old file. - * 3. try to open with O_CREAT and O_EXCL - * 4. if this fails, someone has created a file in between 1 and 2 and - * we should fail. Otherwise, all is wonderful. - */ - -int -tf_create(char *tf_name) -{ - if (unlink (tf_name) && errno != ENOENT) - return TKT_FIL_ACC; - - fd = open(tf_name, O_RDWR | O_CREAT | O_EXCL | O_BINARY, 0600); - if (fd < 0) - return TKT_FIL_ACC; - if (flock(fd, LOCK_EX | LOCK_NB) < 0) { - sleep(TF_LCK_RETRY); - if (flock(fd, LOCK_EX | LOCK_NB) < 0) { - close(fd); - fd = -1; - return TKT_FIL_LCK; - } - } - return KSUCCESS; -} - -/* - * tf_get_pname() reads the principal's name from the ticket file. It - * should only be called after tf_init() has been called. The - * principal's name is filled into the "p" parameter. If all goes well, - * KSUCCESS is returned. If tf_init() wasn't called, TKT_FIL_INI is - * returned. If the name was null, or EOF was encountered, or the name - * was longer than ANAME_SZ, TKT_FIL_FMT is returned. - */ - -int -tf_get_pname(char *p) -{ - if (fd < 0) { - if (krb_debug) - krb_warning("tf_get_pname called before tf_init.\n"); - return TKT_FIL_INI; - } - if (tf_gets(p, ANAME_SZ) < 2) /* can't be just a null */ - { - if (krb_debug) - krb_warning ("tf_get_pname: pname < 2.\n"); - return TKT_FIL_FMT; - } - return KSUCCESS; -} - -/* - * tf_put_pname() sets the principal's name in the ticket file. Call - * after tf_create(). - */ - -int -tf_put_pname(const char *p) -{ - unsigned count; - - if (fd < 0) { - if (krb_debug) - krb_warning("tf_put_pname called before tf_create.\n"); - return TKT_FIL_INI; - } - count = strlen(p)+1; - if (write(fd,p,count) != count) - return(KFAILURE); - return KSUCCESS; -} - -/* - * tf_get_pinst() reads the principal's instance from a ticket file. - * It should only be called after tf_init() and tf_get_pname() have been - * called. The instance is filled into the "inst" parameter. If all - * goes well, KSUCCESS is returned. If tf_init() wasn't called, - * TKT_FIL_INI is returned. If EOF was encountered, or the instance - * was longer than ANAME_SZ, TKT_FIL_FMT is returned. Note that the - * instance may be null. - */ - -int -tf_get_pinst(char *inst) -{ - if (fd < 0) { - if (krb_debug) - krb_warning("tf_get_pinst called before tf_init.\n"); - return TKT_FIL_INI; - } - if (tf_gets(inst, INST_SZ) < 1) - { - if (krb_debug) - krb_warning("tf_get_pinst: inst_sz < 1.\n"); - return TKT_FIL_FMT; - } - return KSUCCESS; -} - -/* - * tf_put_pinst writes the principal's instance to the ticket file. - * Call after tf_create. - */ - -int -tf_put_pinst(const char *inst) -{ - unsigned count; - - if (fd < 0) { - if (krb_debug) - krb_warning("tf_put_pinst called before tf_create.\n"); - return TKT_FIL_INI; - } - count = strlen(inst)+1; - if (write(fd,inst,count) != count) - return(KFAILURE); - return KSUCCESS; -} - -/* - * tf_get_cred() reads a CREDENTIALS record from a ticket file and fills - * in the given structure "c". It should only be called after tf_init(), - * tf_get_pname(), and tf_get_pinst() have been called. If all goes well, - * KSUCCESS is returned. Possible error codes are: - * - * TKT_FIL_INI - tf_init wasn't called first - * TKT_FIL_FMT - bad format - * EOF - end of file encountered - */ - -static int -real_tf_get_cred(CREDENTIALS *c) -{ - KTEXT ticket = &c->ticket_st; /* pointer to ticket */ - int k_errno; - - if (fd < 0) { - if (krb_debug) - krb_warning ("tf_get_cred called before tf_init.\n"); - return TKT_FIL_INI; - } - if ((k_errno = tf_gets(c->service, SNAME_SZ)) < 2) - switch (k_errno) { - case TOO_BIG: - if (krb_debug) - krb_warning("tf_get_cred: too big service cred.\n"); - case 1: /* can't be just a null */ - tf_close(); - if (krb_debug) - krb_warning("tf_get_cred: null service cred.\n"); - return TKT_FIL_FMT; - case 0: - return EOF; - } - if ((k_errno = tf_gets(c->instance, INST_SZ)) < 1) - switch (k_errno) { - case TOO_BIG: - if (krb_debug) - krb_warning ("tf_get_cred: too big instance cred.\n"); - return TKT_FIL_FMT; - case 0: - return EOF; - } - if ((k_errno = tf_gets(c->realm, REALM_SZ)) < 2) - switch (k_errno) { - case TOO_BIG: - if (krb_debug) - krb_warning ("tf_get_cred: too big realm cred.\n"); - case 1: /* can't be just a null */ - tf_close(); - if (krb_debug) - krb_warning ("tf_get_cred: null realm cred.\n"); - return TKT_FIL_FMT; - case 0: - return EOF; - } - if ( - tf_read((c->session), DES_KEY_SZ) < 1 || - tf_read(&(c->lifetime), sizeof(c->lifetime)) < 1 || - tf_read(&(c->kvno), sizeof(c->kvno)) < 1 || - tf_read(&(ticket->length), sizeof(ticket->length)) - < 1 || - /* don't try to read a silly amount into ticket->dat */ - ticket->length > MAX_KTXT_LEN || - tf_read((ticket->dat), ticket->length) < 1 || - tf_read(&(c->issue_date), sizeof(c->issue_date)) < 1 - ) { - tf_close(); - if (krb_debug) - krb_warning ("tf_get_cred: failed tf_read.\n"); - return TKT_FIL_FMT; - } - return KSUCCESS; -} - -int -tf_get_cred(CREDENTIALS *c) -{ - int ret; - int fake; - - do { - fake = 0; - - ret = real_tf_get_cred (c); - if (ret) - return ret; - - if(strcmp(c->service, MAGIC_TICKET_NAME) == 0) { - if(strcmp(c->instance, MAGIC_TICKET_TIME_DIFF_INST) == 0) { - /* we found the magic `time diff' ticket; update the kdc time - differential, and then get the next ticket */ - u_int32_t d; - - krb_get_int(c->ticket_st.dat, &d, 4, 0); - krb_set_kdc_time_diff(d); - fake = 1; - } else if (strcmp(c->instance, MAGIC_TICKET_ADDR_INST) == 0) { - fake = 1; - } - } - } while (fake); - return ret; -} - -int -tf_get_cred_addr(char *realm, size_t realm_sz, struct in_addr *addr) -{ - int ret; - int fake; - CREDENTIALS cred; - - do { - fake = 1; - - ret = real_tf_get_cred (&cred); - if (ret) - return ret; - - if(strcmp(cred.service, MAGIC_TICKET_NAME) == 0) { - if(strcmp(cred.instance, MAGIC_TICKET_TIME_DIFF_INST) == 0) { - /* we found the magic `time diff' ticket; update the kdc time - differential, and then get the next ticket */ - u_int32_t d; - - krb_get_int(cred.ticket_st.dat, &d, 4, 0); - krb_set_kdc_time_diff(d); - } else if (strcmp(cred.instance, MAGIC_TICKET_ADDR_INST) == 0) { - strlcpy(realm, cred.realm, realm_sz); - memcpy (addr, cred.ticket_st.dat, sizeof(*addr)); - fake = 0; - } - } - } while (fake); - return ret; -} - -/* - * tf_close() closes the ticket file and sets "fd" to -1. If "fd" is - * not a valid file descriptor, it just returns. It also clears the - * buffer used to read tickets. - * - * The return value is not defined. - */ - -void -tf_close(void) -{ - if (!(fd < 0)) { - flock(fd, LOCK_UN); - close(fd); - fd = -1; /* see declaration of fd above */ - } - memset(tfbfr, 0, sizeof(tfbfr)); -} - -/* - * tf_gets() is an internal routine. It takes a string "s" and a count - * "n", and reads from the file until either it has read "n" characters, - * or until it reads a null byte. When finished, what has been read exists - * in "s". If it encounters EOF or an error, it closes the ticket file. - * - * Possible return values are: - * - * n the number of bytes read (including null terminator) - * when all goes well - * - * 0 end of file or read error - * - * TOO_BIG if "count" characters are read and no null is - * encountered. This is an indication that the ticket - * file is seriously ill. - */ - -static int -tf_gets(char *s, int n) -{ - int count; - - if (fd < 0) { - if (krb_debug) - krb_warning ("tf_gets called before tf_init.\n"); - return TKT_FIL_INI; - } - for (count = n - 1; count > 0; --count) { - if (curpos >= sizeof(tfbfr)) { - lastpos = read(fd, tfbfr, sizeof(tfbfr)); - curpos = 0; - } - if (curpos == lastpos) { - tf_close(); - return 0; - } - *s = tfbfr[curpos++]; - if (*s++ == '\0') - return (n - count); - } - tf_close(); - return TOO_BIG; -} - -/* - * tf_read() is an internal routine. It takes a string "s" and a count - * "n", and reads from the file until "n" bytes have been read. When - * finished, what has been read exists in "s". If it encounters EOF or - * an error, it closes the ticket file. - * - * Possible return values are: - * - * n the number of bytes read when all goes well - * - * 0 on end of file or read error - */ - -static int -tf_read(void *v, int n) -{ - char *s = (char *)v; - int count; - - for (count = n; count > 0; --count) { - if (curpos >= sizeof(tfbfr)) { - lastpos = read(fd, tfbfr, sizeof(tfbfr)); - curpos = 0; - } - if (curpos == lastpos) { - tf_close(); - return 0; - } - *s++ = tfbfr[curpos++]; - } - return n; -} - -/* - * tf_save_cred() appends an incoming ticket to the end of the ticket - * file. You must call tf_init() before calling tf_save_cred(). - * - * The "service", "instance", and "realm" arguments specify the - * server's name; "session" contains the session key to be used with - * the ticket; "kvno" is the server key version number in which the - * ticket is encrypted, "ticket" contains the actual ticket, and - * "issue_date" is the time the ticket was requested (local host's time). - * - * Returns KSUCCESS if all goes well, TKT_FIL_INI if tf_init() wasn't - * called previously, and KFAILURE for anything else that went wrong. - */ - -int -tf_save_cred(char *service, /* Service name */ - char *instance, /* Instance */ - char *realm, /* Auth domain */ - unsigned char *session, /* Session key */ - int lifetime, /* Lifetime */ - int kvno, /* Key version number */ - KTEXT ticket, /* The ticket itself */ - u_int32_t issue_date) /* The issue time */ -{ - int count; /* count for write */ - - if (fd < 0) { /* fd is ticket file as set by tf_init */ - if (krb_debug) - krb_warning ("tf_save_cred called before tf_init.\n"); - return TKT_FIL_INI; - } - /* Find the end of the ticket file */ - lseek(fd, 0L, SEEK_END); - - /* Write the ticket and associated data */ - /* Service */ - count = strlen(service) + 1; - if (write(fd, service, count) != count) - goto bad; - /* Instance */ - count = strlen(instance) + 1; - if (write(fd, instance, count) != count) - goto bad; - /* Realm */ - count = strlen(realm) + 1; - if (write(fd, realm, count) != count) - goto bad; - /* Session key */ - if (write(fd, session, 8) != 8) - goto bad; - /* Lifetime */ - if (write(fd, &lifetime, sizeof(int)) != sizeof(int)) - goto bad; - /* Key vno */ - if (write(fd, &kvno, sizeof(int)) != sizeof(int)) - goto bad; - /* Tkt length */ - if (write(fd, &(ticket->length), sizeof(int)) != - sizeof(int)) - goto bad; - /* Ticket */ - count = ticket->length; - if (write(fd, ticket->dat, count) != count) - goto bad; - /* Issue date */ - if (write(fd, &issue_date, sizeof(issue_date)) != sizeof(issue_date)) - goto bad; - - return (KSUCCESS); -bad: - return (KFAILURE); -} - -int -tf_setup(CREDENTIALS *cred, const char *pname, const char *pinst) -{ - int ret; - ret = tf_create(tkt_string()); - if (ret != KSUCCESS) - return ret; - - if (tf_put_pname(pname) != KSUCCESS || - tf_put_pinst(pinst) != KSUCCESS) { - tf_close(); - return INTK_ERR; - } - - if(krb_get_kdc_time_diff() != 0) { - /* Add an extra magic ticket containing the time differential - to the kdc. The first ticket defines which realm we belong - to, but since this ticket gets the same realm as the tgt, - this shouldn't be a problem */ - des_cblock s = { 0, 0, 0, 0, 0, 0, 0, 0 }; - KTEXT_ST t; - int d = krb_get_kdc_time_diff(); - krb_put_int(d, t.dat, sizeof(t.dat), 4); - t.length = 4; - tf_save_cred(MAGIC_TICKET_NAME, MAGIC_TICKET_TIME_DIFF_INST, - cred->realm, s, - cred->lifetime, 0, &t, cred->issue_date); - } - ret = tf_save_cred(cred->service, cred->instance, cred->realm, - cred->session, cred->lifetime, cred->kvno, - &cred->ticket_st, cred->issue_date); - tf_close(); - return ret; -} - -int -in_tkt(char *pname, char *pinst) -{ - int ret; - - ret = tf_create (tkt_string()); - if (ret != KSUCCESS) - return ret; - - if (tf_put_pname(pname) != KSUCCESS || - tf_put_pinst(pinst) != KSUCCESS) { - tf_close(); - return INTK_ERR; - } - - tf_close(); - return KSUCCESS; -} - -/* - * If there's a magic ticket with an address for realm `realm' in - * ticket file, return it in `addr'. - * realm == NULL means any realm. - */ - -int -tf_get_addr (const char *realm, struct in_addr *addr) -{ - CREDENTIALS cred; - krb_principal princ; - int ret; - - ret = tf_init (tkt_string (), R_TKT_FIL); - if (ret) - return ret; - - ret = tf_get_pname (princ.name); - if (ret) - goto out; - ret = tf_get_pinst (princ.name); - if (ret) - goto out; - while ((ret = real_tf_get_cred (&cred)) == KSUCCESS) { - if (strcmp (cred.service, MAGIC_TICKET_NAME) == 0 - && strcmp (cred.instance, MAGIC_TICKET_ADDR_INST) == 0 - && (realm == NULL - || strcmp (cred.realm, realm) == 0)) { - memcpy (addr, cred.ticket_st.dat, sizeof(*addr)); - goto out; - } - } - ret = KFAILURE; - -out: - tf_close (); - return ret; -} - -/* - * Store `realm, addr' as a magic ticket. - */ - -int -tf_store_addr (const char *realm, struct in_addr *addr) -{ - CREDENTIALS c; - krb_principal princ; - int ret; - des_cblock s = { 0, 0, 0, 0, 0, 0, 0, 0 }; - KTEXT_ST t; - - ret = tf_init (tkt_string (), W_TKT_FIL); - if (ret) - return ret; - - t.length = sizeof(*addr); - memcpy (t.dat, addr, sizeof(*addr)); - - ret = tf_save_cred (MAGIC_TICKET_NAME, MAGIC_TICKET_ADDR_INST, - (char *)realm, s, 0, /* lifetime */ - 0, /* kvno */ - &t, time(NULL)); - tf_close (); - return ret; -} diff --git a/crypto/kerberosIV/lib/krb/ticket_memory.c b/crypto/kerberosIV/lib/krb/ticket_memory.c deleted file mode 100644 index f694190..0000000 --- a/crypto/kerberosIV/lib/krb/ticket_memory.c +++ /dev/null @@ -1,435 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* ticket_memory.c - Storage for tickets in memory - * Author: d93-jka@nada.kth.se - June 1996 - */ - -#define WIN32_LEAN_AND_MEAN -#include <Windows.h> -#include "krb_locl.h" -#include "ticket_memory.h" - -RCSID("$Id: ticket_memory.c,v 1.15 1999/12/02 16:58:44 joda Exp $"); - -void msg(char *text, int error); - -/* Global variables for memory mapping. */ -HANDLE SharedMemoryHandle; -tktmem *SharedMemory; - -static int CredIndex = -1; - -void PostUpdateMessage(void); - -int -newTktMem(const char *tf_name) -{ - if(!SharedMemory){ - SharedMemoryHandle = CreateFileMapping((HANDLE)-1, 0, - PAGE_READWRITE, - sizeof(tktmem) >> 16, - sizeof(tktmem) & 0xffff, - "krb_memory"); - - if(!SharedMemoryHandle){ - msg("Could not create shared memory.", GetLastError()); - return KFAILURE; - } - - SharedMemory = MapViewOfFile(SharedMemoryHandle, - FILE_MAP_WRITE, 0, 0, 0); - if(!SharedMemory){ - msg("Unable to alloc shared memory.", GetLastError()); - return KFAILURE; - } - if(GetLastError() != ERROR_ALREADY_EXISTS) { - memset(SharedMemory, 0, sizeof(*SharedMemory)); - if(tf_name) - strlcpy(SharedMemory->tmname, - tf_name, sizeof(SharedMemory->tmname)); - } - } - CredIndex = 0; - return KSUCCESS; -} - -int -freeTktMem(const char *tf_name) -{ - if(SharedMemory) { - UnmapViewOfFile(SharedMemory); - CloseHandle(SharedMemoryHandle); - } - return KSUCCESS; -} - - - -tktmem * -getTktMem(const char *tf_name) -{ - return SharedMemory; -} - -void -firstCred(void) -{ - if(getTktMem(0)->last_cred_no > 0) - CredIndex = 0; - else - CredIndex = -1; -} - -int -nextCredIndex(void) -{ - const tktmem *mem; - int last; - mem = getTktMem(0); - last = mem->last_cred_no; - if(CredIndex >= 0 && CredIndex < last ) - return CredIndex++; - else - return CredIndex = -1; -} - -int -currCredIndex(void) -{ - const tktmem *mem; - int last; - mem = getTktMem(0); - last = mem->last_cred_no; - if(CredIndex >= 0 && CredIndex < last) - return CredIndex; - else - return CredIndex = -1; -} - -int -nextFreeIndex(void) -{ - tktmem *mem = getTktMem(0); - if(mem->last_cred_no > CRED_VEC_SZ) - return -1; - else - return mem->last_cred_no++; -} - -/* - * in_tkt() is used to initialize the ticket store. It creates the - * file to contain the tickets and writes the given user's name "pname" - * and instance "pinst" in the file. in_tkt() returns KSUCCESS on - * success, or KFAILURE if something goes wrong. - */ - -int -in_tkt(char *pname, char *pinst) -{ - /* Here goes code to initialize shared memory, to store tickets in. */ - /* Implemented somewhere else. */ - return KFAILURE; -} - -/* - * dest_tkt() is used to destroy the ticket store upon logout. - * If the ticket file does not exist, dest_tkt() returns RET_TKFIL. - * Otherwise the function returns RET_OK on success, KFAILURE on - * failure. - * - * The ticket file (TKT_FILE) is defined in "krb.h". - */ - -int -dest_tkt(void) -{ - memset(getTktMem(0), 0, sizeof(tktmem)); - return 0; -} - -/* Short description of routines: - * - * tf_init() opens the ticket file and locks it. - * - * tf_get_pname() returns the principal's name. - * - * tf_put_pname() writes the principal's name to the ticket file. - * - * tf_get_pinst() returns the principal's instance (may be null). - * - * tf_put_pinst() writes the instance. - * - * tf_get_cred() returns the next CREDENTIALS record. - * - * tf_save_cred() appends a new CREDENTIAL record to the ticket file. - * - * tf_close() closes the ticket file and releases the lock. - * - * tf_gets() returns the next null-terminated string. It's an internal - * routine used by tf_get_pname(), tf_get_pinst(), and tf_get_cred(). - * - * tf_read() reads a given number of bytes. It's an internal routine - * used by tf_get_cred(). - */ - -/* - * tf_init() should be called before the other ticket file routines. - * It takes the name of the ticket file to use, "tf_name", and a - * read/write flag "rw" as arguments. - * - * Returns KSUCCESS if all went well, otherwise one of the following: - * - * NO_TKT_FIL - file wasn't there - * TKT_FIL_ACC - file was in wrong mode, etc. - * TKT_FIL_LCK - couldn't lock the file, even after a retry - */ - -int -tf_init(char *tf_name, int rw) -{ - if(!getTktMem(tf_name)) - return NO_TKT_FIL; - firstCred(); - return KSUCCESS; -} - -/* - * tf_create() should be called when creating a new ticket file. - * The only argument is the name of the ticket file. - * After calling this, it should be possible to use other tf_* functions. - */ - -int -tf_create(char *tf_name) -{ - if(newTktMem(tf_name) != KSUCCESS) - return NO_TKT_FIL; - return KSUCCESS; -} - -/* - * tf_get_pname() reads the principal's name from the ticket file. It - * should only be called after tf_init() has been called. The - * principal's name is filled into the "p" parameter. If all goes well, - * KSUCCESS is returned. If tf_init() wasn't called, TKT_FIL_INI is - * returned. If the name was null, or EOF was encountered, or the name - * was longer than ANAME_SZ, TKT_FIL_FMT is returned. - */ - -int -tf_get_pname(char *p) -{ - tktmem *TktStore; - - if(!(TktStore = getTktMem(0))) - return KFAILURE; - if(!TktStore->pname[0]) - return KFAILURE; - strlcpy(p, TktStore->pname, ANAME_SZ); - return KSUCCESS; -} - -/* - * tf_put_pname() sets the principal's name in the ticket file. Call - * after tf_create(). - */ - -int -tf_put_pname(char *p) -{ - tktmem *TktStore; - - if(!(TktStore = getTktMem(0))) - return KFAILURE; - strlcpy(TktStore->pname, p, sizeof(TktStore->pname)); - return KSUCCESS; -} - -/* - * tf_get_pinst() reads the principal's instance from a ticket file. - * It should only be called after tf_init() and tf_get_pname() have been - * called. The instance is filled into the "inst" parameter. If all - * goes well, KSUCCESS is returned. If tf_init() wasn't called, - * TKT_FIL_INI is returned. If EOF was encountered, or the instance - * was longer than ANAME_SZ, TKT_FIL_FMT is returned. Note that the - * instance may be null. - */ - -int -tf_get_pinst(char *inst) -{ - tktmem *TktStore; - - if(!(TktStore = getTktMem(0))) - return KFAILURE; - strlcpy(inst, TktStore->pinst, INST_SZ); - return KSUCCESS; -} - -/* - * tf_put_pinst writes the principal's instance to the ticket file. - * Call after tf_create. - */ - -int -tf_put_pinst(char *inst) -{ - tktmem *TktStore; - - if(!(TktStore = getTktMem(0))) - return KFAILURE; - strlcpy(TktStore->pinst, inst, sizeof(TktStore->pinst)); - return KSUCCESS; -} - -/* - * tf_get_cred() reads a CREDENTIALS record from a ticket file and fills - * in the given structure "c". It should only be called after tf_init(), - * tf_get_pname(), and tf_get_pinst() have been called. If all goes well, - * KSUCCESS is returned. Possible error codes are: - * - * TKT_FIL_INI - tf_init wasn't called first - * TKT_FIL_FMT - bad format - * EOF - end of file encountered - */ - -int -tf_get_cred(CREDENTIALS *c) -{ - int index; - CREDENTIALS *cred; - tktmem *TktStore; - - if(!(TktStore = getTktMem(0))) - return KFAILURE; - krb_set_kdc_time_diff(TktStore->kdc_diff); - if((index = nextCredIndex()) == -1) - return EOF; - if(!(cred = TktStore->cred_vec+index)) - return KFAILURE; - if(!c) - return KFAILURE; - memcpy(c, cred, sizeof(*c)); - return KSUCCESS; -} - -/* - * tf_close() closes the ticket file and sets "fd" to -1. If "fd" is - * not a valid file descriptor, it just returns. It also clears the - * buffer used to read tickets. - */ - -void -tf_close(void) -{ -} - -/* - * tf_save_cred() appends an incoming ticket to the end of the ticket - * file. You must call tf_init() before calling tf_save_cred(). - * - * The "service", "instance", and "realm" arguments specify the - * server's name; "session" contains the session key to be used with - * the ticket; "kvno" is the server key version number in which the - * ticket is encrypted, "ticket" contains the actual ticket, and - * "issue_date" is the time the ticket was requested (local host's time). - * - * Returns KSUCCESS if all goes well, TKT_FIL_INI if tf_init() wasn't - * called previously, and KFAILURE for anything else that went wrong. - */ - -int -tf_save_cred(char *service, /* Service name */ - char *instance, /* Instance */ - char *realm, /* Auth domain */ - unsigned char *session, /* Session key */ - int lifetime, /* Lifetime */ - int kvno, /* Key version number */ - KTEXT ticket, /* The ticket itself */ - u_int32_t issue_date) /* The issue time */ -{ - CREDENTIALS *cred; - tktmem *mem = getTktMem(0); - int last = nextFreeIndex(); - - if(last == -1) - return KFAILURE; - cred = mem->cred_vec+last; - strlcpy(cred->service, service, sizeof(cred->service)); - strlcpy(cred->instance, instance, sizeof(cred->instance)); - strlcpy(cred->realm, realm, sizeof(cred->realm)); - memcpy(cred->session, session, sizeof(cred->session)); - cred->lifetime = lifetime; - cred->kvno = kvno; - memcpy(&(cred->ticket_st), ticket, sizeof(*ticket)); - cred->issue_date = issue_date; - strlcpy(cred->pname, mem->pname, sizeof(cred->pname)); - strlcpy(cred->pinst, mem->pinst, sizeof(cred->pinst)); - PostUpdateMessage(); - return KSUCCESS; -} - - -static void -set_time_diff(time_t diff) -{ - tktmem *TktStore = getTktMem(0); - if(TktStore == NULL) - return; - TktStore->kdc_diff = diff; -} - - -int -tf_setup(CREDENTIALS *cred, char *pname, char *pinst) -{ - int ret; - ret = tf_create(tkt_string()); - if (ret != KSUCCESS) - return ret; - - if (tf_put_pname(pname) != KSUCCESS || - tf_put_pinst(pinst) != KSUCCESS) { - tf_close(); - return INTK_ERR; - } - - set_time_diff(krb_get_kdc_time_diff()); - - ret = tf_save_cred(cred->service, cred->instance, cred->realm, - cred->session, cred->lifetime, cred->kvno, - &cred->ticket_st, cred->issue_date); - tf_close(); - return ret; -} diff --git a/crypto/kerberosIV/lib/krb/ticket_memory.h b/crypto/kerberosIV/lib/krb/ticket_memory.h deleted file mode 100644 index 72fb686..0000000 --- a/crypto/kerberosIV/lib/krb/ticket_memory.h +++ /dev/null @@ -1,65 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* ticket_memory.h - Storage for tickets in memory - * Author: d93-jka@nada.kth.se - June 1996 - */ - -/* $Id: ticket_memory.h,v 1.8 1999/12/02 16:58:44 joda Exp $ */ - -#ifndef TICKET_MEMORY_H -#define TICKET_MEMORY_H - -#include "krb_locl.h" - -#define CRED_VEC_SZ 20 - -typedef struct _tktmem -{ - char tmname[64]; - char pname[ANAME_SZ]; /* Principal's name */ - char pinst[INST_SZ]; /* Principal's instance */ - int last_cred_no; - CREDENTIALS cred_vec[CRED_VEC_SZ]; - time_t kdc_diff; -} tktmem; - -int newTktMem(const char *tf_name); -int freeTktMem(const char *tf_name); -tktmem *getTktMem(const char *tf_name); -void firstCred(void); -int nextCredIndex(void); -int currCredIndex(void); -int nextFreeIndex(void); - -#endif /* TICKET_MEMORY_H */ diff --git a/crypto/kerberosIV/lib/krb/time.c b/crypto/kerberosIV/lib/krb/time.c deleted file mode 100644 index 015259b..0000000 --- a/crypto/kerberosIV/lib/krb/time.c +++ /dev/null @@ -1,71 +0,0 @@ -/* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: time.c,v 1.4 1999/12/02 16:58:44 joda Exp $"); - -/* number of seconds the kdc clock is ahead of us */ -static int time_diff; - -void -krb_set_kdc_time_diff(int diff) -{ - time_diff = diff; - if(krb_debug) - krb_warning("Setting time diff to %d\n", diff); -} - -int -krb_get_kdc_time_diff(void) -{ - return time_diff; -} - -/* return the time at the kdc (local time corrected with a time - differential) */ -void -krb_kdctimeofday(struct timeval *tv) -{ - time_t t; - - gettimeofday(tv, NULL); - t = tv->tv_sec; - - if(krb_debug) - krb_warning("Machine time: %s", ctime(&t)); - t += krb_get_kdc_time_diff(); - if(krb_debug) - krb_warning("Correcting to %s", ctime(&t)); - tv->tv_sec = t; -} diff --git a/crypto/kerberosIV/lib/krb/tkt_string.c b/crypto/kerberosIV/lib/krb/tkt_string.c deleted file mode 100644 index 0aa787c..0000000 --- a/crypto/kerberosIV/lib/krb/tkt_string.c +++ /dev/null @@ -1,75 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: tkt_string.c,v 1.15 1999/09/16 20:41:55 assar Exp $"); - -/* - * This routine is used to generate the name of the file that holds - * the user's cache of server tickets and associated session keys. - * - * If it is set, krb_ticket_string contains the ticket file name. - * Otherwise, the filename is constructed as follows: - * - * If it is set, the environment variable "KRBTKFILE" will be used as - * the ticket file name. Otherwise TKT_ROOT (defined in "krb.h") and - * the user's uid are concatenated to produce the ticket file name - * (e.g., "/tmp/tkt123"). A pointer to the string containing the ticket - * file name is returned. - */ - -static char krb_ticket_string[MaxPathLen] = ""; - -char * -tkt_string(void) -{ - char *env; - - if (!*krb_ticket_string) { - if ((env = getenv("KRBTKFILE"))) { - strlcpy (krb_ticket_string, - env, - sizeof(krb_ticket_string)); - } else { - snprintf(krb_ticket_string, sizeof(krb_ticket_string), - "%s%u",TKT_ROOT, (unsigned)getuid()); - } - } - return krb_ticket_string; -} - -/* - * This routine is used to set the name of the file that holds the user's - * cache of server tickets and associated session keys. - * - * The value passed in is copied into local storage. - * - * NOTE: This routine should be called during initialization, before other - * Kerberos routines are called; otherwise tkt_string() above may be called - * and return an undesired ticket file name until this routine is called. - */ - -void -krb_set_tkt_string(const char *val) -{ - strlcpy (krb_ticket_string, val, sizeof(krb_ticket_string)); -} diff --git a/crypto/kerberosIV/lib/krb/unparse_name.c b/crypto/kerberosIV/lib/krb/unparse_name.c deleted file mode 100644 index 36f0a71..0000000 --- a/crypto/kerberosIV/lib/krb/unparse_name.c +++ /dev/null @@ -1,102 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: unparse_name.c,v 1.10 1999/12/02 16:58:44 joda Exp $"); - -static void -quote_string(char *quote, char *from, char *to) -{ - while(*from){ - if(strchr(quote, *from)) - *to++ = '\\'; - *to++ = *from++; - } - *to = 0; -} - -/* To be compatible with old functions, we quote differently in each - part of the principal*/ - -char * -krb_unparse_name_r(krb_principal *pr, char *fullname) -{ - quote_string("'@\\", pr->name, fullname); - if(pr->instance[0]){ - strcat(fullname, "."); - quote_string("@\\", pr->instance, fullname + strlen(fullname)); - } - if(pr->realm[0]){ - strcat(fullname, "@"); - quote_string("\\", pr->realm, fullname + strlen(fullname)); - } - return fullname; -} - -char * -krb_unparse_name_long_r(char *name, char *instance, char *realm, - char *fullname) -{ - krb_principal pr; - - memset(&pr, 0, sizeof(pr)); - strlcpy(pr.name, name, sizeof(pr.name)); - if(instance) - strlcpy(pr.instance, instance, sizeof(pr.instance)); - if(realm) - strlcpy(pr.realm, realm, sizeof(pr.realm)); - return krb_unparse_name_r(&pr, fullname); -} - -char * -krb_unparse_name(krb_principal *pr) -{ - static char principal[MAX_K_NAME_SZ]; - krb_unparse_name_r(pr, principal); - return principal; -} - -char * -krb_unparse_name_long(char *name, char *instance, char *realm) -{ - krb_principal pr; - - memset(&pr, 0, sizeof(pr)); - strlcpy(pr.name, name, sizeof(pr.name)); - if(instance) - strlcpy(pr.instance, instance, sizeof(pr.instance)); - if(realm) - strlcpy(pr.realm, realm, sizeof(pr.realm)); - return krb_unparse_name(&pr); -} diff --git a/crypto/kerberosIV/lib/krb/verify_user.c b/crypto/kerberosIV/lib/krb/verify_user.c deleted file mode 100644 index 24138e2..0000000 --- a/crypto/kerberosIV/lib/krb/verify_user.c +++ /dev/null @@ -1,184 +0,0 @@ -/* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: verify_user.c,v 1.17.2.2 2000/12/15 14:43:37 assar Exp $"); - -/* - * Verify user (name.instance@realm) with `password'. - * - * If secure, also verify against local - * service key (`linstance'.hostname) (or rcmd if linstance == NULL), - * this can (usually) only be done by root. - * - * If secure == KRB_VERIFY_SECURE, fail if there's no key. - * If secure == KRB_VERIFY_SECURE_FAIL, don't fail if there's no such - * key in the srvtab. - * - * As a side effect, fresh tickets are obtained. - * - * srvtab is where the key is found. - * - * Returns zero if ok, a positive kerberos error or -1 for system - * errors. - */ - -static int -krb_verify_user_srvtab_exact(char *name, - char *instance, - char *realm, - char *password, - int secure, - char *linstance, - char *srvtab) -{ - int ret; - - ret = krb_get_pw_in_tkt(name, instance, realm, - KRB_TICKET_GRANTING_TICKET, - realm, - DEFAULT_TKT_LIFE, password); - if(ret != KSUCCESS) - return ret; - - if(secure == KRB_VERIFY_SECURE || secure == KRB_VERIFY_SECURE_FAIL){ - struct hostent *hp; - int32_t addr; - - KTEXT_ST ticket; - AUTH_DAT auth; - int n; - - char lrealm[REALM_SZ]; - char hostname[MaxHostNameLen]; - char *phost; - - if (gethostname(hostname, sizeof(hostname)) == -1) { - dest_tkt(); - return -1; - } - - hp = gethostbyname(hostname); - if(hp == NULL){ - dest_tkt(); - return -1; - } - memcpy(&addr, hp->h_addr, sizeof(addr)); - phost = krb_get_phost(hostname); - if (linstance == NULL) - linstance = "rcmd"; - - ret = KFAILURE; - - for (n = 1; krb_get_lrealm(lrealm, n) == KSUCCESS; ++n) { - if(secure == KRB_VERIFY_SECURE_FAIL) { - des_cblock key; - ret = read_service_key(linstance, phost, lrealm, 0, srvtab, - &key); - memset(key, 0, sizeof(key)); - if(ret == KFAILURE) - continue; - } - - ret = krb_mk_req(&ticket, linstance, phost, lrealm, 0); - if(ret == KSUCCESS) { - ret = krb_rd_req(&ticket, linstance, phost, addr, &auth, - srvtab); - if (ret == KSUCCESS) - break; - } - } - if (ret != KSUCCESS) { - dest_tkt(); - return ret; - } - } - return 0; -} - -/* - * Try to verify the user and password against all the local realms. - */ - -int -krb_verify_user_srvtab(char *name, - char *instance, - char *realm, - char *password, - int secure, - char *linstance, - char *srvtab) -{ - int ret; - int n; - char rlm[256]; - - /* First try to verify against the supplied realm. */ - ret = krb_verify_user_srvtab_exact(name, instance, realm, password, - secure, linstance, srvtab); - if (ret == KSUCCESS) - return KSUCCESS; - - /* Verify all local realms, except the supplied realm. */ - for (n = 1; krb_get_lrealm(rlm, n) == KSUCCESS; n++) - if (strcmp(rlm, realm) != 0) { - ret = krb_verify_user_srvtab_exact(name, instance, rlm, password, - secure, linstance, srvtab); - if (ret == KSUCCESS) - return KSUCCESS; - } - - return ret; -} - -/* - * Compat function without srvtab. - */ - -int -krb_verify_user(char *name, - char *instance, - char *realm, - char *password, - int secure, - char *linstance) -{ - return krb_verify_user_srvtab (name, - instance, - realm, - password, - secure, - linstance, - (char *)KEYFILE); -} |