diff options
Diffstat (limited to 'crypto/kerberosIV/lib')
175 files changed, 25485 insertions, 0 deletions
diff --git a/crypto/kerberosIV/lib/Makefile.in b/crypto/kerberosIV/lib/Makefile.in new file mode 100644 index 0000000..b2e662c --- /dev/null +++ b/crypto/kerberosIV/lib/Makefile.in @@ -0,0 +1,46 @@ +# +# $Id: Makefile.in,v 1.21 1997/05/20 18:58:40 bg Exp $ +# + +srcdir = @srcdir@ +VPATH = @srcdir@ + +SHELL = /bin/sh + +@SET_MAKE@ + +SUBDIRS = des krb kdb kadm acl kafs roken otp auth sl editline + +all: + for i in $(SUBDIRS); \ + do (cd $$i && $(MAKE) $(MFLAGS) all); done + +Wall: + make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" + +install: + for i in $(SUBDIRS); \ + do (cd $$i && $(MAKE) $(MFLAGS) install); done + +uninstall: + for i in $(SUBDIRS); \ + do (cd $$i && $(MAKE) $(MFLAGS) uninstall); done + +check: all + for i in $(SUBDIRS); \ + do (cd $$i && $(MAKE) $(MFLAGS) check); done + +clean: + for i in $(SUBDIRS); \ + do (cd $$i && $(MAKE) $(MFLAGS) clean); done + +mostlyclean: clean + +distclean: + for i in $(SUBDIRS); \ + do (cd $$i && $(MAKE) $(MFLAGS) distclean); done + rm -f Makefile config.status *~ + +realclean: + for i in $(SUBDIRS); \ + do (cd $$i && $(MAKE) $(MFLAGS) realclean); done diff --git a/crypto/kerberosIV/lib/acl/Makefile.in b/crypto/kerberosIV/lib/acl/Makefile.in new file mode 100644 index 0000000..59894e4 --- /dev/null +++ b/crypto/kerberosIV/lib/acl/Makefile.in @@ -0,0 +1,84 @@ +# +# $Id: Makefile.in,v 1.21 1997/05/06 03:46:37 assar Exp $ +# + +SHELL = /bin/sh + +srcdir = @srcdir@ +VPATH = @srcdir@ + +CC = @CC@ +AR = ar +RANLIB = @RANLIB@ +DEFS = @DEFS@ +CFLAGS = @CFLAGS@ + +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +MKINSTALLDIRS = @top_srcdir@/mkinstalldirs + +prefix = @prefix@ +exec_prefix = @exec_prefix@ +libdir = @libdir@ + +PICFLAGS = # @PICFLAGS@ + +LIBNAME = $(LIBPREFIX)acl +#LIBEXT = @LIBEXT@ Always build archive library! +LIBEXT = a +LIBPREFIX = @LIBPREFIX@ +SHLIBEXT = @SHLIBEXT@ +LDSHARED = @LDSHARED@ +LIB = $(LIBNAME).$(LIBEXT) + +SOURCES = acl_files.c + +OBJECTS = acl_files.o + +all: $(LIB) + +Wall: + make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" + +.c.o: + $(CC) -c $(CPPFLAGS) $(DEFS) -I../../include -I$(srcdir) $(CFLAGS) $(PICFLAGS) $< + +install: all + $(MKINSTALLDIRS) $(libdir) + $(INSTALL_DATA) -m 0555 $(LIB) $(libdir) + +uninstall: + rm -f $(libdir)/$(LIB) + +TAGS: $(SOURCES) + etags $(SOURCES) + +check: + +clean: + rm -f $(LIB) *.o *.a + +mostlyclean: clean + +distclean: clean + rm -f Makefile *.tab.c *~ + +realclean: distclean + rm -f TAGS + +dist: $(DISTFILES) + for file in $(DISTFILES); do \ + ln $$file ../`cat ../.fname`/lib \ + || cp -p $$file ../`cat ../.fname`/lib; \ + done + +$(LIBNAME).a: $(OBJECTS) + rm -f $@ + $(AR) cr $@ $(OBJECTS) + -$(RANLIB) $@ + +$(LIBNAME).$(SHLIBEXT): $(OBJECTS) + rm -f $@ + $(LDSHARED) -o $@ $(OBJECTS) + +$(OBJECTS): ../../include/config.h diff --git a/crypto/kerberosIV/lib/acl/acl.h b/crypto/kerberosIV/lib/acl/acl.h new file mode 100644 index 0000000..305b66c --- /dev/null +++ b/crypto/kerberosIV/lib/acl/acl.h @@ -0,0 +1,53 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: acl.h,v 1.5 1997/04/01 08:17:52 joda Exp $ */ + +#ifndef __ACL_H +#define __ACL_H + +#include <sys/cdefs.h> + +void acl_canonicalize_principal __P((char *principal, char *canon)); +int acl_initialize __P((char *acl_file, int perm)); +int acl_exact_match __P((char *acl, char *principal)); +int acl_check __P((char *acl, char *principal)); +int acl_add __P((char *acl, char *principal)); +int acl_delete __P((char *acl, char *principal)); + +#endif /* __ACL_H */ diff --git a/crypto/kerberosIV/lib/acl/acl_files.c b/crypto/kerberosIV/lib/acl/acl_files.c new file mode 100644 index 0000000..fc00b80 --- /dev/null +++ b/crypto/kerberosIV/lib/acl/acl_files.c @@ -0,0 +1,540 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + + */ + +#include "config.h" +#include "protos.h" + +RCSID("$Id: acl_files.c,v 1.10 1997/05/02 14:28:56 assar Exp $"); + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#include <time.h> +#ifdef HAVE_FCNTL_H +#include <fcntl.h> +#endif +#ifdef HAVE_SYS_FILE_H +#include <sys/file.h> +#endif +#ifdef HAVE_SYS_STAT_H +#include <sys/stat.h> +#endif + +#include <errno.h> +#include <ctype.h> + +#include <roken.h> + +#include <krb.h> +#include <acl.h> + +/*** Routines for manipulating access control list files ***/ + +/* "aname.inst@realm" */ +#define MAX_PRINCIPAL_SIZE (ANAME_SZ + INST_SZ + REALM_SZ + 3) +#define INST_SEP '.' +#define REALM_SEP '@' + +#define LINESIZE 2048 /* Maximum line length in an acl file */ + +#define NEW_FILE "%s.~NEWACL~" /* Format for name of altered acl file */ +#define WAIT_TIME 300 /* Maximum time allowed write acl file */ + +#define CACHED_ACLS 8 /* How many acls to cache */ + /* Each acl costs 1 open file descriptor */ +#define ACL_LEN 16 /* Twice a reasonable acl length */ + +#define COR(a,b) ((a!=NULL)?(a):(b)) + +/* Canonicalize a principal name */ +/* If instance is missing, it becomes "" */ +/* If realm is missing, it becomes the local realm */ +/* Canonicalized form is put in canon, which must be big enough to hold + MAX_PRINCIPAL_SIZE characters */ +void +acl_canonicalize_principal(char *principal, char *canon) +{ + char *dot, *atsign, *end; + int len; + + dot = strchr(principal, INST_SEP); + atsign = strchr(principal, REALM_SEP); + + /* Maybe we're done already */ + if(dot != NULL && atsign != NULL) { + if(dot < atsign) { + /* It's for real */ + /* Copy into canon */ + strncpy(canon, principal, MAX_PRINCIPAL_SIZE); + canon[MAX_PRINCIPAL_SIZE-1] = '\0'; + return; + } else { + /* Nope, it's part of the realm */ + dot = NULL; + } + } + + /* No such luck */ + end = principal + strlen(principal); + + /* Get the principal name */ + len = min(ANAME_SZ, COR(dot, COR(atsign, end)) - principal); + strncpy(canon, principal, len); + canon += len; + + /* Add INST_SEP */ + *canon++ = INST_SEP; + + /* Get the instance, if it exists */ + if(dot != NULL) { + ++dot; + len = min(INST_SZ, COR(atsign, end) - dot); + strncpy(canon, dot, len); + canon += len; + } + + /* Add REALM_SEP */ + *canon++ = REALM_SEP; + + /* Get the realm, if it exists */ + /* Otherwise, default to local realm */ + if(atsign != NULL) { + ++atsign; + len = min(REALM_SZ, end - atsign); + strncpy(canon, atsign, len); + canon += len; + *canon++ = '\0'; + } else if(krb_get_lrealm(canon, 1) != KSUCCESS) { + strcpy(canon, KRB_REALM); + } +} + +/* Get a lock to modify acl_file */ +/* Return new FILE pointer */ +/* or NULL if file cannot be modified */ +/* REQUIRES WRITE PERMISSION TO CONTAINING DIRECTORY */ +static +FILE *acl_lock_file(char *acl_file) +{ + struct stat s; + char new[LINESIZE]; + int nfd; + FILE *nf; + int mode; + + if(stat(acl_file, &s) < 0) return(NULL); + mode = s.st_mode; + snprintf(new, sizeof(new), NEW_FILE, acl_file); + for(;;) { + /* Open the new file */ + if((nfd = open(new, O_WRONLY|O_CREAT|O_EXCL, mode)) < 0) { + if(errno == EEXIST) { + /* Maybe somebody got here already, maybe it's just old */ + if(stat(new, &s) < 0) return(NULL); + if(time(0) - s.st_ctime > WAIT_TIME) { + /* File is stale, kill it */ + unlink(new); + continue; + } else { + /* Wait and try again */ + sleep(1); + continue; + } + } else { + /* Some other error, we lose */ + return(NULL); + } + } + + /* If we got to here, the lock file is ours and ok */ + /* Reopen it under stdio */ + if((nf = fdopen(nfd, "w")) == NULL) { + /* Oops, clean up */ + unlink(new); + } + return(nf); + } +} + +/* Abort changes to acl_file written onto FILE *f */ +/* Returns 0 if successful, < 0 otherwise */ +/* Closes f */ +static int +acl_abort(char *acl_file, FILE *f) +{ + char new[LINESIZE]; + int ret; + struct stat s; + + /* make sure we aren't nuking someone else's file */ + if(fstat(fileno(f), &s) < 0 + || s.st_nlink == 0) { + fclose(f); + return(-1); + } else { + snprintf(new, sizeof(new), NEW_FILE, acl_file); + ret = unlink(new); + fclose(f); + return(ret); + } +} + +/* Commit changes to acl_file written onto FILE *f */ +/* Returns zero if successful */ +/* Returns > 0 if lock was broken */ +/* Returns < 0 if some other error occurs */ +/* Closes f */ +static int +acl_commit(char *acl_file, FILE *f) +{ + char new[LINESIZE]; + int ret; + struct stat s; + + snprintf(new, sizeof(new), NEW_FILE, acl_file); + if(fflush(f) < 0 + || fstat(fileno(f), &s) < 0 + || s.st_nlink == 0) { + acl_abort(acl_file, f); + return(-1); + } + + ret = rename(new, acl_file); + fclose(f); + return(ret); +} + +/* Initialize an acl_file */ +/* Creates the file with permissions perm if it does not exist */ +/* Erases it if it does */ +/* Returns return value of acl_commit */ +int +acl_initialize(char *acl_file, int perm) +{ + FILE *new; + int fd; + + /* Check if the file exists already */ + if((new = acl_lock_file(acl_file)) != NULL) { + return(acl_commit(acl_file, new)); + } else { + /* File must be readable and writable by owner */ + if((fd = open(acl_file, O_CREAT|O_EXCL, perm|0600)) < 0) { + return(-1); + } else { + close(fd); + return(0); + } + } +} + +/* Eliminate all whitespace character in buf */ +/* Modifies its argument */ +static void + nuke_whitespace(char *buf) +{ + char *pin, *pout; + + for(pin = pout = buf; *pin != '\0'; pin++) + if(!isspace(*pin)) *pout++ = *pin; + *pout = '\0'; /* Terminate the string */ +} + +/* Hash table stuff */ + +struct hashtbl { + int size; /* Max number of entries */ + int entries; /* Actual number of entries */ + char **tbl; /* Pointer to start of table */ +}; + +/* Make an empty hash table of size s */ +static struct hashtbl * +make_hash(int size) +{ + struct hashtbl *h; + + if(size < 1) size = 1; + h = (struct hashtbl *) malloc(sizeof(struct hashtbl)); + h->size = size; + h->entries = 0; + h->tbl = (char **) calloc(size, sizeof(char *)); + return(h); +} + +/* Destroy a hash table */ +static void +destroy_hash(struct hashtbl *h) +{ + int i; + + for(i = 0; i < h->size; i++) { + if(h->tbl[i] != NULL) free(h->tbl[i]); + } + free(h->tbl); + free(h); +} + +/* Compute hash value for a string */ +static unsigned int +hashval(char *s) +{ + unsigned hv; + + for(hv = 0; *s != '\0'; s++) { + hv ^= ((hv << 3) ^ *s); + } + return(hv); +} + +/* Add an element to a hash table */ +static void +add_hash(struct hashtbl *h, char *el) +{ + unsigned hv; + char *s; + char **old; + int i; + + /* Make space if it isn't there already */ + if(h->entries + 1 > (h->size >> 1)) { + old = h->tbl; + h->tbl = (char **) calloc(h->size << 1, sizeof(char *)); + for(i = 0; i < h->size; i++) { + if(old[i] != NULL) { + hv = hashval(old[i]) % (h->size << 1); + while(h->tbl[hv] != NULL) hv = (hv+1) % (h->size << 1); + h->tbl[hv] = old[i]; + } + } + h->size = h->size << 1; + free(old); + } + + hv = hashval(el) % h->size; + while(h->tbl[hv] != NULL && strcmp(h->tbl[hv], el)) hv = (hv+1) % h->size; + s = strdup(el); + h->tbl[hv] = s; + h->entries++; +} + +/* Returns nonzero if el is in h */ +static int +check_hash(struct hashtbl *h, char *el) +{ + unsigned hv; + + for(hv = hashval(el) % h->size; + h->tbl[hv] != NULL; + hv = (hv + 1) % h->size) { + if(!strcmp(h->tbl[hv], el)) return(1); + } + return(0); +} + +struct acl { + char filename[LINESIZE]; /* Name of acl file */ + int fd; /* File descriptor for acl file */ + struct stat status; /* File status at last read */ + struct hashtbl *acl; /* Acl entries */ +}; + +static struct acl acl_cache[CACHED_ACLS]; + +static int acl_cache_count = 0; +static int acl_cache_next = 0; + +/* Returns < 0 if unsuccessful in loading acl */ +/* Returns index into acl_cache otherwise */ +/* Note that if acl is already loaded, this is just a lookup */ +static int +acl_load(char *name) +{ + int i; + FILE *f; + struct stat s; + char buf[MAX_PRINCIPAL_SIZE]; + char canon[MAX_PRINCIPAL_SIZE]; + + /* See if it's there already */ + for(i = 0; i < acl_cache_count; i++) { + if(!strcmp(acl_cache[i].filename, name) + && acl_cache[i].fd >= 0) goto got_it; + } + + /* It isn't, load it in */ + /* maybe there's still room */ + if(acl_cache_count < CACHED_ACLS) { + i = acl_cache_count++; + } else { + /* No room, clean one out */ + i = acl_cache_next; + acl_cache_next = (acl_cache_next + 1) % CACHED_ACLS; + close(acl_cache[i].fd); + if(acl_cache[i].acl) { + destroy_hash(acl_cache[i].acl); + acl_cache[i].acl = (struct hashtbl *) 0; + } + } + + /* Set up the acl */ + strcpy(acl_cache[i].filename, name); + if((acl_cache[i].fd = open(name, O_RDONLY, 0)) < 0) return(-1); + /* Force reload */ + acl_cache[i].acl = (struct hashtbl *) 0; + + got_it: + /* + * See if the stat matches + * + * Use stat(), not fstat(), as the file may have been re-created by + * acl_add or acl_delete. If this happens, the old inode will have + * no changes in the mod-time and the following test will fail. + */ + if(stat(acl_cache[i].filename, &s) < 0) return(-1); + if(acl_cache[i].acl == (struct hashtbl *) 0 + || s.st_nlink != acl_cache[i].status.st_nlink + || s.st_mtime != acl_cache[i].status.st_mtime + || s.st_ctime != acl_cache[i].status.st_ctime) { + /* Gotta reload */ + if(acl_cache[i].fd >= 0) close(acl_cache[i].fd); + if((acl_cache[i].fd = open(name, O_RDONLY, 0)) < 0) return(-1); + if((f = fdopen(acl_cache[i].fd, "r")) == NULL) return(-1); + if(acl_cache[i].acl) destroy_hash(acl_cache[i].acl); + acl_cache[i].acl = make_hash(ACL_LEN); + while(fgets(buf, sizeof(buf), f) != NULL) { + nuke_whitespace(buf); + acl_canonicalize_principal(buf, canon); + add_hash(acl_cache[i].acl, canon); + } + fclose(f); + acl_cache[i].status = s; + } + return(i); +} + +/* Returns nonzero if it can be determined that acl contains principal */ +/* Principal is not canonicalized, and no wildcarding is done */ +int +acl_exact_match(char *acl, char *principal) +{ + int idx; + + return((idx = acl_load(acl)) >= 0 + && check_hash(acl_cache[idx].acl, principal)); +} + +/* Returns nonzero if it can be determined that acl contains principal */ +/* Recognizes wildcards in acl of the form + name.*@realm, *.*@realm, and *.*@* */ +int +acl_check(char *acl, char *principal) +{ + char buf[MAX_PRINCIPAL_SIZE]; + char canon[MAX_PRINCIPAL_SIZE]; + char *realm; + + acl_canonicalize_principal(principal, canon); + + /* Is it there? */ + if(acl_exact_match(acl, canon)) return(1); + + /* Try the wildcards */ + realm = strchr(canon, REALM_SEP); + *strchr(canon, INST_SEP) = '\0'; /* Chuck the instance */ + + snprintf(buf, sizeof(buf), "%s.*%s", canon, realm); + if(acl_exact_match(acl, buf)) return(1); + + snprintf(buf, sizeof(buf), "*.*%s", realm); + if(acl_exact_match(acl, buf) || acl_exact_match(acl, "*.*@*")) return(1); + + return(0); +} + +/* Adds principal to acl */ +/* Wildcards are interpreted literally */ +int +acl_add(char *acl, char *principal) +{ + int idx; + int i; + FILE *new; + char canon[MAX_PRINCIPAL_SIZE]; + + acl_canonicalize_principal(principal, canon); + + if((new = acl_lock_file(acl)) == NULL) return(-1); + if((acl_exact_match(acl, canon)) + || (idx = acl_load(acl)) < 0) { + acl_abort(acl, new); + return(-1); + } + /* It isn't there yet, copy the file and put it in */ + for(i = 0; i < acl_cache[idx].acl->size; i++) { + if(acl_cache[idx].acl->tbl[i] != NULL) { + if(fputs(acl_cache[idx].acl->tbl[i], new) == EOF + || putc('\n', new) != '\n') { + acl_abort(acl, new); + return(-1); + } + } + } + fputs(canon, new); + putc('\n', new); + return(acl_commit(acl, new)); +} + +/* Removes principal from acl */ +/* Wildcards are interpreted literally */ +int +acl_delete(char *acl, char *principal) +{ + int idx; + int i; + FILE *new; + char canon[MAX_PRINCIPAL_SIZE]; + + acl_canonicalize_principal(principal, canon); + + if((new = acl_lock_file(acl)) == NULL) return(-1); + if((!acl_exact_match(acl, canon)) + || (idx = acl_load(acl)) < 0) { + acl_abort(acl, new); + return(-1); + } + /* It isn't there yet, copy the file and put it in */ + for(i = 0; i < acl_cache[idx].acl->size; i++) { + if(acl_cache[idx].acl->tbl[i] != NULL + && strcmp(acl_cache[idx].acl->tbl[i], canon)) { + fputs(acl_cache[idx].acl->tbl[i], new); + putc('\n', new); + } + } + return(acl_commit(acl, new)); +} diff --git a/crypto/kerberosIV/lib/acl/acl_files.doc b/crypto/kerberosIV/lib/acl/acl_files.doc new file mode 100644 index 0000000..78c448a --- /dev/null +++ b/crypto/kerberosIV/lib/acl/acl_files.doc @@ -0,0 +1,107 @@ +PROTOTYPE ACL LIBRARY + +Introduction + +An access control list (ACL) is a list of principals, where each +principal is is represented by a text string which cannot contain +whitespace. The library allows application programs to refer to named +access control lists to test membership and to atomically add and +delete principals using a natural and intuitive interface. At +present, the names of access control lists are required to be Unix +filenames, and refer to human-readable Unix files; in the future, when +a networked ACL server is implemented, the names may refer to a +different namespace specific to the ACL service. + + +Usage + +cc <files> -lacl -lkrb. + + + +Principal Names + +Principal names have the form + +<name>[.<instance>][@<realm>] + +e.g. + +asp +asp.root +asp@ATHENA.MIT.EDU +asp.@ATHENA.MIT.EDU +asp.root@ATHENA.MIT.EDU + +It is possible for principals to be underspecified. If instance is +missing, it is assumed to be "". If realm is missing, it is assumed +to be local_realm. The canonical form contains all of name, instance, +and realm; the acl_add and acl_delete routines will always +leave the file in that form. Note that the canonical form of +asp@ATHENA.MIT.EDU is actually asp.@ATHENA.MIT.EDU. + + +Routines + +acl_canonicalize_principal(principal, buf) +char *principal; +char *buf; /*RETVAL*/ + +Store the canonical form of principal in buf. Buf must contain enough +space to store a principal, given the limits on the sizes of name, +instance, and realm specified in /usr/include/krb.h. + +acl_check(acl, principal) +char *acl; +char *principal; + +Returns nonzero if principal appears in acl. Returns 0 if principal +does not appear in acl, or if an error occurs. Canonicalizes +principal before checking, and allows the ACL to contain wildcards. + +acl_exact_match(acl, principal) +char *acl; +char *principal; + +Like acl_check, but does no canonicalization or wildcarding. + +acl_add(acl, principal) +char *acl; +char *principal; + +Atomically adds principal to acl. Returns 0 if successful, nonzero +otherwise. It is considered a failure if principal is already in acl. +This routine will canonicalize principal, but will treat wildcards +literally. + +acl_delete(acl, principal) +char *acl; +char *principal; + +Atomically deletes principal from acl. Returns 0 if successful, +nonzero otherwise. It is consider a failure if principal is not +already in acl. This routine will canonicalize principal, but will +treat wildcards literally. + +acl_initialize(acl, mode) +char *acl; +int mode; + +Initialize acl. If acl file does not exist, creates it with mode +mode. If acl exists, removes all members. Returns 0 if successful, +nonzero otherwise. WARNING: Mode argument is likely to change with +the eventual introduction of an ACL service. + + +Known problems + +In the presence of concurrency, there is a very small chance that +acl_add or acl_delete could report success even though it would have +had no effect. This is a necessary side effect of using lock files +for concurrency control rather than flock(2), which is not supported +by NFS. + +The current implementation caches ACLs in memory in a hash-table +format for increased efficiency in checking membership; one effect of +the caching scheme is that one file descriptor will be kept open for +each ACL cached, up to a maximum of 8. diff --git a/crypto/kerberosIV/lib/kadm/Makefile.in b/crypto/kerberosIV/lib/kadm/Makefile.in new file mode 100644 index 0000000..1dafd4f --- /dev/null +++ b/crypto/kerberosIV/lib/kadm/Makefile.in @@ -0,0 +1,92 @@ +# +# $Id: Makefile.in,v 1.30 1997/05/06 03:47:28 assar Exp $ +# + +SHELL = /bin/sh + +srcdir = @srcdir@ +VPATH = @srcdir@ + +CC = @CC@ +AR = ar +RANLIB = @RANLIB@ +LN_S = @LN_S@ +DEFS = @DEFS@ +CFLAGS = @CFLAGS@ + +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +MKINSTALLDIRS = @top_srcdir@/mkinstalldirs + +COMPILE_ET = ../../util/et/compile_et$(EXECSUFFIX) -language ansi-c + +prefix = @prefix@ +exec_prefix = @exec_prefix@ +libdir = @libdir@ + +PICFLAGS = @PICFLAGS@ + +LIBNAME = $(LIBPREFIX)kadm +LIBEXT = @LIBEXT@ +LIBPREFIX = @LIBPREFIX@ +EXECSUFFIX = @EXECSUFFIX@ +SHLIBEXT = @SHLIBEXT@ +LDSHARED = @LDSHARED@ +LIB = $(LIBNAME).$(LIBEXT) + +SOURCES = kadm_cli_wrap.c kadm_err.c kadm_stream.c kadm_supp.c + +OBJECTS = kadm_cli_wrap.o kadm_err.o kadm_stream.o kadm_supp.o + +all: $(LIB) + +Wall: + make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" + +.c.o: + $(CC) -c $(CPPFLAGS) $(DEFS) -I../../include -I$(srcdir) $(CFLAGS) $(PICFLAGS) $< + +install: all + $(MKINSTALLDIRS) $(libdir) + $(INSTALL_DATA) -m 0555 $(LIB) $(libdir) + +uninstall: + rm -f $(libdir)/$(LIB) + +TAGS: $(SOURCES) + etags $(SOURCES) + +check: + +clean: + rm -f $(LIB) *.o *.a kadm_err.c kadm_err.h + +mostlyclean: clean + +distclean: clean + rm -f Makefile *.tab.c *~ + +realclean: distclean + rm -f TAGS + +dist: $(DISTFILES) + for file in $(DISTFILES); do \ + ln $$file ../`cat ../.fname`/lib \ + || cp -p $$file ../`cat ../.fname`/lib; \ + done + +$(LIBNAME).a: $(OBJECTS) + rm -f $@ + $(AR) cr $@ $(OBJECTS) + -$(RANLIB) $@ + +$(LIBNAME).$(SHLIBEXT): $(OBJECTS) + rm -f $@ + $(LDSHARED) -o $@ $(OBJECTS) + +kadm_err.c kadm_err.h: kadm_err.et + test -r kadm_err.et || (rm -f kadm_err.et && $(LN_S) $(srcdir)/kadm_err.et .) + $(COMPILE_ET) kadm_err.et + +$(OBJECTS): ../../include/config.h +$(OBJECTS): kadm_err.h kadm_locl.h diff --git a/crypto/kerberosIV/lib/kadm/kadm.h b/crypto/kerberosIV/lib/kadm/kadm.h new file mode 100644 index 0000000..d18f592 --- /dev/null +++ b/crypto/kerberosIV/lib/kadm/kadm.h @@ -0,0 +1,143 @@ +/* + * $Id: kadm.h,v 1.12 1996/11/17 20:04:39 assar Exp $ + * + * Copyright 1988 by the Massachusetts Institute of Technology. + * + * For copying and distribution information, please see the file + * <mit-copyright.h>. + * + * Definitions for Kerberos administration server & client + */ + +#ifndef KADM_DEFS +#define KADM_DEFS + +/* + * kadm.h + * Header file for the fourth attempt at an admin server + * Doug Church, December 28, 1989, MIT Project Athena + */ + +#include <krb_db.h> + +/* The global structures for the client and server */ +typedef struct { + struct sockaddr_in admin_addr; + struct sockaddr_in my_addr; + int my_addr_len; + int admin_fd; /* file descriptor for link to admin server */ + char sname[ANAME_SZ]; /* the service name */ + char sinst[INST_SZ]; /* the services instance */ + char krbrlm[REALM_SZ]; +} Kadm_Client; + +typedef struct { /* status of the server, i.e the parameters */ + int inter; /* Space for command line flags */ + char *sysfile; /* filename of server */ +} admin_params; /* Well... it's the admin's parameters */ + +/* Largest password length to be supported */ +#define MAX_KPW_LEN 128 +/* Minimum allowed password length */ +#define MIN_KPW_LEN 6 + +/* Largest packet the admin server will ever allow itself to return */ +#define KADM_RET_MAX 2048 + +/* That's right, versions are 8 byte strings */ +#define KADM_VERSTR "KADM0.0A" +#define KADM_ULOSE "KYOULOSE" /* sent back when server can't + decrypt client's msg */ +#define KADM_VERSIZE strlen(KADM_VERSTR) + +/* the lookups for the server instances */ +#define PWSERV_NAME "changepw" +#define KADM_SNAME "kerberos_master" +#define KADM_PORT 751 +#define KADM_SINST "kerberos" + +/* Attributes fields constants and macros */ +#define ALLOC 2 +#define RESERVED 3 +#define DEALLOC 4 +#define DEACTIVATED 5 +#define ACTIVE 6 + +/* Kadm_vals structure for passing db fields into the server routines */ +#define FLDSZ 4 + +typedef struct { + u_int8_t fields[FLDSZ]; /* The active fields in this struct */ + char name[ANAME_SZ]; + char instance[INST_SZ]; + u_int32_t key_low; + u_int32_t key_high; + u_int32_t exp_date; + u_int16_t attributes; + u_int8_t max_life; +} Kadm_vals; /* The basic values structure in Kadm */ + +/* Kadm_vals structure for passing db fields into the server routines */ +#define FLDSZ 4 + +/* Need to define fields types here */ +#define KADM_NAME 31 +#define KADM_INST 30 +#define KADM_EXPDATE 29 +#define KADM_ATTR 28 +#define KADM_MAXLIFE 27 +#define KADM_DESKEY 26 + +/* To set a field entry f in a fields structure d */ +#define SET_FIELD(f,d) (d[3-(f/8)]|=(1<<(f%8))) + +/* To set a field entry f in a fields structure d */ +#define CLEAR_FIELD(f,d) (d[3-(f/8)]&=(~(1<<(f%8)))) + +/* Is field f in fields structure d */ +#define IS_FIELD(f,d) (d[3-(f/8)]&(1<<(f%8))) + +/* Various return codes */ +#define KADM_SUCCESS 0 + +#define WILDCARD_STR "*" + +enum acl_types { +ADDACL, +GETACL, +MODACL, +STABACL, /* not used */ +DELACL +}; + +/* Various opcodes for the admin server's functions */ +#define CHANGE_PW 2 +#define ADD_ENT 3 +#define MOD_ENT 4 +#define GET_ENT 5 +#define CHECK_PW 6 /* not used */ +#define CHG_STAB 7 /* not used */ +#define DEL_ENT 8 + +void prin_vals __P((Kadm_vals *)); +int stv_long __P((u_char *, u_int32_t *, int, int)); +int vts_long __P((u_int32_t, u_char **, int)); +int vts_string __P((char *, u_char **, int)); +int stv_string __P((u_char *, char *, int, int, int)); + +int stream_to_vals __P((u_char *, Kadm_vals *, int)); +int vals_to_stream __P((Kadm_vals *, u_char **)); + +int kadm_init_link __P((char *, char *, char *)); +int kadm_change_pw __P((unsigned char *)); +int kadm_change_pw_plain __P((unsigned char *, char *, char**)); +int kadm_mod __P((Kadm_vals *, Kadm_vals *)); +int kadm_get __P((Kadm_vals *, u_char *)); +int kadm_add __P((Kadm_vals *)); +int kadm_del __P((Kadm_vals *)); +void kadm_vals_to_prin __P((u_char *, Principal *, Kadm_vals *)); +void kadm_prin_to_vals __P((u_char *, Kadm_vals *, Principal *)); + + + +#endif /* KADM_DEFS */ diff --git a/crypto/kerberosIV/lib/kadm/kadm_cli_wrap.c b/crypto/kerberosIV/lib/kadm/kadm_cli_wrap.c new file mode 100644 index 0000000..1e5c4f3 --- /dev/null +++ b/crypto/kerberosIV/lib/kadm/kadm_cli_wrap.c @@ -0,0 +1,545 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + + */ + +/* + * Kerberos administration server client-side routines + */ + +/* + * kadm_cli_wrap.c the client side wrapping of the calls to the admin server + */ + +#include "kadm_locl.h" + +RCSID("$Id: kadm_cli_wrap.c,v 1.21 1997/05/02 10:28:11 joda Exp $"); + +#ifndef NULL +#define NULL 0 +#endif + +static Kadm_Client client_parm; + +/* Macros for use in returning data... used in kadm_cli_send */ +#define RET_N_FREE(r) {clear_secrets(); free((char *)act_st); free((char *)priv_pak); return r;} + +/* Keys for use in the transactions */ +static des_cblock sess_key; /* to be filled in by kadm_cli_keyd */ +static des_key_schedule sess_sched; + +static void +clear_secrets(void) +{ + memset(sess_key, 0, sizeof(sess_key)); + memset(sess_sched, 0, sizeof(sess_sched)); + return; +} + +static RETSIGTYPE (*opipe)(); + +static void +kadm_cli_disconn(void) +{ + close(client_parm.admin_fd); + signal(SIGPIPE, opipe); + return; +} + +/* + * kadm_init_link + * receives : name, inst, realm + * + * initializes client parm, the Kadm_Client structure which holds the + * data about the connection between the server and client, the services + * used, the locations and other fun things + */ + +int +kadm_init_link(char *n, char *i, char *r) +{ + struct hostent *hop; /* host we will talk to */ + char adm_hostname[MaxHostNameLen]; + + init_kadm_err_tbl(); + init_krb_err_tbl(); + strcpy(client_parm.sname, n); + strcpy(client_parm.sinst, i); + strcpy(client_parm.krbrlm, r); + client_parm.admin_fd = -1; + + /* set up the admin_addr - fetch name of admin host */ + if (krb_get_admhst(adm_hostname, client_parm.krbrlm, 1) != KSUCCESS) + return KADM_NO_HOST; + if ((hop = gethostbyname(adm_hostname)) == NULL) + return KADM_UNK_HOST; + memset(&client_parm.admin_addr, 0, sizeof(client_parm.admin_addr)); + client_parm.admin_addr.sin_port = + k_getportbyname(KADM_SNAME, "tcp", htons(KADM_PORT)); + client_parm.admin_addr.sin_family = hop->h_addrtype; + memcpy(&client_parm.admin_addr.sin_addr, hop->h_addr, + sizeof(client_parm.admin_addr.sin_addr)); + + return KADM_SUCCESS; +} + +static int +kadm_cli_conn(void) +{ /* this connects and sets my_addr */ + int on = 1; + + if ((client_parm.admin_fd = + socket(client_parm.admin_addr.sin_family, SOCK_STREAM,0)) < 0) + return KADM_NO_SOCK; /* couldnt create the socket */ + if (connect(client_parm.admin_fd, + (struct sockaddr *) & client_parm.admin_addr, + sizeof(client_parm.admin_addr))) { + close(client_parm.admin_fd); + client_parm.admin_fd = -1; + return KADM_NO_CONN; /* couldnt get the connect */ + } + opipe = signal(SIGPIPE, SIG_IGN); + client_parm.my_addr_len = sizeof(client_parm.my_addr); + if (getsockname(client_parm.admin_fd, + (struct sockaddr *) & client_parm.my_addr, + &client_parm.my_addr_len) < 0) { + close(client_parm.admin_fd); + client_parm.admin_fd = -1; + signal(SIGPIPE, opipe); + return KADM_NO_HERE; /* couldnt find out who we are */ + } +#if defined(SO_KEEPALIVE) && defined(HAVE_SETSOCKOPT) + if (setsockopt(client_parm.admin_fd, SOL_SOCKET, SO_KEEPALIVE, + (void *)&on, + sizeof(on)) < 0) { + close(client_parm.admin_fd); + client_parm.admin_fd = -1; + signal(SIGPIPE, opipe); + return KADM_NO_CONN; /* XXX */ + } +#endif + return KADM_SUCCESS; +} + +/* takes in the sess_key and key_schedule and sets them appropriately */ +static int +kadm_cli_keyd(des_cblock (*s_k), struct des_ks_struct *s_s) + /* session key */ + /* session key schedule */ +{ + CREDENTIALS cred; /* to get key data */ + int stat; + + /* want .sname and .sinst here.... */ + if ((stat = krb_get_cred(client_parm.sname, client_parm.sinst, + client_parm.krbrlm, &cred))) + return stat + krb_err_base; + memcpy(s_k, cred.session, sizeof(des_cblock)); + memset(cred.session, 0, sizeof(des_cblock)); +#ifdef NOENCRYPTION + memset(s_s, 0, sizeof(des_key_schedule)); +#else + if ((stat = des_key_sched(s_k,s_s))) + return(stat+krb_err_base); +#endif + return KADM_SUCCESS; +} /* This code "works" */ + +static int +kadm_cli_out(u_char *dat, int dat_len, u_char **ret_dat, int *ret_siz) +{ + u_int16_t dlen; + int retval; + char tmp[4]; + + dlen = (u_int16_t) dat_len; + + if (dat_len != (int)dlen) + return (KADM_NO_ROOM); + + tmp[0] = (dlen >> 8) & 0xff; + tmp[1] = dlen & 0xff; + if (krb_net_write(client_parm.admin_fd, tmp, 2) != 2) + return (errno); /* XXX */ + + if (krb_net_write(client_parm.admin_fd, (char *) dat, dat_len) < 0) + return (errno); /* XXX */ + + + if ((retval = krb_net_read(client_parm.admin_fd, tmp, 2)) != 2){ + if (retval < 0) + return(errno); /* XXX */ + else + return(EPIPE); /* short read ! */ + } + dlen = (tmp[0] << 8) | tmp[1]; + + *ret_dat = (u_char *)malloc((unsigned)dlen); + if (!*ret_dat) + return(KADM_NOMEM); + + if ((retval = krb_net_read(client_parm.admin_fd, *ret_dat, + dlen) != dlen)) { + if (retval < 0) + return(errno); /* XXX */ + else + return(EPIPE); /* short read ! */ + } + *ret_siz = (int) dlen; + return KADM_SUCCESS; +} + +/* + * kadm_cli_send + * recieves : opcode, packet, packet length, serv_name, serv_inst + * returns : return code from the packet build, the server, or + * something else + * + * It assembles a packet as follows: + * 8 bytes : VERSION STRING + * 4 bytes : LENGTH OF MESSAGE DATA and OPCODE + * : KTEXT + * : OPCODE \ + * : DATA > Encrypted (with make priv) + * : ...... / + * + * If it builds the packet and it is small enough, then it attempts to open the + * connection to the admin server. If the connection is succesfully open + * then it sends the data and waits for a reply. + */ +static int +kadm_cli_send(u_char *st_dat, int st_siz, u_char **ret_dat, int *ret_siz) + /* the actual data */ + /* length of said data */ + /* to give return info */ + /* length of returned info */ +{ + int act_len, retdat; /* current offset into packet, return + * data */ + KTEXT_ST authent; /* the authenticator we will build */ + u_char *act_st; /* the pointer to the complete packet */ + u_char *priv_pak; /* private version of the packet */ + int priv_len; /* length of private packet */ + u_int32_t cksum; /* checksum of the packet */ + MSG_DAT mdat; + u_char *return_dat; + + act_st = (u_char *) malloc(KADM_VERSIZE); /* verstr stored first */ + strncpy((char *)act_st, KADM_VERSTR, KADM_VERSIZE); + act_len = KADM_VERSIZE; + + if ((retdat = kadm_cli_keyd(&sess_key, sess_sched)) != KADM_SUCCESS) { + free(act_st); + return retdat; /* couldnt get key working */ + } + priv_pak = (u_char *) malloc((unsigned)(st_siz + 200)); + /* 200 bytes for extra info case */ + if ((priv_len = krb_mk_priv(st_dat, priv_pak, (u_int32_t)st_siz, + sess_sched, &sess_key, &client_parm.my_addr, + &client_parm.admin_addr)) < 0) + RET_N_FREE(KADM_NO_ENCRYPT); /* whoops... we got a lose + * here */ + /* here is the length of priv data. receiver calcs + size of authenticator by subtracting vno size, priv size, and + sizeof(u_int32_t) (for the size indication) from total size */ + + act_len += vts_long((u_int32_t) priv_len, &act_st, act_len); +#ifdef NOENCRYPTION + cksum = 0; +#else + cksum = des_quad_cksum((des_cblock *)priv_pak, (des_cblock *)0, (long)priv_len, 0, + &sess_key); +#endif + if ((retdat = krb_mk_req(&authent, client_parm.sname, client_parm.sinst, + client_parm.krbrlm, cksum))) { + /* authenticator? */ + RET_N_FREE(retdat + krb_err_base); + } + + act_st = (u_char *) realloc(act_st, + act_len + authent.length + priv_len); + if (!act_st) { + clear_secrets(); + free(priv_pak); + return(KADM_NOMEM); + } + memcpy((char *)act_st + act_len, authent.dat, authent.length); + memcpy((char *)act_st + act_len + authent.length, priv_pak, priv_len); + free(priv_pak); + if ((retdat = kadm_cli_out(act_st, + act_len + authent.length + priv_len, + ret_dat, ret_siz)) != KADM_SUCCESS) + RET_N_FREE(retdat); + free(act_st); +#define RET_N_FREE2(r) {free(*ret_dat); clear_secrets(); return(r);} + + /* first see if it's a YOULOUSE */ + if ((*ret_siz >= KADM_VERSIZE) && + !strncmp(KADM_ULOSE, (char *)*ret_dat, KADM_VERSIZE)) { + unsigned char *p; + /* it's a youlose packet */ + if (*ret_siz < KADM_VERSIZE + 4) + RET_N_FREE2(KADM_BAD_VER); + p = (*ret_dat)+KADM_VERSIZE; + retdat = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]; + RET_N_FREE2(retdat); + } + /* need to decode the ret_dat */ + if ((retdat = krb_rd_priv(*ret_dat, (u_int32_t)*ret_siz, sess_sched, + &sess_key, &client_parm.admin_addr, + &client_parm.my_addr, &mdat))) + RET_N_FREE2(retdat+krb_err_base); + if (mdat.app_length < KADM_VERSIZE + 4) + /* too short! */ + RET_N_FREE2(KADM_BAD_VER); + if (strncmp((char *)mdat.app_data, KADM_VERSTR, KADM_VERSIZE)) + /* bad version */ + RET_N_FREE2(KADM_BAD_VER); + { + unsigned char *p = mdat.app_data+KADM_VERSIZE; + retdat = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]; + } + { + int s=mdat.app_length - KADM_VERSIZE - 4; + if(s<=0) s=1; + if (!(return_dat = (u_char *)malloc(s))) + RET_N_FREE2(KADM_NOMEM); + } + memcpy(return_dat, + (char *) mdat.app_data + KADM_VERSIZE + 4, + mdat.app_length - KADM_VERSIZE - 4); + free(*ret_dat); + clear_secrets(); + *ret_dat = return_dat; + *ret_siz = mdat.app_length - KADM_VERSIZE - 4; + return retdat; +} + + + +/* + * kadm_change_pw_plain + * + * see kadm_change_pw + * + */ +int kadm_change_pw_plain(unsigned char *newkey, char *password, char **pw_msg) +{ + int stsize, retc; /* stream size and return code */ + u_char *send_st; /* send stream */ + u_char *ret_st; + int ret_sz; + int status; + static char msg[128]; + + if ((retc = kadm_cli_conn()) != KADM_SUCCESS) + return(retc); + /* possible problem with vts_long on a non-multiple of four boundary */ + + stsize = 0; /* start of our output packet */ + send_st = (u_char *) malloc(1);/* to make it reallocable */ + send_st[stsize++] = (u_char) CHANGE_PW; + + /* change key to stream */ + + send_st = realloc(send_st, stsize + 8); + memcpy(send_st + stsize + 4, newkey, 4); /* yes, this is backwards */ + memcpy(send_st + stsize, newkey + 4, 4); + stsize += 8; + + if(password && *password) + stsize += vts_string(password, &send_st, stsize); + + retc = kadm_cli_send(send_st, stsize, &ret_st, &ret_sz); + free(send_st); + + if(retc != KADM_SUCCESS){ + status = stv_string(ret_st, msg, 0, sizeof(msg), ret_sz); + if(status<0) + msg[0]=0; + *pw_msg=msg; + } + + if (ret_st) + free(ret_st); + + kadm_cli_disconn(); + return(retc); +} + +/* + * kadm_change_pw + * recieves : key + * + * Replaces the password (i.e. des key) of the caller with that specified in + * key. Returns no actual data from the master server, since this is called + * by a user + */ + +int kadm_change_pw(unsigned char *newkey) +{ + char *pw_msg; + return kadm_change_pw_plain(newkey, "", &pw_msg); +} + +/* + * kadm_add + * receives : vals + * returns : vals + * + * Adds and entry containing values to the database returns the values of the + * entry, so if you leave certain fields blank you will be able to determine + * the default values they are set to + */ +int +kadm_add(Kadm_vals *vals) +{ + u_char *st, *st2; /* st will hold the stream of values */ + int st_len; /* st2 the final stream with opcode */ + int retc; /* return code from call */ + u_char *ret_st; + int ret_sz; + + if ((retc = kadm_cli_conn()) != KADM_SUCCESS) + return(retc); + st_len = vals_to_stream(vals, &st); + st2 = (u_char *) malloc((unsigned)(1 + st_len)); + *st2 = (u_char) ADD_ENT; /* here's the opcode */ + memcpy((char *) st2 + 1, st, st_len); /* append st on */ + retc = kadm_cli_send(st2, st_len + 1, &ret_st, &ret_sz); + free(st); + free(st2); + if (retc == KADM_SUCCESS) { + /* ret_st has vals */ + if (stream_to_vals(ret_st, vals, ret_sz) < 0) + retc = KADM_LENGTH_ERROR; + free(ret_st); + } + kadm_cli_disconn(); + return(retc); +} + +/* + * kadm_mod + * receives : KTEXT, {values, values} + * returns : CKSUM, RETCODE, {values} + * acl : su, sms (as register or dealloc) + * + * Modifies all entries corresponding to the first values so they match the + * second values. returns the values for the changed entries in vals2 + */ +int +kadm_mod(Kadm_vals *vals1, Kadm_vals *vals2) +{ + u_char *st, *st2; /* st will hold the stream of values */ + int st_len, nlen; /* st2 the final stream with opcode */ + u_char *ret_st; + int ret_sz; + + /* nlen is the length of second vals */ + int retc; /* return code from call */ + + if ((retc = kadm_cli_conn()) != KADM_SUCCESS) + return(retc); + + st_len = vals_to_stream(vals1, &st); + st2 = (u_char *) malloc((unsigned)(1 + st_len)); + *st2 = (u_char) MOD_ENT; /* here's the opcode */ + memcpy((char *)st2 + 1, st, st_len++); /* append st on */ + free(st); + nlen = vals_to_stream(vals2, &st); + st2 = (u_char *) realloc((char *) st2, (unsigned)(st_len + nlen)); + memcpy((char *) st2 + st_len, st, nlen); /* append st on */ + retc = kadm_cli_send(st2, st_len + nlen, &ret_st, &ret_sz); + free(st); + free(st2); + if (retc == KADM_SUCCESS) { + /* ret_st has vals */ + if (stream_to_vals(ret_st, vals2, ret_sz) < 0) + retc = KADM_LENGTH_ERROR; + free(ret_st); + } + kadm_cli_disconn(); + return(retc); +} + + +int +kadm_del(Kadm_vals *vals) +{ + unsigned char *st, *st2; /* st will hold the stream of values */ + int st_len; /* st2 the final stream with opcode */ + int retc; /* return code from call */ + u_char *ret_st; + int ret_sz; + + if ((retc = kadm_cli_conn()) != KADM_SUCCESS) + return(retc); + st_len = vals_to_stream(vals, &st); + st2 = (unsigned char *) malloc(st_len + 1); + *st2 = DEL_ENT; /* here's the opcode */ + memcpy(st2 + 1, st, st_len); /* append st on */ + retc = kadm_cli_send(st2, st_len + 1, &ret_st, &ret_sz); + free(st); + free(st2); + kadm_cli_disconn(); + return(retc); +} + + +/* + * kadm_get + * receives : KTEXT, {values, flags} + * returns : CKSUM, RETCODE, {count, values, values, values} + * acl : su + * + * gets the fields requested by flags from all entries matching values returns + * this data for each matching recipient, after a count of how many such + * matches there were + */ +int +kadm_get(Kadm_vals *vals, u_char *fl) +{ + int loop; /* for copying the fields data */ + u_char *st, *st2; /* st will hold the stream of values */ + int st_len; /* st2 the final stream with opcode */ + int retc; /* return code from call */ + u_char *ret_st; + int ret_sz; + + if ((retc = kadm_cli_conn()) != KADM_SUCCESS) + return(retc); + st_len = vals_to_stream(vals, &st); + st2 = (u_char *) malloc((unsigned)(1 + st_len + FLDSZ)); + *st2 = (u_char) GET_ENT; /* here's the opcode */ + memcpy((char *)st2 + 1, st, st_len); /* append st on */ + for (loop = FLDSZ - 1; loop >= 0; loop--) + *(st2 + st_len + FLDSZ - loop) = fl[loop]; /* append the flags */ + retc = kadm_cli_send(st2, st_len + 1 + FLDSZ, &ret_st, &ret_sz); + free(st); + free(st2); + if (retc == KADM_SUCCESS) { + /* ret_st has vals */ + if (stream_to_vals(ret_st, vals, ret_sz) < 0) + retc = KADM_LENGTH_ERROR; + free(ret_st); + } + kadm_cli_disconn(); + return(retc); +} diff --git a/crypto/kerberosIV/lib/kadm/kadm_err.et b/crypto/kerberosIV/lib/kadm/kadm_err.et new file mode 100644 index 0000000..0a7c7b6 --- /dev/null +++ b/crypto/kerberosIV/lib/kadm/kadm_err.et @@ -0,0 +1,59 @@ +# $Id: kadm_err.et,v 1.4 1996/06/12 08:01:34 bg Exp $ +# $Author: bg $ +# +# Copyright 1988 by the Massachusetts Institute of Technology. +# +# For copying and distribution information, please see the file +# <mit-copyright.h>. +# +# Kerberos administration server error table +# + et kadm + +# KADM_SUCCESS, as all success codes should be, is zero + +ec KADM_RCSID, "$Id: kadm_err.et,v 1.4 1996/06/12 08:01:34 bg Exp $" +# /* Building and unbuilding the packet errors */ +ec KADM_NO_REALM, "Cannot fetch local realm" +ec KADM_NO_CRED, "Unable to fetch credentials" +ec KADM_BAD_KEY, "Bad key supplied" +ec KADM_NO_ENCRYPT, "Can't encrypt data" +ec KADM_NO_AUTH, "Cannot encode/decode authentication info" +ec KADM_WRONG_REALM, "Principal attemping change is in wrong realm" +ec KADM_NO_ROOM, "Packet is too large" +ec KADM_BAD_VER, "Version number is incorrect" +ec KADM_BAD_CHK, "Checksum does not match" +ec KADM_NO_READ, "Unsealing private data failed" +ec KADM_NO_OPCODE, "Unsupported operation" +ec KADM_NO_HOST, "Could not find administrating host" +ec KADM_UNK_HOST, "Administrating host name is unknown" +ec KADM_NO_SERV, "Could not find service name in services database" +ec KADM_NO_SOCK, "Could not create socket" +ec KADM_NO_CONN, "Could not connect to server" +ec KADM_NO_HERE, "Could not fetch local socket address" +ec KADM_NO_MAST, "Could not fetch master key" +ec KADM_NO_VERI, "Could not verify master key" + +# /* From the server side routines */ +ec KADM_INUSE, "Entry already exists in database" +ec KADM_UK_SERROR, "Database store error" +ec KADM_UK_RERROR, "Database read error" +ec KADM_UNAUTH, "Insufficient access to perform requested operation" +# KADM_DATA isn't really an error, but... +ec KADM_DATA, "Data is available for return to client" +ec KADM_NOENTRY, "No such entry in the database" + +ec KADM_NOMEM, "Memory exhausted" +ec KADM_NO_HOSTNAME, "Could not fetch system hostname" +ec KADM_NO_BIND, "Could not bind port" +ec KADM_LENGTH_ERROR, "Length mismatch problem" +ec KADM_ILL_WILDCARD, "Illegal use of wildcard" + +ec KADM_DB_INUSE, "Database is locked or in use--try again later" + +ec KADM_INSECURE_PW, "Insecure password rejected" +ec KADM_PW_MISMATCH, "Cleartext password and DES key did not match" + +ec KADM_NOT_SERV_PRINC, "Invalid principal for change srvtab request" +ec KADM_IMMUTABLE, "Attempt do delete immutable principal" +end diff --git a/crypto/kerberosIV/lib/kadm/kadm_locl.h b/crypto/kerberosIV/lib/kadm/kadm_locl.h new file mode 100644 index 0000000..e6e374b --- /dev/null +++ b/crypto/kerberosIV/lib/kadm/kadm_locl.h @@ -0,0 +1,90 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: kadm_locl.h,v 1.9 1997/05/20 18:40:44 bg Exp $ */ + +#include "config.h" +#include "protos.h" + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif +#include <signal.h> +#include <time.h> +#include <errno.h> + +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_SYS_SOCKET_H +#include <sys/socket.h> +#endif +#ifdef HAVE_NETINET_IN_H +#include <netinet/in.h> +#endif +#ifdef HAVE_NETDB_H +#include <netdb.h> +#endif + +#ifdef SOCKS +#include <socks.h> +#endif + +#include <roken.h> + +#include <des.h> +#include <krb.h> +#include <krb_err.h> +#include <krb_db.h> +#include <kadm.h> +#include <kadm_err.h> + +int vts_long __P((u_int32_t, u_char **, int)); +int vals_to_stream __P((Kadm_vals *, u_char **)); +int stream_to_vals __P((u_char *, Kadm_vals *, int)); + +int kadm_init_link __P((char n[], char i[], char r[])); +int kadm_change_pw __P((des_cblock)); +int kadm_add __P((Kadm_vals *)); +int kadm_mod __P((Kadm_vals *, Kadm_vals *)); +int kadm_get __P((Kadm_vals *, u_char fl[4])); + + diff --git a/crypto/kerberosIV/lib/kadm/kadm_stream.c b/crypto/kerberosIV/lib/kadm/kadm_stream.c new file mode 100644 index 0000000..33fe177 --- /dev/null +++ b/crypto/kerberosIV/lib/kadm/kadm_stream.c @@ -0,0 +1,299 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + + */ + +/* + * Stream conversion functions for Kerberos administration server + */ + +/* + kadm_stream.c + this holds the stream support routines for the kerberos administration server + + vals_to_stream: converts a vals struct to a stream for transmission + internals build_field_header, vts_[string, char, long, short] + stream_to_vals: converts a stream to a vals struct + internals check_field_header, stv_[string, char, long, short] + error: prints out a kadm error message, returns + fatal: prints out a kadm fatal error message, exits +*/ + +#include "kadm_locl.h" + +RCSID("$Id: kadm_stream.c,v 1.11 1997/05/02 10:28:05 joda Exp $"); + +static int +build_field_header(u_char *cont, u_char **st) + /* container for fields data */ + /* stream */ +{ + *st = (u_char *) malloc (4); + memcpy(*st, cont, 4); + return 4; /* return pointer to current stream location */ +} + +static int +check_field_header(u_char *st, u_char *cont, int maxlen) + /* stream */ + /* container for fields data */ + +{ + if (4 > maxlen) + return(-1); + memcpy(cont, st, 4); + return 4; /* return pointer to current stream location */ +} + +int +vts_string(char *dat, u_char **st, int loc) + /* a string to put on the stream */ + /* base pointer to the stream */ + /* offset into the stream for current data */ +{ + *st = (u_char *) realloc (*st, (unsigned) (loc + strlen(dat) + 1)); + memcpy(*st + loc, dat, strlen(dat)+1); + return strlen(dat)+1; +} + + +static int +vts_short(u_int16_t dat, u_char **st, int loc) + /* the attributes field */ + /* a base pointer to the stream */ + /* offset into the stream for current data */ +{ + unsigned char *p; + p = realloc(*st, loc + 2); + if(p == NULL){ + abort(); + } + p[loc] = (dat >> 8) & 0xff; + p[loc+1] = dat & 0xff; + *st = p; + return 2; +} + +static int +vts_char(u_char dat, u_char **st, int loc) + /* the attributes field */ + /* a base pointer to the stream */ + /* offset into the stream for current data */ +{ + unsigned char *p = realloc(*st, loc + 1); + if(p == NULL){ + abort(); + } + p[loc] = dat; + *st = p; + return 1; +} + +int +vts_long(u_int32_t dat, u_char **st, int loc) + /* the attributes field */ + /* a base pointer to the stream */ + /* offset into the stream for current data */ +{ + unsigned char *p = realloc(*st, loc + 4); + if(p == NULL){ + abort(); + } + p[loc] = (dat >> 24) & 0xff; + p[loc+1] = (dat >> 16) & 0xff; + p[loc+2] = (dat >> 8) & 0xff; + p[loc+3] = dat & 0xff; + *st = p; + return 4; +} + +int +stv_string(u_char *st, /* base pointer to the stream */ + char *dat, /* a string to read from the stream */ + int loc, /* offset into the stream for current data */ + int stlen, /* max length of string to copy in */ + int maxlen) /* max length of input stream */ +{ + int maxcount; /* max count of chars to copy */ + + maxcount = min(maxlen - loc, stlen); + + if(maxcount <= 0) + return -1; + + strncpy(dat, (char *)st + loc, maxcount); + + if (dat[maxcount-1]) /* not null-term --> not enuf room */ + return(-1); + return strlen(dat)+1; +} + +static int +stv_short(u_char *st, u_int16_t *dat, int loc, int maxlen) + /* a base pointer to the stream */ + /* the attributes field */ + /* offset into the stream for current data */ + +{ + if (maxlen - loc < 2) + return -1; + + *dat = (st[loc] << 8) | st[loc + 1]; + return 2; +} + +int +stv_long(u_char *st, u_int32_t *dat, int loc, int maxlen) + /* a base pointer to the stream */ + /* the attributes field */ + /* offset into the stream for current data */ + /* maximum length of st */ +{ + if (maxlen - loc < 4) + return -1; + + *dat = (st[loc] << 24) | (st[loc+1] << 16) | (st[loc+2] << 8) | st[loc+3]; + return 4; +} + +static int +stv_char(u_char *st, u_char *dat, int loc, int maxlen) + /* a base pointer to the stream */ + /* the attributes field */ + /* offset into the stream for current data */ + +{ + if (maxlen - loc < 1) + return -1; + + *dat = st[loc]; + return 1; +} + +/* +vals_to_stream + recieves : kadm_vals *, u_char * + returns : a realloced and filled in u_char * + +this function creates a byte-stream representation of the kadm_vals structure +*/ +int +vals_to_stream(Kadm_vals *dt_in, u_char **dt_out) +{ + int vsloop, stsize; /* loop counter, stream size */ + + stsize = build_field_header(dt_in->fields, dt_out); + for (vsloop=31; vsloop>=0; vsloop--) + if (IS_FIELD(vsloop,dt_in->fields)) { + switch (vsloop) { + case KADM_NAME: + stsize+=vts_string(dt_in->name, dt_out, stsize); + break; + case KADM_INST: + stsize+=vts_string(dt_in->instance, dt_out, stsize); + break; + case KADM_EXPDATE: + stsize+=vts_long(dt_in->exp_date, dt_out, stsize); + break; + case KADM_ATTR: + stsize+=vts_short(dt_in->attributes, dt_out, stsize); + break; + case KADM_MAXLIFE: + stsize+=vts_char(dt_in->max_life, dt_out, stsize); + break; + case KADM_DESKEY: + stsize+=vts_long(dt_in->key_high, dt_out, stsize); + stsize+=vts_long(dt_in->key_low, dt_out, stsize); + break; + default: + break; + } +} + return(stsize); +} + +/* +stream_to_vals + recieves : u_char *, kadm_vals * + returns : a kadm_vals filled in according to u_char * + +this decodes a byte stream represntation of a vals struct into kadm_vals +*/ +int +stream_to_vals(u_char *dt_in, Kadm_vals *dt_out, int maxlen) + + + /* max length to use */ +{ + int vsloop, stsize; /* loop counter, stream size */ + int status; + + memset(dt_out, 0, sizeof(*dt_out)); + + stsize = check_field_header(dt_in, dt_out->fields, maxlen); + if (stsize < 0) + return(-1); + for (vsloop=31; vsloop>=0; vsloop--) + if (IS_FIELD(vsloop,dt_out->fields)) + switch (vsloop) { + case KADM_NAME: + if ((status = stv_string(dt_in, dt_out->name, stsize, + sizeof(dt_out->name), maxlen)) < 0) + return(-1); + stsize += status; + break; + case KADM_INST: + if ((status = stv_string(dt_in, dt_out->instance, stsize, + sizeof(dt_out->instance), maxlen)) < 0) + return(-1); + stsize += status; + break; + case KADM_EXPDATE: + if ((status = stv_long(dt_in, &dt_out->exp_date, stsize, + maxlen)) < 0) + return(-1); + stsize += status; + break; + case KADM_ATTR: + if ((status = stv_short(dt_in, &dt_out->attributes, stsize, + maxlen)) < 0) + return(-1); + stsize += status; + break; + case KADM_MAXLIFE: + if ((status = stv_char(dt_in, &dt_out->max_life, stsize, + maxlen)) < 0) + return(-1); + stsize += status; + break; + case KADM_DESKEY: + if ((status = stv_long(dt_in, &dt_out->key_high, stsize, + maxlen)) < 0) + return(-1); + stsize += status; + if ((status = stv_long(dt_in, &dt_out->key_low, stsize, + maxlen)) < 0) + return(-1); + stsize += status; + break; + default: + break; + } + return stsize; +} diff --git a/crypto/kerberosIV/lib/kadm/kadm_supp.c b/crypto/kerberosIV/lib/kadm/kadm_supp.c new file mode 100644 index 0000000..9845267 --- /dev/null +++ b/crypto/kerberosIV/lib/kadm/kadm_supp.c @@ -0,0 +1,111 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + + */ + +/* + * Support functions for Kerberos administration server & clients + */ + +/* + kadm_supp.c + this holds the support routines for the kerberos administration server + + error: prints out a kadm error message, returns + fatal: prints out a kadm fatal error message, exits + prin_vals: prints out data associated with a Principal in the vals + structure +*/ + +#include "kadm_locl.h" + +RCSID("$Id: kadm_supp.c,v 1.8 1997/05/02 10:27:58 joda Exp $"); + +/* +prin_vals: + recieves : a vals structure +*/ +void +prin_vals(Kadm_vals *vals) +{ + printf("Info in Database for %s.%s:\n", vals->name, vals->instance); + printf(" Max Life: %d (%s) Exp Date: %s\n", + vals->max_life, + krb_life_to_atime(vals->max_life), + asctime(k_localtime(&vals->exp_date))); + printf(" Attribs: %.2x key: %#lx %#lx\n", + vals->attributes, + (long)vals->key_low, (long)vals->key_high); +} + +/* kadm_prin_to_vals takes a fields arguments, a Kadm_vals and a Principal, + it copies the fields in Principal specified by fields into Kadm_vals, + i.e from old to new */ + +void +kadm_prin_to_vals(u_char *fields, Kadm_vals *new, Principal *old) +{ + memset(new, 0, sizeof(*new)); + if (IS_FIELD(KADM_NAME,fields)) { + strncpy(new->name, old->name, ANAME_SZ); + SET_FIELD(KADM_NAME, new->fields); + } + if (IS_FIELD(KADM_INST,fields)) { + strncpy(new->instance, old->instance, INST_SZ); + SET_FIELD(KADM_INST, new->fields); + } + if (IS_FIELD(KADM_EXPDATE,fields)) { + new->exp_date = old->exp_date; + SET_FIELD(KADM_EXPDATE, new->fields); + } + if (IS_FIELD(KADM_ATTR,fields)) { + new->attributes = old->attributes; + SET_FIELD(KADM_ATTR, new->fields); + } + if (IS_FIELD(KADM_MAXLIFE,fields)) { + new->max_life = old->max_life; + SET_FIELD(KADM_MAXLIFE, new->fields); + } + if (IS_FIELD(KADM_DESKEY,fields)) { + new->key_low = old->key_low; + new->key_high = old->key_high; + SET_FIELD(KADM_DESKEY, new->fields); + } +} + +void +kadm_vals_to_prin(u_char *fields, Principal *new, Kadm_vals *old) +{ + + memset(new, 0, sizeof(*new)); + if (IS_FIELD(KADM_NAME,fields)) + strncpy(new->name, old->name, ANAME_SZ); + if (IS_FIELD(KADM_INST,fields)) + strncpy(new->instance, old->instance, INST_SZ); + if (IS_FIELD(KADM_EXPDATE,fields)) + new->exp_date = old->exp_date; + if (IS_FIELD(KADM_ATTR,fields)) + new->attributes = old->attributes; + if (IS_FIELD(KADM_MAXLIFE,fields)) + new->max_life = old->max_life; + if (IS_FIELD(KADM_DESKEY,fields)) { + new->key_low = old->key_low; + new->key_high = old->key_high; + } +} diff --git a/crypto/kerberosIV/lib/kafs/Makefile.in b/crypto/kerberosIV/lib/kafs/Makefile.in new file mode 100644 index 0000000..e9c9121 --- /dev/null +++ b/crypto/kerberosIV/lib/kafs/Makefile.in @@ -0,0 +1,90 @@ +# +# $Id: Makefile.in,v 1.30 1997/05/06 03:47:35 assar Exp $ +# + +SHELL = /bin/sh + +srcdir = @srcdir@ +VPATH = @srcdir@ + +CC = @CC@ +AR = ar +RANLIB = @RANLIB@ +DEFS = @DEFS@ -DLIBDIR='"$(libdir)"' +CFLAGS = @CFLAGS@ + +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +MKINSTALLDIRS = @top_srcdir@/mkinstalldirs + +prefix = @prefix@ +exec_prefix = @exec_prefix@ +libdir = @libdir@ + +PICFLAGS = @PICFLAGS@ + +LIBNAME = $(LIBPREFIX)kafs +LIBEXT = @LIBEXT@ +SHLIBEXT = @SHLIBEXT@ +LIBPREFIX = @LIBPREFIX@ +LDSHARED = @LDSHARED@ +AFS_EXTRA_LIBS = @AFS_EXTRA_LIBS@ +LIB = $(LIBNAME).$(LIBEXT) $(AFS_EXTRA_LIBS) + +SOURCES = afssys.c afskrb.c afslib.c + +OBJECTS = afssys.o afskrb.o + +all: $(LIB) + +Wall: + make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" + +.c.o: + $(CC) -c $(CPPFLAGS) $(DEFS) -I../../include -I$(srcdir) $(CFLAGS) $(PICFLAGS) $< + +install: all + $(MKINSTALLDIRS) $(libdir) + $(INSTALL_DATA) -m 0555 $(LIB) $(libdir) + +uninstall: + rm -f $(libdir)/$(LIB) + +TAGS: $(SOURCES) + etags $(SOURCES) + +check: + +clean: + rm -f $(LIB) *.o *.a + +mostlyclean: clean + +distclean: clean + rm -f Makefile *.tab.c *~ + +realclean: distclean + rm -f TAGS + +dist: $(DISTFILES) + for file in $(DISTFILES); do \ + ln $$file ../`cat ../.fname`/lib \ + || cp -p $$file ../`cat ../.fname`/lib; \ + done + +$(LIBNAME).a: $(OBJECTS) @AFS_EXTRA_OBJS@ + rm -f $@ + $(AR) cr $@ $(OBJECTS) @AFS_EXTRA_OBJS@ + -$(RANLIB) $@ + + +$(LIBNAME).$(SHLIBEXT): $(OBJECTS) + rm -f $@ + $(LDSHARED) -o $@ $(OBJECTS) + +# AIX: this almost works with gcc, but somehow it fails to use the +# correct ld, use ld instead +afslib.so: afslib.o + ld -o $@ -bM:SRE -bI:$(srcdir)/afsl.exp -bE:$(srcdir)/afslib.exp -bnoentry afslib.o + +$(OBJECTS): ../../include/config.h diff --git a/crypto/kerberosIV/lib/kafs/afskrb.c b/crypto/kerberosIV/lib/kafs/afskrb.c new file mode 100644 index 0000000..d979ac5 --- /dev/null +++ b/crypto/kerberosIV/lib/kafs/afskrb.c @@ -0,0 +1,373 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kafs_locl.h" + +RCSID("$Id: afskrb.c,v 1.6 1997/05/26 17:38:24 bg Exp $"); + +#define AUTH_SUPERUSER "afs" + +/* + * Here only ASCII characters are relevant. + */ + +#define IsAsciiLower(c) ('a' <= (c) && (c) <= 'z') + +#define ToAsciiUpper(c) ((c) - 'a' + 'A') + +static void +foldup(char *a, const char *b) +{ + for (; *b; a++, b++) + if (IsAsciiLower(*b)) + *a = ToAsciiUpper(*b); + else + *a = *b; + *a = '\0'; +} + +static int +get_cred(const char *princ, const char *inst, const char *krealm, + CREDENTIALS *c, KTEXT_ST *tkt) +{ + int k_errno = krb_get_cred((char*)princ, (char*)inst, (char*)krealm, c); + + if (k_errno != KSUCCESS) + { + k_errno = krb_mk_req(tkt, (char*)princ, (char*)inst, (char*)krealm, 0); + if (k_errno == KSUCCESS) + k_errno = krb_get_cred((char*)princ, (char*)inst, (char*)krealm, c); + } + return k_errno; +} + + +/* Convert a string to a 32 bit ip number in network byte order. + Return 0 on error + */ + +static u_int32_t +ip_aton(char *ip) +{ + u_int32_t addr; + unsigned int a, b, c, d; + + if(sscanf(ip, "%u.%u.%u.%u", &a, &b, &c, &d) != 4) + return 0; + if((a | b | c | d) > 255) + return 0; + addr = (a << 24) | (b << 16) | (c << 8) | d; + addr = htonl(addr); + return addr; +} + +/* Try to get a db-server for an AFS cell from a AFSDB record */ + +static int +dns_find_cell(const char *cell, char *dbserver) +{ + struct dns_reply *r; + int ok = -1; + r = dns_lookup(cell, "afsdb"); + if(r){ + struct resource_record *rr = r->head; + while(rr){ + if(rr->type == T_AFSDB && rr->u.afsdb->preference == 1){ + strncpy(dbserver, rr->u.afsdb->domain, MaxHostNameLen); + dbserver[MaxHostNameLen - 1] = 0; + ok = 0; + break; + } + rr = rr->next; + } + dns_free_data(r); + } + return ok; +} + + +/* Find the realm associated with cell. Do this by opening + /usr/vice/etc/CellServDB and getting the realm-of-host for the + first VL-server for the cell. + + This does not work when the VL-server is living in one cell, but + the cell it is serving is living in another cell. + */ + +static char* +realm_of_cell(const char *cell) +{ + FILE *F; + char buf[1024]; + u_int32_t addr; + struct hostent *hp; + char *realm = NULL; + + if((F = fopen(_PATH_CELLSERVDB, "r"))){ + while(fgets(buf, sizeof(buf), F)){ + if(buf[0] != '>') + continue; + if(strncmp(buf + 1, cell, strlen(cell)) == 0){ + if(fgets(buf, sizeof(buf), F) == NULL) + break; + addr = ip_aton(buf); + if(addr == 0) + break; + hp = gethostbyaddr((char*)&addr, 4, AF_INET); + if(hp == NULL) + break; + strncpy (buf, hp->h_name, sizeof(buf)); + buf[sizeof(buf) - 1] = '\0'; + realm = krb_realmofhost(buf); + break; + } + } + fclose(F); + } + if(realm == NULL){ + if(dns_find_cell(cell, buf) == 0) + realm = krb_realmofhost(buf); + } + return realm; +} + +/* + * Get tokens for all cells[] + */ +static int +k_afslog_cells(char *cells[], int max, const char *krealm, uid_t uid) +{ + int err = KSUCCESS; + int i; + for(i = 0; i < max; i++) + err = k_afsklog_uid(cells[i], krealm, uid); + return err; +} + +/* + * Try to find the cells we should try to klog to in "file". + */ +static void +k_find_cells(char *file, char *cells[], int size, int *index) +{ + FILE *f; + char cell[64]; + int i; + f = fopen(file, "r"); + if (f == NULL) + return; + while (*index < size && fgets(cell, sizeof(cell), f)) { + char *nl = strchr(cell, '\n'); + if (nl) *nl = 0; + for(i = 0; i < *index; i++) + if(strcmp(cells[i], cell) == 0) + break; + if(i == *index) + cells[(*index)++] = strdup(cell); + } + fclose(f); +} + +static int +k_afsklog_all_local_cells(const char *krealm, uid_t uid) +{ + int err; + char *cells[32]; /* XXX */ + int num_cells = sizeof(cells) / sizeof(cells[0]); + int index = 0; + + char *p; + + if ((p = getenv("HOME"))) { + char home[MaxPathLen]; + + if (k_concat(home, sizeof(home), p, "/.TheseCells", NULL) == 0) + k_find_cells(home, cells, num_cells, &index); + } + k_find_cells(_PATH_THESECELLS, cells, num_cells, &index); + k_find_cells(_PATH_THISCELL, cells, num_cells, &index); + + err = k_afslog_cells(cells, index, krealm, uid); + while(index > 0) + free(cells[--index]); + return err; +} + +int +k_afsklog_uid(const char *cell, const char *krealm, uid_t uid) +{ + int k_errno; + CREDENTIALS c; + KTEXT_ST ticket; + char realm[REALM_SZ]; + char *vl_realm; /* realm of vl-server */ + char *lrealm; /* local realm */ + char CELL[64]; + + if (cell == 0 || cell[0] == 0) + return k_afsklog_all_local_cells (krealm, uid); + foldup(CELL, cell); + + k_errno = krb_get_lrealm(realm , 0); + if(k_errno == KSUCCESS && (krealm == NULL || strcmp(krealm, realm))) + lrealm = realm; + else + lrealm = NULL; + + /* We're about to find the the realm that holds the key for afs in + * the specified cell. The problem is that null-instance + * afs-principals are common and that hitting the wrong realm might + * yield the wrong afs key. The following assumptions were made. + * + * Any realm passed to us is preferred. + * + * If there is a realm with the same name as the cell, it is most + * likely the correct realm to talk to. + * + * In most (maybe even all) cases the database servers of the cell + * will live in the realm we are looking for. + * + * Try the local realm, but if the previous cases fail, this is + * really a long shot. + * + */ + + /* comments on the ordering of these tests */ + + /* If the user passes a realm, she probably knows something we don't + * know and we should try afs@krealm (otherwise we're talking with a + * blondino and she might as well have it.) + */ + + k_errno = -1; + if(krealm){ + k_errno = get_cred(AUTH_SUPERUSER, cell, krealm, &c, &ticket); + if(k_errno) + k_errno = get_cred(AUTH_SUPERUSER, "", krealm, &c, &ticket); + } + + if(k_errno) + k_errno = get_cred(AUTH_SUPERUSER, cell, CELL, &c, &ticket); + if(k_errno) + k_errno = get_cred(AUTH_SUPERUSER, "", CELL, &c, &ticket); + + /* this might work in some conditions */ + if(k_errno && (vl_realm = realm_of_cell(cell))){ + k_errno = get_cred(AUTH_SUPERUSER, cell, vl_realm, &c, &ticket); + if(k_errno) + k_errno = get_cred(AUTH_SUPERUSER, "", vl_realm, &c, &ticket); + } + + if(k_errno && lrealm){ + k_errno = get_cred(AUTH_SUPERUSER, cell, lrealm, &c, &ticket); +#if 0 + /* this is most likely never right anyway, but won't fail */ + if(k_errno) + k_errno = get_cred(AUTH_SUPERUSER, "", lrealm, &c, &ticket); +#endif + } + + if (k_errno == KSUCCESS) + { + struct ViceIoctl parms; + struct ClearToken ct; + int32_t sizeof_x; + char buf[2048], *t; + + /* + * Build a struct ClearToken + */ + ct.AuthHandle = c.kvno; + memcpy (ct.HandShakeKey, c.session, sizeof(c.session)); + ct.ViceId = uid; /* is this always valid? */ + ct.BeginTimestamp = 1 + c.issue_date; + ct.EndTimestamp = krb_life_to_time(c.issue_date, c.lifetime); + +#define ODD(x) ((x) & 1) + /* If we don't know the numerical ID lifetime should be even? */ + if (uid == 0 && ODD(ct.EndTimestamp - ct.BeginTimestamp)) + ct.BeginTimestamp--; + + t = buf; + /* + * length of secret token followed by secret token + */ + sizeof_x = c.ticket_st.length; + memcpy(t, &sizeof_x, sizeof(sizeof_x)); + t += sizeof(sizeof_x); + memcpy(t, c.ticket_st.dat, sizeof_x); + t += sizeof_x; + /* + * length of clear token followed by clear token + */ + sizeof_x = sizeof(ct); + memcpy(t, &sizeof_x, sizeof(sizeof_x)); + t += sizeof(sizeof_x); + memcpy(t, &ct, sizeof_x); + t += sizeof_x; + + /* + * do *not* mark as primary cell + */ + sizeof_x = 0; + memcpy(t, &sizeof_x, sizeof(sizeof_x)); + t += sizeof(sizeof_x); + /* + * follow with cell name + */ + sizeof_x = strlen(cell) + 1; + memcpy(t, cell, sizeof_x); + t += sizeof_x; + + /* + * Build argument block + */ + parms.in = buf; + parms.in_size = t - buf; + parms.out = 0; + parms.out_size = 0; + k_pioctl(0, VIOCSETTOK, &parms, 0); + } + return k_errno; +} + +int +k_afsklog(const char *cell, const char *krealm) +{ + return k_afsklog_uid (cell, krealm, getuid()); +} diff --git a/crypto/kerberosIV/lib/kafs/afsl.exp b/crypto/kerberosIV/lib/kafs/afsl.exp new file mode 100644 index 0000000..4d2b00e --- /dev/null +++ b/crypto/kerberosIV/lib/kafs/afsl.exp @@ -0,0 +1,6 @@ +#!/unix + +* This mumbo jumbo creates entry points to syscalls in _AIX + +lpioctl syscall +lsetpag syscall diff --git a/crypto/kerberosIV/lib/kafs/afslib.c b/crypto/kerberosIV/lib/kafs/afslib.c new file mode 100644 index 0000000..12779bc --- /dev/null +++ b/crypto/kerberosIV/lib/kafs/afslib.c @@ -0,0 +1,60 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* + * This file is only used with AIX + */ + +#include "kafs_locl.h" + +RCSID("$Id: afslib.c,v 1.5 1997/04/20 13:21:15 joda Exp $"); + +int +aix_pioctl(char *a_path, + int o_opcode, + struct ViceIoctl *a_paramsP, + int a_followSymlinks) +{ + return lpioctl(a_path, o_opcode, a_paramsP, a_followSymlinks); +} + +int +aix_setpag(void) +{ + return lsetpag(); +} diff --git a/crypto/kerberosIV/lib/kafs/afslib.exp b/crypto/kerberosIV/lib/kafs/afslib.exp new file mode 100644 index 0000000..f288717 --- /dev/null +++ b/crypto/kerberosIV/lib/kafs/afslib.exp @@ -0,0 +1,3 @@ +#! +aix_pioctl +aix_setpag diff --git a/crypto/kerberosIV/lib/kafs/afssys.c b/crypto/kerberosIV/lib/kafs/afssys.c new file mode 100644 index 0000000..741225c --- /dev/null +++ b/crypto/kerberosIV/lib/kafs/afssys.c @@ -0,0 +1,293 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kafs_locl.h" + +RCSID("$Id: afssys.c,v 1.53 1997/05/04 02:30:41 assar Exp $"); + +/* Magic to get AIX syscalls to work */ +#ifdef _AIX + +static int (*Pioctl)(char*, int, void*, int); +static int (*Setpag)(void); + +#include "dlfcn.h" + +static int +isSuid() +{ + int uid = getuid(); + int gid = getgid(); + int euid = getegid(); + int egid = getegid(); + return (uid != euid) || (gid != egid); +} + +static int +aix_setup(void) +{ +#ifdef STATIC_AFS_SYSCALLS + Pioctl = aix_pioctl; + Setpag = aix_setpag; +#else + void *ptr; + char path[MaxPathLen], *p; + /* + * If we are root or running setuid don't trust AFSLIBPATH! + */ + if (getuid() != 0 && !isSuid() && (p = getenv("AFSLIBPATH")) != NULL) + strcpy(path, p); + else + snprintf(path, sizeof(path), "%s/afslib.so", LIBDIR); + + ptr = dlopen(path, 0); + if(ptr){ + Setpag = (int (*)(void))dlsym(ptr, "aix_setpag"); + Pioctl = (int (*)(char*, int, void*, int))dlsym(ptr, "aix_pioctl"); + } +#endif +} +#endif /* _AIX */ + +#define NO_ENTRY_POINT 0 +#define SINGLE_ENTRY_POINT 1 +#define MULTIPLE_ENTRY_POINT 2 +#define SINGLE_ENTRY_POINT2 3 +#define SINGLE_ENTRY_POINT3 4 +#define AIX_ENTRY_POINTS 5 +#define UNKNOWN_ENTRY_POINT 6 +static int afs_entry_point = UNKNOWN_ENTRY_POINT; +static int afs_syscalls[2]; + + +int +k_pioctl(char *a_path, + int o_opcode, + struct ViceIoctl *a_paramsP, + int a_followSymlinks) +{ +#ifndef NO_AFS + switch(afs_entry_point){ +#if defined(AFS_SYSCALL) || defined(AFS_SYSCALL2) || defined(AFS_SYSCALL3) + case SINGLE_ENTRY_POINT: + case SINGLE_ENTRY_POINT2: + case SINGLE_ENTRY_POINT3: + return syscall(afs_syscalls[0], AFSCALL_PIOCTL, + a_path, o_opcode, a_paramsP, a_followSymlinks); +#endif +#if defined(AFS_PIOCTL) + case MULTIPLE_ENTRY_POINT: + return syscall(afs_syscalls[0], + a_path, o_opcode, a_paramsP, a_followSymlinks); +#endif +#ifdef _AIX + case AIX_ENTRY_POINTS: + return Pioctl(a_path, o_opcode, a_paramsP, a_followSymlinks); +#endif + } + + errno = ENOSYS; +#ifdef SIGSYS + kill(getpid(), SIGSYS); /* You loose! */ +#endif +#endif /* NO_AFS */ + return -1; +} + +int +k_afs_cell_of_file(const char *path, char *cell, int len) +{ + struct ViceIoctl parms; + parms.in = NULL; + parms.in_size = 0; + parms.out = cell; + parms.out_size = len; + return k_pioctl((char*)path, VIOC_FILE_CELL_NAME, &parms, 1); +} + +int +k_unlog(void) +{ + struct ViceIoctl parms; + memset(&parms, 0, sizeof(parms)); + return k_pioctl(0, VIOCUNLOG, &parms, 0); +} + +int +k_setpag(void) +{ +#ifndef NO_AFS + switch(afs_entry_point){ +#if defined(AFS_SYSCALL) || defined(AFS_SYSCALL2) || defined(AFS_SYSCALL3) + case SINGLE_ENTRY_POINT: + case SINGLE_ENTRY_POINT2: + case SINGLE_ENTRY_POINT3: + return syscall(afs_syscalls[0], AFSCALL_SETPAG); +#endif +#if defined(AFS_PIOCTL) + case MULTIPLE_ENTRY_POINT: + return syscall(afs_syscalls[1]); +#endif +#ifdef _AIX + case AIX_ENTRY_POINTS: + return Setpag(); +#endif + } + + errno = ENOSYS; +#ifdef SIGSYS + kill(getpid(), SIGSYS); /* You loose! */ +#endif +#endif /* NO_AFS */ + return -1; +} + +static jmp_buf catch_SIGSYS; + +#ifdef SIGSYS + +static RETSIGTYPE +SIGSYS_handler(int sig) +{ + errno = 0; + signal(SIGSYS, SIGSYS_handler); /* Need to reinstall handler on SYSV */ + longjmp(catch_SIGSYS, 1); +} + +#endif + +int +k_hasafs(void) +{ + int saved_errno; + RETSIGTYPE (*saved_func)(); + struct ViceIoctl parms; + + /* + * Already checked presence of AFS syscalls? + */ + if (afs_entry_point != UNKNOWN_ENTRY_POINT) + return afs_entry_point != NO_ENTRY_POINT; + + /* + * Probe kernel for AFS specific syscalls, + * they (currently) come in two flavors. + * If the syscall is absent we recive a SIGSYS. + */ + afs_entry_point = NO_ENTRY_POINT; + memset(&parms, 0, sizeof(parms)); + + saved_errno = errno; +#ifndef NO_AFS +#ifdef SIGSYS + saved_func = signal(SIGSYS, SIGSYS_handler); +#endif + +#ifdef AFS_SYSCALL + if (setjmp(catch_SIGSYS) == 0) + { + syscall(AFS_SYSCALL, AFSCALL_PIOCTL, + 0, VIOCSETTOK, &parms, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0); + if (errno == EINVAL) + { + afs_entry_point = SINGLE_ENTRY_POINT; + afs_syscalls[0] = AFS_SYSCALL; + goto done; + } + } +#endif /* AFS_SYSCALL */ + +#ifdef AFS_PIOCTL + if (setjmp(catch_SIGSYS) == 0) + { + syscall(AFS_PIOCTL, + 0, VIOCSETTOK, &parms, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0); + if (errno == EINVAL) + { + afs_entry_point = MULTIPLE_ENTRY_POINT; + afs_syscalls[0] = AFS_PIOCTL; + afs_syscalls[1] = AFS_SETPAG; + goto done; + } + } +#endif /* AFS_PIOCTL */ + +#ifdef AFS_SYSCALL2 + if (setjmp(catch_SIGSYS) == 0) + { + syscall(AFS_SYSCALL2, AFSCALL_PIOCTL, + 0, VIOCSETTOK, &parms, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0); + if (errno == EINVAL) + { + afs_entry_point = SINGLE_ENTRY_POINT2; + afs_syscalls[0] = AFS_SYSCALL2; + goto done; + } + } +#endif /* AFS_SYSCALL */ + +#ifdef AFS_SYSCALL3 + if (setjmp(catch_SIGSYS) == 0) + { + syscall(AFS_SYSCALL3, AFSCALL_PIOCTL, + 0, VIOCSETTOK, &parms, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0); + if (errno == EINVAL) + { + afs_entry_point = SINGLE_ENTRY_POINT3; + afs_syscalls[0] = AFS_SYSCALL3; + goto done; + } + } +#endif /* AFS_SYSCALL */ + +#ifdef _AIX + aix_setup(); + if(Pioctl != NULL && Setpag != NULL){ + afs_entry_point = AIX_ENTRY_POINTS; + goto done; + } +#endif + +done: +#ifdef SIGSYS + signal(SIGSYS, saved_func); +#endif +#endif /* NO_AFS */ + errno = saved_errno; + return afs_entry_point != NO_ENTRY_POINT; +} diff --git a/crypto/kerberosIV/lib/kafs/afssysdefs.h b/crypto/kerberosIV/lib/kafs/afssysdefs.h new file mode 100644 index 0000000..028f9b3 --- /dev/null +++ b/crypto/kerberosIV/lib/kafs/afssysdefs.h @@ -0,0 +1,87 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: afssysdefs.h,v 1.15 1997/04/01 08:18:12 joda Exp $ */ + +/* + * This section is for machines using single entry point AFS syscalls! + * and/or + * This section is for machines using multiple entry point AFS syscalls! + * + * SunOS 4 is an example of single entry point and sgi of multiple + * entry point syscalls. + */ + +#if SunOS == 4 +#define AFS_SYSCALL 31 +#endif + +#if SunOS == 5 +#define AFS_SYSCALL 105 +#endif + +#if defined(__hpux) +#define AFS_SYSCALL 50 +#define AFS_SYSCALL2 49 +#endif + +#if defined(_AIX) +/* _AIX is too weird */ +#endif + +#if defined(__sgi) +#define AFS_PIOCTL (64+1000) +#define AFS_SETPAG (65+1000) +#endif + +#if defined(__osf__) +#define AFS_SYSCALL 232 +#define AFS_SYSCALL2 258 +#endif + +#if defined(__ultrix) +#define AFS_SYSCALL 31 +#endif + +#if defined(__NetBSD__) +#define AFS_SYSCALL 210 +#endif + +#ifdef SYS_afs_syscall +#define AFS_SYSCALL3 SYS_afs_syscall +#endif diff --git a/crypto/kerberosIV/lib/kafs/dlfcn.c b/crypto/kerberosIV/lib/kafs/dlfcn.c new file mode 100644 index 0000000..3f4de92 --- /dev/null +++ b/crypto/kerberosIV/lib/kafs/dlfcn.c @@ -0,0 +1,570 @@ +/* + * @(#)dlfcn.c 1.11 revision of 96/04/10 20:12:51 + * This is an unpublished work copyright (c) 1992 HELIOS Software GmbH + * 30159 Hannover, Germany + */ + +/* + * Changes marked with `--jwe' were made on April 7 1996 by John W. Eaton + * <jwe@bevo.che.wisc.edu> to support g++ and/or use with Octave. + */ + +/* + * This makes my life easier with Octave. --jwe + */ +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + +#include <stdio.h> +#include <errno.h> +#include <string.h> +#include <stdlib.h> +#include <sys/types.h> +#include <sys/ldr.h> +#include <a.out.h> +#include <ldfcn.h> +#include "dlfcn.h" + +/* + * We simulate dlopen() et al. through a call to load. Because AIX has + * no call to find an exported symbol we read the loader section of the + * loaded module and build a list of exported symbols and their virtual + * address. + */ + +typedef struct { + char *name; /* the symbols's name */ + void *addr; /* its relocated virtual address */ +} Export, *ExportPtr; + +/* + * xlC uses the following structure to list its constructors and + * destructors. This is gleaned from the output of munch. + */ +typedef struct { + void (*init)(void); /* call static constructors */ + void (*term)(void); /* call static destructors */ +} Cdtor, *CdtorPtr; + +typedef void (*GccCDtorPtr)(void); + +/* + * The void * handle returned from dlopen is actually a ModulePtr. + */ +typedef struct Module { + struct Module *next; + char *name; /* module name for refcounting */ + int refCnt; /* the number of references */ + void *entry; /* entry point from load */ + struct dl_info *info; /* optional init/terminate functions */ + CdtorPtr cdtors; /* optional C++ constructors */ + GccCDtorPtr gcc_ctor; /* g++ constructors --jwe */ + GccCDtorPtr gcc_dtor; /* g++ destructors --jwe */ + int nExports; /* the number of exports found */ + ExportPtr exports; /* the array of exports */ +} Module, *ModulePtr; + +/* + * We keep a list of all loaded modules to be able to call the fini + * handlers and destructors at atexit() time. + */ +static ModulePtr modList; + +/* + * The last error from one of the dl* routines is kept in static + * variables here. Each error is returned only once to the caller. + */ +static char errbuf[BUFSIZ]; +static int errvalid; + +/* + * The `fixed' gcc header files on AIX 3.2.5 provide a prototype for + * strdup(). --jwe + */ +#ifndef HAVE_STRDUP +extern char *strdup(const char *); +#endif +static void caterr(char *); +static int readExports(ModulePtr); +static void terminate(void); +static void *findMain(void); + +void *dlopen(const char *path, int mode) +{ + ModulePtr mp; + static void *mainModule; + + /* + * Upon the first call register a terminate handler that will + * close all libraries. Also get a reference to the main module + * for use with loadbind. + */ + if (!mainModule) { + if ((mainModule = findMain()) == NULL) + return NULL; + atexit(terminate); + } + /* + * Scan the list of modules if we have the module already loaded. + */ + for (mp = modList; mp; mp = mp->next) + if (strcmp(mp->name, path) == 0) { + mp->refCnt++; + return mp; + } + if ((mp = (ModulePtr)calloc(1, sizeof(*mp))) == NULL) { + errvalid++; + strcpy(errbuf, "calloc: "); + strcat(errbuf, strerror(errno)); + return NULL; + } + if ((mp->name = strdup(path)) == NULL) { + errvalid++; + strcpy(errbuf, "strdup: "); + strcat(errbuf, strerror(errno)); + free(mp); + return NULL; + } + /* + * load should be declared load(const char *...). Thus we + * cast the path to a normal char *. Ugly. + */ + if ((mp->entry = (void *)load((char *)path, L_NOAUTODEFER, NULL)) == NULL) { + free(mp->name); + free(mp); + errvalid++; + strcpy(errbuf, "dlopen: "); + strcat(errbuf, path); + strcat(errbuf, ": "); + /* + * If AIX says the file is not executable, the error + * can be further described by querying the loader about + * the last error. + */ + if (errno == ENOEXEC) { + char *tmp[BUFSIZ/sizeof(char *)]; + if (loadquery(L_GETMESSAGES, tmp, sizeof(tmp)) == -1) + strcpy(errbuf, strerror(errno)); + else { + char **p; + for (p = tmp; *p; p++) + caterr(*p); + } + } else + strcat(errbuf, strerror(errno)); + return NULL; + } + mp->refCnt = 1; + mp->next = modList; + modList = mp; + if (loadbind(0, mainModule, mp->entry) == -1) { + dlclose(mp); + errvalid++; + strcpy(errbuf, "loadbind: "); + strcat(errbuf, strerror(errno)); + return NULL; + } + /* + * If the user wants global binding, loadbind against all other + * loaded modules. + */ + if (mode & RTLD_GLOBAL) { + ModulePtr mp1; + for (mp1 = mp->next; mp1; mp1 = mp1->next) + if (loadbind(0, mp1->entry, mp->entry) == -1) { + dlclose(mp); + errvalid++; + strcpy(errbuf, "loadbind: "); + strcat(errbuf, strerror(errno)); + return NULL; + } + } + if (readExports(mp) == -1) { + dlclose(mp); + return NULL; + } + /* + * If there is a dl_info structure, call the init function. + */ + if (mp->info = (struct dl_info *)dlsym(mp, "dl_info")) { + if (mp->info->init) + (*mp->info->init)(); + } else + errvalid = 0; + /* + * If the shared object was compiled using xlC we will need + * to call static constructors (and later on dlclose destructors). + */ + if (mp->cdtors = (CdtorPtr)dlsym(mp, "__cdtors")) { + CdtorPtr cp = mp->cdtors; + while (cp->init || cp->term) { + if (cp->init && cp->init != (void (*)(void))0xffffffff) + (*cp->init)(); + cp++; + } + /* + * If the shared object was compiled using g++, we will need + * to call global constructors using the _GLOBAL__DI function, + * and later, global destructors using the _GLOBAL_DD + * funciton. --jwe + */ + } else if (mp->gcc_ctor = (GccCDtorPtr)dlsym(mp, "_GLOBAL__DI")) { + (*mp->gcc_ctor)(); + mp->gcc_dtor = (GccCDtorPtr)dlsym(mp, "_GLOBAL__DD"); + } else + errvalid = 0; + return mp; +} + +/* + * Attempt to decipher an AIX loader error message and append it + * to our static error message buffer. + */ +static void caterr(char *s) +{ + char *p = s; + + while (*p >= '0' && *p <= '9') + p++; + switch(atoi(s)) { + case L_ERROR_TOOMANY: + strcat(errbuf, "to many errors"); + break; + case L_ERROR_NOLIB: + strcat(errbuf, "can't load library"); + strcat(errbuf, p); + break; + case L_ERROR_UNDEF: + strcat(errbuf, "can't find symbol"); + strcat(errbuf, p); + break; + case L_ERROR_RLDBAD: + strcat(errbuf, "bad RLD"); + strcat(errbuf, p); + break; + case L_ERROR_FORMAT: + strcat(errbuf, "bad exec format in"); + strcat(errbuf, p); + break; + case L_ERROR_ERRNO: + strcat(errbuf, strerror(atoi(++p))); + break; + default: + strcat(errbuf, s); + break; + } +} + +void *dlsym(void *handle, const char *symbol) +{ + ModulePtr mp = (ModulePtr)handle; + ExportPtr ep; + int i; + + /* + * Could speed up the search, but I assume that one assigns + * the result to function pointers anyways. + */ + for (ep = mp->exports, i = mp->nExports; i; i--, ep++) + if (strcmp(ep->name, symbol) == 0) + return ep->addr; + errvalid++; + strcpy(errbuf, "dlsym: undefined symbol "); + strcat(errbuf, symbol); + return NULL; +} + +char *dlerror(void) +{ + if (errvalid) { + errvalid = 0; + return errbuf; + } + return NULL; +} + +int dlclose(void *handle) +{ + ModulePtr mp = (ModulePtr)handle; + int result; + ModulePtr mp1; + + if (--mp->refCnt > 0) + return 0; + if (mp->info && mp->info->fini) + (*mp->info->fini)(); + if (mp->cdtors) { + CdtorPtr cp = mp->cdtors; + while (cp->init || cp->term) { + if (cp->term && cp->init != (void (*)(void))0xffffffff) + (*cp->term)(); + cp++; + } + /* + * If the function to handle global destructors for g++ + * exists, call it. --jwe + */ + } else if (mp->gcc_dtor) { + (*mp->gcc_dtor)(); + } + result = unload(mp->entry); + if (result == -1) { + errvalid++; + strcpy(errbuf, strerror(errno)); + } + if (mp->exports) { + ExportPtr ep; + int i; + for (ep = mp->exports, i = mp->nExports; i; i--, ep++) + if (ep->name) + free(ep->name); + free(mp->exports); + } + if (mp == modList) + modList = mp->next; + else { + for (mp1 = modList; mp1; mp1 = mp1->next) + if (mp1->next == mp) { + mp1->next = mp->next; + break; + } + } + free(mp->name); + free(mp); + return result; +} + +static void terminate(void) +{ + while (modList) + dlclose(modList); +} + +/* + * Build the export table from the XCOFF .loader section. + */ +static int readExports(ModulePtr mp) +{ + LDFILE *ldp = NULL; + SCNHDR sh, shdata; + LDHDR *lhp; + char *ldbuf; + LDSYM *ls; + int i; + ExportPtr ep; + + if ((ldp = ldopen(mp->name, ldp)) == NULL) { + struct ld_info *lp; + char *buf; + int size = 4*1024; + if (errno != ENOENT) { + errvalid++; + strcpy(errbuf, "readExports: "); + strcat(errbuf, strerror(errno)); + return -1; + } + /* + * The module might be loaded due to the LIBPATH + * environment variable. Search for the loaded + * module using L_GETINFO. + */ + if ((buf = malloc(size)) == NULL) { + errvalid++; + strcpy(errbuf, "readExports: "); + strcat(errbuf, strerror(errno)); + return -1; + } + while ((i = loadquery(L_GETINFO, buf, size)) == -1 && errno == ENOMEM) { + free(buf); + size += 4*1024; + if ((buf = malloc(size)) == NULL) { + errvalid++; + strcpy(errbuf, "readExports: "); + strcat(errbuf, strerror(errno)); + return -1; + } + } + if (i == -1) { + errvalid++; + strcpy(errbuf, "readExports: "); + strcat(errbuf, strerror(errno)); + free(buf); + return -1; + } + /* + * Traverse the list of loaded modules. The entry point + * returned by load() does actually point to the data + * segment origin. + */ + lp = (struct ld_info *)buf; + while (lp) { + if (lp->ldinfo_dataorg == mp->entry) { + ldp = ldopen(lp->ldinfo_filename, ldp); + break; + } + if (lp->ldinfo_next == 0) + lp = NULL; + else + lp = (struct ld_info *)((char *)lp + lp->ldinfo_next); + } + free(buf); + if (!ldp) { + errvalid++; + strcpy(errbuf, "readExports: "); + strcat(errbuf, strerror(errno)); + return -1; + } + } + if (TYPE(ldp) != U802TOCMAGIC) { + errvalid++; + strcpy(errbuf, "readExports: bad magic"); + while(ldclose(ldp) == FAILURE) + ; + return -1; + } + /* + * Get the padding for the data section. This is needed for + * AIX 4.1 compilers. This is used when building the final + * function pointer to the exported symbol. + */ + if (ldnshread(ldp, _DATA, &shdata) != SUCCESS) { + errvalid++; + strcpy(errbuf, "readExports: cannot read data section header"); + while(ldclose(ldp) == FAILURE) + ; + return -1; + } + if (ldnshread(ldp, _LOADER, &sh) != SUCCESS) { + errvalid++; + strcpy(errbuf, "readExports: cannot read loader section header"); + while(ldclose(ldp) == FAILURE) + ; + return -1; + } + /* + * We read the complete loader section in one chunk, this makes + * finding long symbol names residing in the string table easier. + */ + if ((ldbuf = (char *)malloc(sh.s_size)) == NULL) { + errvalid++; + strcpy(errbuf, "readExports: "); + strcat(errbuf, strerror(errno)); + while(ldclose(ldp) == FAILURE) + ; + return -1; + } + if (FSEEK(ldp, sh.s_scnptr, BEGINNING) != OKFSEEK) { + errvalid++; + strcpy(errbuf, "readExports: cannot seek to loader section"); + free(ldbuf); + while(ldclose(ldp) == FAILURE) + ; + return -1; + } + if (FREAD(ldbuf, sh.s_size, 1, ldp) != 1) { + errvalid++; + strcpy(errbuf, "readExports: cannot read loader section"); + free(ldbuf); + while(ldclose(ldp) == FAILURE) + ; + return -1; + } + lhp = (LDHDR *)ldbuf; + ls = (LDSYM *)(ldbuf+LDHDRSZ); + /* + * Count the number of exports to include in our export table. + */ + for (i = lhp->l_nsyms; i; i--, ls++) { + if (!LDR_EXPORT(*ls)) + continue; + mp->nExports++; + } + if ((mp->exports = (ExportPtr)calloc(mp->nExports, sizeof(*mp->exports))) == NULL) { + errvalid++; + strcpy(errbuf, "readExports: "); + strcat(errbuf, strerror(errno)); + free(ldbuf); + while(ldclose(ldp) == FAILURE) + ; + return -1; + } + /* + * Fill in the export table. All entries are relative to + * the entry point we got from load. + */ + ep = mp->exports; + ls = (LDSYM *)(ldbuf+LDHDRSZ); + for (i = lhp->l_nsyms; i; i--, ls++) { + char *symname; + char tmpsym[SYMNMLEN+1]; + if (!LDR_EXPORT(*ls)) + continue; + if (ls->l_zeroes == 0) + symname = ls->l_offset+lhp->l_stoff+ldbuf; + else { + /* + * The l_name member is not zero terminated, we + * must copy the first SYMNMLEN chars and make + * sure we have a zero byte at the end. + */ + strncpy(tmpsym, ls->l_name, SYMNMLEN); + tmpsym[SYMNMLEN] = '\0'; + symname = tmpsym; + } + ep->name = strdup(symname); + ep->addr = (void *)((unsigned long)mp->entry + + ls->l_value - shdata.s_vaddr); + ep++; + } + free(ldbuf); + while(ldclose(ldp) == FAILURE) + ; + return 0; +} + +/* + * Find the main modules entry point. This is used as export pointer + * for loadbind() to be able to resolve references to the main part. + */ +static void * findMain(void) +{ + struct ld_info *lp; + char *buf; + int size = 4*1024; + int i; + void *ret; + + if ((buf = malloc(size)) == NULL) { + errvalid++; + strcpy(errbuf, "findMain: "); + strcat(errbuf, strerror(errno)); + return NULL; + } + while ((i = loadquery(L_GETINFO, buf, size)) == -1 && errno == ENOMEM) { + free(buf); + size += 4*1024; + if ((buf = malloc(size)) == NULL) { + errvalid++; + strcpy(errbuf, "findMain: "); + strcat(errbuf, strerror(errno)); + return NULL; + } + } + if (i == -1) { + errvalid++; + strcpy(errbuf, "findMain: "); + strcat(errbuf, strerror(errno)); + free(buf); + return NULL; + } + /* + * The first entry is the main module. The entry point + * returned by load() does actually point to the data + * segment origin. + */ + lp = (struct ld_info *)buf; + ret = lp->ldinfo_dataorg; + free(buf); + return ret; +} diff --git a/crypto/kerberosIV/lib/kafs/dlfcn.h b/crypto/kerberosIV/lib/kafs/dlfcn.h new file mode 100644 index 0000000..5671e9c --- /dev/null +++ b/crypto/kerberosIV/lib/kafs/dlfcn.h @@ -0,0 +1,46 @@ +/* + * @(#)dlfcn.h 1.4 revision of 95/04/25 09:36:52 + * This is an unpublished work copyright (c) 1992 HELIOS Software GmbH + * 30159 Hannover, Germany + */ + +#ifndef __dlfcn_h__ +#define __dlfcn_h__ + +#ifdef __cplusplus +extern "C" { +#endif + +/* + * Mode flags for the dlopen routine. + */ +#define RTLD_LAZY 1 /* lazy function call binding */ +#define RTLD_NOW 2 /* immediate function call binding */ +#define RTLD_GLOBAL 0x100 /* allow symbols to be global */ + +/* + * To be able to intialize, a library may provide a dl_info structure + * that contains functions to be called to initialize and terminate. + */ +struct dl_info { + void (*init)(void); + void (*fini)(void); +}; + +#if __STDC__ || defined(_IBMR2) +void *dlopen(const char *path, int mode); +void *dlsym(void *handle, const char *symbol); +char *dlerror(void); +int dlclose(void *handle); +#else +void *dlopen(); +void *dlsym(); +char *dlerror(); +int dlclose(); +#endif + +#ifdef __cplusplus +} +#endif + +#endif /* __dlfcn_h__ */ diff --git a/crypto/kerberosIV/lib/kafs/kafs.h b/crypto/kerberosIV/lib/kafs/kafs.h new file mode 100644 index 0000000..b3c53b5 --- /dev/null +++ b/crypto/kerberosIV/lib/kafs/kafs.h @@ -0,0 +1,100 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: kafs.h,v 1.19 1997/05/14 17:41:02 joda Exp $ */ + +#ifndef __KAFS_H +#define __KAFS_H + +#include <ktypes.h> +#include <sys/cdefs.h> +/* sys/ioctl.h must be included manually before kafs.h */ + +/* + */ +#define AFSCALL_PIOCTL 20 +#define AFSCALL_SETPAG 21 + +#ifndef _VICEIOCTL +#define _VICEIOCTL(id) ((unsigned int ) _IOW('V', id, struct ViceIoctl)) +#endif /* _VICEIOCTL */ + +#define VIOCSETTOK _VICEIOCTL(3) +#define VIOCGETTOK _VICEIOCTL(8) +#define VIOCUNLOG _VICEIOCTL(9) +#define VIOC_FILE_CELL_NAME _VICEIOCTL(30) + +struct ViceIoctl { + caddr_t in, out; + short in_size; + short out_size; +}; + +struct ClearToken { + int32_t AuthHandle; + char HandShakeKey[8]; + int32_t ViceId; + int32_t BeginTimestamp; + int32_t EndTimestamp; +}; + +#ifndef __P +#define __P(x) x +#endif + +/* Use k_hasafs() to probe if the machine supports AFS syscalls. + The other functions will generate a SIGSYS if AFS is not supported */ + +int k_hasafs __P((void)); + +int k_afsklog __P((const char *cell, const char *realm)); +int k_afsklog_uid __P((const char *cell, const char *realm, uid_t uid)); +int k_pioctl __P((char *a_path, + int o_opcode, + struct ViceIoctl *a_paramsP, + int a_followSymlinks)); +int k_unlog __P((void)); +int k_setpag __P((void)); +int k_afs_cell_of_file __P((const char *path, char *cell, int len)); + +#define _PATH_VICE "/usr/vice/etc/" +#define _PATH_THISCELL _PATH_VICE "ThisCell" +#define _PATH_CELLSERVDB _PATH_VICE "CellServDB" +#define _PATH_THESECELLS _PATH_VICE "TheseCells" + +#endif /* __KAFS_H */ diff --git a/crypto/kerberosIV/lib/kafs/kafs_locl.h b/crypto/kerberosIV/lib/kafs/kafs_locl.h new file mode 100644 index 0000000..6ada6ab --- /dev/null +++ b/crypto/kerberosIV/lib/kafs/kafs_locl.h @@ -0,0 +1,96 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: kafs_locl.h,v 1.3 1997/05/04 23:04:44 assar Exp $ */ + +#ifndef __KAFS_LOCL_H__ +#define __KAFS_LOCL_H__ + +#include <config.h> +#include <protos.h> + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <signal.h> +#include <setjmp.h> +#include <errno.h> + +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif +#if defined(HAVE_SYS_IOCTL_H) && SunOS != 4 +#include <sys/ioctl.h> +#endif +#ifdef HAVE_SYS_FILIO_H +#include <sys/filio.h> +#endif + +#ifdef HAVE_SYS_SYSCALL_H +#include <sys/syscall.h> +#endif +#ifdef HAVE_SYS_SOCKET_H +#include <sys/socket.h> +#endif +#ifdef HAVE_NETINET_IN_H +#include <netinet/in.h> +#endif +#ifdef HAVE_NETDB_H +#include <netdb.h> +#endif + +#ifdef HAVE_ARPA_NAMESER_H +#include <arpa/nameser.h> +#endif +#ifdef HAVE_RESOLV_H +#include <resolv.h> +#endif +#include <roken.h> + +#include <krb.h> +#include <kafs.h> + +#include <resolve.h> + +#include "afssysdefs.h" + + +#endif /* __KAFS_LOCL_H__ */ diff --git a/crypto/kerberosIV/lib/kdb/Makefile.in b/crypto/kerberosIV/lib/kdb/Makefile.in new file mode 100644 index 0000000..f6fb962 --- /dev/null +++ b/crypto/kerberosIV/lib/kdb/Makefile.in @@ -0,0 +1,83 @@ +# +# $Id: Makefile.in,v 1.25 1997/05/06 03:47:39 assar Exp $ +# + +SHELL = /bin/sh + +srcdir = @srcdir@ +VPATH = @srcdir@ + +CC = @CC@ +AR = ar +RANLIB = @RANLIB@ +DEFS = @DEFS@ +CFLAGS = @CFLAGS@ + +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +MKINSTALLDIRS = @top_srcdir@/mkinstalldirs + +prefix = @prefix@ +exec_prefix = @exec_prefix@ +libdir = @libdir@ + +PICFLAGS = @PICFLAGS@ + +LIBNAME = $(LIBPREFIX)kdb +LIBEXT = @LIBEXT@ +SHLIBEXT = @SHLIBEXT@ +LIBPREFIX = @LIBPREFIX@ +LDSHARED = @LDSHARED@ +LIB = $(LIBNAME).$(LIBEXT) + +SOURCES = krb_cache.c krb_kdb_utils.c copykey.c krb_lib.c krb_dbm.c print_princ.c base64.c + +OBJECTS = krb_cache.o krb_kdb_utils.o copykey.o krb_lib.o krb_dbm.o print_princ.o base64.o + +all: $(LIB) + +Wall: + make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" + +.c.o: + $(CC) -c $(CPPFLAGS) $(DEFS) -I../../include -I$(srcdir) $(CFLAGS) $(PICFLAGS) $< + +install: all + $(MKINSTALLDIRS) $(libdir) + $(INSTALL_DATA) -m 0555 $(LIB) $(libdir) + +uninstall: + rm -f $(libdir)/$(LIB) + +TAGS: $(SOURCES) + etags $(SOURCES) + +check: + +clean: + rm -f $(LIB) *.o *.a + +mostlyclean: clean + +distclean: clean + rm -f Makefile *.tab.c *~ + +realclean: distclean + rm -f TAGS + +dist: $(DISTFILES) + for file in $(DISTFILES); do \ + ln $$file ../`cat ../.fname`/lib \ + || cp -p $$file ../`cat ../.fname`/lib; \ + done + +$(LIBNAME).a: $(OBJECTS) + rm -f $@ + $(AR) cr $@ $(OBJECTS) + -$(RANLIB) $@ + +$(LIBNAME).$(SHLIBEXT): $(OBJECTS) + rm -f $@ + $(LDSHARED) -o $@ $(OBJECTS) + +$(OBJECTS): ../../include/config.h diff --git a/crypto/kerberosIV/lib/kdb/base64.c b/crypto/kerberosIV/lib/kdb/base64.c new file mode 100644 index 0000000..d7e89c4 --- /dev/null +++ b/crypto/kerberosIV/lib/kdb/base64.c @@ -0,0 +1,150 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: base64.c,v 1.7 1997/04/01 08:18:16 joda Exp $"); +#endif + +#include <stdlib.h> +#include <ctype.h> +#include <string.h> +#include "base64.h" + +static char base64[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; + +static int POS(char c) +{ + if(c == '=') return 64; + if(isupper(c)) + return c - 'A'; + if(islower(c)) + return c - 'a' + 26; + if(isdigit(c)) + return c - '0' + 52; + if(c == '+') + return 62; + if(c == '/') + return 63; + return -1; +} + +char *base64_encode(const void *buf, int size) +{ + char *str = (char*)malloc((size+3)*4/3+1); + char *p=str; + unsigned char *q = (unsigned char*)buf; + int i; + int c; + i=0; + while(i<size){ + c=q[i++]; + c*=256; + if(i<size) + c+=q[i]; + i++; + c*=256; + if(i<size) + c+=q[i]; + i++; + p[0]=base64[(c&0x00fc0000) >> 18]; + p[1]=base64[(c&0x0003f000) >> 12]; + p[2]=base64[(c&0x00000fc0) >> 6]; + p[3]=base64[(c&0x0000003f) >> 0]; + if(i>size) + p[3]='='; + if(i>size+1) + p[2]='='; + p+=4; + } + *p=0; + return str; +} + +/* convert string in s to binary data. s should be a multiple of 4 + * bytes long. data should be at least len(s) * 3 / 4 bytes long. + * returns + */ +int base64_decode(char *s, void *data) +{ + char *p; + unsigned char *q; + int n[4]; + + if(strlen(s) % 4) + return -1; + q=(unsigned char*)data; + for(p=s; *p; p+=4){ + n[0] = POS(p[0]); + n[1] = POS(p[1]); + n[2] = POS(p[2]); + n[3] = POS(p[3]); + if((n[0] | n[1] | n[2] | n[3]) < 0) + return -1; + + if(n[0] == 64 || n[1] == 64) + return -1; + if(n[2] == 64 && n[3] < 64) + return -1; + q[0] = (n[0] << 2) + (n[1] >> 4); + if(n[2] < 64){ + q[1] = ((n[1] & 15) << 4) + (n[2] >> 2); + } + if(n[3] < 64){ + q[2] = ((n[2] & 3) << 6) + n[3]; + } + q+=3; + } + q -= (n[2] == 64) + (n[3] == 64); + return q - (unsigned char*)data; +} + +#ifdef TEST +int main(int argc, char **argv) +{ + char str[128]; + char buf[128]; + char *p; + printf("base64_encode(\"%s\") = \"%s\"\n", argv[1], + p=base64_encode(argv[1], strlen(argv[1]))); + printf("base64_decode(\"%s\") = %d", p, base64_decode(p, buf)); + printf(" (\"%s\")\n", buf); + printf("base64_decode(\"%s\") = %d", argv[1], base64_decode(argv[1], buf)); + printf(" (\"%s\")\n", buf); +} +#endif diff --git a/crypto/kerberosIV/lib/kdb/base64.h b/crypto/kerberosIV/lib/kdb/base64.h new file mode 100644 index 0000000..edfb344 --- /dev/null +++ b/crypto/kerberosIV/lib/kdb/base64.h @@ -0,0 +1,47 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: base64.h,v 1.5 1997/04/01 08:18:16 joda Exp $ */ + +#ifndef _BASE64_H_ +#define _BASE64_H_ + +char *base64_encode(const void *buf, int size); +int base64_decode(char *s, void *data); + +#endif diff --git a/crypto/kerberosIV/lib/kdb/copykey.c b/crypto/kerberosIV/lib/kdb/copykey.c new file mode 100644 index 0000000..a78baf7 --- /dev/null +++ b/crypto/kerberosIV/lib/kdb/copykey.c @@ -0,0 +1,55 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kdb_locl.h" + +RCSID("$Id: copykey.c,v 1.10 1997/04/01 08:18:17 joda Exp $"); + +void +copy_from_key(des_cblock in, u_int32_t *lo, u_int32_t *hi) +{ + memcpy(lo, ((char *) in) + 0, 4); + memcpy(hi, ((char *) in) + 4, 4); +} + +void +copy_to_key(u_int32_t *lo, u_int32_t *hi, des_cblock out) +{ + memcpy(((char *)out) + 0, lo, 4); + memcpy(((char *)out) + 4, hi, 4); +} diff --git a/crypto/kerberosIV/lib/kdb/kdb_locl.h b/crypto/kerberosIV/lib/kdb/kdb_locl.h new file mode 100644 index 0000000..fe4d079 --- /dev/null +++ b/crypto/kerberosIV/lib/kdb/kdb_locl.h @@ -0,0 +1,98 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: kdb_locl.h,v 1.9 1997/05/02 14:29:08 assar Exp $ */ + +#ifndef __kdb_locl_h +#define __kdb_locl_h + +#include "config.h" +#include "protos.h" + +#include "base64.h" + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#include <unistd.h> +#include <errno.h> + +#include <sys/types.h> + +#ifdef TIME_WITH_SYS_TIME +#include <sys/time.h> +#include <time.h> +#elif defined(HAVE_SYS_TIME_H) +#include <sys/time.h> +#else +#include <time.h> +#endif + +#include <sys/stat.h> +#include <fcntl.h> +#include <utime.h> +#include <sys/file.h> +#include <roken.h> + +#include <krb.h> +#include <krb_db.h> + +/* --- */ + +/* Globals! */ + +/* Utils */ + +int kerb_db_set_lockmode __P((int)); +void kerb_db_fini __P((void)); +int kerb_db_init __P((void)); +int kerb_db_get_principal __P((char *name, char *, Principal *, unsigned int, int *)); +int kerb_db_get_dba __P((char *, char *, Dba *, unsigned int, int *)); + +void delta_stat __P((DB_stat *, DB_stat *, DB_stat *)); + +int kerb_cache_init __P((void)); +int kerb_cache_get_principal __P((char *name, char *, Principal *, unsigned int)); +int kerb_cache_put_principal __P((Principal *, unsigned int)); +int kerb_cache_get_dba __P((char *, char *, Dba *, unsigned int)); +int kerb_cache_put_dba __P((Dba *, unsigned int)); + +void krb_print_principal __P((Principal *)); + +#endif /* __kdb_locl_h */ diff --git a/crypto/kerberosIV/lib/kdb/kdc.h b/crypto/kerberosIV/lib/kdb/kdc.h new file mode 100644 index 0000000..f404d11 --- /dev/null +++ b/crypto/kerberosIV/lib/kdb/kdc.h @@ -0,0 +1,34 @@ +/* + * $Id: kdc.h,v 1.8 1997/04/01 03:59:05 assar Exp $ + * + * Copyright 1987, 1988 by the Massachusetts Institute of Technology. + * + * For copying and distribution information, please see the file + * <mit-copyright.h>. + * + * Include file for the Kerberos Key Distribution Center. + */ + +#ifndef KDC_DEFS +#define KDC_DEFS + +/* Don't depend on this! */ +#ifndef MKEYFILE +#if 0 +#define MKEYFILE "/var/kerberos/master-key" +#else +#define MKEYFILE "/.k" +#endif +#endif +#ifndef K_LOGFIL +#define K_LOGFIL "/var/log/kpropd.log" +#endif + +#define ONE_MINUTE 60 +#define FIVE_MINUTES (5 * ONE_MINUTE) +#define ONE_HOUR (60 * ONE_MINUTE) +#define ONE_DAY (24 * ONE_HOUR) +#define THREE_DAYS (3 * ONE_DAY) + +#endif /* KDC_DEFS */ + diff --git a/crypto/kerberosIV/lib/kdb/krb_cache.c b/crypto/kerberosIV/lib/kdb/krb_cache.c new file mode 100644 index 0000000..ed4a5b1 --- /dev/null +++ b/crypto/kerberosIV/lib/kdb/krb_cache.c @@ -0,0 +1,189 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + + */ + +/* + * This is where a cache would be implemented, if it were necessary. + */ + +#include "kdb_locl.h" + +RCSID("$Id: krb_cache.c,v 1.6 1997/05/02 10:27:53 joda Exp $"); + +#ifdef DEBUG +extern int debug; +extern long kerb_debug; +#endif +static int init = 0; + +/* + * initialization routine for cache + */ + +int +kerb_cache_init(void) +{ + init = 1; + return (0); +} + +/* + * look up a principal in the cache returns number of principals found + */ + +int +kerb_cache_get_principal(char *serv, char *inst, Principal *principal, unsigned int max) + /* could have wild card */ + /* could have wild card */ + + /* max number of name structs to return */ + +{ + int found = 0; + + if (!init) + kerb_cache_init(); +#ifdef DEBUG + if (kerb_debug & 2) + fprintf(stderr, "cache_get_principal for %s %s max = %d\n", + serv, inst, max); +#endif /* DEBUG */ + +#ifdef DEBUG + if (kerb_debug & 2) { + if (found) { + fprintf(stderr, "cache get %s %s found %s %s sid = %d\n", + serv, inst, principal->name, principal->instance); + } else { + fprintf(stderr, "cache %s %s not found\n", serv, + inst); + } + } +#endif + return (found); +} + +/* + * insert/replace a principal in the cache returns number of principals + * inserted + */ + +int +kerb_cache_put_principal(Principal *principal, unsigned int max) + + /* max number of principal structs to + * insert */ + +{ + u_long i; + int count = 0; + + if (!init) + kerb_cache_init(); + +#ifdef DEBUG + if (kerb_debug & 2) { + fprintf(stderr, "kerb_cache_put_principal max = %d", + max); + } +#endif + + for (i = 0; i < max; i++) { +#ifdef DEBUG + if (kerb_debug & 2) + fprintf(stderr, "\n %s %s", + principal->name, principal->instance); +#endif + /* DO IT */ + count++; + principal++; + } + return count; +} + +/* + * look up a dba in the cache returns number of dbas found + */ + +int +kerb_cache_get_dba(char *serv, char *inst, Dba *dba, unsigned int max) + /* could have wild card */ + /* could have wild card */ + + /* max number of name structs to return */ + +{ + int found = 0; + + if (!init) + kerb_cache_init(); + +#ifdef DEBUG + if (kerb_debug & 2) + fprintf(stderr, "cache_get_dba for %s %s max = %d\n", + serv, inst, max); +#endif + +#ifdef DEBUG + if (kerb_debug & 2) { + if (found) { + fprintf(stderr, "cache get %s %s found %s %s sid = %d\n", + serv, inst, dba->name, dba->instance); + } else { + fprintf(stderr, "cache %s %s not found\n", serv, inst); + } + } +#endif + return (found); +} + +/* + * insert/replace a dba in the cache returns number of dbas inserted + */ + +int +kerb_cache_put_dba(Dba *dba, unsigned int max) + + /* max number of dba structs to insert */ + +{ + u_long i; + int count = 0; + + if (!init) + kerb_cache_init(); +#ifdef DEBUG + if (kerb_debug & 2) { + fprintf(stderr, "kerb_cache_put_dba max = %d", max); + } +#endif + for (i = 0; i < max; i++) { +#ifdef DEBUG + if (kerb_debug & 2) + fprintf(stderr, "\n %s %s", + dba->name, dba->instance); +#endif + /* DO IT */ + count++; + dba++; + } + return count; +} + diff --git a/crypto/kerberosIV/lib/kdb/krb_db.h b/crypto/kerberosIV/lib/kdb/krb_db.h new file mode 100644 index 0000000..1a08b83 --- /dev/null +++ b/crypto/kerberosIV/lib/kdb/krb_db.h @@ -0,0 +1,137 @@ +/* + * $Id: krb_db.h,v 1.15 1996/12/17 20:34:32 assar Exp $ + * + * Copyright 1987, 1988 by the Massachusetts Institute of Technology. + * + * For copying and distribution information, please see the file + * <mit-copyright.h>. + * + * spm Project Athena 8/85 + * + * This file defines data structures for the kerberos + * authentication/authorization database. + * + * They MUST correspond to those defined in *.rel + */ + +#ifndef KRB_DB_DEFS +#define KRB_DB_DEFS + +#include <stdio.h> + +#define KERB_M_NAME "K" /* Kerberos */ +#define KERB_M_INST "M" /* Master */ +#define KERB_DEFAULT_NAME "default" +#define KERB_DEFAULT_INST "" +#ifndef DB_DIR +#define DB_DIR "/var/kerberos" +#endif +#ifndef DBM_FILE +#define DBM_FILE DB_DIR "/principal" +#endif + +/* this also defines the number of queue headers */ +#define KERB_DB_HASH_MODULO 64 + + +/* Arguments to kerb_dbl_lock() */ + +#define KERB_DBL_EXCLUSIVE 1 +#define KERB_DBL_SHARED 0 + +/* arguments to kerb_db_set_lockmode() */ + +#define KERB_DBL_BLOCKING 0 +#define KERB_DBL_NONBLOCKING 1 + +/* arguments to kdb_get_master_key */ + +#define KDB_GET_PROMPT 1 +#define KDB_GET_TWICE 2 + +/* Principal defines the structure of a principal's name */ + +typedef struct { + char name[ANAME_SZ]; + char instance[INST_SZ]; + + u_int32_t key_low; + u_int32_t key_high; + u_int32_t exp_date; + char exp_date_txt[DATE_SZ]; + u_int32_t mod_date; + char mod_date_txt[DATE_SZ]; + u_int16_t attributes; + u_int8_t max_life; + u_int8_t kdc_key_ver; + u_int8_t key_version; + + char mod_name[ANAME_SZ]; + char mod_instance[INST_SZ]; + char *old; /* cast to (Principal *); not in db, + * ptr to old vals */ +} Principal; + +typedef struct { + int32_t cpu; + int32_t elapsed; + int32_t dio; + int32_t pfault; + int32_t t_stamp; + int32_t n_retrieve; + int32_t n_replace; + int32_t n_append; + int32_t n_get_stat; + int32_t n_put_stat; +} DB_stat; + +/* Dba defines the structure of a database administrator */ + +typedef struct { + char name[ANAME_SZ]; + char instance[INST_SZ]; + u_int16_t attributes; + u_int32_t exp_date; + char exp_date_txt[DATE_SZ]; + char *old; /* + * cast to (Dba *); not in db, ptr to + * old vals + */ +} Dba; + +typedef int (*k_iter_proc_t)(void*, Principal*); + +void copy_from_key __P((des_cblock in, u_int32_t *lo, u_int32_t *hi)); +void copy_to_key __P((u_int32_t *lo, u_int32_t *hi, des_cblock out)); + +void kdb_encrypt_key __P((des_cblock *, des_cblock *, des_cblock *, + des_key_schedule, int)); +int kdb_get_master_key __P((int prompt, des_cblock *master_key, + des_key_schedule master_key_sched)); +int kdb_get_new_master_key __P((des_cblock *, des_key_schedule, int)); +int kdb_kstash __P((des_cblock *, char *)); +int kdb_new_get_master_key __P((des_cblock *, des_key_schedule)); +int kdb_new_get_new_master_key __P((des_cblock *key, des_key_schedule schedule, int verify)); +long kdb_verify_master_key __P((des_cblock *, des_key_schedule, FILE *)); +long *kerb_db_begin_update __P((void)); +int kerb_db_create __P((char *db_name)); +int kerb_db_delete_principal (char *name, char *inst); +void kerb_db_end_update __P((long *db)); +int kerb_db_get_dba __P((char *, char *, Dba *, unsigned, int *)); +void kerb_db_get_stat __P((DB_stat *)); +int kerb_db_iterate __P((k_iter_proc_t, void*)); +int kerb_db_put_principal __P((Principal *, unsigned int)); +void kerb_db_put_stat __P((DB_stat *)); +int kerb_db_rename __P((char *, char *)); +int kerb_db_set_lockmode __P((int)); +int kerb_db_set_name __P((char *)); +int kerb_db_update __P((long *db, Principal *principal, unsigned int max)); +int kerb_delete_principal __P((char *name, char *inst)); +void kerb_fini __P((void)); +int kerb_get_dba __P((char *, char *, Dba *, unsigned int, int *)); +time_t kerb_get_db_age __P((void)); +int kerb_get_principal __P((char *, char *, Principal *, unsigned int, int *)); +int kerb_init __P((void)); +int kerb_put_principal __P((Principal *, unsigned int)); + +#endif /* KRB_DB_DEFS */ diff --git a/crypto/kerberosIV/lib/kdb/krb_dbm.c b/crypto/kerberosIV/lib/kdb/krb_dbm.c new file mode 100644 index 0000000..963656a --- /dev/null +++ b/crypto/kerberosIV/lib/kdb/krb_dbm.c @@ -0,0 +1,823 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + + */ + +#include "kdb_locl.h" + +RCSID("$Id: krb_dbm.c,v 1.27 1997/05/02 14:29:09 assar Exp $"); + +#include <xdbm.h> + +#define KERB_DB_MAX_RETRY 5 + +#ifdef DEBUG +extern int debug; +extern long kerb_debug; +extern char *progname; +#endif + +static int init = 0; +static char default_db_name[] = DBM_FILE; +static char *current_db_name = default_db_name; + +static struct timeval timestamp;/* current time of request */ +static int non_blocking = 0; + +/* + * This module contains all of the code which directly interfaces to + * the underlying representation of the Kerberos database; this + * implementation uses a DBM or NDBM indexed "file" (actually + * implemented as two separate files) to store the relations, plus a + * third file as a semaphore to allow the database to be replaced out + * from underneath the KDC server. + */ + +/* + * Locking: + * + * There are two distinct locking protocols used. One is designed to + * lock against processes (the admin_server, for one) which make + * incremental changes to the database; the other is designed to lock + * against utilities (kdb_util, kpropd) which replace the entire + * database in one fell swoop. + * + * The first locking protocol is implemented using flock() in the + * krb_dbl_lock() and krb_dbl_unlock routines. + * + * The second locking protocol is necessary because DBM "files" are + * actually implemented as two separate files, and it is impossible to + * atomically rename two files simultaneously. It assumes that the + * database is replaced only very infrequently in comparison to the time + * needed to do a database read operation. + * + * A third file is used as a "version" semaphore; the modification + * time of this file is the "version number" of the database. + * At the start of a read operation, the reader checks the version + * number; at the end of the read operation, it checks again. If the + * version number changed, or if the semaphore was nonexistant at + * either time, the reader sleeps for a second to let things + * stabilize, and then tries again; if it does not succeed after + * KERB_DB_MAX_RETRY attempts, it gives up. + * + * On update, the semaphore file is deleted (if it exists) before any + * update takes place; at the end of the update, it is replaced, with + * a version number strictly greater than the version number which + * existed at the start of the update. + * + * If the system crashes in the middle of an update, the semaphore + * file is not automatically created on reboot; this is a feature, not + * a bug, since the database may be inconsistant. Note that the + * absence of a semaphore file does not prevent another _update_ from + * taking place later. Database replacements take place automatically + * only on slave servers; a crash in the middle of an update will be + * fixed by the next slave propagation. A crash in the middle of an + * update on the master would be somewhat more serious, but this would + * likely be noticed by an administrator, who could fix the problem and + * retry the operation. + */ + + +/* + * Utility routine: generate name of database file. + */ + +static char *gen_dbsuffix (char *db_name, char *sfx); + +static char * +gen_dbsuffix(char *db_name, char *sfx) +{ + char *dbsuffix; + + if (sfx == NULL) + sfx = ".ok"; + + asprintf (&dbsuffix, "%s%s", db_name, sfx); + return dbsuffix; +} + +static void +decode_princ_key (datum *key, char *name, char *instance); + +static void +decode_princ_key(datum *key, char *name, char *instance) +{ + strncpy(name, key->dptr, ANAME_SZ); + strncpy(instance, (char *)key->dptr + ANAME_SZ, INST_SZ); + name[ANAME_SZ - 1] = '\0'; + instance[INST_SZ - 1] = '\0'; +} + +static void +encode_princ_contents (datum *contents, Principal *principal); + +static void +encode_princ_contents(datum *contents, Principal *principal) +{ + contents->dsize = sizeof(*principal); + contents->dptr = (char *) principal; +} + +static void +decode_princ_contents (datum *contents, Principal *principal) +{ + memcpy(principal, contents->dptr, sizeof(*principal)); +} + +static void +encode_princ_key (datum *key, char *name, char *instance) +{ + static char keystring[ANAME_SZ + INST_SZ]; + + memset(keystring, 0, ANAME_SZ + INST_SZ); + strncpy(keystring, name, ANAME_SZ); + strncpy(&keystring[ANAME_SZ], instance, INST_SZ); + key->dptr = keystring; + key->dsize = ANAME_SZ + INST_SZ; +} + +static int dblfd = -1; /* db LOCK fd */ +static int mylock = 0; +static int inited = 0; + +static int +kerb_dbl_init (void); + +static int +kerb_dbl_init() +{ + if (!inited) { + char *filename = gen_dbsuffix (current_db_name, ".ok"); + if ((dblfd = open(filename, O_RDWR)) < 0) { + fprintf(stderr, "kerb_dbl_init: couldn't open %s\n", filename); + fflush(stderr); + perror("open"); + exit(1); + } + free(filename); + inited++; + } + return (0); +} + +static void +kerb_dbl_fini (void); + +static void +kerb_dbl_fini() +{ + close(dblfd); + dblfd = -1; + inited = 0; + mylock = 0; +} + +static int +kerb_dbl_lock (int mode); + +static int +kerb_dbl_lock(int mode) +{ + int flock_mode; + + if (!inited) + kerb_dbl_init(); + if (mylock) { /* Detect lock call when lock already + * locked */ + fprintf(stderr, "Kerberos locking error (mylock)\n"); + fflush(stderr); + exit(1); + } + switch (mode) { + case KERB_DBL_EXCLUSIVE: + flock_mode = K_LOCK_EX; + break; + case KERB_DBL_SHARED: + flock_mode = K_LOCK_SH; + break; + default: + fprintf(stderr, "invalid lock mode %d\n", mode); + abort(); + } + if (non_blocking) + flock_mode |= K_LOCK_NB; + + if (k_flock(dblfd, flock_mode) < 0) + return errno; + mylock++; + return 0; +} + +static void kerb_dbl_unlock (void); + +static void +kerb_dbl_unlock() +{ + if (!mylock) { /* lock already unlocked */ + fprintf(stderr, "Kerberos database lock not locked when unlocking.\n"); + fflush(stderr); + exit(1); + } + if (k_flock(dblfd, K_LOCK_UN) < 0) { + fprintf(stderr, "Kerberos database lock error. (unlocking)\n"); + fflush(stderr); + perror("k_flock"); + exit(1); + } + mylock = 0; +} + +int +kerb_db_set_lockmode (int mode); + +int +kerb_db_set_lockmode(int mode) +{ + int old = non_blocking; + non_blocking = mode; + return old; +} + +/* + * initialization for data base routines. + */ + +int +kerb_db_init (void); + +int +kerb_db_init() +{ + init = 1; + return (0); +} + +/* + * gracefully shut down database--must be called by ANY program that does + * a kerb_db_init + */ + +void +kerb_db_fini (void); + +void +kerb_db_fini() +{ +} + +/* + * Set the "name" of the current database to some alternate value. + * + * Passing a null pointer as "name" will set back to the default. + * If the alternate database doesn't exist, nothing is changed. + */ + +int +kerb_db_set_name (char *name); + +int +kerb_db_set_name(char *name) +{ + DBM *db; + + if (name == NULL) + name = default_db_name; + db = dbm_open(name, 0, 0); + if (db == NULL) + return errno; + dbm_close(db); + kerb_dbl_fini(); + current_db_name = name; + return 0; +} + +/* + * Return the last modification time of the database. + */ + +time_t +kerb_get_db_age (void); + +time_t +kerb_get_db_age() +{ + struct stat st; + char *okname; + time_t age; + + okname = gen_dbsuffix(current_db_name, ".ok"); + + if (stat (okname, &st) < 0) + age = 0; + else + age = st.st_mtime; + + free (okname); + return age; +} + +/* + * Remove the semaphore file; indicates that database is currently + * under renovation. + * + * This is only for use when moving the database out from underneath + * the server (for example, during slave updates). + */ + +static time_t +kerb_start_update (char *db_name); + +static time_t +kerb_start_update(char *db_name) +{ + char *okname = gen_dbsuffix(db_name, ".ok"); + time_t age = kerb_get_db_age(); + + if (unlink(okname) < 0 + && errno != ENOENT) { + age = -1; + } + free (okname); + return age; +} + +static int +kerb_end_update (char *db_name, time_t age); + +static int +kerb_end_update(char *db_name, time_t age) +{ + int fd; + int retval = 0; + char *new_okname = gen_dbsuffix(db_name, ".ok#"); + char *okname = gen_dbsuffix(db_name, ".ok"); + + fd = open (new_okname, O_CREAT|O_RDWR|O_TRUNC, 0600); + if (fd < 0) + retval = errno; + else { + struct stat st; + struct utimbuf tv; + /* make sure that semaphore is "after" previous value. */ + if (fstat (fd, &st) == 0 + && st.st_mtime <= age) { + tv.actime = st.st_atime; + tv.modtime = age; + /* set times.. */ + utime (new_okname, &tv); + fsync(fd); + } + close(fd); + if (rename (new_okname, okname) < 0) + retval = errno; + } + + free (new_okname); + free (okname); + + return retval; +} + +static time_t +kerb_start_read (void); + +static time_t +kerb_start_read() +{ + return kerb_get_db_age(); +} + +static int kerb_end_read (time_t age); + +static int +kerb_end_read(time_t age) +{ + if (kerb_get_db_age() != age || age == -1) { + return -1; + } + return 0; +} + +/* + * Create the database, assuming it's not there. + */ +int +kerb_db_create(char *db_name) +{ + char *okname = gen_dbsuffix(db_name, ".ok"); + int fd; + int ret = 0; +#ifdef NDBM + DBM *db; + + db = dbm_open(db_name, O_RDWR|O_CREAT|O_EXCL, 0600); + if (db == NULL) + ret = errno; + else + dbm_close(db); +#else + char *dirname = gen_dbsuffix(db_name, ".dir"); + char *pagname = gen_dbsuffix(db_name, ".pag"); + + fd = open(dirname, O_RDWR|O_CREAT|O_EXCL, 0600); + if (fd < 0) + ret = errno; + else { + close(fd); + fd = open (pagname, O_RDWR|O_CREAT|O_EXCL, 0600); + if (fd < 0) + ret = errno; + else + close(fd); + } + if (dbminit(db_name) < 0) + ret = errno; +#endif + if (ret == 0) { + fd = open (okname, O_CREAT|O_RDWR|O_TRUNC, 0600); + if (fd < 0) + ret = errno; + close(fd); + } + return ret; +} + +/* + * "Atomically" rename the database in a way that locks out read + * access in the middle of the rename. + * + * Not perfect; if we crash in the middle of an update, we don't + * necessarily know to complete the transaction the rename, but... + */ + +int +kerb_db_rename(char *from, char *to) +{ +#ifdef HAVE_NEW_DB + char *fromdb = gen_dbsuffix (from, ".db"); + char *todb = gen_dbsuffix (to, ".db"); +#else + char *fromdir = gen_dbsuffix (from, ".dir"); + char *todir = gen_dbsuffix (to, ".dir"); + char *frompag = gen_dbsuffix (from , ".pag"); + char *topag = gen_dbsuffix (to, ".pag"); +#endif + char *fromok = gen_dbsuffix(from, ".ok"); + long trans = kerb_start_update(to); + int ok = 0; + +#ifdef HAVE_NEW_DB + if (rename (fromdb, todb) == 0) { + unlink (fromok); + ok = 1; + } + free (fromdb); + free (todb); +#else + if ((rename (fromdir, todir) == 0) + && (rename (frompag, topag) == 0)) { + unlink (fromok); + ok = 1; + } + free (fromdir); + free (todir); + free (frompag); + free (topag); +#endif + free (fromok); + if (ok) + return kerb_end_update(to, trans); + else + return -1; +} + +int +kerb_db_delete_principal (char *name, char *inst) +{ + DBM *db; + int try; + int done = 0; + int code; + datum key; + + if(!init) + kerb_db_init(); + + for(try = 0; try < KERB_DB_MAX_RETRY; try++){ + if((code = kerb_dbl_lock(KERB_DBL_SHARED)) != 0) + return -1; + + db = dbm_open(current_db_name, O_RDWR, 0600); + if(db == NULL) + return -1; + encode_princ_key(&key, name, inst); + if(dbm_delete(db, key) == 0) + done = 1; + + dbm_close(db); + kerb_dbl_unlock(); + if(done) + break; + if(!non_blocking) + sleep(1); + } + if(!done) + return -1; + return 0; +} + + +/* + * look up a principal in the data base returns number of principals + * found , and whether there were more than requested. + */ + +int +kerb_db_get_principal (char *name, char *inst, Principal *principal, + unsigned int max, int *more) +{ + int found = 0, code; + int wildp, wildi; + datum key, contents; + char testname[ANAME_SZ], testinst[INST_SZ]; + u_long trans; + int try; + DBM *db; + + if (!init) + kerb_db_init(); /* initialize database routines */ + + for (try = 0; try < KERB_DB_MAX_RETRY; try++) { + trans = kerb_start_read(); + + if ((code = kerb_dbl_lock(KERB_DBL_SHARED)) != 0) + return -1; + + db = dbm_open(current_db_name, O_RDONLY, 0600); + + *more = 0; + +#ifdef DEBUG + if (kerb_debug & 2) + fprintf(stderr, + "%s: db_get_principal for %s %s max = %d", + progname, name, inst, max); +#endif + + wildp = !strcmp(name, "*"); + wildi = !strcmp(inst, "*"); + + if (!wildi && !wildp) { /* nothing's wild */ + encode_princ_key(&key, name, inst); + contents = dbm_fetch(db, key); + if (contents.dptr == NULL) { + found = 0; + goto done; + } + decode_princ_contents(&contents, principal); +#ifdef DEBUG + if (kerb_debug & 1) { + fprintf(stderr, "\t found %s %s p_n length %d t_n length %d\n", + principal->name, principal->instance, + strlen(principal->name), + strlen(principal->instance)); + } +#endif + found = 1; + goto done; + } + /* process wild cards by looping through entire database */ + + for (key = dbm_firstkey(db); key.dptr != NULL; + key = dbm_next(db, key)) { + decode_princ_key(&key, testname, testinst); + if ((wildp || !strcmp(testname, name)) && + (wildi || !strcmp(testinst, inst))) { /* have a match */ + if (found >= max) { + *more = 1; + goto done; + } else { + found++; + contents = dbm_fetch(db, key); + decode_princ_contents(&contents, principal); +#ifdef DEBUG + if (kerb_debug & 1) { + fprintf(stderr, + "\tfound %s %s p_n length %d t_n length %d\n", + principal->name, principal->instance, + strlen(principal->name), + strlen(principal->instance)); + } +#endif + principal++; /* point to next */ + } + } + } + + done: + kerb_dbl_unlock(); /* unlock read lock */ + dbm_close(db); + if (kerb_end_read(trans) == 0) + break; + found = -1; + if (!non_blocking) + sleep(1); + } + return (found); +} + +/* Use long * rather than DBM * so that the database structure is private */ + +long * +kerb_db_begin_update(void) +{ + int code; + + gettimeofday(×tamp, NULL); + + if (!init) + kerb_db_init(); + + if ((code = kerb_dbl_lock(KERB_DBL_EXCLUSIVE)) != 0) + return 0; + + return (long *) dbm_open(current_db_name, O_RDWR, 0600); +} + +void +kerb_db_end_update(long *db) +{ + dbm_close((DBM *)db); + kerb_dbl_unlock(); /* unlock database */ +} + +int +kerb_db_update(long *db, Principal *principal, unsigned int max) +{ + int found = 0; + u_long i; + datum key, contents; + +#ifdef DEBUG + if (kerb_debug & 2) + fprintf(stderr, "%s: kerb_db_put_principal max = %d", + progname, max); +#endif + + /* for each one, stuff temps, and do replace/append */ + for (i = 0; i < max; i++) { + encode_princ_contents(&contents, principal); + encode_princ_key(&key, principal->name, principal->instance); + dbm_store((DBM *)db, key, contents, DBM_REPLACE); +#ifdef DEBUG + if (kerb_debug & 1) { + fprintf(stderr, "\n put %s %s\n", + principal->name, principal->instance); + } +#endif + found++; + principal++; /* bump to next struct */ + } + return found; +} + +/* + * Update a name in the data base. Returns number of names + * successfully updated. + */ + +int +kerb_db_put_principal (Principal *principal, unsigned int max); + +int +kerb_db_put_principal(Principal *principal, + unsigned max) + +{ + int found; + long *db; + + db = kerb_db_begin_update(); + if (db == 0) + return -1; + + found = kerb_db_update(db, principal, max); + + kerb_db_end_update(db); + return (found); +} + +void +kerb_db_get_stat (DB_stat *s); + +void +kerb_db_get_stat(DB_stat *s) +{ + gettimeofday(×tamp, NULL); + + s->cpu = 0; + s->elapsed = 0; + s->dio = 0; + s->pfault = 0; + s->t_stamp = timestamp.tv_sec; + s->n_retrieve = 0; + s->n_replace = 0; + s->n_append = 0; + s->n_get_stat = 0; + s->n_put_stat = 0; + /* update local copy too */ +} + +void +kerb_db_put_stat (DB_stat *s); + +void +kerb_db_put_stat(DB_stat *s) +{ +} + +void +delta_stat (DB_stat *a, DB_stat *b, DB_stat *c); + +void +delta_stat(DB_stat *a, DB_stat *b, DB_stat *c) +{ + /* c = a - b then b = a for the next time */ + + c->cpu = a->cpu - b->cpu; + c->elapsed = a->elapsed - b->elapsed; + c->dio = a->dio - b->dio; + c->pfault = a->pfault - b->pfault; + c->t_stamp = a->t_stamp - b->t_stamp; + c->n_retrieve = a->n_retrieve - b->n_retrieve; + c->n_replace = a->n_replace - b->n_replace; + c->n_append = a->n_append - b->n_append; + c->n_get_stat = a->n_get_stat - b->n_get_stat; + c->n_put_stat = a->n_put_stat - b->n_put_stat; + + memcpy(b, a, sizeof(DB_stat)); + return; +} + +/* + * look up a dba in the data base returns number of dbas found , and + * whether there were more than requested. + */ + +int +kerb_db_get_dba (char *dba_name, char *dba_inst, Dba *dba, unsigned int max, int *more); + +int +kerb_db_get_dba(char *dba_name, char *dba_inst, Dba *dba, + unsigned max, + int *more) + /* could have wild card */ + /* could have wild card */ + /* max number of name structs to return */ + /* where there more than 'max' tuples? */ +{ + *more = 0; + return (0); +} + +int +kerb_db_iterate (k_iter_proc_t func, void *arg) +{ + datum key, contents; + Principal *principal; + int code; + DBM *db; + + kerb_db_init(); /* initialize and open the database */ + if ((code = kerb_dbl_lock(KERB_DBL_SHARED)) != 0) + return code; + + db = dbm_open(current_db_name, O_RDONLY, 0600); + + for (key = dbm_firstkey (db); key.dptr != NULL; key = dbm_next(db, key)) { + contents = dbm_fetch (db, key); + /* XXX may not be properly aligned */ + principal = (Principal *) contents.dptr; + if ((code = (*func)(arg, principal)) != 0) + return code; + } + dbm_close(db); + kerb_dbl_unlock(); + return 0; +} diff --git a/crypto/kerberosIV/lib/kdb/krb_kdb_utils.c b/crypto/kerberosIV/lib/kdb/krb_kdb_utils.c new file mode 100644 index 0000000..f321e9f --- /dev/null +++ b/crypto/kerberosIV/lib/kdb/krb_kdb_utils.c @@ -0,0 +1,261 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + + */ + +/* + * Utility routines for Kerberos programs which directly access + * the database. This code was duplicated in too many places + * before I gathered it here. + * + * Jon Rochlis, MIT Telecom, March 1988 + */ + +#include "kdb_locl.h" + +#include <kdc.h> + +RCSID("$Id: krb_kdb_utils.c,v 1.23 1997/05/02 14:29:10 assar Exp $"); + +/* always try /.k for backwards compatibility */ +static char *master_key_files[] = { MKEYFILE, "/.k", NULL }; + +#ifdef HAVE_STRERROR +#define k_strerror(e) strerror(e) +#else +static +char * +k_strerror(int eno) +{ + extern int sys_nerr; + extern char *sys_errlist[]; + + static char emsg[128]; + + if (eno < 0 || eno >= sys_nerr) + snprintf(emsg, sizeof(emsg), "Error %d occurred.", eno); + else + return sys_errlist[eno]; + + return emsg; +} +#endif + +int +kdb_new_get_master_key(des_cblock *key, des_key_schedule schedule) +{ + int kfile; + int i; + char buf[1024]; + + char **mkey; + + for(mkey = master_key_files; *mkey; mkey++){ + kfile = open(*mkey, O_RDONLY); + if(kfile < 0 && errno != ENOENT) + fprintf(stderr, "Failed to open master key file \"%s\": %s\n", + *mkey, + k_strerror(errno)); + if(kfile >= 0) + break; + } + if(*mkey){ + int bytes; + bytes = read(kfile, (char*)key, sizeof(des_cblock)); + close(kfile); + if(bytes == sizeof(des_cblock)){ + des_key_sched(key, schedule); + return 0; + } + fprintf(stderr, "Could only read %d bytes from master key file %s\n", + bytes, *mkey); + }else{ + fprintf(stderr, "No master key file found.\n"); + } + + + i=0; + while(i < 3){ + if(des_read_pw_string(buf, sizeof(buf), "Enter master password: ", 0)) + break; + + /* buffer now contains either an old format master key password or a + * new format base64 encoded master key + */ + + /* try to verify as old password */ + des_string_to_key(buf, key); + des_key_sched(key, schedule); + + if(kdb_verify_master_key(key, schedule, NULL) != -1){ + memset(buf, 0, sizeof(buf)); + return 0; + } + + /* failed test, so must be base64 encoded */ + + if(base64_decode(buf, key) == 8){ + des_key_sched(key, schedule); + if(kdb_verify_master_key(key, schedule, NULL) != -1){ + memset(buf, 0, sizeof(buf)); + return 0; + } + } + + memset(buf, 0, sizeof(buf)); + fprintf(stderr, "Failed to verify master key.\n"); + i++; + } + + /* life sucks */ + fprintf(stderr, "You loose.\n"); + exit(1); +} + +int kdb_new_get_new_master_key(des_cblock *key, des_key_schedule schedule, + int verify) +{ +#ifndef RANDOM_MKEY + des_read_password(key, "\nEnter Kerberos master password: ", verify); + printf ("\n"); +#else + char buf[1024]; + des_generate_random_block (key); + des_key_sched(key, schedule); + + des_read_pw_string(buf, sizeof(buf), "Enter master key seed: ", 0); + des_cbc_cksum((des_cblock*)buf, key, sizeof(buf), schedule, key); + memset(buf, 0, sizeof(buf)); +#endif + des_key_sched(key, schedule); + return 0; +} + +int kdb_get_master_key(int prompt, des_cblock *master_key, + des_key_schedule master_key_sched) +{ + int ask = (prompt == KDB_GET_TWICE); +#ifndef RANDOM_MKEY + ask |= (prompt == KDB_GET_PROMPT); +#endif + + if(ask) + kdb_new_get_new_master_key(master_key, master_key_sched, + prompt == KDB_GET_TWICE); + else + kdb_new_get_master_key(master_key, master_key_sched); + return 0; +} + +int kdb_kstash(des_cblock *master_key, char *file) +{ + int kfile; + kfile = open(file, O_TRUNC | O_RDWR | O_CREAT, 0600); + if (kfile < 0) { + return -1; + } + if (write(kfile, master_key, sizeof(des_cblock)) != sizeof(des_cblock)) { + close(kfile); + return -1; + } + close(kfile); + return 0; +} + +/* The old algorithm used the key schedule as the initial vector which + was byte order depedent ... */ + +void +kdb_encrypt_key (des_cblock (*in), des_cblock (*out), + des_cblock (*master_key), + des_key_schedule master_key_sched, int e_d_flag) +{ + +#ifdef NOENCRYPTION + memcpy(out, in, sizeof(des_cblock)); +#else + des_pcbc_encrypt(in,out,(long)sizeof(des_cblock),master_key_sched,master_key, + e_d_flag); +#endif +} + +/* The caller is reasponsible for cleaning up the master key and sched, + even if we can't verify the master key */ + +/* Returns master key version if successful, otherwise -1 */ + +long +kdb_verify_master_key (des_cblock *master_key, + des_key_schedule master_key_sched, + FILE *out) /* NULL -> no output */ +{ + des_cblock key_from_db; + Principal principal_data[1]; + int n, more = 0; + long master_key_version; + + /* lookup the master key version */ + n = kerb_get_principal(KERB_M_NAME, KERB_M_INST, principal_data, + 1 /* only one please */, &more); + if ((n != 1) || more) { + if (out != (FILE *) NULL) + fprintf(out, + "verify_master_key: %s, %d found.\n", + "Kerberos error on master key version lookup", + n); + return (-1); + } + + master_key_version = (long) principal_data[0].key_version; + + /* set up the master key */ + if (out != (FILE *) NULL) /* should we punt this? */ + fprintf(out, "Current Kerberos master key version is %d.\n", + principal_data[0].kdc_key_ver); + + /* + * now use the master key to decrypt the key in the db, had better + * be the same! + */ + copy_to_key(&principal_data[0].key_low, + &principal_data[0].key_high, + key_from_db); + kdb_encrypt_key (&key_from_db, &key_from_db, + master_key, master_key_sched, DES_DECRYPT); + + /* the decrypted database key had better equal the master key */ + n = memcmp(master_key, key_from_db, sizeof(master_key)); + /* this used to zero the master key here! */ + memset(key_from_db, 0, sizeof(key_from_db)); + memset(principal_data, 0, sizeof (principal_data)); + + if (n && (out != (FILE *) NULL)) { + fprintf(out, "\n\07\07verify_master_key: Invalid master key; "); + fprintf(out, "does not match database.\n"); + } + if(n) + return (-1); + + if (out != (FILE *) NULL) { + fprintf(out, "\nMaster key entered. BEWARE!\07\07\n"); + fflush(out); + } + + return (master_key_version); +} diff --git a/crypto/kerberosIV/lib/kdb/krb_lib.c b/crypto/kerberosIV/lib/kdb/krb_lib.c new file mode 100644 index 0000000..19bf316 --- /dev/null +++ b/crypto/kerberosIV/lib/kdb/krb_lib.c @@ -0,0 +1,259 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + + */ + +#include "kdb_locl.h" + +RCSID("$Id: krb_lib.c,v 1.11 1997/05/07 01:36:08 assar Exp $"); + +#ifdef DEBUG +extern int debug; +extern char *progname; +long kerb_debug; +#endif + +static int init = 0; + +/* + * initialization routine for data base + */ + +int +kerb_init(void) +{ +#ifdef DEBUG + if (!init) { + char *dbg = getenv("KERB_DBG"); + if (dbg) + sscanf(dbg, "%d", &kerb_debug); + init = 1; + } +#endif + kerb_db_init(); + +#ifdef CACHE + kerb_cache_init(); +#endif + + /* successful init, return 0, else errcode */ + return (0); +} + +/* + * finalization routine for database -- NOTE: MUST be called by any + * program using kerb_init. ALSO will have to be modified to finalize + * caches, if they're ever really implemented. + */ + +void +kerb_fini(void) +{ + kerb_db_fini(); +} + + +int +kerb_delete_principal(char *name, char *inst) +{ + int ret; + + if (!init) + kerb_init(); + + ret = kerb_db_delete_principal(name, inst); +#ifdef CACHE + if(ret == 0){ + kerb_cache_delete_principal(name, inst); + } +#endif + return ret; +} + + +/* + * look up a principal in the cache or data base returns number of + * principals found + */ + +int +kerb_get_principal(char *name, char *inst, Principal *principal, + unsigned int max, int *more) + /* could have wild card */ + /* could have wild card */ + + /* max number of name structs to return */ + /* more tuples than room for */ + +{ + int found = 0; +#ifdef CACHE + static int wild = 0; +#endif + if (!init) + kerb_init(); + +#ifdef DEBUG + if (kerb_debug & 1) + fprintf(stderr, "\n%s: kerb_get_principal for %s %s max = %d\n", + progname, name, inst, max); +#endif + + /* + * if this is a request including a wild card, have to go to db + * since the cache may not be exhaustive. + */ + + /* clear the principal area */ + memset(principal, 0, max * sizeof(Principal)); + +#ifdef CACHE + /* + * so check to see if the name contains a wildcard "*" or "?", not + * preceeded by a backslash. + */ + wild = 0; + if (index(name, '*') || index(name, '?') || + index(inst, '*') || index(inst, '?')) + wild = 1; + + if (!wild) { + /* try the cache first */ + found = kerb_cache_get_principal(name, inst, principal, max, more); + if (found) + return (found); + } +#endif + /* If we didn't try cache, or it wasn't there, try db */ + found = kerb_db_get_principal(name, inst, principal, max, more); + /* try to insert principal(s) into cache if it was found */ +#ifdef CACHE + if (found) { + kerb_cache_put_principal(principal, found); + } +#endif + return (found); +} + +/* principals */ +int +kerb_put_principal(Principal *principal, unsigned int n) + + /* number of principal structs to write */ +{ + struct tm *tp; + + /* set mod date */ + principal->mod_date = time((time_t *)0); + /* and mod date string */ + + tp = k_localtime(&principal->mod_date); + snprintf(principal->mod_date_txt, + sizeof(principal->mod_date_txt), + "%4d-%2d-%2d", + tp->tm_year + 1900, + tp->tm_mon + 1, tp->tm_mday); /* January is 0, not 1 */ +#ifdef DEBUG + if (kerb_debug & 1) { + int i; + fprintf(stderr, "\nkerb_put_principal..."); + for (i = 0; i < n; i++) { + krb_print_principal(&principal[i]); + } + } +#endif + /* write database */ + if (kerb_db_put_principal(principal, n) < 0) { +#ifdef DEBUG + if (kerb_debug & 1) + fprintf(stderr, "\n%s: kerb_db_put_principal err", progname); + /* watch out for cache */ +#endif + return -1; + } +#ifdef CACHE + /* write cache */ + if (!kerb_cache_put_principal(principal, n)) { +#ifdef DEBUG + if (kerb_debug & 1) + fprintf(stderr, "\n%s: kerb_cache_put_principal err", progname); +#endif + return -1; + } +#endif + return 0; +} + +int +kerb_get_dba(char *name, char *inst, Dba *dba, unsigned int max, int *more) + /* could have wild card */ + /* could have wild card */ + + /* max number of name structs to return */ + /* more tuples than room for */ + +{ + int found = 0; +#ifdef CACHE + static int wild = 0; +#endif + if (!init) + kerb_init(); + +#ifdef DEBUG + if (kerb_debug & 1) + fprintf(stderr, "\n%s: kerb_get_dba for %s %s max = %d\n", + progname, name, inst, max); +#endif + /* + * if this is a request including a wild card, have to go to db + * since the cache may not be exhaustive. + */ + + /* clear the dba area */ + memset(dba, 0, max * sizeof(Dba)); + +#ifdef CACHE + /* + * so check to see if the name contains a wildcard "*" or "?", not + * preceeded by a backslash. + */ + + wild = 0; + if (index(name, '*') || index(name, '?') || + index(inst, '*') || index(inst, '?')) + wild = 1; + + if (!wild) { + /* try the cache first */ + found = kerb_cache_get_dba(name, inst, dba, max, more); + if (found) + return (found); + } +#endif + /* If we didn't try cache, or it wasn't there, try db */ + found = kerb_db_get_dba(name, inst, dba, max, more); +#ifdef CACHE + /* try to insert dba(s) into cache if it was found */ + if (found) { + kerb_cache_put_dba(dba, found); + } +#endif + return (found); +} diff --git a/crypto/kerberosIV/lib/kdb/print_princ.c b/crypto/kerberosIV/lib/kdb/print_princ.c new file mode 100644 index 0000000..786c5a9 --- /dev/null +++ b/crypto/kerberosIV/lib/kdb/print_princ.c @@ -0,0 +1,48 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + + */ + +#include "kdb_locl.h" + +RCSID("$Id: print_princ.c,v 1.5 1997/05/07 01:37:13 assar Exp $"); + +void +krb_print_principal(Principal *a_n) +{ + struct tm *time_p; + + /* run-time database does not contain string versions */ + time_p = k_localtime(&(a_n->exp_date)); + + fprintf(stderr, + "\n%s %s expires %4d-%2d-%2d %2d:%2d, max_life %d*5 = %d min attr 0x%02x", + a_n->name, a_n->instance, + time_p->tm_year + 1900, + time_p->tm_mon + 1, time_p->tm_mday, + time_p->tm_hour, time_p->tm_min, + a_n->max_life, 5 * a_n->max_life, a_n->attributes); + + fprintf(stderr, + "\n\tkey_ver %d k_low 0x%08lx k_high 0x%08lx akv %d exists %ld\n", + a_n->key_version, (long)a_n->key_low, (long)a_n->key_high, + a_n->kdc_key_ver, (long)a_n->old); + + fflush(stderr); +} diff --git a/crypto/kerberosIV/lib/krb/Makefile.in b/crypto/kerberosIV/lib/krb/Makefile.in new file mode 100644 index 0000000..8b34d65 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/Makefile.in @@ -0,0 +1,269 @@ +# +# $Id: Makefile.in,v 1.74 1997/05/19 03:03:05 assar Exp $ +# + +# Under SunOS-5.x it is necessary to link with -ldes to be binary compatible. +LIBDES=`test -r /usr/lib/libkrb.so.1 && echo "-lresolv -L../des -ldes"; true` + +SHELL = /bin/sh + +srcdir = @srcdir@ +VPATH = @srcdir@ + +CC = @CC@ +AR = ar +RANLIB = @RANLIB@ +LN_S = @LN_S@ +DEFS = @DEFS@ +CFLAGS = @CFLAGS@ +LD_FLAGS = @LD_FLAGS@ +EXECSUFFIX=@EXECSUFFIX@ + +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +MKINSTALLDIRS = @top_srcdir@/mkinstalldirs + +COMPILE_ET = ../../util/et/compile_et$(EXECSUFFIX) -language ansi-c + +prefix = @prefix@ +exec_prefix = @exec_prefix@ +libdir = @libdir@ + +PICFLAGS = @PICFLAGS@ + +PROGS = sizetest$(EXEC_SUFFIX) +LIBNAME = $(LIBPREFIX)krb +LIBEXT = @LIBEXT@ +SHLIBEXT = @SHLIBEXT@ +LIBPREFIX = @LIBPREFIX@ +LDSHARED = @LDSHARED@ +LIB = $(LIBNAME).$(LIBEXT) + +SOURCES = cr_err_reply.c \ + create_auth_reply.c \ + create_ciph.c \ + create_death_packet.c \ + create_ticket.c \ + dest_tkt.c \ + get_in_tkt.c \ + get_svc_in_tkt.c \ + getrealm.c \ + k_localtime.c \ + krb_err_txt.c \ + krb_get_in_tkt.c \ + kuserok.c \ + parse_name.c \ + kntoln.c \ + mk_auth.c \ + krb_check_auth.c \ + mk_err.c \ + mk_safe.c \ + rd_err.c \ + rd_safe.c \ + recvauth.c \ + mk_priv.c \ + rd_req.c \ + decomp_ticket.c \ + lifetime.c \ + month_sname.c \ + stime.c \ + read_service_key.c \ + getst.c \ + sendauth.c \ + netread.c \ + netwrite.c \ + rd_priv.c \ + krb_equiv.c \ + str2key.c \ + get_ad_tkt.c \ + mk_req.c \ + get_cred.c \ + get_tf_realm.c \ + get_tf_fullname.c \ + one.c \ + save_credentials.c \ + send_to_kdc.c \ + get_host.c \ + get_krbrlm.c \ + k_gethostname.c \ + tf_util.c \ + debug_decl.c \ + k_flock.c \ + tkt_string.c \ + getaddrs.c \ + k_getsockinst.c \ + k_getport.c \ + lsb_addr_comp.c \ + name2name.c \ + get_default_principal.c \ + realm_parse.c \ + verify_user.c \ + rw.c \ + kdc_reply.c \ + encrypt_ktext.c \ + swab.c \ + gettimeofday.c \ + check_time.c \ + krb_err.c \ + et_list.c \ + resolve.c \ + unparse_name.c \ + logging.c \ + k_concat.c + +# these files reside in ../roken +# snprintf.c \ +# strdup.c \ +# strtok_r.c \ +# strcasecmp.c + +OBJECTS = cr_err_reply.o \ + create_auth_reply.o \ + create_ciph.o \ + create_death_packet.o \ + create_ticket.o \ + dest_tkt.o \ + get_in_tkt.o \ + get_svc_in_tkt.o \ + getrealm.o \ + k_localtime.o \ + krb_err_txt.o \ + krb_get_in_tkt.o \ + kuserok.o \ + parse_name.o \ + kntoln.o \ + mk_auth.o \ + krb_check_auth.o \ + mk_err.o \ + mk_safe.o \ + rd_err.o \ + rd_safe.o \ + recvauth.o \ + mk_priv.o \ + rd_req.o \ + decomp_ticket.o \ + lifetime.o \ + month_sname.o \ + stime.o \ + read_service_key.o \ + getst.o \ + sendauth.o \ + netread.o \ + netwrite.o \ + rd_priv.o \ + krb_equiv.o \ + str2key.o \ + get_ad_tkt.o \ + mk_req.o \ + get_cred.o \ + get_tf_realm.o \ + get_tf_fullname.o \ + one.o \ + save_credentials.o \ + send_to_kdc.o \ + get_host.o \ + get_krbrlm.o \ + k_gethostname.o \ + tf_util.o \ + debug_decl.o \ + k_flock.o \ + tkt_string.o \ + getaddrs.o \ + k_getsockinst.o \ + k_getport.o \ + lsb_addr_comp.o \ + name2name.o \ + get_default_principal.o \ + realm_parse.o \ + verify_user.o \ + rw.o \ + kdc_reply.o \ + encrypt_ktext.o \ + swab.o \ + gettimeofday.o \ + check_time.o \ + krb_err.o \ + resolve.o \ + unparse_name.o \ + logging.o \ + k_concat.o \ + snprintf.o \ + strdup.o \ + strtok_r.o \ + strcasecmp.o + +# This is only needed by some shared library implementations +LDOBJ = et_list.o + +all: $(LIB) $(PROGS) + +Wall: + make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" + +.c.o: + $(CC) -c $(CPPFLAGS) $(DEFS) -I../../include -I$(srcdir) $(CFLAGS) $(PICFLAGS) $< + +install: all + $(MKINSTALLDIRS) $(libdir) + $(INSTALL_DATA) -m 0555 $(LIB) $(libdir) + +uninstall: + rm -f $(libdir)/$(LIB) + +TAGS: $(SOURCES) + etags $(SOURCES) + +sizetest.o: sizetest.c + $(CC) -c $(CPPFLAGS) $(DEFS) -I../../include -I$(srcdir) $(CFLAGS) $< + +sizetest$(EXECSUFFIX): sizetest.o + $(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ sizetest.o + +check: sizetest$(EXECSUFFIX) + ./sizetest$(EXECSUFFIX) + +clean: + rm -f $(LIB) *.o *.a krb_err.c krb_err.h $(PROGS) + +mostlyclean: clean + +distclean: clean + rm -f Makefile *.tab.c *~ + +realclean: distclean + rm -f TAGS + +dist: $(DISTFILES) + for file in $(DISTFILES); do \ + ln $$file ../`cat ../.fname`/lib \ + || cp -p $$file ../`cat ../.fname`/lib; \ + done + +$(LIBNAME).a: $(OBJECTS) + rm -f $@ + $(AR) cr $@ $(OBJECTS) + -$(RANLIB) $@ + +$(LIBNAME).$(SHLIBEXT): $(OBJECTS) $(LDOBJ) + rm -f $@ + $(LDSHARED) -o $@ $(OBJECTS) $(LDOBJ) $(LIBDES) + +krb_err.c krb_err.h: krb_err.et + test -r krb_err.et || (rm -f krb_err.et && $(LN_S) $(srcdir)/krb_err.et .) + $(COMPILE_ET) krb_err.et + +snprintf.c: + $(LN_S) $(srcdir)/../roken/snprintf.c . + +strdup.c: + $(LN_S) $(srcdir)/../roken/strdup.c . + +strtok_r.c: + $(LN_S) $(srcdir)/../roken/strtok_r.c . + +strcasecmp.c: + $(LN_S) $(srcdir)/../roken/strcasecmp.c . + +$(OBJECTS): ../../include/config.h +$(OBJECTS): krb_locl.h krb.h krb_err.h +one.o: ../../include/version.h diff --git a/crypto/kerberosIV/lib/krb/check_time.c b/crypto/kerberosIV/lib/krb/check_time.c new file mode 100644 index 0000000..3c3e6c0 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/check_time.c @@ -0,0 +1,56 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: check_time.c,v 1.4 1997/04/01 08:18:18 joda Exp $"); + +int +krb_check_tm (struct tm tm) +{ + return tm.tm_mon < 0 + || tm.tm_mon > 11 + || tm.tm_hour < 0 + || tm.tm_hour > 23 + || tm.tm_min < 0 + || tm.tm_min > 59 + || tm.tm_sec < 0 + || tm.tm_sec > 59 + || tm.tm_year < 1901 + || tm.tm_year > 2038; +} diff --git a/crypto/kerberosIV/lib/krb/cr_err_reply.c b/crypto/kerberosIV/lib/krb/cr_err_reply.c new file mode 100644 index 0000000..2c1956a --- /dev/null +++ b/crypto/kerberosIV/lib/krb/cr_err_reply.c @@ -0,0 +1,99 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: cr_err_reply.c,v 1.9 1997/04/01 08:18:19 joda Exp $"); + +/* + * This routine is used by the Kerberos authentication server to + * create an error reply packet to send back to its client. + * + * It takes a pointer to the packet to be built, the name, instance, + * and realm of the principal, the client's timestamp, an error code + * and an error string as arguments. Its return value is undefined. + * + * The packet is built in the following format: + * + * type variable data + * or constant + * ---- ----------- ---- + * + * unsigned char req_ack_vno protocol version number + * + * unsigned char AUTH_MSG_ERR_REPLY protocol message type + * + * [least significant HOST_BYTE_ORDER sender's (server's) byte + * bit of above field] order + * + * string pname principal's name + * + * string pinst principal's instance + * + * string prealm principal's realm + * + * unsigned long time_ws client's timestamp + * + * unsigned long e error code + * + * string e_string error text + */ + +void +cr_err_reply(KTEXT pkt, char *pname, char *pinst, char *prealm, + u_int32_t time_ws, u_int32_t e, char *e_string) +{ + unsigned char *p = pkt->dat; + + p += krb_put_int(KRB_PROT_VERSION, p, 1); + p += krb_put_int(AUTH_MSG_ERR_REPLY, p, 1); + + if (pname == NULL) pname = ""; + if (pinst == NULL) pinst = ""; + if (prealm == NULL) prealm = ""; + + p += krb_put_nir(pname, pinst, prealm, p); + + p += krb_put_int(time_ws, p, 4); + + p += krb_put_int(e, p, 4); + + p += krb_put_string(e_string, p); + + pkt->length = p - pkt->dat; +} diff --git a/crypto/kerberosIV/lib/krb/create_auth_reply.c b/crypto/kerberosIV/lib/krb/create_auth_reply.c new file mode 100644 index 0000000..4976c46 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/create_auth_reply.c @@ -0,0 +1,131 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: create_auth_reply.c,v 1.11 1997/04/01 08:18:20 joda Exp $"); + +/* + * This routine is called by the Kerberos authentication server + * to create a reply to an authentication request. The routine + * takes the user's name, instance, and realm, the client's + * timestamp, the number of tickets, the user's key version + * number and the ciphertext containing the tickets themselves. + * It constructs a packet and returns a pointer to it. + * + * Notes: The packet returned by this routine is static. Thus, if you + * intend to keep the result beyond the next call to this routine, you + * must copy it elsewhere. + * + * The packet is built in the following format: + * + * variable + * type or constant data + * ---- ----------- ---- + * + * unsigned char KRB_PROT_VERSION protocol version number + * + * unsigned char AUTH_MSG_KDC_REPLY protocol message type + * + * [least significant HOST_BYTE_ORDER sender's (server's) byte + * bit of above field] order + * + * string pname principal's name + * + * string pinst principal's instance + * + * string prealm principal's realm + * + * unsigned long time_ws client's timestamp + * + * unsigned char n number of tickets + * + * unsigned long x_date expiration date + * + * unsigned char kvno master key version + * + * short w_1 cipher length + * + * --- cipher->dat cipher data + */ + +KTEXT +create_auth_reply(char *pname, /* Principal's name */ + char *pinst, /* Principal's instance */ + char *prealm, /* Principal's authentication domain */ + int32_t time_ws, /* Workstation time */ + int n, /* Number of tickets */ + u_int32_t x_date, /* Principal's expiration date */ + int kvno, /* Principal's key version number */ + KTEXT cipher) /* Cipher text with tickets and session keys */ +{ + static KTEXT_ST pkt_st; + KTEXT pkt = &pkt_st; + + unsigned char *p = pkt->dat; + + p += krb_put_int(KRB_PROT_VERSION, p, 1); + p += krb_put_int(AUTH_MSG_KDC_REPLY, p, 1); + + if(n != 0){ + /* barf on old code */ + krb_warning("create_auth_reply: don't give me no krb3 crap!" + " (n == %d)\n", n); + return NULL; + } + + + p += krb_put_nir(pname, pinst, prealm, p); + + p += krb_put_int(time_ws, p, 4); + + p += krb_put_int(n, p, 1); + + p += krb_put_int(x_date, p, 4); + + p += krb_put_int(kvno, p, 1); + + p += krb_put_int(cipher->length, p, 2); + + memcpy(p, cipher->dat, cipher->length); + p += cipher->length; + + pkt->length = p - pkt->dat; + + return pkt; +} diff --git a/crypto/kerberosIV/lib/krb/create_ciph.c b/crypto/kerberosIV/lib/krb/create_ciph.c new file mode 100644 index 0000000..27d27ff --- /dev/null +++ b/crypto/kerberosIV/lib/krb/create_ciph.c @@ -0,0 +1,117 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: create_ciph.c,v 1.9 1997/04/01 08:18:20 joda Exp $"); + +/* + * This routine is used by the authentication server to create + * a packet for its client, containing a ticket for the requested + * service (given in "tkt"), and some information about the ticket, + * + * Returns KSUCCESS no matter what. + * + * The length of the cipher is stored in c->length; the format of + * c->dat is as follows: + * + * variable + * type or constant data + * ---- ----------- ---- + * + * + * 8 bytes session session key for client, service + * + * string service service name + * + * string instance service instance + * + * string realm KDC realm + * + * unsigned char life ticket lifetime + * + * unsigned char kvno service key version number + * + * unsigned char tkt->length length of following ticket + * + * data tkt->dat ticket for service + * + * 4 bytes kdc_time KDC's timestamp + * + * <=7 bytes null null pad to 8 byte multiple + * + */ + +int +create_ciph(KTEXT c, /* Text block to hold ciphertext */ + unsigned char *session, /* Session key to send to user */ + char *service, /* Service name on ticket */ + char *instance, /* Instance name on ticket */ + char *realm, /* Realm of this KDC */ + u_int32_t life, /* Lifetime of the ticket */ + int kvno, /* Key version number for service */ + KTEXT tkt, /* The ticket for the service */ + u_int32_t kdc_time, /* KDC time */ + des_cblock *key) /* Key to encrypt ciphertext with */ + +{ + unsigned char *p = c->dat; + + memset(c, 0, sizeof(KTEXT_ST)); + + memcpy(p, session, 8); + p += 8; + + p += krb_put_nir(service, instance, realm, p); + + p += krb_put_int(life, p, 1); + p += krb_put_int(kvno, p, 1); + + p += krb_put_int(tkt->length, p, 1); + + memcpy(p, tkt->dat, tkt->length); + p += tkt->length; + + p += krb_put_int(kdc_time, p, 4); + + /* multiple of eight bytes */ + c->length = (p - c->dat + 7) & ~7; + + encrypt_ktext(c, key, DES_ENCRYPT); + return KSUCCESS; +} diff --git a/crypto/kerberosIV/lib/krb/create_death_packet.c b/crypto/kerberosIV/lib/krb/create_death_packet.c new file mode 100644 index 0000000..f74ba30 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/create_death_packet.c @@ -0,0 +1,85 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: create_death_packet.c,v 1.8 1997/04/01 08:18:21 joda Exp $"); + +/* + * This routine creates a packet to type AUTH_MSG_DIE which is sent to + * the Kerberos server to make it shut down. It is used only in the + * development environment. + * + * It takes a string "a_name" which is sent in the packet. A pointer + * to the packet is returned. + * + * The format of the killer packet is: + * + * type variable data + * or constant + * ---- ----------- ---- + * + * unsigned char KRB_PROT_VERSION protocol version number + * + * unsigned char AUTH_MSG_DIE message type + * + * [least significant HOST_BYTE_ORDER byte order of sender + * bit of above field] + * + * string a_name presumably, name of + * principal sending killer + * packet + */ + +#ifdef DEBUG +KTEXT +krb_create_death_packet(char *a_name) +{ + static KTEXT_ST pkt_st; + KTEXT pkt = &pkt_st; + + unsigned char *p = pkt->dat; + + p += krb_put_int(KRB_PROT_VERSION, p, 1); + p += krb_put_int(AUTH_MSG_DIE, p, 1); + + p += krb_put_string(a_name, p); + pkt->length = p - pkt->dat; + return pkt; +} +#endif /* DEBUG */ diff --git a/crypto/kerberosIV/lib/krb/create_ticket.c b/crypto/kerberosIV/lib/krb/create_ticket.c new file mode 100644 index 0000000..b469232 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/create_ticket.c @@ -0,0 +1,134 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: create_ticket.c,v 1.12 1997/04/01 08:18:21 joda Exp $"); + +/* + * Create ticket takes as arguments information that should be in a + * ticket, and the KTEXT object in which the ticket should be + * constructed. It then constructs a ticket and returns, leaving the + * newly created ticket in tkt. + * The length of the ticket is a multiple of + * eight bytes and is in tkt->length. + * + * If the ticket is too long, the ticket will contain nulls. + * + * The corresponding routine to extract information from a ticket it + * decomp_ticket. When changes are made to this routine, the + * corresponding changes should also be made to that file. + * + * The packet is built in the following format: + * + * variable + * type or constant data + * ---- ----------- ---- + * + * tkt->length length of ticket (multiple of 8 bytes) + * + * tkt->dat: + * + * unsigned char flags namely, HOST_BYTE_ORDER + * + * string pname client's name + * + * string pinstance client's instance + * + * string prealm client's realm + * + * 4 bytes paddress client's address + * + * 8 bytes session session key + * + * 1 byte life ticket lifetime + * + * 4 bytes time_sec KDC timestamp + * + * string sname service's name + * + * string sinstance service's instance + * + * <=7 bytes null null pad to 8 byte multiple + * + */ + +int +krb_create_ticket(KTEXT tkt, /* Gets filled in by the ticket */ + unsigned char flags, /* Various Kerberos flags */ + char *pname, /* Principal's name */ + char *pinstance, /* Principal's instance */ + char *prealm, /* Principal's authentication domain */ + int32_t paddress, /* Net address of requesting entity */ + void *session, /* Session key inserted in ticket */ + int16_t life, /* Lifetime of the ticket */ + int32_t time_sec, /* Issue time and date */ + char *sname, /* Service Name */ + char *sinstance, /* Instance Name */ + des_cblock *key) /* Service's secret key */ +{ + unsigned char *p = tkt->dat; + + memset(tkt, 0, sizeof(KTEXT_ST)); + + p += krb_put_int(flags, p, 1); + p += krb_put_nir(pname, pinstance, prealm, p); + + p += krb_put_address(paddress, p); + + memcpy(p, session, 8); + p += 8; + + p += krb_put_int(life, p, 1); + p += krb_put_int(time_sec, p, 4); + + p += krb_put_nir(sname, sinstance, NULL, p); + + /* multiple of eight bytes */ + tkt->length = (p - tkt->dat + 7) & ~7; + + /* Check length of ticket */ + if (tkt->length > (sizeof(KTEXT_ST) - 7)) { + memset(tkt->dat, 0, tkt->length); + tkt->length = 0; + return KFAILURE /* XXX */; + } + + encrypt_ktext(tkt, key, DES_ENCRYPT); + return KSUCCESS; +} diff --git a/crypto/kerberosIV/lib/krb/debug_decl.c b/crypto/kerberosIV/lib/krb/debug_decl.c new file mode 100644 index 0000000..5358bcb --- /dev/null +++ b/crypto/kerberosIV/lib/krb/debug_decl.c @@ -0,0 +1,29 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + + */ + +#include "krb_locl.h" + +RCSID("$Id: debug_decl.c,v 1.6 1997/03/23 03:53:07 joda Exp $"); + +/* Declare global debugging variables. */ + +int krb_ap_req_debug = 0; +int krb_debug = 0; diff --git a/crypto/kerberosIV/lib/krb/decomp_ticket.c b/crypto/kerberosIV/lib/krb/decomp_ticket.c new file mode 100644 index 0000000..8e556a3 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/decomp_ticket.c @@ -0,0 +1,119 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: decomp_ticket.c,v 1.16 1997/04/01 08:18:22 joda Exp $"); + +/* + * This routine takes a ticket and pointers to the variables that + * should be filled in based on the information in the ticket. It + * fills in values for its arguments. + * + * The routine returns KFAILURE if any of the "pname", "pinstance", + * or "prealm" fields is too big, otherwise it returns KSUCCESS. + * + * The corresponding routine to generate tickets is create_ticket. + * When changes are made to this routine, the corresponding changes + * should also be made to that file. + * + * See create_ticket.c for the format of the ticket packet. + */ + +int +decomp_ticket(KTEXT tkt, /* The ticket to be decoded */ + unsigned char *flags, /* Kerberos ticket flags */ + char *pname, /* Authentication name */ + char *pinstance, /* Principal's instance */ + char *prealm, /* Principal's authentication domain */ + u_int32_t *paddress,/* Net address of entity requesting ticket */ + unsigned char *session, /* Session key inserted in ticket */ + int *life, /* Lifetime of the ticket */ + u_int32_t *time_sec, /* Issue time and date */ + char *sname, /* Service name */ + char *sinstance, /* Service instance */ + des_cblock *key, /* Service's secret key (to decrypt the ticket) */ + des_key_schedule schedule) /* The precomputed key schedule */ + +{ + unsigned char *p = tkt->dat; + + int little_endian; + + des_pcbc_encrypt((des_cblock *)tkt->dat, (des_cblock *)tkt->dat, + tkt->length, schedule, key, DES_DECRYPT); + + tkt->mbz = 0; + + *flags = *p++; + + little_endian = (*flags >> K_FLAG_ORDER) & 1; + + if(strlen((char*)p) > ANAME_SZ) + return KFAILURE; + p += krb_get_string(p, pname); + + if(strlen((char*)p) > INST_SZ) + return KFAILURE; + p += krb_get_string(p, pinstance); + + if(strlen((char*)p) > REALM_SZ) + return KFAILURE; + p += krb_get_string(p, prealm); + + if(tkt->length - (p - tkt->dat) < 8 + 1 + 4) + return KFAILURE; + p += krb_get_address(p, paddress); + + memcpy(session, p, 8); + p += 8; + + *life = *p++; + + p += krb_get_int(p, time_sec, 4, little_endian); + + if(strlen((char*)p) > SNAME_SZ) + return KFAILURE; + p += krb_get_string(p, sname); + + if(strlen((char*)p) > INST_SZ) + return KFAILURE; + p += krb_get_string(p, sinstance); + + return KSUCCESS; +} diff --git a/crypto/kerberosIV/lib/krb/dest_tkt.c b/crypto/kerberosIV/lib/krb/dest_tkt.c new file mode 100644 index 0000000..0487e6b --- /dev/null +++ b/crypto/kerberosIV/lib/krb/dest_tkt.c @@ -0,0 +1,82 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + + */ + +#include "krb_locl.h" + +RCSID("$Id: dest_tkt.c,v 1.11 1997/05/19 03:03:40 assar Exp $"); + +/* + * dest_tkt() is used to destroy the ticket store upon logout. + * If the ticket file does not exist, dest_tkt() returns RET_TKFIL. + * Otherwise the function returns RET_OK on success, KFAILURE on + * failure. + * + * The ticket file (TKT_FILE) is defined in "krb.h". + */ + +int +dest_tkt(void) +{ + char *file = TKT_FILE; + int i,fd; + struct stat statb; + char buf[BUFSIZ]; + + errno = 0; + if ( +#ifdef HAVE_LSTAT + lstat +#else + stat +#endif + (file, &statb) < 0) + goto out; + + if (!(statb.st_mode & S_IFREG) +#ifdef notdef + || statb.st_mode & 077 +#endif + ) + goto out; + + if ((fd = open(file, O_RDWR, 0)) < 0) + goto out; + + memset(buf, 0, BUFSIZ); + + for (i = 0; i < statb.st_size; i += sizeof(buf)) + if (write(fd, buf, sizeof(buf)) != sizeof(buf)) { + fsync(fd); + close(fd); + goto out; + } + + + fsync(fd); + close(fd); + + unlink(file); + +out: + if (errno == ENOENT) return RET_TKFIL; + else if (errno != 0) return KFAILURE; + return(KSUCCESS); +} diff --git a/crypto/kerberosIV/lib/krb/dllmain.c b/crypto/kerberosIV/lib/krb/dllmain.c new file mode 100644 index 0000000..e98b7dc --- /dev/null +++ b/crypto/kerberosIV/lib/krb/dllmain.c @@ -0,0 +1,128 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* dllmain.c - main function to krb4.dll + * Author: J Karlsson <d93-jka@nada.kth.se> + * Date: June 1996 + */ + +#include "krb_locl.h" +#include "ticket_memory.h" +#include <Windows.h> + +RCSID("$Id: dllmain.c,v 1.6 1997/05/02 14:29:13 assar Exp $"); + +void +msg(char *text, int error) +{ + char *buf; + + asprintf (&buf, "%s\nAn error of type: %d", text, error); + + MessageBox(GetActiveWindow(), + buf ? buf : "can't tell you", + "kerberos message", + MB_OK|MB_APPLMODAL); + free (buf); +} + +BOOL WINAPI +DllMain (HANDLE hInst, + ULONG reason, + LPVOID lpReserved) +{ + WORD wVersionRequested; + WSADATA wsaData; + PROCESS_INFORMATION p; + int err; + + switch(reason){ + case DLL_PROCESS_ATTACH: + wVersionRequested = MAKEWORD(1, 1); + err = WSAStartup(wVersionRequested, &wsaData); + if (err != 0) + { + /* Tell the user that we couldn't find a useable */ + /* winsock.dll. */ + msg("Cannot find winsock.dll", err); + return FALSE; + } + if(newTktMem(0) != KSUCCESS) + { + /* Tell the user that we couldn't alloc shared memory. */ + msg("Cannot allocate shared ticket memory", GetLastError()); + return FALSE; + } + if(GetLastError() != ERROR_ALREADY_EXISTS) + { + STARTUPINFO s = + { + sizeof(s), + 0, + 0, + 0, + 0,0, + 0,0, + 0,0, + 0, + 0, + 0, + 0,0, + 0,0,0}; + + s.dwFlags = STARTF_USESHOWWINDOW; + s.wShowWindow = SW_HIDE; + if(!CreateProcess(0,"krbmanager", + 0,0,FALSE,0,0, + 0,&s, &p)) + { + msg("Unable to create kerberos manager process.\n" + "Make sure krbmanager.exe is in your PATH.", + GetLastError()); + return FALSE; + } + } + break; + case DLL_PROCESS_DETACH: + freeTktMem(0); + WSACleanup(); + break; + } + + return TRUE; +} diff --git a/crypto/kerberosIV/lib/krb/encrypt_ktext.c b/crypto/kerberosIV/lib/krb/encrypt_ktext.c new file mode 100644 index 0000000..d97fcc7 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/encrypt_ktext.c @@ -0,0 +1,51 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: encrypt_ktext.c,v 1.4 1997/04/01 08:18:26 joda Exp $"); + +void +encrypt_ktext(KTEXT cip, des_cblock *key, int encrypt) +{ + des_key_schedule schedule; + des_set_key(key, schedule); + des_pcbc_encrypt((des_cblock*)cip->dat, (des_cblock*)cip->dat, + cip->length, schedule, key, encrypt); + memset(schedule, 0, sizeof(des_key_schedule)); +} diff --git a/crypto/kerberosIV/lib/krb/et_list.c b/crypto/kerberosIV/lib/krb/et_list.c new file mode 100644 index 0000000..69d1c89 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/et_list.c @@ -0,0 +1,74 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* + * This is a hack to resolve the reference to _et_list when making a + * shared library under Psoriasis and possibly other systems. Presumably + * they define __ELF__, some people say Linux does so. + */ + +#include "config.h" + +RCSID("$Id: et_list.c,v 1.12 1997/05/13 09:45:01 bg Exp $"); + +struct et_list { + struct et_list *next; + const struct error_table *table; +}; + +#if defined(__GNUC__) + +#ifdef __FreeBSD__ +asm(".globl __et_list"); /* FreeBSD bug workaround */ +#endif +struct et_list * _et_list __attribute__ ((weak)) = 0; + +#else /* !__GNUC__ */ + +#ifdef HAVE_PRAGMA_WEAK + +#pragma weak _et_list = __et_list +struct et_list * __et_list = 0; + +#else /* !HAVE_PRAGMA_WEAK */ + +struct et_list * _et_list = 0; + +#endif /* !HAVE_PRAGMA_WEAK */ + +#endif /* !__GNUC__ */ diff --git a/crypto/kerberosIV/lib/krb/get_ad_tkt.c b/crypto/kerberosIV/lib/krb/get_ad_tkt.c new file mode 100644 index 0000000..9590760 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/get_ad_tkt.c @@ -0,0 +1,190 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: get_ad_tkt.c,v 1.16 1997/05/30 17:43:34 bg Exp $"); + +/* + * get_ad_tkt obtains a new service ticket from Kerberos, using + * the ticket-granting ticket which must be in the ticket file. + * It is typically called by krb_mk_req() when the client side + * of an application is creating authentication information to be + * sent to the server side. + * + * get_ad_tkt takes four arguments: three pointers to strings which + * contain the name, instance, and realm of the service for which the + * ticket is to be obtained; and an integer indicating the desired + * lifetime of the ticket. + * + * It returns an error status if the ticket couldn't be obtained, + * or AD_OK if all went well. The ticket is stored in the ticket + * cache. + * + * The request sent to the Kerberos ticket-granting service looks + * like this: + * + * pkt->dat + * + * TEXT original contents of authenticator+ticket + * pkt->dat built in krb_mk_req call + * + * 4 bytes time_ws always 0 (?) + * char lifetime lifetime argument passed + * string service service name argument + * string sinstance service instance arg. + * + * See "prot.h" for the reply packet layout and definitions of the + * extraction macros like pkt_version(), pkt_msg_type(), etc. + */ + +int +get_ad_tkt(char *service, char *sinstance, char *realm, int lifetime) +{ + static KTEXT_ST pkt_st; + KTEXT pkt = & pkt_st; /* Packet to KDC */ + static KTEXT_ST rpkt_st; + KTEXT rpkt = &rpkt_st; /* Returned packet */ + + CREDENTIALS cr; + char lrealm[REALM_SZ]; + u_int32_t time_ws = 0; + int kerror; + unsigned char *p; + + /* + * First check if we have a "real" TGT for the corresponding + * realm, if we don't, use ordinary inter-realm authentication. + */ + + kerror = krb_get_cred(KRB_TICKET_GRANTING_TICKET, realm, realm, &cr); + if (kerror == KSUCCESS) + strncpy(lrealm, realm, REALM_SZ); + else + kerror = krb_get_tf_realm(TKT_FILE, lrealm); + + if (kerror != KSUCCESS) + return(kerror); + + /* + * Look for the session key (and other stuff we don't need) + * in the ticket file for krbtgt.realm@lrealm where "realm" + * is the service's realm (passed in "realm" argument) and + * lrealm is the realm of our initial ticket. If we don't + * have this, we will try to get it. + */ + + if ((kerror = krb_get_cred(KRB_TICKET_GRANTING_TICKET, + realm, lrealm, &cr)) != KSUCCESS) { + /* + * If realm == lrealm, we have no hope, so let's not even try. + */ + if ((strncmp(realm, lrealm, REALM_SZ)) == 0) + return(AD_NOTGT); + else{ + if ((kerror = + get_ad_tkt(KRB_TICKET_GRANTING_TICKET, + realm, lrealm, lifetime)) != KSUCCESS) + if (kerror == KDC_PR_UNKNOWN) + return(AD_INTR_RLM_NOTGT); + else + return(kerror); + if ((kerror = krb_get_cred(KRB_TICKET_GRANTING_TICKET, + realm, lrealm, &cr)) != KSUCCESS) + return(kerror); + } + } + + /* + * Make up a request packet to the "krbtgt.realm@lrealm". + * Start by calling krb_mk_req() which puts ticket+authenticator + * into "pkt". Then tack other stuff on the end. + */ + + kerror = krb_mk_req(pkt, + KRB_TICKET_GRANTING_TICKET, + realm,lrealm,0L); + + if (kerror) + return(AD_NOTGT); + + p = pkt->dat + pkt->length; + + p += krb_put_int(time_ws, p, 4); + p += krb_put_int(lifetime, p, 1); + p += krb_put_nir(service, sinstance, NULL, p); + + pkt->length = p - pkt->dat; + rpkt->length = 0; + + /* Send the request to the local ticket-granting server */ + if ((kerror = send_to_kdc(pkt, rpkt, realm))) return(kerror); + + /* check packet version of the returned packet */ + + { + KTEXT_ST cip; + CREDENTIALS cred; + struct timeval tv; + + kerror = kdc_reply_cipher(rpkt, &cip); + if(kerror != KSUCCESS) + return kerror; + + encrypt_ktext(&cip, &cr.session, DES_DECRYPT); + + kerror = kdc_reply_cred(&cip, &cred); + if(kerror != KSUCCESS) + return kerror; + + if (strcmp(cred.service, service) || strcmp(cred.instance, sinstance) || + strcmp(cred.realm, realm)) /* not what we asked for */ + return INTK_ERR; /* we need a better code here XXX */ + + gettimeofday(&tv, NULL); + if (abs((int)(tv.tv_sec - cred.issue_date)) > CLOCK_SKEW) { + return RD_AP_TIME; /* XXX should probably be better code */ + } + + + kerror = save_credentials(cred.service, cred.instance, cred.realm, + cred.session, cred.lifetime, cred.kvno, + &cred.ticket_st, tv.tv_sec); + return kerror; + } +} diff --git a/crypto/kerberosIV/lib/krb/get_cred.c b/crypto/kerberosIV/lib/krb/get_cred.c new file mode 100644 index 0000000..1a0016c --- /dev/null +++ b/crypto/kerberosIV/lib/krb/get_cred.c @@ -0,0 +1,70 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + + */ + +#include "krb_locl.h" + +RCSID("$Id: get_cred.c,v 1.6 1997/05/30 17:38:29 bg Exp $"); + +/* + * krb_get_cred takes a service name, instance, and realm, and a + * structure of type CREDENTIALS to be filled in with ticket + * information. It then searches the ticket file for the appropriate + * ticket and fills in the structure with the corresponding + * information from the file. If successful, it returns KSUCCESS. + * On failure it returns a Kerberos error code. + */ + +int +krb_get_cred(char *service, /* Service name */ + char *instance, /* Instance */ + char *realm, /* Auth domain */ + CREDENTIALS *c) /* Credentials struct */ +{ + int tf_status; /* return value of tf function calls */ + CREDENTIALS cr; + + if (c == 0) + c = &cr; + + /* Open ticket file and lock it for shared reading */ + if ((tf_status = tf_init(TKT_FILE, R_TKT_FIL)) != KSUCCESS) + return(tf_status); + + /* Copy principal's name and instance into the CREDENTIALS struc c */ + + if ( (tf_status = tf_get_pname(c->pname)) != KSUCCESS || + (tf_status = tf_get_pinst(c->pinst)) != KSUCCESS ) + return (tf_status); + + /* Search for requested service credentials and copy into c */ + + while ((tf_status = tf_get_cred(c)) == KSUCCESS) { + if ((strcmp(c->service,service) == 0) && + (strcmp(c->instance,instance) == 0) && + (strcmp(c->realm,realm) == 0)) + break; + } + tf_close(); + + if (tf_status == EOF) + return (GC_NOTKT); + return(tf_status); +} diff --git a/crypto/kerberosIV/lib/krb/get_default_principal.c b/crypto/kerberosIV/lib/krb/get_default_principal.c new file mode 100644 index 0000000..3a111ea --- /dev/null +++ b/crypto/kerberosIV/lib/krb/get_default_principal.c @@ -0,0 +1,94 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: get_default_principal.c,v 1.10 1997/04/01 08:18:28 joda Exp $"); + +int +krb_get_default_principal(char *name, char *instance, char *realm) +{ + char *file; + int ret; + + char *p; + + if ((file = getenv("KRBTKFILE")) == NULL) + file = TKT_FILE; + + ret = krb_get_tf_fullname(file, name, instance, realm); + if(ret == KSUCCESS) + return 0; + + p = getenv("KRB4PRINCIPAL"); + if(p && kname_parse(name, instance, realm, p) == KSUCCESS) + return 1; + + +#ifdef HAVE_PWD_H + { + struct passwd *pw; + pw = getpwuid(getuid()); + if(pw == NULL){ + return -1; + } + + strcpy(name, pw->pw_name); + strcpy(instance, ""); + krb_get_lrealm(realm, 1); + + if(strcmp(name, "root") == 0){ + p = NULL; +#if defined(HAVE_GETLOGIN) && !defined(POSIX_GETLOGIN) + p = getlogin(); +#endif + if(p == NULL) + p = getenv("USER"); + if(p == NULL) + p = getenv("LOGNAME"); + if(p){ + strncpy (name, p, ANAME_SZ); + name[ANAME_SZ - 1] = '\0'; + strcpy(instance, "root"); + } + } + return 1; + } +#endif + return -1; +} diff --git a/crypto/kerberosIV/lib/krb/get_host.c b/crypto/kerberosIV/lib/krb/get_host.c new file mode 100644 index 0000000..de80ac4 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/get_host.c @@ -0,0 +1,292 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: get_host.c,v 1.30 1997/05/02 14:29:13 assar Exp $"); + +static struct host_list { + struct krb_host *this; + struct host_list *next; +} *hosts; + +static int krb_port = 0; + +static void +free_hosts(struct host_list *h) +{ + struct host_list *t; + while(h){ + if(h->this->realm) + free(h->this->realm); + if(h->this->host) + free(h->this->host); + t = h; + h = h->next; + free(t); + } +} + +static int +parse_address(char *address, int *proto, char **host, int *port) +{ + char *p, *q; + p = strchr(address, '/'); + *proto = IPPROTO_UDP; + if(p){ + char prot[32]; + struct protoent *pp; + strncpy(prot, address, p - address); + prot[p - address] = 0; + if((pp = getprotobyname(prot))) + *proto = pp->p_proto; + else + krb_warning("Bad protocol name `%s', Using default `udp'.\n", + prot); + p++; + }else + p = address; + q = strchr(p, ':'); + if(q){ + *host = (char*)malloc(q - p + 1); + strncpy(*host, p, q - p); + (*host)[q - p] = 0; + q++; + { + struct servent *sp = getservbyname(q, NULL); + if(sp) + *port = ntohs(sp->s_port); + else + if(sscanf(q, "%d", port) != 1){ + krb_warning("Bad port specification `%s', using port %d.", + q, krb_port); + *port = krb_port; + } + } + }else{ + *host = strdup(p); + *port = krb_port; + } + return 0; +} + +static int +add_host(char *realm, char *address, int admin, int validate) +{ + struct krb_host *host; + struct host_list *p, **last = &hosts; + host = (struct krb_host*)malloc(sizeof(struct krb_host)); + parse_address(address, &host->proto, &host->host, &host->port); + if(validate && gethostbyname(host->host) == NULL){ + free(host->host); + free(host); + return 1; + } + host->admin = admin; + for(p = hosts; p; p = p->next){ + if(strcmp(realm, p->this->realm) == 0 && + strcmp(host->host, p->this->host) == 0 && + host->proto == p->this->proto && + host->port == p->this->port){ + free(host->host); + free(host); + return 1; + } + last = &p->next; + } + host->realm = strdup(realm); + p = (struct host_list*)malloc(sizeof(struct host_list)); + p->this = host; + p->next = NULL; + *last = p; + return 0; +} + + + +static int +read_file(const char *filename, const char *r) +{ + char line[1024]; + char realm[1024]; + char address[1024]; + char scratch[1024]; + int n; + int nhosts = 0; + + FILE *f = fopen(filename, "r"); + if(f == NULL) + return -1; + while(fgets(line, sizeof(line), f)){ + n = sscanf(line, "%s %s admin %s", realm, address, scratch); + if(n == 2 || n == 3){ + if(strcmp(realm, r)) + continue; + if(add_host(realm, address, n == 3, 0) == 0) + nhosts++; + } + } + fclose(f); + return nhosts; +} + +static int +init_hosts(char *realm) +{ + static const char *files[] = KRB_CNF_FILES; + int i; + char *dir = getenv("KRBCONFDIR"); + + krb_port = ntohs(k_getportbyname (KRB_SERVICE, NULL, htons(KRB_PORT))); + if(dir){ + char file[MaxPathLen]; + if(k_concat(file, sizeof(file), dir, "/krb.conf", NULL) == 0) + read_file(file, realm); + } + for(i = 0; files[i]; i++) + read_file(files[i], realm); + return 0; +} + +static void +srv_find_realm(char *realm, char *proto, char *service) +{ + char *domain; + struct dns_reply *r; + struct resource_record *rr; + + k_mconcat(&domain, 1024, service, ".", proto, ".", realm, ".", NULL); + + if(domain == NULL) + return; + + r = dns_lookup(domain, "srv"); + if(r == NULL) + r = dns_lookup(domain, "txt"); + if(r == NULL){ + free(domain); + return; + } + for(rr = r->head; rr; rr = rr->next){ + if(rr->type == T_SRV){ + char buf[1024]; + + if (snprintf (buf, + sizeof(buf), + "%s/%s:%u", + proto, + rr->u.srv->target, + rr->u.srv->port) < sizeof(buf)) + add_host(realm, buf, 0, 0); + }else if(rr->type == T_TXT) + add_host(realm, rr->u.txt, 0, 0); + } + dns_free_data(r); + free(domain); +} + +struct krb_host* +krb_get_host(int nth, char *realm, int admin) +{ + struct host_list *p; + static char orealm[REALM_SZ]; + if(orealm[0] == 0 || strcmp(realm, orealm)){ + /* quick optimization */ + if(realm && realm[0]){ + strncpy(orealm, realm, sizeof(orealm) - 1); + orealm[sizeof(orealm) - 1] = 0; + }else{ + int ret = krb_get_lrealm(orealm, 1); + if(ret != KSUCCESS) + return NULL; + } + + if(hosts){ + free_hosts(hosts); + hosts = NULL; + } + + init_hosts(orealm); + + srv_find_realm(orealm, "udp", KRB_SERVICE); + srv_find_realm(orealm, "tcp", KRB_SERVICE); + + { + /* XXX this assumes no one has more than 99999 kerberos + servers */ + char host[REALM_SZ + sizeof("kerberos-XXXXX..")]; + int i = 0; + sprintf(host, "kerberos.%s.", orealm); + add_host(orealm, host, 1, 1); + do{ + i++; + sprintf(host, "kerberos-%d.%s.", i, orealm); + }while(i < 100000 && add_host(orealm, host, 0, 1) == 0); + } + } + + for(p = hosts; p; p = p->next){ + if(strcmp(orealm, p->this->realm) == 0 && + (!admin || p->this->admin)) + if(nth == 1) + return p->this; + else + nth--; + } + return NULL; +} + +int +krb_get_krbhst(char *host, char *realm, int nth) +{ + struct krb_host *p = krb_get_host(nth, realm, 0); + if(p == NULL) + return KFAILURE; + strcpy(host, p->host); + return KSUCCESS; +} + +int +krb_get_admhst(char *host, char *realm, int nth) +{ + struct krb_host *p = krb_get_host(nth, realm, 1); + if(p == NULL) + return KFAILURE; + strcpy(host, p->host); + return KSUCCESS; +} diff --git a/crypto/kerberosIV/lib/krb/get_in_tkt.c b/crypto/kerberosIV/lib/krb/get_in_tkt.c new file mode 100644 index 0000000..435632a --- /dev/null +++ b/crypto/kerberosIV/lib/krb/get_in_tkt.c @@ -0,0 +1,99 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + + */ + +#include "krb_locl.h" + +RCSID("$Id: get_in_tkt.c,v 1.15 1997/03/23 03:53:08 joda Exp $"); + +/* + * This file contains three routines: passwd_to_key() and + * passwd_to_afskey() converts a password into a DES key, using the + * normal strinttokey and the AFS one, respectively, and + * krb_get_pw_in_tkt() gets an initial ticket for a user. + */ + +/* + * passwd_to_key() and passwd_to_afskey: given a password, return a DES key. + */ + +int +passwd_to_key(char *user, char *instance, char *realm, void *passwd, + des_cblock *key) +{ +#ifndef NOENCRYPTION + des_string_to_key((char *)passwd, key); +#endif + return 0; +} + + +int +passwd_to_afskey(char *user, char *instance, char *realm, void *passwd, + des_cblock *key) +{ +#ifndef NOENCRYPTION + afs_string_to_key((char *)passwd, realm, key); +#endif + return (0); +} + +/* + * krb_get_pw_in_tkt() takes the name of the server for which the initial + * ticket is to be obtained, the name of the principal the ticket is + * for, the desired lifetime of the ticket, and the user's password. + * It passes its arguments on to krb_get_in_tkt(), which contacts + * Kerberos to get the ticket, decrypts it using the password provided, + * and stores it away for future use. + * + * krb_get_pw_in_tkt() passes two additional arguments to krb_get_in_tkt(): + * the name of a routine (passwd_to_key()) to be used to get the + * password in case the "password" argument is null and NULL for the + * decryption procedure indicating that krb_get_in_tkt should use the + * default method of decrypting the response from the KDC. + * + * The result of the call to krb_get_in_tkt() is returned. + */ + +int +krb_get_pw_in_tkt(char *user, char *instance, char *realm, char *service, + char *sinstance, int life, char *password) +{ + char pword[100]; /* storage for the password */ + int code; + + /* Only request password once! */ + if (!password) { + if (des_read_pw_string(pword, sizeof(pword)-1, "Password: ", 0)){ + memset(pword, 0, sizeof(pword)); + return INTK_BADPW; + } + password = pword; + } + + code = krb_get_in_tkt(user,instance,realm,service,sinstance,life, + passwd_to_key, NULL, password); + if (code == INTK_BADPW) + code = krb_get_in_tkt(user,instance,realm,service,sinstance,life, + passwd_to_afskey, NULL, password); + if (password == pword) + memset(pword, 0, sizeof(pword)); + return(code); +} diff --git a/crypto/kerberosIV/lib/krb/get_krbrlm.c b/crypto/kerberosIV/lib/krb/get_krbrlm.c new file mode 100644 index 0000000..8c5b0c9 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/get_krbrlm.c @@ -0,0 +1,116 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + + */ + +#include "krb_locl.h" + +RCSID("$Id: get_krbrlm.c,v 1.16 1997/05/02 01:26:22 assar Exp $"); + +/* + * krb_get_lrealm takes a pointer to a string, and a number, n. It fills + * in the string, r, with the name of the nth realm specified on the + * first line of the kerberos config file (KRB_CONF, defined in "krb.h"). + * It returns 0 (KSUCCESS) on success, and KFAILURE on failure. If the + * config file does not exist, and if n=1, a successful return will occur + * with r = KRB_REALM (also defined in "krb.h"). + * + * NOTE: for archaic & compatibility reasons, this routine will only return + * valid results when n = 1. + * + * For the format of the KRB_CONF file, see comments describing the routine + * krb_get_krbhst(). + */ + +static int +krb_get_lrealm_f(char *r, int n, const char *fname) +{ + FILE *f; + int ret = KFAILURE; + f = fopen(fname, "r"); + if(f){ + char buf[REALM_SZ]; + if(fgets(buf, sizeof(buf), f)){ + char *p = buf + strspn(buf, " \t"); + p[strcspn(p, " \t\r\n")] = 0; + p[REALM_SZ - 1] = 0; + strcpy(r, p); + ret = KSUCCESS; + } + fclose(f); + } + return ret; +} + +int +krb_get_lrealm(char *r, int n) +{ + static const char *const files[] = KRB_CNF_FILES; + int i; + + const char *dir = getenv("KRBCONFDIR"); + + if (n > 1) + return(KFAILURE); /* Temporary restriction */ + + /* First try user specified file */ + if (dir != 0) { + char fname[MaxPathLen]; + if(k_concat(fname, sizeof(fname), dir, "/krb.conf", NULL) == 0) + if (krb_get_lrealm_f(r, n, fname) == KSUCCESS) + return KSUCCESS; + } + + for (i = 0; files[i] != 0; i++) + if (krb_get_lrealm_f(r, n, files[i]) == KSUCCESS) + return KSUCCESS; + + /* If nothing else works try LOCALDOMAIN, if it exists */ + if (n == 1) + { + char *t, hostname[MaxHostNameLen]; + k_gethostname(hostname, sizeof(hostname)); + t = krb_realmofhost(hostname); + if (t) { + strcpy (r, t); + return KSUCCESS; + } + t = strchr(hostname, '.'); + if (t == 0) + return KFAILURE; /* No domain part, you loose */ + + t++; /* Skip leading dot and upcase the rest */ + for (; *t; t++, r++) + *r = toupper(*t); + *r = 0; + return(KSUCCESS); + } + else + return(KFAILURE); +} + +/* For SunOS5 compat. */ +char * +krb_get_default_realm(void) +{ + static char local_realm[REALM_SZ]; /* local kerberos realm */ + if (krb_get_lrealm(local_realm, 1) != KSUCCESS) + strcpy(local_realm, "NO.DEFAULT.REALM"); + return local_realm; +} diff --git a/crypto/kerberosIV/lib/krb/get_svc_in_tkt.c b/crypto/kerberosIV/lib/krb/get_svc_in_tkt.c new file mode 100644 index 0000000..c290524 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/get_svc_in_tkt.c @@ -0,0 +1,76 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + + */ + +#include "krb_locl.h" + +RCSID("$Id: get_svc_in_tkt.c,v 1.8 1997/03/23 03:53:09 joda Exp $"); + +/* + * This file contains two routines: srvtab_to_key(), which gets + * a server's key from a srvtab file, and krb_get_svc_in_tkt() which + * gets an initial ticket for a server. + */ + +/* + * srvtab_to_key(): given a "srvtab" file (where the keys for the + * service on a host are stored), return the private key of the + * given service (user.instance@realm). + * + * srvtab_to_key() passes its arguments on to read_service_key(), + * plus one additional argument, the key version number. + * (Currently, the key version number is always 0; this value + * is treated as a wildcard by read_service_key().) + * + * If the "srvtab" argument is null, KEYFILE (defined in "krb.h") + * is passed in its place. + * + * It returns the return value of the read_service_key() call. + * The service key is placed in "key". + */ + +int +srvtab_to_key(char *user, char *instance, char *realm, void *srvtab, + des_cblock *key) +{ + if (!srvtab) + srvtab = KEYFILE; + + return(read_service_key(user, instance, realm, 0, (char *)srvtab, + (char *)key)); +} + +/* + * krb_get_svc_in_tkt() passes its arguments on to krb_get_in_tkt(), + * plus two additional arguments: a pointer to the srvtab_to_key() + * function to be used to get the key from the key file and a NULL + * for the decryption procedure indicating that krb_get_in_tkt should + * use the default method of decrypting the response from the KDC. + * + * It returns the return value of the krb_get_in_tkt() call. + */ + +int +krb_get_svc_in_tkt(char *user, char *instance, char *realm, char *service, + char *sinstance, int life, char *srvtab) +{ + return(krb_get_in_tkt(user, instance, realm, service, sinstance, + life, srvtab_to_key, NULL, srvtab)); +} diff --git a/crypto/kerberosIV/lib/krb/get_tf_fullname.c b/crypto/kerberosIV/lib/krb/get_tf_fullname.c new file mode 100644 index 0000000..33733d0 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/get_tf_fullname.c @@ -0,0 +1,70 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + + */ + +#include "krb_locl.h" + +RCSID("$Id: get_tf_fullname.c,v 1.6 1997/03/23 03:53:10 joda Exp $"); + +/* + * This file contains a routine to extract the fullname of a user + * from the ticket file. + */ + +/* + * krb_get_tf_fullname() takes four arguments: the name of the + * ticket file, and variables for name, instance, and realm to be + * returned in. Since the realm of a ticket file is not really fully + * supported, the realm used will be that of the the first ticket in + * the file as this is the one that was obtained with a password by + * krb_get_in_tkt(). + */ + +int +krb_get_tf_fullname(char *ticket_file, char *name, char *instance, char *realm) +{ + int tf_status; + CREDENTIALS c; + + if ((tf_status = tf_init(ticket_file, R_TKT_FIL)) != KSUCCESS) + return(tf_status); + + if (((tf_status = tf_get_pname(c.pname)) != KSUCCESS) || + ((tf_status = tf_get_pinst(c.pinst)) != KSUCCESS)) + return (tf_status); + + if (name) + strcpy(name, c.pname); + if (instance) + strcpy(instance, c.pinst); + if ((tf_status = tf_get_cred(&c)) == KSUCCESS) { + if (realm) + strcpy(realm, c.realm); + } + else { + if (tf_status == EOF) + return(KFAILURE); + else + return(tf_status); + } + tf_close(); + + return(tf_status); +} diff --git a/crypto/kerberosIV/lib/krb/get_tf_realm.c b/crypto/kerberosIV/lib/krb/get_tf_realm.c new file mode 100644 index 0000000..1a3c7d1 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/get_tf_realm.c @@ -0,0 +1,41 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + + */ + +#include "krb_locl.h" + +RCSID("$Id: get_tf_realm.c,v 1.5 1997/03/23 03:53:10 joda Exp $"); + +/* + * This file contains a routine to extract the realm of a kerberos + * ticket file. + */ + +/* + * krb_get_tf_realm() takes two arguments: the name of a ticket + * and a variable to store the name of the realm in. + * + */ + +int +krb_get_tf_realm(char *ticket_file, char *realm) +{ + return(krb_get_tf_fullname(ticket_file, 0, 0, realm)); +} diff --git a/crypto/kerberosIV/lib/krb/getaddrs.c b/crypto/kerberosIV/lib/krb/getaddrs.c new file mode 100644 index 0000000..d25ec1b --- /dev/null +++ b/crypto/kerberosIV/lib/krb/getaddrs.c @@ -0,0 +1,130 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: getaddrs.c,v 1.19 1997/04/01 08:18:29 joda Exp $"); + +#if defined(HAVE_SYS_IOCTL_H) && SunOS != 4 +#include <sys/ioctl.h> +#endif +#ifdef HAVE_NET_IF_H +#include <net/if.h> +#endif + +#ifdef HAVE_SYS_SOCKIO_H +#include <sys/sockio.h> +#endif /* HAVE_SYS_SOCKIO_H */ + +/* + * Return number and list of all local adresses. + */ + +int +k_get_all_addrs (struct in_addr **l) +{ +#if !defined(SIOCGIFCONF) || !defined(SIOCGIFFLAGS) || !defined(SIOCGIFADDR) + char name[MaxHostNameLen]; + struct hostent *he; + + if (k_gethostname(name, sizeof(name)) < 0) + return -1; + he = gethostbyname (name); + if (he == NULL) + return -1; + *l = malloc(sizeof(**l)); + if (*l == NULL) + return -1; + memcpy (*l, he->h_addr_list[0], sizeof(*l)); + return 1; +#else + int fd; + char buf[BUFSIZ]; + struct ifreq ifreq; + struct ifconf ifconf; + int num, j; + char *p; + + fd = socket(AF_INET, SOCK_DGRAM, 0); + if (fd < 0) + return -1; + + ifconf.ifc_len = sizeof(buf); + ifconf.ifc_buf = buf; + if(ioctl(fd, SIOCGIFCONF, &ifconf) < 0) + return -1; + num = ifconf.ifc_len / sizeof(struct ifreq); + *l = malloc(num * sizeof(struct in_addr)); + if(*l == NULL) { + close (fd); + return -1; + } + + j = 0; + ifreq.ifr_name[0] = '\0'; + for (p = ifconf.ifc_buf; p < ifconf.ifc_buf + ifconf.ifc_len;) { + struct ifreq *ifr = (struct ifreq *)p; +#ifdef SOCKADDR_HAS_SA_LEN + size_t sz = sizeof(ifr->ifr_name) + ifr->ifr_addr.sa_len; +#else + size_t sz = sizeof(*ifr); +#endif + if(strncmp(ifreq.ifr_name, ifr->ifr_name, sizeof(ifr->ifr_name))) { + if(ioctl(fd, SIOCGIFFLAGS, ifr) < 0) { + close (fd); + free (*l); + return -1; + } + if (ifr->ifr_flags & IFF_UP) { + if(ioctl(fd, SIOCGIFADDR, ifr) < 0) { + close (fd); + free (*l); + return -1; + } + (*l)[j++] = ((struct sockaddr_in *)&ifr->ifr_addr)->sin_addr; + } + ifreq = *ifr; + } + p = p + sz; + } + if (j != num) + *l = realloc (*l, j * sizeof(struct in_addr)); + close (fd); + return j; +#endif /* SIOCGIFCONF */ +} diff --git a/crypto/kerberosIV/lib/krb/getrealm.c b/crypto/kerberosIV/lib/krb/getrealm.c new file mode 100644 index 0000000..05dfdab --- /dev/null +++ b/crypto/kerberosIV/lib/krb/getrealm.c @@ -0,0 +1,184 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + + */ + +#include "krb_locl.h" + +RCSID("$Id: getrealm.c,v 1.25 1997/05/02 14:29:14 assar Exp $"); + +#define MATCH_SUBDOMAINS 0 + +/* + * krb_realmofhost. + * Given a fully-qualified domain-style primary host name, + * return the name of the Kerberos realm for the host. + * If the hostname contains no discernable domain, or an error occurs, + * return the local realm name, as supplied by get_krbrlm(). + * If the hostname contains a domain, but no translation is found, + * the hostname's domain is converted to upper-case and returned. + * + * The format of each line of the translation file is: + * domain_name kerberos_realm + * -or- + * host_name kerberos_realm + * + * domain_name should be of the form .XXX.YYY (e.g. .LCS.MIT.EDU) + * host names should be in the usual form (e.g. FOO.BAR.BAZ) + */ + +/* To automagically find the correct realm of a host (without + * krb.realms) add a text record for your domain with the name of your + * realm, like this: + * + * krb4-realm IN TXT FOO.SE + * + * The search is recursive, so you can also add entries for specific + * hosts. To find the realm of host a.b.c, it first tries + * krb4-realm.a.b.c, then krb4-realm.b.c and so on. + */ + +static int +dns_find_realm(char *hostname, char *realm) +{ + char domain[MaxHostNameLen + sizeof("krb4-realm..")]; + char *p; + int level = 0; + struct dns_reply *r; + + p = hostname; + + while(1){ + snprintf(domain, sizeof(domain), "krb4-realm.%s.", p); + r = dns_lookup(domain, "TXT"); + if(r){ + struct resource_record *rr = r->head; + while(rr){ + if(rr->type == T_TXT){ + strncpy(realm, rr->u.txt, REALM_SZ); + realm[REALM_SZ - 1] = 0; + dns_free_data(r); + return level; + } + rr = rr->next; + } + dns_free_data(r); + } + level++; + p = strchr(p, '.'); + if(p == NULL) + break; + p++; + } + return -1; +} + + +static FILE * +open_krb_realms(void) +{ + static const char *const files[] = KRB_RLM_FILES; + FILE *res; + int i; + + const char *dir = getenv("KRBCONFDIR"); + + /* First try user specified file */ + if (dir != 0) { + char fname[MaxPathLen]; + + if(k_concat(fname, sizeof(fname), dir, "/krb.realms", NULL) == 0) + if ((res = fopen(fname, "r")) != NULL) + return res; + } + + for (i = 0; files[i] != 0; i++) + if ((res = fopen(files[i], "r")) != NULL) + return res; + + return NULL; +} + +char * +krb_realmofhost(const char *host) +{ + static char ret_realm[REALM_SZ]; + char *domain; + FILE *trans_file; + char trans_host[MaxHostNameLen]; + char trans_realm[REALM_SZ]; + char buf[1024]; + + char phost[MaxHostNameLen]; + + krb_name_to_name(host, phost, sizeof(phost)); + + domain = strchr(phost, '.'); + + /* prepare default */ + if(dns_find_realm(phost, ret_realm) < 0){ + if (domain) { + char *cp; + + strncpy(ret_realm, &domain[1], REALM_SZ); + ret_realm[REALM_SZ - 1] = 0; + /* Upper-case realm */ + for (cp = ret_realm; *cp; cp++) + *cp = toupper(*cp); + } else { + krb_get_lrealm(ret_realm, 1); + } + } + + if ((trans_file = open_krb_realms()) == NULL) + return(ret_realm); /* krb_errno = KRB_NO_TRANS */ + + while (fgets(buf, sizeof(buf), trans_file)) { + char *save = NULL; + char *tok = strtok_r(buf, " \t\r\n", &save); + if(tok == NULL) + continue; + strncpy(trans_host, tok, MaxHostNameLen); + trans_host[MaxHostNameLen - 1] = 0; + tok = strtok_r(NULL, " \t\r\n", &save); + if(tok == NULL) + continue; + strcpy(trans_realm, tok); + trans_realm[REALM_SZ - 1] = 0; + if (!strcasecmp(trans_host, phost)) { + /* exact match of hostname, so return the realm */ + strcpy(ret_realm, trans_realm); + fclose(trans_file); + return(ret_realm); + } + if ((trans_host[0] == '.') && domain) { + char *cp = domain; + do { + if(strcasecmp(trans_host, domain) == 0){ + /* domain match, save for later */ + strcpy(ret_realm, trans_realm); + break; + } + cp = strchr(cp + 1, '.'); + } while(MATCH_SUBDOMAINS && cp); + } + } + fclose(trans_file); + return ret_realm; +} diff --git a/crypto/kerberosIV/lib/krb/getst.c b/crypto/kerberosIV/lib/krb/getst.c new file mode 100644 index 0000000..de99962 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/getst.c @@ -0,0 +1,45 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + + */ + +#include "krb_locl.h" + +RCSID("$Id: getst.c,v 1.6 1997/03/23 03:53:11 joda Exp $"); + +/* + * getst() takes a file descriptor, a string and a count. It reads + * from the file until either it has read "count" characters, or until + * it reads a null byte. When finished, what has been read exists in + * the given string "s". If "count" characters were actually read, the + * last is changed to a null, so the returned string is always null- + * terminated. getst() returns the number of characters read, including + * the null terminator. + */ + +int +getst(int fd, char *s, int n) +{ + int count = n; + while (read(fd, s, 1) > 0 && --count) + if (*s++ == '\0') + return (n - count); + *s = '\0'; + return (n - count); +} diff --git a/crypto/kerberosIV/lib/krb/gettimeofday.c b/crypto/kerberosIV/lib/krb/gettimeofday.c new file mode 100644 index 0000000..734ca59 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/gettimeofday.c @@ -0,0 +1,56 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" +RCSID("$Id: gettimeofday.c,v 1.5 1997/04/01 08:18:29 joda Exp $"); + +#ifndef HAVE_GETTIMEOFDAY +/* + * Simple gettimeofday that only returns seconds. + */ +int +gettimeofday (struct timeval *tp, void *ignore) +{ + time_t t; + + t = time(NULL); + tp->tv_sec = t; + tp->tv_usec = 0; + return 0; +} +#endif diff --git a/crypto/kerberosIV/lib/krb/k_concat.c b/crypto/kerberosIV/lib/krb/k_concat.c new file mode 100644 index 0000000..e7daa5f --- /dev/null +++ b/crypto/kerberosIV/lib/krb/k_concat.c @@ -0,0 +1,116 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: k_concat.c,v 1.5 1997/05/02 08:56:39 joda Exp $"); + +int +k_concat (char *s, size_t len, ...) +{ + int ret; + va_list args; + + va_start(args, len); + ret = k_vconcat (s, len, args); + va_end(args); + return ret; +} + +int +k_vconcat (char *s, size_t len, va_list args) +{ + const char *a; + + while ((a = va_arg(args, const char*))) { + size_t n = strlen (a); + + if (n >= len) + return -1; + strncpy (s, a, n); + s += n; + len -= n; + } + *s = '\0'; + return 0; +} + +size_t +k_vmconcat (char **s, size_t max_len, va_list args) +{ + const char *a; + char *p, *q; + size_t len = 0; + *s = NULL; + p = malloc(1); + if(p == NULL) + return 0; + *p = 0; + len = 1; + while ((a = va_arg(args, const char*))) { + size_t n = strlen (a); + + if(max_len && len + n > max_len){ + free(p); + return 0; + } + q = realloc(p, len + n); + if(q == NULL){ + free(p); + return 0; + } + p = q; + len += n; + strcat(p, a); + } + *s = p; + return len; +} + +size_t +k_mconcat (char **s, size_t max_len, ...) +{ + int ret; + va_list args; + + va_start(args, max_len); + ret = k_vmconcat (s, max_len, args); + va_end(args); + return ret; +} + diff --git a/crypto/kerberosIV/lib/krb/k_flock.c b/crypto/kerberosIV/lib/krb/k_flock.c new file mode 100644 index 0000000..844c34c --- /dev/null +++ b/crypto/kerberosIV/lib/krb/k_flock.c @@ -0,0 +1,95 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: k_flock.c,v 1.8 1997/04/01 08:18:30 joda Exp $"); + +#define K_OP_MASK (K_LOCK_SH | K_LOCK_EX | K_LOCK_UN) + +int +k_flock(int fd, int operation) +{ +#ifdef HAVE_FLOCK + int op = 0; + if (operation & K_LOCK_SH) + op |= LOCK_SH; + if (operation & K_LOCK_EX) + op |= LOCK_EX; + if (operation & K_LOCK_UN) + op |= LOCK_UN; + if (operation & K_LOCK_NB) + op |= LOCK_NB; + + return flock(fd, op); +#elif defined(HAVE_FCNTL) && defined(F_SETLK) + struct flock arg; + int code, cmd; + + arg.l_whence = SEEK_SET; + arg.l_start = 0; + arg.l_len = 0; /* means to EOF */ + + if (operation & K_LOCK_NB) + cmd = F_SETLK; + else + cmd = F_SETLKW; /* Blocking */ + + switch (operation & K_OP_MASK) { + case K_LOCK_UN: + arg.l_type = F_UNLCK; + code = fcntl(fd, F_SETLK, &arg); + break; + case K_LOCK_SH: + arg.l_type = F_RDLCK; + code = fcntl(fd, cmd, &arg); + break; + case K_LOCK_EX: + arg.l_type = F_WRLCK; + code = fcntl(fd, cmd, &arg); + break; + default: + errno = EINVAL; + code = -1; + break; + } + return code; +#else + return -1; +#endif /* !HAVE_FLOCK */ +} diff --git a/crypto/kerberosIV/lib/krb/k_gethostname.c b/crypto/kerberosIV/lib/krb/k_gethostname.c new file mode 100644 index 0000000..0f4d57f --- /dev/null +++ b/crypto/kerberosIV/lib/krb/k_gethostname.c @@ -0,0 +1,58 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + + */ + +#include "krb_locl.h" +RCSID("$Id: k_gethostname.c,v 1.10 1997/03/23 03:53:12 joda Exp $"); + +#ifdef HAVE_SYS_UTSNAME_H +#include <sys/utsname.h> +#endif + +/* + * Return the local host's name in "name", up to "namelen" characters. + * "name" will be null-terminated if "namelen" is big enough. + * The return code is 0 on success, -1 on failure. (The calling + * interface is identical to gethostname(2).) + */ + +int +k_gethostname(char *name, int namelen) +{ +#if defined(HAVE_GETHOSTNAME) + return gethostname(name, namelen); +#elif defined(HAVE_UNAME) + { + struct utsname utsname; + int ret; + + ret = uname (&utsname); + if (ret < 0) + return ret; + strncpy (name, utsname.nodename, namelen); + name[namelen-1] = '\0'; + return 0; + } +#else + strncpy (name, "some.random.host", namelen); + name[namelen-1] = '\0'; + return 0; +#endif +} diff --git a/crypto/kerberosIV/lib/krb/k_getport.c b/crypto/kerberosIV/lib/krb/k_getport.c new file mode 100644 index 0000000..c5f9f15 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/k_getport.c @@ -0,0 +1,57 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: k_getport.c,v 1.10 1997/04/01 08:18:30 joda Exp $"); + +int +k_getportbyname (const char *service, const char *proto, int default_port) +{ +#ifdef HAVE_GETSERVBYNAME + struct servent *sp; + + sp = getservbyname(service, proto); + if(sp != NULL) + return sp->s_port; + + krb_warning ("%s/%s unknown service, using default port %d\n", + service, proto ? proto : "*", ntohs(default_port)); +#endif + return default_port; +} diff --git a/crypto/kerberosIV/lib/krb/k_getsockinst.c b/crypto/kerberosIV/lib/krb/k_getsockinst.c new file mode 100644 index 0000000..04676b1 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/k_getsockinst.c @@ -0,0 +1,73 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: k_getsockinst.c,v 1.10 1997/05/02 14:29:17 assar Exp $"); + +/* + * Return in inst the name of the local interface bound to socket + * fd. On Failure return the 'wildcard' instance "*". + */ + +int +k_getsockinst(int fd, char *inst, size_t inst_size) +{ + struct sockaddr_in addr; + int len = sizeof(addr); + struct hostent *hnam; + + if (getsockname(fd, (struct sockaddr *)&addr, &len) < 0) + goto fail; + + hnam = gethostbyaddr((char *)&addr.sin_addr, + sizeof(addr.sin_addr), + addr.sin_family); + if (hnam == 0) + goto fail; + + strncpy (inst, hnam->h_name, inst_size); + inst[inst_size - 1] = '\0'; + k_ricercar(inst); /* Canonicalize name */ + return 0; /* Success */ + + fail: + inst[0] = '*'; + inst[1] = 0; + return -1; +} diff --git a/crypto/kerberosIV/lib/krb/k_localtime.c b/crypto/kerberosIV/lib/krb/k_localtime.c new file mode 100644 index 0000000..a6ffb9b --- /dev/null +++ b/crypto/kerberosIV/lib/krb/k_localtime.c @@ -0,0 +1,48 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: k_localtime.c,v 1.7 1997/04/01 08:18:31 joda Exp $"); + +struct tm *k_localtime(u_int32_t *tp) +{ + time_t t; + t = *tp; + return localtime(&t); +} diff --git a/crypto/kerberosIV/lib/krb/kdc_reply.c b/crypto/kerberosIV/lib/krb/kdc_reply.c new file mode 100644 index 0000000..aa012e0 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/kdc_reply.c @@ -0,0 +1,131 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: kdc_reply.c,v 1.9 1997/04/15 21:52:14 assar Exp $"); + +static int little_endian; /* XXX ugly */ + +int +kdc_reply_cred(KTEXT cip, CREDENTIALS *cred) +{ + unsigned char *p = cip->dat; + + memcpy(cred->session, p, 8); + p += 8; + + if(p + strlen((char*)p) > cip->dat + cip->length) + return INTK_BADPW; + p += krb_get_string(p, cred->service); + + if(p + strlen((char*)p) > cip->dat + cip->length) + return INTK_BADPW; + p += krb_get_string(p, cred->instance); + + if(p + strlen((char*)p) > cip->dat + cip->length) + return INTK_BADPW; + p += krb_get_string(p, cred->realm); + + if(p + 3 > cip->dat + cip->length) + return INTK_BADPW; + cred->lifetime = *p++; + cred->kvno = *p++; + cred->ticket_st.length = *p++; + + if(p + cred->ticket_st.length + 4 > cip->dat + cip->length) + return INTK_BADPW; + memcpy(cred->ticket_st.dat, p, cred->ticket_st.length); + p += cred->ticket_st.length; + + p += krb_get_int(p, (u_int32_t *)&cred->issue_date, 4, little_endian); + + return KSUCCESS; +} + +int +kdc_reply_cipher(KTEXT reply, KTEXT cip) +{ + unsigned char *p; + unsigned char pvno; + unsigned char type; + + char aname[ANAME_SZ]; + char inst[INST_SZ]; + char realm[REALM_SZ]; + + u_int32_t kdc_time; + u_int32_t exp_date; + u_int32_t clen; + + p = reply->dat; + + pvno = *p++; + + if (pvno != KRB_PROT_VERSION ) + return INTK_PROT; + + type = *p++; + little_endian = type & 1; + + type &= ~1; + + if(type == AUTH_MSG_ERR_REPLY){ + u_int32_t code; + p += strlen((char*)p) + 1; /* name */ + p += strlen((char*)p) + 1; /* instance */ + p += strlen((char*)p) + 1; /* realm */ + p += 4; /* time */ + p += krb_get_int(p, &code, 4, little_endian); + return code; + } + if(type != AUTH_MSG_KDC_REPLY) + return INTK_PROT; + + p += krb_get_nir(p, aname, inst, realm); + p += krb_get_int(p, &kdc_time, 4, little_endian); + p++; /* number of tickets */ + p += krb_get_int(p, &exp_date, 4, little_endian); + p++; /* master key version number */ + p += krb_get_int(p, &clen, 2, little_endian); + cip->length = clen; + memcpy(cip->dat, p, clen); + p += clen; + + return KSUCCESS; +} diff --git a/crypto/kerberosIV/lib/krb/klog.h b/crypto/kerberosIV/lib/krb/klog.h new file mode 100644 index 0000000..cee92d9 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/klog.h @@ -0,0 +1,47 @@ +/* + * $Id: klog.h,v 1.5 1997/05/11 11:05:28 assar Exp $ + * + * Copyright 1988 by the Massachusetts Institute of Technology. + * + * For copying and distribution information, please see the file + * <mit-copyright.h>. + * + * This file defines the types of log messages logged by klog. Each + * type of message may be selectively turned on or off. + */ + +#ifndef KLOG_DEFS +#define KLOG_DEFS + +#ifndef KRBLOG +#define KRBLOG "/var/log/kerberos.log" /* master server */ +#endif +#ifndef KRBSLAVELOG +#define KRBSLAVELOG "/var/log/kerberos_slave.log" /* slave server */ +#endif +#define NLOGTYPE 100 /* Maximum number of log msg types */ + +#define L_NET_ERR 1 /* Error in network code */ +#define L_NET_INFO 2 /* Info on network activity */ +#define L_KRB_PERR 3 /* Kerberos protocol errors */ +#define L_KRB_PINFO 4 /* Kerberos protocol info */ +#define L_INI_REQ 5 /* Request for initial ticket */ +#define L_NTGT_INTK 6 /* Initial request not for TGT */ +#define L_DEATH_REQ 7 /* Request for server death */ +#define L_TKT_REQ 8 /* All ticket requests using a tgt */ +#define L_ERR_SEXP 9 /* Service expired */ +#define L_ERR_MKV 10 /* Master key version incorrect */ +#define L_ERR_NKY 11 /* User's key is null */ +#define L_ERR_NUN 12 /* Principal not unique */ +#define L_ERR_UNK 13 /* Principal Unknown */ +#define L_ALL_REQ 14 /* All requests */ +#define L_APPL_REQ 15 /* Application requests (using tgt) */ +#define L_KRB_PWARN 16 /* Protocol warning messages */ + +char * klog __P((int type, const char *format, ...)) +#ifdef __GNUC__ +__attribute__ ((format (printf, 2, 3))) +#endif +; + +#endif /* KLOG_DEFS */ diff --git a/crypto/kerberosIV/lib/krb/kntoln.c b/crypto/kerberosIV/lib/krb/kntoln.c new file mode 100644 index 0000000..88b8b25 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/kntoln.c @@ -0,0 +1,180 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + + */ + +/* + * krb_kntoln converts an auth name into a local name by looking up + * the auth name in the /etc/aname file. The format of the aname + * file is: + * + * +-----+-----+-----+-----+------+----------+-------+-------+ + * | anl | inl | rll | lnl | name | instance | realm | lname | + * +-----+-----+-----+-----+------+----------+-------+-------+ + * | 1by | 1by | 1by | 1by | name | instance | realm | lname | + * +-----+-----+-----+-----+------+----------+-------+-------+ + * + * If the /etc/aname file can not be opened it will set the + * local name to the auth name. Thus, in this case it performs as + * the identity function. + * + * The name instance and realm are passed to krb_kntoln through + * the AUTH_DAT structure (ad). + * + * Now here's what it *really* does: + * + * Given a Kerberos name in an AUTH_DAT structure, check that the + * instance is null, and that the realm is the same as the local + * realm, and return the principal's name in "lname". Return + * KSUCCESS if all goes well, otherwise KFAILURE. + */ + +#include "krb_locl.h" + +RCSID("$Id: kntoln.c,v 1.7 1997/03/23 03:53:12 joda Exp $"); + +int +krb_kntoln(AUTH_DAT *ad, char *lname) +{ + static char lrealm[REALM_SZ] = ""; + + if (!(*lrealm) && (krb_get_lrealm(lrealm,1) == KFAILURE)) + return(KFAILURE); + + if (strcmp(ad->pinst, "")) + return(KFAILURE); + if (strcmp(ad->prealm, lrealm)) + return(KFAILURE); + strcpy(lname, ad->pname); + return(KSUCCESS); +} + +#if 0 +/* Posted to usenet by "Derrick J. Brashear" <shadow+@andrew.cmu.edu> */ + +#include <krb.h> +#include <ndbm.h> +#include <stdio.h> +#include <sys/file.h> +#include <strings.h> +#include <sys/syslog.h> +#include <sys/errno.h> + +extern int errno; +/* + * antoln converts an authentication name into a local name by looking up + * the authentication name in the /etc/aname dbm database. + * + * If the /etc/aname file can not be opened it will set the + * local name to the principal name. Thus, in this case it performs as + * the identity function. + * + * The name instance and realm are passed to antoln through + * the AUTH_DAT structure (ad). + */ + +static char lrealm[REALM_SZ] = ""; + +an_to_ln(ad,lname) +AUTH_DAT *ad; +char *lname; +{ + static DBM *aname = NULL; + char keyname[ANAME_SZ+INST_SZ+REALM_SZ+2]; + + if(!(*lrealm) && (krb_get_lrealm(lrealm,1) == KFAILURE)) + return(KFAILURE); + + if((strcmp(ad->pinst,"") && strcmp(ad->pinst,"root")) || +strcmp(ad->prealm,lrealm)) { + datum val; + datum key; + /* + * Non-local name (or) non-null and non-root instance. + * Look up in dbm file. + */ + if (!aname) { + if ((aname = dbm_open("/etc/aname", O_RDONLY, 0)) + == NULL) return (KFAILURE); + } + /* Construct dbm lookup key. */ + an_to_a(ad, keyname); + key.dptr = keyname; + key.dsize = strlen(keyname)+1; + flock(dbm_dirfno(aname), LOCK_SH); + val = dbm_fetch(aname, key); + flock(dbm_dirfno(aname), LOCK_UN); + if (!val.dptr) { + dbm_close(aname); + return(KFAILURE); + } + /* Got it! */ + strcpy(lname,val.dptr); + return(KSUCCESS); + } else strcpy(lname,ad->pname); + return(KSUCCESS); +} + +an_to_a(ad, str) + AUTH_DAT *ad; + char *str; +{ + strcpy(str, ad->pname); + if(*ad->pinst) { + strcat(str, "."); + strcat(str, ad->pinst); + } + strcat(str, "@"); + strcat(str, ad->prealm); +} + +/* + * Parse a string of the form "user[.instance][@realm]" + * into a struct AUTH_DAT. + */ + +a_to_an(str, ad) + AUTH_DAT *ad; + char *str; +{ + char *buf = (char *)malloc(strlen(str)+1); + char *rlm, *inst, *princ; + + if(!(*lrealm) && (krb_get_lrealm(lrealm,1) == KFAILURE)) { + free(buf); + return(KFAILURE); + } + /* destructive string hacking is more fun.. */ + strcpy(buf, str); + + if (rlm = index(buf, '@')) { + *rlm++ = '\0'; + } + if (inst = index(buf, '.')) { + *inst++ = '\0'; + } + strcpy(ad->pname, buf); + if(inst) strcpy(ad->pinst, inst); + else *ad->pinst = '\0'; + if (rlm) strcpy(ad->prealm, rlm); + else strcpy(ad->prealm, lrealm); + free(buf); + return(KSUCCESS); +} +#endif diff --git a/crypto/kerberosIV/lib/krb/krb.def b/crypto/kerberosIV/lib/krb/krb.def new file mode 100644 index 0000000..da2e906 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/krb.def @@ -0,0 +1,92 @@ +LIBRARY "krb" BASE=0x07000000 + +DESCRIPTION "Dynamic link library for kerberos version 4" +VERSION 1.0 + +EXPORTS + krb_get_err_text + + newTktMem + getTktMem + firstCred + nextCredIndex + currCredIndex + nextFreeIndex + + k_flock + k_localtime + k_getsockinst + k_getportbyname + k_get_all_addrs + + krb_equiv + + afs_string_to_key + + krb_life_to_time + krb_time_to_life + krb_life_to_atime + krb_atime_to_life + + tf_get_cred + tf_get_pinst + tf_get_pname + tf_put_pinst + tf_put_pname + tf_init + tf_create + tf_save_cred + tf_close + + krb_mk_priv + krb_rd_priv + + create_auth_reply + krb_get_phost + krb_realmofhost + tkt_string + create_ciph + decomp_ticket + dest_tkt + get_ad_tkt + in_tkt + k_gethostname + k_isinst + k_isname + k_isrealm + kname_parse + krb_create_ticket + krb_get_admhst + krb_get_cred + krb_get_in_tkt + krb_get_krbhst + krb_get_lrealm + krb_get_default_realm + krb_get_pw_in_tkt + krb_get_svc_in_tkt + krb_get_tf_fullname + krb_get_tf_realm + krb_kntoln + krb_mk_req + krb_net_read + krb_net_write + krb_rd_err + krb_rd_req + krb_recvauth + krb_sendauth + krb_set_key + krb_set_lifetime + read_service_key + save_credentials + send_to_kdc + krb_mk_err + krb_mk_safe + krb_rd_safe + ad_print + cr_err_reply + krb_set_tkt_string + krb_get_default_principal + krb_realm_parse + krb_verify_user + kset_logfile + getst diff --git a/crypto/kerberosIV/lib/krb/krb.h b/crypto/kerberosIV/lib/krb/krb.h new file mode 100644 index 0000000..1ce349e --- /dev/null +++ b/crypto/kerberosIV/lib/krb/krb.h @@ -0,0 +1,565 @@ +/* + * $Id: krb.h,v 1.76 1997/05/26 17:47:31 bg Exp $ + * + * Copyright 1987, 1988 by the Massachusetts Institute of Technology. + * + * For copying and distribution information, please see the file + * <mit-copyright.h>. + * + * Include file for the Kerberos library. + */ + +/* Only one time, please */ +#ifndef KRB_DEFS +#define KRB_DEFS + +#include <ktypes.h> +#include <sys/cdefs.h> +#include <stdarg.h> +#include <time.h> + +__BEGIN_DECLS + +#ifndef __P +#define __P(x) x +#endif + +/* Need some defs from des.h */ +#if !defined(NOPROTO) && !defined(__STDC__) +#define NOPROTO +#endif +#include <des.h> + +/* Don't use these guys, they are only for compatibility with CNS. */ +#ifndef KRB_INT32 +#define KRB_INT32 int32_t +#endif +#ifndef KRB_UINT32 +#define KRB_UINT32 u_int32_t +#endif + +/* Global library variables. */ +extern int krb_ignore_ip_address; /* To turn off IP address comparison */ +extern int krb_no_long_lifetimes; /* To disable AFS compatible lifetimes */ +extern int krbONE; +#define HOST_BYTE_ORDER (* (char *) &krbONE) + +/* Text describing error codes */ +#define MAX_KRB_ERRORS 256 +extern const char *krb_err_txt[MAX_KRB_ERRORS]; + +/* Use this function rather than indexing in krb_err_txt */ +const char *krb_get_err_text __P((int code)); + + +/* General definitions */ +#define KSUCCESS 0 +#define KFAILURE 255 + +/* + * Kerberos specific definitions + * + * KRBLOG is the log file for the kerberos master server. KRB_CONF is + * the configuration file where different host machines running master + * and slave servers can be found. KRB_MASTER is the name of the + * machine with the master database. The admin_server runs on this + * machine, and all changes to the db (as opposed to read-only + * requests, which can go to slaves) must go to it. KRB_HOST is the + * default machine * when looking for a kerberos slave server. Other + * possibilities are * in the KRB_CONF file. KRB_REALM is the name of + * the realm. + */ + +/* /etc/kerberosIV is only for backwards compatibility, don't use it! */ +#ifndef KRB_CONF +#define KRB_CONF "/etc/krb.conf" +#endif +#ifndef KRB_RLM_TRANS +#define KRB_RLM_TRANS "/etc/krb.realms" +#endif +#ifndef KRB_CNF_FILES +#define KRB_CNF_FILES { KRB_CONF, "/etc/kerberosIV/krb.conf", 0} +#endif +#ifndef KRB_RLM_FILES +#define KRB_RLM_FILES { KRB_RLM_TRANS, "/etc/kerberosIV/krb.realms", 0} +#endif +#ifndef KRB_EQUIV +#define KRB_EQUIV "/etc/krb.equiv" +#endif +#define KRB_MASTER "kerberos" +#ifndef KRB_REALM +#define KRB_REALM (krb_get_default_realm()) +#endif + +/* The maximum sizes for aname, realm, sname, and instance +1 */ +#define ANAME_SZ 40 +#define REALM_SZ 40 +#define SNAME_SZ 40 +#define INST_SZ 40 +/* Leave space for quoting */ +#define MAX_K_NAME_SZ (2*ANAME_SZ + 2*INST_SZ + 2*REALM_SZ - 3) +#define KKEY_SZ 100 +#define VERSION_SZ 1 +#define MSG_TYPE_SZ 1 +#define DATE_SZ 26 /* RTI date output */ + +#define MAX_HSTNM 100 /* for compatibility */ + +typedef struct krb_principal{ + char name[ANAME_SZ]; + char instance[INST_SZ]; + char realm[REALM_SZ]; +}krb_principal; + +#ifndef DEFAULT_TKT_LIFE /* allow compile-time override */ +/* default lifetime for krb_mk_req & co., 10 hrs */ +#define DEFAULT_TKT_LIFE 120 +#endif + +#define KRB_TICKET_GRANTING_TICKET "krbtgt" + +/* Definition of text structure used to pass text around */ +#define MAX_KTXT_LEN 1250 + +struct ktext { + unsigned int length; /* Length of the text */ + unsigned char dat[MAX_KTXT_LEN]; /* The data itself */ + u_int32_t mbz; /* zero to catch runaway strings */ +}; + +typedef struct ktext *KTEXT; +typedef struct ktext KTEXT_ST; + + +/* Definitions for send_to_kdc */ +#define CLIENT_KRB_TIMEOUT 4 /* time between retries */ +#define CLIENT_KRB_RETRY 5 /* retry this many times */ +#define CLIENT_KRB_BUFLEN 512 /* max unfragmented packet */ + +/* Definitions for ticket file utilities */ +#define R_TKT_FIL 0 +#define W_TKT_FIL 1 + +/* Parameters for rd_ap_req */ +/* Maximum alloable clock skew in seconds */ +#define CLOCK_SKEW 5*60 +/* Filename for readservkey */ +#ifndef KEYFILE +#define KEYFILE "/etc/srvtab" +#endif + +/* Structure definition for rd_ap_req */ + +struct auth_dat { + unsigned char k_flags; /* Flags from ticket */ + char pname[ANAME_SZ]; /* Principal's name */ + char pinst[INST_SZ]; /* His Instance */ + char prealm[REALM_SZ]; /* His Realm */ + u_int32_t checksum; /* Data checksum (opt) */ + des_cblock session; /* Session Key */ + int life; /* Life of ticket */ + u_int32_t time_sec; /* Time ticket issued */ + u_int32_t address; /* Address in ticket */ + KTEXT_ST reply; /* Auth reply (opt) */ +}; + +typedef struct auth_dat AUTH_DAT; + +/* Structure definition for credentials returned by get_cred */ + +struct credentials { + char service[ANAME_SZ]; /* Service name */ + char instance[INST_SZ]; /* Instance */ + char realm[REALM_SZ]; /* Auth domain */ + des_cblock session; /* Session key */ + int lifetime; /* Lifetime */ + int kvno; /* Key version number */ + KTEXT_ST ticket_st; /* The ticket itself */ + int32_t issue_date; /* The issue time */ + char pname[ANAME_SZ]; /* Principal's name */ + char pinst[INST_SZ]; /* Principal's instance */ +}; + +typedef struct credentials CREDENTIALS; + +/* Structure definition for rd_private_msg and rd_safe_msg */ + +struct msg_dat { + unsigned char *app_data; /* pointer to appl data */ + u_int32_t app_length; /* length of appl data */ + u_int32_t hash; /* hash to lookup replay */ + int swap; /* swap bytes? */ + int32_t time_sec; /* msg timestamp seconds */ + unsigned char time_5ms; /* msg timestamp 5ms units */ +}; + +typedef struct msg_dat MSG_DAT; + +struct krb_host { + char *realm; + char *host; + int proto; + int port; + int admin; +}; + +struct krb_host *krb_get_host __P((int, char*, int)); + + +/* Location of ticket file for save_cred and get_cred */ +#define TKT_FILE tkt_string() +#define TKT_ROOT "/tmp/tkt" + +/* Error codes returned from the KDC */ +#define KDC_OK 0 /* Request OK */ +#define KDC_NAME_EXP 1 /* Principal expired */ +#define KDC_SERVICE_EXP 2 /* Service expired */ +#define KDC_AUTH_EXP 3 /* Auth expired */ +#define KDC_PKT_VER 4 /* Protocol version unknown */ +#define KDC_P_MKEY_VER 5 /* Wrong master key version */ +#define KDC_S_MKEY_VER 6 /* Wrong master key version */ +#define KDC_BYTE_ORDER 7 /* Byte order unknown */ +#define KDC_PR_UNKNOWN 8 /* Principal unknown */ +#define KDC_PR_N_UNIQUE 9 /* Principal not unique */ +#define KDC_NULL_KEY 10 /* Principal has null key */ +#define KDC_GEN_ERR 20 /* Generic error from KDC */ + + +/* Values returned by get_credentials */ +#define GC_OK 0 /* Retrieve OK */ +#define RET_OK 0 /* Retrieve OK */ +#define GC_TKFIL 21 /* Can't read ticket file */ +#define RET_TKFIL 21 /* Can't read ticket file */ +#define GC_NOTKT 22 /* Can't find ticket or TGT */ +#define RET_NOTKT 22 /* Can't find ticket or TGT */ + + +/* Values returned by mk_ap_req */ +#define MK_AP_OK 0 /* Success */ +#define MK_AP_TGTEXP 26 /* TGT Expired */ + +/* Values returned by rd_ap_req */ +#define RD_AP_OK 0 /* Request authentic */ +#define RD_AP_UNDEC 31 /* Can't decode authenticator */ +#define RD_AP_EXP 32 /* Ticket expired */ +#define RD_AP_NYV 33 /* Ticket not yet valid */ +#define RD_AP_REPEAT 34 /* Repeated request */ +#define RD_AP_NOT_US 35 /* The ticket isn't for us */ +#define RD_AP_INCON 36 /* Request is inconsistent */ +#define RD_AP_TIME 37 /* delta_t too big */ +#define RD_AP_BADD 38 /* Incorrect net address */ +#define RD_AP_VERSION 39 /* protocol version mismatch */ +#define RD_AP_MSG_TYPE 40 /* invalid msg type */ +#define RD_AP_MODIFIED 41 /* message stream modified */ +#define RD_AP_ORDER 42 /* message out of order */ +#define RD_AP_UNAUTHOR 43 /* unauthorized request */ + +/* Values returned by get_pw_tkt */ +#define GT_PW_OK 0 /* Got password changing tkt */ +#define GT_PW_NULL 51 /* Current PW is null */ +#define GT_PW_BADPW 52 /* Incorrect current password */ +#define GT_PW_PROT 53 /* Protocol Error */ +#define GT_PW_KDCERR 54 /* Error returned by KDC */ +#define GT_PW_NULLTKT 55 /* Null tkt returned by KDC */ + + +/* Values returned by send_to_kdc */ +#define SKDC_OK 0 /* Response received */ +#define SKDC_RETRY 56 /* Retry count exceeded */ +#define SKDC_CANT 57 /* Can't send request */ + +/* + * Values returned by get_intkt + * (can also return SKDC_* and KDC errors) + */ + +#define INTK_OK 0 /* Ticket obtained */ +#define INTK_W_NOTALL 61 /* Not ALL tickets returned */ +#define INTK_BADPW 62 /* Incorrect password */ +#define INTK_PROT 63 /* Protocol Error */ +#define INTK_ERR 70 /* Other error */ + +/* Values returned by get_adtkt */ +#define AD_OK 0 /* Ticket Obtained */ +#define AD_NOTGT 71 /* Don't have tgt */ +#define AD_INTR_RLM_NOTGT 72 /* Can't get inter-realm tgt */ + +/* Error codes returned by ticket file utilities */ +#define NO_TKT_FIL 76 /* No ticket file found */ +#define TKT_FIL_ACC 77 /* Couldn't access tkt file */ +#define TKT_FIL_LCK 78 /* Couldn't lock ticket file */ +#define TKT_FIL_FMT 79 /* Bad ticket file format */ +#define TKT_FIL_INI 80 /* tf_init not called first */ + +/* Error code returned by kparse_name */ +#define KNAME_FMT 81 /* Bad Kerberos name format */ + +/* Error code returned by krb_mk_safe */ +#define SAFE_PRIV_ERROR -1 /* syscall error */ + +/* + * macros for byte swapping; also scratch space + * u_quad 0-->7, 1-->6, 2-->5, 3-->4, 4-->3, 5-->2, 6-->1, 7-->0 + * u_int32_t 0-->3, 1-->2, 2-->1, 3-->0 + * u_int16_t 0-->1, 1-->0 + */ + +#define swap_u_16(x) {\ + u_int32_t _krb_swap_tmp[4];\ + swab(((char *) x) +0, ((char *) _krb_swap_tmp) +14 ,2); \ + swab(((char *) x) +2, ((char *) _krb_swap_tmp) +12 ,2); \ + swab(((char *) x) +4, ((char *) _krb_swap_tmp) +10 ,2); \ + swab(((char *) x) +6, ((char *) _krb_swap_tmp) +8 ,2); \ + swab(((char *) x) +8, ((char *) _krb_swap_tmp) +6 ,2); \ + swab(((char *) x) +10,((char *) _krb_swap_tmp) +4 ,2); \ + swab(((char *) x) +12,((char *) _krb_swap_tmp) +2 ,2); \ + swab(((char *) x) +14,((char *) _krb_swap_tmp) +0 ,2); \ + memcpy(x, _krb_swap_tmp, 16);\ + } + +#define swap_u_12(x) {\ + u_int32_t _krb_swap_tmp[4];\ + swab(( char *) x, ((char *) _krb_swap_tmp) +10 ,2); \ + swab(((char *) x) +2, ((char *) _krb_swap_tmp) +8 ,2); \ + swab(((char *) x) +4, ((char *) _krb_swap_tmp) +6 ,2); \ + swab(((char *) x) +6, ((char *) _krb_swap_tmp) +4 ,2); \ + swab(((char *) x) +8, ((char *) _krb_swap_tmp) +2 ,2); \ + swab(((char *) x) +10,((char *) _krb_swap_tmp) +0 ,2); \ + memcpy(x, _krb_swap_tmp, 12);\ + } + +#define swap_C_Block(x) {\ + u_int32_t _krb_swap_tmp[4];\ + swab(( char *) x, ((char *) _krb_swap_tmp) +6 ,2); \ + swab(((char *) x) +2,((char *) _krb_swap_tmp) +4 ,2); \ + swab(((char *) x) +4,((char *) _krb_swap_tmp) +2 ,2); \ + swab(((char *) x) +6,((char *) _krb_swap_tmp) ,2); \ + memcpy(x, _krb_swap_tmp, 8);\ + } +#define swap_u_quad(x) {\ + u_int32_t _krb_swap_tmp[4];\ + swab(( char *) &x, ((char *) _krb_swap_tmp) +6 ,2); \ + swab(((char *) &x) +2,((char *) _krb_swap_tmp) +4 ,2); \ + swab(((char *) &x) +4,((char *) _krb_swap_tmp) +2 ,2); \ + swab(((char *) &x) +6,((char *) _krb_swap_tmp) ,2); \ + memcpy(x, _krb_swap_tmp, 8);\ + } + +#define swap_u_long(x) {\ + u_int32_t _krb_swap_tmp[4];\ + swab((char *) &x, ((char *) _krb_swap_tmp) +2 ,2); \ + swab(((char *) &x) +2,((char *) _krb_swap_tmp),2); \ + x = _krb_swap_tmp[0]; \ + } + +#define swap_u_short(x) {\ + u_int16_t _krb_swap_sh_tmp; \ + swab((char *) &x, ( &_krb_swap_sh_tmp) ,2); \ + x = (u_int16_t) _krb_swap_sh_tmp; \ + } +/* Kerberos ticket flag field bit definitions */ +#define K_FLAG_ORDER 0 /* bit 0 --> lsb */ +#define K_FLAG_1 /* reserved */ +#define K_FLAG_2 /* reserved */ +#define K_FLAG_3 /* reserved */ +#define K_FLAG_4 /* reserved */ +#define K_FLAG_5 /* reserved */ +#define K_FLAG_6 /* reserved */ +#define K_FLAG_7 /* reserved, bit 7 --> msb */ + +/* Defines for krb_sendauth and krb_recvauth */ + +#define KOPT_DONT_MK_REQ 0x00000001 /* don't call krb_mk_req */ +#define KOPT_DO_MUTUAL 0x00000002 /* do mutual auth */ + +#define KOPT_DONT_CANON 0x00000004 /* + * don't canonicalize inst as + * a hostname + */ + +#define KRB_SENDAUTH_VLEN 8 /* length for version strings */ + + +/* File locking */ +#define K_LOCK_SH 1 /* Shared lock */ +#define K_LOCK_EX 2 /* Exclusive lock */ +#define K_LOCK_NB 4 /* Don't block when locking */ +#define K_LOCK_UN 8 /* Unlock */ +int k_flock __P((int fd, int operation)); +struct tm *k_localtime __P((u_int32_t *)); +int k_getsockinst __P((int fd, char *inst, size_t)); +int k_getportbyname __P((const char *service, const char *proto, int default_port)); + +extern char *krb4_version; + +struct in_addr; + +int k_get_all_addrs __P((struct in_addr **l)); + +/* Host address comparison */ +int krb_equiv __P((u_int32_t, u_int32_t)); + +/* Password conversion */ +void mit_string_to_key __P((char *str, char *cell, des_cblock *key)); +void afs_string_to_key __P((char *str, char *cell, des_cblock *key)); + +/* Lifetime conversion */ +u_int32_t krb_life_to_time __P((u_int32_t start, int life)); +int krb_time_to_life __P((u_int32_t start, u_int32_t end)); +char *krb_life_to_atime __P((int life)); +int krb_atime_to_life __P((char *atime)); + +/* Ticket manipulation */ +int tf_get_cred __P((CREDENTIALS *)); +int tf_get_pinst __P((char *)); +int tf_get_pname __P((char *)); +int tf_put_pinst __P((char *)); +int tf_put_pname __P((char *)); +int tf_init __P((char *, int)); +int tf_create __P((char *)); +int tf_save_cred __P((char *, char *, char *, unsigned char *, int , int , KTEXT ticket, u_int32_t)); +void tf_close __P((void)); +int tf_setup __P((CREDENTIALS *cred, char *pname, char *pinst)); + +/* Private communication */ + +struct sockaddr_in; + +int32_t krb_mk_priv __P((void *, void *, u_int32_t, struct des_ks_struct *, des_cblock *, struct sockaddr_in *, struct sockaddr_in *)); +int32_t krb_rd_priv __P((void *, u_int32_t, struct des_ks_struct *, des_cblock *, struct sockaddr_in *, struct sockaddr_in *, MSG_DAT *)); + +/* Misc */ +KTEXT create_auth_reply __P((char *, char *, char *, int32_t, int, u_int32_t, int, KTEXT)); + +char *krb_get_phost __P((const char *)); +char *krb_realmofhost __P((const char *)); +char *tkt_string __P((void)); + +int create_ciph __P((KTEXT, unsigned char *, char *, char *, char *, u_int32_t, int, KTEXT, u_int32_t, des_cblock *)); +int decomp_ticket __P((KTEXT, unsigned char *, char *, char *, char *, u_int32_t *, unsigned char *, int *, u_int32_t *, char *, char *, des_cblock *, struct des_ks_struct *)); +int dest_tkt __P((void)); +int get_ad_tkt __P((char *, char *, char *, int)); +int get_pw_tkt __P((char *, char *, char *, char *)); +int get_request __P((KTEXT, int, char **, char **)); +int in_tkt __P((char *, char *)); +int k_gethostname __P((char *, int )); +int k_isinst __P((char *)); +int k_isname __P((char *)); +int k_isrealm __P((char *)); +int kname_parse __P((char *, char *, char *, char *)); +int krb_parse_name __P((const char*, krb_principal*)); +char *krb_unparse_name __P((krb_principal*)); +char *krb_unparse_name_r __P((krb_principal*, char*)); +char *krb_unparse_name_long __P((char*, char*, char*)); +char *krb_unparse_name_long_r __P((char *name, char *instance, char *realm, char *fullname)); +int krb_create_ticket __P((KTEXT, unsigned char, char *, char *, char *, int32_t, void *, int16_t, int32_t, char *, char *, des_cblock *)); +int krb_get_admhst __P((char *, char *, int)); +int krb_get_cred __P((char *, char *, char *, CREDENTIALS *)); + +typedef int (*key_proc_t) __P((char*, char*, char*, void*, des_cblock*)); + +typedef int (*decrypt_proc_t) __P((char*, char*, char*, void*, + key_proc_t, KTEXT*)); + +int krb_get_in_tkt __P((char*, char*, char*, char*, char*, int, key_proc_t, + decrypt_proc_t, void*)); + +int srvtab_to_key __P((char *, char *, char *, void *, des_cblock *)); +int passwd_to_key __P((char *, char *, char *, void *, des_cblock *)); +int passwd_to_afskey __P((char *, char *, char *, void *, des_cblock *)); + +int krb_get_krbhst __P((char *, char *, int)); +int krb_get_lrealm __P((char *, int)); +char *krb_get_default_realm __P((void)); +int krb_get_pw_in_tkt __P((char *, char *, char *, char *, char *, int, char *)); +int krb_get_svc_in_tkt __P((char *, char *, char *, char *, char *, int, char *)); +int krb_get_tf_fullname __P((char *, char *, char *, char *)); +int krb_get_tf_realm __P((char *, char *)); +int krb_kntoln __P((AUTH_DAT *, char *)); +int krb_mk_req __P((KTEXT , char *, char *, char *, int32_t)); +int krb_net_read __P((int , void *, size_t)); +int krb_net_write __P((int , const void *, size_t)); +int krb_rd_err __P((u_char *, u_int32_t, int32_t *, MSG_DAT *)); +int krb_rd_req __P((KTEXT , char *, char *, int32_t, AUTH_DAT *, char *)); +int krb_recvauth __P((int32_t, int, KTEXT, char *, char *, struct sockaddr_in *, struct sockaddr_in *, AUTH_DAT *, char *, struct des_ks_struct *, char *)); +int krb_sendauth __P((int32_t, int, KTEXT, char *,char *, char *, u_int32_t, MSG_DAT *, CREDENTIALS *, struct des_ks_struct *, struct sockaddr_in *, struct sockaddr_in *, char *)); +int krb_mk_auth __P((int32_t, KTEXT, char *, char *, char *, u_int32_t, char *, KTEXT)); +int krb_check_auth __P((KTEXT, u_int32_t, MSG_DAT *, des_cblock *, struct des_ks_struct *, struct sockaddr_in *, struct sockaddr_in *)); +int krb_set_key __P((void *, int)); +int krb_set_lifetime __P((int)); +int krb_kuserok __P((char *name, char *inst, char *realm, char *luser)); +int kuserok __P((AUTH_DAT *, char *)); +int read_service_key __P((char *, char *, char *, int , char *, char *)); +int save_credentials __P((char *, char *, char *, unsigned char *, int , int , KTEXT , int32_t)); +int send_to_kdc __P((KTEXT , KTEXT , char *)); + +int32_t krb_mk_err __P((u_char *, int32_t, char *)); +int32_t krb_mk_safe __P((void *, void *, u_int32_t, des_cblock *, struct sockaddr_in *, struct sockaddr_in *)); +int32_t krb_rd_safe __P((void *, u_int32_t, des_cblock *, struct sockaddr_in *, struct sockaddr_in *, MSG_DAT *)); + +void ad_print __P((AUTH_DAT *)); +void cr_err_reply __P((KTEXT, char *, char *, char *, u_int32_t, u_int32_t, char *)); +void extract_ticket __P((KTEXT, int, char *, int *, int *, char *, KTEXT)); +void krb_set_tkt_string __P((char *)); + +int krb_get_default_principal __P((char *, char *, char *)); +int krb_realm_parse __P((char *, int)); +int krb_verify_user __P((char*, char*, char*, char*, int, char *)); + +/* logging.c */ + +typedef int (*krb_log_func_t)(FILE *, const char *, va_list); + +typedef krb_log_func_t krb_warnfn_t; + +struct krb_log_facility; + +int krb_vlogger __P((struct krb_log_facility*, const char *, va_list)) +#ifdef __GNUC__ +__attribute__ ((format (printf, 2, 0))) +#endif +; +int krb_logger __P((struct krb_log_facility*, const char *, ...)) +#ifdef __GNUC__ +__attribute__ ((format (printf, 2, 3))) +#endif +; +int krb_openlog __P((struct krb_log_facility*, char*, FILE*, krb_log_func_t)); + +void krb_set_warnfn __P((krb_warnfn_t)); +krb_warnfn_t krb_get_warnfn __P((void)); +void krb_warning __P((const char*, ...)) +#ifdef __GNUC__ +__attribute__ ((format (printf, 1, 2))) +#endif +; + +void kset_logfile __P((char*)); +void krb_log __P((const char*, ...)) +#ifdef __GNUC__ +__attribute__ ((format (printf, 1, 2))) +#endif +; +char *klog __P((int, const char*, ...)) +#ifdef __GNUC__ +__attribute__ ((format (printf, 2, 3))) +#endif +; + +int getst __P((int, char *, int)); +const char *month_sname __P((int)); +const char *krb_stime __P((time_t *)); +int krb_check_tm __P((struct tm)); + +int krb_get_int __P((void *from, u_int32_t *to, int size, int lsb)); +int krb_put_int __P((u_int32_t from, void *to, int size)); +int krb_get_address __P((void *from, u_int32_t *to)); +int krb_put_address __P((u_int32_t addr, void *to)); +int krb_put_string __P((char *from, void *to)); +int krb_get_string __P((void *from, char *to)); +int krb_get_nir __P((void *from, char *name, char *instance, char *realm)); +int krb_put_nir __P((char *name, char *instance, char *realm, void *to)); + +__END_DECLS + +#endif /* KRB_DEFS */ diff --git a/crypto/kerberosIV/lib/krb/krb.mak b/crypto/kerberosIV/lib/krb/krb.mak new file mode 100644 index 0000000..1236261 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/krb.mak @@ -0,0 +1,3065 @@ +# Microsoft Developer Studio Generated NMAKE File, Format Version 4.10 +# ** DO NOT EDIT ** + +# TARGTYPE "Win32 (x86) Dynamic-Link Library" 0x0102 + +!IF "$(CFG)" == "" +CFG=krb - Win32 Debug +!MESSAGE No configuration specified. Defaulting to krb - Win32 Debug. +!ENDIF + +!IF "$(CFG)" != "krb - Win32 Release" && "$(CFG)" != "krb - Win32 Debug" +!MESSAGE Invalid configuration "$(CFG)" specified. +!MESSAGE You can specify a configuration when running NMAKE on this makefile +!MESSAGE by defining the macro CFG on the command line. For example: +!MESSAGE +!MESSAGE NMAKE /f "krb.mak" CFG="krb - Win32 Debug" +!MESSAGE +!MESSAGE Possible choices for configuration are: +!MESSAGE +!MESSAGE "krb - Win32 Release" (based on "Win32 (x86) Dynamic-Link Library") +!MESSAGE "krb - Win32 Debug" (based on "Win32 (x86) Dynamic-Link Library") +!MESSAGE +!ERROR An invalid configuration is specified. +!ENDIF + +!IF "$(OS)" == "Windows_NT" +NULL= +!ELSE +NULL=nul +!ENDIF +################################################################################ +# Begin Project +# PROP Target_Last_Scanned "krb - Win32 Debug" +RSC=rc.exe +MTL=mktyplib.exe +CPP=cl.exe + +!IF "$(CFG)" == "krb - Win32 Release" + +# PROP BASE Use_MFC 0 +# PROP BASE Use_Debug_Libraries 0 +# PROP BASE Output_Dir "Release" +# PROP BASE Intermediate_Dir "Release" +# PROP BASE Target_Dir "" +# PROP Use_MFC 0 +# PROP Use_Debug_Libraries 0 +# PROP Output_Dir "Release" +# PROP Intermediate_Dir "Release" +# PROP Target_Dir "" +OUTDIR=.\Release +INTDIR=.\Release + +ALL : ".\Release\krb.dll" + +CLEAN : + -@erase ".\Release\cr_err_reply.obj" + -@erase ".\Release\create_auth_reply.obj" + -@erase ".\Release\create_ciph.obj" + -@erase ".\Release\create_ticket.obj" + -@erase ".\Release\debug_decl.obj" + -@erase ".\Release\decomp_ticket.obj" + -@erase ".\Release\dllmain.obj" + -@erase ".\Release\encrypt_ktext.obj" + -@erase ".\Release\et_list.obj" + -@erase ".\Release\get_ad_tkt.obj" + -@erase ".\Release\get_cred.obj" + -@erase ".\Release\get_default_principal.obj" + -@erase ".\Release\get_host.obj" + -@erase ".\Release\get_in_tkt.obj" + -@erase ".\Release\get_krbrlm.obj" + -@erase ".\Release\get_phost.obj" + -@erase ".\Release\get_svc_in_tkt.obj" + -@erase ".\Release\get_tf_fullname.obj" + -@erase ".\Release\get_tf_realm.obj" + -@erase ".\Release\getaddrs.obj" + -@erase ".\Release\getrealm.obj" + -@erase ".\Release\getst.obj" + -@erase ".\Release\k_flock.obj" + -@erase ".\Release\k_gethostname.obj" + -@erase ".\Release\k_getport.obj" + -@erase ".\Release\k_getsockinst.obj" + -@erase ".\Release\k_localtime.obj" + -@erase ".\Release\kdc_reply.obj" + -@erase ".\Release\kntoln.obj" + -@erase ".\Release\krb.dll" + -@erase ".\Release\krb.exp" + -@erase ".\Release\krb.lib" + -@erase ".\Release\krb_check_auth.obj" + -@erase ".\Release\krb_equiv.obj" + -@erase ".\Release\krb_err_txt.obj" + -@erase ".\Release\krb_get_in_tkt.obj" + -@erase ".\Release\lifetime.obj" + -@erase ".\Release\logging.obj" + -@erase ".\Release\lsb_addr_comp.obj" + -@erase ".\Release\mk_auth.obj" + -@erase ".\Release\mk_err.obj" + -@erase ".\Release\mk_priv.obj" + -@erase ".\Release\mk_req.obj" + -@erase ".\Release\mk_safe.obj" + -@erase ".\Release\month_sname.obj" + -@erase ".\Release\name2name.obj" + -@erase ".\Release\netread.obj" + -@erase ".\Release\netwrite.obj" + -@erase ".\Release\one.obj" + -@erase ".\Release\parse_name.obj" + -@erase ".\Release\rd_err.obj" + -@erase ".\Release\rd_priv.obj" + -@erase ".\Release\rd_req.obj" + -@erase ".\Release\rd_safe.obj" + -@erase ".\Release\read_service_key.obj" + -@erase ".\Release\realm_parse.obj" + -@erase ".\Release\recvauth.obj" + -@erase ".\Release\resolve.obj" + -@erase ".\Release\rw.obj" + -@erase ".\Release\save_credentials.obj" + -@erase ".\Release\send_to_kdc.obj" + -@erase ".\Release\sendauth.obj" + -@erase ".\Release\stime.obj" + -@erase ".\Release\str2key.obj" + -@erase ".\Release\swab.obj" + -@erase ".\Release\ticket_memory.obj" + -@erase ".\Release\tkt_string.obj" + -@erase ".\Release\unparse_name.obj" + -@erase ".\Release\util.obj" + -@erase ".\Release\verify_user.obj" + +"$(OUTDIR)" : + if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)" + +# ADD BASE CPP /nologo /MT /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /YX /c +# ADD CPP /nologo /MT /W3 /GX /O2 /I "." /I "..\..\include" /I "..\..\include\win32" /I "..\des" /I "..\roken" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D "HAVE_CONFIG_H" /YX /c +CPP_PROJ=/nologo /MT /W3 /GX /O2 /I "." /I "..\..\include" /I\ + "..\..\include\win32" /I "..\des" /I "..\roken" /D "NDEBUG" /D "WIN32" /D\ + "_WINDOWS" /D "HAVE_CONFIG_H" /Fp"$(INTDIR)/krb.pch" /YX /Fo"$(INTDIR)/" /c +CPP_OBJS=.\Release/ +CPP_SBRS=.\. +# ADD BASE MTL /nologo /D "NDEBUG" /win32 +# ADD MTL /nologo /D "NDEBUG" /win32 +MTL_PROJ=/nologo /D "NDEBUG" /win32 +# ADD BASE RSC /l 0x409 /d "NDEBUG" +# ADD RSC /l 0x409 /d "NDEBUG" +BSC32=bscmake.exe +# ADD BASE BSC32 /nologo +# ADD BSC32 /nologo +BSC32_FLAGS=/nologo /o"$(OUTDIR)/krb.bsc" +BSC32_SBRS= \ + +LINK32=link.exe +# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /dll /machine:I386 +# ADD LINK32 ..\roken\Release\roken.lib ..\des\Release\des.lib wsock32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /dll /machine:I386 +LINK32_FLAGS=..\roken\Release\roken.lib ..\des\Release\des.lib wsock32.lib\ + kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib\ + shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo\ + /subsystem:windows /dll /incremental:no /pdb:"$(OUTDIR)/krb.pdb" /machine:I386\ + /def:".\krb.def" /out:"$(OUTDIR)/krb.dll" /implib:"$(OUTDIR)/krb.lib" +DEF_FILE= \ + ".\krb.def" +LINK32_OBJS= \ + ".\Release\cr_err_reply.obj" \ + ".\Release\create_auth_reply.obj" \ + ".\Release\create_ciph.obj" \ + ".\Release\create_ticket.obj" \ + ".\Release\debug_decl.obj" \ + ".\Release\decomp_ticket.obj" \ + ".\Release\dllmain.obj" \ + ".\Release\encrypt_ktext.obj" \ + ".\Release\et_list.obj" \ + ".\Release\get_ad_tkt.obj" \ + ".\Release\get_cred.obj" \ + ".\Release\get_default_principal.obj" \ + ".\Release\get_host.obj" \ + ".\Release\get_in_tkt.obj" \ + ".\Release\get_krbrlm.obj" \ + ".\Release\get_phost.obj" \ + ".\Release\get_svc_in_tkt.obj" \ + ".\Release\get_tf_fullname.obj" \ + ".\Release\get_tf_realm.obj" \ + ".\Release\getaddrs.obj" \ + ".\Release\getrealm.obj" \ + ".\Release\getst.obj" \ + ".\Release\k_flock.obj" \ + ".\Release\k_gethostname.obj" \ + ".\Release\k_getport.obj" \ + ".\Release\k_getsockinst.obj" \ + ".\Release\k_localtime.obj" \ + ".\Release\kdc_reply.obj" \ + ".\Release\kntoln.obj" \ + ".\Release\krb_check_auth.obj" \ + ".\Release\krb_equiv.obj" \ + ".\Release\krb_err_txt.obj" \ + ".\Release\krb_get_in_tkt.obj" \ + ".\Release\lifetime.obj" \ + ".\Release\logging.obj" \ + ".\Release\lsb_addr_comp.obj" \ + ".\Release\mk_auth.obj" \ + ".\Release\mk_err.obj" \ + ".\Release\mk_priv.obj" \ + ".\Release\mk_req.obj" \ + ".\Release\mk_safe.obj" \ + ".\Release\month_sname.obj" \ + ".\Release\name2name.obj" \ + ".\Release\netread.obj" \ + ".\Release\netwrite.obj" \ + ".\Release\one.obj" \ + ".\Release\parse_name.obj" \ + ".\Release\rd_err.obj" \ + ".\Release\rd_priv.obj" \ + ".\Release\rd_req.obj" \ + ".\Release\rd_safe.obj" \ + ".\Release\read_service_key.obj" \ + ".\Release\realm_parse.obj" \ + ".\Release\recvauth.obj" \ + ".\Release\resolve.obj" \ + ".\Release\rw.obj" \ + ".\Release\save_credentials.obj" \ + ".\Release\send_to_kdc.obj" \ + ".\Release\sendauth.obj" \ + ".\Release\stime.obj" \ + ".\Release\str2key.obj" \ + ".\Release\swab.obj" \ + ".\Release\ticket_memory.obj" \ + ".\Release\tkt_string.obj" \ + ".\Release\unparse_name.obj" \ + ".\Release\util.obj" \ + ".\Release\verify_user.obj" + +".\Release\krb.dll" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS) + $(LINK32) @<< + $(LINK32_FLAGS) $(LINK32_OBJS) +<< + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +# PROP BASE Use_MFC 0 +# PROP BASE Use_Debug_Libraries 1 +# PROP BASE Output_Dir "Debug" +# PROP BASE Intermediate_Dir "Debug" +# PROP BASE Target_Dir "" +# PROP Use_MFC 0 +# PROP Use_Debug_Libraries 1 +# PROP Output_Dir "Debug" +# PROP Intermediate_Dir "Debug" +# PROP Target_Dir "" +OUTDIR=.\Debug +INTDIR=.\Debug + +ALL : ".\Debug\krb.dll" + +CLEAN : + -@erase ".\Debug\cr_err_reply.obj" + -@erase ".\Debug\create_auth_reply.obj" + -@erase ".\Debug\create_ciph.obj" + -@erase ".\Debug\create_ticket.obj" + -@erase ".\Debug\debug_decl.obj" + -@erase ".\Debug\decomp_ticket.obj" + -@erase ".\Debug\dllmain.obj" + -@erase ".\Debug\encrypt_ktext.obj" + -@erase ".\Debug\et_list.obj" + -@erase ".\Debug\get_ad_tkt.obj" + -@erase ".\Debug\get_cred.obj" + -@erase ".\Debug\get_default_principal.obj" + -@erase ".\Debug\get_host.obj" + -@erase ".\Debug\get_in_tkt.obj" + -@erase ".\Debug\get_krbrlm.obj" + -@erase ".\Debug\get_phost.obj" + -@erase ".\Debug\get_svc_in_tkt.obj" + -@erase ".\Debug\get_tf_fullname.obj" + -@erase ".\Debug\get_tf_realm.obj" + -@erase ".\Debug\getaddrs.obj" + -@erase ".\Debug\getrealm.obj" + -@erase ".\Debug\getst.obj" + -@erase ".\Debug\k_flock.obj" + -@erase ".\Debug\k_gethostname.obj" + -@erase ".\Debug\k_getport.obj" + -@erase ".\Debug\k_getsockinst.obj" + -@erase ".\Debug\k_localtime.obj" + -@erase ".\Debug\kdc_reply.obj" + -@erase ".\Debug\kntoln.obj" + -@erase ".\Debug\krb.dll" + -@erase ".\Debug\krb.exp" + -@erase ".\Debug\krb.ilk" + -@erase ".\Debug\krb.lib" + -@erase ".\Debug\krb.pdb" + -@erase ".\Debug\krb_check_auth.obj" + -@erase ".\Debug\krb_equiv.obj" + -@erase ".\Debug\krb_err_txt.obj" + -@erase ".\Debug\krb_get_in_tkt.obj" + -@erase ".\Debug\lifetime.obj" + -@erase ".\Debug\logging.obj" + -@erase ".\Debug\lsb_addr_comp.obj" + -@erase ".\Debug\mk_auth.obj" + -@erase ".\Debug\mk_err.obj" + -@erase ".\Debug\mk_priv.obj" + -@erase ".\Debug\mk_req.obj" + -@erase ".\Debug\mk_safe.obj" + -@erase ".\Debug\month_sname.obj" + -@erase ".\Debug\name2name.obj" + -@erase ".\Debug\netread.obj" + -@erase ".\Debug\netwrite.obj" + -@erase ".\Debug\one.obj" + -@erase ".\Debug\parse_name.obj" + -@erase ".\Debug\rd_err.obj" + -@erase ".\Debug\rd_priv.obj" + -@erase ".\Debug\rd_req.obj" + -@erase ".\Debug\rd_safe.obj" + -@erase ".\Debug\read_service_key.obj" + -@erase ".\Debug\realm_parse.obj" + -@erase ".\Debug\recvauth.obj" + -@erase ".\Debug\resolve.obj" + -@erase ".\Debug\rw.obj" + -@erase ".\Debug\save_credentials.obj" + -@erase ".\Debug\send_to_kdc.obj" + -@erase ".\Debug\sendauth.obj" + -@erase ".\Debug\stime.obj" + -@erase ".\Debug\str2key.obj" + -@erase ".\Debug\swab.obj" + -@erase ".\Debug\ticket_memory.obj" + -@erase ".\Debug\tkt_string.obj" + -@erase ".\Debug\unparse_name.obj" + -@erase ".\Debug\util.obj" + -@erase ".\Debug\vc40.idb" + -@erase ".\Debug\vc40.pdb" + -@erase ".\Debug\verify_user.obj" + +"$(OUTDIR)" : + if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)" + +# ADD BASE CPP /nologo /MTd /W3 /Gm /GX /Zi /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /YX /c +# ADD CPP /nologo /MTd /W3 /Gm /GX /Zi /Od /I "." /I "..\..\include" /I "..\..\include\win32" /I "..\des" /I "..\roken" /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /D "HAVE_CONFIG_H" /YX /c +CPP_PROJ=/nologo /MTd /W3 /Gm /GX /Zi /Od /I "." /I "..\..\include" /I\ + "..\..\include\win32" /I "..\des" /I "..\roken" /D "_DEBUG" /D "WIN32" /D\ + "_WINDOWS" /D "HAVE_CONFIG_H" /Fp"$(INTDIR)/krb.pch" /YX /Fo"$(INTDIR)/"\ + /Fd"$(INTDIR)/" /c +CPP_OBJS=.\Debug/ +CPP_SBRS=.\. +# ADD BASE MTL /nologo /D "_DEBUG" /win32 +# ADD MTL /nologo /D "_DEBUG" /win32 +MTL_PROJ=/nologo /D "_DEBUG" /win32 +# ADD BASE RSC /l 0x409 /d "_DEBUG" +# ADD RSC /l 0x409 /d "_DEBUG" +BSC32=bscmake.exe +# ADD BASE BSC32 /nologo +# ADD BSC32 /nologo +BSC32_FLAGS=/nologo /o"$(OUTDIR)/krb.bsc" +BSC32_SBRS= \ + +LINK32=link.exe +# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /dll /debug /machine:I386 +# ADD LINK32 ..\roken\Debug\roken.lib ..\des\Debug\des.lib wsock32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /dll /debug /machine:I386 +LINK32_FLAGS=..\roken\Debug\roken.lib ..\des\Debug\des.lib wsock32.lib\ + kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib\ + shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo\ + /subsystem:windows /dll /incremental:yes /pdb:"$(OUTDIR)/krb.pdb" /debug\ + /machine:I386 /def:".\krb.def" /out:"$(OUTDIR)/krb.dll"\ + /implib:"$(OUTDIR)/krb.lib" +DEF_FILE= \ + ".\krb.def" +LINK32_OBJS= \ + ".\Debug\cr_err_reply.obj" \ + ".\Debug\create_auth_reply.obj" \ + ".\Debug\create_ciph.obj" \ + ".\Debug\create_ticket.obj" \ + ".\Debug\debug_decl.obj" \ + ".\Debug\decomp_ticket.obj" \ + ".\Debug\dllmain.obj" \ + ".\Debug\encrypt_ktext.obj" \ + ".\Debug\et_list.obj" \ + ".\Debug\get_ad_tkt.obj" \ + ".\Debug\get_cred.obj" \ + ".\Debug\get_default_principal.obj" \ + ".\Debug\get_host.obj" \ + ".\Debug\get_in_tkt.obj" \ + ".\Debug\get_krbrlm.obj" \ + ".\Debug\get_phost.obj" \ + ".\Debug\get_svc_in_tkt.obj" \ + ".\Debug\get_tf_fullname.obj" \ + ".\Debug\get_tf_realm.obj" \ + ".\Debug\getaddrs.obj" \ + ".\Debug\getrealm.obj" \ + ".\Debug\getst.obj" \ + ".\Debug\k_flock.obj" \ + ".\Debug\k_gethostname.obj" \ + ".\Debug\k_getport.obj" \ + ".\Debug\k_getsockinst.obj" \ + ".\Debug\k_localtime.obj" \ + ".\Debug\kdc_reply.obj" \ + ".\Debug\kntoln.obj" \ + ".\Debug\krb_check_auth.obj" \ + ".\Debug\krb_equiv.obj" \ + ".\Debug\krb_err_txt.obj" \ + ".\Debug\krb_get_in_tkt.obj" \ + ".\Debug\lifetime.obj" \ + ".\Debug\logging.obj" \ + ".\Debug\lsb_addr_comp.obj" \ + ".\Debug\mk_auth.obj" \ + ".\Debug\mk_err.obj" \ + ".\Debug\mk_priv.obj" \ + ".\Debug\mk_req.obj" \ + ".\Debug\mk_safe.obj" \ + ".\Debug\month_sname.obj" \ + ".\Debug\name2name.obj" \ + ".\Debug\netread.obj" \ + ".\Debug\netwrite.obj" \ + ".\Debug\one.obj" \ + ".\Debug\parse_name.obj" \ + ".\Debug\rd_err.obj" \ + ".\Debug\rd_priv.obj" \ + ".\Debug\rd_req.obj" \ + ".\Debug\rd_safe.obj" \ + ".\Debug\read_service_key.obj" \ + ".\Debug\realm_parse.obj" \ + ".\Debug\recvauth.obj" \ + ".\Debug\resolve.obj" \ + ".\Debug\rw.obj" \ + ".\Debug\save_credentials.obj" \ + ".\Debug\send_to_kdc.obj" \ + ".\Debug\sendauth.obj" \ + ".\Debug\stime.obj" \ + ".\Debug\str2key.obj" \ + ".\Debug\swab.obj" \ + ".\Debug\ticket_memory.obj" \ + ".\Debug\tkt_string.obj" \ + ".\Debug\unparse_name.obj" \ + ".\Debug\util.obj" \ + ".\Debug\verify_user.obj" + +".\Debug\krb.dll" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS) + $(LINK32) @<< + $(LINK32_FLAGS) $(LINK32_OBJS) +<< + +!ENDIF + +.c{$(CPP_OBJS)}.obj: + $(CPP) $(CPP_PROJ) $< + +.cpp{$(CPP_OBJS)}.obj: + $(CPP) $(CPP_PROJ) $< + +.cxx{$(CPP_OBJS)}.obj: + $(CPP) $(CPP_PROJ) $< + +.c{$(CPP_SBRS)}.sbr: + $(CPP) $(CPP_PROJ) $< + +.cpp{$(CPP_SBRS)}.sbr: + $(CPP) $(CPP_PROJ) $< + +.cxx{$(CPP_SBRS)}.sbr: + $(CPP) $(CPP_PROJ) $< + +################################################################################ +# Begin Target + +# Name "krb - Win32 Release" +# Name "krb - Win32 Debug" + +!IF "$(CFG)" == "krb - Win32 Release" + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +!ENDIF + +################################################################################ +# Begin Source File + +SOURCE=.\krb.def + +!IF "$(CFG)" == "krb - Win32 Release" + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\get_tf_fullname.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_GET_T=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\get_tf_fullname.obj" : $(SOURCE) $(DEP_CPP_GET_T) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_GET_T=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\get_tf_fullname.obj" : $(SOURCE) $(DEP_CPP_GET_T) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\cr_err_reply.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_CR_ER=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\cr_err_reply.obj" : $(SOURCE) $(DEP_CPP_CR_ER) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_CR_ER=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\cr_err_reply.obj" : $(SOURCE) $(DEP_CPP_CR_ER) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\create_auth_reply.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_CREAT=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\create_auth_reply.obj" : $(SOURCE) $(DEP_CPP_CREAT) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_CREAT=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\create_auth_reply.obj" : $(SOURCE) $(DEP_CPP_CREAT) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\create_ciph.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_CREATE=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\create_ciph.obj" : $(SOURCE) $(DEP_CPP_CREATE) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_CREATE=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\create_ciph.obj" : $(SOURCE) $(DEP_CPP_CREATE) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\create_ticket.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_CREATE_=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\create_ticket.obj" : $(SOURCE) $(DEP_CPP_CREATE_) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_CREATE_=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\create_ticket.obj" : $(SOURCE) $(DEP_CPP_CREATE_) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\decomp_ticket.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_DECOM=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\decomp_ticket.obj" : $(SOURCE) $(DEP_CPP_DECOM) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_DECOM=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\decomp_ticket.obj" : $(SOURCE) $(DEP_CPP_DECOM) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\dllmain.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_DLLMA=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + ".\ticket_memory.h"\ + + +".\Release\dllmain.obj" : $(SOURCE) $(DEP_CPP_DLLMA) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_DLLMA=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + ".\ticket_memory.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\dllmain.obj" : $(SOURCE) $(DEP_CPP_DLLMA) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\encrypt_ktext.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_ENCRY=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\encrypt_ktext.obj" : $(SOURCE) $(DEP_CPP_ENCRY) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_ENCRY=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\encrypt_ktext.obj" : $(SOURCE) $(DEP_CPP_ENCRY) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\et_list.c +DEP_CPP_ET_LI=\ + "..\..\include\win32\config.h"\ + + +!IF "$(CFG)" == "krb - Win32 Release" + + +".\Release\et_list.obj" : $(SOURCE) $(DEP_CPP_ET_LI) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + + +".\Debug\et_list.obj" : $(SOURCE) $(DEP_CPP_ET_LI) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\get_ad_tkt.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_GET_A=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\get_ad_tkt.obj" : $(SOURCE) $(DEP_CPP_GET_A) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_GET_A=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\get_ad_tkt.obj" : $(SOURCE) $(DEP_CPP_GET_A) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\get_cred.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_GET_C=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\get_cred.obj" : $(SOURCE) $(DEP_CPP_GET_C) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_GET_C=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\get_cred.obj" : $(SOURCE) $(DEP_CPP_GET_C) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\get_default_principal.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_GET_D=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\get_default_principal.obj" : $(SOURCE) $(DEP_CPP_GET_D) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_GET_D=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\get_default_principal.obj" : $(SOURCE) $(DEP_CPP_GET_D) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\get_host.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_GET_H=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\get_host.obj" : $(SOURCE) $(DEP_CPP_GET_H) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_GET_H=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\get_host.obj" : $(SOURCE) $(DEP_CPP_GET_H) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\get_in_tkt.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_GET_I=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\get_in_tkt.obj" : $(SOURCE) $(DEP_CPP_GET_I) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_GET_I=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\get_in_tkt.obj" : $(SOURCE) $(DEP_CPP_GET_I) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\get_krbrlm.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_GET_K=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\get_krbrlm.obj" : $(SOURCE) $(DEP_CPP_GET_K) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_GET_K=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\get_krbrlm.obj" : $(SOURCE) $(DEP_CPP_GET_K) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\get_phos + +!IF "$(CFG)" == "krb - Win32 Release" + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\get_svc_in_tkt.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_GET_S=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\get_svc_in_tkt.obj" : $(SOURCE) $(DEP_CPP_GET_S) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_GET_S=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\get_svc_in_tkt.obj" : $(SOURCE) $(DEP_CPP_GET_S) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\get_phost.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_GET_P=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\get_phost.obj" : $(SOURCE) $(DEP_CPP_GET_P) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_GET_P=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\get_phost.obj" : $(SOURCE) $(DEP_CPP_GET_P) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\krb_equiv.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_KRB_E=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\krb_equiv.obj" : $(SOURCE) $(DEP_CPP_KRB_E) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_KRB_E=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\krb_equiv.obj" : $(SOURCE) $(DEP_CPP_KRB_E) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\getaddrs.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_GETAD=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\getaddrs.obj" : $(SOURCE) $(DEP_CPP_GETAD) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_GETAD=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\getaddrs.obj" : $(SOURCE) $(DEP_CPP_GETAD) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\getrealm.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_GETRE=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\getrealm.obj" : $(SOURCE) $(DEP_CPP_GETRE) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_GETRE=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\getrealm.obj" : $(SOURCE) $(DEP_CPP_GETRE) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\getst.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_GETST=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\getst.obj" : $(SOURCE) $(DEP_CPP_GETST) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_GETST=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\getst.obj" : $(SOURCE) $(DEP_CPP_GETST) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\k_flock.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_K_FLO=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\k_flock.obj" : $(SOURCE) $(DEP_CPP_K_FLO) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_K_FLO=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\k_flock.obj" : $(SOURCE) $(DEP_CPP_K_FLO) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\k_gethostname.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_K_GET=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\k_gethostname.obj" : $(SOURCE) $(DEP_CPP_K_GET) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_K_GET=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\k_gethostname.obj" : $(SOURCE) $(DEP_CPP_K_GET) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\k_getport.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_K_GETP=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\k_getport.obj" : $(SOURCE) $(DEP_CPP_K_GETP) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_K_GETP=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\k_getport.obj" : $(SOURCE) $(DEP_CPP_K_GETP) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\k_getsockinst.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_K_GETS=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\k_getsockinst.obj" : $(SOURCE) $(DEP_CPP_K_GETS) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_K_GETS=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\k_getsockinst.obj" : $(SOURCE) $(DEP_CPP_K_GETS) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\k_localtime.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_K_LOC=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\k_localtime.obj" : $(SOURCE) $(DEP_CPP_K_LOC) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_K_LOC=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\k_localtime.obj" : $(SOURCE) $(DEP_CPP_K_LOC) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\kdc_reply.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_KDC_R=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\kdc_reply.obj" : $(SOURCE) $(DEP_CPP_KDC_R) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_KDC_R=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\kdc_reply.obj" : $(SOURCE) $(DEP_CPP_KDC_R) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\kntoln.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_KNTOL=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Release\kntoln.obj" : $(SOURCE) $(DEP_CPP_KNTOL) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_KNTOL=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\kntoln.obj" : $(SOURCE) $(DEP_CPP_KNTOL) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\krb_check_auth.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_KRB_C=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\krb_check_auth.obj" : $(SOURCE) $(DEP_CPP_KRB_C) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_KRB_C=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\krb_check_auth.obj" : $(SOURCE) $(DEP_CPP_KRB_C) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\get_tf_realm.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_GET_TF=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\get_tf_realm.obj" : $(SOURCE) $(DEP_CPP_GET_TF) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_GET_TF=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\get_tf_realm.obj" : $(SOURCE) $(DEP_CPP_GET_TF) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\rd_safe.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_RD_SA=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + ".\lsb_addr_comp.h"\ + + +".\Release\rd_safe.obj" : $(SOURCE) $(DEP_CPP_RD_SA) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_RD_SA=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\lsb_addr_comp.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\rd_safe.obj" : $(SOURCE) $(DEP_CPP_RD_SA) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\krb_get_in_tkt.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_KRB_G=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\krb_get_in_tkt.obj" : $(SOURCE) $(DEP_CPP_KRB_G) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_KRB_G=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\krb_get_in_tkt.obj" : $(SOURCE) $(DEP_CPP_KRB_G) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\lifetime.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_LIFET=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\lifetime.obj" : $(SOURCE) $(DEP_CPP_LIFET) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_LIFET=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\lifetime.obj" : $(SOURCE) $(DEP_CPP_LIFET) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\lsb_addr_comp.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_LSB_A=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + ".\lsb_addr_comp.h"\ + + +".\Release\lsb_addr_comp.obj" : $(SOURCE) $(DEP_CPP_LSB_A) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_LSB_A=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\lsb_addr_comp.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\lsb_addr_comp.obj" : $(SOURCE) $(DEP_CPP_LSB_A) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\mk_auth.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_MK_AU=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\mk_auth.obj" : $(SOURCE) $(DEP_CPP_MK_AU) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_MK_AU=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\mk_auth.obj" : $(SOURCE) $(DEP_CPP_MK_AU) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\mk_err.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_MK_ER=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\mk_err.obj" : $(SOURCE) $(DEP_CPP_MK_ER) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_MK_ER=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\mk_err.obj" : $(SOURCE) $(DEP_CPP_MK_ER) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\mk_priv.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_MK_PR=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + ".\lsb_addr_comp.h"\ + + +".\Release\mk_priv.obj" : $(SOURCE) $(DEP_CPP_MK_PR) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_MK_PR=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\lsb_addr_comp.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\mk_priv.obj" : $(SOURCE) $(DEP_CPP_MK_PR) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\mk_req.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_MK_RE=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\mk_req.obj" : $(SOURCE) $(DEP_CPP_MK_RE) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_MK_RE=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\mk_req.obj" : $(SOURCE) $(DEP_CPP_MK_RE) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\mk_safe.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_MK_SA=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + ".\lsb_addr_comp.h"\ + + +".\Release\mk_safe.obj" : $(SOURCE) $(DEP_CPP_MK_SA) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_MK_SA=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\lsb_addr_comp.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\mk_safe.obj" : $(SOURCE) $(DEP_CPP_MK_SA) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\month_sname.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_MONTH=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\month_sname.obj" : $(SOURCE) $(DEP_CPP_MONTH) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_MONTH=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\month_sname.obj" : $(SOURCE) $(DEP_CPP_MONTH) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\name2name.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_NAME2=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\name2name.obj" : $(SOURCE) $(DEP_CPP_NAME2) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_NAME2=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\name2name.obj" : $(SOURCE) $(DEP_CPP_NAME2) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\netread.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_NETRE=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\netread.obj" : $(SOURCE) $(DEP_CPP_NETRE) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_NETRE=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\netread.obj" : $(SOURCE) $(DEP_CPP_NETRE) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\netwrite.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_NETWR=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\netwrite.obj" : $(SOURCE) $(DEP_CPP_NETWR) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_NETWR=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\netwrite.obj" : $(SOURCE) $(DEP_CPP_NETWR) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\one.c + +!IF "$(CFG)" == "krb - Win32 Release" + + +".\Release\one.obj" : $(SOURCE) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + + +".\Debug\one.obj" : $(SOURCE) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\parse_name.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_PARSE=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\parse_name.obj" : $(SOURCE) $(DEP_CPP_PARSE) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_PARSE=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\parse_name.obj" : $(SOURCE) $(DEP_CPP_PARSE) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\rd_err.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_RD_ER=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\rd_err.obj" : $(SOURCE) $(DEP_CPP_RD_ER) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_RD_ER=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\rd_err.obj" : $(SOURCE) $(DEP_CPP_RD_ER) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\rd_priv.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_RD_PR=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + ".\lsb_addr_comp.h"\ + + +".\Release\rd_priv.obj" : $(SOURCE) $(DEP_CPP_RD_PR) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_RD_PR=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\lsb_addr_comp.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\rd_priv.obj" : $(SOURCE) $(DEP_CPP_RD_PR) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\rd_req.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_RD_RE=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\rd_req.obj" : $(SOURCE) $(DEP_CPP_RD_RE) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_RD_RE=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\rd_req.obj" : $(SOURCE) $(DEP_CPP_RD_RE) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\krb_err_txt.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_KRB_ER=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\krb_err_txt.obj" : $(SOURCE) $(DEP_CPP_KRB_ER) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_KRB_ER=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\krb_err_txt.obj" : $(SOURCE) $(DEP_CPP_KRB_ER) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\send_to_kdc.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_SEND_=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\send_to_kdc.obj" : $(SOURCE) $(DEP_CPP_SEND_) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_SEND_=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\send_to_kdc.obj" : $(SOURCE) $(DEP_CPP_SEND_) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\realm_parse.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_REALM=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\realm_parse.obj" : $(SOURCE) $(DEP_CPP_REALM) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_REALM=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\realm_parse.obj" : $(SOURCE) $(DEP_CPP_REALM) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\recvauth.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_RECVA=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\recvauth.obj" : $(SOURCE) $(DEP_CPP_RECVA) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_RECVA=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\recvauth.obj" : $(SOURCE) $(DEP_CPP_RECVA) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\resolve.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_RESOL=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + ".\resolve.h"\ + + +".\Release\resolve.obj" : $(SOURCE) $(DEP_CPP_RESOL) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_RESOL=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\resolve.obj" : $(SOURCE) $(DEP_CPP_RESOL) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\rw.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_RW_C68=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + "..\des\version.h"\ + ".\krb_locl.h"\ + + +".\Release\rw.obj" : $(SOURCE) $(DEP_CPP_RW_C68) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_RW_C68=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\des\version.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\rw.obj" : $(SOURCE) $(DEP_CPP_RW_C68) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\save_credentials.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_SAVE_=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\save_credentials.obj" : $(SOURCE) $(DEP_CPP_SAVE_) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_SAVE_=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\save_credentials.obj" : $(SOURCE) $(DEP_CPP_SAVE_) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\read_service_key.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_READ_=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\read_service_key.obj" : $(SOURCE) $(DEP_CPP_READ_) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_READ_=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\read_service_key.obj" : $(SOURCE) $(DEP_CPP_READ_) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\verify_user.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_VERIF=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\verify_user.obj" : $(SOURCE) $(DEP_CPP_VERIF) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_VERIF=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\verify_user.obj" : $(SOURCE) $(DEP_CPP_VERIF) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\stime.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_STIME=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\stime.obj" : $(SOURCE) $(DEP_CPP_STIME) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_STIME=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\stime.obj" : $(SOURCE) $(DEP_CPP_STIME) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\swab.c +DEP_CPP_SWAB_=\ + "..\..\include\win32\config.h"\ + + +!IF "$(CFG)" == "krb - Win32 Release" + + +".\Release\swab.obj" : $(SOURCE) $(DEP_CPP_SWAB_) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + + +".\Debug\swab.obj" : $(SOURCE) $(DEP_CPP_SWAB_) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\ticket_memory.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_TICKE=\ + ".\krb_locl.h"\ + ".\ticket_memory.h"\ + + +".\Release\ticket_memory.obj" : $(SOURCE) $(DEP_CPP_TICKE) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_TICKE=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + ".\ticket_memory.h"\ + + +".\Debug\ticket_memory.obj" : $(SOURCE) $(DEP_CPP_TICKE) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\tkt_string.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_TKT_S=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\tkt_string.obj" : $(SOURCE) $(DEP_CPP_TKT_S) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_TKT_S=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\tkt_string.obj" : $(SOURCE) $(DEP_CPP_TKT_S) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\unparse_name.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_UNPAR=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\unparse_name.obj" : $(SOURCE) $(DEP_CPP_UNPAR) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_UNPAR=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\unparse_name.obj" : $(SOURCE) $(DEP_CPP_UNPAR) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\util.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_UTIL_=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\util.obj" : $(SOURCE) $(DEP_CPP_UTIL_) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_UTIL_=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\util.obj" : $(SOURCE) $(DEP_CPP_UTIL_) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\sendauth.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_SENDA=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\sendauth.obj" : $(SOURCE) $(DEP_CPP_SENDA) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_SENDA=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\sendauth.obj" : $(SOURCE) $(DEP_CPP_SENDA) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\logging.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_LOGGI=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\klog.h"\ + ".\krb_locl.h"\ + + +".\Release\logging.obj" : $(SOURCE) $(DEP_CPP_LOGGI) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_LOGGI=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\klog.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\logging.obj" : $(SOURCE) $(DEP_CPP_LOGGI) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\str2key.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_STR2K=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\str2key.obj" : $(SOURCE) $(DEP_CPP_STR2K) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_STR2K=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\str2key.obj" : $(SOURCE) $(DEP_CPP_STR2K) "$(INTDIR)" + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\debug_decl.c + +!IF "$(CFG)" == "krb - Win32 Release" + +DEP_CPP_DEBUG=\ + "..\..\include\protos.h"\ + "..\..\include\win32\config.h"\ + ".\krb_locl.h"\ + + +".\Release\debug_decl.obj" : $(SOURCE) $(DEP_CPP_DEBUG) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "krb - Win32 Debug" + +DEP_CPP_DEBUG=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\roken\roken.h"\ + ".\krb.h"\ + ".\krb_locl.h"\ + ".\prot.h"\ + ".\resolve.h"\ + {$(INCLUDE)}"\sys\STAT.H"\ + {$(INCLUDE)}"\sys\TYPES.H"\ + + +".\Debug\debug_decl.obj" : $(SOURCE) $(DEP_CPP_DEBUG) "$(INTDIR)" + + +!ENDIF + +# End Source File +# End Target +# End Project +################################################################################ diff --git a/crypto/kerberosIV/lib/krb/krb_check_auth.c b/crypto/kerberosIV/lib/krb/krb_check_auth.c new file mode 100644 index 0000000..8bddbf5 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/krb_check_auth.c @@ -0,0 +1,76 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: krb_check_auth.c,v 1.4 1997/04/01 08:18:33 joda Exp $"); + +/* + * + * Receive an mutual-authenticator for a server in `packet', with + * `checksum', `session', and `schedule' having the appropriate values + * and return the data in `msg_data'. + * + * Return KSUCCESS if the received checksum is correct. + * + */ + +int +krb_check_auth(KTEXT packet, + u_int32_t checksum, + MSG_DAT *msg_data, + des_cblock *session, + struct des_ks_struct *schedule, + struct sockaddr_in *laddr, + struct sockaddr_in *faddr) +{ + int ret; + u_int32_t checksum2; + + ret = krb_rd_priv (packet->dat, packet->length, schedule, session, faddr, + laddr, msg_data); + if (ret != RD_AP_OK) + return ret; + if (msg_data->app_length != 4) + return KFAILURE; + krb_get_int (msg_data->app_data, &checksum2, 4, 0); + if (checksum2 == checksum + 1) + return KSUCCESS; + else + return KFAILURE; +} diff --git a/crypto/kerberosIV/lib/krb/krb_equiv.c b/crypto/kerberosIV/lib/krb/krb_equiv.c new file mode 100644 index 0000000..06f42f5 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/krb_equiv.c @@ -0,0 +1,144 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* + * int krb_equiv(u_int32_t ipaddr_a, u_int32_t ipaddr_b); + * + * Given two IP adresses return true if they match + * or are considered to belong to the same host. + * + * For example if /etc/krb.equiv looks like + * + * 130.237.223.3 192.16.126.3 # alv alv1 + * 130.237.223.4 192.16.126.4 # byse byse1 + * 130.237.228.152 192.16.126.9 # topsy topsy1 + * + * krb_equiv(alv, alv1) would return true but + * krb_equiv(alv, byse1) would not. + * + * A comment starts with an '#' and ends with '\n'. + * + */ +#include "krb_locl.h" + +RCSID("$Id: krb_equiv.c,v 1.13 1997/04/01 08:18:33 joda Exp $"); + +int krb_ignore_ip_address = 0; + +int +krb_equiv(u_int32_t a, u_int32_t b) +{ + FILE *fil; + char line[256]; + int hit_a, hit_b; + int iscomment; + + if (a == b) /* trivial match, also the common case */ + return 1; + + if (krb_ignore_ip_address) + return 1; /* if we have decided not to compare */ + + a = ntohl(a); + b = ntohl(b); + + fil = fopen(KRB_EQUIV, "r"); + if (fil == NULL) /* open failed */ + return 0; + + hit_a = hit_b = 0; + iscomment = 0; + while (fgets(line, sizeof(line)-1, fil) != NULL) /* for each line */ + { + char *t = line; + int len = strlen(t); + + /* for each item on this line */ + while (*t != 0) /* more addresses on this line? */ + if (*t == '\n') { + iscomment = hit_a = hit_b = 0; + break; + } else if (iscomment) + t = line + len - 1; + else if (*t == '#') { /* rest is comment */ + iscomment = 1; + ++t; + } else if (*t == '\\' ) /* continuation */ + break; + else if (isspace(*t)) /* skip space */ + t++; + else if (isdigit(*t)) /* an address? */ + { + u_int32_t tmp; + u_int32_t tmpa, tmpb, tmpc, tmpd; + + sscanf(t, "%d.%d.%d.%d", &tmpa, &tmpb, &tmpc, &tmpd); + tmp = (tmpa << 24) | (tmpb << 16) | (tmpc << 8) | tmpd; + + while (*t == '.' || isdigit(*t)) /* done with this address */ + t++; + + if (tmp != -1) { /* an address (and not broadcast) */ + u_int32_t mask = (u_int32_t)~0; + + if (*t == '/') { + ++t; + mask <<= 32 - atoi(t); + + while(isdigit(*t)) + ++t; + } + + if ((tmp & mask) == (a & mask)) + hit_a = 1; + if ((tmp & mask) == (b & mask)) + hit_b = 1; + if (hit_a && hit_b) { + fclose(fil); + return 1; + } + } + } + else + ++t; /* garbage on this line, skip it */ + + } + + fclose(fil); + return 0; +} diff --git a/crypto/kerberosIV/lib/krb/krb_err.et b/crypto/kerberosIV/lib/krb/krb_err.et new file mode 100644 index 0000000..4e32aed --- /dev/null +++ b/crypto/kerberosIV/lib/krb/krb_err.et @@ -0,0 +1,257 @@ +# Copyright 1987,1988 Massachusetts Institute of Technology +# +# For copying and distribution information, see the file +# "mit-copyright.h". +# +# $Id: krb_err.et,v 1.4 1996/10/27 13:30:28 bg Exp $ +# + error_table krb + + ec KRBET_KSUCCESS, + "Kerberos successful" + + ec KRBET_KDC_NAME_EXP, + "Kerberos principal expired" + + ec KRBET_KDC_SERVICE_EXP, + "Kerberos service expired" + + ec KRBET_KDC_AUTH_EXP, + "Kerberos auth expired" + + ec KRBET_KDC_PKT_VER, + "Incorrect kerberos master key version" + + ec KRBET_KDC_P_MKEY_VER, + "Incorrect kerberos master key version" + + ec KRBET_KDC_S_MKEY_VER, + "Incorrect kerberos master key version" + + ec KRBET_KDC_BYTE_ORDER, + "Kerberos error: byte order unknown" + + ec KRBET_KDC_PR_UNKNOWN, + "Kerberos principal unknown" + + ec KRBET_KDC_PR_N_UNIQUE, + "Kerberos principal not unique" + + ec KRBET_KDC_NULL_KEY, + "Kerberos principal has null key" + + ec KRBET_KRB_RES11, + "Reserved 11" + + ec KRBET_KRB_RES12, + "Reserved 12" + + ec KRBET_KRB_RES13, + "Reserved 13" + + ec KRBET_KRB_RES14, + "Reserved 14" + + ec KRBET_KRB_RES15, + "Reserved 15" + + ec KRBET_KRB_RES16, + "Reserved 16" + + ec KRBET_KRB_RES17, + "Reserved 17" + + ec KRBET_KRB_RES18, + "Reserved 18" + + ec KRBET_KRB_RES19, + "Reserved 19" + + ec KRBET_KDC_GEN_ERR, + "Generic error from Kerberos KDC" + + ec KRBET_GC_TKFIL, + "Can't read Kerberos ticket file" + + ec KRBET_GC_NOTKT, + "Can't find Kerberos ticket or TGT" + + ec KRBET_KRB_RES23, + "Reserved 23" + + ec KRBET_KRB_RES24, + "Reserved 24" + + ec KRBET_KRB_RES25, + "Reserved 25" + + ec KRBET_MK_AP_TGTEXP, + "Kerberos TGT Expired" + + ec KRBET_KRB_RES27, + "Reserved 27" + + ec KRBET_KRB_RES28, + "Reserved 28" + + ec KRBET_KRB_RES29, + "Reserved 29" + + ec KRBET_KRB_RES30, + "Reserved 30" + + ec KRBET_RD_AP_UNDEC, + "Kerberos error: Can't decode authenticator" + + ec KRBET_RD_AP_EXP, + "Kerberos ticket expired" + + ec KRBET_RD_AP_NYV, + "Kerberos ticket not yet valid" + + ec KRBET_RD_AP_REPEAT, + "Kerberos error: Repeated request" + + ec KRBET_RD_AP_NOT_US, + "The kerberos ticket isn't for us" + + ec KRBET_RD_AP_INCON, + "Kerberos request inconsistent" + + ec KRBET_RD_AP_TIME, + "Kerberos error: delta_t too big" + + ec KRBET_RD_AP_BADD, + "Kerberos error: incorrect net address" + + ec KRBET_RD_AP_VERSION, + "Kerberos protocol version mismatch" + + ec KRBET_RD_AP_MSG_TYPE, + "Kerberos error: invalid msg type" + + ec KRBET_RD_AP_MODIFIED, + "Kerberos error: message stream modified" + + ec KRBET_RD_AP_ORDER, + "Kerberos error: message out of order" + + ec KRBET_RD_AP_UNAUTHOR, + "Kerberos error: unauthorized request" + + ec KRBET_KRB_RES44, + "Reserved 44" + + ec KRBET_KRB_RES45, + "Reserved 45" + + ec KRBET_KRB_RES46, + "Reserved 46" + + ec KRBET_KRB_RES47, + "Reserved 47" + + ec KRBET_KRB_RES48, + "Reserved 48" + + ec KRBET_KRB_RES49, + "Reserved 49" + + ec KRBET_KRB_RES50, + "Reserved 50" + + ec KRBET_GT_PW_NULL, + "Kerberos error: current PW is null" + + ec KRBET_GT_PW_BADPW, + "Kerberos error: Incorrect current password" + + ec KRBET_GT_PW_PROT, + "Kerberos protocol error" + + ec KRBET_GT_PW_KDCERR, + "Error returned by Kerberos KDC" + + ec KRBET_GT_PW_NULLTKT, + "Null Kerberos ticket returned by KDC" + + ec KRBET_SKDC_RETRY, + "Kerberos error: Retry count exceeded" + + ec KRBET_SKDC_CANT, + "Kerberos error: Can't send request" + + ec KRBET_KRB_RES58, + "Reserved 58" + + ec KRBET_KRB_RES59, + "Reserved 59" + + ec KRBET_KRB_RES60, + "Reserved 60" + + ec KRBET_INTK_W_NOTALL, + "Kerberos error: not all tickets returned" + + ec KRBET_INTK_BADPW, + "Kerberos error: incorrect password" + + ec KRBET_INTK_PROT, + "Kerberos error: Protocol Error" + + ec KRBET_KRB_RES64, + "Reserved 64" + + ec KRBET_KRB_RES65, + "Reserved 65" + + ec KRBET_KRB_RES66, + "Reserved 66" + + ec KRBET_KRB_RES67, + "Reserved 67" + + ec KRBET_KRB_RES68, + "Reserved 68" + + ec KRBET_KRB_RES69, + "Reserved 69" + + ec KRBET_INTK_ERR, + "Other error" + + ec KRBET_AD_NOTGT, + "Don't have Kerberos ticket-granting ticket" + + ec KRBET_KRB_RES72, + "Can't get Kerberos inter-realm ticket-granting ticket" + + ec KRBET_KRB_RES73, + "Reserved 73" + + ec KRBET_KRB_RES74, + "Reserved 74" + + ec KRBET_KRB_RES75, + "Reserved 75" + + ec KRBET_NO_TKT_FIL, + "No ticket file found" + + ec KRBET_TKT_FIL_ACC, + "Couldn't access ticket file" + + ec KRBET_TKT_FIL_LCK, + "Couldn't lock ticket file" + + ec KRBET_TKT_FIL_FMT, + "Bad ticket file format" + + ec KRBET_TKT_FIL_INI, + "tf_init not called first" + + ec KRBET_KNAME_FMT, + "Bad Kerberos name format" + + end + diff --git a/crypto/kerberosIV/lib/krb/krb_err_txt.c b/crypto/kerberosIV/lib/krb/krb_err_txt.c new file mode 100644 index 0000000..161aa0f --- /dev/null +++ b/crypto/kerberosIV/lib/krb/krb_err_txt.c @@ -0,0 +1,299 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + + */ + +#include "krb_locl.h" + +RCSID("$Id: krb_err_txt.c,v 1.12 1997/04/02 05:37:10 joda Exp $"); + +/* + * This file contains an array of error text strings. + * The associated error codes (which are defined in "krb.h") + * follow the string in the comments at the end of each line. + */ + +const char *krb_err_txt[256] = { + "OK", /* 000 */ + "Principal expired (kerberos)", /* 001 */ + "Service expired (kerberos)", /* 002 */ + "Authentication expired (kerberos)", /* 003 */ + "Unknown protocol version number (kerberos)", /* 004 */ + "Principal: Incorrect master key version (kerberos)", /* 005 */ + "Service: Incorrect master key version (kerberos)", /* 006 */ + "Bad byte order (kerberos)", /* 007 */ + "Principal unknown (kerberos)", /* 008 */ + "Principal not unique (kerberos)", /* 009 */ + "Principal has null key (kerberos)", /* 010 */ + "Timeout in request (kerberos)", /* 011 */ + "Reserved error message 12 (kerberos)", /* 012 */ + "Reserved error message 13 (kerberos)", /* 013 */ + "Reserved error message 14 (kerberos)", /* 014 */ + "Reserved error message 15 (kerberos)", /* 015 */ + "Reserved error message 16 (kerberos)", /* 016 */ + "Reserved error message 17 (kerberos)", /* 017 */ + "Reserved error message 18 (kerberos)", /* 018 */ + "Reserved error message 19 (kerberos)", /* 019 */ + "Permission Denied (kerberos)", /* 020 */ + "Can't read ticket file (krb_get_cred)", /* 021 */ + "Can't find ticket (krb_get_cred)", /* 022 */ + "Reserved error message 23 (krb_get_cred)", /* 023 */ + "Reserved error message 24 (krb_get_cred)", /* 024 */ + "Reserved error message 25 (krb_get_cred)", /* 025 */ + "Ticket granting ticket expired (krb_mk_req)", /* 026 */ + "Reserved error message 27 (krb_mk_req)", /* 027 */ + "Reserved error message 28 (krb_mk_req)", /* 028 */ + "Reserved error message 29 (krb_mk_req)", /* 029 */ + "Reserved error message 30 (krb_mk_req)", /* 030 */ + "Can't decode authenticator (krb_rd_req)", /* 031 */ + "Ticket expired (krb_rd_req)", /* 032 */ + "Ticket issue date too far in the future (krb_rd_req)",/* 033 */ + "Repeat request (krb_rd_req)", /* 034 */ + "Ticket for wrong server (krb_rd_req)", /* 035 */ + "Request inconsistent (krb_rd_req)", /* 036 */ + "Time is out of bounds (krb_rd_req)", /* 037 */ + "Incorrect network address (krb_rd_req)", /* 038 */ + "Protocol version mismatch (krb_rd_req)", /* 039 */ + "Illegal message type (krb_rd_req)", /* 040 */ + "Message integrity error (krb_rd_req)", /* 041 */ + "Message duplicate or out of order (krb_rd_req)", /* 042 */ + "Unauthorized request (krb_rd_req)", /* 043 */ + "Reserved error message 44 (krb_rd_req)", /* 044 */ + "Reserved error message 45 (krb_rd_req)", /* 045 */ + "Reserved error message 46 (krb_rd_req)", /* 046 */ + "Reserved error message 47 (krb_rd_req)", /* 047 */ + "Reserved error message 48 (krb_rd_req)", /* 048 */ + "Reserved error message 49 (krb_rd_req)", /* 049 */ + "Reserved error message 50 (krb_rd_req)", /* 050 */ + "Current password is NULL (get_pw_tkt)", /* 051 */ + "Current password incorrect (get_pw_tkt)", /* 052 */ + "Protocol error (gt_pw_tkt)", /* 053 */ + "Error returned by KDC (gt_pw_tkt)", /* 054 */ + "Null ticket returned by KDC (gt_pw_tkt)", /* 055 */ + "Retry count exceeded (send_to_kdc)", /* 056 */ + "Can't send request (send_to_kdc)", /* 057 */ + "Reserved error message 58 (send_to_kdc)", /* 058 */ + "Reserved error message 59 (send_to_kdc)", /* 059 */ + "Reserved error message 60 (send_to_kdc)", /* 060 */ + "Warning: Not ALL tickets returned", /* 061 */ + "Password incorrect", /* 062 */ + "Protocol error (get_in_tkt)", /* 063 */ + "Reserved error message 64 (get_in_tkt)", /* 064 */ + "Reserved error message 65 (get_in_tkt)", /* 065 */ + "Reserved error message 66 (get_in_tkt)", /* 066 */ + "Reserved error message 67 (get_in_tkt)", /* 067 */ + "Reserved error message 68 (get_in_tkt)", /* 068 */ + "Reserved error message 69 (get_in_tkt)", /* 069 */ + "Generic error (get_in_tkt)(can't write ticket file)", /* 070 */ + "Don't have ticket granting ticket (get_ad_tkt)", /* 071 */ + "Can't get inter-realm ticket granting ticket (get_ad_tkt)", /* 072 */ + "Reserved error message 73 (get_ad_tkt)", /* 073 */ + "Reserved error message 74 (get_ad_tkt)", /* 074 */ + "Reserved error message 75 (get_ad_tkt)", /* 075 */ + "No ticket file (tf_util)", /* 076 */ + "Can't access ticket file (tf_util)", /* 077 */ + "Can't lock ticket file; try later (tf_util)", /* 078 */ + "Bad ticket file format (tf_util)", /* 079 */ + "Read ticket file before tf_init (tf_util)", /* 080 */ + "Bad Kerberos name format (kname_parse)", /* 081 */ + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "(reserved)", + "Generic kerberos error (kfailure)", /* 255 */ +}; + +static const char err_failure[] = "Illegal error code passed (krb_get_err_text)"; + +const char * +krb_get_err_text(int code) +{ + if(code < 0 || code >= MAX_KRB_ERRORS) + return err_failure; + return krb_err_txt[code]; +} diff --git a/crypto/kerberosIV/lib/krb/krb_get_in_tkt.c b/crypto/kerberosIV/lib/krb/krb_get_in_tkt.c new file mode 100644 index 0000000..d3e6cc1 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/krb_get_in_tkt.c @@ -0,0 +1,175 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: krb_get_in_tkt.c,v 1.20 1997/04/01 08:18:34 joda Exp $"); + +/* + * decrypt_tkt(): Given user, instance, realm, passwd, key_proc + * and the cipher text sent from the KDC, decrypt the cipher text + * using the key returned by key_proc. + */ + +static int +decrypt_tkt(char *user, char *instance, char *realm, + void *arg, key_proc_t key_proc, KTEXT *cip) +{ + des_cblock key; /* Key for decrypting cipher */ + int ret; + + ret = key_proc(user, instance, realm, arg, &key); + if (ret != 0) + return ret; + + encrypt_ktext(*cip, &key, DES_DECRYPT); + + memset(&key, 0, sizeof(key)); + return 0; +} + +/* + * krb_get_in_tkt() gets a ticket for a given principal to use a given + * service and stores the returned ticket and session key for future + * use. + * + * The "user", "instance", and "realm" arguments give the identity of + * the client who will use the ticket. The "service" and "sinstance" + * arguments give the identity of the server that the client wishes + * to use. (The realm of the server is the same as the Kerberos server + * to whom the request is sent.) The "life" argument indicates the + * desired lifetime of the ticket; the "key_proc" argument is a pointer + * to the routine used for getting the client's private key to decrypt + * the reply from Kerberos. The "decrypt_proc" argument is a pointer + * to the routine used to decrypt the reply from Kerberos; and "arg" + * is an argument to be passed on to the "key_proc" routine. + * + * If all goes well, krb_get_in_tkt() returns INTK_OK, otherwise it + * returns an error code: If an AUTH_MSG_ERR_REPLY packet is returned + * by Kerberos, then the error code it contains is returned. Other + * error codes returned by this routine include INTK_PROT to indicate + * wrong protocol version, INTK_BADPW to indicate bad password (if + * decrypted ticket didn't make sense), INTK_ERR if the ticket was for + * the wrong server or the ticket store couldn't be initialized. + * + * The format of the message sent to Kerberos is as follows: + * + * Size Variable Field + * ---- -------- ----- + * + * 1 byte KRB_PROT_VERSION protocol version number + * 1 byte AUTH_MSG_KDC_REQUEST | message type + * HOST_BYTE_ORDER local byte order in lsb + * string user client's name + * string instance client's instance + * string realm client's realm + * 4 bytes tlocal.tv_sec timestamp in seconds + * 1 byte life desired lifetime + * string service service's name + * string sinstance service's instance + */ + +int +krb_get_in_tkt(char *user, char *instance, char *realm, + char *service, char *sinstance, int life, + key_proc_t key_proc, decrypt_proc_t decrypt_proc, void *arg) +{ + KTEXT_ST pkt_st; + KTEXT pkt = &pkt_st; /* Packet to KDC */ + KTEXT_ST rpkt_st; + KTEXT rpkt = &rpkt_st; /* Returned packet */ + + int kerror; + struct timeval tv; + + /* BUILD REQUEST PACKET */ + + unsigned char *p = pkt->dat; + + p += krb_put_int(KRB_PROT_VERSION, p, 1); + p += krb_put_int(AUTH_MSG_KDC_REQUEST, p, 1); + + p += krb_put_nir(user, instance, realm, p); + + gettimeofday(&tv, NULL); + p += krb_put_int(tv.tv_sec, p, 4); + p += krb_put_int(life, p, 1); + + p += krb_put_nir(service, sinstance, NULL, p); + + pkt->length = p - pkt->dat; + + rpkt->length = 0; + + /* SEND THE REQUEST AND RECEIVE THE RETURN PACKET */ + + if ((kerror = send_to_kdc(pkt, rpkt, realm))) return(kerror); + + p = rpkt->dat; + + { + CREDENTIALS cred; + KTEXT_ST cip; + KTEXT foo = &cip; /* braindamage */ + + kerror = kdc_reply_cipher(rpkt, &cip); + if(kerror != KSUCCESS) + return kerror; + + if (decrypt_proc == NULL) + decrypt_proc = decrypt_tkt; + (*decrypt_proc)(user, instance, realm, arg, key_proc, &foo); + + kerror = kdc_reply_cred(&cip, &cred); + if(kerror != KSUCCESS) + return kerror; + + if (strcmp(cred.service, service) || + strcmp(cred.instance, sinstance) || + strcmp(cred.realm, realm)) /* not what we asked for */ + return INTK_ERR; /* we need a better code here XXX */ + + if (abs((int)(tv.tv_sec - cred.issue_date)) > CLOCK_SKEW) { + return RD_AP_TIME; /* XXX should probably be better code */ + } + + /* initialize ticket cache */ + + return tf_setup(&cred, user, instance); + } +} diff --git a/crypto/kerberosIV/lib/krb/krb_locl.h b/crypto/kerberosIV/lib/krb/krb_locl.h new file mode 100644 index 0000000..4475883 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/krb_locl.h @@ -0,0 +1,163 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: krb_locl.h,v 1.42 1997/05/20 18:40:45 bg Exp $ */ + +#ifndef __krb_locl_h +#define __krb_locl_h + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + +#include "protos.h" + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <ctype.h> +#include <assert.h> +#include <stdarg.h> + +#include <errno.h> + +#ifdef HAVE_PWD_H +#include <pwd.h> +#endif +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif + +#ifdef HAVE_IO_H +#include <io.h> +#endif + +#ifdef TIME_WITH_SYS_TIME +#include <sys/time.h> +#include <time.h> +#elif defined(HAVE_SYS_TIME_H) +#include <sys/time.h> +#else +#include <time.h> +#endif + +#ifdef HAVE_SYS_STAT_H +#include <sys/stat.h> +#endif +#ifdef HAVE_FCNTL_H +#include <fcntl.h> +#endif +#ifdef HAVE_SYS_FILE_H +#include <sys/file.h> +#endif +#ifdef HAVE_SYS_SELECT_H +#include <sys/select.h> +#endif + +#ifdef HAVE_SYS_SOCKET_H +#include <sys/socket.h> +#endif +#ifdef HAVE_NETINET_IN_H +#include <netinet/in.h> +#endif + +#ifdef HAVE_WINSOCK_H +#include <winsock.h> +#endif + +#ifdef HAVE_ARPA_INET_H +#include <arpa/inet.h> +#endif +#ifdef HAVE_NETDB_H +#include <netdb.h> +#endif + +#ifdef HAVE_ARPA_NAMESER_H +#include <arpa/nameser.h> +#endif +#ifdef HAVE_RESOLV_H +#include <resolv.h> +#endif + +#ifdef SOCKS +#include <socks.h> +#endif + +#include <roken.h> + +#include <krb.h> +#include <prot.h> + +#include "resolve.h" + +/* --- */ + +/* Globals! */ +extern int krb_debug; +extern int krb_ap_req_debug; + +/* Utils */ +int krb_name_to_name(const char *, char *, size_t); + +void encrypt_ktext(KTEXT cip, des_cblock *key, int encrypt); +int kdc_reply_cred(KTEXT cip, CREDENTIALS *cred); +int kdc_reply_cipher(KTEXT reply, KTEXT cip); + +#ifndef HAVE_GETTIMEOFDAY +int gettimeofday (struct timeval *, void *); +#endif + +void k_ricercar(char*); + +/* safe multiple strcat */ +int k_concat(char*, size_t, ...); +int k_vconcat(char*, size_t, va_list); + +/* mallocing versions of the above */ +size_t k_vmconcat (char**, size_t, va_list); +size_t k_mconcat (char**, size_t, ...); + +/* used in rd_safe.c and mk_safe.c */ + +void fixup_quad_cksum(void *start, size_t len, des_cblock *key, + void *new_checksum, void *old_checksum, int little); + +#endif /* __krb_locl_h */ diff --git a/crypto/kerberosIV/lib/krb/kuserok.c b/crypto/kerberosIV/lib/krb/kuserok.c new file mode 100644 index 0000000..e3d5e6b --- /dev/null +++ b/crypto/kerberosIV/lib/krb/kuserok.c @@ -0,0 +1,156 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: kuserok.c,v 1.21 1997/04/01 08:18:35 joda Exp $"); + +#define OK 0 +#define NOTOK 1 +#define MAX_USERNAME 10 + +/* + * Given a Kerberos principal and a local username, determine whether + * user is authorized to login according to the authorization file + * ("~luser/.klogin" by default). Returns OK if authorized, NOTOK if + * not authorized. + * + * IMPORTANT CHANGE: To eliminate the need of making a distinction + * between the 3 cases: + * + * 1. We can't verify that a .klogin file doesn't exist (no home dir). + * 2. It's there but we aren't allowed to read it. + * 3. We can read it and ~luser@LOCALREALM is (not) included. + * + * We instead make the assumption that luser@LOCALREALM is *always* + * included. Thus it is impossible to have an empty .klogin file and + * also to exclude luser@LOCALREALM from it. Root is treated differently + * since it's home should always be available. + * + * OLD STRATEGY: + * If there is no account for "luser" on the local machine, returns + * NOTOK. If there is no authorization file, and the given Kerberos + * name "kdata" translates to the same name as "luser" (using + * krb_kntoln()), returns OK. Otherwise, if the authorization file + * can't be accessed, returns NOTOK. Otherwise, the file is read for + * a matching principal name, instance, and realm. If one is found, + * returns OK, if none is found, returns NOTOK. + * + * The file entries are in the format: + * + * name.instance@realm + * + * one entry per line. + * + */ + +int +krb_kuserok(char *name, char *instance, char *realm, char *luser) +{ + struct passwd *pwd; + char lrealm[REALM_SZ]; + FILE *f; + char line[1024]; + char file[MaxPathLen]; + struct stat st; + + pwd = getpwnam(luser); + if(pwd == NULL) + return NOTOK; + if(krb_get_lrealm(lrealm, 1)) + return NOTOK; + if(pwd->pw_uid != 0 && + strcmp(name, luser) == 0 && + strcmp(instance, "") == 0 && + strcmp(realm, lrealm) == 0) + return OK; + strcpy(file, pwd->pw_dir); + strcat(file, "/.klogin"); + + f = fopen(file, "r"); + if(f == NULL) + return NOTOK; + + /* this is not a working test in filesystems like AFS and DFS */ + if(fstat(fileno(f), &st) < 0){ + fclose(f); + return NOTOK; + } + + if(st.st_uid != pwd->pw_uid){ + fclose(f); + return NOTOK; + } + + while(fgets(line, sizeof(line), f)){ + char fname[ANAME_SZ], finst[INST_SZ], frealm[REALM_SZ]; + if(line[strlen(line) - 1] != '\n') + /* read till end of line */ + while(1){ + int c = fgetc(f); + if(c == '\n' || c == EOF) + break; + } + else + line[strlen(line) - 1] = 0; + + if(kname_parse(fname, finst, frealm, line)) + continue; + if(strcmp(name, fname)) + continue; + if(strcmp(instance, finst)) + continue; + if(frealm[0] == 0) + strcpy(frealm, lrealm); + if(strcmp(realm, frealm)) + continue; + fclose(f); + return OK; + } + fclose(f); + return NOTOK; +} + +/* compatibility interface */ + +int +kuserok(AUTH_DAT *auth, char *luser) +{ + return krb_kuserok(auth->pname, auth->pinst, auth->prealm, luser); +} + diff --git a/crypto/kerberosIV/lib/krb/lifetime.c b/crypto/kerberosIV/lib/krb/lifetime.c new file mode 100644 index 0000000..1866996 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/lifetime.c @@ -0,0 +1,213 @@ +/* + * Ticket lifetime. This defines the table used to lookup lifetime + * for the fixed part of rande of the one byte lifetime field. Values + * less than 0x80 are intrpreted as the number of 5 minute intervals. + * Values from 0x80 to 0xBF should be looked up in this table. The + * value of 0x80 is the same using both methods: 10 and two-thirds + * hours . The lifetime of 0xBF is 30 days. The intervening values + * of have a fixed ratio of roughly 1.06914. The value 0xFF is + * defined to mean a ticket has no expiration time. This should be + * used advisedly since individual servers may impose defacto + * upperbounds on ticket lifetimes. + */ + +#include "krb_locl.h" + +RCSID("$Id: lifetime.c,v 1.9 1997/05/02 14:29:18 assar Exp $"); + +/* If you want to disable this feature */ +int krb_no_long_lifetimes = 0; + +#define TKTLIFENUMFIXED 64 +#define TKTLIFEMINFIXED 0x80 +#define TKTLIFEMAXFIXED 0xBF +#define TKTLIFENOEXPIRE 0xFF +#define MAXTKTLIFETIME (30*24*3600) /* 30 days */ +#ifndef NEVERDATE +#define NEVERDATE ((unsigned long)0x7fffffffL) +#endif + +static const int tkt_lifetimes[TKTLIFENUMFIXED] = { + 38400, /* 10.67 hours, 0.44 days */ + 41055, /* 11.40 hours, 0.48 days */ + 43894, /* 12.19 hours, 0.51 days */ + 46929, /* 13.04 hours, 0.54 days */ + 50174, /* 13.94 hours, 0.58 days */ + 53643, /* 14.90 hours, 0.62 days */ + 57352, /* 15.93 hours, 0.66 days */ + 61318, /* 17.03 hours, 0.71 days */ + 65558, /* 18.21 hours, 0.76 days */ + 70091, /* 19.47 hours, 0.81 days */ + 74937, /* 20.82 hours, 0.87 days */ + 80119, /* 22.26 hours, 0.93 days */ + 85658, /* 23.79 hours, 0.99 days */ + 91581, /* 25.44 hours, 1.06 days */ + 97914, /* 27.20 hours, 1.13 days */ + 104684, /* 29.08 hours, 1.21 days */ + 111922, /* 31.09 hours, 1.30 days */ + 119661, /* 33.24 hours, 1.38 days */ + 127935, /* 35.54 hours, 1.48 days */ + 136781, /* 37.99 hours, 1.58 days */ + 146239, /* 40.62 hours, 1.69 days */ + 156350, /* 43.43 hours, 1.81 days */ + 167161, /* 46.43 hours, 1.93 days */ + 178720, /* 49.64 hours, 2.07 days */ + 191077, /* 53.08 hours, 2.21 days */ + 204289, /* 56.75 hours, 2.36 days */ + 218415, /* 60.67 hours, 2.53 days */ + 233517, /* 64.87 hours, 2.70 days */ + 249664, /* 69.35 hours, 2.89 days */ + 266926, /* 74.15 hours, 3.09 days */ + 285383, /* 79.27 hours, 3.30 days */ + 305116, /* 84.75 hours, 3.53 days */ + 326213, /* 90.61 hours, 3.78 days */ + 348769, /* 96.88 hours, 4.04 days */ + 372885, /* 103.58 hours, 4.32 days */ + 398668, /* 110.74 hours, 4.61 days */ + 426234, /* 118.40 hours, 4.93 days */ + 455705, /* 126.58 hours, 5.27 days */ + 487215, /* 135.34 hours, 5.64 days */ + 520904, /* 144.70 hours, 6.03 days */ + 556921, /* 154.70 hours, 6.45 days */ + 595430, /* 165.40 hours, 6.89 days */ + 636601, /* 176.83 hours, 7.37 days */ + 680618, /* 189.06 hours, 7.88 days */ + 727680, /* 202.13 hours, 8.42 days */ + 777995, /* 216.11 hours, 9.00 days */ + 831789, /* 231.05 hours, 9.63 days */ + 889303, /* 247.03 hours, 10.29 days */ + 950794, /* 264.11 hours, 11.00 days */ + 1016537, /* 282.37 hours, 11.77 days */ + 1086825, /* 301.90 hours, 12.58 days */ + 1161973, /* 322.77 hours, 13.45 days */ + 1242318, /* 345.09 hours, 14.38 days */ + 1328218, /* 368.95 hours, 15.37 days */ + 1420057, /* 394.46 hours, 16.44 days */ + 1518247, /* 421.74 hours, 17.57 days */ + 1623226, /* 450.90 hours, 18.79 days */ + 1735464, /* 482.07 hours, 20.09 days */ + 1855462, /* 515.41 hours, 21.48 days */ + 1983758, /* 551.04 hours, 22.96 days */ + 2120925, /* 589.15 hours, 24.55 days */ + 2267576, /* 629.88 hours, 26.25 days */ + 2424367, /* 673.44 hours, 28.06 days */ + 2592000}; /* 720.00 hours, 30.00 days */ + +/* + * krb_life_to_time - takes a start time and a Kerberos standard + * lifetime char and returns the corresponding end time. There are + * four simple cases to be handled. The first is a life of 0xff, + * meaning no expiration, and results in an end time of 0xffffffff. + * The second is when life is less than the values covered by the + * table. In this case, the end time is the start time plus the + * number of 5 minute intervals specified by life. The third case + * returns start plus the MAXTKTLIFETIME if life is greater than + * TKTLIFEMAXFIXED. The last case, uses the life value (minus + * TKTLIFEMINFIXED) as an index into the table to extract the lifetime + * in seconds, which is added to start to produce the end time. + */ +u_int32_t +krb_life_to_time(u_int32_t start, int life_) +{ + unsigned char life = (unsigned char) life_; + + if (krb_no_long_lifetimes) return start + life*5*60; + + if (life == TKTLIFENOEXPIRE) return NEVERDATE; + if (life < TKTLIFEMINFIXED) return start + life*5*60; + if (life > TKTLIFEMAXFIXED) return start + MAXTKTLIFETIME; + return start + tkt_lifetimes[life - TKTLIFEMINFIXED]; +} + +/* + * krb_time_to_life - takes start and end times for the ticket and + * returns a Kerberos standard lifetime char, possibily using the + * tkt_lifetimes table for lifetimes above 127*5 minutes. First, the + * special case of (end == NEVERDATE) is handled to mean no + * expiration. Then negative lifetimes and those greater than the + * maximum ticket lifetime are rejected. Then lifetimes less than the + * first table entry are handled by rounding the requested lifetime + * *up* to the next 5 minute interval. The final step is to search + * the table for the smallest entry *greater than or equal* to the + * requested entry. + */ +int krb_time_to_life(u_int32_t start, u_int32_t end) +{ + int i; + long lifetime = end - start; + + if (krb_no_long_lifetimes) return (lifetime + 5*60 - 1)/(5*60); + + if (end >= NEVERDATE) return TKTLIFENOEXPIRE; + if (lifetime > MAXTKTLIFETIME || lifetime <= 0) return 0; + if (lifetime < tkt_lifetimes[0]) return (lifetime + 5*60 - 1)/(5*60); + for (i=0; i<TKTLIFENUMFIXED; i++) { + if (lifetime <= tkt_lifetimes[i]) { + return i+TKTLIFEMINFIXED; + } + } + return 0; +} + +char * +krb_life_to_atime(int life) +{ + static char atime[11+1+2+1+2+1+2+1]; + unsigned long when; + int secs, mins, hours; + + if (life == TKTLIFENOEXPIRE && !krb_no_long_lifetimes) + return("Forever"); + when = krb_life_to_time(0, life); + secs = when%60; + when /= 60; + mins = when%60; + when /= 60; + hours = when%24; + when /= 24; + snprintf(atime, sizeof(atime), "%d+%02d:%02d:%02d", (int)when, hours, mins, secs); + return(atime); +} + +int +krb_atime_to_life(char *atime) +{ + unsigned long when = 0; + char *cp; + int colon = 0, plus = 0; + int n = 0; + + if (strcasecmp(atime, "forever") == 0) + return(TKTLIFENOEXPIRE); + + for (cp=atime; *cp; cp++) { + switch(*cp) { + case '0': case '1': case '2': case '3': case '4': + case '5': case '6': case '7': case '8': case '9': + n = n*10 + *cp-'0'; + break; + case '+': + plus++; + when += n; + when *= 24; + n = 0; + break; + case ':': + colon++; + when += n; + when *= 60; + n = 0; + break; + default: + break; + } + } + when += n; + if (plus == 0 && colon == 0) + return((unsigned char)when); + while (colon < 2) { + when *= 60; + colon++; + } + return(krb_time_to_life(0,when)); +} diff --git a/crypto/kerberosIV/lib/krb/logging.c b/crypto/kerberosIV/lib/krb/logging.c new file mode 100644 index 0000000..15e5bde --- /dev/null +++ b/crypto/kerberosIV/lib/krb/logging.c @@ -0,0 +1,240 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" +#include <klog.h> + +RCSID("$Id: logging.c,v 1.14 1997/05/11 09:01:40 assar Exp $"); + +struct krb_log_facility { + char filename[MaxPathLen]; + FILE *file; + krb_log_func_t func; +}; + +int +krb_vlogger(struct krb_log_facility *f, const char *format, va_list args) +{ + FILE *file = NULL; + int ret; + + if (f->file != NULL) + file = f->file; + else if (f->filename && f->filename[0]) + file = fopen(f->filename, "a"); + + ret = f->func(file, format, args); + + if (file != f->file) + fclose(file); + return ret; +} + +int +krb_logger(struct krb_log_facility *f, const char *format, ...) +{ + va_list args; + int ret; + va_start(args, format); + ret = krb_vlogger(f, format, args); + va_end(args); + return ret; +} + +/* + * If FILE * is given log to it, otherwise, log to filename. When + * given a file name the file is opened and closed for each log + * record. + */ +int +krb_openlog(struct krb_log_facility *f, + char *filename, + FILE *file, + krb_log_func_t func) +{ + strcpy(f->filename, filename); + f->file = file; + f->func = func; + return KSUCCESS; +} + +/* ------------------------------------------------------------ + Compatibility functions from warning.c + ------------------------------------------------------------ */ + +static int +log_tty(FILE *f, const char *format, va_list args) +{ + if (f != NULL && isatty(fileno(f))) + vfprintf(f, format, args); + return KSUCCESS; +} + +/* stderr */ +static struct krb_log_facility std_log = { "/dev/tty", NULL, log_tty }; + +static void +init_std_log () +{ + static int done = 0; + + if (!done) { + std_log.file = stderr; + done = 1; + } +} + +/* + * + */ +void +krb_set_warnfn (krb_warnfn_t newfunc) +{ + init_std_log (); + std_log.func = newfunc; +} + +/* + * + */ +krb_warnfn_t +krb_get_warnfn (void) +{ + init_std_log (); + return std_log.func; +} + +/* + * Log warnings to stderr if it's a tty. + */ +void +krb_warning (const char *format, ...) +{ + va_list args; + + init_std_log (); + va_start(args, format); + krb_vlogger(&std_log, format, args); + va_end(args); +} + +/* ------------------------------------------------------------ + Compatibility functions from klog.c and log.c + ------------------------------------------------------------ */ + +/* + * Used by kerberos and kadmind daemons and in libkrb (rd_req.c). + * + * By default they log to the kerberos server log-file (KRBLOG) to be + * backwards compatible. + */ + +static int +log_with_timestamp_and_nl(FILE *file, const char *format, va_list args) +{ + time_t now; + if(file == NULL) + return KFAILURE; + time(&now); + fputs(krb_stime(&now), file); + fputs(": ", file); + vfprintf(file, format, args); + fputs("\n", file); + fflush(file); + return KSUCCESS; +} + +static struct krb_log_facility +file_log = { KRBLOG, NULL, log_with_timestamp_and_nl }; + +/* + * kset_logfile() changes the name of the file to which + * messages are logged. If kset_logfile() is not called, + * the logfile defaults to KRBLOG, defined in "krb.h". + */ + +void +kset_logfile(char *filename) +{ + krb_openlog(&file_log, filename, NULL, log_with_timestamp_and_nl); +} + +/* + * krb_log() and klog() is used to add entries to the logfile. + * + * The log entry consists of a timestamp and the given arguments + * printed according to the given "format" string. + * + * The log file is opened and closed for each log entry. + * + * If the given log type "type" is unknown, or if the log file + * cannot be opened, no entry is made to the log file. + * + * CHANGE: the type is always ignored + * + * The return value of klog() is always a pointer to the formatted log + * text string "logtxt". + */ + +/* Used in kerberos.c only. */ +char * +klog(int type, const char *format, ...) +{ + static char logtxt[1024]; + + va_list ap; + + va_start(ap, format); + vsnprintf(logtxt, sizeof(logtxt), format, ap); + va_end(ap); + + krb_logger(&file_log, "%s", logtxt); + + return logtxt; +} + +/* Used in kadmind and rd_req.c */ +void +krb_log(const char *format, ...) +{ + va_list args; + + va_start(args, format); + krb_vlogger(&file_log, format, args); + va_end(args); +} diff --git a/crypto/kerberosIV/lib/krb/lsb_addr_comp.c b/crypto/kerberosIV/lib/krb/lsb_addr_comp.c new file mode 100644 index 0000000..bc3c484 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/lsb_addr_comp.c @@ -0,0 +1,105 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: lsb_addr_comp.c,v 1.9 1997/04/01 08:18:37 joda Exp $"); + +#include "lsb_addr_comp.h" + +int +krb_lsb_antinet_ulong_cmp(u_int32_t x, u_int32_t y) +{ + int i; + u_int32_t a = 0, b = 0; + u_int8_t *p = (u_int8_t*) &x; + u_int8_t *q = (u_int8_t*) &y; + + for(i = sizeof(u_int32_t) - 1; i >= 0; i--){ + a = (a << 8) | p[i]; + b = (b << 8) | q[i]; + } + if(a > b) + return 1; + if(a < b) + return -1; + return 0; +} + +int +krb_lsb_antinet_ushort_cmp(u_int16_t x, u_int16_t y) +{ + int i; + u_int16_t a = 0, b = 0; + u_int8_t *p = (u_int8_t*) &x; + u_int8_t *q = (u_int8_t*) &y; + + for(i = sizeof(u_int16_t) - 1; i >= 0; i--){ + a = (a << 8) | p[i]; + b = (b << 8) | q[i]; + } + if(a > b) + return 1; + if(a < b) + return -1; + return 0; +} + +u_int32_t +lsb_time(time_t t, struct sockaddr_in *src, struct sockaddr_in *dst) +{ + /* + * direction bit is the sign bit of the timestamp. Ok until + * 2038?? + */ + /* For compatibility with broken old code, compares are done in VAX + byte order (LSBFIRST) */ + if (krb_lsb_antinet_ulong_less(src->sin_addr.s_addr, /* src < recv */ + dst->sin_addr.s_addr) < 0) + t = -t; + else if (krb_lsb_antinet_ulong_less(src->sin_addr.s_addr, + dst->sin_addr.s_addr)==0) + if (krb_lsb_antinet_ushort_less(src->sin_port, dst->sin_port) < 0) + t = -t; + /* + * all that for one tiny bit! Heaven help those that talk to + * themselves. + */ + t = t & 0xffffffff; + return t; +} diff --git a/crypto/kerberosIV/lib/krb/lsb_addr_comp.h b/crypto/kerberosIV/lib/krb/lsb_addr_comp.h new file mode 100644 index 0000000..21adf06 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/lsb_addr_comp.h @@ -0,0 +1,26 @@ +/* + * $Id: lsb_addr_comp.h,v 1.6 1996/10/05 00:18:02 joda Exp $ + * + * Copyright 1988 by the Massachusetts Institute of Technology. + * + * For copying and distribution information, please see the file + * <mit-copyright.h>. + * + * Comparison macros to emulate LSBFIRST comparison results of network + * byte-order quantities + */ + +#ifndef LSB_ADDR_COMP_DEFS +#define LSB_ADDR_COMP_DEFS + +/* Compare x and y in VAX byte order, result is -1, 0 or 1. */ + +#define krb_lsb_antinet_ulong_less(x, y) (((x) == (y)) ? 0 : krb_lsb_antinet_ulong_cmp(x, y)) + +#define krb_lsb_antinet_ushort_less(x, y) (((x) == (y)) ? 0 : krb_lsb_antinet_ushort_cmp(x, y)) + +int krb_lsb_antinet_ulong_cmp(u_int32_t x, u_int32_t y); +int krb_lsb_antinet_ushort_cmp(u_int16_t x, u_int16_t y); +u_int32_t lsb_time(time_t t, struct sockaddr_in *src, struct sockaddr_in *dst); + +#endif /* LSB_ADDR_COMP_DEFS */ diff --git a/crypto/kerberosIV/lib/krb/mk_auth.c b/crypto/kerberosIV/lib/krb/mk_auth.c new file mode 100644 index 0000000..7cfb36b --- /dev/null +++ b/crypto/kerberosIV/lib/krb/mk_auth.c @@ -0,0 +1,96 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: mk_auth.c,v 1.4 1997/04/01 08:18:35 joda Exp $"); + +/* + * Generate an authenticator for service.instance@realm. + * instance is canonicalized by `krb_get_phost' + * realm is set to the local realm if realm == NULL + * The ticket acquired by `krb_mk_req' is returned in `ticket' and the + * authenticator in `buf'. + * Options control the behaviour (see krb_sendauth). + */ + +int +krb_mk_auth(int32_t options, + KTEXT ticket, + char *service, + char *instance, + char *realm, + u_int32_t checksum, + char *version, + KTEXT buf) +{ + char realinst[INST_SZ]; + char realrealm[REALM_SZ]; + int ret; + unsigned char *p; + + if (options & KOPT_DONT_CANON) + strncpy(realinst, instance, sizeof(realinst)); + else + strncpy(realinst, krb_get_phost (instance), sizeof(realinst)); + + if (realm == NULL) { + ret = krb_get_lrealm (realrealm, 1); + if (ret != KSUCCESS) + return ret; + realm = realrealm; + } + + if(!(options & KOPT_DONT_MK_REQ)) { + ret = krb_mk_req (ticket, service, realinst, realm, checksum); + if (ret != KSUCCESS) + return ret; + } + + p = buf->dat; + + memcpy (p, KRB_SENDAUTH_VERS, KRB_SENDAUTH_VLEN); + p += KRB_SENDAUTH_VLEN; + memcpy (p, version, KRB_SENDAUTH_VLEN); + p += KRB_SENDAUTH_VLEN; + p += krb_put_int(ticket->length, p, 4); + memcpy(p, ticket->dat, ticket->length); + p += ticket->length; + buf->length = p - buf->dat; + return KSUCCESS; +} diff --git a/crypto/kerberosIV/lib/krb/mk_err.c b/crypto/kerberosIV/lib/krb/mk_err.c new file mode 100644 index 0000000..710587a --- /dev/null +++ b/crypto/kerberosIV/lib/krb/mk_err.c @@ -0,0 +1,56 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + + */ + +#include "krb_locl.h" + +RCSID("$Id: mk_err.c,v 1.6 1997/03/23 03:53:14 joda Exp $"); + +/* + * This routine creates a general purpose error reply message. It + * doesn't use KTEXT because application protocol may have long + * messages, and may want this part of buffer contiguous to other + * stuff. + * + * The error reply is built in "p", using the error code "e" and + * error text "e_string" given. The length of the error reply is + * returned. + * + * The error reply is in the following format: + * + * unsigned char KRB_PROT_VERSION protocol version no. + * unsigned char AUTH_MSG_APPL_ERR message type + * (least significant + * bit of above) HOST_BYTE_ORDER local byte order + * 4 bytes e given error code + * string e_string given error text + */ + +int32_t +krb_mk_err(u_char *p, int32_t e, char *e_string) +{ + unsigned char *start = p; + p += krb_put_int(KRB_PROT_VERSION, p, 1); + p += krb_put_int(AUTH_MSG_APPL_ERR, p, 1); + + p += krb_put_int(e, p, 4); + p += krb_put_string(e_string, p); + return p - start; +} diff --git a/crypto/kerberosIV/lib/krb/mk_priv.c b/crypto/kerberosIV/lib/krb/mk_priv.c new file mode 100644 index 0000000..b6a9cc4 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/mk_priv.c @@ -0,0 +1,125 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: mk_priv.c,v 1.18 1997/04/01 08:18:37 joda Exp $"); + +/* application include files */ +#include "lsb_addr_comp.h" + +/* + * krb_mk_priv() constructs an AUTH_MSG_PRIVATE message. It takes + * some user data "in" of "length" bytes and creates a packet in "out" + * consisting of the user data, a timestamp, and the sender's network + * address. + * The packet is encrypted by pcbc_encrypt(), using the given + * "key" and "schedule". + * The length of the resulting packet "out" is + * returned. + * + * It is similar to krb_mk_safe() except for the additional key + * schedule argument "schedule" and the fact that the data is encrypted + * rather than appended with a checksum. The protocol version is + * KRB_PROT_VERSION, defined in "krb.h". + * + * The "out" packet consists of: + * + * Size Variable Field + * ---- -------- ----- + * + * 1 byte KRB_PROT_VERSION protocol version number + * 1 byte AUTH_MSG_PRIVATE | message type plus local + * HOST_BYTE_ORDER byte order in low bit + * + * 4 bytes c_length length of data + * we encrypt from here with pcbc_encrypt + * + * 4 bytes length length of user data + * length in user data + * 1 byte msg_time_5ms timestamp milliseconds + * 4 bytes sender->sin.addr.s_addr sender's IP address + * + * 4 bytes msg_time_sec or timestamp seconds with + * -msg_time_sec direction in sign bit + * + * 0<=n<=7 bytes pad to 8 byte multiple zeroes + */ + +int32_t +krb_mk_priv(void *in, void *out, u_int32_t length, + struct des_ks_struct *schedule, des_cblock *key, + struct sockaddr_in *sender, struct sockaddr_in *receiver) +{ + unsigned char *p = (unsigned char*)out; + unsigned char *cipher; + + struct timeval tv; + u_int32_t src_addr; + u_int32_t len; + + p += krb_put_int(KRB_PROT_VERSION, p, 1); + p += krb_put_int(AUTH_MSG_PRIVATE, p, 1); + + len = 4 + length + 1 + 4 + 4; + len = (len + 7) & ~7; + p += krb_put_int(len, p, 4); + + cipher = p; + + p += krb_put_int(length, p, 4); + + memcpy(p, in, length); + p += length; + + gettimeofday(&tv, NULL); + + *p++ =tv.tv_usec / 5000; + + src_addr = sender->sin_addr.s_addr; + p += krb_put_address(src_addr, p); + + p += krb_put_int(lsb_time(tv.tv_sec, sender, receiver), p, 4); + + memset(p, 0, 7); + + des_pcbc_encrypt((des_cblock *)cipher, (des_cblock *)cipher, + len, schedule, key, DES_ENCRYPT); + + return (cipher - (unsigned char*)out) + len; +} diff --git a/crypto/kerberosIV/lib/krb/mk_req.c b/crypto/kerberosIV/lib/krb/mk_req.c new file mode 100644 index 0000000..313ea04 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/mk_req.c @@ -0,0 +1,215 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: mk_req.c,v 1.17 1997/05/30 17:42:38 bg Exp $"); + +static int lifetime = 255; /* But no longer than TGT says. */ + + +static void +build_request(KTEXT req, char *name, char *inst, char *realm, + u_int32_t checksum) +{ + struct timeval tv; + unsigned char *p = req->dat; + + p += krb_put_nir(name, inst, realm, p); + + p += krb_put_int(checksum, p, 4); + + + /* Fill in the times on the request id */ + gettimeofday(&tv, NULL); + + *p++ = tv.tv_usec / 5000; /* 5ms */ + + p += krb_put_int(tv.tv_sec, p, 4); + + /* Fill to a multiple of 8 bytes for DES */ + req->length = ((p - req->dat + 7)/8) * 8; +} + + +/* + * krb_mk_req takes a text structure in which an authenticator is to + * be built, the name of a service, an instance, a realm, + * and a checksum. It then retrieves a ticket for + * the desired service and creates an authenticator in the text + * structure passed as the first argument. krb_mk_req returns + * KSUCCESS on success and a Kerberos error code on failure. + * + * The peer procedure on the other end is krb_rd_req. When making + * any changes to this routine it is important to make corresponding + * changes to krb_rd_req. + * + * The authenticator consists of the following: + * + * authent->dat + * + * unsigned char KRB_PROT_VERSION protocol version no. + * unsigned char AUTH_MSG_APPL_REQUEST message type + * (least significant + * bit of above) HOST_BYTE_ORDER local byte ordering + * unsigned char kvno from ticket server's key version + * string realm server's realm + * unsigned char tl ticket length + * unsigned char idl request id length + * text ticket->dat ticket for server + * text req_id->dat request id + * + * The ticket information is retrieved from the ticket cache or + * fetched from Kerberos. The request id (called the "authenticator" + * in the papers on Kerberos) contains the following: + * + * req_id->dat + * + * string cr.pname {name, instance, and + * string cr.pinst realm of principal + * string myrealm making this request} + * 4 bytes checksum checksum argument given + * unsigned char tv_local.tf_usec time (milliseconds) + * 4 bytes tv_local.tv_sec time (seconds) + * + * req_id->length = 3 strings + 3 terminating nulls + 5 bytes for time, + * all rounded up to multiple of 8. + */ + +int +krb_mk_req(KTEXT authent, char *service, char *instance, char *realm, + int32_t checksum) +{ + KTEXT_ST req_st; + KTEXT req_id = &req_st; + + CREDENTIALS cr; /* Credentials used by retr */ + KTEXT ticket = &(cr.ticket_st); /* Pointer to tkt_st */ + int retval; /* Returned by krb_get_cred */ + + char myrealm[REALM_SZ]; + + unsigned char *p = authent->dat; + + p += krb_put_int(KRB_PROT_VERSION, p, 1); + + p += krb_put_int(AUTH_MSG_APPL_REQUEST, p, 1); + + /* Get the ticket and move it into the authenticator */ + if (krb_ap_req_debug) + krb_warning("Realm: %s\n", realm); + + retval = krb_get_cred(service,instance,realm,&cr); + + if (retval == RET_NOTKT) { + retval = get_ad_tkt(service, instance, realm, lifetime); + if (retval == KSUCCESS) + retval = krb_get_cred(service, instance, realm, &cr); + } + + if (retval != KSUCCESS) + return retval; + + + /* + * With multi realm ticket files either find a matching TGT or + * else use the first TGT for inter-realm authentication. + * + * In myrealm hold the realm of the principal "owning" the + * corresponding ticket-granting-ticket. + */ + + retval = krb_get_cred(KRB_TICKET_GRANTING_TICKET, realm, realm, 0); + if (retval == KSUCCESS) + strncpy(myrealm, realm, REALM_SZ); + else + retval = krb_get_tf_realm(TKT_FILE, myrealm); + + if (retval != KSUCCESS) + return retval; + + if (krb_ap_req_debug) + krb_warning("serv=%s.%s@%s princ=%s.%s@%s\n", service, instance, realm, + cr.pname, cr.pinst, myrealm); + + p += krb_put_int(cr.kvno, p, 1); + + p += krb_put_string(realm, p); + + p += krb_put_int(ticket->length, p, 1); + + build_request(req_id, cr.pname, cr.pinst, myrealm, checksum); + + encrypt_ktext(req_id, &cr.session, DES_ENCRYPT); + + p += krb_put_int(req_id->length, p, 1); + + memcpy(p, ticket->dat, ticket->length); + + p += ticket->length; + + memcpy(p, req_id->dat, req_id->length); + + p += req_id->length; + + authent->length = p - authent->dat; + + memset(&cr, 0, sizeof(cr)); + memset(&req_st, 0, sizeof(req_st)); + + if (krb_ap_req_debug) + krb_warning("Authent->length = %d\n", authent->length); + + return KSUCCESS; +} + +/* + * krb_set_lifetime sets the default lifetime for additional tickets + * obtained via krb_mk_req(). + * + * It returns the previous value of the default lifetime. + */ + +int +krb_set_lifetime(int newval) +{ + int olife = lifetime; + + lifetime = newval; + return(olife); +} diff --git a/crypto/kerberosIV/lib/krb/mk_safe.c b/crypto/kerberosIV/lib/krb/mk_safe.c new file mode 100644 index 0000000..df5ca21 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/mk_safe.c @@ -0,0 +1,131 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: mk_safe.c,v 1.21 1997/04/19 23:18:03 joda Exp $"); + +/* application include files */ +#include "lsb_addr_comp.h" + + +/* from rd_safe.c */ +extern int dqc_type; +void fixup_quad_cksum(void*, size_t, des_cblock*, void*, void*, int); + +/* + * krb_mk_safe() constructs an AUTH_MSG_SAFE message. It takes some + * user data "in" of "length" bytes and creates a packet in "out" + * consisting of the user data, a timestamp, and the sender's network + * address, followed by a checksum computed on the above, using the + * given "key". The length of the resulting packet is returned. + * + * The "out" packet consists of: + * + * Size Variable Field + * ---- -------- ----- + * + * 1 byte KRB_PROT_VERSION protocol version number + * 1 byte AUTH_MSG_SAFE | message type plus local + * HOST_BYTE_ORDER byte order in low bit + * + * ===================== begin checksum ================================ + * + * 4 bytes length length of user data + * length in user data + * 1 byte msg_time_5ms timestamp milliseconds + * 4 bytes sender->sin.addr.s_addr sender's IP address + * + * 4 bytes msg_time_sec or timestamp seconds with + * -msg_time_sec direction in sign bit + * + * ======================= end checksum ================================ + * + * 16 bytes big_cksum quadratic checksum of + * above using "key" + */ + +int32_t +krb_mk_safe(void *in, void *out, u_int32_t length, des_cblock *key, + struct sockaddr_in *sender, struct sockaddr_in *receiver) +{ + unsigned char * p = (unsigned char*)out; + struct timeval tv; + unsigned char *start; + u_int32_t src_addr; + + p += krb_put_int(KRB_PROT_VERSION, p, 1); + p += krb_put_int(AUTH_MSG_SAFE, p, 1); + + start = p; + + p += krb_put_int(length, p, 4); + + memcpy(p, in, length); + p += length; + + gettimeofday(&tv, NULL); + + *p++ = tv.tv_usec/5000; /* 5ms */ + + src_addr = sender->sin_addr.s_addr; + p += krb_put_address(src_addr, p); + + p += krb_put_int(lsb_time(tv.tv_sec, sender, receiver), p, 4); + + { + /* We are faking big endian mode, so we need to fix the + * checksum (that is byte order dependent). We always send a + * checksum of the new type, unless we know that we are + * talking to an old client (this requires a call to + * krb_rd_safe first). + */ + unsigned char new_checksum[16]; + unsigned char old_checksum[16]; + fixup_quad_cksum(start, p - start, key, new_checksum, old_checksum, 0); + + if((dqc_type == DES_QUAD_GUESS && DES_QUAD_DEFAULT == DES_QUAD_OLD) || + dqc_type == DES_QUAD_OLD) + memcpy(p, old_checksum, 16); + else + memcpy(p, new_checksum, 16); + } + p += 16; + + return p - (unsigned char*)out; +} diff --git a/crypto/kerberosIV/lib/krb/month_sname.c b/crypto/kerberosIV/lib/krb/month_sname.c new file mode 100644 index 0000000..aaceee5 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/month_sname.c @@ -0,0 +1,39 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + + */ + +#include "krb_locl.h" + +RCSID("$Id: month_sname.c,v 1.5 1997/03/23 03:53:14 joda Exp $"); + +/* + * Given an integer 1-12, month_sname() returns a string + * containing the first three letters of the corresponding + * month. Returns 0 if the argument is out of range. + */ + +const char *month_sname(int n) +{ + static const char *name[] = { + "Jan","Feb","Mar","Apr","May","Jun", + "Jul","Aug","Sep","Oct","Nov","Dec" + }; + return((n < 1 || n > 12) ? 0 : name [n-1]); +} diff --git a/crypto/kerberosIV/lib/krb/name2name.c b/crypto/kerberosIV/lib/krb/name2name.c new file mode 100644 index 0000000..fa95b89 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/name2name.c @@ -0,0 +1,102 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: name2name.c,v 1.15 1997/04/30 04:30:36 assar Exp $"); + +/* convert host to a more fully qualified domain name, returns 0 if + * phost is the same as host, 1 otherwise. phost should be + * phost_size bytes long. + */ + +int +krb_name_to_name(const char *host, char *phost, size_t phost_size) +{ + struct hostent *hp; + struct in_addr adr; + const char *tmp; + + adr.s_addr = inet_addr(host); + hp = gethostbyname(host); + if (hp == NULL && adr.s_addr != INADDR_NONE) + hp = gethostbyaddr((char *)&adr, sizeof(adr), AF_INET); + if (hp == NULL) + tmp = host; + else + tmp = hp->h_name; + strncpy (phost, tmp, phost_size); + phost[phost_size - 1] = '\0'; + + if (strcmp(phost, host) == 0) + return 0; + else + return 1; +} + +/* lowercase and truncate */ + +void +k_ricercar(char *name) +{ + char *p = name; + while(*p && *p != '.'){ + if(isupper(*p)) + *p = tolower(*p); + p++; + } + if(*p == '.') + *p = 0; +} + +/* + * This routine takes an alias for a host name and returns the first + * field, in lower case, of its domain name. + * + * Example: "fOo.BAR.com" -> "foo" + */ + +char * +krb_get_phost(const char *alias) +{ + static char phost[MaxHostNameLen+1]; + + krb_name_to_name(alias, phost, sizeof(phost)); + k_ricercar(phost); + return phost; +} diff --git a/crypto/kerberosIV/lib/krb/netread.c b/crypto/kerberosIV/lib/krb/netread.c new file mode 100644 index 0000000..cbc1bd1 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/netread.c @@ -0,0 +1,55 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + + */ + +#include "krb_locl.h" + +RCSID("$Id: netread.c,v 1.6 1997/03/23 03:53:15 joda Exp $"); + +/* + * krb_net_read() reads from the file descriptor "fd" to the buffer + * "buf", until either 1) "len" bytes have been read or 2) cannot + * read anymore from "fd". It returns the number of bytes read + * or a read() error. (The calling interface is identical to + * read(2).) + * + * XXX must not use non-blocking I/O + */ + +int +krb_net_read (int fd, void *v, size_t len) +{ + int cc, len2 = 0; + char *buf = v; + + do { + cc = read(fd, buf, len); + if (cc < 0) + return(cc); /* errno is already set */ + else if (cc == 0) { + return(len2); + } else { + buf += cc; + len2 += cc; + len -= cc; + } + } while (len > 0); + return(len2); +} diff --git a/crypto/kerberosIV/lib/krb/netwrite.c b/crypto/kerberosIV/lib/krb/netwrite.c new file mode 100644 index 0000000..0703d91 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/netwrite.c @@ -0,0 +1,52 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + + */ + +#include "krb_locl.h" + +RCSID("$Id: netwrite.c,v 1.7 1997/03/23 03:53:15 joda Exp $"); + +/* + * krb_net_write() writes "len" bytes from "buf" to the file + * descriptor "fd". It returns the number of bytes written or + * a write() error. (The calling interface is identical to + * write(2).) + * + * XXX must not use non-blocking I/O + */ + +int +krb_net_write(int fd, const void *v, size_t len) +{ + int cc; + int wrlen = len; + const char *buf = (const char*)v; + + do { + cc = write(fd, buf, wrlen); + if (cc < 0) + return(cc); + else { + buf += cc; + wrlen -= cc; + } + } while (wrlen > 0); + return(len); +} diff --git a/crypto/kerberosIV/lib/krb/one.c b/crypto/kerberosIV/lib/krb/one.c new file mode 100644 index 0000000..d43b284 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/one.c @@ -0,0 +1,27 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + + WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + distribute this software and its documentation for any purpose and + without fee is hereby granted, provided that the above copyright + notice appear in all copies and that both that copyright notice and + this permission notice appear in supporting documentation, and that + the name of M.I.T. not be used in advertising or publicity pertaining + to distribution of the software without specific, written prior + permission. M.I.T. makes no representations about the suitability of + this software for any purpose. It is provided "as is" without express + or implied warranty. + + */ + +/* + * definition of variable set to 1. + * used in krb_conf.h to determine host byte order. + */ + +int krbONE = 1; diff --git a/crypto/kerberosIV/lib/krb/parse_name.c b/crypto/kerberosIV/lib/krb/parse_name.c new file mode 100644 index 0000000..1184330 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/parse_name.c @@ -0,0 +1,199 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: parse_name.c,v 1.4 1997/04/01 08:18:39 joda Exp $"); + +int +krb_parse_name(const char *fullname, krb_principal *principal) +{ + const char *p; + char *ns, *np; + enum {n, i, r} pos = n; + int quote = 0; + ns = np = principal->name; + + principal->name[0] = 0; + principal->instance[0] = 0; + principal->realm[0] = 0; + + for(p = fullname; *p; p++){ + if(np - ns == ANAME_SZ - 1) /* XXX they have the same size */ + return KNAME_FMT; + if(quote){ + *np++ = *p; + quote = 0; + continue; + } + if(*p == '\\') + quote = 1; + else if(*p == '.' && pos == n){ + *np = 0; + ns = np = principal->instance; + pos = i; + }else if(*p == '@' && (pos == n || pos == i)){ + *np = 0; + ns = np = principal->realm; + pos = r; + }else + *np++ = *p; + } + *np = 0; + if(quote || principal->name[0] == 0) + return KNAME_FMT; + return KSUCCESS; +} + +int +kname_parse(char *np, char *ip, char *rp, char *fullname) +{ + krb_principal p; + int ret; + if((ret = krb_parse_name(fullname, &p)) == 0){ + strcpy(np, p.name); + strcpy(ip, p.instance); + if(p.realm[0]) + strcpy(rp, p.realm); + } + return ret; +} +/* + * k_isname() returns 1 if the given name is a syntactically legitimate + * Kerberos name; returns 0 if it's not. + */ + +int +k_isname(char *s) +{ + char c; + int backslash = 0; + + if (!*s) + return 0; + if (strlen(s) > ANAME_SZ - 1) + return 0; + while ((c = *s++)) { + if (backslash) { + backslash = 0; + continue; + } + switch(c) { + case '\\': + backslash = 1; + break; + case '.': + return 0; + /* break; */ + case '@': + return 0; + /* break; */ + } + } + return 1; +} + + +/* + * k_isinst() returns 1 if the given name is a syntactically legitimate + * Kerberos instance; returns 0 if it's not. + */ + +int +k_isinst(char *s) +{ + char c; + int backslash = 0; + + if (strlen(s) > INST_SZ - 1) + return 0; + while ((c = *s++)) { + if (backslash) { + backslash = 0; + continue; + } + switch(c) { + case '\\': + backslash = 1; + break; + case '.': +#if INSTANCE_DOTS_OK + break; +#else /* INSTANCE_DOTS_OK */ + return 0; +#endif /* INSTANCE_DOTS_OK */ + /* break; */ + case '@': + return 0; + /* break; */ + } + } + return 1; +} + +/* + * k_isrealm() returns 1 if the given name is a syntactically legitimate + * Kerberos realm; returns 0 if it's not. + */ + +int +k_isrealm(char *s) +{ + char c; + int backslash = 0; + + if (!*s) + return 0; + if (strlen(s) > REALM_SZ - 1) + return 0; + while ((c = *s++)) { + if (backslash) { + backslash = 0; + continue; + } + switch(c) { + case '\\': + backslash = 1; + break; + case '@': + return 0; + /* break; */ + } + } + return 1; +} diff --git a/crypto/kerberosIV/lib/krb/prot.h b/crypto/kerberosIV/lib/krb/prot.h new file mode 100644 index 0000000..e4825e1 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/prot.h @@ -0,0 +1,105 @@ +/* + * $Id: prot.h,v 1.7 1997/03/23 03:52:27 joda Exp $ + * + * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute + * of Technology. + * + * For copying and distribution information, please see the file + * <mit-copyright.h>. + * + * Include file with authentication protocol information. + */ + +#ifndef PROT_DEFS +#define PROT_DEFS + +#define KRB_SERVICE "kerberos-iv" +#define KRB_PORT 750 /* PC's don't have + * /etc/services */ +#define KRB_PROT_VERSION 4 +#define MAX_PKT_LEN 1000 +#define MAX_TXT_LEN 1000 + +/* Macro's to obtain various fields from a packet */ + +#define pkt_version(packet) (unsigned int) *(packet->dat) +#define pkt_msg_type(packet) (unsigned int) *(packet->dat+1) +#define pkt_a_name(packet) (packet->dat+2) +#define pkt_a_inst(packet) \ + (packet->dat+3+strlen((char *)pkt_a_name(packet))) +#define pkt_a_realm(packet) \ + (pkt_a_inst(packet)+1+strlen((char *)pkt_a_inst(packet))) + +/* Macro to obtain realm from application request */ +#define apreq_realm(auth) (auth->dat + 3) + +#define pkt_time_ws(packet) (char *) \ + (packet->dat+5+strlen((char *)pkt_a_name(packet)) + \ + strlen((char *)pkt_a_inst(packet)) + \ + strlen((char *)pkt_a_realm(packet))) + +#define pkt_no_req(packet) (unsigned short) \ + *(packet->dat+9+strlen((char *)pkt_a_name(packet)) + \ + strlen((char *)pkt_a_inst(packet)) + \ + strlen((char *)pkt_a_realm(packet))) +#define pkt_x_date(packet) (char *) \ + (packet->dat+10+strlen((char *)pkt_a_name(packet)) + \ + strlen((char *)pkt_a_inst(packet)) + \ + strlen((char *)pkt_a_realm(packet))) +#define pkt_err_code(packet) ( (char *) \ + (packet->dat+9+strlen((char *)pkt_a_name(packet)) + \ + strlen((char *)pkt_a_inst(packet)) + \ + strlen((char *)pkt_a_realm(packet)))) +#define pkt_err_text(packet) \ + (packet->dat+13+strlen((char *)pkt_a_name(packet)) + \ + strlen((char *)pkt_a_inst(packet)) + \ + strlen((char *)pkt_a_realm(packet))) + +/* Routines to create and read packets may be found in prot.c */ + +KTEXT create_auth_reply(char *pname, char *pinst, char *prealm, + int32_t time_ws, int n, u_int32_t x_date, + int kvno, KTEXT cipher); +#ifdef DEBUG +KTEXT krb_create_death_packet(char *a_name); +#endif + +/* Message types , always leave lsb for byte order */ + +#define AUTH_MSG_KDC_REQUEST 1<<1 +#define AUTH_MSG_KDC_REPLY 2<<1 +#define AUTH_MSG_APPL_REQUEST 3<<1 +#define AUTH_MSG_APPL_REQUEST_MUTUAL 4<<1 +#define AUTH_MSG_ERR_REPLY 5<<1 +#define AUTH_MSG_PRIVATE 6<<1 +#define AUTH_MSG_SAFE 7<<1 +#define AUTH_MSG_APPL_ERR 8<<1 +#define AUTH_MSG_KDC_FORWARD 9<<1 +#define AUTH_MSG_KDC_RENEW 10<<1 +#define AUTH_MSG_DIE 63<<1 + +/* values for kerb error codes */ + +#define KERB_ERR_OK 0 +#define KERB_ERR_NAME_EXP 1 +#define KERB_ERR_SERVICE_EXP 2 +#define KERB_ERR_AUTH_EXP 3 +#define KERB_ERR_PKT_VER 4 +#define KERB_ERR_NAME_MAST_KEY_VER 5 +#define KERB_ERR_SERV_MAST_KEY_VER 6 +#define KERB_ERR_BYTE_ORDER 7 +#define KERB_ERR_PRINCIPAL_UNKNOWN 8 +#define KERB_ERR_PRINCIPAL_NOT_UNIQUE 9 +#define KERB_ERR_NULL_KEY 10 +#define KERB_ERR_TIMEOUT 11 + +/* sendauth - recvauth */ + +/* + * If the protocol changes, you will need to change the version string + * be sure to support old versions of krb_sendauth! + */ + +#define KRB_SENDAUTH_VERS "AUTHV0.1" /* MUST be KRB_SENDAUTH_VLEN chars */ + +#endif /* PROT_DEFS */ diff --git a/crypto/kerberosIV/lib/krb/rd_err.c b/crypto/kerberosIV/lib/krb/rd_err.c new file mode 100644 index 0000000..3382eab --- /dev/null +++ b/crypto/kerberosIV/lib/krb/rd_err.c @@ -0,0 +1,82 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: rd_err.c,v 1.8 1997/04/01 08:18:40 joda Exp $"); + +/* + * Given an AUTH_MSG_APPL_ERR message, "in" and its length "in_length", + * return the error code from the message in "code" and the text in + * "m_data" as follows: + * + * m_data->app_data points to the error text + * m_data->app_length points to the length of the error text + * + * If all goes well, return RD_AP_OK. If the version number + * is wrong, return RD_AP_VERSION, and if it's not an AUTH_MSG_APPL_ERR + * type message, return RD_AP_MSG_TYPE. + * + * The AUTH_MSG_APPL_ERR message format can be found in mk_err.c + */ + +int +krb_rd_err(u_char *in, u_int32_t in_length, int32_t *code, MSG_DAT *m_data) +{ + unsigned char *p = (unsigned char*)in; + + unsigned char pvno, type; + int little_endian; + + pvno = *p++; + if(pvno != KRB_PROT_VERSION) + return RD_AP_VERSION; + + type = *p++; + little_endian = type & 1; + type &= ~1; + + if(type != AUTH_MSG_APPL_ERR) + return RD_AP_MSG_TYPE; + + p += krb_get_int(p, (u_int32_t *)&code, 4, little_endian); + + m_data->app_data = p; + m_data->app_length = in_length; /* XXX is this correct? */ + return KSUCCESS; +} diff --git a/crypto/kerberosIV/lib/krb/rd_priv.c b/crypto/kerberosIV/lib/krb/rd_priv.c new file mode 100644 index 0000000..58ecd9f --- /dev/null +++ b/crypto/kerberosIV/lib/krb/rd_priv.c @@ -0,0 +1,129 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: rd_priv.c,v 1.24 1997/05/14 17:53:29 joda Exp $"); + +/* application include files */ +#include "lsb_addr_comp.h" + +/* + * krb_rd_priv() decrypts and checks the integrity of an + * AUTH_MSG_PRIVATE message. Given the message received, "in", + * the length of that message, "in_length", the key "schedule" + * and "key", and the network addresses of the + * "sender" and "receiver" of the message, krb_rd_safe() returns + * RD_AP_OK if the message is okay, otherwise some error code. + * + * The message data retrieved from "in" are returned in the structure + * "m_data". The pointer to the application data + * (m_data->app_data) refers back to the appropriate place in "in". + * + * See the file "mk_priv.c" for the format of the AUTH_MSG_PRIVATE + * message. The structure containing the extracted message + * information, MSG_DAT, is defined in "krb.h". + */ + +int32_t +krb_rd_priv(void *in, u_int32_t in_length, + struct des_ks_struct *schedule, des_cblock *key, + struct sockaddr_in *sender, struct sockaddr_in *receiver, + MSG_DAT *m_data) +{ + unsigned char *p = (unsigned char*)in; + int little_endian; + u_int32_t clen; + struct timeval tv; + u_int32_t src_addr; + int delta_t; + + unsigned char pvno, type; + + pvno = *p++; + if(pvno != KRB_PROT_VERSION) + return RD_AP_VERSION; + + type = *p++; + little_endian = type & 1; + type &= ~1; + + p += krb_get_int(p, &clen, 4, little_endian); + + if(clen + 2 > in_length) + return RD_AP_MODIFIED; + + des_pcbc_encrypt((des_cblock*)p, (des_cblock*)p, clen, + schedule, key, DES_DECRYPT); + + p += krb_get_int(p, &m_data->app_length, 4, little_endian); + if(m_data->app_length + 17 > in_length) + return RD_AP_MODIFIED; + + m_data->app_data = p; + p += m_data->app_length; + + m_data->time_5ms = *p++; + + p += krb_get_address(p, &src_addr); + + if (!krb_equiv(src_addr, sender->sin_addr.s_addr)) + return RD_AP_BADD; + + p += krb_get_int(p, (u_int32_t *)&m_data->time_sec, 4, little_endian); + + m_data->time_sec = lsb_time(m_data->time_sec, sender, receiver); + + gettimeofday(&tv, NULL); + + /* check the time integrity of the msg */ + delta_t = abs((int)((long) tv.tv_sec - m_data->time_sec)); + if (delta_t > CLOCK_SKEW) + return RD_AP_TIME; + if (krb_debug) + krb_warning("\ndelta_t = %d", (int) delta_t); + + /* + * caller must check timestamps for proper order and + * replays, since server might have multiple clients + * each with its own timestamps and we don't assume + * tightly synchronized clocks. + */ + + return KSUCCESS; +} diff --git a/crypto/kerberosIV/lib/krb/rd_req.c b/crypto/kerberosIV/lib/krb/rd_req.c new file mode 100644 index 0000000..1a3e848 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/rd_req.c @@ -0,0 +1,324 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: rd_req.c,v 1.24 1997/05/11 11:05:28 assar Exp $"); + +static struct timeval t_local = { 0, 0 }; + +/* + * Keep the following information around for subsequent calls + * to this routine by the same server using the same key. + */ + +static des_key_schedule serv_key; /* Key sched to decrypt ticket */ +static des_cblock ky; /* Initialization vector */ +static int st_kvno; /* version number for this key */ +static char st_rlm[REALM_SZ]; /* server's realm */ +static char st_nam[ANAME_SZ]; /* service name */ +static char st_inst[INST_SZ]; /* server's instance */ + +/* + * This file contains two functions. krb_set_key() takes a DES + * key or password string and returns a DES key (either the original + * key, or the password converted into a DES key) and a key schedule + * for it. + * + * krb_rd_req() reads an authentication request and returns information + * about the identity of the requestor, or an indication that the + * identity information was not authentic. + */ + +/* + * krb_set_key() takes as its first argument either a DES key or a + * password string. The "cvt" argument indicates how the first + * argument "key" is to be interpreted: if "cvt" is null, "key" is + * taken to be a DES key; if "cvt" is non-null, "key" is taken to + * be a password string, and is converted into a DES key using + * string_to_key(). In either case, the resulting key is returned + * in the external static variable "ky". A key schedule is + * generated for "ky" and returned in the external static variable + * "serv_key". + * + * This routine returns the return value of des_key_sched. + * + * krb_set_key() needs to be in the same .o file as krb_rd_req() so that + * the key set by krb_set_key() is available in private storage for + * krb_rd_req(). + */ + +int +krb_set_key(void *key, int cvt) +{ +#ifdef NOENCRYPTION + memset(ky, 0, sizeof(ky)); + return KSUCCESS; +#else /* Encrypt */ + if (cvt) + des_string_to_key((char*)key, &ky); + else + memcpy((char*)ky, key, 8); + return(des_key_sched(&ky, serv_key)); +#endif /* NOENCRYPTION */ +} + + +/* + * krb_rd_req() takes an AUTH_MSG_APPL_REQUEST or + * AUTH_MSG_APPL_REQUEST_MUTUAL message created by krb_mk_req(), + * checks its integrity and returns a judgement as to the requestor's + * identity. + * + * The "authent" argument is a pointer to the received message. + * The "service" and "instance" arguments name the receiving server, + * and are used to get the service's ticket to decrypt the ticket + * in the message, and to compare against the server name inside the + * ticket. "from_addr" is the network address of the host from which + * the message was received; this is checked against the network + * address in the ticket. If "from_addr" is zero, the check is not + * performed. "ad" is an AUTH_DAT structure which is + * filled in with information about the sender's identity according + * to the authenticator and ticket sent in the message. Finally, + * "fn" contains the name of the file containing the server's key. + * (If "fn" is NULL, the server's key is assumed to have been set + * by krb_set_key(). If "fn" is the null string ("") the default + * file KEYFILE, defined in "krb.h", is used.) + * + * krb_rd_req() returns RD_AP_OK if the authentication information + * was genuine, or one of the following error codes (defined in + * "krb.h"): + * + * RD_AP_VERSION - wrong protocol version number + * RD_AP_MSG_TYPE - wrong message type + * RD_AP_UNDEC - couldn't decipher the message + * RD_AP_INCON - inconsistencies found + * RD_AP_BADD - wrong network address + * RD_AP_TIME - client time (in authenticator) + * too far off server time + * RD_AP_NYV - Kerberos time (in ticket) too + * far off server time + * RD_AP_EXP - ticket expired + * + * For the message format, see krb_mk_req(). + * + * Mutual authentication is not implemented. + */ + +int +krb_rd_req(KTEXT authent, /* The received message */ + char *service, /* Service name */ + char *instance, /* Service instance */ + int32_t from_addr, /* Net address of originating host */ + AUTH_DAT *ad, /* Structure to be filled in */ + char *fn) /* Filename to get keys from */ +{ + static KTEXT_ST ticket; /* Temp storage for ticket */ + static KTEXT tkt = &ticket; + static KTEXT_ST req_id_st; /* Temp storage for authenticator */ + KTEXT req_id = &req_id_st; + + char realm[REALM_SZ]; /* Realm of issuing kerberos */ + + unsigned char skey[KKEY_SZ]; /* Session key from ticket */ + char sname[SNAME_SZ]; /* Service name from ticket */ + char iname[INST_SZ]; /* Instance name from ticket */ + char r_aname[ANAME_SZ]; /* Client name from authenticator */ + char r_inst[INST_SZ]; /* Client instance from authenticator */ + char r_realm[REALM_SZ]; /* Client realm from authenticator */ + u_int32_t r_time_sec; /* Coarse time from authenticator */ + unsigned long delta_t; /* Time in authenticator - local time */ + long tkt_age; /* Age of ticket */ + static unsigned char s_kvno;/* Version number of the server's key + * Kerberos used to encrypt ticket */ + + struct timeval tv; + int status; + + int pvno; + int type; + int little_endian; + + unsigned char *p; + + if (authent->length <= 0) + return(RD_AP_MODIFIED); + + p = authent->dat; + + /* get msg version, type and byte order, and server key version */ + + pvno = *p++; + + if(pvno != KRB_PROT_VERSION) + return RD_AP_VERSION; + + type = *p++; + + little_endian = type & 1; + type &= ~1; + + if(type != AUTH_MSG_APPL_REQUEST && type != AUTH_MSG_APPL_REQUEST_MUTUAL) + return RD_AP_MSG_TYPE; + + s_kvno = *p++; + + p += krb_get_string(p, realm); + + /* + * If "fn" is NULL, key info should already be set; don't + * bother with ticket file. Otherwise, check to see if we + * already have key info for the given server and key version + * (saved in the static st_* variables). If not, go get it + * from the ticket file. If "fn" is the null string, use the + * default ticket file. + */ + if (fn && (strcmp(st_nam,service) || strcmp(st_inst,instance) || + strcmp(st_rlm,realm) || (st_kvno != s_kvno))) { + if (*fn == 0) fn = KEYFILE; + st_kvno = s_kvno; + if (read_service_key(service, instance, realm, s_kvno, + fn, (char *)skey)) + return(RD_AP_UNDEC); + if ((status = krb_set_key((char*)skey, 0))) + return(status); + strcpy(st_rlm, realm); + strcpy(st_nam, service); + strcpy(st_inst, instance); + } + + tkt->length = *p++; + + req_id->length = *p++; + + if(tkt->length + (p - authent->dat) > authent->length) + return RD_AP_MODIFIED; + + memcpy(tkt->dat, p, tkt->length); + p += tkt->length; + + if (krb_ap_req_debug) + krb_log("ticket->length: %d",tkt->length); + + /* Decrypt and take apart ticket */ + if (decomp_ticket(tkt, &ad->k_flags, ad->pname, ad->pinst, ad->prealm, + &ad->address, ad->session, &ad->life, + &ad->time_sec, sname, iname, &ky, serv_key)) + return RD_AP_UNDEC; + + if (krb_ap_req_debug) { + krb_log("Ticket Contents."); + krb_log(" Aname: %s.%s",ad->pname, ad->prealm); + krb_log(" Service: %s", krb_unparse_name_long(sname, iname, NULL)); + } + + /* Extract the authenticator */ + + if(req_id->length + (p - authent->dat) > authent->length) + return RD_AP_MODIFIED; + + memcpy(req_id->dat, p, req_id->length); + p = req_id->dat; + +#ifndef NOENCRYPTION + /* And decrypt it with the session key from the ticket */ + if (krb_ap_req_debug) krb_log("About to decrypt authenticator"); + + encrypt_ktext(req_id, &ad->session, DES_DECRYPT); + + if (krb_ap_req_debug) krb_log("Done."); +#endif /* NOENCRYPTION */ + + /* cast req_id->length to int? */ +#define check_ptr() if ((ptr - (char *) req_id->dat) > req_id->length) return(RD_AP_MODIFIED); + + p += krb_get_nir(p, r_aname, r_inst, r_realm); /* XXX no rangecheck */ + + p += krb_get_int(p, &ad->checksum, 4, little_endian); + + p++; /* time_5ms is not used */ + + p += krb_get_int(p, &r_time_sec, 4, little_endian); + + /* Check for authenticity of the request */ + if (krb_ap_req_debug) + krb_log("Principal: %s.%s@%s / %s.%s@%s",ad->pname,ad->pinst, ad->prealm, + r_aname, r_inst, r_realm); + if (strcmp(ad->pname, r_aname) != 0 || + strcmp(ad->pinst, r_inst) != 0 || + strcmp(ad->prealm, r_realm) != 0) + return RD_AP_INCON; + + if (krb_ap_req_debug) + krb_log("Address: %x %x", ad->address, from_addr); + + if (from_addr && (!krb_equiv(ad->address, from_addr))) + return RD_AP_BADD; + + gettimeofday(&tv, NULL); + delta_t = abs((int)(tv.tv_sec - r_time_sec)); + if (delta_t > CLOCK_SKEW) { + if (krb_ap_req_debug) + krb_log("Time out of range: %lu - %lu = %lu", + (unsigned long)t_local.tv_sec, + (unsigned long)r_time_sec, + (unsigned long)delta_t); + return RD_AP_TIME; + } + + /* Now check for expiration of ticket */ + + tkt_age = tv.tv_sec - ad->time_sec; + if (krb_ap_req_debug) + krb_log("Time: %ld Issue Date: %lu Diff: %ld Life %x", + (long)tv.tv_sec, + (unsigned long)ad->time_sec, + tkt_age, + ad->life); + + if ((tkt_age < 0) && (-tkt_age > CLOCK_SKEW)) + return RD_AP_NYV; + + if (tv.tv_sec > krb_life_to_time(ad->time_sec, ad->life)) + return RD_AP_EXP; + + /* All seems OK */ + ad->reply.length = 0; + + return(RD_AP_OK); +} diff --git a/crypto/kerberosIV/lib/krb/rd_safe.c b/crypto/kerberosIV/lib/krb/rd_safe.c new file mode 100644 index 0000000..8471df0 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/rd_safe.c @@ -0,0 +1,178 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: rd_safe.c,v 1.24 1997/04/19 23:18:20 joda Exp $"); + +/* application include files */ +#include "lsb_addr_comp.h" + +/* Generate two checksums in the given byteorder of the data, one + * new-form and one old-form. It has to be done this way to be + * compatible with the old version of des_quad_cksum. + */ + +/* des_quad_chsum-type; 0 == unknown, 1 == new PL10++, 2 == old */ +int dqc_type = DES_QUAD_DEFAULT; + +void +fixup_quad_cksum(void *start, size_t len, des_cblock *key, + void *new_checksum, void *old_checksum, int little) +{ + des_quad_cksum((des_cblock*)start, (des_cblock*)new_checksum, len, 2, key); + if(HOST_BYTE_ORDER){ + if(little){ + memcpy(old_checksum, new_checksum, 16); + }else{ + u_int32_t *tmp = (u_int32_t*)new_checksum; + memcpy(old_checksum, new_checksum, 16); + swap_u_16(old_checksum); + swap_u_long(tmp[0]); + swap_u_long(tmp[1]); + swap_u_long(tmp[2]); + swap_u_long(tmp[3]); + } + }else{ + if(little){ + u_int32_t *tmp = (u_int32_t*)new_checksum; + swap_u_long(tmp[0]); + swap_u_long(tmp[1]); + swap_u_long(tmp[2]); + swap_u_long(tmp[3]); + memcpy(old_checksum, new_checksum, 16); + }else{ + u_int32_t tmp[4]; + tmp[0] = ((u_int32_t*)new_checksum)[3]; + tmp[1] = ((u_int32_t*)new_checksum)[2]; + tmp[2] = ((u_int32_t*)new_checksum)[1]; + tmp[3] = ((u_int32_t*)new_checksum)[0]; + memcpy(old_checksum, tmp, 16); + } + } +} + +/* + * krb_rd_safe() checks the integrity of an AUTH_MSG_SAFE message. + * Given the message received, "in", the length of that message, + * "in_length", the "key" to compute the checksum with, and the + * network addresses of the "sender" and "receiver" of the message, + * krb_rd_safe() returns RD_AP_OK if message is okay, otherwise + * some error code. + * + * The message data retrieved from "in" is returned in the structure + * "m_data". The pointer to the application data (m_data->app_data) + * refers back to the appropriate place in "in". + * + * See the file "mk_safe.c" for the format of the AUTH_MSG_SAFE + * message. The structure containing the extracted message + * information, MSG_DAT, is defined in "krb.h". + */ + +int32_t +krb_rd_safe(void *in, u_int32_t in_length, des_cblock *key, + struct sockaddr_in *sender, struct sockaddr_in *receiver, + MSG_DAT *m_data) +{ + unsigned char *p = (unsigned char*)in, *start; + + unsigned char pvno, type; + int little_endian; + struct timeval tv; + u_int32_t src_addr; + int delta_t; + + + pvno = *p++; + if(pvno != KRB_PROT_VERSION) + return RD_AP_VERSION; + + type = *p++; + little_endian = type & 1; + type &= ~1; + if(type != AUTH_MSG_SAFE) + return RD_AP_MSG_TYPE; + + start = p; + + p += krb_get_int(p, &m_data->app_length, 4, little_endian); + + if(m_data->app_length + 31 > in_length) + return RD_AP_MODIFIED; + + m_data->app_data = p; + + p += m_data->app_length; + + m_data->time_5ms = *p++; + + p += krb_get_address(p, &src_addr); + + if (!krb_equiv(src_addr, sender->sin_addr.s_addr)) + return RD_AP_BADD; + + p += krb_get_int(p, (u_int32_t *)&m_data->time_sec, 4, little_endian); + m_data->time_sec = lsb_time(m_data->time_sec, sender, receiver); + + gettimeofday(&tv, NULL); + + delta_t = abs((int)((long) tv.tv_sec - m_data->time_sec)); + if (delta_t > CLOCK_SKEW) return RD_AP_TIME; + + /* + * caller must check timestamps for proper order and replays, since + * server might have multiple clients each with its own timestamps + * and we don't assume tightly synchronized clocks. + */ + + { + unsigned char new_checksum[16]; + unsigned char old_checksum[16]; + fixup_quad_cksum(start, p - start, key, + new_checksum, old_checksum, little_endian); + if((dqc_type == DES_QUAD_GUESS || dqc_type == DES_QUAD_NEW) && + memcmp(new_checksum, p, 16) == 0) + dqc_type = DES_QUAD_NEW; + else if((dqc_type == DES_QUAD_GUESS || dqc_type == DES_QUAD_OLD) && + memcmp(old_checksum, p, 16) == 0) + dqc_type = DES_QUAD_OLD; + else + return RD_AP_MODIFIED; + } + return KSUCCESS; +} diff --git a/crypto/kerberosIV/lib/krb/read_service_key.c b/crypto/kerberosIV/lib/krb/read_service_key.c new file mode 100644 index 0000000..6de5db2 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/read_service_key.c @@ -0,0 +1,116 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + + */ + +#include "krb_locl.h" + +RCSID("$Id: read_service_key.c,v 1.8 1997/03/23 03:53:16 joda Exp $"); + +/* + * The private keys for servers on a given host are stored in a + * "srvtab" file (typically "/etc/srvtab"). This routine extracts + * a given server's key from the file. + * + * read_service_key() takes the server's name ("service"), "instance", + * and "realm" and a key version number "kvno", and looks in the given + * "file" for the corresponding entry, and if found, returns the entry's + * key field in "key". + * + * If "instance" contains the string "*", then it will match + * any instance, and the chosen instance will be copied to that + * string. For this reason it is important that the there is enough + * space beyond the "*" to receive the entry. + * + * If "kvno" is 0, it is treated as a wild card and the first + * matching entry regardless of the "vno" field is returned. + * + * This routine returns KSUCCESS on success, otherwise KFAILURE. + * + * The format of each "srvtab" entry is as follows: + * + * Size Variable Field in file + * ---- -------- ------------- + * string serv server name + * string inst server instance + * string realm server realm + * 1 byte vno server key version # + * 8 bytes key server's key + * ... ... ... + */ + + +int +read_service_key(char *service, /* Service Name */ + char *instance, /* Instance name or "*" */ + char *realm, /* Realm */ + int kvno, /* Key version number */ + char *file, /* Filename */ + char *key) /* Pointer to key to be filled in */ +{ + char serv[SNAME_SZ]; + char inst[INST_SZ]; + char rlm[REALM_SZ]; + unsigned char vno; /* Key version number */ + int wcard; + + int stab; + + if ((stab = open(file, O_RDONLY, 0)) < 0) + return(KFAILURE); + + wcard = (instance[0] == '*') && (instance[1] == '\0'); + + while (getst(stab,serv,SNAME_SZ) > 0) { /* Read sname */ + getst(stab,inst,INST_SZ); /* Instance */ + getst(stab,rlm,REALM_SZ); /* Realm */ + /* Vers number */ + if (read(stab, &vno, 1) != 1) { + close(stab); + return(KFAILURE); + } + /* Key */ + if (read(stab,key,8) != 8) { + close(stab); + return(KFAILURE); + } + /* Is this the right service */ + if (strcmp(serv,service)) + continue; + /* How about instance */ + if (!wcard && strcmp(inst,instance)) + continue; + if (wcard) + strncpy(instance,inst,INST_SZ); + /* Is this the right realm */ + if (strcmp(rlm,realm)) + continue; + + /* How about the key version number */ + if (kvno && kvno != (int) vno) + continue; + + close(stab); + return(KSUCCESS); + } + + /* Can't find the requested service */ + close(stab); + return(KFAILURE); +} diff --git a/crypto/kerberosIV/lib/krb/realm_parse.c b/crypto/kerberosIV/lib/krb/realm_parse.c new file mode 100644 index 0000000..2ce852a --- /dev/null +++ b/crypto/kerberosIV/lib/krb/realm_parse.c @@ -0,0 +1,88 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: realm_parse.c,v 1.10 1997/06/01 03:14:50 assar Exp $"); + +static int +realm_parse(char *realm, int length, const char *file) +{ + FILE *F; + char tr[128]; + char *p; + + if ((F = fopen(file,"r")) == NULL) + return -1; + + while(fgets(tr, sizeof(tr), F)){ + char *unused = NULL; + p = strtok_r(tr, " \t\n\r", &unused); + if(p && strcasecmp(p, realm) == 0){ + fclose(F); + strncpy(realm, p, length); + return 0; + } + } + fclose(F); + return -1; +} + +static const char *const files[] = KRB_CNF_FILES; + +int +krb_realm_parse(char *realm, int length) +{ + int i; + + const char *dir = getenv("KRBCONFDIR"); + + /* First try user specified file */ + if (dir != 0) { + char fname[MaxPathLen]; + + if(k_concat(fname, sizeof(fname), dir, "/krb.conf", NULL) == 0) + if (realm_parse(realm, length, fname) == 0) + return 0; + } + + for (i = 0; files[i] != NULL; i++) + if (realm_parse(realm, length, files[i]) == 0) + return 0; + return -1; +} diff --git a/crypto/kerberosIV/lib/krb/recvauth.c b/crypto/kerberosIV/lib/krb/recvauth.c new file mode 100644 index 0000000..6c96897 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/recvauth.c @@ -0,0 +1,190 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + + */ + +#include "krb_locl.h" + +RCSID("$Id: recvauth.c,v 1.17 1997/03/23 03:53:16 joda Exp $"); + +/* + * krb_recvauth() reads (and optionally responds to) a message sent + * using krb_sendauth(). The "options" argument is a bit-field of + * selected options (see "sendauth.c" for options description). + * The only option relevant to krb_recvauth() is KOPT_DO_MUTUAL + * (mutual authentication requested). The "fd" argument supplies + * a file descriptor to read from (and write to, if mutual authenti- + * cation is requested). + * + * Part of the received message will be a Kerberos ticket sent by the + * client; this is read into the "ticket" argument. The "service" and + * "instance" arguments supply the server's Kerberos name. If the + * "instance" argument is the string "*", it is treated as a wild card + * and filled in during the krb_rd_req() call (see read_service_key()). + * + * The "faddr" and "laddr" give the sending (client) and receiving + * (local server) network addresses. ("laddr" may be left NULL unless + * mutual authentication is requested, in which case it must be set.) + * + * The authentication information extracted from the message is returned + * in "kdata". The "filename" argument indicates the file where the + * server's key can be found. (It is passed on to krb_rd_req().) If + * left null, the default "/etc/srvtab" will be used. + * + * If mutual authentication is requested, the session key schedule must + * be computed in order to reply; this schedule is returned in the + * "schedule" argument. A string containing the application version + * number from the received message is returned in "version", which + * should be large enough to hold a KRB_SENDAUTH_VLEN-character string. + * + * See krb_sendauth() for the format of the received client message. + * + * krb_recvauth() first reads the protocol version string from the + * given file descriptor. If it doesn't match the current protocol + * version (KRB_SENDAUTH_VERS), the old-style format is assumed. In + * that case, the string of characters up to the first space is read + * and interpreted as the ticket length, then the ticket is read. + * + * If the first string did match KRB_SENDAUTH_VERS, krb_recvauth() + * next reads the application protocol version string. Then the + * ticket length and ticket itself are read. + * + * The ticket is decrypted and checked by the call to krb_rd_req(). + * If no mutual authentication is required, the result of the + * krb_rd_req() call is retured by this routine. If mutual authenti- + * cation is required, a message in the following format is returned + * on "fd": + * + * Size Variable Field + * ---- -------- ----- + * + * 4 bytes tkt_len length of ticket or -1 + * if error occurred + * + * priv_len tmp_buf "private" message created + * by krb_mk_priv() which + * contains the incremented + * checksum sent by the client + * encrypted in the session + * key. (This field is not + * present in case of error.) + * + * If all goes well, KSUCCESS is returned; otherwise KFAILURE or some + * other error code is returned. + */ + +static int +send_error_reply(int fd) +{ + unsigned char tmp[4] = { 255, 255, 255, 255 }; + if(krb_net_write(fd, tmp, sizeof(tmp)) != sizeof(tmp)) + return -1; + return 0; +} + +int +krb_recvauth(int32_t options, /* bit-pattern of options */ + int fd, /* file descr. to read from */ + KTEXT ticket, /* storage for client's ticket */ + char *service, /* service expected */ + char *instance, /* inst expected (may be filled in) */ + struct sockaddr_in *faddr, /* address of foreign host on fd */ + struct sockaddr_in *laddr, /* local address */ + AUTH_DAT *kdata, /* kerberos data (returned) */ + char *filename, /* name of file with service keys */ + struct des_ks_struct *schedule, /* key schedule (return) */ + char *version) /* version string (filled in) */ +{ + int cc; + char krb_vers[KRB_SENDAUTH_VLEN + 1]; /* + 1 for the null terminator */ + int rem; + int32_t priv_len; + u_char tmp_buf[MAX_KTXT_LEN+max(KRB_SENDAUTH_VLEN+1,21)]; + + /* read the protocol version number */ + if (krb_net_read(fd, krb_vers, KRB_SENDAUTH_VLEN) != KRB_SENDAUTH_VLEN) + return(errno); + krb_vers[KRB_SENDAUTH_VLEN] = '\0'; + + /* read the application version string */ + if (krb_net_read(fd, version, KRB_SENDAUTH_VLEN) != KRB_SENDAUTH_VLEN) + return(errno); + version[KRB_SENDAUTH_VLEN] = '\0'; + + /* get the length of the ticket */ + { + char tmp[4]; + if (krb_net_read(fd, tmp, 4) != 4) + return -1; + krb_get_int(tmp, &ticket->length, 4, 0); + } + + /* sanity check */ + if (ticket->length <= 0 || ticket->length > MAX_KTXT_LEN) { + if (options & KOPT_DO_MUTUAL) { + if(send_error_reply(fd)) + return -1; + return KFAILURE; + } else + return KFAILURE; /* XXX there may still be junk on the fd? */ + } + + /* read the ticket */ + if (krb_net_read(fd, ticket->dat, ticket->length) != ticket->length) + return -1; + /* + * now have the ticket. decrypt it to get the authenticated + * data. + */ + rem = krb_rd_req(ticket, service, instance, faddr->sin_addr.s_addr, + kdata, filename); + + /* if we are doing mutual auth, compose a response */ + if (options & KOPT_DO_MUTUAL) { + if (rem != KSUCCESS){ + /* the krb_rd_req failed */ + if(send_error_reply(fd)) + return -1; + return rem; + } + + /* add one to the (formerly) sealed checksum, and re-seal it + for return to the client */ + { + unsigned char cs[4]; + krb_put_int(kdata->checksum + 1, cs, 4); +#ifndef NOENCRYPTION + des_key_sched(&kdata->session,schedule); +#endif + priv_len = krb_mk_priv(cs, + tmp_buf+4, + 4, + schedule, + &kdata->session, + laddr, + faddr); + } + /* mk_priv will never fail */ + priv_len += krb_put_int(priv_len, tmp_buf, 4); + + if((cc = krb_net_write(fd, tmp_buf, priv_len)) != priv_len) + return -1; + } + return rem; +} diff --git a/crypto/kerberosIV/lib/krb/resolve.c b/crypto/kerberosIV/lib/krb/resolve.c new file mode 100644 index 0000000..7777c0e --- /dev/null +++ b/crypto/kerberosIV/lib/krb/resolve.c @@ -0,0 +1,288 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" +#include "resolve.h" + +RCSID("$Id: resolve.c,v 1.11 1997/06/01 04:19:20 assar Exp $"); + +#if defined(HAVE_RES_SEARCH) && defined(HAVE_DN_EXPAND) + +#define DECL(X) {#X, T_##X} + +static struct stot{ + char *name; + int type; +}stot[] = { + DECL(A), + DECL(NS), + DECL(CNAME), + DECL(PTR), + DECL(MX), + DECL(TXT), + DECL(AFSDB), + DECL(SRV), + {NULL, 0} +}; + +static int +string_to_type(const char *name) +{ + struct stot *p = stot; + for(p = stot; p->name; p++) + if(strcasecmp(name, p->name) == 0) + return p->type; + return -1; +} + +#if 0 +static char * +type_to_string(int type) +{ + struct stot *p = stot; + for(p = stot; p->name; p++) + if(type == p->type) + return p->name; + return NULL; +} +#endif + +void +dns_free_data(struct dns_reply *r) +{ + struct resource_record *rr; + if(r->q.domain) + free(r->q.domain); + for(rr = r->head; rr;){ + struct resource_record *tmp = rr; + if(rr->domain) + free(rr->domain); + if(rr->u.data) + free(rr->u.data); + rr = rr->next; + free(tmp); + } + free (r); +} + +static struct dns_reply* +parse_reply(unsigned char *data, int len) +{ + unsigned char *p; + char host[128]; + int status; + + struct dns_reply *r; + struct resource_record **rr; + + r = (struct dns_reply*)malloc(sizeof(struct dns_reply)); + memset(r, 0, sizeof(struct dns_reply)); + + p = data; + memcpy(&r->h, p, sizeof(HEADER)); + p += sizeof(HEADER); + status = dn_expand(data, data + len, p, host, sizeof(host)); + if(status < 0){ + dns_free_data(r); + return NULL; + } + r->q.domain = strdup(host); + p += status; + r->q.type = (p[0] << 8 | p[1]); + p += 2; + r->q.class = (p[0] << 8 | p[1]); + p += 2; + rr = &r->head; + while(p < data + len){ + int type, class, ttl, size; + status = dn_expand(data, data + len, p, host, sizeof(host)); + if(status < 0){ + dns_free_data(r); + return NULL; + } + p += status; + type = (p[0] << 8) | p[1]; + p += 2; + class = (p[0] << 8) | p[1]; + p += 2; + ttl = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]; + p += 4; + size = (p[0] << 8) | p[1]; + p += 2; + *rr = (struct resource_record*)calloc(1, + sizeof(struct resource_record)); + (*rr)->domain = strdup(host); + (*rr)->type = type; + (*rr)->class = class; + (*rr)->ttl = ttl; + (*rr)->size = size; + switch(type){ + case T_NS: + case T_CNAME: + case T_PTR: + status = dn_expand(data, data + len, p, host, sizeof(host)); + if(status < 0){ + dns_free_data(r); + return NULL; + } + (*rr)->u.txt = strdup(host); + break; + case T_MX: + case T_AFSDB:{ + status = dn_expand(data, data + len, p + 2, host, sizeof(host)); + if(status < 0){ + dns_free_data(r); + return NULL; + } + (*rr)->u.mx = (struct mx_record*)malloc(sizeof(struct mx_record) + + strlen(host)); + (*rr)->u.mx->preference = (p[0] << 8) | p[1]; + strcpy((*rr)->u.mx->domain, host); + break; + } + case T_SRV:{ + status = dn_expand(data, data + len, p + 6, host, sizeof(host)); + if(status < 0){ + dns_free_data(r); + return NULL; + } + (*rr)->u.srv = + (struct srv_record*)malloc(sizeof(struct srv_record) + + strlen(host)); + (*rr)->u.srv->priority = (p[0] << 8) | p[1]; + (*rr)->u.srv->weight = (p[2] << 8) | p[3]; + (*rr)->u.srv->port = (p[4] << 8) | p[5]; + strcpy((*rr)->u.srv->target, host); + break; + } + case T_TXT:{ + (*rr)->u.txt = (char*)malloc(size + 1); + strncpy((*rr)->u.txt, (char*)p + 1, *p); + (*rr)->u.txt[*p] = 0; + break; + } + + default: + (*rr)->u.data = (unsigned char*)malloc(size); + memcpy((*rr)->u.data, p, size); + } + p += size; + rr = &(*rr)->next; + } + *rr = NULL; + return r; +} + + + +struct dns_reply * +dns_lookup(const char *domain, const char *type_name) +{ + unsigned char reply[1024]; + int len; + int type; + struct dns_reply *r = NULL; + + type = string_to_type(type_name); + len = res_search(domain, C_IN, type, reply, sizeof(reply)); + if(len >= 0) + r = parse_reply(reply, len); + return r; +} + +#else /* defined(HAVE_RES_SEARCH) && defined(HAVE_DN_EXPAND) */ + +struct dns_reply * +dns_lookup(const char *domain, const char *type_name) +{ + return NULL; +} + +void +dns_free_data(struct dns_reply *r) +{ +} + +#endif + +#ifdef TEST + +int +main(int argc, char **argv) +{ + struct dns_reply *r; + struct resource_record *rr; + r = dns_lookup(argv[1], argv[2]); + if(r == NULL){ + printf("No reply.\n"); + return 1; + } + for(rr = r->head; rr;rr=rr->next){ + printf("%s %s %d ", rr->domain, type_to_string(rr->type), rr->ttl); + switch(rr->type){ + case T_NS: + printf("%s\n", (char*)rr->data); + break; + case T_A: + printf("%d.%d.%d.%d\n", + ((unsigned char*)rr->data)[0], + ((unsigned char*)rr->data)[1], + ((unsigned char*)rr->data)[2], + ((unsigned char*)rr->data)[3]); + break; + case T_MX: + case T_AFSDB:{ + struct mx_record *mx = (struct mx_record*)rr->data; + printf("%d %s\n", mx->preference, mx->domain); + break; + } + case T_SRV:{ + struct srv_record *srv = (struct srv_record*)rr->data; + printf("%d %d %d %s\n", srv->priority, srv->weight, + srv->port, srv->target); + break; + } + default: + printf("\n"); + break; + } + } + + return 0; +} +#endif diff --git a/crypto/kerberosIV/lib/krb/resolve.h b/crypto/kerberosIV/lib/krb/resolve.h new file mode 100644 index 0000000..dac9993 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/resolve.h @@ -0,0 +1,110 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: resolve.h,v 1.5 1997/05/14 17:41:25 joda Exp $ */ + +/* THIS IS NOT (yet) A PUBLIC INTERFACE */ + + +#ifndef __RESOLVE_H__ +#define __RESOLVE_H__ + +/* We use these, but they are not always present in <arpa/nameser.h> */ + +#ifndef T_TXT +#define T_TXT 16 +#endif +#ifndef T_AFSDB +#define T_AFSDB 18 +#endif +#ifndef T_SRV +#define T_SRV 33 +#endif + +struct dns_query{ + char *domain; + unsigned type; + unsigned class; +}; + +struct mx_record{ + unsigned preference; + char domain[1]; +}; + +struct srv_record{ + unsigned priority; + unsigned weight; + unsigned port; + char target[1]; +}; + +struct resource_record{ + char *domain; + unsigned type; + unsigned class; + unsigned ttl; + unsigned size; + union { + void *data; + struct mx_record *mx; + struct mx_record *afsdb; /* mx and afsdb are identical */ + struct srv_record *srv; + struct in_addr *a; + char *txt; + }u; + struct resource_record *next; +}; + + +#ifndef HAVE_ARPA_NAMESER_H /* XXX */ +typedef int HEADER; /* will never be used */ +#endif + +struct dns_reply{ + HEADER h; + struct dns_query q; + struct resource_record *head; +}; + + +struct dns_reply* dns_lookup(const char *, const char *); + +void dns_free_data(struct dns_reply *r); + +#endif /* __RESOLVE_H__ */ diff --git a/crypto/kerberosIV/lib/krb/rw.c b/crypto/kerberosIV/lib/krb/rw.c new file mode 100644 index 0000000..4b136aa --- /dev/null +++ b/crypto/kerberosIV/lib/krb/rw.c @@ -0,0 +1,128 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* Almost all programs use these routines (implicitly) so it's a good + * place to put the version string. */ + +#include "version.h" + +#include "krb_locl.h" + +RCSID("$Id: rw.c,v 1.8 1997/04/01 08:18:44 joda Exp $"); + +int +krb_get_int(void *f, u_int32_t *to, int size, int lsb) +{ + int i; + unsigned char *from = (unsigned char *)f; + + *to = 0; + if(lsb){ + for(i = size-1; i >= 0; i--) + *to = (*to << 8) | from[i]; + }else{ + for(i = 0; i < size; i++) + *to = (*to << 8) | from[i]; + } + return size; +} + +int +krb_put_int(u_int32_t from, void *to, int size) +{ + int i; + unsigned char *p = (unsigned char *)to; + for(i = size - 1; i >= 0; i--){ + p[i] = from & 0xff; + from >>= 8; + } + return size; +} + + +/* addresses are always sent in network byte order */ + +int +krb_get_address(void *from, u_int32_t *to) +{ + unsigned char *p = (unsigned char*)from; + *to = htonl((p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]); + return 4; +} + +int +krb_put_address(u_int32_t addr, void *to) +{ + return krb_put_int(ntohl(addr), to, 4); +} + +int +krb_put_string(char *from, void *to) +{ + strcpy((char *)to, from); + return strlen(from) + 1; +} + +int +krb_get_string(void *from, char *to) +{ + return krb_put_string(from, to); +} + +int +krb_get_nir(void *from, char *name, char *instance, char *realm) +{ + char *p = (char *)from; + + p += krb_get_string(p, name); + p += krb_get_string(p, instance); + if(realm) + p += krb_get_string(p, realm); + return p - (char *)from; +} + +int +krb_put_nir(char *name, char *instance, char *realm, void *to) +{ + char *p = (char *)to; + p += krb_put_string(name, p); + p += krb_put_string(instance, p); + if(realm) + p += krb_put_string(realm, p); + return p - (char *)to; +} diff --git a/crypto/kerberosIV/lib/krb/save_credentials.c b/crypto/kerberosIV/lib/krb/save_credentials.c new file mode 100644 index 0000000..cfd6c07 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/save_credentials.c @@ -0,0 +1,59 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + + */ + +#include "krb_locl.h" + +RCSID("$Id: save_credentials.c,v 1.5 1997/03/23 03:53:17 joda Exp $"); + +/* + * This routine takes a ticket and associated info and calls + * tf_save_cred() to store them in the ticket cache. The peer + * routine for extracting a ticket and associated info from the + * ticket cache is krb_get_cred(). When changes are made to + * this routine, the corresponding changes should be made + * in krb_get_cred() as well. + * + * Returns KSUCCESS if all goes well, otherwise an error returned + * by the tf_init() or tf_save_cred() routines. + */ + +int +save_credentials(char *service, /* Service name */ + char *instance, /* Instance */ + char *realm, /* Auth domain */ + unsigned char *session, /* Session key */ + int lifetime, /* Lifetime */ + int kvno, /* Key version number */ + KTEXT ticket, /* The ticket itself */ + int32_t issue_date) /* The issue time */ +{ + int tf_status; /* return values of the tf_util calls */ + + /* Open and lock the ticket file for writing */ + if ((tf_status = tf_init(TKT_FILE, W_TKT_FIL)) != KSUCCESS) + return(tf_status); + + /* Save credentials by appending to the ticket file */ + tf_status = tf_save_cred(service, instance, realm, session, + lifetime, kvno, ticket, issue_date); + tf_close(); + return (tf_status); +} diff --git a/crypto/kerberosIV/lib/krb/send_to_kdc.c b/crypto/kerberosIV/lib/krb/send_to_kdc.c new file mode 100644 index 0000000..828b34d --- /dev/null +++ b/crypto/kerberosIV/lib/krb/send_to_kdc.c @@ -0,0 +1,251 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + + */ + +#include "krb_locl.h" + +RCSID("$Id: send_to_kdc.c,v 1.39 1997/05/15 21:02:31 joda Exp $"); + +struct host { + struct sockaddr_in addr; + int proto; +}; + +static const char *prog = "send_to_kdc"; +static send_recv(KTEXT pkt, KTEXT rpkt, int f, + struct sockaddr_in *_to, struct host *addrs, + int h_hosts); + +/* + * This file contains two routines, send_to_kdc() and send_recv(). + * send_recv() is a static routine used by send_to_kdc(). + */ + +/* + * send_to_kdc() sends a message to the Kerberos authentication + * server(s) in the given realm and returns the reply message. + * The "pkt" argument points to the message to be sent to Kerberos; + * the "rpkt" argument will be filled in with Kerberos' reply. + * The "realm" argument indicates the realm of the Kerberos server(s) + * to transact with. If the realm is null, the local realm is used. + * + * If more than one Kerberos server is known for a given realm, + * different servers will be queried until one of them replies. + * Several attempts (retries) are made for each server before + * giving up entirely. + * + * If an answer was received from a Kerberos host, KSUCCESS is + * returned. The following errors can be returned: + * + * SKDC_CANT - can't get local realm + * - can't find "kerberos" in /etc/services database + * - can't open socket + * - can't bind socket + * - all ports in use + * - couldn't find any Kerberos host + * + * SKDC_RETRY - couldn't get an answer from any Kerberos server, + * after several retries + */ + +int +send_to_kdc(KTEXT pkt, KTEXT rpkt, char *realm) +{ + int i; + int no_host; /* was a kerberos host found? */ + int retry; + int n_hosts; + int retval; + struct hostent *host; + char lrealm[REALM_SZ]; + struct krb_host *k_host; + struct host *hosts = malloc(sizeof(*hosts)); + + if (hosts == NULL) + return SKDC_CANT; + + /* + * If "realm" is non-null, use that, otherwise get the + * local realm. + */ + if (realm) + strcpy(lrealm, realm); + else + if (krb_get_lrealm(lrealm,1)) { + if (krb_debug) + krb_warning("%s: can't get local realm\n", prog); + return(SKDC_CANT); + } + if (krb_debug) + krb_warning("lrealm is %s\n", lrealm); + + no_host = 1; + /* get an initial allocation */ + n_hosts = 0; + for (i = 1; (k_host = krb_get_host(i, lrealm, 0)); ++i) { + char *p; + + if (krb_debug) + krb_warning("Getting host entry for %s...", k_host->host); + host = gethostbyname(k_host->host); + if (krb_debug) { + krb_warning("%s.\n", + host ? "Got it" : "Didn't get it"); + } + if (!host) + continue; + no_host = 0; /* found at least one */ + while ((p = *(host->h_addr_list)++)) { + hosts = realloc(hosts, sizeof(*hosts) * (n_hosts + 1)); + if (hosts == NULL) + return SKDC_CANT; + memset (&hosts[n_hosts].addr, 0, sizeof(hosts[n_hosts].addr)); + hosts[n_hosts].addr.sin_family = host->h_addrtype; + hosts[n_hosts].addr.sin_port = htons(k_host->port); + hosts[n_hosts].proto = k_host->proto; + memcpy(&hosts[n_hosts].addr.sin_addr, p, + sizeof(hosts[n_hosts].addr.sin_addr)); + ++n_hosts; + if (send_recv(pkt, rpkt, hosts[n_hosts-1].proto, + &hosts[n_hosts-1].addr, hosts, n_hosts)) { + retval = KSUCCESS; + goto rtn; + } + if (krb_debug) { + krb_warning("Timeout, error, or wrong descriptor\n"); + } + } + } + if (no_host) { + if (krb_debug) + krb_warning("%s: can't find any Kerberos host.\n", + prog); + retval = SKDC_CANT; + goto rtn; + } + /* retry each host in sequence */ + for (retry = 0; retry < CLIENT_KRB_RETRY; ++retry) { + for (i = 0; i < n_hosts; ++i) { + if (send_recv(pkt, rpkt, + hosts[i].proto, + &hosts[i].addr, + hosts, + n_hosts)) { + retval = KSUCCESS; + goto rtn; + } + } + } + retval = SKDC_RETRY; +rtn: + free(hosts); + return(retval); +} + +/* + * try to send out and receive message. + * return 1 on success, 0 on failure + */ + +static int +send_recv_it(KTEXT pkt, KTEXT rpkt, int stream, int f, + struct sockaddr_in *_to, struct host *addrs, int n_hosts) +{ + fd_set readfds; + int numsent; + + /* CLIENT_KRB_TIMEOUT indicates the time to wait before + * retrying a server. It's defined in "krb.h". + */ + struct timeval timeout; + timeout.tv_sec = CLIENT_KRB_TIMEOUT; + timeout.tv_usec = 0; + + if (krb_debug) { + if (_to->sin_family == AF_INET) + krb_warning("Sending message to %s...", + inet_ntoa(_to->sin_addr)); + else + krb_warning("Sending message..."); + } + if(stream){ + unsigned char tmp[4]; + krb_put_int(pkt->length, tmp, 4); + if((numsent = send(f, tmp, 4, 0)) != 4){ + if (krb_debug) + krb_warning("sent only %d/%d\n", numsent, 4); + return 0; + } + } + if ((numsent = send(f, pkt->dat, pkt->length, 0)) != pkt->length) { + if (krb_debug) + krb_warning("sent only %d/%d\n",numsent, pkt->length); + return 0; + } + if (krb_debug) + krb_warning("Sent\nWaiting for reply..."); + FD_ZERO(&readfds); + FD_SET(f, &readfds); + /* select - either recv is ready, or timeout */ + /* see if timeout or error or wrong descriptor */ + if (select(f + 1, &readfds, 0, 0, &timeout) < 1 + || !FD_ISSET(f, &readfds)) { + if (krb_debug) + krb_warning("select failed: errno = %d", errno); + return 0; + } + if(stream){ + if(krb_net_read(f, rpkt->dat, sizeof(rpkt->dat)) <= 0) + return 0; + }else{ + if (recv (f, rpkt->dat, sizeof(rpkt->dat), 0) < 0) { + if (krb_debug) + krb_warning("recvfrom: errno = %d\n", errno); + return 0; + } + } + return 1; +} + +static int +send_recv(KTEXT pkt, KTEXT rpkt, int proto, struct sockaddr_in *_to, + struct host *addrs, int n_hosts) +{ + int f; + int ret = 0; + if(proto == IPPROTO_UDP) + f = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP); + else if(proto == IPPROTO_TCP) + f = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); + else{ + krb_warning("Unknown protocol `%d'.\n", proto); + return 0; + } + + if(connect(f, (struct sockaddr*)_to, sizeof(*_to)) < 0) + krb_warning("Connecting socket: errno = %d\n", errno); + else + ret = send_recv_it(pkt, rpkt, proto == IPPROTO_TCP, f, + _to, addrs, n_hosts); + + close(f); + return ret; +} + diff --git a/crypto/kerberosIV/lib/krb/sendauth.c b/crypto/kerberosIV/lib/krb/sendauth.c new file mode 100644 index 0000000..4240bcf --- /dev/null +++ b/crypto/kerberosIV/lib/krb/sendauth.c @@ -0,0 +1,163 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + + */ + +#include "krb_locl.h" + +RCSID("$Id: sendauth.c,v 1.15 1997/04/18 14:11:36 joda Exp $"); + +/* + * krb_sendauth() transmits a ticket over a file descriptor for a + * desired service, instance, and realm, doing mutual authentication + * with the server if desired. + */ + +/* + * The first argument to krb_sendauth() contains a bitfield of + * options (the options are defined in "krb.h"): + * + * KOPT_DONT_CANON Don't canonicalize instance as a hostname. + * (If this option is not chosen, krb_get_phost() + * is called to canonicalize it.) + * + * KOPT_DONT_MK_REQ Don't request server ticket from Kerberos. + * A ticket must be supplied in the "ticket" + * argument. + * (If this option is not chosen, and there + * is no ticket for the given server in the + * ticket cache, one will be fetched using + * krb_mk_req() and returned in "ticket".) + * + * KOPT_DO_MUTUAL Do mutual authentication, requiring that the + * receiving server return the checksum+1 encrypted + * in the session key. The mutual authentication + * is done using krb_mk_priv() on the other side + * (see "recvauth.c") and krb_rd_priv() on this + * side. + * + * The "fd" argument is a file descriptor to write to the remote + * server on. The "ticket" argument is used to store the new ticket + * from the krb_mk_req() call. If the KOPT_DONT_MK_REQ options is + * chosen, the ticket must be supplied in the "ticket" argument. + * The "service", "inst", and "realm" arguments identify the ticket. + * If "realm" is null, the local realm is used. + * + * The following arguments are only needed if the KOPT_DO_MUTUAL option + * is chosen: + * + * The "checksum" argument is a number that the server will add 1 to + * to authenticate itself back to the client; the "msg_data" argument + * holds the returned mutual-authentication message from the server + * (i.e., the checksum+1); the "cred" structure is used to hold the + * session key of the server, extracted from the ticket file, for use + * in decrypting the mutual authentication message from the server; + * and "schedule" holds the key schedule for that decryption. The + * the local and server addresses are given in "laddr" and "faddr". + * + * The application protocol version number (of up to KRB_SENDAUTH_VLEN + * characters) is passed in "version". + * + * If all goes well, KSUCCESS is returned, otherwise some error code. + * + * The format of the message sent to the server is: + * + * Size Variable Field + * ---- -------- ----- + * + * KRB_SENDAUTH_VLEN KRB_SENDAUTH_VER sendauth protocol + * bytes version number + * + * KRB_SENDAUTH_VLEN version application protocol + * bytes version number + * + * 4 bytes ticket->length length of ticket + * + * ticket->length ticket->dat ticket itself + */ + +int +krb_sendauth(int32_t options, /* bit-pattern of options */ + int fd, /* file descriptor to write onto */ + KTEXT ticket, /* where to put ticket (return); or + * supplied in case of KOPT_DONT_MK_REQ */ + char *service, /* service name, instance, realm */ + char *instance, + char *realm, + u_int32_t checksum, /* checksum to include in request */ + MSG_DAT *msg_data, /* mutual auth MSG_DAT (return) */ + CREDENTIALS *cred, /* credentials (return) */ + struct des_ks_struct *schedule, /* key schedule (return) */ + struct sockaddr_in *laddr, /* local address */ + struct sockaddr_in *faddr, /* address of foreign host on fd */ + char *version) /* version string */ +{ + int ret; + KTEXT_ST buf; + char realrealm[REALM_SZ]; + + if (realm == NULL) { + ret = krb_get_lrealm (realrealm, 1); + if (ret != KSUCCESS) + return ret; + realm = realrealm; + } + ret = krb_mk_auth (options, ticket, service, instance, realm, checksum, + version, &buf); + if (ret != KSUCCESS) + return ret; + ret = krb_net_write(fd, buf.dat, buf.length); + if(ret < 0) + return -1; + + if (options & KOPT_DO_MUTUAL) { + char tmp[4]; + u_int32_t len; + char inst[INST_SZ]; + + ret = krb_net_read (fd, tmp, 4); + if (ret < 0) + return -1; + + krb_get_int (tmp, &len, 4, 0); + if (len == 0xFFFFFFFF || len > sizeof(buf.dat)) + return KFAILURE; + buf.length = len; + ret = krb_net_read (fd, buf.dat, len); + if (ret < 0) + return -1; + + if (options & KOPT_DONT_CANON) + strncpy (inst, instance, sizeof(inst)); + else + strncpy (inst, krb_get_phost(instance), sizeof(inst)); + + ret = krb_get_cred (service, inst, realm, cred); + if (ret != KSUCCESS) + return ret; + + des_key_sched(&cred->session, schedule); + + ret = krb_check_auth (&buf, checksum, msg_data, &cred->session, + schedule, laddr, faddr); + if (ret != KSUCCESS) + return ret; + } + return KSUCCESS; +} diff --git a/crypto/kerberosIV/lib/krb/sizetest.c b/crypto/kerberosIV/lib/krb/sizetest.c new file mode 100644 index 0000000..d64bbeb --- /dev/null +++ b/crypto/kerberosIV/lib/krb/sizetest.c @@ -0,0 +1,41 @@ +#include "krb_locl.h" + +RCSID("$Id: sizetest.c,v 1.5 1996/11/15 18:39:19 bg Exp $"); + +static +void +err(const char *msg) +{ + fputs(msg, stderr); + exit(1); +} + +int +main() +{ + if (sizeof(u_int8_t) < 1) + err("sizeof(u_int8_t) is smaller than 1 byte\n"); + if (sizeof(u_int16_t) < 2) + err("sizeof(u_int16_t) is smaller than 2 bytes\n"); + if (sizeof(u_int32_t) < 4) + err("sizeof(u_int32_t) is smaller than 4 bytes\n"); + + if (sizeof(u_int8_t) > 1) + fputs("warning: sizeof(u_int8_t) is larger than 1 byte, " + "some stuff may not work properly!\n", stderr); + + { + u_int8_t u = 1; + int i; + for (i = 0; u != 0 && i < 100; i++) + u <<= 1; + + if (i < 8) + err("u_int8_t is smaller than 8 bits\n"); + else if (i > 8) + fputs("warning: u_int8_t is larger than 8 bits, " + "some stuff may not work properly!\n", stderr); + } + + exit(0); +} diff --git a/crypto/kerberosIV/lib/krb/stime.c b/crypto/kerberosIV/lib/krb/stime.c new file mode 100644 index 0000000..ec57d8f --- /dev/null +++ b/crypto/kerberosIV/lib/krb/stime.c @@ -0,0 +1,35 @@ +/* + * $Id: stime.c,v 1.6 1997/05/02 14:29:20 assar Exp $ + * + * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute + * of Technology. + * + * For copying and distribution information, please see the file + * <mit-copyright.h>. + */ + +#include "krb_locl.h" + +RCSID("$Id: stime.c,v 1.6 1997/05/02 14:29:20 assar Exp $"); + +/* + * Given a pointer to a long containing the number of seconds + * since the beginning of time (midnight 1 Jan 1970 GMT), return + * a string containing the local time in the form: + * + * "25-Jan-1988 10:17:56" + */ + +const char * +krb_stime(time_t *t) +{ + static char st[40]; + struct tm *tm; + + tm = localtime(t); + snprintf(st, sizeof(st), + "%2d-%s-%04d %02d:%02d:%02d",tm->tm_mday, + month_sname(tm->tm_mon + 1),tm->tm_year + 1900, + tm->tm_hour, tm->tm_min, tm->tm_sec); + return st; +} diff --git a/crypto/kerberosIV/lib/krb/str2key.c b/crypto/kerberosIV/lib/krb/str2key.c new file mode 100644 index 0000000..2b00fc1 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/str2key.c @@ -0,0 +1,103 @@ +/* This defines the Andrew string_to_key function. It accepts a password + * string as input and converts its via a one-way encryption algorithm to a DES + * encryption key. It is compatible with the original Andrew authentication + * service password database. + */ + +#include "krb_locl.h" + +RCSID("$Id: str2key.c,v 1.10 1997/03/23 03:53:19 joda Exp $"); + +static void +mklower(char *s) +{ + for (; *s; s++) + if ('A' <= *s && *s <= 'Z') + *s = *s - 'A' + 'a'; +} + +/* + * Short passwords, i.e 8 characters or less. + */ +static void +afs_cmu_StringToKey (char *str, char *cell, des_cblock *key) +{ + char password[8+1]; /* crypt is limited to 8 chars anyway */ + int i; + int passlen; + + memset (key, 0, sizeof(key)); + memset(password, 0, sizeof(password)); + + strncpy (password, cell, 8); + passlen = strlen (str); + if (passlen > 8) passlen = 8; + + for (i=0; i<passlen; i++) + password[i] = str[i] ^ cell[i]; /* make sure cell is zero padded */ + + for (i=0; i<8; i++) + if (password[i] == '\0') password[i] = 'X'; + + /* crypt only considers the first 8 characters of password but for some + reason returns eleven characters of result (plus the two salt chars). */ + strncpy((char *)key, (char *)crypt(password, "#~") + 2, sizeof(des_cblock)); + + /* parity is inserted into the LSB so leftshift each byte up one bit. This + allows ascii characters with a zero MSB to retain as much significance + as possible. */ + { char *keybytes = (char *)key; + unsigned int temp; + + for (i = 0; i < 8; i++) { + temp = (unsigned int) keybytes[i]; + keybytes[i] = (unsigned char) (temp << 1); + } + } + des_fixup_key_parity (key); +} + +/* + * Long passwords, i.e 9 characters or more. + */ +static void +afs_transarc_StringToKey (char *str, char *cell, des_cblock *key) +{ + des_key_schedule schedule; + des_cblock temp_key; + des_cblock ivec; + char password[512]; + int passlen; + + strncpy (password, str, sizeof(password)); + if ((passlen = strlen (password)) < sizeof(password)-1) + strncat (password, cell, sizeof(password)-passlen); + if ((passlen = strlen(password)) > sizeof(password)) passlen = sizeof(password); + + memcpy(&ivec, "kerberos", 8); + memcpy(&temp_key, "kerberos", 8); + des_fixup_key_parity (&temp_key); + des_key_sched (&temp_key, schedule); + des_cbc_cksum ((des_cblock *)password, &ivec, passlen, schedule, &ivec); + + memcpy(&temp_key, &ivec, 8); + des_fixup_key_parity (&temp_key); + des_key_sched (&temp_key, schedule); + des_cbc_cksum ((des_cblock *)password, key, passlen, schedule, &ivec); + + des_fixup_key_parity (key); +} + +void +afs_string_to_key(char *str, char *cell, des_cblock *key) +{ + char realm[REALM_SZ+1]; + strncpy(realm, cell, REALM_SZ); + realm[REALM_SZ] = 0; + mklower(realm); + + if (strlen(str) > 8) + afs_transarc_StringToKey (str, realm, key); + else + afs_cmu_StringToKey (str, realm, key); +} diff --git a/crypto/kerberosIV/lib/krb/swab.c b/crypto/kerberosIV/lib/krb/swab.c new file mode 100644 index 0000000..d68ce3d --- /dev/null +++ b/crypto/kerberosIV/lib/krb/swab.c @@ -0,0 +1,56 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: swab.c,v 1.4 1997/04/01 08:18:45 joda Exp $"); +#endif + +#ifndef HAVE_SWAB +void +swab (char *from, char *to, int nbytes) +{ + while(nbytes >= 2) { + *(to + 1) = *from; + *to = *(from + 1); + to += 2; + from += 2; + nbytes -= 2; + } +} +#endif diff --git a/crypto/kerberosIV/lib/krb/tf_util.c b/crypto/kerberosIV/lib/krb/tf_util.c new file mode 100644 index 0000000..a196448 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/tf_util.c @@ -0,0 +1,645 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + + */ + +#include "krb_locl.h" + +RCSID("$Id: tf_util.c,v 1.24 1997/04/20 06:24:32 assar Exp $"); + + +#define TOO_BIG -1 +#define TF_LCK_RETRY ((unsigned)2) /* seconds to sleep before + * retry if ticket file is + * locked */ +#define TF_LCK_RETRY_COUNT (50) /* number of retries */ + +#ifndef O_BINARY +#define O_BINARY 0 +#endif + +/* + * fd must be initialized to something that won't ever occur as a real + * file descriptor. Since open(2) returns only non-negative numbers as + * valid file descriptors, and tf_init always stuffs the return value + * from open in here even if it is an error flag, we must + * a. Initialize fd to a negative number, to indicate that it is + * not initially valid. + * b. When checking for a valid fd, assume that negative values + * are invalid (ie. when deciding whether tf_init has been + * called.) + * c. In tf_close, be sure it gets reinitialized to a negative + * number. + */ +static int fd = -1; +static int curpos; /* Position in tfbfr */ +static int lastpos; /* End of tfbfr */ +static char tfbfr[BUFSIZ]; /* Buffer for ticket data */ + +static int tf_gets(char *s, int n); +static int tf_read(void *s, int n); + +/* + * This file contains routines for manipulating the ticket cache file. + * + * The ticket file is in the following format: + * + * principal's name (null-terminated string) + * principal's instance (null-terminated string) + * CREDENTIAL_1 + * CREDENTIAL_2 + * ... + * CREDENTIAL_n + * EOF + * + * Where "CREDENTIAL_x" consists of the following fixed-length + * fields from the CREDENTIALS structure (see "krb.h"): + * + * char service[ANAME_SZ] + * char instance[INST_SZ] + * char realm[REALM_SZ] + * C_Block session + * int lifetime + * int kvno + * KTEXT_ST ticket_st + * u_int32_t issue_date + * + * Short description of routines: + * + * tf_init() opens the ticket file and locks it. + * + * tf_get_pname() returns the principal's name. + * + * tf_put_pname() writes the principal's name to the ticket file. + * + * tf_get_pinst() returns the principal's instance (may be null). + * + * tf_put_pinst() writes the instance. + * + * tf_get_cred() returns the next CREDENTIALS record. + * + * tf_save_cred() appends a new CREDENTIAL record to the ticket file. + * + * tf_close() closes the ticket file and releases the lock. + * + * tf_gets() returns the next null-terminated string. It's an internal + * routine used by tf_get_pname(), tf_get_pinst(), and tf_get_cred(). + * + * tf_read() reads a given number of bytes. It's an internal routine + * used by tf_get_cred(). + */ + +/* + * tf_init() should be called before the other ticket file routines. + * It takes the name of the ticket file to use, "tf_name", and a + * read/write flag "rw" as arguments. + * + * It tries to open the ticket file, checks the mode, and if everything + * is okay, locks the file. If it's opened for reading, the lock is + * shared. If it's opened for writing, the lock is exclusive. + * + * Returns KSUCCESS if all went well, otherwise one of the following: + * + * NO_TKT_FIL - file wasn't there + * TKT_FIL_ACC - file was in wrong mode, etc. + * TKT_FIL_LCK - couldn't lock the file, even after a retry + */ + +int +tf_init(char *tf_name, int rw) +{ + /* Unix implementation */ + int wflag; + struct stat stat_buf; + int i_retry; + + switch (rw) { + case R_TKT_FIL: + wflag = 0; + break; + case W_TKT_FIL: + wflag = 1; + break; + default: + if (krb_debug) + krb_warning("tf_init: illegal parameter\n"); + return TKT_FIL_ACC; + } + if (lstat(tf_name, &stat_buf) < 0) + switch (errno) { + case ENOENT: + return NO_TKT_FIL; + default: + return TKT_FIL_ACC; + } + /* The old code tried to guess when the calling program was + * running set-uid, this is now removed - the kerberos library + * does not (or shouldn't) know anything about user-ids. + + * All library functions now assume that the right userids are set + * upon entry, therefore there is no need to test permissions like + * before. If the file is openable, just open it. + */ + + if(!S_ISREG(stat_buf.st_mode)) + return TKT_FIL_ACC; + + + /* + * If "wflag" is set, open the ticket file in append-writeonly mode + * and lock the ticket file in exclusive mode. If unable to lock + * the file, sleep and try again. If we fail again, return with the + * proper error message. + */ + + curpos = sizeof(tfbfr); + + + if (wflag) { + fd = open(tf_name, O_RDWR | O_BINARY, 0600); + if (fd < 0) { + return TKT_FIL_ACC; + } + for (i_retry = 0; i_retry < TF_LCK_RETRY_COUNT; i_retry++) { + if (k_flock(fd, K_LOCK_EX | K_LOCK_NB) < 0) { + if (krb_debug) + krb_warning("tf_init: retry %d of write lock of `%s'.\n", + i_retry, tf_name); + sleep (TF_LCK_RETRY); + } else { + return KSUCCESS; /* all done */ + } + } + close (fd); + fd = -1; + return TKT_FIL_LCK; + } + /* + * Otherwise "wflag" is not set and the ticket file should be opened + * for read-only operations and locked for shared access. + */ + + fd = open(tf_name, O_RDONLY | O_BINARY, 0600); + if (fd < 0) { + return TKT_FIL_ACC; + } + + for (i_retry = 0; i_retry < TF_LCK_RETRY_COUNT; i_retry++) { + if (k_flock(fd, K_LOCK_SH | K_LOCK_NB) < 0) { + if (krb_debug) + krb_warning("tf_init: retry %d of read lock of `%s'.\n", + i_retry, tf_name); + sleep (TF_LCK_RETRY); + } else { + return KSUCCESS; /* all done */ + } + } + /* failure */ + close(fd); + fd = -1; + return TKT_FIL_LCK; +} + +/* + * tf_create() should be called when creating a new ticket file. + * The only argument is the name of the ticket file. + * After calling this, it should be possible to use other tf_* functions. + * + * New algoritm for creating ticket file: + * 1. try to erase contents of existing file. + * 2. try to remove old file. + * 3. try to open with O_CREAT and O_EXCL + * 4. if this fails, someone has created a file in between 1 and 2 and + * we should fail. Otherwise, all is wonderful. + */ + +int +tf_create(char *tf_name) +{ + struct stat statbuf; + char garbage[BUFSIZ]; + + fd = open(tf_name, O_RDWR | O_BINARY, 0); + if (fd >= 0) { + if (fstat (fd, &statbuf) == 0) { + int i; + + for (i = 0; i < statbuf.st_size; i += sizeof(garbage)) + write (fd, garbage, sizeof(garbage)); + } + close (fd); + } + + if (unlink (tf_name) && errno != ENOENT) + return TKT_FIL_ACC; + + fd = open(tf_name, O_RDWR | O_CREAT | O_EXCL | O_BINARY, 0600); + if (fd < 0) + return TKT_FIL_ACC; + if (k_flock(fd, K_LOCK_EX | K_LOCK_NB) < 0) { + sleep(TF_LCK_RETRY); + if (k_flock(fd, K_LOCK_EX | K_LOCK_NB) < 0) { + close(fd); + fd = -1; + return TKT_FIL_LCK; + } + } + return KSUCCESS; +} + +/* + * tf_get_pname() reads the principal's name from the ticket file. It + * should only be called after tf_init() has been called. The + * principal's name is filled into the "p" parameter. If all goes well, + * KSUCCESS is returned. If tf_init() wasn't called, TKT_FIL_INI is + * returned. If the name was null, or EOF was encountered, or the name + * was longer than ANAME_SZ, TKT_FIL_FMT is returned. + */ + +int +tf_get_pname(char *p) +{ + if (fd < 0) { + if (krb_debug) + krb_warning("tf_get_pname called before tf_init.\n"); + return TKT_FIL_INI; + } + if (tf_gets(p, ANAME_SZ) < 2) /* can't be just a null */ + { + if (krb_debug) + krb_warning ("tf_get_pname: pname < 2.\n"); + return TKT_FIL_FMT; + } + return KSUCCESS; +} + +/* + * tf_put_pname() sets the principal's name in the ticket file. Call + * after tf_create(). + */ + +int +tf_put_pname(char *p) +{ + unsigned count; + + if (fd < 0) { + if (krb_debug) + krb_warning("tf_put_pname called before tf_create.\n"); + return TKT_FIL_INI; + } + count = strlen(p)+1; + if (write(fd,p,count) != count) + return(KFAILURE); + return KSUCCESS; +} + +/* + * tf_get_pinst() reads the principal's instance from a ticket file. + * It should only be called after tf_init() and tf_get_pname() have been + * called. The instance is filled into the "inst" parameter. If all + * goes well, KSUCCESS is returned. If tf_init() wasn't called, + * TKT_FIL_INI is returned. If EOF was encountered, or the instance + * was longer than ANAME_SZ, TKT_FIL_FMT is returned. Note that the + * instance may be null. + */ + +int +tf_get_pinst(char *inst) +{ + if (fd < 0) { + if (krb_debug) + krb_warning("tf_get_pinst called before tf_init.\n"); + return TKT_FIL_INI; + } + if (tf_gets(inst, INST_SZ) < 1) + { + if (krb_debug) + krb_warning("tf_get_pinst: inst_sz < 1.\n"); + return TKT_FIL_FMT; + } + return KSUCCESS; +} + +/* + * tf_put_pinst writes the principal's instance to the ticket file. + * Call after tf_create. + */ + +int +tf_put_pinst(char *inst) +{ + unsigned count; + + if (fd < 0) { + if (krb_debug) + krb_warning("tf_put_pinst called before tf_create.\n"); + return TKT_FIL_INI; + } + count = strlen(inst)+1; + if (write(fd,inst,count) != count) + return(KFAILURE); + return KSUCCESS; +} + +/* + * tf_get_cred() reads a CREDENTIALS record from a ticket file and fills + * in the given structure "c". It should only be called after tf_init(), + * tf_get_pname(), and tf_get_pinst() have been called. If all goes well, + * KSUCCESS is returned. Possible error codes are: + * + * TKT_FIL_INI - tf_init wasn't called first + * TKT_FIL_FMT - bad format + * EOF - end of file encountered + */ + +int +tf_get_cred(CREDENTIALS *c) +{ + KTEXT ticket = &c->ticket_st; /* pointer to ticket */ + int k_errno; + + if (fd < 0) { + if (krb_debug) + krb_warning ("tf_get_cred called before tf_init.\n"); + return TKT_FIL_INI; + } + if ((k_errno = tf_gets(c->service, SNAME_SZ)) < 2) + switch (k_errno) { + case TOO_BIG: + if (krb_debug) + krb_warning("tf_get_cred: too big service cred.\n"); + case 1: /* can't be just a null */ + tf_close(); + if (krb_debug) + krb_warning("tf_get_cred: null service cred.\n"); + return TKT_FIL_FMT; + case 0: + return EOF; + } + if ((k_errno = tf_gets(c->instance, INST_SZ)) < 1) + switch (k_errno) { + case TOO_BIG: + if (krb_debug) + krb_warning ("tf_get_cred: too big instance cred.\n"); + return TKT_FIL_FMT; + case 0: + return EOF; + } + if ((k_errno = tf_gets(c->realm, REALM_SZ)) < 2) + switch (k_errno) { + case TOO_BIG: + if (krb_debug) + krb_warning ("tf_get_cred: too big realm cred.\n"); + case 1: /* can't be just a null */ + tf_close(); + if (krb_debug) + krb_warning ("tf_get_cred: null realm cred.\n"); + return TKT_FIL_FMT; + case 0: + return EOF; + } + if ( + tf_read((c->session), DES_KEY_SZ) < 1 || + tf_read(&(c->lifetime), sizeof(c->lifetime)) < 1 || + tf_read(&(c->kvno), sizeof(c->kvno)) < 1 || + tf_read(&(ticket->length), sizeof(ticket->length)) + < 1 || + /* don't try to read a silly amount into ticket->dat */ + ticket->length > MAX_KTXT_LEN || + tf_read((ticket->dat), ticket->length) < 1 || + tf_read(&(c->issue_date), sizeof(c->issue_date)) < 1 + ) { + tf_close(); + if (krb_debug) + krb_warning ("tf_get_cred: failed tf_read.\n"); + return TKT_FIL_FMT; + } + return KSUCCESS; +} + +/* + * tf_close() closes the ticket file and sets "fd" to -1. If "fd" is + * not a valid file descriptor, it just returns. It also clears the + * buffer used to read tickets. + * + * The return value is not defined. + */ + +void +tf_close(void) +{ + if (!(fd < 0)) { + k_flock(fd, K_LOCK_UN); + close(fd); + fd = -1; /* see declaration of fd above */ + } + memset(tfbfr, 0, sizeof(tfbfr)); +} + +/* + * tf_gets() is an internal routine. It takes a string "s" and a count + * "n", and reads from the file until either it has read "n" characters, + * or until it reads a null byte. When finished, what has been read exists + * in "s". If it encounters EOF or an error, it closes the ticket file. + * + * Possible return values are: + * + * n the number of bytes read (including null terminator) + * when all goes well + * + * 0 end of file or read error + * + * TOO_BIG if "count" characters are read and no null is + * encountered. This is an indication that the ticket + * file is seriously ill. + */ + +static int +tf_gets(char *s, int n) +{ + int count; + + if (fd < 0) { + if (krb_debug) + krb_warning ("tf_gets called before tf_init.\n"); + return TKT_FIL_INI; + } + for (count = n - 1; count > 0; --count) { + if (curpos >= sizeof(tfbfr)) { + lastpos = read(fd, tfbfr, sizeof(tfbfr)); + curpos = 0; + } + if (curpos == lastpos) { + tf_close(); + return 0; + } + *s = tfbfr[curpos++]; + if (*s++ == '\0') + return (n - count); + } + tf_close(); + return TOO_BIG; +} + +/* + * tf_read() is an internal routine. It takes a string "s" and a count + * "n", and reads from the file until "n" bytes have been read. When + * finished, what has been read exists in "s". If it encounters EOF or + * an error, it closes the ticket file. + * + * Possible return values are: + * + * n the number of bytes read when all goes well + * + * 0 on end of file or read error + */ + +static int +tf_read(void *v, int n) +{ + char *s = (char *)v; + int count; + + for (count = n; count > 0; --count) { + if (curpos >= sizeof(tfbfr)) { + lastpos = read(fd, tfbfr, sizeof(tfbfr)); + curpos = 0; + } + if (curpos == lastpos) { + tf_close(); + return 0; + } + *s++ = tfbfr[curpos++]; + } + return n; +} + +/* + * tf_save_cred() appends an incoming ticket to the end of the ticket + * file. You must call tf_init() before calling tf_save_cred(). + * + * The "service", "instance", and "realm" arguments specify the + * server's name; "session" contains the session key to be used with + * the ticket; "kvno" is the server key version number in which the + * ticket is encrypted, "ticket" contains the actual ticket, and + * "issue_date" is the time the ticket was requested (local host's time). + * + * Returns KSUCCESS if all goes well, TKT_FIL_INI if tf_init() wasn't + * called previously, and KFAILURE for anything else that went wrong. + */ + +int +tf_save_cred(char *service, /* Service name */ + char *instance, /* Instance */ + char *realm, /* Auth domain */ + unsigned char *session, /* Session key */ + int lifetime, /* Lifetime */ + int kvno, /* Key version number */ + KTEXT ticket, /* The ticket itself */ + u_int32_t issue_date) /* The issue time */ +{ + int count; /* count for write */ + + if (fd < 0) { /* fd is ticket file as set by tf_init */ + if (krb_debug) + krb_warning ("tf_save_cred called before tf_init.\n"); + return TKT_FIL_INI; + } + /* Find the end of the ticket file */ + lseek(fd, 0L, SEEK_END); + + /* Write the ticket and associated data */ + /* Service */ + count = strlen(service) + 1; + if (write(fd, service, count) != count) + goto bad; + /* Instance */ + count = strlen(instance) + 1; + if (write(fd, instance, count) != count) + goto bad; + /* Realm */ + count = strlen(realm) + 1; + if (write(fd, realm, count) != count) + goto bad; + /* Session key */ + if (write(fd, session, 8) != 8) + goto bad; + /* Lifetime */ + if (write(fd, &lifetime, sizeof(int)) != sizeof(int)) + goto bad; + /* Key vno */ + if (write(fd, &kvno, sizeof(int)) != sizeof(int)) + goto bad; + /* Tkt length */ + if (write(fd, &(ticket->length), sizeof(int)) != + sizeof(int)) + goto bad; + /* Ticket */ + count = ticket->length; + if (write(fd, ticket->dat, count) != count) + goto bad; + /* Issue date */ + if (write(fd, &issue_date, sizeof(issue_date)) != sizeof(issue_date)) + goto bad; + + return (KSUCCESS); +bad: + return (KFAILURE); +} + +int +tf_setup(CREDENTIALS *cred, char *pname, char *pinst) +{ + int ret; + ret = tf_create(tkt_string()); + if (ret != KSUCCESS) + return ret; + + if (tf_put_pname(pname) != KSUCCESS || + tf_put_pinst(pinst) != KSUCCESS) { + tf_close(); + return INTK_ERR; + } + + ret = tf_save_cred(cred->service, cred->instance, cred->realm, + cred->session, cred->lifetime, cred->kvno, + &cred->ticket_st, cred->issue_date); + tf_close(); + return ret; +} + +int +in_tkt(char *pname, char *pinst) +{ + int ret; + + ret = tf_create (tkt_string()); + if (ret != KSUCCESS) + return ret; + + if (tf_put_pname(pname) != KSUCCESS || + tf_put_pinst(pinst) != KSUCCESS) { + tf_close(); + return INTK_ERR; + } + + tf_close(); + return KSUCCESS; +} diff --git a/crypto/kerberosIV/lib/krb/ticket_memory.c b/crypto/kerberosIV/lib/krb/ticket_memory.c new file mode 100644 index 0000000..04e20b6 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/ticket_memory.c @@ -0,0 +1,438 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* ticket_memory.c - Storage for tickets in memory + * Author: d93-jka@nada.kth.se - June 1996 + */ + +#define WIN32_LEAN_AND_MEAN +#include <Windows.h> +#include "krb_locl.h" +#include "ticket_memory.h" + +RCSID("$Id: ticket_memory.c,v 1.9 1997/04/20 18:07:36 assar Exp $"); + +void msg(char *text, int error); + +/* Global variables for memory mapping. */ +HANDLE SharedMemoryHandle; +tktmem *SharedMemory; + +static int CredIndex = -1; + +int +newTktMem(const char *tf_name) +{ + if(!SharedMemory) + { + unsigned int MemorySize = sizeof(tktmem); + unsigned int MemorySizeHi = sizeof(tktmem)>>16; + unsigned int MemorySizeLo = MemorySize&0xFFFF; + SharedMemoryHandle = CreateFileMapping((HANDLE)(int)-1, 0, + PAGE_READWRITE, + MemorySizeHi, MemorySizeLo, + "krb_memory"); + + if(!SharedMemoryHandle) + { + msg("Could not create shared memory.", GetLastError()); + return KFAILURE; + } + + SharedMemory = MapViewOfFile(SharedMemoryHandle, + FILE_MAP_WRITE, 0, 0, 0); + if(!SharedMemory) + { + msg("Unable to alloc shared memory.", GetLastError()); + return KFAILURE; + } + if(GetLastError() != ERROR_ALREADY_EXISTS) + { + if(tf_name) + strcpy(SharedMemory->tmname, tf_name); + SharedMemory->last_cred_no = 0; + } + } + + CredIndex = 0; + return KSUCCESS; +} + +int +freeTktMem(const char *tf_name) +{ + if(SharedMemory) + { + UnmapViewOfFile(SharedMemory); + CloseHandle(SharedMemoryHandle); + } + return KSUCCESS; +} + + + +tktmem * +getTktMem(const char *tf_name) +{ + return SharedMemory; +} + +void +firstCred(void) +{ + if(getTktMem(0)->last_cred_no > 0) + CredIndex = 0; + else + CredIndex = -1; +} + +int +nextCredIndex(void) +{ + const tktmem *mem; + int last; + mem = getTktMem(0); + last = mem->last_cred_no; + if(CredIndex >= 0 && CredIndex < last ) + return CredIndex++; + else + return CredIndex = -1; +} + +int +currCredIndex(void) +{ + const tktmem *mem; + int last; + mem = getTktMem(0); + last = mem->last_cred_no; + if(CredIndex >= 0 && CredIndex < last) + return CredIndex; + else + return CredIndex = -1; +} + +int +nextFreeIndex(void) +{ + tktmem *mem = getTktMem(0); + if(mem->last_cred_no > CRED_VEC_SZ) + return -1; + else + return mem->last_cred_no++; +} + +/* + * in_tkt() is used to initialize the ticket store. It creates the + * file to contain the tickets and writes the given user's name "pname" + * and instance "pinst" in the file. in_tkt() returns KSUCCESS on + * success, or KFAILURE if something goes wrong. + */ + +int +in_tkt(char *pname, char *pinst) +{ + /* Here goes code to initialize shared memory, to store tickets in. */ + /* Implemented somewhere else. */ + return KFAILURE; +} + +/* + * dest_tkt() is used to destroy the ticket store upon logout. + * If the ticket file does not exist, dest_tkt() returns RET_TKFIL. + * Otherwise the function returns RET_OK on success, KFAILURE on + * failure. + * + * The ticket file (TKT_FILE) is defined in "krb.h". + */ + +int +dest_tkt(void) +{ + /* Here goes code to destroy tickets in shared memory. */ + /* Not implemented yet. */ + return KFAILURE; +} + +/* Short description of routines: + * + * tf_init() opens the ticket file and locks it. + * + * tf_get_pname() returns the principal's name. + * + * tf_put_pname() writes the principal's name to the ticket file. + * + * tf_get_pinst() returns the principal's instance (may be null). + * + * tf_put_pinst() writes the instance. + * + * tf_get_cred() returns the next CREDENTIALS record. + * + * tf_save_cred() appends a new CREDENTIAL record to the ticket file. + * + * tf_close() closes the ticket file and releases the lock. + * + * tf_gets() returns the next null-terminated string. It's an internal + * routine used by tf_get_pname(), tf_get_pinst(), and tf_get_cred(). + * + * tf_read() reads a given number of bytes. It's an internal routine + * used by tf_get_cred(). + */ + +/* + * tf_init() should be called before the other ticket file routines. + * It takes the name of the ticket file to use, "tf_name", and a + * read/write flag "rw" as arguments. + * + * Returns KSUCCESS if all went well, otherwise one of the following: + * + * NO_TKT_FIL - file wasn't there + * TKT_FIL_ACC - file was in wrong mode, etc. + * TKT_FIL_LCK - couldn't lock the file, even after a retry + */ + +int +tf_init(char *tf_name, int rw) +{ + if(!getTktMem(tf_name)) + return NO_TKT_FIL; + firstCred(); + return KSUCCESS; +} + +/* + * tf_create() should be called when creating a new ticket file. + * The only argument is the name of the ticket file. + * After calling this, it should be possible to use other tf_* functions. + */ + +int +tf_create(char *tf_name) +{ + if(newTktMem(tf_name) != KSUCCESS) + return NO_TKT_FIL; + return KSUCCESS; +} + +/* + * tf_get_pname() reads the principal's name from the ticket file. It + * should only be called after tf_init() has been called. The + * principal's name is filled into the "p" parameter. If all goes well, + * KSUCCESS is returned. If tf_init() wasn't called, TKT_FIL_INI is + * returned. If the name was null, or EOF was encountered, or the name + * was longer than ANAME_SZ, TKT_FIL_FMT is returned. + */ + +int +tf_get_pname(char *p) +{ + tktmem *TktStore; + + if(!(TktStore = getTktMem(0))) + return KFAILURE; + if(!TktStore->pname) + return KFAILURE; + strcpy(p, TktStore->pname); + return KSUCCESS; +} + +/* + * tf_put_pname() sets the principal's name in the ticket file. Call + * after tf_create(). + */ + +int +tf_put_pname(char *p) +{ + tktmem *TktStore; + + if(!(TktStore = getTktMem(0))) + return KFAILURE; + if(!TktStore->pname) + return KFAILURE; + strcpy(TktStore->pname, p); + return KSUCCESS; +} + +/* + * tf_get_pinst() reads the principal's instance from a ticket file. + * It should only be called after tf_init() and tf_get_pname() have been + * called. The instance is filled into the "inst" parameter. If all + * goes well, KSUCCESS is returned. If tf_init() wasn't called, + * TKT_FIL_INI is returned. If EOF was encountered, or the instance + * was longer than ANAME_SZ, TKT_FIL_FMT is returned. Note that the + * instance may be null. + */ + +int +tf_get_pinst(char *inst) +{ + tktmem *TktStore; + + if(!(TktStore = getTktMem(0))) + return KFAILURE; + if(!TktStore->pinst) + return KFAILURE; + strcpy(inst, TktStore->pinst); + return KSUCCESS; +} + +/* + * tf_put_pinst writes the principal's instance to the ticket file. + * Call after tf_create. + */ + +int +tf_put_pinst(char *inst) +{ + tktmem *TktStore; + + if(!(TktStore = getTktMem(0))) + return KFAILURE; + if(!TktStore->pinst) + return KFAILURE; + strcpy(TktStore->pinst, inst); + return KSUCCESS; +} + +/* + * tf_get_cred() reads a CREDENTIALS record from a ticket file and fills + * in the given structure "c". It should only be called after tf_init(), + * tf_get_pname(), and tf_get_pinst() have been called. If all goes well, + * KSUCCESS is returned. Possible error codes are: + * + * TKT_FIL_INI - tf_init wasn't called first + * TKT_FIL_FMT - bad format + * EOF - end of file encountered + */ + +int +tf_get_cred(CREDENTIALS *c) +{ + int index; + CREDENTIALS *cred; + tktmem *TktStore; + + if(!(TktStore = getTktMem(0))) + return KFAILURE; + if((index = nextCredIndex()) == -1) + return EOF; + if(!(cred = TktStore->cred_vec+index)) + return KFAILURE; + if(!c) + return KFAILURE; + memcpy(c, cred, sizeof(*c)); + return KSUCCESS; +} + +/* + * tf_close() closes the ticket file and sets "fd" to -1. If "fd" is + * not a valid file descriptor, it just returns. It also clears the + * buffer used to read tickets. + */ + +void +tf_close(void) +{ +} + +/* + * tf_save_cred() appends an incoming ticket to the end of the ticket + * file. You must call tf_init() before calling tf_save_cred(). + * + * The "service", "instance", and "realm" arguments specify the + * server's name; "session" contains the session key to be used with + * the ticket; "kvno" is the server key version number in which the + * ticket is encrypted, "ticket" contains the actual ticket, and + * "issue_date" is the time the ticket was requested (local host's time). + * + * Returns KSUCCESS if all goes well, TKT_FIL_INI if tf_init() wasn't + * called previously, and KFAILURE for anything else that went wrong. + */ + +int +tf_save_cred(char *service, /* Service name */ + char *instance, /* Instance */ + char *realm, /* Auth domain */ + unsigned char *session, /* Session key */ + int lifetime, /* Lifetime */ + int kvno, /* Key version number */ + KTEXT ticket, /* The ticket itself */ + u_int32_t issue_date) /* The issue time */ +{ + CREDENTIALS *cred; + tktmem *mem = getTktMem(0); + int last = nextFreeIndex(); + + if(last == -1) + return KFAILURE; + cred = mem->cred_vec+last; + strcpy(cred->service, service); + strcpy(cred->instance, instance); + strcpy(cred->realm, realm); + strcpy(cred->session, session); + cred->lifetime = lifetime; + cred->kvno = kvno; + memcpy(&(cred->ticket_st), ticket, sizeof(*ticket)); + cred->issue_date = issue_date; + strcpy(cred->pname, mem->pname); + strcpy(cred->pinst, mem->pinst); + return KSUCCESS; +} + + +int +tf_setup(CREDENTIALS *cred, char *pname, char *pinst) +{ + int ret; + ret = tf_create(tkt_string()); + if (ret != KSUCCESS) + return ret; + + if (tf_put_pname(pname) != KSUCCESS || + tf_put_pinst(pinst) != KSUCCESS) { + tf_close(); + return INTK_ERR; + } + + ret = tf_save_cred(cred->service, cred->instance, cred->realm, + cred->session, cred->lifetime, cred->kvno, + &cred->ticket_st, cred->issue_date); + tf_close(); + return ret; +} diff --git a/crypto/kerberosIV/lib/krb/ticket_memory.h b/crypto/kerberosIV/lib/krb/ticket_memory.h new file mode 100644 index 0000000..e85e1a4 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/ticket_memory.h @@ -0,0 +1,69 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* ticket_memory.h - Storage for tickets in memory + * Author: d93-jka@nada.kth.se - June 1996 + */ + +/* $Id: ticket_memory.h,v 1.6 1997/04/20 06:25:12 assar Exp $ */ + +#ifndef TICKET_MEMORY_H +#define TICKET_MEMORY_H + +#include "krb_locl.h" + +#define CRED_VEC_SZ 20 + +typedef struct _tktmem +{ + char tmname[64]; + char pname[ANAME_SZ]; /* Principal's name */ + char pinst[INST_SZ]; /* Principal's instance */ + int last_cred_no; + CREDENTIALS cred_vec[CRED_VEC_SZ]; +} tktmem; + +int newTktMem(const char *tf_name); +int freeTktMem(const char *tf_name); +tktmem *getTktMem(const char *tf_name); +void firstCred(void); +int nextCredIndex(void); +int currCredIndex(void); +int nextFreeIndex(void); + +#endif /* TICKET_MEMORY_H */ diff --git a/crypto/kerberosIV/lib/krb/tkt_string.c b/crypto/kerberosIV/lib/krb/tkt_string.c new file mode 100644 index 0000000..2914abb --- /dev/null +++ b/crypto/kerberosIV/lib/krb/tkt_string.c @@ -0,0 +1,85 @@ +/* + Copyright (C) 1989 by the Massachusetts Institute of Technology + + Export of this software from the United States of America is assumed + to require a specific license from the United States Government. + It is the responsibility of any person or organization contemplating + export to obtain such a license before exporting. + +WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +distribute this software and its documentation for any purpose and +without fee is hereby granted, provided that the above copyright +notice appear in all copies and that both that copyright notice and +this permission notice appear in supporting documentation, and that +the name of M.I.T. not be used in advertising or publicity pertaining +to distribution of the software without specific, written prior +permission. M.I.T. makes no representations about the suitability of +this software for any purpose. It is provided "as is" without express +or implied warranty. + + */ + +#include "krb_locl.h" + +RCSID("$Id: tkt_string.c,v 1.10 1997/05/02 14:54:26 assar Exp $"); + +/* + * This routine is used to generate the name of the file that holds + * the user's cache of server tickets and associated session keys. + * + * If it is set, krb_ticket_string contains the ticket file name. + * Otherwise, the filename is constructed as follows: + * + * If it is set, the environment variable "KRBTKFILE" will be used as + * the ticket file name. Otherwise TKT_ROOT (defined in "krb.h") and + * the user's uid are concatenated to produce the ticket file name + * (e.g., "/tmp/tkt123"). A pointer to the string containing the ticket + * file name is returned. + */ + +static char krb_ticket_string[MaxPathLen] = ""; + +#ifndef HAVE_GETUID +int getuid(void) +{ + return 27; +} +#endif + +char *tkt_string(void) +{ + char *env; + + if (!*krb_ticket_string) { + if ((env = getenv("KRBTKFILE"))) { + strncpy(krb_ticket_string, env, + sizeof(krb_ticket_string)-1); + krb_ticket_string[sizeof(krb_ticket_string)-1] = '\0'; + } else { + snprintf(krb_ticket_string, sizeof(krb_ticket_string), + "%s%u",TKT_ROOT,(unsigned)getuid()); + } + } + return krb_ticket_string; +} + +/* + * This routine is used to set the name of the file that holds the user's + * cache of server tickets and associated session keys. + * + * The value passed in is copied into local storage. + * + * NOTE: This routine should be called during initialization, before other + * Kerberos routines are called; otherwise tkt_string() above may be called + * and return an undesired ticket file name until this routine is called. + */ + +void +krb_set_tkt_string(char *val) +{ + + strncpy(krb_ticket_string, val, sizeof(krb_ticket_string)-1); + krb_ticket_string[sizeof(krb_ticket_string)-1] = '\0'; + + return; +} diff --git a/crypto/kerberosIV/lib/krb/unparse_name.c b/crypto/kerberosIV/lib/krb/unparse_name.c new file mode 100644 index 0000000..ddb938f --- /dev/null +++ b/crypto/kerberosIV/lib/krb/unparse_name.c @@ -0,0 +1,105 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: unparse_name.c,v 1.7 1997/04/01 08:18:46 joda Exp $"); + +static void +quote_string(char *quote, char *from, char *to) +{ + while(*from){ + if(strchr(quote, *from)) + *to++ = '\\'; + *to++ = *from++; + } + *to = 0; +} + +/* To be compatible with old functions, we quote differently in each + part of the principal*/ + +char * +krb_unparse_name_r(krb_principal *pr, char *fullname) +{ + quote_string("'@\\", pr->name, fullname); + if(pr->instance[0]){ + strcat(fullname, "."); + quote_string("@\\", pr->instance, fullname + strlen(fullname)); + } + if(pr->realm[0]){ + strcat(fullname, "@"); + quote_string("\\", pr->realm, fullname + strlen(fullname)); + } + return fullname; +} + +char * +krb_unparse_name_long_r(char *name, char *instance, char *realm, + char *fullname) +{ + krb_principal pr; + memset(&pr, 0, sizeof(pr)); + strcpy(pr.name, name); + if(instance) + strcpy(pr.instance, instance); + if(realm) + strcpy(pr.realm, realm); + return krb_unparse_name_r(&pr, fullname); +} + +char * +krb_unparse_name(krb_principal *pr) +{ + static char principal[MAX_K_NAME_SZ]; + krb_unparse_name_r(pr, principal); + return principal; +} + +char * +krb_unparse_name_long(char *name, char *instance, char *realm) +{ + krb_principal pr; + memset(&pr, 0, sizeof(pr)); + strcpy(pr.name, name); + if(instance) + strcpy(pr.instance, instance); + if(realm) + strcpy(pr.realm, realm); + return krb_unparse_name(&pr); +} diff --git a/crypto/kerberosIV/lib/krb/util.c b/crypto/kerberosIV/lib/krb/util.c new file mode 100644 index 0000000..7b77bb8 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/util.c @@ -0,0 +1,64 @@ +/* + * + * Copyright 1988 by the Massachusetts Institute of Technology. + * + * For copying and distribution information, please see the file + * <mit-copyright.h>. + * + * Miscellaneous debug printing utilities + */ + +#include "krb_locl.h" + +RCSID("$Id: util.c,v 1.6 1996/10/05 00:18:34 joda Exp $"); + +/* + * Print some of the contents of the given authenticator structure + * (AUTH_DAT defined in "krb.h"). Fields printed are: + * + * pname, pinst, prealm, netaddr, flags, cksum, timestamp, session + */ + +void +ad_print(AUTH_DAT *x) +{ + /* + * Print the contents of an auth_dat struct. + */ + struct in_addr address; + address.s_addr = x->address; + printf("\n%s %s %s %s flags %u cksum 0x%X\n\ttkt_tm 0x%X sess_key", + x->pname, x->pinst, x->prealm, + inet_ntoa(address), x->k_flags, + x->checksum, x->time_sec); + printf("[8] ="); +#ifdef NOENCRYPTION + placebo_cblock_print(x->session); +#else + des_cblock_print_file(&x->session,stdout); +#endif + /* skip reply for now */ +} + +/* + * Print in hex the 8 bytes of the given session key. + * + * Printed format is: " 0x { x, x, x, x, x, x, x, x }" + */ + +#ifdef NOENCRYPTION +placebo_cblock_print(x) + des_cblock x; +{ + unsigned char *y = (unsigned char *) x; + int i = 0; + + printf(" 0x { "); + + while (i++ <8) { + printf("%x",*y++); + if (i<8) printf(", "); + } + printf(" }"); +} +#endif diff --git a/crypto/kerberosIV/lib/krb/verify_user.c b/crypto/kerberosIV/lib/krb/verify_user.c new file mode 100644 index 0000000..ce22b59 --- /dev/null +++ b/crypto/kerberosIV/lib/krb/verify_user.c @@ -0,0 +1,111 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$Id: verify_user.c,v 1.8 1997/04/01 08:18:46 joda Exp $"); + +/* Verify user with password. If secure, also verify against local + * service key, this can (usually) only be done by root. + * + * As a side effect, fresh tickets are obtained. + * + * Returns zero if ok, a positive kerberos error or -1 for system + * errors. + */ + +int +krb_verify_user(char *name, char *instance, char *realm, char *password, + int secure, char *linstance) +{ + int ret; + ret = krb_get_pw_in_tkt(name, instance, realm, + KRB_TICKET_GRANTING_TICKET, + realm, + DEFAULT_TKT_LIFE, password); + if(ret != KSUCCESS) + return ret; + + if(secure){ + struct hostent *hp; + int32_t addr; + + KTEXT_ST ticket; + AUTH_DAT auth; + + char lrealm[REALM_SZ]; + char hostname[MaxHostNameLen]; + char *phost; + + if (k_gethostname(hostname, sizeof(hostname)) == -1) { + dest_tkt(); + return -1; + } + + hp = gethostbyname(hostname); + if(hp == NULL){ + dest_tkt(); + return -1; + } + memcpy(&addr, hp->h_addr, sizeof(addr)); + + ret = krb_get_lrealm(lrealm, 1); + if(ret != KSUCCESS){ + dest_tkt(); + return ret; + } + phost = krb_get_phost(hostname); + + if (linstance == NULL) + linstance = "rcmd"; + + ret = krb_mk_req(&ticket, linstance, phost, lrealm, 33); + if(ret != KSUCCESS){ + dest_tkt(); + return ret; + } + + ret = krb_rd_req(&ticket, linstance, phost, addr, &auth, ""); + if(ret != KSUCCESS){ + dest_tkt(); + return ret; + } + } + return 0; +} + diff --git a/crypto/kerberosIV/lib/roken/Makefile.in b/crypto/kerberosIV/lib/roken/Makefile.in new file mode 100644 index 0000000..26f3142 --- /dev/null +++ b/crypto/kerberosIV/lib/roken/Makefile.in @@ -0,0 +1,94 @@ +# +# $Id: Makefile.in,v 1.34 1997/05/28 05:23:39 assar Exp $ +# + +SHELL = /bin/sh + +srcdir = @srcdir@ +VPATH = @srcdir@ + +CC = @CC@ +CPP = @CPP@ +AR = ar +RANLIB = @RANLIB@ +DEFS = @DEFS@ +CFLAGS = @CFLAGS@ + +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +MKINSTALLDIRS = @top_srcdir@/mkinstalldirs + +prefix = @prefix@ +exec_prefix = @exec_prefix@ +libdir = @libdir@ + +PICFLAGS = # @PICFLAGS@ + +LIBNAME = $(LIBPREFIX)roken +#LIBEXT = @LIBEXT@ Always build archive library and don't install! +LIBEXT = a +LIBPREFIX = @LIBPREFIX@ +SHLIBEXT = @SHLIBEXT@ +LDSHARED = @LDSHARED@ +LIB = $(LIBNAME).$(LIBEXT) + +SOURCES = \ + chown.c daemon.c err.c errx.c fchown.c get_window_size.c \ + getcwd.c getdtablesize.c getopt.c getusershell.c \ + hstrerror.c inaddr2str.c inet_aton.c \ + initgroups.c k_getpwnam.c k_getpwuid.c lstat.c \ + memmove.c mini_inetd.c mkstemp.c putenv.c rcmd.c setegid.c \ + setenv.c seteuid.c signal.c snprintf.c \ + strcasecmp.c strdup.c strerror.c strftime.c \ + strlwr.c strnlen.c strtok_r.c strupr.c tm2time.c \ + unsetenv.c verify.c verr.c verrx.c vwarn.c \ + vwarnx.c warn.c warnerr.c warnx.c + +OBJECTS = k_getpwuid.o k_getpwnam.o signal.o tm2time.o \ + verify.o inaddr2str.o mini_inetd.o get_window_size.o \ + warnerr.o snprintf.o @LIBOBJS@ + +all: $(LIB) + +Wall: + make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" + +.c.o: + $(CC) -c $(CPPFLAGS) $(DEFS) -I../../include -I$(srcdir) $(CFLAGS) $(PICFLAGS) $< + +install: all + +uninstall: + +TAGS: $(SOURCES) + etags $(SOURCES) + +check: + +clean: + rm -f $(LIB) *.o *.a + +mostlyclean: clean + +distclean: clean + rm -f Makefile *.tab.c *~ + +realclean: distclean + rm -f TAGS + +dist: $(DISTFILES) + for file in $(DISTFILES); do \ + ln $$file ../`cat ../.fname`/lib \ + || cp -p $$file ../`cat ../.fname`/lib; \ + done + +$(LIBNAME).a: $(OBJECTS) + rm -f $@ + $(AR) cr $@ $(OBJECTS) + -$(RANLIB) $@ + +$(LIBNAME).$(SHLIBEXT): $(OBJECTS) + rm -f $@ + $(LDSHARED) -o $@ $(OBJECTS) + +$(OBJECTS): ../../include/config.h diff --git a/crypto/kerberosIV/lib/roken/chown.c b/crypto/kerberosIV/lib/roken/chown.c new file mode 100644 index 0000000..28550d9 --- /dev/null +++ b/crypto/kerberosIV/lib/roken/chown.c @@ -0,0 +1,50 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: chown.c,v 1.2 1997/04/01 08:18:58 joda Exp $"); +#endif + +#include "roken.h" + +int +chown(const char *path, uid_t owner, gid_t group) +{ + return 0; +} diff --git a/crypto/kerberosIV/lib/roken/daemon.c b/crypto/kerberosIV/lib/roken/daemon.c new file mode 100644 index 0000000..ffab298 --- /dev/null +++ b/crypto/kerberosIV/lib/roken/daemon.c @@ -0,0 +1,89 @@ +/*- + * Copyright (c) 1990, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#if defined(LIBC_SCCS) && !defined(lint) +static char sccsid[] = "@(#)daemon.c 8.1 (Berkeley) 6/4/93"; +#endif /* LIBC_SCCS and not lint */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + +RCSID("$Id: daemon.c,v 1.2 1997/05/28 05:38:09 assar Exp $"); + +#ifndef HAVE_DAEMON + +#ifdef HAVE_FCNTL_H +#include <fcntl.h> +#endif +#ifdef HAVE_PATHS_H +#include <paths.h> +#endif +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif + +#include "roken.h" + +int +daemon(nochdir, noclose) + int nochdir, noclose; +{ + int fd; + + switch (fork()) { + case -1: + return (-1); + case 0: + break; + default: + _exit(0); + } + + if (setsid() == -1) + return (-1); + + if (!nochdir) + (void)chdir("/"); + + if (!noclose && (fd = open(_PATH_DEVNULL, O_RDWR, 0)) != -1) { + (void)dup2(fd, STDIN_FILENO); + (void)dup2(fd, STDOUT_FILENO); + (void)dup2(fd, STDERR_FILENO); + if (fd > 2) + (void)close (fd); + } + return (0); +} + +#endif /* HAVE_DAEMON */ diff --git a/crypto/kerberosIV/lib/roken/err.c b/crypto/kerberosIV/lib/roken/err.c new file mode 100644 index 0000000..029faa9 --- /dev/null +++ b/crypto/kerberosIV/lib/roken/err.c @@ -0,0 +1,53 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: err.c,v 1.5 1997/03/30 08:05:37 joda Exp $"); +#endif + +#include "err.h" + +void +err(int eval, const char *fmt, ...) +{ + va_list ap; + va_start(ap, fmt); + verr(eval, fmt, ap); + va_end(ap); +} diff --git a/crypto/kerberosIV/lib/roken/err.h b/crypto/kerberosIV/lib/roken/err.h new file mode 100644 index 0000000..6f25435 --- /dev/null +++ b/crypto/kerberosIV/lib/roken/err.h @@ -0,0 +1,76 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: err.h,v 1.13 1997/05/02 14:29:30 assar Exp $ */ + +#ifndef __ERR_H__ +#define __ERR_H__ + +#include <errno.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <stdarg.h> + +extern const char *__progname; + +#if !defined(__GNUC__) && !defined(__attribute__) +#define __attribute__(x) +#endif + +void warnerr(int doexit, int eval, int doerrno, const char *fmt, va_list ap) + __attribute__ ((format (printf, 4, 0))); + +void verr(int eval, const char *fmt, va_list ap) + __attribute__ ((noreturn, format (printf, 2, 0))); +void err(int eval, const char *fmt, ...) + __attribute__ ((noreturn, format (printf, 2, 3))); +void verrx(int eval, const char *fmt, va_list ap) + __attribute__ ((noreturn, format (printf, 2, 0))); +void errx(int eval, const char *fmt, ...) + __attribute__ ((noreturn, format (printf, 2, 3))); +void vwarn(const char *fmt, va_list ap) + __attribute__ ((format (printf, 1, 0))); +void warn(const char *fmt, ...) + __attribute__ ((format (printf, 1, 2))); +void vwarnx(const char *fmt, va_list ap) + __attribute__ ((format (printf, 1, 0))); +void warnx(const char *fmt, ...) + __attribute__ ((format (printf, 1, 2))); + +#endif /* __ERR_H__ */ diff --git a/crypto/kerberosIV/lib/roken/errx.c b/crypto/kerberosIV/lib/roken/errx.c new file mode 100644 index 0000000..18969d5 --- /dev/null +++ b/crypto/kerberosIV/lib/roken/errx.c @@ -0,0 +1,53 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: errx.c,v 1.5 1997/03/30 08:05:38 joda Exp $"); +#endif + +#include "err.h" + +void +errx(int eval, const char *fmt, ...) +{ + va_list ap; + va_start(ap, fmt); + verrx(eval, fmt, ap); + va_end(ap); +} diff --git a/crypto/kerberosIV/lib/roken/fchown.c b/crypto/kerberosIV/lib/roken/fchown.c new file mode 100644 index 0000000..2a94e3a --- /dev/null +++ b/crypto/kerberosIV/lib/roken/fchown.c @@ -0,0 +1,50 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: fchown.c,v 1.2 1997/04/01 08:18:58 joda Exp $"); +#endif + +#include "roken.h" + +int +fchown(int fd, uid_t owner, gid_t group) +{ + return 0; +} diff --git a/crypto/kerberosIV/lib/roken/get_window_size.c b/crypto/kerberosIV/lib/roken/get_window_size.c new file mode 100644 index 0000000..d31d18d --- /dev/null +++ b/crypto/kerberosIV/lib/roken/get_window_size.c @@ -0,0 +1,96 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: get_window_size.c,v 1.4 1997/04/01 08:18:59 joda Exp $"); +#endif + +#include <stdlib.h> +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif + +#if 0 /* Where were those needed? /confused */ +#ifdef HAVE_SYS_PROC_H +#include <sys/proc.h> +#endif + +#ifdef HAVE_SYS_TTY_H +#include <sys/tty.h> +#endif +#endif + +#ifdef HAVE_TERMIOS_H +#include <termios.h> +#endif + +#include <roken.h> + +int +get_window_size(int fd, struct winsize *wp) +{ +#if defined(TIOCGWINSZ) + return ioctl(fd, TIOCGWINSZ, wp); +#elif defined(TIOCGSIZE) + struct ttysize ts; + int error; + + if ((error = ioctl(0, TIOCGSIZE, &ts)) != 0) + return (error); + wp->ws_row = ts.ts_lines; + wp->ws_col = ts.ts_cols; + wp->ws_xpixel = 0; + wp->ws_ypixel = 0; + return 0; +#elif defined(HAVE__SCRSIZE) + int dst[2]; + + _scrsize(dst); + wp->ws_row = dst[1]; + wp->ws_col = dst[0]; + wp->ws_xpixel = 0; + wp->ws_ypixel = 0; + return 0; +#else + return -1; +#endif +} diff --git a/crypto/kerberosIV/lib/roken/getcwd.c b/crypto/kerberosIV/lib/roken/getcwd.c new file mode 100644 index 0000000..a27451f --- /dev/null +++ b/crypto/kerberosIV/lib/roken/getcwd.c @@ -0,0 +1,59 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: getcwd.c,v 1.7 1997/04/01 08:19:00 joda Exp $"); +#endif + +#include <unistd.h> +#include <sys/param.h> + +#include "protos.h" +#include "roken.h" + +char* +getcwd(char *path, size_t size) +{ + char xxx[MaxPathLen]; + char *ret; + ret = getwd(xxx); + if(ret) + strncpy(path, xxx, size); + return ret; +} diff --git a/crypto/kerberosIV/lib/roken/getdtablesize.c b/crypto/kerberosIV/lib/roken/getdtablesize.c new file mode 100644 index 0000000..afd47d2b --- /dev/null +++ b/crypto/kerberosIV/lib/roken/getdtablesize.c @@ -0,0 +1,102 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: getdtablesize.c,v 1.8 1997/04/20 05:51:06 assar Exp $"); +#endif + +#include "roken.h" + +#include <sys/types.h> +#ifdef TIME_WITH_SYS_TIME +#include <sys/time.h> +#include <time.h> +#elif defined(HAVE_SYS_TIME_H) +#include <sys/time.h> +#else +#include <time.h> +#endif +#ifdef HAVE_SYS_PARAM_H +#include <sys/param.h> +#endif +#include <unistd.h> + +#ifdef HAVE_SYS_RESOURCE_H +#include <sys/resource.h> +#endif + +#ifdef HAVE_SYS_SYSCTL_H +#include <sys/sysctl.h> +#endif + +int getdtablesize(void) +{ + int files = -1; +#if defined(HAVE_SYSCONF) && defined(_SC_OPEN_MAX) + files = sysconf(_SC_OPEN_MAX); +#else /* !defined(HAVE_SYSCONF) */ +#if defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE) + struct rlimit res; + if (getrlimit(RLIMIT_NOFILE, &res) == 0) + files = res.rlim_cur; +#else /* !definded(HAVE_GETRLIMIT) */ +#if defined(HAVE_SYSCTL) && defined(CTL_KERN) && defined(KERN_MAXFILES) + int mib[2]; + size_t len; + + mib[0] = CTL_KERN; + mib[1] = KERN_MAXFILES; + len = sizeof(files); + sysctl(&mib, 2, &files, sizeof(nfil), NULL, 0); +#endif /* defined(HAVE_SYSCTL) */ +#endif /* !definded(HAVE_GETRLIMIT) */ +#endif /* !defined(HAVE_SYSCONF) */ + +#ifdef OPEN_MAX + if (files < 0) + files = OPEN_MAX; +#endif + +#ifdef NOFILE + if (files < 0) + files = NOFILE; +#endif + + return files; +} diff --git a/crypto/kerberosIV/lib/roken/getopt.c b/crypto/kerberosIV/lib/roken/getopt.c new file mode 100644 index 0000000..fea4635 --- /dev/null +++ b/crypto/kerberosIV/lib/roken/getopt.c @@ -0,0 +1,128 @@ +/* + * Copyright (c) 1987, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#if defined(LIBC_SCCS) && !defined(lint) +static char sccsid[] = "@(#)getopt.c 8.1 (Berkeley) 6/4/93"; +#endif /* LIBC_SCCS and not lint */ + +#ifndef __STDC__ +#define const +#endif +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +/* + * get option letter from argument vector + */ +int opterr = 1, /* if error message should be printed */ + optind = 1, /* index into parent argv vector */ + optopt, /* character checked for validity */ + optreset; /* reset getopt */ +char *optarg; /* argument associated with option */ + +#define BADCH (int)'?' +#define BADARG (int)':' +#define EMSG "" + +int +getopt(nargc, nargv, ostr) + int nargc; + char * const *nargv; + const char *ostr; +{ + static char *place = EMSG; /* option letter processing */ + char *oli; /* option letter list index */ + char *p; + + if (optreset || !*place) { /* update scanning pointer */ + optreset = 0; + if (optind >= nargc || *(place = nargv[optind]) != '-') { + place = EMSG; + return(EOF); + } + if (place[1] && *++place == '-') { /* found "--" */ + ++optind; + place = EMSG; + return(EOF); + } + } /* option letter okay? */ + if ((optopt = (int)*place++) == (int)':' || + !(oli = strchr(ostr, optopt))) { + /* + * if the user didn't specify '-' as an option, + * assume it means EOF. + */ + if (optopt == (int)'-') + return(EOF); + if (!*place) + ++optind; + if (opterr && *ostr != ':') { + if (!(p = strrchr(*nargv, '/'))) + p = *nargv; + else + ++p; + fprintf(stderr, "%s: illegal option -- %c\n", + p, optopt); + } + return(BADCH); + } + if (*++oli != ':') { /* don't need argument */ + optarg = NULL; + if (!*place) + ++optind; + } + else { /* need an argument */ + if (*place) /* no white space */ + optarg = place; + else if (nargc <= ++optind) { /* no arg */ + place = EMSG; + if (!(p = strrchr(*nargv, '/'))) + p = *nargv; + else + ++p; + if (*ostr == ':') + return(BADARG); + if (opterr) + fprintf(stderr, + "%s: option requires an argument -- %c\n", + p, optopt); + return(BADCH); + } + else /* white space */ + optarg = nargv[optind]; + place = EMSG; + ++optind; + } + return(optopt); /* dump back option letter */ +} diff --git a/crypto/kerberosIV/lib/roken/getusershell.c b/crypto/kerberosIV/lib/roken/getusershell.c new file mode 100644 index 0000000..87a48ec --- /dev/null +++ b/crypto/kerberosIV/lib/roken/getusershell.c @@ -0,0 +1,160 @@ +/* + * Copyright (c) 1985, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + +RCSID("$Id: getusershell.c,v 1.8 1997/04/20 06:18:03 assar Exp $"); + +#ifndef HAVE_GETUSERSHELL + +#include <stdio.h> +#include <stdlib.h> +#ifdef HAVE_PATHS_H +#include <paths.h> +#endif +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_SYS_STAT_H +#include <sys/stat.h> +#endif +#ifdef HAVE_SYS_PARAM_H +#include <sys/param.h> +#endif + +#ifndef _PATH_SHELLS +#define _PATH_SHELLS "/etc/shells" +#endif + +#ifndef _PATH_BSHELL +#define _PATH_BSHELL "/bin/sh" +#endif + +#ifndef _PATH_CSHELL +#define _PATH_CSHELL "/bin/csh" +#endif + +/* + * Local shells should NOT be added here. They should be added in + * /etc/shells. + */ + +static char *okshells[] = { _PATH_BSHELL, _PATH_CSHELL, NULL }; +static char **curshell, **shells, *strings; +static char **initshells (void); + +/* + * Get a list of shells from _PATH_SHELLS, if it exists. + */ +char * +getusershell() +{ + char *ret; + + if (curshell == NULL) + curshell = initshells(); + ret = *curshell; + if (ret != NULL) + curshell++; + return (ret); +} + +void +endusershell() +{ + + if (shells != NULL) + free(shells); + shells = NULL; + if (strings != NULL) + free(strings); + strings = NULL; + curshell = NULL; +} + +void +setusershell() +{ + + curshell = initshells(); +} + +static char ** +initshells() +{ + char **sp, *cp; + FILE *fp; + struct stat statb; + + if (shells != NULL) + free(shells); + shells = NULL; + if (strings != NULL) + free(strings); + strings = NULL; + if ((fp = fopen(_PATH_SHELLS, "r")) == NULL) + return (okshells); + if (fstat(fileno(fp), &statb) == -1) { + fclose(fp); + return (okshells); + } + if ((strings = malloc((u_int)statb.st_size)) == NULL) { + fclose(fp); + return (okshells); + } + shells = calloc((unsigned)statb.st_size / 3, sizeof (char *)); + if (shells == NULL) { + fclose(fp); + free(strings); + strings = NULL; + return (okshells); + } + sp = shells; + cp = strings; + while (fgets(cp, MaxPathLen + 1, fp) != NULL) { + while (*cp != '#' && *cp != '/' && *cp != '\0') + cp++; + if (*cp == '#' || *cp == '\0') + continue; + *sp++ = cp; + while (!isspace(*cp) && *cp != '#' && *cp != '\0') + cp++; + *cp++ = '\0'; + } + *sp = NULL; + fclose(fp); + return (shells); +} +#endif /* HAVE_GETUSERSHELL */ diff --git a/crypto/kerberosIV/lib/roken/hstrerror.c b/crypto/kerberosIV/lib/roken/hstrerror.c new file mode 100644 index 0000000..9e47cb5 --- /dev/null +++ b/crypto/kerberosIV/lib/roken/hstrerror.c @@ -0,0 +1,87 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: hstrerror.c,v 1.17 1997/06/01 03:37:25 assar Exp $"); +#endif + +#include "roken.h" + +#ifndef HAVE_HSTRERROR + +#include <stdio.h> +#include <netdb.h> + +#ifndef HAVE_H_ERRNO +int h_errno = -17; /* Some magic number */ +#endif + +#if !(defined(HAVE_H_ERRLIST) && defined(HAVE_H_NERR)) +static const char *const h_errlist[] = { + "Resolver Error 0 (no error)", + "Unknown host", /* 1 HOST_NOT_FOUND */ + "Host name lookup failure", /* 2 TRY_AGAIN */ + "Unknown server error", /* 3 NO_RECOVERY */ + "No address associated with name", /* 4 NO_ADDRESS */ +}; + +static +const +int h_nerr = { sizeof h_errlist / sizeof h_errlist[0] }; +#else + +#ifndef HAVE_H_ERRLIST_DECLARATION +extern const char *h_errlist[]; +extern int h_nerr; +#endif + +#endif + +char * +hstrerror(int herr) +{ + if (0 <= herr && herr < h_nerr) + return (char *) h_errlist[herr]; + else if(herr == -17) + return "unknown error"; + else + return "Error number out of range (hstrerror)"; +} + +#endif diff --git a/crypto/kerberosIV/lib/roken/inaddr2str.c b/crypto/kerberosIV/lib/roken/inaddr2str.c new file mode 100644 index 0000000..af158aa --- /dev/null +++ b/crypto/kerberosIV/lib/roken/inaddr2str.c @@ -0,0 +1,88 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: inaddr2str.c,v 1.6 1997/04/01 08:19:02 joda Exp $"); +#endif + +#include <stdlib.h> +#include <string.h> +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_SYS_SOCKET_H +#include <sys/socket.h> +#endif +#ifdef HAVE_NETINET_IN_H +#include <netinet/in.h> +#endif +#ifdef HAVE_ARPA_INET_H +#include <arpa/inet.h> +#endif +#ifdef HAVE_NETDB_H +#include <netdb.h> +#endif +#include "roken.h" + +/* + * Get a verified name for `addr'. + * If unable to find it in the DNS, return x.y.z.a + */ + +void +inaddr2str(struct in_addr addr, char *s, size_t len) +{ + struct hostent *h; + char *p; + + h = gethostbyaddr ((const char *)&addr, sizeof(addr), AF_INET); + if (h) { + h = gethostbyname (h->h_name); + if(h) + while ((p = *(h->h_addr_list)++)) + if (memcmp (p, &addr, sizeof(addr)) == 0) { + strncpy (s, h->h_name, len); + s[len - 1] = '\0'; + return; + } + } + strncpy (s, inet_ntoa (addr), len); + s[len - 1] = '\0'; + return; +} diff --git a/crypto/kerberosIV/lib/roken/inet_aton.c b/crypto/kerberosIV/lib/roken/inet_aton.c new file mode 100644 index 0000000..c97ef74 --- /dev/null +++ b/crypto/kerberosIV/lib/roken/inet_aton.c @@ -0,0 +1,68 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: inet_aton.c,v 1.10 1997/05/20 19:57:03 bg Exp $"); +#endif + +#include "roken.h" + +#include <stdio.h> +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_NETINET_IN_H +#include <netinet/in.h> +#endif +#ifdef HAVE_NETDB_H +#include <netdb.h> +#endif +#ifdef HAVE_ARPA_INET_H +#include <arpa/inet.h> +#endif + +/* Minimal implementation of inet_aton. + * Cannot distinguish between failure and a local broadcast address. */ + +int +inet_aton(const char *cp, struct in_addr *addr) +{ + addr->s_addr = inet_addr(cp); + return (addr->s_addr == INADDR_NONE) ? 0 : 1; +} diff --git a/crypto/kerberosIV/lib/roken/initgroups.c b/crypto/kerberosIV/lib/roken/initgroups.c new file mode 100644 index 0000000..a68aa63 --- /dev/null +++ b/crypto/kerberosIV/lib/roken/initgroups.c @@ -0,0 +1,50 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: initgroups.c,v 1.2 1997/04/01 08:19:03 joda Exp $"); +#endif + +#include "roken.h" + +int +initgroups(const char *name, gid_t basegid) +{ + return 0; +} diff --git a/crypto/kerberosIV/lib/roken/k_getpwnam.c b/crypto/kerberosIV/lib/roken/k_getpwnam.c new file mode 100644 index 0000000..580b1a2 --- /dev/null +++ b/crypto/kerberosIV/lib/roken/k_getpwnam.c @@ -0,0 +1,69 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: k_getpwnam.c,v 1.6 1997/04/01 08:19:03 joda Exp $"); +#endif /* HAVE_CONFIG_H */ + +#include "roken.h" +#ifdef HAVE_SHADOW_H +#include <shadow.h> +#endif + +struct passwd * +k_getpwnam (char *user) +{ + struct passwd *p; + + p = getpwnam (user); +#ifdef HAVE_GETSPNAM + if(p) + { + struct spwd *spwd; + + spwd = getspnam (user); + if (spwd) + p->pw_passwd = spwd->sp_pwdp; + endspent (); + } +#else + endpwent (); +#endif + return p; +} diff --git a/crypto/kerberosIV/lib/roken/k_getpwuid.c b/crypto/kerberosIV/lib/roken/k_getpwuid.c new file mode 100644 index 0000000..a3a8f04 --- /dev/null +++ b/crypto/kerberosIV/lib/roken/k_getpwuid.c @@ -0,0 +1,69 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: k_getpwuid.c,v 1.6 1997/04/01 08:19:04 joda Exp $"); +#endif /* HAVE_CONFIG_H */ + +#include "roken.h" +#ifdef HAVE_SHADOW_H +#include <shadow.h> +#endif + +struct passwd * +k_getpwuid (uid_t uid) +{ + struct passwd *p; + + p = getpwuid (uid); +#ifdef HAVE_GETSPUID + if (p) + { + struct spwd *spwd; + + spwd = getspuid (uid); + if (spwd) + p->pw_passwd = spwd->sp_pwdp; + endspent (); + } +#else + endpwent (); +#endif + return p; +} diff --git a/crypto/kerberosIV/lib/roken/lstat.c b/crypto/kerberosIV/lib/roken/lstat.c new file mode 100644 index 0000000..881ad9a --- /dev/null +++ b/crypto/kerberosIV/lib/roken/lstat.c @@ -0,0 +1,50 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: lstat.c,v 1.3 1997/04/01 08:19:04 joda Exp $"); +#endif + +#include "roken.h" + +int +lstat(const char *path, struct stat *buf) +{ + return stat(path, buf); +} diff --git a/crypto/kerberosIV/lib/roken/memmove.c b/crypto/kerberosIV/lib/roken/memmove.c new file mode 100644 index 0000000..315ff05 --- /dev/null +++ b/crypto/kerberosIV/lib/roken/memmove.c @@ -0,0 +1,67 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: memmove.c,v 1.5 1997/04/01 08:19:05 joda Exp $"); +#endif + +/* + * memmove for systems that doesn't have it + */ + +#include <sys/types.h> + +void* memmove(void *s1, const void *s2, size_t n) +{ + char *s=(char*)s2, *d=(char*)s1; + + if(d > s){ + s+=n-1; + d+=n-1; + while(n){ + *d--=*s--; + n--; + } + }else if(d < s) + while(n){ + *d++=*s++; + n--; + } + return s1; +} diff --git a/crypto/kerberosIV/lib/roken/mini_inetd.c b/crypto/kerberosIV/lib/roken/mini_inetd.c new file mode 100644 index 0000000..ccfcfe7 --- /dev/null +++ b/crypto/kerberosIV/lib/roken/mini_inetd.c @@ -0,0 +1,99 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: mini_inetd.c,v 1.10 1997/05/02 14:30:07 assar Exp $"); +#endif + +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_SYS_SOCKET_H +#include <sys/socket.h> +#endif +#ifdef HAVE_NETINET_IN_H +#include <netinet/in.h> +#endif + +#include <roken.h> + +void +mini_inetd (int port) +{ + struct sockaddr_in sa; + int s = socket(AF_INET, SOCK_STREAM, 0); + int s2; + int one = 1; + if(s < 0){ + perror("socket"); + exit(1); + } +#if defined(SO_REUSEADDR) && defined(HAVE_SETSOCKOPT) + if(setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (void *)&one, + sizeof(one)) < 0){ + perror("setsockopt"); + exit(1); + } +#endif + memset(&sa, 0, sizeof(sa)); + sa.sin_family = AF_INET; + sa.sin_port = port; + sa.sin_addr.s_addr = INADDR_ANY; + if(bind(s, (struct sockaddr*)&sa, sizeof(sa)) < 0){ + perror("bind"); + exit(1); + } + if(listen(s, SOMAXCONN) < 0){ + perror("listen"); + exit(1); + } + s2 = accept(s, NULL, 0); + if(s2 < 0){ + perror("accept"); + exit(1); + } + close(s); + dup2(s2, STDIN_FILENO); + dup2(s2, STDOUT_FILENO); + /* dup2(s2, STDERR_FILENO); */ + close(s2); +} diff --git a/crypto/kerberosIV/lib/roken/mkstemp.c b/crypto/kerberosIV/lib/roken/mkstemp.c new file mode 100644 index 0000000..e55398a --- /dev/null +++ b/crypto/kerberosIV/lib/roken/mkstemp.c @@ -0,0 +1,89 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + +#include <string.h> +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif +#ifdef HAVE_FCNTL_H +#include <fcntl.h> +#endif +#include <errno.h> + +RCSID("$Id: mkstemp.c,v 1.2 1997/05/25 02:36:43 joda Exp $"); + +#ifndef HAVE_MKSTEMP + +int +mkstemp(char *template) +{ + int start, i; + pid_t val; + val = getpid(); + start = strlen(template) - 1; + while(template[start] == 'X') { + template[start] = '0' + val % 10; + val /= 10; + start--; + } + + do{ + int fd; + fd = open(template, O_RDWR | O_CREAT | O_EXCL, 0600); + if(fd >= 0 || errno != EEXIST) + return fd; + i = start + 1; + do{ + if(template[i] == 0) + return -1; + template[i]++; + if(template[i] == '9' + 1) + template[i] = 'a'; + if(template[i] <= 'z') + break; + template[i] = 'a'; + i++; + }while(1); + }while(1); +} + +#endif diff --git a/crypto/kerberosIV/lib/roken/putenv.c b/crypto/kerberosIV/lib/roken/putenv.c new file mode 100644 index 0000000..20d5a10 --- /dev/null +++ b/crypto/kerberosIV/lib/roken/putenv.c @@ -0,0 +1,81 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: putenv.c,v 1.5 1997/04/01 08:19:06 joda Exp $"); +#endif + +#include <stdlib.h> + +extern char **environ; + +/* + * putenv -- + * String points to a string of the form name=value. + * + * Makes the value of the environment variable name equal to + * value by altering an existing variable or creating a new one. + */ +int putenv(const char *string) +{ + int i; + int len; + + len = string - strchr(string, '=') + 1; + + if(environ == NULL){ + environ = malloc(sizeof(char*)); + if(environ == NULL) + return 1; + environ[0] = NULL; + } + + for(i = 0; environ[i]; i++) + if(strncmp(string, environ[i], len)){ + environ[len] = string; + return 0; + } + environ = realloc(environ, sizeof(char*) * (i + 1)); + if(environ == NULL) + return 1; + environ[i] = string; + environ[i+1] = NULL; + return 0; +} + diff --git a/crypto/kerberosIV/lib/roken/rcmd.c b/crypto/kerberosIV/lib/roken/rcmd.c new file mode 100644 index 0000000..6064d50 --- /dev/null +++ b/crypto/kerberosIV/lib/roken/rcmd.c @@ -0,0 +1,57 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: rcmd.c,v 1.2 1997/04/01 08:19:06 joda Exp $"); +#endif + +#include "roken.h" +#include <stdio.h> + +int +rcmd(char **ahost, + unsigned short inport, + const char *locuser, + const char *remuser, + const char *cmd, + int *fd2p) +{ + fprintf(stderr, "Only kerberized services are implemented\n"); + return -1; +} diff --git a/crypto/kerberosIV/lib/roken/roken.def b/crypto/kerberosIV/lib/roken/roken.def new file mode 100644 index 0000000..13e3572 --- /dev/null +++ b/crypto/kerberosIV/lib/roken/roken.def @@ -0,0 +1,4 @@ +LIBRARY roken +EXPORTS + gettimeofday + strcasecmp diff --git a/crypto/kerberosIV/lib/roken/roken.h b/crypto/kerberosIV/lib/roken/roken.h new file mode 100644 index 0000000..1204e3e --- /dev/null +++ b/crypto/kerberosIV/lib/roken/roken.h @@ -0,0 +1,338 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: roken.h,v 1.63 1997/05/28 05:38:09 assar Exp $ */ + +#ifndef __ROKEN_H__ +#define __ROKEN_H__ + +#include <stdlib.h> +#include <stdarg.h> +#include <string.h> +#include <signal.h> +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif +#ifdef HAVE_GRP_H +#include <grp.h> +#endif +#ifdef HAVE_SYS_STAT_H +#include <sys/stat.h> +#endif +#ifdef HAVE_NETINET_IN_H +#include <netinet/in.h> +#endif + +#ifdef HAVE_TERMIOS_H +#include <termios.h> +#endif + +#if defined(HAVE_SYS_IOCTL_H) && SunOS != 4 +#include <sys/ioctl.h> +#endif + +#include "protos.h" + +#if !defined(HAVE_SETSID) && defined(HAVE__SETSID) +#define setsid _setsid +#endif + +#ifndef HAVE_PUTENV +int putenv(const char *string); +#endif + +#ifndef HAVE_SETENV +int setenv(const char *var, const char *val, int rewrite); +#endif + +#ifndef HAVE_UNSETENV +void unsetenv(const char *name); +#endif + +#ifndef HAVE_GETUSERSHELL +char *getusershell(void); +#endif + +#if !defined(__GNUC__) && !defined(__attribute__) +#define __attribute__(x) +#endif + +#ifndef HAVE_SNPRINTF +int snprintf (char *str, size_t sz, const char *format, ...) + __attribute__ ((format (printf, 3, 4))); +#endif + +#ifndef HAVE_VSNPRINTF +int vsnprintf (char *str, size_t sz, const char *format, va_list ap) + __attribute__((format (printf, 3, 0))); +#endif + +#ifndef HAVE_ASPRINTF +int asprintf (char **ret, const char *format, ...) + __attribute__ ((format (printf, 2, 3))); +#endif + +#ifndef HAVE_VASPRINTF +int vasprintf (char **ret, const char *format, va_list ap) + __attribute__((format (printf, 2, 0))); +#endif + +#ifndef HAVE_ASNPRINTF +int asnprintf (char **ret, size_t max_sz, const char *format, ...) + __attribute__ ((format (printf, 3, 4))); +#endif + +#ifndef HAVE_VASNPRINTF +int vasnprintf (char **ret, size_t max_sz, const char *format, va_list ap) + __attribute__((format (printf, 3, 0))); +#endif + +#ifndef HAVE_STRDUP +char * strdup(const char *old); +#endif + +#ifndef HAVE_STRLWR +char * strlwr(char *); +#endif + +#ifndef HAVE_STRNLEN +int strnlen(char*, int); +#endif + +#ifndef HAVE_STRTOK_R +char *strtok_r(char *s1, const char *s2, char **lasts); +#endif + +#ifndef HAVE_STRUPR +char * strupr(char *); +#endif + +#ifndef HAVE_GETDTABLESIZE +int getdtablesize(void); +#endif + +#if IRIX != 4 /* fix for compiler bug */ +#ifdef RETSIGTYPE +typedef RETSIGTYPE (*SigAction)(/* int??? */); +SigAction signal(int iSig, SigAction pAction); /* BSD compatible */ +#endif +#endif + +#ifndef SIG_ERR +#define SIG_ERR ((RETSIGTYPE (*)())-1) +#endif + +#if !defined(HAVE_STRERROR) && !defined(strerror) +char *strerror(int eno); +#endif + +#ifndef HAVE_HSTRERROR +char *hstrerror(int herr); +#endif + +#ifndef HAVE_H_ERRNO_DECLARATION +extern int h_errno; +#endif + +#ifndef HAVE_INET_ATON +/* Minimal implementation of inet_aton. Doesn't handle hex numbers. */ +int inet_aton(const char *cp, struct in_addr *adr); +#endif + +#if !defined(HAVE_GETCWD) +char* getcwd(char *path, size_t size); +#endif + +#ifndef HAVE_GETENT +int getent(char *cp, char *name); +#endif + +#ifdef HAVE_PWD_H +#include <pwd.h> +struct passwd *k_getpwnam (char *user); +struct passwd *k_getpwuid (uid_t uid); +#endif + +#ifndef HAVE_SETEUID +int seteuid(int euid); +#endif + +#ifndef HAVE_SETEGID +int setegid(int egid); +#endif + +#ifndef HAVE_LSTAT +int lstat(const char *path, struct stat *buf); +#endif + +#ifndef HAVE_MKSTEMP +int mkstemp(char *); +#endif + +#ifndef HAVE_INITGROUPS +int initgroups(const char *name, gid_t basegid); +#endif + +#ifndef HAVE_FCHOWN +int fchown(int fd, uid_t owner, gid_t group); +#endif + +#ifndef HAVE_CHOWN +int chown(const char *path, uid_t owner, gid_t group); +#endif + +#ifndef HAVE_RCMD +int rcmd(char **ahost, unsigned short inport, const char *locuser, + const char *remuser, const char *cmd, int *fd2p); +#endif + +#ifdef TIME_WITH_SYS_TIME +#include <sys/time.h> +#include <time.h> +#elif defined(HAVE_SYS_TIME_H) +#include <sys/time.h> +#else +#include <time.h> +#endif + +time_t tm2time (struct tm tm, int local); + +int unix_verify_user(char *user, char *password); + +void inaddr2str(struct in_addr addr, char *s, size_t len); + +void mini_inetd (int port); + +#ifndef HAVE_STRUCT_WINSIZE +struct winsize { + unsigned short ws_row, ws_col; + unsigned short ws_xpixel, ws_ypixel; +}; +#endif + +int get_window_size(int fd, struct winsize *); + +#ifndef INADDR_NONE +#define INADDR_NONE 0xffffffff +#endif + +#ifndef SOMAXCONN +#define SOMAXCONN 5 +#endif + +#ifndef STDIN_FILENO +#define STDIN_FILENO 0 +#endif + +#ifndef STDOUT_FILENO +#define STDOUT_FILENO 1 +#endif + +#ifndef STDERR_FILENO +#define STDERR_FILENO 2 +#endif + +#ifndef max +#define max(a,b) (((a)>(b))?(a):(b)) +#endif + +#ifndef min +#define min(a,b) (((a)<(b))?(a):(b)) +#endif + +#ifndef TRUE +#define TRUE 1 +#endif + +#ifndef FALSE +#define FALSE 0 +#endif + +#ifdef HAVE_SYSLOG_H +#include <syslog.h> +/* Misc definitions for old syslogs */ + +#ifndef LOG_DAEMON +#define openlog(id,option,facility) openlog((id),(option)) +#define LOG_DAEMON 0 +#endif +#ifndef LOG_ODELAY +#define LOG_ODELAY 0 +#endif +#ifndef LOG_NDELAY +#define LOG_NDELAY 0x08 +#endif +#ifndef LOG_CONS +#define LOG_CONS 0 +#endif +#ifndef LOG_AUTH +#define LOG_AUTH 0 +#endif +#ifndef LOG_AUTHPRIV +#define LOG_AUTHPRIV LOG_AUTH +#endif +#endif + +#ifndef HAVE_OPTARG_DECLARATION +extern char *optarg; +#endif +#ifndef HAVE_OPTIND_DECLARATION +extern int optind; +#endif +#ifndef HAVE_OPTERR_DECLARATION +extern int opterr; +#endif + +#ifndef HAVE___PROGNAME_DECLARATION +extern const char *__progname; +#endif + +void set_progname(char *argv0); + +#ifdef HAVE_PATHS_H +#include <paths.h> +#endif + +#ifndef _PATH_DEVNULL +#define _PATH_DEVNULL "/dev/null" +#endif + +#endif /* __ROKEN_H__ */ diff --git a/crypto/kerberosIV/lib/roken/roken.mak b/crypto/kerberosIV/lib/roken/roken.mak new file mode 100644 index 0000000..d0c4a6f --- /dev/null +++ b/crypto/kerberosIV/lib/roken/roken.mak @@ -0,0 +1,278 @@ +# Microsoft Developer Studio Generated NMAKE File, Format Version 4.10 +# ** DO NOT EDIT ** + +# TARGTYPE "Win32 (x86) Dynamic-Link Library" 0x0102 + +!IF "$(CFG)" == "" +CFG=roken - Win32 Debug +!MESSAGE No configuration specified. Defaulting to roken - Win32 Debug. +!ENDIF + +!IF "$(CFG)" != "roken - Win32 Release" && "$(CFG)" != "roken - Win32 Debug" +!MESSAGE Invalid configuration "$(CFG)" specified. +!MESSAGE You can specify a configuration when running NMAKE on this makefile +!MESSAGE by defining the macro CFG on the command line. For example: +!MESSAGE +!MESSAGE NMAKE /f "roken.mak" CFG="roken - Win32 Debug" +!MESSAGE +!MESSAGE Possible choices for configuration are: +!MESSAGE +!MESSAGE "roken - Win32 Release" (based on "Win32 (x86) Dynamic-Link Library") +!MESSAGE "roken - Win32 Debug" (based on "Win32 (x86) Dynamic-Link Library") +!MESSAGE +!ERROR An invalid configuration is specified. +!ENDIF + +!IF "$(OS)" == "Windows_NT" +NULL= +!ELSE +NULL=nul +!ENDIF +################################################################################ +# Begin Project +# PROP Target_Last_Scanned "roken - Win32 Debug" +RSC=rc.exe +MTL=mktyplib.exe +CPP=cl.exe + +!IF "$(CFG)" == "roken - Win32 Release" + +# PROP BASE Use_MFC 0 +# PROP BASE Use_Debug_Libraries 0 +# PROP BASE Output_Dir "Release" +# PROP BASE Intermediate_Dir "Release" +# PROP BASE Target_Dir "" +# PROP Use_MFC 0 +# PROP Use_Debug_Libraries 0 +# PROP Output_Dir "Release" +# PROP Intermediate_Dir "Release" +# PROP Target_Dir "" +OUTDIR=.\Release +INTDIR=.\Release + +ALL : ".\Release\roken.dll" + +CLEAN : + -@erase ".\Release\gettimeofday.obj" + -@erase ".\Release\roken.dll" + -@erase ".\Release\roken.exp" + -@erase ".\Release\roken.lib" + -@erase ".\Release\strcasecmp.obj" + +"$(OUTDIR)" : + if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)" + +# ADD BASE CPP /nologo /MT /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /YX /c +# ADD CPP /nologo /MT /W3 /GX /O2 /I "..\krb" /I "..\des" /I "..\..\include" /I "..\..\include\win32" /I "." /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D "HAVE_CONFIG_H" /YX /c +CPP_PROJ=/nologo /MT /W3 /GX /O2 /I "..\krb" /I "..\des" /I "..\..\include" /I\ + "..\..\include\win32" /I "." /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D\ + "HAVE_CONFIG_H" /Fp"$(INTDIR)/roken.pch" /YX /Fo"$(INTDIR)/" /c +CPP_OBJS=.\Release/ +CPP_SBRS=.\. +# ADD BASE MTL /nologo /D "NDEBUG" /win32 +# ADD MTL /nologo /D "NDEBUG" /win32 +MTL_PROJ=/nologo /D "NDEBUG" /win32 +# ADD BASE RSC /l 0x409 /d "NDEBUG" +# ADD RSC /l 0x409 /d "NDEBUG" +BSC32=bscmake.exe +# ADD BASE BSC32 /nologo +# ADD BSC32 /nologo +BSC32_FLAGS=/nologo /o"$(OUTDIR)/roken.bsc" +BSC32_SBRS= \ + +LINK32=link.exe +# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /dll /machine:I386 +# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /dll /machine:I386 +LINK32_FLAGS=kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib\ + advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib\ + odbccp32.lib /nologo /subsystem:windows /dll /incremental:no\ + /pdb:"$(OUTDIR)/roken.pdb" /machine:I386 /def:".\roken.def"\ + /out:"$(OUTDIR)/roken.dll" /implib:"$(OUTDIR)/roken.lib" +DEF_FILE= \ + ".\roken.def" +LINK32_OBJS= \ + ".\Release\gettimeofday.obj" \ + ".\Release\strcasecmp.obj" + +".\Release\roken.dll" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS) + $(LINK32) @<< + $(LINK32_FLAGS) $(LINK32_OBJS) +<< + +!ELSEIF "$(CFG)" == "roken - Win32 Debug" + +# PROP BASE Use_MFC 0 +# PROP BASE Use_Debug_Libraries 1 +# PROP BASE Output_Dir "Debug" +# PROP BASE Intermediate_Dir "Debug" +# PROP BASE Target_Dir "" +# PROP Use_MFC 0 +# PROP Use_Debug_Libraries 1 +# PROP Output_Dir "Debug" +# PROP Intermediate_Dir "Debug" +# PROP Target_Dir "" +OUTDIR=.\Debug +INTDIR=.\Debug + +ALL : ".\Debug\roken.dll" + +CLEAN : + -@erase ".\Debug\gettimeofday.obj" + -@erase ".\Debug\roken.dll" + -@erase ".\Debug\roken.exp" + -@erase ".\Debug\roken.ilk" + -@erase ".\Debug\roken.lib" + -@erase ".\Debug\roken.pdb" + -@erase ".\Debug\strcasecmp.obj" + -@erase ".\Debug\vc40.idb" + -@erase ".\Debug\vc40.pdb" + +"$(OUTDIR)" : + if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)" + +# ADD BASE CPP /nologo /MTd /W3 /Gm /GX /Zi /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /YX /c +# ADD CPP /nologo /MTd /W3 /Gm /GX /Zi /Od /I "..\krb" /I "..\des" /I "..\..\include" /I "..\..\include\win32" /I "." /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /D "HAVE_CONFIG_H" /YX /c +CPP_PROJ=/nologo /MTd /W3 /Gm /GX /Zi /Od /I "..\krb" /I "..\des" /I\ + "..\..\include" /I "..\..\include\win32" /I "." /D "_DEBUG" /D "WIN32" /D\ + "_WINDOWS" /D "HAVE_CONFIG_H" /Fp"$(INTDIR)/roken.pch" /YX /Fo"$(INTDIR)/"\ + /Fd"$(INTDIR)/" /c +CPP_OBJS=.\Debug/ +CPP_SBRS=.\. +# ADD BASE MTL /nologo /D "_DEBUG" /win32 +# ADD MTL /nologo /D "_DEBUG" /win32 +MTL_PROJ=/nologo /D "_DEBUG" /win32 +# ADD BASE RSC /l 0x409 /d "_DEBUG" +# ADD RSC /l 0x409 /d "_DEBUG" +BSC32=bscmake.exe +# ADD BASE BSC32 /nologo +# ADD BSC32 /nologo +BSC32_FLAGS=/nologo /o"$(OUTDIR)/roken.bsc" +BSC32_SBRS= \ + +LINK32=link.exe +# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /dll /debug /machine:I386 +# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /dll /debug /machine:I386 +LINK32_FLAGS=kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib\ + advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib\ + odbccp32.lib /nologo /subsystem:windows /dll /incremental:yes\ + /pdb:"$(OUTDIR)/roken.pdb" /debug /machine:I386 /def:".\roken.def"\ + /out:"$(OUTDIR)/roken.dll" /implib:"$(OUTDIR)/roken.lib" +DEF_FILE= \ + ".\roken.def" +LINK32_OBJS= \ + ".\Debug\gettimeofday.obj" \ + ".\Debug\strcasecmp.obj" + +".\Debug\roken.dll" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS) + $(LINK32) @<< + $(LINK32_FLAGS) $(LINK32_OBJS) +<< + +!ENDIF + +.c{$(CPP_OBJS)}.obj: + $(CPP) $(CPP_PROJ) $< + +.cpp{$(CPP_OBJS)}.obj: + $(CPP) $(CPP_PROJ) $< + +.cxx{$(CPP_OBJS)}.obj: + $(CPP) $(CPP_PROJ) $< + +.c{$(CPP_SBRS)}.sbr: + $(CPP) $(CPP_PROJ) $< + +.cpp{$(CPP_SBRS)}.sbr: + $(CPP) $(CPP_PROJ) $< + +.cxx{$(CPP_SBRS)}.sbr: + $(CPP) $(CPP_PROJ) $< + +################################################################################ +# Begin Target + +# Name "roken - Win32 Release" +# Name "roken - Win32 Debug" + +!IF "$(CFG)" == "roken - Win32 Release" + +!ELSEIF "$(CFG)" == "roken - Win32 Debug" + +!ENDIF + +################################################################################ +# Begin Source File + +SOURCE=\TEMP\jimpa3\lib\krb\gettimeofday.c +DEP_CPP_GETTI=\ + "..\..\include\protos.h"\ + "..\..\include\sys/bitypes.h"\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + "..\des\des.h"\ + "..\krb\krb.h"\ + "..\krb\krb_locl.h"\ + "..\krb\prot.h"\ + "..\krb\resolve.h"\ + ".\roken.h"\ + {$(INCLUDE)}"\sys\stat.h"\ + {$(INCLUDE)}"\sys\types.h"\ + + +!IF "$(CFG)" == "roken - Win32 Release" + + +".\Release\gettimeofday.obj" : $(SOURCE) $(DEP_CPP_GETTI) "$(INTDIR)" + $(CPP) $(CPP_PROJ) $(SOURCE) + + +!ELSEIF "$(CFG)" == "roken - Win32 Debug" + + +".\Debug\gettimeofday.obj" : $(SOURCE) $(DEP_CPP_GETTI) "$(INTDIR)" + $(CPP) $(CPP_PROJ) $(SOURCE) + + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\roken.def + +!IF "$(CFG)" == "roken - Win32 Release" + +!ELSEIF "$(CFG)" == "roken - Win32 Debug" + +!ENDIF + +# End Source File +################################################################################ +# Begin Source File + +SOURCE=.\strcasecmp.c +DEP_CPP_STRCA=\ + "..\..\include\sys/cdefs.h"\ + "..\..\include\win32\config.h"\ + {$(INCLUDE)}"\sys\types.h"\ + + +!IF "$(CFG)" == "roken - Win32 Release" + + +".\Release\strcasecmp.obj" : $(SOURCE) $(DEP_CPP_STRCA) "$(INTDIR)" + + +!ELSEIF "$(CFG)" == "roken - Win32 Debug" + + +".\Debug\strcasecmp.obj" : $(SOURCE) $(DEP_CPP_STRCA) "$(INTDIR)" + + +!ENDIF + +# End Source File +# End Target +# End Project +################################################################################ diff --git a/crypto/kerberosIV/lib/roken/setegid.c b/crypto/kerberosIV/lib/roken/setegid.c new file mode 100644 index 0000000..b79bdd5 --- /dev/null +++ b/crypto/kerberosIV/lib/roken/setegid.c @@ -0,0 +1,60 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: setegid.c,v 1.7 1997/04/01 08:19:07 joda Exp $"); +#endif + +#include <unistd.h> + +#include "roken.h" + +int +setegid(int egid) +{ +#ifdef HAVE_SETREGID + return setregid(-1, egid); +#endif + +#ifdef HAVE_SETRESGID + return setresgid(-1, egid, -1); +#endif + + return -1; +} diff --git a/crypto/kerberosIV/lib/roken/setenv.c b/crypto/kerberosIV/lib/roken/setenv.c new file mode 100644 index 0000000..c83591f --- /dev/null +++ b/crypto/kerberosIV/lib/roken/setenv.c @@ -0,0 +1,71 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: setenv.c,v 1.8 1997/05/02 14:29:32 assar Exp $"); +#endif + +#include "roken.h" + +#include <stdlib.h> +#include <string.h> + +/* + * This is the easy way out, use putenv to implement setenv. We might + * leak some memory but that is ok since we are usally about to exec + * anyway. + */ + +int +setenv(const char *var, const char *val, int rewrite) +{ + char *t; + + if (!rewrite && getenv(var) != 0) + return 0; + + asprintf (&t, "%s=%s", var, val); + if (t == NULL) + return -1; + + if (putenv(t) == 0) + return 0; + else + return -1; +} diff --git a/crypto/kerberosIV/lib/roken/seteuid.c b/crypto/kerberosIV/lib/roken/seteuid.c new file mode 100644 index 0000000..b831318 --- /dev/null +++ b/crypto/kerberosIV/lib/roken/seteuid.c @@ -0,0 +1,60 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: seteuid.c,v 1.7 1997/04/01 08:19:08 joda Exp $"); +#endif + +#include <unistd.h> + +#include "roken.h" + +int +seteuid(int euid) +{ +#ifdef HAVE_SETREUID + return setreuid(-1, euid); +#endif + +#ifdef HAVE_SETRESUID + return setresuid(-1, euid, -1); +#endif + + return -1; +} diff --git a/crypto/kerberosIV/lib/roken/signal.c b/crypto/kerberosIV/lib/roken/signal.c new file mode 100644 index 0000000..a39a194 --- /dev/null +++ b/crypto/kerberosIV/lib/roken/signal.c @@ -0,0 +1,86 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: signal.c,v 1.8 1997/04/01 08:19:09 joda Exp $"); +#endif + +#include <signal.h> + +/* + * We would like to always use this signal but there is a link error + * on NEXTSTEP + */ +#ifndef NeXT +/* + * Bugs: + * + * Do we need any extra hacks for SIGCLD and/or SIGCHLD? + */ + +typedef RETSIGTYPE (*SigAction)(/* int??? */); + +SigAction +signal(int iSig, SigAction pAction) +{ + struct sigaction saNew, saOld; + + saNew.sa_handler = pAction; + sigemptyset(&saNew.sa_mask); + saNew.sa_flags = 0; + + if (iSig == SIGALRM) + { +#ifdef SA_INTERRUPT + saNew.sa_flags |= SA_INTERRUPT; +#endif + } + else + { +#ifdef SA_RESTART + saNew.sa_flags |= SA_RESTART; +#endif + } + + if (sigaction(iSig, &saNew, &saOld) < 0) + return(SIG_ERR); + + return(saOld.sa_handler); +} +#endif diff --git a/crypto/kerberosIV/lib/roken/snprintf.c b/crypto/kerberosIV/lib/roken/snprintf.c new file mode 100644 index 0000000..b0757e5 --- /dev/null +++ b/crypto/kerberosIV/lib/roken/snprintf.c @@ -0,0 +1,520 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: snprintf.c,v 1.13 1997/05/25 02:00:31 assar Exp $"); +#endif +#include <stdio.h> +#include <stdarg.h> +#include <stdlib.h> +#include <string.h> +#include <ctype.h> +#include <roken.h> + +/* + * Common state + */ + +struct state { + char *str; + char *s; + char *theend; + size_t sz; + size_t max_sz; + int (*append_char)(struct state *, char); + int (*reserve)(struct state *, size_t); + /* XXX - methods */ +}; + +static int +sn_reserve (struct state *state, size_t n) +{ + return state->s + n > state->theend; +} + +static int +sn_append_char (struct state *state, char c) +{ + if (sn_reserve (state, 1)) { + *state->s++ = '\0'; + return 1; + } else { + *state->s++ = c; + return 0; + } +} + +static int +as_reserve (struct state *state, size_t n) +{ + while (state->s + n > state->theend) { + int off = state->s - state->str; + char *tmp; + + if (state->max_sz && state->sz >= state->max_sz) + return 1; + + if (state->max_sz) + state->sz = min(state->max_sz, state->sz*2); + else + state->sz *= 2; + tmp = realloc (state->str, state->sz); + if (tmp == NULL) + return 1; + state->str = tmp; + state->s = state->str + off; + state->theend = state->str + state->sz - 1; + } + return 0; +} + +static int +as_append_char (struct state *state, char c) +{ + if(as_reserve (state, 1)) + return 1; + else { + *state->s++ = c; + return 0; + } +} + +static int +append_number (struct state *state, + unsigned long num, unsigned base, char *rep, + int width, int zerop, int minusp) +{ + int i, len; + + len = 0; + if (num == 0) { + ++len; + if((*state->append_char) (state, '0')) + return 1; + } + while (num > 0) { + ++len; + if ((*state->append_char) (state, rep[num % base])) + return 1; + num /= base; + } + if (minusp) { + ++len; + if ((*state->append_char) (state, '-')) + return 1; + } + + for (i = 0; i < len / 2; ++i) { + char c; + + c = state->s[-i-1]; + state->s[-i-1] = state->s[-len+i]; + state->s[-len+i] = c; + } + + if (width > len) { + if ((*state->reserve) (state, width - len)) + return 1; + +#ifdef HAVE_MEMMOVE + memmove (state->s + width - 2 * len, state->s - len, len); +#else + bcopy (state->s - len, state->s + width - 2 * len, len); +#endif + for (i = 0; i < width - len; ++i) + state->s[-len+i] = (zerop ? '0' : ' '); + state->s += width - len; + + } + return 0; +} + +static int +append_string (struct state *state, + char *arg, + int prec) +{ + if (prec) { + while (*arg && prec--) + if ((*state->append_char) (state, *arg++)) + return 1; + } else { + while (*arg) + if ((*state->append_char) (state, *arg++)) + return 1; + } + return 0; +} + +/* + * This can't be made into a function... + */ + +#define PARSE_INT_FORMAT(res, arg, unsig) \ +if (long_flag) \ + res = va_arg(arg, unsig long); \ +else if (short_flag) \ + res = va_arg(arg, unsig short); \ +else \ + res = va_arg(arg, unsig int) + +/* + * zyxprintf - return 0 or -1 + */ + +static int +xyzprintf (struct state *state, const char *format, va_list ap) +{ + char c; + + while((c = *format++)) { + if (c == '%') { + int zerop = 0; + int width = 0; + int prec = 0; + int long_flag = 0; + int short_flag = 0; + + c = *format++; + + /* flags */ + if (c == '0') { + zerop = 1; + c = *format++; + } + + /* width */ + if (isdigit(c)) + do { + width = width * 10 + c - '0'; + c = *format++; + } while(isdigit(c)); + else if(c == '*') { + width = va_arg(ap, int); + c = *format++; + } + + /* precision */ + if (c == '.') { + c = *format++; + if (isdigit(c)) + do { + prec = prec * 10 + c - '0'; + c = *format++; + } while(isdigit(c)); + else if (c == '*') { + prec = va_arg(ap, int); + c = *format++; + } + } + + /* size */ + + if (c == 'h') { + short_flag = 1; + c = *format++; + } else if (c == 'l') { + long_flag = 1; + c = *format++; + } + + switch (c) { + case 'c' : + if ((*state->append_char)(state, (unsigned char)va_arg(ap, int))) + return -1; + break; + case 's' : + if (append_string(state, + va_arg(ap, char*), + prec)) + return -1; + break; + case 'd' : + case 'i' : { + long arg; + unsigned long num; + int minusp = 0; + + PARSE_INT_FORMAT(arg, ap, ); + + if (arg < 0) { + minusp = 1; + num = -arg; + } else + num = arg; + + if (append_number (state, num, 10, "0123456789", + width, zerop, minusp)) + return -1; + break; + } + case 'u' : { + unsigned long arg; + + PARSE_INT_FORMAT(arg, ap, unsigned); + + if (append_number (state, arg, 10, "0123456789", + width, zerop, 0)) + return -1; + break; + } + case 'o' : { + unsigned long arg; + + PARSE_INT_FORMAT(arg, ap, unsigned); + + if (append_number (state, arg, 010, "01234567", + width, zerop, 0)) + return -1; + break; + } + case 'x' : { + unsigned long arg; + + PARSE_INT_FORMAT(arg, ap, unsigned); + + if (append_number (state, arg, 0x10, "0123456789abcdef", + width, zerop, 0)) + return -1; + break; + } + case 'X' :{ + unsigned long arg; + + PARSE_INT_FORMAT(arg, ap, unsigned); + + if (append_number (state, arg, 0x10, "0123456789ABCDEF", + width, zerop, 0)) + return -1; + break; + } + case 'p' : { + unsigned long arg = (unsigned long)va_arg(ap, void*); + + if (append_number (state, arg, 0x10, "0123456789ABCDEF", + width, zerop, 0)) + return -1; + break; + } + case '%' : + if ((*state->append_char)(state, c)) + return -1; + break; + default : + if ( (*state->append_char)(state, '%') + || (*state->append_char)(state, c)) + return -1; + break; + } + } else + if ((*state->append_char) (state, c)) + return -1; + } + return 0; +} + +#ifndef HAVE_SNPRINTF +int +snprintf (char *str, size_t sz, const char *format, ...) +{ + va_list args; + int ret; + + va_start(args, format); + ret = vsnprintf (str, sz, format, args); + +#ifdef PARANOIA + { + int ret2; + char *tmp; + + tmp = malloc (sz); + if (tmp == NULL) + abort (); + + ret2 = vsprintf (tmp, format, args); + if (ret != ret2 || strcmp(str, tmp)) + abort (); + free (tmp); + } +#endif + + va_end(args); + return ret; +} +#endif + +#ifndef HAVE_ASPRINTF +int +asprintf (char **ret, const char *format, ...) +{ + va_list args; + int val; + + va_start(args, format); + val = vasprintf (ret, format, args); + +#ifdef PARANOIA + { + int ret2; + char *tmp; + tmp = malloc (val + 1); + if (tmp == NULL) + abort (); + + ret2 = vsprintf (tmp, format, args); + if (val != ret2 || strcmp(*ret, tmp)) + abort (); + free (tmp); + } +#endif + + va_end(args); + return val; +} +#endif + +#ifndef HAVE_ASNPRINTF +int +asnprintf (char **ret, size_t max_sz, const char *format, ...) +{ + va_list args; + int val; + + va_start(args, format); + val = vasnprintf (ret, max_sz, format, args); + +#ifdef PARANOIA + { + int ret2; + char *tmp; + tmp = malloc (val + 1); + if (tmp == NULL) + abort (); + + ret2 = vsprintf (tmp, format, args); + if (val != ret2 || strcmp(*ret, tmp)) + abort (); + free (tmp); + } +#endif + + va_end(args); + return val; +} +#endif + +#ifndef HAVE_VASPRINTF +int +vasprintf (char **ret, const char *format, va_list args) +{ + return vasnprintf (ret, 0, format, args); +} +#endif + + +#ifndef HAVE_VASNPRINTF +int +vasnprintf (char **ret, size_t max_sz, const char *format, va_list args) +{ + int st; + size_t len; + struct state state; + + state.max_sz = max_sz; + if (max_sz) + state.sz = min(1, max_sz); + else + state.sz = 1; + state.str = malloc(state.sz); + if (state.str == NULL) { + *ret = NULL; + return -1; + } + state.s = state.str; + state.theend = state.s + state.sz - 1; + state.append_char = as_append_char; + state.reserve = as_reserve; + + st = xyzprintf (&state, format, args); + if (st) { + free (state.str); + *ret = NULL; + return -1; + } else { + char *tmp; + + *state.s = '\0'; + len = state.s - state.str; + tmp = realloc (state.str, len+1); + if (state.str == NULL) { + free (state.str); + *ret = NULL; + return -1; + } + *ret = tmp; + return len; + } +} +#endif + +#ifndef HAVE_VSNPRINTF +int +vsnprintf (char *str, size_t sz, const char *format, va_list args) +{ + struct state state; + int ret; + + state.max_sz = 0; + state.sz = sz; + state.str = str; + state.s = str; + state.theend = str + sz - 1; + state.append_char = sn_append_char; + state.reserve = sn_reserve; + + ret = xyzprintf (&state, format, args); + *state.s = '\0'; + if (ret) + return sz; + else + return state.s - state.str; +} +#endif + diff --git a/crypto/kerberosIV/lib/roken/strcasecmp.c b/crypto/kerberosIV/lib/roken/strcasecmp.c new file mode 100644 index 0000000..a268c29 --- /dev/null +++ b/crypto/kerberosIV/lib/roken/strcasecmp.c @@ -0,0 +1,118 @@ +/* + * Copyright (c) 1987, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: strcasecmp.c,v 1.3 1997/04/20 18:04:23 assar Exp $"); +#endif + +#include <string.h> +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#include <sys/cdefs.h> + +#if defined(LIBC_SCCS) && !defined(lint) +static char sccsid[] = "@(#)strcasecmp.c 8.1 (Berkeley) 6/4/93"; +#endif /* LIBC_SCCS and not lint */ + +/* + * This array is designed for mapping upper and lower case letter + * together for a case independent comparison. The mappings are + * based upon ascii character sequences. + */ +static const unsigned char charmap[] = { + '\000', '\001', '\002', '\003', '\004', '\005', '\006', '\007', + '\010', '\011', '\012', '\013', '\014', '\015', '\016', '\017', + '\020', '\021', '\022', '\023', '\024', '\025', '\026', '\027', + '\030', '\031', '\032', '\033', '\034', '\035', '\036', '\037', + '\040', '\041', '\042', '\043', '\044', '\045', '\046', '\047', + '\050', '\051', '\052', '\053', '\054', '\055', '\056', '\057', + '\060', '\061', '\062', '\063', '\064', '\065', '\066', '\067', + '\070', '\071', '\072', '\073', '\074', '\075', '\076', '\077', + '\100', '\141', '\142', '\143', '\144', '\145', '\146', '\147', + '\150', '\151', '\152', '\153', '\154', '\155', '\156', '\157', + '\160', '\161', '\162', '\163', '\164', '\165', '\166', '\167', + '\170', '\171', '\172', '\133', '\134', '\135', '\136', '\137', + '\140', '\141', '\142', '\143', '\144', '\145', '\146', '\147', + '\150', '\151', '\152', '\153', '\154', '\155', '\156', '\157', + '\160', '\161', '\162', '\163', '\164', '\165', '\166', '\167', + '\170', '\171', '\172', '\173', '\174', '\175', '\176', '\177', + '\200', '\201', '\202', '\203', '\204', '\205', '\206', '\207', + '\210', '\211', '\212', '\213', '\214', '\215', '\216', '\217', + '\220', '\221', '\222', '\223', '\224', '\225', '\226', '\227', + '\230', '\231', '\232', '\233', '\234', '\235', '\236', '\237', + '\240', '\241', '\242', '\243', '\244', '\245', '\246', '\247', + '\250', '\251', '\252', '\253', '\254', '\255', '\256', '\257', + '\260', '\261', '\262', '\263', '\264', '\265', '\266', '\267', + '\270', '\271', '\272', '\273', '\274', '\275', '\276', '\277', + '\300', '\301', '\302', '\303', '\304', '\305', '\306', '\307', + '\310', '\311', '\312', '\313', '\314', '\315', '\316', '\317', + '\320', '\321', '\322', '\323', '\324', '\325', '\326', '\327', + '\330', '\331', '\332', '\333', '\334', '\335', '\336', '\337', + '\340', '\341', '\342', '\343', '\344', '\345', '\346', '\347', + '\350', '\351', '\352', '\353', '\354', '\355', '\356', '\357', + '\360', '\361', '\362', '\363', '\364', '\365', '\366', '\367', + '\370', '\371', '\372', '\373', '\374', '\375', '\376', '\377', +}; + +int +strcasecmp(const char *s1, const char *s2) +{ + const unsigned char *cm = charmap, + *us1 = (const unsigned char *)s1, + *us2 = (const unsigned char *)s2; + + while (cm[*us1] == cm[*us2++]) + if (*us1++ == '\0') + return (0); + return (cm[*us1] - cm[*--us2]); +} + +int +strncasecmp(const char *s1, const char *s2, size_t n) +{ + if (n != 0) { + const unsigned char *cm = charmap, + *us1 = (const unsigned char *)s1, + *us2 = (const unsigned char *)s2; + + do { + if (cm[*us1] != cm[*us2++]) + return (cm[*us1] - cm[*--us2]); + if (*us1++ == '\0') + break; + } while (--n != 0); + } + return (0); +} diff --git a/crypto/kerberosIV/lib/roken/strdup.c b/crypto/kerberosIV/lib/roken/strdup.c new file mode 100644 index 0000000..b16992f --- /dev/null +++ b/crypto/kerberosIV/lib/roken/strdup.c @@ -0,0 +1,55 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: strdup.c,v 1.9 1997/04/01 08:19:10 joda Exp $"); +#endif +#include <stdlib.h> +#include <string.h> + +#ifndef HAVE_STRDUP +char * +strdup(const char *old) +{ + char *t = malloc(strlen(old)+1); + if (t != 0) + strcpy(t, old); + return t; +} +#endif diff --git a/crypto/kerberosIV/lib/roken/strerror.c b/crypto/kerberosIV/lib/roken/strerror.c new file mode 100644 index 0000000..3d7b45c --- /dev/null +++ b/crypto/kerberosIV/lib/roken/strerror.c @@ -0,0 +1,62 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: strerror.c,v 1.8 1997/05/02 14:29:33 assar Exp $"); +#endif + +#include <stdio.h> +#include <string.h> +#include <errno.h> + +extern int sys_nerr; +extern char *sys_errlist[]; + +char* +strerror(int eno) +{ + static char emsg[1024]; + + if(eno < 0 || eno >= sys_nerr) + snprintf(emsg, sizeof(emsg), "Error %d occurred.", eno); + else + strcpy(emsg, sys_errlist[eno]); + + return emsg; +} diff --git a/crypto/kerberosIV/lib/roken/strftime.c b/crypto/kerberosIV/lib/roken/strftime.c new file mode 100644 index 0000000..3473778 --- /dev/null +++ b/crypto/kerberosIV/lib/roken/strftime.c @@ -0,0 +1,299 @@ +/* + * Copyright (c) 1989, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include <sys/types.h> +#ifdef TIME_WITH_SYS_TIME +#include <sys/time.h> +#include <time.h> +#elif defined(HAVE_SYS_TIME_H) +#include <sys/time.h> +#else +#include <time.h> +#endif +#define TM_YEAR_BASE 1900 /* from <tzfile.h> */ +#include <string.h> + +static char *afmt[] = { + "Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat", +}; +static char *Afmt[] = { + "Sunday", "Monday", "Tuesday", "Wednesday", "Thursday", "Friday", + "Saturday", +}; +static char *bfmt[] = { + "Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep", + "Oct", "Nov", "Dec", +}; +static char *Bfmt[] = { + "January", "February", "March", "April", "May", "June", "July", + "August", "September", "October", "November", "December", +}; + +static size_t gsize; +static char *pt; + +static int _add (char *); +static int _conv (int, int, int); +#ifdef HAVE_MKTIME +static int _secs (const struct tm *); +#endif /* HAVE_MKTIME */ +static size_t _fmt (const char *, const struct tm *); + +size_t +strftime(char *s, size_t maxsize, const char *format, const struct tm *t) +{ + + pt = s; + if ((gsize = maxsize) < 1) + return(0); + if (_fmt(format, t)) { + *pt = '\0'; + return(maxsize - gsize); + } + return(0); +} + +static size_t +_fmt(const char *format, const struct tm *t) +{ + for (; *format; ++format) { + if (*format == '%') + switch(*++format) { + case '\0': + --format; + break; + case 'A': + if (t->tm_wday < 0 || t->tm_wday > 6) + return(0); + if (!_add(Afmt[t->tm_wday])) + return(0); + continue; + case 'a': + if (t->tm_wday < 0 || t->tm_wday > 6) + return(0); + if (!_add(afmt[t->tm_wday])) + return(0); + continue; + case 'B': + if (t->tm_mon < 0 || t->tm_mon > 11) + return(0); + if (!_add(Bfmt[t->tm_mon])) + return(0); + continue; + case 'b': + case 'h': + if (t->tm_mon < 0 || t->tm_mon > 11) + return(0); + if (!_add(bfmt[t->tm_mon])) + return(0); + continue; + case 'C': + if (!_fmt("%a %b %e %H:%M:%S %Y", t)) + return(0); + continue; + case 'c': + if (!_fmt("%m/%d/%y %H:%M:%S", t)) + return(0); + continue; + case 'D': + if (!_fmt("%m/%d/%y", t)) + return(0); + continue; + case 'd': + if (!_conv(t->tm_mday, 2, '0')) + return(0); + continue; + case 'e': + if (!_conv(t->tm_mday, 2, ' ')) + return(0); + continue; + case 'H': + if (!_conv(t->tm_hour, 2, '0')) + return(0); + continue; + case 'I': + if (!_conv(t->tm_hour % 12 ? + t->tm_hour % 12 : 12, 2, '0')) + return(0); + continue; + case 'j': + if (!_conv(t->tm_yday + 1, 3, '0')) + return(0); + continue; + case 'k': + if (!_conv(t->tm_hour, 2, ' ')) + return(0); + continue; + case 'l': + if (!_conv(t->tm_hour % 12 ? + t->tm_hour % 12 : 12, 2, ' ')) + return(0); + continue; + case 'M': + if (!_conv(t->tm_min, 2, '0')) + return(0); + continue; + case 'm': + if (!_conv(t->tm_mon + 1, 2, '0')) + return(0); + continue; + case 'n': + if (!_add("\n")) + return(0); + continue; + case 'p': + if (!_add(t->tm_hour >= 12 ? "PM" : "AM")) + return(0); + continue; + case 'R': + if (!_fmt("%H:%M", t)) + return(0); + continue; + case 'r': + if (!_fmt("%I:%M:%S %p", t)) + return(0); + continue; + case 'S': + if (!_conv(t->tm_sec, 2, '0')) + return(0); + continue; +#ifdef HAVE_MKTIME + case 's': + if (!_secs(t)) + return(0); + continue; +#endif /* HAVE_MKTIME */ + case 'T': + case 'X': + if (!_fmt("%H:%M:%S", t)) + return(0); + continue; + case 't': + if (!_add("\t")) + return(0); + continue; + case 'U': + if (!_conv((t->tm_yday + 7 - t->tm_wday) / 7, + 2, '0')) + return(0); + continue; + case 'W': + if (!_conv((t->tm_yday + 7 - + (t->tm_wday ? (t->tm_wday - 1) : 6)) + / 7, 2, '0')) + return(0); + continue; + case 'w': + if (!_conv(t->tm_wday, 1, '0')) + return(0); + continue; + case 'x': + if (!_fmt("%m/%d/%y", t)) + return(0); + continue; + case 'y': + if (!_conv((t->tm_year + TM_YEAR_BASE) + % 100, 2, '0')) + return(0); + continue; + case 'Y': + if (!_conv(t->tm_year + TM_YEAR_BASE, 4, '0')) + return(0); + continue; +#ifdef notdef + case 'Z': + if (!t->tm_zone || !_add(t->tm_zone)) + return(0); + continue; +#endif + case '%': + /* + * X311J/88-090 (4.12.3.5): if conversion char is + * undefined, behavior is undefined. Print out the + * character itself as printf(3) does. + */ + default: + break; + } + if (!gsize--) + return(0); + *pt++ = *format; + } + return(gsize); +} + +#ifdef HAVE_MKTIME +static int +_secs(const struct tm *t) +{ + static char buf[15]; + time_t s; + char *p; + struct tm tmp; + + /* Make a copy, mktime(3) modifies the tm struct. */ + tmp = *t; + s = mktime(&tmp); + for (p = buf + sizeof(buf) - 2; s > 0 && p > buf; s /= 10) + *p-- = s % 10 + '0'; + return(_add(++p)); +} +#endif /* HAVE_MKTIME */ + +static int +_conv(int n, int digits, int pad) +{ + static char buf[10]; + char *p; + + for (p = buf + sizeof(buf) - 2; n > 0 && p > buf; n /= 10, --digits) + *p-- = n % 10 + '0'; + while (p > buf && digits-- > 0) + *p-- = pad; + return(_add(++p)); +} + +static int +_add(str) + char *str; +{ + for (;; ++pt, --gsize) { + if (!gsize) + return(0); + if (!(*pt = *str++)) + return(1); + } +} diff --git a/crypto/kerberosIV/lib/roken/strlwr.c b/crypto/kerberosIV/lib/roken/strlwr.c new file mode 100644 index 0000000..0222d8c --- /dev/null +++ b/crypto/kerberosIV/lib/roken/strlwr.c @@ -0,0 +1,58 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: strlwr.c,v 1.3 1997/04/01 08:19:11 joda Exp $"); +#endif +#include <string.h> +#include <ctype.h> + +#include <roken.h> + +#ifndef HAVE_STRLWR +char * +strlwr(char *str) +{ + char *s; + + for(s = str; *s; s++) + *s = tolower(*s); + return str; +} +#endif diff --git a/crypto/kerberosIV/lib/roken/strnlen.c b/crypto/kerberosIV/lib/roken/strnlen.c new file mode 100644 index 0000000..51588f6 --- /dev/null +++ b/crypto/kerberosIV/lib/roken/strnlen.c @@ -0,0 +1,53 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: strnlen.c,v 1.5 1997/04/01 08:19:11 joda Exp $"); +#endif + +#include "roken.h" + +int +strnlen(char *s, int len) +{ + int i; + for(i = 0; i < len && s[i]; i++) + ; + return i; +} diff --git a/crypto/kerberosIV/lib/roken/strtok_r.c b/crypto/kerberosIV/lib/roken/strtok_r.c new file mode 100644 index 0000000..49164d9 --- /dev/null +++ b/crypto/kerberosIV/lib/roken/strtok_r.c @@ -0,0 +1,70 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: strtok_r.c,v 1.4 1997/05/19 03:05:47 assar Exp $"); +#endif + +#include <string.h> + +#include "roken.h" + +#ifndef HAVE_STRTOK_R + +char * +strtok_r(char *s1, const char *s2, char **lasts) +{ + char *ret; + + if (s1 == NULL) + s1 = *lasts; + while(*s1 && strchr(s2, *s1)) + ++s1; + if(*s1 == '\0') + return NULL; + ret = s1; + while(*s1 && !strchr(s2, *s1)) + ++s1; + if(*s1) + *s1++ = '\0'; + *lasts = s1; + return ret; +} + +#endif /* HAVE_STRTOK_R */ diff --git a/crypto/kerberosIV/lib/roken/strupr.c b/crypto/kerberosIV/lib/roken/strupr.c new file mode 100644 index 0000000..c5674f7 --- /dev/null +++ b/crypto/kerberosIV/lib/roken/strupr.c @@ -0,0 +1,58 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: strupr.c,v 1.3 1997/04/01 08:19:13 joda Exp $"); +#endif +#include <string.h> +#include <ctype.h> + +#include <roken.h> + +#ifndef HAVE_STRUPR +char * +strupr(char *str) +{ + char *s; + + for(s = str; *s; s++) + *s = toupper(*s); + return str; +} +#endif diff --git a/crypto/kerberosIV/lib/roken/tm2time.c b/crypto/kerberosIV/lib/roken/tm2time.c new file mode 100644 index 0000000..f4423ff --- /dev/null +++ b/crypto/kerberosIV/lib/roken/tm2time.c @@ -0,0 +1,66 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: tm2time.c,v 1.6 1997/04/20 05:51:30 assar Exp $"); +#endif + +#ifdef TIME_WITH_SYS_TIME +#include <sys/time.h> +#include <time.h> +#elif defined(HAVE_SYS_TIME_H) +#include <sys/time.h> +#else +#include <time.h> +#endif +#include "roken.h" + +time_t +tm2time (struct tm tm, int local) +{ + time_t t; + + tm.tm_isdst = -1; + + t = mktime (&tm); + + if (!local) + t += t - mktime (gmtime (&t)); + return t; +} diff --git a/crypto/kerberosIV/lib/roken/unsetenv.c b/crypto/kerberosIV/lib/roken/unsetenv.c new file mode 100644 index 0000000..67fb750 --- /dev/null +++ b/crypto/kerberosIV/lib/roken/unsetenv.c @@ -0,0 +1,75 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: unsetenv.c,v 1.6 1997/04/01 08:19:14 joda Exp $"); +#endif + +#include <stdlib.h> +#include <string.h> + +#include "roken.h" + +extern char **environ; + +/* + * unsetenv -- + */ +void +unsetenv(const char *name) +{ + int len; + const char *np; + char **p; + + if (name == 0 || environ == 0) + return; + + for (np = name; *np && *np != '='; np++) + /* nop */; + len = np - name; + + for (p = environ; *p != 0; p++) + if (strncmp(*p, name, len) == 0 && (*p)[len] == '=') + break; + + for (; *p != 0; p++) + *p = *(p + 1); +} + diff --git a/crypto/kerberosIV/lib/roken/verify.c b/crypto/kerberosIV/lib/roken/verify.c new file mode 100644 index 0000000..65eafcc --- /dev/null +++ b/crypto/kerberosIV/lib/roken/verify.c @@ -0,0 +1,67 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: verify.c,v 1.12 1997/04/01 08:19:15 joda Exp $"); +#endif + +#include <stdio.h> +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif +#ifdef HAVE_CRYPT_H +#include <crypt.h> +#endif +#include "roken.h" + +int +unix_verify_user(char *user, char *password) +{ + struct passwd *pw; + + pw = k_getpwnam(user); + if(pw == NULL) + return -1; + if(strlen(pw->pw_passwd) == 0 && strlen(password) == 0) + return 0; + if(strcmp(crypt(password, pw->pw_passwd), pw->pw_passwd) == 0) + return 0; + return -1; +} + diff --git a/crypto/kerberosIV/lib/roken/verr.c b/crypto/kerberosIV/lib/roken/verr.c new file mode 100644 index 0000000..f5d8f25 --- /dev/null +++ b/crypto/kerberosIV/lib/roken/verr.c @@ -0,0 +1,50 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: verr.c,v 1.6 1997/03/30 08:05:38 joda Exp $"); +#endif + +#include "err.h" + +void +verr(int eval, const char *fmt, va_list ap) +{ + warnerr(1, eval, 1, fmt, ap); +} diff --git a/crypto/kerberosIV/lib/roken/verrx.c b/crypto/kerberosIV/lib/roken/verrx.c new file mode 100644 index 0000000..bc25aa0 --- /dev/null +++ b/crypto/kerberosIV/lib/roken/verrx.c @@ -0,0 +1,50 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: verrx.c,v 1.6 1997/03/30 08:05:39 joda Exp $"); +#endif + +#include "err.h" + +void +verrx(int eval, const char *fmt, va_list ap) +{ + warnerr(1, eval, 0, fmt, ap); +} diff --git a/crypto/kerberosIV/lib/roken/vwarn.c b/crypto/kerberosIV/lib/roken/vwarn.c new file mode 100644 index 0000000..144dd08 --- /dev/null +++ b/crypto/kerberosIV/lib/roken/vwarn.c @@ -0,0 +1,50 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: vwarn.c,v 1.6 1997/03/30 08:05:39 joda Exp $"); +#endif + +#include "err.h" + +void +vwarn(const char *fmt, va_list ap) +{ + warnerr(0, 0, 1, fmt, ap); +} diff --git a/crypto/kerberosIV/lib/roken/vwarnx.c b/crypto/kerberosIV/lib/roken/vwarnx.c new file mode 100644 index 0000000..540c2a6 --- /dev/null +++ b/crypto/kerberosIV/lib/roken/vwarnx.c @@ -0,0 +1,51 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: vwarnx.c,v 1.6 1997/03/30 08:05:40 joda Exp $"); +#endif + +#include "err.h" + +void +vwarnx(const char *fmt, va_list ap) +{ + warnerr(0, 0, 0, fmt, ap); +} + diff --git a/crypto/kerberosIV/lib/roken/warn.c b/crypto/kerberosIV/lib/roken/warn.c new file mode 100644 index 0000000..5af5d8d --- /dev/null +++ b/crypto/kerberosIV/lib/roken/warn.c @@ -0,0 +1,53 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: warn.c,v 1.5 1997/03/30 08:05:40 joda Exp $"); +#endif + +#include "err.h" + +void +warn(const char *fmt, ...) +{ + va_list ap; + va_start(ap, fmt); + vwarn(fmt, ap); + va_end(ap); +} diff --git a/crypto/kerberosIV/lib/roken/warnerr.c b/crypto/kerberosIV/lib/roken/warnerr.c new file mode 100644 index 0000000..61fa26a --- /dev/null +++ b/crypto/kerberosIV/lib/roken/warnerr.c @@ -0,0 +1,86 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: warnerr.c,v 1.6 1997/04/02 14:59:54 bg Exp $"); +#endif + +#include "roken.h" +#include "err.h" + +#ifndef HAVE___PROGNAME +const char *__progname; +#endif + +void +set_progname(char *argv0) +{ +#ifndef HAVE___PROGNAME + char *p; + if(argv0 == NULL) + return; + p = strrchr(argv0, '/'); + if(p == NULL) + p = argv0; + else + p++; + __progname = p; +#endif +} + +void +warnerr(int doexit, int eval, int doerrno, const char *fmt, va_list ap) +{ + int sverrno = errno; + if(__progname != NULL){ + fprintf(stderr, "%s", __progname); + if(fmt != NULL || doerrno) + fprintf(stderr, ": "); + } + if (fmt != NULL){ + vfprintf(stderr, fmt, ap); + if(doerrno) + fprintf(stderr, ": "); + } + if(doerrno) + fprintf(stderr, "%s", strerror(sverrno)); + fprintf(stderr, "\n"); + if(doexit) + exit(eval); +} diff --git a/crypto/kerberosIV/lib/roken/warnx.c b/crypto/kerberosIV/lib/roken/warnx.c new file mode 100644 index 0000000..bf7b076 --- /dev/null +++ b/crypto/kerberosIV/lib/roken/warnx.c @@ -0,0 +1,53 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: warnx.c,v 1.5 1997/03/30 08:05:41 joda Exp $"); +#endif + +#include "err.h" + +void +warnx(const char *fmt, ...) +{ + va_list ap; + va_start(ap, fmt); + vwarnx(fmt, ap); + va_end(ap); +} diff --git a/crypto/kerberosIV/lib/roken/xdbm.h b/crypto/kerberosIV/lib/roken/xdbm.h new file mode 100644 index 0000000..c3e4781 --- /dev/null +++ b/crypto/kerberosIV/lib/roken/xdbm.h @@ -0,0 +1,75 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: xdbm.h,v 1.2 1997/04/01 08:19:16 joda Exp $ */ + +/* Generic *dbm include file */ + +#ifndef __XDBM_H__ +#define __XDBM_H__ + +#ifdef HAVE_NDBM_H +#include <ndbm.h> +#elif defined(HAVE_DBM_H) +#include <dbm.h> +#elif defined(HAVE_RPCSVC_DBM_H) +#include <rpcsvc/dbm.h> +#endif + +/* Macros to convert ndbm names to dbm names. + * Note that dbm_nextkey() cannot be simply converted using a macro, since + * it is invoked giving the database, and nextkey() needs the previous key. + * + * Instead, all routines call "dbm_next" instead. + */ + +#ifndef NDBM +typedef char DBM; + +#define dbm_open(file, flags, mode) ((dbminit(file) == 0)?"":((char *)0)) +#define dbm_fetch(db, key) fetch(key) +#define dbm_store(db, key, content, flag) store(key, content) +#define dbm_delete(db, key) delete(key) +#define dbm_firstkey(db) firstkey() +#define dbm_next(db,key) nextkey(key) +#define dbm_close(db) dbmclose() +#else +#define dbm_next(db,key) dbm_nextkey(db) +#endif + +#endif /* __XDBM_H__ */ diff --git a/crypto/kerberosIV/lib/sl/Makefile.in b/crypto/kerberosIV/lib/sl/Makefile.in new file mode 100644 index 0000000..b89799b --- /dev/null +++ b/crypto/kerberosIV/lib/sl/Makefile.in @@ -0,0 +1,84 @@ +# +# $Id: Makefile.in,v 1.8 1997/05/06 03:47:56 assar Exp $ +# + +SHELL = /bin/sh + +srcdir = @srcdir@ +VPATH = @srcdir@ + +CC = @CC@ +AR = ar +RANLIB = @RANLIB@ +DEFS = @DEFS@ +CFLAGS = @CFLAGS@ + +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +MKINSTALLDIRS = @top_srcdir@/mkinstalldirs + +prefix = @prefix@ +exec_prefix = @exec_prefix@ +libdir = @libdir@ + +PICFLAGS = @PICFLAGS@ + +LIBNAME = $(LIBPREFIX)sl +LIBEXT = @LIBEXT@ +SHLIBEXT = @SHLIBEXT@ +LIBPREFIX = @LIBPREFIX@ +LDSHARED = @LDSHARED@ +LIB = $(LIBNAME).$(LIBEXT) +PROGS = + +LIB_SOURCES = sl.c + +SOURCES = $(LIB_SOURCES) + +LIB_OBJECTS = sl.o + +OBJECTS = $(LIB_OBJECTS) + +all: $(LIB) $(PROGS) + +Wall: + make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" + +.c.o: + $(CC) -c $(CPPFLAGS) $(DEFS) -I../../include -I$(srcdir) -I$(srcdir)/../des $(CFLAGS) $(PICFLAGS) $< + +install: all + $(MKINSTALLDIRS) $(libdir) + $(INSTALL_DATA) -m 0555 $(LIB) $(libdir) + +uninstall: + rm -f $(libdir)/$(LIB) + +TAGS: $(SOURCES) + etags $(SOURCES) + +check: + +clean: + rm -f $(LIB) $(PROGS) *.o *.a + +mostlyclean: clean + +distclean: clean + rm -f Makefile *~ + +realclean: distclean + rm -f TAGS + +$(LIBNAME).a: $(LIB_OBJECTS) + rm -f $@ + $(AR) cr $@ $(LIB_OBJECTS) + -$(RANLIB) $@ + +$(LIBNAME).$(SHLIBEXT): $(LIB_OBJECTS) + rm -f $@ + $(LDSHARED) -o $@ $(LIB_OBJECTS) + +$(OBJECTS): ../../include/config.h + +.PHONY: all install uninstall check clean mostlyclean distclean realclean diff --git a/crypto/kerberosIV/lib/sl/sl.c b/crypto/kerberosIV/lib/sl/sl.c new file mode 100644 index 0000000..adf71f5 --- /dev/null +++ b/crypto/kerberosIV/lib/sl/sl.c @@ -0,0 +1,190 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: sl.c,v 1.12 1997/06/01 03:15:07 assar Exp $"); +#endif + +#include "sl_locl.h" + +static SL_cmd * +sl_match (SL_cmd *cmds, char *cmd, int exactp) +{ + SL_cmd *c, *current = NULL, *partial_cmd = NULL; + int partial_match = 0; + + for (c = cmds; c->name; ++c) { + if (c->func) + current = c; + if (strcmp (cmd, c->name) == 0) + return current; + else if (strncmp (cmd, c->name, strlen(cmd)) == 0 && + partial_cmd != current) { + ++partial_match; + partial_cmd = current; + } + } + if (partial_match == 1 && !exactp) + return partial_cmd; + else + return NULL; +} + +void +sl_help (SL_cmd *cmds, int argc, char **argv) +{ + SL_cmd *c, *prev_c; + + if (argc == 1) { + prev_c = NULL; + for (c = cmds; c->name; ++c) { + if (c->func) { + if(prev_c) + printf ("\n\t%s%s", prev_c->usage ? prev_c->usage : "", + prev_c->usage ? "\n" : ""); + prev_c = c; + printf ("%s", c->name); + } else + printf (", %s", c->name); + } + if(prev_c) + printf ("\n\t%s%s", prev_c->usage ? prev_c->usage : "", + prev_c->usage ? "\n" : ""); + } else { + c = sl_match (cmds, argv[1], 0); + if (c == NULL) + printf ("No such command: %s. Try \"help\" for a list of all commands\n", + argv[1]); + else { + printf ("%s\t%s", c->name, c->usage); + if((++c)->name && c->func == NULL) { + printf ("\nSynonyms:"); + while (c->name && c->func == NULL) + printf ("\t%s", (c++)->name); + } + printf ("\n"); + } + } +} + +#ifdef HAVE_READLINE + +char *readline(char *prompt); +void add_history(char *p); + +#else + +static char * +readline(char *prompt) +{ + char buf[BUFSIZ]; + printf ("%s", prompt); + fflush (stdout); + if(fgets(buf, sizeof(buf), stdin) == NULL) + return NULL; + if (buf[strlen(buf) - 1] == '\n') + buf[strlen(buf) - 1] = '\0'; + return strdup(buf); +} + +static void +add_history(char *p) +{ +} + +#endif + +int +sl_loop (SL_cmd *cmds, char *prompt) +{ + unsigned max_count; + char **ptr; + + max_count = 17; + ptr = malloc(max_count * sizeof(*ptr)); + if (ptr == NULL) { + printf ("sl_loop: failed to allocate %u bytes of memory\n", + (int) max_count * sizeof(*ptr)); + return -1; + } + + for (;;) { + char *buf; + unsigned count; + SL_cmd *c; + + buf = readline(prompt); + if(buf == NULL) + break; + + if(*buf) + add_history(buf); + count = 0; + { + char *foo = NULL; + char *p; + + for(p = strtok_r (buf, " \t", &foo); + p; + p = strtok_r (NULL, " \t", &foo)) { + if(count == max_count) { + max_count *= 2; + ptr = realloc (ptr, max_count * sizeof(*ptr)); + if (ptr == NULL) { + printf ("sl_loop: failed to allocate %u " + "bytes of memory\n", + (unsigned) max_count * sizeof(*ptr)); + return -1; + } + } + ptr[count++] = p; + } + } + if (count > 0) { + c = sl_match (cmds, ptr[0], 0); + if (c) + (*c->func)(count, ptr); + else + printf ("Unrecognized command: %s\n", ptr[0]); + } + free(buf); + } + free (ptr); + return 0; +} diff --git a/crypto/kerberosIV/lib/sl/sl.h b/crypto/kerberosIV/lib/sl/sl.h new file mode 100644 index 0000000..158e590 --- /dev/null +++ b/crypto/kerberosIV/lib/sl/sl.h @@ -0,0 +1,58 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: sl.h,v 1.2 1997/04/01 08:19:18 joda Exp $ */ + +#ifndef _SL_H +#define _SL_H + +typedef void (*cmd_func)(int, char **); + +struct sl_cmd { + char *name; + cmd_func func; + char *usage; + char *help; +}; + +typedef struct sl_cmd SL_cmd; + +void sl_help (SL_cmd *, int argc, char **argv); +int sl_loop (SL_cmd *, char *prompt); + +#endif /* _SL_H */ diff --git a/crypto/kerberosIV/lib/sl/sl_locl.h b/crypto/kerberosIV/lib/sl/sl_locl.h new file mode 100644 index 0000000..ddf25bb --- /dev/null +++ b/crypto/kerberosIV/lib/sl/sl_locl.h @@ -0,0 +1,48 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: sl_locl.h,v 1.3 1997/04/01 08:19:18 joda Exp $ */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#include <roken.h> +#include <protos.h> + +#include <sl.h> |
