From ebfe6dc471c206300fd82c7c0fd145f683aa52f6 Mon Sep 17 00:00:00 2001 From: assar Date: Tue, 13 Feb 2001 16:46:19 +0000 Subject: import of heimdal 0.3e --- crypto/heimdal/lib/45/Makefile.in | 265 ++-- crypto/heimdal/lib/45/mk_req.c | 27 +- crypto/heimdal/lib/Makefile.am | 9 +- crypto/heimdal/lib/Makefile.in | 249 ++-- crypto/heimdal/lib/asn1/Makefile.am | 99 +- crypto/heimdal/lib/asn1/Makefile.in | 498 ++++---- crypto/heimdal/lib/asn1/asn1-common.h | 16 + crypto/heimdal/lib/asn1/asn1_print.c | 7 +- crypto/heimdal/lib/asn1/der.h | 10 +- crypto/heimdal/lib/asn1/der_get.c | 31 +- crypto/heimdal/lib/asn1/der_length.c | 20 +- crypto/heimdal/lib/asn1/der_put.c | 38 +- crypto/heimdal/lib/asn1/gen.c | 36 +- crypto/heimdal/lib/asn1/gen_copy.c | 5 +- crypto/heimdal/lib/asn1/gen_decode.c | 413 +++---- crypto/heimdal/lib/asn1/gen_encode.c | 288 ++--- crypto/heimdal/lib/asn1/gen_free.c | 5 +- crypto/heimdal/lib/asn1/gen_length.c | 170 +-- crypto/heimdal/lib/asn1/gen_locl.h | 7 +- crypto/heimdal/lib/asn1/k5.asn1 | 161 ++- crypto/heimdal/lib/asn1/lex.h | 11 +- crypto/heimdal/lib/asn1/lex.l | 26 +- crypto/heimdal/lib/asn1/parse.y | 34 +- crypto/heimdal/lib/asn1/pkinit.asn1 | 189 +++ crypto/heimdal/lib/asn1/rfc2459.asn1 | 21 + crypto/heimdal/lib/asn1/x509.asn1 | 23 + crypto/heimdal/lib/auth/ChangeLog | 31 + crypto/heimdal/lib/auth/Makefile.in | 237 ++-- crypto/heimdal/lib/auth/afskauthlib/Makefile.am | 25 +- crypto/heimdal/lib/auth/afskauthlib/Makefile.in | 231 ++-- crypto/heimdal/lib/auth/afskauthlib/verify.c | 27 +- crypto/heimdal/lib/auth/pam/Makefile.in | 194 +-- crypto/heimdal/lib/auth/pam/pam.c | 80 +- crypto/heimdal/lib/auth/pam/pam.conf.add | 64 +- crypto/heimdal/lib/auth/sia/Makefile.am | 54 +- crypto/heimdal/lib/auth/sia/Makefile.in | 286 +++-- crypto/heimdal/lib/auth/sia/sia.c | 10 +- crypto/heimdal/lib/com_err/ChangeLog | 127 ++ crypto/heimdal/lib/com_err/Makefile.am | 24 + crypto/heimdal/lib/com_err/Makefile.in | 649 ++++++++++ crypto/heimdal/lib/com_err/com_err.c | 151 +++ crypto/heimdal/lib/com_err/com_err.h | 56 + crypto/heimdal/lib/com_err/com_right.h | 66 + crypto/heimdal/lib/com_err/compile_et.c | 235 ++++ crypto/heimdal/lib/com_err/compile_et.h | 79 ++ crypto/heimdal/lib/com_err/error.c | 91 ++ crypto/heimdal/lib/com_err/lex.h | 39 + crypto/heimdal/lib/com_err/lex.l | 126 ++ crypto/heimdal/lib/com_err/parse.y | 167 +++ crypto/heimdal/lib/com_err/roken_rename.h | 39 + crypto/heimdal/lib/gssapi/8003.c | 83 +- crypto/heimdal/lib/gssapi/ChangeLog | 103 ++ crypto/heimdal/lib/gssapi/Makefile.am | 10 +- crypto/heimdal/lib/gssapi/Makefile.in | 325 +++-- crypto/heimdal/lib/gssapi/accept_sec_context.c | 122 +- crypto/heimdal/lib/gssapi/acquire_cred.c | 63 +- crypto/heimdal/lib/gssapi/add_oid_set_member.c | 24 +- crypto/heimdal/lib/gssapi/address_to_krb5addr.c | 75 ++ crypto/heimdal/lib/gssapi/copy_ccache.c | 56 + crypto/heimdal/lib/gssapi/decapsulate.c | 10 +- crypto/heimdal/lib/gssapi/encapsulate.c | 7 +- crypto/heimdal/lib/gssapi/export_sec_context.c | 27 +- crypto/heimdal/lib/gssapi/external.c | 37 +- crypto/heimdal/lib/gssapi/get_mic.c | 212 +++- crypto/heimdal/lib/gssapi/gssapi.h | 49 +- crypto/heimdal/lib/gssapi/gssapi_locl.h | 17 +- crypto/heimdal/lib/gssapi/import_sec_context.c | 37 +- crypto/heimdal/lib/gssapi/init.c | 12 +- crypto/heimdal/lib/gssapi/init_sec_context.c | 389 ++++-- crypto/heimdal/lib/gssapi/release_buffer.c | 5 +- crypto/heimdal/lib/gssapi/release_cred.c | 4 +- crypto/heimdal/lib/gssapi/release_name.c | 5 +- crypto/heimdal/lib/gssapi/release_oid_set.c | 5 +- crypto/heimdal/lib/gssapi/unwrap.c | 266 +++- crypto/heimdal/lib/gssapi/verify_mic.c | 191 ++- crypto/heimdal/lib/gssapi/wrap.c | 305 ++++- crypto/heimdal/lib/hdb/Makefile.am | 32 +- crypto/heimdal/lib/hdb/Makefile.in | 312 ++--- crypto/heimdal/lib/hdb/common.c | 21 +- crypto/heimdal/lib/hdb/convert_db.c | 28 +- crypto/heimdal/lib/hdb/db.c | 24 +- crypto/heimdal/lib/hdb/db3.c | 310 +++++ crypto/heimdal/lib/hdb/hdb-ldap.c | 1344 +++++++++++++++++++++ crypto/heimdal/lib/hdb/hdb-private.h | 12 - crypto/heimdal/lib/hdb/hdb-protos.h | 53 +- crypto/heimdal/lib/hdb/hdb.asn1 | 6 +- crypto/heimdal/lib/hdb/hdb.c | 219 +--- crypto/heimdal/lib/hdb/hdb.h | 13 +- crypto/heimdal/lib/hdb/hdb_err.et | 3 +- crypto/heimdal/lib/hdb/hdb_locl.h | 6 +- crypto/heimdal/lib/hdb/keytab.c | 122 +- crypto/heimdal/lib/hdb/mkey.c | 475 ++++++++ crypto/heimdal/lib/hdb/ndbm.c | 25 +- crypto/heimdal/lib/hdb/print.c | 50 +- crypto/heimdal/lib/kadm5/ChangeLog | 201 +++ crypto/heimdal/lib/kadm5/Makefile.am | 112 +- crypto/heimdal/lib/kadm5/Makefile.in | 458 +++---- crypto/heimdal/lib/kadm5/acl.c | 139 ++- crypto/heimdal/lib/kadm5/admin.h | 465 +------ crypto/heimdal/lib/kadm5/bump_pw_expire.c | 59 + crypto/heimdal/lib/kadm5/chpass_c.c | 50 +- crypto/heimdal/lib/kadm5/chpass_s.c | 87 +- crypto/heimdal/lib/kadm5/common_glue.c | 14 +- crypto/heimdal/lib/kadm5/context_s.c | 16 +- crypto/heimdal/lib/kadm5/create_c.c | 6 +- crypto/heimdal/lib/kadm5/create_s.c | 19 +- crypto/heimdal/lib/kadm5/delete_c.c | 6 +- crypto/heimdal/lib/kadm5/delete_s.c | 8 +- crypto/heimdal/lib/kadm5/destroy_s.c | 37 +- crypto/heimdal/lib/kadm5/dump_log.c | 25 +- crypto/heimdal/lib/kadm5/ent_setup.c | 9 +- crypto/heimdal/lib/kadm5/get_c.c | 6 +- crypto/heimdal/lib/kadm5/get_princs_c.c | 6 +- crypto/heimdal/lib/kadm5/get_s.c | 24 +- crypto/heimdal/lib/kadm5/init_c.c | 119 +- crypto/heimdal/lib/kadm5/init_s.c | 16 +- crypto/heimdal/lib/kadm5/iprop.h | 15 +- crypto/heimdal/lib/kadm5/ipropd_master.c | 191 ++- crypto/heimdal/lib/kadm5/ipropd_slave.c | 208 +++- crypto/heimdal/lib/kadm5/kadm5-private.h | 245 ++++ crypto/heimdal/lib/kadm5/kadm5-protos.h | 516 ++++++++ crypto/heimdal/lib/kadm5/kadm5_locl.h | 6 +- crypto/heimdal/lib/kadm5/keys.c | 112 ++ crypto/heimdal/lib/kadm5/log.c | 173 ++- crypto/heimdal/lib/kadm5/modify_c.c | 6 +- crypto/heimdal/lib/kadm5/modify_s.c | 10 +- crypto/heimdal/lib/kadm5/password_quality.c | 4 +- crypto/heimdal/lib/kadm5/private.h | 179 +-- crypto/heimdal/lib/kadm5/privs_c.c | 6 +- crypto/heimdal/lib/kadm5/randkey_c.c | 6 +- crypto/heimdal/lib/kadm5/randkey_s.c | 13 +- crypto/heimdal/lib/kadm5/rename_c.c | 6 +- crypto/heimdal/lib/kadm5/rename_s.c | 10 +- crypto/heimdal/lib/kadm5/send_recv.c | 4 +- crypto/heimdal/lib/kadm5/set_keys.c | 400 ++++-- crypto/heimdal/lib/kadm5/truncate_log.c | 88 ++ crypto/heimdal/lib/kafs/ChangeLog | 44 + crypto/heimdal/lib/kafs/Makefile.am | 4 +- crypto/heimdal/lib/kafs/Makefile.in | 613 +++++----- crypto/heimdal/lib/kafs/afskrb.c | 14 +- crypto/heimdal/lib/kafs/afssys.c | 9 +- crypto/heimdal/lib/kafs/afssysdefs.h | 12 +- crypto/heimdal/lib/kafs/dlfcn.c | 4 +- crypto/heimdal/lib/kafs/kafs.3 | 57 +- crypto/heimdal/lib/kdfs/ChangeLog | 11 + crypto/heimdal/lib/kdfs/Makefile.am | 10 + crypto/heimdal/lib/kdfs/Makefile.in | 557 +++++++++ crypto/heimdal/lib/kdfs/k5dfspag.c | 362 ++++++ crypto/heimdal/lib/krb5/Makefile.am | 54 +- crypto/heimdal/lib/krb5/Makefile.in | 716 ++++++----- crypto/heimdal/lib/krb5/acl.c | 189 +++ crypto/heimdal/lib/krb5/addr_families.c | 4 +- crypto/heimdal/lib/krb5/appdefault.c | 123 ++ crypto/heimdal/lib/krb5/auth_context.c | 114 +- crypto/heimdal/lib/krb5/build_auth.c | 11 +- crypto/heimdal/lib/krb5/cache.c | 8 +- crypto/heimdal/lib/krb5/changepw.c | 93 +- crypto/heimdal/lib/krb5/config_file.c | 50 +- crypto/heimdal/lib/krb5/constants.c | 6 +- crypto/heimdal/lib/krb5/context.c | 49 +- crypto/heimdal/lib/krb5/convert_creds.c | 28 +- crypto/heimdal/lib/krb5/crc.c | 6 +- crypto/heimdal/lib/krb5/crypto.c | 895 +++++++++++--- crypto/heimdal/lib/krb5/eai_to_heim_errno.c | 69 ++ crypto/heimdal/lib/krb5/expand_hostname.c | 4 +- crypto/heimdal/lib/krb5/fcache.c | 137 ++- crypto/heimdal/lib/krb5/generate_seq_number.c | 6 +- crypto/heimdal/lib/krb5/get_addrs.c | 285 ++--- crypto/heimdal/lib/krb5/get_cred.c | 60 +- crypto/heimdal/lib/krb5/get_for_creds.c | 57 +- crypto/heimdal/lib/krb5/get_in_tkt.c | 46 +- crypto/heimdal/lib/krb5/get_port.c | 6 +- crypto/heimdal/lib/krb5/heim_err.et | 20 +- crypto/heimdal/lib/krb5/init_creds.c | 54 +- crypto/heimdal/lib/krb5/init_creds_pw.c | 27 +- crypto/heimdal/lib/krb5/kerberos.8 | 73 ++ crypto/heimdal/lib/krb5/keyblock.c | 4 +- crypto/heimdal/lib/krb5/keytab_keyfile.c | 79 +- crypto/heimdal/lib/krb5/keytab_krb4.c | 8 +- crypto/heimdal/lib/krb5/krb5-private.h | 3 +- crypto/heimdal/lib/krb5/krb5-protos.h | 295 ++++- crypto/heimdal/lib/krb5/krb5.conf.5 | 139 ++- crypto/heimdal/lib/krb5/krb5.h | 107 +- crypto/heimdal/lib/krb5/krb5_425_conv_principal.3 | 11 +- crypto/heimdal/lib/krb5/krb5_appdefault.3 | 57 + crypto/heimdal/lib/krb5/krb5_auth_context.3 | 284 +++++ crypto/heimdal/lib/krb5/krb5_build_principal.3 | 12 +- crypto/heimdal/lib/krb5/krb5_config.3 | 71 ++ crypto/heimdal/lib/krb5/krb5_context.3 | 20 + crypto/heimdal/lib/krb5/krb5_create_checksum.3 | 8 +- crypto/heimdal/lib/krb5/krb5_crypto_init.3 | 6 +- crypto/heimdal/lib/krb5/krb5_encrypt.3 | 8 +- crypto/heimdal/lib/krb5/krb5_err.et | 26 +- crypto/heimdal/lib/krb5/krb5_free_principal.3 | 7 +- crypto/heimdal/lib/krb5/krb5_init_context.3 | 38 + crypto/heimdal/lib/krb5/krb5_locl.h | 24 +- crypto/heimdal/lib/krb5/krb5_openlog.3 | 25 +- crypto/heimdal/lib/krb5/krb5_parse_name.3 | 6 +- crypto/heimdal/lib/krb5/krb5_sname_to_principal.3 | 8 +- crypto/heimdal/lib/krb5/krb5_unparse_name.3 | 8 +- crypto/heimdal/lib/krb5/krb5_warn.3 | 14 +- crypto/heimdal/lib/krb5/krbhst.c | 38 +- crypto/heimdal/lib/krb5/log.c | 18 +- crypto/heimdal/lib/krb5/mcache.c | 163 ++- crypto/heimdal/lib/krb5/mk_priv.c | 17 +- crypto/heimdal/lib/krb5/mk_rep.c | 28 +- crypto/heimdal/lib/krb5/mk_req.c | 78 +- crypto/heimdal/lib/krb5/mk_req_ext.c | 25 +- crypto/heimdal/lib/krb5/mk_safe.c | 20 +- crypto/heimdal/lib/krb5/principal.c | 93 +- crypto/heimdal/lib/krb5/prog_setup.c | 10 +- crypto/heimdal/lib/krb5/rd_cred.c | 142 ++- crypto/heimdal/lib/krb5/rd_priv.c | 26 +- crypto/heimdal/lib/krb5/rd_rep.c | 6 +- crypto/heimdal/lib/krb5/rd_req.c | 103 +- crypto/heimdal/lib/krb5/rd_safe.c | 21 +- crypto/heimdal/lib/krb5/read_message.c | 42 +- crypto/heimdal/lib/krb5/recvauth.c | 6 +- crypto/heimdal/lib/krb5/replay.c | 57 +- crypto/heimdal/lib/krb5/send_to_kdc.c | 77 +- crypto/heimdal/lib/krb5/sock_principal.c | 20 +- crypto/heimdal/lib/krb5/store.c | 53 +- crypto/heimdal/lib/krb5/store_emem.c | 6 +- crypto/heimdal/lib/krb5/store_fd.c | 10 +- crypto/heimdal/lib/krb5/store_mem.c | 6 +- crypto/heimdal/lib/krb5/string-to-key-test.c | 11 +- crypto/heimdal/lib/krb5/test_get_addrs.c | 78 ++ crypto/heimdal/lib/krb5/time.c | 15 +- crypto/heimdal/lib/krb5/verify_krb5_conf.8 | 33 + crypto/heimdal/lib/krb5/verify_user.c | 10 +- crypto/heimdal/lib/krb5/warn.c | 5 +- crypto/heimdal/lib/krb5/write_message.c | 40 +- crypto/heimdal/lib/roken/ChangeLog | 261 ++++ crypto/heimdal/lib/roken/Makefile.am | 114 +- crypto/heimdal/lib/roken/Makefile.in | 796 ++++++------ crypto/heimdal/lib/roken/acconfig.h | 36 + crypto/heimdal/lib/roken/acinclude.m4 | 9 + crypto/heimdal/lib/roken/config.h.in | 1 + crypto/heimdal/lib/roken/environment.c | 103 ++ crypto/heimdal/lib/roken/err.hin | 68 ++ crypto/heimdal/lib/roken/esetenv.c | 48 + crypto/heimdal/lib/roken/fnmatch.hin | 49 + crypto/heimdal/lib/roken/getaddrinfo-test.c | 6 +- crypto/heimdal/lib/roken/getaddrinfo.c | 51 +- crypto/heimdal/lib/roken/getaddrinfo_hostspec.c | 25 +- crypto/heimdal/lib/roken/getarg.3 | 18 +- crypto/heimdal/lib/roken/getarg.c | 13 +- crypto/heimdal/lib/roken/getifaddrs.c | 271 +++++ crypto/heimdal/lib/roken/getnameinfo_verified.c | 9 +- crypto/heimdal/lib/roken/getusershell.c | 147 ++- crypto/heimdal/lib/roken/glob.hin | 84 ++ crypto/heimdal/lib/roken/ifaddrs.hin | 64 + crypto/heimdal/lib/roken/inet_ntop.c | 19 +- crypto/heimdal/lib/roken/inet_pton.c | 21 +- crypto/heimdal/lib/roken/install-sh | 251 ++++ crypto/heimdal/lib/roken/make-print-version.c | 6 +- crypto/heimdal/lib/roken/mini_inetd.c | 32 +- crypto/heimdal/lib/roken/missing | 190 +++ crypto/heimdal/lib/roken/mkinstalldirs | 40 + crypto/heimdal/lib/roken/print_version.c | 6 +- crypto/heimdal/lib/roken/putenv.c | 24 +- crypto/heimdal/lib/roken/resolve.c | 128 +- crypto/heimdal/lib/roken/resolve.h | 47 +- crypto/heimdal/lib/roken/roken-common.h | 44 +- crypto/heimdal/lib/roken/roken.awk | 6 +- crypto/heimdal/lib/roken/roken.h.in | 41 +- crypto/heimdal/lib/roken/rtbl.c | 278 +++++ crypto/heimdal/lib/roken/rtbl.h | 57 + crypto/heimdal/lib/roken/signal.c | 7 +- crypto/heimdal/lib/roken/simple_exec.c | 19 +- crypto/heimdal/lib/roken/snprintf.c | 49 +- crypto/heimdal/lib/roken/socket.c | 24 +- crypto/heimdal/lib/roken/strftime.c | 4 +- crypto/heimdal/lib/roken/strsep_copy.c | 67 + crypto/heimdal/lib/roken/timeval.c | 84 ++ crypto/heimdal/lib/roken/unvis.c | 288 +++++ crypto/heimdal/lib/roken/verr.c | 7 +- crypto/heimdal/lib/roken/verrx.c | 7 +- crypto/heimdal/lib/roken/vis.c | 301 +++++ crypto/heimdal/lib/roken/vis.hin | 86 ++ crypto/heimdal/lib/roken/vsyslog.c | 72 +- crypto/heimdal/lib/roken/vwarn.c | 7 +- crypto/heimdal/lib/roken/vwarnx.c | 7 +- crypto/heimdal/lib/roken/warnerr.c | 8 +- crypto/heimdal/lib/roken/write_pid.c | 95 ++ crypto/heimdal/lib/roken/xdbm.h | 8 +- crypto/heimdal/lib/sl/ChangeLog | 46 + crypto/heimdal/lib/sl/Makefile.am | 15 +- crypto/heimdal/lib/sl/Makefile.in | 388 +++--- crypto/heimdal/lib/sl/lex.l | 15 +- crypto/heimdal/lib/sl/make_cmds.h | 11 +- crypto/heimdal/lib/sl/parse.y | 9 +- crypto/heimdal/lib/sl/roken_rename.h | 7 +- crypto/heimdal/lib/sl/sl.c | 133 +- crypto/heimdal/lib/sl/sl.h | 11 +- crypto/heimdal/lib/sl/ss.c | 49 +- crypto/heimdal/lib/sl/ss.h | 6 +- crypto/heimdal/lib/vers/ChangeLog | 13 + crypto/heimdal/lib/vers/Makefile.am | 28 + crypto/heimdal/lib/vers/Makefile.in | 574 +++++++++ crypto/heimdal/lib/vers/make-print-version.c | 68 ++ crypto/heimdal/lib/vers/print_version.c | 78 ++ crypto/heimdal/lib/vers/vers.h | 41 + 303 files changed, 21907 insertions(+), 6820 deletions(-) create mode 100644 crypto/heimdal/lib/asn1/asn1-common.h create mode 100644 crypto/heimdal/lib/asn1/pkinit.asn1 create mode 100644 crypto/heimdal/lib/asn1/rfc2459.asn1 create mode 100644 crypto/heimdal/lib/asn1/x509.asn1 create mode 100644 crypto/heimdal/lib/com_err/ChangeLog create mode 100644 crypto/heimdal/lib/com_err/Makefile.am create mode 100644 crypto/heimdal/lib/com_err/Makefile.in create mode 100644 crypto/heimdal/lib/com_err/com_err.c create mode 100644 crypto/heimdal/lib/com_err/com_err.h create mode 100644 crypto/heimdal/lib/com_err/com_right.h create mode 100644 crypto/heimdal/lib/com_err/compile_et.c create mode 100644 crypto/heimdal/lib/com_err/compile_et.h create mode 100644 crypto/heimdal/lib/com_err/error.c create mode 100644 crypto/heimdal/lib/com_err/lex.h create mode 100644 crypto/heimdal/lib/com_err/lex.l create mode 100644 crypto/heimdal/lib/com_err/parse.y create mode 100644 crypto/heimdal/lib/com_err/roken_rename.h create mode 100644 crypto/heimdal/lib/gssapi/address_to_krb5addr.c create mode 100644 crypto/heimdal/lib/gssapi/copy_ccache.c create mode 100644 crypto/heimdal/lib/hdb/db3.c create mode 100644 crypto/heimdal/lib/hdb/hdb-ldap.c create mode 100644 crypto/heimdal/lib/hdb/mkey.c create mode 100644 crypto/heimdal/lib/kadm5/bump_pw_expire.c create mode 100644 crypto/heimdal/lib/kadm5/kadm5-private.h create mode 100644 crypto/heimdal/lib/kadm5/kadm5-protos.h create mode 100644 crypto/heimdal/lib/kadm5/keys.c create mode 100644 crypto/heimdal/lib/kadm5/truncate_log.c create mode 100644 crypto/heimdal/lib/kdfs/ChangeLog create mode 100644 crypto/heimdal/lib/kdfs/Makefile.am create mode 100644 crypto/heimdal/lib/kdfs/Makefile.in create mode 100644 crypto/heimdal/lib/kdfs/k5dfspag.c create mode 100644 crypto/heimdal/lib/krb5/acl.c create mode 100644 crypto/heimdal/lib/krb5/appdefault.c create mode 100644 crypto/heimdal/lib/krb5/eai_to_heim_errno.c create mode 100644 crypto/heimdal/lib/krb5/kerberos.8 create mode 100644 crypto/heimdal/lib/krb5/krb5_appdefault.3 create mode 100644 crypto/heimdal/lib/krb5/krb5_auth_context.3 create mode 100644 crypto/heimdal/lib/krb5/krb5_config.3 create mode 100644 crypto/heimdal/lib/krb5/krb5_context.3 create mode 100644 crypto/heimdal/lib/krb5/krb5_init_context.3 create mode 100644 crypto/heimdal/lib/krb5/test_get_addrs.c create mode 100644 crypto/heimdal/lib/krb5/verify_krb5_conf.8 create mode 100644 crypto/heimdal/lib/roken/acconfig.h create mode 100644 crypto/heimdal/lib/roken/acinclude.m4 create mode 100644 crypto/heimdal/lib/roken/config.h.in create mode 100644 crypto/heimdal/lib/roken/environment.c create mode 100644 crypto/heimdal/lib/roken/err.hin create mode 100644 crypto/heimdal/lib/roken/esetenv.c create mode 100644 crypto/heimdal/lib/roken/fnmatch.hin create mode 100644 crypto/heimdal/lib/roken/getifaddrs.c create mode 100644 crypto/heimdal/lib/roken/glob.hin create mode 100644 crypto/heimdal/lib/roken/ifaddrs.hin create mode 100755 crypto/heimdal/lib/roken/install-sh create mode 100755 crypto/heimdal/lib/roken/missing create mode 100755 crypto/heimdal/lib/roken/mkinstalldirs create mode 100644 crypto/heimdal/lib/roken/rtbl.c create mode 100644 crypto/heimdal/lib/roken/rtbl.h create mode 100644 crypto/heimdal/lib/roken/strsep_copy.c create mode 100644 crypto/heimdal/lib/roken/timeval.c create mode 100644 crypto/heimdal/lib/roken/unvis.c create mode 100644 crypto/heimdal/lib/roken/vis.c create mode 100644 crypto/heimdal/lib/roken/vis.hin create mode 100644 crypto/heimdal/lib/roken/write_pid.c create mode 100644 crypto/heimdal/lib/vers/ChangeLog create mode 100644 crypto/heimdal/lib/vers/Makefile.am create mode 100644 crypto/heimdal/lib/vers/Makefile.in create mode 100644 crypto/heimdal/lib/vers/make-print-version.c create mode 100644 crypto/heimdal/lib/vers/print_version.c create mode 100644 crypto/heimdal/lib/vers/vers.h (limited to 'crypto/heimdal/lib') diff --git a/crypto/heimdal/lib/45/Makefile.in b/crypto/heimdal/lib/45/Makefile.in index 9b0c7fc..66dfc0f 100644 --- a/crypto/heimdal/lib/45/Makefile.in +++ b/crypto/heimdal/lib/45/Makefile.in @@ -1,6 +1,6 @@ -# Makefile.in generated automatically by automake 1.4 from Makefile.am +# Makefile.in generated automatically by automake 1.4a from Makefile.am -# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -10,15 +10,6 @@ # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. -# $Id: Makefile.am,v 1.5 1999/03/20 13:58:17 joda Exp $ - - -# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ - - -# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ - - SHELL = @SHELL@ srcdir = @srcdir@ @@ -40,8 +31,6 @@ mandir = @mandir@ includedir = @includedir@ oldincludedir = /usr/include -DESTDIR = - pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ @@ -54,9 +43,10 @@ AUTOMAKE = @AUTOMAKE@ AUTOHEADER = @AUTOHEADER@ INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_FLAG = transform = @program_transform_name@ NORMAL_INSTALL = : @@ -65,26 +55,39 @@ POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : + +@SET_MAKE@ host_alias = @host_alias@ host_triplet = @host@ -AFS_EXTRA_LD = @AFS_EXTRA_LD@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AMDEP = @AMDEP@ +AMTAR = @AMTAR@ +AS = @AS@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CPP = @CPP@ +CXX = @CXX@ +CXXCPP = @CXXCPP@ DBLIB = @DBLIB@ +DEPDIR = @DEPDIR@ +DIR_des = @DIR_des@ +DIR_roken = @DIR_roken@ +DLLTOOL = @DLLTOOL@ EXEEXT = @EXEEXT@ EXTRA_LIB45 = @EXTRA_LIB45@ GROFF = @GROFF@ +INCLUDES_roken = @INCLUDES_roken@ INCLUDE_ = @INCLUDE_@ -LD = @LD@ LEX = @LEX@ LIBOBJS = @LIBOBJS@ LIBTOOL = @LIBTOOL@ LIB_ = @LIB_@ LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_des = @LIB_des@ +LIB_des_appl = @LIB_des_appl@ LIB_kdb = @LIB_kdb@ LIB_otp = @LIB_otp@ LIB_roken = @LIB_roken@ @@ -92,31 +95,43 @@ LIB_security = @LIB_security@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ -MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ -MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ -MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ -NM = @NM@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ RANLIB = @RANLIB@ +STRIP = @STRIP@ VERSION = @VERSION@ VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ YACC = @YACC@ +dpagaix_CFLAGS = @dpagaix_CFLAGS@ +dpagaix_LDADD = @dpagaix_LDADD@ +install_sh = @install_sh@ + +# $Id: Makefile.am,v 1.5 1999/03/20 13:58:17 joda Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $ + AUTOMAKE_OPTIONS = foreign no-dependencies SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x -INCLUDES = -I$(top_builddir)/include $(INCLUDE_krb4) +INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken) $(INCLUDE_krb4) AM_CFLAGS = $(WFLAGS) +CP = cp + COMPILE_ET = $(top_builddir)/lib/com_err/compile_et buildinclude = $(top_builddir)/include @@ -136,6 +151,7 @@ LIB_getsockopt = @LIB_getsockopt@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ LIB_odm_initialize = @LIB_odm_initialize@ +LIB_pidfile = @LIB_pidfile@ LIB_readline = @LIB_readline@ LIB_res_search = @LIB_res_search@ LIB_setpcred = @LIB_setpcred@ @@ -144,6 +160,8 @@ LIB_socket = @LIB_socket@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIBS = @LIBS@ + HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ INCLUDE_hesiod = @INCLUDE_hesiod@ @@ -152,24 +170,20 @@ LIB_hesiod = @LIB_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ LIB_krb4 = @LIB_krb4@ +INCLUDE_openldap = @INCLUDE_openldap@ +LIB_openldap = @LIB_openldap@ + INCLUDE_readline = @INCLUDE_readline@ LEXLIB = @LEXLIB@ -cat1dir = $(mandir)/cat1 -cat3dir = $(mandir)/cat3 -cat5dir = $(mandir)/cat5 -cat8dir = $(mandir)/cat8 - -MANRX = \(.*\)\.\([0-9]\) -CATSUFFIX = @CATSUFFIX@ - NROFF_MAN = groff -mandoc -Tascii -@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) +@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la +@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \ +@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la CHECK_LOCAL = $(PROGRAMS) @@ -178,6 +192,7 @@ lib_LIBRARIES = @EXTRA_LIB45@ EXTRA_LIBRARIES = lib45.a lib45_a_SOURCES = get_ad_tkt.c mk_req.c 45_locl.h +subdir = lib/45 mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs CONFIG_HEADER = ../../include/config.h CONFIG_CLEAN_FILES = @@ -187,32 +202,34 @@ LIBRARIES = $(lib_LIBRARIES) DEFS = @DEFS@ -I. -I$(srcdir) -I../../include CPPFLAGS = @CPPFLAGS@ LDFLAGS = @LDFLAGS@ -LIBS = @LIBS@ X_CFLAGS = @X_CFLAGS@ X_LIBS = @X_LIBS@ X_EXTRA_LIBS = @X_EXTRA_LIBS@ X_PRE_LIBS = @X_PRE_LIBS@ +lib45_a_AR = $(AR) cru lib45_a_LIBADD = -lib45_a_OBJECTS = get_ad_tkt.$(OBJEXT) mk_req.$(OBJEXT) +am_lib45_a_OBJECTS = get_ad_tkt.$(OBJEXT) mk_req.$(OBJEXT) +lib45_a_OBJECTS = $(am_lib45_a_OBJECTS) AR = ar -CFLAGS = @CFLAGS@ COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CFLAGS = @CFLAGS@ CCLD = $(CC) -LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +DIST_SOURCES = $(lib45_a_SOURCES) +depcomp = DIST_COMMON = Makefile.am Makefile.in -DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -TAR = tar GZIP_ENV = --best SOURCES = $(lib45_a_SOURCES) -OBJECTS = $(lib45_a_OBJECTS) +OBJECTS = $(am_lib45_a_OBJECTS) all: all-redirect .SUFFIXES: -.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .s .x +.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .x $(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/45/Makefile @@ -249,24 +266,11 @@ install-libLIBRARIES: $(lib_LIBRARIES) uninstall-libLIBRARIES: @$(NORMAL_UNINSTALL) - list='$(lib_LIBRARIES)'; for p in $$list; do \ + @list='$(lib_LIBRARIES)'; for p in $$list; do \ + echo " rm -f $(DESTDIR)$(libdir)/$$p"; \ rm -f $(DESTDIR)$(libdir)/$$p; \ done -.c.o: - $(COMPILE) -c $< - -# FIXME: We should only use cygpath when building on Windows, -# and only if it is available. -.c.obj: - $(COMPILE) -c `cygpath -w $<` - -.s.o: - $(COMPILE) -c $< - -.S.o: - $(COMPILE) -c $< - mostlyclean-compile: -rm -f *.o core *.core -rm -f *.$(OBJEXT) @@ -278,15 +282,6 @@ distclean-compile: maintainer-clean-compile: -.c.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - -.s.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - -.S.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - mostlyclean-libtool: -rm -f *.lo @@ -299,28 +294,38 @@ maintainer-clean-libtool: lib45.a: $(lib45_a_OBJECTS) $(lib45_a_DEPENDENCIES) -rm -f lib45.a - $(AR) cru lib45.a $(lib45_a_OBJECTS) $(lib45_a_LIBADD) + $(lib45_a_AR) lib45.a $(lib45_a_OBJECTS) $(lib45_a_LIBADD) $(RANLIB) lib45.a +.c.o: + $(COMPILE) -c $< +.c.obj: + $(COMPILE) -c `cygpath -w $<` +.c.lo: + $(LTCOMPILE) -c -o $@ $< tags: TAGS -ID: $(HEADERS) $(SOURCES) $(LISP) - list='$(SOURCES) $(HEADERS)'; \ - unique=`for i in $$list; do echo $$i; done | \ - awk ' { files[$$0] = 1; } \ +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ - here=`pwd` && cd $(srcdir) \ - && mkid -f$$here/ID $$unique $(LISP) + mkid -fID $$unique $(LISP) -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP) +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) tags=; \ here=`pwd`; \ - list='$(SOURCES) $(HEADERS)'; \ - unique=`for i in $$list; do echo $$i; done | \ - awk ' { files[$$0] = 1; } \ + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ - || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS) + || etags $(ETAGS_ARGS) $$tags $$unique $(LISP) mostlyclean-tags: @@ -333,17 +338,16 @@ maintainer-clean-tags: distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) -subdir = lib/45 - distdir: $(DISTFILES) @for file in $(DISTFILES); do \ d=$(srcdir); \ if test -d $$d/$$file; then \ - cp -pr $$/$$file $(distdir)/$$file; \ + cp -pR $$d/$$file $(distdir) \ + || exit 1; \ else \ test -f $(distdir)/$$file \ - || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ - || cp -p $$d/$$file $(distdir)/$$file || :; \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ fi; \ done $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook @@ -372,7 +376,7 @@ uninstall: uninstall-am all-am: Makefile $(LIBRARIES) all-local all-redirect: all-am install-strip: - $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install + $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install installdirs: $(mkinstalldirs) $(DESTDIR)$(libdir) @@ -386,6 +390,7 @@ distclean-generic: -rm -f config.cache config.log stamp-h stamp-h[0-9]* maintainer-clean-generic: + -rm -f Makefile.in mostlyclean-am: mostlyclean-libLIBRARIES mostlyclean-compile \ mostlyclean-libtool mostlyclean-tags \ mostlyclean-generic @@ -422,8 +427,8 @@ mostlyclean-tags distclean-tags clean-tags maintainer-clean-tags \ distdir info-am info dvi-am dvi check-local check check-am \ installcheck-am installcheck install-exec-am install-exec \ install-data-local install-data-am install-data install-am install \ -uninstall-am uninstall all-local all-redirect all-am all installdirs \ -mostlyclean-generic distclean-generic clean-generic \ +uninstall-am uninstall all-local all-redirect all-am all install-strip \ +installdirs mostlyclean-generic distclean-generic clean-generic \ maintainer-clean-generic clean mostlyclean distclean maintainer-clean @@ -432,7 +437,10 @@ install-suid-programs: for file in $$foo; do \ x=$(DESTDIR)$(bindir)/$$file; \ if chown 0:0 $$x && chmod u+s $$x; then :; else \ - chmod 0 $$x; fi; done + echo "*"; \ + echo "* Failed to install $$x setuid root"; \ + echo "*"; \ + fi; done install-exec-hook: install-suid-programs @@ -444,8 +452,8 @@ install-build-headers:: $(include_HEADERS) $(build_HEADERZ) else file="$$f"; fi; \ if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ : ; else \ - echo " cp $$file $(buildinclude)/$$f"; \ - cp $$file $(buildinclude)/$$f; \ + echo " $(CP) $$file $(buildinclude)/$$f"; \ + $(CP) $$file $(buildinclude)/$$f; \ fi ; \ done @@ -514,87 +522,8 @@ dist-cat8-mans: dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans -install-cat1-mans: - @ext=1;\ - foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat3-mans: - @ext=3;\ - foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat5-mans: - @ext=5;\ - foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat8-mans: - @ext=8;\ - foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans +install-cat-mans: + $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) install-data-local: install-cat-mans diff --git a/crypto/heimdal/lib/45/mk_req.c b/crypto/heimdal/lib/45/mk_req.c index 7074ebf..db909c2 100644 --- a/crypto/heimdal/lib/45/mk_req.c +++ b/crypto/heimdal/lib/45/mk_req.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -35,12 +35,13 @@ #include "45_locl.h" -RCSID("$Id: mk_req.c,v 1.2 1999/12/02 17:05:01 joda Exp $"); +RCSID("$Id: mk_req.c,v 1.6 2000/04/11 00:49:35 assar Exp $"); static int lifetime = 255; static void -build_request(KTEXT req, char *name, char *inst, char *realm, +build_request(KTEXT req, + const char *name, const char *inst, const char *realm, u_int32_t checksum) { struct timeval tv; @@ -61,20 +62,31 @@ build_request(KTEXT req, char *name, char *inst, char *realm, krb5_data_free(&data); } +#ifdef KRB_MK_REQ_CONST int -krb_mk_req(KTEXT authent, char *service, char *instance, char *realm, +krb_mk_req(KTEXT authent, + const char *service, const char *instance, const char *realm, int32_t checksum) +#else +int +krb_mk_req(KTEXT authent, + char *service, char *instance, char *realm, + int32_t checksum) + +#endif { CREDENTIALS cr; KTEXT_ST req; krb5_storage *sp; int code; - char *myrealm; + /* XXX get user realm */ + const char *myrealm = realm; krb5_data a; code = krb_get_cred(service, instance, realm, &cr); if(code || time(NULL) > krb_life_to_time(cr.issue_date, cr.lifetime)){ - code = get_ad_tkt(service, instance, realm, lifetime); + code = get_ad_tkt((char *)service, + (char *)instance, (char *)realm, lifetime); if(code == KSUCCESS) code = krb_get_cred(service, instance, realm, &cr); } @@ -82,9 +94,6 @@ krb_mk_req(KTEXT authent, char *service, char *instance, char *realm, if(code) return code; - /* XXX get user realm */ - myrealm = realm; - sp = krb5_storage_emem(); krb5_store_int8(sp, KRB_PROT_VERSION); diff --git a/crypto/heimdal/lib/Makefile.am b/crypto/heimdal/lib/Makefile.am index c600c22..ed228d1 100644 --- a/crypto/heimdal/lib/Makefile.am +++ b/crypto/heimdal/lib/Makefile.am @@ -1,4 +1,4 @@ -# $Id: Makefile.am,v 1.16 1999/04/01 15:03:37 joda Exp $ +# $Id: Makefile.am,v 1.21 2000/11/15 23:11:05 assar Exp $ include $(top_srcdir)/Makefile.am.common @@ -8,6 +8,9 @@ endif if OTP dir_otp = otp endif +if DCE +dir_dce = kdfs +endif -SUBDIRS = roken editline com_err sl asn1 des krb5 \ - kafs hdb kadm5 gssapi auth $(dir_45) $(dir_otp) +SUBDIRS = @DIR_roken@ vers editline com_err sl asn1 @DIR_des@ krb5 \ + kafs hdb kadm5 gssapi auth $(dir_45) $(dir_otp) $(dir_dce) diff --git a/crypto/heimdal/lib/Makefile.in b/crypto/heimdal/lib/Makefile.in index 4c8aa71..22a350f 100644 --- a/crypto/heimdal/lib/Makefile.in +++ b/crypto/heimdal/lib/Makefile.in @@ -1,6 +1,6 @@ -# Makefile.in generated automatically by automake 1.4 from Makefile.am +# Makefile.in generated automatically by automake 1.4a from Makefile.am -# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -10,15 +10,6 @@ # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. -# $Id: Makefile.am,v 1.16 1999/04/01 15:03:37 joda Exp $ - - -# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ - - -# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ - - SHELL = @SHELL@ srcdir = @srcdir@ @@ -40,8 +31,6 @@ mandir = @mandir@ includedir = @includedir@ oldincludedir = /usr/include -DESTDIR = - pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ @@ -54,9 +43,10 @@ AUTOMAKE = @AUTOMAKE@ AUTOHEADER = @AUTOHEADER@ INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_FLAG = transform = @program_transform_name@ NORMAL_INSTALL = : @@ -65,26 +55,39 @@ POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : + +@SET_MAKE@ host_alias = @host_alias@ host_triplet = @host@ -AFS_EXTRA_LD = @AFS_EXTRA_LD@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AMDEP = @AMDEP@ +AMTAR = @AMTAR@ +AS = @AS@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CPP = @CPP@ +CXX = @CXX@ +CXXCPP = @CXXCPP@ DBLIB = @DBLIB@ +DEPDIR = @DEPDIR@ +DIR_des = @DIR_des@ +DIR_roken = @DIR_roken@ +DLLTOOL = @DLLTOOL@ EXEEXT = @EXEEXT@ EXTRA_LIB45 = @EXTRA_LIB45@ GROFF = @GROFF@ +INCLUDES_roken = @INCLUDES_roken@ INCLUDE_ = @INCLUDE_@ -LD = @LD@ LEX = @LEX@ LIBOBJS = @LIBOBJS@ LIBTOOL = @LIBTOOL@ LIB_ = @LIB_@ LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_des = @LIB_des@ +LIB_des_appl = @LIB_des_appl@ LIB_kdb = @LIB_kdb@ LIB_otp = @LIB_otp@ LIB_roken = @LIB_roken@ @@ -92,31 +95,43 @@ LIB_security = @LIB_security@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ -MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ -MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ -MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ -NM = @NM@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ RANLIB = @RANLIB@ +STRIP = @STRIP@ VERSION = @VERSION@ VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ YACC = @YACC@ +dpagaix_CFLAGS = @dpagaix_CFLAGS@ +dpagaix_LDADD = @dpagaix_LDADD@ +install_sh = @install_sh@ + +# $Id: Makefile.am,v 1.21 2000/11/15 23:11:05 assar Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $ + AUTOMAKE_OPTIONS = foreign no-dependencies SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x -INCLUDES = -I$(top_builddir)/include +INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken) AM_CFLAGS = $(WFLAGS) +CP = cp + COMPILE_ET = $(top_builddir)/lib/com_err/compile_et buildinclude = $(top_builddir)/include @@ -136,6 +151,7 @@ LIB_getsockopt = @LIB_getsockopt@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ LIB_odm_initialize = @LIB_odm_initialize@ +LIB_pidfile = @LIB_pidfile@ LIB_readline = @LIB_readline@ LIB_res_search = @LIB_res_search@ LIB_setpcred = @LIB_setpcred@ @@ -144,6 +160,8 @@ LIB_socket = @LIB_socket@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIBS = @LIBS@ + HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ INCLUDE_hesiod = @INCLUDE_hesiod@ @@ -152,32 +170,31 @@ LIB_hesiod = @LIB_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ LIB_krb4 = @LIB_krb4@ +INCLUDE_openldap = @INCLUDE_openldap@ +LIB_openldap = @LIB_openldap@ + INCLUDE_readline = @INCLUDE_readline@ LEXLIB = @LEXLIB@ -cat1dir = $(mandir)/cat1 -cat3dir = $(mandir)/cat3 -cat5dir = $(mandir)/cat5 -cat8dir = $(mandir)/cat8 - -MANRX = \(.*\)\.\([0-9]\) -CATSUFFIX = @CATSUFFIX@ - NROFF_MAN = groff -mandoc -Tascii -@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) +@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la +@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \ +@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la CHECK_LOCAL = $(PROGRAMS) -@KRB4_TRUE@dir_45 = 45 -@OTP_TRUE@dir_otp = otp +@KRB4_TRUE@dir_45 = @KRB4_TRUE@45 +@OTP_TRUE@dir_otp = @OTP_TRUE@otp +@DCE_TRUE@dir_dce = @DCE_TRUE@kdfs -SUBDIRS = roken editline com_err sl asn1 des krb5 kafs hdb kadm5 gssapi auth $(dir_45) $(dir_otp) +SUBDIRS = @DIR_roken@ vers editline com_err sl asn1 @DIR_des@ krb5 \ + kafs hdb kadm5 gssapi auth $(dir_45) $(dir_otp) $(dir_dce) +subdir = lib mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs CONFIG_HEADER = ../include/config.h CONFIG_CLEAN_FILES = @@ -185,16 +202,17 @@ CFLAGS = @CFLAGS@ COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) CCLD = $(CC) -LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +DIST_SOURCES = +depcomp = DIST_COMMON = Makefile.am Makefile.in -DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -TAR = tar GZIP_ENV = --best -DIST_SUBDIRS = roken editline com_err sl asn1 des krb5 kafs hdb kadm5 \ -gssapi auth 45 otp +DIST_SUBDIRS = @DIR_roken@ vers editline com_err sl asn1 @DIR_des@ krb5 \ +kafs hdb kadm5 gssapi auth 45 otp kdfs all: all-redirect .SUFFIXES: .SUFFIXES: .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .et .h .x @@ -213,8 +231,6 @@ Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status # (which will cause the Makefiles to be regenerated when you run `make'); # (2) otherwise, pass the desired values on the `make' command line. -@SET_MAKE@ - all-recursive install-data-recursive install-exec-recursive \ installdirs-recursive install-recursive uninstall-recursive \ check-recursive installcheck-recursive info-recursive dvi-recursive: @@ -242,7 +258,7 @@ maintainer-clean-recursive: dot_seen=no; \ rev=''; list='$(SUBDIRS)'; for subdir in $$list; do \ rev="$$subdir $$rev"; \ - test "$$subdir" = "." && dot_seen=yes; \ + if test "$$subdir" = "."; then dot_seen=yes; else :; fi; \ done; \ test "$$dot_seen" = "no" && rev=". $$rev"; \ target=`echo $@ | sed s/-recursive//`; \ @@ -263,15 +279,17 @@ tags-recursive: tags: TAGS -ID: $(HEADERS) $(SOURCES) $(LISP) - list='$(SOURCES) $(HEADERS)'; \ - unique=`for i in $$list; do echo $$i; done | \ - awk ' { files[$$0] = 1; } \ +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ - here=`pwd` && cd $(srcdir) \ - && mkid -f$$here/ID $$unique $(LISP) + mkid -fID $$unique $(LISP) -TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP) +TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) tags=; \ here=`pwd`; \ list='$(SUBDIRS)'; for subdir in $$list; do \ @@ -279,12 +297,14 @@ TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP) test -f $$subdir/TAGS && tags="$$tags -i $$here/$$subdir/TAGS"; \ fi; \ done; \ - list='$(SOURCES) $(HEADERS)'; \ - unique=`for i in $$list; do echo $$i; done | \ - awk ' { files[$$0] = 1; } \ + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ - || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS) + || etags $(ETAGS_ARGS) $$tags $$unique $(LISP) mostlyclean-tags: @@ -297,17 +317,16 @@ maintainer-clean-tags: distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) -subdir = lib - distdir: $(DISTFILES) @for file in $(DISTFILES); do \ d=$(srcdir); \ if test -d $$d/$$file; then \ - cp -pr $$/$$file $(distdir)/$$file; \ + cp -pR $$d/$$file $(distdir) \ + || exit 1; \ else \ test -f $(distdir)/$$file \ - || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ - || cp -p $$d/$$file $(distdir)/$$file || :; \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ fi; \ done for subdir in $(DIST_SUBDIRS); do \ @@ -315,7 +334,6 @@ distdir: $(DISTFILES) test -d $(distdir)/$$subdir \ || mkdir $(distdir)/$$subdir \ || exit 1; \ - chmod 777 $(distdir)/$$subdir; \ (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir=../$(top_distdir) distdir=../$(distdir)/$$subdir distdir) \ || exit 1; \ fi; \ @@ -346,7 +364,7 @@ uninstall: uninstall-recursive all-am: Makefile all-local all-redirect: all-recursive install-strip: - $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install + $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install installdirs: installdirs-recursive installdirs-am: @@ -360,6 +378,7 @@ distclean-generic: -rm -f config.cache config.log stamp-h stamp-h[0-9]* maintainer-clean-generic: + -rm -f Makefile.in mostlyclean-am: mostlyclean-tags mostlyclean-generic mostlyclean: mostlyclean-recursive @@ -380,19 +399,19 @@ maintainer-clean-am: maintainer-clean-tags maintainer-clean-generic \ maintainer-clean: maintainer-clean-recursive -.PHONY: install-data-recursive uninstall-data-recursive \ -install-exec-recursive uninstall-exec-recursive installdirs-recursive \ -uninstalldirs-recursive all-recursive check-recursive \ -installcheck-recursive info-recursive dvi-recursive \ -mostlyclean-recursive distclean-recursive clean-recursive \ +.PHONY: install-recursive uninstall-recursive install-data-recursive \ +uninstall-data-recursive install-exec-recursive \ +uninstall-exec-recursive installdirs-recursive uninstalldirs-recursive \ +all-recursive check-recursive installcheck-recursive info-recursive \ +dvi-recursive mostlyclean-recursive distclean-recursive clean-recursive \ maintainer-clean-recursive tags tags-recursive mostlyclean-tags \ distclean-tags clean-tags maintainer-clean-tags distdir info-am info \ dvi-am dvi check-local check check-am installcheck-am installcheck \ install-exec-am install-exec install-data-local install-data-am \ install-data install-am install uninstall-am uninstall all-local \ -all-redirect all-am all installdirs-am installdirs mostlyclean-generic \ -distclean-generic clean-generic maintainer-clean-generic clean \ -mostlyclean distclean maintainer-clean +all-redirect all-am all install-strip installdirs-am installdirs \ +mostlyclean-generic distclean-generic clean-generic \ +maintainer-clean-generic clean mostlyclean distclean maintainer-clean install-suid-programs: @@ -400,7 +419,10 @@ install-suid-programs: for file in $$foo; do \ x=$(DESTDIR)$(bindir)/$$file; \ if chown 0:0 $$x && chmod u+s $$x; then :; else \ - chmod 0 $$x; fi; done + echo "*"; \ + echo "* Failed to install $$x setuid root"; \ + echo "*"; \ + fi; done install-exec-hook: install-suid-programs @@ -412,8 +434,8 @@ install-build-headers:: $(include_HEADERS) $(build_HEADERZ) else file="$$f"; fi; \ if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ : ; else \ - echo " cp $$file $(buildinclude)/$$f"; \ - cp $$file $(buildinclude)/$$f; \ + echo " $(CP) $$file $(buildinclude)/$$f"; \ + $(CP) $$file $(buildinclude)/$$f; \ fi ; \ done @@ -482,87 +504,8 @@ dist-cat8-mans: dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans -install-cat1-mans: - @ext=1;\ - foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat3-mans: - @ext=3;\ - foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat5-mans: - @ext=5;\ - foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat8-mans: - @ext=8;\ - foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans +install-cat-mans: + $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) install-data-local: install-cat-mans diff --git a/crypto/heimdal/lib/asn1/Makefile.am b/crypto/heimdal/lib/asn1/Makefile.am index 97fb2bb..8f89441 100644 --- a/crypto/heimdal/lib/asn1/Makefile.am +++ b/crypto/heimdal/lib/asn1/Makefile.am @@ -1,62 +1,67 @@ -# $Id: Makefile.am,v 1.54 1999/12/21 17:03:42 assar Exp $ +# $Id: Makefile.am,v 1.59 2001/01/30 01:46:53 assar Exp $ include $(top_srcdir)/Makefile.am.common YFLAGS = -d lib_LTLIBRARIES = libasn1.la -libasn1_la_LDFLAGS = -version-info 1:4:0 +libasn1_la_LDFLAGS = -version-info 4:0:2 BUILT_SOURCES = \ $(gen_files:.x=.c) \ asn1_err.h \ asn1_err.c -gen_files = \ - asn1_APOptions.x \ - asn1_AP_REP.x \ - asn1_AP_REQ.x \ - asn1_AS_REP.x \ - asn1_AS_REQ.x \ - asn1_Authenticator.x \ - asn1_AuthorizationData.x \ - asn1_Checksum.x \ - asn1_EncAPRepPart.x \ - asn1_EncASRepPart.x \ - asn1_EncKDCRepPart.x \ - asn1_EncKrbCredPart.x \ - asn1_EncKrbPrivPart.x \ - asn1_EncTGSRepPart.x \ - asn1_EncTicketPart.x \ - asn1_EncryptedData.x \ - asn1_EncryptionKey.x \ - asn1_ETYPE_INFO.x \ - asn1_ETYPE_INFO_ENTRY.x \ - asn1_HostAddress.x \ - asn1_HostAddresses.x \ - asn1_KDCOptions.x \ - asn1_KDC_REP.x \ - asn1_KDC_REQ.x \ - asn1_KDC_REQ_BODY.x \ - asn1_KRB_CRED.x \ - asn1_KRB_ERROR.x \ - asn1_KRB_PRIV.x \ - asn1_KRB_SAFE.x \ - asn1_KRB_SAFE_BODY.x \ - asn1_KerberosTime.x \ - asn1_KrbCredInfo.x \ - asn1_LastReq.x \ - asn1_METHOD_DATA.x \ - asn1_PA_DATA.x \ - asn1_PA_ENC_TS_ENC.x \ - asn1_Principal.x \ - asn1_PrincipalName.x \ - asn1_Realm.x \ - asn1_TGS_REP.x \ - asn1_TGS_REQ.x \ - asn1_Ticket.x \ - asn1_TicketFlags.x \ - asn1_TransitedEncoding.x +gen_files = \ + asn1_APOptions.x \ + asn1_AP_REP.x \ + asn1_AP_REQ.x \ + asn1_AS_REP.x \ + asn1_AS_REQ.x \ + asn1_Authenticator.x \ + asn1_AuthorizationData.x \ + asn1_CKSUMTYPE.x \ + asn1_Checksum.x \ + asn1_ETYPE_INFO.x \ + asn1_ETYPE_INFO_ENTRY.x \ + asn1_EncAPRepPart.x \ + asn1_EncASRepPart.x \ + asn1_EncKDCRepPart.x \ + asn1_EncKrbCredPart.x \ + asn1_EncKrbPrivPart.x \ + asn1_EncTGSRepPart.x \ + asn1_EncTicketPart.x \ + asn1_EncryptedData.x \ + asn1_EncryptionKey.x \ + asn1_HostAddress.x \ + asn1_HostAddresses.x \ + asn1_KDCOptions.x \ + asn1_KDC_REP.x \ + asn1_KDC_REQ.x \ + asn1_KDC_REQ_BODY.x \ + asn1_KRB_CRED.x \ + asn1_KRB_ERROR.x \ + asn1_KRB_PRIV.x \ + asn1_KRB_SAFE.x \ + asn1_KRB_SAFE_BODY.x \ + asn1_KerberosTime.x \ + asn1_KrbCredInfo.x \ + asn1_LastReq.x \ + asn1_MESSAGE_TYPE.x \ + asn1_METHOD_DATA.x \ + asn1_NAME_TYPE.x \ + asn1_PADATA_TYPE.x \ + asn1_PA_DATA.x \ + asn1_PA_ENC_TS_ENC.x \ + asn1_Principal.x \ + asn1_PrincipalName.x \ + asn1_Realm.x \ + asn1_TGS_REP.x \ + asn1_TGS_REQ.x \ + asn1_Ticket.x \ + asn1_TicketFlags.x \ + asn1_TransitedEncoding.x \ + asn1_UNSIGNED.x noinst_PROGRAMS = asn1_compile asn1_print diff --git a/crypto/heimdal/lib/asn1/Makefile.in b/crypto/heimdal/lib/asn1/Makefile.in index 25acf1a..7652c10 100644 --- a/crypto/heimdal/lib/asn1/Makefile.in +++ b/crypto/heimdal/lib/asn1/Makefile.in @@ -1,6 +1,6 @@ -# Makefile.in generated automatically by automake 1.4 from Makefile.am +# Makefile.in generated automatically by automake 1.4a from Makefile.am -# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -10,15 +10,6 @@ # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. -# $Id: Makefile.am,v 1.54 1999/12/21 17:03:42 assar Exp $ - - -# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ - - -# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ - - SHELL = @SHELL@ srcdir = @srcdir@ @@ -40,8 +31,6 @@ mandir = @mandir@ includedir = @includedir@ oldincludedir = /usr/include -DESTDIR = - pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ @@ -54,9 +43,10 @@ AUTOMAKE = @AUTOMAKE@ AUTOHEADER = @AUTOHEADER@ INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_FLAG = transform = @program_transform_name@ NORMAL_INSTALL = : @@ -65,26 +55,39 @@ POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : + +@SET_MAKE@ host_alias = @host_alias@ host_triplet = @host@ -AFS_EXTRA_LD = @AFS_EXTRA_LD@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AMDEP = @AMDEP@ +AMTAR = @AMTAR@ +AS = @AS@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CPP = @CPP@ +CXX = @CXX@ +CXXCPP = @CXXCPP@ DBLIB = @DBLIB@ +DEPDIR = @DEPDIR@ +DIR_des = @DIR_des@ +DIR_roken = @DIR_roken@ +DLLTOOL = @DLLTOOL@ EXEEXT = @EXEEXT@ EXTRA_LIB45 = @EXTRA_LIB45@ GROFF = @GROFF@ +INCLUDES_roken = @INCLUDES_roken@ INCLUDE_ = @INCLUDE_@ -LD = @LD@ LEX = @LEX@ LIBOBJS = @LIBOBJS@ LIBTOOL = @LIBTOOL@ LIB_ = @LIB_@ LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_des = @LIB_des@ +LIB_des_appl = @LIB_des_appl@ LIB_kdb = @LIB_kdb@ LIB_otp = @LIB_otp@ LIB_roken = @LIB_roken@ @@ -92,31 +95,43 @@ LIB_security = @LIB_security@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ -MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ -MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ -MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ -NM = @NM@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ RANLIB = @RANLIB@ +STRIP = @STRIP@ VERSION = @VERSION@ VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ YACC = @YACC@ +dpagaix_CFLAGS = @dpagaix_CFLAGS@ +dpagaix_LDADD = @dpagaix_LDADD@ +install_sh = @install_sh@ + +# $Id: Makefile.am,v 1.59 2001/01/30 01:46:53 assar Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $ + AUTOMAKE_OPTIONS = foreign no-dependencies SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x -INCLUDES = -I$(top_builddir)/include +INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken) AM_CFLAGS = $(WFLAGS) +CP = cp + COMPILE_ET = $(top_builddir)/lib/com_err/compile_et buildinclude = $(top_builddir)/include @@ -136,6 +151,7 @@ LIB_getsockopt = @LIB_getsockopt@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ LIB_odm_initialize = @LIB_odm_initialize@ +LIB_pidfile = @LIB_pidfile@ LIB_readline = @LIB_readline@ LIB_res_search = @LIB_res_search@ LIB_setpcred = @LIB_setpcred@ @@ -144,6 +160,8 @@ LIB_socket = @LIB_socket@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIBS = @LIBS@ + HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ INCLUDE_hesiod = @INCLUDE_hesiod@ @@ -152,36 +170,84 @@ LIB_hesiod = @LIB_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ LIB_krb4 = @LIB_krb4@ +INCLUDE_openldap = @INCLUDE_openldap@ +LIB_openldap = @LIB_openldap@ + INCLUDE_readline = @INCLUDE_readline@ LEXLIB = @LEXLIB@ -cat1dir = $(mandir)/cat1 -cat3dir = $(mandir)/cat3 -cat5dir = $(mandir)/cat5 -cat8dir = $(mandir)/cat8 - -MANRX = \(.*\)\.\([0-9]\) -CATSUFFIX = @CATSUFFIX@ - NROFF_MAN = groff -mandoc -Tascii -@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) +@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la +@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \ +@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la CHECK_LOCAL = $(PROGRAMS) YFLAGS = -d lib_LTLIBRARIES = libasn1.la -libasn1_la_LDFLAGS = -version-info 1:4:0 - -BUILT_SOURCES = $(gen_files:.x=.c) asn1_err.h asn1_err.c - - -gen_files = asn1_APOptions.x asn1_AP_REP.x asn1_AP_REQ.x asn1_AS_REP.x asn1_AS_REQ.x asn1_Authenticator.x asn1_AuthorizationData.x asn1_Checksum.x asn1_EncAPRepPart.x asn1_EncASRepPart.x asn1_EncKDCRepPart.x asn1_EncKrbCredPart.x asn1_EncKrbPrivPart.x asn1_EncTGSRepPart.x asn1_EncTicketPart.x asn1_EncryptedData.x asn1_EncryptionKey.x asn1_ETYPE_INFO.x asn1_ETYPE_INFO_ENTRY.x asn1_HostAddress.x asn1_HostAddresses.x asn1_KDCOptions.x asn1_KDC_REP.x asn1_KDC_REQ.x asn1_KDC_REQ_BODY.x asn1_KRB_CRED.x asn1_KRB_ERROR.x asn1_KRB_PRIV.x asn1_KRB_SAFE.x asn1_KRB_SAFE_BODY.x asn1_KerberosTime.x asn1_KrbCredInfo.x asn1_LastReq.x asn1_METHOD_DATA.x asn1_PA_DATA.x asn1_PA_ENC_TS_ENC.x asn1_Principal.x asn1_PrincipalName.x asn1_Realm.x asn1_TGS_REP.x asn1_TGS_REQ.x asn1_Ticket.x asn1_TicketFlags.x asn1_TransitedEncoding.x +libasn1_la_LDFLAGS = -version-info 4:0:2 + +BUILT_SOURCES = \ + $(gen_files:.x=.c) \ + asn1_err.h \ + asn1_err.c + + +gen_files = \ + asn1_APOptions.x \ + asn1_AP_REP.x \ + asn1_AP_REQ.x \ + asn1_AS_REP.x \ + asn1_AS_REQ.x \ + asn1_Authenticator.x \ + asn1_AuthorizationData.x \ + asn1_CKSUMTYPE.x \ + asn1_Checksum.x \ + asn1_ETYPE_INFO.x \ + asn1_ETYPE_INFO_ENTRY.x \ + asn1_EncAPRepPart.x \ + asn1_EncASRepPart.x \ + asn1_EncKDCRepPart.x \ + asn1_EncKrbCredPart.x \ + asn1_EncKrbPrivPart.x \ + asn1_EncTGSRepPart.x \ + asn1_EncTicketPart.x \ + asn1_EncryptedData.x \ + asn1_EncryptionKey.x \ + asn1_HostAddress.x \ + asn1_HostAddresses.x \ + asn1_KDCOptions.x \ + asn1_KDC_REP.x \ + asn1_KDC_REQ.x \ + asn1_KDC_REQ_BODY.x \ + asn1_KRB_CRED.x \ + asn1_KRB_ERROR.x \ + asn1_KRB_PRIV.x \ + asn1_KRB_SAFE.x \ + asn1_KRB_SAFE_BODY.x \ + asn1_KerberosTime.x \ + asn1_KrbCredInfo.x \ + asn1_LastReq.x \ + asn1_MESSAGE_TYPE.x \ + asn1_METHOD_DATA.x \ + asn1_NAME_TYPE.x \ + asn1_PADATA_TYPE.x \ + asn1_PA_DATA.x \ + asn1_PA_ENC_TS_ENC.x \ + asn1_Principal.x \ + asn1_PrincipalName.x \ + asn1_Realm.x \ + asn1_TGS_REP.x \ + asn1_TGS_REQ.x \ + asn1_Ticket.x \ + asn1_TicketFlags.x \ + asn1_TransitedEncoding.x \ + asn1_UNSIGNED.x noinst_PROGRAMS = asn1_compile asn1_print @@ -189,26 +255,41 @@ check_PROGRAMS = check-der TESTS = check-der -asn1_compile_SOURCES = parse.y lex.l main.c hash.c symbol.c gen.c gen_encode.c gen_decode.c gen_free.c gen_length.c gen_copy.c gen_glue.c +asn1_compile_SOURCES = parse.y lex.l main.c hash.c symbol.c gen.c \ + gen_encode.c gen_decode.c gen_free.c gen_length.c gen_copy.c \ + gen_glue.c -libasn1_la_SOURCES = der_get.c der_put.c der_free.c der_length.c der_copy.c timegm.c $(BUILT_SOURCES) +libasn1_la_SOURCES = \ + der_get.c \ + der_put.c \ + der_free.c \ + der_length.c \ + der_copy.c \ + timegm.c \ + $(BUILT_SOURCES) -asn1_compile_LDADD = $(LIB_roken) $(LEXLIB) +asn1_compile_LDADD = \ + $(LIB_roken) $(LEXLIB) -check_der_LDADD = libasn1.la ../com_err/libcom_err.la $(LIB_roken) +check_der_LDADD = \ + libasn1.la \ + ../com_err/libcom_err.la \ + $(LIB_roken) asn1_print_LDADD = $(check_der_LDADD) -CLEANFILES = lex.c parse.c parse.h asn1.h $(BUILT_SOURCES) $(gen_files) asn1_files +CLEANFILES = lex.c parse.c parse.h asn1.h $(BUILT_SOURCES) \ + $(gen_files) asn1_files include_HEADERS = asn1.h asn1_err.h der.h EXTRA_DIST = asn1_err.et +subdir = lib/asn1 mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs CONFIG_HEADER = ../../include/config.h CONFIG_CLEAN_FILES = @@ -218,66 +299,72 @@ LTLIBRARIES = $(lib_LTLIBRARIES) DEFS = @DEFS@ -I. -I$(srcdir) -I../../include CPPFLAGS = @CPPFLAGS@ LDFLAGS = @LDFLAGS@ -LIBS = @LIBS@ X_CFLAGS = @X_CFLAGS@ X_LIBS = @X_LIBS@ X_EXTRA_LIBS = @X_EXTRA_LIBS@ X_PRE_LIBS = @X_PRE_LIBS@ libasn1_la_LIBADD = -libasn1_la_OBJECTS = der_get.lo der_put.lo der_free.lo der_length.lo \ +am_libasn1_la_OBJECTS = der_get.lo der_put.lo der_free.lo der_length.lo \ der_copy.lo timegm.lo asn1_APOptions.lo asn1_AP_REP.lo asn1_AP_REQ.lo \ asn1_AS_REP.lo asn1_AS_REQ.lo asn1_Authenticator.lo \ -asn1_AuthorizationData.lo asn1_Checksum.lo asn1_EncAPRepPart.lo \ +asn1_AuthorizationData.lo asn1_CKSUMTYPE.lo asn1_Checksum.lo \ +asn1_ETYPE_INFO.lo asn1_ETYPE_INFO_ENTRY.lo asn1_EncAPRepPart.lo \ asn1_EncASRepPart.lo asn1_EncKDCRepPart.lo asn1_EncKrbCredPart.lo \ asn1_EncKrbPrivPart.lo asn1_EncTGSRepPart.lo asn1_EncTicketPart.lo \ -asn1_EncryptedData.lo asn1_EncryptionKey.lo asn1_ETYPE_INFO.lo \ -asn1_ETYPE_INFO_ENTRY.lo asn1_HostAddress.lo asn1_HostAddresses.lo \ -asn1_KDCOptions.lo asn1_KDC_REP.lo asn1_KDC_REQ.lo asn1_KDC_REQ_BODY.lo \ -asn1_KRB_CRED.lo asn1_KRB_ERROR.lo asn1_KRB_PRIV.lo asn1_KRB_SAFE.lo \ -asn1_KRB_SAFE_BODY.lo asn1_KerberosTime.lo asn1_KrbCredInfo.lo \ -asn1_LastReq.lo asn1_METHOD_DATA.lo asn1_PA_DATA.lo \ -asn1_PA_ENC_TS_ENC.lo asn1_Principal.lo asn1_PrincipalName.lo \ -asn1_Realm.lo asn1_TGS_REP.lo asn1_TGS_REQ.lo asn1_Ticket.lo \ -asn1_TicketFlags.lo asn1_TransitedEncoding.lo asn1_err.lo +asn1_EncryptedData.lo asn1_EncryptionKey.lo asn1_HostAddress.lo \ +asn1_HostAddresses.lo asn1_KDCOptions.lo asn1_KDC_REP.lo \ +asn1_KDC_REQ.lo asn1_KDC_REQ_BODY.lo asn1_KRB_CRED.lo asn1_KRB_ERROR.lo \ +asn1_KRB_PRIV.lo asn1_KRB_SAFE.lo asn1_KRB_SAFE_BODY.lo \ +asn1_KerberosTime.lo asn1_KrbCredInfo.lo asn1_LastReq.lo \ +asn1_MESSAGE_TYPE.lo asn1_METHOD_DATA.lo asn1_NAME_TYPE.lo \ +asn1_PADATA_TYPE.lo asn1_PA_DATA.lo asn1_PA_ENC_TS_ENC.lo \ +asn1_Principal.lo asn1_PrincipalName.lo asn1_Realm.lo asn1_TGS_REP.lo \ +asn1_TGS_REQ.lo asn1_Ticket.lo asn1_TicketFlags.lo \ +asn1_TransitedEncoding.lo asn1_UNSIGNED.lo asn1_err.lo +libasn1_la_OBJECTS = $(am_libasn1_la_OBJECTS) check_PROGRAMS = check-der$(EXEEXT) noinst_PROGRAMS = asn1_compile$(EXEEXT) asn1_print$(EXEEXT) PROGRAMS = $(noinst_PROGRAMS) -check_der_SOURCES = check-der.c -check_der_OBJECTS = check-der.$(OBJEXT) -check_der_DEPENDENCIES = libasn1.la ../com_err/libcom_err.la -check_der_LDFLAGS = -asn1_compile_OBJECTS = parse.$(OBJEXT) lex.$(OBJEXT) main.$(OBJEXT) \ +am_asn1_compile_OBJECTS = parse.$(OBJEXT) lex.$(OBJEXT) main.$(OBJEXT) \ hash.$(OBJEXT) symbol.$(OBJEXT) gen.$(OBJEXT) gen_encode.$(OBJEXT) \ gen_decode.$(OBJEXT) gen_free.$(OBJEXT) gen_length.$(OBJEXT) \ gen_copy.$(OBJEXT) gen_glue.$(OBJEXT) +asn1_compile_OBJECTS = $(am_asn1_compile_OBJECTS) asn1_compile_DEPENDENCIES = asn1_compile_LDFLAGS = asn1_print_SOURCES = asn1_print.c asn1_print_OBJECTS = asn1_print.$(OBJEXT) asn1_print_DEPENDENCIES = libasn1.la ../com_err/libcom_err.la asn1_print_LDFLAGS = -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -CFLAGS = @CFLAGS@ +check_der_SOURCES = check-der.c +check_der_OBJECTS = check-der.$(OBJEXT) +check_der_DEPENDENCIES = libasn1.la ../com_err/libcom_err.la +check_der_LDFLAGS = COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CFLAGS = @CFLAGS@ +LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ CCLD = $(CC) -LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +DIST_SOURCES = $(libasn1_la_SOURCES) $(asn1_compile_SOURCES) \ +asn1_print.c check-der.c HEADERS = $(include_HEADERS) -DIST_COMMON = Makefile.am Makefile.in lex.c parse.c +depcomp = +DIST_COMMON = $(include_HEADERS) Makefile.am Makefile.in lex.c parse.c \ +parse.h -DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -TAR = tar GZIP_ENV = --best -SOURCES = $(libasn1_la_SOURCES) check-der.c $(asn1_compile_SOURCES) asn1_print.c -OBJECTS = $(libasn1_la_OBJECTS) check-der.$(OBJEXT) $(asn1_compile_OBJECTS) asn1_print.$(OBJEXT) +SOURCES = $(libasn1_la_SOURCES) $(asn1_compile_SOURCES) asn1_print.c check-der.c +OBJECTS = $(am_libasn1_la_OBJECTS) $(am_asn1_compile_OBJECTS) asn1_print.$(OBJEXT) check-der.$(OBJEXT) all: all-redirect .SUFFIXES: -.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .l .lo .o .obj .s .x .y +.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .l .lo .o .obj .x .y $(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/asn1/Makefile @@ -300,31 +387,18 @@ install-libLTLIBRARIES: $(lib_LTLIBRARIES) $(mkinstalldirs) $(DESTDIR)$(libdir) @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ if test -f $$p; then \ - echo "$(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p"; \ - $(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p; \ + echo " $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p"; \ + $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p; \ else :; fi; \ done uninstall-libLTLIBRARIES: @$(NORMAL_UNINSTALL) - list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + echo " $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p"; \ $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \ done -.c.o: - $(COMPILE) -c $< - -# FIXME: We should only use cygpath when building on Windows, -# and only if it is available. -.c.obj: - $(COMPILE) -c `cygpath -w $<` - -.s.o: - $(COMPILE) -c $< - -.S.o: - $(COMPILE) -c $< - mostlyclean-compile: -rm -f *.o core *.core -rm -f *.$(OBJEXT) @@ -336,15 +410,6 @@ distclean-compile: maintainer-clean-compile: -.c.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - -.s.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - -.S.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - mostlyclean-libtool: -rm -f *.lo @@ -376,10 +441,6 @@ distclean-noinstPROGRAMS: maintainer-clean-noinstPROGRAMS: -check-der$(EXEEXT): $(check_der_OBJECTS) $(check_der_DEPENDENCIES) - @rm -f check-der$(EXEEXT) - $(LINK) $(check_der_LDFLAGS) $(check_der_OBJECTS) $(check_der_LDADD) $(LIBS) - asn1_compile$(EXEEXT): $(asn1_compile_OBJECTS) $(asn1_compile_DEPENDENCIES) @rm -f asn1_compile$(EXEEXT) $(LINK) $(asn1_compile_LDFLAGS) $(asn1_compile_OBJECTS) $(asn1_compile_LDADD) $(LIBS) @@ -387,6 +448,16 @@ asn1_compile$(EXEEXT): $(asn1_compile_OBJECTS) $(asn1_compile_DEPENDENCIES) asn1_print$(EXEEXT): $(asn1_print_OBJECTS) $(asn1_print_DEPENDENCIES) @rm -f asn1_print$(EXEEXT) $(LINK) $(asn1_print_LDFLAGS) $(asn1_print_OBJECTS) $(asn1_print_LDADD) $(LIBS) + +check-der$(EXEEXT): $(check_der_OBJECTS) $(check_der_DEPENDENCIES) + @rm -f check-der$(EXEEXT) + $(LINK) $(check_der_LDFLAGS) $(check_der_OBJECTS) $(check_der_LDADD) $(LIBS) +.c.o: + $(COMPILE) -c $< +.c.obj: + $(COMPILE) -c `cygpath -w $<` +.c.lo: + $(LTCOMPILE) -c -o $@ $< .l.c: $(LEX) $(AM_LFLAGS) $(LFLAGS) $< && mv $(LEX_OUTPUT_ROOT).c $@ .y.c: @@ -402,35 +473,42 @@ install-includeHEADERS: $(include_HEADERS) $(mkinstalldirs) $(DESTDIR)$(includedir) @list='$(include_HEADERS)'; for p in $$list; do \ if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \ - echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p"; \ - $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p; \ + f="`echo $$p | sed -e 's|^.*/||'`"; \ + echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f"; \ + $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f; \ done uninstall-includeHEADERS: @$(NORMAL_UNINSTALL) - list='$(include_HEADERS)'; for p in $$list; do \ - rm -f $(DESTDIR)$(includedir)/$$p; \ + @list='$(include_HEADERS)'; for p in $$list; do \ + f="`echo $$p | sed -e 's|^.*/||'`"; \ + echo " rm -f $(DESTDIR)$(includedir)/$$f"; \ + rm -f $(DESTDIR)$(includedir)/$$f; \ done tags: TAGS -ID: $(HEADERS) $(SOURCES) $(LISP) - list='$(SOURCES) $(HEADERS)'; \ - unique=`for i in $$list; do echo $$i; done | \ - awk ' { files[$$0] = 1; } \ +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ - here=`pwd` && cd $(srcdir) \ - && mkid -f$$here/ID $$unique $(LISP) + mkid -fID $$unique $(LISP) -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP) +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) tags=; \ here=`pwd`; \ - list='$(SOURCES) $(HEADERS)'; \ - unique=`for i in $$list; do echo $$i; done | \ - awk ' { files[$$0] = 1; } \ + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ - || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS) + || etags $(ETAGS_ARGS) $$tags $$unique $(LISP) mostlyclean-tags: @@ -440,48 +518,76 @@ distclean-tags: -rm -f TAGS ID maintainer-clean-tags: +check-TESTS: $(TESTS) + @failed=0; all=0; xfail=0; xpass=0; \ + srcdir=$(srcdir); export srcdir; \ + list='$(TESTS)'; \ + if test -n "$$list"; then \ + for tst in $$list; do \ + if test -f ./$$tst; then dir=./; \ + elif test -f $$tst; then dir=; \ + else dir="$(srcdir)/"; fi; \ + if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \ + all=`expr $$all + 1`; \ + case " $(XFAIL_TESTS) " in \ + *" $$tst "*) \ + xpass=`expr $$xpass + 1`; \ + failed=`expr $$failed + 1`; \ + echo "XPASS: $$tst"; \ + ;; \ + *) \ + echo "PASS: $$tst"; \ + ;; \ + esac; \ + elif test $$? -ne 77; then \ + all=`expr $$all + 1`; \ + case " $(XFAIL_TESTS) " in \ + *" $$tst "*) \ + xfail=`expr $$xfail + 1`; \ + echo "XFAIL: $$tst"; \ + ;; \ + *) \ + failed=`expr $$failed + 1`; \ + echo "FAIL: $$tst"; \ + ;; \ + esac; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + if test "$$xfail" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="All $$all tests behaved as expected ($$xfail expected failures)"; \ + fi; \ + else \ + if test "$$xpass" -eq 0; then \ + banner="$$failed of $$all tests failed"; \ + else \ + banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \ + fi; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0; \ + fi distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) -subdir = lib/asn1 - distdir: $(DISTFILES) @for file in $(DISTFILES); do \ d=$(srcdir); \ if test -d $$d/$$file; then \ - cp -pr $$/$$file $(distdir)/$$file; \ + cp -pR $$d/$$file $(distdir) \ + || exit 1; \ else \ test -f $(distdir)/$$file \ - || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ - || cp -p $$d/$$file $(distdir)/$$file || :; \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ fi; \ done $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook -check-TESTS: $(TESTS) - @failed=0; all=0; \ - srcdir=$(srcdir); export srcdir; \ - for tst in $(TESTS); do \ - if test -f $$tst; then dir=.; \ - else dir="$(srcdir)"; fi; \ - if $(TESTS_ENVIRONMENT) $$dir/$$tst; then \ - all=`expr $$all + 1`; \ - echo "PASS: $$tst"; \ - elif test $$? -ne 77; then \ - all=`expr $$all + 1`; \ - failed=`expr $$failed + 1`; \ - echo "FAIL: $$tst"; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 info-am: info: info-am dvi-am: @@ -508,7 +614,7 @@ uninstall: uninstall-am all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(HEADERS) all-local all-redirect: all-am install-strip: - $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install + $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install installdirs: $(mkinstalldirs) $(DESTDIR)$(libdir) $(DESTDIR)$(includedir) @@ -523,7 +629,8 @@ distclean-generic: -rm -f config.cache config.log stamp-h stamp-h[0-9]* maintainer-clean-generic: - -test -z "lexlparsehparsec$(BUILT_SOURCES)" || rm -f lexl parseh parsec $(BUILT_SOURCES) + -rm -f Makefile.in + -test -z "lex.cparse.hparse.c$(BUILT_SOURCES)" || rm -f lex.c parse.h parse.c $(BUILT_SOURCES) mostlyclean-am: mostlyclean-libLTLIBRARIES mostlyclean-compile \ mostlyclean-libtool mostlyclean-checkPROGRAMS \ mostlyclean-noinstPROGRAMS mostlyclean-tags \ @@ -566,12 +673,13 @@ maintainer-clean-checkPROGRAMS mostlyclean-noinstPROGRAMS \ distclean-noinstPROGRAMS clean-noinstPROGRAMS \ maintainer-clean-noinstPROGRAMS uninstall-includeHEADERS \ install-includeHEADERS tags mostlyclean-tags distclean-tags clean-tags \ -maintainer-clean-tags distdir check-TESTS info-am info dvi-am dvi \ +maintainer-clean-tags check-TESTS distdir info-am info dvi-am dvi \ check-local check check-am installcheck-am installcheck install-exec-am \ install-exec install-data-local install-data-am install-data install-am \ install uninstall-am uninstall all-local all-redirect all-am all \ -installdirs mostlyclean-generic distclean-generic clean-generic \ -maintainer-clean-generic clean mostlyclean distclean maintainer-clean +install-strip installdirs mostlyclean-generic distclean-generic \ +clean-generic maintainer-clean-generic clean mostlyclean distclean \ +maintainer-clean install-suid-programs: @@ -579,7 +687,10 @@ install-suid-programs: for file in $$foo; do \ x=$(DESTDIR)$(bindir)/$$file; \ if chown 0:0 $$x && chmod u+s $$x; then :; else \ - chmod 0 $$x; fi; done + echo "*"; \ + echo "* Failed to install $$x setuid root"; \ + echo "*"; \ + fi; done install-exec-hook: install-suid-programs @@ -591,8 +702,8 @@ install-build-headers:: $(include_HEADERS) $(build_HEADERZ) else file="$$f"; fi; \ if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ : ; else \ - echo " cp $$file $(buildinclude)/$$f"; \ - cp $$file $(buildinclude)/$$f; \ + echo " $(CP) $$file $(buildinclude)/$$f"; \ + $(CP) $$file $(buildinclude)/$$f; \ fi ; \ done @@ -661,87 +772,8 @@ dist-cat8-mans: dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans -install-cat1-mans: - @ext=1;\ - foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat3-mans: - @ext=3;\ - foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat5-mans: - @ext=5;\ - foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat8-mans: - @ext=8;\ - foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans +install-cat-mans: + $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) install-data-local: install-cat-mans diff --git a/crypto/heimdal/lib/asn1/asn1-common.h b/crypto/heimdal/lib/asn1/asn1-common.h new file mode 100644 index 0000000..d3a30f2 --- /dev/null +++ b/crypto/heimdal/lib/asn1/asn1-common.h @@ -0,0 +1,16 @@ +/* $Id: asn1-common.h,v 1.1 2000/04/14 15:41:31 joda Exp $ */ + +#include +#include + +#ifndef __asn1_common_definitions__ +#define __asn1_common_definitions__ + +typedef struct octet_string { + size_t length; + void *data; +} octet_string; + +typedef char *general_string; + +#endif diff --git a/crypto/heimdal/lib/asn1/asn1_print.c b/crypto/heimdal/lib/asn1/asn1_print.c index 92e6419..e66ac22 100644 --- a/crypto/heimdal/lib/asn1/asn1_print.c +++ b/crypto/heimdal/lib/asn1/asn1_print.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -37,7 +37,7 @@ #include #include -RCSID("$Id: asn1_print.c,v 1.5 1999/12/02 17:05:01 joda Exp $"); +RCSID("$Id: asn1_print.c,v 1.6 2000/12/29 03:34:16 assar Exp $"); static struct et_list *et_list; @@ -99,6 +99,9 @@ loop (unsigned char *buf, size_t len, int indent) ret = der_get_tag (buf, len, &class, &type, &tag, &sz); if (ret) errx (1, "der_get_tag: %s", com_right (et_list, ret)); + if (sz > len) + errx (1, "unreasonable length (%u) > %u", + (unsigned)sz, (unsigned)len); buf += sz; len -= sz; for (i = 0; i < indent; ++i) diff --git a/crypto/heimdal/lib/asn1/der.h b/crypto/heimdal/lib/asn1/der.h index 37158af..f031f81 100644 --- a/crypto/heimdal/lib/asn1/der.h +++ b/crypto/heimdal/lib/asn1/der.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -31,7 +31,7 @@ * SUCH DAMAGE. */ -/* $Id: der.h,v 1.18 1999/12/02 17:05:01 joda Exp $ */ +/* $Id: der.h,v 1.20 2001/01/29 08:31:27 assar Exp $ */ #ifndef __DER_H__ #define __DER_H__ @@ -66,7 +66,7 @@ enum { time_t timegm (struct tm *); #endif -void time2generalizedtime (time_t t, octet_string *s); +int time2generalizedtime (time_t t, octet_string *s); int der_get_int (const unsigned char *p, size_t len, int *ret, size_t *size); int der_get_length (const unsigned char *p, size_t len, @@ -87,6 +87,7 @@ int der_match_tag_and_length (const unsigned char *p, size_t len, size_t *length_ret, size_t *size); int decode_integer (const unsigned char*, size_t, int*, size_t*); +int decode_unsigned (const unsigned char*, size_t, unsigned*, size_t*); int decode_general_string (const unsigned char*, size_t, general_string*, size_t*); int decode_octet_string (const unsigned char*, size_t, octet_string*, size_t*); @@ -105,6 +106,8 @@ int der_put_length_and_tag (unsigned char*, size_t, size_t, int encode_integer (unsigned char *p, size_t len, const int *data, size_t*); +int encode_unsigned (unsigned char *p, size_t len, + const unsigned *data, size_t*); int encode_general_string (unsigned char *p, size_t len, const general_string *data, size_t*); int encode_octet_string (unsigned char *p, size_t len, @@ -119,6 +122,7 @@ void free_generalized_time (time_t *t); size_t length_len (size_t len); size_t length_integer (const int *data); +size_t length_unsigned (const unsigned *data); size_t length_general_string (const general_string *data); size_t length_octet_string (const octet_string *k); size_t length_generalized_time (const time_t *t); diff --git a/crypto/heimdal/lib/asn1/der_get.c b/crypto/heimdal/lib/asn1/der_get.c index 9f0616b..1a180da 100644 --- a/crypto/heimdal/lib/asn1/der_get.c +++ b/crypto/heimdal/lib/asn1/der_get.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "der_locl.h" -RCSID("$Id: der_get.c,v 1.27 1999/12/02 17:05:01 joda Exp $"); +RCSID("$Id: der_get.c,v 1.28 2000/04/06 17:19:53 assar Exp $"); #include @@ -225,6 +225,33 @@ decode_integer (const unsigned char *p, size_t len, } int +decode_unsigned (const unsigned char *p, size_t len, + unsigned *num, size_t *size) +{ + size_t ret = 0; + size_t l, reallen; + int e; + + e = der_match_tag (p, len, UNIV, PRIM, UT_Integer, &l); + if (e) return e; + p += l; + len -= l; + ret += l; + e = der_get_length (p, len, &reallen, &l); + if (e) return e; + p += l; + len -= l; + ret += l; + e = der_get_unsigned (p, reallen, num, &l); + if (e) return e; + p += l; + len -= l; + ret += l; + if(size) *size = ret; + return 0; +} + +int decode_general_string (const unsigned char *p, size_t len, general_string *str, size_t *size) { diff --git a/crypto/heimdal/lib/asn1/der_length.c b/crypto/heimdal/lib/asn1/der_length.c index 5db95ba..d488f8f 100644 --- a/crypto/heimdal/lib/asn1/der_length.c +++ b/crypto/heimdal/lib/asn1/der_length.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,10 +33,10 @@ #include "der_locl.h" -RCSID("$Id: der_length.c,v 1.10 1999/12/02 17:05:01 joda Exp $"); +RCSID("$Id: der_length.c,v 1.11 2000/04/06 17:20:26 assar Exp $"); static size_t -length_unsigned (unsigned val) +len_unsigned (unsigned val) { size_t ret = 0; @@ -48,7 +48,7 @@ length_unsigned (unsigned val) } static size_t -length_int (int val) +len_int (int val) { size_t ret = 0; @@ -73,13 +73,21 @@ length_len (size_t len) if (len < 128) return 1; else - return length_unsigned (len) + 1; + return len_unsigned (len) + 1; } size_t length_integer (const int *data) { - size_t len = length_int (*data); + size_t len = len_int (*data); + + return 1 + length_len(len) + len; +} + +size_t +length_unsigned (const unsigned *data) +{ + size_t len = len_unsigned (*data); return 1 + length_len(len) + len; } diff --git a/crypto/heimdal/lib/asn1/der_put.c b/crypto/heimdal/lib/asn1/der_put.c index ce21654..1eda917 100644 --- a/crypto/heimdal/lib/asn1/der_put.c +++ b/crypto/heimdal/lib/asn1/der_put.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "der_locl.h" -RCSID("$Id: der_put.c,v 1.22 1999/12/02 17:05:02 joda Exp $"); +RCSID("$Id: der_put.c,v 1.24 2001/01/29 08:31:27 assar Exp $"); /* * All encoding functions take a pointer `p' to first position in @@ -221,6 +221,31 @@ encode_integer (unsigned char *p, size_t len, const int *data, size_t *size) } int +encode_unsigned (unsigned char *p, size_t len, const unsigned *data, + size_t *size) +{ + unsigned num = *data; + size_t ret = 0; + size_t l; + int e; + + e = der_put_unsigned (p, len, num, &l); + if(e) + return e; + p -= l; + len -= l; + ret += l; + e = der_put_length_and_tag (p, len, l, UNIV, PRIM, UT_Integer, &l); + if (e) + return e; + p -= l; + len -= l; + ret += l; + *size = ret; + return 0; +} + +int encode_general_string (unsigned char *p, size_t len, const general_string *data, size_t *size) { @@ -268,17 +293,20 @@ encode_octet_string (unsigned char *p, size_t len, return 0; } -void +int time2generalizedtime (time_t t, octet_string *s) { struct tm *tm; s->data = malloc(16); + if (s->data == NULL) + return ENOMEM; s->length = 15; tm = gmtime (&t); sprintf (s->data, "%04d%02d%02d%02d%02d%02dZ", tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday, tm->tm_hour, tm->tm_min, tm->tm_sec); + return 0; } int @@ -290,7 +318,9 @@ encode_generalized_time (unsigned char *p, size_t len, octet_string k; int e; - time2generalizedtime (*t, &k); + e = time2generalizedtime (*t, &k); + if (e) + return e; e = der_put_octet_string (p, len, &k, &l); free (k.data); if (e) diff --git a/crypto/heimdal/lib/asn1/gen.c b/crypto/heimdal/lib/asn1/gen.c index bca4516..54212d9 100644 --- a/crypto/heimdal/lib/asn1/gen.c +++ b/crypto/heimdal/lib/asn1/gen.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,18 +33,24 @@ #include "gen_locl.h" -RCSID("$Id: gen.c,v 1.41 1999/12/02 17:05:02 joda Exp $"); +RCSID("$Id: gen.c,v 1.44 2000/06/19 15:17:52 joda Exp $"); FILE *headerfile, *codefile, *logfile; #define STEM "asn1" -static char *orig_filename; +static const char *orig_filename; static char header[1024]; static char headerbase[1024] = STEM; +const char * +filename (void) +{ + return orig_filename; +} + void -init_generate (char *filename, char *base) +init_generate (const char *filename, const char *base) { orig_filename = filename; if(base) @@ -91,7 +97,7 @@ init_generate (char *filename, char *base) } void -close_generate () +close_generate (void) { fprintf (headerfile, "#endif /* __%s_h__ */\n", headerbase); @@ -126,6 +132,10 @@ define_asn1 (int level, Type *t) space(level); fprintf (headerfile, "INTEGER"); break; + case TUInteger: + space(level); + fprintf (headerfile, "UNSIGNED INTEGER"); + break; case TOctetString: space(level); fprintf (headerfile, "OCTET STRING"); @@ -217,7 +227,21 @@ define_type (int level, char *name, Type *t, int typedefp) break; case TInteger: space(level); - fprintf (headerfile, "int %s;\n", name); + if(t->members == NULL) { + fprintf (headerfile, "int %s;\n", name); + } else { + Member *m; + int tag = -1; + fprintf (headerfile, "enum %s {\n", typedefp ? name : ""); + for (m = t->members; m && m->val != tag; m = m->next) { + if(tag == -1) + tag = m->val; + space (level + 1); + fprintf(headerfile, "%s = %d%s\n", m->gen_name, m->val, + m->next->val == tag ? "" : ","); + } + fprintf (headerfile, "} %s;\n", name); + } break; case TUInteger: space(level); diff --git a/crypto/heimdal/lib/asn1/gen_copy.c b/crypto/heimdal/lib/asn1/gen_copy.c index f9aa489..7d414a9 100644 --- a/crypto/heimdal/lib/asn1/gen_copy.c +++ b/crypto/heimdal/lib/asn1/gen_copy.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "gen_locl.h" -RCSID("$Id: gen_copy.c,v 1.10 1999/12/02 17:05:02 joda Exp $"); +RCSID("$Id: gen_copy.c,v 1.11 2000/04/06 17:22:05 assar Exp $"); static void copy_primitive (const char *typename, const char *from, const char *to) @@ -54,6 +54,7 @@ copy_type (const char *from, const char *to, const Type *t) t->symbol->gen_name, from, to); break; case TInteger: + case TUInteger: fprintf(codefile, "*(%s) = *(%s);\n", to, from); break; case TOctetString: diff --git a/crypto/heimdal/lib/asn1/gen_decode.c b/crypto/heimdal/lib/asn1/gen_decode.c index 078ac44..bed19a9 100644 --- a/crypto/heimdal/lib/asn1/gen_decode.c +++ b/crypto/heimdal/lib/asn1/gen_decode.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "gen_locl.h" -RCSID("$Id: gen_decode.c,v 1.11 1999/12/02 17:05:02 joda Exp $"); +RCSID("$Id: gen_decode.c,v 1.15 2001/01/29 08:36:45 assar Exp $"); static void decode_primitive (const char *typename, const char *name) @@ -48,215 +48,228 @@ decode_primitive (const char *typename, const char *name) static void decode_type (const char *name, const Type *t) { - switch (t->type) { - case TType: + switch (t->type) { + case TType: #if 0 - decode_type (name, t->symbol->type); + decode_type (name, t->symbol->type); #endif - fprintf (codefile, - "e = decode_%s(p, len, %s, &l);\n" - "FORW;\n", - t->symbol->gen_name, name); - break; - case TInteger: - decode_primitive ("integer", name); - break; - case TOctetString: - decode_primitive ("octet_string", name); - break; - case TBitString: { - Member *m; - int tag = -1; - int pos; + fprintf (codefile, + "e = decode_%s(p, len, %s, &l);\n" + "FORW;\n", + t->symbol->gen_name, name); + break; + case TInteger: + if(t->members == NULL) + decode_primitive ("integer", name); + else { + char *s; + asprintf(&s, "(int*)%s", name); + if(s == NULL) + errx (1, "out of memory"); + decode_primitive ("integer", s); + free(s); + } + break; + case TUInteger: + decode_primitive ("unsigned", name); + break; + case TOctetString: + decode_primitive ("octet_string", name); + break; + case TBitString: { + Member *m; + int tag = -1; + int pos; - fprintf (codefile, - "e = der_match_tag_and_length (p, len, UNIV, PRIM, UT_BitString," - "&reallen, &l);\n" - "FORW;\n" - "if(len < reallen)\n" - "return ASN1_OVERRUN;\n" - "p++;\n" - "len--;\n" - "reallen--;\n" - "ret++;\n"); - pos = 0; - for (m = t->members; m && tag != m->val; m = m->next) { - while (m->val / 8 > pos / 8) { fprintf (codefile, - "p++; len--; reallen--; ret++;\n"); - pos += 8; - } - fprintf (codefile, - "%s->%s = (*p >> %d) & 1;\n", - name, m->gen_name, 7 - m->val % 8); - if (tag == -1) - tag = m->val; + "e = der_match_tag_and_length (p, len, UNIV, PRIM, UT_BitString," + "&reallen, &l);\n" + "FORW;\n" + "if(len < reallen)\n" + "return ASN1_OVERRUN;\n" + "p++;\n" + "len--;\n" + "reallen--;\n" + "ret++;\n"); + pos = 0; + for (m = t->members; m && tag != m->val; m = m->next) { + while (m->val / 8 > pos / 8) { + fprintf (codefile, + "p++; len--; reallen--; ret++;\n"); + pos += 8; + } + fprintf (codefile, + "%s->%s = (*p >> %d) & 1;\n", + name, m->gen_name, 7 - m->val % 8); + if (tag == -1) + tag = m->val; + } + fprintf (codefile, + "p += reallen; len -= reallen; ret += reallen;\n"); + break; } - fprintf (codefile, - "p += reallen; len -= reallen; ret += reallen;\n"); - break; - } - case TSequence: { - Member *m; - int tag = -1; + case TSequence: { + Member *m; + int tag = -1; - if (t->members == NULL) - break; + if (t->members == NULL) + break; - fprintf (codefile, - "e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence," - "&reallen, &l);\n" - "FORW;\n" - "{\n" - "int dce_fix;\n" - "if((dce_fix = fix_dce(reallen, &len)) < 0)\n" - "return ASN1_BAD_FORMAT;\n"); + fprintf (codefile, + "e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence," + "&reallen, &l);\n" + "FORW;\n" + "{\n" + "int dce_fix;\n" + "if((dce_fix = fix_dce(reallen, &len)) < 0)\n" + "return ASN1_BAD_FORMAT;\n"); - for (m = t->members; m && tag != m->val; m = m->next) { - char *s; + for (m = t->members; m && tag != m->val; m = m->next) { + char *s; - asprintf (&s, "%s(%s)->%s", m->optional ? "" : "&", name, m->gen_name); - if (0 && m->type->type == TType){ - if(m->optional) - fprintf (codefile, - "%s = malloc(sizeof(*%s));\n", s, s); - fprintf (codefile, - "e = decode_seq_%s(p, len, %d, %d, %s, &l);\n", - m->type->symbol->gen_name, - m->val, - m->optional, - s); - if(m->optional) - fprintf (codefile, - "if (e == ASN1_MISSING_FIELD) {\n" - "free(%s);\n" - "%s = NULL;\n" - "e = l = 0;\n" - "}\n", - s, s); + asprintf (&s, "%s(%s)->%s", m->optional ? "" : "&", name, m->gen_name); + if (0 && m->type->type == TType){ + if(m->optional) + fprintf (codefile, + "%s = malloc(sizeof(*%s));\n" + "if(%s == NULL) return ENOMEM;\n", s, s, s); + fprintf (codefile, + "e = decode_seq_%s(p, len, %d, %d, %s, &l);\n", + m->type->symbol->gen_name, + m->val, + m->optional, + s); + if(m->optional) + fprintf (codefile, + "if (e == ASN1_MISSING_FIELD) {\n" + "free(%s);\n" + "%s = NULL;\n" + "e = l = 0;\n" + "}\n", + s, s); - fprintf (codefile, "FORW;\n"); + fprintf (codefile, "FORW;\n"); - }else{ - fprintf (codefile, "{\n" - "size_t newlen, oldlen;\n\n" - "e = der_match_tag (p, len, CONTEXT, CONS, %d, &l);\n", - m->val); - fprintf (codefile, - "if (e)\n"); - if(m->optional) - /* XXX should look at e */ - fprintf (codefile, - "%s = NULL;\n", s); - else - fprintf (codefile, - "return e;\n"); - fprintf (codefile, - "else {\n"); - fprintf (codefile, - "p += l;\n" - "len -= l;\n" - "ret += l;\n" - "e = der_get_length (p, len, &newlen, &l);\n" - "FORW;\n" - "{\n" + }else{ + fprintf (codefile, "{\n" + "size_t newlen, oldlen;\n\n" + "e = der_match_tag (p, len, CONTEXT, CONS, %d, &l);\n", + m->val); + fprintf (codefile, + "if (e)\n"); + if(m->optional) + /* XXX should look at e */ + fprintf (codefile, + "%s = NULL;\n", s); + else + fprintf (codefile, + "return e;\n"); + fprintf (codefile, + "else {\n"); + fprintf (codefile, + "p += l;\n" + "len -= l;\n" + "ret += l;\n" + "e = der_get_length (p, len, &newlen, &l);\n" + "FORW;\n" + "{\n" - "int dce_fix;\n" - "oldlen = len;\n" - "if((dce_fix = fix_dce(newlen, &len)) < 0)" - "return ASN1_BAD_FORMAT;\n"); - if (m->optional) - fprintf (codefile, - "%s = malloc(sizeof(*%s));\n", - s, s); - decode_type (s, m->type); - fprintf (codefile, - "if(dce_fix){\n" - "e = der_match_tag_and_length (p, len, " - "(Der_class)0, (Der_type)0, 0, &reallen, &l);\n" - "FORW;\n" - "}else \n" - "len = oldlen - newlen;\n" - "}\n" - "}\n"); - fprintf (codefile, - "}\n"); - } - if (tag == -1) - tag = m->val; - free (s); - } - fprintf(codefile, - "if(dce_fix){\n" - "e = der_match_tag_and_length (p, len, " - "(Der_class)0, (Der_type)0, 0, &reallen, &l);\n" - "FORW;\n" - "}\n" - "}\n"); + "int dce_fix;\n" + "oldlen = len;\n" + "if((dce_fix = fix_dce(newlen, &len)) < 0)" + "return ASN1_BAD_FORMAT;\n"); + if (m->optional) + fprintf (codefile, + "%s = malloc(sizeof(*%s));\n" + "if(%s == NULL) return ENOMEM;\n", s, s, s); + decode_type (s, m->type); + fprintf (codefile, + "if(dce_fix){\n" + "e = der_match_tag_and_length (p, len, " + "(Der_class)0, (Der_type)0, 0, &reallen, &l);\n" + "FORW;\n" + "}else \n" + "len = oldlen - newlen;\n" + "}\n" + "}\n"); + fprintf (codefile, + "}\n"); + } + if (tag == -1) + tag = m->val; + free (s); + } + fprintf(codefile, + "if(dce_fix){\n" + "e = der_match_tag_and_length (p, len, " + "(Der_class)0, (Der_type)0, 0, &reallen, &l);\n" + "FORW;\n" + "}\n" + "}\n"); - break; - } - case TSequenceOf: { - char *n; + break; + } + case TSequenceOf: { + char *n; - fprintf (codefile, - "e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence," - "&reallen, &l);\n" - "FORW;\n" - "if(len < reallen)\n" - "return ASN1_OVERRUN;\n" - "len = reallen;\n"); + fprintf (codefile, + "e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence," + "&reallen, &l);\n" + "FORW;\n" + "if(len < reallen)\n" + "return ASN1_OVERRUN;\n" + "len = reallen;\n"); - fprintf (codefile, - "{\n" - "size_t origlen = len;\n" - "int oldret = ret;\n" - "ret = 0;\n" - "(%s)->len = 0;\n" - "(%s)->val = NULL;\n" - "while(ret < origlen) {\n" - "(%s)->len++;\n" - "(%s)->val = realloc((%s)->val, sizeof(*((%s)->val)) * (%s)->len);\n", - name, name, name, name, name, name, name); - asprintf (&n, "&(%s)->val[(%s)->len-1]", name, name); - decode_type (n, t->subtype); - fprintf (codefile, - "len = origlen - ret;\n" - "}\n" - "ret += oldret;\n" - "}\n"); - free (n); - break; - } - case TGeneralizedTime: - decode_primitive ("generalized_time", name); - break; - case TGeneralString: - decode_primitive ("general_string", name); - break; - case TApplication: - fprintf (codefile, - "e = der_match_tag_and_length (p, len, APPL, CONS, %d, " - "&reallen, &l);\n" - "FORW;\n" - "{\n" - "int dce_fix;\n" - "if((dce_fix = fix_dce(reallen, &len)) < 0)\n" - "return ASN1_BAD_FORMAT;\n", - t->application); - decode_type (name, t->subtype); - fprintf(codefile, - "if(dce_fix){\n" - "e = der_match_tag_and_length (p, len, " - "(Der_class)0, (Der_type)0, 0, &reallen, &l);\n" - "FORW;\n" - "}\n" - "}\n"); + fprintf (codefile, + "{\n" + "size_t origlen = len;\n" + "int oldret = ret;\n" + "ret = 0;\n" + "(%s)->len = 0;\n" + "(%s)->val = NULL;\n" + "while(ret < origlen) {\n" + "(%s)->len++;\n" + "(%s)->val = realloc((%s)->val, sizeof(*((%s)->val)) * (%s)->len);\n", + name, name, name, name, name, name, name); + asprintf (&n, "&(%s)->val[(%s)->len-1]", name, name); + decode_type (n, t->subtype); + fprintf (codefile, + "len = origlen - ret;\n" + "}\n" + "ret += oldret;\n" + "}\n"); + free (n); + break; + } + case TGeneralizedTime: + decode_primitive ("generalized_time", name); + break; + case TGeneralString: + decode_primitive ("general_string", name); + break; + case TApplication: + fprintf (codefile, + "e = der_match_tag_and_length (p, len, APPL, CONS, %d, " + "&reallen, &l);\n" + "FORW;\n" + "{\n" + "int dce_fix;\n" + "if((dce_fix = fix_dce(reallen, &len)) < 0)\n" + "return ASN1_BAD_FORMAT;\n", + t->application); + decode_type (name, t->subtype); + fprintf(codefile, + "if(dce_fix){\n" + "e = der_match_tag_and_length (p, len, " + "(Der_class)0, (Der_type)0, 0, &reallen, &l);\n" + "FORW;\n" + "}\n" + "}\n"); - break; - default : - abort (); - } + break; + default : + abort (); + } } void @@ -282,17 +295,10 @@ generate_type_decode (const Symbol *s) switch (s->type->type) { case TInteger: - fprintf (codefile, "return decode_integer (p, len, data, size);\n"); - break; + case TUInteger: case TOctetString: - fprintf (codefile, "return decode_octet_string (p, len, data, size);\n"); - break; case TGeneralizedTime: - fprintf (codefile, "return decode_generalized_time (p, len, data, size);\n"); - break; case TGeneralString: - fprintf (codefile, "return decode_general_string (p, len, data, size);\n"); - break; case TBitString: case TSequence: case TSequenceOf: @@ -303,6 +309,7 @@ generate_type_decode (const Symbol *s) "size_t l;\n" "int i, e;\n\n"); fprintf(codefile, "i = 0;\n"); /* hack to avoid `unused variable' */ + fprintf(codefile, "reallen = 0;\n"); /* hack to avoid `unused variable' */ decode_type ("data", s->type); fprintf (codefile, diff --git a/crypto/heimdal/lib/asn1/gen_encode.c b/crypto/heimdal/lib/asn1/gen_encode.c index 9e9b293..367ca37 100644 --- a/crypto/heimdal/lib/asn1/gen_encode.c +++ b/crypto/heimdal/lib/asn1/gen_encode.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "gen_locl.h" -RCSID("$Id: gen_encode.c,v 1.9 1999/12/02 17:05:02 joda Exp $"); +RCSID("$Id: gen_encode.c,v 1.11 2000/06/19 15:19:08 joda Exp $"); static void encode_primitive (const char *typename, const char *name) @@ -48,154 +48,166 @@ encode_primitive (const char *typename, const char *name) static void encode_type (const char *name, const Type *t) { - switch (t->type) { - case TType: + switch (t->type) { + case TType: #if 0 - encode_type (name, t->symbol->type); + encode_type (name, t->symbol->type); #endif - fprintf (codefile, - "e = encode_%s(p, len, %s, &l);\n" - "BACK;\n", - t->symbol->gen_name, name); - break; - case TInteger: - encode_primitive ("integer", name); - break; - case TOctetString: - encode_primitive ("octet_string", name); - break; - case TBitString: { - Member *m; - int pos; - int rest; - int tag = -1; - - if (t->members == NULL) - break; - - fprintf (codefile, "{\n" - "unsigned char c = 0;\n"); - pos = t->members->prev->val; - /* fix for buggy MIT (and OSF?) code */ - if (pos > 31) - abort (); - /* - * It seems that if we do not always set pos to 31 here, the MIT - * code will do the wrong thing. - * - * I hate ASN.1 (and DER), but I hate it even more when everybody - * has to screw it up differently. - */ - pos = 31; - rest = 7 - (pos % 8); - - for (m = t->members->prev; m && tag != m->val; m = m->prev) { - while (m->val / 8 < pos / 8) { fprintf (codefile, - "*p-- = c; len--; ret++;\n" - "c = 0;\n"); - pos -= 8; - } - fprintf (codefile, - "if(%s->%s) c |= 1<<%d;\n", name, m->gen_name, - 7 - m->val % 8); - - if (tag == -1) - tag = m->val; - } + "e = encode_%s(p, len, %s, &l);\n" + "BACK;\n", + t->symbol->gen_name, name); + break; + case TInteger: + if(t->members == NULL) + encode_primitive ("integer", name); + else { + char *s; + asprintf(&s, "(const int*)%s", name); + if(s == NULL) + errx(1, "out of memory"); + encode_primitive ("integer", s); + free(s); + } + break; + case TUInteger: + encode_primitive ("unsigned", name); + break; + case TOctetString: + encode_primitive ("octet_string", name); + break; + case TBitString: { + Member *m; + int pos; + int rest; + int tag = -1; - fprintf (codefile, - "*p-- = c;\n" - "*p-- = %d;\n" - "len -= 2;\n" - "ret += 2;\n" - "}\n\n" - "e = der_put_length_and_tag (p, len, ret, UNIV, PRIM," - "UT_BitString, &l);\n" - "BACK;\n", - rest); - break; - } - case TSequence: { - Member *m; - int tag = -1; + if (t->members == NULL) + break; - if (t->members == NULL) - break; + fprintf (codefile, "{\n" + "unsigned char c = 0;\n"); + pos = t->members->prev->val; + /* fix for buggy MIT (and OSF?) code */ + if (pos > 31) + abort (); + /* + * It seems that if we do not always set pos to 31 here, the MIT + * code will do the wrong thing. + * + * I hate ASN.1 (and DER), but I hate it even more when everybody + * has to screw it up differently. + */ + pos = 31; + rest = 7 - (pos % 8); - for (m = t->members->prev; m && tag != m->val; m = m->prev) { - char *s; + for (m = t->members->prev; m && tag != m->val; m = m->prev) { + while (m->val / 8 < pos / 8) { + fprintf (codefile, + "*p-- = c; len--; ret++;\n" + "c = 0;\n"); + pos -= 8; + } + fprintf (codefile, + "if(%s->%s) c |= 1<<%d;\n", name, m->gen_name, + 7 - m->val % 8); - asprintf (&s, "%s(%s)->%s", m->optional ? "" : "&", name, m->gen_name); - if (m->optional) - fprintf (codefile, - "if(%s)\n", - s); + if (tag == -1) + tag = m->val; + } + + fprintf (codefile, + "*p-- = c;\n" + "*p-- = %d;\n" + "len -= 2;\n" + "ret += 2;\n" + "}\n\n" + "e = der_put_length_and_tag (p, len, ret, UNIV, PRIM," + "UT_BitString, &l);\n" + "BACK;\n", + rest); + break; + } + case TSequence: { + Member *m; + int tag = -1; + + if (t->members == NULL) + break; + + for (m = t->members->prev; m && tag != m->val; m = m->prev) { + char *s; + + asprintf (&s, "%s(%s)->%s", m->optional ? "" : "&", name, m->gen_name); + if (m->optional) + fprintf (codefile, + "if(%s)\n", + s); #if 1 - fprintf (codefile, "{\n" - "int oldret = ret;\n" - "ret = 0;\n"); + fprintf (codefile, "{\n" + "int oldret = ret;\n" + "ret = 0;\n"); #endif - encode_type (s, m->type); - fprintf (codefile, - "e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, " - "%d, &l);\n" - "BACK;\n", - m->val); + encode_type (s, m->type); + fprintf (codefile, + "e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, " + "%d, &l);\n" + "BACK;\n", + m->val); #if 1 - fprintf (codefile, - "ret += oldret;\n" - "}\n"); + fprintf (codefile, + "ret += oldret;\n" + "}\n"); #endif - if (tag == -1) - tag = m->val; - free (s); + if (tag == -1) + tag = m->val; + free (s); + } + fprintf (codefile, + "e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);\n" + "BACK;\n"); + break; } - fprintf (codefile, - "e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);\n" - "BACK;\n"); - break; - } - case TSequenceOf: { - char *n; + case TSequenceOf: { + char *n; - fprintf (codefile, - "for(i = (%s)->len - 1; i >= 0; --i) {\n" + fprintf (codefile, + "for(i = (%s)->len - 1; i >= 0; --i) {\n" #if 1 - "int oldret = ret;\n" - "ret = 0;\n", + "int oldret = ret;\n" + "ret = 0;\n", #else - , + , #endif - name); - asprintf (&n, "&(%s)->val[i]", name); - encode_type (n, t->subtype); - fprintf (codefile, + name); + asprintf (&n, "&(%s)->val[i]", name); + encode_type (n, t->subtype); + fprintf (codefile, #if 1 - "ret += oldret;\n" + "ret += oldret;\n" #endif - "}\n" - "e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);\n" - "BACK;\n"); - free (n); - break; - } - case TGeneralizedTime: - encode_primitive ("generalized_time", name); - break; - case TGeneralString: - encode_primitive ("general_string", name); - break; - case TApplication: - encode_type (name, t->subtype); - fprintf (codefile, - "e = der_put_length_and_tag (p, len, ret, APPL, CONS, %d, &l);\n" - "BACK;\n", - t->application); - break; - default: - abort (); - } + "}\n" + "e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);\n" + "BACK;\n"); + free (n); + break; + } + case TGeneralizedTime: + encode_primitive ("generalized_time", name); + break; + case TGeneralString: + encode_primitive ("general_string", name); + break; + case TApplication: + encode_type (name, t->subtype); + fprintf (codefile, + "e = der_put_length_and_tag (p, len, ret, APPL, CONS, %d, &l);\n" + "BACK;\n", + t->application); + break; + default: + abort (); + } } void @@ -217,17 +229,10 @@ generate_type_encode (const Symbol *s) switch (s->type->type) { case TInteger: - fprintf (codefile, "return encode_integer (p, len, data, size);\n"); - break; + case TUInteger: case TOctetString: - fprintf (codefile, "return encode_octet_string (p, len, data, size);\n"); - break; case TGeneralizedTime: - fprintf (codefile, "return encode_generalized_time (p, len, data, size);\n"); - break; case TGeneralString: - fprintf (codefile, "return encode_general_string (p, len, data, size);\n"); - break; case TBitString: case TSequence: case TSequenceOf: @@ -239,7 +244,8 @@ generate_type_encode (const Symbol *s) "int i, e;\n\n"); fprintf(codefile, "i = 0;\n"); /* hack to avoid `unused variable' */ - encode_type ("data", s->type); + encode_type("data", s->type); + fprintf (codefile, "*size = ret;\n" "return 0;\n"); break; diff --git a/crypto/heimdal/lib/asn1/gen_free.c b/crypto/heimdal/lib/asn1/gen_free.c index 0f6078b..20ae521 100644 --- a/crypto/heimdal/lib/asn1/gen_free.c +++ b/crypto/heimdal/lib/asn1/gen_free.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "gen_locl.h" -RCSID("$Id: gen_free.c,v 1.7 1999/12/02 17:05:02 joda Exp $"); +RCSID("$Id: gen_free.c,v 1.8 2000/04/06 17:24:02 assar Exp $"); static void free_primitive (const char *typename, const char *name) @@ -52,6 +52,7 @@ free_type (const char *name, const Type *t) fprintf (codefile, "free_%s(%s);\n", t->symbol->gen_name, name); break; case TInteger: + case TUInteger: break; case TOctetString: free_primitive ("octet_string", name); diff --git a/crypto/heimdal/lib/asn1/gen_length.c b/crypto/heimdal/lib/asn1/gen_length.c index 1c3566d..ca2af6f 100644 --- a/crypto/heimdal/lib/asn1/gen_length.c +++ b/crypto/heimdal/lib/asn1/gen_length.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "gen_locl.h" -RCSID("$Id: gen_length.c,v 1.7 1999/12/02 17:05:02 joda Exp $"); +RCSID("$Id: gen_length.c,v 1.10 2000/06/21 22:40:53 assar Exp $"); static void length_primitive (const char *typename, @@ -46,91 +46,103 @@ length_primitive (const char *typename, static void length_type (const char *name, const Type *t, const char *variable) { - switch (t->type) { - case TType: + switch (t->type) { + case TType: #if 0 - length_type (name, t->symbol->type); + length_type (name, t->symbol->type); #endif - fprintf (codefile, "%s += length_%s(%s);\n", - variable, t->symbol->gen_name, name); - break; - case TInteger: - length_primitive ("integer", name, variable); - break; - case TOctetString: - length_primitive ("octet_string", name, variable); - break; - case TBitString: { - /* - * XXX - Hope this is correct - * look at TBitString case in `encode_type' - */ - fprintf (codefile, "%s += 7;\n", variable); - break; - } - case TSequence: { - Member *m; - int tag = -1; + fprintf (codefile, "%s += length_%s(%s);\n", + variable, t->symbol->gen_name, name); + break; + case TInteger: + if(t->members == NULL) + length_primitive ("integer", name, variable); + else { + char *s; + asprintf(&s, "(const int*)%s", name); + if(s == NULL) + errx (1, "out of memory"); + length_primitive ("integer", s, variable); + free(s); + } + break; + case TUInteger: + length_primitive ("unsigned", name, variable); + break; + case TOctetString: + length_primitive ("octet_string", name, variable); + break; + case TBitString: { + /* + * XXX - Hope this is correct + * look at TBitString case in `encode_type' + */ + fprintf (codefile, "%s += 7;\n", variable); + break; + } + case TSequence: { + Member *m; + int tag = -1; - if (t->members == NULL) - break; + if (t->members == NULL) + break; - for (m = t->members; m && tag != m->val; m = m->next) { - char *s; + for (m = t->members; m && tag != m->val; m = m->next) { + char *s; - asprintf (&s, "%s(%s)->%s", - m->optional ? "" : "&", name, m->gen_name); - if (m->optional) - fprintf (codefile, "if(%s)", s); - fprintf (codefile, "{\n" - "int oldret = %s;\n" - "%s = 0;\n", variable, variable); - length_type (s, m->type, "ret"); - fprintf (codefile, "%s += 1 + length_len(%s) + oldret;\n", - variable, variable); - fprintf (codefile, "}\n"); - if (tag == -1) - tag = m->val; - free (s); - } - fprintf (codefile, - "%s += 1 + length_len(%s);\n", variable, variable); - break; - } - case TSequenceOf: { - char *n; + asprintf (&s, "%s(%s)->%s", + m->optional ? "" : "&", name, m->gen_name); + if (m->optional) + fprintf (codefile, "if(%s)", s); + fprintf (codefile, "{\n" + "int oldret = %s;\n" + "%s = 0;\n", variable, variable); + length_type (s, m->type, "ret"); + fprintf (codefile, "%s += 1 + length_len(%s) + oldret;\n", + variable, variable); + fprintf (codefile, "}\n"); + if (tag == -1) + tag = m->val; + free (s); + } + fprintf (codefile, + "%s += 1 + length_len(%s);\n", variable, variable); + break; + } + case TSequenceOf: { + char *n; - fprintf (codefile, - "{\n" - "int oldret = %s;\n" - "int i;\n" - "%s = 0;\n", - variable, variable); + fprintf (codefile, + "{\n" + "int oldret = %s;\n" + "int i;\n" + "%s = 0;\n", + variable, variable); - fprintf (codefile, "for(i = (%s)->len - 1; i >= 0; --i){\n", name); - asprintf (&n, "&(%s)->val[i]", name); - length_type(n, t->subtype, variable); - fprintf (codefile, "}\n"); + fprintf (codefile, "for(i = (%s)->len - 1; i >= 0; --i){\n", name); + asprintf (&n, "&(%s)->val[i]", name); + length_type(n, t->subtype, variable); + fprintf (codefile, "}\n"); - fprintf (codefile, - "%s += 1 + length_len(%s) + oldret;\n" - "}\n", variable, variable); - free(n); - break; - } - case TGeneralizedTime: - length_primitive ("generalized_time", name, variable); - break; - case TGeneralString: - length_primitive ("general_string", name, variable); - break; - case TApplication: - length_type (name, t->subtype, variable); - fprintf (codefile, "ret += 1 + length_len (ret);\n"); - break; - default : - abort (); - } + fprintf (codefile, + "%s += 1 + length_len(%s) + oldret;\n" + "}\n", variable, variable); + free(n); + break; + } + case TGeneralizedTime: + length_primitive ("generalized_time", name, variable); + break; + case TGeneralString: + length_primitive ("general_string", name, variable); + break; + case TApplication: + length_type (name, t->subtype, variable); + fprintf (codefile, "ret += 1 + length_len (ret);\n"); + break; + default : + abort (); + } } void diff --git a/crypto/heimdal/lib/asn1/gen_locl.h b/crypto/heimdal/lib/asn1/gen_locl.h index 7ee37ae..acf6bc1a 100644 --- a/crypto/heimdal/lib/asn1/gen_locl.h +++ b/crypto/heimdal/lib/asn1/gen_locl.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -31,7 +31,7 @@ * SUCH DAMAGE. */ -/* $Id: gen_locl.h,v 1.6 1999/12/02 17:05:02 joda Exp $ */ +/* $Id: gen_locl.h,v 1.7 2000/04/09 09:21:56 assar Exp $ */ #ifndef __GEN_LOCL_H__ #define __GEN_LOCL_H__ @@ -63,7 +63,8 @@ void generate_type_copy (const Symbol *s); void generate_type_maybe (const Symbol *s); void generate_glue (const Symbol *s); -void init_generate (char *filename, char *basename); +void init_generate (const char *filename, const char *basename); +const char *filename (void); void close_generate(void); int yyparse(void); diff --git a/crypto/heimdal/lib/asn1/k5.asn1 b/crypto/heimdal/lib/asn1/k5.asn1 index a7f4199..c5382f3 100644 --- a/crypto/heimdal/lib/asn1/k5.asn1 +++ b/crypto/heimdal/lib/asn1/k5.asn1 @@ -1,16 +1,89 @@ +-- $Id: k5.asn1,v 1.23 2000/12/11 06:30:35 assar Exp $ + KERBEROS5 DEFINITIONS ::= BEGIN -nt-unknown INTEGER ::= 0 -- Name type not known -nt-principal INTEGER ::= 1 -- Just the name of the principal as in -nt-srv-inst INTEGER ::= 2 -- Service and other unique instance (krbtgt) -nt-srv-hst INTEGER ::= 3 -- Service with host name as instance -nt-srv-xhst INTEGER ::= 4 -- Service with host as remaining components -nt-uid INTEGER ::= 5 -- Unique ID +NAME-TYPE ::= INTEGER { + KRB5_NT_UNKNOWN(0), -- Name type not known + KRB5_NT_PRINCIPAL(1), -- Just the name of the principal as in + KRB5_NT_SRV_INST(2), -- Service and other unique instance (krbtgt) + KRB5_NT_SRV_HST(3), -- Service with host name as instance + KRB5_NT_SRV_XHST(4), -- Service with host as remaining components + KRB5_NT_UID(5), -- Unique ID + KRB5_NT_X500_PRINCIPAL(6) -- PKINIT +} + +-- message types + +MESSAGE-TYPE ::= INTEGER { + krb-as-req(10), -- Request for initial authentication + krb-as-rep(11), -- Response to KRB_AS_REQ request + krb-tgs-req(12), -- Request for authentication based on TGT + krb-tgs-rep(13), -- Response to KRB_TGS_REQ request + krb-ap-req(14), -- application request to server + krb-ap-rep(15), -- Response to KRB_AP_REQ_MUTUAL + krb-safe(20), -- Safe (checksummed) application message + krb-priv(21), -- Private (encrypted) application message + krb-cred(22), -- Private (encrypted) message to forward credentials + krb-error(30) -- Error response +} + + +-- pa-data types + +PADATA-TYPE ::= INTEGER { + KRB5-PADATA-NONE(0), + KRB5-PADATA-TGS-REQ(1), + KRB5-PADATA-AP-REQ(1), + KRB5-PADATA-ENC-TIMESTAMP(2), + KRB5-PADATA-PW-SALT(3), + KRB5-PADATA-ENC-UNIX-TIME(5), + KRB5-PADATA-SANDIA-SECUREID(6), + KRB5-PADATA-SESAME(7), + KRB5-PADATA-OSF-DCE(8), + KRB5-PADATA-CYBERSAFE-SECUREID(9), + KRB5-PADATA-AFS3-SALT(10), + KRB5-PADATA-ETYPE-INFO(11), + KRB5-PADATA-SAM-CHALLENGE(12), -- (sam/otp) + KRB5-PADATA-SAM-RESPONSE(13), -- (sam/otp) + KRB5-PADATA-PK-AS-REQ(14), -- (PKINIT) + KRB5-PADATA-PK-AS-REP(15), -- (PKINIT) + KRB5-PADATA-PK-AS-SIGN(16), -- (PKINIT) + KRB5-PADATA-PK-KEY-REQ(17), -- (PKINIT) + KRB5-PADATA-PK-KEY-REP(18), -- (PKINIT) + KRB5-PADATA-USE-SPECIFIED-KVNO(20), + KRB5-PADATA-SAM-REDIRECT(21), -- (sam/otp) + KRB5-PADATA-GET-FROM-TYPED-DATA(22), + KRB5-PADATA-SAM-ETYPE-INFO(23) +} + +-- checksumtypes + +CKSUMTYPE ::= INTEGER { + CKSUMTYPE_NONE(0), + CKSUMTYPE_CRC32(1), + CKSUMTYPE_RSA_MD4(2), + CKSUMTYPE_RSA_MD4_DES(3), + CKSUMTYPE_DES_MAC(4), + CKSUMTYPE_DES_MAC_K(5), + CKSUMTYPE_RSA_MD4_DES_K(6), + CKSUMTYPE_RSA_MD5(7), + CKSUMTYPE_RSA_MD5_DES(8), + CKSUMTYPE_RSA_MD5_DES3(9), + -- CKSUMTYPE_SHA1(10), + CKSUMTYPE_HMAC_SHA1_DES3(12), + CKSUMTYPE_SHA1(1000), -- correct value? 10 (9 also) + CKSUMTYPE_HMAC_MD5(-138), -- unofficial microsoft number + CKSUMTYPE_HMAC_MD5_ENC(-1138) -- even more unofficial +} + +-- this is sugar to make something ASN1 does not have: unsigned + +UNSIGNED ::= INTEGER (0..4294967295) Realm ::= GeneralString PrincipalName ::= SEQUENCE { - name-type[0] INTEGER, + name-type[0] NAME-TYPE, name-string[1] SEQUENCE OF GeneralString } @@ -81,6 +154,7 @@ KDCOptions ::= BIT STRING { unused10(10), unused11(11), request-anonymous(14), + canonicalize(15), disable-transited-check(26), renewable-ok(27), enc-tkt-in-skey(28), @@ -133,7 +207,7 @@ EncTicketPart ::= [APPLICATION 3] SEQUENCE { } Checksum ::= SEQUENCE { - cksumtype[0] INTEGER, + cksumtype[0] CKSUMTYPE, checksum[1] OCTET STRING } @@ -145,13 +219,13 @@ Authenticator ::= [APPLICATION 2] SEQUENCE { cusec[4] INTEGER, ctime[5] KerberosTime, subkey[6] EncryptionKey OPTIONAL, - seq-number[7] INTEGER OPTIONAL, + seq-number[7] UNSIGNED OPTIONAL, authorization-data[8] AuthorizationData OPTIONAL } PA-DATA ::= SEQUENCE { -- might be encoded AP-REQ - padata-type[1] INTEGER, + padata-type[1] PADATA-TYPE, padata-value[2] OCTET STRING } @@ -185,7 +259,7 @@ KDC-REQ-BODY ::= SEQUENCE { KDC-REQ ::= SEQUENCE { pvno[1] INTEGER, - msg-type[2] INTEGER, + msg-type[2] MESSAGE-TYPE, padata[3] METHOD-DATA OPTIONAL, req-body[4] KDC-REQ-BODY } @@ -203,7 +277,7 @@ PA-ENC-TS-ENC ::= SEQUENCE { KDC-REP ::= SEQUENCE { pvno[0] INTEGER, - msg-type[1] INTEGER, + msg-type[1] MESSAGE-TYPE, padata[2] METHOD-DATA OPTIONAL, crealm[3] Realm, cname[4] PrincipalName, @@ -234,7 +308,7 @@ EncTGSRepPart ::= [APPLICATION 26] EncKDCRepPart AP-REQ ::= [APPLICATION 14] SEQUENCE { pvno[0] INTEGER, - msg-type[1] INTEGER, + msg-type[1] MESSAGE-TYPE, ap-options[2] APOptions, ticket[3] Ticket, authenticator[4] EncryptedData @@ -242,7 +316,7 @@ AP-REQ ::= [APPLICATION 14] SEQUENCE { AP-REP ::= [APPLICATION 15] SEQUENCE { pvno[0] INTEGER, - msg-type[1] INTEGER, + msg-type[1] MESSAGE-TYPE, enc-part[2] EncryptedData } @@ -250,42 +324,42 @@ EncAPRepPart ::= [APPLICATION 27] SEQUENCE { ctime[0] KerberosTime, cusec[1] INTEGER, subkey[2] EncryptionKey OPTIONAL, - seq-number[3] INTEGER OPTIONAL + seq-number[3] UNSIGNED OPTIONAL } KRB-SAFE-BODY ::= SEQUENCE { user-data[0] OCTET STRING, timestamp[1] KerberosTime OPTIONAL, usec[2] INTEGER OPTIONAL, - seq-number[3] INTEGER OPTIONAL, + seq-number[3] UNSIGNED OPTIONAL, s-address[4] HostAddress OPTIONAL, r-address[5] HostAddress OPTIONAL } KRB-SAFE ::= [APPLICATION 20] SEQUENCE { pvno[0] INTEGER, - msg-type[1] INTEGER, + msg-type[1] MESSAGE-TYPE, safe-body[2] KRB-SAFE-BODY, cksum[3] Checksum } KRB-PRIV ::= [APPLICATION 21] SEQUENCE { pvno[0] INTEGER, - msg-type[1] INTEGER, + msg-type[1] MESSAGE-TYPE, enc-part[3] EncryptedData } EncKrbPrivPart ::= [APPLICATION 28] SEQUENCE { user-data[0] OCTET STRING, timestamp[1] KerberosTime OPTIONAL, usec[2] INTEGER OPTIONAL, - seq-number[3] INTEGER OPTIONAL, + seq-number[3] UNSIGNED OPTIONAL, s-address[4] HostAddress OPTIONAL, -- sender's addr r-address[5] HostAddress OPTIONAL -- recip's addr } KRB-CRED ::= [APPLICATION 22] SEQUENCE { pvno[0] INTEGER, - msg-type[1] INTEGER, -- KRB_CRED + msg-type[1] MESSAGE-TYPE, -- KRB_CRED tickets[2] SEQUENCE OF Ticket, enc-part[3] EncryptedData } @@ -315,7 +389,7 @@ EncKrbCredPart ::= [APPLICATION 29] SEQUENCE { KRB-ERROR ::= [APPLICATION 30] SEQUENCE { pvno[0] INTEGER, - msg-type[1] INTEGER, + msg-type[1] MESSAGE-TYPE, ctime[2] KerberosTime OPTIONAL, cusec[3] INTEGER OPTIONAL, stime[4] KerberosTime, @@ -331,51 +405,6 @@ KRB-ERROR ::= [APPLICATION 30] SEQUENCE { pvno INTEGER ::= 5 -- current Kerberos protocol version number --- message types - -krb-as-req INTEGER ::= 10 -- Request for initial authentication -krb-as-rep INTEGER ::= 11 -- Response to KRB_AS_REQ request -krb-tgs-req INTEGER ::= 12 -- Request for authentication based on TGT -krb-tgs-rep INTEGER ::= 13 -- Response to KRB_TGS_REQ request -krb-ap-req INTEGER ::= 14 -- application request to server -krb-ap-rep INTEGER ::= 15 -- Response to KRB_AP_REQ_MUTUAL -krb-safe INTEGER ::= 20 -- Safe (checksummed) application message -krb-priv INTEGER ::= 21 -- Private (encrypted) application message -krb-cred INTEGER ::= 22 -- Private (encrypted) message to forward credentials -krb-error INTEGER ::= 30 -- Error response - --- pa-data types - -pa-tgs-req INTEGER ::= 1 -pa-enc-timestamp INTEGER ::= 2 -pa-pw-salt INTEGER ::= 3 -pa-enc-unix-time INTEGER ::= 5 -pa-sandia-secureid INTEGER ::= 6 -pa-sesame INTEGER ::= 7 -pa-osf-dce INTEGER ::= 8 -pa-cybersafe-secureid INTEGER ::= 9 -pa-afs3-salt INTEGER ::= 10 -pa-etype-info INTEGER ::= 11 -sam-challenge INTEGER ::= 12 -- (sam/otp) -sam-response INTEGER ::= 13 -- (sam/otp) -pa-pk-as-req INTEGER ::= 14 -- (pkinit) -pa-pk-as-rep INTEGER ::= 15 -- (pkinit) -pa-pk-as-sign INTEGER ::= 16 -- (pkinit) -pa-pk-key-req INTEGER ::= 17 -- (pkinit) -pa-pk-key-rep INTEGER ::= 18 -- (pkinit) --- checksumtypes - -CRC32 INTEGER ::= 1 -rsa-md4 INTEGER ::= 2 -rsa-md4-des INTEGER ::= 3 -des-mac INTEGER ::= 4 -des-mac-k INTEGER ::= 5 -rsa-md4-des-k INTEGER ::= 6 -rsa-md5 INTEGER ::= 7 -rsa-md5-des INTEGER ::= 8 -rsa-md5-des3 INTEGER ::= 9 -hmac-sha1-des3 INTEGER ::= 12 - -- transited encodings DOMAIN-X500-COMPRESS INTEGER ::= 1 diff --git a/crypto/heimdal/lib/asn1/lex.h b/crypto/heimdal/lib/asn1/lex.h index 66d708c..9f5cadf 100644 --- a/crypto/heimdal/lib/asn1/lex.h +++ b/crypto/heimdal/lib/asn1/lex.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -31,6 +31,11 @@ * SUCH DAMAGE. */ -/* $Id: lex.h,v 1.3 1999/12/02 17:05:02 joda Exp $ */ +/* $Id: lex.h,v 1.5 2000/07/01 20:21:34 assar Exp $ */ -void error_message (char *, ...); +#include + +void error_message (const char *, ...) +__attribute__ ((format (printf, 1, 2))); + +int yylex(void); diff --git a/crypto/heimdal/lib/asn1/lex.l b/crypto/heimdal/lib/asn1/lex.l index b3fbf71..ffb6fd5 100644 --- a/crypto/heimdal/lib/asn1/lex.l +++ b/crypto/heimdal/lib/asn1/lex.l @@ -1,6 +1,6 @@ %{ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -32,7 +32,7 @@ * SUCH DAMAGE. */ -/* $Id: lex.l,v 1.10 1999/12/02 17:05:02 joda Exp $ */ +/* $Id: lex.l,v 1.15 2000/07/02 04:08:02 assar Exp $ */ #ifdef HAVE_CONFIG_H #include @@ -46,17 +46,22 @@ #endif #include "symbol.h" #include "parse.h" - -void error_message(char *, ...); +#include "lex.h" +#include "gen_locl.h" static unsigned lineno = 1; -/* ","|"{"|"}"|"("|")"|"["|"]"|"|" { return *yytext; } */ +#define YY_NO_UNPUT + +#undef ECHO + %} %% INTEGER { return INTEGER; } +IMPORTS { return IMPORTS; } +FROM { return FROM; } SEQUENCE { return SEQUENCE; } OF { return OF; } OCTET { return OCTET; } @@ -70,15 +75,16 @@ BEGIN { return TBEGIN; } END { return END; } DEFINITIONS { return DEFINITIONS; } EXTERNAL { return EXTERNAL; } -[,{}()|] { return *yytext; } +[,;{}()|] { return *yytext; } "[" { return *yytext; } "]" { return *yytext; } ::= { return EEQUAL; } ---[^\n]*\n { ; } +--[^\n]*\n { ++lineno; } -?[0-9]+ { yylval.constant = atoi(yytext); return CONSTANT; } [A-Za-z][-A-Za-z0-9_]* { yylval.name = strdup (yytext); return IDENTIFIER; } [ \t] ; -\n { lineno++; } +\n { ++lineno; } +\.\. { return DOTDOT; } . { error_message("Ignoring char(%c)\n", *yytext); } %% @@ -91,12 +97,12 @@ yywrap () #endif void -error_message (char *format, ...) +error_message (const char *format, ...) { va_list args; va_start (args, format); - fprintf (stderr, ":%d: ", lineno); + fprintf (stderr, "%s:%d: ", filename(), lineno); vfprintf (stderr, format, args); va_end (args); } diff --git a/crypto/heimdal/lib/asn1/parse.y b/crypto/heimdal/lib/asn1/parse.y index f9e82b5..4b8e590 100644 --- a/crypto/heimdal/lib/asn1/parse.y +++ b/crypto/heimdal/lib/asn1/parse.y @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -31,7 +31,7 @@ * SUCH DAMAGE. */ -/* $Id: parse.y,v 1.12 1999/12/02 17:05:02 joda Exp $ */ +/* $Id: parse.y,v 1.16 2000/07/08 11:35:47 assar Exp $ */ %{ #ifdef HAVE_CONFIG_H @@ -44,11 +44,10 @@ #include "lex.h" #include "gen_locl.h" -RCSID("$Id: parse.y,v 1.12 1999/12/02 17:05:02 joda Exp $"); +RCSID("$Id: parse.y,v 1.16 2000/07/08 11:35:47 assar Exp $"); static Type *new_type (Typetype t); void yyerror (char *); -int yylex(void); static void append (Member *l, Member *r); @@ -63,6 +62,8 @@ static void append (Member *l, Member *r); %token INTEGER SEQUENCE OF OCTET STRING GeneralizedTime GeneralString %token BIT APPLICATION OPTIONAL EEQUAL TBEGIN END DEFINITIONS EXTERNAL +%token DOTDOT +%token IMPORTS FROM %token IDENTIFIER %token CONSTANT @@ -81,16 +82,24 @@ specification : | specification declaration ; -declaration : extern_decl +declaration : imports_decl | type_decl | constant_decl ; -extern_decl : IDENTIFIER EXTERNAL +referencenames : IDENTIFIER ',' referencenames { Symbol *s = addsym($1); s->stype = Stype; } + | IDENTIFIER + { + Symbol *s = addsym($1); + s->stype = Stype; + } + ; + +imports_decl : IMPORTS referencenames FROM IDENTIFIER ';' ; type_decl : IDENTIFIER EEQUAL type @@ -112,6 +121,19 @@ constant_decl : IDENTIFIER type EEQUAL constant ; type : INTEGER { $$ = new_type(TInteger); } + | INTEGER '(' constant DOTDOT constant ')' { + if($3 != 0) + error_message("Only 0 supported as low range"); + if($5 != INT_MIN && $5 != UINT_MAX && $5 != INT_MAX) + error_message("Only %u supported as high range", + UINT_MAX); + $$ = new_type(TUInteger); + } + | INTEGER '{' bitdecls '}' + { + $$ = new_type(TInteger); + $$->members = $3; + } | OCTET STRING { $$ = new_type(TOctetString); } | GeneralString { $$ = new_type(TGeneralString); } | GeneralizedTime { $$ = new_type(TGeneralizedTime); } diff --git a/crypto/heimdal/lib/asn1/pkinit.asn1 b/crypto/heimdal/lib/asn1/pkinit.asn1 new file mode 100644 index 0000000..92c5de7 --- /dev/null +++ b/crypto/heimdal/lib/asn1/pkinit.asn1 @@ -0,0 +1,189 @@ +PKINIT DEFINITIONS ::= BEGIN + +IMPORTS EncryptionKey, PrincipalName, Realm, KerberosTime, TypedData + FROM krb5; +IMPORTS SignedData, EnvelopedData FROM CMS; +IMPORTS CertificateSerialNumber, AttributeTypeAndValue, Name FROM X509; + + +-- 3.1 + +CertPrincipalName ::= SEQUENCE { + name-type[0] INTEGER, + name-string[1] SEQUENCE OF UTF8String +} + + +-- 3.2.2 + + +TrustedCertifiers ::= SEQUENCE OF PrincipalName + -- X.500 name encoded as a principal name + -- see Section 3.1 +CertificateIndex ::= INTEGER + -- 0 = 1st certificate, + -- (in order of encoding) + -- 1 = 2nd certificate, etc + +PA-PK-AS-REP ::= CHOICE { + -- PA TYPE 15 + dhSignedData[0] SignedData, + -- Defined in CMS and used only with + -- Diffie-Hellman key exchange (if the + -- client public value was present in the + -- request). + -- This choice MUST be supported + -- by compliant implementations. + encKeyPack[1] EnvelopedData + -- Defined in CMS + -- The temporary key is encrypted + -- using the client public key + -- key + -- SignedReplyKeyPack, encrypted + -- with the temporary key, is also + -- included. +} + + + +KdcDHKeyInfo ::= SEQUENCE { + -- used only when utilizing Diffie-Hellman + nonce[0] INTEGER, + -- binds responce to the request + subjectPublicKey[2] BIT STRING + -- Equals public exponent (g^a mod p) + -- INTEGER encoded as payload of + -- BIT STRING +} + +ReplyKeyPack ::= SEQUENCE { + -- not used for Diffie-Hellman + replyKey[0] EncryptionKey, + -- used to encrypt main reply + -- ENCTYPE is at least as strong as + -- ENCTYPE of session key + nonce[1] INTEGER + -- binds response to the request + -- must be same as the nonce + -- passed in the PKAuthenticator +} + +-- subjectAltName EXTENSION ::= { +-- SYNTAX GeneralNames +-- IDENTIFIED BY id-ce-subjectAltName +-- } + +OtherName ::= SEQUENCE { + type-id OBJECT IDENTIFIER, + value[0] OCTET STRING +-- value[0] EXPLICIT ANY DEFINED BY type-id +} + +GeneralName ::= CHOICE { + otherName [0] OtherName, + ... +} + +GeneralNames ::= SEQUENCE -- SIZE(1..MAX) + OF GeneralName + +KerberosName ::= SEQUENCE { + realm[0] Realm, + -- as defined in RFC 1510 + principalName[1] CertPrincipalName + -- defined above +} + + +-- krb5 OBJECT IDENTIFIER ::= { +-- iso (1) org (3) dod (6) internet (1) security (5) kerberosv5 (2) +-- } + +-- krb5PrincipalName OBJECT IDENTIFIER ::= { krb5 2 } + +-- 3.2.1 + + +IssuerAndSerialNumber ::= SEQUENCE { + issuer Name, + serialNumber CertificateSerialNumber +} + +TrustedCas ::= CHOICE { + principalName[0] KerberosName, + -- as defined below + caName[1] Name, + -- fully qualified X.500 name + -- as defined by X.509 + issuerAndSerial[2] IssuerAndSerialNumber + -- Since a CA may have a number of + -- certificates, only one of which + -- a client trusts +} + +PA-PK-AS-REQ ::= SEQUENCE { + -- PA TYPE 14 + signedAuthPack[0] SignedData, + -- defined in CMS [11] + -- AuthPack (below) defines the data + -- that is signed + trustedCertifiers[1] SEQUENCE OF TrustedCas OPTIONAL, + -- CAs that the client trusts + kdcCert[2] IssuerAndSerialNumber OPTIONAL, + -- as defined in CMS [11] + -- specifies a particular KDC + -- certificate if the client + -- already has it; + encryptionCert[3] IssuerAndSerialNumber OPTIONAL + -- For example, this may be the + -- client's Diffie-Hellman + -- certificate, or it may be the + -- client's RSA encryption + -- certificate. +} + +PKAuthenticator ::= SEQUENCE { + kdcName[0] PrincipalName, + kdcRealm[1] Realm, + cusec[2] INTEGER, + -- for replay prevention as in RFC1510 + ctime[3] KerberosTime, + -- for replay prevention as in RFC1510 + nonce[4] INTEGER +} + +-- This is the real definition of AlgorithmIdentifier +-- AlgorithmIdentifier ::= SEQUENCE { +-- algorithm ALGORITHM.&id, +-- parameters ALGORITHM.&Type +-- } -- as specified by the X.509 recommendation[10] + +-- But we'll use this one instead: + +AlgorithmIdentifier ::= SEQUENCE { + algorithm OBJECT IDENTIFIER, + parameters CHOICE { + a INTEGER + } +} + + + +SubjectPublicKeyInfo ::= SEQUENCE { + algorithm AlgorithmIdentifier, + -- dhKeyAgreement + subjectPublicKey BIT STRING + -- for DH, equals + -- public exponent (INTEGER encoded + -- as payload of BIT STRING) +} -- as specified by the X.509 recommendation[10] + +AuthPack ::= SEQUENCE { + pkAuthenticator[0] PKAuthenticator, + clientPublicValue[1] SubjectPublicKeyInfo OPTIONAL + -- if client is using Diffie-Hellman + -- (ephemeral-ephemeral only) +} + + +END diff --git a/crypto/heimdal/lib/asn1/rfc2459.asn1 b/crypto/heimdal/lib/asn1/rfc2459.asn1 new file mode 100644 index 0000000..c9adec6 --- /dev/null +++ b/crypto/heimdal/lib/asn1/rfc2459.asn1 @@ -0,0 +1,21 @@ +RFC2459 DEFINITIONS ::= BEGIN + +AttributeType ::= OBJECT-IDENTIFIER + +AttributeValue ::= OCTET STRING --ANY DEFINED BY AttributeType + +AttributeTypeAndValue ::= SEQUENCE { + type AttributeType, + value AttributeValue +} + +RelativeDistinguishedName ::= --SET +SEQUENCE OF AttributeTypeAndValue + +RDNSequence ::= SEQUENCE OF RelativeDistinguishedName + +Name ::= CHOICE { -- RFC2459 + x RDNSequence +} + +END \ No newline at end of file diff --git a/crypto/heimdal/lib/asn1/x509.asn1 b/crypto/heimdal/lib/asn1/x509.asn1 new file mode 100644 index 0000000..4a15844 --- /dev/null +++ b/crypto/heimdal/lib/asn1/x509.asn1 @@ -0,0 +1,23 @@ +X509 DEFINITIONS ::= BEGIN + +CertificateSerialNumber ::= INTEGER -- X.509 '97 + +AttributeType ::= OBJECT-IDENTIFIER + +AttributeValue ::= OCTET STRING --ANY DEFINED BY AttributeType + +AttributeTypeAndValue ::= SEQUENCE { + type AttributeType, + value AttributeValue +} + +RelativeDistinguishedName ::= --SET +SEQUENCE OF AttributeTypeAndValue + +RDNSequence ::= SEQUENCE OF RelativeDistinguishedName + +Name ::= CHOICE { -- RFC2459 + x RDNSequence +} + +END \ No newline at end of file diff --git a/crypto/heimdal/lib/auth/ChangeLog b/crypto/heimdal/lib/auth/ChangeLog index 9b1ebaf..79d39e9 100644 --- a/crypto/heimdal/lib/auth/ChangeLog +++ b/crypto/heimdal/lib/auth/ChangeLog @@ -1,3 +1,30 @@ +2001-01-29 Assar Westerlund + + * sia/Makefile.am (libsia_krb5.so): actually run ld in the case + shared library case + +2000-12-31 Assar Westerlund + + * sia/sia.c (siad_ses_init): handle krb5_init_context failure + consistently + * afskauthlib/verify.c (verify_krb5): handle krb5_init_context + failure consistently + +2000-11-30 Johan Danielsson + + * afskauthlib/Makefile.am: use libtool + + * afskauthlib/Makefile.am: work with krb4 only + +2000-07-30 Johan Danielsson + + * sia/Makefile.am: don't compress library, since 5.0 seems to have + a problem with this + +2000-07-02 Assar Westerlund + + * afskauthlib/verify.c: fixes for pag setting + 1999-12-30 Assar Westerlund * sia/Makefile.am: try to link with shared libraries if we don't @@ -29,6 +56,10 @@ * afskauthlib/verify.c (verify_krb5): remove krb5_kuserok. use krb5_verify_user_lrealm +1999-08-27 Johan Danielsson + + * pam/Makefile.in: link with res_search/dn_expand libraries + 1999-08-11 Johan Danielsson * afskauthlib/verify.c: make this compile w/o krb4 diff --git a/crypto/heimdal/lib/auth/Makefile.in b/crypto/heimdal/lib/auth/Makefile.in index aab069e..95673ac 100644 --- a/crypto/heimdal/lib/auth/Makefile.in +++ b/crypto/heimdal/lib/auth/Makefile.in @@ -1,6 +1,6 @@ -# Makefile.in generated automatically by automake 1.4 from Makefile.am +# Makefile.in generated automatically by automake 1.4a from Makefile.am -# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -10,15 +10,6 @@ # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. -# $Id: Makefile.am,v 1.2 1999/03/21 17:11:08 joda Exp $ - - -# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ - - -# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ - - SHELL = @SHELL@ srcdir = @srcdir@ @@ -40,8 +31,6 @@ mandir = @mandir@ includedir = @includedir@ oldincludedir = /usr/include -DESTDIR = - pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ @@ -54,9 +43,10 @@ AUTOMAKE = @AUTOMAKE@ AUTOHEADER = @AUTOHEADER@ INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_FLAG = transform = @program_transform_name@ NORMAL_INSTALL = : @@ -65,26 +55,39 @@ POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : + +@SET_MAKE@ host_alias = @host_alias@ host_triplet = @host@ -AFS_EXTRA_LD = @AFS_EXTRA_LD@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AMDEP = @AMDEP@ +AMTAR = @AMTAR@ +AS = @AS@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CPP = @CPP@ +CXX = @CXX@ +CXXCPP = @CXXCPP@ DBLIB = @DBLIB@ +DEPDIR = @DEPDIR@ +DIR_des = @DIR_des@ +DIR_roken = @DIR_roken@ +DLLTOOL = @DLLTOOL@ EXEEXT = @EXEEXT@ EXTRA_LIB45 = @EXTRA_LIB45@ GROFF = @GROFF@ +INCLUDES_roken = @INCLUDES_roken@ INCLUDE_ = @INCLUDE_@ -LD = @LD@ LEX = @LEX@ LIBOBJS = @LIBOBJS@ LIBTOOL = @LIBTOOL@ LIB_ = @LIB_@ LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_des = @LIB_des@ +LIB_des_appl = @LIB_des_appl@ LIB_kdb = @LIB_kdb@ LIB_otp = @LIB_otp@ LIB_roken = @LIB_roken@ @@ -92,31 +95,43 @@ LIB_security = @LIB_security@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ -MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ -MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ -MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ -NM = @NM@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ RANLIB = @RANLIB@ +STRIP = @STRIP@ VERSION = @VERSION@ VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ YACC = @YACC@ +dpagaix_CFLAGS = @dpagaix_CFLAGS@ +dpagaix_LDADD = @dpagaix_LDADD@ +install_sh = @install_sh@ + +# $Id: Makefile.am,v 1.2 1999/03/21 17:11:08 joda Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $ + AUTOMAKE_OPTIONS = foreign no-dependencies SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x -INCLUDES = -I$(top_builddir)/include +INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken) AM_CFLAGS = $(WFLAGS) +CP = cp + COMPILE_ET = $(top_builddir)/lib/com_err/compile_et buildinclude = $(top_builddir)/include @@ -136,6 +151,7 @@ LIB_getsockopt = @LIB_getsockopt@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ LIB_odm_initialize = @LIB_odm_initialize@ +LIB_pidfile = @LIB_pidfile@ LIB_readline = @LIB_readline@ LIB_res_search = @LIB_res_search@ LIB_setpcred = @LIB_setpcred@ @@ -144,6 +160,8 @@ LIB_socket = @LIB_socket@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIBS = @LIBS@ + HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ INCLUDE_hesiod = @INCLUDE_hesiod@ @@ -152,29 +170,26 @@ LIB_hesiod = @LIB_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ LIB_krb4 = @LIB_krb4@ +INCLUDE_openldap = @INCLUDE_openldap@ +LIB_openldap = @LIB_openldap@ + INCLUDE_readline = @INCLUDE_readline@ LEXLIB = @LEXLIB@ -cat1dir = $(mandir)/cat1 -cat3dir = $(mandir)/cat3 -cat5dir = $(mandir)/cat5 -cat8dir = $(mandir)/cat8 - -MANRX = \(.*\)\.\([0-9]\) -CATSUFFIX = @CATSUFFIX@ - NROFF_MAN = groff -mandoc -Tascii -@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) +@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la +@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \ +@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la CHECK_LOCAL = $(PROGRAMS) SUBDIRS = @LIB_AUTH_SUBDIRS@ DIST_SUBDIRS = afskauthlib pam sia +subdir = lib/auth mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs CONFIG_HEADER = ../../include/config.h CONFIG_CLEAN_FILES = @@ -182,13 +197,14 @@ CFLAGS = @CFLAGS@ COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) CCLD = $(CC) -LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +DIST_SOURCES = +depcomp = DIST_COMMON = ChangeLog Makefile.am Makefile.in -DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -TAR = tar GZIP_ENV = --best all: all-redirect .SUFFIXES: @@ -208,8 +224,6 @@ Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status # (which will cause the Makefiles to be regenerated when you run `make'); # (2) otherwise, pass the desired values on the `make' command line. -@SET_MAKE@ - all-recursive install-data-recursive install-exec-recursive \ installdirs-recursive install-recursive uninstall-recursive \ check-recursive installcheck-recursive info-recursive dvi-recursive: @@ -237,7 +251,7 @@ maintainer-clean-recursive: dot_seen=no; \ rev=''; list='$(SUBDIRS)'; for subdir in $$list; do \ rev="$$subdir $$rev"; \ - test "$$subdir" = "." && dot_seen=yes; \ + if test "$$subdir" = "."; then dot_seen=yes; else :; fi; \ done; \ test "$$dot_seen" = "no" && rev=". $$rev"; \ target=`echo $@ | sed s/-recursive//`; \ @@ -258,15 +272,17 @@ tags-recursive: tags: TAGS -ID: $(HEADERS) $(SOURCES) $(LISP) - list='$(SOURCES) $(HEADERS)'; \ - unique=`for i in $$list; do echo $$i; done | \ - awk ' { files[$$0] = 1; } \ +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ - here=`pwd` && cd $(srcdir) \ - && mkid -f$$here/ID $$unique $(LISP) + mkid -fID $$unique $(LISP) -TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP) +TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) tags=; \ here=`pwd`; \ list='$(SUBDIRS)'; for subdir in $$list; do \ @@ -274,12 +290,14 @@ TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP) test -f $$subdir/TAGS && tags="$$tags -i $$here/$$subdir/TAGS"; \ fi; \ done; \ - list='$(SOURCES) $(HEADERS)'; \ - unique=`for i in $$list; do echo $$i; done | \ - awk ' { files[$$0] = 1; } \ + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ - || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS) + || etags $(ETAGS_ARGS) $$tags $$unique $(LISP) mostlyclean-tags: @@ -292,17 +310,16 @@ maintainer-clean-tags: distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) -subdir = lib/auth - distdir: $(DISTFILES) @for file in $(DISTFILES); do \ d=$(srcdir); \ if test -d $$d/$$file; then \ - cp -pr $$/$$file $(distdir)/$$file; \ + cp -pR $$d/$$file $(distdir) \ + || exit 1; \ else \ test -f $(distdir)/$$file \ - || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ - || cp -p $$d/$$file $(distdir)/$$file || :; \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ fi; \ done for subdir in $(DIST_SUBDIRS); do \ @@ -310,7 +327,6 @@ distdir: $(DISTFILES) test -d $(distdir)/$$subdir \ || mkdir $(distdir)/$$subdir \ || exit 1; \ - chmod 777 $(distdir)/$$subdir; \ (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir=../$(top_distdir) distdir=../$(distdir)/$$subdir distdir) \ || exit 1; \ fi; \ @@ -341,7 +357,7 @@ uninstall: uninstall-recursive all-am: Makefile all-local all-redirect: all-recursive install-strip: - $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install + $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install installdirs: installdirs-recursive installdirs-am: @@ -355,6 +371,7 @@ distclean-generic: -rm -f config.cache config.log stamp-h stamp-h[0-9]* maintainer-clean-generic: + -rm -f Makefile.in mostlyclean-am: mostlyclean-tags mostlyclean-generic mostlyclean: mostlyclean-recursive @@ -375,19 +392,19 @@ maintainer-clean-am: maintainer-clean-tags maintainer-clean-generic \ maintainer-clean: maintainer-clean-recursive -.PHONY: install-data-recursive uninstall-data-recursive \ -install-exec-recursive uninstall-exec-recursive installdirs-recursive \ -uninstalldirs-recursive all-recursive check-recursive \ -installcheck-recursive info-recursive dvi-recursive \ -mostlyclean-recursive distclean-recursive clean-recursive \ +.PHONY: install-recursive uninstall-recursive install-data-recursive \ +uninstall-data-recursive install-exec-recursive \ +uninstall-exec-recursive installdirs-recursive uninstalldirs-recursive \ +all-recursive check-recursive installcheck-recursive info-recursive \ +dvi-recursive mostlyclean-recursive distclean-recursive clean-recursive \ maintainer-clean-recursive tags tags-recursive mostlyclean-tags \ distclean-tags clean-tags maintainer-clean-tags distdir info-am info \ dvi-am dvi check-local check check-am installcheck-am installcheck \ install-exec-am install-exec install-data-local install-data-am \ install-data install-am install uninstall-am uninstall all-local \ -all-redirect all-am all installdirs-am installdirs mostlyclean-generic \ -distclean-generic clean-generic maintainer-clean-generic clean \ -mostlyclean distclean maintainer-clean +all-redirect all-am all install-strip installdirs-am installdirs \ +mostlyclean-generic distclean-generic clean-generic \ +maintainer-clean-generic clean mostlyclean distclean maintainer-clean install-suid-programs: @@ -395,7 +412,10 @@ install-suid-programs: for file in $$foo; do \ x=$(DESTDIR)$(bindir)/$$file; \ if chown 0:0 $$x && chmod u+s $$x; then :; else \ - chmod 0 $$x; fi; done + echo "*"; \ + echo "* Failed to install $$x setuid root"; \ + echo "*"; \ + fi; done install-exec-hook: install-suid-programs @@ -407,8 +427,8 @@ install-build-headers:: $(include_HEADERS) $(build_HEADERZ) else file="$$f"; fi; \ if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ : ; else \ - echo " cp $$file $(buildinclude)/$$f"; \ - cp $$file $(buildinclude)/$$f; \ + echo " $(CP) $$file $(buildinclude)/$$f"; \ + $(CP) $$file $(buildinclude)/$$f; \ fi ; \ done @@ -477,87 +497,8 @@ dist-cat8-mans: dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans -install-cat1-mans: - @ext=1;\ - foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat3-mans: - @ext=3;\ - foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat5-mans: - @ext=5;\ - foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat8-mans: - @ext=8;\ - foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans +install-cat-mans: + $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) install-data-local: install-cat-mans diff --git a/crypto/heimdal/lib/auth/afskauthlib/Makefile.am b/crypto/heimdal/lib/auth/afskauthlib/Makefile.am index 7dd6d52..d3e771c 100644 --- a/crypto/heimdal/lib/auth/afskauthlib/Makefile.am +++ b/crypto/heimdal/lib/auth/afskauthlib/Makefile.am @@ -1,4 +1,4 @@ -# $Id: Makefile.am,v 1.3 1999/04/08 12:35:33 joda Exp $ +# $Id: Makefile.am,v 1.5 2000/11/30 01:39:09 joda Exp $ include $(top_srcdir)/Makefile.am.common @@ -17,22 +17,33 @@ OBJS = verify.o CLEANFILES = $(foo_DATA) $(OBJS) so_locations afskauthlib.so: $(OBJS) - $(LD) -shared -o $@ $(LDFLAGS) $(OBJS) $(L) + $(LINK) -shared $(OBJS) $(L) .c.o: $(COMPILE) -c $< if KRB4 -KAFS = $(top_builddir)/lib/kafs/.libs/libkafs.a +KAFS = $(top_builddir)/lib/kafs/libkafs.la endif +if KRB5 L = \ $(KAFS) \ - $(top_builddir)/lib/krb5/.libs/libkrb5.a \ - $(top_builddir)/lib/asn1/.libs/libasn1.a \ + $(top_builddir)/lib/krb5/libkrb5.la \ + $(top_builddir)/lib/asn1/libasn1.la \ $(LIB_krb4) \ - $(top_builddir)/lib/des/.libs/libdes.a \ - $(top_builddir)/lib/roken/.libs/libroken.a \ + $(top_builddir)/lib/des/libdes.la \ + $(top_builddir)/lib/roken/libroken.la \ -lc +else + +L = \ + $(KAFS) \ + $(LIB_krb4) \ + $(top_builddir)/lib/des/libdes.la \ + $(top_builddir)/lib/roken/libroken.la \ + -lc +endif + $(OBJS): $(top_builddir)/include/config.h diff --git a/crypto/heimdal/lib/auth/afskauthlib/Makefile.in b/crypto/heimdal/lib/auth/afskauthlib/Makefile.in index d3a4041..7ba1c6e 100644 --- a/crypto/heimdal/lib/auth/afskauthlib/Makefile.in +++ b/crypto/heimdal/lib/auth/afskauthlib/Makefile.in @@ -1,6 +1,6 @@ -# Makefile.in generated automatically by automake 1.4 from Makefile.am +# Makefile.in generated automatically by automake 1.4a from Makefile.am -# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -10,15 +10,6 @@ # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. -# $Id: Makefile.am,v 1.3 1999/04/08 12:35:33 joda Exp $ - - -# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ - - -# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ - - SHELL = @SHELL@ srcdir = @srcdir@ @@ -40,8 +31,6 @@ mandir = @mandir@ includedir = @includedir@ oldincludedir = /usr/include -DESTDIR = - pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ @@ -54,9 +43,10 @@ AUTOMAKE = @AUTOMAKE@ AUTOHEADER = @AUTOHEADER@ INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_FLAG = transform = @program_transform_name@ NORMAL_INSTALL = : @@ -65,26 +55,39 @@ POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : + +@SET_MAKE@ host_alias = @host_alias@ host_triplet = @host@ -AFS_EXTRA_LD = @AFS_EXTRA_LD@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AMDEP = @AMDEP@ +AMTAR = @AMTAR@ +AS = @AS@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CPP = @CPP@ +CXX = @CXX@ +CXXCPP = @CXXCPP@ DBLIB = @DBLIB@ +DEPDIR = @DEPDIR@ +DIR_des = @DIR_des@ +DIR_roken = @DIR_roken@ +DLLTOOL = @DLLTOOL@ EXEEXT = @EXEEXT@ EXTRA_LIB45 = @EXTRA_LIB45@ GROFF = @GROFF@ +INCLUDES_roken = @INCLUDES_roken@ INCLUDE_ = @INCLUDE_@ -LD = @LD@ LEX = @LEX@ LIBOBJS = @LIBOBJS@ LIBTOOL = @LIBTOOL@ LIB_ = @LIB_@ LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_des = @LIB_des@ +LIB_des_appl = @LIB_des_appl@ LIB_kdb = @LIB_kdb@ LIB_otp = @LIB_otp@ LIB_roken = @LIB_roken@ @@ -92,31 +95,43 @@ LIB_security = @LIB_security@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ -MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ -MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ -MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ -NM = @NM@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ RANLIB = @RANLIB@ +STRIP = @STRIP@ VERSION = @VERSION@ VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ YACC = @YACC@ +dpagaix_CFLAGS = @dpagaix_CFLAGS@ +dpagaix_LDADD = @dpagaix_LDADD@ +install_sh = @install_sh@ + +# $Id: Makefile.am,v 1.5 2000/11/30 01:39:09 joda Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $ + AUTOMAKE_OPTIONS = foreign no-dependencies SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x .c .o -INCLUDES = -I$(top_builddir)/include $(INCLUDE_krb4) +INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken) $(INCLUDE_krb4) AM_CFLAGS = $(WFLAGS) +CP = cp + COMPILE_ET = $(top_builddir)/lib/com_err/compile_et buildinclude = $(top_builddir)/include @@ -136,6 +151,7 @@ LIB_getsockopt = @LIB_getsockopt@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ LIB_odm_initialize = @LIB_odm_initialize@ +LIB_pidfile = @LIB_pidfile@ LIB_readline = @LIB_readline@ LIB_res_search = @LIB_res_search@ LIB_setpcred = @LIB_setpcred@ @@ -144,6 +160,8 @@ LIB_socket = @LIB_socket@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIBS = @LIBS@ + HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ INCLUDE_hesiod = @INCLUDE_hesiod@ @@ -152,24 +170,20 @@ LIB_hesiod = @LIB_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ LIB_krb4 = @LIB_krb4@ +INCLUDE_openldap = @INCLUDE_openldap@ +LIB_openldap = @LIB_openldap@ + INCLUDE_readline = @INCLUDE_readline@ LEXLIB = @LEXLIB@ -cat1dir = $(mandir)/cat1 -cat3dir = $(mandir)/cat3 -cat5dir = $(mandir)/cat5 -cat8dir = $(mandir)/cat8 - -MANRX = \(.*\)\.\([0-9]\) -CATSUFFIX = @CATSUFFIX@ - NROFF_MAN = groff -mandoc -Tascii -@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) +@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la +@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \ +@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la CHECK_LOCAL = $(PROGRAMS) @@ -183,10 +197,23 @@ OBJS = verify.o CLEANFILES = $(foo_DATA) $(OBJS) so_locations -@KRB4_TRUE@KAFS = $(top_builddir)/lib/kafs/.libs/libkafs.a - -L = $(KAFS) $(top_builddir)/lib/krb5/.libs/libkrb5.a $(top_builddir)/lib/asn1/.libs/libasn1.a $(LIB_krb4) $(top_builddir)/lib/des/.libs/libdes.a $(top_builddir)/lib/roken/.libs/libroken.a -lc - +@KRB4_TRUE@KAFS = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la + +@KRB5_TRUE@L = @KRB5_TRUE@\ +@KRB5_TRUE@ $(KAFS) \ +@KRB5_TRUE@ $(top_builddir)/lib/krb5/libkrb5.la \ +@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la \ +@KRB5_TRUE@ $(LIB_krb4) \ +@KRB5_TRUE@ $(top_builddir)/lib/des/libdes.la \ +@KRB5_TRUE@ $(top_builddir)/lib/roken/libroken.la \ +@KRB5_TRUE@ -lc +@KRB5_FALSE@L = @KRB5_FALSE@\ +@KRB5_FALSE@ $(KAFS) \ +@KRB5_FALSE@ $(LIB_krb4) \ +@KRB5_FALSE@ $(top_builddir)/lib/des/libdes.la \ +@KRB5_FALSE@ $(top_builddir)/lib/roken/libroken.la \ +@KRB5_FALSE@ -lc +subdir = lib/auth/afskauthlib mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs CONFIG_HEADER = ../../../include/config.h CONFIG_CLEAN_FILES = @@ -194,15 +221,16 @@ CFLAGS = @CFLAGS@ COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) CCLD = $(CC) -LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +DIST_SOURCES = DATA = $(foo_DATA) +depcomp = DIST_COMMON = Makefile.am Makefile.in -DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -TAR = tar GZIP_ENV = --best all: all-redirect .SUFFIXES: @@ -219,19 +247,18 @@ install-fooDATA: $(foo_DATA) @$(NORMAL_INSTALL) $(mkinstalldirs) $(DESTDIR)$(foodir) @list='$(foo_DATA)'; for p in $$list; do \ - if test -f $(srcdir)/$$p; then \ - echo " $(INSTALL_DATA) $(srcdir)/$$p $(DESTDIR)$(foodir)/$$p"; \ - $(INSTALL_DATA) $(srcdir)/$$p $(DESTDIR)$(foodir)/$$p; \ - else if test -f $$p; then \ - echo " $(INSTALL_DATA) $$p $(DESTDIR)$(foodir)/$$p"; \ - $(INSTALL_DATA) $$p $(DESTDIR)$(foodir)/$$p; \ - fi; fi; \ + if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \ + f="`echo $$p | sed -e 's|^.*/||'`"; \ + echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(foodir)/$$f"; \ + $(INSTALL_DATA) $$d$$p $(DESTDIR)$(foodir)/$$f; \ done uninstall-fooDATA: @$(NORMAL_UNINSTALL) - list='$(foo_DATA)'; for p in $$list; do \ - rm -f $(DESTDIR)$(foodir)/$$p; \ + @list='$(foo_DATA)'; for p in $$list; do \ + f="`echo $$p | sed -e 's|^.*/||'`"; \ + echo " rm -f $(DESTDIR)$(foodir)/$$f"; \ + rm -f $(DESTDIR)$(foodir)/$$f; \ done tags: TAGS TAGS: @@ -239,17 +266,16 @@ TAGS: distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) -subdir = lib/auth/afskauthlib - distdir: $(DISTFILES) @for file in $(DISTFILES); do \ d=$(srcdir); \ if test -d $$d/$$file; then \ - cp -pr $$/$$file $(distdir)/$$file; \ + cp -pR $$d/$$file $(distdir) \ + || exit 1; \ else \ test -f $(distdir)/$$file \ - || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ - || cp -p $$d/$$file $(distdir)/$$file || :; \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ fi; \ done $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook @@ -278,7 +304,7 @@ uninstall: uninstall-am all-am: Makefile $(DATA) all-local all-redirect: all-am install-strip: - $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install + $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install installdirs: $(mkinstalldirs) $(DESTDIR)$(foodir) @@ -293,6 +319,7 @@ distclean-generic: -rm -f config.cache config.log stamp-h stamp-h[0-9]* maintainer-clean-generic: + -rm -f Makefile.in mostlyclean-am: mostlyclean-generic mostlyclean: mostlyclean-am @@ -316,7 +343,7 @@ maintainer-clean: maintainer-clean-am dvi-am dvi check-local check check-am installcheck-am installcheck \ install-exec-am install-exec install-data-local install-data-am \ install-data install-am install uninstall-am uninstall all-local \ -all-redirect all-am all installdirs mostlyclean-generic \ +all-redirect all-am all install-strip installdirs mostlyclean-generic \ distclean-generic clean-generic maintainer-clean-generic clean \ mostlyclean distclean maintainer-clean @@ -326,7 +353,10 @@ install-suid-programs: for file in $$foo; do \ x=$(DESTDIR)$(bindir)/$$file; \ if chown 0:0 $$x && chmod u+s $$x; then :; else \ - chmod 0 $$x; fi; done + echo "*"; \ + echo "* Failed to install $$x setuid root"; \ + echo "*"; \ + fi; done install-exec-hook: install-suid-programs @@ -338,8 +368,8 @@ install-build-headers:: $(include_HEADERS) $(build_HEADERZ) else file="$$f"; fi; \ if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ : ; else \ - echo " cp $$file $(buildinclude)/$$f"; \ - cp $$file $(buildinclude)/$$f; \ + echo " $(CP) $$file $(buildinclude)/$$f"; \ + $(CP) $$file $(buildinclude)/$$f; \ fi ; \ done @@ -408,87 +438,8 @@ dist-cat8-mans: dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans -install-cat1-mans: - @ext=1;\ - foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat3-mans: - @ext=3;\ - foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat5-mans: - @ext=5;\ - foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat8-mans: - @ext=8;\ - foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans +install-cat-mans: + $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) install-data-local: install-cat-mans @@ -526,7 +477,7 @@ check-local:: fi afskauthlib.so: $(OBJS) - $(LD) -shared -o $@ $(LDFLAGS) $(OBJS) $(L) + $(LINK) -shared $(OBJS) $(L) .c.o: $(COMPILE) -c $< diff --git a/crypto/heimdal/lib/auth/afskauthlib/verify.c b/crypto/heimdal/lib/auth/afskauthlib/verify.c index 1c23119..e0e31b6 100644 --- a/crypto/heimdal/lib/auth/afskauthlib/verify.c +++ b/crypto/heimdal/lib/auth/afskauthlib/verify.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995-1999 Kungliga Tekniska Högskolan + * Copyright (c) 1995-2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #ifdef HAVE_CONFIG_H #include -RCSID("$Id: verify.c,v 1.20 1999/12/02 16:58:37 joda Exp $"); +RCSID("$Id: verify.c,v 1.24 2000/12/31 07:57:08 assar Exp $"); #endif #include #include @@ -123,7 +123,11 @@ verify_krb5(struct passwd *pwd, krb5_ccache ccache; krb5_principal principal; - krb5_init_context(&context); + ret = krb5_init_context(&context); + if (ret) { + syslog(LOG_AUTH|LOG_DEBUG, "krb5_init_context failed: %d", ret); + goto out; + } ret = krb5_parse_name (context, pwd->pw_name, &principal); if (ret) { @@ -193,9 +197,11 @@ verify_krb5(struct passwd *pwd, if (!pag_set && k_hasafs()) { k_setpag(); pag_set = 1; + } + + if (pag_set) krb5_afslog_uid_home(context, ccache, NULL, NULL, pwd->pw_uid, pwd->pw_dir); - } #endif out: if(ret && !quiet) @@ -222,8 +228,9 @@ verify_krb4(struct passwd *pwd, if (!pag_set && k_hasafs()) { k_setpag (); pag_set = 1; + } + if (pag_set) krb_afslog_uid_home (0, 0, pwd->pw_uid, pwd->pw_dir); - } } else if (!quiet) printf ("%s\n", krb_get_err_text (ret)); } @@ -242,6 +249,12 @@ afs_verify(char *name, if(pwd == NULL) return 1; + + if (!pag_set && k_hasafs()) { + k_setpag(); + pag_set=1; + } + if (ret) ret = unix_verify_user (name, password); #ifdef KRB5 @@ -277,10 +290,10 @@ afs_gettktstring (void) } } #ifdef KRB5 - setenv("KRB5CCNAME",krb5ccname,1); + esetenv("KRB5CCNAME",krb5ccname,1); #endif #ifdef KRB4 - setenv("KRBTKFILE",krbtkfile,1); + esetenv("KRBTKFILE",krbtkfile,1); return krbtkfile; #else return ""; diff --git a/crypto/heimdal/lib/auth/pam/Makefile.in b/crypto/heimdal/lib/auth/pam/Makefile.in index 37f8d22..87759de 100644 --- a/crypto/heimdal/lib/auth/pam/Makefile.in +++ b/crypto/heimdal/lib/auth/pam/Makefile.in @@ -1,6 +1,6 @@ -# Makefile.in generated automatically by automake 1.4 from Makefile.am +# Makefile.in generated automatically by automake 1.4a from Makefile.am -# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -10,15 +10,6 @@ # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. -# $Id: Makefile.am,v 1.2 1999/04/01 14:57:04 joda Exp $ - - -# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ - - -# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ - - SHELL = @SHELL@ srcdir = @srcdir@ @@ -40,8 +31,6 @@ mandir = @mandir@ includedir = @includedir@ oldincludedir = /usr/include -DESTDIR = - pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ @@ -54,9 +43,10 @@ AUTOMAKE = @AUTOMAKE@ AUTOHEADER = @AUTOHEADER@ INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_FLAG = transform = @program_transform_name@ NORMAL_INSTALL = : @@ -65,26 +55,39 @@ POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : + +@SET_MAKE@ host_alias = @host_alias@ host_triplet = @host@ -AFS_EXTRA_LD = @AFS_EXTRA_LD@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AMDEP = @AMDEP@ +AMTAR = @AMTAR@ +AS = @AS@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CPP = @CPP@ +CXX = @CXX@ +CXXCPP = @CXXCPP@ DBLIB = @DBLIB@ +DEPDIR = @DEPDIR@ +DIR_des = @DIR_des@ +DIR_roken = @DIR_roken@ +DLLTOOL = @DLLTOOL@ EXEEXT = @EXEEXT@ EXTRA_LIB45 = @EXTRA_LIB45@ GROFF = @GROFF@ +INCLUDES_roken = @INCLUDES_roken@ INCLUDE_ = @INCLUDE_@ -LD = @LD@ LEX = @LEX@ LIBOBJS = @LIBOBJS@ LIBTOOL = @LIBTOOL@ LIB_ = @LIB_@ LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_des = @LIB_des@ +LIB_des_appl = @LIB_des_appl@ LIB_kdb = @LIB_kdb@ LIB_otp = @LIB_otp@ LIB_roken = @LIB_roken@ @@ -92,31 +95,43 @@ LIB_security = @LIB_security@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ -MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ -MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ -MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ -NM = @NM@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ RANLIB = @RANLIB@ +STRIP = @STRIP@ VERSION = @VERSION@ VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ YACC = @YACC@ +dpagaix_CFLAGS = @dpagaix_CFLAGS@ +dpagaix_LDADD = @dpagaix_LDADD@ +install_sh = @install_sh@ + +# $Id: Makefile.am,v 1.2 1999/04/01 14:57:04 joda Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $ + AUTOMAKE_OPTIONS = foreign no-dependencies SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x -INCLUDES = -I$(top_builddir)/include +INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken) AM_CFLAGS = $(WFLAGS) +CP = cp + COMPILE_ET = $(top_builddir)/lib/com_err/compile_et buildinclude = $(top_builddir)/include @@ -136,6 +151,7 @@ LIB_getsockopt = @LIB_getsockopt@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ LIB_odm_initialize = @LIB_odm_initialize@ +LIB_pidfile = @LIB_pidfile@ LIB_readline = @LIB_readline@ LIB_res_search = @LIB_res_search@ LIB_setpcred = @LIB_setpcred@ @@ -144,6 +160,8 @@ LIB_socket = @LIB_socket@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIBS = @LIBS@ + HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ INCLUDE_hesiod = @INCLUDE_hesiod@ @@ -152,26 +170,23 @@ LIB_hesiod = @LIB_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ LIB_krb4 = @LIB_krb4@ +INCLUDE_openldap = @INCLUDE_openldap@ +LIB_openldap = @LIB_openldap@ + INCLUDE_readline = @INCLUDE_readline@ LEXLIB = @LEXLIB@ -cat1dir = $(mandir)/cat1 -cat3dir = $(mandir)/cat3 -cat5dir = $(mandir)/cat5 -cat8dir = $(mandir)/cat8 - -MANRX = \(.*\)\.\([0-9]\) -CATSUFFIX = @CATSUFFIX@ - NROFF_MAN = groff -mandoc -Tascii -@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) +@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la +@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \ +@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la CHECK_LOCAL = $(PROGRAMS) +subdir = lib/auth/pam mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs CONFIG_HEADER = ../../../include/config.h CONFIG_CLEAN_FILES = @@ -179,13 +194,14 @@ CFLAGS = @CFLAGS@ COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) CCLD = $(CC) -LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +DIST_SOURCES = +depcomp = DIST_COMMON = Makefile.am Makefile.in -DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -TAR = tar GZIP_ENV = --best all: all-redirect .SUFFIXES: @@ -203,17 +219,16 @@ TAGS: distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) -subdir = lib/auth/pam - distdir: $(DISTFILES) @for file in $(DISTFILES); do \ d=$(srcdir); \ if test -d $$d/$$file; then \ - cp -pr $$/$$file $(distdir)/$$file; \ + cp -pR $$d/$$file $(distdir) \ + || exit 1; \ else \ test -f $(distdir)/$$file \ - || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ - || cp -p $$d/$$file $(distdir)/$$file || :; \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ fi; \ done $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook @@ -242,7 +257,7 @@ uninstall: uninstall-am all-am: Makefile all-local all-redirect: all-am install-strip: - $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install + $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install installdirs: @@ -255,6 +270,7 @@ distclean-generic: -rm -f config.cache config.log stamp-h stamp-h[0-9]* maintainer-clean-generic: + -rm -f Makefile.in mostlyclean-am: mostlyclean-generic mostlyclean: mostlyclean-am @@ -277,8 +293,8 @@ maintainer-clean: maintainer-clean-am .PHONY: tags distdir info-am info dvi-am dvi check-local check check-am \ installcheck-am installcheck install-exec-am install-exec \ install-data-local install-data-am install-data install-am install \ -uninstall-am uninstall all-local all-redirect all-am all installdirs \ -mostlyclean-generic distclean-generic clean-generic \ +uninstall-am uninstall all-local all-redirect all-am all install-strip \ +installdirs mostlyclean-generic distclean-generic clean-generic \ maintainer-clean-generic clean mostlyclean distclean maintainer-clean @@ -287,7 +303,10 @@ install-suid-programs: for file in $$foo; do \ x=$(DESTDIR)$(bindir)/$$file; \ if chown 0:0 $$x && chmod u+s $$x; then :; else \ - chmod 0 $$x; fi; done + echo "*"; \ + echo "* Failed to install $$x setuid root"; \ + echo "*"; \ + fi; done install-exec-hook: install-suid-programs @@ -299,8 +318,8 @@ install-build-headers:: $(include_HEADERS) $(build_HEADERZ) else file="$$f"; fi; \ if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ : ; else \ - echo " cp $$file $(buildinclude)/$$f"; \ - cp $$file $(buildinclude)/$$f; \ + echo " $(CP) $$file $(buildinclude)/$$f"; \ + $(CP) $$file $(buildinclude)/$$f; \ fi ; \ done @@ -369,87 +388,8 @@ dist-cat8-mans: dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans -install-cat1-mans: - @ext=1;\ - foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat3-mans: - @ext=3;\ - foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat5-mans: - @ext=5;\ - foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat8-mans: - @ext=8;\ - foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans +install-cat-mans: + $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) install-data-local: install-cat-mans diff --git a/crypto/heimdal/lib/auth/pam/pam.c b/crypto/heimdal/lib/auth/pam/pam.c index 1a385e0..c207756 100644 --- a/crypto/heimdal/lib/auth/pam/pam.c +++ b/crypto/heimdal/lib/auth/pam/pam.c @@ -33,7 +33,7 @@ #ifdef HAVE_CONFIG_H #include -RCSID("$Id: pam.c,v 1.24 2000/02/18 14:33:06 bg Exp $"); +RCSID("$Id: pam.c,v 1.26 2000/10/04 20:22:15 bg Exp $"); #endif #include @@ -60,12 +60,12 @@ RCSID("$Id: pam.c,v 1.24 2000/02/18 14:33:06 bg Exp $"); #endif static void -log_error(int level, const char *format, ...) +psyslog(int level, const char *format, ...) { va_list args; va_start(args, format); openlog("pam_krb4", LOG_CONS|LOG_PID, LOG_AUTH); - vsyslog(level | LOG_AUTH, format, args); + vsyslog(level, format, args); va_end(args); closelog(); } @@ -115,7 +115,7 @@ parse_ctrl(int argc, const char **argv) break; if (j >= KRB4_CTRLS) - log_error(LOG_ALERT, "unrecognized option [%s]", *argv); + psyslog(LOG_ALERT, "unrecognized option [%s]", *argv); else ctrl_flags |= krb4_args[j].flag; } @@ -128,13 +128,13 @@ pdeb(const char *format, ...) if (ctrl_off(KRB4_DEBUG)) return; va_start(args, format); - openlog("pam_krb4", LOG_PID, LOG_AUTH); - vsyslog(LOG_DEBUG | LOG_AUTH, format, args); + openlog("pam_krb4", LOG_CONS|LOG_PID, LOG_AUTH); + vsyslog(LOG_DEBUG, format, args); va_end(args); closelog(); } -#define ENTRY(f) pdeb("%s() ruid = %d euid = %d", f, getuid(), geteuid()) +#define ENTRY(func) pdeb("%s() flags = %d ruid = %d euid = %d", func, flags, getuid(), geteuid()) static void set_tkt_string(uid_t uid) @@ -182,9 +182,14 @@ verify_pass(pam_handle_t *pamh, old_euid = geteuid(); setreuid(0, 0); ret = krb_verify_user(name, inst, realm, pass, krb_verify, NULL); - if (setreuid(old_ruid, old_euid) != 0) + pdeb("krb_verify_user(`%s', `%s', `%s', pw, %d, NULL) returns %s", + name, inst, realm, krb_verify, + krb_get_err_text(ret)); + setreuid(old_ruid, old_euid); + if (getuid() != old_ruid || geteuid() != old_euid) { - log_error(LOG_ALERT , "setreuid(%d, %d) failed", old_ruid, old_euid); + psyslog(LOG_ALERT , "setreuid(%d, %d) failed at line %d", + old_ruid, old_euid, __LINE__); exit(1); } @@ -220,7 +225,7 @@ krb4_auth(pam_handle_t *pamh, ret = pam_get_item(pamh, PAM_AUTHTOK, (void **) &pass); if (ret != PAM_SUCCESS) { - log_error(LOG_ERR , "pam_get_item returned error to get-password"); + psyslog(LOG_ERR , "pam_get_item returned error to get-password"); return ret; } else if (pass != 0 && verify_pass(pamh, name, inst, pass) == PAM_SUCCESS) @@ -271,6 +276,8 @@ pam_sm_authenticate(pam_handle_t *pamh, struct passwd *pw; uid_t uid = -1; const char *name, *inst; + char realm[REALM_SZ]; + realm[0] = 0; parse_ctrl(argc, argv); ENTRY("pam_sm_authenticate"); @@ -316,11 +323,9 @@ pam_sm_authenticate(pam_handle_t *pamh, */ if (ret == PAM_SUCCESS && inst[0] != 0) { - char realm[REALM_SZ]; uid_t old_euid = geteuid(); uid_t old_ruid = getuid(); - realm[0] = 0; setreuid(0, 0); /* To read ticket file. */ if (krb_get_tf_fullname(tkt_string(), 0, 0, realm) != KSUCCESS) ret = PAM_SERVICE_ERR; @@ -334,28 +339,44 @@ pam_sm_authenticate(pam_handle_t *pamh, if (ret != PAM_SUCCESS) { dest_tkt(); /* Passwd known, ok to kill ticket. */ - log_error(LOG_NOTICE, - "%s.%s@%s is not allowed to log in as %s", - name, inst, realm, user); + psyslog(LOG_NOTICE, + "%s.%s@%s is not allowed to log in as %s", + name, inst, realm, user); } - if (setreuid(old_ruid, old_euid) != 0) + setreuid(old_ruid, old_euid); + if (getuid() != old_ruid || geteuid() != old_euid) { - log_error(LOG_ALERT , "setreuid(%d, %d) failed", old_ruid, old_euid); + psyslog(LOG_ALERT , "setreuid(%d, %d) failed at line %d", + old_ruid, old_euid, __LINE__); exit(1); } } if (ret == PAM_SUCCESS) - chown(tkt_string(), uid, -1); - - /* Sun dtlogin unlock screen does not call any other pam_* funcs. */ - if (ret == PAM_SUCCESS - && ctrl_on(KRB4_REAFSLOG) - && k_hasafs() - && (pw = getpwnam(user)) != 0) - krb_afslog_uid_home(/*cell*/ 0,/*realm_hint*/ 0, pw->pw_uid, pw->pw_dir); + { + psyslog(LOG_INFO, + "%s.%s@%s authenticated as user %s", + name, inst, realm, user); + if (chown(tkt_string(), uid, -1) == -1) + { + dest_tkt(); + psyslog(LOG_ALERT , "chown(%s, %d, -1) failed", tkt_string(), uid); + exit(1); + } + } + /* + * Kludge alert!!! Sun dtlogin unlock screen fails to call + * pam_setcred(3) with PAM_REFRESH_CRED after a successful + * authentication attempt, sic. + * + * This hack is designed as a workaround to that problem. + */ + if (ctrl_on(KRB4_REAFSLOG)) + if (ret == PAM_SUCCESS) + pam_sm_setcred(pamh, PAM_REFRESH_CRED, argc, argv); + return ret; } @@ -364,14 +385,13 @@ pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv) { parse_ctrl(argc, argv); ENTRY("pam_sm_setcred"); - pdeb("flags = 0x%x", flags); switch (flags & ~PAM_SILENT) { case 0: case PAM_ESTABLISH_CRED: if (k_hasafs()) k_setpag(); - /* Fill PAG with credentials below. */ + /* Fall through, fill PAG with credentials below. */ case PAM_REINITIALIZE_CRED: case PAM_REFRESH_CRED: if (k_hasafs()) @@ -393,7 +413,7 @@ pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv) k_unlog(); break; default: - log_error(LOG_ALERT , "pam_sm_setcred: unknown flags 0x%x", flags); + psyslog(LOG_ALERT , "pam_sm_setcred: unknown flags 0x%x", flags); break; } @@ -417,9 +437,7 @@ pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char**argv) ENTRY("pam_sm_close_session"); /* This isn't really kosher, but it's handy. */ - dest_tkt(); - if (k_hasafs()) - k_unlog(); + pam_sm_setcred(pamh, PAM_DELETE_CRED, argc, argv); return PAM_SUCCESS; } diff --git a/crypto/heimdal/lib/auth/pam/pam.conf.add b/crypto/heimdal/lib/auth/pam/pam.conf.add index 64a4915..7db3e3d 100644 --- a/crypto/heimdal/lib/auth/pam/pam.conf.add +++ b/crypto/heimdal/lib/auth/pam/pam.conf.add @@ -32,36 +32,52 @@ To enable PAM in dtlogin and /bin/login under SunOS 5.6 apply this patch: # # Password management --------------------------------------------------------------------------- -To enable PAM in /bin/login and xdm under Red Hat 6.1 apply these patches: +To enable PAM in /bin/login and xdm under Red Hat 6.? apply these patches: ---- /etc/pam.d/login~ Thu Jul 8 00:14:02 1999 -+++ /etc/pam.d/login Mon Aug 30 14:33:12 1999 +--- /etc/pam.d/login~ Tue Dec 7 12:01:35 1999 ++++ /etc/pam.d/login Wed May 31 16:27:55 2000 @@ -1,9 +1,12 @@ #%PAM-1.0 +# Updated to work with kerberos -+auth sufficient /lib/security/pam_krb4.so - auth required /lib/security/pam_securetty.so - auth required /lib/security/pam_pwdb.so shadow nullok - auth required /lib/security/pam_nologin.so - account required /lib/security/pam_pwdb.so - password required /lib/security/pam_cracklib.so - password required /lib/security/pam_pwdb.so nullok use_authtok shadow -+session required /lib/security/pam_krb4.so - session required /lib/security/pam_pwdb.so - session optional /lib/security/pam_console.so ---- /etc/pam.d/xdm~ Mon Jun 14 17:39:05 1999 -+++ /etc/pam.d/xdm Mon Aug 30 14:54:51 1999 -@@ -1,8 +1,10 @@ ++auth sufficient /usr/athena/lib/pam_krb4.so.1.0.1 + auth required /lib/security/pam_securetty.so + auth required /lib/security/pam_pwdb.so shadow nullok + auth required /lib/security/pam_nologin.so + account required /lib/security/pam_pwdb.so + password required /lib/security/pam_cracklib.so + password required /lib/security/pam_pwdb.so nullok use_authtok md5 shadow ++session required /usr/athena/lib/pam_krb4.so.1.0.1 + session required /lib/security/pam_pwdb.so + session optional /lib/security/pam_console.so +--- /etc/pam.d/xdm~ Wed May 31 16:33:54 2000 ++++ /etc/pam.d/xdm Wed May 31 16:28:29 2000 +@@ -1,8 +1,11 @@ #%PAM-1.0 -+auth sufficient /lib/security/pam_krb4.so - auth required /lib/security/pam_pwdb.so shadow nullok - auth required /lib/security/pam_nologin.so - account required /lib/security/pam_pwdb.so - password required /lib/security/pam_cracklib.so - password required /lib/security/pam_pwdb.so shadow nullok use_authtok -+session required /lib/security/pam_krb4.so - session required /lib/security/pam_pwdb.so ++# Updated to work with kerberos ++auth sufficient /usr/athena/lib/pam_krb4.so.1.0.1 + auth required /lib/security/pam_pwdb.so shadow nullok + auth required /lib/security/pam_nologin.so + account required /lib/security/pam_pwdb.so + password required /lib/security/pam_cracklib.so + password required /lib/security/pam_pwdb.so shadow nullok use_authtok ++session required /usr/athena/lib/pam_krb4.so.1.0.1 + session required /lib/security/pam_pwdb.so session optional /lib/security/pam_console.so +--- /etc/pam.d/gdm~ Wed May 31 16:33:54 2000 ++++ /etc/pam.d/gdm Wed May 31 16:34:28 2000 +@@ -1,8 +1,11 @@ + #%PAM-1.0 ++# Updated to work with kerberos ++auth sufficient /usr/athena/lib/pam_krb4.so.1.0.1 + auth required /lib/security/pam_pwdb.so shadow nullok + auth required /lib/security/pam_nologin.so + account required /lib/security/pam_pwdb.so + password required /lib/security/pam_cracklib.so + password required /lib/security/pam_pwdb.so shadow nullok use_authtok ++session required /usr/athena/lib/pam_krb4.so.1.0.1 + session required /lib/security/pam_pwdb.so + session optional /lib/security/pam_console.so + -------------------------------------------------------------------------- This stuff may work under some other system. diff --git a/crypto/heimdal/lib/auth/sia/Makefile.am b/crypto/heimdal/lib/auth/sia/Makefile.am index efba5c0..276da15 100644 --- a/crypto/heimdal/lib/auth/sia/Makefile.am +++ b/crypto/heimdal/lib/auth/sia/Makefile.am @@ -1,4 +1,4 @@ -# $Id: Makefile.am,v 1.5 1999/12/30 03:47:03 assar Exp $ +# $Id: Makefile.am,v 1.8 2001/01/29 22:38:36 assar Exp $ include $(top_srcdir)/Makefile.am.common @@ -17,6 +17,7 @@ KAFS=$(top_builddir)/lib/kafs/.libs/libkafs.a KAFS_S=$(top_builddir)/lib/kafs/.libs/libkafs.so endif +if KRB5 L = \ $(KAFS) \ $(top_builddir)/lib/krb5/.libs/libkrb5.a \ @@ -39,26 +40,69 @@ L_shared = \ $(LIB_getpwnam_r) \ -lc -EXTRA_DIST = sia.c krb5_matrix.conf krb5+c2_matrix.conf security.patch +MOD = libsia_krb5.so + +else + +L = \ + $(KAFS) \ + $(top_builddir)/lib/kadm/.libs/libkadm.a \ + $(top_builddir)/lib/krb/.libs/libkrb.a \ + $(top_builddir)/lib/des/.libs/libdes.a \ + $(top_builddir)/lib/com_err/.libs/libcom_err.a \ + $(top_builddir)/lib/roken/.libs/libroken.a \ + $(LIB_getpwnam_r) \ + -lc + +L_shared = \ + $(KAFS_S) \ + $(top_builddir)/lib/kadm/.libs/libkadm.so \ + $(top_builddir)/lib/krb/.libs/libkrb.so \ + $(top_builddir)/lib/des/.libs/libdes.so \ + $(top_builddir)/lib/com_err/.libs/libcom_err.so \ + $(top_builddir)/lib/roken/.libs/libroken.so \ + $(LIB_getpwnam_r) \ + -lc + +MOD = libsia_krb4.so + +endif + +EXTRA_DIST = sia.c krb4_matrix.conf krb4+c2_matrix.conf \ + krb5_matrix.conf krb5+c2_matrix.conf security.patch foodir = $(libdir) -foo_DATA = libsia_krb5.so +foo_DATA = $(MOD) LDFLAGS = -rpath $(libdir) -hidden -exported_symbol siad_\* OBJS = sia.o posix_getpw.o libsia_krb5.so: $(OBJS) - if test -f $(top_builddir)/lib/krb5/.libs/libkrb5.a; then \ + @if test -f $(top_builddir)/lib/krb5/.libs/libkrb5.a; then \ + echo "ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L)"; \ ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L); \ elif test -f $(top_builddir)/lib/krb5/.libs/libkrb5.so; then \ + echo "ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared)"; \ ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared); \ else \ echo "missing libraries"; exit 1; \ fi ostrip -x -z $@ -CLEANFILES = libsia_krb5.so $(OBJS) so_locations +libsia_krb4.so: $(OBJS) + @if test -f $(top_builddir)/lib/krb/.libs/libkrb.a; then \ + echo "ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L)"; \ + ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L); \ + elif test -f $(top_builddir)/lib/krb/.libs/libkrb.so; then \ + echo "ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared)"; \ + ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared); \ + else \ + echo "missing libraries"; exit 1; \ + fi + ostrip -x $@ + +CLEANFILES = $(MOD) $(OBJS) so_locations SUFFIXES += .c .o diff --git a/crypto/heimdal/lib/auth/sia/Makefile.in b/crypto/heimdal/lib/auth/sia/Makefile.in index fb36b4e..a93d31f 100644 --- a/crypto/heimdal/lib/auth/sia/Makefile.in +++ b/crypto/heimdal/lib/auth/sia/Makefile.in @@ -1,6 +1,6 @@ -# Makefile.in generated automatically by automake 1.4 from Makefile.am +# Makefile.in generated automatically by automake 1.4a from Makefile.am -# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -10,15 +10,6 @@ # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. -# $Id: Makefile.am,v 1.5 1999/12/30 03:47:03 assar Exp $ - - -# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ - - -# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ - - SHELL = @SHELL@ srcdir = @srcdir@ @@ -40,8 +31,6 @@ mandir = @mandir@ includedir = @includedir@ oldincludedir = /usr/include -DESTDIR = - pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ @@ -54,9 +43,10 @@ AUTOMAKE = @AUTOMAKE@ AUTOHEADER = @AUTOHEADER@ INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_FLAG = transform = @program_transform_name@ NORMAL_INSTALL = : @@ -65,26 +55,39 @@ POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : + +@SET_MAKE@ host_alias = @host_alias@ host_triplet = @host@ -AFS_EXTRA_LD = @AFS_EXTRA_LD@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AMDEP = @AMDEP@ +AMTAR = @AMTAR@ +AS = @AS@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CPP = @CPP@ +CXX = @CXX@ +CXXCPP = @CXXCPP@ DBLIB = @DBLIB@ +DEPDIR = @DEPDIR@ +DIR_des = @DIR_des@ +DIR_roken = @DIR_roken@ +DLLTOOL = @DLLTOOL@ EXEEXT = @EXEEXT@ EXTRA_LIB45 = @EXTRA_LIB45@ GROFF = @GROFF@ +INCLUDES_roken = @INCLUDES_roken@ INCLUDE_ = @INCLUDE_@ -LD = @LD@ LEX = @LEX@ LIBOBJS = @LIBOBJS@ LIBTOOL = @LIBTOOL@ LIB_ = @LIB_@ LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_des = @LIB_des@ +LIB_des_appl = @LIB_des_appl@ LIB_kdb = @LIB_kdb@ LIB_otp = @LIB_otp@ LIB_roken = @LIB_roken@ @@ -92,30 +95,42 @@ LIB_security = @LIB_security@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ -MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ -MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ -MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ -NM = @NM@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ RANLIB = @RANLIB@ +STRIP = @STRIP@ VERSION = @VERSION@ VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ YACC = @YACC@ +dpagaix_CFLAGS = @dpagaix_CFLAGS@ +dpagaix_LDADD = @dpagaix_LDADD@ +install_sh = @install_sh@ + +# $Id: Makefile.am,v 1.8 2001/01/29 22:38:36 assar Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $ + AUTOMAKE_OPTIONS = foreign no-dependencies SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x .c .o -INCLUDES = -I$(top_builddir)/include $(INCLUDE_krb4) +INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken) $(INCLUDE_krb4) AM_CFLAGS = $(WFLAGS) +CP = cp + COMPILE_ET = $(top_builddir)/lib/com_err/compile_et buildinclude = $(top_builddir)/include @@ -135,6 +150,7 @@ LIB_getsockopt = @LIB_getsockopt@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ LIB_odm_initialize = @LIB_odm_initialize@ +LIB_pidfile = @LIB_pidfile@ LIB_readline = @LIB_readline@ LIB_res_search = @LIB_res_search@ LIB_setpcred = @LIB_setpcred@ @@ -143,6 +159,8 @@ LIB_socket = @LIB_socket@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIBS = @LIBS@ + HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ INCLUDE_hesiod = @INCLUDE_hesiod@ @@ -151,24 +169,20 @@ LIB_hesiod = @LIB_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ LIB_krb4 = @LIB_krb4@ +INCLUDE_openldap = @INCLUDE_openldap@ +LIB_openldap = @LIB_openldap@ + INCLUDE_readline = @INCLUDE_readline@ LEXLIB = @LEXLIB@ -cat1dir = $(mandir)/cat1 -cat3dir = $(mandir)/cat3 -cat5dir = $(mandir)/cat5 -cat8dir = $(mandir)/cat8 - -MANRX = \(.*\)\.\([0-9]\) -CATSUFFIX = @CATSUFFIX@ - NROFF_MAN = groff -mandoc -Tascii -@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) +@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la +@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \ +@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la CHECK_LOCAL = $(PROGRAMS) @@ -176,25 +190,65 @@ WFLAGS = @WFLAGS@ $(WFLAGS_NOIMPLICITINT) DEFS = @DEFS@ -@KRB4_TRUE@KAFS = $(top_builddir)/lib/kafs/.libs/libkafs.a -@KRB4_TRUE@KAFS_S = $(top_builddir)/lib/kafs/.libs/libkafs.so - -L = $(KAFS) $(top_builddir)/lib/krb5/.libs/libkrb5.a $(top_builddir)/lib/asn1/.libs/libasn1.a $(LIB_krb4) $(top_builddir)/lib/des/.libs/libdes.a $(top_builddir)/lib/com_err/.libs/libcom_err.a $(top_builddir)/lib/roken/.libs/libroken.a $(LIB_getpwnam_r) -lc - +@KRB4_TRUE@KAFS = @KRB4_TRUE@$(top_builddir)/lib/kafs/.libs/libkafs.a +@KRB4_TRUE@KAFS_S = @KRB4_TRUE@$(top_builddir)/lib/kafs/.libs/libkafs.so + +@KRB5_TRUE@L = @KRB5_TRUE@\ +@KRB5_TRUE@ $(KAFS) \ +@KRB5_TRUE@ $(top_builddir)/lib/krb5/.libs/libkrb5.a \ +@KRB5_TRUE@ $(top_builddir)/lib/asn1/.libs/libasn1.a \ +@KRB5_TRUE@ $(LIB_krb4) \ +@KRB5_TRUE@ $(top_builddir)/lib/des/.libs/libdes.a \ +@KRB5_TRUE@ $(top_builddir)/lib/com_err/.libs/libcom_err.a \ +@KRB5_TRUE@ $(top_builddir)/lib/roken/.libs/libroken.a \ +@KRB5_TRUE@ $(LIB_getpwnam_r) \ +@KRB5_TRUE@ -lc +@KRB5_FALSE@L = @KRB5_FALSE@\ +@KRB5_FALSE@ $(KAFS) \ +@KRB5_FALSE@ $(top_builddir)/lib/kadm/.libs/libkadm.a \ +@KRB5_FALSE@ $(top_builddir)/lib/krb/.libs/libkrb.a \ +@KRB5_FALSE@ $(top_builddir)/lib/des/.libs/libdes.a \ +@KRB5_FALSE@ $(top_builddir)/lib/com_err/.libs/libcom_err.a \ +@KRB5_FALSE@ $(top_builddir)/lib/roken/.libs/libroken.a \ +@KRB5_FALSE@ $(LIB_getpwnam_r) \ +@KRB5_FALSE@ -lc + +@KRB5_TRUE@L_shared = @KRB5_TRUE@\ +@KRB5_TRUE@ $(KAFS_S) \ +@KRB5_TRUE@ $(top_builddir)/lib/krb5/.libs/libkrb5.so \ +@KRB5_TRUE@ $(top_builddir)/lib/asn1/.libs/libasn1.so \ +@KRB5_TRUE@ $(LIB_krb4) \ +@KRB5_TRUE@ $(top_builddir)/lib/des/.libs/libdes.so \ +@KRB5_TRUE@ $(top_builddir)/lib/com_err/.libs/libcom_err.so \ +@KRB5_TRUE@ $(top_builddir)/lib/roken/.libs/libroken.so \ +@KRB5_TRUE@ $(LIB_getpwnam_r) \ +@KRB5_TRUE@ -lc +@KRB5_FALSE@L_shared = @KRB5_FALSE@\ +@KRB5_FALSE@ $(KAFS_S) \ +@KRB5_FALSE@ $(top_builddir)/lib/kadm/.libs/libkadm.so \ +@KRB5_FALSE@ $(top_builddir)/lib/krb/.libs/libkrb.so \ +@KRB5_FALSE@ $(top_builddir)/lib/des/.libs/libdes.so \ +@KRB5_FALSE@ $(top_builddir)/lib/com_err/.libs/libcom_err.so \ +@KRB5_FALSE@ $(top_builddir)/lib/roken/.libs/libroken.so \ +@KRB5_FALSE@ $(LIB_getpwnam_r) \ +@KRB5_FALSE@ -lc + +@KRB5_TRUE@MOD = @KRB5_TRUE@libsia_krb5.so +@KRB5_FALSE@MOD = @KRB5_FALSE@libsia_krb4.so + +EXTRA_DIST = sia.c krb4_matrix.conf krb4+c2_matrix.conf \ + krb5_matrix.conf krb5+c2_matrix.conf security.patch -L_shared = $(KAFS_S) $(top_builddir)/lib/krb5/.libs/libkrb5.so $(top_builddir)/lib/asn1/.libs/libasn1.so $(LIB_krb4) $(top_builddir)/lib/des/.libs/libdes.so $(top_builddir)/lib/com_err/.libs/libcom_err.so $(top_builddir)/lib/roken/.libs/libroken.so $(LIB_getpwnam_r) -lc - - -EXTRA_DIST = sia.c krb5_matrix.conf krb5+c2_matrix.conf security.patch foodir = $(libdir) -foo_DATA = libsia_krb5.so +foo_DATA = $(MOD) LDFLAGS = -rpath $(libdir) -hidden -exported_symbol siad_\* OBJS = sia.o posix_getpw.o -CLEANFILES = libsia_krb5.so $(OBJS) so_locations +CLEANFILES = $(MOD) $(OBJS) so_locations +subdir = lib/auth/sia mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs CONFIG_HEADER = ../../../include/config.h CONFIG_CLEAN_FILES = @@ -202,15 +256,16 @@ CFLAGS = @CFLAGS@ COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) CCLD = $(CC) -LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +DIST_SOURCES = DATA = $(foo_DATA) +depcomp = DIST_COMMON = Makefile.am Makefile.in -DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -TAR = tar GZIP_ENV = --best all: all-redirect .SUFFIXES: @@ -227,19 +282,18 @@ install-fooDATA: $(foo_DATA) @$(NORMAL_INSTALL) $(mkinstalldirs) $(DESTDIR)$(foodir) @list='$(foo_DATA)'; for p in $$list; do \ - if test -f $(srcdir)/$$p; then \ - echo " $(INSTALL_DATA) $(srcdir)/$$p $(DESTDIR)$(foodir)/$$p"; \ - $(INSTALL_DATA) $(srcdir)/$$p $(DESTDIR)$(foodir)/$$p; \ - else if test -f $$p; then \ - echo " $(INSTALL_DATA) $$p $(DESTDIR)$(foodir)/$$p"; \ - $(INSTALL_DATA) $$p $(DESTDIR)$(foodir)/$$p; \ - fi; fi; \ + if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \ + f="`echo $$p | sed -e 's|^.*/||'`"; \ + echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(foodir)/$$f"; \ + $(INSTALL_DATA) $$d$$p $(DESTDIR)$(foodir)/$$f; \ done uninstall-fooDATA: @$(NORMAL_UNINSTALL) - list='$(foo_DATA)'; for p in $$list; do \ - rm -f $(DESTDIR)$(foodir)/$$p; \ + @list='$(foo_DATA)'; for p in $$list; do \ + f="`echo $$p | sed -e 's|^.*/||'`"; \ + echo " rm -f $(DESTDIR)$(foodir)/$$f"; \ + rm -f $(DESTDIR)$(foodir)/$$f; \ done tags: TAGS TAGS: @@ -247,17 +301,16 @@ TAGS: distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) -subdir = lib/auth/sia - distdir: $(DISTFILES) @for file in $(DISTFILES); do \ d=$(srcdir); \ if test -d $$d/$$file; then \ - cp -pr $$/$$file $(distdir)/$$file; \ + cp -pR $$d/$$file $(distdir) \ + || exit 1; \ else \ test -f $(distdir)/$$file \ - || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ - || cp -p $$d/$$file $(distdir)/$$file || :; \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ fi; \ done $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook @@ -286,7 +339,7 @@ uninstall: uninstall-am all-am: Makefile $(DATA) all-local all-redirect: all-am install-strip: - $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install + $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install installdirs: $(mkinstalldirs) $(DESTDIR)$(foodir) @@ -301,6 +354,7 @@ distclean-generic: -rm -f config.cache config.log stamp-h stamp-h[0-9]* maintainer-clean-generic: + -rm -f Makefile.in mostlyclean-am: mostlyclean-generic mostlyclean: mostlyclean-am @@ -324,7 +378,7 @@ maintainer-clean: maintainer-clean-am dvi-am dvi check-local check check-am installcheck-am installcheck \ install-exec-am install-exec install-data-local install-data-am \ install-data install-am install uninstall-am uninstall all-local \ -all-redirect all-am all installdirs mostlyclean-generic \ +all-redirect all-am all install-strip installdirs mostlyclean-generic \ distclean-generic clean-generic maintainer-clean-generic clean \ mostlyclean distclean maintainer-clean @@ -334,7 +388,10 @@ install-suid-programs: for file in $$foo; do \ x=$(DESTDIR)$(bindir)/$$file; \ if chown 0:0 $$x && chmod u+s $$x; then :; else \ - chmod 0 $$x; fi; done + echo "*"; \ + echo "* Failed to install $$x setuid root"; \ + echo "*"; \ + fi; done install-exec-hook: install-suid-programs @@ -346,8 +403,8 @@ install-build-headers:: $(include_HEADERS) $(build_HEADERZ) else file="$$f"; fi; \ if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ : ; else \ - echo " cp $$file $(buildinclude)/$$f"; \ - cp $$file $(buildinclude)/$$f; \ + echo " $(CP) $$file $(buildinclude)/$$f"; \ + $(CP) $$file $(buildinclude)/$$f; \ fi ; \ done @@ -416,87 +473,8 @@ dist-cat8-mans: dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans -install-cat1-mans: - @ext=1;\ - foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat3-mans: - @ext=3;\ - foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat5-mans: - @ext=5;\ - foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat8-mans: - @ext=8;\ - foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans +install-cat-mans: + $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) install-data-local: install-cat-mans @@ -534,15 +512,29 @@ check-local:: fi libsia_krb5.so: $(OBJS) - if test -f $(top_builddir)/lib/krb5/.libs/libkrb5.a; then \ + @if test -f $(top_builddir)/lib/krb5/.libs/libkrb5.a; then \ + echo "ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L)"; \ ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L); \ elif test -f $(top_builddir)/lib/krb5/.libs/libkrb5.so; then \ + echo "ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared)"; \ ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared); \ else \ echo "missing libraries"; exit 1; \ fi ostrip -x -z $@ +libsia_krb4.so: $(OBJS) + @if test -f $(top_builddir)/lib/krb/.libs/libkrb.a; then \ + echo "ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L)"; \ + ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L); \ + elif test -f $(top_builddir)/lib/krb/.libs/libkrb.so; then \ + echo "ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared)"; \ + ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared); \ + else \ + echo "missing libraries"; exit 1; \ + fi + ostrip -x $@ + .c.o: $(COMPILE) -c $< diff --git a/crypto/heimdal/lib/auth/sia/sia.c b/crypto/heimdal/lib/auth/sia/sia.c index 01e2ac0..0894591 100644 --- a/crypto/heimdal/lib/auth/sia/sia.c +++ b/crypto/heimdal/lib/auth/sia/sia.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995-1999 Kungliga Tekniska Högskolan + * Copyright (c) 1995-2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "sia_locl.h" -RCSID("$Id: sia.c,v 1.33 1999/12/20 09:46:44 joda Exp $"); +RCSID("$Id: sia.c,v 1.34 2000/12/31 07:57:46 assar Exp $"); int siad_init(void) @@ -51,13 +51,17 @@ siad_chk_invoker(void) int siad_ses_init(SIAENTITY *entity, int pkgind) { + krb5_error_code ret; struct state *s = malloc(sizeof(*s)); + SIA_DEBUG(("DEBUG", "siad_ses_init")); if(s == NULL) return SIADFAIL; memset(s, 0, sizeof(*s)); #ifdef SIA_KRB5 - krb5_init_context(&s->context); + ret = krb5_init_context(&s->context); + if (ret) + return SIADFAIL; #endif entity->mech[pkgind] = (int*)s; return SIADSUCCESS; diff --git a/crypto/heimdal/lib/com_err/ChangeLog b/crypto/heimdal/lib/com_err/ChangeLog new file mode 100644 index 0000000..1ca005b --- /dev/null +++ b/crypto/heimdal/lib/com_err/ChangeLog @@ -0,0 +1,127 @@ +2000-08-16 Assar Westerlund + + * Makefile.am: bump version to 1:1:0 + +2000-07-31 Assar Westerlund + + * com_right.h (initialize_error_table_r): fix prototype + +2000-04-05 Assar Westerlund + + * com_err.c (_et_lit): explicitly initialize it to NULL to make + dyld on Darwin/MacOS X happy + +2000-01-16 Assar Westerlund + + * com_err.h: remove __P definition (now in com_right.h). this + file always includes com_right.h so that's where it should reside. + * com_right.h: moved __P here and added it to the function + prototypes + * com_err.h (error_table_name): add __P + +1999-07-03 Assar Westerlund + + * parse.y (statement): use asprintf + +1999-06-13 Assar Westerlund + + * Makefile.in: make it solaris make vpath-safe + +Thu Apr 1 11:13:53 1999 Johan Danielsson + + * compile_et.c: use getargs + +Sat Mar 20 00:16:30 1999 Assar Westerlund + + * compile_et.c: static-ize + +Thu Mar 18 11:22:13 1999 Johan Danielsson + + * Makefile.am: include Makefile.am.common + +Tue Mar 16 22:30:05 1999 Assar Westerlund + + * parse.y: use YYACCEPT instead of return + +Sat Mar 13 22:22:56 1999 Assar Westerlund + + * compile_et.c (generate_h): cast when calling is* to get rid of a + warning + +Thu Mar 11 15:00:51 1999 Johan Danielsson + + * parse.y: prototype for error_message + +Sun Nov 22 10:39:02 1998 Assar Westerlund + + * compile_et.h: include ctype and roken + + * compile_et.c: include err.h + (generate_h): remove unused variable + + * Makefile.in (WFLAGS): set + +Fri Nov 20 06:58:59 1998 Assar Westerlund + + * lex.l: undef ECHO to work around AIX lex bug + +Sun Sep 27 02:23:59 1998 Johan Danielsson + + * com_err.c (error_message): try to pass code to strerror, to see + if it might be an errno code (this if broken, but some MIT code + seems to expect this behaviour) + +Sat Sep 26 17:42:39 1998 Johan Danielsson + + * compile_et.c: -> "foo_err.h" + +Tue Jun 30 17:17:36 1998 Assar Westerlund + + * Makefile.in: add str{cpy,cat}_truncate + +Mon May 25 05:24:39 1998 Assar Westerlund + + * Makefile.in (clean): try to remove shared library debris + +Sun Apr 19 09:50:17 1998 Assar Westerlund + + * Makefile.in: add symlink magic for linux + +Sun Apr 5 09:22:11 1998 Assar Westerlund + + * parse.y: define alloca to malloc in case we're using bison but + don't have alloca + +Tue Mar 24 05:13:01 1998 Assar Westerlund + + * Makefile.in: link with snprintf (From Derrick J Brashear + ) + +Fri Feb 27 05:01:42 1998 Assar Westerlund + + * parse.y: initialize ec->next + +Thu Feb 26 02:22:25 1998 Assar Westerlund + + * Makefile.am: @LEXLIB@ + +Sat Feb 21 15:18:54 1998 assar westerlund + + * Makefile.in: set YACC and LEX + +Tue Feb 17 22:20:27 1998 Bjoern Groenvall + + * com_right.h: Change typedefs so that one may mix MIT compile_et + generated code with krb4 dito. + +Tue Feb 17 16:30:55 1998 Johan Danielsson + + * compile_et.c (generate): Always return a value. + + * parse.y: Files don't have to end with `end'. + +Mon Feb 16 16:09:20 1998 Johan Danielsson + + * lex.l (getstring): Replace getc() with input(). + + * Makefile.am: Fixes for new compile_et. diff --git a/crypto/heimdal/lib/com_err/Makefile.am b/crypto/heimdal/lib/com_err/Makefile.am new file mode 100644 index 0000000..8e18108 --- /dev/null +++ b/crypto/heimdal/lib/com_err/Makefile.am @@ -0,0 +1,24 @@ +# $Id: Makefile.am,v 1.24 2000/08/16 11:24:54 assar Exp $ + +include $(top_srcdir)/Makefile.am.common + +YFLAGS = -d + +lib_LTLIBRARIES = libcom_err.la +libcom_err_la_LDFLAGS = -version-info 1:1:0 + +bin_PROGRAMS = compile_et + +include_HEADERS = com_err.h com_right.h + +compile_et_SOURCES = compile_et.c compile_et.h parse.y lex.l + +libcom_err_la_SOURCES = error.c com_err.c roken_rename.h + +CLEANFILES = lex.c parse.c parse.h + +$(compile_et_OBJECTS): parse.h + +compile_et_LDADD = \ + $(LIB_roken) \ + $(LEXLIB) diff --git a/crypto/heimdal/lib/com_err/Makefile.in b/crypto/heimdal/lib/com_err/Makefile.in new file mode 100644 index 0000000..986e078 --- /dev/null +++ b/crypto/heimdal/lib/com_err/Makefile.in @@ -0,0 +1,649 @@ +# Makefile.in generated automatically by automake 1.4a from Makefile.am + +# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +SHELL = @SHELL@ + +srcdir = @srcdir@ +top_srcdir = @top_srcdir@ +VPATH = @srcdir@ +prefix = @prefix@ +exec_prefix = @exec_prefix@ + +bindir = @bindir@ +sbindir = @sbindir@ +libexecdir = @libexecdir@ +datadir = @datadir@ +sysconfdir = @sysconfdir@ +sharedstatedir = @sharedstatedir@ +localstatedir = @localstatedir@ +libdir = @libdir@ +infodir = @infodir@ +mandir = @mandir@ +includedir = @includedir@ +oldincludedir = /usr/include + +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ + +top_builddir = ../.. + +ACLOCAL = @ACLOCAL@ +AUTOCONF = @AUTOCONF@ +AUTOMAKE = @AUTOMAKE@ +AUTOHEADER = @AUTOHEADER@ + +INSTALL = @INSTALL@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_FLAG = +transform = @program_transform_name@ + +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : + +@SET_MAKE@ +host_alias = @host_alias@ +host_triplet = @host@ +AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AMDEP = @AMDEP@ +AMTAR = @AMTAR@ +AS = @AS@ +AWK = @AWK@ +CANONICAL_HOST = @CANONICAL_HOST@ +CATMAN = @CATMAN@ +CATMANEXT = @CATMANEXT@ +CC = @CC@ +CPP = @CPP@ +CXX = @CXX@ +CXXCPP = @CXXCPP@ +DBLIB = @DBLIB@ +DEPDIR = @DEPDIR@ +DIR_des = @DIR_des@ +DIR_roken = @DIR_roken@ +DLLTOOL = @DLLTOOL@ +EXEEXT = @EXEEXT@ +EXTRA_LIB45 = @EXTRA_LIB45@ +GROFF = @GROFF@ +INCLUDES_roken = @INCLUDES_roken@ +INCLUDE_ = @INCLUDE_@ +LEX = @LEX@ +LIBOBJS = @LIBOBJS@ +LIBTOOL = @LIBTOOL@ +LIB_ = @LIB_@ +LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_des = @LIB_des@ +LIB_des_appl = @LIB_des_appl@ +LIB_kdb = @LIB_kdb@ +LIB_otp = @LIB_otp@ +LIB_roken = @LIB_roken@ +LIB_security = @LIB_security@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ +NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ +NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +RANLIB = @RANLIB@ +STRIP = @STRIP@ +VERSION = @VERSION@ +VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ +WFLAGS = @WFLAGS@ +WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ +WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ +YACC = @YACC@ +dpagaix_CFLAGS = @dpagaix_CFLAGS@ +dpagaix_LDADD = @dpagaix_LDADD@ +install_sh = @install_sh@ + +# $Id: Makefile.am,v 1.24 2000/08/16 11:24:54 assar Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $ + + +AUTOMAKE_OPTIONS = foreign no-dependencies + +SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x + +INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken) + +AM_CFLAGS = $(WFLAGS) + +CP = cp + +COMPILE_ET = $(top_builddir)/lib/com_err/compile_et + +buildinclude = $(top_builddir)/include + +LIB_XauReadAuth = @LIB_XauReadAuth@ +LIB_crypt = @LIB_crypt@ +LIB_dbm_firstkey = @LIB_dbm_firstkey@ +LIB_dbopen = @LIB_dbopen@ +LIB_dlopen = @LIB_dlopen@ +LIB_dn_expand = @LIB_dn_expand@ +LIB_el_init = @LIB_el_init@ +LIB_getattr = @LIB_getattr@ +LIB_gethostbyname = @LIB_gethostbyname@ +LIB_getpwent_r = @LIB_getpwent_r@ +LIB_getpwnam_r = @LIB_getpwnam_r@ +LIB_getsockopt = @LIB_getsockopt@ +LIB_logout = @LIB_logout@ +LIB_logwtmp = @LIB_logwtmp@ +LIB_odm_initialize = @LIB_odm_initialize@ +LIB_pidfile = @LIB_pidfile@ +LIB_readline = @LIB_readline@ +LIB_res_search = @LIB_res_search@ +LIB_setpcred = @LIB_setpcred@ +LIB_setsockopt = @LIB_setsockopt@ +LIB_socket = @LIB_socket@ +LIB_syslog = @LIB_syslog@ +LIB_tgetent = @LIB_tgetent@ + +LIBS = @LIBS@ + +HESIODLIB = @HESIODLIB@ +HESIODINCLUDE = @HESIODINCLUDE@ +INCLUDE_hesiod = @INCLUDE_hesiod@ +LIB_hesiod = @LIB_hesiod@ + +INCLUDE_krb4 = @INCLUDE_krb4@ +LIB_krb4 = @LIB_krb4@ + +INCLUDE_openldap = @INCLUDE_openldap@ +LIB_openldap = @LIB_openldap@ + +INCLUDE_readline = @INCLUDE_readline@ + +LEXLIB = @LEXLIB@ + +NROFF_MAN = groff -mandoc -Tascii + +@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) + +@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \ +@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la + +CHECK_LOCAL = $(PROGRAMS) + +YFLAGS = -d + +lib_LTLIBRARIES = libcom_err.la +libcom_err_la_LDFLAGS = -version-info 1:1:0 + +bin_PROGRAMS = compile_et + +include_HEADERS = com_err.h com_right.h + +compile_et_SOURCES = compile_et.c compile_et.h parse.y lex.l + +libcom_err_la_SOURCES = error.c com_err.c roken_rename.h + +CLEANFILES = lex.c parse.c parse.h + +compile_et_LDADD = \ + $(LIB_roken) \ + $(LEXLIB) + +subdir = lib/com_err +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = ../../include/config.h +CONFIG_CLEAN_FILES = +LTLIBRARIES = $(lib_LTLIBRARIES) + + +DEFS = @DEFS@ -I. -I$(srcdir) -I../../include +CPPFLAGS = @CPPFLAGS@ +LDFLAGS = @LDFLAGS@ +X_CFLAGS = @X_CFLAGS@ +X_LIBS = @X_LIBS@ +X_EXTRA_LIBS = @X_EXTRA_LIBS@ +X_PRE_LIBS = @X_PRE_LIBS@ +libcom_err_la_LIBADD = +am_libcom_err_la_OBJECTS = error.lo com_err.lo +libcom_err_la_OBJECTS = $(am_libcom_err_la_OBJECTS) +bin_PROGRAMS = compile_et$(EXEEXT) +PROGRAMS = $(bin_PROGRAMS) + +am_compile_et_OBJECTS = compile_et.$(OBJEXT) parse.$(OBJEXT) \ +lex.$(OBJEXT) +compile_et_OBJECTS = $(am_compile_et_OBJECTS) +compile_et_DEPENDENCIES = +compile_et_LDFLAGS = +COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CFLAGS = @CFLAGS@ +LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +CCLD = $(CC) +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +DIST_SOURCES = $(libcom_err_la_SOURCES) $(compile_et_SOURCES) +HEADERS = $(include_HEADERS) + +depcomp = +DIST_COMMON = $(include_HEADERS) ChangeLog Makefile.am Makefile.in \ +lex.c parse.c parse.h + + +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) + +GZIP_ENV = --best +SOURCES = $(libcom_err_la_SOURCES) $(compile_et_SOURCES) +OBJECTS = $(am_libcom_err_la_OBJECTS) $(am_compile_et_OBJECTS) + +all: all-redirect +.SUFFIXES: +.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .l .lo .o .obj .x .y +$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common + cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/com_err/Makefile + +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + cd $(top_builddir) \ + && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status + + +mostlyclean-libLTLIBRARIES: + +clean-libLTLIBRARIES: + -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) + +distclean-libLTLIBRARIES: + +maintainer-clean-libLTLIBRARIES: + +install-libLTLIBRARIES: $(lib_LTLIBRARIES) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(libdir) + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + echo " $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p"; \ + $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p; \ + else :; fi; \ + done + +uninstall-libLTLIBRARIES: + @$(NORMAL_UNINSTALL) + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + echo " $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p"; \ + $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \ + done + +mostlyclean-compile: + -rm -f *.o core *.core + -rm -f *.$(OBJEXT) + +clean-compile: + +distclean-compile: + -rm -f *.tab.c + +maintainer-clean-compile: + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +distclean-libtool: + +maintainer-clean-libtool: + +libcom_err.la: $(libcom_err_la_OBJECTS) $(libcom_err_la_DEPENDENCIES) + $(LINK) -rpath $(libdir) $(libcom_err_la_LDFLAGS) $(libcom_err_la_OBJECTS) $(libcom_err_la_LIBADD) $(LIBS) + +mostlyclean-binPROGRAMS: + +clean-binPROGRAMS: + -test -z "$(bin_PROGRAMS)" || rm -f $(bin_PROGRAMS) + +distclean-binPROGRAMS: + +maintainer-clean-binPROGRAMS: + +install-binPROGRAMS: $(bin_PROGRAMS) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(bindir) + @list='$(bin_PROGRAMS)'; for p in $$list; do \ + if test -f $$p; then \ + f="`echo $$p|sed -e 's/$(EXEEXT)$$//' -e '$(transform)' -e 's/$$/$(EXEEXT)/'`"; \ + echo " $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(bindir)/$$f"; \ + $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(bindir)/$$f; \ + else :; fi; \ + done + +uninstall-binPROGRAMS: + @$(NORMAL_UNINSTALL) + @list='$(bin_PROGRAMS)'; for p in $$list; do \ + f="`echo $$p|sed -e 's/$(EXEEXT)$$//' -e '$(transform)' -e 's/$$/$(EXEEXT)/'`"; \ + echo " rm -f $(DESTDIR)$(bindir)/$$f"; \ + rm -f $(DESTDIR)$(bindir)/$$f; \ + done + +compile_et$(EXEEXT): $(compile_et_OBJECTS) $(compile_et_DEPENDENCIES) + @rm -f compile_et$(EXEEXT) + $(LINK) $(compile_et_LDFLAGS) $(compile_et_OBJECTS) $(compile_et_LDADD) $(LIBS) +.c.o: + $(COMPILE) -c $< +.c.obj: + $(COMPILE) -c `cygpath -w $<` +.c.lo: + $(LTCOMPILE) -c -o $@ $< +.l.c: + $(LEX) $(AM_LFLAGS) $(LFLAGS) $< && mv $(LEX_OUTPUT_ROOT).c $@ +.y.c: + $(YACC) $(AM_YFLAGS) $(YFLAGS) $< && mv y.tab.c $*.c + if test -f y.tab.h; then \ + if cmp -s y.tab.h $*.h; then rm -f y.tab.h; else mv y.tab.h $*.h; fi; \ + else :; fi +parse.h: parse.c + + +install-includeHEADERS: $(include_HEADERS) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(includedir) + @list='$(include_HEADERS)'; for p in $$list; do \ + if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \ + f="`echo $$p | sed -e 's|^.*/||'`"; \ + echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f"; \ + $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f; \ + done + +uninstall-includeHEADERS: + @$(NORMAL_UNINSTALL) + @list='$(include_HEADERS)'; for p in $$list; do \ + f="`echo $$p | sed -e 's|^.*/||'`"; \ + echo " rm -f $(DESTDIR)$(includedir)/$$f"; \ + rm -f $(DESTDIR)$(includedir)/$$f; \ + done + +tags: TAGS + +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + mkid -fID $$unique $(LISP) + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ + || etags $(ETAGS_ARGS) $$tags $$unique $(LISP) + +mostlyclean-tags: + +clean-tags: + +distclean-tags: + -rm -f TAGS ID + +maintainer-clean-tags: + +distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) + +distdir: $(DISTFILES) + @for file in $(DISTFILES); do \ + d=$(srcdir); \ + if test -d $$d/$$file; then \ + cp -pR $$d/$$file $(distdir) \ + || exit 1; \ + else \ + test -f $(distdir)/$$file \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ + fi; \ + done + $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook +info-am: +info: info-am +dvi-am: +dvi: dvi-am +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) check-local +check: check-am +installcheck-am: +installcheck: installcheck-am +install-exec-am: install-libLTLIBRARIES install-binPROGRAMS + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-exec-hook +install-exec: install-exec-am + +install-data-am: install-includeHEADERS install-data-local +install-data: install-data-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am +install: install-am +uninstall-am: uninstall-libLTLIBRARIES uninstall-binPROGRAMS \ + uninstall-includeHEADERS +uninstall: uninstall-am +all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(HEADERS) all-local +all-redirect: all-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install +installdirs: + $(mkinstalldirs) $(DESTDIR)$(libdir) $(DESTDIR)$(bindir) \ + $(DESTDIR)$(includedir) + + +mostlyclean-generic: + +clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) + +distclean-generic: + -rm -f Makefile $(CONFIG_CLEAN_FILES) + -rm -f config.cache config.log stamp-h stamp-h[0-9]* + +maintainer-clean-generic: + -rm -f Makefile.in + -test -z "lex.cparse.hparse.c" || rm -f lex.c parse.h parse.c +mostlyclean-am: mostlyclean-libLTLIBRARIES mostlyclean-compile \ + mostlyclean-libtool mostlyclean-binPROGRAMS \ + mostlyclean-tags mostlyclean-generic + +mostlyclean: mostlyclean-am + +clean-am: clean-libLTLIBRARIES clean-compile clean-libtool \ + clean-binPROGRAMS clean-tags clean-generic \ + mostlyclean-am + +clean: clean-am + +distclean-am: distclean-libLTLIBRARIES distclean-compile \ + distclean-libtool distclean-binPROGRAMS distclean-tags \ + distclean-generic clean-am + -rm -f libtool + +distclean: distclean-am + +maintainer-clean-am: maintainer-clean-libLTLIBRARIES \ + maintainer-clean-compile maintainer-clean-libtool \ + maintainer-clean-binPROGRAMS maintainer-clean-tags \ + maintainer-clean-generic distclean-am + @echo "This command is intended for maintainers to use;" + @echo "it deletes files that may require special tools to rebuild." + +maintainer-clean: maintainer-clean-am + +.PHONY: mostlyclean-libLTLIBRARIES distclean-libLTLIBRARIES \ +clean-libLTLIBRARIES maintainer-clean-libLTLIBRARIES \ +uninstall-libLTLIBRARIES install-libLTLIBRARIES mostlyclean-compile \ +distclean-compile clean-compile maintainer-clean-compile \ +mostlyclean-libtool distclean-libtool clean-libtool \ +maintainer-clean-libtool mostlyclean-binPROGRAMS distclean-binPROGRAMS \ +clean-binPROGRAMS maintainer-clean-binPROGRAMS uninstall-binPROGRAMS \ +install-binPROGRAMS uninstall-includeHEADERS install-includeHEADERS \ +tags mostlyclean-tags distclean-tags clean-tags maintainer-clean-tags \ +distdir info-am info dvi-am dvi check-local check check-am \ +installcheck-am installcheck install-exec-am install-exec \ +install-data-local install-data-am install-data install-am install \ +uninstall-am uninstall all-local all-redirect all-am all install-strip \ +installdirs mostlyclean-generic distclean-generic clean-generic \ +maintainer-clean-generic clean mostlyclean distclean maintainer-clean + + +install-suid-programs: + @foo='$(bin_SUIDS)'; \ + for file in $$foo; do \ + x=$(DESTDIR)$(bindir)/$$file; \ + if chown 0:0 $$x && chmod u+s $$x; then :; else \ + echo "*"; \ + echo "* Failed to install $$x setuid root"; \ + echo "*"; \ + fi; done + +install-exec-hook: install-suid-programs + +install-build-headers:: $(include_HEADERS) $(build_HEADERZ) + @foo='$(include_HEADERS) $(build_HEADERZ)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " $(CP) $$file $(buildinclude)/$$f"; \ + $(CP) $$file $(buildinclude)/$$f; \ + fi ; \ + done + +all-local: install-build-headers +#NROFF_MAN = nroff -man +.1.cat1: + $(NROFF_MAN) $< > $@ +.3.cat3: + $(NROFF_MAN) $< > $@ +.5.cat5: + $(NROFF_MAN) $< > $@ +.8.cat8: + $(NROFF_MAN) $< > $@ + +dist-cat1-mans: + @foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat3-mans: + @foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat5-mans: + @foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat8-mans: + @foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans + +install-cat-mans: + $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) + +install-data-local: install-cat-mans + +.et.h: + $(COMPILE_ET) $< +.et.c: + $(COMPILE_ET) $< + +.x.c: + @cmp -s $< $@ 2> /dev/null || cp $< $@ + +check-local:: + @foo='$(CHECK_LOCAL)'; \ + if test "$$foo"; then \ + failed=0; all=0; \ + for i in $$foo; do \ + all=`expr $$all + 1`; \ + if ./$$i --version > /dev/null 2>&1; then \ + echo "PASS: $$i"; \ + else \ + echo "FAIL: $$i"; \ + failed=`expr $$failed + 1`; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0; \ + fi + +$(compile_et_OBJECTS): parse.h + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/crypto/heimdal/lib/com_err/com_err.c b/crypto/heimdal/lib/com_err/com_err.c new file mode 100644 index 0000000..25c679e --- /dev/null +++ b/crypto/heimdal/lib/com_err/com_err.c @@ -0,0 +1,151 @@ +/* + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include +RCSID("$Id: com_err.c,v 1.15 2000/04/04 22:04:55 assar Exp $"); +#endif +#include +#include +#include +#include +#include "com_err.h" + +struct et_list *_et_list = NULL; + + +const char * +error_message (long code) +{ + static char msg[128]; + const char *p = com_right(_et_list, code); + if (p == NULL) + p = strerror(code); + if (p != NULL && *p != '\0') { + strncpy(msg, p, sizeof(msg) - 1); + msg[sizeof(msg) - 1] = 0; + } else + sprintf(msg, "Unknown error %ld", code); + return msg; +} + +int +init_error_table(const char **msgs, long base, int count) +{ + initialize_error_table_r(&_et_list, msgs, count, base); + return 0; +} + +static void +default_proc (const char *whoami, long code, const char *fmt, va_list args) +{ + if (whoami) + fprintf(stderr, "%s: ", whoami); + if (code) + fprintf(stderr, "%s ", error_message(code)); + if (fmt) + vfprintf(stderr, fmt, args); + fprintf(stderr, "\r\n"); /* ??? */ +} + +static errf com_err_hook = default_proc; + +void +com_err_va (const char *whoami, + long code, + const char *fmt, + va_list args) +{ + (*com_err_hook) (whoami, code, fmt, args); +} + +void +com_err (const char *whoami, + long code, + const char *fmt, + ...) +{ + va_list ap; + va_start(ap, fmt); + com_err_va (whoami, code, fmt, ap); + va_end(ap); +} + +errf +set_com_err_hook (errf new) +{ + errf old = com_err_hook; + + if (new) + com_err_hook = new; + else + com_err_hook = default_proc; + + return old; +} + +errf +reset_com_err_hook (void) +{ + return set_com_err_hook(NULL); +} + +#define ERRCODE_RANGE 8 /* # of bits to shift table number */ +#define BITS_PER_CHAR 6 /* # bits to shift per character in name */ + +static const char char_set[] = + "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_"; + +static char buf[6]; + +const char * +error_table_name(int num) +{ + int ch; + int i; + char *p; + + /* num = aa aaa abb bbb bcc ccc cdd ddd d?? ??? ??? */ + p = buf; + num >>= ERRCODE_RANGE; + /* num = ?? ??? ??? aaa aaa bbb bbb ccc ccc ddd ddd */ + num &= 077777777; + /* num = 00 000 000 aaa aaa bbb bbb ccc ccc ddd ddd */ + for (i = 4; i >= 0; i--) { + ch = (num >> BITS_PER_CHAR * i) & ((1 << BITS_PER_CHAR) - 1); + if (ch != 0) + *p++ = char_set[ch-1]; + } + *p = '\0'; + return(buf); +} diff --git a/crypto/heimdal/lib/com_err/com_err.h b/crypto/heimdal/lib/com_err/com_err.h new file mode 100644 index 0000000..9703336 --- /dev/null +++ b/crypto/heimdal/lib/com_err/com_err.h @@ -0,0 +1,56 @@ +/* + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: com_err.h,v 1.6 2000/01/16 04:51:16 assar Exp $ */ + +/* MIT compatible com_err library */ + +#ifndef __COM_ERR_H__ +#define __COM_ERR_H__ + +#include + +typedef void (*errf) __P((const char *, long, const char *, va_list)); + +const char * error_message __P((long)); +int init_error_table __P((const char**, long, int)); + +void com_err_va __P((const char *, long, const char *, va_list)); +void com_err __P((const char *, long, const char *, ...)); + +errf set_com_err_hook __P((errf)); +errf reset_com_err_hook __P((void)); + +const char *error_table_name __P((int num)); + +#endif /* __COM_ERR_H__ */ diff --git a/crypto/heimdal/lib/com_err/com_right.h b/crypto/heimdal/lib/com_err/com_right.h new file mode 100644 index 0000000..c87bb0d --- /dev/null +++ b/crypto/heimdal/lib/com_err/com_right.h @@ -0,0 +1,66 @@ +/* + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: com_right.h,v 1.11 2000/07/31 01:11:08 assar Exp $ */ + +#ifndef __COM_RIGHT_H__ +#define __COM_RIGHT_H__ + +#ifdef __STDC__ +#include +#endif + +#ifndef __P +#ifdef __STDC__ +#define __P(X) X +#else +#define __P(X) () +#endif +#endif + +struct error_table { + char const * const * msgs; + long base; + int n_msgs; +}; +struct et_list { + struct et_list *next; + struct error_table *table; +}; +extern struct et_list *_et_list; + +const char *com_right __P((struct et_list *list, long code)); +void initialize_error_table_r __P((struct et_list **, const char **, int, long)); +void free_error_table __P((struct et_list *)); + +#endif /* __COM_RIGHT_H__ */ diff --git a/crypto/heimdal/lib/com_err/compile_et.c b/crypto/heimdal/lib/com_err/compile_et.c new file mode 100644 index 0000000..f982dcd --- /dev/null +++ b/crypto/heimdal/lib/com_err/compile_et.c @@ -0,0 +1,235 @@ +/* + * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#undef ROKEN_RENAME +#include "compile_et.h" +#include + +RCSID("$Id: compile_et.c,v 1.13 1999/12/02 16:58:38 joda Exp $"); + +#include +#include +#include "parse.h" + +int numerror; +extern FILE *yyin; + +extern void yyparse(void); + +long base; +int number; +char *prefix; +char *id_str; + +char name[128]; +char Basename[128]; + +#ifdef YYDEBUG +extern int yydebug = 1; +#endif + +char *filename; +char hfn[128]; +char cfn[128]; + +struct error_code *codes = NULL; + +static int +generate_c(void) +{ + int n; + struct error_code *ec; + + FILE *c_file = fopen(cfn, "w"); + if(c_file == NULL) + return 1; + + fprintf(c_file, "/* Generated from %s */\n", filename); + if(id_str) + fprintf(c_file, "/* %s */\n", id_str); + fprintf(c_file, "\n"); + fprintf(c_file, "#include \n"); + fprintf(c_file, "#include \n"); + fprintf(c_file, "#include \"%s\"\n", hfn); + fprintf(c_file, "\n"); + + fprintf(c_file, "static const char *text[] = {\n"); + + for(ec = codes, n = 0; ec; ec = ec->next, n++) { + while(n < ec->number) { + fprintf(c_file, "\t/* %03d */ \"Reserved %s error (%d)\",\n", + n, name, n); + n++; + + } + fprintf(c_file, "\t/* %03d */ \"%s\",\n", ec->number, ec->string); + } + + fprintf(c_file, "\tNULL\n"); + fprintf(c_file, "};\n"); + fprintf(c_file, "\n"); + fprintf(c_file, + "void initialize_%s_error_table_r(struct et_list **list)\n", + name); + fprintf(c_file, "{\n"); + fprintf(c_file, + " initialize_error_table_r(list, text, " + "%s_num_errors, ERROR_TABLE_BASE_%s);\n", name, name); + fprintf(c_file, "}\n"); + fprintf(c_file, "\n"); + fprintf(c_file, "void initialize_%s_error_table(void)\n", name); + fprintf(c_file, "{\n"); + fprintf(c_file, + " init_error_table(text, ERROR_TABLE_BASE_%s, " + "%s_num_errors);\n", name, name); + fprintf(c_file, "}\n"); + + fclose(c_file); + return 0; +} + +static int +generate_h(void) +{ + struct error_code *ec; + char fn[128]; + FILE *h_file = fopen(hfn, "w"); + char *p; + + if(h_file == NULL) + return 1; + + snprintf(fn, sizeof(fn), "__%s__", hfn); + for(p = fn; *p; p++) + if(!isalnum((unsigned char)*p)) + *p = '_'; + + fprintf(h_file, "/* Generated from %s */\n", filename); + if(id_str) + fprintf(h_file, "/* %s */\n", id_str); + fprintf(h_file, "\n"); + fprintf(h_file, "#ifndef %s\n", fn); + fprintf(h_file, "#define %s\n", fn); + fprintf(h_file, "\n"); + fprintf(h_file, "#include \n"); + fprintf(h_file, "\n"); + fprintf(h_file, + "void initialize_%s_error_table_r(struct et_list **);\n", + name); + fprintf(h_file, "\n"); + fprintf(h_file, "void initialize_%s_error_table(void);\n", name); + fprintf(h_file, "#define init_%s_err_tbl initialize_%s_error_table\n", + name, name); + fprintf(h_file, "\n"); + fprintf(h_file, "typedef enum %s_error_number{\n", name); + fprintf(h_file, "\tERROR_TABLE_BASE_%s = %ld,\n", name, base); + fprintf(h_file, "\t%s_err_base = %ld,\n", name, base); + + for(ec = codes; ec; ec = ec->next) { + fprintf(h_file, "\t%s = %ld,\n", ec->name, base + ec->number); + } + + fprintf(h_file, "\t%s_num_errors = %d\n", name, number); + fprintf(h_file, "} %s_error_number;\n", name); + fprintf(h_file, "\n"); + fprintf(h_file, "#endif /* %s */\n", fn); + + + fclose(h_file); + return 0; +} + +static int +generate(void) +{ + return generate_c() || generate_h(); +} + +int version_flag; +int help_flag; +struct getargs args[] = { + { "version", 0, arg_flag, &version_flag }, + { "help", 0, arg_flag, &help_flag } +}; +int num_args = sizeof(args) / sizeof(args[0]); + +static void +usage(int code) +{ + arg_printusage(args, num_args, NULL, "error-table"); + exit(code); +} + +int +main(int argc, char **argv) +{ + char *p; + int optind = 0; + + set_progname(argv[0]); + if(getarg(args, num_args, argc, argv, &optind)) + usage(1); + if(help_flag) + usage(0); + if(version_flag) { + print_version(NULL); + exit(0); + } + + if(optind == argc) + usage(1); + filename = argv[optind]; + yyin = fopen(filename, "r"); + if(yyin == NULL) + err(1, "%s", filename); + + + p = strrchr(filename, '/'); + if(p) + p++; + else + p = filename; + strncpy(Basename, p, sizeof(Basename)); + Basename[sizeof(Basename) - 1] = '\0'; + + Basename[strcspn(Basename, ".")] = '\0'; + + snprintf(hfn, sizeof(hfn), "%s.h", Basename); + snprintf(cfn, sizeof(cfn), "%s.c", Basename); + + yyparse(); + if(numerror) + return 1; + + return generate(); +} diff --git a/crypto/heimdal/lib/com_err/compile_et.h b/crypto/heimdal/lib/com_err/compile_et.h new file mode 100644 index 0000000..86dd113 --- /dev/null +++ b/crypto/heimdal/lib/com_err/compile_et.h @@ -0,0 +1,79 @@ +/* + * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: compile_et.h,v 1.6 2000/07/01 20:21:48 assar Exp $ */ + +#ifndef __COMPILE_ET_H__ +#define __COMPILE_ET_H__ + +#ifdef HAVE_CONFIG_H +#include +#endif + +#include +#include +#include +#include +#include +#include + +extern long base; +extern int number; +extern char *prefix; +extern char name[128]; +extern char *id_str; +extern char *filename; +extern int numerror; + +struct error_code { + unsigned number; + char *name; + char *string; + struct error_code *next, **tail; +}; + +extern struct error_code *codes; + +#define APPEND(L, V) \ +do { \ + if((L) == NULL) { \ + (L) = (V); \ + (L)->tail = &(V)->next; \ + (L)->next = NULL; \ + }else{ \ + *(L)->tail = (V); \ + (L)->tail = &(V)->next; \ + } \ +}while(0) + +#endif /* __COMPILE_ET_H__ */ diff --git a/crypto/heimdal/lib/com_err/error.c b/crypto/heimdal/lib/com_err/error.c new file mode 100644 index 0000000..d122007 --- /dev/null +++ b/crypto/heimdal/lib/com_err/error.c @@ -0,0 +1,91 @@ +/* + * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include +RCSID("$Id: error.c,v 1.14 1999/12/02 16:58:38 joda Exp $"); +#endif +#include +#include +#include +#include + +const char * +com_right(struct et_list *list, long code) +{ + struct et_list *p; + for (p = list; p; p = p->next) { + if (code >= p->table->base && code < p->table->base + p->table->n_msgs) + return p->table->msgs[code - p->table->base]; + } + return NULL; +} + +struct foobar { + struct et_list etl; + struct error_table et; +}; + +void +initialize_error_table_r(struct et_list **list, + const char **messages, + int num_errors, + long base) +{ + struct et_list *et; + struct foobar *f; + for (et = *list; et; et = et->next) + if (et->table->msgs == messages) + return; + f = malloc(sizeof(*f)); + if (f == NULL) + return; + et = &f->etl; + et->table = &f->et; + et->table->msgs = messages; + et->table->n_msgs = num_errors; + et->table->base = base; + et->next = *list; + *list = et; +} + + +void +free_error_table(struct et_list *et) +{ + while(et){ + struct et_list *p = et; + et = et->next; + free(p); + } +} diff --git a/crypto/heimdal/lib/com_err/lex.h b/crypto/heimdal/lib/com_err/lex.h new file mode 100644 index 0000000..9912bf4 --- /dev/null +++ b/crypto/heimdal/lib/com_err/lex.h @@ -0,0 +1,39 @@ +/* + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: lex.h,v 1.1 2000/06/22 00:42:52 assar Exp $ */ + +void error_message (const char *, ...) +__attribute__ ((format (printf, 1, 2))); + +int yylex(void); diff --git a/crypto/heimdal/lib/com_err/lex.l b/crypto/heimdal/lib/com_err/lex.l new file mode 100644 index 0000000..e98db6f --- /dev/null +++ b/crypto/heimdal/lib/com_err/lex.l @@ -0,0 +1,126 @@ +%{ +/* + * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* + * This is to handle the definition of this symbol in some AIX + * headers, which will conflict with the definition that lex will + * generate for it. It's only a problem for AIX lex. + */ + +#undef ECHO + +#include "compile_et.h" +#include "parse.h" +#include "lex.h" + +RCSID("$Id: lex.l,v 1.6 2000/06/22 00:42:52 assar Exp $"); + +static unsigned lineno = 1; +static int getstring(void); + +#define YY_NO_UNPUT + +#undef ECHO + +%} + + +%% +et { return ET; } +error_table { return ET; } +ec { return EC; } +error_code { return EC; } +prefix { return PREFIX; } +index { return INDEX; } +id { return ID; } +end { return END; } +[0-9]+ { yylval.number = atoi(yytext); return NUMBER; } +#[^\n]* ; +[ \t] ; +\n { lineno++; } +\" { return getstring(); } +[a-zA-Z0-9_]+ { yylval.string = strdup(yytext); return STRING; } +. { return *yytext; } +%% + +#ifndef yywrap /* XXX */ +int +yywrap () +{ + return 1; +} +#endif + +static int +getstring(void) +{ + char x[128]; + int i = 0; + int c; + int quote = 0; + while((c = input()) != EOF){ + if(quote) { + x[i++] = c; + quote = 0; + continue; + } + if(c == '\n'){ + error_message("unterminated string"); + lineno++; + break; + } + if(c == '\\'){ + quote++; + continue; + } + if(c == '\"') + break; + x[i++] = c; + } + x[i] = '\0'; + yylval.string = strdup(x); + return STRING; +} + +void +error_message (const char *format, ...) +{ + va_list args; + + va_start (args, format); + fprintf (stderr, "%s:%d:", filename, lineno); + vfprintf (stderr, format, args); + va_end (args); + numerror++; +} diff --git a/crypto/heimdal/lib/com_err/parse.y b/crypto/heimdal/lib/com_err/parse.y new file mode 100644 index 0000000..82e99ff --- /dev/null +++ b/crypto/heimdal/lib/com_err/parse.y @@ -0,0 +1,167 @@ +%{ +/* + * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "compile_et.h" +#include "lex.h" + +RCSID("$Id: parse.y,v 1.11 2000/06/22 00:42:52 assar Exp $"); + +void yyerror (char *s); +static long name2number(const char *str); + +extern char *yytext; + +/* This is for bison */ + +#if !defined(alloca) && !defined(HAVE_ALLOCA) +#define alloca(x) malloc(x) +#endif + +%} + +%union { + char *string; + int number; +} + +%token ET INDEX PREFIX EC ID END +%token STRING +%token NUMBER + +%% + +file : /* */ + | header statements + ; + +header : id et + | et + ; + +id : ID STRING + { + id_str = $2; + } + ; + +et : ET STRING + { + base = name2number($2); + strncpy(name, $2, sizeof(name)); + name[sizeof(name) - 1] = '\0'; + free($2); + } + | ET STRING STRING + { + base = name2number($2); + strncpy(name, $3, sizeof(name)); + name[sizeof(name) - 1] = '\0'; + free($2); + free($3); + } + ; + +statements : statement + | statements statement + ; + +statement : INDEX NUMBER + { + number = $2; + } + | PREFIX STRING + { + prefix = realloc(prefix, strlen($2) + 2); + strcpy(prefix, $2); + strcat(prefix, "_"); + free($2); + } + | PREFIX + { + prefix = realloc(prefix, 1); + *prefix = '\0'; + } + | EC STRING ',' STRING + { + struct error_code *ec = malloc(sizeof(*ec)); + + ec->next = NULL; + ec->number = number; + if(prefix && *prefix != '\0') { + asprintf (&ec->name, "%s%s", prefix, $2); + free($2); + } else + ec->name = $2; + ec->string = $4; + APPEND(codes, ec); + number++; + } + | END + { + YYACCEPT; + } + ; + +%% + +static long +name2number(const char *str) +{ + const char *p; + long base = 0; + const char *x = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" + "abcdefghijklmnopqrstuvwxyz0123456789_"; + if(strlen(str) > 4) { + yyerror("table name too long"); + return 0; + } + for(p = str; *p; p++){ + char *q = strchr(x, *p); + if(q == NULL) { + yyerror("invalid character in table name"); + return 0; + } + base = (base << 6) + (q - x) + 1; + } + base <<= 8; + if(base > 0x7fffffff) + base = -(0xffffffff - base + 1); + return base; +} + +void +yyerror (char *s) +{ + error_message ("%s\n", s); +} diff --git a/crypto/heimdal/lib/com_err/roken_rename.h b/crypto/heimdal/lib/com_err/roken_rename.h new file mode 100644 index 0000000..173c9a7 --- /dev/null +++ b/crypto/heimdal/lib/com_err/roken_rename.h @@ -0,0 +1,39 @@ +/* + * Copyright (c) 1998 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: roken_rename.h,v 1.3 1999/12/02 16:58:38 joda Exp $ */ + +#ifndef __roken_rename_h__ +#define __roken_rename_h__ + +#endif /* __roken_rename_h__ */ diff --git a/crypto/heimdal/lib/gssapi/8003.c b/crypto/heimdal/lib/gssapi/8003.c index f37fe04..c0d8881 100644 --- a/crypto/heimdal/lib/gssapi/8003.c +++ b/crypto/heimdal/lib/gssapi/8003.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "gssapi_locl.h" -RCSID("$Id: 8003.c,v 1.6 2000/01/25 23:10:13 assar Exp $"); +RCSID("$Id: 8003.c,v 1.8 2001/01/29 02:08:58 assar Exp $"); static krb5_error_code encode_om_uint32(OM_uint32 n, u_char *p) @@ -59,30 +59,30 @@ hash_input_chan_bindings (const gss_channel_bindings_t b, u_char num[4]; MD5_CTX md5; - MD5Init(&md5); + MD5_Init(&md5); encode_om_uint32 (b->initiator_addrtype, num); - MD5Update (&md5, num, sizeof(num)); + MD5_Update (&md5, num, sizeof(num)); encode_om_uint32 (b->initiator_address.length, num); - MD5Update (&md5, num, sizeof(num)); + MD5_Update (&md5, num, sizeof(num)); if (b->initiator_address.length) - MD5Update (&md5, + MD5_Update (&md5, b->initiator_address.value, b->initiator_address.length); encode_om_uint32 (b->acceptor_addrtype, num); - MD5Update (&md5, num, sizeof(num)); + MD5_Update (&md5, num, sizeof(num)); encode_om_uint32 (b->acceptor_address.length, num); - MD5Update (&md5, num, sizeof(num)); + MD5_Update (&md5, num, sizeof(num)); if (b->acceptor_address.length) - MD5Update (&md5, + MD5_Update (&md5, b->acceptor_address.value, b->acceptor_address.length); encode_om_uint32 (b->application_data.length, num); - MD5Update (&md5, num, sizeof(num)); + MD5_Update (&md5, num, sizeof(num)); if (b->application_data.length) - MD5Update (&md5, + MD5_Update (&md5, b->application_data.value, b->application_data.length); - MD5Final (p, &md5); + MD5_Final (p, &md5); return 0; } @@ -90,12 +90,20 @@ krb5_error_code gssapi_krb5_create_8003_checksum ( const gss_channel_bindings_t input_chan_bindings, OM_uint32 flags, + krb5_data *fwd_data, Checksum *result) { u_char *p; + /* + * see rfc1964 (section 1.1.1 (Initial Token), and the checksum value + * field's format) + */ result->cksumtype = 0x8003; - result->checksum.length = 24; + if (fwd_data->length > 0 && (flags & GSS_C_DELEG_FLAG)) + result->checksum.length = 24 + 4 + fwd_data->length; + else + result->checksum.length = 24; result->checksum.data = malloc (result->checksum.length); if (result->checksum.data == NULL) return ENOMEM; @@ -111,8 +119,31 @@ gssapi_krb5_create_8003_checksum ( p += 16; encode_om_uint32 (flags, p); p += 4; + + if (fwd_data->length > 0 && (flags & GSS_C_DELEG_FLAG)) { +#if 0 + u_char *tmp; + + result->checksum.length = 28 + fwd_data->length; + tmp = realloc(result->checksum.data, result->checksum.length); + if (tmp == NULL) + return ENOMEM; + result->checksum.data = tmp; + + p = (u_char*)result->checksum.data + 24; +#endif + *p++ = (1 >> 0) & 0xFF; /* DlgOpt */ /* == 1 */ + *p++ = (1 >> 8) & 0xFF; /* DlgOpt */ /* == 0 */ + *p++ = (fwd_data->length >> 0) & 0xFF; /* Dlgth */ + *p++ = (fwd_data->length >> 8) & 0xFF; /* Dlgth */ + memcpy(p, (unsigned char *) fwd_data->data, fwd_data->length); + + p += fwd_data->length; + if (p - (u_char *)result->checksum.data != result->checksum.length) - abort (); + abort(); + } + return 0; } @@ -120,14 +151,16 @@ krb5_error_code gssapi_krb5_verify_8003_checksum( const gss_channel_bindings_t input_chan_bindings, Checksum *cksum, - OM_uint32 *flags) + OM_uint32 *flags, + krb5_data *fwd_data) { unsigned char hash[16]; unsigned char *p; OM_uint32 length; + int DlgOpt; /* XXX should handle checksums > 24 bytes */ - if(cksum->cksumtype != 0x8003 || cksum->checksum.length != 24) + if(cksum->cksumtype != 0x8003) return GSS_S_BAD_BINDINGS; p = cksum->checksum.data; @@ -147,6 +180,24 @@ gssapi_krb5_verify_8003_checksum( p += sizeof(hash); decode_om_uint32(p, flags); + + if (cksum->checksum.length > 24 && (*flags & GSS_C_DELEG_FLAG)) { + + p += 4; + + DlgOpt = (p[0] << 0) | (p[1] << 8 ); + if (DlgOpt != 1) + return GSS_S_BAD_BINDINGS; + + p += 2; + fwd_data->length = (p[0] << 0) | (p[1] << 8); + fwd_data->data = malloc(fwd_data->length); + if (fwd_data->data == NULL) + return ENOMEM; + + p += 2; + memcpy(fwd_data->data, p, fwd_data->length); + } return 0; } diff --git a/crypto/heimdal/lib/gssapi/ChangeLog b/crypto/heimdal/lib/gssapi/ChangeLog index ba765ba..e335d4db 100644 --- a/crypto/heimdal/lib/gssapi/ChangeLog +++ b/crypto/heimdal/lib/gssapi/ChangeLog @@ -1,3 +1,106 @@ +2001-01-30 Assar Westerlund + + * Makefile.am (libgssapi_la_LDFLAGS): bump version to 3:0:2 + * acquire_cred.c, init_sec_context.c, release_cred.c: add support + for getting creds from a keytab, from fvdl@netbsd.org + + * copy_ccache.c: add gss_krb5_copy_ccache + +2001-01-27 Assar Westerlund + + * get_mic.c: cast parameters to des function to non-const pointers + to handle the case where these functions actually take non-const + des_cblock * + +2001-01-09 Assar Westerlund + + * accept_sec_context.c (gss_accept_sec_context): use krb5_rd_cred2 + instead of krb5_rd_cred + +2000-12-11 Assar Westerlund + + * Makefile.am (libgssapi_la_LDFLAGS): bump to 2:3:1 + +2000-12-08 Assar Westerlund + + * wrap.c (wrap_des3): use the checksum as ivec when encrypting the + sequence number + * unwrap.c (unwrap_des3): use the checksum as ivec when encrypting + the sequence number + * init_sec_context.c (init_auth): always zero fwd_data + +2000-12-06 Johan Danielsson + + * accept_sec_context.c: de-pointerise auth_context parameter to + krb5_mk_rep + +2000-11-15 Assar Westerlund + + * init_sec_context.c (init_auth): update to new + krb5_build_authenticator + +2000-09-19 Assar Westerlund + + * Makefile.am (libgssapi_la_LDFLAGS): bump to 2:2:1 + +2000-08-27 Assar Westerlund + + * init_sec_context.c: actually pay attention to `time_req' + * init_sec_context.c: re-organize. leak less memory. + * gssapi_locl.h (gssapi_krb5_encapsulate, gss_krb5_getsomekey): + update prototypes add assert.h + * gssapi.h (GSS_KRB5_CONF_C_QOP_DES, GSS_KRB5_CONF_C_QOP_DES3_KD): + add + * verify_mic.c: re-organize and add 3DES code + * wrap.c: re-organize and add 3DES code + * unwrap.c: re-organize and add 3DES code + * get_mic.c: re-organize and add 3DES code + * encapsulate.c (gssapi_krb5_encapsulate): do not free `in_data', + let the caller do that. fix the callers. + +2000-08-16 Assar Westerlund + + * Makefile.am: bump version to 2:1:1 + +2000-07-29 Assar Westerlund + + * decapsulate.c (gssapi_krb5_verify_header): sanity-check length + +2000-07-25 Johan Danielsson + + * Makefile.am: bump version to 2:0:1 + +2000-07-22 Assar Westerlund + + * gssapi.h: update OID for GSS_C_NT_HOSTBASED_SERVICE and other + details from rfc2744 + +2000-06-29 Assar Westerlund + + * address_to_krb5addr.c (gss_address_to_krb5addr): actually use + `int' instead of `sa_family_t' for the address family. + +2000-06-21 Assar Westerlund + + * add support for token delegation. From Daniel Kouril + and Miroslav Ruda + +2000-05-15 Assar Westerlund + + * Makefile.am (libgssapi_la_LDFLAGS): set version to 1:1:1 + +2000-04-12 Assar Westerlund + + * release_oid_set.c (gss_release_oid_set): clear set for + robustness. From GOMBAS Gabor + * release_name.c (gss_release_name): reset input_name for + robustness. From GOMBAS Gabor + * release_buffer.c (gss_release_buffer): set value to NULL to be + more robust. From GOMBAS Gabor + * add_oid_set_member.c (gss_add_oid_set_member): actually check if + the oid is a member first. leave the oid_set unchanged if realloc + fails. + 2000-02-13 Assar Westerlund * Makefile.am: set version to 1:0:1 diff --git a/crypto/heimdal/lib/gssapi/Makefile.am b/crypto/heimdal/lib/gssapi/Makefile.am index 07d4e65..a086e29 100644 --- a/crypto/heimdal/lib/gssapi/Makefile.am +++ b/crypto/heimdal/lib/gssapi/Makefile.am @@ -1,11 +1,11 @@ -# $Id: Makefile.am,v 1.21 2000/02/13 20:34:49 assar Exp $ +# $Id: Makefile.am,v 1.30 2001/01/30 01:51:53 assar Exp $ include $(top_srcdir)/Makefile.am.common -INCLUDES += -I$(srcdir)/../krb5 +INCLUDES += -I$(srcdir)/../krb5 $(INCLUDE_krb4) lib_LTLIBRARIES = libgssapi.la -libgssapi_la_LDFLAGS = -version-info 1:0:1 +libgssapi_la_LDFLAGS = -version-info 3:0:2 include_HEADERS = gssapi.h @@ -17,6 +17,7 @@ libgssapi_la_SOURCES = \ canonicalize_name.c \ compare_name.c \ context_time.c \ + copy_ccache.c \ create_emtpy_oid_set.c \ decapsulate.c \ delete_sec_context.c \ @@ -45,4 +46,5 @@ libgssapi_la_SOURCES = \ unwrap.c \ v1.c \ verify_mic.c \ - wrap.c + wrap.c \ + address_to_krb5addr.c diff --git a/crypto/heimdal/lib/gssapi/Makefile.in b/crypto/heimdal/lib/gssapi/Makefile.in index 31ea813..4173934 100644 --- a/crypto/heimdal/lib/gssapi/Makefile.in +++ b/crypto/heimdal/lib/gssapi/Makefile.in @@ -1,6 +1,6 @@ -# Makefile.in generated automatically by automake 1.4 from Makefile.am +# Makefile.in generated automatically by automake 1.4a from Makefile.am -# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -10,15 +10,6 @@ # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. -# $Id: Makefile.am,v 1.21 2000/02/13 20:34:49 assar Exp $ - - -# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ - - -# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ - - SHELL = @SHELL@ srcdir = @srcdir@ @@ -40,8 +31,6 @@ mandir = @mandir@ includedir = @includedir@ oldincludedir = /usr/include -DESTDIR = - pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ @@ -54,9 +43,10 @@ AUTOMAKE = @AUTOMAKE@ AUTOHEADER = @AUTOHEADER@ INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_FLAG = transform = @program_transform_name@ NORMAL_INSTALL = : @@ -65,26 +55,39 @@ POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : + +@SET_MAKE@ host_alias = @host_alias@ host_triplet = @host@ -AFS_EXTRA_LD = @AFS_EXTRA_LD@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AMDEP = @AMDEP@ +AMTAR = @AMTAR@ +AS = @AS@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CPP = @CPP@ +CXX = @CXX@ +CXXCPP = @CXXCPP@ DBLIB = @DBLIB@ +DEPDIR = @DEPDIR@ +DIR_des = @DIR_des@ +DIR_roken = @DIR_roken@ +DLLTOOL = @DLLTOOL@ EXEEXT = @EXEEXT@ EXTRA_LIB45 = @EXTRA_LIB45@ GROFF = @GROFF@ +INCLUDES_roken = @INCLUDES_roken@ INCLUDE_ = @INCLUDE_@ -LD = @LD@ LEX = @LEX@ LIBOBJS = @LIBOBJS@ LIBTOOL = @LIBTOOL@ LIB_ = @LIB_@ LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_des = @LIB_des@ +LIB_des_appl = @LIB_des_appl@ LIB_kdb = @LIB_kdb@ LIB_otp = @LIB_otp@ LIB_roken = @LIB_roken@ @@ -92,31 +95,43 @@ LIB_security = @LIB_security@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ -MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ -MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ -MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ -NM = @NM@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ RANLIB = @RANLIB@ +STRIP = @STRIP@ VERSION = @VERSION@ VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ YACC = @YACC@ +dpagaix_CFLAGS = @dpagaix_CFLAGS@ +dpagaix_LDADD = @dpagaix_LDADD@ +install_sh = @install_sh@ + +# $Id: Makefile.am,v 1.30 2001/01/30 01:51:53 assar Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $ + AUTOMAKE_OPTIONS = foreign no-dependencies SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x -INCLUDES = -I$(top_builddir)/include -I$(srcdir)/../krb5 +INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken) -I$(srcdir)/../krb5 $(INCLUDE_krb4) AM_CFLAGS = $(WFLAGS) +CP = cp + COMPILE_ET = $(top_builddir)/lib/com_err/compile_et buildinclude = $(top_builddir)/include @@ -136,6 +151,7 @@ LIB_getsockopt = @LIB_getsockopt@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ LIB_odm_initialize = @LIB_odm_initialize@ +LIB_pidfile = @LIB_pidfile@ LIB_readline = @LIB_readline@ LIB_res_search = @LIB_res_search@ LIB_setpcred = @LIB_setpcred@ @@ -144,6 +160,8 @@ LIB_socket = @LIB_socket@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIBS = @LIBS@ + HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ INCLUDE_hesiod = @INCLUDE_hesiod@ @@ -152,34 +170,69 @@ LIB_hesiod = @LIB_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ LIB_krb4 = @LIB_krb4@ +INCLUDE_openldap = @INCLUDE_openldap@ +LIB_openldap = @LIB_openldap@ + INCLUDE_readline = @INCLUDE_readline@ LEXLIB = @LEXLIB@ -cat1dir = $(mandir)/cat1 -cat3dir = $(mandir)/cat3 -cat5dir = $(mandir)/cat5 -cat8dir = $(mandir)/cat8 - -MANRX = \(.*\)\.\([0-9]\) -CATSUFFIX = @CATSUFFIX@ - NROFF_MAN = groff -mandoc -Tascii -@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) +@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la +@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \ +@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la CHECK_LOCAL = $(PROGRAMS) lib_LTLIBRARIES = libgssapi.la -libgssapi_la_LDFLAGS = -version-info 1:0:1 +libgssapi_la_LDFLAGS = -version-info 3:0:2 include_HEADERS = gssapi.h -libgssapi_la_SOURCES = 8003.c accept_sec_context.c acquire_cred.c add_oid_set_member.c canonicalize_name.c compare_name.c context_time.c create_emtpy_oid_set.c decapsulate.c delete_sec_context.c display_name.c display_status.c duplicate_name.c encapsulate.c export_sec_context.c export_name.c external.c get_mic.c gssapi.h gssapi_locl.h import_name.c import_sec_context.c indicate_mechs.c init.c init_sec_context.c inquire_context.c inquire_cred.c release_buffer.c release_cred.c release_name.c release_oid_set.c test_oid_set_member.c unwrap.c v1.c verify_mic.c wrap.c +libgssapi_la_SOURCES = \ + 8003.c \ + accept_sec_context.c \ + acquire_cred.c \ + add_oid_set_member.c \ + canonicalize_name.c \ + compare_name.c \ + context_time.c \ + copy_ccache.c \ + create_emtpy_oid_set.c \ + decapsulate.c \ + delete_sec_context.c \ + display_name.c \ + display_status.c \ + duplicate_name.c \ + encapsulate.c \ + export_sec_context.c \ + export_name.c \ + external.c \ + get_mic.c \ + gssapi.h \ + gssapi_locl.h \ + import_name.c \ + import_sec_context.c \ + indicate_mechs.c \ + init.c \ + init_sec_context.c \ + inquire_context.c \ + inquire_cred.c \ + release_buffer.c \ + release_cred.c \ + release_name.c \ + release_oid_set.c \ + test_oid_set_member.c \ + unwrap.c \ + v1.c \ + verify_mic.c \ + wrap.c \ + address_to_krb5addr.c +subdir = lib/gssapi mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs CONFIG_HEADER = ../../include/config.h CONFIG_CLEAN_FILES = @@ -189,42 +242,43 @@ LTLIBRARIES = $(lib_LTLIBRARIES) DEFS = @DEFS@ -I. -I$(srcdir) -I../../include CPPFLAGS = @CPPFLAGS@ LDFLAGS = @LDFLAGS@ -LIBS = @LIBS@ X_CFLAGS = @X_CFLAGS@ X_LIBS = @X_LIBS@ X_EXTRA_LIBS = @X_EXTRA_LIBS@ X_PRE_LIBS = @X_PRE_LIBS@ libgssapi_la_LIBADD = -libgssapi_la_OBJECTS = 8003.lo accept_sec_context.lo acquire_cred.lo \ +am_libgssapi_la_OBJECTS = 8003.lo accept_sec_context.lo acquire_cred.lo \ add_oid_set_member.lo canonicalize_name.lo compare_name.lo \ -context_time.lo create_emtpy_oid_set.lo decapsulate.lo \ +context_time.lo copy_ccache.lo create_emtpy_oid_set.lo decapsulate.lo \ delete_sec_context.lo display_name.lo display_status.lo \ duplicate_name.lo encapsulate.lo export_sec_context.lo export_name.lo \ external.lo get_mic.lo import_name.lo import_sec_context.lo \ indicate_mechs.lo init.lo init_sec_context.lo inquire_context.lo \ inquire_cred.lo release_buffer.lo release_cred.lo release_name.lo \ release_oid_set.lo test_oid_set_member.lo unwrap.lo v1.lo verify_mic.lo \ -wrap.lo -CFLAGS = @CFLAGS@ +wrap.lo address_to_krb5addr.lo +libgssapi_la_OBJECTS = $(am_libgssapi_la_OBJECTS) COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CFLAGS = @CFLAGS@ CCLD = $(CC) -LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +DIST_SOURCES = $(libgssapi_la_SOURCES) HEADERS = $(include_HEADERS) -DIST_COMMON = ChangeLog Makefile.am Makefile.in +depcomp = +DIST_COMMON = $(include_HEADERS) ChangeLog Makefile.am Makefile.in -DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -TAR = tar GZIP_ENV = --best SOURCES = $(libgssapi_la_SOURCES) -OBJECTS = $(libgssapi_la_OBJECTS) +OBJECTS = $(am_libgssapi_la_OBJECTS) all: all-redirect .SUFFIXES: -.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .s .x +.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .x $(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/gssapi/Makefile @@ -247,31 +301,18 @@ install-libLTLIBRARIES: $(lib_LTLIBRARIES) $(mkinstalldirs) $(DESTDIR)$(libdir) @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ if test -f $$p; then \ - echo "$(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p"; \ - $(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p; \ + echo " $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p"; \ + $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p; \ else :; fi; \ done uninstall-libLTLIBRARIES: @$(NORMAL_UNINSTALL) - list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + echo " $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p"; \ $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \ done -.c.o: - $(COMPILE) -c $< - -# FIXME: We should only use cygpath when building on Windows, -# and only if it is available. -.c.obj: - $(COMPILE) -c `cygpath -w $<` - -.s.o: - $(COMPILE) -c $< - -.S.o: - $(COMPILE) -c $< - mostlyclean-compile: -rm -f *.o core *.core -rm -f *.$(OBJEXT) @@ -283,15 +324,6 @@ distclean-compile: maintainer-clean-compile: -.c.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - -.s.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - -.S.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - mostlyclean-libtool: -rm -f *.lo @@ -304,41 +336,54 @@ maintainer-clean-libtool: libgssapi.la: $(libgssapi_la_OBJECTS) $(libgssapi_la_DEPENDENCIES) $(LINK) -rpath $(libdir) $(libgssapi_la_LDFLAGS) $(libgssapi_la_OBJECTS) $(libgssapi_la_LIBADD) $(LIBS) +.c.o: + $(COMPILE) -c $< +.c.obj: + $(COMPILE) -c `cygpath -w $<` +.c.lo: + $(LTCOMPILE) -c -o $@ $< install-includeHEADERS: $(include_HEADERS) @$(NORMAL_INSTALL) $(mkinstalldirs) $(DESTDIR)$(includedir) @list='$(include_HEADERS)'; for p in $$list; do \ if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \ - echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p"; \ - $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p; \ + f="`echo $$p | sed -e 's|^.*/||'`"; \ + echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f"; \ + $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f; \ done uninstall-includeHEADERS: @$(NORMAL_UNINSTALL) - list='$(include_HEADERS)'; for p in $$list; do \ - rm -f $(DESTDIR)$(includedir)/$$p; \ + @list='$(include_HEADERS)'; for p in $$list; do \ + f="`echo $$p | sed -e 's|^.*/||'`"; \ + echo " rm -f $(DESTDIR)$(includedir)/$$f"; \ + rm -f $(DESTDIR)$(includedir)/$$f; \ done tags: TAGS -ID: $(HEADERS) $(SOURCES) $(LISP) - list='$(SOURCES) $(HEADERS)'; \ - unique=`for i in $$list; do echo $$i; done | \ - awk ' { files[$$0] = 1; } \ +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ - here=`pwd` && cd $(srcdir) \ - && mkid -f$$here/ID $$unique $(LISP) + mkid -fID $$unique $(LISP) -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP) +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) tags=; \ here=`pwd`; \ - list='$(SOURCES) $(HEADERS)'; \ - unique=`for i in $$list; do echo $$i; done | \ - awk ' { files[$$0] = 1; } \ + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ - || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS) + || etags $(ETAGS_ARGS) $$tags $$unique $(LISP) mostlyclean-tags: @@ -351,17 +396,16 @@ maintainer-clean-tags: distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) -subdir = lib/gssapi - distdir: $(DISTFILES) @for file in $(DISTFILES); do \ d=$(srcdir); \ if test -d $$d/$$file; then \ - cp -pr $$/$$file $(distdir)/$$file; \ + cp -pR $$d/$$file $(distdir) \ + || exit 1; \ else \ test -f $(distdir)/$$file \ - || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ - || cp -p $$d/$$file $(distdir)/$$file || :; \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ fi; \ done $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook @@ -390,7 +434,7 @@ uninstall: uninstall-am all-am: Makefile $(LTLIBRARIES) $(HEADERS) all-local all-redirect: all-am install-strip: - $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install + $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install installdirs: $(mkinstalldirs) $(DESTDIR)$(libdir) $(DESTDIR)$(includedir) @@ -404,6 +448,7 @@ distclean-generic: -rm -f config.cache config.log stamp-h stamp-h[0-9]* maintainer-clean-generic: + -rm -f Makefile.in mostlyclean-am: mostlyclean-libLTLIBRARIES mostlyclean-compile \ mostlyclean-libtool mostlyclean-tags \ mostlyclean-generic @@ -441,8 +486,8 @@ install-includeHEADERS tags mostlyclean-tags distclean-tags clean-tags \ maintainer-clean-tags distdir info-am info dvi-am dvi check-local check \ check-am installcheck-am installcheck install-exec-am install-exec \ install-data-local install-data-am install-data install-am install \ -uninstall-am uninstall all-local all-redirect all-am all installdirs \ -mostlyclean-generic distclean-generic clean-generic \ +uninstall-am uninstall all-local all-redirect all-am all install-strip \ +installdirs mostlyclean-generic distclean-generic clean-generic \ maintainer-clean-generic clean mostlyclean distclean maintainer-clean @@ -451,7 +496,10 @@ install-suid-programs: for file in $$foo; do \ x=$(DESTDIR)$(bindir)/$$file; \ if chown 0:0 $$x && chmod u+s $$x; then :; else \ - chmod 0 $$x; fi; done + echo "*"; \ + echo "* Failed to install $$x setuid root"; \ + echo "*"; \ + fi; done install-exec-hook: install-suid-programs @@ -463,8 +511,8 @@ install-build-headers:: $(include_HEADERS) $(build_HEADERZ) else file="$$f"; fi; \ if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ : ; else \ - echo " cp $$file $(buildinclude)/$$f"; \ - cp $$file $(buildinclude)/$$f; \ + echo " $(CP) $$file $(buildinclude)/$$f"; \ + $(CP) $$file $(buildinclude)/$$f; \ fi ; \ done @@ -533,87 +581,8 @@ dist-cat8-mans: dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans -install-cat1-mans: - @ext=1;\ - foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat3-mans: - @ext=3;\ - foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat5-mans: - @ext=5;\ - foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat8-mans: - @ext=8;\ - foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans +install-cat-mans: + $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) install-data-local: install-cat-mans diff --git a/crypto/heimdal/lib/gssapi/accept_sec_context.c b/crypto/heimdal/lib/gssapi/accept_sec_context.c index 3f61ae1..a606c55 100644 --- a/crypto/heimdal/lib/gssapi/accept_sec_context.c +++ b/crypto/heimdal/lib/gssapi/accept_sec_context.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "gssapi_locl.h" -RCSID("$Id: accept_sec_context.c,v 1.17 2000/02/12 21:24:08 assar Exp $"); +RCSID("$Id: accept_sec_context.c,v 1.21 2001/01/09 18:47:11 assar Exp $"); static krb5_keytab gss_keytab; @@ -75,9 +75,11 @@ gss_accept_sec_context OM_uint32 flags; krb5_ticket *ticket = NULL; krb5_keytab keytab = NULL; + krb5_data fwd_data; gssapi_krb5_init (); + krb5_data_zero (&fwd_data); output_token->length = 0; output_token->value = NULL; @@ -103,6 +105,70 @@ gss_accept_sec_context goto failure; } + if (input_chan_bindings != GSS_C_NO_CHANNEL_BINDINGS + && input_chan_bindings->application_data.length == + 2 * sizeof((*context_handle)->auth_context->local_port) + ) { + + /* Port numbers are expected to be in application_data.value, + * initator's port first */ + + krb5_address initiator_addr, acceptor_addr; + + memset(&initiator_addr, 0, sizeof(initiator_addr)); + memset(&acceptor_addr, 0, sizeof(acceptor_addr)); + + (*context_handle)->auth_context->remote_port = + *(int16_t *) input_chan_bindings->application_data.value; + + (*context_handle)->auth_context->local_port = + *((int16_t *) input_chan_bindings->application_data.value + 1); + + + kret = gss_address_to_krb5addr(input_chan_bindings->acceptor_addrtype, + &input_chan_bindings->acceptor_address, + (*context_handle)->auth_context->local_port, + &acceptor_addr); + if (kret) { + *minor_status = kret; + ret = GSS_S_BAD_BINDINGS; + goto failure; + } + + kret = gss_address_to_krb5addr(input_chan_bindings->initiator_addrtype, + &input_chan_bindings->initiator_address, + (*context_handle)->auth_context->remote_port, + &initiator_addr); + if (kret) { + krb5_free_address (gssapi_krb5_context, &acceptor_addr); + *minor_status = kret; + ret = GSS_S_BAD_BINDINGS; + goto failure; + } + + kret = krb5_auth_con_setaddrs(gssapi_krb5_context, + (*context_handle)->auth_context, + &acceptor_addr, /* local address */ + &initiator_addr); /* remote address */ + + krb5_free_address (gssapi_krb5_context, &initiator_addr); + krb5_free_address (gssapi_krb5_context, &acceptor_addr); + +#if 0 + free(input_chan_bindings->application_data.value); + input_chan_bindings->application_data.value = NULL; + input_chan_bindings->application_data.length = 0; +#endif + + if (kret) { + *minor_status = kret; + ret = GSS_S_BAD_BINDINGS; + goto failure; + } + } + + + { int32_t tmp; @@ -183,7 +249,8 @@ gss_accept_sec_context kret = gssapi_krb5_verify_8003_checksum(input_chan_bindings, authenticator->cksum, - &flags); + &flags, + &fwd_data); krb5_free_authenticator(gssapi_krb5_context, &authenticator); if (kret) { ret = GSS_S_FAILURE; @@ -191,6 +258,49 @@ gss_accept_sec_context } } + if (fwd_data.length > 0 && (flags & GSS_C_DELEG_FLAG)) { + + krb5_ccache ccache; + + if (delegated_cred_handle == NULL || *delegated_cred_handle == NULL) + /* XXX Create a new delegated_cred_handle? */ + kret = krb5_cc_default (gssapi_krb5_context, &ccache); + + else { + if ((*delegated_cred_handle)->ccache == NULL) + kret = krb5_cc_gen_new (gssapi_krb5_context, + &krb5_mcc_ops, + &(*delegated_cred_handle)->ccache); + ccache = (*delegated_cred_handle)->ccache; + } + + if (kret) { + flags &= ~GSS_C_DELEG_FLAG; + goto end_fwd; + } + + kret = krb5_cc_initialize(gssapi_krb5_context, + ccache, + *src_name); + if (kret) { + flags &= ~GSS_C_DELEG_FLAG; + goto end_fwd; + } + + kret = krb5_rd_cred2(gssapi_krb5_context, + (*context_handle)->auth_context, + ccache, + &fwd_data); + if (kret) { + flags &= ~GSS_C_DELEG_FLAG; + goto end_fwd; + } + +end_fwd: + free(fwd_data.data); + } + + flags |= GSS_C_TRANS_FLAG; if (ret_flags) @@ -208,16 +318,16 @@ gss_accept_sec_context krb5_data outbuf; kret = krb5_mk_rep (gssapi_krb5_context, - &(*context_handle)->auth_context, + (*context_handle)->auth_context, &outbuf); if (kret) { - krb5_data_free (&outbuf); ret = GSS_S_FAILURE; goto failure; } ret = gssapi_krb5_encapsulate (&outbuf, output_token, "\x02\x00"); + krb5_data_free (&outbuf); if (ret) { kret = 0; goto failure; @@ -236,6 +346,8 @@ gss_accept_sec_context return GSS_S_COMPLETE; failure: + if (fwd_data.length > 0) + free(fwd_data.data); if (ticket != NULL) krb5_free_ticket (gssapi_krb5_context, ticket); krb5_auth_con_free (gssapi_krb5_context, diff --git a/crypto/heimdal/lib/gssapi/acquire_cred.c b/crypto/heimdal/lib/gssapi/acquire_cred.c index 821bbc3..341d06d 100644 --- a/crypto/heimdal/lib/gssapi/acquire_cred.c +++ b/crypto/heimdal/lib/gssapi/acquire_cred.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "gssapi_locl.h" -RCSID("$Id: acquire_cred.c,v 1.3 1999/12/02 17:05:03 joda Exp $"); +RCSID("$Id: acquire_cred.c,v 1.4 2001/01/30 00:49:05 assar Exp $"); OM_uint32 gss_acquire_cred (OM_uint32 * minor_status, @@ -48,21 +48,67 @@ OM_uint32 gss_acquire_cred { gss_cred_id_t handle; OM_uint32 ret; + krb5_principal def_princ; + krb5_ccache ccache; + krb5_error_code pret = -1, kret = 0; + krb5_keytab kt; + krb5_creds cred; + krb5_get_init_creds_opt opt; handle = (gss_cred_id_t)malloc(sizeof(*handle)); if (handle == GSS_C_NO_CREDENTIAL) { return GSS_S_FAILURE; } + memset(handle, 0, sizeof (*handle)); ret = gss_duplicate_name(minor_status, desired_name, &handle->principal); if (ret) { return ret; } + if (krb5_cc_default(gssapi_krb5_context, &ccache) == 0 && + (pret = krb5_cc_get_principal(gssapi_krb5_context, ccache, + &def_princ)) == 0 && + krb5_principal_compare(gssapi_krb5_context, handle->principal, + def_princ) == TRUE) { + handle->ccache = ccache; + handle->keytab = NULL; + } else { + kret = krb5_kt_default(gssapi_krb5_context, &kt); + if (kret != 0) + goto out; + krb5_get_init_creds_opt_init(&opt); + memset(&cred, 0, sizeof(cred)); + kret = krb5_get_init_creds_keytab(gssapi_krb5_context, &cred, + handle->principal, kt, 0, NULL, &opt); + if (kret != 0) { + krb5_kt_close(gssapi_krb5_context, kt); + goto out; + } + kret = krb5_cc_gen_new(gssapi_krb5_context, &krb5_mcc_ops, &ccache); + if (kret != 0) { + krb5_kt_close(gssapi_krb5_context, kt); + goto out; + } + kret = krb5_cc_initialize(gssapi_krb5_context, ccache, cred.client); + if (kret != 0) { + krb5_kt_close(gssapi_krb5_context, kt); + krb5_cc_close(gssapi_krb5_context, ccache); + goto out; + } + kret = krb5_cc_store_cred(gssapi_krb5_context, ccache, &cred); + if (kret != 0) { + krb5_kt_close(gssapi_krb5_context, kt); + krb5_cc_close(gssapi_krb5_context, ccache); + goto out; + } + handle->ccache = ccache; + handle->keytab = kt; + } + + /* XXX */ handle->lifetime = time_req; - - handle->keytab = NULL; handle->usage = cred_usage; ret = gss_create_empty_oid_set(minor_status, &handle->mechanisms); @@ -83,5 +129,14 @@ OM_uint32 gss_acquire_cred *output_cred_handle = handle; +out: + if (pret == 0) + krb5_free_principal(gssapi_krb5_context, def_princ); + + if (kret != 0) { + *minor_status = kret; + return GSS_S_FAILURE; + } + return GSS_S_COMPLETE; } diff --git a/crypto/heimdal/lib/gssapi/add_oid_set_member.c b/crypto/heimdal/lib/gssapi/add_oid_set_member.c index 996c5cf..b8144ff 100644 --- a/crypto/heimdal/lib/gssapi/add_oid_set_member.c +++ b/crypto/heimdal/lib/gssapi/add_oid_set_member.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "gssapi_locl.h" -RCSID("$Id: add_oid_set_member.c,v 1.3 1999/12/02 17:05:03 joda Exp $"); +RCSID("$Id: add_oid_set_member.c,v 1.6 2000/07/02 04:44:11 assar Exp $"); OM_uint32 gss_add_oid_set_member ( OM_uint32 * minor_status, @@ -41,13 +41,23 @@ OM_uint32 gss_add_oid_set_member ( gss_OID_set * oid_set ) { - size_t n = (*oid_set)->count; + gss_OID tmp; + size_t n; + OM_uint32 res; + int present; - (*oid_set)->elements = realloc ((*oid_set)->elements, - n * sizeof(gss_OID_desc)); - if ((*oid_set)->elements == NULL) { + res = gss_test_oid_set_member(minor_status, member_oid, *oid_set, &present); + if (res != GSS_S_COMPLETE) + return res; + + if (present) + return GSS_S_COMPLETE; + + n = (*oid_set)->count + 1; + tmp = realloc ((*oid_set)->elements, n * sizeof(gss_OID_desc)); + if (tmp == NULL) return GSS_S_FAILURE; - } + (*oid_set)->elements = tmp; (*oid_set)->count = n; (*oid_set)->elements[n-1] = *member_oid; return GSS_S_COMPLETE; diff --git a/crypto/heimdal/lib/gssapi/address_to_krb5addr.c b/crypto/heimdal/lib/gssapi/address_to_krb5addr.c new file mode 100644 index 0000000..1d8c1b6 --- /dev/null +++ b/crypto/heimdal/lib/gssapi/address_to_krb5addr.c @@ -0,0 +1,75 @@ +/* + * Copyright (c) 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +#include + +krb5_error_code +gss_address_to_krb5addr(OM_uint32 gss_addr_type, + gss_buffer_desc *gss_addr, + int16_t port, + krb5_address *address) +{ + int addr_type; + struct sockaddr sa; + int sa_size = sizeof(sa); + krb5_error_code problem; + + if (gss_addr == NULL) + return GSS_S_FAILURE; + + switch (gss_addr_type) { +#ifdef HAVE_IPV6 + case GSS_C_AF_INET6: addr_type = AF_INET6; + break; +#endif /* HAVE_IPV6 */ + + case GSS_C_AF_INET: addr_type = AF_INET; + break; + default: + return GSS_S_FAILURE; + } + + problem = krb5_h_addr2sockaddr (addr_type, + gss_addr->value, + &sa, + &sa_size, + port); + if (problem) + return GSS_S_FAILURE; + + problem = krb5_sockaddr2address (&sa, address); + + return problem; +} diff --git a/crypto/heimdal/lib/gssapi/copy_ccache.c b/crypto/heimdal/lib/gssapi/copy_ccache.c new file mode 100644 index 0000000..f91acab --- /dev/null +++ b/crypto/heimdal/lib/gssapi/copy_ccache.c @@ -0,0 +1,56 @@ +/* + * Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "gssapi_locl.h" + +RCSID("$Id: copy_ccache.c,v 1.1 2001/01/30 00:35:47 assar Exp $"); + +OM_uint32 +gss_krb5_copy_ccache(OM_uint32 *minor, + gss_cred_id_t cred, + krb5_ccache out) +{ + krb5_error_code kret; + + if (cred->ccache == NULL) { + *minor = EINVAL; + return GSS_S_FAILURE; + } + + kret = krb5_cc_copy_cache(gssapi_krb5_context, cred->ccache, out); + if (kret) { + *minor = kret; + return GSS_S_FAILURE; + } + return GSS_S_COMPLETE; +} diff --git a/crypto/heimdal/lib/gssapi/decapsulate.c b/crypto/heimdal/lib/gssapi/decapsulate.c index e3603c7..b0a0f1e 100644 --- a/crypto/heimdal/lib/gssapi/decapsulate.c +++ b/crypto/heimdal/lib/gssapi/decapsulate.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "gssapi_locl.h" -RCSID("$Id: decapsulate.c,v 1.5 1999/12/02 17:05:03 joda Exp $"); +RCSID("$Id: decapsulate.c,v 1.6 2000/07/29 05:48:13 assar Exp $"); OM_uint32 gssapi_krb5_verify_header(u_char **str, @@ -44,18 +44,20 @@ gssapi_krb5_verify_header(u_char **str, int e; u_char *p = *str; + if (total_len < 1) + return GSS_S_DEFECTIVE_TOKEN; if (*p++ != 0x60) return GSS_S_DEFECTIVE_TOKEN; e = der_get_length (p, total_len - 1, &len, &len_len); if (e || 1 + len_len + len != total_len) - abort (); + return GSS_S_DEFECTIVE_TOKEN; p += len_len; if (*p++ != 0x06) return GSS_S_DEFECTIVE_TOKEN; e = der_get_length (p, total_len - 1 - len_len - 1, &mech_len, &foo); if (e) - abort (); + return GSS_S_DEFECTIVE_TOKEN; p += foo; if (mech_len != GSS_KRB5_MECHANISM->length) return GSS_S_BAD_MECH; diff --git a/crypto/heimdal/lib/gssapi/encapsulate.c b/crypto/heimdal/lib/gssapi/encapsulate.c index 1b8636bc..2732b23 100644 --- a/crypto/heimdal/lib/gssapi/encapsulate.c +++ b/crypto/heimdal/lib/gssapi/encapsulate.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "gssapi_locl.h" -RCSID("$Id: encapsulate.c,v 1.4 1999/12/02 17:05:03 joda Exp $"); +RCSID("$Id: encapsulate.c,v 1.5 2000/08/27 02:46:23 assar Exp $"); void gssapi_krb5_encap_length (size_t data_len, @@ -78,7 +78,7 @@ gssapi_krb5_make_header (u_char *p, OM_uint32 gssapi_krb5_encapsulate( - krb5_data *in_data, + const krb5_data *in_data, gss_buffer_t output_token, u_char *type ) @@ -95,6 +95,5 @@ gssapi_krb5_encapsulate( p = gssapi_krb5_make_header (output_token->value, len, type); memcpy (p, in_data->data, in_data->length); - krb5_data_free (in_data); return GSS_S_COMPLETE; } diff --git a/crypto/heimdal/lib/gssapi/export_sec_context.c b/crypto/heimdal/lib/gssapi/export_sec_context.c index d982be7..7116f95 100644 --- a/crypto/heimdal/lib/gssapi/export_sec_context.c +++ b/crypto/heimdal/lib/gssapi/export_sec_context.c @@ -33,7 +33,7 @@ #include "gssapi_locl.h" -RCSID("$Id: export_sec_context.c,v 1.2 2000/02/12 21:25:24 assar Exp $"); +RCSID("$Id: export_sec_context.c,v 1.3 2000/07/08 11:42:22 assar Exp $"); OM_uint32 gss_export_sec_context ( @@ -44,8 +44,6 @@ gss_export_sec_context ( { krb5_storage *sp; krb5_auth_context ac; - unsigned char auth_buf[1024]; - size_t sz; int ret; krb5_data data; gss_buffer_desc buffer; @@ -97,16 +95,21 @@ gss_export_sec_context ( krb5_store_int32 (sp, ac->remote_seqnumber); #if 0 - ret = encode_Authenticator (auth_buf, sizeof(auth_buf), - ac->authenticator, &sz); - if (ret) { - krb5_storage_free (sp); - *minor_status = ret; - return GSS_S_FAILURE; + { + size_t sz; + unsigned char auth_buf[1024]; + + ret = encode_Authenticator (auth_buf, sizeof(auth_buf), + ac->authenticator, &sz); + if (ret) { + krb5_storage_free (sp); + *minor_status = ret; + return GSS_S_FAILURE; + } + data.data = auth_buf; + data.length = sz; + krb5_store_data (sp, data); } - data.data = auth_buf; - data.length = sz; - krb5_store_data (sp, data); #endif krb5_store_int32 (sp, ac->keytype); krb5_store_int32 (sp, ac->cksumtype); diff --git a/crypto/heimdal/lib/gssapi/external.c b/crypto/heimdal/lib/gssapi/external.c index 19e8306..dca35ea 100644 --- a/crypto/heimdal/lib/gssapi/external.c +++ b/crypto/heimdal/lib/gssapi/external.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "gssapi_locl.h" -RCSID("$Id: external.c,v 1.4 1999/12/02 17:05:03 joda Exp $"); +RCSID("$Id: external.c,v 1.5 2000/07/22 03:45:28 assar Exp $"); /* * The implementation must reserve static storage for a @@ -94,15 +94,38 @@ gss_OID GSS_C_NT_STRING_UID_NAME = &gss_c_nt_string_uid_name_oid_desc; * gss_OID_desc object containing the value * {6, (void *)"\x2b\x06\x01\x05\x06\x02"}, * corresponding to an object-identifier value of - * {1(iso), 3(org), 6(dod), 1(internet), 5(security), - * 6(nametypes), 2(gss-host-based-services)}. The constant - * GSS_C_NT_HOSTBASED_SERVICE should be initialized to point - * to that gss_OID_desc. + * {iso(1) org(3) dod(6) internet(1) security(5) + * nametypes(6) gss-host-based-services(2)). The constant + * GSS_C_NT_HOSTBASED_SERVICE_X should be initialized to point + * to that gss_OID_desc. This is a deprecated OID value, and + * implementations wishing to support hostbased-service names + * should instead use the GSS_C_NT_HOSTBASED_SERVICE OID, + * defined below, to identify such names; + * GSS_C_NT_HOSTBASED_SERVICE_X should be accepted a synonym + * for GSS_C_NT_HOSTBASED_SERVICE when presented as an input + * parameter, but should not be emitted by GSS-API + * implementations */ -static gss_OID_desc gss_c_nt_hostbased_service_oid_desc = +static gss_OID_desc gss_c_nt_hostbased_service_x_oid_desc = {6, (void *)"\x2b\x06\x01\x05\x06\x02"}; +gss_OID GSS_C_NT_HOSTBASED_SERVICE_X = &gss_c_nt_hostbased_service_x_oid_desc; + +/* + * The implementation must reserve static storage for a + * gss_OID_desc object containing the value + * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" + * "\x01\x02\x01\x04"}, corresponding to an + * object-identifier value of {iso(1) member-body(2) + * Unites States(840) mit(113554) infosys(1) gssapi(2) + * generic(1) service_name(4)}. The constant + * GSS_C_NT_HOSTBASED_SERVICE should be initialized + * to point to that gss_OID_desc. + */ +static gss_OID_desc gss_c_nt_hostbased_service_oid_desc = +{10, (void *)"\x2a\x86\x48\x86\xf7\x12" "\x01\x02\x01\x04"}; + gss_OID GSS_C_NT_HOSTBASED_SERVICE = &gss_c_nt_hostbased_service_oid_desc; /* diff --git a/crypto/heimdal/lib/gssapi/get_mic.c b/crypto/heimdal/lib/gssapi/get_mic.c index 8dd1b6f..a211004 100644 --- a/crypto/heimdal/lib/gssapi/get_mic.c +++ b/crypto/heimdal/lib/gssapi/get_mic.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,21 +33,23 @@ #include "gssapi_locl.h" -RCSID("$Id: get_mic.c,v 1.11 2000/01/25 23:19:22 assar Exp $"); +RCSID("$Id: get_mic.c,v 1.15 2001/01/29 02:08:58 assar Exp $"); -OM_uint32 gss_get_mic +static OM_uint32 +mic_des (OM_uint32 * minor_status, const gss_ctx_id_t context_handle, gss_qop_t qop_req, const gss_buffer_t message_buffer, - gss_buffer_t message_token + gss_buffer_t message_token, + krb5_keyblock *key ) { u_char *p; MD5_CTX md5; u_char hash[16]; des_key_schedule schedule; - des_cblock key; + des_cblock deskey; des_cblock zero; int32_t seq_number; size_t len, total_len; @@ -56,42 +58,44 @@ OM_uint32 gss_get_mic message_token->length = total_len; message_token->value = malloc (total_len); - if (message_token->value == NULL) + if (message_token->value == NULL) { + *minor_status = ENOMEM; return GSS_S_FAILURE; + } p = gssapi_krb5_make_header(message_token->value, len, - "\x01\x01"); + "\x01\x01"); /* TOK_ID */ - memcpy (p, "\x00\x00", 2); + memcpy (p, "\x00\x00", 2); /* SGN_ALG = DES MAC MD5 */ p += 2; - memcpy (p, "\xff\xff\xff\xff", 4); + + memcpy (p, "\xff\xff\xff\xff", 4); /* Filler */ p += 4; - /* Fill in later */ + /* Fill in later (SND-SEQ) */ memset (p, 0, 16); p += 16; /* checksum */ - MD5Init (&md5); - MD5Update (&md5, p - 24, 8); - MD5Update (&md5, message_buffer->value, - message_buffer->length); - MD5Final (hash, &md5); + MD5_Init (&md5); + MD5_Update (&md5, p - 24, 8); + MD5_Update (&md5, message_buffer->value, message_buffer->length); + MD5_Final (hash, &md5); memset (&zero, 0, sizeof(zero)); - gss_krb5_getsomekey(context_handle, &key); - des_set_key (&key, schedule); - des_cbc_cksum ((const void *)hash, (void *)hash, sizeof(hash), + memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); + des_set_key (&deskey, schedule); + des_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), schedule, &zero); - memcpy (p - 8, hash, 8); + memcpy (p - 8, hash, 8); /* SGN_CKSUM */ /* sequence number */ krb5_auth_getlocalseqnumber (gssapi_krb5_context, context_handle->auth_context, &seq_number); - p -= 16; + p -= 16; /* SND_SEQ */ p[0] = (seq_number >> 0) & 0xFF; p[1] = (seq_number >> 8) & 0xFF; p[2] = (seq_number >> 16) & 0xFF; @@ -100,16 +104,178 @@ OM_uint32 gss_get_mic (context_handle->more_flags & LOCAL) ? 0 : 0xFF, 4); - des_set_key (&key, schedule); - des_cbc_encrypt ((const void *)p, (void *)p, 8, + des_set_key (&deskey, schedule); + des_cbc_encrypt ((void *)p, (void *)p, 8, schedule, (des_cblock *)(p + 8), DES_ENCRYPT); krb5_auth_setlocalseqnumber (gssapi_krb5_context, context_handle->auth_context, ++seq_number); - memset (key, 0, sizeof(key)); + memset (deskey, 0, sizeof(deskey)); memset (schedule, 0, sizeof(schedule)); return GSS_S_COMPLETE; } + +static OM_uint32 +mic_des3 + (OM_uint32 * minor_status, + const gss_ctx_id_t context_handle, + gss_qop_t qop_req, + const gss_buffer_t message_buffer, + gss_buffer_t message_token, + krb5_keyblock *key + ) +{ + u_char *p; + Checksum cksum; + u_char seq[8]; + + int32_t seq_number; + size_t len, total_len; + + krb5_crypto crypto; + krb5_error_code kret; + krb5_data encdata; + char *tmp; + + gssapi_krb5_encap_length (36, &len, &total_len); + + message_token->length = total_len; + message_token->value = malloc (total_len); + if (message_token->value == NULL) { + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + + p = gssapi_krb5_make_header(message_token->value, + len, + "\x01\x01"); /* TOK-ID */ + + memcpy (p, "\x04\x00", 2); /* SGN_ALG = HMAC SHA1 DES3-KD */ + p += 2; + + memcpy (p, "\xff\xff\xff\xff", 4); /* filler */ + p += 4; + + /* this should be done in parts */ + + tmp = malloc (message_buffer->length + 8); + if (tmp == NULL) { + free (message_token->value); + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + memcpy (tmp, p - 8, 8); + memcpy (tmp + 8, message_buffer->value, message_buffer->length); + + kret = krb5_crypto_init(gssapi_krb5_context, key, 0, &crypto); + if (kret) { + free (message_token->value); + free (tmp); + *minor_status = kret; + return GSS_S_FAILURE; + } + + kret = krb5_create_checksum (gssapi_krb5_context, + crypto, + KRB5_KU_USAGE_SIGN, + tmp, + message_buffer->length + 8, + &cksum); + free (tmp); + krb5_crypto_destroy (gssapi_krb5_context, crypto); + if (kret) { + free (message_token->value); + *minor_status = kret; + return GSS_S_FAILURE; + } + + memcpy (p + 8, cksum.checksum.data, cksum.checksum.length); + + /* sequence number */ + krb5_auth_getlocalseqnumber (gssapi_krb5_context, + context_handle->auth_context, + &seq_number); + + seq[0] = (seq_number >> 0) & 0xFF; + seq[1] = (seq_number >> 8) & 0xFF; + seq[2] = (seq_number >> 16) & 0xFF; + seq[3] = (seq_number >> 24) & 0xFF; + memset (seq + 4, + (context_handle->more_flags & LOCAL) ? 0 : 0xFF, + 4); + + kret = krb5_crypto_init(gssapi_krb5_context, key, + ETYPE_DES3_CBC_NONE, &crypto); + if (kret) { + free (message_token->value); + *minor_status = kret; + return GSS_S_FAILURE; + } + + kret = krb5_encrypt (gssapi_krb5_context, + crypto, + KRB5_KU_USAGE_SEQ, + seq, 8, &encdata); + krb5_crypto_destroy (gssapi_krb5_context, crypto); + if (kret) { + free (message_token->value); + *minor_status = kret; + return GSS_S_FAILURE; + } + + assert (encdata.length == 8); + + memcpy (p, encdata.data, encdata.length); + krb5_data_free (&encdata); + + p += 8 + cksum.checksum.length; + + memcpy (p, message_buffer->value, message_buffer->length); + + krb5_auth_setlocalseqnumber (gssapi_krb5_context, + context_handle->auth_context, + ++seq_number); + + free_Checksum (&cksum); + return GSS_S_COMPLETE; +} + +OM_uint32 gss_get_mic + (OM_uint32 * minor_status, + const gss_ctx_id_t context_handle, + gss_qop_t qop_req, + const gss_buffer_t message_buffer, + gss_buffer_t message_token + ) +{ + krb5_keyblock *key; + OM_uint32 ret; + krb5_keytype keytype; + + ret = gss_krb5_getsomekey(context_handle, &key); + if (ret) { + *minor_status = ret; + return GSS_S_FAILURE; + } + krb5_enctype_to_keytype (gssapi_krb5_context, key->keytype, &keytype); + + switch (keytype) { + case KEYTYPE_DES : + ret = mic_des (minor_status, context_handle, qop_req, + message_buffer, message_token, key); + break; + case KEYTYPE_DES3 : + ret = mic_des3 (minor_status, context_handle, qop_req, + message_buffer, message_token, key); + break; + default : + *minor_status = KRB5_PROG_ETYPE_NOSUPP; + ret = GSS_S_FAILURE; + break; + } + krb5_free_keyblock (gssapi_krb5_context, key); + return ret; +} diff --git a/crypto/heimdal/lib/gssapi/gssapi.h b/crypto/heimdal/lib/gssapi/gssapi.h index 4c1b606..156a511 100644 --- a/crypto/heimdal/lib/gssapi/gssapi.h +++ b/crypto/heimdal/lib/gssapi/gssapi.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -31,7 +31,7 @@ * SUCH DAMAGE. */ -/* $Id: gssapi.h,v 1.14 1999/12/02 17:05:03 joda Exp $ */ +/* $Id: gssapi.h,v 1.20 2001/01/30 00:35:48 assar Exp $ */ #ifndef GSSAPI_H_ #define GSSAPI_H_ @@ -55,6 +55,8 @@ typedef u_int32_t OM_uint32; +typedef u_int32_t gss_uint32; + /* * This is to avoid having to include */ @@ -89,6 +91,8 @@ typedef struct gss_OID_set_desc_struct { struct krb5_keytab_data; +struct krb5_ccache_data; + typedef int gss_cred_usage_t; typedef struct gss_cred_id_t_desc_struct { @@ -97,6 +101,7 @@ typedef struct gss_cred_id_t_desc_struct { OM_uint32 lifetime; gss_cred_usage_t usage; gss_OID_set mechanisms; + struct krb5_ccache_data *ccache; } gss_cred_id_t_desc; typedef gss_cred_id_t_desc *gss_cred_id_t; @@ -203,6 +208,9 @@ typedef OM_uint32 gss_qop_t; */ #define GSS_C_QOP_DEFAULT 0 +#define GSS_KRB5_CONF_C_QOP_DES 0x0100 +#define GSS_KRB5_CONF_C_QOP_DES3_KD 0x0200 + /* * Expiration time of 2^32-1 seconds means infinite lifetime for a * credential or security context @@ -253,10 +261,30 @@ extern gss_OID GSS_C_NT_STRING_UID_NAME; * gss_OID_desc object containing the value * {6, (void *)"\x2b\x06\x01\x05\x06\x02"}, * corresponding to an object-identifier value of - * {1(iso), 3(org), 6(dod), 1(internet), 5(security), - * 6(nametypes), 2(gss-host-based-services)}. The constant - * GSS_C_NT_HOSTBASED_SERVICE should be initialized to point - * to that gss_OID_desc. + * {iso(1) org(3) dod(6) internet(1) security(5) + * nametypes(6) gss-host-based-services(2)). The constant + * GSS_C_NT_HOSTBASED_SERVICE_X should be initialized to point + * to that gss_OID_desc. This is a deprecated OID value, and + * implementations wishing to support hostbased-service names + * should instead use the GSS_C_NT_HOSTBASED_SERVICE OID, + * defined below, to identify such names; + * GSS_C_NT_HOSTBASED_SERVICE_X should be accepted a synonym + * for GSS_C_NT_HOSTBASED_SERVICE when presented as an input + * parameter, but should not be emitted by GSS-API + * implementations + */ +extern gss_OID GSS_C_NT_HOSTBASED_SERVICE_X; + +/* + * The implementation must reserve static storage for a + * gss_OID_desc object containing the value + * {10, (void *)"\x2a\x86\x48\x86\xf7\x12" + * "\x01\x02\x01\x04"}, corresponding to an + * object-identifier value of {iso(1) member-body(2) + * Unites States(840) mit(113554) infosys(1) gssapi(2) + * generic(1) service_name(4)}. The constant + * GSS_C_NT_HOSTBASED_SERVICE should be initialized + * to point to that gss_OID_desc. */ extern gss_OID GSS_C_NT_HOSTBASED_SERVICE; @@ -295,6 +323,10 @@ extern gss_OID GSS_KRB5_NT_STRING_UID_NAME; extern gss_OID GSS_KRB5_MECHANISM; +/* for compatibility with MIT api */ + +#define gss_mech_krb5 GSS_KRB5_MECHANISM + /* Major status codes */ #define GSS_S_COMPLETE 0 @@ -739,4 +771,9 @@ OM_uint32 gss_unseal OM_uint32 gsskrb5_register_acceptor_identity (char *identity); +OM_uint32 gss_krb5_copy_ccache + (OM_uint32 *minor, + gss_cred_id_t cred, + struct krb5_ccache_data *out); + #endif /* GSSAPI_H_ */ diff --git a/crypto/heimdal/lib/gssapi/gssapi_locl.h b/crypto/heimdal/lib/gssapi/gssapi_locl.h index 53f9cdc..d8d0624 100644 --- a/crypto/heimdal/lib/gssapi/gssapi_locl.h +++ b/crypto/heimdal/lib/gssapi/gssapi_locl.h @@ -31,13 +31,14 @@ * SUCH DAMAGE. */ -/* $Id: gssapi_locl.h,v 1.12 2000/02/12 21:26:26 assar Exp $ */ +/* $Id: gssapi_locl.h,v 1.14 2000/08/27 04:19:00 assar Exp $ */ #ifndef GSSAPI_LOCL_H #define GSSAPI_LOCL_H #include #include +#include extern krb5_context gssapi_krb5_context; @@ -47,17 +48,19 @@ krb5_error_code gssapi_krb5_create_8003_checksum ( const gss_channel_bindings_t input_chan_bindings, OM_uint32 flags, + krb5_data *fwd_data, Checksum *result); krb5_error_code gssapi_krb5_verify_8003_checksum ( const gss_channel_bindings_t input_chan_bindings, Checksum *cksum, - OM_uint32 *flags); + OM_uint32 *flags, + krb5_data *fwd_data); OM_uint32 gssapi_krb5_encapsulate( - krb5_data *in_data, + const krb5_data *in_data, gss_buffer_t output_token, u_char *type); @@ -84,7 +87,13 @@ gssapi_krb5_verify_header(u_char **str, OM_uint32 gss_krb5_getsomekey(const gss_ctx_id_t context_handle, - des_cblock *key); + krb5_keyblock **key); + +krb5_error_code +gss_address_to_krb5addr(OM_uint32 gss_addr_type, + gss_buffer_desc *gss_addr, + int16_t port, + krb5_address *address); /* sec_context flags */ diff --git a/crypto/heimdal/lib/gssapi/import_sec_context.c b/crypto/heimdal/lib/gssapi/import_sec_context.c index 2667637..7d177a8 100644 --- a/crypto/heimdal/lib/gssapi/import_sec_context.c +++ b/crypto/heimdal/lib/gssapi/import_sec_context.c @@ -33,7 +33,7 @@ #include "gssapi_locl.h" -RCSID("$Id: import_sec_context.c,v 1.2 2000/02/12 21:26:00 assar Exp $"); +RCSID("$Id: import_sec_context.c,v 1.3 2000/07/08 11:56:03 assar Exp $"); OM_uint32 gss_import_sec_context ( @@ -51,7 +51,6 @@ gss_import_sec_context ( krb5_data data; gss_buffer_desc buffer; krb5_keyblock keyblock; - size_t sz; int32_t tmp; int32_t flags; @@ -121,21 +120,25 @@ gss_import_sec_context ( krb5_ret_int32 (sp, &ac->remote_seqnumber); #if 0 - krb5_ret_data (sp, &data); - ac->authenticator = malloc (sizeof (*ac->authenticator)); - if (ac->authenticator == NULL) { - *minor_status = ENOMEM; - ret = GSS_S_FAILURE; - goto failure; - } - - kret = decode_Authenticator (data.data, data.length, - ac->authenticator, &sz); - krb5_data_free (&data); - if (kret) { - *minor_status = kret; - ret = GSS_S_FAILURE; - goto failure; + { + size_t sz; + + krb5_ret_data (sp, &data); + ac->authenticator = malloc (sizeof (*ac->authenticator)); + if (ac->authenticator == NULL) { + *minor_status = ENOMEM; + ret = GSS_S_FAILURE; + goto failure; + } + + kret = decode_Authenticator (data.data, data.length, + ac->authenticator, &sz); + krb5_data_free (&data); + if (kret) { + *minor_status = kret; + ret = GSS_S_FAILURE; + goto failure; + } } #endif diff --git a/crypto/heimdal/lib/gssapi/init.c b/crypto/heimdal/lib/gssapi/init.c index 2c01490..6b19c46 100644 --- a/crypto/heimdal/lib/gssapi/init.c +++ b/crypto/heimdal/lib/gssapi/init.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,11 +33,15 @@ #include "gssapi_locl.h" -RCSID("$Id: init.c,v 1.4 1999/12/02 17:05:04 joda Exp $"); +RCSID("$Id: init.c,v 1.5 2000/12/31 07:58:37 assar Exp $"); void gssapi_krb5_init (void) { - if(gssapi_krb5_context == NULL) - krb5_init_context (&gssapi_krb5_context); + krb5_error_code ret; + + if(gssapi_krb5_context == NULL) { + ret = krb5_init_context (&gssapi_krb5_context); + /* and what do we do when that failed? */ + } } diff --git a/crypto/heimdal/lib/gssapi/init_sec_context.c b/crypto/heimdal/lib/gssapi/init_sec_context.c index 2f9bbc9..7b05d91 100644 --- a/crypto/heimdal/lib/gssapi/init_sec_context.c +++ b/crypto/heimdal/lib/gssapi/init_sec_context.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,24 +33,163 @@ #include "gssapi_locl.h" -RCSID("$Id: init_sec_context.c,v 1.18 1999/12/26 18:31:36 assar Exp $"); +RCSID("$Id: init_sec_context.c,v 1.25 2001/01/30 22:49:56 assar Exp $"); + +/* + * copy the addresses from `input_chan_bindings' (if any) to + * the auth context `ac' + */ + +static OM_uint32 +set_addresses (krb5_auth_context ac, + const gss_channel_bindings_t input_chan_bindings) +{ + /* Port numbers are expected to be in application_data.value, + * initator's port first */ + + krb5_address initiator_addr, acceptor_addr; + krb5_error_code kret; + + if (input_chan_bindings == GSS_C_NO_CHANNEL_BINDINGS + || input_chan_bindings->application_data.length != + 2 * sizeof(ac->local_port)) + return 0; + + memset(&initiator_addr, 0, sizeof(initiator_addr)); + memset(&acceptor_addr, 0, sizeof(acceptor_addr)); + + ac->local_port = + *(int16_t *) input_chan_bindings->application_data.value; + + ac->remote_port = + *((int16_t *) input_chan_bindings->application_data.value + 1); + + kret = gss_address_to_krb5addr(input_chan_bindings->acceptor_addrtype, + &input_chan_bindings->acceptor_address, + ac->remote_port, + &acceptor_addr); + if (kret) + return kret; + + kret = gss_address_to_krb5addr(input_chan_bindings->initiator_addrtype, + &input_chan_bindings->initiator_address, + ac->local_port, + &initiator_addr); + if (kret) { + krb5_free_address (gssapi_krb5_context, &acceptor_addr); + return kret; + } + + kret = krb5_auth_con_setaddrs(gssapi_krb5_context, + ac, + &initiator_addr, /* local address */ + &acceptor_addr); /* remote address */ + + krb5_free_address (gssapi_krb5_context, &initiator_addr); + krb5_free_address (gssapi_krb5_context, &acceptor_addr); + +#if 0 + free(input_chan_bindings->application_data.value); + input_chan_bindings->application_data.value = NULL; + input_chan_bindings->application_data.length = 0; +#endif + + return kret; +} + +/* + * handle delegated creds in init-sec-context + */ + +static void +do_delegation (krb5_auth_context ac, + krb5_ccache ccache, + krb5_creds *cred, + const gss_name_t target_name, + krb5_data *fwd_data, + int *flags) +{ + krb5_creds creds; + krb5_kdc_flags fwd_flags; + krb5_keyblock *subkey; + krb5_error_code kret; + + memset (&creds, 0, sizeof(creds)); + krb5_data_zero (fwd_data); + + kret = krb5_generate_subkey (gssapi_krb5_context, &cred->session, &subkey); + if (kret) + goto out; + + kret = krb5_auth_con_setlocalsubkey(gssapi_krb5_context, ac, subkey); + krb5_free_keyblock (gssapi_krb5_context, subkey); + if (kret) + goto out; + + kret = krb5_cc_get_principal(gssapi_krb5_context, ccache, &creds.client); + if (kret) + goto out; + + kret = krb5_build_principal(gssapi_krb5_context, + &creds.server, + strlen(creds.client->realm), + creds.client->realm, + KRB5_TGS_NAME, + creds.client->realm, + NULL); + if (kret) + goto out; + + creds.times.endtime = 0; + + fwd_flags.i = 0; + fwd_flags.b.forwarded = 1; + fwd_flags.b.forwardable = 1; + + if ( /*target_name->name.name_type != KRB5_NT_SRV_HST ||*/ + target_name->name.name_string.len < 2) + goto out; + + kret = krb5_get_forwarded_creds(gssapi_krb5_context, + ac, + ccache, + fwd_flags.i, + target_name->name.name_string.val[1], + &creds, + fwd_data); + + out: + if (kret) + *flags &= ~GSS_C_DELEG_FLAG; + else + *flags |= GSS_C_DELEG_FLAG; + + if (creds.client) + krb5_free_principal(gssapi_krb5_context, creds.client); + if (creds.server) + krb5_free_principal(gssapi_krb5_context, creds.server); +} + +/* + * first stage of init-sec-context + */ static OM_uint32 init_auth - (OM_uint32 * minor_status, - const gss_cred_id_t initiator_cred_handle, - gss_ctx_id_t * context_handle, - const gss_name_t target_name, - const gss_OID mech_type, - OM_uint32 req_flags, - OM_uint32 time_req, - const gss_channel_bindings_t input_chan_bindings, - const gss_buffer_t input_token, - gss_OID * actual_mech_type, - gss_buffer_t output_token, - OM_uint32 * ret_flags, - OM_uint32 * time_rec - ) +(OM_uint32 * minor_status, + const gss_cred_id_t initiator_cred_handle, + gss_ctx_id_t * context_handle, + const gss_name_t target_name, + const gss_OID mech_type, + OM_uint32 req_flags, + OM_uint32 time_req, + const gss_channel_bindings_t input_chan_bindings, + const gss_buffer_t input_token, + gss_OID * actual_mech_type, + gss_buffer_t output_token, + OM_uint32 * ret_flags, + OM_uint32 * time_rec + ) { OM_uint32 ret = GSS_S_FAILURE; krb5_error_code kret; @@ -63,12 +202,13 @@ init_auth krb5_data authenticator; Checksum cksum; krb5_enctype enctype; + krb5_data fwd_data; output_token->length = 0; output_token->value = NULL; - outbuf.length = 0; - outbuf.data = NULL; + krb5_data_zero(&outbuf); + krb5_data_zero(&fwd_data); *minor_status = 0; @@ -78,12 +218,12 @@ init_auth return GSS_S_FAILURE; } - (*context_handle)->auth_context = NULL; - (*context_handle)->source = NULL; - (*context_handle)->target = NULL; - (*context_handle)->flags = 0; - (*context_handle)->more_flags = 0; - (*context_handle)->ticket = NULL; + (*context_handle)->auth_context = NULL; + (*context_handle)->source = NULL; + (*context_handle)->target = NULL; + (*context_handle)->flags = 0; + (*context_handle)->more_flags = 0; + (*context_handle)->ticket = NULL; kret = krb5_auth_con_init (gssapi_krb5_context, &(*context_handle)->auth_context); @@ -93,6 +233,14 @@ init_auth goto failure; } + kret = set_addresses ((*context_handle)->auth_context, + input_chan_bindings); + if (kret) { + *minor_status = kret; + ret = GSS_S_BAD_BINDINGS; + goto failure; + } + { int32_t tmp; @@ -108,36 +256,15 @@ init_auth if (actual_mech_type) *actual_mech_type = GSS_KRB5_MECHANISM; - flags = 0; - ap_options = 0; - if (req_flags & GSS_C_DELEG_FLAG) - ; /* XXX */ - if (req_flags & GSS_C_MUTUAL_FLAG) { - flags |= GSS_C_MUTUAL_FLAG; - ap_options |= AP_OPTS_MUTUAL_REQUIRED; - } - if (req_flags & GSS_C_REPLAY_FLAG) - ; /* XXX */ - if (req_flags & GSS_C_SEQUENCE_FLAG) - ; /* XXX */ - if (req_flags & GSS_C_ANON_FLAG) - ; /* XXX */ - flags |= GSS_C_CONF_FLAG; - flags |= GSS_C_INTEG_FLAG; - flags |= GSS_C_SEQUENCE_FLAG; - flags |= GSS_C_TRANS_FLAG; - - if (ret_flags) - *ret_flags = flags; - (*context_handle)->flags = flags; - (*context_handle)->more_flags = LOCAL; - - kret = krb5_cc_default (gssapi_krb5_context, &ccache); - if (kret) { - *minor_status = kret; - ret = GSS_S_FAILURE; - goto failure; - } + if (initiator_cred_handle == GSS_C_NO_CREDENTIAL) { + kret = krb5_cc_default (gssapi_krb5_context, &ccache); + if (kret) { + *minor_status = kret; + ret = GSS_S_FAILURE; + goto failure; + } + } else + ccache = initiator_cred_handle->ccache; kret = krb5_cc_get_principal (gssapi_krb5_context, ccache, @@ -160,8 +287,14 @@ init_auth memset(&this_cred, 0, sizeof(this_cred)); this_cred.client = (*context_handle)->source; this_cred.server = (*context_handle)->target; - this_cred.times.endtime = 0; - this_cred.session.keytype = ETYPE_DES_CBC_CRC; + if (time_req) { + krb5_timestamp ts; + + krb5_timeofday (gssapi_krb5_context, &ts); + this_cred.times.endtime = ts + time_req; + } else + this_cred.times.endtime = 0; + this_cred.session.keytype = 0; kret = krb5_get_credentials (gssapi_krb5_context, KRB5_TC_MATCH_KEYTYPE, @@ -179,9 +312,38 @@ init_auth (*context_handle)->auth_context, &cred->session); + flags = 0; + ap_options = 0; + if (req_flags & GSS_C_DELEG_FLAG) + do_delegation ((*context_handle)->auth_context, + ccache, cred, target_name, &fwd_data, &flags); + + if (req_flags & GSS_C_MUTUAL_FLAG) { + flags |= GSS_C_MUTUAL_FLAG; + ap_options |= AP_OPTS_MUTUAL_REQUIRED; + } + + if (req_flags & GSS_C_REPLAY_FLAG) + ; /* XXX */ + if (req_flags & GSS_C_SEQUENCE_FLAG) + ; /* XXX */ + if (req_flags & GSS_C_ANON_FLAG) + ; /* XXX */ + flags |= GSS_C_CONF_FLAG; + flags |= GSS_C_INTEG_FLAG; + flags |= GSS_C_SEQUENCE_FLAG; + flags |= GSS_C_TRANS_FLAG; + + if (ret_flags) + *ret_flags = flags; + (*context_handle)->flags = flags; + (*context_handle)->more_flags = LOCAL; + kret = gssapi_krb5_create_8003_checksum (input_chan_bindings, flags, + &fwd_data, &cksum); + krb5_data_free (&fwd_data); if (kret) { *minor_status = kret; ret = GSS_S_FAILURE; @@ -202,15 +364,14 @@ init_auth } #endif - - kret = krb5_build_authenticator (gssapi_krb5_context, (*context_handle)->auth_context, enctype, cred, &cksum, &auth, - &authenticator); + &authenticator, + KRB5_KU_AP_REQ_AUTH); if (kret) { *minor_status = kret; @@ -231,14 +392,14 @@ init_auth goto failure; } - ret = gssapi_krb5_encapsulate (&outbuf, - output_token, - "\x01\x00"); + ret = gssapi_krb5_encapsulate (&outbuf, output_token, "\x01\x00"); if (ret) { *minor_status = kret; goto failure; } + krb5_data_free (&outbuf); + if (flags & GSS_C_MUTUAL_FLAG) { return GSS_S_CONTINUE_NEEDED; } else { @@ -246,7 +407,7 @@ init_auth return GSS_S_COMPLETE; } -failure: + failure: krb5_auth_con_free (gssapi_krb5_context, (*context_handle)->auth_context); if((*context_handle)->source) @@ -278,33 +439,31 @@ repl_mutual OM_uint32 * time_rec ) { - OM_uint32 ret; - krb5_error_code kret; - krb5_data indata; - krb5_ap_rep_enc_part *repl; - - ret = gssapi_krb5_decapsulate (input_token, - &indata, - "\x02\x00"); - if (ret) { + OM_uint32 ret; + krb5_error_code kret; + krb5_data indata; + krb5_ap_rep_enc_part *repl; + + ret = gssapi_krb5_decapsulate (input_token, &indata, "\x02\x00"); + if (ret) { /* XXX - Handle AP_ERROR */ - return GSS_S_FAILURE; - } + return GSS_S_FAILURE; + } - kret = krb5_rd_rep (gssapi_krb5_context, - (*context_handle)->auth_context, - &indata, - &repl); - if (kret) - return GSS_S_FAILURE; - krb5_free_ap_rep_enc_part (gssapi_krb5_context, - repl); + kret = krb5_rd_rep (gssapi_krb5_context, + (*context_handle)->auth_context, + &indata, + &repl); + if (kret) + return GSS_S_FAILURE; + krb5_free_ap_rep_enc_part (gssapi_krb5_context, + repl); - output_token->length = 0; + output_token->length = 0; - (*context_handle)->more_flags |= OPEN; + (*context_handle)->more_flags |= OPEN; - return GSS_S_COMPLETE; + return GSS_S_COMPLETE; } /* @@ -327,34 +486,34 @@ OM_uint32 gss_init_sec_context OM_uint32 * time_rec ) { - gssapi_krb5_init (); - - if (input_token == GSS_C_NO_BUFFER || input_token->length == 0) - return init_auth (minor_status, - initiator_cred_handle, - context_handle, - target_name, - mech_type, - req_flags, - time_req, - input_chan_bindings, - input_token, - actual_mech_type, - output_token, - ret_flags, - time_rec); - else - return repl_mutual(minor_status, - initiator_cred_handle, - context_handle, - target_name, - mech_type, - req_flags, - time_req, - input_chan_bindings, - input_token, - actual_mech_type, - output_token, - ret_flags, - time_rec); + gssapi_krb5_init (); + + if (input_token == GSS_C_NO_BUFFER || input_token->length == 0) + return init_auth (minor_status, + initiator_cred_handle, + context_handle, + target_name, + mech_type, + req_flags, + time_req, + input_chan_bindings, + input_token, + actual_mech_type, + output_token, + ret_flags, + time_rec); + else + return repl_mutual(minor_status, + initiator_cred_handle, + context_handle, + target_name, + mech_type, + req_flags, + time_req, + input_chan_bindings, + input_token, + actual_mech_type, + output_token, + ret_flags, + time_rec); } diff --git a/crypto/heimdal/lib/gssapi/release_buffer.c b/crypto/heimdal/lib/gssapi/release_buffer.c index 85f971f..f399a18 100644 --- a/crypto/heimdal/lib/gssapi/release_buffer.c +++ b/crypto/heimdal/lib/gssapi/release_buffer.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "gssapi_locl.h" -RCSID("$Id: release_buffer.c,v 1.3 1999/12/02 17:05:04 joda Exp $"); +RCSID("$Id: release_buffer.c,v 1.4 2000/04/12 09:47:23 assar Exp $"); OM_uint32 gss_release_buffer (OM_uint32 * minor_status, @@ -41,6 +41,7 @@ OM_uint32 gss_release_buffer ) { free (buffer->value); + buffer->value = NULL; buffer->length = 0; return GSS_S_COMPLETE; } diff --git a/crypto/heimdal/lib/gssapi/release_cred.c b/crypto/heimdal/lib/gssapi/release_cred.c index 0ee876e..87ad512 100644 --- a/crypto/heimdal/lib/gssapi/release_cred.c +++ b/crypto/heimdal/lib/gssapi/release_cred.c @@ -33,7 +33,7 @@ #include "gssapi_locl.h" -RCSID("$Id: release_cred.c,v 1.4 1999/12/02 17:05:04 joda Exp $"); +RCSID("$Id: release_cred.c,v 1.5 2001/01/30 00:49:05 assar Exp $"); OM_uint32 gss_release_cred (OM_uint32 * minor_status, @@ -49,6 +49,8 @@ OM_uint32 gss_release_cred krb5_free_principal(gssapi_krb5_context, (*cred_handle)->principal); if ((*cred_handle)->keytab != NULL) krb5_kt_close(gssapi_krb5_context, (*cred_handle)->keytab); + if ((*cred_handle)->ccache != NULL) + krb5_cc_close(gssapi_krb5_context, (*cred_handle)->ccache); gss_release_oid_set(NULL, &(*cred_handle)->mechanisms); free(*cred_handle); *cred_handle = GSS_C_NO_CREDENTIAL; diff --git a/crypto/heimdal/lib/gssapi/release_name.c b/crypto/heimdal/lib/gssapi/release_name.c index 7c0fcd3..ce18a91 100644 --- a/crypto/heimdal/lib/gssapi/release_name.c +++ b/crypto/heimdal/lib/gssapi/release_name.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "gssapi_locl.h" -RCSID("$Id: release_name.c,v 1.4 1999/12/02 17:05:04 joda Exp $"); +RCSID("$Id: release_name.c,v 1.5 2000/04/12 09:48:27 assar Exp $"); OM_uint32 gss_release_name (OM_uint32 * minor_status, @@ -43,5 +43,6 @@ OM_uint32 gss_release_name gssapi_krb5_init (); krb5_free_principal(gssapi_krb5_context, *input_name); + *input_name = GSS_C_NO_NAME; return GSS_S_COMPLETE; } diff --git a/crypto/heimdal/lib/gssapi/release_oid_set.c b/crypto/heimdal/lib/gssapi/release_oid_set.c index fe7171e..4225788 100644 --- a/crypto/heimdal/lib/gssapi/release_oid_set.c +++ b/crypto/heimdal/lib/gssapi/release_oid_set.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "gssapi_locl.h" -RCSID("$Id: release_oid_set.c,v 1.3 1999/12/02 17:05:04 joda Exp $"); +RCSID("$Id: release_oid_set.c,v 1.4 2000/04/19 13:06:13 assar Exp $"); OM_uint32 gss_release_oid_set (OM_uint32 * minor_status, @@ -42,5 +42,6 @@ OM_uint32 gss_release_oid_set { free ((*set)->elements); free (*set); + *set = GSS_C_NO_OID_SET; return GSS_S_COMPLETE; } diff --git a/crypto/heimdal/lib/gssapi/unwrap.c b/crypto/heimdal/lib/gssapi/unwrap.c index 210bab1..588517e 100644 --- a/crypto/heimdal/lib/gssapi/unwrap.c +++ b/crypto/heimdal/lib/gssapi/unwrap.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,11 +33,11 @@ #include "gssapi_locl.h" -RCSID("$Id: unwrap.c,v 1.11 2000/01/25 23:13:38 assar Exp $"); +RCSID("$Id: unwrap.c,v 1.15 2001/01/29 02:08:58 assar Exp $"); OM_uint32 gss_krb5_getsomekey(const gss_ctx_id_t context_handle, - des_cblock *key) + krb5_keyblock **key) { /* XXX this is ugly, and probably incorrect... */ krb5_keyblock *skey; @@ -54,18 +54,19 @@ gss_krb5_getsomekey(const gss_ctx_id_t context_handle, &skey); if(skey == NULL) return GSS_S_FAILURE; - memcpy(key, skey->keyvalue.data, sizeof(*key)); - krb5_free_keyblock(gssapi_krb5_context, skey); + *key = skey; return 0; } -OM_uint32 gss_unwrap +static OM_uint32 +unwrap_des (OM_uint32 * minor_status, const gss_ctx_id_t context_handle, const gss_buffer_t input_message_buffer, gss_buffer_t output_message_buffer, int * conf_state, - gss_qop_t * qop_state + gss_qop_t * qop_state, + krb5_keyblock *key ) { u_char *p, *pad; @@ -73,7 +74,7 @@ OM_uint32 gss_unwrap MD5_CTX md5; u_char hash[16], seq_data[8]; des_key_schedule schedule; - des_cblock key; + des_cblock deskey; des_cblock zero; int i; int32_t seq_number; @@ -109,19 +110,20 @@ OM_uint32 gss_unwrap if(cstate) { /* decrypt data */ - gss_krb5_getsomekey(context_handle, &key); - for (i = 0; i < sizeof(key); ++i) - key[i] ^= 0xf0; - des_set_key (&key, schedule); + memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); + + for (i = 0; i < sizeof(deskey); ++i) + deskey[i] ^= 0xf0; + des_set_key (&deskey, schedule); memset (&zero, 0, sizeof(zero)); - des_cbc_encrypt ((const void *)p, + des_cbc_encrypt ((void *)p, (void *)p, input_message_buffer->length - len, schedule, &zero, DES_DECRYPT); - memset (key, 0, sizeof(key)); + memset (deskey, 0, sizeof(deskey)); memset (schedule, 0, sizeof(schedule)); } /* check pad */ @@ -134,15 +136,15 @@ OM_uint32 gss_unwrap if (i != 0) return GSS_S_BAD_MIC; - MD5Init (&md5); - MD5Update (&md5, p - 24, 8); - MD5Update (&md5, p, input_message_buffer->length - len); - MD5Final (hash, &md5); + MD5_Init (&md5); + MD5_Update (&md5, p - 24, 8); + MD5_Update (&md5, p, input_message_buffer->length - len); + MD5_Final (hash, &md5); memset (&zero, 0, sizeof(zero)); - gss_krb5_getsomekey(context_handle, &key); - des_set_key (&key, schedule); - des_cbc_cksum ((const void *)hash, (void *)hash, sizeof(hash), + memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); + des_set_key (&deskey, schedule); + des_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), schedule, &zero); if (memcmp (p - 8, hash, 8) != 0) return GSS_S_BAD_MIC; @@ -161,11 +163,11 @@ OM_uint32 gss_unwrap 4); p -= 16; - des_set_key (&key, schedule); - des_cbc_encrypt ((const void *)p, (void *)p, 8, + des_set_key (&deskey, schedule); + des_cbc_encrypt ((void *)p, (void *)p, 8, schedule, (des_cblock *)hash, DES_DECRYPT); - memset (key, 0, sizeof(key)); + memset (deskey, 0, sizeof(deskey)); memset (schedule, 0, sizeof(schedule)); if (memcmp (p, seq_data, 8) != 0) { @@ -179,7 +181,7 @@ OM_uint32 gss_unwrap /* copy out data */ output_message_buffer->length = input_message_buffer->length - - len - 8 - padlength; + - len - padlength - 8; output_message_buffer->value = malloc(output_message_buffer->length); if(output_message_buffer->length != 0 && output_message_buffer->value == NULL) return GSS_S_FAILURE; @@ -188,3 +190,217 @@ OM_uint32 gss_unwrap output_message_buffer->length); return GSS_S_COMPLETE; } + +static OM_uint32 +unwrap_des3 + (OM_uint32 * minor_status, + const gss_ctx_id_t context_handle, + const gss_buffer_t input_message_buffer, + gss_buffer_t output_message_buffer, + int * conf_state, + gss_qop_t * qop_state, + krb5_keyblock *key + ) +{ + u_char *p, *pad; + size_t len; + u_char seq[8]; + krb5_data seq_data; + u_char cksum[20]; + int i; + int32_t seq_number; + size_t padlength; + OM_uint32 ret; + int cstate; + krb5_crypto crypto; + Checksum csum; + int cmp; + + p = input_message_buffer->value; + ret = gssapi_krb5_verify_header (&p, + input_message_buffer->length, + "\x02\x01"); + if (ret) + return ret; + + if (memcmp (p, "\x04\x00", 2) != 0) /* HMAC SHA1 DES3_KD */ + return GSS_S_BAD_SIG; + p += 2; + if (memcmp (p, "\x02\x00", 2) == 0) { + cstate = 1; + } else if (memcmp (p, "\xff\xff", 2) == 0) { + cstate = 0; + } else + return GSS_S_BAD_MIC; + p += 2; + if(conf_state != NULL) + *conf_state = cstate; + if (memcmp (p, "\xff\xff", 2) != 0) + return GSS_S_DEFECTIVE_TOKEN; + p += 2; + p += 28; + + len = p - (u_char *)input_message_buffer->value; + + if(cstate) { + /* decrypt data */ + krb5_data tmp; + + ret = krb5_crypto_init(gssapi_krb5_context, key, + ETYPE_DES3_CBC_NONE, &crypto); + if (ret) { + *minor_status = ret; + return GSS_S_FAILURE; + } + ret = krb5_decrypt(gssapi_krb5_context, crypto, KRB5_KU_USAGE_SEAL, + p, input_message_buffer->length - len, &tmp); + krb5_crypto_destroy(gssapi_krb5_context, crypto); + if (ret) { + *minor_status = ret; + return GSS_S_FAILURE; + } + assert (tmp.length == input_message_buffer->length - len); + + memcpy (p, tmp.data, tmp.length); + krb5_data_free(&tmp); + } + /* check pad */ + + pad = (u_char *)input_message_buffer->value + input_message_buffer->length - 1; + padlength = *pad; + + for (i = padlength; i > 0 && *pad == padlength; i--, pad--) + ; + if (i != 0) + return GSS_S_BAD_MIC; + + /* verify sequence number */ + + krb5_auth_getremoteseqnumber (gssapi_krb5_context, + context_handle->auth_context, + &seq_number); + seq[0] = (seq_number >> 0) & 0xFF; + seq[1] = (seq_number >> 8) & 0xFF; + seq[2] = (seq_number >> 16) & 0xFF; + seq[3] = (seq_number >> 24) & 0xFF; + memset (seq + 4, + (context_handle->more_flags & LOCAL) ? 0xFF : 0, + 4); + + p -= 28; + + ret = krb5_crypto_init(gssapi_krb5_context, key, + ETYPE_DES3_CBC_NONE_IVEC, &crypto); + if (ret) { + *minor_status = ret; + return GSS_S_FAILURE; + } + { + des_cblock ivec; + + memcpy(&ivec, p + 8, 8); + ret = krb5_decrypt_ivec (gssapi_krb5_context, + crypto, + KRB5_KU_USAGE_SEQ, + p, 8, &seq_data, + &ivec); + } + krb5_crypto_destroy (gssapi_krb5_context, crypto); + if (ret) { + *minor_status = ret; + return GSS_S_FAILURE; + } + if (seq_data.length != 8) { + krb5_data_free (&seq_data); + return GSS_S_BAD_MIC; + } + + cmp = memcmp (seq, seq_data.data, seq_data.length); + krb5_data_free (&seq_data); + if (cmp != 0) { + return GSS_S_BAD_MIC; + } + + krb5_auth_setremoteseqnumber (gssapi_krb5_context, + context_handle->auth_context, + ++seq_number); + + /* verify checksum */ + + memcpy (cksum, p + 8, 20); + + memcpy (p + 20, p - 8, 8); + + csum.cksumtype = CKSUMTYPE_HMAC_SHA1_DES3; + csum.checksum.length = 20; + csum.checksum.data = cksum; + + ret = krb5_crypto_init(gssapi_krb5_context, key, 0, &crypto); + if (ret) { + *minor_status = ret; + return GSS_S_FAILURE; + } + + ret = krb5_verify_checksum (gssapi_krb5_context, crypto, + KRB5_KU_USAGE_SIGN, + p + 20, + input_message_buffer->length - len + 8, + &csum); + krb5_crypto_destroy (gssapi_krb5_context, crypto); + if (ret) { + *minor_status = ret; + return GSS_S_FAILURE; + } + + /* copy out data */ + + output_message_buffer->length = input_message_buffer->length + - len - padlength - 8; + output_message_buffer->value = malloc(output_message_buffer->length); + if(output_message_buffer->length != 0 && output_message_buffer->value == NULL) + return GSS_S_FAILURE; + memcpy (output_message_buffer->value, + p + 36, + output_message_buffer->length); + return GSS_S_COMPLETE; +} + +OM_uint32 gss_unwrap + (OM_uint32 * minor_status, + const gss_ctx_id_t context_handle, + const gss_buffer_t input_message_buffer, + gss_buffer_t output_message_buffer, + int * conf_state, + gss_qop_t * qop_state + ) +{ + krb5_keyblock *key; + OM_uint32 ret; + krb5_keytype keytype; + + ret = gss_krb5_getsomekey(context_handle, &key); + if (ret) { + *minor_status = ret; + return GSS_S_FAILURE; + } + krb5_enctype_to_keytype (gssapi_krb5_context, key->keytype, &keytype); + + switch (keytype) { + case KEYTYPE_DES : + ret = unwrap_des (minor_status, context_handle, + input_message_buffer, output_message_buffer, + conf_state, qop_state, key); + break; + case KEYTYPE_DES3 : + ret = unwrap_des3 (minor_status, context_handle, + input_message_buffer, output_message_buffer, + conf_state, qop_state, key); + break; + default : + *minor_status = KRB5_PROG_ETYPE_NOSUPP; + ret = GSS_S_FAILURE; + break; + } + krb5_free_keyblock (gssapi_krb5_context, key); + return ret; +} diff --git a/crypto/heimdal/lib/gssapi/verify_mic.c b/crypto/heimdal/lib/gssapi/verify_mic.c index 1cc4c52..608de67 100644 --- a/crypto/heimdal/lib/gssapi/verify_mic.c +++ b/crypto/heimdal/lib/gssapi/verify_mic.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,22 +33,24 @@ #include "gssapi_locl.h" -RCSID("$Id: verify_mic.c,v 1.9 2000/01/25 23:14:47 assar Exp $"); +RCSID("$Id: verify_mic.c,v 1.12 2001/01/29 02:08:59 assar Exp $"); -OM_uint32 gss_verify_mic +static OM_uint32 +verify_mic_des (OM_uint32 * minor_status, const gss_ctx_id_t context_handle, const gss_buffer_t message_buffer, const gss_buffer_t token_buffer, - gss_qop_t * qop_state + gss_qop_t * qop_state, + krb5_keyblock *key ) { u_char *p; MD5_CTX md5; u_char hash[16], seq_data[8]; des_key_schedule schedule; - des_cblock key; des_cblock zero; + des_cblock deskey; int32_t seq_number; OM_uint32 ret; @@ -68,25 +70,20 @@ OM_uint32 gss_verify_mic p += 16; /* verify checksum */ - MD5Init (&md5); - MD5Update (&md5, p - 24, 8); - MD5Update (&md5, message_buffer->value, + MD5_Init (&md5); + MD5_Update (&md5, p - 24, 8); + MD5_Update (&md5, message_buffer->value, message_buffer->length); - MD5Final (hash, &md5); + MD5_Final (hash, &md5); memset (&zero, 0, sizeof(zero)); -#if 0 - memcpy (&key, context_handle->auth_context->key.keyvalue.data, - sizeof(key)); -#endif - memcpy (&key, context_handle->auth_context->remote_subkey->keyvalue.data, - sizeof(key)); - - des_set_key (&key, schedule); - des_cbc_cksum ((const void *)hash, (void *)hash, sizeof(hash), + memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); + + des_set_key (&deskey, schedule); + des_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), schedule, &zero); if (memcmp (p - 8, hash, 8) != 0) { - memset (key, 0, sizeof(key)); + memset (deskey, 0, sizeof(deskey)); memset (schedule, 0, sizeof(schedule)); return GSS_S_BAD_MIC; } @@ -105,11 +102,11 @@ OM_uint32 gss_verify_mic 4); p -= 16; - des_set_key (&key, schedule); - des_cbc_encrypt ((const void *)p, (void *)p, 8, + des_set_key (&deskey, schedule); + des_cbc_encrypt ((void *)p, (void *)p, 8, schedule, (des_cblock *)hash, DES_DECRYPT); - memset (key, 0, sizeof(key)); + memset (deskey, 0, sizeof(deskey)); memset (schedule, 0, sizeof(schedule)); if (memcmp (p, seq_data, 8) != 0) { @@ -122,3 +119,153 @@ OM_uint32 gss_verify_mic return GSS_S_COMPLETE; } + +static OM_uint32 +verify_mic_des3 + (OM_uint32 * minor_status, + const gss_ctx_id_t context_handle, + const gss_buffer_t message_buffer, + const gss_buffer_t token_buffer, + gss_qop_t * qop_state, + krb5_keyblock *key + ) +{ + u_char *p; + u_char seq[8]; + int32_t seq_number; + OM_uint32 ret; + krb5_crypto crypto; + krb5_data seq_data; + int cmp; + Checksum csum; + char *tmp; + + p = token_buffer->value; + ret = gssapi_krb5_verify_header (&p, + token_buffer->length, + "\x01\x01"); + if (ret) + return ret; + + if (memcmp(p, "\x04\x00", 2) != 0) /* SGN_ALG = HMAC SHA1 DES3-KD */ + return GSS_S_BAD_SIG; + p += 2; + if (memcmp (p, "\xff\xff\xff\xff", 4) != 0) + return GSS_S_BAD_MIC; + p += 4; + + ret = krb5_crypto_init(gssapi_krb5_context, key, + ETYPE_DES3_CBC_NONE, &crypto); + if (ret){ + *minor_status = ret; + return GSS_S_FAILURE; + } + + /* verify sequence number */ + + ret = krb5_decrypt (gssapi_krb5_context, + crypto, + KRB5_KU_USAGE_SEQ, + p, 8, &seq_data); + if (ret) { + krb5_crypto_destroy (gssapi_krb5_context, crypto); + *minor_status = ret; + return GSS_S_FAILURE; + } + + if (seq_data.length != 8) { + krb5_crypto_destroy (gssapi_krb5_context, crypto); + krb5_data_free (&seq_data); + return GSS_S_BAD_MIC; + } + + krb5_auth_getremoteseqnumber (gssapi_krb5_context, + context_handle->auth_context, + &seq_number); + seq[0] = (seq_number >> 0) & 0xFF; + seq[1] = (seq_number >> 8) & 0xFF; + seq[2] = (seq_number >> 16) & 0xFF; + seq[3] = (seq_number >> 24) & 0xFF; + memset (seq + 4, + (context_handle->more_flags & LOCAL) ? 0xFF : 0, + 4); + cmp = memcmp (seq, seq_data.data, seq_data.length); + krb5_data_free (&seq_data); + if (cmp != 0) { + krb5_crypto_destroy (gssapi_krb5_context, crypto); + return GSS_S_BAD_MIC; + } + + /* verify checksum */ + + tmp = malloc (message_buffer->length + 8); + if (tmp == NULL) { + krb5_crypto_destroy (gssapi_krb5_context, crypto); + *minor_status = ENOMEM; + return GSS_S_FAILURE; + } + + memcpy (tmp, p - 8, 8); + memcpy (tmp + 8, message_buffer->value, message_buffer->length); + + csum.cksumtype = CKSUMTYPE_HMAC_SHA1_DES3; + csum.checksum.length = 20; + csum.checksum.data = p + 8; + + ret = krb5_verify_checksum (gssapi_krb5_context, crypto, + KRB5_KU_USAGE_SIGN, + tmp, message_buffer->length + 8, + &csum); + free (tmp); + if (ret) { + krb5_crypto_destroy (gssapi_krb5_context, crypto); + *minor_status = ret; + return GSS_S_BAD_MIC; + } + + krb5_auth_setremoteseqnumber (gssapi_krb5_context, + context_handle->auth_context, + ++seq_number); + + krb5_crypto_destroy (gssapi_krb5_context, crypto); + return GSS_S_COMPLETE; +} + +OM_uint32 +gss_verify_mic + (OM_uint32 * minor_status, + const gss_ctx_id_t context_handle, + const gss_buffer_t message_buffer, + const gss_buffer_t token_buffer, + gss_qop_t * qop_state + ) +{ + krb5_keyblock *key; + OM_uint32 ret; + krb5_keytype keytype; + + ret = krb5_auth_con_getremotesubkey (gssapi_krb5_context, + context_handle->auth_context, + &key); + if (ret) { + *minor_status = ret; + return GSS_S_FAILURE; + } + krb5_enctype_to_keytype (gssapi_krb5_context, key->keytype, &keytype); + switch (keytype) { + case KEYTYPE_DES : + ret = verify_mic_des (minor_status, context_handle, + message_buffer, token_buffer, qop_state, key); + break; + case KEYTYPE_DES3 : + ret = verify_mic_des3 (minor_status, context_handle, + message_buffer, token_buffer, qop_state, key); + break; + default : + *minor_status = KRB5_PROG_ETYPE_NOSUPP; + ret = GSS_S_FAILURE; + break; + } + krb5_free_keyblock (gssapi_krb5_context, key); + return ret; +} diff --git a/crypto/heimdal/lib/gssapi/wrap.c b/crypto/heimdal/lib/gssapi/wrap.c index c71f2b1..1d9f51d 100644 --- a/crypto/heimdal/lib/gssapi/wrap.c +++ b/crypto/heimdal/lib/gssapi/wrap.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,9 +33,26 @@ #include "gssapi_locl.h" -RCSID("$Id: wrap.c,v 1.11 2000/01/25 23:15:44 assar Exp $"); +RCSID("$Id: wrap.c,v 1.15 2001/01/29 02:08:59 assar Exp $"); -OM_uint32 gss_wrap_size_limit ( +static OM_uint32 +sub_wrap_size ( + OM_uint32 req_output_size, + OM_uint32 * max_input_size, + int blocksize, + int extrasize + ) +{ + size_t len, total_len, padlength; + padlength = blocksize - (req_output_size % blocksize); + len = req_output_size + 8 + padlength + extrasize; + gssapi_krb5_encap_length(len, &len, &total_len); + *max_input_size = (OM_uint32)total_len; + return GSS_S_COMPLETE; +} + +OM_uint32 +gss_wrap_size_limit ( OM_uint32 * minor_status, const gss_ctx_id_t context_handle, int conf_req_flag, @@ -44,36 +61,58 @@ OM_uint32 gss_wrap_size_limit ( OM_uint32 * max_input_size ) { - size_t len, total_len, padlength; - padlength = 8 - (req_output_size % 8); - len = req_output_size + 8 + padlength + 22; - gssapi_krb5_encap_length(len, &len, &total_len); - *max_input_size = (OM_uint32)total_len; - return GSS_S_COMPLETE; + krb5_keyblock *key; + OM_uint32 ret; + krb5_keytype keytype; + + ret = gss_krb5_getsomekey(context_handle, &key); + if (ret) { + *minor_status = ret; + return GSS_S_FAILURE; + } + krb5_enctype_to_keytype (gssapi_krb5_context, key->keytype, &keytype); + + switch (keytype) { + case KEYTYPE_DES : + ret = sub_wrap_size(req_output_size, max_input_size, 8, 22); + break; + case KEYTYPE_DES3 : + ret = sub_wrap_size(req_output_size, max_input_size, 8, 34); + break; + default : + *minor_status = KRB5_PROG_ETYPE_NOSUPP; + ret = GSS_S_FAILURE; + break; + } + krb5_free_keyblock (gssapi_krb5_context, key); + return ret; } -OM_uint32 gss_wrap +static OM_uint32 +wrap_des (OM_uint32 * minor_status, const gss_ctx_id_t context_handle, int conf_req_flag, gss_qop_t qop_req, const gss_buffer_t input_message_buffer, int * conf_state, - gss_buffer_t output_message_buffer + gss_buffer_t output_message_buffer, + krb5_keyblock *key ) { u_char *p; MD5_CTX md5; u_char hash[16]; des_key_schedule schedule; - des_cblock key; + des_cblock deskey; des_cblock zero; int i; int32_t seq_number; - size_t len, total_len, padlength; + size_t len, total_len, padlength, datalen; padlength = 8 - (input_message_buffer->length % 8); - len = input_message_buffer->length + 8 + padlength + 22; + datalen = input_message_buffer->length + padlength + 8; + len = datalen + 22; gssapi_krb5_encap_length (len, &len, &total_len); output_message_buffer->length = total_len; @@ -83,8 +122,7 @@ OM_uint32 gss_wrap p = gssapi_krb5_make_header(output_message_buffer->value, len, - "\x02\x01"); - + "\x02\x01"); /* TOK_ID */ /* SGN_ALG */ memcpy (p, "\x00\x00", 2); @@ -110,15 +148,15 @@ OM_uint32 gss_wrap memset (p + 8 + input_message_buffer->length, padlength, padlength); /* checksum */ - MD5Init (&md5); - MD5Update (&md5, p - 24, 8); - MD5Update (&md5, p, input_message_buffer->length + padlength + 8); - MD5Final (hash, &md5); + MD5_Init (&md5); + MD5_Update (&md5, p - 24, 8); + MD5_Update (&md5, p, datalen); + MD5_Final (hash, &md5); memset (&zero, 0, sizeof(zero)); - gss_krb5_getsomekey(context_handle, &key); - des_set_key (&key, schedule); - des_cbc_cksum ((const void *)hash, (void *)hash, sizeof(hash), + memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); + des_set_key (&deskey, schedule); + des_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash), schedule, &zero); memcpy (p - 8, hash, 8); @@ -136,8 +174,8 @@ OM_uint32 gss_wrap (context_handle->more_flags & LOCAL) ? 0 : 0xFF, 4); - des_set_key (&key, schedule); - des_cbc_encrypt ((const void *)p, (void *)p, 8, + des_set_key (&deskey, schedule); + des_cbc_encrypt ((void *)p, (void *)p, 8, schedule, (des_cblock *)(p + 8), DES_ENCRYPT); krb5_auth_setlocalseqnumber (gssapi_krb5_context, @@ -148,22 +186,225 @@ OM_uint32 gss_wrap p += 16; if(conf_req_flag) { - gss_krb5_getsomekey(context_handle, &key); - for (i = 0; i < sizeof(key); ++i) - key[i] ^= 0xf0; - des_set_key (&key, schedule); + memcpy (&deskey, key->keyvalue.data, sizeof(deskey)); + + for (i = 0; i < sizeof(deskey); ++i) + deskey[i] ^= 0xf0; + des_set_key (&deskey, schedule); memset (&zero, 0, sizeof(zero)); - des_cbc_encrypt ((const void *)p, + des_cbc_encrypt ((void *)p, (void *)p, - 8 + input_message_buffer->length + padlength, + datalen, schedule, &zero, DES_ENCRYPT); - memset (key, 0, sizeof(key)); + memset (deskey, 0, sizeof(deskey)); memset (schedule, 0, sizeof(schedule)); } if(conf_state != NULL) *conf_state = conf_req_flag; return GSS_S_COMPLETE; } + +static OM_uint32 +wrap_des3 + (OM_uint32 * minor_status, + const gss_ctx_id_t context_handle, + int conf_req_flag, + gss_qop_t qop_req, + const gss_buffer_t input_message_buffer, + int * conf_state, + gss_buffer_t output_message_buffer, + krb5_keyblock *key + ) +{ + u_char *p; + u_char seq[8]; + int32_t seq_number; + size_t len, total_len, padlength, datalen; + u_int32_t ret; + krb5_crypto crypto; + Checksum cksum; + krb5_data encdata; + + padlength = 8 - (input_message_buffer->length % 8); + datalen = input_message_buffer->length + padlength + 8; + len = datalen + 34; + gssapi_krb5_encap_length (len, &len, &total_len); + + output_message_buffer->length = total_len; + output_message_buffer->value = malloc (total_len); + if (output_message_buffer->value == NULL) + return GSS_S_FAILURE; + + p = gssapi_krb5_make_header(output_message_buffer->value, + len, + "\x02\x01"); /* TOK_ID */ + + /* SGN_ALG */ + memcpy (p, "\x04\x00", 2); /* HMAC SHA1 DES3-KD */ + p += 2; + /* SEAL_ALG */ + if(conf_req_flag) + memcpy (p, "\x02\x00", 2); /* DES3-KD */ + else + memcpy (p, "\xff\xff", 2); + p += 2; + /* Filler */ + memcpy (p, "\xff\xff", 2); + p += 2; + + /* calculate checksum (the above + confounder + data + pad) */ + + memcpy (p + 20, p - 8, 8); + des_new_random_key((des_cblock*)(p + 28)); + memcpy (p + 28 + 8, input_message_buffer->value, + input_message_buffer->length); + memset (p + 28 + 8 + input_message_buffer->length, padlength, padlength); + + ret = krb5_crypto_init(gssapi_krb5_context, key, 0, &crypto); + if (ret) { + free (output_message_buffer->value); + *minor_status = ret; + return GSS_S_FAILURE; + } + + ret = krb5_create_checksum (gssapi_krb5_context, + crypto, + KRB5_KU_USAGE_SIGN, + p + 20, + datalen + 8, + &cksum); + krb5_crypto_destroy (gssapi_krb5_context, crypto); + if (ret) { + free (output_message_buffer->value); + *minor_status = ret; + return GSS_S_FAILURE; + } + + /* zero out SND_SEQ + SGN_CKSUM in case */ + memset (p, 0, 28); + + memcpy (p + 8, cksum.checksum.data, cksum.checksum.length); + free_Checksum (&cksum); + + /* sequence number */ + krb5_auth_getlocalseqnumber (gssapi_krb5_context, + context_handle->auth_context, + &seq_number); + + seq[0] = (seq_number >> 0) & 0xFF; + seq[1] = (seq_number >> 8) & 0xFF; + seq[2] = (seq_number >> 16) & 0xFF; + seq[3] = (seq_number >> 24) & 0xFF; + memset (seq + 4, + (context_handle->more_flags & LOCAL) ? 0 : 0xFF, + 4); + + + ret = krb5_crypto_init(gssapi_krb5_context, key, ETYPE_DES3_CBC_NONE_IVEC, + &crypto); + if (ret) { + free (output_message_buffer->value); + *minor_status = ret; + return GSS_S_FAILURE; + } + + { + des_cblock ivec; + + memcpy (&ivec, p + 8, 8); + ret = krb5_encrypt_ivec (gssapi_krb5_context, + crypto, + KRB5_KU_USAGE_SEQ, + seq, 8, &encdata, + &ivec); + } + krb5_crypto_destroy (gssapi_krb5_context, crypto); + if (ret) { + free (output_message_buffer->value); + *minor_status = ret; + return GSS_S_FAILURE; + } + + assert (encdata.length == 8); + + memcpy (p, encdata.data, encdata.length); + krb5_data_free (&encdata); + + krb5_auth_setlocalseqnumber (gssapi_krb5_context, + context_handle->auth_context, + ++seq_number); + + /* encrypt the data */ + p += 28; + + if(conf_req_flag) { + krb5_data tmp; + + ret = krb5_crypto_init(gssapi_krb5_context, key, + ETYPE_DES3_CBC_NONE, &crypto); + if (ret) { + free (output_message_buffer->value); + *minor_status = ret; + return GSS_S_FAILURE; + } + ret = krb5_encrypt(gssapi_krb5_context, crypto, KRB5_KU_USAGE_SEAL, + p, datalen, &tmp); + krb5_crypto_destroy(gssapi_krb5_context, crypto); + if (ret) { + free (output_message_buffer->value); + *minor_status = ret; + return GSS_S_FAILURE; + } + assert (tmp.length == datalen); + + memcpy (p, tmp.data, datalen); + krb5_data_free(&tmp); + } + if(conf_state != NULL) + *conf_state = conf_req_flag; + return GSS_S_COMPLETE; +} + +OM_uint32 gss_wrap + (OM_uint32 * minor_status, + const gss_ctx_id_t context_handle, + int conf_req_flag, + gss_qop_t qop_req, + const gss_buffer_t input_message_buffer, + int * conf_state, + gss_buffer_t output_message_buffer + ) +{ + krb5_keyblock *key; + OM_uint32 ret; + krb5_keytype keytype; + + ret = gss_krb5_getsomekey(context_handle, &key); + if (ret) { + *minor_status = ret; + return GSS_S_FAILURE; + } + krb5_enctype_to_keytype (gssapi_krb5_context, key->keytype, &keytype); + + switch (keytype) { + case KEYTYPE_DES : + ret = wrap_des (minor_status, context_handle, conf_req_flag, + qop_req, input_message_buffer, conf_state, + output_message_buffer, key); + break; + case KEYTYPE_DES3 : + ret = wrap_des3 (minor_status, context_handle, conf_req_flag, + qop_req, input_message_buffer, conf_state, + output_message_buffer, key); + break; + default : + *minor_status = KRB5_PROG_ETYPE_NOSUPP; + ret = GSS_S_FAILURE; + break; + } + krb5_free_keyblock (gssapi_krb5_context, key); + return ret; +} diff --git a/crypto/heimdal/lib/hdb/Makefile.am b/crypto/heimdal/lib/hdb/Makefile.am index 6c4341e..f3aba3b 100644 --- a/crypto/heimdal/lib/hdb/Makefile.am +++ b/crypto/heimdal/lib/hdb/Makefile.am @@ -1,4 +1,4 @@ -# $Id: Makefile.am,v 1.33 2000/01/06 21:45:41 assar Exp $ +# $Id: Makefile.am,v 1.43 2001/01/30 01:49:16 assar Exp $ include $(top_srcdir)/Makefile.am.common @@ -13,27 +13,33 @@ CLEANFILES = $(BUILT_SOURCES) $(foo) hdb_asn1.h asn1_files noinst_PROGRAMS = convert_db LDADD = libhdb.la \ + $(LIB_openldap) \ ../krb5/libkrb5.la \ ../asn1/libasn1.la \ - ../des/libdes.la \ + $(LIB_des) \ $(LIB_roken) \ $(DBLIB) lib_LTLIBRARIES = libhdb.la -libhdb_la_LDFLAGS = -version-info 4:1:1 - -libhdb_la_SOURCES = \ - keytab.c \ - hdb.c \ - common.c \ - db.c \ - ndbm.c \ - print.c \ - $(BUILT_SOURCES) +libhdb_la_LDFLAGS = -version-info 7:0:0 + +libhdb_la_SOURCES = \ + common.c \ + db.c \ + db3.c \ + hdb-ldap.c \ + hdb.c \ + keytab.c \ + mkey.c \ + ndbm.c \ + print.c \ + $(BUILT_SOURCES) + +INCLUDES += $(INCLUDE_openldap) include_HEADERS = hdb.h hdb_err.h hdb_asn1.h hdb-protos.h hdb-private.h -libhdb_la_LIBADD = +libhdb_la_LIBADD = $(LIB_openldap) $(libhdb_la_OBJECTS): $(srcdir)/hdb-protos.h $(srcdir)/hdb-private.h diff --git a/crypto/heimdal/lib/hdb/Makefile.in b/crypto/heimdal/lib/hdb/Makefile.in index ef92550..ad12e78 100644 --- a/crypto/heimdal/lib/hdb/Makefile.in +++ b/crypto/heimdal/lib/hdb/Makefile.in @@ -1,6 +1,6 @@ -# Makefile.in generated automatically by automake 1.4 from Makefile.am +# Makefile.in generated automatically by automake 1.4a from Makefile.am -# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -10,15 +10,6 @@ # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. -# $Id: Makefile.am,v 1.33 2000/01/06 21:45:41 assar Exp $ - - -# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ - - -# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ - - SHELL = @SHELL@ srcdir = @srcdir@ @@ -40,8 +31,6 @@ mandir = @mandir@ includedir = @includedir@ oldincludedir = /usr/include -DESTDIR = - pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ @@ -54,9 +43,10 @@ AUTOMAKE = @AUTOMAKE@ AUTOHEADER = @AUTOHEADER@ INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_FLAG = transform = @program_transform_name@ NORMAL_INSTALL = : @@ -65,26 +55,39 @@ POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : + +@SET_MAKE@ host_alias = @host_alias@ host_triplet = @host@ -AFS_EXTRA_LD = @AFS_EXTRA_LD@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AMDEP = @AMDEP@ +AMTAR = @AMTAR@ +AS = @AS@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CPP = @CPP@ +CXX = @CXX@ +CXXCPP = @CXXCPP@ DBLIB = @DBLIB@ +DEPDIR = @DEPDIR@ +DIR_des = @DIR_des@ +DIR_roken = @DIR_roken@ +DLLTOOL = @DLLTOOL@ EXEEXT = @EXEEXT@ EXTRA_LIB45 = @EXTRA_LIB45@ GROFF = @GROFF@ +INCLUDES_roken = @INCLUDES_roken@ INCLUDE_ = @INCLUDE_@ -LD = @LD@ LEX = @LEX@ LIBOBJS = @LIBOBJS@ LIBTOOL = @LIBTOOL@ LIB_ = @LIB_@ LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_des = @LIB_des@ +LIB_des_appl = @LIB_des_appl@ LIB_kdb = @LIB_kdb@ LIB_otp = @LIB_otp@ LIB_roken = @LIB_roken@ @@ -92,31 +95,43 @@ LIB_security = @LIB_security@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ -MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ -MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ -MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ -NM = @NM@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ RANLIB = @RANLIB@ +STRIP = @STRIP@ VERSION = @VERSION@ VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ YACC = @YACC@ +dpagaix_CFLAGS = @dpagaix_CFLAGS@ +dpagaix_LDADD = @dpagaix_LDADD@ +install_sh = @install_sh@ + +# $Id: Makefile.am,v 1.43 2001/01/30 01:49:16 assar Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $ + AUTOMAKE_OPTIONS = foreign no-dependencies SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x -INCLUDES = -I$(top_builddir)/include -I../asn1 -I$(srcdir)/../asn1 +INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken) -I../asn1 -I$(srcdir)/../asn1 $(INCLUDE_openldap) AM_CFLAGS = $(WFLAGS) +CP = cp + COMPILE_ET = $(top_builddir)/lib/com_err/compile_et buildinclude = $(top_builddir)/include @@ -136,6 +151,7 @@ LIB_getsockopt = @LIB_getsockopt@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ LIB_odm_initialize = @LIB_odm_initialize@ +LIB_pidfile = @LIB_pidfile@ LIB_readline = @LIB_readline@ LIB_res_search = @LIB_res_search@ LIB_setpcred = @LIB_setpcred@ @@ -144,6 +160,8 @@ LIB_socket = @LIB_socket@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIBS = @LIBS@ + HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ INCLUDE_hesiod = @INCLUDE_hesiod@ @@ -152,28 +170,25 @@ LIB_hesiod = @LIB_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ LIB_krb4 = @LIB_krb4@ +INCLUDE_openldap = @INCLUDE_openldap@ +LIB_openldap = @LIB_openldap@ + INCLUDE_readline = @INCLUDE_readline@ LEXLIB = @LEXLIB@ -cat1dir = $(mandir)/cat1 -cat3dir = $(mandir)/cat3 -cat5dir = $(mandir)/cat5 -cat8dir = $(mandir)/cat8 - -MANRX = \(.*\)\.\([0-9]\) -CATSUFFIX = @CATSUFFIX@ - NROFF_MAN = groff -mandoc -Tascii -@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) +@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la +@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \ +@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la CHECK_LOCAL = $(PROGRAMS) -BUILT_SOURCES = asn1_Key.c asn1_Event.c asn1_HDBFlags.c asn1_hdb_entry.c asn1_Salt.c hdb_err.c hdb_err.h +BUILT_SOURCES = asn1_Key.c asn1_Event.c asn1_HDBFlags.c asn1_hdb_entry.c \ + asn1_Salt.c hdb_err.c hdb_err.h foo = asn1_Key.x asn1_Event.x asn1_HDBFlags.x asn1_hdb_entry.x asn1_Salt.x @@ -181,18 +196,35 @@ foo = asn1_Key.x asn1_Event.x asn1_HDBFlags.x asn1_hdb_entry.x asn1_Salt.x CLEANFILES = $(BUILT_SOURCES) $(foo) hdb_asn1.h asn1_files noinst_PROGRAMS = convert_db -LDADD = libhdb.la ../krb5/libkrb5.la ../asn1/libasn1.la ../des/libdes.la $(LIB_roken) $(DBLIB) +LDADD = libhdb.la \ + $(LIB_openldap) \ + ../krb5/libkrb5.la \ + ../asn1/libasn1.la \ + $(LIB_des) \ + $(LIB_roken) \ + $(DBLIB) lib_LTLIBRARIES = libhdb.la -libhdb_la_LDFLAGS = -version-info 4:1:1 +libhdb_la_LDFLAGS = -version-info 7:0:0 -libhdb_la_SOURCES = keytab.c hdb.c common.c db.c ndbm.c print.c $(BUILT_SOURCES) +libhdb_la_SOURCES = \ + common.c \ + db.c \ + db3.c \ + hdb-ldap.c \ + hdb.c \ + keytab.c \ + mkey.c \ + ndbm.c \ + print.c \ + $(BUILT_SOURCES) include_HEADERS = hdb.h hdb_err.h hdb_asn1.h hdb-protos.h hdb-private.h -libhdb_la_LIBADD = +libhdb_la_LIBADD = $(LIB_openldap) +subdir = lib/hdb mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs CONFIG_HEADER = ../../include/config.h CONFIG_CLEAN_FILES = @@ -202,15 +234,15 @@ LTLIBRARIES = $(lib_LTLIBRARIES) DEFS = @DEFS@ -I. -I$(srcdir) -I../../include CPPFLAGS = @CPPFLAGS@ LDFLAGS = @LDFLAGS@ -LIBS = @LIBS@ X_CFLAGS = @X_CFLAGS@ X_LIBS = @X_LIBS@ X_EXTRA_LIBS = @X_EXTRA_LIBS@ X_PRE_LIBS = @X_PRE_LIBS@ libhdb_la_DEPENDENCIES = -libhdb_la_OBJECTS = keytab.lo hdb.lo common.lo db.lo ndbm.lo print.lo \ -asn1_Key.lo asn1_Event.lo asn1_HDBFlags.lo asn1_hdb_entry.lo \ -asn1_Salt.lo hdb_err.lo +am_libhdb_la_OBJECTS = common.lo db.lo db3.lo hdb-ldap.lo hdb.lo \ +keytab.lo mkey.lo ndbm.lo print.lo asn1_Key.lo asn1_Event.lo \ +asn1_HDBFlags.lo asn1_hdb_entry.lo asn1_Salt.lo hdb_err.lo +libhdb_la_OBJECTS = $(am_libhdb_la_OBJECTS) noinst_PROGRAMS = convert_db$(EXEEXT) PROGRAMS = $(noinst_PROGRAMS) @@ -218,28 +250,29 @@ convert_db_SOURCES = convert_db.c convert_db_OBJECTS = convert_db.$(OBJEXT) convert_db_LDADD = $(LDADD) convert_db_DEPENDENCIES = libhdb.la ../krb5/libkrb5.la \ -../asn1/libasn1.la ../des/libdes.la +../asn1/libasn1.la convert_db_LDFLAGS = -CFLAGS = @CFLAGS@ COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CFLAGS = @CFLAGS@ CCLD = $(CC) -LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +DIST_SOURCES = $(libhdb_la_SOURCES) convert_db.c HEADERS = $(include_HEADERS) -DIST_COMMON = Makefile.am Makefile.in +depcomp = +DIST_COMMON = $(include_HEADERS) Makefile.am Makefile.in -DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -TAR = tar GZIP_ENV = --best SOURCES = $(libhdb_la_SOURCES) convert_db.c -OBJECTS = $(libhdb_la_OBJECTS) convert_db.$(OBJEXT) +OBJECTS = $(am_libhdb_la_OBJECTS) convert_db.$(OBJEXT) all: all-redirect .SUFFIXES: -.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .s .x +.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .x $(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/hdb/Makefile @@ -262,31 +295,18 @@ install-libLTLIBRARIES: $(lib_LTLIBRARIES) $(mkinstalldirs) $(DESTDIR)$(libdir) @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ if test -f $$p; then \ - echo "$(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p"; \ - $(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p; \ + echo " $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p"; \ + $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p; \ else :; fi; \ done uninstall-libLTLIBRARIES: @$(NORMAL_UNINSTALL) - list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + echo " $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p"; \ $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \ done -.c.o: - $(COMPILE) -c $< - -# FIXME: We should only use cygpath when building on Windows, -# and only if it is available. -.c.obj: - $(COMPILE) -c `cygpath -w $<` - -.s.o: - $(COMPILE) -c $< - -.S.o: - $(COMPILE) -c $< - mostlyclean-compile: -rm -f *.o core *.core -rm -f *.$(OBJEXT) @@ -298,15 +318,6 @@ distclean-compile: maintainer-clean-compile: -.c.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - -.s.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - -.S.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - mostlyclean-libtool: -rm -f *.lo @@ -332,41 +343,54 @@ maintainer-clean-noinstPROGRAMS: convert_db$(EXEEXT): $(convert_db_OBJECTS) $(convert_db_DEPENDENCIES) @rm -f convert_db$(EXEEXT) $(LINK) $(convert_db_LDFLAGS) $(convert_db_OBJECTS) $(convert_db_LDADD) $(LIBS) +.c.o: + $(COMPILE) -c $< +.c.obj: + $(COMPILE) -c `cygpath -w $<` +.c.lo: + $(LTCOMPILE) -c -o $@ $< install-includeHEADERS: $(include_HEADERS) @$(NORMAL_INSTALL) $(mkinstalldirs) $(DESTDIR)$(includedir) @list='$(include_HEADERS)'; for p in $$list; do \ if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \ - echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p"; \ - $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p; \ + f="`echo $$p | sed -e 's|^.*/||'`"; \ + echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f"; \ + $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f; \ done uninstall-includeHEADERS: @$(NORMAL_UNINSTALL) - list='$(include_HEADERS)'; for p in $$list; do \ - rm -f $(DESTDIR)$(includedir)/$$p; \ + @list='$(include_HEADERS)'; for p in $$list; do \ + f="`echo $$p | sed -e 's|^.*/||'`"; \ + echo " rm -f $(DESTDIR)$(includedir)/$$f"; \ + rm -f $(DESTDIR)$(includedir)/$$f; \ done tags: TAGS -ID: $(HEADERS) $(SOURCES) $(LISP) - list='$(SOURCES) $(HEADERS)'; \ - unique=`for i in $$list; do echo $$i; done | \ - awk ' { files[$$0] = 1; } \ +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ - here=`pwd` && cd $(srcdir) \ - && mkid -f$$here/ID $$unique $(LISP) + mkid -fID $$unique $(LISP) -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP) +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) tags=; \ here=`pwd`; \ - list='$(SOURCES) $(HEADERS)'; \ - unique=`for i in $$list; do echo $$i; done | \ - awk ' { files[$$0] = 1; } \ + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ - || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS) + || etags $(ETAGS_ARGS) $$tags $$unique $(LISP) mostlyclean-tags: @@ -379,17 +403,16 @@ maintainer-clean-tags: distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) -subdir = lib/hdb - distdir: $(DISTFILES) @for file in $(DISTFILES); do \ d=$(srcdir); \ if test -d $$d/$$file; then \ - cp -pr $$/$$file $(distdir)/$$file; \ + cp -pR $$d/$$file $(distdir) \ + || exit 1; \ else \ test -f $(distdir)/$$file \ - || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ - || cp -p $$d/$$file $(distdir)/$$file || :; \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ fi; \ done $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook @@ -418,7 +441,7 @@ uninstall: uninstall-am all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(HEADERS) all-local all-redirect: all-am install-strip: - $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install + $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install installdirs: $(mkinstalldirs) $(DESTDIR)$(libdir) $(DESTDIR)$(includedir) @@ -433,6 +456,7 @@ distclean-generic: -rm -f config.cache config.log stamp-h stamp-h[0-9]* maintainer-clean-generic: + -rm -f Makefile.in -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES) mostlyclean-am: mostlyclean-libLTLIBRARIES mostlyclean-compile \ mostlyclean-libtool mostlyclean-noinstPROGRAMS \ @@ -474,8 +498,8 @@ install-includeHEADERS tags mostlyclean-tags distclean-tags clean-tags \ maintainer-clean-tags distdir info-am info dvi-am dvi check-local check \ check-am installcheck-am installcheck install-exec-am install-exec \ install-data-local install-data-am install-data install-am install \ -uninstall-am uninstall all-local all-redirect all-am all installdirs \ -mostlyclean-generic distclean-generic clean-generic \ +uninstall-am uninstall all-local all-redirect all-am all install-strip \ +installdirs mostlyclean-generic distclean-generic clean-generic \ maintainer-clean-generic clean mostlyclean distclean maintainer-clean @@ -484,7 +508,10 @@ install-suid-programs: for file in $$foo; do \ x=$(DESTDIR)$(bindir)/$$file; \ if chown 0:0 $$x && chmod u+s $$x; then :; else \ - chmod 0 $$x; fi; done + echo "*"; \ + echo "* Failed to install $$x setuid root"; \ + echo "*"; \ + fi; done install-exec-hook: install-suid-programs @@ -496,8 +523,8 @@ install-build-headers:: $(include_HEADERS) $(build_HEADERZ) else file="$$f"; fi; \ if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ : ; else \ - echo " cp $$file $(buildinclude)/$$f"; \ - cp $$file $(buildinclude)/$$f; \ + echo " $(CP) $$file $(buildinclude)/$$f"; \ + $(CP) $$file $(buildinclude)/$$f; \ fi ; \ done @@ -566,87 +593,8 @@ dist-cat8-mans: dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans -install-cat1-mans: - @ext=1;\ - foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat3-mans: - @ext=3;\ - foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat5-mans: - @ext=5;\ - foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat8-mans: - @ext=8;\ - foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans +install-cat-mans: + $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) install-data-local: install-cat-mans diff --git a/crypto/heimdal/lib/hdb/common.c b/crypto/heimdal/lib/hdb/common.c index 6e95667..befde78 100644 --- a/crypto/heimdal/lib/hdb/common.c +++ b/crypto/heimdal/lib/hdb/common.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "hdb_locl.h" -RCSID("$Id: common.c,v 1.6 1999/12/02 17:05:04 joda Exp $"); +RCSID("$Id: common.c,v 1.8 2001/01/30 01:22:17 assar Exp $"); int hdb_principal2key(krb5_context context, krb5_principal p, krb5_data *key) @@ -102,7 +102,7 @@ krb5_error_code _hdb_fetch(krb5_context context, HDB *db, unsigned flags, hdb_entry *entry) { krb5_data key, value; - int code; + int code = 0; hdb_principal2key(context, entry->principal, &key); code = db->_get(context, db, key, &value); @@ -110,10 +110,13 @@ _hdb_fetch(krb5_context context, HDB *db, unsigned flags, hdb_entry *entry) if(code) return code; hdb_value2entry(context, &value, entry); - if (db->master_key_set && (flags & HDB_F_DECRYPT)) - hdb_unseal_keys (db, entry); + if (db->master_key_set && (flags & HDB_F_DECRYPT)) { + code = hdb_unseal_keys (context, db, entry); + if (code) + hdb_free_entry(context, entry); + } krb5_data_free(&value); - return 0; + return code; } krb5_error_code @@ -123,7 +126,11 @@ _hdb_store(krb5_context context, HDB *db, unsigned flags, hdb_entry *entry) int code; hdb_principal2key(context, entry->principal, &key); - hdb_seal_keys(db, entry); + code = hdb_seal_keys(context, db, entry); + if (code) { + krb5_data_free(&key); + return code; + } hdb_entry2value(context, entry, &value); code = db->_put(context, db, flags & HDB_F_REPLACE, key, value); krb5_data_free(&value); diff --git a/crypto/heimdal/lib/hdb/convert_db.c b/crypto/heimdal/lib/hdb/convert_db.c index b257809..1a7ebb4 100644 --- a/crypto/heimdal/lib/hdb/convert_db.c +++ b/crypto/heimdal/lib/hdb/convert_db.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -38,9 +38,10 @@ */ #include "hdb_locl.h" -#include "getarg.h" +#include +#include -RCSID("$Id: convert_db.c,v 1.8 1999/05/09 22:47:47 assar Exp $"); +RCSID("$Id: convert_db.c,v 1.11 2001/01/25 12:45:01 assar Exp $"); static krb5_error_code update_keytypes(krb5_context context, HDB *db, hdb_entry *entry, void *data) @@ -132,7 +133,6 @@ main(int argc, char **argv) krb5_error_code ret; krb5_context context; HDB *db, *new; - EncryptionKey key; int optind = 0; int master_key_set = 0; @@ -151,29 +151,23 @@ main(int argc, char **argv) ret = krb5_init_context(&context); if(ret != 0) - krb5_err(NULL, 1, ret, "krb5_init_context"); + errx(1, "krb5_init_context failed: %d", ret); ret = hdb_create(context, &db, old_database); if(ret != 0) krb5_err(context, 1, ret, "hdb_create"); - ret = hdb_read_master_key(context, mkeyfile, &key); - if(ret == 0) { - if(key.keytype == KEYTYPE_DES) - key.keytype = ETYPE_DES_CBC_MD5; - - ret = hdb_set_master_key(context, db, key); - if (ret) - krb5_err(context, 1, ret, "hdb_set_master_key"); - master_key_set = 1; - } + ret = hdb_set_master_keyfile(context, db, mkeyfile); + if (ret) + krb5_err(context, 1, ret, "hdb_set_master_keyfile"); + master_key_set = 1; ret = hdb_create(context, &new, new_database); if(ret != 0) krb5_err(context, 1, ret, "hdb_create"); if (master_key_set) { - ret = hdb_set_master_key(context, new, key); + ret = hdb_set_master_keyfile(context, new, mkeyfile); if (ret) - krb5_err(context, 1, ret, "hdb_set_master_key"); + krb5_err(context, 1, ret, "hdb_set_master_keyfile"); } ret = db->open(context, db, O_RDONLY, 0); if(ret == HDB_ERR_BADVERSION) { diff --git a/crypto/heimdal/lib/hdb/db.c b/crypto/heimdal/lib/hdb/db.c index 4699437..6f9c688 100644 --- a/crypto/heimdal/lib/hdb/db.c +++ b/crypto/heimdal/lib/hdb/db.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,9 +33,9 @@ #include "hdb_locl.h" -RCSID("$Id: db.c,v 1.25 1999/12/02 17:05:04 joda Exp $"); +RCSID("$Id: db.c,v 1.28 2001/01/30 01:24:00 assar Exp $"); -#ifdef HAVE_DB_H +#if defined(HAVE_DB_H) && DB_VERSION_MAJOR < 3 static krb5_error_code DB_close(krb5_context context, HDB *db) @@ -102,13 +102,21 @@ DB_seq(krb5_context context, HDB *db, data.length = value.size; if (hdb_value2entry(context, &data, entry)) return DB_seq(context, db, flags, entry, R_NEXT); - if (db->master_key_set && (flags & HDB_F_DECRYPT)) - hdb_unseal_keys (db, entry); - if (entry->principal == NULL) { + if (db->master_key_set && (flags & HDB_F_DECRYPT)) { + code = hdb_unseal_keys (context, db, entry); + if (code) + hdb_free_entry (context, entry); + } + if (code == 0 && entry->principal == NULL) { entry->principal = malloc(sizeof(*entry->principal)); - hdb_key2principal(context, &key_data, entry->principal); + if (entry->principal == NULL) { + code = ENOMEM; + hdb_free_entry (context, entry); + } else { + hdb_key2principal(context, &key_data, entry->principal); + } } - return 0; + return code; } diff --git a/crypto/heimdal/lib/hdb/db3.c b/crypto/heimdal/lib/hdb/db3.c new file mode 100644 index 0000000..a682071 --- /dev/null +++ b/crypto/heimdal/lib/hdb/db3.c @@ -0,0 +1,310 @@ +/* + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "hdb_locl.h" + +RCSID("$Id: db3.c,v 1.6 2001/01/30 01:24:00 assar Exp $"); + +#if defined(HAVE_DB_H) && DB_VERSION_MAJOR == 3 +static krb5_error_code +DB_close(krb5_context context, HDB *db) +{ + DB *d = (DB*)db->db; + DBC *dbcp = (DBC*)db->dbc; + + dbcp->c_close(dbcp); + db->dbc = 0; + d->close(d, 0); + return 0; +} + +static krb5_error_code +DB_destroy(krb5_context context, HDB *db) +{ + krb5_error_code ret; + + ret = hdb_clear_master_key (context, db); + free(db->name); + free(db); + return ret; +} + +static krb5_error_code +DB_lock(krb5_context context, HDB *db, int operation) +{ + DB *d = (DB*)db->db; + int fd; + if ((*d->fd)(d, &fd)) + return HDB_ERR_CANT_LOCK_DB; + return hdb_lock(fd, operation); +} + +static krb5_error_code +DB_unlock(krb5_context context, HDB *db) +{ + DB *d = (DB*)db->db; + int fd; + if ((*d->fd)(d, &fd)) + return HDB_ERR_CANT_LOCK_DB; + return hdb_unlock(fd); +} + + +static krb5_error_code +DB_seq(krb5_context context, HDB *db, + unsigned flags, hdb_entry *entry, int flag) +{ + DB *d = (DB*)db->db; + DBT key, value; + DBC *dbcp = db->dbc; + krb5_data key_data, data; + int code; + + memset(&key, 0, sizeof(DBT)); + memset(&value, 0, sizeof(DBT)); + if (db->lock(context, db, HDB_RLOCK)) + return HDB_ERR_DB_INUSE; + code = dbcp->c_get(dbcp, &key, &value, flag); + db->unlock(context, db); /* XXX check value */ + if (code == DB_NOTFOUND) + return HDB_ERR_NOENTRY; + if (code) + return code; + + key_data.data = key.data; + key_data.length = key.size; + data.data = value.data; + data.length = value.size; + if (hdb_value2entry(context, &data, entry)) + return DB_seq(context, db, flags, entry, DB_NEXT); + if (db->master_key_set && (flags & HDB_F_DECRYPT)) { + code = hdb_unseal_keys (context, db, entry); + if (code) + hdb_free_entry (context, entry); + } + if (entry->principal == NULL) { + entry->principal = malloc(sizeof(*entry->principal)); + if (entry->principal == NULL) { + code = ENOMEM; + hdb_free_entry (context, entry); + } else { + hdb_key2principal(context, &key_data, entry->principal); + } + } + return 0; +} + + +static krb5_error_code +DB_firstkey(krb5_context context, HDB *db, unsigned flags, hdb_entry *entry) +{ + return DB_seq(context, db, flags, entry, DB_FIRST); +} + + +static krb5_error_code +DB_nextkey(krb5_context context, HDB *db, unsigned flags, hdb_entry *entry) +{ + return DB_seq(context, db, flags, entry, DB_NEXT); +} + +static krb5_error_code +DB_rename(krb5_context context, HDB *db, const char *new_name) +{ + int ret; + char *old, *new; + + asprintf(&old, "%s.db", db->name); + asprintf(&new, "%s.db", new_name); + ret = rename(old, new); + free(old); + free(new); + if(ret) + return errno; + + free(db->name); + db->name = strdup(new_name); + return 0; +} + +static krb5_error_code +DB__get(krb5_context context, HDB *db, krb5_data key, krb5_data *reply) +{ + DB *d = (DB*)db->db; + DBT k, v; + int code; + + memset(&k, 0, sizeof(DBT)); + memset(&v, 0, sizeof(DBT)); + k.data = key.data; + k.size = key.length; + k.flags = 0; + if ((code = db->lock(context, db, HDB_RLOCK))) + return code; + code = d->get(d, NULL, &k, &v, 0); + db->unlock(context, db); + if(code == DB_NOTFOUND) + return HDB_ERR_NOENTRY; + if(code) + return code; + + krb5_data_copy(reply, v.data, v.size); + return 0; +} + +static krb5_error_code +DB__put(krb5_context context, HDB *db, int replace, + krb5_data key, krb5_data value) +{ + DB *d = (DB*)db->db; + DBT k, v; + int code; + + memset(&k, 0, sizeof(DBT)); + memset(&v, 0, sizeof(DBT)); + k.data = key.data; + k.size = key.length; + k.flags = 0; + v.data = value.data; + v.size = value.length; + v.flags = 0; + if ((code = db->lock(context, db, HDB_WLOCK))) + return code; + code = d->put(d, NULL, &k, &v, replace ? 0 : DB_NOOVERWRITE); + db->unlock(context, db); + if(code == DB_KEYEXIST) + return HDB_ERR_EXISTS; + if(code) + return errno; + return 0; +} + +static krb5_error_code +DB__del(krb5_context context, HDB *db, krb5_data key) +{ + DB *d = (DB*)db->db; + DBT k; + krb5_error_code code; + memset(&k, 0, sizeof(DBT)); + k.data = key.data; + k.size = key.length; + k.flags = 0; + code = db->lock(context, db, HDB_WLOCK); + if(code) + return code; + code = d->del(d, NULL, &k, 0); + db->unlock(context, db); + if(code == DB_NOTFOUND) + return HDB_ERR_NOENTRY; + if(code) + return code; + return 0; +} + +static krb5_error_code +DB_open(krb5_context context, HDB *db, int flags, mode_t mode) +{ + char *fn; + krb5_error_code ret; + DB *d; + int myflags = 0; + + if (flags & O_CREAT) + myflags |= DB_CREATE; + + if (flags & O_EXCL) + myflags |= DB_EXCL; + + if (flags & O_RDONLY) + myflags |= DB_RDONLY; + + if (flags & O_TRUNC) + myflags |= DB_TRUNCATE; + + asprintf(&fn, "%s.db", db->name); + if (fn == NULL) + return ENOMEM; + db_create(&d, NULL, 0); + db->db = d; + if ((ret = d->open(db->db, fn, NULL, DB_BTREE, myflags, mode))) { + if(ret == ENOENT) + /* try to open without .db extension */ + if (d->open(db->db, db->name, NULL, DB_BTREE, myflags, mode)) { + free(fn); + return ret; + } + } + free(fn); + + ret = d->cursor(d, NULL, (DBC **)&db->dbc, 0); + if (ret) + return ret; + + if((flags & O_ACCMODE) == O_RDONLY) + ret = hdb_check_db_format(context, db); + else + ret = hdb_init_db(context, db); + if(ret == HDB_ERR_NOENTRY) + return 0; + return ret; +} + +krb5_error_code +hdb_db_create(krb5_context context, HDB **db, + const char *filename) +{ + *db = malloc(sizeof(**db)); + if (*db == NULL) + return ENOMEM; + + (*db)->db = NULL; + (*db)->name = strdup(filename); + (*db)->master_key_set = 0; + (*db)->openp = 0; + (*db)->open = DB_open; + (*db)->close = DB_close; + (*db)->fetch = _hdb_fetch; + (*db)->store = _hdb_store; + (*db)->remove = _hdb_remove; + (*db)->firstkey = DB_firstkey; + (*db)->nextkey= DB_nextkey; + (*db)->lock = DB_lock; + (*db)->unlock = DB_unlock; + (*db)->rename = DB_rename; + (*db)->_get = DB__get; + (*db)->_put = DB__put; + (*db)->_del = DB__del; + (*db)->destroy = DB_destroy; + return 0; +} +#endif diff --git a/crypto/heimdal/lib/hdb/hdb-ldap.c b/crypto/heimdal/lib/hdb/hdb-ldap.c new file mode 100644 index 0000000..6d264b4 --- /dev/null +++ b/crypto/heimdal/lib/hdb/hdb-ldap.c @@ -0,0 +1,1344 @@ +/* + * Copyright (c) 1999 - 2001, PADL Software Pty Ltd. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of PADL Software nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "hdb_locl.h" + +RCSID("$Id: hdb-ldap.c,v 1.7 2001/01/30 16:59:08 assar Exp $"); + +#ifdef OPENLDAP + +#include +#include +#include +#include + +static krb5_error_code LDAP__connect(krb5_context context, HDB * db); + +static krb5_error_code +LDAP_message2entry(krb5_context context, HDB * db, LDAPMessage * msg, + hdb_entry * ent); + +static char *krb5kdcentry_attrs[] = + { "krb5PrincipalName", "cn", "krb5PrincipalRealm", + "krb5KeyVersionNumber", "krb5Key", + "krb5ValidStart", "krb5ValidEnd", "krb5PasswordEnd", + "krb5MaxLife", "krb5MaxRenew", "krb5KDCFlags", "krb5EncryptionType", + "modifiersName", "modifyTimestamp", "creatorsName", "createTimestamp", + NULL +}; + +static char *krb5principal_attrs[] = + { "krb5PrincipalName", "cn", "krb5PrincipalRealm", + "modifiersName", "modifyTimestamp", "creatorsName", "createTimestamp", + NULL +}; + +/* based on samba: source/passdb/ldap.c */ +static krb5_error_code +LDAP_addmod_len(LDAPMod *** modlist, int modop, const char *attribute, + unsigned char *value, size_t len) +{ + LDAPMod **mods = *modlist; + int i, j; + + if (mods == NULL) { + mods = (LDAPMod **) calloc(1, sizeof(LDAPMod *)); + if (mods == NULL) { + return ENOMEM; + } + mods[0] = NULL; + } + + for (i = 0; mods[i] != NULL; ++i) { + if ((mods[i]->mod_op & (~LDAP_MOD_BVALUES)) == modop + && (!strcasecmp(mods[i]->mod_type, attribute))) { + break; + } + } + + if (mods[i] == NULL) { + mods = (LDAPMod **) realloc(mods, (i + 2) * sizeof(LDAPMod *)); + if (mods == NULL) { + return ENOMEM; + } + mods[i] = (LDAPMod *) malloc(sizeof(LDAPMod)); + if (mods[i] == NULL) { + return ENOMEM; + } + mods[i]->mod_op = modop | LDAP_MOD_BVALUES; + mods[i]->mod_bvalues = NULL; + mods[i]->mod_type = strdup(attribute); + if (mods[i]->mod_type == NULL) { + return ENOMEM; + } + mods[i + 1] = NULL; + } + + if (value != NULL) { + j = 0; + if (mods[i]->mod_bvalues != NULL) { + for (; mods[i]->mod_bvalues[j] != NULL; j++); + } + mods[i]->mod_bvalues = + (struct berval **) realloc(mods[i]->mod_bvalues, + (j + 2) * sizeof(struct berval *)); + if (mods[i]->mod_bvalues == NULL) { + return ENOMEM; + } + /* Caller allocates memory on our behalf, unlike LDAP_addmod. */ + mods[i]->mod_bvalues[j] = + (struct berval *) malloc(sizeof(struct berval)); + if (mods[i]->mod_bvalues[j] == NULL) { + return ENOMEM; + } + mods[i]->mod_bvalues[j]->bv_val = value; + mods[i]->mod_bvalues[j]->bv_len = len; + mods[i]->mod_bvalues[j + 1] = NULL; + } + *modlist = mods; + return 0; +} + +static krb5_error_code +LDAP_addmod(LDAPMod *** modlist, int modop, const char *attribute, + const char *value) +{ + LDAPMod **mods = *modlist; + int i, j; + + if (mods == NULL) { + mods = (LDAPMod **) calloc(1, sizeof(LDAPMod *)); + if (mods == NULL) { + return ENOMEM; + } + mods[0] = NULL; + } + + for (i = 0; mods[i] != NULL; ++i) { + if (mods[i]->mod_op == modop + && (!strcasecmp(mods[i]->mod_type, attribute))) { + break; + } + } + + if (mods[i] == NULL) { + mods = (LDAPMod **) realloc(mods, (i + 2) * sizeof(LDAPMod *)); + if (mods == NULL) { + return ENOMEM; + } + mods[i] = (LDAPMod *) malloc(sizeof(LDAPMod)); + if (mods[i] == NULL) { + return ENOMEM; + } + mods[i]->mod_op = modop; + mods[i]->mod_values = NULL; + mods[i]->mod_type = strdup(attribute); + if (mods[i]->mod_type == NULL) { + return ENOMEM; + } + mods[i + 1] = NULL; + } + + if (value != NULL) { + j = 0; + if (mods[i]->mod_values != NULL) { + for (; mods[i]->mod_values[j] != NULL; j++); + } + mods[i]->mod_values = (char **) realloc(mods[i]->mod_values, + (j + 2) * sizeof(char *)); + if (mods[i]->mod_values == NULL) { + return ENOMEM; + } + mods[i]->mod_values[j] = strdup(value); + if (mods[i]->mod_values[j] == NULL) { + return ENOMEM; + } + mods[i]->mod_values[j + 1] = NULL; + } + *modlist = mods; + return 0; +} + +static krb5_error_code +LDAP_addmod_generalized_time(LDAPMod *** mods, int modop, + const char *attribute, KerberosTime * time) +{ + char buf[22]; + struct tm *tm; + + /* XXX not threadsafe */ + tm = gmtime(time); + strftime(buf, sizeof(buf), "%Y%m%d%H%M%SZ", tm); + + return LDAP_addmod(mods, modop, attribute, buf); +} + +static krb5_error_code +LDAP_get_string_value(HDB * db, LDAPMessage * entry, + const char *attribute, char **ptr) +{ + char **vals; + int ret; + + vals = ldap_get_values((LDAP *) db->db, entry, (char *) attribute); + if (vals == NULL) { + return HDB_ERR_NOENTRY; + } + *ptr = strdup(vals[0]); + if (*ptr == NULL) { + ret = ENOMEM; + } else { + ret = 0; + } + + ldap_value_free(vals); + + return ret; +} + +static krb5_error_code +LDAP_get_integer_value(HDB * db, LDAPMessage * entry, + const char *attribute, int *ptr) +{ + char **vals; + + vals = ldap_get_values((LDAP *) db->db, entry, (char *) attribute); + if (vals == NULL) { + return HDB_ERR_NOENTRY; + } + *ptr = atoi(vals[0]); + ldap_value_free(vals); + return 0; +} + +static krb5_error_code +LDAP_get_generalized_time_value(HDB * db, LDAPMessage * entry, + const char *attribute, KerberosTime * kt) +{ + char *tmp, *gentime; + struct tm tm; + int ret; + + *kt = 0; + + ret = LDAP_get_string_value(db, entry, attribute, &gentime); + if (ret != 0) { + return ret; + } + + tmp = strptime(gentime, "%Y%m%d%H%M%SZ", &tm); + if (tmp == NULL) { + free(gentime); + return HDB_ERR_NOENTRY; + } + + free(gentime); + + *kt = timegm(&tm); + + return 0; +} + +static krb5_error_code +LDAP_entry2mods(krb5_context context, HDB * db, hdb_entry * ent, + LDAPMessage * msg, LDAPMod *** pmods) +{ + krb5_error_code ret; + krb5_boolean is_new_entry; + int rc, i; + char *tmp = NULL; + LDAPMod **mods = NULL; + hdb_entry orig; + unsigned long oflags, nflags; + + if (msg != NULL) { + ret = LDAP_message2entry(context, db, msg, &orig); + if (ret != 0) { + goto out; + } + is_new_entry = FALSE; + } else { + /* to make it perfectly obvious we're depending on + * orig being intiialized to zero */ + memset(&orig, 0, sizeof(orig)); + is_new_entry = TRUE; + } + + if (is_new_entry) { + ret = LDAP_addmod(&mods, LDAP_MOD_ADD, "objectClass", "top"); + if (ret != 0) { + goto out; + } + /* person is the structural object class */ + ret = LDAP_addmod(&mods, LDAP_MOD_ADD, "objectClass", "person"); + if (ret != 0) { + goto out; + } + ret = + LDAP_addmod(&mods, LDAP_MOD_ADD, "objectClass", + "krb5Principal"); + if (ret != 0) { + goto out; + } + ret = LDAP_addmod(&mods, LDAP_MOD_ADD, "objectClass", + "krb5KDCEntry"); + if (ret != 0) { + goto out; + } + } + + if (is_new_entry || + krb5_principal_compare(context, ent->principal, orig.principal) == + FALSE) { + ret = krb5_unparse_name(context, ent->principal, &tmp); + if (ret != 0) { + goto out; + } + ret = + LDAP_addmod(&mods, LDAP_MOD_REPLACE, "krb5PrincipalName", tmp); + if (ret != 0) { + free(tmp); + goto out; + } + free(tmp); + } + + if (ent->kvno != orig.kvno) { + rc = asprintf(&tmp, "%d", ent->kvno); + if (rc < 0) { + ret = ENOMEM; + goto out; + } + ret = + LDAP_addmod(&mods, LDAP_MOD_REPLACE, "krb5KeyVersionNumber", + tmp); + free(tmp); + if (ret != 0) { + goto out; + } + } + + if (ent->valid_start) { + if (orig.valid_end == NULL + || (*(ent->valid_start) != *(orig.valid_start))) { + ret = + LDAP_addmod_generalized_time(&mods, LDAP_MOD_REPLACE, + "krb5ValidStart", + ent->valid_start); + if (ret != 0) { + goto out; + } + } + } + + if (ent->valid_end) { + if (orig.valid_end == NULL + || (*(ent->valid_end) != *(orig.valid_end))) { + ret = + LDAP_addmod_generalized_time(&mods, LDAP_MOD_REPLACE, + "krb5ValidEnd", + ent->valid_end); + if (ret != 0) { + goto out; + } + } + } + + if (ent->pw_end) { + if (orig.pw_end == NULL || (*(ent->pw_end) != *(orig.pw_end))) { + ret = + LDAP_addmod_generalized_time(&mods, LDAP_MOD_REPLACE, + "krb5PasswordEnd", + ent->pw_end); + if (ret != 0) { + goto out; + } + } + } + + if (ent->max_life) { + if (orig.max_life == NULL + || (*(ent->max_life) != *(orig.max_life))) { + rc = asprintf(&tmp, "%d", *(ent->max_life)); + if (rc < 0) { + ret = ENOMEM; + goto out; + } + ret = LDAP_addmod(&mods, LDAP_MOD_REPLACE, "krb5MaxLife", tmp); + free(tmp); + if (ret != 0) { + goto out; + } + } + } + + if (ent->max_renew) { + if (orig.max_renew == NULL + || (*(ent->max_renew) != *(orig.max_renew))) { + rc = asprintf(&tmp, "%d", *(ent->max_renew)); + if (rc < 0) { + ret = ENOMEM; + goto out; + } + ret = + LDAP_addmod(&mods, LDAP_MOD_REPLACE, "krb5MaxRenew", tmp); + free(tmp); + if (ret != 0) { + goto out; + } + } + } + + memset(&oflags, 0, sizeof(oflags)); + memcpy(&oflags, &orig.flags, sizeof(HDBFlags)); + memset(&nflags, 0, sizeof(nflags)); + memcpy(&nflags, &ent->flags, sizeof(HDBFlags)); + + if (memcmp(&oflags, &nflags, sizeof(HDBFlags))) { + rc = asprintf(&tmp, "%lu", nflags); + if (rc < 0) { + ret = ENOMEM; + goto out; + } + ret = LDAP_addmod(&mods, LDAP_MOD_REPLACE, "krb5KDCFlags", tmp); + free(tmp); + if (ret != 0) { + goto out; + } + } + + if (is_new_entry == FALSE && orig.keys.len > 0) { + /* for the moment, clobber and replace keys. */ + ret = LDAP_addmod(&mods, LDAP_MOD_DELETE, "krb5Key", NULL); + if (ret != 0) { + goto out; + } + } + + for (i = 0; i < ent->keys.len; i++) { + unsigned char *buf; + size_t len; + Key new; + + ret = copy_Key(&ent->keys.val[i], &new); + if (ret != 0) { + goto out; + } + + len = length_Key(&new); + buf = malloc(len); + if (buf == NULL) { + ret = ENOMEM; + free_Key(&new); + goto out; + } + + ret = encode_Key(buf + len - 1, len, &new, &len); + if (ret != 0) { + free(buf); + free_Key(&new); + goto out; + } + free_Key(&new); + + /* addmod_len _owns_ the key, doesn't need to copy it */ + ret = LDAP_addmod_len(&mods, LDAP_MOD_ADD, "krb5Key", buf, len); + if (ret != 0) { + goto out; + } + } + + if (ent->etypes) { + /* clobber and replace encryption types. */ + if (is_new_entry == FALSE) { + ret = + LDAP_addmod(&mods, LDAP_MOD_DELETE, "krb5EncryptionType", + NULL); + } + for (i = 0; i < ent->etypes->len; i++) { + rc = asprintf(&tmp, "%d", ent->etypes->val[i]); + if (rc < 0) { + ret = ENOMEM; + goto out; + } + free(tmp); + ret = + LDAP_addmod(&mods, LDAP_MOD_ADD, "krb5EncryptionType", + tmp); + if (ret != 0) { + goto out; + } + } + } + + /* for clarity */ + ret = 0; + + out: + + if (ret == 0) { + *pmods = mods; + } else if (mods != NULL) { + ldap_mods_free(mods, 1); + *pmods = NULL; + } + + if (msg != NULL) { + hdb_free_entry(context, &orig); + } + + return ret; +} + +static krb5_error_code +LDAP_dn2principal(krb5_context context, HDB * db, const char *dn, + krb5_principal * principal) +{ + krb5_error_code ret; + int rc; + char **values; + LDAPMessage *res = NULL, *e; + + rc = 1; + (void) ldap_set_option((LDAP *) db->db, LDAP_OPT_SIZELIMIT, &rc); + rc = ldap_search_s((LDAP *) db->db, db->name, LDAP_SCOPE_BASE, + "(objectclass=krb5Principal)", krb5principal_attrs, + 0, &res); + + if (rc != LDAP_SUCCESS) { + ret = HDB_ERR_NOENTRY; + goto out; + } + + e = ldap_first_entry((LDAP *) db->db, res); + if (e == NULL) { + ret = HDB_ERR_NOENTRY; + goto out; + } + + values = ldap_get_values((LDAP *) db->db, e, "krb5PrincipalName"); + if (values == NULL) { + ret = HDB_ERR_NOENTRY; + goto out; + } + + ret = krb5_parse_name(context, values[0], principal); + ldap_value_free(values); + + out: + if (res != NULL) { + ldap_msgfree(res); + } + return ret; +} + +static krb5_error_code +LDAP__lookup_princ(krb5_context context, HDB * db, const char *princname, + LDAPMessage ** msg) +{ + krb5_error_code ret; + int rc; + char *filter = NULL; + + (void) LDAP__connect(context, db); + + rc = + asprintf(&filter, + "(&(objectclass=krb5KDCEntry)(krb5PrincipalName=%s))", + princname); + if (rc < 0) { + ret = ENOMEM; + goto out; + } + + rc = 1; + (void) ldap_set_option((LDAP *) db->db, LDAP_OPT_SIZELIMIT, (void *) &rc); + + rc = ldap_search_s((LDAP *) db->db, db->name, LDAP_SCOPE_ONELEVEL, filter, + krb5kdcentry_attrs, 0, msg); + if (rc != LDAP_SUCCESS) { + ret = HDB_ERR_NOENTRY; + goto out; + } + + ret = 0; + + out: + if (filter != NULL) { + free(filter); + } + return ret; +} + +static krb5_error_code +LDAP_principal2message(krb5_context context, HDB * db, + krb5_principal princ, LDAPMessage ** msg) +{ + char *princname = NULL; + krb5_error_code ret; + + ret = krb5_unparse_name(context, princ, &princname); + if (ret != 0) { + return ret; + } + + ret = LDAP__lookup_princ(context, db, princname, msg); + free(princname); + + return ret; +} + +/* + * Construct an hdb_entry from a directory entry. + */ +static krb5_error_code +LDAP_message2entry(krb5_context context, HDB * db, LDAPMessage * msg, + hdb_entry * ent) +{ + char *unparsed_name = NULL, *dn = NULL; + int ret; + unsigned long tmp; + struct berval **keys; + char **values; + + memset(ent, 0, sizeof(*ent)); + memset(&ent->flags, 0, sizeof(HDBFlags)); + + ret = + LDAP_get_string_value(db, msg, "krb5PrincipalName", + &unparsed_name); + if (ret != 0) { + return ret; + } + + ret = krb5_parse_name(context, unparsed_name, &ent->principal); + if (ret != 0) { + goto out; + } + + ret = + LDAP_get_integer_value(db, msg, "krb5KeyVersionNumber", + &ent->kvno); + if (ret != 0) { + ent->kvno = 0; + } + + keys = ldap_get_values_len((LDAP *) db->db, msg, "krb5Key"); + if (keys != NULL) { + int i; + size_t l; + + ent->keys.len = ldap_count_values_len(keys); + ent->keys.val = (Key *) calloc(ent->keys.len, sizeof(Key)); + for (i = 0; i < ent->keys.len; i++) { + decode_Key((unsigned char *) keys[i]->bv_val, + (size_t) keys[i]->bv_len, &ent->keys.val[i], &l); + } + ber_bvecfree(keys); + } else { +#if 1 + /* + * This violates the ASN1 but it allows a principal to + * be related to a general directory entry without creating + * the keys. Hopefully it's OK. + */ + ent->keys.len = 0; + ent->keys.val = NULL; +#else + ret = HDB_ERR_NOENTRY; + goto out; +#endif + } + + ret = + LDAP_get_generalized_time_value(db, msg, "createTimestamp", + &ent->created_by.time); + if (ret != 0) { + ent->created_by.time = time(NULL); + } + + ent->created_by.principal = NULL; + + ret = LDAP_get_string_value(db, msg, "creatorsName", &dn); + if (ret == 0) { + if (LDAP_dn2principal(context, db, dn, &ent->created_by.principal) + != 0) { + ent->created_by.principal = NULL; + } + free(dn); + } + + ent->modified_by = (Event *) malloc(sizeof(Event)); + if (ent->modified_by == NULL) { + ret = ENOMEM; + goto out; + } + ret = + LDAP_get_generalized_time_value(db, msg, "modifyTimestamp", + &ent->modified_by->time); + if (ret == 0) { + ret = LDAP_get_string_value(db, msg, "modifiersName", &dn); + if (LDAP_dn2principal + (context, db, dn, &ent->modified_by->principal) != 0) { + ent->modified_by->principal = NULL; + } + free(dn); + } else { + free(ent->modified_by); + ent->modified_by = NULL; + } + + if ((ent->valid_start = (KerberosTime *) malloc(sizeof(KerberosTime))) + == NULL) { + ret = ENOMEM; + goto out; + } + ret = + LDAP_get_generalized_time_value(db, msg, "krb5ValidStart", + ent->valid_start); + if (ret != 0) { + /* OPTIONAL */ + free(ent->valid_start); + ent->valid_start = NULL; + } + + if ((ent->valid_end = (KerberosTime *) malloc(sizeof(KerberosTime))) == + NULL) {ret = ENOMEM; + goto out; + } + ret = + LDAP_get_generalized_time_value(db, msg, "krb5ValidEnd", + ent->valid_end); + if (ret != 0) { + /* OPTIONAL */ + free(ent->valid_end); + ent->valid_end = NULL; + } + + if ((ent->pw_end = (KerberosTime *) malloc(sizeof(KerberosTime))) == + NULL) {ret = ENOMEM; + goto out; + } + ret = + LDAP_get_generalized_time_value(db, msg, "krb5PasswordEnd", + ent->pw_end); + if (ret != 0) { + /* OPTIONAL */ + free(ent->pw_end); + ent->pw_end = NULL; + } + + ent->max_life = (int *) malloc(sizeof(int)); + if (ent->max_life == NULL) { + ret = ENOMEM; + goto out; + } + ret = LDAP_get_integer_value(db, msg, "krb5MaxLife", ent->max_life); + if (ret != 0) { + free(ent->max_life); + ent->max_life = NULL; + } + + ent->max_renew = (int *) malloc(sizeof(int)); + if (ent->max_renew == NULL) { + ret = ENOMEM; + goto out; + } + ret = LDAP_get_integer_value(db, msg, "krb5MaxRenew", ent->max_renew); + if (ret != 0) { + free(ent->max_renew); + ent->max_renew = NULL; + } + + values = ldap_get_values((LDAP *) db->db, msg, "krb5KDCFlags"); + if (values != NULL) { + tmp = strtoul(values[0], (char **) NULL, 10); + if (tmp == ULONG_MAX && errno == ERANGE) { + ret = ERANGE; + goto out; + } + } else { + tmp = 0; + } + memcpy(&ent->flags, &tmp, sizeof(HDBFlags)); + + values = ldap_get_values((LDAP *) db->db, msg, "krb5EncryptionType"); + if (values != NULL) { + int i; + + ent->etypes = malloc(sizeof(*(ent->etypes))); + if (ent->etypes == NULL) { + ret = ENOMEM; + goto out; + } + ent->etypes->len = ldap_count_values(values); + ent->etypes->val = calloc(ent->etypes->len, sizeof(int)); + for (i = 0; i < ent->etypes->len; i++) { + ent->etypes->val[i] = atoi(values[i]); + } + ldap_value_free(values); + } + + ret = 0; + + out: + if (unparsed_name != NULL) { + free(unparsed_name); + } + + if (ret != 0) { + /* I don't think this frees ent itself. */ + hdb_free_entry(context, ent); + } + + return ret; +} + +static krb5_error_code LDAP_close(krb5_context context, HDB * db) +{ + LDAP *ld = (LDAP *) db->db; + + ldap_unbind(ld); + db->db = NULL; + return 0; +} + +static krb5_error_code +LDAP_lock(krb5_context context, HDB * db, int operation) +{ + return 0; +} + +static krb5_error_code LDAP_unlock(krb5_context context, HDB * db) +{ + return 0; +} + +static krb5_error_code +LDAP_seq(krb5_context context, HDB * db, unsigned flags, hdb_entry * entry) +{ + int msgid, rc, parserc; + krb5_error_code ret; + LDAPMessage *e; + + msgid = db->openp; /* BOGUS OVERLOADING */ + if (msgid < 0) { + return HDB_ERR_NOENTRY; + } + + do { + rc = ldap_result((LDAP *) db->db, msgid, LDAP_MSG_ONE, NULL, &e); + switch (rc) { + case LDAP_RES_SEARCH_ENTRY: + /* We have an entry. Parse it. */ + ret = LDAP_message2entry(context, db, e, entry); + ldap_msgfree(e); + break; + case LDAP_RES_SEARCH_RESULT: + /* We're probably at the end of the results. If not, abandon. */ + parserc = + ldap_parse_result((LDAP *) db->db, e, NULL, NULL, NULL, + NULL, NULL, 1); + if (parserc != LDAP_SUCCESS + && parserc != LDAP_MORE_RESULTS_TO_RETURN) { + ldap_abandon((LDAP *) db->db, msgid); + } + ret = HDB_ERR_NOENTRY; + db->openp = -1; + break; + case 0: + case -1: + default: + /* Some unspecified error (timeout?). Abandon. */ + ldap_msgfree(e); + ldap_abandon((LDAP *) db->db, msgid); + ret = HDB_ERR_NOENTRY; + db->openp = -1; + break; + } + } while (rc == LDAP_RES_SEARCH_REFERENCE); + + if (ret == 0) { + if (db->master_key_set && (flags & HDB_F_DECRYPT)) { + ret = hdb_unseal_keys(context, db, entry); + if (ret) + hdb_free_entry(context,entry); + } + } + + return ret; +} + +static krb5_error_code +LDAP_firstkey(krb5_context context, HDB * db, unsigned flags, + hdb_entry * entry) +{ + int msgid; + + (void) LDAP__connect(context, db); + + msgid = LDAP_NO_LIMIT; + (void) ldap_set_option((LDAP *) db->db, LDAP_OPT_SIZELIMIT, &msgid); + + msgid = ldap_search((LDAP *) db->db, db->name, + LDAP_SCOPE_ONELEVEL, "(objectclass=krb5KDCEntry)", + krb5kdcentry_attrs, 0); + if (msgid < 0) { + return HDB_ERR_NOENTRY; + } + + db->openp = msgid; + + return LDAP_seq(context, db, flags, entry); +} + +static krb5_error_code +LDAP_nextkey(krb5_context context, HDB * db, unsigned flags, + hdb_entry * entry) +{ + return LDAP_seq(context, db, flags, entry); +} + +static krb5_error_code +LDAP_rename(krb5_context context, HDB * db, const char *new_name) +{ + return HDB_ERR_DB_INUSE; +} + +static krb5_boolean LDAP__is_user_namingcontext(const char *ctx, + char *const *subschema) +{ + char *const *p; + + if (!strcasecmp(ctx, "CN=MONITOR") + || !strcasecmp(ctx, "CN=CONFIG")) { + return FALSE; + } + + if (subschema != NULL) { + for (p = subschema; *p != NULL; p++) { + if (!strcasecmp(ctx, *p)) { + return FALSE; + } + } + } + + return TRUE; +} + +static krb5_error_code LDAP__connect(krb5_context context, HDB * db) +{ + int rc; + krb5_error_code ret; + char *attrs[] = { "namingContexts", "subschemaSubentry", NULL }; + LDAPMessage *res = NULL, *e; + + if (db->db != NULL) { + /* connection has been opened. ping server. */ + struct sockaddr_un addr; + socklen_t len; + int sd; + + if (ldap_get_option((LDAP *) db->db, LDAP_OPT_DESC, &sd) == 0 && + getpeername(sd, (struct sockaddr *) &addr, &len) < 0) { + /* the other end has died. reopen. */ + LDAP_close(context, db); + } + } + + if (db->db != NULL) { + /* server is UP */ + return 0; + } + + rc = ldap_initialize((LDAP **) & db->db, "ldapi:///"); + if (rc != LDAP_SUCCESS) { + return HDB_ERR_NOENTRY; + } + + rc = LDAP_VERSION3; + (void) ldap_set_option((LDAP *) db->db, LDAP_OPT_PROTOCOL_VERSION, &rc); + + /* XXX set db->name to the search base */ + rc = ldap_search_s((LDAP *) db->db, "", LDAP_SCOPE_BASE, + "(objectclass=*)", attrs, 0, &res); + if (rc != LDAP_SUCCESS) { + ret = HDB_ERR_BADVERSION; + goto out; + } + + e = ldap_first_entry((LDAP *) db->db, res); + if (e == NULL) { + ret = HDB_ERR_NOENTRY; + goto out; + } + + if (db->name == NULL) { + char **contexts = NULL, **schema_contexts, **p; + + contexts = ldap_get_values((LDAP *) db->db, e, "namingContexts"); + if (contexts == NULL) { + ret = HDB_ERR_NOENTRY; + goto out; + } + + schema_contexts = + ldap_get_values((LDAP *) db->db, e, "subschemaSubentry"); + + if (db->name != NULL) { + free(db->name); + db->name = NULL; + } + + for (p = contexts; *p != NULL; p++) { + if (LDAP__is_user_namingcontext(*p, schema_contexts)) { + break; + } + } + + db->name = strdup(*p); + if (db->name == NULL) { + ldap_value_free(contexts); + ret = ENOMEM; + goto out; + } + + ldap_value_free(contexts); + if (schema_contexts != NULL) { + ldap_value_free(schema_contexts); + } + } + + ret = 0; + + out: + + if (res != NULL) { + ldap_msgfree(res); + } + + if (ret != 0) { + if (db->db != NULL) { + ldap_unbind((LDAP *) db->db); + db->db = NULL; + } + } + + return ret; +} + +static krb5_error_code +LDAP_open(krb5_context context, HDB * db, int flags, mode_t mode) +{ + krb5_error_code ret; + + /* Not the right place for this. */ +#ifdef HAVE_SIGACTION + { + struct sigaction sa; + + sa.sa_flags = 0; + sa.sa_handler = SIG_IGN; + sigemptyset(&sa.sa_mask); + + sigaction(SIGPIPE, &sa, NULL); + } +#else + signal(SIGPIPE, SIG_IGN); +#endif + + if (db->name != NULL) { + free(db->name); + db->name = NULL; + } + + ret = LDAP__connect(context, db); + if (ret != 0) { + return ret; + } + + return ret; +} + +static krb5_error_code +LDAP_fetch(krb5_context context, HDB * db, unsigned flags, + hdb_entry * entry) +{ + LDAPMessage *msg, *e; + krb5_error_code ret; + + ret = LDAP_principal2message(context, db, entry->principal, &msg); + if (ret != 0) { + return ret; + } + + e = ldap_first_entry((LDAP *) db->db, msg); + if (e == NULL) { + ret = HDB_ERR_NOENTRY; + goto out; + } + + ret = LDAP_message2entry(context, db, e, entry); + if (ret == 0) { + if (db->master_key_set && (flags & HDB_F_DECRYPT)) { + ret = hdb_unseal_keys(context, db, entry); + if (ret) + hdb_free_entry(context,entry); + } + } + + out: + ldap_msgfree(msg); + + return ret; +} + +static krb5_error_code +LDAP_store(krb5_context context, HDB * db, unsigned flags, + hdb_entry * entry) +{ + LDAPMod **mods = NULL; + krb5_error_code ret; + LDAPMessage *msg = NULL, *e = NULL; + char *dn = NULL, *name = NULL; + + ret = krb5_unparse_name(context, entry->principal, &name); + if (ret != 0) { + goto out; + } + + ret = LDAP__lookup_princ(context, db, name, &msg); + if (ret == 0) { + e = ldap_first_entry((LDAP *) db->db, msg); + } + + ret = hdb_seal_keys(context, db, entry); + if (ret) + goto out; + + /* turn new entry into LDAPMod array */ + ret = LDAP_entry2mods(context, db, entry, e, &mods); + if (ret != 0) { + goto out; + } + + if (e == NULL) { + /* Doesn't exist yet. */ + char *p; + + e = NULL; + + /* normalize the naming attribute */ + for (p = name; *p != '\0'; p++) { + *p = (char) tolower((int) *p); + } + + /* + * We could do getpwnam() on the local component of + * the principal to find cn/sn but that's probably + * bad thing to do from inside a KDC. Better leave + * it to management tools. + */ + ret = LDAP_addmod(&mods, LDAP_MOD_ADD, "cn", name); + if (ret < 0) { + goto out; + } + + ret = LDAP_addmod(&mods, LDAP_MOD_ADD, "sn", name); + if (ret < 0) { + goto out; + } + + ret = asprintf(&dn, "cn=%s,%s", name, db->name); + if (ret < 0) { + ret = ENOMEM; + goto out; + } + } else if (flags & HDB_F_REPLACE) { + /* Entry exists, and we're allowed to replace it. */ + dn = ldap_get_dn((LDAP *) db->db, e); + } else { + /* Entry exists, but we're not allowed to replace it. Bail. */ + ret = HDB_ERR_EXISTS; + goto out; + } + + /* write entry into directory */ + if (e == NULL) { + /* didn't exist before */ + ret = ldap_add_s((LDAP *) db->db, dn, mods); + } else { + /* already existed, send deltas only */ + ret = ldap_modify_s((LDAP *) db->db, dn, mods); + } + + if (ret == LDAP_SUCCESS) { + ret = 0; + } else { + ret = HDB_ERR_CANT_LOCK_DB; + } + + out: + /* free stuff */ + if (dn != NULL) { + free(dn); + } + + if (msg != NULL) { + ldap_msgfree(msg); + } + + if (mods != NULL) { + ldap_mods_free(mods, 1); + } + + if (name != NULL) { + free(name); + } + + return ret; +} + +static krb5_error_code +LDAP_remove(krb5_context context, HDB * db, hdb_entry * entry) +{ + krb5_error_code ret; + LDAPMessage *msg, *e; + char *dn = NULL; + + ret = LDAP_principal2message(context, db, entry->principal, &msg); + if (ret != 0) { + goto out; + } + + e = ldap_first_entry((LDAP *) db->db, msg); + if (e == NULL) { + ret = HDB_ERR_NOENTRY; + goto out; + } + + dn = ldap_get_dn((LDAP *) db->db, e); + if (dn == NULL) { + ret = HDB_ERR_NOENTRY; + goto out; + } + + ret = LDAP_NO_LIMIT; + (void) ldap_set_option((LDAP *) db->db, LDAP_OPT_SIZELIMIT, &ret); + + ret = ldap_delete_s((LDAP *) db->db, dn); + if (ret == LDAP_SUCCESS) { + ret = 0; + } else { + ret = HDB_ERR_CANT_LOCK_DB; + } + + out: + if (dn != NULL) { + free(dn); + } + + if (msg != NULL) { + ldap_msgfree(msg); + } + + return ret; +} + +static krb5_error_code +LDAP__get(krb5_context context, HDB * db, krb5_data key, krb5_data * reply) +{ + fprintf(stderr, "LDAP__get not implemented\n"); + abort(); + return 0; +} + +static krb5_error_code +LDAP__put(krb5_context context, HDB * db, int replace, + krb5_data key, krb5_data value) +{ + fprintf(stderr, "LDAP__put not implemented\n"); + abort(); + return 0; +} + +static krb5_error_code +LDAP__del(krb5_context context, HDB * db, krb5_data key) +{ + fprintf(stderr, "LDAP__del not implemented\n"); + abort(); + return 0; +} + +static krb5_error_code LDAP_destroy(krb5_context context, HDB * db) +{ + krb5_error_code ret; + + ret = hdb_clear_master_key(context, db); + free(db->name); + free(db); + + return ret; +} + +krb5_error_code +hdb_ldap_create(krb5_context context, HDB ** db, const char *filename) +{ + *db = malloc(sizeof(**db)); + if (*db == NULL) + return ENOMEM; + + (*db)->db = NULL; +/* (*db)->name = strdup(filename); */ + (*db)->name = NULL; + (*db)->master_key_set = 0; + (*db)->openp = 0; + (*db)->open = LDAP_open; + (*db)->close = LDAP_close; + (*db)->fetch = LDAP_fetch; + (*db)->store = LDAP_store; + (*db)->remove = LDAP_remove; + (*db)->firstkey = LDAP_firstkey; + (*db)->nextkey = LDAP_nextkey; + (*db)->lock = LDAP_lock; + (*db)->unlock = LDAP_unlock; + (*db)->rename = LDAP_rename; + /* can we ditch these? */ + (*db)->_get = LDAP__get; + (*db)->_put = LDAP__put; + (*db)->_del = LDAP__del; + (*db)->destroy = LDAP_destroy; + + return 0; +} + +#endif /* OPENLDAP */ diff --git a/crypto/heimdal/lib/hdb/hdb-private.h b/crypto/heimdal/lib/hdb/hdb-private.h index ce868bd..7563d36 100644 --- a/crypto/heimdal/lib/hdb/hdb-private.h +++ b/crypto/heimdal/lib/hdb/hdb-private.h @@ -26,12 +26,6 @@ _hdb_remove __P(( HDB *db, hdb_entry *entry)); -void -_hdb_seal_keys_int __P(( - hdb_entry *ent, - int key_version, - krb5_data schedule)); - krb5_error_code _hdb_store __P(( krb5_context context, @@ -39,10 +33,4 @@ _hdb_store __P(( unsigned flags, hdb_entry *entry)); -void -_hdb_unseal_keys_int __P(( - hdb_entry *ent, - int key_version, - krb5_data schedule)); - #endif /* __hdb_private_h__ */ diff --git a/crypto/heimdal/lib/hdb/hdb-protos.h b/crypto/heimdal/lib/hdb/hdb-protos.h index e0f15b1..dbb00a5 100644 --- a/crypto/heimdal/lib/hdb/hdb-protos.h +++ b/crypto/heimdal/lib/hdb/hdb-protos.h @@ -14,6 +14,12 @@ #endif krb5_error_code +hdb_add_master_key __P(( + krb5_context context, + krb5_keyblock *key, + hdb_master_key *inout)); + +krb5_error_code hdb_check_db_format __P(( krb5_context context, HDB *db)); @@ -70,6 +76,11 @@ hdb_free_entry __P(( void hdb_free_key __P((Key *key)); +void +hdb_free_master_key __P(( + krb5_context context, + hdb_master_key mkey)); + krb5_error_code hdb_init_db __P(( krb5_context context, @@ -82,6 +93,12 @@ hdb_key2principal __P(( krb5_principal p)); krb5_error_code +hdb_ldap_create __P(( + krb5_context context, + HDB ** db, + const char *filename)); + +krb5_error_code hdb_lock __P(( int fd, int operation)); @@ -95,7 +112,7 @@ hdb_ndbm_create __P(( krb5_error_code hdb_next_enctype2key __P(( krb5_context context, - hdb_entry *e, + const hdb_entry *e, krb5_enctype enctype, Key **key)); @@ -115,25 +132,34 @@ hdb_print_entry __P(( krb5_error_code hdb_process_master_key __P(( krb5_context context, - EncryptionKey key, - krb5_data *schedule)); + int kvno, + krb5_keyblock *key, + krb5_enctype etype, + hdb_master_key *mkey)); krb5_error_code hdb_read_master_key __P(( krb5_context context, const char *filename, - EncryptionKey *key)); + hdb_master_key *mkey)); -void +krb5_error_code hdb_seal_keys __P(( + krb5_context context, HDB *db, hdb_entry *ent)); krb5_error_code +hdb_seal_keys_mkey __P(( + krb5_context context, + hdb_entry *ent, + hdb_master_key mkey)); + +krb5_error_code hdb_set_master_key __P(( krb5_context context, HDB *db, - EncryptionKey key)); + krb5_keyblock *key)); krb5_error_code hdb_set_master_keyfile __P(( @@ -144,15 +170,28 @@ hdb_set_master_keyfile __P(( krb5_error_code hdb_unlock __P((int fd)); -void +krb5_error_code hdb_unseal_keys __P(( + krb5_context context, HDB *db, hdb_entry *ent)); +krb5_error_code +hdb_unseal_keys_mkey __P(( + krb5_context context, + hdb_entry *ent, + hdb_master_key mkey)); + int hdb_value2entry __P(( krb5_context context, krb5_data *value, hdb_entry *ent)); +krb5_error_code +hdb_write_master_key __P(( + krb5_context context, + const char *filename, + hdb_master_key mkey)); + #endif /* __hdb_protos_h__ */ diff --git a/crypto/heimdal/lib/hdb/hdb.asn1 b/crypto/heimdal/lib/hdb/hdb.asn1 index 99537d6..2a20cd1 100644 --- a/crypto/heimdal/lib/hdb/hdb.asn1 +++ b/crypto/heimdal/lib/hdb/hdb.asn1 @@ -1,10 +1,8 @@ --- $Id: hdb.asn1,v 1.7 1999/05/03 16:48:52 joda Exp $ +-- $Id: hdb.asn1,v 1.8 2000/06/19 15:22:22 joda Exp $ HDB DEFINITIONS ::= BEGIN -EncryptionKey EXTERNAL -KerberosTime EXTERNAL -Principal EXTERNAL +IMPORTS EncryptionKey, KerberosTime, Principal FROM krb5; HDB_DB_FORMAT INTEGER ::= 2 -- format of database, -- update when making changes diff --git a/crypto/heimdal/lib/hdb/hdb.c b/crypto/heimdal/lib/hdb/hdb.c index edf6677..1565f03 100644 --- a/crypto/heimdal/lib/hdb/hdb.c +++ b/crypto/heimdal/lib/hdb/hdb.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,17 +33,42 @@ #include "hdb_locl.h" -RCSID("$Id: hdb.c,v 1.35 1999/12/02 17:05:05 joda Exp $"); +RCSID("$Id: hdb.c,v 1.42 2000/11/15 23:12:15 assar Exp $"); + +struct hdb_method { + const char *prefix; + krb5_error_code (*create)(krb5_context, HDB **, const char *filename); +}; + +static struct hdb_method methods[] = { +#ifdef HAVE_DB_H + {"db:", hdb_db_create}, +#endif +#if defined(HAVE_NDBM_H) || defined(HAVE_GDBM_NDBM_H) + {"ndbm:", hdb_ndbm_create}, +#endif +#ifdef OPENLDAP + {"ldap:", hdb_ldap_create}, +#endif +#ifdef HAVE_DB_H + {"", hdb_db_create}, +#elif defined(HAVE_NDBM_H) + {"", hdb_ndbm_create}, +#elif defined(OPENLDAP) + {"", hdb_ldap_create}, +#endif + {NULL, NULL} +}; krb5_error_code hdb_next_enctype2key(krb5_context context, - hdb_entry *e, + const hdb_entry *e, krb5_enctype enctype, Key **key) { Key *k; - for (k = *key ? *key : e->keys.val; + for (k = *key ? (*key) + 1 : e->keys.val; k < e->keys.val + e->keys.len; k++) if(k->key.keytype == enctype){ @@ -63,108 +88,6 @@ hdb_enctype2key(krb5_context context, return hdb_next_enctype2key(context, e, enctype, key); } -/* this is a bit ugly, but will get better when the crypto framework - gets fixed */ - -krb5_error_code -hdb_process_master_key(krb5_context context, EncryptionKey key, - krb5_data *schedule) -{ - krb5_error_code ret; - - if(key.keytype != ETYPE_DES_CBC_MD5) - return KRB5_PROG_KEYTYPE_NOSUPP; - - ret = krb5_data_alloc (schedule, sizeof(des_key_schedule)); - if (ret) - return ret; - - des_set_key((des_cblock*)key.keyvalue.data, schedule->data); - return 0; -} - -krb5_error_code -hdb_read_master_key(krb5_context context, const char *filename, - EncryptionKey *key) -{ - FILE *f; - unsigned char buf[256]; - size_t len; - krb5_error_code ret; - if(filename == NULL) - filename = HDB_DB_DIR "/m-key"; - f = fopen(filename, "r"); - if(f == NULL) - return errno; - len = fread(buf, 1, sizeof(buf), f); - if(ferror(f)) - ret = errno; - else - ret = decode_EncryptionKey(buf, len, key, &len); - fclose(f); - memset(buf, 0, sizeof(buf)); - return ret; -} - -void -_hdb_unseal_keys_int(hdb_entry *ent, int key_version, krb5_data schedule) -{ - int i; - for(i = 0; i < ent->keys.len; i++){ - des_cblock iv; - int num = 0; - if(ent->keys.val[i].mkvno == NULL) - continue; - if(*ent->keys.val[i].mkvno != key_version) - ; - memset(&iv, 0, sizeof(iv)); - - des_cfb64_encrypt(ent->keys.val[i].key.keyvalue.data, - ent->keys.val[i].key.keyvalue.data, - ent->keys.val[i].key.keyvalue.length, - schedule.data, &iv, &num, 0); - free(ent->keys.val[i].mkvno); - ent->keys.val[i].mkvno = NULL; - } -} - -void -hdb_unseal_keys(HDB *db, hdb_entry *ent) -{ - if (db->master_key_set == 0) - return; - _hdb_unseal_keys_int(ent, db->master_key_version, db->master_key); -} - -void -_hdb_seal_keys_int(hdb_entry *ent, int key_version, krb5_data schedule) -{ - int i; - for(i = 0; i < ent->keys.len; i++){ - des_cblock iv; - int num = 0; - - if(ent->keys.val[i].mkvno != NULL) - continue; - memset(&iv, 0, sizeof(iv)); - des_cfb64_encrypt(ent->keys.val[i].key.keyvalue.data, - ent->keys.val[i].key.keyvalue.data, - ent->keys.val[i].key.keyvalue.length, - schedule.data, &iv, &num, 1); - ent->keys.val[i].mkvno = malloc(sizeof(*ent->keys.val[i].mkvno)); - *ent->keys.val[i].mkvno = key_version; - } -} - -void -hdb_seal_keys(HDB *db, hdb_entry *ent) -{ - if (db->master_key_set == 0) - return; - - _hdb_seal_keys_int(ent, db->master_key_version, db->master_key); -} - void hdb_free_key(Key *key) { @@ -179,7 +102,8 @@ hdb_free_key(Key *key) krb5_error_code hdb_lock(int fd, int operation) { - int i, code; + int i, code = 0; + for(i = 0; i < 3; i++){ code = flock(fd, (operation == HDB_RLOCK ? LOCK_SH : LOCK_EX) | LOCK_NB); if(code == 0 || errno != EWOULDBLOCK) @@ -281,69 +205,36 @@ hdb_init_db(krb5_context context, HDB *db) return ret; } -krb5_error_code -hdb_create(krb5_context context, HDB **db, const char *filename) -{ - krb5_error_code ret = 0; - if(filename == NULL) - filename = HDB_DEFAULT_DB; - initialize_hdb_error_table_r(&context->et_list); -#ifdef HAVE_DB_H - ret = hdb_db_create(context, db, filename); -#elif HAVE_NDBM_H - ret = hdb_ndbm_create(context, db, filename); -#else - krb5_errx(context, 1, "No database support! (hdb_create)"); -#endif - return ret; -} +/* + * find the relevant method for `filename', returning a pointer to the + * rest in `rest'. + * return NULL if there's no such method. + */ -krb5_error_code -hdb_set_master_key (krb5_context context, - HDB *db, - EncryptionKey key) +static const struct hdb_method * +find_method (const char *filename, const char **rest) { - krb5_error_code ret; + const struct hdb_method *h; - ret = hdb_process_master_key(context, key, &db->master_key); - if (ret) - return ret; -#if 0 /* XXX - why? */ - des_set_random_generator_seed(key.keyvalue.data); -#endif - db->master_key_set = 1; - db->master_key_version = 0; /* XXX */ - return 0; + for (h = methods; h->prefix != NULL; ++h) + if (strncmp (filename, h->prefix, strlen(h->prefix)) == 0) { + *rest = filename + strlen(h->prefix); + return h; + } + return NULL; } krb5_error_code -hdb_set_master_keyfile (krb5_context context, - HDB *db, - const char *keyfile) +hdb_create(krb5_context context, HDB **db, const char *filename) { - EncryptionKey key; - krb5_error_code ret; - - ret = hdb_read_master_key(context, keyfile, &key); - if (ret) { - if (ret != ENOENT) - return ret; - return 0; - } - ret = hdb_set_master_key(context, db, key); - memset(key.keyvalue.data, 0, key.keyvalue.length); - free_EncryptionKey(&key); - return ret; -} + const struct hdb_method *h; + const char *residual; -krb5_error_code -hdb_clear_master_key (krb5_context context, - HDB *db) -{ - if (db->master_key_set) { - memset(db->master_key.data, 0, db->master_key.length); - krb5_data_free(&db->master_key); - db->master_key_set = 0; - } - return 0; + if(filename == NULL) + filename = HDB_DEFAULT_DB; + initialize_hdb_error_table_r(&context->et_list); + h = find_method (filename, &residual); + if (h == NULL) + krb5_errx(context, 1, "No database support! (hdb_create)"); + return (*h->create)(context, db, residual); } diff --git a/crypto/heimdal/lib/hdb/hdb.h b/crypto/heimdal/lib/hdb/hdb.h index f4cb001..21d739b 100644 --- a/crypto/heimdal/lib/hdb/hdb.h +++ b/crypto/heimdal/lib/hdb/hdb.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -31,7 +31,7 @@ * SUCH DAMAGE. */ -/* $Id: hdb.h,v 1.26 1999/12/02 17:05:05 joda Exp $ */ +/* $Id: hdb.h,v 1.31 2000/07/08 16:03:37 joda Exp $ */ #ifndef __HDB_H__ #define __HDB_H__ @@ -46,12 +46,17 @@ enum hdb_lockop{ HDB_RLOCK, HDB_WLOCK }; #define HDB_F_DECRYPT 1 /* decrypt keys */ #define HDB_F_REPLACE 2 /* replace entry */ +/* key usage for master key */ +#define HDB_KU_MKEY 0x484442 + +typedef struct hdb_master_key_data *hdb_master_key; + typedef struct HDB{ void *db; + void *dbc; char *name; int master_key_set; - krb5_data master_key; - int master_key_version; + hdb_master_key master_key; int openp; krb5_error_code (*open)(krb5_context, struct HDB*, int, mode_t); diff --git a/crypto/heimdal/lib/hdb/hdb_err.et b/crypto/heimdal/lib/hdb/hdb_err.et index a08a2d4..9929a56 100644 --- a/crypto/heimdal/lib/hdb/hdb_err.et +++ b/crypto/heimdal/lib/hdb/hdb_err.et @@ -3,7 +3,7 @@ # # This might look like a com_err file, but is not # -id "$Id: hdb_err.et,v 1.4 1998/02/16 16:29:15 joda Exp $" +id "$Id: hdb_err.et,v 1.5 2001/01/28 23:05:52 assar Exp $" error_table hdb @@ -22,5 +22,6 @@ error_code BADLOCKMODE, "Invalid kdb lock mode" error_code CANT_LOCK_DB, "Insufficient access to lock database" error_code EXISTS, "Entry already exists in database" error_code BADVERSION, "Wrong database version" +error_code NO_MKEY, "No correct master key" end diff --git a/crypto/heimdal/lib/hdb/hdb_locl.h b/crypto/heimdal/lib/hdb/hdb_locl.h index 5d0a6d0..1c825fa 100644 --- a/crypto/heimdal/lib/hdb/hdb_locl.h +++ b/crypto/heimdal/lib/hdb/hdb_locl.h @@ -31,7 +31,7 @@ * SUCH DAMAGE. */ -/* $Id: hdb_locl.h,v 1.13 2000/02/06 05:17:05 assar Exp $ */ +/* $Id: hdb_locl.h,v 1.14 2000/11/14 06:57:17 assar Exp $ */ #ifndef __HDB_LOCL_H__ #define __HDB_LOCL_H__ @@ -67,8 +67,10 @@ #include #endif -#ifdef HAVE_NDBM_H +#if defined(HAVE_NDBM_H) #include +#elif defined(HAVE_GDBM_NDBM_H) +#include #endif int hdb_principal2key(krb5_context, krb5_principal, krb5_data*); diff --git a/crypto/heimdal/lib/hdb/keytab.c b/crypto/heimdal/lib/hdb/keytab.c index d9be75d..5de3cc5 100644 --- a/crypto/heimdal/lib/hdb/keytab.c +++ b/crypto/heimdal/lib/hdb/keytab.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -35,20 +35,24 @@ /* keytab backend for HDB databases */ -RCSID("$Id: keytab.c,v 1.2 1999/08/26 13:24:05 joda Exp $"); +RCSID("$Id: keytab.c,v 1.3 2000/08/27 04:31:42 assar Exp $"); struct hdb_data { char *dbname; char *mkey; - HDB *db; }; +/* + * the format for HDB keytabs is: + * HDB:[database:mkey] + */ + static krb5_error_code hdb_resolve(krb5_context context, const char *name, krb5_keytab id) { - krb5_error_code ret; struct hdb_data *d; const char *db, *mkey; + d = malloc(sizeof(*d)); if(d == NULL) return ENOMEM; @@ -74,7 +78,7 @@ hdb_resolve(krb5_context context, const char *name, krb5_keytab id) free(d); return ENOMEM; } - strncpy(d->dbname, db, mkey - db); + memmove(d->dbname, db, mkey - db); d->dbname[mkey - db] = '\0'; } d->mkey = strdup(mkey + 1); @@ -84,21 +88,6 @@ hdb_resolve(krb5_context context, const char *name, krb5_keytab id) return ENOMEM; } } - ret = hdb_create(context, &d->db, d->dbname); - if(ret) { - free(d->dbname); - free(d->mkey); - free(d); - return ret; - } - ret = hdb_set_master_keyfile (context, d->db, d->mkey); - if(ret) { - (*d->db->destroy)(context, d->db); - free(d->dbname); - free(d->mkey); - free(d); - return ret; - } id->data = d; return 0; } @@ -107,7 +96,9 @@ static krb5_error_code hdb_close(krb5_context context, krb5_keytab id) { struct hdb_data *d = id->data; - (*d->db->destroy)(context, d->db); + + free(d->dbname); + free(d->mkey); free(d); return 0; } @@ -119,6 +110,7 @@ hdb_get_name(krb5_context context, size_t namesize) { struct hdb_data *d = id->data; + snprintf(name, namesize, "%s%s%s", d->dbname ? d->dbname : "", (d->dbname || d->mkey) ? ":" : "", @@ -126,6 +118,68 @@ hdb_get_name(krb5_context context, return 0; } +static void +set_config (krb5_context context, + krb5_config_binding *binding, + const char **dbname, + const char **mkey) +{ + *dbname = krb5_config_get_string(context, binding, "dbname", NULL); + *mkey = krb5_config_get_string(context, binding, "mkey_file", NULL); +} + +/* + * try to figure out the database (`dbname') and master-key (`mkey') + * that should be used for `principal'. + */ + +static void +find_db (krb5_context context, + const char **dbname, + const char **mkey, + krb5_const_principal principal) +{ + krb5_config_binding *top_bind = NULL; + krb5_config_binding *default_binding = NULL; + krb5_config_binding *db; + krb5_realm *prealm = krb5_princ_realm(context, (krb5_principal)principal); + + *dbname = *mkey = NULL; + + while ((db = (krb5_config_binding *) + krb5_config_get_next(context, + NULL, + &top_bind, + krb5_config_list, + "kdc", + "database", + NULL)) != NULL) { + const char *p; + + p = krb5_config_get_string (context, db, "realm", NULL); + if (p == NULL) { + if(default_binding) { + krb5_warnx(context, "WARNING: more than one realm-less " + "database specification"); + krb5_warnx(context, "WARNING: using the first encountered"); + } else + default_binding = db; + } else if (strcmp (*prealm, p) == 0) { + set_config (context, db, dbname, mkey); + break; + } + } + if (*dbname == NULL && default_binding != NULL) + set_config (context, default_binding, dbname, mkey); + if (*dbname == NULL) + *dbname = HDB_DEFAULT_DB; +} + +/* + * find the keytab entry in `id' for `principal, kvno, enctype' and return + * it in `entry'. return 0 or an error code + */ + static krb5_error_code hdb_get_entry(krb5_context context, krb5_keytab id, @@ -138,13 +192,32 @@ hdb_get_entry(krb5_context context, krb5_error_code ret; struct hdb_data *d = id->data; int i; + HDB *db; + const char *dbname = d->dbname; + const char *mkey = d->mkey; + + if (dbname == NULL) + find_db (context, &dbname, &mkey, principal); - ret = (*d->db->open)(context, d->db, O_RDONLY, 0); + ret = hdb_create (context, &db, dbname); if (ret) return ret; + ret = hdb_set_master_keyfile (context, db, mkey); + if (ret) { + (*db->destroy)(context, db); + return ret; + } + + ret = (*db->open)(context, db, O_RDONLY, 0); + if (ret) { + (*db->destroy)(context, db); + return ret; + } ent.principal = (krb5_principal)principal; - ret = (*d->db->fetch)(context, d->db, HDB_F_DECRYPT, &ent); - (*d->db->close)(context, d->db); + ret = (*db->fetch)(context, db, HDB_F_DECRYPT, &ent); + (*db->close)(context, db); + (*db->destroy)(context, db); + if(ret == HDB_ERR_NOENTRY) return KRB5_KT_NOTFOUND; else if(ret) @@ -184,4 +257,3 @@ krb5_kt_ops hdb_kt_ops = { NULL, /* add */ NULL /* remove */ }; - diff --git a/crypto/heimdal/lib/hdb/mkey.c b/crypto/heimdal/lib/hdb/mkey.c new file mode 100644 index 0000000..2c85333 --- /dev/null +++ b/crypto/heimdal/lib/hdb/mkey.c @@ -0,0 +1,475 @@ +/* + * Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "hdb_locl.h" +#ifndef O_BINARY +#define O_BINARY 0 +#endif + +RCSID("$Id: mkey.c,v 1.8 2001/01/30 01:20:57 assar Exp $"); + +struct hdb_master_key_data { + krb5_keytab_entry keytab; + krb5_crypto crypto; + struct hdb_master_key_data *next; +}; + +void +hdb_free_master_key(krb5_context context, hdb_master_key mkey) +{ + struct hdb_master_key_data *ptr; + while(mkey) { + krb5_kt_free_entry(context, &mkey->keytab); + krb5_crypto_destroy(context, mkey->crypto); + ptr = mkey; + mkey = mkey->next; + free(ptr); + } +} + +krb5_error_code +hdb_process_master_key(krb5_context context, + int kvno, krb5_keyblock *key, krb5_enctype etype, + hdb_master_key *mkey) +{ + krb5_error_code ret; + *mkey = calloc(1, sizeof(**mkey)); + if(*mkey == NULL) + return ENOMEM; + (*mkey)->keytab.vno = kvno; + ret = krb5_parse_name(context, "K/M", &(*mkey)->keytab.principal); + ret = krb5_copy_keyblock_contents(context, key, &(*mkey)->keytab.keyblock); + if(ret) { + free(*mkey); + *mkey = NULL; + return ret; + } + if(etype != 0) + (*mkey)->keytab.keyblock.keytype = etype; + (*mkey)->keytab.timestamp = time(NULL); + ret = krb5_crypto_init(context, key, etype, &(*mkey)->crypto); + if(ret) { + krb5_free_keyblock_contents(context, &(*mkey)->keytab.keyblock); + free(*mkey); + *mkey = NULL; + } + return ret; +} + +krb5_error_code +hdb_add_master_key(krb5_context context, krb5_keyblock *key, + hdb_master_key *inout) +{ + int vno = 0; + hdb_master_key p; + krb5_error_code ret; + + for(p = *inout; p; p = p->next) + vno = max(vno, p->keytab.vno); + vno++; + ret = hdb_process_master_key(context, vno, key, 0, &p); + if(ret) + return ret; + p->next = *inout; + *inout = p; + return 0; +} + +static krb5_error_code +read_master_keytab(krb5_context context, const char *filename, + hdb_master_key *mkey) +{ + krb5_error_code ret; + krb5_keytab id; + krb5_kt_cursor cursor; + krb5_keytab_entry entry; + hdb_master_key p; + + ret = krb5_kt_resolve(context, filename, &id); + if(ret) + return ret; + + ret = krb5_kt_start_seq_get(context, id, &cursor); + if(ret) + goto out; + *mkey = NULL; + while(krb5_kt_next_entry(context, id, &entry, &cursor) == 0) { + p = calloc(1, sizeof(*p)); + p->keytab = entry; + ret = krb5_crypto_init(context, &p->keytab.keyblock, 0, &p->crypto); + p->next = *mkey; + *mkey = p; + } + krb5_kt_end_seq_get(context, id, &cursor); + out: + krb5_kt_close(context, id); + return ret; +} + +/* read a MIT master keyfile */ +static krb5_error_code +read_master_mit(krb5_context context, const char *filename, + hdb_master_key *mkey) +{ + int fd; + krb5_error_code ret; + krb5_storage *sp; + u_int16_t enctype; + krb5_keyblock key; + + fd = open(filename, O_RDONLY | O_BINARY); + if(fd < 0) + return errno; + sp = krb5_storage_from_fd(fd); + if(sp == NULL) { + close(fd); + return errno; + } + krb5_storage_set_flags(sp, KRB5_STORAGE_HOST_BYTEORDER); +#if 0 + /* could possibly use ret_keyblock here, but do it with more + checks for now */ + ret = krb5_ret_keyblock(sp, &key); +#else + ret = krb5_ret_int16(sp, &enctype); + if((htons(enctype) & 0xff00) == 0x3000) { + ret = HEIM_ERR_BAD_MKEY; + goto out; + } + key.keytype = enctype; + ret = krb5_ret_data(sp, &key.keyvalue); + if(ret) + goto out; +#endif + ret = hdb_process_master_key(context, 0, &key, 0, mkey); + krb5_free_keyblock_contents(context, &key); + out: + krb5_storage_free(sp); + close(fd); + return ret; +} + +/* read an old master key file */ +static krb5_error_code +read_master_encryptionkey(krb5_context context, const char *filename, + hdb_master_key *mkey) +{ + int fd; + krb5_keyblock key; + krb5_error_code ret; + unsigned char buf[256]; + ssize_t len; + + fd = open(filename, O_RDONLY | O_BINARY); + if(fd < 0) + return errno; + + len = read(fd, buf, sizeof(buf)); + close(fd); + if(len < 0) + return errno; + + ret = decode_EncryptionKey(buf, len, &key, &len); + memset(buf, 0, sizeof(buf)); + if(ret) + return ret; + + /* Originally, the keytype was just that, and later it got changed + to des-cbc-md5, but we always used des in cfb64 mode. This + should cover all cases, but will break if someone has hacked + this code to really use des-cbc-md5 -- but then that's not my + problem. */ + if(key.keytype == KEYTYPE_DES || key.keytype == ETYPE_DES_CBC_MD5) + key.keytype = ETYPE_DES_CFB64_NONE; + + ret = hdb_process_master_key(context, 0, &key, 0, mkey); + krb5_free_keyblock_contents(context, &key); + return ret; +} + +/* read a krb4 /.k style file */ +static krb5_error_code +read_master_krb4(krb5_context context, const char *filename, + hdb_master_key *mkey) +{ + int fd; + krb5_keyblock key; + krb5_error_code ret; + unsigned char buf[256]; + ssize_t len; + + fd = open(filename, O_RDONLY | O_BINARY); + if(fd < 0) + return errno; + + len = read(fd, buf, sizeof(buf)); + close(fd); + if(len < 0) + return errno; + + memset(&key, 0, sizeof(key)); + key.keytype = ETYPE_DES_PCBC_NONE; + ret = krb5_data_copy(&key.keyvalue, buf, len); + memset(buf, 0, sizeof(buf)); + if(ret) + return ret; + + ret = hdb_process_master_key(context, 0, &key, 0, mkey); + krb5_free_keyblock_contents(context, &key); + return ret; +} + +krb5_error_code +hdb_read_master_key(krb5_context context, const char *filename, + hdb_master_key *mkey) +{ + FILE *f; + unsigned char buf[16]; + krb5_error_code ret; + + off_t len; + + *mkey = NULL; + + if(filename == NULL) + filename = HDB_DB_DIR "/m-key"; + + f = fopen(filename, "r"); + if(f == NULL) + return errno; + + if(fread(buf, 1, 2, f) != 2) { + fclose(f); + return HEIM_ERR_EOF; + } + + fseek(f, 0, SEEK_END); + len = ftell(f); + + if(fclose(f) != 0) + return errno; + + if(len < 0) + return errno; + + if(len == 8) { + ret = read_master_krb4(context, filename, mkey); + } else if(buf[0] == 0x30 && len <= 127 && buf[1] == len - 2) { + ret = read_master_encryptionkey(context, filename, mkey); + } else if(buf[0] == 5 && buf[1] >= 1 && buf[1] <= 2) { + ret = read_master_keytab(context, filename, mkey); + } else { + ret = read_master_mit(context, filename, mkey); + } + return ret; +} + +krb5_error_code +hdb_write_master_key(krb5_context context, const char *filename, + hdb_master_key mkey) +{ + krb5_error_code ret; + hdb_master_key p; + krb5_keytab kt; + + if(filename == NULL) + filename = HDB_DB_DIR "/m-key"; + + ret = krb5_kt_resolve(context, filename, &kt); + if(ret) + return ret; + + for(p = mkey; p; p = p->next) { + ret = krb5_kt_add_entry(context, kt, &p->keytab); + } + + krb5_kt_close(context, kt); + + return ret; +} + +static hdb_master_key +find_master_key(Key *key, hdb_master_key mkey) +{ + hdb_master_key ret = NULL; + while(mkey) { + if(ret == NULL && mkey->keytab.vno == 0) + ret = mkey; + if(key->mkvno == NULL) { + if(ret == NULL || mkey->keytab.vno > ret->keytab.vno) + ret = mkey; + } else if(mkey->keytab.vno == *key->mkvno) + return mkey; + mkey = mkey->next; + } + return ret; +} + +krb5_error_code +hdb_unseal_keys_mkey(krb5_context context, hdb_entry *ent, hdb_master_key mkey) +{ + int i; + krb5_error_code ret; + krb5_data res; + Key *k; + + for(i = 0; i < ent->keys.len; i++){ + hdb_master_key key; + + k = &ent->keys.val[i]; + if(k->mkvno == NULL) + continue; + + key = find_master_key(&ent->keys.val[i], mkey); + + if (key == NULL) + return HDB_ERR_NO_MKEY; + + ret = krb5_decrypt(context, key->crypto, HDB_KU_MKEY, + k->key.keyvalue.data, + k->key.keyvalue.length, + &res); + if (ret) + return ret; + + memset(k->key.keyvalue.data, 0, k->key.keyvalue.length); + free(k->key.keyvalue.data); + k->key.keyvalue = res; + free(k->mkvno); + k->mkvno = NULL; + } + return 0; +} + +krb5_error_code +hdb_unseal_keys(krb5_context context, HDB *db, hdb_entry *ent) +{ + if (db->master_key_set == 0) + return 0; + return hdb_unseal_keys_mkey(context, ent, db->master_key); +} + +krb5_error_code +hdb_seal_keys_mkey(krb5_context context, hdb_entry *ent, hdb_master_key mkey) +{ + int i; + krb5_error_code ret; + krb5_data res; + for(i = 0; i < ent->keys.len; i++){ + Key *k = &ent->keys.val[i]; + hdb_master_key key; + + if(k->mkvno != NULL) + continue; + + key = find_master_key(k, mkey); + + if (key == NULL) + return HDB_ERR_NO_MKEY; + + ret = krb5_encrypt(context, key->crypto, HDB_KU_MKEY, + k->key.keyvalue.data, + k->key.keyvalue.length, + &res); + if (ret) + return ret; + + memset(k->key.keyvalue.data, 0, k->key.keyvalue.length); + free(k->key.keyvalue.data); + k->key.keyvalue = res; + + k->mkvno = malloc(sizeof(*k->mkvno)); + if (k->mkvno == NULL) + return ENOMEM; + *k->mkvno = key->keytab.vno; + } + return 0; +} + +krb5_error_code +hdb_seal_keys(krb5_context context, HDB *db, hdb_entry *ent) +{ + if (db->master_key_set == 0) + return 0; + + return hdb_seal_keys_mkey(context, ent, db->master_key); +} + +krb5_error_code +hdb_set_master_key (krb5_context context, + HDB *db, + krb5_keyblock *key) +{ + krb5_error_code ret; + hdb_master_key mkey; + + ret = hdb_process_master_key(context, 0, key, 0, &mkey); + if (ret) + return ret; + db->master_key = mkey; +#if 0 /* XXX - why? */ + des_set_random_generator_seed(key.keyvalue.data); +#endif + db->master_key_set = 1; + return 0; +} + +krb5_error_code +hdb_set_master_keyfile (krb5_context context, + HDB *db, + const char *keyfile) +{ + hdb_master_key key; + krb5_error_code ret; + + ret = hdb_read_master_key(context, keyfile, &key); + if (ret) { + if (ret != ENOENT) + return ret; + return 0; + } + db->master_key = key; + db->master_key_set = 1; + return ret; +} + +krb5_error_code +hdb_clear_master_key (krb5_context context, + HDB *db) +{ + if (db->master_key_set) { + hdb_free_master_key(context, db->master_key); + db->master_key_set = 0; + } + return 0; +} diff --git a/crypto/heimdal/lib/hdb/ndbm.c b/crypto/heimdal/lib/hdb/ndbm.c index 79ca978..b4335f9 100644 --- a/crypto/heimdal/lib/hdb/ndbm.c +++ b/crypto/heimdal/lib/hdb/ndbm.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,9 +33,9 @@ #include "hdb_locl.h" -RCSID("$Id: ndbm.c,v 1.26 1999/12/02 17:05:05 joda Exp $"); +RCSID("$Id: ndbm.c,v 1.30 2001/01/30 01:24:00 assar Exp $"); -#ifdef HAVE_NDBM_H +#if defined(HAVE_NDBM_H) || defined(HAVE_GDBM_NDBM_H) struct ndbm_db { DBM *db; @@ -75,7 +75,7 @@ NDBM_seq(krb5_context context, HDB *db, struct ndbm_db *d = (struct ndbm_db *)db->db; datum key, value; krb5_data key_data, data; - krb5_error_code ret; + krb5_error_code ret = 0; if(first) key = dbm_firstkey(d->db); @@ -93,13 +93,21 @@ NDBM_seq(krb5_context context, HDB *db, data.length = value.dsize; if(hdb_value2entry(context, &data, entry)) return NDBM_seq(context, db, flags, entry, 0); - if (db->master_key_set && (flags & HDB_F_DECRYPT)) - hdb_unseal_keys (db, entry); + if (db->master_key_set && (flags & HDB_F_DECRYPT)) { + ret = hdb_unseal_keys (context, db, entry); + if (ret) + hdb_free_entry (context, entry); + } if (entry->principal == NULL) { entry->principal = malloc (sizeof(*entry->principal)); - hdb_key2principal (context, &key_data, entry->principal); + if (entry->principal == NULL) { + ret = ENOMEM; + hdb_free_entry (context, entry); + } else { + hdb_key2principal (context, &key_data, entry->principal); + } } - return 0; + return ret; } @@ -312,5 +320,4 @@ hdb_ndbm_create(krb5_context context, HDB **db, return 0; } - #endif diff --git a/crypto/heimdal/lib/hdb/print.c b/crypto/heimdal/lib/hdb/print.c index 5db3166..903e78b 100644 --- a/crypto/heimdal/lib/hdb/print.c +++ b/crypto/heimdal/lib/hdb/print.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1999-2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "hdb_locl.h" #include -RCSID("$Id: print.c,v 1.4 1999/12/26 13:50:22 assar Exp $"); +RCSID("$Id: print.c,v 1.5 2001/01/26 15:08:36 joda Exp $"); /* This is the present contents of a dump line. This might change at @@ -75,9 +75,14 @@ append_hex(char *str, krb5_data *data) p[data->length + 1] = '\"'; memcpy(p + 1, data->data, data->length); }else{ - p = calloc(1, data->length * 2 + 1); - for(i = 0; i < data->length; i++) - sprintf(p + 2 * i, "%02x", ((u_char*)data->data)[i]); + const char *xchars = "0123456789abcdef"; + char *q = p = malloc(data->length * 2 + 1); + for(i = 0; i < data->length; i++) { + unsigned char c = ((u_char*)data->data)[i]; + *q++ = xchars[(c & 0xf0) >> 4]; + *q++ = xchars[(c & 0xf)]; + } + *q = '\0'; } strcat(str, p); free(p); @@ -123,6 +128,7 @@ hdb_entry2string(krb5_context context, hdb_entry *ent, char **str) { char *p; char buf[1024] = ""; + char tmp[32]; int i; krb5_error_code ret; @@ -134,29 +140,26 @@ hdb_entry2string(krb5_context context, hdb_entry *ent, char **str) strlcat(buf, " ", sizeof(buf)); free(p); /* --- kvno */ - asprintf(&p, "%d", ent->kvno); - strlcat(buf, p, sizeof(buf)); - free(p); + snprintf(tmp, sizeof(tmp), "%d", ent->kvno); + strlcat(buf, tmp, sizeof(buf)); /* --- keys */ for(i = 0; i < ent->keys.len; i++){ /* --- mkvno, keytype */ if(ent->keys.val[i].mkvno) - asprintf(&p, ":%d:%d:", + snprintf(tmp, sizeof(tmp), ":%d:%d:", *ent->keys.val[i].mkvno, ent->keys.val[i].key.keytype); else - asprintf(&p, "::%d:", + snprintf(tmp, sizeof(tmp), "::%d:", ent->keys.val[i].key.keytype); - strlcat(buf, p, sizeof(buf)); - free(p); + strlcat(buf, tmp, sizeof(buf)); /* --- keydata */ append_hex(buf, &ent->keys.val[i].key.keyvalue); strlcat(buf, ":", sizeof(buf)); /* --- salt */ if(ent->keys.val[i].salt){ - asprintf(&p, "%u/", ent->keys.val[i].salt->type); - strlcat(buf, p, sizeof(buf)); - free(p); + snprintf(tmp, sizeof(tmp), "%u/", ent->keys.val[i].salt->type); + strlcat(buf, tmp, sizeof(buf)); append_hex(buf, &ent->keys.val[i].salt->salt); }else strlcat(buf, "-", sizeof(buf)); @@ -196,28 +199,25 @@ hdb_entry2string(krb5_context context, hdb_entry *ent, char **str) /* --- max life */ if(ent->max_life){ - asprintf(&p, "%d", *ent->max_life); - strlcat(buf, p, sizeof(buf)); - free(p); + snprintf(tmp, sizeof(tmp), "%d", *ent->max_life); + strlcat(buf, tmp, sizeof(buf)); }else strlcat(buf, "-", sizeof(buf)); strlcat(buf, " ", sizeof(buf)); /* --- max renewable life */ if(ent->max_renew){ - asprintf(&p, "%d", *ent->max_renew); - strlcat(buf, p, sizeof(buf)); - free(p); + snprintf(tmp, sizeof(tmp), "%d", *ent->max_renew); + strlcat(buf, tmp, sizeof(buf)); }else strlcat(buf, "-", sizeof(buf)); strlcat(buf, " ", sizeof(buf)); /* --- flags */ - asprintf(&p, "%d", HDBFlags2int(ent->flags)); - strlcat(buf, p, sizeof(buf)); - free(p); - + snprintf(tmp, sizeof(tmp), "%d", HDBFlags2int(ent->flags)); + strlcat(buf, tmp, sizeof(buf)); + *str = strdup(buf); return 0; diff --git a/crypto/heimdal/lib/kadm5/ChangeLog b/crypto/heimdal/lib/kadm5/ChangeLog index f5a6ee4..0d2699d 100644 --- a/crypto/heimdal/lib/kadm5/ChangeLog +++ b/crypto/heimdal/lib/kadm5/ChangeLog @@ -1,3 +1,204 @@ +2001-01-30 Assar Westerlund + + * Makefile.am: bump versions + +2000-12-31 Assar Westerlund + + * init_s.c (*): handle krb5_init_context failure consistently + * init_c.c (init_context): handle krb5_init_context failure + consistently + +2000-12-11 Assar Westerlund + + * Makefile.am (libkadm5srv_la_LDFLAGS): bump version to 7:2:0 + +2000-11-16 Assar Westerlund + + * set_keys.c (make_keys): clean-up salting loop and try not to + leak memory + + * ipropd_master.c (main): check for fd's being too large to select + on + +2000-08-16 Assar Westerlund + + * Makefile.am (libkadm5srv_la_LDFLAGS): bump version to 7:1:0 + +2000-08-10 Assar Westerlund + + * acl.c (fetch_acl): fix wrong cases, use krb5_principal_match + +2000-08-07 Assar Westerlund + + * ipropd_master.c (main): ignore SIGPIPE + +2000-08-06 Assar Westerlund + + * ipropd_slave.c (receive_everything): make `fd' an int instead of + a pointer. From Derrick J Brashear + +2000-08-04 Johan Danielsson + + * admin.h: change void** to void* + +2000-07-25 Johan Danielsson + + * Makefile.am: bump versions to 7:0:0 and 6:0:2 + +2000-07-24 Assar Westerlund + + * log.c (kadm5_log_get_version): rename kadm5_log_get_version_fd + and make a new that takes a context + (kadm5_log_nop): add logging of missing lengths + (kadm5_log_truncate): new function + + * dump_log.c (print_entry): update and correct + * randkey_s.c: call _kadm5_bump_pw_expire + * truncate_log.c: new program for truncating the log + * Makefile.am (sbin_PROGRAMS): add truncate_log + (C_SOURCES): add bump_pw_expire.c + * bump_pw_expire.c: new function for extending password expiration + +2000-07-22 Assar Westerlund + + * keys.c: new file with _kadm5_free_keys, _kadm5_init_keys + + * set_keys.c (free_keys, init_keys): elevate to internal kadm5 + functions + + * chpass_s.c (kadm5_s_chpass_principal_cond): new function + * Makefile.am (C_SOURCES): add keys.c + * init_c.c: remove unused variable and handle some parameters + being NULL + +2000-07-22 Johan Danielsson + + * ipropd_slave.c: use krb5_read_priv_message + + * ipropd_master.c: use krb5_{read,write}_priv_message + + * init_c.c: use krb5_write_priv_message + +2000-07-11 Johan Danielsson + + * ipropd_slave.c: no need to call gethostname, since + sname_to_principal will + + * send_recv.c: assert that we have a connected socket + + * get_princs_c.c: call _kadm5_connect + + * rename_c.c: call _kadm5_connect + + * randkey_c.c: call _kadm5_connect + + * privs_c.c: call _kadm5_connect + + * modify_c.c: call _kadm5_connect + + * get_c.c: call _kadm5_connect + + * delete_c.c: call _kadm5_connect + + * create_c.c: call _kadm5_connect + + * chpass_c.c: call _kadm5_connect + + * private.h: add more fields to client context; remove prototypes + + * admin.h: remove prototypes + + * kadm5-protos.h: move public prototypes here + + * kadm5-private.h: move private prototypes here + + * init_c.c: break out connection code to separate function, and + defer calling it until we actually do something + +2000-07-07 Assar Westerlund + + * set_keys.c (make_keys): also support `[kadmin]use_v4_salt' for + backwards compatability + +2000-06-26 Johan Danielsson + + * set_keys.c (_kadm5_set_keys): rewrite this to be more easily + adaptable to different salts + +2000-06-19 Johan Danielsson + + * get_s.c: pa_* -> KRB5_PADATA_* + +2000-06-16 Assar Westerlund + + * ipropd_slave.c: change default keytab to default keytab (as in + typically FILE:/etc/krb5.keytab) + +2000-06-08 Assar Westerlund + + * ipropd_slave.c: bug fixes, for actually writing the full dump to + the database. based on a patch from Love + +2000-06-07 Assar Westerlund + + * acl.c: add support for patterns of principals + * log.c (kadm5_log_replay_create): handle more NULL pointers + (should they really happen?) + * log.c (kadm5_log_replay_modify): handle max_life == NULL and + max_renew == NULL + + * ipropd_master.c: use syslog. be less verbose + * ipropd_slave.c: use syslog + +2000-06-05 Assar Westerlund + + * private.h (kadm_ops): add kadm_nop more prototypes + * log.c (kadm5_log_set_version, kadm5_log_reinit, kadm5_log_nop, + kadm5_log_replay_nop): add + * ipropd_slave.c: and some more improvements + * ipropd_master.c: lots of improvements + * iprop.h (IPROP_PORT, IPROP_SERVICE): add + (iprop_cmd): add new commands + + * dump_log.c: add nop + +2000-05-15 Assar Westerlund + + * Makefile.am (libkadm5clnt_la_LDFLAGS): set version to 5:1:1 + +2000-05-12 Assar Westerlund + + * get_s.c (kadm5_s_get_principal): set life, rlife to INT_MAX as a + fallback. handle not having any creator. + * destroy_s.c (kadm5_s_destroy): free all allocated memory + * context_s.c (set_field): free variable if it's already set + (find_db_spec): malloc space for all strings + +2000-04-05 Assar Westerlund + + * Makefile.am (LDADD): add LIB_openldap + +2000-04-03 Assar Westerlund + + * Makefile.am (libkadm5srv_la_LDFLAGS): set version to 6:0:1 + (libkadm5clnt_la_LDFLAGS): set version to 5:0:1 + +2000-03-24 Assar Westerlund + + * set_keys.c (_kadm5_set_keys2): rewrite + (_kadm5_set_keys3): add + + * private.h (struct kadm_func): add chpass_principal_with_key + * init_c.c (set_funcs): add chpass_principal_with_key + +2000-03-23 Assar Westerlund + + * context_s.c (set_funcs): add chpass_principal_with_key + * common_glue.c (kadm5_chpass_principal_with_key): add + * chpass_s.c: comment-ize and change calling convention for + _kadm5_set_keys* + * chpass_c.c (kadm5_c_chpass_principal_with_key): add + 2000-02-07 Assar Westerlund * Makefile.am (libkadm5clnt_la_LDFLAGS): set version to 4:2:0 diff --git a/crypto/heimdal/lib/kadm5/Makefile.am b/crypto/heimdal/lib/kadm5/Makefile.am index 89399d4..d554b18 100644 --- a/crypto/heimdal/lib/kadm5/Makefile.am +++ b/crypto/heimdal/lib/kadm5/Makefile.am @@ -1,18 +1,19 @@ -# $Id: Makefile.am,v 1.33 2000/02/07 03:37:27 assar Exp $ +# $Id: Makefile.am,v 1.44 2001/01/30 01:56:00 assar Exp $ include $(top_srcdir)/Makefile.am.common lib_LTLIBRARIES = libkadm5srv.la libkadm5clnt.la -libkadm5srv_la_LDFLAGS = -version-info 5:1:0 -libkadm5clnt_la_LDFLAGS = -version-info 4:2:0 -sbin_PROGRAMS = dump_log replay_log +libkadm5srv_la_LDFLAGS = -version-info 7:3:0 +libkadm5clnt_la_LDFLAGS = -version-info 6:1:2 +sbin_PROGRAMS = dump_log replay_log truncate_log libexec_PROGRAMS = ipropd-master ipropd-slave kadm5includedir = $(includedir)/kadm5 buildkadm5include = $(buildinclude)/kadm5 -kadm5include_HEADERS = kadm5_err.h admin.h private.h +kadm5include_HEADERS = kadm5_err.h admin.h private.h \ + kadm5-protos.h kadm5-private.h install-build-headers:: $(kadm5include_HEADERS) @foo='$(kadm5include_HEADERS)'; \ @@ -27,55 +28,57 @@ install-build-headers:: $(kadm5include_HEADERS) fi ; \ done -C_SOURCES = \ - admin.h \ - chpass_c.c \ - common_glue.c \ - create_c.c \ - delete_c.c \ - destroy_c.c \ - flush_c.c \ - free.c \ - get_c.c \ - get_princs_c.c \ - init_c.c \ - kadm5_err.c \ - kadm5_locl.h \ - marshall.c \ - modify_c.c \ - private.h \ - privs_c.c \ - randkey_c.c \ - rename_c.c \ +C_SOURCES = \ + admin.h \ + chpass_c.c \ + common_glue.c \ + create_c.c \ + delete_c.c \ + destroy_c.c \ + flush_c.c \ + free.c \ + get_c.c \ + get_princs_c.c \ + init_c.c \ + kadm5_err.c \ + kadm5_locl.h \ + marshall.c \ + modify_c.c \ + private.h \ + privs_c.c \ + randkey_c.c \ + rename_c.c \ send_recv.c -S_SOURCES = \ - acl.c \ - admin.h \ - chpass_s.c \ - common_glue.c \ - context_s.c \ - create_s.c \ - delete_s.c \ - destroy_s.c \ - ent_setup.c \ - error.c \ - flush_s.c \ - free.c \ - get_princs_s.c \ - get_s.c \ - init_s.c \ - kadm5_err.c \ - kadm5_locl.h \ - log.c \ - marshall.c \ - modify_s.c \ - private.h \ - privs_s.c \ - randkey_s.c \ - rename_s.c \ - set_keys.c \ - set_modifier.c \ +S_SOURCES = \ + acl.c \ + admin.h \ + bump_pw_expire.c \ + chpass_s.c \ + common_glue.c \ + context_s.c \ + create_s.c \ + delete_s.c \ + destroy_s.c \ + ent_setup.c \ + error.c \ + flush_s.c \ + free.c \ + get_princs_s.c \ + get_s.c \ + init_s.c \ + kadm5_err.c \ + kadm5_locl.h \ + keys.c \ + log.c \ + marshall.c \ + modify_s.c \ + private.h \ + privs_s.c \ + randkey_s.c \ + rename_s.c \ + set_keys.c \ + set_modifier.c \ password_quality.c libkadm5srv_la_SOURCES = $(S_SOURCES) server_glue.c @@ -89,12 +92,15 @@ ipropd_master_SOURCES = ipropd_master.c iprop.h kadm5_locl.h ipropd_slave_SOURCES = ipropd_slave.c iprop.h kadm5_locl.h +truncate_log_SOURCES = truncate_log.c + LDADD = \ libkadm5srv.la \ $(top_builddir)/lib/hdb/libhdb.la \ + $(LIB_openldap) \ $(top_builddir)/lib/krb5/libkrb5.la \ $(top_builddir)/lib/asn1/libasn1.la \ - $(top_builddir)/lib/des/libdes.la \ + $(LIB_des) \ $(LIB_roken) \ $(DBLIB) \ $(LIB_dlopen) diff --git a/crypto/heimdal/lib/kadm5/Makefile.in b/crypto/heimdal/lib/kadm5/Makefile.in index 233ef9d..a281b23 100644 --- a/crypto/heimdal/lib/kadm5/Makefile.in +++ b/crypto/heimdal/lib/kadm5/Makefile.in @@ -1,6 +1,6 @@ -# Makefile.in generated automatically by automake 1.4 from Makefile.am +# Makefile.in generated automatically by automake 1.4a from Makefile.am -# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -10,15 +10,6 @@ # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. -# $Id: Makefile.am,v 1.33 2000/02/07 03:37:27 assar Exp $ - - -# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ - - -# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ - - SHELL = @SHELL@ srcdir = @srcdir@ @@ -40,8 +31,6 @@ mandir = @mandir@ includedir = @includedir@ oldincludedir = /usr/include -DESTDIR = - pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ @@ -54,9 +43,10 @@ AUTOMAKE = @AUTOMAKE@ AUTOHEADER = @AUTOHEADER@ INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_FLAG = transform = @program_transform_name@ NORMAL_INSTALL = : @@ -65,26 +55,39 @@ POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : + +@SET_MAKE@ host_alias = @host_alias@ host_triplet = @host@ -AFS_EXTRA_LD = @AFS_EXTRA_LD@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AMDEP = @AMDEP@ +AMTAR = @AMTAR@ +AS = @AS@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CPP = @CPP@ +CXX = @CXX@ +CXXCPP = @CXXCPP@ DBLIB = @DBLIB@ +DEPDIR = @DEPDIR@ +DIR_des = @DIR_des@ +DIR_roken = @DIR_roken@ +DLLTOOL = @DLLTOOL@ EXEEXT = @EXEEXT@ EXTRA_LIB45 = @EXTRA_LIB45@ GROFF = @GROFF@ +INCLUDES_roken = @INCLUDES_roken@ INCLUDE_ = @INCLUDE_@ -LD = @LD@ LEX = @LEX@ LIBOBJS = @LIBOBJS@ LIBTOOL = @LIBTOOL@ LIB_ = @LIB_@ LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_des = @LIB_des@ +LIB_des_appl = @LIB_des_appl@ LIB_kdb = @LIB_kdb@ LIB_otp = @LIB_otp@ LIB_roken = @LIB_roken@ @@ -92,31 +95,43 @@ LIB_security = @LIB_security@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ -MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ -MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ -MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ -NM = @NM@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ RANLIB = @RANLIB@ +STRIP = @STRIP@ VERSION = @VERSION@ VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ YACC = @YACC@ +dpagaix_CFLAGS = @dpagaix_CFLAGS@ +dpagaix_LDADD = @dpagaix_LDADD@ +install_sh = @install_sh@ + +# $Id: Makefile.am,v 1.44 2001/01/30 01:56:00 assar Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $ + AUTOMAKE_OPTIONS = foreign no-dependencies SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x -INCLUDES = -I$(top_builddir)/include +INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken) AM_CFLAGS = $(WFLAGS) +CP = cp + COMPILE_ET = $(top_builddir)/lib/com_err/compile_et buildinclude = $(top_builddir)/include @@ -136,6 +151,7 @@ LIB_getsockopt = @LIB_getsockopt@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ LIB_odm_initialize = @LIB_odm_initialize@ +LIB_pidfile = @LIB_pidfile@ LIB_readline = @LIB_readline@ LIB_res_search = @LIB_res_search@ LIB_setpcred = @LIB_setpcred@ @@ -144,6 +160,8 @@ LIB_socket = @LIB_socket@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIBS = @LIBS@ + HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ INCLUDE_hesiod = @INCLUDE_hesiod@ @@ -152,43 +170,90 @@ LIB_hesiod = @LIB_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ LIB_krb4 = @LIB_krb4@ +INCLUDE_openldap = @INCLUDE_openldap@ +LIB_openldap = @LIB_openldap@ + INCLUDE_readline = @INCLUDE_readline@ LEXLIB = @LEXLIB@ -cat1dir = $(mandir)/cat1 -cat3dir = $(mandir)/cat3 -cat5dir = $(mandir)/cat5 -cat8dir = $(mandir)/cat8 - -MANRX = \(.*\)\.\([0-9]\) -CATSUFFIX = @CATSUFFIX@ - NROFF_MAN = groff -mandoc -Tascii -@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) +@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la +@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \ +@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la CHECK_LOCAL = $(PROGRAMS) lib_LTLIBRARIES = libkadm5srv.la libkadm5clnt.la -libkadm5srv_la_LDFLAGS = -version-info 5:1:0 -libkadm5clnt_la_LDFLAGS = -version-info 4:2:0 -sbin_PROGRAMS = dump_log replay_log +libkadm5srv_la_LDFLAGS = -version-info 7:3:0 +libkadm5clnt_la_LDFLAGS = -version-info 6:1:2 +sbin_PROGRAMS = dump_log replay_log truncate_log libexec_PROGRAMS = ipropd-master ipropd-slave kadm5includedir = $(includedir)/kadm5 buildkadm5include = $(buildinclude)/kadm5 -kadm5include_HEADERS = kadm5_err.h admin.h private.h - -C_SOURCES = admin.h chpass_c.c common_glue.c create_c.c delete_c.c destroy_c.c flush_c.c free.c get_c.c get_princs_c.c init_c.c kadm5_err.c kadm5_locl.h marshall.c modify_c.c private.h privs_c.c randkey_c.c rename_c.c send_recv.c - - -S_SOURCES = acl.c admin.h chpass_s.c common_glue.c context_s.c create_s.c delete_s.c destroy_s.c ent_setup.c error.c flush_s.c free.c get_princs_s.c get_s.c init_s.c kadm5_err.c kadm5_locl.h log.c marshall.c modify_s.c private.h privs_s.c randkey_s.c rename_s.c set_keys.c set_modifier.c password_quality.c +kadm5include_HEADERS = kadm5_err.h admin.h private.h \ + kadm5-protos.h kadm5-private.h + + +C_SOURCES = \ + admin.h \ + chpass_c.c \ + common_glue.c \ + create_c.c \ + delete_c.c \ + destroy_c.c \ + flush_c.c \ + free.c \ + get_c.c \ + get_princs_c.c \ + init_c.c \ + kadm5_err.c \ + kadm5_locl.h \ + marshall.c \ + modify_c.c \ + private.h \ + privs_c.c \ + randkey_c.c \ + rename_c.c \ + send_recv.c + + +S_SOURCES = \ + acl.c \ + admin.h \ + bump_pw_expire.c \ + chpass_s.c \ + common_glue.c \ + context_s.c \ + create_s.c \ + delete_s.c \ + destroy_s.c \ + ent_setup.c \ + error.c \ + flush_s.c \ + free.c \ + get_princs_s.c \ + get_s.c \ + init_s.c \ + kadm5_err.c \ + kadm5_locl.h \ + keys.c \ + log.c \ + marshall.c \ + modify_s.c \ + private.h \ + privs_s.c \ + randkey_s.c \ + rename_s.c \ + set_keys.c \ + set_modifier.c \ + password_quality.c libkadm5srv_la_SOURCES = $(S_SOURCES) server_glue.c @@ -202,10 +267,22 @@ ipropd_master_SOURCES = ipropd_master.c iprop.h kadm5_locl.h ipropd_slave_SOURCES = ipropd_slave.c iprop.h kadm5_locl.h -LDADD = libkadm5srv.la $(top_builddir)/lib/hdb/libhdb.la $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la $(top_builddir)/lib/des/libdes.la $(LIB_roken) $(DBLIB) $(LIB_dlopen) +truncate_log_SOURCES = truncate_log.c + +LDADD = \ + libkadm5srv.la \ + $(top_builddir)/lib/hdb/libhdb.la \ + $(LIB_openldap) \ + $(top_builddir)/lib/krb5/libkrb5.la \ + $(top_builddir)/lib/asn1/libasn1.la \ + $(LIB_des) \ + $(LIB_roken) \ + $(DBLIB) \ + $(LIB_dlopen) CLEANFILES = kadm5_err.c kadm5_err.h +subdir = lib/kadm5 mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs CONFIG_HEADER = ../../include/config.h CONFIG_CLEAN_FILES = @@ -215,70 +292,87 @@ LTLIBRARIES = $(lib_LTLIBRARIES) DEFS = @DEFS@ -I. -I$(srcdir) -I../../include CPPFLAGS = @CPPFLAGS@ LDFLAGS = @LDFLAGS@ -LIBS = @LIBS@ X_CFLAGS = @X_CFLAGS@ X_LIBS = @X_LIBS@ X_EXTRA_LIBS = @X_EXTRA_LIBS@ X_PRE_LIBS = @X_PRE_LIBS@ -libkadm5srv_la_LIBADD = -libkadm5srv_la_OBJECTS = acl.lo chpass_s.lo common_glue.lo context_s.lo \ -create_s.lo delete_s.lo destroy_s.lo ent_setup.lo error.lo flush_s.lo \ -free.lo get_princs_s.lo get_s.lo init_s.lo kadm5_err.lo log.lo \ -marshall.lo modify_s.lo privs_s.lo randkey_s.lo rename_s.lo set_keys.lo \ -set_modifier.lo password_quality.lo server_glue.lo libkadm5clnt_la_LIBADD = -libkadm5clnt_la_OBJECTS = chpass_c.lo common_glue.lo create_c.lo \ +am_libkadm5clnt_la_OBJECTS = chpass_c.lo common_glue.lo create_c.lo \ delete_c.lo destroy_c.lo flush_c.lo free.lo get_c.lo get_princs_c.lo \ init_c.lo kadm5_err.lo marshall.lo modify_c.lo privs_c.lo randkey_c.lo \ rename_c.lo send_recv.lo client_glue.lo +libkadm5clnt_la_OBJECTS = $(am_libkadm5clnt_la_OBJECTS) +libkadm5srv_la_LIBADD = +am_libkadm5srv_la_OBJECTS = acl.lo bump_pw_expire.lo chpass_s.lo \ +common_glue.lo context_s.lo create_s.lo delete_s.lo destroy_s.lo \ +ent_setup.lo error.lo flush_s.lo free.lo get_princs_s.lo get_s.lo \ +init_s.lo kadm5_err.lo keys.lo log.lo marshall.lo modify_s.lo \ +privs_s.lo randkey_s.lo rename_s.lo set_keys.lo set_modifier.lo \ +password_quality.lo server_glue.lo +libkadm5srv_la_OBJECTS = $(am_libkadm5srv_la_OBJECTS) libexec_PROGRAMS = ipropd-master$(EXEEXT) ipropd-slave$(EXEEXT) -sbin_PROGRAMS = dump_log$(EXEEXT) replay_log$(EXEEXT) +sbin_PROGRAMS = dump_log$(EXEEXT) replay_log$(EXEEXT) \ +truncate_log$(EXEEXT) PROGRAMS = $(libexec_PROGRAMS) $(sbin_PROGRAMS) -ipropd_master_OBJECTS = ipropd_master.$(OBJEXT) +am_dump_log_OBJECTS = dump_log.$(OBJEXT) +dump_log_OBJECTS = $(am_dump_log_OBJECTS) +dump_log_LDADD = $(LDADD) +dump_log_DEPENDENCIES = libkadm5srv.la \ +$(top_builddir)/lib/hdb/libhdb.la $(top_builddir)/lib/krb5/libkrb5.la \ +$(top_builddir)/lib/asn1/libasn1.la +dump_log_LDFLAGS = +am_ipropd_master_OBJECTS = ipropd_master.$(OBJEXT) +ipropd_master_OBJECTS = $(am_ipropd_master_OBJECTS) ipropd_master_LDADD = $(LDADD) ipropd_master_DEPENDENCIES = libkadm5srv.la \ $(top_builddir)/lib/hdb/libhdb.la $(top_builddir)/lib/krb5/libkrb5.la \ -$(top_builddir)/lib/asn1/libasn1.la $(top_builddir)/lib/des/libdes.la +$(top_builddir)/lib/asn1/libasn1.la ipropd_master_LDFLAGS = -ipropd_slave_OBJECTS = ipropd_slave.$(OBJEXT) +am_ipropd_slave_OBJECTS = ipropd_slave.$(OBJEXT) +ipropd_slave_OBJECTS = $(am_ipropd_slave_OBJECTS) ipropd_slave_LDADD = $(LDADD) ipropd_slave_DEPENDENCIES = libkadm5srv.la \ $(top_builddir)/lib/hdb/libhdb.la $(top_builddir)/lib/krb5/libkrb5.la \ -$(top_builddir)/lib/asn1/libasn1.la $(top_builddir)/lib/des/libdes.la +$(top_builddir)/lib/asn1/libasn1.la ipropd_slave_LDFLAGS = -dump_log_OBJECTS = dump_log.$(OBJEXT) -dump_log_LDADD = $(LDADD) -dump_log_DEPENDENCIES = libkadm5srv.la \ -$(top_builddir)/lib/hdb/libhdb.la $(top_builddir)/lib/krb5/libkrb5.la \ -$(top_builddir)/lib/asn1/libasn1.la $(top_builddir)/lib/des/libdes.la -dump_log_LDFLAGS = -replay_log_OBJECTS = replay_log.$(OBJEXT) +am_replay_log_OBJECTS = replay_log.$(OBJEXT) +replay_log_OBJECTS = $(am_replay_log_OBJECTS) replay_log_LDADD = $(LDADD) replay_log_DEPENDENCIES = libkadm5srv.la \ $(top_builddir)/lib/hdb/libhdb.la $(top_builddir)/lib/krb5/libkrb5.la \ -$(top_builddir)/lib/asn1/libasn1.la $(top_builddir)/lib/des/libdes.la +$(top_builddir)/lib/asn1/libasn1.la replay_log_LDFLAGS = -CFLAGS = @CFLAGS@ +am_truncate_log_OBJECTS = truncate_log.$(OBJEXT) +truncate_log_OBJECTS = $(am_truncate_log_OBJECTS) +truncate_log_LDADD = $(LDADD) +truncate_log_DEPENDENCIES = libkadm5srv.la \ +$(top_builddir)/lib/hdb/libhdb.la $(top_builddir)/lib/krb5/libkrb5.la \ +$(top_builddir)/lib/asn1/libasn1.la +truncate_log_LDFLAGS = COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CFLAGS = @CFLAGS@ CCLD = $(CC) -LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +DIST_SOURCES = $(libkadm5clnt_la_SOURCES) $(libkadm5srv_la_SOURCES) \ +$(dump_log_SOURCES) $(ipropd_master_SOURCES) $(ipropd_slave_SOURCES) \ +$(replay_log_SOURCES) $(truncate_log_SOURCES) HEADERS = $(kadm5include_HEADERS) -DIST_COMMON = ChangeLog Makefile.am Makefile.in +depcomp = +DIST_COMMON = $(kadm5include_HEADERS) ChangeLog Makefile.am Makefile.in -DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -TAR = tar GZIP_ENV = --best -SOURCES = $(libkadm5srv_la_SOURCES) $(libkadm5clnt_la_SOURCES) $(ipropd_master_SOURCES) $(ipropd_slave_SOURCES) $(dump_log_SOURCES) $(replay_log_SOURCES) -OBJECTS = $(libkadm5srv_la_OBJECTS) $(libkadm5clnt_la_OBJECTS) $(ipropd_master_OBJECTS) $(ipropd_slave_OBJECTS) $(dump_log_OBJECTS) $(replay_log_OBJECTS) +SOURCES = $(libkadm5clnt_la_SOURCES) $(libkadm5srv_la_SOURCES) $(dump_log_SOURCES) $(ipropd_master_SOURCES) $(ipropd_slave_SOURCES) $(replay_log_SOURCES) $(truncate_log_SOURCES) +OBJECTS = $(am_libkadm5clnt_la_OBJECTS) $(am_libkadm5srv_la_OBJECTS) $(am_dump_log_OBJECTS) $(am_ipropd_master_OBJECTS) $(am_ipropd_slave_OBJECTS) $(am_replay_log_OBJECTS) $(am_truncate_log_OBJECTS) all: all-redirect .SUFFIXES: -.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .s .x +.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .x $(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/kadm5/Makefile @@ -301,31 +395,18 @@ install-libLTLIBRARIES: $(lib_LTLIBRARIES) $(mkinstalldirs) $(DESTDIR)$(libdir) @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ if test -f $$p; then \ - echo "$(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p"; \ - $(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p; \ + echo " $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p"; \ + $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p; \ else :; fi; \ done uninstall-libLTLIBRARIES: @$(NORMAL_UNINSTALL) - list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + echo " $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p"; \ $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \ done -.c.o: - $(COMPILE) -c $< - -# FIXME: We should only use cygpath when building on Windows, -# and only if it is available. -.c.obj: - $(COMPILE) -c `cygpath -w $<` - -.s.o: - $(COMPILE) -c $< - -.S.o: - $(COMPILE) -c $< - mostlyclean-compile: -rm -f *.o core *.core -rm -f *.$(OBJEXT) @@ -337,15 +418,6 @@ distclean-compile: maintainer-clean-compile: -.c.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - -.s.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - -.S.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - mostlyclean-libtool: -rm -f *.lo @@ -356,12 +428,12 @@ distclean-libtool: maintainer-clean-libtool: -libkadm5srv.la: $(libkadm5srv_la_OBJECTS) $(libkadm5srv_la_DEPENDENCIES) - $(LINK) -rpath $(libdir) $(libkadm5srv_la_LDFLAGS) $(libkadm5srv_la_OBJECTS) $(libkadm5srv_la_LIBADD) $(LIBS) - libkadm5clnt.la: $(libkadm5clnt_la_OBJECTS) $(libkadm5clnt_la_DEPENDENCIES) $(LINK) -rpath $(libdir) $(libkadm5clnt_la_LDFLAGS) $(libkadm5clnt_la_OBJECTS) $(libkadm5clnt_la_LIBADD) $(LIBS) +libkadm5srv.la: $(libkadm5srv_la_OBJECTS) $(libkadm5srv_la_DEPENDENCIES) + $(LINK) -rpath $(libdir) $(libkadm5srv_la_LDFLAGS) $(libkadm5srv_la_OBJECTS) $(libkadm5srv_la_LIBADD) $(LIBS) + mostlyclean-libexecPROGRAMS: clean-libexecPROGRAMS: @@ -376,15 +448,18 @@ install-libexecPROGRAMS: $(libexec_PROGRAMS) $(mkinstalldirs) $(DESTDIR)$(libexecdir) @list='$(libexec_PROGRAMS)'; for p in $$list; do \ if test -f $$p; then \ - echo " $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(libexecdir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`"; \ - $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(libexecdir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \ + f="`echo $$p|sed -e 's/$(EXEEXT)$$//' -e '$(transform)' -e 's/$$/$(EXEEXT)/'`"; \ + echo " $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libexecdir)/$$f"; \ + $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libexecdir)/$$f; \ else :; fi; \ done uninstall-libexecPROGRAMS: @$(NORMAL_UNINSTALL) - list='$(libexec_PROGRAMS)'; for p in $$list; do \ - rm -f $(DESTDIR)$(libexecdir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \ + @list='$(libexec_PROGRAMS)'; for p in $$list; do \ + f="`echo $$p|sed -e 's/$(EXEEXT)$$//' -e '$(transform)' -e 's/$$/$(EXEEXT)/'`"; \ + echo " rm -f $(DESTDIR)$(libexecdir)/$$f"; \ + rm -f $(DESTDIR)$(libexecdir)/$$f; \ done mostlyclean-sbinPROGRAMS: @@ -401,17 +476,24 @@ install-sbinPROGRAMS: $(sbin_PROGRAMS) $(mkinstalldirs) $(DESTDIR)$(sbindir) @list='$(sbin_PROGRAMS)'; for p in $$list; do \ if test -f $$p; then \ - echo " $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(sbindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`"; \ - $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(sbindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \ + f="`echo $$p|sed -e 's/$(EXEEXT)$$//' -e '$(transform)' -e 's/$$/$(EXEEXT)/'`"; \ + echo " $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(sbindir)/$$f"; \ + $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(sbindir)/$$f; \ else :; fi; \ done uninstall-sbinPROGRAMS: @$(NORMAL_UNINSTALL) - list='$(sbin_PROGRAMS)'; for p in $$list; do \ - rm -f $(DESTDIR)$(sbindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \ + @list='$(sbin_PROGRAMS)'; for p in $$list; do \ + f="`echo $$p|sed -e 's/$(EXEEXT)$$//' -e '$(transform)' -e 's/$$/$(EXEEXT)/'`"; \ + echo " rm -f $(DESTDIR)$(sbindir)/$$f"; \ + rm -f $(DESTDIR)$(sbindir)/$$f; \ done +dump_log$(EXEEXT): $(dump_log_OBJECTS) $(dump_log_DEPENDENCIES) + @rm -f dump_log$(EXEEXT) + $(LINK) $(dump_log_LDFLAGS) $(dump_log_OBJECTS) $(dump_log_LDADD) $(LIBS) + ipropd-master$(EXEEXT): $(ipropd_master_OBJECTS) $(ipropd_master_DEPENDENCIES) @rm -f ipropd-master$(EXEEXT) $(LINK) $(ipropd_master_LDFLAGS) $(ipropd_master_OBJECTS) $(ipropd_master_LDADD) $(LIBS) @@ -420,48 +502,61 @@ ipropd-slave$(EXEEXT): $(ipropd_slave_OBJECTS) $(ipropd_slave_DEPENDENCIES) @rm -f ipropd-slave$(EXEEXT) $(LINK) $(ipropd_slave_LDFLAGS) $(ipropd_slave_OBJECTS) $(ipropd_slave_LDADD) $(LIBS) -dump_log$(EXEEXT): $(dump_log_OBJECTS) $(dump_log_DEPENDENCIES) - @rm -f dump_log$(EXEEXT) - $(LINK) $(dump_log_LDFLAGS) $(dump_log_OBJECTS) $(dump_log_LDADD) $(LIBS) - replay_log$(EXEEXT): $(replay_log_OBJECTS) $(replay_log_DEPENDENCIES) @rm -f replay_log$(EXEEXT) $(LINK) $(replay_log_LDFLAGS) $(replay_log_OBJECTS) $(replay_log_LDADD) $(LIBS) +truncate_log$(EXEEXT): $(truncate_log_OBJECTS) $(truncate_log_DEPENDENCIES) + @rm -f truncate_log$(EXEEXT) + $(LINK) $(truncate_log_LDFLAGS) $(truncate_log_OBJECTS) $(truncate_log_LDADD) $(LIBS) +.c.o: + $(COMPILE) -c $< +.c.obj: + $(COMPILE) -c `cygpath -w $<` +.c.lo: + $(LTCOMPILE) -c -o $@ $< + install-kadm5includeHEADERS: $(kadm5include_HEADERS) @$(NORMAL_INSTALL) $(mkinstalldirs) $(DESTDIR)$(kadm5includedir) @list='$(kadm5include_HEADERS)'; for p in $$list; do \ if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \ - echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(kadm5includedir)/$$p"; \ - $(INSTALL_DATA) $$d$$p $(DESTDIR)$(kadm5includedir)/$$p; \ + f="`echo $$p | sed -e 's|^.*/||'`"; \ + echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(kadm5includedir)/$$f"; \ + $(INSTALL_DATA) $$d$$p $(DESTDIR)$(kadm5includedir)/$$f; \ done uninstall-kadm5includeHEADERS: @$(NORMAL_UNINSTALL) - list='$(kadm5include_HEADERS)'; for p in $$list; do \ - rm -f $(DESTDIR)$(kadm5includedir)/$$p; \ + @list='$(kadm5include_HEADERS)'; for p in $$list; do \ + f="`echo $$p | sed -e 's|^.*/||'`"; \ + echo " rm -f $(DESTDIR)$(kadm5includedir)/$$f"; \ + rm -f $(DESTDIR)$(kadm5includedir)/$$f; \ done tags: TAGS -ID: $(HEADERS) $(SOURCES) $(LISP) - list='$(SOURCES) $(HEADERS)'; \ - unique=`for i in $$list; do echo $$i; done | \ - awk ' { files[$$0] = 1; } \ +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ - here=`pwd` && cd $(srcdir) \ - && mkid -f$$here/ID $$unique $(LISP) + mkid -fID $$unique $(LISP) -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP) +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) tags=; \ here=`pwd`; \ - list='$(SOURCES) $(HEADERS)'; \ - unique=`for i in $$list; do echo $$i; done | \ - awk ' { files[$$0] = 1; } \ + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ - || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS) + || etags $(ETAGS_ARGS) $$tags $$unique $(LISP) mostlyclean-tags: @@ -474,17 +569,16 @@ maintainer-clean-tags: distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) -subdir = lib/kadm5 - distdir: $(DISTFILES) @for file in $(DISTFILES); do \ d=$(srcdir); \ if test -d $$d/$$file; then \ - cp -pr $$/$$file $(distdir)/$$file; \ + cp -pR $$d/$$file $(distdir) \ + || exit 1; \ else \ test -f $(distdir)/$$file \ - || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ - || cp -p $$d/$$file $(distdir)/$$file || :; \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ fi; \ done $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook @@ -515,7 +609,7 @@ uninstall: uninstall-am all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(HEADERS) all-local all-redirect: all-am install-strip: - $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install + $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install installdirs: $(mkinstalldirs) $(DESTDIR)$(libdir) $(DESTDIR)$(libexecdir) \ $(DESTDIR)$(sbindir) $(DESTDIR)$(kadm5includedir) @@ -531,6 +625,7 @@ distclean-generic: -rm -f config.cache config.log stamp-h stamp-h[0-9]* maintainer-clean-generic: + -rm -f Makefile.in mostlyclean-am: mostlyclean-libLTLIBRARIES mostlyclean-compile \ mostlyclean-libtool mostlyclean-libexecPROGRAMS \ mostlyclean-sbinPROGRAMS mostlyclean-tags \ @@ -578,8 +673,9 @@ clean-tags maintainer-clean-tags distdir info-am info dvi-am dvi \ check-local check check-am installcheck-am installcheck install-exec-am \ install-exec install-data-local install-data-am install-data install-am \ install uninstall-am uninstall all-local all-redirect all-am all \ -installdirs mostlyclean-generic distclean-generic clean-generic \ -maintainer-clean-generic clean mostlyclean distclean maintainer-clean +install-strip installdirs mostlyclean-generic distclean-generic \ +clean-generic maintainer-clean-generic clean mostlyclean distclean \ +maintainer-clean install-suid-programs: @@ -587,7 +683,10 @@ install-suid-programs: for file in $$foo; do \ x=$(DESTDIR)$(bindir)/$$file; \ if chown 0:0 $$x && chmod u+s $$x; then :; else \ - chmod 0 $$x; fi; done + echo "*"; \ + echo "* Failed to install $$x setuid root"; \ + echo "*"; \ + fi; done install-exec-hook: install-suid-programs @@ -599,8 +698,8 @@ install-build-headers:: $(include_HEADERS) $(build_HEADERZ) else file="$$f"; fi; \ if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ : ; else \ - echo " cp $$file $(buildinclude)/$$f"; \ - cp $$file $(buildinclude)/$$f; \ + echo " $(CP) $$file $(buildinclude)/$$f"; \ + $(CP) $$file $(buildinclude)/$$f; \ fi ; \ done @@ -669,87 +768,8 @@ dist-cat8-mans: dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans -install-cat1-mans: - @ext=1;\ - foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat3-mans: - @ext=3;\ - foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat5-mans: - @ext=5;\ - foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat8-mans: - @ext=8;\ - foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans +install-cat-mans: + $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) install-data-local: install-cat-mans diff --git a/crypto/heimdal/lib/kadm5/acl.c b/crypto/heimdal/lib/kadm5/acl.c index 3f42c60..c963171 100644 --- a/crypto/heimdal/lib/kadm5/acl.c +++ b/crypto/heimdal/lib/kadm5/acl.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "kadm5_locl.h" -RCSID("$Id: acl.c,v 1.10 1999/12/02 17:05:05 joda Exp $"); +RCSID("$Id: acl.c,v 1.12 2000/08/10 19:24:08 assar Exp $"); static struct units acl_units[] = { { "all", KADM5_PRIV_ALL }, @@ -68,58 +68,112 @@ _kadm5_privs_to_string(u_int32_t privs, char *string, size_t len) return 0; } -kadm5_ret_t -_kadm5_acl_init(kadm5_server_context *context) +/* + * retrieve the right for the current caller on `princ' (NULL means all) + * and store them in `ret_flags' + * return 0 or an error. + */ + +static kadm5_ret_t +fetch_acl (kadm5_server_context *context, + krb5_const_principal princ, + unsigned *ret_flags) { - FILE *f; - char buf[128]; - krb5_principal princ; - int flags; - krb5_error_code ret; - - krb5_parse_name(context->context, KADM5_ADMIN_SERVICE, &princ); - ret = krb5_principal_compare(context->context, context->caller, princ); - krb5_free_principal(context->context, princ); - if(ret != 0){ - context->acl_flags = KADM5_PRIV_ALL; - return 0; - } + unsigned flags = -1; + FILE *f = fopen(context->config.acl_file, "r"); + krb5_error_code ret = 0; + + if(f != NULL) { + char buf[256]; - flags = -1; - f = fopen(context->config.acl_file, "r"); - if(f){ - while(fgets(buf, sizeof(buf), f)){ + while(fgets(buf, sizeof(buf), f) != NULL){ char *foo = NULL, *p; + krb5_principal this_princ; + + flags = -1; p = strtok_r(buf, " \t\n", &foo); if(p == NULL) continue; - ret = krb5_parse_name(context->context, p, &princ); + ret = krb5_parse_name(context->context, p, &this_princ); if(ret) continue; if(!krb5_principal_compare(context->context, - context->caller, princ)){ - krb5_free_principal(context->context, princ); + context->caller, this_princ)) { + krb5_free_principal(context->context, this_princ); continue; } - krb5_free_principal(context->context, princ); - p = strtok_r(NULL, "\n", &foo); + krb5_free_principal(context->context, this_princ); + p = strtok_r(NULL, " \t\n", &foo); if(p == NULL) continue; ret = _kadm5_string_to_privs(p, &flags); - break; + if (ret) + break; + p = strtok_r(NULL, "\n", &foo); + if (p == NULL) { + ret = 0; + break; + } + if (princ != NULL) { + krb5_principal pattern_princ; + krb5_boolean tmp; + + ret = krb5_parse_name (context->context, p, &pattern_princ); + if (ret) + break; + tmp = krb5_principal_match (context->context, + princ, pattern_princ); + krb5_free_principal (context->context, pattern_princ); + if (tmp) { + ret = 0; + break; + } + } } fclose(f); } if(flags == -1) flags = 0; - context->acl_flags = flags; - return 0; + if (ret == 0) + *ret_flags = flags; + return ret; } +/* + * set global acl flags in `context' for the current caller. + * return 0 on success or an error + */ + kadm5_ret_t -_kadm5_acl_check_permission(kadm5_server_context *context, unsigned op) +_kadm5_acl_init(kadm5_server_context *context) { - unsigned res = ~context->acl_flags & op; + krb5_principal princ; + krb5_error_code ret; + + ret = krb5_parse_name(context->context, KADM5_ADMIN_SERVICE, &princ); + if (ret) + return ret; + ret = krb5_principal_compare(context->context, context->caller, princ); + krb5_free_principal(context->context, princ); + if(ret != 0) { + context->acl_flags = KADM5_PRIV_ALL; + return 0; + } + + return fetch_acl (context, NULL, &context->acl_flags); +} + +/* + * check if `flags' allows `op' + * return 0 if OK or an error + */ + +static kadm5_ret_t +check_flags (unsigned op, + unsigned flags) +{ + unsigned res = ~flags & op; + if(res & KADM5_PRIV_GET) return KADM5_AUTH_GET; if(res & KADM5_PRIV_ADD) @@ -136,3 +190,26 @@ _kadm5_acl_check_permission(kadm5_server_context *context, unsigned op) return KADM5_AUTH_INSUFFICIENT; return 0; } + +/* + * return 0 if the current caller in `context' is allowed to perform + * `op' on `princ' and otherwise an error + * princ == NULL if it's not relevant. + */ + +kadm5_ret_t +_kadm5_acl_check_permission(kadm5_server_context *context, + unsigned op, + krb5_const_principal princ) +{ + kadm5_ret_t ret; + unsigned princ_flags; + + ret = check_flags (op, context->acl_flags); + if (ret == 0) + return ret; + ret = fetch_acl (context, princ, &princ_flags); + if (ret) + return ret; + return check_flags (op, princ_flags); +} diff --git a/crypto/heimdal/lib/kadm5/admin.h b/crypto/heimdal/lib/kadm5/admin.h index 6cb08a3..d9bd85f 100644 --- a/crypto/heimdal/lib/kadm5/admin.h +++ b/crypto/heimdal/lib/kadm5/admin.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -30,7 +30,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ -/* $Id: admin.h,v 1.15 1999/12/02 17:05:05 joda Exp $ */ +/* $Id: admin.h,v 1.18 2000/08/04 11:26:21 joda Exp $ */ #ifndef __KADM5_ADMIN_H__ #define __KADM5_ADMIN_H__ @@ -105,14 +105,14 @@ typedef struct _krb5_key_data { int16_t key_data_kvno; /* Key Version */ int16_t key_data_type[2]; /* Array of types */ int16_t key_data_length[2]; /* Array of lengths */ - void** key_data_contents[2];/* Array of pointers */ + void* key_data_contents[2];/* Array of pointers */ } krb5_key_data; typedef struct _krb5_tl_data { struct _krb5_tl_data* tl_data_next; int16_t tl_data_type; int16_t tl_data_length; - void **tl_data_contents; + void* tl_data_contents; } krb5_tl_data; typedef struct _kadm5_principal_ent_t { @@ -204,462 +204,7 @@ typedef struct _kadm5_config_params { typedef krb5_error_code kadm5_ret_t; -kadm5_ret_t -kadm5_c_chpass_principal __P(( - void *server_handle, - krb5_principal princ, - char *password)); - -kadm5_ret_t -kadm5_c_create_principal __P(( - void *server_handle, - kadm5_principal_ent_t princ, - u_int32_t mask, - char *password)); - -kadm5_ret_t -kadm5_c_delete_principal __P(( - void *server_handle, - krb5_principal princ)); - -kadm5_ret_t -kadm5_c_destroy __P((void *server_handle)); - -kadm5_ret_t -kadm5_c_flush __P((void *server_handle)); - -kadm5_ret_t -kadm5_c_get_principal __P(( - void *server_handle, - krb5_principal princ, - kadm5_principal_ent_t out, - u_int32_t mask)); - -kadm5_ret_t -kadm5_c_get_principals __P(( - void *server_handle, - const char *exp, - char ***princs, - int *count)); - -kadm5_ret_t -kadm5_c_get_privs __P(( - void *server_handle, - u_int32_t *privs)); - -kadm5_ret_t -kadm5_c_init_with_creds __P(( - const char *client_name, - krb5_ccache ccache, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_c_init_with_creds_ctx __P(( - krb5_context context, - const char *client_name, - krb5_ccache ccache, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_c_init_with_password __P(( - const char *client_name, - const char *password, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_c_init_with_password_ctx __P(( - krb5_context context, - const char *client_name, - const char *password, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_c_init_with_skey __P(( - const char *client_name, - const char *keytab, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_c_init_with_skey_ctx __P(( - krb5_context context, - const char *client_name, - const char *keytab, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_c_modify_principal __P(( - void *server_handle, - kadm5_principal_ent_t princ, - u_int32_t mask)); - -kadm5_ret_t -kadm5_c_randkey_principal __P(( - void *server_handle, - krb5_principal princ, - krb5_keyblock **new_keys, - int *n_keys)); - -kadm5_ret_t -kadm5_c_rename_principal __P(( - void *server_handle, - krb5_principal source, - krb5_principal target)); - -kadm5_ret_t -kadm5_chpass_principal __P(( - void *server_handle, - krb5_principal princ, - char *password)); - -kadm5_ret_t -kadm5_create_principal __P(( - void *server_handle, - kadm5_principal_ent_t princ, - u_int32_t mask, - char *password)); - -kadm5_ret_t -kadm5_delete_principal __P(( - void *server_handle, - krb5_principal princ)); - -kadm5_ret_t -kadm5_destroy __P((void *server_handle)); - -kadm5_ret_t -kadm5_flush __P((void *server_handle)); - -void -kadm5_free_key_data __P(( - void *server_handle, - int16_t *n_key_data, - krb5_key_data *key_data)); - -void -kadm5_free_name_list __P(( - void *server_handle, - char **names, - int *count)); - -void -kadm5_free_principal_ent __P(( - void *server_handle, - kadm5_principal_ent_t princ)); - -kadm5_ret_t -kadm5_get_principal __P(( - void *server_handle, - krb5_principal princ, - kadm5_principal_ent_t out, - u_int32_t mask)); - -kadm5_ret_t -kadm5_get_principals __P(( - void *server_handle, - const char *exp, - char ***princs, - int *count)); - -kadm5_ret_t -kadm5_get_privs __P(( - void *server_handle, - u_int32_t *privs)); - -kadm5_ret_t -kadm5_init_with_creds __P(( - const char *client_name, - krb5_ccache ccache, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_init_with_creds_ctx __P(( - krb5_context context, - const char *client_name, - krb5_ccache ccache, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_init_with_password __P(( - const char *client_name, - const char *password, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_init_with_password_ctx __P(( - krb5_context context, - const char *client_name, - const char *password, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_init_with_skey __P(( - const char *client_name, - const char *keytab, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_init_with_skey_ctx __P(( - krb5_context context, - const char *client_name, - const char *keytab, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_modify_principal __P(( - void *server_handle, - kadm5_principal_ent_t princ, - u_int32_t mask)); - -kadm5_ret_t -kadm5_randkey_principal __P(( - void *server_handle, - krb5_principal princ, - krb5_keyblock **new_keys, - int *n_keys)); - -kadm5_ret_t -kadm5_rename_principal __P(( - void *server_handle, - krb5_principal source, - krb5_principal target)); - -kadm5_ret_t -kadm5_ret_key_data __P(( - krb5_storage *sp, - krb5_key_data *key)); - -kadm5_ret_t -kadm5_ret_principal_ent __P(( - krb5_storage *sp, - kadm5_principal_ent_t princ)); - -kadm5_ret_t -kadm5_ret_principal_ent_mask __P(( - krb5_storage *sp, - kadm5_principal_ent_t princ, - u_int32_t *mask)); - -kadm5_ret_t -kadm5_ret_tl_data __P(( - krb5_storage *sp, - krb5_tl_data *tl)); - -kadm5_ret_t -kadm5_s_chpass_principal __P(( - void *server_handle, - krb5_principal princ, - char *password)); - -kadm5_ret_t -kadm5_s_chpass_principal_with_key __P(( - void *server_handle, - krb5_principal princ, - int n_key_data, - krb5_key_data *key_data)); - -kadm5_ret_t -kadm5_s_create_principal __P(( - void *server_handle, - kadm5_principal_ent_t princ, - u_int32_t mask, - char *password)); - -kadm5_ret_t -kadm5_s_create_principal_with_key __P(( - void *server_handle, - kadm5_principal_ent_t princ, - u_int32_t mask)); - -kadm5_ret_t -kadm5_s_delete_principal __P(( - void *server_handle, - krb5_principal princ)); - -kadm5_ret_t -kadm5_s_destroy __P((void *server_handle)); - -kadm5_ret_t -kadm5_s_flush __P((void *server_handle)); - -kadm5_ret_t -kadm5_s_get_principal __P(( - void *server_handle, - krb5_principal princ, - kadm5_principal_ent_t out, - u_int32_t mask)); - -kadm5_ret_t -kadm5_s_get_principals __P(( - void *server_handle, - const char *exp, - char ***princs, - int *count)); - -kadm5_ret_t -kadm5_s_get_privs __P(( - void *server_handle, - u_int32_t *privs)); - -kadm5_ret_t -kadm5_s_init_with_creds __P(( - const char *client_name, - krb5_ccache ccache, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_s_init_with_creds_ctx __P(( - krb5_context context, - const char *client_name, - krb5_ccache ccache, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_s_init_with_password __P(( - const char *client_name, - const char *password, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_s_init_with_password_ctx __P(( - krb5_context context, - const char *client_name, - const char *password, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_s_init_with_skey __P(( - const char *client_name, - const char *keytab, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_s_init_with_skey_ctx __P(( - krb5_context context, - const char *client_name, - const char *keytab, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle)); - -kadm5_ret_t -kadm5_s_modify_principal __P(( - void *server_handle, - kadm5_principal_ent_t princ, - u_int32_t mask)); - -kadm5_ret_t -kadm5_s_randkey_principal __P(( - void *server_handle, - krb5_principal princ, - krb5_keyblock **new_keys, - int *n_keys)); - -kadm5_ret_t -kadm5_s_rename_principal __P(( - void *server_handle, - krb5_principal source, - krb5_principal target)); - -kadm5_ret_t -kadm5_store_key_data __P(( - krb5_storage *sp, - krb5_key_data *key)); - -kadm5_ret_t -kadm5_store_principal_ent __P(( - krb5_storage *sp, - kadm5_principal_ent_t princ)); - -kadm5_ret_t -kadm5_store_principal_ent_mask __P(( - krb5_storage *sp, - kadm5_principal_ent_t princ, - u_int32_t mask)); - -kadm5_ret_t -kadm5_store_tl_data __P(( - krb5_storage *sp, - krb5_tl_data *tl)); - -void -kadm5_setup_passwd_quality_check(krb5_context context, - const char *check_library, - const char *check_function); - -const char * -kadm5_check_password_quality (krb5_context context, - krb5_principal principal, - krb5_data *pwd_data); +#include "kadm5-protos.h" #if 0 /* unimplemented functions */ diff --git a/crypto/heimdal/lib/kadm5/bump_pw_expire.c b/crypto/heimdal/lib/kadm5/bump_pw_expire.c new file mode 100644 index 0000000..a185c20 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/bump_pw_expire.c @@ -0,0 +1,59 @@ +/* + * Copyright (c) 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: bump_pw_expire.c,v 1.1 2000/07/24 03:47:54 assar Exp $"); + +/* + * extend password_expiration if it's defined + */ + +kadm5_ret_t +_kadm5_bump_pw_expire(kadm5_server_context *context, + hdb_entry *ent) +{ + if (ent->pw_end != NULL) { + time_t life; + + life = krb5_config_get_time_default(context->context, + NULL, + 365 * 24 * 60 * 60, + "kadmin", + "password_lifetime", + NULL); + + *(ent->pw_end) = time(NULL) + life; + } + return 0; +} diff --git a/crypto/heimdal/lib/kadm5/chpass_c.c b/crypto/heimdal/lib/kadm5/chpass_c.c index aaec48f..b06b8cd 100644 --- a/crypto/heimdal/lib/kadm5/chpass_c.c +++ b/crypto/heimdal/lib/kadm5/chpass_c.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "kadm5_locl.h" -RCSID("$Id: chpass_c.c,v 1.3 1999/12/02 17:05:05 joda Exp $"); +RCSID("$Id: chpass_c.c,v 1.5 2000/07/11 15:59:14 joda Exp $"); kadm5_ret_t kadm5_c_chpass_principal(void *server_handle, @@ -47,6 +47,10 @@ kadm5_c_chpass_principal(void *server_handle, int32_t tmp; krb5_data reply; + ret = _kadm5_connect(server_handle); + if(ret) + return ret; + sp = krb5_storage_from_mem(buf, sizeof(buf)); if (sp == NULL) return ENOMEM; @@ -68,3 +72,45 @@ kadm5_c_chpass_principal(void *server_handle, krb5_data_free (&reply); return tmp; } + +kadm5_ret_t +kadm5_c_chpass_principal_with_key(void *server_handle, + krb5_principal princ, + int n_key_data, + krb5_key_data *key_data) +{ + kadm5_client_context *context = server_handle; + kadm5_ret_t ret; + krb5_storage *sp; + unsigned char buf[1024]; + int32_t tmp; + krb5_data reply; + int i; + + ret = _kadm5_connect(server_handle); + if(ret) + return ret; + + sp = krb5_storage_from_mem(buf, sizeof(buf)); + if (sp == NULL) + return ENOMEM; + krb5_store_int32(sp, kadm_chpass_with_key); + krb5_store_principal(sp, princ); + krb5_store_int32(sp, n_key_data); + for (i = 0; i < n_key_data; ++i) + kadm5_store_key_data (sp, &key_data[i]); + ret = _kadm5_client_send(context, sp); + krb5_storage_free(sp); + ret = _kadm5_client_recv(context, &reply); + if(ret) + return ret; + sp = krb5_storage_from_data (&reply); + if (sp == NULL) { + krb5_data_free (&reply); + return ENOMEM; + } + krb5_ret_int32(sp, &tmp); + krb5_storage_free(sp); + krb5_data_free (&reply); + return tmp; +} diff --git a/crypto/heimdal/lib/kadm5/chpass_s.c b/crypto/heimdal/lib/kadm5/chpass_s.c index e915124..2133469 100644 --- a/crypto/heimdal/lib/kadm5/chpass_s.c +++ b/crypto/heimdal/lib/kadm5/chpass_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,16 +33,21 @@ #include "kadm5_locl.h" -RCSID("$Id: chpass_s.c,v 1.8 1999/12/02 17:05:05 joda Exp $"); +RCSID("$Id: chpass_s.c,v 1.13 2001/01/30 01:24:28 assar Exp $"); -kadm5_ret_t -kadm5_s_chpass_principal(void *server_handle, - krb5_principal princ, - char *password) +static kadm5_ret_t +change(void *server_handle, + krb5_principal princ, + char *password, + int cond) { kadm5_server_context *context = server_handle; hdb_entry ent; kadm5_ret_t ret; + Key *keys; + size_t num_keys; + int cmp = 1; + ent.principal = princ; ret = context->db->open(context->context, context->db, O_RDWR, 0); if(ret) @@ -51,19 +56,42 @@ kadm5_s_chpass_principal(void *server_handle, 0, &ent); if(ret == HDB_ERR_NOENTRY) goto out; + + num_keys = ent.keys.len; + keys = ent.keys.val; + + ent.keys.len = 0; + ent.keys.val = NULL; + ret = _kadm5_set_keys(context, &ent, password); - if(ret) + if(ret) { + _kadm5_free_keys (server_handle, num_keys, keys); + goto out2; + } + if (cond) + cmp = _kadm5_cmp_keys (ent.keys.val, ent.keys.len, + keys, num_keys); + _kadm5_free_keys (server_handle, num_keys, keys); + + if (cmp == 0) goto out2; + ret = _kadm5_set_modifier(context, &ent); if(ret) goto out2; - hdb_seal_keys(context->db, &ent); + ret = _kadm5_bump_pw_expire(context, &ent); + if (ret) + goto out2; + + ret = hdb_seal_keys(context->context, context->db, &ent); + if (ret) + goto out2; kadm5_log_modify (context, &ent, KADM5_PRINCIPAL | KADM5_MOD_NAME | KADM5_MOD_TIME | - KADM5_KEY_DATA | KADM5_KVNO); + KADM5_KEY_DATA | KADM5_KVNO | KADM5_PW_EXPIRATION); ret = context->db->store(context->context, context->db, HDB_F_REPLACE, &ent); @@ -74,6 +102,36 @@ out: return _kadm5_error_code(ret); } + + +/* + * change the password of `princ' to `password' if it's not already that. + */ + +kadm5_ret_t +kadm5_s_chpass_principal_cond(void *server_handle, + krb5_principal princ, + char *password) +{ + return change (server_handle, princ, password, 1); +} + +/* + * change the password of `princ' to `password' + */ + +kadm5_ret_t +kadm5_s_chpass_principal(void *server_handle, + krb5_principal princ, + char *password) +{ + return change (server_handle, princ, password, 0); +} + +/* + * change keys for `princ' to `keys' + */ + kadm5_ret_t kadm5_s_chpass_principal_with_key(void *server_handle, krb5_principal princ, @@ -90,19 +148,24 @@ kadm5_s_chpass_principal_with_key(void *server_handle, ret = context->db->fetch(context->context, context->db, 0, &ent); if(ret == HDB_ERR_NOENTRY) goto out; - ret = _kadm5_set_keys2(&ent, n_key_data, key_data); + ret = _kadm5_set_keys2(context, &ent, n_key_data, key_data); if(ret) goto out2; ret = _kadm5_set_modifier(context, &ent); if(ret) goto out2; + ret = _kadm5_bump_pw_expire(context, &ent); + if (ret) + goto out2; - hdb_seal_keys(context->db, &ent); + ret = hdb_seal_keys(context->context, context->db, &ent); + if (ret) + goto out2; kadm5_log_modify (context, &ent, KADM5_PRINCIPAL | KADM5_MOD_NAME | KADM5_MOD_TIME | - KADM5_KEY_DATA | KADM5_KVNO); + KADM5_KEY_DATA | KADM5_KVNO | KADM5_PW_EXPIRATION); ret = context->db->store(context->context, context->db, HDB_F_REPLACE, &ent); diff --git a/crypto/heimdal/lib/kadm5/common_glue.c b/crypto/heimdal/lib/kadm5/common_glue.c index 38c551c..b508282 100644 --- a/crypto/heimdal/lib/kadm5/common_glue.c +++ b/crypto/heimdal/lib/kadm5/common_glue.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "kadm5_locl.h" -RCSID("$Id: common_glue.c,v 1.4 1999/12/02 17:05:05 joda Exp $"); +RCSID("$Id: common_glue.c,v 1.5 2000/03/23 22:58:26 assar Exp $"); #define __CALL(F, P) (*((kadm5_common_context*)server_handle)->funcs.F)P; @@ -46,6 +46,16 @@ kadm5_chpass_principal(void *server_handle, } kadm5_ret_t +kadm5_chpass_principal_with_key(void *server_handle, + krb5_principal princ, + int n_key_data, + krb5_key_data *key_data) +{ + return __CALL(chpass_principal_with_key, + (server_handle, princ, n_key_data, key_data)); +} + +kadm5_ret_t kadm5_create_principal(void *server_handle, kadm5_principal_ent_t princ, u_int32_t mask, diff --git a/crypto/heimdal/lib/kadm5/context_s.c b/crypto/heimdal/lib/kadm5/context_s.c index fc52576..805f4f0 100644 --- a/crypto/heimdal/lib/kadm5/context_s.c +++ b/crypto/heimdal/lib/kadm5/context_s.c @@ -33,14 +33,14 @@ #include "kadm5_locl.h" -RCSID("$Id: context_s.c,v 1.13 2000/01/06 21:40:08 assar Exp $"); +RCSID("$Id: context_s.c,v 1.15 2000/05/12 15:22:33 assar Exp $"); static void set_funcs(kadm5_server_context *c) { #define SET(C, F) (C)->funcs.F = kadm5_s_ ## F SET(c, chpass_principal); - SET(c, chpass_principal); + SET(c, chpass_principal_with_key); SET(c, create_principal); SET(c, delete_principal); SET(c, destroy); @@ -66,6 +66,10 @@ set_field(krb5_context context, krb5_config_binding *binding, char **variable) { const char *p; + + if (*variable != NULL) + free (*variable); + p = krb5_config_get_string(context, binding, name, NULL); if(p) *variable = strdup(p); @@ -153,10 +157,10 @@ find_db_spec(kadm5_server_context *ctx) if(default_binding) set_config(ctx, default_binding); else { - ctx->config.dbname = strdup(HDB_DEFAULT_DB); - ctx->config.acl_file = HDB_DB_DIR "/kadmind.acl"; - ctx->config.stash_file = HDB_DB_DIR "/m-key"; - ctx->log_context.log_file = HDB_DB_DIR "/log"; + ctx->config.dbname = strdup(HDB_DEFAULT_DB); + ctx->config.acl_file = strdup(HDB_DB_DIR "/kadmind.acl"); + ctx->config.stash_file = strdup(HDB_DB_DIR "/m-key"); + ctx->log_context.log_file = strdup(HDB_DB_DIR "/log"); memset(&ctx->log_context.socket_name, 0, sizeof(ctx->log_context.socket_name)); ctx->log_context.socket_name.sun_family = AF_UNIX; diff --git a/crypto/heimdal/lib/kadm5/create_c.c b/crypto/heimdal/lib/kadm5/create_c.c index 45eb3e2..8d81cb3 100644 --- a/crypto/heimdal/lib/kadm5/create_c.c +++ b/crypto/heimdal/lib/kadm5/create_c.c @@ -33,7 +33,7 @@ #include "kadm5_locl.h" -RCSID("$Id: create_c.c,v 1.3 1999/12/02 17:05:05 joda Exp $"); +RCSID("$Id: create_c.c,v 1.4 2000/07/11 15:59:21 joda Exp $"); kadm5_ret_t kadm5_c_create_principal(void *server_handle, @@ -48,6 +48,10 @@ kadm5_c_create_principal(void *server_handle, int32_t tmp; krb5_data reply; + ret = _kadm5_connect(server_handle); + if(ret) + return ret; + sp = krb5_storage_from_mem(buf, sizeof(buf)); if (sp == NULL) return ENOMEM; diff --git a/crypto/heimdal/lib/kadm5/create_s.c b/crypto/heimdal/lib/kadm5/create_s.c index 6e352f6..287211b 100644 --- a/crypto/heimdal/lib/kadm5/create_s.c +++ b/crypto/heimdal/lib/kadm5/create_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "kadm5_locl.h" -RCSID("$Id: create_s.c,v 1.16 1999/12/02 17:05:05 joda Exp $"); +RCSID("$Id: create_s.c,v 1.19 2001/01/30 01:24:28 assar Exp $"); static kadm5_ret_t get_default(kadm5_server_context *context, krb5_principal princ, @@ -87,7 +87,8 @@ create_principal(kadm5_server_context *context, def_mask = KADM5_ATTRIBUTES | KADM5_MAX_LIFE | KADM5_MAX_RLIFE; } - ret = _kadm5_setup_entry(ent, mask | def_mask, + ret = _kadm5_setup_entry(context, + ent, mask | def_mask, princ, mask, defent, def_mask); if(defent) @@ -119,11 +120,13 @@ kadm5_s_create_principal_with_key(void *server_handle, if(ret) goto out; - ret = _kadm5_set_keys2(&ent, princ->n_key_data, princ->key_data); + ret = _kadm5_set_keys2(context, &ent, princ->n_key_data, princ->key_data); if(ret) goto out; - hdb_seal_keys(context->db, &ent); + ret = hdb_seal_keys(context->context, context->db, &ent); + if (ret) + goto out; kadm5_log_create (context, &ent); @@ -174,8 +177,12 @@ kadm5_s_create_principal(void *server_handle, ent.keys.val[2].salt->type = hdb_pw_salt; ent.keys.val[3].key.keytype = ETYPE_DES3_CBC_SHA1; ret = _kadm5_set_keys(context, &ent, password); + if (ret) + goto out; - hdb_seal_keys(context->db, &ent); + ret = hdb_seal_keys(context->context, context->db, &ent); + if (ret) + goto out; kadm5_log_create (context, &ent); diff --git a/crypto/heimdal/lib/kadm5/delete_c.c b/crypto/heimdal/lib/kadm5/delete_c.c index 71a3cf0..7575c5e 100644 --- a/crypto/heimdal/lib/kadm5/delete_c.c +++ b/crypto/heimdal/lib/kadm5/delete_c.c @@ -33,7 +33,7 @@ #include "kadm5_locl.h" -RCSID("$Id: delete_c.c,v 1.3 1999/12/02 17:05:05 joda Exp $"); +RCSID("$Id: delete_c.c,v 1.4 2000/07/11 15:59:29 joda Exp $"); kadm5_ret_t kadm5_c_delete_principal(void *server_handle, krb5_principal princ) @@ -45,6 +45,10 @@ kadm5_c_delete_principal(void *server_handle, krb5_principal princ) int32_t tmp; krb5_data reply; + ret = _kadm5_connect(server_handle); + if(ret) + return ret; + sp = krb5_storage_from_mem(buf, sizeof(buf)); if (sp == NULL) return ENOMEM; diff --git a/crypto/heimdal/lib/kadm5/delete_s.c b/crypto/heimdal/lib/kadm5/delete_s.c index ef326587b..2f2bf88 100644 --- a/crypto/heimdal/lib/kadm5/delete_s.c +++ b/crypto/heimdal/lib/kadm5/delete_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "kadm5_locl.h" -RCSID("$Id: delete_s.c,v 1.7 1999/12/02 17:05:05 joda Exp $"); +RCSID("$Id: delete_s.c,v 1.9 2001/01/30 01:24:28 assar Exp $"); kadm5_ret_t kadm5_s_delete_principal(void *server_handle, krb5_principal princ) @@ -57,7 +57,9 @@ kadm5_s_delete_principal(void *server_handle, krb5_principal princ) goto out; } - hdb_seal_keys(context->db, &ent); + ret = hdb_seal_keys(context->context, context->db, &ent); + if (ret) + goto out; kadm5_log_delete (context, princ); diff --git a/crypto/heimdal/lib/kadm5/destroy_s.c b/crypto/heimdal/lib/kadm5/destroy_s.c index 22158d0..a8ad328 100644 --- a/crypto/heimdal/lib/kadm5/destroy_s.c +++ b/crypto/heimdal/lib/kadm5/destroy_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,35 @@ #include "kadm5_locl.h" -RCSID("$Id: destroy_s.c,v 1.5 1999/12/02 17:05:05 joda Exp $"); +RCSID("$Id: destroy_s.c,v 1.6 2000/05/12 15:23:13 assar Exp $"); + +/* + * dealloc a `kadm5_config_params' + */ + +static void +destroy_config (kadm5_config_params *c) +{ + free (c->realm); + free (c->dbname); + free (c->acl_file); + free (c->stash_file); +} + +/* + * dealloc a kadm5_log_context + */ + +static void +destroy_kadm5_log_context (kadm5_log_context *c) +{ + free (c->log_file); + close (c->socket_fd); +} + +/* + * destroy a kadm5 handle + */ kadm5_ret_t kadm5_s_destroy(void *server_handle) @@ -43,8 +71,11 @@ kadm5_s_destroy(void *server_handle) krb5_context kcontext = context->context; ret = context->db->destroy(kcontext, context->db); + destroy_kadm5_log_context (&context->log_context); + destroy_config (&context->config); + krb5_free_principal (kcontext, context->caller); if(context->my_context) krb5_free_context(kcontext); + free (context); return ret; } - diff --git a/crypto/heimdal/lib/kadm5/dump_log.c b/crypto/heimdal/lib/kadm5/dump_log.c index 68a3f53..691f2d3 100644 --- a/crypto/heimdal/lib/kadm5/dump_log.c +++ b/crypto/heimdal/lib/kadm5/dump_log.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -34,7 +34,7 @@ #include "iprop.h" #include "parse_time.h" -RCSID("$Id: dump_log.c,v 1.9 1999/12/04 19:49:43 assar Exp $"); +RCSID("$Id: dump_log.c,v 1.11 2000/07/24 04:30:11 assar Exp $"); static char *op_names[] = { "get", @@ -45,7 +45,9 @@ static char *op_names[] = { "modify", "randkey", "get_privs", - "get_princs" + "get_princs", + "chpass_with_key", + "nop" }; static void @@ -70,7 +72,7 @@ print_entry(kadm5_server_context *server_context, strftime(t, sizeof(t), "%Y-%m-%d %H:%M:%S", localtime(×tamp)); - if(op < kadm_get || op > kadm_get_princs) { + if(op < kadm_get || op > kadm_nop) { printf("unknown op: %d\n", op); sp->seek(sp, end, SEEK_SET); return; @@ -130,11 +132,11 @@ print_entry(kadm5_server_context *server_context, printf(" expires = %s\n", t); } if(mask & KADM5_PW_EXPIRATION) { - if(ent.valid_end == NULL) { + if(ent.pw_end == NULL) { strcpy(t, "never"); } else { strftime(t, sizeof(t), "%Y-%m-%d %H:%M:%S", - localtime(ent.valid_end)); + localtime(ent.pw_end)); } printf(" password exp = %s\n", t); } @@ -197,16 +199,19 @@ print_entry(kadm5_server_context *server_context, } hdb_free_entry(context, &ent); break; + case kadm_nop : + break; default: abort(); } sp->seek(sp, end, SEEK_SET); } -char *realm; -int version_flag; -int help_flag; -struct getargs args[] = { +static char *realm; +static int version_flag; +static int help_flag; + +static struct getargs args[] = { { "realm", 'r', arg_string, &realm }, { "version", 0, arg_flag, &version_flag }, { "help", 0, arg_flag, &help_flag } diff --git a/crypto/heimdal/lib/kadm5/ent_setup.c b/crypto/heimdal/lib/kadm5/ent_setup.c index 46653c7..29fab74 100644 --- a/crypto/heimdal/lib/kadm5/ent_setup.c +++ b/crypto/heimdal/lib/kadm5/ent_setup.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "kadm5_locl.h" -RCSID("$Id: ent_setup.c,v 1.11 1999/12/02 17:05:06 joda Exp $"); +RCSID("$Id: ent_setup.c,v 1.12 2000/03/23 23:02:35 assar Exp $"); #define set_value(X, V) do { if((X) == NULL) (X) = malloc(sizeof(*(X))); *(X) = V; } while(0) #define set_null(X) do { if((X) != NULL) free((X)); (X) = NULL; } while (0) @@ -62,7 +62,8 @@ attr_to_flags(unsigned attr, HDBFlags *flags) */ kadm5_ret_t -_kadm5_setup_entry(hdb_entry *ent, +_kadm5_setup_entry(kadm5_server_context *context, + hdb_entry *ent, u_int32_t mask, kadm5_principal_ent_t princ, u_int32_t princ_mask, @@ -129,7 +130,7 @@ _kadm5_setup_entry(hdb_entry *ent, } if(mask & KADM5_KEY_DATA && princ_mask & KADM5_KEY_DATA) { - _kadm5_set_keys2(ent, princ->n_key_data, princ->key_data); + _kadm5_set_keys2(context, ent, princ->n_key_data, princ->key_data); } if(mask & KADM5_TL_DATA) { /* XXX */ diff --git a/crypto/heimdal/lib/kadm5/get_c.c b/crypto/heimdal/lib/kadm5/get_c.c index 9ca672a..279a77a 100644 --- a/crypto/heimdal/lib/kadm5/get_c.c +++ b/crypto/heimdal/lib/kadm5/get_c.c @@ -33,7 +33,7 @@ #include "kadm5_locl.h" -RCSID("$Id: get_c.c,v 1.5 1999/12/02 17:05:06 joda Exp $"); +RCSID("$Id: get_c.c,v 1.6 2000/07/11 15:59:36 joda Exp $"); kadm5_ret_t kadm5_c_get_principal(void *server_handle, @@ -48,6 +48,10 @@ kadm5_c_get_principal(void *server_handle, int32_t tmp; krb5_data reply; + ret = _kadm5_connect(server_handle); + if(ret) + return ret; + sp = krb5_storage_from_mem(buf, sizeof(buf)); if (sp == NULL) return ENOMEM; diff --git a/crypto/heimdal/lib/kadm5/get_princs_c.c b/crypto/heimdal/lib/kadm5/get_princs_c.c index 0956052..3536cdf 100644 --- a/crypto/heimdal/lib/kadm5/get_princs_c.c +++ b/crypto/heimdal/lib/kadm5/get_princs_c.c @@ -33,7 +33,7 @@ #include "kadm5_locl.h" -RCSID("$Id: get_princs_c.c,v 1.3 1999/12/02 17:05:06 joda Exp $"); +RCSID("$Id: get_princs_c.c,v 1.4 2000/07/11 16:00:19 joda Exp $"); kadm5_ret_t kadm5_c_get_principals(void *server_handle, @@ -48,6 +48,10 @@ kadm5_c_get_principals(void *server_handle, int32_t tmp; krb5_data reply; + ret = _kadm5_connect(server_handle); + if(ret) + return ret; + sp = krb5_storage_from_mem(buf, sizeof(buf)); if (sp == NULL) return ENOMEM; diff --git a/crypto/heimdal/lib/kadm5/get_s.c b/crypto/heimdal/lib/kadm5/get_s.c index 12613b6..0851900 100644 --- a/crypto/heimdal/lib/kadm5/get_s.c +++ b/crypto/heimdal/lib/kadm5/get_s.c @@ -33,7 +33,7 @@ #include "kadm5_locl.h" -RCSID("$Id: get_s.c,v 1.11 1999/12/26 19:38:23 assar Exp $"); +RCSID("$Id: get_s.c,v 1.13 2000/06/19 16:11:31 joda Exp $"); kadm5_ret_t kadm5_s_get_principal(void *server_handle, @@ -78,8 +78,12 @@ kadm5_s_get_principal(void *server_handle, out->attributes |= ent.flags.server ? 0 : KRB5_KDB_DISALLOW_SVR; out->attributes |= ent.flags.change_pw ? KRB5_KDB_PWCHANGE_SERVICE : 0; } - if(mask & KADM5_MAX_LIFE && ent.max_life) - out->max_life = *ent.max_life; + if(mask & KADM5_MAX_LIFE) { + if(ent.max_life) + out->max_life = *ent.max_life; + else + out->max_life = INT_MAX; + } if(mask & KADM5_MOD_TIME) { if(ent.modified_by) out->mod_date = ent.modified_by->time; @@ -92,10 +96,12 @@ kadm5_s_get_principal(void *server_handle, ret = krb5_copy_principal(context->context, ent.modified_by->principal, &out->mod_name); - } else + } else if(ent.created_by.principal != NULL) ret = krb5_copy_principal(context->context, ent.created_by.principal, &out->mod_name); + else + out->mod_name = NULL; } if(ret) goto out; @@ -115,8 +121,12 @@ kadm5_s_get_principal(void *server_handle, /* XXX implement */; if(mask & KADM5_POLICY) out->policy = NULL; - if(mask & KADM5_MAX_RLIFE && ent.max_renew) - out->max_renewable_life = *ent.max_renew; + if(mask & KADM5_MAX_RLIFE) { + if(ent.max_renew) + out->max_renewable_life = *ent.max_renew; + else + out->max_renewable_life = INT_MAX; + } if(mask & KADM5_LAST_SUCCESS) /* XXX implement */; if(mask & KADM5_LAST_FAILED) @@ -140,7 +150,7 @@ kadm5_s_get_principal(void *server_handle, if(key->salt) kd->key_data_type[1] = key->salt->type; else - kd->key_data_type[1] = pa_pw_salt; + kd->key_data_type[1] = KRB5_PADATA_PW_SALT; /* setup key */ kd->key_data_length[0] = key->key.keyvalue.length; kd->key_data_contents[0] = malloc(kd->key_data_length[0]); diff --git a/crypto/heimdal/lib/kadm5/init_c.c b/crypto/heimdal/lib/kadm5/init_c.c index 098e9c8..e4df034 100644 --- a/crypto/heimdal/lib/kadm5/init_c.c +++ b/crypto/heimdal/lib/kadm5/init_c.c @@ -37,14 +37,14 @@ #include #include -RCSID("$Id: init_c.c,v 1.35 2000/01/28 03:20:18 assar Exp $"); +RCSID("$Id: init_c.c,v 1.40 2000/12/31 08:00:23 assar Exp $"); static void set_funcs(kadm5_client_context *c) { #define SET(C, F) (C)->funcs.F = kadm5 ## _c_ ## F SET(c, chpass_principal); - SET(c, chpass_principal); + SET(c, chpass_principal_with_key); SET(c, create_principal); SET(c, delete_principal); SET(c, destroy); @@ -288,21 +288,10 @@ get_cred_cache(krb5_context context, return ret; } -static kadm5_ret_t -kadm5_c_init_with_context(krb5_context context, - const char *client_name, - const char *password, - krb5_prompter_fct prompter, - const char *keytab, - krb5_ccache ccache, - const char *service_name, - kadm5_config_params *realm_params, - unsigned long struct_version, - unsigned long api_version, - void **server_handle) +static kadm5_ret_t +kadm_connect(kadm5_client_context *ctx) { kadm5_ret_t ret; - kadm5_client_context *ctx; krb5_principal server; krb5_ccache cc; int s; @@ -311,15 +300,12 @@ kadm5_c_init_with_context(krb5_context context, int error; char portstr[NI_MAXSERV]; char *hostname, *slash; + krb5_context context = ctx->context; memset (&hints, 0, sizeof(hints)); hints.ai_socktype = SOCK_STREAM; hints.ai_protocol = IPPROTO_TCP; - - ret = _kadm5_c_init_context(&ctx, realm_params, context); - if(ret) - return ret; - + snprintf (portstr, sizeof(portstr), "%u", ntohs(ctx->kadmind_port)); hostname = ctx->admin_server; @@ -347,8 +333,9 @@ kadm5_c_init_with_context(krb5_context context, krb5_warnx (context, "failed to contact %s", hostname); return KADM5_FAILURE; } - ret = get_cred_cache(context, client_name, service_name, - password, prompter, keytab, ccache, &cc); + ret = get_cred_cache(context, ctx->client_name, ctx->service_name, + NULL, ctx->prompter, ctx->keytab, + ctx->ccache, &cc); if(ret) { freeaddrinfo (ai); @@ -358,7 +345,7 @@ kadm5_c_init_with_context(krb5_context context, ret = krb5_parse_name(context, KADM5_ADMIN_SERVICE, &server); if(ret) { freeaddrinfo (ai); - if(ccache == NULL) + if(ctx->ccache == NULL) krb5_cc_close(context, cc); close(s); return ret; @@ -370,19 +357,18 @@ kadm5_c_init_with_context(krb5_context context, server, AP_OPTS_MUTUAL_REQUIRED, NULL, NULL, cc, NULL, NULL, NULL); if(ret == 0) { - krb5_data params, enc_data; - ret = _kadm5_marshal_params(context, realm_params, ¶ms); - - ret = krb5_mk_priv(context, - ctx->ac, - ¶ms, - &enc_data, - NULL); - - ret = krb5_write_message(context, &s, &enc_data); + krb5_data params; + ret = _kadm5_marshal_params(context, ctx->realm_params, ¶ms); + ret = krb5_write_priv_message(context, ctx->ac, &s, ¶ms); krb5_data_free(¶ms); - krb5_data_free(&enc_data); + if(ret) { + freeaddrinfo (ai); + close(s); + if(ctx->ccache == NULL) + krb5_cc_close(context, cc); + return ret; + } } else if(ret == KRB5_SENDAUTH_BADAPPLVERS) { close(s); @@ -396,8 +382,6 @@ kadm5_c_init_with_context(krb5_context context, freeaddrinfo (ai); return errno; } - freeaddrinfo (ai); - ret = krb5_sendauth(context, &ctx->ac, &s, KADMIN_OLD_APPL_VERSION, NULL, server, AP_OPTS_MUTUAL_REQUIRED, @@ -410,13 +394,70 @@ kadm5_c_init_with_context(krb5_context context, } krb5_free_principal(context, server); - if(ccache == NULL) + if(ctx->ccache == NULL) krb5_cc_close(context, cc); if(ret) { close(s); return ret; } ctx->sock = s; + + return 0; +} + +kadm5_ret_t +_kadm5_connect(void *handle) +{ + kadm5_client_context *ctx = handle; + if(ctx->sock == -1) + return kadm_connect(ctx); + return 0; +} + +static kadm5_ret_t +kadm5_c_init_with_context(krb5_context context, + const char *client_name, + const char *password, + krb5_prompter_fct prompter, + const char *keytab, + krb5_ccache ccache, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle) +{ + kadm5_ret_t ret; + kadm5_client_context *ctx; + krb5_ccache cc; + + ret = _kadm5_c_init_context(&ctx, realm_params, context); + if(ret) + return ret; + + if(password != NULL && *password != '\0') { + ret = get_cred_cache(context, client_name, service_name, + password, prompter, keytab, ccache, &cc); + if(ret) + return ret; /* XXX */ + ccache = cc; + } + + + if (client_name != NULL) + ctx->client_name = strdup(client_name); + else + ctx->client_name = NULL; + if (service_name != NULL) + ctx->service_name = strdup(service_name); + else + ctx->service_name = NULL; + ctx->prompter = prompter; + ctx->keytab = keytab; + ctx->ccache = ccache; + ctx->realm_params = realm_params; + ctx->sock = -1; + *server_handle = ctx; return 0; } @@ -437,7 +478,9 @@ init_context(const char *client_name, kadm5_ret_t ret; kadm5_server_context *ctx; - krb5_init_context(&context); + ret = krb5_init_context(&context); + if (ret) + return ret; ret = kadm5_c_init_with_context(context, client_name, password, diff --git a/crypto/heimdal/lib/kadm5/init_s.c b/crypto/heimdal/lib/kadm5/init_s.c index 6c1f3d1..bf5d036 100644 --- a/crypto/heimdal/lib/kadm5/init_s.c +++ b/crypto/heimdal/lib/kadm5/init_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "kadm5_locl.h" -RCSID("$Id: init_s.c,v 1.9 1999/12/02 17:05:06 joda Exp $"); +RCSID("$Id: init_s.c,v 1.10 2000/12/31 08:01:16 assar Exp $"); static kadm5_ret_t @@ -113,7 +113,9 @@ kadm5_s_init_with_password(const char *client_name, kadm5_ret_t ret; kadm5_server_context *ctx; - krb5_init_context(&context); + ret = krb5_init_context(&context); + if (ret) + return ret; ret = kadm5_s_init_with_password_ctx(context, client_name, password, @@ -163,7 +165,9 @@ kadm5_s_init_with_skey(const char *client_name, kadm5_ret_t ret; kadm5_server_context *ctx; - krb5_init_context(&context); + ret = krb5_init_context(&context); + if (ret) + return ret; ret = kadm5_s_init_with_skey_ctx(context, client_name, keytab, @@ -213,7 +217,9 @@ kadm5_s_init_with_creds(const char *client_name, kadm5_ret_t ret; kadm5_server_context *ctx; - krb5_init_context(&context); + ret = krb5_init_context(&context); + if (ret) + return ret; ret = kadm5_s_init_with_creds_ctx(context, client_name, ccache, diff --git a/crypto/heimdal/lib/kadm5/iprop.h b/crypto/heimdal/lib/kadm5/iprop.h index 499f515..a8f2b7f 100644 --- a/crypto/heimdal/lib/kadm5/iprop.h +++ b/crypto/heimdal/lib/kadm5/iprop.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998-1999 Kungliga Tekniska Högskolan + * Copyright (c) 1998-2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -31,7 +31,7 @@ * SUCH DAMAGE. */ -/* $Id: iprop.h,v 1.4 1999/12/02 17:05:06 joda Exp $ */ +/* $Id: iprop.h,v 1.5 2000/06/05 17:02:43 assar Exp $ */ #ifndef __IPROP_H__ #define __IPROP_H__ @@ -48,6 +48,15 @@ #define IPROP_NAME "iprop" -enum iprop_cmd { I_HAVE = 1, FOR_YOU = 2 }; +#define IPROP_SERVICE "iprop" + +#define IPROP_PORT 2121 + +enum iprop_cmd { I_HAVE = 1, + FOR_YOU = 2, + TELL_YOU_EVERYTHING = 3, + ONE_PRINC = 4, + NOW_YOU_HAVE = 5 +}; #endif /* __IPROP_H__ */ diff --git a/crypto/heimdal/lib/kadm5/ipropd_master.c b/crypto/heimdal/lib/kadm5/ipropd_master.c index b2e71a7..99cddc4 100644 --- a/crypto/heimdal/lib/kadm5/ipropd_master.c +++ b/crypto/heimdal/lib/kadm5/ipropd_master.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,9 @@ #include "iprop.h" -RCSID("$Id: ipropd_master.c,v 1.12 1999/12/02 17:05:06 joda Exp $"); +RCSID("$Id: ipropd_master.c,v 1.21 2000/11/15 23:12:45 assar Exp $"); + +static krb5_log_facility *log_facility; static int make_signal_socket (krb5_context context) @@ -46,8 +48,7 @@ make_signal_socket (krb5_context context) krb5_err (context, 1, errno, "socket AF_UNIX"); memset (&addr, 0, sizeof(addr)); addr.sun_family = AF_UNIX; - strncpy (addr.sun_path, KADM5_LOG_SIGNAL, sizeof(addr.sun_path)); - addr.sun_path[sizeof(addr.sun_path) - 1] = '\0'; + strlcpy (addr.sun_path, KADM5_LOG_SIGNAL, sizeof(addr.sun_path)); unlink (addr.sun_path); if (bind (fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) krb5_err (context, 1, errno, "bind %s", addr.sun_path); @@ -67,7 +68,8 @@ make_listen_socket (krb5_context context) setsockopt (fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one)); memset (&addr, 0, sizeof(addr)); addr.sin_family = AF_INET; - addr.sin_port = htons(4711); + addr.sin_port = krb5_getportbyname (context, + IPROP_SERVICE, "tcp", IPROP_PORT); if(bind(fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) krb5_err (context, 1, errno, "bind"); if (listen(fd, SOMAXCONN) < 0) @@ -109,12 +111,12 @@ check_acl (krb5_context context, const char *name) } static void -add_slave (krb5_context context, slave **root, int fd) +add_slave (krb5_context context, krb5_keytab keytab, slave **root, int fd) { krb5_principal server; krb5_error_code ret; slave *s; - int addr_len; + socklen_t addr_len; krb5_ticket *ticket = NULL; char hostname[128]; @@ -141,7 +143,7 @@ add_slave (krb5_context context, slave **root, int fd) } ret = krb5_recvauth (context, &s->ac, &s->fd, - IPROP_VERSION, server, 0, NULL, &ticket); + IPROP_VERSION, server, 0, keytab, &ticket); krb5_free_principal (context, server); if (ret) { krb5_warn (context, ret, "krb5_recvauth"); @@ -157,7 +159,7 @@ add_slave (krb5_context context, slave **root, int fd) goto error; } krb5_free_ticket (context, ticket); - printf ("connection from %s\n", s->name); + krb5_warnx (context, "connection from %s", s->name); s->version = 0; s->next = *root; @@ -191,24 +193,87 @@ remove_slave (krb5_context context, slave *s, slave **root) free (s); } +struct prop_context { + krb5_auth_context auth_context; + int fd; +}; + +static int +prop_one (krb5_context context, HDB *db, hdb_entry *entry, void *v) +{ + krb5_error_code ret; + krb5_data data; + struct slave *slave = (struct slave *)v; + + ret = hdb_entry2value (context, entry, &data); + if (ret) + return ret; + ret = krb5_data_realloc (&data, data.length + 4); + if (ret) { + krb5_data_free (&data); + return ret; + } + memmove ((char *)data.data + 4, data.data, data.length - 4); + _krb5_put_int (data.data, ONE_PRINC, 4); + + ret = krb5_write_priv_message (context, slave->ac, &slave->fd, &data); + krb5_data_free (&data); + return ret; +} + static int -send_complete (krb5_context context, slave *s) +send_complete (krb5_context context, slave *s, + const char *database, u_int32_t current_version) { - abort (); + krb5_error_code ret; + HDB *db; + krb5_data data; + char buf[8]; + + ret = hdb_create (context, &db, database); + if (ret) + krb5_err (context, 1, ret, "hdb_create: %s", database); + ret = db->open (context, db, O_RDONLY, 0); + if (ret) + krb5_err (context, 1, ret, "db->open"); + + _krb5_put_int(buf, TELL_YOU_EVERYTHING, 4); + + data.data = buf; + data.length = 4; + + ret = krb5_write_priv_message(context, s->ac, &s->fd, &data); + + if (ret) + krb5_err (context, 1, ret, "krb5_write_priv_message"); + + ret = hdb_foreach (context, db, 0, prop_one, s); + if (ret) + krb5_err (context, 1, ret, "hdb_foreach"); + + _krb5_put_int (buf, NOW_YOU_HAVE, 4); + _krb5_put_int (buf + 4, current_version, 4); + data.length = 8; + + ret = krb5_write_priv_message(context, s->ac, &s->fd, &data); + + if (ret) + krb5_err (context, 1, ret, "krb5_write_priv_message"); + + return 0; } static int send_diffs (krb5_context context, slave *s, int log_fd, - u_int32_t current_version) + const char *database, u_int32_t current_version) { - krb5_storage *sp, *data_sp; + krb5_storage *sp; u_int32_t ver; time_t timestamp; enum kadm_ops op; u_int32_t len; off_t right, left; krb5_data data; - krb5_data priv_data; int ret = 0; if (s->version == current_version) @@ -216,18 +281,16 @@ send_diffs (krb5_context context, slave *s, int log_fd, sp = kadm5_log_goto_end (log_fd); right = sp->seek(sp, 0, SEEK_CUR); - printf ("%ld, looking for %d\n", (long)right, s->version); for (;;) { if (kadm5_log_previous (sp, &ver, ×tamp, &op, &len)) abort (); - printf ("version = %d\n", ver); left = sp->seek(sp, -16, SEEK_CUR); if (ver == s->version) return 0; if (ver == s->version + 1) break; if (left == 0) - return send_complete (context, s); + return send_complete (context, s, database, current_version); } krb5_data_alloc (&data, right - left + 4); sp->fetch (sp, (char *)data.data + 4, data.length - 4); @@ -235,17 +298,10 @@ send_diffs (krb5_context context, slave *s, int log_fd, _krb5_put_int(data.data, FOR_YOU, 4); - ret = krb5_mk_priv (context, s->ac, &data, &priv_data, NULL); - krb5_data_free(&data); - if (ret) { - krb5_warn (context, ret, "krb_mk_priv"); - return 0; - } + ret = krb5_write_priv_message(context, s->ac, &s->fd, &data); - ret = krb5_write_message (context, &s->fd, &priv_data); - krb5_data_free (&priv_data); if (ret) { - krb5_warn (context, ret, "krb5_write_message"); + krb5_warn (context, ret, "krb5_write_priv_message"); return 1; } return 0; @@ -253,26 +309,16 @@ send_diffs (krb5_context context, slave *s, int log_fd, static int process_msg (krb5_context context, slave *s, int log_fd, - u_int32_t current_version) + const char *database, u_int32_t current_version) { int ret = 0; - krb5_data in, out; + krb5_data out; krb5_storage *sp; int32_t tmp; - ret = krb5_read_message (context, &s->fd, &in); - if (ret) - return 1; - - if(in.length == 0) { - krb5_warnx(context, "process_msg: short message"); - return 1; - } - - ret = krb5_rd_priv (context, s->ac, &in, &out, NULL); - krb5_data_free (&in); - if (ret) { - krb5_warn (context, ret, "krb5_rd_priv"); + ret = krb5_read_priv_message(context, s->ac, &s->fd, &out); + if(ret) { + krb5_warn (context, ret, "error reading message from %s", s->name); return 1; } @@ -282,7 +328,7 @@ process_msg (krb5_context context, slave *s, int log_fd, case I_HAVE : krb5_ret_int32 (sp, &tmp); s->version = tmp; - ret = send_diffs (context, s, log_fd, current_version); + ret = send_diffs (context, s, log_fd, database, current_version); break; case FOR_YOU : default : @@ -294,15 +340,21 @@ process_msg (krb5_context context, slave *s, int log_fd, return ret; } -char *realm; -int version_flag; -int help_flag; -struct getargs args[] = { +static char *realm; +static int version_flag; +static int help_flag; +static char *keytab_str = "HDB:"; +static char *database; + +static struct getargs args[] = { { "realm", 'r', arg_string, &realm }, + { "keytab", 'k', arg_string, &keytab_str, + "keytab to get authentication from", "kspec" }, + { "database", 'd', arg_string, &database, "database", "file"}, { "version", 0, arg_flag, &version_flag }, { "help", 0, arg_flag, &help_flag } }; -int num_args = sizeof(args) / sizeof(args[0]); +static int num_args = sizeof(args) / sizeof(args[0]); int main(int argc, char **argv) @@ -316,7 +368,7 @@ main(int argc, char **argv) int log_fd; slave *slaves = NULL; u_int32_t current_version, old_version = 0; - + krb5_keytab keytab; int optind; optind = krb5_program_setup(&context, argc, argv, args, num_args, NULL); @@ -328,17 +380,28 @@ main(int argc, char **argv) exit(0); } + krb5_openlog (context, "ipropd-master", &log_facility); + krb5_set_warn_dest(context, log_facility); + + ret = krb5_kt_register(context, &hdb_kt_ops); + if(ret) + krb5_err(context, 1, ret, "krb5_kt_register"); + + ret = krb5_kt_resolve(context, keytab_str, &keytab); + if(ret) + krb5_err(context, 1, ret, "krb5_kt_resolve: %s", keytab_str); + memset(&conf, 0, sizeof(conf)); if(realm) { conf.mask |= KADM5_CONFIG_REALM; conf.realm = realm; } - ret = kadm5_init_with_password_ctx (context, - KADM5_ADMIN_SERVICE, - NULL, - KADM5_ADMIN_SERVICE, - &conf, 0, 0, - &kadm_handle); + ret = kadm5_init_with_skey_ctx (context, + KADM5_ADMIN_SERVICE, + NULL, + KADM5_ADMIN_SERVICE, + &conf, 0, 0, + &kadm_handle); if (ret) krb5_err (context, 1, ret, "kadm5_init_with_password_ctx"); @@ -352,6 +415,8 @@ main(int argc, char **argv) signal_fd = make_signal_socket (context); listen_fd = make_listen_socket (context); + signal (SIGPIPE, SIG_IGN); + for (;;) { slave *p; fd_set readset; @@ -359,6 +424,9 @@ main(int argc, char **argv) struct timeval to = {30, 0}; u_int32_t vers; + if (signal_fd >= FD_SETSIZE || listen_fd >= FD_SETSIZE) + krb5_errx (context, 1, "fd too large"); + FD_ZERO(&readset); FD_SET(signal_fd, &readset); max_fd = max(max_fd, signal_fd); @@ -381,38 +449,37 @@ main(int argc, char **argv) if (ret == 0) { old_version = current_version; - kadm5_log_get_version (log_fd, ¤t_version); + kadm5_log_get_version_fd (log_fd, ¤t_version); if (current_version > old_version) for (p = slaves; p != NULL; p = p->next) - send_diffs (context, p, log_fd, current_version); + send_diffs (context, p, log_fd, database, current_version); } if (ret && FD_ISSET(signal_fd, &readset)) { struct sockaddr_un peer_addr; - int peer_len = sizeof(peer_addr); + socklen_t peer_len = sizeof(peer_addr); if(recvfrom(signal_fd, &vers, sizeof(vers), 0, (struct sockaddr *)&peer_addr, &peer_len) < 0) { krb5_warn (context, errno, "recvfrom"); continue; } - printf ("signal: %u\n", vers); --ret; old_version = current_version; - kadm5_log_get_version (log_fd, ¤t_version); + kadm5_log_get_version_fd (log_fd, ¤t_version); for (p = slaves; p != NULL; p = p->next) - send_diffs (context, p, log_fd, current_version); + send_diffs (context, p, log_fd, database, current_version); } for(p = slaves; p != NULL && ret--; p = p->next) if (FD_ISSET(p->fd, &readset)) { - if(process_msg (context, p, log_fd, current_version)) + if(process_msg (context, p, log_fd, database, current_version)) remove_slave (context, p, &slaves); } if (ret && FD_ISSET(listen_fd, &readset)) { - add_slave (context, &slaves, listen_fd); + add_slave (context, keytab, &slaves, listen_fd); --ret; } diff --git a/crypto/heimdal/lib/kadm5/ipropd_slave.c b/crypto/heimdal/lib/kadm5/ipropd_slave.c index 76884eb..8d8bf25 100644 --- a/crypto/heimdal/lib/kadm5/ipropd_slave.c +++ b/crypto/heimdal/lib/kadm5/ipropd_slave.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,9 @@ #include "iprop.h" -RCSID("$Id: ipropd_slave.c,v 1.10 1999/12/02 17:05:06 joda Exp $"); +RCSID("$Id: ipropd_slave.c,v 1.21 2000/08/06 02:06:19 assar Exp $"); + +static krb5_log_facility *log_facility; static int connect_to_master (krb5_context context, const char *master) @@ -47,7 +49,8 @@ connect_to_master (krb5_context context, const char *master) krb5_err (context, 1, errno, "socket AF_INET"); memset (&addr, 0, sizeof(addr)); addr.sin_family = AF_INET; - addr.sin_port = htons(4711); + addr.sin_port = krb5_getportbyname (context, + IPROP_SERVICE, "tcp", IPROP_PORT); he = roken_gethostbyname (master); if (he == NULL) krb5_errx (context, 1, "gethostbyname: %s", hstrerror(h_errno)); @@ -58,31 +61,37 @@ connect_to_master (krb5_context context, const char *master) } static void -get_creds(krb5_context context, krb5_ccache *cache, const char *host) +get_creds(krb5_context context, const char *keytab_str, + krb5_ccache *cache, const char *host) { krb5_keytab keytab; krb5_principal client; krb5_error_code ret; krb5_get_init_creds_opt init_opts; -#if 0 - krb5_preauthtype preauth = KRB5_PADATA_ENC_TIMESTAMP; -#endif krb5_creds creds; - char my_hostname[128]; char *server; + char keytab_buf[256]; - ret = krb5_kt_default(context, &keytab); - if(ret) krb5_err(context, 1, ret, "krb5_kt_default"); + ret = krb5_kt_register(context, &hdb_kt_ops); + if(ret) + krb5_err(context, 1, ret, "krb5_kt_register"); - gethostname (my_hostname, sizeof(my_hostname)); - ret = krb5_sname_to_principal (context, my_hostname, IPROP_NAME, + if (keytab_str == NULL) { + ret = krb5_kt_default_name (context, keytab_buf, sizeof(keytab_buf)); + if (ret) + krb5_err (context, 1, ret, "krb5_kt_default_name"); + keytab_str = keytab_buf; + } + + ret = krb5_kt_resolve(context, keytab_str, &keytab); + if(ret) + krb5_err(context, 1, ret, "%s", keytab_str); + + ret = krb5_sname_to_principal (context, NULL, IPROP_NAME, KRB5_NT_SRV_HST, &client); if (ret) krb5_err(context, 1, ret, "krb5_sname_to_principal"); krb5_get_init_creds_opt_init(&init_opts); -#if 0 - krb5_get_init_creds_opt_set_preauth_list(&init_opts, &preauth, 1); -#endif asprintf (&server, "%s/%s", IPROP_NAME, host); if (server == NULL) @@ -134,21 +143,15 @@ ihave (krb5_context context, krb5_auth_context auth_context, } static void -receive (krb5_context context, - krb5_storage *sp, - kadm5_server_context *server_context) +receive_loop (krb5_context context, + krb5_storage *sp, + kadm5_server_context *server_context) { int ret; off_t left, right; void *buf; int32_t vers; - ret = server_context->db->open(context, - server_context->db, - O_RDWR | O_CREAT, 0); - if (ret) - krb5_err (context, 1, ret, "db->open"); - do { int32_t len, timestamp, tmp; enum kadm_ops op; @@ -166,7 +169,7 @@ receive (krb5_context context, left = sp->seek (sp, -16, SEEK_CUR); right = sp->seek (sp, 0, SEEK_END); buf = malloc (right - left); - if (buf == NULL) { + if (buf == NULL && (right - left) != 0) { krb5_warnx (context, "malloc: no memory"); return; } @@ -197,21 +200,120 @@ receive (krb5_context context, server_context->log_context.version = vers; sp->seek (sp, 8, SEEK_CUR); } +} + +static void +receive (krb5_context context, + krb5_storage *sp, + kadm5_server_context *server_context) +{ + int ret; + + ret = server_context->db->open(context, + server_context->db, + O_RDWR | O_CREAT, 0600); + if (ret) + krb5_err (context, 1, ret, "db->open"); + + receive_loop (context, sp, server_context); + + ret = server_context->db->close (context, server_context->db); + if (ret) + krb5_err (context, 1, ret, "db->close"); +} + +static void +receive_everything (krb5_context context, int fd, + kadm5_server_context *server_context, + krb5_auth_context auth_context) +{ + int ret; + krb5_data data; + int32_t vno; + int32_t opcode; + + ret = server_context->db->open(context, + server_context->db, + O_RDWR | O_CREAT | O_TRUNC, 0600); + if (ret) + krb5_err (context, 1, ret, "db->open"); + + do { + krb5_storage *sp; + + ret = krb5_read_priv_message(context, auth_context, &fd, &data); + + if (ret) + krb5_err (context, 1, ret, "krb5_read_priv_message"); + + sp = krb5_storage_from_data (&data); + krb5_ret_int32 (sp, &opcode); + if (opcode == ONE_PRINC) { + krb5_data fake_data; + hdb_entry entry; + + fake_data.data = (char *)data.data + 4; + fake_data.length = data.length - 4; + + ret = hdb_value2entry (context, &fake_data, &entry); + if (ret) + krb5_err (context, 1, ret, "hdb_value2entry"); + ret = server_context->db->store(server_context->context, + server_context->db, + 0, &entry); + if (ret) + krb5_err (context, 1, ret, "hdb_store"); + + hdb_free_entry (context, &entry); + krb5_data_free (&data); + } + } while (opcode == ONE_PRINC); + + if (opcode != NOW_YOU_HAVE) + krb5_errx (context, 1, "receive_everything: strange %d", opcode); + + _krb5_get_int ((char *)data.data + 4, &vno, 4); + + ret = kadm5_log_reinit (server_context); + if (ret) + krb5_err(context, 1, ret, "kadm5_log_reinit"); + + ret = kadm5_log_set_version (server_context, vno - 1); + if (ret) + krb5_err (context, 1, ret, "kadm5_log_set_version"); + + ret = kadm5_log_nop (server_context); + if (ret) + krb5_err (context, 1, ret, "kadm5_log_nop"); + + krb5_data_free (&data); ret = server_context->db->close (context, server_context->db); if (ret) krb5_err (context, 1, ret, "db->close"); } -char *realm; -int version_flag; -int help_flag; -struct getargs args[] = { +static char *realm; +static int version_flag; +static int help_flag; +static char *keytab_str; + +static struct getargs args[] = { { "realm", 'r', arg_string, &realm }, + { "keytab", 'k', arg_string, &keytab_str, + "keytab to get authentication from", "kspec" }, { "version", 0, arg_flag, &version_flag }, { "help", 0, arg_flag, &help_flag } }; -int num_args = sizeof(args) / sizeof(args[0]); + +static int num_args = sizeof(args) / sizeof(args[0]); + +static void +usage (int code, struct getargs *args, int num_args) +{ + arg_printusage (args, num_args, NULL, "master"); + exit (code); +} int main(int argc, char **argv) @@ -227,16 +329,32 @@ main(int argc, char **argv) krb5_principal server; int optind; + const char *master; - optind = krb5_program_setup(&context, argc, argv, args, num_args, NULL); + optind = krb5_program_setup(&context, argc, argv, args, num_args, usage); if(help_flag) - krb5_std_usage(0, args, num_args); + usage (0, args, num_args); if(version_flag) { print_version(NULL); exit(0); } + argc -= optind; + argv += optind; + + if (argc != 1) + usage (1, args, num_args); + + master = argv[0]; + + krb5_openlog (context, "ipropd-master", &log_facility); + krb5_set_warn_dest(context, log_facility); + + ret = krb5_kt_register(context, &hdb_kt_ops); + if(ret) + krb5_err(context, 1, ret, "krb5_kt_register"); + memset(&conf, 0, sizeof(conf)); if(realm) { conf.mask |= KADM5_CONFIG_REALM; @@ -257,11 +375,11 @@ main(int argc, char **argv) if (ret) krb5_err (context, 1, ret, "kadm5_log_init"); - get_creds(context, &ccache, argv[1]); + get_creds(context, keytab_str, &ccache, master); - master_fd = connect_to_master (context, argv[1]); + master_fd = connect_to_master (context, master); - ret = krb5_sname_to_principal (context, argv[1], IPROP_NAME, + ret = krb5_sname_to_principal (context, master, IPROP_NAME, KRB5_NT_SRV_HST, &server); if (ret) krb5_err (context, 1, ret, "krb5_sname_to_principal"); @@ -279,18 +397,14 @@ main(int argc, char **argv) for (;;) { int ret; - krb5_data data, out; + krb5_data out; krb5_storage *sp; int32_t tmp; - ret = krb5_read_message (context, &master_fd, &data); - if (ret) - krb5_err (context, 1, ret, "krb5_read_message"); + ret = krb5_read_priv_message(context, auth_context, &master_fd, &out); - ret = krb5_rd_priv (context, auth_context, &data, &out, NULL); - krb5_data_free (&data); if (ret) - krb5_err (context, 1, ret, "krb5_rd_priv"); + krb5_err (context, 1, ret, "krb5_read_priv_message"); sp = krb5_storage_from_mem (out.data, out.length); krb5_ret_int32 (sp, &tmp); @@ -300,7 +414,13 @@ main(int argc, char **argv) ihave (context, auth_context, master_fd, server_context->log_context.version); break; + case TELL_YOU_EVERYTHING : + receive_everything (context, master_fd, server_context, + auth_context); + break; + case NOW_YOU_HAVE : case I_HAVE : + case ONE_PRINC : default : krb5_warnx (context, "Ignoring command %d", tmp); break; @@ -308,6 +428,6 @@ main(int argc, char **argv) krb5_storage_free (sp); krb5_data_free (&out); } - + return 0; -} + } diff --git a/crypto/heimdal/lib/kadm5/kadm5-private.h b/crypto/heimdal/lib/kadm5/kadm5-private.h new file mode 100644 index 0000000..4e74a2b --- /dev/null +++ b/crypto/heimdal/lib/kadm5/kadm5-private.h @@ -0,0 +1,245 @@ +/* + * Copyright (c) 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: kadm5-private.h,v 1.3 2000/07/24 04:31:17 assar Exp $ */ + +#ifndef __kadm5_privatex_h__ +#define __kadm5_privatex_h__ + +kadm5_ret_t _kadm5_privs_to_string (u_int32_t, char*, size_t); + +kadm5_ret_t _kadm5_string_to_privs (const char*, u_int32_t*); + +HDB *_kadm5_s_get_db (void *); + +kadm5_ret_t +_kadm5_acl_check_permission __P(( + kadm5_server_context *context, + unsigned op, + krb5_const_principal princ)); + +kadm5_ret_t +_kadm5_acl_init __P((kadm5_server_context *context)); + +kadm5_ret_t +_kadm5_c_init_context __P(( + kadm5_client_context **ctx, + kadm5_config_params *params, + krb5_context context)); + +kadm5_ret_t +_kadm5_client_recv __P(( + kadm5_client_context *context, + krb5_data *reply)); + +kadm5_ret_t +_kadm5_client_send __P(( + kadm5_client_context *context, + krb5_storage *sp)); + +kadm5_ret_t +_kadm5_connect __P((void*)); + +kadm5_ret_t +_kadm5_error_code __P((kadm5_ret_t code)); + +kadm5_ret_t +_kadm5_s_init_context __P(( + kadm5_server_context **ctx, + kadm5_config_params *params, + krb5_context context)); + +kadm5_ret_t +_kadm5_set_keys __P(( + kadm5_server_context *context, + hdb_entry *ent, + const char *password)); + +kadm5_ret_t +_kadm5_set_keys2 __P(( + kadm5_server_context *context, + hdb_entry *ent, + int16_t n_key_data, + krb5_key_data *key_data)); + +kadm5_ret_t +_kadm5_set_keys3 __P(( + kadm5_server_context *context, + hdb_entry *ent, + int n_keys, + krb5_keyblock *keyblocks)); + +kadm5_ret_t +_kadm5_set_keys_randomly __P((kadm5_server_context *context, + hdb_entry *ent, + krb5_keyblock **new_keys, + int *n_keys)); + +kadm5_ret_t +_kadm5_set_modifier __P(( + kadm5_server_context *context, + hdb_entry *ent)); + +kadm5_ret_t +_kadm5_bump_pw_expire __P((kadm5_server_context *context, + hdb_entry *ent)); + +kadm5_ret_t +_kadm5_setup_entry __P(( + kadm5_server_context *context, + hdb_entry *ent, + u_int32_t mask, + kadm5_principal_ent_t princ, + u_int32_t princ_mask, + kadm5_principal_ent_t def, + u_int32_t def_mask)); + +kadm5_ret_t +kadm5_log_get_version_fd (int fd, u_int32_t *ver); + +kadm5_ret_t +kadm5_log_get_version (kadm5_server_context *context, u_int32_t *ver); + +kadm5_ret_t +kadm5_log_set_version (kadm5_server_context *context, u_int32_t vno); + +kadm5_ret_t +kadm5_log_init (kadm5_server_context *context); + +kadm5_ret_t +kadm5_log_reinit (kadm5_server_context *context); + +kadm5_ret_t +kadm5_log_create (kadm5_server_context *context, + hdb_entry *ent); + +kadm5_ret_t +kadm5_log_delete (kadm5_server_context *context, + krb5_principal princ); + +kadm5_ret_t +kadm5_log_rename (kadm5_server_context *context, + krb5_principal source, + hdb_entry *ent); + +kadm5_ret_t +kadm5_log_modify (kadm5_server_context *context, + hdb_entry *ent, + u_int32_t mask); + +kadm5_ret_t +kadm5_log_nop (kadm5_server_context *context); + +kadm5_ret_t +kadm5_log_end (kadm5_server_context *context); + +kadm5_ret_t +kadm5_log_foreach (kadm5_server_context *context, + void (*func)(kadm5_server_context *server_context, + u_int32_t ver, + time_t timestamp, + enum kadm_ops op, + u_int32_t len, + krb5_storage *sp)); + +kadm5_ret_t +kadm5_log_replay_create (kadm5_server_context *context, + u_int32_t ver, + u_int32_t len, + krb5_storage *sp); + +kadm5_ret_t +kadm5_log_replay_delete (kadm5_server_context *context, + u_int32_t ver, + u_int32_t len, + krb5_storage *sp); + +kadm5_ret_t +kadm5_log_replay_rename (kadm5_server_context *context, + u_int32_t ver, + u_int32_t len, + krb5_storage *sp); + +kadm5_ret_t +kadm5_log_replay_modify (kadm5_server_context *context, + u_int32_t ver, + u_int32_t len, + krb5_storage *sp); + +kadm5_ret_t +kadm5_log_replay_nop (kadm5_server_context *context, + u_int32_t ver, + u_int32_t len, + krb5_storage *sp); + +kadm5_ret_t +kadm5_log_replay (kadm5_server_context *context, + enum kadm_ops op, + u_int32_t ver, + u_int32_t len, + krb5_storage *sp); + +krb5_storage * +kadm5_log_goto_end (int fd); + +kadm5_ret_t +kadm5_log_previous (krb5_storage *sp, + u_int32_t *ver, + time_t *timestamp, + enum kadm_ops *op, + u_int32_t *len); + +kadm5_ret_t +kadm5_log_truncate (kadm5_server_context *server_context); + +kadm5_ret_t +_kadm5_marshal_params __P((krb5_context context, + kadm5_config_params *params, + krb5_data *out)); + +kadm5_ret_t +_kadm5_unmarshal_params __P((krb5_context context, + krb5_data *in, + kadm5_config_params *params)); + +void +_kadm5_free_keys (kadm5_server_context *context, + int len, Key *keys); + +void +_kadm5_init_keys (Key *keys, int len); + +int +_kadm5_cmp_keys(Key *keys1, int len1, Key *keys2, int len2); + +#endif /* __kadm5_privatex_h__ */ diff --git a/crypto/heimdal/lib/kadm5/kadm5-protos.h b/crypto/heimdal/lib/kadm5/kadm5-protos.h new file mode 100644 index 0000000..070492b --- /dev/null +++ b/crypto/heimdal/lib/kadm5/kadm5-protos.h @@ -0,0 +1,516 @@ +/* + * Copyright (c) 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: kadm5-protos.h,v 1.2 2000/07/22 05:52:01 assar Exp $ */ + +#ifndef __kadm5_protos_h__ +#define __kadm5_protos_h__ + +kadm5_ret_t +kadm5_c_chpass_principal __P(( + void *server_handle, + krb5_principal princ, + char *password)); + +kadm5_ret_t +kadm5_c_chpass_principal_with_key __P(( + void *server_handle, + krb5_principal princ, + int n_key_data, + krb5_key_data *key_data)); + +kadm5_ret_t +kadm5_c_create_principal __P(( + void *server_handle, + kadm5_principal_ent_t princ, + u_int32_t mask, + char *password)); + +kadm5_ret_t +kadm5_c_delete_principal __P(( + void *server_handle, + krb5_principal princ)); + +kadm5_ret_t +kadm5_c_destroy __P((void *server_handle)); + +kadm5_ret_t +kadm5_c_flush __P((void *server_handle)); + +kadm5_ret_t +kadm5_c_get_principal __P(( + void *server_handle, + krb5_principal princ, + kadm5_principal_ent_t out, + u_int32_t mask)); + +kadm5_ret_t +kadm5_c_get_principals __P(( + void *server_handle, + const char *exp, + char ***princs, + int *count)); + +kadm5_ret_t +kadm5_c_get_privs __P(( + void *server_handle, + u_int32_t *privs)); + +kadm5_ret_t +kadm5_c_init_with_creds __P(( + const char *client_name, + krb5_ccache ccache, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_c_init_with_creds_ctx __P(( + krb5_context context, + const char *client_name, + krb5_ccache ccache, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_c_init_with_password __P(( + const char *client_name, + const char *password, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_c_init_with_password_ctx __P(( + krb5_context context, + const char *client_name, + const char *password, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_c_init_with_skey __P(( + const char *client_name, + const char *keytab, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_c_init_with_skey_ctx __P(( + krb5_context context, + const char *client_name, + const char *keytab, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_c_modify_principal __P(( + void *server_handle, + kadm5_principal_ent_t princ, + u_int32_t mask)); + +kadm5_ret_t +kadm5_c_randkey_principal __P(( + void *server_handle, + krb5_principal princ, + krb5_keyblock **new_keys, + int *n_keys)); + +kadm5_ret_t +kadm5_c_rename_principal __P(( + void *server_handle, + krb5_principal source, + krb5_principal target)); + +kadm5_ret_t +kadm5_chpass_principal __P(( + void *server_handle, + krb5_principal princ, + char *password)); + +kadm5_ret_t +kadm5_chpass_principal_with_key __P(( + void *server_handle, + krb5_principal princ, + int n_key_data, + krb5_key_data *key_data)); + +kadm5_ret_t +kadm5_create_principal __P(( + void *server_handle, + kadm5_principal_ent_t princ, + u_int32_t mask, + char *password)); + +kadm5_ret_t +kadm5_delete_principal __P(( + void *server_handle, + krb5_principal princ)); + +kadm5_ret_t +kadm5_destroy __P((void *server_handle)); + +kadm5_ret_t +kadm5_flush __P((void *server_handle)); + +void +kadm5_free_key_data __P(( + void *server_handle, + int16_t *n_key_data, + krb5_key_data *key_data)); + +void +kadm5_free_name_list __P(( + void *server_handle, + char **names, + int *count)); + +void +kadm5_free_principal_ent __P(( + void *server_handle, + kadm5_principal_ent_t princ)); + +kadm5_ret_t +kadm5_get_principal __P(( + void *server_handle, + krb5_principal princ, + kadm5_principal_ent_t out, + u_int32_t mask)); + +kadm5_ret_t +kadm5_get_principals __P(( + void *server_handle, + const char *exp, + char ***princs, + int *count)); + +kadm5_ret_t +kadm5_get_privs __P(( + void *server_handle, + u_int32_t *privs)); + +kadm5_ret_t +kadm5_init_with_creds __P(( + const char *client_name, + krb5_ccache ccache, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_init_with_creds_ctx __P(( + krb5_context context, + const char *client_name, + krb5_ccache ccache, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_init_with_password __P(( + const char *client_name, + const char *password, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_init_with_password_ctx __P(( + krb5_context context, + const char *client_name, + const char *password, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_init_with_skey __P(( + const char *client_name, + const char *keytab, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_init_with_skey_ctx __P(( + krb5_context context, + const char *client_name, + const char *keytab, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_modify_principal __P(( + void *server_handle, + kadm5_principal_ent_t princ, + u_int32_t mask)); + +kadm5_ret_t +kadm5_randkey_principal __P(( + void *server_handle, + krb5_principal princ, + krb5_keyblock **new_keys, + int *n_keys)); + +kadm5_ret_t +kadm5_rename_principal __P(( + void *server_handle, + krb5_principal source, + krb5_principal target)); + +kadm5_ret_t +kadm5_ret_key_data __P(( + krb5_storage *sp, + krb5_key_data *key)); + +kadm5_ret_t +kadm5_ret_principal_ent __P(( + krb5_storage *sp, + kadm5_principal_ent_t princ)); + +kadm5_ret_t +kadm5_ret_principal_ent_mask __P(( + krb5_storage *sp, + kadm5_principal_ent_t princ, + u_int32_t *mask)); + +kadm5_ret_t +kadm5_ret_tl_data __P(( + krb5_storage *sp, + krb5_tl_data *tl)); + +kadm5_ret_t +kadm5_s_chpass_principal __P(( + void *server_handle, + krb5_principal princ, + char *password)); + +kadm5_ret_t +kadm5_s_chpass_principal_cond __P(( + void *server_handle, + krb5_principal princ, + char *password)); + +kadm5_ret_t +kadm5_s_chpass_principal_with_key __P(( + void *server_handle, + krb5_principal princ, + int n_key_data, + krb5_key_data *key_data)); + +kadm5_ret_t +kadm5_s_create_principal __P(( + void *server_handle, + kadm5_principal_ent_t princ, + u_int32_t mask, + char *password)); + +kadm5_ret_t +kadm5_s_create_principal_with_key __P(( + void *server_handle, + kadm5_principal_ent_t princ, + u_int32_t mask)); + +kadm5_ret_t +kadm5_s_delete_principal __P(( + void *server_handle, + krb5_principal princ)); + +kadm5_ret_t +kadm5_s_destroy __P((void *server_handle)); + +kadm5_ret_t +kadm5_s_flush __P((void *server_handle)); + +kadm5_ret_t +kadm5_s_get_principal __P(( + void *server_handle, + krb5_principal princ, + kadm5_principal_ent_t out, + u_int32_t mask)); + +kadm5_ret_t +kadm5_s_get_principals __P(( + void *server_handle, + const char *exp, + char ***princs, + int *count)); + +kadm5_ret_t +kadm5_s_get_privs __P(( + void *server_handle, + u_int32_t *privs)); + +kadm5_ret_t +kadm5_s_init_with_creds __P(( + const char *client_name, + krb5_ccache ccache, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_s_init_with_creds_ctx __P(( + krb5_context context, + const char *client_name, + krb5_ccache ccache, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_s_init_with_password __P(( + const char *client_name, + const char *password, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_s_init_with_password_ctx __P(( + krb5_context context, + const char *client_name, + const char *password, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_s_init_with_skey __P(( + const char *client_name, + const char *keytab, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_s_init_with_skey_ctx __P(( + krb5_context context, + const char *client_name, + const char *keytab, + const char *service_name, + kadm5_config_params *realm_params, + unsigned long struct_version, + unsigned long api_version, + void **server_handle)); + +kadm5_ret_t +kadm5_s_modify_principal __P(( + void *server_handle, + kadm5_principal_ent_t princ, + u_int32_t mask)); + +kadm5_ret_t +kadm5_s_randkey_principal __P(( + void *server_handle, + krb5_principal princ, + krb5_keyblock **new_keys, + int *n_keys)); + +kadm5_ret_t +kadm5_s_rename_principal __P(( + void *server_handle, + krb5_principal source, + krb5_principal target)); + +kadm5_ret_t +kadm5_store_key_data __P(( + krb5_storage *sp, + krb5_key_data *key)); + +kadm5_ret_t +kadm5_store_principal_ent __P(( + krb5_storage *sp, + kadm5_principal_ent_t princ)); + +kadm5_ret_t +kadm5_store_principal_ent_mask __P(( + krb5_storage *sp, + kadm5_principal_ent_t princ, + u_int32_t mask)); + +kadm5_ret_t +kadm5_store_tl_data __P(( + krb5_storage *sp, + krb5_tl_data *tl)); + +void +kadm5_setup_passwd_quality_check(krb5_context context, + const char *check_library, + const char *check_function); + +const char * +kadm5_check_password_quality (krb5_context context, + krb5_principal principal, + krb5_data *pwd_data); + +#endif /* __kadm5_protos_h__ */ diff --git a/crypto/heimdal/lib/kadm5/kadm5_locl.h b/crypto/heimdal/lib/kadm5/kadm5_locl.h index 9344a2c..6f634ed 100644 --- a/crypto/heimdal/lib/kadm5/kadm5_locl.h +++ b/crypto/heimdal/lib/kadm5/kadm5_locl.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -31,7 +31,7 @@ * SUCH DAMAGE. */ -/* $Id: kadm5_locl.h,v 1.21 1999/12/02 17:05:06 joda Exp $ */ +/* $Id: kadm5_locl.h,v 1.23 2000/07/08 11:57:40 assar Exp $ */ #ifndef __KADM5_LOCL_H__ #define __KADM5_LOCL_H__ @@ -45,6 +45,7 @@ #include #include #include +#include #ifdef HAVE_UNISTD_H #include #endif @@ -76,6 +77,7 @@ #include "admin.h" #include "kadm5_err.h" #include +#include #include #include #include "private.h" diff --git a/crypto/heimdal/lib/kadm5/keys.c b/crypto/heimdal/lib/kadm5/keys.c new file mode 100644 index 0000000..3ae21ab --- /dev/null +++ b/crypto/heimdal/lib/kadm5/keys.c @@ -0,0 +1,112 @@ +/* + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "kadm5_locl.h" + +RCSID("$Id: keys.c,v 1.1 2000/07/22 05:53:02 assar Exp $"); + +/* + * free all the memory used by (len, keys) + */ + +void +_kadm5_free_keys (kadm5_server_context *context, + int len, Key *keys) +{ + int i; + + for (i = 0; i < len; ++i) { + free (keys[i].mkvno); + keys[i].mkvno = NULL; + if (keys[i].salt != NULL) { + free_Salt(keys[i].salt); + free(keys[i].salt); + keys[i].salt = NULL; + } + krb5_free_keyblock_contents(context->context, &keys[i].key); + } + free (keys); +} + +/* + * null-ify `len', `keys' + */ + +void +_kadm5_init_keys (Key *keys, int len) +{ + int i; + + for (i = 0; i < len; ++i) { + keys[i].mkvno = NULL; + keys[i].salt = NULL; + keys[i].key.keyvalue.length = 0; + keys[i].key.keyvalue.data = NULL; + } +} + +/* + * return 0 iff `keys1, len1' and `keys2, len2' are identical + */ + +int +_kadm5_cmp_keys(Key *keys1, int len1, Key *keys2, int len2) +{ + int i; + + if (len1 != len2) + return 1; + + for (i = 0; i < len1; ++i) { + if ((keys1[i].salt != NULL && keys2[i].salt == NULL) + || (keys1[i].salt == NULL && keys2[i].salt != NULL)) + return 1; + if (keys1[i].salt != NULL) { + if (keys1[i].salt->type != keys2[i].salt->type) + return 1; + if (keys1[i].salt->salt.length != keys2[i].salt->salt.length) + return 1; + if (memcmp (keys1[i].salt->salt.data, keys2[i].salt->salt.data, + keys1[i].salt->salt.length) != 0) + return 1; + } + if (keys1[i].key.keytype != keys2[i].key.keytype) + return 1; + if (keys1[i].key.keyvalue.length != keys2[i].key.keyvalue.length) + return 1; + if (memcmp (keys1[i].key.keyvalue.data, keys2[i].key.keyvalue.data, + keys1[i].key.keyvalue.length) != 0) + return 1; + } + return 0; +} diff --git a/crypto/heimdal/lib/kadm5/log.c b/crypto/heimdal/lib/kadm5/log.c index e9dc38c..875f749 100644 --- a/crypto/heimdal/lib/kadm5/log.c +++ b/crypto/heimdal/lib/kadm5/log.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "kadm5_locl.h" -RCSID("$Id: log.c,v 1.13 1999/12/04 19:50:35 assar Exp $"); +RCSID("$Id: log.c,v 1.18 2000/07/24 04:32:17 assar Exp $"); /* * A log record consists of: @@ -49,8 +49,8 @@ RCSID("$Id: log.c,v 1.13 1999/12/04 19:50:35 assar Exp $"); */ kadm5_ret_t -kadm5_log_get_version (int fd, - u_int32_t *ver) +kadm5_log_get_version_fd (int fd, + u_int32_t *ver) { int ret; krb5_storage *sp; @@ -73,6 +73,21 @@ kadm5_log_get_version (int fd, } kadm5_ret_t +kadm5_log_get_version (kadm5_server_context *context, u_int32_t *ver) +{ + return kadm5_log_get_version_fd (context->log_context.log_fd, ver); +} + +kadm5_ret_t +kadm5_log_set_version (kadm5_server_context *context, u_int32_t vno) +{ + kadm5_log_context *log_context = &context->log_context; + + log_context->version = vno; + return 0; +} + +kadm5_ret_t kadm5_log_init (kadm5_server_context *context) { int fd; @@ -89,7 +104,7 @@ kadm5_log_init (kadm5_server_context *context) return errno; } - ret = kadm5_log_get_version (fd, &log_context->version); + ret = kadm5_log_get_version_fd (fd, &log_context->version); if (ret) return ret; @@ -98,6 +113,30 @@ kadm5_log_init (kadm5_server_context *context) } kadm5_ret_t +kadm5_log_reinit (kadm5_server_context *context) +{ + int fd; + kadm5_log_context *log_context = &context->log_context; + + if (log_context->log_fd != -1) { + close (log_context->log_fd); + log_context->log_fd = -1; + } + fd = open (log_context->log_file, O_RDWR | O_CREAT | O_TRUNC, 0600); + if (fd < 0) + return errno; + if (flock (fd, LOCK_EX) < 0) { + close (fd); + return errno; + } + + log_context->version = 0; + log_context->log_fd = fd; + return 0; +} + + +kadm5_ret_t kadm5_log_end (kadm5_server_context *context) { kadm5_log_context *log_context = &context->log_context; @@ -483,14 +522,22 @@ kadm5_log_replay_modify (kadm5_server_context *context, if (ret) return ret; if (mask & KADM5_PRINC_EXPIRE_TIME) { - if (ent.valid_end == NULL) - ent.valid_end = malloc(sizeof(*ent.valid_end)); - *ent.valid_end = *log_ent.valid_end; + if (log_ent.valid_end == NULL) { + ent.valid_end = NULL; + } else { + if (ent.valid_end == NULL) + ent.valid_end = malloc(sizeof(*ent.valid_end)); + *ent.valid_end = *log_ent.valid_end; + } } if (mask & KADM5_PW_EXPIRATION) { - if (ent.pw_end == NULL) - ent.pw_end = malloc(sizeof(*ent.pw_end)); - *ent.pw_end = *log_ent.pw_end; + if (log_ent.pw_end == NULL) { + ent.pw_end = NULL; + } else { + if (ent.pw_end == NULL) + ent.pw_end = malloc(sizeof(*ent.pw_end)); + *ent.pw_end = *log_ent.pw_end; + } } if (mask & KADM5_LAST_PWD_CHANGE) { abort (); /* XXX */ @@ -499,9 +546,13 @@ kadm5_log_replay_modify (kadm5_server_context *context, ent.flags = log_ent.flags; } if (mask & KADM5_MAX_LIFE) { - if (ent.max_life == NULL) - ent.max_life = malloc (sizeof(*ent.max_life)); - *ent.max_life = *log_ent.max_life; + if (log_ent.max_life == NULL) { + ent.max_life = NULL; + } else { + if (ent.max_life == NULL) + ent.max_life = malloc (sizeof(*ent.max_life)); + *ent.max_life = *log_ent.max_life; + } } if ((mask & KADM5_MOD_TIME) && (mask & KADM5_MOD_NAME)) { if (ent.modified_by == NULL) { @@ -526,9 +577,13 @@ kadm5_log_replay_modify (kadm5_server_context *context, abort (); /* XXX */ } if (mask & KADM5_MAX_RLIFE) { - if (ent.max_renew == NULL) - ent.max_renew = malloc (sizeof(*ent.max_renew)); - *ent.max_renew = *log_ent.max_renew; + if (log_ent.max_renew == NULL) { + ent.max_renew = NULL; + } else { + if (ent.max_renew == NULL) + ent.max_renew = malloc (sizeof(*ent.max_renew)); + *ent.max_renew = *log_ent.max_renew; + } } if (mask & KADM5_LAST_SUCCESS) { abort (); /* XXX */ @@ -563,6 +618,51 @@ kadm5_log_replay_modify (kadm5_server_context *context, } /* + * Add a `nop' operation to the log. + */ + +kadm5_ret_t +kadm5_log_nop (kadm5_server_context *context) +{ + krb5_storage *sp; + kadm5_ret_t ret; + kadm5_log_context *log_context = &context->log_context; + + sp = krb5_storage_emem(); + ret = kadm5_log_preamble (context, sp, kadm_nop); + if (ret) { + krb5_storage_free (sp); + return ret; + } + krb5_store_int32 (sp, 0); + krb5_store_int32 (sp, 0); + ret = kadm5_log_postamble (log_context, sp); + if (ret) { + krb5_storage_free (sp); + return ret; + } + ret = kadm5_log_flush (log_context, sp); + krb5_storage_free (sp); + if (ret) + return ret; + ret = kadm5_log_end (context); + return ret; +} + +/* + * Read a `nop' log operation from `sp' and apply it. + */ + +kadm5_ret_t +kadm5_log_replay_nop (kadm5_server_context *context, + u_int32_t ver, + u_int32_t len, + krb5_storage *sp) +{ + return 0; +} + +/* * Call `func' for each log record in the log in `context' */ @@ -660,7 +760,46 @@ kadm5_log_replay (kadm5_server_context *context, return kadm5_log_replay_rename (context, ver, len, sp); case kadm_modify : return kadm5_log_replay_modify (context, ver, len, sp); + case kadm_nop : + return kadm5_log_replay_nop (context, ver, len, sp); default : return KADM5_FAILURE; } } + +/* + * truncate the log - i.e. create an empty file with just (nop vno + 2) + */ + +kadm5_ret_t +kadm5_log_truncate (kadm5_server_context *server_context) +{ + kadm5_ret_t ret; + u_int32_t vno; + + ret = kadm5_log_init (server_context); + if (ret) + return ret; + + ret = kadm5_log_get_version (server_context, &vno); + if (ret) + return ret; + + ret = kadm5_log_reinit (server_context); + if (ret) + return ret; + + ret = kadm5_log_set_version (server_context, vno + 1); + if (ret) + return ret; + + ret = kadm5_log_nop (server_context); + if (ret) + return ret; + + ret = kadm5_log_end (server_context); + if (ret) + return ret; + return 0; + +} diff --git a/crypto/heimdal/lib/kadm5/modify_c.c b/crypto/heimdal/lib/kadm5/modify_c.c index 2a64ccc..8d8ca56 100644 --- a/crypto/heimdal/lib/kadm5/modify_c.c +++ b/crypto/heimdal/lib/kadm5/modify_c.c @@ -33,7 +33,7 @@ #include "kadm5_locl.h" -RCSID("$Id: modify_c.c,v 1.3 1999/12/02 17:05:06 joda Exp $"); +RCSID("$Id: modify_c.c,v 1.4 2000/07/11 15:59:46 joda Exp $"); kadm5_ret_t kadm5_c_modify_principal(void *server_handle, @@ -47,6 +47,10 @@ kadm5_c_modify_principal(void *server_handle, int32_t tmp; krb5_data reply; + ret = _kadm5_connect(server_handle); + if(ret) + return ret; + sp = krb5_storage_from_mem(buf, sizeof(buf)); if (sp == NULL) return ENOMEM; diff --git a/crypto/heimdal/lib/kadm5/modify_s.c b/crypto/heimdal/lib/kadm5/modify_s.c index 4157202..8c595a9 100644 --- a/crypto/heimdal/lib/kadm5/modify_s.c +++ b/crypto/heimdal/lib/kadm5/modify_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "kadm5_locl.h" -RCSID("$Id: modify_s.c,v 1.9 1999/12/02 17:05:06 joda Exp $"); +RCSID("$Id: modify_s.c,v 1.12 2001/01/30 01:24:28 assar Exp $"); static kadm5_ret_t modify_principal(void *server_handle, @@ -56,14 +56,16 @@ modify_principal(void *server_handle, ret = context->db->fetch(context->context, context->db, 0, &ent); if(ret) goto out; - ret = _kadm5_setup_entry(&ent, mask, princ, mask, NULL, 0); + ret = _kadm5_setup_entry(context, &ent, mask, princ, mask, NULL, 0); if(ret) goto out2; ret = _kadm5_set_modifier(context, &ent); if(ret) goto out2; - hdb_seal_keys(context->db, &ent); + ret = hdb_seal_keys(context->context, context->db, &ent); + if (ret) + goto out2; kadm5_log_modify (context, &ent, diff --git a/crypto/heimdal/lib/kadm5/password_quality.c b/crypto/heimdal/lib/kadm5/password_quality.c index 86d35f3..bc1463f 100644 --- a/crypto/heimdal/lib/kadm5/password_quality.c +++ b/crypto/heimdal/lib/kadm5/password_quality.c @@ -33,7 +33,7 @@ #include "kadm5_locl.h" -RCSID("$Id: password_quality.c,v 1.3 1999/12/02 17:05:06 joda Exp $"); +RCSID("$Id: password_quality.c,v 1.4 2000/07/05 13:14:45 joda Exp $"); #ifdef HAVE_DLFCN_H #include @@ -57,8 +57,6 @@ typedef const char* (*passwd_quality_check_func)(krb5_context, static passwd_quality_check_func passwd_quality_check = simple_passwd_quality; #ifdef HAVE_DLOPEN -extern const char *check_library; -extern const char *check_function; #define PASSWD_VERSION 0 diff --git a/crypto/heimdal/lib/kadm5/private.h b/crypto/heimdal/lib/kadm5/private.h index e56a0f5..bcdf363 100644 --- a/crypto/heimdal/lib/kadm5/private.h +++ b/crypto/heimdal/lib/kadm5/private.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -31,7 +31,7 @@ * SUCH DAMAGE. */ -/* $Id: private.h,v 1.10 1999/12/04 23:09:34 assar Exp $ */ +/* $Id: private.h,v 1.14 2000/07/11 15:58:57 joda Exp $ */ #ifndef __kadm5_private_h__ #define __kadm5_private_h__ @@ -51,6 +51,8 @@ struct kadm_func { kadm5_ret_t (*randkey_principal) (void*, krb5_principal, krb5_keyblock**, int*); kadm5_ret_t (*rename_principal) (void*, krb5_principal, krb5_principal); + kadm5_ret_t (*chpass_principal_with_key) (void *, krb5_principal, + int, krb5_key_data *); }; /* XXX should be integrated */ @@ -86,7 +88,7 @@ typedef struct kadm5_server_context { krb5_principal caller; unsigned acl_flags; kadm5_log_context log_context; -}kadm5_server_context; +} kadm5_server_context; typedef struct kadm5_client_context { krb5_context context; @@ -98,6 +100,12 @@ typedef struct kadm5_client_context { char *admin_server; int kadmind_port; int sock; + char *client_name; + char *service_name; + krb5_prompter_fct prompter; + const char *keytab; + krb5_ccache ccache; + kadm5_config_params *realm_params; }kadm5_client_context; enum kadm_ops { @@ -109,7 +117,9 @@ enum kadm_ops { kadm_modify, kadm_randkey, kadm_get_privs, - kadm_get_princs + kadm_get_princs, + kadm_chpass_with_key, + kadm_nop }; #define KADMIN_APPL_VERSION "KADM0.1" @@ -117,165 +127,6 @@ enum kadm_ops { #define KADM5_LOG_SIGNAL HDB_DB_DIR "/signal" -kadm5_ret_t _kadm5_privs_to_string (u_int32_t, char*, size_t); - -kadm5_ret_t _kadm5_string_to_privs (const char*, u_int32_t*); - -HDB *_kadm5_s_get_db (void *); - -kadm5_ret_t -_kadm5_acl_check_permission __P(( - kadm5_server_context *context, - unsigned op)); - -kadm5_ret_t -_kadm5_acl_init __P((kadm5_server_context *context)); - -kadm5_ret_t -_kadm5_c_init_context __P(( - kadm5_client_context **ctx, - kadm5_config_params *params, - krb5_context context)); - -kadm5_ret_t -_kadm5_client_recv __P(( - kadm5_client_context *context, - krb5_data *reply)); - -kadm5_ret_t -_kadm5_client_send __P(( - kadm5_client_context *context, - krb5_storage *sp)); - -kadm5_ret_t -_kadm5_error_code __P((kadm5_ret_t code)); - -kadm5_ret_t -_kadm5_s_init_context __P(( - kadm5_server_context **ctx, - kadm5_config_params *params, - krb5_context context)); - -kadm5_ret_t -_kadm5_set_keys __P(( - kadm5_server_context *context, - hdb_entry *ent, - const char *password)); - -kadm5_ret_t -_kadm5_set_keys2 __P(( - hdb_entry *ent, - int16_t n_key_data, - krb5_key_data *key_data)); - -kadm5_ret_t -_kadm5_set_keys_randomly __P((kadm5_server_context *context, - hdb_entry *ent, - krb5_keyblock **new_keys, - int *n_keys)); - -kadm5_ret_t -_kadm5_set_modifier __P(( - kadm5_server_context *context, - hdb_entry *ent)); - -kadm5_ret_t -_kadm5_setup_entry __P(( - hdb_entry *ent, - u_int32_t mask, - kadm5_principal_ent_t princ, - u_int32_t princ_mask, - kadm5_principal_ent_t def, - u_int32_t def_mask)); - -kadm5_ret_t -kadm5_log_get_version (int fd, - u_int32_t *ver); - -kadm5_ret_t -kadm5_log_init (kadm5_server_context *context); - -kadm5_ret_t -kadm5_log_create (kadm5_server_context *context, - hdb_entry *ent); - -kadm5_ret_t -kadm5_log_delete (kadm5_server_context *context, - krb5_principal princ); - -kadm5_ret_t -kadm5_log_rename (kadm5_server_context *context, - krb5_principal source, - hdb_entry *ent); - -kadm5_ret_t -kadm5_log_modify (kadm5_server_context *context, - hdb_entry *ent, - u_int32_t mask); - -kadm5_ret_t -kadm5_log_end (kadm5_server_context *context); - -kadm5_ret_t -kadm5_log_foreach (kadm5_server_context *context, - void (*func)(kadm5_server_context *server_context, - u_int32_t ver, - time_t timestamp, - enum kadm_ops op, - u_int32_t len, - krb5_storage *sp)); - -kadm5_ret_t -kadm5_log_replay_create (kadm5_server_context *context, - u_int32_t ver, - u_int32_t len, - krb5_storage *sp); - -kadm5_ret_t -kadm5_log_replay_delete (kadm5_server_context *context, - u_int32_t ver, - u_int32_t len, - krb5_storage *sp); - -kadm5_ret_t -kadm5_log_replay_rename (kadm5_server_context *context, - u_int32_t ver, - u_int32_t len, - krb5_storage *sp); - -kadm5_ret_t -kadm5_log_replay_modify (kadm5_server_context *context, - u_int32_t ver, - u_int32_t len, - krb5_storage *sp); - -kadm5_ret_t -kadm5_log_replay (kadm5_server_context *context, - enum kadm_ops op, - u_int32_t ver, - u_int32_t len, - krb5_storage *sp); - -krb5_storage * -kadm5_log_goto_end (int fd); - -kadm5_ret_t -kadm5_log_previous (krb5_storage *sp, - u_int32_t *ver, - time_t *timestamp, - enum kadm_ops *op, - u_int32_t *len); - -kadm5_ret_t -_kadm5_marshal_params __P((krb5_context context, - kadm5_config_params *params, - krb5_data *out)); - -kadm5_ret_t -_kadm5_unmarshal_params __P((krb5_context context, - krb5_data *in, - kadm5_config_params *params)); - - +#include "kadm5-private.h" #endif /* __kadm5_private_h__ */ diff --git a/crypto/heimdal/lib/kadm5/privs_c.c b/crypto/heimdal/lib/kadm5/privs_c.c index 25d4976..83d293c 100644 --- a/crypto/heimdal/lib/kadm5/privs_c.c +++ b/crypto/heimdal/lib/kadm5/privs_c.c @@ -33,7 +33,7 @@ #include "kadm5_locl.h" -RCSID("$Id: privs_c.c,v 1.3 1999/12/02 17:05:07 joda Exp $"); +RCSID("$Id: privs_c.c,v 1.4 2000/07/11 15:59:54 joda Exp $"); kadm5_ret_t kadm5_c_get_privs(void *server_handle, u_int32_t *privs) @@ -45,6 +45,10 @@ kadm5_c_get_privs(void *server_handle, u_int32_t *privs) int32_t tmp; krb5_data reply; + ret = _kadm5_connect(server_handle); + if(ret) + return ret; + sp = krb5_storage_from_mem(buf, sizeof(buf)); if (sp == NULL) return ENOMEM; diff --git a/crypto/heimdal/lib/kadm5/randkey_c.c b/crypto/heimdal/lib/kadm5/randkey_c.c index 7531b6e..eedf697 100644 --- a/crypto/heimdal/lib/kadm5/randkey_c.c +++ b/crypto/heimdal/lib/kadm5/randkey_c.c @@ -33,7 +33,7 @@ #include "kadm5_locl.h" -RCSID("$Id: randkey_c.c,v 1.3 1999/12/02 17:05:07 joda Exp $"); +RCSID("$Id: randkey_c.c,v 1.4 2000/07/11 16:00:02 joda Exp $"); kadm5_ret_t kadm5_c_randkey_principal(void *server_handle, @@ -48,6 +48,10 @@ kadm5_c_randkey_principal(void *server_handle, int32_t tmp; krb5_data reply; + ret = _kadm5_connect(server_handle); + if(ret) + return ret; + sp = krb5_storage_from_mem(buf, sizeof(buf)); if (sp == NULL) return ENOMEM; diff --git a/crypto/heimdal/lib/kadm5/randkey_s.c b/crypto/heimdal/lib/kadm5/randkey_s.c index 25c8571..9780b11 100644 --- a/crypto/heimdal/lib/kadm5/randkey_s.c +++ b/crypto/heimdal/lib/kadm5/randkey_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "kadm5_locl.h" -RCSID("$Id: randkey_s.c,v 1.10 1999/12/02 17:05:07 joda Exp $"); +RCSID("$Id: randkey_s.c,v 1.13 2001/01/30 01:24:28 assar Exp $"); /* * Set the keys of `princ' to random values, returning the random keys @@ -68,13 +68,18 @@ kadm5_s_randkey_principal(void *server_handle, ret = _kadm5_set_modifier(context, &ent); if(ret) goto out3; + ret = _kadm5_bump_pw_expire(context, &ent); + if (ret) + goto out2; - hdb_seal_keys(context->db, &ent); + ret = hdb_seal_keys(context->context, context->db, &ent); + if (ret) + goto out2; kadm5_log_modify (context, &ent, KADM5_PRINCIPAL | KADM5_MOD_NAME | KADM5_MOD_TIME | - KADM5_KEY_DATA | KADM5_KVNO); + KADM5_KEY_DATA | KADM5_KVNO | KADM5_PW_EXPIRATION); ret = context->db->store(context->context, context->db, HDB_F_REPLACE, &ent); diff --git a/crypto/heimdal/lib/kadm5/rename_c.c b/crypto/heimdal/lib/kadm5/rename_c.c index d33e611..95ccf25 100644 --- a/crypto/heimdal/lib/kadm5/rename_c.c +++ b/crypto/heimdal/lib/kadm5/rename_c.c @@ -33,7 +33,7 @@ #include "kadm5_locl.h" -RCSID("$Id: rename_c.c,v 1.3 1999/12/02 17:05:07 joda Exp $"); +RCSID("$Id: rename_c.c,v 1.4 2000/07/11 16:00:08 joda Exp $"); kadm5_ret_t kadm5_c_rename_principal(void *server_handle, @@ -47,6 +47,10 @@ kadm5_c_rename_principal(void *server_handle, int32_t tmp; krb5_data reply; + ret = _kadm5_connect(server_handle); + if(ret) + return ret; + sp = krb5_storage_from_mem(buf, sizeof(buf)); if (sp == NULL) return ENOMEM; diff --git a/crypto/heimdal/lib/kadm5/rename_s.c b/crypto/heimdal/lib/kadm5/rename_s.c index e7f9038..a478e0a 100644 --- a/crypto/heimdal/lib/kadm5/rename_s.c +++ b/crypto/heimdal/lib/kadm5/rename_s.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "kadm5_locl.h" -RCSID("$Id: rename_s.c,v 1.9 1999/12/02 17:05:07 joda Exp $"); +RCSID("$Id: rename_s.c,v 1.11 2001/01/30 01:24:29 assar Exp $"); kadm5_ret_t kadm5_s_rename_principal(void *server_handle, @@ -82,7 +82,11 @@ kadm5_s_rename_principal(void *server_handle, ent2.principal = ent.principal; ent.principal = target; - hdb_seal_keys(context->db, &ent); + ret = hdb_seal_keys(context->context, context->db, &ent); + if (ret) { + ent.principal = ent2.principal; + goto out2; + } kadm5_log_rename (context, source, diff --git a/crypto/heimdal/lib/kadm5/send_recv.c b/crypto/heimdal/lib/kadm5/send_recv.c index 51f6972..796cd05 100644 --- a/crypto/heimdal/lib/kadm5/send_recv.c +++ b/crypto/heimdal/lib/kadm5/send_recv.c @@ -33,7 +33,7 @@ #include "kadm5_locl.h" -RCSID("$Id: send_recv.c,v 1.7 1999/12/02 17:05:07 joda Exp $"); +RCSID("$Id: send_recv.c,v 1.8 2000/07/11 16:00:58 joda Exp $"); kadm5_ret_t _kadm5_client_send(kadm5_client_context *context, krb5_storage *sp) @@ -43,6 +43,8 @@ _kadm5_client_send(kadm5_client_context *context, krb5_storage *sp) size_t len; krb5_storage *sock; + assert(context->sock != -1); + len = sp->seek(sp, 0, SEEK_CUR); ret = krb5_data_alloc(&msg, len); sp->seek(sp, 0, SEEK_SET); diff --git a/crypto/heimdal/lib/kadm5/set_keys.c b/crypto/heimdal/lib/kadm5/set_keys.c index e4d5d1a..f3f4e36 100644 --- a/crypto/heimdal/lib/kadm5/set_keys.c +++ b/crypto/heimdal/lib/kadm5/set_keys.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,173 +33,347 @@ #include "kadm5_locl.h" -RCSID("$Id: set_keys.c,v 1.18 1999/12/04 23:11:01 assar Exp $"); +RCSID("$Id: set_keys.c,v 1.23 2000/11/15 23:13:30 assar Exp $"); /* - * free all the memory used by (len, keys) + * the known and used DES enctypes */ -static void -free_keys (kadm5_server_context *context, - int len, Key *keys) +static krb5_enctype des_types[] = { ETYPE_DES_CBC_CRC, + ETYPE_DES_CBC_MD4, + ETYPE_DES_CBC_MD5 }; +static unsigned n_des_types = sizeof(des_types) / sizeof(des_types[0]); + +static krb5_error_code +make_keys(krb5_context context, krb5_principal principal, const char *password, + Key **keys_ret, size_t *num_keys_ret) { + krb5_enctype all_etypes[] = { ETYPE_DES3_CBC_SHA1, + ETYPE_DES_CBC_MD5, + ETYPE_DES_CBC_MD4, + ETYPE_DES_CBC_CRC }; + + + krb5_enctype e; + + krb5_error_code ret = 0; + char **ktypes, **kp; + + Key *keys = NULL, *tmp; + int num_keys = 0; + Key key; + int i; + char *v4_ktypes[] = {"des3:pw-salt", "v4", NULL}; + + ktypes = krb5_config_get_strings(context, NULL, "kadmin", + "default_keys", NULL); + + /* for each entry in `default_keys' try to parse it as a sequence + of etype:salttype:salt, syntax of this if something like: + [(des|des3|etype):](pw|afs3)[:string], if etype is omitted it + means everything, and if string is omitted is means the default + string (for that principal). Additional special values: + v5 == pw-salt, and + v4 == pw-salt: + */ + + if (ktypes == NULL + && krb5_config_get_bool (context, NULL, "kadmin", + "use_v4_salt", NULL)) + ktypes = v4_ktypes; + + for(kp = ktypes; kp && *kp; kp++) { + krb5_enctype *etypes; + int num_etypes; + krb5_salt salt; + krb5_boolean salt_set; + + const char *p; + char buf[3][256]; + int num_buf = 0; + + p = *kp; + if(strcmp(p, "v5") == 0) + p = "pw-salt"; + else if(strcmp(p, "v4") == 0) + p = "des:pw-salt:"; + + /* split p in a list of :-separated strings */ + for(num_buf = 0; num_buf < 3; num_buf++) + if(strsep_copy(&p, ":", buf[num_buf], sizeof(buf[num_buf])) == -1) + break; + + etypes = NULL; + num_etypes = 0; + memset(&salt, 0, sizeof(salt)); + salt_set = FALSE; + + for(i = 0; i < num_buf; i++) { + if(etypes == NULL) { + /* this might be a etype specifier */ + /* XXX there should be a string_to_etypes handling + special cases like `des' and `all' */ + if(strcmp(buf[i], "des") == 0) { + etypes = all_etypes + 1; + num_etypes = 3; + continue; + } else if(strcmp(buf[i], "des3") == 0) { + e = ETYPE_DES3_CBC_SHA1; + etypes = &e; + num_etypes = 1; + continue; + } else { + ret = krb5_string_to_enctype(context, buf[i], &e); + if(ret == 0) { + etypes = &e; + num_etypes = 1; + continue; + } + } + } + if(salt.salttype == 0) { + /* interpret string as a salt specifier, if no etype + is set, this sets default values */ + /* XXX should perhaps use string_to_salttype, but that + interface sucks */ + if(strcmp(buf[i], "pw-salt") == 0) { + if(etypes == NULL) { + etypes = all_etypes; + num_etypes = 4; + } + salt.salttype = KRB5_PW_SALT; + } else if(strcmp(buf[i], "afs3-salt") == 0) { + if(etypes == NULL) { + etypes = all_etypes + 1; + num_etypes = 3; + } + salt.salttype = KRB5_AFS3_SALT; + } + } else { + /* if there is a final string, use it as the string to + salt with, this is mostly useful with null salt for + v4 compat, and a cell name for afs compat */ + salt.saltvalue.data = buf[i]; + salt.saltvalue.length = strlen(buf[i]); + salt_set = TRUE; + } + } - for (i = 0; i < len; ++i) { - free (keys[i].mkvno); - keys[i].mkvno = NULL; - if (keys[i].salt != NULL) { - free_Salt(keys[i].salt); - free(keys[i].salt); - keys[i].salt = NULL; + if(etypes == NULL || salt.salttype == 0) { + krb5_warnx(context, "bad value for default_keys `%s'", *kp); + continue; } - krb5_free_keyblock_contents(context->context, &keys[i].key); - } - free (keys); -} -/* - * null-ify `len', `keys' - */ + if(!salt_set && salt.salttype == KRB5_PW_SALT) + /* make up default salt */ + ret = krb5_get_pw_salt(context, principal, &salt); + memset(&key, 0, sizeof(key)); + for(i = 0; i < num_etypes; i++) { + ret = krb5_string_to_key_salt (context, + etypes[i], + password, + salt, + &key.key); + + if(ret) + goto out; -static void -init_keys (Key *keys, int len) -{ - int i; + if (salt.salttype != KRB5_PW_SALT || salt_set) { + key.salt = malloc (sizeof(*key.salt)); + if (key.salt == NULL) { + free_Key(&key); + ret = ENOMEM; + goto out; + } + key.salt->type = salt.salttype; + krb5_data_zero (&key.salt->salt); + + /* is the salt has not been set explicitly, it will be + the default salt, so there's no need to explicitly + copy it */ + if (salt_set) { + ret = krb5_data_copy(&key.salt->salt, + salt.saltvalue.data, + salt.saltvalue.length); + if (ret) { + free_Key(&key); + goto out; + } + } + } + tmp = realloc(keys, (num_keys + 1) * sizeof(*keys)); + if(tmp == NULL) { + free_Key(&key); + ret = ENOMEM; + goto out; + } + keys = tmp; + keys[num_keys++] = key; + } + } - for (i = 0; i < len; ++i) { - keys[i].mkvno = NULL; - keys[i].salt = NULL; - keys[i].key.keyvalue.length = 0; - keys[i].key.keyvalue.data = NULL; + if(num_keys == 0) { + /* if we didn't manage to find a single valid key, create a + default set */ + /* XXX only do this is there is no `default_keys'? */ + krb5_salt v5_salt; + tmp = realloc(keys, (num_keys + 4) * sizeof(*keys)); + if(tmp == NULL) { + ret = ENOMEM; + goto out; + } + keys = tmp; + ret = krb5_get_pw_salt(context, principal, &v5_salt); + if(ret) + goto out; + for(i = 0; i < 4; i++) { + memset(&key, 0, sizeof(key)); + ret = krb5_string_to_key_salt(context, all_etypes[i], password, + v5_salt, &key.key); + if(ret) { + krb5_free_salt(context, v5_salt); + goto out; + } + keys[num_keys++] = key; + } + krb5_free_salt(context, v5_salt); } + + out: + if(ret == 0) { + *keys_ret = keys; + *num_keys_ret = num_keys; + } else { + for(i = 0; i < num_keys; i++) { + free_Key(&keys[i]); + } + free(keys); + } + return ret; } /* - * the known and used DES enctypes + * Set the keys of `ent' to the string-to-key of `password' */ -static krb5_enctype des_types[] = { ETYPE_DES_CBC_CRC, - ETYPE_DES_CBC_MD4, - ETYPE_DES_CBC_MD5 }; +kadm5_ret_t +_kadm5_set_keys(kadm5_server_context *context, + hdb_entry *ent, + const char *password) +{ + kadm5_ret_t ret; + Key *keys; + size_t num_keys; -static unsigned n_des_types = 3; + ret = make_keys(context->context, ent->principal, password, + &keys, &num_keys); + + if(ret) + return ret; + + _kadm5_free_keys (context, ent->keys.len, ent->keys.val); + ent->keys.val = keys; + ent->keys.len = num_keys; + ent->kvno++; + return 0; +} /* - * Set the keys of `ent' to the string-to-key of `password' + * Set the keys of `ent' to (`n_key_data', `key_data') */ kadm5_ret_t -_kadm5_set_keys(kadm5_server_context *context, - hdb_entry *ent, - const char *password) +_kadm5_set_keys2(kadm5_server_context *context, + hdb_entry *ent, + int16_t n_key_data, + krb5_key_data *key_data) { - kadm5_ret_t ret = 0; + krb5_error_code ret; int i; unsigned len; Key *keys; - krb5_salt salt; - krb5_boolean v4_salt = FALSE; - len = n_des_types + 1; + len = n_key_data; keys = malloc (len * sizeof(*keys)); if (keys == NULL) return ENOMEM; - init_keys (keys, len); - - salt.salttype = KRB5_PW_SALT; - salt.saltvalue.length = 0; - salt.saltvalue.data = NULL; + _kadm5_init_keys (keys, len); - if (krb5_config_get_bool (context->context, - NULL, "kadmin", "use_v4_salt", NULL)) { - v4_salt = TRUE; - } else { - ret = krb5_get_pw_salt (context->context, ent->principal, &salt); - if (ret) + for(i = 0; i < n_key_data; i++) { + keys[i].mkvno = NULL; + keys[i].key.keytype = key_data[i].key_data_type[0]; + ret = krb5_data_copy(&keys[i].key.keyvalue, + key_data[i].key_data_contents[0], + key_data[i].key_data_length[0]); + if(ret) goto out; - } + if(key_data[i].key_data_ver == 2) { + Salt *salt; - for (i = 0; i < n_des_types; ++i) { - ret = krb5_string_to_key_salt (context->context, - des_types[i], - password, - salt, - &keys[i].key); - if (ret) - goto out; - if (v4_salt) { - keys[i].salt = malloc (sizeof(*keys[i].salt)); - if (keys[i].salt == NULL) { + salt = malloc(sizeof(*salt)); + if(salt == NULL) { ret = ENOMEM; goto out; } - keys[i].salt->type = salt.salttype; - ret = copy_octet_string (&salt.saltvalue, &keys[i].salt->salt); - if (ret) - goto out; - } + keys[i].salt = salt; + salt->type = key_data[i].key_data_type[1]; + krb5_data_copy(&salt->salt, + key_data[i].key_data_contents[1], + key_data[i].key_data_length[1]); + } else + keys[i].salt = NULL; } - - ret = krb5_string_to_key (context->context, - ETYPE_DES3_CBC_SHA1, - password, - ent->principal, - &keys[n_des_types].key); - if (ret) - goto out; - - free_keys (context, ent->keys.len, ent->keys.val); + _kadm5_free_keys (context, ent->keys.len, ent->keys.val); ent->keys.len = len; ent->keys.val = keys; ent->kvno++; - return ret; -out: - krb5_data_free (&salt.saltvalue); - free_keys (context, len, keys); + return 0; + out: + _kadm5_free_keys (context, len, keys); return ret; } /* - * Set the keys of `ent' to (`n_key_data', `key_data') + * Set the keys of `ent' to `n_keys, keys' */ kadm5_ret_t -_kadm5_set_keys2(hdb_entry *ent, - int16_t n_key_data, - krb5_key_data *key_data) +_kadm5_set_keys3(kadm5_server_context *context, + hdb_entry *ent, + int n_keys, + krb5_keyblock *keyblocks) { krb5_error_code ret; int i; + unsigned len; + Key *keys; - ent->keys.len = n_key_data; - ent->keys.val = malloc(ent->keys.len * sizeof(*ent->keys.val)); - if(ent->keys.val == NULL) + len = n_keys; + keys = malloc (len * sizeof(*keys)); + if (keys == NULL) return ENOMEM; - for(i = 0; i < n_key_data; i++) { - ent->keys.val[i].mkvno = NULL; - ent->keys.val[i].key.keytype = key_data[i].key_data_type[0]; - ret = krb5_data_copy(&ent->keys.val[i].key.keyvalue, - key_data[i].key_data_contents[0], - key_data[i].key_data_length[0]); + + _kadm5_init_keys (keys, len); + + for(i = 0; i < n_keys; i++) { + keys[i].mkvno = NULL; + ret = krb5_copy_keyblock_contents (context->context, + &keyblocks[i], + &keys[i].key); if(ret) - return ret; - if(key_data[i].key_data_ver == 2) { - Salt *salt; - salt = malloc(sizeof(*salt)); - if(salt == NULL) - return ENOMEM; - ent->keys.val[i].salt = salt; - salt->type = key_data[i].key_data_type[1]; - krb5_data_copy(&salt->salt, - key_data[i].key_data_contents[1], - key_data[i].key_data_length[1]); - } else - ent->keys.val[i].salt = NULL; + goto out; + keys[i].salt = NULL; } + _kadm5_free_keys (context, ent->keys.len, ent->keys.val); + ent->keys.len = len; + ent->keys.val = keys; ent->kvno++; return 0; + out: + _kadm5_free_keys (context, len, keys); + return ret; } /* @@ -235,7 +409,7 @@ _kadm5_set_keys_randomly (kadm5_server_context *context, return ENOMEM; } - init_keys (hkeys, len); + _kadm5_init_keys (hkeys, len); ret = krb5_generate_random_keyblock (context->context, des_types[0], @@ -276,7 +450,7 @@ _kadm5_set_keys_randomly (kadm5_server_context *context, if (ret) goto out; - free_keys (context, ent->keys.len, ent->keys.val); + _kadm5_free_keys (context, ent->keys.len, ent->keys.val); ent->keys.len = len; ent->keys.val = hkeys; ent->kvno++; @@ -287,6 +461,6 @@ out: for (i = 0; i < len; ++i) krb5_free_keyblock_contents (context->context, &keys[i]); free (keys); - free_keys (context, len, hkeys); + _kadm5_free_keys (context, len, hkeys); return ret; } diff --git a/crypto/heimdal/lib/kadm5/truncate_log.c b/crypto/heimdal/lib/kadm5/truncate_log.c new file mode 100644 index 0000000..215fdd7 --- /dev/null +++ b/crypto/heimdal/lib/kadm5/truncate_log.c @@ -0,0 +1,88 @@ +/* + * Copyright (c) 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "iprop.h" + +RCSID("$Id: truncate_log.c,v 1.1 2000/07/24 04:27:06 assar Exp $"); + +static char *realm; +static int version_flag; +static int help_flag; + +static struct getargs args[] = { + { "realm", 'r', arg_string, &realm }, + { "version", 0, arg_flag, &version_flag }, + { "help", 0, arg_flag, &help_flag } +}; + +static int num_args = sizeof(args) / sizeof(args[0]); + +int +main(int argc, char **argv) +{ + krb5_context context; + krb5_error_code ret; + void *kadm_handle; + kadm5_server_context *server_context; + kadm5_config_params conf; + + krb5_program_setup(&context, argc, argv, args, num_args, NULL); + + if(help_flag) + krb5_std_usage(0, args, num_args); + if(version_flag) { + print_version(NULL); + exit(0); + } + + memset(&conf, 0, sizeof(conf)); + if(realm) { + conf.mask |= KADM5_CONFIG_REALM; + conf.realm = realm; + } + + ret = kadm5_init_with_password_ctx (context, + KADM5_ADMIN_SERVICE, + NULL, + KADM5_ADMIN_SERVICE, + &conf, 0, 0, + &kadm_handle); + if (ret) + krb5_err (context, 1, ret, "kadm5_init_with_password_ctx"); + + server_context = (kadm5_server_context *)kadm_handle; + + ret = kadm5_log_truncate (server_context); + krb5_err (context, 1, ret, "kadm5_log_truncate"); + return 0; +} diff --git a/crypto/heimdal/lib/kafs/ChangeLog b/crypto/heimdal/lib/kafs/ChangeLog index 09ea01e..180f2c4 100644 --- a/crypto/heimdal/lib/kafs/ChangeLog +++ b/crypto/heimdal/lib/kafs/ChangeLog @@ -1,3 +1,47 @@ +2000-12-11 Assar Westerlund + + * Makefile.am (libkafs_la_LDFLAGS): set version to 2:3:2 + +2000-11-17 Assar Westerlund + + * afssysdefs.h: solaris 8 apperently uses 65 + +2000-09-19 Assar Westerlund + + * Makefile.am (libkafs_la_LDFLAGS): bump version to 2:2:2 + +2000-09-12 Johan Danielsson + + * dlfcn.c: correct arguments to some snprintf:s + +2000-07-25 Johan Danielsson + + * Makefile.am: bump version to 2:1:2 + +2000-04-03 Assar Westerlund + + * Makefile.am: set version to 2:0:2 + +2000-03-20 Assar Westerlund + + * afssysdefs.h: make versions later than 5.7 of solaris also use + 73 + +2000-03-16 Assar Westerlund + + * afskrb.c (afslog_uid_int): use krb_get_tf_fullname instead of + krb_get_default_principal + +2000-03-15 Assar Westerlund + + * afssys.c (map_syscall_name_to_number): ignore # at + beginning-of-line + +2000-03-13 Assar Westerlund + + * afssysdefs.h: add 230 for MacOS X per information from + + 1999-12-06 Assar Westerlund * Makefile.am: set version to 1:2:1 diff --git a/crypto/heimdal/lib/kafs/Makefile.am b/crypto/heimdal/lib/kafs/Makefile.am index 2460e55..9557588 100644 --- a/crypto/heimdal/lib/kafs/Makefile.am +++ b/crypto/heimdal/lib/kafs/Makefile.am @@ -1,4 +1,4 @@ -# $Id: Makefile.am,v 1.19 2000/01/06 15:14:27 assar Exp $ +# $Id: Makefile.am,v 1.23 2000/12/11 00:44:50 assar Exp $ include $(top_srcdir)/Makefile.am.common @@ -41,7 +41,7 @@ endif # KRB4 lib_LTLIBRARIES = $(AFSLIBS) -libkafs_la_LDFLAGS = -version-info 1:2:1 +libkafs_la_LDFLAGS = -version-info 2:3:2 foodir = $(libdir) foo_DATA = $(AFS_EXTRA_LIBS) # EXTRA_DATA = afslib.so diff --git a/crypto/heimdal/lib/kafs/Makefile.in b/crypto/heimdal/lib/kafs/Makefile.in index 32b69cb..147f327 100644 --- a/crypto/heimdal/lib/kafs/Makefile.in +++ b/crypto/heimdal/lib/kafs/Makefile.in @@ -1,6 +1,6 @@ -# Makefile.in generated automatically by automake 1.4 from Makefile.am +# Makefile.in generated automatically by automake 1.4a from Makefile.am -# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -10,15 +10,6 @@ # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. -# $Id: Makefile.am,v 1.19 2000/01/06 15:14:27 assar Exp $ - - -# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ - - -# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ - - SHELL = @SHELL@ srcdir = @srcdir@ @@ -40,8 +31,6 @@ mandir = @mandir@ includedir = @includedir@ oldincludedir = /usr/include -DESTDIR = - pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ @@ -54,9 +43,10 @@ AUTOMAKE = @AUTOMAKE@ AUTOHEADER = @AUTOHEADER@ INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_FLAG = transform = @program_transform_name@ NORMAL_INSTALL = : @@ -65,25 +55,39 @@ POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : + +@SET_MAKE@ host_alias = @host_alias@ host_triplet = @host@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AMDEP = @AMDEP@ +AMTAR = @AMTAR@ +AS = @AS@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CPP = @CPP@ +CXX = @CXX@ +CXXCPP = @CXXCPP@ DBLIB = @DBLIB@ +DEPDIR = @DEPDIR@ +DIR_des = @DIR_des@ +DIR_roken = @DIR_roken@ +DLLTOOL = @DLLTOOL@ EXEEXT = @EXEEXT@ EXTRA_LIB45 = @EXTRA_LIB45@ GROFF = @GROFF@ +INCLUDES_roken = @INCLUDES_roken@ INCLUDE_ = @INCLUDE_@ -LD = @LD@ LEX = @LEX@ LIBOBJS = @LIBOBJS@ LIBTOOL = @LIBTOOL@ LIB_ = @LIB_@ LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_des = @LIB_des@ +LIB_des_appl = @LIB_des_appl@ LIB_kdb = @LIB_kdb@ LIB_otp = @LIB_otp@ LIB_roken = @LIB_roken@ @@ -91,31 +95,43 @@ LIB_security = @LIB_security@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ -MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ -MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ -MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ -NM = @NM@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ RANLIB = @RANLIB@ +STRIP = @STRIP@ VERSION = @VERSION@ VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ YACC = @YACC@ +dpagaix_CFLAGS = @dpagaix_CFLAGS@ +dpagaix_LDADD = @dpagaix_LDADD@ +install_sh = @install_sh@ + +# $Id: Makefile.am,v 1.23 2000/12/11 00:44:50 assar Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $ + AUTOMAKE_OPTIONS = foreign no-dependencies SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x -INCLUDES = -I$(top_builddir)/include $(INCLUDE_krb4) $(AFS_EXTRA_DEFS) +INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken) $(INCLUDE_krb4) $(AFS_EXTRA_DEFS) AM_CFLAGS = $(WFLAGS) +CP = cp + COMPILE_ET = $(top_builddir)/lib/com_err/compile_et buildinclude = $(top_builddir)/include @@ -135,6 +151,7 @@ LIB_getsockopt = @LIB_getsockopt@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ LIB_odm_initialize = @LIB_odm_initialize@ +LIB_pidfile = @LIB_pidfile@ LIB_readline = @LIB_readline@ LIB_res_search = @LIB_res_search@ LIB_setpcred = @LIB_setpcred@ @@ -143,6 +160,8 @@ LIB_socket = @LIB_socket@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIBS = @LIBS@ + HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ INCLUDE_hesiod = @INCLUDE_hesiod@ @@ -151,45 +170,41 @@ LIB_hesiod = @LIB_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ LIB_krb4 = @LIB_krb4@ +INCLUDE_openldap = @INCLUDE_openldap@ +LIB_openldap = @LIB_openldap@ + INCLUDE_readline = @INCLUDE_readline@ LEXLIB = @LEXLIB@ -cat1dir = $(mandir)/cat1 -cat3dir = $(mandir)/cat3 -cat5dir = $(mandir)/cat5 -cat8dir = $(mandir)/cat8 - -MANRX = \(.*\)\.\([0-9]\) -CATSUFFIX = @CATSUFFIX@ - NROFF_MAN = groff -mandoc -Tascii -@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) +@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la +@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \ +@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la CHECK_LOCAL = $(PROGRAMS) -@KRB4_TRUE@AFSLIBS = libkafs.la +@KRB4_TRUE@AFSLIBS = @KRB4_TRUE@libkafs.la @KRB4_FALSE@AFSLIBS = -@KRB4_TRUE@@AIX_TRUE@AFSL_EXP = $(srcdir)/afsl.exp +@KRB4_TRUE@@AIX_TRUE@AFSL_EXP = @KRB4_TRUE@@AIX_TRUE@$(srcdir)/afsl.exp @KRB4_TRUE@@AIX_FALSE@AFSL_EXP = -@KRB4_TRUE@@AIX_TRUE@@AIX4_TRUE@AFS_EXTRA_LD = -bnoentry -@KRB4_TRUE@@AIX_TRUE@@AIX4_FALSE@AFS_EXTRA_LD = -e _nostart +@KRB4_TRUE@@AIX_TRUE@@AIX4_TRUE@AFS_EXTRA_LD = @KRB4_TRUE@@AIX_TRUE@@AIX4_TRUE@-bnoentry +@KRB4_TRUE@@AIX_TRUE@@AIX4_FALSE@AFS_EXTRA_LD = @KRB4_TRUE@@AIX_TRUE@@AIX4_FALSE@-e _nostart @KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_TRUE@@HAVE_DLOPEN_TRUE@AIX_SRC = -@KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_TRUE@@HAVE_DLOPEN_FALSE@AIX_SRC = dlfcn.c -@KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_FALSE@AIX_SRC = afslib.c +@KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_TRUE@@HAVE_DLOPEN_FALSE@AIX_SRC = @KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_TRUE@@HAVE_DLOPEN_FALSE@dlfcn.c +@KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_FALSE@AIX_SRC = @KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_FALSE@afslib.c @KRB4_TRUE@@AIX_FALSE@AIX_SRC = -@KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_TRUE@AFS_EXTRA_LIBS = afslib.so +@KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_TRUE@AFS_EXTRA_LIBS = @KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_TRUE@afslib.so @KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_FALSE@AFS_EXTRA_LIBS = @KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_TRUE@AFS_EXTRA_DEFS = -@KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_FALSE@AFS_EXTRA_DEFS = -DSTATIC_AFS +@KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_FALSE@AFS_EXTRA_DEFS = @KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_FALSE@-DSTATIC_AFS lib_LTLIBRARIES = $(AFSLIBS) -libkafs_la_LDFLAGS = -version-info 1:2:1 +libkafs_la_LDFLAGS = -version-info 2:3:2 foodir = $(libdir) foo_DATA = $(AFS_EXTRA_LIBS) # EXTRA_DATA = afslib.so @@ -198,7 +213,7 @@ CLEANFILES = $(AFS_EXTRA_LIBS) include_HEADERS = kafs.h -@KRB5_TRUE@afskrb5_c = afskrb5.c +@KRB5_TRUE@afskrb5_c = @KRB5_TRUE@afskrb5.c libkafs_la_SOURCES = afssys.c afskrb.c $(afskrb5_c) common.c $(AIX_SRC) kafs_locl.h afssysdefs.h #afslib_so_SOURCES = afslib.c @@ -208,6 +223,7 @@ EXTRA_libkafs_la_SOURCES = afskrb5.c dlfcn.c afslib.c dlfcn.h EXTRA_DIST = README.dlfcn afsl.exp afslib.exp man_MANS = kafs.3 +subdir = lib/kafs mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs CONFIG_HEADER = ../../include/config.h CONFIG_CLEAN_FILES = @@ -217,186 +233,187 @@ LTLIBRARIES = $(lib_LTLIBRARIES) DEFS = @DEFS@ -I. -I$(srcdir) -I../../include CPPFLAGS = @CPPFLAGS@ LDFLAGS = @LDFLAGS@ -LIBS = @LIBS@ X_CFLAGS = @X_CFLAGS@ X_LIBS = @X_LIBS@ X_EXTRA_LIBS = @X_EXTRA_LIBS@ X_PRE_LIBS = @X_PRE_LIBS@ libkafs_la_LIBADD = -@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb5.lo \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@common.lo -@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \ -@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \ -@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \ -@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb5.lo \ -@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@common.lo -@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \ -@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \ -@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \ -@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@common.lo -@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \ -@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \ -@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \ -@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb5.lo \ -@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@common.lo -@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \ -@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \ -@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \ -@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@common.lo -@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \ -@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \ -@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \ -@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb5.lo \ -@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@common.lo -@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \ -@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \ -@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \ -@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@common.lo -@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \ -@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \ -@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \ -@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb5.lo \ -@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@common.lo -@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \ -@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \ -@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \ -@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@common.lo -@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \ -@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \ -@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \ -@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb5.lo \ -@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@common.lo -@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \ -@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \ -@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \ -@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@common.lo -@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \ -@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \ -@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \ -@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@common.lo -@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \ -@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \ -@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \ -@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb5.lo \ -@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@common.lo -@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \ -@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \ -@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \ -@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@common.lo -@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \ -@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \ -@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \ -@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb5.lo \ -@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@common.lo -@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \ -@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \ -@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \ -@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb5.lo \ -@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@common.lo -@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \ -@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \ -@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \ -@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@common.lo -@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \ -@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \ -@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \ -@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@common.lo -@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \ -@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \ -@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \ -@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb5.lo \ -@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@common.lo -@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@common.lo \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afslib.lo -@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb5.lo \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@common.lo \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@dlfcn.lo -@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@common.lo -@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \ -@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \ -@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \ -@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb5.lo \ -@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@common.lo -@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb5.lo \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@common.lo \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afslib.lo -@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \ -@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \ -@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \ -@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@common.lo -@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@common.lo \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@dlfcn.lo -@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \ -@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \ -@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \ -@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb5.lo \ -@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@common.lo -@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \ -@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \ -@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \ -@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@common.lo -@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \ -@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \ -@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \ -@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb5.lo \ -@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@common.lo -@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@common.lo \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afslib.lo -@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb5.lo \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@common.lo \ -@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afslib.lo -@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \ -@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \ -@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \ -@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@common.lo -CFLAGS = @CFLAGS@ +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@am_libkafs_la_OBJECTS = \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@afssys.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@afskrb.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@common.lo +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@am_libkafs_la_OBJECTS = \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afssys.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afskrb.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afskrb5.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@common.lo +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@am_libkafs_la_OBJECTS = \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@afssys.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@afskrb.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@common.lo +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@am_libkafs_la_OBJECTS = \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afssys.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afskrb.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afskrb5.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@common.lo +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@am_libkafs_la_OBJECTS = \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@afssys.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@afskrb.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@common.lo +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@am_libkafs_la_OBJECTS = \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afssys.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afskrb.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afskrb5.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@common.lo +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@am_libkafs_la_OBJECTS = \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@afssys.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@afskrb.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@common.lo +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@am_libkafs_la_OBJECTS = \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afssys.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afskrb.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afskrb5.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@common.lo +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@am_libkafs_la_OBJECTS = \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@afssys.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@afskrb.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@common.lo +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@am_libkafs_la_OBJECTS = \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afssys.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afskrb.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afskrb5.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@common.lo +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@am_libkafs_la_OBJECTS = \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@afssys.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@afskrb.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@common.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@afslib.lo +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@am_libkafs_la_OBJECTS = \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afssys.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afskrb.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afskrb5.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@common.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afslib.lo +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@am_libkafs_la_OBJECTS = \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@afssys.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@afskrb.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@common.lo +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@am_libkafs_la_OBJECTS = \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afssys.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afskrb.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afskrb5.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@common.lo +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@am_libkafs_la_OBJECTS = \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@afssys.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@afskrb.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@common.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@afslib.lo +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@am_libkafs_la_OBJECTS = \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afssys.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afskrb.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afskrb5.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@common.lo \ +@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afslib.lo +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@am_libkafs_la_OBJECTS = \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@afssys.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@afskrb.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@common.lo +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@am_libkafs_la_OBJECTS = \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afssys.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afskrb.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afskrb5.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@common.lo +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@am_libkafs_la_OBJECTS = \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@afssys.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@afskrb.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@common.lo +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@am_libkafs_la_OBJECTS = \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afssys.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afskrb.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afskrb5.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@common.lo +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@am_libkafs_la_OBJECTS = \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@afssys.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@afskrb.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@common.lo +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@am_libkafs_la_OBJECTS = \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afssys.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afskrb.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afskrb5.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@common.lo +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@am_libkafs_la_OBJECTS = \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@afssys.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@afskrb.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@common.lo +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@am_libkafs_la_OBJECTS = \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afssys.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afskrb.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afskrb5.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@common.lo +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@am_libkafs_la_OBJECTS = \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@afssys.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@afskrb.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@common.lo +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@am_libkafs_la_OBJECTS = \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afssys.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afskrb.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afskrb5.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@common.lo +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@am_libkafs_la_OBJECTS = \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@afssys.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@afskrb.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@common.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@dlfcn.lo +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@am_libkafs_la_OBJECTS = \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afssys.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afskrb.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afskrb5.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@common.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@dlfcn.lo +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@am_libkafs_la_OBJECTS = \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@afssys.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@afskrb.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@common.lo +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@am_libkafs_la_OBJECTS = \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afssys.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afskrb.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afskrb5.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@common.lo +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@am_libkafs_la_OBJECTS = \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@afssys.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@afskrb.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@common.lo +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@am_libkafs_la_OBJECTS = \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afssys.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afskrb.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afskrb5.lo \ +@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@common.lo +libkafs_la_OBJECTS = $(am_libkafs_la_OBJECTS) COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CFLAGS = @CFLAGS@ CCLD = $(CC) -LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +DIST_SOURCES = $(libkafs_la_SOURCES) $(EXTRA_libkafs_la_SOURCES) man3dir = $(mandir)/man3 MANS = $(man_MANS) DATA = $(foo_DATA) HEADERS = $(include_HEADERS) -DIST_COMMON = ChangeLog Makefile.am Makefile.in +depcomp = +DIST_COMMON = $(include_HEADERS) ChangeLog Makefile.am Makefile.in -DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -TAR = tar GZIP_ENV = --best SOURCES = $(libkafs_la_SOURCES) $(EXTRA_libkafs_la_SOURCES) -OBJECTS = $(libkafs_la_OBJECTS) +OBJECTS = $(am_libkafs_la_OBJECTS) all: all-redirect .SUFFIXES: -.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .s .x +.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .x $(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/kafs/Makefile @@ -419,31 +436,18 @@ install-libLTLIBRARIES: $(lib_LTLIBRARIES) $(mkinstalldirs) $(DESTDIR)$(libdir) @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ if test -f $$p; then \ - echo "$(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p"; \ - $(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p; \ + echo " $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p"; \ + $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p; \ else :; fi; \ done uninstall-libLTLIBRARIES: @$(NORMAL_UNINSTALL) - list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + echo " $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p"; \ $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \ done -.c.o: - $(COMPILE) -c $< - -# FIXME: We should only use cygpath when building on Windows, -# and only if it is available. -.c.obj: - $(COMPILE) -c `cygpath -w $<` - -.s.o: - $(COMPILE) -c $< - -.S.o: - $(COMPILE) -c $< - mostlyclean-compile: -rm -f *.o core *.core -rm -f *.$(OBJEXT) @@ -455,15 +459,6 @@ distclean-compile: maintainer-clean-compile: -.c.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - -.s.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - -.S.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - mostlyclean-libtool: -rm -f *.lo @@ -476,6 +471,12 @@ maintainer-clean-libtool: libkafs.la: $(libkafs_la_OBJECTS) $(libkafs_la_DEPENDENCIES) $(LINK) -rpath $(libdir) $(libkafs_la_LDFLAGS) $(libkafs_la_OBJECTS) $(libkafs_la_LIBADD) $(LIBS) +.c.o: + $(COMPILE) -c $< +.c.obj: + $(COMPILE) -c `cygpath -w $<` +.c.lo: + $(LTCOMPILE) -c -o $@ $< install-man3: $(mkinstalldirs) $(DESTDIR)$(man3dir) @@ -490,6 +491,7 @@ install-man3: else file=$$i; fi; \ ext=`echo $$i | sed -e 's/^.*\\.//'`; \ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ + inst=`echo $$inst | sed -e 's/^.*\///'`; \ inst=`echo $$inst | sed '$(transform)'`.$$ext; \ echo " $(INSTALL_DATA) $$file $(DESTDIR)$(man3dir)/$$inst"; \ $(INSTALL_DATA) $$file $(DESTDIR)$(man3dir)/$$inst; \ @@ -505,6 +507,7 @@ uninstall-man3: for i in $$list; do \ ext=`echo $$i | sed -e 's/^.*\\.//'`; \ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ + inst=`echo $$inst | sed -e 's/^.*\///'`; \ inst=`echo $$inst | sed '$(transform)'`.$$ext; \ echo " rm -f $(DESTDIR)$(man3dir)/$$inst"; \ rm -f $(DESTDIR)$(man3dir)/$$inst; \ @@ -520,19 +523,18 @@ install-fooDATA: $(foo_DATA) @$(NORMAL_INSTALL) $(mkinstalldirs) $(DESTDIR)$(foodir) @list='$(foo_DATA)'; for p in $$list; do \ - if test -f $(srcdir)/$$p; then \ - echo " $(INSTALL_DATA) $(srcdir)/$$p $(DESTDIR)$(foodir)/$$p"; \ - $(INSTALL_DATA) $(srcdir)/$$p $(DESTDIR)$(foodir)/$$p; \ - else if test -f $$p; then \ - echo " $(INSTALL_DATA) $$p $(DESTDIR)$(foodir)/$$p"; \ - $(INSTALL_DATA) $$p $(DESTDIR)$(foodir)/$$p; \ - fi; fi; \ + if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \ + f="`echo $$p | sed -e 's|^.*/||'`"; \ + echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(foodir)/$$f"; \ + $(INSTALL_DATA) $$d$$p $(DESTDIR)$(foodir)/$$f; \ done uninstall-fooDATA: @$(NORMAL_UNINSTALL) - list='$(foo_DATA)'; for p in $$list; do \ - rm -f $(DESTDIR)$(foodir)/$$p; \ + @list='$(foo_DATA)'; for p in $$list; do \ + f="`echo $$p | sed -e 's|^.*/||'`"; \ + echo " rm -f $(DESTDIR)$(foodir)/$$f"; \ + rm -f $(DESTDIR)$(foodir)/$$f; \ done install-includeHEADERS: $(include_HEADERS) @@ -540,35 +542,42 @@ install-includeHEADERS: $(include_HEADERS) $(mkinstalldirs) $(DESTDIR)$(includedir) @list='$(include_HEADERS)'; for p in $$list; do \ if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \ - echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p"; \ - $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p; \ + f="`echo $$p | sed -e 's|^.*/||'`"; \ + echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f"; \ + $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f; \ done uninstall-includeHEADERS: @$(NORMAL_UNINSTALL) - list='$(include_HEADERS)'; for p in $$list; do \ - rm -f $(DESTDIR)$(includedir)/$$p; \ + @list='$(include_HEADERS)'; for p in $$list; do \ + f="`echo $$p | sed -e 's|^.*/||'`"; \ + echo " rm -f $(DESTDIR)$(includedir)/$$f"; \ + rm -f $(DESTDIR)$(includedir)/$$f; \ done tags: TAGS -ID: $(HEADERS) $(SOURCES) $(LISP) - list='$(SOURCES) $(HEADERS)'; \ - unique=`for i in $$list; do echo $$i; done | \ - awk ' { files[$$0] = 1; } \ +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ - here=`pwd` && cd $(srcdir) \ - && mkid -f$$here/ID $$unique $(LISP) + mkid -fID $$unique $(LISP) -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP) +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) tags=; \ here=`pwd`; \ - list='$(SOURCES) $(HEADERS)'; \ - unique=`for i in $$list; do echo $$i; done | \ - awk ' { files[$$0] = 1; } \ + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ - || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS) + || etags $(ETAGS_ARGS) $$tags $$unique $(LISP) mostlyclean-tags: @@ -581,17 +590,16 @@ maintainer-clean-tags: distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) -subdir = lib/kafs - distdir: $(DISTFILES) @for file in $(DISTFILES); do \ d=$(srcdir); \ if test -d $$d/$$file; then \ - cp -pr $$/$$file $(distdir)/$$file; \ + cp -pR $$d/$$file $(distdir) \ + || exit 1; \ else \ test -f $(distdir)/$$file \ - || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ - || cp -p $$d/$$file $(distdir)/$$file || :; \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ fi; \ done $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook @@ -622,7 +630,7 @@ uninstall: uninstall-am all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA) $(HEADERS) all-local all-redirect: all-am install-strip: - $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install + $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install installdirs: $(mkinstalldirs) $(DESTDIR)$(libdir) $(DESTDIR)$(mandir)/man3 \ $(DESTDIR)$(foodir) $(DESTDIR)$(includedir) @@ -638,6 +646,7 @@ distclean-generic: -rm -f config.cache config.log stamp-h stamp-h[0-9]* maintainer-clean-generic: + -rm -f Makefile.in mostlyclean-am: mostlyclean-libLTLIBRARIES mostlyclean-compile \ mostlyclean-libtool mostlyclean-tags \ mostlyclean-generic @@ -677,7 +686,7 @@ distclean-tags clean-tags maintainer-clean-tags distdir info-am info \ dvi-am dvi check-local check check-am installcheck-am installcheck \ install-exec-am install-exec install-data-local install-data-am \ install-data install-am install uninstall-am uninstall all-local \ -all-redirect all-am all installdirs mostlyclean-generic \ +all-redirect all-am all install-strip installdirs mostlyclean-generic \ distclean-generic clean-generic maintainer-clean-generic clean \ mostlyclean distclean maintainer-clean @@ -687,7 +696,10 @@ install-suid-programs: for file in $$foo; do \ x=$(DESTDIR)$(bindir)/$$file; \ if chown 0:0 $$x && chmod u+s $$x; then :; else \ - chmod 0 $$x; fi; done + echo "*"; \ + echo "* Failed to install $$x setuid root"; \ + echo "*"; \ + fi; done install-exec-hook: install-suid-programs @@ -699,8 +711,8 @@ install-build-headers:: $(include_HEADERS) $(build_HEADERZ) else file="$$f"; fi; \ if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ : ; else \ - echo " cp $$file $(buildinclude)/$$f"; \ - cp $$file $(buildinclude)/$$f; \ + echo " $(CP) $$file $(buildinclude)/$$f"; \ + $(CP) $$file $(buildinclude)/$$f; \ fi ; \ done @@ -769,87 +781,8 @@ dist-cat8-mans: dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans -install-cat1-mans: - @ext=1;\ - foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat3-mans: - @ext=3;\ - foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat5-mans: - @ext=5;\ - foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat8-mans: - @ext=8;\ - foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans +install-cat-mans: + $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) install-data-local: install-cat-mans diff --git a/crypto/heimdal/lib/kafs/afskrb.c b/crypto/heimdal/lib/kafs/afskrb.c index 805750d..ea7ca53 100644 --- a/crypto/heimdal/lib/kafs/afskrb.c +++ b/crypto/heimdal/lib/kafs/afskrb.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "kafs_locl.h" -RCSID("$Id: afskrb.c,v 1.13 1999/12/02 16:58:39 joda Exp $"); +RCSID("$Id: afskrb.c,v 1.14 2000/03/16 05:35:56 assar Exp $"); struct krb_kafs_data { const char *realm; @@ -69,13 +69,9 @@ afslog_uid_int(kafs_data *data, return _kafs_afslog_all_local_cells (data, uid, homedir); /* Extract realm from ticket file. */ - { - char name[ANAME_SZ], inst[INST_SZ]; - - ret = krb_get_default_principal(name, inst, realm); - if (ret != KSUCCESS) - return ret; - } + ret = krb_get_tf_fullname(tkt_string(), NULL, NULL, realm); + if (ret != KSUCCESS) + return ret; ret = _kafs_get_cred(data, cell, realm_hint, realm, &c); diff --git a/crypto/heimdal/lib/kafs/afssys.c b/crypto/heimdal/lib/kafs/afssys.c index d49a65a..c64b382 100644 --- a/crypto/heimdal/lib/kafs/afssys.c +++ b/crypto/heimdal/lib/kafs/afssys.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 200 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "kafs_locl.h" -RCSID("$Id: afssys.c,v 1.65 1999/12/02 16:58:40 joda Exp $"); +RCSID("$Id: afssys.c,v 1.67 2000/07/08 12:06:03 assar Exp $"); int _kafs_debug; /* this should be done in a better way */ @@ -113,6 +113,9 @@ map_syscall_name_to_number (const char *str, int *res) if (f == NULL) return -1; while (fgets (buf, sizeof(buf), f) != NULL) { + if (buf[0] == '#') + continue; + if (strncmp (str, buf, str_len) == 0) { char *begptr = buf + str_len; char *endptr; @@ -280,7 +283,7 @@ int k_hasafs(void) { #if !defined(NO_AFS) && defined(SIGSYS) - RETSIGTYPE (*saved_func)(); + RETSIGTYPE (*saved_func)(int); #endif int saved_errno; char *env = getenv ("AFS_SYSCALL"); diff --git a/crypto/heimdal/lib/kafs/afssysdefs.h b/crypto/heimdal/lib/kafs/afssysdefs.h index 574b33f..800921f 100644 --- a/crypto/heimdal/lib/kafs/afssysdefs.h +++ b/crypto/heimdal/lib/kafs/afssysdefs.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -31,7 +31,7 @@ * SUCH DAMAGE. */ -/* $Id: afssysdefs.h,v 1.21 1999/12/02 16:58:40 joda Exp $ */ +/* $Id: afssysdefs.h,v 1.24 2000/11/17 01:07:47 assar Exp $ */ /* * This section is for machines using single entry point AFS syscalls! @@ -54,6 +54,10 @@ #define AFS_SYSCALL 73 #endif +#if SunOS >= 58 +#define AFS_SYSCALL 65 +#endif + #if defined(__hpux) #define AFS_SYSCALL 50 #define AFS_SYSCALL2 49 @@ -82,6 +86,10 @@ #define AFS_SYSCALL 210 #endif +#ifdef __APPLE__ /* MacOS X */ +#define AFS_SYSCALL 230 +#endif + #ifdef SYS_afs_syscall #define AFS_SYSCALL3 SYS_afs_syscall #endif diff --git a/crypto/heimdal/lib/kafs/dlfcn.c b/crypto/heimdal/lib/kafs/dlfcn.c index e664fe3..728cf5c 100644 --- a/crypto/heimdal/lib/kafs/dlfcn.c +++ b/crypto/heimdal/lib/kafs/dlfcn.c @@ -115,12 +115,12 @@ void *dlopen(const char *path, int mode) } if ((mp = (ModulePtr)calloc(1, sizeof(*mp))) == NULL) { errvalid++; - snprintf (errbuf, "calloc: %s", strerror(errno)); + snprintf (errbuf, sizeof(errbuf), "calloc: %s", strerror(errno)); return NULL; } if ((mp->name = strdup(path)) == NULL) { errvalid++; - snprintf (errbuf, "strdup: %s", strerror(errno)); + snprintf (errbuf, sizeof(errbuf), "strdup: %s", strerror(errno)); free(mp); return NULL; } diff --git a/crypto/heimdal/lib/kafs/kafs.3 b/crypto/heimdal/lib/kafs/kafs.3 index 4a7b5ef..0b6b050 100644 --- a/crypto/heimdal/lib/kafs/kafs.3 +++ b/crypto/heimdal/lib/kafs/kafs.3 @@ -1,4 +1,4 @@ -.\" $Id: kafs.3,v 1.3 1998/06/30 15:41:52 assar Exp $ +.\" $Id: kafs.3,v 1.4 2001/01/11 16:16:29 assar Exp $ .\" .Dd May 7, 1997 .Os KTH-KRB @@ -11,8 +11,8 @@ .Nm k_afs_cell_of_file , .Nm krb_afslog , .Nm krb_afslog_uid -\" .Nm krb5_afslog , -\" .Nm krb5_afslog_uid +.\" .Nm krb5_afslog , +.\" .Nm krb5_afslog_uid .Nd AFS library .Sh SYNOPSIS .Fd #include @@ -30,10 +30,10 @@ .Fn krb_afslog "char *cell" "char *realm" .Ft int .Fn krb_afslog_uid "char *cell" "char *realm" "uid_t uid" -\" .Ft krb5_error_code -\" .Fn krb5_afslog_uid "krb5_context context" "krb5_ccache id" "const char *cell" "krb5_const_realm realm" "uid_t uid" -\" .Ft krb5_error_code -\" .Fn krb5_afslog "krb5_context context" "krb5_ccache id" "const char *cell" "krb5_const_realm realm" +.\" .Ft krb5_error_code +.\" .Fn krb5_afslog_uid "krb5_context context" "krb5_ccache id" "const char *cell" "krb5_const_realm realm" "uid_t uid" +.\" .Ft krb5_error_code +.\" .Fn krb5_afslog "krb5_context context" "krb5_ccache id" "const char *cell" "krb5_const_realm realm" .Sh DESCRIPTION .Fn k_hasafs initializes some library internal structures, and tests for the @@ -41,7 +41,7 @@ presense of AFS in the kernel, none of the other functions should be called before .Fn k_hasafs is called, or if it fails. - +.Pp .Fn krb_afslog , and .Fn krb_afslog_uid @@ -66,22 +66,22 @@ field in the token, .Fn krb_afslog_uid will use .Fa uid . - -\" .Fn krb5_afslog , -\" and -\" .Fn krb5_afslog_uid -\" are the Kerberos 5 equivalents of -\" .Fn krb_afslog , -\" and -\" .Fn krb_afslog_uid . -\" The extra arguments are the ubiquitous context, and the cache id where -\" to store any obtained tickets. Since AFS servers normally can't handle -\" Kerberos 5 tickets directly, these functions will first obtain version -\" 5 tickets for the requested cells, and then convert them to version 4 -\" tickets, that can be stashed in the kernel. To convert tickets the -\" .Fn krb524_convert_creds_kdc -\" function will be used. - +.Pp +.\" .Fn krb5_afslog , +.\" and +.\" .Fn krb5_afslog_uid +.\" are the Kerberos 5 equivalents of +.\" .Fn krb_afslog , +.\" and +.\" .Fn krb_afslog_uid . +.\" The extra arguments are the ubiquitous context, and the cache id where +.\" to store any obtained tickets. Since AFS servers normally can't handle +.\" Kerberos 5 tickets directly, these functions will first obtain version +.\" 5 tickets for the requested cells, and then convert them to version 4 +.\" tickets, that can be stashed in the kernel. To convert tickets the +.\" .Fn krb524_convert_creds_kdc +.\" function will be used. +.\" .Pp .Fn k_afs_cell_of_file will in .Fa cell @@ -89,23 +89,22 @@ return the cell of a specified file, no more than .Fa len characters is put in .Fa cell . - +.Pp .Fn k_pioctl does a .Fn pioctl syscall with the specified arguments. This function is equivalent to .Fn lpioctl . - +.Pp .Fn k_setpag initializes a new PAG. - +.Pp .Fn k_unlog removes destroys all tokens in the current PAG. - .Sh ENVIRONMENT The following environment variable affect the mode of operation of .Nm kafs : -.Bl -tag +.Bl -tag -width AFS_SYSCALL .It Ev AFS_SYSCALL Normally, .Nm kafs diff --git a/crypto/heimdal/lib/kdfs/ChangeLog b/crypto/heimdal/lib/kdfs/ChangeLog new file mode 100644 index 0000000..6b52fd2 --- /dev/null +++ b/crypto/heimdal/lib/kdfs/ChangeLog @@ -0,0 +1,11 @@ +2000-12-11 Assar Westerlund + + * Makefile.am (libkdfs_la_LDFLAGS): set version to 0:1:0 + +2000-07-02 Assar Westerlund + + * k5dfspag.c: use krb5.h instead of krb5_locl.h + + * initial import from Ake Sandgren + + diff --git a/crypto/heimdal/lib/kdfs/Makefile.am b/crypto/heimdal/lib/kdfs/Makefile.am new file mode 100644 index 0000000..c51d55e --- /dev/null +++ b/crypto/heimdal/lib/kdfs/Makefile.am @@ -0,0 +1,10 @@ +# $Id: Makefile.am,v 1.2 2000/12/11 00:46:47 assar Exp $ + +include $(top_srcdir)/Makefile.am.common + +lib_LTLIBRARIES = libkdfs.la + +libkdfs_la_SOURCES = \ + k5dfspag.c + +libkdfs_la_LDFLAGS = -version-info 0:1:0 diff --git a/crypto/heimdal/lib/kdfs/Makefile.in b/crypto/heimdal/lib/kdfs/Makefile.in new file mode 100644 index 0000000..124a908 --- /dev/null +++ b/crypto/heimdal/lib/kdfs/Makefile.in @@ -0,0 +1,557 @@ +# Makefile.in generated automatically by automake 1.4a from Makefile.am + +# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +SHELL = @SHELL@ + +srcdir = @srcdir@ +top_srcdir = @top_srcdir@ +VPATH = @srcdir@ +prefix = @prefix@ +exec_prefix = @exec_prefix@ + +bindir = @bindir@ +sbindir = @sbindir@ +libexecdir = @libexecdir@ +datadir = @datadir@ +sysconfdir = @sysconfdir@ +sharedstatedir = @sharedstatedir@ +localstatedir = @localstatedir@ +libdir = @libdir@ +infodir = @infodir@ +mandir = @mandir@ +includedir = @includedir@ +oldincludedir = /usr/include + +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ + +top_builddir = ../.. + +ACLOCAL = @ACLOCAL@ +AUTOCONF = @AUTOCONF@ +AUTOMAKE = @AUTOMAKE@ +AUTOHEADER = @AUTOHEADER@ + +INSTALL = @INSTALL@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_FLAG = +transform = @program_transform_name@ + +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : + +@SET_MAKE@ +host_alias = @host_alias@ +host_triplet = @host@ +AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AMDEP = @AMDEP@ +AMTAR = @AMTAR@ +AS = @AS@ +AWK = @AWK@ +CANONICAL_HOST = @CANONICAL_HOST@ +CATMAN = @CATMAN@ +CATMANEXT = @CATMANEXT@ +CC = @CC@ +CPP = @CPP@ +CXX = @CXX@ +CXXCPP = @CXXCPP@ +DBLIB = @DBLIB@ +DEPDIR = @DEPDIR@ +DIR_des = @DIR_des@ +DIR_roken = @DIR_roken@ +DLLTOOL = @DLLTOOL@ +EXEEXT = @EXEEXT@ +EXTRA_LIB45 = @EXTRA_LIB45@ +GROFF = @GROFF@ +INCLUDES_roken = @INCLUDES_roken@ +INCLUDE_ = @INCLUDE_@ +LEX = @LEX@ +LIBOBJS = @LIBOBJS@ +LIBTOOL = @LIBTOOL@ +LIB_ = @LIB_@ +LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_des = @LIB_des@ +LIB_des_appl = @LIB_des_appl@ +LIB_kdb = @LIB_kdb@ +LIB_otp = @LIB_otp@ +LIB_roken = @LIB_roken@ +LIB_security = @LIB_security@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ +NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ +NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +RANLIB = @RANLIB@ +STRIP = @STRIP@ +VERSION = @VERSION@ +VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ +WFLAGS = @WFLAGS@ +WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ +WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ +YACC = @YACC@ +dpagaix_CFLAGS = @dpagaix_CFLAGS@ +dpagaix_LDADD = @dpagaix_LDADD@ +install_sh = @install_sh@ + +# $Id: Makefile.am,v 1.2 2000/12/11 00:46:47 assar Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $ + + +AUTOMAKE_OPTIONS = foreign no-dependencies + +SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x + +INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken) + +AM_CFLAGS = $(WFLAGS) + +CP = cp + +COMPILE_ET = $(top_builddir)/lib/com_err/compile_et + +buildinclude = $(top_builddir)/include + +LIB_XauReadAuth = @LIB_XauReadAuth@ +LIB_crypt = @LIB_crypt@ +LIB_dbm_firstkey = @LIB_dbm_firstkey@ +LIB_dbopen = @LIB_dbopen@ +LIB_dlopen = @LIB_dlopen@ +LIB_dn_expand = @LIB_dn_expand@ +LIB_el_init = @LIB_el_init@ +LIB_getattr = @LIB_getattr@ +LIB_gethostbyname = @LIB_gethostbyname@ +LIB_getpwent_r = @LIB_getpwent_r@ +LIB_getpwnam_r = @LIB_getpwnam_r@ +LIB_getsockopt = @LIB_getsockopt@ +LIB_logout = @LIB_logout@ +LIB_logwtmp = @LIB_logwtmp@ +LIB_odm_initialize = @LIB_odm_initialize@ +LIB_pidfile = @LIB_pidfile@ +LIB_readline = @LIB_readline@ +LIB_res_search = @LIB_res_search@ +LIB_setpcred = @LIB_setpcred@ +LIB_setsockopt = @LIB_setsockopt@ +LIB_socket = @LIB_socket@ +LIB_syslog = @LIB_syslog@ +LIB_tgetent = @LIB_tgetent@ + +LIBS = @LIBS@ + +HESIODLIB = @HESIODLIB@ +HESIODINCLUDE = @HESIODINCLUDE@ +INCLUDE_hesiod = @INCLUDE_hesiod@ +LIB_hesiod = @LIB_hesiod@ + +INCLUDE_krb4 = @INCLUDE_krb4@ +LIB_krb4 = @LIB_krb4@ + +INCLUDE_openldap = @INCLUDE_openldap@ +LIB_openldap = @LIB_openldap@ + +INCLUDE_readline = @INCLUDE_readline@ + +LEXLIB = @LEXLIB@ + +NROFF_MAN = groff -mandoc -Tascii + +@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) + +@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \ +@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la + +CHECK_LOCAL = $(PROGRAMS) + +lib_LTLIBRARIES = libkdfs.la + +libkdfs_la_SOURCES = \ + k5dfspag.c + + +libkdfs_la_LDFLAGS = -version-info 0:1:0 +subdir = lib/kdfs +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = ../../include/config.h +CONFIG_CLEAN_FILES = +LTLIBRARIES = $(lib_LTLIBRARIES) + + +DEFS = @DEFS@ -I. -I$(srcdir) -I../../include +CPPFLAGS = @CPPFLAGS@ +LDFLAGS = @LDFLAGS@ +X_CFLAGS = @X_CFLAGS@ +X_LIBS = @X_LIBS@ +X_EXTRA_LIBS = @X_EXTRA_LIBS@ +X_PRE_LIBS = @X_PRE_LIBS@ +libkdfs_la_LIBADD = +am_libkdfs_la_OBJECTS = k5dfspag.lo +libkdfs_la_OBJECTS = $(am_libkdfs_la_OBJECTS) +COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CFLAGS = @CFLAGS@ +CCLD = $(CC) +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +DIST_SOURCES = $(libkdfs_la_SOURCES) +depcomp = +DIST_COMMON = ChangeLog Makefile.am Makefile.in + + +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) + +GZIP_ENV = --best +SOURCES = $(libkdfs_la_SOURCES) +OBJECTS = $(am_libkdfs_la_OBJECTS) + +all: all-redirect +.SUFFIXES: +.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .x +$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common + cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/kdfs/Makefile + +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + cd $(top_builddir) \ + && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status + + +mostlyclean-libLTLIBRARIES: + +clean-libLTLIBRARIES: + -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) + +distclean-libLTLIBRARIES: + +maintainer-clean-libLTLIBRARIES: + +install-libLTLIBRARIES: $(lib_LTLIBRARIES) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(libdir) + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + echo " $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p"; \ + $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p; \ + else :; fi; \ + done + +uninstall-libLTLIBRARIES: + @$(NORMAL_UNINSTALL) + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + echo " $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p"; \ + $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \ + done + +mostlyclean-compile: + -rm -f *.o core *.core + -rm -f *.$(OBJEXT) + +clean-compile: + +distclean-compile: + -rm -f *.tab.c + +maintainer-clean-compile: + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +distclean-libtool: + +maintainer-clean-libtool: + +libkdfs.la: $(libkdfs_la_OBJECTS) $(libkdfs_la_DEPENDENCIES) + $(LINK) -rpath $(libdir) $(libkdfs_la_LDFLAGS) $(libkdfs_la_OBJECTS) $(libkdfs_la_LIBADD) $(LIBS) +.c.o: + $(COMPILE) -c $< +.c.obj: + $(COMPILE) -c `cygpath -w $<` +.c.lo: + $(LTCOMPILE) -c -o $@ $< + +tags: TAGS + +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + mkid -fID $$unique $(LISP) + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ + || etags $(ETAGS_ARGS) $$tags $$unique $(LISP) + +mostlyclean-tags: + +clean-tags: + +distclean-tags: + -rm -f TAGS ID + +maintainer-clean-tags: + +distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) + +distdir: $(DISTFILES) + @for file in $(DISTFILES); do \ + d=$(srcdir); \ + if test -d $$d/$$file; then \ + cp -pR $$d/$$file $(distdir) \ + || exit 1; \ + else \ + test -f $(distdir)/$$file \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ + fi; \ + done + $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook +info-am: +info: info-am +dvi-am: +dvi: dvi-am +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) check-local +check: check-am +installcheck-am: +installcheck: installcheck-am +install-exec-am: install-libLTLIBRARIES + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-exec-hook +install-exec: install-exec-am + +install-data-am: install-data-local +install-data: install-data-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am +install: install-am +uninstall-am: uninstall-libLTLIBRARIES +uninstall: uninstall-am +all-am: Makefile $(LTLIBRARIES) all-local +all-redirect: all-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install +installdirs: + $(mkinstalldirs) $(DESTDIR)$(libdir) + + +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -rm -f Makefile $(CONFIG_CLEAN_FILES) + -rm -f config.cache config.log stamp-h stamp-h[0-9]* + +maintainer-clean-generic: + -rm -f Makefile.in +mostlyclean-am: mostlyclean-libLTLIBRARIES mostlyclean-compile \ + mostlyclean-libtool mostlyclean-tags \ + mostlyclean-generic + +mostlyclean: mostlyclean-am + +clean-am: clean-libLTLIBRARIES clean-compile clean-libtool clean-tags \ + clean-generic mostlyclean-am + +clean: clean-am + +distclean-am: distclean-libLTLIBRARIES distclean-compile \ + distclean-libtool distclean-tags distclean-generic \ + clean-am + -rm -f libtool + +distclean: distclean-am + +maintainer-clean-am: maintainer-clean-libLTLIBRARIES \ + maintainer-clean-compile maintainer-clean-libtool \ + maintainer-clean-tags maintainer-clean-generic \ + distclean-am + @echo "This command is intended for maintainers to use;" + @echo "it deletes files that may require special tools to rebuild." + +maintainer-clean: maintainer-clean-am + +.PHONY: mostlyclean-libLTLIBRARIES distclean-libLTLIBRARIES \ +clean-libLTLIBRARIES maintainer-clean-libLTLIBRARIES \ +uninstall-libLTLIBRARIES install-libLTLIBRARIES mostlyclean-compile \ +distclean-compile clean-compile maintainer-clean-compile \ +mostlyclean-libtool distclean-libtool clean-libtool \ +maintainer-clean-libtool tags mostlyclean-tags distclean-tags \ +clean-tags maintainer-clean-tags distdir info-am info dvi-am dvi \ +check-local check check-am installcheck-am installcheck install-exec-am \ +install-exec install-data-local install-data-am install-data install-am \ +install uninstall-am uninstall all-local all-redirect all-am all \ +install-strip installdirs mostlyclean-generic distclean-generic \ +clean-generic maintainer-clean-generic clean mostlyclean distclean \ +maintainer-clean + + +install-suid-programs: + @foo='$(bin_SUIDS)'; \ + for file in $$foo; do \ + x=$(DESTDIR)$(bindir)/$$file; \ + if chown 0:0 $$x && chmod u+s $$x; then :; else \ + echo "*"; \ + echo "* Failed to install $$x setuid root"; \ + echo "*"; \ + fi; done + +install-exec-hook: install-suid-programs + +install-build-headers:: $(include_HEADERS) $(build_HEADERZ) + @foo='$(include_HEADERS) $(build_HEADERZ)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " $(CP) $$file $(buildinclude)/$$f"; \ + $(CP) $$file $(buildinclude)/$$f; \ + fi ; \ + done + +all-local: install-build-headers +#NROFF_MAN = nroff -man +.1.cat1: + $(NROFF_MAN) $< > $@ +.3.cat3: + $(NROFF_MAN) $< > $@ +.5.cat5: + $(NROFF_MAN) $< > $@ +.8.cat8: + $(NROFF_MAN) $< > $@ + +dist-cat1-mans: + @foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat3-mans: + @foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat5-mans: + @foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat8-mans: + @foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans + +install-cat-mans: + $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) + +install-data-local: install-cat-mans + +.et.h: + $(COMPILE_ET) $< +.et.c: + $(COMPILE_ET) $< + +.x.c: + @cmp -s $< $@ 2> /dev/null || cp $< $@ + +check-local:: + @foo='$(CHECK_LOCAL)'; \ + if test "$$foo"; then \ + failed=0; all=0; \ + for i in $$foo; do \ + all=`expr $$all + 1`; \ + if ./$$i --version > /dev/null 2>&1; then \ + echo "PASS: $$i"; \ + else \ + echo "FAIL: $$i"; \ + failed=`expr $$failed + 1`; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0; \ + fi + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/crypto/heimdal/lib/kdfs/k5dfspag.c b/crypto/heimdal/lib/kdfs/k5dfspag.c new file mode 100644 index 0000000..3e48a85 --- /dev/null +++ b/crypto/heimdal/lib/kdfs/k5dfspag.c @@ -0,0 +1,362 @@ +/* + * lib/krb5/os/k5dfspag.c + * + * New Kerberos module to issue the DFS PAG syscalls. + * It also contains the routine to fork and exec the + * k5dcecon routine to do most of the work. + * + * This file is designed to be as independent of DCE + * and DFS as possible. The only dependencies are on + * the syscall numbers. If DFS not running or not installed, + * the sig handlers will catch and the signal and + * will continue. + * + * krb5_dfs_newpag and krb5_dfs_getpag should not be real + * Kerberos routines, since they should be setpag and getpag + * in the DCE library, but without the DCE baggage. + * Thus they don't have context, and don't return a krb5 error. + * + * + * + * krb5_dfs_pag() + */ + +#include + +#ifdef DCE + +#include +#include +#include +#include +#include + +/* Only run this DFS PAG code on systems with POSIX + * All that we are interested in dor:, AIX 4.x, + * Solaris 2.5.x, HPUX 10.x Even SunOS 4.1.4, AIX 3.2.5 + * and SGI 5.3 are OK. This simplifies + * the build/configure which I don't want to change now. + * All of them also have waitpid as well. + */ + +#define POSIX_SETJMP +#define POSIX_SIGNALS +#define HAVE_WAITPID + +#include +#include +#ifndef POSIX_SETJMP +#undef sigjmp_buf +#undef sigsetjmp +#undef siglongjmp +#define sigjmp_buf jmp_buf +#define sigsetjmp(j,s) setjmp(j) +#define siglongjmp longjmp +#endif + +#ifdef POSIX_SIGNALS +typedef struct sigaction handler; +#define handler_init(H,F) (sigemptyset(&(H).sa_mask), \ + (H).sa_flags=0, \ + (H).sa_handler=(F)) +#define handler_swap(S,NEW,OLD) sigaction(S, &NEW, &OLD) +#define handler_set(S,OLD) sigaction(S, &OLD, NULL) +#else +typedef sigtype (*handler)(); +#define handler_init(H,F) ((H) = (F)) +#define handler_swap(S,NEW,OLD) ((OLD) = signal ((S), (NEW))) +#define handler_set(S,OLD) (signal ((S), (OLD))) +#endif + +#define krb5_sigtype void +#define WAIT_USES_INT +typedef krb5_sigtype sigtype; + + +/* + * Need some syscall numbers based on different systems. + * These are based on: + * HPUX 10.10 /opt/dce/include/dcedfs/syscall.h + * Solaris 2.5 /opt/dcelocal/share/include/dcedfs/syscall.h + * AIX 4.2 - needs some funny games with load and kafs_syscall + * to get the kernel extentions. There should be a better way! + * + * DEE 5/27/97 + * + */ + + +#define AFSCALL_SETPAG 2 +#define AFSCALL_GETPAG 11 + +#if defined(sun) +#define AFS_SYSCALL 72 + +#elif defined(hpux) +/* assume HPUX 10 + or is it 50 */ +#define AFS_SYSCALL 326 + +#elif defined(_AIX) +#ifndef DPAGAIX +#define DPAGAIX LIBEXECDIR ## "/dpagaix" +#endif +int *load(); +static int (*dpagaix)(int, int, int, int, int, int) = 0; + +#elif defined(sgi) || defined(_sgi) +#define AFS_SYSCALL 206+1000 + +#else +#define AFS_SYSCALL (Unknown_DFS_AFS_SYSCALL) +#endif + + +#ifdef WAIT_USES_INT + int wait_status; +#else /* WAIT_USES_INT */ + union wait wait_status; +#endif /* WAIT_USES_INT */ + +#ifndef K5DCECON +#define K5DCECON LIBEXECDIR ## "/k5dcecon" +#endif + +/* + * mysig() + * + * signal handler if DFS not running + * + */ + +static sigjmp_buf setpag_buf; + +static sigtype mysig() +{ + siglongjmp(setpag_buf, 1); +} + +/* + * krb5_dfs_pag_syscall() + * + * wrapper for the syscall with signal handlers + * + */ + +static int krb5_dfs_pag_syscall(opt1,opt2) + int opt1; + int opt2; +{ + handler sa1, osa1; + handler sa2, osa2; + int pag = -2; + + handler_init (sa1, mysig); + handler_init (sa2, mysig); + handler_swap (SIGSYS, sa1, osa1); + handler_swap (SIGSEGV, sa2, osa2); + + if (sigsetjmp(setpag_buf, 1) == 0) { + +#if defined(_AIX) + if (!dpagaix) + dpagaix = load(DPAGAIX, 0, 0); + if (dpagaix) + pag = (*dpagaix)(opt1, opt2, 0, 0, 0, 0); +#else + pag = syscall(AFS_SYSCALL, opt1, opt2, 0, 0, 0, 0); +#endif + + handler_set (SIGSYS, osa1); + handler_set (SIGSEGV, osa2); + return(pag); + } + + /* syscall failed! return 0 */ + handler_set (SIGSYS, osa1); + handler_set (SIGSEGV, osa2); + return(-2); +} + +/* + * krb5_dfs_newpag() + * + * issue a DCE/DFS setpag system call to set the newpag + * for this process. This takes advantage of a currently + * undocumented feature of the Transarc port of DFS. + * Even in DCE 1.2.2 for which the source is available, + * (but no vendors have released), this feature is not + * there, but it should be, or could be added. + * If new_pag is zero, then the syscall will get a new pag + * and return its value. + */ + +int krb5_dfs_newpag(new_pag) + int new_pag; +{ + return(krb5_dfs_pag_syscall(AFSCALL_SETPAG, new_pag)); +} + +/* + * krb5_dfs_getpag() + * + * get the current PAG. Used mostly as a test. + */ + +int krb5_dfs_getpag() +{ + return(krb5_dfs_pag_syscall(AFSCALL_GETPAG, 0)); +} + +/* + * krb5_dfs_pag() + * + * Given a principal and local username, + * fork and exec the k5dcecon module to create + * refresh or join a new DCE/DFS + * Process Authentication Group (PAG) + * + * This routine should be called after krb5_kuserok has + * determined that this combination of local user and + * principal are acceptable for the local host. + * + * It should also be called after a forwarded ticket has + * been received, and the KRB5CCNAME environment variable + * has been set to point at it. k5dcecon will convert this + * to a new DCE context and a new pag and replace KRB5CCNAME + * in the environment. + * + * If there is no forwarded ticket, k5dcecon will attempt + * to join an existing PAG for the same principal and local + * user. + * + * And it should be called before access to the home directory + * as this may be in DFS, not accessable by root, and require + * the PAG to have been setup. + * + * The krb5_afs_pag can be called after this routine to + * use the the cache obtained by k5dcecon to get an AFS token. + * DEE - 7/97 + */ + +int krb5_dfs_pag(context, flag, principal, luser) + krb5_context context; + int flag; /* 1 if a forwarded TGT is to be used */ + krb5_principal principal; + const char *luser; + +{ + + struct stat stx; + int fd[2]; + int i,j; + int pid; + int new_pag; + int pag; + char newccname[MAXPATHLEN] = ""; + char *princ; + int err; + struct sigaction newsig, oldsig; + +#ifdef WAIT_USES_INT + int wait_status; +#else /* WAIT_USES_INT */ + union wait wait_status; +#endif /* WAIT_USES_INT */ + + if (krb5_unparse_name(context, principal, &princ)) + return(0); + + /* test if DFS is running or installed */ + if (krb5_dfs_getpag() == -2) + return(0); /* DFS not running, dont try */ + + if (pipe(fd) == -1) + return(0); + + /* Make sure that telnetd.c's SIGCHLD action don't happen right now... */ + memset((char *)&newsig, 0, sizeof(newsig)); + newsig.sa_handler = SIG_IGN; + sigaction(SIGCHLD, &newsig, &oldsig); + + pid = fork(); + if (pid <0) + return(0); + + if (pid == 0) { /* child process */ + + close(1); /* close stdout */ + dup(fd[1]); /* point stdout at pipe here */ + close(fd[0]); /* don't use end of pipe here */ + close(fd[1]); /* pipe now as stdout */ + + execl(K5DCECON, "k5dcecon", + (flag) ? "-f" : "-s" , + "-l", luser, + "-p", princ, (char *)0); + + exit(127); /* incase execl fails */ + } + + /* parent, wait for child to finish */ + + close(fd[1]); /* dont need this end of pipe */ + +/* #if defined(sgi) || defined(_sgi) */ + /* wait_status.w_status = 0; */ + /* waitpid((pid_t) pid, &wait_status.w_status, 0); */ +/* #else */ + + + wait_status = 0; +#ifdef HAVE_WAITPID + err = waitpid((pid_t) pid, &wait_status, 0); +#else /* HAVE_WAITPID */ + err = wait4(pid, &wait_status, 0, (struct rusage *) NULL); +#endif /* HAVE_WAITPID */ +/* #endif */ + + sigaction(SIGCHLD, &oldsig, 0); + if (WIFEXITED(wait_status)){ + if (WEXITSTATUS(wait_status) == 0) { + i = 1; + j = 0; + while (i != 0) { + i = read(fd[0], &newccname[j], sizeof(newccname)-1-j); + if ( i > 0) + j += i; + if (j >= sizeof(newccname)-1) + i = 0; + } + close(fd[0]); + if (j > 0) { + newccname[j] = '\0'; + esetenv("KRB5CCNAME",newccname,1); + sscanf(&newccname[j-8],"%8x",&new_pag); + if (new_pag && strncmp("FILE:/opt/dcelocal/var/security/creds/dcecred_", newccname, 46) == 0) { + if((pag = krb5_dfs_newpag(new_pag)) != -2) { + return(pag); + } + } + } + } + } + return(0); /* something not right */ +} + +#else /* DCE */ + +/* + * krb5_dfs_pag - dummy version for the lib for systems + * which don't have DFS, or the needed setpag kernel code. + */ + +krb5_boolean +krb5_dfs_pag(context, principal, luser) + krb5_context context; + krb5_principal principal; + const char *luser; +{ + return(0); +} + +#endif /* DCE */ diff --git a/crypto/heimdal/lib/krb5/Makefile.am b/crypto/heimdal/lib/krb5/Makefile.am index df8ac6d..395f29d 100644 --- a/crypto/heimdal/lib/krb5/Makefile.am +++ b/crypto/heimdal/lib/krb5/Makefile.am @@ -1,24 +1,22 @@ -# $Id: Makefile.am,v 1.98 2000/02/19 18:53:56 assar Exp $ +# $Id: Makefile.am,v 1.119 2001/01/30 01:50:52 assar Exp $ include $(top_srcdir)/Makefile.am.common -INCLUDES += $(INCLUDE_krb4) - bin_PROGRAMS = verify_krb5_conf -noinst_PROGRAMS = dump_config +noinst_PROGRAMS = dump_config test_get_addrs check_PROGRAMS = n-fold-test string-to-key-test TESTS = n-fold-test string-to-key-test -if KRB4 -KRB4LIB = $(LIB_krb4) -keytab_krb4_c = keytab_krb4.c -endif - LDADD = libkrb5.la \ - $(KRB4LIB) \ - $(top_builddir)/lib/des/libdes.la \ + $(LIB_des) \ + $(top_builddir)/lib/asn1/libasn1.la \ + $(LIB_roken) + +libkrb5_la_LIBADD = \ + ../com_err/error.lo ../com_err/com_err.lo \ + $(LIB_des) \ $(top_builddir)/lib/asn1/libasn1.la \ $(LIB_roken) @@ -27,10 +25,12 @@ lib_LTLIBRARIES = libkrb5.la ERR_FILES = krb5_err.c heim_err.c libkrb5_la_SOURCES = \ + acl.c \ add_et_list.c \ addr_families.c \ address.c \ aname_to_localname.c \ + appdefault.c \ asn1_glue.c \ auth_context.c \ build_ap_req.c \ @@ -48,6 +48,7 @@ libkrb5_la_SOURCES = \ creds.c \ crypto.c \ data.c \ + eai_to_heim_errno.c \ expand_hostname.c \ fcache.c \ free.c \ @@ -71,8 +72,8 @@ libkrb5_la_SOURCES = \ keytab.c \ keytab_file.c \ keytab_memory.c \ - $(keytab_krb4_c) \ keytab_keyfile.c \ + keytab_krb4.c \ krbhst.c \ kuserok.c \ log.c \ @@ -99,6 +100,7 @@ libkrb5_la_SOURCES = \ rd_safe.c \ read_message.c \ recvauth.c \ + replay.c \ send_to_kdc.c \ sendauth.c \ set_default_realm.c \ @@ -117,9 +119,7 @@ libkrb5_la_SOURCES = \ write_message.c \ $(ERR_FILES) -EXTRA_libkrb5_la_SOURCES = keytab_krb4.c - -libkrb5_la_LDFLAGS = -version-info 9:1:0 +libkrb5_la_LDFLAGS = -version-info 15:0:0 $(libkrb5_la_OBJECTS): $(srcdir)/krb5-protos.h $(srcdir)/krb5-private.h @@ -129,11 +129,25 @@ $(srcdir)/krb5-protos.h: $(srcdir)/krb5-private.h: cd $(srcdir); perl ../../cf/make-proto.pl -p krb5-private.h $(libkrb5_la_SOURCES) || rm -f krb5-private.h -libkrb5_la_LIBADD = ../com_err/error.lo ../com_err/com_err.lo - -man_MANS = krb5.conf.5 krb5_warn.3 krb5_openlog.3 \ - krb5_425_conv_principal.3 krb5_build_principal.3 krb5_free_principal.3 \ - krb5_parse_name.3 krb5_sname_to_principal.3 krb5_unparse_name.3 +#libkrb5_la_LIBADD = ../com_err/error.lo ../com_err/com_err.lo + +man_MANS = \ + kerberos.8 \ + krb5.conf.5 \ + krb5_425_conv_principal.3 \ + krb5_appdefault.3 \ + krb5_build_principal.3 \ + krb5_config.3 \ + krb5_free_principal.3 \ + krb5_openlog.3 \ + krb5_parse_name.3 \ + krb5_sname_to_principal.3 \ + krb5_unparse_name.3 \ + krb5_warn.3 \ + verify_krb5_conf.8 \ + krb5_auth_context.3 \ + krb5_context.3 \ + krb5_init_context.3 include_HEADERS = krb5.h krb5-protos.h krb5-private.h krb5_err.h heim_err.h diff --git a/crypto/heimdal/lib/krb5/Makefile.in b/crypto/heimdal/lib/krb5/Makefile.in index dbca9de..be103d2 100644 --- a/crypto/heimdal/lib/krb5/Makefile.in +++ b/crypto/heimdal/lib/krb5/Makefile.in @@ -1,6 +1,6 @@ -# Makefile.in generated automatically by automake 1.4 from Makefile.am +# Makefile.in generated automatically by automake 1.4a from Makefile.am -# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -10,15 +10,6 @@ # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. -# $Id: Makefile.am,v 1.98 2000/02/19 18:53:56 assar Exp $ - - -# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ - - -# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ - - SHELL = @SHELL@ srcdir = @srcdir@ @@ -40,8 +31,6 @@ mandir = @mandir@ includedir = @includedir@ oldincludedir = /usr/include -DESTDIR = - pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ @@ -54,9 +43,10 @@ AUTOMAKE = @AUTOMAKE@ AUTOHEADER = @AUTOHEADER@ INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_FLAG = transform = @program_transform_name@ NORMAL_INSTALL = : @@ -65,26 +55,39 @@ POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : + +@SET_MAKE@ host_alias = @host_alias@ host_triplet = @host@ -AFS_EXTRA_LD = @AFS_EXTRA_LD@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AMDEP = @AMDEP@ +AMTAR = @AMTAR@ +AS = @AS@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CPP = @CPP@ +CXX = @CXX@ +CXXCPP = @CXXCPP@ DBLIB = @DBLIB@ +DEPDIR = @DEPDIR@ +DIR_des = @DIR_des@ +DIR_roken = @DIR_roken@ +DLLTOOL = @DLLTOOL@ EXEEXT = @EXEEXT@ EXTRA_LIB45 = @EXTRA_LIB45@ GROFF = @GROFF@ +INCLUDES_roken = @INCLUDES_roken@ INCLUDE_ = @INCLUDE_@ -LD = @LD@ LEX = @LEX@ LIBOBJS = @LIBOBJS@ LIBTOOL = @LIBTOOL@ LIB_ = @LIB_@ LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_des = @LIB_des@ +LIB_des_appl = @LIB_des_appl@ LIB_kdb = @LIB_kdb@ LIB_otp = @LIB_otp@ LIB_roken = @LIB_roken@ @@ -92,31 +95,43 @@ LIB_security = @LIB_security@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ -MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ -MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ -MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ -NM = @NM@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ RANLIB = @RANLIB@ +STRIP = @STRIP@ VERSION = @VERSION@ VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ YACC = @YACC@ +dpagaix_CFLAGS = @dpagaix_CFLAGS@ +dpagaix_LDADD = @dpagaix_LDADD@ +install_sh = @install_sh@ + +# $Id: Makefile.am,v 1.119 2001/01/30 01:50:52 assar Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $ + AUTOMAKE_OPTIONS = foreign no-dependencies SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x -INCLUDES = -I$(top_builddir)/include $(INCLUDE_krb4) +INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken) AM_CFLAGS = $(WFLAGS) +CP = cp + COMPILE_ET = $(top_builddir)/lib/com_err/compile_et buildinclude = $(top_builddir)/include @@ -136,6 +151,7 @@ LIB_getsockopt = @LIB_getsockopt@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ LIB_odm_initialize = @LIB_odm_initialize@ +LIB_pidfile = @LIB_pidfile@ LIB_readline = @LIB_readline@ LIB_res_search = @LIB_res_search@ LIB_setpcred = @LIB_setpcred@ @@ -144,6 +160,8 @@ LIB_socket = @LIB_socket@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIBS = @LIBS@ + HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ INCLUDE_hesiod = @INCLUDE_hesiod@ @@ -152,59 +170,170 @@ LIB_hesiod = @LIB_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ LIB_krb4 = @LIB_krb4@ +INCLUDE_openldap = @INCLUDE_openldap@ +LIB_openldap = @LIB_openldap@ + INCLUDE_readline = @INCLUDE_readline@ LEXLIB = @LEXLIB@ -cat1dir = $(mandir)/cat1 -cat3dir = $(mandir)/cat3 -cat5dir = $(mandir)/cat5 -cat8dir = $(mandir)/cat8 - -MANRX = \(.*\)\.\([0-9]\) -CATSUFFIX = @CATSUFFIX@ - NROFF_MAN = groff -mandoc -Tascii -@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) +@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la +@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \ +@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la CHECK_LOCAL = $(PROGRAMS) bin_PROGRAMS = verify_krb5_conf -noinst_PROGRAMS = dump_config +noinst_PROGRAMS = dump_config test_get_addrs check_PROGRAMS = n-fold-test string-to-key-test TESTS = n-fold-test string-to-key-test -@KRB4_TRUE@KRB4LIB = $(LIB_krb4) -@KRB4_TRUE@keytab_krb4_c = keytab_krb4.c +LDADD = libkrb5.la \ + $(LIB_des) \ + $(top_builddir)/lib/asn1/libasn1.la \ + $(LIB_roken) + -LDADD = libkrb5.la $(KRB4LIB) $(top_builddir)/lib/des/libdes.la $(top_builddir)/lib/asn1/libasn1.la $(LIB_roken) +libkrb5_la_LIBADD = \ + ../com_err/error.lo ../com_err/com_err.lo \ + $(LIB_des) \ + $(top_builddir)/lib/asn1/libasn1.la \ + $(LIB_roken) lib_LTLIBRARIES = libkrb5.la ERR_FILES = krb5_err.c heim_err.c -libkrb5_la_SOURCES = add_et_list.c addr_families.c address.c aname_to_localname.c asn1_glue.c auth_context.c build_ap_req.c build_auth.c cache.c changepw.c codec.c config_file.c config_file_netinfo.c convert_creds.c constants.c context.c copy_host_realm.c crc.c creds.c crypto.c data.c expand_hostname.c fcache.c free.c free_host_realm.c generate_seq_number.c generate_subkey.c get_addrs.c get_cred.c get_default_principal.c get_default_realm.c get_for_creds.c get_host_realm.c get_in_tkt.c get_in_tkt_pw.c get_in_tkt_with_keytab.c get_in_tkt_with_skey.c get_port.c init_creds.c init_creds_pw.c keyblock.c keytab.c keytab_file.c keytab_memory.c $(keytab_krb4_c) keytab_keyfile.c krbhst.c kuserok.c log.c mcache.c misc.c mk_error.c mk_priv.c mk_rep.c mk_req.c mk_req_ext.c mk_safe.c net_read.c net_write.c n-fold.c padata.c principal.c prog_setup.c prompter_posix.c rd_cred.c rd_error.c rd_priv.c rd_rep.c rd_req.c rd_safe.c read_message.c recvauth.c send_to_kdc.c sendauth.c set_default_realm.c sock_principal.c store.c store_emem.c store_fd.c store_mem.c ticket.c time.c transited.c verify_init.c verify_user.c version.c warn.c write_message.c $(ERR_FILES) - - -EXTRA_libkrb5_la_SOURCES = keytab_krb4.c - -libkrb5_la_LDFLAGS = -version-info 9:1:0 - -libkrb5_la_LIBADD = ../com_err/error.lo ../com_err/com_err.lo - -man_MANS = krb5.conf.5 krb5_warn.3 krb5_openlog.3 krb5_425_conv_principal.3 krb5_build_principal.3 krb5_free_principal.3 krb5_parse_name.3 krb5_sname_to_principal.3 krb5_unparse_name.3 +libkrb5_la_SOURCES = \ + acl.c \ + add_et_list.c \ + addr_families.c \ + address.c \ + aname_to_localname.c \ + appdefault.c \ + asn1_glue.c \ + auth_context.c \ + build_ap_req.c \ + build_auth.c \ + cache.c \ + changepw.c \ + codec.c \ + config_file.c \ + config_file_netinfo.c \ + convert_creds.c \ + constants.c \ + context.c \ + copy_host_realm.c \ + crc.c \ + creds.c \ + crypto.c \ + data.c \ + eai_to_heim_errno.c \ + expand_hostname.c \ + fcache.c \ + free.c \ + free_host_realm.c \ + generate_seq_number.c \ + generate_subkey.c \ + get_addrs.c \ + get_cred.c \ + get_default_principal.c \ + get_default_realm.c \ + get_for_creds.c \ + get_host_realm.c \ + get_in_tkt.c \ + get_in_tkt_pw.c \ + get_in_tkt_with_keytab.c \ + get_in_tkt_with_skey.c \ + get_port.c \ + init_creds.c \ + init_creds_pw.c \ + keyblock.c \ + keytab.c \ + keytab_file.c \ + keytab_memory.c \ + keytab_keyfile.c \ + keytab_krb4.c \ + krbhst.c \ + kuserok.c \ + log.c \ + mcache.c \ + misc.c \ + mk_error.c \ + mk_priv.c \ + mk_rep.c \ + mk_req.c \ + mk_req_ext.c \ + mk_safe.c \ + net_read.c \ + net_write.c \ + n-fold.c \ + padata.c \ + principal.c \ + prog_setup.c \ + prompter_posix.c \ + rd_cred.c \ + rd_error.c \ + rd_priv.c \ + rd_rep.c \ + rd_req.c \ + rd_safe.c \ + read_message.c \ + recvauth.c \ + replay.c \ + send_to_kdc.c \ + sendauth.c \ + set_default_realm.c \ + sock_principal.c \ + store.c \ + store_emem.c \ + store_fd.c \ + store_mem.c \ + ticket.c \ + time.c \ + transited.c \ + verify_init.c \ + verify_user.c \ + version.c \ + warn.c \ + write_message.c \ + $(ERR_FILES) + + +libkrb5_la_LDFLAGS = -version-info 15:0:0 + +#libkrb5_la_LIBADD = ../com_err/error.lo ../com_err/com_err.lo + +man_MANS = \ + kerberos.8 \ + krb5.conf.5 \ + krb5_425_conv_principal.3 \ + krb5_appdefault.3 \ + krb5_build_principal.3 \ + krb5_config.3 \ + krb5_free_principal.3 \ + krb5_openlog.3 \ + krb5_parse_name.3 \ + krb5_sname_to_principal.3 \ + krb5_unparse_name.3 \ + krb5_warn.3 \ + verify_krb5_conf.8 \ + krb5_auth_context.3 \ + krb5_context.3 \ + krb5_init_context.3 include_HEADERS = krb5.h krb5-protos.h krb5-private.h krb5_err.h heim_err.h CLEANFILES = krb5_err.c krb5_err.h heim_err.c heim_err.h +subdir = lib/krb5 mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs CONFIG_HEADER = ../../include/config.h CONFIG_CLEAN_FILES = @@ -214,128 +343,94 @@ LTLIBRARIES = $(lib_LTLIBRARIES) DEFS = @DEFS@ -I. -I$(srcdir) -I../../include CPPFLAGS = @CPPFLAGS@ LDFLAGS = @LDFLAGS@ -LIBS = @LIBS@ X_CFLAGS = @X_CFLAGS@ X_LIBS = @X_LIBS@ X_EXTRA_LIBS = @X_EXTRA_LIBS@ X_PRE_LIBS = @X_PRE_LIBS@ -libkrb5_la_DEPENDENCIES = ../com_err/error.lo ../com_err/com_err.lo -@KRB4_TRUE@libkrb5_la_OBJECTS = add_et_list.lo addr_families.lo \ -@KRB4_TRUE@address.lo aname_to_localname.lo asn1_glue.lo \ -@KRB4_TRUE@auth_context.lo build_ap_req.lo build_auth.lo cache.lo \ -@KRB4_TRUE@changepw.lo codec.lo config_file.lo config_file_netinfo.lo \ -@KRB4_TRUE@convert_creds.lo constants.lo context.lo copy_host_realm.lo \ -@KRB4_TRUE@crc.lo creds.lo crypto.lo data.lo expand_hostname.lo \ -@KRB4_TRUE@fcache.lo free.lo free_host_realm.lo generate_seq_number.lo \ -@KRB4_TRUE@generate_subkey.lo get_addrs.lo get_cred.lo \ -@KRB4_TRUE@get_default_principal.lo get_default_realm.lo \ -@KRB4_TRUE@get_for_creds.lo get_host_realm.lo get_in_tkt.lo \ -@KRB4_TRUE@get_in_tkt_pw.lo get_in_tkt_with_keytab.lo \ -@KRB4_TRUE@get_in_tkt_with_skey.lo get_port.lo init_creds.lo \ -@KRB4_TRUE@init_creds_pw.lo keyblock.lo keytab.lo keytab_file.lo \ -@KRB4_TRUE@keytab_memory.lo keytab_krb4.lo keytab_keyfile.lo krbhst.lo \ -@KRB4_TRUE@kuserok.lo log.lo mcache.lo misc.lo mk_error.lo mk_priv.lo \ -@KRB4_TRUE@mk_rep.lo mk_req.lo mk_req_ext.lo mk_safe.lo net_read.lo \ -@KRB4_TRUE@net_write.lo n-fold.lo padata.lo principal.lo prog_setup.lo \ -@KRB4_TRUE@prompter_posix.lo rd_cred.lo rd_error.lo rd_priv.lo \ -@KRB4_TRUE@rd_rep.lo rd_req.lo rd_safe.lo read_message.lo recvauth.lo \ -@KRB4_TRUE@send_to_kdc.lo sendauth.lo set_default_realm.lo \ -@KRB4_TRUE@sock_principal.lo store.lo store_emem.lo store_fd.lo \ -@KRB4_TRUE@store_mem.lo ticket.lo time.lo transited.lo verify_init.lo \ -@KRB4_TRUE@verify_user.lo version.lo warn.lo write_message.lo \ -@KRB4_TRUE@krb5_err.lo heim_err.lo -@KRB4_FALSE@libkrb5_la_OBJECTS = add_et_list.lo addr_families.lo \ -@KRB4_FALSE@address.lo aname_to_localname.lo asn1_glue.lo \ -@KRB4_FALSE@auth_context.lo build_ap_req.lo build_auth.lo cache.lo \ -@KRB4_FALSE@changepw.lo codec.lo config_file.lo config_file_netinfo.lo \ -@KRB4_FALSE@convert_creds.lo constants.lo context.lo copy_host_realm.lo \ -@KRB4_FALSE@crc.lo creds.lo crypto.lo data.lo expand_hostname.lo \ -@KRB4_FALSE@fcache.lo free.lo free_host_realm.lo generate_seq_number.lo \ -@KRB4_FALSE@generate_subkey.lo get_addrs.lo get_cred.lo \ -@KRB4_FALSE@get_default_principal.lo get_default_realm.lo \ -@KRB4_FALSE@get_for_creds.lo get_host_realm.lo get_in_tkt.lo \ -@KRB4_FALSE@get_in_tkt_pw.lo get_in_tkt_with_keytab.lo \ -@KRB4_FALSE@get_in_tkt_with_skey.lo get_port.lo init_creds.lo \ -@KRB4_FALSE@init_creds_pw.lo keyblock.lo keytab.lo keytab_file.lo \ -@KRB4_FALSE@keytab_memory.lo keytab_keyfile.lo krbhst.lo kuserok.lo \ -@KRB4_FALSE@log.lo mcache.lo misc.lo mk_error.lo mk_priv.lo mk_rep.lo \ -@KRB4_FALSE@mk_req.lo mk_req_ext.lo mk_safe.lo net_read.lo net_write.lo \ -@KRB4_FALSE@n-fold.lo padata.lo principal.lo prog_setup.lo \ -@KRB4_FALSE@prompter_posix.lo rd_cred.lo rd_error.lo rd_priv.lo \ -@KRB4_FALSE@rd_rep.lo rd_req.lo rd_safe.lo read_message.lo recvauth.lo \ -@KRB4_FALSE@send_to_kdc.lo sendauth.lo set_default_realm.lo \ -@KRB4_FALSE@sock_principal.lo store.lo store_emem.lo store_fd.lo \ -@KRB4_FALSE@store_mem.lo ticket.lo time.lo transited.lo verify_init.lo \ -@KRB4_FALSE@verify_user.lo version.lo warn.lo write_message.lo \ -@KRB4_FALSE@krb5_err.lo heim_err.lo +libkrb5_la_DEPENDENCIES = ../com_err/error.lo ../com_err/com_err.lo \ +$(top_builddir)/lib/asn1/libasn1.la +am_libkrb5_la_OBJECTS = acl.lo add_et_list.lo addr_families.lo \ +address.lo aname_to_localname.lo appdefault.lo asn1_glue.lo \ +auth_context.lo build_ap_req.lo build_auth.lo cache.lo changepw.lo \ +codec.lo config_file.lo config_file_netinfo.lo convert_creds.lo \ +constants.lo context.lo copy_host_realm.lo crc.lo creds.lo crypto.lo \ +data.lo eai_to_heim_errno.lo expand_hostname.lo fcache.lo free.lo \ +free_host_realm.lo generate_seq_number.lo generate_subkey.lo \ +get_addrs.lo get_cred.lo get_default_principal.lo get_default_realm.lo \ +get_for_creds.lo get_host_realm.lo get_in_tkt.lo get_in_tkt_pw.lo \ +get_in_tkt_with_keytab.lo get_in_tkt_with_skey.lo get_port.lo \ +init_creds.lo init_creds_pw.lo keyblock.lo keytab.lo keytab_file.lo \ +keytab_memory.lo keytab_keyfile.lo keytab_krb4.lo krbhst.lo kuserok.lo \ +log.lo mcache.lo misc.lo mk_error.lo mk_priv.lo mk_rep.lo mk_req.lo \ +mk_req_ext.lo mk_safe.lo net_read.lo net_write.lo n-fold.lo padata.lo \ +principal.lo prog_setup.lo prompter_posix.lo rd_cred.lo rd_error.lo \ +rd_priv.lo rd_rep.lo rd_req.lo rd_safe.lo read_message.lo recvauth.lo \ +replay.lo send_to_kdc.lo sendauth.lo set_default_realm.lo \ +sock_principal.lo store.lo store_emem.lo store_fd.lo store_mem.lo \ +ticket.lo time.lo transited.lo verify_init.lo verify_user.lo version.lo \ +warn.lo write_message.lo krb5_err.lo heim_err.lo +libkrb5_la_OBJECTS = $(am_libkrb5_la_OBJECTS) bin_PROGRAMS = verify_krb5_conf$(EXEEXT) check_PROGRAMS = n-fold-test$(EXEEXT) string-to-key-test$(EXEEXT) -noinst_PROGRAMS = dump_config$(EXEEXT) +noinst_PROGRAMS = dump_config$(EXEEXT) test_get_addrs$(EXEEXT) PROGRAMS = $(bin_PROGRAMS) $(noinst_PROGRAMS) -verify_krb5_conf_SOURCES = verify_krb5_conf.c -verify_krb5_conf_OBJECTS = verify_krb5_conf.$(OBJEXT) -verify_krb5_conf_LDADD = $(LDADD) -@KRB4_TRUE@verify_krb5_conf_DEPENDENCIES = libkrb5.la \ -@KRB4_TRUE@$(top_builddir)/lib/des/libdes.la \ -@KRB4_TRUE@$(top_builddir)/lib/asn1/libasn1.la -@KRB4_FALSE@verify_krb5_conf_DEPENDENCIES = libkrb5.la \ -@KRB4_FALSE@$(top_builddir)/lib/des/libdes.la \ -@KRB4_FALSE@$(top_builddir)/lib/asn1/libasn1.la -verify_krb5_conf_LDFLAGS = +dump_config_SOURCES = dump_config.c +dump_config_OBJECTS = dump_config.$(OBJEXT) +dump_config_LDADD = $(LDADD) +dump_config_DEPENDENCIES = libkrb5.la \ +$(top_builddir)/lib/asn1/libasn1.la +dump_config_LDFLAGS = n_fold_test_SOURCES = n-fold-test.c n_fold_test_OBJECTS = n-fold-test.$(OBJEXT) n_fold_test_LDADD = $(LDADD) -@KRB4_TRUE@n_fold_test_DEPENDENCIES = libkrb5.la \ -@KRB4_TRUE@$(top_builddir)/lib/des/libdes.la \ -@KRB4_TRUE@$(top_builddir)/lib/asn1/libasn1.la -@KRB4_FALSE@n_fold_test_DEPENDENCIES = libkrb5.la \ -@KRB4_FALSE@$(top_builddir)/lib/des/libdes.la \ -@KRB4_FALSE@$(top_builddir)/lib/asn1/libasn1.la +n_fold_test_DEPENDENCIES = libkrb5.la \ +$(top_builddir)/lib/asn1/libasn1.la n_fold_test_LDFLAGS = string_to_key_test_SOURCES = string-to-key-test.c string_to_key_test_OBJECTS = string-to-key-test.$(OBJEXT) string_to_key_test_LDADD = $(LDADD) -@KRB4_TRUE@string_to_key_test_DEPENDENCIES = libkrb5.la \ -@KRB4_TRUE@$(top_builddir)/lib/des/libdes.la \ -@KRB4_TRUE@$(top_builddir)/lib/asn1/libasn1.la -@KRB4_FALSE@string_to_key_test_DEPENDENCIES = libkrb5.la \ -@KRB4_FALSE@$(top_builddir)/lib/des/libdes.la \ -@KRB4_FALSE@$(top_builddir)/lib/asn1/libasn1.la +string_to_key_test_DEPENDENCIES = libkrb5.la \ +$(top_builddir)/lib/asn1/libasn1.la string_to_key_test_LDFLAGS = -dump_config_SOURCES = dump_config.c -dump_config_OBJECTS = dump_config.$(OBJEXT) -dump_config_LDADD = $(LDADD) -@KRB4_TRUE@dump_config_DEPENDENCIES = libkrb5.la \ -@KRB4_TRUE@$(top_builddir)/lib/des/libdes.la \ -@KRB4_TRUE@$(top_builddir)/lib/asn1/libasn1.la -@KRB4_FALSE@dump_config_DEPENDENCIES = libkrb5.la \ -@KRB4_FALSE@$(top_builddir)/lib/des/libdes.la \ -@KRB4_FALSE@$(top_builddir)/lib/asn1/libasn1.la -dump_config_LDFLAGS = -CFLAGS = @CFLAGS@ +test_get_addrs_SOURCES = test_get_addrs.c +test_get_addrs_OBJECTS = test_get_addrs.$(OBJEXT) +test_get_addrs_LDADD = $(LDADD) +test_get_addrs_DEPENDENCIES = libkrb5.la \ +$(top_builddir)/lib/asn1/libasn1.la +test_get_addrs_LDFLAGS = +verify_krb5_conf_SOURCES = verify_krb5_conf.c +verify_krb5_conf_OBJECTS = verify_krb5_conf.$(OBJEXT) +verify_krb5_conf_LDADD = $(LDADD) +verify_krb5_conf_DEPENDENCIES = libkrb5.la \ +$(top_builddir)/lib/asn1/libasn1.la +verify_krb5_conf_LDFLAGS = COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CFLAGS = @CFLAGS@ CCLD = $(CC) -LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +DIST_SOURCES = $(libkrb5_la_SOURCES) dump_config.c n-fold-test.c \ +string-to-key-test.c test_get_addrs.c verify_krb5_conf.c man3dir = $(mandir)/man3 man5dir = $(mandir)/man5 +man8dir = $(mandir)/man8 MANS = $(man_MANS) HEADERS = $(include_HEADERS) -DIST_COMMON = Makefile.am Makefile.in +depcomp = +DIST_COMMON = $(include_HEADERS) Makefile.am Makefile.in -DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -TAR = tar GZIP_ENV = --best -SOURCES = $(libkrb5_la_SOURCES) $(EXTRA_libkrb5_la_SOURCES) verify_krb5_conf.c n-fold-test.c string-to-key-test.c dump_config.c -OBJECTS = $(libkrb5_la_OBJECTS) verify_krb5_conf.$(OBJEXT) n-fold-test.$(OBJEXT) string-to-key-test.$(OBJEXT) dump_config.$(OBJEXT) +SOURCES = $(libkrb5_la_SOURCES) dump_config.c n-fold-test.c string-to-key-test.c test_get_addrs.c verify_krb5_conf.c +OBJECTS = $(am_libkrb5_la_OBJECTS) dump_config.$(OBJEXT) n-fold-test.$(OBJEXT) string-to-key-test.$(OBJEXT) test_get_addrs.$(OBJEXT) verify_krb5_conf.$(OBJEXT) all: all-redirect .SUFFIXES: -.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .s .x +.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .x $(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/krb5/Makefile @@ -358,31 +453,18 @@ install-libLTLIBRARIES: $(lib_LTLIBRARIES) $(mkinstalldirs) $(DESTDIR)$(libdir) @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ if test -f $$p; then \ - echo "$(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p"; \ - $(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p; \ + echo " $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p"; \ + $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p; \ else :; fi; \ done uninstall-libLTLIBRARIES: @$(NORMAL_UNINSTALL) - list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + echo " $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p"; \ $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \ done -.c.o: - $(COMPILE) -c $< - -# FIXME: We should only use cygpath when building on Windows, -# and only if it is available. -.c.obj: - $(COMPILE) -c `cygpath -w $<` - -.s.o: - $(COMPILE) -c $< - -.S.o: - $(COMPILE) -c $< - mostlyclean-compile: -rm -f *.o core *.core -rm -f *.$(OBJEXT) @@ -394,15 +476,6 @@ distclean-compile: maintainer-clean-compile: -.c.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - -.s.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - -.S.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - mostlyclean-libtool: -rm -f *.lo @@ -430,15 +503,18 @@ install-binPROGRAMS: $(bin_PROGRAMS) $(mkinstalldirs) $(DESTDIR)$(bindir) @list='$(bin_PROGRAMS)'; for p in $$list; do \ if test -f $$p; then \ - echo " $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(bindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`"; \ - $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(bindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \ + f="`echo $$p|sed -e 's/$(EXEEXT)$$//' -e '$(transform)' -e 's/$$/$(EXEEXT)/'`"; \ + echo " $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(bindir)/$$f"; \ + $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(bindir)/$$f; \ else :; fi; \ done uninstall-binPROGRAMS: @$(NORMAL_UNINSTALL) - list='$(bin_PROGRAMS)'; for p in $$list; do \ - rm -f $(DESTDIR)$(bindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \ + @list='$(bin_PROGRAMS)'; for p in $$list; do \ + f="`echo $$p|sed -e 's/$(EXEEXT)$$//' -e '$(transform)' -e 's/$$/$(EXEEXT)/'`"; \ + echo " rm -f $(DESTDIR)$(bindir)/$$f"; \ + rm -f $(DESTDIR)$(bindir)/$$f; \ done mostlyclean-checkPROGRAMS: @@ -459,9 +535,9 @@ distclean-noinstPROGRAMS: maintainer-clean-noinstPROGRAMS: -verify_krb5_conf$(EXEEXT): $(verify_krb5_conf_OBJECTS) $(verify_krb5_conf_DEPENDENCIES) - @rm -f verify_krb5_conf$(EXEEXT) - $(LINK) $(verify_krb5_conf_LDFLAGS) $(verify_krb5_conf_OBJECTS) $(verify_krb5_conf_LDADD) $(LIBS) +dump_config$(EXEEXT): $(dump_config_OBJECTS) $(dump_config_DEPENDENCIES) + @rm -f dump_config$(EXEEXT) + $(LINK) $(dump_config_LDFLAGS) $(dump_config_OBJECTS) $(dump_config_LDADD) $(LIBS) n-fold-test$(EXEEXT): $(n_fold_test_OBJECTS) $(n_fold_test_DEPENDENCIES) @rm -f n-fold-test$(EXEEXT) @@ -471,9 +547,19 @@ string-to-key-test$(EXEEXT): $(string_to_key_test_OBJECTS) $(string_to_key_test_ @rm -f string-to-key-test$(EXEEXT) $(LINK) $(string_to_key_test_LDFLAGS) $(string_to_key_test_OBJECTS) $(string_to_key_test_LDADD) $(LIBS) -dump_config$(EXEEXT): $(dump_config_OBJECTS) $(dump_config_DEPENDENCIES) - @rm -f dump_config$(EXEEXT) - $(LINK) $(dump_config_LDFLAGS) $(dump_config_OBJECTS) $(dump_config_LDADD) $(LIBS) +test_get_addrs$(EXEEXT): $(test_get_addrs_OBJECTS) $(test_get_addrs_DEPENDENCIES) + @rm -f test_get_addrs$(EXEEXT) + $(LINK) $(test_get_addrs_LDFLAGS) $(test_get_addrs_OBJECTS) $(test_get_addrs_LDADD) $(LIBS) + +verify_krb5_conf$(EXEEXT): $(verify_krb5_conf_OBJECTS) $(verify_krb5_conf_DEPENDENCIES) + @rm -f verify_krb5_conf$(EXEEXT) + $(LINK) $(verify_krb5_conf_LDFLAGS) $(verify_krb5_conf_OBJECTS) $(verify_krb5_conf_LDADD) $(LIBS) +.c.o: + $(COMPILE) -c $< +.c.obj: + $(COMPILE) -c `cygpath -w $<` +.c.lo: + $(LTCOMPILE) -c -o $@ $< install-man3: $(mkinstalldirs) $(DESTDIR)$(man3dir) @@ -488,6 +574,7 @@ install-man3: else file=$$i; fi; \ ext=`echo $$i | sed -e 's/^.*\\.//'`; \ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ + inst=`echo $$inst | sed -e 's/^.*\///'`; \ inst=`echo $$inst | sed '$(transform)'`.$$ext; \ echo " $(INSTALL_DATA) $$file $(DESTDIR)$(man3dir)/$$inst"; \ $(INSTALL_DATA) $$file $(DESTDIR)$(man3dir)/$$inst; \ @@ -503,6 +590,7 @@ uninstall-man3: for i in $$list; do \ ext=`echo $$i | sed -e 's/^.*\\.//'`; \ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ + inst=`echo $$inst | sed -e 's/^.*\///'`; \ inst=`echo $$inst | sed '$(transform)'`.$$ext; \ echo " rm -f $(DESTDIR)$(man3dir)/$$inst"; \ rm -f $(DESTDIR)$(man3dir)/$$inst; \ @@ -521,6 +609,7 @@ install-man5: else file=$$i; fi; \ ext=`echo $$i | sed -e 's/^.*\\.//'`; \ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ + inst=`echo $$inst | sed -e 's/^.*\///'`; \ inst=`echo $$inst | sed '$(transform)'`.$$ext; \ echo " $(INSTALL_DATA) $$file $(DESTDIR)$(man5dir)/$$inst"; \ $(INSTALL_DATA) $$file $(DESTDIR)$(man5dir)/$$inst; \ @@ -536,51 +625,94 @@ uninstall-man5: for i in $$list; do \ ext=`echo $$i | sed -e 's/^.*\\.//'`; \ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ + inst=`echo $$inst | sed -e 's/^.*\///'`; \ inst=`echo $$inst | sed '$(transform)'`.$$ext; \ echo " rm -f $(DESTDIR)$(man5dir)/$$inst"; \ rm -f $(DESTDIR)$(man5dir)/$$inst; \ done + +install-man8: + $(mkinstalldirs) $(DESTDIR)$(man8dir) + @list='$(man8_MANS)'; \ + l2='$(man_MANS)'; for i in $$l2; do \ + case "$$i" in \ + *.8*) list="$$list $$i" ;; \ + esac; \ + done; \ + for i in $$list; do \ + if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ + else file=$$i; fi; \ + ext=`echo $$i | sed -e 's/^.*\\.//'`; \ + inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ + inst=`echo $$inst | sed -e 's/^.*\///'`; \ + inst=`echo $$inst | sed '$(transform)'`.$$ext; \ + echo " $(INSTALL_DATA) $$file $(DESTDIR)$(man8dir)/$$inst"; \ + $(INSTALL_DATA) $$file $(DESTDIR)$(man8dir)/$$inst; \ + done + +uninstall-man8: + @list='$(man8_MANS)'; \ + l2='$(man_MANS)'; for i in $$l2; do \ + case "$$i" in \ + *.8*) list="$$list $$i" ;; \ + esac; \ + done; \ + for i in $$list; do \ + ext=`echo $$i | sed -e 's/^.*\\.//'`; \ + inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ + inst=`echo $$inst | sed -e 's/^.*\///'`; \ + inst=`echo $$inst | sed '$(transform)'`.$$ext; \ + echo " rm -f $(DESTDIR)$(man8dir)/$$inst"; \ + rm -f $(DESTDIR)$(man8dir)/$$inst; \ + done install-man: $(MANS) @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-man3 install-man5 + $(MAKE) $(AM_MAKEFLAGS) install-man3 install-man5 install-man8 uninstall-man: @$(NORMAL_UNINSTALL) - $(MAKE) $(AM_MAKEFLAGS) uninstall-man3 uninstall-man5 + $(MAKE) $(AM_MAKEFLAGS) uninstall-man3 uninstall-man5 uninstall-man8 install-includeHEADERS: $(include_HEADERS) @$(NORMAL_INSTALL) $(mkinstalldirs) $(DESTDIR)$(includedir) @list='$(include_HEADERS)'; for p in $$list; do \ if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \ - echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p"; \ - $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p; \ + f="`echo $$p | sed -e 's|^.*/||'`"; \ + echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f"; \ + $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f; \ done uninstall-includeHEADERS: @$(NORMAL_UNINSTALL) - list='$(include_HEADERS)'; for p in $$list; do \ - rm -f $(DESTDIR)$(includedir)/$$p; \ + @list='$(include_HEADERS)'; for p in $$list; do \ + f="`echo $$p | sed -e 's|^.*/||'`"; \ + echo " rm -f $(DESTDIR)$(includedir)/$$f"; \ + rm -f $(DESTDIR)$(includedir)/$$f; \ done tags: TAGS -ID: $(HEADERS) $(SOURCES) $(LISP) - list='$(SOURCES) $(HEADERS)'; \ - unique=`for i in $$list; do echo $$i; done | \ - awk ' { files[$$0] = 1; } \ +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ - here=`pwd` && cd $(srcdir) \ - && mkid -f$$here/ID $$unique $(LISP) + mkid -fID $$unique $(LISP) -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP) +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) tags=; \ here=`pwd`; \ - list='$(SOURCES) $(HEADERS)'; \ - unique=`for i in $$list; do echo $$i; done | \ - awk ' { files[$$0] = 1; } \ + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ - || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS) + || etags $(ETAGS_ARGS) $$tags $$unique $(LISP) mostlyclean-tags: @@ -590,48 +722,76 @@ distclean-tags: -rm -f TAGS ID maintainer-clean-tags: +check-TESTS: $(TESTS) + @failed=0; all=0; xfail=0; xpass=0; \ + srcdir=$(srcdir); export srcdir; \ + list='$(TESTS)'; \ + if test -n "$$list"; then \ + for tst in $$list; do \ + if test -f ./$$tst; then dir=./; \ + elif test -f $$tst; then dir=; \ + else dir="$(srcdir)/"; fi; \ + if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \ + all=`expr $$all + 1`; \ + case " $(XFAIL_TESTS) " in \ + *" $$tst "*) \ + xpass=`expr $$xpass + 1`; \ + failed=`expr $$failed + 1`; \ + echo "XPASS: $$tst"; \ + ;; \ + *) \ + echo "PASS: $$tst"; \ + ;; \ + esac; \ + elif test $$? -ne 77; then \ + all=`expr $$all + 1`; \ + case " $(XFAIL_TESTS) " in \ + *" $$tst "*) \ + xfail=`expr $$xfail + 1`; \ + echo "XFAIL: $$tst"; \ + ;; \ + *) \ + failed=`expr $$failed + 1`; \ + echo "FAIL: $$tst"; \ + ;; \ + esac; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + if test "$$xfail" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="All $$all tests behaved as expected ($$xfail expected failures)"; \ + fi; \ + else \ + if test "$$xpass" -eq 0; then \ + banner="$$failed of $$all tests failed"; \ + else \ + banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \ + fi; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0; \ + fi distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) -subdir = lib/krb5 - distdir: $(DISTFILES) @for file in $(DISTFILES); do \ d=$(srcdir); \ if test -d $$d/$$file; then \ - cp -pr $$/$$file $(distdir)/$$file; \ + cp -pR $$d/$$file $(distdir) \ + || exit 1; \ else \ test -f $(distdir)/$$file \ - || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ - || cp -p $$d/$$file $(distdir)/$$file || :; \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ fi; \ done $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook -check-TESTS: $(TESTS) - @failed=0; all=0; \ - srcdir=$(srcdir); export srcdir; \ - for tst in $(TESTS); do \ - if test -f $$tst; then dir=.; \ - else dir="$(srcdir)"; fi; \ - if $(TESTS_ENVIRONMENT) $$dir/$$tst; then \ - all=`expr $$all + 1`; \ - echo "PASS: $$tst"; \ - elif test $$? -ne 77; then \ - all=`expr $$all + 1`; \ - failed=`expr $$failed + 1`; \ - echo "FAIL: $$tst"; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 info-am: info: info-am dvi-am: @@ -659,11 +819,11 @@ uninstall: uninstall-am all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(MANS) $(HEADERS) all-local all-redirect: all-am install-strip: - $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install + $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install installdirs: $(mkinstalldirs) $(DESTDIR)$(libdir) $(DESTDIR)$(bindir) \ $(DESTDIR)$(mandir)/man3 $(DESTDIR)$(mandir)/man5 \ - $(DESTDIR)$(includedir) + $(DESTDIR)$(mandir)/man8 $(DESTDIR)$(includedir) mostlyclean-generic: @@ -676,6 +836,7 @@ distclean-generic: -rm -f config.cache config.log stamp-h stamp-h[0-9]* maintainer-clean-generic: + -rm -f Makefile.in mostlyclean-am: mostlyclean-libLTLIBRARIES mostlyclean-compile \ mostlyclean-libtool mostlyclean-binPROGRAMS \ mostlyclean-checkPROGRAMS mostlyclean-noinstPROGRAMS \ @@ -720,15 +881,16 @@ install-binPROGRAMS mostlyclean-checkPROGRAMS distclean-checkPROGRAMS \ clean-checkPROGRAMS maintainer-clean-checkPROGRAMS \ mostlyclean-noinstPROGRAMS distclean-noinstPROGRAMS \ clean-noinstPROGRAMS maintainer-clean-noinstPROGRAMS install-man3 \ -uninstall-man3 install-man5 uninstall-man5 install-man uninstall-man \ -uninstall-includeHEADERS install-includeHEADERS tags mostlyclean-tags \ -distclean-tags clean-tags maintainer-clean-tags distdir check-TESTS \ -info-am info dvi-am dvi check-local check check-am installcheck-am \ -installcheck install-exec-am install-exec install-data-local \ -install-data-am install-data install-am install uninstall-am uninstall \ -all-local all-redirect all-am all installdirs mostlyclean-generic \ -distclean-generic clean-generic maintainer-clean-generic clean \ -mostlyclean distclean maintainer-clean +uninstall-man3 install-man5 uninstall-man5 install-man8 uninstall-man8 \ +install-man uninstall-man uninstall-includeHEADERS \ +install-includeHEADERS tags mostlyclean-tags distclean-tags clean-tags \ +maintainer-clean-tags check-TESTS distdir info-am info dvi-am dvi \ +check-local check check-am installcheck-am installcheck install-exec-am \ +install-exec install-data-local install-data-am install-data install-am \ +install uninstall-am uninstall all-local all-redirect all-am all \ +install-strip installdirs mostlyclean-generic distclean-generic \ +clean-generic maintainer-clean-generic clean mostlyclean distclean \ +maintainer-clean install-suid-programs: @@ -736,7 +898,10 @@ install-suid-programs: for file in $$foo; do \ x=$(DESTDIR)$(bindir)/$$file; \ if chown 0:0 $$x && chmod u+s $$x; then :; else \ - chmod 0 $$x; fi; done + echo "*"; \ + echo "* Failed to install $$x setuid root"; \ + echo "*"; \ + fi; done install-exec-hook: install-suid-programs @@ -748,8 +913,8 @@ install-build-headers:: $(include_HEADERS) $(build_HEADERZ) else file="$$f"; fi; \ if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ : ; else \ - echo " cp $$file $(buildinclude)/$$f"; \ - cp $$file $(buildinclude)/$$f; \ + echo " $(CP) $$file $(buildinclude)/$$f"; \ + $(CP) $$file $(buildinclude)/$$f; \ fi ; \ done @@ -818,87 +983,8 @@ dist-cat8-mans: dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans -install-cat1-mans: - @ext=1;\ - foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat3-mans: - @ext=3;\ - foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat5-mans: - @ext=5;\ - foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat8-mans: - @ext=8;\ - foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans +install-cat-mans: + $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) install-data-local: install-cat-mans diff --git a/crypto/heimdal/lib/krb5/acl.c b/crypto/heimdal/lib/krb5/acl.c new file mode 100644 index 0000000..0106251 --- /dev/null +++ b/crypto/heimdal/lib/krb5/acl.c @@ -0,0 +1,189 @@ +/* + * Copyright (c) 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" +#include + +RCSID("$Id: acl.c,v 1.1 2000/06/12 11:17:52 joda Exp $"); + +struct acl_field { + enum { acl_string, acl_fnmatch, acl_retval } type; + union { + const char *cstr; + char **retv; + } u; + struct acl_field *next, **last; +}; + +static void +acl_free_list(struct acl_field *acl) +{ + struct acl_field *next; + while(acl != NULL) { + next = acl->next; + free(acl); + acl = next; + } +} + +static krb5_error_code +acl_parse_format(krb5_context context, + struct acl_field **acl_ret, + const char *format, + va_list ap) +{ + const char *p; + struct acl_field *acl = NULL, *tmp; + + for(p = format; *p != '\0'; p++) { + tmp = malloc(sizeof(*tmp)); + if(tmp == NULL) { + acl_free_list(acl); + return ENOMEM; + } + if(*p == 's') { + tmp->type = acl_string; + tmp->u.cstr = va_arg(ap, const char*); + } else if(*p == 'f') { + tmp->type = acl_fnmatch; + tmp->u.cstr = va_arg(ap, const char*); + } else if(*p == 'r') { + tmp->type = acl_retval; + tmp->u.retv = va_arg(ap, char **); + } + tmp->next = NULL; + if(acl == NULL) + acl = tmp; + else + *acl->last = tmp; + acl->last = &tmp->next; + } + *acl_ret = acl; + return 0; +} + +static krb5_boolean +acl_match_field(krb5_context context, + const char *string, + struct acl_field *field) +{ + if(field->type == acl_string) { + return !strcmp(string, field->u.cstr); + } else if(field->type == acl_fnmatch) { + return !fnmatch(string, field->u.cstr, 0); + } else if(field->type == acl_retval) { + *field->u.retv = strdup(string); + return TRUE; + } + return FALSE; +} + +static krb5_boolean +acl_match_acl(krb5_context context, + struct acl_field *acl, + const char *string) +{ + char buf[256]; + for(;strsep_copy(&string, " \t", buf, sizeof(buf)) != -1; + acl = acl->next) { + if(buf[0] == '\0') + continue; /* skip ws */ + if(!acl_match_field(context, buf, acl)) { + return FALSE; + } + } + return TRUE; +} + + +krb5_error_code +krb5_acl_match_string(krb5_context context, + const char *acl_string, + const char *format, + ...) +{ + krb5_error_code ret; + struct acl_field *acl; + + va_list ap; + va_start(ap, format); + ret = acl_parse_format(context, &acl, format, ap); + va_end(ap); + if(ret) + return ret; + + ret = acl_match_acl(context, acl, acl_string); + + acl_free_list(acl); + return ret ? 0 : EACCES; +} + +krb5_error_code +krb5_acl_match_file(krb5_context context, + const char *file, + const char *format, + ...) +{ + krb5_error_code ret; + struct acl_field *acl; + char buf[256]; + va_list ap; + FILE *f; + + f = fopen(file, "r"); + if(f == NULL) + return errno; + + va_start(ap, format); + ret = acl_parse_format(context, &acl, format, ap); + va_end(ap); + if(ret) { + fclose(f); + return ret; + } + + ret = EACCES; /* XXX */ + while(fgets(buf, sizeof(buf), f)) { + if(buf[0] == '#') + continue; + if(acl_match_acl(context, acl, buf)) { + ret = 0; + goto out; + } + } + + out: + fclose(f); + acl_free_list(acl); + return ret; +} diff --git a/crypto/heimdal/lib/krb5/addr_families.c b/crypto/heimdal/lib/krb5/addr_families.c index 9b17abd..339d23b 100644 --- a/crypto/heimdal/lib/krb5/addr_families.c +++ b/crypto/heimdal/lib/krb5/addr_families.c @@ -33,7 +33,7 @@ #include "krb5_locl.h" -RCSID("$Id: addr_families.c,v 1.23 2000/02/16 02:09:00 assar Exp $"); +RCSID("$Id: addr_families.c,v 1.24 2000/07/08 13:05:43 joda Exp $"); struct addr_operations { int af; @@ -523,7 +523,7 @@ krb5_parse_address(krb5_context context, error = getaddrinfo (string, NULL, NULL, &ai); if (error) - return -1; + return krb5_eai_to_heim_errno(error); n = 0; for (a = ai; a != NULL; a = a->ai_next) diff --git a/crypto/heimdal/lib/krb5/appdefault.c b/crypto/heimdal/lib/krb5/appdefault.c new file mode 100644 index 0000000..081dec0 --- /dev/null +++ b/crypto/heimdal/lib/krb5/appdefault.c @@ -0,0 +1,123 @@ +/* + * Copyright (c) 2000, 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb5_locl.h" + +RCSID("$Id: appdefault.c,v 1.3 2001/01/10 00:19:58 assar Exp $"); + +void +krb5_appdefault_boolean(krb5_context context, const char *appname, + krb5_realm realm, const char *option, + krb5_boolean def_val, krb5_boolean *ret_val) +{ + + if(appname == NULL) + appname = __progname; + def_val = krb5_config_get_bool_default(context, NULL, def_val, + "appdefaults", + option, + NULL); + if(realm != NULL) + def_val = krb5_config_get_bool_default(context, NULL, def_val, + "appdefaults", + realm, + option, + NULL); + if(appname != NULL) { + def_val = krb5_config_get_bool_default(context, NULL, def_val, + "appdefaults", + appname, + option, + NULL); + if(realm != NULL) + def_val = krb5_config_get_bool_default(context, NULL, def_val, + "appdefaults", + appname, + realm, + option, + NULL); + } + *ret_val = def_val; +} + +void +krb5_appdefault_string(krb5_context context, const char *appname, + krb5_realm realm, const char *option, + const char *def_val, char **ret_val) +{ + if(appname == NULL) + appname = __progname; + def_val = krb5_config_get_string_default(context, NULL, def_val, + "appdefaults", + option, + NULL); + if(realm != NULL) + def_val = krb5_config_get_string_default(context, NULL, def_val, + "appdefaults", + realm, + option, + NULL); + if(appname != NULL) { + def_val = krb5_config_get_string_default(context, NULL, def_val, + "appdefaults", + appname, + option, + NULL); + if(realm != NULL) + def_val = krb5_config_get_string_default(context, NULL, def_val, + "appdefaults", + appname, + realm, + option, + NULL); + } + if(def_val != NULL) + *ret_val = strdup(def_val); + else + *ret_val = NULL; +} + +void +krb5_appdefault_time(krb5_context context, const char *appname, + krb5_realm realm, const char *option, + time_t def_val, time_t *ret_val) +{ + time_t t; + char tstr[32]; + char *val; + snprintf(tstr, sizeof(tstr), "%ld", (long)def_val); + krb5_appdefault_string(context, appname, realm, option, tstr, &val); + t = parse_time (val, NULL); + free(val); + *ret_val = t; +} diff --git a/crypto/heimdal/lib/krb5/auth_context.c b/crypto/heimdal/lib/krb5/auth_context.c index 94b1376..a37c4dd 100644 --- a/crypto/heimdal/lib/krb5/auth_context.c +++ b/crypto/heimdal/lib/krb5/auth_context.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "krb5_locl.h" -RCSID("$Id: auth_context.c,v 1.50 1999/12/02 17:05:07 joda Exp $"); +RCSID("$Id: auth_context.c,v 1.55 2000/12/10 20:01:05 assar Exp $"); krb5_error_code krb5_auth_con_init(krb5_context context, @@ -67,20 +67,21 @@ krb5_error_code krb5_auth_con_free(krb5_context context, krb5_auth_context auth_context) { - krb5_free_authenticator(context, &auth_context->authenticator); - if(auth_context->local_address){ - free_HostAddress(auth_context->local_address); - free(auth_context->local_address); - } - if(auth_context->remote_address){ - free_HostAddress(auth_context->remote_address); - free(auth_context->remote_address); - } - if(auth_context->keyblock) + if (auth_context != NULL) { + krb5_free_authenticator(context, &auth_context->authenticator); + if(auth_context->local_address){ + free_HostAddress(auth_context->local_address); + free(auth_context->local_address); + } + if(auth_context->remote_address){ + free_HostAddress(auth_context->remote_address); + free(auth_context->remote_address); + } krb5_free_keyblock(context, auth_context->keyblock); - krb5_free_keyblock(context, auth_context->remote_subkey); - krb5_free_keyblock(context, auth_context->local_subkey); - free (auth_context); + krb5_free_keyblock(context, auth_context->remote_subkey); + krb5_free_keyblock(context, auth_context->local_subkey); + free (auth_context); + } return 0; } @@ -128,49 +129,71 @@ krb5_auth_con_setaddrs(krb5_context context, } krb5_error_code -krb5_auth_con_setaddrs_from_fd (krb5_context context, - krb5_auth_context auth_context, - void *p_fd) +krb5_auth_con_genaddrs(krb5_context context, + krb5_auth_context auth_context, + int fd, int flags) { - int fd = *((int *)p_fd); krb5_error_code ret; krb5_address local_k_address, remote_k_address; krb5_address *lptr = NULL, *rptr = NULL; struct sockaddr_storage ss_local, ss_remote; struct sockaddr *local = (struct sockaddr *)&ss_local; struct sockaddr *remote = (struct sockaddr *)&ss_remote; - int len; - - if (auth_context->local_address == NULL) { - len = sizeof(ss_local); - if(getsockname(fd, local, &len) < 0) { - ret = errno; - goto out; + socklen_t len; + + if(flags & KRB5_AUTH_CONTEXT_GENERATE_LOCAL_ADDR) { + if (auth_context->local_address == NULL) { + len = sizeof(ss_local); + if(getsockname(fd, local, &len) < 0) { + ret = errno; + goto out; + } + krb5_sockaddr2address (local, &local_k_address); + if(flags & KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR) { + krb5_sockaddr2port (local, &auth_context->local_port); + } else + auth_context->local_port = 0; + lptr = &local_k_address; } - krb5_sockaddr2address (local, &local_k_address); - krb5_sockaddr2port (local, &auth_context->local_port); - lptr = &local_k_address; } - if (auth_context->remote_address == NULL) { + if(flags & KRB5_AUTH_CONTEXT_GENERATE_REMOTE_ADDR) { len = sizeof(ss_remote); if(getpeername(fd, remote, &len) < 0) { ret = errno; goto out; } krb5_sockaddr2address (remote, &remote_k_address); - krb5_sockaddr2port (remote, &auth_context->remote_port); + if(flags & KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR) { + krb5_sockaddr2port (remote, &auth_context->remote_port); + } else + auth_context->remote_port = 0; rptr = &remote_k_address; } ret = krb5_auth_con_setaddrs (context, auth_context, lptr, rptr); -out: + out: if (lptr) krb5_free_address (context, lptr); if (rptr) krb5_free_address (context, rptr); return ret; + +} + +krb5_error_code +krb5_auth_con_setaddrs_from_fd (krb5_context context, + krb5_auth_context auth_context, + void *p_fd) +{ + int fd = *(int*)p_fd; + int flags = 0; + if(auth_context->local_address == NULL) + flags |= KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR; + if(auth_context->remote_address == NULL) + flags |= KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR; + return krb5_auth_con_genaddrs(context, auth_context, fd, flags); } krb5_error_code @@ -396,6 +419,24 @@ krb5_auth_con_setuserkey(krb5_context context, return krb5_copy_keyblock(context, keyblock, &auth_context->keyblock); } +krb5_error_code +krb5_auth_con_getrcache(krb5_context context, + krb5_auth_context auth_context, + krb5_rcache *rcache) +{ + *rcache = auth_context->rcache; + return 0; +} + +krb5_error_code +krb5_auth_con_setrcache(krb5_context context, + krb5_auth_context auth_context, + krb5_rcache rcache) +{ + auth_context->rcache = rcache; + return 0; +} + #if 0 /* not implemented */ krb5_error_code @@ -414,13 +455,4 @@ krb5_auth_con_setivector(krb5_context context, krb5_abortx(context, "unimplemented krb5_auth_con_setivector called"); } - -krb5_error_code -krb5_auth_con_setrcache(krb5_context context, - krb5_auth_context auth_context, - krb5_rcache rcache) -{ - krb5_abortx(context, "unimplemented krb5_auth_con_setrcache called"); -} - #endif /* not implemented */ diff --git a/crypto/heimdal/lib/krb5/build_auth.c b/crypto/heimdal/lib/krb5/build_auth.c index a38393b..c75b2f1 100644 --- a/crypto/heimdal/lib/krb5/build_auth.c +++ b/crypto/heimdal/lib/krb5/build_auth.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include -RCSID("$Id: build_auth.c,v 1.32 1999/12/02 17:05:08 joda Exp $"); +RCSID("$Id: build_auth.c,v 1.34 2000/11/15 06:58:51 assar Exp $"); krb5_error_code krb5_build_authenticator (krb5_context context, @@ -42,7 +42,8 @@ krb5_build_authenticator (krb5_context context, krb5_creds *cred, Checksum *cksum, Authenticator **auth_result, - krb5_data *result) + krb5_data *result, + krb5_key_usage usage) { Authenticator *auth; u_char *buf = NULL; @@ -126,9 +127,11 @@ krb5_build_authenticator (krb5_context context, } while(ret == ASN1_OVERFLOW); ret = krb5_crypto_init(context, &cred->session, enctype, &crypto); + if (ret) + goto fail; ret = krb5_encrypt (context, crypto, - KRB5_KU_AP_REQ_AUTH, + usage /* KRB5_KU_AP_REQ_AUTH */, buf + buf_size - len, len, result); diff --git a/crypto/heimdal/lib/krb5/cache.c b/crypto/heimdal/lib/krb5/cache.c index e78d4de..121f44f 100644 --- a/crypto/heimdal/lib/krb5/cache.c +++ b/crypto/heimdal/lib/krb5/cache.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "krb5_locl.h" -RCSID("$Id: cache.c,v 1.44 1999/12/02 17:05:08 joda Exp $"); +RCSID("$Id: cache.c,v 1.45 2000/12/05 09:18:29 joda Exp $"); /* * Add a new ccache type with operations `ops', overwriting any @@ -356,7 +356,9 @@ krb5_cc_remove_cred(krb5_context context, krb5_flags which, krb5_creds *cred) { - return id->ops->remove_cred(context, id, which, cred); + if(id->ops->remove_cred == NULL) + return EACCES; /* XXX */ + return (*id->ops->remove_cred)(context, id, which, cred); } /* diff --git a/crypto/heimdal/lib/krb5/changepw.c b/crypto/heimdal/lib/krb5/changepw.c index 56c89a0..407abf0 100644 --- a/crypto/heimdal/lib/krb5/changepw.c +++ b/crypto/heimdal/lib/krb5/changepw.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include -RCSID("$Id: changepw.c,v 1.20 2000/02/07 13:40:18 joda Exp $"); +RCSID("$Id: changepw.c,v 1.30 2000/12/10 23:10:10 assar Exp $"); static krb5_error_code get_kdc_address (krb5_context context, @@ -52,10 +52,12 @@ get_kdc_address (krb5_context context, return ret; port = ntohs(krb5_getportbyname (context, "kpasswd", "udp", KPASSWD_PORT)); - error = roken_getaddrinfo_hostspec(*hostlist, port, ai); + error = roken_getaddrinfo_hostspec2(*hostlist, SOCK_DGRAM, port, ai); krb5_free_krbhst (context, hostlist); - return error; + if(error) + return krb5_eai_to_heim_errno(error); + return 0; } static krb5_error_code @@ -138,7 +140,12 @@ out2: static void str2data (krb5_data *d, - char *fmt, + const char *fmt, + ...) __attribute__ ((format (printf, 2, 3))); + +static void +str2data (krb5_data *d, + const char *fmt, ...) { va_list args; @@ -261,6 +268,7 @@ krb5_change_password (krb5_context context, int sock; int i; struct addrinfo *ai, *a; + int done = 0; ret = krb5_auth_con_init (context, &auth_context); if (ret) @@ -270,58 +278,71 @@ krb5_change_password (krb5_context context, if (ret) goto out; - krb5_auth_con_setflags (context, auth_context, - KRB5_AUTH_CONTEXT_DO_SEQUENCE); + for (a = ai; !done && a != NULL; a = a->ai_next) { + int replied = 0; - for (a = ai; a != NULL; a = a->ai_next) { sock = socket (a->ai_family, a->ai_socktype, a->ai_protocol); if (sock < 0) continue; - for (i = 0; i < 5; ++i) { + for (i = 0; !done && i < 5; ++i) { fd_set fdset; struct timeval tv; - ret = send_request (context, - &auth_context, - creds, - sock, - a->ai_addr, - a->ai_addrlen, - newpw); - if (ret) + if (!replied) { + replied = 0; + ret = send_request (context, + &auth_context, + creds, + sock, + a->ai_addr, + a->ai_addrlen, + newpw); + if (ret) { + close(sock); + goto out; + } + } + + if (sock >= FD_SETSIZE) { + ret = ERANGE; + close (sock); goto out; + } FD_ZERO(&fdset); FD_SET(sock, &fdset); tv.tv_usec = 0; - tv.tv_sec = 1 << i; + tv.tv_sec = 1 + (1 << i); ret = select (sock + 1, &fdset, NULL, NULL, &tv); - if (ret < 0 && errno != EINTR) + if (ret < 0 && errno != EINTR) { + close(sock); goto out; - if (ret == 1) - break; - } - if (i == 5) { - ret = KRB5_KDC_UNREACH; - close (sock); - continue; + } + if (ret == 1) { + ret = process_reply (context, + auth_context, + sock, + result_code, + result_code_string, + result_string); + if (ret == 0) + done = 1; + else if (i > 0 && ret == KRB5KRB_AP_ERR_MUT_FAIL) + replied = 1; + } else { + ret = KRB5_KDC_UNREACH; + } } - - ret = process_reply (context, - auth_context, - sock, - result_code, - result_code_string, - result_string); close (sock); - if (ret == 0) - break; } freeaddrinfo (ai); out: krb5_auth_con_free (context, auth_context); - return ret; + if (done) + return 0; + else + return ret; } diff --git a/crypto/heimdal/lib/krb5/config_file.c b/crypto/heimdal/lib/krb5/config_file.c index 3d1ff1e..d5d8a42 100644 --- a/crypto/heimdal/lib/krb5/config_file.c +++ b/crypto/heimdal/lib/krb5/config_file.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997, 1998, 1999, 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -32,7 +32,7 @@ */ #include "krb5_locl.h" -RCSID("$Id: config_file.c,v 1.38 1999/12/02 17:05:08 joda Exp $"); +RCSID("$Id: config_file.c,v 1.41 2000/08/16 07:40:36 assar Exp $"); #ifndef HAVE_NETINFO @@ -210,7 +210,7 @@ krb5_config_parse_file_debug (const char *fname, krb5_config_section *s; krb5_config_binding *b; char buf[BUFSIZ]; - int ret; + int ret = 0; s = NULL; b = NULL; @@ -218,7 +218,7 @@ krb5_config_parse_file_debug (const char *fname, f = fopen (fname, "r"); if (f == NULL) { *error_message = "cannot open file"; - return -1; + return ENOENT; } *res = NULL; while (fgets(buf, sizeof(buf), f) != NULL) { @@ -234,20 +234,23 @@ krb5_config_parse_file_debug (const char *fname, continue; if (*p == '[') { ret = parse_section(p, &s, res, error_message); - if (ret) - return ret; + if (ret) { + goto out; + } b = NULL; } else if (*p == '}') { *error_message = "unmatched }"; - return -1; + ret = -1; + goto out; } else if(*p != '\0') { ret = parse_binding(f, lineno, p, &b, &s->u.list, error_message); if (ret) - return ret; + goto out; } } +out: fclose (f); - return 0; + return ret; } krb5_error_code @@ -422,6 +425,35 @@ krb5_config_vget_string (krb5_context context, return krb5_config_vget (context, c, krb5_config_string, args); } +const char * +krb5_config_vget_string_default (krb5_context context, + krb5_config_section *c, + const char *def_value, + va_list args) +{ + const char *ret; + + ret = krb5_config_vget_string (context, c, args); + if (ret == NULL) + ret = def_value; + return ret; +} + +const char * +krb5_config_get_string_default (krb5_context context, + krb5_config_section *c, + const char *def_value, + ...) +{ + const char *ret; + va_list args; + + va_start(args, def_value); + ret = krb5_config_vget_string_default (context, c, def_value, args); + va_end(args); + return ret; +} + char ** krb5_config_vget_strings(krb5_context context, krb5_config_section *c, diff --git a/crypto/heimdal/lib/krb5/constants.c b/crypto/heimdal/lib/krb5/constants.c index 8314c26..946fd4d 100644 --- a/crypto/heimdal/lib/krb5/constants.c +++ b/crypto/heimdal/lib/krb5/constants.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "krb5_locl.h" -RCSID("$Id: constants.c,v 1.4 1999/12/02 17:05:08 joda Exp $"); +RCSID("$Id: constants.c,v 1.5 2000/07/14 21:53:01 joda Exp $"); const char krb5_config_file[] = "/etc/krb5.conf"; -const char krb5_defkeyname[] = "/etc/v5srvtab"; +const char krb5_defkeyname[] = KEYTAB_DEFAULT; diff --git a/crypto/heimdal/lib/krb5/context.c b/crypto/heimdal/lib/krb5/context.c index fb3fb61..0cfac9a 100644 --- a/crypto/heimdal/lib/krb5/context.c +++ b/crypto/heimdal/lib/krb5/context.c @@ -33,16 +33,12 @@ #include "krb5_locl.h" -RCSID("$Id: context.c,v 1.53 2000/02/11 17:43:43 assar Exp $"); +RCSID("$Id: context.c,v 1.59 2000/12/15 17:11:51 joda Exp $"); #define INIT_FIELD(C, T, E, D, F) \ (C)->E = krb5_config_get_ ## T ## _default ((C), NULL, (D), \ "libdefaults", F, NULL) -#ifdef KRB4 -extern krb5_kt_ops krb4_fkt_ops; -#endif - /* * Set the list of etypes `ret_etypes' from the configuration variable * `name' @@ -89,27 +85,26 @@ init_context_from_config_file(krb5_context context) INIT_FIELD(context, time, kdc_timeout, 3, "kdc_timeout"); INIT_FIELD(context, int, max_retries, 3, "max_retries"); - context->http_proxy = krb5_config_get_string(context, NULL, "libdefaults", - "http_proxy", NULL); + INIT_FIELD(context, string, http_proxy, NULL, "http_proxy"); set_etypes (context, "default_etypes", &context->etypes); set_etypes (context, "default_etypes_des", &context->etypes_des); /* default keytab name */ - context->default_keytab = krb5_config_get_string(context, NULL, - "libdefaults", - "default_keytab_name", - NULL); - if(context->default_keytab == NULL) - context->default_keytab = KEYTAB_DEFAULT; - - context->time_fmt = krb5_config_get_string(context, NULL, "libdefaults", - "time_format", NULL); - if(context->time_fmt == NULL) - context->time_fmt = "%Y-%m-%dT%H:%M:%S"; - context->log_utc = krb5_config_get_bool(context, NULL, "libdefaults", - "log_utc", NULL); + INIT_FIELD(context, string, default_keytab, + KEYTAB_DEFAULT, "default_keytab_name"); + + INIT_FIELD(context, string, time_fmt, + "%Y-%m-%dT%H:%M:%S", "time_format"); + + INIT_FIELD(context, string, date_fmt, + "%Y-%m-%d", "date_format"); + INIT_FIELD(context, bool, log_utc, + FALSE, "log_utc"); + + + /* init dns-proxy slime */ tmp = krb5_config_get_string(context, NULL, "libdefaults", "dns_proxy", NULL); @@ -136,7 +131,6 @@ init_context_from_config_file(krb5_context context) INIT_FIELD(context, bool, scan_interfaces, TRUE, "scan_interfaces"); INIT_FIELD(context, bool, srv_lookup, TRUE, "srv_lookup"); INIT_FIELD(context, bool, srv_try_txt, FALSE, "srv_try_txt"); - INIT_FIELD(context, bool, srv_try_rfc2052, TRUE, "srv_try_rfc2052"); INIT_FIELD(context, int, fcache_vno, 0, "fcache_version"); context->cc_ops = NULL; @@ -148,10 +142,8 @@ init_context_from_config_file(krb5_context context) context->kt_types = NULL; krb5_kt_register (context, &krb5_fkt_ops); krb5_kt_register (context, &krb5_mkt_ops); -#ifdef KRB4 - krb5_kt_register (context, &krb4_fkt_ops); -#endif krb5_kt_register (context, &krb5_akf_ops); + krb5_kt_register (context, &krb4_fkt_ops); return 0; } @@ -187,8 +179,10 @@ krb5_init_context(krb5_context *context) #endif ret = init_context_from_config_file(p); - if(ret) + if(ret) { + krb5_free_context(p); return ret; + } *context = p; return 0; @@ -211,12 +205,17 @@ krb5_free_context(krb5_context context) free(context); } +/* + * set `etype' to a malloced list of the default enctypes + */ + static krb5_error_code default_etypes(krb5_enctype **etype) { krb5_enctype p[] = { ETYPE_DES3_CBC_SHA1, ETYPE_DES3_CBC_MD5, + ETYPE_ARCFOUR_HMAC_MD5, ETYPE_DES_CBC_MD5, ETYPE_DES_CBC_MD4, ETYPE_DES_CBC_CRC, diff --git a/crypto/heimdal/lib/krb5/convert_creds.c b/crypto/heimdal/lib/krb5/convert_creds.c index 24dea0b..8459ee3 100644 --- a/crypto/heimdal/lib/krb5/convert_creds.c +++ b/crypto/heimdal/lib/krb5/convert_creds.c @@ -32,7 +32,7 @@ */ #include "krb5_locl.h" -RCSID("$Id: convert_creds.c,v 1.13 1999/12/02 17:05:08 joda Exp $"); +RCSID("$Id: convert_creds.c,v 1.15 2000/07/11 19:30:04 joda Exp $"); static krb5_error_code check_ticket_flags(TicketFlags f) @@ -166,10 +166,32 @@ krb524_convert_creds_kdc(krb5_context context, if(ret) goto out2; - ret = krb5_sendto_kdc (context, + { + char **hostlist; + int port; + port = krb5_getportbyname (context, "krb524", "udp", 4444); + + ret = krb5_get_krbhst (context, krb5_princ_realm(context, + v5_creds->server), + &hostlist); + if(ret) + goto out2; + + ret = krb5_sendto (context, &v5_creds->ticket, - krb5_princ_realm(context, v5_creds->server), + hostlist, + port, &reply); + if(ret == KRB5_KDC_UNREACH) { + port = krb5_getportbyname (context, "kerberos", "udp", 88); + ret = krb5_sendto (context, + &v5_creds->ticket, + hostlist, + port, + &reply); + } + krb5_free_krbhst (context, hostlist); + } if (ret) goto out2; sp = krb5_storage_from_mem(reply.data, reply.length); diff --git a/crypto/heimdal/lib/krb5/crc.c b/crypto/heimdal/lib/krb5/crc.c index 2f9ef95..c7cedd8 100644 --- a/crypto/heimdal/lib/krb5/crc.c +++ b/crypto/heimdal/lib/krb5/crc.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "krb5_locl.h" -RCSID("$Id: crc.c,v 1.8 1999/12/02 17:05:08 joda Exp $"); +RCSID("$Id: crc.c,v 1.9 2000/08/03 01:45:14 assar Exp $"); static u_long table[256]; @@ -63,7 +63,7 @@ _krb5_crc_init_table(void) } u_int32_t -_krb5_crc_update (char *p, size_t len, u_int32_t res) +_krb5_crc_update (const char *p, size_t len, u_int32_t res) { while (len--) res = table[(res ^ *p++) & 0xFF] ^ (res >> 8); diff --git a/crypto/heimdal/lib/krb5/crypto.c b/crypto/heimdal/lib/krb5/crypto.c index aef45b1..0415542 100644 --- a/crypto/heimdal/lib/krb5/crypto.c +++ b/crypto/heimdal/lib/krb5/crypto.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -32,7 +32,7 @@ */ #include "krb5_locl.h" -RCSID("$Id: crypto.c,v 1.29 2000/01/25 23:06:55 assar Exp $"); +RCSID("$Id: crypto.c,v 1.43 2001/01/30 17:10:55 assar Exp $"); #undef CRYPTO_DEBUG #ifdef CRYPTO_DEBUG @@ -65,6 +65,7 @@ struct krb5_crypto_data { #define F_DERIVED 4 /* uses derived keys */ #define F_VARIANT 8 /* uses `variant' keys (6.4.3) */ #define F_PSEUDO 16 /* not a real protocol type */ +#define F_SPECIAL 32 /* backwards */ struct salt_type { krb5_salttype type; @@ -93,9 +94,16 @@ struct checksum_type { size_t blocksize; size_t checksumsize; unsigned flags; - void (*checksum)(krb5_context, struct key_data*, void*, size_t, Checksum*); - krb5_error_code (*verify)(krb5_context, struct key_data*, - void*, size_t, Checksum*); + void (*checksum)(krb5_context context, + struct key_data *key, + const void *buf, size_t len, + unsigned usage, + Checksum *csum); + krb5_error_code (*verify)(krb5_context context, + struct key_data *key, + const void *buf, size_t len, + unsigned usage, + Checksum *csum); }; struct encryption_type { @@ -107,7 +115,11 @@ struct encryption_type { struct checksum_type *cksumtype; struct checksum_type *keyed_checksum; unsigned flags; - void (*encrypt)(struct key_data *, void *, size_t, int); + krb5_error_code (*encrypt)(struct key_data *key, + void *data, size_t len, + krb5_boolean encrypt, + int usage, + void *ivec); }; #define ENCRYPTION_USAGE(U) (((U) << 8) | 0xAA) @@ -189,7 +201,8 @@ DES_AFS3_CMU_string_to_key (krb5_data pw, for(i = 0; i < 8; i++) { char c = ((i < pw.length) ? ((char*)pw.data)[i] : 0) ^ - ((i < cell.length) ? ((char*)cell.data)[i] : 0); + ((i < cell.length) ? + tolower(((unsigned char*)cell.data)[i]) : 0); password[i] = c ? c : 'X'; } password[8] = '\0'; @@ -219,23 +232,25 @@ DES_AFS3_Transarc_string_to_key (krb5_data pw, size_t passlen; memcpy(password, pw.data, min(pw.length, sizeof(password))); - if(pw.length < sizeof(password)) - memcpy(password + pw.length, - cell.data, min(cell.length, - sizeof(password) - pw.length)); + if(pw.length < sizeof(password)) { + int len = min(cell.length, sizeof(password) - pw.length); + int i; + + memcpy(password + pw.length, cell.data, len); + for (i = pw.length; i < pw.length + len; ++i) + password[i] = tolower((unsigned char)password[i]); + } passlen = min(sizeof(password), pw.length + cell.length); memcpy(&ivec, "kerberos", 8); memcpy(&temp_key, "kerberos", 8); des_set_odd_parity (&temp_key); des_set_key (&temp_key, schedule); - des_cbc_cksum ((const void *)password, &ivec, passlen, - schedule, &ivec); + des_cbc_cksum ((des_cblock *)password, &ivec, passlen, schedule, &ivec); memcpy(&temp_key, &ivec, 8); des_set_odd_parity (&temp_key); des_set_key (&temp_key, schedule); - des_cbc_cksum ((const void *)password, key, passlen, - schedule, &ivec); + des_cbc_cksum ((des_cblock *)password, key, passlen, schedule, &ivec); memset(&schedule, 0, sizeof(schedule)); memset(&temp_key, 0, sizeof(temp_key)); memset(&ivec, 0, sizeof(ivec)); @@ -339,8 +354,8 @@ DES3_string_to_key(krb5_context context, des_set_key(keys + i, s[i]); } memset(&ivec, 0, sizeof(ivec)); - des_ede3_cbc_encrypt((const void *)tmp, - (void *)tmp, sizeof(tmp), + des_ede3_cbc_encrypt((des_cblock *)tmp, + (des_cblock *)tmp, sizeof(tmp), s[0], s[1], s[2], &ivec, DES_ENCRYPT); memset(s, 0, sizeof(s)); memset(&ivec, 0, sizeof(ivec)); @@ -416,7 +431,7 @@ ARCFOUR_string_to_key(krb5_context context, int i; MD4_CTX m; - len = 2 * (password.length + salt.saltvalue.length); + len = 2 * password.length; s = malloc (len); if (len != 0 && s == NULL) return ENOMEM; @@ -424,15 +439,11 @@ ARCFOUR_string_to_key(krb5_context context, *p++ = ((char *)password.data)[i]; *p++ = 0; } - for (i = 0; i < salt.saltvalue.length; ++i) { - *p++ = ((char *)salt.saltvalue.data)[i]; - *p++ = 0; - } - MD4Init (&m); - MD4Update (&m, s, len); + MD4_Init (&m); + MD4_Update (&m, s, len); key->keytype = enctype; krb5_data_alloc (&key->keyvalue, 16); - MD4Final (key->keyvalue.data, &m); + MD4_Final (key->keyvalue.data, &m); memset (s, 0, len); free (s); return 0; @@ -670,6 +681,11 @@ krb5_string_to_key (krb5_context context, return krb5_string_to_key_data(context, enctype, pw, principal, key); } +/* + * Do a string -> key for encryption type `enctype' operation on + * `password' (with salt `salt'), returning the resulting key in `key' + */ + krb5_error_code krb5_string_to_key_data_salt (krb5_context context, krb5_enctype enctype, @@ -687,6 +703,12 @@ krb5_string_to_key_data_salt (krb5_context context, return HEIM_ERR_SALTTYPE_NOSUPP; } +/* + * Do a string -> key for encryption type `enctype' operation on the + * string `password' (with salt `salt'), returning the resulting key + * in `key' + */ + krb5_error_code krb5_string_to_key_salt (krb5_context context, krb5_enctype enctype, @@ -759,6 +781,8 @@ _key_schedule(krb5_context context, if(kt->schedule == NULL) return 0; + if (key->schedule != NULL) + return 0; ALLOC(key->schedule, 1); if(key->schedule == NULL) return ENOMEM; @@ -779,8 +803,9 @@ _key_schedule(krb5_context context, static void NONE_checksum(krb5_context context, struct key_data *key, - void *data, + const void *data, size_t len, + unsigned usage, Checksum *C) { } @@ -788,8 +813,9 @@ NONE_checksum(krb5_context context, static void CRC32_checksum(krb5_context context, struct key_data *key, - void *data, + const void *data, size_t len, + unsigned usage, Checksum *C) { u_int32_t crc; @@ -805,22 +831,24 @@ CRC32_checksum(krb5_context context, static void RSA_MD4_checksum(krb5_context context, struct key_data *key, - void *data, + const void *data, size_t len, + unsigned usage, Checksum *C) { MD4_CTX m; - MD4Init (&m); - MD4Update (&m, data, len); - MD4Final (C->checksum.data, &m); + MD4_Init (&m); + MD4_Update (&m, data, len); + MD4_Final (C->checksum.data, &m); } static void RSA_MD4_DES_checksum(krb5_context context, struct key_data *key, - void *data, + const void *data, size_t len, + unsigned usage, Checksum *cksum) { MD4_CTX md4; @@ -828,13 +856,13 @@ RSA_MD4_DES_checksum(krb5_context context, unsigned char *p = cksum->checksum.data; krb5_generate_random_block(p, 8); - MD4Init (&md4); - MD4Update (&md4, p, 8); - MD4Update (&md4, data, len); - MD4Final (p + 8, &md4); + MD4_Init (&md4); + MD4_Update (&md4, p, 8); + MD4_Update (&md4, data, len); + MD4_Final (p + 8, &md4); memset (&ivec, 0, sizeof(ivec)); - des_cbc_encrypt((const void *)p, - (void *)p, + des_cbc_encrypt((des_cblock*)p, + (des_cblock*)p, 24, key->schedule->data, &ivec, @@ -844,8 +872,9 @@ RSA_MD4_DES_checksum(krb5_context context, static krb5_error_code RSA_MD4_DES_verify(krb5_context context, struct key_data *key, - void *data, + const void *data, size_t len, + unsigned usage, Checksum *C) { MD4_CTX md4; @@ -861,10 +890,10 @@ RSA_MD4_DES_verify(krb5_context context, key->schedule->data, &ivec, DES_DECRYPT); - MD4Init (&md4); - MD4Update (&md4, tmp, 8); /* confounder */ - MD4Update (&md4, data, len); - MD4Final (res, &md4); + MD4_Init (&md4); + MD4_Update (&md4, tmp, 8); /* confounder */ + MD4_Update (&md4, data, len); + MD4_Final (res, &md4); if(memcmp(res, tmp + 8, sizeof(res)) != 0) ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; memset(tmp, 0, sizeof(tmp)); @@ -875,22 +904,24 @@ RSA_MD4_DES_verify(krb5_context context, static void RSA_MD5_checksum(krb5_context context, struct key_data *key, - void *data, + const void *data, size_t len, + unsigned usage, Checksum *C) { MD5_CTX m; - MD5Init (&m); - MD5Update(&m, data, len); - MD5Final (C->checksum.data, &m); + MD5_Init (&m); + MD5_Update(&m, data, len); + MD5_Final (C->checksum.data, &m); } static void RSA_MD5_DES_checksum(krb5_context context, struct key_data *key, - void *data, + const void *data, size_t len, + unsigned usage, Checksum *C) { MD5_CTX md5; @@ -898,13 +929,13 @@ RSA_MD5_DES_checksum(krb5_context context, unsigned char *p = C->checksum.data; krb5_generate_random_block(p, 8); - MD5Init (&md5); - MD5Update (&md5, p, 8); - MD5Update (&md5, data, len); - MD5Final (p + 8, &md5); + MD5_Init (&md5); + MD5_Update (&md5, p, 8); + MD5_Update (&md5, data, len); + MD5_Final (p + 8, &md5); memset (&ivec, 0, sizeof(ivec)); - des_cbc_encrypt((const void *)p, - (void *)p, + des_cbc_encrypt((des_cblock*)p, + (des_cblock*)p, 24, key->schedule->data, &ivec, @@ -914,8 +945,9 @@ RSA_MD5_DES_checksum(krb5_context context, static krb5_error_code RSA_MD5_DES_verify(krb5_context context, struct key_data *key, - void *data, + const void *data, size_t len, + unsigned usage, Checksum *C) { MD5_CTX md5; @@ -932,10 +964,10 @@ RSA_MD5_DES_verify(krb5_context context, sched[0], &ivec, DES_DECRYPT); - MD5Init (&md5); - MD5Update (&md5, tmp, 8); /* confounder */ - MD5Update (&md5, data, len); - MD5Final (res, &md5); + MD5_Init (&md5); + MD5_Update (&md5, tmp, 8); /* confounder */ + MD5_Update (&md5, data, len); + MD5_Final (res, &md5); if(memcmp(res, tmp + 8, sizeof(res)) != 0) ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; memset(tmp, 0, sizeof(tmp)); @@ -946,8 +978,9 @@ RSA_MD5_DES_verify(krb5_context context, static void RSA_MD5_DES3_checksum(krb5_context context, struct key_data *key, - void *data, + const void *data, size_t len, + unsigned usage, Checksum *C) { MD5_CTX md5; @@ -956,13 +989,13 @@ RSA_MD5_DES3_checksum(krb5_context context, des_key_schedule *sched = key->schedule->data; krb5_generate_random_block(p, 8); - MD5Init (&md5); - MD5Update (&md5, p, 8); - MD5Update (&md5, data, len); - MD5Final (p + 8, &md5); + MD5_Init (&md5); + MD5_Update (&md5, p, 8); + MD5_Update (&md5, data, len); + MD5_Final (p + 8, &md5); memset (&ivec, 0, sizeof(ivec)); - des_ede3_cbc_encrypt((const void *)p, - (void *)p, + des_ede3_cbc_encrypt((des_cblock*)p, + (des_cblock*)p, 24, sched[0], sched[1], sched[2], &ivec, @@ -972,8 +1005,9 @@ RSA_MD5_DES3_checksum(krb5_context context, static krb5_error_code RSA_MD5_DES3_verify(krb5_context context, struct key_data *key, - void *data, + const void *data, size_t len, + unsigned usage, Checksum *C) { MD5_CTX md5; @@ -990,10 +1024,10 @@ RSA_MD5_DES3_verify(krb5_context context, sched[0], sched[1], sched[2], &ivec, DES_DECRYPT); - MD5Init (&md5); - MD5Update (&md5, tmp, 8); /* confounder */ - MD5Update (&md5, data, len); - MD5Final (res, &md5); + MD5_Init (&md5); + MD5_Update (&md5, tmp, 8); /* confounder */ + MD5_Update (&md5, data, len); + MD5_Final (res, &md5); if(memcmp(res, tmp + 8, sizeof(res)) != 0) ret = KRB5KRB_AP_ERR_BAD_INTEGRITY; memset(tmp, 0, sizeof(tmp)); @@ -1004,23 +1038,25 @@ RSA_MD5_DES3_verify(krb5_context context, static void SHA1_checksum(krb5_context context, struct key_data *key, - void *data, + const void *data, size_t len, + unsigned usage, Checksum *C) { - SHA1_CTX m; + SHA_CTX m; - SHA1Init(&m); - SHA1Update(&m, data, len); - SHA1Final(C->checksum.data, &m); + SHA1_Init(&m); + SHA1_Update(&m, data, len); + SHA1_Final(C->checksum.data, &m); } /* HMAC according to RFC2104 */ static void hmac(krb5_context context, struct checksum_type *cm, - void *data, + const void *data, size_t len, + unsigned usage, struct key_data *keyblock, Checksum *result) { @@ -1034,6 +1070,7 @@ hmac(krb5_context context, keyblock, keyblock->key->keyvalue.data, keyblock->key->keyvalue.length, + usage, result); key = result->checksum.data; key_len = result->checksum.length; @@ -1050,11 +1087,12 @@ hmac(krb5_context context, opad[i] ^= key[i]; } memcpy(ipad + cm->blocksize, data, len); - (*cm->checksum)(context, keyblock, ipad, cm->blocksize + len, result); + (*cm->checksum)(context, keyblock, ipad, cm->blocksize + len, + usage, result); memcpy(opad + cm->blocksize, result->checksum.data, result->checksum.length); (*cm->checksum)(context, keyblock, opad, - cm->blocksize + cm->checksumsize, result); + cm->blocksize + cm->checksumsize, usage, result); memset(ipad, 0, cm->blocksize + len); free(ipad); memset(opad, 0, cm->blocksize + cm->checksumsize); @@ -1064,13 +1102,84 @@ hmac(krb5_context context, static void HMAC_SHA1_DES3_checksum(krb5_context context, struct key_data *key, - void *data, + const void *data, size_t len, + unsigned usage, Checksum *result) { struct checksum_type *c = _find_checksum(CKSUMTYPE_SHA1); - hmac(context, c, data, len, key, result); + hmac(context, c, data, len, usage, key, result); +} + +/* + * checksum according to section 5. of draft-brezak-win2k-krb-rc4-hmac-03.txt + */ + +static void +HMAC_MD5_checksum(krb5_context context, + struct key_data *key, + const void *data, + size_t len, + unsigned usage, + Checksum *result) +{ + MD5_CTX md5; + struct checksum_type *c = _find_checksum (CKSUMTYPE_RSA_MD5); + const char signature[] = "signaturekey"; + Checksum ksign_c; + struct key_data ksign; + krb5_keyblock kb; + unsigned char t[4]; + unsigned char tmp[16]; + unsigned char ksign_c_data[16]; + + ksign_c.checksum.length = sizeof(ksign_c_data); + ksign_c.checksum.data = ksign_c_data; + hmac(context, c, signature, sizeof(signature), 0, key, &ksign_c); + ksign.key = &kb; + kb.keyvalue = ksign_c.checksum; + MD5_Init (&md5); + t[0] = (usage >> 0) & 0xFF; + t[1] = (usage >> 8) & 0xFF; + t[2] = (usage >> 16) & 0xFF; + t[3] = (usage >> 24) & 0xFF; + MD5_Update (&md5, t, 4); + MD5_Update (&md5, data, len); + MD5_Final (tmp, &md5); + hmac(context, c, tmp, sizeof(tmp), 0, &ksign, result); +} + +/* + * same as previous but being used while encrypting. + */ + +static void +HMAC_MD5_checksum_enc(krb5_context context, + struct key_data *key, + const void *data, + size_t len, + unsigned usage, + Checksum *result) +{ + struct checksum_type *c = _find_checksum (CKSUMTYPE_RSA_MD5); + Checksum ksign_c; + struct key_data ksign; + krb5_keyblock kb; + unsigned char t[4]; + unsigned char ksign_c_data[16]; + + t[0] = (usage >> 0) & 0xFF; + t[1] = (usage >> 8) & 0xFF; + t[2] = (usage >> 16) & 0xFF; + t[3] = (usage >> 24) & 0xFF; + + ksign_c.checksum.length = sizeof(ksign_c_data); + ksign_c.checksum.data = ksign_c_data; + hmac(context, c, t, sizeof(t), 0, key, &ksign_c); + ksign.key = &kb; + kb.keyvalue = ksign_c.checksum; + hmac(context, c, data, len, 0, &ksign, result); } struct checksum_type checksum_none = { @@ -1116,7 +1225,7 @@ struct checksum_type checksum_des_mac = { 0, 0, 0, - DES_MAC_checksum, + DES_MAC_checksum }; struct checksum_type checksum_des_mac_k = { CKSUMTYPE_DES_MAC_K, @@ -1124,7 +1233,7 @@ struct checksum_type checksum_des_mac_k = { 0, 0, 0, - DES_MAC_K_checksum, + DES_MAC_K_checksum }; struct checksum_type checksum_rsa_md4_des_k = { CKSUMTYPE_RSA_MD4_DES_K, @@ -1132,8 +1241,8 @@ struct checksum_type checksum_rsa_md4_des_k = { 0, 0, 0, - RSA_MD4_DES_K_checksum, - RSA_MD4_DES_K_verify, + RSA_MD4_DES_K_checksum, + RSA_MD4_DES_K_verify }; #endif struct checksum_type checksum_rsa_md5 = { @@ -1152,7 +1261,7 @@ struct checksum_type checksum_rsa_md5_des = { 24, F_KEYED | F_CPROOF | F_VARIANT, RSA_MD5_DES_checksum, - RSA_MD5_DES_verify, + RSA_MD5_DES_verify }; struct checksum_type checksum_rsa_md5_des3 = { CKSUMTYPE_RSA_MD5_DES3, @@ -1161,7 +1270,7 @@ struct checksum_type checksum_rsa_md5_des3 = { 24, F_KEYED | F_CPROOF | F_VARIANT, RSA_MD5_DES3_checksum, - RSA_MD5_DES3_verify, + RSA_MD5_DES3_verify }; struct checksum_type checksum_sha1 = { CKSUMTYPE_SHA1, @@ -1182,6 +1291,26 @@ struct checksum_type checksum_hmac_sha1_des3 = { NULL }; +struct checksum_type checksum_hmac_md5 = { + CKSUMTYPE_HMAC_MD5, + "hmac-md5", + 64, + 16, + F_KEYED | F_CPROOF, + HMAC_MD5_checksum, + NULL +}; + +struct checksum_type checksum_hmac_md5_enc = { + CKSUMTYPE_HMAC_MD5_ENC, + "hmac-md5-enc", + 64, + 16, + F_KEYED | F_CPROOF | F_PSEUDO, + HMAC_MD5_checksum_enc, + NULL +}; + struct checksum_type *checksum_types[] = { &checksum_none, &checksum_crc32, @@ -1196,7 +1325,9 @@ struct checksum_type *checksum_types[] = { &checksum_rsa_md5_des, &checksum_rsa_md5_des3, &checksum_sha1, - &checksum_hmac_sha1_des3 + &checksum_hmac_sha1_des3, + &checksum_hmac_md5, + &checksum_hmac_md5_enc }; static int num_checksums = sizeof(checksum_types) / sizeof(checksum_types[0]); @@ -1257,13 +1388,15 @@ do_checksum (krb5_context context, keyed_checksum = (ct->flags & F_KEYED) != 0; if(keyed_checksum && crypto == NULL) return KRB5_PROG_SUMTYPE_NOSUPP; /* XXX */ - if(keyed_checksum) + if(keyed_checksum) { ret = get_checksum_key(context, crypto, usage, ct, &dkey); - else + if (ret) + return ret; + } else dkey = NULL; result->cksumtype = ct->type; krb5_data_alloc(&result->checksum, ct->checksumsize); - (*ct->checksum)(context, dkey, data, len, result); + (*ct->checksum)(context, dkey, data, len, usage, result); return 0; } @@ -1329,13 +1462,13 @@ verify_checksum(krb5_context context, else dkey = NULL; if(ct->verify) - return (*ct->verify)(context, dkey, data, len, cksum); + return (*ct->verify)(context, dkey, data, len, usage, cksum); ret = krb5_data_alloc (&c.checksum, ct->checksumsize); if (ret) return ret; - (*ct->checksum)(context, dkey, data, len, &c); + (*ct->checksum)(context, dkey, data, len, usage, &c); if(c.checksum.length != cksum->checksum.length || memcmp(c.checksum.data, cksum->checksum.data, c.checksum.length)) @@ -1394,62 +1527,297 @@ krb5_checksum_is_collision_proof(krb5_context context, * * ************************************************************/ -static void +static krb5_error_code NULL_encrypt(struct key_data *key, void *data, size_t len, - krb5_boolean encrypt) + krb5_boolean encrypt, + int usage, + void *ivec) { + return 0; } -static void +static krb5_error_code DES_CBC_encrypt_null_ivec(struct key_data *key, void *data, size_t len, - krb5_boolean encrypt) + krb5_boolean encrypt, + int usage, + void *ignore_ivec) { des_cblock ivec; des_key_schedule *s = key->schedule->data; memset(&ivec, 0, sizeof(ivec)); des_cbc_encrypt(data, data, len, *s, &ivec, encrypt); + return 0; } -static void +static krb5_error_code DES_CBC_encrypt_key_ivec(struct key_data *key, void *data, size_t len, - krb5_boolean encrypt) + krb5_boolean encrypt, + int usage, + void *ignore_ivec) { des_cblock ivec; des_key_schedule *s = key->schedule->data; memcpy(&ivec, key->key->keyvalue.data, sizeof(ivec)); des_cbc_encrypt(data, data, len, *s, &ivec, encrypt); + return 0; } -static void +static krb5_error_code DES3_CBC_encrypt(struct key_data *key, void *data, size_t len, - krb5_boolean encrypt) + krb5_boolean encrypt, + int usage, + void *ignore_ivec) { des_cblock ivec; des_key_schedule *s = key->schedule->data; memset(&ivec, 0, sizeof(ivec)); des_ede3_cbc_encrypt(data, data, len, s[0], s[1], s[2], &ivec, encrypt); + return 0; } -static void +static krb5_error_code +DES3_CBC_encrypt_ivec(struct key_data *key, + void *data, + size_t len, + krb5_boolean encrypt, + int usage, + void *ivec) +{ + des_key_schedule *s = key->schedule->data; + + des_ede3_cbc_encrypt(data, data, len, s[0], s[1], s[2], ivec, encrypt); + return 0; +} + +static krb5_error_code +DES_CFB64_encrypt_null_ivec(struct key_data *key, + void *data, + size_t len, + krb5_boolean encrypt, + int usage, + void *ignore_ivec) +{ + des_cblock ivec; + int num = 0; + des_key_schedule *s = key->schedule->data; + memset(&ivec, 0, sizeof(ivec)); + + des_cfb64_encrypt(data, data, len, *s, &ivec, &num, encrypt); + return 0; +} + +static krb5_error_code +DES_PCBC_encrypt_key_ivec(struct key_data *key, + void *data, + size_t len, + krb5_boolean encrypt, + int usage, + void *ignore_ivec) +{ + des_cblock ivec; + des_key_schedule *s = key->schedule->data; + memcpy(&ivec, key->key->keyvalue.data, sizeof(ivec)); + + des_pcbc_encrypt(data, data, len, *s, &ivec, encrypt); + return 0; +} + +/* + * section 6 of draft-brezak-win2k-krb-rc4-hmac-03 + * + * warning: not for small children + */ + +static krb5_error_code +ARCFOUR_subencrypt(struct key_data *key, + void *data, + size_t len, + int usage, + void *ivec) +{ + struct checksum_type *c = _find_checksum (CKSUMTYPE_RSA_MD5); + Checksum k1_c, k2_c, k3_c, cksum; + struct key_data ke; + krb5_keyblock kb; + unsigned char t[4]; + RC4_KEY rc4_key; + char *cdata = (char *)data; + unsigned char k1_c_data[16], k2_c_data[16], k3_c_data[16]; + + t[0] = (usage >> 0) & 0xFF; + t[1] = (usage >> 8) & 0xFF; + t[2] = (usage >> 16) & 0xFF; + t[3] = (usage >> 24) & 0xFF; + + k1_c.checksum.length = sizeof(k1_c_data); + k1_c.checksum.data = k1_c_data; + + hmac(NULL, c, t, sizeof(t), 0, key, &k1_c); + + memcpy (k2_c_data, k1_c_data, sizeof(k1_c_data)); + + k2_c.checksum.length = sizeof(k2_c_data); + k2_c.checksum.data = k2_c_data; + + ke.key = &kb; + kb.keyvalue = k2_c.checksum; + + cksum.checksum.length = 16; + cksum.checksum.data = data; + + hmac(NULL, c, cdata + 16, len - 16, 0, &ke, &cksum); + + ke.key = &kb; + kb.keyvalue = k1_c.checksum; + + k3_c.checksum.length = sizeof(k3_c_data); + k3_c.checksum.data = k3_c_data; + + hmac(NULL, c, data, 16, 0, &ke, &k3_c); + + RC4_set_key (&rc4_key, k3_c.checksum.length, k3_c.checksum.data); + RC4 (&rc4_key, len - 16, cdata + 16, cdata + 16); + memset (k1_c_data, 0, sizeof(k1_c_data)); + memset (k2_c_data, 0, sizeof(k2_c_data)); + memset (k3_c_data, 0, sizeof(k3_c_data)); + return 0; +} + +static krb5_error_code +ARCFOUR_subdecrypt(struct key_data *key, + void *data, + size_t len, + int usage, + void *ivec) +{ + struct checksum_type *c = _find_checksum (CKSUMTYPE_RSA_MD5); + Checksum k1_c, k2_c, k3_c, cksum; + struct key_data ke; + krb5_keyblock kb; + unsigned char t[4]; + RC4_KEY rc4_key; + char *cdata = (char *)data; + unsigned char k1_c_data[16], k2_c_data[16], k3_c_data[16]; + unsigned char cksum_data[16]; + + t[0] = (usage >> 0) & 0xFF; + t[1] = (usage >> 8) & 0xFF; + t[2] = (usage >> 16) & 0xFF; + t[3] = (usage >> 24) & 0xFF; + + k1_c.checksum.length = sizeof(k1_c_data); + k1_c.checksum.data = k1_c_data; + + hmac(NULL, c, t, sizeof(t), 0, key, &k1_c); + + memcpy (k2_c_data, k1_c_data, sizeof(k1_c_data)); + + k2_c.checksum.length = sizeof(k2_c_data); + k2_c.checksum.data = k2_c_data; + + ke.key = &kb; + kb.keyvalue = k1_c.checksum; + + k3_c.checksum.length = sizeof(k3_c_data); + k3_c.checksum.data = k3_c_data; + + hmac(NULL, c, cdata, 16, 0, &ke, &k3_c); + + RC4_set_key (&rc4_key, k3_c.checksum.length, k3_c.checksum.data); + RC4 (&rc4_key, len - 16, cdata + 16, cdata + 16); + + ke.key = &kb; + kb.keyvalue = k2_c.checksum; + + cksum.checksum.length = 16; + cksum.checksum.data = cksum_data; + + hmac(NULL, c, cdata + 16, len - 16, 0, &ke, &cksum); + + memset (k1_c_data, 0, sizeof(k1_c_data)); + memset (k2_c_data, 0, sizeof(k2_c_data)); + memset (k3_c_data, 0, sizeof(k3_c_data)); + + if (memcmp (cksum.checksum.data, data, 16) != 0) + return KRB5KRB_AP_ERR_BAD_INTEGRITY; + else + return 0; +} + +/* + * convert the usage numbers used in + * draft-ietf-cat-kerb-key-derivation-00.txt to the ones in + * draft-brezak-win2k-krb-rc4-hmac-03.txt + */ + +static int +usage2arcfour (int usage) +{ + switch (usage) { + case KRB5_KU_PA_ENC_TIMESTAMP : + return 1; + case KRB5_KU_TICKET : + return 8; + case KRB5_KU_AS_REP_ENC_PART : + return 8; + case KRB5_KU_TGS_REQ_AUTH_DAT_SESSION : + case KRB5_KU_TGS_REQ_AUTH_DAT_SUBKEY : + case KRB5_KU_TGS_REQ_AUTH_CKSUM : + case KRB5_KU_TGS_REQ_AUTH : + return 7; + case KRB5_KU_TGS_REP_ENC_PART_SESSION : + case KRB5_KU_TGS_REP_ENC_PART_SUB_KEY : + return 8; + case KRB5_KU_AP_REQ_AUTH_CKSUM : + case KRB5_KU_AP_REQ_AUTH : + case KRB5_KU_AP_REQ_ENC_PART : + return 11; + case KRB5_KU_KRB_PRIV : + return 0; + case KRB5_KU_KRB_CRED : + case KRB5_KU_KRB_SAFE_CKSUM : + case KRB5_KU_OTHER_ENCRYPTED : + case KRB5_KU_OTHER_CKSUM : + case KRB5_KU_KRB_ERROR : + case KRB5_KU_AD_KDC_ISSUED : + case KRB5_KU_MANDATORY_TICKET_EXTENSION : + case KRB5_KU_AUTH_DATA_TICKET_EXTENSION : + case KRB5_KU_USAGE_SEAL : + case KRB5_KU_USAGE_SIGN : + case KRB5_KU_USAGE_SEQ : + default : + abort (); + } +} + +static krb5_error_code ARCFOUR_encrypt(struct key_data *key, void *data, size_t len, - krb5_boolean encrypt) + krb5_boolean encrypt, + int usage, + void *ivec) { + usage = usage2arcfour (usage); + if (encrypt) + return ARCFOUR_subencrypt (key, data, len, usage, ivec); + else + return ARCFOUR_subdecrypt (key, data, len, usage, ivec); } + /* * these should currently be in reverse preference order. - */ + * (only relevant for !F_PSEUDO) */ static struct encryption_type etypes[] = { { @@ -1496,6 +1864,17 @@ static struct encryption_type etypes[] = { 0, DES_CBC_encrypt_null_ivec, }, + { + ETYPE_ARCFOUR_HMAC_MD5, + "arcfour-hmac-md5", + 1, + 8, + &keytype_arcfour, + &checksum_hmac_md5_enc, + &checksum_hmac_md5_enc, + F_SPECIAL, + ARCFOUR_encrypt + }, { ETYPE_DES3_CBC_MD5, "des3-cbc-md5", @@ -1541,6 +1920,28 @@ static struct encryption_type etypes[] = { DES_CBC_encrypt_null_ivec, }, { + ETYPE_DES_CFB64_NONE, + "des-cfb64-none", + 1, + 0, + &keytype_des, + &checksum_none, + NULL, + F_PSEUDO, + DES_CFB64_encrypt_null_ivec, + }, + { + ETYPE_DES_PCBC_NONE, + "des-pcbc-none", + 8, + 0, + &keytype_des, + &checksum_none, + NULL, + F_PSEUDO, + DES_PCBC_encrypt_key_ivec, + }, + { ETYPE_DES3_CBC_NONE, "des3-cbc-none", 8, @@ -1549,8 +1950,19 @@ static struct encryption_type etypes[] = { &checksum_none, NULL, F_PSEUDO, - DES_CBC_encrypt_null_ivec, + DES3_CBC_encrypt, }, + { + ETYPE_DES3_CBC_NONE_IVEC, + "des3-cbc-none-ivec", + 8, + 0, + &keytype_des3_derived, + &checksum_none, + NULL, + F_PSEUDO, + DES3_CBC_encrypt_ivec, + } }; static unsigned num_etypes = sizeof(etypes) / sizeof(etypes[0]); @@ -1706,6 +2118,12 @@ derived_crypto(krb5_context context, return (crypto->et->flags & F_DERIVED) != 0; } +static krb5_boolean +special_crypto(krb5_context context, + krb5_crypto crypto) +{ + return (crypto->et->flags & F_SPECIAL) != 0; +} #define CHECKSUMSIZE(C) ((C)->checksumsize) #define CHECKSUMTYPE(C) ((C)->type) @@ -1716,7 +2134,8 @@ encrypt_internal_derived(krb5_context context, unsigned usage, void *data, size_t len, - krb5_data *result) + krb5_data *result, + void *ivec) { size_t sz, block_sz, checksum_sz; Checksum cksum; @@ -1745,14 +2164,17 @@ encrypt_internal_derived(krb5_context context, p, block_sz, &cksum); - if(ret == 0 && cksum.checksum.length != checksum_sz) - ret = KRB5_CRYPTO_INTERNAL; + if(ret == 0 && cksum.checksum.length != checksum_sz) { + free_Checksum (&cksum); + ret = KRB5_CRYPTO_INTERNAL; + } if(ret) { memset(p, 0, block_sz + checksum_sz); free(p); return ret; } memcpy(p + block_sz, cksum.checksum.data, cksum.checksum.length); + free_Checksum (&cksum); ret = _get_derived_key(context, crypto, ENCRYPTION_USAGE(usage), &dkey); if(ret) { memset(p, 0, block_sz + checksum_sz); @@ -1768,7 +2190,7 @@ encrypt_internal_derived(krb5_context context, #ifdef CRYPTO_DEBUG krb5_crypto_debug(context, 1, block_sz, dkey->key); #endif - (*et->encrypt)(dkey, p, block_sz, 1); + (*et->encrypt)(dkey, p, block_sz, 1, usage, ivec); result->data = p; result->length = block_sz + checksum_sz; return 0; @@ -1779,7 +2201,8 @@ encrypt_internal(krb5_context context, krb5_crypto crypto, void *data, size_t len, - krb5_data *result) + krb5_data *result, + void *ivec) { size_t sz, block_sz, checksum_sz; Checksum cksum; @@ -1830,19 +2253,49 @@ encrypt_internal(krb5_context context, #ifdef CRYPTO_DEBUG krb5_crypto_debug(context, 1, block_sz, crypto->key.key); #endif - (*et->encrypt)(&crypto->key, p, block_sz, 1); + (*et->encrypt)(&crypto->key, p, block_sz, 1, 0, ivec); result->data = p; result->length = block_sz; return 0; } static krb5_error_code +encrypt_internal_special(krb5_context context, + krb5_crypto crypto, + int usage, + void *data, + size_t len, + krb5_data *result, + void *ivec) +{ + struct encryption_type *et = crypto->et; + size_t cksum_sz = CHECKSUMSIZE(et->cksumtype); + size_t sz = len + cksum_sz + et->confoundersize; + char *tmp, *p; + + tmp = malloc (sz); + if (tmp == NULL) + return ENOMEM; + p = tmp; + memset (p, 0, cksum_sz); + p += cksum_sz; + krb5_generate_random_block(p, et->confoundersize); + p += et->confoundersize; + memcpy (p, data, len); + (*et->encrypt)(&crypto->key, tmp, sz, TRUE, usage, ivec); + result->data = tmp; + result->length = sz; + return 0; +} + +static krb5_error_code decrypt_internal_derived(krb5_context context, krb5_crypto crypto, unsigned usage, void *data, size_t len, - krb5_data *result) + krb5_data *result, + void *ivec) { size_t checksum_sz; Checksum cksum; @@ -1852,12 +2305,15 @@ decrypt_internal_derived(krb5_context context, struct encryption_type *et = crypto->et; unsigned long l; + checksum_sz = CHECKSUMSIZE(et->keyed_checksum); + if (len < checksum_sz) + return EINVAL; /* better error code? */ + p = malloc(len); if(len != 0 && p == NULL) return ENOMEM; memcpy(p, data, len); - checksum_sz = CHECKSUMSIZE(et->keyed_checksum); len -= checksum_sz; ret = _get_derived_key(context, crypto, ENCRYPTION_USAGE(usage), &dkey); @@ -1873,7 +2329,7 @@ decrypt_internal_derived(krb5_context context, #ifdef CRYPTO_DEBUG krb5_crypto_debug(context, 0, len, dkey->key); #endif - (*et->encrypt)(dkey, p, len, 0); + (*et->encrypt)(dkey, p, len, 0, usage, ivec); cksum.checksum.data = p + len; cksum.checksum.length = checksum_sz; @@ -1905,7 +2361,8 @@ decrypt_internal(krb5_context context, krb5_crypto crypto, void *data, size_t len, - krb5_data *result) + krb5_data *result, + void *ivec) { krb5_error_code ret; unsigned char *p; @@ -1927,11 +2384,11 @@ decrypt_internal(krb5_context context, #ifdef CRYPTO_DEBUG krb5_crypto_debug(context, 0, len, crypto->key.key); #endif - (*et->encrypt)(&crypto->key, p, len, 0); + (*et->encrypt)(&crypto->key, p, len, 0, 0, ivec); ret = krb5_data_copy(&cksum.checksum, p + et->confoundersize, checksum_sz); if(ret) { - free(p); - return ret; + free(p); + return ret; } memset(p + et->confoundersize, 0, checksum_sz); cksum.cksumtype = CHECKSUMTYPE(et->cksumtype); @@ -1952,6 +2409,54 @@ decrypt_internal(krb5_context context, return 0; } +static krb5_error_code +decrypt_internal_special(krb5_context context, + krb5_crypto crypto, + int usage, + void *data, + size_t len, + krb5_data *result, + void *ivec) +{ + struct encryption_type *et = crypto->et; + size_t cksum_sz = CHECKSUMSIZE(et->cksumtype); + size_t sz = len - cksum_sz - et->confoundersize; + char *cdata = (char *)data; + char *tmp; + + tmp = malloc (sz); + if (tmp == NULL) + return ENOMEM; + + (*et->encrypt)(&crypto->key, data, len, FALSE, usage, ivec); + + memcpy (tmp, cdata + cksum_sz + et->confoundersize, sz); + + result->data = tmp; + result->length = sz; + return 0; +} + + +krb5_error_code +krb5_encrypt_ivec(krb5_context context, + krb5_crypto crypto, + unsigned usage, + void *data, + size_t len, + krb5_data *result, + void *ivec) +{ + if(derived_crypto(context, crypto)) + return encrypt_internal_derived(context, crypto, usage, + data, len, result, ivec); + else if (special_crypto(context, crypto)) + return encrypt_internal_special (context, crypto, usage, + data, len, result, ivec); + else + return encrypt_internal(context, crypto, data, len, result, ivec); +} + krb5_error_code krb5_encrypt(krb5_context context, krb5_crypto crypto, @@ -1960,11 +2465,7 @@ krb5_encrypt(krb5_context context, size_t len, krb5_data *result) { - if(derived_crypto(context, crypto)) - return encrypt_internal_derived(context, crypto, usage, - data, len, result); - else - return encrypt_internal(context, crypto, data, len, result); + return krb5_encrypt_ivec(context, crypto, usage, data, len, result, NULL); } krb5_error_code @@ -1986,6 +2487,25 @@ krb5_encrypt_EncryptedData(krb5_context context, } krb5_error_code +krb5_decrypt_ivec(krb5_context context, + krb5_crypto crypto, + unsigned usage, + void *data, + size_t len, + krb5_data *result, + void *ivec) +{ + if(derived_crypto(context, crypto)) + return decrypt_internal_derived(context, crypto, usage, + data, len, result, ivec); + else if (special_crypto (context, crypto)) + return decrypt_internal_special(context, crypto, usage, + data, len, result, ivec); + else + return decrypt_internal(context, crypto, data, len, result, ivec); +} + +krb5_error_code krb5_decrypt(krb5_context context, krb5_crypto crypto, unsigned usage, @@ -1993,18 +2513,15 @@ krb5_decrypt(krb5_context context, size_t len, krb5_data *result) { - if(derived_crypto(context, crypto)) - return decrypt_internal_derived(context, crypto, usage, - data, len, result); - else - return decrypt_internal(context, crypto, data, len, result); + return krb5_decrypt_ivec (context, crypto, usage, data, len, result, + NULL); } krb5_error_code krb5_decrypt_EncryptedData(krb5_context context, krb5_crypto crypto, unsigned usage, - EncryptedData *e, + const EncryptedData *e, krb5_data *result) { return krb5_decrypt(context, crypto, usage, @@ -2091,7 +2608,7 @@ derive_key(krb5_context context, ret = _key_schedule(context, key); if(ret) return ret; - if(et->blocksize * 8 < kt->bits || + if(et->blocksize * 8 < kt->bits || len != et->blocksize) { nblocks = (kt->bits + et->blocksize * 8 - 1) / (et->blocksize * 8); k = malloc(nblocks * et->blocksize); @@ -2103,16 +2620,18 @@ derive_key(krb5_context context, memcpy(k + i * et->blocksize, k + (i - 1) * et->blocksize, et->blocksize); - (*et->encrypt)(key, k + i * et->blocksize, et->blocksize, 1); + (*et->encrypt)(key, k + i * et->blocksize, et->blocksize, 1, 0, + NULL); } } else { + /* this case is probably broken, but won't be run anyway */ void *c = malloc(len); size_t res_len = (kt->bits + 7) / 8; if(len != 0 && c == NULL) return ENOMEM; memcpy(c, constant, len); - (*et->encrypt)(key, c, len, 1); + (*et->encrypt)(key, c, len, 1, 0, NULL); k = malloc(res_len); if(res_len != 0 && k == NULL) return ENOMEM; @@ -2265,6 +2784,35 @@ krb5_string_to_key_derived(krb5_context context, return ret; } +static size_t +wrapped_length (krb5_context context, + krb5_crypto crypto, + size_t data_len) +{ + struct encryption_type *et = crypto->et; + size_t blocksize = et->blocksize; + size_t res; + + res = et->confoundersize + et->cksumtype->checksumsize + data_len; + res = (res + blocksize - 1) / blocksize * blocksize; + return res; +} + +static size_t +wrapped_length_dervied (krb5_context context, + krb5_crypto crypto, + size_t data_len) +{ + struct encryption_type *et = crypto->et; + size_t blocksize = et->blocksize; + size_t res; + + res = et->confoundersize + data_len; + res = (res + blocksize - 1) / blocksize * blocksize; + res += et->cksumtype->checksumsize; + return res; +} + /* * Return the size of an encrypted packet of length `data_len' */ @@ -2274,13 +2822,10 @@ krb5_get_wrapped_length (krb5_context context, krb5_crypto crypto, size_t data_len) { - struct encryption_type *et = crypto->et; - size_t blocksize = et->blocksize; - size_t res; - - res = (data_len + blocksize - 1) / blocksize * blocksize; - res = res + et->confoundersize + et->cksumtype->checksumsize; - return res; + if (derived_crypto (context, crypto)) + return wrapped_length_dervied (context, crypto, data_len); + else + return wrapped_length (context, crypto, data_len); } #ifdef CRYPTO_DEBUG @@ -2293,9 +2838,9 @@ krb5_get_keyid(krb5_context context, MD5_CTX md5; unsigned char tmp[16]; - MD5Init (&md5); - MD5Update (&md5, key->keyvalue.data, key->keyvalue.length); - MD5Final (tmp, &md5); + MD5_Init (&md5); + MD5_Update (&md5, key->keyvalue.data, key->keyvalue.length); + MD5_Final (tmp, &md5); *keyid = (tmp[12] << 24) | (tmp[13] << 16) | (tmp[14] << 8) | tmp[15]; return 0; } @@ -2319,3 +2864,69 @@ krb5_crypto_debug(krb5_context context, } #endif /* CRYPTO_DEBUG */ + +#if 0 +int +main() +{ +#if 0 + int i; + krb5_context context; + krb5_crypto crypto; + struct key_data *d; + krb5_keyblock key; + char constant[4]; + unsigned usage = ENCRYPTION_USAGE(3); + krb5_error_code ret; + + ret = krb5_init_context(&context); + if (ret) + errx (1, "krb5_init_context failed: %d", ret); + + key.keytype = ETYPE_NEW_DES3_CBC_SHA1; + key.keyvalue.data = "\xb3\x85\x58\x94\xd9\xdc\x7c\xc8" + "\x25\xe9\x85\xab\x3e\xb5\xfb\x0e" + "\xc8\xdf\xab\x26\x86\x64\x15\x25"; + key.keyvalue.length = 24; + + krb5_crypto_init(context, &key, 0, &crypto); + + d = _new_derived_key(crypto, usage); + if(d == NULL) + return ENOMEM; + krb5_copy_keyblock(context, crypto->key.key, &d->key); + _krb5_put_int(constant, usage, 4); + derive_key(context, crypto->et, d, constant, sizeof(constant)); + return 0; +#else + int i; + krb5_context context; + krb5_crypto crypto; + struct key_data *d; + krb5_keyblock key; + krb5_error_code ret; + Checksum res; + + char *data = "what do ya want for nothing?"; + + ret = krb5_init_context(&context); + if (ret) + errx (1, "krb5_init_context failed: %d", ret); + + key.keytype = ETYPE_NEW_DES3_CBC_SHA1; + key.keyvalue.data = "Jefe"; + /* "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" + "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"; */ + key.keyvalue.length = 4; + + d = calloc(1, sizeof(*d)); + + d->key = &key; + res.checksum.length = 20; + res.checksum.data = malloc(res.checksum.length); + HMAC_SHA1_DES3_checksum(context, d, data, 28, &res); + + return 0; +#endif +} +#endif diff --git a/crypto/heimdal/lib/krb5/eai_to_heim_errno.c b/crypto/heimdal/lib/krb5/eai_to_heim_errno.c new file mode 100644 index 0000000..b9272dd --- /dev/null +++ b/crypto/heimdal/lib/krb5/eai_to_heim_errno.c @@ -0,0 +1,69 @@ +/* + * Copyright (c) 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include + +RCSID("$Id: eai_to_heim_errno.c,v 1.1 2000/07/08 13:03:36 joda Exp $"); + +krb5_error_code +krb5_eai_to_heim_errno(int eai_errno) +{ + switch(eai_errno) { + case EAI_NOERROR: + return 0; + case EAI_ADDRFAMILY: + return HEIM_EAI_ADDRFAMILY; + case EAI_AGAIN: + return HEIM_EAI_AGAIN; + case EAI_BADFLAGS: + return HEIM_EAI_BADFLAGS; + case EAI_FAIL: + return HEIM_EAI_FAIL; + case EAI_FAMILY: + return HEIM_EAI_FAMILY; + case EAI_MEMORY: + return HEIM_EAI_MEMORY; + case EAI_NODATA: + return HEIM_EAI_NODATA; + case EAI_NONAME: + return HEIM_EAI_NONAME; + case EAI_SERVICE: + return HEIM_EAI_SERVICE; + case EAI_SOCKTYPE: + return HEIM_EAI_SOCKTYPE; + case EAI_SYSTEM: + return errno; + default: + return HEIM_EAI_UNKNOWN; /* XXX */ + } +} diff --git a/crypto/heimdal/lib/krb5/expand_hostname.c b/crypto/heimdal/lib/krb5/expand_hostname.c index 3e98e88..72c5718 100644 --- a/crypto/heimdal/lib/krb5/expand_hostname.c +++ b/crypto/heimdal/lib/krb5/expand_hostname.c @@ -33,7 +33,7 @@ #include "krb5_locl.h" -RCSID("$Id: expand_hostname.c,v 1.8 2000/02/20 02:25:29 assar Exp $"); +RCSID("$Id: expand_hostname.c,v 1.9 2000/02/23 03:12:07 assar Exp $"); static krb5_error_code copy_hostname(krb5_context context, @@ -130,7 +130,7 @@ krb5_expand_hostname_realms (krb5_context context, for (a = ai; a != NULL; a = a->ai_next) { if (a->ai_canonname != NULL) { - ret = copy_hostname (context, orig_hostname, new_hostname); + ret = copy_hostname (context, a->ai_canonname, new_hostname); if (ret) { freeaddrinfo (ai); return ret; diff --git a/crypto/heimdal/lib/krb5/fcache.c b/crypto/heimdal/lib/krb5/fcache.c index df88e6f..fbdb3a1 100644 --- a/crypto/heimdal/lib/krb5/fcache.c +++ b/crypto/heimdal/lib/krb5/fcache.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "krb5_locl.h" -RCSID("$Id: fcache.c,v 1.22 1999/12/02 17:05:09 joda Exp $"); +RCSID("$Id: fcache.c,v 1.31 2000/12/05 09:15:10 joda Exp $"); typedef struct krb5_fcache{ char *filename; @@ -83,28 +83,86 @@ fcc_resolve(krb5_context context, krb5_ccache *id, const char *res) return 0; } +/* + * Try to scrub the contents of `filename' safely. + */ + +static int +scrub_file (int fd) +{ + off_t pos; + char buf[128]; + + pos = lseek(fd, 0, SEEK_END); + if (pos < 0) + return errno; + if (lseek(fd, 0, SEEK_SET) < 0) + return errno; + memset(buf, 0, sizeof(buf)); + while(pos > 0) { + ssize_t tmp = write(fd, buf, min(sizeof(buf), pos)); + + if (tmp < 0) + return errno; + pos -= tmp; + } + fsync (fd); + return 0; +} + +/* + * Erase `filename' if it exists, trying to remove the contents if + * it's `safe'. We always try to remove the file, it it exists. It's + * only overwritten if it's a regular file (not a symlink and not a + * hardlink) + */ + static krb5_error_code erase_file(const char *filename) { int fd; - off_t pos; - char buf[128]; + struct stat sb1, sb2; + int ret; + + ret = lstat (filename, &sb1); + if (ret < 0) + return errno; fd = open(filename, O_RDWR | O_BINARY); - if(fd < 0){ + if(fd < 0) { if(errno == ENOENT) return 0; else return errno; } - pos = lseek(fd, 0, SEEK_END); - lseek(fd, 0, SEEK_SET); - memset(buf, 0, sizeof(buf)); - while(pos > 0) - pos -= write(fd, buf, sizeof(buf)); - close(fd); - unlink(filename); - return 0; + if (unlink(filename) < 0) { + close (fd); + return errno; + } + + ret = fstat (fd, &sb2); + if (ret < 0) { + close (fd); + return errno; + } + + /* check if someone was playing with symlinks */ + + if (sb1.st_dev != sb2.st_dev || sb1.st_ino != sb2.st_ino) { + close (fd); + return EPERM; + } + + /* there are still hard links to this file */ + + if (sb2.st_nlink != 0) { + close (fd); + return 0; + } + + ret = scrub_file (fd); + close (fd); + return ret; } static krb5_error_code @@ -116,7 +174,7 @@ fcc_gen_new(krb5_context context, krb5_ccache *id) f = malloc(sizeof(*f)); if(f == NULL) return KRB5_CC_NOMEM; - asprintf(&file, "/tmp/krb5cc_XXXXXX"); /* XXX */ + asprintf (&file, "%sXXXXXX", KRB5_DEFAULT_CCFILE_ROOT); if(file == NULL) { free(f); return KRB5_CC_NOMEM; @@ -166,12 +224,11 @@ fcc_initialize(krb5_context context, krb5_principal primary_principal) { krb5_fcache *f = FCACHE(id); - int ret; + int ret = 0; int fd; char *filename = f->filename; - if((ret = erase_file(filename))) - return ret; + unlink (filename); fd = open(filename, O_RDWR | O_CREAT | O_EXCL | O_BINARY, 0600); if(fd == -1) @@ -183,27 +240,29 @@ fcc_initialize(krb5_context context, f->version = context->fcache_vno; else f->version = KRB5_FCC_FVNO_4; - krb5_store_int8(sp, 5); - krb5_store_int8(sp, f->version); + ret |= krb5_store_int8(sp, 5); + ret |= krb5_store_int8(sp, f->version); storage_set_flags(context, sp, f->version); - if(f->version == KRB5_FCC_FVNO_4) { + if(f->version == KRB5_FCC_FVNO_4 && ret == 0) { /* V4 stuff */ if (context->kdc_sec_offset) { - krb5_store_int16 (sp, 12); /* length */ - krb5_store_int16 (sp, FCC_TAG_DELTATIME); /* Tag */ - krb5_store_int16 (sp, 8); /* length of data */ - krb5_store_int32 (sp, context->kdc_sec_offset); - krb5_store_int32 (sp, context->kdc_usec_offset); + ret |= krb5_store_int16 (sp, 12); /* length */ + ret |= krb5_store_int16 (sp, FCC_TAG_DELTATIME); /* Tag */ + ret |= krb5_store_int16 (sp, 8); /* length of data */ + ret |= krb5_store_int32 (sp, context->kdc_sec_offset); + ret |= krb5_store_int32 (sp, context->kdc_usec_offset); } else { - krb5_store_int16 (sp, 0); + ret |= krb5_store_int16 (sp, 0); } } - krb5_store_principal(sp, primary_principal); + ret |= krb5_store_principal(sp, primary_principal); krb5_storage_free(sp); } - close(fd); + if(close(fd) < 0) + if (ret == 0) + ret = errno; - return 0; + return ret; } static krb5_error_code @@ -232,6 +291,7 @@ fcc_store_cred(krb5_context context, krb5_ccache id, krb5_creds *creds) { + int ret; int fd; char *f; @@ -244,11 +304,13 @@ fcc_store_cred(krb5_context context, krb5_storage *sp; sp = krb5_storage_from_fd(fd); storage_set_flags(context, sp, FCACHE(id)->version); - krb5_store_creds(sp, creds); + ret = krb5_store_creds(sp, creds); krb5_storage_free(sp); } - close(fd); - return 0; /* XXX */ + if (close(fd) < 0) + if (ret == 0) + ret = errno; + return ret; } static krb5_error_code @@ -274,12 +336,17 @@ init_fcc (krb5_context context, int fd; int8_t pvno, tag; krb5_storage *sp; + krb5_error_code ret; fd = open(fcache->filename, O_RDONLY | O_BINARY); if(fd < 0) return errno; sp = krb5_storage_from_fd(fd); - krb5_ret_int8(sp, &pvno); + ret = krb5_ret_int8(sp, &pvno); + if(ret == KRB5_CC_END) + return ENOENT; + if(ret) + return ret; if(pvno != 5) { krb5_storage_free(sp); close(fd); @@ -341,10 +408,10 @@ fcc_get_principal(krb5_context context, ret = init_fcc (context, f, &sp, &fd); if (ret) return ret; - krb5_ret_principal(sp, principal); + ret = krb5_ret_principal(sp, principal); krb5_storage_free(sp); close(fd); - return 0; + return ret; } static krb5_error_code diff --git a/crypto/heimdal/lib/krb5/generate_seq_number.c b/crypto/heimdal/lib/krb5/generate_seq_number.c index a000ea1..3ebe562 100644 --- a/crypto/heimdal/lib/krb5/generate_seq_number.c +++ b/crypto/heimdal/lib/krb5/generate_seq_number.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,12 +33,12 @@ #include -RCSID("$Id: generate_seq_number.c,v 1.6 1999/12/02 17:05:09 joda Exp $"); +RCSID("$Id: generate_seq_number.c,v 1.7 2000/04/08 21:20:45 assar Exp $"); krb5_error_code krb5_generate_seq_number(krb5_context context, const krb5_keyblock *key, - int32_t *seqno) + u_int32_t *seqno) { krb5_error_code ret; krb5_keyblock *subkey; diff --git a/crypto/heimdal/lib/krb5/get_addrs.c b/crypto/heimdal/lib/krb5/get_addrs.c index 65a1b3c..7b9d74c 100644 --- a/crypto/heimdal/lib/krb5/get_addrs.c +++ b/crypto/heimdal/lib/krb5/get_addrs.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "krb5_locl.h" -RCSID("$Id: get_addrs.c,v 1.35 1999/12/02 17:05:09 joda Exp $"); +RCSID("$Id: get_addrs.c,v 1.40 2000/12/10 20:07:05 assar Exp $"); #ifdef __osf__ /* hate */ @@ -43,42 +43,35 @@ struct mbuf; #ifdef HAVE_NET_IF_H #include #endif - -#ifdef HAVE_SYS_SOCKIO_H -#include -#endif /* HAVE_SYS_SOCKIO_H */ - -#ifdef HAVE_NETINET_IN6_VAR_H -#include -#endif /* HAVE_NETINET_IN6_VAR_H */ +#include static krb5_error_code gethostname_fallback (krb5_addresses *res) { - krb5_error_code err; - char hostname[MAXHOSTNAMELEN]; - struct hostent *hostent; - - if (gethostname (hostname, sizeof(hostname))) - return errno; - hostent = roken_gethostbyname (hostname); - if (hostent == NULL) - return errno; - res->len = 1; - res->val = malloc (sizeof(*res->val)); - if (res->val == NULL) - return ENOMEM; - res->val[0].addr_type = hostent->h_addrtype; - res->val[0].address.data = NULL; - res->val[0].address.length = 0; - err = krb5_data_copy (&res->val[0].address, - hostent->h_addr, - hostent->h_length); - if (err) { - free (res->val); - return err; - } - return 0; + krb5_error_code err; + char hostname[MAXHOSTNAMELEN]; + struct hostent *hostent; + + if (gethostname (hostname, sizeof(hostname))) + return errno; + hostent = roken_gethostbyname (hostname); + if (hostent == NULL) + return errno; + res->len = 1; + res->val = malloc (sizeof(*res->val)); + if (res->val == NULL) + return ENOMEM; + res->val[0].addr_type = hostent->h_addrtype; + res->val[0].address.data = NULL; + res->val[0].address.length = 0; + err = krb5_data_copy (&res->val[0].address, + hostent->h_addr, + hostent->h_length); + if (err) { + free (res->val); + return err; + } + return 0; } enum { @@ -94,143 +87,96 @@ enum { */ static krb5_error_code -find_all_addresses (krb5_context context, - krb5_addresses *res, int flags, - int af, int siocgifconf, int siocgifflags, - size_t ifreq_sz) +find_all_addresses (krb5_context context, krb5_addresses *res, int flags) { - krb5_error_code ret; - int fd; - size_t buf_size; - char *buf; - struct ifconf ifconf; - int num, j = 0; - char *p; - size_t sz; - struct sockaddr sa_zero; - struct ifreq *ifr; - krb5_address lo_addr; - int got_lo = FALSE; - - buf = NULL; - res->val = NULL; - - memset (&sa_zero, 0, sizeof(sa_zero)); - fd = socket(af, SOCK_DGRAM, 0); - if (fd < 0) - return -1; + struct sockaddr sa_zero; + struct ifaddrs *ifa0, *ifa; + krb5_error_code ret = ENXIO; + int num, idx; - buf_size = 8192; - for (;;) { - buf = malloc(buf_size); - if (buf == NULL) { - ret = ENOMEM; - goto error_out; - } - ifconf.ifc_len = buf_size; - ifconf.ifc_buf = buf; - if (ioctl (fd, siocgifconf, &ifconf) < 0) { - ret = errno; - goto error_out; - } - /* - * Can the difference between a full and a overfull buf - * be determined? - */ + res->val = NULL; - if (ifconf.ifc_len < buf_size) - break; - free (buf); - buf_size *= 2; - } + if (getifaddrs(&ifa0) == -1) + return (errno); - num = ifconf.ifc_len / ifreq_sz; - res->len = num; - res->val = calloc(num, sizeof(*res->val)); - if (res->val == NULL) { - ret = ENOMEM; - goto error_out; - } - - j = 0; - for (p = ifconf.ifc_buf; - p < ifconf.ifc_buf + ifconf.ifc_len; - p += sz) { - struct ifreq ifreq; - struct sockaddr *sa; - - ifr = (struct ifreq *)p; - sa = &ifr->ifr_addr; - - sz = ifreq_sz; -#ifdef HAVE_STRUCT_SOCKADDR_SA_LEN - sz = max(sz, sizeof(ifr->ifr_name) + sa->sa_len); -#endif -#ifdef SA_LEN - sz = max(sz, SA_LEN(sa)); -#endif - memcpy (ifreq.ifr_name, ifr->ifr_name, sizeof(ifr->ifr_name)); + memset(&sa_zero, 0, sizeof(sa_zero)); - if (ioctl(fd, siocgifflags, &ifreq) < 0) { - ret = errno; - goto error_out; - } + /* First, count all the ifaddrs. */ + for (ifa = ifa0, num = 0; ifa != NULL; ifa = ifa->ifa_next, num++) + /* nothing */; - if (!(ifreq.ifr_flags & IFF_UP)) - continue; - if (memcmp (sa, &sa_zero, sizeof(sa_zero)) == 0) - continue; - if (krb5_sockaddr_uninteresting (sa)) - continue; + if (num == 0) { + freeifaddrs(ifa0); + return (ENXIO); + } - if (ifreq.ifr_flags & IFF_LOOPBACK) { - if (flags & LOOP_IF_NONE) { - ret = krb5_sockaddr2address (sa, &lo_addr); - if (ret) - goto error_out; - got_lo = TRUE; - continue; - } else if((flags & LOOP) == 0) - continue; - } + /* Allocate storage for them. */ + res->val = calloc(num, sizeof(*res->val)); + if (res->val == NULL) { + freeifaddrs(ifa0); + return (ENOMEM); + } - ret = krb5_sockaddr2address (sa, &res->val[j]); - if (ret) - goto error_out; - ++j; - } - if ((flags & LOOP_IF_NONE) && got_lo) { - if (j == 0) - res->val[j++] = lo_addr; - else - krb5_free_address (context, &lo_addr); - } + /* Now traverse the list. */ + for (ifa = ifa0, idx = 0; ifa != NULL; ifa = ifa->ifa_next) { + if ((ifa->ifa_flags & IFF_UP) == 0) + continue; + if (memcmp(ifa->ifa_addr, &sa_zero, sizeof(sa_zero)) == 0) + continue; + if (krb5_sockaddr_uninteresting(ifa->ifa_addr)) + continue; + + if ((ifa->ifa_flags & IFF_LOOPBACK) != 0) { + /* We'll deal with the LOOP_IF_NONE case later. */ + if ((flags & LOOP) == 0) + continue; + } - if (j != num) { - void *tmp; + ret = krb5_sockaddr2address(ifa->ifa_addr, &res->val[idx]); + if (ret) { + /* + * The most likely error here is going to be "Program + * lacks support for address type". This is no big + * deal -- just continue, and we'll listen on the + * addresses who's type we *do* support. + */ + continue; + } + idx++; + } - res->len = j; - tmp = realloc (res->val, j * sizeof(*res->val)); - if (j != 0 && tmp == NULL) { - ret = ENOMEM; - goto error_out; - } - res->val = tmp; - } - ret = 0; - goto cleanup; + /* + * If no addresses were found, and LOOP_IF_NONE is set, then find + * the loopback addresses and add them to our list. + */ + if ((flags & LOOP_IF_NONE) != 0 && idx == 0) { + for (ifa = ifa0; ifa != NULL; ifa = ifa->ifa_next) { + if ((ifa->ifa_flags & IFF_UP) == 0) + continue; + if (memcmp(ifa->ifa_addr, &sa_zero, sizeof(sa_zero)) == 0) + continue; + if (krb5_sockaddr_uninteresting(ifa->ifa_addr)) + continue; + + if ((ifa->ifa_flags & IFF_LOOPBACK) != 0) { + ret = krb5_sockaddr2address(ifa->ifa_addr, &res->val[idx]); + if (ret) { + /* + * See comment above. + */ + continue; + } + idx++; + } + } + } -error_out: - if (got_lo) - krb5_free_address (context, &lo_addr); - while(j--) { - krb5_free_address (context, &res->val[j]); - } - free (res->val); -cleanup: - close (fd); - free (buf); - return ret; + freeifaddrs(ifa0); + if (ret) + free(res->val); + else + res->len = idx; /* Now a count. */ + return (ret); } static krb5_error_code @@ -239,26 +185,9 @@ get_addrs_int (krb5_context context, krb5_addresses *res, int flags) krb5_error_code ret = -1; if (flags & SCAN_INTERFACES) { -#if defined(AF_INET6) && defined(SIOCGIF6CONF) && defined(SIOCGIF6FLAGS) - if (ret) - ret = find_all_addresses (context, res, flags, - AF_INET6, SIOCGIF6CONF, SIOCGIF6FLAGS, - sizeof(struct in6_ifreq)); -#endif -#if defined(HAVE_IPV6) && defined(SIOCGIFCONF) - if (ret) - ret = find_all_addresses (context, res, flags, - AF_INET6, SIOCGIFCONF, SIOCGIFFLAGS, - sizeof(struct ifreq)); -#endif -#if defined(AF_INET) && defined(SIOCGIFCONF) && defined(SIOCGIFFLAGS) - if (ret) - ret = find_all_addresses (context, res, flags, - AF_INET, SIOCGIFCONF, SIOCGIFFLAGS, - sizeof(struct ifreq)); + ret = find_all_addresses (context, res, flags); if(ret || res->len == 0) ret = gethostname_fallback (res); -#endif } else ret = 0; diff --git a/crypto/heimdal/lib/krb5/get_cred.c b/crypto/heimdal/lib/krb5/get_cred.c index 61951c1..e649cfe 100644 --- a/crypto/heimdal/lib/krb5/get_cred.c +++ b/crypto/heimdal/lib/krb5/get_cred.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include -RCSID("$Id: get_cred.c,v 1.75 1999/12/02 17:05:09 joda Exp $"); +RCSID("$Id: get_cred.c,v 1.82 2001/01/19 04:29:44 assar Exp $"); /* * Take the `body' and encode it into `padata' using the credentials @@ -82,12 +82,13 @@ make_pa_tgs_req(krb5_context context, in_data.data = buf + buf_size - len; ret = krb5_mk_req_internal(context, &ac, 0, &in_data, creds, &padata->padata_value, - KRB5_KU_TGS_REQ_AUTH_CKSUM); + KRB5_KU_TGS_REQ_AUTH_CKSUM, + KRB5_KU_TGS_REQ_AUTH); out: free (buf); if(ret) return ret; - padata->padata_type = pa_tgs_req; + padata->padata_type = KRB5_PADATA_TGS_REQ; return 0; } @@ -191,6 +192,10 @@ init_tgs_req (krb5_context context, ret = ENOMEM; goto fail; } + + /* some versions of some code might require that the client be + present in TGS-REQs, but this is clearly against the spec */ + ret = copy_PrincipalName(&in_creds->server->name, t->req_body.sname); if (ret) goto fail; @@ -273,6 +278,7 @@ init_tgs_req (krb5_context context, } fail: if (ret) + /* XXX - don't free addresses? */ free_TGS_REQ (t); return ret; } @@ -320,7 +326,9 @@ decrypt_tkt_with_subkey (krb5_context context, size_t size; krb5_crypto crypto; - krb5_crypto_init(context, key, 0, &crypto); + ret = krb5_crypto_init(context, key, 0, &crypto); + if (ret) + return ret; ret = krb5_decrypt_EncryptedData (context, crypto, usage, @@ -329,7 +337,9 @@ decrypt_tkt_with_subkey (krb5_context context, krb5_crypto_destroy(context, crypto); if(ret && subkey){ /* DCE compat -- try to decrypt with subkey */ - krb5_crypto_init(context, (krb5_keyblock*)subkey, 0, &crypto); + ret = krb5_crypto_init(context, (krb5_keyblock*)subkey, 0, &crypto); + if (ret) + return ret; ret = krb5_decrypt_EncryptedData (context, crypto, KRB5_KU_TGS_REP_ENC_PART_SUB_KEY, @@ -471,6 +481,7 @@ get_cred_kdc(krb5_context context, &krbtgt->addresses, nonce, TRUE, + flags.b.request_anonymous, decrypt_tkt_with_subkey, subkey); krb5_free_kdc_rep(context, &rep); @@ -610,7 +621,7 @@ get_cred_from_kdc_flags(krb5_context context, { krb5_error_code ret; krb5_creds *tgt, tmp_creds; - krb5_realm client_realm, server_realm; + krb5_const_realm client_realm, server_realm, try_realm; *out_creds = NULL; @@ -620,9 +631,15 @@ get_cred_from_kdc_flags(krb5_context context, ret = krb5_copy_principal(context, in_creds->client, &tmp_creds.client); if(ret) return ret; + + try_realm = krb5_config_get_string(context, NULL, "libdefaults", + "capath", server_realm, NULL); + if (try_realm == NULL) + try_realm = client_realm; + ret = krb5_make_principal(context, &tmp_creds.server, - client_realm, + try_realm, KRB5_TGS_NAME, server_realm, NULL); @@ -642,8 +659,10 @@ get_cred_from_kdc_flags(krb5_context context, else { ret = get_cred_kdc_la(context, ccache, flags, in_creds, &tgts, *out_creds); - if (ret) + if (ret) { free (*out_creds); + *out_creds = NULL; + } } krb5_free_creds_contents(context, &tgts); krb5_free_principal(context, tmp_creds.server); @@ -656,8 +675,7 @@ get_cred_from_kdc_flags(krb5_context context, /* XXX this can loop forever */ while(1){ general_string tgt_inst; - krb5_kdc_flags f; - f.i = 0; + ret = get_cred_from_kdc_flags(context, flags, ccache, &tmp_creds, &tgt, ret_tgts); if(ret) { @@ -698,8 +716,10 @@ get_cred_from_kdc_flags(krb5_context context, else { ret = get_cred_kdc_la(context, ccache, flags, in_creds, tgt, *out_creds); - if (ret) + if (ret) { free (*out_creds); + *out_creds = NULL; + } } krb5_free_creds(context, tgt); return ret; @@ -729,20 +749,24 @@ krb5_get_credentials_with_flags(krb5_context context, { krb5_error_code ret; krb5_creds **tgts; + krb5_creds *res_creds; int i; - *out_creds = calloc(1, sizeof(**out_creds)); - if (*out_creds == NULL) + *out_creds = NULL; + res_creds = calloc(1, sizeof(*res_creds)); + if (res_creds == NULL) return ENOMEM; ret = krb5_cc_retrieve_cred(context, ccache, in_creds->session.keytype ? KRB5_TC_MATCH_KEYTYPE : 0, - in_creds, *out_creds); - if(ret == 0) + in_creds, res_creds); + if(ret == 0) { + *out_creds = res_creds; return 0; - free(*out_creds); + } + free(res_creds); if(ret != KRB5_CC_END) return ret; if(options & KRB5_GC_CACHED) @@ -752,7 +776,7 @@ krb5_get_credentials_with_flags(krb5_context context, tgts = NULL; ret = get_cred_from_kdc_flags(context, flags, ccache, in_creds, out_creds, &tgts); - for(i = 0; tgts && tgts[i]; i++){ + for(i = 0; tgts && tgts[i]; i++) { krb5_cc_store_cred(context, ccache, tgts[i]); krb5_free_creds(context, tgts[i]); } diff --git a/crypto/heimdal/lib/krb5/get_for_creds.c b/crypto/heimdal/lib/krb5/get_for_creds.c index 977515f..103b757 100644 --- a/crypto/heimdal/lib/krb5/get_for_creds.c +++ b/crypto/heimdal/lib/krb5/get_for_creds.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include -RCSID("$Id: get_for_creds.c,v 1.21 1999/12/20 00:57:37 assar Exp $"); +RCSID("$Id: get_for_creds.c,v 1.27 2000/08/18 06:47:40 assar Exp $"); static krb5_error_code add_addrs(krb5_context context, @@ -41,7 +41,7 @@ add_addrs(krb5_context context, struct addrinfo *ai) { krb5_error_code ret; - unsigned n, i; + unsigned n, i, j; void *tmp; struct addrinfo *a; @@ -57,11 +57,18 @@ add_addrs(krb5_context context, goto fail; } addr->val = tmp; + for (j = i; j < addr->len; ++j) { + addr->val[i].addr_type = 0; + krb5_data_zero(&addr->val[i].address); + } for (a = ai; a != NULL; a = a->ai_next) { - ret = krb5_sockaddr2address (a->ai_addr, &addr->val[i++]); - if (ret) + ret = krb5_sockaddr2address (a->ai_addr, &addr->val[i]); + if (ret == 0) + ++i; + else if (ret != KRB5_PROG_ATYPE_NOSUPP) goto fail; } + addr->len = i; return 0; fail: krb5_free_addresses (context, addr); @@ -137,7 +144,7 @@ krb5_get_forwarded_creds (krb5_context context, ret = getaddrinfo (hostname, NULL, NULL, &ai); if (ret) - return ret; + return krb5_eai_to_heim_errno(ret); ret = add_addrs (context, &addrs, ai); freeaddrinfo (ai); @@ -194,22 +201,26 @@ krb5_get_forwarded_creds (krb5_context context, } *enc_krb_cred_part.usec = usec; - ret = krb5_make_addrport (&enc_krb_cred_part.s_address, - auth_context->local_address, - auth_context->local_port); - if (ret) - goto out4; - - ALLOC(enc_krb_cred_part.r_address, 1); - if (enc_krb_cred_part.r_address == NULL) { - ret = ENOMEM; - goto out4; + if (auth_context->local_address && auth_context->local_port) { + ret = krb5_make_addrport (&enc_krb_cred_part.s_address, + auth_context->local_address, + auth_context->local_port); + if (ret) + goto out4; } - ret = krb5_copy_address (context, auth_context->remote_address, - enc_krb_cred_part.r_address); - if (ret) - goto out4; + if (auth_context->remote_address) { + ALLOC(enc_krb_cred_part.r_address, 1); + if (enc_krb_cred_part.r_address == NULL) { + ret = ENOMEM; + goto out4; + } + + ret = krb5_copy_address (context, auth_context->remote_address, + enc_krb_cred_part.r_address); + if (ret) + goto out4; + } /* fill ticket_info.val[0] */ @@ -252,7 +263,11 @@ krb5_get_forwarded_creds (krb5_context context, return ret; } - krb5_crypto_init(context, auth_context->local_subkey, 0, &crypto); + ret = krb5_crypto_init(context, auth_context->local_subkey, 0, &crypto); + if (ret) { + free_KRB_CRED(&cred); + return ret; + } ret = krb5_encrypt_EncryptedData (context, crypto, KRB5_KU_KRB_CRED, diff --git a/crypto/heimdal/lib/krb5/get_in_tkt.c b/crypto/heimdal/lib/krb5/get_in_tkt.c index e043d1d..84afe5e 100644 --- a/crypto/heimdal/lib/krb5/get_in_tkt.c +++ b/crypto/heimdal/lib/krb5/get_in_tkt.c @@ -33,7 +33,7 @@ #include "krb5_locl.h" -RCSID("$Id: get_in_tkt.c,v 1.94 2000/02/06 05:18:20 assar Exp $"); +RCSID("$Id: get_in_tkt.c,v 1.97 2000/08/18 06:47:54 assar Exp $"); krb5_error_code krb5_init_etype (krb5_context context, @@ -85,7 +85,9 @@ decrypt_tkt (krb5_context context, size_t size; krb5_crypto crypto; - krb5_crypto_init(context, key, 0, &crypto); + ret = krb5_crypto_init(context, key, 0, &crypto); + if (ret) + return ret; ret = krb5_decrypt_EncryptedData (context, crypto, @@ -124,6 +126,7 @@ _krb5_extract_ticket(krb5_context context, krb5_addresses *addrs, unsigned nonce, krb5_boolean allow_server_mismatch, + krb5_boolean ignore_cname, krb5_decrypt_proc decrypt_proc, krb5_const_pointer decryptarg) { @@ -133,20 +136,26 @@ _krb5_extract_ticket(krb5_context context, time_t tmp_time; krb5_timestamp sec_now; - /* compare client */ - ret = principalname2krb5_principal (&tmp_principal, rep->kdc_rep.cname, rep->kdc_rep.crealm); if (ret) goto out; - tmp = krb5_principal_compare (context, tmp_principal, creds->client); - krb5_free_principal (context, tmp_principal); - if (!tmp) { - ret = KRB5KRB_AP_ERR_MODIFIED; - goto out; + + /* compare client */ + + if (!ignore_cname) { + tmp = krb5_principal_compare (context, tmp_principal, creds->client); + if (!tmp) { + krb5_free_principal (context, tmp_principal); + ret = KRB5KRB_AP_ERR_MODIFIED; + goto out; + } } - + + krb5_free_principal (context, creds->client); + creds->client = tmp_principal; + /* extract ticket */ { unsigned char *buf; @@ -314,7 +323,9 @@ make_pa_enc_timestamp(krb5_context context, PA_DATA *pa, if (ret) return ret; - krb5_crypto_init(context, key, 0, &crypto); + ret = krb5_crypto_init(context, key, 0, &crypto); + if (ret) + return ret; ret = krb5_encrypt_EncryptedData(context, crypto, KRB5_KU_PA_ENC_TIMESTAMP, @@ -333,7 +344,7 @@ make_pa_enc_timestamp(krb5_context context, PA_DATA *pa, free_EncryptedData(&encdata); if (ret) return ret; - pa->padata_type = pa_enc_timestamp; + pa->padata_type = KRB5_PADATA_ENC_TIMESTAMP; pa->padata_value.length = 0; krb5_data_copy(&pa->padata_value, buf + sizeof(buf) - len, @@ -575,10 +586,10 @@ set_ptypes(krb5_context context, NULL); for(i = 0; i < md.len; i++){ switch(md.val[i].padata_type){ - case pa_enc_timestamp: + case KRB5_PADATA_ENC_TIMESTAMP: *ptypes = ptypes2; break; - case pa_etype_info: + case KRB5_PADATA_ETYPE_INFO: *preauth = &preauth2; ALLOC_SEQ(*preauth, 1); (*preauth)->val[0].type = KRB5_PADATA_ENC_TIMESTAMP; @@ -588,6 +599,8 @@ set_ptypes(krb5_context context, &(*preauth)->val[0].info, NULL); break; + default: + break; } } free_METHOD_DATA(&md); @@ -707,12 +720,12 @@ krb5_get_in_cred(krb5_context context, if(rep.kdc_rep.padata){ int index = 0; pa = krb5_find_padata(rep.kdc_rep.padata->val, rep.kdc_rep.padata->len, - pa_pw_salt, &index); + KRB5_PADATA_PW_SALT, &index); if(pa == NULL) { index = 0; pa = krb5_find_padata(rep.kdc_rep.padata->val, rep.kdc_rep.padata->len, - pa_afs3_salt, &index); + KRB5_PADATA_AFS3_SALT, &index); } } if(pa) { @@ -741,6 +754,7 @@ krb5_get_in_cred(krb5_context context, NULL, nonce, FALSE, + opts.b.request_anonymous, decrypt_proc, decryptarg); memset (key->keyvalue.data, 0, key->keyvalue.length); diff --git a/crypto/heimdal/lib/krb5/get_port.c b/crypto/heimdal/lib/krb5/get_port.c index 17bb45f..6c51741 100644 --- a/crypto/heimdal/lib/krb5/get_port.c +++ b/crypto/heimdal/lib/krb5/get_port.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include -RCSID("$Id: get_port.c,v 1.7 1999/12/02 17:05:10 joda Exp $"); +RCSID("$Id: get_port.c,v 1.8 2001/01/27 19:24:34 joda Exp $"); int krb5_getportbyname (krb5_context context, @@ -44,8 +44,10 @@ krb5_getportbyname (krb5_context context, struct servent *sp; if ((sp = roken_getservbyname (service, proto)) == NULL) { +#if 0 krb5_warnx(context, "%s/%s unknown service, using default port %d", service, proto, default_port); +#endif return htons(default_port); } else return sp->s_port; diff --git a/crypto/heimdal/lib/krb5/heim_err.et b/crypto/heimdal/lib/krb5/heim_err.et index 5ec3543..09145f2 100644 --- a/crypto/heimdal/lib/krb5/heim_err.et +++ b/crypto/heimdal/lib/krb5/heim_err.et @@ -3,7 +3,7 @@ # # This might look like a com_err file, but is not # -id "$Id: heim_err.et,v 1.7 1999/08/25 20:49:17 joda Exp $" +id "$Id: heim_err.et,v 1.10 2000/07/08 13:02:11 joda Exp $" error_table heim @@ -14,5 +14,23 @@ error_code V4_PRINC_NO_CONV, "Failed to convert v4 principal" error_code SALTTYPE_NOSUPP, "Salt type is not supported by enctype" error_code NOHOST, "Host not found" error_code OPNOTSUPP, "Operation not supported" +error_code EOF, "End of file" +error_code BAD_MKEY, "Failed to get the master key" + +index 128 +prefix HEIM_EAI +#error_code NOERROR, "no error" +error_code UNKNOWN, "unknown error from getaddrinfo" +error_code ADDRFAMILY, "address family for nodename not supported" +error_code AGAIN, "temporary failure in name resolution" +error_code BADFLAGS, "invalid value for ai_flags" +error_code FAIL, "non-recoverable failure in name resolution" +error_code FAMILY, "ai_family not supported" +error_code MEMORY, "memory allocation failure" +error_code NODATA, "no address associated with nodename" +error_code NONAME, "nodename nor servname provided, or not known" +error_code SERVICE, "servname not supported for ai_socktype" +error_code SOCKTYPE, "ai_socktype not supported" +error_code SYSTEM, "system error returned in errno" end diff --git a/crypto/heimdal/lib/krb5/init_creds.c b/crypto/heimdal/lib/krb5/init_creds.c index 404fa5a..f6c571a 100644 --- a/crypto/heimdal/lib/krb5/init_creds.c +++ b/crypto/heimdal/lib/krb5/init_creds.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "krb5_locl.h" -RCSID("$Id: init_creds.c,v 1.2 1999/12/02 17:05:10 joda Exp $"); +RCSID("$Id: init_creds.c,v 1.5 2001/01/05 16:27:39 joda Exp $"); void krb5_get_init_creds_opt_init(krb5_get_init_creds_opt *opt) @@ -43,6 +43,48 @@ krb5_get_init_creds_opt_init(krb5_get_init_creds_opt *opt) } void +krb5_get_init_creds_opt_set_default_flags(krb5_context context, + const char *appname, + krb5_realm realm, + krb5_get_init_creds_opt *opt) +{ + krb5_boolean b; + time_t t; + + krb5_appdefault_boolean(context, appname, realm, "forwardable", FALSE, &b); + krb5_get_init_creds_opt_set_forwardable(opt, b); + + krb5_appdefault_boolean(context, appname, realm, "proxiable", FALSE, &b); + krb5_get_init_creds_opt_set_proxiable (opt, b); + + krb5_appdefault_time(context, appname, realm, "ticket_life", 0, &t); + if(t != 0) + krb5_get_init_creds_opt_set_tkt_life(opt, t); + + krb5_appdefault_time(context, appname, realm, "renewable_life", 0, &t); + if(t != 0) + krb5_get_init_creds_opt_set_renew_life(opt, t); + +#if 0 + krb5_appdefault_boolean(context, appname, realm, "anonymous", FALSE, &b); + krb5_get_init_creds_opt_set_anonymous (opt, b); + + krb5_get_init_creds_opt_set_etype_list(opt, enctype, + etype_str.num_strings); + + krb5_get_init_creds_opt_set_salt(krb5_get_init_creds_opt *opt, + krb5_data *salt); + + krb5_get_init_creds_opt_set_preauth_list(krb5_get_init_creds_opt *opt, + krb5_preauthtype *preauth_list, + int preauth_list_length); + krb5_get_init_creds_opt_set_address_list(krb5_get_init_creds_opt *opt, + krb5_addresses *addresses); +#endif +} + + +void krb5_get_init_creds_opt_set_tkt_life(krb5_get_init_creds_opt *opt, krb5_deltat tkt_life) { @@ -109,3 +151,11 @@ krb5_get_init_creds_opt_set_salt(krb5_get_init_creds_opt *opt, opt->flags |= KRB5_GET_INIT_CREDS_OPT_SALT; opt->salt = salt; } + +void +krb5_get_init_creds_opt_set_anonymous(krb5_get_init_creds_opt *opt, + int anonymous) +{ + opt->flags |= KRB5_GET_INIT_CREDS_OPT_ANONYMOUS; + opt->anonymous = anonymous; +} diff --git a/crypto/heimdal/lib/krb5/init_creds_pw.c b/crypto/heimdal/lib/krb5/init_creds_pw.c index 3caf939..8881d13 100644 --- a/crypto/heimdal/lib/krb5/init_creds_pw.c +++ b/crypto/heimdal/lib/krb5/init_creds_pw.c @@ -33,7 +33,7 @@ #include "krb5_locl.h" -RCSID("$Id: init_creds_pw.c,v 1.38 2000/02/07 03:17:20 assar Exp $"); +RCSID("$Id: init_creds_pw.c,v 1.44 2000/07/24 03:46:40 assar Exp $"); static int get_config_time (krb5_context context, @@ -178,9 +178,9 @@ print_expire (krb5_context context, if (lr->val[i].lr_type == 6 && lr->val[i].lr_value <= t) { char *p; + time_t tmp = lr->val[i].lr_value; - asprintf (&p, "Your password will expire at %s", - ctime(&lr->val[i].lr_value)); + asprintf (&p, "Your password will expire at %s", ctime(&tmp)); (*prompter) (context, data, p, 0, NULL); free (p); return; @@ -190,9 +190,9 @@ print_expire (krb5_context context, if (rep->enc_part.key_expiration && *rep->enc_part.key_expiration <= t) { char *p; + time_t t = *rep->enc_part.key_expiration; - asprintf (&p, "Your password/account will expire at %s", - ctime(rep->enc_part.key_expiration)); + asprintf (&p, "Your password/account will expire at %s", ctime(&t)); (*prompter) (context, data, p, 0, NULL); free (p); } @@ -263,6 +263,8 @@ get_init_creds_common(krb5_context context, } if (options->flags & KRB5_GET_INIT_CREDS_OPT_SALT) ; /* XXX */ + if (options->flags & KRB5_GET_INIT_CREDS_OPT_ANONYMOUS) + flags->b.request_anonymous = options->anonymous; return 0; } @@ -291,9 +293,12 @@ change_password (krb5_context context, krb5_get_init_creds_opt_init (&options); krb5_get_init_creds_opt_set_tkt_life (&options, 60); - krb5_get_init_creds_opt_set_preauth_list (&options, - old_options->preauth_list, - old_options->preauth_list_length); + krb5_get_init_creds_opt_set_forwardable (&options, FALSE); + krb5_get_init_creds_opt_set_proxiable (&options, FALSE); + if (old_options->flags & KRB5_GET_INIT_CREDS_OPT_PREAUTH_LIST) + krb5_get_init_creds_opt_set_preauth_list (&options, + old_options->preauth_list, + old_options->preauth_list_length); krb5_data_zero (&result_code_string); krb5_data_zero (&result_string); @@ -438,6 +443,12 @@ krb5_get_init_creds_password(krb5_context context, done = 1; break; case KRB5KDC_ERR_KEY_EXPIRED : + /* try to avoid recursion */ + + if (in_tkt_service != NULL + && strcmp (in_tkt_service, "kadmin/changepw") == 0) + goto out; + ret = change_password (context, client, password, diff --git a/crypto/heimdal/lib/krb5/kerberos.8 b/crypto/heimdal/lib/krb5/kerberos.8 new file mode 100644 index 0000000..1b2ec91 --- /dev/null +++ b/crypto/heimdal/lib/krb5/kerberos.8 @@ -0,0 +1,73 @@ +.\" $Id: kerberos.8,v 1.1 2000/09/01 15:52:24 joda Exp $ +.\" +.Dd September 1, 2000 +.Dt KERBEROS 8 +.Os HEIMDAL +.Sh NAME +.Nm kerberos +.Nd introduction to the Kerberos system +.Sh DESCRIPTION +Kerberos is a network authentication system. It's purpose is to +securely authenticate users and services in an insecure network +environment. +.Pp +This is done with a Kerberos server acting as a trusted third party, +keeping a database with secret keys for all users and services +(collectively called +.Em principals ) . +.Pp +Each principal belongs to exactly one +.Em realm , +which is the administrative domain in Kerberos. A realm usually +corresponds to an organisation, and the realm should normally be +derived from that organisation's domain name. A realm is served by one +or more Kerberos servers. +.Pp +The authentication process involves exchange of +.Sq tickets +and +.Sq authenticators +which together prove the principal's identity. +.Pp +When you login to the Kerberos system, either through the normal +system login or with the +.Xr kinit 1 +program, you acquire a +.Em ticket granting ticket +which allows you to get new tickets for other services, such as +.Ic telnet +or +.Ic ftp , +without giving your password. +.Pp +For more information on how Kerberos works, and other general Kerberos +questions see the Kerberos FAQ at +.Ad http://www.nrl.navy.mil/CCS/people/kenh/kerberos-faq.html . + +For setup instructions see the Heimdal Texinfo manual. +.Sh SEE ALSO +.Xr ftp 1 +.Xr kdestroy 1 , +.Xr kinit 1 , +.Xr klist 1 , +.Xr kpasswd 1 , +.Xr telnet 1 +.Sh HISTORY +The Kerberos authentication system was developed in the late 1980's as +part of the Athena Project at the Massachusetts Institute of +Technology. Versions one through three never reached outside MIT, but +version 4 was (and still is) quite popular, especially in the academic +community, but is also used in commercial products like the AFS +filesystem. +.Pp +The problems with version 4 are that it has many limitations, the code +was not too well written (since it had been developed over a long +time), and it has a number of known security problems. To resolve many +of these issues work on version five started, and resulted in IETF +RFC1510 in 1993. Since then much work has been put into the further +development, and a new RFC will hopefully appear soon. +.Pp +This manual manual page is part of the +.Nm Heimdal +Kerberos 5 distribution, which has been in development at the Royal +Institute of Technology in Stockholm, Sweden, since about 1997. diff --git a/crypto/heimdal/lib/krb5/keyblock.c b/crypto/heimdal/lib/krb5/keyblock.c index 89732a0..124d9bc 100644 --- a/crypto/heimdal/lib/krb5/keyblock.c +++ b/crypto/heimdal/lib/krb5/keyblock.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,6 +33,8 @@ #include "krb5_locl.h" +RCSID("$Id: keyblock.c,v 1.11 2000/03/23 03:38:25 assar Exp $"); + void krb5_free_keyblock_contents(krb5_context context, krb5_keyblock *keyblock) diff --git a/crypto/heimdal/lib/krb5/keytab_keyfile.c b/crypto/heimdal/lib/krb5/keytab_keyfile.c index fa14e62..ffdf35c 100644 --- a/crypto/heimdal/lib/krb5/keytab_keyfile.c +++ b/crypto/heimdal/lib/krb5/keytab_keyfile.c @@ -33,7 +33,7 @@ #include "krb5_locl.h" -RCSID("$Id: keytab_keyfile.c,v 1.7 2000/01/02 04:00:22 assar Exp $"); +RCSID("$Id: keytab_keyfile.c,v 1.9 2000/07/02 16:14:16 assar Exp $"); /* afs keyfile operations --------------------------------------- */ @@ -221,7 +221,7 @@ akf_next_entry(krb5_context context, goto out; } - entry->vno = (int8_t) kvno; + entry->vno = kvno; entry->keyblock.keytype = ETYPE_DES_CBC_MD5; entry->keyblock.keyvalue.length = 8; @@ -235,6 +235,8 @@ akf_next_entry(krb5_context context, ret = cursor->sp->fetch(cursor->sp, entry->keyblock.keyvalue.data, 8); if(ret != 8) ret = (ret < 0) ? errno : KRB5_KT_END; + else + ret = 0; entry->timestamp = time(NULL); @@ -260,7 +262,7 @@ akf_add_entry(krb5_context context, { struct akf_data *d = id->data; int fd, created = 0; - int32_t kvno; + krb5_error_code ret; fd = open (d->filename, O_RDWR | O_BINARY); if (fd < 0) { @@ -274,29 +276,68 @@ akf_add_entry(krb5_context context, if (entry->keyblock.keyvalue.length == 8 && entry->keyblock.keytype == ETYPE_DES_CBC_MD5) { - int32_t len = 0; + int32_t len; + krb5_storage *sp; - if (!created) { - if (lseek (fd, 0, SEEK_SET)) + sp = krb5_storage_from_fd(fd); + if(sp == NULL) { + close(fd); + return ENOMEM; + } + if (created) + len = 0; + else { + if((*sp->seek)(sp, 0, SEEK_SET) < 0) { + krb5_storage_free(sp); + close(fd); return errno; + } - if (read (fd, &len, sizeof(len)) != sizeof(len)) - return errno; + ret = krb5_ret_int32(sp, &len); + if(ret) { + krb5_storage_free(sp); + close(fd); + return ret; + } } - len += 1; - - if (lseek (fd, 0, SEEK_SET)) - return errno; - - if (write (fd, &len, sizeof(len)) != sizeof(len)) + len++; + + if((*sp->seek)(sp, 0, SEEK_SET) < 0) { + krb5_storage_free(sp); + close(fd); return errno; + } + + ret = krb5_store_int32(sp, len); + if(ret) { + krb5_storage_free(sp); + close(fd); + return ret; + } + - if (lseek (fd, 4 + (len-1) * (8+4), SEEK_SET)) + if((*sp->seek)(sp, (len - 1) * (8 + 4), SEEK_CUR) < 0) { + krb5_storage_free(sp); + close(fd); return errno; - - kvno = entry->vno; - write(fd, &kvno, sizeof(kvno)); - write(fd, entry->keyblock.keyvalue.data, 8); + } + + ret = krb5_store_int32(sp, entry->vno); + if(ret) { + krb5_storage_free(sp); + close(fd); + return ret; + } + ret = sp->store(sp, entry->keyblock.keyvalue.data, + entry->keyblock.keyvalue.length); + if(ret != entry->keyblock.keyvalue.length) { + krb5_storage_free(sp); + close(fd); + if(ret < 0) + return errno; + return ENOTTY; + } + krb5_storage_free(sp); } close (fd); return 0; diff --git a/crypto/heimdal/lib/krb5/keytab_krb4.c b/crypto/heimdal/lib/krb5/keytab_krb4.c index b1f425c..e41f849 100644 --- a/crypto/heimdal/lib/krb5/keytab_krb4.c +++ b/crypto/heimdal/lib/krb5/keytab_krb4.c @@ -32,9 +32,8 @@ */ #include "krb5_locl.h" -#include -RCSID("$Id: keytab_krb4.c,v 1.5 2000/01/06 08:04:58 assar Exp $"); +RCSID("$Id: keytab_krb4.c,v 1.6 2000/12/15 17:10:40 joda Exp $"); struct krb4_kt_data { char *filename; @@ -227,6 +226,9 @@ krb4_kt_add_entry (krb5_context context, struct krb4_kt_data *d = id->data; krb5_error_code ret; int fd; +#define ANAME_SZ 40 +#define INST_SZ 40 +#define REALM_SZ 40 char service[ANAME_SZ]; char instance[INST_SZ]; char realm[REALM_SZ]; @@ -258,7 +260,7 @@ krb4_kt_add_entry (krb5_context context, return 0; } -krb5_kt_ops krb4_fkt_ops = { +const krb5_kt_ops krb4_fkt_ops = { "krb4", krb4_kt_resolve, krb4_kt_get_name, diff --git a/crypto/heimdal/lib/krb5/krb5-private.h b/crypto/heimdal/lib/krb5/krb5-private.h index b24328a..c653695 100644 --- a/crypto/heimdal/lib/krb5/krb5-private.h +++ b/crypto/heimdal/lib/krb5/krb5-private.h @@ -18,7 +18,7 @@ _krb5_crc_init_table __P((void)); u_int32_t _krb5_crc_update __P(( - char *p, + const char *p, size_t len, u_int32_t res)); @@ -33,6 +33,7 @@ _krb5_extract_ticket __P(( krb5_addresses *addrs, unsigned nonce, krb5_boolean allow_server_mismatch, + krb5_boolean ignore_cname, krb5_decrypt_proc decrypt_proc, krb5_const_pointer decryptarg)); diff --git a/crypto/heimdal/lib/krb5/krb5-protos.h b/crypto/heimdal/lib/krb5/krb5-protos.h index 59402a7..628f560 100644 --- a/crypto/heimdal/lib/krb5/krb5-protos.h +++ b/crypto/heimdal/lib/krb5/krb5-protos.h @@ -66,6 +66,20 @@ krb5_abortx __P(( __attribute__ ((noreturn, format (printf, 2, 3))); krb5_error_code +krb5_acl_match_file __P(( + krb5_context context, + const char *file, + const char *format, + ...)); + +krb5_error_code +krb5_acl_match_string __P(( + krb5_context context, + const char *acl_string, + const char *format, + ...)); + +krb5_error_code krb5_add_et_list __P(( krb5_context context, void (*func)(struct et_list **))); @@ -130,6 +144,33 @@ krb5_anyaddr __P(( int *sa_size, int port)); +void +krb5_appdefault_boolean __P(( + krb5_context context, + const char *appname, + krb5_realm realm, + const char *option, + krb5_boolean def_val, + krb5_boolean *ret_val)); + +void +krb5_appdefault_string __P(( + krb5_context context, + const char *appname, + krb5_realm realm, + const char *option, + const char *def_val, + char **ret_val)); + +void +krb5_appdefault_time __P(( + krb5_context context, + const char *appname, + krb5_realm realm, + const char *option, + time_t def_val, + time_t *ret_val)); + krb5_error_code krb5_append_addresses __P(( krb5_context context, @@ -142,6 +183,13 @@ krb5_auth_con_free __P(( krb5_auth_context auth_context)); krb5_error_code +krb5_auth_con_genaddrs __P(( + krb5_context context, + krb5_auth_context auth_context, + int fd, + int flags)); + +krb5_error_code krb5_auth_con_getaddrs __P(( krb5_context context, krb5_auth_context auth_context, @@ -167,6 +215,12 @@ krb5_auth_con_getlocalsubkey __P(( krb5_keyblock **keyblock)); krb5_error_code +krb5_auth_con_getrcache __P(( + krb5_context context, + krb5_auth_context auth_context, + krb5_rcache *rcache)); + +krb5_error_code krb5_auth_con_getremotesubkey __P(( krb5_context context, krb5_auth_context auth_context, @@ -209,6 +263,12 @@ krb5_auth_con_setlocalsubkey __P(( krb5_keyblock *keyblock)); krb5_error_code +krb5_auth_con_setrcache __P(( + krb5_context context, + krb5_auth_context auth_context, + krb5_rcache rcache)); + +krb5_error_code krb5_auth_con_setremotesubkey __P(( krb5_context context, krb5_auth_context auth_context, @@ -291,7 +351,8 @@ krb5_build_authenticator __P(( krb5_creds *cred, Checksum *cksum, Authenticator **auth_result, - krb5_data *result)); + krb5_data *result, + krb5_key_usage usage)); krb5_error_code krb5_build_principal __P(( @@ -545,6 +606,13 @@ krb5_config_get_string __P(( krb5_config_section *c, ...)); +const char * +krb5_config_get_string_default __P(( + krb5_context context, + krb5_config_section *c, + const char *def_value, + ...)); + char** krb5_config_get_strings __P(( krb5_context context, @@ -629,6 +697,13 @@ krb5_config_vget_string __P(( krb5_config_section *c, va_list args)); +const char * +krb5_config_vget_string_default __P(( + krb5_context context, + krb5_config_section *c, + const char *def_value, + va_list args)); + char ** krb5_config_vget_strings __P(( krb5_context context, @@ -827,10 +902,20 @@ krb5_decrypt_EncryptedData __P(( krb5_context context, krb5_crypto crypto, unsigned usage, - EncryptedData *e, + const EncryptedData *e, krb5_data *result)); krb5_error_code +krb5_decrypt_ivec __P(( + krb5_context context, + krb5_crypto crypto, + unsigned usage, + void *data, + size_t len, + krb5_data *result, + void *ivec)); + +krb5_error_code krb5_decrypt_ticket __P(( krb5_context context, Ticket *ticket, @@ -853,6 +938,9 @@ krb5_domain_x500_encode __P(( krb5_data *encoding)); krb5_error_code +krb5_eai_to_heim_errno __P((int eai_errno)); + +krb5_error_code krb5_encode_Authenticator __P(( krb5_context context, void *data, @@ -928,6 +1016,16 @@ krb5_encrypt_EncryptedData __P(( EncryptedData *result)); krb5_error_code +krb5_encrypt_ivec __P(( + krb5_context context, + krb5_crypto crypto, + unsigned usage, + void *data, + size_t len, + krb5_data *result, + void *ivec)); + +krb5_error_code krb5_enctype_to_keytype __P(( krb5_context context, krb5_enctype etype, @@ -988,6 +1086,14 @@ krb5_find_padata __P(( int *index)); krb5_error_code +krb5_format_time __P(( + krb5_context context, + time_t t, + char *s, + size_t len, + krb5_boolean include_time)); + +krb5_error_code krb5_free_address __P(( krb5_context context, krb5_address *address)); @@ -1106,7 +1212,7 @@ krb5_error_code krb5_generate_seq_number __P(( krb5_context context, const krb5_keyblock *key, - int32_t *seqno)); + u_int32_t *seqno)); krb5_error_code krb5_generate_subkey __P(( @@ -1291,6 +1397,18 @@ krb5_get_init_creds_opt_set_address_list __P(( krb5_addresses *addresses)); void +krb5_get_init_creds_opt_set_anonymous __P(( + krb5_get_init_creds_opt *opt, + int anonymous)); + +void +krb5_get_init_creds_opt_set_default_flags __P(( + krb5_context context, + const char *appname, + krb5_realm realm, + krb5_get_init_creds_opt *opt)); + +void krb5_get_init_creds_opt_set_etype_list __P(( krb5_get_init_creds_opt *opt, krb5_enctype *etype_list, @@ -1373,6 +1491,12 @@ krb5_get_pw_salt __P(( krb5_const_principal principal, krb5_salt *salt)); +krb5_error_code +krb5_get_server_rcache __P(( + krb5_context context, + const krb5_data *piece, + krb5_rcache *id)); + krb5_boolean krb5_get_use_admin_kdc __P((krb5_context context)); @@ -1623,7 +1747,7 @@ krb5_mk_priv __P(( krb5_error_code krb5_mk_rep __P(( krb5_context context, - krb5_auth_context *auth_context, + krb5_auth_context auth_context, krb5_data *outbuf)); krb5_error_code @@ -1638,6 +1762,16 @@ krb5_mk_req __P(( krb5_data *outbuf)); krb5_error_code +krb5_mk_req_exact __P(( + krb5_context context, + krb5_auth_context *auth_context, + const krb5_flags ap_req_options, + const krb5_principal server, + krb5_data *in_data, + krb5_ccache ccache, + krb5_data *outbuf)); + +krb5_error_code krb5_mk_req_extended __P(( krb5_context context, krb5_auth_context *auth_context, @@ -1654,7 +1788,8 @@ krb5_mk_req_internal __P(( krb5_data *in_data, krb5_creds *in_creds, krb5_data *outbuf, - krb5_key_usage usage)); + krb5_key_usage checksum_usage, + krb5_key_usage encrypt_usage)); krb5_error_code krb5_mk_safe __P(( @@ -1732,6 +1867,12 @@ krb5_principal_compare_any_realm __P(( krb5_const_principal princ1, krb5_const_principal princ2)); +krb5_boolean +krb5_principal_match __P(( + krb5_context context, + krb5_const_principal princ, + krb5_const_principal pattern)); + krb5_error_code krb5_print_address __P(( const krb5_address *addr, @@ -1757,9 +1898,94 @@ krb5_prompter_posix __P(( krb5_prompt prompts[])); krb5_error_code +krb5_rc_close __P(( + krb5_context context, + krb5_rcache id)); + +krb5_error_code +krb5_rc_default __P(( + krb5_context context, + krb5_rcache *id)); + +const char * +krb5_rc_default_name __P((krb5_context context)); + +const char * +krb5_rc_default_type __P((krb5_context context)); + +krb5_error_code +krb5_rc_destroy __P(( + krb5_context context, + krb5_rcache id)); + +krb5_error_code +krb5_rc_expunge __P(( + krb5_context context, + krb5_rcache id)); + +krb5_error_code +krb5_rc_get_lifespan __P(( + krb5_context context, + krb5_rcache id, + krb5_deltat *auth_lifespan)); + +const char* +krb5_rc_get_name __P(( + krb5_context context, + krb5_rcache id)); + +const char* +krb5_rc_get_type __P(( + krb5_context context, + krb5_rcache id)); + +krb5_error_code +krb5_rc_initialize __P(( + krb5_context context, + krb5_rcache id, + krb5_deltat auth_lifespan)); + +krb5_error_code +krb5_rc_recover __P(( + krb5_context context, + krb5_rcache id)); + +krb5_error_code +krb5_rc_resolve __P(( + krb5_context context, + krb5_rcache id, + const char *name)); + +krb5_error_code +krb5_rc_resolve_full __P(( + krb5_context context, + krb5_rcache *id, + const char *string_name)); + +krb5_error_code +krb5_rc_resolve_type __P(( + krb5_context context, + krb5_rcache *id, + const char *type)); + +krb5_error_code +krb5_rc_store __P(( + krb5_context context, + krb5_rcache id, + krb5_donot_replay *rep)); + +krb5_error_code krb5_rd_cred __P(( krb5_context context, krb5_auth_context auth_context, + krb5_data *in_data, + krb5_creds ***ret_creds, + krb5_replay_data *out_data)); + +krb5_error_code +krb5_rd_cred2 __P(( + krb5_context context, + krb5_auth_context auth_context, krb5_ccache ccache, krb5_data *in_data)); @@ -1818,6 +2044,20 @@ krb5_read_message __P(( krb5_pointer p_fd, krb5_data *data)); +krb5_error_code +krb5_read_priv_message __P(( + krb5_context context, + krb5_auth_context ac, + krb5_pointer p_fd, + krb5_data *data)); + +krb5_error_code +krb5_read_safe_message __P(( + krb5_context context, + krb5_auth_context ac, + krb5_pointer p_fd, + krb5_data *data)); + krb5_boolean krb5_realm_compare __P(( krb5_context context, @@ -1936,6 +2176,14 @@ krb5_sendauth __P(( krb5_creds **out_creds)); krb5_error_code +krb5_sendto __P(( + krb5_context context, + const krb5_data *send, + char **hostlist, + int port, + krb5_data *receive)); + +krb5_error_code krb5_sendto_kdc __P(( krb5_context context, const krb5_data *send, @@ -1943,6 +2191,14 @@ krb5_sendto_kdc __P(( krb5_data *receive)); krb5_error_code +krb5_sendto_kdc2 __P(( + krb5_context context, + const krb5_data *send, + const krb5_realm *realm, + krb5_data *receive, + krb5_boolean master)); + +krb5_error_code krb5_set_default_in_tkt_etypes __P(( krb5_context context, const krb5_enctype *etypes)); @@ -2102,7 +2358,7 @@ krb5_store_string __P(( krb5_error_code krb5_store_stringz __P(( krb5_storage *sp, - char *s)); + const char *s)); krb5_error_code krb5_store_times __P(( @@ -2232,6 +2488,18 @@ krb5_verify_ap_req __P(( krb5_ticket **ticket)); krb5_error_code +krb5_verify_ap_req2 __P(( + krb5_context context, + krb5_auth_context *auth_context, + krb5_ap_req *ap_req, + krb5_const_principal server, + krb5_keyblock *keyblock, + krb5_flags flags, + krb5_flags *ap_req_options, + krb5_ticket **ticket, + krb5_key_usage usage)); + +krb5_error_code krb5_verify_authenticator_checksum __P(( krb5_context context, krb5_auth_context ac, @@ -2355,6 +2623,21 @@ krb5_write_message __P(( krb5_data *data)); krb5_error_code +krb5_write_priv_message __P(( + krb5_context context, + krb5_auth_context ac, + krb5_pointer p_fd, + krb5_data *data)); + +krb5_error_code +krb5_write_safe_message __P(( + krb5_context context, + krb5_auth_context ac, + krb5_boolean priv, + krb5_pointer p_fd, + krb5_data *data)); + +krb5_error_code krb5_xfree __P((void *ptr)); krb5_error_code diff --git a/crypto/heimdal/lib/krb5/krb5.conf.5 b/crypto/heimdal/lib/krb5/krb5.conf.5 index 2a0adb6..51f6cfb 100644 --- a/crypto/heimdal/lib/krb5/krb5.conf.5 +++ b/crypto/heimdal/lib/krb5/krb5.conf.5 @@ -1,4 +1,4 @@ -.\" $Id: krb5.conf.5,v 1.7 1999/11/04 01:57:28 assar Exp $ +.\" $Id: krb5.conf.5,v 1.12 2001/01/19 04:53:24 assar Exp $ .\" .Dd April 11, 1999 .Dt KRB5.CONF 5 @@ -46,7 +46,6 @@ name: .Li STRINGs consists of one or more non-white space characters. Currently recognised sections and bindings are: - .Bl -tag -width "xxx" -offset indent .It Li [libdefaults] .Bl -tag -width "xxx" -offset indent @@ -65,7 +64,24 @@ Maximum time to wait for a reply from the kdc, default is 3 seconds. These are decribed in the .Xr krb5_425_conv_principal 3 manual page. -.It Li capath = Va realm-routing-table +.It Li capath = { +.Bl -tag -width "xxx" -offset indent +.It Va destination-realm Li = Va next-hop-realm +.It ... +.El +Normally, all requests to realms different from the one of the current +client are sent to this KDC to get cross-realm tickets. +If this KDC does not have a cross-realm key with the desired realm and +the hierarchical path to that realm does not work, a path can be +configured using this directive. +The text shown above instructs the KDC to try to obtain a cross-realm +ticket to +.Va next-hop-realm +when the desired realm is +.Va destination-realm . +This configuration should preferably be done on the KDC where it will +help all its clients but can also be done on the client itself. +.It Li } .It Li default_etypes = Va etypes... A list of default etypes to use. .It Li default_etypes_des = Va etypes... @@ -113,10 +129,18 @@ perid. .It Va REALM Li = { .Bl -tag -width "xxx" -offset indent .It Li kdc = Va host[:port] -Specifies a kdc for this realm. If the optional port is absent, the +Specifies a list of kdcs for this realm. If the optional port is absent, the default value for the .Dq kerberos/udp service will be used. +The kdcs will be used in the order that they are specified. +.It Li admin_server = Va host[:port] +Specifies the admin server for this realm, where all the modifications +to the database are perfomed. +.It Li kpasswd_server = Va host[:port] +Points to the server where all the password changes are perfomed. +If there is no such entry, the kpasswd port on the admin_server host +will be tried. .It Li v4_instance_convert .It Li v4_name_convert .It Li default_domain @@ -136,7 +160,100 @@ for logging. See the .Xr krb5_openlog 3 manual page for a list of defined destinations. .El +.It Li [kdc] +.Bl -tag -width "xxx" -offset indent +.It database Li = { +.Bl -tag -width "xxx" -offset indent +.It dbname Li = Va DATABASENAME +use this database for this realm. +.It realm Li = Va REALM +specifies the realm that will be stored in this database. +.It mkey_file Li = Pa FILENAME +use this keytab file for the master key of this database. +If not specified +.Va DATABASENAME Ns .mkey +will be used. +.It acl_file Li = PA FILENAME +use this file for the ACL list of this database. +.It log_file Li = Pa FILENAME +use this file as the log of changes performed to the database. This +file is used by +.Nm ipropd-master +for propagating changes to slaves. +.El +.It Li } +.It max-request = Va SIZE +Maximum size of a kdc request. +.It require-preauth = Va BOOL +If set pre-authentication is required. Since krb4 requests are not +pre-authenticated they will be rejected. +.It ports = Va "list of ports" +list of ports the kdc should listen to. +.It addresses = Va "list of interfaces" +list of addresses the kdc should bind to. +.It enable-kerberos4 = Va BOOL +turn on kerberos4 support. +.It v4-realm = Va REALM +to what realm v4 requests should be mapped. +.It enable-524 = Va BOOL +should the Kerberos 524 converting facility be turned on. Default is same as +.Va enable-kerberos4 . +.It enable-http = Va BOOL +should the kdc answer kdc-requests over http. +.It enable-kaserver = Va BOOL +if this kdc should emulate the AFS kaserver. +.It check-ticket-addresses = Va BOOL +verify the addresses in the tickets used in tgs requests. +.\" XXX +.It allow-null-ticket-addresses = Va BOOL +allow addresses-less tickets. +.\" XXX +.It allow-anonymous = Va BOOL +if the kdc is allowed to hand out anonymous tickets. +.It encode_as_rep_as_tgs_rep = Va BOOL +encode as-rep as tgs-rep tobe compatible with mistakes older DCE secd did. +.\" XXX +.It kdc_warn_pwexpire = Va TIME +the time before expiration that the user should be warned that her +password is about to expire. +.It logging = Va Logging +What type of logging the kdc should use, see also [logging]/kdc. .El +.It Li [kadmin] +.Bl -tag -width "xxx" -offset indent +.It require-preauth = Va BOOL +If pre-authentication is required to talk to the kadmin server. +.It default_keys = Va keytypes... +for each entry in +.Va default_keys +try to parse it as a sequence of +.Va etype:salttype:salt +syntax of this if something like: +.Pp +[(des|des3|etype):](pw-salt|afs3-salt)[:string] +.Pp +if +.Ar etype +is omitted it means everything, and if string is omitted is means the default string (for that principal). Additional special values of keyttypes are: +.Bl -tag -width "xxx" -offset indent +.It v5 +The kerberos 5 salt +.Va pw-salt +.It v4 +The kerberos 4 type +.Va des:pw-salt: +.El +.It use_v4_salt = Va BOOL +When true, this is the same as +.Pp +.Va default_keys = Va des3:pw-salt Va v4 +.Pp +and is only left for backwards compatability. +.El +.El +.Sh ENVIRONMENT +.Ev KRB5_CONFIG +points to the configuration file to read. .Sh EXAMPLE .Bd -literal -offset indent [lib_defaults] @@ -160,7 +277,21 @@ manual page for a list of defined destinations. kdc = SYSLOG:INFO default = SYSLOG:INFO:USER .Ed +.Sh DIAGNOSTICS +Since +.Nm +is read and parsed by the krb5 library, there is not a lot of +opportunities for programs to report parsing errors in any useful +format. +To help overcome this problem, there is a program +.Nm verify_krb5_conf +that reads +.Nm +and tries to emit useful diagnostics from parsing errors. Note that +this program does not have any way of knowing what options are +actually used and thus cannot warn about unknown or misspelt ones. .Sh SEE ALSO +.Xr verify_krb5_conf 8 , .Xr krb5_openlog 3 , .Xr krb5_425_conv_principal 3 , .Xr strftime 3 , diff --git a/crypto/heimdal/lib/krb5/krb5.h b/crypto/heimdal/lib/krb5/krb5.h index 15837e0..65a8a16 100644 --- a/crypto/heimdal/lib/krb5/krb5.h +++ b/crypto/heimdal/lib/krb5/krb5.h @@ -31,7 +31,7 @@ * SUCH DAMAGE. */ -/* $Id: krb5.h,v 1.164 2000/02/06 07:40:57 assar Exp $ */ +/* $Id: krb5.h,v 1.179 2000/12/15 17:11:12 joda Exp $ */ #ifndef __KRB5_H__ #define __KRB5_H__ @@ -68,24 +68,7 @@ typedef octet_string krb5_data; struct krb5_crypto_data; typedef struct krb5_crypto_data *krb5_crypto; -typedef enum krb5_cksumtype { - CKSUMTYPE_NONE = 0, - CKSUMTYPE_CRC32 = 1, - CKSUMTYPE_RSA_MD4 = 2, - CKSUMTYPE_RSA_MD4_DES = 3, - CKSUMTYPE_DES_MAC = 4, - CKSUMTYPE_DES_MAC_K = 5, - CKSUMTYPE_RSA_MD4_DES_K = 6, - CKSUMTYPE_RSA_MD5 = 7, - CKSUMTYPE_RSA_MD5_DES = 8, - CKSUMTYPE_RSA_MD5_DES3 = 9, -/* CKSUMTYPE_SHA1 = 10,*/ - CKSUMTYPE_HMAC_SHA1_DES3 = 12, - CKSUMTYPE_SHA1 = 1000, /* correct value? */ - CKSUMTYPE_HMAC_MD5 = -138, /* unofficial microsoft number */ - CKSUMTYPE_HMAC_MD5_ENC = -1138 /* even more unofficial */ -} krb5_cksumtype; - +typedef CKSUMTYPE krb5_cksumtype; typedef enum krb5_enctype { ETYPE_NULL = 0, @@ -101,17 +84,14 @@ typedef enum krb5_enctype { ETYPE_ARCFOUR_HMAC_MD5 = 23, ETYPE_ARCFOUR_HMAC_MD5_56 = 24, ETYPE_ENCTYPE_PK_CROSS = 48, - ETYPE_DES_CBC_NONE = 0x1000, - ETYPE_DES3_CBC_NONE = 0x1001 + ETYPE_DES_CBC_NONE = -0x1000, + ETYPE_DES3_CBC_NONE = -0x1001, + ETYPE_DES_CFB64_NONE = -0x1002, + ETYPE_DES_PCBC_NONE = -0x1003, + ETYPE_DES3_CBC_NONE_IVEC = -0x1004 } krb5_enctype; -typedef enum krb5_preauthtype { - KRB5_PADATA_NONE = 0, - KRB5_PADATA_AP_REQ, - KRB5_PADATA_TGS_REQ = 1, - KRB5_PADATA_ENC_TIMESTAMP = 2, - KRB5_PADATA_ENC_SECURID -} krb5_preauthtype; +typedef PADATA_TYPE krb5_preauthtype; typedef enum krb5_key_usage { KRB5_KU_PA_ENC_TIMESTAMP = 1, @@ -165,14 +145,28 @@ typedef enum krb5_key_usage { KRB5_KU_OTHER_ENCRYPTED = 16, /* Data which is defined in some specification outside of Kerberos to be encrypted using an RFC1510 encryption type. */ - KRB5_KU_OTHER_CKSUM = 17 + KRB5_KU_OTHER_CKSUM = 17, /* Data which is defined in some specification outside of Kerberos to be checksummed using an RFC1510 checksum type. */ + KRB5_KU_KRB_ERROR = 18, + /* Krb-error checksum */ + KRB5_KU_AD_KDC_ISSUED = 19, + /* AD-KDCIssued checksum */ + KRB5_KU_MANDATORY_TICKET_EXTENSION = 20, + /* Checksum for Mandatory Ticket Extensions */ + KRB5_KU_AUTH_DATA_TICKET_EXTENSION = 21, + /* Checksum in Authorization Data in Ticket Extensions */ + KRB5_KU_USAGE_SEAL = 22, + /* seal in GSSAPI krb5 mechanism */ + KRB5_KU_USAGE_SIGN = 23, + /* sign in GSSAPI krb5 mechanism */ + KRB5_KU_USAGE_SEQ = 24 + /* SEQ in GSSAPI krb5 mechanism */ } krb5_key_usage; typedef enum krb5_salttype { - KRB5_PW_SALT = pa_pw_salt, - KRB5_AFS3_SALT = pa_afs3_salt + KRB5_PW_SALT = KRB5_PADATA_PW_SALT, + KRB5_AFS3_SALT = KRB5_PADATA_AFS3_SALT }krb5_salttype; typedef struct krb5_salt { @@ -221,7 +215,14 @@ typedef AP_REQ krb5_ap_req; struct krb5_cc_ops; -#define KRB5_DEFAULT_CCROOT "FILE:/tmp/krb5cc_" +#define KRB5_DEFAULT_CCFILE_ROOT "/tmp/krb5cc_" + +#define KRB5_DEFAULT_CCROOT "FILE:" KRB5_DEFAULT_CCFILE_ROOT + +#define KRB5_ACCEPT_NULL_ADDRESSES(C) \ + krb5_config_get_bool_default((C), NULL, TRUE, \ + "libdefaults", "accept_null_addresses", \ + NULL) typedef void *krb5_cc_cursor; @@ -373,18 +374,9 @@ typedef struct krb5_context_data { version */ int num_kt_types; /* # of registered keytab types */ struct krb5_keytab_data *kt_types; /* registered keytab types */ + const char *date_fmt; } krb5_context_data; -enum { - KRB5_NT_UNKNOWN = 0, - KRB5_NT_PRINCIPAL = 1, - KRB5_NT_SRV_INST = 2, - KRB5_NT_SRV_HST = 3, - KRB5_NT_SRV_XHST = 4, - KRB5_NT_UID = 5 -}; - - typedef struct krb5_ticket { EncTicketPart ticket; krb5_principal client; @@ -397,7 +389,7 @@ typedef krb5_authenticator_data *krb5_authenticator; struct krb5_rcache_data; typedef struct krb5_rcache_data *krb5_rcache; -typedef Authenticator krb5_donot_reply; +typedef Authenticator krb5_donot_replay; #define KRB5_STORAGE_HOST_BYTEORDER 0x01 #define KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS 0x02 @@ -407,7 +399,7 @@ typedef Authenticator krb5_donot_reply; typedef struct krb5_storage { void *data; ssize_t (*fetch)(struct krb5_storage*, void*, size_t); - ssize_t (*store)(struct krb5_storage*, void*, size_t); + ssize_t (*store)(struct krb5_storage*, const void*, size_t); off_t (*seek)(struct krb5_storage*, off_t, int); void (*free)(struct krb5_storage*); krb5_flags flags; @@ -456,11 +448,27 @@ struct krb5_keytab_key_proc_args { typedef struct krb5_keytab_key_proc_args krb5_keytab_key_proc_args; +typedef struct krb5_replay_data { + krb5_timestamp timestamp; + u_int32_t usec; + u_int32_t seq; +} krb5_replay_data; + +/* flags for krb5_auth_con_setflags */ enum { KRB5_AUTH_CONTEXT_DO_TIME = 1, KRB5_AUTH_CONTEXT_RET_TIME = 2, KRB5_AUTH_CONTEXT_DO_SEQUENCE = 4, - KRB5_AUTH_CONTEXT_RET_SEQUENCE = 8 + KRB5_AUTH_CONTEXT_RET_SEQUENCE = 8, + KRB5_AUTH_CONTEXT_PERMIT_ALL = 16 +}; + +/* flags for krb5_auth_con_genaddrs */ +enum { + KRB5_AUTH_CONTEXT_GENERATE_LOCAL_ADDR = 1, + KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR = 3, + KRB5_AUTH_CONTEXT_GENERATE_REMOTE_ADDR = 4, + KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR = 12 }; typedef struct krb5_auth_context_data { @@ -474,8 +482,8 @@ typedef struct krb5_auth_context_data { krb5_keyblock *local_subkey; krb5_keyblock *remote_subkey; - int32_t local_seqnumber; - int32_t remote_seqnumber; + u_int32_t local_seqnumber; + u_int32_t remote_seqnumber; krb5_authenticator authenticator; @@ -494,7 +502,7 @@ typedef struct { KRB_ERROR error; } krb5_kdc_rep; -extern char *heimdal_version, *heimdal_long_version; +extern const char *heimdal_version, *heimdal_long_version; typedef void (*krb5_log_log_func_t)(const char*, const char*, void*); typedef void (*krb5_log_close_func_t)(void*); @@ -549,6 +557,7 @@ typedef struct _krb5_get_init_creds_opt { krb5_deltat renew_life; int forwardable; int proxiable; + int anonymous; krb5_enctype *etype_list; int etype_list_length; krb5_addresses *address_list; @@ -570,6 +579,7 @@ typedef struct _krb5_get_init_creds_opt { #define KRB5_GET_INIT_CREDS_OPT_ADDRESS_LIST 0x0020 #define KRB5_GET_INIT_CREDS_OPT_PREAUTH_LIST 0x0040 #define KRB5_GET_INIT_CREDS_OPT_SALT 0x0080 +#define KRB5_GET_INIT_CREDS_OPT_ANONYMOUS 0x0100 typedef struct _krb5_verify_init_creds_opt { krb5_flags flags; @@ -584,6 +594,7 @@ extern const krb5_cc_ops krb5_mcc_ops; extern const krb5_kt_ops krb5_fkt_ops; extern const krb5_kt_ops krb5_mkt_ops; extern const krb5_kt_ops krb5_akf_ops; +extern const krb5_kt_ops krb4_fkt_ops; #define KRB5_KPASSWD_SUCCESS 0 #define KRB5_KPASSWD_MALFORMED 0 diff --git a/crypto/heimdal/lib/krb5/krb5_425_conv_principal.3 b/crypto/heimdal/lib/krb5/krb5_425_conv_principal.3 index 231c3ff..ff90c64 100644 --- a/crypto/heimdal/lib/krb5/krb5_425_conv_principal.3 +++ b/crypto/heimdal/lib/krb5/krb5_425_conv_principal.3 @@ -1,5 +1,5 @@ .\" Copyright (c) 1997 Kungliga Tekniska Högskolan -.\" $Id: krb5_425_conv_principal.3,v 1.3 1999/04/11 01:47:22 joda Exp $ +.\" $Id: krb5_425_conv_principal.3,v 1.4 2001/01/26 22:43:21 assar Exp $ .Dd April 11, 1999 .Dt KRB5_425_CONV_PRINCIPAL 3 .Os HEIMDAL @@ -8,21 +8,15 @@ .Nm krb5_425_conv_principal_ext , .Nm krb5_524_conv_principal .Nd Converts to and from version 4 principals - .Sh SYNOPSIS .Fd #include - .Ft krb5_error_code .Fn krb5_425_conv_principal "krb5_context context" "const char *name" "const char *instance" "const char *realm" "krb5_principal *principal" - .Ft krb5_error_code .Fn krb5_425_conv_principal_ext "krb5_context context" "const char *name" "const char *instance" "const char *realm" "krb5_boolean (*func)(krb5_context, krb5_principal)" "krb5_boolean resolve" "krb5_principal *principal" - .Ft krb5_error_code .Fn krb5_524_conv_principal "krb5_context context" "const krb5_principal principal" "char *name" "char *instance" "char *realm" - .Sh DESCRIPTION - Converting between version 4 and version 5 principals can at best be described as a mess. .Pp @@ -124,9 +118,7 @@ instances found to belong to a host principal. The and .Fa realm should be at least 40 characters long. - .Sh EXAMPLES - Since this is confusing an example is in place. .Pp Assume that we have the @@ -188,7 +180,6 @@ the second example will result in .Dq ftp/b-host.foo.com (because of the default domain). And all of this is of course only valid if you have working name resolving. - .Sh SEE ALSO .Xr krb5_build_principal 3 , .Xr krb5_free_principal 3 , diff --git a/crypto/heimdal/lib/krb5/krb5_appdefault.3 b/crypto/heimdal/lib/krb5/krb5_appdefault.3 new file mode 100644 index 0000000..3ce6fc9 --- /dev/null +++ b/crypto/heimdal/lib/krb5/krb5_appdefault.3 @@ -0,0 +1,57 @@ +.\" Copyright (c) 2000 Kungliga Tekniska Högskolan +.\" $Id: krb5_appdefault.3,v 1.3 2001/01/05 16:29:42 joda Exp $ +.Dd July 25, 2000 +.Dt KRB5_APPDEFAULT 3 +.Os HEIMDAL +.Sh NAME +.Nm krb5_appdefault_boolean , +.Nm krb5_appdefault_string , +.Nm krb5_appdefault_time +.Nd Get application configuration value + +.Sh SYNOPSIS +.Fd #include + +.Ft void +.Fn krb5_appdefault_boolean "krb5_context context" "const char *appname" "krb5_realm realm" "const char *option" "krb5_boolean def_val" "krb5_boolean *ret_val" +.Ft void +.Fn krb5_appdefault_string "krb5_context context" "const char *appname" "krb5_realm realm" "const char *option" "const char *def_val" "char **ret_val" +.Ft void +.Fn krb5_appdefault_time "krb5_context context" "const char *appname" "krb5_realm realm" "const char *option" "time_t def_val" "time_t *ret_val" + +.Sh DESCRIPTION + +These functions get application application defaults from the +.Dv appdefaults +section of the +.Xr krb5.conf 5 +configuration file. These defaults can be specified per application, +and/or per realm. + +These values will be looked for in +.Xr krb5.conf 5 , +in order of descending importance. +.Bd -literal -offset indent +[appdefaults] + appname = { + realm = { + option = value + } + } + appname = { + option = value + } + realm = { + option = value + } + option = value +.Ed + +If the realm is omitted it will not be used for resolving values. If +no value can be found, +.Fa def_val +is returned instead. + +.Sh SEE ALSO +.Xr krb5_config 3 , +.Xr krb5.conf 5 diff --git a/crypto/heimdal/lib/krb5/krb5_auth_context.3 b/crypto/heimdal/lib/krb5/krb5_auth_context.3 new file mode 100644 index 0000000..42a96ec --- /dev/null +++ b/crypto/heimdal/lib/krb5/krb5_auth_context.3 @@ -0,0 +1,284 @@ +.\" Copyright (c) 2001 Kungliga Tekniska Högskolan +.\" $Id: krb5_auth_context.3,v 1.1 2001/01/28 19:47:33 assar Exp $ +.Dd Jan 21, 2001 +.Dt KRB5_AUTH_CONTEXT 3 +.Os HEIMDAL +.Sh NAME +.Nm krb5_auth_context , +.Nm krb5_auth_con_init , +.Nm krb5_auth_con_free , +.Nm krb5_auth_con_setflags , +.Nm krb5_auth_con_getflags , +.Nm krb5_auth_con_setaddrs , +.Nm krb5_auth_con_setaddrs_from_fd , +.Nm krb5_auth_con_getaddrs , +.Nm krb5_auth_con_genaddrs , +.Nm krb5_auth_con_getkey , +.Nm krb5_auth_con_setkey , +.Nm krb5_auth_con_getuserkey , +.Nm krb5_auth_con_setuserkey , +.Nm krb5_auth_con_getlocalsubkey , +.Nm krb5_auth_con_setlocalsubkey , +.Nm krb5_auth_con_getremotesubkey , +.Nm krb5_auth_con_setremotesubkey , +.Nm krb5_auth_setcksumtype , +.Nm krb5_auth_getcksumtype , +.Nm krb5_auth_setkeytype , +.Nm krb5_auth_getkeytype , +.Nm krb5_auth_getlocalseqnumber , +.Nm krb5_auth_setlocalseqnumber , +.Nm krb5_auth_getremoteseqnumber , +.Nm krb5_auth_setremoteseqnumber , +.Nm krb5_auth_getauthenticator , +.Nm krb5_auth_con_getrcache , +.Nm krb5_auth_con_setrcache , +.Nm krb5_auth_con_initivector , +.Nm krb5_auth_con_setivector +.Nd manage authetication on connection level. +.Sh SYNOPSIS +.Fd #include +.Ft krb5_error_code +.Fo krb5_auth_con_init +.Fa "krb5_context context" +.Fa "krb5_auth_context *auth_context" +.Fc +.Ft void +.Fo krb5_auth_con_free +.Fa "krb5_context context" +.Fa "krb5_auth_context auth_context" +.Fc +.Ft krb5_error_code +.Fo krb5_auth_con_setflags +.Fa "krb5_context context" +.Fa "krb5_auth_context auth_context" +.Fa "int32_t flags" +.Fc +.Ft krb5_error_code +.Fo krb5_auth_con_getflags +.Fa "krb5_context context" +.Fa "krb5_auth_context auth_context" +.Fa "int32_t *flags" +.Fc +.Ft krb5_error_code +.Fo krb5_auth_con_setaddrs +.Fa "krb5_context context" +.Fa "krb5_auth_context auth_context" +.Fa "krb5_address *local_addr" +.Fa "krb5_address *remote_addr" +.Fc +.Ft krb5_error_code +.Fo krb5_auth_con_getaddrs +.Fa "krb5_context context" +.Fa "krb5_auth_context auth_context" +.Fa "krb5_address **local_addr" +.Fa "krb5_address **remote_addr" +.Fc +.Ft krb5_error_code +.Fo krb5_auth_con_genaddrs +.Fa "krb5_context context" +.Fa "krb5_auth_context auth_context" +.Fa "int fd" +.Fa "int flags" +.Fc +.Ft krb5_error_code +.Fo krb5_auth_con_setaddrs_from_fd +.Fa "krb5_context context" +.Fa "krb5_auth_context auth_context" +.Fa "void *p_fd" +.Fc +.Ft krb5_error_code +.Fo krb5_auth_con_getkey +.Fa "krb5_context context" +.Fa "krb5_auth_context auth_context" +.Fa "krb5_keyblock **keyblock" +.Fc +.Ft krb5_error_code +.Fo krb5_auth_con_getlocalsubkey +.Fa "krb5_context context" +.Fa "krb5_auth_context auth_context" +.Fa "krb5_keyblock **keyblock" +.Fc +.Ft krb5_error_code +.Fo krb5_auth_con_getremotesubkey +.Fa "krb5_context context" +.Fa "krb5_auth_context auth_context" +.Fa "krb5_keyblock **keyblock" +.Fc +.Ft krb5_error_code +.Fo krb5_auth_con_initivector +.Fa "krb5_context context" +.Fa "krb5_auth_context auth_context" +.Fc +.Ft krb5_error_code +.Fo krb5_auth_con_setivector +.Fa "krb5_context context" +.Fa "krb5_auth_context *auth_context" +.Fa "krb5_pointer ivector" +.Fc +.Sh DESCRIPTION +The +.Nm krb5_auth_context +structure holds all context related to an authenticated connection, in +a similar way to +.Nm krb5_context +that holds the context for the thread or process. +.Nm krb5_auth_context +is used by various functions that are directly related to +authentication between the server/client. Example of data that this +structure contains are varius flags, addresses of client and server, +port numbers, keyblocks (and subkeys), sequence numbers, replay cache, +and checksum-type. +.Pp +.Fn krb5_auth_con_init +allocates and initilizes the +.Nm krb5_auth_context +structure. Default values can be changed with +.Fn krb5_auth_con_setcksumtype +and +.Fn krb5_auth_con_setflags . +The +.Nm auth_context +structure must be freed by +.Fn krb5_auth_con_free . +.Pp +.Fn krb5_auth_con_getflags +and +.Fn krb5_auth_con_setflags +gets and modifies the flags for a +.Nm krb5_auth_context +structure. Possible flags to set are: +.Bl -tag -width Ds +.It Dv KRB5_AUTH_CONTEXT_DO_TIME +check timestamp on incoming packets. +.\".It Dv KRB5_AUTH_CONTEXT_RET_TIME +.It Dv KRB5_AUTH_CONTEXT_DO_SEQUENCE +Generate and check sequence-number on each packet. +.\".It Dv KRB5_AUTH_CONTEXT_RET_SEQUENCE +.\".It Dv KRB5_AUTH_CONTEXT_PERMIT_ALL +.El +.Pp +.Fn krb5_auth_con_setaddrs , +.Fn krb5_auth_con_setaddrs_from_fd +and +.Fn krb5_auth_con_getaddrs +gets and sets the addresses that are checked when a packet is received. +It is mandatory to set an address for the remote +host. If the local address is not set, it iss deduced from the underlaying +operating system. +.Fn krb5_auth_con_getaddrs +will call +.Fn krb5_free_address +on any address that is passed in +.Fa local_addr +or +.Fa remote_addr . +.Fn krb5_auth_con_setaddr +allows passing in a +.Dv NULL +pointer as +.Fa local_addr +and +.Fa remote_addr , +in that case it will just not set that address. +.Pp +.Fn krb5_auth_con_setaddrs_from_fd +fetches the addresses from a file descriptor. +.Pp +.Fn krb5_auth_con_genaddrs +fetches the address information from the given file descriptor +.Fa fd +depending on the bitmap argument +.Fa flags . +.Pp +Possible values on +.Fa flags +are: +.Bl -tag -width Ds +.It Va KRB5_AUTH_CONTEXT_GENERATE_LOCAL_ADDR +fetches the local address from +.Fa fd . +.It Va KRB5_AUTH_CONTEXT_GENERATE_REMOTE_ADDR +fetches the remote address from +.Fa fd . +.El +.Pp +.Fn krb5_auth_con_setkey , +.Fn krb5_auth_con_setuserkey +and +.Fn krb5_auth_con_getkey +gets and sets the key used for this auth context. The keyblock returned by +.Fn krb5_auth_con_getkey +should be freed with +.Fn krb5_free_keyblock . +The keyblock send into +.Fn krb5_auth_con_setkey +is copied into the +.Nm krb5_auth_context , +and thus no special handling is needed. +.Dv NULL +is not a valid keyblock to +.Fn krb5_auth_con_setkey . +.Pp +.Fn krb5_auth_con_setuserkey +is only useful when doing user to user authentication. +.Fn krb5_auth_con_setkey +is equivalent to +.Fn krb5_auth_con_setuserkey . +.Pp +.Fn krb5_auth_con_getlocalsubkey , +.Fn krb5_auth_con_setlocalsubkey , +.Fn krb5_auth_con_getremotesubkey +and +.Fn krb5_auth_con_setremotesubkey +gets and sets the keyblock for the local and remote subkey. The keyblock returned by +.Fn krb5_auth_con_getlocalsubkey +and +.Fn krb5_auth_con_getremotesubkey +must be freed with +.Fn krb5_free_keyblock . +.Pp +.Fn krb5_auth_setcksumtype +and +.Fn krb5_auth_getcksumtype +sets and gets the checksum type that should be used for this +connection. +.Pp +.Fn krb5_auth_getremoteseqnumber +.Fn krb5_auth_setremoteseqnumber , +.Fn krb5_auth_getlocalseqnumber +and +.Fn krb5_auth_setlocalseqnumber +gets and sets the sequence-number for the local and remote +sequence-number counter. +.Pp +.Fn krb5_auth_setkeytype +and +.Fn krb5_auth_getkeytype +gets and gets the keytype of the keyblock in +.Nm krb5_auth_context . +.Pp +.Fn krb5_auth_getauthenticator +Retrieves the authenticator that was used during mutual +authentication. The +.Dv authenticator +returned should be freed by calling +.Fn krb5_free_authenticator . +.Pp +.Fn krb5_auth_con_getrcache +and +.Fn krb5_auth_con_setrcache +gets and sets the replay-cache. +.Pp +.Fn krb5_auth_con_initivector +allocates memory for and zeros the initial vector in the +.Fa auth_context +keyblock. +.Pp +.Fn krb5_auth_con_setivector +sets the i_vector portion of +.Fa auth_context +to +.Fa ivector . +.Sh SEE ALSO +.Xr krb5_context 3 , +.Xr kerberos 8 diff --git a/crypto/heimdal/lib/krb5/krb5_build_principal.3 b/crypto/heimdal/lib/krb5/krb5_build_principal.3 index 16ccf72..db703a4 100644 --- a/crypto/heimdal/lib/krb5/krb5_build_principal.3 +++ b/crypto/heimdal/lib/krb5/krb5_build_principal.3 @@ -1,5 +1,5 @@ .\" Copyright (c) 1997 Kungliga Tekniska Högskolan -.\" $Id: krb5_build_principal.3,v 1.1 1997/08/14 00:03:16 joda Exp $ +.\" $Id: krb5_build_principal.3,v 1.2 2001/01/26 22:43:21 assar Exp $ .Dd August 8, 1997 .Dt KRB5_BUILD_PRINCIPAL 3 .Os HEIMDAL @@ -10,28 +10,19 @@ .Nm krb5_build_principal_va_ext , .Nm krb5_make_principal .Nd Principal creation functions - .Sh SYNOPSIS .Fd #include - .Ft krb5_error_code .Fn krb5_build_principal "krb5_context context" "krb5_principal *principal" "int realm_len" "krb5_const_realm realm" "..." - .Ft krb5_error_code .Fn krb5_build_principal_ext "krb5_context context" "krb5_principal *principal" "int realm_len" "krb5_const_realm realm" "..." - .Ft krb5_error_code .Fn krb5_build_principal_va "krb5_context context" "krb5_principal *principal" "int realm_len" "krb5_const_realm realm" "va_list ap" - .Ft krb5_error_code .Fn krb5_build_principal_va_ext "krb5_context context" "krb5_principal *principal" "int realm_len" "krb5_const_realm realm" "va_list ap" - .Ft krb5_error_code .Fn krb5_make_principal "krb5_context context" "krb5_principal *principal" "krb5_const_realm realm" "..." - - .Sh DESCRIPTION - These functions create a Kerberos 5 principal from a realm and a list of components. All of these functions return an allocated principal in the @@ -65,7 +56,6 @@ is a wrapper around If the realm is .Dv NULL , the default realm will be used. - .Sh BUGS You can not have a NUL in a component. Until someone can give a good example of where it would be a good idea to have NUL's in a component, diff --git a/crypto/heimdal/lib/krb5/krb5_config.3 b/crypto/heimdal/lib/krb5/krb5_config.3 new file mode 100644 index 0000000..b5a74db --- /dev/null +++ b/crypto/heimdal/lib/krb5/krb5_config.3 @@ -0,0 +1,71 @@ +.\" Copyright (c) 2000 Kungliga Tekniska Högskolan +.\" $Id: krb5_config.3,v 1.1 2000/07/25 10:22:46 joda Exp $ +.Dd July 25, 2000 +.Dt KRB5_CONFIG 3 +.Os HEIMDAL +.Sh NAME +.Nm krb5_config_get_bool_default , +.Nm krb5_config_get_int_default , +.Nm krb5_config_get_string_default , +.Nm krb5_config_get_time_default +.Nd Get configuration value + +.Sh SYNOPSIS +.Fd #include + +.Ft krb5_boolean +.Fn krb5_config_get_bool_default "krb5_context context" "krb5_config_section *c" "krb5_boolean def_value" "..." +.Ft int +.Fn krb5_config_get_int_default "krb5_context context" "krb5_config_section *c" "int def_value" "..." +.Ft const char* +.Fn krb5_config_get_string_default "krb5_context context" "krb5_config_section *c" "const char *def_value" "..." +.Ft int +.Fn krb5_config_get_time_default "krb5_context context" "krb5_config_section *c" "int def_value" "..." + +.Sh DESCRIPTION + +These functions get values from the +.Xr krb5.conf 5 +configuration file, or another configuration database specified by the +.Fa c +parameter. + +The variable arguments should be a list of strings naming each +subsection to look for. For example: + +.Bd -literal -offset indent +krb5_config_get_bool_default(context, NULL, FALSE, "libdefaults", "log_utc", NULL) +.Ed + +gets the boolean value for the +.Dv log_utc +option, defaulting to +.Dv FALSE . + +.Fn krb5_config_get_bool_default +will convert the option value to a boolean value, where +.Sq yes , +.Sq true , +and any non-zero number means +.Dv TRUE , +and any other value +.Dv FALSE . + +.Fn krb5_config_get_int_default +will convert the value to an integer. + +.Fn krb5_config_get_time_default +will convert the value to a period of time (not a time stamp) in +seconds, so the string +.Sq 2 weeks +will be converted to +1209600 (2 * 7 * 24 * 60 * 60). + +.Sh BUGS + +Other than for the string case, there's no way to tell whether there +was a value specified or not. + +.Sh SEE ALSO +.Xr krb5_appdefault 3 , +.Xr krb5.conf 5 diff --git a/crypto/heimdal/lib/krb5/krb5_context.3 b/crypto/heimdal/lib/krb5/krb5_context.3 new file mode 100644 index 0000000..83a768d --- /dev/null +++ b/crypto/heimdal/lib/krb5/krb5_context.3 @@ -0,0 +1,20 @@ +.\" Copyright (c) 2001 Kungliga Tekniska Högskolan +.\" $Id: krb5_context.3,v 1.1 2001/01/28 21:39:29 assar Exp $ +.Dd Jan 21, 2001 +.Dt KRB5_CONTEXT 3 +.Os HEIMDAL +.Sh NAME +.Nm krb5_context +.Sh DESCRIPTION +The +.Nm +structure is designed to hold all per thread state. All global +variables that are context specific are stored in this struture, +including default encryption types, credential-cache (ticket file), and +default realms. +.Pp +The internals of the structure should never be accessed directly, +functions exist for extracting information. +.Sh SEE ALSO +.Xr krb5_init_context 3 , +.Xr kerberos 8 diff --git a/crypto/heimdal/lib/krb5/krb5_create_checksum.3 b/crypto/heimdal/lib/krb5/krb5_create_checksum.3 index e2362a9..9472ed6 100644 --- a/crypto/heimdal/lib/krb5/krb5_create_checksum.3 +++ b/crypto/heimdal/lib/krb5/krb5_create_checksum.3 @@ -1,5 +1,5 @@ .\" Copyright (c) 1999 Kungliga Tekniska Högskolan -.\" $Id: krb5_create_checksum.3,v 1.1 1999/04/18 13:47:11 joda Exp $ +.\" $Id: krb5_create_checksum.3,v 1.2 2001/01/26 22:43:21 assar Exp $ .Dd April 7, 1999 .Dt NAME 3 .Os HEIMDAL @@ -12,19 +12,14 @@ .Nd creates and verifies checksums .Sh SYNOPSIS .Fd #include - .Ft krb5_error_code .Fn krb5_create_checksum "krb5_context context" "krb5_crypto crypto" "unsigned usage_or_type" "void *data" "size_t len" "Checksum *result" - .Ft krb5_error_code .Fn krb5_verify_checksum "krb5_context context" "krb5_crypto crypto" "krb5_key_usage usage" "void *data" "size_t len" "Checksum *cksum" - .Ft krb5_boolean .Fn krb5_checksum_is_collision_proof "krb5_context context" "krb5_cksumtype type" - .Ft krb5_boolean .Fn krb5_checksum_is_keyed "krb5_context context" "krb5_cksumtype type" - .Sh DESCRIPTION These functions are used to create and verify checksums. .Fn krb5_create_checksum @@ -60,7 +55,6 @@ value is a function of both the data, and a separate key). Examples of keyed hash algorithms are HMAC-SHA1-DES3, and RSA-MD5-DES. The .Dq plain hash functions MD5, and SHA1 are not keyed. - .\" .Sh EXAMPLE .\" .Sh BUGS .Sh SEE ALSO diff --git a/crypto/heimdal/lib/krb5/krb5_crypto_init.3 b/crypto/heimdal/lib/krb5/krb5_crypto_init.3 index 29db8c1..7d46567 100644 --- a/crypto/heimdal/lib/krb5/krb5_crypto_init.3 +++ b/crypto/heimdal/lib/krb5/krb5_crypto_init.3 @@ -1,5 +1,5 @@ .\" Copyright (c) 1999 Kungliga Tekniska Högskolan -.\" $Id: krb5_crypto_init.3,v 1.1 1999/04/18 13:47:21 joda Exp $ +.\" $Id: krb5_crypto_init.3,v 1.2 2001/01/26 22:43:22 assar Exp $ .Dd April 7, 1999 .Dt NAME 3 .Os HEIMDAL @@ -9,13 +9,10 @@ .Nd initialize encryption context .Sh SYNOPSIS .Fd #include - .Ft krb5_error_code .Fn krb5_crypto_init "krb5_context context" "krb5_keyblock *key" "krb5_enctype enctype" "krb5_crypto *crypto" - .Ft krb5_error_code .Fn krb5_crypto_destroy "krb5_context context" "krb5_crypto crypto" - .Sh DESCRIPTION These functions are used to initialize an encryption context that can be used to encrypt or checksum data. @@ -33,7 +30,6 @@ with the .Pp .Fn krb5_crypto_destroy frees a previously allocated encrypion context. - .\" .Sh EXAMPLE .\" .Sh BUGS .Sh SEE ALSO diff --git a/crypto/heimdal/lib/krb5/krb5_encrypt.3 b/crypto/heimdal/lib/krb5/krb5_encrypt.3 index d8cc89e..291e503 100644 --- a/crypto/heimdal/lib/krb5/krb5_encrypt.3 +++ b/crypto/heimdal/lib/krb5/krb5_encrypt.3 @@ -1,5 +1,5 @@ .\" Copyright (c) 1999 Kungliga Tekniska Högskolan -.\" $Id: krb5_encrypt.3,v 1.1 1999/04/18 13:47:30 joda Exp $ +.\" $Id: krb5_encrypt.3,v 1.2 2001/01/26 22:43:22 assar Exp $ .Dd April 7, 1999 .Dt KRB5_ENCRYPT 3 .Os HEIMDAL @@ -11,19 +11,14 @@ .Nd encrypt and decrypt data .Sh SYNOPSIS .Fd #include - .Ft krb5_error_code .Fn krb5_encrypt "krb5_context context" "krb5_crypto crypto" "unsigned usage" "void *data" "size_t len" "krb5_data *result" - .Ft krb5_error_code .Fn krb5_encrypt_EncryptedData "krb5_context context" "krb5_crypto crypto" "unsigned usage" "void *data" "size_t len" "int kvno" "EncryptedData *result" - .Ft krb5_error_code .Fn krb5_decrypt "krb5_context context" "krb5_crypto crypto" "unsigned usage" "void *data" "size_t len" "krb5_data *result" - .Ft krb5_error_code .Fn krb5_decrypt_EncryptedData "krb5_context context" "krb5_crypto crypto" "unsigned usage" "EncryptedData *e" "krb5_data *result" - .Sh DESCRIPTION These functions are used to encrypt and decrypt data. .Pp @@ -52,7 +47,6 @@ is not zero, it will be put in the and .Fn krb5_decrypt_EncryptedData works similarly. - .\" .Sh EXAMPLE .\" .Sh BUGS .Sh SEE ALSO diff --git a/crypto/heimdal/lib/krb5/krb5_err.et b/crypto/heimdal/lib/krb5/krb5_err.et index 895ae66..3427923 100644 --- a/crypto/heimdal/lib/krb5/krb5_err.et +++ b/crypto/heimdal/lib/krb5/krb5_err.et @@ -3,7 +3,7 @@ # # This might look like a com_err file, but is not # -id "$Id: krb5_err.et,v 1.8 2000/02/07 12:54:17 joda Exp $" +id "$Id: krb5_err.et,v 1.9 2000/04/06 00:41:37 assar Exp $" error_table krb5 @@ -68,10 +68,30 @@ index 60 error_code GENERIC, "Generic error (see e-text)" error_code FIELD_TOOLONG, "Field is too long for this implementation" -# 62-127 are reserved +# pkinit +index 62 +prefix KDC_ERROR +error_code CLIENT_NOT_TRUSTED, "Client not trusted" +error_code KDC_NOT_TRUSTED, "KDC not trusted" +error_code INVALID_SIG, "Invalid signature" +error_code KEY_TOO_WEAK, "Key too weak" +error_code CERTIFICATE_MISMATCH, "Certificate mismatch" +prefix KRB5_AP_ERR +error_code USER_TO_USER_REQUIRED, "User to user required" +prefix KDC_ERROR +error_code CANT_VERIFY_CERTIFICATE, "Cannot verify certificate" +error_code INVALID_CERTIFICATE, "Invalid certificate" +error_code REVOKED_CERTIFICATE, "Revoked certificate" +error_code REVOCATION_STATUS_UNKNOWN, "Revocation status unknown" +error_code REVOCATION_STATUS_UNAVAILABLE,"Revocation status unavailable" +error_code CLIENT_NAME_MISMATCH, "Client name mismatch" +error_code KDC_NAME_MISMATCH, "KDC name mismatch" + +# 77-127 are reserved + index 128 prefix -error_code KRB5_ERR_RCSID, "$Id: krb5_err.et,v 1.8 2000/02/07 12:54:17 joda Exp $" +error_code KRB5_ERR_RCSID, "$Id: krb5_err.et,v 1.9 2000/04/06 00:41:37 assar Exp $" error_code KRB5_LIBOS_BADLOCKFLAG, "Invalid flag for file lock mode" error_code KRB5_LIBOS_CANTREADPWD, "Cannot read password" diff --git a/crypto/heimdal/lib/krb5/krb5_free_principal.3 b/crypto/heimdal/lib/krb5/krb5_free_principal.3 index ba5888a..1f318cc 100644 --- a/crypto/heimdal/lib/krb5/krb5_free_principal.3 +++ b/crypto/heimdal/lib/krb5/krb5_free_principal.3 @@ -1,27 +1,22 @@ .\" Copyright (c) 1997 Kungliga Tekniska Högskolan -.\" $Id: krb5_free_principal.3,v 1.1 1997/08/14 00:03:17 joda Exp $ +.\" $Id: krb5_free_principal.3,v 1.2 2001/01/26 22:43:22 assar Exp $ .Dd August 8, 1997 .Dt KRB5_FREE_PRINCIPAL 3 .Os HEIMDAL .Sh NAME .Nm krb5_free_principal .Nd Principal free function - .Sh SYNOPSIS .Fd #include - .Ft void .Fn krb5_free_principal "krb5_context context" "krb5_principal principal" - .Sh DESCRIPTION - The .Fn krb5_free_principal will free a principal that has been created with .Fn krb5_build_principal , .Fn krb5_parse_name , or with some other function. - .Sh SEE ALSO .Xr krb5_425_conv_principal 3 , .Xr krb5_build_principal 3 , diff --git a/crypto/heimdal/lib/krb5/krb5_init_context.3 b/crypto/heimdal/lib/krb5/krb5_init_context.3 new file mode 100644 index 0000000..7e27ec2 --- /dev/null +++ b/crypto/heimdal/lib/krb5/krb5_init_context.3 @@ -0,0 +1,38 @@ +.\" Copyright (c) 2001 Kungliga Tekniska Högskolan +.\" $Id: krb5_init_context.3,v 1.1 2001/01/28 21:39:29 assar Exp $ +.Dd Jan 21, 2001 +.Dt KRB5_CONTEXT 3 +.Os HEIMDAL +.Sh NAME +.Nm krb5_init_context , +.Nm krb5_free_context +.Sh SYNOPSIS +.Fd #include +.Ft krb5_error_code +.Fn krb5_init_context "krb5_context *context" +.Ft void +.Fn krb5_free_context "krb5_context *context" +.Sh DESCRIPTION +The +.Fn krb5_init_context +function initializes the +.Fa context +structure and reads the configration file +.Pa /etc/krb5.conf . +.Pp +The structure should be freed by calling +.Fn krb5_free_context +when it is no longer being used. +.Sh RETURN VALUES +.Fn krb5_init_context +returns 0 to indicate success. +Otherwise an errno code is returned. +Failure means either that something bad happened during initialization +(typically +.Bq ENOMEM ) +or that Kerberos should not be used +.Bq ENXIO . +.Sh SEE ALSO +.Xr krb5_context 3 , +.Xr errno 2 , +.Xr kerberos 8 diff --git a/crypto/heimdal/lib/krb5/krb5_locl.h b/crypto/heimdal/lib/krb5/krb5_locl.h index b7093b1..7ea9038 100644 --- a/crypto/heimdal/lib/krb5/krb5_locl.h +++ b/crypto/heimdal/lib/krb5/krb5_locl.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -31,7 +31,7 @@ * SUCH DAMAGE. */ -/* $Id: krb5_locl.h,v 1.63 1999/12/02 17:05:11 joda Exp $ */ +/* $Id: krb5_locl.h,v 1.64 2001/01/29 02:09:00 assar Exp $ */ #ifndef __KRB5_LOCL_H__ #define __KRB5_LOCL_H__ @@ -109,11 +109,31 @@ struct sockaddr_dl; #include #include +#ifdef HAVE_OPENSSL_DES_H +#include +#else #include +#endif +#ifdef HAVE_OPENSSL_MD4_H +#include +#else #include +#endif +#ifdef HAVE_OPENSSL_MD5_H +#include +#else #include +#endif +#ifdef HAVE_OPENSSL_SHA_H +#include +#else #include +#endif +#ifdef HAVE_OPENSSL_RC4_H +#include +#else #include +#endif #include #include diff --git a/crypto/heimdal/lib/krb5/krb5_openlog.3 b/crypto/heimdal/lib/krb5/krb5_openlog.3 index 87040ba..5576475 100644 --- a/crypto/heimdal/lib/krb5/krb5_openlog.3 +++ b/crypto/heimdal/lib/krb5/krb5_openlog.3 @@ -1,5 +1,5 @@ .\" Copyright (c) 1997 Kungliga Tekniska Högskolan -.\" $Id: krb5_openlog.3,v 1.4 1999/04/07 14:06:32 joda Exp $ +.\" $Id: krb5_openlog.3,v 1.5 2001/01/26 22:43:22 assar Exp $ .Dd August 6, 1997 .Dt KRB5_OPENLOG 3 .Os HEIMDAL @@ -16,40 +16,28 @@ .Nd Heimdal logging functions .Sh SYNOPSIS .Fd #include - -.\" ouch! -.ds xx \\*(fP\fR(\fP\\*(lI*\\*(fP -.ds xy \fR)\|\fP -.Fn "\\*(lItypedef void \\*(xxkrb5_log_log_func_t\\*(xy" "const char *time" "const char *message" "void *data" -.Fn "\\*(lItypedef void \\*(xxkrb5_log_close_func_t\\*(xy" "void *data" - +.Ft "typedef void" +.Fn "\*(lp*krb5_log_log_func_t\*(rp" "const char *time" "const char *message" "void *data" +.Ft "typedef void" +.Fn "\*(lp*krb5_log_close_func_t\*(rp" "void *data" .Ft krb5_error_code .Fn krb5_addlog_dest "krb5_context context" "krb5_log_facility *facility" "const char *destination" - .Ft krb5_error_code .Fn krb5_addlog_func "krb5_context context" "krb5_log_facility *facility" "int min" "int max" "krb5_log_log_func_t log" "krb5_log_close_func_t close" "void *data" - .Ft krb5_error_code .Fn krb5_closelog "krb5_context context" "krb5_log_facility *facility" - .Ft krb5_error_code .Fn krb5_initlog "krb5_context context" "const char *program" "krb5_log_facility **facility" - .Ft krb5_error_code .Fn krb5_log "krb5_context context" "krb5_log_facility *facility" "int level" "const char *format" "..." - .Ft krb5_error_code .Fn krb5_log_msg "krb5_context context" "krb5_log_facility *facility" "char **reply" "int level" "const char *format" "..." - .Ft krb5_error_code .Fn krb5_openlog "krb5_context context" "const char *program" "krb5_log_facility **facility" - .Ft krb5_error_code .Fn krb5_vlog "krb5_context context" "krb5_log_facility *facility" "int level" "const char *format" "va_list arglist" - .Ft krb5_error_code .Fn krb5_vlog_msg "krb5_context context" "krb5_log_facility *facility" "char **reply" "int level" "const char *format" "va_list arglist" - .Sh DESCRIPTION These functions logs messages to one or more destinations. .Pp @@ -97,7 +85,6 @@ is a standard .Fn printf style format string (but see the BUGS section). .Pp - If you want better control of where things gets logged, you can instead of using .Fn krb5_openlog call @@ -135,9 +122,7 @@ calls and then calls .Fn krb5_addlog_dest for each destination found. - .Ss Destinations - The defined destinations (as specified in .Pa krb5.conf ) follows: diff --git a/crypto/heimdal/lib/krb5/krb5_parse_name.3 b/crypto/heimdal/lib/krb5/krb5_parse_name.3 index db9236c..c5b0c1d 100644 --- a/crypto/heimdal/lib/krb5/krb5_parse_name.3 +++ b/crypto/heimdal/lib/krb5/krb5_parse_name.3 @@ -1,20 +1,16 @@ .\" Copyright (c) 1997 Kungliga Tekniska Högskolan -.\" $Id: krb5_parse_name.3,v 1.1 1997/08/14 00:03:17 joda Exp $ +.\" $Id: krb5_parse_name.3,v 1.2 2001/01/26 22:43:22 assar Exp $ .Dd August 8, 1997 .Dt KRB5_PARSE_NAME 3 .Os HEIMDAL .Sh NAME .Nm krb5_parse_name .Nd String to principal conversion - .Sh SYNOPSIS .Fd #include - .Ft krb5_error_code .Fn krb5_parse_name "krb5_context context" "const char *name" "krb5_principal *principal" - .Sh DESCRIPTION - .Fn krb5_parse_name converts a string representation of a princpal name to .Nm krb5_principal . diff --git a/crypto/heimdal/lib/krb5/krb5_sname_to_principal.3 b/crypto/heimdal/lib/krb5/krb5_sname_to_principal.3 index aea4150..2c9f405 100644 --- a/crypto/heimdal/lib/krb5/krb5_sname_to_principal.3 +++ b/crypto/heimdal/lib/krb5/krb5_sname_to_principal.3 @@ -1,5 +1,5 @@ .\" Copyright (c) 1997 Kungliga Tekniska Högskolan -.\" $Id: krb5_sname_to_principal.3,v 1.1 1997/08/14 00:03:18 joda Exp $ +.\" $Id: krb5_sname_to_principal.3,v 1.2 2001/01/26 22:43:22 assar Exp $ .Dd August 8, 1997 .Dt KRB5_PRINCIPAL 3 .Os HEIMDAL @@ -7,18 +7,13 @@ .Nm krb5_sname_to_principal , .Nm krb5_sock_to_principal .Nd Create a service principal - .Sh SYNOPSIS .Fd #include - .Ft krb5_error_code .Fn krb5_sname_to_principal "krb5_context context" "const char *hostname" "const char *sname" "int32_t type" "krb5_principal *principal" - .Ft krb5_error_code .Fn krb5_sock_to_principal "krb5_context context" "int socket" "const char *sname" "int32_t type" "krb5_principal *principal" - .Sh DESCRIPTION - These functions create a .Dq service principal that can, for instance, be used to lookup a key in a keytab. For both these function the @@ -49,7 +44,6 @@ of the passed which should be a bound .Dv AF_INET socket. - .Sh SEE ALSO .Xr krb5_425_conv_principal 3 , .Xr krb5_build_principal 3 , diff --git a/crypto/heimdal/lib/krb5/krb5_unparse_name.3 b/crypto/heimdal/lib/krb5/krb5_unparse_name.3 index 13277d6..5a744af 100644 --- a/crypto/heimdal/lib/krb5/krb5_unparse_name.3 +++ b/crypto/heimdal/lib/krb5/krb5_unparse_name.3 @@ -1,5 +1,5 @@ .\" Copyright (c) 1997 Kungliga Tekniska Högskolan -.\" $Id: krb5_unparse_name.3,v 1.1 1997/08/14 00:03:19 joda Exp $ +.\" $Id: krb5_unparse_name.3,v 1.2 2001/01/26 22:43:22 assar Exp $ .Dd August 8, 1997 .Dt KRB5_UNPARSE_NAME 3 .Os HEIMDAL @@ -7,25 +7,19 @@ .Nm krb5_unparse_name .\" .Nm krb5_unparse_name_ext .Nd Principal to string conversion - .Sh SYNOPSIS .Fd #include - .Ft krb5_error_code .Fn krb5_unparse_name "krb5_context context" "krb5_principal principal" "char **name" - .\" .Ft krb5_error_code .\" .Fn krb5_unparse_name_ext "krb5_context context" "krb5_const_principal principal" "char **name" "size_t *size" - .Sh DESCRIPTION - This function takes a .Fa principal , and will convert in to a printable representation with the same syntax as decribed in .Xr krb5_parse_name 3 . .Fa *name will point to allocated data and should be freed by the caller. - .Sh SEE ALSO .Xr krb5_425_conv_principal 3 , .Xr krb5_build_principal 3 , diff --git a/crypto/heimdal/lib/krb5/krb5_warn.3 b/crypto/heimdal/lib/krb5/krb5_warn.3 index 521da0e..ae3a330 100644 --- a/crypto/heimdal/lib/krb5/krb5_warn.3 +++ b/crypto/heimdal/lib/krb5/krb5_warn.3 @@ -1,5 +1,5 @@ .\" Copyright (c) 1997 Kungliga Tekniska Högskolan -.\" $Id: krb5_warn.3,v 1.2 1997/08/08 03:45:55 joda Exp $ +.\" $Id: krb5_warn.3,v 1.3 2001/01/26 22:43:23 assar Exp $ .Dd August 8, 1997 .Dt KRB5_WARN 3 .Os HEIMDAL @@ -16,36 +16,25 @@ .Nd Heimdal warning and error functions .Sh SYNOPSIS .Fd #include - .Ft krb5_error_code .Fn krb5_err "krb5_context context" "int eval" "krb5_error_code code" "const char *format" "..." - .Ft krb5_error_code .Fn krb5_errx "krb5_context context" "int eval" "const char *format" "..." - .Ft krb5_error_code .Fn krb5_verr "krb5_context context" "int eval" "krb5_error_code code" "const char *format" "va_list ap" - .Ft krb5_error_code .Fn krb5_verrx "krb5_context context" "int eval" "const char *format" "va_list ap" - .Ft krb5_error_code .Fn krb5_vwarn "krb5_context context" "krb5_error_code code" "const char *format" "va_list ap" - .Ft krb5_error_code .Fn krb5_vwarnx "krb5_context context" "const char *format" "va_list ap" - .Ft krb5_error_code .Fn krb5_warn "krb5_context context" "krb5_error_code code" "const char *format" "..." - .Ft krb5_error_code .Fn krb5_warnx "krb5_context context" "const char *format" "..." - .Ft krb5_error_code .Fn krb5_set_warn_dest "krb5_context context" "krb5_log_facility *facility" - .Sh DESCRIPTION - These functions prints a warning message to some destination. .Fa format is a printf style format specifying the message to print. The forms not ending in an @@ -68,6 +57,5 @@ Messages logged with the functions have a log level of 1, while the .Dq err functions logs with level 0. - .Sh SEE ALSO .Xr krb5_openlog 3 diff --git a/crypto/heimdal/lib/krb5/krbhst.c b/crypto/heimdal/lib/krb5/krbhst.c index 8d5c4e4..b257e8b 100644 --- a/crypto/heimdal/lib/krb5/krbhst.c +++ b/crypto/heimdal/lib/krb5/krbhst.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -34,7 +34,7 @@ #include "krb5_locl.h" #include -RCSID("$Id: krbhst.c,v 1.23 1999/12/11 23:14:25 assar Exp $"); +RCSID("$Id: krbhst.c,v 1.25 2001/01/19 04:30:54 assar Exp $"); /* * assuming that `*res' contains `*count' strings, add a copy of `string'. @@ -58,6 +58,11 @@ add_string(char ***res, int *count, const char *string) return 0; } +/* + * do a SRV lookup for `realm, proto, service' returning the result + * in `res, count' + */ + static krb5_error_code srv_find_realm(krb5_context context, char ***res, int *count, const char *realm, const char *proto, const char *service) @@ -131,7 +136,7 @@ get_krbhst (krb5_context context, "realms", *realm, conf_string, NULL); for(r = res, count = 0; r && *r; r++, count++); - if(context->srv_lookup) { + if(count == 0 && context->srv_lookup) { char *s[] = { "udp", "tcp", "http" }, **q; for(q = s; q < s + sizeof(s) / sizeof(s[0]); q++) { ret = srv_find_realm(context, &res, &count, *realm, *q, @@ -157,6 +162,10 @@ get_krbhst (krb5_context context, return 0; } +/* + * set `hostlist' to a malloced list of kadmin servers. + */ + krb5_error_code krb5_get_krb_admin_hst (krb5_context context, const krb5_realm *realm, @@ -166,15 +175,30 @@ krb5_get_krb_admin_hst (krb5_context context, hostlist); } +/* + * set `hostlist' to a malloced list of changepw servers. + */ + krb5_error_code krb5_get_krb_changepw_hst (krb5_context context, const krb5_realm *realm, char ***hostlist) { - return get_krbhst (context, realm, "admin_server", "kpasswd", - hostlist); + krb5_error_code ret; + + ret = get_krbhst (context, realm, "kpasswd_server", "kpasswd", + hostlist); + if (ret) + return ret; + ret = get_krbhst (context, realm, "admin_server", "kpasswd", + hostlist); + return ret; } +/* + * set `hostlist' to a malloced list of kerberos servers. + */ + krb5_error_code krb5_get_krbhst (krb5_context context, const krb5_realm *realm, @@ -183,6 +207,10 @@ krb5_get_krbhst (krb5_context context, return get_krbhst (context, realm, "kdc", "kerberos", hostlist); } +/* + * free all memory associated with `hostlist' + */ + krb5_error_code krb5_free_krbhst (krb5_context context, char **hostlist) diff --git a/crypto/heimdal/lib/krb5/log.c b/crypto/heimdal/lib/krb5/log.c index e1511e2..37bff1d 100644 --- a/crypto/heimdal/lib/krb5/log.c +++ b/crypto/heimdal/lib/krb5/log.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "krb5_locl.h" -RCSID("$Id: log.c,v 1.21 1999/12/02 17:05:11 joda Exp $"); +RCSID("$Id: log.c,v 1.25 2000/09/17 21:46:07 assar Exp $"); struct facility { int min; @@ -56,14 +56,14 @@ log_realloc(krb5_log_facility *f) return fp; } -struct s2i{ +struct s2i { char *s; int val; }; #define L(X) { #X, LOG_ ## X } -struct s2i syslogvals[] = { +static struct s2i syslogvals[] = { L(EMERG), L(ALERT), L(CRIT), @@ -356,18 +356,22 @@ krb5_vlog_msg(krb5_context context, __attribute__((format (printf, 5, 0))) { char *msg; + const char *actual; char buf[64]; time_t t; int i; vasprintf(&msg, fmt, ap); + if (msg != NULL) + actual = msg; + else + actual = fmt; t = time(NULL); - strftime(buf, sizeof(buf), context->time_fmt, - context->log_utc ? gmtime(&t) : localtime(&t)); + krb5_format_time(context, t, buf, sizeof(buf), TRUE); for(i = 0; i < fac->len; i++) if(fac->val[i].min <= level && (fac->val[i].max < 0 || fac->val[i].max >= level)) - (*fac->val[i].log)(buf, msg, fac->val[i].data); + (*fac->val[i].log)(buf, actual, fac->val[i].data); *reply = msg; return 0; } diff --git a/crypto/heimdal/lib/krb5/mcache.c b/crypto/heimdal/lib/krb5/mcache.c index d45deea..29c5cfd 100644 --- a/crypto/heimdal/lib/krb5/mcache.c +++ b/crypto/heimdal/lib/krb5/mcache.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,43 +33,97 @@ #include "krb5_locl.h" -RCSID("$Id: mcache.c,v 1.10 1999/12/02 17:05:11 joda Exp $"); +RCSID("$Id: mcache.c,v 1.12 2000/11/15 02:12:51 assar Exp $"); typedef struct krb5_mcache { + char *name; + unsigned int refcnt; krb5_principal primary_principal; struct link { krb5_creds cred; struct link *next; } *creds; + struct krb5_mcache *next; } krb5_mcache; +static struct krb5_mcache *mcc_head; + +#define MCACHE(X) ((krb5_mcache *)(X)->data.data) + +#define MISDEAD(X) ((X)->primary_principal == NULL) + #define MCC_CURSOR(C) ((struct link*)(C)) static char* mcc_get_name(krb5_context context, krb5_ccache id) { - return ""; /* XXX */ + return MCACHE(id)->name; +} + +static krb5_mcache * +mcc_alloc(const char *name) +{ + krb5_mcache *m; + ALLOC(m, 1); + if(m == NULL) + return NULL; + if(name == NULL) + asprintf(&m->name, "%p", m); + else + m->name = strdup(name); + if(m->name == NULL) { + free(m); + return NULL; + } + m->refcnt = 1; + m->primary_principal = NULL; + m->creds = NULL; + m->next = mcc_head; + mcc_head = m; + return m; } static krb5_error_code mcc_resolve(krb5_context context, krb5_ccache *id, const char *res) { - krb5_abortx(context, "unimplemented mcc_resolve called"); + krb5_mcache *m; + + for (m = mcc_head; m != NULL; m = m->next) + if (strcmp(m->name, res) == 0) + break; + + if (m != NULL) { + m->refcnt++; + (*id)->data.data = m; + (*id)->data.length = sizeof(*m); + return 0; + } + + m = mcc_alloc(res); + if (m == NULL) + return KRB5_CC_NOMEM; + + (*id)->data.data = m; + (*id)->data.length = sizeof(*m); + + return 0; } + static krb5_error_code mcc_gen_new(krb5_context context, krb5_ccache *id) { krb5_mcache *m; - m = malloc (sizeof(*m)); + m = mcc_alloc(NULL); + if (m == NULL) return KRB5_CC_NOMEM; - m->primary_principal = NULL; - m->creds = NULL; + (*id)->data.data = m; (*id)->data.length = sizeof(*m); + return 0; } @@ -78,37 +132,25 @@ mcc_initialize(krb5_context context, krb5_ccache id, krb5_principal primary_principal) { - krb5_error_code ret; - krb5_mcache *m; - - m = (krb5_mcache *)id->data.data; - - ret = krb5_copy_principal (context, - primary_principal, - &m->primary_principal); - if (ret) - return ret; - return 0; + return krb5_copy_principal (context, + primary_principal, + &MCACHE(id)->primary_principal); } static krb5_error_code mcc_close(krb5_context context, krb5_ccache id) { - krb5_mcache *m = (krb5_mcache *)id->data.data; - struct link *l; + krb5_mcache *m = MCACHE(id); - krb5_free_principal (context, m->primary_principal); - l = m->creds; - while (l != NULL) { - struct link *old; + if (--m->refcnt != 0) + return 0; - krb5_free_creds_contents (context, &l->cred); - old = l; - l = l->next; - free (old); + if (MISDEAD(m)) { + free (m->name); + krb5_data_free(&id->data); } - krb5_data_free(&id->data); + return 0; } @@ -116,6 +158,35 @@ static krb5_error_code mcc_destroy(krb5_context context, krb5_ccache id) { + krb5_mcache **n, *m = MCACHE(id); + struct link *l; + + if (m->refcnt == 0) + krb5_abortx(context, "mcc_destroy: refcnt already 0"); + + if (!MISDEAD(m)) { + /* if this is an active mcache, remove it from the linked + list, and free all data */ + for(n = &mcc_head; n && *n; n = &(*n)->next) { + if(m == *n) { + *n = m->next; + break; + } + } + krb5_free_principal (context, m->primary_principal); + m->primary_principal = NULL; + + l = m->creds; + while (l != NULL) { + struct link *old; + + krb5_free_creds_contents (context, &l->cred); + old = l; + l = l->next; + free (old); + } + m->creds = NULL; + } return 0; } @@ -124,10 +195,13 @@ mcc_store_cred(krb5_context context, krb5_ccache id, krb5_creds *creds) { + krb5_mcache *m = MCACHE(id); krb5_error_code ret; - krb5_mcache *m = (krb5_mcache *)id->data.data; struct link *l; + if (MISDEAD(m)) + return ENOENT; + l = malloc (sizeof(*l)); if (l == NULL) return KRB5_CC_NOMEM; @@ -148,7 +222,10 @@ mcc_get_principal(krb5_context context, krb5_ccache id, krb5_principal *principal) { - krb5_mcache *m = (krb5_mcache *)id->data.data; + krb5_mcache *m = MCACHE(id); + + if (MISDEAD(m)) + return ENOENT; return krb5_copy_principal (context, m->primary_principal, @@ -160,7 +237,11 @@ mcc_get_first (krb5_context context, krb5_ccache id, krb5_cc_cursor *cursor) { - krb5_mcache *m = (krb5_mcache *)id->data.data; + krb5_mcache *m = MCACHE(id); + + if (MISDEAD(m)) + return ENOENT; + *cursor = m->creds; return 0; } @@ -171,8 +252,12 @@ mcc_get_next (krb5_context context, krb5_cc_cursor *cursor, krb5_creds *creds) { + krb5_mcache *m = MCACHE(id); struct link *l; + if (MISDEAD(m)) + return ENOENT; + l = *cursor; if (l != NULL) { *cursor = l->next; @@ -195,9 +280,19 @@ static krb5_error_code mcc_remove_cred(krb5_context context, krb5_ccache id, krb5_flags which, - krb5_creds *cred) + krb5_creds *mcreds) { - return 0; /* XXX */ + krb5_mcache *m = MCACHE(id); + struct link **q, *p; + for(q = &m->creds, p = *q; p; p = *q) { + if(krb5_compare_creds(context, which, mcreds, &p->cred)) { + *q = p->next; + krb5_free_cred_contents(context, &p->cred); + free(p); + } else + q = &p->next; + } + return 0; } static krb5_error_code diff --git a/crypto/heimdal/lib/krb5/mk_priv.c b/crypto/heimdal/lib/krb5/mk_priv.c index 1ee2bed..c880f10 100644 --- a/crypto/heimdal/lib/krb5/mk_priv.c +++ b/crypto/heimdal/lib/krb5/mk_priv.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include -RCSID("$Id: mk_priv.c,v 1.25 1999/12/02 17:05:11 joda Exp $"); +RCSID("$Id: mk_priv.c,v 1.28 2000/08/18 06:48:07 assar Exp $"); /* * @@ -52,7 +52,7 @@ krb5_mk_priv(krb5_context context, u_char *buf; size_t buf_size; size_t len; - int tmp_seq; + u_int32_t tmp_seq; krb5_keyblock *key; int32_t sec, usec; KerberosTime sec2; @@ -76,7 +76,7 @@ krb5_mk_priv(krb5_context context, usec2 = usec; part.usec = &usec2; if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) { - tmp_seq = ++auth_context->local_seqnumber; + tmp_seq = auth_context->local_seqnumber; part.seq_number = &tmp_seq; } else { part.seq_number = NULL; @@ -117,7 +117,11 @@ krb5_mk_priv(krb5_context context, s.enc_part.etype = key->keytype; s.enc_part.kvno = NULL; - krb5_crypto_init(context, key, 0, &crypto); + ret = krb5_crypto_init(context, key, 0, &crypto); + if (ret) { + free (buf); + return ret; + } ret = krb5_encrypt (context, crypto, KRB5_KU_KRB_PRIV, @@ -159,6 +163,9 @@ krb5_mk_priv(krb5_context context, } memcpy (outbuf->data, buf + buf_size - len, len); free (buf); + if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) + auth_context->local_seqnumber = + (auth_context->local_seqnumber + 1) & 0xFFFFFFFF; return 0; fail: diff --git a/crypto/heimdal/lib/krb5/mk_rep.c b/crypto/heimdal/lib/krb5/mk_rep.c index 060be03..ad750b0 100644 --- a/crypto/heimdal/lib/krb5/mk_rep.c +++ b/crypto/heimdal/lib/krb5/mk_rep.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,11 +33,11 @@ #include -RCSID("$Id: mk_rep.c,v 1.16 1999/12/02 17:05:11 joda Exp $"); +RCSID("$Id: mk_rep.c,v 1.18 2000/12/06 20:57:23 joda Exp $"); krb5_error_code krb5_mk_rep(krb5_context context, - krb5_auth_context *auth_context, + krb5_auth_context auth_context, krb5_data *outbuf) { krb5_error_code ret; @@ -53,21 +53,21 @@ krb5_mk_rep(krb5_context context, memset (&body, 0, sizeof(body)); - body.ctime = (*auth_context)->authenticator->ctime; - body.cusec = (*auth_context)->authenticator->cusec; + body.ctime = auth_context->authenticator->ctime; + body.cusec = auth_context->authenticator->cusec; body.subkey = NULL; - if ((*auth_context)->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) { + if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) { krb5_generate_seq_number (context, - (*auth_context)->keyblock, - &(*auth_context)->local_seqnumber); + auth_context->keyblock, + &auth_context->local_seqnumber); body.seq_number = malloc (sizeof(*body.seq_number)); if (body.seq_number == NULL) return ENOMEM; - *(body.seq_number) = (*auth_context)->local_seqnumber; + *(body.seq_number) = auth_context->local_seqnumber; } else body.seq_number = NULL; - ap.enc_part.etype = (*auth_context)->keyblock->keytype; + ap.enc_part.etype = auth_context->keyblock->keytype; ap.enc_part.kvno = NULL; buf_size = length_EncAPRepPart(&body); @@ -84,8 +84,12 @@ krb5_mk_rep(krb5_context context, &len); free_EncAPRepPart (&body); - krb5_crypto_init(context, (*auth_context)->keyblock, - 0 /* ap.enc_part.etype */, &crypto); + ret = krb5_crypto_init(context, auth_context->keyblock, + 0 /* ap.enc_part.etype */, &crypto); + if (ret) { + free (buf); + return ret; + } ret = krb5_encrypt (context, crypto, KRB5_KU_AP_REQ_ENC_PART, diff --git a/crypto/heimdal/lib/krb5/mk_req.c b/crypto/heimdal/lib/krb5/mk_req.c index 55ecd46..a30c19e 100644 --- a/crypto/heimdal/lib/krb5/mk_req.c +++ b/crypto/heimdal/lib/krb5/mk_req.c @@ -33,23 +33,19 @@ #include -RCSID("$Id: mk_req.c,v 1.20 2000/01/16 10:22:42 assar Exp $"); +RCSID("$Id: mk_req.c,v 1.22 2000/11/15 06:50:53 assar Exp $"); krb5_error_code -krb5_mk_req(krb5_context context, - krb5_auth_context *auth_context, - const krb5_flags ap_req_options, - const char *service, - const char *hostname, - krb5_data *in_data, - krb5_ccache ccache, - krb5_data *outbuf) +krb5_mk_req_exact(krb5_context context, + krb5_auth_context *auth_context, + const krb5_flags ap_req_options, + const krb5_principal server, + krb5_data *in_data, + krb5_ccache ccache, + krb5_data *outbuf) { krb5_error_code ret; krb5_creds this_cred, *cred; - char **realms; - krb5_data realm_data; - char *real_hostname; memset(&this_cred, 0, sizeof(this_cred)); @@ -58,34 +54,18 @@ krb5_mk_req(krb5_context context, if(ret) return ret; - ret = krb5_expand_hostname_realms (context, hostname, - &real_hostname, &realms); + ret = krb5_copy_principal (context, server, &this_cred.server); if (ret) { - krb5_free_principal (context, this_cred.client); + krb5_free_creds_contents (context, &this_cred); return ret; } - realm_data.length = strlen(*realms); - realm_data.data = *realms; - - ret = krb5_build_principal (context, &this_cred.server, - strlen(*realms), - *realms, - service, - real_hostname, - NULL); - free (real_hostname); - krb5_free_host_realm (context, realms); - - if (ret) { - krb5_free_principal (context, this_cred.client); - return ret; - } this_cred.times.endtime = 0; if (auth_context && *auth_context && (*auth_context)->keytype) this_cred.session.keytype = (*auth_context)->keytype; ret = krb5_get_credentials (context, 0, ccache, &this_cred, &cred); + krb5_free_creds_contents(context, &this_cred); if (ret) return ret; @@ -96,3 +76,39 @@ krb5_mk_req(krb5_context context, cred, outbuf); } + +krb5_error_code +krb5_mk_req(krb5_context context, + krb5_auth_context *auth_context, + const krb5_flags ap_req_options, + const char *service, + const char *hostname, + krb5_data *in_data, + krb5_ccache ccache, + krb5_data *outbuf) +{ + krb5_error_code ret; + char **realms; + char *real_hostname; + krb5_principal server; + + ret = krb5_expand_hostname_realms (context, hostname, + &real_hostname, &realms); + if (ret) + return ret; + + ret = krb5_build_principal (context, &server, + strlen(*realms), + *realms, + service, + real_hostname, + NULL); + free (real_hostname); + krb5_free_host_realm (context, realms); + if (ret) + return ret; + ret = krb5_mk_req_exact (context, auth_context, ap_req_options, + server, in_data, ccache, outbuf); + krb5_free_principal (context, server); + return ret; +} diff --git a/crypto/heimdal/lib/krb5/mk_req_ext.c b/crypto/heimdal/lib/krb5/mk_req_ext.c index 2b7b886..f0f572c 100644 --- a/crypto/heimdal/lib/krb5/mk_req_ext.c +++ b/crypto/heimdal/lib/krb5/mk_req_ext.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include -RCSID("$Id: mk_req_ext.c,v 1.21 1999/12/02 17:05:11 joda Exp $"); +RCSID("$Id: mk_req_ext.c,v 1.24 2000/11/15 07:01:26 assar Exp $"); krb5_error_code krb5_mk_req_internal(krb5_context context, @@ -42,7 +42,8 @@ krb5_mk_req_internal(krb5_context context, krb5_data *in_data, krb5_creds *in_creds, krb5_data *outbuf, - krb5_key_usage usage) + krb5_key_usage checksum_usage, + krb5_key_usage encrypt_usage) { krb5_error_code ret; krb5_data authenticator; @@ -88,6 +89,11 @@ krb5_mk_req_internal(krb5_context context, krb5_free_keyblock(context, ac->keyblock); krb5_copy_keyblock(context, &in_creds->session, &ac->keyblock); + /* it's unclear what type of checksum we can use. try the best one, except: + * a) if it's configured differently for the current realm, or + * b) if the session key is des-cbc-crc + */ + if (in_data) { if(ac->keyblock->keytype == ETYPE_DES_CBC_CRC) { /* this is to make DCE secd (and older MIT kdcs?) happy */ @@ -99,10 +105,13 @@ krb5_mk_req_internal(krb5_context context, &c); } else { krb5_crypto crypto; - krb5_crypto_init(context, ac->keyblock, 0, &crypto); + + ret = krb5_crypto_init(context, ac->keyblock, 0, &crypto); + if (ret) + return ret; ret = krb5_create_checksum(context, crypto, - usage, + checksum_usage, in_data->data, in_data->length, &c); @@ -120,7 +129,8 @@ krb5_mk_req_internal(krb5_context context, in_creds, c_opt, NULL, - &authenticator); + &authenticator, + encrypt_usage); if (c_opt) free_Checksum (c_opt); if (ret) @@ -147,5 +157,6 @@ krb5_mk_req_extended(krb5_context context, in_data, in_creds, outbuf, - KRB5_KU_AP_REQ_AUTH_CKSUM); + KRB5_KU_AP_REQ_AUTH_CKSUM, + KRB5_KU_AP_REQ_AUTH); } diff --git a/crypto/heimdal/lib/krb5/mk_safe.c b/crypto/heimdal/lib/krb5/mk_safe.c index 4d848a6..2803d38 100644 --- a/crypto/heimdal/lib/krb5/mk_safe.c +++ b/crypto/heimdal/lib/krb5/mk_safe.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include -RCSID("$Id: mk_safe.c,v 1.20 1999/12/02 17:05:11 joda Exp $"); +RCSID("$Id: mk_safe.c,v 1.24 2000/08/18 06:48:40 assar Exp $"); krb5_error_code krb5_mk_safe(krb5_context context, @@ -50,7 +50,7 @@ krb5_mk_safe(krb5_context context, u_char *buf = NULL; size_t buf_size; size_t len; - int tmp_seq; + u_int32_t tmp_seq; krb5_crypto crypto; s.pvno = 5; @@ -64,7 +64,7 @@ krb5_mk_safe(krb5_context context, usec2 = usec2; s.safe_body.usec = &usec2; if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) { - tmp_seq = ++auth_context->local_seqnumber; + tmp_seq = auth_context->local_seqnumber; s.safe_body.seq_number = &tmp_seq; } else s.safe_body.seq_number = NULL; @@ -76,13 +76,20 @@ krb5_mk_safe(krb5_context context, s.cksum.checksum.data = NULL; s.cksum.checksum.length = 0; - buf_size = length_KRB_SAFE(&s); buf = malloc(buf_size + 128); /* add some for checksum */ if(buf == NULL) return ENOMEM; ret = encode_KRB_SAFE (buf + buf_size - 1, buf_size, &s, &len); + if (ret) { + free (buf); + return ret; + } ret = krb5_crypto_init(context, auth_context->keyblock, 0, &crypto); + if (ret) { + free (buf); + return ret; + } ret = krb5_create_checksum(context, crypto, KRB5_KU_KRB_SAFE_CKSUM, @@ -111,5 +118,8 @@ krb5_mk_safe(krb5_context context, } memcpy (outbuf->data, buf + buf_size - len, len); free (buf); + if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) + auth_context->local_seqnumber = + (auth_context->local_seqnumber + 1) & 0xFFFFFFFF; return 0; } diff --git a/crypto/heimdal/lib/krb5/principal.c b/crypto/heimdal/lib/krb5/principal.c index 2999868..7be1d93 100644 --- a/crypto/heimdal/lib/krb5/principal.c +++ b/crypto/heimdal/lib/krb5/principal.c @@ -38,9 +38,10 @@ #ifdef HAVE_ARPA_NAMESER_H #include #endif +#include #include "resolve.h" -RCSID("$Id: principal.c,v 1.63 2000/02/07 03:19:05 assar Exp $"); +RCSID("$Id: principal.c,v 1.73 2000/10/16 03:42:14 assar Exp $"); #define princ_num_comp(P) ((P)->name.name_string.len) #define princ_type(P) ((P)->name.name_type) @@ -494,6 +495,9 @@ krb5_copy_principal(krb5_context context, return 0; } +/* + * return TRUE iff princ1 == princ2 (without considering the realm) + */ krb5_boolean krb5_principal_compare_any_realm(krb5_context context, @@ -510,6 +514,10 @@ krb5_principal_compare_any_realm(krb5_context context, return TRUE; } +/* + * return TRUE iff princ1 == princ2 + */ + krb5_boolean krb5_principal_compare(krb5_context context, krb5_const_principal princ1, @@ -520,6 +528,9 @@ krb5_principal_compare(krb5_context context, return krb5_principal_compare_any_realm(context, princ1, princ2); } +/* + * return TRUE iff realm(princ1) == realm(princ2) + */ krb5_boolean krb5_realm_compare(krb5_context context, @@ -529,22 +540,52 @@ krb5_realm_compare(krb5_context context, return strcmp(princ_realm(princ1), princ_realm(princ2)) == 0; } +/* + * return TRUE iff princ matches pattern + */ + +krb5_boolean +krb5_principal_match(krb5_context context, + krb5_const_principal princ, + krb5_const_principal pattern) +{ + int i; + if(princ_num_comp(princ) != princ_num_comp(pattern)) + return FALSE; + if(fnmatch(princ_realm(pattern), princ_realm(princ), 0) != 0) + return FALSE; + for(i = 0; i < princ_num_comp(princ); i++){ + if(fnmatch(princ_ncomp(pattern, i), princ_ncomp(princ, i), 0) != 0) + return FALSE; + } + return TRUE; +} + + struct v4_name_convert { const char *from; const char *to; } default_v4_name_convert[] = { - { "ftp", "ftp" }, - { "hprop", "hprop" }, - { "pop", "pop" }, - { "rcmd", "host" }, + { "ftp", "ftp" }, + { "hprop", "hprop" }, + { "pop", "pop" }, + { "imap", "imap" }, + { "rcmd", "host" }, { NULL, NULL } }; +/* + * return the converted instance name of `name' in `realm'. + * look in the configuration file and then in the default set above. + * return NULL if no conversion is appropriate. + */ + static const char* get_name_conversion(krb5_context context, const char *realm, const char *name) { struct v4_name_convert *q; const char *p; + p = krb5_config_get_string(context, NULL, "realms", realm, "v4_name_convert", "host", name, NULL); if(p == NULL) @@ -577,6 +618,12 @@ get_name_conversion(krb5_context context, const char *realm, const char *name) return NULL; } +/* + * convert the v4 principal `name.instance@realm' to a v5 principal in `princ'. + * if `resolve', use DNS. + * if `func', use that function for validating the conversion + */ + krb5_error_code krb5_425_conv_principal_ext(krb5_context context, const char *name, @@ -589,7 +636,7 @@ krb5_425_conv_principal_ext(krb5_context context, const char *p; krb5_error_code ret; krb5_principal pr; - char host[128]; + char host[MAXHOSTNAMELEN]; /* do the following: if the name is found in the `v4_name_convert:host' part, is is assumed to be a `host' type @@ -635,7 +682,17 @@ krb5_425_conv_principal_ext(krb5_context context, inst = hp->h_name; #endif if(inst) { - ret = krb5_make_principal(context, &pr, realm, name, inst, NULL); + char *low_inst = strdup(inst); + + if (low_inst == NULL) { +#ifdef USE_RESOLVER + dns_free_data(r); +#endif + return ENOMEM; + } + ret = krb5_make_principal(context, &pr, realm, name, low_inst, + NULL); + free (low_inst); if(ret == 0) { if(func == NULL || (*func)(context, pr)){ *princ = pr; @@ -673,8 +730,7 @@ krb5_425_conv_principal_ext(krb5_context context, p = krb5_config_get_string(context, NULL, "realms", realm, "default_domain", NULL); if(p == NULL){ - /* should this be an error or should it silently - succeed? */ + /* this should be an error, just faking a name is not good */ return HEIM_ERR_V4_PRINC_NO_CONV; } @@ -801,6 +857,13 @@ name_convert(krb5_context context, const char *name, const char *realm, return -1; } +/* + * convert the v5 principal in `principal' into a v4 corresponding one + * in `name, instance, realm' + * this is limited interface since there's no length given for these + * three parameters. They have to be 40 bytes each (ANAME_SZ). + */ + krb5_error_code krb5_524_conv_principal(krb5_context context, const krb5_principal principal, @@ -811,6 +874,7 @@ krb5_524_conv_principal(krb5_context context, const char *n, *i, *r; char tmpinst[40]; int type = princ_type(principal); + const int aname_sz = 40; r = principal->realm; @@ -846,15 +910,12 @@ krb5_524_conv_principal(krb5_context context, i = tmpinst; } - if(strlen(r) >= 40) + if (strlcpy (name, n, aname_sz) >= aname_sz) return KRB5_PARSE_MALFORMED; - if(strlen(n) >= 40) + if (strlcpy (instance, i, aname_sz) >= aname_sz) return KRB5_PARSE_MALFORMED; - if(strlen(i) >= 40) + if (strlcpy (realm, r, aname_sz) >= aname_sz) return KRB5_PARSE_MALFORMED; - strcpy(realm, r); - strcpy(name, n); - strcpy(instance, i); return 0; } @@ -870,7 +931,7 @@ krb5_sname_to_principal (krb5_context context, krb5_principal *ret_princ) { krb5_error_code ret; - char localhost[128]; + char localhost[MAXHOSTNAMELEN]; char **realms, *host = NULL; if(type != KRB5_NT_SRV_HST && type != KRB5_NT_UNKNOWN) diff --git a/crypto/heimdal/lib/krb5/prog_setup.c b/crypto/heimdal/lib/krb5/prog_setup.c index 4693d08..dc3b119 100644 --- a/crypto/heimdal/lib/krb5/prog_setup.c +++ b/crypto/heimdal/lib/krb5/prog_setup.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,8 +33,9 @@ #include "krb5_locl.h" #include +#include -RCSID("$Id: prog_setup.c,v 1.6 1999/12/02 17:05:11 joda Exp $"); +RCSID("$Id: prog_setup.c,v 1.8 2001/01/25 11:20:32 assar Exp $"); void krb5_std_usage(int code, struct getargs *args, int num_args) @@ -48,13 +49,16 @@ krb5_program_setup(krb5_context *context, int argc, char **argv, struct getargs *args, int num_args, void (*usage)(int, struct getargs*, int)) { + krb5_error_code ret; int optind = 0; if(usage == NULL) usage = krb5_std_usage; set_progname(argv[0]); - krb5_init_context(context); + ret = krb5_init_context(context); + if (ret) + errx (1, "krb5_init_context failed: %d", ret); if(getarg(args, num_args, argc, argv, &optind)) (*usage)(1, args, num_args); diff --git a/crypto/heimdal/lib/krb5/rd_cred.c b/crypto/heimdal/lib/krb5/rd_cred.c index 71b79b1..ca8ff02 100644 --- a/crypto/heimdal/lib/krb5/rd_cred.c +++ b/crypto/heimdal/lib/krb5/rd_cred.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,13 +33,14 @@ #include -RCSID("$Id: rd_cred.c,v 1.9 2000/02/06 05:19:52 assar Exp $"); +RCSID("$Id: rd_cred.c,v 1.12 2001/01/04 16:19:00 joda Exp $"); krb5_error_code -krb5_rd_cred (krb5_context context, - krb5_auth_context auth_context, - krb5_ccache ccache, - krb5_data *in_data) +krb5_rd_cred(krb5_context context, + krb5_auth_context auth_context, + krb5_data *in_data, + krb5_creds ***ret_creds, + krb5_replay_data *out_data) { krb5_error_code ret; size_t len; @@ -49,9 +50,9 @@ krb5_rd_cred (krb5_context context, krb5_crypto crypto; int i; - ret = decode_KRB_CRED (in_data->data, in_data->length, - &cred, &len); - if (ret) + ret = decode_KRB_CRED(in_data->data, in_data->length, + &cred, &len); + if(ret) return ret; if (cred.pvno != 5) { @@ -64,16 +65,32 @@ krb5_rd_cred (krb5_context context, goto out; } - krb5_crypto_init(context, auth_context->remote_subkey, 0, &crypto); - ret = krb5_decrypt_EncryptedData(context, - crypto, - KRB5_KU_KRB_CRED, - &cred.enc_part, - &enc_krb_cred_part_data); - krb5_crypto_destroy(context, crypto); - if (ret) - goto out; - + if (cred.enc_part.etype == ETYPE_NULL) { + /* DK: MIT GSS-API Compatibility */ + enc_krb_cred_part_data.length = cred.enc_part.cipher.length; + enc_krb_cred_part_data.data = cred.enc_part.cipher.data; + } else { + if (auth_context->remote_subkey) + ret = krb5_crypto_init(context, auth_context->remote_subkey, + 0, &crypto); + else + ret = krb5_crypto_init(context, auth_context->keyblock, + 0, &crypto); + /* DK: MIT rsh */ + + if (ret) + goto out; + + ret = krb5_decrypt_EncryptedData(context, + crypto, + KRB5_KU_KRB_CRED, + &cred.enc_part, + &enc_krb_cred_part_data); + + krb5_crypto_destroy(context, crypto); + if (ret) + goto out; + } ret = krb5_decode_EncKrbCredPart (context, enc_krb_cred_part_data.data, @@ -86,7 +103,8 @@ krb5_rd_cred (krb5_context context, /* check sender address */ if (enc_krb_cred_part.s_address - && auth_context->remote_address) { + && auth_context->remote_address + && auth_context->remote_port) { krb5_address *a; int cmp; @@ -113,6 +131,7 @@ krb5_rd_cred (krb5_context context, /* check receiver address */ if (enc_krb_cred_part.r_address + && auth_context->local_address && !krb5_address_compare (context, auth_context->local_address, enc_krb_cred_part.r_address)) { @@ -135,51 +154,104 @@ krb5_rd_cred (krb5_context context, } } - /* XXX - check replay cache */ + if(out_data != NULL) { + if(enc_krb_cred_part.timestamp) + out_data->timestamp = *enc_krb_cred_part.timestamp; + else + out_data->timestamp = 0; + if(enc_krb_cred_part.usec) + out_data->usec = *enc_krb_cred_part.usec; + else + out_data->usec = 0; + if(enc_krb_cred_part.nonce) + out_data->seq = *enc_krb_cred_part.nonce; + else + out_data->seq = 0; + } + + /* Convert to NULL terminated list of creds */ - /* Store the creds in the ccache */ + *ret_creds = calloc(enc_krb_cred_part.ticket_info.len + 1, + sizeof(**ret_creds)); for (i = 0; i < enc_krb_cred_part.ticket_info.len; ++i) { KrbCredInfo *kci = &enc_krb_cred_part.ticket_info.val[i]; - krb5_creds creds; + krb5_creds *creds; u_char buf[1024]; size_t len; - memset (&creds, 0, sizeof(creds)); + creds = calloc(1, sizeof(*creds)); + if(creds == NULL) { + ret = ENOMEM; + goto out; + } ret = encode_Ticket (buf + sizeof(buf) - 1, sizeof(buf), &cred.tickets.val[i], &len); if (ret) goto out; - krb5_data_copy (&creds.ticket, buf + sizeof(buf) - len, len); - copy_EncryptionKey (&kci->key, &creds.session); + krb5_data_copy (&creds->ticket, buf + sizeof(buf) - len, len); + copy_EncryptionKey (&kci->key, &creds->session); if (kci->prealm && kci->pname) - principalname2krb5_principal (&creds.client, + principalname2krb5_principal (&creds->client, *kci->pname, *kci->prealm); if (kci->flags) - creds.flags.b = *kci->flags; + creds->flags.b = *kci->flags; if (kci->authtime) - creds.times.authtime = *kci->authtime; + creds->times.authtime = *kci->authtime; if (kci->starttime) - creds.times.starttime = *kci->starttime; + creds->times.starttime = *kci->starttime; if (kci->endtime) - creds.times.endtime = *kci->endtime; + creds->times.endtime = *kci->endtime; if (kci->renew_till) - creds.times.renew_till = *kci->renew_till; + creds->times.renew_till = *kci->renew_till; if (kci->srealm && kci->sname) - principalname2krb5_principal (&creds.server, + principalname2krb5_principal (&creds->server, *kci->sname, *kci->srealm); if (kci->caddr) krb5_copy_addresses (context, kci->caddr, - &creds.addresses); - krb5_cc_store_cred (context, ccache, &creds); + &creds->addresses); + + (*ret_creds)[i] = creds; + } + (*ret_creds)[i] = NULL; + return 0; out: free_KRB_CRED (&cred); + if(*ret_creds) { + for(i = 0; (*ret_creds)[i]; i++) + krb5_free_creds(context, (*ret_creds)[i]); + free(*ret_creds); + } return ret; } + +krb5_error_code +krb5_rd_cred2 (krb5_context context, + krb5_auth_context auth_context, + krb5_ccache ccache, + krb5_data *in_data) +{ + krb5_error_code ret; + krb5_creds **creds; + int i; + + ret = krb5_rd_cred(context, auth_context, in_data, &creds, NULL); + if(ret) + return ret; + + /* Store the creds in the ccache */ + + for(i = 0; creds && creds[i]; i++) { + krb5_cc_store_cred(context, ccache, creds[i]); + krb5_free_creds(context, creds[i]); + } + free(creds); + return 0; +} diff --git a/crypto/heimdal/lib/krb5/rd_priv.c b/crypto/heimdal/lib/krb5/rd_priv.c index c4d7bea..62350ba 100644 --- a/crypto/heimdal/lib/krb5/rd_priv.c +++ b/crypto/heimdal/lib/krb5/rd_priv.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include -RCSID("$Id: rd_priv.c,v 1.23 2000/02/06 05:20:13 assar Exp $"); +RCSID("$Id: rd_priv.c,v 1.27 2001/01/19 04:27:09 assar Exp $"); krb5_error_code krb5_rd_priv(krb5_context context, @@ -72,7 +72,9 @@ krb5_rd_priv(krb5_context context, else key = auth_context->keyblock; - krb5_crypto_init(context, key, 0, &crypto); + ret = krb5_crypto_init(context, key, 0, &crypto); + if (ret) + goto failure; ret = krb5_decrypt_EncryptedData(context, crypto, KRB5_KU_KRB_PRIV, @@ -124,13 +126,19 @@ krb5_rd_priv(krb5_context context, /* XXX - check replay cache */ - /* check sequence number */ + /* check sequence number. since MIT krb5 cannot generate a sequence + number of zero but instead generates no sequence number, we accept that + */ + if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) { - if (part.seq_number == NULL || - *part.seq_number != ++auth_context->remote_seqnumber) { - ret = KRB5KRB_AP_ERR_BADORDER; - goto failure_part; - } + if ((part.seq_number == NULL + && auth_context->remote_seqnumber != 0) + || (part.seq_number != NULL + && *part.seq_number != auth_context->remote_seqnumber)) { + ret = KRB5KRB_AP_ERR_BADORDER; + goto failure_part; + } + auth_context->remote_seqnumber++; } ret = krb5_data_copy (outbuf, part.user_data.data, part.user_data.length); diff --git a/crypto/heimdal/lib/krb5/rd_rep.c b/crypto/heimdal/lib/krb5/rd_rep.c index e2c401c..20f2033 100644 --- a/crypto/heimdal/lib/krb5/rd_rep.c +++ b/crypto/heimdal/lib/krb5/rd_rep.c @@ -33,7 +33,7 @@ #include -RCSID("$Id: rd_rep.c,v 1.19 1999/12/02 17:05:12 joda Exp $"); +RCSID("$Id: rd_rep.c,v 1.20 2000/08/18 06:49:03 assar Exp $"); krb5_error_code krb5_rd_rep(krb5_context context, @@ -62,7 +62,9 @@ krb5_rd_rep(krb5_context context, goto out; } - krb5_crypto_init(context, auth_context->keyblock, 0, &crypto); + ret = krb5_crypto_init(context, auth_context->keyblock, 0, &crypto); + if (ret) + goto out; ret = krb5_decrypt_EncryptedData (context, crypto, KRB5_KU_AP_REQ_ENC_PART, diff --git a/crypto/heimdal/lib/krb5/rd_req.c b/crypto/heimdal/lib/krb5/rd_req.c index bcf4ecf..922137a 100644 --- a/crypto/heimdal/lib/krb5/rd_req.c +++ b/crypto/heimdal/lib/krb5/rd_req.c @@ -33,7 +33,7 @@ #include -RCSID("$Id: rd_req.c,v 1.41 2000/02/07 13:31:55 joda Exp $"); +RCSID("$Id: rd_req.c,v 1.44 2000/11/15 23:16:28 assar Exp $"); static krb5_error_code decrypt_tkt_enc_part (krb5_context context, @@ -46,7 +46,9 @@ decrypt_tkt_enc_part (krb5_context context, size_t len; krb5_crypto crypto; - krb5_crypto_init(context, key, 0, &crypto); + ret = krb5_crypto_init(context, key, 0, &crypto); + if (ret) + return ret; ret = krb5_decrypt_EncryptedData (context, crypto, KRB5_KU_TICKET, @@ -66,19 +68,29 @@ static krb5_error_code decrypt_authenticator (krb5_context context, EncryptionKey *key, EncryptedData *enc_part, - Authenticator *authenticator) + Authenticator *authenticator, + krb5_key_usage usage) { krb5_error_code ret; krb5_data plain; size_t len; krb5_crypto crypto; - krb5_crypto_init(context, key, 0, &crypto); + ret = krb5_crypto_init(context, key, 0, &crypto); + if (ret) + return ret; ret = krb5_decrypt_EncryptedData (context, crypto, - KRB5_KU_AP_REQ_AUTH, + usage /* KRB5_KU_AP_REQ_AUTH */, enc_part, &plain); + /* for backwards compatibility, also try the old usage */ + if (ret && usage == KRB5_KU_TGS_REQ_AUTH) + ret = krb5_decrypt_EncryptedData (context, + crypto, + KRB5_KU_AP_REQ_AUTH, + enc_part, + &plain); krb5_crypto_destroy(context, crypto); if (ret) return ret; @@ -136,10 +148,14 @@ krb5_decrypt_ticket(krb5_context context, start = *t.starttime; if(start - now > context->max_skew || (t.flags.invalid - && !(flags & KRB5_VERIFY_AP_REQ_IGNORE_INVALID))) + && !(flags & KRB5_VERIFY_AP_REQ_IGNORE_INVALID))) { + free_EncTicketPart(&t); return KRB5KRB_AP_ERR_TKT_NYV; - if(now - t.endtime > context->max_skew) + } + if(now - t.endtime > context->max_skew) { + free_EncTicketPart(&t); return KRB5KRB_AP_ERR_TKT_EXPIRED; + } } if(out) @@ -222,19 +238,40 @@ krb5_verify_ap_req(krb5_context context, krb5_flags *ap_req_options, krb5_ticket **ticket) { + return krb5_verify_ap_req2 (context, + auth_context, + ap_req, + server, + keyblock, + flags, + ap_req_options, + ticket, + KRB5_KU_AP_REQ_AUTH); +} + +krb5_error_code +krb5_verify_ap_req2(krb5_context context, + krb5_auth_context *auth_context, + krb5_ap_req *ap_req, + krb5_const_principal server, + krb5_keyblock *keyblock, + krb5_flags flags, + krb5_flags *ap_req_options, + krb5_ticket **ticket, + krb5_key_usage usage) +{ krb5_ticket t; krb5_auth_context ac; krb5_error_code ret; - if(auth_context) { - if(*auth_context == NULL){ - krb5_auth_con_init(context, &ac); - *auth_context = ac; - }else - ac = *auth_context; - } else - krb5_auth_con_init(context, &ac); - + if (auth_context && *auth_context) { + ac = *auth_context; + } else { + ret = krb5_auth_con_init (context, &ac); + if (ret) + return ret; + } + if (ap_req->ap_options.use_session_key && ac->keyblock){ ret = krb5_decrypt_ticket(context, &ap_req->ticket, ac->keyblock, @@ -249,7 +286,7 @@ krb5_verify_ap_req(krb5_context context, flags); if(ret) - return ret; + goto out; principalname2krb5_principal(&t.server, ap_req->ticket.sname, ap_req->ticket.realm); @@ -263,11 +300,10 @@ krb5_verify_ap_req(krb5_context context, ret = decrypt_authenticator (context, &t.ticket.key, &ap_req->authenticator, - ac->authenticator); - if (ret){ - /* XXX free data */ - return ret; - } + ac->authenticator, + usage); + if (ret) + goto out2; { krb5_principal p1, p2; @@ -282,8 +318,10 @@ krb5_verify_ap_req(krb5_context context, res = krb5_principal_compare (context, p1, p2); krb5_free_principal (context, p1); krb5_free_principal (context, p2); - if (!res) - return KRB5KRB_AP_ERR_BADMATCH; + if (!res) { + ret = KRB5KRB_AP_ERR_BADMATCH; + goto out2; + } } /* check addresses */ @@ -292,8 +330,10 @@ krb5_verify_ap_req(krb5_context context, && ac->remote_address && !krb5_address_search (context, ac->remote_address, - t.ticket.caddr)) - return KRB5KRB_AP_ERR_BADADDR; + t.ticket.caddr)) { + ret = KRB5KRB_AP_ERR_BADADDR; + goto out2; + } if (ac->authenticator->seq_number) ac->remote_seqnumber = *ac->authenticator->seq_number; @@ -322,7 +362,18 @@ krb5_verify_ap_req(krb5_context context, **ticket = t; } else krb5_free_ticket (context, &t); + if (auth_context) { + if (*auth_context == NULL) + *auth_context = ac; + } else + krb5_auth_con_free (context, ac); return 0; + out2: + krb5_free_ticket (context, &t); + out: + if (auth_context == NULL || *auth_context == NULL) + krb5_auth_con_free (context, ac); + return ret; } diff --git a/crypto/heimdal/lib/krb5/rd_safe.c b/crypto/heimdal/lib/krb5/rd_safe.c index fb7cc2d..07628d9 100644 --- a/crypto/heimdal/lib/krb5/rd_safe.c +++ b/crypto/heimdal/lib/krb5/rd_safe.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include -RCSID("$Id: rd_safe.c,v 1.19 2000/02/06 05:20:51 assar Exp $"); +RCSID("$Id: rd_safe.c,v 1.23 2001/01/19 04:25:37 assar Exp $"); static krb5_error_code verify_checksum(krb5_context context, @@ -65,7 +65,9 @@ verify_checksum(krb5_context context, buf_size, safe, &len); - krb5_crypto_init(context, auth_context->keyblock, 0, &crypto); + ret = krb5_crypto_init(context, auth_context->keyblock, 0, &crypto); + if (ret) + goto out; ret = krb5_verify_checksum (context, crypto, KRB5_KU_KRB_SAFE_CKSUM, @@ -144,13 +146,20 @@ krb5_rd_safe(krb5_context context, } /* XXX - check replay cache */ - /* check sequence number */ + /* check sequence number. since MIT krb5 cannot generate a sequence + number of zero but instead generates no sequence number, we accept that + */ + if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) { - if (safe.safe_body.seq_number == NULL || - *safe.safe_body.seq_number != ++auth_context->remote_seqnumber) { + if ((safe.safe_body.seq_number == NULL + && auth_context->remote_seqnumber != 0) + || (safe.safe_body.seq_number != NULL + && *safe.safe_body.seq_number != + auth_context->remote_seqnumber)) { ret = KRB5KRB_AP_ERR_BADORDER; goto failure; } + auth_context->remote_seqnumber++; } ret = verify_checksum (context, auth_context, &safe); diff --git a/crypto/heimdal/lib/krb5/read_message.c b/crypto/heimdal/lib/krb5/read_message.c index f2cae03..45d6b62 100644 --- a/crypto/heimdal/lib/krb5/read_message.c +++ b/crypto/heimdal/lib/krb5/read_message.c @@ -33,7 +33,7 @@ #include "krb5_locl.h" -RCSID("$Id: read_message.c,v 1.5 1999/12/02 17:05:12 joda Exp $"); +RCSID("$Id: read_message.c,v 1.7 2000/07/21 22:54:09 joda Exp $"); krb5_error_code krb5_read_message (krb5_context context, @@ -49,7 +49,7 @@ krb5_read_message (krb5_context context, return errno; if(ret < 4) { data->length = 0; - return 0; + return HEIM_ERR_EOF; } len = (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3]; ret = krb5_data_alloc (data, len); @@ -61,3 +61,41 @@ krb5_read_message (krb5_context context, } return 0; } + +krb5_error_code +krb5_read_priv_message(krb5_context context, + krb5_auth_context ac, + krb5_pointer p_fd, + krb5_data *data) +{ + krb5_error_code ret; + krb5_data packet; + + ret = krb5_read_message(context, p_fd, &packet); + if(ret) + return ret; + ret = krb5_rd_priv (context, ac, &packet, data, NULL); + krb5_data_free(&packet); + if(ret) + return ret; + return ret; +} + +krb5_error_code +krb5_read_safe_message(krb5_context context, + krb5_auth_context ac, + krb5_pointer p_fd, + krb5_data *data) +{ + krb5_error_code ret; + krb5_data packet; + + ret = krb5_read_message(context, p_fd, &packet); + if(ret) + return ret; + ret = krb5_rd_safe (context, ac, &packet, data, NULL); + krb5_data_free(&packet); + if(ret) + return ret; + return ret; +} diff --git a/crypto/heimdal/lib/krb5/recvauth.c b/crypto/heimdal/lib/krb5/recvauth.c index 49fe7b6..3c11254 100644 --- a/crypto/heimdal/lib/krb5/recvauth.c +++ b/crypto/heimdal/lib/krb5/recvauth.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "krb5_locl.h" -RCSID("$Id: recvauth.c,v 1.12 1999/12/02 17:05:12 joda Exp $"); +RCSID("$Id: recvauth.c,v 1.13 2000/12/06 20:59:05 joda Exp $"); /* * See `sendauth.c' for the format. @@ -177,7 +177,7 @@ krb5_recvauth_match_version(krb5_context context, return errno; if (ap_options & AP_OPTS_MUTUAL_REQUIRED) { - ret = krb5_mk_rep (context, auth_context, &data); + ret = krb5_mk_rep (context, *auth_context, &data); if (ret) return ret; diff --git a/crypto/heimdal/lib/krb5/replay.c b/crypto/heimdal/lib/krb5/replay.c index 3ca68e8..2935cfc 100644 --- a/crypto/heimdal/lib/krb5/replay.c +++ b/crypto/heimdal/lib/krb5/replay.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -32,6 +32,9 @@ */ #include "krb5_locl.h" +#include + +RCSID("$Id: replay.c,v 1.7 2001/01/29 02:09:00 assar Exp $"); struct krb5_rcache_data { char *name; @@ -82,6 +85,12 @@ krb5_rc_default_name(krb5_context context) return "FILE:/var/run/default_rcache"; } +const char * +krb5_rc_default_type(krb5_context context) +{ + return "FILE"; +} + krb5_error_code krb5_rc_default(krb5_context context, krb5_rcache *id) @@ -140,20 +149,20 @@ checksum_authenticator(Authenticator *auth, void *data) MD5_CTX md5; int i; - MD5Init (&md5); - MD5Update (&md5, auth->crealm, strlen(auth->crealm)); + MD5_Init (&md5); + MD5_Update (&md5, auth->crealm, strlen(auth->crealm)); for(i = 0; i < auth->cname.name_string.len; i++) - MD5Update(&md5, auth->cname.name_string.val[i], - strlen(auth->cname.name_string.val[i])); - MD5Update (&md5, &auth->ctime, sizeof(auth->ctime)); - MD5Update (&md5, &auth->cusec, sizeof(auth->cusec)); - MD5Final (&md5, data); + MD5_Update(&md5, auth->cname.name_string.val[i], + strlen(auth->cname.name_string.val[i])); + MD5_Update (&md5, &auth->ctime, sizeof(auth->ctime)); + MD5_Update (&md5, &auth->cusec, sizeof(auth->cusec)); + MD5_Final (data, &md5); } krb5_error_code krb5_rc_store(krb5_context context, krb5_rcache id, - krb5_donot_reply *rep) + krb5_donot_replay *rep) { struct rc_entry ent, tmp; time_t t; @@ -209,6 +218,7 @@ krb5_rc_get_lifespan(krb5_context context, } return KRB5_RC_IO_UNKNOWN; } + const char* krb5_rc_get_name(krb5_context context, krb5_rcache id) @@ -223,3 +233,32 @@ krb5_rc_get_type(krb5_context context, return "FILE"; } +krb5_error_code +krb5_get_server_rcache(krb5_context context, + const krb5_data *piece, + krb5_rcache *id) +{ + krb5_rcache rcache; + krb5_error_code ret; + + char *tmp = malloc(4 * piece->length + 1); + char *name; + if(tmp == NULL) + return ENOMEM; + strvisx(tmp, piece->data, piece->length, VIS_WHITE | VIS_OCTAL); +#ifdef HAVE_GETEUID + asprintf(&name, "FILE:rc_%s_%u", tmp, geteuid()); +#else + asprintf(&name, "FILE:rc_%s", tmp); +#endif + free(tmp); + if(name == NULL) + return ENOMEM; + + ret = krb5_rc_resolve_full(context, &rcache, name); + free(name); + if(ret) + return ret; + *id = rcache; + return ret; +} diff --git a/crypto/heimdal/lib/krb5/send_to_kdc.c b/crypto/heimdal/lib/krb5/send_to_kdc.c index 2872322..e2b884d 100644 --- a/crypto/heimdal/lib/krb5/send_to_kdc.c +++ b/crypto/heimdal/lib/krb5/send_to_kdc.c @@ -33,7 +33,7 @@ #include "krb5_locl.h" -RCSID("$Id: send_to_kdc.c,v 1.36 2000/01/06 07:59:11 assar Exp $"); +RCSID("$Id: send_to_kdc.c,v 1.40 2000/11/15 01:48:23 assar Exp $"); /* * send the data in `req' on the socket `fd' (which is datagram iff udp) @@ -54,6 +54,10 @@ recv_loop (int fd, int ret; int nbytes; + if (fd >= FD_SETSIZE) { + return -1; + } + krb5_data_zero(rep); do { FD_ZERO(&fdset); @@ -237,7 +241,8 @@ send_via_proxy (krb5_context context, const krb5_data *send, krb5_data *receive) { - char *proxy = strdup(context->http_proxy); + char *proxy2 = strdup(context->http_proxy); + char *proxy = proxy2; char *prefix; char *colon; struct addrinfo hints; @@ -246,6 +251,11 @@ send_via_proxy (krb5_context context, int s; char portstr[NI_MAXSERV]; + if (proxy == NULL) + return ENOMEM; + if (strncmp (proxy, "http://", 7) == 0) + proxy += 7; + colon = strchr(proxy, ':'); if(colon != NULL) *colon++ = '\0'; @@ -254,10 +264,10 @@ send_via_proxy (krb5_context context, hints.ai_socktype = SOCK_STREAM; snprintf (portstr, sizeof(portstr), "%d", ntohs(init_port (colon, htons(80)))); - ret = getaddrinfo (proxy, portstr, NULL, &ai); - free (proxy); + ret = getaddrinfo (proxy, portstr, &hints, &ai); + free (proxy2); if (ret) - return ret; + return krb5_eai_to_heim_errno(ret); for (a = ai; a != NULL; a = a->ai_next) { s = socket (a->ai_family, a->ai_socktype, a->ai_protocol); @@ -295,26 +305,17 @@ send_via_proxy (krb5_context context, */ krb5_error_code -krb5_sendto_kdc (krb5_context context, - const krb5_data *send, - const krb5_realm *realm, - krb5_data *receive) +krb5_sendto (krb5_context context, + const krb5_data *send, + char **hostlist, + int port, + krb5_data *receive) { - krb5_error_code ret; - char **hostlist, **hp, *p; + krb5_error_code ret = 0; + char **hp, *p; int fd; - int port; int i; - port = krb5_getportbyname (context, "kerberos", "udp", 88); - - if (context->use_admin_kdc) - ret = krb5_get_krb_admin_hst (context, realm, &hostlist); - else - ret = krb5_get_krbhst (context, realm, &hostlist); - if (ret) - return ret; - for (i = 0; i < context->max_retries; ++i) for (hp = hostlist; (p = *hp); ++hp) { char *colon; @@ -390,6 +391,38 @@ krb5_sendto_kdc (krb5_context context, } ret = KRB5_KDC_UNREACH; out: - krb5_free_krbhst (context, hostlist); return ret; } + +krb5_error_code +krb5_sendto_kdc2(krb5_context context, + const krb5_data *send, + const krb5_realm *realm, + krb5_data *receive, + krb5_boolean master) +{ + krb5_error_code ret; + char **hostlist; + int port; + + port = krb5_getportbyname (context, "kerberos", "udp", 88); + + if (master || context->use_admin_kdc) + ret = krb5_get_krb_admin_hst (context, realm, &hostlist); + else + ret = krb5_get_krbhst (context, realm, &hostlist); + if (ret) + return ret; + ret = krb5_sendto(context, send, hostlist, port, receive); + krb5_free_krbhst (context, hostlist); + return ret; +} + +krb5_error_code +krb5_sendto_kdc(krb5_context context, + const krb5_data *send, + const krb5_realm *realm, + krb5_data *receive) +{ + return krb5_sendto_kdc2(context, send, realm, receive, FALSE); +} diff --git a/crypto/heimdal/lib/krb5/sock_principal.c b/crypto/heimdal/lib/krb5/sock_principal.c index bfd4eb4..477622d 100644 --- a/crypto/heimdal/lib/krb5/sock_principal.c +++ b/crypto/heimdal/lib/krb5/sock_principal.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "krb5_locl.h" -RCSID("$Id: sock_principal.c,v 1.9 1999/12/02 17:05:12 joda Exp $"); +RCSID("$Id: sock_principal.c,v 1.11 2000/08/09 20:53:11 assar Exp $"); krb5_error_code krb5_sock_to_principal (krb5_context context, @@ -46,10 +46,11 @@ krb5_sock_to_principal (krb5_context context, krb5_address address; struct sockaddr_storage __ss; struct sockaddr *sa = (struct sockaddr *)&__ss; - int len = sizeof(__ss); + socklen_t len = sizeof(__ss); struct hostent *hostent; int family; char hname[256]; + char *tmp; if (getsockname (sock, sa, &len) < 0) return errno; @@ -65,7 +66,18 @@ krb5_sock_to_principal (krb5_context context, if (hostent == NULL) return h_errno; - strlcpy(hname, hostent->h_name, sizeof(hname)); + tmp = hostent->h_name; + if (strchr(tmp, '.') == NULL) { + char **a; + + for (a = hostent->h_aliases; a != NULL && *a != NULL; ++a) + if (strchr(*a, '.') != NULL) { + tmp = *a; + break; + } + } + + strlcpy(hname, tmp, sizeof(hname)); return krb5_sname_to_principal (context, hname, sname, diff --git a/crypto/heimdal/lib/krb5/store.c b/crypto/heimdal/lib/krb5/store.c index 17b1547..5f9d659 100644 --- a/crypto/heimdal/lib/krb5/store.c +++ b/crypto/heimdal/lib/krb5/store.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "krb5_locl.h" -RCSID("$Id: store.c,v 1.32 1999/12/02 17:05:12 joda Exp $"); +RCSID("$Id: store.c,v 1.34 2000/04/11 00:46:09 assar Exp $"); void krb5_storage_set_flags(krb5_storage *sp, krb5_flags flags) @@ -275,8 +275,7 @@ krb5_ret_string(krb5_storage *sp, } krb5_error_code -krb5_store_stringz(krb5_storage *sp, - char *s) +krb5_store_stringz(krb5_storage *sp, const char *s) { size_t len = strlen(s) + 1; ssize_t ret; @@ -554,20 +553,46 @@ krb5_ret_authdata(krb5_storage *sp, krb5_authdata *auth) return ret; } +/* + * store `creds' on `sp' returning error or zero + */ + krb5_error_code krb5_store_creds(krb5_storage *sp, krb5_creds *creds) { - krb5_store_principal(sp, creds->client); - krb5_store_principal(sp, creds->server); - krb5_store_keyblock(sp, creds->session); - krb5_store_times(sp, creds->times); - krb5_store_int8(sp, 0); /* this is probably the + int ret; + + ret = krb5_store_principal(sp, creds->client); + if (ret) + return ret; + ret = krb5_store_principal(sp, creds->server); + if (ret) + return ret; + ret = krb5_store_keyblock(sp, creds->session); + if (ret) + return ret; + ret = krb5_store_times(sp, creds->times); + if (ret) + return ret; + ret = krb5_store_int8(sp, 0); /* this is probably the enc-tkt-in-skey bit from KDCOptions */ - krb5_store_int32(sp, creds->flags.i); - krb5_store_addrs(sp, creds->addresses); - krb5_store_authdata(sp, creds->authdata); - krb5_store_data(sp, creds->ticket); - krb5_store_data(sp, creds->second_ticket); + if (ret) + return ret; + ret = krb5_store_int32(sp, creds->flags.i); + if (ret) + return ret; + ret = krb5_store_addrs(sp, creds->addresses); + if (ret) + return ret; + ret = krb5_store_authdata(sp, creds->authdata); + if (ret) + return ret; + ret = krb5_store_data(sp, creds->ticket); + if (ret) + return ret; + ret = krb5_store_data(sp, creds->second_ticket); + if (ret) + return ret; return 0; } diff --git a/crypto/heimdal/lib/krb5/store_emem.c b/crypto/heimdal/lib/krb5/store_emem.c index d2497ef..4d531c6 100644 --- a/crypto/heimdal/lib/krb5/store_emem.c +++ b/crypto/heimdal/lib/krb5/store_emem.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 200 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "krb5_locl.h" -RCSID("$Id: store_emem.c,v 1.9 1999/12/02 17:05:12 joda Exp $"); +RCSID("$Id: store_emem.c,v 1.10 2000/05/19 14:39:49 assar Exp $"); typedef struct emem_storage{ unsigned char *base; @@ -54,7 +54,7 @@ emem_fetch(krb5_storage *sp, void *data, size_t size) } static ssize_t -emem_store(krb5_storage *sp, void *data, size_t size) +emem_store(krb5_storage *sp, const void *data, size_t size) { emem_storage *s = (emem_storage*)sp->data; if(size > s->base + s->size - s->ptr){ diff --git a/crypto/heimdal/lib/krb5/store_fd.c b/crypto/heimdal/lib/krb5/store_fd.c index e4c507c..2c795bd 100644 --- a/crypto/heimdal/lib/krb5/store_fd.c +++ b/crypto/heimdal/lib/krb5/store_fd.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "krb5_locl.h" -RCSID("$Id: store_fd.c,v 1.6 1999/12/02 17:05:13 joda Exp $"); +RCSID("$Id: store_fd.c,v 1.8 2001/01/29 02:32:35 assar Exp $"); typedef struct fd_storage{ int fd; @@ -44,13 +44,13 @@ typedef struct fd_storage{ static ssize_t fd_fetch(krb5_storage *sp, void *data, size_t size) { - return read(FD(sp), data, size); + return net_read(FD(sp), data, size); } static ssize_t -fd_store(krb5_storage *sp, void *data, size_t size) +fd_store(krb5_storage *sp, const void *data, size_t size) { - return write(FD(sp), data, size); + return net_write(FD(sp), data, size); } static off_t diff --git a/crypto/heimdal/lib/krb5/store_mem.c b/crypto/heimdal/lib/krb5/store_mem.c index a8019e6..e6c277a 100644 --- a/crypto/heimdal/lib/krb5/store_mem.c +++ b/crypto/heimdal/lib/krb5/store_mem.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "krb5_locl.h" -RCSID("$Id: store_mem.c,v 1.9 1999/12/02 17:05:13 joda Exp $"); +RCSID("$Id: store_mem.c,v 1.10 2000/05/19 14:39:02 assar Exp $"); typedef struct mem_storage{ unsigned char *base; @@ -53,7 +53,7 @@ mem_fetch(krb5_storage *sp, void *data, size_t size) } static ssize_t -mem_store(krb5_storage *sp, void *data, size_t size) +mem_store(krb5_storage *sp, const void *data, size_t size) { mem_storage *s = (mem_storage*)sp->data; if(size > s->base + s->size - s->ptr) diff --git a/crypto/heimdal/lib/krb5/string-to-key-test.c b/crypto/heimdal/lib/krb5/string-to-key-test.c index 0e884d0..6e6c0b6 100644 --- a/crypto/heimdal/lib/krb5/string-to-key-test.c +++ b/crypto/heimdal/lib/krb5/string-to-key-test.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -32,7 +32,7 @@ #include "krb5_locl.h" -RCSID("$Id: string-to-key-test.c,v 1.2 1999/10/28 23:10:38 assar Exp $"); +RCSID("$Id: string-to-key-test.c,v 1.4 2000/12/31 08:03:54 assar Exp $"); enum { MAXSIZE = 24 }; @@ -60,6 +60,9 @@ static struct testcase { {0x7f, 0x40, 0x67, 0xb9, 0xbc, 0xc4, 0x40, 0xfb, 0x43, 0x73, 0xd9, 0xd3, 0xcd, 0x7c, 0xc7, 0x67, 0xe6, 0x79, 0x94, 0xd0, 0xa8, 0x34, 0xdf, 0x62}}, + {"does/not@MATTER", "foo", ETYPE_ARCFOUR_HMAC_MD5, + {0xac, 0x8e, 0x65, 0x7f, 0x83, 0xdf, 0x82, 0xbe, + 0xea, 0x5d, 0x43, 0xbd, 0xaf, 0x78, 0x00, 0xcc}}, {NULL} }; @@ -71,7 +74,9 @@ main(int argc, char **argv) krb5_error_code ret; int val = 0; - krb5_init_context (&context); + ret = krb5_init_context (&context); + if (ret) + errx (1, "krb5_init_context failed: %d", ret); for (t = tests; t->principal_name; ++t) { krb5_keyblock key; diff --git a/crypto/heimdal/lib/krb5/test_get_addrs.c b/crypto/heimdal/lib/krb5/test_get_addrs.c new file mode 100644 index 0000000..96a8f89 --- /dev/null +++ b/crypto/heimdal/lib/krb5/test_get_addrs.c @@ -0,0 +1,78 @@ +/* + * Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of KTH nor the names of its contributors may be + * used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +#include "krb5_locl.h" +#include + +RCSID("$Id: test_get_addrs.c,v 1.3 2001/01/25 12:45:15 assar Exp $"); + +/* print all addresses that we find */ + +static void +print_addresses (krb5_context context, const krb5_addresses *addrs) +{ + int i; + char buf[256]; + size_t len; + + for (i = 0; i < addrs->len; ++i) { + krb5_print_address (&addrs->val[i], buf, sizeof(buf), &len); + printf ("%s\n", buf); + } +} + +int +main(int argc, char **argv) +{ + krb5_context context; + krb5_error_code ret; + krb5_addresses addrs; + + ret = krb5_init_context(&context); + if (ret) + errx (1, "krb5_init_context failed: %d", ret); + + ret = krb5_get_all_client_addrs (context, &addrs); + if (ret) + krb5_err (context, 1, ret, "krb5_get_all_client_addrs"); + printf ("client addresses\n"); + print_addresses (context, &addrs); + krb5_free_addresses (context, &addrs); + + ret = krb5_get_all_server_addrs (context, &addrs); + if (ret) + krb5_err (context, 1, ret, "krb5_get_all_server_addrs"); + printf ("server addresses\n"); + print_addresses (context, &addrs); + krb5_free_addresses (context, &addrs); + return 0; +} diff --git a/crypto/heimdal/lib/krb5/time.c b/crypto/heimdal/lib/krb5/time.c index e5a1185..98121b4 100644 --- a/crypto/heimdal/lib/krb5/time.c +++ b/crypto/heimdal/lib/krb5/time.c @@ -33,7 +33,7 @@ #include "krb5_locl.h" -RCSID("$Id: time.c,v 1.3 2000/02/06 05:21:53 assar Exp $"); +RCSID("$Id: time.c,v 1.4 2000/06/29 08:20:52 joda Exp $"); /* * return ``corrected'' time in `timeret'. @@ -64,3 +64,16 @@ krb5_us_timeofday (krb5_context context, *usec = tv.tv_usec; /* XXX */ return 0; } + +krb5_error_code +krb5_format_time(krb5_context context, time_t t, + char *s, size_t len, krb5_boolean include_time) +{ + struct tm *tm; + if(context->log_utc) + tm = gmtime (&t); + else + tm = localtime(&t); + strftime(s, len, include_time ? context->time_fmt : context->date_fmt, tm); + return 0; +} diff --git a/crypto/heimdal/lib/krb5/verify_krb5_conf.8 b/crypto/heimdal/lib/krb5/verify_krb5_conf.8 new file mode 100644 index 0000000..55cdc92 --- /dev/null +++ b/crypto/heimdal/lib/krb5/verify_krb5_conf.8 @@ -0,0 +1,33 @@ +.\" $Id: verify_krb5_conf.8,v 1.2 2000/03/04 14:07:50 assar Exp $ +.\" +.Dd March 4, 2000 +.Dt VERIFY_KRB5_CONF 8 +.Os HEIMDAL +.Sh NAME +.Nm verify_krb5_conf +.Nd +does a crude test that +.Pa krb5.conf +does not contain any obvious syntax error +.Sh SYNOPSIS +.Nm +.Ar [config-file] +.Sh DESCRIPTION +.Nm +reads the configuration file +.Pa krb5.conf , +or the file given on the command line, +and parses it, thereby verifying that the syntax is not correctly wrong. +Since that file is read by almost all Kerberos programs but most of +them have no way of notifying the user that it could not be parsed, +this program is useful. +.Sh ENVIRONMENT +.Ev KRB5_CONFIG +points to the configuration file to read. +.Sh FILES +.Xr krb5.conf 5 +.Sh SEE ALSO +.Xr krb5.conf 5 +.Sh BUGS +It should know about what variables are actually used and warn about +unknown ones. diff --git a/crypto/heimdal/lib/krb5/verify_user.c b/crypto/heimdal/lib/krb5/verify_user.c index 10c22cb..758bc60 100644 --- a/crypto/heimdal/lib/krb5/verify_user.c +++ b/crypto/heimdal/lib/krb5/verify_user.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #include "krb5_locl.h" -RCSID("$Id: verify_user.c,v 1.11 1999/12/02 17:05:13 joda Exp $"); +RCSID("$Id: verify_user.c,v 1.12 2001/01/04 17:40:00 joda Exp $"); static krb5_error_code verify_common (krb5_context context, @@ -101,6 +101,9 @@ krb5_verify_user(krb5_context context, krb5_creds cred; krb5_get_init_creds_opt_init (&opt); + krb5_get_init_creds_opt_set_default_flags(context, NULL, + *krb5_princ_realm(context, principal), + &opt); ret = krb5_get_init_creds_password (context, &cred, @@ -152,6 +155,9 @@ krb5_verify_user_lrealm(krb5_context context, free (*krb5_princ_realm (context, principal)); krb5_princ_set_realm (context, principal, &tmp); + krb5_get_init_creds_opt_set_default_flags(context, NULL, + *krb5_princ_realm(context, principal), + &opt); ret = krb5_get_init_creds_password (context, &cred, principal, diff --git a/crypto/heimdal/lib/krb5/warn.c b/crypto/heimdal/lib/krb5/warn.c index b202f7d..1f594fb 100644 --- a/crypto/heimdal/lib/krb5/warn.c +++ b/crypto/heimdal/lib/krb5/warn.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -34,7 +34,7 @@ #include "krb5_locl.h" #include -RCSID("$Id: warn.c,v 1.10 1999/12/02 17:05:13 joda Exp $"); +RCSID("$Id: warn.c,v 1.11 2000/08/16 07:37:41 assar Exp $"); static krb5_error_code _warnerr(krb5_context context, int do_errtext, @@ -44,6 +44,7 @@ _warnerr(krb5_context context, int do_errtext, const char *args[2], **arg; char *msg = NULL; + args[0] = args[1] = NULL; arg = args; if(fmt){ strcat(xfmt, "%s"); diff --git a/crypto/heimdal/lib/krb5/write_message.c b/crypto/heimdal/lib/krb5/write_message.c index b7f2c28..2e394b6 100644 --- a/crypto/heimdal/lib/krb5/write_message.c +++ b/crypto/heimdal/lib/krb5/write_message.c @@ -33,7 +33,7 @@ #include "krb5_locl.h" -RCSID("$Id: write_message.c,v 1.4 1999/12/02 17:05:13 joda Exp $"); +RCSID("$Id: write_message.c,v 1.6 2000/07/21 23:49:09 joda Exp $"); krb5_error_code krb5_write_message (krb5_context context, @@ -44,12 +44,42 @@ krb5_write_message (krb5_context context, u_int8_t buf[4]; len = data->length; - buf[0] = (len >> 24) & 0xFF; - buf[1] = (len >> 16) & 0xFF; - buf[2] = (len >> 8) & 0xFF; - buf[3] = (len >> 0) & 0xFF; + _krb5_put_int(buf, len, 4); if (krb5_net_write (context, p_fd, buf, 4) != 4 || krb5_net_write (context, p_fd, data->data, len) != len) return errno; return 0; } + +krb5_error_code +krb5_write_priv_message(krb5_context context, + krb5_auth_context ac, + krb5_pointer p_fd, + krb5_data *data) +{ + krb5_error_code ret; + krb5_data packet; + ret = krb5_mk_priv (context, ac, data, &packet, NULL); + if(ret) + return ret; + ret = krb5_write_message(context, p_fd, &packet); + krb5_data_free(&packet); + return ret; +} + +krb5_error_code +krb5_write_safe_message(krb5_context context, + krb5_auth_context ac, + krb5_boolean priv, + krb5_pointer p_fd, + krb5_data *data) +{ + krb5_error_code ret; + krb5_data packet; + ret = krb5_mk_safe (context, ac, data, &packet, NULL); + if(ret) + return ret; + ret = krb5_write_message(context, p_fd, &packet); + krb5_data_free(&packet); + return ret; +} diff --git a/crypto/heimdal/lib/roken/ChangeLog b/crypto/heimdal/lib/roken/ChangeLog index 6da4be0..2e3ee9d 100644 --- a/crypto/heimdal/lib/roken/ChangeLog +++ b/crypto/heimdal/lib/roken/ChangeLog @@ -1,3 +1,264 @@ +2001-01-30 Assar Westerlund + + * Makefile.am (libroken_la_LDFLAGS): bump version to 11:1:2 + * print_version.c (print_version): add 2001 + +2001-01-29 Assar Westerlund + + * getifaddrs.c (getifaddrs2): copy the entire sockaddr + + * roken-common.h (_PATH_BSHELL): add + +2001-01-27 Assar Westerlund + + * roken.h.in: move __attribute__ to roken-common.h + + * esetenv.c (esetenv): cast to handle a setenv that takes a `char + * which is the case on Unicos + +2000-12-29 Assar Westerlund + + * Makefile.am (EXTRA_libroken_la_SOURCES): ifaddrs.h -> + ifaddrs.hin + +2000-12-25 Assar Westerlund + + * getarg.c (print_arg): add a case for arg_strings + +2000-12-15 Johan Danielsson + + * snprintf.c (append_string): handle NULL strings by printing + `(null)' + +2000-12-12 Johan Danielsson + + * roken-common.h: add c++ externs + + * roken.h.in: fix last commit differently + +2000-12-11 Assar Westerlund + + * err.hin (warnerr): remove, it's not part of the err.h interface + * roken-common.h (warnerr): moved here from err.hin + * Makefile.am (libroken_la_LDFLAGS): set version to 11:0:2 + * vis.c: s/u_int32_t/unsigned/ for systems that do not define + u_int32_t + +2000-12-10 Johan Danielsson + + * Makefile.am: rename some headers to avoid conflict with possible + system headers + +2000-12-06 Johan Danielsson + + * vis.c: make sure _DIAGASSERT is defined + + * unvis.c: make sure _DIAGASSERT is defined + + * Makefile.am: unvis.c, and vis.h + + * vis.h: vis.h from NetBSD + + * unvis.c: unvis from NetBSD + + * roken.h.in: cleanup previous + + * roken-common.h: make `extern "C"' into a macro, this make emacs + much happier + + * vis.c: strvis implementation from NetBSD + + * roken.h.in: add prototypes for strvis* + +2000-12-05 Johan Danielsson + + * ifaddrs.h: fix freeifaddrs prototype, and add ifa_broadaddr + macro + + * getifaddrs.c: free some memory + +2000-12-04 Johan Danielsson + + * ifaddrs.h: getifaddrs implementation using SIOCGIFCONFIG etc + + * getifaddrs.c: getifaddrs implementation using SIOCGIFCONFIG etc + +2000-10-08 Assar Westerlund + + * mini_inetd.c (mini_inetd): check that fds are not too large to + select on + +2000-09-24 Assar Westerlund + + * esetenv.c: new file/function + +2000-08-16 Assar Westerlund + + * Makefile.am: bump version to 10:0:1 + +2000-08-10 Assar Westerlund + + * mini_inetd.c (accept_it): type-correctness on parameters to + accept + +2000-08-07 Johan Danielsson + + * roken.h.in: add proto compat for getsockname + +2000-08-04 Johan Danielsson + + * write_pid.c: conditionalise pidfile + + * write_pid.c: add pidfile function + +2000-07-25 Johan Danielsson + + * Makefile.am: bump version to 9:0:0 + + * warnerr.c: add get_progname + +2000-07-24 Assar Westerlund + + * getaddrinfo.c (add_hostent): if there's no fqdn in `he' try + reverse resolving to see if there's a fuller name there. don't + use just-freed memory + +2000-07-22 Assar Westerlund + + * xdbm.h: do not define ndbm functions in terms of dbm functions + if we're using db + +2000-07-20 Assar Westerlund + + * rtbl.c (rtbl_format): avoid printing an empty row at the end + +2000-07-19 Johan Danielsson + + * Makefile.am: make this compatible with `make dist' + + * Makefile.am: revert version number for now + +2000-07-18 Johan Danielsson + + * configure.in: AM_PROG_LIBTOOL -> AC_PROG_LIBTOOL + +2000-07-17 Johan Danielsson + + * Makefile.am: set ACLOCAL_AMFLAGS + +2000-07-15 Johan Danielsson + + * getaddrinfo_hostspec.c: add new function that takes socktype + hint as parameter + +2000-07-09 Assar Westerlund + + * rtbl.c (rtbl_add_column): initialize `col' completely + + * configure.in: bring headers and functions more in-line with + what's actually being used + +2000-07-08 Johan Danielsson + + * roken.h.in: declare ether_addr and sockaddr_dl for AIX + + * rtbl.{c,h}: simple table functions + +2000-07-08 Assar Westerlund + + * configure.in (AM_INIT_AUTOMAKE): bump version to 10 + * configure.in (AC_BROKEN): add strsep_copy + * Makefile.am (ACLOCAL): fetch files from cf + +2000-07-01 Assar Westerlund + + * roken-common.h (pid_file_*): fix protos + +2000-06-28 Assar Westerlund + + * getnameinfo_verified.c (getnameinfo_verified): free memory + returned from getaddrinfo + +2000-06-27 Assar Westerlund + + * resolve.c: export string_to_type and type_to_string + * resolve.c: add key,sig,cert update test-program + * resolve.h: add key,sig,cert + +2000-06-21 Assar Westerlund + + * resolve.h: add T_SIG, T_KEY + * resolve.c: add SIG and KEY + * Makefile.am (libroken_la_SOURCES): add environment.c and + write_pid.c + + * write_pid.c: new file for writing a pid file. + + * environment.c: new file with functionality for reading + /etc/environment. From Ake Sandgren + +2000-06-12 Johan Danielsson + + * strsep_copy.c: strsep, but with const stringp so returns string + in separate buffer + +2000-05-23 Assar Westerlund + + * vsyslog.c (vsyslog): calculate length of new format string + correctly + +2000-05-22 Johan Danielsson + + * getusershell.c: implment the AIX version use + /etc/security/login.cfg + +2000-05-21 Assar Westerlund + + * vsyslog.c (vsyslog): actually handle `%m' + +2000-05-15 Assar Westerlund + + * Makefile.am (libroken_la_LDFLAGS): set version to 8:1:3 + + * roken-common.h: moved __attribute__ to roken.h.in + +2000-04-14 Assar Westerlund + + * getaddrinfo_hostspec.c (roken_getaddrinfo_hostspec): copy the + correct length from `hostspec'. based on a patch from Love + + +2000-04-09 Assar Westerlund + + * xdbm.h: only include one of db.h and the dbm-series + +2000-04-05 Assar Westerlund + + * resolve.c (_resolve_debug): explicitly set to zero. this moves + the variable from bss to data and the dynamic linker on MacOS + X/Darwin seems unhappy with stuff in the bss segment. + +2000-04-03 Assar Westerlund + + * Makefile.am: set version to 8:0:3 + +2000-03-11 Assar Westerlund + + * roken.h.in (_SS_PAD1SIZE): try to write an inpenetrable + expression that also works on Crays + +2000-03-09 Assar Westerlund + + * getarg.c (arg_match_short): backup optind when there's a missing + argument so that the error can point at the flag and not the + non-existant argument + +2000-03-03 Assar Westerlund + + * Makefile.in (SOURCES): add timeval.c + * Makefile.am (libroken_la_SOURCES): add timeval.c + * timeval.c: new file + 2000-02-19 Assar Westerlund * Makefile.am: set version to 7:1:2 diff --git a/crypto/heimdal/lib/roken/Makefile.am b/crypto/heimdal/lib/roken/Makefile.am index 3d303f8..23f2d59 100644 --- a/crypto/heimdal/lib/roken/Makefile.am +++ b/crypto/heimdal/lib/roken/Makefile.am @@ -1,35 +1,45 @@ -# $Id: Makefile.am,v 1.70 2000/02/19 18:53:13 assar Exp $ +# $Id: Makefile.am,v 1.94 2001/01/30 01:53:30 assar Exp $ -include $(top_srcdir)/Makefile.am.common +AUTOMAKE_OPTIONS = foreign no-dependencies -CLEANFILES = roken.h make-roken.c print_version.h +AM_CFLAGS += $(WFLAGS) + +## ACLOCAL = @ACLOCAL@ -I cf +ACLOCAL_AMFLAGS = -I ../../cf + +CLEANFILES = roken.h make-roken.c $(XHEADERS) lib_LTLIBRARIES = libroken.la -libroken_la_LDFLAGS = -version-info 7:1:2 +libroken_la_LDFLAGS = -version-info 11:1:2 + +noinst_PROGRAMS = make-roken + +nodist_make_roken_SOURCES = make-roken.c -noinst_PROGRAMS = make-roken make-print-version +check_PROGRAMS = parse_bytes-test \ + strpftime-test \ + getaddrinfo-test -check_PROGRAMS = parse_bytes-test strpftime-test getaddrinfo-test TESTS = $(check_PROGRAMS) -getaddrinfo_test_LDADD = libroken.la -parse_bytes_test_LDADD = libroken.la -strpftime_test_SOURCES = strpftime-test.c strftime.c strptime.c snprintf.c +LIB_crypt = @LIB_crypt@ -if KRB4 -if KRB5 -## need to link with des here; otherwise, if krb4 is shared the link -## will fail with unresolved references -make_print_version_LDADD += $(LIB_krb4) -ldes -endif -endif +common_LDADD = libroken.la $(LIB_crypt) + +strpftime_test_SOURCES = strpftime-test.c strftime.c strptime.c snprintf.c +##snprintf_test_SOURCES = snprintf-test.c snprintf.c +##snprintf_test_LDADD = $(common_LDADD) -lm +getaddrinfo_test_LDADD = $(common_LDADD) +parse_bytes_test_LDADD = $(common_LDADD) libroken_la_SOURCES = \ base64.c \ concat.c \ emalloc.c \ + environment.c \ eread.c \ erealloc.c \ + esetenv.c \ estrdup.c \ ewrite.c \ getaddrinfo_hostspec.c \ @@ -46,17 +56,23 @@ libroken_la_SOURCES = \ parse_bytes.c \ parse_time.c \ parse_units.c \ - print_version.c \ resolve.c \ roken_gethostby.c \ + rtbl.c \ + rtbl.h \ signal.c \ simple_exec.c \ snprintf.c \ socket.c \ strcollect.c \ + timeval.c \ tm2time.c \ + unvis.c \ verify.c \ + vis.c \ + vis.h \ warnerr.c \ + write_pid.c \ xdbm.h EXTRA_libroken_la_SOURCES = \ @@ -64,12 +80,12 @@ EXTRA_libroken_la_SOURCES = \ copyhostent.c \ daemon.c \ err.c \ - err.h \ + err.hin \ errx.c \ fchown.c \ flock.c \ fnmatch.c \ - fnmatch.h \ + fnmatch.hin \ freeaddrinfo.c \ freehostent.c \ gai_strerror.c \ @@ -79,15 +95,16 @@ EXTRA_libroken_la_SOURCES = \ geteuid.c \ getgid.c \ gethostname.c \ + getifaddrs.c \ getipnodebyaddr.c \ getipnodebyname.c \ - getnameinfo.c \ getopt.c \ gettimeofday.c \ getuid.c \ getusershell.c \ - glob.h \ + glob.hin \ hstrerror.c \ + ifaddrs.hin \ inet_aton.c \ inet_ntop.c \ inet_pton.c \ @@ -117,6 +134,7 @@ EXTRA_libroken_la_SOURCES = \ strnlen.c \ strptime.c \ strsep.c \ + strsep_copy.c \ strtok_r.c \ strupr.c \ swab.c \ @@ -130,20 +148,13 @@ EXTRA_libroken_la_SOURCES = \ warnx.c \ writev.c -EXTRA_DIST = resource.h roken.awk roken.def roken.dsp roken.h.in \ - roken.mak roken.rc - - +EXTRA_DIST = roken.awk roken.h.in libroken_la_LIBADD = @LTLIBOBJS@ -$(LTLIBOBJS) $(libroken_la_OBJECTS): roken.h - -include_HEADERS = $(err_h) base64.h getarg.h \ - parse_bytes.h parse_time.h parse_units.h \ - resolve.h roken.h roken-common.h +$(LTLIBOBJS) $(libroken_la_OBJECTS): $(include_HEADERS) roken.h -build_HEADERZ = $(err_h) $(fnmatch_h) $(glob_h) xdbm.h +BUILT_SOURCES = make-roken.c roken.h if have_err_h err_h = @@ -163,6 +174,40 @@ else glob_h = glob.h endif +if have_ifaddrs_h +ifaddrs_h = +else +ifaddrs_h = ifaddrs.h +endif + +if have_vis_h +vis_h = +else +vis_h = vis.h +endif + +## these are controlled by configure +XHEADERS = $(err_h) $(fnmatch_h) $(glob_h) $(ifaddrs_h) $(vis_h) + +include_HEADERS = \ + base64.h \ + getarg.h \ + parse_bytes.h \ + parse_time.h \ + parse_units.h \ + resolve.h \ + roken-common.h \ + rtbl.h \ + xdbm.h \ + $(XHEADERS) + +nodist_include_HEADERS = roken.h + + +SUFFIXES += .hin +.hin.h: + cp $< $@ + roken.h: make-roken$(EXEEXT) @./make-roken$(EXEEXT) > tmp.h ;\ if [ -f roken.h ] && cmp -s tmp.h roken.h ; then rm -f tmp.h ; \ @@ -170,10 +215,3 @@ roken.h: make-roken$(EXEEXT) make-roken.c: roken.h.in roken.awk $(AWK) -f $(srcdir)/roken.awk $(srcdir)/roken.h.in > make-roken.c - -print_version.lo: print_version.h - -print_version.h: make-print-version$(EXEEXT) - ./make-print-version$(EXEEXT) print_version.h - -make-print-version.o: $(top_builddir)/include/version.h diff --git a/crypto/heimdal/lib/roken/Makefile.in b/crypto/heimdal/lib/roken/Makefile.in index 6db3973..c779d46 100644 --- a/crypto/heimdal/lib/roken/Makefile.in +++ b/crypto/heimdal/lib/roken/Makefile.in @@ -1,6 +1,6 @@ -# Makefile.in generated automatically by automake 1.4 from Makefile.am +# Makefile.in generated automatically by automake 1.4a from Makefile.am -# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -10,15 +10,6 @@ # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. -# $Id: Makefile.am,v 1.70 2000/02/19 18:53:13 assar Exp $ - - -# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ - - -# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ - - SHELL = @SHELL@ srcdir = @srcdir@ @@ -40,8 +31,6 @@ mandir = @mandir@ includedir = @includedir@ oldincludedir = /usr/include -DESTDIR = - pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ @@ -54,9 +43,10 @@ AUTOMAKE = @AUTOMAKE@ AUTOHEADER = @AUTOHEADER@ INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_FLAG = transform = @program_transform_name@ NORMAL_INSTALL = : @@ -65,26 +55,39 @@ POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : + +@SET_MAKE@ host_alias = @host_alias@ host_triplet = @host@ -AFS_EXTRA_LD = @AFS_EXTRA_LD@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AMDEP = @AMDEP@ +AMTAR = @AMTAR@ +AS = @AS@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CPP = @CPP@ +CXX = @CXX@ +CXXCPP = @CXXCPP@ DBLIB = @DBLIB@ +DEPDIR = @DEPDIR@ +DIR_des = @DIR_des@ +DIR_roken = @DIR_roken@ +DLLTOOL = @DLLTOOL@ EXEEXT = @EXEEXT@ EXTRA_LIB45 = @EXTRA_LIB45@ GROFF = @GROFF@ +INCLUDES_roken = @INCLUDES_roken@ INCLUDE_ = @INCLUDE_@ -LD = @LD@ LEX = @LEX@ LIBOBJS = @LIBOBJS@ LIBTOOL = @LIBTOOL@ LIB_ = @LIB_@ LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_des = @LIB_des@ +LIB_des_appl = @LIB_des_appl@ LIB_kdb = @LIB_kdb@ LIB_otp = @LIB_otp@ LIB_roken = @LIB_roken@ @@ -92,124 +95,210 @@ LIB_security = @LIB_security@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ -MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ -MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ -MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ -NM = @NM@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ RANLIB = @RANLIB@ +STRIP = @STRIP@ VERSION = @VERSION@ VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ YACC = @YACC@ +dpagaix_CFLAGS = @dpagaix_CFLAGS@ +dpagaix_LDADD = @dpagaix_LDADD@ +install_sh = @install_sh@ -AUTOMAKE_OPTIONS = foreign no-dependencies +# $Id: Makefile.am,v 1.94 2001/01/30 01:53:30 assar Exp $ -SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x -INCLUDES = -I$(top_builddir)/include +AUTOMAKE_OPTIONS = foreign no-dependencies AM_CFLAGS = $(WFLAGS) -COMPILE_ET = $(top_builddir)/lib/com_err/compile_et - -buildinclude = $(top_builddir)/include +ACLOCAL_AMFLAGS = -I ../../cf -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_crypt = @LIB_crypt@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_el_init = @LIB_el_init@ -LIB_getattr = @LIB_getattr@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_readline = @LIB_readline@ -LIB_res_search = @LIB_res_search@ -LIB_setpcred = @LIB_setpcred@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ - -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -LIB_hesiod = @LIB_hesiod@ - -INCLUDE_krb4 = @INCLUDE_krb4@ -LIB_krb4 = @LIB_krb4@ - -INCLUDE_readline = @INCLUDE_readline@ - -LEXLIB = @LEXLIB@ - -cat1dir = $(mandir)/cat1 -cat3dir = $(mandir)/cat3 -cat5dir = $(mandir)/cat5 -cat8dir = $(mandir)/cat8 - -MANRX = \(.*\)\.\([0-9]\) -CATSUFFIX = @CATSUFFIX@ - -NROFF_MAN = groff -mandoc -Tascii - -@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) - -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la - -CHECK_LOCAL = $(PROGRAMS) - -CLEANFILES = roken.h make-roken.c print_version.h +CLEANFILES = roken.h make-roken.c $(XHEADERS) lib_LTLIBRARIES = libroken.la -libroken_la_LDFLAGS = -version-info 7:1:2 +libroken_la_LDFLAGS = -version-info 11:1:2 -noinst_PROGRAMS = make-roken make-print-version +noinst_PROGRAMS = make-roken -check_PROGRAMS = parse_bytes-test strpftime-test getaddrinfo-test -TESTS = $(check_PROGRAMS) +nodist_make_roken_SOURCES = make-roken.c -getaddrinfo_test_LDADD = libroken.la -parse_bytes_test_LDADD = libroken.la -strpftime_test_SOURCES = strpftime-test.c strftime.c strptime.c snprintf.c +check_PROGRAMS = parse_bytes-test \ + strpftime-test \ + getaddrinfo-test -@KRB4_TRUE@@KRB5_TRUE@make_print_version_LDADD = $(LIB_krb4) -ldes -libroken_la_SOURCES = base64.c concat.c emalloc.c eread.c erealloc.c estrdup.c ewrite.c getaddrinfo_hostspec.c get_default_username.c get_window_size.c getarg.c getnameinfo_verified.c issuid.c k_getpwnam.c k_getpwuid.c mini_inetd.c net_read.c net_write.c parse_bytes.c parse_time.c parse_units.c print_version.c resolve.c roken_gethostby.c signal.c simple_exec.c snprintf.c socket.c strcollect.c tm2time.c verify.c warnerr.c xdbm.h - - -EXTRA_libroken_la_SOURCES = chown.c copyhostent.c daemon.c err.c err.h errx.c fchown.c flock.c fnmatch.c fnmatch.h freeaddrinfo.c freehostent.c gai_strerror.c getaddrinfo.c getdtablesize.c getegid.c geteuid.c getgid.c gethostname.c getipnodebyaddr.c getipnodebyname.c getnameinfo.c getopt.c gettimeofday.c getuid.c getusershell.c glob.h hstrerror.c inet_aton.c inet_ntop.c inet_pton.c initgroups.c innetgr.c iruserok.c lstat.c memmove.c mkstemp.c putenv.c rcmd.c readv.c recvmsg.c sendmsg.c setegid.c setenv.c seteuid.c strcasecmp.c strdup.c strerror.c strftime.c strlcat.c strlcpy.c strlwr.c strncasecmp.c strndup.c strnlen.c strptime.c strsep.c strtok_r.c strupr.c swab.c unsetenv.c verr.c verrx.c vsyslog.c vwarn.c vwarnx.c warn.c warnx.c writev.c +TESTS = $(check_PROGRAMS) +LIB_crypt = @LIB_crypt@ -EXTRA_DIST = resource.h roken.awk roken.def roken.dsp roken.h.in roken.mak roken.rc +common_LDADD = libroken.la $(LIB_crypt) +strpftime_test_SOURCES = strpftime-test.c strftime.c strptime.c snprintf.c +getaddrinfo_test_LDADD = $(common_LDADD) +parse_bytes_test_LDADD = $(common_LDADD) + +libroken_la_SOURCES = \ + base64.c \ + concat.c \ + emalloc.c \ + environment.c \ + eread.c \ + erealloc.c \ + esetenv.c \ + estrdup.c \ + ewrite.c \ + getaddrinfo_hostspec.c \ + get_default_username.c \ + get_window_size.c \ + getarg.c \ + getnameinfo_verified.c \ + issuid.c \ + k_getpwnam.c \ + k_getpwuid.c \ + mini_inetd.c \ + net_read.c \ + net_write.c \ + parse_bytes.c \ + parse_time.c \ + parse_units.c \ + resolve.c \ + roken_gethostby.c \ + rtbl.c \ + rtbl.h \ + signal.c \ + simple_exec.c \ + snprintf.c \ + socket.c \ + strcollect.c \ + timeval.c \ + tm2time.c \ + unvis.c \ + verify.c \ + vis.c \ + vis.h \ + warnerr.c \ + write_pid.c \ + xdbm.h + + +EXTRA_libroken_la_SOURCES = \ + chown.c \ + copyhostent.c \ + daemon.c \ + err.c \ + err.hin \ + errx.c \ + fchown.c \ + flock.c \ + fnmatch.c \ + fnmatch.hin \ + freeaddrinfo.c \ + freehostent.c \ + gai_strerror.c \ + getaddrinfo.c \ + getdtablesize.c \ + getegid.c \ + geteuid.c \ + getgid.c \ + gethostname.c \ + getifaddrs.c \ + getipnodebyaddr.c \ + getipnodebyname.c \ + getopt.c \ + gettimeofday.c \ + getuid.c \ + getusershell.c \ + glob.hin \ + hstrerror.c \ + ifaddrs.hin \ + inet_aton.c \ + inet_ntop.c \ + inet_pton.c \ + initgroups.c \ + innetgr.c \ + iruserok.c \ + lstat.c \ + memmove.c \ + mkstemp.c \ + putenv.c \ + rcmd.c \ + readv.c \ + recvmsg.c \ + sendmsg.c \ + setegid.c \ + setenv.c \ + seteuid.c \ + strcasecmp.c \ + strdup.c \ + strerror.c \ + strftime.c \ + strlcat.c \ + strlcpy.c \ + strlwr.c \ + strncasecmp.c \ + strndup.c \ + strnlen.c \ + strptime.c \ + strsep.c \ + strsep_copy.c \ + strtok_r.c \ + strupr.c \ + swab.c \ + unsetenv.c \ + verr.c \ + verrx.c \ + vsyslog.c \ + vwarn.c \ + vwarnx.c \ + warn.c \ + warnx.c \ + writev.c + + +EXTRA_DIST = roken.awk roken.h.in libroken_la_LIBADD = @LTLIBOBJS@ -include_HEADERS = $(err_h) base64.h getarg.h parse_bytes.h parse_time.h parse_units.h resolve.h roken.h roken-common.h - - -build_HEADERZ = $(err_h) $(fnmatch_h) $(glob_h) xdbm.h +BUILT_SOURCES = make-roken.c roken.h @have_err_h_TRUE@err_h = -@have_err_h_FALSE@err_h = err.h +@have_err_h_FALSE@err_h = @have_err_h_FALSE@err.h @have_fnmatch_h_TRUE@fnmatch_h = -@have_fnmatch_h_FALSE@fnmatch_h = fnmatch.h +@have_fnmatch_h_FALSE@fnmatch_h = @have_fnmatch_h_FALSE@fnmatch.h @have_glob_h_TRUE@glob_h = -@have_glob_h_FALSE@glob_h = glob.h +@have_glob_h_FALSE@glob_h = @have_glob_h_FALSE@glob.h +@have_ifaddrs_h_TRUE@ifaddrs_h = +@have_ifaddrs_h_FALSE@ifaddrs_h = @have_ifaddrs_h_FALSE@ifaddrs.h +@have_vis_h_TRUE@vis_h = +@have_vis_h_FALSE@vis_h = @have_vis_h_FALSE@vis.h + +XHEADERS = $(err_h) $(fnmatch_h) $(glob_h) $(ifaddrs_h) $(vis_h) + +include_HEADERS = \ + base64.h \ + getarg.h \ + parse_bytes.h \ + parse_time.h \ + parse_units.h \ + resolve.h \ + roken-common.h \ + rtbl.h \ + xdbm.h \ + $(XHEADERS) + + +nodist_include_HEADERS = roken.h + +SUFFIXES = .hin +subdir = lib/roken mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs CONFIG_HEADER = ../../include/config.h CONFIG_CLEAN_FILES = @@ -225,63 +314,64 @@ X_LIBS = @X_LIBS@ X_EXTRA_LIBS = @X_EXTRA_LIBS@ X_PRE_LIBS = @X_PRE_LIBS@ libroken_la_DEPENDENCIES = @LTLIBOBJS@ -libroken_la_OBJECTS = base64.lo concat.lo emalloc.lo eread.lo \ -erealloc.lo estrdup.lo ewrite.lo getaddrinfo_hostspec.lo \ -get_default_username.lo get_window_size.lo getarg.lo \ -getnameinfo_verified.lo issuid.lo k_getpwnam.lo k_getpwuid.lo \ +am_libroken_la_OBJECTS = base64.lo concat.lo emalloc.lo environment.lo \ +eread.lo erealloc.lo esetenv.lo estrdup.lo ewrite.lo \ +getaddrinfo_hostspec.lo get_default_username.lo get_window_size.lo \ +getarg.lo getnameinfo_verified.lo issuid.lo k_getpwnam.lo k_getpwuid.lo \ mini_inetd.lo net_read.lo net_write.lo parse_bytes.lo parse_time.lo \ -parse_units.lo print_version.lo resolve.lo roken_gethostby.lo signal.lo \ -simple_exec.lo snprintf.lo socket.lo strcollect.lo tm2time.lo verify.lo \ -warnerr.lo +parse_units.lo resolve.lo roken_gethostby.lo rtbl.lo signal.lo \ +simple_exec.lo snprintf.lo socket.lo strcollect.lo timeval.lo \ +tm2time.lo unvis.lo verify.lo vis.lo warnerr.lo write_pid.lo +libroken_la_OBJECTS = $(am_libroken_la_OBJECTS) check_PROGRAMS = parse_bytes-test$(EXEEXT) strpftime-test$(EXEEXT) \ getaddrinfo-test$(EXEEXT) -noinst_PROGRAMS = make-roken$(EXEEXT) make-print-version$(EXEEXT) +noinst_PROGRAMS = make-roken$(EXEEXT) PROGRAMS = $(noinst_PROGRAMS) +getaddrinfo_test_SOURCES = getaddrinfo-test.c +getaddrinfo_test_OBJECTS = getaddrinfo-test.$(OBJEXT) +getaddrinfo_test_DEPENDENCIES = libroken.la +getaddrinfo_test_LDFLAGS = +nodist_make_roken_OBJECTS = make-roken.$(OBJEXT) +make_roken_OBJECTS = $(nodist_make_roken_OBJECTS) +make_roken_LDADD = $(LDADD) +make_roken_DEPENDENCIES = +make_roken_LDFLAGS = parse_bytes_test_SOURCES = parse_bytes-test.c parse_bytes_test_OBJECTS = parse_bytes-test.$(OBJEXT) parse_bytes_test_DEPENDENCIES = libroken.la parse_bytes_test_LDFLAGS = -strpftime_test_OBJECTS = strpftime-test.$(OBJEXT) strftime.$(OBJEXT) \ +am_strpftime_test_OBJECTS = strpftime-test.$(OBJEXT) strftime.$(OBJEXT) \ strptime.$(OBJEXT) snprintf.$(OBJEXT) +strpftime_test_OBJECTS = $(am_strpftime_test_OBJECTS) strpftime_test_LDADD = $(LDADD) strpftime_test_DEPENDENCIES = strpftime_test_LDFLAGS = -getaddrinfo_test_SOURCES = getaddrinfo-test.c -getaddrinfo_test_OBJECTS = getaddrinfo-test.$(OBJEXT) -getaddrinfo_test_DEPENDENCIES = libroken.la -getaddrinfo_test_LDFLAGS = -make_roken_SOURCES = make-roken.c -make_roken_OBJECTS = make-roken.$(OBJEXT) -make_roken_LDADD = $(LDADD) -make_roken_DEPENDENCIES = -make_roken_LDFLAGS = -make_print_version_SOURCES = make-print-version.c -make_print_version_OBJECTS = make-print-version.$(OBJEXT) -@KRB4_TRUE@@KRB5_TRUE@make_print_version_DEPENDENCIES = -make_print_version_LDFLAGS = -CFLAGS = @CFLAGS@ COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CFLAGS = @CFLAGS@ CCLD = $(CC) -LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ -HEADERS = $(include_HEADERS) +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +DIST_SOURCES = $(libroken_la_SOURCES) $(EXTRA_libroken_la_SOURCES) \ +getaddrinfo-test.c parse_bytes-test.c $(strpftime_test_SOURCES) +HEADERS = $(include_HEADERS) $(nodist_include_HEADERS) -DIST_COMMON = ChangeLog Makefile.am Makefile.in getcap.c glob.c \ -make-print-version.c +depcomp = +DIST_COMMON = $(include_HEADERS) ChangeLog Makefile.am Makefile.in \ +acinclude.m4 getcap.c getcwd.c getnameinfo.c glob.c install-sh \ +make-print-version.c missing mkinstalldirs -DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -TAR = tar GZIP_ENV = --best -SOURCES = $(libroken_la_SOURCES) $(EXTRA_libroken_la_SOURCES) parse_bytes-test.c $(strpftime_test_SOURCES) getaddrinfo-test.c make-roken.c make-print-version.c -OBJECTS = $(libroken_la_OBJECTS) parse_bytes-test.$(OBJEXT) $(strpftime_test_OBJECTS) getaddrinfo-test.$(OBJEXT) make-roken.$(OBJEXT) make-print-version.$(OBJEXT) +SOURCES = $(libroken_la_SOURCES) $(EXTRA_libroken_la_SOURCES) getaddrinfo-test.c $(nodist_make_roken_SOURCES) parse_bytes-test.c $(strpftime_test_SOURCES) +OBJECTS = $(am_libroken_la_OBJECTS) getaddrinfo-test.$(OBJEXT) $(nodist_make_roken_OBJECTS) parse_bytes-test.$(OBJEXT) $(am_strpftime_test_OBJECTS) all: all-redirect .SUFFIXES: -.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .s .x -$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common +.SUFFIXES: .c .h .hin .lo .o .obj +$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/roken/Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @@ -303,31 +393,18 @@ install-libLTLIBRARIES: $(lib_LTLIBRARIES) $(mkinstalldirs) $(DESTDIR)$(libdir) @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ if test -f $$p; then \ - echo "$(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p"; \ - $(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p; \ + echo " $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p"; \ + $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p; \ else :; fi; \ done uninstall-libLTLIBRARIES: @$(NORMAL_UNINSTALL) - list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + echo " $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p"; \ $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \ done -.c.o: - $(COMPILE) -c $< - -# FIXME: We should only use cygpath when building on Windows, -# and only if it is available. -.c.obj: - $(COMPILE) -c `cygpath -w $<` - -.s.o: - $(COMPILE) -c $< - -.S.o: - $(COMPILE) -c $< - mostlyclean-compile: -rm -f *.o core *.core -rm -f *.$(OBJEXT) @@ -339,15 +416,6 @@ distclean-compile: maintainer-clean-compile: -.c.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - -.s.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - -.S.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - mostlyclean-libtool: -rm -f *.lo @@ -379,14 +447,6 @@ distclean-noinstPROGRAMS: maintainer-clean-noinstPROGRAMS: -parse_bytes-test$(EXEEXT): $(parse_bytes_test_OBJECTS) $(parse_bytes_test_DEPENDENCIES) - @rm -f parse_bytes-test$(EXEEXT) - $(LINK) $(parse_bytes_test_LDFLAGS) $(parse_bytes_test_OBJECTS) $(parse_bytes_test_LDADD) $(LIBS) - -strpftime-test$(EXEEXT): $(strpftime_test_OBJECTS) $(strpftime_test_DEPENDENCIES) - @rm -f strpftime-test$(EXEEXT) - $(LINK) $(strpftime_test_LDFLAGS) $(strpftime_test_OBJECTS) $(strpftime_test_LDADD) $(LIBS) - getaddrinfo-test$(EXEEXT): $(getaddrinfo_test_OBJECTS) $(getaddrinfo_test_DEPENDENCIES) @rm -f getaddrinfo-test$(EXEEXT) $(LINK) $(getaddrinfo_test_LDFLAGS) $(getaddrinfo_test_OBJECTS) $(getaddrinfo_test_LDADD) $(LIBS) @@ -395,44 +455,79 @@ make-roken$(EXEEXT): $(make_roken_OBJECTS) $(make_roken_DEPENDENCIES) @rm -f make-roken$(EXEEXT) $(LINK) $(make_roken_LDFLAGS) $(make_roken_OBJECTS) $(make_roken_LDADD) $(LIBS) -make-print-version$(EXEEXT): $(make_print_version_OBJECTS) $(make_print_version_DEPENDENCIES) - @rm -f make-print-version$(EXEEXT) - $(LINK) $(make_print_version_LDFLAGS) $(make_print_version_OBJECTS) $(make_print_version_LDADD) $(LIBS) +parse_bytes-test$(EXEEXT): $(parse_bytes_test_OBJECTS) $(parse_bytes_test_DEPENDENCIES) + @rm -f parse_bytes-test$(EXEEXT) + $(LINK) $(parse_bytes_test_LDFLAGS) $(parse_bytes_test_OBJECTS) $(parse_bytes_test_LDADD) $(LIBS) + +strpftime-test$(EXEEXT): $(strpftime_test_OBJECTS) $(strpftime_test_DEPENDENCIES) + @rm -f strpftime-test$(EXEEXT) + $(LINK) $(strpftime_test_LDFLAGS) $(strpftime_test_OBJECTS) $(strpftime_test_LDADD) $(LIBS) +.c.o: + $(COMPILE) -c $< +.c.obj: + $(COMPILE) -c `cygpath -w $<` +.c.lo: + $(LTCOMPILE) -c -o $@ $< install-includeHEADERS: $(include_HEADERS) @$(NORMAL_INSTALL) $(mkinstalldirs) $(DESTDIR)$(includedir) @list='$(include_HEADERS)'; for p in $$list; do \ if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \ - echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p"; \ - $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p; \ + f="`echo $$p | sed -e 's|^.*/||'`"; \ + echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f"; \ + $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f; \ done uninstall-includeHEADERS: @$(NORMAL_UNINSTALL) - list='$(include_HEADERS)'; for p in $$list; do \ - rm -f $(DESTDIR)$(includedir)/$$p; \ + @list='$(include_HEADERS)'; for p in $$list; do \ + f="`echo $$p | sed -e 's|^.*/||'`"; \ + echo " rm -f $(DESTDIR)$(includedir)/$$f"; \ + rm -f $(DESTDIR)$(includedir)/$$f; \ + done + +install-nodist_includeHEADERS: $(nodist_include_HEADERS) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(includedir) + @list='$(nodist_include_HEADERS)'; for p in $$list; do \ + if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \ + f="`echo $$p | sed -e 's|^.*/||'`"; \ + echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f"; \ + $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f; \ + done + +uninstall-nodist_includeHEADERS: + @$(NORMAL_UNINSTALL) + @list='$(nodist_include_HEADERS)'; for p in $$list; do \ + f="`echo $$p | sed -e 's|^.*/||'`"; \ + echo " rm -f $(DESTDIR)$(includedir)/$$f"; \ + rm -f $(DESTDIR)$(includedir)/$$f; \ done tags: TAGS -ID: $(HEADERS) $(SOURCES) $(LISP) - list='$(SOURCES) $(HEADERS)'; \ - unique=`for i in $$list; do echo $$i; done | \ - awk ' { files[$$0] = 1; } \ +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ - here=`pwd` && cd $(srcdir) \ - && mkid -f$$here/ID $$unique $(LISP) + mkid -fID $$unique $(LISP) -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP) +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) tags=; \ here=`pwd`; \ - list='$(SOURCES) $(HEADERS)'; \ - unique=`for i in $$list; do echo $$i; done | \ - awk ' { files[$$0] = 1; } \ + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ - || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS) + || etags $(ETAGS_ARGS) $$tags $$unique $(LISP) mostlyclean-tags: @@ -442,77 +537,104 @@ distclean-tags: -rm -f TAGS ID maintainer-clean-tags: +check-TESTS: $(TESTS) + @failed=0; all=0; xfail=0; xpass=0; \ + srcdir=$(srcdir); export srcdir; \ + list='$(TESTS)'; \ + if test -n "$$list"; then \ + for tst in $$list; do \ + if test -f ./$$tst; then dir=./; \ + elif test -f $$tst; then dir=; \ + else dir="$(srcdir)/"; fi; \ + if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \ + all=`expr $$all + 1`; \ + case " $(XFAIL_TESTS) " in \ + *" $$tst "*) \ + xpass=`expr $$xpass + 1`; \ + failed=`expr $$failed + 1`; \ + echo "XPASS: $$tst"; \ + ;; \ + *) \ + echo "PASS: $$tst"; \ + ;; \ + esac; \ + elif test $$? -ne 77; then \ + all=`expr $$all + 1`; \ + case " $(XFAIL_TESTS) " in \ + *" $$tst "*) \ + xfail=`expr $$xfail + 1`; \ + echo "XFAIL: $$tst"; \ + ;; \ + *) \ + failed=`expr $$failed + 1`; \ + echo "FAIL: $$tst"; \ + ;; \ + esac; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + if test "$$xfail" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="All $$all tests behaved as expected ($$xfail expected failures)"; \ + fi; \ + else \ + if test "$$xpass" -eq 0; then \ + banner="$$failed of $$all tests failed"; \ + else \ + banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \ + fi; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0; \ + fi distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) -subdir = lib/roken - distdir: $(DISTFILES) @for file in $(DISTFILES); do \ d=$(srcdir); \ if test -d $$d/$$file; then \ - cp -pr $$/$$file $(distdir)/$$file; \ + cp -pR $$d/$$file $(distdir) \ + || exit 1; \ else \ test -f $(distdir)/$$file \ - || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ - || cp -p $$d/$$file $(distdir)/$$file || :; \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ fi; \ done - $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook -check-TESTS: $(TESTS) - @failed=0; all=0; \ - srcdir=$(srcdir); export srcdir; \ - for tst in $(TESTS); do \ - if test -f $$tst; then dir=.; \ - else dir="$(srcdir)"; fi; \ - if $(TESTS_ENVIRONMENT) $$dir/$$tst; then \ - all=`expr $$all + 1`; \ - echo "PASS: $$tst"; \ - elif test $$? -ne 77; then \ - all=`expr $$all + 1`; \ - failed=`expr $$failed + 1`; \ - echo "FAIL: $$tst"; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0 info-am: info: info-am dvi-am: dvi: dvi-am check-am: all-am $(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS) - $(MAKE) $(AM_MAKEFLAGS) check-TESTS check-local + $(MAKE) $(AM_MAKEFLAGS) check-TESTS check: check-am installcheck-am: installcheck: installcheck-am install-exec-am: install-libLTLIBRARIES - @$(NORMAL_INSTALL) - $(MAKE) $(AM_MAKEFLAGS) install-exec-hook install-exec: install-exec-am -install-data-am: install-includeHEADERS install-data-local +install-data-am: install-includeHEADERS install-nodist_includeHEADERS install-data: install-data-am install-am: all-am @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am install: install-am -uninstall-am: uninstall-libLTLIBRARIES uninstall-includeHEADERS +uninstall-am: uninstall-libLTLIBRARIES uninstall-includeHEADERS \ + uninstall-nodist_includeHEADERS uninstall: uninstall-am -all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(HEADERS) all-local +all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(HEADERS) all-redirect: all-am install-strip: - $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install + $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install installdirs: - $(mkinstalldirs) $(DESTDIR)$(libdir) $(DESTDIR)$(includedir) + $(mkinstalldirs) $(DESTDIR)$(libdir) $(DESTDIR)$(includedir) \ + $(DESTDIR)$(nodist_includedir) mostlyclean-generic: @@ -525,6 +647,8 @@ distclean-generic: -rm -f config.cache config.log stamp-h stamp-h[0-9]* maintainer-clean-generic: + -rm -f Makefile.in + -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES) mostlyclean-am: mostlyclean-libLTLIBRARIES mostlyclean-compile \ mostlyclean-libtool mostlyclean-checkPROGRAMS \ mostlyclean-noinstPROGRAMS mostlyclean-tags \ @@ -566,220 +690,19 @@ distclean-checkPROGRAMS clean-checkPROGRAMS \ maintainer-clean-checkPROGRAMS mostlyclean-noinstPROGRAMS \ distclean-noinstPROGRAMS clean-noinstPROGRAMS \ maintainer-clean-noinstPROGRAMS uninstall-includeHEADERS \ -install-includeHEADERS tags mostlyclean-tags distclean-tags clean-tags \ -maintainer-clean-tags distdir check-TESTS info-am info dvi-am dvi \ -check-local check check-am installcheck-am installcheck install-exec-am \ -install-exec install-data-local install-data-am install-data install-am \ -install uninstall-am uninstall all-local all-redirect all-am all \ +install-includeHEADERS uninstall-nodist_includeHEADERS \ +install-nodist_includeHEADERS tags mostlyclean-tags distclean-tags \ +clean-tags maintainer-clean-tags check-TESTS distdir info-am info \ +dvi-am dvi check check-am installcheck-am installcheck install-exec-am \ +install-exec install-data-am install-data install-am install \ +uninstall-am uninstall all-redirect all-am all install-strip \ installdirs mostlyclean-generic distclean-generic clean-generic \ maintainer-clean-generic clean mostlyclean distclean maintainer-clean -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - chmod 0 $$x; fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(build_HEADERZ) - @foo='$(include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " cp $$file $(buildinclude)/$$f"; \ - cp $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat1-mans: - @ext=1;\ - foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat3-mans: - @ext=3;\ - foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat5-mans: - @ext=5;\ - foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat8-mans: - @ext=8;\ - foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans - -install-data-local: install-cat-mans - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -.x.c: - @cmp -s $< $@ 2> /dev/null || cp $< $@ - -check-local:: - @foo='$(CHECK_LOCAL)'; \ - if test "$$foo"; then \ - failed=0; all=0; \ - for i in $$foo; do \ - all=`expr $$all + 1`; \ - if ./$$i --version > /dev/null 2>&1; then \ - echo "PASS: $$i"; \ - else \ - echo "FAIL: $$i"; \ - failed=`expr $$failed + 1`; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="$$failed of $$all tests failed"; \ - fi; \ - dashes=`echo "$$banner" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0; \ - fi - -$(LTLIBOBJS) $(libroken_la_OBJECTS): roken.h +$(LTLIBOBJS) $(libroken_la_OBJECTS): $(include_HEADERS) roken.h +.hin.h: + cp $< $@ roken.h: make-roken$(EXEEXT) @./make-roken$(EXEEXT) > tmp.h ;\ @@ -789,13 +712,6 @@ roken.h: make-roken$(EXEEXT) make-roken.c: roken.h.in roken.awk $(AWK) -f $(srcdir)/roken.awk $(srcdir)/roken.h.in > make-roken.c -print_version.lo: print_version.h - -print_version.h: make-print-version$(EXEEXT) - ./make-print-version$(EXEEXT) print_version.h - -make-print-version.o: $(top_builddir)/include/version.h - # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/crypto/heimdal/lib/roken/acconfig.h b/crypto/heimdal/lib/roken/acconfig.h new file mode 100644 index 0000000..5fbe685 --- /dev/null +++ b/crypto/heimdal/lib/roken/acconfig.h @@ -0,0 +1,36 @@ +@BOTTOM@ + +#ifdef BROKEN_REALLOC +#define realloc(X, Y) isoc_realloc((X), (Y)) +#define isoc_realloc(X, Y) ((X) ? realloc((X), (Y)) : malloc(Y)) +#endif + +#ifdef VOID_RETSIGTYPE +#define SIGRETURN(x) return +#else +#define SIGRETURN(x) return (RETSIGTYPE)(x) +#endif + +#define RCSID(msg) \ +static /**/const char *const rcsid[] = { (const char *)rcsid, "\100(#)" msg } + +#undef PROTOTYPES + +/* Maximum values on all known systems */ +#define MaxHostNameLen (64+4) +#define MaxPathLen (1024+4) + +/* + * Define NDBM if you are using the 4.3 ndbm library (which is part of + * libc). If not defined, 4.2 dbm will be assumed. + */ +#if defined(HAVE_DBM_FIRSTKEY) +#define NDBM +#endif + +/* + * Defining this enables lots of useful (and used) extensions on + * glibc-based systems such as Linux + */ + +#define _GNU_SOURCE diff --git a/crypto/heimdal/lib/roken/acinclude.m4 b/crypto/heimdal/lib/roken/acinclude.m4 new file mode 100644 index 0000000..1d0197c --- /dev/null +++ b/crypto/heimdal/lib/roken/acinclude.m4 @@ -0,0 +1,9 @@ +dnl $Id$ +dnl +dnl Only put things that for some reason can't live in the `cf' +dnl directory in this file. +dnl + +dnl $xId: misc.m4,v 1.1 1997/12/14 15:59:04 joda Exp $ +dnl +define(upcase,`echo $1 | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`)dnl diff --git a/crypto/heimdal/lib/roken/config.h.in b/crypto/heimdal/lib/roken/config.h.in new file mode 100644 index 0000000..b3df989 --- /dev/null +++ b/crypto/heimdal/lib/roken/config.h.in @@ -0,0 +1 @@ +/*autoheader*/ diff --git a/crypto/heimdal/lib/roken/environment.c b/crypto/heimdal/lib/roken/environment.c new file mode 100644 index 0000000..62c732c --- /dev/null +++ b/crypto/heimdal/lib/roken/environment.c @@ -0,0 +1,103 @@ +/* + * Copyright (c) 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + + +#ifdef HAVE_CONFIG_H +#include +RCSID("$Id: environment.c,v 1.1 2000/06/21 02:05:03 assar Exp $"); +#endif + +#include +#include +#include "roken.h" + +/* + * return count of environment assignments from `file' and + * list of malloced strings in `env' + */ + +int +read_environment(const char *file, char ***env) +{ + int i, k; + FILE *F; + char **l; + char buf[BUFSIZ], *p, *r; + + if ((F = fopen(file, "r")) == NULL) { + return 0; + } + + i = 0; + if (*env) { + l = *env; + while (*l != NULL) { + i++; + l++; + } + } + l = *env; + /* This is somewhat more relaxed on what it accepts then + * Wietses sysv_environ from K4 was... + */ + while (fgets(buf, BUFSIZ, F) != NULL) { + if (buf[0] == '#') + continue; + + p = strchr(buf, '#'); + if (p != NULL) + *p = '\0'; + + p = buf; + while (*p == ' ' || *p == '\t' || *p == '\n') p++; + if (*p == '\0') + continue; + + k = strlen(p); + if (p[k-1] == '\n') + p[k-1] = '\0'; + + /* Here one should check that is is a 'valid' env string... */ + r = strchr(p, '='); + if (r == NULL) + continue; + + l = realloc(l, (i+1) * sizeof (char *)); + l[i++] = strdup(p); + } + fclose(F); + l = realloc(l, (i+1) * sizeof (char *)); + l[i] = NULL; + *env = l; + return i; +} diff --git a/crypto/heimdal/lib/roken/err.hin b/crypto/heimdal/lib/roken/err.hin new file mode 100644 index 0000000..1fa7774 --- /dev/null +++ b/crypto/heimdal/lib/roken/err.hin @@ -0,0 +1,68 @@ +/* + * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: err.hin,v 1.16 2000/12/11 04:40:59 assar Exp $ */ + +#ifndef __ERR_H__ +#define __ERR_H__ + +#include +#include +#include +#include +#include + +extern const char *__progname; + +#if !defined(__GNUC__) && !defined(__attribute__) +#define __attribute__(x) +#endif + +void verr(int eval, const char *fmt, va_list ap) + __attribute__ ((noreturn, format (printf, 2, 0))); +void err(int eval, const char *fmt, ...) + __attribute__ ((noreturn, format (printf, 2, 3))); +void verrx(int eval, const char *fmt, va_list ap) + __attribute__ ((noreturn, format (printf, 2, 0))); +void errx(int eval, const char *fmt, ...) + __attribute__ ((noreturn, format (printf, 2, 3))); +void vwarn(const char *fmt, va_list ap) + __attribute__ ((format (printf, 1, 0))); +void warn(const char *fmt, ...) + __attribute__ ((format (printf, 1, 2))); +void vwarnx(const char *fmt, va_list ap) + __attribute__ ((format (printf, 1, 0))); +void warnx(const char *fmt, ...) + __attribute__ ((format (printf, 1, 2))); + +#endif /* __ERR_H__ */ diff --git a/crypto/heimdal/lib/roken/esetenv.c b/crypto/heimdal/lib/roken/esetenv.c new file mode 100644 index 0000000..cb35752 --- /dev/null +++ b/crypto/heimdal/lib/roken/esetenv.c @@ -0,0 +1,48 @@ +/* + * Copyright (c) 2000, 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include +RCSID("$Id: esetenv.c,v 1.3 2001/01/27 05:28:38 assar Exp $"); +#endif + +#include "roken.h" + +#include + +void +esetenv(const char *var, const char *val, int rewrite) +{ + if (setenv ((char *)var, (char *)val, rewrite)) + errx (1, "failed setting environment variable %s", var); +} diff --git a/crypto/heimdal/lib/roken/fnmatch.hin b/crypto/heimdal/lib/roken/fnmatch.hin new file mode 100644 index 0000000..95c91d6 --- /dev/null +++ b/crypto/heimdal/lib/roken/fnmatch.hin @@ -0,0 +1,49 @@ +/* $NetBSD: fnmatch.h,v 1.5 1994/10/26 00:55:53 cgd Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)fnmatch.h 8.1 (Berkeley) 6/2/93 + */ + +#ifndef _FNMATCH_H_ +#define _FNMATCH_H_ + +#define FNM_NOMATCH 1 /* Match failed. */ + +#define FNM_NOESCAPE 0x01 /* Disable backslash escaping. */ +#define FNM_PATHNAME 0x02 /* Slash must be matched by slash. */ +#define FNM_PERIOD 0x04 /* Period must be matched by period. */ + +int fnmatch (const char *, const char *, int); + +#endif /* !_FNMATCH_H_ */ diff --git a/crypto/heimdal/lib/roken/getaddrinfo-test.c b/crypto/heimdal/lib/roken/getaddrinfo-test.c index ede9c95..0e3afc5 100644 --- a/crypto/heimdal/lib/roken/getaddrinfo-test.c +++ b/crypto/heimdal/lib/roken/getaddrinfo-test.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #ifdef HAVE_CONFIG_H #include -RCSID("$Id: getaddrinfo-test.c,v 1.2 1999/12/03 04:10:07 assar Exp $"); +RCSID("$Id: getaddrinfo-test.c,v 1.3 2000/07/08 14:22:09 assar Exp $"); #endif #include "roken.h" @@ -122,7 +122,7 @@ main(int argc, char **argv) usage (0); if (version_flag) { - print_version (NULL); + fprintf (stderr, "%s from %s-%s)\n", __progname, PACKAGE, VERSION); return 0; } diff --git a/crypto/heimdal/lib/roken/getaddrinfo.c b/crypto/heimdal/lib/roken/getaddrinfo.c index db18742..4b94d3d 100644 --- a/crypto/heimdal/lib/roken/getaddrinfo.c +++ b/crypto/heimdal/lib/roken/getaddrinfo.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #ifdef HAVE_CONFIG_H #include -RCSID("$Id: getaddrinfo.c,v 1.6 1999/12/20 00:56:44 assar Exp $"); +RCSID("$Id: getaddrinfo.c,v 1.9 2000/07/24 02:34:20 assar Exp $"); #endif #include "roken.h" @@ -215,27 +215,56 @@ get_null (const struct addrinfo *hints, return 0; } +/* + * Try to find a fqdn (with `.') in he if possible, else return h_name + */ + +static char * +find_fqdn (const struct hostent *he) +{ + char *ret = he->h_name; + char **h; + + if (strchr (ret, '.') == NULL) + for (h = he->h_aliases; *h; ++h) { + if (strchr (*h, '.') != NULL) { + ret = *h; + break; + } + } + return ret; +} + static int add_hostent (int port, int protocol, int socktype, struct addrinfo ***current, int (*func)(struct addrinfo *, void *data, int port), struct hostent *he, int *flags) { - char **h; int ret; char *canonname = NULL; + char **h; if (*flags & AI_CANONNAME) { - canonname = he->h_name; - - if (strchr (he->h_name, '.') == NULL) - for (h = he->h_aliases; *h; ++h) { - if (strchr (*h, '.') != NULL) { - canonname = *h; - break; - } + struct hostent *he2 = NULL; + + canonname = find_fqdn (he); + if (strchr (canonname, '.') == NULL) { + int error; + + he2 = getipnodebyaddr (he->h_addr_list[0], he->h_length, + he->h_addrtype, &error); + if (he2 != NULL) { + char *tmp = find_fqdn (he2); + + if (strchr (tmp, '.') != NULL) + canonname = tmp; } + } + canonname = strdup (canonname); + if (he2 != NULL) + freehostent (he2); if (canonname == NULL) return EAI_MEMORY; } diff --git a/crypto/heimdal/lib/roken/getaddrinfo_hostspec.c b/crypto/heimdal/lib/roken/getaddrinfo_hostspec.c index 76e5d2b..7f6b0d1 100644 --- a/crypto/heimdal/lib/roken/getaddrinfo_hostspec.c +++ b/crypto/heimdal/lib/roken/getaddrinfo_hostspec.c @@ -33,7 +33,7 @@ #ifdef HAVE_CONFIG_H #include -RCSID("$Id: getaddrinfo_hostspec.c,v 1.1 2000/02/07 13:38:22 joda Exp $"); +RCSID("$Id: getaddrinfo_hostspec.c,v 1.3 2000/07/15 12:50:32 joda Exp $"); #endif #include "roken.h" @@ -41,14 +41,16 @@ RCSID("$Id: getaddrinfo_hostspec.c,v 1.1 2000/02/07 13:38:22 joda Exp $"); /* getaddrinfo via string specifying host and port */ int -roken_getaddrinfo_hostspec(const char *hostspec, - int port, - struct addrinfo **ai) +roken_getaddrinfo_hostspec2(const char *hostspec, + int socktype, + int port, + struct addrinfo **ai) { const char *p; char portstr[NI_MAXSERV]; char host[MAXHOSTNAMELEN]; struct addrinfo hints; + int hostspec_len; struct hst { const char *prefix; @@ -64,6 +66,8 @@ roken_getaddrinfo_hostspec(const char *hostspec, }; memset(&hints, 0, sizeof(hints)); + + hints.ai_socktype = socktype; for(hstp = hst; hstp->prefix; hstp++) { if(strncmp(hostspec, hstp->prefix, strlen(hstp->prefix)) == 0) { @@ -81,9 +85,20 @@ roken_getaddrinfo_hostspec(const char *hostspec, char *end; port = strtol (p + 1, &end, 0); + hostspec_len = p - hostspec; + } else { + hostspec_len = strlen(hostspec); } snprintf (portstr, sizeof(portstr), "%u", port); - snprintf (host, sizeof(host), "%.*s", p - hostspec, hostspec); + snprintf (host, sizeof(host), "%.*s", hostspec_len, hostspec); return getaddrinfo (host, portstr, &hints, ai); } + +int +roken_getaddrinfo_hostspec(const char *hostspec, + int port, + struct addrinfo **ai) +{ + return roken_getaddrinfo_hostspec2(hostspec, 0, port, ai); +} diff --git a/crypto/heimdal/lib/roken/getarg.3 b/crypto/heimdal/lib/roken/getarg.3 index 78a8802..e3b5c9f 100644 --- a/crypto/heimdal/lib/roken/getarg.3 +++ b/crypto/heimdal/lib/roken/getarg.3 @@ -1,5 +1,5 @@ .\" Copyright (c) 1999 Kungliga Tekniska Högskolan -.\" $Id: getarg.3,v 1.2 1999/10/18 17:14:31 joda Exp $ +.\" $Id: getarg.3,v 1.3 2001/01/11 16:16:30 assar Exp $ .Dd September 24, 1999 .Dt GETARG 3 .Os ROKEN @@ -9,13 +9,10 @@ .Nd collect command line options .Sh SYNOPSIS .Fd #include - .Ft int .Fn getarg "struct getargs *args" "size_t num_args" "int argc" "char **argv" "int *optind" - .Ft void .Fn arg_printusage "struct getargs *args" "size_t num_args" "const char *progname" "const char *extra_string" - .Sh DESCRIPTION .Fn getarg collects any command line options given to a program in an easily used way. @@ -45,7 +42,8 @@ take the same and .Fa num_args as getarg; -.Fa progname is the name of the program (to be used in the help text), and +.Fa progname +is the name of the program (to be used in the help text), and .Fa extra_string is a string to print after the actual options to indicate more arguments. The usefulness of this function is realised only be people @@ -55,7 +53,6 @@ the code does. The .Fa getargs struct has the following elements. - .Bd -literal struct getargs{ const char *long_name; @@ -176,7 +173,7 @@ and .Fa *optarg , but to do this correct you (more or less) have to know about the inner workings of getarg. - +.Pp You can skip parts of arguments by increasing .Fa *optarg (you could @@ -233,8 +230,6 @@ and if you're really confused you can do it multiple times .Pf ( Fl -no-no-help= Ns Ar false , or even .Fl -no-no-help= Ns Ar maybe ) . - -.Pp .Sh EXAMPLE .Bd -literal #include @@ -276,11 +271,11 @@ main(int argc, char **argv) exit (0); } if (destination == NULL) { - fprintf(stderr, "%s: must specify destination\n", progname); + fprintf(stderr, "%s: must specify destination\en", progname); exit(1); } if (strcmp(source, destination) == 0) { - fprintf(stderr, "%s: destination must be different from source\n"); + fprintf(stderr, "%s: destination must be different from source\en"); exit(1); } /* include more stuff here ... */ @@ -298,7 +293,6 @@ Usage: ship++ [--source=city] [-s city] [--destination=city] [-d city] -w tons, --weight=tons weight of shippment -c, --no-catalog include product catalog .Ed - .Sh BUGS It should be more flexible, so it would be possible to use other more complicated option syntaxes, such as what diff --git a/crypto/heimdal/lib/roken/getarg.c b/crypto/heimdal/lib/roken/getarg.c index d9a03a5..342388e 100644 --- a/crypto/heimdal/lib/roken/getarg.c +++ b/crypto/heimdal/lib/roken/getarg.c @@ -33,10 +33,12 @@ #ifdef HAVE_CONFIG_H #include -RCSID("$Id: getarg.c,v 1.34 2000/02/13 21:06:43 assar Exp $"); +RCSID("$Id: getarg.c,v 1.37 2000/12/25 17:03:15 assar Exp $"); #endif #include +#include +#include #include #include "getarg.h" @@ -56,11 +58,12 @@ print_arg (char *string, size_t len, int mdoc, int longp, struct getargs *arg) if(longp) strlcat(string, "= Ns", len); strlcat(string, " Ar ", len); - }else + } else { if (longp) strlcat (string, "=", len); else strlcat (string, " ", len); + } if (arg->arg_help) s = arg->arg_help; @@ -68,6 +71,8 @@ print_arg (char *string, size_t len, int mdoc, int longp, struct getargs *arg) s = "integer"; else if (arg->type == arg_string) s = "string"; + else if (arg->type == arg_strings) + s = "strings"; else if (arg->type == arg_double) s = "float"; else @@ -461,8 +466,10 @@ arg_match_short (struct getargs *args, size_t num_args, ++*optind; optarg = rargv[*optind]; } - if(optarg == NULL) + if(optarg == NULL) { + --*optind; return ARG_ERR_NO_ARG; + } if(args[k].type == arg_integer) { int tmp; if(sscanf(optarg, "%d", &tmp) != 1) diff --git a/crypto/heimdal/lib/roken/getifaddrs.c b/crypto/heimdal/lib/roken/getifaddrs.c new file mode 100644 index 0000000..e8e3e54 --- /dev/null +++ b/crypto/heimdal/lib/roken/getifaddrs.c @@ -0,0 +1,271 @@ +/* + * Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include +RCSID("$Id: getifaddrs.c,v 1.4 2001/01/28 23:02:46 assar Exp $"); +#endif +#include "roken.h" + +#ifdef __osf__ +/* hate */ +struct rtentry; +struct mbuf; +#endif +#ifdef HAVE_NET_IF_H +#include +#endif + +#ifdef HAVE_SYS_SOCKIO_H +#include +#endif /* HAVE_SYS_SOCKIO_H */ + +#ifdef HAVE_NETINET_IN6_VAR_H +#include +#endif /* HAVE_NETINET_IN6_VAR_H */ + +#include + +static int +getifaddrs2(struct ifaddrs **ifap, + int af, int siocgifconf, int siocgifflags, + size_t ifreq_sz) +{ + int ret; + int fd; + size_t buf_size; + char *buf; + struct ifconf ifconf; + int num, j = 0; + char *p; + size_t sz; + struct sockaddr sa_zero; + struct ifreq *ifr; + + struct ifaddrs *start, **end = &start; + + buf = NULL; + + memset (&sa_zero, 0, sizeof(sa_zero)); + fd = socket(af, SOCK_DGRAM, 0); + if (fd < 0) + return -1; + + buf_size = 8192; + for (;;) { + buf = calloc(1, buf_size); + if (buf == NULL) { + ret = ENOMEM; + goto error_out; + } + ifconf.ifc_len = buf_size; + ifconf.ifc_buf = buf; + + /* + * Solaris returns EINVAL when the buffer is too small. + */ + if (ioctl (fd, siocgifconf, &ifconf) < 0 && errno != EINVAL) { + ret = errno; + goto error_out; + } + /* + * Can the difference between a full and a overfull buf + * be determined? + */ + + if (ifconf.ifc_len < buf_size) + break; + free (buf); + buf_size *= 2; + } + + num = ifconf.ifc_len / ifreq_sz; + j = 0; + for (p = ifconf.ifc_buf; + p < ifconf.ifc_buf + ifconf.ifc_len; + p += sz) { + struct ifreq ifreq; + struct sockaddr *sa; + size_t salen; + + ifr = (struct ifreq *)p; + sa = &ifr->ifr_addr; + + sz = ifreq_sz; + salen = sizeof(struct sockaddr); +#ifdef HAVE_STRUCT_SOCKADDR_SA_LEN + salen = sa->sa_len; + sz = max(sz, sizeof(ifr->ifr_name) + sa->sa_len); +#endif +#ifdef SA_LEN + salen = SA_LEN(sa); + sz = max(sz, sizeof(ifr->ifr_name) + SA_LEN(sa)); +#endif + memset (&ifreq, 0, sizeof(ifreq)); + memcpy (ifreq.ifr_name, ifr->ifr_name, sizeof(ifr->ifr_name)); + + if (ioctl(fd, siocgifflags, &ifreq) < 0) { + ret = errno; + goto error_out; + } + + *end = malloc(sizeof(**end)); + + (*end)->ifa_next = NULL; + (*end)->ifa_name = strdup(ifr->ifr_name); + (*end)->ifa_flags = ifreq.ifr_flags; + (*end)->ifa_addr = malloc(salen); + memcpy((*end)->ifa_addr, sa, salen); + (*end)->ifa_netmask = NULL; + +#if 0 + /* fix these when we actually need them */ + if(ifreq.ifr_flags & IFF_BROADCAST) { + (*end)->ifa_broadaddr = malloc(sizeof(ifr->ifr_broadaddr)); + memcpy((*end)->ifa_broadaddr, &ifr->ifr_broadaddr, + sizeof(ifr->ifr_broadaddr)); + } else if(ifreq.ifr_flags & IFF_POINTOPOINT) { + (*end)->ifa_dstaddr = malloc(sizeof(ifr->ifr_dstaddr)); + memcpy((*end)->ifa_dstaddr, &ifr->ifr_dstaddr, + sizeof(ifr->ifr_dstaddr)); + } else + (*end)->ifa_dstaddr = NULL; +#else + (*end)->ifa_dstaddr = NULL; +#endif + + (*end)->ifa_data = NULL; + + end = &(*end)->ifa_next; + + } + *ifap = start; + free(buf); + return 0; + error_out: + free(buf); + errno = ret; + return -1; +} + +int +getifaddrs(struct ifaddrs **ifap) +{ + int ret = -1; + errno = ENXIO; +#if defined(AF_INET6) && defined(SIOCGIF6CONF) && defined(SIOCGIF6FLAGS) + if (ret) + ret = getifaddrs2 (ifap, AF_INET6, SIOCGIF6CONF, SIOCGIF6FLAGS, + sizeof(struct in6_ifreq)); +#endif +#if defined(HAVE_IPV6) && defined(SIOCGIFCONF) + if (ret) + ret = getifaddrs2 (ifap, AF_INET6, SIOCGIFCONF, SIOCGIFFLAGS, + sizeof(struct ifreq)); +#endif +#if defined(AF_INET) && defined(SIOCGIFCONF) && defined(SIOCGIFFLAGS) + if (ret) + ret = getifaddrs2 (ifap, AF_INET, SIOCGIFCONF, SIOCGIFFLAGS, + sizeof(struct ifreq)); +#endif + return ret; +} + +void +freeifaddrs(struct ifaddrs *ifp) +{ + struct ifaddrs *p, *q; + + for(p = ifp; p; ) { + free(p->ifa_name); + if(p->ifa_addr) + free(p->ifa_addr); + if(p->ifa_dstaddr) + free(p->ifa_dstaddr); + if(p->ifa_netmask) + free(p->ifa_netmask); + if(p->ifa_data) + free(p->ifa_data); + q = p; + p = p->ifa_next; + free(q); + } +} + +#ifdef TEST + +void +print_addr(const char *s, struct sockaddr *sa) +{ + int i; + printf(" %s=%d/", s, sa->sa_family); +#ifdef HAVE_STRUCT_SOCKADDR_SA_LEN + for(i = 0; i < sa->sa_len - ((long)sa->sa_data - (long)&sa->sa_family); i++) + printf("%02x", ((unsigned char*)sa->sa_data)[i]); +#else + for(i = 0; i < sizeof(sa->sa_data); i++) + printf("%02x", ((unsigned char*)sa->sa_data)[i]); +#endif + printf("\n"); +} + +void +print_ifaddrs(struct ifaddrs *x) +{ + struct ifaddrs *p; + + for(p = x; p; p = p->ifa_next) { + printf("%s\n", p->ifa_name); + printf(" flags=%x\n", p->ifa_flags); + if(p->ifa_addr) + print_addr("addr", p->ifa_addr); + if(p->ifa_dstaddr) + print_addr("dstaddr", p->ifa_dstaddr); + if(p->ifa_netmask) + print_addr("netmask", p->ifa_netmask); + printf(" %p\n", p->ifa_data); + } +} + +int +main() +{ + struct ifaddrs *a = NULL, *b; + getifaddrs2(&a, AF_INET, SIOCGIFCONF, SIOCGIFFLAGS, sizeof(struct ifreq)); + print_ifaddrs(a); + printf("---\n"); + getifaddrs(&b); + print_ifaddrs(b); + return 0; +} +#endif diff --git a/crypto/heimdal/lib/roken/getnameinfo_verified.c b/crypto/heimdal/lib/roken/getnameinfo_verified.c index 2a23d24..30384ed 100644 --- a/crypto/heimdal/lib/roken/getnameinfo_verified.c +++ b/crypto/heimdal/lib/roken/getnameinfo_verified.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #ifdef HAVE_CONFIG_H #include -RCSID("$Id: getnameinfo_verified.c,v 1.2 1999/12/05 10:52:09 assar Exp $"); +RCSID("$Id: getnameinfo_verified.c,v 1.3 2000/06/28 01:21:53 assar Exp $"); #endif #include "roken.h" @@ -58,9 +58,12 @@ getnameinfo_verified(const struct sockaddr *sa, socklen_t salen, return ret; for (a = ai; a != NULL; a = a->ai_next) { if (a->ai_addrlen == salen - && memcmp (a->ai_addr, sa, salen) == 0) + && memcmp (a->ai_addr, sa, salen) == 0) { + freeaddrinfo (ai); return 0; + } } + freeaddrinfo (ai); if (flags & NI_NAMEREQD) return EAI_NONAME; ret = getnameinfo (sa, salen, host, hostlen, serv, servlen, diff --git a/crypto/heimdal/lib/roken/getusershell.c b/crypto/heimdal/lib/roken/getusershell.c index 87a48ec..eb990f3 100644 --- a/crypto/heimdal/lib/roken/getusershell.c +++ b/crypto/heimdal/lib/roken/getusershell.c @@ -35,12 +35,13 @@ #include #endif -RCSID("$Id: getusershell.c,v 1.8 1997/04/20 06:18:03 assar Exp $"); +RCSID("$Id: getusershell.c,v 1.10 2000/05/22 09:11:59 joda Exp $"); #ifndef HAVE_GETUSERSHELL #include #include +#include #ifdef HAVE_PATHS_H #include #endif @@ -54,6 +55,14 @@ RCSID("$Id: getusershell.c,v 1.8 1997/04/20 06:18:03 assar Exp $"); #include #endif +#ifdef HAVE_USERSEC_H +struct aud_rec; +#include +#endif +#ifdef HAVE_USERCONF_H +#include +#endif + #ifndef _PATH_SHELLS #define _PATH_SHELLS "/etc/shells" #endif @@ -81,80 +90,102 @@ static char **initshells (void); char * getusershell() { - char *ret; - - if (curshell == NULL) - curshell = initshells(); - ret = *curshell; - if (ret != NULL) - curshell++; - return (ret); + char *ret; + + if (curshell == NULL) + curshell = initshells(); + ret = *curshell; + if (ret != NULL) + curshell++; + return (ret); } void endusershell() { - - if (shells != NULL) - free(shells); - shells = NULL; - if (strings != NULL) - free(strings); - strings = NULL; - curshell = NULL; + if (shells != NULL) + free(shells); + shells = NULL; + if (strings != NULL) + free(strings); + strings = NULL; + curshell = NULL; } void setusershell() { - - curshell = initshells(); + curshell = initshells(); } static char ** initshells() { - char **sp, *cp; - FILE *fp; - struct stat statb; + char **sp, *cp; +#ifdef HAVE_GETCONFATTR + char *tmp; + int nsh; +#else + FILE *fp; +#endif + struct stat statb; + + free(shells); + shells = NULL; + free(strings); + strings = NULL; +#ifdef HAVE_GETCONFATTR + if(getconfattr(SC_SYS_LOGIN, SC_SHELLS, &tmp, SEC_LIST) != 0) + return okshells; + + for(cp = tmp, nsh = 0; *cp; cp += strlen(cp) + 1, nsh++); - if (shells != NULL) - free(shells); + shells = calloc(nsh + 1, sizeof(*shells)); + if(shells == NULL) + return okshells; + + strings = malloc(cp - tmp); + if(strings == NULL) { + free(shells); shells = NULL; - if (strings != NULL) - free(strings); - strings = NULL; - if ((fp = fopen(_PATH_SHELLS, "r")) == NULL) - return (okshells); - if (fstat(fileno(fp), &statb) == -1) { - fclose(fp); - return (okshells); - } - if ((strings = malloc((u_int)statb.st_size)) == NULL) { - fclose(fp); - return (okshells); - } - shells = calloc((unsigned)statb.st_size / 3, sizeof (char *)); - if (shells == NULL) { - fclose(fp); - free(strings); - strings = NULL; - return (okshells); - } - sp = shells; - cp = strings; - while (fgets(cp, MaxPathLen + 1, fp) != NULL) { - while (*cp != '#' && *cp != '/' && *cp != '\0') - cp++; - if (*cp == '#' || *cp == '\0') - continue; - *sp++ = cp; - while (!isspace(*cp) && *cp != '#' && *cp != '\0') - cp++; - *cp++ = '\0'; - } - *sp = NULL; + return okshells; + } + memcpy(strings, tmp, cp - tmp); + for(sp = shells, cp = strings; *cp; cp += strlen(cp) + 1, sp++) + *sp = cp; +#else + if ((fp = fopen(_PATH_SHELLS, "r")) == NULL) + return (okshells); + if (fstat(fileno(fp), &statb) == -1) { fclose(fp); - return (shells); + return (okshells); + } + if ((strings = malloc((u_int)statb.st_size)) == NULL) { + fclose(fp); + return (okshells); + } + shells = calloc((unsigned)statb.st_size / 3, sizeof (char *)); + if (shells == NULL) { + fclose(fp); + free(strings); + strings = NULL; + return (okshells); + } + sp = shells; + cp = strings; + while (fgets(cp, MaxPathLen + 1, fp) != NULL) { + while (*cp != '#' && *cp != '/' && *cp != '\0') + cp++; + if (*cp == '#' || *cp == '\0') + continue; + *sp++ = cp; + while (!isspace(*cp) && *cp != '#' && *cp != '\0') + cp++; + *cp++ = '\0'; + } + fclose(fp); +#endif + *sp = NULL; + return (shells); } #endif /* HAVE_GETUSERSHELL */ diff --git a/crypto/heimdal/lib/roken/glob.hin b/crypto/heimdal/lib/roken/glob.hin new file mode 100644 index 0000000..bece48a --- /dev/null +++ b/crypto/heimdal/lib/roken/glob.hin @@ -0,0 +1,84 @@ +/* + * Copyright (c) 1989, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Guido van Rossum. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)glob.h 8.1 (Berkeley) 6/2/93 + */ + +#ifndef _GLOB_H_ +#define _GLOB_H_ + +struct stat; +typedef struct { + int gl_pathc; /* Count of total paths so far. */ + int gl_matchc; /* Count of paths matching pattern. */ + int gl_offs; /* Reserved at beginning of gl_pathv. */ + int gl_flags; /* Copy of flags parameter to glob. */ + char **gl_pathv; /* List of paths matching pattern. */ + /* Copy of errfunc parameter to glob. */ + int (*gl_errfunc) (const char *, int); + + /* + * Alternate filesystem access methods for glob; replacement + * versions of closedir(3), readdir(3), opendir(3), stat(2) + * and lstat(2). + */ + void (*gl_closedir) (void *); + struct dirent *(*gl_readdir) (void *); + void *(*gl_opendir) (const char *); + int (*gl_lstat) (const char *, struct stat *); + int (*gl_stat) (const char *, struct stat *); +} glob_t; + +#define GLOB_APPEND 0x0001 /* Append to output from previous call. */ +#define GLOB_DOOFFS 0x0002 /* Use gl_offs. */ +#define GLOB_ERR 0x0004 /* Return on error. */ +#define GLOB_MARK 0x0008 /* Append / to matching directories. */ +#define GLOB_NOCHECK 0x0010 /* Return pattern itself if nothing matches. */ +#define GLOB_NOSORT 0x0020 /* Don't sort. */ + +#define GLOB_ALTDIRFUNC 0x0040 /* Use alternately specified directory funcs. */ +#define GLOB_BRACE 0x0080 /* Expand braces ala csh. */ +#define GLOB_MAGCHAR 0x0100 /* Pattern had globbing characters. */ +#define GLOB_NOMAGIC 0x0200 /* GLOB_NOCHECK without magic chars (csh). */ +#define GLOB_QUOTE 0x0400 /* Quote special chars with \. */ +#define GLOB_TILDE 0x0800 /* Expand tilde names from the passwd file. */ + +#define GLOB_NOSPACE (-1) /* Malloc call failed. */ +#define GLOB_ABEND (-2) /* Unignored error. */ + +int glob (const char *, int, int (*)(const char *, int), glob_t *); +void globfree (glob_t *); + +#endif /* !_GLOB_H_ */ diff --git a/crypto/heimdal/lib/roken/ifaddrs.hin b/crypto/heimdal/lib/roken/ifaddrs.hin new file mode 100644 index 0000000..d2b9be8 --- /dev/null +++ b/crypto/heimdal/lib/roken/ifaddrs.hin @@ -0,0 +1,64 @@ +/* + * Copyright (c) 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: ifaddrs.hin,v 1.3 2000/12/11 00:01:13 assar Exp $ */ + +#ifndef __ifaddrs_h__ +#define __ifaddrs_h__ + +/* + * the interface is defined in terms of the fields below, and this is + * sometimes #define'd, so there seems to be no simple way of solving + * this and this seemed the best. */ + +#undef ifa_dstaddr + +struct ifaddrs { + struct ifaddrs *ifa_next; + char *ifa_name; + unsigned int ifa_flags; + struct sockaddr *ifa_addr; + struct sockaddr *ifa_netmask; + struct sockaddr *ifa_dstaddr; + void *ifa_data; +}; + +#ifndef ifa_broadaddr +#define ifa_broadaddr ifa_dstaddr +#endif + +int getifaddrs(struct ifaddrs**); + +void freeifaddrs(struct ifaddrs*); + +#endif /* __ifaddrs_h__ */ diff --git a/crypto/heimdal/lib/roken/inet_ntop.c b/crypto/heimdal/lib/roken/inet_ntop.c index f79a35e..382b351 100644 --- a/crypto/heimdal/lib/roken/inet_ntop.c +++ b/crypto/heimdal/lib/roken/inet_ntop.c @@ -33,24 +33,7 @@ #ifdef HAVE_CONFIG_H #include -RCSID("$Id: inet_ntop.c,v 1.3 1999/12/02 16:58:47 joda Exp $"); -#endif - -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN6_H -#include -#endif -#ifdef HAVE_NETINET6_IN6_H -#include +RCSID("$Id: inet_ntop.c,v 1.4 2000/07/27 16:24:00 assar Exp $"); #endif #include diff --git a/crypto/heimdal/lib/roken/inet_pton.c b/crypto/heimdal/lib/roken/inet_pton.c index 9b195c2..d9c976c 100644 --- a/crypto/heimdal/lib/roken/inet_pton.c +++ b/crypto/heimdal/lib/roken/inet_pton.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,24 +33,7 @@ #ifdef HAVE_CONFIG_H #include -RCSID("$Id: inet_pton.c,v 1.2 1999/12/02 16:58:47 joda Exp $"); -#endif - -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN6_H -#include -#endif -#ifdef HAVE_NETINET6_IN6_H -#include +RCSID("$Id: inet_pton.c,v 1.3 2000/07/27 04:56:13 assar Exp $"); #endif #include diff --git a/crypto/heimdal/lib/roken/install-sh b/crypto/heimdal/lib/roken/install-sh new file mode 100755 index 0000000..e9de238 --- /dev/null +++ b/crypto/heimdal/lib/roken/install-sh @@ -0,0 +1,251 @@ +#!/bin/sh +# +# install - install a program, script, or datafile +# This comes from X11R5 (mit/util/scripts/install.sh). +# +# Copyright 1991 by the Massachusetts Institute of Technology +# +# Permission to use, copy, modify, distribute, and sell this software and its +# documentation for any purpose is hereby granted without fee, provided that +# the above copyright notice appear in all copies and that both that +# copyright notice and this permission notice appear in supporting +# documentation, and that the name of M.I.T. not be used in advertising or +# publicity pertaining to distribution of the software without specific, +# written prior permission. M.I.T. makes no representations about the +# suitability of this software for any purpose. It is provided "as is" +# without express or implied warranty. +# +# Calling this script install-sh is preferred over install.sh, to prevent +# `make' implicit rules from creating a file called install from it +# when there is no Makefile. +# +# This script is compatible with the BSD install script, but was written +# from scratch. It can only install one file at a time, a restriction +# shared with many OS's install programs. + + +# set DOITPROG to echo to test this script + +# Don't use :- since 4.3BSD and earlier shells don't like it. +doit="${DOITPROG-}" + + +# put in absolute paths if you don't have them in your path; or use env. vars. + +mvprog="${MVPROG-mv}" +cpprog="${CPPROG-cp}" +chmodprog="${CHMODPROG-chmod}" +chownprog="${CHOWNPROG-chown}" +chgrpprog="${CHGRPPROG-chgrp}" +stripprog="${STRIPPROG-strip}" +rmprog="${RMPROG-rm}" +mkdirprog="${MKDIRPROG-mkdir}" + +transformbasename="" +transform_arg="" +instcmd="$mvprog" +chmodcmd="$chmodprog 0755" +chowncmd="" +chgrpcmd="" +stripcmd="" +rmcmd="$rmprog -f" +mvcmd="$mvprog" +src="" +dst="" +dir_arg="" + +while [ x"$1" != x ]; do + case $1 in + -c) instcmd="$cpprog" + shift + continue;; + + -d) dir_arg=true + shift + continue;; + + -m) chmodcmd="$chmodprog $2" + shift + shift + continue;; + + -o) chowncmd="$chownprog $2" + shift + shift + continue;; + + -g) chgrpcmd="$chgrpprog $2" + shift + shift + continue;; + + -s) stripcmd="$stripprog" + shift + continue;; + + -t=*) transformarg=`echo $1 | sed 's/-t=//'` + shift + continue;; + + -b=*) transformbasename=`echo $1 | sed 's/-b=//'` + shift + continue;; + + *) if [ x"$src" = x ] + then + src=$1 + else + # this colon is to work around a 386BSD /bin/sh bug + : + dst=$1 + fi + shift + continue;; + esac +done + +if [ x"$src" = x ] +then + echo "install: no input file specified" + exit 1 +else + true +fi + +if [ x"$dir_arg" != x ]; then + dst=$src + src="" + + if [ -d $dst ]; then + instcmd=: + chmodcmd="" + else + instcmd=mkdir + fi +else + +# Waiting for this to be detected by the "$instcmd $src $dsttmp" command +# might cause directories to be created, which would be especially bad +# if $src (and thus $dsttmp) contains '*'. + + if [ -f $src -o -d $src ] + then + true + else + echo "install: $src does not exist" + exit 1 + fi + + if [ x"$dst" = x ] + then + echo "install: no destination specified" + exit 1 + else + true + fi + +# If destination is a directory, append the input filename; if your system +# does not like double slashes in filenames, you may need to add some logic + + if [ -d $dst ] + then + dst="$dst"/`basename $src` + else + true + fi +fi + +## this sed command emulates the dirname command +dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'` + +# Make sure that the destination directory exists. +# this part is taken from Noah Friedman's mkinstalldirs script + +# Skip lots of stat calls in the usual case. +if [ ! -d "$dstdir" ]; then +defaultIFS=' +' +IFS="${IFS-${defaultIFS}}" + +oIFS="${IFS}" +# Some sh's can't handle IFS=/ for some reason. +IFS='%' +set - `echo ${dstdir} | sed -e 's@/@%@g' -e 's@^%@/@'` +IFS="${oIFS}" + +pathcomp='' + +while [ $# -ne 0 ] ; do + pathcomp="${pathcomp}${1}" + shift + + if [ ! -d "${pathcomp}" ] ; + then + $mkdirprog "${pathcomp}" + else + true + fi + + pathcomp="${pathcomp}/" +done +fi + +if [ x"$dir_arg" != x ] +then + $doit $instcmd $dst && + + if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi && + if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi && + if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi && + if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi +else + +# If we're going to rename the final executable, determine the name now. + + if [ x"$transformarg" = x ] + then + dstfile=`basename $dst` + else + dstfile=`basename $dst $transformbasename | + sed $transformarg`$transformbasename + fi + +# don't allow the sed command to completely eliminate the filename + + if [ x"$dstfile" = x ] + then + dstfile=`basename $dst` + else + true + fi + +# Make a temp file name in the proper directory. + + dsttmp=$dstdir/#inst.$$# + +# Move or copy the file name to the temp name + + $doit $instcmd $src $dsttmp && + + trap "rm -f ${dsttmp}" 0 && + +# and set any options; do chmod last to preserve setuid bits + +# If any of these fail, we abort the whole thing. If we want to +# ignore errors from any of these, just make sure not to ignore +# errors from the above "$doit $instcmd $src $dsttmp" command. + + if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi && + if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi && + if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi && + if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi && + +# Now rename the file to the real destination. + + $doit $rmcmd -f $dstdir/$dstfile && + $doit $mvcmd $dsttmp $dstdir/$dstfile + +fi && + + +exit 0 diff --git a/crypto/heimdal/lib/roken/make-print-version.c b/crypto/heimdal/lib/roken/make-print-version.c index d08e023..b29cf31 100644 --- a/crypto/heimdal/lib/roken/make-print-version.c +++ b/crypto/heimdal/lib/roken/make-print-version.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998 Kungliga Tekniska Högskolan + * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,13 +33,13 @@ #ifdef HAVE_CONFIG_H #include -RCSID("$Id: make-print-version.c,v 1.2 1999/12/02 16:58:51 joda Exp $"); +RCSID("$Id: make-print-version.c,v 1.3 2000/08/16 11:30:04 assar Exp $"); #endif #include #ifdef KRB5 -extern char *heimdal_version; +extern const char *heimdal_version; #endif #ifdef KRB4 extern char *krb4_version; diff --git a/crypto/heimdal/lib/roken/mini_inetd.c b/crypto/heimdal/lib/roken/mini_inetd.c index 9b8a650..bb31962 100644 --- a/crypto/heimdal/lib/roken/mini_inetd.c +++ b/crypto/heimdal/lib/roken/mini_inetd.c @@ -33,35 +33,11 @@ #ifdef HAVE_CONFIG_H #include -RCSID("$Id: mini_inetd.c,v 1.25 2000/01/26 00:54:48 assar Exp $"); -#endif - -#include - -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_TIME_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN6_H -#include -#endif -#ifdef HAVE_NETINET6_IN6_H -#include +RCSID("$Id: mini_inetd.c,v 1.28 2000/10/08 13:38:47 assar Exp $"); #endif #include -#include +#include "roken.h" /* * accept a connection on `s' and pretend it's served by inetd. @@ -72,7 +48,7 @@ accept_it (int s) { int s2; - s2 = accept(s, NULL, 0); + s2 = accept(s, NULL, NULL); if(s2 < 0) err (1, "accept"); close(s); @@ -127,6 +103,8 @@ mini_inetd (int port) err (1, "bind"); if (listen (fds[i], SOMAXCONN) < 0) err (1, "listen"); + if (fds[i] >= FD_SETSIZE) + errx (1, "fd too large"); FD_SET(fds[i], &orig_read_set); max_fd = max(max_fd, fds[i]); ++i; diff --git a/crypto/heimdal/lib/roken/missing b/crypto/heimdal/lib/roken/missing new file mode 100755 index 0000000..7789652 --- /dev/null +++ b/crypto/heimdal/lib/roken/missing @@ -0,0 +1,190 @@ +#! /bin/sh +# Common stub for a few missing GNU programs while installing. +# Copyright (C) 1996, 1997 Free Software Foundation, Inc. +# Franc,ois Pinard , 1996. + +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2, or (at your option) +# any later version. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. + +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA +# 02111-1307, USA. + +if test $# -eq 0; then + echo 1>&2 "Try \`$0 --help' for more information" + exit 1 +fi + +case "$1" in + + -h|--h|--he|--hel|--help) + echo "\ +$0 [OPTION]... PROGRAM [ARGUMENT]... + +Handle \`PROGRAM [ARGUMENT]...' for when PROGRAM is missing, or return an +error status if there is no known handling for PROGRAM. + +Options: + -h, --help display this help and exit + -v, --version output version information and exit + +Supported PROGRAM values: + aclocal touch file \`aclocal.m4' + autoconf touch file \`configure' + autoheader touch file \`config.h.in' + automake touch all \`Makefile.in' files + bison create \`y.tab.[ch]', if possible, from existing .[ch] + flex create \`lex.yy.c', if possible, from existing .c + lex create \`lex.yy.c', if possible, from existing .c + makeinfo touch the output file + yacc create \`y.tab.[ch]', if possible, from existing .[ch]" + ;; + + -v|--v|--ve|--ver|--vers|--versi|--versio|--version) + echo "missing - GNU libit 0.0" + ;; + + -*) + echo 1>&2 "$0: Unknown \`$1' option" + echo 1>&2 "Try \`$0 --help' for more information" + exit 1 + ;; + + aclocal) + echo 1>&2 "\ +WARNING: \`$1' is missing on your system. You should only need it if + you modified \`acinclude.m4' or \`configure.in'. You might want + to install the \`Automake' and \`Perl' packages. Grab them from + any GNU archive site." + touch aclocal.m4 + ;; + + autoconf) + echo 1>&2 "\ +WARNING: \`$1' is missing on your system. You should only need it if + you modified \`configure.in'. You might want to install the + \`Autoconf' and \`GNU m4' packages. Grab them from any GNU + archive site." + touch configure + ;; + + autoheader) + echo 1>&2 "\ +WARNING: \`$1' is missing on your system. You should only need it if + you modified \`acconfig.h' or \`configure.in'. You might want + to install the \`Autoconf' and \`GNU m4' packages. Grab them + from any GNU archive site." + files=`sed -n 's/^[ ]*A[CM]_CONFIG_HEADER(\([^)]*\)).*/\1/p' configure.in` + test -z "$files" && files="config.h" + touch_files= + for f in $files; do + case "$f" in + *:*) touch_files="$touch_files "`echo "$f" | + sed -e 's/^[^:]*://' -e 's/:.*//'`;; + *) touch_files="$touch_files $f.in";; + esac + done + touch $touch_files + ;; + + automake) + echo 1>&2 "\ +WARNING: \`$1' is missing on your system. You should only need it if + you modified \`Makefile.am', \`acinclude.m4' or \`configure.in'. + You might want to install the \`Automake' and \`Perl' packages. + Grab them from any GNU archive site." + find . -type f -name Makefile.am -print | + sed 's/\.am$/.in/' | + while read f; do touch "$f"; done + ;; + + bison|yacc) + echo 1>&2 "\ +WARNING: \`$1' is missing on your system. You should only need it if + you modified a \`.y' file. You may need the \`Bison' package + in order for those modifications to take effect. You can get + \`Bison' from any GNU archive site." + rm -f y.tab.c y.tab.h + if [ $# -ne 1 ]; then + eval LASTARG="\${$#}" + case "$LASTARG" in + *.y) + SRCFILE=`echo "$LASTARG" | sed 's/y$/c/'` + if [ -f "$SRCFILE" ]; then + cp "$SRCFILE" y.tab.c + fi + SRCFILE=`echo "$LASTARG" | sed 's/y$/h/'` + if [ -f "$SRCFILE" ]; then + cp "$SRCFILE" y.tab.h + fi + ;; + esac + fi + if [ ! -f y.tab.h ]; then + echo >y.tab.h + fi + if [ ! -f y.tab.c ]; then + echo 'main() { return 0; }' >y.tab.c + fi + ;; + + lex|flex) + echo 1>&2 "\ +WARNING: \`$1' is missing on your system. You should only need it if + you modified a \`.l' file. You may need the \`Flex' package + in order for those modifications to take effect. You can get + \`Flex' from any GNU archive site." + rm -f lex.yy.c + if [ $# -ne 1 ]; then + eval LASTARG="\${$#}" + case "$LASTARG" in + *.l) + SRCFILE=`echo "$LASTARG" | sed 's/l$/c/'` + if [ -f "$SRCFILE" ]; then + cp "$SRCFILE" lex.yy.c + fi + ;; + esac + fi + if [ ! -f lex.yy.c ]; then + echo 'main() { return 0; }' >lex.yy.c + fi + ;; + + makeinfo) + echo 1>&2 "\ +WARNING: \`$1' is missing on your system. You should only need it if + you modified a \`.texi' or \`.texinfo' file, or any other file + indirectly affecting the aspect of the manual. The spurious + call might also be the consequence of using a buggy \`make' (AIX, + DU, IRIX). You might want to install the \`Texinfo' package or + the \`GNU make' package. Grab either from any GNU archive site." + file=`echo "$*" | sed -n 's/.*-o \([^ ]*\).*/\1/p'` + if test -z "$file"; then + file=`echo "$*" | sed 's/.* \([^ ]*\) *$/\1/'` + file=`sed -n '/^@setfilename/ { s/.* \([^ ]*\) *$/\1/; p; q; }' $file` + fi + touch $file + ;; + + *) + echo 1>&2 "\ +WARNING: \`$1' is needed, and you do not seem to have it handy on your + system. You might have modified some files without having the + proper tools for further handling them. Check the \`README' file, + it often tells you about the needed prerequirements for installing + this package. You may also peek at any GNU archive site, in case + some other package would contain this missing \`$1' program." + exit 1 + ;; +esac + +exit 0 diff --git a/crypto/heimdal/lib/roken/mkinstalldirs b/crypto/heimdal/lib/roken/mkinstalldirs new file mode 100755 index 0000000..6b3b5fc --- /dev/null +++ b/crypto/heimdal/lib/roken/mkinstalldirs @@ -0,0 +1,40 @@ +#! /bin/sh +# mkinstalldirs --- make directory hierarchy +# Author: Noah Friedman +# Created: 1993-05-16 +# Public domain + +# $Id$ + +errstatus=0 + +for file +do + set fnord `echo ":$file" | sed -ne 's/^:\//#/;s/^://;s/\// /g;s/^#/\//;p'` + shift + + pathcomp= + for d + do + pathcomp="$pathcomp$d" + case "$pathcomp" in + -* ) pathcomp=./$pathcomp ;; + esac + + if test ! -d "$pathcomp"; then + echo "mkdir $pathcomp" + + mkdir "$pathcomp" || lasterr=$? + + if test ! -d "$pathcomp"; then + errstatus=$lasterr + fi + fi + + pathcomp="$pathcomp/" + done +done + +exit $errstatus + +# mkinstalldirs ends here diff --git a/crypto/heimdal/lib/roken/print_version.c b/crypto/heimdal/lib/roken/print_version.c index 3b35ee1..8b505fa 100644 --- a/crypto/heimdal/lib/roken/print_version.c +++ b/crypto/heimdal/lib/roken/print_version.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan + * Copyright (c) 1998 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #ifdef HAVE_CONFIG_H #include -RCSID("$Id: print_version.c,v 1.6 2000/02/06 06:52:32 assar Exp $"); +RCSID("$Id: print_version.c,v 1.7 2001/01/30 03:05:29 assar Exp $"); #endif #include "roken.h" @@ -72,7 +72,7 @@ print_version(const char *progname) } } fprintf(stderr, "%s (%s)\n", progname, msg); - fprintf(stderr, "Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan\n"); + fprintf(stderr, "Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan\n"); if(num_args != 0) free(msg); } diff --git a/crypto/heimdal/lib/roken/putenv.c b/crypto/heimdal/lib/roken/putenv.c index 80951d1..a6bdf60 100644 --- a/crypto/heimdal/lib/roken/putenv.c +++ b/crypto/heimdal/lib/roken/putenv.c @@ -33,7 +33,7 @@ #ifdef HAVE_CONFIG_H #include -RCSID("$Id: putenv.c,v 1.6 1999/12/02 16:58:51 joda Exp $"); +RCSID("$Id: putenv.c,v 1.7 2000/03/26 23:08:24 assar Exp $"); #endif #include @@ -47,30 +47,34 @@ extern char **environ; * Makes the value of the environment variable name equal to * value by altering an existing variable or creating a new one. */ -int putenv(const char *string) + +int +putenv(const char *string) { int i; + const char *eq = (const char *)strchr(string, '='); int len; - len = string - strchr(string, '=') + 1; + if (eq == NULL) + return 1; + len = eq - string; - if(environ == NULL){ + if(environ == NULL) { environ = malloc(sizeof(char*)); if(environ == NULL) return 1; environ[0] = NULL; } - for(i = 0; environ[i]; i++) - if(strncmp(string, environ[i], len)){ - environ[len] = string; + for(i = 0; environ[i] != NULL; i++) + if(strncmp(string, environ[i], len) == 0) { + environ[i] = string; return 0; } - environ = realloc(environ, sizeof(char*) * (i + 1)); + environ = realloc(environ, sizeof(char*) * (i + 2)); if(environ == NULL) return 1; - environ[i] = string; + environ[i] = string; environ[i+1] = NULL; return 0; } - diff --git a/crypto/heimdal/lib/roken/resolve.c b/crypto/heimdal/lib/roken/resolve.c index 8840740..76df287 100644 --- a/crypto/heimdal/lib/roken/resolve.c +++ b/crypto/heimdal/lib/roken/resolve.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -43,7 +43,7 @@ #endif #include "resolve.h" -RCSID("$Id: resolve.c,v 1.22 1999/12/02 16:58:52 joda Exp $"); +RCSID("$Id: resolve.c,v 1.26 2000/06/27 01:15:53 assar Exp $"); #if defined(HAVE_RES_SEARCH) && defined(HAVE_DN_EXPAND) @@ -56,18 +56,22 @@ static struct stot{ DECL(A), DECL(NS), DECL(CNAME), + DECL(SOA), DECL(PTR), DECL(MX), DECL(TXT), DECL(AFSDB), + DECL(SIG), + DECL(KEY), DECL(SRV), + DECL(NAPTR), {NULL, 0} }; -int _resolve_debug; +int _resolve_debug = 0; -static int -string_to_type(const char *name) +int +dns_string_to_type(const char *name) { struct stot *p = stot; for(p = stot; p->name; p++) @@ -76,8 +80,8 @@ string_to_type(const char *name) return -1; } -static const char * -type_to_string(int type) +const char * +dns_type_to_string(int type) { struct stot *p = stot; for(p = stot; p->name; p++) @@ -235,7 +239,72 @@ parse_reply(unsigned char *data, int len) (*rr)->u.txt[*p] = 0; break; } - + case T_KEY : { + size_t key_len; + + key_len = size - 4; + (*rr)->u.key = malloc (sizeof(*(*rr)->u.key) + key_len - 1); + if ((*rr)->u.key == NULL) { + dns_free_data (r); + return NULL; + } + + (*rr)->u.key->flags = (p[0] << 8) | p[1]; + (*rr)->u.key->protocol = p[2]; + (*rr)->u.key->algorithm = p[3]; + (*rr)->u.key->key_len = key_len; + memcpy ((*rr)->u.key->key_data, p + 4, key_len); + break; + } + case T_SIG : { + size_t sig_len; + + status = dn_expand (data, data + len, p + 18, host, sizeof(host)); + if (status < 0) { + dns_free_data (r); + return NULL; + } + sig_len = len - 18 - status; + (*rr)->u.sig = malloc(sizeof(*(*rr)->u.sig) + + strlen(host) + sig_len); + if ((*rr)->u.sig == NULL) { + dns_free_data (r); + return NULL; + } + (*rr)->u.sig->type = (p[0] << 8) | p[1]; + (*rr)->u.sig->algorithm = p[2]; + (*rr)->u.sig->labels = p[3]; + (*rr)->u.sig->orig_ttl = (p[4] << 24) | (p[5] << 16) + | (p[6] << 8) | p[7]; + (*rr)->u.sig->sig_expiration = (p[8] << 24) | (p[9] << 16) + | (p[10] << 8) | p[11]; + (*rr)->u.sig->sig_inception = (p[12] << 24) | (p[13] << 16) + | (p[14] << 8) | p[15]; + (*rr)->u.sig->key_tag = (p[16] << 8) | p[17]; + (*rr)->u.sig->sig_len = sig_len; + memcpy ((*rr)->u.sig->sig_data, p + 18 + status, sig_len); + (*rr)->u.sig->signer = &(*rr)->u.sig->sig_data[sig_len]; + strcpy((*rr)->u.sig->signer, host); + break; + } + + case T_CERT : { + size_t cert_len; + + cert_len = size - 5; + (*rr)->u.cert = malloc (sizeof(*(*rr)->u.cert) + cert_len - 1); + if ((*rr)->u.cert == NULL) { + dns_free_data (r); + return NULL; + } + + (*rr)->u.cert->type = (p[0] << 8) | p[1]; + (*rr)->u.cert->tag = (p[2] << 8) | p[3]; + (*rr)->u.cert->algorithm = p[4]; + (*rr)->u.cert->cert_len = cert_len; + memcpy ((*rr)->u.cert->cert_data, p + 5, cert_len); + break; + } default: (*rr)->u.data = (unsigned char*)malloc(size); if(size != 0 && (*rr)->u.data == NULL) { @@ -263,13 +332,13 @@ dns_lookup_int(const char *domain, int rr_class, int rr_type) old_options = _res.options; _res.options |= RES_DEBUG; fprintf(stderr, "dns_lookup(%s, %d, %s)\n", domain, - rr_class, type_to_string(rr_type)); + rr_class, dns_type_to_string(rr_type)); } len = res_search(domain, rr_class, rr_type, reply, sizeof(reply)); if (_resolve_debug) { _res.options = old_options; fprintf(stderr, "dns_lookup(%s, %d, %s) --> %d\n", - domain, rr_class, type_to_string(rr_type), len); + domain, rr_class, dns_type_to_string(rr_type), len); } if (len >= 0) r = parse_reply(reply, len); @@ -281,7 +350,7 @@ dns_lookup(const char *domain, const char *type_name) { int type; - type = string_to_type(type_name); + type = dns_string_to_type(type_name); if(type == -1) { if(_resolve_debug) fprintf(stderr, "dns_lookup: unknown resource type: `%s'\n", @@ -318,30 +387,49 @@ main(int argc, char **argv) return 1; } for(rr = r->head; rr;rr=rr->next){ - printf("%s %s %d ", rr->domain, type_to_string(rr->type), rr->ttl); + printf("%s %s %d ", rr->domain, dns_type_to_string(rr->type), rr->ttl); switch(rr->type){ case T_NS: + case T_CNAME: + case T_PTR: printf("%s\n", (char*)rr->u.data); break; case T_A: - printf("%d.%d.%d.%d\n", - ((unsigned char*)rr->u.data)[0], - ((unsigned char*)rr->u.data)[1], - ((unsigned char*)rr->u.data)[2], - ((unsigned char*)rr->u.data)[3]); + printf("%s\n", inet_ntoa(*rr->u.a)); break; case T_MX: case T_AFSDB:{ - struct mx_record *mx = (struct mx_record*)rr->u.data; - printf("%d %s\n", mx->preference, mx->domain); + printf("%d %s\n", rr->u.mx->preference, rr->u.mx->domain); break; } case T_SRV:{ - struct srv_record *srv = (struct srv_record*)rr->u.data; + struct srv_record *srv = rr->u.srv; printf("%d %d %d %s\n", srv->priority, srv->weight, srv->port, srv->target); break; } + case T_TXT: { + printf("%s\n", rr->u.txt); + break; + } + case T_SIG : { + struct sig_record *sig = rr->u.sig; + const char *type_string = dns_type_to_string (sig->type); + + printf ("type %u (%s), algorithm %u, labels %u, orig_ttl %u, sig_expiration %u, sig_inception %u, key_tag %u, signer %s\n", + sig->type, type_string ? type_string : "", + sig->algorithm, sig->labels, sig->orig_ttl, + sig->sig_expiration, sig->sig_inception, sig->key_tag, + sig->signer); + break; + } + case T_KEY : { + struct key_record *key = rr->u.key; + + printf ("flags %u, protocol %u, algorithm %u\n", + key->flags, key->protocol, key->algorithm); + break; + } default: printf("\n"); break; diff --git a/crypto/heimdal/lib/roken/resolve.h b/crypto/heimdal/lib/roken/resolve.h index c90f6b5..1c2e9a7 100644 --- a/crypto/heimdal/lib/roken/resolve.h +++ b/crypto/heimdal/lib/roken/resolve.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -31,7 +31,7 @@ * SUCH DAMAGE. */ -/* $Id: resolve.h,v 1.8 1999/12/02 16:58:52 joda Exp $ */ +/* $Id: resolve.h,v 1.12 2000/10/15 21:28:56 assar Exp $ */ #ifndef __RESOLVE_H__ #define __RESOLVE_H__ @@ -44,12 +44,21 @@ #ifndef T_AFSDB #define T_AFSDB 18 #endif +#ifndef T_SIG +#define T_SIG 24 +#endif +#ifndef T_KEY +#define T_KEY 25 +#endif #ifndef T_SRV #define T_SRV 33 #endif #ifndef T_NAPTR #define T_NAPTR 35 #endif +#ifndef T_CERT +#define T_CERT 37 +#endif struct dns_query{ char *domain; @@ -69,6 +78,35 @@ struct srv_record{ char target[1]; }; +struct key_record { + unsigned flags; + unsigned protocol; + unsigned algorithm; + size_t key_len; + u_char key_data[1]; +}; + +struct sig_record { + unsigned type; + unsigned algorithm; + unsigned labels; + unsigned orig_ttl; + unsigned sig_expiration; + unsigned sig_inception; + unsigned key_tag; + char *signer; + unsigned sig_len; + char sig_data[1]; /* also includes signer */ +}; + +struct cert_record { + unsigned type; + unsigned tag; + unsigned algorithm; + size_t cert_len; + u_char cert_data[1]; +}; + struct resource_record{ char *domain; unsigned type; @@ -82,6 +120,9 @@ struct resource_record{ struct srv_record *srv; struct in_addr *a; char *txt; + struct key_record *key; + struct cert_record *cert; + struct sig_record *sig; }u; struct resource_record *next; }; @@ -99,5 +140,7 @@ struct dns_reply{ struct dns_reply* dns_lookup(const char *, const char *); void dns_free_data(struct dns_reply *); +int dns_string_to_type(const char *name); +const char *dns_type_to_string(int type); #endif /* __RESOLVE_H__ */ diff --git a/crypto/heimdal/lib/roken/roken-common.h b/crypto/heimdal/lib/roken/roken-common.h index 8bdc986..2227336 100644 --- a/crypto/heimdal/lib/roken/roken-common.h +++ b/crypto/heimdal/lib/roken/roken-common.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -31,11 +31,19 @@ * SUCH DAMAGE. */ -/* $Id: roken-common.h,v 1.27 2000/02/14 02:24:44 assar Exp $ */ +/* $Id: roken-common.h,v 1.42 2001/01/29 02:09:09 assar Exp $ */ #ifndef __ROKEN_COMMON_H__ #define __ROKEN_COMMON_H__ +#ifdef __cplusplus +#define ROKEN_CPP_START extern "C" { +#define ROKEN_CPP_END } +#else +#define ROKEN_CPP_START +#define ROKEN_CPP_END +#endif + #ifndef INADDR_NONE #define INADDR_NONE 0xffffffff #endif @@ -116,12 +124,20 @@ #define _PATH_HEQUIV "/etc/hosts.equiv" #endif +#ifndef _PATH_VARRUN +#define _PATH_VARRUN "/var/run/" +#endif + +#ifndef _PATH_BSHELL +#define _PATH_BSHELL "/bin/sh" +#endif + #ifndef MAXPATHLEN #define MAXPATHLEN (1024+4) #endif #ifndef SIG_ERR -#define SIG_ERR ((RETSIGTYPE (*)())-1) +#define SIG_ERR ((RETSIGTYPE (*)(int))-1) #endif /* @@ -233,9 +249,11 @@ #define __attribute__(x) #endif +ROKEN_CPP_START + #if IRIX != 4 /* fix for compiler bug */ #ifdef RETSIGTYPE -typedef RETSIGTYPE (*SigAction)(/* int??? */); +typedef RETSIGTYPE (*SigAction)(int); SigAction signal(int iSig, SigAction pAction); /* BSD compatible */ #endif #endif @@ -244,6 +262,7 @@ int ROKEN_LIB_FUNCTION simple_execve(const char*, char*const[], char*const[]); int ROKEN_LIB_FUNCTION simple_execvp(const char*, char *const[]); int ROKEN_LIB_FUNCTION simple_execlp(const char*, ...); int ROKEN_LIB_FUNCTION simple_execle(const char*, ...); +int ROKEN_LIB_FUNCTION simple_execl(const char *file, ...); void ROKEN_LIB_FUNCTION print_version(const char *); @@ -255,6 +274,9 @@ ssize_t ROKEN_LIB_FUNCTION eread (int fd, void *buf, size_t nbytes); ssize_t ROKEN_LIB_FUNCTION ewrite (int fd, const void *buf, size_t nbytes); void +esetenv(const char *var, const char *val, int rewrite); + +void socket_set_address_and_port (struct sockaddr *sa, const void *ptr, int port); size_t @@ -290,5 +312,19 @@ vstrcollect(va_list *ap); char ** strcollect(char *first, ...); +void timevalfix(struct timeval *t1); +void timevaladd(struct timeval *t1, const struct timeval *t2); +void timevalsub(struct timeval *t1, const struct timeval *t2); + +char *pid_file_write (const char *progname); +void pid_file_delete (char **); + +int +read_environment(const char *file, char ***env); + +void warnerr(int doerrno, const char *fmt, va_list ap) + __attribute__ ((format (printf, 2, 0))); + +ROKEN_CPP_END #endif /* __ROKEN_COMMON_H__ */ diff --git a/crypto/heimdal/lib/roken/roken.awk b/crypto/heimdal/lib/roken/roken.awk index 626fae5..c1676f7 100644 --- a/crypto/heimdal/lib/roken/roken.awk +++ b/crypto/heimdal/lib/roken/roken.awk @@ -1,3 +1,5 @@ +# $Id: roken.awk,v 1.6 2000/08/16 01:56:30 assar Exp $ + BEGIN { print "#include " print "#ifdef HAVE_CONFIG_H" @@ -13,8 +15,10 @@ BEGIN { print "puts(\"\");" } END { + print "puts(\"#define ROKEN_VERSION \" VERSION );" + print "puts(\"\");" print "puts(\"#endif /* __ROKEN_H__ */\");" - print "exit(0);" + print "return 0;" print "}" } diff --git a/crypto/heimdal/lib/roken/roken.h.in b/crypto/heimdal/lib/roken/roken.h.in index 3abe6eb..b16ae5d 100644 --- a/crypto/heimdal/lib/roken/roken.h.in +++ b/crypto/heimdal/lib/roken/roken.h.in @@ -1,6 +1,6 @@ /* -*- C -*- */ /* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -32,13 +32,18 @@ * SUCH DAMAGE. */ -/* $Id: roken.h.in,v 1.135 2000/02/14 02:24:20 assar Exp $ */ +/* $Id: roken.h.in,v 1.148 2001/01/27 05:28:09 assar Exp $ */ #include #include #include #include #include + +#ifdef _AIX +struct ether_addr; +struct sockaddr_dl; +#endif #ifdef HAVE_SYS_PARAM_H #include #endif @@ -109,9 +114,6 @@ #include #endif -#ifdef __cplusplus -extern "C" { -#endif #ifndef ROKEN_LIB_FUNCTION #if defined(__BORLANDC__) @@ -125,6 +127,8 @@ extern "C" { #include +ROKEN_CPP_START + #if !defined(HAVE_SETSID) && defined(HAVE__SETSID) #define setsid _setsid #endif @@ -196,6 +200,10 @@ size_t strnlen(const char*, size_t); char *strsep(char**, const char*); #endif +#if !defined(HAVE_STRSEP_COPY) || defined(NEED_STRSEP_COPY_PROTO) +ssize_t strsep_copy(const char**, const char*, char*, size_t); +#endif + #ifndef HAVE_STRCASECMP int strcasecmp(const char *s1, const char *s2); #endif @@ -340,6 +348,10 @@ int mkstemp(char *template); #endif +#ifndef HAVE_PIDFILE +void pidfile (const char*); +#endif + #ifndef HAVE_FLOCK #ifndef LOCK_SH #define LOCK_SH 1 /* Shared lock */ @@ -450,7 +462,7 @@ typedef unsigned short sa_family_t; typedef unsigned char roken_sa_family_t; -#define _SS_PAD1SIZE (_SS_ALIGNSIZE - sizeof (roken_sa_family_t) - sizeof(unsigned char)) +#define _SS_PAD1SIZE ((2 * _SS_ALIGNSIZE - sizeof (roken_sa_family_t) - sizeof(unsigned char)) % _SS_ALIGNSIZE) #define _SS_PAD2SIZE (_SS_MAXSIZE - (sizeof (roken_sa_family_t) + sizeof(unsigned char) + _SS_PAD1SIZE + _SS_ALIGNSIZE)) struct sockaddr_storage { @@ -464,7 +476,7 @@ struct sockaddr_storage { typedef unsigned short roken_sa_family_t; -#define _SS_PAD1SIZE (_SS_ALIGNSIZE - sizeof (roken_sa_family_t)) +#define _SS_PAD1SIZE ((2 * _SS_ALIGNSIZE - sizeof (roken_sa_family_t)) % _SS_ALIGNSIZE) #define _SS_PAD2SIZE (_SS_MAXSIZE - (sizeof (roken_sa_family_t) + _SS_PAD1SIZE + _SS_ALIGNSIZE)) struct sockaddr_storage { @@ -521,8 +533,8 @@ getnameinfo_verified(const struct sockaddr *sa, socklen_t salen, char *serv, size_t servlen, int flags); -int -roken_getaddrinfo_hostspec(const char *, int, struct addrinfo **); +int roken_getaddrinfo_hostspec(const char *, int, struct addrinfo **); +int roken_getaddrinfo_hostspec2(const char *, int, int, struct addrinfo **); #ifndef HAVE_STRFTIME size_t @@ -569,8 +581,13 @@ struct hostent* roken_gethostbyaddr(const void*, size_t, int); #define roken_openlog(a,b,c) openlog((char *)a,b,c) #endif +#ifdef GETSOCKNAME_PROTO_COMPATIBLE +#define roken_getsockname(a,b,c) getsockname(a,b,c) +#else +#define roken_getsockname(a,b,c) getsockname(a, b, (void*)c) +#endif + void set_progname(char *argv0); +const char *get_progname(void); -#ifdef __cplusplus -} -#endif +ROKEN_CPP_END diff --git a/crypto/heimdal/lib/roken/rtbl.c b/crypto/heimdal/lib/roken/rtbl.c new file mode 100644 index 0000000..098b601 --- /dev/null +++ b/crypto/heimdal/lib/roken/rtbl.c @@ -0,0 +1,278 @@ +/* + * Copyright (c) 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include +RCSID ("$Id: rtbl.c,v 1.3 2000/07/20 14:42:31 assar Exp $"); +#endif +#include "roken.h" +#include "rtbl.h" + +struct column_entry { + char *data; +}; + +struct column_data { + char *header; + char *prefix; + int width; + unsigned flags; + size_t num_rows; + struct column_entry *rows; +}; + +struct rtbl_data { + char *column_prefix; + size_t num_columns; + struct column_data **columns; +}; + +rtbl_t +rtbl_create (void) +{ + return calloc (1, sizeof (struct rtbl_data)); +} + +static struct column_data * +rtbl_get_column (rtbl_t table, const char *column) +{ + int i; + for(i = 0; i < table->num_columns; i++) + if(strcmp(table->columns[i]->header, column) == 0) + return table->columns[i]; + return NULL; +} + +void +rtbl_destroy (rtbl_t table) +{ + int i, j; + + for (i = 0; i < table->num_columns; i++) { + struct column_data *c = table->columns[i]; + + for (j = 0; j < c->num_rows; j++) + free (c->rows[j].data); + free (c->header); + free (c->prefix); + free (c); + } + free (table->column_prefix); + free (table->columns); +} + +int +rtbl_add_column (rtbl_t table, const char *header, unsigned int flags) +{ + struct column_data *col, **tmp; + + tmp = realloc (table->columns, (table->num_columns + 1) * sizeof (*tmp)); + if (tmp == NULL) + return ENOMEM; + table->columns = tmp; + col = malloc (sizeof (*col)); + if (col == NULL) + return ENOMEM; + col->header = strdup (header); + if (col->header == NULL) { + free (col); + return ENOMEM; + } + col->prefix = NULL; + col->width = 0; + col->flags = flags; + col->num_rows = 0; + col->rows = NULL; + table->columns[table->num_columns++] = col; + return 0; +} + +static void +column_compute_width (struct column_data *column) +{ + int i; + + column->width = strlen (column->header); + for (i = 0; i < column->num_rows; i++) + column->width = max (column->width, strlen (column->rows[i].data)); +} + +int +rtbl_set_prefix (rtbl_t table, const char *prefix) +{ + if (table->column_prefix) + free (table->column_prefix); + table->column_prefix = strdup (prefix); + if (table->column_prefix == NULL) + return ENOMEM; + return 0; +} + +int +rtbl_set_column_prefix (rtbl_t table, const char *column, + const char *prefix) +{ + struct column_data *c = rtbl_get_column (table, column); + + if (c == NULL) + return -1; + if (c->prefix) + free (c->prefix); + c->prefix = strdup (prefix); + if (c->prefix == NULL) + return ENOMEM; + return 0; +} + + +static const char * +get_column_prefix (rtbl_t table, struct column_data *c) +{ + if (c == NULL) + return ""; + if (c->prefix) + return c->prefix; + if (table->column_prefix) + return table->column_prefix; + return ""; +} + +int +rtbl_add_column_entry (rtbl_t table, const char *column, const char *data) +{ + struct column_entry row, *tmp; + + struct column_data *c = rtbl_get_column (table, column); + + if (c == NULL) + return -1; + + row.data = strdup (data); + if (row.data == NULL) + return ENOMEM; + tmp = realloc (c->rows, (c->num_rows + 1) * sizeof (*tmp)); + if (tmp == NULL) { + free (row.data); + return ENOMEM; + } + c->rows = tmp; + c->rows[c->num_rows++] = row; + return 0; +} + +int +rtbl_format (rtbl_t table, FILE * f) +{ + int i, j; + + for (i = 0; i < table->num_columns; i++) + column_compute_width (table->columns[i]); + for (i = 0; i < table->num_columns; i++) { + struct column_data *c = table->columns[i]; + + fprintf (f, "%s", get_column_prefix (table, c)); + fprintf (f, "%-*s", (int)c->width, c->header); + } + fprintf (f, "\n"); + + for (j = 0;; j++) { + int flag = 0; + + for (i = 0; flag == 0 && i < table->num_columns; ++i) { + struct column_data *c = table->columns[i]; + + if (c->num_rows > j) { + ++flag; + break; + } + } + if (flag == 0) + break; + + for (i = 0; i < table->num_columns; i++) { + int w; + struct column_data *c = table->columns[i]; + + w = c->width; + + if ((c->flags & RTBL_ALIGN_RIGHT) == 0) + w = -w; + fprintf (f, "%s", get_column_prefix (table, c)); + if (c->num_rows <= j) + fprintf (f, "%*s", w, ""); + else + fprintf (f, "%*s", w, c->rows[j].data); + } + fprintf (f, "\n"); + } + return 0; +} + +#ifdef TEST +int +main (int argc, char **argv) +{ + rtbl_t table; + unsigned int a, b, c, d; + + table = rtbl_create (); + rtbl_add_column (table, "Issued", 0, &a); + rtbl_add_column (table, "Expires", 0, &b); + rtbl_add_column (table, "Foo", RTBL_ALIGN_RIGHT, &d); + rtbl_add_column (table, "Principal", 0, &c); + + rtbl_add_column_entry (table, a, "Jul 7 21:19:29"); + rtbl_add_column_entry (table, b, "Jul 8 07:19:29"); + rtbl_add_column_entry (table, d, "73"); + rtbl_add_column_entry (table, d, "0"); + rtbl_add_column_entry (table, d, "-2000"); + rtbl_add_column_entry (table, c, "krbtgt/NADA.KTH.SE@NADA.KTH.SE"); + + rtbl_add_column_entry (table, a, "Jul 7 21:19:29"); + rtbl_add_column_entry (table, b, "Jul 8 07:19:29"); + rtbl_add_column_entry (table, c, "afs/pdc.kth.se@NADA.KTH.SE"); + + rtbl_add_column_entry (table, a, "Jul 7 21:19:29"); + rtbl_add_column_entry (table, b, "Jul 8 07:19:29"); + rtbl_add_column_entry (table, c, "afs@NADA.KTH.SE"); + + rtbl_set_prefix (table, " "); + rtbl_set_column_prefix (table, a, ""); + + rtbl_format (table, stdout); + + rtbl_destroy (table); + +} + +#endif diff --git a/crypto/heimdal/lib/roken/rtbl.h b/crypto/heimdal/lib/roken/rtbl.h new file mode 100644 index 0000000..16496a7 --- /dev/null +++ b/crypto/heimdal/lib/roken/rtbl.h @@ -0,0 +1,57 @@ +/* + * Copyright (c) 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifndef __rtbl_h__ +#define __rtbl_h__ + +struct rtbl_data; +typedef struct rtbl_data *rtbl_t; + +#define RTBL_ALIGN_LEFT 0 +#define RTBL_ALIGN_RIGHT 1 + +rtbl_t rtbl_create (void); + +void rtbl_destroy (rtbl_t); + +int rtbl_set_prefix (rtbl_t, const char*); + +int rtbl_set_column_prefix (rtbl_t, const char*, const char*); + +int rtbl_add_column (rtbl_t, const char*, unsigned int); + +int rtbl_add_column_entry (rtbl_t, const char*, const char*); + +int rtbl_format (rtbl_t, FILE*); + +#endif /* __rtbl_h__ */ diff --git a/crypto/heimdal/lib/roken/signal.c b/crypto/heimdal/lib/roken/signal.c index 85f36ee..1d482a0 100644 --- a/crypto/heimdal/lib/roken/signal.c +++ b/crypto/heimdal/lib/roken/signal.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,10 +33,11 @@ #ifdef HAVE_CONFIG_H #include -RCSID("$Id: signal.c,v 1.10 1999/12/14 01:37:58 assar Exp $"); +RCSID("$Id: signal.c,v 1.12 2000/07/08 12:39:06 assar Exp $"); #endif #include +#include "roken.h" /* * We would like to always use this signal but there is a link error @@ -49,8 +50,6 @@ RCSID("$Id: signal.c,v 1.10 1999/12/14 01:37:58 assar Exp $"); * Do we need any extra hacks for SIGCLD and/or SIGCHLD? */ -typedef RETSIGTYPE (*SigAction)(/* int??? */); - SigAction signal(int iSig, SigAction pAction) { diff --git a/crypto/heimdal/lib/roken/simple_exec.c b/crypto/heimdal/lib/roken/simple_exec.c index 4aa22fa..c7e22d9 100644 --- a/crypto/heimdal/lib/roken/simple_exec.c +++ b/crypto/heimdal/lib/roken/simple_exec.c @@ -33,7 +33,7 @@ #ifdef HAVE_CONFIG_H #include -RCSID("$Id: simple_exec.c,v 1.7 2000/01/09 10:58:51 assar Exp $"); +RCSID("$Id: simple_exec.c,v 1.8 2000/11/05 16:41:06 joda Exp $"); #endif #include @@ -148,3 +148,20 @@ simple_execle(const char *file, ... /* ,char *const envp[] */) free(argv); return ret; } + +int +simple_execl(const char *file, ...) +{ + va_list ap; + char **argv; + int ret; + + va_start(ap, file); + argv = vstrcollect(&ap); + va_end(ap); + if(argv == NULL) + return -1; + ret = simple_execve(file, argv, environ); + free(argv); + return ret; +} diff --git a/crypto/heimdal/lib/roken/snprintf.c b/crypto/heimdal/lib/roken/snprintf.c index 4f69e66..205dc58 100644 --- a/crypto/heimdal/lib/roken/snprintf.c +++ b/crypto/heimdal/lib/roken/snprintf.c @@ -33,7 +33,7 @@ #ifdef HAVE_CONFIG_H #include -RCSID("$Id: snprintf.c,v 1.25 2000/02/16 01:38:52 assar Exp $"); +RCSID("$Id: snprintf.c,v 1.28 2000/12/15 14:04:42 joda Exp $"); #endif #include #include @@ -214,28 +214,31 @@ append_string (struct state *state, int prec, int flags) { - if(prec != -1) - width -= prec; - else - width -= strlen((char *)arg); - if(!(flags & minus_flag)) - while(width-- > 0) - if((*state->append_char) (state, ' ')) - return 1; - if (prec != -1) { - while (*arg && prec--) - if ((*state->append_char) (state, *arg++)) - return 1; - } else { - while (*arg) - if ((*state->append_char) (state, *arg++)) - return 1; - } - if(flags & minus_flag) - while(width-- > 0) - if((*state->append_char) (state, ' ')) - return 1; - return 0; + if(arg == NULL) + arg = (unsigned char*)"(null)"; + + if(prec != -1) + width -= prec; + else + width -= strlen((char *)arg); + if(!(flags & minus_flag)) + while(width-- > 0) + if((*state->append_char) (state, ' ')) + return 1; + if (prec != -1) { + while (*arg && prec--) + if ((*state->append_char) (state, *arg++)) + return 1; + } else { + while (*arg) + if ((*state->append_char) (state, *arg++)) + return 1; + } + if(flags & minus_flag) + while(width-- > 0) + if((*state->append_char) (state, ' ')) + return 1; + return 0; } static int diff --git a/crypto/heimdal/lib/roken/socket.c b/crypto/heimdal/lib/roken/socket.c index 6e9c3df..d8463d5 100644 --- a/crypto/heimdal/lib/roken/socket.c +++ b/crypto/heimdal/lib/roken/socket.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,28 +33,10 @@ #ifdef HAVE_CONFIG_H #include -RCSID("$Id: socket.c,v 1.3 1999/12/02 16:58:52 joda Exp $"); -#endif - -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN_SYSTM_H -#include -#endif -#ifdef HAVE_NETINET_IP_H -#include +RCSID("$Id: socket.c,v 1.5 2000/07/27 04:41:06 assar Exp $"); #endif #include - #include /* @@ -246,9 +228,9 @@ socket_set_port (struct sockaddr *sa, int port) void socket_set_debug (int sock) { +#if defined(SO_DEBUG) && defined(HAVE_SETSOCKOPT) int on = 1; -#if defined(SO_DEBUG) && defined(HAVE_SETSOCKOPT) if (setsockopt (sock, SOL_SOCKET, SO_DEBUG, (void *) &on, sizeof (on)) < 0) warn ("setsockopt SO_DEBUG (ignored)"); #endif diff --git a/crypto/heimdal/lib/roken/strftime.c b/crypto/heimdal/lib/roken/strftime.c index b90614b..6056073 100644 --- a/crypto/heimdal/lib/roken/strftime.c +++ b/crypto/heimdal/lib/roken/strftime.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -35,7 +35,7 @@ #endif #include "roken.h" -RCSID("$Id: strftime.c,v 1.10 1999/11/13 04:18:33 assar Exp $"); +RCSID("$Id: strftime.c,v 1.11 2000/07/08 14:22:12 assar Exp $"); static const char *abb_weekdays[] = { "Sun", diff --git a/crypto/heimdal/lib/roken/strsep_copy.c b/crypto/heimdal/lib/roken/strsep_copy.c new file mode 100644 index 0000000..f097022 --- /dev/null +++ b/crypto/heimdal/lib/roken/strsep_copy.c @@ -0,0 +1,67 @@ +/* + * Copyright (c) 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include +RCSID("$Id: strsep_copy.c,v 1.3 2000/06/29 03:13:36 assar Exp $"); +#endif + +#include + +#include "roken.h" + +#ifndef HAVE_STRSEP_COPY + +/* strsep, but with const stringp, so return string in buf */ + +ssize_t +strsep_copy(const char **stringp, const char *delim, char *buf, size_t len) +{ + const char *save = *stringp; + size_t l; + if(save == NULL) + return -1; + *stringp = *stringp + strcspn(*stringp, delim); + l = min(len, *stringp - save); + memcpy(buf, save, l); + buf[l] = '\0'; + + l = *stringp - save; + if(**stringp == '\0') + *stringp = NULL; + else + (*stringp)++; + return l; +} + +#endif diff --git a/crypto/heimdal/lib/roken/timeval.c b/crypto/heimdal/lib/roken/timeval.c new file mode 100644 index 0000000..ea4dee8 --- /dev/null +++ b/crypto/heimdal/lib/roken/timeval.c @@ -0,0 +1,84 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* + * Timeval stuff + */ + +#ifdef HAVE_CONFIG_H +#include +RCSID("$Id: timeval.c,v 1.1 2000/03/03 09:02:42 assar Exp $"); +#endif + +#include "roken.h" + +/* + * Make `t1' consistent. + */ + +void +timevalfix(struct timeval *t1) +{ + if (t1->tv_usec < 0) { + t1->tv_sec--; + t1->tv_usec += 1000000; + } + if (t1->tv_usec >= 1000000) { + t1->tv_sec++; + t1->tv_usec -= 1000000; + } +} + +/* + * t1 += t2 + */ + +void +timevaladd(struct timeval *t1, const struct timeval *t2) +{ + t1->tv_sec += t2->tv_sec; + t1->tv_usec += t2->tv_usec; + timevalfix(t1); +} + +/* + * t1 -= t2 + */ + +void +timevalsub(struct timeval *t1, const struct timeval *t2) +{ + t1->tv_sec -= t2->tv_sec; + t1->tv_usec -= t2->tv_usec; + timevalfix(t1); +} diff --git a/crypto/heimdal/lib/roken/unvis.c b/crypto/heimdal/lib/roken/unvis.c new file mode 100644 index 0000000..363564c --- /dev/null +++ b/crypto/heimdal/lib/roken/unvis.c @@ -0,0 +1,288 @@ +/* $NetBSD: unvis.c,v 1.19 2000/01/22 22:19:13 mycroft Exp $ */ + +/*- + * Copyright (c) 1989, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#if 1 +#ifdef HAVE_CONFIG_H +#include +RCSID("$Id: unvis.c,v 1.2 2000/12/06 21:41:46 joda Exp $"); +#endif +#include +#ifndef _DIAGASSERT +#define _DIAGASSERT(X) +#endif +#else +#include +#if defined(LIBC_SCCS) && !defined(lint) +#if 0 +static char sccsid[] = "@(#)unvis.c 8.1 (Berkeley) 6/4/93"; +#else +__RCSID("$NetBSD: unvis.c,v 1.19 2000/01/22 22:19:13 mycroft Exp $"); +#endif +#endif /* LIBC_SCCS and not lint */ + +#define __LIBC12_SOURCE__ + +#include "namespace.h" +#endif +#include + +#include +#include +#include +#include + +#if 0 +#ifdef __weak_alias +__weak_alias(strunvis,_strunvis) +__weak_alias(unvis,_unvis) +#endif + +__warn_references(unvis, + "warning: reference to compatibility unvis(); include for correct reference") +#endif + +/* + * decode driven by state machine + */ +#define S_GROUND 0 /* haven't seen escape char */ +#define S_START 1 /* start decoding special sequence */ +#define S_META 2 /* metachar started (M) */ +#define S_META1 3 /* metachar more, regular char (-) */ +#define S_CTRL 4 /* control char started (^) */ +#define S_OCTAL2 5 /* octal digit 2 */ +#define S_OCTAL3 6 /* octal digit 3 */ + +#define isoctal(c) (((u_char)(c)) >= '0' && ((u_char)(c)) <= '7') + +/* + * unvis - decode characters previously encoded by vis + */ +#ifndef HAVE_UNVIS +int +unvis(char *cp, int c, int *astate, int flag) +{ + + _DIAGASSERT(cp != NULL); + _DIAGASSERT(astate != NULL); + + if (flag & UNVIS_END) { + if (*astate == S_OCTAL2 || *astate == S_OCTAL3) { + *astate = S_GROUND; + return (UNVIS_VALID); + } + return (*astate == S_GROUND ? UNVIS_NOCHAR : UNVIS_SYNBAD); + } + + switch (*astate) { + + case S_GROUND: + *cp = 0; + if (c == '\\') { + *astate = S_START; + return (0); + } + *cp = c; + return (UNVIS_VALID); + + case S_START: + switch(c) { + case '\\': + *cp = c; + *astate = S_GROUND; + return (UNVIS_VALID); + case '0': case '1': case '2': case '3': + case '4': case '5': case '6': case '7': + *cp = (c - '0'); + *astate = S_OCTAL2; + return (0); + case 'M': + *cp = (char)0200; + *astate = S_META; + return (0); + case '^': + *astate = S_CTRL; + return (0); + case 'n': + *cp = '\n'; + *astate = S_GROUND; + return (UNVIS_VALID); + case 'r': + *cp = '\r'; + *astate = S_GROUND; + return (UNVIS_VALID); + case 'b': + *cp = '\b'; + *astate = S_GROUND; + return (UNVIS_VALID); + case 'a': + *cp = '\007'; + *astate = S_GROUND; + return (UNVIS_VALID); + case 'v': + *cp = '\v'; + *astate = S_GROUND; + return (UNVIS_VALID); + case 't': + *cp = '\t'; + *astate = S_GROUND; + return (UNVIS_VALID); + case 'f': + *cp = '\f'; + *astate = S_GROUND; + return (UNVIS_VALID); + case 's': + *cp = ' '; + *astate = S_GROUND; + return (UNVIS_VALID); + case 'E': + *cp = '\033'; + *astate = S_GROUND; + return (UNVIS_VALID); + case '\n': + /* + * hidden newline + */ + *astate = S_GROUND; + return (UNVIS_NOCHAR); + case '$': + /* + * hidden marker + */ + *astate = S_GROUND; + return (UNVIS_NOCHAR); + } + *astate = S_GROUND; + return (UNVIS_SYNBAD); + + case S_META: + if (c == '-') + *astate = S_META1; + else if (c == '^') + *astate = S_CTRL; + else { + *astate = S_GROUND; + return (UNVIS_SYNBAD); + } + return (0); + + case S_META1: + *astate = S_GROUND; + *cp |= c; + return (UNVIS_VALID); + + case S_CTRL: + if (c == '?') + *cp |= 0177; + else + *cp |= c & 037; + *astate = S_GROUND; + return (UNVIS_VALID); + + case S_OCTAL2: /* second possible octal digit */ + if (isoctal(c)) { + /* + * yes - and maybe a third + */ + *cp = (*cp << 3) + (c - '0'); + *astate = S_OCTAL3; + return (0); + } + /* + * no - done with current sequence, push back passed char + */ + *astate = S_GROUND; + return (UNVIS_VALIDPUSH); + + case S_OCTAL3: /* third possible octal digit */ + *astate = S_GROUND; + if (isoctal(c)) { + *cp = (*cp << 3) + (c - '0'); + return (UNVIS_VALID); + } + /* + * we were done, push back passed char + */ + return (UNVIS_VALIDPUSH); + + default: + /* + * decoder in unknown state - (probably uninitialized) + */ + *astate = S_GROUND; + return (UNVIS_SYNBAD); + } +} +#endif + +/* + * strunvis - decode src into dst + * + * Number of chars decoded into dst is returned, -1 on error. + * Dst is null terminated. + */ + +#ifndef HAVE_STRUNVIS +int +strunvis(char *dst, const char *src) +{ + char c; + char *start = dst; + int state = 0; + + _DIAGASSERT(src != NULL); + _DIAGASSERT(dst != NULL); + + while ((c = *src++) != '\0') { + again: + switch (unvis(dst, c, &state, 0)) { + case UNVIS_VALID: + dst++; + break; + case UNVIS_VALIDPUSH: + dst++; + goto again; + case 0: + case UNVIS_NOCHAR: + break; + default: + return (-1); + } + } + if (unvis(dst, c, &state, UNVIS_END) == UNVIS_VALID) + dst++; + *dst = '\0'; + return (dst - start); +} +#endif diff --git a/crypto/heimdal/lib/roken/verr.c b/crypto/heimdal/lib/roken/verr.c index 511e640..67b4512 100644 --- a/crypto/heimdal/lib/roken/verr.c +++ b/crypto/heimdal/lib/roken/verr.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,10 +33,11 @@ #ifdef HAVE_CONFIG_H #include -RCSID("$Id: verr.c,v 1.8 1999/12/02 16:58:53 joda Exp $"); +RCSID("$Id: verr.c,v 1.10 2001/01/25 12:41:39 assar Exp $"); #endif -#include "err.h" +#include "roken.h" +#include void verr(int eval, const char *fmt, va_list ap) diff --git a/crypto/heimdal/lib/roken/verrx.c b/crypto/heimdal/lib/roken/verrx.c index f4578d3..5df5c8d 100644 --- a/crypto/heimdal/lib/roken/verrx.c +++ b/crypto/heimdal/lib/roken/verrx.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,10 +33,11 @@ #ifdef HAVE_CONFIG_H #include -RCSID("$Id: verrx.c,v 1.8 1999/12/02 16:58:53 joda Exp $"); +RCSID("$Id: verrx.c,v 1.10 2001/01/25 12:41:39 assar Exp $"); #endif -#include "err.h" +#include "roken.h" +#include void verrx(int eval, const char *fmt, va_list ap) diff --git a/crypto/heimdal/lib/roken/vis.c b/crypto/heimdal/lib/roken/vis.c new file mode 100644 index 0000000..82a6ba5 --- /dev/null +++ b/crypto/heimdal/lib/roken/vis.c @@ -0,0 +1,301 @@ +/* $NetBSD: vis.c,v 1.19 2000/01/22 22:42:45 mycroft Exp $ */ + +/*- + * Copyright (c) 1999 The NetBSD Foundation, Inc. + * Copyright (c) 1989, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + + +#if 1 +#ifdef HAVE_CONFIG_H +#include +RCSID("$Id: vis.c,v 1.3 2000/12/10 23:10:48 assar Exp $"); +#endif +#include +#ifndef _DIAGASSERT +#define _DIAGASSERT(X) +#endif +#else +#include +#if !defined(lint) +__RCSID("$NetBSD: vis.c,v 1.19 2000/01/22 22:42:45 mycroft Exp $"); +#endif /* not lint */ +#endif + +#if 0 +#include "namespace.h" +#endif +#include + +#include +#include +#include +#include +#include +#include + +#if 0 +#ifdef __weak_alias +__weak_alias(strsvis,_strsvis) +__weak_alias(strsvisx,_strsvisx) +__weak_alias(strvis,_strvis) +__weak_alias(strvisx,_strvisx) +__weak_alias(svis,_svis) +__weak_alias(vis,_vis) +#endif +#endif + +#undef BELL +#if defined(__STDC__) +#define BELL '\a' +#else +#define BELL '\007' +#endif + +#define isoctal(c) (((u_char)(c)) >= '0' && ((u_char)(c)) <= '7') +#define iswhite(c) (c == ' ' || c == '\t' || c == '\n') +#define issafe(c) (c == '\b' || c == BELL || c == '\r') + +#define MAXEXTRAS 5 + + +#define MAKEEXTRALIST(flag, extra) \ +do { \ + char *pextra = extra; \ + if (flag & VIS_SP) *pextra++ = ' '; \ + if (flag & VIS_TAB) *pextra++ = '\t'; \ + if (flag & VIS_NL) *pextra++ = '\n'; \ + if ((flag & VIS_NOSLASH) == 0) *pextra++ = '\\'; \ + *pextra = '\0'; \ +} while (/*CONSTCOND*/0) + +/* + * This is SVIS, the central macro of vis. + * dst: Pointer to the destination buffer + * c: Character to encode + * flag: Flag word + * nextc: The character following 'c' + * extra: Pointer to the list of extra characters to be + * backslash-protected. + */ +#define SVIS(dst, c, flag, nextc, extra) \ +do { \ + int isextra, isc; \ + isextra = strchr(extra, c) != NULL; \ + if (!isextra && isascii(c) && (isgraph(c) || iswhite(c) || \ + ((flag & VIS_SAFE) && issafe(c)))) { \ + *dst++ = c; \ + break; \ + } \ + isc = 0; \ + if (flag & VIS_CSTYLE) { \ + switch (c) { \ + case '\n': \ + isc = 1; *dst++ = '\\'; *dst++ = 'n'; \ + break; \ + case '\r': \ + isc = 1; *dst++ = '\\'; *dst++ = 'r'; \ + break; \ + case '\b': \ + isc = 1; *dst++ = '\\'; *dst++ = 'b'; \ + break; \ + case BELL: \ + isc = 1; *dst++ = '\\'; *dst++ = 'a'; \ + break; \ + case '\v': \ + isc = 1; *dst++ = '\\'; *dst++ = 'v'; \ + break; \ + case '\t': \ + isc = 1; *dst++ = '\\'; *dst++ = 't'; \ + break; \ + case '\f': \ + isc = 1; *dst++ = '\\'; *dst++ = 'f'; \ + break; \ + case ' ': \ + isc = 1; *dst++ = '\\'; *dst++ = 's'; \ + break; \ + case '\0': \ + isc = 1; *dst++ = '\\'; *dst++ = '0'; \ + if (isoctal(nextc)) { \ + *dst++ = '0'; \ + *dst++ = '0'; \ + } \ + } \ + } \ + if (isc) break; \ + if (isextra || ((c & 0177) == ' ') || (flag & VIS_OCTAL)) { \ + *dst++ = '\\'; \ + *dst++ = (u_char)(((unsigned)(u_char)c >> 6) & 03) + '0'; \ + *dst++ = (u_char)(((unsigned)(u_char)c >> 3) & 07) + '0'; \ + *dst++ = (c & 07) + '0'; \ + } else { \ + if ((flag & VIS_NOSLASH) == 0) *dst++ = '\\'; \ + if (c & 0200) { \ + c &= 0177; *dst++ = 'M'; \ + } \ + if (iscntrl(c)) { \ + *dst++ = '^'; \ + if (c == 0177) \ + *dst++ = '?'; \ + else \ + *dst++ = c + '@'; \ + } else { \ + *dst++ = '-'; *dst++ = c; \ + } \ + } \ +} while (/*CONSTCOND*/0) + + +/* + * svis - visually encode characters, also encoding the characters + * pointed to by `extra' + */ +#ifndef HAVE_SVIS +char * +svis(char *dst, int c, int flag, int nextc, const char *extra) +{ + _DIAGASSERT(dst != NULL); + _DIAGASSERT(extra != NULL); + + SVIS(dst, c, flag, nextc, extra); + *dst = '\0'; + return(dst); +} +#endif + + +/* + * strsvis, strsvisx - visually encode characters from src into dst + * + * Extra is a pointer to a \0-terminated list of characters to + * be encoded, too. These functions are useful e. g. to + * encode strings in such a way so that they are not interpreted + * by a shell. + * + * Dst must be 4 times the size of src to account for possible + * expansion. The length of dst, not including the trailing NULL, + * is returned. + * + * Strsvisx encodes exactly len bytes from src into dst. + * This is useful for encoding a block of data. + */ +#ifndef HAVE_STRSVIS +int +strsvis(char *dst, const char *src, int flag, const char *extra) +{ + char c; + char *start; + + _DIAGASSERT(dst != NULL); + _DIAGASSERT(src != NULL); + _DIAGASSERT(extra != NULL); + + for (start = dst; (c = *src++) != '\0'; /* empty */) + SVIS(dst, c, flag, *src, extra); + *dst = '\0'; + return (dst - start); +} +#endif + + +#ifndef HAVE_STRVISX +int +strsvisx(char *dst, const char *src, size_t len, int flag, const char *extra) +{ + char c; + char *start; + + _DIAGASSERT(dst != NULL); + _DIAGASSERT(src != NULL); + _DIAGASSERT(extra != NULL); + + for (start = dst; len > 0; len--) { + c = *src++; + SVIS(dst, c, flag, len ? *src : '\0', extra); + } + *dst = '\0'; + return (dst - start); +} +#endif + + +/* + * vis - visually encode characters + */ +#ifndef HAVE_VIS +char * +vis(char *dst, int c, int flag, int nextc) +{ + char extra[MAXEXTRAS]; + + _DIAGASSERT(dst != NULL); + + MAKEEXTRALIST(flag, extra); + SVIS(dst, c, flag, nextc, extra); + *dst = '\0'; + return (dst); +} +#endif + + +/* + * strvis, strvisx - visually encode characters from src into dst + * + * Dst must be 4 times the size of src to account for possible + * expansion. The length of dst, not including the trailing NULL, + * is returned. + * + * Strvisx encodes exactly len bytes from src into dst. + * This is useful for encoding a block of data. + */ +#ifndef HAVE_STRVIS +int +strvis(char *dst, const char *src, int flag) +{ + char extra[MAXEXTRAS]; + + MAKEEXTRALIST(flag, extra); + return (strsvis(dst, src, flag, extra)); +} +#endif + + +#ifndef HAVE_STRVISX +int +strvisx(char *dst, const char *src, size_t len, int flag) +{ + char extra[MAXEXTRAS]; + + MAKEEXTRALIST(flag, extra); + return (strsvisx(dst, src, len, flag, extra)); +} +#endif diff --git a/crypto/heimdal/lib/roken/vis.hin b/crypto/heimdal/lib/roken/vis.hin new file mode 100644 index 0000000..a9d09da9 --- /dev/null +++ b/crypto/heimdal/lib/roken/vis.hin @@ -0,0 +1,86 @@ +/* $NetBSD: vis.h,v 1.11 1999/11/25 16:55:50 wennmach Exp $ */ +/* $Id: vis.hin,v 1.1 2000/12/06 21:35:47 joda Exp $ */ + +/*- + * Copyright (c) 1990, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)vis.h 8.1 (Berkeley) 6/2/93 + */ + +#ifndef _VIS_H_ +#define _VIS_H_ + +/* + * to select alternate encoding format + */ +#define VIS_OCTAL 0x01 /* use octal \ddd format */ +#define VIS_CSTYLE 0x02 /* use \[nrft0..] where appropiate */ + +/* + * to alter set of characters encoded (default is to encode all + * non-graphic except space, tab, and newline). + */ +#define VIS_SP 0x04 /* also encode space */ +#define VIS_TAB 0x08 /* also encode tab */ +#define VIS_NL 0x10 /* also encode newline */ +#define VIS_WHITE (VIS_SP | VIS_TAB | VIS_NL) +#define VIS_SAFE 0x20 /* only encode "unsafe" characters */ + +/* + * other + */ +#define VIS_NOSLASH 0x40 /* inhibit printing '\' */ + +/* + * unvis return codes + */ +#define UNVIS_VALID 1 /* character valid */ +#define UNVIS_VALIDPUSH 2 /* character valid, push back passed char */ +#define UNVIS_NOCHAR 3 /* valid sequence, no character produced */ +#define UNVIS_SYNBAD -1 /* unrecognized escape sequence */ +#define UNVIS_ERROR -2 /* decoder in unknown state (unrecoverable) */ + +/* + * unvis flags + */ +#define UNVIS_END 1 /* no more characters */ + +char *vis (char *, int, int, int); +char *svis (char *, int, int, int, const char *); +int strvis (char *, const char *, int); +int strsvis (char *, const char *, int, const char *); +int strvisx (char *, const char *, size_t, int); +int strsvisx (char *, const char *, size_t, int, const char *); +int strunvis (char *, const char *); +int unvis (char *, int, int *, int); + +#endif /* !_VIS_H_ */ diff --git a/crypto/heimdal/lib/roken/vsyslog.c b/crypto/heimdal/lib/roken/vsyslog.c index 22e6a35..c72cf33 100644 --- a/crypto/heimdal/lib/roken/vsyslog.c +++ b/crypto/heimdal/lib/roken/vsyslog.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,7 +33,7 @@ #ifdef HAVE_CONFIG_H #include -RCSID("$Id: vsyslog.c,v 1.3 1999/12/02 16:58:54 joda Exp $"); +RCSID("$Id: vsyslog.c,v 1.6 2000/05/22 22:09:25 assar Exp $"); #endif #ifndef HAVE_VSYSLOG @@ -44,14 +44,72 @@ RCSID("$Id: vsyslog.c,v 1.3 1999/12/02 16:58:54 joda Exp $"); #include "roken.h" +/* + * the theory behind this is that we might be trying to call vsyslog + * when there's no memory left, and we should try to be as useful as + * possible. And the format string should say something about what's + * failing. + */ + +static void +simple_vsyslog(int pri, const char *fmt, va_list ap) +{ + syslog (pri, "%s", fmt); +} + +/* + * do like syslog but with a `va_list' + */ + void vsyslog(int pri, const char *fmt, va_list ap) { - char *p; + char *fmt2; + const char *p; + char *p2; + int saved_errno = errno; + int fmt_len = strlen (fmt); + int fmt2_len = fmt_len; + char *buf; - vasprintf (&p, fmt, ap); - syslog (pri, "%s", p); - free (p); -} + fmt2 = malloc (fmt_len + 1); + if (fmt2 == NULL) { + simple_vsyslog (pri, fmt, ap); + return; + } + for (p = fmt, p2 = fmt2; *p != '\0'; ++p) { + if (p[0] == '%' && p[1] == 'm') { + const char *e = strerror (saved_errno); + int e_len = strlen (e); + char *tmp; + int pos; + + pos = p2 - fmt2; + fmt2_len += e_len - 2; + tmp = realloc (fmt2, fmt2_len + 1); + if (tmp == NULL) { + free (fmt2); + simple_vsyslog (pri, fmt, ap); + return; + } + fmt2 = tmp; + p2 = fmt2 + pos; + memmove (p2, e, e_len); + p2 += e_len; + ++p; + } else + *p2++ = *p; + } + *p2 = '\0'; + + vasprintf (&buf, fmt2, ap); + free (fmt2); + if (buf == NULL) { + simple_vsyslog (pri, fmt, ap); + return; + } + syslog (pri, "%s", buf); + free (buf); +} #endif diff --git a/crypto/heimdal/lib/roken/vwarn.c b/crypto/heimdal/lib/roken/vwarn.c index 15f9a38..4034b1b 100644 --- a/crypto/heimdal/lib/roken/vwarn.c +++ b/crypto/heimdal/lib/roken/vwarn.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,10 +33,11 @@ #ifdef HAVE_CONFIG_H #include -RCSID("$Id: vwarn.c,v 1.8 1999/12/02 16:58:54 joda Exp $"); +RCSID("$Id: vwarn.c,v 1.10 2001/01/25 12:41:39 assar Exp $"); #endif -#include "err.h" +#include "roken.h" +#include void vwarn(const char *fmt, va_list ap) diff --git a/crypto/heimdal/lib/roken/vwarnx.c b/crypto/heimdal/lib/roken/vwarnx.c index 48f1ffd..7449a75 100644 --- a/crypto/heimdal/lib/roken/vwarnx.c +++ b/crypto/heimdal/lib/roken/vwarnx.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,10 +33,11 @@ #ifdef HAVE_CONFIG_H #include -RCSID("$Id: vwarnx.c,v 1.8 1999/12/02 16:58:54 joda Exp $"); +RCSID("$Id: vwarnx.c,v 1.10 2001/01/25 12:41:39 assar Exp $"); #endif -#include "err.h" +#include "roken.h" +#include void vwarnx(const char *fmt, va_list ap) diff --git a/crypto/heimdal/lib/roken/warnerr.c b/crypto/heimdal/lib/roken/warnerr.c index 4df375d..f57c90e 100644 --- a/crypto/heimdal/lib/roken/warnerr.c +++ b/crypto/heimdal/lib/roken/warnerr.c @@ -33,7 +33,7 @@ #ifdef HAVE_CONFIG_H #include -RCSID("$Id: warnerr.c,v 1.8 1999/12/02 16:58:54 joda Exp $"); +RCSID("$Id: warnerr.c,v 1.9 2000/07/25 09:54:05 joda Exp $"); #endif #include "roken.h" @@ -43,6 +43,12 @@ RCSID("$Id: warnerr.c,v 1.8 1999/12/02 16:58:54 joda Exp $"); const char *__progname; #endif +const char * +get_progname(void) +{ + return __progname; +} + void set_progname(char *argv0) { diff --git a/crypto/heimdal/lib/roken/write_pid.c b/crypto/heimdal/lib/roken/write_pid.c new file mode 100644 index 0000000..7d4fa24 --- /dev/null +++ b/crypto/heimdal/lib/roken/write_pid.c @@ -0,0 +1,95 @@ +/* + * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include +RCSID("$Id: write_pid.c,v 1.4 2000/08/04 11:19:41 joda Exp $"); +#endif + +#include +#include +#include +#include + +#include "roken.h" + +char * +pid_file_write (const char *progname) +{ + FILE *fp; + char *ret; + + asprintf (&ret, "%s%s.pid", _PATH_VARRUN, progname); + if (ret == NULL) + return NULL; + fp = fopen (ret, "w"); + if (fp == NULL) { + free (ret); + return NULL; + } + fprintf (fp, "%u", (unsigned)getpid()); + fclose (fp); + return ret; +} + +void +pid_file_delete (char **filename) +{ + if (*filename != NULL) { + unlink (*filename); + free (*filename); + *filename = NULL; + } +} + +#ifndef HAVE_PIDFILE +static char *pidfile_path; + +static void +pidfile_cleanup(void) +{ + if(pidfile_path != NULL) + pid_file_delete(&pidfile_path); +} + +void +pidfile(const char *basename) +{ + if(pidfile_path != NULL) + return; + if(basename == NULL) + basename = __progname; + pidfile_path = pid_file_write(basename); + atexit(pidfile_cleanup); +} +#endif diff --git a/crypto/heimdal/lib/roken/xdbm.h b/crypto/heimdal/lib/roken/xdbm.h index 78d7330..429c3d1 100644 --- a/crypto/heimdal/lib/roken/xdbm.h +++ b/crypto/heimdal/lib/roken/xdbm.h @@ -31,7 +31,7 @@ * SUCH DAMAGE. */ -/* $Id: xdbm.h,v 1.8 2000/02/06 05:03:27 assar Exp $ */ +/* $Id: xdbm.h,v 1.12 2000/08/16 03:57:21 assar Exp $ */ /* Generic *dbm include file */ @@ -43,13 +43,17 @@ #include #endif +#ifndef DBM_INSERT #if defined(HAVE_NDBM_H) #include +#elif defined(HAVE_GDBM_NDBM_H) +#include #elif defined(HAVE_DBM_H) #include #elif defined(HAVE_RPCSVC_DBM_H) #include #endif +#endif /* Macros to convert ndbm names to dbm names. * Note that dbm_nextkey() cannot be simply converted using a macro, since @@ -58,7 +62,7 @@ * Instead, all routines call "dbm_next" instead. */ -#ifndef NDBM +#if !defined(NDBM) && !defined(HAVE_DB_H) typedef char DBM; #define dbm_open(file, flags, mode) ((dbminit(file) == 0)?"":((char *)0)) diff --git a/crypto/heimdal/lib/sl/ChangeLog b/crypto/heimdal/lib/sl/ChangeLog index eca7217..1893e1c 100644 --- a/crypto/heimdal/lib/sl/ChangeLog +++ b/crypto/heimdal/lib/sl/ChangeLog @@ -1,3 +1,49 @@ +2001-01-26 Johan Danielsson + + * sl.h: proto + + * sl.c (sl_command_loop): try to handle user pressing C-c + +2000-12-11 Assar Westerlund + + * Makefile.am (libss_la_LDFLAGS): bump version to 1:2:1 + +2000-08-19 Assar Westerlund + + * Makefile.am: add dependencies for libss/libsl shared libraries + +2000-07-25 Johan Danielsson + + * Makefile.am: bump ss version to 1:1:1 + +2000-06-27 Assar Westerlund + + * parse.y (yyerror): static-ize + * make_cmds.h (error_message, yylex): add prototypes + * lex.l: fix prototypes and kill warnings + +2000-05-24 Assar Westerlund + + * ss.h (SS_ET_COMMAND_NOT_FOUND): add + * ss.c: check allocation and return some other error codes too + +2000-04-29 Assar Westerlund + + * Makefile.in: add LIB_tgetent. From Derrick J Brashear + + +2000-04-03 Assar Westerlund + + * Makefile.am: set version to 1:0:1 + +2000-03-07 Assar Westerlund + + * sl.h (SL_BADCOMMAND): define + (sl_apropos): add prototype + + * sl.c: mandoc-generation + (sl_apropos): stolen from arla + 2000-01-06 Assar Westerlund * Makefile.am: bump both versions to 0:1:0 diff --git a/crypto/heimdal/lib/sl/Makefile.am b/crypto/heimdal/lib/sl/Makefile.am index e572e21..df01306 100644 --- a/crypto/heimdal/lib/sl/Makefile.am +++ b/crypto/heimdal/lib/sl/Makefile.am @@ -1,4 +1,4 @@ -# $Id: Makefile.am,v 1.15 2000/01/06 21:52:20 assar Exp $ +# $Id: Makefile.am,v 1.21 2001/01/26 15:00:09 joda Exp $ include $(top_srcdir)/Makefile.am.common @@ -7,8 +7,11 @@ YFLAGS = -d include_HEADERS = sl.h lib_LTLIBRARIES = libsl.la libss.la -libsl_la_LDFLAGS = -version-info 0:1:0 -libss_la_LDFLAGS = -version-info 0:1:0 +libsl_la_LDFLAGS = -version-info 1:1:1 +libss_la_LDFLAGS = -version-info 1:3:1 + +libsl_la_LIBADD = @LIB_readline@ +libss_la_LIBADD = @LIB_readline@ RENAME_SRC = roken_rename.h strtok_r.c snprintf.c @@ -19,7 +22,7 @@ EXTRA_libsl_la_SOURCES = strtok_r.c snprintf.c roken_rename.h # install these? -noinst_PROGRAMS = mk_cmds +bin_PROGRAMS = mk_cmds mk_cmds_SOURCES = make_cmds.c make_cmds.h parse.y lex.l @@ -34,8 +37,8 @@ CLEANFILES = lex.c parse.c parse.h snprintf.c strtok_r.c $(mk_cmds_OBJECTS): parse.h -LDADD = \ - $(LIB_roken) \ +LDADD = \ + $(LIB_roken) \ $(LEXLIB) strtok_r.c: diff --git a/crypto/heimdal/lib/sl/Makefile.in b/crypto/heimdal/lib/sl/Makefile.in index 634cd74..6c1088b 100644 --- a/crypto/heimdal/lib/sl/Makefile.in +++ b/crypto/heimdal/lib/sl/Makefile.in @@ -1,6 +1,6 @@ -# Makefile.in generated automatically by automake 1.4 from Makefile.am +# Makefile.in generated automatically by automake 1.4a from Makefile.am -# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -10,15 +10,6 @@ # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. -# $Id: Makefile.am,v 1.15 2000/01/06 21:52:20 assar Exp $ - - -# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ - - -# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ - - SHELL = @SHELL@ srcdir = @srcdir@ @@ -40,8 +31,6 @@ mandir = @mandir@ includedir = @includedir@ oldincludedir = /usr/include -DESTDIR = - pkgdatadir = $(datadir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ @@ -54,9 +43,10 @@ AUTOMAKE = @AUTOMAKE@ AUTOHEADER = @AUTOHEADER@ INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_FLAG = transform = @program_transform_name@ NORMAL_INSTALL = : @@ -65,26 +55,39 @@ POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : + +@SET_MAKE@ host_alias = @host_alias@ host_triplet = @host@ -AFS_EXTRA_LD = @AFS_EXTRA_LD@ AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AMDEP = @AMDEP@ +AMTAR = @AMTAR@ +AS = @AS@ AWK = @AWK@ CANONICAL_HOST = @CANONICAL_HOST@ CATMAN = @CATMAN@ CATMANEXT = @CATMANEXT@ CC = @CC@ +CPP = @CPP@ +CXX = @CXX@ +CXXCPP = @CXXCPP@ DBLIB = @DBLIB@ +DEPDIR = @DEPDIR@ +DIR_des = @DIR_des@ +DIR_roken = @DIR_roken@ +DLLTOOL = @DLLTOOL@ EXEEXT = @EXEEXT@ EXTRA_LIB45 = @EXTRA_LIB45@ GROFF = @GROFF@ +INCLUDES_roken = @INCLUDES_roken@ INCLUDE_ = @INCLUDE_@ -LD = @LD@ LEX = @LEX@ LIBOBJS = @LIBOBJS@ LIBTOOL = @LIBTOOL@ LIB_ = @LIB_@ LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_des = @LIB_des@ +LIB_des_appl = @LIB_des_appl@ LIB_kdb = @LIB_kdb@ LIB_otp = @LIB_otp@ LIB_roken = @LIB_roken@ @@ -92,31 +95,43 @@ LIB_security = @LIB_security@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ -MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ -MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ -MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ -NM = @NM@ NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ RANLIB = @RANLIB@ +STRIP = @STRIP@ VERSION = @VERSION@ VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ WFLAGS = @WFLAGS@ WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ YACC = @YACC@ +dpagaix_CFLAGS = @dpagaix_CFLAGS@ +dpagaix_LDADD = @dpagaix_LDADD@ +install_sh = @install_sh@ + +# $Id: Makefile.am,v 1.21 2001/01/26 15:00:09 joda Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $ + AUTOMAKE_OPTIONS = foreign no-dependencies SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x -INCLUDES = -I$(top_builddir)/include +INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken) AM_CFLAGS = $(WFLAGS) +CP = cp + COMPILE_ET = $(top_builddir)/lib/com_err/compile_et buildinclude = $(top_builddir)/include @@ -136,6 +151,7 @@ LIB_getsockopt = @LIB_getsockopt@ LIB_logout = @LIB_logout@ LIB_logwtmp = @LIB_logwtmp@ LIB_odm_initialize = @LIB_odm_initialize@ +LIB_pidfile = @LIB_pidfile@ LIB_readline = @LIB_readline@ LIB_res_search = @LIB_res_search@ LIB_setpcred = @LIB_setpcred@ @@ -144,6 +160,8 @@ LIB_socket = @LIB_socket@ LIB_syslog = @LIB_syslog@ LIB_tgetent = @LIB_tgetent@ +LIBS = @LIBS@ + HESIODLIB = @HESIODLIB@ HESIODINCLUDE = @HESIODINCLUDE@ INCLUDE_hesiod = @INCLUDE_hesiod@ @@ -152,24 +170,20 @@ LIB_hesiod = @LIB_hesiod@ INCLUDE_krb4 = @INCLUDE_krb4@ LIB_krb4 = @LIB_krb4@ +INCLUDE_openldap = @INCLUDE_openldap@ +LIB_openldap = @LIB_openldap@ + INCLUDE_readline = @INCLUDE_readline@ LEXLIB = @LEXLIB@ -cat1dir = $(mandir)/cat1 -cat3dir = $(mandir)/cat3 -cat5dir = $(mandir)/cat5 -cat8dir = $(mandir)/cat8 - -MANRX = \(.*\)\.\([0-9]\) -CATSUFFIX = @CATSUFFIX@ - NROFF_MAN = groff -mandoc -Tascii -@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) +@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la -@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la +@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \ +@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la CHECK_LOCAL = $(PROGRAMS) @@ -178,8 +192,11 @@ YFLAGS = -d include_HEADERS = sl.h lib_LTLIBRARIES = libsl.la libss.la -libsl_la_LDFLAGS = -version-info 0:1:0 -libss_la_LDFLAGS = -version-info 0:1:0 +libsl_la_LDFLAGS = -version-info 1:1:1 +libss_la_LDFLAGS = -version-info 1:3:1 + +libsl_la_LIBADD = @LIB_readline@ +libss_la_LIBADD = @LIB_readline@ RENAME_SRC = roken_rename.h strtok_r.c snprintf.c @@ -190,7 +207,7 @@ EXTRA_libsl_la_SOURCES = strtok_r.c snprintf.c roken_rename.h # install these? -noinst_PROGRAMS = mk_cmds +bin_PROGRAMS = mk_cmds mk_cmds_SOURCES = make_cmds.c make_cmds.h parse.y lex.l @@ -203,8 +220,11 @@ ssinclude_HEADERS = ss.h CLEANFILES = lex.c parse.c parse.h snprintf.c strtok_r.c -LDADD = $(LIB_roken) $(LEXLIB) +LDADD = \ + $(LIB_roken) \ + $(LEXLIB) +subdir = lib/sl mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs CONFIG_HEADER = ../../include/config.h CONFIG_CLEAN_FILES = @@ -214,43 +234,48 @@ LTLIBRARIES = $(lib_LTLIBRARIES) DEFS = @DEFS@ -I. -I$(srcdir) -I../../include CPPFLAGS = @CPPFLAGS@ LDFLAGS = @LDFLAGS@ -LIBS = @LIBS@ X_CFLAGS = @X_CFLAGS@ X_LIBS = @X_LIBS@ X_EXTRA_LIBS = @X_EXTRA_LIBS@ X_PRE_LIBS = @X_PRE_LIBS@ -libsl_la_LIBADD = -libsl_la_OBJECTS = sl.lo -libss_la_LIBADD = -libss_la_OBJECTS = sl.lo ss.lo -noinst_PROGRAMS = mk_cmds$(EXEEXT) -PROGRAMS = $(noinst_PROGRAMS) - -mk_cmds_OBJECTS = make_cmds.$(OBJEXT) parse.$(OBJEXT) lex.$(OBJEXT) +libsl_la_DEPENDENCIES = +am_libsl_la_OBJECTS = sl.lo +libsl_la_OBJECTS = $(am_libsl_la_OBJECTS) +libss_la_DEPENDENCIES = +am_libss_la_OBJECTS = sl.lo ss.lo +libss_la_OBJECTS = $(am_libss_la_OBJECTS) +bin_PROGRAMS = mk_cmds$(EXEEXT) +PROGRAMS = $(bin_PROGRAMS) + +am_mk_cmds_OBJECTS = make_cmds.$(OBJEXT) parse.$(OBJEXT) lex.$(OBJEXT) +mk_cmds_OBJECTS = $(am_mk_cmds_OBJECTS) mk_cmds_LDADD = $(LDADD) mk_cmds_DEPENDENCIES = mk_cmds_LDFLAGS = -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -CFLAGS = @CFLAGS@ COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CFLAGS = @CFLAGS@ +LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ CCLD = $(CC) -LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +DIST_SOURCES = $(libsl_la_SOURCES) $(EXTRA_libsl_la_SOURCES) \ +$(libss_la_SOURCES) $(mk_cmds_SOURCES) $(EXTRA_mk_cmds_SOURCES) HEADERS = $(include_HEADERS) $(ssinclude_HEADERS) -DIST_COMMON = ChangeLog Makefile.am Makefile.in lex.c parse.c +depcomp = +DIST_COMMON = $(include_HEADERS) $(ssinclude_HEADERS) ChangeLog \ +Makefile.am Makefile.in lex.c parse.c parse.h -DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -TAR = tar GZIP_ENV = --best SOURCES = $(libsl_la_SOURCES) $(EXTRA_libsl_la_SOURCES) $(libss_la_SOURCES) $(mk_cmds_SOURCES) $(EXTRA_mk_cmds_SOURCES) -OBJECTS = $(libsl_la_OBJECTS) $(libss_la_OBJECTS) $(mk_cmds_OBJECTS) +OBJECTS = $(am_libsl_la_OBJECTS) $(am_libss_la_OBJECTS) $(am_mk_cmds_OBJECTS) all: all-redirect .SUFFIXES: -.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .l .lo .o .obj .s .x .y +.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .l .lo .o .obj .x .y $(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/sl/Makefile @@ -273,31 +298,18 @@ install-libLTLIBRARIES: $(lib_LTLIBRARIES) $(mkinstalldirs) $(DESTDIR)$(libdir) @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ if test -f $$p; then \ - echo "$(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p"; \ - $(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p; \ + echo " $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p"; \ + $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p; \ else :; fi; \ done uninstall-libLTLIBRARIES: @$(NORMAL_UNINSTALL) - list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + echo " $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p"; \ $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \ done -.c.o: - $(COMPILE) -c $< - -# FIXME: We should only use cygpath when building on Windows, -# and only if it is available. -.c.obj: - $(COMPILE) -c `cygpath -w $<` - -.s.o: - $(COMPILE) -c $< - -.S.o: - $(COMPILE) -c $< - mostlyclean-compile: -rm -f *.o core *.core -rm -f *.$(OBJEXT) @@ -309,15 +321,6 @@ distclean-compile: maintainer-clean-compile: -.c.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - -.s.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - -.S.lo: - $(LIBTOOL) --mode=compile $(COMPILE) -c $< - mostlyclean-libtool: -rm -f *.lo @@ -334,18 +337,43 @@ libsl.la: $(libsl_la_OBJECTS) $(libsl_la_DEPENDENCIES) libss.la: $(libss_la_OBJECTS) $(libss_la_DEPENDENCIES) $(LINK) -rpath $(libdir) $(libss_la_LDFLAGS) $(libss_la_OBJECTS) $(libss_la_LIBADD) $(LIBS) -mostlyclean-noinstPROGRAMS: +mostlyclean-binPROGRAMS: + +clean-binPROGRAMS: + -test -z "$(bin_PROGRAMS)" || rm -f $(bin_PROGRAMS) -clean-noinstPROGRAMS: - -test -z "$(noinst_PROGRAMS)" || rm -f $(noinst_PROGRAMS) +distclean-binPROGRAMS: -distclean-noinstPROGRAMS: +maintainer-clean-binPROGRAMS: -maintainer-clean-noinstPROGRAMS: +install-binPROGRAMS: $(bin_PROGRAMS) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(bindir) + @list='$(bin_PROGRAMS)'; for p in $$list; do \ + if test -f $$p; then \ + f="`echo $$p|sed -e 's/$(EXEEXT)$$//' -e '$(transform)' -e 's/$$/$(EXEEXT)/'`"; \ + echo " $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(bindir)/$$f"; \ + $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(bindir)/$$f; \ + else :; fi; \ + done + +uninstall-binPROGRAMS: + @$(NORMAL_UNINSTALL) + @list='$(bin_PROGRAMS)'; for p in $$list; do \ + f="`echo $$p|sed -e 's/$(EXEEXT)$$//' -e '$(transform)' -e 's/$$/$(EXEEXT)/'`"; \ + echo " rm -f $(DESTDIR)$(bindir)/$$f"; \ + rm -f $(DESTDIR)$(bindir)/$$f; \ + done mk_cmds$(EXEEXT): $(mk_cmds_OBJECTS) $(mk_cmds_DEPENDENCIES) @rm -f mk_cmds$(EXEEXT) $(LINK) $(mk_cmds_LDFLAGS) $(mk_cmds_OBJECTS) $(mk_cmds_LDADD) $(LIBS) +.c.o: + $(COMPILE) -c $< +.c.obj: + $(COMPILE) -c `cygpath -w $<` +.c.lo: + $(LTCOMPILE) -c -o $@ $< .l.c: $(LEX) $(AM_LFLAGS) $(LFLAGS) $< && mv $(LEX_OUTPUT_ROOT).c $@ .y.c: @@ -361,14 +389,17 @@ install-includeHEADERS: $(include_HEADERS) $(mkinstalldirs) $(DESTDIR)$(includedir) @list='$(include_HEADERS)'; for p in $$list; do \ if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \ - echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p"; \ - $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p; \ + f="`echo $$p | sed -e 's|^.*/||'`"; \ + echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f"; \ + $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f; \ done uninstall-includeHEADERS: @$(NORMAL_UNINSTALL) - list='$(include_HEADERS)'; for p in $$list; do \ - rm -f $(DESTDIR)$(includedir)/$$p; \ + @list='$(include_HEADERS)'; for p in $$list; do \ + f="`echo $$p | sed -e 's|^.*/||'`"; \ + echo " rm -f $(DESTDIR)$(includedir)/$$f"; \ + rm -f $(DESTDIR)$(includedir)/$$f; \ done install-ssincludeHEADERS: $(ssinclude_HEADERS) @@ -376,35 +407,42 @@ install-ssincludeHEADERS: $(ssinclude_HEADERS) $(mkinstalldirs) $(DESTDIR)$(ssincludedir) @list='$(ssinclude_HEADERS)'; for p in $$list; do \ if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \ - echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(ssincludedir)/$$p"; \ - $(INSTALL_DATA) $$d$$p $(DESTDIR)$(ssincludedir)/$$p; \ + f="`echo $$p | sed -e 's|^.*/||'`"; \ + echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(ssincludedir)/$$f"; \ + $(INSTALL_DATA) $$d$$p $(DESTDIR)$(ssincludedir)/$$f; \ done uninstall-ssincludeHEADERS: @$(NORMAL_UNINSTALL) - list='$(ssinclude_HEADERS)'; for p in $$list; do \ - rm -f $(DESTDIR)$(ssincludedir)/$$p; \ + @list='$(ssinclude_HEADERS)'; for p in $$list; do \ + f="`echo $$p | sed -e 's|^.*/||'`"; \ + echo " rm -f $(DESTDIR)$(ssincludedir)/$$f"; \ + rm -f $(DESTDIR)$(ssincludedir)/$$f; \ done tags: TAGS -ID: $(HEADERS) $(SOURCES) $(LISP) - list='$(SOURCES) $(HEADERS)'; \ - unique=`for i in $$list; do echo $$i; done | \ - awk ' { files[$$0] = 1; } \ +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ - here=`pwd` && cd $(srcdir) \ - && mkid -f$$here/ID $$unique $(LISP) + mkid -fID $$unique $(LISP) -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP) +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) tags=; \ here=`pwd`; \ - list='$(SOURCES) $(HEADERS)'; \ - unique=`for i in $$list; do echo $$i; done | \ - awk ' { files[$$0] = 1; } \ + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ END { for (i in files) print i; }'`; \ test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ - || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS) + || etags $(ETAGS_ARGS) $$tags $$unique $(LISP) mostlyclean-tags: @@ -417,17 +455,16 @@ maintainer-clean-tags: distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) -subdir = lib/sl - distdir: $(DISTFILES) @for file in $(DISTFILES); do \ d=$(srcdir); \ if test -d $$d/$$file; then \ - cp -pr $$/$$file $(distdir)/$$file; \ + cp -pR $$d/$$file $(distdir) \ + || exit 1; \ else \ test -f $(distdir)/$$file \ - || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ - || cp -p $$d/$$file $(distdir)/$$file || :; \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ fi; \ done $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook @@ -440,7 +477,7 @@ check-am: all-am check: check-am installcheck-am: installcheck: installcheck-am -install-exec-am: install-libLTLIBRARIES +install-exec-am: install-libLTLIBRARIES install-binPROGRAMS @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-exec-hook install-exec: install-exec-am @@ -452,16 +489,16 @@ install-data: install-data-am install-am: all-am @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am install: install-am -uninstall-am: uninstall-libLTLIBRARIES uninstall-includeHEADERS \ - uninstall-ssincludeHEADERS +uninstall-am: uninstall-libLTLIBRARIES uninstall-binPROGRAMS \ + uninstall-includeHEADERS uninstall-ssincludeHEADERS uninstall: uninstall-am all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(HEADERS) all-local all-redirect: all-am install-strip: - $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install + $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install installdirs: - $(mkinstalldirs) $(DESTDIR)$(libdir) $(DESTDIR)$(includedir) \ - $(DESTDIR)$(ssincludedir) + $(mkinstalldirs) $(DESTDIR)$(libdir) $(DESTDIR)$(bindir) \ + $(DESTDIR)$(includedir) $(DESTDIR)$(ssincludedir) mostlyclean-generic: @@ -474,29 +511,30 @@ distclean-generic: -rm -f config.cache config.log stamp-h stamp-h[0-9]* maintainer-clean-generic: - -test -z "lexlparsehparsec" || rm -f lexl parseh parsec + -rm -f Makefile.in + -test -z "lex.cparse.hparse.c" || rm -f lex.c parse.h parse.c mostlyclean-am: mostlyclean-libLTLIBRARIES mostlyclean-compile \ - mostlyclean-libtool mostlyclean-noinstPROGRAMS \ + mostlyclean-libtool mostlyclean-binPROGRAMS \ mostlyclean-tags mostlyclean-generic mostlyclean: mostlyclean-am clean-am: clean-libLTLIBRARIES clean-compile clean-libtool \ - clean-noinstPROGRAMS clean-tags clean-generic \ + clean-binPROGRAMS clean-tags clean-generic \ mostlyclean-am clean: clean-am distclean-am: distclean-libLTLIBRARIES distclean-compile \ - distclean-libtool distclean-noinstPROGRAMS \ - distclean-tags distclean-generic clean-am + distclean-libtool distclean-binPROGRAMS distclean-tags \ + distclean-generic clean-am -rm -f libtool distclean: distclean-am maintainer-clean-am: maintainer-clean-libLTLIBRARIES \ maintainer-clean-compile maintainer-clean-libtool \ - maintainer-clean-noinstPROGRAMS maintainer-clean-tags \ + maintainer-clean-binPROGRAMS maintainer-clean-tags \ maintainer-clean-generic distclean-am @echo "This command is intended for maintainers to use;" @echo "it deletes files that may require special tools to rebuild." @@ -508,15 +546,15 @@ clean-libLTLIBRARIES maintainer-clean-libLTLIBRARIES \ uninstall-libLTLIBRARIES install-libLTLIBRARIES mostlyclean-compile \ distclean-compile clean-compile maintainer-clean-compile \ mostlyclean-libtool distclean-libtool clean-libtool \ -maintainer-clean-libtool mostlyclean-noinstPROGRAMS \ -distclean-noinstPROGRAMS clean-noinstPROGRAMS \ -maintainer-clean-noinstPROGRAMS uninstall-includeHEADERS \ -install-includeHEADERS uninstall-ssincludeHEADERS \ -install-ssincludeHEADERS tags mostlyclean-tags distclean-tags \ -clean-tags maintainer-clean-tags distdir info-am info dvi-am dvi \ -check-local check check-am installcheck-am installcheck install-exec-am \ -install-exec install-data-local install-data-am install-data install-am \ -install uninstall-am uninstall all-local all-redirect all-am all \ +maintainer-clean-libtool mostlyclean-binPROGRAMS distclean-binPROGRAMS \ +clean-binPROGRAMS maintainer-clean-binPROGRAMS uninstall-binPROGRAMS \ +install-binPROGRAMS uninstall-includeHEADERS install-includeHEADERS \ +uninstall-ssincludeHEADERS install-ssincludeHEADERS tags \ +mostlyclean-tags distclean-tags clean-tags maintainer-clean-tags \ +distdir info-am info dvi-am dvi check-local check check-am \ +installcheck-am installcheck install-exec-am install-exec \ +install-data-local install-data-am install-data install-am install \ +uninstall-am uninstall all-local all-redirect all-am all install-strip \ installdirs mostlyclean-generic distclean-generic clean-generic \ maintainer-clean-generic clean mostlyclean distclean maintainer-clean @@ -526,7 +564,10 @@ install-suid-programs: for file in $$foo; do \ x=$(DESTDIR)$(bindir)/$$file; \ if chown 0:0 $$x && chmod u+s $$x; then :; else \ - chmod 0 $$x; fi; done + echo "*"; \ + echo "* Failed to install $$x setuid root"; \ + echo "*"; \ + fi; done install-exec-hook: install-suid-programs @@ -538,8 +579,8 @@ install-build-headers:: $(include_HEADERS) $(build_HEADERZ) else file="$$f"; fi; \ if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ : ; else \ - echo " cp $$file $(buildinclude)/$$f"; \ - cp $$file $(buildinclude)/$$f; \ + echo " $(CP) $$file $(buildinclude)/$$f"; \ + $(CP) $$file $(buildinclude)/$$f; \ fi ; \ done @@ -608,87 +649,8 @@ dist-cat8-mans: dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans -install-cat1-mans: - @ext=1;\ - foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat3-mans: - @ext=3;\ - foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat5-mans: - @ext=5;\ - foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat8-mans: - @ext=8;\ - foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans +install-cat-mans: + $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) install-data-local: install-cat-mans diff --git a/crypto/heimdal/lib/sl/lex.l b/crypto/heimdal/lib/sl/lex.l index b7c1c44..c83e5d1 100644 --- a/crypto/heimdal/lib/sl/lex.l +++ b/crypto/heimdal/lib/sl/lex.l @@ -1,6 +1,6 @@ %{ /* - * Copyright (c) 1998 Kungliga Tekniska Högskolan + * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -32,14 +32,17 @@ * SUCH DAMAGE. */ +#undef ECHO + #include "make_cmds.h" #include "parse.h" -RCSID("$Id: lex.l,v 1.3 1999/12/02 16:58:55 joda Exp $"); +RCSID("$Id: lex.l,v 1.5 2000/12/05 09:21:46 joda Exp $"); static unsigned lineno = 1; -void error_message(char *, ...); -int getstring(void); +static int getstring(void); + +#define YY_NO_UNPUT %} @@ -66,7 +69,7 @@ yywrap () } #endif -int +static int getstring(void) { char x[128]; @@ -102,7 +105,7 @@ getstring(void) } void -error_message (char *format, ...) +error_message (const char *format, ...) { va_list args; diff --git a/crypto/heimdal/lib/sl/make_cmds.h b/crypto/heimdal/lib/sl/make_cmds.h index 24dbd60..6d64d97 100644 --- a/crypto/heimdal/lib/sl/make_cmds.h +++ b/crypto/heimdal/lib/sl/make_cmds.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998 Kungliga Tekniska Högskolan + * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -31,7 +31,7 @@ * SUCH DAMAGE. */ -/* $Id: make_cmds.h,v 1.2 1999/12/02 16:58:55 joda Exp $ */ +/* $Id: make_cmds.h,v 1.3 2000/06/27 02:36:56 assar Exp $ */ #ifndef __MAKE_CMDS_H__ #define __MAKE_CMDS_H__ @@ -45,6 +45,8 @@ #include #include +#include + extern char *filename; extern char *table_name; extern int numerror; @@ -66,4 +68,9 @@ struct string_list { void add_command(char*, char*, struct string_list*, unsigned); +void error_message(const char *, ...) + __attribute__ ((format (printf, 1,2))); + +int yylex (void); + #endif /* __MAKE_CMDS_H__ */ diff --git a/crypto/heimdal/lib/sl/parse.y b/crypto/heimdal/lib/sl/parse.y index 18ef5ca..deff933 100644 --- a/crypto/heimdal/lib/sl/parse.y +++ b/crypto/heimdal/lib/sl/parse.y @@ -1,6 +1,6 @@ %{ /* - * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan + * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,10 +33,9 @@ */ #include "make_cmds.h" -RCSID("$Id: parse.y,v 1.6 1999/12/16 10:34:11 assar Exp $"); +RCSID("$Id: parse.y,v 1.7 2000/06/27 02:37:18 assar Exp $"); -void yyerror (char *s); -void error_message(char *, ...); +static void yyerror (char *s); struct string_list* append_string(struct string_list*, char*); void free_string_list(struct string_list *list); @@ -129,7 +128,7 @@ flag : STRING %% -void +static void yyerror (char *s) { error_message ("%s\n", s); diff --git a/crypto/heimdal/lib/sl/roken_rename.h b/crypto/heimdal/lib/sl/roken_rename.h index c668802..1d3d893 100644 --- a/crypto/heimdal/lib/sl/roken_rename.h +++ b/crypto/heimdal/lib/sl/roken_rename.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998 Kungliga Tekniska Högskolan + * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -31,7 +31,7 @@ * SUCH DAMAGE. */ -/* $Id: roken_rename.h,v 1.3 1999/12/02 16:58:55 joda Exp $ */ +/* $Id: roken_rename.h,v 1.4 2000/05/31 20:07:56 assar Exp $ */ #ifndef __roken_rename_h__ #define __roken_rename_h__ @@ -57,5 +57,8 @@ #ifndef HAVE_VSNPRINTF #define vsnprintf _sl_vsnprintf #endif +#ifndef HAVE_STRUPR +#define strupr _sl_strupr +#endif #endif /* __roken_rename_h__ */ diff --git a/crypto/heimdal/lib/sl/sl.c b/crypto/heimdal/lib/sl/sl.c index 688ca8b..ebc7657 100644 --- a/crypto/heimdal/lib/sl/sl.c +++ b/crypto/heimdal/lib/sl/sl.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -33,10 +33,101 @@ #ifdef HAVE_CONFIG_H #include -RCSID("$Id: sl.c,v 1.25 1999/12/02 16:58:55 joda Exp $"); +RCSID("$Id: sl.c,v 1.28 2001/01/26 14:58:26 joda Exp $"); #endif #include "sl_locl.h" +#include + +static size_t +print_sl (FILE *stream, int mdoc, int longp, SL_cmd *c) + __attribute__ ((unused)); + +static size_t +print_sl (FILE *stream, int mdoc, int longp, SL_cmd *c) +{ + if(mdoc){ + if(longp) + fprintf(stream, "= Ns"); + fprintf(stream, " Ar "); + }else + if (longp) + putc ('=', stream); + else + putc (' ', stream); + + return 1; +} + +static void +mandoc_template(SL_cmd *cmds, + const char *extra_string) +{ + SL_cmd *c, *prev; + char timestr[64], cmd[64]; + const char *p; + time_t t; + + printf(".\\\" Things to fix:\n"); + printf(".\\\" * correct section, and operating system\n"); + printf(".\\\" * remove Op from mandatory flags\n"); + printf(".\\\" * use better macros for arguments (like .Pa for files)\n"); + printf(".\\\"\n"); + t = time(NULL); + strftime(timestr, sizeof(timestr), "%b %d, %Y", localtime(&t)); + printf(".Dd %s\n", timestr); + p = strrchr(__progname, '/'); + if(p) p++; else p = __progname; + strncpy(cmd, p, sizeof(cmd)); + cmd[sizeof(cmd)-1] = '\0'; + strupr(cmd); + + printf(".Dt %s SECTION\n", cmd); + printf(".Os OPERATING_SYSTEM\n"); + printf(".Sh NAME\n"); + printf(".Nm %s\n", p); + printf(".Nd\n"); + printf("in search of a description\n"); + printf(".Sh SYNOPSIS\n"); + printf(".Nm\n"); + for(c = cmds; c->name; ++c) { +/* if (c->func == NULL) + continue; */ + printf(".Op Fl %s", c->name); +/* print_sl(stdout, 1, 0, c);*/ + printf("\n"); + + } + if (extra_string && *extra_string) + printf (".Ar %s\n", extra_string); + printf(".Sh DESCRIPTION\n"); + printf("Supported options:\n"); + printf(".Bl -tag -width Ds\n"); + prev = NULL; + for(c = cmds; c->name; ++c) { + if (c->func) { + if (prev) + printf ("\n%s\n", prev->usage); + + printf (".It Fl %s", c->name); + prev = c; + } else + printf (", %s\n", c->name); + } + if (prev) + printf ("\n%s\n", prev->usage); + + printf(".El\n"); + printf(".\\\".Sh ENVIRONMENT\n"); + printf(".\\\".Sh FILES\n"); + printf(".\\\".Sh EXAMPLES\n"); + printf(".\\\".Sh DIAGNOSTICS\n"); + printf(".\\\".Sh SEE ALSO\n"); + printf(".\\\".Sh STANDARDS\n"); + printf(".\\\".Sh HISTORY\n"); + printf(".\\\".Sh AUTHORS\n"); + printf(".\\\".Sh BUGS\n"); +} static SL_cmd * sl_match (SL_cmd *cmds, char *cmd, int exactp) @@ -66,6 +157,11 @@ sl_help (SL_cmd *cmds, int argc, char **argv) { SL_cmd *c, *prev_c; + if (getenv("SLMANDOC")) { + mandoc_template(cmds, NULL); + return; + } + if (argc == 1) { prev_c = NULL; for (c = cmds; c->name; ++c) { @@ -178,9 +274,28 @@ sl_make_argv(char *line, int *ret_argc, char ***ret_argv) return 0; } +static jmp_buf sl_jmp; + +static void sl_sigint(int sig) +{ + longjmp(sl_jmp, 1); +} + +static char *sl_readline(const char *prompt) +{ + char *s; + void (*old)(int); + old = signal(SIGINT, sl_sigint); + if(setjmp(sl_jmp)) + printf("\n"); + s = readline((char*)prompt); + signal(SIGINT, old); + return s; +} + /* return values: 0 on success, -1 on fatal error, or return value of command */ int -sl_command_loop(SL_cmd *cmds, char *prompt, void **data) +sl_command_loop(SL_cmd *cmds, const char *prompt, void **data) { int ret = 0; char *buf; @@ -188,7 +303,7 @@ sl_command_loop(SL_cmd *cmds, char *prompt, void **data) char **argv; ret = 0; - buf = readline(prompt); + buf = sl_readline(prompt); if(buf == NULL) return 1; @@ -213,7 +328,7 @@ sl_command_loop(SL_cmd *cmds, char *prompt, void **data) } int -sl_loop(SL_cmd *cmds, char *prompt) +sl_loop(SL_cmd *cmds, const char *prompt) { void *data = NULL; int ret; @@ -221,3 +336,11 @@ sl_loop(SL_cmd *cmds, char *prompt) ; return ret; } + +void +sl_apropos (SL_cmd *cmd, const char *topic) +{ + for (; cmd->name != NULL; ++cmd) + if (cmd->usage != NULL && strstr(cmd->usage, topic) != NULL) + printf ("%-20s%s\n", cmd->name, cmd->usage); +} diff --git a/crypto/heimdal/lib/sl/sl.h b/crypto/heimdal/lib/sl/sl.h index 1a6d3fa..5b3e4b7 100644 --- a/crypto/heimdal/lib/sl/sl.h +++ b/crypto/heimdal/lib/sl/sl.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -31,11 +31,13 @@ * SUCH DAMAGE. */ -/* $Id: sl.h,v 1.7 1999/12/02 16:58:55 joda Exp $ */ +/* $Id: sl.h,v 1.9 2001/01/26 14:58:41 joda Exp $ */ #ifndef _SL_H #define _SL_H +#define SL_BADCOMMAND -1 + typedef int (*cmd_func)(int, char **); struct sl_cmd { @@ -48,10 +50,11 @@ struct sl_cmd { typedef struct sl_cmd SL_cmd; void sl_help (SL_cmd *, int argc, char **argv); -int sl_loop (SL_cmd *, char *prompt); -int sl_command_loop (SL_cmd *cmds, char *prompt, void **data); +int sl_loop (SL_cmd *, const char *prompt); +int sl_command_loop (SL_cmd *cmds, const char *prompt, void **data); int sl_command (SL_cmd *cmds, int argc, char **argv); int sl_make_argv(char*, int*, char***); +void sl_apropos (SL_cmd *cmd, const char *topic); #endif /* _SL_H */ diff --git a/crypto/heimdal/lib/sl/ss.c b/crypto/heimdal/lib/sl/ss.c index f3c0546..7655a9e 100644 --- a/crypto/heimdal/lib/sl/ss.c +++ b/crypto/heimdal/lib/sl/ss.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998 Kungliga Tekniska Högskolan + * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -35,7 +35,7 @@ #include #include "ss.h" -RCSID("$Id: ss.c,v 1.4 1999/12/02 16:58:55 joda Exp $"); +RCSID("$Id: ss.c,v 1.6 2000/05/25 00:14:58 assar Exp $"); struct ss_subst { char *name; @@ -55,14 +55,34 @@ ss_create_invocation(const char *subsystem, int *code) { struct ss_subst *ss; + if(num_subsystems >= sizeof(subsystems) / sizeof(subsystems[0])) { *code = 17; return 0; } ss = &subsystems[num_subsystems]; - ss->name = subsystem ? strdup(subsystem) : NULL; - ss->version = version ? strdup(version) : NULL; - ss->info = info ? strdup(info) : NULL; + ss->name = ss->version = ss->info = NULL; + if (subsystem != NULL) { + ss->name = strdup (subsystem); + if (ss->name == NULL) { + *code = ENOMEM; + return 0; + } + } + if (version != NULL) { + ss->version = strdup (version); + if (ss->version == NULL) { + *code = ENOMEM; + return 0; + } + } + if (info != NULL) { + ss->info = strdup (info); + if (ss->info == NULL) { + *code = ENOMEM; + return 0; + } + } ss->table = table; *code = 0; return num_subsystems++; @@ -87,8 +107,12 @@ int ss_execute_command(int index, char **argv) { int argc = 0; + int ret; + while(argv[argc++]); - sl_command(subsystems[index].table, argc, argv); + ret = sl_command(subsystems[index].table, argc, argv); + if (ret == SL_BADCOMMAND) + return SS_ET_COMMAND_NOT_FOUND; return 0; } @@ -98,10 +122,15 @@ ss_execute_line (int index, const char *line) char *buf = strdup(line); int argc; char **argv; + int ret; + if (buf == NULL) + return ENOMEM; sl_make_argv(buf, &argc, &argv); - sl_command(subsystems[index].table, argc, argv); + ret = sl_command(subsystems[index].table, argc, argv); free(buf); + if (ret == SL_BADCOMMAND) + return SS_ET_COMMAND_NOT_FOUND; return 0; } @@ -109,9 +138,9 @@ int ss_listen (int index) { char *prompt = malloc(strlen(subsystems[index].name) + 3); - if(prompt == NULL) { - abort(); - } + if (prompt == NULL) + return ENOMEM; + strcpy(prompt, subsystems[index].name); strcat(prompt, ": "); sl_loop(subsystems[index].table, prompt); diff --git a/crypto/heimdal/lib/sl/ss.h b/crypto/heimdal/lib/sl/ss.h index 0d9d297..0149fa1 100644 --- a/crypto/heimdal/lib/sl/ss.h +++ b/crypto/heimdal/lib/sl/ss.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998 Kungliga Tekniska Högskolan + * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -30,7 +30,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ -/* $Id: ss.h,v 1.2 1999/12/02 16:58:55 joda Exp $ */ +/* $Id: ss.h,v 1.3 2000/05/25 00:15:21 assar Exp $ */ /* SS compatibility for SL */ @@ -52,4 +52,6 @@ int ss_listen (int); void ss_perror (int, long, const char*); int ss_quit (int argc, char**); +#define SS_ET_COMMAND_NOT_FOUND (-1) + #endif /* __ss_h__ */ diff --git a/crypto/heimdal/lib/vers/ChangeLog b/crypto/heimdal/lib/vers/ChangeLog new file mode 100644 index 0000000..459c940 --- /dev/null +++ b/crypto/heimdal/lib/vers/ChangeLog @@ -0,0 +1,13 @@ +2001-01-31 Assar Westerlund + + * Makefile.am: remove -static turning this into a convenience + library + +2000-11-15 Assar Westerlund + + * Makefile.am: make the library static and don't install it + +2000-07-08 Assar Westerlund + + * make-print-version.c (heimdal_version, krb4_version): const-ize, + based on thorpej@netbsd.org's change to NetBSD diff --git a/crypto/heimdal/lib/vers/Makefile.am b/crypto/heimdal/lib/vers/Makefile.am new file mode 100644 index 0000000..87ef246 --- /dev/null +++ b/crypto/heimdal/lib/vers/Makefile.am @@ -0,0 +1,28 @@ +# $Id: Makefile.am,v 1.3 2001/01/31 03:50:48 assar Exp $ + +include $(top_srcdir)/Makefile.am.common + +CLEANFILES = print_version.h + +noinst_LTLIBRARIES = libvers.la + +build_HEADERZ = vers.h + +noinst_PROGRAMS = make-print-version + +if KRB4 +if KRB5 +## need to link with des here; otherwise, if krb4 is shared the link +## will fail with unresolved references +make_print_version_LDADD += $(LIB_krb4) -ldes +endif +endif + +libvers_la_SOURCES = print_version.c + +print_version.lo: print_version.h + +print_version.h: make-print-version$(EXEEXT) + ./make-print-version$(EXEEXT) print_version.h + +make-print-version.o: $(top_builddir)/include/version.h diff --git a/crypto/heimdal/lib/vers/Makefile.in b/crypto/heimdal/lib/vers/Makefile.in new file mode 100644 index 0000000..8b8da03 --- /dev/null +++ b/crypto/heimdal/lib/vers/Makefile.in @@ -0,0 +1,574 @@ +# Makefile.in generated automatically by automake 1.4a from Makefile.am + +# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +SHELL = @SHELL@ + +srcdir = @srcdir@ +top_srcdir = @top_srcdir@ +VPATH = @srcdir@ +prefix = @prefix@ +exec_prefix = @exec_prefix@ + +bindir = @bindir@ +sbindir = @sbindir@ +libexecdir = @libexecdir@ +datadir = @datadir@ +sysconfdir = @sysconfdir@ +sharedstatedir = @sharedstatedir@ +localstatedir = @localstatedir@ +libdir = @libdir@ +infodir = @infodir@ +mandir = @mandir@ +includedir = @includedir@ +oldincludedir = /usr/include + +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ + +top_builddir = ../.. + +ACLOCAL = @ACLOCAL@ +AUTOCONF = @AUTOCONF@ +AUTOMAKE = @AUTOMAKE@ +AUTOHEADER = @AUTOHEADER@ + +INSTALL = @INSTALL@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_FLAG = +transform = @program_transform_name@ + +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : + +@SET_MAKE@ +host_alias = @host_alias@ +host_triplet = @host@ +AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AMDEP = @AMDEP@ +AMTAR = @AMTAR@ +AS = @AS@ +AWK = @AWK@ +CANONICAL_HOST = @CANONICAL_HOST@ +CATMAN = @CATMAN@ +CATMANEXT = @CATMANEXT@ +CC = @CC@ +CPP = @CPP@ +CXX = @CXX@ +CXXCPP = @CXXCPP@ +DBLIB = @DBLIB@ +DEPDIR = @DEPDIR@ +DIR_des = @DIR_des@ +DIR_roken = @DIR_roken@ +DLLTOOL = @DLLTOOL@ +EXEEXT = @EXEEXT@ +EXTRA_LIB45 = @EXTRA_LIB45@ +GROFF = @GROFF@ +INCLUDES_roken = @INCLUDES_roken@ +INCLUDE_ = @INCLUDE_@ +LEX = @LEX@ +LIBOBJS = @LIBOBJS@ +LIBTOOL = @LIBTOOL@ +LIB_ = @LIB_@ +LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_des = @LIB_des@ +LIB_des_appl = @LIB_des_appl@ +LIB_kdb = @LIB_kdb@ +LIB_otp = @LIB_otp@ +LIB_roken = @LIB_roken@ +LIB_security = @LIB_security@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ +NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ +NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +RANLIB = @RANLIB@ +STRIP = @STRIP@ +VERSION = @VERSION@ +VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ +WFLAGS = @WFLAGS@ +WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ +WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ +YACC = @YACC@ +dpagaix_CFLAGS = @dpagaix_CFLAGS@ +dpagaix_LDADD = @dpagaix_LDADD@ +install_sh = @install_sh@ + +# $Id: Makefile.am,v 1.3 2001/01/31 03:50:48 assar Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $ + + +AUTOMAKE_OPTIONS = foreign no-dependencies + +SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x + +INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken) + +AM_CFLAGS = $(WFLAGS) + +CP = cp + +COMPILE_ET = $(top_builddir)/lib/com_err/compile_et + +buildinclude = $(top_builddir)/include + +LIB_XauReadAuth = @LIB_XauReadAuth@ +LIB_crypt = @LIB_crypt@ +LIB_dbm_firstkey = @LIB_dbm_firstkey@ +LIB_dbopen = @LIB_dbopen@ +LIB_dlopen = @LIB_dlopen@ +LIB_dn_expand = @LIB_dn_expand@ +LIB_el_init = @LIB_el_init@ +LIB_getattr = @LIB_getattr@ +LIB_gethostbyname = @LIB_gethostbyname@ +LIB_getpwent_r = @LIB_getpwent_r@ +LIB_getpwnam_r = @LIB_getpwnam_r@ +LIB_getsockopt = @LIB_getsockopt@ +LIB_logout = @LIB_logout@ +LIB_logwtmp = @LIB_logwtmp@ +LIB_odm_initialize = @LIB_odm_initialize@ +LIB_pidfile = @LIB_pidfile@ +LIB_readline = @LIB_readline@ +LIB_res_search = @LIB_res_search@ +LIB_setpcred = @LIB_setpcred@ +LIB_setsockopt = @LIB_setsockopt@ +LIB_socket = @LIB_socket@ +LIB_syslog = @LIB_syslog@ +LIB_tgetent = @LIB_tgetent@ + +LIBS = @LIBS@ + +HESIODLIB = @HESIODLIB@ +HESIODINCLUDE = @HESIODINCLUDE@ +INCLUDE_hesiod = @INCLUDE_hesiod@ +LIB_hesiod = @LIB_hesiod@ + +INCLUDE_krb4 = @INCLUDE_krb4@ +LIB_krb4 = @LIB_krb4@ + +INCLUDE_openldap = @INCLUDE_openldap@ +LIB_openldap = @LIB_openldap@ + +INCLUDE_readline = @INCLUDE_readline@ + +LEXLIB = @LEXLIB@ + +NROFF_MAN = groff -mandoc -Tascii + +@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) + +@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \ +@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la + +CHECK_LOCAL = $(PROGRAMS) + +CLEANFILES = print_version.h + +noinst_LTLIBRARIES = libvers.la + +build_HEADERZ = vers.h + +noinst_PROGRAMS = make-print-version + +@KRB4_TRUE@@KRB5_TRUE@make_print_version_LDADD = @KRB4_TRUE@@KRB5_TRUE@ $(LIB_krb4) -ldes + +libvers_la_SOURCES = print_version.c +subdir = lib/vers +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = ../../include/config.h +CONFIG_CLEAN_FILES = +LTLIBRARIES = $(noinst_LTLIBRARIES) + + +DEFS = @DEFS@ -I. -I$(srcdir) -I../../include +CPPFLAGS = @CPPFLAGS@ +LDFLAGS = @LDFLAGS@ +X_CFLAGS = @X_CFLAGS@ +X_LIBS = @X_LIBS@ +X_EXTRA_LIBS = @X_EXTRA_LIBS@ +X_PRE_LIBS = @X_PRE_LIBS@ +libvers_la_LDFLAGS = +libvers_la_LIBADD = +am_libvers_la_OBJECTS = print_version.lo +libvers_la_OBJECTS = $(am_libvers_la_OBJECTS) +noinst_PROGRAMS = make-print-version$(EXEEXT) +PROGRAMS = $(noinst_PROGRAMS) + +make_print_version_SOURCES = make-print-version.c +make_print_version_OBJECTS = make-print-version.$(OBJEXT) +@KRB4_TRUE@@KRB5_TRUE@make_print_version_DEPENDENCIES = +make_print_version_LDFLAGS = +COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CFLAGS = @CFLAGS@ +CCLD = $(CC) +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +DIST_SOURCES = $(libvers_la_SOURCES) make-print-version.c +depcomp = +DIST_COMMON = ChangeLog Makefile.am Makefile.in + + +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) + +GZIP_ENV = --best +SOURCES = $(libvers_la_SOURCES) make-print-version.c +OBJECTS = $(am_libvers_la_OBJECTS) make-print-version.$(OBJEXT) + +all: all-redirect +.SUFFIXES: +.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .x +$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common + cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/vers/Makefile + +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + cd $(top_builddir) \ + && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status + + +mostlyclean-noinstLTLIBRARIES: + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + +distclean-noinstLTLIBRARIES: + +maintainer-clean-noinstLTLIBRARIES: + +mostlyclean-compile: + -rm -f *.o core *.core + -rm -f *.$(OBJEXT) + +clean-compile: + +distclean-compile: + -rm -f *.tab.c + +maintainer-clean-compile: + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +distclean-libtool: + +maintainer-clean-libtool: + +libvers.la: $(libvers_la_OBJECTS) $(libvers_la_DEPENDENCIES) + $(LINK) $(libvers_la_LDFLAGS) $(libvers_la_OBJECTS) $(libvers_la_LIBADD) $(LIBS) + +mostlyclean-noinstPROGRAMS: + +clean-noinstPROGRAMS: + -test -z "$(noinst_PROGRAMS)" || rm -f $(noinst_PROGRAMS) + +distclean-noinstPROGRAMS: + +maintainer-clean-noinstPROGRAMS: + +make-print-version$(EXEEXT): $(make_print_version_OBJECTS) $(make_print_version_DEPENDENCIES) + @rm -f make-print-version$(EXEEXT) + $(LINK) $(make_print_version_LDFLAGS) $(make_print_version_OBJECTS) $(make_print_version_LDADD) $(LIBS) +.c.o: + $(COMPILE) -c $< +.c.obj: + $(COMPILE) -c `cygpath -w $<` +.c.lo: + $(LTCOMPILE) -c -o $@ $< + +tags: TAGS + +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + mkid -fID $$unique $(LISP) + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ + || etags $(ETAGS_ARGS) $$tags $$unique $(LISP) + +mostlyclean-tags: + +clean-tags: + +distclean-tags: + -rm -f TAGS ID + +maintainer-clean-tags: + +distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) + +distdir: $(DISTFILES) + @for file in $(DISTFILES); do \ + d=$(srcdir); \ + if test -d $$d/$$file; then \ + cp -pR $$d/$$file $(distdir) \ + || exit 1; \ + else \ + test -f $(distdir)/$$file \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ + fi; \ + done + $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook +info-am: +info: info-am +dvi-am: +dvi: dvi-am +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) check-local +check: check-am +installcheck-am: +installcheck: installcheck-am +install-exec-am: + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-exec-hook +install-exec: install-exec-am + +install-data-am: install-data-local +install-data: install-data-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am +install: install-am +uninstall-am: +uninstall: uninstall-am +all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) all-local +all-redirect: all-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install +installdirs: + + +mostlyclean-generic: + +clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) + +distclean-generic: + -rm -f Makefile $(CONFIG_CLEAN_FILES) + -rm -f config.cache config.log stamp-h stamp-h[0-9]* + +maintainer-clean-generic: + -rm -f Makefile.in +mostlyclean-am: mostlyclean-noinstLTLIBRARIES mostlyclean-compile \ + mostlyclean-libtool mostlyclean-noinstPROGRAMS \ + mostlyclean-tags mostlyclean-generic + +mostlyclean: mostlyclean-am + +clean-am: clean-noinstLTLIBRARIES clean-compile clean-libtool \ + clean-noinstPROGRAMS clean-tags clean-generic \ + mostlyclean-am + +clean: clean-am + +distclean-am: distclean-noinstLTLIBRARIES distclean-compile \ + distclean-libtool distclean-noinstPROGRAMS \ + distclean-tags distclean-generic clean-am + -rm -f libtool + +distclean: distclean-am + +maintainer-clean-am: maintainer-clean-noinstLTLIBRARIES \ + maintainer-clean-compile maintainer-clean-libtool \ + maintainer-clean-noinstPROGRAMS maintainer-clean-tags \ + maintainer-clean-generic distclean-am + @echo "This command is intended for maintainers to use;" + @echo "it deletes files that may require special tools to rebuild." + +maintainer-clean: maintainer-clean-am + +.PHONY: mostlyclean-noinstLTLIBRARIES distclean-noinstLTLIBRARIES \ +clean-noinstLTLIBRARIES maintainer-clean-noinstLTLIBRARIES \ +mostlyclean-compile distclean-compile clean-compile \ +maintainer-clean-compile mostlyclean-libtool distclean-libtool \ +clean-libtool maintainer-clean-libtool mostlyclean-noinstPROGRAMS \ +distclean-noinstPROGRAMS clean-noinstPROGRAMS \ +maintainer-clean-noinstPROGRAMS tags mostlyclean-tags distclean-tags \ +clean-tags maintainer-clean-tags distdir info-am info dvi-am dvi \ +check-local check check-am installcheck-am installcheck install-exec-am \ +install-exec install-data-local install-data-am install-data install-am \ +install uninstall-am uninstall all-local all-redirect all-am all \ +install-strip installdirs mostlyclean-generic distclean-generic \ +clean-generic maintainer-clean-generic clean mostlyclean distclean \ +maintainer-clean + + +install-suid-programs: + @foo='$(bin_SUIDS)'; \ + for file in $$foo; do \ + x=$(DESTDIR)$(bindir)/$$file; \ + if chown 0:0 $$x && chmod u+s $$x; then :; else \ + echo "*"; \ + echo "* Failed to install $$x setuid root"; \ + echo "*"; \ + fi; done + +install-exec-hook: install-suid-programs + +install-build-headers:: $(include_HEADERS) $(build_HEADERZ) + @foo='$(include_HEADERS) $(build_HEADERZ)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " $(CP) $$file $(buildinclude)/$$f"; \ + $(CP) $$file $(buildinclude)/$$f; \ + fi ; \ + done + +all-local: install-build-headers +#NROFF_MAN = nroff -man +.1.cat1: + $(NROFF_MAN) $< > $@ +.3.cat3: + $(NROFF_MAN) $< > $@ +.5.cat5: + $(NROFF_MAN) $< > $@ +.8.cat8: + $(NROFF_MAN) $< > $@ + +dist-cat1-mans: + @foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat3-mans: + @foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat5-mans: + @foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat8-mans: + @foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans + +install-cat-mans: + $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) + +install-data-local: install-cat-mans + +.et.h: + $(COMPILE_ET) $< +.et.c: + $(COMPILE_ET) $< + +.x.c: + @cmp -s $< $@ 2> /dev/null || cp $< $@ + +check-local:: + @foo='$(CHECK_LOCAL)'; \ + if test "$$foo"; then \ + failed=0; all=0; \ + for i in $$foo; do \ + all=`expr $$all + 1`; \ + if ./$$i --version > /dev/null 2>&1; then \ + echo "PASS: $$i"; \ + else \ + echo "FAIL: $$i"; \ + failed=`expr $$failed + 1`; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0; \ + fi + +print_version.lo: print_version.h + +print_version.h: make-print-version$(EXEEXT) + ./make-print-version$(EXEEXT) print_version.h + +make-print-version.o: $(top_builddir)/include/version.h + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/crypto/heimdal/lib/vers/make-print-version.c b/crypto/heimdal/lib/vers/make-print-version.c new file mode 100644 index 0000000..6102e75 --- /dev/null +++ b/crypto/heimdal/lib/vers/make-print-version.c @@ -0,0 +1,68 @@ +/* + * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include +RCSID("$Id: make-print-version.c,v 1.2 2000/07/08 10:46:36 assar Exp $"); +#endif + +#include + +#ifdef KRB5 +extern const char *heimdal_version; +#endif +#ifdef KRB4 +extern const char *krb4_version; +#endif +#include + +int +main(int argc, char **argv) +{ + FILE *f; + if(argc != 2) + return 1; + f = fopen(argv[1], "w"); + if(f == NULL) + return 1; + fprintf(f, "#define VERSIONLIST { "); +#ifdef KRB5 + fprintf(f, "\"%s\", ", heimdal_version); +#endif +#ifdef KRB4 + fprintf(f, "\"%s\", ", krb4_version); +#endif + fprintf(f, "}\n"); + fclose(f); + return 0; +} diff --git a/crypto/heimdal/lib/vers/print_version.c b/crypto/heimdal/lib/vers/print_version.c new file mode 100644 index 0000000..cb324d0 --- /dev/null +++ b/crypto/heimdal/lib/vers/print_version.c @@ -0,0 +1,78 @@ +/* + * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include +RCSID("$Id: print_version.c,v 1.1 2000/07/01 19:47:35 assar Exp $"); +#endif +#include "roken.h" + +#include "print_version.h" + +void +print_version(const char *progname) +{ + const char *arg[] = VERSIONLIST; + const int num_args = sizeof(arg) / sizeof(arg[0]); + char *msg; + size_t len = 0; + int i; + + if(progname == NULL) + progname = __progname; + + if(num_args == 0) + msg = "no version information"; + else { + for(i = 0; i < num_args; i++) { + if(i > 0) + len += 2; + len += strlen(arg[i]); + } + msg = malloc(len + 1); + if(msg == NULL) { + fprintf(stderr, "%s: out of memory\n", progname); + return; + } + msg[0] = '\0'; + for(i = 0; i < num_args; i++) { + if(i > 0) + strcat(msg, ", "); + strcat(msg, arg[i]); + } + } + fprintf(stderr, "%s (%s)\n", progname, msg); + fprintf(stderr, "Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan\n"); + if(num_args != 0) + free(msg); +} diff --git a/crypto/heimdal/lib/vers/vers.h b/crypto/heimdal/lib/vers/vers.h new file mode 100644 index 0000000..cc70355 --- /dev/null +++ b/crypto/heimdal/lib/vers/vers.h @@ -0,0 +1,41 @@ +/* + * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $Id: vers.h,v 1.1 2000/07/01 19:47:36 assar Exp $ */ + +#ifndef __VERS_H__ +#define __VERS_H__ + +void print_version(const char *); + +#endif /* __VERS_H__ */ -- cgit v1.1